X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=include%2Fopenssl%2Fevp.h;h=2e6f855031926f83dc2729c65afe5a938a701f08;hp=407162f3f01ebb9add584463b553c61b5b0e879f;hb=714a1bb380ddb2bf7538f6a61f47ac87200e3e06;hpb=41f7ecf30dc9c1bd6988accc0aa288571a25b7bd diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 407162f3f0..2e6f855031 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -12,7 +12,7 @@ # pragma once # include -# if !OPENSSL_API_3 +# ifndef OPENSSL_NO_DEPRECATED_3_0 # define HEADER_ENVELOPE_H # endif @@ -26,6 +26,8 @@ # include # include +# include + # define EVP_MAX_MD_SIZE 64/* longest known is SHA512 */ # define EVP_MAX_KEY_LENGTH 64 # define EVP_MAX_IV_LENGTH 16 @@ -72,12 +74,16 @@ # define EVP_PKEY_ED25519 NID_ED25519 # define EVP_PKEY_X448 NID_X448 # define EVP_PKEY_ED448 NID_ED448 +/* Special indicator that the object is uniquely provider side */ +# define EVP_PKEY_KEYMGMT -1 #ifdef __cplusplus extern "C" { #endif int EVP_set_default_properties(OPENSSL_CTX *libctx, const char *propq); +int EVP_default_properties_is_fips_enabled(OPENSSL_CTX *libctx); +int EVP_default_properties_enable_fips(OPENSSL_CTX *libctx, int enable); # define EVP_PKEY_MO_SIGN 0x0001 # define EVP_PKEY_MO_VERIFY 0x0002 @@ -151,6 +157,7 @@ int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd, # define EVP_MD_CTRL_DIGALGID 0x1 # define EVP_MD_CTRL_MICALG 0x2 # define EVP_MD_CTRL_XOF_LEN 0x3 +# define EVP_MD_CTRL_TLSTREE 0x4 /* Minimum Algorithm specific ctrl value */ @@ -275,8 +282,9 @@ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *, # define EVP_CIPH_CUSTOM_COPY 0x400 /* Don't use standard iv length function */ # define EVP_CIPH_CUSTOM_IV_LENGTH 0x800 -/* Allow use default ASN1 get/set iv */ -# define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000 +/* Legacy and no longer relevant: Allow use default ASN1 get/set iv */ +# define EVP_CIPH_FLAG_DEFAULT_ASN1 0 +/* Free: 0x1000 */ /* Buffer length in bits not bytes: CFB1 mode only */ # define EVP_CIPH_FLAG_LENGTH_BITS 0x2000 /* Note if suitable for use in FIPS mode */ @@ -291,6 +299,12 @@ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *, # define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0x400000 /* Cipher can handle pipeline operations */ # define EVP_CIPH_FLAG_PIPELINE 0X800000 +/* For provider implementations that handle ASN1 get/set param themselves */ +# define EVP_CIPH_FLAG_CUSTOM_ASN1 0x1000000 +/* For ciphers generating unprotected CMS attributes */ +# define EVP_CIPH_FLAG_CIPHER_WITH_MAC 0x2000000 +/* For supplementary wrap cipher support */ +# define EVP_CIPH_FLAG_GET_WRAP_CIPHER 0x4000000 /* * Cipher context flag to indicate we can handle wrap mode: if allowed in @@ -369,6 +383,12 @@ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *, # define EVP_CTRL_GET_IV 0x26 /* Tell the cipher it's doing a speed test (SIV disallows multiple ops) */ # define EVP_CTRL_SET_SPEED 0x27 +/* Get the unprotectedAttrs from cipher ctx */ +# define EVP_CTRL_PROCESS_UNPROTECTED 0x28 +/* Get the supplementary wrap cipher */ +#define EVP_CTRL_GET_WRAP_CIPHER 0x29 +/* TLSTREE key diversification */ +#define EVP_CTRL_TLSTREE 0x2A /* Padding modes */ #define EVP_PADDING_PKCS7 1 @@ -424,7 +444,7 @@ typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass, # ifndef OPENSSL_NO_RSA # define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ - (rsa)) + (rsa)) # endif # ifndef OPENSSL_NO_DSA @@ -459,6 +479,11 @@ typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass, int EVP_MD_type(const EVP_MD *md); # define EVP_MD_nid(e) EVP_MD_type(e) const char *EVP_MD_name(const EVP_MD *md); +int EVP_MD_number(const EVP_MD *md); +int EVP_MD_is_a(const EVP_MD *md, const char *name); +void EVP_MD_names_do_all(const EVP_MD *md, + void (*fn)(const char *name, void *data), + void *data); const OSSL_PROVIDER *EVP_MD_provider(const EVP_MD *md); int EVP_MD_pkey_type(const EVP_MD *md); int EVP_MD_size(const EVP_MD *md); @@ -481,7 +506,11 @@ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx); int EVP_CIPHER_nid(const EVP_CIPHER *cipher); const char *EVP_CIPHER_name(const EVP_CIPHER *cipher); +int EVP_CIPHER_number(const EVP_CIPHER *cipher); int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name); +void EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher, + void (*fn)(const char *name, void *data), + void *data); const OSSL_PROVIDER *EVP_CIPHER_provider(const EVP_CIPHER *cipher); int EVP_CIPHER_block_size(const EVP_CIPHER *cipher); int EVP_CIPHER_impl_ctx_size(const EVP_CIPHER *cipher); @@ -514,7 +543,7 @@ void *EVP_CIPHER_CTX_get_cipher_data(const EVP_CIPHER_CTX *ctx); void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data); # define EVP_CIPHER_CTX_name(c) EVP_CIPHER_name(EVP_CIPHER_CTX_cipher(c)) # define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c)) -# if !OPENSSL_API_1_1_0 +# ifndef OPENSSL_NO_DEPRECATED_1_1_0 # define EVP_CIPHER_CTX_flags(c) EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(c)) # endif # define EVP_CIPHER_CTX_mode(c) EVP_CIPHER_mode(EVP_CIPHER_CTX_cipher(c)) @@ -530,8 +559,6 @@ void *EVP_CIPHER_CTX_set_cipher_data(EVP_CIPHER_CTX *ctx, void *cipher_data); # define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) # define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e) # define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e) -# define EVP_DigestSignUpdate(a,b,c) EVP_DigestUpdate(a,b,c) -# define EVP_DigestVerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) # ifdef CONST_STRICT void BIO_set_md(BIO *, const EVP_MD *md); @@ -667,15 +694,23 @@ __owur int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, size_t siglen, const unsigned char *tbs, size_t tbslen); +int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, const char *props, EVP_PKEY *pkey, + OPENSSL_CTX *libctx); /*__owur*/ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); +int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize); __owur int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen); +int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, const char *props, + EVP_PKEY *pkey, OPENSSL_CTX *libctx); __owur int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); +int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize); __owur int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen); @@ -708,7 +743,7 @@ int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl); int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n); -# if !OPENSSL_API_1_1_0 +# ifndef OPENSSL_NO_DEPRECATED_1_1_0 # define EVP_CIPHER_CTX_init(c) EVP_CIPHER_CTX_reset(c) # define EVP_CIPHER_CTX_cleanup(c) EVP_CIPHER_CTX_reset(c) # endif @@ -987,7 +1022,7 @@ const EVP_CIPHER *EVP_sm4_ofb(void); const EVP_CIPHER *EVP_sm4_ctr(void); # endif -# if !OPENSSL_API_1_1_0 +# ifndef OPENSSL_NO_DEPRECATED_1_1_0 # define OPENSSL_add_all_algorithms_conf() \ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \ | OPENSSL_INIT_ADD_ALL_DIGESTS \ @@ -1022,9 +1057,9 @@ void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph, void EVP_CIPHER_do_all_sorted(void (*fn) (const EVP_CIPHER *ciph, const char *from, const char *to, void *x), void *arg); -void EVP_CIPHER_do_all_ex(OPENSSL_CTX *libctx, - void (*fn)(EVP_CIPHER *cipher, void *arg), - void *arg); +void EVP_CIPHER_do_all_provided(OPENSSL_CTX *libctx, + void (*fn)(EVP_CIPHER *cipher, void *arg), + void *arg); void EVP_MD_do_all(void (*fn) (const EVP_MD *ciph, const char *from, const char *to, void *x), @@ -1032,56 +1067,82 @@ void EVP_MD_do_all(void (*fn) (const EVP_MD *ciph, void EVP_MD_do_all_sorted(void (*fn) (const EVP_MD *ciph, const char *from, const char *to, void *x), void *arg); -void EVP_MD_do_all_ex(OPENSSL_CTX *libctx, - void (*fn)(EVP_MD *md, void *arg), - void *arg); - -/* MAC stuff */ - -EVP_MAC *EVP_MAC_fetch(OPENSSL_CTX *libctx, const char *algorithm, - const char *properties); -int EVP_MAC_up_ref(EVP_MAC *mac); -void EVP_MAC_free(EVP_MAC *mac); -const char *EVP_MAC_name(const EVP_MAC *mac); -int EVP_MAC_is_a(const EVP_MAC *mac, const char *name); -const OSSL_PROVIDER *EVP_MAC_provider(const EVP_MAC *mac); -int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]); - -EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac); -void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx); -EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src); -EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx); -int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]); -int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]); - -size_t EVP_MAC_size(EVP_MAC_CTX *ctx); -int EVP_MAC_init(EVP_MAC_CTX *ctx); -int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen); -int EVP_MAC_final(EVP_MAC_CTX *ctx, - unsigned char *out, size_t *outl, size_t outsize); -const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac); -const OSSL_PARAM *EVP_MAC_gettable_ctx_params(const EVP_MAC *mac); -const OSSL_PARAM *EVP_MAC_settable_ctx_params(const EVP_MAC *mac); - -void EVP_MAC_do_all_ex(OPENSSL_CTX *libctx, - void (*fn)(EVP_MAC *mac, void *arg), - void *arg); +void EVP_MD_do_all_provided(OPENSSL_CTX *libctx, + void (*fn)(EVP_MD *md, void *arg), + void *arg); + +/* RAND stuff */ +EVP_RAND *EVP_RAND_fetch(OPENSSL_CTX *libctx, const char *algorithm, + const char *properties); +int EVP_RAND_up_ref(EVP_RAND *rand); +void EVP_RAND_free(EVP_RAND *rand); +int EVP_RAND_number(const EVP_RAND *rand); +const char *EVP_RAND_name(const EVP_RAND *rand); +int EVP_RAND_is_a(const EVP_RAND *rand, const char *name); +const OSSL_PROVIDER *EVP_RAND_provider(const EVP_RAND *rand); +int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[]); + +EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, int secure, + EVP_RAND_CTX *parent); +void EVP_RAND_CTX_free(EVP_RAND_CTX *ctx); +EVP_RAND *EVP_RAND_CTX_rand(EVP_RAND_CTX *ctx); +int EVP_RAND_CTX_get_params(EVP_RAND_CTX *ctx, OSSL_PARAM params[]); +int EVP_RAND_CTX_set_params(EVP_RAND_CTX *ctx, const OSSL_PARAM params[]); +const OSSL_PARAM *EVP_RAND_gettable_params(const EVP_RAND *rand); +const OSSL_PARAM *EVP_RAND_gettable_ctx_params(const EVP_RAND *rand); +const OSSL_PARAM *EVP_RAND_settable_ctx_params(const EVP_RAND *rand); + +void EVP_RAND_do_all_provided(OPENSSL_CTX *libctx, + void (*fn)(EVP_RAND *rand, void *arg), + void *arg); +void EVP_RAND_names_do_all(const EVP_RAND *rand, + void (*fn)(const char *name, void *data), + void *data); + +int EVP_RAND_CTX_instantiate(EVP_RAND_CTX *ctx, unsigned int strength, + int prediction_resistance, + const unsigned char *pstr, size_t pstr_len); +int EVP_RAND_CTX_uninstantiate(EVP_RAND_CTX *ctx); +int EVP_RAND_CTX_generate(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen, + unsigned int strength, int prediction_resistance, + const unsigned char *addin, size_t addin_len); +int EVP_RAND_CTX_reseed(EVP_RAND_CTX *ctx, int prediction_resistance, + const unsigned char *ent, size_t ent_len, + const unsigned char *addin, size_t addin_len); +int EVP_RAND_CTX_nonce(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen); +int EVP_RAND_CTX_set_callbacks(const EVP_RAND_CTX *rand, + OSSL_CALLBACK *get_entropy, + OSSL_CALLBACK *cleanup_entropy, + OSSL_CALLBACK *get_nonce, + OSSL_CALLBACK *cleanup_nonce); +int EVP_RAND_CTX_enable_locking(EVP_RAND_CTX *ctx); +int EVP_RAND_CTX_verify_zeroization(EVP_RAND_CTX *ctx); +unsigned int EVP_RAND_CTX_strength(EVP_RAND_CTX *ctx); +int EVP_RAND_CTX_state(EVP_RAND_CTX *ctx); + +#define EVP_RAND_STATE_UNINITIALISED 0 +#define EVP_RAND_STATE_READY 1 +#define EVP_RAND_STATE_ERROR 2 /* PKEY stuff */ -int EVP_PKEY_decrypt_old(unsigned char *dec_key, - const unsigned char *enc_key, int enc_key_len, - EVP_PKEY *private_key); -int EVP_PKEY_encrypt_old(unsigned char *enc_key, - const unsigned char *key, int key_len, - EVP_PKEY *pub_key); +DEPRECATEDIN_3_0(int EVP_PKEY_decrypt_old(unsigned char *dec_key, + const unsigned char *enc_key, + int enc_key_len, + EVP_PKEY *private_key)) +DEPRECATEDIN_3_0(int EVP_PKEY_encrypt_old(unsigned char *enc_key, + const unsigned char *key, + int key_len, EVP_PKEY *pub_key)) +int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name); int EVP_PKEY_type(int type); int EVP_PKEY_id(const EVP_PKEY *pkey); int EVP_PKEY_base_id(const EVP_PKEY *pkey); int EVP_PKEY_bits(const EVP_PKEY *pkey); int EVP_PKEY_security_bits(const EVP_PKEY *pkey); int EVP_PKEY_size(const EVP_PKEY *pkey); +int EVP_PKEY_can_sign(const EVP_PKEY *pkey); int EVP_PKEY_set_type(EVP_PKEY *pkey, int type); int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len); +int EVP_PKEY_set_type_by_keymgmt(EVP_PKEY *pkey, EVP_KEYMGMT *keymgmt); int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type); # ifndef OPENSSL_NO_ENGINE int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *e); @@ -1130,8 +1191,14 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, long length); int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp); + +EVP_PKEY *d2i_PrivateKey_ex(int type, EVP_PKEY **a, const unsigned char **pp, + long length, OPENSSL_CTX *libctx, const char *propq); EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, long length); +EVP_PKEY *d2i_AutoPrivateKey_ex(EVP_PKEY **a, const unsigned char **pp, + long length, OPENSSL_CTX *libctx, + const char *propq); EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, long length); int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp); @@ -1145,9 +1212,15 @@ EVP_PKEY *d2i_KeyParams_bio(int type, EVP_PKEY **a, BIO *in); int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from); int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey); int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode); +#ifndef OPENSSL_NO_DEPRECATED_3_0 int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b); +#endif +int EVP_PKEY_parameters_eq(const EVP_PKEY *a, const EVP_PKEY *b); +#ifndef OPENSSL_NO_DEPRECATED_3_0 int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b); +#endif +int EVP_PKEY_eq(const EVP_PKEY *a, const EVP_PKEY *b); int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx); @@ -1157,6 +1230,8 @@ int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx); int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid); +int EVP_PKEY_get_default_digest_name(EVP_PKEY *pkey, + char *mdname, size_t mdname_sz); int EVP_PKEY_supports_digest_nid(EVP_PKEY *pkey, int nid); int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey, @@ -1235,6 +1310,7 @@ int EVP_PBE_get(int *ptype, int *ppbe_nid, size_t num); # define ASN1_PKEY_CTRL_SET1_TLS_ENCPT 0x9 # define ASN1_PKEY_CTRL_GET1_TLS_ENCPT 0xa # define ASN1_PKEY_CTRL_SUPPORTS_MD_NID 0xb +# define ASN1_PKEY_CTRL_CMS_IS_RI_TYPE_SUPPORTED 0xc int EVP_PKEY_asn1_get_count(void); const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx); @@ -1257,7 +1333,7 @@ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth); void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth, int (*pub_decode) (EVP_PKEY *pk, - X509_PUBKEY *pub), + const X509_PUBKEY *pub), int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk), int (*pub_cmp) (const EVP_PKEY *a, @@ -1354,14 +1430,16 @@ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); # define EVP_PKEY_OP_UNDEFINED 0 # define EVP_PKEY_OP_PARAMGEN (1<<1) # define EVP_PKEY_OP_KEYGEN (1<<2) -# define EVP_PKEY_OP_SIGN (1<<3) -# define EVP_PKEY_OP_VERIFY (1<<4) -# define EVP_PKEY_OP_VERIFYRECOVER (1<<5) -# define EVP_PKEY_OP_SIGNCTX (1<<6) -# define EVP_PKEY_OP_VERIFYCTX (1<<7) -# define EVP_PKEY_OP_ENCRYPT (1<<8) -# define EVP_PKEY_OP_DECRYPT (1<<9) -# define EVP_PKEY_OP_DERIVE (1<<10) +# define EVP_PKEY_OP_PARAMFROMDATA (1<<3) +# define EVP_PKEY_OP_KEYFROMDATA (1<<4) +# define EVP_PKEY_OP_SIGN (1<<5) +# define EVP_PKEY_OP_VERIFY (1<<6) +# define EVP_PKEY_OP_VERIFYRECOVER (1<<7) +# define EVP_PKEY_OP_SIGNCTX (1<<8) +# define EVP_PKEY_OP_VERIFYCTX (1<<9) +# define EVP_PKEY_OP_ENCRYPT (1<<10) +# define EVP_PKEY_OP_DECRYPT (1<<11) +# define EVP_PKEY_OP_DERIVE (1<<12) # define EVP_PKEY_OP_TYPE_SIG \ (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \ @@ -1374,7 +1452,10 @@ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); (EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT | EVP_PKEY_OP_DERIVE) # define EVP_PKEY_OP_TYPE_GEN \ - (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN) + (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN) + +# define EVP_PKEY_OP_TYPE_FROMDATA \ + (EVP_PKEY_OP_PARAMFROMDATA | EVP_PKEY_OP_KEYFROMDATA) # define EVP_PKEY_CTX_set_mac_key(ctx, key, len) \ EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_KEYGEN, \ @@ -1429,9 +1510,22 @@ EVP_KEYMGMT *EVP_KEYMGMT_fetch(OPENSSL_CTX *ctx, const char *algorithm, int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt); void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt); const OSSL_PROVIDER *EVP_KEYMGMT_provider(const EVP_KEYMGMT *keymgmt); +int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt); +int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name); +void EVP_KEYMGMT_do_all_provided(OPENSSL_CTX *libctx, + void (*fn)(EVP_KEYMGMT *keymgmt, void *arg), + void *arg); +void EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt, + void (*fn)(const char *name, void *data), + void *data); EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e); EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e); +EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_name(OPENSSL_CTX *libctx, + const char *name, + const char *propquery); +EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OPENSSL_CTX *libctx, + EVP_PKEY *pkey, const char *propquery); EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx); void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx); @@ -1456,9 +1550,19 @@ void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen); EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, int keylen); +EVP_PKEY *EVP_PKEY_new_raw_private_key_with_libctx(OPENSSL_CTX *libctx, + const char *keytype, + const char *propq, + const unsigned char *priv, + size_t len); EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e, const unsigned char *priv, size_t len); +EVP_PKEY *EVP_PKEY_new_raw_public_key_with_libctx(OPENSSL_CTX *libctx, + const char *keytype, + const char *propq, + const unsigned char *pub, + size_t len); EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e, const unsigned char *pub, size_t len); @@ -1484,18 +1588,39 @@ int EVP_SIGNATURE_up_ref(EVP_SIGNATURE *signature); OSSL_PROVIDER *EVP_SIGNATURE_provider(const EVP_SIGNATURE *signature); EVP_SIGNATURE *EVP_SIGNATURE_fetch(OPENSSL_CTX *ctx, const char *algorithm, const char *properties); +int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name); +int EVP_SIGNATURE_number(const EVP_SIGNATURE *signature); +void EVP_SIGNATURE_do_all_provided(OPENSSL_CTX *libctx, + void (*fn)(EVP_SIGNATURE *signature, + void *data), + void *data); +void EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature, + void (*fn)(const char *name, void *data), + void *data); + +void EVP_ASYM_CIPHER_free(EVP_ASYM_CIPHER *cipher); +int EVP_ASYM_CIPHER_up_ref(EVP_ASYM_CIPHER *cipher); +OSSL_PROVIDER *EVP_ASYM_CIPHER_provider(const EVP_ASYM_CIPHER *cipher); +EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OPENSSL_CTX *ctx, const char *algorithm, + const char *properties); +int EVP_ASYM_CIPHER_is_a(const EVP_ASYM_CIPHER *cipher, const char *name); +int EVP_ASYM_CIPHER_number(const EVP_ASYM_CIPHER *cipher); +void EVP_ASYM_CIPHER_do_all_provided(OPENSSL_CTX *libctx, + void (*fn)(EVP_ASYM_CIPHER *cipher, + void *arg), + void *arg); +void EVP_ASYM_CIPHER_names_do_all(const EVP_ASYM_CIPHER *cipher, + void (*fn)(const char *name, void *data), + void *data); -int EVP_PKEY_sign_init_ex(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature); int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx); int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen); -int EVP_PKEY_verify_init_ex(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature); int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx); int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen); -int EVP_PKEY_verify_recover_init_ex(EVP_PKEY_CTX *ctx, EVP_SIGNATURE *signature); int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx); int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, unsigned char *rout, size_t *routlen, @@ -1509,20 +1634,42 @@ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen); -int EVP_PKEY_derive_init_ex(EVP_PKEY_CTX *ctx, EVP_KEYEXCH *exchange); int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx); int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer); int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx); +int EVP_PKEY_param_fromdata_init(EVP_PKEY_CTX *ctx); +int EVP_PKEY_key_fromdata_init(EVP_PKEY_CTX *ctx); +int EVP_PKEY_fromdata(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey, OSSL_PARAM param[]); +const OSSL_PARAM *EVP_PKEY_param_fromdata_settable(EVP_PKEY_CTX *ctx); +const OSSL_PARAM *EVP_PKEY_key_fromdata_settable(EVP_PKEY_CTX *ctx); +const OSSL_PARAM *EVP_PKEY_gettable_params(EVP_PKEY *pkey); +int EVP_PKEY_get_int_param(EVP_PKEY *pkey, const char *key_name, int *out); +int EVP_PKEY_get_size_t_param(EVP_PKEY *pkey, const char *key_name, size_t *out); +int EVP_PKEY_get_bn_param(EVP_PKEY *pkey, const char *key_name, BIGNUM **bn); +int EVP_PKEY_get_utf8_string_param(EVP_PKEY *pkey, const char *key_name, + char *str, size_t max_buf_sz, size_t *out_sz); +int EVP_PKEY_get_octet_string_param(EVP_PKEY *pkey, const char *key_name, + unsigned char *buf, size_t max_buf_sz, + size_t *out_sz); + int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx); int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey); int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx); int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey); +int EVP_PKEY_gen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey); int EVP_PKEY_check(EVP_PKEY_CTX *ctx); int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx); int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx); +int EVP_PKEY_private_check(EVP_PKEY_CTX *ctx); +int EVP_PKEY_pairwise_check(EVP_PKEY_CTX *ctx); + +# define EVP_PKEY_get_ex_new_index(l, p, newf, dupf, freef) \ + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_EVP_PKEY, l, p, newf, dupf, freef) +int EVP_PKEY_set_ex_data(EVP_PKEY *key, int idx, void *arg); +void *EVP_PKEY_get_ex_data(const EVP_PKEY *key, int idx); void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb); EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx); @@ -1621,6 +1768,20 @@ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, const char *type, const char *value)); +void EVP_PKEY_meth_set_digestsign(EVP_PKEY_METHOD *pmeth, + int (*digestsign) (EVP_MD_CTX *ctx, + unsigned char *sig, + size_t *siglen, + const unsigned char *tbs, + size_t tbslen)); + +void EVP_PKEY_meth_set_digestverify(EVP_PKEY_METHOD *pmeth, + int (*digestverify) (EVP_MD_CTX *ctx, + const unsigned char *sig, + size_t siglen, + const unsigned char *tbs, + size_t tbslen)); + void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth, int (*check) (EVP_PKEY *pkey)); @@ -1726,6 +1887,20 @@ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth, const char *type, const char *value)); +void EVP_PKEY_meth_get_digestsign(EVP_PKEY_METHOD *pmeth, + int (**digestsign) (EVP_MD_CTX *ctx, + unsigned char *sig, + size_t *siglen, + const unsigned char *tbs, + size_t tbslen)); + +void EVP_PKEY_meth_get_digestverify(EVP_PKEY_METHOD *pmeth, + int (**digestverify) (EVP_MD_CTX *ctx, + const unsigned char *sig, + size_t siglen, + const unsigned char *tbs, + size_t tbslen)); + void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth, int (**pcheck) (EVP_PKEY *pkey)); @@ -1744,6 +1919,14 @@ int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange); EVP_KEYEXCH *EVP_KEYEXCH_fetch(OPENSSL_CTX *ctx, const char *algorithm, const char *properties); OSSL_PROVIDER *EVP_KEYEXCH_provider(const EVP_KEYEXCH *exchange); +int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name); +int EVP_KEYEXCH_number(const EVP_KEYEXCH *keyexch); +void EVP_KEYEXCH_do_all_provided(OPENSSL_CTX *libctx, + void (*fn)(EVP_KEYEXCH *keyexch, void *data), + void *data); +void EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *keyexch, + void (*fn)(const char *name, void *data), + void *data); void EVP_add_alg_module(void); @@ -1756,6 +1939,9 @@ int EVP_str2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen), int EVP_hex2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen), void *ctx, int cmd, const char *hex); +int EVP_PKEY_CTX_set_group_name(EVP_PKEY_CTX *ctx, const char *name); +int EVP_PKEY_CTX_get_group_name(EVP_PKEY_CTX *ctx, char *name, size_t namelen); + # ifdef __cplusplus } # endif