X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=crypto%2Fevp%2Fevp.h;h=042dc1c577342385010dbbce6fc8a22ee879779c;hb=b3d8022eddb3c6c3e840054fcf3dcd77d1c3c2be;hp=8a7218fa09470757b2c164740cdde7e2dc8b9b13;hpb=52cfa39716ede61d4eff048ce259d10816d4008b;p=openssl.git diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 8a7218fa09..042dc1c577 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -115,6 +115,8 @@ #define EVP_PKEY_DSA4 NID_dsaWithSHA1_2 #define EVP_PKEY_DH NID_dhKeyAgreement #define EVP_PKEY_EC NID_X9_62_id_ecPublicKey +#define EVP_PKEY_HMAC NID_hmac +#define EVP_PKEY_CMAC NID_cmac #ifdef __cplusplus extern "C" { @@ -215,6 +217,8 @@ typedef int evp_verify_method(int type,const unsigned char *m, #define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018 +#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */ + /* Digest ctrls */ #define EVP_MD_CTRL_DIGALGID 0x1 @@ -266,6 +270,8 @@ struct env_md_ctx_st void *md_data; /* Public key context for sign/verify */ EVP_PKEY_CTX *pctx; + /* Update function: usually copied from EVP_MD */ + int (*update)(EVP_MD_CTX *ctx,const void *data,size_t count); } /* EVP_MD_CTX */; /* values for EVP_MD_CTX flags */ @@ -276,14 +282,23 @@ struct env_md_ctx_st * cleaned */ #define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data * in EVP_MD_CTX_cleanup */ +/* FIPS and pad options are ignored in 1.0.0, definitions are here + * so we don't accidentally reuse the values for other purposes. + */ -/* MD operational flags */ +#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non FIPS digest + * in FIPS mode */ -#define EVP_MD_CTX_FLAG_OP_MASK 0x00f0 +/* The following PAD options are also currently ignored in 1.0.0, digest + * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*() + * instead. + */ +#define EVP_MD_CTX_FLAG_PAD_MASK 0xF0 /* RSA mode to use */ +#define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00 /* PKCS#1 v1.5 mode */ +#define EVP_MD_CTX_FLAG_PAD_X931 0x10 /* X9.31 mode */ +#define EVP_MD_CTX_FLAG_PAD_PSS 0x20 /* PSS mode */ -#define EVP_MD_CTX_FLAG_OP_DIGEST 0x0000 -#define EVP_MD_CTX_FLAG_OP_SIGN 0x0010 -#define EVP_MD_CTX_FLAG_OP_VERIFY 0x0020 +#define EVP_MD_CTX_FLAG_NO_INIT 0x0100 /* Don't initialize md_data */ struct evp_cipher_st { @@ -295,7 +310,7 @@ struct evp_cipher_st int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc); /* init key */ int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */ + const unsigned char *in, size_t inl);/* encrypt/decrypt data */ int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */ int ctx_size; /* how big ctx->cipher_data needs to be */ int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */ @@ -313,7 +328,9 @@ struct evp_cipher_st #define EVP_CIPH_CBC_MODE 0x2 #define EVP_CIPH_CFB_MODE 0x3 #define EVP_CIPH_OFB_MODE 0x4 -#define EVP_CIPH_MODE 0x7 +#define EVP_CIPH_CTR_MODE 0x5 +#define EVP_CIPH_GCM_MODE 0x6 +#define EVP_CIPH_MODE 0xF0007 /* Set if variable length cipher */ #define EVP_CIPH_VARIABLE_LENGTH 0x8 /* Set if the iv handling should be done by the cipher itself */ @@ -328,6 +345,20 @@ struct evp_cipher_st #define EVP_CIPH_NO_PADDING 0x100 /* cipher handles random key generation */ #define EVP_CIPH_RAND_KEY 0x200 +/* cipher has its own additional copying logic */ +#define EVP_CIPH_CUSTOM_COPY 0x400 +/* Allow use default ASN1 get/set iv */ +#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000 +/* Buffer length in bits not bytes: CFB1 mode only */ +#define EVP_CIPH_FLAG_LENGTH_BITS 0x2000 +/* Note if suitable for use in FIPS mode */ +#define EVP_CIPH_FLAG_FIPS 0x4000 +/* Allow non FIPS cipher in FIPS mode */ +#define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000 +/* Cipher handles any and all padding logic as well + * as finalisation. + */ +#define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x10000 /* ctrl() values */ @@ -339,6 +370,12 @@ struct evp_cipher_st #define EVP_CTRL_SET_RC5_ROUNDS 0x5 #define EVP_CTRL_RAND_KEY 0x6 #define EVP_CTRL_PBE_PRF_NID 0x7 +#define EVP_CTRL_COPY 0x8 +#define EVP_CTRL_GCM_SET_IVLEN 0x9 +#define EVP_CTRL_GCM_GET_TAG 0x10 +#define EVP_CTRL_GCM_SET_TAG 0x11 +#define EVP_CTRL_GCM_SET_IV_FIXED 0x12 +#define EVP_CTRL_GCM_IV_GEN 0x13 typedef struct evp_cipher_info_st { @@ -411,12 +448,29 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) +/* Macros to reduce FIPS dependencies: do NOT use in applications */ +#define M_EVP_MD_size(e) ((e)->md_size) +#define M_EVP_MD_block_size(e) ((e)->block_size) +#define M_EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs)) +#define M_EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs)) +#define M_EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs)) +#define M_EVP_MD_type(e) ((e)->type) +#define M_EVP_MD_CTX_type(e) M_EVP_MD_type(M_EVP_MD_CTX_md(e)) +#define M_EVP_MD_CTX_md(e) ((e)->digest) + +#define M_EVP_CIPHER_CTX_iv_length(e) (e->cipher->iv_len) +#define M_EVP_CIPHER_CTX_flags(e) (e->cipher->flags) +#define M_EVP_CIPHER_CTX_mode(e) (M_EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE) + +#define M_EVP_CIPHER_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs)) + int EVP_MD_type(const EVP_MD *md); #define EVP_MD_nid(e) EVP_MD_type(e) #define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e)) int EVP_MD_pkey_type(const EVP_MD *md); int EVP_MD_size(const EVP_MD *md); int EVP_MD_block_size(const EVP_MD *md); +unsigned long EVP_MD_flags(const EVP_MD *md); const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx); #define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e)) @@ -436,6 +490,7 @@ int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx); int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx); int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx); int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx); +int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in); void * EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx); void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data); #define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c)) @@ -467,7 +522,7 @@ void BIO_set_md(BIO *,const EVP_MD *md); #define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL) #define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp) -int EVP_Cipher(EVP_CIPHER_CTX *c, +__owur int EVP_Cipher(EVP_CIPHER_CTX *c, unsigned char *out, const unsigned char *in, unsigned int inl); @@ -485,83 +540,88 @@ void EVP_MD_CTX_init(EVP_MD_CTX *ctx); int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx); EVP_MD_CTX *EVP_MD_CTX_create(void); void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); -int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in); +__owur int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in); void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags); void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags); int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx,int flags); -int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); -int EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d, +__owur int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); +__owur int EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d, size_t cnt); -int EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); -int EVP_Digest(const void *data, size_t count, +__owur int EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); +__owur int EVP_Digest(const void *data, size_t count, unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl); -int EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in); -int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); -int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); +__owur int EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in); +__owur int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); +__owur int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify); +int EVP_read_pw_string_min(char *buf,int minlen,int maxlen,const char *prompt,int verify); void EVP_set_pw_prompt(const char *prompt); char * EVP_get_pw_prompt(void); -int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md, +__owur int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md, const unsigned char *salt, const unsigned char *data, int datal, int count, unsigned char *key,unsigned char *iv); -int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, +void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags); +void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags); +int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx,int flags); + +__owur int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, const unsigned char *key, const unsigned char *iv); -int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, +__owur int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, const unsigned char *key, const unsigned char *iv); -int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, +__owur int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl); -int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); -int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); +__owur int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); +__owur int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); -int EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, +__owur int EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, const unsigned char *key, const unsigned char *iv); -int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, +__owur int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, const unsigned char *key, const unsigned char *iv); -int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, +__owur int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl); -int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); -int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); +__owur int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); +__owur int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); -int EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, +__owur int EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, const unsigned char *key,const unsigned char *iv, int enc); -int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, +__owur int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, const unsigned char *key,const unsigned char *iv, int enc); -int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, +__owur int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl); -int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); -int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); +__owur int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); +__owur int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); -int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s, +__owur int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s, EVP_PKEY *pkey); -int EVP_VerifyFinal(EVP_MD_CTX *ctx,const unsigned char *sigbuf, +__owur int EVP_VerifyFinal(EVP_MD_CTX *ctx,const unsigned char *sigbuf, unsigned int siglen,EVP_PKEY *pkey); -int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, +__owur int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); -int EVP_DigestSignFinal(EVP_MD_CTX *ctx, +__owur int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen); -int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, +__owur int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); -int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, +__owur int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen); -int EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type, +__owur int EVP_OpenInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type, const unsigned char *ek, int ekl, const unsigned char *iv, EVP_PKEY *priv); -int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); +__owur int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); -int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, +__owur int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk); -int EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl); +__owur int EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl); void EVP_EncodeInit(EVP_ENCODE_CTX *ctx); void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl, @@ -590,7 +650,7 @@ BIO_METHOD *BIO_f_md(void); BIO_METHOD *BIO_f_base64(void); BIO_METHOD *BIO_f_cipher(void); BIO_METHOD *BIO_f_reliable(void); -void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,const unsigned char *k, +__owur int BIO_set_cipher(BIO *b,const EVP_CIPHER *c,const unsigned char *k, const unsigned char *i, int enc); #endif @@ -715,9 +775,8 @@ const EVP_CIPHER *EVP_aes_128_cfb8(void); const EVP_CIPHER *EVP_aes_128_cfb128(void); # define EVP_aes_128_cfb EVP_aes_128_cfb128 const EVP_CIPHER *EVP_aes_128_ofb(void); -#if 0 const EVP_CIPHER *EVP_aes_128_ctr(void); -#endif +const EVP_CIPHER *EVP_aes_128_gcm(void); const EVP_CIPHER *EVP_aes_192_ecb(void); const EVP_CIPHER *EVP_aes_192_cbc(void); const EVP_CIPHER *EVP_aes_192_cfb1(void); @@ -725,9 +784,8 @@ const EVP_CIPHER *EVP_aes_192_cfb8(void); const EVP_CIPHER *EVP_aes_192_cfb128(void); # define EVP_aes_192_cfb EVP_aes_192_cfb128 const EVP_CIPHER *EVP_aes_192_ofb(void); -#if 0 const EVP_CIPHER *EVP_aes_192_ctr(void); -#endif +const EVP_CIPHER *EVP_aes_192_gcm(void); const EVP_CIPHER *EVP_aes_256_ecb(void); const EVP_CIPHER *EVP_aes_256_cbc(void); const EVP_CIPHER *EVP_aes_256_cfb1(void); @@ -735,9 +793,8 @@ const EVP_CIPHER *EVP_aes_256_cfb8(void); const EVP_CIPHER *EVP_aes_256_cfb128(void); # define EVP_aes_256_cfb EVP_aes_256_cfb128 const EVP_CIPHER *EVP_aes_256_ofb(void); -#if 0 const EVP_CIPHER *EVP_aes_256_ctr(void); -#endif +const EVP_CIPHER *EVP_aes_256_gcm(void); #endif #ifndef OPENSSL_NO_CAMELLIA const EVP_CIPHER *EVP_camellia_128_ecb(void); @@ -763,6 +820,14 @@ const EVP_CIPHER *EVP_camellia_256_cfb128(void); const EVP_CIPHER *EVP_camellia_256_ofb(void); #endif +#ifndef OPENSSL_NO_SEED +const EVP_CIPHER *EVP_seed_ecb(void); +const EVP_CIPHER *EVP_seed_cbc(void); +const EVP_CIPHER *EVP_seed_cfb128(void); +# define EVP_seed_cfb EVP_seed_cfb128 +const EVP_CIPHER *EVP_seed_ofb(void); +#endif + void OPENSSL_add_all_algorithms_noconf(void); void OPENSSL_add_all_algorithms_conf(void); @@ -915,6 +980,8 @@ void EVP_PBE_cleanup(void); #define ASN1_PKEY_CTRL_PKCS7_SIGN 0x1 #define ASN1_PKEY_CTRL_PKCS7_ENCRYPT 0x2 #define ASN1_PKEY_CTRL_DEFAULT_MD_NID 0x3 +#define ASN1_PKEY_CTRL_CMS_SIGN 0x5 +#define ASN1_PKEY_CTRL_CMS_ENVELOPE 0x7 int EVP_PKEY_asn1_get_count(void); const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx); @@ -927,8 +994,11 @@ int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags, const char **pinfo, const char **ppem_str, const EVP_PKEY_ASN1_METHOD *ameth); +const EVP_PKEY_ASN1_METHOD* EVP_PKEY_get0_asn1(EVP_PKEY *pkey); EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags, const char *pem_str, const char *info); +void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, + const EVP_PKEY_ASN1_METHOD *src); void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth); void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth, int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub), @@ -997,12 +1067,33 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, #define EVP_PKEY_CTRL_PKCS7_SIGN 5 +#define EVP_PKEY_CTRL_SET_MAC_KEY 6 + +#define EVP_PKEY_CTRL_DIGESTINIT 7 + +/* Used by GOST key encryption in TLS */ +#define EVP_PKEY_CTRL_SET_IV 8 + +#define EVP_PKEY_CTRL_CMS_ENCRYPT 9 +#define EVP_PKEY_CTRL_CMS_DECRYPT 10 +#define EVP_PKEY_CTRL_CMS_SIGN 11 + +#define EVP_PKEY_CTRL_CIPHER 12 + #define EVP_PKEY_ALG_CTRL 0x1000 + #define EVP_PKEY_FLAG_AUTOARGLEN 2 +/* Method handles all operations: don't assume any digest related + * defaults. + */ +#define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4 const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type); EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags); +void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, + const EVP_PKEY_METHOD *meth); +void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src); void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth); int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth); @@ -1019,10 +1110,15 @@ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx); void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen); +EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, + const unsigned char *key, int keylen); + void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data); void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx); EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx); +EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx); + void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data); void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx); @@ -1108,7 +1204,7 @@ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth, void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth, int (*encrypt_init)(EVP_PKEY_CTX *ctx), - int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, + int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen)); void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth, @@ -1134,20 +1230,24 @@ void ERR_load_EVP_strings(void); /* Error codes for the EVP functions. */ /* Function codes. */ +#define EVP_F_AESNI_INIT_KEY 165 #define EVP_F_AES_INIT_KEY 133 #define EVP_F_CAMELLIA_INIT_KEY 159 #define EVP_F_D2I_PKEY 100 +#define EVP_F_DO_SIGVER_INIT 161 #define EVP_F_DSAPKEY2PKCS8 134 #define EVP_F_DSA_PKEY2PKCS8 135 #define EVP_F_ECDSA_PKEY2PKCS8 129 #define EVP_F_ECKEY_PKEY2PKCS8 132 #define EVP_F_EVP_CIPHERINIT_EX 123 +#define EVP_F_EVP_CIPHER_CTX_COPY 163 #define EVP_F_EVP_CIPHER_CTX_CTRL 124 #define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 #define EVP_F_EVP_DECRYPTFINAL_EX 101 #define EVP_F_EVP_DIGESTINIT_EX 128 #define EVP_F_EVP_ENCRYPTFINAL_EX 127 #define EVP_F_EVP_MD_CTX_COPY_EX 110 +#define EVP_F_EVP_MD_SIZE 162 #define EVP_F_EVP_OPENINIT 102 #define EVP_F_EVP_PBE_ALG_ADD 115 #define EVP_F_EVP_PBE_ALG_ADD_TYPE 160 @@ -1187,15 +1287,21 @@ void ERR_load_EVP_strings(void); #define EVP_F_EVP_RIJNDAEL 126 #define EVP_F_EVP_SIGNFINAL 107 #define EVP_F_EVP_VERIFYFINAL 108 +#define EVP_F_FIPS_CIPHERINIT 166 +#define EVP_F_FIPS_CIPHER_CTX_CTRL 167 +#define EVP_F_FIPS_DIGESTINIT 168 +#define EVP_F_FIPS_MD_CTX_COPY 169 #define EVP_F_INT_CTX_NEW 157 #define EVP_F_PKCS5_PBE_KEYIVGEN 117 #define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118 +#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164 #define EVP_F_PKCS8_SET_BROKEN 112 #define EVP_F_PKEY_SET_TYPE 158 #define EVP_F_RC2_MAGIC_TO_METH 109 #define EVP_F_RC5_CTRL 125 /* Reason codes. */ +#define EVP_R_AES_IV_SETUP_FAILED 162 #define EVP_R_AES_KEY_SETUP_FAILED 143 #define EVP_R_ASN1_LIB 140 #define EVP_R_BAD_BLOCK_LENGTH 136 @@ -1227,9 +1333,11 @@ void ERR_load_EVP_strings(void); #define EVP_R_INVALID_OPERATION 148 #define EVP_R_IV_TOO_LARGE 102 #define EVP_R_KEYGEN_FAILURE 120 +#define EVP_R_MESSAGE_DIGEST_IS_NULL 159 #define EVP_R_METHOD_NOT_SUPPORTED 144 #define EVP_R_MISSING_PARAMETERS 103 #define EVP_R_NO_CIPHER_SET 131 +#define EVP_R_NO_DEFAULT_DIGEST 158 #define EVP_R_NO_DIGEST_SET 139 #define EVP_R_NO_DSA_PARAMETERS 116 #define EVP_R_NO_KEY_SET 154 @@ -1242,6 +1350,8 @@ void ERR_load_EVP_strings(void); #define EVP_R_PRIVATE_KEY_DECODE_ERROR 145 #define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146 #define EVP_R_PUBLIC_KEY_NOT_RSA 106 +#define EVP_R_UNKNOWN_CIPHER 160 +#define EVP_R_UNKNOWN_DIGEST 161 #define EVP_R_UNKNOWN_PBE_ALGORITHM 121 #define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135 #define EVP_R_UNSUPPORTED_ALGORITHM 156