X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=include%2Fopenssl%2Fevp.h;h=40708f21ea71555683ee5c7cda84314e5b4abed9;hp=02a6f98244f07a71d82cfad670b7d1a49689ee75;hb=a0be4fd17b1c7f5ab8f8e11c71d71a5dd20158f4;hpb=3aabc1dd1c969e60bdea8f827d6645ff04c56b67 diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 02a6f98244..40708f21ea 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -148,52 +148,45 @@ struct evp_pkey_st { # define EVP_PKEY_MO_DECRYPT 0x0008 # ifndef EVP_MD -struct evp_md_st { - int type; - int pkey_type; - int md_size; - unsigned long flags; - int (*init) (EVP_MD_CTX *ctx); - int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count); - int (*final) (EVP_MD_CTX *ctx, unsigned char *md); - int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from); - int (*cleanup) (EVP_MD_CTX *ctx); - /* FIXME: prototype these some day */ - int (*sign) (int type, const unsigned char *m, unsigned int m_length, - unsigned char *sigret, unsigned int *siglen, void *key); - int (*verify) (int type, const unsigned char *m, unsigned int m_length, - const unsigned char *sigbuf, unsigned int siglen, - void *key); - int required_pkey_type[5]; /* EVP_PKEY_xxx */ - int block_size; - int ctx_size; /* how big does the ctx->md_data need to be */ - /* control function */ - int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2); -} /* EVP_MD */ ; - -typedef int evp_sign_method(int type, const unsigned char *m, - unsigned int m_length, unsigned char *sigret, - unsigned int *siglen, void *key); -typedef int evp_verify_method(int type, const unsigned char *m, - unsigned int m_length, - const unsigned char *sigbuf, - unsigned int siglen, void *key); +EVP_MD *EVP_MD_meth_new(int md_type, int pkey_type); +EVP_MD *EVP_MD_meth_dup(const EVP_MD *md); +void EVP_MD_meth_free(EVP_MD *md); + +int EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize); +int EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize); +int EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize); +int EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags); +int EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx)); +int EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx, + const void *data, + size_t count)); +int EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx, + unsigned char *md)); +int EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to, + const EVP_MD_CTX *from)); +int EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx)); +int EVP_MD_meth_set_ctrl(EVP_MD *md, int (*ctrl)(EVP_MD_CTX *ctx, int cmd, + int p1, void *p2)); + +int EVP_MD_meth_get_input_blocksize(const EVP_MD *md); +int EVP_MD_meth_get_result_size(const EVP_MD *md); +int EVP_MD_meth_get_app_datasize(const EVP_MD *md); +unsigned long EVP_MD_meth_get_flags(const EVP_MD *md); +int (*EVP_MD_meth_get_init(const EVP_MD *md))(EVP_MD_CTX *ctx); +int (*EVP_MD_meth_get_update(const EVP_MD *md))(EVP_MD_CTX *ctx, + const void *data, + size_t count); +int (*EVP_MD_meth_get_final(const EVP_MD *md))(EVP_MD_CTX *ctx, + unsigned char *md); +int (*EVP_MD_meth_get_copy(const EVP_MD *md))(EVP_MD_CTX *to, + const EVP_MD_CTX *from); +int (*EVP_MD_meth_get_cleanup(const EVP_MD *md))(EVP_MD_CTX *ctx); +int (*EVP_MD_meth_get_ctrl(const EVP_MD *md))(EVP_MD_CTX *ctx, int cmd, + int p1, void *p2); /* digest can only handle a single block */ # define EVP_MD_FLAG_ONESHOT 0x0001 -/* - * digest is a "clone" digest used - * which is a copy of an existing - * one for a specific public key type. - * EVP_dss1() etc - */ -# define EVP_MD_FLAG_PKEY_DIGEST 0x0002 - -/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */ - -# define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE 0x0004 - /* DigestAlgorithmIdentifier flags... */ # define EVP_MD_FLAG_DIGALGID_MASK 0x0018 @@ -222,52 +215,8 @@ typedef int evp_verify_method(int type, const unsigned char *m, # define EVP_MD_CTRL_ALG_CTRL 0x1000 -# define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0} - -# ifndef OPENSSL_NO_DSA -# define EVP_PKEY_DSA_method (evp_sign_method *)DSA_sign, \ - (evp_verify_method *)DSA_verify, \ - {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \ - EVP_PKEY_DSA4,0} -# else -# define EVP_PKEY_DSA_method EVP_PKEY_NULL_method -# endif - -# ifndef OPENSSL_NO_EC -# define EVP_PKEY_ECDSA_method (evp_sign_method *)ECDSA_sign, \ - (evp_verify_method *)ECDSA_verify, \ - {EVP_PKEY_EC,0,0,0} -# else -# define EVP_PKEY_ECDSA_method EVP_PKEY_NULL_method -# endif - -# ifndef OPENSSL_NO_RSA -# define EVP_PKEY_RSA_method (evp_sign_method *)RSA_sign, \ - (evp_verify_method *)RSA_verify, \ - {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0} -# define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \ - (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \ - (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \ - {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0} -# else -# define EVP_PKEY_RSA_method EVP_PKEY_NULL_method -# define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method -# endif - # endif /* !EVP_MD */ -struct evp_md_ctx_st { - const EVP_MD *digest; - ENGINE *engine; /* functional reference if 'digest' is - * ENGINE-provided */ - unsigned long flags; - void *md_data; - /* Public key context for sign/verify */ - EVP_PKEY_CTX *pctx; - /* Update function: usually copied from EVP_MD */ - int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count); -} /* EVP_MD_CTX */ ; - /* values for EVP_MD_CTX flags */ # define EVP_MD_CTX_FLAG_ONESHOT 0x0001/* digest update will be @@ -427,17 +376,28 @@ struct evp_cipher_st { # define EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT 0x1b # define EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE 0x1c -/* For engine-specific control values */ -# define EVP_CTRL_ENGINE_CIPHER_CUSTOM0 0x1000 -# define EVP_CTRL_ENGINE_CIPHER_CUSTOM1 0x1001 -# define EVP_CTRL_ENGINE_CIPHER_CUSTOM2 0x1002 -# define EVP_CTRL_ENGINE_CIPHER_CUSTOM3 0x1003 -# define EVP_CTRL_ENGINE_CIPHER_CUSTOM4 0x1004 -# define EVP_CTRL_ENGINE_CIPHER_CUSTOM5 0x1005 -# define EVP_CTRL_ENGINE_CIPHER_CUSTOM6 0x1006 -# define EVP_CTRL_ENGINE_CIPHER_CUSTOM7 0x1007 -# define EVP_CTRL_ENGINE_CIPHER_CUSTOM8 0x1008 -# define EVP_CTRL_ENGINE_CIPHER_CUSTOM9 0x1009 +# define EVP_CTRL_SSL3_MASTER_SECRET 0x1d + +/* EVP_CTRL_SET_SBOX takes the char * specifying S-boxes */ +# define EVP_CTRL_SET_SBOX 0x1e +/* + * EVP_CTRL_SBOX_USED takes a 'size_t' and 'char *', pointing at a + * pre-allocated buffer with specified size + */ +# define EVP_CTRL_SBOX_USED 0x1f +/* EVP_CTRL_KEY_MESH takes 'size_t' number of bytes to mesh the key after, + * 0 switches meshing off + */ +# define EVP_CTRL_KEY_MESH 0x20 +/* EVP_CTRL_BLOCK_PADDING_MODE takes the padding mode */ +# define EVP_CTRL_BLOCK_PADDING_MODE 0x21 + +/* Padding modes */ +#define EVP_PADDING_PKCS7 1 +#define EVP_PADDING_ISO7816_4 2 +#define EVP_PADDING_ANSI923 3 +#define EVP_PADDING_ISO10126 4 +#define EVP_PADDING_ZERO 5 /* RFC 5246 defines additional data to be 13 bytes in length */ # define EVP_AEAD_TLS1_AAD_LEN 13 @@ -487,22 +447,6 @@ struct evp_cipher_ctx_st { unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */ } /* EVP_CIPHER_CTX */ ; -typedef struct evp_Encode_Ctx_st { - /* number saved in a partial encode/decode */ - int num; - /* - * The length is either the output line length (in input bytes) or the - * shortest input line length that is ok. Once decoding begins, the - * length is adjusted up each time a longer line is decoded - */ - int length; - /* data to encode */ - unsigned char enc_data[80]; - /* number read on current line */ - int line_num; - int expect_nl; -} EVP_ENCODE_CTX; - /* Password based encryption function */ typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, @@ -536,15 +480,6 @@ typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass, # define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) /* Macros to reduce FIPS dependencies: do NOT use in applications */ -# define M_EVP_MD_size(e) ((e)->md_size) -# define M_EVP_MD_block_size(e) ((e)->block_size) -# define M_EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs)) -# define M_EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs)) -# define M_EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs)) -# define M_EVP_MD_type(e) ((e)->type) -# define M_EVP_MD_CTX_type(e) M_EVP_MD_type(M_EVP_MD_CTX_md(e)) -# define M_EVP_MD_CTX_md(e) ((e)->digest) - # define M_EVP_CIPHER_nid(e) ((e)->nid) # define M_EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len) # define M_EVP_CIPHER_CTX_flags(e) ((e)->cipher->flags) @@ -572,9 +507,16 @@ int EVP_MD_block_size(const EVP_MD *md); unsigned long EVP_MD_flags(const EVP_MD *md); const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx); +int (*EVP_MD_CTX_update_fn(EVP_MD_CTX *ctx))(EVP_MD_CTX *ctx, + const void *data, size_t count); +void EVP_MD_CTX_set_update_fn(EVP_MD_CTX *ctx, + int (*update) (EVP_MD_CTX *ctx, + const void *data, size_t count)); # define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e)) # define EVP_MD_CTX_block_size(e) EVP_MD_block_size(EVP_MD_CTX_md(e)) # define EVP_MD_CTX_type(e) EVP_MD_type(EVP_MD_CTX_md(e)) +EVP_PKEY_CTX *EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx); +void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx); int EVP_CIPHER_nid(const EVP_CIPHER *cipher); # define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e)) @@ -634,10 +576,13 @@ void BIO_set_md(BIO *, const EVP_MD *md); # define EVP_delete_digest_alias(alias) \ OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS); -void EVP_MD_CTX_init(EVP_MD_CTX *ctx); -int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx); -EVP_MD_CTX *EVP_MD_CTX_create(void); -void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); +int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2); +EVP_MD_CTX *EVP_MD_CTX_new(void); +int EVP_MD_CTX_reset(EVP_MD_CTX *ctx); +void EVP_MD_CTX_free(EVP_MD_CTX *ctx); +# define EVP_MD_CTX_create() EVP_MD_CTX_new() +# define EVP_MD_CTX_init(ctx) EVP_MD_CTX_reset((ctx)) +# define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx)) /*__owur*/ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in); void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags); void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags); @@ -740,6 +685,9 @@ __owur int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, EVP_PKEY **pubk, int npubk); __owur int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); +EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void); +void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx); +int EVP_ENCODE_CTX_num(EVP_ENCODE_CTX *ctx); void EVP_EncodeInit(EVP_ENCODE_CTX *ctx); void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl); @@ -778,10 +726,9 @@ const EVP_MD *EVP_md4(void); # endif # ifndef OPENSSL_NO_MD5 const EVP_MD *EVP_md5(void); +const EVP_MD *EVP_md5_sha1(void); # endif const EVP_MD *EVP_sha1(void); -const EVP_MD *EVP_dss1(void); -const EVP_MD *EVP_ecdsa(void); const EVP_MD *EVP_sha224(void); const EVP_MD *EVP_sha256(void); const EVP_MD *EVP_sha384(void); @@ -949,6 +896,12 @@ const EVP_CIPHER *EVP_camellia_256_cfb128(void); const EVP_CIPHER *EVP_camellia_256_ofb(void); const EVP_CIPHER *EVP_camellia_256_ctr(void); # endif +# ifndef OPENSSL_NO_CHACHA +const EVP_CIPHER *EVP_chacha20(void); +# ifndef OPENSSL_NO_POLY1305 +const EVP_CIPHER *EVP_chacha20_poly1305(void); +# endif +# endif # ifndef OPENSSL_NO_SEED const EVP_CIPHER *EVP_seed_ecb(void); @@ -971,9 +924,6 @@ void OPENSSL_add_all_algorithms_conf(void); void OpenSSL_add_all_ciphers(void); void OpenSSL_add_all_digests(void); -# define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms() -# define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers() -# define SSLeay_add_all_digests() OpenSSL_add_all_digests() int EVP_add_cipher(const EVP_CIPHER *cipher); int EVP_add_digest(const EVP_MD *digest); @@ -1554,6 +1504,7 @@ void ERR_load_EVP_strings(void); # define EVP_F_AES_XTS_CIPHER 175 # define EVP_F_ALG_MODULE_INIT 177 # define EVP_F_CAMELLIA_INIT_KEY 159 +# define EVP_F_CHACHA20_POLY1305_CTRL 182 # define EVP_F_CMAC_INIT 173 # define EVP_F_CMLL_T4_INIT_KEY 179 # define EVP_F_D2I_PKEY 100 @@ -1641,6 +1592,7 @@ void ERR_load_EVP_strings(void); # define EVP_R_CAMELLIA_KEY_SETUP_FAILED 157 # define EVP_R_CIPHER_PARAMETER_ERROR 122 # define EVP_R_COMMAND_NOT_SUPPORTED 147 +# define EVP_R_COPY_ERROR 173 # define EVP_R_CTRL_NOT_IMPLEMENTED 132 # define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133 # define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138