2 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/evp.h>
11 #include <openssl/core_numbers.h>
12 #include "internal/refcount.h"
15 * Don't free up md_ctx->pctx in EVP_MD_CTX_reset, use the reserved flag
18 #define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400
20 struct evp_pkey_ctx_st {
21 /* Actual operation */
25 * Library context, Algorithm name and properties associated
29 const char *algorithm;
30 const char *propquery;
34 EVP_KEYEXCH *exchange;
39 EVP_SIGNATURE *signature;
44 /* Legacy fields below */
46 /* Method associated with this operation */
47 const EVP_PKEY_METHOD *pmeth;
48 /* Engine that implements this method or NULL if builtin */
50 /* Key: may be NULL */
52 /* Peer key for key agreement, may be NULL */
54 /* Algorithm specific data */
56 /* Application specific data */
59 EVP_PKEY_gen_cb *pkey_gencb;
60 /* implementation specific keygen data */
62 int keygen_info_count;
63 } /* EVP_PKEY_CTX */ ;
65 #define EVP_PKEY_FLAG_DYNAMIC 1
67 struct evp_pkey_method_st {
70 int (*init) (EVP_PKEY_CTX *ctx);
71 int (*copy) (EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src);
72 void (*cleanup) (EVP_PKEY_CTX *ctx);
73 int (*paramgen_init) (EVP_PKEY_CTX *ctx);
74 int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
75 int (*keygen_init) (EVP_PKEY_CTX *ctx);
76 int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
77 int (*sign_init) (EVP_PKEY_CTX *ctx);
78 int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
79 const unsigned char *tbs, size_t tbslen);
80 int (*verify_init) (EVP_PKEY_CTX *ctx);
81 int (*verify) (EVP_PKEY_CTX *ctx,
82 const unsigned char *sig, size_t siglen,
83 const unsigned char *tbs, size_t tbslen);
84 int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
85 int (*verify_recover) (EVP_PKEY_CTX *ctx,
86 unsigned char *rout, size_t *routlen,
87 const unsigned char *sig, size_t siglen);
88 int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
89 int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
91 int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
92 int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
94 int (*encrypt_init) (EVP_PKEY_CTX *ctx);
95 int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
96 const unsigned char *in, size_t inlen);
97 int (*decrypt_init) (EVP_PKEY_CTX *ctx);
98 int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
99 const unsigned char *in, size_t inlen);
100 int (*derive_init) (EVP_PKEY_CTX *ctx);
101 int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
102 int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
103 int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);
104 int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
105 const unsigned char *tbs, size_t tbslen);
106 int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
107 size_t siglen, const unsigned char *tbs,
109 int (*check) (EVP_PKEY *pkey);
110 int (*public_check) (EVP_PKEY *pkey);
111 int (*param_check) (EVP_PKEY *pkey);
113 int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
114 } /* EVP_PKEY_METHOD */ ;
116 DEFINE_STACK_OF_CONST(EVP_PKEY_METHOD)
118 void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
120 const EVP_PKEY_METHOD *cmac_pkey_method(void);
121 const EVP_PKEY_METHOD *dh_pkey_method(void);
122 const EVP_PKEY_METHOD *dhx_pkey_method(void);
123 const EVP_PKEY_METHOD *dsa_pkey_method(void);
124 const EVP_PKEY_METHOD *ec_pkey_method(void);
125 const EVP_PKEY_METHOD *sm2_pkey_method(void);
126 const EVP_PKEY_METHOD *ecx25519_pkey_method(void);
127 const EVP_PKEY_METHOD *ecx448_pkey_method(void);
128 const EVP_PKEY_METHOD *ed25519_pkey_method(void);
129 const EVP_PKEY_METHOD *ed448_pkey_method(void);
130 const EVP_PKEY_METHOD *hmac_pkey_method(void);
131 const EVP_PKEY_METHOD *rsa_pkey_method(void);
132 const EVP_PKEY_METHOD *rsa_pss_pkey_method(void);
133 const EVP_PKEY_METHOD *scrypt_pkey_method(void);
134 const EVP_PKEY_METHOD *tls1_prf_pkey_method(void);
135 const EVP_PKEY_METHOD *hkdf_pkey_method(void);
136 const EVP_PKEY_METHOD *poly1305_pkey_method(void);
137 const EVP_PKEY_METHOD *siphash_pkey_method(void);
143 CRYPTO_REF_COUNT refcnt;
146 OSSL_OP_mac_newctx_fn *newctx;
147 OSSL_OP_mac_dupctx_fn *dupctx;
148 OSSL_OP_mac_freectx_fn *freectx;
149 OSSL_OP_mac_size_fn *size;
150 OSSL_OP_mac_init_fn *init;
151 OSSL_OP_mac_update_fn *update;
152 OSSL_OP_mac_final_fn *final;
153 OSSL_OP_mac_gettable_params_fn *gettable_params;
154 OSSL_OP_mac_gettable_ctx_params_fn *gettable_ctx_params;
155 OSSL_OP_mac_settable_ctx_params_fn *settable_ctx_params;
156 OSSL_OP_mac_get_params_fn *get_params;
157 OSSL_OP_mac_get_ctx_params_fn *get_ctx_params;
158 OSSL_OP_mac_set_ctx_params_fn *set_ctx_params;
164 CRYPTO_REF_COUNT refcnt;
167 OSSL_OP_kdf_newctx_fn *newctx;
168 OSSL_OP_kdf_dupctx_fn *dupctx;
169 OSSL_OP_kdf_freectx_fn *freectx;
170 OSSL_OP_kdf_reset_fn *reset;
171 OSSL_OP_kdf_derive_fn *derive;
172 OSSL_OP_kdf_gettable_params_fn *gettable_params;
173 OSSL_OP_kdf_gettable_ctx_params_fn *gettable_ctx_params;
174 OSSL_OP_kdf_settable_ctx_params_fn *settable_ctx_params;
175 OSSL_OP_kdf_get_params_fn *get_params;
176 OSSL_OP_kdf_get_ctx_params_fn *get_ctx_params;
177 OSSL_OP_kdf_set_ctx_params_fn *set_ctx_params;
184 /* Legacy structure members */
185 /* TODO(3.0): Remove these */
189 int (*init) (EVP_MD_CTX *ctx);
190 int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
191 int (*final) (EVP_MD_CTX *ctx, unsigned char *md);
192 int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from);
193 int (*cleanup) (EVP_MD_CTX *ctx);
195 int ctx_size; /* how big does the ctx->md_data need to be */
196 /* control function */
197 int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
199 /* New structure members */
200 /* TODO(3.0): Remove above comment when legacy has gone */
203 CRYPTO_REF_COUNT refcnt;
205 OSSL_OP_digest_newctx_fn *newctx;
206 OSSL_OP_digest_init_fn *dinit;
207 OSSL_OP_digest_update_fn *dupdate;
208 OSSL_OP_digest_final_fn *dfinal;
209 OSSL_OP_digest_digest_fn *digest;
210 OSSL_OP_digest_freectx_fn *freectx;
211 OSSL_OP_digest_dupctx_fn *dupctx;
212 OSSL_OP_digest_get_params_fn *get_params;
213 OSSL_OP_digest_set_ctx_params_fn *set_ctx_params;
214 OSSL_OP_digest_get_ctx_params_fn *get_ctx_params;
215 OSSL_OP_digest_gettable_params_fn *gettable_params;
216 OSSL_OP_digest_settable_ctx_params_fn *settable_ctx_params;
217 OSSL_OP_digest_gettable_ctx_params_fn *gettable_ctx_params;
221 struct evp_cipher_st {
225 /* Default value for variable length ciphers */
229 /* Legacy structure members */
230 /* TODO(3.0): Remove these */
234 int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key,
235 const unsigned char *iv, int enc);
236 /* encrypt/decrypt data */
237 int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out,
238 const unsigned char *in, size_t inl);
240 int (*cleanup) (EVP_CIPHER_CTX *);
241 /* how big ctx->cipher_data needs to be */
243 /* Populate a ASN1_TYPE with parameters */
244 int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
245 /* Get parameters from a ASN1_TYPE */
246 int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
247 /* Miscellaneous operations */
248 int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr);
249 /* Application data */
252 /* New structure members */
253 /* TODO(3.0): Remove above comment when legacy has gone */
256 CRYPTO_REF_COUNT refcnt;
258 OSSL_OP_cipher_newctx_fn *newctx;
259 OSSL_OP_cipher_encrypt_init_fn *einit;
260 OSSL_OP_cipher_decrypt_init_fn *dinit;
261 OSSL_OP_cipher_update_fn *cupdate;
262 OSSL_OP_cipher_final_fn *cfinal;
263 OSSL_OP_cipher_cipher_fn *ccipher;
264 OSSL_OP_cipher_freectx_fn *freectx;
265 OSSL_OP_cipher_dupctx_fn *dupctx;
266 OSSL_OP_cipher_get_params_fn *get_params;
267 OSSL_OP_cipher_get_ctx_params_fn *get_ctx_params;
268 OSSL_OP_cipher_set_ctx_params_fn *set_ctx_params;
269 OSSL_OP_cipher_gettable_params_fn *gettable_params;
270 OSSL_OP_cipher_gettable_ctx_params_fn *gettable_ctx_params;
271 OSSL_OP_cipher_settable_ctx_params_fn *settable_ctx_params;
274 /* Macros to code block cipher wrappers */
276 /* Wrapper functions for each cipher mode */
278 #define EVP_C_DATA(kstruct, ctx) \
279 ((kstruct *)EVP_CIPHER_CTX_get_cipher_data(ctx))
281 #define BLOCK_CIPHER_ecb_loop() \
283 bl = EVP_CIPHER_CTX_cipher(ctx)->block_size; \
284 if (inl < bl) return 1;\
286 for (i=0; i <= inl; i+=bl)
288 #define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
289 static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
291 BLOCK_CIPHER_ecb_loop() \
292 cprefix##_ecb_encrypt(in + i, out + i, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_encrypting(ctx)); \
296 #define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
298 #define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
299 static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
301 while(inl>=EVP_MAXCHUNK) {\
302 int num = EVP_CIPHER_CTX_num(ctx);\
303 cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
304 EVP_CIPHER_CTX_set_num(ctx, num);\
310 int num = EVP_CIPHER_CTX_num(ctx);\
311 cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
312 EVP_CIPHER_CTX_set_num(ctx, num);\
317 #define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
318 static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
320 while(inl>=EVP_MAXCHUNK) \
322 cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
328 cprefix##_cbc_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
332 #define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
333 static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
335 size_t chunk = EVP_MAXCHUNK;\
336 if (cbits == 1) chunk >>= 3;\
337 if (inl < chunk) chunk = inl;\
338 while (inl && inl >= chunk)\
340 int num = EVP_CIPHER_CTX_num(ctx);\
341 cprefix##_cfb##cbits##_encrypt(in, out, (long) \
343 && !EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS) \
344 ? chunk*8 : chunk), \
345 &EVP_C_DATA(kstruct, ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx),\
346 &num, EVP_CIPHER_CTX_encrypting(ctx));\
347 EVP_CIPHER_CTX_set_num(ctx, num);\
351 if (inl < chunk) chunk = inl;\
356 #define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
357 BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
358 BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
359 BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
360 BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
362 #define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
363 key_len, iv_len, flags, init_key, cleanup, \
364 set_asn1, get_asn1, ctrl) \
365 static const EVP_CIPHER cname##_##mode = { \
366 nid##_##nmode, block_size, key_len, iv_len, \
367 flags | EVP_CIPH_##MODE##_MODE, \
369 cname##_##mode##_cipher, \
376 const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
378 #define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
379 iv_len, flags, init_key, cleanup, set_asn1, \
381 BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
382 iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
384 #define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
385 iv_len, cbits, flags, init_key, cleanup, \
386 set_asn1, get_asn1, ctrl) \
387 BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
388 key_len, iv_len, flags, init_key, cleanup, set_asn1, \
391 #define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
392 iv_len, cbits, flags, init_key, cleanup, \
393 set_asn1, get_asn1, ctrl) \
394 BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
395 key_len, iv_len, flags, init_key, cleanup, set_asn1, \
398 #define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
399 flags, init_key, cleanup, set_asn1, \
401 BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
402 0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
404 #define BLOCK_CIPHER_defs(cname, kstruct, \
405 nid, block_size, key_len, iv_len, cbits, flags, \
406 init_key, cleanup, set_asn1, get_asn1, ctrl) \
407 BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
408 init_key, cleanup, set_asn1, get_asn1, ctrl) \
409 BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
410 flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
411 BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
412 flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
413 BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
414 init_key, cleanup, set_asn1, get_asn1, ctrl)
417 #define BLOCK_CIPHER_defs(cname, kstruct, \
418 nid, block_size, key_len, iv_len, flags,\
419 init_key, cleanup, set_asn1, get_asn1, ctrl)\
420 static const EVP_CIPHER cname##_cbc = {\
421 nid##_cbc, block_size, key_len, iv_len, \
422 flags | EVP_CIPH_CBC_MODE,\
426 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
427 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
432 const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
433 static const EVP_CIPHER cname##_cfb = {\
434 nid##_cfb64, 1, key_len, iv_len, \
435 flags | EVP_CIPH_CFB_MODE,\
439 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
440 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
445 const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
446 static const EVP_CIPHER cname##_ofb = {\
447 nid##_ofb64, 1, key_len, iv_len, \
448 flags | EVP_CIPH_OFB_MODE,\
452 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
453 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
458 const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
459 static const EVP_CIPHER cname##_ecb = {\
460 nid##_ecb, block_size, key_len, iv_len, \
461 flags | EVP_CIPH_ECB_MODE,\
465 sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
466 sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
471 const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
474 #define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
475 block_size, key_len, iv_len, cbits, \
477 cleanup, set_asn1, get_asn1, ctrl) \
478 BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
479 BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
480 cbits, flags, init_key, cleanup, set_asn1, \
483 #define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \
484 BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
485 BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
486 NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
487 (fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \
488 cipher##_init_key, NULL, NULL, NULL, NULL)
491 # ifndef OPENSSL_NO_EC
493 #define X25519_KEYLEN 32
494 #define X448_KEYLEN 56
495 #define ED25519_KEYLEN 32
496 #define ED448_KEYLEN 57
498 #define MAX_KEYLEN ED448_KEYLEN
501 unsigned char pubkey[MAX_KEYLEN];
502 unsigned char *privkey;
508 * Type needs to be a bit field Sub-type needs to be for variations on the
509 * method, as in, can it do arbitrary encryption....
512 /* == Legacy attributes == */
515 const EVP_PKEY_ASN1_METHOD *ameth;
517 ENGINE *pmeth_engine; /* If not NULL public key ENGINE to use */
520 # ifndef OPENSSL_NO_RSA
521 struct rsa_st *rsa; /* RSA */
523 # ifndef OPENSSL_NO_DSA
524 struct dsa_st *dsa; /* DSA */
526 # ifndef OPENSSL_NO_DH
527 struct dh_st *dh; /* DH */
529 # ifndef OPENSSL_NO_EC
530 struct ec_key_st *ec; /* ECC */
531 ECX_KEY *ecx; /* X25519, X448, Ed25519, Ed448 */
535 /* == Common attributes == */
536 CRYPTO_REF_COUNT references;
538 STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
541 /* == Provider attributes == */
543 * To support transparent export/import between providers that
544 * support the methods for it, and still not having to do the
545 * export/import every time a key or domain params are used, we
546 * maintain a cache of imported key / domain params, indexed by
547 * provider address. pkeys[0] is *always* the "original" data.
550 EVP_KEYMGMT *keymgmt;
552 /* 0 = provdata is a key, 1 = provdata is domain params */
556 * If there is a legacy key assigned to this structure, we keep
557 * a copy of that key's dirty count.
559 size_t dirty_cnt_copy;
562 #define EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx) \
563 ((ctx)->operation == EVP_PKEY_OP_SIGN \
564 || (ctx)->operation == EVP_PKEY_OP_SIGNCTX \
565 || (ctx)->operation == EVP_PKEY_OP_VERIFY \
566 || (ctx)->operation == EVP_PKEY_OP_VERIFYCTX \
567 || (ctx)->operation == EVP_PKEY_OP_VERIFYRECOVER)
569 #define EVP_PKEY_CTX_IS_DERIVE_OP(ctx) \
570 ((ctx)->operation == EVP_PKEY_OP_DERIVE)
572 void openssl_add_all_ciphers_int(void);
573 void openssl_add_all_digests_int(void);
574 void evp_cleanup_int(void);
575 void evp_app_cleanup_int(void);
577 /* KEYMGMT helper functions */
578 void *evp_keymgmt_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt,
580 void evp_keymgmt_clear_pkey_cache(EVP_PKEY *pk);
582 /* KEYMGMT provider interface functions */
583 void *evp_keymgmt_importdomparams(const EVP_KEYMGMT *keymgmt,
584 const OSSL_PARAM params[]);
585 void *evp_keymgmt_gendomparams(const EVP_KEYMGMT *keymgmt,
586 const OSSL_PARAM params[]);
587 void evp_keymgmt_freedomparams(const EVP_KEYMGMT *keymgmt,
588 void *provdomparams);
589 int evp_keymgmt_exportdomparams(const EVP_KEYMGMT *keymgmt,
590 void *provdomparams, OSSL_PARAM params[]);
592 evp_keymgmt_importdomparam_types(const EVP_KEYMGMT *keymgmt);
594 evp_keymgmt_exportdomparam_types(const EVP_KEYMGMT *keymgmt);
596 void *evp_keymgmt_importkey(const EVP_KEYMGMT *keymgmt,
597 const OSSL_PARAM params[]);
598 void *evp_keymgmt_genkey(const EVP_KEYMGMT *keymgmt, void *domparams,
599 const OSSL_PARAM params[]);
600 void *evp_keymgmt_loadkey(const EVP_KEYMGMT *keymgmt,
601 void *id, size_t idlen);
602 void evp_keymgmt_freekey(const EVP_KEYMGMT *keymgmt, void *provkey);
603 int evp_keymgmt_exportkey(const EVP_KEYMGMT *keymgmt,
604 void *provkey, OSSL_PARAM params[]);
605 const OSSL_PARAM *evp_keymgmt_importkey_types(const EVP_KEYMGMT *keymgmt);
606 const OSSL_PARAM *evp_keymgmt_exportkey_types(const EVP_KEYMGMT *keymgmt);
608 /* Pulling defines out of C source files */
610 #define EVP_RC4_KEY_SIZE 16
611 #ifndef TLS1_1_VERSION
612 # define TLS1_1_VERSION 0x0302
615 void evp_encode_ctx_set_flags(EVP_ENCODE_CTX *ctx, unsigned int flags);
617 /* EVP_ENCODE_CTX flags */
618 /* Don't generate new lines when encoding */
619 #define EVP_ENCODE_CTX_NO_NEWLINES 1
620 /* Use the SRP base64 alphabet instead of the standard one */
621 #define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2