diff options
Diffstat (limited to 'src/include')
47 files changed, 3101 insertions, 3608 deletions
diff --git a/src/include/openssl/aead.h b/src/include/openssl/aead.h index 659f05f..dc453e3 100644 --- a/src/include/openssl/aead.h +++ b/src/include/openssl/aead.h @@ -153,8 +153,6 @@ OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_cbc_sha384_tls(void); OPENSSL_EXPORT const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls(void); OPENSSL_EXPORT const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls_implicit_iv(void); -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_null_sha1_tls(void); - /* SSLv3-specific AEAD algorithms. * @@ -169,7 +167,6 @@ OPENSSL_EXPORT const EVP_AEAD *EVP_aead_rc4_sha1_ssl3(void); OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_cbc_sha1_ssl3(void); OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_cbc_sha1_ssl3(void); OPENSSL_EXPORT const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_ssl3(void); -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_null_sha1_ssl3(void); /* Utility functions. */ @@ -226,17 +223,11 @@ enum evp_aead_direction_t { evp_aead_seal, }; -/* EVP_AEAD_CTX_zero sets an uninitialized |ctx| to the zero state. It must be - * initialized with |EVP_AEAD_CTX_init| before use. It is safe, but not - * necessary, to call |EVP_AEAD_CTX_cleanup| in this state. This may be used for - * more uniform cleanup of |EVP_AEAD_CTX|. */ -OPENSSL_EXPORT void EVP_AEAD_CTX_zero(EVP_AEAD_CTX *ctx); - -/* EVP_AEAD_CTX_init initializes |ctx| for the given AEAD algorithm. The |impl| - * argument is ignored and should be NULL. Authentication tags may be truncated - * by passing a size as |tag_len|. A |tag_len| of zero indicates the default - * tag length and this is defined as EVP_AEAD_DEFAULT_TAG_LENGTH for - * readability. +/* EVP_AEAD_CTX_init initializes |ctx| for the given AEAD algorithm from |impl|. + * The |impl| argument may be NULL to choose the default implementation. + * Authentication tags may be truncated by passing a size as |tag_len|. A + * |tag_len| of zero indicates the default tag length and this is defined as + * EVP_AEAD_DEFAULT_TAG_LENGTH for readability. * * Returns 1 on success. Otherwise returns 0 and pushes to the error stack. In * the error case, you do not need to call |EVP_AEAD_CTX_cleanup|, but it's diff --git a/src/include/openssl/aes.h b/src/include/openssl/aes.h index ed060ff..84cde41 100644 --- a/src/include/openssl/aes.h +++ b/src/include/openssl/aes.h @@ -124,7 +124,7 @@ OPENSSL_EXPORT void AES_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t len, const AES_KEY *key, uint8_t *ivec, const int enc); -/* AES_ofb128_encrypt encrypts (or decrypts, it's the same in OFB mode) |len| +/* AES_ofb128_encrypt encrypts (or decrypts, it's the same in CTR mode) |len| * bytes from |in| to |out|. The |num| parameter must be set to zero on the * first call. */ OPENSSL_EXPORT void AES_ofb128_encrypt(const uint8_t *in, uint8_t *out, diff --git a/src/include/openssl/arm_arch.h b/src/include/openssl/arm_arch.h deleted file mode 100644 index 123a890..0000000 --- a/src/include/openssl/arm_arch.h +++ /dev/null @@ -1,136 +0,0 @@ -/* ==================================================================== - * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#ifndef OPENSSL_HEADER_ARM_ARCH_H -#define OPENSSL_HEADER_ARM_ARCH_H - -#if !defined(__ARM_ARCH__) -# if defined(__CC_ARM) -# define __ARM_ARCH__ __TARGET_ARCH_ARM -# if defined(__BIG_ENDIAN) -# define __ARMEB__ -# else -# define __ARMEL__ -# endif -# elif defined(__GNUC__) -# if defined(__aarch64__) -# define __ARM_ARCH__ 8 -# if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ -# define __ARMEB__ -# else -# define __ARMEL__ -# endif - /* Why doesn't gcc define __ARM_ARCH__? Instead it defines - * bunch of below macros. See all_architectires[] table in - * gcc/config/arm/arm.c. On a side note it defines - * __ARMEL__/__ARMEB__ for little-/big-endian. */ -# elif defined(__ARM_ARCH) -# define __ARM_ARCH__ __ARM_ARCH -# elif defined(__ARM_ARCH_8A__) -# define __ARM_ARCH__ 8 -# elif defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) || \ - defined(__ARM_ARCH_7R__)|| defined(__ARM_ARCH_7M__) || \ - defined(__ARM_ARCH_7EM__) -# define __ARM_ARCH__ 7 -# elif defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) || \ - defined(__ARM_ARCH_6K__)|| defined(__ARM_ARCH_6M__) || \ - defined(__ARM_ARCH_6Z__)|| defined(__ARM_ARCH_6ZK__) || \ - defined(__ARM_ARCH_6T2__) -# define __ARM_ARCH__ 6 -# elif defined(__ARM_ARCH_5__) || defined(__ARM_ARCH_5T__) || \ - defined(__ARM_ARCH_5E__)|| defined(__ARM_ARCH_5TE__) || \ - defined(__ARM_ARCH_5TEJ__) -# define __ARM_ARCH__ 5 -# elif defined(__ARM_ARCH_4__) || defined(__ARM_ARCH_4T__) -# define __ARM_ARCH__ 4 -# else -# error "unsupported ARM architecture" -# endif -# endif -#endif - -/* Even when building for 32-bit ARM, support for aarch64 crypto instructions - * will be included. */ -#define __ARM_MAX_ARCH__ 8 - -#if !__ASSEMBLER__ - -/* OPENSSL_armcap_P contains flags describing the capabilities of the CPU and - * is easy for assembly code to acesss. For C code, see the functions in - * |cpu.h|. */ -extern uint32_t OPENSSL_armcap_P; - -#endif /* !__ASSEMBLER__ */ - -/* ARMV7_NEON is true when a NEON unit is present in the current CPU. */ -#define ARMV7_NEON (1 << 0) - -/* ARMV7_NEON_FUNCTIONAL is true when the NEON unit doesn't contain subtle bugs. - * The Poly1305 NEON code is known to trigger bugs in the NEON units of some - * phones. If this bit isn't set then the Poly1305 NEON code won't be used. - * See https://code.google.com/p/chromium/issues/detail?id=341598. */ -#define ARMV7_NEON_FUNCTIONAL (1 << 10) - -/* ARMV8_AES indicates support for hardware AES instructions. */ -#define ARMV8_AES (1 << 2) - -/* ARMV8_SHA1 indicates support for hardware SHA-1 instructions. */ -#define ARMV8_SHA1 (1 << 3) - -/* ARMV8_SHA256 indicates support for hardware SHA-256 instructions. */ -#define ARMV8_SHA256 (1 << 4) - -/* ARMV8_PMULL indicates support for carryless multiplication. */ -#define ARMV8_PMULL (1 << 5) - - -#endif /* OPENSSL_HEADER_ARM_ARCH_H */ diff --git a/src/include/openssl/asn1.h b/src/include/openssl/asn1.h index 043524d..4baf81c 100644 --- a/src/include/openssl/asn1.h +++ b/src/include/openssl/asn1.h @@ -515,6 +515,7 @@ struct X509_algor_st ASN1_OBJECT *algorithm; ASN1_TYPE *parameter; } /* X509_ALGOR */; +DEFINE_STACK_OF(X509_ALGOR); DECLARE_ASN1_FUNCTIONS(X509_ALGOR) @@ -949,7 +950,7 @@ OPENSSL_EXPORT void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in CHECKED_PPTR_OF(type, x))) OPENSSL_EXPORT void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x); -OPENSSL_EXPORT int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, void *x); +OPENSSL_EXPORT int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, unsigned char *x); #define ASN1_i2d_bio_of(type,i2d,out,x) \ (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \ @@ -1077,6 +1078,70 @@ OPENSSL_EXPORT int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix, asn1_ps_f } #endif +#define ASN1_F_ASN1_BIT_STRING_set_bit 100 +#define ASN1_F_ASN1_ENUMERATED_set 101 +#define ASN1_F_ASN1_ENUMERATED_to_BN 102 +#define ASN1_F_ASN1_GENERALIZEDTIME_adj 103 +#define ASN1_F_ASN1_INTEGER_set 104 +#define ASN1_F_ASN1_INTEGER_to_BN 105 +#define ASN1_F_ASN1_OBJECT_new 106 +#define ASN1_F_ASN1_PCTX_new 107 +#define ASN1_F_ASN1_STRING_TABLE_add 108 +#define ASN1_F_ASN1_STRING_set 109 +#define ASN1_F_ASN1_STRING_type_new 110 +#define ASN1_F_ASN1_TIME_adj 111 +#define ASN1_F_ASN1_UTCTIME_adj 112 +#define ASN1_F_ASN1_d2i_fp 113 +#define ASN1_F_ASN1_dup 114 +#define ASN1_F_ASN1_generate_v3 115 +#define ASN1_F_ASN1_get_object 116 +#define ASN1_F_ASN1_i2d_bio 117 +#define ASN1_F_ASN1_i2d_fp 118 +#define ASN1_F_ASN1_item_d2i_fp 119 +#define ASN1_F_ASN1_item_dup 120 +#define ASN1_F_ASN1_item_ex_d2i 121 +#define ASN1_F_ASN1_item_i2d_bio 122 +#define ASN1_F_ASN1_item_i2d_fp 123 +#define ASN1_F_ASN1_item_pack 124 +#define ASN1_F_ASN1_item_unpack 125 +#define ASN1_F_ASN1_mbstring_ncopy 126 +#define ASN1_F_ASN1_template_new 127 +#define ASN1_F_BIO_new_NDEF 128 +#define ASN1_F_BN_to_ASN1_ENUMERATED 129 +#define ASN1_F_BN_to_ASN1_INTEGER 130 +#define ASN1_F_a2d_ASN1_OBJECT 131 +#define ASN1_F_a2i_ASN1_ENUMERATED 132 +#define ASN1_F_a2i_ASN1_INTEGER 133 +#define ASN1_F_a2i_ASN1_STRING 134 +#define ASN1_F_append_exp 135 +#define ASN1_F_asn1_cb 136 +#define ASN1_F_asn1_check_tlen 137 +#define ASN1_F_asn1_collate_primitive 138 +#define ASN1_F_asn1_collect 139 +#define ASN1_F_asn1_d2i_ex_primitive 140 +#define ASN1_F_asn1_d2i_read_bio 141 +#define ASN1_F_asn1_do_adb 142 +#define ASN1_F_asn1_ex_c2i 143 +#define ASN1_F_asn1_find_end 144 +#define ASN1_F_asn1_item_ex_combine_new 145 +#define ASN1_F_asn1_str2type 146 +#define ASN1_F_asn1_template_ex_d2i 147 +#define ASN1_F_asn1_template_noexp_d2i 148 +#define ASN1_F_bitstr_cb 149 +#define ASN1_F_c2i_ASN1_BIT_STRING 150 +#define ASN1_F_c2i_ASN1_INTEGER 151 +#define ASN1_F_c2i_ASN1_OBJECT 152 +#define ASN1_F_collect_data 153 +#define ASN1_F_d2i_ASN1_BOOLEAN 154 +#define ASN1_F_d2i_ASN1_OBJECT 155 +#define ASN1_F_d2i_ASN1_UINTEGER 156 +#define ASN1_F_d2i_ASN1_UTCTIME 157 +#define ASN1_F_d2i_ASN1_bytes 158 +#define ASN1_F_d2i_ASN1_type_bytes 159 +#define ASN1_F_i2d_ASN1_TIME 160 +#define ASN1_F_i2d_PrivateKey 161 +#define ASN1_F_long_c2i 162 +#define ASN1_F_parse_tagging 163 #define ASN1_R_ASN1_LENGTH_MISMATCH 100 #define ASN1_R_AUX_ERROR 101 #define ASN1_R_BAD_GET_ASN1_OBJECT_CALL 102 diff --git a/src/include/openssl/base.h b/src/include/openssl/base.h index 661817a..b769ad5 100644 --- a/src/include/openssl/base.h +++ b/src/include/openssl/base.h @@ -79,8 +79,9 @@ extern "C" { #elif defined(__arm) || defined(__arm__) || defined(_M_ARM) #define OPENSSL_32_BIT #define OPENSSL_ARM -#elif defined(__PPC64__) || defined(__powerpc64__) +#elif defined(__aarch64__) #define OPENSSL_64_BIT +#define OPENSSL_AARCH64 #elif defined(__mips__) && !defined(__LP64__) #define OPENSSL_32_BIT #define OPENSSL_MIPS @@ -98,7 +99,7 @@ extern "C" { #define OPENSSL_APPLE #endif -#if defined(_WIN32) +#if defined(WIN32) || defined(_WIN32) #define OPENSSL_WINDOWS #endif @@ -108,9 +109,7 @@ extern "C" { #endif #define OPENSSL_IS_BORINGSSL -#define BORINGSSL_201509 #define OPENSSL_VERSION_NUMBER 0x10002000 -#define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER #if defined(BORINGSSL_SHARED_LIBRARY) @@ -167,29 +166,13 @@ typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID; typedef struct DIST_POINT_st DIST_POINT; typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT; typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS; -typedef struct Netscape_certificate_sequence NETSCAPE_CERT_SEQUENCE; -typedef struct Netscape_spkac_st NETSCAPE_SPKAC; -typedef struct Netscape_spki_st NETSCAPE_SPKI; -typedef struct PBE2PARAM_st PBE2PARAM; -typedef struct PBEPARAM_st PBEPARAM; -typedef struct PBKDF2PARAM_st PBKDF2PARAM; typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE; typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL; typedef struct X509_POLICY_NODE_st X509_POLICY_NODE; typedef struct X509_POLICY_TREE_st X509_POLICY_TREE; typedef struct X509_algor_st X509_ALGOR; -typedef struct X509_crl_info_st X509_CRL_INFO; typedef struct X509_crl_st X509_CRL; -typedef struct X509_extension_st X509_EXTENSION; -typedef struct X509_info_st X509_INFO; -typedef struct X509_name_entry_st X509_NAME_ENTRY; -typedef struct X509_name_st X509_NAME; -typedef struct X509_objects_st X509_OBJECTS; typedef struct X509_pubkey_st X509_PUBKEY; -typedef struct X509_req_info_st X509_REQ_INFO; -typedef struct X509_req_st X509_REQ; -typedef struct X509_sig_st X509_SIG; -typedef struct X509_val_st X509_VAL; typedef struct bignum_ctx BN_CTX; typedef struct bignum_st BIGNUM; typedef struct bio_method_st BIO_METHOD; @@ -222,9 +205,8 @@ typedef struct evp_pkey_st EVP_PKEY; typedef struct hmac_ctx_st HMAC_CTX; typedef struct md4_state_st MD4_CTX; typedef struct md5_state_st MD5_CTX; -typedef struct pkcs12_st PKCS12; typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO; -typedef struct private_key_st X509_PKEY; +typedef struct pkcs12_st PKCS12; typedef struct rand_meth_st RAND_METHOD; typedef struct rc4_key_st RC4_KEY; typedef struct rsa_meth_st RSA_METHOD; @@ -232,26 +214,15 @@ typedef struct rsa_st RSA; typedef struct sha256_state_st SHA256_CTX; typedef struct sha512_state_st SHA512_CTX; typedef struct sha_state_st SHA_CTX; -typedef struct srtp_protection_profile_st SRTP_PROTECTION_PROFILE; -typedef struct ssl_cipher_st SSL_CIPHER; typedef struct ssl_ctx_st SSL_CTX; -typedef struct ssl_custom_extension SSL_CUSTOM_EXTENSION; -typedef struct ssl_method_st SSL_METHOD; -typedef struct ssl_session_st SSL_SESSION; typedef struct ssl_st SSL; typedef struct st_ERR_FNS ERR_FNS; typedef struct v3_ext_ctx X509V3_CTX; -typedef struct x509_attributes_st X509_ATTRIBUTE; -typedef struct x509_cert_aux_st X509_CERT_AUX; -typedef struct x509_cert_pair_st X509_CERT_PAIR; -typedef struct x509_cinf_st X509_CINF; typedef struct x509_crl_method_st X509_CRL_METHOD; typedef struct x509_revoked_st X509_REVOKED; typedef struct x509_st X509; typedef struct x509_store_ctx_st X509_STORE_CTX; typedef struct x509_store_st X509_STORE; -typedef struct x509_trust_st X509_TRUST; - typedef void *OPENSSL_BLOCK; diff --git a/src/include/openssl/base64.h b/src/include/openssl/base64.h index 2d27c89..7aee990 100644 --- a/src/include/openssl/base64.h +++ b/src/include/openssl/base64.h @@ -148,11 +148,9 @@ OPENSSL_EXPORT int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, uint8_t *out, OPENSSL_EXPORT int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, uint8_t *out, int *out_len); - -/* Deprecated functions. */ - -/* EVP_DecodeBlock encodes |src_len| bytes from |src| and writes the result to - * |dst|. It returns the number of bytes written or -1 on error. +/* Deprecated: EVP_DecodeBlock encodes |src_len| bytes from |src| and + * writes the result to |dst|. It returns the number of bytes written + * or -1 on error. * * WARNING: EVP_DecodeBlock's return value does not take padding into * account. It also strips leading whitespace and trailing diff --git a/src/include/openssl/bio.h b/src/include/openssl/bio.h index 04e3790..8724657 100644 --- a/src/include/openssl/bio.h +++ b/src/include/openssl/bio.h @@ -76,6 +76,8 @@ extern "C" { /* Allocation and freeing. */ +DEFINE_STACK_OF(BIO); + /* BIO_new creates a new BIO with the given type and a reference count of one. * It returns the fresh |BIO|, or NULL on error. */ OPENSSL_EXPORT BIO *BIO_new(const BIO_METHOD *type); @@ -205,7 +207,7 @@ OPENSSL_EXPORT void BIO_clear_flags(BIO *bio, int flags); * flags on |bio|. */ OPENSSL_EXPORT void BIO_set_retry_read(BIO *bio); -/* BIO_set_retry_write sets the |BIO_FLAGS_WRITE| and |BIO_FLAGS_SHOULD_RETRY| +/* BIO_set_retry_read sets the |BIO_FLAGS_WRITE| and |BIO_FLAGS_SHOULD_RETRY| * flags on |bio|. */ OPENSSL_EXPORT void BIO_set_retry_write(BIO *bio); @@ -654,7 +656,7 @@ OPENSSL_EXPORT int BIO_zero_copy_get_read_buf(BIO* bio, * error stack. */ OPENSSL_EXPORT int BIO_zero_copy_get_read_buf_done(BIO* bio, size_t bytes_read); -/* BIO_zero_copy_get_write_buf initiates a zero copy write operation. +/* BIO_zero_copy_get_write_buf_done initiates a zero copy write operation. * |out_write_buf| is set to to the internal write buffer, and |out_buf_offset| * is set to the current write position of |out_write_buf|. * The number of bytes available for write from |out_write_buf| + @@ -665,7 +667,7 @@ OPENSSL_EXPORT int BIO_zero_copy_get_read_buf_done(BIO* bio, size_t bytes_read); * stack. * * The zero copy write operation is completed by calling - * |BIO_zero_copy_get_write_buf_done|. Neither |BIO_zero_copy_get_write_buf| + * |BIO_zero_copy_write_buf_done|. Neither |BIO_zero_copy_get_write_buf| * nor any other I/O write operation may be called while a zero copy write * operation is active. */ OPENSSL_EXPORT int BIO_zero_copy_get_write_buf(BIO* bio, @@ -673,8 +675,8 @@ OPENSSL_EXPORT int BIO_zero_copy_get_write_buf(BIO* bio, size_t* out_buf_offset, size_t* out_available_bytes); -/* BIO_zero_copy_get_write_buf_done must be called after writing to a BIO using - * |BIO_zero_copy_get_write_buf| to finish the write operation. The +/* BIO_zero_copy_write_buf_done must be called after writing to a BIO using + * |BIO_zero_copy_get_write_buf_done| to finish the write operation. The * |bytes_written| argument gives the number of bytes written. * * It returns one on success. In case of error it returns zero and pushes to the @@ -725,18 +727,6 @@ OPENSSL_EXPORT int BIO_zero_copy_get_write_buf_done(BIO* bio, #define BIO_print_errors_fp ERR_print_errors_fp -/* Deprecated functions. */ - -/* Returns a filter |BIO| that base64-encodes data written into it, and decodes - * data read from it. |BIO_gets| is not supported. Call |BIO_flush| when done - * writing, to signal that no more data are to be encoded. The flag - * |BIO_FLAGS_BASE64_NO_NL| may be set to encode all the data on one line. */ -OPENSSL_EXPORT const BIO_METHOD *BIO_f_base64(void); - -/* ERR_print_errors is an alias for |BIO_print_errors|. */ -OPENSSL_EXPORT void ERR_print_errors(BIO *bio); - - /* Private functions */ #define BIO_FLAGS_READ 0x01 @@ -880,6 +870,25 @@ struct bio_st { } /* extern C */ #endif +#define BIO_F_BIO_callback_ctrl 100 +#define BIO_F_BIO_ctrl 101 +#define BIO_F_BIO_new 102 +#define BIO_F_BIO_new_file 103 +#define BIO_F_BIO_new_mem_buf 104 +#define BIO_F_BIO_zero_copy_get_read_buf 105 +#define BIO_F_BIO_zero_copy_get_read_buf_done 106 +#define BIO_F_BIO_zero_copy_get_write_buf 107 +#define BIO_F_BIO_zero_copy_get_write_buf_done 108 +#define BIO_F_bio_io 109 +#define BIO_F_bio_make_pair 110 +#define BIO_F_bio_write 111 +#define BIO_F_buffer_ctrl 112 +#define BIO_F_conn_ctrl 113 +#define BIO_F_conn_state 114 +#define BIO_F_file_ctrl 115 +#define BIO_F_file_read 116 +#define BIO_F_mem_write 117 +#define BIO_F_BIO_printf 118 #define BIO_R_BAD_FOPEN_MODE 100 #define BIO_R_BROKEN_PIPE 101 #define BIO_R_CONNECT_ERROR 102 diff --git a/src/include/openssl/bn.h b/src/include/openssl/bn.h index 8de8cc4..ec1c8ff 100644 --- a/src/include/openssl/bn.h +++ b/src/include/openssl/bn.h @@ -182,8 +182,7 @@ OPENSSL_EXPORT void BN_clear_free(BIGNUM *bn); * allocated BIGNUM on success or NULL otherwise. */ OPENSSL_EXPORT BIGNUM *BN_dup(const BIGNUM *src); -/* BN_copy sets |dest| equal to |src| and returns |dest| or NULL on allocation - * failure. */ +/* BN_copy sets |dest| equal to |src| and returns |dest|. */ OPENSSL_EXPORT BIGNUM *BN_copy(BIGNUM *dest, const BIGNUM *src); /* BN_clear sets |bn| to zero and erases the old data. */ @@ -298,21 +297,6 @@ OPENSSL_EXPORT int BN_print_fp(FILE *fp, const BIGNUM *a); OPENSSL_EXPORT BN_ULONG BN_get_word(const BIGNUM *bn); -/* ASN.1 functions. */ - -/* BN_cbs2unsigned parses a non-negative DER INTEGER from |cbs| writes the - * result to |ret|. It returns one on success and zero on failure. */ -OPENSSL_EXPORT int BN_cbs2unsigned(CBS *cbs, BIGNUM *ret); - -/* BN_cbs2unsigned_buggy acts like |BN_cbs2unsigned| but tolerates some invalid - * encodings. Do not use this function. */ -OPENSSL_EXPORT int BN_cbs2unsigned_buggy(CBS *cbs, BIGNUM *ret); - -/* BN_bn2cbb marshals |bn| as a non-negative DER INTEGER and appends the result - * to |cbb|. It returns one on success and zero on failure. */ -OPENSSL_EXPORT int BN_bn2cbb(CBB *cbb, const BIGNUM *bn); - - /* Internal functions. * * These functions are useful for code that is doing low-level manipulations of @@ -326,7 +310,7 @@ OPENSSL_EXPORT void bn_correct_top(BIGNUM *bn); /* bn_wexpand ensures that |bn| has at least |words| works of space without * altering its value. It returns one on success or zero on allocation * failure. */ -OPENSSL_EXPORT BIGNUM *bn_wexpand(BIGNUM *bn, size_t words); +OPENSSL_EXPORT BIGNUM *bn_wexpand(BIGNUM *bn, unsigned words); /* BIGNUM pools. @@ -710,14 +694,6 @@ OPENSSL_EXPORT int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, OPENSSL_EXPORT BIGNUM *BN_mod_inverse(BIGNUM *out, const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx); -/* BN_mod_inverse_ex acts like |BN_mod_inverse| except that, when it returns - * zero, it will set |*out_no_inverse| to one if the failure was caused because - * |a| has no inverse mod |n|. Otherwise it will set |*out_no_inverse| to - * zero. */ -OPENSSL_EXPORT BIGNUM *BN_mod_inverse_ex(BIGNUM *out, int *out_no_inverse, - const BIGNUM *a, const BIGNUM *n, - BN_CTX *ctx); - /* BN_kronecker returns the Kronecker symbol of |a| and |b| (which is -1, 0 or * 1), or -2 on error. */ OPENSSL_EXPORT int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); @@ -806,25 +782,6 @@ OPENSSL_EXPORT int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -/* Deprecated functions */ - -/* BN_bn2mpi serialises the value of |in| to |out|, using a format that consists - * of the number's length in bytes represented as a 4-byte big-endian number, - * and the number itself in big-endian format, where the most significant bit - * signals a negative number. (The representation of numbers with the MSB set is - * prefixed with null byte). |out| must have sufficient space available; to - * find the needed amount of space, call the function with |out| set to NULL. */ -OPENSSL_EXPORT size_t BN_bn2mpi(const BIGNUM *in, uint8_t *out); - -/* BN_bin2bn parses |len| bytes from |in| and returns the resulting value. The - * bytes at |in| are expected to be in the format emitted by |BN_bn2mpi|. - * - * If |out| is NULL then a fresh |BIGNUM| is allocated and returned, otherwise - * |out| is reused and returned. On error, NULL is returned and the error queue - * is updated. */ -OPENSSL_EXPORT BIGNUM *BN_mpi2bn(const uint8_t *in, size_t len, BIGNUM *out); - - /* Private functions */ struct bignum_st { @@ -870,6 +827,33 @@ OPENSSL_EXPORT BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn); } /* extern C */ #endif +#define BN_F_BN_CTX_get 100 +#define BN_F_BN_CTX_new 101 +#define BN_F_BN_CTX_start 102 +#define BN_F_BN_bn2dec 103 +#define BN_F_BN_bn2hex 104 +#define BN_F_BN_div 105 +#define BN_F_BN_div_recp 106 +#define BN_F_BN_exp 107 +#define BN_F_BN_generate_dsa_nonce 108 +#define BN_F_BN_generate_prime_ex 109 +#define BN_F_BN_mod_exp2_mont 110 +#define BN_F_BN_mod_exp_mont 111 +#define BN_F_BN_mod_exp_mont_consttime 112 +#define BN_F_BN_mod_exp_mont_word 113 +#define BN_F_BN_mod_inverse 114 +#define BN_F_BN_mod_inverse_no_branch 115 +#define BN_F_BN_mod_lshift_quick 116 +#define BN_F_BN_mod_sqrt 117 +#define BN_F_BN_new 118 +#define BN_F_BN_rand 119 +#define BN_F_BN_rand_range 120 +#define BN_F_BN_sqrt 121 +#define BN_F_BN_usub 122 +#define BN_F_bn_wexpand 123 +#define BN_F_mod_exp_recp 124 +#define BN_F_BN_lshift 125 +#define BN_F_BN_rshift 126 #define BN_R_ARG2_LT_ARG3 100 #define BN_R_BAD_RECIPROCAL 101 #define BN_R_BIGNUM_TOO_LONG 102 @@ -887,7 +871,5 @@ OPENSSL_EXPORT BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn); #define BN_R_P_IS_NOT_PRIME 114 #define BN_R_TOO_MANY_ITERATIONS 115 #define BN_R_TOO_MANY_TEMPORARY_VARIABLES 116 -#define BN_R_BAD_ENCODING 117 -#define BN_R_ENCODE_ERROR 118 #endif /* OPENSSL_HEADER_BN_H */ diff --git a/src/include/openssl/buf.h b/src/include/openssl/buf.h index 76e3795..2b36ce4 100644 --- a/src/include/openssl/buf.h +++ b/src/include/openssl/buf.h @@ -115,4 +115,9 @@ OPENSSL_EXPORT size_t BUF_strlcat(char *dst, const char *src, size_t size); } /* extern C */ #endif +#define BUF_F_BUF_MEM_new 100 +#define BUF_F_BUF_memdup 101 +#define BUF_F_BUF_strndup 102 +#define BUF_F_buf_mem_grow 103 + #endif /* OPENSSL_HEADER_BUFFER_H */ diff --git a/src/include/openssl/bytestring.h b/src/include/openssl/bytestring.h index 1b1a0a9..9963426 100644 --- a/src/include/openssl/bytestring.h +++ b/src/include/openssl/bytestring.h @@ -99,10 +99,6 @@ OPENSSL_EXPORT int CBS_get_u32(CBS *cbs, uint32_t *out); * |cbs|. It returns one on success and zero on error. */ OPENSSL_EXPORT int CBS_get_bytes(CBS *cbs, CBS *out, size_t len); -/* CBS_copy_bytes copies the next |len| bytes from |cbs| to |out| and advances - * |cbs|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int CBS_copy_bytes(CBS *cbs, uint8_t *out, size_t len); - /* CBS_get_u8_length_prefixed sets |*out| to the contents of an 8-bit, * length-prefixed value from |cbs| and advances |cbs| over it. It returns one * on success and zero on error. */ @@ -125,12 +121,10 @@ OPENSSL_EXPORT int CBS_get_u24_length_prefixed(CBS *cbs, CBS *out); #define CBS_ASN1_INTEGER 0x2 #define CBS_ASN1_BITSTRING 0x3 #define CBS_ASN1_OCTETSTRING 0x4 -#define CBS_ASN1_NULL 0x5 #define CBS_ASN1_OBJECT 0x6 #define CBS_ASN1_ENUMERATED 0xa #define CBS_ASN1_SEQUENCE (0x10 | CBS_ASN1_CONSTRUCTED) #define CBS_ASN1_SET (0x11 | CBS_ASN1_CONSTRUCTED) -#define CBS_ASN1_GENERALIZEDTIME 0x18 #define CBS_ASN1_CONSTRUCTED 0x20 #define CBS_ASN1_CONTEXT_SPECIFIC 0x80 @@ -164,24 +158,16 @@ OPENSSL_EXPORT int CBS_get_any_asn1_element(CBS *cbs, CBS *out, unsigned *out_tag, size_t *out_header_len); -/* CBS_get_any_ber_asn1_element acts the same as |CBS_get_any_asn1_element| but - * also allows indefinite-length elements to be returned. In that case, - * |*out_header_len| and |CBS_len(out)| will both be two as only the header is - * returned, otherwise it behaves the same as the previous function. */ -OPENSSL_EXPORT int CBS_get_any_ber_asn1_element(CBS *cbs, CBS *out, - unsigned *out_tag, - size_t *out_header_len); - /* CBS_get_asn1_uint64 gets an ASN.1 INTEGER from |cbs| using |CBS_get_asn1| * and sets |*out| to its value. It returns one on success and zero on error, * where error includes the integer being negative, or too large to represent * in 64 bits. */ OPENSSL_EXPORT int CBS_get_asn1_uint64(CBS *cbs, uint64_t *out); -/* CBS_get_optional_asn1 gets an optional explicitly-tagged element from |cbs| - * tagged with |tag| and sets |*out| to its contents. If present and if - * |out_present| is not NULL, it sets |*out_present| to one, otherwise zero. It - * returns one on success, whether or not the element was present, and zero on +/* CBS_get_optional_asn1 gets an optional explicitly-tagged element + * from |cbs| tagged with |tag| and sets |*out| to its contents. If + * present, it sets |*out_present| to one, otherwise zero. It returns + * one on success, whether or not the element was present, and zero on * decode failure. */ OPENSSL_EXPORT int CBS_get_optional_asn1(CBS *cbs, CBS *out, int *out_present, unsigned tag); @@ -252,12 +238,6 @@ struct cbb_st { char is_top_level; }; -/* CBB_zero sets an uninitialised |cbb| to the zero state. It must be - * initialised with |CBB_init| or |CBB_init_fixed| before use, but it is safe to - * call |CBB_cleanup| without a successful |CBB_init|. This may be used for more - * uniform cleanup of a |CBB|. */ -OPENSSL_EXPORT void CBB_zero(CBB *cbb); - /* CBB_init initialises |cbb| with |initial_capacity|. Since a |CBB| grows as * needed, the |initial_capacity| is just a hint. It returns one on success or * zero on error. */ @@ -288,14 +268,6 @@ OPENSSL_EXPORT int CBB_finish(CBB *cbb, uint8_t **out_data, size_t *out_len); * on error. */ OPENSSL_EXPORT int CBB_flush(CBB *cbb); -/* CBB_len returns the number of bytes written to |cbb|'s top-level |CBB|. It - * may be compared before and after an operation to determine how many bytes - * were written. - * - * It is a fatal error to call this on a CBB with any active children. This does - * not flush |cbb|. */ -OPENSSL_EXPORT size_t CBB_len(const CBB *cbb); - /* CBB_add_u8_length_prefixed sets |*out_contents| to a new child of |cbb|. The * data written to |*out_contents| will be prefixed in |cbb| with an 8-bit * length. It returns one on success or zero on error. */ @@ -311,7 +283,7 @@ OPENSSL_EXPORT int CBB_add_u16_length_prefixed(CBB *cbb, CBB *out_contents); * big-endian length. It returns one on success or zero on error. */ OPENSSL_EXPORT int CBB_add_u24_length_prefixed(CBB *cbb, CBB *out_contents); -/* CBB_add_asn1 sets |*out_contents| to a |CBB| into which the contents of an +/* CBB_add_asn sets |*out_contents| to a |CBB| into which the contents of an * ASN.1 object can be written. The |tag| argument will be used as the tag for * the object. Passing in |tag| number 31 will return in an error since only * single octet identifiers are supported. It returns one on success or zero @@ -332,7 +304,7 @@ OPENSSL_EXPORT int CBB_add_space(CBB *cbb, uint8_t **out_data, size_t len); * success and zero otherwise. */ OPENSSL_EXPORT int CBB_add_u8(CBB *cbb, uint8_t value); -/* CBB_add_u16 appends a 16-bit, big-endian number from |value| to |cbb|. It +/* CBB_add_u8 appends a 16-bit, big-endian number from |value| to |cbb|. It * returns one on success and zero otherwise. */ OPENSSL_EXPORT int CBB_add_u16(CBB *cbb, uint16_t value); diff --git a/src/include/openssl/chacha.h b/src/include/openssl/chacha.h index b7f5882..ce53d49 100644 --- a/src/include/openssl/chacha.h +++ b/src/include/openssl/chacha.h @@ -25,9 +25,9 @@ extern "C" { /* CRYPTO_chacha_20 encrypts |in_len| bytes from |in| with the given key and * nonce and writes the result to |out|, which may be equal to |in|. The * initial block counter is specified by |counter|. */ -OPENSSL_EXPORT void CRYPTO_chacha_20(uint8_t *out, const uint8_t *in, - size_t in_len, const uint8_t key[32], - const uint8_t nonce[8], size_t counter); +void CRYPTO_chacha_20(uint8_t *out, const uint8_t *in, + size_t in_len, const uint8_t key[32], + const uint8_t nonce[8], size_t counter); #if defined(__cplusplus) diff --git a/src/include/openssl/cipher.h b/src/include/openssl/cipher.h index a4e79dd..7f5fe04 100644 --- a/src/include/openssl/cipher.h +++ b/src/include/openssl/cipher.h @@ -75,9 +75,6 @@ extern "C" { OPENSSL_EXPORT const EVP_CIPHER *EVP_rc4(void); OPENSSL_EXPORT const EVP_CIPHER *EVP_des_cbc(void); -OPENSSL_EXPORT const EVP_CIPHER *EVP_des_ecb(void); -OPENSSL_EXPORT const EVP_CIPHER *EVP_des_ede(void); -OPENSSL_EXPORT const EVP_CIPHER *EVP_des_ede_cbc(void); OPENSSL_EXPORT const EVP_CIPHER *EVP_des_ede3_cbc(void); OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_128_ecb(void); @@ -89,7 +86,6 @@ OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_ecb(void); OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_cbc(void); OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_ctr(void); OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_ofb(void); -OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_xts(void); /* Deprecated AES-GCM implementations that set |EVP_CIPH_FLAG_CUSTOM_CIPHER|. * Use |EVP_aead_aes_128_gcm| and |EVP_aead_aes_256_gcm| instead. */ @@ -106,9 +102,6 @@ OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_192_gcm(void); * ciphertext. */ OPENSSL_EXPORT const EVP_CIPHER *EVP_enc_null(void); -/* EVP_rc2_cbc returns a cipher that implements 128-bit RC2 in CBC mode. */ -OPENSSL_EXPORT const EVP_CIPHER *EVP_rc2_cbc(void); - /* EVP_rc2_40_cbc returns a cipher that implements 40-bit RC2 in CBC mode. This * is obviously very, very weak and is included only in order to read PKCS#12 * files, which often encrypt the certificate chain using this cipher. It is @@ -345,7 +338,6 @@ OPENSSL_EXPORT int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, #define EVP_CIPH_OFB_MODE 0x4 #define EVP_CIPH_CTR_MODE 0x5 #define EVP_CIPH_GCM_MODE 0x6 -#define EVP_CIPH_XTS_MODE 0x7 /* Cipher flags (for |EVP_CIPHER_flags|). */ @@ -541,6 +533,41 @@ struct evp_cipher_st { } /* extern C */ #endif +#define CIPHER_F_EVP_AEAD_CTX_init 100 +#define CIPHER_F_EVP_AEAD_CTX_open 101 +#define CIPHER_F_EVP_AEAD_CTX_seal 102 +#define CIPHER_F_EVP_CIPHER_CTX_copy 103 +#define CIPHER_F_EVP_CIPHER_CTX_ctrl 104 +#define CIPHER_F_EVP_CIPHER_CTX_set_key_length 105 +#define CIPHER_F_EVP_CipherInit_ex 106 +#define CIPHER_F_EVP_DecryptFinal_ex 107 +#define CIPHER_F_EVP_EncryptFinal_ex 108 +#define CIPHER_F_aead_aes_gcm_init 109 +#define CIPHER_F_aead_aes_gcm_open 110 +#define CIPHER_F_aead_aes_gcm_seal 111 +#define CIPHER_F_aead_aes_key_wrap_init 112 +#define CIPHER_F_aead_aes_key_wrap_open 113 +#define CIPHER_F_aead_aes_key_wrap_seal 114 +#define CIPHER_F_aead_chacha20_poly1305_init 115 +#define CIPHER_F_aead_chacha20_poly1305_open 116 +#define CIPHER_F_aead_chacha20_poly1305_seal 117 +#define CIPHER_F_aead_rc4_md5_tls_init 118 +#define CIPHER_F_aead_rc4_md5_tls_open 119 +#define CIPHER_F_aead_rc4_md5_tls_seal 120 +#define CIPHER_F_aead_ssl3_ensure_cipher_init 121 +#define CIPHER_F_aead_ssl3_init 122 +#define CIPHER_F_aead_ssl3_open 123 +#define CIPHER_F_aead_ssl3_seal 124 +#define CIPHER_F_aead_tls_ensure_cipher_init 125 +#define CIPHER_F_aead_tls_init 126 +#define CIPHER_F_aead_tls_open 127 +#define CIPHER_F_aead_tls_seal 128 +#define CIPHER_F_aes_init_key 129 +#define CIPHER_F_aesni_init_key 130 +#define CIPHER_F_EVP_AEAD_CTX_init_with_direction 131 +#define CIPHER_F_aead_aes_ctr_hmac_sha256_init 132 +#define CIPHER_F_aead_aes_ctr_hmac_sha256_open 133 +#define CIPHER_F_aead_aes_ctr_hmac_sha256_seal 134 #define CIPHER_R_AES_KEY_SETUP_FAILED 100 #define CIPHER_R_BAD_DECRYPT 101 #define CIPHER_R_BAD_KEY_LENGTH 102 diff --git a/src/include/openssl/conf.h b/src/include/openssl/conf.h index a2741a8..84fc94f 100644 --- a/src/include/openssl/conf.h +++ b/src/include/openssl/conf.h @@ -135,6 +135,10 @@ int CONF_parse_list(const char *list, char sep, int remove_whitespace, } /* extern C */ #endif +#define CONF_F_CONF_parse_list 100 +#define CONF_F_NCONF_load 101 +#define CONF_F_def_load_bio 102 +#define CONF_F_str_copy 103 #define CONF_R_LIST_CANNOT_BE_NULL 100 #define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 101 #define CONF_R_MISSING_EQUAL_SIGN 102 diff --git a/src/include/openssl/cpu.h b/src/include/openssl/cpu.h index 981d246..83ec473 100644 --- a/src/include/openssl/cpu.h +++ b/src/include/openssl/cpu.h @@ -77,16 +77,11 @@ extern "C" { * * Index 0: * EDX for CPUID where EAX = 1 - * Bit 20 is always zero - * Bit 28 is adjusted to reflect whether the data cache is shared between - * multiple logical cores * Bit 30 is used to indicate an Intel CPU * Index 1: * ECX for CPUID where EAX = 1 - * Bit 11 is used to indicate AMD XOP support, not SDBG * Index 2: * EBX for CPUID where EAX = 7 - * Index 3 is set to zero. * * Note: the CPUID bits are pre-adjusted for the OSXSAVE bit and the YMM and XMM * bits in XCR0, so it is not necessary to check those. */ diff --git a/src/include/openssl/crypto.h b/src/include/openssl/crypto.h index 5207a12..3af1547 100644 --- a/src/include/openssl/crypto.h +++ b/src/include/openssl/crypto.h @@ -21,10 +21,6 @@ * mem.h. */ #include <openssl/mem.h> -/* Upstream OpenSSL defines |CRYPTO_LOCK|, etc., in crypto.h rather than - * thread.h. */ -#include <openssl/thread.h> - #if defined(__cplusplus) extern "C" { @@ -59,4 +55,9 @@ OPENSSL_EXPORT unsigned long SSLeay(void); } /* extern C */ #endif +#define CRYPTO_F_CRYPTO_get_ex_new_index 100 +#define CRYPTO_F_CRYPTO_set_ex_data 101 +#define CRYPTO_F_get_class 102 +#define CRYPTO_F_get_func_pointers 103 + #endif /* OPENSSL_HEADER_CRYPTO_H */ diff --git a/src/include/openssl/des.h b/src/include/openssl/des.h index f9db62d..6e1b0cf 100644 --- a/src/include/openssl/des.h +++ b/src/include/openssl/des.h @@ -72,7 +72,12 @@ typedef struct DES_cblock_st { } DES_cblock; typedef struct DES_ks { - uint32_t subkeys[16][2]; + union { + DES_cblock cblock; + /* make sure things are correct size on machines with + * 8 byte longs */ + uint32_t deslong[2]; + } ks[16]; } DES_key_schedule; @@ -137,26 +142,6 @@ OPENSSL_EXPORT void DES_ede2_cbc_encrypt(const uint8_t *in, uint8_t *out, DES_cblock *ivec, int enc); -/* Deprecated functions. */ - -/* DES_set_key_unchecked calls |DES_set_key|. */ -OPENSSL_EXPORT void DES_set_key_unchecked(const DES_cblock *key, - DES_key_schedule *schedule); - -OPENSSL_EXPORT void DES_ede3_cfb64_encrypt(const uint8_t *in, uint8_t *out, - long length, DES_key_schedule *ks1, - DES_key_schedule *ks2, - DES_key_schedule *ks3, - DES_cblock *ivec, int *num, int enc); - -OPENSSL_EXPORT void DES_ede3_cfb_encrypt(const uint8_t *in, uint8_t *out, - int numbits, long length, - DES_key_schedule *ks1, - DES_key_schedule *ks2, - DES_key_schedule *ks3, - DES_cblock *ivec, int enc); - - #if defined(__cplusplus) } /* extern C */ #endif diff --git a/src/include/openssl/dh.h b/src/include/openssl/dh.h index 75df632..17574d5 100644 --- a/src/include/openssl/dh.h +++ b/src/include/openssl/dh.h @@ -235,7 +235,7 @@ struct dh_st { BIGNUM *p; BIGNUM *g; - BIGNUM *pub_key; /* g^x mod p */ + BIGNUM *pub_key; /* g^x */ BIGNUM *priv_key; /* x */ /* priv_length contains the length, in bits, of the private value. If zero, @@ -262,6 +262,10 @@ struct dh_st { } /* extern C */ #endif +#define DH_F_DH_new_method 100 +#define DH_F_compute_key 101 +#define DH_F_generate_key 102 +#define DH_F_generate_parameters 103 #define DH_R_BAD_GENERATOR 100 #define DH_R_INVALID_PUBKEY 101 #define DH_R_MODULUS_TOO_LARGE 102 diff --git a/src/include/openssl/digest.h b/src/include/openssl/digest.h index 66be4d0..2ea4ec4 100644 --- a/src/include/openssl/digest.h +++ b/src/include/openssl/digest.h @@ -234,9 +234,15 @@ struct evp_md_pctx_ops; struct env_md_ctx_st { /* digest is the underlying digest function, or NULL if not set. */ const EVP_MD *digest; + /* flags is the OR of a number of |EVP_MD_CTX_FLAG_*| values. */ + uint32_t flags; /* md_data points to a block of memory that contains the hash-specific * context. */ void *md_data; + /* update is usually copied from |digest->update| but can differ in some + * cases, i.e. HMAC. + * TODO(davidben): Remove this hook once |EVP_PKEY_HMAC| is gone. */ + void (*update)(EVP_MD_CTX *ctx, const void *data, size_t count); /* pctx is an opaque (at this layer) pointer to additional context that * EVP_PKEY functions may store in this object. */ @@ -252,6 +258,8 @@ struct env_md_ctx_st { } /* extern C */ #endif +#define DIGEST_F_EVP_DigestInit_ex 100 +#define DIGEST_F_EVP_MD_CTX_copy_ex 101 #define DIGEST_R_INPUT_NOT_INITIALIZED 100 #endif /* OPENSSL_HEADER_DIGEST_H */ diff --git a/src/include/openssl/dsa.h b/src/include/openssl/dsa.h index b1e7309..7274e4c 100644 --- a/src/include/openssl/dsa.h +++ b/src/include/openssl/dsa.h @@ -366,6 +366,11 @@ struct dsa_st { } /* extern C */ #endif +#define DSA_F_DSA_new_method 100 +#define DSA_F_dsa_sig_cb 101 +#define DSA_F_sign 102 +#define DSA_F_sign_setup 103 +#define DSA_F_verify 104 #define DSA_R_BAD_Q_VALUE 100 #define DSA_R_MISSING_PARAMETERS 101 #define DSA_R_MODULUS_TOO_LARGE 102 diff --git a/src/include/openssl/ec.h b/src/include/openssl/ec.h index f664211..25b4551 100644 --- a/src/include/openssl/ec.h +++ b/src/include/openssl/ec.h @@ -220,7 +220,7 @@ OPENSSL_EXPORT int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, BIGNUM *x, BIGNUM *y, BN_CTX *ctx); -/* EC_POINT_set_affine_coordinates_GFp sets the value of |p| to be (|x|, |y|). The +/* EC_POINT_set_affine_coordinates sets the value of |p| to be (|x|, |y|). The * |ctx| argument may be used if not NULL. */ OPENSSL_EXPORT int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, @@ -265,7 +265,7 @@ OPENSSL_EXPORT int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, OPENSSL_EXPORT int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx); -/* EC_POINT_invert sets |a| equal to minus |a|. It returns one on success and zero +/* EC_POINT_dbl sets |a| equal to minus |a|. It returns one on success and zero * otherwise. If |ctx| is not NULL, it may be used. */ OPENSSL_EXPORT int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx); @@ -334,6 +334,73 @@ OPENSSL_EXPORT void EC_GROUP_set_point_conversion_form( } /* extern C */ #endif +#define EC_F_EC_GROUP_copy 100 +#define EC_F_EC_GROUP_get_curve_GFp 101 +#define EC_F_EC_GROUP_get_degree 102 +#define EC_F_EC_GROUP_new_by_curve_name 103 +#define EC_F_EC_KEY_check_key 104 +#define EC_F_EC_KEY_copy 105 +#define EC_F_EC_KEY_generate_key 106 +#define EC_F_EC_KEY_new_method 107 +#define EC_F_EC_KEY_set_public_key_affine_coordinates 108 +#define EC_F_EC_POINT_add 109 +#define EC_F_EC_POINT_cmp 110 +#define EC_F_EC_POINT_copy 111 +#define EC_F_EC_POINT_dbl 112 +#define EC_F_EC_POINT_dup 113 +#define EC_F_EC_POINT_get_affine_coordinates_GFp 114 +#define EC_F_EC_POINT_invert 115 +#define EC_F_EC_POINT_is_at_infinity 116 +#define EC_F_EC_POINT_is_on_curve 117 +#define EC_F_EC_POINT_make_affine 118 +#define EC_F_EC_POINT_new 119 +#define EC_F_EC_POINT_oct2point 120 +#define EC_F_EC_POINT_point2oct 121 +#define EC_F_EC_POINT_set_affine_coordinates_GFp 122 +#define EC_F_EC_POINT_set_compressed_coordinates_GFp 123 +#define EC_F_EC_POINT_set_to_infinity 124 +#define EC_F_EC_POINTs_make_affine 125 +#define EC_F_compute_wNAF 126 +#define EC_F_d2i_ECPKParameters 127 +#define EC_F_d2i_ECParameters 128 +#define EC_F_d2i_ECPrivateKey 129 +#define EC_F_ec_GFp_mont_field_decode 130 +#define EC_F_ec_GFp_mont_field_encode 131 +#define EC_F_ec_GFp_mont_field_mul 132 +#define EC_F_ec_GFp_mont_field_set_to_one 133 +#define EC_F_ec_GFp_mont_field_sqr 134 +#define EC_F_ec_GFp_mont_group_set_curve 135 +#define EC_F_ec_GFp_simple_group_check_discriminant 136 +#define EC_F_ec_GFp_simple_group_set_curve 137 +#define EC_F_ec_GFp_simple_make_affine 138 +#define EC_F_ec_GFp_simple_oct2point 139 +#define EC_F_ec_GFp_simple_point2oct 140 +#define EC_F_ec_GFp_simple_point_get_affine_coordinates 141 +#define EC_F_ec_GFp_simple_point_set_affine_coordinates 142 +#define EC_F_ec_GFp_simple_points_make_affine 143 +#define EC_F_ec_GFp_simple_set_compressed_coordinates 144 +#define EC_F_ec_asn1_group2pkparameters 145 +#define EC_F_ec_asn1_pkparameters2group 146 +#define EC_F_ec_group_new 147 +#define EC_F_ec_group_new_curve_GFp 148 +#define EC_F_ec_group_new_from_data 149 +#define EC_F_ec_point_set_Jprojective_coordinates_GFp 150 +#define EC_F_ec_pre_comp_new 151 +#define EC_F_ec_wNAF_mul 152 +#define EC_F_ec_wNAF_precompute_mult 153 +#define EC_F_i2d_ECPKParameters 154 +#define EC_F_i2d_ECParameters 155 +#define EC_F_i2d_ECPrivateKey 156 +#define EC_F_i2o_ECPublicKey 157 +#define EC_F_o2i_ECPublicKey 158 +#define EC_F_BN_to_felem 159 +#define EC_F_ec_GFp_nistp256_group_set_curve 160 +#define EC_F_ec_GFp_nistp256_point_get_affine_coordinates 161 +#define EC_F_ec_GFp_nistp256_points_mul 162 +#define EC_F_ec_group_copy 163 +#define EC_F_nistp256_pre_comp_new 164 +#define EC_F_EC_KEY_new_by_curve_name 165 +#define EC_F_EC_GROUP_new_curve_GFp 166 #define EC_R_BUFFER_TOO_SMALL 100 #define EC_R_COORDINATES_OUT_OF_RANGE 101 #define EC_R_D2I_ECPKPARAMETERS_FAILURE 102 diff --git a/src/include/openssl/ec_key.h b/src/include/openssl/ec_key.h index 1cd4e6e..ee64030 100644 --- a/src/include/openssl/ec_key.h +++ b/src/include/openssl/ec_key.h @@ -192,7 +192,7 @@ OPENSSL_EXPORT int EC_KEY_generate_key(EC_KEY *key); OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey(EC_KEY **out_key, const uint8_t **inp, long len); -/* i2d_ECPrivateKey marshals an EC private key from |key| to an ASN.1, DER +/* i2d_ECParameters marshals an EC private key from |key| to an ASN.1, DER * structure. If |outp| is not NULL then the result is written to |*outp| and * |*outp| is advanced just past the output. It returns the number of bytes in * the result, whether written or not, or a negative value on error. */ @@ -215,8 +215,8 @@ OPENSSL_EXPORT int i2d_ECParameters(const EC_KEY *key, uint8_t **outp); /* o2i_ECPublicKey parses an EC point from |len| bytes at |*inp| into * |*out_key|. Note that this differs from the d2i format in that |*out_key| - * must be non-NULL with a group set. On successful exit, |*inp| is advanced by - * |len| bytes. It returns |*out_key| or NULL on error. */ + * must be non-NULL. On successful exit, |*inp| is advanced past the DER + * structure. It returns |*out_key| or NULL on error. */ OPENSSL_EXPORT EC_KEY *o2i_ECPublicKey(EC_KEY **out_key, const uint8_t **inp, long len); diff --git a/src/include/openssl/ecdh.h b/src/include/openssl/ecdh.h index 878cbeb..27a8578 100644 --- a/src/include/openssl/ecdh.h +++ b/src/include/openssl/ecdh.h @@ -95,6 +95,7 @@ OPENSSL_EXPORT int ECDH_compute_key(void *out, size_t outlen, } /* extern C */ #endif +#define ECDH_F_ECDH_compute_key 100 #define ECDH_R_KDF_FAILED 100 #define ECDH_R_NO_PRIVATE_VALUE 101 #define ECDH_R_POINT_ARITHMETIC_FAILURE 102 diff --git a/src/include/openssl/ecdsa.h b/src/include/openssl/ecdsa.h index 84702c3..e045463 100644 --- a/src/include/openssl/ecdsa.h +++ b/src/include/openssl/ecdsa.h @@ -148,34 +148,6 @@ OPENSSL_EXPORT int ECDSA_sign_ex(int type, const uint8_t *digest, /* ASN.1 functions. */ -/* ECDSA_SIG_parse parses a DER-encoded ECDSA-Sig-Value structure from |cbs| and - * advances |cbs|. It returns a newly-allocated |ECDSA_SIG| or NULL on error. */ -OPENSSL_EXPORT ECDSA_SIG *ECDSA_SIG_parse(CBS *cbs); - -/* ECDSA_SIG_from_bytes parses |in| as a DER-encoded ECDSA-Sig-Value structure. - * It returns a newly-allocated |ECDSA_SIG| structure or NULL on error. */ -OPENSSL_EXPORT ECDSA_SIG *ECDSA_SIG_from_bytes(const uint8_t *in, - size_t in_len); - -/* ECDSA_SIG_marshal marshals |sig| as a DER-encoded ECDSA-Sig-Value and appends - * the result to |cbb|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int ECDSA_SIG_marshal(CBB *cbb, const ECDSA_SIG *sig); - -/* ECDSA_SIG_to_asn1 marshals |sig| as a DER-encoded ECDSA-Sig-Value and, on - * success, sets |*out_bytes| to a newly allocated buffer containing the result - * and returns one. Otherwise, it returns zero. The result should be freed with - * |OPENSSL_free|. */ -OPENSSL_EXPORT int ECDSA_SIG_to_bytes(uint8_t **out_bytes, size_t *out_len, - const ECDSA_SIG *sig); - -/* ECDSA_SIG_max_len returns the maximum length of a DER-encoded ECDSA-Sig-Value - * structure for a group whose order is represented in |order_len| bytes, or - * zero on overflow. */ -OPENSSL_EXPORT size_t ECDSA_SIG_max_len(size_t order_len); - - -/* Deprecated functions. */ - /* d2i_ECDSA_SIG parses an ASN.1, DER-encoded, signature from |len| bytes at * |*inp|. If |out| is not NULL then, on exit, a pointer to the result is in * |*out|. If |*out| is already non-NULL on entry then the result is written @@ -196,11 +168,15 @@ OPENSSL_EXPORT int i2d_ECDSA_SIG(const ECDSA_SIG *sig, uint8_t **outp); } /* extern C */ #endif +#define ECDSA_F_ECDSA_do_sign_ex 100 +#define ECDSA_F_ECDSA_do_verify 101 +#define ECDSA_F_ECDSA_sign_ex 102 +#define ECDSA_F_digest_to_bn 103 +#define ECDSA_F_ecdsa_sign_setup 104 #define ECDSA_R_BAD_SIGNATURE 100 #define ECDSA_R_MISSING_PARAMETERS 101 #define ECDSA_R_NEED_NEW_SETUP_VALUES 102 #define ECDSA_R_NOT_IMPLEMENTED 103 #define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104 -#define ECDSA_R_ENCODE_ERROR 105 #endif /* OPENSSL_HEADER_ECDSA_H */ diff --git a/src/include/openssl/err.h b/src/include/openssl/err.h index c61e1ef..30dc4af 100644 --- a/src/include/openssl/err.h +++ b/src/include/openssl/err.h @@ -126,11 +126,12 @@ extern "C" { * * Each error contains: * 1) The library (i.e. ec, pem, rsa) which created it. - * 2) The function, file, and line number of the call that added the error. - * 3) A pointer to some error specific data, which may be NULL. + * 2) A function identifier and reason code. + * 3) The file and line number of the call that added the error. + * 4) A pointer to some error specific data, which may be NULL. * - * The library identifier and reason code are packed in a uint32_t and there - * exist various functions for unpacking it. + * The library identifier, function identifier and reason code are packed in a + * uint32_t and there exist various functions for unpacking it. * * The typical behaviour is that an error will occur deep in a call queue and * that code will push an error onto the error queue. As the error queue @@ -183,10 +184,6 @@ OPENSSL_EXPORT uint32_t ERR_peek_error_line(const char **file, int *line); OPENSSL_EXPORT uint32_t ERR_peek_error_line_data(const char **file, int *line, const char **data, int *flags); -/* ERR_peek_function returns the name of the function which added the least - * recent error or NULL if the queue is empty. */ -OPENSSL_EXPORT const char *ERR_peek_function(void); - /* The "peek last" functions act like the "peek" functions, above, except that * they return the most recent error. */ OPENSSL_EXPORT uint32_t ERR_peek_last_error(void); @@ -205,10 +202,10 @@ OPENSSL_EXPORT uint32_t ERR_peek_last_error_line_data(const char **file, * * The string will have the following format: * - * error:[error code]:[library name]:OPENSSL_internal:[reason string] + * error:[error code]:[library name]:[function name]:[reason string] * - * error code is an 8 digit hexadecimal number; library name and reason string - * are ASCII text. + * error code is an 8 digit hexadecimal number; library name, function name + * and reason string are ASCII text. * * TODO(fork): remove in favour of |ERR_error_string_n|. */ OPENSSL_EXPORT char *ERR_error_string(uint32_t packed_error, char *buf); @@ -225,6 +222,10 @@ OPENSSL_EXPORT void ERR_error_string_n(uint32_t packed_error, char *buf, * generated |packed_error|. */ OPENSSL_EXPORT const char *ERR_lib_error_string(uint32_t packed_error); +/* ERR_func_error_string returns a string representation of the function that + * generated |packed_error|. */ +OPENSSL_EXPORT const char *ERR_func_error_string(uint32_t packed_error); + /* ERR_reason_error_string returns a string representation of the reason for * |packed_error|. */ OPENSSL_EXPORT const char *ERR_reason_error_string(uint32_t packed_error); @@ -257,11 +258,11 @@ typedef int (*ERR_print_errors_callback_t)(const char *str, size_t len, OPENSSL_EXPORT void ERR_print_errors_cb(ERR_print_errors_callback_t callback, void *ctx); + /* ERR_print_errors_fp prints the current contents of the error stack to |file| * using human readable strings where possible. */ OPENSSL_EXPORT void ERR_print_errors_fp(FILE *file); - /* Clearing errors. */ /* ERR_clear_error clears the error queue for the current thread. */ @@ -286,41 +287,30 @@ OPENSSL_EXPORT int ERR_get_next_error_library(void); /* Deprecated functions. */ -/* ERR_remove_state calls |ERR_clear_error|. */ +/* |ERR_remove_state| calls |ERR_clear_error|. */ OPENSSL_EXPORT void ERR_remove_state(unsigned long pid); -/* ERR_func_error_string returns the string "OPENSSL_internal". */ -OPENSSL_EXPORT const char *ERR_func_error_string(uint32_t packed_error); - /* Private functions. */ /* ERR_clear_system_error clears the system's error value (i.e. errno). */ OPENSSL_EXPORT void ERR_clear_system_error(void); -#if defined(OPENSSL_WINDOWS) -/* TODO(davidben): Use |__func__| directly once the minimum MSVC version - * supports it. */ -#define OPENSSL_CURRENT_FUNCTION __FUNCTION__ -#else -#define OPENSSL_CURRENT_FUNCTION __func__ -#endif - /* OPENSSL_PUT_ERROR is used by OpenSSL code to add an error to the error * queue. */ -#define OPENSSL_PUT_ERROR(library, reason) \ - ERR_put_error(ERR_LIB_##library, reason, OPENSSL_CURRENT_FUNCTION, __FILE__, \ +#define OPENSSL_PUT_ERROR(library, func, reason) \ + ERR_put_error(ERR_LIB_##library, library##_F_##func, reason, __FILE__, \ __LINE__) /* OPENSSL_PUT_SYSTEM_ERROR is used by OpenSSL code to add an error from the * operating system to the error queue. */ /* TODO(fork): include errno. */ #define OPENSSL_PUT_SYSTEM_ERROR(func) \ - ERR_put_error(ERR_LIB_SYS, 0, #func, __FILE__, __LINE__); + ERR_put_error(ERR_LIB_SYS, SYS_F_##func, 0, __FILE__, __LINE__); /* ERR_put_error adds an error to the error queue, dropping the least recent * error if neccessary for space reasons. */ -OPENSSL_EXPORT void ERR_put_error(int library, int reason, const char *function, +OPENSSL_EXPORT void ERR_put_error(int library, int func, int reason, const char *file, unsigned line); /* ERR_add_error_data takes a variable number (|count|) of const char* @@ -343,8 +333,6 @@ OPENSSL_EXPORT int ERR_set_mark(void); OPENSSL_EXPORT int ERR_pop_to_mark(void); struct err_error_st { - /* function contains the name of the function where the error occured. */ - const char *function; /* file contains the filename where the error occured. */ const char *file; /* data contains optional data. It must be freed with |OPENSSL_free| if @@ -430,8 +418,8 @@ enum { ERR_LIB_HMAC, ERR_LIB_DIGEST, ERR_LIB_CIPHER, - ERR_LIB_HKDF, ERR_LIB_USER, + ERR_LIB_HKDF, ERR_NUM_LIBS }; @@ -481,11 +469,22 @@ enum { #define ERR_R_INTERNAL_ERROR (4 | ERR_R_FATAL) #define ERR_R_OVERFLOW (5 | ERR_R_FATAL) -#define ERR_PACK(lib, reason) \ - (((((uint32_t)lib) & 0xff) << 24) | ((((uint32_t)reason) & 0xfff))) +/* System error functions */ +#define SYS_F_fopen 100 +#define SYS_F_fclose 101 +#define SYS_F_fread 102 +#define SYS_F_fwrite 103 +#define SYS_F_socket 104 +#define SYS_F_setsockopt 105 +#define SYS_F_connect 106 +#define SYS_F_getaddrinfo 107 + +#define ERR_PACK(lib, func, reason) \ + (((((uint32_t)lib) & 0xff) << 24) | ((((uint32_t)func) & 0xfff) << 12) | \ + ((((uint32_t)reason) & 0xfff))) #define ERR_GET_LIB(packed_error) ((int)(((packed_error) >> 24) & 0xff)) -#define ERR_GET_FUNC(packed_error) 0 +#define ERR_GET_FUNC(packed_error) ((int)(((packed_error) >> 12) & 0xfff)) #define ERR_GET_REASON(packed_error) ((int)((packed_error) & 0xfff)) /* OPENSSL_DECLARE_ERROR_REASON is used by util/make_errors.h (which generates @@ -495,6 +494,13 @@ enum { * ${lib}_R_${reason}. */ #define OPENSSL_DECLARE_ERROR_REASON(lib, reason) +/* OPENSSL_DECLARE_ERROR_FUNCTION is used by util/make_errors.h (which + * generates the error * defines to recognise that an additional function value + * is needed. This is * needed when the function value is used outside of an + * |OPENSSL_PUT_ERROR| * macro. The resulting define will be + * ${lib}_F_${reason}. */ +#define OPENSSL_DECLARE_ERROR_FUNCTION(lib, function_name) + #if defined(__cplusplus) } /* extern C */ diff --git a/src/include/openssl/evp.h b/src/include/openssl/evp.h index 99b147e..490a951 100644 --- a/src/include/openssl/evp.h +++ b/src/include/openssl/evp.h @@ -66,7 +66,6 @@ * * TODO(fork): clean up callers so that they include what they use. */ #include <openssl/aead.h> -#include <openssl/base64.h> #include <openssl/cipher.h> #include <openssl/digest.h> #include <openssl/obj.h> @@ -137,6 +136,14 @@ OPENSSL_EXPORT int EVP_PKEY_id(const EVP_PKEY *pkey); * |EVP_PKEY_RSA2| will be turned into |EVP_PKEY_RSA|. */ OPENSSL_EXPORT int EVP_PKEY_type(int nid); +/* Deprecated: EVP_PKEY_new_mac_key allocates a fresh |EVP_PKEY| of the given + * type (e.g. |EVP_PKEY_HMAC|), sets |mac_key| as the MAC key and "generates" a + * new key, suitable for signing. It returns the fresh |EVP_PKEY|, or NULL on + * error. Use |HMAC_CTX| directly instead. */ +OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *engine, + const uint8_t *mac_key, + size_t mac_key_len); + /* Getting and setting concrete public key types. * @@ -170,6 +177,9 @@ OPENSSL_EXPORT struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey); #define EVP_PKEY_DHX NID_dhpublicnumber #define EVP_PKEY_EC NID_X9_62_id_ecPublicKey +/* Deprecated: Use |HMAC_CTX| directly instead. */ +#define EVP_PKEY_HMAC NID_hmac + /* EVP_PKEY_assign sets the underlying key of |pkey| to |key|, which must be of * the given type. The |type| argument should be one of the |EVP_PKEY_*| * values. */ @@ -210,13 +220,10 @@ OPENSSL_EXPORT EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp, * the result, whether written or not, or a negative value on error. */ OPENSSL_EXPORT int i2d_PrivateKey(const EVP_PKEY *key, uint8_t **outp); -/* i2d_PublicKey marshals a public key from |key| to a type-specific format. - * If |outp| is not NULL then the result is written to |*outp| and +/* i2d_PublicKey marshals a public key from |key| to an ASN.1, DER + * structure. If |outp| is not NULL then the result is written to |*outp| and * |*outp| is advanced just past the output. It returns the number of bytes in - * the result, whether written or not, or a negative value on error. - * - * RSA keys are serialized as a DER-encoded RSAPublicKey (RFC 3447) structure. - * EC keys are serialized as an EC point per SEC 1. */ + * the result, whether written or not, or a negative value on error. */ OPENSSL_EXPORT int i2d_PublicKey(EVP_PKEY *key, uint8_t **outp); @@ -370,12 +377,12 @@ OPENSSL_EXPORT int EVP_VerifyFinal(EVP_MD_CTX *ctx, const uint8_t *sig, OPENSSL_EXPORT int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx); -/* EVP_PKEY_print_private prints a textual representation of the private key in +/* EVP_PKEY_print_public prints a textual representation of the private key in * |pkey| to |out|. Returns one on success or zero otherwise. */ OPENSSL_EXPORT int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx); -/* EVP_PKEY_print_params prints a textual representation of the parameters in +/* EVP_PKEY_print_public prints a textual representation of the parameters in * |pkey| to |out|. Returns one on success or zero otherwise. */ OPENSSL_EXPORT int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx); @@ -412,13 +419,13 @@ OPENSSL_EXPORT int PKCS5_PBKDF2_HMAC_SHA1(const char *password, * returns the context or NULL on error. */ OPENSSL_EXPORT EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e); -/* EVP_PKEY_CTX_new_id allocates a fresh |EVP_PKEY_CTX| for a key of type |id| +/* EVP_PKEY_CTX_new allocates a fresh |EVP_PKEY_CTX| for a key of type |id| * (e.g. |EVP_PKEY_HMAC|). This can be used for key generation where * |EVP_PKEY_CTX_new| can't be used because there isn't an |EVP_PKEY| to pass * it. It returns the context or NULL on error. */ OPENSSL_EXPORT EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e); -/* EVP_PKEY_CTX_free frees |ctx| and the data it owns. */ +/* EVP_KEY_CTX_free frees |ctx| and the data it owns. */ OPENSSL_EXPORT void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx); /* EVP_PKEY_CTX_dup allocates a fresh |EVP_PKEY_CTX| and sets it equal to the @@ -643,6 +650,17 @@ OPENSSL_EXPORT int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, /* Deprecated functions. */ +/* EVP_PKEY_dup adds one to the reference count of |pkey| and returns + * |pkey|. + * + * WARNING: this is a |_dup| function that doesn't actually duplicate! Use + * |EVP_PKEY_up_ref| if you want to increment the reference count without + * confusion. */ +OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey); + + +/* Private functions */ + /* OpenSSL_add_all_algorithms does nothing. */ OPENSSL_EXPORT void OpenSSL_add_all_algorithms(void); @@ -655,9 +673,6 @@ OPENSSL_EXPORT void OpenSSL_add_all_digests(void); /* EVP_cleanup does nothing. */ OPENSSL_EXPORT void EVP_cleanup(void); - -/* Private functions */ - /* EVP_PKEY_asn1_find returns the ASN.1 method table for the given |nid|, which * should be one of the |EVP_PKEY_*| values. It returns NULL if |nid| is * unknown. */ @@ -677,10 +692,10 @@ struct evp_pkey_st { union { char *ptr; - RSA *rsa; - DSA *dsa; - DH *dh; - EC_KEY *ec; + struct rsa_st *rsa; /* RSA */ + struct dsa_st *dsa; /* DSA */ + struct dh_st *dh; /* DH */ + struct ec_key_st *ec; /* ECC */ } pkey; /* ameth contains a pointer to a method table that contains many ASN.1 @@ -693,6 +708,74 @@ struct evp_pkey_st { } /* extern C */ #endif +#define EVP_F_EVP_PKEY_derive_init 108 +#define EVP_F_EVP_PKEY_encrypt 110 +#define EVP_F_EVP_PKEY_encrypt_init 111 +#define EVP_F_EVP_PKEY_get1_DH 112 +#define EVP_F_EVP_PKEY_get1_EC_KEY 114 +#define EVP_F_EVP_PKEY_get1_RSA 115 +#define EVP_F_EVP_PKEY_keygen 116 +#define EVP_F_EVP_PKEY_sign 120 +#define EVP_F_EVP_PKEY_sign_init 121 +#define EVP_F_EVP_PKEY_verify 122 +#define EVP_F_EVP_PKEY_verify_init 123 +#define EVP_F_d2i_AutoPrivateKey 125 +#define EVP_F_d2i_PrivateKey 126 +#define EVP_F_do_EC_KEY_print 127 +#define EVP_F_do_sigver_init 129 +#define EVP_F_eckey_param2type 130 +#define EVP_F_eckey_param_decode 131 +#define EVP_F_eckey_priv_decode 132 +#define EVP_F_eckey_priv_encode 133 +#define EVP_F_eckey_pub_decode 134 +#define EVP_F_eckey_pub_encode 135 +#define EVP_F_eckey_type2param 136 +#define EVP_F_evp_pkey_ctx_new 137 +#define EVP_F_hmac_signctx 138 +#define EVP_F_i2d_PublicKey 139 +#define EVP_F_old_ec_priv_decode 140 +#define EVP_F_old_rsa_priv_decode 141 +#define EVP_F_pkey_ec_ctrl 142 +#define EVP_F_pkey_ec_derive 143 +#define EVP_F_pkey_ec_keygen 144 +#define EVP_F_pkey_ec_paramgen 145 +#define EVP_F_pkey_ec_sign 146 +#define EVP_F_pkey_rsa_ctrl 147 +#define EVP_F_pkey_rsa_decrypt 148 +#define EVP_F_pkey_rsa_encrypt 149 +#define EVP_F_pkey_rsa_sign 150 +#define EVP_F_rsa_algor_to_md 151 +#define EVP_F_rsa_digest_verify_init_from_algorithm 152 +#define EVP_F_rsa_mgf1_to_md 153 +#define EVP_F_rsa_priv_decode 154 +#define EVP_F_rsa_priv_encode 155 +#define EVP_F_rsa_pss_to_ctx 156 +#define EVP_F_rsa_pub_decode 157 +#define EVP_F_pkey_hmac_ctrl 158 +#define EVP_F_EVP_PKEY_CTX_get0_rsa_oaep_label 159 +#define EVP_F_EVP_DigestSignAlgorithm 160 +#define EVP_F_EVP_DigestVerifyInitFromAlgorithm 161 +#define EVP_F_EVP_PKEY_CTX_ctrl 162 +#define EVP_F_EVP_PKEY_CTX_dup 163 +#define EVP_F_EVP_PKEY_copy_parameters 164 +#define EVP_F_EVP_PKEY_decrypt 165 +#define EVP_F_EVP_PKEY_decrypt_init 166 +#define EVP_F_EVP_PKEY_derive 167 +#define EVP_F_EVP_PKEY_derive_set_peer 168 +#define EVP_F_EVP_PKEY_get1_DSA 169 +#define EVP_F_EVP_PKEY_keygen_init 170 +#define EVP_F_EVP_PKEY_new 171 +#define EVP_F_EVP_PKEY_set_type 172 +#define EVP_F_check_padding_md 173 +#define EVP_F_do_dsa_print 174 +#define EVP_F_do_rsa_print 175 +#define EVP_F_dsa_param_decode 176 +#define EVP_F_dsa_priv_decode 177 +#define EVP_F_dsa_priv_encode 178 +#define EVP_F_dsa_pub_decode 179 +#define EVP_F_dsa_pub_encode 180 +#define EVP_F_dsa_sig_print 181 +#define EVP_F_old_dsa_priv_decode 182 #define EVP_R_BUFFER_TOO_SMALL 100 #define EVP_R_COMMAND_NOT_SUPPORTED 101 #define EVP_R_DIFFERENT_KEY_TYPES 104 diff --git a/src/include/openssl/ex_data.h b/src/include/openssl/ex_data.h index c0d3773..2303eb4 100644 --- a/src/include/openssl/ex_data.h +++ b/src/include/openssl/ex_data.h @@ -134,7 +134,7 @@ typedef struct crypto_ex_data_st CRYPTO_EX_DATA; #if 0 /* Sample */ -/* TYPE_get_ex_new_index allocates a new index for |TYPE|. See the +/* |TYPE_get_ex_new_index| allocates a new index for |TYPE|. See the * descriptions of the callback typedefs for details of when they are * called. Any of the callback arguments may be NULL. The |argl| and |argp| * arguments are opaque values that are passed to the callbacks. It returns the @@ -146,11 +146,11 @@ OPENSSL_EXPORT int TYPE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -/* TYPE_set_ex_data sets an extra data pointer on |t|. The |index| argument +/* |TYPE_set_ex_data| sets an extra data pointer on |t|. The |index| argument * should have been returned from a previous call to |TYPE_get_ex_new_index|. */ OPENSSL_EXPORT int TYPE_set_ex_data(TYPE *t, int index, void *arg); -/* TYPE_get_ex_data returns an extra data pointer for |t|, or NULL if no such +/* |TYPE_get_ex_data| returns an extra data pointer for |t|, or NULL if no such * pointer exists. The |index| argument should have been returned from a * previous call to |TYPE_get_ex_new_index|. */ OPENSSL_EXPORT void *TYPE_get_ex_data(const TYPE *t, int index); diff --git a/src/include/openssl/hkdf.h b/src/include/openssl/hkdf.h index b7a0dc2..4091b84 100644 --- a/src/include/openssl/hkdf.h +++ b/src/include/openssl/hkdf.h @@ -39,6 +39,7 @@ OPENSSL_EXPORT int HKDF(uint8_t *out_key, size_t out_len, const EVP_MD *digest, } /* extern C */ #endif +#define HKDF_F_HKDF 100 #define HKDF_R_OUTPUT_TOO_LARGE 100 #endif /* OPENSSL_HEADER_HKDF_H */ diff --git a/src/include/openssl/lhash.h b/src/include/openssl/lhash.h index 691b247..d2ee982 100644 --- a/src/include/openssl/lhash.h +++ b/src/include/openssl/lhash.h @@ -1,5 +1,4 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). diff --git a/src/include/openssl/md4.h b/src/include/openssl/md4.h index 1db7499..ce4fa99 100644 --- a/src/include/openssl/md4.h +++ b/src/include/openssl/md4.h @@ -1,5 +1,4 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). @@ -72,7 +71,7 @@ extern "C" { /* MD4_DIGEST_LENGTH is the length of an MD4 digest. */ #define MD4_DIGEST_LENGTH 16 -/* MD4_Init initialises |md4| and returns one. */ +/* MD41_Init initialises |md4| and returns one. */ OPENSSL_EXPORT int MD4_Init(MD4_CTX *md4); /* MD4_Update adds |len| bytes from |data| to |md4| and returns one. */ diff --git a/src/include/openssl/md5.h b/src/include/openssl/md5.h index 9b13922..efedc98 100644 --- a/src/include/openssl/md5.h +++ b/src/include/openssl/md5.h @@ -1,5 +1,4 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). @@ -73,7 +72,7 @@ extern "C" { /* MD5_DIGEST_LENGTH is the length of an MD5 digest. */ #define MD5_DIGEST_LENGTH 16 -/* MD5_Init initialises |md5| and returns one. */ +/* MD51_Init initialises |md5| and returns one. */ OPENSSL_EXPORT int MD5_Init(MD5_CTX *md5); /* MD5_Update adds |len| bytes from |data| to |md5| and returns one. */ diff --git a/src/include/openssl/mem.h b/src/include/openssl/mem.h index c8e2b3e..42ec46a 100644 --- a/src/include/openssl/mem.h +++ b/src/include/openssl/mem.h @@ -1,5 +1,4 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). diff --git a/src/include/openssl/obj.h b/src/include/openssl/obj.h index 0c7ae60..f476617 100644 --- a/src/include/openssl/obj.h +++ b/src/include/openssl/obj.h @@ -128,7 +128,7 @@ OPENSSL_EXPORT const char *OBJ_nid2sn(int nid); /* OBJ_nid2sn returns the long name for |nid|, or NULL if |nid| is unknown. */ OPENSSL_EXPORT const char *OBJ_nid2ln(int nid); -/* OBJ_nid2cbb writes |nid| as an ASN.1 OBJECT IDENTIFIER to |out|. It returns +/* OBJ_nid2cbs writes |nid| as an ASN.1 OBJECT IDENTIFIER to |out|. It returns * one on success or zero otherwise. */ OPENSSL_EXPORT int OBJ_nid2cbb(CBB *out, int nid); @@ -193,6 +193,10 @@ OPENSSL_EXPORT int OBJ_find_sigid_by_algs(int *out_sign_nid, int digest_nid, } /* extern C */ #endif +#define OBJ_F_OBJ_create 100 +#define OBJ_F_OBJ_dup 101 +#define OBJ_F_OBJ_nid2obj 102 +#define OBJ_F_OBJ_txt2obj 103 #define OBJ_R_UNKNOWN_NID 100 #endif /* OPENSSL_HEADER_OBJECTS_H */ diff --git a/src/include/openssl/pem.h b/src/include/openssl/pem.h index db763d5..7756e45 100644 --- a/src/include/openssl/pem.h +++ b/src/include/openssl/pem.h @@ -410,7 +410,7 @@ OPENSSL_EXPORT void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type); OPENSSL_EXPORT void PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt); OPENSSL_EXPORT int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, EVP_PKEY *pkey); -/* PEM_def_callback treats |userdata| as a string and copies it into |buf|, +/* |PEM_def_callback| treats |userdata| as a string and copies it into |buf|, * assuming its |size| is sufficient. Returns the length of the string, or 0 * if there is not enough room. If either |buf| or |userdata| is NULL, 0 is * returned. Note that this is different from OpenSSL, which prompts for a @@ -502,6 +502,30 @@ void ERR_load_PEM_strings(void); } #endif +#define PEM_F_PEM_ASN1_read 100 +#define PEM_F_PEM_ASN1_read_bio 101 +#define PEM_F_PEM_ASN1_write 102 +#define PEM_F_PEM_ASN1_write_bio 103 +#define PEM_F_PEM_X509_INFO_read 104 +#define PEM_F_PEM_X509_INFO_read_bio 105 +#define PEM_F_PEM_X509_INFO_write_bio 106 +#define PEM_F_PEM_do_header 107 +#define PEM_F_PEM_get_EVP_CIPHER_INFO 108 +#define PEM_F_PEM_read 109 +#define PEM_F_PEM_read_DHparams 110 +#define PEM_F_PEM_read_PrivateKey 111 +#define PEM_F_PEM_read_bio 112 +#define PEM_F_PEM_read_bio_DHparams 113 +#define PEM_F_PEM_read_bio_Parameters 114 +#define PEM_F_PEM_read_bio_PrivateKey 115 +#define PEM_F_PEM_write 116 +#define PEM_F_PEM_write_PrivateKey 117 +#define PEM_F_PEM_write_bio 118 +#define PEM_F_d2i_PKCS8PrivateKey_bio 119 +#define PEM_F_d2i_PKCS8PrivateKey_fp 120 +#define PEM_F_do_pk8pkey 121 +#define PEM_F_do_pk8pkey_fp 122 +#define PEM_F_load_iv 123 #define PEM_R_BAD_BASE64_DECODE 100 #define PEM_R_BAD_DECRYPT 101 #define PEM_R_BAD_END_LINE 102 diff --git a/src/include/openssl/pkcs8.h b/src/include/openssl/pkcs8.h index bb6b03c..8dc7731 100644 --- a/src/include/openssl/pkcs8.h +++ b/src/include/openssl/pkcs8.h @@ -66,15 +66,13 @@ extern "C" { #endif -/* PKCS8_encrypt_pbe serializes and encrypts a PKCS8_PRIV_KEY_INFO with PBES1 or - * PBES2 as defined in PKCS #5. Only pbeWithSHAAnd128BitRC4, +/* PKCS8_encrypt_pbe serializes and encrypts a PKCS8_PRIV_KEY_INFO with PBES1 as + * defined in PKCS #5. Only pbeWithSHAAnd128BitRC4, * pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHA1And40BitRC2, defined in PKCS - * #12, and PBES2, are supported. PBES2 is selected by setting |cipher| and - * passing -1 for |pbe_nid|. Otherwise, PBES1 is used and |cipher| is ignored. - * - * The |pass_raw_len| bytes pointed to by |pass_raw| are used as the password. - * Note that any conversions from the password as supplied in a text string - * (such as those specified in B.1 of PKCS #12) must be performed by the caller. + * #12, are supported. The |pass_raw_len| bytes pointed to by |pass_raw| are + * used as the password. Note that any conversions from the password as + * supplied in a text string (such as those specified in B.1 of PKCS #12) must + * be performed by the caller. * * If |salt| is NULL, a random salt of |salt_len| bytes is generated. If * |salt_len| is zero, a default salt length is used instead. @@ -85,21 +83,19 @@ extern "C" { * TODO(davidben): Really? An X509_SIG? OpenSSL probably did that because it has * the same structure as EncryptedPrivateKeyInfo. */ OPENSSL_EXPORT X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, - const EVP_CIPHER *cipher, const uint8_t *pass_raw, size_t pass_raw_len, uint8_t *salt, size_t salt_len, int iterations, PKCS8_PRIV_KEY_INFO *p8inf); -/* PKCS8_decrypt_pbe decrypts and decodes a PKCS8_PRIV_KEY_INFO with PBES1 or - * PBES2 as defined in PKCS #5. Only pbeWithSHAAnd128BitRC4, - * pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHA1And40BitRC2, and PBES2, - * defined in PKCS #12, are supported. - * - * The |pass_raw_len| bytes pointed to by |pass_raw| are used as the password. - * Note that any conversions from the password as supplied in a text string - * (such as those specified in B.1 of PKCS #12) must be performed by the caller. +/* PKCS8_decrypt_pbe decrypts and decodes a PKCS8_PRIV_KEY_INFO with PBES1 as + * defined in PKCS #5. Only pbeWithSHAAnd128BitRC4, + * pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHA1And40BitRC2, defined in PKCS + * #12, are supported. The |pass_raw_len| bytes pointed to by |pass_raw| are + * used as the password. Note that any conversions from the password as + * supplied in a text string (such as those specified in B.1 of PKCS #12) must + * be performed by the caller. * * The resulting structure must be freed by the caller. */ OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *PKCS8_decrypt_pbe(X509_SIG *pkcs8, @@ -109,20 +105,18 @@ OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *PKCS8_decrypt_pbe(X509_SIG *pkcs8, /* Deprecated functions. */ -/* PKCS8_encrypt calls |PKCS8_encrypt_pbe| after (in the PKCS#12 case) treating - * |pass| as an ASCII string, appending U+0000, and converting to UCS-2. (So the - * empty password encodes as two NUL bytes.) In the PBES2 case, the password is - * unchanged. */ +/* PKCS8_encrypt calls PKCS8_encrypt_pbe after treating |pass| as an ASCII + * string, appending U+0000, and converting to UCS-2. (So the empty password + * encodes as two NUL bytes.) The |cipher| argument is ignored. */ OPENSSL_EXPORT X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass, int pass_len, uint8_t *salt, size_t salt_len, int iterations, PKCS8_PRIV_KEY_INFO *p8inf); -/* PKCS8_decrypt calls PKCS8_decrypt_pbe after (in the PKCS#12 case) treating - * |pass| as an ASCII string, appending U+0000, and converting to UCS-2. (So the - * empty password encodes as two NUL bytes.) In the PBES2 case, the password is - * unchanged. */ +/* PKCS8_decrypt calls PKCS8_decrypt_pbe after treating |pass| as an ASCII + * string, appending U+0000, and converting to UCS-2. (So the empty password + * encodes as two NUL bytes.) */ OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *pkcs8, const char *pass, int pass_len); @@ -176,6 +170,24 @@ OPENSSL_EXPORT void PKCS12_free(PKCS12 *p12); } /* extern C */ #endif +#define PKCS8_F_EVP_PKCS82PKEY 100 +#define PKCS8_F_EVP_PKEY2PKCS8 101 +#define PKCS8_F_PKCS12_get_key_and_certs 102 +#define PKCS8_F_PKCS12_handle_content_info 103 +#define PKCS8_F_PKCS12_handle_content_infos 104 +#define PKCS8_F_PKCS5_pbe2_set_iv 105 +#define PKCS8_F_PKCS5_pbe_set 106 +#define PKCS8_F_PKCS5_pbe_set0_algor 107 +#define PKCS8_F_PKCS5_pbkdf2_set 108 +#define PKCS8_F_PKCS8_decrypt 109 +#define PKCS8_F_PKCS8_encrypt 110 +#define PKCS8_F_PKCS8_encrypt_pbe 111 +#define PKCS8_F_pbe_cipher_init 112 +#define PKCS8_F_pbe_crypt 113 +#define PKCS8_F_pkcs12_item_decrypt_d2i 114 +#define PKCS8_F_pkcs12_item_i2d_encrypt 115 +#define PKCS8_F_pkcs12_key_gen_raw 116 +#define PKCS8_F_pkcs12_pbe_keyivgen 117 #define PKCS8_R_BAD_PKCS12_DATA 100 #define PKCS8_R_BAD_PKCS12_VERSION 101 #define PKCS8_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 102 @@ -201,11 +213,5 @@ OPENSSL_EXPORT void PKCS12_free(PKCS12 *p12); #define PKCS8_R_UNKNOWN_DIGEST 122 #define PKCS8_R_UNKNOWN_HASH 123 #define PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 124 -#define PKCS8_R_UNSUPPORTED_KEYLENGTH 125 -#define PKCS8_R_UNSUPPORTED_SALT_TYPE 126 -#define PKCS8_R_UNSUPPORTED_CIPHER 127 -#define PKCS8_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 128 -#define PKCS8_R_BAD_ITERATION_COUNT 129 -#define PKCS8_R_UNSUPPORTED_PRF 130 #endif /* OPENSSL_HEADER_PKCS8_H */ diff --git a/src/include/openssl/poly1305.h b/src/include/openssl/poly1305.h index 0da9f6e..aa90486 100644 --- a/src/include/openssl/poly1305.h +++ b/src/include/openssl/poly1305.h @@ -22,25 +22,22 @@ extern "C" { #endif -typedef uint8_t poly1305_state[512]; +typedef unsigned char poly1305_state[512]; /* poly1305_init sets up |state| so that it can be used to calculate an * authentication tag with the one-time key |key|. Note that |key| is a * one-time key and therefore there is no `reset' method because that would * enable several messages to be authenticated with the same key. */ -OPENSSL_EXPORT void CRYPTO_poly1305_init(poly1305_state* state, - const uint8_t key[32]); +extern void CRYPTO_poly1305_init(poly1305_state* state, const uint8_t key[32]); /* poly1305_update processes |in_len| bytes from |in|. It can be called zero or * more times after poly1305_init. */ -OPENSSL_EXPORT void CRYPTO_poly1305_update(poly1305_state* state, - const uint8_t* in, - size_t in_len); +extern void CRYPTO_poly1305_update(poly1305_state* state, const uint8_t* in, + size_t in_len); /* poly1305_finish completes the poly1305 calculation and writes a 16 byte * authentication tag to |mac|. The |mac| address must be 16-byte aligned. */ -OPENSSL_EXPORT void CRYPTO_poly1305_finish(poly1305_state* state, - uint8_t mac[16]); +extern void CRYPTO_poly1305_finish(poly1305_state* state, uint8_t mac[16]); #if defined(__cplusplus) diff --git a/src/include/openssl/rand.h b/src/include/openssl/rand.h index de1bd8d..300bf42 100644 --- a/src/include/openssl/rand.h +++ b/src/include/openssl/rand.h @@ -33,36 +33,6 @@ OPENSSL_EXPORT int RAND_bytes(uint8_t *buf, size_t len); OPENSSL_EXPORT void RAND_cleanup(void); -/* Obscure functions. */ - -#if !defined(OPENSSL_WINDOWS) -/* RAND_set_urandom_fd causes the module to use a copy of |fd| for system - * randomness rather opening /dev/urandom internally. The caller retains - * ownership of |fd| and is at liberty to close it at any time. This is useful - * if, due to a sandbox, /dev/urandom isn't available. If used, it must be - * called before the first call to |RAND_bytes|, and it is mutually exclusive - * with |RAND_enable_fork_unsafe_buffering|. - * - * |RAND_set_urandom_fd| does not buffer any entropy, so it is safe to call - * |fork| at any time after calling |RAND_set_urandom_fd|. */ -OPENSSL_EXPORT void RAND_set_urandom_fd(int fd); - -/* RAND_enable_fork_unsafe_buffering enables efficient buffered reading of - * /dev/urandom. It adds an overhead of a few KB of memory per thread. It must - * be called before the first call to |RAND_bytes| and it is mutually exclusive - * with calls to |RAND_set_urandom_fd|. - * - * If |fd| is non-negative then a copy of |fd| will be used rather than opening - * /dev/urandom internally. Like |RAND_set_urandom_fd|, the caller retains - * ownership of |fd|. If |fd| is negative then /dev/urandom will be opened and - * any error from open(2) crashes the address space. - * - * It has an unusual name because the buffer is unsafe across calls to |fork|. - * Hence, this function should never be called by libraries. */ -OPENSSL_EXPORT void RAND_enable_fork_unsafe_buffering(int fd); -#endif - - /* Deprecated functions */ /* RAND_pseudo_bytes is a wrapper around |RAND_bytes|. */ @@ -77,33 +47,12 @@ OPENSSL_EXPORT int RAND_load_file(const char *path, long num); /* RAND_add does nothing. */ OPENSSL_EXPORT void RAND_add(const void *buf, int num, double entropy); -/* RAND_egd returns 255. */ -OPENSSL_EXPORT int RAND_egd(const char *); - /* RAND_poll returns one. */ OPENSSL_EXPORT int RAND_poll(void); /* RAND_status returns one. */ OPENSSL_EXPORT int RAND_status(void); -/* rand_meth_st is typedefed to |RAND_METHOD| in base.h. It isn't used; it - * exists only to be the return type of |RAND_SSLeay|. It's - * external so that variables of this type can be initialized. */ -struct rand_meth_st { - void (*seed) (const void *buf, int num); - int (*bytes) (uint8_t *buf, size_t num); - void (*cleanup) (void); - void (*add) (const void *buf, int num, double entropy); - int (*pseudorand) (uint8_t *buf, size_t num); - int (*status) (void); -}; - -/* RAND_SSLeay returns a pointer to a dummy |RAND_METHOD|. */ -OPENSSL_EXPORT RAND_METHOD *RAND_SSLeay(void); - -/* RAND_set_rand_method does nothing. */ -OPENSSL_EXPORT void RAND_set_rand_method(const RAND_METHOD *); - #if defined(__cplusplus) } /* extern C */ diff --git a/src/include/openssl/rsa.h b/src/include/openssl/rsa.h index 2be50dc..9b415d7 100644 --- a/src/include/openssl/rsa.h +++ b/src/include/openssl/rsa.h @@ -59,7 +59,6 @@ #include <openssl/base.h> -#include <openssl/asn1.h> #include <openssl/engine.h> #include <openssl/ex_data.h> #include <openssl/thread.h> @@ -101,12 +100,6 @@ OPENSSL_EXPORT int RSA_up_ref(RSA *rsa); OPENSSL_EXPORT int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); -/* RSA_generate_multi_prime_key acts like |RSA_generate_key_ex| but can - * generate an RSA private key with more than two primes. */ -OPENSSL_EXPORT int RSA_generate_multi_prime_key(RSA *rsa, int bits, - int num_primes, BIGNUM *e, - BN_GENCB *cb); - /* Encryption / Decryption */ @@ -247,7 +240,7 @@ OPENSSL_EXPORT int RSA_verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, OPENSSL_EXPORT int RSA_private_encrypt(int flen, const uint8_t *from, uint8_t *to, RSA *rsa, int padding); -/* RSA_public_decrypt verifies |flen| bytes of signature from |from| using the +/* RSA_private_encrypt verifies |flen| bytes of signature from |from| using the * public key in |rsa| and writes the plaintext to |to|. The |to| buffer must * have at least |RSA_size| bytes of space. It returns the number of bytes * written, or -1 on error. The |padding| argument must be one of the @@ -273,7 +266,7 @@ OPENSSL_EXPORT int RSA_is_opaque(const RSA *rsa); * of type |md|. Otherwise it returns zero. */ OPENSSL_EXPORT int RSA_supports_digest(const RSA *rsa, const EVP_MD *md); -/* RSAPublicKey_dup allocates a fresh |RSA| and copies the public key from +/* RSAPublicKey_dup allocates a fresh |RSA| and copies the private key from * |rsa| into it. It returns the fresh |RSA| object, or NULL on error. */ OPENSSL_EXPORT RSA *RSAPublicKey_dup(const RSA *rsa); @@ -322,63 +315,36 @@ OPENSSL_EXPORT int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, uint8_t *EM, const EVP_MD *mgf1Hash, int sLen); -/* RSA_add_pkcs1_prefix builds a version of |msg| prefixed with the DigestInfo - * header for the given hash function and sets |out_msg| to point to it. On - * successful return, |*out_msg| may be allocated memory and, if so, - * |*is_alloced| will be 1. */ -OPENSSL_EXPORT int RSA_add_pkcs1_prefix(uint8_t **out_msg, size_t *out_msg_len, - int *is_alloced, int hash_nid, - const uint8_t *msg, size_t msg_len); - /* ASN.1 functions. */ -/* RSA_parse_public_key parses a DER-encoded RSAPublicKey structure (RFC 3447) - * from |cbs| and advances |cbs|. It returns a newly-allocated |RSA| or NULL on - * error. */ -OPENSSL_EXPORT RSA *RSA_parse_public_key(CBS *cbs); - -/* RSA_parse_public_key_buggy behaves like |RSA_parse_public_key|, but it - * tolerates some invalid encodings. Do not use this function. */ -OPENSSL_EXPORT RSA *RSA_parse_public_key_buggy(CBS *cbs); - -/* RSA_public_key_from_bytes parses |in| as a DER-encoded RSAPublicKey structure - * (RFC 3447). It returns a newly-allocated |RSA| or NULL on error. */ -OPENSSL_EXPORT RSA *RSA_public_key_from_bytes(const uint8_t *in, size_t in_len); - -/* RSA_marshal_public_key marshals |rsa| as a DER-encoded RSAPublicKey structure - * (RFC 3447) and appends the result to |cbb|. It returns one on success and - * zero on failure. */ -OPENSSL_EXPORT int RSA_marshal_public_key(CBB *cbb, const RSA *rsa); - -/* RSA_public_key_to_bytes marshals |rsa| as a DER-encoded RSAPublicKey - * structure (RFC 3447) and, on success, sets |*out_bytes| to a newly allocated - * buffer containing the result and returns one. Otherwise, it returns zero. The - * result should be freed with |OPENSSL_free|. */ -OPENSSL_EXPORT int RSA_public_key_to_bytes(uint8_t **out_bytes, size_t *out_len, - const RSA *rsa); - -/* RSA_parse_private_key parses a DER-encoded RSAPrivateKey structure (RFC 3447) - * from |cbs| and advances |cbs|. It returns a newly-allocated |RSA| or NULL on - * error. */ -OPENSSL_EXPORT RSA *RSA_parse_private_key(CBS *cbs); - -/* RSA_private_key_from_bytes parses |in| as a DER-encoded RSAPrivateKey - * structure (RFC 3447). It returns a newly-allocated |RSA| or NULL on error. */ -OPENSSL_EXPORT RSA *RSA_private_key_from_bytes(const uint8_t *in, - size_t in_len); - -/* RSA_marshal_private_key marshals |rsa| as a DER-encoded RSAPrivateKey - * structure (RFC 3447) and appends the result to |cbb|. It returns one on - * success and zero on failure. */ -OPENSSL_EXPORT int RSA_marshal_private_key(CBB *cbb, const RSA *rsa); - -/* RSA_private_key_to_bytes marshals |rsa| as a DER-encoded RSAPrivateKey - * structure (RFC 3447) and, on success, sets |*out_bytes| to a newly allocated - * buffer containing the result and returns one. Otherwise, it returns zero. The - * result should be freed with |OPENSSL_free|. */ -OPENSSL_EXPORT int RSA_private_key_to_bytes(uint8_t **out_bytes, - size_t *out_len, const RSA *rsa); +/* d2i_RSAPublicKey parses an ASN.1, DER-encoded, RSA public key from |len| + * bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result + * is in |*out|. If |*out| is already non-NULL on entry then the result is + * written directly into |*out|, otherwise a fresh |RSA| is allocated. On + * successful exit, |*inp| is advanced past the DER structure. It returns the + * result or NULL on error. */ +OPENSSL_EXPORT RSA *d2i_RSAPublicKey(RSA **out, const uint8_t **inp, long len); + +/* i2d_RSAPublicKey marshals |in| to an ASN.1, DER structure. If |outp| is not + * NULL then the result is written to |*outp| and |*outp| is advanced just past + * the output. It returns the number of bytes in the result, whether written or + * not, or a negative value on error. */ +OPENSSL_EXPORT int i2d_RSAPublicKey(const RSA *in, uint8_t **outp); + +/* d2i_RSAPrivateKey parses an ASN.1, DER-encoded, RSA private key from |len| + * bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result + * is in |*out|. If |*out| is already non-NULL on entry then the result is + * written directly into |*out|, otherwise a fresh |RSA| is allocated. On + * successful exit, |*inp| is advanced past the DER structure. It returns the + * result or NULL on error. */ +OPENSSL_EXPORT RSA *d2i_RSAPrivateKey(RSA **out, const uint8_t **inp, long len); + +/* i2d_RSAPrivateKey marshals |in| to an ASN.1, DER structure. If |outp| is not + * NULL then the result is written to |*outp| and |*outp| is advanced just past + * the output. It returns the number of bytes in the result, whether written or + * not, or a negative value on error. */ +OPENSSL_EXPORT int i2d_RSAPrivateKey(const RSA *in, uint8_t **outp); /* ex_data functions. @@ -392,9 +358,6 @@ OPENSSL_EXPORT int RSA_get_ex_new_index(long argl, void *argp, OPENSSL_EXPORT int RSA_set_ex_data(RSA *r, int idx, void *arg); OPENSSL_EXPORT void *RSA_get_ex_data(const RSA *r, int idx); - -/* Flags. */ - /* RSA_FLAG_OPAQUE specifies that this RSA_METHOD does not expose its key * material. This may be set if, for instance, it is wrapping some other crypto * API, like a platform key store. */ @@ -432,50 +395,6 @@ OPENSSL_EXPORT void *RSA_get_ex_data(const RSA *r, int idx); /* RSA_blinding_on returns one. */ OPENSSL_EXPORT int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); -/* RSA_generate_key behaves like |RSA_generate_key_ex|, which is what you - * should use instead. It returns NULL on error, or a newly-allocated |RSA| on - * success. This function is provided for compatibility only. The |callback| - * and |cb_arg| parameters must be NULL. */ -OPENSSL_EXPORT RSA *RSA_generate_key(int bits, unsigned long e, void *callback, - void *cb_arg); - -/* d2i_RSAPublicKey parses an ASN.1, DER-encoded, RSA public key from |len| - * bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result - * is in |*out|. If |*out| is already non-NULL on entry then the result is - * written directly into |*out|, otherwise a fresh |RSA| is allocated. On - * successful exit, |*inp| is advanced past the DER structure. It returns the - * result or NULL on error. */ -OPENSSL_EXPORT RSA *d2i_RSAPublicKey(RSA **out, const uint8_t **inp, long len); - -/* i2d_RSAPublicKey marshals |in| to an ASN.1, DER structure. If |outp| is not - * NULL then the result is written to |*outp| and |*outp| is advanced just past - * the output. It returns the number of bytes in the result, whether written or - * not, or a negative value on error. */ -OPENSSL_EXPORT int i2d_RSAPublicKey(const RSA *in, uint8_t **outp); - -/* d2i_RSAPrivateKey parses an ASN.1, DER-encoded, RSA private key from |len| - * bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result - * is in |*out|. If |*out| is already non-NULL on entry then the result is - * written directly into |*out|, otherwise a fresh |RSA| is allocated. On - * successful exit, |*inp| is advanced past the DER structure. It returns the - * result or NULL on error. */ -OPENSSL_EXPORT RSA *d2i_RSAPrivateKey(RSA **out, const uint8_t **inp, long len); - -/* i2d_RSAPrivateKey marshals |in| to an ASN.1, DER structure. If |outp| is not - * NULL then the result is written to |*outp| and |*outp| is advanced just past - * the output. It returns the number of bytes in the result, whether written or - * not, or a negative value on error. */ -OPENSSL_EXPORT int i2d_RSAPrivateKey(const RSA *in, uint8_t **outp); - -typedef struct rsa_pss_params_st { - X509_ALGOR *hashAlgorithm; - X509_ALGOR *maskGenAlgorithm; - ASN1_INTEGER *saltLength; - ASN1_INTEGER *trailerField; -} RSA_PSS_PARAMS; - -DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS) - struct rsa_meth_st { struct openssl_method_common_st common; @@ -531,9 +450,6 @@ struct rsa_meth_st { int (*keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); - int (*multi_prime_keygen)(RSA *rsa, int bits, int num_primes, BIGNUM *e, - BN_GENCB *cb); - /* supports_digest returns one if |rsa| supports digests of type * |md|. If null, it is assumed that all digests are supported. */ int (*supports_digest)(const RSA *rsa, const EVP_MD *md); @@ -545,6 +461,8 @@ struct rsa_meth_st { typedef struct bn_blinding_st BN_BLINDING; struct rsa_st { + /* version is only used during ASN.1 (de)serialisation. */ + long version; RSA_METHOD *meth; BIGNUM *n; @@ -555,9 +473,6 @@ struct rsa_st { BIGNUM *dmp1; BIGNUM *dmq1; BIGNUM *iqmp; - - STACK_OF(RSA_additional_prime) *additional_primes; - /* be careful using this if the RSA structure is shared */ CRYPTO_EX_DATA ex_data; CRYPTO_refcount_t references; @@ -587,6 +502,34 @@ struct rsa_st { } /* extern C */ #endif +#define RSA_F_BN_BLINDING_convert_ex 100 +#define RSA_F_BN_BLINDING_create_param 101 +#define RSA_F_BN_BLINDING_invert_ex 102 +#define RSA_F_BN_BLINDING_new 103 +#define RSA_F_BN_BLINDING_update 104 +#define RSA_F_RSA_check_key 105 +#define RSA_F_RSA_new_method 106 +#define RSA_F_RSA_padding_add_PKCS1_OAEP_mgf1 107 +#define RSA_F_RSA_padding_add_PKCS1_PSS_mgf1 108 +#define RSA_F_RSA_padding_add_PKCS1_type_1 109 +#define RSA_F_RSA_padding_add_PKCS1_type_2 110 +#define RSA_F_RSA_padding_add_none 111 +#define RSA_F_RSA_padding_check_PKCS1_OAEP_mgf1 112 +#define RSA_F_RSA_padding_check_PKCS1_type_1 113 +#define RSA_F_RSA_padding_check_PKCS1_type_2 114 +#define RSA_F_RSA_padding_check_none 115 +#define RSA_F_RSA_recover_crt_params 116 +#define RSA_F_RSA_sign 117 +#define RSA_F_RSA_verify 118 +#define RSA_F_RSA_verify_PKCS1_PSS_mgf1 119 +#define RSA_F_decrypt 120 +#define RSA_F_encrypt 121 +#define RSA_F_keygen 122 +#define RSA_F_pkcs1_prefixed_msg 123 +#define RSA_F_private_transform 124 +#define RSA_F_rsa_setup_blinding 125 +#define RSA_F_sign_raw 126 +#define RSA_F_verify_raw 127 #define RSA_R_BAD_E_VALUE 100 #define RSA_R_BAD_FIXED_HEADER_DECRYPT 101 #define RSA_R_BAD_PAD_BYTE_COUNT 102 @@ -628,10 +571,5 @@ struct rsa_st { #define RSA_R_UNKNOWN_PADDING_TYPE 138 #define RSA_R_VALUE_MISSING 139 #define RSA_R_WRONG_SIGNATURE_LENGTH 140 -#define RSA_R_MUST_HAVE_AT_LEAST_TWO_PRIMES 141 -#define RSA_R_CANNOT_RECOVER_MULTI_PRIME_KEY 142 -#define RSA_R_BAD_ENCODING 143 -#define RSA_R_ENCODE_ERROR 144 -#define RSA_R_BAD_VERSION 145 #endif /* OPENSSL_HEADER_RSA_H */ diff --git a/src/include/openssl/srtp.h b/src/include/openssl/srtp.h index 39f6a85..3f5a53e 100644 --- a/src/include/openssl/srtp.h +++ b/src/include/openssl/srtp.h @@ -1,18 +1,178 @@ -/* Copyright (c) 2015, Google Inc. +/* ssl/tls1.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +/* ==================================================================== + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +/* + DTLS code by Eric Rescorla <ekr@rtfm.com> + + Copyright (C) 2006, Network Resonance, Inc. + Copyright (C) 2011, RTFM, Inc. +*/ + +#ifndef OPENSSL_HEADER_SRTP_H +#define OPENSSL_HEADER_SRTP_H + +#ifdef __cplusplus +extern "C" { +#endif + + +/* Constants for SRTP profiles */ +#define SRTP_AES128_CM_SHA1_80 0x0001 +#define SRTP_AES128_CM_SHA1_32 0x0002 +#define SRTP_AES128_F8_SHA1_80 0x0003 +#define SRTP_AES128_F8_SHA1_32 0x0004 +#define SRTP_NULL_SHA1_80 0x0005 +#define SRTP_NULL_SHA1_32 0x0006 + +/* SSL_CTX_set_srtp_profiles enables SRTP for all SSL objects created from + * |ctx|. |profile| contains a colon-separated list of profile names. It returns + * one on success and zero on failure. */ +OPENSSL_EXPORT int SSL_CTX_set_srtp_profiles(SSL_CTX *ctx, + const char *profiles); + +/* SSL_set_srtp_profiles enables SRTP for |ssl|. |profile| contains a + * colon-separated list of profile names. It returns one on success and zero on + * failure. */ +OPENSSL_EXPORT int SSL_set_srtp_profiles(SSL *ctx, const char *profiles); + +/* SSL_get_srtp_profiles returns the SRTP profiles supported by |ssl|. */ +OPENSSL_EXPORT STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles( + SSL *ssl); + +/* SSL_get_selected_srtp_profile returns the selected SRTP profile, or NULL if + * SRTP was not negotiated. */ +OPENSSL_EXPORT const SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile( + SSL *s); + + +/* Deprecated functions */ + +/* SSL_CTX_set_tlsext_use_srtp calls SSL_CTX_set_srtp_profiles. It returns zero + * on success and one on failure. + * + * WARNING: this function is dangerous because it breaks the usual return value + * convention. Use SSL_CTX_set_srtp_profiles instead. */ +OPENSSL_EXPORT int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, + const char *profiles); + +/* SSL_set_tlsext_use_srtp calls SSL_set_srtp_profiles. It returns zero on + * success and one on failure. + * + * WARNING: this function is dangerous because it breaks the usual return value + * convention. Use SSL_set_srtp_profiles instead. */ +OPENSSL_EXPORT int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles); + + +#ifdef __cplusplus +} /* extern C */ +#endif -/* This header is provided in order to make compiling against code that expects - OpenSSL easier. */ +#endif /* OPENSSL_HEADER_SRTP_H */ -#include "ssl.h" diff --git a/src/include/openssl/ssl.h b/src/include/openssl/ssl.h index 24bdf8e..217dbaf 100644 --- a/src/include/openssl/ssl.h +++ b/src/include/openssl/ssl.h @@ -179,9 +179,32 @@ extern "C" { OPENSSL_EXPORT int SSL_library_init(void); -/* Cipher suites. - * - * |SSL_CIPHER| objects represent cipher suites. */ +/* Cipher suites. */ + +/* An SSL_CIPHER represents a cipher suite. */ +typedef struct ssl_cipher_st { + /* name is the OpenSSL name for the cipher. */ + const char *name; + /* id is the cipher suite value bitwise OR-d with 0x03000000. */ + uint32_t id; + + /* The following are internal fields. See ssl/internal.h for their values. */ + + uint32_t algorithm_mkey; + uint32_t algorithm_auth; + uint32_t algorithm_enc; + uint32_t algorithm_mac; + uint32_t algorithm_ssl; + uint32_t algo_strength; + + /* algorithm2 contains extra flags. See ssl/internal.h. */ + uint32_t algorithm2; + + /* strength_bits is the strength of the cipher in bits. */ + int strength_bits; + /* alg_bits is the number of bits of key material used by the algorithm. */ + int alg_bits; +} SSL_CIPHER; DECLARE_STACK_OF(SSL_CIPHER) @@ -208,15 +231,6 @@ OPENSSL_EXPORT int SSL_CIPHER_is_AESGCM(const SSL_CIPHER *cipher); * CHACHA20_POLY1305. */ OPENSSL_EXPORT int SSL_CIPHER_is_CHACHA20POLY1305(const SSL_CIPHER *cipher); -/* SSL_CIPHER_is_NULL returns one if |cipher| does not encrypt. */ -OPENSSL_EXPORT int SSL_CIPHER_is_NULL(const SSL_CIPHER *cipher); - -/* SSL_CIPHER_is_RC4 returns one if |cipher| uses RC4. */ -OPENSSL_EXPORT int SSL_CIPHER_is_RC4(const SSL_CIPHER *cipher); - -/* SSL_CIPHER_is_block_cipher returns one if |cipher| is a block cipher. */ -OPENSSL_EXPORT int SSL_CIPHER_is_block_cipher(const SSL_CIPHER *cipher); - /* SSL_CIPHER_get_name returns the OpenSSL name of |cipher|. */ OPENSSL_EXPORT const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher); @@ -237,15 +251,10 @@ OPENSSL_EXPORT int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *out_alg_bits); -/* SSL contexts. - * - * |SSL_CTX| objects manage shared state and configuration between multiple TLS - * or DTLS connections. Whether the connections are TLS or DTLS is selected by - * an |SSL_METHOD| on creation. - * - * |SSL_CTX| are reference-counted and may be shared by connections across - * multiple threads. Once shared, functions which change the |SSL_CTX|'s - * configuration may not be used. */ +/* SSL contexts. */ + +/* An SSL_METHOD selects whether to use TLS or DTLS. */ +typedef struct ssl_method_st SSL_METHOD; /* TLS_method is the |SSL_METHOD| used for TLS (and SSLv3) connections. */ OPENSSL_EXPORT const SSL_METHOD *TLS_method(void); @@ -254,22 +263,20 @@ OPENSSL_EXPORT const SSL_METHOD *TLS_method(void); OPENSSL_EXPORT const SSL_METHOD *DTLS_method(void); /* SSL_CTX_new returns a newly-allocated |SSL_CTX| with default settings or NULL - * on error. */ + * on error. An |SSL_CTX| manages shared state and configuration between + * multiple TLS or DTLS connections. */ OPENSSL_EXPORT SSL_CTX *SSL_CTX_new(const SSL_METHOD *method); /* SSL_CTX_free releases memory associated with |ctx|. */ OPENSSL_EXPORT void SSL_CTX_free(SSL_CTX *ctx); -/* SSL connections. - * - * An |SSL| object represents a single TLS or DTLS connection. Although the - * shared |SSL_CTX| is thread-safe, an |SSL| is not thread-safe and may only be - * used on one thread at a time. */ +/* SSL connections. */ -/* SSL_new returns a newly-allocated |SSL| using |ctx| or NULL on error. The new - * connection inherits settings from |ctx| at the time of creation. Settings may - * also be individually configured on the connection. +/* SSL_new returns a newly-allocated |SSL| using |ctx| or NULL on error. An + * |SSL| object represents a single TLS or DTLS connection. It inherits settings + * from |ctx| at the time of creation. Settings may also be individually + * configured on the connection. * * On creation, an |SSL| is not configured to be either a client or server. Call * |SSL_set_connect_state| or |SSL_set_accept_state| to set this. */ @@ -284,183 +291,9 @@ OPENSSL_EXPORT void SSL_set_connect_state(SSL *ssl); /* SSL_set_accept_state configures |ssl| to be a server. */ OPENSSL_EXPORT void SSL_set_accept_state(SSL *ssl); -/* SSL_is_server returns one if |ssl| is configured as a server and zero - * otherwise. */ -OPENSSL_EXPORT int SSL_is_server(SSL *ssl); - -/* SSL_set_bio configures |ssl| to read from |rbio| and write to |wbio|. |ssl| - * takes ownership of the two |BIO|s. If |rbio| and |wbio| are the same, |ssl| - * only takes ownership of one reference. - * - * Calling this function on an already-configured |ssl| is deprecated. */ -OPENSSL_EXPORT void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio); - -/* SSL_get_rbio returns the |BIO| that |ssl| reads from. */ -OPENSSL_EXPORT BIO *SSL_get_rbio(const SSL *ssl); - -/* SSL_get_wbio returns the |BIO| that |ssl| writes to. */ -OPENSSL_EXPORT BIO *SSL_get_wbio(const SSL *ssl); - -/* SSL_do_handshake continues the current handshake. If there is none or the - * handshake has completed or False Started, it returns one. Otherwise, it - * returns <= 0. The caller should pass the value into |SSL_get_error| to - * determine how to proceed. - * - * TODO(davidben): Ensure 0 is only returned on transport EOF. - * https://crbug.com/466303. */ -OPENSSL_EXPORT int SSL_do_handshake(SSL *ssl); - -/* SSL_connect configures |ssl| as a client, if unconfigured, and calls - * |SSL_do_handshake|. */ -OPENSSL_EXPORT int SSL_connect(SSL *ssl); - -/* SSL_accept configures |ssl| as a server, if unconfigured, and calls - * |SSL_do_handshake|. */ -OPENSSL_EXPORT int SSL_accept(SSL *ssl); - -/* SSL_read reads up to |num| bytes from |ssl| into |buf|. It implicitly runs - * any pending handshakes, including renegotiations when enabled. On success, it - * returns the number of bytes read. Otherwise, it returns <= 0. The caller - * should pass the value into |SSL_get_error| to determine how to proceed. - * - * TODO(davidben): Ensure 0 is only returned on transport EOF. - * https://crbug.com/466303. */ -OPENSSL_EXPORT int SSL_read(SSL *ssl, void *buf, int num); - -/* SSL_peek behaves like |SSL_read| but does not consume any bytes returned. */ -OPENSSL_EXPORT int SSL_peek(SSL *ssl, void *buf, int num); - -/* SSL_write writes up to |num| bytes from |buf| into |ssl|. It implicitly runs - * any pending handshakes, including renegotiations when enabled. On success, it - * returns the number of bytes read. Otherwise, it returns <= 0. The caller - * should pass the value into |SSL_get_error| to determine how to proceed. - * - * A non-blocking |SSL_write| differs from non-blocking |write| in that a failed - * |SSL_write| still commits to the data passed in. When retrying, the caller - * must supply the original write buffer (or a larger one containing the - * original as a prefix). By default, retries will fail if they also do not - * reuse the same |buf| pointer. This may be relaxed with - * |SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER|, but the buffer contents still must be - * unchanged. - * - * By default, |SSL_write| will not return success until all |num| bytes are - * written. This may be relaxed with |SSL_MODE_ENABLE_PARTIAL_WRITE|. It allows - * |SSL_write| to complete with a partial result when only part of the input was - * written in a single record. - * - * TODO(davidben): Ensure 0 is only returned on transport EOF. - * https://crbug.com/466303. */ -OPENSSL_EXPORT int SSL_write(SSL *ssl, const void *buf, int num); - -/* SSL_shutdown shuts down |ssl|. On success, it completes in two stages. First, - * it returns 0 if |ssl| completed uni-directional shutdown; close_notify has - * been sent, but the peer's close_notify has not been received. Most callers - * may stop at this point. For bi-directional shutdown, call |SSL_shutdown| - * again. It returns 1 if close_notify has been both sent and received. - * - * If the peer's close_notify arrived first, the first stage is skipped. - * |SSL_shutdown| will return 1 once close_notify is sent and skip 0. Callers - * only interested in uni-directional shutdown must therefore allow for the - * first stage returning either 0 or 1. - * - * |SSL_shutdown| returns -1 on failure. The caller should pass the return value - * into |SSL_get_error| to determine how to proceed. If the underlying |BIO| is - * non-blocking, both stages may require retry. - * - * |SSL_shutdown| must be called to retain |ssl|'s session in the session - * cache. Use |SSL_CTX_set_quiet_shutdown| to configure |SSL_shutdown| to - * neither send nor wait for close_notify but still retain the session. - * - * TODO(davidben): Is there any point in the session cache interaction? Remove - * it? */ -OPENSSL_EXPORT int SSL_shutdown(SSL *ssl); - -/* SSL_get_error returns a |SSL_ERROR_*| value for the most recent operation on - * |ssl|. It should be called after an operation failed to determine. */ -OPENSSL_EXPORT int SSL_get_error(const SSL *ssl, int ret_code); - -/* SSL_ERROR_NONE indicates the operation succeeded. */ -#define SSL_ERROR_NONE 0 - -/* SSL_ERROR_SSL indicates the operation failed within the library. The caller - * may inspect the error queue for more information. */ -#define SSL_ERROR_SSL 1 - -/* SSL_ERROR_WANT_READ indicates the operation failed attempting to read from - * the transport. The caller may retry the operation when the transport is ready - * for reading. */ -#define SSL_ERROR_WANT_READ 2 - -/* SSL_ERROR_WANT_READ indicates the operation failed attempting to write to - * the transport. The caller may retry the operation when the transport is ready - * for writing. */ -#define SSL_ERROR_WANT_WRITE 3 - -/* SSL_ERROR_WANT_X509_LOOKUP indicates the operation failed in calling the - * |cert_cb| or |client_cert_cb|. The caller may retry the operation when the - * callback is ready to return a certificate or one has been configured - * externally. - * - * See also |SSL_CTX_set_cert_cb| and |SSL_CTX_set_client_cert_cb|. */ -#define SSL_ERROR_WANT_X509_LOOKUP 4 - -/* SSL_ERROR_WANT_SYSCALL indicates the operation failed externally to the - * library. The caller should consult the system-specific error mechanism. This - * is typically |errno| but may be something custom if using a custom |BIO|. It - * may also be signaled if the transport returned EOF, in which case the - * operation's return value will be zero. */ -#define SSL_ERROR_SYSCALL 5 - -/* SSL_ERROR_ZERO_RETURN indicates the operation failed because the connection - * was cleanly shut down with a close_notify alert. */ -#define SSL_ERROR_ZERO_RETURN 6 - -/* SSL_ERROR_WANT_CONNECT indicates the operation failed attempting to connect - * the transport (the |BIO| signaled |BIO_RR_CONNECT|). The caller may retry the - * operation when the transport is ready. */ -#define SSL_ERROR_WANT_CONNECT 7 - -/* SSL_ERROR_WANT_ACCEPT indicates the operation failed attempting to accept a - * connection from the transport (the |BIO| signaled |BIO_RR_ACCEPT|). The - * caller may retry the operation when the transport is ready. - * - * TODO(davidben): Remove this. It's used by accept BIOs which are bizarre. */ -#define SSL_ERROR_WANT_ACCEPT 8 - -/* SSL_ERROR_WANT_CHANNEL_ID_LOOKUP indicates the operation failed looking up - * the Channel ID key. The caller may retry the operation when |channel_id_cb| - * is ready to return a key or one has been configured with - * |SSL_set1_tls_channel_id|. - * - * See also |SSL_CTX_set_channel_id_cb|. */ -#define SSL_ERROR_WANT_CHANNEL_ID_LOOKUP 9 - -/* SSL_ERROR_PENDING_SESSION indicates the operation failed because the session - * lookup callback indicated the session was unavailable. The caller may retry - * the operation when lookup has completed. - * - * See also |SSL_CTX_sess_set_get_cb| and |SSL_magic_pending_session_ptr|. */ -#define SSL_ERROR_PENDING_SESSION 11 - -/* SSL_ERROR_PENDING_CERTIFICATE indicates the operation failed because the - * early callback indicated certificate lookup was incomplete. The caller may - * retry the operation when lookup has completed. Note: when the operation is - * retried, the early callback will not be called a second time. - * - * See also |select_certificate_cb| on |SSL_CTX|. */ -#define SSL_ERROR_PENDING_CERTIFICATE 12 - -/* SSL_ERROR_WANT_PRIVATE_KEY_OPERATION indicates the operation failed because - * a private key operation was unfinished. The caller may retry the operation - * when the private key operation is complete. - * - * See also |SSL_set_private_key_method|. */ -#define SSL_ERROR_WANT_PRIVATE_KEY_OPERATION 13 - /* Protocol versions. */ -#define DTLS1_VERSION_MAJOR 0xfe #define SSL3_VERSION_MAJOR 0x03 #define SSL3_VERSION 0x0300 @@ -487,11 +320,6 @@ OPENSSL_EXPORT void SSL_set_min_version(SSL *ssl, uint16_t version); * |version|. */ OPENSSL_EXPORT void SSL_set_max_version(SSL *ssl, uint16_t version); -/* SSL_version returns the TLS or DTLS protocol version used by |ssl|, which is - * one of the |*_VERSION| values. (E.g. |TLS1_2_VERSION|.) Before the version - * is negotiated, the result is undefined. */ -OPENSSL_EXPORT int SSL_version(const SSL *ssl); - /* Options. * @@ -518,14 +346,41 @@ OPENSSL_EXPORT int SSL_version(const SSL *ssl); * |BIO|. Instead, the MTU is configured with |SSL_set_mtu|. */ #define SSL_OP_NO_QUERY_MTU 0x00001000L -/* SSL_OP_NO_TICKET disables session ticket support (RFC 5077). */ +/* SSL_OP_NO_TICKET disables session ticket support (RFC 4507). */ #define SSL_OP_NO_TICKET 0x00004000L +/* SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION permits unsafe legacy renegotiation + * without renegotiation_info (RFC 5746) support. */ +#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L + /* SSL_OP_CIPHER_SERVER_PREFERENCE configures servers to select ciphers and * ECDHE curves according to the server's preferences instead of the * client's. */ #define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L +/* The following flags toggle individual protocol versions. This is deprecated. + * Use |SSL_CTX_set_min_version| and |SSL_CTX_set_max_version| instead. */ +#define SSL_OP_NO_SSLv3 0x02000000L +#define SSL_OP_NO_TLSv1 0x04000000L +#define SSL_OP_NO_TLSv1_2 0x08000000L +#define SSL_OP_NO_TLSv1_1 0x10000000L +#define SSL_OP_NO_DTLSv1 SSL_OP_NO_TLSv1 +#define SSL_OP_NO_DTLSv1_2 SSL_OP_NO_TLSv1_2 + +/* The following flags do nothing and are included only to make it easier to + * compile code with BoringSSL. */ +#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0 +#define SSL_OP_MICROSOFT_SESS_ID_BUG 0 +#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0 +#define SSL_OP_NO_COMPRESSION 0 +#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0 +#define SSL_OP_NO_SSLv2 0 +#define SSL_OP_SINGLE_DH_USE 0 +#define SSL_OP_SINGLE_ECDH_USE 0 +#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0 +#define SSL_OP_TLS_BLOCK_PADDING_BUG 0 +#define SSL_OP_TLS_ROLLBACK_BUG 0 + /* SSL_CTX_set_options enables all options set in |options| (which should be one * or more of the |SSL_OP_*| values, ORed together) in |ctx|. It returns a * bitmask representing the resulting enabled options. */ @@ -579,6 +434,10 @@ OPENSSL_EXPORT uint32_t SSL_get_options(const SSL *ssl); * in one RTT. See draft-bmoeller-tls-falsestart-01. */ #define SSL_MODE_ENABLE_FALSE_START 0x00000080L +/* Deprecated: SSL_MODE_HANDSHAKE_CUTTHROUGH is the same as + * SSL_MODE_ENABLE_FALSE_START. */ +#define SSL_MODE_HANDSHAKE_CUTTHROUGH SSL_MODE_ENABLE_FALSE_START + /* SSL_MODE_CBC_RECORD_SPLITTING causes multi-byte CBC records in SSL 3.0 and * TLS 1.0 to be split in two: the first record will contain a single byte and * the second will contain the remainder. This effectively randomises the IV and @@ -592,12 +451,21 @@ OPENSSL_EXPORT uint32_t SSL_get_options(const SSL *ssl); /* SSL_MODE_SEND_FALLBACK_SCSV sends TLS_FALLBACK_SCSV in the ClientHello. * To be set only by applications that reconnect with a downgraded protocol - * version; see RFC 7507 for details. + * version; see https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-05 + * for details. * * DO NOT ENABLE THIS if your application attempts a normal handshake. Only use - * this in explicit fallback retries, following the guidance in RFC 7507. */ + * this in explicit fallback retries, following the guidance in + * draft-ietf-tls-downgrade-scsv-05. */ #define SSL_MODE_SEND_FALLBACK_SCSV 0x00000400L +/* The following flags do nothing and are included only to make it easier to + * compile code with BoringSSL. */ +#define SSL_MODE_AUTO_RETRY 0 +#define SSL_MODE_RELEASE_BUFFERS 0 +#define SSL_MODE_SEND_CLIENTHELLO_TIME 0 +#define SSL_MODE_SEND_SERVERHELLO_TIME 0 + /* SSL_CTX_set_mode enables all modes set in |mode| (which should be one or more * of the |SSL_MODE_*| values, ORed together) in |ctx|. It returns a bitmask * representing the resulting enabled modes. */ @@ -627,309 +495,8 @@ OPENSSL_EXPORT uint32_t SSL_clear_mode(SSL *ssl, uint32_t mode); OPENSSL_EXPORT uint32_t SSL_get_mode(const SSL *ssl); -/* Configuring certificates and private keys. - * - * These functions configure the connection's leaf certificate, private key, and - * certificate chain. The certificate chain is ordered leaf to root (as sent on - * the wire) but does not include the leaf. Both client and server certificates - * use these functions. - * - * Certificates and keys may be configured before the handshake or dynamically - * in the early callback and certificate callback. */ - -/* SSL_CTX_use_certificate sets |ctx|'s leaf certificate to |x509|. It returns - * one on success and zero on failure. */ -OPENSSL_EXPORT int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x509); - -/* SSL_use_certificate sets |ssl|'s leaf certificate to |x509|. It returns one - * on success and zero on failure. */ -OPENSSL_EXPORT int SSL_use_certificate(SSL *ssl, X509 *x509); - -/* SSL_CTX_use_PrivateKey sets |ctx|'s private key to |pkey|. It returns one on - * success and zero on failure. */ -OPENSSL_EXPORT int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); - -/* SSL_use_PrivateKey sets |ssl|'s private key to |pkey|. It returns one on - * success and zero on failure. */ -OPENSSL_EXPORT int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey); - -/* SSL_CTX_set0_chain sets |ctx|'s certificate chain, excluding the leaf, to - * |chain|. On success, it returns one and takes ownership of |chain|. - * Otherwise, it returns zero. */ -OPENSSL_EXPORT int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *chain); - -/* SSL_CTX_set1_chain sets |ctx|'s certificate chain, excluding the leaf, to - * |chain|. It returns one on success and zero on failure. The caller retains - * ownership of |chain| and may release it freely. */ -OPENSSL_EXPORT int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *chain); - -/* SSL_set0_chain sets |ssl|'s certificate chain, excluding the leaf, to - * |chain|. On success, it returns one and takes ownership of |chain|. - * Otherwise, it returns zero. */ -OPENSSL_EXPORT int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *chain); - -/* SSL_set1_chain sets |ssl|'s certificate chain, excluding the leaf, to - * |chain|. It returns one on success and zero on failure. The caller retains - * ownership of |chain| and may release it freely. */ -OPENSSL_EXPORT int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *chain); - -/* SSL_CTX_add0_chain_cert appends |x509| to |ctx|'s certificate chain. On - * success, it returns one and takes ownership of |x509|. Otherwise, it returns - * zero. */ -OPENSSL_EXPORT int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509); - -/* SSL_CTX_add1_chain_cert appends |x509| to |ctx|'s certificate chain. It - * returns one on success and zero on failure. The caller retains ownership of - * |x509| and may release it freely. */ -OPENSSL_EXPORT int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509); - -/* SSL_add0_chain_cert appends |x509| to |ctx|'s certificate chain. On success, - * it returns one and takes ownership of |x509|. Otherwise, it returns zero. */ -OPENSSL_EXPORT int SSL_add0_chain_cert(SSL *ssl, X509 *x509); - -/* SSL_CTX_add_extra_chain_cert calls |SSL_CTX_add0_chain_cert|. */ -OPENSSL_EXPORT int SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509); - -/* SSL_add1_chain_cert appends |x509| to |ctx|'s certificate chain. It returns - * one on success and zero on failure. The caller retains ownership of |x509| - * and may release it freely. */ -OPENSSL_EXPORT int SSL_add1_chain_cert(SSL *ssl, X509 *x509); - -/* SSL_CTX_clear_chain_certs clears |ctx|'s certificate chain and returns - * one. */ -OPENSSL_EXPORT int SSL_CTX_clear_chain_certs(SSL_CTX *ctx); - -/* SSL_CTX_clear_extra_chain_certs calls |SSL_CTX_clear_chain_certs|. */ -OPENSSL_EXPORT int SSL_CTX_clear_extra_chain_certs(SSL_CTX *ctx); - -/* SSL_clear_chain_certs clears |ssl|'s certificate chain and returns one. */ -OPENSSL_EXPORT int SSL_clear_chain_certs(SSL *ssl); - -/* SSL_CTX_set_cert_cb sets a callback that is called to select a certificate. - * The callback returns one on success, zero on internal error, and a negative - * number on failure or to pause the handshake. If the handshake is paused, - * |SSL_get_error| will return |SSL_ERROR_WANT_X509_LOOKUP|. */ -OPENSSL_EXPORT void SSL_CTX_set_cert_cb(SSL_CTX *ctx, - int (*cb)(SSL *ssl, void *arg), - void *arg); - -/* SSL_set_cert_cb sets a callback that is called to select a certificate. The - * callback returns one on success, zero on internal error, and a negative - * number on failure or to pause the handshake. If the handshake is paused, - * |SSL_get_error| will return |SSL_ERROR_WANT_X509_LOOKUP|. */ -OPENSSL_EXPORT void SSL_set_cert_cb(SSL *ssl, int (*cb)(SSL *ssl, void *arg), - void *arg); - -/* SSL_certs_clear resets the private key, leaf certificate, and certificate - * chain of |ssl|. */ -OPENSSL_EXPORT void SSL_certs_clear(SSL *ssl); - -/* SSL_CTX_check_private_key returns one if the certificate and private key - * configured in |ctx| are consistent and zero otherwise. */ -OPENSSL_EXPORT int SSL_CTX_check_private_key(const SSL_CTX *ctx); - -/* SSL_check_private_key returns one if the certificate and private key - * configured in |ssl| are consistent and zero otherwise. */ -OPENSSL_EXPORT int SSL_check_private_key(const SSL *ssl); - -/* SSL_CTX_get0_certificate returns |ctx|'s leaf certificate. */ -OPENSSL_EXPORT X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx); - -/* SSL_get_certificate returns |ssl|'s leaf certificate. */ -OPENSSL_EXPORT X509 *SSL_get_certificate(const SSL *ssl); - -/* SSL_CTX_get0_privatekey returns |ctx|'s private key. */ -OPENSSL_EXPORT EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx); - -/* SSL_get_privatekey returns |ssl|'s private key. */ -OPENSSL_EXPORT EVP_PKEY *SSL_get_privatekey(const SSL *ssl); - -/* SSL_CTX_get0_chain_certs sets |*out_chain| to |ctx|'s certificate chain and - * returns one. */ -OPENSSL_EXPORT int SSL_CTX_get0_chain_certs(const SSL_CTX *ctx, - STACK_OF(X509) **out_chain); - -/* SSL_CTX_get_extra_chain_certs calls |SSL_CTX_get0_chain_certs|. */ -OPENSSL_EXPORT int SSL_CTX_get_extra_chain_certs(const SSL_CTX *ctx, - STACK_OF(X509) **out_chain); - -/* SSL_get0_chain_certs sets |*out_chain| to |ssl|'s certificate chain and - * returns one. */ -OPENSSL_EXPORT int SSL_get0_chain_certs(const SSL *ssl, - STACK_OF(X509) **out_chain); - -/* SSL_CTX_set_signed_cert_timestamp_list sets the list of signed certificate - * timestamps that is sent to clients that request it. The |list| argument must - * contain one or more SCT structures serialised as a SignedCertificateTimestamp - * List (see https://tools.ietf.org/html/rfc6962#section-3.3) – i.e. each SCT - * is prefixed by a big-endian, uint16 length and the concatenation of one or - * more such prefixed SCTs are themselves also prefixed by a uint16 length. It - * returns one on success and zero on error. The caller retains ownership of - * |list|. */ -OPENSSL_EXPORT int SSL_CTX_set_signed_cert_timestamp_list(SSL_CTX *ctx, - const uint8_t *list, - size_t list_len); - -/* SSL_CTX_set_ocsp_response sets the OCSP reponse that is sent to clients - * which request it. It returns one on success and zero on error. The caller - * retains ownership of |response|. */ -OPENSSL_EXPORT int SSL_CTX_set_ocsp_response(SSL_CTX *ctx, - const uint8_t *response, - size_t response_len); - -/* SSL_set_private_key_digest_prefs copies |num_digests| NIDs from |digest_nids| - * into |ssl|. These digests will be used, in decreasing order of preference, - * when signing with |ssl|'s private key. It returns one on success and zero on - * error. */ -OPENSSL_EXPORT int SSL_set_private_key_digest_prefs(SSL *ssl, - const int *digest_nids, - size_t num_digests); - - -/* Certificate and private key convenience functions. */ - -/* SSL_CTX_use_RSAPrivateKey sets |ctx|'s private key to |rsa|. It returns one - * on success and zero on failure. */ -OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa); - -/* SSL_use_RSAPrivateKey sets |ctx|'s private key to |rsa|. It returns one on - * success and zero on failure. */ -OPENSSL_EXPORT int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa); - -/* The following functions configure certificates or private keys but take as - * input DER-encoded structures. They return one on success and zero on - * failure. */ - -OPENSSL_EXPORT int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, - const uint8_t *d); -OPENSSL_EXPORT int SSL_use_certificate_ASN1(SSL *ssl, const uint8_t *der, - int len); - -OPENSSL_EXPORT int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, - const uint8_t *d, long len); -OPENSSL_EXPORT int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, - const uint8_t *d, long len); - -OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, - const uint8_t *der, - size_t der_len); -OPENSSL_EXPORT int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const uint8_t *der, - size_t der_len); - -/* The following functions configure certificates or private keys but take as - * input files to read from. They return one on success and zero on failure. The - * |type| parameter is one of the |SSL_FILETYPE_*| values and determines whether - * the file's contents are read as PEM or DER. */ - -#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1 -#define SSL_FILETYPE_PEM X509_FILETYPE_PEM - -OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, - const char *file, - int type); -OPENSSL_EXPORT int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, - int type); - -OPENSSL_EXPORT int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, - int type); -OPENSSL_EXPORT int SSL_use_certificate_file(SSL *ssl, const char *file, - int type); - -OPENSSL_EXPORT int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, - int type); -OPENSSL_EXPORT int SSL_use_PrivateKey_file(SSL *ssl, const char *file, - int type); - -/* SSL_CTX_use_certificate_file configures certificates for |ctx|. It reads the - * contents of |file| as a PEM-encoded leaf certificate followed optionally by - * the certificate chain to send to the peer. It returns one on success and zero - * on failure. */ -OPENSSL_EXPORT int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, - const char *file); - -/* SSL_CTX_set_default_passwd_cb sets the password callback for PEM-based - * convenience functions called on |ctx|. */ -OPENSSL_EXPORT void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, - pem_password_cb *cb); - -/* SSL_CTX_set_default_passwd_cb_userdata sets the userdata parameter for - * |ctx|'s password callback. */ -OPENSSL_EXPORT void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, - void *data); - - -/* Custom private keys. */ - -enum ssl_private_key_result_t { - ssl_private_key_success, - ssl_private_key_retry, - ssl_private_key_failure, -}; - -/* SSL_PRIVATE_KEY_METHOD describes private key hooks. This is used to off-load - * signing operations to a custom, potentially asynchronous, backend. */ -typedef struct ssl_private_key_method_st { - /* type returns either |EVP_PKEY_RSA| or |EVP_PKEY_EC| to denote the type of - * key used by |ssl|. */ - int (*type)(SSL *ssl); - - /* max_signature_len returns the maximum length of a signature signed by the - * key used by |ssl|. This must be a constant value for a given |ssl|. */ - size_t (*max_signature_len)(SSL *ssl); - - /* sign signs |in_len| bytes of digest from |in|. |md| is the hash function - * used to calculate |in|. On success, it returns |ssl_private_key_success| - * and writes at most |max_out| bytes of signature data to |out|. On failure, - * it returns |ssl_private_key_failure|. If the operation has not completed, - * it returns |ssl_private_key_retry|. |sign| should arrange for the - * high-level operation on |ssl| to be retried when the operation is - * completed. This will result in a call to |sign_complete|. - * - * If the key is an RSA key, implementations must use PKCS#1 padding. |in| is - * the digest itself, so the DigestInfo prefix, if any, must be prepended by - * |sign|. If |md| is |EVP_md5_sha1|, there is no prefix. - * - * It is an error to call |sign| while another private key operation is in - * progress on |ssl|. */ - enum ssl_private_key_result_t (*sign)(SSL *ssl, uint8_t *out, size_t *out_len, - size_t max_out, const EVP_MD *md, - const uint8_t *in, size_t in_len); - - /* sign_complete completes a pending |sign| operation. If the operation has - * completed, it returns |ssl_private_key_success| and writes the result to - * |out| as in |sign|. Otherwise, it returns |ssl_private_key_failure| on - * failure and |ssl_private_key_retry| if the operation is still in progress. - * - * |sign_complete| may be called arbitrarily many times before completion, but - * it is an error to call |sign_complete| if there is no pending |sign| - * operation in progress on |ssl|. */ - enum ssl_private_key_result_t (*sign_complete)(SSL *ssl, uint8_t *out, - size_t *out_len, size_t max_out); -} SSL_PRIVATE_KEY_METHOD; - -/* SSL_set_private_key_method configures a custom private key on |ssl|. - * |key_method| must remain valid for the lifetime of |ssl|. */ -OPENSSL_EXPORT void SSL_set_private_key_method( - SSL *ssl, const SSL_PRIVATE_KEY_METHOD *key_method); - - /* Connection information. */ -/* SSL_get_peer_certificate returns the peer's leaf certificate or NULL if the - * peer did not use certificates. The caller must call |X509_free| on the - * result to release it. */ -OPENSSL_EXPORT X509 *SSL_get_peer_certificate(const SSL *ssl); - -/* SSL_get_peer_cert_chain returns the peer's certificate chain or NULL if - * unavailable or the peer did not use certificates. For historical reasons, - * this may not be available if resuming a serialized |SSL_SESSION|. The caller - * does not take ownership of the result. - * - * WARNING: This function behaves differently between client and server. If - * |ssl| is a server, the returned chain does not include the leaf certificate. - * If a client, it does. */ -OPENSSL_EXPORT STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *ssl); - /* SSL_get_tls_unique writes at most |max_out| bytes of the tls-unique value * for |ssl| to |out| and sets |*out_len| to the number of bytes written. It * returns one on success or zero on error. In general |max_out| should be at @@ -950,1218 +517,6 @@ OPENSSL_EXPORT STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *ssl); OPENSSL_EXPORT int SSL_get_tls_unique(const SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out); -/* SSL_get_extms_support returns one if the Extended Master Secret - * extension was negotiated. Otherwise, it returns zero. */ -OPENSSL_EXPORT int SSL_get_extms_support(const SSL *ssl); - -/* SSL_get_current_cipher returns the cipher used in the current outgoing - * connection state, or NULL if the null cipher is active. */ -OPENSSL_EXPORT const SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl); - -/* SSL_session_reused returns one if |ssl| performed an abbreviated handshake - * and zero otherwise. - * - * TODO(davidben): Hammer down the semantics of this API while a handshake, - * initial or renego, is in progress. */ -OPENSSL_EXPORT int SSL_session_reused(const SSL *ssl); - -/* SSL_get_secure_renegotiation_support returns one if the peer supports secure - * renegotiation (RFC 5746) and zero otherwise. */ -OPENSSL_EXPORT int SSL_get_secure_renegotiation_support(const SSL *ssl); - - -/* Custom extensions. - * - * The custom extension functions allow TLS extensions to be added to - * ClientHello and ServerHello messages. */ - -/* SSL_custom_ext_add_cb is a callback function that is called when the - * ClientHello (for clients) or ServerHello (for servers) is constructed. In - * the case of a server, this callback will only be called for a given - * extension if the ClientHello contained that extension – it's not possible to - * inject extensions into a ServerHello that the client didn't request. - * - * When called, |extension_value| will contain the extension number that is - * being considered for addition (so that a single callback can handle multiple - * extensions). If the callback wishes to include the extension, it must set - * |*out| to point to |*out_len| bytes of extension contents and return one. In - * this case, the corresponding |SSL_custom_ext_free_cb| callback will later be - * called with the value of |*out| once that data has been copied. - * - * If the callback does not wish to add an extension it must return zero. - * - * Alternatively, the callback can abort the connection by setting - * |*out_alert_value| to a TLS alert number and returning -1. */ -typedef int (*SSL_custom_ext_add_cb)(SSL *ssl, unsigned extension_value, - const uint8_t **out, size_t *out_len, - int *out_alert_value, void *add_arg); - -/* SSL_custom_ext_free_cb is a callback function that is called by OpenSSL iff - * an |SSL_custom_ext_add_cb| callback previously returned one. In that case, - * this callback is called and passed the |out| pointer that was returned by - * the add callback. This is to free any dynamically allocated data created by - * the add callback. */ -typedef void (*SSL_custom_ext_free_cb)(SSL *ssl, unsigned extension_value, - const uint8_t *out, void *add_arg); - -/* SSL_custom_ext_parse_cb is a callback function that is called by OpenSSL to - * parse an extension from the peer: that is from the ServerHello for a client - * and from the ClientHello for a server. - * - * When called, |extension_value| will contain the extension number and the - * contents of the extension are |contents_len| bytes at |contents|. - * - * The callback must return one to continue the handshake. Otherwise, if it - * returns zero, a fatal alert with value |*out_alert_value| is sent and the - * handshake is aborted. */ -typedef int (*SSL_custom_ext_parse_cb)(SSL *ssl, unsigned extension_value, - const uint8_t *contents, - size_t contents_len, - int *out_alert_value, void *parse_arg); - -/* SSL_extension_supported returns one iff OpenSSL internally handles - * extensions of type |extension_value|. This can be used to avoid registering - * custom extension handlers for extensions that a future version of OpenSSL - * may handle internally. */ -OPENSSL_EXPORT int SSL_extension_supported(unsigned extension_value); - -/* SSL_CTX_add_client_custom_ext registers callback functions for handling - * custom TLS extensions for client connections. - * - * If |add_cb| is NULL then an empty extension will be added in each - * ClientHello. Otherwise, see the comment for |SSL_custom_ext_add_cb| about - * this callback. - * - * The |free_cb| may be NULL if |add_cb| doesn't dynamically allocate data that - * needs to be freed. - * - * It returns one on success or zero on error. It's always an error to register - * callbacks for the same extension twice, or to register callbacks for an - * extension that OpenSSL handles internally. See |SSL_extension_supported| to - * discover, at runtime, which extensions OpenSSL handles internally. */ -OPENSSL_EXPORT int SSL_CTX_add_client_custom_ext( - SSL_CTX *ctx, unsigned extension_value, SSL_custom_ext_add_cb add_cb, - SSL_custom_ext_free_cb free_cb, void *add_arg, - SSL_custom_ext_parse_cb parse_cb, void *parse_arg); - -/* SSL_CTX_add_server_custom_ext is the same as - * |SSL_CTX_add_client_custom_ext|, but for server connections. - * - * Unlike on the client side, if |add_cb| is NULL no extension will be added. - * The |add_cb|, if any, will only be called if the ClientHello contained a - * matching extension. */ -OPENSSL_EXPORT int SSL_CTX_add_server_custom_ext( - SSL_CTX *ctx, unsigned extension_value, SSL_custom_ext_add_cb add_cb, - SSL_custom_ext_free_cb free_cb, void *add_arg, - SSL_custom_ext_parse_cb parse_cb, void *parse_arg); - - -/* Sessions. - * - * An |SSL_SESSION| represents an SSL session that may be resumed in an - * abbreviated handshake. It is reference-counted and immutable. Once - * established, an |SSL_SESSION| may be shared by multiple |SSL| objects on - * different threads and must not be modified. */ - -DECLARE_LHASH_OF(SSL_SESSION) - -/* SSL_SESSION_new returns a newly-allocated blank |SSL_SESSION| or NULL on - * error. This may be useful in writing tests but otherwise should not be - * used outside the library. */ -OPENSSL_EXPORT SSL_SESSION *SSL_SESSION_new(void); - -/* SSL_SESSION_up_ref, if |session| is not NULL, increments the reference count - * of |session|. It then returns |session|. */ -OPENSSL_EXPORT SSL_SESSION *SSL_SESSION_up_ref(SSL_SESSION *session); - -/* SSL_SESSION_free decrements the reference count of |session|. If it reaches - * zero, all data referenced by |session| and |session| itself are released. */ -OPENSSL_EXPORT void SSL_SESSION_free(SSL_SESSION *session); - -/* SSL_SESSION_to_bytes serializes |in| into a newly allocated buffer and sets - * |*out_data| to that buffer and |*out_len| to its length. The caller takes - * ownership of the buffer and must call |OPENSSL_free| when done. It returns - * one on success and zero on error. */ -OPENSSL_EXPORT int SSL_SESSION_to_bytes(const SSL_SESSION *in, - uint8_t **out_data, size_t *out_len); - -/* SSL_SESSION_to_bytes_for_ticket serializes |in|, but excludes the session - * identification information, namely the session ID and ticket. */ -OPENSSL_EXPORT int SSL_SESSION_to_bytes_for_ticket(const SSL_SESSION *in, - uint8_t **out_data, - size_t *out_len); - -/* SSL_SESSION_from_bytes parses |in_len| bytes from |in| as an SSL_SESSION. It - * returns a newly-allocated |SSL_SESSION| on success or NULL on error. */ -OPENSSL_EXPORT SSL_SESSION *SSL_SESSION_from_bytes(const uint8_t *in, - size_t in_len); - -/* SSL_SESSION_get_version returns a string describing the TLS version |session| - * was established at. For example, "TLSv1.2" or "SSLv3". */ -OPENSSL_EXPORT const char *SSL_SESSION_get_version(const SSL_SESSION *session); - -/* SSL_SESSION_get_id returns a pointer to a buffer containg |session|'s session - * ID and sets |*out_len| to its length. */ -OPENSSL_EXPORT const uint8_t *SSL_SESSION_get_id(const SSL_SESSION *session, - unsigned *out_len); - -/* SSL_SESSION_get_time returns the time at which |session| was established in - * seconds since the UNIX epoch. */ -OPENSSL_EXPORT long SSL_SESSION_get_time(const SSL_SESSION *session); - -/* SSL_SESSION_get_timeout returns the lifetime of |session| in seconds. */ -OPENSSL_EXPORT long SSL_SESSION_get_timeout(const SSL_SESSION *session); - -/* SSL_SESSION_get_key_exchange_info returns a value that describes the - * strength of the asymmetric operation that provides confidentiality to - * |session|. Its interpretation depends on the operation used. See the - * documentation for this value in the |SSL_SESSION| structure. */ -OPENSSL_EXPORT uint32_t SSL_SESSION_get_key_exchange_info( - const SSL_SESSION *session); - -/* SSL_SESSION_get0_peer return's the peer leaf certificate stored in - * |session|. - * - * TODO(davidben): This should return a const X509 *. */ -OPENSSL_EXPORT X509 *SSL_SESSION_get0_peer(const SSL_SESSION *session); - -/* SSL_SESSION_set_time sets |session|'s creation time to |time| and returns - * |time|. This function may be useful in writing tests but otherwise should not - * be used. */ -OPENSSL_EXPORT long SSL_SESSION_set_time(SSL_SESSION *session, long time); - -/* SSL_SESSION_set_time sets |session|'s timeout to |timeout| and returns one. - * This function may be useful in writing tests but otherwise should not be - * used. */ -OPENSSL_EXPORT long SSL_SESSION_set_timeout(SSL_SESSION *session, long timeout); - -/* SSL_SESSION_set1_id_context sets |session|'s session ID context (see - * |SSL_CTX_set_session_id_context|) to |sid_ctx|. It returns one on success and - * zero on error. This function may be useful in writing tests but otherwise - * should not be used. */ -OPENSSL_EXPORT int SSL_SESSION_set1_id_context(SSL_SESSION *session, - const uint8_t *sid_ctx, - unsigned sid_ctx_len); - - -/* Session caching. - * - * Session caching allows clients to reconnect to a server based on saved - * parameters from a previous connection. - * - * For a server, the library implements a built-in internal session cache as an - * in-memory hash table. One may also register callbacks to implement a custom - * external session cache. An external cache may be used in addition to or - * instead of the internal one. Use |SSL_CTX_set_session_cache_mode| to toggle - * the internal cache. - * - * For a client, the only option is an external session cache. Prior to - * handshaking, the consumer should look up a session externally (keyed, for - * instance, by hostname) and use |SSL_set_session| to configure which session - * to offer. The callbacks may be used to determine when new sessions are - * available. - * - * Note that offering or accepting a session short-circuits most parameter - * negotiation. Resuming sessions across different configurations may result in - * surprising behavor. So, for instance, a client implementing a version - * fallback should shard its session cache by maximum protocol version. */ - -/* SSL_SESS_CACHE_OFF disables all session caching. */ -#define SSL_SESS_CACHE_OFF 0x0000 - -/* SSL_SESS_CACHE_CLIENT enables session caching for a client. - * - * TODO(davidben): The internal cache is useless on the client. Always act as if - * SSL_SESS_CACHE_NO_INTERNAL is set. https://crbug.com/531194. Also see TODO - * attached to |SSL_CTX_sess_set_new_cb|. */ -#define SSL_SESS_CACHE_CLIENT 0x0001 - -/* SSL_SESS_CACHE_SERVER enables session caching for a server. */ -#define SSL_SESS_CACHE_SERVER 0x0002 - -/* SSL_SESS_CACHE_SERVER enables session caching for both client and server. */ -#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_SERVER) - -/* SSL_SESS_CACHE_NO_AUTO_CLEAR disables automatically calling - * |SSL_CTX_flush_sessions| every 255 connections. */ -#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080 - -/* SSL_SESS_CACHE_NO_INTERNAL_LOOKUP disables looking up a session from the - * internal session cache. */ -#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100 - -/* SSL_SESS_CACHE_NO_INTERNAL_STORE disables storing sessions in the internal - * session cache. */ -#define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200 - -/* SSL_SESS_CACHE_NO_INTERNAL disables the internal session cache. */ -#define SSL_SESS_CACHE_NO_INTERNAL \ - (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP | SSL_SESS_CACHE_NO_INTERNAL_STORE) - -/* SSL_CTX_set_session_cache_mode sets the session cache mode bits for |ctx| to - * |mode|. It returns the previous value. */ -OPENSSL_EXPORT int SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, int mode); - -/* SSL_CTX_get_session_cache_mode returns the session cache mode bits for - * |ctx| */ -OPENSSL_EXPORT int SSL_CTX_get_session_cache_mode(const SSL_CTX *ctx); - - /* SSL_set_session, for a client, configures |ssl| to offer to resume |session| - * in the initial handshake. */ -OPENSSL_EXPORT int SSL_set_session(SSL *ssl, SSL_SESSION *session); - -/* SSL_get_session returns a non-owning pointer to |ssl|'s session. Prior to the - * initial handshake beginning, this is the session to be offered, set by - * |SSL_set_session|. After a handshake has finished, this is the currently - * active session. Its behavior is undefined while a handshake is progress. */ -OPENSSL_EXPORT SSL_SESSION *SSL_get_session(const SSL *ssl); - -/* SSL_get0_session is an alias for |SSL_get_session|. */ -#define SSL_get0_session SSL_get_session - -/* SSL_get1_session acts like |SSL_get_session| but returns a new reference to - * the session. */ -OPENSSL_EXPORT SSL_SESSION *SSL_get1_session(SSL *ssl); - -/* SSL_DEFAULT_SESSION_TIMEOUT is the default lifetime, in seconds, of a - * session. */ -#define SSL_DEFAULT_SESSION_TIMEOUT (2 * 60 * 60) - -/* SSL_CTX_set_timeout sets the lifetime, in seconds, of sessions created in - * |ctx| to |timeout|. */ -OPENSSL_EXPORT long SSL_CTX_set_timeout(SSL_CTX *ctx, long timeout); - -/* SSL_CTX_get_timeout returns the lifetime, in seconds, of sessions created in - * |ctx|. */ -OPENSSL_EXPORT long SSL_CTX_get_timeout(const SSL_CTX *ctx); - -/* SSL_CTX_set_session_id_context sets |ctx|'s session ID context to |sid_ctx|. - * It returns one on success and zero on error. The session ID context is an - * application-defined opaque byte string. A session will not be used in a - * connection without a matching session ID context. - * - * For a server, if |SSL_VERIFY_PEER| is enabled, it is an error to not set a - * session ID context. - * - * TODO(davidben): Is that check needed? That seems a special case of taking - * care not to cross-resume across configuration changes, and this is only - * relevant if a server requires client auth. */ -OPENSSL_EXPORT int SSL_CTX_set_session_id_context(SSL_CTX *ctx, - const uint8_t *sid_ctx, - unsigned sid_ctx_len); - -/* SSL_set_session_id_context sets |ssl|'s session ID context to |sid_ctx|. It - * returns one on success and zero on error. See also - * |SSL_CTX_set_session_id_context|. */ -OPENSSL_EXPORT int SSL_set_session_id_context(SSL *ssl, const uint8_t *sid_ctx, - unsigned sid_ctx_len); - -/* SSL_SESSION_CACHE_MAX_SIZE_DEFAULT is the default maximum size of a session - * cache. */ -#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024 * 20) - -/* SSL_CTX_sess_set_cache_size sets the maximum size of |ctx|'s internal session - * cache to |size|. It returns the previous value. */ -OPENSSL_EXPORT unsigned long SSL_CTX_sess_set_cache_size(SSL_CTX *ctx, - unsigned long size); - -/* SSL_CTX_sess_get_cache_size returns the maximum size of |ctx|'s internal - * session cache. */ -OPENSSL_EXPORT unsigned long SSL_CTX_sess_get_cache_size(const SSL_CTX *ctx); - -/* SSL_CTX_sessions returns |ctx|'s internal session cache. */ -OPENSSL_EXPORT LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx); - -/* SSL_CTX_sess_number returns the number of sessions in |ctx|'s internal - * session cache. */ -OPENSSL_EXPORT size_t SSL_CTX_sess_number(const SSL_CTX *ctx); - -/* SSL_CTX_add_session inserts |session| into |ctx|'s internal session cache. It - * returns one on success and zero on error or if |ctx| already included a - * session with that session ID. The caller retains its reference to - * |session|. */ -OPENSSL_EXPORT int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *session); - -/* SSL_CTX_remove_session removes |session| from |ctx|'s internal session cache. - * It returns one on success and zero on error or if no session with a matching - * ID was found. */ -OPENSSL_EXPORT int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *session); - -/* SSL_CTX_flush_sessions removes all sessions from |ctx| which have expired as - * of time |time|. If |time| is zero, all sessions are removed. */ -OPENSSL_EXPORT void SSL_CTX_flush_sessions(SSL_CTX *ctx, long time); - -/* SSL_CTX_sess_set_new_cb sets the callback to be called when a new session is - * established and ready to be cached. If the session cache is disabled (the - * appropriate one of |SSL_SESS_CACHE_CLIENT| or |SSL_SESS_CACHE_SERVER| is - * unset), the callback is not called. - * - * The callback is passed a reference to |session|. It returns one if it takes - * ownership and zero otherwise. - * - * Note: For a client, the callback may be called on abbreviated handshakes if a - * ticket is renewed. Further, it may not be called until some time after - * |SSL_do_handshake| or |SSL_connect| completes if False Start is enabled. Thus - * it's recommended to use this callback over checking |SSL_session_reused| on - * handshake completion. - * - * TODO(davidben): Conditioning callbacks on |SSL_SESS_CACHE_CLIENT| or - * |SSL_SESS_CACHE_SERVER| doesn't make any sense when one could just as easily - * not supply the callbacks. Removing that condition and the client internal - * cache would simplify things. */ -OPENSSL_EXPORT void SSL_CTX_sess_set_new_cb( - SSL_CTX *ctx, int (*new_session_cb)(SSL *ssl, SSL_SESSION *session)); - -/* SSL_CTX_sess_get_new_cb returns the callback set by - * |SSL_CTX_sess_set_new_cb|. */ -OPENSSL_EXPORT int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))( - SSL *ssl, SSL_SESSION *session); - -/* SSL_CTX_sess_set_remove_cb sets a callback which is called when a session is - * removed from the internal session cache. - * - * TODO(davidben): What is the point of this callback? It seems useless since it - * only fires on sessions in the internal cache. */ -OPENSSL_EXPORT void SSL_CTX_sess_set_remove_cb( - SSL_CTX *ctx, - void (*remove_session_cb)(SSL_CTX *ctx, SSL_SESSION *session)); - -/* SSL_CTX_sess_get_remove_cb returns the callback set by - * |SSL_CTX_sess_set_remove_cb|. */ -OPENSSL_EXPORT void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))( - SSL_CTX *ctx, SSL_SESSION *session); - -/* SSL_CTX_sess_set_get_cb sets a callback to look up a session by ID for a - * server. The callback is passed the session ID and should return a matching - * |SSL_SESSION| or NULL if not found. It should set |*out_copy| to zero and - * return a new reference to the session. This callback is not used for a - * client. - * - * For historical reasons, if |*out_copy| is set to one (default), the SSL - * library will take a new reference to the returned |SSL_SESSION|, expecting - * the callback to return a non-owning pointer. This is not recommended. If - * |ctx| and thus the callback is used on multiple threads, the session may be - * removed and invalidated before the SSL library calls |SSL_SESSION_up_ref|, - * whereas the callback may synchronize internally. - * - * To look up a session asynchronously, the callback may return - * |SSL_magic_pending_session_ptr|. See the documentation for that function and - * |SSL_ERROR_PENDING_SESSION|. - * - * If the internal session cache is enabled, the callback is only consulted if - * the internal cache does not return a match. */ -OPENSSL_EXPORT void SSL_CTX_sess_set_get_cb( - SSL_CTX *ctx, - SSL_SESSION *(*get_session_cb)(SSL *ssl, uint8_t *id, int id_len, - int *out_copy)); - -/* SSL_CTX_sess_get_get_cb returns the callback set by - * |SSL_CTX_sess_set_get_cb|. */ -OPENSSL_EXPORT SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))( - SSL *ssl, uint8_t *id, int id_len, int *out_copy); - -/* SSL_magic_pending_session_ptr returns a magic |SSL_SESSION|* which indicates - * that the session isn't currently unavailable. |SSL_get_error| will then - * return |SSL_ERROR_PENDING_SESSION| and the handshake can be retried later - * when the lookup has completed. */ -OPENSSL_EXPORT SSL_SESSION *SSL_magic_pending_session_ptr(void); - -/* GEN_SESSION_CB is a callback to generate session IDs for |ssl|. It returns - * one on success and zero on error. On success, the generated ID is written to - * |id| and |*id_len| set to the length. On entry, |*id_len| is the maximum - * length of the ID, but the callback may shorten it if desired. It is an error - * for the callback to set the size to zero. - * - * Callbacks may use |SSL_has_matching_session_id| to check that the generated - * ID is unique. */ -typedef int (*GEN_SESSION_CB)(const SSL *ssl, uint8_t *id, unsigned *id_len); - -/* SSL_CTX_set_generate_session_id sets the session ID callback of |ctx| to - * |cb| and returns one. It will be called on the server when establishing a new - * session. */ -OPENSSL_EXPORT int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, - GEN_SESSION_CB cb); - -/* SSL_set_generate_session_id sets the session ID callback of |ssl| to |cb| and - * returns one. It will be called on the server when establishing a new - * session. */ -OPENSSL_EXPORT int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb); - -/* SSL_has_matching_session_id returns one if |ssl|'s session cache has a - * session of value |id| and zero otherwise. */ -OPENSSL_EXPORT int SSL_has_matching_session_id(const SSL *ssl, - const uint8_t *id, - unsigned id_len); - - -/* Session tickets. - * - * Session tickets, from RFC 5077, allow session resumption without server-side - * state. Session tickets are supported in by default but may be disabled with - * |SSL_OP_NO_TICKET|. - * - * On the client, ticket-based sessions use the same APIs as ID-based tickets. - * Callers do not need to handle them differently. - * - * On the server, tickets are encrypted and authenticated with a secret key. By - * default, an |SSL_CTX| generates a key on creation. Tickets are minted and - * processed transparently. The following functions may be used to configure a - * persistent key or implement more custom behavior. */ - -/* SSL_CTX_get_tlsext_ticket_keys writes |ctx|'s session ticket key material to - * |len| bytes of |out|. It returns one on success and zero if |len| is not - * 48. If |out| is NULL, it returns 48 instead. */ -OPENSSL_EXPORT int SSL_CTX_get_tlsext_ticket_keys(SSL_CTX *ctx, void *out, - size_t len); - -/* SSL_CTX_set_tlsext_ticket_keys sets |ctx|'s session ticket key material to - * |len| bytes of |in|. It returns one on success and zero if |len| is not - * 48. If |in| is NULL, it returns 48 instead. */ -OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_keys(SSL_CTX *ctx, const void *in, - size_t len); - -/* SSL_TICKET_KEY_NAME_LEN is the length of the key name prefix of a session - * ticket. */ -#define SSL_TICKET_KEY_NAME_LEN 16 - -/* SSL_CTX_set_tlsext_ticket_key_cb sets the ticket callback to |callback| and - * returns one. |callback| will be called when encrypting a new ticket and when - * decrypting a ticket from the client. - * - * In both modes, |ctx| and |hmac_ctx| will already have been initialized with - * |EVP_CIPHER_CTX_init| and |HMAC_CTX_init|, respectively. |callback| - * configures |hmac_ctx| with an HMAC digest and key, and configures |ctx| - * for encryption or decryption, based on the mode. - * - * When encrypting a new ticket, |encrypt| will be one. It writes a public - * 16-byte key name to |key_name| and a fresh IV to |iv|. The output IV length - * must match |EVP_CIPHER_CTX_iv_length| of the cipher selected. In this mode, - * |callback| returns 1 on success and -1 on error. - * - * When decrypting a ticket, |encrypt| will be zero. |key_name| will point to a - * 16-byte key name and |iv| points to an IV. The length of the IV consumed must - * match |EVP_CIPHER_CTX_iv_length| of the cipher selected. In this mode, - * |callback| returns -1 to abort the handshake, 0 if decrypting the ticket - * failed, and 1 or 2 on success. If it returns 2, the ticket will be renewed. - * This may be used to re-key the ticket. - * - * WARNING: |callback| wildly breaks the usual return value convention and is - * called in two different modes. */ -OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_key_cb( - SSL_CTX *ctx, int (*callback)(SSL *ssl, uint8_t *key_name, uint8_t *iv, - EVP_CIPHER_CTX *ctx, HMAC_CTX *hmac_ctx, - int encrypt)); - - -/* Elliptic curve Diffie-Hellman. - * - * Cipher suites using an ECDHE key exchange perform Diffie-Hellman over an - * elliptic curve negotiated by both endpoints. See RFC 4492. Only named curves - * are supported. ECDHE is always enabled, but the curve preferences may be - * configured with these functions. - * - * A client may use |SSL_SESSION_get_key_exchange_info| to determine the curve - * selected. */ - -/* SSL_CTX_set1_curves sets the preferred curves for |ctx| to be |curves|. Each - * element of |curves| should be a curve nid. It returns one on success and - * zero on failure. */ -OPENSSL_EXPORT int SSL_CTX_set1_curves(SSL_CTX *ctx, const int *curves, - size_t curves_len); - -/* SSL_set1_curves sets the preferred curves for |ssl| to be |curves|. Each - * element of |curves| should be a curve nid. It returns one on success and - * zero on failure. */ -OPENSSL_EXPORT int SSL_set1_curves(SSL *ssl, const int *curves, - size_t curves_len); - -/* SSL_CTX_set_tmp_ecdh configures |ctx| to use the curve from |ecdh| as the - * curve for ephemeral ECDH keys. For historical reasons, this API expects an - * |EC_KEY|, but only the curve is used. It returns one on success and zero on - * error. If unset, an appropriate curve will be chosen based on curve - * preferences. (This is recommended.) */ -OPENSSL_EXPORT int SSL_CTX_set_tmp_ecdh(SSL_CTX *ctx, const EC_KEY *ec_key); - -/* SSL_set_tmp_ecdh configures |ssl| to use the curve from |ecdh| as the curve - * for ephemeral ECDH keys. For historical reasons, this API expects an - * |EC_KEY|, but only the curve is used. It returns one on success and zero on - * error. If unset, an appropriate curve will be chosen based on curve - * preferences. (This is recommended.) */ -OPENSSL_EXPORT int SSL_set_tmp_ecdh(SSL *ssl, const EC_KEY *ec_key); - -/* SSL_CTX_set_tmp_ecdh_callback configures |ctx| to use |callback| to determine - * the curve for ephemeral ECDH keys. |callback| should ignore |is_export| and - * |keylength| and return an |EC_KEY| of the selected curve or NULL on - * error. Only the curve is used, so the |EC_KEY| needn't have a generated - * keypair. - * - * If the callback is unset, an appropriate curve will be chosen based on curve - * preferences. (This is recommended.) - * - * WARNING: The caller does not take ownership of the resulting |EC_KEY|, so - * |callback| must save and release the object elsewhere. */ -OPENSSL_EXPORT void SSL_CTX_set_tmp_ecdh_callback( - SSL_CTX *ctx, EC_KEY *(*callback)(SSL *ssl, int is_export, int keylength)); - -/* SSL_set_tmp_ecdh_callback configures |ssl| to use |callback| to determine the - * curve for ephemeral ECDH keys. |callback| should ignore |is_export| and - * |keylength| and return an |EC_KEY| of the selected curve or NULL on - * error. Only the curve is used, so the |EC_KEY| needn't have a generated - * keypair. - * - * If the callback is unset, an appropriate curve will be chosen based on curve - * preferences. (This is recommended.) - * - * WARNING: The caller does not take ownership of the resulting |EC_KEY|, so - * |callback| must save and release the object elsewhere. */ -OPENSSL_EXPORT void SSL_set_tmp_ecdh_callback( - SSL *ssl, EC_KEY *(*callback)(SSL *ssl, int is_export, int keylength)); - -/* SSL_get_curve_name returns a human-readable name for the elliptic curve - * specified by the given TLS curve id, or NULL if the curve if unknown. */ -OPENSSL_EXPORT const char *SSL_get_curve_name(uint16_t curve_id); - - -/* Multiplicative Diffie-Hellman. - * - * Cipher suites using a DHE key exchange perform Diffie-Hellman over a - * multiplicative group selected by the server. These ciphers are disabled for a - * server unless a group is chosen with one of these functions. - * - * A client may use |SSL_SESSION_get_key_exchange_info| to determine the size of - * the selected group's prime, but note that servers may select degenerate - * groups. */ - -/* SSL_CTX_set_tmp_dh configures |ctx| to use the group from |dh| as the group - * for DHE. Only the group is used, so |dh| needn't have a keypair. It returns - * one on success and zero on error. */ -OPENSSL_EXPORT int SSL_CTX_set_tmp_dh(SSL_CTX *ctx, const DH *dh); - -/* SSL_set_tmp_dh configures |ssl| to use the group from |dh| as the group for - * DHE. Only the group is used, so |dh| needn't have a keypair. It returns one - * on success and zero on error. */ -OPENSSL_EXPORT int SSL_set_tmp_dh(SSL *ssl, const DH *dh); - -/* SSL_CTX_set_tmp_dh_callback configures |ctx| to use |callback| to determine - * the group for DHE ciphers. |callback| should ignore |is_export| and - * |keylength| and return a |DH| of the selected group or NULL on error. Only - * the parameters are used, so the |DH| needn't have a generated keypair. - * - * WARNING: The caller does not take ownership of the resulting |DH|, so - * |callback| must save and release the object elsewhere. */ -OPENSSL_EXPORT void SSL_CTX_set_tmp_dh_callback( - SSL_CTX *ctx, DH *(*callback)(SSL *ssl, int is_export, int keylength)); - -/* SSL_set_tmp_dh_callback configures |ssl| to use |callback| to determine the - * group for DHE ciphers. |callback| should ignore |is_export| and |keylength| - * and return a |DH| of the selected group or NULL on error. Only the - * parameters are used, so the |DH| needn't have a generated keypair. - * - * WARNING: The caller does not take ownership of the resulting |DH|, so - * |callback| must save and release the object elsewhere. */ -OPENSSL_EXPORT void SSL_set_tmp_dh_callback(SSL *ssl, - DH *(*dh)(SSL *ssl, int is_export, - int keylength)); - - -/* Certificate verification. - * - * SSL may authenticate either endpoint with an X.509 certificate. Typically - * this is used to authenticate the server to the client. These functions - * configure certificate verification. - * - * WARNING: By default, certificate verification errors on a client are not - * fatal. See |SSL_VERIFY_NONE| This may be configured with - * |SSL_CTX_set_verify|. - * - * By default clients are anonymous but a server may request a certificate from - * the client by setting |SSL_VERIFY_PEER|. - * - * Many of these functions use OpenSSL's legacy X.509 stack which is - * underdocumented and deprecated, but the replacement isn't ready yet. For - * now, consumers may use the existing stack or bypass it by performing - * certificate verification externally. This may be done with - * |SSL_CTX_set_cert_verify_callback| or by extracting the chain with - * |SSL_get_peer_cert_chain| after the handshake. In the future, functions will - * be added to use the SSL stack without depending on any part of the legacy - * X.509 and ASN.1 stack. */ - -/* SSL_VERIFY_NONE, on a client, verifies the server certificate but does not - * make errors fatal. The result may be checked with |SSL_get_verify_result|. On - * a server it does not request a client certificate. This is the default. */ -#define SSL_VERIFY_NONE 0x00 - -/* SSL_VERIFY_PEER, on a client, makes server certificate errors fatal. On a - * server it requests a client certificate and makes errors fatal. However, - * anonymous clients are still allowed. See - * |SSL_VERIFY_FAIL_IF_NO_PEER_CERT|. */ -#define SSL_VERIFY_PEER 0x01 - -/* SSL_VERIFY_FAIL_IF_NO_PEER_CERT configures a server to reject connections if - * the client declines to send a certificate. Otherwise |SSL_VERIFY_PEER| still - * allows anonymous clients. */ -#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02 - -/* SSL_VERIFY_PEER_IF_NO_OBC configures a server to request a client certificate - * if and only if Channel ID is not negotiated. */ -#define SSL_VERIFY_PEER_IF_NO_OBC 0x04 - -/* SSL_CTX_set_verify configures certificate verification behavior. |mode| is - * one of the |SSL_VERIFY_*| values defined above. |callback|, if not NULL, is - * used to customize certificate verification. See the behavior of - * |X509_STORE_CTX_set_verify_cb|. - * - * The callback may use |SSL_get_ex_data_X509_STORE_CTX_idx| with - * |X509_STORE_CTX_get_ex_data| to look up the |SSL| from |store_ctx|. */ -OPENSSL_EXPORT void SSL_CTX_set_verify( - SSL_CTX *ctx, int mode, int (*callback)(int ok, X509_STORE_CTX *store_ctx)); - -/* SSL_set_verify configures certificate verification behavior. |mode| is one of - * the |SSL_VERIFY_*| values defined above. |callback|, if not NULL, is used to - * customize certificate verification. See the behavior of - * |X509_STORE_CTX_set_verify_cb|. - * - * The callback may use |SSL_get_ex_data_X509_STORE_CTX_idx| with - * |X509_STORE_CTX_get_ex_data| to look up the |SSL| from |store_ctx|. */ -OPENSSL_EXPORT void SSL_set_verify(SSL *ssl, int mode, - int (*callback)(int ok, - X509_STORE_CTX *store_ctx)); - -/* SSL_CTX_get_verify_mode returns |ctx|'s verify mode, set by - * |SSL_CTX_set_verify|. */ -OPENSSL_EXPORT int SSL_CTX_get_verify_mode(const SSL_CTX *ctx); - -/* SSL_get_verify_mode returns |ssl|'s verify mode, set by |SSL_CTX_set_verify| - * or |SSL_set_verify|. */ -OPENSSL_EXPORT int SSL_get_verify_mode(const SSL *ssl); - -/* SSL_CTX_get_verify_callback returns the callback set by - * |SSL_CTX_set_verify|. */ -OPENSSL_EXPORT int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))( - int ok, X509_STORE_CTX *store_ctx); - -/* SSL_get_verify_callback returns the callback set by |SSL_CTX_set_verify| or - * |SSL_set_verify|. */ -OPENSSL_EXPORT int (*SSL_get_verify_callback(const SSL *ssl))( - int ok, X509_STORE_CTX *store_ctx); - -/* SSL_CTX_set_verify_depth sets the maximum depth of a certificate chain - * accepted in verification. This number does not include the leaf, so a depth - * of 1 allows the leaf and one CA certificate. */ -OPENSSL_EXPORT void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth); - -/* SSL_set_verify_depth sets the maximum depth of a certificate chain accepted - * in verification. This number does not include the leaf, so a depth of 1 - * allows the leaf and one CA certificate. */ -OPENSSL_EXPORT void SSL_set_verify_depth(SSL *ssl, int depth); - -/* SSL_CTX_get_verify_depth returns the maximum depth of a certificate accepted - * in verification. */ -OPENSSL_EXPORT int SSL_CTX_get_verify_depth(const SSL_CTX *ctx); - -/* SSL_get_verify_depth returns the maximum depth of a certificate accepted in - * verification. */ -OPENSSL_EXPORT int SSL_get_verify_depth(const SSL *ssl); - -/* SSL_CTX_set1_param sets verification parameters from |param|. It returns one - * on success and zero on failure. The caller retains ownership of |param|. */ -OPENSSL_EXPORT int SSL_CTX_set1_param(SSL_CTX *ctx, - const X509_VERIFY_PARAM *param); - -/* SSL_set1_param sets verification parameters from |param|. It returns one on - * success and zero on failure. The caller retains ownership of |param|. */ -OPENSSL_EXPORT int SSL_set1_param(SSL *ssl, - const X509_VERIFY_PARAM *param); - -/* SSL_CTX_get0_param returns |ctx|'s |X509_VERIFY_PARAM| for certificate - * verification. The caller must not release the returned pointer but may call - * functions on it to configure it. */ -OPENSSL_EXPORT X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx); - -/* SSL_get0_param returns |ssl|'s |X509_VERIFY_PARAM| for certificate - * verification. The caller must not release the returned pointer but may call - * functions on it to configure it. */ -OPENSSL_EXPORT X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl); - -/* SSL_CTX_set_purpose sets |ctx|'s |X509_VERIFY_PARAM|'s 'purpose' parameter to - * |purpose|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int SSL_CTX_set_purpose(SSL_CTX *ctx, int purpose); - -/* SSL_set_purpose sets |ssl|'s |X509_VERIFY_PARAM|'s 'purpose' parameter to - * |purpose|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int SSL_set_purpose(SSL *ssl, int purpose); - -/* SSL_CTX_set_trust sets |ctx|'s |X509_VERIFY_PARAM|'s 'trust' parameter to - * |trust|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int SSL_CTX_set_trust(SSL_CTX *ctx, int trust); - -/* SSL_set_trust sets |ssl|'s |X509_VERIFY_PARAM|'s 'trust' parameter to - * |trust|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int SSL_set_trust(SSL *ssl, int trust); - -/* SSL_CTX_set_cert_store sets |ctx|'s certificate store to |store|. It takes - * ownership of |store|. The store is used for certificate verification. - * - * The store is also used for the auto-chaining feature, but this is deprecated. - * See also |SSL_MODE_NO_AUTO_CHAIN|. */ -OPENSSL_EXPORT void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store); - -/* SSL_CTX_get_cert_store returns |ctx|'s certificate store. */ -OPENSSL_EXPORT X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx); - -/* SSL_CTX_set_default_verify_paths loads the OpenSSL system-default trust - * anchors into |ctx|'s store. It returns one on success and zero on failure. */ -OPENSSL_EXPORT int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx); - -/* SSL_CTX_load_verify_locations loads trust anchors into |ctx|'s store from - * |ca_file| and |ca_dir|, either of which may be NULL. If |ca_file| is passed, - * it is opened and PEM-encoded CA certificates are read. If |ca_dir| is passed, - * it is treated as a directory in OpenSSL's hashed directory format. It returns - * one on success and zero on failure. - * - * See - * https://www.openssl.org/docs/manmaster/ssl/SSL_CTX_load_verify_locations.html - * for documentation on the directory format. */ -OPENSSL_EXPORT int SSL_CTX_load_verify_locations(SSL_CTX *ctx, - const char *ca_file, - const char *ca_dir); - -/* SSL_get_verify_result returns the result of certificate verification. It is - * either |X509_V_OK| or a |X509_V_ERR_*| value. */ -OPENSSL_EXPORT long SSL_get_verify_result(const SSL *ssl); - -/* SSL_set_verify_result overrides the result of certificate verification. */ -OPENSSL_EXPORT void SSL_set_verify_result(SSL *ssl, long result); - -/* SSL_get_ex_data_X509_STORE_CTX_idx returns the ex_data index used to look up - * the |SSL| associated with an |X509_STORE_CTX| in the verify callback. */ -OPENSSL_EXPORT int SSL_get_ex_data_X509_STORE_CTX_idx(void); - -/* SSL_CTX_set_cert_verify_callback sets a custom callback to be called on - * certificate verification rather than |X509_verify_cert|. |store_ctx| contains - * the verification parameters. The callback should return one on success and - * zero on fatal error. It may use |X509_STORE_CTX_set_error| to set a - * verification result. - * - * The callback may use either the |arg| parameter or - * |SSL_get_ex_data_X509_STORE_CTX_idx| to recover the associated |SSL| - * object. */ -OPENSSL_EXPORT void SSL_CTX_set_cert_verify_callback( - SSL_CTX *ctx, int (*callback)(X509_STORE_CTX *store_ctx, void *arg), - void *arg); - - -/* Client certificate CA list. - * - * When requesting a client certificate, a server may advertise a list of - * certificate authorities which are accepted. These functions may be used to - * configure this list. */ - -/* SSL_set_client_CA_list sets |ssl|'s client certificate CA list to - * |name_list|. It takes ownership of |name_list|. */ -OPENSSL_EXPORT void SSL_set_client_CA_list(SSL *ssl, - STACK_OF(X509_NAME) *name_list); - -/* SSL_CTX_set_client_CA_list sets |ctx|'s client certificate CA list to - * |name_list|. It takes ownership of |name_list|. */ -OPENSSL_EXPORT void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, - STACK_OF(X509_NAME) *name_list); - -/* SSL_get_client_CA_list returns |ssl|'s client certificate CA list. */ -OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *ssl); - -/* SSL_CTX_get_client_CA_list returns |ctx|'s client certificate CA list. */ -OPENSSL_EXPORT STACK_OF(X509_NAME) * - SSL_CTX_get_client_CA_list(const SSL_CTX *ctx); - -/* SSL_add_client_CA appends |x509|'s subject to the client certificate CA list. - * It returns one on success or zero on error. The caller retains ownership of - * |x509|. */ -OPENSSL_EXPORT int SSL_add_client_CA(SSL *ssl, X509 *x509); - -/* SSL_CTX_add_client_CA appends |x509|'s subject to the client certificate CA - * list. It returns one on success or zero on error. The caller retains - * ownership of |x509|. */ -OPENSSL_EXPORT int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x509); - -/* SSL_load_client_CA_file opens |file| and reads PEM-encoded certificates from - * it. It returns a newly-allocated stack of the certificate subjects or NULL - * on error. */ -OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); - -/* SSL_dup_CA_list makes a deep copy of |list|. It returns the new list on - * success or NULL on allocation error. */ -OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *list); - -/* SSL_add_file_cert_subjects_to_stack behaves like |SSL_load_client_CA_file| - * but appends the result to |out|. It returns one on success or zero on - * error. */ -OPENSSL_EXPORT int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *out, - const char *file); - -/* SSL_add_dir_cert_subjects_to_stack lists files in directory |dir|. It calls - * |SSL_add_file_cert_subjects_to_stack| on each file and returns one on success - * or zero on error. */ -OPENSSL_EXPORT int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *out, - const char *dir); - - -/* Application-layer protocol negotation. - * - * The ALPN extension (RFC 7301) allows negotiating different application-layer - * protocols over a single port. This is used, for example, to negotiate - * HTTP/2. */ - -/* SSL_CTX_set_alpn_protos sets the client ALPN protocol list on |ctx| to - * |protos|. |protos| must be in wire-format (i.e. a series of non-empty, 8-bit - * length-prefixed strings). It returns zero on success and one on failure. - * Configuring this list enables ALPN on a client. - * - * WARNING: this function is dangerous because it breaks the usual return value - * convention. */ -OPENSSL_EXPORT int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const uint8_t *protos, - unsigned protos_len); - -/* SSL_set_alpn_protos sets the client ALPN protocol list on |ssl| to |protos|. - * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit - * length-prefixed strings). It returns zero on success and one on failure. - * Configuring this list enables ALPN on a client. - * - * WARNING: this function is dangerous because it breaks the usual return value - * convention. */ -OPENSSL_EXPORT int SSL_set_alpn_protos(SSL *ssl, const uint8_t *protos, - unsigned protos_len); - -/* SSL_CTX_set_alpn_select_cb sets a callback function on |ctx| that is called - * during ClientHello processing in order to select an ALPN protocol from the - * client's list of offered protocols. Configuring this callback enables ALPN on - * a server. - * - * The callback is passed a wire-format (i.e. a series of non-empty, 8-bit - * length-prefixed strings) ALPN protocol list in |in|. It should set |*out| and - * |*out_len| to the selected protocol and return |SSL_TLSEXT_ERR_OK| on - * success. It does not pass ownership of the buffer. Otherwise, it should - * return |SSL_TLSEXT_ERR_NOACK|. Other |SSL_TLSEXT_ERR_*| values are - * unimplemented and will be treated as |SSL_TLSEXT_ERR_NOACK|. */ -OPENSSL_EXPORT void SSL_CTX_set_alpn_select_cb( - SSL_CTX *ctx, int (*cb)(SSL *ssl, const uint8_t **out, uint8_t *out_len, - const uint8_t *in, unsigned in_len, void *arg), - void *arg); - -/* SSL_get0_alpn_selected gets the selected ALPN protocol (if any) from |ssl|. - * On return it sets |*out_data| to point to |*out_len| bytes of protocol name - * (not including the leading length-prefix byte). If the server didn't respond - * with a negotiated protocol then |*out_len| will be zero. */ -OPENSSL_EXPORT void SSL_get0_alpn_selected(const SSL *ssl, - const uint8_t **out_data, - unsigned *out_len); - - -/* Next protocol negotiation. - * - * The NPN extension (draft-agl-tls-nextprotoneg-03) is the predecessor to ALPN - * and deprecated in favor of it. */ - -/* SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when a - * TLS server needs a list of supported protocols for Next Protocol - * Negotiation. The returned list must be in wire format. The list is returned - * by setting |*out| to point to it and |*out_len| to its length. This memory - * will not be modified, but one should assume that |ssl| keeps a reference to - * it. - * - * The callback should return |SSL_TLSEXT_ERR_OK| if it wishes to advertise. - * Otherwise, no such extension will be included in the ServerHello. */ -OPENSSL_EXPORT void SSL_CTX_set_next_protos_advertised_cb( - SSL_CTX *ctx, - int (*cb)(SSL *ssl, const uint8_t **out, unsigned *out_len, void *arg), - void *arg); - -/* SSL_CTX_set_next_proto_select_cb sets a callback that is called when a client - * needs to select a protocol from the server's provided list. |*out| must be - * set to point to the selected protocol (which may be within |in|). The length - * of the protocol name must be written into |*out_len|. The server's advertised - * protocols are provided in |in| and |in_len|. The callback can assume that - * |in| is syntactically valid. - * - * The client must select a protocol. It is fatal to the connection if this - * callback returns a value other than |SSL_TLSEXT_ERR_OK|. - * - * Configuring this callback enables NPN on a client. */ -OPENSSL_EXPORT void SSL_CTX_set_next_proto_select_cb( - SSL_CTX *ctx, int (*cb)(SSL *ssl, uint8_t **out, uint8_t *out_len, - const uint8_t *in, unsigned in_len, void *arg), - void *arg); - -/* SSL_get0_next_proto_negotiated sets |*out_data| and |*out_len| to point to - * the client's requested protocol for this connection. If the client didn't - * request any protocol, then |*out_data| is set to NULL. - * - * Note that the client can request any protocol it chooses. The value returned - * from this function need not be a member of the list of supported protocols - * provided by the server. */ -OPENSSL_EXPORT void SSL_get0_next_proto_negotiated(const SSL *ssl, - const uint8_t **out_data, - unsigned *out_len); - -/* SSL_select_next_proto implements the standard protocol selection. It is - * expected that this function is called from the callback set by - * |SSL_CTX_set_next_proto_select_cb|. - * - * The protocol data is assumed to be a vector of 8-bit, length prefixed byte - * strings. The length byte itself is not included in the length. A byte - * string of length 0 is invalid. No byte string may be truncated. - * - * The current, but experimental algorithm for selecting the protocol is: - * - * 1) If the server doesn't support NPN then this is indicated to the - * callback. In this case, the client application has to abort the connection - * or have a default application level protocol. - * - * 2) If the server supports NPN, but advertises an empty list then the - * client selects the first protcol in its list, but indicates via the - * API that this fallback case was enacted. - * - * 3) Otherwise, the client finds the first protocol in the server's list - * that it supports and selects this protocol. This is because it's - * assumed that the server has better information about which protocol - * a client should use. - * - * 4) If the client doesn't support any of the server's advertised - * protocols, then this is treated the same as case 2. - * - * It returns either |OPENSSL_NPN_NEGOTIATED| if a common protocol was found, or - * |OPENSSL_NPN_NO_OVERLAP| if the fallback case was reached. */ -OPENSSL_EXPORT int SSL_select_next_proto(uint8_t **out, uint8_t *out_len, - const uint8_t *server, - unsigned server_len, - const uint8_t *client, - unsigned client_len); - -#define OPENSSL_NPN_UNSUPPORTED 0 -#define OPENSSL_NPN_NEGOTIATED 1 -#define OPENSSL_NPN_NO_OVERLAP 2 - - -/* Channel ID. - * - * See draft-balfanz-tls-channelid-01. */ - -/* SSL_CTX_enable_tls_channel_id either configures a TLS server to accept TLS - * Channel IDs from clients, or configures a client to send TLS Channel IDs to - * a server. It returns one. */ -OPENSSL_EXPORT int SSL_CTX_enable_tls_channel_id(SSL_CTX *ctx); - -/* SSL_enable_tls_channel_id either configures a TLS server to accept TLS - * Channel IDs from clients, or configures a client to send TLS Channel IDs to - * server. It returns one. */ -OPENSSL_EXPORT int SSL_enable_tls_channel_id(SSL *ssl); - -/* SSL_CTX_set1_tls_channel_id configures a TLS client to send a TLS Channel ID - * to compatible servers. |private_key| must be a P-256 EC key. It returns one - * on success and zero on error. */ -OPENSSL_EXPORT int SSL_CTX_set1_tls_channel_id(SSL_CTX *ctx, - EVP_PKEY *private_key); - -/* SSL_set1_tls_channel_id configures a TLS client to send a TLS Channel ID to - * compatible servers. |private_key| must be a P-256 EC key. It returns one on - * success and zero on error. */ -OPENSSL_EXPORT int SSL_set1_tls_channel_id(SSL *ssl, EVP_PKEY *private_key); - -/* SSL_get_tls_channel_id gets the client's TLS Channel ID from a server |SSL*| - * and copies up to the first |max_out| bytes into |out|. The Channel ID - * consists of the client's P-256 public key as an (x,y) pair where each is a - * 32-byte, big-endian field element. It returns 0 if the client didn't offer a - * Channel ID and the length of the complete Channel ID otherwise. */ -OPENSSL_EXPORT size_t SSL_get_tls_channel_id(SSL *ssl, uint8_t *out, - size_t max_out); - -/* SSL_CTX_set_channel_id_cb sets a callback to be called when a TLS Channel ID - * is requested. The callback may set |*out_pkey| to a key, passing a reference - * to the caller. If none is returned, the handshake will pause and - * |SSL_get_error| will return |SSL_ERROR_WANT_CHANNEL_ID_LOOKUP|. - * - * See also |SSL_ERROR_WANT_CHANNEL_ID_LOOKUP|. */ -OPENSSL_EXPORT void SSL_CTX_set_channel_id_cb( - SSL_CTX *ctx, void (*channel_id_cb)(SSL *ssl, EVP_PKEY **out_pkey)); - -/* SSL_CTX_get_channel_id_cb returns the callback set by - * |SSL_CTX_set_channel_id_cb|. */ -OPENSSL_EXPORT void (*SSL_CTX_get_channel_id_cb(SSL_CTX *ctx))( - SSL *ssl, EVP_PKEY **out_pkey); - - -/* DTLS-SRTP. - * - * See RFC 5764. */ - -/* An SRTP_PROTECTION_PROFILE is an SRTP profile for use with the use_srtp - * extension. */ -struct srtp_protection_profile_st { - const char *name; - unsigned long id; -} /* SRTP_PROTECTION_PROFILE */; - -DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE) - -/* SRTP_* define constants for SRTP profiles. */ -#define SRTP_AES128_CM_SHA1_80 0x0001 -#define SRTP_AES128_CM_SHA1_32 0x0002 -#define SRTP_AES128_F8_SHA1_80 0x0003 -#define SRTP_AES128_F8_SHA1_32 0x0004 -#define SRTP_NULL_SHA1_80 0x0005 -#define SRTP_NULL_SHA1_32 0x0006 - -/* SSL_CTX_set_srtp_profiles enables SRTP for all SSL objects created from - * |ctx|. |profile| contains a colon-separated list of profile names. It returns - * one on success and zero on failure. */ -OPENSSL_EXPORT int SSL_CTX_set_srtp_profiles(SSL_CTX *ctx, - const char *profiles); - -/* SSL_set_srtp_profiles enables SRTP for |ssl|. |profile| contains a - * colon-separated list of profile names. It returns one on success and zero on - * failure. */ -OPENSSL_EXPORT int SSL_set_srtp_profiles(SSL *ssl, const char *profiles); - -/* SSL_get_srtp_profiles returns the SRTP profiles supported by |ssl|. */ -OPENSSL_EXPORT STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles( - SSL *ssl); - -/* SSL_get_selected_srtp_profile returns the selected SRTP profile, or NULL if - * SRTP was not negotiated. */ -OPENSSL_EXPORT const SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile( - SSL *ssl); - - -/* Pre-shared keys. - * - * Connections may be configured with PSK (Pre-Shared Key) cipher suites. These - * authenticate using out-of-band pre-shared keys rather than certificates. See - * RFC 4279. - * - * This implementation uses NUL-terminated C strings for identities and identity - * hints, so values with a NUL character are not supported. (RFC 4279 does not - * specify the format of an identity.) */ - -/* PSK_MAX_IDENTITY_LEN is the maximum supported length of a PSK identity, - * excluding the NUL terminator. */ -#define PSK_MAX_IDENTITY_LEN 128 - -/* PSK_MAX_PSK_LEN is the maximum supported length of a pre-shared key. */ -#define PSK_MAX_PSK_LEN 256 - -/* SSL_CTX_set_psk_client_callback sets the callback to be called when PSK is - * negotiated on the client. This callback must be set to enable PSK cipher - * suites on the client. - * - * The callback is passed the identity hint in |hint| or NULL if none was - * provided. It should select a PSK identity and write the identity and the - * corresponding PSK to |identity| and |psk|, respectively. The identity is - * written as a NUL-terminated C string of length (excluding the NUL terminator) - * at most |max_identity_len|. The PSK's length must be at most |max_psk_len|. - * The callback returns the length of the PSK or 0 if no suitable identity was - * found. */ -OPENSSL_EXPORT void SSL_CTX_set_psk_client_callback( - SSL_CTX *ctx, - unsigned (*psk_client_callback)( - SSL *ssl, const char *hint, char *identity, - unsigned max_identity_len, uint8_t *psk, unsigned max_psk_len)); - -/* SSL_set_psk_client_callback sets the callback to be called when PSK is - * negotiated on the client. This callback must be set to enable PSK cipher - * suites on the client. See also |SSL_CTX_set_psk_client_callback|. */ -OPENSSL_EXPORT void SSL_set_psk_client_callback( - SSL *ssl, unsigned (*psk_client_callback)(SSL *ssl, const char *hint, - char *identity, - unsigned max_identity_len, - uint8_t *psk, - unsigned max_psk_len)); - -/* SSL_CTX_set_psk_server_callback sets the callback to be called when PSK is - * negotiated on the server. This callback must be set to enable PSK cipher - * suites on the server. - * - * The callback is passed the identity in |identity|. It should write a PSK of - * length at most |max_psk_len| to |psk| and return the number of bytes written - * or zero if the PSK identity is unknown. */ -OPENSSL_EXPORT void SSL_CTX_set_psk_server_callback( - SSL_CTX *ctx, - unsigned (*psk_server_callback)(SSL *ssl, const char *identity, - uint8_t *psk, - unsigned max_psk_len)); - -/* SSL_set_psk_server_callback sets the callback to be called when PSK is - * negotiated on the server. This callback must be set to enable PSK cipher - * suites on the server. See also |SSL_CTX_set_psk_server_callback|. */ -OPENSSL_EXPORT void SSL_set_psk_server_callback( - SSL *ssl, - unsigned (*psk_server_callback)(SSL *ssl, const char *identity, - uint8_t *psk, - unsigned max_psk_len)); - -/* SSL_CTX_use_psk_identity_hint configures server connections to advertise an - * identity hint of |identity_hint|. It returns one on success and zero on - * error. */ -OPENSSL_EXPORT int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, - const char *identity_hint); - -/* SSL_use_psk_identity_hint configures server connections to advertise an - * identity hint of |identity_hint|. It returns one on success and zero on - * error. */ -OPENSSL_EXPORT int SSL_use_psk_identity_hint(SSL *ssl, - const char *identity_hint); - -/* SSL_get_psk_identity_hint returns the PSK identity hint advertised for |ssl| - * or NULL if there is none. */ -OPENSSL_EXPORT const char *SSL_get_psk_identity_hint(const SSL *ssl); - -/* SSL_get_psk_identity, after the handshake completes, returns the PSK identity - * that was negotiated by |ssl| or NULL if PSK was not used. */ -OPENSSL_EXPORT const char *SSL_get_psk_identity(const SSL *ssl); - - -/* ex_data functions. - * - * See |ex_data.h| for details. */ - -OPENSSL_EXPORT int SSL_set_ex_data(SSL *ssl, int idx, void *data); -OPENSSL_EXPORT void *SSL_get_ex_data(const SSL *ssl, int idx); -OPENSSL_EXPORT int SSL_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - -OPENSSL_EXPORT int SSL_SESSION_set_ex_data(SSL_SESSION *session, int idx, - void *data); -OPENSSL_EXPORT void *SSL_SESSION_get_ex_data(const SSL_SESSION *session, - int idx); -OPENSSL_EXPORT int SSL_SESSION_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - -OPENSSL_EXPORT int SSL_CTX_set_ex_data(SSL_CTX *ctx, int idx, void *data); -OPENSSL_EXPORT void *SSL_CTX_get_ex_data(const SSL_CTX *ctx, int idx); -OPENSSL_EXPORT int SSL_CTX_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - - -/* Obscure functions. */ - -/* SSL_get_rc4_state sets |*read_key| and |*write_key| to the RC4 states for - * the read and write directions. It returns one on success or zero if |ssl| - * isn't using an RC4-based cipher suite. */ -OPENSSL_EXPORT int SSL_get_rc4_state(const SSL *ssl, const RC4_KEY **read_key, - const RC4_KEY **write_key); - -/* SSL_get_structure_sizes returns the sizes of the SSL, SSL_CTX and - * SSL_SESSION structures so that a test can ensure that outside code agrees on - * these values. */ -OPENSSL_EXPORT void SSL_get_structure_sizes(size_t *ssl_size, - size_t *ssl_ctx_size, - size_t *ssl_session_size); - /* Underdocumented functions. * @@ -2252,14 +607,122 @@ OPENSSL_EXPORT void SSL_get_structure_sizes(size_t *ssl_size, #define SSL_SENT_SHUTDOWN 1 #define SSL_RECEIVED_SHUTDOWN 2 +#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1 +#define SSL_FILETYPE_PEM X509_FILETYPE_PEM + typedef struct ssl_protocol_method_st SSL_PROTOCOL_METHOD; +typedef struct ssl_session_st SSL_SESSION; +typedef struct tls_sigalgs_st TLS_SIGALGS; typedef struct ssl_conf_ctx_st SSL_CONF_CTX; typedef struct ssl3_enc_method SSL3_ENC_METHOD; +/* SRTP protection profiles for use with the use_srtp extension (RFC 5764). */ +typedef struct srtp_protection_profile_st { + const char *name; + unsigned long id; +} SRTP_PROTECTION_PROFILE; + +DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE) + +/* An SSL_SESSION represents an SSL session that may be resumed in an + * abbreviated handshake. */ +struct ssl_session_st { + int ssl_version; /* what ssl version session info is being kept in here? */ + + int master_key_length; + uint8_t master_key[SSL_MAX_MASTER_KEY_LENGTH]; + /* session_id - valid? */ + unsigned int session_id_length; + uint8_t session_id[SSL_MAX_SSL_SESSION_ID_LENGTH]; + /* this is used to determine whether the session is being reused in + * the appropriate context. It is up to the application to set this, + * via SSL_new */ + unsigned int sid_ctx_length; + uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH]; + + char *psk_identity; + /* Used to indicate that session resumption is not allowed. Applications can + * also set this bit for a new session via not_resumable_session_cb to + * disable session caching and tickets. */ + int not_resumable; + + /* The cert is the certificate used to establish this connection */ + struct sess_cert_st /* SESS_CERT */ *sess_cert; + + /* This is the cert for the other end. On clients, it will be the same as + * sess_cert->peer_key->x509 (the latter is not enough as sess_cert is not + * retained in the external representation of sessions, see ssl_asn1.c). */ + X509 *peer; + /* when app_verify_callback accepts a session where the peer's certificate is + * not ok, we must remember the error for session reuse: */ + long verify_result; /* only for servers */ + + CRYPTO_refcount_t references; + long timeout; + long time; + + const SSL_CIPHER *cipher; + + CRYPTO_EX_DATA ex_data; /* application specific data */ + + /* These are used to make removal of session-ids more efficient and to + * implement a maximum cache size. */ + SSL_SESSION *prev, *next; + char *tlsext_hostname; + /* RFC4507 info */ + uint8_t *tlsext_tick; /* Session ticket */ + size_t tlsext_ticklen; /* Session ticket length */ + uint32_t tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */ + + size_t tlsext_signed_cert_timestamp_list_length; + uint8_t *tlsext_signed_cert_timestamp_list; /* Server's list. */ + + /* The OCSP response that came with the session. */ + size_t ocsp_response_length; + uint8_t *ocsp_response; + + char peer_sha256_valid; /* Non-zero if peer_sha256 is valid */ + uint8_t + peer_sha256[SHA256_DIGEST_LENGTH]; /* SHA256 of peer certificate */ + + /* original_handshake_hash contains the handshake hash (either SHA-1+MD5 or + * SHA-2, depending on TLS version) for the original, full handshake that + * created a session. This is used by Channel IDs during resumption. */ + uint8_t original_handshake_hash[EVP_MAX_MD_SIZE]; + unsigned int original_handshake_hash_len; + + /* extended_master_secret is true if the master secret in this session was + * generated using EMS and thus isn't vulnerable to the Triple Handshake + * attack. */ + char extended_master_secret; +}; + + +/* Cert related flags */ +/* Many implementations ignore some aspects of the TLS standards such as + * enforcing certifcate chain algorithms. When this is set we enforce them. */ +#define SSL_CERT_FLAG_TLS_STRICT 0x00000001L + +/* Flags for building certificate chains */ +/* Treat any existing certificates as untrusted CAs */ +#define SSL_BUILD_CHAIN_FLAG_UNTRUSTED 0x1 +/* Don't include root CA in chain */ +#define SSL_BUILD_CHAIN_FLAG_NO_ROOT 0x2 +/* Just check certificates already there */ +#define SSL_BUILD_CHAIN_FLAG_CHECK 0x4 +/* Ignore verification errors */ +#define SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR 0x8 +/* Clear verification errors from queue */ +#define SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR 0x10 + /* SSL_set_mtu sets the |ssl|'s MTU in DTLS to |mtu|. It returns one on success * and zero on failure. */ OPENSSL_EXPORT int SSL_set_mtu(SSL *ssl, unsigned mtu); +/* SSL_get_secure_renegotiation_support returns one if the peer supports secure + * renegotiation (RFC 5746) and zero otherwise. */ +OPENSSL_EXPORT int SSL_get_secure_renegotiation_support(const SSL *ssl); + /* SSL_CTX_set_msg_callback installs |cb| as the message callback for |ctx|. * This callback will be called when sending or receiving low-level record * headers, complete handshake messages, ChangeCipherSpec, and alerts. @@ -2305,6 +768,26 @@ typedef struct ssl_aead_ctx_st SSL_AEAD_CTX; #define SSL_MAX_CERT_LIST_DEFAULT 1024 * 100 /* 100k max cert list */ +#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024 * 20) + +#define SSL_DEFAULT_SESSION_TIMEOUT (2 * 60 * 60) + +/* This callback type is used inside SSL_CTX, SSL, and in the functions that + * set them. It is used to override the generation of SSL/TLS session IDs in a + * server. Return value should be zero on an error, non-zero to proceed. Also, + * callbacks should themselves check if the id they generate is unique + * otherwise the SSL handshake will fail with an error - callbacks can do this + * using the 'ssl' value they're passed by; + * SSL_has_matching_session_id(ssl, id, *id_len) + * The length value passed in is set at the maximum size the session ID can be. + * In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback + * can alter this length to be less if desired, but under SSLv2 session IDs are + * supposed to be fixed at 16 bytes so the id will be padded after the callback + * returns in this case. It is also an error for the callback to set the size + * to zero. */ +typedef int (*GEN_SESSION_CB)(const SSL *ssl, uint8_t *id, + unsigned int *id_len); + /* ssl_early_callback_ctx is passed to certain callbacks that are called very * early on during the server handshake. At this point, much of the SSL* hasn't * been filled out and only the ClientHello can be depended on. */ @@ -2331,511 +814,6 @@ OPENSSL_EXPORT char SSL_early_callback_ctx_extension_get( const struct ssl_early_callback_ctx *ctx, uint16_t extension_type, const uint8_t **out_data, size_t *out_len); -OPENSSL_EXPORT void SSL_CTX_set_info_callback(SSL_CTX *ctx, - void (*cb)(const SSL *ssl, - int type, int val)); -OPENSSL_EXPORT void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl, - int type, - int val); -OPENSSL_EXPORT void SSL_CTX_set_client_cert_cb( - SSL_CTX *ctx, - int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)); -OPENSSL_EXPORT int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, - X509 **x509, - EVP_PKEY **pkey); -/* SSL_enable_signed_cert_timestamps causes |ssl| (which must be the client end - * of a connection) to request SCTs from the server. See - * https://tools.ietf.org/html/rfc6962. It returns one. */ -OPENSSL_EXPORT int SSL_enable_signed_cert_timestamps(SSL *ssl); - -/* SSL_CTX_enable_signed_cert_timestamps enables SCT requests on all client SSL - * objects created from |ctx|. */ -OPENSSL_EXPORT void SSL_CTX_enable_signed_cert_timestamps(SSL_CTX *ctx); - -/* SSL_enable_ocsp_stapling causes |ssl| (which must be the client end of a - * connection) to request a stapled OCSP response from the server. It returns - * one. */ -OPENSSL_EXPORT int SSL_enable_ocsp_stapling(SSL *ssl); - -/* SSL_CTX_enable_ocsp_stapling enables OCSP stapling on all client SSL objects - * created from |ctx|. */ -OPENSSL_EXPORT void SSL_CTX_enable_ocsp_stapling(SSL_CTX *ctx); - -/* SSL_get0_signed_cert_timestamp_list sets |*out| and |*out_len| to point to - * |*out_len| bytes of SCT information from the server. This is only valid if - * |ssl| is a client. The SCT information is a SignedCertificateTimestampList - * (including the two leading length bytes). - * See https://tools.ietf.org/html/rfc6962#section-3.3 - * If no SCT was received then |*out_len| will be zero on return. - * - * WARNING: the returned data is not guaranteed to be well formed. */ -OPENSSL_EXPORT void SSL_get0_signed_cert_timestamp_list(const SSL *ssl, - const uint8_t **out, - size_t *out_len); - -/* SSL_get0_ocsp_response sets |*out| and |*out_len| to point to |*out_len| - * bytes of an OCSP response from the server. This is the DER encoding of an - * OCSPResponse type as defined in RFC 2560. - * - * WARNING: the returned data is not guaranteed to be well formed. */ -OPENSSL_EXPORT void SSL_get0_ocsp_response(const SSL *ssl, const uint8_t **out, - size_t *out_len); - -/* SSL_set_reject_peer_renegotiations controls whether renegotiation attempts by - * the peer are rejected. It may be set at any point in a connection's lifetime - * to control future renegotiations programmatically. By default, renegotiations - * are rejected. (Renegotiations requested by a client are always rejected.) */ -OPENSSL_EXPORT void SSL_set_reject_peer_renegotiations(SSL *ssl, int reject); - -#define SSL_NOTHING 1 -#define SSL_WRITING 2 -#define SSL_READING 3 -#define SSL_X509_LOOKUP 4 -#define SSL_CHANNEL_ID_LOOKUP 5 -#define SSL_PENDING_SESSION 7 -#define SSL_CERTIFICATE_SELECTION_PENDING 8 -#define SSL_PRIVATE_KEY_OPERATION 9 - -/* These will only be used when doing non-blocking IO */ -#define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING) -#define SSL_want_read(s) (SSL_want(s) == SSL_READING) -#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING) -#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP) -#define SSL_want_channel_id_lookup(s) (SSL_want(s) == SSL_CHANNEL_ID_LOOKUP) -#define SSL_want_session(s) (SSL_want(s) == SSL_PENDING_SESSION) -#define SSL_want_certificate(s) \ - (SSL_want(s) == SSL_CERTIFICATE_SELECTION_PENDING) -#define SSL_want_private_key_operation(s) \ - (SSL_want(s) == SSL_PRIVATE_KEY_OPERATION) - -/* The following are the possible values for ssl->state are are used to - * indicate where we are up to in the SSL connection establishment. The macros - * that follow are about the only things you should need to use and even then, - * only when using non-blocking IO. It can also be useful to work out where you - * were when the connection failed */ - -#define SSL_ST_CONNECT 0x1000 -#define SSL_ST_ACCEPT 0x2000 -#define SSL_ST_MASK 0x0FFF -#define SSL_ST_INIT (SSL_ST_CONNECT | SSL_ST_ACCEPT) -#define SSL_ST_OK 0x03 -#define SSL_ST_RENEGOTIATE (0x04 | SSL_ST_INIT) - -#define SSL_CB_LOOP 0x01 -#define SSL_CB_EXIT 0x02 -#define SSL_CB_READ 0x04 -#define SSL_CB_WRITE 0x08 -#define SSL_CB_ALERT 0x4000 /* used in callback */ -#define SSL_CB_READ_ALERT (SSL_CB_ALERT | SSL_CB_READ) -#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT | SSL_CB_WRITE) -#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT | SSL_CB_LOOP) -#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT | SSL_CB_EXIT) -#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT | SSL_CB_LOOP) -#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT | SSL_CB_EXIT) -#define SSL_CB_HANDSHAKE_START 0x10 -#define SSL_CB_HANDSHAKE_DONE 0x20 - -/* Is the SSL_connection established? */ -#define SSL_get_state(a) SSL_state(a) -#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK) -#define SSL_in_init(a) (SSL_state(a) & SSL_ST_INIT) -#define SSL_in_connect_init(a) (SSL_state(a) & SSL_ST_CONNECT) -#define SSL_in_accept_init(a) (SSL_state(a) & SSL_ST_ACCEPT) - -/* SSL_in_false_start returns one if |s| has a pending unfinished handshake that - * is in False Start. |SSL_write| may be called at this point without waiting - * for the peer, but |SSL_read| will require the handshake to be completed. */ -OPENSSL_EXPORT int SSL_in_false_start(const SSL *s); - -/* Obtain latest Finished message - * -- that we sent (SSL_get_finished) - * -- that we expected from peer (SSL_get_peer_finished). - * Returns length (0 == no Finished so far), copies up to 'count' bytes. */ -OPENSSL_EXPORT size_t SSL_get_finished(const SSL *s, void *buf, size_t count); -OPENSSL_EXPORT size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count); - -#define d2i_SSL_SESSION_bio(bp, s_id) \ - ASN1_d2i_bio_of(SSL_SESSION, SSL_SESSION_new, d2i_SSL_SESSION, bp, s_id) -#define i2d_SSL_SESSION_bio(bp, s_id) \ - ASN1_i2d_bio_of(SSL_SESSION, i2d_SSL_SESSION, bp, s_id) - -DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) - -/* make_errors.go reserves error codes above 1000 for manually-assigned errors. - * This value must be kept in sync with reservedReasonCode in make_errors.h */ -#define SSL_AD_REASON_OFFSET \ - 1000 /* offset to get SSL_R_... value from SSL_AD_... */ - -/* These alert types are for SSLv3 and TLSv1 */ -#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY -#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */ -#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */ -#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED -#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW -#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE /* fatal */ -#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE /* fatal */ -#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */ -#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE -#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE -#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED -#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED -#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN -#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */ -#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */ -#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */ -#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */ -#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR -#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION /* fatal */ -#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */ -#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY /* fatal */ -#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */ -#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED -#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION -#define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION -#define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE -#define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME -#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE \ - TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE -#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE -#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */ -#define SSL_AD_INAPPROPRIATE_FALLBACK SSL3_AD_INAPPROPRIATE_FALLBACK /* fatal */ - -/* DTLSv1_get_timeout queries the next DTLS handshake timeout. If there is a - * timeout in progress, it sets |*out| to the time remaining and returns one. - * Otherwise, it returns zero. - * - * When the timeout expires, call |DTLSv1_handle_timeout| to handle the - * retransmit behavior. - * - * NOTE: This function must be queried again whenever the handshake state - * machine changes, including when |DTLSv1_handle_timeout| is called. */ -OPENSSL_EXPORT int DTLSv1_get_timeout(const SSL *ssl, struct timeval *out); - -/* DTLSv1_handle_timeout is called when a DTLS handshake timeout expires. If no - * timeout had expired, it returns 0. Otherwise, it retransmits the previous - * flight of handshake messages and returns 1. If too many timeouts had expired - * without progress or an error occurs, it returns -1. - * - * NOTE: The caller's external timer should be compatible with the one |ssl| - * queries within some fudge factor. Otherwise, the call will be a no-op, but - * |DTLSv1_get_timeout| will return an updated timeout. - * - * WARNING: This function breaks the usual return value convention. */ -OPENSSL_EXPORT int DTLSv1_handle_timeout(SSL *ssl); - -/* SSL_total_renegotiations returns the total number of renegotiation handshakes - * peformed by |ssl|. This includes the pending renegotiation, if any. */ -OPENSSL_EXPORT int SSL_total_renegotiations(const SSL *ssl); - -/* SSL_get0_certificate_types, for a client, sets |*out_types| to an array - * containing the client certificate types requested by a server. It returns the - * length of the array. */ -OPENSSL_EXPORT size_t SSL_get0_certificate_types(SSL *ssl, - const uint8_t **out_types); - -OPENSSL_EXPORT int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str); -OPENSSL_EXPORT int SSL_CTX_set_cipher_list_tls10(SSL_CTX *, const char *str); -OPENSSL_EXPORT int SSL_CTX_set_cipher_list_tls11(SSL_CTX *, const char *str); -OPENSSL_EXPORT int SSL_want(const SSL *s); - -OPENSSL_EXPORT int SSL_get_fd(const SSL *s); -OPENSSL_EXPORT int SSL_get_rfd(const SSL *s); -OPENSSL_EXPORT int SSL_get_wfd(const SSL *s); -OPENSSL_EXPORT const char *SSL_get_cipher_list(const SSL *s, int n); -OPENSSL_EXPORT int SSL_pending(const SSL *s); -OPENSSL_EXPORT int SSL_set_fd(SSL *s, int fd); -OPENSSL_EXPORT int SSL_set_rfd(SSL *s, int fd); -OPENSSL_EXPORT int SSL_set_wfd(SSL *s, int fd); -OPENSSL_EXPORT int SSL_set_cipher_list(SSL *s, const char *str); - -OPENSSL_EXPORT const char *SSL_state_string(const SSL *s); -OPENSSL_EXPORT const char *SSL_state_string_long(const SSL *s); - -OPENSSL_EXPORT int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses); -OPENSSL_EXPORT int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses); - -OPENSSL_EXPORT STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s); - -/* SSL_renegotiate_pending returns one if |ssl| is in the middle of a - * renegotiation. */ -OPENSSL_EXPORT int SSL_renegotiate_pending(SSL *ssl); - -OPENSSL_EXPORT const char *SSL_alert_type_string_long(int value); -OPENSSL_EXPORT const char *SSL_alert_type_string(int value); -OPENSSL_EXPORT const char *SSL_alert_desc_string_long(int value); -OPENSSL_EXPORT const char *SSL_alert_desc_string(int value); - -OPENSSL_EXPORT void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode); -OPENSSL_EXPORT int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx); -OPENSSL_EXPORT void SSL_set_quiet_shutdown(SSL *ssl, int mode); -OPENSSL_EXPORT int SSL_get_quiet_shutdown(const SSL *ssl); -OPENSSL_EXPORT void SSL_set_shutdown(SSL *ssl, int mode); -OPENSSL_EXPORT int SSL_get_shutdown(const SSL *ssl); -OPENSSL_EXPORT SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl); -OPENSSL_EXPORT SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx); -OPENSSL_EXPORT void SSL_set_info_callback(SSL *ssl, - void (*cb)(const SSL *ssl, int type, - int val)); -OPENSSL_EXPORT void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, - int type, int val); -OPENSSL_EXPORT int SSL_state(const SSL *ssl); - -/* SSL_CTX_get_max_cert_list returns the maximum length, in bytes, of a peer - * certificate chain accepted by |ctx|. */ -OPENSSL_EXPORT size_t SSL_CTX_get_max_cert_list(const SSL_CTX *ctx); - -/* SSL_CTX_set_max_cert_list sets the maximum length, in bytes, of a peer - * certificate chain to |max_cert_list|. This affects how much memory may be - * consumed during the handshake. */ -OPENSSL_EXPORT void SSL_CTX_set_max_cert_list(SSL_CTX *ctx, - size_t max_cert_list); - -/* SSL_get_max_cert_list returns the maximum length, in bytes, of a peer - * certificate chain accepted by |ssl|. */ -OPENSSL_EXPORT size_t SSL_get_max_cert_list(const SSL *ssl); - -/* SSL_set_max_cert_list sets the maximum length, in bytes, of a peer - * certificate chain to |max_cert_list|. This affects how much memory may be - * consumed during the handshake. */ -OPENSSL_EXPORT void SSL_set_max_cert_list(SSL *ssl, size_t max_cert_list); - -/* SSL_CTX_set_max_send_fragment sets the maximum length, in bytes, of records - * sent by |ctx|. Beyond this length, handshake messages and application data - * will be split into multiple records. */ -OPENSSL_EXPORT void SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, - size_t max_send_fragment); - -/* SSL_set_max_send_fragment sets the maximum length, in bytes, of records - * sent by |ssl|. Beyond this length, handshake messages and application data - * will be split into multiple records. */ -OPENSSL_EXPORT void SSL_set_max_send_fragment(SSL *ssl, - size_t max_send_fragment); - -/* SSL_CTX_set_dos_protection_cb sets a callback that is called once the - * resumption decision for a ClientHello has been made. It can return 1 to - * allow the handshake to continue or zero to cause the handshake to abort. */ -OPENSSL_EXPORT void SSL_CTX_set_dos_protection_cb( - SSL_CTX *ctx, int (*cb)(const struct ssl_early_callback_ctx *)); - - -/* Deprecated functions. */ - -/* SSL_CIPHER_description writes a description of |cipher| into |buf| and - * returns |buf|. If |buf| is NULL, it returns a newly allocated string, to be - * freed with |OPENSSL_free|, or NULL on error. - * - * The description includes a trailing newline and has the form: - * AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1 - * - * Consider |SSL_CIPHER_get_name| or |SSL_CIPHER_get_rfc_name| instead. */ -OPENSSL_EXPORT const char *SSL_CIPHER_description(const SSL_CIPHER *cipher, - char *buf, int len); - -/* SSL_CIPHER_get_version returns the string "TLSv1/SSLv3". */ -OPENSSL_EXPORT const char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher); - -typedef void COMP_METHOD; - -/* SSL_COMP_get_compression_methods returns NULL. */ -OPENSSL_EXPORT COMP_METHOD *SSL_COMP_get_compression_methods(void); - -/* SSL_COMP_add_compression_method returns one. */ -OPENSSL_EXPORT int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm); - -/* SSL_COMP_get_name returns NULL. */ -OPENSSL_EXPORT const char *SSL_COMP_get_name(const COMP_METHOD *comp); - -/* SSLv23_method calls |TLS_method|. */ -OPENSSL_EXPORT const SSL_METHOD *SSLv23_method(void); - -/* Version-specific methods behave exactly like |TLS_method| and |DTLS_method| - * except they also call |SSL_CTX_set_min_version| and |SSL_CTX_set_max_version| - * to lock connections to that protocol version. */ -OPENSSL_EXPORT const SSL_METHOD *SSLv3_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_1_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_2_method(void); -OPENSSL_EXPORT const SSL_METHOD *DTLSv1_method(void); -OPENSSL_EXPORT const SSL_METHOD *DTLSv1_2_method(void); - -/* Client- and server-specific methods call their corresponding generic - * methods. */ -OPENSSL_EXPORT const SSL_METHOD *SSLv23_server_method(void); -OPENSSL_EXPORT const SSL_METHOD *SSLv23_client_method(void); -OPENSSL_EXPORT const SSL_METHOD *SSLv3_server_method(void); -OPENSSL_EXPORT const SSL_METHOD *SSLv3_client_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_server_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_client_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_1_server_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_1_client_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_2_server_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_2_client_method(void); -OPENSSL_EXPORT const SSL_METHOD *DTLS_server_method(void); -OPENSSL_EXPORT const SSL_METHOD *DTLS_client_method(void); -OPENSSL_EXPORT const SSL_METHOD *DTLSv1_server_method(void); -OPENSSL_EXPORT const SSL_METHOD *DTLSv1_client_method(void); -OPENSSL_EXPORT const SSL_METHOD *DTLSv1_2_server_method(void); -OPENSSL_EXPORT const SSL_METHOD *DTLSv1_2_client_method(void); - -/* SSL_clear resets |ssl| to allow another connection and returns one on success - * or zero on failure. It returns most configuration state but releases memory - * associated with the current connection. - * - * Free |ssl| and create a new one instead. */ -OPENSSL_EXPORT int SSL_clear(SSL *ssl); - -/* SSL_CTX_set_tmp_rsa_callback does nothing. */ -OPENSSL_EXPORT void SSL_CTX_set_tmp_rsa_callback( - SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export, int keylength)); - -/* SSL_set_tmp_rsa_callback does nothing. */ -OPENSSL_EXPORT void SSL_set_tmp_rsa_callback(SSL *ssl, - RSA *(*cb)(SSL *ssl, int is_export, - int keylength)); - -/* SSL_CTX_sess_connect returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_connect(const SSL_CTX *ctx); - -/* SSL_CTX_sess_connect_good returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_connect_good(const SSL_CTX *ctx); - -/* SSL_CTX_sess_connect_renegotiate returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_connect_renegotiate(const SSL_CTX *ctx); - -/* SSL_CTX_sess_accept returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_accept(const SSL_CTX *ctx); - -/* SSL_CTX_sess_accept_renegotiate returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_accept_renegotiate(const SSL_CTX *ctx); - -/* SSL_CTX_sess_accept_good returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_accept_good(const SSL_CTX *ctx); - -/* SSL_CTX_sess_hits returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_hits(const SSL_CTX *ctx); - -/* SSL_CTX_sess_cb_hits returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_cb_hits(const SSL_CTX *ctx); - -/* SSL_CTX_sess_misses returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_misses(const SSL_CTX *ctx); - -/* SSL_CTX_sess_timeouts returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_timeouts(const SSL_CTX *ctx); - -/* SSL_CTX_sess_cache_full returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_cache_full(const SSL_CTX *ctx); - -/* SSL_cutthrough_complete calls |SSL_in_false_start|. */ -OPENSSL_EXPORT int SSL_cutthrough_complete(const SSL *s); - -/* SSL_num_renegotiations calls |SSL_total_renegotiations|. */ -OPENSSL_EXPORT int SSL_num_renegotiations(const SSL *ssl); - -/* SSL_CTX_need_tmp_RSA returns zero. */ -OPENSSL_EXPORT int SSL_CTX_need_tmp_RSA(const SSL_CTX *ctx); - -/* SSL_need_tmp_RSA returns zero. */ -OPENSSL_EXPORT int SSL_need_tmp_RSA(const SSL *ssl); - -/* SSL_CTX_set_tmp_rsa returns one. */ -OPENSSL_EXPORT int SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, const RSA *rsa); - -/* SSL_set_tmp_rsa returns one. */ -OPENSSL_EXPORT int SSL_set_tmp_rsa(SSL *ssl, const RSA *rsa); - -/* SSL_CTX_get_read_ahead returns zero. */ -OPENSSL_EXPORT int SSL_CTX_get_read_ahead(const SSL_CTX *ctx); - -/* SSL_CTX_set_read_ahead does nothing. */ -OPENSSL_EXPORT void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes); - -/* SSL_get_read_ahead returns zero. */ -OPENSSL_EXPORT int SSL_get_read_ahead(const SSL *s); - -/* SSL_set_read_ahead does nothing. */ -OPENSSL_EXPORT void SSL_set_read_ahead(SSL *s, int yes); - -/* SSL_renegotiate put an error on the error queue and returns zero. */ -OPENSSL_EXPORT int SSL_renegotiate(SSL *ssl); - -/* SSL_set_state does nothing. */ -OPENSSL_EXPORT void SSL_set_state(SSL *ssl, int state); - -/* SSL_MODE_HANDSHAKE_CUTTHROUGH is the same as SSL_MODE_ENABLE_FALSE_START. */ -#define SSL_MODE_HANDSHAKE_CUTTHROUGH SSL_MODE_ENABLE_FALSE_START - -/* i2d_SSL_SESSION serializes |in| to the bytes pointed to by |*pp|. On success, - * it returns the number of bytes written and advances |*pp| by that many bytes. - * On failure, it returns -1. If |pp| is NULL, no bytes are written and only the - * length is returned. - * - * Use |SSL_SESSION_to_bytes| instead. */ -OPENSSL_EXPORT int i2d_SSL_SESSION(SSL_SESSION *in, uint8_t **pp); - -/* d2i_SSL_SESSION parses a serialized session from the |length| bytes pointed - * to by |*pp|. It returns the new |SSL_SESSION| and advances |*pp| by the - * number of bytes consumed on success and NULL on failure. The caller takes - * ownership of the new session and must call |SSL_SESSION_free| when done. - * - * If |a| is non-NULL, |*a| is released and set the new |SSL_SESSION|. - * - * Use |SSL_SESSION_from_bytes| instead. */ -OPENSSL_EXPORT SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const uint8_t **pp, - long length); - -/* ERR_load_SSL_strings does nothing. */ -OPENSSL_EXPORT void ERR_load_SSL_strings(void); - -/* SSL_load_error_strings does nothing. */ -OPENSSL_EXPORT void SSL_load_error_strings(void); - -/* SSL_CTX_set_tlsext_use_srtp calls |SSL_CTX_set_srtp_profiles|. It returns - * zero on success and one on failure. - * - * WARNING: this function is dangerous because it breaks the usual return value - * convention. Use |SSL_CTX_set_srtp_profiles| instead. */ -OPENSSL_EXPORT int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, - const char *profiles); - -/* SSL_set_tlsext_use_srtp calls |SSL_set_srtp_profiles|. It returns zero on - * success and one on failure. - * - * WARNING: this function is dangerous because it breaks the usual return value - * convention. Use |SSL_set_srtp_profiles| instead. */ -OPENSSL_EXPORT int SSL_set_tlsext_use_srtp(SSL *ssl, const char *profiles); - -/* SSL_get_current_compression returns NULL. */ -OPENSSL_EXPORT const COMP_METHOD *SSL_get_current_compression(SSL *s); - -/* SSL_get_current_expansion returns NULL. */ -OPENSSL_EXPORT const COMP_METHOD *SSL_get_current_expansion(SSL *s); - -#define SSL_set_app_data(s, arg) (SSL_set_ex_data(s, 0, (char *)arg)) -#define SSL_get_app_data(s) (SSL_get_ex_data(s, 0)) -#define SSL_SESSION_set_app_data(s, a) \ - (SSL_SESSION_set_ex_data(s, 0, (char *)a)) -#define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s, 0)) -#define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx, 0)) -#define SSL_CTX_set_app_data(ctx, arg) \ - (SSL_CTX_set_ex_data(ctx, 0, (char *)arg)) - -#define OpenSSL_add_ssl_algorithms() SSL_library_init() -#define SSLeay_add_ssl_algorithms() SSL_library_init() - -#define SSL_get_cipher(ssl) SSL_CIPHER_get_name(SSL_get_current_cipher(ssl)) -#define SSL_get_cipher_bits(ssl, out_alg_bits) \ - SSL_CIPHER_get_bits(SSL_get_current_cipher(ssl), out_alg_bits) -#define SSL_get_cipher_version(ssl) \ - SSL_CIPHER_get_version(SSL_get_current_cipher(ssl)) -#define SSL_get_cipher_name(ssl) \ - SSL_CIPHER_get_name(SSL_get_current_cipher(ssl)) -#define SSL_get_time(session) SSL_SESSION_get_time(session) -#define SSL_set_time(session, time) SSL_SESSION_set_time((session), (time)) -#define SSL_get_timeout(session) SSL_SESSION_get_timeout(session) -#define SSL_set_timeout(session, timeout) \ - SSL_SESSION_set_timeout((session), (timeout)) - typedef struct ssl_comp_st SSL_COMP; struct ssl_comp_st { @@ -2845,165 +823,7 @@ struct ssl_comp_st { }; DECLARE_STACK_OF(SSL_COMP) - -/* The following flags toggle individual protocol versions. This is deprecated. - * Use |SSL_CTX_set_min_version| and |SSL_CTX_set_max_version| instead. */ -#define SSL_OP_NO_SSLv3 0x02000000L -#define SSL_OP_NO_TLSv1 0x04000000L -#define SSL_OP_NO_TLSv1_2 0x08000000L -#define SSL_OP_NO_TLSv1_1 0x10000000L -#define SSL_OP_NO_DTLSv1 SSL_OP_NO_TLSv1 -#define SSL_OP_NO_DTLSv1_2 SSL_OP_NO_TLSv1_2 - -/* The following flags do nothing and are included only to make it easier to - * compile code with BoringSSL. */ -#define SSL_MODE_AUTO_RETRY 0 -#define SSL_MODE_RELEASE_BUFFERS 0 -#define SSL_MODE_SEND_CLIENTHELLO_TIME 0 -#define SSL_MODE_SEND_SERVERHELLO_TIME 0 -#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0 -#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0 -#define SSL_OP_EPHEMERAL_RSA 0 -#define SSL_OP_MICROSOFT_SESS_ID_BUG 0 -#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0 -#define SSL_OP_NETSCAPE_CA_DN_BUG 0 -#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0 -#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0 -#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0 -#define SSL_OP_NO_COMPRESSION 0 -#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0 -#define SSL_OP_NO_SSLv2 0 -#define SSL_OP_PKCS1_CHECK_1 0 -#define SSL_OP_PKCS1_CHECK_2 0 -#define SSL_OP_SINGLE_DH_USE 0 -#define SSL_OP_SINGLE_ECDH_USE 0 -#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0 -#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0 -#define SSL_OP_TLS_BLOCK_PADDING_BUG 0 -#define SSL_OP_TLS_ROLLBACK_BUG 0 -#define SSL_VERIFY_CLIENT_ONCE 0 - -/* SSL_cache_hit calls |SSL_session_resumed|. */ -OPENSSL_EXPORT int SSL_cache_hit(SSL *ssl); - -/* SSL_get_default_timeout returns |SSL_DEFAULT_SESSION_TIMEOUT|. */ -OPENSSL_EXPORT long SSL_get_default_timeout(const SSL *ssl); - -/* SSL_get_version returns a string describing the TLS version used by |ssl|. - * For example, "TLSv1.2" or "SSLv3". */ -OPENSSL_EXPORT const char *SSL_get_version(const SSL *ssl); - - -/* Private structures. - * - * This structures are exposed for historical reasons, but access to them is - * deprecated. */ - -struct ssl_cipher_st { - /* name is the OpenSSL name for the cipher. */ - const char *name; - /* id is the cipher suite value bitwise OR-d with 0x03000000. */ - uint32_t id; - - /* The following are internal fields. See ssl/internal.h for their values. */ - - uint32_t algorithm_mkey; - uint32_t algorithm_auth; - uint32_t algorithm_enc; - uint32_t algorithm_mac; - uint32_t algorithm_ssl; - uint32_t algo_strength; - uint32_t algorithm_prf; - - /* strength_bits is the strength of the cipher in bits. */ - int strength_bits; - /* alg_bits is the number of bits of key material used by the algorithm. */ - int alg_bits; -}; - -struct ssl_session_st { - int ssl_version; /* what ssl version session info is being kept in here? */ - - int master_key_length; - uint8_t master_key[SSL_MAX_MASTER_KEY_LENGTH]; - /* session_id - valid? */ - unsigned int session_id_length; - uint8_t session_id[SSL_MAX_SSL_SESSION_ID_LENGTH]; - /* this is used to determine whether the session is being reused in - * the appropriate context. It is up to the application to set this, - * via SSL_new */ - unsigned int sid_ctx_length; - uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH]; - - char *psk_identity; - /* Used to indicate that session resumption is not allowed. Applications can - * also set this bit for a new session via not_resumable_session_cb to - * disable session caching and tickets. */ - int not_resumable; - - /* peer is the peer's certificate. */ - X509 *peer; - - /* cert_chain is the certificate chain sent by the peer. NOTE: for historical - * reasons, when a client (so the peer is a server), the chain includes - * |peer|, but when a server it does not. */ - STACK_OF(X509) *cert_chain; - - /* when app_verify_callback accepts a session where the peer's certificate is - * not ok, we must remember the error for session reuse: */ - long verify_result; /* only for servers */ - - CRYPTO_refcount_t references; - long timeout; - long time; - - const SSL_CIPHER *cipher; - - /* key_exchange_info contains an indication of the size of the asymmetric - * primitive used in the handshake that created this session. In the event - * that two asymmetric operations are used, this value applies to the one - * that controls the confidentiality of the connection. Its interpretation - * depends on the primitive that was used; as specified by the cipher suite: - * DHE: the size, in bits, of the multiplicative group. - * RSA: the size, in bits, of the modulus. - * ECDHE: the TLS id for the curve. - * - * A zero indicates that the value is unknown. */ - uint32_t key_exchange_info; - - CRYPTO_EX_DATA ex_data; /* application specific data */ - - /* These are used to make removal of session-ids more efficient and to - * implement a maximum cache size. */ - SSL_SESSION *prev, *next; - char *tlsext_hostname; - /* RFC4507 info */ - uint8_t *tlsext_tick; /* Session ticket */ - size_t tlsext_ticklen; /* Session ticket length */ - uint32_t tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */ - - size_t tlsext_signed_cert_timestamp_list_length; - uint8_t *tlsext_signed_cert_timestamp_list; /* Server's list. */ - - /* The OCSP response that came with the session. */ - size_t ocsp_response_length; - uint8_t *ocsp_response; - - char peer_sha256_valid; /* Non-zero if peer_sha256 is valid */ - uint8_t - peer_sha256[SHA256_DIGEST_LENGTH]; /* SHA256 of peer certificate */ - - /* original_handshake_hash contains the handshake hash (either SHA-1+MD5 or - * SHA-2, depending on TLS version) for the original, full handshake that - * created a session. This is used by Channel IDs during resumption. */ - uint8_t original_handshake_hash[EVP_MAX_MD_SIZE]; - unsigned int original_handshake_hash_len; - - /* extended_master_secret is true if the master secret in this session was - * generated using EMS and thus isn't vulnerable to the Triple Handshake - * attack. */ - char extended_master_secret; -}; +DECLARE_LHASH_OF(SSL_SESSION) /* ssl_cipher_preference_list_st contains a list of SSL_CIPHERs with * equal-preference groups. For TLS clients, the groups are moot because the @@ -3058,17 +878,6 @@ struct ssl_ctx_st { struct ssl_cipher_preference_list_st *cipher_list; /* same as above but sorted for lookup */ STACK_OF(SSL_CIPHER) *cipher_list_by_id; - - /* cipher_list_tls10 is the list of ciphers when TLS 1.0 or greater is in - * use. This only applies to server connections as, for clients, the version - * number is known at connect time and so the cipher list can be set then. If - * |cipher_list_tls11| is non-NULL then this applies only to TLS 1.0 - * connections. - * - * TODO(agl): this exists to assist in the death of SSLv3. It can hopefully - * be removed after that. */ - struct ssl_cipher_preference_list_st *cipher_list_tls10; - /* cipher_list_tls11 is the list of ciphers when TLS 1.1 or greater is in * use. This only applies to server connections as, for clients, the version * number is known at connect time and so the cipher list can be set then. */ @@ -3112,8 +921,10 @@ struct ssl_ctx_st { CRYPTO_refcount_t references; /* if defined, these override the X509_verify_cert() calls */ - int (*app_verify_callback)(X509_STORE_CTX *store_ctx, void *arg); + int (*app_verify_callback)(X509_STORE_CTX *, void *); void *app_verify_arg; + /* before OpenSSL 0.9.7, 'app_verify_arg' was ignored ('app_verify_callback' + * was called with just one argument) */ /* Default password callback. */ pem_password_cb *default_passwd_callback; @@ -3125,14 +936,12 @@ struct ssl_ctx_st { int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey); /* get channel id callback */ - void (*channel_id_cb)(SSL *ssl, EVP_PKEY **out_pkey); + void (*channel_id_cb)(SSL *ssl, EVP_PKEY **pkey); CRYPTO_EX_DATA ex_data; - /* custom_*_extensions stores any callback sets for custom extensions. Note - * that these pointers will be NULL if the stack would otherwise be empty. */ - STACK_OF(SSL_CUSTOM_EXTENSION) *client_custom_extensions; - STACK_OF(SSL_CUSTOM_EXTENSION) *server_custom_extensions; + STACK_OF(X509) *extra_certs; + /* Default values used when no per-SSL value is defined follow */ @@ -3193,7 +1002,7 @@ struct ssl_ctx_st { int (*tlsext_servername_callback)(SSL *, int *, void *); void *tlsext_servername_arg; /* RFC 4507 session ticket keys */ - uint8_t tlsext_tick_key_name[SSL_TICKET_KEY_NAME_LEN]; + uint8_t tlsext_tick_key_name[16]; uint8_t tlsext_tick_hmac_key[16]; uint8_t tlsext_tick_aes_key[16]; /* Callback to support customisation of ticket key setting */ @@ -3222,13 +1031,13 @@ struct ssl_ctx_st { /* For a server, this contains a callback function by which the set of * advertised protocols can be provided. */ - int (*next_protos_advertised_cb)(SSL *ssl, const uint8_t **out, - unsigned *out_len, void *arg); + int (*next_protos_advertised_cb)(SSL *s, const uint8_t **buf, + unsigned int *len, void *arg); void *next_protos_advertised_cb_arg; /* For a client, this contains a callback function that selects the * next protocol from the list provided by the server. */ - int (*next_proto_select_cb)(SSL *ssl, uint8_t **out, uint8_t *out_len, - const uint8_t *in, unsigned in_len, void *arg); + int (*next_proto_select_cb)(SSL *s, uint8_t **out, uint8_t *outlen, + const uint8_t *in, unsigned int inlen, void *arg); void *next_proto_select_cb_arg; /* ALPN information @@ -3242,8 +1051,8 @@ struct ssl_ctx_st { * in: points to the client's list of supported protocols in * wire-format. * inlen: the length of |in|. */ - int (*alpn_select_cb)(SSL *s, const uint8_t **out, uint8_t *out_len, - const uint8_t *in, unsigned in_len, void *arg); + int (*alpn_select_cb)(SSL *s, const uint8_t **out, uint8_t *outlen, + const uint8_t *in, unsigned int inlen, void *arg); void *alpn_select_cb_arg; /* For a client, this contains the list of supported protocols in wire @@ -3255,29 +1064,27 @@ struct ssl_ctx_st { STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; /* EC extension values inherited by SSL structure */ + size_t tlsext_ecpointformatlist_length; + uint8_t *tlsext_ecpointformatlist; size_t tlsext_ellipticcurvelist_length; uint16_t *tlsext_ellipticcurvelist; /* If true, a client will advertise the Channel ID extension and a server * will echo it. */ char tlsext_channel_id_enabled; + /* tlsext_channel_id_enabled_new is a hack to support both old and new + * ChannelID signatures. It indicates that a client should advertise the new + * ChannelID extension number. */ + char tlsext_channel_id_enabled_new; /* The client's Channel ID private key. */ EVP_PKEY *tlsext_channel_id_private; /* If true, a client will request certificate timestamps. */ char signed_cert_timestamps_enabled; - /* Signed certificate timestamp list to be sent to the client, if requested */ - uint8_t *signed_cert_timestamp_list; - size_t signed_cert_timestamp_list_length; - /* If true, a client will request a stapled OCSP response. */ char ocsp_stapling_enabled; - /* OCSP response to be sent to the client, if requested. */ - uint8_t *ocsp_response; - size_t ocsp_response_length; - /* If not NULL, session key material will be logged to this BIO for debugging * purposes. The format matches NSS's and is readable by Wireshark. */ BIO *keylog_bio; @@ -3287,6 +1094,193 @@ struct ssl_ctx_st { void (*current_time_cb)(const SSL *ssl, struct timeval *out_clock); }; +OPENSSL_EXPORT LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx); + +/* SSL_CTX_sess_number returns the number of sessions in |ctx|'s internal + * session cache. */ +OPENSSL_EXPORT size_t SSL_CTX_sess_number(const SSL_CTX *ctx); + +OPENSSL_EXPORT void SSL_CTX_sess_set_new_cb( + SSL_CTX *ctx, int (*new_session_cb)(SSL *ssl, SSL_SESSION *sess)); +OPENSSL_EXPORT int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(SSL *ssl, + SSL_SESSION *sess); +OPENSSL_EXPORT void SSL_CTX_sess_set_remove_cb( + SSL_CTX *ctx, + void (*remove_session_cb)(SSL_CTX *ctx, SSL_SESSION *sess)); +OPENSSL_EXPORT void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))( + SSL_CTX *ctx, SSL_SESSION *sess); +OPENSSL_EXPORT void SSL_CTX_sess_set_get_cb( + SSL_CTX *ctx, + SSL_SESSION *(*get_session_cb)(SSL *ssl, uint8_t *data, int len, + int *copy)); +OPENSSL_EXPORT SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))( + SSL *ssl, uint8_t *data, int len, int *copy); +/* SSL_magic_pending_session_ptr returns a magic SSL_SESSION* which indicates + * that the session isn't currently unavailable. SSL_get_error will then return + * SSL_ERROR_PENDING_SESSION and the handshake can be retried later when the + * lookup has completed. */ +OPENSSL_EXPORT SSL_SESSION *SSL_magic_pending_session_ptr(void); +OPENSSL_EXPORT void SSL_CTX_set_info_callback(SSL_CTX *ctx, + void (*cb)(const SSL *ssl, + int type, int val)); +OPENSSL_EXPORT void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl, + int type, + int val); +OPENSSL_EXPORT void SSL_CTX_set_client_cert_cb( + SSL_CTX *ctx, + int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)); +OPENSSL_EXPORT int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, + X509 **x509, + EVP_PKEY **pkey); +OPENSSL_EXPORT void SSL_CTX_set_channel_id_cb( + SSL_CTX *ctx, void (*channel_id_cb)(SSL *ssl, EVP_PKEY **pkey)); +OPENSSL_EXPORT void (*SSL_CTX_get_channel_id_cb(SSL_CTX *ctx))(SSL *ssl, + EVP_PKEY **pkey); + +/* SSL_enable_signed_cert_timestamps causes |ssl| (which must be the client end + * of a connection) to request SCTs from the server. See + * https://tools.ietf.org/html/rfc6962. It returns one. */ +OPENSSL_EXPORT int SSL_enable_signed_cert_timestamps(SSL *ssl); + +/* SSL_CTX_enable_signed_cert_timestamps enables SCT requests on all client SSL + * objects created from |ctx|. */ +OPENSSL_EXPORT void SSL_CTX_enable_signed_cert_timestamps(SSL_CTX *ctx); + +/* SSL_enable_ocsp_stapling causes |ssl| (which must be the client end of a + * connection) to request a stapled OCSP response from the server. It returns + * one. */ +OPENSSL_EXPORT int SSL_enable_ocsp_stapling(SSL *ssl); + +/* SSL_CTX_enable_ocsp_stapling enables OCSP stapling on all client SSL objects + * created from |ctx|. */ +OPENSSL_EXPORT void SSL_CTX_enable_ocsp_stapling(SSL_CTX *ctx); + +/* SSL_get0_signed_cert_timestamp_list sets |*out| and |*out_len| to point to + * |*out_len| bytes of SCT information from the server. This is only valid if + * |ssl| is a client. The SCT information is a SignedCertificateTimestampList + * (including the two leading length bytes). + * See https://tools.ietf.org/html/rfc6962#section-3.3 + * If no SCT was received then |*out_len| will be zero on return. + * + * WARNING: the returned data is not guaranteed to be well formed. */ +OPENSSL_EXPORT void SSL_get0_signed_cert_timestamp_list(const SSL *ssl, + const uint8_t **out, + size_t *out_len); + +/* SSL_get0_ocsp_response sets |*out| and |*out_len| to point to |*out_len| + * bytes of an OCSP response from the server. This is the DER encoding of an + * OCSPResponse type as defined in RFC 2560. + * + * WARNING: the returned data is not guaranteed to be well formed. */ +OPENSSL_EXPORT void SSL_get0_ocsp_response(const SSL *ssl, const uint8_t **out, + size_t *out_len); + +OPENSSL_EXPORT void SSL_CTX_set_next_protos_advertised_cb( + SSL_CTX *s, + int (*cb)(SSL *ssl, const uint8_t **out, unsigned int *outlen, void *arg), + void *arg); +OPENSSL_EXPORT void SSL_CTX_set_next_proto_select_cb( + SSL_CTX *s, int (*cb)(SSL *ssl, uint8_t **out, uint8_t *outlen, + const uint8_t *in, unsigned int inlen, void *arg), + void *arg); +OPENSSL_EXPORT void SSL_get0_next_proto_negotiated(const SSL *s, + const uint8_t **data, + unsigned *len); + +OPENSSL_EXPORT int SSL_select_next_proto(uint8_t **out, uint8_t *outlen, + const uint8_t *in, unsigned int inlen, + const uint8_t *client, + unsigned int client_len); + +#define OPENSSL_NPN_UNSUPPORTED 0 +#define OPENSSL_NPN_NEGOTIATED 1 +#define OPENSSL_NPN_NO_OVERLAP 2 + +/* SSL_CTX_set_alpn_protos sets the ALPN protocol list on |ctx| to |protos|. + * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit + * length-prefixed strings). It returns zero on success and one on failure. + * + * WARNING: this function is dangerous because it breaks the usual return value + * convention. */ +OPENSSL_EXPORT int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const uint8_t *protos, + unsigned protos_len); + +/* SSL_set_alpn_protos sets the ALPN protocol list on |ssl| to |protos|. + * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit + * length-prefixed strings). It returns zero on success and one on failure. + * + * WARNING: this function is dangerous because it breaks the usual return value + * convention. */ +OPENSSL_EXPORT int SSL_set_alpn_protos(SSL *ssl, const uint8_t *protos, + unsigned protos_len); + +OPENSSL_EXPORT void SSL_CTX_set_alpn_select_cb( + SSL_CTX *ctx, int (*cb)(SSL *ssl, const uint8_t **out, uint8_t *outlen, + const uint8_t *in, unsigned int inlen, void *arg), + void *arg); +OPENSSL_EXPORT void SSL_get0_alpn_selected(const SSL *ssl, const uint8_t **data, + unsigned *len); + +/* SSL_enable_fastradio_padding controls whether fastradio padding is enabled + * on |ssl|. If it is, ClientHello messages are padded to 1024 bytes. This + * causes 3G radios to switch to DCH mode (high data rate). */ +OPENSSL_EXPORT void SSL_enable_fastradio_padding(SSL *ssl, char on_off); + +/* SSL_set_reject_peer_renegotiations controls whether renegotiation attempts by + * the peer are rejected. It may be set at any point in a connection's lifetime + * to control future renegotiations programmatically. By default, renegotiations + * are rejected. (Renegotiations requested by a client are always rejected.) */ +OPENSSL_EXPORT void SSL_set_reject_peer_renegotiations(SSL *ssl, int reject); + +/* the maximum length of the buffer given to callbacks containing the resulting + * identity/psk */ +#define PSK_MAX_IDENTITY_LEN 128 +#define PSK_MAX_PSK_LEN 256 +OPENSSL_EXPORT void SSL_CTX_set_psk_client_callback( + SSL_CTX *ctx, + unsigned int (*psk_client_callback)( + SSL *ssl, const char *hint, char *identity, + unsigned int max_identity_len, uint8_t *psk, unsigned int max_psk_len)); +OPENSSL_EXPORT void SSL_set_psk_client_callback( + SSL *ssl, unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, + char *identity, + unsigned int max_identity_len, + uint8_t *psk, + unsigned int max_psk_len)); +OPENSSL_EXPORT void SSL_CTX_set_psk_server_callback( + SSL_CTX *ctx, + unsigned int (*psk_server_callback)(SSL *ssl, const char *identity, + uint8_t *psk, + unsigned int max_psk_len)); +OPENSSL_EXPORT void SSL_set_psk_server_callback( + SSL *ssl, + unsigned int (*psk_server_callback)(SSL *ssl, const char *identity, + uint8_t *psk, + unsigned int max_psk_len)); +OPENSSL_EXPORT int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, + const char *identity_hint); +OPENSSL_EXPORT int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint); +OPENSSL_EXPORT const char *SSL_get_psk_identity_hint(const SSL *s); +OPENSSL_EXPORT const char *SSL_get_psk_identity(const SSL *s); + +#define SSL_NOTHING 1 +#define SSL_WRITING 2 +#define SSL_READING 3 +#define SSL_X509_LOOKUP 4 +#define SSL_CHANNEL_ID_LOOKUP 5 +#define SSL_PENDING_SESSION 7 +#define SSL_CERTIFICATE_SELECTION_PENDING 8 + +/* These will only be used when doing non-blocking IO */ +#define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING) +#define SSL_want_read(s) (SSL_want(s) == SSL_READING) +#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING) +#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP) +#define SSL_want_channel_id_lookup(s) (SSL_want(s) == SSL_CHANNEL_ID_LOOKUP) +#define SSL_want_session(s) (SSL_want(s) == SSL_PENDING_SESSION) +#define SSL_want_certificate(s) \ + (SSL_want(s) == SSL_CERTIFICATE_SELECTION_PENDING) + struct ssl_st { /* version is the protocol version. */ int version; @@ -3342,6 +1336,7 @@ struct ssl_st { int shutdown; /* we have shut things down, 0x01 sent, 0x02 * for received */ int state; /* where we are */ + int rstate; /* where we are when reading */ BUF_MEM *init_buf; /* buffer used during init */ uint8_t *init_msg; /* pointer to handshake message body, set by @@ -3349,6 +1344,10 @@ struct ssl_st { int init_num; /* amount read/written */ int init_off; /* amount read/written */ + /* used internally to point at a raw packet */ + uint8_t *packet; + unsigned int packet_length; + struct ssl3_state_st *s3; /* SSLv3 variables */ struct dtls1_state_st *d1; /* DTLSv1 variables */ @@ -3421,8 +1420,13 @@ struct ssl_st { * SSLv3/TLS rollback check */ uint16_t max_send_fragment; char *tlsext_hostname; + /* should_ack_sni is true if the SNI extension should be acked. This is + * only used by a server. */ + char should_ack_sni; /* RFC4507 session ticket expected to be received or sent */ int tlsext_ticket_expected; + size_t tlsext_ecpointformatlist_length; + uint8_t *tlsext_ecpointformatlist; /* our list */ size_t tlsext_ellipticcurvelist_length; uint16_t *tlsext_ellipticcurvelist; /* our list */ @@ -3454,8 +1458,9 @@ struct ssl_st { /* Enable signed certificate time stamps. Currently client only. */ char signed_cert_timestamps_enabled; - /* ocsp_stapling_enabled is only used by client connections and indicates - * whether OCSP stapling will be requested. */ + /* Enable OCSP stapling. Currently client only. + * TODO(davidben): Add a server-side implementation when it becomes + * necesary. */ char ocsp_stapling_enabled; /* For a client, this contains the list of supported protocols in wire @@ -3463,6 +1468,11 @@ struct ssl_st { uint8_t *alpn_client_proto_list; unsigned alpn_client_proto_list_len; + /* fastradio_padding, if true, causes ClientHellos to be padded to 1024 + * bytes. This ensures that the cellular radio is fast forwarded to DCH (high + * data rate) state in 3G networks. */ + char fastradio_padding; + /* accept_peer_renegotiations, if one, accepts renegotiation attempts from the * peer. Otherwise, they will be rejected with a fatal error. */ char accept_peer_renegotiations; @@ -3474,6 +1484,947 @@ struct ssl_st { EVP_MD_CTX *read_hash; }; +/* compatibility */ +#define SSL_set_app_data(s, arg) (SSL_set_ex_data(s, 0, (char *)arg)) +#define SSL_get_app_data(s) (SSL_get_ex_data(s, 0)) +#define SSL_SESSION_set_app_data(s, a) \ + (SSL_SESSION_set_ex_data(s, 0, (char *)a)) +#define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s, 0)) +#define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx, 0)) +#define SSL_CTX_set_app_data(ctx, arg) \ + (SSL_CTX_set_ex_data(ctx, 0, (char *)arg)) + +/* The following are the possible values for ssl->state are are used to + * indicate where we are up to in the SSL connection establishment. The macros + * that follow are about the only things you should need to use and even then, + * only when using non-blocking IO. It can also be useful to work out where you + * were when the connection failed */ + +#define SSL_ST_CONNECT 0x1000 +#define SSL_ST_ACCEPT 0x2000 +#define SSL_ST_MASK 0x0FFF +#define SSL_ST_INIT (SSL_ST_CONNECT | SSL_ST_ACCEPT) +#define SSL_ST_OK 0x03 +#define SSL_ST_RENEGOTIATE (0x04 | SSL_ST_INIT) + +#define SSL_CB_LOOP 0x01 +#define SSL_CB_EXIT 0x02 +#define SSL_CB_READ 0x04 +#define SSL_CB_WRITE 0x08 +#define SSL_CB_ALERT 0x4000 /* used in callback */ +#define SSL_CB_READ_ALERT (SSL_CB_ALERT | SSL_CB_READ) +#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT | SSL_CB_WRITE) +#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT | SSL_CB_LOOP) +#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT | SSL_CB_EXIT) +#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT | SSL_CB_LOOP) +#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT | SSL_CB_EXIT) +#define SSL_CB_HANDSHAKE_START 0x10 +#define SSL_CB_HANDSHAKE_DONE 0x20 + +/* Is the SSL_connection established? */ +#define SSL_get_state(a) SSL_state(a) +#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK) +#define SSL_in_init(a) (SSL_state(a) & SSL_ST_INIT) +#define SSL_in_connect_init(a) (SSL_state(a) & SSL_ST_CONNECT) +#define SSL_in_accept_init(a) (SSL_state(a) & SSL_ST_ACCEPT) + +/* SSL_in_false_start returns one if |s| has a pending unfinished handshake that + * is in False Start. |SSL_write| may be called at this point without waiting + * for the peer, but |SSL_read| will require the handshake to be completed. */ +OPENSSL_EXPORT int SSL_in_false_start(const SSL *s); + +/* The following 2 states are kept in ssl->rstate when reads fail, + * you should not need these */ +#define SSL_ST_READ_HEADER 0xF0 +#define SSL_ST_READ_BODY 0xF1 +#define SSL_ST_READ_DONE 0xF2 + +/* Obtain latest Finished message + * -- that we sent (SSL_get_finished) + * -- that we expected from peer (SSL_get_peer_finished). + * Returns length (0 == no Finished so far), copies up to 'count' bytes. */ +OPENSSL_EXPORT size_t SSL_get_finished(const SSL *s, void *buf, size_t count); +OPENSSL_EXPORT size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count); + +/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 3 options + * are 'ored' with SSL_VERIFY_PEER if they are desired */ +#define SSL_VERIFY_NONE 0x00 +#define SSL_VERIFY_PEER 0x01 +#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02 +/* SSL_VERIFY_CLIENT_ONCE does nothing. */ +#define SSL_VERIFY_CLIENT_ONCE 0x04 +#define SSL_VERIFY_PEER_IF_NO_OBC 0x08 + +#define OpenSSL_add_ssl_algorithms() SSL_library_init() +#define SSLeay_add_ssl_algorithms() SSL_library_init() + +/* For backward compatibility */ +#define SSL_get_cipher(s) SSL_CIPHER_get_name(SSL_get_current_cipher(s)) +#define SSL_get_cipher_bits(s, np) \ + SSL_CIPHER_get_bits(SSL_get_current_cipher(s), np) +#define SSL_get_cipher_version(s) \ + SSL_CIPHER_get_version(SSL_get_current_cipher(s)) +#define SSL_get_cipher_name(s) SSL_CIPHER_get_name(SSL_get_current_cipher(s)) +#define SSL_get_time(a) SSL_SESSION_get_time(a) +#define SSL_set_time(a, b) SSL_SESSION_set_time((a), (b)) +#define SSL_get_timeout(a) SSL_SESSION_get_timeout(a) +#define SSL_set_timeout(a, b) SSL_SESSION_set_timeout((a), (b)) + +#define d2i_SSL_SESSION_bio(bp, s_id) \ + ASN1_d2i_bio_of(SSL_SESSION, SSL_SESSION_new, d2i_SSL_SESSION, bp, s_id) +#define i2d_SSL_SESSION_bio(bp, s_id) \ + ASN1_i2d_bio_of(SSL_SESSION, i2d_SSL_SESSION, bp, s_id) + +DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) + +/* make_errors.go reserves error codes above 1000 for manually-assigned errors. + * This value must be kept in sync with reservedReasonCode in make_errors.h */ +#define SSL_AD_REASON_OFFSET \ + 1000 /* offset to get SSL_R_... value from SSL_AD_... */ + +/* These alert types are for SSLv3 and TLSv1 */ +#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY +#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */ +#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */ +#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED +#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW +#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE /* fatal */ +#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE /* fatal */ +#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */ +#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE +#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE +#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED +#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED +#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN +#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */ +#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */ +#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */ +#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */ +#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR +#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION /* fatal */ +#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */ +#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY /* fatal */ +#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */ +#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED +#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION +#define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION +#define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE +#define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME +#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE \ + TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE +#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE +#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */ +#define SSL_AD_INAPPROPRIATE_FALLBACK SSL3_AD_INAPPROPRIATE_FALLBACK /* fatal */ + +#define SSL_ERROR_NONE 0 +#define SSL_ERROR_SSL 1 +#define SSL_ERROR_WANT_READ 2 +#define SSL_ERROR_WANT_WRITE 3 +#define SSL_ERROR_WANT_X509_LOOKUP 4 +#define SSL_ERROR_SYSCALL 5 /* look at error stack/return value/errno */ +#define SSL_ERROR_ZERO_RETURN 6 +#define SSL_ERROR_WANT_CONNECT 7 +#define SSL_ERROR_WANT_ACCEPT 8 +#define SSL_ERROR_WANT_CHANNEL_ID_LOOKUP 9 +#define SSL_ERROR_PENDING_SESSION 11 +#define SSL_ERROR_PENDING_CERTIFICATE 12 + +#define SSL_CTRL_EXTRA_CHAIN_CERT 14 + +/* see tls1.h for macros based on these */ +#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58 +#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59 + +#define SSL_CTRL_SET_SRP_ARG 78 +#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79 +#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80 +#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81 + +#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82 +#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83 + +#define SSL_CTRL_CHAIN 88 +#define SSL_CTRL_CHAIN_CERT 89 + +#define SSL_CTRL_GET_CURVES 90 +#define SSL_CTRL_SET_CURVES 91 +#define SSL_CTRL_SET_CURVES_LIST 92 +#define SSL_CTRL_SET_SIGALGS 97 +#define SSL_CTRL_SET_SIGALGS_LIST 98 +#define SSL_CTRL_SET_CLIENT_SIGALGS 101 +#define SSL_CTRL_SET_CLIENT_SIGALGS_LIST 102 +#define SSL_CTRL_GET_CLIENT_CERT_TYPES 103 +#define SSL_CTRL_SET_CLIENT_CERT_TYPES 104 +#define SSL_CTRL_BUILD_CERT_CHAIN 105 +#define SSL_CTRL_SET_VERIFY_CERT_STORE 106 +#define SSL_CTRL_SET_CHAIN_CERT_STORE 107 +#define SSL_CTRL_GET_SERVER_TMP_KEY 109 +#define SSL_CTRL_GET_EC_POINT_FORMATS 111 + +#define SSL_CTRL_GET_CHAIN_CERTS 115 +#define SSL_CTRL_SELECT_CURRENT_CERT 116 + +/* DTLSv1_get_timeout queries the next DTLS handshake timeout. If there is a + * timeout in progress, it sets |*out| to the time remaining and returns one. + * Otherwise, it returns zero. + * + * When the timeout expires, call |DTLSv1_handle_timeout| to handle the + * retransmit behavior. + * + * NOTE: This function must be queried again whenever the handshake state + * machine changes, including when |DTLSv1_handle_timeout| is called. */ +OPENSSL_EXPORT int DTLSv1_get_timeout(const SSL *ssl, struct timeval *out); + +/* DTLSv1_handle_timeout is called when a DTLS handshake timeout expires. If no + * timeout had expired, it returns 0. Otherwise, it retransmits the previous + * flight of handshake messages and returns 1. If too many timeouts had expired + * without progress or an error occurs, it returns -1. + * + * NOTE: The caller's external timer should be compatible with the one |ssl| + * queries within some fudge factor. Otherwise, the call will be a no-op, but + * |DTLSv1_get_timeout| will return an updated timeout. + * + * WARNING: This function breaks the usual return value convention. */ +OPENSSL_EXPORT int DTLSv1_handle_timeout(SSL *ssl); + +/* SSL_session_reused returns one if |ssl| performed an abbreviated handshake + * and zero otherwise. + * + * TODO(davidben): Hammer down the semantics of this API while a handshake, + * initial or renego, is in progress. */ +OPENSSL_EXPORT int SSL_session_reused(const SSL *ssl); + +/* SSL_total_renegotiations returns the total number of renegotiation handshakes + * peformed by |ssl|. This includes the pending renegotiation, if any. */ +OPENSSL_EXPORT int SSL_total_renegotiations(const SSL *ssl); + +/* SSL_CTX_set_tmp_dh configures |ctx| to use the group from |dh| as the group + * for DHE. Only the group is used, so |dh| needn't have a keypair. It returns + * one on success and zero on error. */ +OPENSSL_EXPORT int SSL_CTX_set_tmp_dh(SSL_CTX *ctx, const DH *dh); + +/* SSL_set_tmp_dh configures |ssl| to use the group from |dh| as the group for + * DHE. Only the group is used, so |dh| needn't have a keypair. It returns one + * on success and zero on error. */ +OPENSSL_EXPORT int SSL_set_tmp_dh(SSL *ssl, const DH *dh); + +/* SSL_CTX_set_tmp_ecdh configures |ctx| to use the curve from |ecdh| as the + * curve for ephemeral ECDH keys. For historical reasons, this API expects an + * |EC_KEY|, but only the curve is used. It returns one on success and zero on + * error. If unset, an appropriate curve will be chosen automatically. (This is + * recommended.) */ +OPENSSL_EXPORT int SSL_CTX_set_tmp_ecdh(SSL_CTX *ctx, const EC_KEY *ec_key); + +/* SSL_set_tmp_ecdh configures |ssl| to use the curve from |ecdh| as the curve + * for ephemeral ECDH keys. For historical reasons, this API expects an + * |EC_KEY|, but only the curve is used. It returns one on success and zero on + * error. If unset, an appropriate curve will be chosen automatically. (This is + * recommended.) */ +OPENSSL_EXPORT int SSL_set_tmp_ecdh(SSL *ssl, const EC_KEY *ec_key); + +/* SSL_CTX_enable_tls_channel_id either configures a TLS server to accept TLS + * client IDs from clients, or configures a client to send TLS client IDs to + * a server. It returns one. */ +OPENSSL_EXPORT int SSL_CTX_enable_tls_channel_id(SSL_CTX *ctx); + +/* SSL_enable_tls_channel_id either configures a TLS server to accept TLS + * client IDs from clients, or configure a client to send TLS client IDs to + * server. It returns one. */ +OPENSSL_EXPORT int SSL_enable_tls_channel_id(SSL *ssl); + +/* SSL_CTX_set1_tls_channel_id configures a TLS client to send a TLS Channel ID + * to compatible servers. |private_key| must be a P-256 EC key. It returns one + * on success and zero on error. */ +OPENSSL_EXPORT int SSL_CTX_set1_tls_channel_id(SSL_CTX *ctx, + EVP_PKEY *private_key); + +/* SSL_set1_tls_channel_id configures a TLS client to send a TLS Channel ID to + * compatible servers. |private_key| must be a P-256 EC key. It returns one on + * success and zero on error. */ +OPENSSL_EXPORT int SSL_set1_tls_channel_id(SSL *ssl, EVP_PKEY *private_key); + +/* SSL_get_tls_channel_id gets the client's TLS Channel ID from a server SSL* + * and copies up to the first |max_out| bytes into |out|. The Channel ID + * consists of the client's P-256 public key as an (x,y) pair where each is a + * 32-byte, big-endian field element. It returns 0 if the client didn't offer a + * Channel ID and the length of the complete Channel ID otherwise. */ +OPENSSL_EXPORT size_t SSL_get_tls_channel_id(SSL *ssl, uint8_t *out, + size_t max_out); + +#define SSL_CTX_add_extra_chain_cert(ctx, x509) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, (char *)x509) +#define SSL_CTX_get_extra_chain_certs(ctx, px509) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, px509) +#define SSL_CTX_get_extra_chain_certs_only(ctx, px509) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 1, px509) +#define SSL_CTX_clear_extra_chain_certs(ctx) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS, 0, NULL) + +#define SSL_CTX_set0_chain(ctx, sk) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN, 0, (char *)sk) +#define SSL_CTX_set1_chain(ctx, sk) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN, 1, (char *)sk) +#define SSL_CTX_add0_chain_cert(ctx, x509) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 0, (char *)x509) +#define SSL_CTX_add1_chain_cert(ctx, x509) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 1, (char *)x509) +#define SSL_CTX_get0_chain_certs(ctx, px509) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_CHAIN_CERTS, 0, px509) +#define SSL_CTX_clear_chain_certs(ctx) SSL_CTX_set0_chain(ctx, NULL) +#define SSL_CTX_build_cert_chain(ctx, flags) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL) +#define SSL_CTX_select_current_cert(ctx, x509) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_SELECT_CURRENT_CERT, 0, (char *)x509) + +#define SSL_CTX_set0_verify_cert_store(ctx, st) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, (char *)st) +#define SSL_CTX_set1_verify_cert_store(ctx, st) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 1, (char *)st) +#define SSL_CTX_set0_chain_cert_store(ctx, st) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CHAIN_CERT_STORE, 0, (char *)st) +#define SSL_CTX_set1_chain_cert_store(ctx, st) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CHAIN_CERT_STORE, 1, (char *)st) + +#define SSL_set0_chain(ctx, sk) SSL_ctrl(ctx, SSL_CTRL_CHAIN, 0, (char *)sk) +#define SSL_set1_chain(ctx, sk) SSL_ctrl(ctx, SSL_CTRL_CHAIN, 1, (char *)sk) +#define SSL_add0_chain_cert(ctx, x509) \ + SSL_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 0, (char *)x509) +#define SSL_add1_chain_cert(ctx, x509) \ + SSL_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 1, (char *)x509) +#define SSL_get0_chain_certs(ctx, px509) \ + SSL_ctrl(ctx, SSL_CTRL_GET_CHAIN_CERTS, 0, px509) +#define SSL_clear_chain_certs(ctx) SSL_set0_chain(ctx, NULL) +#define SSL_build_cert_chain(s, flags) \ + SSL_ctrl(s, SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL) +#define SSL_select_current_cert(ctx, x509) \ + SSL_ctrl(ctx, SSL_CTRL_SELECT_CURRENT_CERT, 0, (char *)x509) + +#define SSL_set0_verify_cert_store(s, st) \ + SSL_ctrl(s, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, (char *)st) +#define SSL_set1_verify_cert_store(s, st) \ + SSL_ctrl(s, SSL_CTRL_SET_VERIFY_CERT_STORE, 1, (char *)st) +#define SSL_set0_chain_cert_store(s, st) \ + SSL_ctrl(s, SSL_CTRL_SET_CHAIN_CERT_STORE, 0, (char *)st) +#define SSL_set1_chain_cert_store(s, st) \ + SSL_ctrl(s, SSL_CTRL_SET_CHAIN_CERT_STORE, 1, (char *)st) + +#define SSL_get1_curves(ctx, s) SSL_ctrl(ctx, SSL_CTRL_GET_CURVES, 0, (char *)s) +#define SSL_CTX_set1_curves(ctx, clist, clistlen) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CURVES, clistlen, (char *)clist) +#define SSL_CTX_set1_curves_list(ctx, s) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CURVES_LIST, 0, (char *)s) +#define SSL_set1_curves(ctx, clist, clistlen) \ + SSL_ctrl(ctx, SSL_CTRL_SET_CURVES, clistlen, (char *)clist) +#define SSL_set1_curves_list(ctx, s) \ + SSL_ctrl(ctx, SSL_CTRL_SET_CURVES_LIST, 0, (char *)s) + +#define SSL_CTX_set1_sigalgs(ctx, slist, slistlen) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS, slistlen, (int *)slist) +#define SSL_CTX_set1_sigalgs_list(ctx, s) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS_LIST, 0, (char *)s) +#define SSL_set1_sigalgs(ctx, slist, slistlen) \ + SSL_ctrl(ctx, SSL_CTRL_SET_SIGALGS, clistlen, (int *)slist) +#define SSL_set1_sigalgs_list(ctx, s) \ + SSL_ctrl(ctx, SSL_CTRL_SET_SIGALGS_LIST, 0, (char *)s) + +#define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS, slistlen, (int *)slist) +#define SSL_CTX_set1_client_sigalgs_list(ctx, s) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS_LIST, 0, (char *)s) +#define SSL_set1_client_sigalgs(ctx, slist, slistlen) \ + SSL_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS, clistlen, (int *)slist) +#define SSL_set1_client_sigalgs_list(ctx, s) \ + SSL_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS_LIST, 0, (char *)s) + +#define SSL_get0_certificate_types(s, clist) \ + SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, (char *)clist) + +#define SSL_CTX_set1_client_certificate_types(ctx, clist, clistlen) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_CERT_TYPES, clistlen, (char *)clist) +#define SSL_set1_client_certificate_types(s, clist, clistlen) \ + SSL_ctrl(s, SSL_CTRL_SET_CLIENT_CERT_TYPES, clistlen, (char *)clist) + +#define SSL_get_server_tmp_key(s, pk) \ + SSL_ctrl(s, SSL_CTRL_GET_SERVER_TMP_KEY, 0, pk) + +#define SSL_get0_ec_point_formats(s, plst) \ + SSL_ctrl(s, SSL_CTRL_GET_EC_POINT_FORMATS, 0, (char *)plst) + +OPENSSL_EXPORT int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str); +OPENSSL_EXPORT int SSL_CTX_set_cipher_list_tls11(SSL_CTX *, const char *str); +OPENSSL_EXPORT long SSL_CTX_set_timeout(SSL_CTX *ctx, long t); +OPENSSL_EXPORT long SSL_CTX_get_timeout(const SSL_CTX *ctx); +OPENSSL_EXPORT X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *); +OPENSSL_EXPORT void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *); +OPENSSL_EXPORT int SSL_want(const SSL *s); + +OPENSSL_EXPORT void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm); + +/* SSL_get_current_cipher returns the cipher used in the current outgoing + * connection state, or NULL if the null cipher is active. */ +OPENSSL_EXPORT const SSL_CIPHER *SSL_get_current_cipher(const SSL *s); + +OPENSSL_EXPORT int SSL_get_fd(const SSL *s); +OPENSSL_EXPORT int SSL_get_rfd(const SSL *s); +OPENSSL_EXPORT int SSL_get_wfd(const SSL *s); +OPENSSL_EXPORT const char *SSL_get_cipher_list(const SSL *s, int n); +OPENSSL_EXPORT int SSL_pending(const SSL *s); +OPENSSL_EXPORT int SSL_set_fd(SSL *s, int fd); +OPENSSL_EXPORT int SSL_set_rfd(SSL *s, int fd); +OPENSSL_EXPORT int SSL_set_wfd(SSL *s, int fd); +OPENSSL_EXPORT void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio); +OPENSSL_EXPORT BIO *SSL_get_rbio(const SSL *s); +OPENSSL_EXPORT BIO *SSL_get_wbio(const SSL *s); +OPENSSL_EXPORT int SSL_set_cipher_list(SSL *s, const char *str); +OPENSSL_EXPORT int SSL_get_verify_mode(const SSL *s); +OPENSSL_EXPORT int SSL_get_verify_depth(const SSL *s); +OPENSSL_EXPORT int (*SSL_get_verify_callback(const SSL *s))(int, + X509_STORE_CTX *); +OPENSSL_EXPORT void SSL_set_verify(SSL *s, int mode, + int (*callback)(int ok, + X509_STORE_CTX *ctx)); +OPENSSL_EXPORT void SSL_set_verify_depth(SSL *s, int depth); +OPENSSL_EXPORT void SSL_set_cert_cb(SSL *s, int (*cb)(SSL *ssl, void *arg), + void *arg); +OPENSSL_EXPORT int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa); +OPENSSL_EXPORT int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, uint8_t *d, long len); +OPENSSL_EXPORT int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey); +OPENSSL_EXPORT int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const uint8_t *d, + long len); +OPENSSL_EXPORT int SSL_use_certificate(SSL *ssl, X509 *x); +OPENSSL_EXPORT int SSL_use_certificate_ASN1(SSL *ssl, const uint8_t *d, + int len); + +OPENSSL_EXPORT int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, + int type); +OPENSSL_EXPORT int SSL_use_PrivateKey_file(SSL *ssl, const char *file, + int type); +OPENSSL_EXPORT int SSL_use_certificate_file(SSL *ssl, const char *file, + int type); +OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, + const char *file, int type); +OPENSSL_EXPORT int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, + int type); +OPENSSL_EXPORT int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, + int type); +OPENSSL_EXPORT int SSL_CTX_use_certificate_chain_file( + SSL_CTX *ctx, const char *file); /* PEM type */ +OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); +OPENSSL_EXPORT int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) * + stackCAs, + const char *file); +OPENSSL_EXPORT int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) * + stackCAs, + const char *dir); + +/* SSL_load_error_strings does nothing. */ +OPENSSL_EXPORT void SSL_load_error_strings(void); + +OPENSSL_EXPORT const char *SSL_state_string(const SSL *s); +OPENSSL_EXPORT const char *SSL_rstate_string(const SSL *s); +OPENSSL_EXPORT const char *SSL_state_string_long(const SSL *s); +OPENSSL_EXPORT const char *SSL_rstate_string_long(const SSL *s); +OPENSSL_EXPORT long SSL_SESSION_get_time(const SSL_SESSION *s); +OPENSSL_EXPORT long SSL_SESSION_set_time(SSL_SESSION *s, long t); +OPENSSL_EXPORT long SSL_SESSION_get_timeout(const SSL_SESSION *s); +OPENSSL_EXPORT long SSL_SESSION_set_timeout(SSL_SESSION *s, long t); +OPENSSL_EXPORT X509 *SSL_SESSION_get0_peer(SSL_SESSION *s); +OPENSSL_EXPORT int SSL_SESSION_set1_id_context(SSL_SESSION *s, + const uint8_t *sid_ctx, + unsigned int sid_ctx_len); + +OPENSSL_EXPORT SSL_SESSION *SSL_SESSION_new(void); +OPENSSL_EXPORT const uint8_t *SSL_SESSION_get_id(const SSL_SESSION *s, + unsigned int *len); +OPENSSL_EXPORT int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses); +OPENSSL_EXPORT int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses); + +/* SSL_SESSION_up_ref, if |session| is not NULL, increments the reference count + * of |session|. It then returns |session|. */ +OPENSSL_EXPORT SSL_SESSION *SSL_SESSION_up_ref(SSL_SESSION *session); + +/* SSL_SESSION_free decrements the reference count of |session|. If it reaches + * zero, all data referenced by |session| and |session| itself are released. */ +OPENSSL_EXPORT void SSL_SESSION_free(SSL_SESSION *session); + +OPENSSL_EXPORT int SSL_set_session(SSL *to, SSL_SESSION *session); +OPENSSL_EXPORT int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c); +OPENSSL_EXPORT int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c); +OPENSSL_EXPORT int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB); +OPENSSL_EXPORT int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB); +OPENSSL_EXPORT int SSL_has_matching_session_id(const SSL *ssl, + const uint8_t *id, + unsigned int id_len); + +/* SSL_SESSION_to_bytes serializes |in| into a newly allocated buffer and sets + * |*out_data| to that buffer and |*out_len| to its length. The caller takes + * ownership of the buffer and must call |OPENSSL_free| when done. It returns + * one on success and zero on error. */ +OPENSSL_EXPORT int SSL_SESSION_to_bytes(SSL_SESSION *in, uint8_t **out_data, + size_t *out_len); + +/* SSL_SESSION_to_bytes_for_ticket serializes |in|, but excludes the session ID + * which is not necessary in a session ticket. */ +OPENSSL_EXPORT int SSL_SESSION_to_bytes_for_ticket(SSL_SESSION *in, + uint8_t **out_data, + size_t *out_len); + +/* Deprecated: i2d_SSL_SESSION serializes |in| to the bytes pointed to by + * |*pp|. On success, it returns the number of bytes written and advances |*pp| + * by that many bytes. On failure, it returns -1. If |pp| is NULL, no bytes are + * written and only the length is returned. + * + * Use SSL_SESSION_to_bytes instead. */ +OPENSSL_EXPORT int i2d_SSL_SESSION(SSL_SESSION *in, uint8_t **pp); + +/* d2i_SSL_SESSION deserializes a serialized buffer contained in the |length| + * bytes pointed to by |*pp|. It returns the new SSL_SESSION and advances |*pp| + * by the number of bytes consumed on success and NULL on failure. If |a| is + * NULL, the caller takes ownership of the new session and must call + * |SSL_SESSION_free| when done. + * + * If |a| and |*a| are not NULL, the SSL_SESSION at |*a| is overridden with the + * deserialized session rather than allocating a new one. In addition, |a| is + * not NULL, but |*a| is, |*a| is set to the new SSL_SESSION. + * + * Passing a value other than NULL to |a| is deprecated. */ +OPENSSL_EXPORT SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const uint8_t **pp, + long length); + +OPENSSL_EXPORT X509 *SSL_get_peer_certificate(const SSL *s); + +OPENSSL_EXPORT STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s); + +OPENSSL_EXPORT int SSL_CTX_get_verify_mode(const SSL_CTX *ctx); +OPENSSL_EXPORT int SSL_CTX_get_verify_depth(const SSL_CTX *ctx); +OPENSSL_EXPORT int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))( + int, X509_STORE_CTX *); +OPENSSL_EXPORT void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, + int (*callback)(int, X509_STORE_CTX *)); +OPENSSL_EXPORT void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth); +OPENSSL_EXPORT void SSL_CTX_set_cert_verify_callback( + SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *, void *), void *arg); +OPENSSL_EXPORT void SSL_CTX_set_cert_cb(SSL_CTX *c, + int (*cb)(SSL *ssl, void *arg), + void *arg); +OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa); +OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, + const uint8_t *d, long len); +OPENSSL_EXPORT int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); +OPENSSL_EXPORT int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, + const uint8_t *d, long len); +OPENSSL_EXPORT int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x); +OPENSSL_EXPORT int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, + const uint8_t *d); + +OPENSSL_EXPORT void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, + pem_password_cb *cb); +OPENSSL_EXPORT void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, + void *u); + +OPENSSL_EXPORT int SSL_CTX_check_private_key(const SSL_CTX *ctx); +OPENSSL_EXPORT int SSL_check_private_key(const SSL *ctx); + +OPENSSL_EXPORT int SSL_CTX_set_session_id_context(SSL_CTX *ctx, + const uint8_t *sid_ctx, + unsigned int sid_ctx_len); + +OPENSSL_EXPORT int SSL_set_session_id_context(SSL *ssl, const uint8_t *sid_ctx, + unsigned int sid_ctx_len); + +OPENSSL_EXPORT int SSL_CTX_set_purpose(SSL_CTX *s, int purpose); +OPENSSL_EXPORT int SSL_set_purpose(SSL *s, int purpose); +OPENSSL_EXPORT int SSL_CTX_set_trust(SSL_CTX *s, int trust); +OPENSSL_EXPORT int SSL_set_trust(SSL *s, int trust); + +OPENSSL_EXPORT int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm); +OPENSSL_EXPORT int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm); + +OPENSSL_EXPORT X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx); +OPENSSL_EXPORT X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl); + +OPENSSL_EXPORT void SSL_certs_clear(SSL *s); +OPENSSL_EXPORT int SSL_accept(SSL *ssl); +OPENSSL_EXPORT int SSL_connect(SSL *ssl); +OPENSSL_EXPORT int SSL_read(SSL *ssl, void *buf, int num); +OPENSSL_EXPORT int SSL_peek(SSL *ssl, void *buf, int num); +OPENSSL_EXPORT int SSL_write(SSL *ssl, const void *buf, int num); +OPENSSL_EXPORT long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg); +OPENSSL_EXPORT long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg); + +OPENSSL_EXPORT int SSL_get_error(const SSL *s, int ret_code); +/* SSL_get_version returns a string describing the TLS version used by |s|. For + * example, "TLSv1.2" or "SSLv3". */ +OPENSSL_EXPORT const char *SSL_get_version(const SSL *s); +/* SSL_SESSION_get_version returns a string describing the TLS version used by + * |sess|. For example, "TLSv1.2" or "SSLv3". */ +OPENSSL_EXPORT const char *SSL_SESSION_get_version(const SSL_SESSION *sess); + +OPENSSL_EXPORT STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s); + +OPENSSL_EXPORT int SSL_do_handshake(SSL *s); + +/* SSL_renegotiate_pending returns one if |ssl| is in the middle of a + * renegotiation. */ +OPENSSL_EXPORT int SSL_renegotiate_pending(SSL *ssl); + +OPENSSL_EXPORT int SSL_shutdown(SSL *s); + +OPENSSL_EXPORT const char *SSL_alert_type_string_long(int value); +OPENSSL_EXPORT const char *SSL_alert_type_string(int value); +OPENSSL_EXPORT const char *SSL_alert_desc_string_long(int value); +OPENSSL_EXPORT const char *SSL_alert_desc_string(int value); + +OPENSSL_EXPORT void SSL_set_client_CA_list(SSL *s, + STACK_OF(X509_NAME) *name_list); +OPENSSL_EXPORT void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, + STACK_OF(X509_NAME) *name_list); +OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s); +OPENSSL_EXPORT STACK_OF(X509_NAME) * + SSL_CTX_get_client_CA_list(const SSL_CTX *s); +OPENSSL_EXPORT int SSL_add_client_CA(SSL *ssl, X509 *x); +OPENSSL_EXPORT int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x); + +OPENSSL_EXPORT long SSL_get_default_timeout(const SSL *s); + +OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk); + +OPENSSL_EXPORT X509 *SSL_get_certificate(const SSL *ssl); +OPENSSL_EXPORT EVP_PKEY *SSL_get_privatekey(const SSL *ssl); + +OPENSSL_EXPORT X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx); +OPENSSL_EXPORT EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx); + +OPENSSL_EXPORT void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode); +OPENSSL_EXPORT int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx); +OPENSSL_EXPORT void SSL_set_quiet_shutdown(SSL *ssl, int mode); +OPENSSL_EXPORT int SSL_get_quiet_shutdown(const SSL *ssl); +OPENSSL_EXPORT void SSL_set_shutdown(SSL *ssl, int mode); +OPENSSL_EXPORT int SSL_get_shutdown(const SSL *ssl); +OPENSSL_EXPORT int SSL_version(const SSL *ssl); +OPENSSL_EXPORT int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx); +OPENSSL_EXPORT int SSL_CTX_load_verify_locations(SSL_CTX *ctx, + const char *CAfile, + const char *CApath); +#define SSL_get0_session SSL_get_session /* just peek at pointer */ +OPENSSL_EXPORT SSL_SESSION *SSL_get_session(const SSL *ssl); +OPENSSL_EXPORT SSL_SESSION *SSL_get1_session( + SSL *ssl); /* obtain a reference count */ +OPENSSL_EXPORT SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl); +OPENSSL_EXPORT SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx); +OPENSSL_EXPORT void SSL_set_info_callback(SSL *ssl, + void (*cb)(const SSL *ssl, int type, + int val)); +OPENSSL_EXPORT void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, + int type, int val); +OPENSSL_EXPORT int SSL_state(const SSL *ssl); + +OPENSSL_EXPORT void SSL_set_verify_result(SSL *ssl, long v); +OPENSSL_EXPORT long SSL_get_verify_result(const SSL *ssl); + +OPENSSL_EXPORT int SSL_set_ex_data(SSL *ssl, int idx, void *data); +OPENSSL_EXPORT void *SSL_get_ex_data(const SSL *ssl, int idx); +OPENSSL_EXPORT int SSL_get_ex_new_index(long argl, void *argp, + CRYPTO_EX_new *new_func, + CRYPTO_EX_dup *dup_func, + CRYPTO_EX_free *free_func); + +OPENSSL_EXPORT int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, + void *data); +OPENSSL_EXPORT void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss, int idx); +OPENSSL_EXPORT int SSL_SESSION_get_ex_new_index(long argl, void *argp, + CRYPTO_EX_new *new_func, + CRYPTO_EX_dup *dup_func, + CRYPTO_EX_free *free_func); + +OPENSSL_EXPORT int SSL_CTX_set_ex_data(SSL_CTX *ssl, int idx, void *data); +OPENSSL_EXPORT void *SSL_CTX_get_ex_data(const SSL_CTX *ssl, int idx); +OPENSSL_EXPORT int SSL_CTX_get_ex_new_index(long argl, void *argp, + CRYPTO_EX_new *new_func, + CRYPTO_EX_dup *dup_func, + CRYPTO_EX_free *free_func); + +OPENSSL_EXPORT int SSL_get_ex_data_X509_STORE_CTX_idx(void); + +/* SSL_CTX_sess_set_cache_size sets the maximum size of |ctx|'s session cache to + * |size|. It returns the previous value. */ +OPENSSL_EXPORT unsigned long SSL_CTX_sess_set_cache_size(SSL_CTX *ctx, + unsigned long size); + +/* SSL_CTX_sess_get_cache_size returns the maximum size of |ctx|'s session + * cache. */ +OPENSSL_EXPORT unsigned long SSL_CTX_sess_get_cache_size(const SSL_CTX *ctx); + +/* SSL_SESS_CACHE_* are the possible session cache mode bits. + * TODO(davidben): Document. */ +#define SSL_SESS_CACHE_OFF 0x0000 +#define SSL_SESS_CACHE_CLIENT 0x0001 +#define SSL_SESS_CACHE_SERVER 0x0002 +#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_SERVER) +#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080 +#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100 +#define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200 +#define SSL_SESS_CACHE_NO_INTERNAL \ + (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP | SSL_SESS_CACHE_NO_INTERNAL_STORE) + +/* SSL_CTX_set_session_cache_mode sets the session cache mode bits for |ctx| to + * |mode|. It returns the previous value. */ +OPENSSL_EXPORT int SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, int mode); + +/* SSL_CTX_get_session_cache_mode returns the session cache mode bits for + * |ctx| */ +OPENSSL_EXPORT int SSL_CTX_get_session_cache_mode(const SSL_CTX *ctx); + +/* SSL_CTX_get_max_cert_list returns the maximum length, in bytes, of a peer + * certificate chain accepted by |ctx|. */ +OPENSSL_EXPORT size_t SSL_CTX_get_max_cert_list(const SSL_CTX *ctx); + +/* SSL_CTX_set_max_cert_list sets the maximum length, in bytes, of a peer + * certificate chain to |max_cert_list|. This affects how much memory may be + * consumed during the handshake. */ +OPENSSL_EXPORT void SSL_CTX_set_max_cert_list(SSL_CTX *ctx, + size_t max_cert_list); + +/* SSL_get_max_cert_list returns the maximum length, in bytes, of a peer + * certificate chain accepted by |ssl|. */ +OPENSSL_EXPORT size_t SSL_get_max_cert_list(const SSL *ssl); + +/* SSL_set_max_cert_list sets the maximum length, in bytes, of a peer + * certificate chain to |max_cert_list|. This affects how much memory may be + * consumed during the handshake. */ +OPENSSL_EXPORT void SSL_set_max_cert_list(SSL *ssl, size_t max_cert_list); + +/* SSL_CTX_set_max_send_fragment sets the maximum length, in bytes, of records + * sent by |ctx|. Beyond this length, handshake messages and application data + * will be split into multiple records. */ +OPENSSL_EXPORT void SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, + size_t max_send_fragment); + +/* SSL_set_max_send_fragment sets the maximum length, in bytes, of records + * sent by |ssl|. Beyond this length, handshake messages and application data + * will be split into multiple records. */ +OPENSSL_EXPORT void SSL_set_max_send_fragment(SSL *ssl, + size_t max_send_fragment); + +/* SSL_CTX_set_tmp_dh_callback configures |ctx| to use |callback| to determine + * the group for DHE ciphers. |callback| should ignore |is_export| and + * |keylength| and return a |DH| of the selected group or NULL on error. Only + * the parameters are used, so the |DH| needn't have a generated keypair. + * + * WARNING: The caller does not take ownership of the resulting |DH|, so + * |callback| must save and release the object elsewhere. */ +OPENSSL_EXPORT void SSL_CTX_set_tmp_dh_callback( + SSL_CTX *ctx, DH *(*callback)(SSL *ssl, int is_export, int keylength)); + +/* SSL_set_tmp_dh_callback configures |ssl| to use |callback| to determine the + * group for DHE ciphers. |callback| should ignore |is_export| and |keylength| + * and return a |DH| of the selected group or NULL on error. Only the + * parameters are used, so the |DH| needn't have a generated keypair. + * + * WARNING: The caller does not take ownership of the resulting |DH|, so + * |callback| must save and release the object elsewhere. */ +OPENSSL_EXPORT void SSL_set_tmp_dh_callback(SSL *ssl, + DH *(*dh)(SSL *ssl, int is_export, + int keylength)); + +/* SSL_CTX_set_tmp_ecdh_callback configures |ctx| to use |callback| to determine + * the curve for ephemeral ECDH keys. |callback| should ignore |is_export| and + * |keylength| and return an |EC_KEY| of the selected curve or NULL on + * error. Only the curve is used, so the |EC_KEY| needn't have a generated + * keypair. + * + * If the callback is unset, an appropriate curve will be chosen automatically. + * (This is recommended.) + * + * WARNING: The caller does not take ownership of the resulting |EC_KEY|, so + * |callback| must save and release the object elsewhere. */ +OPENSSL_EXPORT void SSL_CTX_set_tmp_ecdh_callback( + SSL_CTX *ctx, EC_KEY *(*callback)(SSL *ssl, int is_export, int keylength)); + +/* SSL_set_tmp_ecdh_callback configures |ssl| to use |callback| to determine the + * curve for ephemeral ECDH keys. |callback| should ignore |is_export| and + * |keylength| and return an |EC_KEY| of the selected curve or NULL on + * error. Only the curve is used, so the |EC_KEY| needn't have a generated + * keypair. + * + * If the callback is unset, an appropriate curve will be chosen automatically. + * (This is recommended.) + * + * WARNING: The caller does not take ownership of the resulting |EC_KEY|, so + * |callback| must save and release the object elsewhere. */ +OPENSSL_EXPORT void SSL_set_tmp_ecdh_callback( + SSL *ssl, EC_KEY *(*callback)(SSL *ssl, int is_export, int keylength)); + +OPENSSL_EXPORT const void *SSL_get_current_compression(SSL *s); +OPENSSL_EXPORT const void *SSL_get_current_expansion(SSL *s); + +OPENSSL_EXPORT int SSL_cache_hit(SSL *s); +OPENSSL_EXPORT int SSL_is_server(SSL *s); + +/* SSL_CTX_set_dos_protection_cb sets a callback that is called once the + * resumption decision for a ClientHello has been made. It can return 1 to + * allow the handshake to continue or zero to cause the handshake to abort. */ +OPENSSL_EXPORT void SSL_CTX_set_dos_protection_cb( + SSL_CTX *ctx, int (*cb)(const struct ssl_early_callback_ctx *)); + +/* SSL_get_structure_sizes returns the sizes of the SSL, SSL_CTX and + * SSL_SESSION structures so that a test can ensure that outside code agrees on + * these values. */ +OPENSSL_EXPORT void SSL_get_structure_sizes(size_t *ssl_size, + size_t *ssl_ctx_size, + size_t *ssl_session_size); + +OPENSSL_EXPORT void ERR_load_SSL_strings(void); + +/* SSL_get_rc4_state sets |*read_key| and |*write_key| to the RC4 states for + * the read and write directions. It returns one on success or zero if |ssl| + * isn't using an RC4-based cipher suite. */ +OPENSSL_EXPORT int SSL_get_rc4_state(const SSL *ssl, const RC4_KEY **read_key, + const RC4_KEY **write_key); + + +/* Deprecated functions. */ + +/* SSL_CIPHER_description writes a description of |cipher| into |buf| and + * returns |buf|. If |buf| is NULL, it returns a newly allocated string, to be + * freed with |OPENSSL_free|, or NULL on error. + * + * The description includes a trailing newline and has the form: + * AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1 + * + * Consider |SSL_CIPHER_get_name| or |SSL_CIPHER_get_rfc_name| instead. */ +OPENSSL_EXPORT const char *SSL_CIPHER_description(const SSL_CIPHER *cipher, + char *buf, int len); + +/* SSL_CIPHER_get_version returns the string "TLSv1/SSLv3". */ +OPENSSL_EXPORT const char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher); + +/* SSL_COMP_get_compression_methods returns NULL. */ +OPENSSL_EXPORT void *SSL_COMP_get_compression_methods(void); + +/* SSL_COMP_add_compression_method returns one. */ +OPENSSL_EXPORT int SSL_COMP_add_compression_method(int id, void *cm); + +/* SSL_COMP_get_name returns NULL. */ +OPENSSL_EXPORT const char *SSL_COMP_get_name(const void *comp); + +/* SSLv23_method calls |TLS_method|. */ +OPENSSL_EXPORT const SSL_METHOD *SSLv23_method(void); + +/* Version-specific methods behave exactly like |TLS_method| and |DTLS_method| + * except they also call |SSL_CTX_set_min_version| and |SSL_CTX_set_max_version| + * to lock connections to that protocol version. */ +OPENSSL_EXPORT const SSL_METHOD *SSLv3_method(void); +OPENSSL_EXPORT const SSL_METHOD *TLSv1_method(void); +OPENSSL_EXPORT const SSL_METHOD *TLSv1_1_method(void); +OPENSSL_EXPORT const SSL_METHOD *TLSv1_2_method(void); +OPENSSL_EXPORT const SSL_METHOD *DTLSv1_method(void); +OPENSSL_EXPORT const SSL_METHOD *DTLSv1_2_method(void); + +/* Client- and server-specific methods call their corresponding generic + * methods. */ +OPENSSL_EXPORT const SSL_METHOD *SSLv23_server_method(void); +OPENSSL_EXPORT const SSL_METHOD *SSLv23_client_method(void); +OPENSSL_EXPORT const SSL_METHOD *SSLv3_server_method(void); +OPENSSL_EXPORT const SSL_METHOD *SSLv3_client_method(void); +OPENSSL_EXPORT const SSL_METHOD *TLSv1_server_method(void); +OPENSSL_EXPORT const SSL_METHOD *TLSv1_client_method(void); +OPENSSL_EXPORT const SSL_METHOD *TLSv1_1_server_method(void); +OPENSSL_EXPORT const SSL_METHOD *TLSv1_1_client_method(void); +OPENSSL_EXPORT const SSL_METHOD *TLSv1_2_server_method(void); +OPENSSL_EXPORT const SSL_METHOD *TLSv1_2_client_method(void); +OPENSSL_EXPORT const SSL_METHOD *DTLS_server_method(void); +OPENSSL_EXPORT const SSL_METHOD *DTLS_client_method(void); +OPENSSL_EXPORT const SSL_METHOD *DTLSv1_server_method(void); +OPENSSL_EXPORT const SSL_METHOD *DTLSv1_client_method(void); +OPENSSL_EXPORT const SSL_METHOD *DTLSv1_2_server_method(void); +OPENSSL_EXPORT const SSL_METHOD *DTLSv1_2_client_method(void); + +/* SSL_clear resets |ssl| to allow another connection and returns one on success + * or zero on failure. It returns most configuration state but releases memory + * associated with the current connection. + * + * Free |ssl| and create a new one instead. */ +OPENSSL_EXPORT int SSL_clear(SSL *ssl); + +/* SSL_CTX_set_tmp_rsa_callback does nothing. */ +OPENSSL_EXPORT void SSL_CTX_set_tmp_rsa_callback( + SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export, int keylength)); + +/* SSL_set_tmp_rsa_callback does nothing. */ +OPENSSL_EXPORT void SSL_set_tmp_rsa_callback(SSL *ssl, + RSA *(*cb)(SSL *ssl, int is_export, + int keylength)); + +/* SSL_CTX_sess_connect returns zero. */ +OPENSSL_EXPORT int SSL_CTX_sess_connect(const SSL_CTX *ctx); + +/* SSL_CTX_sess_connect_good returns zero. */ +OPENSSL_EXPORT int SSL_CTX_sess_connect_good(const SSL_CTX *ctx); + +/* SSL_CTX_sess_connect_renegotiate returns zero. */ +OPENSSL_EXPORT int SSL_CTX_sess_connect_renegotiate(const SSL_CTX *ctx); + +/* SSL_CTX_sess_accept returns zero. */ +OPENSSL_EXPORT int SSL_CTX_sess_accept(const SSL_CTX *ctx); + +/* SSL_CTX_sess_accept_renegotiate returns zero. */ +OPENSSL_EXPORT int SSL_CTX_sess_accept_renegotiate(const SSL_CTX *ctx); + +/* SSL_CTX_sess_accept_good returns zero. */ +OPENSSL_EXPORT int SSL_CTX_sess_accept_good(const SSL_CTX *ctx); + +/* SSL_CTX_sess_hits returns zero. */ +OPENSSL_EXPORT int SSL_CTX_sess_hits(const SSL_CTX *ctx); + +/* SSL_CTX_sess_cb_hits returns zero. */ +OPENSSL_EXPORT int SSL_CTX_sess_cb_hits(const SSL_CTX *ctx); + +/* SSL_CTX_sess_misses returns zero. */ +OPENSSL_EXPORT int SSL_CTX_sess_misses(const SSL_CTX *ctx); + +/* SSL_CTX_sess_timeouts returns zero. */ +OPENSSL_EXPORT int SSL_CTX_sess_timeouts(const SSL_CTX *ctx); + +/* SSL_CTX_sess_cache_full returns zero. */ +OPENSSL_EXPORT int SSL_CTX_sess_cache_full(const SSL_CTX *ctx); + +/* SSL_cutthrough_complete calls |SSL_in_false_start|. */ +OPENSSL_EXPORT int SSL_cutthrough_complete(const SSL *s); + +/* SSL_num_renegotiations calls |SSL_total_renegotiations|. */ +OPENSSL_EXPORT int SSL_num_renegotiations(const SSL *ssl); + +/* SSL_CTX_need_tmp_RSA returns zero. */ +OPENSSL_EXPORT int SSL_CTX_need_tmp_RSA(const SSL_CTX *ctx); + +/* SSL_need_tmp_RSA returns zero. */ +OPENSSL_EXPORT int SSL_need_tmp_RSA(const SSL *ssl); + +/* SSL_CTX_set_tmp_rsa returns one. */ +OPENSSL_EXPORT int SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, const RSA *rsa); + +/* SSL_set_tmp_rsa returns one. */ +OPENSSL_EXPORT int SSL_set_tmp_rsa(SSL *ssl, const RSA *rsa); + +/* SSL_CTX_get_read_head returns zero. */ +OPENSSL_EXPORT int SSL_CTX_get_read_ahead(const SSL_CTX *ctx); + +/* SSL_CTX_set_read_ahead does nothing. */ +OPENSSL_EXPORT void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes); + +/* SSL_get_read_head returns zero. */ +OPENSSL_EXPORT int SSL_get_read_ahead(const SSL *s); + +/* SSL_set_read_ahead does nothing. */ +OPENSSL_EXPORT void SSL_set_read_ahead(SSL *s, int yes); + +/* SSL_renegotiate put an error on the error queue and returns zero. */ +OPENSSL_EXPORT int SSL_renegotiate(SSL *ssl); + +/* SSL_set_state does nothing. */ +OPENSSL_EXPORT void SSL_set_state(SSL *ssl, int state); + /* Android compatibility section. * @@ -3502,133 +2453,99 @@ OPENSSL_EXPORT const char *SSLeay_version(int unused); * * Historically, a number of APIs were implemented in OpenSSL as macros and * constants to 'ctrl' functions. To avoid breaking #ifdefs in consumers, this - * section defines a number of legacy macros. - * - * Although using either the CTRL values or their wrapper macros in #ifdefs is - * still supported, the CTRL values may not be passed to |SSL_ctrl| and - * |SSL_CTX_ctrl|. Call the functions (previously wrapper macros) instead. */ + * section defines a number of legacy macros. */ -#define DTLS_CTRL_GET_TIMEOUT doesnt_exist -#define DTLS_CTRL_HANDLE_TIMEOUT doesnt_exist -#define SSL_CTRL_CHAIN doesnt_exist -#define SSL_CTRL_CHAIN_CERT doesnt_exist -#define SSL_CTRL_CHANNEL_ID doesnt_exist -#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS doesnt_exist -#define SSL_CTRL_CLEAR_MODE doesnt_exist -#define SSL_CTRL_CLEAR_OPTIONS doesnt_exist -#define SSL_CTRL_EXTRA_CHAIN_CERT doesnt_exist -#define SSL_CTRL_GET_CHAIN_CERTS doesnt_exist -#define SSL_CTRL_GET_CHANNEL_ID doesnt_exist -#define SSL_CTRL_GET_CLIENT_CERT_TYPES doesnt_exist -#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS doesnt_exist -#define SSL_CTRL_GET_MAX_CERT_LIST doesnt_exist -#define SSL_CTRL_GET_NUM_RENEGOTIATIONS doesnt_exist -#define SSL_CTRL_GET_READ_AHEAD doesnt_exist -#define SSL_CTRL_GET_RI_SUPPORT doesnt_exist +#define SSL_CTRL_NEED_TMP_RSA doesnt_exist +#define SSL_CTRL_SET_TMP_RSA doesnt_exist +#define SSL_CTRL_SET_TMP_DH doesnt_exist +#define SSL_CTRL_SET_TMP_ECDH doesnt_exist +#define SSL_CTRL_SET_TMP_RSA_CB doesnt_exist +#define SSL_CTRL_SET_TMP_DH_CB doesnt_exist +#define SSL_CTRL_SET_TMP_ECDH_CB doesnt_exist #define SSL_CTRL_GET_SESSION_REUSED doesnt_exist -#define SSL_CTRL_GET_SESS_CACHE_MODE doesnt_exist -#define SSL_CTRL_GET_SESS_CACHE_SIZE doesnt_exist -#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS doesnt_exist +#define SSL_CTRL_GET_NUM_RENEGOTIATIONS doesnt_exist #define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS doesnt_exist -#define SSL_CTRL_MODE doesnt_exist -#define SSL_CTRL_NEED_TMP_RSA doesnt_exist -#define SSL_CTRL_OPTIONS doesnt_exist -#define SSL_CTRL_SESS_NUMBER doesnt_exist -#define SSL_CTRL_SET_CHANNEL_ID doesnt_exist -#define SSL_CTRL_SET_CURVES doesnt_exist -#define SSL_CTRL_SET_MAX_CERT_LIST doesnt_exist -#define SSL_CTRL_SET_MAX_SEND_FRAGMENT doesnt_exist #define SSL_CTRL_SET_MSG_CALLBACK doesnt_exist #define SSL_CTRL_SET_MSG_CALLBACK_ARG doesnt_exist #define SSL_CTRL_SET_MTU doesnt_exist +#define SSL_CTRL_SESS_NUMBER doesnt_exist +#define SSL_CTRL_OPTIONS doesnt_exist +#define SSL_CTRL_MODE doesnt_exist +#define SSL_CTRL_GET_READ_AHEAD doesnt_exist #define SSL_CTRL_SET_READ_AHEAD doesnt_exist -#define SSL_CTRL_SET_SESS_CACHE_MODE doesnt_exist #define SSL_CTRL_SET_SESS_CACHE_SIZE doesnt_exist -#define SSL_CTRL_SET_TLSEXT_HOSTNAME doesnt_exist -#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG doesnt_exist +#define SSL_CTRL_GET_SESS_CACHE_SIZE doesnt_exist +#define SSL_CTRL_SET_SESS_CACHE_MODE doesnt_exist +#define SSL_CTRL_GET_SESS_CACHE_MODE doesnt_exist +#define SSL_CTRL_GET_MAX_CERT_LIST doesnt_exist +#define SSL_CTRL_SET_MAX_CERT_LIST doesnt_exist +#define SSL_CTRL_SET_MAX_SEND_FRAGMENT doesnt_exist #define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB doesnt_exist -#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS doesnt_exist +#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG doesnt_exist +#define SSL_CTRL_SET_TLSEXT_HOSTNAME doesnt_exist #define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB doesnt_exist -#define SSL_CTRL_SET_TMP_DH doesnt_exist -#define SSL_CTRL_SET_TMP_DH_CB doesnt_exist -#define SSL_CTRL_SET_TMP_ECDH doesnt_exist -#define SSL_CTRL_SET_TMP_ECDH_CB doesnt_exist -#define SSL_CTRL_SET_TMP_RSA doesnt_exist -#define SSL_CTRL_SET_TMP_RSA_CB doesnt_exist +#define DTLS_CTRL_GET_TIMEOUT doesnt_exist +#define DTLS_CTRL_HANDLE_TIMEOUT doesnt_exist +#define SSL_CTRL_GET_RI_SUPPORT doesnt_exist +#define SSL_CTRL_CLEAR_OPTIONS doesnt_exist +#define SSL_CTRL_CLEAR_MODE doesnt_exist +#define SSL_CTRL_CHANNEL_ID doesnt_exist +#define SSL_CTRL_GET_CHANNEL_ID doesnt_exist +#define SSL_CTRL_SET_CHANNEL_ID doesnt_exist -#define DTLSv1_get_timeout DTLSv1_get_timeout -#define DTLSv1_handle_timeout DTLSv1_handle_timeout -#define SSL_CTX_add0_chain_cert SSL_CTX_add0_chain_cert -#define SSL_CTX_add1_chain_cert SSL_CTX_add1_chain_cert -#define SSL_CTX_add_extra_chain_cert SSL_CTX_add_extra_chain_cert -#define SSL_CTX_clear_extra_chain_certs SSL_CTX_clear_extra_chain_certs -#define SSL_CTX_clear_chain_certs SSL_CTX_clear_chain_certs -#define SSL_CTX_clear_mode SSL_CTX_clear_mode -#define SSL_CTX_clear_options SSL_CTX_clear_options -#define SSL_CTX_enable_tls_channel_id SSL_CTX_enable_tls_channel_id -#define SSL_CTX_get0_chain_certs SSL_CTX_get0_chain_certs -#define SSL_CTX_get_extra_chain_certs SSL_CTX_get_extra_chain_certs -#define SSL_CTX_get_max_cert_list SSL_CTX_get_max_cert_list -#define SSL_CTX_get_mode SSL_CTX_get_mode -#define SSL_CTX_get_options SSL_CTX_get_options -#define SSL_CTX_get_read_ahead SSL_CTX_get_read_ahead -#define SSL_CTX_get_session_cache_mode SSL_CTX_get_session_cache_mode -#define SSL_CTX_get_tlsext_ticket_keys SSL_CTX_get_tlsext_ticket_keys #define SSL_CTX_need_tmp_RSA SSL_CTX_need_tmp_RSA -#define SSL_CTX_sess_get_cache_size SSL_CTX_sess_get_cache_size -#define SSL_CTX_sess_number SSL_CTX_sess_number -#define SSL_CTX_sess_set_cache_size SSL_CTX_sess_set_cache_size -#define SSL_CTX_set0_chain SSL_CTX_set0_chain -#define SSL_CTX_set1_chain SSL_CTX_set1_chain -#define SSL_CTX_set1_curves SSL_CTX_set1_curves -#define SSL_CTX_set1_tls_channel_id SSL_CTX_set1_tls_channel_id -#define SSL_CTX_set_max_cert_list SSL_CTX_set_max_cert_list -#define SSL_CTX_set_max_send_fragment SSL_CTX_set_max_send_fragment -#define SSL_CTX_set_mode SSL_CTX_set_mode +#define SSL_need_tmp_RSA SSL_need_tmp_RSA +#define SSL_CTX_set_tmp_rsa SSL_CTX_set_tmp_rsa +#define SSL_set_tmp_rsa SSL_set_tmp_rsa +#define SSL_CTX_set_tmp_dh SSL_CTX_set_tmp_dh +#define SSL_set_tmp_dh SSL_set_tmp_dh +#define SSL_CTX_set_tmp_ecdh SSL_CTX_set_tmp_ecdh +#define SSL_set_tmp_ecdh SSL_set_tmp_ecdh +#define SSL_session_reused SSL_session_reused +#define SSL_num_renegotiations SSL_num_renegotiations +#define SSL_total_renegotiations SSL_total_renegotiations #define SSL_CTX_set_msg_callback_arg SSL_CTX_set_msg_callback_arg +#define SSL_set_msg_callback_arg SSL_set_msg_callback_arg +#define SSL_set_mtu SSL_set_mtu +#define SSL_CTX_sess_number SSL_CTX_sess_number +#define SSL_CTX_get_options SSL_CTX_get_options #define SSL_CTX_set_options SSL_CTX_set_options +#define SSL_get_options SSL_get_options +#define SSL_set_options SSL_set_options +#define SSL_CTX_get_mode SSL_CTX_get_mode +#define SSL_CTX_set_mode SSL_CTX_set_mode +#define SSL_get_mode SSL_get_mode +#define SSL_set_mode SSL_set_mode +#define SSL_CTX_get_read_ahead SSL_CTX_get_read_ahead #define SSL_CTX_set_read_ahead SSL_CTX_set_read_ahead +#define SSL_CTX_sess_set_cache_size SSL_CTX_sess_set_cache_size +#define SSL_CTX_sess_get_cache_size SSL_CTX_sess_get_cache_size #define SSL_CTX_set_session_cache_mode SSL_CTX_set_session_cache_mode -#define SSL_CTX_set_tlsext_servername_arg SSL_CTX_set_tlsext_servername_arg +#define SSL_CTX_get_session_cache_mode SSL_CTX_get_session_cache_mode +#define SSL_CTX_get_max_cert_list SSL_CTX_get_max_cert_list +#define SSL_get_max_cert_list SSL_get_max_cert_list +#define SSL_CTX_set_max_cert_list SSL_CTX_set_max_cert_list +#define SSL_set_max_cert_list SSL_set_max_cert_list +#define SSL_CTX_set_max_send_fragment SSL_CTX_set_max_send_fragment +#define SSL_set_max_send_fragment SSL_set_max_send_fragment #define SSL_CTX_set_tlsext_servername_callback \ SSL_CTX_set_tlsext_servername_callback +#define SSL_CTX_set_tlsext_servername_arg SSL_CTX_set_tlsext_servername_arg +#define SSL_set_tlsext_host_name SSL_set_tlsext_host_name #define SSL_CTX_set_tlsext_ticket_key_cb SSL_CTX_set_tlsext_ticket_key_cb -#define SSL_CTX_set_tlsext_ticket_keys SSL_CTX_set_tlsext_ticket_keys -#define SSL_CTX_set_tmp_dh SSL_CTX_set_tmp_dh -#define SSL_CTX_set_tmp_ecdh SSL_CTX_set_tmp_ecdh -#define SSL_CTX_set_tmp_rsa SSL_CTX_set_tmp_rsa -#define SSL_add0_chain_cert SSL_add0_chain_cert -#define SSL_add1_chain_cert SSL_add1_chain_cert -#define SSL_clear_chain_certs SSL_clear_chain_certs -#define SSL_clear_mode SSL_clear_mode -#define SSL_clear_options SSL_clear_options -#define SSL_enable_tls_channel_id SSL_enable_tls_channel_id -#define SSL_get0_certificate_types SSL_get0_certificate_types -#define SSL_get0_chain_certs SSL_get0_chain_certs -#define SSL_get_max_cert_list SSL_get_max_cert_list -#define SSL_get_mode SSL_get_mode -#define SSL_get_options SSL_get_options +#define DTLSv1_get_timeout DTLSv1_get_timeout +#define DTLSv1_handle_timeout DTLSv1_handle_timeout #define SSL_get_secure_renegotiation_support \ SSL_get_secure_renegotiation_support -#define SSL_get_tls_channel_id SSL_get_tls_channel_id -#define SSL_need_tmp_RSA SSL_need_tmp_RSA -#define SSL_num_renegotiations SSL_num_renegotiations -#define SSL_session_reused SSL_session_reused -#define SSL_set0_chain SSL_set0_chain -#define SSL_set1_chain SSL_set1_chain -#define SSL_set1_curves SSL_set1_curves +#define SSL_CTX_clear_options SSL_CTX_clear_options +#define SSL_clear_options SSL_clear_options +#define SSL_CTX_clear_mode SSL_CTX_clear_mode +#define SSL_clear_mode SSL_clear_mode +#define SSL_CTX_enable_tls_channel_id SSL_CTX_enable_tls_channel_id +#define SSL_enable_tls_channel_id SSL_enable_tls_channel_id #define SSL_set1_tls_channel_id SSL_set1_tls_channel_id -#define SSL_set_max_cert_list SSL_set_max_cert_list -#define SSL_set_max_send_fragment SSL_set_max_send_fragment -#define SSL_set_mode SSL_set_mode -#define SSL_set_msg_callback_arg SSL_set_msg_callback_arg -#define SSL_set_mtu SSL_set_mtu -#define SSL_set_options SSL_set_options -#define SSL_set_tlsext_host_name SSL_set_tlsext_host_name -#define SSL_set_tmp_dh SSL_set_tmp_dh -#define SSL_set_tmp_ecdh SSL_set_tmp_ecdh -#define SSL_set_tmp_rsa SSL_set_tmp_rsa -#define SSL_total_renegotiations SSL_total_renegotiations +#define SSL_CTX_set1_tls_channel_id SSL_CTX_set1_tls_channel_id +#define SSL_get_tls_channel_id SSL_get_tls_channel_id #if defined(__cplusplus) @@ -3643,14 +2560,193 @@ OPENSSL_EXPORT const char *SSLeay_version(int unused); * headers introduces circular dependencies and is inconsistent. The function * declarations should move to ssl.h. Many of the constants can probably be * pruned or unexported. */ +#include <openssl/ssl2.h> #include <openssl/ssl3.h> #include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */ +#include <openssl/ssl23.h> +#include <openssl/srtp.h> /* Support for the use_srtp extension */ /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script make_errors.go. Any * changes made after this point may be overwritten when the script is next run. */ +#define SSL_F_SSL_CTX_check_private_key 100 +#define SSL_F_SSL_CTX_new 101 +#define SSL_F_SSL_CTX_set_cipher_list 102 +#define SSL_F_SSL_CTX_set_cipher_list_tls11 103 +#define SSL_F_SSL_CTX_set_session_id_context 104 +#define SSL_F_SSL_CTX_use_PrivateKey 105 +#define SSL_F_SSL_CTX_use_PrivateKey_ASN1 106 +#define SSL_F_SSL_CTX_use_PrivateKey_file 107 +#define SSL_F_SSL_CTX_use_RSAPrivateKey 108 +#define SSL_F_SSL_CTX_use_RSAPrivateKey_ASN1 109 +#define SSL_F_SSL_CTX_use_RSAPrivateKey_file 110 +#define SSL_F_SSL_CTX_use_certificate 111 +#define SSL_F_SSL_CTX_use_certificate_ASN1 112 +#define SSL_F_SSL_CTX_use_certificate_chain_file 113 +#define SSL_F_SSL_CTX_use_certificate_file 114 +#define SSL_F_SSL_CTX_use_psk_identity_hint 115 +#define SSL_F_SSL_SESSION_new 116 +#define SSL_F_SSL_SESSION_print_fp 117 +#define SSL_F_SSL_SESSION_set1_id_context 118 +#define SSL_F_SSL_SESSION_to_bytes_full 119 +#define SSL_F_SSL_accept 120 +#define SSL_F_SSL_add_dir_cert_subjects_to_stack 121 +#define SSL_F_SSL_add_file_cert_subjects_to_stack 122 +#define SSL_F_SSL_check_private_key 123 +#define SSL_F_SSL_clear 124 +#define SSL_F_SSL_connect 125 +#define SSL_F_SSL_do_handshake 126 +#define SSL_F_SSL_load_client_CA_file 127 +#define SSL_F_SSL_new 128 +#define SSL_F_SSL_peek 129 +#define SSL_F_SSL_read 130 +#define SSL_F_SSL_renegotiate 131 +#define SSL_F_SSL_set_cipher_list 132 +#define SSL_F_SSL_set_fd 133 +#define SSL_F_SSL_set_rfd 134 +#define SSL_F_SSL_set_session_id_context 135 +#define SSL_F_SSL_set_wfd 136 +#define SSL_F_SSL_shutdown 137 +#define SSL_F_SSL_use_PrivateKey 138 +#define SSL_F_SSL_use_PrivateKey_ASN1 139 +#define SSL_F_SSL_use_PrivateKey_file 140 +#define SSL_F_SSL_use_RSAPrivateKey 141 +#define SSL_F_SSL_use_RSAPrivateKey_ASN1 142 +#define SSL_F_SSL_use_RSAPrivateKey_file 143 +#define SSL_F_SSL_use_certificate 144 +#define SSL_F_SSL_use_certificate_ASN1 145 +#define SSL_F_SSL_use_certificate_file 146 +#define SSL_F_SSL_use_psk_identity_hint 147 +#define SSL_F_SSL_write 148 +#define SSL_F_d2i_SSL_SESSION 149 +#define SSL_F_d2i_SSL_SESSION_get_octet_string 150 +#define SSL_F_d2i_SSL_SESSION_get_string 151 +#define SSL_F_do_ssl3_write 152 +#define SSL_F_dtls1_accept 153 +#define SSL_F_dtls1_buffer_record 154 +#define SSL_F_dtls1_check_timeout_num 155 +#define SSL_F_dtls1_connect 156 +#define SSL_F_dtls1_do_write 157 +#define SSL_F_dtls1_get_hello_verify 158 +#define SSL_F_dtls1_get_message 159 +#define SSL_F_dtls1_get_message_fragment 160 +#define SSL_F_dtls1_preprocess_fragment 161 +#define SSL_F_dtls1_process_record 162 +#define SSL_F_dtls1_read_bytes 163 +#define SSL_F_dtls1_send_hello_verify_request 164 +#define SSL_F_dtls1_write_app_data 165 +#define SSL_F_i2d_SSL_SESSION 166 +#define SSL_F_ssl3_accept 167 +#define SSL_F_ssl3_cert_verify_hash 169 +#define SSL_F_ssl3_check_cert_and_algorithm 170 +#define SSL_F_ssl3_connect 171 +#define SSL_F_ssl3_ctrl 172 +#define SSL_F_ssl3_ctx_ctrl 173 +#define SSL_F_ssl3_digest_cached_records 174 +#define SSL_F_ssl3_do_change_cipher_spec 175 +#define SSL_F_ssl3_expect_change_cipher_spec 176 +#define SSL_F_ssl3_get_cert_status 177 +#define SSL_F_ssl3_get_cert_verify 178 +#define SSL_F_ssl3_get_certificate_request 179 +#define SSL_F_ssl3_get_channel_id 180 +#define SSL_F_ssl3_get_client_certificate 181 +#define SSL_F_ssl3_get_client_hello 182 +#define SSL_F_ssl3_get_client_key_exchange 183 +#define SSL_F_ssl3_get_finished 184 +#define SSL_F_ssl3_get_initial_bytes 185 +#define SSL_F_ssl3_get_message 186 +#define SSL_F_ssl3_get_new_session_ticket 187 +#define SSL_F_ssl3_get_next_proto 188 +#define SSL_F_ssl3_get_record 189 +#define SSL_F_ssl3_get_server_certificate 190 +#define SSL_F_ssl3_get_server_done 191 +#define SSL_F_ssl3_get_server_hello 192 +#define SSL_F_ssl3_get_server_key_exchange 193 +#define SSL_F_ssl3_get_v2_client_hello 194 +#define SSL_F_ssl3_handshake_mac 195 +#define SSL_F_ssl3_prf 196 +#define SSL_F_ssl3_read_bytes 197 +#define SSL_F_ssl3_read_n 198 +#define SSL_F_ssl3_send_cert_verify 199 +#define SSL_F_ssl3_send_certificate_request 200 +#define SSL_F_ssl3_send_channel_id 201 +#define SSL_F_ssl3_send_client_certificate 202 +#define SSL_F_ssl3_send_client_hello 203 +#define SSL_F_ssl3_send_client_key_exchange 204 +#define SSL_F_ssl3_send_server_certificate 205 +#define SSL_F_ssl3_send_server_hello 206 +#define SSL_F_ssl3_send_server_key_exchange 207 +#define SSL_F_ssl3_setup_read_buffer 208 +#define SSL_F_ssl3_setup_write_buffer 209 +#define SSL_F_ssl3_write_bytes 210 +#define SSL_F_ssl3_write_pending 211 +#define SSL_F_ssl_add_cert_chain 212 +#define SSL_F_ssl_add_cert_to_buf 213 +#define SSL_F_ssl_add_clienthello_renegotiate_ext 214 +#define SSL_F_ssl_add_clienthello_tlsext 215 +#define SSL_F_ssl_add_clienthello_use_srtp_ext 216 +#define SSL_F_ssl_add_serverhello_renegotiate_ext 217 +#define SSL_F_ssl_add_serverhello_tlsext 218 +#define SSL_F_ssl_add_serverhello_use_srtp_ext 219 +#define SSL_F_ssl_build_cert_chain 220 +#define SSL_F_ssl_bytes_to_cipher_list 221 +#define SSL_F_ssl_cert_dup 222 +#define SSL_F_ssl_cert_inst 223 +#define SSL_F_ssl_cert_new 224 +#define SSL_F_ssl_check_serverhello_tlsext 225 +#define SSL_F_ssl_check_srvr_ecc_cert_and_alg 226 +#define SSL_F_ssl_cipher_process_rulestr 227 +#define SSL_F_ssl_cipher_strength_sort 228 +#define SSL_F_ssl_create_cipher_list 229 +#define SSL_F_ssl_ctx_log_master_secret 230 +#define SSL_F_ssl_ctx_log_rsa_client_key_exchange 231 +#define SSL_F_ssl_ctx_make_profiles 232 +#define SSL_F_ssl_get_new_session 233 +#define SSL_F_ssl_get_prev_session 234 +#define SSL_F_ssl_get_server_cert_index 235 +#define SSL_F_ssl_get_sign_pkey 236 +#define SSL_F_ssl_init_wbio_buffer 237 +#define SSL_F_ssl_parse_clienthello_renegotiate_ext 238 +#define SSL_F_ssl_parse_clienthello_tlsext 239 +#define SSL_F_ssl_parse_clienthello_use_srtp_ext 240 +#define SSL_F_ssl_parse_serverhello_renegotiate_ext 241 +#define SSL_F_ssl_parse_serverhello_tlsext 242 +#define SSL_F_ssl_parse_serverhello_use_srtp_ext 243 +#define SSL_F_ssl_scan_clienthello_tlsext 244 +#define SSL_F_ssl_scan_serverhello_tlsext 245 +#define SSL_F_ssl_sess_cert_new 246 +#define SSL_F_ssl_set_cert 247 +#define SSL_F_ssl_set_pkey 248 +#define SSL_F_ssl_verify_cert_chain 252 +#define SSL_F_tls12_check_peer_sigalg 253 +#define SSL_F_tls1_aead_ctx_init 254 +#define SSL_F_tls1_cert_verify_mac 255 +#define SSL_F_tls1_change_cipher_state 256 +#define SSL_F_tls1_change_cipher_state_aead 257 +#define SSL_F_tls1_check_duplicate_extensions 258 +#define SSL_F_tls1_enc 259 +#define SSL_F_tls1_export_keying_material 260 +#define SSL_F_tls1_prf 261 +#define SSL_F_tls1_setup_key_block 262 +#define SSL_F_dtls1_get_buffered_message 263 +#define SSL_F_dtls1_process_fragment 264 +#define SSL_F_dtls1_hm_fragment_new 265 +#define SSL_F_ssl3_seal_record 266 +#define SSL_F_ssl3_record_sequence_update 267 +#define SSL_F_SSL_CTX_set_tmp_dh 268 +#define SSL_F_SSL_CTX_set_tmp_ecdh 269 +#define SSL_F_SSL_set_tmp_dh 270 +#define SSL_F_SSL_set_tmp_ecdh 271 +#define SSL_F_SSL_CTX_set1_tls_channel_id 272 +#define SSL_F_SSL_set1_tls_channel_id 273 +#define SSL_F_SSL_set_tlsext_host_name 274 +#define SSL_F_ssl3_output_cert_chain 275 +#define SSL_F_SSL_AEAD_CTX_new 276 +#define SSL_F_SSL_AEAD_CTX_open 277 +#define SSL_F_SSL_AEAD_CTX_seal 278 +#define SSL_F_dtls1_seal_record 279 #define SSL_R_APP_DATA_IN_HANDSHAKE 100 #define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 101 #define SSL_R_BAD_ALERT 102 @@ -3829,15 +2925,6 @@ OPENSSL_EXPORT const char *SSLeay_version(int unused); #define SSL_R_RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION 275 #define SSL_R_EMS_STATE_INCONSISTENT 276 #define SSL_R_RESUMED_NON_EMS_SESSION_WITH_EMS_EXTENSION 277 -#define SSL_R_TOO_MANY_WARNING_ALERTS 278 -#define SSL_R_UNEXPECTED_EXTENSION 279 -#define SSL_R_SIGNATURE_ALGORITHMS_EXTENSION_SENT_BY_SERVER 280 -#define SSL_R_ERROR_ADDING_EXTENSION 281 -#define SSL_R_ERROR_PARSING_EXTENSION 282 -#define SSL_R_MISSING_EXTENSION 283 -#define SSL_R_CUSTOM_EXTENSION_CONTENTS_TOO_LARGE 284 -#define SSL_R_CUSTOM_EXTENSION_ERROR 285 -#define SSL_R_NEGOTIATED_BOTH_NPN_AND_ALPN 286 #define SSL_R_SSLV3_ALERT_CLOSE_NOTIFY 1000 #define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 diff --git a/src/include/openssl/ssl2.h b/src/include/openssl/ssl2.h new file mode 100644 index 0000000..b8401fa --- /dev/null +++ b/src/include/openssl/ssl2.h @@ -0,0 +1,268 @@ +/* ssl/ssl2.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_SSL2_H +#define HEADER_SSL2_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* Protocol Version Codes */ +#define SSL2_VERSION 0x0002 +#define SSL2_VERSION_MAJOR 0x00 +#define SSL2_VERSION_MINOR 0x02 +/* #define SSL2_CLIENT_VERSION 0x0002 */ +/* #define SSL2_SERVER_VERSION 0x0002 */ + +/* Protocol Message Codes */ +#define SSL2_MT_ERROR 0 +#define SSL2_MT_CLIENT_HELLO 1 +#define SSL2_MT_CLIENT_MASTER_KEY 2 +#define SSL2_MT_CLIENT_FINISHED 3 +#define SSL2_MT_SERVER_HELLO 4 +#define SSL2_MT_SERVER_VERIFY 5 +#define SSL2_MT_SERVER_FINISHED 6 +#define SSL2_MT_REQUEST_CERTIFICATE 7 +#define SSL2_MT_CLIENT_CERTIFICATE 8 + +/* Error Message Codes */ +#define SSL2_PE_UNDEFINED_ERROR 0x0000 +#define SSL2_PE_NO_CIPHER 0x0001 +#define SSL2_PE_NO_CERTIFICATE 0x0002 +#define SSL2_PE_BAD_CERTIFICATE 0x0004 +#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006 + +/* Cipher Kind Values */ +#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */ +#define SSL2_CK_RC4_128_WITH_MD5 0x02010080 +#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080 +#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080 +#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080 +#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080 +#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040 +#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */ +#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0 +#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */ +#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */ + +#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */ +#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */ + +#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1" +#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5" +#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5" +#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5" +#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5" +#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5" +#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5" +#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5" +#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA" +#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5" +#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA" +#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5" + +#define SSL2_TXT_NULL "NULL" + +/* Flags for the SSL_CIPHER.algorithm2 field */ +#define SSL2_CF_5_BYTE_ENC 0x01 +#define SSL2_CF_8_BYTE_ENC 0x02 + +/* Certificate Type Codes */ +#define SSL2_CT_X509_CERTIFICATE 0x01 + +/* Authentication Type Code */ +#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01 + +#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32 + +/* Upper/Lower Bounds */ +#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256 +#ifdef OPENSSL_SYS_MPE +#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 29998u +#else +#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u /* 2^15-1 */ +#endif +#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /* 2^14-1 */ + +#define SSL2_CHALLENGE_LENGTH 16 +/*#define SSL2_CHALLENGE_LENGTH 32 */ +#define SSL2_MIN_CHALLENGE_LENGTH 16 +#define SSL2_MAX_CHALLENGE_LENGTH 32 +#define SSL2_CONNECTION_ID_LENGTH 16 +#define SSL2_MAX_CONNECTION_ID_LENGTH 16 +#define SSL2_SSL_SESSION_ID_LENGTH 16 +#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32 +#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16 +#define SSL2_MAX_KEY_MATERIAL_LENGTH 24 + +#ifndef OPENSSL_NO_SSL_INTERN + +typedef struct ssl2_state_st + { + int three_byte_header; + int clear_text; /* clear text */ + int escape; /* not used in SSLv2 */ + int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */ + + /* non-blocking io info, used to make sure the same + * args were passwd */ + unsigned int wnum; /* number of bytes sent so far */ + int wpend_tot; + const unsigned char *wpend_buf; + + int wpend_off; /* offset to data to write */ + int wpend_len; /* number of bytes passwd to write */ + int wpend_ret; /* number of bytes to return to caller */ + + /* buffer raw data */ + int rbuf_left; + int rbuf_offs; + unsigned char *rbuf; + unsigned char *wbuf; + + unsigned char *write_ptr;/* used to point to the start due to + * 2/3 byte header. */ + + unsigned int padding; + unsigned int rlength; /* passed to ssl2_enc */ + int ract_data_length; /* Set when things are encrypted. */ + unsigned int wlength; /* passed to ssl2_enc */ + int wact_data_length; /* Set when things are decrypted. */ + unsigned char *ract_data; + unsigned char *wact_data; + unsigned char *mac_data; + + unsigned char *read_key; + unsigned char *write_key; + + /* Stuff specifically to do with this SSL session */ + unsigned int challenge_length; + unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH]; + unsigned int conn_id_length; + unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH]; + unsigned int key_material_length; + unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2]; + + unsigned long read_sequence; + unsigned long write_sequence; + + struct { + unsigned int conn_id_length; + unsigned int cert_type; + unsigned int cert_length; + unsigned int csl; + unsigned int clear; + unsigned int enc; + unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH]; + unsigned int cipher_spec_length; + unsigned int session_id_length; + unsigned int clen; + unsigned int rlen; + } tmp; + } SSL2_STATE; + +#endif + +/* SSLv2 */ +/* client */ +#define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_HELLO_B (0x11|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_HELLO_A (0x20|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_HELLO_B (0x21|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_MASTER_KEY_A (0x30|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_MASTER_KEY_B (0x31|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_FINISHED_A (0x40|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_FINISHED_B (0x41|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_CERTIFICATE_A (0x50|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_CERTIFICATE_B (0x51|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_CERTIFICATE_C (0x52|SSL_ST_CONNECT) +#define SSL2_ST_SEND_CLIENT_CERTIFICATE_D (0x53|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_VERIFY_A (0x60|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_VERIFY_B (0x61|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_FINISHED_A (0x70|SSL_ST_CONNECT) +#define SSL2_ST_GET_SERVER_FINISHED_B (0x71|SSL_ST_CONNECT) +#define SSL2_ST_CLIENT_START_ENCRYPTION (0x80|SSL_ST_CONNECT) +#define SSL2_ST_X509_GET_CLIENT_CERTIFICATE (0x90|SSL_ST_CONNECT) +/* server */ +#define SSL2_ST_GET_CLIENT_HELLO_A (0x10|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_HELLO_B (0x11|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_HELLO_C (0x12|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_HELLO_A (0x20|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_HELLO_B (0x21|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_MASTER_KEY_A (0x30|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_MASTER_KEY_B (0x31|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_VERIFY_A (0x40|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_VERIFY_B (0x41|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_VERIFY_C (0x42|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_FINISHED_A (0x50|SSL_ST_ACCEPT) +#define SSL2_ST_GET_CLIENT_FINISHED_B (0x51|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_FINISHED_A (0x60|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_SERVER_FINISHED_B (0x61|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_REQUEST_CERTIFICATE_A (0x70|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_REQUEST_CERTIFICATE_B (0x71|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_REQUEST_CERTIFICATE_C (0x72|SSL_ST_ACCEPT) +#define SSL2_ST_SEND_REQUEST_CERTIFICATE_D (0x73|SSL_ST_ACCEPT) +#define SSL2_ST_SERVER_START_ENCRYPTION (0x80|SSL_ST_ACCEPT) +#define SSL2_ST_X509_GET_SERVER_CERTIFICATE (0x90|SSL_ST_ACCEPT) + +#ifdef __cplusplus +} +#endif +#endif + diff --git a/src/include/openssl/ssl23.h b/src/include/openssl/ssl23.h new file mode 100644 index 0000000..df395a8 --- /dev/null +++ b/src/include/openssl/ssl23.h @@ -0,0 +1,85 @@ +/* ssl/ssl23.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_SSL23_H +#define HEADER_SSL23_H + +#ifdef __cplusplus +extern "C" { +#endif + + +/*client */ +/* write to server */ +#define SSL23_ST_CW_CLNT_HELLO_A (0x210 | SSL_ST_CONNECT) +#define SSL23_ST_CW_CLNT_HELLO_B (0x211 | SSL_ST_CONNECT) +/* read from server */ +#define SSL23_ST_CR_SRVR_HELLO_A (0x220 | SSL_ST_CONNECT) +#define SSL23_ST_CR_SRVR_HELLO_B (0x221 | SSL_ST_CONNECT) + +/* server */ +/* read from client */ +#define SSL23_ST_SR_CLNT_HELLO (0x210 | SSL_ST_ACCEPT) +#define SSL23_ST_SR_V2_CLNT_HELLO (0x220 | SSL_ST_ACCEPT) +#define SSL23_ST_SR_SWITCH_VERSION (0x230 | SSL_ST_ACCEPT) + + +#ifdef __cplusplus +} +#endif +#endif diff --git a/src/include/openssl/ssl3.h b/src/include/openssl/ssl3.h index 1f6ca31..640a228 100644 --- a/src/include/openssl/ssl3.h +++ b/src/include/openssl/ssl3.h @@ -127,14 +127,11 @@ extern "C" { #endif -/* These are kept to support clients that negotiates higher protocol versions - * using SSLv2 client hello records. */ -#define SSL2_MT_CLIENT_HELLO 1 -#define SSL2_VERSION 0x0002 -/* Signalling cipher suite value from RFC 5746. */ +/* Signalling cipher suite value: from RFC5746 */ #define SSL3_CK_SCSV 0x030000FF -/* Fallback signalling cipher suite value from RFC 7507. */ +/* Fallback signalling cipher suite value: not IANA assigned. + * See https://tools.ietf.org/html/draft-bmoeller-tls-downgrade-scsv-01 */ #define SSL3_CK_FALLBACK_SCSV 0x03005600 #define SSL3_CK_RSA_NULL_MD5 0x03000001 @@ -272,11 +269,29 @@ OPENSSL_COMPILE_ASSERT( #define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54" #define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52" +#define SSL3_VERSION 0x0300 +#define SSL3_VERSION_MAJOR 0x03 +#define SSL3_VERSION_MINOR 0x00 + #define SSL3_RT_CHANGE_CIPHER_SPEC 20 #define SSL3_RT_ALERT 21 #define SSL3_RT_HANDSHAKE 22 #define SSL3_RT_APPLICATION_DATA 23 +/* Pseudo content types to indicate additional parameters */ +#define TLS1_RT_CRYPTO 0x1000 +#define TLS1_RT_CRYPTO_PREMASTER (TLS1_RT_CRYPTO | 0x1) +#define TLS1_RT_CRYPTO_CLIENT_RANDOM (TLS1_RT_CRYPTO | 0x2) +#define TLS1_RT_CRYPTO_SERVER_RANDOM (TLS1_RT_CRYPTO | 0x3) +#define TLS1_RT_CRYPTO_MASTER (TLS1_RT_CRYPTO | 0x4) + +#define TLS1_RT_CRYPTO_READ 0x0000 +#define TLS1_RT_CRYPTO_WRITE 0x0100 +#define TLS1_RT_CRYPTO_MAC (TLS1_RT_CRYPTO | 0x5) +#define TLS1_RT_CRYPTO_KEY (TLS1_RT_CRYPTO | 0x6) +#define TLS1_RT_CRYPTO_IV (TLS1_RT_CRYPTO | 0x7) +#define TLS1_RT_CRYPTO_FIXED_IV (TLS1_RT_CRYPTO | 0x8) + /* Pseudo content type for SSL/TLS header info */ #define SSL3_RT_HEADER 0x100 @@ -307,17 +322,22 @@ typedef struct ssl3_record_st { /* data is a non-owning pointer to the record contents. The total length of * the buffer is |off| + |length|. */ uint8_t *data; + /* epoch, in DTLS, is the epoch number of the record. */ + uint16_t epoch; + /* seq_num, in DTLS, is the sequence number of the record. The top two bytes + * are always zero. + * + * TODO(davidben): This is confusing. They should include the epoch or the + * field should be six bytes. */ + uint8_t seq_num[8]; } SSL3_RECORD; typedef struct ssl3_buffer_st { - /* buf is the memory allocated for this buffer. */ - uint8_t *buf; - /* offset is the offset into |buf| which the buffer contents start at. */ - uint16_t offset; - /* len is the length of the buffer contents from |buf| + |offset|. */ - uint16_t len; - /* cap is how much memory beyond |buf| + |offset| is available. */ - uint16_t cap; + uint8_t *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes, see + ssl3_setup_buffers() */ + size_t len; /* buffer size */ + int offset; /* where to 'copy from' */ + int left; /* how many bytes left */ } SSL3_BUFFER; #define SSL3_CT_RSA_SIGN 1 @@ -349,6 +369,9 @@ typedef struct ssl3_state_st { /* flags for countermeasure against known-IV weakness */ int need_record_splitting; + /* The value of 'extra' when the buffers were initialized */ + int init_extra; + /* have_version is true if the connection's final version is known. Otherwise * the version has not been negotiated yet. */ char have_version; @@ -357,10 +380,13 @@ typedef struct ssl3_state_st { * completed. */ char initial_handshake_complete; - /* read_buffer holds data from the transport to be processed. */ - SSL3_BUFFER read_buffer; - /* write_buffer holds data to be written to the transport. */ - SSL3_BUFFER write_buffer; + /* sniff_buffer is used by the server in the initial handshake to read a + * V2ClientHello before the record layer is initialized. */ + BUF_MEM *sniff_buffer; + size_t sniff_buffer_len; + + SSL3_BUFFER rbuf; /* read IO goes into here */ + SSL3_BUFFER wbuf; /* write IO goes into here */ SSL3_RECORD rrec; /* each decoded record goes in here */ @@ -376,15 +402,11 @@ typedef struct ssl3_state_st { int wpend_ret; /* number of bytes submitted */ const uint8_t *wpend_buf; - /* handshake_buffer, if non-NULL, contains the handshake transcript. */ - BUF_MEM *handshake_buffer; - /* handshake_hash, if initialized with an |EVP_MD|, maintains the handshake - * hash. For TLS 1.1 and below, it is the SHA-1 half. */ - EVP_MD_CTX handshake_hash; - /* handshake_md5, if initialized with an |EVP_MD|, maintains the MD5 half of - * the handshake hash for TLS 1.1 and below. */ - EVP_MD_CTX handshake_md5; - + /* used during startup, digest all incoming/outgoing packets */ + BIO *handshake_buffer; + /* When set of handshake digests is determined, buffer is hashed and freed + * and MD_CTX-es for all required digests are stored in this array */ + EVP_MD_CTX **handshake_dgst; /* this is set whenerver we see a change_cipher_spec message come in when we * are not looking for one */ int change_cipher_spec; @@ -398,13 +420,6 @@ typedef struct ssl3_state_st { int total_renegotiations; - /* empty_record_count is the number of consecutive empty records received. */ - uint8_t empty_record_count; - - /* warning_alert_count is the number of consecutive warning alerts - * received. */ - uint8_t warning_alert_count; - /* State pertaining to the pending handshake. * * TODO(davidben): State is current spread all over the place. Move @@ -431,34 +446,6 @@ typedef struct ssl3_state_st { int reuse_message; - union { - /* sent is a bitset where the bits correspond to elements of kExtensions - * in t1_lib.c. Each bit is set if that extension was sent in a - * ClientHello. It's not used by servers. */ - uint32_t sent; - /* received is a bitset, like |sent|, but is used by servers to record - * which extensions were received from a client. */ - uint32_t received; - } extensions; - - union { - /* sent is a bitset where the bits correspond to elements of - * |client_custom_extensions| in the |SSL_CTX|. Each bit is set if that - * extension was sent in a ClientHello. It's not used by servers. */ - uint16_t sent; - /* received is a bitset, like |sent|, but is used by servers to record - * which custom extensions were received from a client. The bits here - * correspond to |server_custom_extensions|. */ - uint16_t received; - } custom_extensions; - - /* SNI extension */ - - /* should_ack_sni is used by a server and indicates that the SNI extension - * should be echoed in the ServerHello. */ - unsigned should_ack_sni:1; - - /* Client-only: cert_req determines if a client certificate is to be sent. * This is 0 if no client Certificate message is to be sent, 1 if there is * a client certificate, and 2 to send an empty client Certificate @@ -487,12 +474,13 @@ typedef struct ssl3_state_st { int cert_request; /* certificate_status_expected is true if OCSP stapling was negotiated and - * the server is expected to send a CertificateStatus message. (This is - * used on both the client and server sides.) */ - unsigned certificate_status_expected:1; + * the server is expected to send a CertificateStatus message. */ + char certificate_status_expected; - /* ocsp_stapling_requested is true if a client requested OCSP stapling. */ - unsigned ocsp_stapling_requested:1; + /* peer_ecpointformatlist contains the EC point formats advertised by the + * peer. */ + uint8_t *peer_ecpointformatlist; + size_t peer_ecpointformatlist_length; /* Server-only: peer_ellipticcurvelist contains the EC curve IDs advertised * by the peer. This is only set on the server's end. The server does not @@ -519,12 +507,6 @@ typedef struct ssl3_state_st { /* Client-only: in_false_start is one if there is a pending handshake in * False Start. The client may write data at this point. */ char in_false_start; - - /* peer_dh_tmp, on a client, is the server's DHE public key. */ - DH *peer_dh_tmp; - - /* peer_ecdh_tmp, on a client, is the server's ECDHE public key. */ - EC_KEY *peer_ecdh_tmp; } tmp; /* Connection binding to prevent renegotiation attacks */ @@ -551,6 +533,11 @@ typedef struct ssl3_state_st { * Channel IDs and that tlsext_channel_id will be valid after the * handshake. */ char tlsext_channel_id_valid; + /* tlsext_channel_id_new means that the updated Channel ID extension was + * negotiated. This is a temporary hack in the code to support both forms of + * Channel ID extension while we transition to the new format, which fixed a + * security issue. */ + char tlsext_channel_id_new; /* For a server: * If |tlsext_channel_id_valid| is true, then this contains the * verified Channel ID from the client: a P256 point, (x,y), where @@ -563,7 +550,6 @@ typedef struct ssl3_state_st { /* extra state */ #define SSL3_ST_CW_FLUSH (0x100 | SSL_ST_CONNECT) #define SSL3_ST_FALSE_START (0x101 | SSL_ST_CONNECT) -#define SSL3_ST_VERIFY_SERVER_CERT (0x102 | SSL_ST_CONNECT) /* write to server */ #define SSL3_ST_CW_CLNT_HELLO_A (0x110 | SSL_ST_CONNECT) #define SSL3_ST_CW_CLNT_HELLO_B (0x111 | SSL_ST_CONNECT) @@ -589,7 +575,6 @@ typedef struct ssl3_state_st { #define SSL3_ST_CW_KEY_EXCH_B (0x181 | SSL_ST_CONNECT) #define SSL3_ST_CW_CERT_VRFY_A (0x190 | SSL_ST_CONNECT) #define SSL3_ST_CW_CERT_VRFY_B (0x191 | SSL_ST_CONNECT) -#define SSL3_ST_CW_CERT_VRFY_C (0x192 | SSL_ST_CONNECT) #define SSL3_ST_CW_CHANGE_A (0x1A0 | SSL_ST_CONNECT) #define SSL3_ST_CW_CHANGE_B (0x1A1 | SSL_ST_CONNECT) #define SSL3_ST_CW_NEXT_PROTO_A (0x200 | SSL_ST_CONNECT) @@ -628,7 +613,6 @@ typedef struct ssl3_state_st { #define SSL3_ST_SW_CERT_B (0x141 | SSL_ST_ACCEPT) #define SSL3_ST_SW_KEY_EXCH_A (0x150 | SSL_ST_ACCEPT) #define SSL3_ST_SW_KEY_EXCH_B (0x151 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_KEY_EXCH_C (0x152 | SSL_ST_ACCEPT) #define SSL3_ST_SW_CERT_REQ_A (0x160 | SSL_ST_ACCEPT) #define SSL3_ST_SW_CERT_REQ_B (0x161 | SSL_ST_ACCEPT) #define SSL3_ST_SW_SRVR_DONE_A (0x170 | SSL_ST_ACCEPT) diff --git a/src/include/openssl/stack.h b/src/include/openssl/stack.h index b600b43..350fa14 100644 --- a/src/include/openssl/stack.h +++ b/src/include/openssl/stack.h @@ -111,6 +111,11 @@ typedef struct stack_st { #define STACK_OF(type) struct stack_st_##type +#define DEFINE_STACK_OF(type) \ +STACK_OF(type) {\ + _STACK stack; \ +} + #define DECLARE_STACK_OF(type) STACK_OF(type); /* The make_macros.sh script in this directory parses the following lines and @@ -135,14 +140,12 @@ typedef struct stack_st { * STACK_OF:GENERAL_NAMES * STACK_OF:GENERAL_SUBTREE * STACK_OF:MIME_HEADER - * STACK_OF:PKCS7_RECIP_INFO * STACK_OF:PKCS7_SIGNER_INFO + * STACK_OF:PKCS7_RECIP_INFO * STACK_OF:POLICYINFO * STACK_OF:POLICYQUALINFO * STACK_OF:POLICY_MAPPING - * STACK_OF:RSA_additional_prime * STACK_OF:SSL_COMP - * STACK_OF:SSL_CUSTOM_EXTENSION * STACK_OF:STACK_OF_X509_NAME_ENTRY * STACK_OF:SXNETID * STACK_OF:X509 diff --git a/src/include/openssl/stack_macros.h b/src/include/openssl/stack_macros.h index 08097af..dadcf6b 100644 --- a/src/include/openssl/stack_macros.h +++ b/src/include/openssl/stack_macros.h @@ -1511,93 +1511,6 @@ copy_func), \ CHECKED_CAST(void (*)(void *), void (*)(MIME_HEADER *), free_func))) -/* PKCS7_RECIP_INFO */ -#define sk_PKCS7_RECIP_INFO_new(comp) \ - ((STACK_OF(PKCS7_RECIP_INFO) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const PKCS7_RECIP_INFO **a, const PKCS7_RECIP_INFO **b), comp))) - -#define sk_PKCS7_RECIP_INFO_new_null() \ - ((STACK_OF(PKCS7_RECIP_INFO) *)sk_new_null()) - -#define sk_PKCS7_RECIP_INFO_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk)) - -#define sk_PKCS7_RECIP_INFO_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk)); - -#define sk_PKCS7_RECIP_INFO_value(sk, i) \ - ((PKCS7_RECIP_INFO *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk), (i))) - -#define sk_PKCS7_RECIP_INFO_set(sk, i, p) \ - ((PKCS7_RECIP_INFO *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), (i), \ - CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p))) - -#define sk_PKCS7_RECIP_INFO_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk)) - -#define sk_PKCS7_RECIP_INFO_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(PKCS7_RECIP_INFO *), free_func)) - -#define sk_PKCS7_RECIP_INFO_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ - CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p), (where)) - -#define sk_PKCS7_RECIP_INFO_delete(sk, where) \ - ((PKCS7_RECIP_INFO *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), (where))) - -#define sk_PKCS7_RECIP_INFO_delete_ptr(sk, p) \ - ((PKCS7_RECIP_INFO *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ - CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p))) - -#define sk_PKCS7_RECIP_INFO_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ - (out_index), CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p)) - -#define sk_PKCS7_RECIP_INFO_shift(sk) \ - ((PKCS7_RECIP_INFO *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk))) - -#define sk_PKCS7_RECIP_INFO_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ - CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p)) - -#define sk_PKCS7_RECIP_INFO_pop(sk) \ - ((PKCS7_RECIP_INFO *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk))) - -#define sk_PKCS7_RECIP_INFO_dup(sk) \ - ((STACK_OF(PKCS7_RECIP_INFO) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk))) - -#define sk_PKCS7_RECIP_INFO_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk)) - -#define sk_PKCS7_RECIP_INFO_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk)) - -#define sk_PKCS7_RECIP_INFO_set_cmp_func(sk, comp) \ - ((int (*)(const PKCS7_RECIP_INFO **a, const PKCS7_RECIP_INFO **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const PKCS7_RECIP_INFO **a, \ - const PKCS7_RECIP_INFO **b), \ - comp))) - -#define sk_PKCS7_RECIP_INFO_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(PKCS7_RECIP_INFO) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk), \ - CHECKED_CAST(void *(*)(void *), \ - PKCS7_RECIP_INFO *(*)(PKCS7_RECIP_INFO *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(PKCS7_RECIP_INFO *), \ - free_func))) - /* PKCS7_SIGNER_INFO */ #define sk_PKCS7_SIGNER_INFO_new(comp) \ ((STACK_OF(PKCS7_SIGNER_INFO) *)sk_new(CHECKED_CAST( \ @@ -1686,6 +1599,93 @@ CHECKED_CAST(void (*)(void *), void (*)(PKCS7_SIGNER_INFO *), \ free_func))) +/* PKCS7_RECIP_INFO */ +#define sk_PKCS7_RECIP_INFO_new(comp) \ + ((STACK_OF(PKCS7_RECIP_INFO) *)sk_new(CHECKED_CAST( \ + stack_cmp_func, \ + int (*)(const PKCS7_RECIP_INFO **a, const PKCS7_RECIP_INFO **b), comp))) + +#define sk_PKCS7_RECIP_INFO_new_null() \ + ((STACK_OF(PKCS7_RECIP_INFO) *)sk_new_null()) + +#define sk_PKCS7_RECIP_INFO_num(sk) \ + sk_num(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk)) + +#define sk_PKCS7_RECIP_INFO_zero(sk) \ + sk_zero(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk)); + +#define sk_PKCS7_RECIP_INFO_value(sk, i) \ + ((PKCS7_RECIP_INFO *)sk_value( \ + CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk), (i))) + +#define sk_PKCS7_RECIP_INFO_set(sk, i, p) \ + ((PKCS7_RECIP_INFO *)sk_set( \ + CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), (i), \ + CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p))) + +#define sk_PKCS7_RECIP_INFO_free(sk) \ + sk_free(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk)) + +#define sk_PKCS7_RECIP_INFO_pop_free(sk, free_func) \ + sk_pop_free( \ + CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ + CHECKED_CAST(void (*)(void *), void (*)(PKCS7_RECIP_INFO *), free_func)) + +#define sk_PKCS7_RECIP_INFO_insert(sk, p, where) \ + sk_insert(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ + CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p), (where)) + +#define sk_PKCS7_RECIP_INFO_delete(sk, where) \ + ((PKCS7_RECIP_INFO *)sk_delete( \ + CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), (where))) + +#define sk_PKCS7_RECIP_INFO_delete_ptr(sk, p) \ + ((PKCS7_RECIP_INFO *)sk_delete_ptr( \ + CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ + CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p))) + +#define sk_PKCS7_RECIP_INFO_find(sk, out_index, p) \ + sk_find(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ + (out_index), CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p)) + +#define sk_PKCS7_RECIP_INFO_shift(sk) \ + ((PKCS7_RECIP_INFO *)sk_shift( \ + CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk))) + +#define sk_PKCS7_RECIP_INFO_push(sk, p) \ + sk_push(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ + CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p)) + +#define sk_PKCS7_RECIP_INFO_pop(sk) \ + ((PKCS7_RECIP_INFO *)sk_pop( \ + CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk))) + +#define sk_PKCS7_RECIP_INFO_dup(sk) \ + ((STACK_OF(PKCS7_RECIP_INFO) *)sk_dup( \ + CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk))) + +#define sk_PKCS7_RECIP_INFO_sort(sk) \ + sk_sort(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk)) + +#define sk_PKCS7_RECIP_INFO_is_sorted(sk) \ + sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk)) + +#define sk_PKCS7_RECIP_INFO_set_cmp_func(sk, comp) \ + ((int (*)(const PKCS7_RECIP_INFO **a, const PKCS7_RECIP_INFO **b)) \ + sk_set_cmp_func( \ + CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ + CHECKED_CAST(stack_cmp_func, int (*)(const PKCS7_RECIP_INFO **a, \ + const PKCS7_RECIP_INFO **b), \ + comp))) + +#define sk_PKCS7_RECIP_INFO_deep_copy(sk, copy_func, free_func) \ + ((STACK_OF(PKCS7_RECIP_INFO) *)sk_deep_copy( \ + CHECKED_CAST(const _STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk), \ + CHECKED_CAST(void *(*)(void *), \ + PKCS7_RECIP_INFO *(*)(PKCS7_RECIP_INFO *), copy_func), \ + CHECKED_CAST(void (*)(void *), void (*)(PKCS7_RECIP_INFO *), \ + free_func))) + /* POLICYINFO */ #define sk_POLICYINFO_new(comp) \ ((STACK_OF(POLICYINFO) *)sk_new(CHECKED_CAST( \ @@ -1937,99 +1937,6 @@ copy_func), \ CHECKED_CAST(void (*)(void *), void (*)(POLICY_MAPPING *), free_func))) -/* RSA_additional_prime */ -#define sk_RSA_additional_prime_new(comp) \ - ((STACK_OF(RSA_additional_prime) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const RSA_additional_prime **a, const RSA_additional_prime **b), \ - comp))) - -#define sk_RSA_additional_prime_new_null() \ - ((STACK_OF(RSA_additional_prime) *)sk_new_null()) - -#define sk_RSA_additional_prime_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk)) - -#define sk_RSA_additional_prime_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk)); - -#define sk_RSA_additional_prime_value(sk, i) \ - ((RSA_additional_prime *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(RSA_additional_prime) *, sk), \ - (i))) - -#define sk_RSA_additional_prime_set(sk, i, p) \ - ((RSA_additional_prime *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk), (i), \ - CHECKED_CAST(void *, RSA_additional_prime *, p))) - -#define sk_RSA_additional_prime_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk)) - -#define sk_RSA_additional_prime_pop_free(sk, free_func) \ - sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(RSA_additional_prime *), \ - free_func)) - -#define sk_RSA_additional_prime_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk), \ - CHECKED_CAST(void *, RSA_additional_prime *, p), (where)) - -#define sk_RSA_additional_prime_delete(sk, where) \ - ((RSA_additional_prime *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk), (where))) - -#define sk_RSA_additional_prime_delete_ptr(sk, p) \ - ((RSA_additional_prime *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk), \ - CHECKED_CAST(void *, RSA_additional_prime *, p))) - -#define sk_RSA_additional_prime_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk), \ - (out_index), CHECKED_CAST(void *, RSA_additional_prime *, p)) - -#define sk_RSA_additional_prime_shift(sk) \ - ((RSA_additional_prime *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk))) - -#define sk_RSA_additional_prime_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk), \ - CHECKED_CAST(void *, RSA_additional_prime *, p)) - -#define sk_RSA_additional_prime_pop(sk) \ - ((RSA_additional_prime *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk))) - -#define sk_RSA_additional_prime_dup(sk) \ - ((STACK_OF(RSA_additional_prime) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(RSA_additional_prime) *, sk))) - -#define sk_RSA_additional_prime_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk)) - -#define sk_RSA_additional_prime_is_sorted(sk) \ - sk_is_sorted( \ - CHECKED_CAST(_STACK *, const STACK_OF(RSA_additional_prime) *, sk)) - -#define sk_RSA_additional_prime_set_cmp_func(sk, comp) \ - ((int (*)(const RSA_additional_prime **a, const RSA_additional_prime **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const RSA_additional_prime **a, \ - const RSA_additional_prime **b), \ - comp))) - -#define sk_RSA_additional_prime_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(RSA_additional_prime) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(RSA_additional_prime) *, \ - sk), \ - CHECKED_CAST(void *(*)(void *), \ - RSA_additional_prime *(*)(RSA_additional_prime *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(RSA_additional_prime *), \ - free_func))) - /* SSL_COMP */ #define sk_SSL_COMP_new(comp) \ ((STACK_OF(SSL_COMP) *)sk_new(CHECKED_CAST( \ @@ -2106,99 +2013,6 @@ CHECKED_CAST(void *(*)(void *), SSL_COMP *(*)(SSL_COMP *), copy_func), \ CHECKED_CAST(void (*)(void *), void (*)(SSL_COMP *), free_func))) -/* SSL_CUSTOM_EXTENSION */ -#define sk_SSL_CUSTOM_EXTENSION_new(comp) \ - ((STACK_OF(SSL_CUSTOM_EXTENSION) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const SSL_CUSTOM_EXTENSION **a, const SSL_CUSTOM_EXTENSION **b), \ - comp))) - -#define sk_SSL_CUSTOM_EXTENSION_new_null() \ - ((STACK_OF(SSL_CUSTOM_EXTENSION) *)sk_new_null()) - -#define sk_SSL_CUSTOM_EXTENSION_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk)) - -#define sk_SSL_CUSTOM_EXTENSION_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk)); - -#define sk_SSL_CUSTOM_EXTENSION_value(sk, i) \ - ((SSL_CUSTOM_EXTENSION *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), \ - (i))) - -#define sk_SSL_CUSTOM_EXTENSION_set(sk, i, p) \ - ((SSL_CUSTOM_EXTENSION *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), (i), \ - CHECKED_CAST(void *, SSL_CUSTOM_EXTENSION *, p))) - -#define sk_SSL_CUSTOM_EXTENSION_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk)) - -#define sk_SSL_CUSTOM_EXTENSION_pop_free(sk, free_func) \ - sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(SSL_CUSTOM_EXTENSION *), \ - free_func)) - -#define sk_SSL_CUSTOM_EXTENSION_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), \ - CHECKED_CAST(void *, SSL_CUSTOM_EXTENSION *, p), (where)) - -#define sk_SSL_CUSTOM_EXTENSION_delete(sk, where) \ - ((SSL_CUSTOM_EXTENSION *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), (where))) - -#define sk_SSL_CUSTOM_EXTENSION_delete_ptr(sk, p) \ - ((SSL_CUSTOM_EXTENSION *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), \ - CHECKED_CAST(void *, SSL_CUSTOM_EXTENSION *, p))) - -#define sk_SSL_CUSTOM_EXTENSION_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), \ - (out_index), CHECKED_CAST(void *, SSL_CUSTOM_EXTENSION *, p)) - -#define sk_SSL_CUSTOM_EXTENSION_shift(sk) \ - ((SSL_CUSTOM_EXTENSION *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk))) - -#define sk_SSL_CUSTOM_EXTENSION_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), \ - CHECKED_CAST(void *, SSL_CUSTOM_EXTENSION *, p)) - -#define sk_SSL_CUSTOM_EXTENSION_pop(sk) \ - ((SSL_CUSTOM_EXTENSION *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk))) - -#define sk_SSL_CUSTOM_EXTENSION_dup(sk) \ - ((STACK_OF(SSL_CUSTOM_EXTENSION) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(SSL_CUSTOM_EXTENSION) *, sk))) - -#define sk_SSL_CUSTOM_EXTENSION_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk)) - -#define sk_SSL_CUSTOM_EXTENSION_is_sorted(sk) \ - sk_is_sorted( \ - CHECKED_CAST(_STACK *, const STACK_OF(SSL_CUSTOM_EXTENSION) *, sk)) - -#define sk_SSL_CUSTOM_EXTENSION_set_cmp_func(sk, comp) \ - ((int (*)(const SSL_CUSTOM_EXTENSION **a, const SSL_CUSTOM_EXTENSION **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const SSL_CUSTOM_EXTENSION **a, \ - const SSL_CUSTOM_EXTENSION **b), \ - comp))) - -#define sk_SSL_CUSTOM_EXTENSION_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(SSL_CUSTOM_EXTENSION) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(SSL_CUSTOM_EXTENSION) *, \ - sk), \ - CHECKED_CAST(void *(*)(void *), \ - SSL_CUSTOM_EXTENSION *(*)(SSL_CUSTOM_EXTENSION *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(SSL_CUSTOM_EXTENSION *), \ - free_func))) - /* STACK_OF_X509_NAME_ENTRY */ #define sk_STACK_OF_X509_NAME_ENTRY_new(comp) \ ((STACK_OF(STACK_OF_X509_NAME_ENTRY) *)sk_new(CHECKED_CAST( \ @@ -3777,25 +3591,25 @@ #define sk_void_new_null() ((STACK_OF(void)*)sk_new_null()) -#define sk_void_num(sk) sk_num(CHECKED_CAST(_STACK *, STACK_OF(void) *, sk)) +#define sk_void_num(sk) sk_num(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk)) -#define sk_void_zero(sk) sk_zero(CHECKED_CAST(_STACK *, STACK_OF(void) *, sk)); +#define sk_void_zero(sk) sk_zero(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk)); #define sk_void_value(sk, i) \ - ((void *)sk_value(CHECKED_CAST(_STACK *, const STACK_OF(void) *, sk), (i))) + ((void *)sk_value(CHECKED_CAST(_STACK *, const STACK_OF(void)*, sk), (i))) #define sk_void_set(sk, i, p) \ ((void *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), (i), \ CHECKED_CAST(void *, void *, p))) -#define sk_void_free(sk) sk_free(CHECKED_CAST(_STACK *, STACK_OF(void) *, sk)) +#define sk_void_free(sk) sk_free(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk)) -#define sk_void_pop_free(sk, free_func) \ - sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(void) *, sk), \ +#define sk_void_pop_free(sk, free_func) \ + sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), \ CHECKED_CAST(void (*)(void *), void (*)(void *), free_func)) -#define sk_void_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(void) *, sk), \ +#define sk_void_insert(sk, p, where) \ + sk_insert(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), \ CHECKED_CAST(void *, void *, p), (where)) #define sk_void_delete(sk, where) \ @@ -3805,27 +3619,27 @@ ((void *)sk_delete_ptr(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), \ CHECKED_CAST(void *, void *, p))) -#define sk_void_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(void) *, sk), (out_index), \ +#define sk_void_find(sk, out_index, p) \ + sk_find(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), (out_index), \ CHECKED_CAST(void *, void *, p)) #define sk_void_shift(sk) \ ((void *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk))) -#define sk_void_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(void) *, sk), \ +#define sk_void_push(sk, p) \ + sk_push(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), \ CHECKED_CAST(void *, void *, p)) #define sk_void_pop(sk) \ ((void *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk))) #define sk_void_dup(sk) \ - ((STACK_OF(void)*)sk_dup(CHECKED_CAST(_STACK *, const STACK_OF(void) *, sk))) + ((STACK_OF(void)*)sk_dup(CHECKED_CAST(_STACK *, const STACK_OF(void)*, sk))) -#define sk_void_sort(sk) sk_sort(CHECKED_CAST(_STACK *, STACK_OF(void) *, sk)) +#define sk_void_sort(sk) sk_sort(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk)) #define sk_void_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(void) *, sk)) + sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(void)*, sk)) #define sk_void_set_cmp_func(sk, comp) \ ((int (*)(const void **a, const void **b))sk_set_cmp_func( \ @@ -3835,7 +3649,7 @@ #define sk_void_deep_copy(sk, copy_func, free_func) \ ((STACK_OF(void)*)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(void) *, sk), \ + CHECKED_CAST(const _STACK *, const STACK_OF(void)*, sk), \ CHECKED_CAST(void *(*)(void *), void *(*)(void *), copy_func), \ CHECKED_CAST(void (*)(void *), void (*)(void *), free_func))) diff --git a/src/include/openssl/tls1.h b/src/include/openssl/tls1.h index 7d16b55..f2bee27 100644 --- a/src/include/openssl/tls1.h +++ b/src/include/openssl/tls1.h @@ -209,7 +209,7 @@ extern "C" { #define TLSEXT_TYPE_signature_algorithms 13 /* ExtensionType value from RFC5764 */ -#define TLSEXT_TYPE_srtp 14 +#define TLSEXT_TYPE_use_srtp 14 /* ExtensionType value from RFC5620 */ #define TLSEXT_TYPE_heartbeat 15 @@ -239,7 +239,8 @@ extern "C" { #define TLSEXT_TYPE_next_proto_neg 13172 /* This is not an IANA defined extension number */ -#define TLSEXT_TYPE_channel_id 30032 +#define TLSEXT_TYPE_channel_id 30031 +#define TLSEXT_TYPE_channel_id_new 30032 /* NameType value from RFC 3546 */ #define TLSEXT_NAMETYPE_host_name 0 @@ -290,6 +291,14 @@ OPENSSL_EXPORT int SSL_export_keying_material( SSL *s, uint8_t *out, size_t out_len, const char *label, size_t label_len, const uint8_t *context, size_t context_len, int use_context); +OPENSSL_EXPORT int SSL_get_sigalgs(SSL *s, int idx, int *psign, int *phash, + int *psignandhash, uint8_t *rsig, + uint8_t *rhash); + +OPENSSL_EXPORT int SSL_get_shared_sigalgs(SSL *s, int idx, int *psign, + int *phash, int *psignandhash, + uint8_t *rsig, uint8_t *rhash); + /* SSL_set_tlsext_host_name, for a client, configures |ssl| to advertise |name| * in the server_name extension. It returns one on success and zero on error. */ OPENSSL_EXPORT int SSL_set_tlsext_host_name(SSL *ssl, const char *name); @@ -313,6 +322,39 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_servername_callback( * callback and returns one. See |SSL_CTX_set_tlsext_servername_callback|. */ OPENSSL_EXPORT int SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg); +#define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \ + SSL_CTX_ctrl((ctx), SSL_CTRL_GET_TLSEXT_TICKET_KEYS, (keylen), (keys)) +#define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \ + SSL_CTX_ctrl((ctx), SSL_CTRL_SET_TLSEXT_TICKET_KEYS, (keylen), (keys)) + +/* SSL_CTX_set_tlsext_ticket_key_cb sets the ticket callback to |callback| and + * returns one. |callback| will be called when encrypting a new ticket and when + * decrypting a ticket from the client. + * + * In both modes, |ctx| and |hmac_ctx| will already have been initialized with + * |EVP_CIPHER_CTX_init| and |HMAC_CTX_init|, respectively. |callback| + * configures |hmac_ctx| with an HMAC digest and key, and configures |ctx| + * for encryption or decryption, based on the mode. + * + * When encrypting a new ticket, |encrypt| will be one. It writes a public + * 16-byte key name to |key_name| and a fresh IV to |iv|. The output IV length + * must match |EVP_CIPHER_CTX_iv_length| of the cipher selected. In this mode, + * |callback| returns 1 on success and -1 on error. + * + * When decrypting a ticket, |encrypt| will be zero. |key_name| will point to a + * 16-byte key name and |iv| points to an IV. The length of the IV consumed must + * match |EVP_CIPHER_CTX_iv_length| of the cipher selected. In this mode, + * |callback| returns -1 to abort the handshake, 0 if decrypting the ticket + * failed, and 1 or 2 on success. If it returns 2, the ticket will be renewed. + * This may be used to re-key the ticket. + * + * WARNING: |callback| wildly breaks the usual return value convention and is + * called in two different modes. */ +OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_key_cb( + SSL_CTX *ctx, int (*callback)(SSL *ssl, uint8_t *key_name, uint8_t *iv, + EVP_CIPHER_CTX *ctx, HMAC_CTX *hmac_ctx, + int encrypt)); + /* PSK ciphersuites from 4279 */ #define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A #define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008B @@ -472,6 +514,7 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg); #define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305 0x0300CC13 #define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305 0x0300CC14 +#define TLS1_CK_DHE_RSA_CHACHA20_POLY1305 0x0300CC15 /* XXX * Inconsistency alert: diff --git a/src/include/openssl/x509.h b/src/include/openssl/x509.h index f6b3af0..69c7da6 100644 --- a/src/include/openssl/x509.h +++ b/src/include/openssl/x509.h @@ -102,22 +102,22 @@ extern "C" { #define X509v3_KU_DECIPHER_ONLY 0x8000 #define X509v3_KU_UNDEF 0xffff -struct X509_objects_st +typedef struct X509_objects_st { int nid; int (*a2i)(void); int (*i2a)(void); - } /* X509_OBJECTS */; + } X509_OBJECTS; DECLARE_ASN1_SET_OF(X509_ALGOR) typedef STACK_OF(X509_ALGOR) X509_ALGORS; -struct X509_val_st +typedef struct X509_val_st { ASN1_TIME *notBefore; ASN1_TIME *notAfter; - } /* X509_VAL */; + } X509_VAL; struct X509_pubkey_st { @@ -126,25 +126,25 @@ struct X509_pubkey_st EVP_PKEY *pkey; }; -struct X509_sig_st +typedef struct X509_sig_st { X509_ALGOR *algor; ASN1_OCTET_STRING *digest; - } /* X509_SIG */; + } X509_SIG; -struct X509_name_entry_st +typedef struct X509_name_entry_st { ASN1_OBJECT *object; ASN1_STRING *value; int set; int size; /* temp variable */ - } /* X509_NAME_ENTRY */; + } X509_NAME_ENTRY; DECLARE_STACK_OF(X509_NAME_ENTRY) DECLARE_ASN1_SET_OF(X509_NAME_ENTRY) /* we always keep X509_NAMEs in 2 forms. */ -struct X509_name_st +typedef struct X509_name_st { STACK_OF(X509_NAME_ENTRY) *entries; int modified; /* true if 'bytes' needs to be built */ @@ -156,18 +156,18 @@ struct X509_name_st /* unsigned long hash; Keep the hash around for lookups */ unsigned char *canon_enc; int canon_enclen; - } /* X509_NAME */; + } X509_NAME; DECLARE_STACK_OF(X509_NAME) #define X509_EX_V_NETSCAPE_HACK 0x8000 #define X509_EX_V_INIT 0x0001 -struct X509_extension_st +typedef struct X509_extension_st { ASN1_OBJECT *object; ASN1_BOOLEAN critical; ASN1_OCTET_STRING *value; - } /* X509_EXTENSION */; + } X509_EXTENSION; typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS; @@ -175,7 +175,7 @@ DECLARE_STACK_OF(X509_EXTENSION) DECLARE_ASN1_SET_OF(X509_EXTENSION) /* a sequence of these are used */ -struct x509_attributes_st +typedef struct x509_attributes_st { ASN1_OBJECT *object; int single; /* 0 for a set, 1 for a single item (which is wrong) */ @@ -184,13 +184,13 @@ struct x509_attributes_st /* 0 */ STACK_OF(ASN1_TYPE) *set; /* 1 */ ASN1_TYPE *single; } value; - } /* X509_ATTRIBUTE */; + } X509_ATTRIBUTE; DECLARE_STACK_OF(X509_ATTRIBUTE) DECLARE_ASN1_SET_OF(X509_ATTRIBUTE) -struct X509_req_info_st +typedef struct X509_req_info_st { ASN1_ENCODING enc; ASN1_INTEGER *version; @@ -198,17 +198,17 @@ struct X509_req_info_st X509_PUBKEY *pubkey; /* d=2 hl=2 l= 0 cons: cont: 00 */ STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ - } /* X509_REQ_INFO */; + } X509_REQ_INFO; -struct X509_req_st +typedef struct X509_req_st { X509_REQ_INFO *req_info; X509_ALGOR *sig_alg; ASN1_BIT_STRING *signature; CRYPTO_refcount_t references; - } /* X509_REQ */; + } X509_REQ; -struct x509_cinf_st +typedef struct x509_cinf_st { ASN1_INTEGER *version; /* [ 0 ] default of v1 */ ASN1_INTEGER *serialNumber; @@ -221,7 +221,7 @@ struct x509_cinf_st ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ ASN1_ENCODING enc; - } /* X509_CINF */; + } X509_CINF; /* This stuff is certificate "auxiliary info" * it contains details which are useful in certificate @@ -229,14 +229,14 @@ struct x509_cinf_st * the end of the certificate itself */ -struct x509_cert_aux_st +typedef struct x509_cert_aux_st { STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ ASN1_UTF8STRING *alias; /* "friendly name" */ ASN1_OCTET_STRING *keyid; /* key id of private key */ STACK_OF(X509_ALGOR) *other; /* other unspecified info */ - } /* X509_CERT_AUX */; + } X509_CERT_AUX; struct x509_st { @@ -269,21 +269,21 @@ DECLARE_ASN1_SET_OF(X509) /* This is used for a table of trust checking functions */ -struct x509_trust_st { +typedef struct x509_trust_st { int trust; int flags; int (*check_trust)(struct x509_trust_st *, X509 *, int); char *name; int arg1; void *arg2; -} /* X509_TRUST */; +} X509_TRUST; DECLARE_STACK_OF(X509_TRUST) -struct x509_cert_pair_st { +typedef struct x509_cert_pair_st { X509 *forward; X509 *reverse; -} /* X509_CERT_PAIR */; +} X509_CERT_PAIR; /* standard trust ids */ @@ -403,7 +403,7 @@ struct x509_revoked_st DECLARE_STACK_OF(X509_REVOKED) DECLARE_ASN1_SET_OF(X509_REVOKED) -struct X509_crl_info_st +typedef struct X509_crl_info_st { ASN1_INTEGER *version; X509_ALGOR *sig_alg; @@ -413,7 +413,7 @@ struct X509_crl_info_st STACK_OF(X509_REVOKED) *revoked; STACK_OF(X509_EXTENSION) /* [0] */ *extensions; ASN1_ENCODING enc; - } /* X509_CRL_INFO */; + } X509_CRL_INFO; struct X509_crl_st { @@ -441,7 +441,7 @@ struct X509_crl_st DECLARE_STACK_OF(X509_CRL) DECLARE_ASN1_SET_OF(X509_CRL) -struct private_key_st +typedef struct private_key_st { int version; /* The PKCS#8 data types */ @@ -458,10 +458,10 @@ struct private_key_st /* expanded version of 'enc_algor' */ EVP_CIPHER_INFO cipher; - } /* X509_PKEY */; + } X509_PKEY; #ifndef OPENSSL_NO_EVP -struct X509_info_st +typedef struct X509_info_st { X509 *x509; X509_CRL *crl; @@ -471,7 +471,7 @@ struct X509_info_st int enc_len; char *enc_data; - } /* X509_INFO */; + } X509_INFO; DECLARE_STACK_OF(X509_INFO) #endif @@ -480,25 +480,25 @@ DECLARE_STACK_OF(X509_INFO) * Pat Richard <patr@x509.com> and are used to manipulate * Netscapes spki structures - useful if you are writing a CA web page */ -struct Netscape_spkac_st +typedef struct Netscape_spkac_st { X509_PUBKEY *pubkey; ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */ - } /* NETSCAPE_SPKAC */; + } NETSCAPE_SPKAC; -struct Netscape_spki_st +typedef struct Netscape_spki_st { NETSCAPE_SPKAC *spkac; /* signed public key and challenge */ X509_ALGOR *sig_algor; ASN1_BIT_STRING *signature; - } /* NETSCAPE_SPKI */; + } NETSCAPE_SPKI; /* Netscape certificate sequence structure */ -struct Netscape_certificate_sequence +typedef struct Netscape_certificate_sequence { ASN1_OBJECT *type; STACK_OF(X509) *certs; - } /* NETSCAPE_CERT_SEQUENCE */; + } NETSCAPE_CERT_SEQUENCE; /* Unused (and iv length is wrong) typedef struct CBCParameter_st @@ -509,24 +509,24 @@ typedef struct CBCParameter_st /* Password based encryption structure */ -struct PBEPARAM_st { +typedef struct PBEPARAM_st { ASN1_OCTET_STRING *salt; ASN1_INTEGER *iter; -} /* PBEPARAM */; +} PBEPARAM; /* Password based encryption V2 structures */ -struct PBE2PARAM_st { +typedef struct PBE2PARAM_st { X509_ALGOR *keyfunc; X509_ALGOR *encryption; -} /* PBE2PARAM */; +} PBE2PARAM; -struct PBKDF2PARAM_st { +typedef struct PBKDF2PARAM_st { ASN1_TYPE *salt; /* Usually OCTET STRING but could be anything */ ASN1_INTEGER *iter; ASN1_INTEGER *keylength; X509_ALGOR *prf; -} /* PBKDF2PARAM */; +} PBKDF2PARAM; /* PKCS#8 private key info structure */ @@ -896,7 +896,6 @@ OPENSSL_EXPORT int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name); OPENSSL_EXPORT int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm); OPENSSL_EXPORT int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm); OPENSSL_EXPORT int X509_CRL_sort(X509_CRL *crl); -OPENSSL_EXPORT void X509_CRL_up_ref(X509_CRL *crl); OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); @@ -1218,6 +1217,65 @@ OPENSSL_EXPORT int PKCS7_get_PEM_CRLs(STACK_OF(X509_CRL) *out_crls, } #endif +#define X509_F_ASN1_digest 100 +#define X509_F_ASN1_item_sign_ctx 101 +#define X509_F_ASN1_item_verify 102 +#define X509_F_NETSCAPE_SPKI_b64_decode 103 +#define X509_F_NETSCAPE_SPKI_b64_encode 104 +#define X509_F_PKCS7_get_certificates 105 +#define X509_F_X509_ATTRIBUTE_create_by_NID 106 +#define X509_F_X509_ATTRIBUTE_create_by_OBJ 107 +#define X509_F_X509_ATTRIBUTE_create_by_txt 108 +#define X509_F_X509_ATTRIBUTE_get0_data 109 +#define X509_F_X509_ATTRIBUTE_set1_data 110 +#define X509_F_X509_CRL_add0_revoked 111 +#define X509_F_X509_CRL_diff 112 +#define X509_F_X509_CRL_print_fp 113 +#define X509_F_X509_EXTENSION_create_by_NID 114 +#define X509_F_X509_EXTENSION_create_by_OBJ 115 +#define X509_F_X509_INFO_new 116 +#define X509_F_X509_NAME_ENTRY_create_by_NID 117 +#define X509_F_X509_NAME_ENTRY_create_by_txt 118 +#define X509_F_X509_NAME_ENTRY_set_object 119 +#define X509_F_X509_NAME_add_entry 120 +#define X509_F_X509_NAME_oneline 121 +#define X509_F_X509_NAME_print 122 +#define X509_F_X509_PKEY_new 123 +#define X509_F_X509_PUBKEY_get 124 +#define X509_F_X509_PUBKEY_set 125 +#define X509_F_X509_REQ_check_private_key 126 +#define X509_F_X509_REQ_to_X509 127 +#define X509_F_X509_STORE_CTX_get1_issuer 128 +#define X509_F_X509_STORE_CTX_init 129 +#define X509_F_X509_STORE_CTX_new 130 +#define X509_F_X509_STORE_CTX_purpose_inherit 131 +#define X509_F_X509_STORE_add_cert 132 +#define X509_F_X509_STORE_add_crl 133 +#define X509_F_X509_TRUST_add 134 +#define X509_F_X509_TRUST_set 135 +#define X509_F_X509_check_private_key 136 +#define X509_F_X509_get_pubkey_parameters 137 +#define X509_F_X509_load_cert_crl_file 138 +#define X509_F_X509_load_cert_file 139 +#define X509_F_X509_load_crl_file 140 +#define X509_F_X509_print_ex_fp 141 +#define X509_F_X509_to_X509_REQ 142 +#define X509_F_X509_verify_cert 143 +#define X509_F_X509at_add1_attr 144 +#define X509_F_X509v3_add_ext 145 +#define X509_F_add_cert_dir 146 +#define X509_F_by_file_ctrl 147 +#define X509_F_check_policy 148 +#define X509_F_dir_ctrl 149 +#define X509_F_get_cert_by_subject 150 +#define X509_F_i2d_DSA_PUBKEY 151 +#define X509_F_i2d_EC_PUBKEY 152 +#define X509_F_i2d_RSA_PUBKEY 153 +#define X509_F_x509_name_encode 154 +#define X509_F_x509_name_ex_d2i 155 +#define X509_F_x509_name_ex_new 156 +#define X509_F_pkcs7_parse_header 157 +#define X509_F_PKCS7_get_CRLs 158 #define X509_R_AKID_MISMATCH 100 #define X509_R_BAD_PKCS7_VERSION 101 #define X509_R_BAD_X509_FILETYPE 102 diff --git a/src/include/openssl/x509v3.h b/src/include/openssl/x509v3.h index b7b8ba7..5caa5c1 100644 --- a/src/include/openssl/x509v3.h +++ b/src/include/openssl/x509v3.h @@ -731,6 +731,63 @@ void ERR_load_X509V3_strings(void); #ifdef __cplusplus } #endif +#define X509V3_F_SXNET_add_id_INTEGER 100 +#define X509V3_F_SXNET_add_id_asc 101 +#define X509V3_F_SXNET_add_id_ulong 102 +#define X509V3_F_SXNET_get_id_asc 103 +#define X509V3_F_SXNET_get_id_ulong 104 +#define X509V3_F_X509V3_EXT_add 105 +#define X509V3_F_X509V3_EXT_add_alias 106 +#define X509V3_F_X509V3_EXT_free 107 +#define X509V3_F_X509V3_EXT_i2d 108 +#define X509V3_F_X509V3_EXT_nconf 109 +#define X509V3_F_X509V3_add1_i2d 110 +#define X509V3_F_X509V3_add_value 111 +#define X509V3_F_X509V3_get_section 112 +#define X509V3_F_X509V3_get_string 113 +#define X509V3_F_X509V3_get_value_bool 114 +#define X509V3_F_X509V3_parse_list 115 +#define X509V3_F_X509_PURPOSE_add 116 +#define X509V3_F_X509_PURPOSE_set 117 +#define X509V3_F_a2i_GENERAL_NAME 118 +#define X509V3_F_copy_email 119 +#define X509V3_F_copy_issuer 120 +#define X509V3_F_do_dirname 121 +#define X509V3_F_do_ext_i2d 122 +#define X509V3_F_do_ext_nconf 123 +#define X509V3_F_gnames_from_sectname 124 +#define X509V3_F_hex_to_string 125 +#define X509V3_F_i2s_ASN1_ENUMERATED 126 +#define X509V3_F_i2s_ASN1_IA5STRING 127 +#define X509V3_F_i2s_ASN1_INTEGER 128 +#define X509V3_F_i2v_AUTHORITY_INFO_ACCESS 129 +#define X509V3_F_notice_section 130 +#define X509V3_F_nref_nos 131 +#define X509V3_F_policy_section 132 +#define X509V3_F_process_pci_value 133 +#define X509V3_F_r2i_certpol 134 +#define X509V3_F_r2i_pci 135 +#define X509V3_F_s2i_ASN1_IA5STRING 136 +#define X509V3_F_s2i_ASN1_INTEGER 137 +#define X509V3_F_s2i_ASN1_OCTET_STRING 138 +#define X509V3_F_s2i_skey_id 139 +#define X509V3_F_set_dist_point_name 140 +#define X509V3_F_string_to_hex 141 +#define X509V3_F_v2i_ASN1_BIT_STRING 142 +#define X509V3_F_v2i_AUTHORITY_INFO_ACCESS 143 +#define X509V3_F_v2i_AUTHORITY_KEYID 144 +#define X509V3_F_v2i_BASIC_CONSTRAINTS 145 +#define X509V3_F_v2i_EXTENDED_KEY_USAGE 146 +#define X509V3_F_v2i_GENERAL_NAMES 147 +#define X509V3_F_v2i_GENERAL_NAME_ex 148 +#define X509V3_F_v2i_NAME_CONSTRAINTS 149 +#define X509V3_F_v2i_POLICY_CONSTRAINTS 150 +#define X509V3_F_v2i_POLICY_MAPPINGS 151 +#define X509V3_F_v2i_crld 152 +#define X509V3_F_v2i_idp 153 +#define X509V3_F_v2i_issuer_alt 154 +#define X509V3_F_v2i_subject_alt 155 +#define X509V3_F_v3_generic_extension 156 #define X509V3_R_BAD_IP_ADDRESS 100 #define X509V3_R_BAD_OBJECT 101 #define X509V3_R_BN_DEC2BN_ERROR 102 |