X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=include%2Fopenssl%2Fcrypto.h;h=da62eef1b142ad3c1cf79469a4abd90eb6cb9ea4;hp=cbd05a8accc3486f6083c15d49f95f95b68f2636;hb=7e8c3381937354cf171ceaf4c69315e9a45d4858;hpb=f1f5ee17b64397eecfde39960ca11e94064297bd diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h index cbd05a8acc..da62eef1b1 100644 --- a/include/openssl/crypto.h +++ b/include/openssl/crypto.h @@ -1,18 +1,13 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * - * Licensed under the OpenSSL license (the "License"). You may not use + * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - #ifndef HEADER_CRYPTO_H # define HEADER_CRYPTO_H @@ -25,11 +20,11 @@ # include # endif -# include # include # include # include # include +# include # ifdef CHARSET_EBCDIC # include @@ -41,7 +36,7 @@ */ # include -# if OPENSSL_API_COMPAT < 0x10100000L +# if !OPENSSL_API_1_1_0 # include # endif @@ -49,7 +44,7 @@ extern "C" { #endif -# if OPENSSL_API_COMPAT < 0x10100000L +# if !OPENSSL_API_1_1_0 # define SSLeay OpenSSL_version_num # define SSLeay_version OpenSSL_version # define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER @@ -67,7 +62,7 @@ typedef struct { int dummy; } CRYPTO_dynlock; -# endif /* OPENSSL_API_COMPAT */ +# endif /* OPENSSL_API_1_1_0 */ typedef void CRYPTO_RWLOCK; @@ -89,6 +84,7 @@ int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock); # define CRYPTO_MEM_CHECK_DISABLE 0x3 /* Control only */ struct crypto_ex_data_st { + OPENSSL_CTX *ctx; STACK_OF(void) *sk; }; DEFINE_STACK_OF(void) @@ -110,15 +106,13 @@ DEFINE_STACK_OF(void) # define CRYPTO_EX_INDEX_UI 11 # define CRYPTO_EX_INDEX_BIO 12 # define CRYPTO_EX_INDEX_APP 13 -# define CRYPTO_EX_INDEX__COUNT 14 +# define CRYPTO_EX_INDEX_UI_METHOD 14 +# define CRYPTO_EX_INDEX_DRBG 15 +# define CRYPTO_EX_INDEX_OPENSSL_CTX 16 +# define CRYPTO_EX_INDEX__COUNT 17 -/* - * This is the default callbacks, but we can have others as well: this is - * needed in Win32 where the application malloc and the library malloc may - * not be the same. - */ -#define OPENSSL_malloc_init() \ - CRYPTO_set_mem_functions(CRYPTO_malloc, CRYPTO_realloc, CRYPTO_free) +/* No longer needed, so this is a no-op */ +#define OPENSSL_malloc_init() while(0) continue int CRYPTO_mem_ctrl(int mode); @@ -146,26 +140,50 @@ int CRYPTO_mem_ctrl(int mode); CRYPTO_secure_zalloc(num, OPENSSL_FILE, OPENSSL_LINE) # define OPENSSL_secure_free(addr) \ CRYPTO_secure_free(addr, OPENSSL_FILE, OPENSSL_LINE) +# define OPENSSL_secure_clear_free(addr, num) \ + CRYPTO_secure_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE) # define OPENSSL_secure_actual_size(ptr) \ CRYPTO_secure_actual_size(ptr) size_t OPENSSL_strlcpy(char *dst, const char *src, size_t siz); size_t OPENSSL_strlcat(char *dst, const char *src, size_t siz); size_t OPENSSL_strnlen(const char *str, size_t maxlen); -char *OPENSSL_buf2hexstr(const unsigned char *buffer, long len); -unsigned char *OPENSSL_hexstr2buf(const char *str, long *len); +int OPENSSL_buf2hexstr_ex(char *str, size_t str_n, size_t *strlen, + const unsigned char *buf, size_t buflen); +char *OPENSSL_buf2hexstr(const unsigned char *buf, long buflen); +int OPENSSL_hexstr2buf_ex(unsigned char *buf, size_t buf_n, size_t *buflen, + const char *str); +unsigned char *OPENSSL_hexstr2buf(const char *str, long *buflen); int OPENSSL_hexchar2int(unsigned char c); # define OPENSSL_MALLOC_MAX_NELEMS(type) (((1U<<(sizeof(int)*8-1))-1)/sizeof(type)) unsigned long OpenSSL_version_num(void); const char *OpenSSL_version(int type); -# define OPENSSL_VERSION 0 -# define OPENSSL_CFLAGS 1 -# define OPENSSL_BUILT_ON 2 -# define OPENSSL_PLATFORM 3 -# define OPENSSL_DIR 4 -# define OPENSSL_ENGINES_DIR 5 +# define OPENSSL_VERSION 0 +# define OPENSSL_CFLAGS 1 +# define OPENSSL_BUILT_ON 2 +# define OPENSSL_PLATFORM 3 +# define OPENSSL_DIR 4 +# define OPENSSL_ENGINES_DIR 5 +# define OPENSSL_VERSION_STRING 6 +# define OPENSSL_FULL_VERSION_STRING 7 +# define OPENSSL_MODULES_DIR 8 +# define OPENSSL_CPU_INFO 9 + +const char *OPENSSL_info(int type); +/* + * The series starts at 1001 to avoid confusion with the OpenSSL_version + * types. + */ +# define OPENSSL_INFO_CONFIG_DIR 1001 +# define OPENSSL_INFO_ENGINES_DIR 1002 +# define OPENSSL_INFO_MODULES_DIR 1003 +# define OPENSSL_INFO_DSO_EXTENSION 1004 +# define OPENSSL_INFO_DIR_FILENAME_SEPARATOR 1005 +# define OPENSSL_INFO_LIST_SEPARATOR 1006 +# define OPENSSL_INFO_SEED_SOURCE 1007 +# define OPENSSL_INFO_CPU_SETTINGS 1008 int OPENSSL_issetugid(void); @@ -173,8 +191,8 @@ typedef void CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp); typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp); -typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, - void *srcp, int idx, long argl, void *argp); +typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from, + void *from_d, int idx, long argl, void *argp); __owur int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); @@ -187,10 +205,14 @@ int CRYPTO_free_ex_index(int class_index, int idx); */ int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad); int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, - CRYPTO_EX_DATA *from); + const CRYPTO_EX_DATA *from); void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad); +/* Allocate a single item in the CRYPTO_EX_DATA variable */ +int CRYPTO_alloc_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad, + int idx); + /* * Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular * index (relative to the class type involved) @@ -198,7 +220,7 @@ void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad); int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val); void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx); -# if OPENSSL_API_COMPAT < 0x10100000L +# if !OPENSSL_API_1_1_0 /* * This function cleans up all "ex_data" state. It mustn't be called under * potential race-conditions. @@ -209,7 +231,7 @@ void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx); * The old locking functions have been removed completely without compatibility * macros. This is because the old functions either could not properly report * errors, or the returned error values were not clearly documented. - * Replacing the locking functions with with no-ops would cause race condition + * Replacing the locking functions with no-ops would cause race condition * issues in the affected applications. It is far better for them to fail at * compile time. * On the other hand, the locking callbacks are no longer used. Consequently, @@ -245,11 +267,11 @@ typedef struct crypto_threadid_st { # define CRYPTO_THREADID_cpy(dest, src) # define CRYPTO_THREADID_hash(id) (0UL) -# if OPENSSL_API_COMPAT < 0x10000000L +# if !OPENSSL_API_1_0_0 # define CRYPTO_set_id_callback(func) # define CRYPTO_get_id_callback() (NULL) # define CRYPTO_thread_id() (0UL) -# endif /* OPENSSL_API_COMPAT < 0x10000000L */ +# endif /* OPENSSL_API_1_0_0 */ # define CRYPTO_set_dynlock_create_callback(dyn_create_function) # define CRYPTO_set_dynlock_lock_callback(dyn_lock_function) @@ -257,7 +279,7 @@ typedef struct crypto_threadid_st { # define CRYPTO_get_dynlock_create_callback() (NULL) # define CRYPTO_get_dynlock_lock_callback() (NULL) # define CRYPTO_get_dynlock_destroy_callback() (NULL) -# endif /* OPENSSL_API_COMPAT < 0x10100000L */ +# endif /* OPENSSL_API_1_1_0 */ int CRYPTO_set_mem_functions( void *(*m) (size_t, const char *, int), @@ -285,6 +307,8 @@ int CRYPTO_secure_malloc_done(void); void *CRYPTO_secure_malloc(size_t num, const char *file, int line); void *CRYPTO_secure_zalloc(size_t num, const char *file, int line); void CRYPTO_secure_free(void *ptr, const char *file, int line); +void CRYPTO_secure_clear_free(void *ptr, size_t num, + const char *file, int line); int CRYPTO_secure_allocated(const void *ptr); int CRYPTO_secure_malloc_initialized(void); size_t CRYPTO_secure_actual_size(void *ptr); @@ -293,12 +317,17 @@ size_t CRYPTO_secure_used(void); void OPENSSL_cleanse(void *ptr, size_t len); # ifndef OPENSSL_NO_CRYPTO_MDEBUG -# define OPENSSL_mem_debug_push(info) \ - CRYPTO_mem_debug_push(info, OPENSSL_FILE, OPENSSL_LINE) -# define OPENSSL_mem_debug_pop() \ - CRYPTO_mem_debug_pop() -int CRYPTO_mem_debug_push(const char *info, const char *file, int line); -int CRYPTO_mem_debug_pop(void); +# if !OPENSSL_API_3 +# define OPENSSL_mem_debug_push(info) \ + CRYPTO_mem_debug_push(info, OPENSSL_FILE, OPENSSL_LINE) +# define OPENSSL_mem_debug_pop() \ + CRYPTO_mem_debug_pop() +# endif +DEPRECATEDIN_3(int CRYPTO_mem_debug_push(const char *info, + const char *file, int line)) +DEPRECATEDIN_3(int CRYPTO_mem_debug_pop(void)) + +void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount); /*- * Debugging functions (enabled by CRYPTO_set_mem_debug(1)) @@ -313,6 +342,8 @@ void CRYPTO_mem_debug_realloc(void *addr1, void *addr2, size_t num, int flag, void CRYPTO_mem_debug_free(void *addr, int flag, const char *file, int line); +int CRYPTO_mem_leaks_cb(int (*cb) (const char *str, size_t len, void *u), + void *u); # ifndef OPENSSL_NO_STDIO int CRYPTO_mem_leaks_fp(FILE *); # endif @@ -321,7 +352,7 @@ int CRYPTO_mem_leaks(BIO *bio); /* die if we have to */ ossl_noreturn void OPENSSL_die(const char *assertion, const char *file, int line); -# if OPENSSL_API_COMPAT < 0x10100000L +# if !OPENSSL_API_1_1_0 # define OpenSSLDie(f,l,a) OPENSSL_die((a),(f),(l)) # endif # define OPENSSL_assert(e) \ @@ -333,6 +364,11 @@ int FIPS_mode(void); int FIPS_mode_set(int r); void OPENSSL_init(void); +# ifdef OPENSSL_SYS_UNIX +void OPENSSL_fork_prepare(void); +void OPENSSL_fork_parent(void); +void OPENSSL_fork_child(void); +# endif struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result); int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec); @@ -346,9 +382,7 @@ int OPENSSL_gmtime_diff(int *pday, int *psec, * into a defined order as the return value when a != b is undefined, other * than to be non-zero. */ -int CRYPTO_memcmp(const volatile void * volatile in_a, - const volatile void * volatile in_b, - size_t len); +int CRYPTO_memcmp(const void * in_a, const void * in_b, size_t len); /* Standard initialisation options */ # define OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS 0x00000001L @@ -366,10 +400,18 @@ int CRYPTO_memcmp(const volatile void * volatile in_a, # define OPENSSL_INIT_ENGINE_CRYPTODEV 0x00001000L # define OPENSSL_INIT_ENGINE_CAPI 0x00002000L # define OPENSSL_INIT_ENGINE_PADLOCK 0x00004000L -# define OPENSSL_INIT_ENGINE_DASYNC 0x00008000L -/* OPENSSL_INIT flag 0x00010000 reserved for internal use */ -# define OPENSSL_INIT_ENGINE_AFALG 0x00020000L -/* OPENSSL_INIT flag range 0xfff00000 reserved for OPENSSL_init_ssl() */ +# define OPENSSL_INIT_ENGINE_AFALG 0x00008000L +/* OPENSSL_INIT_ZLIB 0x00010000L */ +# define OPENSSL_INIT_ATFORK 0x00020000L +/* OPENSSL_INIT_BASE_ONLY 0x00040000L */ +# define OPENSSL_INIT_NO_ATEXIT 0x00080000L +/* OPENSSL_INIT flag range 0x03f00000 reserved for OPENSSL_init_ssl() */ +/* FREE: 0x04000000L */ +/* FREE: 0x08000000L */ +# define OPENSSL_INIT_NO_ADD_ALL_KDFS 0x10000000L +# define OPENSSL_INIT_ADD_ALL_KDFS 0x20000000L +/* FREE: 0x40000000L */ +/* FREE: 0x80000000L */ /* Max OPENSSL_INIT flag value is 0x80000000 */ /* openssl and dasync not counted as builtin */ @@ -384,12 +426,17 @@ void OPENSSL_cleanup(void); int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings); int OPENSSL_atexit(void (*handler)(void)); void OPENSSL_thread_stop(void); +void OPENSSL_thread_stop_ex(OPENSSL_CTX *ctx); /* Low-level control of initialization */ OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void); # ifndef OPENSSL_NO_STDIO +int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *settings, + const char *config_filename); +void OPENSSL_INIT_set_config_file_flags(OPENSSL_INIT_SETTINGS *settings, + unsigned long flags); int OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS *settings, - const char *config_file); + const char *config_appname); # endif void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *settings); @@ -430,33 +477,8 @@ int CRYPTO_THREAD_cleanup_local(CRYPTO_THREAD_LOCAL *key); CRYPTO_THREAD_ID CRYPTO_THREAD_get_current_id(void); int CRYPTO_THREAD_compare_id(CRYPTO_THREAD_ID a, CRYPTO_THREAD_ID b); -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -void ERR_load_CRYPTO_strings(void); - -/* Error codes for the CRYPTO functions. */ - -/* Function codes. */ -# define CRYPTO_F_CRYPTO_DUP_EX_DATA 110 -# define CRYPTO_F_CRYPTO_FREE_EX_DATA 111 -# define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100 -# define CRYPTO_F_CRYPTO_MEMDUP 115 -# define CRYPTO_F_CRYPTO_NEW_EX_DATA 112 -# define CRYPTO_F_CRYPTO_SET_EX_DATA 102 -# define CRYPTO_F_FIPS_MODE_SET 109 -# define CRYPTO_F_GET_AND_LOCK 113 -# define CRYPTO_F_OPENSSL_BUF2HEXSTR 117 -# define CRYPTO_F_OPENSSL_HEXSTR2BUF 118 -# define CRYPTO_F_OPENSSL_INIT_CRYPTO 116 - -/* Reason codes. */ -# define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101 -# define CRYPTO_R_ILLEGAL_HEX_DIGIT 102 -# define CRYPTO_R_ODD_NUMBER_OF_DIGITS 103 +OPENSSL_CTX *OPENSSL_CTX_new(void); +void OPENSSL_CTX_free(OPENSSL_CTX *); # ifdef __cplusplus }