2 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/evp.h>
11 #include <openssl/core_numbers.h>
12 #include "internal/refcount.h"
15 * Don't free up md_ctx->pctx in EVP_MD_CTX_reset, use the reserved flag
18 #define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400
20 struct evp_pkey_ctx_st {
21 /* Actual operation */
25 * Library context, Algorithm name and properties associated
29 const char *algorithm;
30 const char *propquery;
32 /* cached key manager */
37 EVP_KEYEXCH *exchange;
42 EVP_SIGNATURE *signature;
47 /* Legacy fields below */
49 /* Method associated with this operation */
50 const EVP_PKEY_METHOD *pmeth;
51 /* Engine that implements this method or NULL if builtin */
53 /* Key: may be NULL */
55 /* Peer key for key agreement, may be NULL */
57 /* Algorithm specific data */
59 /* Application specific data */
62 EVP_PKEY_gen_cb *pkey_gencb;
63 /* implementation specific keygen data */
65 int keygen_info_count;
66 } /* EVP_PKEY_CTX */ ;
68 #define EVP_PKEY_FLAG_DYNAMIC 1
70 struct evp_pkey_method_st {
73 int (*init) (EVP_PKEY_CTX *ctx);
74 int (*copy) (EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src);
75 void (*cleanup) (EVP_PKEY_CTX *ctx);
76 int (*paramgen_init) (EVP_PKEY_CTX *ctx);
77 int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
78 int (*keygen_init) (EVP_PKEY_CTX *ctx);
79 int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
80 int (*sign_init) (EVP_PKEY_CTX *ctx);
81 int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
82 const unsigned char *tbs, size_t tbslen);
83 int (*verify_init) (EVP_PKEY_CTX *ctx);
84 int (*verify) (EVP_PKEY_CTX *ctx,
85 const unsigned char *sig, size_t siglen,
86 const unsigned char *tbs, size_t tbslen);
87 int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
88 int (*verify_recover) (EVP_PKEY_CTX *ctx,
89 unsigned char *rout, size_t *routlen,
90 const unsigned char *sig, size_t siglen);
91 int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
92 int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
94 int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
95 int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
97 int (*encrypt_init) (EVP_PKEY_CTX *ctx);
98 int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
99 const unsigned char *in, size_t inlen);
100 int (*decrypt_init) (EVP_PKEY_CTX *ctx);
101 int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
102 const unsigned char *in, size_t inlen);
103 int (*derive_init) (EVP_PKEY_CTX *ctx);
104 int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
105 int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
106 int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);
107 int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
108 const unsigned char *tbs, size_t tbslen);
109 int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
110 size_t siglen, const unsigned char *tbs,
112 int (*check) (EVP_PKEY *pkey);
113 int (*public_check) (EVP_PKEY *pkey);
114 int (*param_check) (EVP_PKEY *pkey);
116 int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
117 } /* EVP_PKEY_METHOD */ ;
119 DEFINE_STACK_OF_CONST(EVP_PKEY_METHOD)
121 void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
123 const EVP_PKEY_METHOD *cmac_pkey_method(void);
124 const EVP_PKEY_METHOD *dh_pkey_method(void);
125 const EVP_PKEY_METHOD *dhx_pkey_method(void);
126 const EVP_PKEY_METHOD *dsa_pkey_method(void);
127 const EVP_PKEY_METHOD *ec_pkey_method(void);
128 const EVP_PKEY_METHOD *sm2_pkey_method(void);
129 const EVP_PKEY_METHOD *ecx25519_pkey_method(void);
130 const EVP_PKEY_METHOD *ecx448_pkey_method(void);
131 const EVP_PKEY_METHOD *ed25519_pkey_method(void);
132 const EVP_PKEY_METHOD *ed448_pkey_method(void);
133 const EVP_PKEY_METHOD *hmac_pkey_method(void);
134 const EVP_PKEY_METHOD *rsa_pkey_method(void);
135 const EVP_PKEY_METHOD *rsa_pss_pkey_method(void);
136 const EVP_PKEY_METHOD *scrypt_pkey_method(void);
137 const EVP_PKEY_METHOD *tls1_prf_pkey_method(void);
138 const EVP_PKEY_METHOD *hkdf_pkey_method(void);
139 const EVP_PKEY_METHOD *poly1305_pkey_method(void);
140 const EVP_PKEY_METHOD *siphash_pkey_method(void);
146 CRYPTO_REF_COUNT refcnt;
149 OSSL_OP_mac_newctx_fn *newctx;
150 OSSL_OP_mac_dupctx_fn *dupctx;
151 OSSL_OP_mac_freectx_fn *freectx;
152 OSSL_OP_mac_size_fn *size;
153 OSSL_OP_mac_init_fn *init;
154 OSSL_OP_mac_update_fn *update;
155 OSSL_OP_mac_final_fn *final;
156 OSSL_OP_mac_gettable_params_fn *gettable_params;
157 OSSL_OP_mac_gettable_ctx_params_fn *gettable_ctx_params;
158 OSSL_OP_mac_settable_ctx_params_fn *settable_ctx_params;
159 OSSL_OP_mac_get_params_fn *get_params;
160 OSSL_OP_mac_get_ctx_params_fn *get_ctx_params;
161 OSSL_OP_mac_set_ctx_params_fn *set_ctx_params;
167 CRYPTO_REF_COUNT refcnt;
170 OSSL_OP_kdf_newctx_fn *newctx;
171 OSSL_OP_kdf_dupctx_fn *dupctx;
172 OSSL_OP_kdf_freectx_fn *freectx;
173 OSSL_OP_kdf_reset_fn *reset;
174 OSSL_OP_kdf_derive_fn *derive;
175 OSSL_OP_kdf_gettable_params_fn *gettable_params;
176 OSSL_OP_kdf_gettable_ctx_params_fn *gettable_ctx_params;
177 OSSL_OP_kdf_settable_ctx_params_fn *settable_ctx_params;
178 OSSL_OP_kdf_get_params_fn *get_params;
179 OSSL_OP_kdf_get_ctx_params_fn *get_ctx_params;
180 OSSL_OP_kdf_set_ctx_params_fn *set_ctx_params;
187 /* Legacy structure members */
188 /* TODO(3.0): Remove these */
192 int (*init) (EVP_MD_CTX *ctx);
193 int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
194 int (*final) (EVP_MD_CTX *ctx, unsigned char *md);
195 int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from);
196 int (*cleanup) (EVP_MD_CTX *ctx);
198 int ctx_size; /* how big does the ctx->md_data need to be */
199 /* control function */
200 int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
202 /* New structure members */
203 /* TODO(3.0): Remove above comment when legacy has gone */
206 CRYPTO_REF_COUNT refcnt;
208 OSSL_OP_digest_newctx_fn *newctx;
209 OSSL_OP_digest_init_fn *dinit;
210 OSSL_OP_digest_update_fn *dupdate;
211 OSSL_OP_digest_final_fn *dfinal;
212 OSSL_OP_digest_digest_fn *digest;
213 OSSL_OP_digest_freectx_fn *freectx;
214 OSSL_OP_digest_dupctx_fn *dupctx;
215 OSSL_OP_digest_get_params_fn *get_params;
216 OSSL_OP_digest_set_ctx_params_fn *set_ctx_params;
217 OSSL_OP_digest_get_ctx_params_fn *get_ctx_params;
218 OSSL_OP_digest_gettable_params_fn *gettable_params;
219 OSSL_OP_digest_settable_ctx_params_fn *settable_ctx_params;
220 OSSL_OP_digest_gettable_ctx_params_fn *gettable_ctx_params;
224 struct evp_cipher_st {
228 /* Default value for variable length ciphers */
232 /* Legacy structure members */
233 /* TODO(3.0): Remove these */
237 int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key,
238 const unsigned char *iv, int enc);
239 /* encrypt/decrypt data */
240 int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out,
241 const unsigned char *in, size_t inl);
243 int (*cleanup) (EVP_CIPHER_CTX *);
244 /* how big ctx->cipher_data needs to be */
246 /* Populate a ASN1_TYPE with parameters */
247 int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
248 /* Get parameters from a ASN1_TYPE */
249 int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
250 /* Miscellaneous operations */
251 int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr);
252 /* Application data */
255 /* New structure members */
256 /* TODO(3.0): Remove above comment when legacy has gone */
259 CRYPTO_REF_COUNT refcnt;
261 OSSL_OP_cipher_newctx_fn *newctx;
262 OSSL_OP_cipher_encrypt_init_fn *einit;
263 OSSL_OP_cipher_decrypt_init_fn *dinit;
264 OSSL_OP_cipher_update_fn *cupdate;
265 OSSL_OP_cipher_final_fn *cfinal;
266 OSSL_OP_cipher_cipher_fn *ccipher;
267 OSSL_OP_cipher_freectx_fn *freectx;
268 OSSL_OP_cipher_dupctx_fn *dupctx;
269 OSSL_OP_cipher_get_params_fn *get_params;
270 OSSL_OP_cipher_get_ctx_params_fn *get_ctx_params;
271 OSSL_OP_cipher_set_ctx_params_fn *set_ctx_params;
272 OSSL_OP_cipher_gettable_params_fn *gettable_params;
273 OSSL_OP_cipher_gettable_ctx_params_fn *gettable_ctx_params;
274 OSSL_OP_cipher_settable_ctx_params_fn *settable_ctx_params;
277 /* Macros to code block cipher wrappers */
279 /* Wrapper functions for each cipher mode */
281 #define EVP_C_DATA(kstruct, ctx) \
282 ((kstruct *)EVP_CIPHER_CTX_get_cipher_data(ctx))
284 #define BLOCK_CIPHER_ecb_loop() \
286 bl = EVP_CIPHER_CTX_cipher(ctx)->block_size; \
287 if (inl < bl) return 1;\
289 for (i=0; i <= inl; i+=bl)
291 #define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
292 static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
294 BLOCK_CIPHER_ecb_loop() \
295 cprefix##_ecb_encrypt(in + i, out + i, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_encrypting(ctx)); \
299 #define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
301 #define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
302 static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
304 while(inl>=EVP_MAXCHUNK) {\
305 int num = EVP_CIPHER_CTX_num(ctx);\
306 cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
307 EVP_CIPHER_CTX_set_num(ctx, num);\
313 int num = EVP_CIPHER_CTX_num(ctx);\
314 cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
315 EVP_CIPHER_CTX_set_num(ctx, num);\
320 #define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
321 static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
323 while(inl>=EVP_MAXCHUNK) \
325 cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
331 cprefix##_cbc_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
335 #define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
336 static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
338 size_t chunk = EVP_MAXCHUNK;\
339 if (cbits == 1) chunk >>= 3;\
340 if (inl < chunk) chunk = inl;\
341 while (inl && inl >= chunk)\
343 int num = EVP_CIPHER_CTX_num(ctx);\
344 cprefix##_cfb##cbits##_encrypt(in, out, (long) \
346 && !EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS) \
347 ? chunk*8 : chunk), \
348 &EVP_C_DATA(kstruct, ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx),\
349 &num, EVP_CIPHER_CTX_encrypting(ctx));\
350 EVP_CIPHER_CTX_set_num(ctx, num);\
354 if (inl < chunk) chunk = inl;\
359 #define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
360 BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
361 BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
362 BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
363 BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
365 #define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
366 key_len, iv_len, flags, init_key, cleanup, \
367 set_asn1, get_asn1, ctrl) \
368 static const EVP_CIPHER cname##_##mode = { \
369 nid##_##nmode, block_size, key_len, iv_len, \
370 flags | EVP_CIPH_##MODE##_MODE, \
372 cname##_##mode##_cipher, \
379 const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
381 #define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
382 iv_len, flags, init_key, cleanup, set_asn1, \
384 BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
385 iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
387 #define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
388 iv_len, cbits, flags, init_key, cleanup, \
389 set_asn1, get_asn1, ctrl) \
390 BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
391 key_len, iv_len, flags, init_key, cleanup, set_asn1, \
394 #define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
395 iv_len, cbits, flags, init_key, cleanup, \
396 set_asn1, get_asn1, ctrl) \
397 BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
398 key_len, iv_len, flags, init_key, cleanup, set_asn1, \
401 #define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
402 flags, init_key, cleanup, set_asn1, \
404 BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
405 0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
407 #define BLOCK_CIPHER_defs(cname, kstruct, \
408 nid, block_size, key_len, iv_len, cbits, flags, \
409 init_key, cleanup, set_asn1, get_asn1, ctrl) \
410 BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
411 init_key, cleanup, set_asn1, get_asn1, ctrl) \
412 BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
413 flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
414 BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
415 flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
416 BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
417 init_key, cleanup, set_asn1, get_asn1, ctrl)
420 #define BLOCK_CIPHER_defs(cname, kstruct, \
421 nid, block_size, key_len, iv_len, flags,\
422 init_key, cleanup, set_asn1, get_asn1, ctrl)\
423 static const EVP_CIPHER cname##_cbc = {\
424 nid##_cbc, block_size, key_len, iv_len, \
425 flags | EVP_CIPH_CBC_MODE,\
429 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
430 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
435 const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
436 static const EVP_CIPHER cname##_cfb = {\
437 nid##_cfb64, 1, key_len, iv_len, \
438 flags | EVP_CIPH_CFB_MODE,\
442 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
443 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
448 const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
449 static const EVP_CIPHER cname##_ofb = {\
450 nid##_ofb64, 1, key_len, iv_len, \
451 flags | EVP_CIPH_OFB_MODE,\
455 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
456 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
461 const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
462 static const EVP_CIPHER cname##_ecb = {\
463 nid##_ecb, block_size, key_len, iv_len, \
464 flags | EVP_CIPH_ECB_MODE,\
468 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
469 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
474 const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
477 #define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
478 block_size, key_len, iv_len, cbits, \
480 cleanup, set_asn1, get_asn1, ctrl) \
481 BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
482 BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
483 cbits, flags, init_key, cleanup, set_asn1, \
486 #define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \
487 BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
488 BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
489 NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
490 (fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \
491 cipher##_init_key, NULL, NULL, NULL, NULL)
494 # ifndef OPENSSL_NO_EC
496 #define X25519_KEYLEN 32
497 #define X448_KEYLEN 56
498 #define ED25519_KEYLEN 32
499 #define ED448_KEYLEN 57
501 #define MAX_KEYLEN ED448_KEYLEN
504 unsigned char pubkey[MAX_KEYLEN];
505 unsigned char *privkey;
511 * Type needs to be a bit field Sub-type needs to be for variations on the
512 * method, as in, can it do arbitrary encryption....
515 /* == Legacy attributes == */
518 const EVP_PKEY_ASN1_METHOD *ameth;
520 ENGINE *pmeth_engine; /* If not NULL public key ENGINE to use */
523 # ifndef OPENSSL_NO_RSA
524 struct rsa_st *rsa; /* RSA */
526 # ifndef OPENSSL_NO_DSA
527 struct dsa_st *dsa; /* DSA */
529 # ifndef OPENSSL_NO_DH
530 struct dh_st *dh; /* DH */
532 # ifndef OPENSSL_NO_EC
533 struct ec_key_st *ec; /* ECC */
534 ECX_KEY *ecx; /* X25519, X448, Ed25519, Ed448 */
538 /* == Common attributes == */
539 CRYPTO_REF_COUNT references;
541 STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
544 /* == Provider attributes == */
546 * To support transparent export/import between providers that
547 * support the methods for it, and still not having to do the
548 * export/import every time a key or domain params are used, we
549 * maintain a cache of imported key / domain params, indexed by
550 * provider address. pkeys[0] is *always* the "original" data.
553 EVP_KEYMGMT *keymgmt;
555 /* 0 = provdata is a key, 1 = provdata is domain params */
559 * If there is a legacy key assigned to this structure, we keep
560 * a copy of that key's dirty count.
562 size_t dirty_cnt_copy;
565 #define EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx) \
566 ((ctx)->operation == EVP_PKEY_OP_SIGN \
567 || (ctx)->operation == EVP_PKEY_OP_SIGNCTX \
568 || (ctx)->operation == EVP_PKEY_OP_VERIFY \
569 || (ctx)->operation == EVP_PKEY_OP_VERIFYCTX \
570 || (ctx)->operation == EVP_PKEY_OP_VERIFYRECOVER)
572 #define EVP_PKEY_CTX_IS_DERIVE_OP(ctx) \
573 ((ctx)->operation == EVP_PKEY_OP_DERIVE)
575 void openssl_add_all_ciphers_int(void);
576 void openssl_add_all_digests_int(void);
577 void evp_cleanup_int(void);
578 void evp_app_cleanup_int(void);
580 /* KEYMGMT helper functions */
581 void *evp_keymgmt_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt,
583 void evp_keymgmt_clear_pkey_cache(EVP_PKEY *pk);
585 /* KEYMGMT provider interface functions */
586 void *evp_keymgmt_importdomparams(const EVP_KEYMGMT *keymgmt,
587 const OSSL_PARAM params[]);
588 void *evp_keymgmt_gendomparams(const EVP_KEYMGMT *keymgmt,
589 const OSSL_PARAM params[]);
590 void evp_keymgmt_freedomparams(const EVP_KEYMGMT *keymgmt,
591 void *provdomparams);
592 int evp_keymgmt_exportdomparams(const EVP_KEYMGMT *keymgmt,
593 void *provdomparams, OSSL_PARAM params[]);
595 evp_keymgmt_importdomparam_types(const EVP_KEYMGMT *keymgmt);
597 evp_keymgmt_exportdomparam_types(const EVP_KEYMGMT *keymgmt);
599 void *evp_keymgmt_importkey(const EVP_KEYMGMT *keymgmt,
600 const OSSL_PARAM params[]);
601 void *evp_keymgmt_genkey(const EVP_KEYMGMT *keymgmt, void *domparams,
602 const OSSL_PARAM params[]);
603 void *evp_keymgmt_loadkey(const EVP_KEYMGMT *keymgmt,
604 void *id, size_t idlen);
605 void evp_keymgmt_freekey(const EVP_KEYMGMT *keymgmt, void *provkey);
606 int evp_keymgmt_exportkey(const EVP_KEYMGMT *keymgmt,
607 void *provkey, OSSL_PARAM params[]);
608 const OSSL_PARAM *evp_keymgmt_importkey_types(const EVP_KEYMGMT *keymgmt);
609 const OSSL_PARAM *evp_keymgmt_exportkey_types(const EVP_KEYMGMT *keymgmt);
611 /* Pulling defines out of C source files */
613 #define EVP_RC4_KEY_SIZE 16
614 #ifndef TLS1_1_VERSION
615 # define TLS1_1_VERSION 0x0302
618 void evp_encode_ctx_set_flags(EVP_ENCODE_CTX *ctx, unsigned int flags);
620 /* EVP_ENCODE_CTX flags */
621 /* Don't generate new lines when encoding */
622 #define EVP_ENCODE_CTX_NO_NEWLINES 1
623 /* Use the SRP base64 alphabet instead of the standard one */
624 #define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2