#define EVP_CAST5_KEY_SIZE 16
#define EVP_RC5_32_12_16_KEY_SIZE 16
*/
-#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
+#define EVP_MAX_MD_SIZE 64 /* longest known is SHA512 */
#define EVP_MAX_KEY_LENGTH 32
#define EVP_MAX_IV_LENGTH 16
#define EVP_MAX_BLOCK_LENGTH 32
int type;
int save_type;
int references;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ const EVP_PKEY_METHOD *pmeth;
union {
char *ptr;
#ifndef OPENSSL_NO_RSA
struct dh_st *dh; /* DH */
#endif
#ifndef OPENSSL_NO_EC
- struct ec_key_st *eckey;/* ECC */
+ struct ec_key_st *ec; /* ECC */
#endif
} pkey;
int save_parameters;
int md_size;
unsigned long flags;
int (*init)(EVP_MD_CTX *ctx);
- int (*update)(EVP_MD_CTX *ctx,const void *data,unsigned long count);
+ int (*update)(EVP_MD_CTX *ctx,const void *data,size_t count);
int (*final)(EVP_MD_CTX *ctx,unsigned char *md);
int (*copy)(EVP_MD_CTX *to,const EVP_MD_CTX *from);
int (*cleanup)(EVP_MD_CTX *ctx);
/* FIXME: prototype these some day */
- int (*sign)();
- int (*verify)();
+ int (*sign)(int type, const unsigned char *m, unsigned int m_length,
+ unsigned char *sigret, unsigned int *siglen, void *key);
+ int (*verify)(int type, const unsigned char *m, unsigned int m_length,
+ const unsigned char *sigbuf, unsigned int siglen,
+ void *key);
int required_pkey_type[5]; /*EVP_PKEY_xxx */
int block_size;
int ctx_size; /* how big does the ctx->md_data need to be */
} /* EVP_MD */;
+typedef int evp_sign_method(int type,const unsigned char *m,
+ unsigned int m_length,unsigned char *sigret,
+ unsigned int *siglen, void *key);
+typedef int evp_verify_method(int type,const unsigned char *m,
+ unsigned int m_length,const unsigned char *sigbuf,
+ unsigned int siglen, void *key);
+
#define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single
* block */
#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
#ifndef OPENSSL_NO_DSA
-#define EVP_PKEY_DSA_method DSA_sign,DSA_verify, \
+#define EVP_PKEY_DSA_method (evp_sign_method *)DSA_sign, \
+ (evp_verify_method *)DSA_verify, \
{EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
EVP_PKEY_DSA4,0}
#else
#endif
#ifndef OPENSSL_NO_ECDSA
-#define EVP_PKEY_ECDSA_method ECDSA_sign,ECDSA_verify, \
+#define EVP_PKEY_ECDSA_method (evp_sign_method *)ECDSA_sign, \
+ (evp_verify_method *)ECDSA_verify, \
{EVP_PKEY_EC,0,0,0}
#else
#define EVP_PKEY_ECDSA_method EVP_PKEY_NULL_method
#endif
#ifndef OPENSSL_NO_RSA
-#define EVP_PKEY_RSA_method RSA_sign,RSA_verify, \
+#define EVP_PKEY_RSA_method (evp_sign_method *)RSA_sign, \
+ (evp_verify_method *)RSA_verify, \
{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
- RSA_sign_ASN1_OCTET_STRING, \
- RSA_verify_ASN1_OCTET_STRING, \
+ (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \
+ (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \
{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
#else
#define EVP_PKEY_RSA_method EVP_PKEY_NULL_method
#define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80
/* Don't use standard block padding */
#define EVP_CIPH_NO_PADDING 0x100
+/* cipher handles random key generation */
+#define EVP_CIPH_RAND_KEY 0x200
/* ctrl() values */
#define EVP_CTRL_SET_RC2_KEY_BITS 0x3
#define EVP_CTRL_GET_RC5_ROUNDS 0x4
#define EVP_CTRL_SET_RC5_ROUNDS 0x5
+#define EVP_CTRL_RAND_KEY 0x6
typedef struct evp_cipher_info_st
{
#define EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs))
int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
int EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
- unsigned int cnt);
+ size_t cnt);
int EVP_DigestFinal_ex(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
-int EVP_Digest(const void *data, unsigned int count,
+int EVP_Digest(const void *data, size_t count,
unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl);
int EVP_MD_CTX_copy(EVP_MD_CTX *out,const EVP_MD_CTX *in);
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
+EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *a);
int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad);
int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
#ifndef OPENSSL_NO_BIO
BIO_METHOD *BIO_f_md(void);
const EVP_MD *EVP_dss1(void);
const EVP_MD *EVP_ecdsa(void);
#endif
+#ifndef OPENSSL_NO_SHA256
+const EVP_MD *EVP_sha224(void);
+const EVP_MD *EVP_sha256(void);
+#endif
+#ifndef OPENSSL_NO_SHA512
+const EVP_MD *EVP_sha384(void);
+const EVP_MD *EVP_sha512(void);
+#endif
#ifndef OPENSSL_NO_MDC2
const EVP_MD *EVP_mdc2(void);
#endif
#ifndef OPENSSL_NO_RIPEMD
const EVP_MD *EVP_ripemd160(void);
#endif
+#ifndef OPENSSL_NO_WHIRLPOOL
+const EVP_MD *EVP_whirlpool(void);
+#endif
const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
#ifndef OPENSSL_NO_DES
const EVP_CIPHER *EVP_des_ecb(void);
const EVP_MD *EVP_get_digestbyname(const char *name);
void EVP_cleanup(void);
-int EVP_PKEY_decrypt(unsigned char *dec_key,
+int EVP_PKEY_decrypt_old(unsigned char *dec_key,
const unsigned char *enc_key,int enc_key_len,
EVP_PKEY *private_key);
-int EVP_PKEY_encrypt(unsigned char *enc_key,
+int EVP_PKEY_encrypt_old(unsigned char *enc_key,
const unsigned char *key,int key_len,
EVP_PKEY *pub_key);
int EVP_PKEY_type(int type);
int EVP_PKEY_bits(EVP_PKEY *pkey);
int EVP_PKEY_size(EVP_PKEY *pkey);
-int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
+int EVP_PKEY_assign(EVP_PKEY *pkey,int type,void *key);
+void * EVP_PKEY_get0(EVP_PKEY *pkey);
#ifndef OPENSSL_NO_RSA
struct rsa_st;
EVP_PKEY * EVP_PKEY_new(void);
void EVP_PKEY_free(EVP_PKEY *pkey);
+
EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, const unsigned char **pp,
long length);
int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
+int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+ int indent, ASN1_PCTX *pctx);
+
int EVP_CIPHER_type(const EVP_CIPHER *ctx);
/* calls methods */
EVP_PBE_KEYGEN *keygen);
void EVP_PBE_cleanup(void);
+#define ASN1_PKEY_ALIAS 0x1
+#define ASN1_PKEY_DYNAMIC 0x2
+
+int EVP_PKEY_asn1_get_count(void);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(int type);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(const char *str, int len);
+int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+int EVP_PKEY_asn1_add_alias(int to, int from);
+int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags,
+ const char **pinfo, const char **ppem_str,
+ const EVP_PKEY_ASN1_METHOD *ameth);
+
+EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id,
+ const char *pem_str, const char *info);
+void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub),
+ int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk),
+ int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
+ int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *pctx),
+ int (*pkey_size)(const EVP_PKEY *pk),
+ int (*pkey_bits)(const EVP_PKEY *pk));
+void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*priv_decode)(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf),
+ int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk),
+ int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *pctx));
+void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*param_decode)(EVP_PKEY *pkey,
+ const unsigned char **pder, int derlen),
+ int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder),
+ int (*param_missing)(const EVP_PKEY *pk),
+ int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from),
+ int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
+ int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *pctx));
+
+void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+ void (*pkey_free)(EVP_PKEY *pkey));
+void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+ void (*pkey_ctrl)(EVP_PKEY *pkey, int op,
+ long arg1, void *arg2));
+
+
+#define EVP_PKEY_OP_UNDEFINED 0
+#define EVP_PKEY_OP_PARAMGEN (1<<1)
+#define EVP_PKEY_OP_KEYGEN (1<<2)
+#define EVP_PKEY_OP_SIGN (1<<3)
+#define EVP_PKEY_OP_VERIFY (1<<4)
+#define EVP_PKEY_OP_VERIFYRECOVER (1<<5)
+#define EVP_PKEY_OP_SIGNCTX (1<<6)
+#define EVP_PKEY_OP_VERIFYCTX (1<<7)
+#define EVP_PKEY_OP_ENCRYPT (1<<8)
+#define EVP_PKEY_OP_DECRYPT (1<<9)
+#define EVP_PKEY_OP_DERIVE (1<<10)
+
+#define EVP_PKEY_OP_TYPE_SIG \
+ (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
+ | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
+
+#define EVP_PKEY_OP_TYPE_CRYPT \
+ (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT)
+
+#define EVP_PKEY_OP_TYPE_NOGEN \
+ (EVP_PKEY_OP_SIG | EVP_PKEY_OP_CRYPT | EVP_PKEY_OP_DERIVE)
+
+#define EVP_PKEY_OP_TYPE_GEN \
+ (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
+
+#define EVP_PKEY_CTX_set_signature_md(ctx, md) \
+ EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, \
+ EVP_PKEY_CTRL_MD, 0, (void *)md)
+
+#define EVP_PKEY_CTRL_MD 1
+
+#define EVP_PKEY_ALG_CTRL 0x1000
+
+const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type, ENGINE *e);
+EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey);
+void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+ int cmd, int p1, void *p2);
+int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+ const char *value);
+
+
+int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+ unsigned char *sig, int *siglen,
+ const unsigned char *tbs, int tbslen);
+int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+ const unsigned char *sig, int siglen,
+ const unsigned char *tbs, int tbslen);
+int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
+ unsigned char *rout, int *routlen,
+ const unsigned char *sig, int siglen);
+int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+ unsigned char *out, int *outlen,
+ const unsigned char *in, int inlen);
+int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+ unsigned char *out, int *outlen,
+ const unsigned char *in, int inlen);
+
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
/* Function codes. */
#define EVP_F_AES_INIT_KEY 133
#define EVP_F_D2I_PKEY 100
+#define EVP_F_DSAPKEY2PKCS8 134
+#define EVP_F_DSA_PKEY2PKCS8 135
#define EVP_F_ECDSA_PKEY2PKCS8 129
-#define EVP_F_EC_KEY_PKEY2PKCS8 132
-#define EVP_F_EVP_CIPHERINIT 123
+#define EVP_F_ECKEY_PKEY2PKCS8 132
+#define EVP_F_EVP_CIPHERINIT_EX 123
#define EVP_F_EVP_CIPHER_CTX_CTRL 124
#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
-#define EVP_F_EVP_DECRYPTFINAL 101
-#define EVP_F_EVP_DIGESTINIT 128
-#define EVP_F_EVP_ENCRYPTFINAL 127
-#define EVP_F_EVP_MD_CTX_COPY 110
+#define EVP_F_EVP_DECRYPTFINAL_EX 101
+#define EVP_F_EVP_DIGESTINIT_EX 128
+#define EVP_F_EVP_ENCRYPTFINAL_EX 127
+#define EVP_F_EVP_MD_CTX_COPY_EX 110
#define EVP_F_EVP_OPENINIT 102
#define EVP_F_EVP_PBE_ALG_ADD 115
#define EVP_F_EVP_PBE_CIPHERINIT 116
#define EVP_F_EVP_PKCS82PKEY 111
-#define EVP_F_EVP_PKCS8_SET_BROKEN 112
-#define EVP_F_EVP_PKEY2PKCS8 113
+#define EVP_F_EVP_PKCS82PKEY_BROKEN 136
+#define EVP_F_EVP_PKEY2PKCS8_BROKEN 113
#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
+#define EVP_F_EVP_PKEY_CTX_CTRL 137
#define EVP_F_EVP_PKEY_DECRYPT 104
+#define EVP_F_EVP_PKEY_DECRYPT_INIT 138
#define EVP_F_EVP_PKEY_ENCRYPT 105
+#define EVP_F_EVP_PKEY_ENCRYPT_INIT 139
#define EVP_F_EVP_PKEY_GET1_DH 119
#define EVP_F_EVP_PKEY_GET1_DSA 120
#define EVP_F_EVP_PKEY_GET1_ECDSA 130
#define EVP_F_EVP_PKEY_GET1_EC_KEY 131
#define EVP_F_EVP_PKEY_GET1_RSA 121
#define EVP_F_EVP_PKEY_NEW 106
+#define EVP_F_EVP_PKEY_SIGN 140
+#define EVP_F_EVP_PKEY_SIGN_INIT 141
+#define EVP_F_EVP_PKEY_VERIFY 142
+#define EVP_F_EVP_PKEY_VERIFY_INIT 143
+#define EVP_F_EVP_PKEY_VERIFY_RECOVER 144
+#define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 145
#define EVP_F_EVP_RIJNDAEL 126
#define EVP_F_EVP_SIGNFINAL 107
#define EVP_F_EVP_VERIFYFINAL 108
#define EVP_F_PKCS5_PBE_KEYIVGEN 117
#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
+#define EVP_F_PKCS8_SET_BROKEN 112
#define EVP_F_RC2_MAGIC_TO_METH 109
#define EVP_F_RC5_CTRL 125
#define EVP_R_BN_DECODE_ERROR 112
#define EVP_R_BN_PUBKEY_ERROR 113
#define EVP_R_CIPHER_PARAMETER_ERROR 122
+#define EVP_R_COMMAND_NOT_SUPPORTED 147
#define EVP_R_CTRL_NOT_IMPLEMENTED 132
#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
#define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138
#define EVP_R_EXPECTING_A_EC_KEY 142
#define EVP_R_INITIALIZATION_ERROR 134
#define EVP_R_INPUT_NOT_INITIALIZED 111
+#define EVP_R_INVALID_DIGEST 152
#define EVP_R_INVALID_KEY_LENGTH 130
+#define EVP_R_INVALID_OPERATION 148
#define EVP_R_IV_TOO_LARGE 102
#define EVP_R_KEYGEN_FAILURE 120
+#define EVP_R_METHOD_NOT_SUPPORTED 144
#define EVP_R_MISSING_PARAMETERS 103
#define EVP_R_NO_CIPHER_SET 131
#define EVP_R_NO_DIGEST_SET 139
#define EVP_R_NO_DSA_PARAMETERS 116
+#define EVP_R_NO_OPERATION_SET 149
#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
+#define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
+#define EVP_R_OPERATON_NOT_INITIALIZED 151
#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117
+#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
+#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
#define EVP_R_PUBLIC_KEY_NOT_RSA 106
#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
projects / openssl.git / blobdiff