Compare commits

..

No commits in common. "a4bf3542e0b00cffe407c76ea2cc209908243292" and "df82cfe66b35e546a85b40f441614410c48cb572" have entirely different histories.

2469 changed files with 549529 additions and 2930 deletions

8
.gitignore vendored
View File

@ -1,8 +1,4 @@
**/node_modules
.keys .keys
.zsign_cache/
db.*
deps/ios_toolchain/
deps/openssl/
dist/
out out
**/node_modules
db.*

2614
Doxyfile

File diff suppressed because it is too large Load Diff

View File

@ -824,36 +824,18 @@ fetchdeps:
@test -f deps/prettier/html.mjs || curl -q --create-dirs -O --output-dir deps/prettier/ https://cdn.jsdelivr.net/npm/prettier@3.2.5/plugins/html.mjs @test -f deps/prettier/html.mjs || curl -q --create-dirs -O --output-dir deps/prettier/ https://cdn.jsdelivr.net/npm/prettier@3.2.5/plugins/html.mjs
@test -f deps/prettier/babel.mjs || curl -q --create-dirs -O --output-dir deps/prettier/ https://cdn.jsdelivr.net/npm/prettier@3.2.5/plugins/babel.mjs @test -f deps/prettier/babel.mjs || curl -q --create-dirs -O --output-dir deps/prettier/ https://cdn.jsdelivr.net/npm/prettier@3.2.5/plugins/babel.mjs
@test -f deps/prettier/estree.mjs || curl -q --create-dirs -O --output-dir deps/prettier/ https://cdn.jsdelivr.net/npm/prettier@3.2.5/plugins/estree.mjs @test -f deps/prettier/estree.mjs || curl -q --create-dirs -O --output-dir deps/prettier/ https://cdn.jsdelivr.net/npm/prettier@3.2.5/plugins/estree.mjs
.PHONY: fetchdeps .PHONE: fetchdeps
ANDROID_DEPS := deps/openssl/android/arm64-v8a/usr/local/lib/libssl.a
$(ANDROID_DEPS):
+@tools/ssl-android
$(filter $(BUILD_DIR)/android%,$(APP_OBJS)): | $(ANDROID_DEPS)
ifeq ($(HAVE_WIN),1)
WINDOWS_DEPS := deps/openssl/mingw64/usr/local/lib/libssl.a
$(WINDOWS_DEPS):
+@tools/ssl-mingw64
$(filter $(BUILD_DIR)/win%,$(APP_OBJS)): | $(WINDOWS_DEPS)
endif
ifeq ($(UNAME_S),Darwin)
IOS_DEPS := deps/openssl/ios/usr/local/lib/libssl.a
$(IOS_DEPS):
+@tools/ssl-ios
$(filter $(BUILD_DIR)/ios%,$(APP_OBJS)): | $(IOS_DEPS)
endif
clean: clean:
rm -rf $(BUILD_DIR) rm -rf $(BUILD_DIR)
.PHONY: clean .PHONY: clean
dist: release-apk iosrelease-ipa dist: release-apk iosrelease-ipa
@echo [archive] dist/tildefriends-$(VERSION_NUMBER).tar.xz @echo "[export] $$(svn info --show-item url)"
@rm -rf out/tildefriends-$(VERSION_NUMBER) @rm -rf tildefriends-$(VERSION_NUMBER)
@mkdir -p dist/ out/tildefriends-$(VERSION_NUMBER) @svn export -q . tildefriends-$(VERSION_NUMBER)
@git archive main | tar -x -C out/tildefriends-$(VERSION_NUMBER) @echo "tildefriends-$(VERSION_NUMBER): $(VERSION_NAME)" > tildefriends-$(VERSION_NUMBER)/VERSION
@echo "[tar] tildefriends-$(VERSION_NUMBER).tar.xz"
@tar \ @tar \
--exclude=apps/gg* \ --exclude=apps/gg* \
--exclude=apps/welcome* \ --exclude=apps/welcome* \
@ -870,14 +852,14 @@ dist: release-apk iosrelease-ipa
--exclude=deps/sqlite/shell.c \ --exclude=deps/sqlite/shell.c \
--exclude=deps/zlib/contrib/vstudio \ --exclude=deps/zlib/contrib/vstudio \
--exclude=deps/zlib/doc \ --exclude=deps/zlib/doc \
-caf dist/tildefriends-$(VERSION_NUMBER).tar.xz out/tildefriends-$(VERSION_NUMBER) -caf tildefriends-$(VERSION_NUMBER).tar.xz tildefriends-$(VERSION_NUMBER)
#@rm -rf out/tildefriends-$(VERSION_NUMBER) @rm -rf tildefriends-$(VERSION_NUMBER)
@echo "[cp] TildeFriends-x86-$(VERSION_NUMBER).apk" @echo "[cp] TildeFriends-x86-$(VERSION_NUMBER).apk"
@cp out/TildeFriends-x86-release.apk dist/TildeFriends-x86-$(VERSION_NUMBER).apk @cp out/TildeFriends-x86-release.apk TildeFriends-x86-$(VERSION_NUMBER).apk
@echo "[cp] TildeFriends-arm-$(VERSION_NUMBER).apk" @echo "[cp] TildeFriends-arm-$(VERSION_NUMBER).apk"
@cp out/TildeFriends-arm-release.apk dist/TildeFriends-arm-$(VERSION_NUMBER).apk @cp out/TildeFriends-arm-release.apk TildeFriends-arm-$(VERSION_NUMBER).apk
@echo "[cp] TildeFriends-$(VERSION_NUMBER).ipa" @echo "[cp] TildeFriends-$(VERSION_NUMBER).ipa"
@cp out/tildefriends-release.ipa dist/TildeFriends-$(VERSION_NUMBER).ipa @cp out/tildefriends-release.ipa TildeFriends-$(VERSION_NUMBER).ipa
.PHONY: dist .PHONY: dist
dist-test: dist dist-test: dist
@ -890,7 +872,3 @@ dist-test: dist
format: format:
@clang-format -i $(wildcard src/*.c src/*.h src/*.m) @clang-format -i $(wildcard src/*.c src/*.h src/*.m)
.PHONY: format .PHONY: format
docs:
@doxygen
.PHONY: docs

View File

@ -0,0 +1,16 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* This file is only used by HP C on VMS, and is included automatically
* after each header file from this directory
*/
/* restore state. Must correspond to the save in __decc_include_prologue.h */
#pragma names restore

View File

@ -0,0 +1,20 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* This file is only used by HP C on VMS, and is included automatically
* after each header file from this directory
*/
/* save state */
#pragma names save
/* have the compiler shorten symbols larger than 31 chars to 23 chars
* followed by a 8 hex char CRC
*/
#pragma names as_is,shortened

View File

@ -0,0 +1,514 @@
/*
* Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_AES_PLATFORM_H
# define OSSL_AES_PLATFORM_H
# pragma once
# include <openssl/aes.h>
# ifdef VPAES_ASM
int vpaes_set_encrypt_key(const unsigned char *userKey, int bits,
AES_KEY *key);
int vpaes_set_decrypt_key(const unsigned char *userKey, int bits,
AES_KEY *key);
void vpaes_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
void vpaes_decrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
void vpaes_cbc_encrypt(const unsigned char *in,
unsigned char *out,
size_t length,
const AES_KEY *key, unsigned char *ivec, int enc);
# endif /* VPAES_ASM */
# ifdef BSAES_ASM
void ossl_bsaes_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
unsigned char ivec[16], int enc);
void ossl_bsaes_ctr32_encrypt_blocks(const unsigned char *in,
unsigned char *out, size_t len,
const AES_KEY *key,
const unsigned char ivec[16]);
void ossl_bsaes_xts_encrypt(const unsigned char *inp, unsigned char *out,
size_t len, const AES_KEY *key1,
const AES_KEY *key2, const unsigned char iv[16]);
void ossl_bsaes_xts_decrypt(const unsigned char *inp, unsigned char *out,
size_t len, const AES_KEY *key1,
const AES_KEY *key2, const unsigned char iv[16]);
# endif /* BSAES_ASM */
# ifdef AES_CTR_ASM
void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const AES_KEY *key,
const unsigned char ivec[AES_BLOCK_SIZE]);
# endif /* AES_CTR_ASM */
# ifdef AES_XTS_ASM
void AES_xts_encrypt(const unsigned char *inp, unsigned char *out, size_t len,
const AES_KEY *key1, const AES_KEY *key2,
const unsigned char iv[16]);
void AES_xts_decrypt(const unsigned char *inp, unsigned char *out, size_t len,
const AES_KEY *key1, const AES_KEY *key2,
const unsigned char iv[16]);
# endif /* AES_XTS_ASM */
# if defined(OPENSSL_CPUID_OBJ)
# if (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC))
# include "crypto/ppc_arch.h"
# ifdef VPAES_ASM
# define VPAES_CAPABLE (OPENSSL_ppccap_P & PPC_ALTIVEC)
# endif
# if !defined(OPENSSL_SYS_AIX) && !defined(OPENSSL_SYS_MACOSX)
# define HWAES_CAPABLE (OPENSSL_ppccap_P & PPC_CRYPTO207)
# define HWAES_set_encrypt_key aes_p8_set_encrypt_key
# define HWAES_set_decrypt_key aes_p8_set_decrypt_key
# define HWAES_encrypt aes_p8_encrypt
# define HWAES_decrypt aes_p8_decrypt
# define HWAES_cbc_encrypt aes_p8_cbc_encrypt
# define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks
# define HWAES_xts_encrypt aes_p8_xts_encrypt
# define HWAES_xts_decrypt aes_p8_xts_decrypt
# define PPC_AES_GCM_CAPABLE (OPENSSL_ppccap_P & PPC_MADD300)
# define AES_GCM_ENC_BYTES 128
# define AES_GCM_DEC_BYTES 128
size_t ppc_aes_gcm_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key, unsigned char ivec[16],
u64 *Xi);
size_t ppc_aes_gcm_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key, unsigned char ivec[16],
u64 *Xi);
# define AES_GCM_ASM_PPC(gctx) ((gctx)->ctr==aes_p8_ctr32_encrypt_blocks && \
(gctx)->gcm.funcs.ghash==gcm_ghash_p8)
void gcm_ghash_p8(u64 Xi[2],const u128 Htable[16],const u8 *inp, size_t len);
# endif /* OPENSSL_SYS_AIX || OPENSSL_SYS_MACOSX */
# endif /* PPC */
# if (defined(__arm__) || defined(__arm) || defined(__aarch64__) || defined(_M_ARM64))
# include "arm_arch.h"
# if __ARM_MAX_ARCH__>=7
# if defined(BSAES_ASM)
# define BSAES_CAPABLE (OPENSSL_armcap_P & ARMV7_NEON)
# endif
# if defined(VPAES_ASM)
# define VPAES_CAPABLE (OPENSSL_armcap_P & ARMV7_NEON)
# endif
# define HWAES_CAPABLE (OPENSSL_armcap_P & ARMV8_AES)
# define HWAES_set_encrypt_key aes_v8_set_encrypt_key
# define HWAES_set_decrypt_key aes_v8_set_decrypt_key
# define HWAES_encrypt aes_v8_encrypt
# define HWAES_decrypt aes_v8_decrypt
# define HWAES_cbc_encrypt aes_v8_cbc_encrypt
# define HWAES_ecb_encrypt aes_v8_ecb_encrypt
# if __ARM_MAX_ARCH__>=8 && (defined(__aarch64__) || defined(_M_ARM64))
# define HWAES_xts_encrypt aes_v8_xts_encrypt
# define HWAES_xts_decrypt aes_v8_xts_decrypt
# endif
# define HWAES_ctr32_encrypt_blocks aes_v8_ctr32_encrypt_blocks
# define AES_PMULL_CAPABLE ((OPENSSL_armcap_P & ARMV8_PMULL) && (OPENSSL_armcap_P & ARMV8_AES))
# define AES_GCM_ENC_BYTES 512
# define AES_GCM_DEC_BYTES 512
# if __ARM_MAX_ARCH__>=8 && (defined(__aarch64__) || defined(_M_ARM64))
# define AES_gcm_encrypt armv8_aes_gcm_encrypt
# define AES_gcm_decrypt armv8_aes_gcm_decrypt
# define AES_GCM_ASM(gctx) ((gctx)->ctr==aes_v8_ctr32_encrypt_blocks && \
(gctx)->gcm.funcs.ghash==gcm_ghash_v8)
/* The [unroll8_eor3_]aes_gcm_(enc|dec)_(128|192|256)_kernel() functions
* take input length in BITS and return number of BYTES processed */
size_t aes_gcm_enc_128_kernel(const uint8_t *plaintext, uint64_t plaintext_length, uint8_t *ciphertext,
uint64_t *Xi, unsigned char ivec[16], const void *key);
size_t aes_gcm_enc_192_kernel(const uint8_t *plaintext, uint64_t plaintext_length, uint8_t *ciphertext,
uint64_t *Xi, unsigned char ivec[16], const void *key);
size_t aes_gcm_enc_256_kernel(const uint8_t *plaintext, uint64_t plaintext_length, uint8_t *ciphertext,
uint64_t *Xi, unsigned char ivec[16], const void *key);
size_t aes_gcm_dec_128_kernel(const uint8_t *ciphertext, uint64_t plaintext_length, uint8_t *plaintext,
uint64_t *Xi, unsigned char ivec[16], const void *key);
size_t aes_gcm_dec_192_kernel(const uint8_t *ciphertext, uint64_t plaintext_length, uint8_t *plaintext,
uint64_t *Xi, unsigned char ivec[16], const void *key);
size_t aes_gcm_dec_256_kernel(const uint8_t *ciphertext, uint64_t plaintext_length, uint8_t *plaintext,
uint64_t *Xi, unsigned char ivec[16], const void *key);
size_t unroll8_eor3_aes_gcm_enc_128_kernel(const uint8_t *plaintext, uint64_t plaintext_length, uint8_t *ciphertext,
uint64_t *Xi, unsigned char ivec[16], const void *key);
size_t unroll8_eor3_aes_gcm_enc_192_kernel(const uint8_t *plaintext, uint64_t plaintext_length, uint8_t *ciphertext,
uint64_t *Xi, unsigned char ivec[16], const void *key);
size_t unroll8_eor3_aes_gcm_enc_256_kernel(const uint8_t *plaintext, uint64_t plaintext_length, uint8_t *ciphertext,
uint64_t *Xi, unsigned char ivec[16], const void *key);
size_t unroll8_eor3_aes_gcm_dec_128_kernel(const uint8_t *ciphertext, uint64_t plaintext_length, uint8_t *plaintext,
uint64_t *Xi, unsigned char ivec[16], const void *key);
size_t unroll8_eor3_aes_gcm_dec_192_kernel(const uint8_t *ciphertext, uint64_t plaintext_length, uint8_t *plaintext,
uint64_t *Xi, unsigned char ivec[16], const void *key);
size_t unroll8_eor3_aes_gcm_dec_256_kernel(const uint8_t *ciphertext, uint64_t plaintext_length, uint8_t *plaintext,
uint64_t *Xi, unsigned char ivec[16], const void *key);
size_t armv8_aes_gcm_encrypt(const unsigned char *in, unsigned char *out, size_t len, const void *key,
unsigned char ivec[16], u64 *Xi);
size_t armv8_aes_gcm_decrypt(const unsigned char *in, unsigned char *out, size_t len, const void *key,
unsigned char ivec[16], u64 *Xi);
void gcm_ghash_v8(u64 Xi[2],const u128 Htable[16],const u8 *inp, size_t len);
# endif
# endif
# endif
# endif /* OPENSSL_CPUID_OBJ */
# if defined(AES_ASM) && ( \
defined(__x86_64) || defined(__x86_64__) || \
defined(_M_AMD64) || defined(_M_X64) )
# define AES_CBC_HMAC_SHA_CAPABLE 1
# define AESNI_CBC_HMAC_SHA_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(57-32)))
# endif
# if defined(__loongarch__) || defined(__loongarch64)
# include "loongarch_arch.h"
# if defined(VPAES_ASM)
# define VPAES_CAPABLE (OPENSSL_loongarch_hwcap_P & LOONGARCH_HWCAP_LSX)
# endif
# endif
# if defined(AES_ASM) && !defined(I386_ONLY) && ( \
((defined(__i386) || defined(__i386__) || \
defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \
defined(__x86_64) || defined(__x86_64__) || \
defined(_M_AMD64) || defined(_M_X64) )
/* AES-NI section */
# define AESNI_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(57-32)))
# ifdef VPAES_ASM
# define VPAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32)))
# endif
# ifdef BSAES_ASM
# define BSAES_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(41-32)))
# endif
# define AES_GCM_ENC_BYTES 32
# define AES_GCM_DEC_BYTES 16
int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
AES_KEY *key);
int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
AES_KEY *key);
void aesni_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
void aesni_decrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
void aesni_ecb_encrypt(const unsigned char *in,
unsigned char *out,
size_t length, const AES_KEY *key, int enc);
void aesni_cbc_encrypt(const unsigned char *in,
unsigned char *out,
size_t length,
const AES_KEY *key, unsigned char *ivec, int enc);
# ifndef OPENSSL_NO_OCB
void aesni_ocb_encrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const void *key,
size_t start_block_num,
unsigned char offset_i[16],
const unsigned char L_[][16],
unsigned char checksum[16]);
void aesni_ocb_decrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const void *key,
size_t start_block_num,
unsigned char offset_i[16],
const unsigned char L_[][16],
unsigned char checksum[16]);
# endif /* OPENSSL_NO_OCB */
void aesni_ctr32_encrypt_blocks(const unsigned char *in,
unsigned char *out,
size_t blocks,
const void *key, const unsigned char *ivec);
void aesni_xts_encrypt(const unsigned char *in,
unsigned char *out,
size_t length,
const AES_KEY *key1, const AES_KEY *key2,
const unsigned char iv[16]);
void aesni_xts_decrypt(const unsigned char *in,
unsigned char *out,
size_t length,
const AES_KEY *key1, const AES_KEY *key2,
const unsigned char iv[16]);
void aesni_ccm64_encrypt_blocks(const unsigned char *in,
unsigned char *out,
size_t blocks,
const void *key,
const unsigned char ivec[16],
unsigned char cmac[16]);
void aesni_ccm64_decrypt_blocks(const unsigned char *in,
unsigned char *out,
size_t blocks,
const void *key,
const unsigned char ivec[16],
unsigned char cmac[16]);
# if defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
size_t aesni_gcm_encrypt(const unsigned char *in, unsigned char *out, size_t len,
const void *key, unsigned char ivec[16], u64 *Xi);
size_t aesni_gcm_decrypt(const unsigned char *in, unsigned char *out, size_t len,
const void *key, unsigned char ivec[16], u64 *Xi);
void gcm_ghash_avx(u64 Xi[2], const u128 Htable[16], const u8 *in, size_t len);
# define AES_gcm_encrypt aesni_gcm_encrypt
# define AES_gcm_decrypt aesni_gcm_decrypt
# define AES_GCM_ASM(ctx) (ctx->ctr == aesni_ctr32_encrypt_blocks && \
ctx->gcm.funcs.ghash == gcm_ghash_avx)
# endif
# elif defined(AES_ASM) && (defined(__sparc) || defined(__sparc__))
/* Fujitsu SPARC64 X support */
# include "crypto/sparc_arch.h"
# define SPARC_AES_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_AES)
# define HWAES_CAPABLE (OPENSSL_sparcv9cap_P[0] & SPARCV9_FJAESX)
# define HWAES_set_encrypt_key aes_fx_set_encrypt_key
# define HWAES_set_decrypt_key aes_fx_set_decrypt_key
# define HWAES_encrypt aes_fx_encrypt
# define HWAES_decrypt aes_fx_decrypt
# define HWAES_cbc_encrypt aes_fx_cbc_encrypt
# define HWAES_ctr32_encrypt_blocks aes_fx_ctr32_encrypt_blocks
void aes_t4_set_encrypt_key(const unsigned char *key, int bits, AES_KEY *ks);
void aes_t4_set_decrypt_key(const unsigned char *key, int bits, AES_KEY *ks);
void aes_t4_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
void aes_t4_decrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
/*
* Key-length specific subroutines were chosen for following reason.
* Each SPARC T4 core can execute up to 8 threads which share core's
* resources. Loading as much key material to registers allows to
* minimize references to shared memory interface, as well as amount
* of instructions in inner loops [much needed on T4]. But then having
* non-key-length specific routines would require conditional branches
* either in inner loops or on subroutines' entries. Former is hardly
* acceptable, while latter means code size increase to size occupied
* by multiple key-length specific subroutines, so why fight?
*/
void aes128_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const AES_KEY *key,
unsigned char *ivec, int /*unused*/);
void aes128_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const AES_KEY *key,
unsigned char *ivec, int /*unused*/);
void aes192_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const AES_KEY *key,
unsigned char *ivec, int /*unused*/);
void aes192_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const AES_KEY *key,
unsigned char *ivec, int /*unused*/);
void aes256_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const AES_KEY *key,
unsigned char *ivec, int /*unused*/);
void aes256_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const AES_KEY *key,
unsigned char *ivec, int /*unused*/);
void aes128_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const AES_KEY *key,
unsigned char *ivec);
void aes192_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const AES_KEY *key,
unsigned char *ivec);
void aes256_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const AES_KEY *key,
unsigned char *ivec);
void aes128_t4_xts_encrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const AES_KEY *key1,
const AES_KEY *key2, const unsigned char *ivec);
void aes128_t4_xts_decrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const AES_KEY *key1,
const AES_KEY *key2, const unsigned char *ivec);
void aes256_t4_xts_encrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const AES_KEY *key1,
const AES_KEY *key2, const unsigned char *ivec);
void aes256_t4_xts_decrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const AES_KEY *key1,
const AES_KEY *key2, const unsigned char *ivec);
# elif defined(OPENSSL_CPUID_OBJ) && defined(__s390__)
/* IBM S390X support */
# include "s390x_arch.h"
/* Convert key size to function code: [16,24,32] -> [18,19,20]. */
# define S390X_AES_FC(keylen) (S390X_AES_128 + ((((keylen) << 3) - 128) >> 6))
/* Most modes of operation need km for partial block processing. */
# define S390X_aes_128_CAPABLE (OPENSSL_s390xcap_P.km[0] & \
S390X_CAPBIT(S390X_AES_128))
# define S390X_aes_192_CAPABLE (OPENSSL_s390xcap_P.km[0] & \
S390X_CAPBIT(S390X_AES_192))
# define S390X_aes_256_CAPABLE (OPENSSL_s390xcap_P.km[0] & \
S390X_CAPBIT(S390X_AES_256))
# define S390X_aes_128_cbc_CAPABLE 1 /* checked by callee */
# define S390X_aes_192_cbc_CAPABLE 1
# define S390X_aes_256_cbc_CAPABLE 1
# define S390X_aes_128_ecb_CAPABLE S390X_aes_128_CAPABLE
# define S390X_aes_192_ecb_CAPABLE S390X_aes_192_CAPABLE
# define S390X_aes_256_ecb_CAPABLE S390X_aes_256_CAPABLE
# define S390X_aes_128_ofb_CAPABLE (S390X_aes_128_CAPABLE && \
(OPENSSL_s390xcap_P.kmo[0] & \
S390X_CAPBIT(S390X_AES_128)))
# define S390X_aes_192_ofb_CAPABLE (S390X_aes_192_CAPABLE && \
(OPENSSL_s390xcap_P.kmo[0] & \
S390X_CAPBIT(S390X_AES_192)))
# define S390X_aes_256_ofb_CAPABLE (S390X_aes_256_CAPABLE && \
(OPENSSL_s390xcap_P.kmo[0] & \
S390X_CAPBIT(S390X_AES_256)))
# define S390X_aes_128_cfb_CAPABLE (S390X_aes_128_CAPABLE && \
(OPENSSL_s390xcap_P.kmf[0] & \
S390X_CAPBIT(S390X_AES_128)))
# define S390X_aes_192_cfb_CAPABLE (S390X_aes_192_CAPABLE && \
(OPENSSL_s390xcap_P.kmf[0] & \
S390X_CAPBIT(S390X_AES_192)))
# define S390X_aes_256_cfb_CAPABLE (S390X_aes_256_CAPABLE && \
(OPENSSL_s390xcap_P.kmf[0] & \
S390X_CAPBIT(S390X_AES_256)))
# define S390X_aes_128_cfb8_CAPABLE (OPENSSL_s390xcap_P.kmf[0] & \
S390X_CAPBIT(S390X_AES_128))
# define S390X_aes_192_cfb8_CAPABLE (OPENSSL_s390xcap_P.kmf[0] & \
S390X_CAPBIT(S390X_AES_192))
# define S390X_aes_256_cfb8_CAPABLE (OPENSSL_s390xcap_P.kmf[0] & \
S390X_CAPBIT(S390X_AES_256))
# define S390X_aes_128_cfb1_CAPABLE 0
# define S390X_aes_192_cfb1_CAPABLE 0
# define S390X_aes_256_cfb1_CAPABLE 0
# define S390X_aes_128_ctr_CAPABLE 1 /* checked by callee */
# define S390X_aes_192_ctr_CAPABLE 1
# define S390X_aes_256_ctr_CAPABLE 1
# define S390X_aes_128_xts_CAPABLE 1 /* checked by callee */
# define S390X_aes_256_xts_CAPABLE 1
# define S390X_aes_128_gcm_CAPABLE (S390X_aes_128_CAPABLE && \
(OPENSSL_s390xcap_P.kma[0] & \
S390X_CAPBIT(S390X_AES_128)))
# define S390X_aes_192_gcm_CAPABLE (S390X_aes_192_CAPABLE && \
(OPENSSL_s390xcap_P.kma[0] & \
S390X_CAPBIT(S390X_AES_192)))
# define S390X_aes_256_gcm_CAPABLE (S390X_aes_256_CAPABLE && \
(OPENSSL_s390xcap_P.kma[0] & \
S390X_CAPBIT(S390X_AES_256)))
# define S390X_aes_128_ccm_CAPABLE (S390X_aes_128_CAPABLE && \
(OPENSSL_s390xcap_P.kmac[0] & \
S390X_CAPBIT(S390X_AES_128)))
# define S390X_aes_192_ccm_CAPABLE (S390X_aes_192_CAPABLE && \
(OPENSSL_s390xcap_P.kmac[0] & \
S390X_CAPBIT(S390X_AES_192)))
# define S390X_aes_256_ccm_CAPABLE (S390X_aes_256_CAPABLE && \
(OPENSSL_s390xcap_P.kmac[0] & \
S390X_CAPBIT(S390X_AES_256)))
# define S390X_CCM_AAD_FLAG 0x40
# ifndef OPENSSL_NO_OCB
# define S390X_aes_128_ocb_CAPABLE 0
# define S390X_aes_192_ocb_CAPABLE 0
# define S390X_aes_256_ocb_CAPABLE 0
# endif /* OPENSSL_NO_OCB */
# ifndef OPENSSL_NO_SIV
# define S390X_aes_128_siv_CAPABLE 0
# define S390X_aes_192_siv_CAPABLE 0
# define S390X_aes_256_siv_CAPABLE 0
# endif /* OPENSSL_NO_SIV */
/* Convert key size to function code: [16,24,32] -> [18,19,20]. */
# define S390X_AES_FC(keylen) (S390X_AES_128 + ((((keylen) << 3) - 128) >> 6))
# elif defined(OPENSSL_CPUID_OBJ) && defined(__riscv) && __riscv_xlen == 64
/* RISC-V 64 support */
# include "riscv_arch.h"
int rv64i_zkne_set_encrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key);
int rv64i_zknd_set_decrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key);
void rv64i_zkne_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
void rv64i_zknd_decrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
# elif defined(OPENSSL_CPUID_OBJ) && defined(__riscv) && __riscv_xlen == 32
/* RISC-V 32 support */
# include "riscv_arch.h"
int rv32i_zkne_set_encrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key);
/* set_decrypt_key needs both zknd and zkne */
int rv32i_zknd_zkne_set_decrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key);
int rv32i_zbkb_zkne_set_encrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key);
int rv32i_zbkb_zknd_zkne_set_decrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key);
void rv32i_zkne_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
void rv32i_zknd_decrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
# endif
# if defined(HWAES_CAPABLE)
int HWAES_set_encrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key);
int HWAES_set_decrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key);
void HWAES_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
void HWAES_decrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key);
void HWAES_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
unsigned char *ivec, const int enc);
void HWAES_ecb_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
const int enc);
void HWAES_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
const unsigned char ivec[16]);
void HWAES_xts_encrypt(const unsigned char *inp, unsigned char *out,
size_t len, const AES_KEY *key1,
const AES_KEY *key2, const unsigned char iv[16]);
void HWAES_xts_decrypt(const unsigned char *inp, unsigned char *out,
size_t len, const AES_KEY *key1,
const AES_KEY *key2, const unsigned char iv[16]);
# ifndef OPENSSL_NO_OCB
# ifdef HWAES_ocb_encrypt
void HWAES_ocb_encrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const void *key,
size_t start_block_num,
unsigned char offset_i[16],
const unsigned char L_[][16],
unsigned char checksum[16]);
# else
# define HWAES_ocb_encrypt ((ocb128_f)NULL)
# endif
# ifdef HWAES_ocb_decrypt
void HWAES_ocb_decrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const void *key,
size_t start_block_num,
unsigned char offset_i[16],
const unsigned char L_[][16],
unsigned char checksum[16]);
# else
# define HWAES_ocb_decrypt ((ocb128_f)NULL)
# endif
# endif /* OPENSSL_NO_OCB */
# endif /* HWAES_CAPABLE */
#endif /* OSSL_AES_PLATFORM_H */

View File

@ -0,0 +1,51 @@
/*
* Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Copyright (c) 2017 National Security Research Institute. All rights reserved. */
#ifndef OSSL_CRYPTO_ARIA_H
# define OSSL_CRYPTO_ARIA_H
# pragma once
# include <openssl/opensslconf.h>
# ifdef OPENSSL_NO_ARIA
# error ARIA is disabled.
# endif
# define ARIA_ENCRYPT 1
# define ARIA_DECRYPT 0
# define ARIA_BLOCK_SIZE 16 /* Size of each encryption/decryption block */
# define ARIA_MAX_KEYS 17 /* Number of keys needed in the worst case */
typedef union {
unsigned char c[ARIA_BLOCK_SIZE];
unsigned int u[ARIA_BLOCK_SIZE / sizeof(unsigned int)];
} ARIA_u128;
typedef unsigned char ARIA_c128[ARIA_BLOCK_SIZE];
struct aria_key_st {
ARIA_u128 rd_key[ARIA_MAX_KEYS];
unsigned int rounds;
};
typedef struct aria_key_st ARIA_KEY;
int ossl_aria_set_encrypt_key(const unsigned char *userKey, const int bits,
ARIA_KEY *key);
int ossl_aria_set_decrypt_key(const unsigned char *userKey, const int bits,
ARIA_KEY *key);
void ossl_aria_encrypt(const unsigned char *in, unsigned char *out,
const ARIA_KEY *key);
#endif

View File

@ -0,0 +1,153 @@
/*
* Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_ASN1_H
# define OSSL_CRYPTO_ASN1_H
# pragma once
# include <openssl/asn1.h>
# include <openssl/core_dispatch.h> /* OSSL_FUNC_keymgmt_import() */
/* Internal ASN1 structures and functions: not for application use */
/* ASN1 public key method structure */
#include <openssl/core.h>
struct evp_pkey_asn1_method_st {
int pkey_id;
int pkey_base_id;
unsigned long pkey_flags;
char *pem_str;
char *info;
int (*pub_decode) (EVP_PKEY *pk, const X509_PUBKEY *pub);
int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx);
int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx);
int (*pkey_size) (const EVP_PKEY *pk);
int (*pkey_bits) (const EVP_PKEY *pk);
int (*pkey_security_bits) (const EVP_PKEY *pk);
int (*param_decode) (EVP_PKEY *pkey,
const unsigned char **pder, int derlen);
int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
int (*param_missing) (const EVP_PKEY *pk);
int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx);
int (*sig_print) (BIO *out,
const X509_ALGOR *sigalg, const ASN1_STRING *sig,
int indent, ASN1_PCTX *pctx);
void (*pkey_free) (EVP_PKEY *pkey);
int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);
/* Legacy functions for old PEM */
int (*old_priv_decode) (EVP_PKEY *pkey,
const unsigned char **pder, int derlen);
int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);
/* Custom ASN1 signature verification */
int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, const void *data,
const X509_ALGOR *a, const ASN1_BIT_STRING *sig,
EVP_PKEY *pkey);
int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, const void *data,
X509_ALGOR *alg1, X509_ALGOR *alg2,
ASN1_BIT_STRING *sig);
int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
const ASN1_STRING *sig);
/* Check */
int (*pkey_check) (const EVP_PKEY *pk);
int (*pkey_public_check) (const EVP_PKEY *pk);
int (*pkey_param_check) (const EVP_PKEY *pk);
/* Get/set raw private/public key data */
int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);
int (*get_priv_key) (const EVP_PKEY *pk, unsigned char *priv, size_t *len);
int (*get_pub_key) (const EVP_PKEY *pk, unsigned char *pub, size_t *len);
/* Exports and imports to / from providers */
size_t (*dirty_cnt) (const EVP_PKEY *pk);
int (*export_to) (const EVP_PKEY *pk, void *to_keydata,
OSSL_FUNC_keymgmt_import_fn *importer,
OSSL_LIB_CTX *libctx, const char *propq);
OSSL_CALLBACK *import_from;
int (*copy) (EVP_PKEY *to, EVP_PKEY *from);
int (*priv_decode_ex) (EVP_PKEY *pk,
const PKCS8_PRIV_KEY_INFO *p8inf,
OSSL_LIB_CTX *libctx,
const char *propq);
} /* EVP_PKEY_ASN1_METHOD */ ;
DEFINE_STACK_OF_CONST(EVP_PKEY_ASN1_METHOD)
extern const EVP_PKEY_ASN1_METHOD ossl_dh_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD ossl_dhx_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD ossl_dsa_asn1_meths[5];
extern const EVP_PKEY_ASN1_METHOD ossl_eckey_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD ossl_ecx25519_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD ossl_ecx448_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD ossl_ed25519_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD ossl_ed448_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD ossl_sm2_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD ossl_rsa_asn1_meths[2];
extern const EVP_PKEY_ASN1_METHOD ossl_rsa_pss_asn1_meth;
/*
* These are used internally in the ASN1_OBJECT to keep track of whether the
* names and data need to be free()ed
*/
# define ASN1_OBJECT_FLAG_DYNAMIC 0x01/* internal use */
# define ASN1_OBJECT_FLAG_CRITICAL 0x02/* critical x509v3 object id */
# define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04/* internal use */
# define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08/* internal use */
struct asn1_object_st {
const char *sn, *ln;
int nid;
int length;
const unsigned char *data; /* data remains const after init */
int flags; /* Should we free this one */
};
/* ASN1 print context structure */
struct asn1_pctx_st {
unsigned long flags;
unsigned long nm_flags;
unsigned long cert_flags;
unsigned long oid_flags;
unsigned long str_flags;
} /* ASN1_PCTX */ ;
/* ASN1 type functions */
int ossl_asn1_type_set_octetstring_int(ASN1_TYPE *a, long num,
unsigned char *data, int len);
int ossl_asn1_type_get_octetstring_int(const ASN1_TYPE *a, long *num,
unsigned char *data, int max_len);
int ossl_x509_algor_new_from_md(X509_ALGOR **palg, const EVP_MD *md);
const EVP_MD *ossl_x509_algor_get_md(X509_ALGOR *alg);
X509_ALGOR *ossl_x509_algor_mgf1_decode(X509_ALGOR *alg);
int ossl_x509_algor_md_to_mgf1(X509_ALGOR **palg, const EVP_MD *mgf1md);
int ossl_asn1_time_print_ex(BIO *bp, const ASN1_TIME *tm, unsigned long flags);
EVP_PKEY *ossl_d2i_PrivateKey_legacy(int keytype, EVP_PKEY **a,
const unsigned char **pp, long length,
OSSL_LIB_CTX *libctx, const char *propq);
X509_ALGOR *ossl_X509_ALGOR_from_nid(int nid, int ptype, void *pval);
time_t ossl_asn1_string_to_time_t(const char *asn1_string);
void ossl_asn1_string_set_bits_left(ASN1_STRING *str, unsigned int num);
#endif /* ndef OSSL_CRYPTO_ASN1_H */

View File

@ -0,0 +1,24 @@
/*
* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_ASN1_DSA_H
# define OSSL_CRYPTO_ASN1_DSA_H
# pragma once
#include "internal/packet.h"
int ossl_encode_der_length(WPACKET *pkt, size_t cont_len);
int ossl_encode_der_integer(WPACKET *pkt, const BIGNUM *n);
int ossl_encode_der_dsa_sig(WPACKET *pkt, const BIGNUM *r, const BIGNUM *s);
int ossl_decode_der_length(PACKET *pkt, PACKET *subpkt);
int ossl_decode_der_integer(PACKET *pkt, BIGNUM *n);
size_t ossl_decode_der_dsa_sig(BIGNUM *r, BIGNUM *s, const unsigned char **ppin,
size_t len);
#endif

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_ASN1ERR_H
# define OSSL_CRYPTO_ASN1ERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_ASN1_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,19 @@
/*
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_ASYNC_H
# define OSSL_CRYPTO_ASYNC_H
# pragma once
# include <openssl/async.h>
int async_init(void);
void async_deinit(void);
#endif

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_ASYNCERR_H
# define OSSL_CRYPTO_ASYNCERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_ASYNC_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_BIOERR_H
# define OSSL_CRYPTO_BIOERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_BIO_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,128 @@
/*
* Copyright 2014-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_BN_H
# define OSSL_CRYPTO_BN_H
# pragma once
# include <openssl/bn.h>
# include <limits.h>
BIGNUM *bn_wexpand(BIGNUM *a, int words);
BIGNUM *bn_expand2(BIGNUM *a, int words);
void bn_correct_top(BIGNUM *a);
/*
* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
* This is an array r[] of values that are either zero or odd with an
* absolute value less than 2^w satisfying scalar = \sum_j r[j]*2^j where at
* most one of any w+1 consecutive digits is non-zero with the exception that
* the most significant digit may be only w-1 zeros away from that next
* non-zero digit.
*/
signed char *bn_compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len);
int bn_get_top(const BIGNUM *a);
int bn_get_dmax(const BIGNUM *a);
/* Set all words to zero */
void bn_set_all_zero(BIGNUM *a);
/*
* Copy the internal BIGNUM words into out which holds size elements (and size
* must be bigger than top)
*/
int bn_copy_words(BN_ULONG *out, const BIGNUM *in, int size);
BN_ULONG *bn_get_words(const BIGNUM *a);
/*
* Set the internal data words in a to point to words which contains size
* elements. The BN_FLG_STATIC_DATA flag is set
*/
void bn_set_static_words(BIGNUM *a, const BN_ULONG *words, int size);
/*
* Copy words into the BIGNUM |a|, reallocating space as necessary.
* The negative flag of |a| is not modified.
* Returns 1 on success and 0 on failure.
*/
/*
* |num_words| is int because bn_expand2 takes an int. This is an internal
* function so we simply trust callers not to pass negative values.
*/
int bn_set_words(BIGNUM *a, const BN_ULONG *words, int num_words);
/*
* Some BIGNUM functions assume most significant limb to be non-zero, which
* is customarily arranged by bn_correct_top. Output from below functions
* is not processed with bn_correct_top, and for this reason it may not be
* returned out of public API. It may only be passed internally into other
* functions known to support non-minimal or zero-padded BIGNUMs. Even
* though the goal is to facilitate constant-time-ness, not each subroutine
* is constant-time by itself. They all have pre-conditions, consult source
* code...
*/
int bn_mul_mont_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
BN_MONT_CTX *mont, BN_CTX *ctx);
int bn_to_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
BN_CTX *ctx);
int bn_from_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
BN_CTX *ctx);
int bn_mod_add_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *m);
int bn_mod_sub_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
const BIGNUM *m);
int bn_mul_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
int bn_sqr_fixed_top(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
int bn_lshift_fixed_top(BIGNUM *r, const BIGNUM *a, int n);
int bn_rshift_fixed_top(BIGNUM *r, const BIGNUM *a, int n);
int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
const BIGNUM *d, BN_CTX *ctx);
#define BN_PRIMETEST_COMPOSITE 0
#define BN_PRIMETEST_COMPOSITE_WITH_FACTOR 1
#define BN_PRIMETEST_COMPOSITE_NOT_POWER_OF_PRIME 2
#define BN_PRIMETEST_PROBABLY_PRIME 3
int ossl_bn_miller_rabin_is_prime(const BIGNUM *w, int iterations, BN_CTX *ctx,
BN_GENCB *cb, int enhanced, int *status);
int ossl_bn_check_generated_prime(const BIGNUM *w, int checks, BN_CTX *ctx,
BN_GENCB *cb);
const BIGNUM *ossl_bn_get0_small_factors(void);
int ossl_bn_rsa_fips186_4_gen_prob_primes(BIGNUM *p, BIGNUM *Xpout,
BIGNUM *p1, BIGNUM *p2,
const BIGNUM *Xp, const BIGNUM *Xp1,
const BIGNUM *Xp2, int nlen,
const BIGNUM *e, BN_CTX *ctx,
BN_GENCB *cb);
int ossl_bn_rsa_fips186_4_derive_prime(BIGNUM *Y, BIGNUM *X, const BIGNUM *Xin,
const BIGNUM *r1, const BIGNUM *r2,
int nlen, const BIGNUM *e, BN_CTX *ctx,
BN_GENCB *cb);
OSSL_LIB_CTX *ossl_bn_get_libctx(BN_CTX *ctx);
extern const BIGNUM ossl_bn_inv_sqrt_2;
#if defined(OPENSSL_SYS_LINUX) && !defined(FIPS_MODULE) && defined (__s390x__)
# define S390X_MOD_EXP
#endif
int s390x_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
int s390x_crt(BIGNUM *r, const BIGNUM *i, const BIGNUM *p, const BIGNUM *q,
const BIGNUM *dmp, const BIGNUM *dmq, const BIGNUM *iqmp);
#endif

View File

@ -0,0 +1,29 @@
/* WARNING: do not edit! */
/* Generated by Makefile from include/crypto/bn_conf.h.in */
/*
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_BN_CONF_H
# define OSSL_CRYPTO_BN_CONF_H
# pragma once
/*
* The contents of this file are not used in the UEFI build, as
* both 32-bit and 64-bit builds are supported from a single run
* of the Configure script.
*/
/* Should we define BN_DIV2W here? */
/* Only one for the following should be defined */
#define SIXTY_FOUR_BIT_LONG
#undef SIXTY_FOUR_BIT
#undef THIRTY_TWO_BIT
#endif

View File

@ -0,0 +1,28 @@
{- join("\n",map { "/* $_ */" } @autowarntext) -}
/*
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_BN_CONF_H
# define OSSL_CRYPTO_BN_CONF_H
# pragma once
/*
* The contents of this file are not used in the UEFI build, as
* both 32-bit and 64-bit builds are supported from a single run
* of the Configure script.
*/
/* Should we define BN_DIV2W here? */
/* Only one for the following should be defined */
{- $config{b64l} ? "#define" : "#undef" -} SIXTY_FOUR_BIT_LONG
{- $config{b64} ? "#define" : "#undef" -} SIXTY_FOUR_BIT
{- $config{b32} ? "#define" : "#undef" -} THIRTY_TWO_BIT
#endif

View File

@ -0,0 +1,43 @@
/*
* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#define declare_dh_bn(x) \
extern const BIGNUM ossl_bignum_dh##x##_p; \
extern const BIGNUM ossl_bignum_dh##x##_q; \
extern const BIGNUM ossl_bignum_dh##x##_g; \
declare_dh_bn(1024_160)
declare_dh_bn(2048_224)
declare_dh_bn(2048_256)
extern const BIGNUM ossl_bignum_const_2;
extern const BIGNUM ossl_bignum_ffdhe2048_p;
extern const BIGNUM ossl_bignum_ffdhe3072_p;
extern const BIGNUM ossl_bignum_ffdhe4096_p;
extern const BIGNUM ossl_bignum_ffdhe6144_p;
extern const BIGNUM ossl_bignum_ffdhe8192_p;
extern const BIGNUM ossl_bignum_ffdhe2048_q;
extern const BIGNUM ossl_bignum_ffdhe3072_q;
extern const BIGNUM ossl_bignum_ffdhe4096_q;
extern const BIGNUM ossl_bignum_ffdhe6144_q;
extern const BIGNUM ossl_bignum_ffdhe8192_q;
extern const BIGNUM ossl_bignum_modp_1536_p;
extern const BIGNUM ossl_bignum_modp_2048_p;
extern const BIGNUM ossl_bignum_modp_3072_p;
extern const BIGNUM ossl_bignum_modp_4096_p;
extern const BIGNUM ossl_bignum_modp_6144_p;
extern const BIGNUM ossl_bignum_modp_8192_p;
extern const BIGNUM ossl_bignum_modp_1536_q;
extern const BIGNUM ossl_bignum_modp_2048_q;
extern const BIGNUM ossl_bignum_modp_3072_q;
extern const BIGNUM ossl_bignum_modp_4096_q;
extern const BIGNUM ossl_bignum_modp_6144_q;
extern const BIGNUM ossl_bignum_modp_8192_q;

View File

@ -0,0 +1,32 @@
/*
* Copyright 2014-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_NO_SRP
extern const BIGNUM ossl_bn_group_1024;
extern const BIGNUM ossl_bn_group_1536;
extern const BIGNUM ossl_bn_group_2048;
extern const BIGNUM ossl_bn_group_3072;
extern const BIGNUM ossl_bn_group_4096;
extern const BIGNUM ossl_bn_group_6144;
extern const BIGNUM ossl_bn_group_8192;
extern const BIGNUM ossl_bn_generator_19;
extern const BIGNUM ossl_bn_generator_5;
extern const BIGNUM ossl_bn_generator_2;
#endif

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_BNERR_H
# define OSSL_CRYPTO_BNERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_BN_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_BUFFERERR_H
# define OSSL_CRYPTO_BUFFERERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_BUF_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,43 @@
/*
* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_CHACHA_H
#define OSSL_CRYPTO_CHACHA_H
# pragma once
#include <stddef.h>
/*
* ChaCha20_ctr32 encrypts |len| bytes from |inp| with the given key and
* nonce and writes the result to |out|, which may be equal to |inp|.
* The |key| is not 32 bytes of verbatim key material though, but the
* said material collected into 8 32-bit elements array in host byte
* order. Same approach applies to nonce: the |counter| argument is
* pointer to concatenated nonce and counter values collected into 4
* 32-bit elements. This, passing crypto material collected into 32-bit
* elements as opposite to passing verbatim byte vectors, is chosen for
* efficiency in multi-call scenarios.
*/
void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp,
size_t len, const unsigned int key[8],
const unsigned int counter[4]);
/*
* You can notice that there is no key setup procedure. Because it's
* as trivial as collecting bytes into 32-bit elements, it's reckoned
* that below macro is sufficient.
*/
#define CHACHA_U8TOU32(p) ( \
((unsigned int)(p)[0]) | ((unsigned int)(p)[1]<<8) | \
((unsigned int)(p)[2]<<16) | ((unsigned int)(p)[3]<<24) )
#define CHACHA_KEY_SIZE 32
#define CHACHA_CTR_SIZE 16
#define CHACHA_BLK_SIZE 64
#endif

View File

@ -0,0 +1,51 @@
/*
* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CMLL_PLATFORM_H
# define OSSL_CMLL_PLATFORM_H
# pragma once
# if defined(CMLL_ASM) && (defined(__sparc) || defined(__sparc__))
/* Fujitsu SPARC64 X support */
# include "crypto/sparc_arch.h"
# ifndef OPENSSL_NO_CAMELLIA
# define SPARC_CMLL_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_CAMELLIA)
# include <openssl/camellia.h>
void cmll_t4_set_key(const unsigned char *key, int bits, CAMELLIA_KEY *ks);
void cmll_t4_encrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key);
void cmll_t4_decrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key);
void cmll128_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const CAMELLIA_KEY *key,
unsigned char *ivec, int /*unused*/);
void cmll128_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const CAMELLIA_KEY *key,
unsigned char *ivec, int /*unused*/);
void cmll256_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const CAMELLIA_KEY *key,
unsigned char *ivec, int /*unused*/);
void cmll256_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const CAMELLIA_KEY *key,
unsigned char *ivec, int /*unused*/);
void cmll128_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const CAMELLIA_KEY *key,
unsigned char *ivec);
void cmll256_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const CAMELLIA_KEY *key,
unsigned char *ivec);
# endif /* OPENSSL_NO_CAMELLIA */
# endif /* CMLL_ASM && sparc */
#endif /* OSSL_CRYPTO_CIPHERMODE_PLATFORM_H */

View File

@ -0,0 +1,30 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_CMPERR_H
# define OSSL_CRYPTO_CMPERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
# ifndef OPENSSL_NO_CMP
int ossl_err_load_CMP_strings(void);
# endif
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,30 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_CMSERR_H
# define OSSL_CRYPTO_CMSERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
# ifndef OPENSSL_NO_CMS
int ossl_err_load_CMS_strings(void);
# endif
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,30 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_COMPERR_H
# define OSSL_CRYPTO_COMPERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
# ifndef OPENSSL_NO_COMP
int ossl_err_load_COMP_strings(void);
# endif
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_CONFERR_H
# define OSSL_CRYPTO_CONFERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_CONF_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,48 @@
/*
* Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/core.h>
void *ossl_provider_store_new(OSSL_LIB_CTX *);
void *ossl_property_string_data_new(OSSL_LIB_CTX *);
void *ossl_stored_namemap_new(OSSL_LIB_CTX *);
void *ossl_property_defns_new(OSSL_LIB_CTX *);
void *ossl_ctx_global_properties_new(OSSL_LIB_CTX *);
void *ossl_rand_ctx_new(OSSL_LIB_CTX *);
void *ossl_prov_conf_ctx_new(OSSL_LIB_CTX *);
void *ossl_bio_core_globals_new(OSSL_LIB_CTX *);
void *ossl_child_prov_ctx_new(OSSL_LIB_CTX *);
void *ossl_prov_drbg_nonce_ctx_new(OSSL_LIB_CTX *);
void *ossl_self_test_set_callback_new(OSSL_LIB_CTX *);
void *ossl_rand_crng_ctx_new(OSSL_LIB_CTX *);
int ossl_thread_register_fips(OSSL_LIB_CTX *);
void *ossl_thread_event_ctx_new(OSSL_LIB_CTX *);
void *ossl_fips_prov_ossl_ctx_new(OSSL_LIB_CTX *);
#if defined(OPENSSL_THREADS)
void *ossl_threads_ctx_new(OSSL_LIB_CTX *);
#endif
void ossl_provider_store_free(void *);
void ossl_property_string_data_free(void *);
void ossl_stored_namemap_free(void *);
void ossl_property_defns_free(void *);
void ossl_ctx_global_properties_free(void *);
void ossl_rand_ctx_free(void *);
void ossl_prov_conf_ctx_free(void *);
void ossl_bio_core_globals_free(void *);
void ossl_child_prov_ctx_free(void *);
void ossl_prov_drbg_nonce_ctx_free(void *);
void ossl_self_test_set_callback_free(void *);
void ossl_rand_crng_ctx_free(void *);
void ossl_thread_event_ctx_free(void *);
void ossl_fips_prov_ossl_ctx_free(void *);
void ossl_release_default_drbg_ctx(void);
#if defined(OPENSSL_THREADS)
void ossl_threads_ctx_free(void *);
#endif

View File

@ -0,0 +1,30 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_CRMFERR_H
# define OSSL_CRYPTO_CRMFERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
# ifndef OPENSSL_NO_CRMF
int ossl_err_load_CRMF_strings(void);
# endif
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,39 @@
/*
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_CRYPTLIB_H
# define OSSL_CRYPTO_CRYPTLIB_H
# pragma once
# include <openssl/core.h>
# include "internal/cryptlib.h"
/* This file is not scanned by mkdef.pl, whereas cryptlib.h is */
int ossl_init_thread_start(const void *index, void *arg,
OSSL_thread_stop_handler_fn handfn);
int ossl_init_thread_deregister(void *index);
int ossl_init_thread(void);
void ossl_cleanup_thread(void);
void ossl_ctx_thread_stop(OSSL_LIB_CTX *ctx);
/*
* OPENSSL_INIT flags. The primary list of these is in crypto.h. Flags below
* are those omitted from crypto.h because they are "reserved for internal
* use".
*/
# define OPENSSL_INIT_BASE_ONLY 0x00040000L
void ossl_trace_cleanup(void);
void ossl_malloc_setup_failures(void);
int ossl_crypto_alloc_ex_data_intern(int class_index, void *obj,
CRYPTO_EX_DATA *ad, int idx);
#endif /* OSSL_CRYPTO_CRYPTLIB_H */

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_CRYPTOERR_H
# define OSSL_CRYPTO_CRYPTOERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_CRYPTO_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,30 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_CTERR_H
# define OSSL_CRYPTO_CTERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
# ifndef OPENSSL_NO_CT
int ossl_err_load_CT_strings(void);
# endif
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,86 @@
/*
* Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* This version of ctype.h provides a standardised and platform
* independent implementation that supports seven bit ASCII characters.
* The specific intent is to not pass extended ASCII characters (> 127)
* even if the host operating system would.
*
* There is EBCDIC support included for machines which use this. However,
* there are a number of concerns about how well EBCDIC is supported
* throughout the rest of the source code. Refer to issue #4154 for
* details.
*/
#ifndef OSSL_CRYPTO_CTYPE_H
# define OSSL_CRYPTO_CTYPE_H
# pragma once
# include <openssl/e_os2.h>
# define CTYPE_MASK_lower 0x1
# define CTYPE_MASK_upper 0x2
# define CTYPE_MASK_digit 0x4
# define CTYPE_MASK_space 0x8
# define CTYPE_MASK_xdigit 0x10
# define CTYPE_MASK_blank 0x20
# define CTYPE_MASK_cntrl 0x40
# define CTYPE_MASK_graph 0x80
# define CTYPE_MASK_print 0x100
# define CTYPE_MASK_punct 0x200
# define CTYPE_MASK_base64 0x400
# define CTYPE_MASK_asn1print 0x800
# define CTYPE_MASK_alpha (CTYPE_MASK_lower | CTYPE_MASK_upper)
# define CTYPE_MASK_alnum (CTYPE_MASK_alpha | CTYPE_MASK_digit)
/*
* The ascii mask assumes that any other classification implies that
* the character is ASCII and that there are no ASCII characters
* that aren't in any of the classifications.
*
* This assumption holds at the moment, but it might not in the future.
*/
# define CTYPE_MASK_ascii (~0)
# ifdef CHARSET_EBCDIC
int ossl_toascii(int c);
int ossl_fromascii(int c);
# else
# define ossl_toascii(c) (c)
# define ossl_fromascii(c) (c)
# endif
int ossl_ctype_check(int c, unsigned int mask);
int ossl_tolower(int c);
int ossl_toupper(int c);
int ossl_isdigit(int c);
int ossl_islower(int c);
int ossl_isupper(int c);
int ossl_ascii_isdigit(int c);
# define ossl_isalnum(c) (ossl_ctype_check((c), CTYPE_MASK_alnum))
# define ossl_isalpha(c) (ossl_ctype_check((c), CTYPE_MASK_alpha))
# ifdef CHARSET_EBCDIC
# define ossl_isascii(c) (ossl_ctype_check((c), CTYPE_MASK_ascii))
# else
# define ossl_isascii(c) (((c) & ~127) == 0)
# endif
# define ossl_isblank(c) (ossl_ctype_check((c), CTYPE_MASK_blank))
# define ossl_iscntrl(c) (ossl_ctype_check((c), CTYPE_MASK_cntrl))
# define ossl_isgraph(c) (ossl_ctype_check((c), CTYPE_MASK_graph))
# define ossl_isprint(c) (ossl_ctype_check((c), CTYPE_MASK_print))
# define ossl_ispunct(c) (ossl_ctype_check((c), CTYPE_MASK_punct))
# define ossl_isspace(c) (ossl_ctype_check((c), CTYPE_MASK_space))
# define ossl_isxdigit(c) (ossl_ctype_check((c), CTYPE_MASK_xdigit))
# define ossl_isbase64(c) (ossl_ctype_check((c), CTYPE_MASK_base64))
# define ossl_isasn1print(c) (ossl_ctype_check((c), CTYPE_MASK_asn1print))
#endif

View File

@ -0,0 +1,40 @@
/*
* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_DECODER_H
# define OSSL_CRYPTO_DECODER_H
# pragma once
# include <openssl/decoder.h>
/*
* These are specially made for the 'file:' provider-native loader, which
* uses this to install a DER to anything decoder, which doesn't do much
* except read a DER blob and pass it on as a provider object abstraction
* (provider-object(7)).
*/
void *ossl_decoder_from_algorithm(int id, const OSSL_ALGORITHM *algodef,
OSSL_PROVIDER *prov);
OSSL_DECODER_INSTANCE *
ossl_decoder_instance_new(OSSL_DECODER *decoder, void *decoderctx);
void ossl_decoder_instance_free(OSSL_DECODER_INSTANCE *decoder_inst);
OSSL_DECODER_INSTANCE *ossl_decoder_instance_dup(const OSSL_DECODER_INSTANCE *src);
int ossl_decoder_ctx_add_decoder_inst(OSSL_DECODER_CTX *ctx,
OSSL_DECODER_INSTANCE *di);
int ossl_decoder_get_number(const OSSL_DECODER *encoder);
int ossl_decoder_store_cache_flush(OSSL_LIB_CTX *libctx);
int ossl_decoder_store_remove_all_provided(const OSSL_PROVIDER *prov);
void *ossl_decoder_cache_new(OSSL_LIB_CTX *ctx);
void ossl_decoder_cache_free(void *vcache);
int ossl_decoder_cache_flush(OSSL_LIB_CTX *libctx);
#endif

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_DECODERERR_H
# define OSSL_CRYPTO_DECODERERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_OSSL_DECODER_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,35 @@
/*
* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_DES_PLATFORM_H
# define OSSL_DES_PLATFORM_H
# pragma once
# if defined(DES_ASM) && (defined(__sparc) || defined(__sparc__))
/* Fujitsu SPARC64 X support */
# include "crypto/sparc_arch.h"
# ifndef OPENSSL_NO_DES
# define SPARC_DES_CAPABLE (OPENSSL_sparcv9cap_P[1] & CFR_DES)
# include <openssl/des.h>
void des_t4_key_expand(const void *key, DES_key_schedule *ks);
void des_t4_ede3_cbc_encrypt(const void *inp, void *out, size_t len,
const DES_key_schedule ks[3], unsigned char iv[8]);
void des_t4_ede3_cbc_decrypt(const void *inp, void *out, size_t len,
const DES_key_schedule ks[3], unsigned char iv[8]);
void des_t4_cbc_encrypt(const void *inp, void *out, size_t len,
const DES_key_schedule *ks, unsigned char iv[8]);
void des_t4_cbc_decrypt(const void *inp, void *out, size_t len,
const DES_key_schedule *ks, unsigned char iv[8]);
# endif /* OPENSSL_NO_DES */
# endif /* DES_ASM && sparc */
#endif /* OSSL_CRYPTO_CIPHERMODE_PLATFORM_H */

View File

@ -0,0 +1,62 @@
/*
* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_DH_H
# define OSSL_CRYPTO_DH_H
# pragma once
# include <openssl/core.h>
# include <openssl/params.h>
# include <openssl/dh.h>
# include "internal/ffc.h"
DH *ossl_dh_new_by_nid_ex(OSSL_LIB_CTX *libctx, int nid);
DH *ossl_dh_new_ex(OSSL_LIB_CTX *libctx);
void ossl_dh_set0_libctx(DH *d, OSSL_LIB_CTX *libctx);
int ossl_dh_generate_ffc_parameters(DH *dh, int type, int pbits, int qbits,
BN_GENCB *cb);
int ossl_dh_generate_public_key(BN_CTX *ctx, const DH *dh,
const BIGNUM *priv_key, BIGNUM *pub_key);
int ossl_dh_get_named_group_uid_from_size(int pbits);
const char *ossl_dh_gen_type_id2name(int id);
int ossl_dh_gen_type_name2id(const char *name, int type);
void ossl_dh_cache_named_group(DH *dh);
int ossl_dh_is_named_safe_prime_group(const DH *dh);
FFC_PARAMS *ossl_dh_get0_params(DH *dh);
int ossl_dh_get0_nid(const DH *dh);
int ossl_dh_params_fromdata(DH *dh, const OSSL_PARAM params[]);
int ossl_dh_key_fromdata(DH *dh, const OSSL_PARAM params[], int include_private);
int ossl_dh_params_todata(DH *dh, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]);
int ossl_dh_key_todata(DH *dh, OSSL_PARAM_BLD *bld, OSSL_PARAM params[],
int include_private);
DH *ossl_dh_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf,
OSSL_LIB_CTX *libctx, const char *propq);
int ossl_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
int ossl_dh_check_pub_key_partial(const DH *dh, const BIGNUM *pub_key, int *ret);
int ossl_dh_check_priv_key(const DH *dh, const BIGNUM *priv_key, int *ret);
int ossl_dh_check_pairwise(const DH *dh);
const DH_METHOD *ossl_dh_get_method(const DH *dh);
int ossl_dh_buf2key(DH *key, const unsigned char *buf, size_t len);
size_t ossl_dh_key2buf(const DH *dh, unsigned char **pbuf, size_t size,
int alloc);
int ossl_dh_kdf_X9_42_asn1(unsigned char *out, size_t outlen,
const unsigned char *Z, size_t Zlen,
const char *cek_alg,
const unsigned char *ukm, size_t ukmlen,
const EVP_MD *md,
OSSL_LIB_CTX *libctx, const char *propq);
int ossl_dh_is_foreign(const DH *dh);
DH *ossl_dh_dup(const DH *dh, int selection);
#endif /* OSSL_CRYPTO_DH_H */

View File

@ -0,0 +1,30 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_DHERR_H
# define OSSL_CRYPTO_DHERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
# ifndef OPENSSL_NO_DH
int ossl_err_load_DH_strings(void);
# endif
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,51 @@
/*
* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_DSA_H
# define OSSL_CRYPTO_DSA_H
# pragma once
# include <openssl/core.h>
# include <openssl/dsa.h>
# include "internal/ffc.h"
#define DSA_PARAMGEN_TYPE_FIPS_186_4 0 /* Use FIPS186-4 standard */
#define DSA_PARAMGEN_TYPE_FIPS_186_2 1 /* Use legacy FIPS186-2 standard */
#define DSA_PARAMGEN_TYPE_FIPS_DEFAULT 2
DSA *ossl_dsa_new(OSSL_LIB_CTX *libctx);
void ossl_dsa_set0_libctx(DSA *d, OSSL_LIB_CTX *libctx);
int ossl_dsa_generate_ffc_parameters(DSA *dsa, int type, int pbits, int qbits,
BN_GENCB *cb);
int ossl_dsa_sign_int(int type, const unsigned char *dgst, int dlen,
unsigned char *sig, unsigned int *siglen, DSA *dsa,
unsigned int nonce_type, const char *digestname,
OSSL_LIB_CTX *libctx, const char *propq);
FFC_PARAMS *ossl_dsa_get0_params(DSA *dsa);
int ossl_dsa_ffc_params_fromdata(DSA *dsa, const OSSL_PARAM params[]);
int ossl_dsa_key_fromdata(DSA *dsa, const OSSL_PARAM params[],
int include_private);
DSA *ossl_dsa_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf,
OSSL_LIB_CTX *libctx, const char *propq);
int ossl_dsa_generate_public_key(BN_CTX *ctx, const DSA *dsa,
const BIGNUM *priv_key, BIGNUM *pub_key);
int ossl_dsa_check_params(const DSA *dsa, int checktype, int *ret);
int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret);
int ossl_dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key,
int *ret);
int ossl_dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret);
int ossl_dsa_check_pairwise(const DSA *dsa);
int ossl_dsa_is_foreign(const DSA *dsa);
DSA *ossl_dsa_dup(const DSA *dsa, int selection);
#endif

View File

@ -0,0 +1,30 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_DSAERR_H
# define OSSL_CRYPTO_DSAERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
# ifndef OPENSSL_NO_DSA
int ossl_err_load_DSA_strings(void);
# endif
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,18 @@
/* WARNING: do not edit! */
/* Generated by Makefile from include/crypto/dso_conf.h.in */
/*
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_DSO_CONF_H
# define OSSL_CRYPTO_DSO_CONF_H
# pragma once
# define DSO_NONE
# define DSO_EXTENSION ".so"
#endif

View File

@ -0,0 +1,33 @@
{- join("\n",map { "/* $_ */" } @autowarntext) -}
/*
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_DSO_CONF_H
# define OSSL_CRYPTO_DSO_CONF_H
# pragma once
{- # The DSO code currently always implements all functions so that no
# applications will have to worry about that from a compilation point
# of view. However, the "method"s may return zero unless that platform
# has support compiled in for them. Currently each method is enabled
# by a define "DSO_<name>" ... we translate the "dso_scheme" config
# string entry into using the following logic;
my $scheme = $disabled{dso} ? undef : uc $target{dso_scheme};
if (!$scheme) {
$scheme = "NONE";
}
my @macros = ( "DSO_$scheme" );
if ($scheme eq 'DLFCN') {
@macros = ( "DSO_DLFCN", "HAVE_DLFCN_H" );
} elsif ($scheme eq "DLFCN_NO_H") {
@macros = ( "DSO_DLFCN" );
}
join("\n", map { "# define $_" } @macros); -}
# define DSO_EXTENSION "{- platform->dsoext() -}"
#endif

View File

@ -0,0 +1,106 @@
/*
* Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Internal EC functions for other submodules: not for application use */
#ifndef OSSL_CRYPTO_EC_H
# define OSSL_CRYPTO_EC_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/evp.h>
int ossl_ec_curve_name2nid(const char *name);
const char *ossl_ec_curve_nid2nist_int(int nid);
int ossl_ec_curve_nist2nid_int(const char *name);
int evp_pkey_ctx_set_ec_param_enc_prov(EVP_PKEY_CTX *ctx, int param_enc);
# ifndef OPENSSL_NO_EC
# include <openssl/core.h>
# include <openssl/ec.h>
# include "crypto/types.h"
/*-
* Computes the multiplicative inverse of x in the range
* [1,EC_GROUP::order), where EC_GROUP::order is the cardinality of the
* subgroup generated by the generator G:
*
* res := x^(-1) (mod EC_GROUP::order).
*
* This function expects the following two conditions to hold:
* - the EC_GROUP order is prime, and
* - x is included in the range [1, EC_GROUP::order).
*
* This function returns 1 on success, 0 on error.
*
* If the EC_GROUP order is even, this function explicitly returns 0 as
* an error.
* In case any of the two conditions stated above is not satisfied,
* the correctness of its output is not guaranteed, even if the return
* value could still be 1 (as primality testing and a conditional modular
* reduction round on the input can be omitted by the underlying
* implementations for better SCA properties on regular input values).
*/
__owur int ossl_ec_group_do_inverse_ord(const EC_GROUP *group, BIGNUM *res,
const BIGNUM *x, BN_CTX *ctx);
/*-
* ECDH Key Derivation Function as defined in ANSI X9.63
*/
int ossl_ecdh_kdf_X9_63(unsigned char *out, size_t outlen,
const unsigned char *Z, size_t Zlen,
const unsigned char *sinfo, size_t sinfolen,
const EVP_MD *md, OSSL_LIB_CTX *libctx,
const char *propq);
int ossl_ec_key_public_check(const EC_KEY *eckey, BN_CTX *ctx);
int ossl_ec_key_public_check_quick(const EC_KEY *eckey, BN_CTX *ctx);
int ossl_ec_key_private_check(const EC_KEY *eckey);
int ossl_ec_key_pairwise_check(const EC_KEY *eckey, BN_CTX *ctx);
OSSL_LIB_CTX *ossl_ec_key_get_libctx(const EC_KEY *eckey);
const char *ossl_ec_key_get0_propq(const EC_KEY *eckey);
void ossl_ec_key_set0_libctx(EC_KEY *key, OSSL_LIB_CTX *libctx);
/* Backend support */
int ossl_ec_group_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl,
OSSL_PARAM params[], OSSL_LIB_CTX *libctx,
const char *propq,
BN_CTX *bnctx, unsigned char **genbuf);
int ossl_ec_group_fromdata(EC_KEY *ec, const OSSL_PARAM params[]);
int ossl_ec_group_set_params(EC_GROUP *group, const OSSL_PARAM params[]);
int ossl_ec_key_fromdata(EC_KEY *ecx, const OSSL_PARAM params[],
int include_private);
int ossl_ec_key_otherparams_fromdata(EC_KEY *ec, const OSSL_PARAM params[]);
int ossl_ec_key_is_foreign(const EC_KEY *ec);
EC_KEY *ossl_ec_key_dup(const EC_KEY *key, int selection);
int ossl_x509_algor_is_sm2(const X509_ALGOR *palg);
EC_KEY *ossl_ec_key_param_from_x509_algor(const X509_ALGOR *palg,
OSSL_LIB_CTX *libctx,
const char *propq);
EC_KEY *ossl_ec_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf,
OSSL_LIB_CTX *libctx, const char *propq);
int ossl_ec_set_ecdh_cofactor_mode(EC_KEY *ec, int mode);
int ossl_ec_encoding_name2id(const char *name);
int ossl_ec_encoding_param2id(const OSSL_PARAM *p, int *id);
int ossl_ec_pt_format_name2id(const char *name);
int ossl_ec_pt_format_param2id(const OSSL_PARAM *p, int *id);
char *ossl_ec_pt_format_id2name(int id);
char *ossl_ec_check_group_type_id2name(int flags);
int ossl_ec_set_check_group_type_from_name(EC_KEY *ec, const char *name);
int ossl_ec_generate_key_dhkem(EC_KEY *eckey,
const unsigned char *ikm, size_t ikmlen);
int ossl_ecdsa_deterministic_sign(const unsigned char *dgst, int dlen,
unsigned char *sig, unsigned int *siglen,
EC_KEY *eckey, unsigned int nonce_type,
const char *digestname,
OSSL_LIB_CTX *libctx, const char *propq);
# endif /* OPENSSL_NO_EC */
#endif

View File

@ -0,0 +1,30 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_ECERR_H
# define OSSL_CRYPTO_ECERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
# ifndef OPENSSL_NO_EC
int ossl_err_load_EC_strings(void);
# endif
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,158 @@
/*
* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* Internal EC functions for other submodules: not for application use */
#ifndef OSSL_CRYPTO_ECX_H
# define OSSL_CRYPTO_ECX_H
# pragma once
# include <openssl/opensslconf.h>
# ifndef OPENSSL_NO_ECX
# include <openssl/core.h>
# include <openssl/e_os2.h>
# include <openssl/crypto.h>
# include "internal/refcount.h"
# include "crypto/types.h"
# define X25519_KEYLEN 32
# define X448_KEYLEN 56
# define ED25519_KEYLEN 32
# define ED448_KEYLEN 57
# define MAX_KEYLEN ED448_KEYLEN
# define X25519_BITS 253
# define X25519_SECURITY_BITS 128
# define X448_BITS 448
# define X448_SECURITY_BITS 224
# define ED25519_BITS 256
/* RFC8032 Section 8.5 */
# define ED25519_SECURITY_BITS 128
# define ED25519_SIGSIZE 64
# define ED448_BITS 456
/* RFC8032 Section 8.5 */
# define ED448_SECURITY_BITS 224
# define ED448_SIGSIZE 114
typedef enum {
ECX_KEY_TYPE_X25519,
ECX_KEY_TYPE_X448,
ECX_KEY_TYPE_ED25519,
ECX_KEY_TYPE_ED448
} ECX_KEY_TYPE;
#define KEYTYPE2NID(type) \
((type) == ECX_KEY_TYPE_X25519 \
? EVP_PKEY_X25519 \
: ((type) == ECX_KEY_TYPE_X448 \
? EVP_PKEY_X448 \
: ((type) == ECX_KEY_TYPE_ED25519 \
? EVP_PKEY_ED25519 \
: EVP_PKEY_ED448)))
struct ecx_key_st {
OSSL_LIB_CTX *libctx;
char *propq;
unsigned int haspubkey:1;
unsigned char pubkey[MAX_KEYLEN];
unsigned char *privkey;
size_t keylen;
ECX_KEY_TYPE type;
CRYPTO_REF_COUNT references;
};
size_t ossl_ecx_key_length(ECX_KEY_TYPE type);
ECX_KEY *ossl_ecx_key_new(OSSL_LIB_CTX *libctx, ECX_KEY_TYPE type,
int haspubkey, const char *propq);
void ossl_ecx_key_set0_libctx(ECX_KEY *key, OSSL_LIB_CTX *libctx);
unsigned char *ossl_ecx_key_allocate_privkey(ECX_KEY *key);
void ossl_ecx_key_free(ECX_KEY *key);
int ossl_ecx_key_up_ref(ECX_KEY *key);
ECX_KEY *ossl_ecx_key_dup(const ECX_KEY *key, int selection);
int ossl_ecx_compute_key(ECX_KEY *peer, ECX_KEY *priv, size_t keylen,
unsigned char *secret, size_t *secretlen,
size_t outlen);
int ossl_x25519(uint8_t out_shared_key[32], const uint8_t private_key[32],
const uint8_t peer_public_value[32]);
void ossl_x25519_public_from_private(uint8_t out_public_value[32],
const uint8_t private_key[32]);
int
ossl_ed25519_public_from_private(OSSL_LIB_CTX *ctx, uint8_t out_public_key[32],
const uint8_t private_key[32],
const char *propq);
int
ossl_ed25519_sign(uint8_t *out_sig, const uint8_t *tbs, size_t tbs_len,
const uint8_t public_key[32], const uint8_t private_key[32],
const uint8_t dom2flag, const uint8_t phflag, const uint8_t csflag,
const uint8_t *context, size_t context_len,
OSSL_LIB_CTX *libctx, const char *propq);
int
ossl_ed25519_verify(const uint8_t *tbs, size_t tbs_len,
const uint8_t signature[64], const uint8_t public_key[32],
const uint8_t dom2flag, const uint8_t phflag, const uint8_t csflag,
const uint8_t *context, size_t context_len,
OSSL_LIB_CTX *libctx, const char *propq);
int
ossl_ed448_public_from_private(OSSL_LIB_CTX *ctx, uint8_t out_public_key[57],
const uint8_t private_key[57], const char *propq);
int
ossl_ed448_sign(OSSL_LIB_CTX *ctx, uint8_t *out_sig,
const uint8_t *message, size_t message_len,
const uint8_t public_key[57], const uint8_t private_key[57],
const uint8_t *context, size_t context_len,
const uint8_t phflag, const char *propq);
int
ossl_ed448_verify(OSSL_LIB_CTX *ctx,
const uint8_t *message, size_t message_len,
const uint8_t signature[114], const uint8_t public_key[57],
const uint8_t *context, size_t context_len,
const uint8_t phflag, const char *propq);
int
ossl_x448(uint8_t out_shared_key[56], const uint8_t private_key[56],
const uint8_t peer_public_value[56]);
void
ossl_x448_public_from_private(uint8_t out_public_value[56],
const uint8_t private_key[56]);
/* Backend support */
typedef enum {
KEY_OP_PUBLIC,
KEY_OP_PRIVATE,
KEY_OP_KEYGEN
} ecx_key_op_t;
ECX_KEY *ossl_ecx_key_op(const X509_ALGOR *palg,
const unsigned char *p, int plen,
int pkey_id, ecx_key_op_t op,
OSSL_LIB_CTX *libctx, const char *propq);
int ossl_ecx_public_from_private(ECX_KEY *key);
int ossl_ecx_key_fromdata(ECX_KEY *ecx, const OSSL_PARAM params[],
int include_private);
ECX_KEY *ossl_ecx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf,
OSSL_LIB_CTX *libctx, const char *propq);
ECX_KEY *ossl_evp_pkey_get1_X25519(EVP_PKEY *pkey);
ECX_KEY *ossl_evp_pkey_get1_X448(EVP_PKEY *pkey);
ECX_KEY *ossl_evp_pkey_get1_ED25519(EVP_PKEY *pkey);
ECX_KEY *ossl_evp_pkey_get1_ED448(EVP_PKEY *pkey);
# endif /* OPENSSL_NO_ECX */
#endif

View File

@ -0,0 +1,20 @@
/*
* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_ENCODER_H
# define OSSL_CRYPTO_ENCODER_H
# pragma once
# include <openssl/types.h>
int ossl_encoder_get_number(const OSSL_ENCODER *encoder);
int ossl_encoder_store_cache_flush(OSSL_LIB_CTX *libctx);
int ossl_encoder_store_remove_all_provided(const OSSL_PROVIDER *prov);
#endif

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_ENCODERERR_H
# define OSSL_CRYPTO_ENCODERERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_OSSL_ENCODER_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,20 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/engine.h>
void engine_load_openssl_int(void);
void engine_load_devcrypto_int(void);
void engine_load_rdrand_int(void);
void engine_load_dynamic_int(void);
void engine_load_padlock_int(void);
void engine_load_capi_int(void);
void engine_load_dasync_int(void);
void engine_load_afalg_int(void);
void engine_cleanup_int(void);

View File

@ -0,0 +1,30 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_ENGINEERR_H
# define OSSL_CRYPTO_ENGINEERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
# ifndef OPENSSL_NO_ENGINE
int ossl_err_load_ENGINE_strings(void);
# endif
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,20 @@
/*
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_ERR_H
# define OSSL_CRYPTO_ERR_H
# pragma once
int ossl_err_load_ERR_strings(void);
int ossl_err_load_crypto_strings(void);
void err_cleanup(void);
int err_shelve_state(void **);
void err_unshelve_state(void *);
#endif

View File

@ -0,0 +1,76 @@
/*
* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_ESS_H
# define OSSL_CRYPTO_ESS_H
# pragma once
/*-
* IssuerSerial ::= SEQUENCE {
* issuer GeneralNames,
* serialNumber CertificateSerialNumber
* }
*/
struct ESS_issuer_serial {
STACK_OF(GENERAL_NAME) *issuer;
ASN1_INTEGER *serial;
};
/*-
* ESSCertID ::= SEQUENCE {
* certHash Hash,
* issuerSerial IssuerSerial OPTIONAL
* }
*/
struct ESS_cert_id {
ASN1_OCTET_STRING *hash; /* Always SHA-1 digest. */
ESS_ISSUER_SERIAL *issuer_serial;
};
/*-
* SigningCertificate ::= SEQUENCE {
* certs SEQUENCE OF ESSCertID,
* policies SEQUENCE OF PolicyInformation OPTIONAL
* }
*/
struct ESS_signing_cert {
STACK_OF(ESS_CERT_ID) *cert_ids;
STACK_OF(POLICYINFO) *policy_info;
};
/*-
* ESSCertIDv2 ::= SEQUENCE {
* hashAlgorithm AlgorithmIdentifier DEFAULT id-sha256,
* certHash Hash,
* issuerSerial IssuerSerial OPTIONAL
* }
*/
struct ESS_cert_id_v2_st {
X509_ALGOR *hash_alg; /* Default: SHA-256 */
ASN1_OCTET_STRING *hash;
ESS_ISSUER_SERIAL *issuer_serial;
};
/*-
* SigningCertificateV2 ::= SEQUENCE {
* certs SEQUENCE OF ESSCertIDv2,
* policies SEQUENCE OF PolicyInformation OPTIONAL
* }
*/
struct ESS_signing_cert_v2_st {
STACK_OF(ESS_CERT_ID_V2) *cert_ids;
STACK_OF(POLICYINFO) *policy_info;
};
#endif /* OSSL_CRYPTO_ESS_H */

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_ESSERR_H
# define OSSL_CRYPTO_ESSERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_ESS_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,970 @@
/*
* Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_EVP_H
# define OSSL_CRYPTO_EVP_H
# pragma once
# include <openssl/evp.h>
# include <openssl/core_dispatch.h>
# include "internal/refcount.h"
# include "crypto/ecx.h"
/*
* Default PKCS5 PBE KDF salt lengths
* In RFC 8018, PBE1 uses 8 bytes (64 bits) for its salt length.
* It also specifies to use at least 8 bytes for PBES2.
* The NIST requirement for PBKDF2 is 128 bits so we use this as the
* default for PBE2 (scrypt and HKDF2)
*/
# define PKCS5_DEFAULT_PBE1_SALT_LEN PKCS5_SALT_LEN
# define PKCS5_DEFAULT_PBE2_SALT_LEN 16
/*
* Don't free up md_ctx->pctx in EVP_MD_CTX_reset, use the reserved flag
* values in evp.h
*/
#define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400
#define EVP_MD_CTX_FLAG_FINALISED 0x0800
#define evp_pkey_ctx_is_legacy(ctx) \
((ctx)->keymgmt == NULL)
#define evp_pkey_ctx_is_provided(ctx) \
(!evp_pkey_ctx_is_legacy(ctx))
struct evp_pkey_ctx_st {
/* Actual operation */
int operation;
/*
* Library context, property query, keytype and keymgmt associated with
* this context
*/
OSSL_LIB_CTX *libctx;
char *propquery;
const char *keytype;
/* If |pkey| below is set, this field is always a reference to its keymgmt */
EVP_KEYMGMT *keymgmt;
union {
struct {
void *genctx;
} keymgmt;
struct {
EVP_KEYEXCH *exchange;
/*
* Opaque ctx returned from a providers exchange algorithm
* implementation OSSL_FUNC_keyexch_newctx()
*/
void *algctx;
} kex;
struct {
EVP_SIGNATURE *signature;
/*
* Opaque ctx returned from a providers signature algorithm
* implementation OSSL_FUNC_signature_newctx()
*/
void *algctx;
} sig;
struct {
EVP_ASYM_CIPHER *cipher;
/*
* Opaque ctx returned from a providers asymmetric cipher algorithm
* implementation OSSL_FUNC_asym_cipher_newctx()
*/
void *algctx;
} ciph;
struct {
EVP_KEM *kem;
/*
* Opaque ctx returned from a providers KEM algorithm
* implementation OSSL_FUNC_kem_newctx()
*/
void *algctx;
} encap;
} op;
/*
* Cached parameters. Inits of operations that depend on these should
* call evp_pkey_ctx_use_delayed_data() when the operation has been set
* up properly.
*/
struct {
/* Distinguishing Identifier, ISO/IEC 15946-3, FIPS 196 */
char *dist_id_name; /* The name used with EVP_PKEY_CTX_ctrl_str() */
void *dist_id; /* The distinguishing ID itself */
size_t dist_id_len; /* The length of the distinguishing ID */
/* Indicators of what has been set. Keep them together! */
unsigned int dist_id_set : 1;
} cached_parameters;
/* Application specific data, usually used by the callback */
void *app_data;
/* Keygen callback */
EVP_PKEY_gen_cb *pkey_gencb;
/* implementation specific keygen data */
int *keygen_info;
int keygen_info_count;
/* Legacy fields below */
/* EVP_PKEY identity */
int legacy_keytype;
/* Method associated with this operation */
const EVP_PKEY_METHOD *pmeth;
/* Engine that implements this method or NULL if builtin */
ENGINE *engine;
/* Key: may be NULL */
EVP_PKEY *pkey;
/* Peer key for key agreement, may be NULL */
EVP_PKEY *peerkey;
/* Algorithm specific data */
void *data;
/* Indicator if digest_custom needs to be called */
unsigned int flag_call_digest_custom:1;
/*
* Used to support taking custody of memory in the case of a provider being
* used with the deprecated EVP_PKEY_CTX_set_rsa_keygen_pubexp() API. This
* member should NOT be used for any other purpose and should be removed
* when said deprecated API is excised completely.
*/
BIGNUM *rsa_pubexp;
} /* EVP_PKEY_CTX */ ;
#define EVP_PKEY_FLAG_DYNAMIC 1
struct evp_pkey_method_st {
int pkey_id;
int flags;
int (*init) (EVP_PKEY_CTX *ctx);
int (*copy) (EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src);
void (*cleanup) (EVP_PKEY_CTX *ctx);
int (*paramgen_init) (EVP_PKEY_CTX *ctx);
int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
int (*keygen_init) (EVP_PKEY_CTX *ctx);
int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
int (*sign_init) (EVP_PKEY_CTX *ctx);
int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen);
int (*verify_init) (EVP_PKEY_CTX *ctx);
int (*verify) (EVP_PKEY_CTX *ctx,
const unsigned char *sig, size_t siglen,
const unsigned char *tbs, size_t tbslen);
int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
int (*verify_recover) (EVP_PKEY_CTX *ctx,
unsigned char *rout, size_t *routlen,
const unsigned char *sig, size_t siglen);
int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
EVP_MD_CTX *mctx);
int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
EVP_MD_CTX *mctx);
int (*encrypt_init) (EVP_PKEY_CTX *ctx);
int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen);
int (*decrypt_init) (EVP_PKEY_CTX *ctx);
int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen);
int (*derive_init) (EVP_PKEY_CTX *ctx);
int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);
int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
const unsigned char *tbs, size_t tbslen);
int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
size_t siglen, const unsigned char *tbs,
size_t tbslen);
int (*check) (EVP_PKEY *pkey);
int (*public_check) (EVP_PKEY *pkey);
int (*param_check) (EVP_PKEY *pkey);
int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
} /* EVP_PKEY_METHOD */ ;
DEFINE_STACK_OF_CONST(EVP_PKEY_METHOD)
void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
const EVP_PKEY_METHOD *ossl_dh_pkey_method(void);
const EVP_PKEY_METHOD *ossl_dhx_pkey_method(void);
const EVP_PKEY_METHOD *ossl_dsa_pkey_method(void);
const EVP_PKEY_METHOD *ossl_ec_pkey_method(void);
const EVP_PKEY_METHOD *ossl_ecx25519_pkey_method(void);
const EVP_PKEY_METHOD *ossl_ecx448_pkey_method(void);
const EVP_PKEY_METHOD *ossl_ed25519_pkey_method(void);
const EVP_PKEY_METHOD *ossl_ed448_pkey_method(void);
const EVP_PKEY_METHOD *ossl_rsa_pkey_method(void);
const EVP_PKEY_METHOD *ossl_rsa_pss_pkey_method(void);
struct evp_mac_st {
OSSL_PROVIDER *prov;
int name_id;
char *type_name;
const char *description;
CRYPTO_REF_COUNT refcnt;
OSSL_FUNC_mac_newctx_fn *newctx;
OSSL_FUNC_mac_dupctx_fn *dupctx;
OSSL_FUNC_mac_freectx_fn *freectx;
OSSL_FUNC_mac_init_fn *init;
OSSL_FUNC_mac_update_fn *update;
OSSL_FUNC_mac_final_fn *final;
OSSL_FUNC_mac_gettable_params_fn *gettable_params;
OSSL_FUNC_mac_gettable_ctx_params_fn *gettable_ctx_params;
OSSL_FUNC_mac_settable_ctx_params_fn *settable_ctx_params;
OSSL_FUNC_mac_get_params_fn *get_params;
OSSL_FUNC_mac_get_ctx_params_fn *get_ctx_params;
OSSL_FUNC_mac_set_ctx_params_fn *set_ctx_params;
};
struct evp_kdf_st {
OSSL_PROVIDER *prov;
int name_id;
char *type_name;
const char *description;
CRYPTO_REF_COUNT refcnt;
OSSL_FUNC_kdf_newctx_fn *newctx;
OSSL_FUNC_kdf_dupctx_fn *dupctx;
OSSL_FUNC_kdf_freectx_fn *freectx;
OSSL_FUNC_kdf_reset_fn *reset;
OSSL_FUNC_kdf_derive_fn *derive;
OSSL_FUNC_kdf_gettable_params_fn *gettable_params;
OSSL_FUNC_kdf_gettable_ctx_params_fn *gettable_ctx_params;
OSSL_FUNC_kdf_settable_ctx_params_fn *settable_ctx_params;
OSSL_FUNC_kdf_get_params_fn *get_params;
OSSL_FUNC_kdf_get_ctx_params_fn *get_ctx_params;
OSSL_FUNC_kdf_set_ctx_params_fn *set_ctx_params;
};
#define EVP_ORIG_DYNAMIC 0
#define EVP_ORIG_GLOBAL 1
#define EVP_ORIG_METH 2
struct evp_md_st {
/* nid */
int type;
/* Legacy structure members */
int pkey_type;
int md_size;
unsigned long flags;
int origin;
int (*init) (EVP_MD_CTX *ctx);
int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
int (*final) (EVP_MD_CTX *ctx, unsigned char *md);
int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from);
int (*cleanup) (EVP_MD_CTX *ctx);
int block_size;
int ctx_size; /* how big does the ctx->md_data need to be */
/* control function */
int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
/* New structure members */
/* Above comment to be removed when legacy has gone */
int name_id;
char *type_name;
const char *description;
OSSL_PROVIDER *prov;
CRYPTO_REF_COUNT refcnt;
OSSL_FUNC_digest_newctx_fn *newctx;
OSSL_FUNC_digest_init_fn *dinit;
OSSL_FUNC_digest_update_fn *dupdate;
OSSL_FUNC_digest_final_fn *dfinal;
OSSL_FUNC_digest_digest_fn *digest;
OSSL_FUNC_digest_freectx_fn *freectx;
OSSL_FUNC_digest_dupctx_fn *dupctx;
OSSL_FUNC_digest_get_params_fn *get_params;
OSSL_FUNC_digest_set_ctx_params_fn *set_ctx_params;
OSSL_FUNC_digest_get_ctx_params_fn *get_ctx_params;
OSSL_FUNC_digest_gettable_params_fn *gettable_params;
OSSL_FUNC_digest_settable_ctx_params_fn *settable_ctx_params;
OSSL_FUNC_digest_gettable_ctx_params_fn *gettable_ctx_params;
} /* EVP_MD */ ;
struct evp_cipher_st {
int nid;
int block_size;
/* Default value for variable length ciphers */
int key_len;
int iv_len;
/* Legacy structure members */
/* Various flags */
unsigned long flags;
/* How the EVP_CIPHER was created. */
int origin;
/* init key */
int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
/* encrypt/decrypt data */
int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl);
/* cleanup ctx */
int (*cleanup) (EVP_CIPHER_CTX *);
/* how big ctx->cipher_data needs to be */
int ctx_size;
/* Populate a ASN1_TYPE with parameters */
int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
/* Get parameters from a ASN1_TYPE */
int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
/* Miscellaneous operations */
int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr);
/* Application data */
void *app_data;
/* New structure members */
/* Above comment to be removed when legacy has gone */
int name_id;
char *type_name;
const char *description;
OSSL_PROVIDER *prov;
CRYPTO_REF_COUNT refcnt;
OSSL_FUNC_cipher_newctx_fn *newctx;
OSSL_FUNC_cipher_encrypt_init_fn *einit;
OSSL_FUNC_cipher_decrypt_init_fn *dinit;
OSSL_FUNC_cipher_update_fn *cupdate;
OSSL_FUNC_cipher_final_fn *cfinal;
OSSL_FUNC_cipher_cipher_fn *ccipher;
OSSL_FUNC_cipher_freectx_fn *freectx;
OSSL_FUNC_cipher_dupctx_fn *dupctx;
OSSL_FUNC_cipher_get_params_fn *get_params;
OSSL_FUNC_cipher_get_ctx_params_fn *get_ctx_params;
OSSL_FUNC_cipher_set_ctx_params_fn *set_ctx_params;
OSSL_FUNC_cipher_gettable_params_fn *gettable_params;
OSSL_FUNC_cipher_gettable_ctx_params_fn *gettable_ctx_params;
OSSL_FUNC_cipher_settable_ctx_params_fn *settable_ctx_params;
} /* EVP_CIPHER */ ;
/* Macros to code block cipher wrappers */
/* Wrapper functions for each cipher mode */
#define EVP_C_DATA(kstruct, ctx) \
((kstruct *)EVP_CIPHER_CTX_get_cipher_data(ctx))
#define BLOCK_CIPHER_ecb_loop() \
size_t i, bl; \
bl = EVP_CIPHER_CTX_get0_cipher(ctx)->block_size; \
if (inl < bl) return 1;\
inl -= bl; \
for (i=0; i <= inl; i+=bl)
#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
BLOCK_CIPHER_ecb_loop() \
cprefix##_ecb_encrypt(in + i, out + i, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_is_encrypting(ctx)); \
return 1;\
}
#define EVP_MAXCHUNK ((size_t)1 << 30)
#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
while(inl>=EVP_MAXCHUNK) {\
int num = EVP_CIPHER_CTX_get_num(ctx);\
cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, ctx->iv, &num); \
EVP_CIPHER_CTX_set_num(ctx, num);\
inl-=EVP_MAXCHUNK;\
in +=EVP_MAXCHUNK;\
out+=EVP_MAXCHUNK;\
}\
if (inl) {\
int num = EVP_CIPHER_CTX_get_num(ctx);\
cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, ctx->iv, &num); \
EVP_CIPHER_CTX_set_num(ctx, num);\
}\
return 1;\
}
#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
while(inl>=EVP_MAXCHUNK) \
{\
cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, ctx->iv, EVP_CIPHER_CTX_is_encrypting(ctx));\
inl-=EVP_MAXCHUNK;\
in +=EVP_MAXCHUNK;\
out+=EVP_MAXCHUNK;\
}\
if (inl)\
cprefix##_cbc_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, ctx->iv, EVP_CIPHER_CTX_is_encrypting(ctx));\
return 1;\
}
#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
size_t chunk = EVP_MAXCHUNK;\
if (cbits == 1) chunk >>= 3;\
if (inl < chunk) chunk = inl;\
while (inl && inl >= chunk)\
{\
int num = EVP_CIPHER_CTX_get_num(ctx);\
cprefix##_cfb##cbits##_encrypt(in, out, (long) \
((cbits == 1) \
&& !EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS) \
? chunk*8 : chunk), \
&EVP_C_DATA(kstruct, ctx)->ksched, ctx->iv,\
&num, EVP_CIPHER_CTX_is_encrypting(ctx));\
EVP_CIPHER_CTX_set_num(ctx, num);\
inl -= chunk;\
in += chunk;\
out += chunk;\
if (inl < chunk) chunk = inl;\
}\
return 1;\
}
#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
key_len, iv_len, flags, init_key, cleanup, \
set_asn1, get_asn1, ctrl) \
static const EVP_CIPHER cname##_##mode = { \
nid##_##nmode, block_size, key_len, iv_len, \
flags | EVP_CIPH_##MODE##_MODE, \
EVP_ORIG_GLOBAL, \
init_key, \
cname##_##mode##_cipher, \
cleanup, \
sizeof(kstruct), \
set_asn1, get_asn1,\
ctrl, \
NULL \
}; \
const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
iv_len, flags, init_key, cleanup, set_asn1, \
get_asn1, ctrl) \
BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
iv_len, cbits, flags, init_key, cleanup, \
set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
key_len, iv_len, flags, init_key, cleanup, set_asn1, \
get_asn1, ctrl)
#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
iv_len, cbits, flags, init_key, cleanup, \
set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
key_len, iv_len, flags, init_key, cleanup, set_asn1, \
get_asn1, ctrl)
#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
flags, init_key, cleanup, set_asn1, \
get_asn1, ctrl) \
BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
#define BLOCK_CIPHER_defs(cname, kstruct, \
nid, block_size, key_len, iv_len, cbits, flags, \
init_key, cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
init_key, cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
init_key, cleanup, set_asn1, get_asn1, ctrl)
/*-
#define BLOCK_CIPHER_defs(cname, kstruct, \
nid, block_size, key_len, iv_len, flags,\
init_key, cleanup, set_asn1, get_asn1, ctrl)\
static const EVP_CIPHER cname##_cbc = {\
nid##_cbc, block_size, key_len, iv_len, \
flags | EVP_CIPH_CBC_MODE,\
EVP_ORIG_GLOBAL,\
init_key,\
cname##_cbc_cipher,\
cleanup,\
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
set_asn1, get_asn1,\
ctrl, \
NULL \
};\
const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
static const EVP_CIPHER cname##_cfb = {\
nid##_cfb64, 1, key_len, iv_len, \
flags | EVP_CIPH_CFB_MODE,\
EVP_ORIG_GLOBAL,\
init_key,\
cname##_cfb_cipher,\
cleanup,\
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
set_asn1, get_asn1,\
ctrl,\
NULL \
};\
const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
static const EVP_CIPHER cname##_ofb = {\
nid##_ofb64, 1, key_len, iv_len, \
flags | EVP_CIPH_OFB_MODE,\
EVP_ORIG_GLOBAL,\
init_key,\
cname##_ofb_cipher,\
cleanup,\
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
set_asn1, get_asn1,\
ctrl,\
NULL \
};\
const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
static const EVP_CIPHER cname##_ecb = {\
nid##_ecb, block_size, key_len, iv_len, \
flags | EVP_CIPH_ECB_MODE,\
EVP_ORIG_GLOBAL,\
init_key,\
cname##_ecb_cipher,\
cleanup,\
sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
set_asn1, get_asn1,\
ctrl,\
NULL \
};\
const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
*/
#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
block_size, key_len, iv_len, cbits, \
flags, init_key, \
cleanup, set_asn1, get_asn1, ctrl) \
BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
cbits, flags, init_key, cleanup, set_asn1, \
get_asn1, ctrl)
#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \
BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
(fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \
cipher##_init_key, NULL, NULL, NULL, NULL)
typedef struct {
unsigned char iv[EVP_MAX_IV_LENGTH];
unsigned int iv_len;
unsigned int tag_len;
} evp_cipher_aead_asn1_params;
int evp_cipher_param_to_asn1_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
evp_cipher_aead_asn1_params *params);
int evp_cipher_asn1_to_param_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type,
evp_cipher_aead_asn1_params *params);
/*
* To support transparent execution of operation in backends other
* than the "origin" key, we support transparent export/import to
* those providers, and maintain a cache of the imported keydata,
* so we don't need to redo the export/import every time we perform
* the same operation in that same provider.
* This requires that the "origin" backend (whether it's a legacy or a
* provider "origin") implements exports, and that the target provider
* has an EVP_KEYMGMT that implements import.
*/
typedef struct {
EVP_KEYMGMT *keymgmt;
void *keydata;
int selection;
} OP_CACHE_ELEM;
DEFINE_STACK_OF(OP_CACHE_ELEM)
/*
* An EVP_PKEY can have the following states:
*
* untyped & empty:
*
* type == EVP_PKEY_NONE && keymgmt == NULL
*
* typed & empty:
*
* (type != EVP_PKEY_NONE && pkey.ptr == NULL) ## legacy (libcrypto only)
* || (keymgmt != NULL && keydata == NULL) ## provider side
*
* fully assigned:
*
* (type != EVP_PKEY_NONE && pkey.ptr != NULL) ## legacy (libcrypto only)
* || (keymgmt != NULL && keydata != NULL) ## provider side
*
* The easiest way to detect a legacy key is:
*
* keymgmt == NULL && type != EVP_PKEY_NONE
*
* The easiest way to detect a provider side key is:
*
* keymgmt != NULL
*/
#define evp_pkey_is_blank(pk) \
((pk)->type == EVP_PKEY_NONE && (pk)->keymgmt == NULL)
#define evp_pkey_is_typed(pk) \
((pk)->type != EVP_PKEY_NONE || (pk)->keymgmt != NULL)
#ifndef FIPS_MODULE
# define evp_pkey_is_assigned(pk) \
((pk)->pkey.ptr != NULL || (pk)->keydata != NULL)
#else
# define evp_pkey_is_assigned(pk) \
((pk)->keydata != NULL)
#endif
#define evp_pkey_is_legacy(pk) \
((pk)->type != EVP_PKEY_NONE && (pk)->keymgmt == NULL)
#define evp_pkey_is_provided(pk) \
((pk)->keymgmt != NULL)
union legacy_pkey_st {
void *ptr;
struct rsa_st *rsa; /* RSA */
# ifndef OPENSSL_NO_DSA
struct dsa_st *dsa; /* DSA */
# endif
# ifndef OPENSSL_NO_DH
struct dh_st *dh; /* DH */
# endif
# ifndef OPENSSL_NO_EC
struct ec_key_st *ec; /* ECC */
# ifndef OPENSSL_NO_ECX
ECX_KEY *ecx; /* X25519, X448, Ed25519, Ed448 */
# endif
# endif
};
struct evp_pkey_st {
/* == Legacy attributes == */
int type;
int save_type;
# ifndef FIPS_MODULE
/*
* Legacy key "origin" is composed of a pointer to an EVP_PKEY_ASN1_METHOD,
* a pointer to a low level key and possibly a pointer to an engine.
*/
const EVP_PKEY_ASN1_METHOD *ameth;
ENGINE *engine;
ENGINE *pmeth_engine; /* If not NULL public key ENGINE to use */
/* Union to store the reference to an origin legacy key */
union legacy_pkey_st pkey;
/* Union to store the reference to a non-origin legacy key */
union legacy_pkey_st legacy_cache_pkey;
# endif
/* == Common attributes == */
CRYPTO_REF_COUNT references;
CRYPTO_RWLOCK *lock;
#ifndef FIPS_MODULE
STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
int save_parameters;
unsigned int foreign:1; /* the low-level key is using an engine or an app-method */
CRYPTO_EX_DATA ex_data;
#endif
/* == Provider attributes == */
/*
* Provider keydata "origin" is composed of a pointer to an EVP_KEYMGMT
* and a pointer to the provider side key data. This is never used at
* the same time as the legacy key data above.
*/
EVP_KEYMGMT *keymgmt;
void *keydata;
/*
* If any libcrypto code does anything that may modify the keydata
* contents, this dirty counter must be incremented.
*/
size_t dirty_cnt;
/*
* To support transparent execution of operation in backends other
* than the "origin" key, we support transparent export/import to
* those providers, and maintain a cache of the imported keydata,
* so we don't need to redo the export/import every time we perform
* the same operation in that same provider.
*/
STACK_OF(OP_CACHE_ELEM) *operation_cache;
/*
* We keep a copy of that "origin"'s dirty count, so we know if the
* operation cache needs flushing.
*/
size_t dirty_cnt_copy;
/* Cache of key object information */
struct {
int bits;
int security_bits;
int size;
} cache;
} /* EVP_PKEY */ ;
#define EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx) \
((ctx)->operation == EVP_PKEY_OP_SIGN \
|| (ctx)->operation == EVP_PKEY_OP_SIGNCTX \
|| (ctx)->operation == EVP_PKEY_OP_VERIFY \
|| (ctx)->operation == EVP_PKEY_OP_VERIFYCTX \
|| (ctx)->operation == EVP_PKEY_OP_VERIFYRECOVER)
#define EVP_PKEY_CTX_IS_DERIVE_OP(ctx) \
((ctx)->operation == EVP_PKEY_OP_DERIVE)
#define EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx) \
((ctx)->operation == EVP_PKEY_OP_ENCRYPT \
|| (ctx)->operation == EVP_PKEY_OP_DECRYPT)
#define EVP_PKEY_CTX_IS_GEN_OP(ctx) \
((ctx)->operation == EVP_PKEY_OP_PARAMGEN \
|| (ctx)->operation == EVP_PKEY_OP_KEYGEN)
#define EVP_PKEY_CTX_IS_FROMDATA_OP(ctx) \
((ctx)->operation == EVP_PKEY_OP_FROMDATA)
#define EVP_PKEY_CTX_IS_KEM_OP(ctx) \
((ctx)->operation == EVP_PKEY_OP_ENCAPSULATE \
|| (ctx)->operation == EVP_PKEY_OP_DECAPSULATE)
void openssl_add_all_ciphers_int(void);
void openssl_add_all_digests_int(void);
void evp_cleanup_int(void);
void evp_app_cleanup_int(void);
void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx,
EVP_KEYMGMT **keymgmt,
const char *propquery);
#ifndef FIPS_MODULE
int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src);
void *evp_pkey_get_legacy(EVP_PKEY *pk);
void evp_pkey_free_legacy(EVP_PKEY *x);
EVP_PKEY *evp_pkcs82pkey_legacy(const PKCS8_PRIV_KEY_INFO *p8inf,
OSSL_LIB_CTX *libctx, const char *propq);
#endif
/*
* KEYMGMT utility functions
*/
/*
* Key import structure and helper function, to be used as an export callback
*/
struct evp_keymgmt_util_try_import_data_st {
EVP_KEYMGMT *keymgmt;
void *keydata;
int selection;
};
int evp_keymgmt_util_try_import(const OSSL_PARAM params[], void *arg);
int evp_keymgmt_util_assign_pkey(EVP_PKEY *pkey, EVP_KEYMGMT *keymgmt,
void *keydata);
EVP_PKEY *evp_keymgmt_util_make_pkey(EVP_KEYMGMT *keymgmt, void *keydata);
int evp_keymgmt_util_export(const EVP_PKEY *pk, int selection,
OSSL_CALLBACK *export_cb, void *export_cbarg);
void *evp_keymgmt_util_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt,
int selection);
OP_CACHE_ELEM *evp_keymgmt_util_find_operation_cache(EVP_PKEY *pk,
EVP_KEYMGMT *keymgmt,
int selection);
int evp_keymgmt_util_clear_operation_cache(EVP_PKEY *pk);
int evp_keymgmt_util_cache_keydata(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt,
void *keydata, int selection);
void evp_keymgmt_util_cache_keyinfo(EVP_PKEY *pk);
void *evp_keymgmt_util_fromdata(EVP_PKEY *target, EVP_KEYMGMT *keymgmt,
int selection, const OSSL_PARAM params[]);
int evp_keymgmt_util_has(EVP_PKEY *pk, int selection);
int evp_keymgmt_util_match(EVP_PKEY *pk1, EVP_PKEY *pk2, int selection);
int evp_keymgmt_util_copy(EVP_PKEY *to, EVP_PKEY *from, int selection);
void *evp_keymgmt_util_gen(EVP_PKEY *target, EVP_KEYMGMT *keymgmt,
void *genctx, OSSL_CALLBACK *cb, void *cbarg);
int evp_keymgmt_util_get_deflt_digest_name(EVP_KEYMGMT *keymgmt,
void *keydata,
char *mdname, size_t mdname_sz);
const char *evp_keymgmt_util_query_operation_name(EVP_KEYMGMT *keymgmt,
int op_id);
/*
* KEYMGMT provider interface functions
*/
void *evp_keymgmt_newdata(const EVP_KEYMGMT *keymgmt);
void evp_keymgmt_freedata(const EVP_KEYMGMT *keymgmt, void *keyddata);
int evp_keymgmt_get_params(const EVP_KEYMGMT *keymgmt,
void *keydata, OSSL_PARAM params[]);
int evp_keymgmt_set_params(const EVP_KEYMGMT *keymgmt,
void *keydata, const OSSL_PARAM params[]);
void *evp_keymgmt_gen_init(const EVP_KEYMGMT *keymgmt, int selection,
const OSSL_PARAM params[]);
int evp_keymgmt_gen_set_template(const EVP_KEYMGMT *keymgmt, void *genctx,
void *templ);
int evp_keymgmt_gen_set_params(const EVP_KEYMGMT *keymgmt, void *genctx,
const OSSL_PARAM params[]);
void *evp_keymgmt_gen(const EVP_KEYMGMT *keymgmt, void *genctx,
OSSL_CALLBACK *cb, void *cbarg);
void evp_keymgmt_gen_cleanup(const EVP_KEYMGMT *keymgmt, void *genctx);
int evp_keymgmt_has_load(const EVP_KEYMGMT *keymgmt);
void *evp_keymgmt_load(const EVP_KEYMGMT *keymgmt,
const void *objref, size_t objref_sz);
int evp_keymgmt_has(const EVP_KEYMGMT *keymgmt, void *keyddata, int selection);
int evp_keymgmt_validate(const EVP_KEYMGMT *keymgmt, void *keydata,
int selection, int checktype);
int evp_keymgmt_match(const EVP_KEYMGMT *keymgmt,
const void *keydata1, const void *keydata2,
int selection);
int evp_keymgmt_import(const EVP_KEYMGMT *keymgmt, void *keydata,
int selection, const OSSL_PARAM params[]);
const OSSL_PARAM *evp_keymgmt_import_types(const EVP_KEYMGMT *keymgmt,
int selection);
int evp_keymgmt_export(const EVP_KEYMGMT *keymgmt, void *keydata,
int selection, OSSL_CALLBACK *param_cb, void *cbarg);
const OSSL_PARAM *evp_keymgmt_export_types(const EVP_KEYMGMT *keymgmt,
int selection);
void *evp_keymgmt_dup(const EVP_KEYMGMT *keymgmt,
const void *keydata_from, int selection);
EVP_KEYMGMT *evp_keymgmt_fetch_from_prov(OSSL_PROVIDER *prov,
const char *name,
const char *properties);
/* Pulling defines out of C source files */
# define EVP_RC4_KEY_SIZE 16
# ifndef TLS1_1_VERSION
# define TLS1_1_VERSION 0x0302
# endif
void evp_encode_ctx_set_flags(EVP_ENCODE_CTX *ctx, unsigned int flags);
/* EVP_ENCODE_CTX flags */
/* Don't generate new lines when encoding */
#define EVP_ENCODE_CTX_NO_NEWLINES 1
/* Use the SRP base64 alphabet instead of the standard one */
#define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2
const EVP_CIPHER *evp_get_cipherbyname_ex(OSSL_LIB_CTX *libctx,
const char *name);
const EVP_MD *evp_get_digestbyname_ex(OSSL_LIB_CTX *libctx,
const char *name);
int ossl_pkcs5_pbkdf2_hmac_ex(const char *pass, int passlen,
const unsigned char *salt, int saltlen, int iter,
const EVP_MD *digest, int keylen,
unsigned char *out,
OSSL_LIB_CTX *libctx, const char *propq);
# ifndef FIPS_MODULE
/*
* Internal helpers for stricter EVP_PKEY_CTX_{set,get}_params().
*
* Return 1 on success, 0 or negative for errors.
*
* In particular they return -2 if any of the params is not supported.
*
* They are not available in FIPS_MODULE as they depend on
* - EVP_PKEY_CTX_{get,set}_params()
* - EVP_PKEY_CTX_{gettable,settable}_params()
*
*/
int evp_pkey_ctx_set_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
int evp_pkey_ctx_get_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
EVP_MD_CTX *evp_md_ctx_new_ex(EVP_PKEY *pkey, const ASN1_OCTET_STRING *id,
OSSL_LIB_CTX *libctx, const char *propq);
int evp_pkey_name2type(const char *name);
const char *evp_pkey_type2name(int type);
int evp_pkey_ctx_use_cached_data(EVP_PKEY_CTX *ctx);
# endif /* !defined(FIPS_MODULE) */
int evp_method_store_cache_flush(OSSL_LIB_CTX *libctx);
int evp_method_store_remove_all_provided(const OSSL_PROVIDER *prov);
int evp_default_properties_enable_fips_int(OSSL_LIB_CTX *libctx, int enable,
int loadconfig);
int evp_set_default_properties_int(OSSL_LIB_CTX *libctx, const char *propq,
int loadconfig, int mirrored);
char *evp_get_global_properties_str(OSSL_LIB_CTX *libctx, int loadconfig);
void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force, int keep_digest);
/* just free the algctx if set, returns 0 on inconsistent state of ctx */
int evp_md_ctx_free_algctx(EVP_MD_CTX *ctx);
/* Three possible states: */
# define EVP_PKEY_STATE_UNKNOWN 0
# define EVP_PKEY_STATE_LEGACY 1
# define EVP_PKEY_STATE_PROVIDER 2
int evp_pkey_ctx_state(const EVP_PKEY_CTX *ctx);
/* These two must ONLY be called for provider side operations */
int evp_pkey_ctx_ctrl_to_param(EVP_PKEY_CTX *ctx,
int keytype, int optype,
int cmd, int p1, void *p2);
int evp_pkey_ctx_ctrl_str_to_param(EVP_PKEY_CTX *ctx,
const char *name, const char *value);
/* These two must ONLY be called for legacy operations */
int evp_pkey_ctx_set_params_to_ctrl(EVP_PKEY_CTX *ctx, const OSSL_PARAM *params);
int evp_pkey_ctx_get_params_to_ctrl(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
/* This must ONLY be called for legacy EVP_PKEYs */
int evp_pkey_get_params_to_ctrl(const EVP_PKEY *pkey, OSSL_PARAM *params);
/* Same as the public get0 functions but are not const */
# ifndef OPENSSL_NO_DEPRECATED_3_0
DH *evp_pkey_get0_DH_int(const EVP_PKEY *pkey);
EC_KEY *evp_pkey_get0_EC_KEY_int(const EVP_PKEY *pkey);
RSA *evp_pkey_get0_RSA_int(const EVP_PKEY *pkey);
# endif
/* Get internal identification number routines */
int evp_asym_cipher_get_number(const EVP_ASYM_CIPHER *cipher);
int evp_cipher_get_number(const EVP_CIPHER *cipher);
int evp_kdf_get_number(const EVP_KDF *kdf);
int evp_kem_get_number(const EVP_KEM *wrap);
int evp_keyexch_get_number(const EVP_KEYEXCH *keyexch);
int evp_keymgmt_get_number(const EVP_KEYMGMT *keymgmt);
int evp_mac_get_number(const EVP_MAC *mac);
int evp_md_get_number(const EVP_MD *md);
int evp_rand_get_number(const EVP_RAND *rand);
int evp_rand_can_seed(EVP_RAND_CTX *ctx);
size_t evp_rand_get_seed(EVP_RAND_CTX *ctx,
unsigned char **buffer,
int entropy, size_t min_len, size_t max_len,
int prediction_resistance,
const unsigned char *adin, size_t adin_len);
void evp_rand_clear_seed(EVP_RAND_CTX *ctx,
unsigned char *buffer, size_t b_len);
int evp_signature_get_number(const EVP_SIGNATURE *signature);
int evp_pkey_decrypt_alloc(EVP_PKEY_CTX *ctx, unsigned char **outp,
size_t *outlenp, size_t expected_outlen,
const unsigned char *in, size_t inlen);
#endif /* OSSL_CRYPTO_EVP_H */

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_EVPERR_H
# define OSSL_CRYPTO_EVPERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_EVP_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_HTTPERR_H
# define OSSL_CRYPTO_HTTPERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_HTTP_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,16 @@
/*
* Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_LHASH_H
# define OSSL_CRYPTO_LHASH_H
# pragma once
unsigned long ossl_lh_strcasehash(const char *);
#endif /* OSSL_CRYPTO_LHASH_H */

View File

@ -0,0 +1,284 @@
/*
* Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*-
* This is a generic 32 bit "collector" for message digest algorithms.
* Whenever needed it collects input character stream into chunks of
* 32 bit values and invokes a block function that performs actual hash
* calculations.
*
* Porting guide.
*
* Obligatory macros:
*
* DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
* this macro defines byte order of input stream.
* HASH_CBLOCK
* size of a unit chunk HASH_BLOCK operates on.
* HASH_LONG
* has to be at least 32 bit wide.
* HASH_CTX
* context structure that at least contains following
* members:
* typedef struct {
* ...
* HASH_LONG Nl,Nh;
* either {
* HASH_LONG data[HASH_LBLOCK];
* unsigned char data[HASH_CBLOCK];
* };
* unsigned int num;
* ...
* } HASH_CTX;
* data[] vector is expected to be zeroed upon first call to
* HASH_UPDATE.
* HASH_UPDATE
* name of "Update" function, implemented here.
* HASH_TRANSFORM
* name of "Transform" function, implemented here.
* HASH_FINAL
* name of "Final" function, implemented here.
* HASH_BLOCK_DATA_ORDER
* name of "block" function capable of treating *unaligned* input
* message in original (data) byte order, implemented externally.
* HASH_MAKE_STRING
* macro converting context variables to an ASCII hash string.
*
* MD5 example:
*
* #define DATA_ORDER_IS_LITTLE_ENDIAN
*
* #define HASH_LONG MD5_LONG
* #define HASH_CTX MD5_CTX
* #define HASH_CBLOCK MD5_CBLOCK
* #define HASH_UPDATE MD5_Update
* #define HASH_TRANSFORM MD5_Transform
* #define HASH_FINAL MD5_Final
* #define HASH_BLOCK_DATA_ORDER md5_block_data_order
*/
#ifndef OSSL_CRYPTO_MD32_COMMON_H
# define OSSL_CRYPTO_MD32_COMMON_H
# pragma once
# include <openssl/crypto.h>
# if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
# error "DATA_ORDER must be defined!"
# endif
# ifndef HASH_CBLOCK
# error "HASH_CBLOCK must be defined!"
# endif
# ifndef HASH_LONG
# error "HASH_LONG must be defined!"
# endif
# ifndef HASH_CTX
# error "HASH_CTX must be defined!"
# endif
# ifndef HASH_UPDATE
# error "HASH_UPDATE must be defined!"
# endif
# ifndef HASH_TRANSFORM
# error "HASH_TRANSFORM must be defined!"
# endif
# ifndef HASH_FINAL
# error "HASH_FINAL must be defined!"
# endif
# ifndef HASH_BLOCK_DATA_ORDER
# error "HASH_BLOCK_DATA_ORDER must be defined!"
# endif
# define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
#ifndef PEDANTIC
# if defined(__GNUC__) && __GNUC__>=2 && \
!defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
# if defined(__riscv_zbb) || defined(__riscv_zbkb)
# if __riscv_xlen == 64
# undef ROTATE
# define ROTATE(x, n) ({ MD32_REG_T ret; \
asm ("roriw %0, %1, %2" \
: "=r"(ret) \
: "r"(x), "i"(32 - (n))); ret;})
# endif
# if __riscv_xlen == 32
# undef ROTATE
# define ROTATE(x, n) ({ MD32_REG_T ret; \
asm ("rori %0, %1, %2" \
: "=r"(ret) \
: "r"(x), "i"(32 - (n))); ret;})
# endif
# endif
# endif
#endif
# if defined(DATA_ORDER_IS_BIG_ENDIAN)
# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \
l|=(((unsigned long)(*((c)++)))<<16), \
l|=(((unsigned long)(*((c)++)))<< 8), \
l|=(((unsigned long)(*((c)++))) ) )
# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l) )&0xff), \
l)
# elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \
l|=(((unsigned long)(*((c)++)))<< 8), \
l|=(((unsigned long)(*((c)++)))<<16), \
l|=(((unsigned long)(*((c)++)))<<24) )
# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
*((c)++)=(unsigned char)(((l)>>24)&0xff), \
l)
# endif
/*
* Time for some action :-)
*/
int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len)
{
const unsigned char *data = data_;
unsigned char *p;
HASH_LONG l;
size_t n;
if (len == 0)
return 1;
l = (c->Nl + (((HASH_LONG) len) << 3)) & 0xffffffffUL;
if (l < c->Nl) /* overflow */
c->Nh++;
c->Nh += (HASH_LONG) (len >> 29); /* might cause compiler warning on
* 16-bit */
c->Nl = l;
n = c->num;
if (n != 0) {
p = (unsigned char *)c->data;
if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) {
memcpy(p + n, data, HASH_CBLOCK - n);
HASH_BLOCK_DATA_ORDER(c, p, 1);
n = HASH_CBLOCK - n;
data += n;
len -= n;
c->num = 0;
/*
* We use memset rather than OPENSSL_cleanse() here deliberately.
* Using OPENSSL_cleanse() here could be a performance issue. It
* will get properly cleansed on finalisation so this isn't a
* security problem.
*/
memset(p, 0, HASH_CBLOCK); /* keep it zeroed */
} else {
memcpy(p + n, data, len);
c->num += (unsigned int)len;
return 1;
}
}
n = len / HASH_CBLOCK;
if (n > 0) {
HASH_BLOCK_DATA_ORDER(c, data, n);
n *= HASH_CBLOCK;
data += n;
len -= n;
}
if (len != 0) {
p = (unsigned char *)c->data;
c->num = (unsigned int)len;
memcpy(p, data, len);
}
return 1;
}
void HASH_TRANSFORM(HASH_CTX *c, const unsigned char *data)
{
HASH_BLOCK_DATA_ORDER(c, data, 1);
}
int HASH_FINAL(unsigned char *md, HASH_CTX *c)
{
unsigned char *p = (unsigned char *)c->data;
size_t n = c->num;
p[n] = 0x80; /* there is always room for one */
n++;
if (n > (HASH_CBLOCK - 8)) {
memset(p + n, 0, HASH_CBLOCK - n);
n = 0;
HASH_BLOCK_DATA_ORDER(c, p, 1);
}
memset(p + n, 0, HASH_CBLOCK - 8 - n);
p += HASH_CBLOCK - 8;
# if defined(DATA_ORDER_IS_BIG_ENDIAN)
(void)HOST_l2c(c->Nh, p);
(void)HOST_l2c(c->Nl, p);
# elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
(void)HOST_l2c(c->Nl, p);
(void)HOST_l2c(c->Nh, p);
# endif
p -= HASH_CBLOCK;
HASH_BLOCK_DATA_ORDER(c, p, 1);
c->num = 0;
OPENSSL_cleanse(p, HASH_CBLOCK);
# ifndef HASH_MAKE_STRING
# error "HASH_MAKE_STRING must be defined!"
# else
HASH_MAKE_STRING(c, md);
# endif
return 1;
}
# ifndef MD32_REG_T
# if defined(__alpha) || defined(__sparcv9) || defined(__mips)
# define MD32_REG_T long
/*
* This comment was originally written for MD5, which is why it
* discusses A-D. But it basically applies to all 32-bit digests,
* which is why it was moved to common header file.
*
* In case you wonder why A-D are declared as long and not
* as MD5_LONG. Doing so results in slight performance
* boost on LP64 architectures. The catch is we don't
* really care if 32 MSBs of a 64-bit register get polluted
* with eventual overflows as we *save* only 32 LSBs in
* *either* case. Now declaring 'em long excuses the compiler
* from keeping 32 MSBs zeroed resulting in 13% performance
* improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
* Well, to be honest it should say that this *prevents*
* performance degradation.
*/
# else
/*
* Above is not absolute and there are LP64 compilers that
* generate better code if MD32_REG_T is defined int. The above
* pre-processor condition reflects the circumstances under which
* the conclusion was made and is subject to further extension.
*/
# define MD32_REG_T int
# endif
# endif
#endif

View File

@ -0,0 +1,236 @@
/*
* Copyright 2010-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* This header can move into provider when legacy support is removed */
#include <openssl/modes.h>
#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
typedef __int64 i64;
typedef unsigned __int64 u64;
# define U64(C) C##UI64
#elif defined(__arch64__)
typedef long i64;
typedef unsigned long u64;
# define U64(C) C##UL
#else
typedef long long i64;
typedef unsigned long long u64;
# define U64(C) C##ULL
#endif
typedef unsigned int u32;
typedef unsigned char u8;
#define STRICT_ALIGNMENT 1
#ifndef PEDANTIC
# if defined(__i386) || defined(__i386__) || \
defined(__x86_64) || defined(__x86_64__) || \
defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \
defined(__aarch64__) || \
defined(__s390__) || defined(__s390x__)
# undef STRICT_ALIGNMENT
# endif
#endif
#if !defined(PEDANTIC) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
# if defined(__GNUC__) && __GNUC__>=2
# if defined(__x86_64) || defined(__x86_64__)
# define BSWAP8(x) ({ u64 ret_=(x); \
asm ("bswapq %0" \
: "+r"(ret_)); ret_; })
# define BSWAP4(x) ({ u32 ret_=(x); \
asm ("bswapl %0" \
: "+r"(ret_)); ret_; })
# elif (defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)
# define BSWAP8(x) ({ u32 lo_=(u64)(x)>>32,hi_=(x); \
asm ("bswapl %0; bswapl %1" \
: "+r"(hi_),"+r"(lo_)); \
(u64)hi_<<32|lo_; })
# define BSWAP4(x) ({ u32 ret_=(x); \
asm ("bswapl %0" \
: "+r"(ret_)); ret_; })
# elif defined(__aarch64__)
# if defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__) && \
__BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__
# define BSWAP8(x) ({ u64 ret_; \
asm ("rev %0,%1" \
: "=r"(ret_) : "r"(x)); ret_; })
# define BSWAP4(x) ({ u32 ret_; \
asm ("rev %w0,%w1" \
: "=r"(ret_) : "r"(x)); ret_; })
# endif
# elif (defined(__arm__) || defined(__arm)) && !defined(STRICT_ALIGNMENT)
# define BSWAP8(x) ({ u32 lo_=(u64)(x)>>32,hi_=(x); \
asm ("rev %0,%0; rev %1,%1" \
: "+r"(hi_),"+r"(lo_)); \
(u64)hi_<<32|lo_; })
# define BSWAP4(x) ({ u32 ret_; \
asm ("rev %0,%1" \
: "=r"(ret_) : "r"((u32)(x))); \
ret_; })
# elif (defined(__riscv_zbb) || defined(__riscv_zbkb)) && __riscv_xlen == 64
# define BSWAP8(x) ({ u64 ret_=(x); \
asm ("rev8 %0,%0" \
: "+r"(ret_)); ret_; })
# define BSWAP4(x) ({ u32 ret_=(x); \
asm ("rev8 %0,%0; srli %0,%0,32"\
: "+&r"(ret_)); ret_; })
# endif
# elif defined(_MSC_VER)
# if _MSC_VER>=1300
# include <stdlib.h>
# pragma intrinsic(_byteswap_uint64,_byteswap_ulong)
# define BSWAP8(x) _byteswap_uint64((u64)(x))
# define BSWAP4(x) _byteswap_ulong((u32)(x))
# elif defined(_M_IX86)
__inline u32 _bswap4(u32 val)
{
_asm mov eax, val _asm bswap eax}
# define BSWAP4(x) _bswap4(x)
# endif
# endif
#endif
#if defined(BSWAP4) && !defined(STRICT_ALIGNMENT)
# define GETU32(p) BSWAP4(*(const u32 *)(p))
# define PUTU32(p,v) *(u32 *)(p) = BSWAP4(v)
#else
# define GETU32(p) ((u32)(p)[0]<<24|(u32)(p)[1]<<16|(u32)(p)[2]<<8|(u32)(p)[3])
# define PUTU32(p,v) ((p)[0]=(u8)((v)>>24),(p)[1]=(u8)((v)>>16),(p)[2]=(u8)((v)>>8),(p)[3]=(u8)(v))
#endif
/*- GCM definitions */ typedef struct {
u64 hi, lo;
} u128;
typedef void (*gcm_init_fn)(u128 Htable[16], const u64 H[2]);
typedef void (*gcm_ghash_fn)(u64 Xi[2], const u128 Htable[16], const u8 *inp, size_t len);
typedef void (*gcm_gmult_fn)(u64 Xi[2], const u128 Htable[16]);
struct gcm_funcs_st {
gcm_init_fn ginit;
gcm_ghash_fn ghash;
gcm_gmult_fn gmult;
};
struct gcm128_context {
/* Following 6 names follow names in GCM specification */
union {
u64 u[2];
u32 d[4];
u8 c[16];
size_t t[16 / sizeof(size_t)];
} Yi, EKi, EK0, len, Xi, H;
/*
* Relative position of Yi, EKi, EK0, len, Xi, H and pre-computed Htable is
* used in some assembler modules, i.e. don't change the order!
*/
u128 Htable[16];
struct gcm_funcs_st funcs;
unsigned int mres, ares;
block128_f block;
void *key;
#if !defined(OPENSSL_SMALL_FOOTPRINT)
unsigned char Xn[48];
#endif
};
/* GHASH functions */
void ossl_gcm_init_4bit(u128 Htable[16], const u64 H[2]);
void ossl_gcm_ghash_4bit(u64 Xi[2], const u128 Htable[16],
const u8 *inp, size_t len);
void ossl_gcm_gmult_4bit(u64 Xi[2], const u128 Htable[16]);
/*
* The maximum permitted number of cipher blocks per data unit in XTS mode.
* Reference IEEE Std 1619-2018.
*/
#define XTS_MAX_BLOCKS_PER_DATA_UNIT (1<<20)
struct xts128_context {
void *key1, *key2;
block128_f block1, block2;
};
/* XTS mode for SM4 algorithm specified by GB/T 17964-2021 */
int ossl_crypto_xts128gb_encrypt(const XTS128_CONTEXT *ctx,
const unsigned char iv[16],
const unsigned char *inp, unsigned char *out,
size_t len, int enc);
struct ccm128_context {
union {
u64 u[2];
u8 c[16];
} nonce, cmac;
u64 blocks;
block128_f block;
void *key;
};
#ifndef OPENSSL_NO_OCB
typedef union {
u64 a[2];
unsigned char c[16];
} OCB_BLOCK;
# define ocb_block16_xor(in1,in2,out) \
( (out)->a[0]=(in1)->a[0]^(in2)->a[0], \
(out)->a[1]=(in1)->a[1]^(in2)->a[1] )
# if STRICT_ALIGNMENT
# define ocb_block16_xor_misaligned(in1,in2,out) \
ocb_block_xor((in1)->c,(in2)->c,16,(out)->c)
# else
# define ocb_block16_xor_misaligned ocb_block16_xor
# endif
struct ocb128_context {
/* Need both encrypt and decrypt key schedules for decryption */
block128_f encrypt;
block128_f decrypt;
void *keyenc;
void *keydec;
ocb128_f stream; /* direction dependent */
/* Key dependent variables. Can be reused if key remains the same */
size_t l_index;
size_t max_l_index;
OCB_BLOCK l_star;
OCB_BLOCK l_dollar;
OCB_BLOCK *l;
/* Must be reset for each session */
struct {
u64 blocks_hashed;
u64 blocks_processed;
OCB_BLOCK offset_aad;
OCB_BLOCK sum;
OCB_BLOCK offset;
OCB_BLOCK checksum;
} sess;
};
#endif /* OPENSSL_NO_OCB */
#ifndef OPENSSL_NO_SIV
#define SIV_LEN 16
typedef union siv_block_u {
uint64_t word[SIV_LEN/sizeof(uint64_t)];
unsigned char byte[SIV_LEN];
} SIV_BLOCK;
struct siv128_context {
/* d stores intermediate results of S2V; it corresponds to D from the
pseudocode in section 2.4 of RFC 5297. */
SIV_BLOCK d;
SIV_BLOCK tag;
EVP_CIPHER_CTX *cipher_ctx;
EVP_MAC *mac;
EVP_MAC_CTX *mac_ctx_init;
int final_ret;
int crypto_ok;
};
#endif /* OPENSSL_NO_SIV */

View File

@ -0,0 +1,12 @@
/*
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <openssl/objects.h>
void ossl_obj_cleanup_int(void);

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_OBJECTSERR_H
# define OSSL_CRYPTO_OBJECTSERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_OBJ_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,30 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_OCSPERR_H
# define OSSL_CRYPTO_OCSPERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
# ifndef OPENSSL_NO_OCSP
int ossl_err_load_OCSP_strings(void);
# endif
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,51 @@
/*
* Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_PEM_H
# define OSSL_INTERNAL_PEM_H
# pragma once
# include <openssl/pem.h>
# include "crypto/types.h"
/* Found in crypto/pem/pvkfmt.c */
/* Maximum length of a blob after header */
# define BLOB_MAX_LENGTH 102400
int ossl_do_blob_header(const unsigned char **in, unsigned int length,
unsigned int *pmagic, unsigned int *pbitlen,
int *pisdss, int *pispub);
unsigned int ossl_blob_length(unsigned bitlen, int isdss, int ispub);
int ossl_do_PVK_header(const unsigned char **in, unsigned int length,
int skip_magic,
unsigned int *psaltlen, unsigned int *pkeylen);
# ifndef OPENSSL_NO_DEPRECATED_3_0
# ifndef OPENSSL_NO_DSA
DSA *ossl_b2i_DSA_after_header(const unsigned char **in, unsigned int bitlen,
int ispub);
# endif
RSA *ossl_b2i_RSA_after_header(const unsigned char **in, unsigned int bitlen,
int ispub);
# endif
EVP_PKEY *ossl_b2i(const unsigned char **in, unsigned int length, int *ispub);
EVP_PKEY *ossl_b2i_bio(BIO *in, int *ispub);
# ifndef OPENSSL_NO_DEPRECATED_3_0
# ifndef OPENSSL_NO_DSA
DSA *b2i_DSA_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
DSA *b2i_DSA_PVK_bio_ex(BIO *in, pem_password_cb *cb, void *u,
OSSL_LIB_CTX *libctx, const char *propq);
# endif
RSA *b2i_RSA_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
RSA *b2i_RSA_PVK_bio_ex(BIO *in, pem_password_cb *cb, void *u,
OSSL_LIB_CTX *libctx, const char *propq);
# endif
#endif

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_PEMERR_H
# define OSSL_CRYPTO_PEMERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_PEM_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_PKCS12ERR_H
# define OSSL_CRYPTO_PKCS12ERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_PKCS12_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,19 @@
/*
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_PKCS7_H
# define OSSL_CRYPTO_PKCS7_H
# pragma once
void ossl_pkcs7_resolve_libctx(PKCS7 *p7);
void ossl_pkcs7_set0_libctx(PKCS7 *p7, OSSL_LIB_CTX *ctx);
int ossl_pkcs7_set1_propq(PKCS7 *p7, const char *propq);
#endif

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_PKCS7ERR_H
# define OSSL_CRYPTO_PKCS7ERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_PKCS7_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,46 @@
/*
* Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_POLY1305_H
# define OSSL_CRYPTO_POLY1305_H
# pragma once
#include <stddef.h>
#define POLY1305_BLOCK_SIZE 16
#define POLY1305_DIGEST_SIZE 16
#define POLY1305_KEY_SIZE 32
typedef struct poly1305_context POLY1305;
typedef void (*poly1305_blocks_f) (void *ctx, const unsigned char *inp,
size_t len, unsigned int padbit);
typedef void (*poly1305_emit_f) (void *ctx, unsigned char mac[16],
const unsigned int nonce[4]);
struct poly1305_context {
double opaque[24]; /* large enough to hold internal state, declared
* 'double' to ensure at least 64-bit invariant
* alignment across all platforms and
* configurations */
unsigned int nonce[4];
unsigned char data[POLY1305_BLOCK_SIZE];
size_t num;
struct {
poly1305_blocks_f blocks;
poly1305_emit_f emit;
} func;
};
size_t Poly1305_ctx_size(void);
void Poly1305_Init(POLY1305 *ctx, const unsigned char key[32]);
void Poly1305_Update(POLY1305 *ctx, const unsigned char *inp, size_t len);
void Poly1305_Final(POLY1305 *ctx, unsigned char mac[16]);
#endif /* OSSL_CRYPTO_POLY1305_H */

View File

@ -0,0 +1,29 @@
/*
* Copyright 2014-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_PPC_ARCH_H
# define OSSL_CRYPTO_PPC_ARCH_H
extern unsigned int OPENSSL_ppccap_P;
/*
* Flags' usage can appear ambiguous, because they are set rather
* to reflect OpenSSL performance preferences than actual processor
* capabilities.
*/
# define PPC_FPU64 (1<<0)
# define PPC_ALTIVEC (1<<1)
# define PPC_CRYPTO207 (1<<2)
# define PPC_FPU (1<<3)
# define PPC_MADD300 (1<<4)
# define PPC_MFTB (1<<5)
# define PPC_MFSPR268 (1<<6)
# define PPC_BRD31 (1<<7)
#endif

View File

@ -0,0 +1,25 @@
/*
* Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_PUNYCODE_H
# define OSSL_CRYPTO_PUNYCODE_H
# pragma once
# include <stddef.h> /* for size_t */
int ossl_punycode_decode (
const char *pEncoded,
const size_t enc_len,
unsigned int *pDecoded,
unsigned int *pout_length
);
int ossl_a2ulabel(const char *in, char *out, size_t outlen);
#endif

View File

@ -0,0 +1,154 @@
/*
* Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Licensed under the Apache License 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* https://www.openssl.org/source/license.html
* or in the file LICENSE in the source distribution.
*/
#ifndef OSSL_CRYPTO_RAND_H
# define OSSL_CRYPTO_RAND_H
# pragma once
# include <openssl/rand.h>
# include "crypto/rand_pool.h"
# if defined(__APPLE__) && !defined(OPENSSL_NO_APPLE_CRYPTO_RANDOM)
# include <Availability.h>
# if (defined(__MAC_OS_X_VERSION_MIN_REQUIRED) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101200) || \
(defined(__IPHONE_OS_VERSION_MIN_REQUIRED) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 80000)
# define OPENSSL_APPLE_CRYPTO_RANDOM 1
# include <CommonCrypto/CommonCryptoError.h>
# include <CommonCrypto/CommonRandom.h>
# endif
# endif
/*
* Defines related to seed sources
*/
#ifndef DEVRANDOM
/*
* set this to a comma-separated list of 'random' device files to try out. By
* default, we will try to read at least one of these files
*/
# define DEVRANDOM "/dev/urandom", "/dev/random", "/dev/hwrng", "/dev/srandom"
# if defined(__linux) && !defined(__ANDROID__)
# ifndef DEVRANDOM_WAIT
# define DEVRANDOM_WAIT "/dev/random"
# endif
/*
* Linux kernels 4.8 and later changes how their random device works and there
* is no reliable way to tell that /dev/urandom has been seeded -- getentropy(2)
* should be used instead.
*/
# ifndef DEVRANDOM_SAFE_KERNEL
# define DEVRANDOM_SAFE_KERNEL 4, 8
# endif
/*
* Some operating systems do not permit select(2) on their random devices,
* defining this to zero will force the use of read(2) to extract one byte
* from /dev/random.
*/
# ifndef DEVRANDM_WAIT_USE_SELECT
# define DEVRANDM_WAIT_USE_SELECT 1
# endif
/*
* Define the shared memory identifier used to indicate if the operating
* system has properly seeded the DEVRANDOM source.
*/
# ifndef OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID
# define OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID 114
# endif
# endif
#endif
#if !defined(OPENSSL_NO_EGD) && !defined(DEVRANDOM_EGD)
/*
* set this to a comma-separated list of 'egd' sockets to try out. These
* sockets will be tried in the order listed in case accessing the device
* files listed in DEVRANDOM did not return enough randomness.
*/
# define DEVRANDOM_EGD "/var/run/egd-pool", "/dev/egd-pool", "/etc/egd-pool", "/etc/entropy"
#endif
void ossl_rand_cleanup_int(void);
/*
* Initialise the random pool reseeding sources.
*
* Returns 1 on success and 0 on failure.
*/
int ossl_rand_pool_init(void);
/*
* Finalise the random pool reseeding sources.
*/
void ossl_rand_pool_cleanup(void);
/*
* Control the random pool use of open file descriptors.
*/
void ossl_rand_pool_keep_random_devices_open(int keep);
/*
* Configuration
*/
void ossl_random_add_conf_module(void);
/*
* Get and cleanup random seed material.
*/
size_t ossl_rand_get_entropy(OSSL_LIB_CTX *ctx,
unsigned char **pout, int entropy,
size_t min_len, size_t max_len);
size_t ossl_rand_get_user_entropy(OSSL_LIB_CTX *ctx,
unsigned char **pout, int entropy,
size_t min_len, size_t max_len);
void ossl_rand_cleanup_entropy(OSSL_LIB_CTX *ctx,
unsigned char *buf, size_t len);
void ossl_rand_cleanup_user_entropy(OSSL_LIB_CTX *ctx,
unsigned char *buf, size_t len);
size_t ossl_rand_get_nonce(OSSL_LIB_CTX *ctx,
unsigned char **pout, size_t min_len, size_t max_len,
const void *salt, size_t salt_len);
size_t ossl_rand_get_user_nonce(OSSL_LIB_CTX *ctx, unsigned char **pout,
size_t min_len, size_t max_len,
const void *salt, size_t salt_len);
void ossl_rand_cleanup_nonce(OSSL_LIB_CTX *ctx,
unsigned char *buf, size_t len);
void ossl_rand_cleanup_user_nonce(OSSL_LIB_CTX *ctx,
unsigned char *buf, size_t len);
/*
* Get seeding material from the operating system sources.
*/
size_t ossl_pool_acquire_entropy(RAND_POOL *pool);
int ossl_pool_add_nonce_data(RAND_POOL *pool);
# ifdef FIPS_MODULE
EVP_RAND_CTX *ossl_rand_get0_private_noncreating(OSSL_LIB_CTX *ctx);
# else
EVP_RAND_CTX *ossl_rand_get0_seed_noncreating(OSSL_LIB_CTX *ctx);
# endif
/* Generate a uniformly distributed random integer in the interval [0, upper) */
uint32_t ossl_rand_uniform_uint32(OSSL_LIB_CTX *ctx, uint32_t upper, int *err);
/*
* Generate a uniformly distributed random integer in the interval
* [lower, upper).
*/
uint32_t ossl_rand_range_uint32(OSSL_LIB_CTX *ctx, uint32_t lower, uint32_t upper,
int *err);
#endif

View File

@ -0,0 +1,109 @@
/*
* Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_PROVIDER_RAND_POOL_H
# define OSSL_PROVIDER_RAND_POOL_H
# pragma once
# include <stdio.h>
# include <openssl/rand.h>
/*
* Maximum allocation size for RANDOM_POOL buffers
*
* The max_len value for the buffer provided to the rand_drbg_get_entropy()
* callback is currently 2^31 bytes (2 gigabytes), if a derivation function
* is used. Since this is much too large to be allocated, the ossl_rand_pool_new()
* function chooses more modest values as default pool length, bounded
* by RAND_POOL_MIN_LENGTH and RAND_POOL_MAX_LENGTH
*
* The choice of the RAND_POOL_FACTOR is large enough such that the
* RAND_POOL can store a random input which has a lousy entropy rate of
* 8/256 (= 0.03125) bits per byte. This input will be sent through the
* derivation function which 'compresses' the low quality input into a
* high quality output.
*
* The factor 1.5 below is the pessimistic estimate for the extra amount
* of entropy required when no get_nonce() callback is defined.
*/
# define RAND_POOL_FACTOR 256
# define RAND_POOL_MAX_LENGTH (RAND_POOL_FACTOR * \
3 * (RAND_DRBG_STRENGTH / 16))
/*
* = (RAND_POOL_FACTOR * \
* 1.5 * (RAND_DRBG_STRENGTH / 8))
*/
/*
* Initial allocation minimum.
*
* There is a distinction between the secure and normal allocation minimums.
* Ideally, the secure allocation size should be a power of two. The normal
* allocation size doesn't have any such restriction.
*
* The secure value is based on 128 bits of secure material, which is 16 bytes.
* Typically, the DRBGs will set a minimum larger than this so optimal
* allocation ought to take place (for full quality seed material).
*
* The normal value has been chosen by noticing that the rand_drbg_get_nonce
* function is usually the largest of the built in allocation (twenty four
* bytes and then appending another sixteen bytes). This means the buffer ends
* with 40 bytes. The value of forty eight is comfortably above this which
* allows some slack in the platform specific values used.
*/
# define RAND_POOL_MIN_ALLOCATION(secure) ((secure) ? 16 : 48)
/*
* The 'random pool' acts as a dumb container for collecting random
* input from various entropy sources. It is the callers duty to 1) initialize
* the random pool, 2) pass it to the polling callbacks, 3) seed the RNG, and
* 4) cleanup the random pool again.
*
* The random pool contains no locking mechanism because its scope and
* lifetime is intended to be restricted to a single stack frame.
*/
typedef struct rand_pool_st {
unsigned char *buffer; /* points to the beginning of the random pool */
size_t len; /* current number of random bytes contained in the pool */
int attached; /* true pool was attached to existing buffer */
int secure; /* 1: allocated on the secure heap, 0: otherwise */
size_t min_len; /* minimum number of random bytes requested */
size_t max_len; /* maximum number of random bytes (allocated buffer size) */
size_t alloc_len; /* current number of bytes allocated */
size_t entropy; /* current entropy count in bits */
size_t entropy_requested; /* requested entropy count in bits */
} RAND_POOL;
RAND_POOL *ossl_rand_pool_new(int entropy_requested, int secure,
size_t min_len, size_t max_len);
RAND_POOL *ossl_rand_pool_attach(const unsigned char *buffer, size_t len,
size_t entropy);
void ossl_rand_pool_free(RAND_POOL *pool);
const unsigned char *ossl_rand_pool_buffer(RAND_POOL *pool);
unsigned char *ossl_rand_pool_detach(RAND_POOL *pool);
void ossl_rand_pool_reattach(RAND_POOL *pool, unsigned char *buffer);
size_t ossl_rand_pool_entropy(RAND_POOL *pool);
size_t ossl_rand_pool_length(RAND_POOL *pool);
size_t ossl_rand_pool_entropy_available(RAND_POOL *pool);
size_t ossl_rand_pool_entropy_needed(RAND_POOL *pool);
/* |entropy_factor| expresses how many bits of data contain 1 bit of entropy */
size_t ossl_rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor);
size_t ossl_rand_pool_bytes_remaining(RAND_POOL *pool);
int ossl_rand_pool_add(RAND_POOL *pool,
const unsigned char *buffer, size_t len, size_t entropy);
unsigned char *ossl_rand_pool_add_begin(RAND_POOL *pool, size_t len);
int ossl_rand_pool_add_end(RAND_POOL *pool, size_t len, size_t entropy);
#endif /* OSSL_PROVIDER_RAND_POOL_H */

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_RANDERR_H
# define OSSL_CRYPTO_RANDERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_RAND_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,43 @@
/*
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* X Macro Definitions for Specification of RISC-V Arch Capabilities */
/*
* Each RISC-V capability ends up encoded as a single set bit in an array of
* words. When specifying a new capability, write a new RISCV_DEFINE_CAP
* statement, with an argument as the extension name in all-caps,
* second argument as the index in the array where the capability will be stored
* and third argument as the index of the bit to be used to encode the
* capability.
* RISCV_DEFINE_CAP(EXTENSION NAME, array index, bit index) */
RISCV_DEFINE_CAP(ZBA, 0, 0)
RISCV_DEFINE_CAP(ZBB, 0, 1)
RISCV_DEFINE_CAP(ZBC, 0, 2)
RISCV_DEFINE_CAP(ZBS, 0, 3)
RISCV_DEFINE_CAP(ZBKB, 0, 4)
RISCV_DEFINE_CAP(ZBKC, 0, 5)
RISCV_DEFINE_CAP(ZBKX, 0, 6)
RISCV_DEFINE_CAP(ZKND, 0, 7)
RISCV_DEFINE_CAP(ZKNE, 0, 8)
RISCV_DEFINE_CAP(ZKNH, 0, 9)
RISCV_DEFINE_CAP(ZKSED, 0, 10)
RISCV_DEFINE_CAP(ZKSH, 0, 11)
RISCV_DEFINE_CAP(ZKR, 0, 12)
RISCV_DEFINE_CAP(ZKT, 0, 13)
/*
* In the future ...
* RISCV_DEFINE_CAP(ZFOO, 0, 31)
* RISCV_DEFINE_CAP(ZBAR, 1, 0)
* ... and so on.
*/
#undef RISCV_DEFINE_CAP

View File

@ -0,0 +1,64 @@
/*
* Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_RISCV_ARCH_H
# define OSSL_CRYPTO_RISCV_ARCH_H
# include <ctype.h>
# include <stdint.h>
# define RISCV_DEFINE_CAP(NAME, INDEX, BIT_INDEX) +1
extern uint32_t OPENSSL_riscvcap_P[ ((
# include "riscv_arch.def"
) + sizeof(uint32_t) - 1) / sizeof(uint32_t) ];
# ifdef OPENSSL_RISCVCAP_IMPL
# define RISCV_DEFINE_CAP(NAME, INDEX, BIT_INDEX) +1
uint32_t OPENSSL_riscvcap_P[ ((
# include "riscv_arch.def"
) + sizeof(uint32_t) - 1) / sizeof(uint32_t) ];
# endif
# define RISCV_DEFINE_CAP(NAME, INDEX, BIT_INDEX) \
static inline int RISCV_HAS_##NAME(void) \
{ \
return (OPENSSL_riscvcap_P[INDEX] & (1 << BIT_INDEX)) != 0; \
}
# include "riscv_arch.def"
struct RISCV_capability_s {
const char *name;
size_t index;
size_t bit_offset;
};
# define RISCV_DEFINE_CAP(NAME, INDEX, BIT_INDEX) +1
extern const struct RISCV_capability_s RISCV_capabilities[
# include "riscv_arch.def"
];
# ifdef OPENSSL_RISCVCAP_IMPL
# define RISCV_DEFINE_CAP(NAME, INDEX, BIT_INDEX) \
{ #NAME, INDEX, BIT_INDEX },
const struct RISCV_capability_s RISCV_capabilities[] = {
# include "riscv_arch.def"
};
# endif
# define RISCV_DEFINE_CAP(NAME, INDEX, BIT_INDEX) +1
static const size_t kRISCVNumCaps =
# include "riscv_arch.def"
;
/* Extension combination tests. */
#define RISCV_HAS_ZBB_AND_ZBC() (RISCV_HAS_ZBB() && RISCV_HAS_ZBC())
#define RISCV_HAS_ZBKB_AND_ZKND_AND_ZKNE() (RISCV_HAS_ZBKB() && RISCV_HAS_ZKND() && RISCV_HAS_ZKNE())
#define RISCV_HAS_ZKND_AND_ZKNE() (RISCV_HAS_ZKND() && RISCV_HAS_ZKNE())
#endif

View File

@ -0,0 +1,132 @@
/*
* Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_RSA_H
# define OSSL_INTERNAL_RSA_H
# pragma once
# include <openssl/core.h>
# include <openssl/rsa.h>
# include "crypto/types.h"
#define RSA_MIN_MODULUS_BITS 512
typedef struct rsa_pss_params_30_st {
int hash_algorithm_nid;
struct {
int algorithm_nid; /* Currently always NID_mgf1 */
int hash_algorithm_nid;
} mask_gen;
int salt_len;
int trailer_field;
} RSA_PSS_PARAMS_30;
RSA_PSS_PARAMS_30 *ossl_rsa_get0_pss_params_30(RSA *r);
int ossl_rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params);
int ossl_rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to,
const RSA_PSS_PARAMS_30 *from);
int ossl_rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params);
int ossl_rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
int hashalg_nid);
int ossl_rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
int maskgenhashalg_nid);
int ossl_rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params,
int saltlen);
int ossl_rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params,
int trailerfield);
int ossl_rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params);
int ossl_rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params);
int ossl_rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params);
int ossl_rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params);
int ossl_rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params);
const char *ossl_rsa_mgf_nid2name(int mgf);
int ossl_rsa_oaeppss_md2nid(const EVP_MD *md);
const char *ossl_rsa_oaeppss_nid2name(int md);
RSA *ossl_rsa_new_with_ctx(OSSL_LIB_CTX *libctx);
OSSL_LIB_CTX *ossl_rsa_get0_libctx(RSA *r);
void ossl_rsa_set0_libctx(RSA *r, OSSL_LIB_CTX *libctx);
int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes,
const STACK_OF(BIGNUM) *exps,
const STACK_OF(BIGNUM) *coeffs);
int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes,
STACK_OF(BIGNUM_const) *exps,
STACK_OF(BIGNUM_const) *coeffs);
int ossl_rsa_is_foreign(const RSA *rsa);
RSA *ossl_rsa_dup(const RSA *rsa, int selection);
int ossl_rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[],
int include_private);
int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[], int include_private);
int ossl_rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss,
OSSL_PARAM_BLD *bld, OSSL_PARAM params[]);
int ossl_rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,
int *defaults_set,
const OSSL_PARAM params[],
OSSL_LIB_CTX *libctx);
int ossl_rsa_set0_pss_params(RSA *r, RSA_PSS_PARAMS *pss);
int ossl_rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss,
const EVP_MD **pmd, const EVP_MD **pmgf1md,
int *psaltlen, int *ptrailerField);
RSA_PSS_PARAMS *ossl_rsa_pss_decode(const X509_ALGOR *alg);
int ossl_rsa_param_decode(RSA *rsa, const X509_ALGOR *alg);
RSA *ossl_rsa_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf,
OSSL_LIB_CTX *libctx, const char *propq);
int ossl_rsa_padding_check_PKCS1_type_2(OSSL_LIB_CTX *ctx,
unsigned char *to, int tlen,
const unsigned char *from, int flen,
int num, unsigned char *kdk);
int ossl_rsa_padding_check_PKCS1_type_2_TLS(OSSL_LIB_CTX *ctx, unsigned char *to,
size_t tlen,
const unsigned char *from,
size_t flen, int client_version,
int alt_version);
int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OSSL_LIB_CTX *libctx,
unsigned char *to, int tlen,
const unsigned char *from, int flen,
const unsigned char *param,
int plen, const EVP_MD *md,
const EVP_MD *mgf1md);
int ossl_rsa_validate_public(const RSA *key);
int ossl_rsa_validate_private(const RSA *key);
int ossl_rsa_validate_pairwise(const RSA *key);
int ossl_rsa_verify(int dtype, const unsigned char *m,
unsigned int m_len, unsigned char *rm,
size_t *prm_len, const unsigned char *sigbuf,
size_t siglen, RSA *rsa);
const unsigned char *ossl_rsa_digestinfo_encoding(int md_nid, size_t *len);
extern const char *ossl_rsa_mp_factor_names[];
extern const char *ossl_rsa_mp_exp_names[];
extern const char *ossl_rsa_mp_coeff_names[];
ASN1_STRING *ossl_rsa_ctx_to_pss_string(EVP_PKEY_CTX *pkctx);
int ossl_rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
const X509_ALGOR *sigalg, EVP_PKEY *pkey);
# if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
int ossl_rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]);
void ossl_rsa_acvp_test_gen_params_free(OSSL_PARAM *dst);
int ossl_rsa_acvp_test_set_params(RSA *r, const OSSL_PARAM params[]);
int ossl_rsa_acvp_test_get_params(RSA *r, OSSL_PARAM params[]);
typedef struct rsa_acvp_test_st RSA_ACVP_TEST;
void ossl_rsa_acvp_test_free(RSA_ACVP_TEST *t);
# else
# define RSA_ACVP_TEST void
# endif
RSA *evp_pkey_get1_RSA_PSS(EVP_PKEY *pkey);
#endif

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_RSAERR_H
# define OSSL_CRYPTO_RSAERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_RSA_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,16 @@
/*
* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_SECURITY_BITS_H
# define OSSL_SECURITY_BITS_H
# pragma once
uint16_t ossl_ifc_ffc_compute_security_bits(int n);
#endif

View File

@ -0,0 +1,23 @@
/*
* Copyright 2018-2023 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_SHA_H
# define OSSL_CRYPTO_SHA_H
# pragma once
# include <openssl/sha.h>
int ossl_sha256_192_init(SHA256_CTX *c);
int sha512_224_init(SHA512_CTX *);
int sha512_256_init(SHA512_CTX *);
int ossl_sha1_ctrl(SHA_CTX *ctx, int cmd, int mslen, void *ms);
unsigned char *ossl_sha1(const unsigned char *d, size_t n, unsigned char *md);
#endif

View File

@ -0,0 +1,50 @@
/*
* Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_SIPHASH_H
# define OSSL_CRYPTO_SIPHASH_H
# pragma once
# include <stddef.h>
# define SIPHASH_BLOCK_SIZE 8
# define SIPHASH_KEY_SIZE 16
# define SIPHASH_MIN_DIGEST_SIZE 8
# define SIPHASH_MAX_DIGEST_SIZE 16
typedef struct siphash_st SIPHASH;
size_t SipHash_ctx_size(void);
size_t SipHash_hash_size(SIPHASH *ctx);
int SipHash_set_hash_size(SIPHASH *ctx, size_t hash_size);
int SipHash_Init(SIPHASH *ctx, const unsigned char *k,
int crounds, int drounds);
void SipHash_Update(SIPHASH *ctx, const unsigned char *in, size_t inlen);
int SipHash_Final(SIPHASH *ctx, unsigned char *out, size_t outlen);
/* Based on https://131002.net/siphash C reference implementation */
struct siphash_st {
uint64_t total_inlen;
uint64_t v0;
uint64_t v1;
uint64_t v2;
uint64_t v3;
unsigned int len;
unsigned int hash_size;
unsigned int crounds;
unsigned int drounds;
unsigned char leavings[SIPHASH_BLOCK_SIZE];
};
/* default: SipHash-2-4 */
# define SIPHASH_C_ROUNDS 2
# define SIPHASH_D_ROUNDS 4
#endif

View File

@ -0,0 +1,33 @@
/*
* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OPENSSL_NO_SIV
typedef struct siv128_context SIV128_CONTEXT;
SIV128_CONTEXT *ossl_siv128_new(const unsigned char *key, int klen,
EVP_CIPHER *cbc, EVP_CIPHER *ctr,
OSSL_LIB_CTX *libctx, const char *propq);
int ossl_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen,
const EVP_CIPHER *cbc, const EVP_CIPHER *ctr,
OSSL_LIB_CTX *libctx, const char *propq);
int ossl_siv128_copy_ctx(SIV128_CONTEXT *dest, SIV128_CONTEXT *src);
int ossl_siv128_aad(SIV128_CONTEXT *ctx, const unsigned char *aad, size_t len);
int ossl_siv128_encrypt(SIV128_CONTEXT *ctx,
const unsigned char *in, unsigned char *out, size_t len);
int ossl_siv128_decrypt(SIV128_CONTEXT *ctx,
const unsigned char *in, unsigned char *out, size_t len);
int ossl_siv128_finish(SIV128_CONTEXT *ctx);
int ossl_siv128_set_tag(SIV128_CONTEXT *ctx, const unsigned char *tag,
size_t len);
int ossl_siv128_get_tag(SIV128_CONTEXT *ctx, unsigned char *tag, size_t len);
int ossl_siv128_cleanup(SIV128_CONTEXT *ctx);
int ossl_siv128_speed(SIV128_CONTEXT *ctx, int arg);
#endif /* OPENSSL_NO_SIV */

View File

@ -0,0 +1,86 @@
/*
* Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2017 Ribose Inc. All Rights Reserved.
* Ported from Ribose contributions from Botan.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_SM2_H
# define OSSL_CRYPTO_SM2_H
# pragma once
# include <openssl/opensslconf.h>
# if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE)
# include <openssl/ec.h>
# include "crypto/types.h"
int ossl_sm2_key_private_check(const EC_KEY *eckey);
/* The default user id as specified in GM/T 0009-2012 */
# define SM2_DEFAULT_USERID "1234567812345678"
int ossl_sm2_compute_z_digest(uint8_t *out,
const EVP_MD *digest,
const uint8_t *id,
const size_t id_len,
const EC_KEY *key);
/*
* SM2 signature operation. Computes Z and then signs H(Z || msg) using SM2
*/
ECDSA_SIG *ossl_sm2_do_sign(const EC_KEY *key,
const EVP_MD *digest,
const uint8_t *id,
const size_t id_len,
const uint8_t *msg, size_t msg_len);
int ossl_sm2_do_verify(const EC_KEY *key,
const EVP_MD *digest,
const ECDSA_SIG *signature,
const uint8_t *id,
const size_t id_len,
const uint8_t *msg, size_t msg_len);
/*
* SM2 signature generation.
*/
int ossl_sm2_internal_sign(const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen,
EC_KEY *eckey);
/*
* SM2 signature verification.
*/
int ossl_sm2_internal_verify(const unsigned char *dgst, int dgstlen,
const unsigned char *sig, int siglen,
EC_KEY *eckey);
/*
* SM2 encryption
*/
int ossl_sm2_ciphertext_size(const EC_KEY *key, const EVP_MD *digest,
size_t msg_len, size_t *ct_size);
int ossl_sm2_plaintext_size(const unsigned char *ct, size_t ct_size,
size_t *pt_size);
int ossl_sm2_encrypt(const EC_KEY *key,
const EVP_MD *digest,
const uint8_t *msg, size_t msg_len,
uint8_t *ciphertext_buf, size_t *ciphertext_len);
int ossl_sm2_decrypt(const EC_KEY *key,
const EVP_MD *digest,
const uint8_t *ciphertext, size_t ciphertext_len,
uint8_t *ptext_buf, size_t *ptext_len);
const unsigned char *ossl_sm2_algorithmidentifier_encoding(int md_nid,
size_t *len);
# endif /* OPENSSL_NO_SM2 */
#endif

View File

@ -0,0 +1,49 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_SM2ERR_H
# define OSSL_CRYPTO_SM2ERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
# ifndef OPENSSL_NO_SM2
int ossl_err_load_SM2_strings(void);
/*
* SM2 reason codes.
*/
# define SM2_R_ASN1_ERROR 100
# define SM2_R_BAD_SIGNATURE 101
# define SM2_R_BUFFER_TOO_SMALL 107
# define SM2_R_DIST_ID_TOO_LARGE 110
# define SM2_R_ID_NOT_SET 112
# define SM2_R_ID_TOO_LARGE 111
# define SM2_R_INVALID_CURVE 108
# define SM2_R_INVALID_DIGEST 102
# define SM2_R_INVALID_DIGEST_TYPE 103
# define SM2_R_INVALID_ENCODING 104
# define SM2_R_INVALID_FIELD 105
# define SM2_R_INVALID_PRIVATE_KEY 113
# define SM2_R_NO_PARAMETERS_SET 109
# define SM2_R_USER_ID_TOO_LARGE 106
# endif
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,38 @@
/*
* Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2017 Ribose Inc. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_SM4_H
# define OSSL_CRYPTO_SM4_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/e_os2.h>
# ifdef OPENSSL_NO_SM4
# error SM4 is disabled.
# endif
# define SM4_ENCRYPT 1
# define SM4_DECRYPT 0
# define SM4_BLOCK_SIZE 16
# define SM4_KEY_SCHEDULE 32
typedef struct SM4_KEY_st {
uint32_t rk[SM4_KEY_SCHEDULE];
} SM4_KEY;
int ossl_sm4_set_key(const uint8_t *key, SM4_KEY *ks);
void ossl_sm4_encrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks);
void ossl_sm4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks);
#endif

View File

@ -0,0 +1,111 @@
/*
* Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_SM4_PLATFORM_H
# define OSSL_SM4_PLATFORM_H
# pragma once
# if defined(OPENSSL_CPUID_OBJ)
# if defined(__aarch64__) || defined (_M_ARM64)
# include "arm_arch.h"
extern unsigned int OPENSSL_arm_midr;
static inline int vpsm4_capable(void)
{
return (OPENSSL_armcap_P & ARMV8_CPUID) &&
(MIDR_IS_CPU_MODEL(OPENSSL_arm_midr, ARM_CPU_IMP_ARM, ARM_CPU_PART_V1) ||
MIDR_IS_CPU_MODEL(OPENSSL_arm_midr, ARM_CPU_IMP_ARM, ARM_CPU_PART_N1));
}
static inline int vpsm4_ex_capable(void)
{
return (OPENSSL_armcap_P & ARMV8_CPUID) &&
(MIDR_IS_CPU_MODEL(OPENSSL_arm_midr, HISI_CPU_IMP, HISI_CPU_PART_KP920));
}
# if defined(VPSM4_ASM)
# define VPSM4_CAPABLE vpsm4_capable()
# define VPSM4_EX_CAPABLE vpsm4_ex_capable()
# endif
# define HWSM4_CAPABLE (OPENSSL_armcap_P & ARMV8_SM4)
# define HWSM4_set_encrypt_key sm4_v8_set_encrypt_key
# define HWSM4_set_decrypt_key sm4_v8_set_decrypt_key
# define HWSM4_encrypt sm4_v8_encrypt
# define HWSM4_decrypt sm4_v8_decrypt
# define HWSM4_cbc_encrypt sm4_v8_cbc_encrypt
# define HWSM4_ecb_encrypt sm4_v8_ecb_encrypt
# define HWSM4_ctr32_encrypt_blocks sm4_v8_ctr32_encrypt_blocks
# endif
# endif /* OPENSSL_CPUID_OBJ */
# if defined(HWSM4_CAPABLE)
int HWSM4_set_encrypt_key(const unsigned char *userKey, SM4_KEY *key);
int HWSM4_set_decrypt_key(const unsigned char *userKey, SM4_KEY *key);
void HWSM4_encrypt(const unsigned char *in, unsigned char *out,
const SM4_KEY *key);
void HWSM4_decrypt(const unsigned char *in, unsigned char *out,
const SM4_KEY *key);
void HWSM4_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const SM4_KEY *key,
unsigned char *ivec, const int enc);
void HWSM4_ecb_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const SM4_KEY *key,
const int enc);
void HWSM4_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
const unsigned char ivec[16]);
# endif /* HWSM4_CAPABLE */
# ifdef VPSM4_CAPABLE
int vpsm4_set_encrypt_key(const unsigned char *userKey, SM4_KEY *key);
int vpsm4_set_decrypt_key(const unsigned char *userKey, SM4_KEY *key);
void vpsm4_encrypt(const unsigned char *in, unsigned char *out,
const SM4_KEY *key);
void vpsm4_decrypt(const unsigned char *in, unsigned char *out,
const SM4_KEY *key);
void vpsm4_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const SM4_KEY *key,
unsigned char *ivec, const int enc);
void vpsm4_ecb_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const SM4_KEY *key,
const int enc);
void vpsm4_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
const unsigned char ivec[16]);
void vpsm4_xts_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const SM4_KEY *key1, const SM4_KEY *key2,
const unsigned char ivec[16], const int enc);
void vpsm4_xts_encrypt_gb(const unsigned char *in, unsigned char *out,
size_t len, const SM4_KEY *key1, const SM4_KEY *key2,
const unsigned char ivec[16], const int enc);
# endif /* VPSM4_CAPABLE */
# ifdef VPSM4_EX_CAPABLE
int vpsm4_ex_set_encrypt_key(const unsigned char *userKey, SM4_KEY *key);
int vpsm4_ex_set_decrypt_key(const unsigned char *userKey, SM4_KEY *key);
void vpsm4_ex_encrypt(const unsigned char *in, unsigned char *out,
const SM4_KEY *key);
void vpsm4_ex_decrypt(const unsigned char *in, unsigned char *out,
const SM4_KEY *key);
void vpsm4_ex_cbc_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const SM4_KEY *key,
unsigned char *ivec, const int enc);
void vpsm4_ex_ecb_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const SM4_KEY *key,
const int enc);
void vpsm4_ex_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
const unsigned char ivec[16]);
void vpsm4_ex_xts_encrypt(const unsigned char *in, unsigned char *out,
size_t len, const SM4_KEY *key1, const SM4_KEY *key2,
const unsigned char ivec[16], const int enc);
void vpsm4_ex_xts_encrypt_gb(const unsigned char *in, unsigned char *out,
size_t len, const SM4_KEY *key1,
const SM4_KEY *key2, const unsigned char ivec[16],
const int enc);
# endif /* VPSM4_EX_CAPABLE */
#endif /* OSSL_SM4_PLATFORM_H */

View File

@ -0,0 +1,122 @@
/*
* Copyright 2012-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_SPARC_ARCH_H
# define OSSL_CRYPTO_SPARC_ARCH_H
# define SPARCV9_TICK_PRIVILEGED (1<<0)
# define SPARCV9_PREFER_FPU (1<<1)
# define SPARCV9_VIS1 (1<<2)
# define SPARCV9_VIS2 (1<<3)/* reserved */
# define SPARCV9_FMADD (1<<4)
# define SPARCV9_BLK (1<<5)/* VIS1 block copy */
# define SPARCV9_VIS3 (1<<6)
# define SPARCV9_RANDOM (1<<7)
# define SPARCV9_64BIT_STACK (1<<8)
# define SPARCV9_FJAESX (1<<9)/* Fujitsu SPARC64 X AES */
# define SPARCV9_FJDESX (1<<10)/* Fujitsu SPARC64 X DES, reserved */
# define SPARCV9_FJHPCACE (1<<11)/* Fujitsu HPC-ACE, reserved */
# define SPARCV9_IMA (1<<13)/* reserved */
# define SPARCV9_VIS4 (1<<14)/* reserved */
/*
* OPENSSL_sparcv9cap_P[1] is copy of Compatibility Feature Register,
* %asr26, SPARC-T4 and later. There is no SPARCV9_CFR bit in
* OPENSSL_sparcv9cap_P[0], as %cfr copy is sufficient...
*/
# define CFR_AES 0x00000001/* Supports AES opcodes */
# define CFR_DES 0x00000002/* Supports DES opcodes */
# define CFR_KASUMI 0x00000004/* Supports KASUMI opcodes */
# define CFR_CAMELLIA 0x00000008/* Supports CAMELLIA opcodes */
# define CFR_MD5 0x00000010/* Supports MD5 opcodes */
# define CFR_SHA1 0x00000020/* Supports SHA1 opcodes */
# define CFR_SHA256 0x00000040/* Supports SHA256 opcodes */
# define CFR_SHA512 0x00000080/* Supports SHA512 opcodes */
# define CFR_MPMUL 0x00000100/* Supports MPMUL opcodes */
# define CFR_MONTMUL 0x00000200/* Supports MONTMUL opcodes */
# define CFR_MONTSQR 0x00000400/* Supports MONTSQR opcodes */
# define CFR_CRC32C 0x00000800/* Supports CRC32C opcodes */
# define CFR_XMPMUL 0x00001000/* Supports XMPMUL opcodes */
# define CFR_XMONTMUL 0x00002000/* Supports XMONTMUL opcodes */
# define CFR_XMONTSQR 0x00004000/* Supports XMONTSQR opcodes */
# if defined(OPENSSL_PIC) && !defined(__PIC__)
# define __PIC__
# endif
# if defined(__SUNPRO_C) && defined(__sparcv9) && !defined(__arch64__)
# define __arch64__
# endif
# define SPARC_PIC_THUNK(reg) \
.align 32; \
.Lpic_thunk: \
jmp %o7 + 8; \
add %o7, reg, reg;
# define SPARC_PIC_THUNK_CALL(reg) \
sethi %hi(_GLOBAL_OFFSET_TABLE_-4), reg; \
call .Lpic_thunk; \
or reg, %lo(_GLOBAL_OFFSET_TABLE_+4), reg;
# if 1
# define SPARC_SETUP_GOT_REG(reg) SPARC_PIC_THUNK_CALL(reg)
# else
# define SPARC_SETUP_GOT_REG(reg) \
sethi %hi(_GLOBAL_OFFSET_TABLE_-4), reg; \
call .+8; \
or reg,%lo(_GLOBAL_OFFSET_TABLE_+4), reg; \
add %o7, reg, reg
# endif
# if defined(__arch64__)
# define SPARC_LOAD_ADDRESS(SYM, reg) \
setx SYM, %o7, reg;
# define LDPTR ldx
# define SIZE_T_CC %xcc
# define STACK_FRAME 192
# define STACK_BIAS 2047
# define STACK_7thARG (STACK_BIAS+176)
# else
# define SPARC_LOAD_ADDRESS(SYM, reg) \
set SYM, reg;
# define LDPTR ld
# define SIZE_T_CC %icc
# define STACK_FRAME 112
# define STACK_BIAS 0
# define STACK_7thARG 92
# define SPARC_LOAD_ADDRESS_LEAF(SYM,reg,tmp) SPARC_LOAD_ADDRESS(SYM,reg)
# endif
# ifdef __PIC__
# undef SPARC_LOAD_ADDRESS
# undef SPARC_LOAD_ADDRESS_LEAF
# define SPARC_LOAD_ADDRESS(SYM, reg) \
SPARC_SETUP_GOT_REG(reg); \
sethi %hi(SYM), %o7; \
or %o7, %lo(SYM), %o7; \
LDPTR [reg + %o7], reg;
# endif
# ifndef SPARC_LOAD_ADDRESS_LEAF
# define SPARC_LOAD_ADDRESS_LEAF(SYM, reg, tmp) \
mov %o7, tmp; \
SPARC_LOAD_ADDRESS(SYM, reg) \
mov tmp, %o7;
# endif
# ifndef __ASSEMBLER__
extern unsigned int OPENSSL_sparcv9cap_P[2];
# endif
#endif /* OSSL_CRYPTO_SPARC_ARCH_H */

View File

@ -0,0 +1,92 @@
/*
* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_SPARSE_ARRAY_H
# define OSSL_CRYPTO_SPARSE_ARRAY_H
# pragma once
# include <openssl/e_os2.h>
# ifdef __cplusplus
extern "C" {
# endif
# define SPARSE_ARRAY_OF(type) struct sparse_array_st_ ## type
# define DEFINE_SPARSE_ARRAY_OF_INTERNAL(type, ctype) \
SPARSE_ARRAY_OF(type); \
static ossl_unused ossl_inline SPARSE_ARRAY_OF(type) * \
ossl_sa_##type##_new(void) \
{ \
return (SPARSE_ARRAY_OF(type) *)ossl_sa_new(); \
} \
static ossl_unused ossl_inline void \
ossl_sa_##type##_free(SPARSE_ARRAY_OF(type) *sa) \
{ \
ossl_sa_free((OPENSSL_SA *)sa); \
} \
static ossl_unused ossl_inline void \
ossl_sa_##type##_free_leaves(SPARSE_ARRAY_OF(type) *sa) \
{ \
ossl_sa_free_leaves((OPENSSL_SA *)sa); \
} \
static ossl_unused ossl_inline size_t \
ossl_sa_##type##_num(const SPARSE_ARRAY_OF(type) *sa) \
{ \
return ossl_sa_num((OPENSSL_SA *)sa); \
} \
static ossl_unused ossl_inline void \
ossl_sa_##type##_doall(const SPARSE_ARRAY_OF(type) *sa, \
void (*leaf)(ossl_uintmax_t, type *)) \
{ \
ossl_sa_doall((OPENSSL_SA *)sa, \
(void (*)(ossl_uintmax_t, void *))leaf); \
} \
static ossl_unused ossl_inline void \
ossl_sa_##type##_doall_arg(const SPARSE_ARRAY_OF(type) *sa, \
void (*leaf)(ossl_uintmax_t, type *, void *), \
void *arg) \
{ \
ossl_sa_doall_arg((OPENSSL_SA *)sa, \
(void (*)(ossl_uintmax_t, void *, void *))leaf, arg); \
} \
static ossl_unused ossl_inline ctype \
*ossl_sa_##type##_get(const SPARSE_ARRAY_OF(type) *sa, ossl_uintmax_t n) \
{ \
return (type *)ossl_sa_get((OPENSSL_SA *)sa, n); \
} \
static ossl_unused ossl_inline int \
ossl_sa_##type##_set(SPARSE_ARRAY_OF(type) *sa, \
ossl_uintmax_t n, ctype *val) \
{ \
return ossl_sa_set((OPENSSL_SA *)sa, n, (void *)val); \
} \
SPARSE_ARRAY_OF(type)
# define DEFINE_SPARSE_ARRAY_OF(type) \
DEFINE_SPARSE_ARRAY_OF_INTERNAL(type, type)
# define DEFINE_SPARSE_ARRAY_OF_CONST(type) \
DEFINE_SPARSE_ARRAY_OF_INTERNAL(type, const type)
typedef struct sparse_array_st OPENSSL_SA;
OPENSSL_SA *ossl_sa_new(void);
void ossl_sa_free(OPENSSL_SA *sa);
void ossl_sa_free_leaves(OPENSSL_SA *sa);
size_t ossl_sa_num(const OPENSSL_SA *sa);
void ossl_sa_doall(const OPENSSL_SA *sa, void (*leaf)(ossl_uintmax_t, void *));
void ossl_sa_doall_arg(const OPENSSL_SA *sa,
void (*leaf)(ossl_uintmax_t, void *, void *), void *);
void *ossl_sa_get(const OPENSSL_SA *sa, ossl_uintmax_t n);
int ossl_sa_set(OPENSSL_SA *sa, ossl_uintmax_t n, void *val);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,23 @@
/*
* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_STORE_H
# define OSSL_CRYPTO_STORE_H
# pragma once
# include <openssl/bio.h>
# include <openssl/store.h>
# include <openssl/ui.h>
void ossl_store_cleanup_int(void);
int ossl_store_loader_get_number(const OSSL_STORE_LOADER *loader);
int ossl_store_loader_store_cache_flush(OSSL_LIB_CTX *libctx);
int ossl_store_loader_store_remove_all_provided(const OSSL_PROVIDER *prov);
#endif

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_STOREERR_H
# define OSSL_CRYPTO_STOREERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_OSSL_STORE_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,30 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_TSERR_H
# define OSSL_CRYPTO_TSERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
# ifndef OPENSSL_NO_TS
int ossl_err_load_TS_strings(void);
# endif
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,32 @@
/*
* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* When removal is simulated, we still need the type internally */
#ifndef OSSL_CRYPTO_TYPES_H
# define OSSL_CRYPTO_TYPES_H
# pragma once
# ifdef OPENSSL_NO_DEPRECATED_3_0
typedef struct rsa_st RSA;
typedef struct rsa_meth_st RSA_METHOD;
# ifndef OPENSSL_NO_EC
typedef struct ec_key_st EC_KEY;
typedef struct ec_key_method_st EC_KEY_METHOD;
# endif
# ifndef OPENSSL_NO_DSA
typedef struct dsa_st DSA;
# endif
# endif
# ifndef OPENSSL_NO_EC
typedef struct ecx_key_st ECX_KEY;
# endif
#endif

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_UIERR_H
# define OSSL_CRYPTO_UIERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_UI_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,391 @@
/*
* Copyright 2015-2024 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_X509_H
# define OSSL_CRYPTO_X509_H
# pragma once
# include "internal/refcount.h"
# include <openssl/asn1.h>
# include <openssl/x509.h>
# include <openssl/conf.h>
# include "crypto/types.h"
/* Internal X509 structures and functions: not for application use */
/* Note: unless otherwise stated a field pointer is mandatory and should
* never be set to NULL: the ASN.1 code and accessors rely on mandatory
* fields never being NULL.
*/
/*
* name entry structure, equivalent to AttributeTypeAndValue defined
* in RFC5280 et al.
*/
struct X509_name_entry_st {
ASN1_OBJECT *object; /* AttributeType */
ASN1_STRING *value; /* AttributeValue */
int set; /* index of RDNSequence for this entry */
int size; /* temp variable */
};
/* Name from RFC 5280. */
struct X509_name_st {
STACK_OF(X509_NAME_ENTRY) *entries; /* DN components */
int modified; /* true if 'bytes' needs to be built */
BUF_MEM *bytes; /* cached encoding: cannot be NULL */
/* canonical encoding used for rapid Name comparison */
unsigned char *canon_enc;
int canon_enclen;
} /* X509_NAME */ ;
/* Signature info structure */
struct x509_sig_info_st {
/* NID of message digest */
int mdnid;
/* NID of public key algorithm */
int pknid;
/* Security bits */
int secbits;
/* Various flags */
uint32_t flags;
};
/* PKCS#10 certificate request */
struct X509_req_info_st {
ASN1_ENCODING enc; /* cached encoding of signed part */
ASN1_INTEGER *version; /* version, defaults to v1(0) so can be NULL */
X509_NAME *subject; /* certificate request DN */
X509_PUBKEY *pubkey; /* public key of request */
/*
* Zero or more attributes.
* NB: although attributes is a mandatory field some broken
* encodings omit it so this may be NULL in that case.
*/
STACK_OF(X509_ATTRIBUTE) *attributes;
};
struct X509_req_st {
X509_REQ_INFO req_info; /* signed certificate request data */
X509_ALGOR sig_alg; /* signature algorithm */
ASN1_BIT_STRING *signature; /* signature */
CRYPTO_REF_COUNT references;
CRYPTO_RWLOCK *lock;
/* Set on live certificates for authentication purposes */
ASN1_OCTET_STRING *distinguishing_id;
OSSL_LIB_CTX *libctx;
char *propq;
};
struct X509_crl_info_st {
ASN1_INTEGER *version; /* version: defaults to v1(0) so may be NULL */
X509_ALGOR sig_alg; /* signature algorithm */
X509_NAME *issuer; /* CRL issuer name */
ASN1_TIME *lastUpdate; /* lastUpdate field */
ASN1_TIME *nextUpdate; /* nextUpdate field: optional */
STACK_OF(X509_REVOKED) *revoked; /* revoked entries: optional */
STACK_OF(X509_EXTENSION) *extensions; /* extensions: optional */
ASN1_ENCODING enc; /* encoding of signed portion of CRL */
};
struct X509_crl_st {
X509_CRL_INFO crl; /* signed CRL data */
X509_ALGOR sig_alg; /* CRL signature algorithm */
ASN1_BIT_STRING signature; /* CRL signature */
CRYPTO_REF_COUNT references;
int flags;
/*
* Cached copies of decoded extension values, since extensions
* are optional any of these can be NULL.
*/
AUTHORITY_KEYID *akid;
ISSUING_DIST_POINT *idp;
/* Convenient breakdown of IDP */
int idp_flags;
int idp_reasons;
/* CRL and base CRL numbers for delta processing */
ASN1_INTEGER *crl_number;
ASN1_INTEGER *base_crl_number;
STACK_OF(GENERAL_NAMES) *issuers;
/* hash of CRL */
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
/* alternative method to handle this CRL */
const X509_CRL_METHOD *meth;
void *meth_data;
CRYPTO_RWLOCK *lock;
OSSL_LIB_CTX *libctx;
char *propq;
};
struct x509_revoked_st {
ASN1_INTEGER serialNumber; /* revoked entry serial number */
ASN1_TIME *revocationDate; /* revocation date */
STACK_OF(X509_EXTENSION) *extensions; /* CRL entry extensions: optional */
/* decoded value of CRLissuer extension: set if indirect CRL */
STACK_OF(GENERAL_NAME) *issuer;
/* revocation reason: set to CRL_REASON_NONE if reason extension absent */
int reason;
/*
* CRL entries are reordered for faster lookup of serial numbers. This
* field contains the original load sequence for this entry.
*/
int sequence;
};
/*
* This stuff is certificate "auxiliary info": it contains details which are
* useful in certificate stores and databases. When used this is tagged onto
* the end of the certificate itself. OpenSSL specific structure not defined
* in any RFC.
*/
struct x509_cert_aux_st {
STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
ASN1_UTF8STRING *alias; /* "friendly name" */
ASN1_OCTET_STRING *keyid; /* key id of private key */
STACK_OF(X509_ALGOR) *other; /* other unspecified info */
};
struct x509_cinf_st {
ASN1_INTEGER *version; /* [ 0 ] default of v1 */
ASN1_INTEGER serialNumber;
X509_ALGOR signature;
X509_NAME *issuer;
X509_VAL validity;
X509_NAME *subject;
X509_PUBKEY *key;
ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
ASN1_ENCODING enc;
};
struct x509_st {
X509_CINF cert_info;
X509_ALGOR sig_alg;
ASN1_BIT_STRING signature;
X509_SIG_INFO siginf;
CRYPTO_REF_COUNT references;
CRYPTO_EX_DATA ex_data;
/* These contain copies of various extension values */
long ex_pathlen;
long ex_pcpathlen;
uint32_t ex_flags;
uint32_t ex_kusage;
uint32_t ex_xkusage;
uint32_t ex_nscert;
ASN1_OCTET_STRING *skid;
AUTHORITY_KEYID *akid;
X509_POLICY_CACHE *policy_cache;
STACK_OF(DIST_POINT) *crldp;
STACK_OF(GENERAL_NAME) *altname;
NAME_CONSTRAINTS *nc;
# ifndef OPENSSL_NO_RFC3779
STACK_OF(IPAddressFamily) *rfc3779_addr;
struct ASIdentifiers_st *rfc3779_asid;
# endif
unsigned char sha1_hash[SHA_DIGEST_LENGTH];
X509_CERT_AUX *aux;
CRYPTO_RWLOCK *lock;
volatile int ex_cached;
/* Set on live certificates for authentication purposes */
ASN1_OCTET_STRING *distinguishing_id;
OSSL_LIB_CTX *libctx;
char *propq;
} /* X509 */ ;
/*
* This is a used when verifying cert chains. Since the gathering of the
* cert chain can take some time (and have to be 'retried', this needs to be
* kept and passed around.
*/
struct x509_store_ctx_st { /* X509_STORE_CTX */
X509_STORE *store;
/* The following are set by the caller */
/* The cert to check */
X509 *cert;
/* chain of X509s - untrusted - passed in */
STACK_OF(X509) *untrusted;
/* set of CRLs passed in */
STACK_OF(X509_CRL) *crls;
X509_VERIFY_PARAM *param;
/* Other info for use with get_issuer() */
void *other_ctx;
/* Callbacks for various operations */
/* called to verify a certificate */
int (*verify) (X509_STORE_CTX *ctx);
/* error callback */
int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
/* get issuers cert from ctx */
int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
/* check issued */
int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
/* Check revocation status of chain */
int (*check_revocation) (X509_STORE_CTX *ctx);
/* retrieve CRL */
int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
/* Check CRL validity */
int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
/* Check certificate against CRL */
int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
/* Check policy status of the chain */
int (*check_policy) (X509_STORE_CTX *ctx);
STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx,
const X509_NAME *nm);
/* cannot constify 'ctx' param due to lookup_certs_sk() in x509_vfy.c */
STACK_OF(X509_CRL) *(*lookup_crls) (const X509_STORE_CTX *ctx,
const X509_NAME *nm);
int (*cleanup) (X509_STORE_CTX *ctx);
/* The following is built up */
/* if 0, rebuild chain */
int valid;
/* number of untrusted certs */
int num_untrusted;
/* chain of X509s - built up and trusted */
STACK_OF(X509) *chain;
/* Valid policy tree */
X509_POLICY_TREE *tree;
/* Require explicit policy value */
int explicit_policy;
/* When something goes wrong, this is why */
int error_depth;
int error;
X509 *current_cert;
/* cert currently being tested as valid issuer */
X509 *current_issuer;
/* current CRL */
X509_CRL *current_crl;
/* score of current CRL */
int current_crl_score;
/* Reason mask */
unsigned int current_reasons;
/* For CRL path validation: parent context */
X509_STORE_CTX *parent;
CRYPTO_EX_DATA ex_data;
SSL_DANE *dane;
/* signed via bare TA public key, rather than CA certificate */
int bare_ta_signed;
/* Raw Public Key */
EVP_PKEY *rpk;
OSSL_LIB_CTX *libctx;
char *propq;
};
/* PKCS#8 private key info structure */
struct pkcs8_priv_key_info_st {
ASN1_INTEGER *version;
X509_ALGOR *pkeyalg;
ASN1_OCTET_STRING *pkey;
STACK_OF(X509_ATTRIBUTE) *attributes;
};
struct X509_sig_st {
X509_ALGOR *algor;
ASN1_OCTET_STRING *digest;
};
struct x509_object_st {
/* one of the above types */
X509_LOOKUP_TYPE type;
union {
char *ptr;
X509 *x509;
X509_CRL *crl;
EVP_PKEY *pkey;
} data;
};
int ossl_a2i_ipadd(unsigned char *ipout, const char *ipasc);
int ossl_x509_set1_time(int *modified, ASN1_TIME **ptm, const ASN1_TIME *tm);
int ossl_x509_print_ex_brief(BIO *bio, X509 *cert, unsigned long neg_cflags);
int ossl_x509v3_cache_extensions(X509 *x);
int ossl_x509_init_sig_info(X509 *x);
int ossl_x509_set0_libctx(X509 *x, OSSL_LIB_CTX *libctx, const char *propq);
int ossl_x509_crl_set0_libctx(X509_CRL *x, OSSL_LIB_CTX *libctx,
const char *propq);
int ossl_x509_req_set0_libctx(X509_REQ *x, OSSL_LIB_CTX *libctx,
const char *propq);
int ossl_asn1_item_digest_ex(const ASN1_ITEM *it, const EVP_MD *type,
void *data, unsigned char *md, unsigned int *len,
OSSL_LIB_CTX *libctx, const char *propq);
int ossl_x509_add_cert_new(STACK_OF(X509) **sk, X509 *cert, int flags);
int ossl_x509_add_certs_new(STACK_OF(X509) **p_sk, STACK_OF(X509) *certs,
int flags);
STACK_OF(X509_ATTRIBUTE) *ossl_x509at_dup(const STACK_OF(X509_ATTRIBUTE) *x);
int ossl_x509_PUBKEY_get0_libctx(OSSL_LIB_CTX **plibctx, const char **ppropq,
const X509_PUBKEY *key);
/* Calculate default key identifier according to RFC 5280 section 4.2.1.2 (1) */
ASN1_OCTET_STRING *ossl_x509_pubkey_hash(X509_PUBKEY *pubkey);
X509_PUBKEY *ossl_d2i_X509_PUBKEY_INTERNAL(const unsigned char **pp,
long len, OSSL_LIB_CTX *libctx,
const char *propq);
void ossl_X509_PUBKEY_INTERNAL_free(X509_PUBKEY *xpub);
RSA *ossl_d2i_RSA_PSS_PUBKEY(RSA **a, const unsigned char **pp, long length);
int ossl_i2d_RSA_PSS_PUBKEY(const RSA *a, unsigned char **pp);
# ifndef OPENSSL_NO_DSA
DSA *ossl_d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length);
# endif /* OPENSSL_NO_DSA */
# ifndef OPENSSL_NO_DH
DH *ossl_d2i_DH_PUBKEY(DH **a, const unsigned char **pp, long length);
int ossl_i2d_DH_PUBKEY(const DH *a, unsigned char **pp);
DH *ossl_d2i_DHx_PUBKEY(DH **a, const unsigned char **pp, long length);
int ossl_i2d_DHx_PUBKEY(const DH *a, unsigned char **pp);
# endif /* OPENSSL_NO_DH */
# ifndef OPENSSL_NO_EC
ECX_KEY *ossl_d2i_ED25519_PUBKEY(ECX_KEY **a,
const unsigned char **pp, long length);
int ossl_i2d_ED25519_PUBKEY(const ECX_KEY *a, unsigned char **pp);
ECX_KEY *ossl_d2i_ED448_PUBKEY(ECX_KEY **a,
const unsigned char **pp, long length);
int ossl_i2d_ED448_PUBKEY(const ECX_KEY *a, unsigned char **pp);
ECX_KEY *ossl_d2i_X25519_PUBKEY(ECX_KEY **a,
const unsigned char **pp, long length);
int ossl_i2d_X25519_PUBKEY(const ECX_KEY *a, unsigned char **pp);
ECX_KEY *ossl_d2i_X448_PUBKEY(ECX_KEY **a,
const unsigned char **pp, long length);
int ossl_i2d_X448_PUBKEY(const ECX_KEY *a, unsigned char **pp);
# endif /* OPENSSL_NO_EC */
EVP_PKEY *ossl_d2i_PUBKEY_legacy(EVP_PKEY **a, const unsigned char **pp,
long length);
int ossl_x509_check_private_key(const EVP_PKEY *k, const EVP_PKEY *pkey);
int x509v3_add_len_value_uchar(const char *name, const unsigned char *value,
size_t vallen, STACK_OF(CONF_VALUE) **extlist);
/* Attribute addition functions not checking for duplicate attributes */
STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
X509_ATTRIBUTE *attr);
STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
const ASN1_OBJECT *obj,
int type,
const unsigned char *bytes,
int len);
STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
int nid, int type,
const unsigned char *bytes,
int len);
STACK_OF(X509_ATTRIBUTE) *ossl_x509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
const char *attrname,
int type,
const unsigned char *bytes,
int len);
#endif /* OSSL_CRYPTO_X509_H */

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_X509ERR_H
# define OSSL_CRYPTO_X509ERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_X509_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,27 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_CRYPTO_X509V3ERR_H
# define OSSL_CRYPTO_X509V3ERR_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/symhacks.h>
# ifdef __cplusplus
extern "C" {
# endif
int ossl_err_load_X509V3_strings(void);
# ifdef __cplusplus
}
# endif
#endif

View File

@ -0,0 +1,16 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* This file is only used by HP C on VMS, and is included automatically
* after each header file from this directory
*/
/* restore state. Must correspond to the save in __decc_include_prologue.h */
#pragma names restore

View File

@ -0,0 +1,20 @@
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* This file is only used by HP C on VMS, and is included automatically
* after each header file from this directory
*/
/* save state */
#pragma names save
/* have the compiler shorten symbols larger than 31 chars to 23 chars
* followed by a 8 hex char CRC
*/
#pragma names as_is,shortened

View File

@ -0,0 +1,18 @@
/*
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_ASN1_H
# define OSSL_INTERNAL_ASN1_H
# pragma once
# include <openssl/bio.h>
int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
#endif

View File

@ -0,0 +1,101 @@
/*
* Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_BIO_H
# define OSSL_INTERNAL_BIO_H
# pragma once
# include <openssl/core.h>
# include <openssl/bio.h>
struct bio_method_st {
int type;
char *name;
int (*bwrite) (BIO *, const char *, size_t, size_t *);
int (*bwrite_old) (BIO *, const char *, int);
int (*bread) (BIO *, char *, size_t, size_t *);
int (*bread_old) (BIO *, char *, int);
int (*bputs) (BIO *, const char *);
int (*bgets) (BIO *, char *, int);
long (*ctrl) (BIO *, int, long, void *);
int (*create) (BIO *);
int (*destroy) (BIO *);
long (*callback_ctrl) (BIO *, int, BIO_info_cb *);
int (*bsendmmsg) (BIO *, BIO_MSG *, size_t, size_t, uint64_t, size_t *);
int (*brecvmmsg) (BIO *, BIO_MSG *, size_t, size_t, uint64_t, size_t *);
};
void bio_free_ex_data(BIO *bio);
void bio_cleanup(void);
/* Old style to new style BIO_METHOD conversion functions */
int bwrite_conv(BIO *bio, const char *data, size_t datal, size_t *written);
int bread_conv(BIO *bio, char *data, size_t datal, size_t *read);
/* Changes to these internal BIOs must also update include/openssl/bio.h */
# define BIO_CTRL_SET_KTLS 72
# define BIO_CTRL_SET_KTLS_TX_SEND_CTRL_MSG 74
# define BIO_CTRL_CLEAR_KTLS_TX_CTRL_MSG 75
# define BIO_CTRL_SET_KTLS_TX_ZEROCOPY_SENDFILE 90
/*
* This is used with socket BIOs:
* BIO_FLAGS_KTLS_TX means we are using ktls with this BIO for sending.
* BIO_FLAGS_KTLS_TX_CTRL_MSG means we are about to send a ctrl message next.
* BIO_FLAGS_KTLS_RX means we are using ktls with this BIO for receiving.
* BIO_FLAGS_KTLS_TX_ZEROCOPY_SENDFILE means we are using the zerocopy mode with
* this BIO for sending using sendfile.
*/
# define BIO_FLAGS_KTLS_TX_CTRL_MSG 0x1000
# define BIO_FLAGS_KTLS_RX 0x2000
# define BIO_FLAGS_KTLS_TX 0x4000
# define BIO_FLAGS_KTLS_TX_ZEROCOPY_SENDFILE 0x8000
/* KTLS related controls and flags */
# define BIO_set_ktls_flag(b, is_tx) \
BIO_set_flags(b, (is_tx) ? BIO_FLAGS_KTLS_TX : BIO_FLAGS_KTLS_RX)
# define BIO_should_ktls_flag(b, is_tx) \
BIO_test_flags(b, (is_tx) ? BIO_FLAGS_KTLS_TX : BIO_FLAGS_KTLS_RX)
# define BIO_set_ktls_ctrl_msg_flag(b) \
BIO_set_flags(b, BIO_FLAGS_KTLS_TX_CTRL_MSG)
# define BIO_should_ktls_ctrl_msg_flag(b) \
BIO_test_flags(b, BIO_FLAGS_KTLS_TX_CTRL_MSG)
# define BIO_clear_ktls_ctrl_msg_flag(b) \
BIO_clear_flags(b, BIO_FLAGS_KTLS_TX_CTRL_MSG)
# define BIO_set_ktls_zerocopy_sendfile_flag(b) \
BIO_set_flags(b, BIO_FLAGS_KTLS_TX_ZEROCOPY_SENDFILE)
# define BIO_set_ktls(b, keyblob, is_tx) \
BIO_ctrl(b, BIO_CTRL_SET_KTLS, is_tx, keyblob)
# define BIO_set_ktls_ctrl_msg(b, record_type) \
BIO_ctrl(b, BIO_CTRL_SET_KTLS_TX_SEND_CTRL_MSG, record_type, NULL)
# define BIO_clear_ktls_ctrl_msg(b) \
BIO_ctrl(b, BIO_CTRL_CLEAR_KTLS_TX_CTRL_MSG, 0, NULL)
# define BIO_set_ktls_tx_zerocopy_sendfile(b) \
BIO_ctrl(b, BIO_CTRL_SET_KTLS_TX_ZEROCOPY_SENDFILE, 0, NULL)
/* Functions to allow the core to offer the CORE_BIO type to providers */
OSSL_CORE_BIO *ossl_core_bio_new_from_bio(BIO *bio);
OSSL_CORE_BIO *ossl_core_bio_new_file(const char *filename, const char *mode);
OSSL_CORE_BIO *ossl_core_bio_new_mem_buf(const void *buf, int len);
int ossl_core_bio_read_ex(OSSL_CORE_BIO *cb, void *data, size_t dlen,
size_t *readbytes);
int ossl_core_bio_write_ex(OSSL_CORE_BIO *cb, const void *data, size_t dlen,
size_t *written);
int ossl_core_bio_gets(OSSL_CORE_BIO *cb, char *buf, int size);
int ossl_core_bio_puts(OSSL_CORE_BIO *cb, const char *buf);
long ossl_core_bio_ctrl(OSSL_CORE_BIO *cb, int cmd, long larg, void *parg);
int ossl_core_bio_up_ref(OSSL_CORE_BIO *cb);
int ossl_core_bio_free(OSSL_CORE_BIO *cb);
int ossl_core_bio_vprintf(OSSL_CORE_BIO *cb, const char *format, va_list args);
int ossl_bio_init_core(OSSL_LIB_CTX *libctx, const OSSL_DISPATCH *fns);
#endif

View File

@ -0,0 +1,29 @@
/*
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_BIO_ADDR_H
# define OSSL_BIO_ADDR_H
# include "internal/e_os.h"
# include "internal/sockets.h"
# ifndef OPENSSL_NO_SOCK
union bio_addr_st {
struct sockaddr sa;
# if OPENSSL_USE_IPV6
struct sockaddr_in6 s_in6;
# endif
struct sockaddr_in s_in;
# ifndef OPENSSL_NO_UNIX_SOCK
struct sockaddr_un s_un;
# endif
};
# endif
#endif

View File

@ -0,0 +1,151 @@
/*
* Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/*
* Contains definitions for simplifying the use of TCP Fast Open
* (RFC7413) in OpenSSL socket BIOs.
*/
/* If a supported OS is added here, update test/bio_tfo_test.c */
#if defined(TCP_FASTOPEN) && !defined(OPENSSL_NO_TFO)
# if defined(OPENSSL_SYS_MACOSX) || defined(__FreeBSD__)
# include <sys/sysctl.h>
# endif
/*
* OSSL_TFO_SYSCTL is used to determine if TFO is supported by
* this kernel, and if supported, if it is enabled. This is more of
* a problem on FreeBSD 10.3 ~ 11.4, where TCP_FASTOPEN was defined,
* but not enabled by default in the kernel, and only for the server.
* Linux does not have sysctlbyname(), and the closest equivalent
* is to go into the /proc filesystem, but I'm not sure it's
* worthwhile.
*
* On MacOS and Linux:
* These operating systems use a single parameter to control TFO.
* The OSSL_TFO_CLIENT_FLAG and OSSL_TFO_SERVER_FLAGS are used to
* determine if TFO is enabled for the client and server respectively.
*
* OSSL_TFO_CLIENT_FLAG = 1 = client TFO enabled
* OSSL_TFO_SERVER_FLAG = 2 = server TFO enabled
*
* Such that:
* 0 = TFO disabled
* 3 = server and client TFO enabled
*
* macOS 10.14 and later support TFO.
* Linux kernel 3.6 added support for client TFO.
* Linux kernel 3.7 added support for server TFO.
* Linux kernel 3.13 enabled TFO by default.
* Linux kernel 4.11 added the TCP_FASTOPEN_CONNECT option.
*
* On FreeBSD:
* FreeBSD 10.3 ~ 11.4 uses a single sysctl for server enable.
* FreeBSD 12.0 and later uses separate sysctls for server and
* client enable.
*
* Some options are purposely NOT defined per-platform
*
* OSSL_TFO_SYSCTL
* Defined as a sysctlbyname() option to determine if
* TFO is enabled in the kernel (macOS, FreeBSD)
*
* OSSL_TFO_SERVER_SOCKOPT
* Defined to indicate the socket option used to enable
* TFO on a server socket (all)
*
* OSSL_TFO_SERVER_SOCKOPT_VALUE
* Value to be used with OSSL_TFO_SERVER_SOCKOPT
*
* OSSL_TFO_CONNECTX
* Use the connectx() function to make a client connection
* (macOS)
*
* OSSL_TFO_CLIENT_SOCKOPT
* Defined to indicate the socket option used to enable
* TFO on a client socket (FreeBSD, Linux 4.14 and later)
*
* OSSL_TFO_SENDTO
* Defined to indicate the sendto() message type to
* be used to initiate a TFO connection (FreeBSD,
* Linux pre-4.14)
*
* OSSL_TFO_DO_NOT_CONNECT
* Defined to skip calling connect() when creating a
* client socket (macOS, FreeBSD, Linux pre-4.14)
*/
# if defined(OPENSSL_SYS_WINDOWS)
/*
* NO WINDOWS SUPPORT
*
* But this is what would be used on the server:
*
* define OSSL_TFO_SERVER_SOCKOPT TCP_FASTOPEN
* define OSSL_TFO_SERVER_SOCKOPT_VALUE 1
*
* Still have to figure out client support
*/
# undef TCP_FASTOPEN
# endif
/* NO VMS SUPPORT */
# if defined(OPENSSL_SYS_VMS)
# undef TCP_FASTOPEN
# endif
# if defined(OPENSSL_SYS_MACOSX)
# define OSSL_TFO_SYSCTL "net.inet.tcp.fastopen"
# define OSSL_TFO_SERVER_SOCKOPT TCP_FASTOPEN
# define OSSL_TFO_SERVER_SOCKOPT_VALUE 1
# define OSSL_TFO_CONNECTX 1
# define OSSL_TFO_DO_NOT_CONNECT 1
# define OSSL_TFO_CLIENT_FLAG 1
# define OSSL_TFO_SERVER_FLAG 2
# endif
# if defined(__FreeBSD__)
# if defined(TCP_FASTOPEN_PSK_LEN)
/* As of 12.0 these are the SYSCTLs */
# define OSSL_TFO_SYSCTL_SERVER "net.inet.tcp.fastopen.server_enable"
# define OSSL_TFO_SYSCTL_CLIENT "net.inet.tcp.fastopen.client_enable"
# define OSSL_TFO_SERVER_SOCKOPT TCP_FASTOPEN
# define OSSL_TFO_SERVER_SOCKOPT_VALUE MAX_LISTEN
# define OSSL_TFO_CLIENT_SOCKOPT TCP_FASTOPEN
# define OSSL_TFO_DO_NOT_CONNECT 1
# define OSSL_TFO_SENDTO 0
/* These are the same because the sysctl are client/server-specific */
# define OSSL_TFO_CLIENT_FLAG 1
# define OSSL_TFO_SERVER_FLAG 1
# else
/* 10.3 through 11.4 SYSCTL - ONLY SERVER SUPPORT */
# define OSSL_TFO_SYSCTL "net.inet.tcp.fastopen.enabled"
# define OSSL_TFO_SERVER_SOCKOPT TCP_FASTOPEN
# define OSSL_TFO_SERVER_SOCKOPT_VALUE MAX_LISTEN
# define OSSL_TFO_SERVER_FLAG 1
# endif
# endif
# if defined(OPENSSL_SYS_LINUX)
/* OSSL_TFO_PROC not used, but of interest */
# define OSSL_TFO_PROC "/proc/sys/net/ipv4/tcp_fastopen"
# define OSSL_TFO_SERVER_SOCKOPT TCP_FASTOPEN
# define OSSL_TFO_SERVER_SOCKOPT_VALUE MAX_LISTEN
# if defined(TCP_FASTOPEN_CONNECT)
# define OSSL_TFO_CLIENT_SOCKOPT TCP_FASTOPEN_CONNECT
# else
# define OSSL_TFO_SENDTO MSG_FASTOPEN
# define OSSL_TFO_DO_NOT_CONNECT 1
# endif
# define OSSL_TFO_CLIENT_FLAG 1
# define OSSL_TFO_SERVER_FLAG 2
# endif
#endif

View File

@ -0,0 +1,217 @@
/*
* Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef OSSL_INTERNAL_COMMON_H
# define OSSL_INTERNAL_COMMON_H
# pragma once
# include <stdlib.h>
# include <string.h>
# include "openssl/configuration.h"
# include "internal/e_os.h" /* ossl_inline in many files */
# include "internal/nelem.h"
# if defined(__GNUC__) || defined(__clang__)
# define likely(x) __builtin_expect(!!(x), 1)
# define unlikely(x) __builtin_expect(!!(x), 0)
# else
# define likely(x) x
# define unlikely(x) x
# endif
# if defined(__GNUC__) || defined(__clang__)
# define ALIGN32 __attribute((aligned(32)))
# define ALIGN64 __attribute((aligned(64)))
# elif defined(_MSC_VER)
# define ALIGN32 __declspec(align(32))
# define ALIGN64 __declspec(align(64))
# else
# define ALIGN32
# define ALIGN64
# endif
# ifdef NDEBUG
# define ossl_assert(x) ((x) != 0)
# else
__owur static ossl_inline int ossl_assert_int(int expr, const char *exprstr,
const char *file, int line)
{
if (!expr)
OPENSSL_die(exprstr, file, line);
return expr;
}
# define ossl_assert(x) ossl_assert_int((x) != 0, "Assertion failed: "#x, \
__FILE__, __LINE__)
# endif
/* Check if |pre|, which must be a string literal, is a prefix of |str| */
#define HAS_PREFIX(str, pre) (strncmp(str, pre "", sizeof(pre) - 1) == 0)
/* As before, and if check succeeds, advance |str| past the prefix |pre| */
#define CHECK_AND_SKIP_PREFIX(str, pre) \
(HAS_PREFIX(str, pre) ? ((str) += sizeof(pre) - 1, 1) : 0)
/* Check if the string literal |p| is a case-insensitive prefix of |s| */
#define HAS_CASE_PREFIX(s, p) (OPENSSL_strncasecmp(s, p "", sizeof(p) - 1) == 0)
/* As before, and if check succeeds, advance |str| past the prefix |pre| */
#define CHECK_AND_SKIP_CASE_PREFIX(str, pre) \
(HAS_CASE_PREFIX(str, pre) ? ((str) += sizeof(pre) - 1, 1) : 0)
/* Check if the string literal |suffix| is a case-insensitive suffix of |str| */
#define HAS_CASE_SUFFIX(str, suffix) (strlen(str) < sizeof(suffix) - 1 ? 0 : \
OPENSSL_strcasecmp(str + strlen(str) - sizeof(suffix) + 1, suffix "") == 0)
/*
* Use this inside a union with the field that needs to be aligned to a
* reasonable boundary for the platform. The most pessimistic alignment
* of the listed types will be used by the compiler.
*/
# define OSSL_UNION_ALIGN \
double align; \
ossl_uintmax_t align_int; \
void *align_ptr
# define OPENSSL_CONF "openssl.cnf"
# ifndef OPENSSL_SYS_VMS
# define X509_CERT_AREA OPENSSLDIR
# define X509_CERT_DIR OPENSSLDIR "/certs"
# define X509_CERT_FILE OPENSSLDIR "/cert.pem"
# define X509_PRIVATE_DIR OPENSSLDIR "/private"
# define CTLOG_FILE OPENSSLDIR "/ct_log_list.cnf"
# else
# define X509_CERT_AREA "OSSL$DATAROOT:[000000]"
# define X509_CERT_DIR "OSSL$DATAROOT:[CERTS]"
# define X509_CERT_FILE "OSSL$DATAROOT:[000000]cert.pem"
# define X509_PRIVATE_DIR "OSSL$DATAROOT:[PRIVATE]"
# define CTLOG_FILE "OSSL$DATAROOT:[000000]ct_log_list.cnf"
# endif
# define X509_CERT_DIR_EVP "SSL_CERT_DIR"
# define X509_CERT_FILE_EVP "SSL_CERT_FILE"
# define CTLOG_FILE_EVP "CTLOG_FILE"
/* size of string representations */
# define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1)
# define HEX_SIZE(type) (sizeof(type)*2)
# define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
l|=(((unsigned long)(*((c)++)))<< 8), \
l|=(((unsigned long)(*((c)++)))<<16), \
l|=(((unsigned long)(*((c)++)))<<24))
/* NOTE - c is not incremented as per c2l */
# define c2ln(c,l1,l2,n) { \
c+=n; \
l1=l2=0; \
switch (n) { \
case 8: l2 =((unsigned long)(*(--(c))))<<24; \
case 7: l2|=((unsigned long)(*(--(c))))<<16; \
case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
case 5: l2|=((unsigned long)(*(--(c)))); \
case 4: l1 =((unsigned long)(*(--(c))))<<24; \
case 3: l1|=((unsigned long)(*(--(c))))<<16; \
case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
case 1: l1|=((unsigned long)(*(--(c)))); \
} \
}
# define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
*((c)++)=(unsigned char)(((l)>>24)&0xff))
# define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \
l|=((unsigned long)(*((c)++)))<<16, \
l|=((unsigned long)(*((c)++)))<< 8, \
l|=((unsigned long)(*((c)++))))
# define n2l8(c,l) (l =((uint64_t)(*((c)++)))<<56, \
l|=((uint64_t)(*((c)++)))<<48, \
l|=((uint64_t)(*((c)++)))<<40, \
l|=((uint64_t)(*((c)++)))<<32, \
l|=((uint64_t)(*((c)++)))<<24, \
l|=((uint64_t)(*((c)++)))<<16, \
l|=((uint64_t)(*((c)++)))<< 8, \
l|=((uint64_t)(*((c)++))))
# define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l) )&0xff))
# define l2n8(l,c) (*((c)++)=(unsigned char)(((l)>>56)&0xff), \
*((c)++)=(unsigned char)(((l)>>48)&0xff), \
*((c)++)=(unsigned char)(((l)>>40)&0xff), \
*((c)++)=(unsigned char)(((l)>>32)&0xff), \
*((c)++)=(unsigned char)(((l)>>24)&0xff), \
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l) )&0xff))
/* NOTE - c is not incremented as per l2c */
# define l2cn(l1,l2,c,n) { \
c+=n; \
switch (n) { \
case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
} \
}
# define n2s(c,s) ((s=(((unsigned int)((c)[0]))<< 8)| \
(((unsigned int)((c)[1])) )),(c)+=2)
# define s2n(s,c) (((c)[0]=(unsigned char)(((s)>> 8)&0xff), \
(c)[1]=(unsigned char)(((s) )&0xff)),(c)+=2)
# define n2l3(c,l) ((l =(((unsigned long)((c)[0]))<<16)| \
(((unsigned long)((c)[1]))<< 8)| \
(((unsigned long)((c)[2])) )),(c)+=3)
# define l2n3(l,c) (((c)[0]=(unsigned char)(((l)>>16)&0xff), \
(c)[1]=(unsigned char)(((l)>> 8)&0xff), \
(c)[2]=(unsigned char)(((l) )&0xff)),(c)+=3)
static ossl_inline int ossl_ends_with_dirsep(const char *path)
{
if (*path != '\0')
path += strlen(path) - 1;
# if defined __VMS
if (*path == ']' || *path == '>' || *path == ':')
return 1;
# elif defined _WIN32
if (*path == '\\')
return 1;
# endif
return *path == '/';
}
static ossl_inline int ossl_is_absolute_path(const char *path)
{
# if defined __VMS
if (strchr(path, ':') != NULL
|| ((path[0] == '[' || path[0] == '<')
&& path[1] != '.' && path[1] != '-'
&& path[1] != ']' && path[1] != '>'))
return 1;
# elif defined _WIN32
if (path[0] == '\\'
|| (path[0] != '\0' && path[1] == ':'))
return 1;
# endif
return path[0] == '/';
}
#endif

Some files were not shown because too many files have changed in this diff Show More