diff --git a/.pc/applied-patches b/.pc/applied-patches
index 93f1acf..a5f3392 100644
--- a/.pc/applied-patches
+++ b/.pc/applied-patches
@@ -1,5 +1,2 @@
-prototypes
second-stage-path
sbsigntool-not-pesign
-gcc-5.diff
-gcc5-includes-stdarg.patch
diff --git a/.pc/gcc-5.diff/.timestamp b/.pc/gcc-5.diff/.timestamp
deleted file mode 100644
index e69de29..0000000
diff --git a/.pc/gcc-5.diff/Cryptlib/Makefile b/.pc/gcc-5.diff/Cryptlib/Makefile
deleted file mode 100644
index 9719a27..0000000
--- a/.pc/gcc-5.diff/Cryptlib/Makefile
+++ /dev/null
@@ -1,45 +0,0 @@
-
-EFI_INCLUDES = -IInclude -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol
-
-CFLAGS = -ggdb -O0 -I. -fno-stack-protector -fno-strict-aliasing -fpic -fshort-wchar \
- -Wall $(EFI_INCLUDES)
-
-ifeq ($(ARCH),x86_64)
- CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args \
- -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI
-endif
-ifeq ($(ARCH),ia32)
- CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args -m32
-endif
-LDFLAGS = -nostdlib -znocombreloc
-
-TARGET = libcryptlib.a
-OBJS = Hash/CryptMd4.o \
- Hash/CryptMd5.o \
- Hash/CryptSha1.o \
- Hash/CryptSha256.o \
- Hmac/CryptHmacMd5.o \
- Hmac/CryptHmacSha1.o \
- Cipher/CryptAes.o \
- Cipher/CryptTdes.o \
- Cipher/CryptArc4.o \
- Rand/CryptRand.o \
- Pk/CryptRsaBasic.o \
- Pk/CryptRsaExtNull.o \
- Pk/CryptPkcs7SignNull.o \
- Pk/CryptPkcs7Verify.o \
- Pk/CryptDhNull.o \
- Pk/CryptX509.o \
- Pk/CryptAuthenticode.o \
- Pem/CryptPem.o \
- SysCall/CrtWrapper.o \
- SysCall/TimerWrapper.o \
- SysCall/BaseMemAllocation.o \
- SysCall/BaseStrings.o
-
-all: $(TARGET)
-
-libcryptlib.a: $(OBJS)
- ar rcs libcryptlib.a $(OBJS)
-clean:
- rm -f $(TARGET) $(OBJS)
diff --git a/.pc/gcc-5.diff/Cryptlib/OpenSSL/Makefile b/.pc/gcc-5.diff/Cryptlib/OpenSSL/Makefile
deleted file mode 100644
index 7990b3c..0000000
--- a/.pc/gcc-5.diff/Cryptlib/OpenSSL/Makefile
+++ /dev/null
@@ -1,531 +0,0 @@
-
-EFI_INCLUDES = -I../Include -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol
-
-CFLAGS = -ggdb -O0 -I. -I.. -I../Include/ -Icrypto -fno-stack-protector -fno-strict-aliasing -fpic -fshort-wchar -nostdinc \
- -Wall $(EFI_INCLUDES) -DOPENSSL_SYSNAME_UWIN -DOPENSSL_SYS_UEFI -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_SEED -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SOCK -DOPENSSL_NO_CMS -DOPENSSL_NO_JPAKE -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_ERR -DOPENSSL_NO_KRB5 -DOPENSSL_NO_DYNAMIC_ENGINE -DGETPID_IS_MEANINGLESS -DOPENSSL_NO_STDIO -DOPENSSL_NO_FP_API -DOPENSSL_NO_DGRAM -DOPENSSL_NO_SHA0 -DOPENSSL_NO_LHASH -DOPENSSL_NO_HW -DOPENSSL_NO_OCSP -DOPENSSL_NO_LOCKING -DOPENSSL_NO_DEPRECATED -DOPENSSL_SMALL_FOOTPRINT -DPEDANTIC
-
-ifeq ($(ARCH),x86_64)
- CFLAGS += -mno-mmx -mno-sse -mno-red-zone -maccumulate-outgoing-args \
- -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI -DSIXTY_FOUR_BIT_LONG
-endif
-ifeq ($(ARCH),ia32)
- CFLAGS += -mno-mmx -mno-sse -mno-red-zone -maccumulate-outgoing-args \
- -m32 -DTHIRTY_TWO_BIT
-endif
-ifeq ($(ARCH),aarch64)
- CFLAGS += -O2 -DSIXTY_FOUR_BIT_LONG -ffreestanding -I$(shell $(CC) -print-file-name=include)
-endif
-ifeq ($(ARCH),arm)
- CFLAGS += -O2 -DTHIRTY_TWO_BIT -ffreestanding -I$(shell $(CC) -print-file-name=include)
-endif
-LDFLAGS = -nostdlib -znocombreloc
-
-TARGET = libopenssl.a
-OBJS = crypto/cryptlib.o \
- crypto/dyn_lck.o \
- crypto/mem.o \
- crypto/mem_clr.o \
- crypto/mem_dbg.o \
- crypto/cversion.o \
- crypto/ex_data.o \
- crypto/cpt_err.o \
- crypto/ebcdic.o \
- crypto/uid.o \
- crypto/o_time.o \
- crypto/o_str.o \
- crypto/o_dir.o \
- crypto/o_init.o \
- crypto/fips_err.o \
- crypto/md2/md2_dgst.o \
- crypto/md2/md2_one.o \
- crypto/md4/md4_dgst.o \
- crypto/md4/md4_one.o \
- crypto/md5/md5_dgst.o \
- crypto/md5/md5_one.o \
- crypto/sha/sha_dgst.o \
- crypto/sha/sha1dgst.o \
- crypto/sha/sha_one.o \
- crypto/sha/sha1_one.o \
- crypto/sha/sha256.o \
- crypto/sha/sha512.o \
- crypto/hmac/hmac.o \
- crypto/ripemd/rmd_dgst.o \
- crypto/ripemd/rmd_one.o \
- crypto/des/des_lib.o \
- crypto/des/set_key.o \
- crypto/des/ecb_enc.o \
- crypto/des/cbc_enc.o \
- crypto/des/ecb3_enc.o \
- crypto/des/cfb64enc.o \
- crypto/des/cfb64ede.o \
- crypto/des/cfb_enc.o \
- crypto/des/ofb64ede.o \
- crypto/des/enc_read.o \
- crypto/des/enc_writ.o \
- crypto/des/ofb64enc.o \
- crypto/des/ofb_enc.o \
- crypto/des/str2key.o \
- crypto/des/pcbc_enc.o \
- crypto/des/qud_cksm.o \
- crypto/des/rand_key.o \
- crypto/des/des_enc.o \
- crypto/des/fcrypt_b.o \
- crypto/des/fcrypt.o \
- crypto/des/xcbc_enc.o \
- crypto/des/rpc_enc.o \
- crypto/des/cbc_cksm.o \
- crypto/des/ede_cbcm_enc.o \
- crypto/des/des_old.o \
- crypto/des/des_old2.o \
- crypto/des/read2pwd.o \
- crypto/rc2/rc2_ecb.o \
- crypto/rc2/rc2_skey.o \
- crypto/rc2/rc2_cbc.o \
- crypto/rc2/rc2cfb64.o \
- crypto/rc2/rc2ofb64.o \
- crypto/rc4/rc4_enc.o \
- crypto/rc4/rc4_skey.o \
- crypto/rc4/rc4_fblk.o \
- crypto/idea/i_cbc.o \
- crypto/idea/i_cfb64.o \
- crypto/idea/i_ofb64.o \
- crypto/idea/i_ecb.o \
- crypto/idea/i_skey.o \
- crypto/bf/bf_skey.o \
- crypto/bf/bf_ecb.o \
- crypto/bf/bf_enc.o \
- crypto/bf/bf_cfb64.o \
- crypto/bf/bf_ofb64.o \
- crypto/cast/c_skey.o \
- crypto/cast/c_ecb.o \
- crypto/cast/c_enc.o \
- crypto/cast/c_cfb64.o \
- crypto/cast/c_ofb64.o \
- crypto/aes/aes_misc.o \
- crypto/aes/aes_ecb.o \
- crypto/aes/aes_cfb.o \
- crypto/aes/aes_ofb.o \
- crypto/aes/aes_ctr.o \
- crypto/aes/aes_ige.o \
- crypto/aes/aes_wrap.o \
- crypto/aes/aes_core.o \
- crypto/aes/aes_cbc.o \
- crypto/bn/bn_add.o \
- crypto/bn/bn_div.o \
- crypto/bn/bn_exp.o \
- crypto/bn/bn_lib.o \
- crypto/bn/bn_ctx.o \
- crypto/bn/bn_mul.o \
- crypto/bn/bn_mod.o \
- crypto/bn/bn_print.o \
- crypto/bn/bn_rand.o \
- crypto/bn/bn_shift.o \
- crypto/bn/bn_word.o \
- crypto/bn/bn_blind.o \
- crypto/bn/bn_kron.o \
- crypto/bn/bn_sqrt.o \
- crypto/bn/bn_gcd.o \
- crypto/bn/bn_prime.o \
- crypto/bn/bn_err.o \
- crypto/bn/bn_sqr.o \
- crypto/bn/bn_asm.o \
- crypto/bn/bn_recp.o \
- crypto/bn/bn_mont.o \
- crypto/bn/bn_mpi.o \
- crypto/bn/bn_exp2.o \
- crypto/bn/bn_gf2m.o \
- crypto/bn/bn_nist.o \
- crypto/bn/bn_depr.o \
- crypto/bn/bn_x931p.o \
- crypto/bn/bn_const.o \
- crypto/bn/bn_opt.o \
- crypto/rsa/rsa_eay.o \
- crypto/rsa/rsa_gen.o \
- crypto/rsa/rsa_lib.o \
- crypto/rsa/rsa_sign.o \
- crypto/rsa/rsa_saos.o \
- crypto/rsa/rsa_err.o \
- crypto/rsa/rsa_pk1.o \
- crypto/rsa/rsa_ssl.o \
- crypto/rsa/rsa_none.o \
- crypto/rsa/rsa_oaep.o \
- crypto/rsa/rsa_chk.o \
- crypto/rsa/rsa_null.o \
- crypto/rsa/rsa_pss.o \
- crypto/rsa/rsa_x931.o \
- crypto/rsa/rsa_x931g.o \
- crypto/rsa/rsa_asn1.o \
- crypto/rsa/rsa_depr.o \
- crypto/rsa/rsa_eng.o \
- crypto/dsa/dsa_gen.o \
- crypto/dsa/dsa_key.o \
- crypto/dsa/dsa_lib.o \
- crypto/dsa/dsa_asn1.o \
- crypto/dsa/dsa_vrf.o \
- crypto/dsa/dsa_sign.o \
- crypto/dsa/dsa_err.o \
- crypto/dsa/dsa_ossl.o \
- crypto/dsa/dsa_depr.o \
- crypto/dsa/dsa_utl.o \
- crypto/dso/dso_dl.o \
- crypto/dso/dso_dlfcn.o \
- crypto/dso/dso_err.o \
- crypto/dso/dso_lib.o \
- crypto/dso/dso_null.o \
- crypto/dso/dso_openssl.o \
- crypto/dso/dso_win32.o \
- crypto/dso/dso_vms.o \
- crypto/dh/dh_asn1.o \
- crypto/dh/dh_gen.o \
- crypto/dh/dh_key.o \
- crypto/dh/dh_lib.o \
- crypto/dh/dh_check.o \
- crypto/dh/dh_err.o \
- crypto/dh/dh_depr.o \
- crypto/ec/ec_lib.o \
- crypto/ec/ecp_smpl.o \
- crypto/ec/ecp_mont.o \
- crypto/ec/ecp_nist.o \
- crypto/ec/ec_cvt.o \
- crypto/ec/ec_mult.o \
- crypto/ec/ec_err.o \
- crypto/ec/ec_curve.o \
- crypto/ec/ec_check.o \
- crypto/ec/ec_print.o \
- crypto/ec/ec_asn1.o \
- crypto/ec/ec_key.o \
- crypto/ec/ec2_smpl.o \
- crypto/ec/ec2_mult.o \
- crypto/ecdh/ech_lib.o \
- crypto/ecdh/ech_ossl.o \
- crypto/ecdh/ech_key.o \
- crypto/ecdh/ech_err.o \
- crypto/ecdsa/ecs_lib.o \
- crypto/ecdsa/ecs_asn1.o \
- crypto/ecdsa/ecs_ossl.o \
- crypto/ecdsa/ecs_sign.o \
- crypto/ecdsa/ecs_vrf.o \
- crypto/ecdsa/ecs_err.o \
- crypto/buffer/buffer.o \
- crypto/buffer/buf_str.o \
- crypto/buffer/buf_err.o \
- crypto/bio/bio_lib.o \
- crypto/bio/bio_cb.o \
- crypto/bio/bio_err.o \
- crypto/bio/bss_mem.o \
- crypto/bio/bss_null.o \
- crypto/bio/bss_fd.o \
- crypto/bio/bss_file.o \
- crypto/bio/bf_null.o \
- crypto/bio/bf_buff.o \
- crypto/bio/b_dump.o \
- crypto/bio/b_print.o \
- crypto/bio/bf_nbio.o \
- crypto/bio/bss_log.o \
- crypto/bio/bss_bio.o \
- crypto/bio/bss_dgram.o \
- crypto/stack/stack.o \
- crypto/lhash/lhash.o \
- crypto/lhash/lh_stats.o \
- crypto/rand/md_rand.o \
- crypto/rand/randfile.o \
- crypto/rand/rand_lib.o \
- crypto/rand/rand_eng.o \
- crypto/rand/rand_err.o \
- crypto/rand/rand_egd.o \
- crypto/rand/rand_win.o \
- crypto/rand/rand_unix.o \
- crypto/rand/rand_os2.o \
- crypto/rand/rand_nw.o \
- crypto/err/err.o \
- crypto/err/err_def.o \
- crypto/err/err_all.o \
- crypto/err/err_prn.o \
- crypto/err/err_str.o \
- crypto/err/err_bio.o \
- crypto/objects/o_names.o \
- crypto/objects/obj_dat.o \
- crypto/objects/obj_lib.o \
- crypto/objects/obj_err.o \
- crypto/evp/encode.o \
- crypto/evp/digest.o \
- crypto/evp/dig_eng.o \
- crypto/evp/evp_enc.o \
- crypto/evp/evp_key.o \
- crypto/evp/evp_acnf.o \
- crypto/evp/evp_cnf.o \
- crypto/evp/e_des.o \
- crypto/evp/e_bf.o \
- crypto/evp/e_idea.o \
- crypto/evp/e_des3.o \
- crypto/evp/e_rc4.o \
- crypto/evp/e_aes.o \
- crypto/evp/names.o \
- crypto/evp/e_xcbc_d.o \
- crypto/evp/e_rc2.o \
- crypto/evp/e_cast.o \
- crypto/evp/e_rc5.o \
- crypto/evp/enc_min.o \
- crypto/evp/m_null.o \
- crypto/evp/m_md2.o \
- crypto/evp/m_md4.o \
- crypto/evp/m_md5.o \
- crypto/evp/m_sha.o \
- crypto/evp/m_sha1.o \
- crypto/evp/m_dss.o \
- crypto/evp/m_dss1.o \
- crypto/evp/m_ripemd.o \
- crypto/evp/m_ecdsa.o \
- crypto/evp/p_open.o \
- crypto/evp/p_seal.o \
- crypto/evp/p_sign.o \
- crypto/evp/p_verify.o \
- crypto/evp/p_lib.o \
- crypto/evp/p_enc.o \
- crypto/evp/p_dec.o \
- crypto/evp/bio_md.o \
- crypto/evp/bio_b64.o \
- crypto/evp/bio_enc.o \
- crypto/evp/evp_err.o \
- crypto/evp/e_null.o \
- crypto/evp/c_all.o \
- crypto/evp/c_allc.o \
- crypto/evp/c_alld.o \
- crypto/evp/evp_lib.o \
- crypto/evp/bio_ok.o \
- crypto/evp/evp_pkey.o \
- crypto/evp/evp_pbe.o \
- crypto/evp/p5_crpt.o \
- crypto/evp/p5_crpt2.o \
- crypto/evp/e_old.o \
- crypto/asn1/a_object.o \
- crypto/asn1/a_bitstr.o \
- crypto/asn1/a_utctm.o \
- crypto/asn1/a_gentm.o \
- crypto/asn1/a_time.o \
- crypto/asn1/a_int.o \
- crypto/asn1/a_octet.o \
- crypto/asn1/a_print.o \
- crypto/asn1/a_type.o \
- crypto/asn1/a_set.o \
- crypto/asn1/a_dup.o \
- crypto/asn1/a_d2i_fp.o \
- crypto/asn1/a_i2d_fp.o \
- crypto/asn1/a_enum.o \
- crypto/asn1/a_utf8.o \
- crypto/asn1/a_sign.o \
- crypto/asn1/a_digest.o \
- crypto/asn1/a_verify.o \
- crypto/asn1/a_mbstr.o \
- crypto/asn1/a_strex.o \
- crypto/asn1/x_algor.o \
- crypto/asn1/x_val.o \
- crypto/asn1/x_pubkey.o \
- crypto/asn1/x_sig.o \
- crypto/asn1/x_req.o \
- crypto/asn1/x_attrib.o \
- crypto/asn1/x_bignum.o \
- crypto/asn1/x_long.o \
- crypto/asn1/x_name.o \
- crypto/asn1/x_x509.o \
- crypto/asn1/x_x509a.o \
- crypto/asn1/x_crl.o \
- crypto/asn1/x_info.o \
- crypto/asn1/x_spki.o \
- crypto/asn1/nsseq.o \
- crypto/asn1/d2i_pu.o \
- crypto/asn1/d2i_pr.o \
- crypto/asn1/i2d_pu.o \
- crypto/asn1/i2d_pr.o \
- crypto/asn1/t_req.o \
- crypto/asn1/t_x509.o \
- crypto/asn1/t_x509a.o \
- crypto/asn1/t_crl.o \
- crypto/asn1/t_pkey.o \
- crypto/asn1/t_spki.o \
- crypto/asn1/t_bitst.o \
- crypto/asn1/tasn_new.o \
- crypto/asn1/tasn_fre.o \
- crypto/asn1/tasn_enc.o \
- crypto/asn1/tasn_dec.o \
- crypto/asn1/tasn_utl.o \
- crypto/asn1/tasn_typ.o \
- crypto/asn1/f_int.o \
- crypto/asn1/f_string.o \
- crypto/asn1/n_pkey.o \
- crypto/asn1/f_enum.o \
- crypto/asn1/a_hdr.o \
- crypto/asn1/x_pkey.o \
- crypto/asn1/a_bool.o \
- crypto/asn1/x_exten.o \
- crypto/asn1/asn_mime.o \
- crypto/asn1/asn1_gen.o \
- crypto/asn1/asn1_par.o \
- crypto/asn1/asn1_lib.o \
- crypto/asn1/asn1_err.o \
- crypto/asn1/a_meth.o \
- crypto/asn1/a_bytes.o \
- crypto/asn1/a_strnid.o \
- crypto/asn1/evp_asn1.o \
- crypto/asn1/asn_pack.o \
- crypto/asn1/p5_pbe.o \
- crypto/asn1/p5_pbev2.o \
- crypto/asn1/p8_pkey.o \
- crypto/asn1/asn_moid.o \
- crypto/pem/pem_sign.o \
- crypto/pem/pem_seal.o \
- crypto/pem/pem_info.o \
- crypto/pem/pem_lib.o \
- crypto/pem/pem_all.o \
- crypto/pem/pem_err.o \
- crypto/pem/pem_x509.o \
- crypto/pem/pem_xaux.o \
- crypto/pem/pem_oth.o \
- crypto/pem/pem_pk8.o \
- crypto/pem/pem_pkey.o \
- crypto/x509/x509_def.o \
- crypto/x509/x509_d2.o \
- crypto/x509/x509_r2x.o \
- crypto/x509/x509_cmp.o \
- crypto/x509/x509_obj.o \
- crypto/x509/x509_req.o \
- crypto/x509/x509spki.o \
- crypto/x509/x509_vfy.o \
- crypto/x509/x509_set.o \
- crypto/x509/x509cset.o \
- crypto/x509/x509rset.o \
- crypto/x509/x509_err.o \
- crypto/x509/x509name.o \
- crypto/x509/x509_v3.o \
- crypto/x509/x509_ext.o \
- crypto/x509/x509_att.o \
- crypto/x509/x509type.o \
- crypto/x509/x509_lu.o \
- crypto/x509/x_all.o \
- crypto/x509/x509_txt.o \
- crypto/x509/x509_trs.o \
- crypto/x509/by_file.o \
- crypto/x509/by_dir.o \
- crypto/x509/x509_vpm.o \
- crypto/x509v3/v3_bcons.o \
- crypto/x509v3/v3_bitst.o \
- crypto/x509v3/v3_conf.o \
- crypto/x509v3/v3_extku.o \
- crypto/x509v3/v3_ia5.o \
- crypto/x509v3/v3_lib.o \
- crypto/x509v3/v3_prn.o \
- crypto/x509v3/v3_utl.o \
- crypto/x509v3/v3err.o \
- crypto/x509v3/v3_genn.o \
- crypto/x509v3/v3_alt.o \
- crypto/x509v3/v3_skey.o \
- crypto/x509v3/v3_akey.o \
- crypto/x509v3/v3_pku.o \
- crypto/x509v3/v3_int.o \
- crypto/x509v3/v3_enum.o \
- crypto/x509v3/v3_sxnet.o \
- crypto/x509v3/v3_cpols.o \
- crypto/x509v3/v3_crld.o \
- crypto/x509v3/v3_purp.o \
- crypto/x509v3/v3_info.o \
- crypto/x509v3/v3_ocsp.o \
- crypto/x509v3/v3_akeya.o \
- crypto/x509v3/v3_pmaps.o \
- crypto/x509v3/v3_pcons.o \
- crypto/x509v3/v3_ncons.o \
- crypto/x509v3/v3_pcia.o \
- crypto/x509v3/v3_pci.o \
- crypto/x509v3/pcy_cache.o \
- crypto/x509v3/pcy_node.o \
- crypto/x509v3/pcy_data.o \
- crypto/x509v3/pcy_map.o \
- crypto/x509v3/pcy_tree.o \
- crypto/x509v3/pcy_lib.o \
- crypto/x509v3/v3_asid.o \
- crypto/x509v3/v3_addr.o \
- crypto/conf/conf_err.o \
- crypto/conf/conf_lib.o \
- crypto/conf/conf_api.o \
- crypto/conf/conf_def.o \
- crypto/conf/conf_mod.o \
- crypto/conf/conf_mall.o \
- crypto/conf/conf_sap.o \
- crypto/txt_db/txt_db.o \
- crypto/pkcs7/pk7_asn1.o \
- crypto/pkcs7/pk7_lib.o \
- crypto/pkcs7/pkcs7err.o \
- crypto/pkcs7/pk7_doit.o \
- crypto/pkcs7/pk7_smime.o \
- crypto/pkcs7/pk7_attr.o \
- crypto/pkcs7/pk7_mime.o \
- crypto/pkcs12/p12_add.o \
- crypto/pkcs12/p12_asn.o \
- crypto/pkcs12/p12_attr.o \
- crypto/pkcs12/p12_crpt.o \
- crypto/pkcs12/p12_crt.o \
- crypto/pkcs12/p12_decr.o \
- crypto/pkcs12/p12_init.o \
- crypto/pkcs12/p12_key.o \
- crypto/pkcs12/p12_kiss.o \
- crypto/pkcs12/p12_mutl.o \
- crypto/pkcs12/p12_utl.o \
- crypto/pkcs12/p12_npas.o \
- crypto/pkcs12/pk12err.o \
- crypto/pkcs12/p12_p8d.o \
- crypto/pkcs12/p12_p8e.o \
- crypto/comp/comp_lib.o \
- crypto/comp/comp_err.o \
- crypto/comp/c_rle.o \
- crypto/comp/c_zlib.o \
- crypto/engine/eng_err.o \
- crypto/engine/eng_lib.o \
- crypto/engine/eng_list.o \
- crypto/engine/eng_init.o \
- crypto/engine/eng_ctrl.o \
- crypto/engine/eng_table.o \
- crypto/engine/eng_pkey.o \
- crypto/engine/eng_fat.o \
- crypto/engine/eng_all.o \
- crypto/engine/tb_rsa.o \
- crypto/engine/tb_dsa.o \
- crypto/engine/tb_ecdsa.o \
- crypto/engine/tb_dh.o \
- crypto/engine/tb_ecdh.o \
- crypto/engine/tb_rand.o \
- crypto/engine/tb_store.o \
- crypto/engine/tb_cipher.o \
- crypto/engine/tb_digest.o \
- crypto/engine/eng_openssl.o \
- crypto/engine/eng_cnf.o \
- crypto/engine/eng_dyn.o \
- crypto/engine/eng_cryptodev.o \
- crypto/engine/eng_padlock.o \
- crypto/ocsp/ocsp_asn.o \
- crypto/ocsp/ocsp_ext.o \
- crypto/ocsp/ocsp_ht.o \
- crypto/ocsp/ocsp_lib.o \
- crypto/ocsp/ocsp_cl.o \
- crypto/ocsp/ocsp_srv.o \
- crypto/ocsp/ocsp_prn.o \
- crypto/ocsp/ocsp_vfy.o \
- crypto/ocsp/ocsp_err.o \
- crypto/ui/ui_err.o \
- crypto/ui/ui_lib.o \
- crypto/ui/ui_util.o \
- crypto/ui/ui_compat.o \
- crypto/krb5/krb5_asn.o \
- crypto/store/str_err.o \
- crypto/store/str_lib.o \
- crypto/store/str_meth.o \
- crypto/store/str_mem.o \
- crypto/pqueue/pqueue.o \
-
-
-
-all: $(TARGET)
-
-libopenssl.a: $(OBJS)
- ar rcs libopenssl.a $(OBJS)
-
-clean:
- rm -f $(TARGET) $(OBJS)
diff --git a/.pc/gcc-5.diff/Makefile b/.pc/gcc-5.diff/Makefile
deleted file mode 100644
index 312e866..0000000
--- a/.pc/gcc-5.diff/Makefile
+++ /dev/null
@@ -1,183 +0,0 @@
-CC = $(CROSS_COMPILE)gcc
-LD = $(CROSS_COMPILE)ld
-OBJCOPY = $(CROSS_COMPILE)objcopy
-
-ARCH = $(shell $(CC) -dumpmachine | cut -f1 -d- | sed s,i[3456789]86,ia32,)
-
-SUBDIRS = Cryptlib lib
-
-LIB_PATH = /usr/lib64
-
-EFI_INCLUDE := /usr/include/efi
-EFI_INCLUDES = -nostdinc -ICryptlib -ICryptlib/Include -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol -Iinclude
-EFI_PATH := /usr/lib64/gnuefi
-
-LIB_GCC = $(shell $(CC) -print-libgcc-file-name)
-EFI_LIBS = -lefi -lgnuefi --start-group Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a --end-group $(LIB_GCC)
-
-EFI_CRT_OBJS = $(EFI_PATH)/crt0-efi-$(ARCH).o
-EFI_LDS = elf_$(ARCH)_efi.lds
-
-DEFAULT_LOADER := \\\\grubx64.efi
-CFLAGS = -ggdb -O0 -fno-stack-protector -fno-strict-aliasing -fpic \
- -fshort-wchar -Wall -Wsign-compare -Werror -fno-builtin \
- -Werror=sign-compare \
- "-DDEFAULT_LOADER=L\"$(DEFAULT_LOADER)\"" \
- "-DDEFAULT_LOADER_CHAR=\"$(DEFAULT_LOADER)\"" \
- $(EFI_INCLUDES)
-
-ifneq ($(origin OVERRIDE_SECURITY_POLICY), undefined)
- CFLAGS += -DOVERRIDE_SECURITY_POLICY
-endif
-
-ifeq ($(ARCH),x86_64)
- CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args \
- -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI
-endif
-ifeq ($(ARCH),ia32)
- CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args -m32
-endif
-
-ifeq ($(ARCH),aarch64)
- CFLAGS += -ffreestanding -I$(shell $(CC) -print-file-name=include)
-endif
-
-ifeq ($(ARCH),arm)
- CFLAGS += -ffreestanding -I$(shell $(CC) -print-file-name=include)
-endif
-
-ifneq ($(origin VENDOR_CERT_FILE), undefined)
- CFLAGS += -DVENDOR_CERT_FILE=\"$(VENDOR_CERT_FILE)\"
-endif
-ifneq ($(origin VENDOR_DBX_FILE), undefined)
- CFLAGS += -DVENDOR_DBX_FILE=\"$(VENDOR_DBX_FILE)\"
-endif
-
-LDFLAGS = -nostdlib -znocombreloc -T $(EFI_LDS) -shared -Bsymbolic -L$(EFI_PATH) -L$(LIB_PATH) -LCryptlib -LCryptlib/OpenSSL $(EFI_CRT_OBJS)
-
-VERSION = 0.8
-
-TARGET = shim.efi MokManager.efi.signed fallback.efi.signed
-OBJS = shim.o netboot.o cert.o replacements.o version.o
-KEYS = shim_cert.h ocsp.* ca.* shim.crt shim.csr shim.p12 shim.pem shim.key shim.cer
-SOURCES = shim.c shim.h netboot.c include/PeImage.h include/wincert.h include/console.h replacements.c replacements.h version.c version.h
-MOK_OBJS = MokManager.o PasswordCrypt.o crypt_blowfish.o
-MOK_SOURCES = MokManager.c shim.h include/console.h PasswordCrypt.c PasswordCrypt.h crypt_blowfish.c crypt_blowfish.h
-FALLBACK_OBJS = fallback.o
-FALLBACK_SRCS = fallback.c
-
-all: $(TARGET)
-
-shim.crt:
- ./make-certs shim shim@xn--u4h.net all codesign 1.3.6.1.4.1.311.10.3.1 $@
- hexdump -v -e '1/1 "0x%02x, "' $< >> $@
- echo "};" >> $@
-
-version.c : version.c.in
- sed -e "s,@@VERSION@@,$(VERSION)," \
- -e "s,@@UNAME@@,$(shell uname -a)," \
- -e "s,@@COMMIT@@,$(shell if [ -d .git ] ; then git log -1 --pretty=format:%H ; elif [ -f commit ]; then cat commit ; else echo commit id not available; fi)," \
- < version.c.in > version.c
-
-certdb/secmod.db: shim.crt
- -mkdir certdb
- pk12util -d certdb/ -i shim.p12 -W "" -K ""
- certutil -d certdb/ -A -i shim.crt -n shim -t u
-
-shim.o: $(SOURCES) shim_cert.h
-
-cert.o : cert.S
- $(CC) $(CFLAGS) -c -o $@ $<
-
-shim.so: $(OBJS) Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a lib/lib.a
- $(LD) -o $@ $(LDFLAGS) $^ $(EFI_LIBS)
-
-fallback.o: $(FALLBACK_SRCS)
-
-fallback.so: $(FALLBACK_OBJS) Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a lib/lib.a
- $(LD) -o $@ $(LDFLAGS) $^ $(EFI_LIBS)
-
-MokManager.o: $(MOK_SOURCES)
-
-MokManager.so: $(MOK_OBJS) Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a lib/lib.a
- $(LD) -o $@ $(LDFLAGS) $^ $(EFI_LIBS) lib/lib.a
-
-Cryptlib/libcryptlib.a:
- $(MAKE) -C Cryptlib
-
-Cryptlib/OpenSSL/libopenssl.a:
- $(MAKE) -C Cryptlib/OpenSSL
-
-lib/lib.a:
- $(MAKE) -C lib
-
-ifeq ($(ARCH),aarch64)
-FORMAT := -O binary
-SUBSYSTEM := 0xa
-LDFLAGS += --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM)
-endif
-
-ifeq ($(ARCH),arm)
-FORMAT := -O binary
-SUBSYSTEM := 0xa
-LDFLAGS += --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM)
-endif
-
-FORMAT ?= --target efi-app-$(ARCH)
-
-%.efi: %.so
- $(OBJCOPY) -j .text -j .sdata -j .data \
- -j .dynamic -j .dynsym -j .rel* \
- -j .rela* -j .reloc -j .eh_frame \
- -j .vendor_cert \
- $(FORMAT) $^ $@
- $(OBJCOPY) -j .text -j .sdata -j .data \
- -j .dynamic -j .dynsym -j .rel* \
- -j .rela* -j .reloc -j .eh_frame \
- -j .debug_info -j .debug_abbrev -j .debug_aranges \
- -j .debug_line -j .debug_str -j .debug_ranges \
- $(FORMAT) $^ $@.debug
-
-%.efi.signed: %.efi shim.crt
- sbsign --key shim.key --cert shim.crt $<
-
-clean:
- $(MAKE) -C Cryptlib clean
- $(MAKE) -C Cryptlib/OpenSSL clean
- $(MAKE) -C lib clean
- rm -rf $(TARGET) $(OBJS) $(MOK_OBJS) $(FALLBACK_OBJS) $(KEYS) certdb
- rm -f *.debug *.so *.efi *.tar.* version.c
-
-GITTAG = $(VERSION)
-
-test-archive:
- @rm -rf /tmp/shim-$(VERSION) /tmp/shim-$(VERSION)-tmp
- @mkdir -p /tmp/shim-$(VERSION)-tmp
- @git archive --format=tar $(shell git branch | awk '/^*/ { print $$2 }') | ( cd /tmp/shim-$(VERSION)-tmp/ ; tar x )
- @git diff | ( cd /tmp/shim-$(VERSION)-tmp/ ; patch -s -p1 -b -z .gitdiff )
- @mv /tmp/shim-$(VERSION)-tmp/ /tmp/shim-$(VERSION)/
- @git log -1 --pretty=format:%H > /tmp/shim-$(VERSION)/commit
- @dir=$$PWD; cd /tmp; tar -c --bzip2 -f $$dir/shim-$(VERSION).tar.bz2 shim-$(VERSION)
- @rm -rf /tmp/shim-$(VERSION)
- @echo "The archive is in shim-$(VERSION).tar.bz2"
-
-tag:
- git tag --sign $(GITTAG) refs/heads/master
-
-archive: tag
- @rm -rf /tmp/shim-$(VERSION) /tmp/shim-$(VERSION)-tmp
- @mkdir -p /tmp/shim-$(VERSION)-tmp
- @git archive --format=tar $(GITTAG) | ( cd /tmp/shim-$(VERSION)-tmp/ ; tar x )
- @mv /tmp/shim-$(VERSION)-tmp/ /tmp/shim-$(VERSION)/
- @git log -1 --pretty=format:%H > /tmp/shim-$(VERSION)/commit
- @dir=$$PWD; cd /tmp; tar -c --bzip2 -f $$dir/shim-$(VERSION).tar.bz2 shim-$(VERSION)
- @rm -rf /tmp/shim-$(VERSION)
- @echo "The archive is in shim-$(VERSION).tar.bz2"
-
-export ARCH CC LD OBJCOPY EFI_INCLUDE
diff --git a/.pc/gcc5-includes-stdarg.patch/.timestamp b/.pc/gcc5-includes-stdarg.patch/.timestamp
deleted file mode 100644
index e69de29..0000000
diff --git a/.pc/gcc5-includes-stdarg.patch/Cryptlib/Include/OpenSslSupport.h b/.pc/gcc5-includes-stdarg.patch/Cryptlib/Include/OpenSslSupport.h
deleted file mode 100644
index 9e56ced..0000000
--- a/.pc/gcc5-includes-stdarg.patch/Cryptlib/Include/OpenSslSupport.h
+++ /dev/null
@@ -1,269 +0,0 @@
-/** @file
- Root include file to support building OpenSSL Crypto Library.
-
-Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#ifndef __OPEN_SSL_SUPPORT_H__
-#define __OPEN_SSL_SUPPORT_H__
-
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-
-#define CONST const
-
-//
-// File operations are not required for building Open SSL,
-// so FILE is mapped to VOID * to pass build
-//
-typedef VOID *FILE;
-
-//
-// Map all va_xxxx elements to VA_xxx defined in MdePkg/Include/Base.h
-//
-#if !defined(__CC_ARM) // if va_list is not already defined
-/*
- * These are now unconditionally #defined by GNU_EFI's efistdarg.h,
- * so we should #undef them here before providing a new definition.
- */
-#undef va_arg
-#undef va_start
-#undef va_end
-
-#define va_list VA_LIST
-#define va_arg VA_ARG
-#define va_start VA_START
-#define va_end VA_END
-typedef __builtin_va_list VA_LIST;
-
-#define VA_START(Marker, Parameter) __builtin_va_start (Marker, Parameter)
-
-#define VA_ARG(Marker, TYPE) ((sizeof (TYPE) < sizeof (UINTN)) ? (TYPE)(__builtin_va_arg (Marker, UINTN)) : (TYPE)(__builtin_va_arg (Marker, TYPE)))
-
-#define VA_END(Marker) __builtin_va_end (Marker)
-
-#define VA_COPY(Dest, Start) __builtin_va_copy (Dest, Start)
-
-#else // __CC_ARM
-#define va_start(Marker, Parameter) __va_start(Marker, Parameter)
-#define va_arg(Marker, TYPE) __va_arg(Marker, TYPE)
-#define va_end(Marker) ((void)0)
-#endif
-
-//
-// #defines from EFI Application Toolkit required to buiild Open SSL
-//
-#define ENOMEM 12 /* Cannot allocate memory */
-#define EINVAL 22 /* Invalid argument */
-#define BUFSIZ 1024 /* size of buffer used by setbuf */
-#define INT_MAX 2147483647 /* max value for an int */
-#define INT_MIN (-2147483647-1) /* min value for an int */
-#define LONG_MAX 2147483647L /* max value for a long */
-#define LONG_MIN (-2147483647-1) /* min value for a long */
-#define ULONG_MAX 0xffffffff /* max value for an unsigned long */
-#define LOG_DAEMON (3<<3) /* system daemons */
-#define LOG_EMERG 0 /* system is unusable */
-#define LOG_ALERT 1 /* action must be taken immediately */
-#define LOG_CRIT 2 /* critical conditions */
-#define LOG_ERR 3 /* error conditions */
-#define LOG_WARNING 4 /* warning conditions */
-#define LOG_NOTICE 5 /* normal but significant condition */
-#define LOG_INFO 6 /* informational */
-#define LOG_DEBUG 7 /* debug-level messages */
-#define LOG_PID 0x01 /* log the pid with each message */
-#define LOG_CONS 0x02 /* log on the console if errors in sending */
-
-//
-// Macros from EFI Application Toolkit required to buiild Open SSL
-//
-/* The offsetof() macro calculates the offset of a structure member
- in its structure. Unfortunately this cannot be written down
- portably, hence it is provided by a Standard C header file.
- For pre-Standard C compilers, here is a version that usually works
- (but watch out!): */
-#define offsetof(type, member) ( (int) & ((type*)0) -> member )
-
-//
-// Basic types from EFI Application Toolkit required to buiild Open SSL
-//
-typedef UINTN size_t;
-typedef INTN ssize_t;
-typedef INT64 off_t;
-typedef UINT16 mode_t;
-typedef long time_t;
-typedef unsigned long clock_t;
-typedef UINT32 uid_t;
-typedef UINT32 gid_t;
-typedef UINT32 ino_t;
-typedef UINT32 dev_t;
-typedef UINT16 nlink_t;
-typedef int pid_t;
-typedef void *DIR;
-typedef void __sighandler_t (int);
-
-//
-// Structures from EFI Application Toolkit required to buiild Open SSL
-//
-struct tm {
- int tm_sec; /* seconds after the minute [0-60] */
- int tm_min; /* minutes after the hour [0-59] */
- int tm_hour; /* hours since midnight [0-23] */
- int tm_mday; /* day of the month [1-31] */
- int tm_mon; /* months since January [0-11] */
- int tm_year; /* years since 1900 */
- int tm_wday; /* days since Sunday [0-6] */
- int tm_yday; /* days since January 1 [0-365] */
- int tm_isdst; /* Daylight Savings Time flag */
- long tm_gmtoff; /* offset from CUT in seconds */
- char *tm_zone; /* timezone abbreviation */
-};
-
-struct dirent {
- UINT32 d_fileno; /* file number of entry */
- UINT16 d_reclen; /* length of this record */
- UINT8 d_type; /* file type, see below */
- UINT8 d_namlen; /* length of string in d_name */
- char d_name[255 + 1]; /* name must be no longer than this */
-};
-
-struct stat {
- dev_t st_dev; /* inode's device */
- ino_t st_ino; /* inode's number */
- mode_t st_mode; /* inode protection mode */
- nlink_t st_nlink; /* number of hard links */
- uid_t st_uid; /* user ID of the file's owner */
- gid_t st_gid; /* group ID of the file's group */
- dev_t st_rdev; /* device type */
- time_t st_atime; /* time of last access */
- long st_atimensec; /* nsec of last access */
- time_t st_mtime; /* time of last data modification */
- long st_mtimensec; /* nsec of last data modification */
- time_t st_ctime; /* time of last file status change */
- long st_ctimensec; /* nsec of last file status change */
- off_t st_size; /* file size, in bytes */
- INT64 st_blocks; /* blocks allocated for file */
- UINT32 st_blksize; /* optimal blocksize for I/O */
- UINT32 st_flags; /* user defined flags for file */
- UINT32 st_gen; /* file generation number */
- INT32 st_lspare;
- INT64 st_qspare[2];
-};
-
-//
-// Externs from EFI Application Toolkit required to buiild Open SSL
-//
-extern int errno;
-
-//
-// Function prototypes from EFI Application Toolkit required to buiild Open SSL
-//
-void *malloc (size_t);
-void *realloc (void *, size_t);
-void free (void *);
-int isdigit (int);
-int isspace (int);
-int tolower (int);
-int isupper (int);
-int isxdigit (int);
-int isalnum (int);
-void *memcpy (void *, const void *, size_t);
-void *memset (void *, int, size_t);
-void *memchr (const void *, int, size_t);
-int memcmp (const void *, const void *, size_t);
-void *memmove (void *, const void *, size_t);
-int strcmp (const char *, const char *);
-int strncmp (const char *, const char *, size_t);
-char *strcpy (char *, const char *);
-char *strncpy (char *, const char *, size_t);
-size_t strlen (const char *);
-char *strcat (char *, const char *);
-char *strchr (const char *, int);
-int strcasecmp (const char *, const char *);
-int strncasecmp (const char *, const char *, size_t);
-char *strncpy (char *, const char *, size_t);
-int strncmp (const char *, const char *, size_t);
-char *strrchr (const char *, int);
-unsigned long strtoul (const char *, char **, int);
-long strtol (const char *, char **, int);
-int printf (const char *, ...);
-int sscanf (const char *, const char *, ...);
-int open (const char *, int, ...);
-int chmod (const char *, mode_t);
-int stat (const char *, struct stat *);
-off_t lseek (int, off_t, int);
-ssize_t read (int, void *, size_t);
-ssize_t write (int, const void *, size_t);
-int close (int);
-FILE *fopen (const char *, const char *);
-size_t fread (void *, size_t, size_t, FILE *);
-size_t fwrite (const void *, size_t, size_t, FILE *);
-char *fgets (char *, int, FILE *);
-int fputs (const char *, FILE *);
-int fprintf (FILE *, const char *, ...);
-int vfprintf (FILE *, const char *, VA_LIST);
-int fflush (FILE *);
-int fclose (FILE *);
-DIR *opendir (const char *);
-struct dirent *readdir (DIR *);
-int closedir (DIR *);
-void openlog (const char *, int, int);
-void closelog (void);
-void syslog (int, const char *, ...);
-time_t time (time_t *);
-struct tm *localtime (const time_t *);
-struct tm *gmtime (const time_t *);
-struct tm *gmtime_r (const time_t *, struct tm *);
-uid_t getuid (void);
-uid_t geteuid (void);
-gid_t getgid (void);
-gid_t getegid (void);
-void qsort (void *, size_t, size_t, int (*)(const void *, const void *));
-char *getenv (const char *);
-void exit (int);
-void abort (void);
-__sighandler_t *signal (int, __sighandler_t *);
-
-//
-// Global variables from EFI Application Toolkit required to buiild Open SSL
-//
-extern FILE *stderr;
-extern FILE *stdin;
-extern FILE *stdout;
-
-#define AsciiStrLen(x) strlena(x)
-#define AsciiStrnCmp(s1, s2, len) strncmpa(s1, s2, len)
-
-//
-// Macros that directly map functions to BaseLib, BaseMemoryLib, and DebugLib functions
-//
-#define memcpy(dest,source,count) ( {CopyMem(dest,source,(UINTN)(count)); dest; })
-#define memset(dest,ch,count) SetMem(dest,(UINTN)(count),(UINT8)(ch))
-#define memchr(buf,ch,count) ScanMem8(buf,(UINTN)(count),(UINT8)ch)
-#define memcmp(buf1,buf2,count) (int)(CompareMem(buf1,buf2,(UINTN)(count)))
-#define memmove(dest,source,count) CopyMem(dest,source,(UINTN)(count))
-#define strcmp strcmpa
-#define strncmp(string1,string2,count) (int)(AsciiStrnCmp(string1,string2,(UINTN)(count)))
-#define strcpy(strDest,strSource) AsciiStrCpy(strDest,strSource)
-#define strncpy(strDest,strSource,count) AsciiStrnCpy(strDest,strSource,(UINTN)count)
-#define strlen(str) (size_t)(AsciiStrLen(str))
-#define strcat(strDest,strSource) AsciiStrCat(strDest,strSource)
-#define strchr(str,ch) ScanMem8((VOID *)(str),AsciiStrSize(str),(UINT8)ch)
-#define abort() ASSERT (FALSE)
-#define assert(expression)
-#define localtime(timer) NULL
-#define gmtime_r(timer,result) (result = NULL)
-
-#endif
diff --git a/.pc/gcc5-includes-stdarg.patch/Cryptlib/Makefile b/.pc/gcc5-includes-stdarg.patch/Cryptlib/Makefile
deleted file mode 100644
index e930656..0000000
--- a/.pc/gcc5-includes-stdarg.patch/Cryptlib/Makefile
+++ /dev/null
@@ -1,45 +0,0 @@
-
-EFI_INCLUDES = -IInclude -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol
-
-CFLAGS = -std=gnu89 -ggdb -O0 -I. -fno-stack-protector -fno-strict-aliasing -fpic -fshort-wchar \
- -Wall $(EFI_INCLUDES)
-
-ifeq ($(ARCH),x86_64)
- CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args \
- -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI
-endif
-ifeq ($(ARCH),ia32)
- CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args -m32
-endif
-LDFLAGS = -nostdlib -znocombreloc
-
-TARGET = libcryptlib.a
-OBJS = Hash/CryptMd4.o \
- Hash/CryptMd5.o \
- Hash/CryptSha1.o \
- Hash/CryptSha256.o \
- Hmac/CryptHmacMd5.o \
- Hmac/CryptHmacSha1.o \
- Cipher/CryptAes.o \
- Cipher/CryptTdes.o \
- Cipher/CryptArc4.o \
- Rand/CryptRand.o \
- Pk/CryptRsaBasic.o \
- Pk/CryptRsaExtNull.o \
- Pk/CryptPkcs7SignNull.o \
- Pk/CryptPkcs7Verify.o \
- Pk/CryptDhNull.o \
- Pk/CryptX509.o \
- Pk/CryptAuthenticode.o \
- Pem/CryptPem.o \
- SysCall/CrtWrapper.o \
- SysCall/TimerWrapper.o \
- SysCall/BaseMemAllocation.o \
- SysCall/BaseStrings.o
-
-all: $(TARGET)
-
-libcryptlib.a: $(OBJS)
- ar rcs libcryptlib.a $(OBJS)
-clean:
- rm -f $(TARGET) $(OBJS)
diff --git a/.pc/gcc5-includes-stdarg.patch/Cryptlib/OpenSSL/Makefile b/.pc/gcc5-includes-stdarg.patch/Cryptlib/OpenSSL/Makefile
deleted file mode 100644
index f5b7e4f..0000000
--- a/.pc/gcc5-includes-stdarg.patch/Cryptlib/OpenSSL/Makefile
+++ /dev/null
@@ -1,531 +0,0 @@
-
-EFI_INCLUDES = -I../Include -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol
-
-CFLAGS = -std=gnu89 -ggdb -O0 -I. -I.. -I../Include/ -Icrypto -fno-stack-protector -fno-strict-aliasing -fpic -fshort-wchar -nostdinc \
- -Wall $(EFI_INCLUDES) -DOPENSSL_SYSNAME_UWIN -DOPENSSL_SYS_UEFI -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_SEED -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_SOCK -DOPENSSL_NO_CMS -DOPENSSL_NO_JPAKE -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_ERR -DOPENSSL_NO_KRB5 -DOPENSSL_NO_DYNAMIC_ENGINE -DGETPID_IS_MEANINGLESS -DOPENSSL_NO_STDIO -DOPENSSL_NO_FP_API -DOPENSSL_NO_DGRAM -DOPENSSL_NO_SHA0 -DOPENSSL_NO_LHASH -DOPENSSL_NO_HW -DOPENSSL_NO_OCSP -DOPENSSL_NO_LOCKING -DOPENSSL_NO_DEPRECATED -DOPENSSL_SMALL_FOOTPRINT -DPEDANTIC
-
-ifeq ($(ARCH),x86_64)
- CFLAGS += -mno-mmx -mno-sse -mno-red-zone -maccumulate-outgoing-args \
- -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI -DSIXTY_FOUR_BIT_LONG
-endif
-ifeq ($(ARCH),ia32)
- CFLAGS += -mno-mmx -mno-sse -mno-red-zone -maccumulate-outgoing-args \
- -m32 -DTHIRTY_TWO_BIT
-endif
-ifeq ($(ARCH),aarch64)
- CFLAGS += -O2 -DSIXTY_FOUR_BIT_LONG -ffreestanding -I$(shell $(CC) -print-file-name=include)
-endif
-ifeq ($(ARCH),arm)
- CFLAGS += -O2 -DTHIRTY_TWO_BIT -ffreestanding -I$(shell $(CC) -print-file-name=include)
-endif
-LDFLAGS = -nostdlib -znocombreloc
-
-TARGET = libopenssl.a
-OBJS = crypto/cryptlib.o \
- crypto/dyn_lck.o \
- crypto/mem.o \
- crypto/mem_clr.o \
- crypto/mem_dbg.o \
- crypto/cversion.o \
- crypto/ex_data.o \
- crypto/cpt_err.o \
- crypto/ebcdic.o \
- crypto/uid.o \
- crypto/o_time.o \
- crypto/o_str.o \
- crypto/o_dir.o \
- crypto/o_init.o \
- crypto/fips_err.o \
- crypto/md2/md2_dgst.o \
- crypto/md2/md2_one.o \
- crypto/md4/md4_dgst.o \
- crypto/md4/md4_one.o \
- crypto/md5/md5_dgst.o \
- crypto/md5/md5_one.o \
- crypto/sha/sha_dgst.o \
- crypto/sha/sha1dgst.o \
- crypto/sha/sha_one.o \
- crypto/sha/sha1_one.o \
- crypto/sha/sha256.o \
- crypto/sha/sha512.o \
- crypto/hmac/hmac.o \
- crypto/ripemd/rmd_dgst.o \
- crypto/ripemd/rmd_one.o \
- crypto/des/des_lib.o \
- crypto/des/set_key.o \
- crypto/des/ecb_enc.o \
- crypto/des/cbc_enc.o \
- crypto/des/ecb3_enc.o \
- crypto/des/cfb64enc.o \
- crypto/des/cfb64ede.o \
- crypto/des/cfb_enc.o \
- crypto/des/ofb64ede.o \
- crypto/des/enc_read.o \
- crypto/des/enc_writ.o \
- crypto/des/ofb64enc.o \
- crypto/des/ofb_enc.o \
- crypto/des/str2key.o \
- crypto/des/pcbc_enc.o \
- crypto/des/qud_cksm.o \
- crypto/des/rand_key.o \
- crypto/des/des_enc.o \
- crypto/des/fcrypt_b.o \
- crypto/des/fcrypt.o \
- crypto/des/xcbc_enc.o \
- crypto/des/rpc_enc.o \
- crypto/des/cbc_cksm.o \
- crypto/des/ede_cbcm_enc.o \
- crypto/des/des_old.o \
- crypto/des/des_old2.o \
- crypto/des/read2pwd.o \
- crypto/rc2/rc2_ecb.o \
- crypto/rc2/rc2_skey.o \
- crypto/rc2/rc2_cbc.o \
- crypto/rc2/rc2cfb64.o \
- crypto/rc2/rc2ofb64.o \
- crypto/rc4/rc4_enc.o \
- crypto/rc4/rc4_skey.o \
- crypto/rc4/rc4_fblk.o \
- crypto/idea/i_cbc.o \
- crypto/idea/i_cfb64.o \
- crypto/idea/i_ofb64.o \
- crypto/idea/i_ecb.o \
- crypto/idea/i_skey.o \
- crypto/bf/bf_skey.o \
- crypto/bf/bf_ecb.o \
- crypto/bf/bf_enc.o \
- crypto/bf/bf_cfb64.o \
- crypto/bf/bf_ofb64.o \
- crypto/cast/c_skey.o \
- crypto/cast/c_ecb.o \
- crypto/cast/c_enc.o \
- crypto/cast/c_cfb64.o \
- crypto/cast/c_ofb64.o \
- crypto/aes/aes_misc.o \
- crypto/aes/aes_ecb.o \
- crypto/aes/aes_cfb.o \
- crypto/aes/aes_ofb.o \
- crypto/aes/aes_ctr.o \
- crypto/aes/aes_ige.o \
- crypto/aes/aes_wrap.o \
- crypto/aes/aes_core.o \
- crypto/aes/aes_cbc.o \
- crypto/bn/bn_add.o \
- crypto/bn/bn_div.o \
- crypto/bn/bn_exp.o \
- crypto/bn/bn_lib.o \
- crypto/bn/bn_ctx.o \
- crypto/bn/bn_mul.o \
- crypto/bn/bn_mod.o \
- crypto/bn/bn_print.o \
- crypto/bn/bn_rand.o \
- crypto/bn/bn_shift.o \
- crypto/bn/bn_word.o \
- crypto/bn/bn_blind.o \
- crypto/bn/bn_kron.o \
- crypto/bn/bn_sqrt.o \
- crypto/bn/bn_gcd.o \
- crypto/bn/bn_prime.o \
- crypto/bn/bn_err.o \
- crypto/bn/bn_sqr.o \
- crypto/bn/bn_asm.o \
- crypto/bn/bn_recp.o \
- crypto/bn/bn_mont.o \
- crypto/bn/bn_mpi.o \
- crypto/bn/bn_exp2.o \
- crypto/bn/bn_gf2m.o \
- crypto/bn/bn_nist.o \
- crypto/bn/bn_depr.o \
- crypto/bn/bn_x931p.o \
- crypto/bn/bn_const.o \
- crypto/bn/bn_opt.o \
- crypto/rsa/rsa_eay.o \
- crypto/rsa/rsa_gen.o \
- crypto/rsa/rsa_lib.o \
- crypto/rsa/rsa_sign.o \
- crypto/rsa/rsa_saos.o \
- crypto/rsa/rsa_err.o \
- crypto/rsa/rsa_pk1.o \
- crypto/rsa/rsa_ssl.o \
- crypto/rsa/rsa_none.o \
- crypto/rsa/rsa_oaep.o \
- crypto/rsa/rsa_chk.o \
- crypto/rsa/rsa_null.o \
- crypto/rsa/rsa_pss.o \
- crypto/rsa/rsa_x931.o \
- crypto/rsa/rsa_x931g.o \
- crypto/rsa/rsa_asn1.o \
- crypto/rsa/rsa_depr.o \
- crypto/rsa/rsa_eng.o \
- crypto/dsa/dsa_gen.o \
- crypto/dsa/dsa_key.o \
- crypto/dsa/dsa_lib.o \
- crypto/dsa/dsa_asn1.o \
- crypto/dsa/dsa_vrf.o \
- crypto/dsa/dsa_sign.o \
- crypto/dsa/dsa_err.o \
- crypto/dsa/dsa_ossl.o \
- crypto/dsa/dsa_depr.o \
- crypto/dsa/dsa_utl.o \
- crypto/dso/dso_dl.o \
- crypto/dso/dso_dlfcn.o \
- crypto/dso/dso_err.o \
- crypto/dso/dso_lib.o \
- crypto/dso/dso_null.o \
- crypto/dso/dso_openssl.o \
- crypto/dso/dso_win32.o \
- crypto/dso/dso_vms.o \
- crypto/dh/dh_asn1.o \
- crypto/dh/dh_gen.o \
- crypto/dh/dh_key.o \
- crypto/dh/dh_lib.o \
- crypto/dh/dh_check.o \
- crypto/dh/dh_err.o \
- crypto/dh/dh_depr.o \
- crypto/ec/ec_lib.o \
- crypto/ec/ecp_smpl.o \
- crypto/ec/ecp_mont.o \
- crypto/ec/ecp_nist.o \
- crypto/ec/ec_cvt.o \
- crypto/ec/ec_mult.o \
- crypto/ec/ec_err.o \
- crypto/ec/ec_curve.o \
- crypto/ec/ec_check.o \
- crypto/ec/ec_print.o \
- crypto/ec/ec_asn1.o \
- crypto/ec/ec_key.o \
- crypto/ec/ec2_smpl.o \
- crypto/ec/ec2_mult.o \
- crypto/ecdh/ech_lib.o \
- crypto/ecdh/ech_ossl.o \
- crypto/ecdh/ech_key.o \
- crypto/ecdh/ech_err.o \
- crypto/ecdsa/ecs_lib.o \
- crypto/ecdsa/ecs_asn1.o \
- crypto/ecdsa/ecs_ossl.o \
- crypto/ecdsa/ecs_sign.o \
- crypto/ecdsa/ecs_vrf.o \
- crypto/ecdsa/ecs_err.o \
- crypto/buffer/buffer.o \
- crypto/buffer/buf_str.o \
- crypto/buffer/buf_err.o \
- crypto/bio/bio_lib.o \
- crypto/bio/bio_cb.o \
- crypto/bio/bio_err.o \
- crypto/bio/bss_mem.o \
- crypto/bio/bss_null.o \
- crypto/bio/bss_fd.o \
- crypto/bio/bss_file.o \
- crypto/bio/bf_null.o \
- crypto/bio/bf_buff.o \
- crypto/bio/b_dump.o \
- crypto/bio/b_print.o \
- crypto/bio/bf_nbio.o \
- crypto/bio/bss_log.o \
- crypto/bio/bss_bio.o \
- crypto/bio/bss_dgram.o \
- crypto/stack/stack.o \
- crypto/lhash/lhash.o \
- crypto/lhash/lh_stats.o \
- crypto/rand/md_rand.o \
- crypto/rand/randfile.o \
- crypto/rand/rand_lib.o \
- crypto/rand/rand_eng.o \
- crypto/rand/rand_err.o \
- crypto/rand/rand_egd.o \
- crypto/rand/rand_win.o \
- crypto/rand/rand_unix.o \
- crypto/rand/rand_os2.o \
- crypto/rand/rand_nw.o \
- crypto/err/err.o \
- crypto/err/err_def.o \
- crypto/err/err_all.o \
- crypto/err/err_prn.o \
- crypto/err/err_str.o \
- crypto/err/err_bio.o \
- crypto/objects/o_names.o \
- crypto/objects/obj_dat.o \
- crypto/objects/obj_lib.o \
- crypto/objects/obj_err.o \
- crypto/evp/encode.o \
- crypto/evp/digest.o \
- crypto/evp/dig_eng.o \
- crypto/evp/evp_enc.o \
- crypto/evp/evp_key.o \
- crypto/evp/evp_acnf.o \
- crypto/evp/evp_cnf.o \
- crypto/evp/e_des.o \
- crypto/evp/e_bf.o \
- crypto/evp/e_idea.o \
- crypto/evp/e_des3.o \
- crypto/evp/e_rc4.o \
- crypto/evp/e_aes.o \
- crypto/evp/names.o \
- crypto/evp/e_xcbc_d.o \
- crypto/evp/e_rc2.o \
- crypto/evp/e_cast.o \
- crypto/evp/e_rc5.o \
- crypto/evp/enc_min.o \
- crypto/evp/m_null.o \
- crypto/evp/m_md2.o \
- crypto/evp/m_md4.o \
- crypto/evp/m_md5.o \
- crypto/evp/m_sha.o \
- crypto/evp/m_sha1.o \
- crypto/evp/m_dss.o \
- crypto/evp/m_dss1.o \
- crypto/evp/m_ripemd.o \
- crypto/evp/m_ecdsa.o \
- crypto/evp/p_open.o \
- crypto/evp/p_seal.o \
- crypto/evp/p_sign.o \
- crypto/evp/p_verify.o \
- crypto/evp/p_lib.o \
- crypto/evp/p_enc.o \
- crypto/evp/p_dec.o \
- crypto/evp/bio_md.o \
- crypto/evp/bio_b64.o \
- crypto/evp/bio_enc.o \
- crypto/evp/evp_err.o \
- crypto/evp/e_null.o \
- crypto/evp/c_all.o \
- crypto/evp/c_allc.o \
- crypto/evp/c_alld.o \
- crypto/evp/evp_lib.o \
- crypto/evp/bio_ok.o \
- crypto/evp/evp_pkey.o \
- crypto/evp/evp_pbe.o \
- crypto/evp/p5_crpt.o \
- crypto/evp/p5_crpt2.o \
- crypto/evp/e_old.o \
- crypto/asn1/a_object.o \
- crypto/asn1/a_bitstr.o \
- crypto/asn1/a_utctm.o \
- crypto/asn1/a_gentm.o \
- crypto/asn1/a_time.o \
- crypto/asn1/a_int.o \
- crypto/asn1/a_octet.o \
- crypto/asn1/a_print.o \
- crypto/asn1/a_type.o \
- crypto/asn1/a_set.o \
- crypto/asn1/a_dup.o \
- crypto/asn1/a_d2i_fp.o \
- crypto/asn1/a_i2d_fp.o \
- crypto/asn1/a_enum.o \
- crypto/asn1/a_utf8.o \
- crypto/asn1/a_sign.o \
- crypto/asn1/a_digest.o \
- crypto/asn1/a_verify.o \
- crypto/asn1/a_mbstr.o \
- crypto/asn1/a_strex.o \
- crypto/asn1/x_algor.o \
- crypto/asn1/x_val.o \
- crypto/asn1/x_pubkey.o \
- crypto/asn1/x_sig.o \
- crypto/asn1/x_req.o \
- crypto/asn1/x_attrib.o \
- crypto/asn1/x_bignum.o \
- crypto/asn1/x_long.o \
- crypto/asn1/x_name.o \
- crypto/asn1/x_x509.o \
- crypto/asn1/x_x509a.o \
- crypto/asn1/x_crl.o \
- crypto/asn1/x_info.o \
- crypto/asn1/x_spki.o \
- crypto/asn1/nsseq.o \
- crypto/asn1/d2i_pu.o \
- crypto/asn1/d2i_pr.o \
- crypto/asn1/i2d_pu.o \
- crypto/asn1/i2d_pr.o \
- crypto/asn1/t_req.o \
- crypto/asn1/t_x509.o \
- crypto/asn1/t_x509a.o \
- crypto/asn1/t_crl.o \
- crypto/asn1/t_pkey.o \
- crypto/asn1/t_spki.o \
- crypto/asn1/t_bitst.o \
- crypto/asn1/tasn_new.o \
- crypto/asn1/tasn_fre.o \
- crypto/asn1/tasn_enc.o \
- crypto/asn1/tasn_dec.o \
- crypto/asn1/tasn_utl.o \
- crypto/asn1/tasn_typ.o \
- crypto/asn1/f_int.o \
- crypto/asn1/f_string.o \
- crypto/asn1/n_pkey.o \
- crypto/asn1/f_enum.o \
- crypto/asn1/a_hdr.o \
- crypto/asn1/x_pkey.o \
- crypto/asn1/a_bool.o \
- crypto/asn1/x_exten.o \
- crypto/asn1/asn_mime.o \
- crypto/asn1/asn1_gen.o \
- crypto/asn1/asn1_par.o \
- crypto/asn1/asn1_lib.o \
- crypto/asn1/asn1_err.o \
- crypto/asn1/a_meth.o \
- crypto/asn1/a_bytes.o \
- crypto/asn1/a_strnid.o \
- crypto/asn1/evp_asn1.o \
- crypto/asn1/asn_pack.o \
- crypto/asn1/p5_pbe.o \
- crypto/asn1/p5_pbev2.o \
- crypto/asn1/p8_pkey.o \
- crypto/asn1/asn_moid.o \
- crypto/pem/pem_sign.o \
- crypto/pem/pem_seal.o \
- crypto/pem/pem_info.o \
- crypto/pem/pem_lib.o \
- crypto/pem/pem_all.o \
- crypto/pem/pem_err.o \
- crypto/pem/pem_x509.o \
- crypto/pem/pem_xaux.o \
- crypto/pem/pem_oth.o \
- crypto/pem/pem_pk8.o \
- crypto/pem/pem_pkey.o \
- crypto/x509/x509_def.o \
- crypto/x509/x509_d2.o \
- crypto/x509/x509_r2x.o \
- crypto/x509/x509_cmp.o \
- crypto/x509/x509_obj.o \
- crypto/x509/x509_req.o \
- crypto/x509/x509spki.o \
- crypto/x509/x509_vfy.o \
- crypto/x509/x509_set.o \
- crypto/x509/x509cset.o \
- crypto/x509/x509rset.o \
- crypto/x509/x509_err.o \
- crypto/x509/x509name.o \
- crypto/x509/x509_v3.o \
- crypto/x509/x509_ext.o \
- crypto/x509/x509_att.o \
- crypto/x509/x509type.o \
- crypto/x509/x509_lu.o \
- crypto/x509/x_all.o \
- crypto/x509/x509_txt.o \
- crypto/x509/x509_trs.o \
- crypto/x509/by_file.o \
- crypto/x509/by_dir.o \
- crypto/x509/x509_vpm.o \
- crypto/x509v3/v3_bcons.o \
- crypto/x509v3/v3_bitst.o \
- crypto/x509v3/v3_conf.o \
- crypto/x509v3/v3_extku.o \
- crypto/x509v3/v3_ia5.o \
- crypto/x509v3/v3_lib.o \
- crypto/x509v3/v3_prn.o \
- crypto/x509v3/v3_utl.o \
- crypto/x509v3/v3err.o \
- crypto/x509v3/v3_genn.o \
- crypto/x509v3/v3_alt.o \
- crypto/x509v3/v3_skey.o \
- crypto/x509v3/v3_akey.o \
- crypto/x509v3/v3_pku.o \
- crypto/x509v3/v3_int.o \
- crypto/x509v3/v3_enum.o \
- crypto/x509v3/v3_sxnet.o \
- crypto/x509v3/v3_cpols.o \
- crypto/x509v3/v3_crld.o \
- crypto/x509v3/v3_purp.o \
- crypto/x509v3/v3_info.o \
- crypto/x509v3/v3_ocsp.o \
- crypto/x509v3/v3_akeya.o \
- crypto/x509v3/v3_pmaps.o \
- crypto/x509v3/v3_pcons.o \
- crypto/x509v3/v3_ncons.o \
- crypto/x509v3/v3_pcia.o \
- crypto/x509v3/v3_pci.o \
- crypto/x509v3/pcy_cache.o \
- crypto/x509v3/pcy_node.o \
- crypto/x509v3/pcy_data.o \
- crypto/x509v3/pcy_map.o \
- crypto/x509v3/pcy_tree.o \
- crypto/x509v3/pcy_lib.o \
- crypto/x509v3/v3_asid.o \
- crypto/x509v3/v3_addr.o \
- crypto/conf/conf_err.o \
- crypto/conf/conf_lib.o \
- crypto/conf/conf_api.o \
- crypto/conf/conf_def.o \
- crypto/conf/conf_mod.o \
- crypto/conf/conf_mall.o \
- crypto/conf/conf_sap.o \
- crypto/txt_db/txt_db.o \
- crypto/pkcs7/pk7_asn1.o \
- crypto/pkcs7/pk7_lib.o \
- crypto/pkcs7/pkcs7err.o \
- crypto/pkcs7/pk7_doit.o \
- crypto/pkcs7/pk7_smime.o \
- crypto/pkcs7/pk7_attr.o \
- crypto/pkcs7/pk7_mime.o \
- crypto/pkcs12/p12_add.o \
- crypto/pkcs12/p12_asn.o \
- crypto/pkcs12/p12_attr.o \
- crypto/pkcs12/p12_crpt.o \
- crypto/pkcs12/p12_crt.o \
- crypto/pkcs12/p12_decr.o \
- crypto/pkcs12/p12_init.o \
- crypto/pkcs12/p12_key.o \
- crypto/pkcs12/p12_kiss.o \
- crypto/pkcs12/p12_mutl.o \
- crypto/pkcs12/p12_utl.o \
- crypto/pkcs12/p12_npas.o \
- crypto/pkcs12/pk12err.o \
- crypto/pkcs12/p12_p8d.o \
- crypto/pkcs12/p12_p8e.o \
- crypto/comp/comp_lib.o \
- crypto/comp/comp_err.o \
- crypto/comp/c_rle.o \
- crypto/comp/c_zlib.o \
- crypto/engine/eng_err.o \
- crypto/engine/eng_lib.o \
- crypto/engine/eng_list.o \
- crypto/engine/eng_init.o \
- crypto/engine/eng_ctrl.o \
- crypto/engine/eng_table.o \
- crypto/engine/eng_pkey.o \
- crypto/engine/eng_fat.o \
- crypto/engine/eng_all.o \
- crypto/engine/tb_rsa.o \
- crypto/engine/tb_dsa.o \
- crypto/engine/tb_ecdsa.o \
- crypto/engine/tb_dh.o \
- crypto/engine/tb_ecdh.o \
- crypto/engine/tb_rand.o \
- crypto/engine/tb_store.o \
- crypto/engine/tb_cipher.o \
- crypto/engine/tb_digest.o \
- crypto/engine/eng_openssl.o \
- crypto/engine/eng_cnf.o \
- crypto/engine/eng_dyn.o \
- crypto/engine/eng_cryptodev.o \
- crypto/engine/eng_padlock.o \
- crypto/ocsp/ocsp_asn.o \
- crypto/ocsp/ocsp_ext.o \
- crypto/ocsp/ocsp_ht.o \
- crypto/ocsp/ocsp_lib.o \
- crypto/ocsp/ocsp_cl.o \
- crypto/ocsp/ocsp_srv.o \
- crypto/ocsp/ocsp_prn.o \
- crypto/ocsp/ocsp_vfy.o \
- crypto/ocsp/ocsp_err.o \
- crypto/ui/ui_err.o \
- crypto/ui/ui_lib.o \
- crypto/ui/ui_util.o \
- crypto/ui/ui_compat.o \
- crypto/krb5/krb5_asn.o \
- crypto/store/str_err.o \
- crypto/store/str_lib.o \
- crypto/store/str_meth.o \
- crypto/store/str_mem.o \
- crypto/pqueue/pqueue.o \
-
-
-
-all: $(TARGET)
-
-libopenssl.a: $(OBJS)
- ar rcs libopenssl.a $(OBJS)
-
-clean:
- rm -f $(TARGET) $(OBJS)
diff --git a/.pc/gcc5-includes-stdarg.patch/Makefile b/.pc/gcc5-includes-stdarg.patch/Makefile
deleted file mode 100644
index 9cae609..0000000
--- a/.pc/gcc5-includes-stdarg.patch/Makefile
+++ /dev/null
@@ -1,183 +0,0 @@
-CC = $(CROSS_COMPILE)gcc
-LD = $(CROSS_COMPILE)ld
-OBJCOPY = $(CROSS_COMPILE)objcopy
-
-ARCH = $(shell $(CC) -dumpmachine | cut -f1 -d- | sed s,i[3456789]86,ia32,)
-
-SUBDIRS = Cryptlib lib
-
-LIB_PATH = /usr/lib64
-
-EFI_INCLUDE := /usr/include/efi
-EFI_INCLUDES = -nostdinc -ICryptlib -ICryptlib/Include -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol -Iinclude
-EFI_PATH := /usr/lib64/gnuefi
-
-LIB_GCC = $(shell $(CC) -print-libgcc-file-name)
-EFI_LIBS = -lefi -lgnuefi --start-group Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a --end-group $(LIB_GCC)
-
-EFI_CRT_OBJS = $(EFI_PATH)/crt0-efi-$(ARCH).o
-EFI_LDS = elf_$(ARCH)_efi.lds
-
-DEFAULT_LOADER := \\\\grubx64.efi
-CFLAGS = -std=gnu89 -ggdb -O0 -fno-stack-protector -fno-strict-aliasing -fpic \
- -fshort-wchar -Wall -Wsign-compare -Werror -fno-builtin \
- -Werror=sign-compare \
- "-DDEFAULT_LOADER=L\"$(DEFAULT_LOADER)\"" \
- "-DDEFAULT_LOADER_CHAR=\"$(DEFAULT_LOADER)\"" \
- $(EFI_INCLUDES)
-
-ifneq ($(origin OVERRIDE_SECURITY_POLICY), undefined)
- CFLAGS += -DOVERRIDE_SECURITY_POLICY
-endif
-
-ifeq ($(ARCH),x86_64)
- CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args \
- -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI
-endif
-ifeq ($(ARCH),ia32)
- CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args -m32
-endif
-
-ifeq ($(ARCH),aarch64)
- CFLAGS += -ffreestanding -I$(shell $(CC) -print-file-name=include)
-endif
-
-ifeq ($(ARCH),arm)
- CFLAGS += -ffreestanding -I$(shell $(CC) -print-file-name=include)
-endif
-
-ifneq ($(origin VENDOR_CERT_FILE), undefined)
- CFLAGS += -DVENDOR_CERT_FILE=\"$(VENDOR_CERT_FILE)\"
-endif
-ifneq ($(origin VENDOR_DBX_FILE), undefined)
- CFLAGS += -DVENDOR_DBX_FILE=\"$(VENDOR_DBX_FILE)\"
-endif
-
-LDFLAGS = -nostdlib -znocombreloc -T $(EFI_LDS) -shared -Bsymbolic -L$(EFI_PATH) -L$(LIB_PATH) -LCryptlib -LCryptlib/OpenSSL $(EFI_CRT_OBJS)
-
-VERSION = 0.8
-
-TARGET = shim.efi MokManager.efi.signed fallback.efi.signed
-OBJS = shim.o netboot.o cert.o replacements.o version.o
-KEYS = shim_cert.h ocsp.* ca.* shim.crt shim.csr shim.p12 shim.pem shim.key shim.cer
-SOURCES = shim.c shim.h netboot.c include/PeImage.h include/wincert.h include/console.h replacements.c replacements.h version.c version.h
-MOK_OBJS = MokManager.o PasswordCrypt.o crypt_blowfish.o
-MOK_SOURCES = MokManager.c shim.h include/console.h PasswordCrypt.c PasswordCrypt.h crypt_blowfish.c crypt_blowfish.h
-FALLBACK_OBJS = fallback.o
-FALLBACK_SRCS = fallback.c
-
-all: $(TARGET)
-
-shim.crt:
- ./make-certs shim shim@xn--u4h.net all codesign 1.3.6.1.4.1.311.10.3.1 $@
- hexdump -v -e '1/1 "0x%02x, "' $< >> $@
- echo "};" >> $@
-
-version.c : version.c.in
- sed -e "s,@@VERSION@@,$(VERSION)," \
- -e "s,@@UNAME@@,$(shell uname -a)," \
- -e "s,@@COMMIT@@,$(shell if [ -d .git ] ; then git log -1 --pretty=format:%H ; elif [ -f commit ]; then cat commit ; else echo commit id not available; fi)," \
- < version.c.in > version.c
-
-certdb/secmod.db: shim.crt
- -mkdir certdb
- pk12util -d certdb/ -i shim.p12 -W "" -K ""
- certutil -d certdb/ -A -i shim.crt -n shim -t u
-
-shim.o: $(SOURCES) shim_cert.h
-
-cert.o : cert.S
- $(CC) $(CFLAGS) -c -o $@ $<
-
-shim.so: $(OBJS) Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a lib/lib.a
- $(LD) -o $@ $(LDFLAGS) $^ $(EFI_LIBS)
-
-fallback.o: $(FALLBACK_SRCS)
-
-fallback.so: $(FALLBACK_OBJS) Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a lib/lib.a
- $(LD) -o $@ $(LDFLAGS) $^ $(EFI_LIBS)
-
-MokManager.o: $(MOK_SOURCES)
-
-MokManager.so: $(MOK_OBJS) Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a lib/lib.a
- $(LD) -o $@ $(LDFLAGS) $^ $(EFI_LIBS) lib/lib.a
-
-Cryptlib/libcryptlib.a:
- $(MAKE) -C Cryptlib
-
-Cryptlib/OpenSSL/libopenssl.a:
- $(MAKE) -C Cryptlib/OpenSSL
-
-lib/lib.a:
- $(MAKE) -C lib
-
-ifeq ($(ARCH),aarch64)
-FORMAT := -O binary
-SUBSYSTEM := 0xa
-LDFLAGS += --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM)
-endif
-
-ifeq ($(ARCH),arm)
-FORMAT := -O binary
-SUBSYSTEM := 0xa
-LDFLAGS += --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM)
-endif
-
-FORMAT ?= --target efi-app-$(ARCH)
-
-%.efi: %.so
- $(OBJCOPY) -j .text -j .sdata -j .data \
- -j .dynamic -j .dynsym -j .rel* \
- -j .rela* -j .reloc -j .eh_frame \
- -j .vendor_cert \
- $(FORMAT) $^ $@
- $(OBJCOPY) -j .text -j .sdata -j .data \
- -j .dynamic -j .dynsym -j .rel* \
- -j .rela* -j .reloc -j .eh_frame \
- -j .debug_info -j .debug_abbrev -j .debug_aranges \
- -j .debug_line -j .debug_str -j .debug_ranges \
- $(FORMAT) $^ $@.debug
-
-%.efi.signed: %.efi shim.crt
- sbsign --key shim.key --cert shim.crt $<
-
-clean:
- $(MAKE) -C Cryptlib clean
- $(MAKE) -C Cryptlib/OpenSSL clean
- $(MAKE) -C lib clean
- rm -rf $(TARGET) $(OBJS) $(MOK_OBJS) $(FALLBACK_OBJS) $(KEYS) certdb
- rm -f *.debug *.so *.efi *.tar.* version.c
-
-GITTAG = $(VERSION)
-
-test-archive:
- @rm -rf /tmp/shim-$(VERSION) /tmp/shim-$(VERSION)-tmp
- @mkdir -p /tmp/shim-$(VERSION)-tmp
- @git archive --format=tar $(shell git branch | awk '/^*/ { print $$2 }') | ( cd /tmp/shim-$(VERSION)-tmp/ ; tar x )
- @git diff | ( cd /tmp/shim-$(VERSION)-tmp/ ; patch -s -p1 -b -z .gitdiff )
- @mv /tmp/shim-$(VERSION)-tmp/ /tmp/shim-$(VERSION)/
- @git log -1 --pretty=format:%H > /tmp/shim-$(VERSION)/commit
- @dir=$$PWD; cd /tmp; tar -c --bzip2 -f $$dir/shim-$(VERSION).tar.bz2 shim-$(VERSION)
- @rm -rf /tmp/shim-$(VERSION)
- @echo "The archive is in shim-$(VERSION).tar.bz2"
-
-tag:
- git tag --sign $(GITTAG) refs/heads/master
-
-archive: tag
- @rm -rf /tmp/shim-$(VERSION) /tmp/shim-$(VERSION)-tmp
- @mkdir -p /tmp/shim-$(VERSION)-tmp
- @git archive --format=tar $(GITTAG) | ( cd /tmp/shim-$(VERSION)-tmp/ ; tar x )
- @mv /tmp/shim-$(VERSION)-tmp/ /tmp/shim-$(VERSION)/
- @git log -1 --pretty=format:%H > /tmp/shim-$(VERSION)/commit
- @dir=$$PWD; cd /tmp; tar -c --bzip2 -f $$dir/shim-$(VERSION).tar.bz2 shim-$(VERSION)
- @rm -rf /tmp/shim-$(VERSION)
- @echo "The archive is in shim-$(VERSION).tar.bz2"
-
-export ARCH CC LD OBJCOPY EFI_INCLUDE
diff --git a/.pc/gcc5-includes-stdarg.patch/MokManager.c b/.pc/gcc5-includes-stdarg.patch/MokManager.c
deleted file mode 100644
index ee29051..0000000
--- a/.pc/gcc5-includes-stdarg.patch/MokManager.c
+++ /dev/null
@@ -1,2017 +0,0 @@
-#include
-#include
-#include
-#include
-#include "shim.h"
-#include "PeImage.h"
-#include "PasswordCrypt.h"
-
-#include "guid.h"
-#include "console.h"
-#include "variables.h"
-#include "simple_file.h"
-#include "efiauthenticated.h"
-
-#define PASSWORD_MAX 256
-#define PASSWORD_MIN 1
-#define SB_PASSWORD_LEN 16
-
-#define NAME_LINE_MAX 70
-
-#ifndef SHIM_VENDOR
-#define SHIM_VENDOR L"Shim"
-#endif
-
-#define EFI_VARIABLE_APPEND_WRITE 0x00000040
-
-EFI_GUID SHIM_LOCK_GUID = { 0x605dab50, 0xe046, 0x4300, {0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23} };
-
-#define CERT_STRING L"Select an X509 certificate to enroll:\n\n"
-#define HASH_STRING L"Select a file to trust:\n\n"
-
-struct menu_item {
- CHAR16 *text;
- INTN (* callback)(void *data, void *data2, void *data3);
- void *data;
- void *data2;
- void *data3;
- UINTN colour;
-};
-
-typedef struct {
- UINT32 MokSize;
- UINT8 *Mok;
- EFI_GUID Type;
-} __attribute__ ((packed)) MokListNode;
-
-typedef struct {
- UINT32 MokSBState;
- UINT32 PWLen;
- CHAR16 Password[SB_PASSWORD_LEN];
-} __attribute__ ((packed)) MokSBvar;
-
-typedef struct {
- UINT32 MokDBState;
- UINT32 PWLen;
- CHAR16 Password[SB_PASSWORD_LEN];
-} __attribute__ ((packed)) MokDBvar;
-
-static EFI_STATUS get_sha1sum (void *Data, int DataSize, UINT8 *hash)
-{
- EFI_STATUS status;
- unsigned int ctxsize;
- void *ctx = NULL;
-
- ctxsize = Sha1GetContextSize();
- ctx = AllocatePool(ctxsize);
-
- if (!ctx) {
- console_notify(L"Unable to allocate memory for hash context");
- return EFI_OUT_OF_RESOURCES;
- }
-
- if (!Sha1Init(ctx)) {
- console_notify(L"Unable to initialise hash");
- status = EFI_OUT_OF_RESOURCES;
- goto done;
- }
-
- if (!(Sha1Update(ctx, Data, DataSize))) {
- console_notify(L"Unable to generate hash");
- status = EFI_OUT_OF_RESOURCES;
- goto done;
- }
-
- if (!(Sha1Final(ctx, hash))) {
- console_notify(L"Unable to finalise hash");
- status = EFI_OUT_OF_RESOURCES;
- goto done;
- }
-
- status = EFI_SUCCESS;
-done:
- return status;
-}
-
-static UINT32 count_keys(void *Data, UINTN DataSize)
-{
- EFI_SIGNATURE_LIST *CertList = Data;
- EFI_GUID CertType = X509_GUID;
- EFI_GUID HashType = EFI_CERT_SHA256_GUID;
- UINTN dbsize = DataSize;
- UINT32 MokNum = 0;
- void *end = Data + DataSize;
-
- while ((dbsize > 0) && (dbsize >= CertList->SignatureListSize)) {
-
- /* Use ptr arithmetics to ensure bounded access. Do not allow 0
- * SignatureListSize that will cause endless loop.
- */
- if ((void *)(CertList + 1) > end || CertList->SignatureListSize == 0) {
- console_notify(L"Invalid MOK detected! Ignoring MOK List.");
- return 0;
- }
-
- if ((CompareGuid (&CertList->SignatureType, &CertType) != 0) &&
- (CompareGuid (&CertList->SignatureType, &HashType) != 0)) {
- console_notify(L"Doesn't look like a key or hash");
- dbsize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList +
- CertList->SignatureListSize);
- continue;
- }
-
- if ((CompareGuid (&CertList->SignatureType, &CertType) != 0) &&
- (CertList->SignatureSize != 48)) {
- console_notify(L"Doesn't look like a valid hash");
- dbsize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList +
- CertList->SignatureListSize);
- continue;
- }
-
- MokNum++;
- dbsize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList +
- CertList->SignatureListSize);
- }
-
- return MokNum;
-}
-
-static MokListNode *build_mok_list(UINT32 num, void *Data, UINTN DataSize) {
- MokListNode *list;
- EFI_SIGNATURE_LIST *CertList = Data;
- EFI_SIGNATURE_DATA *Cert;
- EFI_GUID CertType = X509_GUID;
- EFI_GUID HashType = EFI_CERT_SHA256_GUID;
- UINTN dbsize = DataSize;
- UINTN count = 0;
- void *end = Data + DataSize;
-
- list = AllocatePool(sizeof(MokListNode) * num);
-
- if (!list) {
- console_notify(L"Unable to allocate MOK list");
- return NULL;
- }
-
- while ((dbsize > 0) && (dbsize >= CertList->SignatureListSize)) {
- /* CertList out of bounds? */
- if ((void *)(CertList + 1) > end || CertList->SignatureListSize == 0) {
- FreePool(list);
- return NULL;
- }
- if ((CompareGuid (&CertList->SignatureType, &CertType) != 0) &&
- (CompareGuid (&CertList->SignatureType, &HashType) != 0)) {
- dbsize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *)((UINT8 *) CertList +
- CertList->SignatureListSize);
- continue;
- }
-
- if ((CompareGuid (&CertList->SignatureType, &HashType) == 0) &&
- (CertList->SignatureSize != 48)) {
- dbsize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *)((UINT8 *) CertList +
- CertList->SignatureListSize);
- continue;
- }
-
- Cert = (EFI_SIGNATURE_DATA *) (((UINT8 *) CertList) +
- sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
-
- /* Cert out of bounds? */
- if ((void *)(Cert + 1) > end || CertList->SignatureSize <= sizeof(EFI_GUID)) {
- FreePool(list);
- return NULL;
- }
-
- list[count].MokSize = CertList->SignatureSize - sizeof(EFI_GUID);
- list[count].Mok = (void *)Cert->SignatureData;
- list[count].Type = CertList->SignatureType;
-
- /* MOK out of bounds? */
- if (list[count].MokSize > (unsigned long)end -
- (unsigned long)list[count].Mok) {
- FreePool(list);
- return NULL;
- }
-
- count++;
- dbsize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList +
- CertList->SignatureListSize);
- }
-
- return list;
-}
-
-typedef struct {
- int nid;
- CHAR16 *name;
-} NidName;
-
-static NidName nidname[] = {
- {NID_commonName, L"CN"},
- {NID_organizationName, L"O"},
- {NID_countryName, L"C"},
- {NID_stateOrProvinceName, L"ST"},
- {NID_localityName, L"L"},
- {-1, NULL}
-};
-
-static CHAR16* get_x509_name (X509_NAME *X509Name)
-{
- CHAR16 name[NAME_LINE_MAX+1];
- CHAR16 part[NAME_LINE_MAX+1];
- char str[NAME_LINE_MAX];
- int i, len, rest, first;
-
- name[0] = '\0';
- rest = NAME_LINE_MAX;
- first = 1;
- for (i = 0; nidname[i].name != NULL; i++) {
- int add;
- len = X509_NAME_get_text_by_NID (X509Name, nidname[i].nid,
- str, NAME_LINE_MAX);
- if (len <= 0)
- continue;
-
- if (first)
- add = len + (int)StrLen(nidname[i].name) + 1;
- else
- add = len + (int)StrLen(nidname[i].name) + 3;
-
- if (add > rest)
- continue;
-
- if (first) {
- SPrint(part, NAME_LINE_MAX * sizeof(CHAR16), L"%s=%a",
- nidname[i].name, str);
- } else {
- SPrint(part, NAME_LINE_MAX * sizeof(CHAR16), L", %s=%a",
- nidname[i].name, str);
- }
- StrCat(name, part);
- rest -= add;
- first = 0;
- }
-
- if (rest >= 0 && rest < NAME_LINE_MAX)
- return PoolPrint(L"%s", name);
-
- return NULL;
-}
-
-static CHAR16* get_x509_time (ASN1_TIME *time)
-{
- BIO *bio = BIO_new (BIO_s_mem());
- char str[30];
- int len;
-
- ASN1_TIME_print (bio, time);
- len = BIO_read(bio, str, 29);
- if (len < 0)
- len = 0;
- str[len] = '\0';
- BIO_free (bio);
-
- return PoolPrint(L"%a", str);
-}
-
-static void show_x509_info (X509 *X509Cert, UINT8 *hash)
-{
- ASN1_INTEGER *serial;
- BIGNUM *bnser;
- unsigned char hexbuf[30];
- X509_NAME *X509Name;
- ASN1_TIME *time;
- CHAR16 *issuer = NULL;
- CHAR16 *subject = NULL;
- CHAR16 *from = NULL;
- CHAR16 *until = NULL;
- POOL_PRINT hash_string1;
- POOL_PRINT hash_string2;
- POOL_PRINT serial_string;
- int fields = 0;
- CHAR16 **text;
- int i = 0;
-
- ZeroMem(&hash_string1, sizeof(hash_string1));
- ZeroMem(&hash_string2, sizeof(hash_string2));
- ZeroMem(&serial_string, sizeof(serial_string));
-
- serial = X509_get_serialNumber(X509Cert);
- if (serial) {
- int i, n;
- bnser = ASN1_INTEGER_to_BN(serial, NULL);
- n = BN_bn2bin(bnser, hexbuf);
- for (i = 0; i < n; i++) {
- CatPrint(&serial_string, L"%02x:", hexbuf[i]);
- }
- }
-
- if (serial_string.str)
- fields++;
-
- X509Name = X509_get_issuer_name(X509Cert);
- if (X509Name) {
- issuer = get_x509_name(X509Name);
- if (issuer)
- fields++;
- }
-
- X509Name = X509_get_subject_name(X509Cert);
- if (X509Name) {
- subject = get_x509_name(X509Name);
- if (subject)
- fields++;
- }
-
- time = X509_get_notBefore(X509Cert);
- if (time) {
- from = get_x509_time(time);
- if (from)
- fields++;
- }
-
- time = X509_get_notAfter(X509Cert);
- if (time) {
- until = get_x509_time(time);
- if (until)
- fields++;
- }
-
- for (i=0; i<10; i++)
- CatPrint(&hash_string1, L"%02x ", hash[i]);
- for (i=10; i<20; i++)
- CatPrint(&hash_string2, L"%02x ", hash[i]);
-
- if (hash_string1.str)
- fields++;
-
- if (hash_string2.str)
- fields++;
-
- if (!fields)
- return;
-
- i = 0;
- text = AllocateZeroPool(sizeof(CHAR16 *) * (fields*3 + 1));
- if (serial_string.str) {
- text[i++] = StrDuplicate(L"[Serial Number]");
- text[i++] = serial_string.str;
- text[i++] = StrDuplicate(L"");
- }
- if (issuer) {
- text[i++] = StrDuplicate(L"[Issuer]");
- text[i++] = issuer;
- text[i++] = StrDuplicate(L"");
- }
- if (subject) {
- text[i++] = StrDuplicate(L"[Subject]");
- text[i++] = subject;
- text[i++] = StrDuplicate(L"");
- }
- if (from) {
- text[i++] = StrDuplicate(L"[Valid Not Before]");
- text[i++] = from;
- text[i++] = StrDuplicate(L"");
- }
- if (until) {
- text[i++] = StrDuplicate(L"[Valid Not After]");
- text[i++] = until;
- text[i++] = StrDuplicate(L"");
- }
- if (hash_string1.str) {
- text[i++] = StrDuplicate(L"[Fingerprint]");
- text[i++] = hash_string1.str;
- }
- if (hash_string2.str) {
- text[i++] = hash_string2.str;
- text[i++] = StrDuplicate(L"");
- }
- text[i] = NULL;
-
- console_print_box(text, -1);
-
- for (i=0; text[i] != NULL; i++)
- FreePool(text[i]);
-
- FreePool(text);
-}
-
-static void show_efi_hash (UINT8 *hash)
-{
- CHAR16 *text[5];
- POOL_PRINT hash_string1;
- POOL_PRINT hash_string2;
- int i;
-
- ZeroMem(&hash_string1, sizeof(hash_string1));
- ZeroMem(&hash_string2, sizeof(hash_string2));
-
- text[0] = L"SHA256 hash";
- text[1] = L"";
-
- for (i=0; i<16; i++)
- CatPrint(&hash_string1, L"%02x ", hash[i]);
- for (i=16; i<32; i++)
- CatPrint(&hash_string2, L"%02x ", hash[i]);
-
- text[2] = hash_string1.str;
- text[3] = hash_string2.str;
- text[4] = NULL;
-
- console_print_box(text, -1);
-
- if (hash_string1.str)
- FreePool(hash_string1.str);
-
- if (hash_string2.str)
- FreePool(hash_string2.str);
-}
-
-static void show_mok_info (void *Mok, UINTN MokSize)
-{
- EFI_STATUS efi_status;
- UINT8 hash[SHA1_DIGEST_SIZE];
- X509 *X509Cert;
-
- if (!Mok || MokSize == 0)
- return;
-
- if (MokSize != SHA256_DIGEST_SIZE) {
- efi_status = get_sha1sum(Mok, MokSize, hash);
-
- if (efi_status != EFI_SUCCESS) {
- console_notify(L"Failed to compute MOK fingerprint");
- return;
- }
-
- if (X509ConstructCertificate(Mok, MokSize,
- (UINT8 **) &X509Cert) && X509Cert != NULL) {
- show_x509_info(X509Cert, hash);
- X509_free(X509Cert);
- } else {
- console_notify(L"Not a valid X509 certificate");
- return;
- }
- } else {
- show_efi_hash(Mok);
- }
-}
-
-static EFI_STATUS list_keys (void *KeyList, UINTN KeyListSize, CHAR16 *title)
-{
- INTN MokNum = 0;
- MokListNode *keys = NULL;
- INTN key_num = 0;
- CHAR16 **menu_strings;
- int i;
-
- if (KeyListSize < (sizeof(EFI_SIGNATURE_LIST) +
- sizeof(EFI_SIGNATURE_DATA))) {
- console_notify(L"No MOK keys found");
- return 0;
- }
-
- MokNum = count_keys(KeyList, KeyListSize);
- if (MokNum == 0)
- return 0;
- keys = build_mok_list(MokNum, KeyList, KeyListSize);
-
- if (!keys) {
- console_notify(L"Failed to construct key list");
- return 0;
- }
-
- menu_strings = AllocateZeroPool(sizeof(CHAR16 *) * (MokNum + 2));
-
- if (!menu_strings)
- return EFI_OUT_OF_RESOURCES;
-
- for (i=0; i= line_max &&
- key.UnicodeChar != CHAR_BACKSPACE) ||
- key.UnicodeChar == CHAR_NULL ||
- key.UnicodeChar == CHAR_TAB ||
- key.UnicodeChar == CHAR_LINEFEED ||
- key.UnicodeChar == CHAR_CARRIAGE_RETURN) {
- continue;
- }
-
- if (count == 0 && key.UnicodeChar == CHAR_BACKSPACE) {
- continue;
- } else if (key.UnicodeChar == CHAR_BACKSPACE) {
- if (show) {
- Print(L"\b");
- }
- line[--count] = '\0';
- continue;
- }
-
- if (show) {
- Print(L"%c", key.UnicodeChar);
- }
-
- line[count++] = key.UnicodeChar;
- } while (key.UnicodeChar != CHAR_CARRIAGE_RETURN);
- Print(L"\n");
-
- *length = count;
-
- return EFI_SUCCESS;
-}
-
-static EFI_STATUS compute_pw_hash (void *Data, UINTN DataSize, UINT8 *password,
- UINT32 pw_length, UINT8 *hash)
-{
- EFI_STATUS status;
- unsigned int ctxsize;
- void *ctx = NULL;
-
- ctxsize = Sha256GetContextSize();
- ctx = AllocatePool(ctxsize);
-
- if (!ctx) {
- console_notify(L"Unable to allocate memory for hash context");
- return EFI_OUT_OF_RESOURCES;
- }
-
- if (!Sha256Init(ctx)) {
- console_notify(L"Unable to initialise hash");
- status = EFI_OUT_OF_RESOURCES;
- goto done;
- }
-
- if (Data && DataSize) {
- if (!(Sha256Update(ctx, Data, DataSize))) {
- console_notify(L"Unable to generate hash");
- status = EFI_OUT_OF_RESOURCES;
- goto done;
- }
- }
-
- if (!(Sha256Update(ctx, password, pw_length))) {
- console_notify(L"Unable to generate hash");
- status = EFI_OUT_OF_RESOURCES;
- goto done;
- }
-
- if (!(Sha256Final(ctx, hash))) {
- console_notify(L"Unable to finalise hash");
- status = EFI_OUT_OF_RESOURCES;
- goto done;
- }
-
- status = EFI_SUCCESS;
-done:
- return status;
-}
-
-static void console_save_and_set_mode (SIMPLE_TEXT_OUTPUT_MODE *SavedMode)
-{
- if (!SavedMode) {
- Print(L"Invalid parameter: SavedMode\n");
- return;
- }
-
- CopyMem(SavedMode, ST->ConOut->Mode, sizeof(SIMPLE_TEXT_OUTPUT_MODE));
- uefi_call_wrapper(ST->ConOut->EnableCursor, 2, ST->ConOut, FALSE);
- uefi_call_wrapper(ST->ConOut->SetAttribute, 2, ST->ConOut,
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE);
-}
-
-static void console_restore_mode (SIMPLE_TEXT_OUTPUT_MODE *SavedMode)
-{
- uefi_call_wrapper(ST->ConOut->EnableCursor, 2, ST->ConOut,
- SavedMode->CursorVisible);
- uefi_call_wrapper(ST->ConOut->SetCursorPosition, 3, ST->ConOut,
- SavedMode->CursorColumn, SavedMode->CursorRow);
- uefi_call_wrapper(ST->ConOut->SetAttribute, 2, ST->ConOut,
- SavedMode->Attribute);
-}
-
-static UINT32 get_password (CHAR16 *prompt, CHAR16 *password, UINT32 max)
-{
- SIMPLE_TEXT_OUTPUT_MODE SavedMode;
- CHAR16 *str;
- CHAR16 *message[2];
- UINTN length;
- UINT32 pw_length;
-
- if (!prompt)
- prompt = L"Password:";
-
- console_save_and_set_mode(&SavedMode);
-
- str = PoolPrint(L"%s ", prompt);
- if (!str) {
- console_errorbox(L"Failed to allocate prompt");
- return 0;
- }
-
- message[0] = str;
- message[1] = NULL;
- length = StrLen(message[0]);
- console_print_box_at(message, -1, -length-4, -5, length+4, 3, 0, 1);
- get_line(&pw_length, password, max, 0);
-
- console_restore_mode(&SavedMode);
-
- FreePool(str);
-
- return pw_length;
-}
-
-static EFI_STATUS match_password (PASSWORD_CRYPT *pw_crypt,
- void *Data, UINTN DataSize,
- UINT8 *auth, CHAR16 *prompt)
-{
- EFI_STATUS status;
- UINT8 hash[128];
- UINT8 *auth_hash;
- UINT32 auth_size;
- CHAR16 password[PASSWORD_MAX];
- UINT32 pw_length;
- UINT8 fail_count = 0;
- unsigned int i;
-
- if (pw_crypt) {
- auth_hash = pw_crypt->hash;
- auth_size = get_hash_size (pw_crypt->method);
- if (auth_size == 0)
- return EFI_INVALID_PARAMETER;
- } else if (auth) {
- auth_hash = auth;
- auth_size = SHA256_DIGEST_SIZE;
- } else {
- return EFI_INVALID_PARAMETER;
- }
-
- while (fail_count < 3) {
- pw_length = get_password(prompt, password, PASSWORD_MAX);
-
- if (pw_length < PASSWORD_MIN || pw_length > PASSWORD_MAX) {
- console_errorbox(L"Invalid password length");
- fail_count++;
- continue;
- }
-
- /*
- * Compute password hash
- */
- if (pw_crypt) {
- char pw_ascii[PASSWORD_MAX + 1];
- for (i = 0; i < pw_length; i++)
- pw_ascii[i] = (char)password[i];
- pw_ascii[pw_length] = '\0';
-
- status = password_crypt(pw_ascii, pw_length, pw_crypt, hash);
- } else {
- /*
- * For backward compatibility
- */
- status = compute_pw_hash(Data, DataSize, (UINT8 *)password,
- pw_length * sizeof(CHAR16), hash);
- }
- if (status != EFI_SUCCESS) {
- console_errorbox(L"Unable to generate password hash");
- fail_count++;
- continue;
- }
-
- if (CompareMem(auth_hash, hash, auth_size) != 0) {
- console_errorbox(L"Password doesn't match");
- fail_count++;
- continue;
- }
-
- break;
- }
-
- if (fail_count >= 3)
- return EFI_ACCESS_DENIED;
-
- return EFI_SUCCESS;
-}
-
-static EFI_STATUS store_keys (void *MokNew, UINTN MokNewSize, int authenticate)
-{
- EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
- EFI_STATUS efi_status;
- UINT8 auth[PASSWORD_CRYPT_SIZE];
- UINTN auth_size = PASSWORD_CRYPT_SIZE;
- UINT32 attributes;
-
- if (authenticate) {
- efi_status = uefi_call_wrapper(RT->GetVariable, 5, L"MokAuth",
- &shim_lock_guid,
- &attributes, &auth_size, auth);
-
- if (efi_status != EFI_SUCCESS ||
- (auth_size != SHA256_DIGEST_SIZE &&
- auth_size != PASSWORD_CRYPT_SIZE)) {
- console_error(L"Failed to get MokAuth", efi_status);
- return efi_status;
- }
-
- if (auth_size == PASSWORD_CRYPT_SIZE) {
- efi_status = match_password((PASSWORD_CRYPT *)auth,
- NULL, 0, NULL, NULL);
- } else {
- efi_status = match_password(NULL, MokNew, MokNewSize,
- auth, NULL);
- }
- if (efi_status != EFI_SUCCESS)
- return EFI_ACCESS_DENIED;
- }
-
- if (!MokNewSize) {
- /* Delete MOK */
- efi_status = uefi_call_wrapper(RT->SetVariable, 5, L"MokList",
- &shim_lock_guid,
- EFI_VARIABLE_NON_VOLATILE
- | EFI_VARIABLE_BOOTSERVICE_ACCESS,
- 0, NULL);
- } else {
- /* Write new MOK */
- efi_status = uefi_call_wrapper(RT->SetVariable, 5, L"MokList",
- &shim_lock_guid,
- EFI_VARIABLE_NON_VOLATILE
- | EFI_VARIABLE_BOOTSERVICE_ACCESS
- | EFI_VARIABLE_APPEND_WRITE,
- MokNewSize, MokNew);
- }
-
- if (efi_status != EFI_SUCCESS) {
- console_error(L"Failed to set variable", efi_status);
- return efi_status;
- }
-
- return EFI_SUCCESS;
-}
-
-static UINTN mok_enrollment_prompt (void *MokNew, UINTN MokNewSize, int auth) {
- EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
- EFI_STATUS efi_status;
-
- if (list_keys(MokNew, MokNewSize, L"[Enroll MOK]") != EFI_SUCCESS)
- return 0;
-
- if (console_yes_no((CHAR16 *[]){L"Enroll the key(s)?", NULL}) == 0)
- return 0;
-
- efi_status = store_keys(MokNew, MokNewSize, auth);
-
- if (efi_status != EFI_SUCCESS) {
- console_notify(L"Failed to enroll keys\n");
- return -1;
- }
-
- if (auth) {
- LibDeleteVariable(L"MokNew", &shim_lock_guid);
- LibDeleteVariable(L"MokAuth", &shim_lock_guid);
-
- console_notify(L"The system must now be rebooted");
- uefi_call_wrapper(RT->ResetSystem, 4, EfiResetWarm,
- EFI_SUCCESS, 0, NULL);
- console_notify(L"Failed to reboot");
- return -1;
- }
-
- return 0;
-}
-
-static INTN mok_reset_prompt ()
-{
- EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
- EFI_STATUS efi_status;
-
- uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut);
-
- if (console_yes_no((CHAR16 *[]){L"Erase all stored keys?", NULL }) == 0)
- return 0;
-
- efi_status = store_keys(NULL, 0, TRUE);
-
- if (efi_status != EFI_SUCCESS) {
- console_notify(L"Failed to erase keys\n");
- return -1;
- }
-
- LibDeleteVariable(L"MokNew", &shim_lock_guid);
- LibDeleteVariable(L"MokAuth", &shim_lock_guid);
-
- console_notify(L"The system must now be rebooted");
- uefi_call_wrapper(RT->ResetSystem, 4, EfiResetWarm,
- EFI_SUCCESS, 0, NULL);
- console_notify(L"Failed to reboot\n");
- return -1;
-}
-
-static EFI_STATUS write_back_mok_list (MokListNode *list, INTN key_num)
-{
- EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
- EFI_STATUS efi_status;
- EFI_SIGNATURE_LIST *CertList;
- EFI_SIGNATURE_DATA *CertData;
- void *Data = NULL, *ptr;
- INTN DataSize = 0;
- int i;
-
- for (i = 0; i < key_num; i++) {
- if (list[i].Mok == NULL)
- continue;
-
- DataSize += sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_GUID);
- DataSize += list[i].MokSize;
- }
-
- Data = AllocatePool(DataSize);
- if (Data == NULL && DataSize != 0)
- return EFI_OUT_OF_RESOURCES;
-
- ptr = Data;
-
- for (i = 0; i < key_num; i++) {
- if (list[i].Mok == NULL)
- continue;
-
- CertList = (EFI_SIGNATURE_LIST *)ptr;
- CertData = (EFI_SIGNATURE_DATA *)(((uint8_t *)ptr) +
- sizeof(EFI_SIGNATURE_LIST));
-
- CertList->SignatureType = list[i].Type;
- CertList->SignatureListSize = list[i].MokSize +
- sizeof(EFI_SIGNATURE_LIST) +
- sizeof(EFI_SIGNATURE_DATA) - 1;
- CertList->SignatureHeaderSize = 0;
- CertList->SignatureSize = list[i].MokSize + sizeof(EFI_GUID);
-
- CertData->SignatureOwner = shim_lock_guid;
- CopyMem(CertData->SignatureData, list[i].Mok, list[i].MokSize);
-
- ptr = (uint8_t *)ptr + sizeof(EFI_SIGNATURE_LIST) +
- sizeof(EFI_GUID) + list[i].MokSize;
- }
-
- efi_status = uefi_call_wrapper(RT->SetVariable, 5, L"MokList",
- &shim_lock_guid,
- EFI_VARIABLE_NON_VOLATILE
- | EFI_VARIABLE_BOOTSERVICE_ACCESS,
- DataSize, Data);
- if (Data)
- FreePool(Data);
-
- if (efi_status != EFI_SUCCESS) {
- console_error(L"Failed to set variable", efi_status);
- return efi_status;
- }
-
- return EFI_SUCCESS;
-}
-
-static EFI_STATUS delete_keys (void *MokDel, UINTN MokDelSize)
-{
- EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
- EFI_STATUS efi_status;
- UINT8 auth[PASSWORD_CRYPT_SIZE];
- UINTN auth_size = PASSWORD_CRYPT_SIZE;
- UINT32 attributes;
- UINT8 *MokListData = NULL;
- UINTN MokListDataSize = 0;
- MokListNode *mok, *del_key;
- INTN mok_num, del_num;
- int i, j;
-
- efi_status = uefi_call_wrapper(RT->GetVariable, 5, L"MokDelAuth",
- &shim_lock_guid,
- &attributes, &auth_size, auth);
-
- if (efi_status != EFI_SUCCESS ||
- (auth_size != SHA256_DIGEST_SIZE && auth_size != PASSWORD_CRYPT_SIZE)) {
- console_error(L"Failed to get MokDelAuth", efi_status);
- return efi_status;
- }
-
- if (auth_size == PASSWORD_CRYPT_SIZE) {
- efi_status = match_password((PASSWORD_CRYPT *)auth, NULL, 0,
- NULL, NULL);
- } else {
- efi_status = match_password(NULL, MokDel, MokDelSize, auth, NULL);
- }
- if (efi_status != EFI_SUCCESS)
- return EFI_ACCESS_DENIED;
-
- efi_status = get_variable_attr (L"MokList", &MokListData, &MokListDataSize,
- shim_lock_guid, &attributes);
- if (attributes & EFI_VARIABLE_RUNTIME_ACCESS) {
- console_alertbox((CHAR16 *[]){L"MokList is compromised!",
- L"Erase all keys in MokList!",
- NULL});
- if (LibDeleteVariable(L"MokList", &shim_lock_guid) != EFI_SUCCESS) {
- console_notify(L"Failed to erase MokList");
- }
- return EFI_ACCESS_DENIED;
- }
-
- /* Nothing to do */
- if (!MokListData || MokListDataSize == 0)
- return EFI_SUCCESS;
-
- /* Construct lists */
- mok_num = count_keys(MokListData, MokListDataSize);
- mok = build_mok_list(mok_num, MokListData, MokListDataSize);
- del_num = count_keys(MokDel, MokDelSize);
- del_key = build_mok_list(del_num, MokDel, MokDelSize);
-
- /* Search and destroy */
- for (i = 0; i < del_num; i++) {
- UINT32 key_size = del_key[i].MokSize;
- void *key = del_key[i].Mok;
- for (j = 0; j < mok_num; j++) {
- if (mok[j].MokSize == key_size &&
- CompareMem(key, mok[j].Mok, key_size) == 0) {
- /* Remove the key */
- mok[j].Mok = NULL;
- mok[j].MokSize = 0;
- }
- }
- }
-
- efi_status = write_back_mok_list(mok, mok_num);
-
- if (MokListData)
- FreePool(MokListData);
- if (mok)
- FreePool(mok);
- if (del_key)
- FreePool(del_key);
-
- return efi_status;
-}
-
-static INTN mok_deletion_prompt (void *MokDel, UINTN MokDelSize)
-{
- EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
- EFI_STATUS efi_status;
-
- if (list_keys(MokDel, MokDelSize, L"[Delete MOK]") != EFI_SUCCESS) {
- return 0;
- }
-
- if (console_yes_no((CHAR16 *[]){L"Delete the key(s)?", NULL}) == 0)
- return 0;
-
- efi_status = delete_keys(MokDel, MokDelSize);
-
- if (efi_status != EFI_SUCCESS) {
- console_notify(L"Failed to delete keys");
- return -1;
- }
-
- LibDeleteVariable(L"MokDel", &shim_lock_guid);
- LibDeleteVariable(L"MokDelAuth", &shim_lock_guid);
-
- console_notify(L"The system must now be rebooted");
- uefi_call_wrapper(RT->ResetSystem, 4, EfiResetWarm,
- EFI_SUCCESS, 0, NULL);
- console_notify(L"Failed to reboot");
- return -1;
-}
-
-static CHAR16 get_password_charater (CHAR16 *prompt)
-{
- SIMPLE_TEXT_OUTPUT_MODE SavedMode;
- EFI_STATUS status;
- CHAR16 *message[2];
- CHAR16 character;
- UINTN length;
- UINT32 pw_length;
-
- if (!prompt)
- prompt = L"Password charater: ";
-
- console_save_and_set_mode(&SavedMode);
-
- message[0] = prompt;
- message[1] = NULL;
- length = StrLen(message[0]);
- console_print_box_at(message, -1, -length-4, -5, length+4, 3, 0, 1);
- status = get_line(&pw_length, &character, 1, 0);
- if (EFI_ERROR(status))
- character = 0;
-
- console_restore_mode(&SavedMode);
-
- return character;
-}
-
-static INTN mok_sb_prompt (void *MokSB, UINTN MokSBSize) {
- EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
- EFI_STATUS efi_status;
- SIMPLE_TEXT_OUTPUT_MODE SavedMode;
- MokSBvar *var = MokSB;
- CHAR16 *message[4];
- CHAR16 pass1, pass2, pass3;
- CHAR16 *str;
- UINT8 fail_count = 0;
- UINT8 sbval = 1;
- UINT8 pos1, pos2, pos3;
- int ret;
-
- if (MokSBSize != sizeof(MokSBvar)) {
- console_notify(L"Invalid MokSB variable contents");
- return -1;
- }
-
- uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut);
-
- message[0] = L"Change Secure Boot state";
- message[1] = NULL;
-
- console_save_and_set_mode(&SavedMode);
- console_print_box_at(message, -1, 0, 0, -1, -1, 1, 1);
- console_restore_mode(&SavedMode);
-
- while (fail_count < 3) {
- RandomBytes (&pos1, sizeof(pos1));
- pos1 = (pos1 % var->PWLen);
-
- do {
- RandomBytes (&pos2, sizeof(pos2));
- pos2 = (pos2 % var->PWLen);
- } while (pos2 == pos1);
-
- do {
- RandomBytes (&pos3, sizeof(pos3));
- pos3 = (pos3 % var->PWLen) ;
- } while (pos3 == pos2 || pos3 == pos1);
-
- str = PoolPrint(L"Enter password character %d: ", pos1 + 1);
- if (!str) {
- console_errorbox(L"Failed to allocate buffer");
- return -1;
- }
- pass1 = get_password_charater(str);
- FreePool(str);
-
- str = PoolPrint(L"Enter password character %d: ", pos2 + 1);
- if (!str) {
- console_errorbox(L"Failed to allocate buffer");
- return -1;
- }
- pass2 = get_password_charater(str);
- FreePool(str);
-
- str = PoolPrint(L"Enter password character %d: ", pos3 + 1);
- if (!str) {
- console_errorbox(L"Failed to allocate buffer");
- return -1;
- }
- pass3 = get_password_charater(str);
- FreePool(str);
-
- if (pass1 != var->Password[pos1] ||
- pass2 != var->Password[pos2] ||
- pass3 != var->Password[pos3]) {
- Print(L"Invalid character\n");
- fail_count++;
- } else {
- break;
- }
- }
-
- if (fail_count >= 3) {
- console_notify(L"Password limit reached");
- return -1;
- }
-
- if (var->MokSBState == 0)
- ret = console_yes_no((CHAR16 *[]){L"Disable Secure Boot", NULL});
- else
- ret = console_yes_no((CHAR16 *[]){L"Enable Secure Boot", NULL});
-
- if (ret == 0) {
- LibDeleteVariable(L"MokSB", &shim_lock_guid);
- return -1;
- }
-
- if (var->MokSBState == 0) {
- efi_status = uefi_call_wrapper(RT->SetVariable,
- 5, L"MokSBState",
- &shim_lock_guid,
- EFI_VARIABLE_NON_VOLATILE |
- EFI_VARIABLE_BOOTSERVICE_ACCESS,
- 1, &sbval);
- if (efi_status != EFI_SUCCESS) {
- console_notify(L"Failed to set Secure Boot state");
- return -1;
- }
- } else {
- efi_status = uefi_call_wrapper(RT->SetVariable,
- 5, L"MokSBState",
- &shim_lock_guid,
- EFI_VARIABLE_NON_VOLATILE |
- EFI_VARIABLE_BOOTSERVICE_ACCESS,
- 0, NULL);
- if (efi_status != EFI_SUCCESS) {
- console_notify(L"Failed to delete Secure Boot state");
- return -1;
- }
- }
-
- console_notify(L"The system must now be rebooted");
- uefi_call_wrapper(RT->ResetSystem, 4, EfiResetWarm,
- EFI_SUCCESS, 0, NULL);
- console_notify(L"Failed to reboot");
- return -1;
-}
-
-static INTN mok_db_prompt (void *MokDB, UINTN MokDBSize) {
- EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
- EFI_STATUS efi_status;
- SIMPLE_TEXT_OUTPUT_MODE SavedMode;
- MokDBvar *var = MokDB;
- CHAR16 *message[4];
- CHAR16 pass1, pass2, pass3;
- CHAR16 *str;
- UINT8 fail_count = 0;
- UINT8 dbval = 1;
- UINT8 pos1, pos2, pos3;
- int ret;
-
- if (MokDBSize != sizeof(MokDBvar)) {
- console_notify(L"Invalid MokDB variable contents");
- return -1;
- }
-
- uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut);
-
- message[0] = L"Change DB state";
- message[1] = NULL;
-
- console_save_and_set_mode(&SavedMode);
- console_print_box_at(message, -1, 0, 0, -1, -1, 1, 1);
- console_restore_mode(&SavedMode);
-
- while (fail_count < 3) {
- RandomBytes (&pos1, sizeof(pos1));
- pos1 = (pos1 % var->PWLen);
-
- do {
- RandomBytes (&pos2, sizeof(pos2));
- pos2 = (pos2 % var->PWLen);
- } while (pos2 == pos1);
-
- do {
- RandomBytes (&pos3, sizeof(pos3));
- pos3 = (pos3 % var->PWLen) ;
- } while (pos3 == pos2 || pos3 == pos1);
-
- str = PoolPrint(L"Enter password character %d: ", pos1 + 1);
- if (!str) {
- console_errorbox(L"Failed to allocate buffer");
- return -1;
- }
- pass1 = get_password_charater(str);
- FreePool(str);
-
- str = PoolPrint(L"Enter password character %d: ", pos2 + 1);
- if (!str) {
- console_errorbox(L"Failed to allocate buffer");
- return -1;
- }
- pass2 = get_password_charater(str);
- FreePool(str);
-
- str = PoolPrint(L"Enter password character %d: ", pos3 + 1);
- if (!str) {
- console_errorbox(L"Failed to allocate buffer");
- return -1;
- }
- pass3 = get_password_charater(str);
- FreePool(str);
-
- if (pass1 != var->Password[pos1] ||
- pass2 != var->Password[pos2] ||
- pass3 != var->Password[pos3]) {
- Print(L"Invalid character\n");
- fail_count++;
- } else {
- break;
- }
- }
-
- if (fail_count >= 3) {
- console_notify(L"Password limit reached");
- return -1;
- }
-
- if (var->MokDBState == 0)
- ret = console_yes_no((CHAR16 *[]){L"Ignore DB certs/hashes", NULL});
- else
- ret = console_yes_no((CHAR16 *[]){L"Use DB certs/hashes", NULL});
-
- if (ret == 0) {
- LibDeleteVariable(L"MokDB", &shim_lock_guid);
- return -1;
- }
-
- if (var->MokDBState == 0) {
- efi_status = uefi_call_wrapper(RT->SetVariable,
- 5, L"MokDBState",
- &shim_lock_guid,
- EFI_VARIABLE_NON_VOLATILE |
- EFI_VARIABLE_BOOTSERVICE_ACCESS,
- 1, &dbval);
- if (efi_status != EFI_SUCCESS) {
- console_notify(L"Failed to set DB state");
- return -1;
- }
- } else {
- efi_status = uefi_call_wrapper(RT->SetVariable, 5,
- L"MokDBState",
- &shim_lock_guid,
- EFI_VARIABLE_NON_VOLATILE |
- EFI_VARIABLE_BOOTSERVICE_ACCESS,
- 0, NULL);
- if (efi_status != EFI_SUCCESS) {
- console_notify(L"Failed to delete DB state");
- return -1;
- }
- }
-
- console_notify(L"The system must now be rebooted");
- uefi_call_wrapper(RT->ResetSystem, 4, EfiResetWarm,
- EFI_SUCCESS, 0, NULL);
- console_notify(L"Failed to reboot");
- return -1;
-}
-
-static INTN mok_pw_prompt (void *MokPW, UINTN MokPWSize) {
- EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
- EFI_STATUS efi_status;
- UINT8 hash[PASSWORD_CRYPT_SIZE];
- UINT8 clear = 0;
-
- if (MokPWSize != SHA256_DIGEST_SIZE && MokPWSize != PASSWORD_CRYPT_SIZE) {
- console_notify(L"Invalid MokPW variable contents");
- return -1;
- }
-
- uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut);
-
- SetMem(hash, PASSWORD_CRYPT_SIZE, 0);
-
- if (MokPWSize == PASSWORD_CRYPT_SIZE) {
- if (CompareMem(MokPW, hash, PASSWORD_CRYPT_SIZE) == 0)
- clear = 1;
- } else {
- if (CompareMem(MokPW, hash, SHA256_DIGEST_SIZE) == 0)
- clear = 1;
- }
-
- if (clear) {
- if (console_yes_no((CHAR16 *[]){L"Clear MOK password?", NULL}) == 0)
- return 0;
-
- uefi_call_wrapper(RT->SetVariable, 5, L"MokPWStore",
- &shim_lock_guid,
- EFI_VARIABLE_NON_VOLATILE
- | EFI_VARIABLE_BOOTSERVICE_ACCESS,
- 0, NULL);
- LibDeleteVariable(L"MokPW", &shim_lock_guid);
- console_notify(L"The system must now be rebooted");
- uefi_call_wrapper(RT->ResetSystem, 4, EfiResetWarm, EFI_SUCCESS, 0,
- NULL);
- console_notify(L"Failed to reboot");
- return -1;
- }
-
- if (MokPWSize == PASSWORD_CRYPT_SIZE) {
- efi_status = match_password((PASSWORD_CRYPT *)MokPW, NULL, 0,
- NULL, L"Confirm MOK passphrase: ");
- } else {
- efi_status = match_password(NULL, NULL, 0, MokPW,
- L"Confirm MOK passphrase: ");
- }
-
- if (efi_status != EFI_SUCCESS) {
- console_notify(L"Password limit reached");
- return -1;
- }
-
- if (console_yes_no((CHAR16 *[]){L"Set MOK password?", NULL}) == 0)
- return 0;
-
- efi_status = uefi_call_wrapper(RT->SetVariable, 5,
- L"MokPWStore",
- &shim_lock_guid,
- EFI_VARIABLE_NON_VOLATILE |
- EFI_VARIABLE_BOOTSERVICE_ACCESS,
- MokPWSize, MokPW);
- if (efi_status != EFI_SUCCESS) {
- console_notify(L"Failed to set MOK password");
- return -1;
- }
-
- LibDeleteVariable(L"MokPW", &shim_lock_guid);
-
- console_notify(L"The system must now be rebooted");
- uefi_call_wrapper(RT->ResetSystem, 4, EfiResetWarm, EFI_SUCCESS, 0,
- NULL);
- console_notify(L"Failed to reboot");
- return -1;
-}
-
-static BOOLEAN verify_certificate(UINT8 *cert, UINTN size)
-{
- X509 *X509Cert;
- UINTN length;
- if (!cert || size < 0)
- return FALSE;
-
- /*
- * A DER encoding x509 certificate starts with SEQUENCE(0x30),
- * the number of length bytes, and the number of value bytes.
- * The size of a x509 certificate is usually between 127 bytes
- * and 64KB. For convenience, assume the number of value bytes
- * is 2, i.e. the second byte is 0x82.
- */
- if (cert[0] != 0x30 || cert[1] != 0x82) {
- console_notify(L"Not a DER encoding X509 certificate");
- return FALSE;
- }
-
- length = (cert[2]<<8 | cert[3]);
- if (length != (size - 4)) {
- console_notify(L"Invalid X509 certificate: Inconsistent size");
- return FALSE;
- }
-
- if (!(X509ConstructCertificate(cert, size, (UINT8 **) &X509Cert)) ||
- X509Cert == NULL) {
- console_notify(L"Invalid X509 certificate");
- return FALSE;
- }
-
- X509_free(X509Cert);
- return TRUE;
-}
-
-static EFI_STATUS enroll_file (void *data, UINTN datasize, BOOLEAN hash)
-{
- EFI_STATUS status = EFI_SUCCESS;
- EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
- EFI_SIGNATURE_LIST *CertList;
- EFI_SIGNATURE_DATA *CertData;
- UINTN mokbuffersize;
- void *mokbuffer = NULL;
-
- if (hash) {
- UINT8 sha256[SHA256_DIGEST_SIZE];
- UINT8 sha1[SHA1_DIGEST_SIZE];
- SHIM_LOCK *shim_lock;
- EFI_GUID shim_guid = SHIM_LOCK_GUID;
- PE_COFF_LOADER_IMAGE_CONTEXT context;
-
- status = LibLocateProtocol(&shim_guid, (VOID **)&shim_lock);
-
- if (status != EFI_SUCCESS)
- goto out;
-
- mokbuffersize = sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_GUID) +
- SHA256_DIGEST_SIZE;
-
- mokbuffer = AllocatePool(mokbuffersize);
-
- if (!mokbuffer)
- goto out;
-
- status = shim_lock->Context(data, datasize, &context);
-
- if (status != EFI_SUCCESS)
- goto out;
-
- status = shim_lock->Hash(data, datasize, &context, sha256,
- sha1);
-
- if (status != EFI_SUCCESS)
- goto out;
-
- CertList = mokbuffer;
- CertList->SignatureType = EFI_CERT_SHA256_GUID;
- CertList->SignatureSize = 16 + SHA256_DIGEST_SIZE;
- CertData = (EFI_SIGNATURE_DATA *)(((UINT8 *)mokbuffer) +
- sizeof(EFI_SIGNATURE_LIST));
- CopyMem(CertData->SignatureData, sha256, SHA256_DIGEST_SIZE);
- } else {
- mokbuffersize = datasize + sizeof(EFI_SIGNATURE_LIST) +
- sizeof(EFI_GUID);
- mokbuffer = AllocatePool(mokbuffersize);
-
- if (!mokbuffer)
- goto out;
-
- CertList = mokbuffer;
- CertList->SignatureType = X509_GUID;
- CertList->SignatureSize = 16 + datasize;
-
- memcpy(mokbuffer + sizeof(EFI_SIGNATURE_LIST) + 16, data,
- datasize);
-
- CertData = (EFI_SIGNATURE_DATA *)(((UINT8 *)mokbuffer) +
- sizeof(EFI_SIGNATURE_LIST));
- }
-
- CertList->SignatureListSize = mokbuffersize;
- CertList->SignatureHeaderSize = 0;
- CertData->SignatureOwner = shim_lock_guid;
-
- if (!hash) {
- if (!verify_certificate(CertData->SignatureData, datasize))
- goto out;
- }
-
- mok_enrollment_prompt(mokbuffer, mokbuffersize, FALSE);
-out:
- if (mokbuffer)
- FreePool(mokbuffer);
-
- return status;
-}
-
-static void mok_hash_enroll(void)
-{
- EFI_STATUS efi_status;
- CHAR16 *file_name = NULL;
- EFI_HANDLE im = NULL;
- EFI_FILE *file = NULL;
- UINTN filesize;
- void *data;
-
- simple_file_selector(&im, (CHAR16 *[]){
- L"Select Binary",
- L"",
- L"The Selected Binary will have its hash Enrolled",
- L"This means it will Subsequently Boot with no prompting",
- L"Remember to make sure it is a genuine binary before Enroling its hash",
- NULL
- }, L"\\", L"", &file_name);
-
- if (!file_name)
- return;
-
- efi_status = simple_file_open(im, file_name, &file, EFI_FILE_MODE_READ);
-
- if (efi_status != EFI_SUCCESS) {
- console_error(L"Unable to open file", efi_status);
- return;
- }
-
- simple_file_read_all(file, &filesize, &data);
- simple_file_close(file);
-
- if (!filesize) {
- console_error(L"Unable to read file", efi_status);
- return;
- }
-
- efi_status = enroll_file(data, filesize, TRUE);
-
- if (efi_status != EFI_SUCCESS)
- console_error(L"Hash failed (did you select a valid EFI binary?)", efi_status);
-
- FreePool(data);
-}
-
-static CHAR16 *der_suffix[] = {
- L".cer",
- L".der",
- L".crt",
- NULL
-};
-
-static BOOLEAN check_der_suffix (CHAR16 *file_name)
-{
- CHAR16 suffix[5];
- int i;
-
- if (!file_name || StrLen(file_name) <= 4)
- return FALSE;
-
- suffix[0] = '\0';
- StrCat(suffix, file_name + StrLen(file_name) - 4);
-
- StrLwr (suffix);
- for (i = 0; der_suffix[i] != NULL; i++) {
- if (StrCmp(suffix, der_suffix[i]) == 0) {
- return TRUE;
- }
- }
-
- return FALSE;
-}
-
-static void mok_key_enroll(void)
-{
- EFI_STATUS efi_status;
- CHAR16 *file_name = NULL;
- EFI_HANDLE im = NULL;
- EFI_FILE *file = NULL;
- UINTN filesize;
- void *data;
-
- simple_file_selector(&im, (CHAR16 *[]){
- L"Select Key",
- L"",
- L"The selected key will be enrolled into the MOK database",
- L"This means any binaries signed with it will be run without prompting",
- L"Remember to make sure it is a genuine key before Enroling it",
- NULL
- }, L"\\", L"", &file_name);
-
- if (!file_name)
- return;
-
- if (!check_der_suffix(file_name)) {
- console_alertbox((CHAR16 *[]){
- L"Unsupported Format",
- L"",
- L"Only DER encoded certificate (*.cer/der/crt) is supported",
- NULL});
- return;
- }
-
- efi_status = simple_file_open(im, file_name, &file, EFI_FILE_MODE_READ);
-
- if (efi_status != EFI_SUCCESS) {
- console_error(L"Unable to open file", efi_status);
- return;
- }
-
- simple_file_read_all(file, &filesize, &data);
- simple_file_close(file);
-
- if (!filesize) {
- console_error(L"Unable to read file", efi_status);
- return;
- }
-
- enroll_file(data, filesize, FALSE);
- FreePool(data);
-}
-
-static BOOLEAN verify_pw(BOOLEAN *protected)
-{
- EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
- EFI_STATUS efi_status;
- SIMPLE_TEXT_OUTPUT_MODE SavedMode;
- UINT8 pwhash[PASSWORD_CRYPT_SIZE];
- UINTN size = PASSWORD_CRYPT_SIZE;
- UINT32 attributes;
- CHAR16 *message[2];
-
- *protected = FALSE;
-
- efi_status = uefi_call_wrapper(RT->GetVariable, 5, L"MokPWStore",
- &shim_lock_guid, &attributes, &size,
- pwhash);
-
- /*
- * If anything can attack the password it could just set it to a
- * known value, so there's no safety advantage in failing to validate
- * purely because of a failure to read the variable
- */
- if (efi_status != EFI_SUCCESS ||
- (size != SHA256_DIGEST_SIZE && size != PASSWORD_CRYPT_SIZE))
- return TRUE;
-
- if (attributes & EFI_VARIABLE_RUNTIME_ACCESS)
- return TRUE;
-
- uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut);
-
- /* Draw the background */
- console_save_and_set_mode(&SavedMode);
- message[0] = PoolPrint (L"%s UEFI key management", SHIM_VENDOR);
- message[1] = NULL;
- console_print_box_at(message, -1, 0, 0, -1, -1, 1, 1);
- FreePool(message[0]);
- console_restore_mode(&SavedMode);
-
- if (size == PASSWORD_CRYPT_SIZE) {
- efi_status = match_password((PASSWORD_CRYPT *)pwhash, NULL, 0,
- NULL, L"Enter MOK password:");
- } else {
- efi_status = match_password(NULL, NULL, 0, pwhash,
- L"Enter MOK password:");
- }
- if (efi_status != EFI_SUCCESS) {
- console_notify(L"Password limit reached");
- return FALSE;
- }
-
- *protected = TRUE;
-
- return TRUE;
-}
-
-static int draw_countdown()
-{
- SIMPLE_TEXT_OUTPUT_MODE SavedMode;
- EFI_INPUT_KEY key;
- EFI_STATUS status;
- UINTN cols, rows;
- CHAR16 *title[2];
- CHAR16 *message = L"Press any key to perform MOK management";
- int timeout = 10, wait = 10000000;
-
- console_save_and_set_mode (&SavedMode);
-
- title[0] = PoolPrint (L"%s UEFI key management", SHIM_VENDOR);
- title[1] = NULL;
-
- console_print_box_at(title, -1, 0, 0, -1, -1, 1, 1);
-
- uefi_call_wrapper(ST->ConOut->QueryMode, 4, ST->ConOut,
- ST->ConOut->Mode->Mode, &cols, &rows);
-
- PrintAt((cols - StrLen(message))/2, rows/2, message);
- while (1) {
- if (timeout > 1)
- PrintAt(2, rows - 3, L"Booting in %d seconds ", timeout);
- else if (timeout)
- PrintAt(2, rows - 3, L"Booting in %d second ", timeout);
-
- status = WaitForSingleEvent(ST->ConIn->WaitForKey, wait);
-
- if (status != EFI_TIMEOUT) {
- /* Clear the key in the queue */
- uefi_call_wrapper(ST->ConIn->ReadKeyStroke, 2,
- ST->ConIn, &key);
- break;
- }
-
- timeout--;
- if (!timeout)
- break;
- }
-
- FreePool(title[0]);
-
- console_restore_mode(&SavedMode);
-
- return timeout;
-}
-
-typedef enum {
- MOK_CONTINUE_BOOT,
- MOK_RESET_MOK,
- MOK_ENROLL_MOK,
- MOK_DELETE_MOK,
- MOK_CHANGE_SB,
- MOK_SET_PW,
- MOK_CHANGE_DB,
- MOK_KEY_ENROLL,
- MOK_HASH_ENROLL
-} mok_menu_item;
-
-static EFI_STATUS enter_mok_menu(EFI_HANDLE image_handle,
- void *MokNew, UINTN MokNewSize,
- void *MokDel, UINTN MokDelSize,
- void *MokSB, UINTN MokSBSize,
- void *MokPW, UINTN MokPWSize,
- void *MokDB, UINTN MokDBSize)
-{
- CHAR16 **menu_strings;
- mok_menu_item *menu_item;
- int choice = 0;
- UINT32 MokAuth = 0;
- UINT32 MokDelAuth = 0;
- UINTN menucount = 3, i = 0;
- EFI_STATUS efi_status;
- EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
- UINT8 auth[PASSWORD_CRYPT_SIZE];
- UINTN auth_size = PASSWORD_CRYPT_SIZE;
- UINT32 attributes;
- BOOLEAN protected;
- EFI_STATUS ret = EFI_SUCCESS;
-
- if (verify_pw(&protected) == FALSE)
- return EFI_ACCESS_DENIED;
-
- efi_status = uefi_call_wrapper(RT->GetVariable, 5, L"MokAuth",
- &shim_lock_guid,
- &attributes, &auth_size, auth);
-
- if ((efi_status == EFI_SUCCESS) &&
- (auth_size == SHA256_DIGEST_SIZE || auth_size == PASSWORD_CRYPT_SIZE))
- MokAuth = 1;
-
- efi_status = uefi_call_wrapper(RT->GetVariable, 5, L"MokDelAuth",
- &shim_lock_guid,
- &attributes, &auth_size, auth);
-
- if ((efi_status == EFI_SUCCESS) &&
- (auth_size == SHA256_DIGEST_SIZE || auth_size == PASSWORD_CRYPT_SIZE))
- MokDelAuth = 1;
-
- if (MokNew || MokAuth)
- menucount++;
-
- if (MokDel || MokDelAuth)
- menucount++;
-
- if (MokSB)
- menucount++;
-
- if (MokPW)
- menucount++;
-
- if (MokDB)
- menucount++;
-
- menu_strings = AllocateZeroPool(sizeof(CHAR16 *) * (menucount + 1));
-
- if (!menu_strings)
- return EFI_OUT_OF_RESOURCES;
-
- menu_item = AllocateZeroPool(sizeof(mok_menu_item) * menucount);
-
- if (!menu_item) {
- FreePool(menu_strings);
- return EFI_OUT_OF_RESOURCES;
- }
-
- menu_strings[i] = L"Continue boot";
- menu_item[i] = MOK_CONTINUE_BOOT;
-
- i++;
-
- if (MokNew || MokAuth) {
- if (!MokNew) {
- menu_strings[i] = L"Reset MOK";
- menu_item[i] = MOK_RESET_MOK;
- } else {
- menu_strings[i] = L"Enroll MOK";
- menu_item[i] = MOK_ENROLL_MOK;
- }
- i++;
- }
-
- if (MokDel || MokDelAuth) {
- menu_strings[i] = L"Delete MOK";
- menu_item[i] = MOK_DELETE_MOK;
- i++;
- }
-
- if (MokSB) {
- menu_strings[i] = L"Change Secure Boot state";
- menu_item[i] = MOK_CHANGE_SB;
- i++;
- }
-
- if (MokPW) {
- menu_strings[i] = L"Set MOK password";
- menu_item[i] = MOK_SET_PW;
- i++;
- }
-
- if (MokDB) {
- menu_strings[i] = L"Change DB state";
- menu_item[i] = MOK_CHANGE_DB;
- i++;
- }
-
- menu_strings[i] = L"Enroll key from disk";
- menu_item[i] = MOK_KEY_ENROLL;
- i++;
-
- menu_strings[i] = L"Enroll hash from disk";
- menu_item[i] = MOK_HASH_ENROLL;
- i++;
-
- menu_strings[i] = NULL;
-
- if (protected == FALSE && draw_countdown() == 0)
- goto out;
-
- while (choice >= 0) {
- choice = console_select((CHAR16 *[]){ L"Perform MOK management", NULL },
- menu_strings, 0);
-
- if (choice < 0)
- goto out;
-
- switch (menu_item[choice]) {
- case MOK_CONTINUE_BOOT:
- goto out;
- case MOK_RESET_MOK:
- mok_reset_prompt();
- break;
- case MOK_ENROLL_MOK:
- mok_enrollment_prompt(MokNew, MokNewSize, TRUE);
- break;
- case MOK_DELETE_MOK:
- mok_deletion_prompt(MokDel, MokDelSize);
- break;
- case MOK_CHANGE_SB:
- mok_sb_prompt(MokSB, MokSBSize);
- break;
- case MOK_SET_PW:
- mok_pw_prompt(MokPW, MokPWSize);
- break;
- case MOK_CHANGE_DB:
- mok_db_prompt(MokDB, MokDBSize);
- break;
- case MOK_KEY_ENROLL:
- mok_key_enroll();
- break;
- case MOK_HASH_ENROLL:
- mok_hash_enroll();
- break;
- }
- }
-
-out:
- console_reset();
-
- FreePool(menu_strings);
-
- if (menu_item)
- FreePool(menu_item);
-
- return ret;
-}
-
-static EFI_STATUS check_mok_request(EFI_HANDLE image_handle)
-{
- EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
- UINTN MokNewSize = 0, MokDelSize = 0, MokSBSize = 0, MokPWSize = 0,
- MokDBSize = 0;
- void *MokNew = NULL;
- void *MokDel = NULL;
- void *MokSB = NULL;
- void *MokPW = NULL;
- void *MokDB = NULL;
- EFI_STATUS status;
-
- status = get_variable(L"MokNew", (UINT8 **)&MokNew, &MokNewSize,
- shim_lock_guid);
- if (status == EFI_SUCCESS) {
- if (LibDeleteVariable(L"MokNew", &shim_lock_guid) != EFI_SUCCESS) {
- console_notify(L"Failed to delete MokNew");
- }
- } else if (EFI_ERROR(status) && status != EFI_NOT_FOUND) {
- console_error(L"Could not retrieve MokNew", status);
- }
-
- status = get_variable(L"MokDel", (UINT8 **)&MokDel, &MokDelSize,
- shim_lock_guid);
- if (status == EFI_SUCCESS) {
- if (LibDeleteVariable(L"MokDel", &shim_lock_guid) != EFI_SUCCESS) {
- console_notify(L"Failed to delete MokDel");
- }
- } else if (EFI_ERROR(status) && status != EFI_NOT_FOUND) {
- console_error(L"Could not retrieve MokDel", status);
- }
-
- status = get_variable(L"MokSB", (UINT8 **)&MokSB, &MokSBSize,
- shim_lock_guid);
- if (status == EFI_SUCCESS) {
- if (LibDeleteVariable(L"MokSB", &shim_lock_guid) != EFI_SUCCESS) {
- console_notify(L"Failed to delete MokSB");
- }
- } else if (EFI_ERROR(status) && status != EFI_NOT_FOUND) {
- console_error(L"Could not retrieve MokSB", status);
- }
-
- status = get_variable(L"MokPW", (UINT8 **)&MokPW, &MokPWSize,
- shim_lock_guid);
- if (status == EFI_SUCCESS) {
- if (LibDeleteVariable(L"MokPW", &shim_lock_guid) != EFI_SUCCESS) {
- console_notify(L"Failed to delete MokPW");
- }
- } else if (EFI_ERROR(status) && status != EFI_NOT_FOUND) {
- console_error(L"Could not retrieve MokPW", status);
- }
-
- status = get_variable(L"MokDB", (UINT8 **)&MokDB, &MokDBSize,
- shim_lock_guid);
- if (status == EFI_SUCCESS) {
- if (LibDeleteVariable(L"MokDB", &shim_lock_guid) != EFI_SUCCESS) {
- console_notify(L"Failed to delete MokDB");
- }
- } else if (EFI_ERROR(status) && status != EFI_NOT_FOUND) {
- console_error(L"Could not retrieve MokDB", status);
- }
-
- enter_mok_menu(image_handle, MokNew, MokNewSize, MokDel, MokDelSize,
- MokSB, MokSBSize, MokPW, MokPWSize, MokDB, MokDBSize);
-
- if (MokNew)
- FreePool (MokNew);
-
- if (MokDel)
- FreePool (MokDel);
-
- if (MokSB)
- FreePool (MokSB);
-
- if (MokPW)
- FreePool (MokPW);
-
- if (MokDB)
- FreePool (MokDB);
-
- LibDeleteVariable(L"MokAuth", &shim_lock_guid);
- LibDeleteVariable(L"MokDelAuth", &shim_lock_guid);
-
- return EFI_SUCCESS;
-}
-
-static EFI_STATUS setup_rand (void)
-{
- EFI_TIME time;
- EFI_STATUS efi_status;
- UINT64 seed;
- BOOLEAN status;
-
- efi_status = uefi_call_wrapper(RT->GetTime, 2, &time, NULL);
-
- if (efi_status != EFI_SUCCESS)
- return efi_status;
-
- seed = ((UINT64)time.Year << 48) | ((UINT64)time.Month << 40) |
- ((UINT64)time.Day << 32) | ((UINT64)time.Hour << 24) |
- ((UINT64)time.Minute << 16) | ((UINT64)time.Second << 8) |
- ((UINT64)time.Daylight);
-
- status = RandomSeed((UINT8 *)&seed, sizeof(seed));
-
- if (!status)
- return EFI_ABORTED;
-
- return EFI_SUCCESS;
-}
-
-EFI_STATUS efi_main (EFI_HANDLE image_handle, EFI_SYSTEM_TABLE *systab)
-{
- EFI_STATUS efi_status;
-
- InitializeLib(image_handle, systab);
-
- setup_console(1);
-
- setup_rand();
-
- efi_status = check_mok_request(image_handle);
-
- setup_console(0);
- return efi_status;
-}
diff --git a/.pc/prototypes/Cryptlib/Library/BaseMemoryLib.h b/.pc/prototypes/Cryptlib/Library/BaseMemoryLib.h
deleted file mode 100644
index e69de29..0000000
diff --git a/.pc/prototypes/Cryptlib/OpenSSL/crypto/conf/conf_def.c b/.pc/prototypes/Cryptlib/OpenSSL/crypto/conf/conf_def.c
deleted file mode 100644
index a168339..0000000
--- a/.pc/prototypes/Cryptlib/OpenSSL/crypto/conf/conf_def.c
+++ /dev/null
@@ -1,747 +0,0 @@
-/* crypto/conf/conf.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Part of the code in here was originally in conf.c, which is now removed */
-
-#include
-#include
-#include "cryptlib.h"
-#include
-#include
-#include
-#include
-#include "conf_def.h"
-#include
-#include
-
-static char *eat_ws(CONF *conf, char *p);
-static char *eat_alpha_numeric(CONF *conf, char *p);
-static void clear_comments(CONF *conf, char *p);
-static int str_copy(CONF *conf,char *section,char **to, char *from);
-static char *scan_quote(CONF *conf, char *p);
-static char *scan_dquote(CONF *conf, char *p);
-#define scan_esc(conf,p) (((IS_EOF((conf),(p)[1]))?((p)+1):((p)+2)))
-
-static CONF *def_create(CONF_METHOD *meth);
-static int def_init_default(CONF *conf);
-static int def_init_WIN32(CONF *conf);
-static int def_destroy(CONF *conf);
-static int def_destroy_data(CONF *conf);
-static int def_load(CONF *conf, const char *name, long *eline);
-static int def_load_bio(CONF *conf, BIO *bp, long *eline);
-static int def_dump(const CONF *conf, BIO *bp);
-static int def_is_number(const CONF *conf, char c);
-static int def_to_int(const CONF *conf, char c);
-
-const char CONF_def_version[]="CONF_def" OPENSSL_VERSION_PTEXT;
-
-static CONF_METHOD default_method = {
- "OpenSSL default",
- def_create,
- def_init_default,
- def_destroy,
- def_destroy_data,
- def_load_bio,
- def_dump,
- def_is_number,
- def_to_int,
- def_load
- };
-
-static CONF_METHOD WIN32_method = {
- "WIN32",
- def_create,
- def_init_WIN32,
- def_destroy,
- def_destroy_data,
- def_load_bio,
- def_dump,
- def_is_number,
- def_to_int,
- def_load
- };
-
-CONF_METHOD *NCONF_default()
- {
- return &default_method;
- }
-CONF_METHOD *NCONF_WIN32()
- {
- return &WIN32_method;
- }
-
-static CONF *def_create(CONF_METHOD *meth)
- {
- CONF *ret;
-
- ret = (CONF *)OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *));
- if (ret)
- if (meth->init(ret) == 0)
- {
- OPENSSL_free(ret);
- ret = NULL;
- }
- return ret;
- }
-
-static int def_init_default(CONF *conf)
- {
- if (conf == NULL)
- return 0;
-
- conf->meth = &default_method;
- conf->meth_data = (void *)CONF_type_default;
- conf->data = NULL;
-
- return 1;
- }
-
-static int def_init_WIN32(CONF *conf)
- {
- if (conf == NULL)
- return 0;
-
- conf->meth = &WIN32_method;
- conf->meth_data = (void *)CONF_type_win32;
- conf->data = NULL;
-
- return 1;
- }
-
-static int def_destroy(CONF *conf)
- {
- if (def_destroy_data(conf))
- {
- OPENSSL_free(conf);
- return 1;
- }
- return 0;
- }
-
-static int def_destroy_data(CONF *conf)
- {
- if (conf == NULL)
- return 0;
- _CONF_free_data(conf);
- return 1;
- }
-
-static int def_load(CONF *conf, const char *name, long *line)
- {
- int ret;
- BIO *in=NULL;
-
-#ifdef OPENSSL_SYS_VMS
- in=BIO_new_file(name, "r");
-#else
- in=BIO_new_file(name, "rb");
-#endif
- if (in == NULL)
- {
- if (ERR_GET_REASON(ERR_peek_last_error()) == BIO_R_NO_SUCH_FILE)
- CONFerr(CONF_F_DEF_LOAD,CONF_R_NO_SUCH_FILE);
- else
- CONFerr(CONF_F_DEF_LOAD,ERR_R_SYS_LIB);
- return 0;
- }
-
- ret = def_load_bio(conf, in, line);
- BIO_free(in);
-
- return ret;
- }
-
-static int def_load_bio(CONF *conf, BIO *in, long *line)
- {
-/* The macro BUFSIZE conflicts with a system macro in VxWorks */
-#define CONFBUFSIZE 512
- int bufnum=0,i,ii;
- BUF_MEM *buff=NULL;
- char *s,*p,*end;
- int again;
- long eline=0;
- char btmp[DECIMAL_SIZE(eline)+1];
- CONF_VALUE *v=NULL,*tv;
- CONF_VALUE *sv=NULL;
- char *section=NULL,*buf;
-/* STACK_OF(CONF_VALUE) *section_sk=NULL;*/
-/* STACK_OF(CONF_VALUE) *ts=NULL;*/
- char *start,*psection,*pname;
- void *h = (void *)(conf->data);
-
- if ((buff=BUF_MEM_new()) == NULL)
- {
- CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_BUF_LIB);
- goto err;
- }
-
- section=(char *)OPENSSL_malloc(10);
- if (section == NULL)
- {
- CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- BUF_strlcpy(section,"default",10);
-
- if (_CONF_new_data(conf) == 0)
- {
- CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- sv=_CONF_new_section(conf,section);
- if (sv == NULL)
- {
- CONFerr(CONF_F_DEF_LOAD_BIO,
- CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
- goto err;
- }
-/* section_sk=(STACK_OF(CONF_VALUE) *)sv->value;*/
-
- bufnum=0;
- again=0;
- for (;;)
- {
- if (!BUF_MEM_grow(buff,bufnum+CONFBUFSIZE))
- {
- CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_BUF_LIB);
- goto err;
- }
- p= &(buff->data[bufnum]);
- *p='\0';
- BIO_gets(in, p, CONFBUFSIZE-1);
- p[CONFBUFSIZE-1]='\0';
- ii=i=strlen(p);
- if (i == 0 && !again) break;
- again=0;
- while (i > 0)
- {
- if ((p[i-1] != '\r') && (p[i-1] != '\n'))
- break;
- else
- i--;
- }
- /* we removed some trailing stuff so there is a new
- * line on the end. */
- if (ii && i == ii)
- again=1; /* long line */
- else
- {
- p[i]='\0';
- eline++; /* another input line */
- }
-
- /* we now have a line with trailing \r\n removed */
-
- /* i is the number of bytes */
- bufnum+=i;
-
- v=NULL;
- /* check for line continuation */
- if (bufnum >= 1)
- {
- /* If we have bytes and the last char '\\' and
- * second last char is not '\\' */
- p= &(buff->data[bufnum-1]);
- if (IS_ESC(conf,p[0]) &&
- ((bufnum <= 1) || !IS_ESC(conf,p[-1])))
- {
- bufnum--;
- again=1;
- }
- }
- if (again) continue;
- bufnum=0;
- buf=buff->data;
-
- clear_comments(conf, buf);
- s=eat_ws(conf, buf);
- if (IS_EOF(conf,*s)) continue; /* blank line */
- if (*s == '[')
- {
- char *ss;
-
- s++;
- start=eat_ws(conf, s);
- ss=start;
-again:
- end=eat_alpha_numeric(conf, ss);
- p=eat_ws(conf, end);
- if (*p != ']')
- {
- if (*p != '\0' && ss != p)
- {
- ss=p;
- goto again;
- }
- CONFerr(CONF_F_DEF_LOAD_BIO,
- CONF_R_MISSING_CLOSE_SQUARE_BRACKET);
- goto err;
- }
- *end='\0';
- if (!str_copy(conf,NULL,§ion,start)) goto err;
- if ((sv=_CONF_get_section(conf,section)) == NULL)
- sv=_CONF_new_section(conf,section);
- if (sv == NULL)
- {
- CONFerr(CONF_F_DEF_LOAD_BIO,
- CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
- goto err;
- }
-/* section_sk=(STACK_OF(CONF_VALUE) *)sv->value;*/
- continue;
- }
- else
- {
- pname=s;
- psection=NULL;
- end=eat_alpha_numeric(conf, s);
- if ((end[0] == ':') && (end[1] == ':'))
- {
- *end='\0';
- end+=2;
- psection=pname;
- pname=end;
- end=eat_alpha_numeric(conf, end);
- }
- p=eat_ws(conf, end);
- if (*p != '=')
- {
- CONFerr(CONF_F_DEF_LOAD_BIO,
- CONF_R_MISSING_EQUAL_SIGN);
- goto err;
- }
- *end='\0';
- p++;
- start=eat_ws(conf, p);
- while (!IS_EOF(conf,*p))
- p++;
- p--;
- while ((p != start) && (IS_WS(conf,*p)))
- p--;
- p++;
- *p='\0';
-
- if (!(v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE))))
- {
- CONFerr(CONF_F_DEF_LOAD_BIO,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (psection == NULL) psection=section;
- v->name=(char *)OPENSSL_malloc(strlen(pname)+1);
- v->value=NULL;
- if (v->name == NULL)
- {
- CONFerr(CONF_F_DEF_LOAD_BIO,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- BUF_strlcpy(v->name,pname,strlen(pname)+1);
- if (!str_copy(conf,psection,&(v->value),start)) goto err;
-
- if (strcmp(psection,section) != 0)
- {
- if ((tv=_CONF_get_section(conf,psection))
- == NULL)
- tv=_CONF_new_section(conf,psection);
- if (tv == NULL)
- {
- CONFerr(CONF_F_DEF_LOAD_BIO,
- CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
- goto err;
- }
-/* ts=(STACK_OF(CONF_VALUE) *)tv->value;*/
- }
- else
- {
- tv=sv;
-/* ts=section_sk;*/
- }
-#if 1
- if (_CONF_add_string(conf, tv, v) == 0)
- {
- CONFerr(CONF_F_DEF_LOAD_BIO,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-#else
- v->section=tv->section;
- if (!sk_CONF_VALUE_push(ts,v))
- {
- CONFerr(CONF_F_DEF_LOAD_BIO,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- vv=(CONF_VALUE *)lh_insert(conf->data,v);
- if (vv != NULL)
- {
- sk_CONF_VALUE_delete_ptr(ts,vv);
- OPENSSL_free(vv->name);
- OPENSSL_free(vv->value);
- OPENSSL_free(vv);
- }
-#endif
- v=NULL;
- }
- }
- if (buff != NULL) BUF_MEM_free(buff);
- if (section != NULL) OPENSSL_free(section);
- return(1);
-err:
- if (buff != NULL) BUF_MEM_free(buff);
- if (section != NULL) OPENSSL_free(section);
- if (line != NULL) *line=eline;
- BIO_snprintf(btmp,sizeof btmp,"%ld",eline);
- ERR_add_error_data(2,"line ",btmp);
- if ((h != conf->data) && (conf->data != NULL))
- {
- CONF_free(conf->data);
- conf->data=NULL;
- }
- if (v != NULL)
- {
- if (v->name != NULL) OPENSSL_free(v->name);
- if (v->value != NULL) OPENSSL_free(v->value);
- if (v != NULL) OPENSSL_free(v);
- }
- return(0);
- }
-
-static void clear_comments(CONF *conf, char *p)
- {
- for (;;)
- {
- if (IS_FCOMMENT(conf,*p))
- {
- *p='\0';
- return;
- }
- if (!IS_WS(conf,*p))
- {
- break;
- }
- p++;
- }
-
- for (;;)
- {
- if (IS_COMMENT(conf,*p))
- {
- *p='\0';
- return;
- }
- if (IS_DQUOTE(conf,*p))
- {
- p=scan_dquote(conf, p);
- continue;
- }
- if (IS_QUOTE(conf,*p))
- {
- p=scan_quote(conf, p);
- continue;
- }
- if (IS_ESC(conf,*p))
- {
- p=scan_esc(conf,p);
- continue;
- }
- if (IS_EOF(conf,*p))
- return;
- else
- p++;
- }
- }
-
-static int str_copy(CONF *conf, char *section, char **pto, char *from)
- {
- int q,r,rr=0,to=0,len=0;
- char *s,*e,*rp,*p,*rrp,*np,*cp,v;
- BUF_MEM *buf;
-
- if ((buf=BUF_MEM_new()) == NULL) return(0);
-
- len=strlen(from)+1;
- if (!BUF_MEM_grow(buf,len)) goto err;
-
- for (;;)
- {
- if (IS_QUOTE(conf,*from))
- {
- q= *from;
- from++;
- while (!IS_EOF(conf,*from) && (*from != q))
- {
- if (IS_ESC(conf,*from))
- {
- from++;
- if (IS_EOF(conf,*from)) break;
- }
- buf->data[to++]= *(from++);
- }
- if (*from == q) from++;
- }
- else if (IS_DQUOTE(conf,*from))
- {
- q= *from;
- from++;
- while (!IS_EOF(conf,*from))
- {
- if (*from == q)
- {
- if (*(from+1) == q)
- {
- from++;
- }
- else
- {
- break;
- }
- }
- buf->data[to++]= *(from++);
- }
- if (*from == q) from++;
- }
- else if (IS_ESC(conf,*from))
- {
- from++;
- v= *(from++);
- if (IS_EOF(conf,v)) break;
- else if (v == 'r') v='\r';
- else if (v == 'n') v='\n';
- else if (v == 'b') v='\b';
- else if (v == 't') v='\t';
- buf->data[to++]= v;
- }
- else if (IS_EOF(conf,*from))
- break;
- else if (*from == '$')
- {
- /* try to expand it */
- rrp=NULL;
- s= &(from[1]);
- if (*s == '{')
- q='}';
- else if (*s == '(')
- q=')';
- else q=0;
-
- if (q) s++;
- cp=section;
- e=np=s;
- while (IS_ALPHA_NUMERIC(conf,*e))
- e++;
- if ((e[0] == ':') && (e[1] == ':'))
- {
- cp=np;
- rrp=e;
- rr= *e;
- *rrp='\0';
- e+=2;
- np=e;
- while (IS_ALPHA_NUMERIC(conf,*e))
- e++;
- }
- r= *e;
- *e='\0';
- rp=e;
- if (q)
- {
- if (r != q)
- {
- CONFerr(CONF_F_STR_COPY,CONF_R_NO_CLOSE_BRACE);
- goto err;
- }
- e++;
- }
- /* So at this point we have
- * np which is the start of the name string which is
- * '\0' terminated.
- * cp which is the start of the section string which is
- * '\0' terminated.
- * e is the 'next point after'.
- * r and rr are the chars replaced by the '\0'
- * rp and rrp is where 'r' and 'rr' came from.
- */
- p=_CONF_get_string(conf,cp,np);
- if (rrp != NULL) *rrp=rr;
- *rp=r;
- if (p == NULL)
- {
- CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE);
- goto err;
- }
- BUF_MEM_grow_clean(buf,(strlen(p)+buf->length-(e-from)));
- while (*p)
- buf->data[to++]= *(p++);
-
- /* Since we change the pointer 'from', we also have
- to change the perceived length of the string it
- points at. /RL */
- len -= e-from;
- from=e;
-
- /* In case there were no braces or parenthesis around
- the variable reference, we have to put back the
- character that was replaced with a '\0'. /RL */
- *rp = r;
- }
- else
- buf->data[to++]= *(from++);
- }
- buf->data[to]='\0';
- if (*pto != NULL) OPENSSL_free(*pto);
- *pto=buf->data;
- OPENSSL_free(buf);
- return(1);
-err:
- if (buf != NULL) BUF_MEM_free(buf);
- return(0);
- }
-
-static char *eat_ws(CONF *conf, char *p)
- {
- while (IS_WS(conf,*p) && (!IS_EOF(conf,*p)))
- p++;
- return(p);
- }
-
-static char *eat_alpha_numeric(CONF *conf, char *p)
- {
- for (;;)
- {
- if (IS_ESC(conf,*p))
- {
- p=scan_esc(conf,p);
- continue;
- }
- if (!IS_ALPHA_NUMERIC_PUNCT(conf,*p))
- return(p);
- p++;
- }
- }
-
-static char *scan_quote(CONF *conf, char *p)
- {
- int q= *p;
-
- p++;
- while (!(IS_EOF(conf,*p)) && (*p != q))
- {
- if (IS_ESC(conf,*p))
- {
- p++;
- if (IS_EOF(conf,*p)) return(p);
- }
- p++;
- }
- if (*p == q) p++;
- return(p);
- }
-
-
-static char *scan_dquote(CONF *conf, char *p)
- {
- int q= *p;
-
- p++;
- while (!(IS_EOF(conf,*p)))
- {
- if (*p == q)
- {
- if (*(p+1) == q)
- {
- p++;
- }
- else
- {
- break;
- }
- }
- p++;
- }
- if (*p == q) p++;
- return(p);
- }
-
-static void dump_value(CONF_VALUE *a, BIO *out)
- {
- if (a->name)
- BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value);
- else
- BIO_printf(out, "[[%s]]\n", a->section);
- }
-
-static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_value, CONF_VALUE *, BIO *)
-
-static int def_dump(const CONF *conf, BIO *out)
- {
- lh_doall_arg(conf->data, LHASH_DOALL_ARG_FN(dump_value), out);
- return 1;
- }
-
-static int def_is_number(const CONF *conf, char c)
- {
- return IS_NUMBER(conf,c);
- }
-
-static int def_to_int(const CONF *conf, char c)
- {
- return c - '0';
- }
-
diff --git a/.pc/prototypes/Cryptlib/OpenSSL/crypto/conf/conf_lib.c b/.pc/prototypes/Cryptlib/OpenSSL/crypto/conf/conf_lib.c
deleted file mode 100644
index 2a3399d..0000000
--- a/.pc/prototypes/Cryptlib/OpenSSL/crypto/conf/conf_lib.c
+++ /dev/null
@@ -1,401 +0,0 @@
-/* conf_lib.c */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include
-#include
-#include
-#include
-#include
-#include
-
-const char CONF_version[]="CONF" OPENSSL_VERSION_PTEXT;
-
-static CONF_METHOD *default_CONF_method=NULL;
-
-/* Init a 'CONF' structure from an old LHASH */
-
-void CONF_set_nconf(CONF *conf, LHASH *hash)
- {
- if (default_CONF_method == NULL)
- default_CONF_method = NCONF_default();
-
- default_CONF_method->init(conf);
- conf->data = hash;
- }
-
-/* The following section contains the "CONF classic" functions,
- rewritten in terms of the new CONF interface. */
-
-int CONF_set_default_method(CONF_METHOD *meth)
- {
- default_CONF_method = meth;
- return 1;
- }
-
-LHASH *CONF_load(LHASH *conf, const char *file, long *eline)
- {
- LHASH *ltmp;
- BIO *in=NULL;
-
-#ifdef OPENSSL_SYS_VMS
- in=BIO_new_file(file, "r");
-#else
- in=BIO_new_file(file, "rb");
-#endif
- if (in == NULL)
- {
- CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB);
- return NULL;
- }
-
- ltmp = CONF_load_bio(conf, in, eline);
- BIO_free(in);
-
- return ltmp;
- }
-
-#ifndef OPENSSL_NO_FP_API
-LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline)
- {
- BIO *btmp;
- LHASH *ltmp;
- if(!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) {
- CONFerr(CONF_F_CONF_LOAD_FP,ERR_R_BUF_LIB);
- return NULL;
- }
- ltmp = CONF_load_bio(conf, btmp, eline);
- BIO_free(btmp);
- return ltmp;
- }
-#endif
-
-LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline)
- {
- CONF ctmp;
- int ret;
-
- CONF_set_nconf(&ctmp, conf);
-
- ret = NCONF_load_bio(&ctmp, bp, eline);
- if (ret)
- return ctmp.data;
- return NULL;
- }
-
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,const char *section)
- {
- if (conf == NULL)
- {
- return NULL;
- }
- else
- {
- CONF ctmp;
- CONF_set_nconf(&ctmp, conf);
- return NCONF_get_section(&ctmp, section);
- }
- }
-
-char *CONF_get_string(LHASH *conf,const char *group,const char *name)
- {
- if (conf == NULL)
- {
- return NCONF_get_string(NULL, group, name);
- }
- else
- {
- CONF ctmp;
- CONF_set_nconf(&ctmp, conf);
- return NCONF_get_string(&ctmp, group, name);
- }
- }
-
-long CONF_get_number(LHASH *conf,const char *group,const char *name)
- {
- int status;
- long result = 0;
-
- if (conf == NULL)
- {
- status = NCONF_get_number_e(NULL, group, name, &result);
- }
- else
- {
- CONF ctmp;
- CONF_set_nconf(&ctmp, conf);
- status = NCONF_get_number_e(&ctmp, group, name, &result);
- }
-
- if (status == 0)
- {
- /* This function does not believe in errors... */
- ERR_clear_error();
- }
- return result;
- }
-
-void CONF_free(LHASH *conf)
- {
- CONF ctmp;
- CONF_set_nconf(&ctmp, conf);
- NCONF_free_data(&ctmp);
- }
-
-#ifndef OPENSSL_NO_FP_API
-int CONF_dump_fp(LHASH *conf, FILE *out)
- {
- BIO *btmp;
- int ret;
-
- if(!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) {
- CONFerr(CONF_F_CONF_DUMP_FP,ERR_R_BUF_LIB);
- return 0;
- }
- ret = CONF_dump_bio(conf, btmp);
- BIO_free(btmp);
- return ret;
- }
-#endif
-
-int CONF_dump_bio(LHASH *conf, BIO *out)
- {
- CONF ctmp;
- CONF_set_nconf(&ctmp, conf);
- return NCONF_dump_bio(&ctmp, out);
- }
-
-/* The following section contains the "New CONF" functions. They are
- completely centralised around a new CONF structure that may contain
- basically anything, but at least a method pointer and a table of data.
- These functions are also written in terms of the bridge functions used
- by the "CONF classic" functions, for consistency. */
-
-CONF *NCONF_new(CONF_METHOD *meth)
- {
- CONF *ret;
-
- if (meth == NULL)
- meth = NCONF_default();
-
- ret = meth->create(meth);
- if (ret == NULL)
- {
- CONFerr(CONF_F_NCONF_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
-
- return ret;
- }
-
-void NCONF_free(CONF *conf)
- {
- if (conf == NULL)
- return;
- conf->meth->destroy(conf);
- }
-
-void NCONF_free_data(CONF *conf)
- {
- if (conf == NULL)
- return;
- conf->meth->destroy_data(conf);
- }
-
-int NCONF_load(CONF *conf, const char *file, long *eline)
- {
- if (conf == NULL)
- {
- CONFerr(CONF_F_NCONF_LOAD,CONF_R_NO_CONF);
- return 0;
- }
-
- return conf->meth->load(conf, file, eline);
- }
-
-#ifndef OPENSSL_NO_FP_API
-int NCONF_load_fp(CONF *conf, FILE *fp,long *eline)
- {
- BIO *btmp;
- int ret;
- if(!(btmp = BIO_new_fp(fp, BIO_NOCLOSE)))
- {
- CONFerr(CONF_F_NCONF_LOAD_FP,ERR_R_BUF_LIB);
- return 0;
- }
- ret = NCONF_load_bio(conf, btmp, eline);
- BIO_free(btmp);
- return ret;
- }
-#endif
-
-int NCONF_load_bio(CONF *conf, BIO *bp,long *eline)
- {
- if (conf == NULL)
- {
- CONFerr(CONF_F_NCONF_LOAD_BIO,CONF_R_NO_CONF);
- return 0;
- }
-
- return conf->meth->load_bio(conf, bp, eline);
- }
-
-STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,const char *section)
- {
- if (conf == NULL)
- {
- CONFerr(CONF_F_NCONF_GET_SECTION,CONF_R_NO_CONF);
- return NULL;
- }
-
- if (section == NULL)
- {
- CONFerr(CONF_F_NCONF_GET_SECTION,CONF_R_NO_SECTION);
- return NULL;
- }
-
- return _CONF_get_section_values(conf, section);
- }
-
-char *NCONF_get_string(const CONF *conf,const char *group,const char *name)
- {
- char *s = _CONF_get_string(conf, group, name);
-
- /* Since we may get a value from an environment variable even
- if conf is NULL, let's check the value first */
- if (s) return s;
-
- if (conf == NULL)
- {
- CONFerr(CONF_F_NCONF_GET_STRING,
- CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE);
- return NULL;
- }
- CONFerr(CONF_F_NCONF_GET_STRING,
- CONF_R_NO_VALUE);
- ERR_add_error_data(4,"group=",group," name=",name);
- return NULL;
- }
-
-int NCONF_get_number_e(const CONF *conf,const char *group,const char *name,
- long *result)
- {
- char *str;
-
- if (result == NULL)
- {
- CONFerr(CONF_F_NCONF_GET_NUMBER_E,ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
-
- str = NCONF_get_string(conf,group,name);
-
- if (str == NULL)
- return 0;
-
- for (*result = 0;conf->meth->is_number(conf, *str);)
- {
- *result = (*result)*10 + conf->meth->to_int(conf, *str);
- str++;
- }
-
- return 1;
- }
-
-#ifndef OPENSSL_NO_FP_API
-int NCONF_dump_fp(const CONF *conf, FILE *out)
- {
- BIO *btmp;
- int ret;
- if(!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) {
- CONFerr(CONF_F_NCONF_DUMP_FP,ERR_R_BUF_LIB);
- return 0;
- }
- ret = NCONF_dump_bio(conf, btmp);
- BIO_free(btmp);
- return ret;
- }
-#endif
-
-int NCONF_dump_bio(const CONF *conf, BIO *out)
- {
- if (conf == NULL)
- {
- CONFerr(CONF_F_NCONF_DUMP_BIO,CONF_R_NO_CONF);
- return 0;
- }
-
- return conf->meth->dump(conf, out);
- }
-
-
-/* This function should be avoided */
-#if 0
-long NCONF_get_number(CONF *conf,char *group,char *name)
- {
- int status;
- long ret=0;
-
- status = NCONF_get_number_e(conf, group, name, &ret);
- if (status == 0)
- {
- /* This function does not believe in errors... */
- ERR_get_error();
- }
- return ret;
- }
-#endif
diff --git a/.pc/prototypes/Cryptlib/OpenSSL/crypto/engine/eng_openssl.c b/.pc/prototypes/Cryptlib/OpenSSL/crypto/engine/eng_openssl.c
deleted file mode 100644
index 7c139ae..0000000
--- a/.pc/prototypes/Cryptlib/OpenSSL/crypto/engine/eng_openssl.c
+++ /dev/null
@@ -1,384 +0,0 @@
-/* crypto/engine/eng_openssl.c */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-
-#include
-#include
-#include "cryptlib.h"
-#include
-#include
-#include
-#include
-#include
-#ifndef OPENSSL_NO_RSA
-#include
-#endif
-#ifndef OPENSSL_NO_DSA
-#include
-#endif
-#ifndef OPENSSL_NO_DH
-#include
-#endif
-
-/* This testing gunk is implemented (and explained) lower down. It also assumes
- * the application explicitly calls "ENGINE_load_openssl()" because this is no
- * longer automatic in ENGINE_load_builtin_engines(). */
-#define TEST_ENG_OPENSSL_RC4
-#define TEST_ENG_OPENSSL_PKEY
-/* #define TEST_ENG_OPENSSL_RC4_OTHERS */
-#define TEST_ENG_OPENSSL_RC4_P_INIT
-/* #define TEST_ENG_OPENSSL_RC4_P_CIPHER */
-#define TEST_ENG_OPENSSL_SHA
-/* #define TEST_ENG_OPENSSL_SHA_OTHERS */
-/* #define TEST_ENG_OPENSSL_SHA_P_INIT */
-/* #define TEST_ENG_OPENSSL_SHA_P_UPDATE */
-/* #define TEST_ENG_OPENSSL_SHA_P_FINAL */
-
-/* Now check what of those algorithms are actually enabled */
-#ifdef OPENSSL_NO_RC4
-#undef TEST_ENG_OPENSSL_RC4
-#undef TEST_ENG_OPENSSL_RC4_OTHERS
-#undef TEST_ENG_OPENSSL_RC4_P_INIT
-#undef TEST_ENG_OPENSSL_RC4_P_CIPHER
-#endif
-#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0) || defined(OPENSSL_NO_SHA1)
-#undef TEST_ENG_OPENSSL_SHA
-#undef TEST_ENG_OPENSSL_SHA_OTHERS
-#undef TEST_ENG_OPENSSL_SHA_P_INIT
-#undef TEST_ENG_OPENSSL_SHA_P_UPDATE
-#undef TEST_ENG_OPENSSL_SHA_P_FINAL
-#endif
-
-#ifdef TEST_ENG_OPENSSL_RC4
-static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
- const int **nids, int nid);
-#endif
-#ifdef TEST_ENG_OPENSSL_SHA
-static int openssl_digests(ENGINE *e, const EVP_MD **digest,
- const int **nids, int nid);
-#endif
-
-#ifdef TEST_ENG_OPENSSL_PKEY
-static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id,
- UI_METHOD *ui_method, void *callback_data);
-#endif
-
-/* The constants used when creating the ENGINE */
-static const char *engine_openssl_id = "openssl";
-static const char *engine_openssl_name = "Software engine support";
-
-/* This internal function is used by ENGINE_openssl() and possibly by the
- * "dynamic" ENGINE support too */
-static int bind_helper(ENGINE *e)
- {
- if(!ENGINE_set_id(e, engine_openssl_id)
- || !ENGINE_set_name(e, engine_openssl_name)
-#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS
-#ifndef OPENSSL_NO_RSA
- || !ENGINE_set_RSA(e, RSA_get_default_method())
-#endif
-#ifndef OPENSSL_NO_DSA
- || !ENGINE_set_DSA(e, DSA_get_default_method())
-#endif
-#ifndef OPENSSL_NO_ECDH
- || !ENGINE_set_ECDH(e, ECDH_OpenSSL())
-#endif
-#ifndef OPENSSL_NO_ECDSA
- || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL())
-#endif
-#ifndef OPENSSL_NO_DH
- || !ENGINE_set_DH(e, DH_get_default_method())
-#endif
- || !ENGINE_set_RAND(e, RAND_SSLeay())
-#ifdef TEST_ENG_OPENSSL_RC4
- || !ENGINE_set_ciphers(e, openssl_ciphers)
-#endif
-#ifdef TEST_ENG_OPENSSL_SHA
- || !ENGINE_set_digests(e, openssl_digests)
-#endif
-#endif
-#ifdef TEST_ENG_OPENSSL_PKEY
- || !ENGINE_set_load_privkey_function(e, openssl_load_privkey)
-#endif
- )
- return 0;
- /* If we add errors to this ENGINE, ensure the error handling is setup here */
- /* openssl_load_error_strings(); */
- return 1;
- }
-
-static ENGINE *engine_openssl(void)
- {
- ENGINE *ret = ENGINE_new();
- if(!ret)
- return NULL;
- if(!bind_helper(ret))
- {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
- }
-
-void ENGINE_load_openssl(void)
- {
- ENGINE *toadd = engine_openssl();
- if(!toadd) return;
- ENGINE_add(toadd);
- /* If the "add" worked, it gets a structural reference. So either way,
- * we release our just-created reference. */
- ENGINE_free(toadd);
- ERR_clear_error();
- }
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library. */
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_fn(ENGINE *e, const char *id)
- {
- if(id && (strcmp(id, engine_openssl_id) != 0))
- return 0;
- if(!bind_helper(e))
- return 0;
- return 1;
- }
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-#ifdef TEST_ENG_OPENSSL_RC4
-/* This section of code compiles an "alternative implementation" of two modes of
- * RC4 into this ENGINE. The result is that EVP_CIPHER operation for "rc4"
- * should under normal circumstances go via this support rather than the default
- * EVP support. There are other symbols to tweak the testing;
- * TEST_ENC_OPENSSL_RC4_OTHERS - print a one line message to stderr each time
- * we're asked for a cipher we don't support (should not happen).
- * TEST_ENG_OPENSSL_RC4_P_INIT - print a one line message to stderr each time
- * the "init_key" handler is called.
- * TEST_ENG_OPENSSL_RC4_P_CIPHER - ditto for the "cipher" handler.
- */
-#include
-#define TEST_RC4_KEY_SIZE 16
-static int test_cipher_nids[] = {NID_rc4,NID_rc4_40};
-static int test_cipher_nids_number = 2;
-typedef struct {
- unsigned char key[TEST_RC4_KEY_SIZE];
- RC4_KEY ks;
- } TEST_RC4_KEY;
-#define test(ctx) ((TEST_RC4_KEY *)(ctx)->cipher_data)
-static int test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
- {
-#ifdef TEST_ENG_OPENSSL_RC4_P_INIT
- fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_init_key() called\n");
-#endif
- memcpy(&test(ctx)->key[0],key,EVP_CIPHER_CTX_key_length(ctx));
- RC4_set_key(&test(ctx)->ks,EVP_CIPHER_CTX_key_length(ctx),
- test(ctx)->key);
- return 1;
- }
-static int test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
- {
-#ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER
- fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n");
-#endif
- RC4(&test(ctx)->ks,inl,in,out);
- return 1;
- }
-static const EVP_CIPHER test_r4_cipher=
- {
- NID_rc4,
- 1,TEST_RC4_KEY_SIZE,0,
- EVP_CIPH_VARIABLE_LENGTH,
- test_rc4_init_key,
- test_rc4_cipher,
- NULL,
- sizeof(TEST_RC4_KEY),
- NULL,
- NULL,
- NULL,
- NULL
- };
-static const EVP_CIPHER test_r4_40_cipher=
- {
- NID_rc4_40,
- 1,5 /* 40 bit */,0,
- EVP_CIPH_VARIABLE_LENGTH,
- test_rc4_init_key,
- test_rc4_cipher,
- NULL,
- sizeof(TEST_RC4_KEY),
- NULL,
- NULL,
- NULL,
- NULL
- };
-static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
- const int **nids, int nid)
- {
- if(!cipher)
- {
- /* We are returning a list of supported nids */
- *nids = test_cipher_nids;
- return test_cipher_nids_number;
- }
- /* We are being asked for a specific cipher */
- if(nid == NID_rc4)
- *cipher = &test_r4_cipher;
- else if(nid == NID_rc4_40)
- *cipher = &test_r4_40_cipher;
- else
- {
-#ifdef TEST_ENG_OPENSSL_RC4_OTHERS
- fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) returning NULL for "
- "nid %d\n", nid);
-#endif
- *cipher = NULL;
- return 0;
- }
- return 1;
- }
-#endif
-
-#ifdef TEST_ENG_OPENSSL_SHA
-/* Much the same sort of comment as for TEST_ENG_OPENSSL_RC4 */
-#include
-static int test_digest_nids[] = {NID_sha1};
-static int test_digest_nids_number = 1;
-static int test_sha1_init(EVP_MD_CTX *ctx)
- {
-#ifdef TEST_ENG_OPENSSL_SHA_P_INIT
- fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_init() called\n");
-#endif
- return SHA1_Init(ctx->md_data);
- }
-static int test_sha1_update(EVP_MD_CTX *ctx,const void *data,size_t count)
- {
-#ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE
- fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n");
-#endif
- return SHA1_Update(ctx->md_data,data,count);
- }
-static int test_sha1_final(EVP_MD_CTX *ctx,unsigned char *md)
- {
-#ifdef TEST_ENG_OPENSSL_SHA_P_FINAL
- fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_final() called\n");
-#endif
- return SHA1_Final(md,ctx->md_data);
- }
-static const EVP_MD test_sha_md=
- {
- NID_sha1,
- NID_sha1WithRSAEncryption,
- SHA_DIGEST_LENGTH,
- 0,
- test_sha1_init,
- test_sha1_update,
- test_sha1_final,
- NULL,
- NULL,
- EVP_PKEY_RSA_method,
- SHA_CBLOCK,
- sizeof(EVP_MD *)+sizeof(SHA_CTX),
- };
-static int openssl_digests(ENGINE *e, const EVP_MD **digest,
- const int **nids, int nid)
- {
- if(!digest)
- {
- /* We are returning a list of supported nids */
- *nids = test_digest_nids;
- return test_digest_nids_number;
- }
- /* We are being asked for a specific digest */
- if(nid == NID_sha1)
- *digest = &test_sha_md;
- else
- {
-#ifdef TEST_ENG_OPENSSL_SHA_OTHERS
- fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) returning NULL for "
- "nid %d\n", nid);
-#endif
- *digest = NULL;
- return 0;
- }
- return 1;
- }
-#endif
-
-#ifdef TEST_ENG_OPENSSL_PKEY
-static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id,
- UI_METHOD *ui_method, void *callback_data)
- {
- BIO *in;
- EVP_PKEY *key;
- fprintf(stderr, "(TEST_ENG_OPENSSL_PKEY)Loading Private key %s\n", key_id);
- in = BIO_new_file(key_id, "r");
- if (!in)
- return NULL;
- key = PEM_read_bio_PrivateKey(in, NULL, 0, NULL);
- BIO_free(in);
- return key;
- }
-#endif
diff --git a/.pc/prototypes/Cryptlib/OpenSSL/crypto/x509/by_dir.c b/.pc/prototypes/Cryptlib/OpenSSL/crypto/x509/by_dir.c
deleted file mode 100644
index b3acd80..0000000
--- a/.pc/prototypes/Cryptlib/OpenSSL/crypto/x509/by_dir.c
+++ /dev/null
@@ -1,385 +0,0 @@
-/* crypto/x509/by_dir.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include
-#include
-#include
-
-#include "cryptlib.h"
-
-#ifndef NO_SYS_TYPES_H
-# include
-#endif
-#ifdef MAC_OS_pre_X
-# include
-#else
-# include
-#endif
-
-#include
-#include
-
-#ifdef _WIN32
-#define stat _stat
-#endif
-
-typedef struct lookup_dir_st
- {
- BUF_MEM *buffer;
- int num_dirs;
- char **dirs;
- int *dirs_type;
- int num_dirs_alloced;
- } BY_DIR;
-
-static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
- char **ret);
-static int new_dir(X509_LOOKUP *lu);
-static void free_dir(X509_LOOKUP *lu);
-static int add_cert_dir(BY_DIR *ctx,const char *dir,int type);
-static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name,
- X509_OBJECT *ret);
-X509_LOOKUP_METHOD x509_dir_lookup=
- {
- "Load certs from files in a directory",
- new_dir, /* new */
- free_dir, /* free */
- NULL, /* init */
- NULL, /* shutdown */
- dir_ctrl, /* ctrl */
- get_cert_by_subject, /* get_by_subject */
- NULL, /* get_by_issuer_serial */
- NULL, /* get_by_fingerprint */
- NULL, /* get_by_alias */
- };
-
-X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void)
- {
- return(&x509_dir_lookup);
- }
-
-static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
- char **retp)
- {
- int ret=0;
- BY_DIR *ld;
- char *dir = NULL;
-
- ld=(BY_DIR *)ctx->method_data;
-
- switch (cmd)
- {
- case X509_L_ADD_DIR:
- if (argl == X509_FILETYPE_DEFAULT)
- {
- dir=(char *)Getenv(X509_get_default_cert_dir_env());
- if (dir)
- ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
- else
- ret=add_cert_dir(ld,X509_get_default_cert_dir(),
- X509_FILETYPE_PEM);
- if (!ret)
- {
- X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR);
- }
- }
- else
- ret=add_cert_dir(ld,argp,(int)argl);
- break;
- }
- return(ret);
- }
-
-static int new_dir(X509_LOOKUP *lu)
- {
- BY_DIR *a;
-
- if ((a=(BY_DIR *)OPENSSL_malloc(sizeof(BY_DIR))) == NULL)
- return(0);
- if ((a->buffer=BUF_MEM_new()) == NULL)
- {
- OPENSSL_free(a);
- return(0);
- }
- a->num_dirs=0;
- a->dirs=NULL;
- a->dirs_type=NULL;
- a->num_dirs_alloced=0;
- lu->method_data=(char *)a;
- return(1);
- }
-
-static void free_dir(X509_LOOKUP *lu)
- {
- BY_DIR *a;
- int i;
-
- a=(BY_DIR *)lu->method_data;
- for (i=0; inum_dirs; i++)
- if (a->dirs[i] != NULL) OPENSSL_free(a->dirs[i]);
- if (a->dirs != NULL) OPENSSL_free(a->dirs);
- if (a->dirs_type != NULL) OPENSSL_free(a->dirs_type);
- if (a->buffer != NULL) BUF_MEM_free(a->buffer);
- OPENSSL_free(a);
- }
-
-static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
- {
- int j,len;
- int *ip;
- const char *s,*ss,*p;
- char **pp;
-
- if (dir == NULL || !*dir)
- {
- X509err(X509_F_ADD_CERT_DIR,X509_R_INVALID_DIRECTORY);
- return 0;
- }
-
- s=dir;
- p=s;
- for (;;p++)
- {
- if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0'))
- {
- ss=s;
- s=p+1;
- len=(int)(p-ss);
- if (len == 0) continue;
- for (j=0; jnum_dirs; j++)
- if (strlen(ctx->dirs[j]) == (size_t)len &&
- strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0)
- break;
- if (jnum_dirs)
- continue;
- if (ctx->num_dirs_alloced < (ctx->num_dirs+1))
- {
- ctx->num_dirs_alloced+=10;
- pp=(char **)OPENSSL_malloc(ctx->num_dirs_alloced*
- sizeof(char *));
- ip=(int *)OPENSSL_malloc(ctx->num_dirs_alloced*
- sizeof(int));
- if ((pp == NULL) || (ip == NULL))
- {
- X509err(X509_F_ADD_CERT_DIR,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- memcpy(pp,ctx->dirs,(ctx->num_dirs_alloced-10)*
- sizeof(char *));
- memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)*
- sizeof(int));
- if (ctx->dirs != NULL)
- OPENSSL_free(ctx->dirs);
- if (ctx->dirs_type != NULL)
- OPENSSL_free(ctx->dirs_type);
- ctx->dirs=pp;
- ctx->dirs_type=ip;
- }
- ctx->dirs_type[ctx->num_dirs]=type;
- ctx->dirs[ctx->num_dirs]=(char *)OPENSSL_malloc((unsigned int)len+1);
- if (ctx->dirs[ctx->num_dirs] == NULL) return(0);
- strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len);
- ctx->dirs[ctx->num_dirs][len]='\0';
- ctx->num_dirs++;
- }
- if (*p == '\0') break;
- }
- return(1);
- }
-
-static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
- X509_OBJECT *ret)
- {
- BY_DIR *ctx;
- union {
- struct {
- X509 st_x509;
- X509_CINF st_x509_cinf;
- } x509;
- struct {
- X509_CRL st_crl;
- X509_CRL_INFO st_crl_info;
- } crl;
- } data;
- int ok=0;
- int i,j,k;
- unsigned long h;
- BUF_MEM *b=NULL;
- struct stat st;
- X509_OBJECT stmp,*tmp;
- const char *postfix="";
-
- if (name == NULL) return(0);
-
- stmp.type=type;
- if (type == X509_LU_X509)
- {
- data.x509.st_x509.cert_info= &data.x509.st_x509_cinf;
- data.x509.st_x509_cinf.subject=name;
- stmp.data.x509= &data.x509.st_x509;
- postfix="";
- }
- else if (type == X509_LU_CRL)
- {
- data.crl.st_crl.crl= &data.crl.st_crl_info;
- data.crl.st_crl_info.issuer=name;
- stmp.data.crl= &data.crl.st_crl;
- postfix="r";
- }
- else
- {
- X509err(X509_F_GET_CERT_BY_SUBJECT,X509_R_WRONG_LOOKUP_TYPE);
- goto finish;
- }
-
- if ((b=BUF_MEM_new()) == NULL)
- {
- X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_BUF_LIB);
- goto finish;
- }
-
- ctx=(BY_DIR *)xl->method_data;
-
- h=X509_NAME_hash(name);
- for (i=0; inum_dirs; i++)
- {
- j=strlen(ctx->dirs[i])+1+8+6+1+1;
- if (!BUF_MEM_grow(b,j))
- {
- X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE);
- goto finish;
- }
- k=0;
- for (;;)
- {
- char c = '/';
-#ifdef OPENSSL_SYS_VMS
- c = ctx->dirs[i][strlen(ctx->dirs[i])-1];
- if (c != ':' && c != '>' && c != ']')
- {
- /* If no separator is present, we assume the
- directory specifier is a logical name, and
- add a colon. We really should use better
- VMS routines for merging things like this,
- but this will do for now...
- -- Richard Levitte */
- c = ':';
- }
- else
- {
- c = '\0';
- }
-#endif
- if (c == '\0')
- {
- /* This is special. When c == '\0', no
- directory separator should be added. */
- BIO_snprintf(b->data,b->max,
- "%s%08lx.%s%d",ctx->dirs[i],h,
- postfix,k);
- }
- else
- {
- BIO_snprintf(b->data,b->max,
- "%s%c%08lx.%s%d",ctx->dirs[i],c,h,
- postfix,k);
- }
- k++;
- if (stat(b->data,&st) < 0)
- break;
- /* found one. */
- if (type == X509_LU_X509)
- {
- if ((X509_load_cert_file(xl,b->data,
- ctx->dirs_type[i])) == 0)
- break;
- }
- else if (type == X509_LU_CRL)
- {
- if ((X509_load_crl_file(xl,b->data,
- ctx->dirs_type[i])) == 0)
- break;
- }
- /* else case will caught higher up */
- }
-
- /* we have added it to the cache so now pull
- * it out again */
- CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
- j = sk_X509_OBJECT_find(xl->store_ctx->objs,&stmp);
- if(j != -1) tmp=sk_X509_OBJECT_value(xl->store_ctx->objs,j);
- else tmp = NULL;
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-
- if (tmp != NULL)
- {
- ok=1;
- ret->type=tmp->type;
- memcpy(&ret->data,&tmp->data,sizeof(ret->data));
- /* If we were going to up the reference count,
- * we would need to do it on a perl 'type'
- * basis */
- /* CRYPTO_add(&tmp->data.x509->references,1,
- CRYPTO_LOCK_X509);*/
- goto finish;
- }
- }
-finish:
- if (b != NULL) BUF_MEM_free(b);
- return(ok);
- }
diff --git a/.pc/prototypes/Cryptlib/OpenSSL/crypto/x509v3/v3_pci.c b/.pc/prototypes/Cryptlib/OpenSSL/crypto/x509v3/v3_pci.c
deleted file mode 100644
index 823e9af..0000000
--- a/.pc/prototypes/Cryptlib/OpenSSL/crypto/x509v3/v3_pci.c
+++ /dev/null
@@ -1,328 +0,0 @@
-/* v3_pci.c -*- mode:C; c-file-style: "eay" -*- */
-/* Contributed to the OpenSSL Project 2004
- * by Richard Levitte (richard@levitte.org)
- */
-/* Copyright (c) 2004 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include
-#include "cryptlib.h"
-#include
-#include
-
-static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext,
- BIO *out, int indent);
-static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *str);
-
-const X509V3_EXT_METHOD v3_pci =
- { NID_proxyCertInfo, 0, ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION),
- 0,0,0,0,
- 0,0,
- NULL, NULL,
- (X509V3_EXT_I2R)i2r_pci,
- (X509V3_EXT_R2I)r2i_pci,
- NULL,
- };
-
-static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *pci,
- BIO *out, int indent)
- {
- BIO_printf(out, "%*sPath Length Constraint: ", indent, "");
- if (pci->pcPathLengthConstraint)
- i2a_ASN1_INTEGER(out, pci->pcPathLengthConstraint);
- else
- BIO_printf(out, "infinite");
- BIO_puts(out, "\n");
- BIO_printf(out, "%*sPolicy Language: ", indent, "");
- i2a_ASN1_OBJECT(out, pci->proxyPolicy->policyLanguage);
- BIO_puts(out, "\n");
- if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data)
- BIO_printf(out, "%*sPolicy Text: %s\n", indent, "",
- pci->proxyPolicy->policy->data);
- return 1;
- }
-
-static int process_pci_value(CONF_VALUE *val,
- ASN1_OBJECT **language, ASN1_INTEGER **pathlen,
- ASN1_OCTET_STRING **policy)
- {
- int free_policy = 0;
-
- if (strcmp(val->name, "language") == 0)
- {
- if (*language)
- {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED);
- X509V3_conf_err(val);
- return 0;
- }
- if (!(*language = OBJ_txt2obj(val->value, 0)))
- {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_INVALID_OBJECT_IDENTIFIER);
- X509V3_conf_err(val);
- return 0;
- }
- }
- else if (strcmp(val->name, "pathlen") == 0)
- {
- if (*pathlen)
- {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED);
- X509V3_conf_err(val);
- return 0;
- }
- if (!X509V3_get_value_int(val, pathlen))
- {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_PATH_LENGTH);
- X509V3_conf_err(val);
- return 0;
- }
- }
- else if (strcmp(val->name, "policy") == 0)
- {
- unsigned char *tmp_data = NULL;
- long val_len;
- if (!*policy)
- {
- *policy = ASN1_OCTET_STRING_new();
- if (!*policy)
- {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE);
- X509V3_conf_err(val);
- return 0;
- }
- free_policy = 1;
- }
- if (strncmp(val->value, "hex:", 4) == 0)
- {
- unsigned char *tmp_data2 =
- string_to_hex(val->value + 4, &val_len);
-
- if (!tmp_data2)
- {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_ILLEGAL_HEX_DIGIT);
- X509V3_conf_err(val);
- goto err;
- }
-
- tmp_data = OPENSSL_realloc((*policy)->data,
- (*policy)->length + val_len + 1);
- if (tmp_data)
- {
- (*policy)->data = tmp_data;
- memcpy(&(*policy)->data[(*policy)->length],
- tmp_data2, val_len);
- (*policy)->length += val_len;
- (*policy)->data[(*policy)->length] = '\0';
- }
- else
- {
- OPENSSL_free(tmp_data2);
- /* realloc failure implies the original data space is b0rked too! */
- (*policy)->data = NULL;
- (*policy)->length = 0;
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE);
- X509V3_conf_err(val);
- goto err;
- }
- OPENSSL_free(tmp_data2);
- }
- else if (strncmp(val->value, "file:", 5) == 0)
- {
- unsigned char buf[2048];
- int n;
- BIO *b = BIO_new_file(val->value + 5, "r");
- if (!b)
- {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_BIO_LIB);
- X509V3_conf_err(val);
- goto err;
- }
- while((n = BIO_read(b, buf, sizeof(buf))) > 0
- || (n == 0 && BIO_should_retry(b)))
- {
- if (!n) continue;
-
- tmp_data = OPENSSL_realloc((*policy)->data,
- (*policy)->length + n + 1);
-
- if (!tmp_data)
- break;
-
- (*policy)->data = tmp_data;
- memcpy(&(*policy)->data[(*policy)->length],
- buf, n);
- (*policy)->length += n;
- (*policy)->data[(*policy)->length] = '\0';
- }
- BIO_free_all(b);
-
- if (n < 0)
- {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_BIO_LIB);
- X509V3_conf_err(val);
- goto err;
- }
- }
- else if (strncmp(val->value, "text:", 5) == 0)
- {
- val_len = strlen(val->value + 5);
- tmp_data = OPENSSL_realloc((*policy)->data,
- (*policy)->length + val_len + 1);
- if (tmp_data)
- {
- (*policy)->data = tmp_data;
- memcpy(&(*policy)->data[(*policy)->length],
- val->value + 5, val_len);
- (*policy)->length += val_len;
- (*policy)->data[(*policy)->length] = '\0';
- }
- else
- {
- /* realloc failure implies the original data space is b0rked too! */
- (*policy)->data = NULL;
- (*policy)->length = 0;
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE);
- X509V3_conf_err(val);
- goto err;
- }
- }
- else
- {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_INCORRECT_POLICY_SYNTAX_TAG);
- X509V3_conf_err(val);
- goto err;
- }
- if (!tmp_data)
- {
- X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE);
- X509V3_conf_err(val);
- goto err;
- }
- }
- return 1;
-err:
- if (free_policy)
- {
- ASN1_OCTET_STRING_free(*policy);
- *policy = NULL;
- }
- return 0;
- }
-
-static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *value)
- {
- PROXY_CERT_INFO_EXTENSION *pci = NULL;
- STACK_OF(CONF_VALUE) *vals;
- ASN1_OBJECT *language = NULL;
- ASN1_INTEGER *pathlen = NULL;
- ASN1_OCTET_STRING *policy = NULL;
- int i, j;
-
- vals = X509V3_parse_list(value);
- for (i = 0; i < sk_CONF_VALUE_num(vals); i++)
- {
- CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i);
- if (!cnf->name || (*cnf->name != '@' && !cnf->value))
- {
- X509V3err(X509V3_F_R2I_PCI,X509V3_R_INVALID_PROXY_POLICY_SETTING);
- X509V3_conf_err(cnf);
- goto err;
- }
- if (*cnf->name == '@')
- {
- STACK_OF(CONF_VALUE) *sect;
- int success_p = 1;
-
- sect = X509V3_get_section(ctx, cnf->name + 1);
- if (!sect)
- {
- X509V3err(X509V3_F_R2I_PCI,X509V3_R_INVALID_SECTION);
- X509V3_conf_err(cnf);
- goto err;
- }
- for (j = 0; success_p && j < sk_CONF_VALUE_num(sect); j++)
- {
- success_p =
- process_pci_value(sk_CONF_VALUE_value(sect, j),
- &language, &pathlen, &policy);
- }
- X509V3_section_free(ctx, sect);
- if (!success_p)
- goto err;
- }
- else
- {
- if (!process_pci_value(cnf,
- &language, &pathlen, &policy))
- {
- X509V3_conf_err(cnf);
- goto err;
- }
- }
- }
-
- /* Language is mandatory */
- if (!language)
- {
- X509V3err(X509V3_F_R2I_PCI,X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED);
- goto err;
- }
- i = OBJ_obj2nid(language);
- if ((i == NID_Independent || i == NID_id_ppl_inheritAll) && policy)
- {
- X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY);
- goto err;
- }
-
- pci = PROXY_CERT_INFO_EXTENSION_new();
- if (!pci)
- {
- X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- pci->proxyPolicy->policyLanguage = language; language = NULL;
- pci->proxyPolicy->policy = policy; policy = NULL;
- pci->pcPathLengthConstraint = pathlen; pathlen = NULL;
- goto end;
-err:
- if (language) { ASN1_OBJECT_free(language); language = NULL; }
- if (pathlen) { ASN1_INTEGER_free(pathlen); pathlen = NULL; }
- if (policy) { ASN1_OCTET_STRING_free(policy); policy = NULL; }
- if (pci) { PROXY_CERT_INFO_EXTENSION_free(pci); pci = NULL; }
-end:
- sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
- return pci;
- }
diff --git a/.pc/sbsigntool-not-pesign/Makefile b/.pc/sbsigntool-not-pesign/Makefile
index 58e0bb2..2c760ef 100644
--- a/.pc/sbsigntool-not-pesign/Makefile
+++ b/.pc/sbsigntool-not-pesign/Makefile
@@ -1,15 +1,22 @@
+VERSION = 0.9
+RELEASE :=
+ifneq ($(RELEASE),"")
+ RELEASE:="-$(RELEASE)"
+endif
+
CC = $(CROSS_COMPILE)gcc
LD = $(CROSS_COMPILE)ld
OBJCOPY = $(CROSS_COMPILE)objcopy
ARCH = $(shell $(CC) -dumpmachine | cut -f1 -d- | sed s,i[3456789]86,ia32,)
+OBJCOPY_GTE224 = $(shell expr `$(OBJCOPY) --version |grep ^"GNU objcopy" | sed 's/^.version //g' | cut -f1-2 -d.` \>= 2.24)
SUBDIRS = Cryptlib lib
LIB_PATH = /usr/lib64
EFI_INCLUDE := /usr/include/efi
-EFI_INCLUDES = -nostdinc -ICryptlib -ICryptlib/Include -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol -Iinclude
+EFI_INCLUDES = -nostdinc -ICryptlib -ICryptlib/Include -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol -I$(shell pwd)/include
EFI_PATH := /usr/lib64/gnuefi
LIB_GCC = $(shell $(CC) -print-libgcc-file-name)
@@ -21,7 +28,8 @@ EFI_LDS = elf_$(ARCH)_efi.lds
DEFAULT_LOADER := \\\\grubx64.efi
CFLAGS = -ggdb -O0 -fno-stack-protector -fno-strict-aliasing -fpic \
-fshort-wchar -Wall -Wsign-compare -Werror -fno-builtin \
- -Werror=sign-compare \
+ -Werror=sign-compare -ffreestanding -std=gnu89 \
+ -I$(shell $(CC) -print-file-name=include) \
"-DDEFAULT_LOADER=L\"$(DEFAULT_LOADER)\"" \
"-DDEFAULT_LOADER_CHAR=\"$(DEFAULT_LOADER)\"" \
$(EFI_INCLUDES)
@@ -31,19 +39,22 @@ ifneq ($(origin OVERRIDE_SECURITY_POLICY), undefined)
endif
ifeq ($(ARCH),x86_64)
- CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args \
- -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI
+ CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc \
+ -maccumulate-outgoing-args \
+ -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI \
+ -DNO_BUILTIN_VA_FUNCS \
+ "-DEFI_ARCH=L\"x64\"" \
+ "-DDEBUGDIR=L\"/usr/lib/debug/usr/share/shim/x64-$(VERSION)$(RELEASE)/\""
endif
ifeq ($(ARCH),ia32)
- CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args -m32
+ CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc \
+ -maccumulate-outgoing-args -m32 \
+ "-DEFI_ARCH=L\"ia32\"" \
+ "-DDEBUGDIR=L\"/usr/lib/debug/usr/share/shim/ia32-$(VERSION)$(RELEASE)/\""
endif
-
ifeq ($(ARCH),aarch64)
- CFLAGS += -ffreestanding -I$(shell $(CC) -print-file-name=include)
-endif
-
-ifeq ($(ARCH),arm)
- CFLAGS += -ffreestanding -I$(shell $(CC) -print-file-name=include)
+ CFLAGS += "-DEFI_ARCH=L\"aa64\"" \
+ "-DDEBUGDIR=L\"/usr/lib/debug/usr/share/shim/aa64-$(VERSION)$(RELEASE)/\""
endif
ifneq ($(origin VENDOR_CERT_FILE), undefined)
@@ -53,14 +64,12 @@ ifneq ($(origin VENDOR_DBX_FILE), undefined)
CFLAGS += -DVENDOR_DBX_FILE=\"$(VENDOR_DBX_FILE)\"
endif
-LDFLAGS = -nostdlib -znocombreloc -T $(EFI_LDS) -shared -Bsymbolic -L$(EFI_PATH) -L$(LIB_PATH) -LCryptlib -LCryptlib/OpenSSL $(EFI_CRT_OBJS)
-
-VERSION = 0.8
+LDFLAGS = --hash-style=sysv -nostdlib -znocombreloc -T $(EFI_LDS) -shared -Bsymbolic -L$(EFI_PATH) -L$(LIB_PATH) -LCryptlib -LCryptlib/OpenSSL $(EFI_CRT_OBJS) --build-id=sha1
TARGET = shim.efi MokManager.efi.signed fallback.efi.signed
-OBJS = shim.o netboot.o cert.o replacements.o version.o
+OBJS = shim.o netboot.o cert.o replacements.o tpm.o version.o
KEYS = shim_cert.h ocsp.* ca.* shim.crt shim.csr shim.p12 shim.pem shim.key shim.cer
-SOURCES = shim.c shim.h netboot.c include/PeImage.h include/wincert.h include/console.h replacements.c replacements.h version.c version.h
+SOURCES = shim.c shim.h netboot.c include/PeImage.h include/wincert.h include/console.h replacements.c replacements.h tpm.c tpm.h version.c version.h
MOK_OBJS = MokManager.o PasswordCrypt.o crypt_blowfish.o
MOK_SOURCES = MokManager.c shim.h include/console.h PasswordCrypt.c PasswordCrypt.h crypt_blowfish.c crypt_blowfish.h
FALLBACK_OBJS = fallback.o
@@ -91,6 +100,7 @@ certdb/secmod.db: shim.crt
certutil -d certdb/ -A -i shim.crt -n shim -t u
shim.o: $(SOURCES) shim_cert.h
+shim.o: $(wildcard *.h)
cert.o : cert.S
$(CC) $(CFLAGS) -c -o $@ $<
@@ -115,7 +125,7 @@ Cryptlib/OpenSSL/libopenssl.a:
$(MAKE) -C Cryptlib/OpenSSL
lib/lib.a:
- $(MAKE) -C lib
+ $(MAKE) CFLAGS="$(CFLAGS)" -C lib
ifeq ($(ARCH),aarch64)
FORMAT := -O binary
@@ -132,6 +142,9 @@ endif
FORMAT ?= --target efi-app-$(ARCH)
%.efi: %.so
+ifneq ($(OBJCOPY_GTE224),1)
+ $(error objcopy >= 2.24 is required)
+endif
$(OBJCOPY) -j .text -j .sdata -j .data \
-j .dynamic -j .dynsym -j .rel* \
-j .rela* -j .reloc -j .eh_frame \
@@ -142,6 +155,7 @@ FORMAT ?= --target efi-app-$(ARCH)
-j .rela* -j .reloc -j .eh_frame \
-j .debug_info -j .debug_abbrev -j .debug_aranges \
-j .debug_line -j .debug_str -j .debug_ranges \
+ -j .note.gnu.build-id \
$(FORMAT) $^ $@.debug
%.efi.signed: %.efi certdb/secmod.db
diff --git a/.pc/second-stage-path/Makefile b/.pc/second-stage-path/Makefile
index 332a29b..640ecf2 100644
--- a/.pc/second-stage-path/Makefile
+++ b/.pc/second-stage-path/Makefile
@@ -1,15 +1,22 @@
+VERSION = 0.9
+RELEASE :=
+ifneq ($(RELEASE),"")
+ RELEASE:="-$(RELEASE)"
+endif
+
CC = $(CROSS_COMPILE)gcc
LD = $(CROSS_COMPILE)ld
OBJCOPY = $(CROSS_COMPILE)objcopy
ARCH = $(shell $(CC) -dumpmachine | cut -f1 -d- | sed s,i[3456789]86,ia32,)
+OBJCOPY_GTE224 = $(shell expr `$(OBJCOPY) --version |grep ^"GNU objcopy" | sed 's/^.version //g' | cut -f1-2 -d.` \>= 2.24)
SUBDIRS = Cryptlib lib
LIB_PATH = /usr/lib64
EFI_INCLUDE := /usr/include/efi
-EFI_INCLUDES = -nostdinc -ICryptlib -ICryptlib/Include -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol -Iinclude
+EFI_INCLUDES = -nostdinc -ICryptlib -ICryptlib/Include -I$(EFI_INCLUDE) -I$(EFI_INCLUDE)/$(ARCH) -I$(EFI_INCLUDE)/protocol -I$(shell pwd)/include
EFI_PATH := /usr/lib64/gnuefi
LIB_GCC = $(shell $(CC) -print-libgcc-file-name)
@@ -21,7 +28,8 @@ EFI_LDS = elf_$(ARCH)_efi.lds
DEFAULT_LOADER := \\\\grub.efi
CFLAGS = -ggdb -O0 -fno-stack-protector -fno-strict-aliasing -fpic \
-fshort-wchar -Wall -Wsign-compare -Werror -fno-builtin \
- -Werror=sign-compare \
+ -Werror=sign-compare -ffreestanding -std=gnu89 \
+ -I$(shell $(CC) -print-file-name=include) \
"-DDEFAULT_LOADER=L\"$(DEFAULT_LOADER)\"" \
"-DDEFAULT_LOADER_CHAR=\"$(DEFAULT_LOADER)\"" \
$(EFI_INCLUDES)
@@ -31,19 +39,22 @@ ifneq ($(origin OVERRIDE_SECURITY_POLICY), undefined)
endif
ifeq ($(ARCH),x86_64)
- CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args \
- -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI
+ CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc \
+ -maccumulate-outgoing-args \
+ -DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI \
+ -DNO_BUILTIN_VA_FUNCS \
+ "-DEFI_ARCH=L\"x64\"" \
+ "-DDEBUGDIR=L\"/usr/lib/debug/usr/share/shim/x64-$(VERSION)$(RELEASE)/\""
endif
ifeq ($(ARCH),ia32)
- CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args -m32
+ CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc \
+ -maccumulate-outgoing-args -m32 \
+ "-DEFI_ARCH=L\"ia32\"" \
+ "-DDEBUGDIR=L\"/usr/lib/debug/usr/share/shim/ia32-$(VERSION)$(RELEASE)/\""
endif
-
ifeq ($(ARCH),aarch64)
- CFLAGS += -ffreestanding -I$(shell $(CC) -print-file-name=include)
-endif
-
-ifeq ($(ARCH),arm)
- CFLAGS += -ffreestanding -I$(shell $(CC) -print-file-name=include)
+ CFLAGS += "-DEFI_ARCH=L\"aa64\"" \
+ "-DDEBUGDIR=L\"/usr/lib/debug/usr/share/shim/aa64-$(VERSION)$(RELEASE)/\""
endif
ifneq ($(origin VENDOR_CERT_FILE), undefined)
@@ -53,14 +64,12 @@ ifneq ($(origin VENDOR_DBX_FILE), undefined)
CFLAGS += -DVENDOR_DBX_FILE=\"$(VENDOR_DBX_FILE)\"
endif
-LDFLAGS = -nostdlib -znocombreloc -T $(EFI_LDS) -shared -Bsymbolic -L$(EFI_PATH) -L$(LIB_PATH) -LCryptlib -LCryptlib/OpenSSL $(EFI_CRT_OBJS)
-
-VERSION = 0.8
+LDFLAGS = --hash-style=sysv -nostdlib -znocombreloc -T $(EFI_LDS) -shared -Bsymbolic -L$(EFI_PATH) -L$(LIB_PATH) -LCryptlib -LCryptlib/OpenSSL $(EFI_CRT_OBJS) --build-id=sha1
TARGET = shim.efi MokManager.efi.signed fallback.efi.signed
-OBJS = shim.o netboot.o cert.o replacements.o version.o
+OBJS = shim.o netboot.o cert.o replacements.o tpm.o version.o
KEYS = shim_cert.h ocsp.* ca.* shim.crt shim.csr shim.p12 shim.pem shim.key shim.cer
-SOURCES = shim.c shim.h netboot.c include/PeImage.h include/wincert.h include/console.h replacements.c replacements.h version.c version.h
+SOURCES = shim.c shim.h netboot.c include/PeImage.h include/wincert.h include/console.h replacements.c replacements.h tpm.c tpm.h version.c version.h
MOK_OBJS = MokManager.o PasswordCrypt.o crypt_blowfish.o
MOK_SOURCES = MokManager.c shim.h include/console.h PasswordCrypt.c PasswordCrypt.h crypt_blowfish.c crypt_blowfish.h
FALLBACK_OBJS = fallback.o
@@ -91,6 +100,7 @@ certdb/secmod.db: shim.crt
certutil -d certdb/ -A -i shim.crt -n shim -t u
shim.o: $(SOURCES) shim_cert.h
+shim.o: $(wildcard *.h)
cert.o : cert.S
$(CC) $(CFLAGS) -c -o $@ $<
@@ -115,7 +125,7 @@ Cryptlib/OpenSSL/libopenssl.a:
$(MAKE) -C Cryptlib/OpenSSL
lib/lib.a:
- $(MAKE) -C lib
+ $(MAKE) CFLAGS="$(CFLAGS)" -C lib
ifeq ($(ARCH),aarch64)
FORMAT := -O binary
@@ -132,6 +142,9 @@ endif
FORMAT ?= --target efi-app-$(ARCH)
%.efi: %.so
+ifneq ($(OBJCOPY_GTE224),1)
+ $(error objcopy >= 2.24 is required)
+endif
$(OBJCOPY) -j .text -j .sdata -j .data \
-j .dynamic -j .dynsym -j .rel* \
-j .rela* -j .reloc -j .eh_frame \
@@ -142,6 +155,7 @@ FORMAT ?= --target efi-app-$(ARCH)
-j .rela* -j .reloc -j .eh_frame \
-j .debug_info -j .debug_abbrev -j .debug_aranges \
-j .debug_line -j .debug_str -j .debug_ranges \
+ -j .note.gnu.build-id \
$(FORMAT) $^ $@.debug
%.efi.signed: %.efi certdb/secmod.db
diff --git a/Cryptlib/Hash/CryptSha512.c b/Cryptlib/Hash/CryptSha512.c
new file mode 100644
index 0000000..491f45d
--- /dev/null
+++ b/Cryptlib/Hash/CryptSha512.c
@@ -0,0 +1,354 @@
+/** @file
+ SHA-384 and SHA-512 Digest Wrapper Implementations over OpenSSL.
+
+Copyright (c) 2014, Intel Corporation. All rights reserved.
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "InternalCryptLib.h"
+#include
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-384 hash operations.
+
+ @return The size, in bytes, of the context buffer required for SHA-384 hash operations.
+
+**/
+UINTN
+EFIAPI
+Sha384GetContextSize (
+ VOID
+ )
+{
+ //
+ // Retrieves OpenSSL SHA-384 Context Size
+ //
+ return (UINTN) (sizeof (SHA512_CTX));
+}
+
+/**
+ Initializes user-supplied memory pointed by Sha384Context as SHA-384 hash context for
+ subsequent use.
+
+ If Sha384Context is NULL, then return FALSE.
+
+ @param[out] Sha384Context Pointer to SHA-384 context being initialized.
+
+ @retval TRUE SHA-384 context initialization succeeded.
+ @retval FALSE SHA-384 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha384Init (
+ OUT VOID *Sha384Context
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Sha384Context == NULL) {
+ return FALSE;
+ }
+
+ //
+ // OpenSSL SHA-384 Context Initialization
+ //
+ return (BOOLEAN) (SHA384_Init ((SHA512_CTX *) Sha384Context));
+}
+
+/**
+ Makes a copy of an existing SHA-384 context.
+
+ If Sha384Context is NULL, then return FALSE.
+ If NewSha384Context is NULL, then return FALSE.
+ If this interface is not supported, then return FALSE.
+
+ @param[in] Sha384Context Pointer to SHA-384 context being copied.
+ @param[out] NewSha384Context Pointer to new SHA-384 context.
+
+ @retval TRUE SHA-384 context copy succeeded.
+ @retval FALSE SHA-384 context copy failed.
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sha384Duplicate (
+ IN CONST VOID *Sha384Context,
+ OUT VOID *NewSha384Context
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Sha384Context == NULL || NewSha384Context == NULL) {
+ return FALSE;
+ }
+
+ CopyMem (NewSha384Context, Sha384Context, sizeof (SHA512_CTX));
+
+ return TRUE;
+}
+
+/**
+ Digests the input data and updates SHA-384 context.
+
+ This function performs SHA-384 digest on a data buffer of the specified size.
+ It can be called multiple times to compute the digest of long or discontinuous data streams.
+ SHA-384 context should be already correctly intialized by Sha384Init(), and should not be finalized
+ by Sha384Final(). Behavior with invalid context is undefined.
+
+ If Sha384Context is NULL, then return FALSE.
+
+ @param[in, out] Sha384Context Pointer to the SHA-384 context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataSize Size of Data buffer in bytes.
+
+ @retval TRUE SHA-384 data digest succeeded.
+ @retval FALSE SHA-384 data digest failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha384Update (
+ IN OUT VOID *Sha384Context,
+ IN CONST VOID *Data,
+ IN UINTN DataSize
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Sha384Context == NULL) {
+ return FALSE;
+ }
+
+ //
+ // Check invalid parameters, in case that only DataLength was checked in OpenSSL
+ //
+ if (Data == NULL && DataSize != 0) {
+ return FALSE;
+ }
+
+ //
+ // OpenSSL SHA-384 Hash Update
+ //
+ return (BOOLEAN) (SHA384_Update ((SHA512_CTX *) Sha384Context, Data, DataSize));
+}
+
+/**
+ Completes computation of the SHA-384 digest value.
+
+ This function completes SHA-384 hash computation and retrieves the digest value into
+ the specified memory. After this function has been called, the SHA-384 context cannot
+ be used again.
+ SHA-384 context should be already correctly intialized by Sha384Init(), and should not be
+ finalized by Sha384Final(). Behavior with invalid SHA-384 context is undefined.
+
+ If Sha384Context is NULL, then return FALSE.
+ If HashValue is NULL, then return FALSE.
+
+ @param[in, out] Sha384Context Pointer to the SHA-384 context.
+ @param[out] HashValue Pointer to a buffer that receives the SHA-384 digest
+ value (48 bytes).
+
+ @retval TRUE SHA-384 digest computation succeeded.
+ @retval FALSE SHA-384 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha384Final (
+ IN OUT VOID *Sha384Context,
+ OUT UINT8 *HashValue
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Sha384Context == NULL || HashValue == NULL) {
+ return FALSE;
+ }
+
+ //
+ // OpenSSL SHA-384 Hash Finalization
+ //
+ return (BOOLEAN) (SHA384_Final (HashValue, (SHA512_CTX *) Sha384Context));
+}
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-512 hash operations.
+
+ @return The size, in bytes, of the context buffer required for SHA-512 hash operations.
+
+**/
+UINTN
+EFIAPI
+Sha512GetContextSize (
+ VOID
+ )
+{
+ //
+ // Retrieves OpenSSL SHA-512 Context Size
+ //
+ return (UINTN) (sizeof (SHA512_CTX));
+}
+
+/**
+ Initializes user-supplied memory pointed by Sha512Context as SHA-512 hash context for
+ subsequent use.
+
+ If Sha512Context is NULL, then return FALSE.
+
+ @param[out] Sha512Context Pointer to SHA-512 context being initialized.
+
+ @retval TRUE SHA-512 context initialization succeeded.
+ @retval FALSE SHA-512 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha512Init (
+ OUT VOID *Sha512Context
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Sha512Context == NULL) {
+ return FALSE;
+ }
+
+ //
+ // OpenSSL SHA-512 Context Initialization
+ //
+ return (BOOLEAN) (SHA512_Init ((SHA512_CTX *) Sha512Context));
+}
+
+/**
+ Makes a copy of an existing SHA-512 context.
+
+ If Sha512Context is NULL, then return FALSE.
+ If NewSha512Context is NULL, then return FALSE.
+ If this interface is not supported, then return FALSE.
+
+ @param[in] Sha512Context Pointer to SHA-512 context being copied.
+ @param[out] NewSha512Context Pointer to new SHA-512 context.
+
+ @retval TRUE SHA-512 context copy succeeded.
+ @retval FALSE SHA-512 context copy failed.
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sha512Duplicate (
+ IN CONST VOID *Sha512Context,
+ OUT VOID *NewSha512Context
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Sha512Context == NULL || NewSha512Context == NULL) {
+ return FALSE;
+ }
+
+ CopyMem (NewSha512Context, Sha512Context, sizeof (SHA512_CTX));
+
+ return TRUE;
+}
+
+/**
+ Digests the input data and updates SHA-512 context.
+
+ This function performs SHA-512 digest on a data buffer of the specified size.
+ It can be called multiple times to compute the digest of long or discontinuous data streams.
+ SHA-512 context should be already correctly intialized by Sha512Init(), and should not be finalized
+ by Sha512Final(). Behavior with invalid context is undefined.
+
+ If Sha512Context is NULL, then return FALSE.
+
+ @param[in, out] Sha512Context Pointer to the SHA-512 context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataSize Size of Data buffer in bytes.
+
+ @retval TRUE SHA-512 data digest succeeded.
+ @retval FALSE SHA-512 data digest failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha512Update (
+ IN OUT VOID *Sha512Context,
+ IN CONST VOID *Data,
+ IN UINTN DataSize
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Sha512Context == NULL) {
+ return FALSE;
+ }
+
+ //
+ // Check invalid parameters, in case that only DataLength was checked in OpenSSL
+ //
+ if (Data == NULL && DataSize != 0) {
+ return FALSE;
+ }
+
+ //
+ // OpenSSL SHA-512 Hash Update
+ //
+ return (BOOLEAN) (SHA512_Update ((SHA512_CTX *) Sha512Context, Data, DataSize));
+}
+
+/**
+ Completes computation of the SHA-512 digest value.
+
+ This function completes SHA-512 hash computation and retrieves the digest value into
+ the specified memory. After this function has been called, the SHA-512 context cannot
+ be used again.
+ SHA-512 context should be already correctly intialized by Sha512Init(), and should not be
+ finalized by Sha512Final(). Behavior with invalid SHA-512 context is undefined.
+
+ If Sha512Context is NULL, then return FALSE.
+ If HashValue is NULL, then return FALSE.
+
+ @param[in, out] Sha512Context Pointer to the SHA-512 context.
+ @param[out] HashValue Pointer to a buffer that receives the SHA-512 digest
+ value (64 bytes).
+
+ @retval TRUE SHA-512 digest computation succeeded.
+ @retval FALSE SHA-512 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sha512Final (
+ IN OUT VOID *Sha512Context,
+ OUT UINT8 *HashValue
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (Sha512Context == NULL || HashValue == NULL) {
+ return FALSE;
+ }
+
+ //
+ // OpenSSL SHA-512 Hash Finalization
+ //
+ return (BOOLEAN) (SHA384_Final (HashValue, (SHA512_CTX *) Sha512Context));
+}
diff --git a/Cryptlib/Include/OpenSslSupport.h b/Cryptlib/Include/OpenSslSupport.h
index b77838d..004c3e8 100644
--- a/Cryptlib/Include/OpenSslSupport.h
+++ b/Cryptlib/Include/OpenSslSupport.h
@@ -47,6 +47,9 @@ typedef VOID *FILE;
#define va_arg VA_ARG
#define va_start VA_START
#define va_end VA_END
+
+# if !defined(NO_BUILTIN_VA_FUNCS)
+
typedef __builtin_va_list VA_LIST;
#define VA_START(Marker, Parameter) __builtin_va_start (Marker, Parameter)
@@ -57,6 +60,78 @@ typedef __builtin_va_list VA_LIST;
#define VA_COPY(Dest, Start) __builtin_va_copy (Dest, Start)
+# else
+
+#define _INT_SIZE_OF(n) ((sizeof (n) + sizeof (UINTN) - 1) &~(sizeof (UINTN) - 1))
+///
+/// Variable used to traverse the list of arguments. This type can vary by
+/// implementation and could be an array or structure.
+///
+typedef CHAR8 *VA_LIST;
+
+/**
+ Retrieves a pointer to the beginning of a variable argument list, based on
+ the name of the parameter that immediately precedes the variable argument list.
+
+ This function initializes Marker to point to the beginning of the variable
+ argument list that immediately follows Parameter. The method for computing the
+ pointer to the next argument in the argument list is CPU-specific following the
+ EFIAPI ABI.
+
+ @param Marker The VA_LIST used to traverse the list of arguments.
+ @param Parameter The name of the parameter that immediately precedes
+ the variable argument list.
+
+ @return A pointer to the beginning of a variable argument list.
+
+**/
+#define VA_START(Marker, Parameter) (Marker = (VA_LIST) ((UINTN) & (Parameter) + _INT_SIZE_OF (Parameter)))
+
+/**
+ Returns an argument of a specified type from a variable argument list and updates
+ the pointer to the variable argument list to point to the next argument.
+
+ This function returns an argument of the type specified by TYPE from the beginning
+ of the variable argument list specified by Marker. Marker is then updated to point
+ to the next argument in the variable argument list. The method for computing the
+ pointer to the next argument in the argument list is CPU-specific following the EFIAPI ABI.
+
+ @param Marker VA_LIST used to traverse the list of arguments.
+ @param TYPE The type of argument to retrieve from the beginning
+ of the variable argument list.
+
+ @return An argument of the type specified by TYPE.
+
+**/
+#define VA_ARG(Marker, TYPE) (*(TYPE *) ((Marker += _INT_SIZE_OF (TYPE)) - _INT_SIZE_OF (TYPE)))
+
+/**
+ Terminates the use of a variable argument list.
+
+ This function initializes Marker so it can no longer be used with VA_ARG().
+ After this macro is used, the only way to access the variable argument list is
+ by using VA_START() again.
+
+ @param Marker VA_LIST used to traverse the list of arguments.
+
+**/
+#define VA_END(Marker) (Marker = (VA_LIST) 0)
+
+/**
+ Initializes a VA_LIST as a copy of an existing VA_LIST.
+
+ This macro initializes Dest as a copy of Start, as if the VA_START macro had been applied to Dest
+ followed by the same sequence of uses of the VA_ARG macro as had previously been used to reach
+ the present state of Start.
+
+ @param Dest VA_LIST used to traverse the list of arguments.
+ @param Start VA_LIST used to traverse the list of arguments.
+
+**/
+#define VA_COPY(Dest, Start) ((void)((Dest) = (Start)))
+
+# endif
+
#else // __CC_ARM
#define va_start(Marker, Parameter) __va_start(Marker, Parameter)
#define va_arg(Marker, TYPE) __va_arg(Marker, TYPE)
@@ -133,6 +208,11 @@ struct tm {
char *tm_zone; /* timezone abbreviation */
};
+struct timeval {
+ long tv_sec; /* time value, in seconds */
+ long tv_usec; /* time value, in microseconds */
+} timeval;
+
struct dirent {
UINT32 d_fileno; /* file number of entry */
UINT16 d_reclen; /* length of this record */
@@ -267,5 +347,6 @@ extern FILE *stdout;
#define assert(expression)
#define localtime(timer) NULL
#define gmtime_r(timer,result) (result = NULL)
+#define atoi(nptr) Atoi(nptr)
#endif
diff --git a/Cryptlib/Include/memory.h b/Cryptlib/Include/memory.h
new file mode 100644
index 0000000..092b3cd
--- /dev/null
+++ b/Cryptlib/Include/memory.h
@@ -0,0 +1,16 @@
+/** @file
+ Include file to support building OpenSSL Crypto Library.
+
+Copyright (c) 2015, Intel Corporation. All rights reserved.
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include
+
diff --git a/Cryptlib/Include/openssl/aes.h b/Cryptlib/Include/openssl/aes.h
index 450f2b4..87bf60f 100644
--- a/Cryptlib/Include/openssl/aes.h
+++ b/Cryptlib/Include/openssl/aes.h
@@ -7,7 +7,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@@ -50,25 +50,25 @@
*/
#ifndef HEADER_AES_H
-#define HEADER_AES_H
+# define HEADER_AES_H
-#include
+# include
-#ifdef OPENSSL_NO_AES
-#error AES is disabled.
-#endif
+# ifdef OPENSSL_NO_AES
+# error AES is disabled.
+# endif
-#define AES_ENCRYPT 1
-#define AES_DECRYPT 0
+# include
-/* Because array size can't be a const in C, the following two are macros.
- Both sizes are in bytes. */
-#define AES_MAXNR 14
-#define AES_BLOCK_SIZE 16
+# define AES_ENCRYPT 1
+# define AES_DECRYPT 0
-#ifdef OPENSSL_FIPS
-#define FIPS_AES_SIZE_T int
-#endif
+/*
+ * Because array size can't be a const in C, the following two are macros.
+ * Both sizes are in bytes.
+ */
+# define AES_MAXNR 14
+# define AES_BLOCK_SIZE 16
#ifdef __cplusplus
extern "C" {
@@ -76,11 +76,11 @@ extern "C" {
/* This should be a hidden type, but EVP requires that the size be known */
struct aes_key_st {
-#ifdef AES_LONG
- unsigned long rd_key[4 *(AES_MAXNR + 1)];
-#else
- unsigned int rd_key[4 *(AES_MAXNR + 1)];
-#endif
+# ifdef AES_LONG
+ unsigned long rd_key[4 * (AES_MAXNR + 1)];
+# else
+ unsigned int rd_key[4 * (AES_MAXNR + 1)];
+# endif
int rounds;
};
typedef struct aes_key_st AES_KEY;
@@ -88,61 +88,62 @@ typedef struct aes_key_st AES_KEY;
const char *AES_options(void);
int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key);
+ AES_KEY *key);
int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key);
+ AES_KEY *key);
+
+int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key);
+int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+ AES_KEY *key);
void AES_encrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key);
+ const AES_KEY *key);
void AES_decrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key);
+ const AES_KEY *key);
void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
- const AES_KEY *key, const int enc);
+ const AES_KEY *key, const int enc);
void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
- unsigned char *ivec, const int enc);
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, const int enc);
void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
- unsigned char *ivec, int *num, const int enc);
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
- unsigned char *ivec, int *num, const int enc);
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
- unsigned char *ivec, int *num, const int enc);
-void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
- const int nbits,const AES_KEY *key,
- unsigned char *ivec,const int enc);
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
- unsigned char *ivec, int *num);
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, int *num);
void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
- unsigned char ivec[AES_BLOCK_SIZE],
- unsigned char ecount_buf[AES_BLOCK_SIZE],
- unsigned int *num);
-
-/* For IGE, see also http://www.links.org/files/openssl-ige.pdf */
+ size_t length, const AES_KEY *key,
+ unsigned char ivec[AES_BLOCK_SIZE],
+ unsigned char ecount_buf[AES_BLOCK_SIZE],
+ unsigned int *num);
/* NB: the IV is _two_ blocks long */
void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
- unsigned char *ivec, const int enc);
+ size_t length, const AES_KEY *key,
+ unsigned char *ivec, const int enc);
/* NB: the IV is _four_ blocks long */
void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
- const unsigned long length, const AES_KEY *key,
- const AES_KEY *key2, const unsigned char *ivec,
- const int enc);
+ size_t length, const AES_KEY *key,
+ const AES_KEY *key2, const unsigned char *ivec,
+ const int enc);
int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
- unsigned char *out,
- const unsigned char *in, unsigned int inlen);
+ unsigned char *out,
+ const unsigned char *in, unsigned int inlen);
int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
- unsigned char *out,
- const unsigned char *in, unsigned int inlen);
+ unsigned char *out,
+ const unsigned char *in, unsigned int inlen);
+
#ifdef __cplusplus
}
#endif
-#endif /* !HEADER_AES_H */
+#endif /* !HEADER_AES_H */
diff --git a/Cryptlib/Include/openssl/asn1.h b/Cryptlib/Include/openssl/asn1.h
index d9d5443..68e791f 100644
--- a/Cryptlib/Include/openssl/asn1.h
+++ b/Cryptlib/Include/openssl/asn1.h
@@ -5,21 +5,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,10 +34,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
@@ -57,303 +57,313 @@
*/
#ifndef HEADER_ASN1_H
-#define HEADER_ASN1_H
+# define HEADER_ASN1_H
-#include
-#include
-#ifndef OPENSSL_NO_BIO
-#include
-#endif
-#include
-#include
+# include
+# include
+# ifndef OPENSSL_NO_BIO
+# include
+# endif
+# include
+# include
-#include
+# include
-#include
-#ifndef OPENSSL_NO_DEPRECATED
-#include
-#endif
+# include
+# ifndef OPENSSL_NO_DEPRECATED
+# include
+# endif
-#ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
+# ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
#ifdef __cplusplus
extern "C" {
#endif
-#define V_ASN1_UNIVERSAL 0x00
-#define V_ASN1_APPLICATION 0x40
-#define V_ASN1_CONTEXT_SPECIFIC 0x80
-#define V_ASN1_PRIVATE 0xc0
+# define V_ASN1_UNIVERSAL 0x00
+# define V_ASN1_APPLICATION 0x40
+# define V_ASN1_CONTEXT_SPECIFIC 0x80
+# define V_ASN1_PRIVATE 0xc0
-#define V_ASN1_CONSTRUCTED 0x20
-#define V_ASN1_PRIMITIVE_TAG 0x1f
-#define V_ASN1_PRIMATIVE_TAG 0x1f
+# define V_ASN1_CONSTRUCTED 0x20
+# define V_ASN1_PRIMITIVE_TAG 0x1f
+# define V_ASN1_PRIMATIVE_TAG 0x1f
-#define V_ASN1_APP_CHOOSE -2 /* let the recipient choose */
-#define V_ASN1_OTHER -3 /* used in ASN1_TYPE */
-#define V_ASN1_ANY -4 /* used in ASN1 template code */
+# define V_ASN1_APP_CHOOSE -2/* let the recipient choose */
+# define V_ASN1_OTHER -3/* used in ASN1_TYPE */
+# define V_ASN1_ANY -4/* used in ASN1 template code */
-#define V_ASN1_NEG 0x100 /* negative flag */
-
-#define V_ASN1_UNDEF -1
-#define V_ASN1_EOC 0
-#define V_ASN1_BOOLEAN 1 /**/
-#define V_ASN1_INTEGER 2
-#define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG)
-#define V_ASN1_BIT_STRING 3
-#define V_ASN1_OCTET_STRING 4
-#define V_ASN1_NULL 5
-#define V_ASN1_OBJECT 6
-#define V_ASN1_OBJECT_DESCRIPTOR 7
-#define V_ASN1_EXTERNAL 8
-#define V_ASN1_REAL 9
-#define V_ASN1_ENUMERATED 10
-#define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG)
-#define V_ASN1_UTF8STRING 12
-#define V_ASN1_SEQUENCE 16
-#define V_ASN1_SET 17
-#define V_ASN1_NUMERICSTRING 18 /**/
-#define V_ASN1_PRINTABLESTRING 19
-#define V_ASN1_T61STRING 20
-#define V_ASN1_TELETEXSTRING 20 /* alias */
-#define V_ASN1_VIDEOTEXSTRING 21 /**/
-#define V_ASN1_IA5STRING 22
-#define V_ASN1_UTCTIME 23
-#define V_ASN1_GENERALIZEDTIME 24 /**/
-#define V_ASN1_GRAPHICSTRING 25 /**/
-#define V_ASN1_ISO64STRING 26 /**/
-#define V_ASN1_VISIBLESTRING 26 /* alias */
-#define V_ASN1_GENERALSTRING 27 /**/
-#define V_ASN1_UNIVERSALSTRING 28 /**/
-#define V_ASN1_BMPSTRING 30
+# define V_ASN1_NEG 0x100/* negative flag */
+# define V_ASN1_UNDEF -1
+# define V_ASN1_EOC 0
+# define V_ASN1_BOOLEAN 1 /**/
+# define V_ASN1_INTEGER 2
+# define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG)
+# define V_ASN1_BIT_STRING 3
+# define V_ASN1_OCTET_STRING 4
+# define V_ASN1_NULL 5
+# define V_ASN1_OBJECT 6
+# define V_ASN1_OBJECT_DESCRIPTOR 7
+# define V_ASN1_EXTERNAL 8
+# define V_ASN1_REAL 9
+# define V_ASN1_ENUMERATED 10
+# define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG)
+# define V_ASN1_UTF8STRING 12
+# define V_ASN1_SEQUENCE 16
+# define V_ASN1_SET 17
+# define V_ASN1_NUMERICSTRING 18 /**/
+# define V_ASN1_PRINTABLESTRING 19
+# define V_ASN1_T61STRING 20
+# define V_ASN1_TELETEXSTRING 20/* alias */
+# define V_ASN1_VIDEOTEXSTRING 21 /**/
+# define V_ASN1_IA5STRING 22
+# define V_ASN1_UTCTIME 23
+# define V_ASN1_GENERALIZEDTIME 24 /**/
+# define V_ASN1_GRAPHICSTRING 25 /**/
+# define V_ASN1_ISO64STRING 26 /**/
+# define V_ASN1_VISIBLESTRING 26/* alias */
+# define V_ASN1_GENERALSTRING 27 /**/
+# define V_ASN1_UNIVERSALSTRING 28 /**/
+# define V_ASN1_BMPSTRING 30
/* For use with d2i_ASN1_type_bytes() */
-#define B_ASN1_NUMERICSTRING 0x0001
-#define B_ASN1_PRINTABLESTRING 0x0002
-#define B_ASN1_T61STRING 0x0004
-#define B_ASN1_TELETEXSTRING 0x0004
-#define B_ASN1_VIDEOTEXSTRING 0x0008
-#define B_ASN1_IA5STRING 0x0010
-#define B_ASN1_GRAPHICSTRING 0x0020
-#define B_ASN1_ISO64STRING 0x0040
-#define B_ASN1_VISIBLESTRING 0x0040
-#define B_ASN1_GENERALSTRING 0x0080
-#define B_ASN1_UNIVERSALSTRING 0x0100
-#define B_ASN1_OCTET_STRING 0x0200
-#define B_ASN1_BIT_STRING 0x0400
-#define B_ASN1_BMPSTRING 0x0800
-#define B_ASN1_UNKNOWN 0x1000
-#define B_ASN1_UTF8STRING 0x2000
-#define B_ASN1_UTCTIME 0x4000
-#define B_ASN1_GENERALIZEDTIME 0x8000
-#define B_ASN1_SEQUENCE 0x10000
-
+# define B_ASN1_NUMERICSTRING 0x0001
+# define B_ASN1_PRINTABLESTRING 0x0002
+# define B_ASN1_T61STRING 0x0004
+# define B_ASN1_TELETEXSTRING 0x0004
+# define B_ASN1_VIDEOTEXSTRING 0x0008
+# define B_ASN1_IA5STRING 0x0010
+# define B_ASN1_GRAPHICSTRING 0x0020
+# define B_ASN1_ISO64STRING 0x0040
+# define B_ASN1_VISIBLESTRING 0x0040
+# define B_ASN1_GENERALSTRING 0x0080
+# define B_ASN1_UNIVERSALSTRING 0x0100
+# define B_ASN1_OCTET_STRING 0x0200
+# define B_ASN1_BIT_STRING 0x0400
+# define B_ASN1_BMPSTRING 0x0800
+# define B_ASN1_UNKNOWN 0x1000
+# define B_ASN1_UTF8STRING 0x2000
+# define B_ASN1_UTCTIME 0x4000
+# define B_ASN1_GENERALIZEDTIME 0x8000
+# define B_ASN1_SEQUENCE 0x10000
/* For use with ASN1_mbstring_copy() */
-#define MBSTRING_FLAG 0x1000
-#define MBSTRING_UTF8 (MBSTRING_FLAG)
-#define MBSTRING_ASC (MBSTRING_FLAG|1)
-#define MBSTRING_BMP (MBSTRING_FLAG|2)
-#define MBSTRING_UNIV (MBSTRING_FLAG|4)
-
-#define SMIME_OLDMIME 0x400
-#define SMIME_CRLFEOL 0x800
-#define SMIME_STREAM 0x1000
-
-struct X509_algor_st;
+# define MBSTRING_FLAG 0x1000
+# define MBSTRING_UTF8 (MBSTRING_FLAG)
+# define MBSTRING_ASC (MBSTRING_FLAG|1)
+# define MBSTRING_BMP (MBSTRING_FLAG|2)
+# define MBSTRING_UNIV (MBSTRING_FLAG|4)
+# define SMIME_OLDMIME 0x400
+# define SMIME_CRLFEOL 0x800
+# define SMIME_STREAM 0x1000
+ struct X509_algor_st;
DECLARE_STACK_OF(X509_ALGOR)
-#define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */
-#define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */
+# define DECLARE_ASN1_SET_OF(type)/* filled in by mkstack.pl */
+# define IMPLEMENT_ASN1_SET_OF(type)/* nothing, no longer needed */
-/* We MUST make sure that, except for constness, asn1_ctx_st and
- asn1_const_ctx are exactly the same. Fortunately, as soon as
- the old ASN1 parsing macros are gone, we can throw this away
- as well... */
-typedef struct asn1_ctx_st
- {
- unsigned char *p;/* work char pointer */
- int eos; /* end of sequence read for indefinite encoding */
- int error; /* error code to use when returning an error */
- int inf; /* constructed if 0x20, indefinite is 0x21 */
- int tag; /* tag from last 'get object' */
- int xclass; /* class from last 'get object' */
- long slen; /* length of last 'get object' */
- unsigned char *max; /* largest value of p allowed */
- unsigned char *q;/* temporary variable */
- unsigned char **pp;/* variable */
- int line; /* used in error processing */
- } ASN1_CTX;
-
-typedef struct asn1_const_ctx_st
- {
- const unsigned char *p;/* work char pointer */
- int eos; /* end of sequence read for indefinite encoding */
- int error; /* error code to use when returning an error */
- int inf; /* constructed if 0x20, indefinite is 0x21 */
- int tag; /* tag from last 'get object' */
- int xclass; /* class from last 'get object' */
- long slen; /* length of last 'get object' */
- const unsigned char *max; /* largest value of p allowed */
- const unsigned char *q;/* temporary variable */
- const unsigned char **pp;/* variable */
- int line; /* used in error processing */
- } ASN1_const_CTX;
-
-/* These are used internally in the ASN1_OBJECT to keep track of
- * whether the names and data need to be free()ed */
-#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */
-#define ASN1_OBJECT_FLAG_CRITICAL 0x02 /* critical x509v3 object id */
-#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 /* internal use */
-#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */
-typedef struct asn1_object_st
- {
- const char *sn,*ln;
- int nid;
- int length;
- unsigned char *data;
- int flags; /* Should we free this one */
- } ASN1_OBJECT;
-
-#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */
-/* This indicates that the ASN1_STRING is not a real value but just a place
- * holder for the location where indefinite length constructed data should
- * be inserted in the memory buffer
+/*
+ * We MUST make sure that, except for constness, asn1_ctx_st and
+ * asn1_const_ctx are exactly the same. Fortunately, as soon as the old ASN1
+ * parsing macros are gone, we can throw this away as well...
*/
-#define ASN1_STRING_FLAG_NDEF 0x010
+typedef struct asn1_ctx_st {
+ unsigned char *p; /* work char pointer */
+ int eos; /* end of sequence read for indefinite
+ * encoding */
+ int error; /* error code to use when returning an error */
+ int inf; /* constructed if 0x20, indefinite is 0x21 */
+ int tag; /* tag from last 'get object' */
+ int xclass; /* class from last 'get object' */
+ long slen; /* length of last 'get object' */
+ unsigned char *max; /* largest value of p allowed */
+ unsigned char *q; /* temporary variable */
+ unsigned char **pp; /* variable */
+ int line; /* used in error processing */
+} ASN1_CTX;
-/* This flag is used by the CMS code to indicate that a string is not
- * complete and is a place holder for content when it had all been
- * accessed. The flag will be reset when content has been written to it.
+typedef struct asn1_const_ctx_st {
+ const unsigned char *p; /* work char pointer */
+ int eos; /* end of sequence read for indefinite
+ * encoding */
+ int error; /* error code to use when returning an error */
+ int inf; /* constructed if 0x20, indefinite is 0x21 */
+ int tag; /* tag from last 'get object' */
+ int xclass; /* class from last 'get object' */
+ long slen; /* length of last 'get object' */
+ const unsigned char *max; /* largest value of p allowed */
+ const unsigned char *q; /* temporary variable */
+ const unsigned char **pp; /* variable */
+ int line; /* used in error processing */
+} ASN1_const_CTX;
+
+/*
+ * These are used internally in the ASN1_OBJECT to keep track of whether the
+ * names and data need to be free()ed
*/
-#define ASN1_STRING_FLAG_CONT 0x020
+# define ASN1_OBJECT_FLAG_DYNAMIC 0x01/* internal use */
+# define ASN1_OBJECT_FLAG_CRITICAL 0x02/* critical x509v3 object id */
+# define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04/* internal use */
+# define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08/* internal use */
+struct asn1_object_st {
+ const char *sn, *ln;
+ int nid;
+ int length;
+ const unsigned char *data; /* data remains const after init */
+ int flags; /* Should we free this one */
+};
+# define ASN1_STRING_FLAG_BITS_LEFT 0x08/* Set if 0x07 has bits left value */
+/*
+ * This indicates that the ASN1_STRING is not a real value but just a place
+ * holder for the location where indefinite length constructed data should be
+ * inserted in the memory buffer
+ */
+# define ASN1_STRING_FLAG_NDEF 0x010
+
+/*
+ * This flag is used by the CMS code to indicate that a string is not
+ * complete and is a place holder for content when it had all been accessed.
+ * The flag will be reset when content has been written to it.
+ */
+
+# define ASN1_STRING_FLAG_CONT 0x020
+/*
+ * This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
+ * type.
+ */
+# define ASN1_STRING_FLAG_MSTRING 0x040
/* This is the base type that holds just about everything :-) */
-typedef struct asn1_string_st
- {
- int length;
- int type;
- unsigned char *data;
- /* The value of the following field depends on the type being
- * held. It is mostly being used for BIT_STRING so if the
- * input data has a non-zero 'unused bits' value, it will be
- * handled correctly */
- long flags;
- } ASN1_STRING;
+struct asn1_string_st {
+ int length;
+ int type;
+ unsigned char *data;
+ /*
+ * The value of the following field depends on the type being held. It
+ * is mostly being used for BIT_STRING so if the input data has a
+ * non-zero 'unused bits' value, it will be handled correctly
+ */
+ long flags;
+};
-/* ASN1_ENCODING structure: this is used to save the received
- * encoding of an ASN1 type. This is useful to get round
- * problems with invalid encodings which can break signatures.
+/*
+ * ASN1_ENCODING structure: this is used to save the received encoding of an
+ * ASN1 type. This is useful to get round problems with invalid encodings
+ * which can break signatures.
*/
-typedef struct ASN1_ENCODING_st
- {
- unsigned char *enc; /* DER encoding */
- long len; /* Length of encoding */
- int modified; /* set to 1 if 'enc' is invalid */
- } ASN1_ENCODING;
+typedef struct ASN1_ENCODING_st {
+ unsigned char *enc; /* DER encoding */
+ long len; /* Length of encoding */
+ int modified; /* set to 1 if 'enc' is invalid */
+} ASN1_ENCODING;
/* Used with ASN1 LONG type: if a long is set to this it is omitted */
-#define ASN1_LONG_UNDEF 0x7fffffffL
+# define ASN1_LONG_UNDEF 0x7fffffffL
-#define STABLE_FLAGS_MALLOC 0x01
-#define STABLE_NO_MASK 0x02
-#define DIRSTRING_TYPE \
+# define STABLE_FLAGS_MALLOC 0x01
+# define STABLE_NO_MASK 0x02
+# define DIRSTRING_TYPE \
(B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)
-#define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING)
+# define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING)
typedef struct asn1_string_table_st {
- int nid;
- long minsize;
- long maxsize;
- unsigned long mask;
- unsigned long flags;
+ int nid;
+ long minsize;
+ long maxsize;
+ unsigned long mask;
+ unsigned long flags;
} ASN1_STRING_TABLE;
DECLARE_STACK_OF(ASN1_STRING_TABLE)
/* size limits: this stuff is taken straight from RFC2459 */
-#define ub_name 32768
-#define ub_common_name 64
-#define ub_locality_name 128
-#define ub_state_name 128
-#define ub_organization_name 64
-#define ub_organization_unit_name 64
-#define ub_title 64
-#define ub_email_address 128
+# define ub_name 32768
+# define ub_common_name 64
+# define ub_locality_name 128
+# define ub_state_name 128
+# define ub_organization_name 64
+# define ub_organization_unit_name 64
+# define ub_title 64
+# define ub_email_address 128
-/* Declarations for template structures: for full definitions
- * see asn1t.h
+/*
+ * Declarations for template structures: for full definitions see asn1t.h
*/
typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
-typedef struct ASN1_ITEM_st ASN1_ITEM;
typedef struct ASN1_TLC_st ASN1_TLC;
/* This is just an opaque pointer */
typedef struct ASN1_VALUE_st ASN1_VALUE;
/* Declare ASN1 functions: the implement macro in in asn1t.h */
-#define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
+# define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
-#define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \
- DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type)
+# define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \
+ DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type)
-#define DECLARE_ASN1_FUNCTIONS_name(type, name) \
- DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
- DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
+# define DECLARE_ASN1_FUNCTIONS_name(type, name) \
+ DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+ DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
-#define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \
- DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
- DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name)
+# define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \
+ DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+ DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name)
-#define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
- type *d2i_##name(type **a, const unsigned char **in, long len); \
- int i2d_##name(type *a, unsigned char **out); \
- DECLARE_ASN1_ITEM(itname)
+# define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
+ type *d2i_##name(type **a, const unsigned char **in, long len); \
+ int i2d_##name(type *a, unsigned char **out); \
+ DECLARE_ASN1_ITEM(itname)
-#define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
- type *d2i_##name(type **a, const unsigned char **in, long len); \
- int i2d_##name(const type *a, unsigned char **out); \
- DECLARE_ASN1_ITEM(name)
+# define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
+ type *d2i_##name(type **a, const unsigned char **in, long len); \
+ int i2d_##name(const type *a, unsigned char **out); \
+ DECLARE_ASN1_ITEM(name)
-#define DECLARE_ASN1_NDEF_FUNCTION(name) \
- int i2d_##name##_NDEF(name *a, unsigned char **out);
+# define DECLARE_ASN1_NDEF_FUNCTION(name) \
+ int i2d_##name##_NDEF(name *a, unsigned char **out);
-#define DECLARE_ASN1_FUNCTIONS_const(name) \
- DECLARE_ASN1_ALLOC_FUNCTIONS(name) \
- DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name)
+# define DECLARE_ASN1_FUNCTIONS_const(name) \
+ DECLARE_ASN1_ALLOC_FUNCTIONS(name) \
+ DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name)
-#define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
- type *name##_new(void); \
- void name##_free(type *a);
+# define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+ type *name##_new(void); \
+ void name##_free(type *a);
-#define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
-#define I2D_OF(type) int (*)(type *,unsigned char **)
-#define I2D_OF_const(type) int (*)(const type *,unsigned char **)
+# define DECLARE_ASN1_PRINT_FUNCTION(stname) \
+ DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
-#define CHECKED_D2I_OF(type, d2i) \
+# define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
+ int fname##_print_ctx(BIO *out, stname *x, int indent, \
+ const ASN1_PCTX *pctx);
+
+# define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
+# define I2D_OF(type) int (*)(type *,unsigned char **)
+# define I2D_OF_const(type) int (*)(const type *,unsigned char **)
+
+# define CHECKED_D2I_OF(type, d2i) \
((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0)))
-#define CHECKED_I2D_OF(type, i2d) \
+# define CHECKED_I2D_OF(type, i2d) \
((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0)))
-#define CHECKED_NEW_OF(type, xnew) \
+# define CHECKED_NEW_OF(type, xnew) \
((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0)))
-#define CHECKED_PTR_OF(type, p) \
+# define CHECKED_PTR_OF(type, p) \
((void*) (1 ? p : (type*)0))
-#define CHECKED_PPTR_OF(type, p) \
+# define CHECKED_PPTR_OF(type, p) \
((void**) (1 ? p : (type**)0))
-#define CHECKED_PTR_OF_TO_CHAR(type, p) \
- ((char*) (1 ? p : (type*)0))
-#define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
-#define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
-#define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type)
+# define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
+# define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
+# define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type)
TYPEDEF_D2I2D_OF(void);
-/* The following macros and typedefs allow an ASN1_ITEM
+/*-
+ * The following macros and typedefs allow an ASN1_ITEM
* to be embedded in a structure and referenced. Since
* the ASN1_ITEM pointers need to be globally accessible
* (possibly from shared libraries) they may exist in
@@ -372,7 +382,7 @@ TYPEDEF_D2I2D_OF(void);
* ...
* ASN1_ITEM_EXP *iptr;
* ...
- * } SOMETHING;
+ * } SOMETHING;
*
* It would be initialised as e.g.:
*
@@ -388,462 +398,477 @@ TYPEDEF_D2I2D_OF(void);
*
*/
-#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
/* ASN1_ITEM pointer exported type */
typedef const ASN1_ITEM ASN1_ITEM_EXP;
/* Macro to obtain ASN1_ITEM pointer from exported type */
-#define ASN1_ITEM_ptr(iptr) (iptr)
+# define ASN1_ITEM_ptr(iptr) (iptr)
/* Macro to include ASN1_ITEM pointer from base type */
-#define ASN1_ITEM_ref(iptr) (&(iptr##_it))
+# define ASN1_ITEM_ref(iptr) (&(iptr##_it))
-#define ASN1_ITEM_rptr(ref) (&(ref##_it))
+# define ASN1_ITEM_rptr(ref) (&(ref##_it))
-#define DECLARE_ASN1_ITEM(name) \
- OPENSSL_EXTERN const ASN1_ITEM name##_it;
+# define DECLARE_ASN1_ITEM(name) \
+ OPENSSL_EXTERN const ASN1_ITEM name##_it;
-#else
+# else
-/* Platforms that can't easily handle shared global variables are declared
- * as functions returning ASN1_ITEM pointers.
+/*
+ * Platforms that can't easily handle shared global variables are declared as
+ * functions returning ASN1_ITEM pointers.
*/
/* ASN1_ITEM pointer exported type */
-typedef const ASN1_ITEM * ASN1_ITEM_EXP(void);
+typedef const ASN1_ITEM *ASN1_ITEM_EXP (void);
/* Macro to obtain ASN1_ITEM pointer from exported type */
-#define ASN1_ITEM_ptr(iptr) (iptr())
+# define ASN1_ITEM_ptr(iptr) (iptr())
/* Macro to include ASN1_ITEM pointer from base type */
-#define ASN1_ITEM_ref(iptr) (iptr##_it)
+# define ASN1_ITEM_ref(iptr) (iptr##_it)
-#define ASN1_ITEM_rptr(ref) (ref##_it())
+# define ASN1_ITEM_rptr(ref) (ref##_it())
-#define DECLARE_ASN1_ITEM(name) \
- const ASN1_ITEM * name##_it(void);
+# define DECLARE_ASN1_ITEM(name) \
+ const ASN1_ITEM * name##_it(void);
-#endif
+# endif
/* Parameters used by ASN1_STRING_print_ex() */
-/* These determine which characters to escape:
- * RFC2253 special characters, control characters and
- * MSB set characters
+/*
+ * These determine which characters to escape: RFC2253 special characters,
+ * control characters and MSB set characters
*/
-#define ASN1_STRFLGS_ESC_2253 1
-#define ASN1_STRFLGS_ESC_CTRL 2
-#define ASN1_STRFLGS_ESC_MSB 4
+# define ASN1_STRFLGS_ESC_2253 1
+# define ASN1_STRFLGS_ESC_CTRL 2
+# define ASN1_STRFLGS_ESC_MSB 4
-
-/* This flag determines how we do escaping: normally
- * RC2253 backslash only, set this to use backslash and
- * quote.
+/*
+ * This flag determines how we do escaping: normally RC2253 backslash only,
+ * set this to use backslash and quote.
*/
-#define ASN1_STRFLGS_ESC_QUOTE 8
-
+# define ASN1_STRFLGS_ESC_QUOTE 8
/* These three flags are internal use only. */
/* Character is a valid PrintableString character */
-#define CHARTYPE_PRINTABLESTRING 0x10
+# define CHARTYPE_PRINTABLESTRING 0x10
/* Character needs escaping if it is the first character */
-#define CHARTYPE_FIRST_ESC_2253 0x20
+# define CHARTYPE_FIRST_ESC_2253 0x20
/* Character needs escaping if it is the last character */
-#define CHARTYPE_LAST_ESC_2253 0x40
+# define CHARTYPE_LAST_ESC_2253 0x40
-/* NB the internal flags are safely reused below by flags
- * handled at the top level.
+/*
+ * NB the internal flags are safely reused below by flags handled at the top
+ * level.
*/
-/* If this is set we convert all character strings
- * to UTF8 first
+/*
+ * If this is set we convert all character strings to UTF8 first
*/
-#define ASN1_STRFLGS_UTF8_CONVERT 0x10
+# define ASN1_STRFLGS_UTF8_CONVERT 0x10
-/* If this is set we don't attempt to interpret content:
- * just assume all strings are 1 byte per character. This
- * will produce some pretty odd looking output!
+/*
+ * If this is set we don't attempt to interpret content: just assume all
+ * strings are 1 byte per character. This will produce some pretty odd
+ * looking output!
*/
-#define ASN1_STRFLGS_IGNORE_TYPE 0x20
+# define ASN1_STRFLGS_IGNORE_TYPE 0x20
/* If this is set we include the string type in the output */
-#define ASN1_STRFLGS_SHOW_TYPE 0x40
+# define ASN1_STRFLGS_SHOW_TYPE 0x40
-/* This determines which strings to display and which to
- * 'dump' (hex dump of content octets or DER encoding). We can
- * only dump non character strings or everything. If we
- * don't dump 'unknown' they are interpreted as character
- * strings with 1 octet per character and are subject to
- * the usual escaping options.
+/*
+ * This determines which strings to display and which to 'dump' (hex dump of
+ * content octets or DER encoding). We can only dump non character strings or
+ * everything. If we don't dump 'unknown' they are interpreted as character
+ * strings with 1 octet per character and are subject to the usual escaping
+ * options.
*/
-#define ASN1_STRFLGS_DUMP_ALL 0x80
-#define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
+# define ASN1_STRFLGS_DUMP_ALL 0x80
+# define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
-/* These determine what 'dumping' does, we can dump the
- * content octets or the DER encoding: both use the
- * RFC2253 #XXXXX notation.
+/*
+ * These determine what 'dumping' does, we can dump the content octets or the
+ * DER encoding: both use the RFC2253 #XXXXX notation.
*/
-#define ASN1_STRFLGS_DUMP_DER 0x200
+# define ASN1_STRFLGS_DUMP_DER 0x200
-/* All the string flags consistent with RFC2253,
- * escaping control characters isn't essential in
- * RFC2253 but it is advisable anyway.
+/*
+ * All the string flags consistent with RFC2253, escaping control characters
+ * isn't essential in RFC2253 but it is advisable anyway.
*/
-#define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \
- ASN1_STRFLGS_ESC_CTRL | \
- ASN1_STRFLGS_ESC_MSB | \
- ASN1_STRFLGS_UTF8_CONVERT | \
- ASN1_STRFLGS_DUMP_UNKNOWN | \
- ASN1_STRFLGS_DUMP_DER)
+# define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \
+ ASN1_STRFLGS_ESC_CTRL | \
+ ASN1_STRFLGS_ESC_MSB | \
+ ASN1_STRFLGS_UTF8_CONVERT | \
+ ASN1_STRFLGS_DUMP_UNKNOWN | \
+ ASN1_STRFLGS_DUMP_DER)
DECLARE_STACK_OF(ASN1_INTEGER)
DECLARE_ASN1_SET_OF(ASN1_INTEGER)
DECLARE_STACK_OF(ASN1_GENERALSTRING)
-typedef struct asn1_type_st
- {
- int type;
- union {
- char *ptr;
- ASN1_BOOLEAN boolean;
- ASN1_STRING * asn1_string;
- ASN1_OBJECT * object;
- ASN1_INTEGER * integer;
- ASN1_ENUMERATED * enumerated;
- ASN1_BIT_STRING * bit_string;
- ASN1_OCTET_STRING * octet_string;
- ASN1_PRINTABLESTRING * printablestring;
- ASN1_T61STRING * t61string;
- ASN1_IA5STRING * ia5string;
- ASN1_GENERALSTRING * generalstring;
- ASN1_BMPSTRING * bmpstring;
- ASN1_UNIVERSALSTRING * universalstring;
- ASN1_UTCTIME * utctime;
- ASN1_GENERALIZEDTIME * generalizedtime;
- ASN1_VISIBLESTRING * visiblestring;
- ASN1_UTF8STRING * utf8string;
- /* set and sequence are left complete and still
- * contain the set or sequence bytes */
- ASN1_STRING * set;
- ASN1_STRING * sequence;
- ASN1_VALUE * asn1_value;
- } value;
- } ASN1_TYPE;
+typedef struct asn1_type_st {
+ int type;
+ union {
+ char *ptr;
+ ASN1_BOOLEAN boolean;
+ ASN1_STRING *asn1_string;
+ ASN1_OBJECT *object;
+ ASN1_INTEGER *integer;
+ ASN1_ENUMERATED *enumerated;
+ ASN1_BIT_STRING *bit_string;
+ ASN1_OCTET_STRING *octet_string;
+ ASN1_PRINTABLESTRING *printablestring;
+ ASN1_T61STRING *t61string;
+ ASN1_IA5STRING *ia5string;
+ ASN1_GENERALSTRING *generalstring;
+ ASN1_BMPSTRING *bmpstring;
+ ASN1_UNIVERSALSTRING *universalstring;
+ ASN1_UTCTIME *utctime;
+ ASN1_GENERALIZEDTIME *generalizedtime;
+ ASN1_VISIBLESTRING *visiblestring;
+ ASN1_UTF8STRING *utf8string;
+ /*
+ * set and sequence are left complete and still contain the set or
+ * sequence bytes
+ */
+ ASN1_STRING *set;
+ ASN1_STRING *sequence;
+ ASN1_VALUE *asn1_value;
+ } value;
+} ASN1_TYPE;
DECLARE_STACK_OF(ASN1_TYPE)
DECLARE_ASN1_SET_OF(ASN1_TYPE)
-typedef struct asn1_method_st
- {
- i2d_of_void *i2d;
- d2i_of_void *d2i;
- void *(*create)(void);
- void (*destroy)(void *);
- } ASN1_METHOD;
+typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
-/* This is used when parsing some Netscape objects */
-typedef struct asn1_header_st
- {
- ASN1_OCTET_STRING *header;
- void *data;
- ASN1_METHOD *meth;
- } ASN1_HEADER;
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
+
+typedef struct NETSCAPE_X509_st {
+ ASN1_OCTET_STRING *header;
+ X509 *cert;
+} NETSCAPE_X509;
/* This is used to contain a list of bit names */
typedef struct BIT_STRING_BITNAME_st {
- int bitnum;
- const char *lname;
- const char *sname;
+ int bitnum;
+ const char *lname;
+ const char *sname;
} BIT_STRING_BITNAME;
-
-#define M_ASN1_STRING_length(x) ((x)->length)
-#define M_ASN1_STRING_length_set(x, n) ((x)->length = (n))
-#define M_ASN1_STRING_type(x) ((x)->type)
-#define M_ASN1_STRING_data(x) ((x)->data)
+# define M_ASN1_STRING_length(x) ((x)->length)
+# define M_ASN1_STRING_length_set(x, n) ((x)->length = (n))
+# define M_ASN1_STRING_type(x) ((x)->type)
+# define M_ASN1_STRING_data(x) ((x)->data)
/* Macros for string operations */
-#define M_ASN1_BIT_STRING_new() (ASN1_BIT_STRING *)\
- ASN1_STRING_type_new(V_ASN1_BIT_STRING)
-#define M_ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
- ASN1_STRING_dup((ASN1_STRING *)a)
-#define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
- (ASN1_STRING *)a,(ASN1_STRING *)b)
-#define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
+# define M_ASN1_BIT_STRING_new() (ASN1_BIT_STRING *)\
+ ASN1_STRING_type_new(V_ASN1_BIT_STRING)
+# define M_ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
+ ASN1_STRING_dup((const ASN1_STRING *)a)
+# define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
+ (const ASN1_STRING *)a,(const ASN1_STRING *)b)
+# define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
-#define M_ASN1_INTEGER_new() (ASN1_INTEGER *)\
- ASN1_STRING_type_new(V_ASN1_INTEGER)
-#define M_ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)ASN1_STRING_dup((ASN1_STRING *)a)
-#define M_ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\
- (ASN1_STRING *)a,(ASN1_STRING *)b)
+# define M_ASN1_INTEGER_new() (ASN1_INTEGER *)\
+ ASN1_STRING_type_new(V_ASN1_INTEGER)
+# define M_ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)\
+ ASN1_STRING_dup((const ASN1_STRING *)a)
+# define M_ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\
+ (const ASN1_STRING *)a,(const ASN1_STRING *)b)
-#define M_ASN1_ENUMERATED_new() (ASN1_ENUMERATED *)\
- ASN1_STRING_type_new(V_ASN1_ENUMERATED)
-#define M_ASN1_ENUMERATED_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)ASN1_STRING_dup((ASN1_STRING *)a)
-#define M_ASN1_ENUMERATED_cmp(a,b) ASN1_STRING_cmp(\
- (ASN1_STRING *)a,(ASN1_STRING *)b)
+# define M_ASN1_ENUMERATED_new() (ASN1_ENUMERATED *)\
+ ASN1_STRING_type_new(V_ASN1_ENUMERATED)
+# define M_ASN1_ENUMERATED_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)\
+ ASN1_STRING_dup((const ASN1_STRING *)a)
+# define M_ASN1_ENUMERATED_cmp(a,b) ASN1_STRING_cmp(\
+ (const ASN1_STRING *)a,(const ASN1_STRING *)b)
-#define M_ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\
- ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
-#define M_ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
- ASN1_STRING_dup((ASN1_STRING *)a)
-#define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
- (ASN1_STRING *)a,(ASN1_STRING *)b)
-#define M_ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
-#define M_ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b)
-#define M_i2d_ASN1_OCTET_STRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\
- V_ASN1_UNIVERSAL)
+# define M_ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\
+ ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
+# define M_ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
+ ASN1_STRING_dup((const ASN1_STRING *)a)
+# define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
+ (const ASN1_STRING *)a,(const ASN1_STRING *)b)
+# define M_ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
+# define M_ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b)
+# define M_i2d_ASN1_OCTET_STRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\
+ V_ASN1_UNIVERSAL)
-#define B_ASN1_TIME \
- B_ASN1_UTCTIME | \
- B_ASN1_GENERALIZEDTIME
+# define B_ASN1_TIME \
+ B_ASN1_UTCTIME | \
+ B_ASN1_GENERALIZEDTIME
-#define B_ASN1_PRINTABLE \
- B_ASN1_NUMERICSTRING| \
- B_ASN1_PRINTABLESTRING| \
- B_ASN1_T61STRING| \
- B_ASN1_IA5STRING| \
- B_ASN1_BIT_STRING| \
- B_ASN1_UNIVERSALSTRING|\
- B_ASN1_BMPSTRING|\
- B_ASN1_UTF8STRING|\
- B_ASN1_SEQUENCE|\
- B_ASN1_UNKNOWN
+# define B_ASN1_PRINTABLE \
+ B_ASN1_NUMERICSTRING| \
+ B_ASN1_PRINTABLESTRING| \
+ B_ASN1_T61STRING| \
+ B_ASN1_IA5STRING| \
+ B_ASN1_BIT_STRING| \
+ B_ASN1_UNIVERSALSTRING|\
+ B_ASN1_BMPSTRING|\
+ B_ASN1_UTF8STRING|\
+ B_ASN1_SEQUENCE|\
+ B_ASN1_UNKNOWN
-#define B_ASN1_DIRECTORYSTRING \
- B_ASN1_PRINTABLESTRING| \
- B_ASN1_TELETEXSTRING|\
- B_ASN1_BMPSTRING|\
- B_ASN1_UNIVERSALSTRING|\
- B_ASN1_UTF8STRING
+# define B_ASN1_DIRECTORYSTRING \
+ B_ASN1_PRINTABLESTRING| \
+ B_ASN1_TELETEXSTRING|\
+ B_ASN1_BMPSTRING|\
+ B_ASN1_UNIVERSALSTRING|\
+ B_ASN1_UTF8STRING
-#define B_ASN1_DISPLAYTEXT \
- B_ASN1_IA5STRING| \
- B_ASN1_VISIBLESTRING| \
- B_ASN1_BMPSTRING|\
- B_ASN1_UTF8STRING
+# define B_ASN1_DISPLAYTEXT \
+ B_ASN1_IA5STRING| \
+ B_ASN1_VISIBLESTRING| \
+ B_ASN1_BMPSTRING|\
+ B_ASN1_UTF8STRING
-#define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING)
-#define M_ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
- pp,a->type,V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_PRINTABLE(a,pp,l) \
- d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
- B_ASN1_PRINTABLE)
+# define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING)
+# define M_ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
+ pp,a->type,V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_PRINTABLE(a,pp,l) \
+ d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+ B_ASN1_PRINTABLE)
-#define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
-#define M_DIRECTORYSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
- pp,a->type,V_ASN1_UNIVERSAL)
-#define M_d2i_DIRECTORYSTRING(a,pp,l) \
- d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
- B_ASN1_DIRECTORYSTRING)
+# define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
+# define M_DIRECTORYSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
+ pp,a->type,V_ASN1_UNIVERSAL)
+# define M_d2i_DIRECTORYSTRING(a,pp,l) \
+ d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+ B_ASN1_DIRECTORYSTRING)
-#define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
-#define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
- pp,a->type,V_ASN1_UNIVERSAL)
-#define M_d2i_DISPLAYTEXT(a,pp,l) \
- d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
- B_ASN1_DISPLAYTEXT)
+# define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
+# define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
+ pp,a->type,V_ASN1_UNIVERSAL)
+# define M_d2i_DISPLAYTEXT(a,pp,l) \
+ d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+ B_ASN1_DISPLAYTEXT)
-#define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\
- ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
-#define M_ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_PRINTABLESTRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\
- V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \
- (ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\
- ((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING)
+# define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\
+ ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
+# define M_ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_ASN1_PRINTABLESTRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\
+ V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \
+ (ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\
+ ((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING)
-#define M_ASN1_T61STRING_new() (ASN1_T61STRING *)\
- ASN1_STRING_type_new(V_ASN1_T61STRING)
-#define M_ASN1_T61STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_T61STRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\
- V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_T61STRING(a,pp,l) \
- (ASN1_T61STRING *)d2i_ASN1_type_bytes\
- ((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING)
+# define M_ASN1_T61STRING_new() (ASN1_T61STRING *)\
+ ASN1_STRING_type_new(V_ASN1_T61STRING)
+# define M_ASN1_T61STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_ASN1_T61STRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\
+ V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_T61STRING(a,pp,l) \
+ (ASN1_T61STRING *)d2i_ASN1_type_bytes\
+ ((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING)
-#define M_ASN1_IA5STRING_new() (ASN1_IA5STRING *)\
- ASN1_STRING_type_new(V_ASN1_IA5STRING)
-#define M_ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_IA5STRING_dup(a) \
- (ASN1_IA5STRING *)ASN1_STRING_dup((ASN1_STRING *)a)
-#define M_i2d_ASN1_IA5STRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
- V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_IA5STRING(a,pp,l) \
- (ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\
- B_ASN1_IA5STRING)
+# define M_ASN1_IA5STRING_new() (ASN1_IA5STRING *)\
+ ASN1_STRING_type_new(V_ASN1_IA5STRING)
+# define M_ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_ASN1_IA5STRING_dup(a) \
+ (ASN1_IA5STRING *)ASN1_STRING_dup((const ASN1_STRING *)a)
+# define M_i2d_ASN1_IA5STRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
+ V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_IA5STRING(a,pp,l) \
+ (ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\
+ B_ASN1_IA5STRING)
-#define M_ASN1_UTCTIME_new() (ASN1_UTCTIME *)\
- ASN1_STRING_type_new(V_ASN1_UTCTIME)
-#define M_ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup((ASN1_STRING *)a)
+# define M_ASN1_UTCTIME_new() (ASN1_UTCTIME *)\
+ ASN1_STRING_type_new(V_ASN1_UTCTIME)
+# define M_ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)\
+ ASN1_STRING_dup((const ASN1_STRING *)a)
-#define M_ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\
- ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
-#define M_ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\
- (ASN1_STRING *)a)
+# define M_ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\
+ ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
+# define M_ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\
+ (const ASN1_STRING *)a)
-#define M_ASN1_TIME_new() (ASN1_TIME *)\
- ASN1_STRING_type_new(V_ASN1_UTCTIME)
-#define M_ASN1_TIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_TIME_dup(a) (ASN1_TIME *)ASN1_STRING_dup((ASN1_STRING *)a)
+# define M_ASN1_TIME_new() (ASN1_TIME *)\
+ ASN1_STRING_type_new(V_ASN1_UTCTIME)
+# define M_ASN1_TIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_ASN1_TIME_dup(a) (ASN1_TIME *)\
+ ASN1_STRING_dup((const ASN1_STRING *)a)
-#define M_ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\
- ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
-#define M_ASN1_GENERALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_GENERALSTRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\
- V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_GENERALSTRING(a,pp,l) \
- (ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\
- ((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING)
+# define M_ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\
+ ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
+# define M_ASN1_GENERALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_ASN1_GENERALSTRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\
+ V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_GENERALSTRING(a,pp,l) \
+ (ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\
+ ((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING)
-#define M_ASN1_UNIVERSALSTRING_new() (ASN1_UNIVERSALSTRING *)\
- ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING)
-#define M_ASN1_UNIVERSALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\
- V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \
- (ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\
- ((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING)
+# define M_ASN1_UNIVERSALSTRING_new() (ASN1_UNIVERSALSTRING *)\
+ ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING)
+# define M_ASN1_UNIVERSALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\
+ V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \
+ (ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\
+ ((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING)
-#define M_ASN1_BMPSTRING_new() (ASN1_BMPSTRING *)\
- ASN1_STRING_type_new(V_ASN1_BMPSTRING)
-#define M_ASN1_BMPSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_BMPSTRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\
- V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_BMPSTRING(a,pp,l) \
- (ASN1_BMPSTRING *)d2i_ASN1_type_bytes\
- ((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING)
+# define M_ASN1_BMPSTRING_new() (ASN1_BMPSTRING *)\
+ ASN1_STRING_type_new(V_ASN1_BMPSTRING)
+# define M_ASN1_BMPSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_ASN1_BMPSTRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\
+ V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_BMPSTRING(a,pp,l) \
+ (ASN1_BMPSTRING *)d2i_ASN1_type_bytes\
+ ((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING)
-#define M_ASN1_VISIBLESTRING_new() (ASN1_VISIBLESTRING *)\
- ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
-#define M_ASN1_VISIBLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_VISIBLESTRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_VISIBLESTRING,\
- V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_VISIBLESTRING(a,pp,l) \
- (ASN1_VISIBLESTRING *)d2i_ASN1_type_bytes\
- ((ASN1_STRING **)a,pp,l,B_ASN1_VISIBLESTRING)
+# define M_ASN1_VISIBLESTRING_new() (ASN1_VISIBLESTRING *)\
+ ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
+# define M_ASN1_VISIBLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_ASN1_VISIBLESTRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_VISIBLESTRING,\
+ V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_VISIBLESTRING(a,pp,l) \
+ (ASN1_VISIBLESTRING *)d2i_ASN1_type_bytes\
+ ((ASN1_STRING **)a,pp,l,B_ASN1_VISIBLESTRING)
-#define M_ASN1_UTF8STRING_new() (ASN1_UTF8STRING *)\
- ASN1_STRING_type_new(V_ASN1_UTF8STRING)
-#define M_ASN1_UTF8STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_UTF8STRING(a,pp) \
- i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UTF8STRING,\
- V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_UTF8STRING(a,pp,l) \
- (ASN1_UTF8STRING *)d2i_ASN1_type_bytes\
- ((ASN1_STRING **)a,pp,l,B_ASN1_UTF8STRING)
+# define M_ASN1_UTF8STRING_new() (ASN1_UTF8STRING *)\
+ ASN1_STRING_type_new(V_ASN1_UTF8STRING)
+# define M_ASN1_UTF8STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_ASN1_UTF8STRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UTF8STRING,\
+ V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_UTF8STRING(a,pp,l) \
+ (ASN1_UTF8STRING *)d2i_ASN1_type_bytes\
+ ((ASN1_STRING **)a,pp,l,B_ASN1_UTF8STRING)
/* for the is_set parameter to i2d_ASN1_SET */
-#define IS_SEQUENCE 0
-#define IS_SET 1
+# define IS_SEQUENCE 0
+# define IS_SET 1
DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
int ASN1_TYPE_get(ASN1_TYPE *a);
void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
+int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
-ASN1_OBJECT * ASN1_OBJECT_new(void );
-void ASN1_OBJECT_free(ASN1_OBJECT *a);
-int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp);
-ASN1_OBJECT * c2i_ASN1_OBJECT(ASN1_OBJECT **a,const unsigned char **pp,
- long length);
-ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,const unsigned char **pp,
- long length);
+ASN1_OBJECT *ASN1_OBJECT_new(void);
+void ASN1_OBJECT_free(ASN1_OBJECT *a);
+int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp);
+ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
+ long length);
+ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
+ long length);
DECLARE_ASN1_ITEM(ASN1_OBJECT)
DECLARE_STACK_OF(ASN1_OBJECT)
DECLARE_ASN1_SET_OF(ASN1_OBJECT)
-ASN1_STRING * ASN1_STRING_new(void);
-void ASN1_STRING_free(ASN1_STRING *a);
-ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
-ASN1_STRING * ASN1_STRING_type_new(int type );
-int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
- /* Since this is used to store all sorts of things, via macros, for now, make
- its data void * */
-int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
-void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
-int ASN1_STRING_length(ASN1_STRING *x);
+ASN1_STRING *ASN1_STRING_new(void);
+void ASN1_STRING_free(ASN1_STRING *a);
+void ASN1_STRING_clear_free(ASN1_STRING *a);
+int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
+ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a);
+ASN1_STRING *ASN1_STRING_type_new(int type);
+int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);
+ /*
+ * Since this is used to store all sorts of things, via macros, for now,
+ * make its data void *
+ */
+int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
+void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
+int ASN1_STRING_length(const ASN1_STRING *x);
void ASN1_STRING_length_set(ASN1_STRING *x, int n);
int ASN1_STRING_type(ASN1_STRING *x);
-unsigned char * ASN1_STRING_data(ASN1_STRING *x);
+unsigned char *ASN1_STRING_data(ASN1_STRING *x);
DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
-int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp);
-ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,const unsigned char **pp,
- long length);
-int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d,
- int length );
-int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
-int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
+int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp);
+ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
+ const unsigned char **pp, long length);
+int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length);
+int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
+int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
+int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
+ unsigned char *flags, int flags_len);
-#ifndef OPENSSL_NO_BIO
+# ifndef OPENSSL_NO_BIO
int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
- BIT_STRING_BITNAME *tbl, int indent);
-#endif
+ BIT_STRING_BITNAME *tbl, int indent);
+# endif
int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl);
int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
- BIT_STRING_BITNAME *tbl);
+ BIT_STRING_BITNAME *tbl);
-int i2d_ASN1_BOOLEAN(int a,unsigned char **pp);
-int d2i_ASN1_BOOLEAN(int *a,const unsigned char **pp,long length);
+int i2d_ASN1_BOOLEAN(int a, unsigned char **pp);
+int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length);
DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
-int i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
-ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,const unsigned char **pp,
- long length);
-ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,const unsigned char **pp,
- long length);
-ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x);
-int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y);
+int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp);
+ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
+ long length);
+ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
+ long length);
+ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x);
+int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y);
DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
-int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
-ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t);
+int ASN1_UTCTIME_check(const ASN1_UTCTIME *a);
+ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+ int offset_day, long offset_sec);
int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
-#if 0
+# if 0
time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s);
-#endif
+# endif
-int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a);
-ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t);
+int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *a);
+ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+ time_t t);
+ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+ time_t t, int offset_day,
+ long offset_sec);
int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str);
+int ASN1_TIME_diff(int *pday, int *psec,
+ const ASN1_TIME *from, const ASN1_TIME *to);
DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
-ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a);
-int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b);
-int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, int len);
+ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a);
+int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
+ const ASN1_OCTET_STRING *b);
+int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data,
+ int len);
DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
@@ -868,40 +893,46 @@ DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
-ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t);
+ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t,
+ int offset_day, long offset_sec);
int ASN1_TIME_check(ASN1_TIME *t);
-ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out);
+ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME
+ **out);
+int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
-int i2d_ASN1_SET(STACK *a, unsigned char **pp,
- i2d_of_void *i2d, int ex_tag, int ex_class, int is_set);
-STACK * d2i_ASN1_SET(STACK **a, const unsigned char **pp, long length,
- d2i_of_void *d2i, void (*free_func)(void *),
- int ex_tag, int ex_class);
+int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
+ i2d_of_void *i2d, int ex_tag, int ex_class, int is_set);
+STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a,
+ const unsigned char **pp,
+ long length, d2i_of_void *d2i,
+ void (*free_func) (OPENSSL_BLOCK),
+ int ex_tag, int ex_class);
-#ifndef OPENSSL_NO_BIO
+# ifndef OPENSSL_NO_BIO
int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
-int a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size);
+int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size);
int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a);
-int a2i_ASN1_ENUMERATED(BIO *bp,ASN1_ENUMERATED *bs,char *buf,int size);
-int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *a);
-int a2i_ASN1_STRING(BIO *bp,ASN1_STRING *bs,char *buf,int size);
+int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size);
+int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a);
+int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size);
int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type);
-#endif
-int i2t_ASN1_OBJECT(char *buf,int buf_len,ASN1_OBJECT *a);
+# endif
+int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a);
-int a2d_ASN1_OBJECT(unsigned char *out,int olen, const char *buf, int num);
-ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len,
- const char *sn, const char *ln);
+int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num);
+ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
+ const char *sn, const char *ln);
int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
-long ASN1_INTEGER_get(ASN1_INTEGER *a);
-ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
-BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
+long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
-BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai,BIGNUM *bn);
+BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);
/* General */
/* given a string, return the correct type, max is the maximum length */
@@ -909,11 +940,11 @@ int ASN1_PRINTABLE_type(const unsigned char *s, int max);
int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
- long length, int Ptag, int Pclass);
+ long length, int Ptag, int Pclass);
unsigned long ASN1_tag2bit(int tag);
/* type is one or more of the B_ASN1_ values. */
-ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,const unsigned char **pp,
- long length,int type);
+ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
+ long length, int type);
/* PARSING */
int asn1_Finish(ASN1_CTX *c);
@@ -921,146 +952,142 @@ int asn1_const_Finish(ASN1_const_CTX *c);
/* SPECIALS */
int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
- int *pclass, long omax);
-int ASN1_check_infinite_end(unsigned char **p,long len);
-int ASN1_const_check_infinite_end(const unsigned char **p,long len);
+ int *pclass, long omax);
+int ASN1_check_infinite_end(unsigned char **p, long len);
+int ASN1_const_check_infinite_end(const unsigned char **p, long len);
void ASN1_put_object(unsigned char **pp, int constructed, int length,
- int tag, int xclass);
+ int tag, int xclass);
int ASN1_put_eoc(unsigned char **pp);
int ASN1_object_size(int constructed, int length, int tag);
/* Used to implement other functions */
-void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, char *x);
+void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x);
-#define ASN1_dup_of(type,i2d,d2i,x) \
+# define ASN1_dup_of(type,i2d,d2i,x) \
((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
- CHECKED_D2I_OF(type, d2i), \
- CHECKED_PTR_OF_TO_CHAR(type, x)))
+ CHECKED_D2I_OF(type, d2i), \
+ CHECKED_PTR_OF(type, x)))
-#define ASN1_dup_of_const(type,i2d,d2i,x) \
+# define ASN1_dup_of_const(type,i2d,d2i,x) \
((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \
- CHECKED_D2I_OF(type, d2i), \
- CHECKED_PTR_OF_TO_CHAR(const type, x)))
+ CHECKED_D2I_OF(type, d2i), \
+ CHECKED_PTR_OF(const type, x)))
void *ASN1_item_dup(const ASN1_ITEM *it, void *x);
/* ASN1 alloc/free macros for when a type is only used internally */
-#define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type))
-#define M_ASN1_free_of(x, type) \
- ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type))
+# define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type))
+# define M_ASN1_free_of(x, type) \
+ ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type))
-#ifndef OPENSSL_NO_FP_API
-void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x);
+# ifndef OPENSSL_NO_FP_API
+void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x);
-#define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \
+# define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \
((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \
- CHECKED_D2I_OF(type, d2i), \
- in, \
- CHECKED_PPTR_OF(type, x)))
+ CHECKED_D2I_OF(type, d2i), \
+ in, \
+ CHECKED_PPTR_OF(type, x)))
void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
-int ASN1_i2d_fp(i2d_of_void *i2d,FILE *out,void *x);
+int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x);
-#define ASN1_i2d_fp_of(type,i2d,out,x) \
+# define ASN1_i2d_fp_of(type,i2d,out,x) \
(ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
- out, \
- CHECKED_PTR_OF(type, x)))
+ out, \
+ CHECKED_PTR_OF(type, x)))
-#define ASN1_i2d_fp_of_const(type,i2d,out,x) \
+# define ASN1_i2d_fp_of_const(type,i2d,out,x) \
(ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \
- out, \
- CHECKED_PTR_OF(const type, x)))
+ out, \
+ CHECKED_PTR_OF(const type, x)))
int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x);
int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
-#endif
+# endif
int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
-#ifndef OPENSSL_NO_BIO
-void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x);
+# ifndef OPENSSL_NO_BIO
+void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
-#define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \
+# define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \
((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \
- CHECKED_D2I_OF(type, d2i), \
- in, \
- CHECKED_PPTR_OF(type, x)))
+ CHECKED_D2I_OF(type, d2i), \
+ in, \
+ CHECKED_PPTR_OF(type, x)))
void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
-int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, unsigned char *x);
+int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x);
-#define ASN1_i2d_bio_of(type,i2d,out,x) \
+# define ASN1_i2d_bio_of(type,i2d,out,x) \
(ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
- out, \
- CHECKED_PTR_OF(type, x)))
+ out, \
+ CHECKED_PTR_OF(type, x)))
-#define ASN1_i2d_bio_of_const(type,i2d,out,x) \
+# define ASN1_i2d_bio_of_const(type,i2d,out,x) \
(ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \
- out, \
- CHECKED_PTR_OF(const type, x)))
+ out, \
+ CHECKED_PTR_OF(const type, x)))
int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
-int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
-int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a);
-int ASN1_TIME_print(BIO *fp,ASN1_TIME *a);
-int ASN1_STRING_print(BIO *bp,ASN1_STRING *v);
+int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
+int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a);
+int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
+int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
-int ASN1_parse(BIO *bp,const unsigned char *pp,long len,int indent);
-int ASN1_parse_dump(BIO *bp,const unsigned char *pp,long len,int indent,int dump);
-#endif
+int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
+ unsigned char *buf, int off);
+int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent);
+int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent,
+ int dump);
+# endif
const char *ASN1_tag2str(int tag);
-/* Used to load and write netscape format cert/key */
-int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp);
-ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,const unsigned char **pp, long length);
-ASN1_HEADER *ASN1_HEADER_new(void );
-void ASN1_HEADER_free(ASN1_HEADER *a);
+/* Used to load and write netscape format cert */
+
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509)
int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
-/* Not used that much at this point, except for the first two */
-ASN1_METHOD *X509_asn1_meth(void);
-ASN1_METHOD *RSAPrivateKey_asn1_meth(void);
-ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void);
-ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void);
-
-int ASN1_TYPE_set_octetstring(ASN1_TYPE *a,
- unsigned char *data, int len);
-int ASN1_TYPE_get_octetstring(ASN1_TYPE *a,
- unsigned char *data, int max_len);
+int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len);
+int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, int max_len);
int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
- unsigned char *data, int len);
-int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num,
- unsigned char *data, int max_len);
+ unsigned char *data, int len);
+int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num,
+ unsigned char *data, int max_len);
-STACK *ASN1_seq_unpack(const unsigned char *buf, int len,
- d2i_of_void *d2i, void (*free_func)(void *));
-unsigned char *ASN1_seq_pack(STACK *safes, i2d_of_void *i2d,
- unsigned char **buf, int *len );
+STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len,
+ d2i_of_void *d2i,
+ void (*free_func) (OPENSSL_BLOCK));
+unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
+ unsigned char **buf, int *len);
void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i);
void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it);
ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d,
- ASN1_OCTET_STRING **oct);
+ ASN1_OCTET_STRING **oct);
-#define ASN1_pack_string_of(type,obj,i2d,oct) \
+# define ASN1_pack_string_of(type,obj,i2d,oct) \
(ASN1_pack_string(CHECKED_PTR_OF(type, obj), \
- CHECKED_I2D_OF(type, i2d), \
- oct))
+ CHECKED_I2D_OF(type, i2d), \
+ oct))
-ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct);
+ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it,
+ ASN1_OCTET_STRING **oct);
void ASN1_STRING_set_default_mask(unsigned long mask);
int ASN1_STRING_set_default_mask_asc(const char *p);
unsigned long ASN1_STRING_get_default_mask(void);
int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
- int inform, unsigned long mask);
+ int inform, unsigned long mask);
int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
- int inform, unsigned long mask,
- long minsize, long maxsize);
+ int inform, unsigned long mask,
+ long minsize, long maxsize);
-ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
- const unsigned char *in, int inlen, int inform, int nid);
+ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
+ const unsigned char *in, int inlen,
+ int inform, int nid);
ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long);
void ASN1_STRING_TABLE_cleanup(void);
@@ -1070,27 +1097,71 @@ void ASN1_STRING_TABLE_cleanup(void);
/* Old API compatible functions */
ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
-ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it);
+ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in,
+ long len, const ASN1_ITEM *it);
int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
-int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
+int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out,
+ const ASN1_ITEM *it);
void ASN1_add_oid_module(void);
ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
-typedef int asn1_output_data_fn(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
- const ASN1_ITEM *it);
+/* ASN1 Print flags */
-int int_smime_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
- int ctype_nid, int econt_nid,
- STACK_OF(X509_ALGOR) *mdalgs,
- asn1_output_data_fn *data_fn,
- const ASN1_ITEM *it);
+/* Indicate missing OPTIONAL fields */
+# define ASN1_PCTX_FLAGS_SHOW_ABSENT 0x001
+/* Mark start and end of SEQUENCE */
+# define ASN1_PCTX_FLAGS_SHOW_SEQUENCE 0x002
+/* Mark start and end of SEQUENCE/SET OF */
+# define ASN1_PCTX_FLAGS_SHOW_SSOF 0x004
+/* Show the ASN1 type of primitives */
+# define ASN1_PCTX_FLAGS_SHOW_TYPE 0x008
+/* Don't show ASN1 type of ANY */
+# define ASN1_PCTX_FLAGS_NO_ANY_TYPE 0x010
+/* Don't show ASN1 type of MSTRINGs */
+# define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE 0x020
+/* Don't show field names in SEQUENCE */
+# define ASN1_PCTX_FLAGS_NO_FIELD_NAME 0x040
+/* Show structure names of each SEQUENCE field */
+# define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME 0x080
+/* Don't show structure name even at top level */
+# define ASN1_PCTX_FLAGS_NO_STRUCT_NAME 0x100
+
+int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
+ const ASN1_ITEM *it, const ASN1_PCTX *pctx);
+ASN1_PCTX *ASN1_PCTX_new(void);
+void ASN1_PCTX_free(ASN1_PCTX *p);
+unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags);
+
+BIO_METHOD *BIO_f_asn1(void);
+
+BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it);
+
+int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+ const ASN1_ITEM *it);
+int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+ const char *hdr, const ASN1_ITEM *it);
+int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
+ int ctype_nid, int econt_nid,
+ STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it);
ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
+int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
+int SMIME_text(BIO *in, BIO *out);
/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_ASN1_strings(void);
@@ -1098,233 +1169,249 @@ void ERR_load_ASN1_strings(void);
/* Error codes for the ASN1 functions. */
/* Function codes. */
-#define ASN1_F_A2D_ASN1_OBJECT 100
-#define ASN1_F_A2I_ASN1_ENUMERATED 101
-#define ASN1_F_A2I_ASN1_INTEGER 102
-#define ASN1_F_A2I_ASN1_STRING 103
-#define ASN1_F_APPEND_EXP 176
-#define ASN1_F_ASN1_BIT_STRING_SET_BIT 183
-#define ASN1_F_ASN1_CB 177
-#define ASN1_F_ASN1_CHECK_TLEN 104
-#define ASN1_F_ASN1_COLLATE_PRIMITIVE 105
-#define ASN1_F_ASN1_COLLECT 106
-#define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108
-#define ASN1_F_ASN1_D2I_FP 109
-#define ASN1_F_ASN1_D2I_READ_BIO 107
-#define ASN1_F_ASN1_DIGEST 184
-#define ASN1_F_ASN1_DO_ADB 110
-#define ASN1_F_ASN1_DUP 111
-#define ASN1_F_ASN1_ENUMERATED_SET 112
-#define ASN1_F_ASN1_ENUMERATED_TO_BN 113
-#define ASN1_F_ASN1_EX_C2I 204
-#define ASN1_F_ASN1_FIND_END 190
-#define ASN1_F_ASN1_GENERALIZEDTIME_SET 185
-#define ASN1_F_ASN1_GENERATE_V3 178
-#define ASN1_F_ASN1_GET_OBJECT 114
-#define ASN1_F_ASN1_HEADER_NEW 115
-#define ASN1_F_ASN1_I2D_BIO 116
-#define ASN1_F_ASN1_I2D_FP 117
-#define ASN1_F_ASN1_INTEGER_SET 118
-#define ASN1_F_ASN1_INTEGER_TO_BN 119
-#define ASN1_F_ASN1_ITEM_D2I_FP 206
-#define ASN1_F_ASN1_ITEM_DUP 191
-#define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW 121
-#define ASN1_F_ASN1_ITEM_EX_D2I 120
-#define ASN1_F_ASN1_ITEM_I2D_BIO 192
-#define ASN1_F_ASN1_ITEM_I2D_FP 193
-#define ASN1_F_ASN1_ITEM_PACK 198
-#define ASN1_F_ASN1_ITEM_SIGN 195
-#define ASN1_F_ASN1_ITEM_UNPACK 199
-#define ASN1_F_ASN1_ITEM_VERIFY 197
-#define ASN1_F_ASN1_MBSTRING_NCOPY 122
-#define ASN1_F_ASN1_OBJECT_NEW 123
-#define ASN1_F_ASN1_OUTPUT_DATA 207
-#define ASN1_F_ASN1_PACK_STRING 124
-#define ASN1_F_ASN1_PCTX_NEW 205
-#define ASN1_F_ASN1_PKCS5_PBE_SET 125
-#define ASN1_F_ASN1_SEQ_PACK 126
-#define ASN1_F_ASN1_SEQ_UNPACK 127
-#define ASN1_F_ASN1_SIGN 128
-#define ASN1_F_ASN1_STR2TYPE 179
-#define ASN1_F_ASN1_STRING_SET 186
-#define ASN1_F_ASN1_STRING_TABLE_ADD 129
-#define ASN1_F_ASN1_STRING_TYPE_NEW 130
-#define ASN1_F_ASN1_TEMPLATE_EX_D2I 132
-#define ASN1_F_ASN1_TEMPLATE_NEW 133
-#define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131
-#define ASN1_F_ASN1_TIME_SET 175
-#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
-#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
-#define ASN1_F_ASN1_UNPACK_STRING 136
-#define ASN1_F_ASN1_UTCTIME_SET 187
-#define ASN1_F_ASN1_VERIFY 137
-#define ASN1_F_B64_READ_ASN1 208
-#define ASN1_F_B64_WRITE_ASN1 209
-#define ASN1_F_BITSTR_CB 180
-#define ASN1_F_BN_TO_ASN1_ENUMERATED 138
-#define ASN1_F_BN_TO_ASN1_INTEGER 139
-#define ASN1_F_C2I_ASN1_BIT_STRING 189
-#define ASN1_F_C2I_ASN1_INTEGER 194
-#define ASN1_F_C2I_ASN1_OBJECT 196
-#define ASN1_F_COLLECT_DATA 140
-#define ASN1_F_D2I_ASN1_BIT_STRING 141
-#define ASN1_F_D2I_ASN1_BOOLEAN 142
-#define ASN1_F_D2I_ASN1_BYTES 143
-#define ASN1_F_D2I_ASN1_GENERALIZEDTIME 144
-#define ASN1_F_D2I_ASN1_HEADER 145
-#define ASN1_F_D2I_ASN1_INTEGER 146
-#define ASN1_F_D2I_ASN1_OBJECT 147
-#define ASN1_F_D2I_ASN1_SET 148
-#define ASN1_F_D2I_ASN1_TYPE_BYTES 149
-#define ASN1_F_D2I_ASN1_UINTEGER 150
-#define ASN1_F_D2I_ASN1_UTCTIME 151
-#define ASN1_F_D2I_NETSCAPE_RSA 152
-#define ASN1_F_D2I_NETSCAPE_RSA_2 153
-#define ASN1_F_D2I_PRIVATEKEY 154
-#define ASN1_F_D2I_PUBLICKEY 155
-#define ASN1_F_D2I_RSA_NET 200
-#define ASN1_F_D2I_RSA_NET_2 201
-#define ASN1_F_D2I_X509 156
-#define ASN1_F_D2I_X509_CINF 157
-#define ASN1_F_D2I_X509_PKEY 159
-#define ASN1_F_I2D_ASN1_SET 188
-#define ASN1_F_I2D_ASN1_TIME 160
-#define ASN1_F_I2D_DSA_PUBKEY 161
-#define ASN1_F_I2D_EC_PUBKEY 181
-#define ASN1_F_I2D_PRIVATEKEY 163
-#define ASN1_F_I2D_PUBLICKEY 164
-#define ASN1_F_I2D_RSA_NET 162
-#define ASN1_F_I2D_RSA_PUBKEY 165
-#define ASN1_F_LONG_C2I 166
-#define ASN1_F_OID_MODULE_INIT 174
-#define ASN1_F_PARSE_TAGGING 182
-#define ASN1_F_PKCS5_PBE2_SET 167
-#define ASN1_F_PKCS5_PBE_SET 202
-#define ASN1_F_SMIME_READ_ASN1 210
-#define ASN1_F_SMIME_TEXT 211
-#define ASN1_F_X509_CINF_NEW 168
-#define ASN1_F_X509_CRL_ADD0_REVOKED 169
-#define ASN1_F_X509_INFO_NEW 170
-#define ASN1_F_X509_NAME_ENCODE 203
-#define ASN1_F_X509_NAME_EX_D2I 158
-#define ASN1_F_X509_NAME_EX_NEW 171
-#define ASN1_F_X509_NEW 172
-#define ASN1_F_X509_PKEY_NEW 173
+# define ASN1_F_A2D_ASN1_OBJECT 100
+# define ASN1_F_A2I_ASN1_ENUMERATED 101
+# define ASN1_F_A2I_ASN1_INTEGER 102
+# define ASN1_F_A2I_ASN1_STRING 103
+# define ASN1_F_APPEND_EXP 176
+# define ASN1_F_ASN1_BIT_STRING_SET_BIT 183
+# define ASN1_F_ASN1_CB 177
+# define ASN1_F_ASN1_CHECK_TLEN 104
+# define ASN1_F_ASN1_COLLATE_PRIMITIVE 105
+# define ASN1_F_ASN1_COLLECT 106
+# define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108
+# define ASN1_F_ASN1_D2I_FP 109
+# define ASN1_F_ASN1_D2I_READ_BIO 107
+# define ASN1_F_ASN1_DIGEST 184
+# define ASN1_F_ASN1_DO_ADB 110
+# define ASN1_F_ASN1_DUP 111
+# define ASN1_F_ASN1_ENUMERATED_SET 112
+# define ASN1_F_ASN1_ENUMERATED_TO_BN 113
+# define ASN1_F_ASN1_EX_C2I 204
+# define ASN1_F_ASN1_FIND_END 190
+# define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216
+# define ASN1_F_ASN1_GENERALIZEDTIME_SET 185
+# define ASN1_F_ASN1_GENERATE_V3 178
+# define ASN1_F_ASN1_GET_OBJECT 114
+# define ASN1_F_ASN1_HEADER_NEW 115
+# define ASN1_F_ASN1_I2D_BIO 116
+# define ASN1_F_ASN1_I2D_FP 117
+# define ASN1_F_ASN1_INTEGER_SET 118
+# define ASN1_F_ASN1_INTEGER_TO_BN 119
+# define ASN1_F_ASN1_ITEM_D2I_FP 206
+# define ASN1_F_ASN1_ITEM_DUP 191
+# define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW 121
+# define ASN1_F_ASN1_ITEM_EX_D2I 120
+# define ASN1_F_ASN1_ITEM_I2D_BIO 192
+# define ASN1_F_ASN1_ITEM_I2D_FP 193
+# define ASN1_F_ASN1_ITEM_PACK 198
+# define ASN1_F_ASN1_ITEM_SIGN 195
+# define ASN1_F_ASN1_ITEM_SIGN_CTX 220
+# define ASN1_F_ASN1_ITEM_UNPACK 199
+# define ASN1_F_ASN1_ITEM_VERIFY 197
+# define ASN1_F_ASN1_MBSTRING_NCOPY 122
+# define ASN1_F_ASN1_OBJECT_NEW 123
+# define ASN1_F_ASN1_OUTPUT_DATA 214
+# define ASN1_F_ASN1_PACK_STRING 124
+# define ASN1_F_ASN1_PCTX_NEW 205
+# define ASN1_F_ASN1_PKCS5_PBE_SET 125
+# define ASN1_F_ASN1_SEQ_PACK 126
+# define ASN1_F_ASN1_SEQ_UNPACK 127
+# define ASN1_F_ASN1_SIGN 128
+# define ASN1_F_ASN1_STR2TYPE 179
+# define ASN1_F_ASN1_STRING_SET 186
+# define ASN1_F_ASN1_STRING_TABLE_ADD 129
+# define ASN1_F_ASN1_STRING_TYPE_NEW 130
+# define ASN1_F_ASN1_TEMPLATE_EX_D2I 132
+# define ASN1_F_ASN1_TEMPLATE_NEW 133
+# define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131
+# define ASN1_F_ASN1_TIME_ADJ 217
+# define ASN1_F_ASN1_TIME_SET 175
+# define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
+# define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
+# define ASN1_F_ASN1_UNPACK_STRING 136
+# define ASN1_F_ASN1_UTCTIME_ADJ 218
+# define ASN1_F_ASN1_UTCTIME_SET 187
+# define ASN1_F_ASN1_VERIFY 137
+# define ASN1_F_B64_READ_ASN1 209
+# define ASN1_F_B64_WRITE_ASN1 210
+# define ASN1_F_BIO_NEW_NDEF 208
+# define ASN1_F_BITSTR_CB 180
+# define ASN1_F_BN_TO_ASN1_ENUMERATED 138
+# define ASN1_F_BN_TO_ASN1_INTEGER 139
+# define ASN1_F_C2I_ASN1_BIT_STRING 189
+# define ASN1_F_C2I_ASN1_INTEGER 194
+# define ASN1_F_C2I_ASN1_OBJECT 196
+# define ASN1_F_COLLECT_DATA 140
+# define ASN1_F_D2I_ASN1_BIT_STRING 141
+# define ASN1_F_D2I_ASN1_BOOLEAN 142
+# define ASN1_F_D2I_ASN1_BYTES 143
+# define ASN1_F_D2I_ASN1_GENERALIZEDTIME 144
+# define ASN1_F_D2I_ASN1_HEADER 145
+# define ASN1_F_D2I_ASN1_INTEGER 146
+# define ASN1_F_D2I_ASN1_OBJECT 147
+# define ASN1_F_D2I_ASN1_SET 148
+# define ASN1_F_D2I_ASN1_TYPE_BYTES 149
+# define ASN1_F_D2I_ASN1_UINTEGER 150
+# define ASN1_F_D2I_ASN1_UTCTIME 151
+# define ASN1_F_D2I_AUTOPRIVATEKEY 207
+# define ASN1_F_D2I_NETSCAPE_RSA 152
+# define ASN1_F_D2I_NETSCAPE_RSA_2 153
+# define ASN1_F_D2I_PRIVATEKEY 154
+# define ASN1_F_D2I_PUBLICKEY 155
+# define ASN1_F_D2I_RSA_NET 200
+# define ASN1_F_D2I_RSA_NET_2 201
+# define ASN1_F_D2I_X509 156
+# define ASN1_F_D2I_X509_CINF 157
+# define ASN1_F_D2I_X509_PKEY 159
+# define ASN1_F_I2D_ASN1_BIO_STREAM 211
+# define ASN1_F_I2D_ASN1_SET 188
+# define ASN1_F_I2D_ASN1_TIME 160
+# define ASN1_F_I2D_DSA_PUBKEY 161
+# define ASN1_F_I2D_EC_PUBKEY 181
+# define ASN1_F_I2D_PRIVATEKEY 163
+# define ASN1_F_I2D_PUBLICKEY 164
+# define ASN1_F_I2D_RSA_NET 162
+# define ASN1_F_I2D_RSA_PUBKEY 165
+# define ASN1_F_LONG_C2I 166
+# define ASN1_F_OID_MODULE_INIT 174
+# define ASN1_F_PARSE_TAGGING 182
+# define ASN1_F_PKCS5_PBE2_SET_IV 167
+# define ASN1_F_PKCS5_PBE_SET 202
+# define ASN1_F_PKCS5_PBE_SET0_ALGOR 215
+# define ASN1_F_PKCS5_PBKDF2_SET 219
+# define ASN1_F_SMIME_READ_ASN1 212
+# define ASN1_F_SMIME_TEXT 213
+# define ASN1_F_X509_CINF_NEW 168
+# define ASN1_F_X509_CRL_ADD0_REVOKED 169
+# define ASN1_F_X509_INFO_NEW 170
+# define ASN1_F_X509_NAME_ENCODE 203
+# define ASN1_F_X509_NAME_EX_D2I 158
+# define ASN1_F_X509_NAME_EX_NEW 171
+# define ASN1_F_X509_NEW 172
+# define ASN1_F_X509_PKEY_NEW 173
/* Reason codes. */
-#define ASN1_R_ADDING_OBJECT 171
-#define ASN1_R_ASN1_PARSE_ERROR 198
-#define ASN1_R_ASN1_SIG_PARSE_ERROR 199
-#define ASN1_R_AUX_ERROR 100
-#define ASN1_R_BAD_CLASS 101
-#define ASN1_R_BAD_OBJECT_HEADER 102
-#define ASN1_R_BAD_PASSWORD_READ 103
-#define ASN1_R_BAD_TAG 104
-#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 210
-#define ASN1_R_BN_LIB 105
-#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
-#define ASN1_R_BUFFER_TOO_SMALL 107
-#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108
-#define ASN1_R_DATA_IS_WRONG 109
-#define ASN1_R_DECODE_ERROR 110
-#define ASN1_R_DECODING_ERROR 111
-#define ASN1_R_DEPTH_EXCEEDED 174
-#define ASN1_R_ENCODE_ERROR 112
-#define ASN1_R_ERROR_GETTING_TIME 173
-#define ASN1_R_ERROR_LOADING_SECTION 172
-#define ASN1_R_ERROR_PARSING_SET_ELEMENT 113
-#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114
-#define ASN1_R_EXPECTING_AN_INTEGER 115
-#define ASN1_R_EXPECTING_AN_OBJECT 116
-#define ASN1_R_EXPECTING_A_BOOLEAN 117
-#define ASN1_R_EXPECTING_A_TIME 118
-#define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119
-#define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120
-#define ASN1_R_FIELD_MISSING 121
-#define ASN1_R_FIRST_NUM_TOO_LARGE 122
-#define ASN1_R_HEADER_TOO_LONG 123
-#define ASN1_R_ILLEGAL_BITSTRING_FORMAT 175
-#define ASN1_R_ILLEGAL_BOOLEAN 176
-#define ASN1_R_ILLEGAL_CHARACTERS 124
-#define ASN1_R_ILLEGAL_FORMAT 177
-#define ASN1_R_ILLEGAL_HEX 178
-#define ASN1_R_ILLEGAL_IMPLICIT_TAG 179
-#define ASN1_R_ILLEGAL_INTEGER 180
-#define ASN1_R_ILLEGAL_NESTED_TAGGING 181
-#define ASN1_R_ILLEGAL_NULL 125
-#define ASN1_R_ILLEGAL_NULL_VALUE 182
-#define ASN1_R_ILLEGAL_OBJECT 183
-#define ASN1_R_ILLEGAL_OPTIONAL_ANY 126
-#define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170
-#define ASN1_R_ILLEGAL_TAGGED_ANY 127
-#define ASN1_R_ILLEGAL_TIME_VALUE 184
-#define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
-#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
-#define ASN1_R_INVALID_BMPSTRING_LENGTH 129
-#define ASN1_R_INVALID_DIGIT 130
-#define ASN1_R_INVALID_MIME_TYPE 200
-#define ASN1_R_INVALID_MODIFIER 186
-#define ASN1_R_INVALID_NUMBER 187
-#define ASN1_R_INVALID_OBJECT_ENCODING 212
-#define ASN1_R_INVALID_SEPARATOR 131
-#define ASN1_R_INVALID_TIME_FORMAT 132
-#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
-#define ASN1_R_INVALID_UTF8STRING 134
-#define ASN1_R_IV_TOO_LARGE 135
-#define ASN1_R_LENGTH_ERROR 136
-#define ASN1_R_LIST_ERROR 188
-#define ASN1_R_MIME_NO_CONTENT_TYPE 201
-#define ASN1_R_MIME_PARSE_ERROR 202
-#define ASN1_R_MIME_SIG_PARSE_ERROR 203
-#define ASN1_R_MISSING_EOC 137
-#define ASN1_R_MISSING_SECOND_NUMBER 138
-#define ASN1_R_MISSING_VALUE 189
-#define ASN1_R_MSTRING_NOT_UNIVERSAL 139
-#define ASN1_R_MSTRING_WRONG_TAG 140
-#define ASN1_R_NESTED_ASN1_STRING 197
-#define ASN1_R_NON_HEX_CHARACTERS 141
-#define ASN1_R_NOT_ASCII_FORMAT 190
-#define ASN1_R_NOT_ENOUGH_DATA 142
-#define ASN1_R_NO_CONTENT_TYPE 204
-#define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
-#define ASN1_R_NO_MULTIPART_BODY_FAILURE 205
-#define ASN1_R_NO_MULTIPART_BOUNDARY 206
-#define ASN1_R_NO_SIG_CONTENT_TYPE 207
-#define ASN1_R_NULL_IS_WRONG_LENGTH 144
-#define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191
-#define ASN1_R_ODD_NUMBER_OF_CHARS 145
-#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146
-#define ASN1_R_SECOND_NUMBER_TOO_LARGE 147
-#define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148
-#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149
-#define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192
-#define ASN1_R_SHORT_LINE 150
-#define ASN1_R_SIG_INVALID_MIME_TYPE 208
-#define ASN1_R_STREAMING_NOT_SUPPORTED 209
-#define ASN1_R_STRING_TOO_LONG 151
-#define ASN1_R_STRING_TOO_SHORT 152
-#define ASN1_R_TAG_VALUE_TOO_HIGH 153
-#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
-#define ASN1_R_TIME_NOT_ASCII_FORMAT 193
-#define ASN1_R_TOO_LONG 155
-#define ASN1_R_TYPE_NOT_CONSTRUCTED 156
-#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157
-#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158
-#define ASN1_R_UNEXPECTED_EOC 159
-#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 211
-#define ASN1_R_UNKNOWN_FORMAT 160
-#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
-#define ASN1_R_UNKNOWN_OBJECT_TYPE 162
-#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163
-#define ASN1_R_UNKNOWN_TAG 194
-#define ASN1_R_UNKOWN_FORMAT 195
-#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164
-#define ASN1_R_UNSUPPORTED_CIPHER 165
-#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166
-#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
-#define ASN1_R_UNSUPPORTED_TYPE 196
-#define ASN1_R_WRONG_TAG 168
-#define ASN1_R_WRONG_TYPE 169
+# define ASN1_R_ADDING_OBJECT 171
+# define ASN1_R_ASN1_PARSE_ERROR 203
+# define ASN1_R_ASN1_SIG_PARSE_ERROR 204
+# define ASN1_R_AUX_ERROR 100
+# define ASN1_R_BAD_CLASS 101
+# define ASN1_R_BAD_OBJECT_HEADER 102
+# define ASN1_R_BAD_PASSWORD_READ 103
+# define ASN1_R_BAD_TAG 104
+# define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214
+# define ASN1_R_BN_LIB 105
+# define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
+# define ASN1_R_BUFFER_TOO_SMALL 107
+# define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108
+# define ASN1_R_CONTEXT_NOT_INITIALISED 217
+# define ASN1_R_DATA_IS_WRONG 109
+# define ASN1_R_DECODE_ERROR 110
+# define ASN1_R_DECODING_ERROR 111
+# define ASN1_R_DEPTH_EXCEEDED 174
+# define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198
+# define ASN1_R_ENCODE_ERROR 112
+# define ASN1_R_ERROR_GETTING_TIME 173
+# define ASN1_R_ERROR_LOADING_SECTION 172
+# define ASN1_R_ERROR_PARSING_SET_ELEMENT 113
+# define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114
+# define ASN1_R_EXPECTING_AN_INTEGER 115
+# define ASN1_R_EXPECTING_AN_OBJECT 116
+# define ASN1_R_EXPECTING_A_BOOLEAN 117
+# define ASN1_R_EXPECTING_A_TIME 118
+# define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119
+# define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120
+# define ASN1_R_FIELD_MISSING 121
+# define ASN1_R_FIRST_NUM_TOO_LARGE 122
+# define ASN1_R_HEADER_TOO_LONG 123
+# define ASN1_R_ILLEGAL_BITSTRING_FORMAT 175
+# define ASN1_R_ILLEGAL_BOOLEAN 176
+# define ASN1_R_ILLEGAL_CHARACTERS 124
+# define ASN1_R_ILLEGAL_FORMAT 177
+# define ASN1_R_ILLEGAL_HEX 178
+# define ASN1_R_ILLEGAL_IMPLICIT_TAG 179
+# define ASN1_R_ILLEGAL_INTEGER 180
+# define ASN1_R_ILLEGAL_NESTED_TAGGING 181
+# define ASN1_R_ILLEGAL_NULL 125
+# define ASN1_R_ILLEGAL_NULL_VALUE 182
+# define ASN1_R_ILLEGAL_OBJECT 183
+# define ASN1_R_ILLEGAL_OPTIONAL_ANY 126
+# define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170
+# define ASN1_R_ILLEGAL_TAGGED_ANY 127
+# define ASN1_R_ILLEGAL_TIME_VALUE 184
+# define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
+# define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
+# define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
+# define ASN1_R_INVALID_BMPSTRING_LENGTH 129
+# define ASN1_R_INVALID_DIGIT 130
+# define ASN1_R_INVALID_MIME_TYPE 205
+# define ASN1_R_INVALID_MODIFIER 186
+# define ASN1_R_INVALID_NUMBER 187
+# define ASN1_R_INVALID_OBJECT_ENCODING 216
+# define ASN1_R_INVALID_SEPARATOR 131
+# define ASN1_R_INVALID_TIME_FORMAT 132
+# define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
+# define ASN1_R_INVALID_UTF8STRING 134
+# define ASN1_R_IV_TOO_LARGE 135
+# define ASN1_R_LENGTH_ERROR 136
+# define ASN1_R_LIST_ERROR 188
+# define ASN1_R_MIME_NO_CONTENT_TYPE 206
+# define ASN1_R_MIME_PARSE_ERROR 207
+# define ASN1_R_MIME_SIG_PARSE_ERROR 208
+# define ASN1_R_MISSING_EOC 137
+# define ASN1_R_MISSING_SECOND_NUMBER 138
+# define ASN1_R_MISSING_VALUE 189
+# define ASN1_R_MSTRING_NOT_UNIVERSAL 139
+# define ASN1_R_MSTRING_WRONG_TAG 140
+# define ASN1_R_NESTED_ASN1_STRING 197
+# define ASN1_R_NON_HEX_CHARACTERS 141
+# define ASN1_R_NOT_ASCII_FORMAT 190
+# define ASN1_R_NOT_ENOUGH_DATA 142
+# define ASN1_R_NO_CONTENT_TYPE 209
+# define ASN1_R_NO_DEFAULT_DIGEST 201
+# define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
+# define ASN1_R_NO_MULTIPART_BODY_FAILURE 210
+# define ASN1_R_NO_MULTIPART_BOUNDARY 211
+# define ASN1_R_NO_SIG_CONTENT_TYPE 212
+# define ASN1_R_NULL_IS_WRONG_LENGTH 144
+# define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191
+# define ASN1_R_ODD_NUMBER_OF_CHARS 145
+# define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146
+# define ASN1_R_SECOND_NUMBER_TOO_LARGE 147
+# define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148
+# define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149
+# define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192
+# define ASN1_R_SHORT_LINE 150
+# define ASN1_R_SIG_INVALID_MIME_TYPE 213
+# define ASN1_R_STREAMING_NOT_SUPPORTED 202
+# define ASN1_R_STRING_TOO_LONG 151
+# define ASN1_R_STRING_TOO_SHORT 152
+# define ASN1_R_TAG_VALUE_TOO_HIGH 153
+# define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
+# define ASN1_R_TIME_NOT_ASCII_FORMAT 193
+# define ASN1_R_TOO_LONG 155
+# define ASN1_R_TYPE_NOT_CONSTRUCTED 156
+# define ASN1_R_TYPE_NOT_PRIMITIVE 218
+# define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157
+# define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158
+# define ASN1_R_UNEXPECTED_EOC 159
+# define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215
+# define ASN1_R_UNKNOWN_FORMAT 160
+# define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
+# define ASN1_R_UNKNOWN_OBJECT_TYPE 162
+# define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163
+# define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199
+# define ASN1_R_UNKNOWN_TAG 194
+# define ASN1_R_UNKOWN_FORMAT 195
+# define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164
+# define ASN1_R_UNSUPPORTED_CIPHER 165
+# define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166
+# define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
+# define ASN1_R_UNSUPPORTED_TYPE 196
+# define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200
+# define ASN1_R_WRONG_TAG 168
+# define ASN1_R_WRONG_TYPE 169
#ifdef __cplusplus
}
diff --git a/Cryptlib/Include/openssl/asn1_mac.h b/Cryptlib/Include/openssl/asn1_mac.h
index d958ca6..abc6dc3 100644
--- a/Cryptlib/Include/openssl/asn1_mac.h
+++ b/Cryptlib/Include/openssl/asn1_mac.h
@@ -5,21 +5,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,10 +34,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
@@ -57,513 +57,521 @@
*/
#ifndef HEADER_ASN1_MAC_H
-#define HEADER_ASN1_MAC_H
+# define HEADER_ASN1_MAC_H
-#include
+# include
#ifdef __cplusplus
extern "C" {
#endif
-#ifndef ASN1_MAC_ERR_LIB
-#define ASN1_MAC_ERR_LIB ERR_LIB_ASN1
-#endif
+# ifndef ASN1_MAC_ERR_LIB
+# define ASN1_MAC_ERR_LIB ERR_LIB_ASN1
+# endif
-#define ASN1_MAC_H_err(f,r,line) \
- ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line))
+# define ASN1_MAC_H_err(f,r,line) \
+ ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line))
-#define M_ASN1_D2I_vars(a,type,func) \
- ASN1_const_CTX c; \
- type ret=NULL; \
- \
- c.pp=(const unsigned char **)pp; \
- c.q= *(const unsigned char **)pp; \
- c.error=ERR_R_NESTED_ASN1_ERROR; \
- if ((a == NULL) || ((*a) == NULL)) \
- { if ((ret=(type)func()) == NULL) \
- { c.line=__LINE__; goto err; } } \
- else ret=(*a);
+# define M_ASN1_D2I_vars(a,type,func) \
+ ASN1_const_CTX c; \
+ type ret=NULL; \
+ \
+ c.pp=(const unsigned char **)pp; \
+ c.q= *(const unsigned char **)pp; \
+ c.error=ERR_R_NESTED_ASN1_ERROR; \
+ if ((a == NULL) || ((*a) == NULL)) \
+ { if ((ret=(type)func()) == NULL) \
+ { c.line=__LINE__; goto err; } } \
+ else ret=(*a);
-#define M_ASN1_D2I_Init() \
- c.p= *(const unsigned char **)pp; \
- c.max=(length == 0)?0:(c.p+length);
+# define M_ASN1_D2I_Init() \
+ c.p= *(const unsigned char **)pp; \
+ c.max=(length == 0)?0:(c.p+length);
-#define M_ASN1_D2I_Finish_2(a) \
- if (!asn1_const_Finish(&c)) \
- { c.line=__LINE__; goto err; } \
- *(const unsigned char **)pp=c.p; \
- if (a != NULL) (*a)=ret; \
- return(ret);
+# define M_ASN1_D2I_Finish_2(a) \
+ if (!asn1_const_Finish(&c)) \
+ { c.line=__LINE__; goto err; } \
+ *(const unsigned char **)pp=c.p; \
+ if (a != NULL) (*a)=ret; \
+ return(ret);
-#define M_ASN1_D2I_Finish(a,func,e) \
- M_ASN1_D2I_Finish_2(a); \
+# define M_ASN1_D2I_Finish(a,func,e) \
+ M_ASN1_D2I_Finish_2(a); \
err:\
- ASN1_MAC_H_err((e),c.error,c.line); \
- asn1_add_error(*(const unsigned char **)pp,(int)(c.q- *pp)); \
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
- return(NULL)
+ ASN1_MAC_H_err((e),c.error,c.line); \
+ asn1_add_error(*(const unsigned char **)pp,(int)(c.q- *pp)); \
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
+ return(NULL)
-#define M_ASN1_D2I_start_sequence() \
- if (!asn1_GetSequence(&c,&length)) \
- { c.line=__LINE__; goto err; }
+# define M_ASN1_D2I_start_sequence() \
+ if (!asn1_GetSequence(&c,&length)) \
+ { c.line=__LINE__; goto err; }
/* Begin reading ASN1 without a surrounding sequence */
-#define M_ASN1_D2I_begin() \
- c.slen = length;
+# define M_ASN1_D2I_begin() \
+ c.slen = length;
/* End reading ASN1 with no check on length */
-#define M_ASN1_D2I_Finish_nolen(a, func, e) \
- *pp=c.p; \
- if (a != NULL) (*a)=ret; \
- return(ret); \
+# define M_ASN1_D2I_Finish_nolen(a, func, e) \
+ *pp=c.p; \
+ if (a != NULL) (*a)=ret; \
+ return(ret); \
err:\
- ASN1_MAC_H_err((e),c.error,c.line); \
- asn1_add_error(*pp,(int)(c.q- *pp)); \
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
- return(NULL)
+ ASN1_MAC_H_err((e),c.error,c.line); \
+ asn1_add_error(*pp,(int)(c.q- *pp)); \
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
+ return(NULL)
-#define M_ASN1_D2I_end_sequence() \
- (((c.inf&1) == 0)?(c.slen <= 0): \
- (c.eos=ASN1_const_check_infinite_end(&c.p,c.slen)))
+# define M_ASN1_D2I_end_sequence() \
+ (((c.inf&1) == 0)?(c.slen <= 0): \
+ (c.eos=ASN1_const_check_infinite_end(&c.p,c.slen)))
/* Don't use this with d2i_ASN1_BOOLEAN() */
-#define M_ASN1_D2I_get(b, func) \
- c.q=c.p; \
- if (func(&(b),&c.p,c.slen) == NULL) \
- {c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
+# define M_ASN1_D2I_get(b, func) \
+ c.q=c.p; \
+ if (func(&(b),&c.p,c.slen) == NULL) \
+ {c.line=__LINE__; goto err; } \
+ c.slen-=(c.p-c.q);
/* Don't use this with d2i_ASN1_BOOLEAN() */
-#define M_ASN1_D2I_get_x(type,b,func) \
- c.q=c.p; \
- if (((D2I_OF(type))func)(&(b),&c.p,c.slen) == NULL) \
- {c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
+# define M_ASN1_D2I_get_x(type,b,func) \
+ c.q=c.p; \
+ if (((D2I_OF(type))func)(&(b),&c.p,c.slen) == NULL) \
+ {c.line=__LINE__; goto err; } \
+ c.slen-=(c.p-c.q);
/* use this instead () */
-#define M_ASN1_D2I_get_int(b,func) \
- c.q=c.p; \
- if (func(&(b),&c.p,c.slen) < 0) \
- {c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
+# define M_ASN1_D2I_get_int(b,func) \
+ c.q=c.p; \
+ if (func(&(b),&c.p,c.slen) < 0) \
+ {c.line=__LINE__; goto err; } \
+ c.slen-=(c.p-c.q);
-#define M_ASN1_D2I_get_opt(b,func,type) \
- if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
- == (V_ASN1_UNIVERSAL|(type)))) \
- { \
- M_ASN1_D2I_get(b,func); \
- }
+# define M_ASN1_D2I_get_opt(b,func,type) \
+ if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
+ == (V_ASN1_UNIVERSAL|(type)))) \
+ { \
+ M_ASN1_D2I_get(b,func); \
+ }
-#define M_ASN1_D2I_get_imp(b,func, type) \
- M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
- c.q=c.p; \
- if (func(&(b),&c.p,c.slen) == NULL) \
- {c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \
- c.slen-=(c.p-c.q);\
- M_ASN1_next_prev=_tmp;
+# define M_ASN1_D2I_get_int_opt(b,func,type) \
+ if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
+ == (V_ASN1_UNIVERSAL|(type)))) \
+ { \
+ M_ASN1_D2I_get_int(b,func); \
+ }
-#define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \
- if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \
- (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \
- { \
- unsigned char _tmp = M_ASN1_next; \
- M_ASN1_D2I_get_imp(b,func, type);\
- }
+# define M_ASN1_D2I_get_imp(b,func, type) \
+ M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
+ c.q=c.p; \
+ if (func(&(b),&c.p,c.slen) == NULL) \
+ {c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \
+ c.slen-=(c.p-c.q);\
+ M_ASN1_next_prev=_tmp;
-#define M_ASN1_D2I_get_set(r,func,free_func) \
- M_ASN1_D2I_get_imp_set(r,func,free_func, \
- V_ASN1_SET,V_ASN1_UNIVERSAL);
+# define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \
+ if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \
+ (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \
+ { \
+ unsigned char _tmp = M_ASN1_next; \
+ M_ASN1_D2I_get_imp(b,func, type);\
+ }
-#define M_ASN1_D2I_get_set_type(type,r,func,free_func) \
- M_ASN1_D2I_get_imp_set_type(type,r,func,free_func, \
- V_ASN1_SET,V_ASN1_UNIVERSAL);
+# define M_ASN1_D2I_get_set(r,func,free_func) \
+ M_ASN1_D2I_get_imp_set(r,func,free_func, \
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
-#define M_ASN1_D2I_get_set_opt(r,func,free_func) \
- if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
- V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
- { M_ASN1_D2I_get_set(r,func,free_func); }
+# define M_ASN1_D2I_get_set_type(type,r,func,free_func) \
+ M_ASN1_D2I_get_imp_set_type(type,r,func,free_func, \
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
-#define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \
- if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
- V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
- { M_ASN1_D2I_get_set_type(type,r,func,free_func); }
+# define M_ASN1_D2I_get_set_opt(r,func,free_func) \
+ if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
+ V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
+ { M_ASN1_D2I_get_set(r,func,free_func); }
-#define M_ASN1_I2D_len_SET_opt(a,f) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- M_ASN1_I2D_len_SET(a,f);
+# define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \
+ if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
+ V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
+ { M_ASN1_D2I_get_set_type(type,r,func,free_func); }
-#define M_ASN1_I2D_put_SET_opt(a,f) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- M_ASN1_I2D_put_SET(a,f);
+# define M_ASN1_I2D_len_SET_opt(a,f) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ M_ASN1_I2D_len_SET(a,f);
-#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- M_ASN1_I2D_put_SEQUENCE(a,f);
+# define M_ASN1_I2D_put_SET_opt(a,f) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ M_ASN1_I2D_put_SET(a,f);
-#define M_ASN1_I2D_put_SEQUENCE_opt_type(type,a,f) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
+# define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ M_ASN1_I2D_put_SEQUENCE(a,f);
-#define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \
- if ((c.slen != 0) && \
- (M_ASN1_next == \
- (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
- { \
- M_ASN1_D2I_get_imp_set(b,func,free_func,\
- tag,V_ASN1_CONTEXT_SPECIFIC); \
- }
+# define M_ASN1_I2D_put_SEQUENCE_opt_type(type,a,f) \
+ if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+ M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
-#define M_ASN1_D2I_get_IMP_set_opt_type(type,b,func,free_func,tag) \
- if ((c.slen != 0) && \
- (M_ASN1_next == \
- (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
- { \
- M_ASN1_D2I_get_imp_set_type(type,b,func,free_func,\
- tag,V_ASN1_CONTEXT_SPECIFIC); \
- }
+# define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \
+ if ((c.slen != 0) && \
+ (M_ASN1_next == \
+ (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
+ { \
+ M_ASN1_D2I_get_imp_set(b,func,free_func,\
+ tag,V_ASN1_CONTEXT_SPECIFIC); \
+ }
-#define M_ASN1_D2I_get_seq(r,func,free_func) \
- M_ASN1_D2I_get_imp_set(r,func,free_func,\
- V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+# define M_ASN1_D2I_get_IMP_set_opt_type(type,b,func,free_func,tag) \
+ if ((c.slen != 0) && \
+ (M_ASN1_next == \
+ (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
+ { \
+ M_ASN1_D2I_get_imp_set_type(type,b,func,free_func,\
+ tag,V_ASN1_CONTEXT_SPECIFIC); \
+ }
-#define M_ASN1_D2I_get_seq_type(type,r,func,free_func) \
- M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
- V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
+# define M_ASN1_D2I_get_seq(r,func,free_func) \
+ M_ASN1_D2I_get_imp_set(r,func,free_func,\
+ V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-#define M_ASN1_D2I_get_seq_opt(r,func,free_func) \
- if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
- V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
- { M_ASN1_D2I_get_seq(r,func,free_func); }
+# define M_ASN1_D2I_get_seq_type(type,r,func,free_func) \
+ M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
+ V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
-#define M_ASN1_D2I_get_seq_opt_type(type,r,func,free_func) \
- if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
- V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
- { M_ASN1_D2I_get_seq_type(type,r,func,free_func); }
+# define M_ASN1_D2I_get_seq_opt(r,func,free_func) \
+ if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
+ V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
+ { M_ASN1_D2I_get_seq(r,func,free_func); }
-#define M_ASN1_D2I_get_IMP_set(r,func,free_func,x) \
- M_ASN1_D2I_get_imp_set(r,func,free_func,\
- x,V_ASN1_CONTEXT_SPECIFIC);
+# define M_ASN1_D2I_get_seq_opt_type(type,r,func,free_func) \
+ if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
+ V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
+ { M_ASN1_D2I_get_seq_type(type,r,func,free_func); }
-#define M_ASN1_D2I_get_IMP_set_type(type,r,func,free_func,x) \
- M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
- x,V_ASN1_CONTEXT_SPECIFIC);
+# define M_ASN1_D2I_get_IMP_set(r,func,free_func,x) \
+ M_ASN1_D2I_get_imp_set(r,func,free_func,\
+ x,V_ASN1_CONTEXT_SPECIFIC);
-#define M_ASN1_D2I_get_imp_set(r,func,free_func,a,b) \
- c.q=c.p; \
- if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,\
- (void (*)())free_func,a,b) == NULL) \
- { c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
+# define M_ASN1_D2I_get_IMP_set_type(type,r,func,free_func,x) \
+ M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
+ x,V_ASN1_CONTEXT_SPECIFIC);
-#define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \
- c.q=c.p; \
- if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\
- free_func,a,b) == NULL) \
- { c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
+# define M_ASN1_D2I_get_imp_set(r,func,free_func,a,b) \
+ c.q=c.p; \
+ if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,\
+ (void (*)())free_func,a,b) == NULL) \
+ { c.line=__LINE__; goto err; } \
+ c.slen-=(c.p-c.q);
-#define M_ASN1_D2I_get_set_strings(r,func,a,b) \
- c.q=c.p; \
- if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
- { c.line=__LINE__; goto err; } \
- c.slen-=(c.p-c.q);
+# define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \
+ c.q=c.p; \
+ if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\
+ free_func,a,b) == NULL) \
+ { c.line=__LINE__; goto err; } \
+ c.slen-=(c.p-c.q);
-#define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
- if ((c.slen != 0L) && (M_ASN1_next == \
- (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
- { \
- int Tinf,Ttag,Tclass; \
- long Tlen; \
- \
- c.q=c.p; \
- Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
- if (Tinf & 0x80) \
- { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
- c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
- Tlen = c.slen - (c.p - c.q) - 2; \
- if (func(&(r),&c.p,Tlen) == NULL) \
- { c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
- Tlen = c.slen - (c.p - c.q); \
- if(!ASN1_const_check_infinite_end(&c.p, Tlen)) \
- { c.error=ERR_R_MISSING_ASN1_EOS; \
- c.line=__LINE__; goto err; } \
- }\
- c.slen-=(c.p-c.q); \
- }
+# define M_ASN1_D2I_get_set_strings(r,func,a,b) \
+ c.q=c.p; \
+ if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
+ { c.line=__LINE__; goto err; } \
+ c.slen-=(c.p-c.q);
-#define M_ASN1_D2I_get_EXP_set_opt(r,func,free_func,tag,b) \
- if ((c.slen != 0) && (M_ASN1_next == \
- (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
- { \
- int Tinf,Ttag,Tclass; \
- long Tlen; \
- \
- c.q=c.p; \
- Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
- if (Tinf & 0x80) \
- { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
- c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
- Tlen = c.slen - (c.p - c.q) - 2; \
- if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \
- (void (*)())free_func, \
- b,V_ASN1_UNIVERSAL) == NULL) \
- { c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
- Tlen = c.slen - (c.p - c.q); \
- if(!ASN1_check_infinite_end(&c.p, Tlen)) \
- { c.error=ERR_R_MISSING_ASN1_EOS; \
- c.line=__LINE__; goto err; } \
- }\
- c.slen-=(c.p-c.q); \
- }
+# define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
+ if ((c.slen != 0L) && (M_ASN1_next == \
+ (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
+ { \
+ int Tinf,Ttag,Tclass; \
+ long Tlen; \
+ \
+ c.q=c.p; \
+ Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
+ if (Tinf & 0x80) \
+ { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
+ c.line=__LINE__; goto err; } \
+ if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
+ Tlen = c.slen - (c.p - c.q) - 2; \
+ if (func(&(r),&c.p,Tlen) == NULL) \
+ { c.line=__LINE__; goto err; } \
+ if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
+ Tlen = c.slen - (c.p - c.q); \
+ if(!ASN1_const_check_infinite_end(&c.p, Tlen)) \
+ { c.error=ERR_R_MISSING_ASN1_EOS; \
+ c.line=__LINE__; goto err; } \
+ }\
+ c.slen-=(c.p-c.q); \
+ }
-#define M_ASN1_D2I_get_EXP_set_opt_type(type,r,func,free_func,tag,b) \
- if ((c.slen != 0) && (M_ASN1_next == \
- (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
- { \
- int Tinf,Ttag,Tclass; \
- long Tlen; \
- \
- c.q=c.p; \
- Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
- if (Tinf & 0x80) \
- { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
- c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
- Tlen = c.slen - (c.p - c.q) - 2; \
- if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \
- free_func,b,V_ASN1_UNIVERSAL) == NULL) \
- { c.line=__LINE__; goto err; } \
- if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
- Tlen = c.slen - (c.p - c.q); \
- if(!ASN1_check_infinite_end(&c.p, Tlen)) \
- { c.error=ERR_R_MISSING_ASN1_EOS; \
- c.line=__LINE__; goto err; } \
- }\
- c.slen-=(c.p-c.q); \
- }
+# define M_ASN1_D2I_get_EXP_set_opt(r,func,free_func,tag,b) \
+ if ((c.slen != 0) && (M_ASN1_next == \
+ (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
+ { \
+ int Tinf,Ttag,Tclass; \
+ long Tlen; \
+ \
+ c.q=c.p; \
+ Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
+ if (Tinf & 0x80) \
+ { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
+ c.line=__LINE__; goto err; } \
+ if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
+ Tlen = c.slen - (c.p - c.q) - 2; \
+ if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \
+ (void (*)())free_func, \
+ b,V_ASN1_UNIVERSAL) == NULL) \
+ { c.line=__LINE__; goto err; } \
+ if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
+ Tlen = c.slen - (c.p - c.q); \
+ if(!ASN1_check_infinite_end(&c.p, Tlen)) \
+ { c.error=ERR_R_MISSING_ASN1_EOS; \
+ c.line=__LINE__; goto err; } \
+ }\
+ c.slen-=(c.p-c.q); \
+ }
+
+# define M_ASN1_D2I_get_EXP_set_opt_type(type,r,func,free_func,tag,b) \
+ if ((c.slen != 0) && (M_ASN1_next == \
+ (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
+ { \
+ int Tinf,Ttag,Tclass; \
+ long Tlen; \
+ \
+ c.q=c.p; \
+ Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
+ if (Tinf & 0x80) \
+ { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
+ c.line=__LINE__; goto err; } \
+ if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
+ Tlen = c.slen - (c.p - c.q) - 2; \
+ if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \
+ free_func,b,V_ASN1_UNIVERSAL) == NULL) \
+ { c.line=__LINE__; goto err; } \
+ if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
+ Tlen = c.slen - (c.p - c.q); \
+ if(!ASN1_check_infinite_end(&c.p, Tlen)) \
+ { c.error=ERR_R_MISSING_ASN1_EOS; \
+ c.line=__LINE__; goto err; } \
+ }\
+ c.slen-=(c.p-c.q); \
+ }
/* New macros */
-#define M_ASN1_New_Malloc(ret,type) \
- if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \
- { c.line=__LINE__; goto err2; }
+# define M_ASN1_New_Malloc(ret,type) \
+ if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \
+ { c.line=__LINE__; goto err2; }
-#define M_ASN1_New(arg,func) \
- if (((arg)=func()) == NULL) return(NULL)
+# define M_ASN1_New(arg,func) \
+ if (((arg)=func()) == NULL) return(NULL)
-#define M_ASN1_New_Error(a) \
-/* err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \
- return(NULL);*/ \
- err2: ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \
- return(NULL)
+# define M_ASN1_New_Error(a) \
+/*- err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \
+ return(NULL);*/ \
+ err2: ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \
+ return(NULL)
-
-/* BIG UGLY WARNING! This is so damn ugly I wanna puke. Unfortunately,
- some macros that use ASN1_const_CTX still insist on writing in the input
- stream. ARGH! ARGH! ARGH! Let's get rid of this macro package.
- Please? -- Richard Levitte */
-#define M_ASN1_next (*((unsigned char *)(c.p)))
-#define M_ASN1_next_prev (*((unsigned char *)(c.q)))
+/*
+ * BIG UGLY WARNING! This is so damn ugly I wanna puke. Unfortunately, some
+ * macros that use ASN1_const_CTX still insist on writing in the input
+ * stream. ARGH! ARGH! ARGH! Let's get rid of this macro package. Please? --
+ * Richard Levitte
+ */
+# define M_ASN1_next (*((unsigned char *)(c.p)))
+# define M_ASN1_next_prev (*((unsigned char *)(c.q)))
/*************************************************/
-#define M_ASN1_I2D_vars(a) int r=0,ret=0; \
- unsigned char *p; \
- if (a == NULL) return(0)
+# define M_ASN1_I2D_vars(a) int r=0,ret=0; \
+ unsigned char *p; \
+ if (a == NULL) return(0)
/* Length Macros */
-#define M_ASN1_I2D_len(a,f) ret+=f(a,NULL)
-#define M_ASN1_I2D_len_IMP_opt(a,f) if (a != NULL) M_ASN1_I2D_len(a,f)
+# define M_ASN1_I2D_len(a,f) ret+=f(a,NULL)
+# define M_ASN1_I2D_len_IMP_opt(a,f) if (a != NULL) M_ASN1_I2D_len(a,f)
-#define M_ASN1_I2D_len_SET(a,f) \
- ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
+# define M_ASN1_I2D_len_SET(a,f) \
+ ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
-#define M_ASN1_I2D_len_SET_type(type,a,f) \
- ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SET, \
- V_ASN1_UNIVERSAL,IS_SET);
+# define M_ASN1_I2D_len_SET_type(type,a,f) \
+ ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SET, \
+ V_ASN1_UNIVERSAL,IS_SET);
-#define M_ASN1_I2D_len_SEQUENCE(a,f) \
- ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
- IS_SEQUENCE);
+# define M_ASN1_I2D_len_SEQUENCE(a,f) \
+ ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
+ IS_SEQUENCE);
-#define M_ASN1_I2D_len_SEQUENCE_type(type,a,f) \
- ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SEQUENCE, \
- V_ASN1_UNIVERSAL,IS_SEQUENCE)
+# define M_ASN1_I2D_len_SEQUENCE_type(type,a,f) \
+ ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SEQUENCE, \
+ V_ASN1_UNIVERSAL,IS_SEQUENCE)
-#define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- M_ASN1_I2D_len_SEQUENCE(a,f);
+# define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ M_ASN1_I2D_len_SEQUENCE(a,f);
-#define M_ASN1_I2D_len_SEQUENCE_opt_type(type,a,f) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
+# define M_ASN1_I2D_len_SEQUENCE_opt_type(type,a,f) \
+ if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+ M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
-#define M_ASN1_I2D_len_IMP_SET(a,f,x) \
- ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET);
+# define M_ASN1_I2D_len_IMP_SET(a,f,x) \
+ ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-#define M_ASN1_I2D_len_IMP_SET_type(type,a,f,x) \
- ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
- V_ASN1_CONTEXT_SPECIFIC,IS_SET);
+# define M_ASN1_I2D_len_IMP_SET_type(type,a,f,x) \
+ ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
+ V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-#define M_ASN1_I2D_len_IMP_SET_opt(a,f,x) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
- IS_SET);
+# define M_ASN1_I2D_len_IMP_SET_opt(a,f,x) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
+ IS_SET);
-#define M_ASN1_I2D_len_IMP_SET_opt_type(type,a,f,x) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
- V_ASN1_CONTEXT_SPECIFIC,IS_SET);
+# define M_ASN1_I2D_len_IMP_SET_opt_type(type,a,f,x) \
+ if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+ ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
+ V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-#define M_ASN1_I2D_len_IMP_SEQUENCE(a,f,x) \
- ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
- IS_SEQUENCE);
+# define M_ASN1_I2D_len_IMP_SEQUENCE(a,f,x) \
+ ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
+ IS_SEQUENCE);
-#define M_ASN1_I2D_len_IMP_SEQUENCE_opt(a,f,x) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
- IS_SEQUENCE);
+# define M_ASN1_I2D_len_IMP_SEQUENCE_opt(a,f,x) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
+ IS_SEQUENCE);
-#define M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(type,a,f,x) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
- V_ASN1_CONTEXT_SPECIFIC, \
- IS_SEQUENCE);
+# define M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(type,a,f,x) \
+ if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+ ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
+ V_ASN1_CONTEXT_SPECIFIC, \
+ IS_SEQUENCE);
-#define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
- if (a != NULL)\
- { \
- v=f(a,NULL); \
- ret+=ASN1_object_size(1,v,mtag); \
- }
+# define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
+ if (a != NULL)\
+ { \
+ v=f(a,NULL); \
+ ret+=ASN1_object_size(1,v,mtag); \
+ }
-#define M_ASN1_I2D_len_EXP_SET_opt(a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_num(a) != 0))\
- { \
- v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
- ret+=ASN1_object_size(1,v,mtag); \
- }
+# define M_ASN1_I2D_len_EXP_SET_opt(a,f,mtag,tag,v) \
+ if ((a != NULL) && (sk_num(a) != 0))\
+ { \
+ v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
+ ret+=ASN1_object_size(1,v,mtag); \
+ }
-#define M_ASN1_I2D_len_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_num(a) != 0))\
- { \
- v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL, \
- IS_SEQUENCE); \
- ret+=ASN1_object_size(1,v,mtag); \
- }
+# define M_ASN1_I2D_len_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
+ if ((a != NULL) && (sk_num(a) != 0))\
+ { \
+ v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL, \
+ IS_SEQUENCE); \
+ ret+=ASN1_object_size(1,v,mtag); \
+ }
-#define M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_##type##_num(a) != 0))\
- { \
- v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
- V_ASN1_UNIVERSAL, \
- IS_SEQUENCE); \
- ret+=ASN1_object_size(1,v,mtag); \
- }
+# define M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
+ if ((a != NULL) && (sk_##type##_num(a) != 0))\
+ { \
+ v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
+ V_ASN1_UNIVERSAL, \
+ IS_SEQUENCE); \
+ ret+=ASN1_object_size(1,v,mtag); \
+ }
/* Put Macros */
-#define M_ASN1_I2D_put(a,f) f(a,&p)
+# define M_ASN1_I2D_put(a,f) f(a,&p)
-#define M_ASN1_I2D_put_IMP_opt(a,f,t) \
- if (a != NULL) \
- { \
- unsigned char *q=p; \
- f(a,&p); \
- *q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\
- }
+# define M_ASN1_I2D_put_IMP_opt(a,f,t) \
+ if (a != NULL) \
+ { \
+ unsigned char *q=p; \
+ f(a,&p); \
+ *q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\
+ }
-#define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\
- V_ASN1_UNIVERSAL,IS_SET)
-#define M_ASN1_I2D_put_SET_type(type,a,f) \
+# define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\
+ V_ASN1_UNIVERSAL,IS_SET)
+# define M_ASN1_I2D_put_SET_type(type,a,f) \
i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET)
-#define M_ASN1_I2D_put_IMP_SET(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
- V_ASN1_CONTEXT_SPECIFIC,IS_SET)
-#define M_ASN1_I2D_put_IMP_SET_type(type,a,f,x) \
+# define M_ASN1_I2D_put_IMP_SET(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
+ V_ASN1_CONTEXT_SPECIFIC,IS_SET)
+# define M_ASN1_I2D_put_IMP_SET_type(type,a,f,x) \
i2d_ASN1_SET_OF_##type(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET)
-#define M_ASN1_I2D_put_IMP_SEQUENCE(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
- V_ASN1_CONTEXT_SPECIFIC,IS_SEQUENCE)
+# define M_ASN1_I2D_put_IMP_SEQUENCE(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
+ V_ASN1_CONTEXT_SPECIFIC,IS_SEQUENCE)
-#define M_ASN1_I2D_put_SEQUENCE(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\
- V_ASN1_UNIVERSAL,IS_SEQUENCE)
+# define M_ASN1_I2D_put_SEQUENCE(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\
+ V_ASN1_UNIVERSAL,IS_SEQUENCE)
-#define M_ASN1_I2D_put_SEQUENCE_type(type,a,f) \
+# define M_ASN1_I2D_put_SEQUENCE_type(type,a,f) \
i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
- IS_SEQUENCE)
+ IS_SEQUENCE)
-#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- M_ASN1_I2D_put_SEQUENCE(a,f);
+# define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ M_ASN1_I2D_put_SEQUENCE(a,f);
-#define M_ASN1_I2D_put_IMP_SET_opt(a,f,x) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
- IS_SET); }
+# define M_ASN1_I2D_put_IMP_SET_opt(a,f,x) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
+ IS_SET); }
-#define M_ASN1_I2D_put_IMP_SET_opt_type(type,a,f,x) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
- V_ASN1_CONTEXT_SPECIFIC, \
- IS_SET); }
+# define M_ASN1_I2D_put_IMP_SET_opt_type(type,a,f,x) \
+ if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+ { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
+ V_ASN1_CONTEXT_SPECIFIC, \
+ IS_SET); }
-#define M_ASN1_I2D_put_IMP_SEQUENCE_opt(a,f,x) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
- IS_SEQUENCE); }
+# define M_ASN1_I2D_put_IMP_SEQUENCE_opt(a,f,x) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
+ IS_SEQUENCE); }
-#define M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(type,a,f,x) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
- V_ASN1_CONTEXT_SPECIFIC, \
- IS_SEQUENCE); }
+# define M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(type,a,f,x) \
+ if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+ { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
+ V_ASN1_CONTEXT_SPECIFIC, \
+ IS_SEQUENCE); }
-#define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
- if (a != NULL) \
- { \
- ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \
- f(a,&p); \
- }
+# define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
+ if (a != NULL) \
+ { \
+ ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \
+ f(a,&p); \
+ }
-#define M_ASN1_I2D_put_EXP_SET_opt(a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- { \
- ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
- i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
- }
+# define M_ASN1_I2D_put_EXP_SET_opt(a,f,mtag,tag,v) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ { \
+ ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
+ i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
+ }
-#define M_ASN1_I2D_put_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_num(a) != 0)) \
- { \
- ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
- i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SEQUENCE); \
- }
+# define M_ASN1_I2D_put_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ { \
+ ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
+ i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SEQUENCE); \
+ }
-#define M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
- if ((a != NULL) && (sk_##type##_num(a) != 0)) \
- { \
- ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
- i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
- IS_SEQUENCE); \
- }
+# define M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
+ if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+ { \
+ ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
+ i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
+ IS_SEQUENCE); \
+ }
-#define M_ASN1_I2D_seq_total() \
- r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
- if (pp == NULL) return(r); \
- p= *pp; \
- ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
+# define M_ASN1_I2D_seq_total() \
+ r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
+ if (pp == NULL) return(r); \
+ p= *pp; \
+ ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
-#define M_ASN1_I2D_INF_seq_start(tag,ctx) \
- *(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \
- *(p++)=0x80
+# define M_ASN1_I2D_INF_seq_start(tag,ctx) \
+ *(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \
+ *(p++)=0x80
-#define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00
+# define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00
-#define M_ASN1_I2D_finish() *pp=p; \
- return(r);
+# define M_ASN1_I2D_finish() *pp=p; \
+ return(r);
int asn1_GetSequence(ASN1_const_CTX *c, long *length);
-void asn1_add_error(const unsigned char *address,int offset);
+void asn1_add_error(const unsigned char *address, int offset);
#ifdef __cplusplus
}
#endif
diff --git a/Cryptlib/Include/openssl/asn1t.h b/Cryptlib/Include/openssl/asn1t.h
index ac14f94..99bc0ee 100644
--- a/Cryptlib/Include/openssl/asn1t.h
+++ b/Cryptlib/Include/openssl/asn1t.h
@@ -1,16 +1,17 @@
/* asn1t.h */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
*/
/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@@ -56,16 +57,16 @@
*
*/
#ifndef HEADER_ASN1T_H
-#define HEADER_ASN1T_H
+# define HEADER_ASN1T_H
-#include
-#include
-#include
+# include
+# include
+# include
-#ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
+# ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
/* ASN1 template defines, structures and functions */
@@ -73,505 +74,514 @@
extern "C" {
#endif
-
-#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
-#define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr))
-
+# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr))
/* Macros for start and end of ASN1_ITEM definition */
-#define ASN1_ITEM_start(itname) \
- OPENSSL_GLOBAL const ASN1_ITEM itname##_it = {
+# define ASN1_ITEM_start(itname) \
+ OPENSSL_GLOBAL const ASN1_ITEM itname##_it = {
-#define ASN1_ITEM_end(itname) \
- };
+# define ASN1_ITEM_end(itname) \
+ };
-#else
+# else
/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
-#define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr()))
-
+# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr()))
/* Macros for start and end of ASN1_ITEM definition */
-#define ASN1_ITEM_start(itname) \
- const ASN1_ITEM * itname##_it(void) \
- { \
- static const ASN1_ITEM local_it = {
+# define ASN1_ITEM_start(itname) \
+ const ASN1_ITEM * itname##_it(void) \
+ { \
+ static const ASN1_ITEM local_it = {
-#define ASN1_ITEM_end(itname) \
- }; \
- return &local_it; \
- }
-
-#endif
+# define ASN1_ITEM_end(itname) \
+ }; \
+ return &local_it; \
+ }
+# endif
/* Macros to aid ASN1 template writing */
-#define ASN1_ITEM_TEMPLATE(tname) \
- static const ASN1_TEMPLATE tname##_item_tt
-
-#define ASN1_ITEM_TEMPLATE_END(tname) \
- ;\
- ASN1_ITEM_start(tname) \
- ASN1_ITYPE_PRIMITIVE,\
- -1,\
- &tname##_item_tt,\
- 0,\
- NULL,\
- 0,\
- #tname \
- ASN1_ITEM_end(tname)
+# define ASN1_ITEM_TEMPLATE(tname) \
+ static const ASN1_TEMPLATE tname##_item_tt
+# define ASN1_ITEM_TEMPLATE_END(tname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_PRIMITIVE,\
+ -1,\
+ &tname##_item_tt,\
+ 0,\
+ NULL,\
+ 0,\
+ #tname \
+ ASN1_ITEM_end(tname)
/* This is a ASN1 type which just embeds a template */
-
-/* This pair helps declare a SEQUENCE. We can do:
+
+/*-
+ * This pair helps declare a SEQUENCE. We can do:
*
- * ASN1_SEQUENCE(stname) = {
- * ... SEQUENCE components ...
- * } ASN1_SEQUENCE_END(stname)
+ * ASN1_SEQUENCE(stname) = {
+ * ... SEQUENCE components ...
+ * } ASN1_SEQUENCE_END(stname)
*
- * This will produce an ASN1_ITEM called stname_it
- * for a structure called stname.
+ * This will produce an ASN1_ITEM called stname_it
+ * for a structure called stname.
*
- * If you want the same structure but a different
- * name then use:
+ * If you want the same structure but a different
+ * name then use:
*
- * ASN1_SEQUENCE(itname) = {
- * ... SEQUENCE components ...
- * } ASN1_SEQUENCE_END_name(stname, itname)
+ * ASN1_SEQUENCE(itname) = {
+ * ... SEQUENCE components ...
+ * } ASN1_SEQUENCE_END_name(stname, itname)
*
- * This will create an item called itname_it using
- * a structure called stname.
+ * This will create an item called itname_it using
+ * a structure called stname.
*/
-#define ASN1_SEQUENCE(tname) \
- static const ASN1_TEMPLATE tname##_seq_tt[]
+# define ASN1_SEQUENCE(tname) \
+ static const ASN1_TEMPLATE tname##_seq_tt[]
-#define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
+# define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
-#define ASN1_SEQUENCE_END_name(stname, tname) \
- ;\
- ASN1_ITEM_start(tname) \
- ASN1_ITYPE_SEQUENCE,\
- V_ASN1_SEQUENCE,\
- tname##_seq_tt,\
- sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
- NULL,\
- sizeof(stname),\
- #stname \
- ASN1_ITEM_end(tname)
+# define ASN1_SEQUENCE_END_name(stname, tname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ NULL,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
-#define ASN1_NDEF_SEQUENCE(tname) \
- ASN1_SEQUENCE(tname)
+# define ASN1_NDEF_SEQUENCE(tname) \
+ ASN1_SEQUENCE(tname)
-#define ASN1_NDEF_SEQUENCE_cb(tname, cb) \
- ASN1_SEQUENCE_cb(tname, cb)
+# define ASN1_NDEF_SEQUENCE_cb(tname, cb) \
+ ASN1_SEQUENCE_cb(tname, cb)
-#define ASN1_SEQUENCE_cb(tname, cb) \
- static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
- ASN1_SEQUENCE(tname)
+# define ASN1_SEQUENCE_cb(tname, cb) \
+ static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
+ ASN1_SEQUENCE(tname)
-#define ASN1_BROKEN_SEQUENCE(tname) \
- static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
- ASN1_SEQUENCE(tname)
+# define ASN1_BROKEN_SEQUENCE(tname) \
+ static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
+ ASN1_SEQUENCE(tname)
-#define ASN1_SEQUENCE_ref(tname, cb, lck) \
- static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
- ASN1_SEQUENCE(tname)
+# define ASN1_SEQUENCE_ref(tname, cb, lck) \
+ static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
+ ASN1_SEQUENCE(tname)
-#define ASN1_SEQUENCE_enc(tname, enc, cb) \
- static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
- ASN1_SEQUENCE(tname)
+# define ASN1_SEQUENCE_enc(tname, enc, cb) \
+ static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
+ ASN1_SEQUENCE(tname)
-#define ASN1_NDEF_SEQUENCE_END(tname) \
- ;\
- ASN1_ITEM_start(tname) \
- ASN1_ITYPE_NDEF_SEQUENCE,\
- V_ASN1_SEQUENCE,\
- tname##_seq_tt,\
- sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
- NULL,\
- sizeof(tname),\
- #tname \
- ASN1_ITEM_end(tname)
+# define ASN1_NDEF_SEQUENCE_END(tname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_NDEF_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ NULL,\
+ sizeof(tname),\
+ #tname \
+ ASN1_ITEM_end(tname)
-#define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
+# define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
-#define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+# define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
-#define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+# define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
-#define ASN1_SEQUENCE_END_ref(stname, tname) \
- ;\
- ASN1_ITEM_start(tname) \
- ASN1_ITYPE_SEQUENCE,\
- V_ASN1_SEQUENCE,\
- tname##_seq_tt,\
- sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
- &tname##_aux,\
- sizeof(stname),\
- #stname \
- ASN1_ITEM_end(tname)
+# define ASN1_SEQUENCE_END_ref(stname, tname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ &tname##_aux,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
+# define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_NDEF_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ &tname##_aux,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
-/* This pair helps declare a CHOICE type. We can do:
+/*-
+ * This pair helps declare a CHOICE type. We can do:
*
- * ASN1_CHOICE(chname) = {
- * ... CHOICE options ...
- * ASN1_CHOICE_END(chname)
+ * ASN1_CHOICE(chname) = {
+ * ... CHOICE options ...
+ * ASN1_CHOICE_END(chname)
*
- * This will produce an ASN1_ITEM called chname_it
- * for a structure called chname. The structure
- * definition must look like this:
- * typedef struct {
- * int type;
- * union {
- * ASN1_SOMETHING *opt1;
- * ASN1_SOMEOTHER *opt2;
- * } value;
- * } chname;
- *
- * the name of the selector must be 'type'.
- * to use an alternative selector name use the
+ * This will produce an ASN1_ITEM called chname_it
+ * for a structure called chname. The structure
+ * definition must look like this:
+ * typedef struct {
+ * int type;
+ * union {
+ * ASN1_SOMETHING *opt1;
+ * ASN1_SOMEOTHER *opt2;
+ * } value;
+ * } chname;
+ *
+ * the name of the selector must be 'type'.
+ * to use an alternative selector name use the
* ASN1_CHOICE_END_selector() version.
*/
-#define ASN1_CHOICE(tname) \
- static const ASN1_TEMPLATE tname##_ch_tt[]
+# define ASN1_CHOICE(tname) \
+ static const ASN1_TEMPLATE tname##_ch_tt[]
-#define ASN1_CHOICE_cb(tname, cb) \
- static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
- ASN1_CHOICE(tname)
+# define ASN1_CHOICE_cb(tname, cb) \
+ static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
+ ASN1_CHOICE(tname)
-#define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
+# define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
-#define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
+# define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
-#define ASN1_CHOICE_END_selector(stname, tname, selname) \
- ;\
- ASN1_ITEM_start(tname) \
- ASN1_ITYPE_CHOICE,\
- offsetof(stname,selname) ,\
- tname##_ch_tt,\
- sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
- NULL,\
- sizeof(stname),\
- #stname \
- ASN1_ITEM_end(tname)
+# define ASN1_CHOICE_END_selector(stname, tname, selname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_CHOICE,\
+ offsetof(stname,selname) ,\
+ tname##_ch_tt,\
+ sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
+ NULL,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
-#define ASN1_CHOICE_END_cb(stname, tname, selname) \
- ;\
- ASN1_ITEM_start(tname) \
- ASN1_ITYPE_CHOICE,\
- offsetof(stname,selname) ,\
- tname##_ch_tt,\
- sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
- &tname##_aux,\
- sizeof(stname),\
- #stname \
- ASN1_ITEM_end(tname)
+# define ASN1_CHOICE_END_cb(stname, tname, selname) \
+ ;\
+ ASN1_ITEM_start(tname) \
+ ASN1_ITYPE_CHOICE,\
+ offsetof(stname,selname) ,\
+ tname##_ch_tt,\
+ sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
+ &tname##_aux,\
+ sizeof(stname),\
+ #stname \
+ ASN1_ITEM_end(tname)
/* This helps with the template wrapper form of ASN1_ITEM */
-#define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
- (flags), (tag), 0,\
- #name, ASN1_ITEM_ref(type) }
+# define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
+ (flags), (tag), 0,\
+ #name, ASN1_ITEM_ref(type) }
/* These help with SEQUENCE or CHOICE components */
/* used to declare other types */
-#define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
- (flags), (tag), offsetof(stname, field),\
- #field, ASN1_ITEM_ref(type) }
+# define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
+ (flags), (tag), offsetof(stname, field),\
+ #field, ASN1_ITEM_ref(type) }
/* used when the structure is combined with the parent */
-#define ASN1_EX_COMBINE(flags, tag, type) { \
- (flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) }
+# define ASN1_EX_COMBINE(flags, tag, type) { \
+ (flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) }
/* implicit and explicit helper macros */
-#define ASN1_IMP_EX(stname, field, type, tag, ex) \
- ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type)
+# define ASN1_IMP_EX(stname, field, type, tag, ex) \
+ ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type)
-#define ASN1_EXP_EX(stname, field, type, tag, ex) \
- ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type)
+# define ASN1_EXP_EX(stname, field, type, tag, ex) \
+ ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type)
/* Any defined by macros: the field used is in the table itself */
-#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-#define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
-#define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
-#else
-#define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb }
-#define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb }
-#endif
+# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+# define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
+# define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
+# else
+# define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb }
+# define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb }
+# endif
/* Plain simple type */
-#define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
+# define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
/* OPTIONAL simple type */
-#define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+# define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
/* IMPLICIT tagged simple type */
-#define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
+# define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
/* IMPLICIT tagged OPTIONAL simple type */
-#define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+# define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
/* Same as above but EXPLICIT */
-#define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
-#define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+# define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
+# define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
/* SEQUENCE OF type */
-#define ASN1_SEQUENCE_OF(stname, field, type) \
- ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
+# define ASN1_SEQUENCE_OF(stname, field, type) \
+ ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
/* OPTIONAL SEQUENCE OF */
-#define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
- ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+# define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
+ ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
/* Same as above but for SET OF */
-#define ASN1_SET_OF(stname, field, type) \
- ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
+# define ASN1_SET_OF(stname, field, type) \
+ ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
-#define ASN1_SET_OF_OPT(stname, field, type) \
- ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+# define ASN1_SET_OF_OPT(stname, field, type) \
+ ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */
-#define ASN1_IMP_SET_OF(stname, field, type, tag) \
- ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+# define ASN1_IMP_SET_OF(stname, field, type, tag) \
+ ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
-#define ASN1_EXP_SET_OF(stname, field, type, tag) \
- ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+# define ASN1_EXP_SET_OF(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
-#define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
- ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+# define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
+ ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
-#define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
- ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+# define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
-#define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
- ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+# define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
+ ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
-#define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
- ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+# define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+ ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
-#define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
- ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+# define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
-#define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
- ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+# define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
/* EXPLICIT using indefinite length constructed form */
-#define ASN1_NDEF_EXP(stname, field, type, tag) \
- ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
+# define ASN1_NDEF_EXP(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
/* EXPLICIT OPTIONAL using indefinite length constructed form */
-#define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
- ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
+# define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
/* Macros for the ASN1_ADB structure */
-#define ASN1_ADB(name) \
- static const ASN1_ADB_TABLE name##_adbtbl[]
+# define ASN1_ADB(name) \
+ static const ASN1_ADB_TABLE name##_adbtbl[]
-#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
-#define ASN1_ADB_END(name, flags, field, app_table, def, none) \
- ;\
- static const ASN1_ADB name##_adb = {\
- flags,\
- offsetof(name, field),\
- app_table,\
- name##_adbtbl,\
- sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
- def,\
- none\
- }
+# define ASN1_ADB_END(name, flags, field, app_table, def, none) \
+ ;\
+ static const ASN1_ADB name##_adb = {\
+ flags,\
+ offsetof(name, field),\
+ app_table,\
+ name##_adbtbl,\
+ sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
+ def,\
+ none\
+ }
-#else
+# else
-#define ASN1_ADB_END(name, flags, field, app_table, def, none) \
- ;\
- static const ASN1_ITEM *name##_adb(void) \
- { \
- static const ASN1_ADB internal_adb = \
- {\
- flags,\
- offsetof(name, field),\
- app_table,\
- name##_adbtbl,\
- sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
- def,\
- none\
- }; \
- return (const ASN1_ITEM *) &internal_adb; \
- } \
- void dummy_function(void)
+# define ASN1_ADB_END(name, flags, field, app_table, def, none) \
+ ;\
+ static const ASN1_ITEM *name##_adb(void) \
+ { \
+ static const ASN1_ADB internal_adb = \
+ {\
+ flags,\
+ offsetof(name, field),\
+ app_table,\
+ name##_adbtbl,\
+ sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
+ def,\
+ none\
+ }; \
+ return (const ASN1_ITEM *) &internal_adb; \
+ } \
+ void dummy_function(void)
-#endif
+# endif
-#define ADB_ENTRY(val, template) {val, template}
+# define ADB_ENTRY(val, template) {val, template}
-#define ASN1_ADB_TEMPLATE(name) \
- static const ASN1_TEMPLATE name##_tt
+# define ASN1_ADB_TEMPLATE(name) \
+ static const ASN1_TEMPLATE name##_tt
-/* This is the ASN1 template structure that defines
- * a wrapper round the actual type. It determines the
- * actual position of the field in the value structure,
- * various flags such as OPTIONAL and the field name.
+/*
+ * This is the ASN1 template structure that defines a wrapper round the
+ * actual type. It determines the actual position of the field in the value
+ * structure, various flags such as OPTIONAL and the field name.
*/
struct ASN1_TEMPLATE_st {
-unsigned long flags; /* Various flags */
-long tag; /* tag, not used if no tagging */
-unsigned long offset; /* Offset of this field in structure */
-#ifndef NO_ASN1_FIELD_NAMES
-const char *field_name; /* Field name */
-#endif
-ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */
+ unsigned long flags; /* Various flags */
+ long tag; /* tag, not used if no tagging */
+ unsigned long offset; /* Offset of this field in structure */
+# ifndef NO_ASN1_FIELD_NAMES
+ const char *field_name; /* Field name */
+# endif
+ ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */
};
/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */
-#define ASN1_TEMPLATE_item(t) (t->item_ptr)
-#define ASN1_TEMPLATE_adb(t) (t->item_ptr)
+# define ASN1_TEMPLATE_item(t) (t->item_ptr)
+# define ASN1_TEMPLATE_adb(t) (t->item_ptr)
typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE;
typedef struct ASN1_ADB_st ASN1_ADB;
struct ASN1_ADB_st {
- unsigned long flags; /* Various flags */
- unsigned long offset; /* Offset of selector field */
- STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */
- const ASN1_ADB_TABLE *tbl; /* Table of possible types */
- long tblcount; /* Number of entries in tbl */
- const ASN1_TEMPLATE *default_tt; /* Type to use if no match */
- const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */
+ unsigned long flags; /* Various flags */
+ unsigned long offset; /* Offset of selector field */
+ STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */
+ const ASN1_ADB_TABLE *tbl; /* Table of possible types */
+ long tblcount; /* Number of entries in tbl */
+ const ASN1_TEMPLATE *default_tt; /* Type to use if no match */
+ const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */
};
struct ASN1_ADB_TABLE_st {
- long value; /* NID for an object or value for an int */
- const ASN1_TEMPLATE tt; /* item for this value */
+ long value; /* NID for an object or value for an int */
+ const ASN1_TEMPLATE tt; /* item for this value */
};
/* template flags */
/* Field is optional */
-#define ASN1_TFLG_OPTIONAL (0x1)
+# define ASN1_TFLG_OPTIONAL (0x1)
/* Field is a SET OF */
-#define ASN1_TFLG_SET_OF (0x1 << 1)
+# define ASN1_TFLG_SET_OF (0x1 << 1)
/* Field is a SEQUENCE OF */
-#define ASN1_TFLG_SEQUENCE_OF (0x2 << 1)
+# define ASN1_TFLG_SEQUENCE_OF (0x2 << 1)
-/* Special case: this refers to a SET OF that
- * will be sorted into DER order when encoded *and*
- * the corresponding STACK will be modified to match
- * the new order.
+/*
+ * Special case: this refers to a SET OF that will be sorted into DER order
+ * when encoded *and* the corresponding STACK will be modified to match the
+ * new order.
*/
-#define ASN1_TFLG_SET_ORDER (0x3 << 1)
+# define ASN1_TFLG_SET_ORDER (0x3 << 1)
/* Mask for SET OF or SEQUENCE OF */
-#define ASN1_TFLG_SK_MASK (0x3 << 1)
+# define ASN1_TFLG_SK_MASK (0x3 << 1)
-/* These flags mean the tag should be taken from the
- * tag field. If EXPLICIT then the underlying type
- * is used for the inner tag.
+/*
+ * These flags mean the tag should be taken from the tag field. If EXPLICIT
+ * then the underlying type is used for the inner tag.
*/
/* IMPLICIT tagging */
-#define ASN1_TFLG_IMPTAG (0x1 << 3)
-
+# define ASN1_TFLG_IMPTAG (0x1 << 3)
/* EXPLICIT tagging, inner tag from underlying type */
-#define ASN1_TFLG_EXPTAG (0x2 << 3)
+# define ASN1_TFLG_EXPTAG (0x2 << 3)
-#define ASN1_TFLG_TAG_MASK (0x3 << 3)
+# define ASN1_TFLG_TAG_MASK (0x3 << 3)
/* context specific IMPLICIT */
-#define ASN1_TFLG_IMPLICIT ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT
+# define ASN1_TFLG_IMPLICIT ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT
/* context specific EXPLICIT */
-#define ASN1_TFLG_EXPLICIT ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT
+# define ASN1_TFLG_EXPLICIT ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT
-/* If tagging is in force these determine the
- * type of tag to use. Otherwise the tag is
- * determined by the underlying type. These
- * values reflect the actual octet format.
+/*
+ * If tagging is in force these determine the type of tag to use. Otherwise
+ * the tag is determined by the underlying type. These values reflect the
+ * actual octet format.
*/
-/* Universal tag */
-#define ASN1_TFLG_UNIVERSAL (0x0<<6)
-/* Application tag */
-#define ASN1_TFLG_APPLICATION (0x1<<6)
-/* Context specific tag */
-#define ASN1_TFLG_CONTEXT (0x2<<6)
-/* Private tag */
-#define ASN1_TFLG_PRIVATE (0x3<<6)
+/* Universal tag */
+# define ASN1_TFLG_UNIVERSAL (0x0<<6)
+/* Application tag */
+# define ASN1_TFLG_APPLICATION (0x1<<6)
+/* Context specific tag */
+# define ASN1_TFLG_CONTEXT (0x2<<6)
+/* Private tag */
+# define ASN1_TFLG_PRIVATE (0x3<<6)
-#define ASN1_TFLG_TAG_CLASS (0x3<<6)
+# define ASN1_TFLG_TAG_CLASS (0x3<<6)
-/* These are for ANY DEFINED BY type. In this case
- * the 'item' field points to an ASN1_ADB structure
- * which contains a table of values to decode the
+/*
+ * These are for ANY DEFINED BY type. In this case the 'item' field points to
+ * an ASN1_ADB structure which contains a table of values to decode the
* relevant type
*/
-#define ASN1_TFLG_ADB_MASK (0x3<<8)
+# define ASN1_TFLG_ADB_MASK (0x3<<8)
-#define ASN1_TFLG_ADB_OID (0x1<<8)
+# define ASN1_TFLG_ADB_OID (0x1<<8)
-#define ASN1_TFLG_ADB_INT (0x1<<9)
+# define ASN1_TFLG_ADB_INT (0x1<<9)
-/* This flag means a parent structure is passed
- * instead of the field: this is useful is a
- * SEQUENCE is being combined with a CHOICE for
- * example. Since this means the structure and
- * item name will differ we need to use the
+/*
+ * This flag means a parent structure is passed instead of the field: this is
+ * useful is a SEQUENCE is being combined with a CHOICE for example. Since
+ * this means the structure and item name will differ we need to use the
* ASN1_CHOICE_END_name() macro for example.
*/
-#define ASN1_TFLG_COMBINE (0x1<<10)
+# define ASN1_TFLG_COMBINE (0x1<<10)
-/* This flag when present in a SEQUENCE OF, SET OF
- * or EXPLICIT causes indefinite length constructed
- * encoding to be used if required.
+/*
+ * This flag when present in a SEQUENCE OF, SET OF or EXPLICIT causes
+ * indefinite length constructed encoding to be used if required.
*/
-#define ASN1_TFLG_NDEF (0x1<<11)
+# define ASN1_TFLG_NDEF (0x1<<11)
/* This is the actual ASN1 item itself */
struct ASN1_ITEM_st {
-char itype; /* The item type, primitive, SEQUENCE, CHOICE or extern */
-long utype; /* underlying type */
-const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains the contents */
-long tcount; /* Number of templates if SEQUENCE or CHOICE */
-const void *funcs; /* functions that handle this type */
-long size; /* Structure size (usually)*/
-#ifndef NO_ASN1_FIELD_NAMES
-const char *sname; /* Structure name */
-#endif
+ char itype; /* The item type, primitive, SEQUENCE, CHOICE
+ * or extern */
+ long utype; /* underlying type */
+ const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains
+ * the contents */
+ long tcount; /* Number of templates if SEQUENCE or CHOICE */
+ const void *funcs; /* functions that handle this type */
+ long size; /* Structure size (usually) */
+# ifndef NO_ASN1_FIELD_NAMES
+ const char *sname; /* Structure name */
+# endif
};
-/* These are values for the itype field and
+/*-
+ * These are values for the itype field and
* determine how the type is interpreted.
*
* For PRIMITIVE types the underlying type
* determines the behaviour if items is NULL.
*
- * Otherwise templates must contain a single
+ * Otherwise templates must contain a single
* template and the type is treated in the
* same way as the type specified in the template.
*
@@ -585,7 +595,7 @@ const char *sname; /* Structure name */
* selector.
*
* The 'funcs' field is used for application
- * specific functions.
+ * specific functions.
*
* For COMPAT types the funcs field gives a
* set of functions that handle this type, this
@@ -609,237 +619,297 @@ const char *sname; /* Structure name */
*
*/
-#define ASN1_ITYPE_PRIMITIVE 0x0
+# define ASN1_ITYPE_PRIMITIVE 0x0
-#define ASN1_ITYPE_SEQUENCE 0x1
+# define ASN1_ITYPE_SEQUENCE 0x1
-#define ASN1_ITYPE_CHOICE 0x2
+# define ASN1_ITYPE_CHOICE 0x2
-#define ASN1_ITYPE_COMPAT 0x3
+# define ASN1_ITYPE_COMPAT 0x3
-#define ASN1_ITYPE_EXTERN 0x4
+# define ASN1_ITYPE_EXTERN 0x4
-#define ASN1_ITYPE_MSTRING 0x5
+# define ASN1_ITYPE_MSTRING 0x5
-#define ASN1_ITYPE_NDEF_SEQUENCE 0x6
+# define ASN1_ITYPE_NDEF_SEQUENCE 0x6
-/* Cache for ASN1 tag and length, so we
- * don't keep re-reading it for things
+/*
+ * Cache for ASN1 tag and length, so we don't keep re-reading it for things
* like CHOICE
*/
-struct ASN1_TLC_st{
- char valid; /* Values below are valid */
- int ret; /* return value */
- long plen; /* length */
- int ptag; /* class value */
- int pclass; /* class value */
- int hdrlen; /* header length */
+struct ASN1_TLC_st {
+ char valid; /* Values below are valid */
+ int ret; /* return value */
+ long plen; /* length */
+ int ptag; /* class value */
+ int pclass; /* class value */
+ int hdrlen; /* header length */
};
/* Typedefs for ASN1 function pointers */
-typedef ASN1_VALUE * ASN1_new_func(void);
+typedef ASN1_VALUE *ASN1_new_func(void);
typedef void ASN1_free_func(ASN1_VALUE *a);
-typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, const unsigned char ** in, long length);
-typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in);
+typedef ASN1_VALUE *ASN1_d2i_func(ASN1_VALUE **a, const unsigned char **in,
+ long length);
+typedef int ASN1_i2d_func(ASN1_VALUE *a, unsigned char **in);
-typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it,
- int tag, int aclass, char opt, ASN1_TLC *ctx);
+typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+ const ASN1_ITEM *it, int tag, int aclass, char opt,
+ ASN1_TLC *ctx);
-typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
+typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
+ const ASN1_ITEM *it, int tag, int aclass);
typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
-typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
-typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
+typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval,
+ int indent, const char *fname,
+ const ASN1_PCTX *pctx);
+
+typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont,
+ int *putype, const ASN1_ITEM *it);
+typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont,
+ int len, int utype, char *free_cont,
+ const ASN1_ITEM *it);
+typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval,
+ const ASN1_ITEM *it, int indent,
+ const ASN1_PCTX *pctx);
typedef struct ASN1_COMPAT_FUNCS_st {
- ASN1_new_func *asn1_new;
- ASN1_free_func *asn1_free;
- ASN1_d2i_func *asn1_d2i;
- ASN1_i2d_func *asn1_i2d;
+ ASN1_new_func *asn1_new;
+ ASN1_free_func *asn1_free;
+ ASN1_d2i_func *asn1_d2i;
+ ASN1_i2d_func *asn1_i2d;
} ASN1_COMPAT_FUNCS;
typedef struct ASN1_EXTERN_FUNCS_st {
- void *app_data;
- ASN1_ex_new_func *asn1_ex_new;
- ASN1_ex_free_func *asn1_ex_free;
- ASN1_ex_free_func *asn1_ex_clear;
- ASN1_ex_d2i *asn1_ex_d2i;
- ASN1_ex_i2d *asn1_ex_i2d;
+ void *app_data;
+ ASN1_ex_new_func *asn1_ex_new;
+ ASN1_ex_free_func *asn1_ex_free;
+ ASN1_ex_free_func *asn1_ex_clear;
+ ASN1_ex_d2i *asn1_ex_d2i;
+ ASN1_ex_i2d *asn1_ex_i2d;
+ ASN1_ex_print_func *asn1_ex_print;
} ASN1_EXTERN_FUNCS;
typedef struct ASN1_PRIMITIVE_FUNCS_st {
- void *app_data;
- unsigned long flags;
- ASN1_ex_new_func *prim_new;
- ASN1_ex_free_func *prim_free;
- ASN1_ex_free_func *prim_clear;
- ASN1_primitive_c2i *prim_c2i;
- ASN1_primitive_i2c *prim_i2c;
+ void *app_data;
+ unsigned long flags;
+ ASN1_ex_new_func *prim_new;
+ ASN1_ex_free_func *prim_free;
+ ASN1_ex_free_func *prim_clear;
+ ASN1_primitive_c2i *prim_c2i;
+ ASN1_primitive_i2c *prim_i2c;
+ ASN1_primitive_print *prim_print;
} ASN1_PRIMITIVE_FUNCS;
-/* This is the ASN1_AUX structure: it handles various
- * miscellaneous requirements. For example the use of
- * reference counts and an informational callback.
- *
- * The "informational callback" is called at various
- * points during the ASN1 encoding and decoding. It can
- * be used to provide minor customisation of the structures
- * used. This is most useful where the supplied routines
- * *almost* do the right thing but need some extra help
- * at a few points. If the callback returns zero then
- * it is assumed a fatal error has occurred and the
- * main operation should be abandoned.
- *
- * If major changes in the default behaviour are required
- * then an external type is more appropriate.
+/*
+ * This is the ASN1_AUX structure: it handles various miscellaneous
+ * requirements. For example the use of reference counts and an informational
+ * callback. The "informational callback" is called at various points during
+ * the ASN1 encoding and decoding. It can be used to provide minor
+ * customisation of the structures used. This is most useful where the
+ * supplied routines *almost* do the right thing but need some extra help at
+ * a few points. If the callback returns zero then it is assumed a fatal
+ * error has occurred and the main operation should be abandoned. If major
+ * changes in the default behaviour are required then an external type is
+ * more appropriate.
*/
-typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it);
+typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
+ void *exarg);
typedef struct ASN1_AUX_st {
- void *app_data;
- int flags;
- int ref_offset; /* Offset of reference value */
- int ref_lock; /* Lock type to use */
- ASN1_aux_cb *asn1_cb;
- int enc_offset; /* Offset of ASN1_ENCODING structure */
+ void *app_data;
+ int flags;
+ int ref_offset; /* Offset of reference value */
+ int ref_lock; /* Lock type to use */
+ ASN1_aux_cb *asn1_cb;
+ int enc_offset; /* Offset of ASN1_ENCODING structure */
} ASN1_AUX;
+/* For print related callbacks exarg points to this structure */
+typedef struct ASN1_PRINT_ARG_st {
+ BIO *out;
+ int indent;
+ const ASN1_PCTX *pctx;
+} ASN1_PRINT_ARG;
+
+/* For streaming related callbacks exarg points to this structure */
+typedef struct ASN1_STREAM_ARG_st {
+ /* BIO to stream through */
+ BIO *out;
+ /* BIO with filters appended */
+ BIO *ndef_bio;
+ /* Streaming I/O boundary */
+ unsigned char **boundary;
+} ASN1_STREAM_ARG;
+
/* Flags in ASN1_AUX */
/* Use a reference count */
-#define ASN1_AFLG_REFCOUNT 1
+# define ASN1_AFLG_REFCOUNT 1
/* Save the encoding of structure (useful for signatures) */
-#define ASN1_AFLG_ENCODING 2
+# define ASN1_AFLG_ENCODING 2
/* The Sequence length is invalid */
-#define ASN1_AFLG_BROKEN 4
+# define ASN1_AFLG_BROKEN 4
/* operation values for asn1_cb */
-#define ASN1_OP_NEW_PRE 0
-#define ASN1_OP_NEW_POST 1
-#define ASN1_OP_FREE_PRE 2
-#define ASN1_OP_FREE_POST 3
-#define ASN1_OP_D2I_PRE 4
-#define ASN1_OP_D2I_POST 5
-#define ASN1_OP_I2D_PRE 6
-#define ASN1_OP_I2D_POST 7
+# define ASN1_OP_NEW_PRE 0
+# define ASN1_OP_NEW_POST 1
+# define ASN1_OP_FREE_PRE 2
+# define ASN1_OP_FREE_POST 3
+# define ASN1_OP_D2I_PRE 4
+# define ASN1_OP_D2I_POST 5
+# define ASN1_OP_I2D_PRE 6
+# define ASN1_OP_I2D_POST 7
+# define ASN1_OP_PRINT_PRE 8
+# define ASN1_OP_PRINT_POST 9
+# define ASN1_OP_STREAM_PRE 10
+# define ASN1_OP_STREAM_POST 11
+# define ASN1_OP_DETACHED_PRE 12
+# define ASN1_OP_DETACHED_POST 13
/* Macro to implement a primitive type */
-#define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
-#define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
- ASN1_ITEM_start(itname) \
- ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
- ASN1_ITEM_end(itname)
+# define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
+# define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
+ ASN1_ITEM_start(itname) \
+ ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
+ ASN1_ITEM_end(itname)
/* Macro to implement a multi string type */
-#define IMPLEMENT_ASN1_MSTRING(itname, mask) \
- ASN1_ITEM_start(itname) \
- ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
- ASN1_ITEM_end(itname)
+# define IMPLEMENT_ASN1_MSTRING(itname, mask) \
+ ASN1_ITEM_start(itname) \
+ ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
+ ASN1_ITEM_end(itname)
/* Macro to implement an ASN1_ITEM in terms of old style funcs */
-#define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE)
+# define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE)
-#define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \
- static const ASN1_COMPAT_FUNCS sname##_ff = { \
- (ASN1_new_func *)sname##_new, \
- (ASN1_free_func *)sname##_free, \
- (ASN1_d2i_func *)d2i_##sname, \
- (ASN1_i2d_func *)i2d_##sname, \
- }; \
- ASN1_ITEM_start(sname) \
- ASN1_ITYPE_COMPAT, \
- tag, \
- NULL, \
- 0, \
- &sname##_ff, \
- 0, \
- #sname \
- ASN1_ITEM_end(sname)
+# define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \
+ static const ASN1_COMPAT_FUNCS sname##_ff = { \
+ (ASN1_new_func *)sname##_new, \
+ (ASN1_free_func *)sname##_free, \
+ (ASN1_d2i_func *)d2i_##sname, \
+ (ASN1_i2d_func *)i2d_##sname, \
+ }; \
+ ASN1_ITEM_start(sname) \
+ ASN1_ITYPE_COMPAT, \
+ tag, \
+ NULL, \
+ 0, \
+ &sname##_ff, \
+ 0, \
+ #sname \
+ ASN1_ITEM_end(sname)
-#define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
- ASN1_ITEM_start(sname) \
- ASN1_ITYPE_EXTERN, \
- tag, \
- NULL, \
- 0, \
- &fptrs, \
- 0, \
- #sname \
- ASN1_ITEM_end(sname)
+# define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
+ ASN1_ITEM_start(sname) \
+ ASN1_ITYPE_EXTERN, \
+ tag, \
+ NULL, \
+ 0, \
+ &fptrs, \
+ 0, \
+ #sname \
+ ASN1_ITEM_end(sname)
/* Macro to implement standard functions in terms of ASN1_ITEM structures */
-#define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
+# define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
-#define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
+# define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
-#define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
- IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
+# define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
+ IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
-#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
- IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
+# define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
+ IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
-#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
- stname *fname##_new(void) \
- { \
- return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
- } \
- void fname##_free(stname *a) \
- { \
- ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
- }
+# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
+ IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
-#define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
- IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
- IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
+ pre stname *fname##_new(void) \
+ { \
+ return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
+ } \
+ pre void fname##_free(stname *a) \
+ { \
+ ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
+ }
-#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
- stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
- { \
- return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
- } \
- int i2d_##fname(stname *a, unsigned char **out) \
- { \
- return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
- }
+# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
+ stname *fname##_new(void) \
+ { \
+ return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
+ } \
+ void fname##_free(stname *a) \
+ { \
+ ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
+ }
-#define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
- int i2d_##stname##_NDEF(stname *a, unsigned char **out) \
- { \
- return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
- }
+# define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
+ IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+ IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
-/* This includes evil casts to remove const: they will go away when full
- * ASN1 constification is done.
+# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+ stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
+ { \
+ return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
+ } \
+ int i2d_##fname(stname *a, unsigned char **out) \
+ { \
+ return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
+ }
+
+# define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
+ int i2d_##stname##_NDEF(stname *a, unsigned char **out) \
+ { \
+ return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
+ }
+
+/*
+ * This includes evil casts to remove const: they will go away when full ASN1
+ * constification is done.
*/
-#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
- stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
- { \
- return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
- } \
- int i2d_##fname(const stname *a, unsigned char **out) \
- { \
- return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
- }
+# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+ stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
+ { \
+ return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
+ } \
+ int i2d_##fname(const stname *a, unsigned char **out) \
+ { \
+ return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
+ }
-#define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
- stname * stname##_dup(stname *x) \
+# define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
+ stname * stname##_dup(stname *x) \
{ \
return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
}
-#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
- IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
+# define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
+ IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
-#define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
- IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
- IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+# define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
+ int fname##_print_ctx(BIO *out, stname *x, int indent, \
+ const ASN1_PCTX *pctx) \
+ { \
+ return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
+ ASN1_ITEM_rptr(itname), pctx); \
+ }
+
+# define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
+ IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
+
+# define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
+ IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+ IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
/* external definitions for primitive types */
@@ -862,30 +932,40 @@ int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt);
-int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it,
- int tag, int aclass, char opt, ASN1_TLC *ctx);
+int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+ const ASN1_TEMPLATE *tt);
+int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+ const ASN1_ITEM *it, int tag, int aclass, char opt,
+ ASN1_TLC *ctx);
-int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
-int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt);
+int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
+ const ASN1_ITEM *it, int tag, int aclass);
+int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out,
+ const ASN1_TEMPLATE *tt);
void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
-int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
+int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
+ const ASN1_ITEM *it);
+int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
+ int utype, char *free_cont, const ASN1_ITEM *it);
int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it);
+int asn1_set_choice_selector(ASN1_VALUE **pval, int value,
+ const ASN1_ITEM *it);
-ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
+ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr);
+const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt,
+ int nullerr);
int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it);
void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, const ASN1_ITEM *it);
+int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval,
+ const ASN1_ITEM *it);
+int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen,
+ const ASN1_ITEM *it);
#ifdef __cplusplus
}
diff --git a/Cryptlib/Include/openssl/bio.h b/Cryptlib/Include/openssl/bio.h
index 03bd3b2..69bd48c 100644
--- a/Cryptlib/Include/openssl/bio.h
+++ b/Cryptlib/Include/openssl/bio.h
@@ -5,21 +5,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,10 +34,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
@@ -57,569 +57,632 @@
*/
#ifndef HEADER_BIO_H
-#define HEADER_BIO_H
+# define HEADER_BIO_H
-#include
+# include
-#ifndef OPENSSL_NO_FP_API
-# include
-#endif
-#include
+# ifndef OPENSSL_NO_FP_API
+# include
+# endif
+# include
-#include
+# include
+
+# ifndef OPENSSL_NO_SCTP
+# ifndef OPENSSL_SYS_VMS
+# include
+# else
+# include
+# endif
+# endif
#ifdef __cplusplus
extern "C" {
#endif
/* These are the 'types' of BIOs */
-#define BIO_TYPE_NONE 0
-#define BIO_TYPE_MEM (1|0x0400)
-#define BIO_TYPE_FILE (2|0x0400)
+# define BIO_TYPE_NONE 0
+# define BIO_TYPE_MEM (1|0x0400)
+# define BIO_TYPE_FILE (2|0x0400)
-#define BIO_TYPE_FD (4|0x0400|0x0100)
-#define BIO_TYPE_SOCKET (5|0x0400|0x0100)
-#define BIO_TYPE_NULL (6|0x0400)
-#define BIO_TYPE_SSL (7|0x0200)
-#define BIO_TYPE_MD (8|0x0200) /* passive filter */
-#define BIO_TYPE_BUFFER (9|0x0200) /* filter */
-#define BIO_TYPE_CIPHER (10|0x0200) /* filter */
-#define BIO_TYPE_BASE64 (11|0x0200) /* filter */
-#define BIO_TYPE_CONNECT (12|0x0400|0x0100) /* socket - connect */
-#define BIO_TYPE_ACCEPT (13|0x0400|0x0100) /* socket for accept */
-#define BIO_TYPE_PROXY_CLIENT (14|0x0200) /* client proxy BIO */
-#define BIO_TYPE_PROXY_SERVER (15|0x0200) /* server proxy BIO */
-#define BIO_TYPE_NBIO_TEST (16|0x0200) /* server proxy BIO */
-#define BIO_TYPE_NULL_FILTER (17|0x0200)
-#define BIO_TYPE_BER (18|0x0200) /* BER -> bin filter */
-#define BIO_TYPE_BIO (19|0x0400) /* (half a) BIO pair */
-#define BIO_TYPE_LINEBUFFER (20|0x0200) /* filter */
-#define BIO_TYPE_DGRAM (21|0x0400|0x0100)
-#define BIO_TYPE_COMP (23|0x0200) /* filter */
+# define BIO_TYPE_FD (4|0x0400|0x0100)
+# define BIO_TYPE_SOCKET (5|0x0400|0x0100)
+# define BIO_TYPE_NULL (6|0x0400)
+# define BIO_TYPE_SSL (7|0x0200)
+# define BIO_TYPE_MD (8|0x0200)/* passive filter */
+# define BIO_TYPE_BUFFER (9|0x0200)/* filter */
+# define BIO_TYPE_CIPHER (10|0x0200)/* filter */
+# define BIO_TYPE_BASE64 (11|0x0200)/* filter */
+# define BIO_TYPE_CONNECT (12|0x0400|0x0100)/* socket - connect */
+# define BIO_TYPE_ACCEPT (13|0x0400|0x0100)/* socket for accept */
+# define BIO_TYPE_PROXY_CLIENT (14|0x0200)/* client proxy BIO */
+# define BIO_TYPE_PROXY_SERVER (15|0x0200)/* server proxy BIO */
+# define BIO_TYPE_NBIO_TEST (16|0x0200)/* server proxy BIO */
+# define BIO_TYPE_NULL_FILTER (17|0x0200)
+# define BIO_TYPE_BER (18|0x0200)/* BER -> bin filter */
+# define BIO_TYPE_BIO (19|0x0400)/* (half a) BIO pair */
+# define BIO_TYPE_LINEBUFFER (20|0x0200)/* filter */
+# define BIO_TYPE_DGRAM (21|0x0400|0x0100)
+# ifndef OPENSSL_NO_SCTP
+# define BIO_TYPE_DGRAM_SCTP (24|0x0400|0x0100)
+# endif
+# define BIO_TYPE_ASN1 (22|0x0200)/* filter */
+# define BIO_TYPE_COMP (23|0x0200)/* filter */
-#define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */
-#define BIO_TYPE_FILTER 0x0200
-#define BIO_TYPE_SOURCE_SINK 0x0400
+# define BIO_TYPE_DESCRIPTOR 0x0100/* socket, fd, connect or accept */
+# define BIO_TYPE_FILTER 0x0200
+# define BIO_TYPE_SOURCE_SINK 0x0400
-/* BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
- * BIO_set_fp(in,stdin,BIO_NOCLOSE); */
-#define BIO_NOCLOSE 0x00
-#define BIO_CLOSE 0x01
+/*
+ * BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
+ * BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ */
+# define BIO_NOCLOSE 0x00
+# define BIO_CLOSE 0x01
-/* These are used in the following macros and are passed to
- * BIO_ctrl() */
-#define BIO_CTRL_RESET 1 /* opt - rewind/zero etc */
-#define BIO_CTRL_EOF 2 /* opt - are we at the eof */
-#define BIO_CTRL_INFO 3 /* opt - extra tit-bits */
-#define BIO_CTRL_SET 4 /* man - set the 'IO' type */
-#define BIO_CTRL_GET 5 /* man - get the 'IO' type */
-#define BIO_CTRL_PUSH 6 /* opt - internal, used to signify change */
-#define BIO_CTRL_POP 7 /* opt - internal, used to signify change */
-#define BIO_CTRL_GET_CLOSE 8 /* man - set the 'close' on free */
-#define BIO_CTRL_SET_CLOSE 9 /* man - set the 'close' on free */
-#define BIO_CTRL_PENDING 10 /* opt - is their more data buffered */
-#define BIO_CTRL_FLUSH 11 /* opt - 'flush' buffered output */
-#define BIO_CTRL_DUP 12 /* man - extra stuff for 'duped' BIO */
-#define BIO_CTRL_WPENDING 13 /* opt - number of bytes still to write */
+/*
+ * These are used in the following macros and are passed to BIO_ctrl()
+ */
+# define BIO_CTRL_RESET 1/* opt - rewind/zero etc */
+# define BIO_CTRL_EOF 2/* opt - are we at the eof */
+# define BIO_CTRL_INFO 3/* opt - extra tit-bits */
+# define BIO_CTRL_SET 4/* man - set the 'IO' type */
+# define BIO_CTRL_GET 5/* man - get the 'IO' type */
+# define BIO_CTRL_PUSH 6/* opt - internal, used to signify change */
+# define BIO_CTRL_POP 7/* opt - internal, used to signify change */
+# define BIO_CTRL_GET_CLOSE 8/* man - set the 'close' on free */
+# define BIO_CTRL_SET_CLOSE 9/* man - set the 'close' on free */
+# define BIO_CTRL_PENDING 10/* opt - is their more data buffered */
+# define BIO_CTRL_FLUSH 11/* opt - 'flush' buffered output */
+# define BIO_CTRL_DUP 12/* man - extra stuff for 'duped' BIO */
+# define BIO_CTRL_WPENDING 13/* opt - number of bytes still to write */
/* callback is int cb(BIO *bio,state,ret); */
-#define BIO_CTRL_SET_CALLBACK 14 /* opt - set callback function */
-#define BIO_CTRL_GET_CALLBACK 15 /* opt - set callback function */
+# define BIO_CTRL_SET_CALLBACK 14/* opt - set callback function */
+# define BIO_CTRL_GET_CALLBACK 15/* opt - set callback function */
-#define BIO_CTRL_SET_FILENAME 30 /* BIO_s_file special */
+# define BIO_CTRL_SET_FILENAME 30/* BIO_s_file special */
/* dgram BIO stuff */
-#define BIO_CTRL_DGRAM_CONNECT 31 /* BIO dgram special */
-#define BIO_CTRL_DGRAM_SET_CONNECTED 32 /* allow for an externally
- * connected socket to be
- * passed in */
-#define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33 /* setsockopt, essentially */
-#define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34 /* getsockopt, essentially */
-#define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35 /* setsockopt, essentially */
-#define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36 /* getsockopt, essentially */
+# define BIO_CTRL_DGRAM_CONNECT 31/* BIO dgram special */
+# define BIO_CTRL_DGRAM_SET_CONNECTED 32/* allow for an externally connected
+ * socket to be passed in */
+# define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33/* setsockopt, essentially */
+# define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34/* getsockopt, essentially */
+# define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35/* setsockopt, essentially */
+# define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36/* getsockopt, essentially */
+
+# define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37/* flag whether the last */
+# define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38/* I/O operation tiemd out */
-#define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37 /* flag whether the last */
-#define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38 /* I/O operation tiemd out */
-
/* #ifdef IP_MTU_DISCOVER */
-#define BIO_CTRL_DGRAM_MTU_DISCOVER 39 /* set DF bit on egress packets */
+# define BIO_CTRL_DGRAM_MTU_DISCOVER 39/* set DF bit on egress packets */
/* #endif */
-#define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */
-#define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
-#define BIO_CTRL_DGRAM_GET_MTU 41 /* get cached value for MTU */
-#define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for
- * MTU. want to use this
- * if asking the kernel
- * fails */
+# define BIO_CTRL_DGRAM_QUERY_MTU 40/* as kernel for current MTU */
+# define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47
+# define BIO_CTRL_DGRAM_GET_MTU 41/* get cached value for MTU */
+# define BIO_CTRL_DGRAM_SET_MTU 42/* set cached value for MTU.
+ * want to use this if asking
+ * the kernel fails */
-#define BIO_CTRL_DGRAM_MTU_EXCEEDED 43 /* check whether the MTU
- * was exceed in the
- * previous write
- * operation */
+# define BIO_CTRL_DGRAM_MTU_EXCEEDED 43/* check whether the MTU was
+ * exceed in the previous write
+ * operation */
-#define BIO_CTRL_DGRAM_GET_PEER 46
-#define BIO_CTRL_DGRAM_SET_PEER 44 /* Destination for the data */
+# define BIO_CTRL_DGRAM_GET_PEER 46
+# define BIO_CTRL_DGRAM_SET_PEER 44/* Destination for the data */
-#define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45 /* Next DTLS handshake timeout to
- * adjust socket timeouts */
+# define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45/* Next DTLS handshake timeout
+ * to adjust socket timeouts */
+# define BIO_CTRL_DGRAM_SET_DONT_FRAG 48
+
+# define BIO_CTRL_DGRAM_GET_MTU_OVERHEAD 49
+
+# ifndef OPENSSL_NO_SCTP
+/* SCTP stuff */
+# define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE 50
+# define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY 51
+# define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY 52
+# define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD 53
+# define BIO_CTRL_DGRAM_SCTP_GET_SNDINFO 60
+# define BIO_CTRL_DGRAM_SCTP_SET_SNDINFO 61
+# define BIO_CTRL_DGRAM_SCTP_GET_RCVINFO 62
+# define BIO_CTRL_DGRAM_SCTP_SET_RCVINFO 63
+# define BIO_CTRL_DGRAM_SCTP_GET_PRINFO 64
+# define BIO_CTRL_DGRAM_SCTP_SET_PRINFO 65
+# define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN 70
+# endif
/* modifiers */
-#define BIO_FP_READ 0x02
-#define BIO_FP_WRITE 0x04
-#define BIO_FP_APPEND 0x08
-#define BIO_FP_TEXT 0x10
+# define BIO_FP_READ 0x02
+# define BIO_FP_WRITE 0x04
+# define BIO_FP_APPEND 0x08
+# define BIO_FP_TEXT 0x10
-#define BIO_FLAGS_READ 0x01
-#define BIO_FLAGS_WRITE 0x02
-#define BIO_FLAGS_IO_SPECIAL 0x04
-#define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
-#define BIO_FLAGS_SHOULD_RETRY 0x08
-#ifndef BIO_FLAGS_UPLINK
-/* "UPLINK" flag denotes file descriptors provided by application.
- It defaults to 0, as most platforms don't require UPLINK interface. */
-#define BIO_FLAGS_UPLINK 0
-#endif
+# define BIO_FLAGS_READ 0x01
+# define BIO_FLAGS_WRITE 0x02
+# define BIO_FLAGS_IO_SPECIAL 0x04
+# define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
+# define BIO_FLAGS_SHOULD_RETRY 0x08
+# ifndef BIO_FLAGS_UPLINK
+/*
+ * "UPLINK" flag denotes file descriptors provided by application. It
+ * defaults to 0, as most platforms don't require UPLINK interface.
+ */
+# define BIO_FLAGS_UPLINK 0
+# endif
/* Used in BIO_gethostbyname() */
-#define BIO_GHBN_CTRL_HITS 1
-#define BIO_GHBN_CTRL_MISSES 2
-#define BIO_GHBN_CTRL_CACHE_SIZE 3
-#define BIO_GHBN_CTRL_GET_ENTRY 4
-#define BIO_GHBN_CTRL_FLUSH 5
+# define BIO_GHBN_CTRL_HITS 1
+# define BIO_GHBN_CTRL_MISSES 2
+# define BIO_GHBN_CTRL_CACHE_SIZE 3
+# define BIO_GHBN_CTRL_GET_ENTRY 4
+# define BIO_GHBN_CTRL_FLUSH 5
/* Mostly used in the SSL BIO */
-/* Not used anymore
+/*-
+ * Not used anymore
* #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
* #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
- * #define BIO_FLAGS_PROTOCOL_STARTUP 0x40
+ * #define BIO_FLAGS_PROTOCOL_STARTUP 0x40
*/
-#define BIO_FLAGS_BASE64_NO_NL 0x100
+# define BIO_FLAGS_BASE64_NO_NL 0x100
-/* This is used with memory BIOs: it means we shouldn't free up or change the
+/*
+ * This is used with memory BIOs: it means we shouldn't free up or change the
* data in any way.
*/
-#define BIO_FLAGS_MEM_RDONLY 0x200
+# define BIO_FLAGS_MEM_RDONLY 0x200
typedef struct bio_st BIO;
void BIO_set_flags(BIO *b, int flags);
-int BIO_test_flags(const BIO *b, int flags);
+int BIO_test_flags(const BIO *b, int flags);
void BIO_clear_flags(BIO *b, int flags);
-#define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
-#define BIO_set_retry_special(b) \
- BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
-#define BIO_set_retry_read(b) \
- BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
-#define BIO_set_retry_write(b) \
- BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
+# define BIO_set_retry_special(b) \
+ BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_set_retry_read(b) \
+ BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_set_retry_write(b) \
+ BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
/* These are normally used internally in BIOs */
-#define BIO_clear_retry_flags(b) \
- BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
-#define BIO_get_retry_flags(b) \
- BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_clear_retry_flags(b) \
+ BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_get_retry_flags(b) \
+ BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
/* These should be used by the application to tell why we should retry */
-#define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ)
-#define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE)
-#define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
-#define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
-#define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
+# define BIO_should_read(a) BIO_test_flags(a, BIO_FLAGS_READ)
+# define BIO_should_write(a) BIO_test_flags(a, BIO_FLAGS_WRITE)
+# define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
+# define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
+# define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
-/* The next three are used in conjunction with the
- * BIO_should_io_special() condition. After this returns true,
- * BIO *BIO_get_retry_BIO(BIO *bio, int *reason); will walk the BIO
- * stack and return the 'reason' for the special and the offending BIO.
- * Given a BIO, BIO_get_retry_reason(bio) will return the code. */
-/* Returned from the SSL bio when the certificate retrieval code had an error */
-#define BIO_RR_SSL_X509_LOOKUP 0x01
+/*
+ * The next three are used in conjunction with the BIO_should_io_special()
+ * condition. After this returns true, BIO *BIO_get_retry_BIO(BIO *bio, int
+ * *reason); will walk the BIO stack and return the 'reason' for the special
+ * and the offending BIO. Given a BIO, BIO_get_retry_reason(bio) will return
+ * the code.
+ */
+/*
+ * Returned from the SSL bio when the certificate retrieval code had an error
+ */
+# define BIO_RR_SSL_X509_LOOKUP 0x01
/* Returned from the connect BIO when a connect would have blocked */
-#define BIO_RR_CONNECT 0x02
+# define BIO_RR_CONNECT 0x02
/* Returned from the accept BIO when an accept would have blocked */
-#define BIO_RR_ACCEPT 0x03
+# define BIO_RR_ACCEPT 0x03
/* These are passed by the BIO callback */
-#define BIO_CB_FREE 0x01
-#define BIO_CB_READ 0x02
-#define BIO_CB_WRITE 0x03
-#define BIO_CB_PUTS 0x04
-#define BIO_CB_GETS 0x05
-#define BIO_CB_CTRL 0x06
+# define BIO_CB_FREE 0x01
+# define BIO_CB_READ 0x02
+# define BIO_CB_WRITE 0x03
+# define BIO_CB_PUTS 0x04
+# define BIO_CB_GETS 0x05
+# define BIO_CB_CTRL 0x06
-/* The callback is called before and after the underling operation,
- * The BIO_CB_RETURN flag indicates if it is after the call */
-#define BIO_CB_RETURN 0x80
-#define BIO_CB_return(a) ((a)|BIO_CB_RETURN))
-#define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
-#define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
+/*
+ * The callback is called before and after the underling operation, The
+ * BIO_CB_RETURN flag indicates if it is after the call
+ */
+# define BIO_CB_RETURN 0x80
+# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)
+# define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
+# define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
-long (*BIO_get_callback(const BIO *b)) (struct bio_st *,int,const char *,int, long,long);
-void BIO_set_callback(BIO *b,
- long (*callback)(struct bio_st *,int,const char *,int, long,long));
+long (*BIO_get_callback(const BIO *b)) (struct bio_st *, int, const char *,
+ int, long, long);
+void BIO_set_callback(BIO *b,
+ long (*callback) (struct bio_st *, int, const char *,
+ int, long, long));
char *BIO_get_callback_arg(const BIO *b);
void BIO_set_callback_arg(BIO *b, char *arg);
-const char * BIO_method_name(const BIO *b);
+const char *BIO_method_name(const BIO *b);
int BIO_method_type(const BIO *b);
-typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long);
+typedef void bio_info_cb (struct bio_st *, int, const char *, int, long,
+ long);
-#ifndef OPENSSL_SYS_WIN16
-typedef struct bio_method_st
- {
- int type;
- const char *name;
- int (*bwrite)(BIO *, const char *, int);
- int (*bread)(BIO *, char *, int);
- int (*bputs)(BIO *, const char *);
- int (*bgets)(BIO *, char *, int);
- long (*ctrl)(BIO *, int, long, void *);
- int (*create)(BIO *);
- int (*destroy)(BIO *);
- long (*callback_ctrl)(BIO *, int, bio_info_cb *);
- } BIO_METHOD;
-#else
-typedef struct bio_method_st
- {
- int type;
- const char *name;
- int (_far *bwrite)();
- int (_far *bread)();
- int (_far *bputs)();
- int (_far *bgets)();
- long (_far *ctrl)();
- int (_far *create)();
- int (_far *destroy)();
- long (_far *callback_ctrl)();
- } BIO_METHOD;
-#endif
+typedef struct bio_method_st {
+ int type;
+ const char *name;
+ int (*bwrite) (BIO *, const char *, int);
+ int (*bread) (BIO *, char *, int);
+ int (*bputs) (BIO *, const char *);
+ int (*bgets) (BIO *, char *, int);
+ long (*ctrl) (BIO *, int, long, void *);
+ int (*create) (BIO *);
+ int (*destroy) (BIO *);
+ long (*callback_ctrl) (BIO *, int, bio_info_cb *);
+} BIO_METHOD;
-struct bio_st
- {
- BIO_METHOD *method;
- /* bio, mode, argp, argi, argl, ret */
- long (*callback)(struct bio_st *,int,const char *,int, long,long);
- char *cb_arg; /* first argument for the callback */
-
- int init;
- int shutdown;
- int flags; /* extra storage */
- int retry_reason;
- int num;
- void *ptr;
- struct bio_st *next_bio; /* used by filter BIOs */
- struct bio_st *prev_bio; /* used by filter BIOs */
- int references;
- unsigned long num_read;
- unsigned long num_write;
-
- CRYPTO_EX_DATA ex_data;
- };
+struct bio_st {
+ BIO_METHOD *method;
+ /* bio, mode, argp, argi, argl, ret */
+ long (*callback) (struct bio_st *, int, const char *, int, long, long);
+ char *cb_arg; /* first argument for the callback */
+ int init;
+ int shutdown;
+ int flags; /* extra storage */
+ int retry_reason;
+ int num;
+ void *ptr;
+ struct bio_st *next_bio; /* used by filter BIOs */
+ struct bio_st *prev_bio; /* used by filter BIOs */
+ int references;
+ unsigned long num_read;
+ unsigned long num_write;
+ CRYPTO_EX_DATA ex_data;
+};
DECLARE_STACK_OF(BIO)
-typedef struct bio_f_buffer_ctx_struct
- {
- /* Buffers are setup like this:
- *
- * <---------------------- size ----------------------->
- * +---------------------------------------------------+
- * | consumed | remaining | free space |
- * +---------------------------------------------------+
- * <-- off --><------- len ------->
- */
+typedef struct bio_f_buffer_ctx_struct {
+ /*-
+ * Buffers are setup like this:
+ *
+ * <---------------------- size ----------------------->
+ * +---------------------------------------------------+
+ * | consumed | remaining | free space |
+ * +---------------------------------------------------+
+ * <-- off --><------- len ------->
+ */
+ /*- BIO *bio; *//*
+ * this is now in the BIO struct
+ */
+ int ibuf_size; /* how big is the input buffer */
+ int obuf_size; /* how big is the output buffer */
+ char *ibuf; /* the char array */
+ int ibuf_len; /* how many bytes are in it */
+ int ibuf_off; /* write/read offset */
+ char *obuf; /* the char array */
+ int obuf_len; /* how many bytes are in it */
+ int obuf_off; /* write/read offset */
+} BIO_F_BUFFER_CTX;
- /* BIO *bio; */ /* this is now in the BIO struct */
- int ibuf_size; /* how big is the input buffer */
- int obuf_size; /* how big is the output buffer */
+/* Prefix and suffix callback in ASN1 BIO */
+typedef int asn1_ps_func (BIO *b, unsigned char **pbuf, int *plen,
+ void *parg);
- char *ibuf; /* the char array */
- int ibuf_len; /* how many bytes are in it */
- int ibuf_off; /* write/read offset */
+# ifndef OPENSSL_NO_SCTP
+/* SCTP parameter structs */
+struct bio_dgram_sctp_sndinfo {
+ uint16_t snd_sid;
+ uint16_t snd_flags;
+ uint32_t snd_ppid;
+ uint32_t snd_context;
+};
- char *obuf; /* the char array */
- int obuf_len; /* how many bytes are in it */
- int obuf_off; /* write/read offset */
- } BIO_F_BUFFER_CTX;
+struct bio_dgram_sctp_rcvinfo {
+ uint16_t rcv_sid;
+ uint16_t rcv_ssn;
+ uint16_t rcv_flags;
+ uint32_t rcv_ppid;
+ uint32_t rcv_tsn;
+ uint32_t rcv_cumtsn;
+ uint32_t rcv_context;
+};
+
+struct bio_dgram_sctp_prinfo {
+ uint16_t pr_policy;
+ uint32_t pr_value;
+};
+# endif
/* connect BIO stuff */
-#define BIO_CONN_S_BEFORE 1
-#define BIO_CONN_S_GET_IP 2
-#define BIO_CONN_S_GET_PORT 3
-#define BIO_CONN_S_CREATE_SOCKET 4
-#define BIO_CONN_S_CONNECT 5
-#define BIO_CONN_S_OK 6
-#define BIO_CONN_S_BLOCKED_CONNECT 7
-#define BIO_CONN_S_NBIO 8
-/*#define BIO_CONN_get_param_hostname BIO_ctrl */
+# define BIO_CONN_S_BEFORE 1
+# define BIO_CONN_S_GET_IP 2
+# define BIO_CONN_S_GET_PORT 3
+# define BIO_CONN_S_CREATE_SOCKET 4
+# define BIO_CONN_S_CONNECT 5
+# define BIO_CONN_S_OK 6
+# define BIO_CONN_S_BLOCKED_CONNECT 7
+# define BIO_CONN_S_NBIO 8
+/*
+ * #define BIO_CONN_get_param_hostname BIO_ctrl
+ */
-#define BIO_C_SET_CONNECT 100
-#define BIO_C_DO_STATE_MACHINE 101
-#define BIO_C_SET_NBIO 102
-#define BIO_C_SET_PROXY_PARAM 103
-#define BIO_C_SET_FD 104
-#define BIO_C_GET_FD 105
-#define BIO_C_SET_FILE_PTR 106
-#define BIO_C_GET_FILE_PTR 107
-#define BIO_C_SET_FILENAME 108
-#define BIO_C_SET_SSL 109
-#define BIO_C_GET_SSL 110
-#define BIO_C_SET_MD 111
-#define BIO_C_GET_MD 112
-#define BIO_C_GET_CIPHER_STATUS 113
-#define BIO_C_SET_BUF_MEM 114
-#define BIO_C_GET_BUF_MEM_PTR 115
-#define BIO_C_GET_BUFF_NUM_LINES 116
-#define BIO_C_SET_BUFF_SIZE 117
-#define BIO_C_SET_ACCEPT 118
-#define BIO_C_SSL_MODE 119
-#define BIO_C_GET_MD_CTX 120
-#define BIO_C_GET_PROXY_PARAM 121
-#define BIO_C_SET_BUFF_READ_DATA 122 /* data to read first */
-#define BIO_C_GET_CONNECT 123
-#define BIO_C_GET_ACCEPT 124
-#define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
-#define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
-#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
-#define BIO_C_FILE_SEEK 128
-#define BIO_C_GET_CIPHER_CTX 129
-#define BIO_C_SET_BUF_MEM_EOF_RETURN 130/*return end of input value*/
-#define BIO_C_SET_BIND_MODE 131
-#define BIO_C_GET_BIND_MODE 132
-#define BIO_C_FILE_TELL 133
-#define BIO_C_GET_SOCKS 134
-#define BIO_C_SET_SOCKS 135
+# define BIO_C_SET_CONNECT 100
+# define BIO_C_DO_STATE_MACHINE 101
+# define BIO_C_SET_NBIO 102
+# define BIO_C_SET_PROXY_PARAM 103
+# define BIO_C_SET_FD 104
+# define BIO_C_GET_FD 105
+# define BIO_C_SET_FILE_PTR 106
+# define BIO_C_GET_FILE_PTR 107
+# define BIO_C_SET_FILENAME 108
+# define BIO_C_SET_SSL 109
+# define BIO_C_GET_SSL 110
+# define BIO_C_SET_MD 111
+# define BIO_C_GET_MD 112
+# define BIO_C_GET_CIPHER_STATUS 113
+# define BIO_C_SET_BUF_MEM 114
+# define BIO_C_GET_BUF_MEM_PTR 115
+# define BIO_C_GET_BUFF_NUM_LINES 116
+# define BIO_C_SET_BUFF_SIZE 117
+# define BIO_C_SET_ACCEPT 118
+# define BIO_C_SSL_MODE 119
+# define BIO_C_GET_MD_CTX 120
+# define BIO_C_GET_PROXY_PARAM 121
+# define BIO_C_SET_BUFF_READ_DATA 122/* data to read first */
+# define BIO_C_GET_CONNECT 123
+# define BIO_C_GET_ACCEPT 124
+# define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
+# define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
+# define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
+# define BIO_C_FILE_SEEK 128
+# define BIO_C_GET_CIPHER_CTX 129
+# define BIO_C_SET_BUF_MEM_EOF_RETURN 130/* return end of input
+ * value */
+# define BIO_C_SET_BIND_MODE 131
+# define BIO_C_GET_BIND_MODE 132
+# define BIO_C_FILE_TELL 133
+# define BIO_C_GET_SOCKS 134
+# define BIO_C_SET_SOCKS 135
-#define BIO_C_SET_WRITE_BUF_SIZE 136/* for BIO_s_bio */
-#define BIO_C_GET_WRITE_BUF_SIZE 137
-#define BIO_C_MAKE_BIO_PAIR 138
-#define BIO_C_DESTROY_BIO_PAIR 139
-#define BIO_C_GET_WRITE_GUARANTEE 140
-#define BIO_C_GET_READ_REQUEST 141
-#define BIO_C_SHUTDOWN_WR 142
-#define BIO_C_NREAD0 143
-#define BIO_C_NREAD 144
-#define BIO_C_NWRITE0 145
-#define BIO_C_NWRITE 146
-#define BIO_C_RESET_READ_REQUEST 147
-#define BIO_C_SET_MD_CTX 148
+# define BIO_C_SET_WRITE_BUF_SIZE 136/* for BIO_s_bio */
+# define BIO_C_GET_WRITE_BUF_SIZE 137
+# define BIO_C_MAKE_BIO_PAIR 138
+# define BIO_C_DESTROY_BIO_PAIR 139
+# define BIO_C_GET_WRITE_GUARANTEE 140
+# define BIO_C_GET_READ_REQUEST 141
+# define BIO_C_SHUTDOWN_WR 142
+# define BIO_C_NREAD0 143
+# define BIO_C_NREAD 144
+# define BIO_C_NWRITE0 145
+# define BIO_C_NWRITE 146
+# define BIO_C_RESET_READ_REQUEST 147
+# define BIO_C_SET_MD_CTX 148
+# define BIO_C_SET_PREFIX 149
+# define BIO_C_GET_PREFIX 150
+# define BIO_C_SET_SUFFIX 151
+# define BIO_C_GET_SUFFIX 152
-#define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
-#define BIO_get_app_data(s) BIO_get_ex_data(s,0)
+# define BIO_C_SET_EX_ARG 153
+# define BIO_C_GET_EX_ARG 154
+
+# define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg)
+# define BIO_get_app_data(s) BIO_get_ex_data(s,0)
/* BIO_s_connect() and BIO_s_socks4a_connect() */
-#define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
-#define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
-#define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
-#define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
-#define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
-#define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
-#define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
-#define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0)
+# define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
+# define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
+# define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
+# define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
+# define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
+# define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
+# define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
+# define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0)
-
-#define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
+# define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
/* BIO_s_accept_socket() */
-#define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
-#define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
-/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
-#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL)
-#define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
+# define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
+# define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
+/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
+# define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL)
+# define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
-#define BIO_BIND_NORMAL 0
-#define BIO_BIND_REUSEADDR_IF_UNUSED 1
-#define BIO_BIND_REUSEADDR 2
-#define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
-#define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
+# define BIO_BIND_NORMAL 0
+# define BIO_BIND_REUSEADDR_IF_UNUSED 1
+# define BIO_BIND_REUSEADDR 2
+# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
+# define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
-#define BIO_do_connect(b) BIO_do_handshake(b)
-#define BIO_do_accept(b) BIO_do_handshake(b)
-#define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
+# define BIO_do_connect(b) BIO_do_handshake(b)
+# define BIO_do_accept(b) BIO_do_handshake(b)
+# define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
/* BIO_s_proxy_client() */
-#define BIO_set_url(b,url) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
-#define BIO_set_proxies(b,p) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
+# define BIO_set_url(b,url) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
+# define BIO_set_proxies(b,p) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
/* BIO_set_nbio(b,n) */
-#define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
+# define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
/* BIO *BIO_get_filter_bio(BIO *bio); */
-#define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)()))
-#define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
-#define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
+# define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)()))
+# define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
+# define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
-#define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
-#define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
-#define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
-#define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
+# define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
+# define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
+# define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
+# define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
-#define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
-#define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
+# define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
+# define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
-#define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
-#define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
+# define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
+# define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
-#define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
-#define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
+# define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
+# define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
-/* name is cast to lose const, but might be better to route through a function
- so we can do it safely */
-#ifdef CONST_STRICT
-/* If you are wondering why this isn't defined, its because CONST_STRICT is
+/*
+ * name is cast to lose const, but might be better to route through a
+ * function so we can do it safely
+ */
+# ifdef CONST_STRICT
+/*
+ * If you are wondering why this isn't defined, its because CONST_STRICT is
* purely a compile-time kludge to allow const to be checked.
*/
-int BIO_read_filename(BIO *b,const char *name);
-#else
-#define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
- BIO_CLOSE|BIO_FP_READ,(char *)name)
-#endif
-#define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
- BIO_CLOSE|BIO_FP_WRITE,name)
-#define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
- BIO_CLOSE|BIO_FP_APPEND,name)
-#define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
- BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
+int BIO_read_filename(BIO *b, const char *name);
+# else
+# define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_READ,(char *)name)
+# endif
+# define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_WRITE,name)
+# define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_APPEND,name)
+# define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
-/* WARNING WARNING, this ups the reference count on the read bio of the
- * SSL structure. This is because the ssl read BIO is now pointed to by
- * the next_bio field in the bio. So when you free the BIO, make sure
- * you are doing a BIO_free_all() to catch the underlying BIO. */
-#define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
-#define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
-#define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
-#define BIO_set_ssl_renegotiate_bytes(b,num) \
- BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
-#define BIO_get_num_renegotiates(b) \
- BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL);
-#define BIO_set_ssl_renegotiate_timeout(b,seconds) \
- BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
+/*
+ * WARNING WARNING, this ups the reference count on the read bio of the SSL
+ * structure. This is because the ssl read BIO is now pointed to by the
+ * next_bio field in the bio. So when you free the BIO, make sure you are
+ * doing a BIO_free_all() to catch the underlying BIO.
+ */
+# define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
+# define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
+# define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
+# define BIO_set_ssl_renegotiate_bytes(b,num) \
+ BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
+# define BIO_get_num_renegotiates(b) \
+ BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL);
+# define BIO_set_ssl_renegotiate_timeout(b,seconds) \
+ BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
/* defined in evp.h */
-/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
+/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
-#define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
-#define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
-#define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
-#define BIO_set_mem_eof_return(b,v) \
- BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
+# define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
+# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
+# define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
+# define BIO_set_mem_eof_return(b,v) \
+ BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
/* For the BIO_f_buffer() type */
-#define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
-#define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
-#define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
-#define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
-#define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
+# define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
+# define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
+# define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
+# define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
+# define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
/* Don't use the next one unless you know what you are doing :-) */
-#define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
+# define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
-#define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
-#define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
-#define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
-#define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
-#define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
-#define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
+# define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
+# define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
+# define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
+# define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
+# define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
+# define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
/* ...pending macros have inappropriate return type */
size_t BIO_ctrl_pending(BIO *b);
size_t BIO_ctrl_wpending(BIO *b);
-#define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
-#define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \
- cbp)
-#define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)
+# define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
+# define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \
+ cbp)
+# define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)
/* For the BIO_f_buffer() type */
-#define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
+# define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
/* For BIO_s_bio() */
-#define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
-#define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
-#define BIO_make_bio_pair(b1,b2) (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
-#define BIO_destroy_bio_pair(b) (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
-#define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
+# define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
+# define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
+# define BIO_make_bio_pair(b1,b2) (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
+# define BIO_destroy_bio_pair(b) (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
+# define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
/* macros with inappropriate type -- but ...pending macros use int too: */
-#define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
-#define BIO_get_read_request(b) (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
+# define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
+# define BIO_get_read_request(b) (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
size_t BIO_ctrl_get_write_guarantee(BIO *b);
size_t BIO_ctrl_get_read_request(BIO *b);
int BIO_ctrl_reset_read_request(BIO *b);
/* ctrl macros for dgram */
-#define BIO_ctrl_dgram_connect(b,peer) \
+# define BIO_ctrl_dgram_connect(b,peer) \
(int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)peer)
-#define BIO_ctrl_set_connected(b, state, peer) \
+# define BIO_ctrl_set_connected(b, state, peer) \
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, (char *)peer)
-#define BIO_dgram_recv_timedout(b) \
+# define BIO_dgram_recv_timedout(b) \
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL)
-#define BIO_dgram_send_timedout(b) \
+# define BIO_dgram_send_timedout(b) \
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL)
-#define BIO_dgram_get_peer(b,peer) \
+# define BIO_dgram_get_peer(b,peer) \
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer)
-#define BIO_dgram_set_peer(b,peer) \
+# define BIO_dgram_set_peer(b,peer) \
(int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer)
+# define BIO_dgram_get_mtu_overhead(b) \
+ (unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL)
/* These two aren't currently implemented */
/* int BIO_get_ex_num(BIO *bio); */
/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */
-int BIO_set_ex_data(BIO *bio,int idx,void *data);
-void *BIO_get_ex_data(BIO *bio,int idx);
+int BIO_set_ex_data(BIO *bio, int idx, void *data);
+void *BIO_get_ex_data(BIO *bio, int idx);
int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
unsigned long BIO_number_read(BIO *bio);
unsigned long BIO_number_written(BIO *bio);
-# ifndef OPENSSL_NO_FP_API
-# if defined(OPENSSL_SYS_WIN16) && defined(_WINDLL)
-BIO_METHOD *BIO_s_file_internal(void);
-BIO *BIO_new_file_internal(char *filename, char *mode);
-BIO *BIO_new_fp_internal(FILE *stream, int close_flag);
-# define BIO_s_file BIO_s_file_internal
-# define BIO_new_file BIO_new_file_internal
-# define BIO_new_fp BIO_new_fp_internal
-# else /* FP_API */
-BIO_METHOD *BIO_s_file(void );
+/* For BIO_f_asn1() */
+int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
+ asn1_ps_func *prefix_free);
+int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
+ asn1_ps_func **pprefix_free);
+int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
+ asn1_ps_func *suffix_free);
+int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
+ asn1_ps_func **psuffix_free);
+
+BIO_METHOD *BIO_s_file(void);
BIO *BIO_new_file(const char *filename, const char *mode);
BIO *BIO_new_fp(FILE *stream, int close_flag);
-# define BIO_s_file_internal BIO_s_file
-# define BIO_new_file_internal BIO_new_file
-# define BIO_new_fp_internal BIO_s_file
-# endif /* FP_API */
+# ifndef OPENSSL_NO_FP_API
+# define BIO_s_file_internal BIO_s_file
# endif
-BIO * BIO_new(BIO_METHOD *type);
-int BIO_set(BIO *a,BIO_METHOD *type);
-int BIO_free(BIO *a);
-void BIO_vfree(BIO *a);
-int BIO_read(BIO *b, void *data, int len);
-int BIO_gets(BIO *bp,char *buf, int size);
-int BIO_write(BIO *b, const void *data, int len);
-int BIO_puts(BIO *bp,const char *buf);
-int BIO_indent(BIO *b,int indent,int max);
-long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg);
-long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long));
-char * BIO_ptr_ctrl(BIO *bp,int cmd,long larg);
-long BIO_int_ctrl(BIO *bp,int cmd,long larg,int iarg);
-BIO * BIO_push(BIO *b,BIO *append);
-BIO * BIO_pop(BIO *b);
-void BIO_free_all(BIO *a);
-BIO * BIO_find_type(BIO *b,int bio_type);
-BIO * BIO_next(BIO *b);
-BIO * BIO_get_retry_BIO(BIO *bio, int *reason);
-int BIO_get_retry_reason(BIO *bio);
-BIO * BIO_dup_chain(BIO *in);
+BIO *BIO_new(BIO_METHOD *type);
+int BIO_set(BIO *a, BIO_METHOD *type);
+int BIO_free(BIO *a);
+void BIO_vfree(BIO *a);
+int BIO_read(BIO *b, void *data, int len);
+int BIO_gets(BIO *bp, char *buf, int size);
+int BIO_write(BIO *b, const void *data, int len);
+int BIO_puts(BIO *bp, const char *buf);
+int BIO_indent(BIO *b, int indent, int max);
+long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+long BIO_callback_ctrl(BIO *b, int cmd,
+ void (*fp) (struct bio_st *, int, const char *, int,
+ long, long));
+char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+BIO *BIO_push(BIO *b, BIO *append);
+BIO *BIO_pop(BIO *b);
+void BIO_free_all(BIO *a);
+BIO *BIO_find_type(BIO *b, int bio_type);
+BIO *BIO_next(BIO *b);
+BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
+int BIO_get_retry_reason(BIO *bio);
+BIO *BIO_dup_chain(BIO *in);
int BIO_nread0(BIO *bio, char **buf);
int BIO_nread(BIO *bio, char **buf, int num);
int BIO_nwrite0(BIO *bio, char **buf);
int BIO_nwrite(BIO *bio, char **buf, int num);
-#ifndef OPENSSL_SYS_WIN16
-long BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
- long argl,long ret);
-#else
-long _far _loadds BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
- long argl,long ret);
-#endif
+long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
+ long argl, long ret);
BIO_METHOD *BIO_s_mem(void);
BIO *BIO_new_mem_buf(void *buf, int len);
@@ -627,20 +690,23 @@ BIO_METHOD *BIO_s_socket(void);
BIO_METHOD *BIO_s_connect(void);
BIO_METHOD *BIO_s_accept(void);
BIO_METHOD *BIO_s_fd(void);
-#ifndef OPENSSL_SYS_OS2
+# ifndef OPENSSL_SYS_OS2
BIO_METHOD *BIO_s_log(void);
-#endif
+# endif
BIO_METHOD *BIO_s_bio(void);
BIO_METHOD *BIO_s_null(void);
BIO_METHOD *BIO_f_null(void);
BIO_METHOD *BIO_f_buffer(void);
-#ifdef OPENSSL_SYS_VMS
+# ifdef OPENSSL_SYS_VMS
BIO_METHOD *BIO_f_linebuffer(void);
-#endif
+# endif
BIO_METHOD *BIO_f_nbio_test(void);
-#ifndef OPENSSL_NO_DGRAM
+# ifndef OPENSSL_NO_DGRAM
BIO_METHOD *BIO_s_datagram(void);
-#endif
+# ifndef OPENSSL_NO_SCTP
+BIO_METHOD *BIO_s_datagram_sctp(void);
+# endif
+# endif
/* BIO_METHOD *BIO_f_ber(void); */
@@ -650,18 +716,22 @@ int BIO_dgram_non_fatal_error(int error);
int BIO_fd_should_retry(int i);
int BIO_fd_non_fatal_error(int error);
-int BIO_dump_cb(int (*cb)(const void *data, size_t len, void *u),
- void *u, const char *s, int len);
-int BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u),
- void *u, const char *s, int len, int indent);
-int BIO_dump(BIO *b,const char *bytes,int len);
-int BIO_dump_indent(BIO *b,const char *bytes,int len,int indent);
-#ifndef OPENSSL_NO_FP_API
+int BIO_dump_cb(int (*cb) (const void *data, size_t len, void *u),
+ void *u, const char *s, int len);
+int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
+ void *u, const char *s, int len, int indent);
+int BIO_dump(BIO *b, const char *bytes, int len);
+int BIO_dump_indent(BIO *b, const char *bytes, int len, int indent);
+# ifndef OPENSSL_NO_FP_API
int BIO_dump_fp(FILE *fp, const char *s, int len);
int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent);
-#endif
+# endif
+int BIO_hex_string(BIO *out, int indent, int width, unsigned char *data,
+ int datalen);
+
struct hostent *BIO_gethostbyname(const char *name);
-/* We might want a thread-safe interface too:
+/*-
+ * We might want a thread-safe interface too:
* struct hostent *BIO_gethostbyname_r(const char *name,
* struct hostent *result, void *buffer, size_t buflen);
* or something similar (caller allocates a struct hostent,
@@ -671,49 +741,73 @@ struct hostent *BIO_gethostbyname(const char *name);
*/
int BIO_sock_error(int sock);
int BIO_socket_ioctl(int fd, long type, void *arg);
-int BIO_socket_nbio(int fd,int mode);
+int BIO_socket_nbio(int fd, int mode);
int BIO_get_port(const char *str, unsigned short *port_ptr);
int BIO_get_host_ip(const char *str, unsigned char *ip);
-int BIO_get_accept_socket(char *host_port,int mode);
-int BIO_accept(int sock,char **ip_port);
-int BIO_sock_init(void );
+int BIO_get_accept_socket(char *host_port, int mode);
+int BIO_accept(int sock, char **ip_port);
+int BIO_sock_init(void);
void BIO_sock_cleanup(void);
-int BIO_set_tcp_ndelay(int sock,int turn_on);
+int BIO_set_tcp_ndelay(int sock, int turn_on);
BIO *BIO_new_socket(int sock, int close_flag);
BIO *BIO_new_dgram(int fd, int close_flag);
+# ifndef OPENSSL_NO_SCTP
+BIO *BIO_new_dgram_sctp(int fd, int close_flag);
+int BIO_dgram_is_sctp(BIO *bio);
+int BIO_dgram_sctp_notification_cb(BIO *b,
+ void (*handle_notifications) (BIO *bio,
+ void
+ *context,
+ void *buf),
+ void *context);
+int BIO_dgram_sctp_wait_for_dry(BIO *b);
+int BIO_dgram_sctp_msg_waiting(BIO *b);
+# endif
BIO *BIO_new_fd(int fd, int close_flag);
-BIO *BIO_new_connect(char *host_port);
-BIO *BIO_new_accept(char *host_port);
+BIO *BIO_new_connect(const char *host_port);
+BIO *BIO_new_accept(const char *host_port);
int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
- BIO **bio2, size_t writebuf2);
-/* If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
- * Otherwise returns 0 and sets *bio1 and *bio2 to NULL.
- * Size 0 uses default value.
+ BIO **bio2, size_t writebuf2);
+/*
+ * If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
+ * Otherwise returns 0 and sets *bio1 and *bio2 to NULL. Size 0 uses default
+ * value.
*/
void BIO_copy_next_retry(BIO *b);
-/*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/
+/*
+ * long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
+ */
-#ifdef __GNUC__
+# ifdef __GNUC__
# define __bio_h__attr__ __attribute__
-#else
+# else
# define __bio_h__attr__(x)
-#endif
+# endif
+# if defined(OPENSSL_SYS_UEFI)
+int EFIAPI BIO_printf(BIO *bio, const char *format, ...)
+# else
int BIO_printf(BIO *bio, const char *format, ...)
- __bio_h__attr__((__format__(__printf__,2,3)));
+# endif
+__bio_h__attr__((__format__(__printf__, 2, 3)));
int BIO_vprintf(BIO *bio, const char *format, va_list args)
- __bio_h__attr__((__format__(__printf__,2,0)));
+__bio_h__attr__((__format__(__printf__, 2, 0)));
+# if defined(OPENSSL_SYS_UEFI)
+int EFIAPI BIO_snprintf(char *buf, size_t n, const char *format, ...)
+# else
int BIO_snprintf(char *buf, size_t n, const char *format, ...)
- __bio_h__attr__((__format__(__printf__,3,4)));
+# endif
+__bio_h__attr__((__format__(__printf__, 3, 4)));
int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
- __bio_h__attr__((__format__(__printf__,3,0)));
-#undef __bio_h__attr__
+__bio_h__attr__((__format__(__printf__, 3, 0)));
+# undef __bio_h__attr__
/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_BIO_strings(void);
@@ -721,69 +815,71 @@ void ERR_load_BIO_strings(void);
/* Error codes for the BIO functions. */
/* Function codes. */
-#define BIO_F_ACPT_STATE 100
-#define BIO_F_BIO_ACCEPT 101
-#define BIO_F_BIO_BER_GET_HEADER 102
-#define BIO_F_BIO_CALLBACK_CTRL 131
-#define BIO_F_BIO_CTRL 103
-#define BIO_F_BIO_GETHOSTBYNAME 120
-#define BIO_F_BIO_GETS 104
-#define BIO_F_BIO_GET_ACCEPT_SOCKET 105
-#define BIO_F_BIO_GET_HOST_IP 106
-#define BIO_F_BIO_GET_PORT 107
-#define BIO_F_BIO_MAKE_PAIR 121
-#define BIO_F_BIO_NEW 108
-#define BIO_F_BIO_NEW_FILE 109
-#define BIO_F_BIO_NEW_MEM_BUF 126
-#define BIO_F_BIO_NREAD 123
-#define BIO_F_BIO_NREAD0 124
-#define BIO_F_BIO_NWRITE 125
-#define BIO_F_BIO_NWRITE0 122
-#define BIO_F_BIO_PUTS 110
-#define BIO_F_BIO_READ 111
-#define BIO_F_BIO_SOCK_INIT 112
-#define BIO_F_BIO_WRITE 113
-#define BIO_F_BUFFER_CTRL 114
-#define BIO_F_CONN_CTRL 127
-#define BIO_F_CONN_STATE 115
-#define BIO_F_FILE_CTRL 116
-#define BIO_F_FILE_READ 130
-#define BIO_F_LINEBUFFER_CTRL 129
-#define BIO_F_MEM_READ 128
-#define BIO_F_MEM_WRITE 117
-#define BIO_F_SSL_NEW 118
-#define BIO_F_WSASTARTUP 119
+# define BIO_F_ACPT_STATE 100
+# define BIO_F_BIO_ACCEPT 101
+# define BIO_F_BIO_BER_GET_HEADER 102
+# define BIO_F_BIO_CALLBACK_CTRL 131
+# define BIO_F_BIO_CTRL 103
+# define BIO_F_BIO_GETHOSTBYNAME 120
+# define BIO_F_BIO_GETS 104
+# define BIO_F_BIO_GET_ACCEPT_SOCKET 105
+# define BIO_F_BIO_GET_HOST_IP 106
+# define BIO_F_BIO_GET_PORT 107
+# define BIO_F_BIO_MAKE_PAIR 121
+# define BIO_F_BIO_NEW 108
+# define BIO_F_BIO_NEW_FILE 109
+# define BIO_F_BIO_NEW_MEM_BUF 126
+# define BIO_F_BIO_NREAD 123
+# define BIO_F_BIO_NREAD0 124
+# define BIO_F_BIO_NWRITE 125
+# define BIO_F_BIO_NWRITE0 122
+# define BIO_F_BIO_PUTS 110
+# define BIO_F_BIO_READ 111
+# define BIO_F_BIO_SOCK_INIT 112
+# define BIO_F_BIO_WRITE 113
+# define BIO_F_BUFFER_CTRL 114
+# define BIO_F_CONN_CTRL 127
+# define BIO_F_CONN_STATE 115
+# define BIO_F_DGRAM_SCTP_READ 132
+# define BIO_F_DGRAM_SCTP_WRITE 133
+# define BIO_F_FILE_CTRL 116
+# define BIO_F_FILE_READ 130
+# define BIO_F_LINEBUFFER_CTRL 129
+# define BIO_F_MEM_READ 128
+# define BIO_F_MEM_WRITE 117
+# define BIO_F_SSL_NEW 118
+# define BIO_F_WSASTARTUP 119
/* Reason codes. */
-#define BIO_R_ACCEPT_ERROR 100
-#define BIO_R_BAD_FOPEN_MODE 101
-#define BIO_R_BAD_HOSTNAME_LOOKUP 102
-#define BIO_R_BROKEN_PIPE 124
-#define BIO_R_CONNECT_ERROR 103
-#define BIO_R_EOF_ON_MEMORY_BIO 127
-#define BIO_R_ERROR_SETTING_NBIO 104
-#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105
-#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106
-#define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
-#define BIO_R_INVALID_ARGUMENT 125
-#define BIO_R_INVALID_IP_ADDRESS 108
-#define BIO_R_IN_USE 123
-#define BIO_R_KEEPALIVE 109
-#define BIO_R_NBIO_CONNECT_ERROR 110
-#define BIO_R_NO_ACCEPT_PORT_SPECIFIED 111
-#define BIO_R_NO_HOSTNAME_SPECIFIED 112
-#define BIO_R_NO_PORT_DEFINED 113
-#define BIO_R_NO_PORT_SPECIFIED 114
-#define BIO_R_NO_SUCH_FILE 128
-#define BIO_R_NULL_PARAMETER 115
-#define BIO_R_TAG_MISMATCH 116
-#define BIO_R_UNABLE_TO_BIND_SOCKET 117
-#define BIO_R_UNABLE_TO_CREATE_SOCKET 118
-#define BIO_R_UNABLE_TO_LISTEN_SOCKET 119
-#define BIO_R_UNINITIALIZED 120
-#define BIO_R_UNSUPPORTED_METHOD 121
-#define BIO_R_WRITE_TO_READ_ONLY_BIO 126
-#define BIO_R_WSASTARTUP 122
+# define BIO_R_ACCEPT_ERROR 100
+# define BIO_R_BAD_FOPEN_MODE 101
+# define BIO_R_BAD_HOSTNAME_LOOKUP 102
+# define BIO_R_BROKEN_PIPE 124
+# define BIO_R_CONNECT_ERROR 103
+# define BIO_R_EOF_ON_MEMORY_BIO 127
+# define BIO_R_ERROR_SETTING_NBIO 104
+# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105
+# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106
+# define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
+# define BIO_R_INVALID_ARGUMENT 125
+# define BIO_R_INVALID_IP_ADDRESS 108
+# define BIO_R_IN_USE 123
+# define BIO_R_KEEPALIVE 109
+# define BIO_R_NBIO_CONNECT_ERROR 110
+# define BIO_R_NO_ACCEPT_PORT_SPECIFIED 111
+# define BIO_R_NO_HOSTNAME_SPECIFIED 112
+# define BIO_R_NO_PORT_DEFINED 113
+# define BIO_R_NO_PORT_SPECIFIED 114
+# define BIO_R_NO_SUCH_FILE 128
+# define BIO_R_NULL_PARAMETER 115
+# define BIO_R_TAG_MISMATCH 116
+# define BIO_R_UNABLE_TO_BIND_SOCKET 117
+# define BIO_R_UNABLE_TO_CREATE_SOCKET 118
+# define BIO_R_UNABLE_TO_LISTEN_SOCKET 119
+# define BIO_R_UNINITIALIZED 120
+# define BIO_R_UNSUPPORTED_METHOD 121
+# define BIO_R_WRITE_TO_READ_ONLY_BIO 126
+# define BIO_R_WSASTARTUP 122
#ifdef __cplusplus
}
diff --git a/Cryptlib/Include/openssl/blowfish.h b/Cryptlib/Include/openssl/blowfish.h
index d24ffcc..8329302 100644
--- a/Cryptlib/Include/openssl/blowfish.h
+++ b/Cryptlib/Include/openssl/blowfish.h
@@ -5,21 +5,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,10 +34,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
@@ -57,69 +57,70 @@
*/
#ifndef HEADER_BLOWFISH_H
-#define HEADER_BLOWFISH_H
+# define HEADER_BLOWFISH_H
-#include
+# include
#ifdef __cplusplus
extern "C" {
#endif
-#ifdef OPENSSL_NO_BF
-#error BF is disabled.
-#endif
+# ifdef OPENSSL_NO_BF
+# error BF is disabled.
+# endif
-#define BF_ENCRYPT 1
-#define BF_DECRYPT 0
+# define BF_ENCRYPT 1
+# define BF_DECRYPT 0
-/*
+/*-
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
* ! BF_LONG has to be at least 32 bits wide. If it's wider, then !
* ! BF_LONG_LOG2 has to be defined along. !
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*/
-#if defined(OPENSSL_SYS_WIN16) || defined(__LP32__)
-#define BF_LONG unsigned long
-#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
-#define BF_LONG unsigned long
-#define BF_LONG_LOG2 3
+# if defined(__LP32__)
+# define BF_LONG unsigned long
+# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
+# define BF_LONG unsigned long
+# define BF_LONG_LOG2 3
/*
* _CRAY note. I could declare short, but I have no idea what impact
* does it have on performance on none-T3E machines. I could declare
* int, but at least on C90 sizeof(int) can be chosen at compile time.
* So I've chosen long...
- *
+ *
*/
-#else
-#define BF_LONG unsigned int
-#endif
+# else
+# define BF_LONG unsigned int
+# endif
-#define BF_ROUNDS 16
-#define BF_BLOCK 8
+# define BF_ROUNDS 16
+# define BF_BLOCK 8
-typedef struct bf_key_st
- {
- BF_LONG P[BF_ROUNDS+2];
- BF_LONG S[4*256];
- } BF_KEY;
+typedef struct bf_key_st {
+ BF_LONG P[BF_ROUNDS + 2];
+ BF_LONG S[4 * 256];
+} BF_KEY;
-#ifdef OPENSSL_FIPS
+# ifdef OPENSSL_FIPS
void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data);
-#endif
+# endif
void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
-void BF_encrypt(BF_LONG *data,const BF_KEY *key);
-void BF_decrypt(BF_LONG *data,const BF_KEY *key);
+void BF_encrypt(BF_LONG *data, const BF_KEY *key);
+void BF_decrypt(BF_LONG *data, const BF_KEY *key);
void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
- const BF_KEY *key, int enc);
+ const BF_KEY *key, int enc);
void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
- const BF_KEY *schedule, unsigned char *ivec, int enc);
-void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length,
- const BF_KEY *schedule, unsigned char *ivec, int *num, int enc);
-void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length,
- const BF_KEY *schedule, unsigned char *ivec, int *num);
+ const BF_KEY *schedule, unsigned char *ivec, int enc);
+void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, const BF_KEY *schedule,
+ unsigned char *ivec, int *num, int enc);
+void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, const BF_KEY *schedule,
+ unsigned char *ivec, int *num);
const char *BF_options(void);
#ifdef __cplusplus
diff --git a/Cryptlib/Include/openssl/bn.h b/Cryptlib/Include/openssl/bn.h
index 688a4e7..5696965 100644
--- a/Cryptlib/Include/openssl/bn.h
+++ b/Cryptlib/Include/openssl/bn.h
@@ -5,21 +5,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,10 +34,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,223 +49,247 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
- * Portions of the attached software ("Contribution") are developed by
+ * Portions of the attached software ("Contribution") are developed by
* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
*
* The Contribution is licensed pursuant to the Eric Young open source
* license provided above.
*
- * The binary polynomial arithmetic software is originally written by
+ * The binary polynomial arithmetic software is originally written by
* Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
*
*/
#ifndef HEADER_BN_H
-#define HEADER_BN_H
+# define HEADER_BN_H
-#include
-#ifndef OPENSSL_NO_FP_API
-#include /* FILE */
-#endif
-#include
+# include
+# ifndef OPENSSL_NO_FP_API
+# include /* FILE */
+# endif
+# include
+# include
#ifdef __cplusplus
extern "C" {
#endif
-/* These preprocessor symbols control various aspects of the bignum headers and
- * library code. They're not defined by any "normal" configuration, as they are
- * intended for development and testing purposes. NB: defining all three can be
- * useful for debugging application code as well as openssl itself.
- *
- * BN_DEBUG - turn on various debugging alterations to the bignum code
- * BN_DEBUG_RAND - uses random poisoning of unused words to trip up
+/*
+ * These preprocessor symbols control various aspects of the bignum headers
+ * and library code. They're not defined by any "normal" configuration, as
+ * they are intended for development and testing purposes. NB: defining all
+ * three can be useful for debugging application code as well as openssl
+ * itself. BN_DEBUG - turn on various debugging alterations to the bignum
+ * code BN_DEBUG_RAND - uses random poisoning of unused words to trip up
* mismanagement of bignum internals. You must also define BN_DEBUG.
*/
/* #define BN_DEBUG */
/* #define BN_DEBUG_RAND */
-#define BN_MUL_COMBA
-#define BN_SQR_COMBA
-#define BN_RECURSION
-
-/* This next option uses the C libraries (2 word)/(1 word) function.
- * If it is not defined, I use my C version (which is slower).
- * The reason for this flag is that when the particular C compiler
- * library routine is used, and the library is linked with a different
- * compiler, the library is missing. This mostly happens when the
- * library is built with gcc and then linked using normal cc. This would
- * be a common occurrence because gcc normally produces code that is
- * 2 times faster than system compilers for the big number stuff.
- * For machines with only one compiler (or shared libraries), this should
- * be on. Again this in only really a problem on machines
- * using "long long's", are 32bit, and are not using my assembler code. */
-#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
- defined(OPENSSL_SYS_WIN32) || defined(linux)
-# ifndef BN_DIV2W
-# define BN_DIV2W
+# ifndef OPENSSL_SMALL_FOOTPRINT
+# define BN_MUL_COMBA
+# define BN_SQR_COMBA
+# define BN_RECURSION
# endif
-#endif
-/* assuming long is 64bit - this is the DEC Alpha
- * unsigned long long is only 64 bits :-(, don't define
- * BN_LLONG for the DEC Alpha */
-#ifdef SIXTY_FOUR_BIT_LONG
-#define BN_ULLONG unsigned long long
-#define BN_ULONG unsigned long
-#define BN_LONG long
-#define BN_BITS 128
-#define BN_BYTES 8
-#define BN_BITS2 64
-#define BN_BITS4 32
-#define BN_MASK (0xffffffffffffffffffffffffffffffffLL)
-#define BN_MASK2 (0xffffffffffffffffL)
-#define BN_MASK2l (0xffffffffL)
-#define BN_MASK2h (0xffffffff00000000L)
-#define BN_MASK2h1 (0xffffffff80000000L)
-#define BN_TBIT (0x8000000000000000L)
-#define BN_DEC_CONV (10000000000000000000UL)
-#define BN_DEC_FMT1 "%lu"
-#define BN_DEC_FMT2 "%019lu"
-#define BN_DEC_NUM 19
-#endif
-
-/* This is where the long long data type is 64 bits, but long is 32.
- * For machines where there are 64bit registers, this is the mode to use.
- * IRIX, on R4000 and above should use this mode, along with the relevant
- * assembler code :-). Do NOT define BN_LLONG.
+/*
+ * This next option uses the C libraries (2 word)/(1 word) function. If it is
+ * not defined, I use my C version (which is slower). The reason for this
+ * flag is that when the particular C compiler library routine is used, and
+ * the library is linked with a different compiler, the library is missing.
+ * This mostly happens when the library is built with gcc and then linked
+ * using normal cc. This would be a common occurrence because gcc normally
+ * produces code that is 2 times faster than system compilers for the big
+ * number stuff. For machines with only one compiler (or shared libraries),
+ * this should be on. Again this in only really a problem on machines using
+ * "long long's", are 32bit, and are not using my assembler code.
*/
-#ifdef SIXTY_FOUR_BIT
-#undef BN_LLONG
-#undef BN_ULLONG
-#define BN_ULONG unsigned long long
-#define BN_LONG long long
-#define BN_BITS 128
-#define BN_BYTES 8
-#define BN_BITS2 64
-#define BN_BITS4 32
-#define BN_MASK2 (0xffffffffffffffffLL)
-#define BN_MASK2l (0xffffffffL)
-#define BN_MASK2h (0xffffffff00000000LL)
-#define BN_MASK2h1 (0xffffffff80000000LL)
-#define BN_TBIT (0x8000000000000000LL)
-#define BN_DEC_CONV (10000000000000000000ULL)
-#define BN_DEC_FMT1 "%llu"
-#define BN_DEC_FMT2 "%019llu"
-#define BN_DEC_NUM 19
-#endif
-
-#ifdef THIRTY_TWO_BIT
-#ifdef BN_LLONG
-# if defined(OPENSSL_SYS_WIN32) && !defined(__GNUC__)
-# define BN_ULLONG unsigned __int64
-# else
-# define BN_ULLONG unsigned long long
+# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
+ defined(OPENSSL_SYS_WIN32) || defined(linux)
+# ifndef BN_DIV2W
+# define BN_DIV2W
+# endif
# endif
-#endif
-#define BN_ULONG unsigned long
-#define BN_LONG long
-#define BN_BITS 64
-#define BN_BYTES 4
-#define BN_BITS2 32
-#define BN_BITS4 16
-#ifdef OPENSSL_SYS_WIN32
-/* VC++ doesn't like the LL suffix */
-#define BN_MASK (0xffffffffffffffffL)
-#else
-#define BN_MASK (0xffffffffffffffffLL)
-#endif
-#define BN_MASK2 (0xffffffffL)
-#define BN_MASK2l (0xffff)
-#define BN_MASK2h1 (0xffff8000L)
-#define BN_MASK2h (0xffff0000L)
-#define BN_TBIT (0x80000000L)
-#define BN_DEC_CONV (1000000000L)
-#define BN_DEC_FMT1 "%lu"
-#define BN_DEC_FMT2 "%09lu"
-#define BN_DEC_NUM 9
-#endif
-#ifdef SIXTEEN_BIT
-#ifndef BN_DIV2W
-#define BN_DIV2W
-#endif
-#define BN_ULLONG unsigned long
-#define BN_ULONG unsigned short
-#define BN_LONG short
-#define BN_BITS 32
-#define BN_BYTES 2
-#define BN_BITS2 16
-#define BN_BITS4 8
-#define BN_MASK (0xffffffff)
-#define BN_MASK2 (0xffff)
-#define BN_MASK2l (0xff)
-#define BN_MASK2h1 (0xff80)
-#define BN_MASK2h (0xff00)
-#define BN_TBIT (0x8000)
-#define BN_DEC_CONV (100000)
-#define BN_DEC_FMT1 "%u"
-#define BN_DEC_FMT2 "%05u"
-#define BN_DEC_NUM 5
-#endif
+/*
+ * assuming long is 64bit - this is the DEC Alpha unsigned long long is only
+ * 64 bits :-(, don't define BN_LLONG for the DEC Alpha
+ */
+# ifdef SIXTY_FOUR_BIT_LONG
+# define BN_ULLONG unsigned long long
+# define BN_ULONG unsigned long
+# define BN_LONG long
+# define BN_BITS 128
+# define BN_BYTES 8
+# define BN_BITS2 64
+# define BN_BITS4 32
+# define BN_MASK (0xffffffffffffffffffffffffffffffffLL)
+# define BN_MASK2 (0xffffffffffffffffL)
+# define BN_MASK2l (0xffffffffL)
+# define BN_MASK2h (0xffffffff00000000L)
+# define BN_MASK2h1 (0xffffffff80000000L)
+# define BN_TBIT (0x8000000000000000L)
+# define BN_DEC_CONV (10000000000000000000UL)
+# define BN_DEC_FMT1 "%lu"
+# define BN_DEC_FMT2 "%019lu"
+# define BN_DEC_NUM 19
+# define BN_HEX_FMT1 "%lX"
+# define BN_HEX_FMT2 "%016lX"
+# endif
-#ifdef EIGHT_BIT
-#ifndef BN_DIV2W
-#define BN_DIV2W
-#endif
-#define BN_ULLONG unsigned short
-#define BN_ULONG unsigned char
-#define BN_LONG char
-#define BN_BITS 16
-#define BN_BYTES 1
-#define BN_BITS2 8
-#define BN_BITS4 4
-#define BN_MASK (0xffff)
-#define BN_MASK2 (0xff)
-#define BN_MASK2l (0xf)
-#define BN_MASK2h1 (0xf8)
-#define BN_MASK2h (0xf0)
-#define BN_TBIT (0x80)
-#define BN_DEC_CONV (100)
-#define BN_DEC_FMT1 "%u"
-#define BN_DEC_FMT2 "%02u"
-#define BN_DEC_NUM 2
-#endif
+/*
+ * This is where the long long data type is 64 bits, but long is 32. For
+ * machines where there are 64bit registers, this is the mode to use. IRIX,
+ * on R4000 and above should use this mode, along with the relevant assembler
+ * code :-). Do NOT define BN_LLONG.
+ */
+# ifdef SIXTY_FOUR_BIT
+# undef BN_LLONG
+# undef BN_ULLONG
+# define BN_ULONG unsigned long long
+# define BN_LONG long long
+# define BN_BITS 128
+# define BN_BYTES 8
+# define BN_BITS2 64
+# define BN_BITS4 32
+# define BN_MASK2 (0xffffffffffffffffLL)
+# define BN_MASK2l (0xffffffffL)
+# define BN_MASK2h (0xffffffff00000000LL)
+# define BN_MASK2h1 (0xffffffff80000000LL)
+# define BN_TBIT (0x8000000000000000LL)
+# define BN_DEC_CONV (10000000000000000000ULL)
+# define BN_DEC_FMT1 "%llu"
+# define BN_DEC_FMT2 "%019llu"
+# define BN_DEC_NUM 19
+# define BN_HEX_FMT1 "%llX"
+# define BN_HEX_FMT2 "%016llX"
+# endif
-#define BN_DEFAULT_BITS 1280
+# ifdef THIRTY_TWO_BIT
+# ifdef BN_LLONG
+# if defined(_WIN32) && !defined(__GNUC__)
+# define BN_ULLONG unsigned __int64
+# define BN_MASK (0xffffffffffffffffI64)
+# else
+# define BN_ULLONG unsigned long long
+# define BN_MASK (0xffffffffffffffffLL)
+# endif
+# endif
+# define BN_ULONG unsigned int
+# define BN_LONG int
+# define BN_BITS 64
+# define BN_BYTES 4
+# define BN_BITS2 32
+# define BN_BITS4 16
+# define BN_MASK2 (0xffffffffL)
+# define BN_MASK2l (0xffff)
+# define BN_MASK2h1 (0xffff8000L)
+# define BN_MASK2h (0xffff0000L)
+# define BN_TBIT (0x80000000L)
+# define BN_DEC_CONV (1000000000L)
+# define BN_DEC_FMT1 "%u"
+# define BN_DEC_FMT2 "%09u"
+# define BN_DEC_NUM 9
+# define BN_HEX_FMT1 "%X"
+# define BN_HEX_FMT2 "%08X"
+# endif
-#define BN_FLG_MALLOCED 0x01
-#define BN_FLG_STATIC_DATA 0x02
-#define BN_FLG_CONSTTIME 0x04 /* avoid leaking exponent information through timing,
- * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
- * BN_div() will call BN_div_no_branch,
- * BN_mod_inverse() will call BN_mod_inverse_no_branch.
- */
+# define BN_DEFAULT_BITS 1280
-#ifndef OPENSSL_NO_DEPRECATED
-#define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME /* deprecated name for the flag */
- /* avoid leaking exponent information through timings
- * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
-#endif
+# define BN_FLG_MALLOCED 0x01
+# define BN_FLG_STATIC_DATA 0x02
-#ifndef OPENSSL_NO_DEPRECATED
-#define BN_FLG_FREE 0x8000 /* used for debuging */
-#endif
-#define BN_set_flags(b,n) ((b)->flags|=(n))
-#define BN_get_flags(b,n) ((b)->flags&(n))
+/*
+ * avoid leaking exponent information through timing,
+ * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
+ * BN_div() will call BN_div_no_branch,
+ * BN_mod_inverse() will call BN_mod_inverse_no_branch.
+ */
+# define BN_FLG_CONSTTIME 0x04
-/* get a clone of a BIGNUM with changed flags, for *temporary* use only
- * (the two BIGNUMs cannot not be used in parallel!) */
-#define BN_with_flags(dest,b,n) ((dest)->d=(b)->d, \
+# ifdef OPENSSL_NO_DEPRECATED
+/* deprecated name for the flag */
+# define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME
+/*
+ * avoid leaking exponent information through timings
+ * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime)
+ */
+# endif
+
+# ifndef OPENSSL_NO_DEPRECATED
+# define BN_FLG_FREE 0x8000
+ /* used for debuging */
+# endif
+# define BN_set_flags(b,n) ((b)->flags|=(n))
+# define BN_get_flags(b,n) ((b)->flags&(n))
+
+/*
+ * get a clone of a BIGNUM with changed flags, for *temporary* use only (the
+ * two BIGNUMs cannot not be used in parallel!)
+ */
+# define BN_with_flags(dest,b,n) ((dest)->d=(b)->d, \
(dest)->top=(b)->top, \
(dest)->dmax=(b)->dmax, \
(dest)->neg=(b)->neg, \
@@ -275,7 +299,7 @@ extern "C" {
| (n)))
/* Already declared in ossl_typ.h */
-#if 0
+# if 0
typedef struct bignum_st BIGNUM;
/* Used for temp variables (declaration hidden in bn_lcl.h) */
typedef struct bignum_ctx BN_CTX;
@@ -283,84 +307,81 @@ typedef struct bn_blinding_st BN_BLINDING;
typedef struct bn_mont_ctx_st BN_MONT_CTX;
typedef struct bn_recp_ctx_st BN_RECP_CTX;
typedef struct bn_gencb_st BN_GENCB;
-#endif
+# endif
-struct bignum_st
- {
- BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */
- int top; /* Index of last used d +1. */
- /* The next are internal book keeping for bn_expand. */
- int dmax; /* Size of the d array. */
- int neg; /* one if the number is negative */
- int flags;
- };
+struct bignum_st {
+ BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit
+ * chunks. */
+ int top; /* Index of last used d +1. */
+ /* The next are internal book keeping for bn_expand. */
+ int dmax; /* Size of the d array. */
+ int neg; /* one if the number is negative */
+ int flags;
+};
/* Used for montgomery multiplication */
-struct bn_mont_ctx_st
- {
- int ri; /* number of bits in R */
- BIGNUM RR; /* used to convert to montgomery form */
- BIGNUM N; /* The modulus */
- BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1
- * (Ni is only stored for bignum algorithm) */
-#if 0
- /* OpenSSL 0.9.9 preview: */
- BN_ULONG n0[2];/* least significant word(s) of Ni */
-#else
- BN_ULONG n0; /* least significant word of Ni */
-#endif
- int flags;
- };
+struct bn_mont_ctx_st {
+ int ri; /* number of bits in R */
+ BIGNUM RR; /* used to convert to montgomery form */
+ BIGNUM N; /* The modulus */
+ BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 (Ni is only
+ * stored for bignum algorithm) */
+ BN_ULONG n0[2]; /* least significant word(s) of Ni; (type
+ * changed with 0.9.9, was "BN_ULONG n0;"
+ * before) */
+ int flags;
+};
-/* Used for reciprocal division/mod functions
- * It cannot be shared between threads
+/*
+ * Used for reciprocal division/mod functions It cannot be shared between
+ * threads
*/
-struct bn_recp_ctx_st
- {
- BIGNUM N; /* the divisor */
- BIGNUM Nr; /* the reciprocal */
- int num_bits;
- int shift;
- int flags;
- };
+struct bn_recp_ctx_st {
+ BIGNUM N; /* the divisor */
+ BIGNUM Nr; /* the reciprocal */
+ int num_bits;
+ int shift;
+ int flags;
+};
/* Used for slow "generation" functions. */
-struct bn_gencb_st
- {
- unsigned int ver; /* To handle binary (in)compatibility */
- void *arg; /* callback-specific data */
- union
- {
- /* if(ver==1) - handles old style callbacks */
- void (*cb_1)(int, int, void *);
- /* if(ver==2) - new callback style */
- int (*cb_2)(int, int, BN_GENCB *);
- } cb;
- };
+struct bn_gencb_st {
+ unsigned int ver; /* To handle binary (in)compatibility */
+ void *arg; /* callback-specific data */
+ union {
+ /* if(ver==1) - handles old style callbacks */
+ void (*cb_1) (int, int, void *);
+ /* if(ver==2) - new callback style */
+ int (*cb_2) (int, int, BN_GENCB *);
+ } cb;
+};
/* Wrapper function to make using BN_GENCB easier, */
int BN_GENCB_call(BN_GENCB *cb, int a, int b);
/* Macro to populate a BN_GENCB structure with an "old"-style callback */
-#define BN_GENCB_set_old(gencb, callback, cb_arg) { \
- BN_GENCB *tmp_gencb = (gencb); \
- tmp_gencb->ver = 1; \
- tmp_gencb->arg = (cb_arg); \
- tmp_gencb->cb.cb_1 = (callback); }
+# define BN_GENCB_set_old(gencb, callback, cb_arg) { \
+ BN_GENCB *tmp_gencb = (gencb); \
+ tmp_gencb->ver = 1; \
+ tmp_gencb->arg = (cb_arg); \
+ tmp_gencb->cb.cb_1 = (callback); }
/* Macro to populate a BN_GENCB structure with a "new"-style callback */
-#define BN_GENCB_set(gencb, callback, cb_arg) { \
- BN_GENCB *tmp_gencb = (gencb); \
- tmp_gencb->ver = 2; \
- tmp_gencb->arg = (cb_arg); \
- tmp_gencb->cb.cb_2 = (callback); }
+# define BN_GENCB_set(gencb, callback, cb_arg) { \
+ BN_GENCB *tmp_gencb = (gencb); \
+ tmp_gencb->ver = 2; \
+ tmp_gencb->arg = (cb_arg); \
+ tmp_gencb->cb.cb_2 = (callback); }
-#define BN_prime_checks 0 /* default: select number of iterations
- based on the size of the number */
+# define BN_prime_checks 0 /* default: select number of iterations based
+ * on the size of the number */
-/* number of Miller-Rabin iterations for an error rate of less than 2^-80
- * for random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook
- * of Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
- * original paper: Damgaard, Landrock, Pomerance: Average case error estimates
- * for the strong probable prime test. -- Math. Comp. 61 (1993) 177-194) */
-#define BN_prime_checks_for_size(b) ((b) >= 1300 ? 2 : \
+/*
+ * number of Miller-Rabin iterations for an error rate of less than 2^-80 for
+ * random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook of
+ * Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
+ * original paper: Damgaard, Landrock, Pomerance: Average case error
+ * estimates for the strong probable prime test. -- Math. Comp. 61 (1993)
+ * 177-194)
+ */
+# define BN_prime_checks_for_size(b) ((b) >= 1300 ? 2 : \
(b) >= 850 ? 3 : \
(b) >= 650 ? 4 : \
(b) >= 550 ? 5 : \
@@ -373,281 +394,319 @@ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
(b) >= 150 ? 18 : \
/* b >= 100 */ 27)
-#define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
+# define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
/* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */
-#define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \
- (((w) == 0) && ((a)->top == 0)))
-#define BN_is_zero(a) ((a)->top == 0)
-#define BN_is_one(a) (BN_abs_is_word((a),1) && !(a)->neg)
-#define BN_is_word(a,w) (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg))
-#define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1))
+# define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \
+ (((w) == 0) && ((a)->top == 0)))
+# define BN_is_zero(a) ((a)->top == 0)
+# define BN_is_one(a) (BN_abs_is_word((a),1) && !(a)->neg)
+# define BN_is_word(a,w) (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg))
+# define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1))
-#define BN_one(a) (BN_set_word((a),1))
-#define BN_zero_ex(a) \
- do { \
- BIGNUM *_tmp_bn = (a); \
- _tmp_bn->top = 0; \
- _tmp_bn->neg = 0; \
- } while(0)
-#ifdef OPENSSL_NO_DEPRECATED
-#define BN_zero(a) BN_zero_ex(a)
-#else
-#define BN_zero(a) (BN_set_word((a),0))
-#endif
+# define BN_one(a) (BN_set_word((a),1))
+# define BN_zero_ex(a) \
+ do { \
+ BIGNUM *_tmp_bn = (a); \
+ _tmp_bn->top = 0; \
+ _tmp_bn->neg = 0; \
+ } while(0)
+# ifdef OPENSSL_NO_DEPRECATED
+# define BN_zero(a) BN_zero_ex(a)
+# else
+# define BN_zero(a) (BN_set_word((a),0))
+# endif
const BIGNUM *BN_value_one(void);
-char * BN_options(void);
+char *BN_options(void);
BN_CTX *BN_CTX_new(void);
-#ifndef OPENSSL_NO_DEPRECATED
-void BN_CTX_init(BN_CTX *c);
-#endif
-void BN_CTX_free(BN_CTX *c);
-void BN_CTX_start(BN_CTX *ctx);
+# ifndef OPENSSL_NO_DEPRECATED
+void BN_CTX_init(BN_CTX *c);
+# endif
+void BN_CTX_free(BN_CTX *c);
+void BN_CTX_start(BN_CTX *ctx);
BIGNUM *BN_CTX_get(BN_CTX *ctx);
-void BN_CTX_end(BN_CTX *ctx);
-int BN_rand(BIGNUM *rnd, int bits, int top,int bottom);
-int BN_pseudo_rand(BIGNUM *rnd, int bits, int top,int bottom);
-int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
-int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
-int BN_num_bits(const BIGNUM *a);
-int BN_num_bits_word(BN_ULONG);
+void BN_CTX_end(BN_CTX *ctx);
+int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
+int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
+int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
+int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
+int BN_num_bits(const BIGNUM *a);
+int BN_num_bits_word(BN_ULONG);
BIGNUM *BN_new(void);
-void BN_init(BIGNUM *);
-void BN_clear_free(BIGNUM *a);
+void BN_init(BIGNUM *);
+void BN_clear_free(BIGNUM *a);
BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
-void BN_swap(BIGNUM *a, BIGNUM *b);
-BIGNUM *BN_bin2bn(const unsigned char *s,int len,BIGNUM *ret);
-int BN_bn2bin(const BIGNUM *a, unsigned char *to);
-BIGNUM *BN_mpi2bn(const unsigned char *s,int len,BIGNUM *ret);
-int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
-int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-int BN_sqr(BIGNUM *r, const BIGNUM *a,BN_CTX *ctx);
+void BN_swap(BIGNUM *a, BIGNUM *b);
+BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+BIGNUM *BN_mpi2bn(const unsigned char *s, int len, BIGNUM *ret);
+int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
/** BN_set_negative sets sign of a BIGNUM
* \param b pointer to the BIGNUM object
- * \param n 0 if the BIGNUM b should be positive and a value != 0 otherwise
+ * \param n 0 if the BIGNUM b should be positive and a value != 0 otherwise
*/
-void BN_set_negative(BIGNUM *b, int n);
+void BN_set_negative(BIGNUM *b, int n);
/** BN_is_negative returns 1 if the BIGNUM is negative
* \param a pointer to the BIGNUM object
* \return 1 if a < 0 and 0 otherwise
*/
-#define BN_is_negative(a) ((a)->neg != 0)
+# define BN_is_negative(a) ((a)->neg != 0)
-int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
- BN_CTX *ctx);
-#define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
-int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
-int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m);
-int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m);
-int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
-int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ctx);
-int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
+int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
+ BN_CTX *ctx);
+# define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
+int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
+int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+ BN_CTX *ctx);
+int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *m);
+int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+ BN_CTX *ctx);
+int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *m);
+int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+ BN_CTX *ctx);
+int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
+int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
+ BN_CTX *ctx);
+int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
-int BN_mul_word(BIGNUM *a, BN_ULONG w);
-int BN_add_word(BIGNUM *a, BN_ULONG w);
-int BN_sub_word(BIGNUM *a, BN_ULONG w);
-int BN_set_word(BIGNUM *a, BN_ULONG w);
+int BN_mul_word(BIGNUM *a, BN_ULONG w);
+int BN_add_word(BIGNUM *a, BN_ULONG w);
+int BN_sub_word(BIGNUM *a, BN_ULONG w);
+int BN_set_word(BIGNUM *a, BN_ULONG w);
BN_ULONG BN_get_word(const BIGNUM *a);
-int BN_cmp(const BIGNUM *a, const BIGNUM *b);
-void BN_free(BIGNUM *a);
-int BN_is_bit_set(const BIGNUM *a, int n);
-int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
-int BN_lshift1(BIGNUM *r, const BIGNUM *a);
-int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,BN_CTX *ctx);
+int BN_cmp(const BIGNUM *a, const BIGNUM *b);
+void BN_free(BIGNUM *a);
+int BN_is_bit_set(const BIGNUM *a, int n);
+int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
+int BN_lshift1(BIGNUM *r, const BIGNUM *a);
+int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m,BN_CTX *ctx);
-int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont);
-int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
- const BIGNUM *a2, const BIGNUM *p2,const BIGNUM *m,
- BN_CTX *ctx,BN_MONT_CTX *m_ctx);
-int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m,BN_CTX *ctx);
+ const BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *in_mont);
+int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
+ const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
+ BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx);
-int BN_mask_bits(BIGNUM *a,int n);
-#ifndef OPENSSL_NO_FP_API
-int BN_print_fp(FILE *fp, const BIGNUM *a);
-#endif
-#ifdef HEADER_BIO_H
-int BN_print(BIO *fp, const BIGNUM *a);
-#else
-int BN_print(void *fp, const BIGNUM *a);
-#endif
-int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
-int BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
-int BN_rshift1(BIGNUM *r, const BIGNUM *a);
-void BN_clear(BIGNUM *a);
+int BN_mask_bits(BIGNUM *a, int n);
+# ifndef OPENSSL_NO_FP_API
+int BN_print_fp(FILE *fp, const BIGNUM *a);
+# endif
+# ifdef HEADER_BIO_H
+int BN_print(BIO *fp, const BIGNUM *a);
+# else
+int BN_print(void *fp, const BIGNUM *a);
+# endif
+int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
+int BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
+int BN_rshift1(BIGNUM *r, const BIGNUM *a);
+void BN_clear(BIGNUM *a);
BIGNUM *BN_dup(const BIGNUM *a);
-int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
-int BN_set_bit(BIGNUM *a, int n);
-int BN_clear_bit(BIGNUM *a, int n);
-char * BN_bn2hex(const BIGNUM *a);
-char * BN_bn2dec(const BIGNUM *a);
-int BN_hex2bn(BIGNUM **a, const char *str);
-int BN_dec2bn(BIGNUM **a, const char *str);
-int BN_gcd(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx);
-int BN_kronecker(const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); /* returns -2 for error */
+int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
+int BN_set_bit(BIGNUM *a, int n);
+int BN_clear_bit(BIGNUM *a, int n);
+char *BN_bn2hex(const BIGNUM *a);
+char *BN_bn2dec(const BIGNUM *a);
+int BN_hex2bn(BIGNUM **a, const char *str);
+int BN_dec2bn(BIGNUM **a, const char *str);
+int BN_asc2bn(BIGNUM **a, const char *str);
+int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); /* returns
+ * -2 for
+ * error */
BIGNUM *BN_mod_inverse(BIGNUM *ret,
- const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx);
+ const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
BIGNUM *BN_mod_sqrt(BIGNUM *ret,
- const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx);
+ const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
-void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
+void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
/* Deprecated versions */
-#ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe,
- const BIGNUM *add, const BIGNUM *rem,
- void (*callback)(int,int,void *),void *cb_arg);
-int BN_is_prime(const BIGNUM *p,int nchecks,
- void (*callback)(int,int,void *),
- BN_CTX *ctx,void *cb_arg);
-int BN_is_prime_fasttest(const BIGNUM *p,int nchecks,
- void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg,
- int do_trial_division);
-#endif /* !defined(OPENSSL_NO_DEPRECATED) */
+# ifndef OPENSSL_NO_DEPRECATED
+BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
+ const BIGNUM *add, const BIGNUM *rem,
+ void (*callback) (int, int, void *), void *cb_arg);
+int BN_is_prime(const BIGNUM *p, int nchecks,
+ void (*callback) (int, int, void *),
+ BN_CTX *ctx, void *cb_arg);
+int BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
+ void (*callback) (int, int, void *), BN_CTX *ctx,
+ void *cb_arg, int do_trial_division);
+# endif /* !defined(OPENSSL_NO_DEPRECATED) */
/* Newer versions */
-int BN_generate_prime_ex(BIGNUM *ret,int bits,int safe, const BIGNUM *add,
- const BIGNUM *rem, BN_GENCB *cb);
-int BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb);
-int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx,
- int do_trial_division, BN_GENCB *cb);
+int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+ const BIGNUM *rem, BN_GENCB *cb);
+int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+ int do_trial_division, BN_GENCB *cb);
int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
- const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2,
- const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb);
-int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
- BIGNUM *Xp1, BIGNUM *Xp2,
- const BIGNUM *Xp,
- const BIGNUM *e, BN_CTX *ctx,
- BN_GENCB *cb);
+ const BIGNUM *Xp, const BIGNUM *Xp1,
+ const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
+ BN_GENCB *cb);
+int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
+ BIGNUM *Xp2, const BIGNUM *Xp, const BIGNUM *e,
+ BN_CTX *ctx, BN_GENCB *cb);
-BN_MONT_CTX *BN_MONT_CTX_new(void );
+BN_MONT_CTX *BN_MONT_CTX_new(void);
void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
-int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,
- BN_MONT_CTX *mont, BN_CTX *ctx);
-#define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\
- (r),(a),&((mont)->RR),(mont),(ctx))
-int BN_from_montgomery(BIGNUM *r,const BIGNUM *a,
- BN_MONT_CTX *mont, BN_CTX *ctx);
+int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ BN_MONT_CTX *mont, BN_CTX *ctx);
+# define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\
+ (r),(a),&((mont)->RR),(mont),(ctx))
+int BN_from_montgomery(BIGNUM *r, const BIGNUM *a,
+ BN_MONT_CTX *mont, BN_CTX *ctx);
void BN_MONT_CTX_free(BN_MONT_CTX *mont);
-int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *mod,BN_CTX *ctx);
-BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from);
+int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx);
+BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
- const BIGNUM *mod, BN_CTX *ctx);
+ const BIGNUM *mod, BN_CTX *ctx);
/* BN_BLINDING flags */
-#define BN_BLINDING_NO_UPDATE 0x00000001
-#define BN_BLINDING_NO_RECREATE 0x00000002
+# define BN_BLINDING_NO_UPDATE 0x00000001
+# define BN_BLINDING_NO_RECREATE 0x00000002
-BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, /* const */ BIGNUM *mod);
+BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
void BN_BLINDING_free(BN_BLINDING *b);
-int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
+int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
-int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *);
+int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+ BN_CTX *);
+# ifndef OPENSSL_NO_DEPRECATED
unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
+# endif
+CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
- const BIGNUM *e, /* const */ BIGNUM *m, BN_CTX *ctx,
- int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
- BN_MONT_CTX *m_ctx);
+ const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+ int (*bn_mod_exp) (BIGNUM *r,
+ const BIGNUM *a,
+ const BIGNUM *p,
+ const BIGNUM *m,
+ BN_CTX *ctx,
+ BN_MONT_CTX *m_ctx),
+ BN_MONT_CTX *m_ctx);
-#ifndef OPENSSL_NO_DEPRECATED
-void BN_set_params(int mul,int high,int low,int mont);
-int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
-#endif
+# ifndef OPENSSL_NO_DEPRECATED
+void BN_set_params(int mul, int high, int low, int mont);
+int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
+# endif
-void BN_RECP_CTX_init(BN_RECP_CTX *recp);
+void BN_RECP_CTX_init(BN_RECP_CTX *recp);
BN_RECP_CTX *BN_RECP_CTX_new(void);
-void BN_RECP_CTX_free(BN_RECP_CTX *recp);
-int BN_RECP_CTX_set(BN_RECP_CTX *recp,const BIGNUM *rdiv,BN_CTX *ctx);
-int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
- BN_RECP_CTX *recp,BN_CTX *ctx);
-int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
- BN_RECP_CTX *recp, BN_CTX *ctx);
+void BN_RECP_CTX_free(BN_RECP_CTX *recp);
+int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *rdiv, BN_CTX *ctx);
+int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
+ BN_RECP_CTX *recp, BN_CTX *ctx);
+int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx);
+int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
+ BN_RECP_CTX *recp, BN_CTX *ctx);
-/* Functions for arithmetic over binary polynomials represented by BIGNUMs.
- *
+# ifndef OPENSSL_NO_EC2M
+
+/*
+ * Functions for arithmetic over binary polynomials represented by BIGNUMs.
* The BIGNUM::neg property of BIGNUMs representing binary polynomials is
- * ignored.
- *
- * Note that input arguments are not const so that their bit arrays can
- * be expanded to the appropriate size if needed.
+ * ignored. Note that input arguments are not const so that their bit arrays
+ * can be expanded to the appropriate size if needed.
*/
-int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); /*r = a + b*/
-#define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
-int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p); /*r=a mod p*/
-int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *p, BN_CTX *ctx); /* r = (a * b) mod p */
-int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- BN_CTX *ctx); /* r = (a * a) mod p */
-int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p,
- BN_CTX *ctx); /* r = (1 / b) mod p */
-int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *p, BN_CTX *ctx); /* r = (a / b) mod p */
-int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *p, BN_CTX *ctx); /* r = (a ^ b) mod p */
-int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- BN_CTX *ctx); /* r = sqrt(a) mod p */
-int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- BN_CTX *ctx); /* r^2 + r = a mod p */
-#define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
-/* Some functions allow for representation of the irreducible polynomials
+/*
+ * r = a + b
+ */
+int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+# define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
+/*
+ * r=a mod p
+ */
+int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p);
+/* r = (a * b) mod p */
+int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *p, BN_CTX *ctx);
+/* r = (a * a) mod p */
+int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+/* r = (1 / b) mod p */
+int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
+/* r = (a / b) mod p */
+int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *p, BN_CTX *ctx);
+/* r = (a ^ b) mod p */
+int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const BIGNUM *p, BN_CTX *ctx);
+/* r = sqrt(a) mod p */
+int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ BN_CTX *ctx);
+/* r^2 + r = a mod p */
+int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ BN_CTX *ctx);
+# define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
+/*-
+ * Some functions allow for representation of the irreducible polynomials
* as an unsigned int[], say p. The irreducible f(t) is then of the form:
* t^p[0] + t^p[1] + ... + t^p[k]
* where m = p[0] > p[1] > ... > p[k] = 0.
*/
-int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[]);
- /* r = a mod p */
-int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const unsigned int p[], BN_CTX *ctx); /* r = (a * b) mod p */
-int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[],
- BN_CTX *ctx); /* r = (a * a) mod p */
-int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const unsigned int p[],
- BN_CTX *ctx); /* r = (1 / b) mod p */
-int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const unsigned int p[], BN_CTX *ctx); /* r = (a / b) mod p */
-int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const unsigned int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */
-int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
- const unsigned int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */
-int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
- const unsigned int p[], BN_CTX *ctx); /* r^2 + r = a mod p */
-int BN_GF2m_poly2arr(const BIGNUM *a, unsigned int p[], int max);
-int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a);
+/* r = a mod p */
+int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
+/* r = (a * b) mod p */
+int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const int p[], BN_CTX *ctx);
+/* r = (a * a) mod p */
+int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
+ BN_CTX *ctx);
+/* r = (1 / b) mod p */
+int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
+ BN_CTX *ctx);
+/* r = (a / b) mod p */
+int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const int p[], BN_CTX *ctx);
+/* r = (a ^ b) mod p */
+int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+ const int p[], BN_CTX *ctx);
+/* r = sqrt(a) mod p */
+int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
+ const int p[], BN_CTX *ctx);
+/* r^2 + r = a mod p */
+int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
+ const int p[], BN_CTX *ctx);
+int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
+int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
-/* faster mod functions for the 'NIST primes'
- * 0 <= a < p^2 */
+# endif
+
+/*
+ * faster mod functions for the 'NIST primes' 0 <= a < p^2
+ */
int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
@@ -662,15 +721,16 @@ const BIGNUM *BN_get0_nist_prime_521(void);
/* library internal functions */
-#define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
- (a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2))
-#define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
+# define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
+ (a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2))
+# define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
BIGNUM *bn_expand2(BIGNUM *a, int words);
-#ifndef OPENSSL_NO_DEPRECATED
+# ifndef OPENSSL_NO_DEPRECATED
BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
-#endif
+# endif
-/* Bignum consistency macros
+/*-
+ * Bignum consistency macros
* There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
* bignum data after direct manipulations on the data. There is also an
* "internal" macro, bn_check_top(), for verifying that there are no leading
@@ -698,84 +758,92 @@ BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
* coverage for openssl's own code.
*/
-#ifdef BN_DEBUG
+# ifdef BN_DEBUG
/* We only need assert() when debugging */
-#include
+# include
-#ifdef BN_DEBUG_RAND
+# ifdef BN_DEBUG_RAND
/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */
-#ifndef RAND_pseudo_bytes
-int RAND_pseudo_bytes(unsigned char *buf,int num);
-#define BN_DEBUG_TRIX
-#endif
-#define bn_pollute(a) \
- do { \
- const BIGNUM *_bnum1 = (a); \
- if(_bnum1->top < _bnum1->dmax) { \
- unsigned char _tmp_char; \
- /* We cast away const without the compiler knowing, any \
- * *genuinely* constant variables that aren't mutable \
- * wouldn't be constructed with top!=dmax. */ \
- BN_ULONG *_not_const; \
- memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
- RAND_pseudo_bytes(&_tmp_char, 1); \
- memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
- (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
- } \
- } while(0)
-#ifdef BN_DEBUG_TRIX
-#undef RAND_pseudo_bytes
-#endif
-#else
-#define bn_pollute(a)
-#endif
-#define bn_check_top(a) \
- do { \
- const BIGNUM *_bnum2 = (a); \
- if (_bnum2 != NULL) { \
- assert((_bnum2->top == 0) || \
- (_bnum2->d[_bnum2->top - 1] != 0)); \
- bn_pollute(_bnum2); \
- } \
- } while(0)
+# ifndef RAND_pseudo_bytes
+int RAND_pseudo_bytes(unsigned char *buf, int num);
+# define BN_DEBUG_TRIX
+# endif
+# define bn_pollute(a) \
+ do { \
+ const BIGNUM *_bnum1 = (a); \
+ if(_bnum1->top < _bnum1->dmax) { \
+ unsigned char _tmp_char; \
+ /* We cast away const without the compiler knowing, any \
+ * *genuinely* constant variables that aren't mutable \
+ * wouldn't be constructed with top!=dmax. */ \
+ BN_ULONG *_not_const; \
+ memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
+ /* Debug only - safe to ignore error return */ \
+ RAND_pseudo_bytes(&_tmp_char, 1); \
+ memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
+ (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
+ } \
+ } while(0)
+# ifdef BN_DEBUG_TRIX
+# undef RAND_pseudo_bytes
+# endif
+# else
+# define bn_pollute(a)
+# endif
+# define bn_check_top(a) \
+ do { \
+ const BIGNUM *_bnum2 = (a); \
+ if (_bnum2 != NULL) { \
+ assert((_bnum2->top == 0) || \
+ (_bnum2->d[_bnum2->top - 1] != 0)); \
+ bn_pollute(_bnum2); \
+ } \
+ } while(0)
-#define bn_fix_top(a) bn_check_top(a)
+# define bn_fix_top(a) bn_check_top(a)
-#define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
-#define bn_wcheck_size(bn, words) \
- do { \
- const BIGNUM *_bnum2 = (bn); \
- assert(words <= (_bnum2)->dmax && words >= (_bnum2)->top); \
- } while(0)
+# define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
+# define bn_wcheck_size(bn, words) \
+ do { \
+ const BIGNUM *_bnum2 = (bn); \
+ assert((words) <= (_bnum2)->dmax && (words) >= (_bnum2)->top); \
+ /* avoid unused variable warning with NDEBUG */ \
+ (void)(_bnum2); \
+ } while(0)
-#else /* !BN_DEBUG */
+# else /* !BN_DEBUG */
-#define bn_pollute(a)
-#define bn_check_top(a)
-#define bn_fix_top(a) bn_correct_top(a)
-#define bn_check_size(bn, bits)
-#define bn_wcheck_size(bn, words)
+# define bn_pollute(a)
+# define bn_check_top(a)
+# define bn_fix_top(a) bn_correct_top(a)
+# define bn_check_size(bn, bits)
+# define bn_wcheck_size(bn, words)
-#endif
+# endif
-#define bn_correct_top(a) \
+# define bn_correct_top(a) \
{ \
BN_ULONG *ftl; \
- if ((a)->top > 0) \
- { \
- for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
- if (*(ftl--)) break; \
- } \
- bn_pollute(a); \
- }
+ int tmp_top = (a)->top; \
+ if (tmp_top > 0) \
+ { \
+ for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
+ if (*(ftl--)) break; \
+ (a)->top = tmp_top; \
+ } \
+ bn_pollute(a); \
+ }
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
+BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num,
+ BN_ULONG w);
BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
-void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
+void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
-BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num);
-BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num);
+BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ int num);
+BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+ int num);
/* Primes from RFC 2409 */
BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
@@ -789,10 +857,11 @@ BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn);
BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn);
BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
-int BN_bntest_rand(BIGNUM *rnd, int bits, int top,int bottom);
+int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_BN_strings(void);
@@ -800,65 +869,69 @@ void ERR_load_BN_strings(void);
/* Error codes for the BN functions. */
/* Function codes. */
-#define BN_F_BNRAND 127
-#define BN_F_BN_BLINDING_CONVERT_EX 100
-#define BN_F_BN_BLINDING_CREATE_PARAM 128
-#define BN_F_BN_BLINDING_INVERT_EX 101
-#define BN_F_BN_BLINDING_NEW 102
-#define BN_F_BN_BLINDING_UPDATE 103
-#define BN_F_BN_BN2DEC 104
-#define BN_F_BN_BN2HEX 105
-#define BN_F_BN_CTX_GET 116
-#define BN_F_BN_CTX_NEW 106
-#define BN_F_BN_CTX_START 129
-#define BN_F_BN_DIV 107
-#define BN_F_BN_DIV_NO_BRANCH 138
-#define BN_F_BN_DIV_RECP 130
-#define BN_F_BN_EXP 123
-#define BN_F_BN_EXPAND2 108
-#define BN_F_BN_EXPAND_INTERNAL 120
-#define BN_F_BN_GF2M_MOD 131
-#define BN_F_BN_GF2M_MOD_EXP 132
-#define BN_F_BN_GF2M_MOD_MUL 133
-#define BN_F_BN_GF2M_MOD_SOLVE_QUAD 134
-#define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135
-#define BN_F_BN_GF2M_MOD_SQR 136
-#define BN_F_BN_GF2M_MOD_SQRT 137
-#define BN_F_BN_MOD_EXP2_MONT 118
-#define BN_F_BN_MOD_EXP_MONT 109
-#define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124
-#define BN_F_BN_MOD_EXP_MONT_WORD 117
-#define BN_F_BN_MOD_EXP_RECP 125
-#define BN_F_BN_MOD_EXP_SIMPLE 126
-#define BN_F_BN_MOD_INVERSE 110
-#define BN_F_BN_MOD_INVERSE_NO_BRANCH 139
-#define BN_F_BN_MOD_LSHIFT_QUICK 119
-#define BN_F_BN_MOD_MUL_RECIPROCAL 111
-#define BN_F_BN_MOD_SQRT 121
-#define BN_F_BN_MPI2BN 112
-#define BN_F_BN_NEW 113
-#define BN_F_BN_RAND 114
-#define BN_F_BN_RAND_RANGE 122
-#define BN_F_BN_USUB 115
+# define BN_F_BNRAND 127
+# define BN_F_BN_BLINDING_CONVERT_EX 100
+# define BN_F_BN_BLINDING_CREATE_PARAM 128
+# define BN_F_BN_BLINDING_INVERT_EX 101
+# define BN_F_BN_BLINDING_NEW 102
+# define BN_F_BN_BLINDING_UPDATE 103
+# define BN_F_BN_BN2DEC 104
+# define BN_F_BN_BN2HEX 105
+# define BN_F_BN_CTX_GET 116
+# define BN_F_BN_CTX_NEW 106
+# define BN_F_BN_CTX_START 129
+# define BN_F_BN_DIV 107
+# define BN_F_BN_DIV_NO_BRANCH 138
+# define BN_F_BN_DIV_RECP 130
+# define BN_F_BN_EXP 123
+# define BN_F_BN_EXPAND2 108
+# define BN_F_BN_EXPAND_INTERNAL 120
+# define BN_F_BN_GF2M_MOD 131
+# define BN_F_BN_GF2M_MOD_EXP 132
+# define BN_F_BN_GF2M_MOD_MUL 133
+# define BN_F_BN_GF2M_MOD_SOLVE_QUAD 134
+# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135
+# define BN_F_BN_GF2M_MOD_SQR 136
+# define BN_F_BN_GF2M_MOD_SQRT 137
+# define BN_F_BN_LSHIFT 145
+# define BN_F_BN_MOD_EXP2_MONT 118
+# define BN_F_BN_MOD_EXP_MONT 109
+# define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124
+# define BN_F_BN_MOD_EXP_MONT_WORD 117
+# define BN_F_BN_MOD_EXP_RECP 125
+# define BN_F_BN_MOD_EXP_SIMPLE 126
+# define BN_F_BN_MOD_INVERSE 110
+# define BN_F_BN_MOD_INVERSE_NO_BRANCH 139
+# define BN_F_BN_MOD_LSHIFT_QUICK 119
+# define BN_F_BN_MOD_MUL_RECIPROCAL 111
+# define BN_F_BN_MOD_SQRT 121
+# define BN_F_BN_MPI2BN 112
+# define BN_F_BN_NEW 113
+# define BN_F_BN_RAND 114
+# define BN_F_BN_RAND_RANGE 122
+# define BN_F_BN_RSHIFT 146
+# define BN_F_BN_USUB 115
/* Reason codes. */
-#define BN_R_ARG2_LT_ARG3 100
-#define BN_R_BAD_RECIPROCAL 101
-#define BN_R_BIGNUM_TOO_LONG 114
-#define BN_R_CALLED_WITH_EVEN_MODULUS 102
-#define BN_R_DIV_BY_ZERO 103
-#define BN_R_ENCODING_ERROR 104
-#define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105
-#define BN_R_INPUT_NOT_REDUCED 110
-#define BN_R_INVALID_LENGTH 106
-#define BN_R_INVALID_RANGE 115
-#define BN_R_NOT_A_SQUARE 111
-#define BN_R_NOT_INITIALIZED 107
-#define BN_R_NO_INVERSE 108
-#define BN_R_NO_SOLUTION 116
-#define BN_R_P_IS_NOT_PRIME 112
-#define BN_R_TOO_MANY_ITERATIONS 113
-#define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109
+# define BN_R_ARG2_LT_ARG3 100
+# define BN_R_BAD_RECIPROCAL 101
+# define BN_R_BIGNUM_TOO_LONG 114
+# define BN_R_BITS_TOO_SMALL 118
+# define BN_R_CALLED_WITH_EVEN_MODULUS 102
+# define BN_R_DIV_BY_ZERO 103
+# define BN_R_ENCODING_ERROR 104
+# define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105
+# define BN_R_INPUT_NOT_REDUCED 110
+# define BN_R_INVALID_LENGTH 106
+# define BN_R_INVALID_RANGE 115
+# define BN_R_INVALID_SHIFT 119
+# define BN_R_NOT_A_SQUARE 111
+# define BN_R_NOT_INITIALIZED 107
+# define BN_R_NO_INVERSE 108
+# define BN_R_NO_SOLUTION 116
+# define BN_R_P_IS_NOT_PRIME 112
+# define BN_R_TOO_MANY_ITERATIONS 113
+# define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109
#ifdef __cplusplus
}
diff --git a/Cryptlib/Include/openssl/buffer.h b/Cryptlib/Include/openssl/buffer.h
index 1db9607..c343dd7 100644
--- a/Cryptlib/Include/openssl/buffer.h
+++ b/Cryptlib/Include/openssl/buffer.h
@@ -5,21 +5,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,10 +34,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
@@ -57,45 +57,46 @@
*/
#ifndef HEADER_BUFFER_H
-#define HEADER_BUFFER_H
+# define HEADER_BUFFER_H
-#include
+# include
#ifdef __cplusplus
extern "C" {
#endif
-#include
+# include
-#if !defined(NO_SYS_TYPES_H)
-#include
-#endif
+# if !defined(NO_SYS_TYPES_H)
+# include
+# endif
/* Already declared in ossl_typ.h */
/* typedef struct buf_mem_st BUF_MEM; */
-struct buf_mem_st
- {
- int length; /* current number of bytes */
- char *data;
- int max; /* size of buffer */
- };
+struct buf_mem_st {
+ size_t length; /* current number of bytes */
+ char *data;
+ size_t max; /* size of buffer */
+};
BUF_MEM *BUF_MEM_new(void);
-void BUF_MEM_free(BUF_MEM *a);
-int BUF_MEM_grow(BUF_MEM *str, int len);
-int BUF_MEM_grow_clean(BUF_MEM *str, int len);
-char * BUF_strdup(const char *str);
-char * BUF_strndup(const char *str, size_t siz);
-void * BUF_memdup(const void *data, size_t siz);
+void BUF_MEM_free(BUF_MEM *a);
+int BUF_MEM_grow(BUF_MEM *str, size_t len);
+int BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
+size_t BUF_strnlen(const char *str, size_t maxlen);
+char *BUF_strdup(const char *str);
+char *BUF_strndup(const char *str, size_t siz);
+void *BUF_memdup(const void *data, size_t siz);
+void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
/* safe string functions */
-size_t BUF_strlcpy(char *dst,const char *src,size_t siz);
-size_t BUF_strlcat(char *dst,const char *src,size_t siz);
-
+size_t BUF_strlcpy(char *dst, const char *src, size_t siz);
+size_t BUF_strlcat(char *dst, const char *src, size_t siz);
/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_BUF_strings(void);
@@ -103,12 +104,12 @@ void ERR_load_BUF_strings(void);
/* Error codes for the BUF functions. */
/* Function codes. */
-#define BUF_F_BUF_MEMDUP 103
-#define BUF_F_BUF_MEM_GROW 100
-#define BUF_F_BUF_MEM_GROW_CLEAN 105
-#define BUF_F_BUF_MEM_NEW 101
-#define BUF_F_BUF_STRDUP 102
-#define BUF_F_BUF_STRNDUP 104
+# define BUF_F_BUF_MEMDUP 103
+# define BUF_F_BUF_MEM_GROW 100
+# define BUF_F_BUF_MEM_GROW_CLEAN 105
+# define BUF_F_BUF_MEM_NEW 101
+# define BUF_F_BUF_STRDUP 102
+# define BUF_F_BUF_STRNDUP 104
/* Reason codes. */
diff --git a/Cryptlib/Include/openssl/camellia.h b/Cryptlib/Include/openssl/camellia.h
new file mode 100644
index 0000000..9be7c0f
--- /dev/null
+++ b/Cryptlib/Include/openssl/camellia.h
@@ -0,0 +1,132 @@
+/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef HEADER_CAMELLIA_H
+# define HEADER_CAMELLIA_H
+
+# include
+
+# ifdef OPENSSL_NO_CAMELLIA
+# error CAMELLIA is disabled.
+# endif
+
+# include
+
+# define CAMELLIA_ENCRYPT 1
+# define CAMELLIA_DECRYPT 0
+
+/*
+ * Because array size can't be a const in C, the following two are macros.
+ * Both sizes are in bytes.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* This should be a hidden type, but EVP requires that the size be known */
+
+# define CAMELLIA_BLOCK_SIZE 16
+# define CAMELLIA_TABLE_BYTE_LEN 272
+# define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
+
+typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match
+ * with WORD */
+
+struct camellia_key_st {
+ union {
+ double d; /* ensures 64-bit align */
+ KEY_TABLE_TYPE rd_key;
+ } u;
+ int grand_rounds;
+};
+typedef struct camellia_key_st CAMELLIA_KEY;
+
+# ifdef OPENSSL_FIPS
+int private_Camellia_set_key(const unsigned char *userKey, const int bits,
+ CAMELLIA_KEY *key);
+# endif
+int Camellia_set_key(const unsigned char *userKey, const int bits,
+ CAMELLIA_KEY *key);
+
+void Camellia_encrypt(const unsigned char *in, unsigned char *out,
+ const CAMELLIA_KEY *key);
+void Camellia_decrypt(const unsigned char *in, unsigned char *out,
+ const CAMELLIA_KEY *key);
+
+void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ const CAMELLIA_KEY *key, const int enc);
+void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, const int enc);
+void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num, const int enc);
+void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char *ivec, int *num);
+void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+ size_t length, const CAMELLIA_KEY *key,
+ unsigned char ivec[CAMELLIA_BLOCK_SIZE],
+ unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
+ unsigned int *num);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* !HEADER_Camellia_H */
diff --git a/Cryptlib/Include/openssl/cast.h b/Cryptlib/Include/openssl/cast.h
index 6e0cd31..0003ec9 100644
--- a/Cryptlib/Include/openssl/cast.h
+++ b/Cryptlib/Include/openssl/cast.h
@@ -5,21 +5,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,10 +34,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
@@ -57,48 +57,48 @@
*/
#ifndef HEADER_CAST_H
-#define HEADER_CAST_H
+# define HEADER_CAST_H
#ifdef __cplusplus
extern "C" {
#endif
-#include
+# include
-#ifdef OPENSSL_NO_CAST
-#error CAST is disabled.
-#endif
+# ifdef OPENSSL_NO_CAST
+# error CAST is disabled.
+# endif
-#define CAST_ENCRYPT 1
-#define CAST_DECRYPT 0
+# define CAST_ENCRYPT 1
+# define CAST_DECRYPT 0
-#define CAST_LONG unsigned long
+# define CAST_LONG unsigned int
-#define CAST_BLOCK 8
-#define CAST_KEY_LENGTH 16
+# define CAST_BLOCK 8
+# define CAST_KEY_LENGTH 16
-typedef struct cast_key_st
- {
- CAST_LONG data[32];
- int short_key; /* Use reduced rounds for short key */
- } CAST_KEY;
+typedef struct cast_key_st {
+ CAST_LONG data[32];
+ int short_key; /* Use reduced rounds for short key */
+} CAST_KEY;
-#ifdef OPENSSL_FIPS
+# ifdef OPENSSL_FIPS
void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
-#endif
+# endif
void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
-void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, const CAST_KEY *key,
- int enc);
+void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
+ const CAST_KEY *key, int enc);
void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key);
void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key);
-void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
- const CAST_KEY *ks, unsigned char *iv, int enc);
+void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ long length, const CAST_KEY *ks, unsigned char *iv,
+ int enc);
void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, const CAST_KEY *schedule, unsigned char *ivec,
- int *num, int enc);
-void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
- long length, const CAST_KEY *schedule, unsigned char *ivec,
- int *num);
+ long length, const CAST_KEY *schedule,
+ unsigned char *ivec, int *num, int enc);
+void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, const CAST_KEY *schedule,
+ unsigned char *ivec, int *num);
#ifdef __cplusplus
}
diff --git a/Cryptlib/Include/openssl/cmac.h b/Cryptlib/Include/openssl/cmac.h
new file mode 100644
index 0000000..175be83
--- /dev/null
+++ b/Cryptlib/Include/openssl/cmac.h
@@ -0,0 +1,82 @@
+/* crypto/cmac/cmac.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_CMAC_H
+# define HEADER_CMAC_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# include
+
+/* Opaque */
+typedef struct CMAC_CTX_st CMAC_CTX;
+
+CMAC_CTX *CMAC_CTX_new(void);
+void CMAC_CTX_cleanup(CMAC_CTX *ctx);
+void CMAC_CTX_free(CMAC_CTX *ctx);
+EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx);
+int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in);
+
+int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
+ const EVP_CIPHER *cipher, ENGINE *impl);
+int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen);
+int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen);
+int CMAC_resume(CMAC_CTX *ctx);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/Cryptlib/Include/openssl/cms.h b/Cryptlib/Include/openssl/cms.h
new file mode 100644
index 0000000..e6c7f96
--- /dev/null
+++ b/Cryptlib/Include/openssl/cms.h
@@ -0,0 +1,555 @@
+/* crypto/cms/cms.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_CMS_H
+# define HEADER_CMS_H
+
+# include
+
+# ifdef OPENSSL_NO_CMS
+# error CMS is disabled.
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct CMS_ContentInfo_st CMS_ContentInfo;
+typedef struct CMS_SignerInfo_st CMS_SignerInfo;
+typedef struct CMS_CertificateChoices CMS_CertificateChoices;
+typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
+typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
+typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
+typedef struct CMS_Receipt_st CMS_Receipt;
+typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
+typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
+
+DECLARE_STACK_OF(CMS_SignerInfo)
+DECLARE_STACK_OF(GENERAL_NAMES)
+DECLARE_STACK_OF(CMS_RecipientEncryptedKey)
+DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
+DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
+DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
+
+# define CMS_SIGNERINFO_ISSUER_SERIAL 0
+# define CMS_SIGNERINFO_KEYIDENTIFIER 1
+
+# define CMS_RECIPINFO_NONE -1
+# define CMS_RECIPINFO_TRANS 0
+# define CMS_RECIPINFO_AGREE 1
+# define CMS_RECIPINFO_KEK 2
+# define CMS_RECIPINFO_PASS 3
+# define CMS_RECIPINFO_OTHER 4
+
+/* S/MIME related flags */
+
+# define CMS_TEXT 0x1
+# define CMS_NOCERTS 0x2
+# define CMS_NO_CONTENT_VERIFY 0x4
+# define CMS_NO_ATTR_VERIFY 0x8
+# define CMS_NOSIGS \
+ (CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY)
+# define CMS_NOINTERN 0x10
+# define CMS_NO_SIGNER_CERT_VERIFY 0x20
+# define CMS_NOVERIFY 0x20
+# define CMS_DETACHED 0x40
+# define CMS_BINARY 0x80
+# define CMS_NOATTR 0x100
+# define CMS_NOSMIMECAP 0x200
+# define CMS_NOOLDMIMETYPE 0x400
+# define CMS_CRLFEOL 0x800
+# define CMS_STREAM 0x1000
+# define CMS_NOCRL 0x2000
+# define CMS_PARTIAL 0x4000
+# define CMS_REUSE_DIGEST 0x8000
+# define CMS_USE_KEYID 0x10000
+# define CMS_DEBUG_DECRYPT 0x20000
+# define CMS_KEY_PARAM 0x40000
+
+const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
+
+BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont);
+int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio);
+
+ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);
+int CMS_is_detached(CMS_ContentInfo *cms);
+int CMS_set_detached(CMS_ContentInfo *cms, int detached);
+
+# ifdef HEADER_PEM_H
+DECLARE_PEM_rw_const(CMS, CMS_ContentInfo)
+# endif
+int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
+CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
+int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
+
+BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
+int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
+int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
+ int flags);
+CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
+int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
+
+int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
+ unsigned int flags);
+
+CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
+ STACK_OF(X509) *certs, BIO *data,
+ unsigned int flags);
+
+CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
+ X509 *signcert, EVP_PKEY *pkey,
+ STACK_OF(X509) *certs, unsigned int flags);
+
+int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
+CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
+
+int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
+ unsigned int flags);
+CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
+ unsigned int flags);
+
+int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
+ const unsigned char *key, size_t keylen,
+ BIO *dcont, BIO *out, unsigned int flags);
+
+CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
+ const unsigned char *key,
+ size_t keylen, unsigned int flags);
+
+int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
+ const unsigned char *key, size_t keylen);
+
+int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
+ X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags);
+
+int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
+ STACK_OF(X509) *certs,
+ X509_STORE *store, unsigned int flags);
+
+STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
+
+CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
+ const EVP_CIPHER *cipher, unsigned int flags);
+
+int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
+ BIO *dcont, BIO *out, unsigned int flags);
+
+int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
+int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
+ unsigned char *key, size_t keylen,
+ unsigned char *id, size_t idlen);
+int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
+ unsigned char *pass, ossl_ssize_t passlen);
+
+STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri);
+CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
+CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
+ X509 *recip, unsigned int flags);
+int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
+ EVP_PKEY **pk, X509 **recip,
+ X509_ALGOR **palg);
+int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+ ASN1_OCTET_STRING **keyid,
+ X509_NAME **issuer,
+ ASN1_INTEGER **sno);
+
+CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
+ unsigned char *key, size_t keylen,
+ unsigned char *id, size_t idlen,
+ ASN1_GENERALIZEDTIME *date,
+ ASN1_OBJECT *otherTypeId,
+ ASN1_TYPE *otherType);
+
+int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
+ X509_ALGOR **palg,
+ ASN1_OCTET_STRING **pid,
+ ASN1_GENERALIZEDTIME **pdate,
+ ASN1_OBJECT **potherid,
+ ASN1_TYPE **pothertype);
+
+int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
+ unsigned char *key, size_t keylen);
+
+int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
+ const unsigned char *id, size_t idlen);
+
+int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
+ unsigned char *pass,
+ ossl_ssize_t passlen);
+
+CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
+ int iter, int wrap_nid,
+ int pbe_nid,
+ unsigned char *pass,
+ ossl_ssize_t passlen,
+ const EVP_CIPHER *kekciph);
+
+int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+
+int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
+ unsigned int flags);
+CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
+
+int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
+const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
+
+CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms);
+int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
+int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
+STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms);
+int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
+
+int CMS_SignedData_init(CMS_ContentInfo *cms);
+CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
+ X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
+ unsigned int flags);
+EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si);
+EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si);
+STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
+
+void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
+int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
+ ASN1_OCTET_STRING **keyid,
+ X509_NAME **issuer, ASN1_INTEGER **sno);
+int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
+int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
+ unsigned int flags);
+void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk,
+ X509 **signer, X509_ALGOR **pdig,
+ X509_ALGOR **psig);
+ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
+int CMS_SignerInfo_sign(CMS_SignerInfo *si);
+int CMS_SignerInfo_verify(CMS_SignerInfo *si);
+int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
+
+int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs);
+int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
+ int algnid, int keysize);
+int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap);
+
+int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
+int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
+ int lastpos);
+int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
+ int lastpos);
+X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
+X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
+int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
+int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
+ const ASN1_OBJECT *obj, int type,
+ const void *bytes, int len);
+int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
+ int nid, int type,
+ const void *bytes, int len);
+int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
+ const char *attrname, int type,
+ const void *bytes, int len);
+void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
+ int lastpos, int type);
+
+int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
+int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
+ int lastpos);
+int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
+ int lastpos);
+X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
+X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
+int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
+int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
+ const ASN1_OBJECT *obj, int type,
+ const void *bytes, int len);
+int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
+ int nid, int type,
+ const void *bytes, int len);
+int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
+ const char *attrname, int type,
+ const void *bytes, int len);
+void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
+ int lastpos, int type);
+
+# ifdef HEADER_X509V3_H
+
+int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
+CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
+ int allorfirst,
+ STACK_OF(GENERAL_NAMES)
+ *receiptList, STACK_OF(GENERAL_NAMES)
+ *receiptsTo);
+int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
+void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
+ ASN1_STRING **pcid,
+ int *pallorfirst,
+ STACK_OF(GENERAL_NAMES) **plist,
+ STACK_OF(GENERAL_NAMES) **prto);
+# endif
+int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri,
+ X509_ALGOR **palg,
+ ASN1_OCTET_STRING **pukm);
+STACK_OF(CMS_RecipientEncryptedKey)
+*CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri);
+
+int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri,
+ X509_ALGOR **pubalg,
+ ASN1_BIT_STRING **pubkey,
+ ASN1_OCTET_STRING **keyid,
+ X509_NAME **issuer,
+ ASN1_INTEGER **sno);
+
+int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert);
+
+int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek,
+ ASN1_OCTET_STRING **keyid,
+ ASN1_GENERALIZEDTIME **tm,
+ CMS_OtherKeyAttribute **other,
+ X509_NAME **issuer, ASN1_INTEGER **sno);
+int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek,
+ X509 *cert);
+int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk);
+EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri);
+int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
+ CMS_RecipientInfo *ri,
+ CMS_RecipientEncryptedKey *rek);
+
+int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
+ ASN1_OCTET_STRING *ukm, int keylen);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_CMS_strings(void);
+
+/* Error codes for the CMS functions. */
+
+/* Function codes. */
+# define CMS_F_CHECK_CONTENT 99
+# define CMS_F_CMS_ADD0_CERT 164
+# define CMS_F_CMS_ADD0_RECIPIENT_KEY 100
+# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 165
+# define CMS_F_CMS_ADD1_RECEIPTREQUEST 158
+# define CMS_F_CMS_ADD1_RECIPIENT_CERT 101
+# define CMS_F_CMS_ADD1_SIGNER 102
+# define CMS_F_CMS_ADD1_SIGNINGTIME 103
+# define CMS_F_CMS_COMPRESS 104
+# define CMS_F_CMS_COMPRESSEDDATA_CREATE 105
+# define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 106
+# define CMS_F_CMS_COPY_CONTENT 107
+# define CMS_F_CMS_COPY_MESSAGEDIGEST 108
+# define CMS_F_CMS_DATA 109
+# define CMS_F_CMS_DATAFINAL 110
+# define CMS_F_CMS_DATAINIT 111
+# define CMS_F_CMS_DECRYPT 112
+# define CMS_F_CMS_DECRYPT_SET1_KEY 113
+# define CMS_F_CMS_DECRYPT_SET1_PASSWORD 166
+# define CMS_F_CMS_DECRYPT_SET1_PKEY 114
+# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115
+# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116
+# define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 117
+# define CMS_F_CMS_DIGEST_VERIFY 118
+# define CMS_F_CMS_ENCODE_RECEIPT 161
+# define CMS_F_CMS_ENCRYPT 119
+# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 120
+# define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 121
+# define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 122
+# define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 123
+# define CMS_F_CMS_ENVELOPEDDATA_CREATE 124
+# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 125
+# define CMS_F_CMS_ENVELOPED_DATA_INIT 126
+# define CMS_F_CMS_ENV_ASN1_CTRL 171
+# define CMS_F_CMS_FINAL 127
+# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 128
+# define CMS_F_CMS_GET0_CONTENT 129
+# define CMS_F_CMS_GET0_ECONTENT_TYPE 130
+# define CMS_F_CMS_GET0_ENVELOPED 131
+# define CMS_F_CMS_GET0_REVOCATION_CHOICES 132
+# define CMS_F_CMS_GET0_SIGNED 133
+# define CMS_F_CMS_MSGSIGDIGEST_ADD1 162
+# define CMS_F_CMS_RECEIPTREQUEST_CREATE0 159
+# define CMS_F_CMS_RECEIPT_VERIFY 160
+# define CMS_F_CMS_RECIPIENTINFO_DECRYPT 134
+# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 169
+# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 178
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 175
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 173
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS 172
+# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP 174
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 135
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 136
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 137
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 138
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 139
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 140
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143
+# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 167
+# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144
+# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168
+# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145
+# define CMS_F_CMS_SD_ASN1_CTRL 170
+# define CMS_F_CMS_SET1_IAS 176
+# define CMS_F_CMS_SET1_KEYID 177
+# define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146
+# define CMS_F_CMS_SET_DETACHED 147
+# define CMS_F_CMS_SIGN 148
+# define CMS_F_CMS_SIGNED_DATA_INIT 149
+# define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 150
+# define CMS_F_CMS_SIGNERINFO_SIGN 151
+# define CMS_F_CMS_SIGNERINFO_VERIFY 152
+# define CMS_F_CMS_SIGNERINFO_VERIFY_CERT 153
+# define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 154
+# define CMS_F_CMS_SIGN_RECEIPT 163
+# define CMS_F_CMS_STREAM 155
+# define CMS_F_CMS_UNCOMPRESS 156
+# define CMS_F_CMS_VERIFY 157
+
+/* Reason codes. */
+# define CMS_R_ADD_SIGNER_ERROR 99
+# define CMS_R_CERTIFICATE_ALREADY_PRESENT 175
+# define CMS_R_CERTIFICATE_HAS_NO_KEYID 160
+# define CMS_R_CERTIFICATE_VERIFY_ERROR 100
+# define CMS_R_CIPHER_INITIALISATION_ERROR 101
+# define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102
+# define CMS_R_CMS_DATAFINAL_ERROR 103
+# define CMS_R_CMS_LIB 104
+# define CMS_R_CONTENTIDENTIFIER_MISMATCH 170
+# define CMS_R_CONTENT_NOT_FOUND 105
+# define CMS_R_CONTENT_TYPE_MISMATCH 171
+# define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA 106
+# define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA 107
+# define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA 108
+# define CMS_R_CONTENT_VERIFY_ERROR 109
+# define CMS_R_CTRL_ERROR 110
+# define CMS_R_CTRL_FAILURE 111
+# define CMS_R_DECRYPT_ERROR 112
+# define CMS_R_DIGEST_ERROR 161
+# define CMS_R_ERROR_GETTING_PUBLIC_KEY 113
+# define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114
+# define CMS_R_ERROR_SETTING_KEY 115
+# define CMS_R_ERROR_SETTING_RECIPIENTINFO 116
+# define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
+# define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176
+# define CMS_R_INVALID_KEY_LENGTH 118
+# define CMS_R_MD_BIO_INIT_ERROR 119
+# define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
+# define CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121
+# define CMS_R_MSGSIGDIGEST_ERROR 172
+# define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE 162
+# define CMS_R_MSGSIGDIGEST_WRONG_LENGTH 163
+# define CMS_R_NEED_ONE_SIGNER 164
+# define CMS_R_NOT_A_SIGNED_RECEIPT 165
+# define CMS_R_NOT_ENCRYPTED_DATA 122
+# define CMS_R_NOT_KEK 123
+# define CMS_R_NOT_KEY_AGREEMENT 181
+# define CMS_R_NOT_KEY_TRANSPORT 124
+# define CMS_R_NOT_PWRI 177
+# define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125
+# define CMS_R_NO_CIPHER 126
+# define CMS_R_NO_CONTENT 127
+# define CMS_R_NO_CONTENT_TYPE 173
+# define CMS_R_NO_DEFAULT_DIGEST 128
+# define CMS_R_NO_DIGEST_SET 129
+# define CMS_R_NO_KEY 130
+# define CMS_R_NO_KEY_OR_CERT 174
+# define CMS_R_NO_MATCHING_DIGEST 131
+# define CMS_R_NO_MATCHING_RECIPIENT 132
+# define CMS_R_NO_MATCHING_SIGNATURE 166
+# define CMS_R_NO_MSGSIGDIGEST 167
+# define CMS_R_NO_PASSWORD 178
+# define CMS_R_NO_PRIVATE_KEY 133
+# define CMS_R_NO_PUBLIC_KEY 134
+# define CMS_R_NO_RECEIPT_REQUEST 168
+# define CMS_R_NO_SIGNERS 135
+# define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136
+# define CMS_R_RECEIPT_DECODE_ERROR 169
+# define CMS_R_RECIPIENT_ERROR 137
+# define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138
+# define CMS_R_SIGNFINAL_ERROR 139
+# define CMS_R_SMIME_TEXT_ERROR 140
+# define CMS_R_STORE_INIT_ERROR 141
+# define CMS_R_TYPE_NOT_COMPRESSED_DATA 142
+# define CMS_R_TYPE_NOT_DATA 143
+# define CMS_R_TYPE_NOT_DIGESTED_DATA 144
+# define CMS_R_TYPE_NOT_ENCRYPTED_DATA 145
+# define CMS_R_TYPE_NOT_ENVELOPED_DATA 146
+# define CMS_R_UNABLE_TO_FINALIZE_CONTEXT 147
+# define CMS_R_UNKNOWN_CIPHER 148
+# define CMS_R_UNKNOWN_DIGEST_ALGORIHM 149
+# define CMS_R_UNKNOWN_ID 150
+# define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
+# define CMS_R_UNSUPPORTED_CONTENT_TYPE 152
+# define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
+# define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179
+# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
+# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE 155
+# define CMS_R_UNSUPPORTED_TYPE 156
+# define CMS_R_UNWRAP_ERROR 157
+# define CMS_R_UNWRAP_FAILURE 180
+# define CMS_R_VERIFICATION_FAILURE 158
+# define CMS_R_WRAP_ERROR 159
+
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/Cryptlib/Include/openssl/comp.h b/Cryptlib/Include/openssl/comp.h
index 4b405c7..406c428 100644
--- a/Cryptlib/Include/openssl/comp.h
+++ b/Cryptlib/Include/openssl/comp.h
@@ -1,8 +1,8 @@
#ifndef HEADER_COMP_H
-#define HEADER_COMP_H
+# define HEADER_COMP_H
-#include
+# include
#ifdef __cplusplus
extern "C" {
@@ -10,53 +10,52 @@ extern "C" {
typedef struct comp_ctx_st COMP_CTX;
-typedef struct comp_method_st
- {
- int type; /* NID for compression library */
- const char *name; /* A text string to identify the library */
- int (*init)(COMP_CTX *ctx);
- void (*finish)(COMP_CTX *ctx);
- int (*compress)(COMP_CTX *ctx,
- unsigned char *out, unsigned int olen,
- unsigned char *in, unsigned int ilen);
- int (*expand)(COMP_CTX *ctx,
- unsigned char *out, unsigned int olen,
- unsigned char *in, unsigned int ilen);
- /* The following two do NOTHING, but are kept for backward compatibility */
- long (*ctrl)(void);
- long (*callback_ctrl)(void);
- } COMP_METHOD;
-
-struct comp_ctx_st
- {
- COMP_METHOD *meth;
- unsigned long compress_in;
- unsigned long compress_out;
- unsigned long expand_in;
- unsigned long expand_out;
-
- CRYPTO_EX_DATA ex_data;
- };
+typedef struct comp_method_st {
+ int type; /* NID for compression library */
+ const char *name; /* A text string to identify the library */
+ int (*init) (COMP_CTX *ctx);
+ void (*finish) (COMP_CTX *ctx);
+ int (*compress) (COMP_CTX *ctx,
+ unsigned char *out, unsigned int olen,
+ unsigned char *in, unsigned int ilen);
+ int (*expand) (COMP_CTX *ctx,
+ unsigned char *out, unsigned int olen,
+ unsigned char *in, unsigned int ilen);
+ /*
+ * The following two do NOTHING, but are kept for backward compatibility
+ */
+ long (*ctrl) (void);
+ long (*callback_ctrl) (void);
+} COMP_METHOD;
+struct comp_ctx_st {
+ COMP_METHOD *meth;
+ unsigned long compress_in;
+ unsigned long compress_out;
+ unsigned long expand_in;
+ unsigned long expand_out;
+ CRYPTO_EX_DATA ex_data;
+};
COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
void COMP_CTX_free(COMP_CTX *ctx);
int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
- unsigned char *in, int ilen);
+ unsigned char *in, int ilen);
int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
- unsigned char *in, int ilen);
-COMP_METHOD *COMP_rle(void );
-COMP_METHOD *COMP_zlib(void );
+ unsigned char *in, int ilen);
+COMP_METHOD *COMP_rle(void);
+COMP_METHOD *COMP_zlib(void);
void COMP_zlib_cleanup(void);
-#ifdef HEADER_BIO_H
-#ifdef ZLIB
+# ifdef HEADER_BIO_H
+# ifdef ZLIB
BIO_METHOD *BIO_f_zlib(void);
-#endif
-#endif
+# endif
+# endif
/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_COMP_strings(void);
@@ -64,15 +63,15 @@ void ERR_load_COMP_strings(void);
/* Error codes for the COMP functions. */
/* Function codes. */
-#define COMP_F_BIO_ZLIB_FLUSH 99
-#define COMP_F_BIO_ZLIB_NEW 100
-#define COMP_F_BIO_ZLIB_READ 101
-#define COMP_F_BIO_ZLIB_WRITE 102
+# define COMP_F_BIO_ZLIB_FLUSH 99
+# define COMP_F_BIO_ZLIB_NEW 100
+# define COMP_F_BIO_ZLIB_READ 101
+# define COMP_F_BIO_ZLIB_WRITE 102
/* Reason codes. */
-#define COMP_R_ZLIB_DEFLATE_ERROR 99
-#define COMP_R_ZLIB_INFLATE_ERROR 100
-#define COMP_R_ZLIB_NOT_SUPPORTED 101
+# define COMP_R_ZLIB_DEFLATE_ERROR 99
+# define COMP_R_ZLIB_INFLATE_ERROR 100
+# define COMP_R_ZLIB_NOT_SUPPORTED 101
#ifdef __cplusplus
}
diff --git a/Cryptlib/Include/openssl/conf.h b/Cryptlib/Include/openssl/conf.h
index 8aa06bc..8d926d5 100644
--- a/Cryptlib/Include/openssl/conf.h
+++ b/Cryptlib/Include/openssl/conf.h
@@ -5,21 +5,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,10 +34,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
@@ -57,131 +57,140 @@
*/
#ifndef HEADER_CONF_H
-#define HEADER_CONF_H
+# define HEADER_CONF_H
-#include
-#include
-#include
-#include
-#include
+# include
+# include
+# include
+# include
+# include
-#include
+# include
#ifdef __cplusplus
extern "C" {
#endif
-typedef struct
- {
- char *section;
- char *name;
- char *value;
- } CONF_VALUE;
+typedef struct {
+ char *section;
+ char *name;
+ char *value;
+} CONF_VALUE;
DECLARE_STACK_OF(CONF_VALUE)
-DECLARE_STACK_OF(CONF_MODULE)
-DECLARE_STACK_OF(CONF_IMODULE)
+DECLARE_LHASH_OF(CONF_VALUE);
struct conf_st;
struct conf_method_st;
typedef struct conf_method_st CONF_METHOD;
-struct conf_method_st
- {
- const char *name;
- CONF *(*create)(CONF_METHOD *meth);
- int (*init)(CONF *conf);
- int (*destroy)(CONF *conf);
- int (*destroy_data)(CONF *conf);
- int (*load_bio)(CONF *conf, BIO *bp, long *eline);
- int (*dump)(const CONF *conf, BIO *bp);
- int (*is_number)(const CONF *conf, char c);
- int (*to_int)(const CONF *conf, char c);
- int (*load)(CONF *conf, const char *name, long *eline);
- };
+struct conf_method_st {
+ const char *name;
+ CONF *(*create) (CONF_METHOD *meth);
+ int (*init) (CONF *conf);
+ int (*destroy) (CONF *conf);
+ int (*destroy_data) (CONF *conf);
+ int (*load_bio) (CONF *conf, BIO *bp, long *eline);
+ int (*dump) (const CONF *conf, BIO *bp);
+ int (*is_number) (const CONF *conf, char c);
+ int (*to_int) (const CONF *conf, char c);
+ int (*load) (CONF *conf, const char *name, long *eline);
+};
/* Module definitions */
typedef struct conf_imodule_st CONF_IMODULE;
typedef struct conf_module_st CONF_MODULE;
-/* DSO module function typedefs */
-typedef int conf_init_func(CONF_IMODULE *md, const CONF *cnf);
-typedef void conf_finish_func(CONF_IMODULE *md);
+DECLARE_STACK_OF(CONF_MODULE)
+DECLARE_STACK_OF(CONF_IMODULE)
-#define CONF_MFLAGS_IGNORE_ERRORS 0x1
-#define CONF_MFLAGS_IGNORE_RETURN_CODES 0x2
-#define CONF_MFLAGS_SILENT 0x4
-#define CONF_MFLAGS_NO_DSO 0x8
-#define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10
-#define CONF_MFLAGS_DEFAULT_SECTION 0x20
+/* DSO module function typedefs */
+typedef int conf_init_func (CONF_IMODULE *md, const CONF *cnf);
+typedef void conf_finish_func (CONF_IMODULE *md);
+
+# define CONF_MFLAGS_IGNORE_ERRORS 0x1
+# define CONF_MFLAGS_IGNORE_RETURN_CODES 0x2
+# define CONF_MFLAGS_SILENT 0x4
+# define CONF_MFLAGS_NO_DSO 0x8
+# define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10
+# define CONF_MFLAGS_DEFAULT_SECTION 0x20
int CONF_set_default_method(CONF_METHOD *meth);
-void CONF_set_nconf(CONF *conf,LHASH *hash);
-LHASH *CONF_load(LHASH *conf,const char *file,long *eline);
-#ifndef OPENSSL_NO_FP_API
-LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline);
-#endif
-LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline);
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,const char *section);
-char *CONF_get_string(LHASH *conf,const char *group,const char *name);
-long CONF_get_number(LHASH *conf,const char *group,const char *name);
-void CONF_free(LHASH *conf);
-int CONF_dump_fp(LHASH *conf, FILE *out);
-int CONF_dump_bio(LHASH *conf, BIO *out);
+void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash);
+LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
+ long *eline);
+# ifndef OPENSSL_NO_FP_API
+LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
+ long *eline);
+# endif
+LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
+ long *eline);
+STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
+ const char *section);
+char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
+ const char *name);
+long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
+ const char *name);
+void CONF_free(LHASH_OF(CONF_VALUE) *conf);
+int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
+int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
void OPENSSL_config(const char *config_name);
void OPENSSL_no_config(void);
-/* New conf code. The semantics are different from the functions above.
- If that wasn't the case, the above functions would have been replaced */
+/*
+ * New conf code. The semantics are different from the functions above. If
+ * that wasn't the case, the above functions would have been replaced
+ */
-struct conf_st
- {
- CONF_METHOD *meth;
- void *meth_data;
- LHASH *data;
- };
+struct conf_st {
+ CONF_METHOD *meth;
+ void *meth_data;
+ LHASH_OF(CONF_VALUE) *data;
+};
CONF *NCONF_new(CONF_METHOD *meth);
CONF_METHOD *NCONF_default(void);
CONF_METHOD *NCONF_WIN32(void);
-#if 0 /* Just to give you an idea of what I have in mind */
+# if 0 /* Just to give you an idea of what I have in
+ * mind */
CONF_METHOD *NCONF_XML(void);
-#endif
+# endif
void NCONF_free(CONF *conf);
void NCONF_free_data(CONF *conf);
-int NCONF_load(CONF *conf,const char *file,long *eline);
-#ifndef OPENSSL_NO_FP_API
-int NCONF_load_fp(CONF *conf, FILE *fp,long *eline);
-#endif
-int NCONF_load_bio(CONF *conf, BIO *bp,long *eline);
-STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,const char *section);
-char *NCONF_get_string(const CONF *conf,const char *group,const char *name);
-int NCONF_get_number_e(const CONF *conf,const char *group,const char *name,
- long *result);
+int NCONF_load(CONF *conf, const char *file, long *eline);
+# ifndef OPENSSL_NO_FP_API
+int NCONF_load_fp(CONF *conf, FILE *fp, long *eline);
+# endif
+int NCONF_load_bio(CONF *conf, BIO *bp, long *eline);
+STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
+ const char *section);
+char *NCONF_get_string(const CONF *conf, const char *group, const char *name);
+int NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
+ long *result);
int NCONF_dump_fp(const CONF *conf, FILE *out);
int NCONF_dump_bio(const CONF *conf, BIO *out);
-#if 0 /* The following function has no error checking,
- and should therefore be avoided */
-long NCONF_get_number(CONF *conf,char *group,char *name);
-#else
-#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
-#endif
-
+# if 0 /* The following function has no error
+ * checking, and should therefore be avoided */
+long NCONF_get_number(CONF *conf, char *group, char *name);
+# else
+# define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
+# endif
+
/* Module functions */
int CONF_modules_load(const CONF *cnf, const char *appname,
- unsigned long flags);
+ unsigned long flags);
int CONF_modules_load_file(const char *filename, const char *appname,
- unsigned long flags);
+ unsigned long flags);
void CONF_modules_unload(int all);
void CONF_modules_finish(void);
void CONF_modules_free(void);
int CONF_module_add(const char *name, conf_init_func *ifunc,
- conf_finish_func *ffunc);
+ conf_finish_func *ffunc);
const char *CONF_imodule_get_name(const CONF_IMODULE *md);
const char *CONF_imodule_get_value(const CONF_IMODULE *md);
@@ -196,12 +205,14 @@ void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data);
char *CONF_get1_default_config_file(void);
int CONF_parse_list(const char *list, int sep, int nospc,
- int (*list_cb)(const char *elem, int len, void *usr), void *arg);
+ int (*list_cb) (const char *elem, int len, void *usr),
+ void *arg);
void OPENSSL_load_builtin_modules(void);
/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_CONF_strings(void);
@@ -209,44 +220,46 @@ void ERR_load_CONF_strings(void);
/* Error codes for the CONF functions. */
/* Function codes. */
-#define CONF_F_CONF_DUMP_FP 104
-#define CONF_F_CONF_LOAD 100
-#define CONF_F_CONF_LOAD_BIO 102
-#define CONF_F_CONF_LOAD_FP 103
-#define CONF_F_CONF_MODULES_LOAD 116
-#define CONF_F_DEF_LOAD 120
-#define CONF_F_DEF_LOAD_BIO 121
-#define CONF_F_MODULE_INIT 115
-#define CONF_F_MODULE_LOAD_DSO 117
-#define CONF_F_MODULE_RUN 118
-#define CONF_F_NCONF_DUMP_BIO 105
-#define CONF_F_NCONF_DUMP_FP 106
-#define CONF_F_NCONF_GET_NUMBER 107
-#define CONF_F_NCONF_GET_NUMBER_E 112
-#define CONF_F_NCONF_GET_SECTION 108
-#define CONF_F_NCONF_GET_STRING 109
-#define CONF_F_NCONF_LOAD 113
-#define CONF_F_NCONF_LOAD_BIO 110
-#define CONF_F_NCONF_LOAD_FP 114
-#define CONF_F_NCONF_NEW 111
-#define CONF_F_STR_COPY 101
+# define CONF_F_CONF_DUMP_FP 104
+# define CONF_F_CONF_LOAD 100
+# define CONF_F_CONF_LOAD_BIO 102
+# define CONF_F_CONF_LOAD_FP 103
+# define CONF_F_CONF_MODULES_LOAD 116
+# define CONF_F_CONF_PARSE_LIST 119
+# define CONF_F_DEF_LOAD 120
+# define CONF_F_DEF_LOAD_BIO 121
+# define CONF_F_MODULE_INIT 115
+# define CONF_F_MODULE_LOAD_DSO 117
+# define CONF_F_MODULE_RUN 118
+# define CONF_F_NCONF_DUMP_BIO 105
+# define CONF_F_NCONF_DUMP_FP 106
+# define CONF_F_NCONF_GET_NUMBER 107
+# define CONF_F_NCONF_GET_NUMBER_E 112
+# define CONF_F_NCONF_GET_SECTION 108
+# define CONF_F_NCONF_GET_STRING 109
+# define CONF_F_NCONF_LOAD 113
+# define CONF_F_NCONF_LOAD_BIO 110
+# define CONF_F_NCONF_LOAD_FP 114
+# define CONF_F_NCONF_NEW 111
+# define CONF_F_STR_COPY 101
/* Reason codes. */
-#define CONF_R_ERROR_LOADING_DSO 110
-#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
-#define CONF_R_MISSING_EQUAL_SIGN 101
-#define CONF_R_MISSING_FINISH_FUNCTION 111
-#define CONF_R_MISSING_INIT_FUNCTION 112
-#define CONF_R_MODULE_INITIALIZATION_ERROR 109
-#define CONF_R_NO_CLOSE_BRACE 102
-#define CONF_R_NO_CONF 105
-#define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE 106
-#define CONF_R_NO_SECTION 107
-#define CONF_R_NO_SUCH_FILE 114
-#define CONF_R_NO_VALUE 108
-#define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103
-#define CONF_R_UNKNOWN_MODULE_NAME 113
-#define CONF_R_VARIABLE_HAS_NO_VALUE 104
+# define CONF_R_ERROR_LOADING_DSO 110
+# define CONF_R_LIST_CANNOT_BE_NULL 115
+# define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
+# define CONF_R_MISSING_EQUAL_SIGN 101
+# define CONF_R_MISSING_FINISH_FUNCTION 111
+# define CONF_R_MISSING_INIT_FUNCTION 112
+# define CONF_R_MODULE_INITIALIZATION_ERROR 109
+# define CONF_R_NO_CLOSE_BRACE 102
+# define CONF_R_NO_CONF 105
+# define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE 106
+# define CONF_R_NO_SECTION 107
+# define CONF_R_NO_SUCH_FILE 114
+# define CONF_R_NO_VALUE 108
+# define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103
+# define CONF_R_UNKNOWN_MODULE_NAME 113
+# define CONF_R_VARIABLE_HAS_NO_VALUE 104
#ifdef __cplusplus
}
diff --git a/Cryptlib/Include/openssl/conf_api.h b/Cryptlib/Include/openssl/conf_api.h
index 87a954a..e478f7d 100644
--- a/Cryptlib/Include/openssl/conf_api.h
+++ b/Cryptlib/Include/openssl/conf_api.h
@@ -5,21 +5,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,10 +34,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
@@ -57,10 +57,10 @@
*/
#ifndef HEADER_CONF_API_H
-#define HEADER_CONF_API_H
+# define HEADER_CONF_API_H
-#include
-#include
+# include
+# include
#ifdef __cplusplus
extern "C" {
@@ -72,12 +72,13 @@ CONF_VALUE *_CONF_new_section(CONF *conf, const char *section);
CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section);
/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
- const char *section);
+ const char *section);
int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value);
char *_CONF_get_string(const CONF *conf, const char *section,
- const char *name);
-long _CONF_get_number(const CONF *conf, const char *section, const char *name);
+ const char *name);
+long _CONF_get_number(const CONF *conf, const char *section,
+ const char *name);
int _CONF_new_data(CONF *conf);
void _CONF_free_data(CONF *conf);
@@ -86,4 +87,3 @@ void _CONF_free_data(CONF *conf);
}
#endif
#endif
-
diff --git a/Cryptlib/Include/openssl/crypto.h b/Cryptlib/Include/openssl/crypto.h
index ac0c949..d6e804e 100644
--- a/Cryptlib/Include/openssl/crypto.h
+++ b/Cryptlib/Include/openssl/crypto.h
@@ -1,13 +1,13 @@
/* crypto/crypto.h */
/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@@ -58,21 +58,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -87,10 +87,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -102,7 +102,7 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
@@ -110,272 +110,288 @@
*/
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
+ * ECDH support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
#ifndef HEADER_CRYPTO_H
-#define HEADER_CRYPTO_H
+# define HEADER_CRYPTO_H
-#include
+# include
-#include
+# include
-#ifndef OPENSSL_NO_FP_API
-#include
-#endif
+# ifndef OPENSSL_NO_FP_API
+# include
+# endif
-#include
-#include
-#include
-#include
+# include
+# include
+# include
+# include
-#ifdef CHARSET_EBCDIC
-#include
-#endif
+# ifdef CHARSET_EBCDIC
+# include
+# endif
-/* Resolve problems on some operating systems with symbol names that clash
- one way or another */
-#include
+/*
+ * Resolve problems on some operating systems with symbol names that clash
+ * one way or another
+ */
+# include
#ifdef __cplusplus
extern "C" {
#endif
/* Backward compatibility to SSLeay */
-/* This is more to be used to check the correct DLL is being used
- * in the MS world. */
-#define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
-#define SSLEAY_VERSION 0
-/* #define SSLEAY_OPTIONS 1 no longer supported */
-#define SSLEAY_CFLAGS 2
-#define SSLEAY_BUILT_ON 3
-#define SSLEAY_PLATFORM 4
-#define SSLEAY_DIR 5
+/*
+ * This is more to be used to check the correct DLL is being used in the MS
+ * world.
+ */
+# define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
+# define SSLEAY_VERSION 0
+/* #define SSLEAY_OPTIONS 1 no longer supported */
+# define SSLEAY_CFLAGS 2
+# define SSLEAY_BUILT_ON 3
+# define SSLEAY_PLATFORM 4
+# define SSLEAY_DIR 5
/* Already declared in ossl_typ.h */
-#if 0
+# if 0
typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
/* Called when a new object is created */
-typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
- int idx, long argl, void *argp);
+typedef int CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+ int idx, long argl, void *argp);
/* Called when an object is free()ed */
-typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
- int idx, long argl, void *argp);
+typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+ int idx, long argl, void *argp);
/* Called when we need to dup an object */
-typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
- int idx, long argl, void *argp);
-#endif
+typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
+ void *from_d, int idx, long argl, void *argp);
+# endif
/* A generic structure to pass assorted data in a expandable way */
-typedef struct openssl_item_st
- {
- int code;
- void *value; /* Not used for flag attributes */
- size_t value_size; /* Max size of value for output, length for input */
- size_t *value_length; /* Returned length of value for output */
- } OPENSSL_ITEM;
+typedef struct openssl_item_st {
+ int code;
+ void *value; /* Not used for flag attributes */
+ size_t value_size; /* Max size of value for output, length for
+ * input */
+ size_t *value_length; /* Returned length of value for output */
+} OPENSSL_ITEM;
-
-/* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
+/*
+ * When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
* names in cryptlib.c
*/
-#define CRYPTO_LOCK_ERR 1
-#define CRYPTO_LOCK_EX_DATA 2
-#define CRYPTO_LOCK_X509 3
-#define CRYPTO_LOCK_X509_INFO 4
-#define CRYPTO_LOCK_X509_PKEY 5
-#define CRYPTO_LOCK_X509_CRL 6
-#define CRYPTO_LOCK_X509_REQ 7
-#define CRYPTO_LOCK_DSA 8
-#define CRYPTO_LOCK_RSA 9
-#define CRYPTO_LOCK_EVP_PKEY 10
-#define CRYPTO_LOCK_X509_STORE 11
-#define CRYPTO_LOCK_SSL_CTX 12
-#define CRYPTO_LOCK_SSL_CERT 13
-#define CRYPTO_LOCK_SSL_SESSION 14
-#define CRYPTO_LOCK_SSL_SESS_CERT 15
-#define CRYPTO_LOCK_SSL 16
-#define CRYPTO_LOCK_SSL_METHOD 17
-#define CRYPTO_LOCK_RAND 18
-#define CRYPTO_LOCK_RAND2 19
-#define CRYPTO_LOCK_MALLOC 20
-#define CRYPTO_LOCK_BIO 21
-#define CRYPTO_LOCK_GETHOSTBYNAME 22
-#define CRYPTO_LOCK_GETSERVBYNAME 23
-#define CRYPTO_LOCK_READDIR 24
-#define CRYPTO_LOCK_RSA_BLINDING 25
-#define CRYPTO_LOCK_DH 26
-#define CRYPTO_LOCK_MALLOC2 27
-#define CRYPTO_LOCK_DSO 28
-#define CRYPTO_LOCK_DYNLOCK 29
-#define CRYPTO_LOCK_ENGINE 30
-#define CRYPTO_LOCK_UI 31
-#define CRYPTO_LOCK_ECDSA 32
-#define CRYPTO_LOCK_EC 33
-#define CRYPTO_LOCK_ECDH 34
-#define CRYPTO_LOCK_BN 35
-#define CRYPTO_LOCK_EC_PRE_COMP 36
-#define CRYPTO_LOCK_STORE 37
-#define CRYPTO_LOCK_COMP 38
-#ifndef OPENSSL_FIPS
-#define CRYPTO_NUM_LOCKS 39
-#else
-#define CRYPTO_LOCK_FIPS 39
-#define CRYPTO_LOCK_FIPS2 40
-#define CRYPTO_NUM_LOCKS 41
-#endif
+# define CRYPTO_LOCK_ERR 1
+# define CRYPTO_LOCK_EX_DATA 2
+# define CRYPTO_LOCK_X509 3
+# define CRYPTO_LOCK_X509_INFO 4
+# define CRYPTO_LOCK_X509_PKEY 5
+# define CRYPTO_LOCK_X509_CRL 6
+# define CRYPTO_LOCK_X509_REQ 7
+# define CRYPTO_LOCK_DSA 8
+# define CRYPTO_LOCK_RSA 9
+# define CRYPTO_LOCK_EVP_PKEY 10
+# define CRYPTO_LOCK_X509_STORE 11
+# define CRYPTO_LOCK_SSL_CTX 12
+# define CRYPTO_LOCK_SSL_CERT 13
+# define CRYPTO_LOCK_SSL_SESSION 14
+# define CRYPTO_LOCK_SSL_SESS_CERT 15
+# define CRYPTO_LOCK_SSL 16
+# define CRYPTO_LOCK_SSL_METHOD 17
+# define CRYPTO_LOCK_RAND 18
+# define CRYPTO_LOCK_RAND2 19
+# define CRYPTO_LOCK_MALLOC 20
+# define CRYPTO_LOCK_BIO 21
+# define CRYPTO_LOCK_GETHOSTBYNAME 22
+# define CRYPTO_LOCK_GETSERVBYNAME 23
+# define CRYPTO_LOCK_READDIR 24
+# define CRYPTO_LOCK_RSA_BLINDING 25
+# define CRYPTO_LOCK_DH 26
+# define CRYPTO_LOCK_MALLOC2 27
+# define CRYPTO_LOCK_DSO 28
+# define CRYPTO_LOCK_DYNLOCK 29
+# define CRYPTO_LOCK_ENGINE 30
+# define CRYPTO_LOCK_UI 31
+# define CRYPTO_LOCK_ECDSA 32
+# define CRYPTO_LOCK_EC 33
+# define CRYPTO_LOCK_ECDH 34
+# define CRYPTO_LOCK_BN 35
+# define CRYPTO_LOCK_EC_PRE_COMP 36
+# define CRYPTO_LOCK_STORE 37
+# define CRYPTO_LOCK_COMP 38
+# define CRYPTO_LOCK_FIPS 39
+# define CRYPTO_LOCK_FIPS2 40
+# define CRYPTO_NUM_LOCKS 41
-#define CRYPTO_LOCK 1
-#define CRYPTO_UNLOCK 2
-#define CRYPTO_READ 4
-#define CRYPTO_WRITE 8
+# define CRYPTO_LOCK 1
+# define CRYPTO_UNLOCK 2
+# define CRYPTO_READ 4
+# define CRYPTO_WRITE 8
-#ifndef OPENSSL_NO_LOCKING
-#ifndef CRYPTO_w_lock
-#define CRYPTO_w_lock(type) \
- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,NULL,0)
-#define CRYPTO_w_unlock(type) \
- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,NULL,0)
-#define CRYPTO_r_lock(type) \
- CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,NULL,0)
-#define CRYPTO_r_unlock(type) \
- CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,NULL,0)
-#define CRYPTO_add(addr,amount,type) \
- CRYPTO_add_lock(addr,amount,type,NULL,0)
-#endif
-#else
-#define CRYPTO_w_lock(a)
-#define CRYPTO_w_unlock(a)
-#define CRYPTO_r_lock(a)
-#define CRYPTO_r_unlock(a)
-#define CRYPTO_add(a,b,c) ((*(a))+=(b))
-#endif
+# ifndef OPENSSL_NO_LOCKING
+# ifndef CRYPTO_w_lock
+# define CRYPTO_w_lock(type) \
+ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,NULL,0)
+# define CRYPTO_w_unlock(type) \
+ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,NULL,0)
+# define CRYPTO_r_lock(type) \
+ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,NULL,0)
+# define CRYPTO_r_unlock(type) \
+ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,NULL,0)
+# define CRYPTO_add(addr,amount,type) \
+ CRYPTO_add_lock(addr,amount,type,NULL,0)
+# endif
+# else
+# define CRYPTO_w_lock(a)
+# define CRYPTO_w_unlock(a)
+# define CRYPTO_r_lock(a)
+# define CRYPTO_r_unlock(a)
+# define CRYPTO_add(a,b,c) ((*(a))+=(b))
+# endif
-/* Some applications as well as some parts of OpenSSL need to allocate
- and deallocate locks in a dynamic fashion. The following typedef
- makes this possible in a type-safe manner. */
+/*
+ * Some applications as well as some parts of OpenSSL need to allocate and
+ * deallocate locks in a dynamic fashion. The following typedef makes this
+ * possible in a type-safe manner.
+ */
/* struct CRYPTO_dynlock_value has to be defined by the application. */
-typedef struct
- {
- int references;
- struct CRYPTO_dynlock_value *data;
- } CRYPTO_dynlock;
+typedef struct {
+ int references;
+ struct CRYPTO_dynlock_value *data;
+} CRYPTO_dynlock;
+/*
+ * The following can be used to detect memory leaks in the SSLeay library. It
+ * used, it turns on malloc checking
+ */
-/* The following can be used to detect memory leaks in the SSLeay library.
- * It used, it turns on malloc checking */
+# define CRYPTO_MEM_CHECK_OFF 0x0/* an enume */
+# define CRYPTO_MEM_CHECK_ON 0x1/* a bit */
+# define CRYPTO_MEM_CHECK_ENABLE 0x2/* a bit */
+# define CRYPTO_MEM_CHECK_DISABLE 0x3/* an enume */
-#define CRYPTO_MEM_CHECK_OFF 0x0 /* an enume */
-#define CRYPTO_MEM_CHECK_ON 0x1 /* a bit */
-#define CRYPTO_MEM_CHECK_ENABLE 0x2 /* a bit */
-#define CRYPTO_MEM_CHECK_DISABLE 0x3 /* an enume */
-
-/* The following are bit values to turn on or off options connected to the
- * malloc checking functionality */
+/*
+ * The following are bit values to turn on or off options connected to the
+ * malloc checking functionality
+ */
/* Adds time to the memory checking information */
-#define V_CRYPTO_MDEBUG_TIME 0x1 /* a bit */
+# define V_CRYPTO_MDEBUG_TIME 0x1/* a bit */
/* Adds thread number to the memory checking information */
-#define V_CRYPTO_MDEBUG_THREAD 0x2 /* a bit */
-
-#define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD)
+# define V_CRYPTO_MDEBUG_THREAD 0x2/* a bit */
+# define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD)
/* predec of the BIO type */
typedef struct bio_st BIO_dummy;
-struct crypto_ex_data_st
- {
- STACK *sk;
- int dummy; /* gcc is screwing up this data structure :-( */
- };
+struct crypto_ex_data_st {
+ STACK_OF(void) *sk;
+ /* gcc is screwing up this data structure :-( */
+ int dummy;
+};
+DECLARE_STACK_OF(void)
-/* This stuff is basically class callback functions
- * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */
+/*
+ * This stuff is basically class callback functions The current classes are
+ * SSL_CTX, SSL, SSL_SESSION, and a few more
+ */
-typedef struct crypto_ex_data_func_st
- {
- long argl; /* Arbitary long */
- void *argp; /* Arbitary void * */
- CRYPTO_EX_new *new_func;
- CRYPTO_EX_free *free_func;
- CRYPTO_EX_dup *dup_func;
- } CRYPTO_EX_DATA_FUNCS;
+typedef struct crypto_ex_data_func_st {
+ long argl; /* Arbitary long */
+ void *argp; /* Arbitary void * */
+ CRYPTO_EX_new *new_func;
+ CRYPTO_EX_free *free_func;
+ CRYPTO_EX_dup *dup_func;
+} CRYPTO_EX_DATA_FUNCS;
DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
-/* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
+/*
+ * Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
* entry.
*/
-#define CRYPTO_EX_INDEX_BIO 0
-#define CRYPTO_EX_INDEX_SSL 1
-#define CRYPTO_EX_INDEX_SSL_CTX 2
-#define CRYPTO_EX_INDEX_SSL_SESSION 3
-#define CRYPTO_EX_INDEX_X509_STORE 4
-#define CRYPTO_EX_INDEX_X509_STORE_CTX 5
-#define CRYPTO_EX_INDEX_RSA 6
-#define CRYPTO_EX_INDEX_DSA 7
-#define CRYPTO_EX_INDEX_DH 8
-#define CRYPTO_EX_INDEX_ENGINE 9
-#define CRYPTO_EX_INDEX_X509 10
-#define CRYPTO_EX_INDEX_UI 11
-#define CRYPTO_EX_INDEX_ECDSA 12
-#define CRYPTO_EX_INDEX_ECDH 13
-#define CRYPTO_EX_INDEX_COMP 14
-#define CRYPTO_EX_INDEX_STORE 15
+# define CRYPTO_EX_INDEX_BIO 0
+# define CRYPTO_EX_INDEX_SSL 1
+# define CRYPTO_EX_INDEX_SSL_CTX 2
+# define CRYPTO_EX_INDEX_SSL_SESSION 3
+# define CRYPTO_EX_INDEX_X509_STORE 4
+# define CRYPTO_EX_INDEX_X509_STORE_CTX 5
+# define CRYPTO_EX_INDEX_RSA 6
+# define CRYPTO_EX_INDEX_DSA 7
+# define CRYPTO_EX_INDEX_DH 8
+# define CRYPTO_EX_INDEX_ENGINE 9
+# define CRYPTO_EX_INDEX_X509 10
+# define CRYPTO_EX_INDEX_UI 11
+# define CRYPTO_EX_INDEX_ECDSA 12
+# define CRYPTO_EX_INDEX_ECDH 13
+# define CRYPTO_EX_INDEX_COMP 14
+# define CRYPTO_EX_INDEX_STORE 15
-/* Dynamically assigned indexes start from this value (don't use directly, use
- * via CRYPTO_ex_data_new_class). */
-#define CRYPTO_EX_INDEX_USER 100
-
-
-/* This is the default callbacks, but we can have others as well:
- * this is needed in Win32 where the application malloc and the
- * library malloc may not be the same.
+/*
+ * Dynamically assigned indexes start from this value (don't use directly,
+ * use via CRYPTO_ex_data_new_class).
*/
-#define CRYPTO_malloc_init() CRYPTO_set_mem_functions(\
- malloc, realloc, free)
+# define CRYPTO_EX_INDEX_USER 100
-#if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD
-# ifndef CRYPTO_MDEBUG /* avoid duplicate #define */
-# define CRYPTO_MDEBUG
+/*
+ * This is the default callbacks, but we can have others as well: this is
+ * needed in Win32 where the application malloc and the library malloc may
+ * not be the same.
+ */
+# define CRYPTO_malloc_init() CRYPTO_set_mem_functions(\
+ malloc, realloc, free)
+
+# if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD
+# ifndef CRYPTO_MDEBUG /* avoid duplicate #define */
+# define CRYPTO_MDEBUG
+# endif
# endif
-#endif
-/* Set standard debugging functions (not done by default
- * unless CRYPTO_MDEBUG is defined) */
-void CRYPTO_malloc_debug_init(void);
+/*
+ * Set standard debugging functions (not done by default unless CRYPTO_MDEBUG
+ * is defined)
+ */
+# define CRYPTO_malloc_debug_init() do {\
+ CRYPTO_set_mem_debug_functions(\
+ CRYPTO_dbg_malloc,\
+ CRYPTO_dbg_realloc,\
+ CRYPTO_dbg_free,\
+ CRYPTO_dbg_set_options,\
+ CRYPTO_dbg_get_options);\
+ } while(0)
int CRYPTO_mem_ctrl(int mode);
int CRYPTO_is_mem_check_on(void);
/* for applications */
-#define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON)
-#define MemCheck_stop() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF)
+# define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON)
+# define MemCheck_stop() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF)
/* for library-internal use */
-#define MemCheck_on() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE)
-#define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)
-#define is_MemCheck_on() CRYPTO_is_mem_check_on()
+# define MemCheck_on() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE)
+# define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)
+# define is_MemCheck_on() CRYPTO_is_mem_check_on()
-#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,NULL,0)
-#define OPENSSL_strdup(str) CRYPTO_strdup((str),NULL,0)
-#define OPENSSL_realloc(addr,num) \
- CRYPTO_realloc((char *)addr,(int)num,NULL,0)
-#define OPENSSL_realloc_clean(addr,old_num,num) \
- CRYPTO_realloc_clean(addr,old_num,num,NULL,0)
-#define OPENSSL_remalloc(addr,num) \
- CRYPTO_remalloc((char **)addr,(int)num,NULL,0)
-#define OPENSSL_freeFunc CRYPTO_free
-#define OPENSSL_free(addr) CRYPTO_free(addr)
-
-#define OPENSSL_malloc_locked(num) \
- CRYPTO_malloc_locked((int)num,NULL,0)
-#define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
+# define OPENSSL_malloc(num) CRYPTO_malloc((int)num,NULL,0)
+# define OPENSSL_strdup(str) CRYPTO_strdup((str),NULL,0)
+# define OPENSSL_realloc(addr,num) \
+ CRYPTO_realloc((char *)addr,(int)num,NULL,0)
+# define OPENSSL_realloc_clean(addr,old_num,num) \
+ CRYPTO_realloc_clean(addr,old_num,num,NULL,0)
+# define OPENSSL_remalloc(addr,num) \
+ CRYPTO_remalloc((char **)addr,(int)num,NULL,0)
+# define OPENSSL_freeFunc CRYPTO_free
+# define OPENSSL_free(addr) CRYPTO_free(addr)
+# define OPENSSL_malloc_locked(num) \
+ CRYPTO_malloc_locked((int)num,NULL,0)
+# define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
const char *SSLeay_version(int type);
unsigned long SSLeay(void);
@@ -383,7 +399,7 @@ unsigned long SSLeay(void);
int OPENSSL_issetugid(void);
/* An opaque type representing an implementation of "ex_data" support */
-typedef struct st_CRYPTO_EX_DATA_IMPL CRYPTO_EX_DATA_IMPL;
+typedef struct st_CRYPTO_EX_DATA_IMPL CRYPTO_EX_DATA_IMPL;
/* Return an opaque pointer to the current "ex_data" implementation */
const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void);
/* Sets the "ex_data" implementation to be used (if it's not too late) */
@@ -392,118 +408,165 @@ int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i);
int CRYPTO_ex_data_new_class(void);
/* Within a given class, get/register a new index */
int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
- CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-/* Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a given
- * class (invokes whatever per-class callbacks are applicable) */
+ CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+/*
+ * Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
+ * given class (invokes whatever per-class callbacks are applicable)
+ */
int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
- CRYPTO_EX_DATA *from);
+ CRYPTO_EX_DATA *from);
void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
-/* Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular index
- * (relative to the class type involved) */
+/*
+ * Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
+ * index (relative to the class type involved)
+ */
int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val);
-void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad,int idx);
-/* This function cleans up all "ex_data" state. It mustn't be called under
- * potential race-conditions. */
+void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx);
+/*
+ * This function cleans up all "ex_data" state. It mustn't be called under
+ * potential race-conditions.
+ */
void CRYPTO_cleanup_all_ex_data(void);
int CRYPTO_get_new_lockid(char *name);
-int CRYPTO_num_locks(void); /* return CRYPTO_NUM_LOCKS (shared libs!) */
-void CRYPTO_lock(int mode, int type,const char *file,int line);
-void CRYPTO_set_locking_callback(void (*func)(int mode,int type,
- const char *file,int line));
-void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file,
- int line);
-void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type,
- const char *file, int line));
-int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type,
- const char *file,int line);
-void CRYPTO_set_id_callback(unsigned long (*func)(void));
-unsigned long (*CRYPTO_get_id_callback(void))(void);
-unsigned long CRYPTO_thread_id(void);
-const char *CRYPTO_get_lock_name(int type);
-int CRYPTO_add_lock(int *pointer,int amount,int type, const char *file,
- int line);
+int CRYPTO_num_locks(void); /* return CRYPTO_NUM_LOCKS (shared libs!) */
+void CRYPTO_lock(int mode, int type, const char *file, int line);
+void CRYPTO_set_locking_callback(void (*func) (int mode, int type,
+ const char *file, int line));
+void (*CRYPTO_get_locking_callback(void)) (int mode, int type,
+ const char *file, int line);
+void CRYPTO_set_add_lock_callback(int (*func)
+ (int *num, int mount, int type,
+ const char *file, int line));
+int (*CRYPTO_get_add_lock_callback(void)) (int *num, int mount, int type,
+ const char *file, int line);
-void int_CRYPTO_set_do_dynlock_callback(
- void (*do_dynlock_cb)(int mode, int type, const char *file, int line));
+/* Don't use this structure directly. */
+typedef struct crypto_threadid_st {
+ void *ptr;
+ unsigned long val;
+} CRYPTO_THREADID;
+/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
+void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
+void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
+int CRYPTO_THREADID_set_callback(void (*threadid_func) (CRYPTO_THREADID *));
+void (*CRYPTO_THREADID_get_callback(void)) (CRYPTO_THREADID *);
+void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
+int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b);
+void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src);
+unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
+# ifndef OPENSSL_NO_DEPRECATED
+void CRYPTO_set_id_callback(unsigned long (*func) (void));
+unsigned long (*CRYPTO_get_id_callback(void)) (void);
+unsigned long CRYPTO_thread_id(void);
+# endif
+
+const char *CRYPTO_get_lock_name(int type);
+int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
+ int line);
int CRYPTO_get_new_dynlockid(void);
void CRYPTO_destroy_dynlockid(int i);
struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i);
-void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*dyn_create_function)(const char *file, int line));
-void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)(int mode, struct CRYPTO_dynlock_value *l, const char *file, int line));
-void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)(struct CRYPTO_dynlock_value *l, const char *file, int line));
-struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))(const char *file,int line);
-void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, struct CRYPTO_dynlock_value *l, const char *file,int line);
-void (*CRYPTO_get_dynlock_destroy_callback(void))(struct CRYPTO_dynlock_value *l, const char *file,int line);
+void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value
+ *(*dyn_create_function) (const char
+ *file,
+ int line));
+void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
+ (int mode,
+ struct CRYPTO_dynlock_value *l,
+ const char *file, int line));
+void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
+ (struct CRYPTO_dynlock_value *l,
+ const char *file, int line));
+struct CRYPTO_dynlock_value
+*(*CRYPTO_get_dynlock_create_callback(void)) (const char *file, int line);
+void (*CRYPTO_get_dynlock_lock_callback(void)) (int mode,
+ struct CRYPTO_dynlock_value
+ *l, const char *file,
+ int line);
+void (*CRYPTO_get_dynlock_destroy_callback(void)) (struct CRYPTO_dynlock_value
+ *l, const char *file,
+ int line);
-/* CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions --
- * call the latter last if you need different functions */
-int CRYPTO_set_mem_functions(void *(*m)(size_t),void *(*r)(void *,size_t), void (*f)(void *));
-int CRYPTO_set_locked_mem_functions(void *(*m)(size_t), void (*free_func)(void *));
-int CRYPTO_set_mem_ex_functions(void *(*m)(size_t,const char *,int),
- void *(*r)(void *,size_t,const char *,int),
- void (*f)(void *));
-int CRYPTO_set_locked_mem_ex_functions(void *(*m)(size_t,const char *,int),
- void (*free_func)(void *));
-int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int),
- void (*r)(void *,void *,int,const char *,int,int),
- void (*f)(void *,int),
- void (*so)(long),
- long (*go)(void));
-void CRYPTO_set_mem_info_functions(
- int (*push_info_fn)(const char *info, const char *file, int line),
- int (*pop_info_fn)(void),
- int (*remove_all_info_fn)(void));
-void CRYPTO_get_mem_functions(void *(**m)(size_t),void *(**r)(void *, size_t), void (**f)(void *));
-void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *));
-void CRYPTO_get_mem_ex_functions(void *(**m)(size_t,const char *,int),
- void *(**r)(void *, size_t,const char *,int),
- void (**f)(void *));
-void CRYPTO_get_locked_mem_ex_functions(void *(**m)(size_t,const char *,int),
- void (**f)(void *));
-void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int),
- void (**r)(void *,void *,int,const char *,int,int),
- void (**f)(void *,int),
- void (**so)(long),
- long (**go)(void));
+/*
+ * CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions -- call
+ * the latter last if you need different functions
+ */
+int CRYPTO_set_mem_functions(void *(*m) (size_t), void *(*r) (void *, size_t),
+ void (*f) (void *));
+int CRYPTO_set_locked_mem_functions(void *(*m) (size_t),
+ void (*free_func) (void *));
+int CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int),
+ void *(*r) (void *, size_t, const char *,
+ int), void (*f) (void *));
+int CRYPTO_set_locked_mem_ex_functions(void *(*m) (size_t, const char *, int),
+ void (*free_func) (void *));
+int CRYPTO_set_mem_debug_functions(void (*m)
+ (void *, int, const char *, int, int),
+ void (*r) (void *, void *, int,
+ const char *, int, int),
+ void (*f) (void *, int), void (*so) (long),
+ long (*go) (void));
+void CRYPTO_get_mem_functions(void *(**m) (size_t),
+ void *(**r) (void *, size_t),
+ void (**f) (void *));
+void CRYPTO_get_locked_mem_functions(void *(**m) (size_t),
+ void (**f) (void *));
+void CRYPTO_get_mem_ex_functions(void *(**m) (size_t, const char *, int),
+ void *(**r) (void *, size_t, const char *,
+ int), void (**f) (void *));
+void CRYPTO_get_locked_mem_ex_functions(void
+ *(**m) (size_t, const char *, int),
+ void (**f) (void *));
+void CRYPTO_get_mem_debug_functions(void (**m)
+ (void *, int, const char *, int, int),
+ void (**r) (void *, void *, int,
+ const char *, int, int),
+ void (**f) (void *, int),
+ void (**so) (long), long (**go) (void));
void *CRYPTO_malloc_locked(int num, const char *file, int line);
-void CRYPTO_free_locked(void *);
+void CRYPTO_free_locked(void *ptr);
void *CRYPTO_malloc(int num, const char *file, int line);
char *CRYPTO_strdup(const char *str, const char *file, int line);
-void CRYPTO_free(void *);
-void *CRYPTO_realloc(void *addr,int num, const char *file, int line);
-void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file,
- int line);
-void *CRYPTO_remalloc(void *addr,int num, const char *file, int line);
+void CRYPTO_free(void *ptr);
+void *CRYPTO_realloc(void *addr, int num, const char *file, int line);
+void *CRYPTO_realloc_clean(void *addr, int old_num, int num, const char *file,
+ int line);
+void *CRYPTO_remalloc(void *addr, int num, const char *file, int line);
void OPENSSL_cleanse(void *ptr, size_t len);
void CRYPTO_set_mem_debug_options(long bits);
long CRYPTO_get_mem_debug_options(void);
-#define CRYPTO_push_info(info) \
+# define CRYPTO_push_info(info) \
CRYPTO_push_info_(info, NULL, 0);
int CRYPTO_push_info_(const char *info, const char *file, int line);
int CRYPTO_pop_info(void);
int CRYPTO_remove_all_info(void);
-
-/* Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro;
- * used as default in CRYPTO_MDEBUG compilations): */
-/* The last argument has the following significance:
- *
- * 0: called before the actual memory allocation has taken place
- * 1: called after the actual memory allocation has taken place
+/*
+ * Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro;
+ * used as default in CRYPTO_MDEBUG compilations):
*/
-void CRYPTO_dbg_malloc(void *addr,int num,const char *file,int line,int before_p);
-void CRYPTO_dbg_realloc(void *addr1,void *addr2,int num,const char *file,int line,int before_p);
-void CRYPTO_dbg_free(void *addr,int before_p);
-/* Tell the debugging code about options. By default, the following values
+/*-
+ * The last argument has the following significance:
+ *
+ * 0: called before the actual memory allocation has taken place
+ * 1: called after the actual memory allocation has taken place
+ */
+void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
+ int before_p);
+void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, const char *file,
+ int line, int before_p);
+void CRYPTO_dbg_free(void *addr, int before_p);
+/*-
+ * Tell the debugging code about options. By default, the following values
* apply:
*
* 0: Clear all options.
@@ -514,92 +577,62 @@ void CRYPTO_dbg_free(void *addr,int before_p);
void CRYPTO_dbg_set_options(long bits);
long CRYPTO_dbg_get_options(void);
-int CRYPTO_dbg_push_info(const char *info, const char *file, int line);
-int CRYPTO_dbg_pop_info(void);
-int CRYPTO_dbg_remove_all_info(void);
-
-#ifndef OPENSSL_NO_FP_API
+# ifndef OPENSSL_NO_FP_API
void CRYPTO_mem_leaks_fp(FILE *);
-#endif
+# endif
void CRYPTO_mem_leaks(struct bio_st *bio);
/* unsigned long order, char *file, int line, int num_bytes, char *addr */
-typedef void *CRYPTO_MEM_LEAK_CB(unsigned long, const char *, int, int, void *);
+typedef void *CRYPTO_MEM_LEAK_CB (unsigned long, const char *, int, int,
+ void *);
void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
/* die if we have to */
-void OpenSSLDie(const char *file,int line,const char *assertion);
-#define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(NULL, 0, #e),1))
+void OpenSSLDie(const char *file, int line, const char *assertion);
+# define OPENSSL_assert(e) (void)((e) ? 0 : (OpenSSLDie(NULL, 0, #e),1))
unsigned long *OPENSSL_ia32cap_loc(void);
-#define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
+# define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
int OPENSSL_isservice(void);
-#ifdef OPENSSL_FIPS
-#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(NULL, 0, \
- alg " previous FIPS forbidden algorithm error ignored");
+int FIPS_mode(void);
+int FIPS_mode_set(int r);
-#define FIPS_BAD_ABORT(alg) OpenSSLDie(NULL, 0, \
- #alg " Algorithm forbidden in FIPS mode");
-
-#ifdef OPENSSL_FIPS_STRICT
-#define FIPS_BAD_ALGORITHM(alg) FIPS_BAD_ABORT(alg)
-#else
-#define FIPS_BAD_ALGORITHM(alg) \
- { \
- FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); \
- ERR_add_error_data(2, "Algorithm=", #alg); \
- return 0; \
- }
-#endif
-
-/* Low level digest API blocking macro */
-
-#define FIPS_NON_FIPS_MD_Init(alg) \
- int alg##_Init(alg##_CTX *c) \
- { \
- if (FIPS_mode()) \
- FIPS_BAD_ALGORITHM(alg) \
- return private_##alg##_Init(c); \
- } \
- int private_##alg##_Init(alg##_CTX *c)
-
-/* For ciphers the API often varies from cipher to cipher and each needs to
- * be treated as a special case. Variable key length ciphers (Blowfish, RC4,
- * CAST) however are very similar and can use a blocking macro.
- */
-
-#define FIPS_NON_FIPS_VCIPHER_Init(alg) \
- void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) \
- { \
- if (FIPS_mode()) \
- FIPS_BAD_ABORT(alg) \
- private_##alg##_set_key(key, len, data); \
- } \
- void private_##alg##_set_key(alg##_KEY *key, int len, \
- const unsigned char *data)
-
-#else
-
-#define FIPS_NON_FIPS_VCIPHER_Init(alg) \
- void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data)
-
-#define FIPS_NON_FIPS_MD_Init(alg) \
- int alg##_Init(alg##_CTX *c)
-
-#endif /* def OPENSSL_FIPS */
-
-#define OPENSSL_HAVE_INIT 1
void OPENSSL_init(void);
-/* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal. It
- * takes an amount of time dependent on |len|, but independent of the contents
- * of |a| and |b|. Unlike memcmp, it cannot be used to put elements into a
- * defined order as the return value when a != b is undefined, other than to be
- * non-zero. */
+# define fips_md_init(alg) fips_md_init_ctx(alg, alg)
+
+# ifdef OPENSSL_FIPS
+# define fips_md_init_ctx(alg, cx) \
+ int alg##_Init(cx##_CTX *c) \
+ { \
+ if (FIPS_mode()) OpenSSLDie(NULL, 0, \
+ "Low level API call to digest " #alg " forbidden in FIPS mode!"); \
+ return private_##alg##_Init(c); \
+ } \
+ int private_##alg##_Init(cx##_CTX *c)
+
+# define fips_cipher_abort(alg) \
+ if (FIPS_mode()) OpenSSLDie(NULL, 0, \
+ "Low level API call to cipher " #alg " forbidden in FIPS mode!")
+
+# else
+# define fips_md_init_ctx(alg, cx) \
+ int alg##_Init(cx##_CTX *c)
+# define fips_cipher_abort(alg) while(0)
+# endif
+
+/*
+ * CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal.
+ * It takes an amount of time dependent on |len|, but independent of the
+ * contents of |a| and |b|. Unlike memcmp, it cannot be used to put elements
+ * into a defined order as the return value when a != b is undefined, other
+ * than to be non-zero.
+ */
int CRYPTO_memcmp(const void *a, const void *b, size_t len);
/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_CRYPTO_strings(void);
@@ -607,18 +640,20 @@ void ERR_load_CRYPTO_strings(void);
/* Error codes for the CRYPTO functions. */
/* Function codes. */
-#define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100
-#define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID 103
-#define CRYPTO_F_CRYPTO_GET_NEW_LOCKID 101
-#define CRYPTO_F_CRYPTO_SET_EX_DATA 102
-#define CRYPTO_F_DEF_ADD_INDEX 104
-#define CRYPTO_F_DEF_GET_CLASS 105
-#define CRYPTO_F_INT_DUP_EX_DATA 106
-#define CRYPTO_F_INT_FREE_EX_DATA 107
-#define CRYPTO_F_INT_NEW_EX_DATA 108
+# define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100
+# define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID 103
+# define CRYPTO_F_CRYPTO_GET_NEW_LOCKID 101
+# define CRYPTO_F_CRYPTO_SET_EX_DATA 102
+# define CRYPTO_F_DEF_ADD_INDEX 104
+# define CRYPTO_F_DEF_GET_CLASS 105
+# define CRYPTO_F_FIPS_MODE_SET 109
+# define CRYPTO_F_INT_DUP_EX_DATA 106
+# define CRYPTO_F_INT_FREE_EX_DATA 107
+# define CRYPTO_F_INT_NEW_EX_DATA 108
/* Reason codes. */
-#define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100
+# define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101
+# define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100
#ifdef __cplusplus
}
diff --git a/Cryptlib/Include/openssl/des.h b/Cryptlib/Include/openssl/des.h
index 92b6663..1b40144 100644
--- a/Cryptlib/Include/openssl/des.h
+++ b/Cryptlib/Include/openssl/des.h
@@ -5,21 +5,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,10 +34,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
@@ -57,19 +57,19 @@
*/
#ifndef HEADER_NEW_DES_H
-#define HEADER_NEW_DES_H
+# define HEADER_NEW_DES_H
-#include /* OPENSSL_EXTERN, OPENSSL_NO_DES,
- DES_LONG (via openssl/opensslconf.h */
+# include /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG
+ * (via openssl/opensslconf.h */
-#ifdef OPENSSL_NO_DES
-#error DES is disabled.
-#endif
+# ifdef OPENSSL_NO_DES
+# error DES is disabled.
+# endif
-#ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
+# ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
#ifdef __cplusplus
extern "C" {
@@ -77,166 +77,178 @@ extern "C" {
typedef unsigned char DES_cblock[8];
typedef /* const */ unsigned char const_DES_cblock[8];
-/* With "const", gcc 2.8.1 on Solaris thinks that DES_cblock *
- * and const_DES_cblock * are incompatible pointer types. */
+/*
+ * With "const", gcc 2.8.1 on Solaris thinks that DES_cblock * and
+ * const_DES_cblock * are incompatible pointer types.
+ */
-typedef struct DES_ks
- {
- union
- {
- DES_cblock cblock;
- /* make sure things are correct size on machines with
- * 8 byte longs */
- DES_LONG deslong[2];
- } ks[16];
- } DES_key_schedule;
+typedef struct DES_ks {
+ union {
+ DES_cblock cblock;
+ /*
+ * make sure things are correct size on machines with 8 byte longs
+ */
+ DES_LONG deslong[2];
+ } ks[16];
+} DES_key_schedule;
-#ifndef OPENSSL_DISABLE_OLD_DES_SUPPORT
-# ifndef OPENSSL_ENABLE_OLD_DES_SUPPORT
-# define OPENSSL_ENABLE_OLD_DES_SUPPORT
+# ifndef OPENSSL_DISABLE_OLD_DES_SUPPORT
+# ifndef OPENSSL_ENABLE_OLD_DES_SUPPORT
+# define OPENSSL_ENABLE_OLD_DES_SUPPORT
+# endif
# endif
-#endif
-#ifdef OPENSSL_ENABLE_OLD_DES_SUPPORT
-# include
-#endif
+# ifdef OPENSSL_ENABLE_OLD_DES_SUPPORT
+# include
+# endif
-#define DES_KEY_SZ (sizeof(DES_cblock))
-#define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
+# define DES_KEY_SZ (sizeof(DES_cblock))
+# define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
-#define DES_ENCRYPT 1
-#define DES_DECRYPT 0
+# define DES_ENCRYPT 1
+# define DES_DECRYPT 0
-#define DES_CBC_MODE 0
-#define DES_PCBC_MODE 1
+# define DES_CBC_MODE 0
+# define DES_PCBC_MODE 1
-#define DES_ecb2_encrypt(i,o,k1,k2,e) \
- DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+# define DES_ecb2_encrypt(i,o,k1,k2,e) \
+ DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-#define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
- DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+# define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+ DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-#define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
- DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+# define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+ DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-#define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
- DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+# define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+ DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-OPENSSL_DECLARE_GLOBAL(int,DES_check_key); /* defaults to false */
-#define DES_check_key OPENSSL_GLOBAL_REF(DES_check_key)
-OPENSSL_DECLARE_GLOBAL(int,DES_rw_mode); /* defaults to DES_PCBC_MODE */
-#define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode)
+OPENSSL_DECLARE_GLOBAL(int, DES_check_key); /* defaults to false */
+# define DES_check_key OPENSSL_GLOBAL_REF(DES_check_key)
+OPENSSL_DECLARE_GLOBAL(int, DES_rw_mode); /* defaults to DES_PCBC_MODE */
+# define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode)
const char *DES_options(void);
void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
- DES_key_schedule *ks1,DES_key_schedule *ks2,
- DES_key_schedule *ks3, int enc);
-DES_LONG DES_cbc_cksum(const unsigned char *input,DES_cblock *output,
- long length,DES_key_schedule *schedule,
- const_DES_cblock *ivec);
+ DES_key_schedule *ks1, DES_key_schedule *ks2,
+ DES_key_schedule *ks3, int enc);
+DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+ long length, DES_key_schedule *schedule,
+ const_DES_cblock *ivec);
/* DES_cbc_encrypt does not update the IV! Use DES_ncbc_encrypt instead. */
-void DES_cbc_encrypt(const unsigned char *input,unsigned char *output,
- long length,DES_key_schedule *schedule,DES_cblock *ivec,
- int enc);
-void DES_ncbc_encrypt(const unsigned char *input,unsigned char *output,
- long length,DES_key_schedule *schedule,DES_cblock *ivec,
- int enc);
-void DES_xcbc_encrypt(const unsigned char *input,unsigned char *output,
- long length,DES_key_schedule *schedule,DES_cblock *ivec,
- const_DES_cblock *inw,const_DES_cblock *outw,int enc);
-void DES_cfb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
- long length,DES_key_schedule *schedule,DES_cblock *ivec,
- int enc);
-void DES_ecb_encrypt(const_DES_cblock *input,DES_cblock *output,
- DES_key_schedule *ks,int enc);
+void DES_cbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int enc);
+void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int enc);
+void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, const_DES_cblock *inw,
+ const_DES_cblock *outw, int enc);
+void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int enc);
+void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+ DES_key_schedule *ks, int enc);
-/* This is the DES encryption function that gets called by just about
- every other DES routine in the library. You should not use this
- function except to implement 'modes' of DES. I say this because the
- functions that call this routine do the conversion from 'char *' to
- long, and this needs to be done to make sure 'non-aligned' memory
- access do not occur. The characters are loaded 'little endian'.
- Data is a pointer to 2 unsigned long's and ks is the
- DES_key_schedule to use. enc, is non zero specifies encryption,
- zero if decryption. */
-void DES_encrypt1(DES_LONG *data,DES_key_schedule *ks, int enc);
+/*
+ * This is the DES encryption function that gets called by just about every
+ * other DES routine in the library. You should not use this function except
+ * to implement 'modes' of DES. I say this because the functions that call
+ * this routine do the conversion from 'char *' to long, and this needs to be
+ * done to make sure 'non-aligned' memory access do not occur. The
+ * characters are loaded 'little endian'. Data is a pointer to 2 unsigned
+ * long's and ks is the DES_key_schedule to use. enc, is non zero specifies
+ * encryption, zero if decryption.
+ */
+void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc);
-/* This functions is the same as DES_encrypt1() except that the DES
- initial permutation (IP) and final permutation (FP) have been left
- out. As for DES_encrypt1(), you should not use this function.
- It is used by the routines in the library that implement triple DES.
- IP() DES_encrypt2() DES_encrypt2() DES_encrypt2() FP() is the same
- as DES_encrypt1() DES_encrypt1() DES_encrypt1() except faster :-). */
-void DES_encrypt2(DES_LONG *data,DES_key_schedule *ks, int enc);
+/*
+ * This functions is the same as DES_encrypt1() except that the DES initial
+ * permutation (IP) and final permutation (FP) have been left out. As for
+ * DES_encrypt1(), you should not use this function. It is used by the
+ * routines in the library that implement triple DES. IP() DES_encrypt2()
+ * DES_encrypt2() DES_encrypt2() FP() is the same as DES_encrypt1()
+ * DES_encrypt1() DES_encrypt1() except faster :-).
+ */
+void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc);
void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
- DES_key_schedule *ks2, DES_key_schedule *ks3);
+ DES_key_schedule *ks2, DES_key_schedule *ks3);
void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
- DES_key_schedule *ks2, DES_key_schedule *ks3);
-void DES_ede3_cbc_encrypt(const unsigned char *input,unsigned char *output,
- long length,
- DES_key_schedule *ks1,DES_key_schedule *ks2,
- DES_key_schedule *ks3,DES_cblock *ivec,int enc);
-void DES_ede3_cbcm_encrypt(const unsigned char *in,unsigned char *out,
- long length,
- DES_key_schedule *ks1,DES_key_schedule *ks2,
- DES_key_schedule *ks3,
- DES_cblock *ivec1,DES_cblock *ivec2,
- int enc);
-void DES_ede3_cfb64_encrypt(const unsigned char *in,unsigned char *out,
- long length,DES_key_schedule *ks1,
- DES_key_schedule *ks2,DES_key_schedule *ks3,
- DES_cblock *ivec,int *num,int enc);
-void DES_ede3_cfb_encrypt(const unsigned char *in,unsigned char *out,
- int numbits,long length,DES_key_schedule *ks1,
- DES_key_schedule *ks2,DES_key_schedule *ks3,
- DES_cblock *ivec,int enc);
-void DES_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out,
- long length,DES_key_schedule *ks1,
- DES_key_schedule *ks2,DES_key_schedule *ks3,
- DES_cblock *ivec,int *num);
-#if 0
-void DES_xwhite_in2out(const_DES_cblock *DES_key,const_DES_cblock *in_white,
- DES_cblock *out_white);
-#endif
+ DES_key_schedule *ks2, DES_key_schedule *ks3);
+void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length,
+ DES_key_schedule *ks1, DES_key_schedule *ks2,
+ DES_key_schedule *ks3, DES_cblock *ivec, int enc);
+void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
+ long length,
+ DES_key_schedule *ks1, DES_key_schedule *ks2,
+ DES_key_schedule *ks3,
+ DES_cblock *ivec1, DES_cblock *ivec2, int enc);
+void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3,
+ DES_cblock *ivec, int *num, int enc);
+void DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
+ int numbits, long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3,
+ DES_cblock *ivec, int enc);
+void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2, DES_key_schedule *ks3,
+ DES_cblock *ivec, int *num);
+# if 0
+void DES_xwhite_in2out(const_DES_cblock *DES_key, const_DES_cblock *in_white,
+ DES_cblock *out_white);
+# endif
-int DES_enc_read(int fd,void *buf,int len,DES_key_schedule *sched,
- DES_cblock *iv);
-int DES_enc_write(int fd,const void *buf,int len,DES_key_schedule *sched,
- DES_cblock *iv);
-char *DES_fcrypt(const char *buf,const char *salt, char *ret);
-char *DES_crypt(const char *buf,const char *salt);
-void DES_ofb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
- long length,DES_key_schedule *schedule,DES_cblock *ivec);
-void DES_pcbc_encrypt(const unsigned char *input,unsigned char *output,
- long length,DES_key_schedule *schedule,DES_cblock *ivec,
- int enc);
-DES_LONG DES_quad_cksum(const unsigned char *input,DES_cblock output[],
- long length,int out_count,DES_cblock *seed);
+int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
+ DES_cblock *iv);
+int DES_enc_write(int fd, const void *buf, int len, DES_key_schedule *sched,
+ DES_cblock *iv);
+char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+char *DES_crypt(const char *buf, const char *salt);
+void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec);
+void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int enc);
+DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+ long length, int out_count, DES_cblock *seed);
int DES_random_key(DES_cblock *ret);
void DES_set_odd_parity(DES_cblock *key);
int DES_check_key_parity(const_DES_cblock *key);
int DES_is_weak_key(const_DES_cblock *key);
-/* DES_set_key (= set_key = DES_key_sched = key_sched) calls
+/*
+ * DES_set_key (= set_key = DES_key_sched = key_sched) calls
* DES_set_key_checked if global variable DES_check_key is set,
- * DES_set_key_unchecked otherwise. */
-int DES_set_key(const_DES_cblock *key,DES_key_schedule *schedule);
-int DES_key_sched(const_DES_cblock *key,DES_key_schedule *schedule);
-int DES_set_key_checked(const_DES_cblock *key,DES_key_schedule *schedule);
-void DES_set_key_unchecked(const_DES_cblock *key,DES_key_schedule *schedule);
-void DES_string_to_key(const char *str,DES_cblock *key);
-void DES_string_to_2keys(const char *str,DES_cblock *key1,DES_cblock *key2);
-void DES_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
- DES_key_schedule *schedule,DES_cblock *ivec,int *num,
- int enc);
-void DES_ofb64_encrypt(const unsigned char *in,unsigned char *out,long length,
- DES_key_schedule *schedule,DES_cblock *ivec,int *num);
+ * DES_set_key_unchecked otherwise.
+ */
+int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+# ifdef OPENSSL_FIPS
+void private_DES_set_key_unchecked(const_DES_cblock *key,
+ DES_key_schedule *schedule);
+# endif
+void DES_string_to_key(const char *str, DES_cblock *key);
+void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int *num, int enc);
+void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ long length, DES_key_schedule *schedule,
+ DES_cblock *ivec, int *num);
int DES_read_password(DES_cblock *key, const char *prompt, int verify);
-int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, const char *prompt,
- int verify);
+int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2,
+ const char *prompt, int verify);
-#define DES_fixup_key_parity DES_set_odd_parity
+# define DES_fixup_key_parity DES_set_odd_parity
#ifdef __cplusplus
}
diff --git a/Cryptlib/Include/openssl/des_old.h b/Cryptlib/Include/openssl/des_old.h
index 2b2c372..f1e1e2c 100644
--- a/Cryptlib/Include/openssl/des_old.h
+++ b/Cryptlib/Include/openssl/des_old.h
@@ -1,6 +1,7 @@
/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */
-/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+/*-
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*
* The function names in here are deprecated and are only present to
* provide an interface compatible with openssl 0.9.6 and older as
@@ -31,8 +32,9 @@
* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
*/
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2001.
*/
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
@@ -42,7 +44,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@@ -89,333 +91,382 @@
*/
#ifndef HEADER_DES_H
-#define HEADER_DES_H
+# define HEADER_DES_H
-#include /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG */
+# include /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG */
-#ifdef OPENSSL_NO_DES
-#error DES is disabled.
-#endif
+# ifdef OPENSSL_NO_DES
+# error DES is disabled.
+# endif
-#ifndef HEADER_NEW_DES_H
-#error You must include des.h, not des_old.h directly.
-#endif
+# ifndef HEADER_NEW_DES_H
+# error You must include des.h, not des_old.h directly.
+# endif
-#ifdef _KERBEROS_DES_H
-#error replaces .
-#endif
+# ifdef _KERBEROS_DES_H
+# error replaces .
+# endif
-#include
+# include
-#ifdef OPENSSL_BUILD_SHLIBCRYPTO
-# undef OPENSSL_EXTERN
-# define OPENSSL_EXTERN OPENSSL_EXPORT
-#endif
+# ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
#ifdef __cplusplus
extern "C" {
#endif
-#ifdef _
-#undef _
-#endif
+# ifdef _
+# undef _
+# endif
typedef unsigned char _ossl_old_des_cblock[8];
-typedef struct _ossl_old_des_ks_struct
- {
- union {
- _ossl_old_des_cblock _;
- /* make sure things are correct size on machines with
- * 8 byte longs */
- DES_LONG pad[2];
- } ks;
- } _ossl_old_des_key_schedule[16];
+typedef struct _ossl_old_des_ks_struct {
+ union {
+ _ossl_old_des_cblock _;
+ /*
+ * make sure things are correct size on machines with 8 byte longs
+ */
+ DES_LONG pad[2];
+ } ks;
+} _ossl_old_des_key_schedule[16];
-#ifndef OPENSSL_DES_LIBDES_COMPATIBILITY
-#define des_cblock DES_cblock
-#define const_des_cblock const_DES_cblock
-#define des_key_schedule DES_key_schedule
-#define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
- DES_ecb3_encrypt((i),(o),&(k1),&(k2),&(k3),(e))
-#define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
- DES_ede3_cbc_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(e))
-#define des_ede3_cbcm_encrypt(i,o,l,k1,k2,k3,iv1,iv2,e)\
- DES_ede3_cbcm_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv1),(iv2),(e))
-#define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
- DES_ede3_cfb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n),(e))
-#define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
- DES_ede3_ofb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n))
-#define des_options()\
- DES_options()
-#define des_cbc_cksum(i,o,l,k,iv)\
- DES_cbc_cksum((i),(o),(l),&(k),(iv))
-#define des_cbc_encrypt(i,o,l,k,iv,e)\
- DES_cbc_encrypt((i),(o),(l),&(k),(iv),(e))
-#define des_ncbc_encrypt(i,o,l,k,iv,e)\
- DES_ncbc_encrypt((i),(o),(l),&(k),(iv),(e))
-#define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
- DES_xcbc_encrypt((i),(o),(l),&(k),(iv),(inw),(outw),(e))
-#define des_cfb_encrypt(i,o,n,l,k,iv,e)\
- DES_cfb_encrypt((i),(o),(n),(l),&(k),(iv),(e))
-#define des_ecb_encrypt(i,o,k,e)\
- DES_ecb_encrypt((i),(o),&(k),(e))
-#define des_encrypt1(d,k,e)\
- DES_encrypt1((d),&(k),(e))
-#define des_encrypt2(d,k,e)\
- DES_encrypt2((d),&(k),(e))
-#define des_encrypt3(d,k1,k2,k3)\
- DES_encrypt3((d),&(k1),&(k2),&(k3))
-#define des_decrypt3(d,k1,k2,k3)\
- DES_decrypt3((d),&(k1),&(k2),&(k3))
-#define des_xwhite_in2out(k,i,o)\
- DES_xwhite_in2out((k),(i),(o))
-#define des_enc_read(f,b,l,k,iv)\
- DES_enc_read((f),(b),(l),&(k),(iv))
-#define des_enc_write(f,b,l,k,iv)\
- DES_enc_write((f),(b),(l),&(k),(iv))
-#define des_fcrypt(b,s,r)\
- DES_fcrypt((b),(s),(r))
-#if 0
-#define des_crypt(b,s)\
- DES_crypt((b),(s))
-#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__)
-#define crypt(b,s)\
- DES_crypt((b),(s))
-#endif
-#endif
-#define des_ofb_encrypt(i,o,n,l,k,iv)\
- DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv))
-#define des_pcbc_encrypt(i,o,l,k,iv,e)\
- DES_pcbc_encrypt((i),(o),(l),&(k),(iv),(e))
-#define des_quad_cksum(i,o,l,c,s)\
- DES_quad_cksum((i),(o),(l),(c),(s))
-#define des_random_seed(k)\
- _ossl_096_des_random_seed((k))
-#define des_random_key(r)\
- DES_random_key((r))
-#define des_read_password(k,p,v) \
- DES_read_password((k),(p),(v))
-#define des_read_2passwords(k1,k2,p,v) \
- DES_read_2passwords((k1),(k2),(p),(v))
-#define des_set_odd_parity(k)\
- DES_set_odd_parity((k))
-#define des_check_key_parity(k)\
- DES_check_key_parity((k))
-#define des_is_weak_key(k)\
- DES_is_weak_key((k))
-#define des_set_key(k,ks)\
- DES_set_key((k),&(ks))
-#define des_key_sched(k,ks)\
- DES_key_sched((k),&(ks))
-#define des_set_key_checked(k,ks)\
- DES_set_key_checked((k),&(ks))
-#define des_set_key_unchecked(k,ks)\
- DES_set_key_unchecked((k),&(ks))
-#define des_string_to_key(s,k)\
- DES_string_to_key((s),(k))
-#define des_string_to_2keys(s,k1,k2)\
- DES_string_to_2keys((s),(k1),(k2))
-#define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
- DES_cfb64_encrypt((i),(o),(l),&(ks),(iv),(n),(e))
-#define des_ofb64_encrypt(i,o,l,ks,iv,n)\
- DES_ofb64_encrypt((i),(o),(l),&(ks),(iv),(n))
-
+# ifndef OPENSSL_DES_LIBDES_COMPATIBILITY
+# define des_cblock DES_cblock
+# define const_des_cblock const_DES_cblock
+# define des_key_schedule DES_key_schedule
+# define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
+ DES_ecb3_encrypt((i),(o),&(k1),&(k2),&(k3),(e))
+# define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
+ DES_ede3_cbc_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(e))
+# define des_ede3_cbcm_encrypt(i,o,l,k1,k2,k3,iv1,iv2,e)\
+ DES_ede3_cbcm_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv1),(iv2),(e))
+# define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
+ DES_ede3_cfb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n),(e))
+# define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
+ DES_ede3_ofb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n))
+# define des_options()\
+ DES_options()
+# define des_cbc_cksum(i,o,l,k,iv)\
+ DES_cbc_cksum((i),(o),(l),&(k),(iv))
+# define des_cbc_encrypt(i,o,l,k,iv,e)\
+ DES_cbc_encrypt((i),(o),(l),&(k),(iv),(e))
+# define des_ncbc_encrypt(i,o,l,k,iv,e)\
+ DES_ncbc_encrypt((i),(o),(l),&(k),(iv),(e))
+# define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
+ DES_xcbc_encrypt((i),(o),(l),&(k),(iv),(inw),(outw),(e))
+# define des_cfb_encrypt(i,o,n,l,k,iv,e)\
+ DES_cfb_encrypt((i),(o),(n),(l),&(k),(iv),(e))
+# define des_ecb_encrypt(i,o,k,e)\
+ DES_ecb_encrypt((i),(o),&(k),(e))
+# define des_encrypt1(d,k,e)\
+ DES_encrypt1((d),&(k),(e))
+# define des_encrypt2(d,k,e)\
+ DES_encrypt2((d),&(k),(e))
+# define des_encrypt3(d,k1,k2,k3)\
+ DES_encrypt3((d),&(k1),&(k2),&(k3))
+# define des_decrypt3(d,k1,k2,k3)\
+ DES_decrypt3((d),&(k1),&(k2),&(k3))
+# define des_xwhite_in2out(k,i,o)\
+ DES_xwhite_in2out((k),(i),(o))
+# define des_enc_read(f,b,l,k,iv)\
+ DES_enc_read((f),(b),(l),&(k),(iv))
+# define des_enc_write(f,b,l,k,iv)\
+ DES_enc_write((f),(b),(l),&(k),(iv))
+# define des_fcrypt(b,s,r)\
+ DES_fcrypt((b),(s),(r))
+# if 0
+# define des_crypt(b,s)\
+ DES_crypt((b),(s))
+# if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__)
+# define crypt(b,s)\
+ DES_crypt((b),(s))
+# endif
+# endif
+# define des_ofb_encrypt(i,o,n,l,k,iv)\
+ DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv))
+# define des_pcbc_encrypt(i,o,l,k,iv,e)\
+ DES_pcbc_encrypt((i),(o),(l),&(k),(iv),(e))
+# define des_quad_cksum(i,o,l,c,s)\
+ DES_quad_cksum((i),(o),(l),(c),(s))
+# define des_random_seed(k)\
+ _ossl_096_des_random_seed((k))
+# define des_random_key(r)\
+ DES_random_key((r))
+# define des_read_password(k,p,v) \
+ DES_read_password((k),(p),(v))
+# define des_read_2passwords(k1,k2,p,v) \
+ DES_read_2passwords((k1),(k2),(p),(v))
+# define des_set_odd_parity(k)\
+ DES_set_odd_parity((k))
+# define des_check_key_parity(k)\
+ DES_check_key_parity((k))
+# define des_is_weak_key(k)\
+ DES_is_weak_key((k))
+# define des_set_key(k,ks)\
+ DES_set_key((k),&(ks))
+# define des_key_sched(k,ks)\
+ DES_key_sched((k),&(ks))
+# define des_set_key_checked(k,ks)\
+ DES_set_key_checked((k),&(ks))
+# define des_set_key_unchecked(k,ks)\
+ DES_set_key_unchecked((k),&(ks))
+# define des_string_to_key(s,k)\
+ DES_string_to_key((s),(k))
+# define des_string_to_2keys(s,k1,k2)\
+ DES_string_to_2keys((s),(k1),(k2))
+# define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
+ DES_cfb64_encrypt((i),(o),(l),&(ks),(iv),(n),(e))
+# define des_ofb64_encrypt(i,o,l,ks,iv,n)\
+ DES_ofb64_encrypt((i),(o),(l),&(ks),(iv),(n))
-#define des_ecb2_encrypt(i,o,k1,k2,e) \
- des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+# define des_ecb2_encrypt(i,o,k1,k2,e) \
+ des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
- des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+# define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+ des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
- des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+# define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+ des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
- des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+# define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+ des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-#define des_check_key DES_check_key
-#define des_rw_mode DES_rw_mode
-#else /* libdes compatibility */
-/* Map all symbol names to _ossl_old_des_* form, so we avoid all
- clashes with libdes */
-#define des_cblock _ossl_old_des_cblock
-#define des_key_schedule _ossl_old_des_key_schedule
-#define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
- _ossl_old_des_ecb3_encrypt((i),(o),(k1),(k2),(k3),(e))
-#define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
- _ossl_old_des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(e))
-#define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
- _ossl_old_des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n),(e))
-#define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
- _ossl_old_des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n))
-#define des_options()\
- _ossl_old_des_options()
-#define des_cbc_cksum(i,o,l,k,iv)\
- _ossl_old_des_cbc_cksum((i),(o),(l),(k),(iv))
-#define des_cbc_encrypt(i,o,l,k,iv,e)\
- _ossl_old_des_cbc_encrypt((i),(o),(l),(k),(iv),(e))
-#define des_ncbc_encrypt(i,o,l,k,iv,e)\
- _ossl_old_des_ncbc_encrypt((i),(o),(l),(k),(iv),(e))
-#define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
- _ossl_old_des_xcbc_encrypt((i),(o),(l),(k),(iv),(inw),(outw),(e))
-#define des_cfb_encrypt(i,o,n,l,k,iv,e)\
- _ossl_old_des_cfb_encrypt((i),(o),(n),(l),(k),(iv),(e))
-#define des_ecb_encrypt(i,o,k,e)\
- _ossl_old_des_ecb_encrypt((i),(o),(k),(e))
-#define des_encrypt(d,k,e)\
- _ossl_old_des_encrypt((d),(k),(e))
-#define des_encrypt2(d,k,e)\
- _ossl_old_des_encrypt2((d),(k),(e))
-#define des_encrypt3(d,k1,k2,k3)\
- _ossl_old_des_encrypt3((d),(k1),(k2),(k3))
-#define des_decrypt3(d,k1,k2,k3)\
- _ossl_old_des_decrypt3((d),(k1),(k2),(k3))
-#define des_xwhite_in2out(k,i,o)\
- _ossl_old_des_xwhite_in2out((k),(i),(o))
-#define des_enc_read(f,b,l,k,iv)\
- _ossl_old_des_enc_read((f),(b),(l),(k),(iv))
-#define des_enc_write(f,b,l,k,iv)\
- _ossl_old_des_enc_write((f),(b),(l),(k),(iv))
-#define des_fcrypt(b,s,r)\
- _ossl_old_des_fcrypt((b),(s),(r))
-#define des_crypt(b,s)\
- _ossl_old_des_crypt((b),(s))
-#if 0
-#define crypt(b,s)\
- _ossl_old_crypt((b),(s))
-#endif
-#define des_ofb_encrypt(i,o,n,l,k,iv)\
- _ossl_old_des_ofb_encrypt((i),(o),(n),(l),(k),(iv))
-#define des_pcbc_encrypt(i,o,l,k,iv,e)\
- _ossl_old_des_pcbc_encrypt((i),(o),(l),(k),(iv),(e))
-#define des_quad_cksum(i,o,l,c,s)\
- _ossl_old_des_quad_cksum((i),(o),(l),(c),(s))
-#define des_random_seed(k)\
- _ossl_old_des_random_seed((k))
-#define des_random_key(r)\
- _ossl_old_des_random_key((r))
-#define des_read_password(k,p,v) \
- _ossl_old_des_read_password((k),(p),(v))
-#define des_read_2passwords(k1,k2,p,v) \
- _ossl_old_des_read_2passwords((k1),(k2),(p),(v))
-#define des_set_odd_parity(k)\
- _ossl_old_des_set_odd_parity((k))
-#define des_is_weak_key(k)\
- _ossl_old_des_is_weak_key((k))
-#define des_set_key(k,ks)\
- _ossl_old_des_set_key((k),(ks))
-#define des_key_sched(k,ks)\
- _ossl_old_des_key_sched((k),(ks))
-#define des_string_to_key(s,k)\
- _ossl_old_des_string_to_key((s),(k))
-#define des_string_to_2keys(s,k1,k2)\
- _ossl_old_des_string_to_2keys((s),(k1),(k2))
-#define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
- _ossl_old_des_cfb64_encrypt((i),(o),(l),(ks),(iv),(n),(e))
-#define des_ofb64_encrypt(i,o,l,ks,iv,n)\
- _ossl_old_des_ofb64_encrypt((i),(o),(l),(ks),(iv),(n))
-
+# define des_check_key DES_check_key
+# define des_rw_mode DES_rw_mode
+# else /* libdes compatibility */
+/*
+ * Map all symbol names to _ossl_old_des_* form, so we avoid all clashes with
+ * libdes
+ */
+# define des_cblock _ossl_old_des_cblock
+# define des_key_schedule _ossl_old_des_key_schedule
+# define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
+ _ossl_old_des_ecb3_encrypt((i),(o),(k1),(k2),(k3),(e))
+# define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
+ _ossl_old_des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(e))
+# define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
+ _ossl_old_des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n),(e))
+# define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
+ _ossl_old_des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n))
+# define des_options()\
+ _ossl_old_des_options()
+# define des_cbc_cksum(i,o,l,k,iv)\
+ _ossl_old_des_cbc_cksum((i),(o),(l),(k),(iv))
+# define des_cbc_encrypt(i,o,l,k,iv,e)\
+ _ossl_old_des_cbc_encrypt((i),(o),(l),(k),(iv),(e))
+# define des_ncbc_encrypt(i,o,l,k,iv,e)\
+ _ossl_old_des_ncbc_encrypt((i),(o),(l),(k),(iv),(e))
+# define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
+ _ossl_old_des_xcbc_encrypt((i),(o),(l),(k),(iv),(inw),(outw),(e))
+# define des_cfb_encrypt(i,o,n,l,k,iv,e)\
+ _ossl_old_des_cfb_encrypt((i),(o),(n),(l),(k),(iv),(e))
+# define des_ecb_encrypt(i,o,k,e)\
+ _ossl_old_des_ecb_encrypt((i),(o),(k),(e))
+# define des_encrypt(d,k,e)\
+ _ossl_old_des_encrypt((d),(k),(e))
+# define des_encrypt2(d,k,e)\
+ _ossl_old_des_encrypt2((d),(k),(e))
+# define des_encrypt3(d,k1,k2,k3)\
+ _ossl_old_des_encrypt3((d),(k1),(k2),(k3))
+# define des_decrypt3(d,k1,k2,k3)\
+ _ossl_old_des_decrypt3((d),(k1),(k2),(k3))
+# define des_xwhite_in2out(k,i,o)\
+ _ossl_old_des_xwhite_in2out((k),(i),(o))
+# define des_enc_read(f,b,l,k,iv)\
+ _ossl_old_des_enc_read((f),(b),(l),(k),(iv))
+# define des_enc_write(f,b,l,k,iv)\
+ _ossl_old_des_enc_write((f),(b),(l),(k),(iv))
+# define des_fcrypt(b,s,r)\
+ _ossl_old_des_fcrypt((b),(s),(r))
+# define des_crypt(b,s)\
+ _ossl_old_des_crypt((b),(s))
+# if 0
+# define crypt(b,s)\
+ _ossl_old_crypt((b),(s))
+# endif
+# define des_ofb_encrypt(i,o,n,l,k,iv)\
+ _ossl_old_des_ofb_encrypt((i),(o),(n),(l),(k),(iv))
+# define des_pcbc_encrypt(i,o,l,k,iv,e)\
+ _ossl_old_des_pcbc_encrypt((i),(o),(l),(k),(iv),(e))
+# define des_quad_cksum(i,o,l,c,s)\
+ _ossl_old_des_quad_cksum((i),(o),(l),(c),(s))
+# define des_random_seed(k)\
+ _ossl_old_des_random_seed((k))
+# define des_random_key(r)\
+ _ossl_old_des_random_key((r))
+# define des_read_password(k,p,v) \
+ _ossl_old_des_read_password((k),(p),(v))
+# define des_read_2passwords(k1,k2,p,v) \
+ _ossl_old_des_read_2passwords((k1),(k2),(p),(v))
+# define des_set_odd_parity(k)\
+ _ossl_old_des_set_odd_parity((k))
+# define des_is_weak_key(k)\
+ _ossl_old_des_is_weak_key((k))
+# define des_set_key(k,ks)\
+ _ossl_old_des_set_key((k),(ks))
+# define des_key_sched(k,ks)\
+ _ossl_old_des_key_sched((k),(ks))
+# define des_string_to_key(s,k)\
+ _ossl_old_des_string_to_key((s),(k))
+# define des_string_to_2keys(s,k1,k2)\
+ _ossl_old_des_string_to_2keys((s),(k1),(k2))
+# define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
+ _ossl_old_des_cfb64_encrypt((i),(o),(l),(ks),(iv),(n),(e))
+# define des_ofb64_encrypt(i,o,l,ks,iv,n)\
+ _ossl_old_des_ofb64_encrypt((i),(o),(l),(ks),(iv),(n))
-#define des_ecb2_encrypt(i,o,k1,k2,e) \
- des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+# define des_ecb2_encrypt(i,o,k1,k2,e) \
+ des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
- des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+# define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+ des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
- des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+# define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+ des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
- des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+# define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+ des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-#define des_check_key DES_check_key
-#define des_rw_mode DES_rw_mode
-#endif
+# define des_check_key DES_check_key
+# define des_rw_mode DES_rw_mode
+# endif
const char *_ossl_old_des_options(void);
-void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
- _ossl_old_des_key_schedule ks1,_ossl_old_des_key_schedule ks2,
- _ossl_old_des_key_schedule ks3, int enc);
-DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
- long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec);
-void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
- _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
-void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
- _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
-void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
- _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,
- _ossl_old_des_cblock *inw,_ossl_old_des_cblock *outw,int enc);
-void _ossl_old_des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
- long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
-void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
- _ossl_old_des_key_schedule ks,int enc);
-void _ossl_old_des_encrypt(DES_LONG *data,_ossl_old_des_key_schedule ks, int enc);
-void _ossl_old_des_encrypt2(DES_LONG *data,_ossl_old_des_key_schedule ks, int enc);
+void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output,
+ _ossl_old_des_key_schedule ks1,
+ _ossl_old_des_key_schedule ks2,
+ _ossl_old_des_key_schedule ks3, int enc);
+DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec);
+void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int enc);
+void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int enc);
+void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec,
+ _ossl_old_des_cblock *inw,
+ _ossl_old_des_cblock *outw, int enc);
+void _ossl_old_des_cfb_encrypt(unsigned char *in, unsigned char *out,
+ int numbits, long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int enc);
+void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output,
+ _ossl_old_des_key_schedule ks, int enc);
+void _ossl_old_des_encrypt(DES_LONG *data, _ossl_old_des_key_schedule ks,
+ int enc);
+void _ossl_old_des_encrypt2(DES_LONG *data, _ossl_old_des_key_schedule ks,
+ int enc);
void _ossl_old_des_encrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
- _ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3);
+ _ossl_old_des_key_schedule ks2,
+ _ossl_old_des_key_schedule ks3);
void _ossl_old_des_decrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
- _ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3);
-void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input, _ossl_old_des_cblock *output,
- long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
- _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int enc);
+ _ossl_old_des_key_schedule ks2,
+ _ossl_old_des_key_schedule ks3);
+void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ _ossl_old_des_key_schedule ks1,
+ _ossl_old_des_key_schedule ks2,
+ _ossl_old_des_key_schedule ks3,
+ _ossl_old_des_cblock *ivec, int enc);
void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
- long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
- _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num, int enc);
+ long length,
+ _ossl_old_des_key_schedule ks1,
+ _ossl_old_des_key_schedule ks2,
+ _ossl_old_des_key_schedule ks3,
+ _ossl_old_des_cblock *ivec, int *num,
+ int enc);
void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
- long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2,
- _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock *ivec, int *num);
-#if 0
-void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white),
- _ossl_old_des_cblock (*out_white));
-#endif
+ long length,
+ _ossl_old_des_key_schedule ks1,
+ _ossl_old_des_key_schedule ks2,
+ _ossl_old_des_key_schedule ks3,
+ _ossl_old_des_cblock *ivec, int *num);
+# if 0
+void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key),
+ _ossl_old_des_cblock (*in_white),
+ _ossl_old_des_cblock (*out_white));
+# endif
-int _ossl_old_des_enc_read(int fd,char *buf,int len,_ossl_old_des_key_schedule sched,
- _ossl_old_des_cblock *iv);
-int _ossl_old_des_enc_write(int fd,char *buf,int len,_ossl_old_des_key_schedule sched,
- _ossl_old_des_cblock *iv);
-char *_ossl_old_des_fcrypt(const char *buf,const char *salt, char *ret);
-char *_ossl_old_des_crypt(const char *buf,const char *salt);
-#if !defined(PERL5) && !defined(NeXT)
-char *_ossl_old_crypt(const char *buf,const char *salt);
-#endif
-void _ossl_old_des_ofb_encrypt(unsigned char *in,unsigned char *out,
- int numbits,long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec);
-void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,long length,
- _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock *ivec,int enc);
-DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,_ossl_old_des_cblock *output,
- long length,int out_count,_ossl_old_des_cblock *seed);
+int _ossl_old_des_enc_read(int fd, char *buf, int len,
+ _ossl_old_des_key_schedule sched,
+ _ossl_old_des_cblock *iv);
+int _ossl_old_des_enc_write(int fd, char *buf, int len,
+ _ossl_old_des_key_schedule sched,
+ _ossl_old_des_cblock *iv);
+char *_ossl_old_des_fcrypt(const char *buf, const char *salt, char *ret);
+char *_ossl_old_des_crypt(const char *buf, const char *salt);
+# if !defined(PERL5) && !defined(NeXT)
+char *_ossl_old_crypt(const char *buf, const char *salt);
+# endif
+void _ossl_old_des_ofb_encrypt(unsigned char *in, unsigned char *out,
+ int numbits, long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec);
+void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int enc);
+DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,
+ _ossl_old_des_cblock *output, long length,
+ int out_count, _ossl_old_des_cblock *seed);
void _ossl_old_des_random_seed(_ossl_old_des_cblock key);
void _ossl_old_des_random_key(_ossl_old_des_cblock ret);
-int _ossl_old_des_read_password(_ossl_old_des_cblock *key,const char *prompt,int verify);
-int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2,
- const char *prompt,int verify);
+int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
+ int verify);
+int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,
+ _ossl_old_des_cblock *key2,
+ const char *prompt, int verify);
void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key);
int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key);
-int _ossl_old_des_set_key(_ossl_old_des_cblock *key,_ossl_old_des_key_schedule schedule);
-int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,_ossl_old_des_key_schedule schedule);
-void _ossl_old_des_string_to_key(char *str,_ossl_old_des_cblock *key);
-void _ossl_old_des_string_to_2keys(char *str,_ossl_old_des_cblock *key1,_ossl_old_des_cblock *key2);
-void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
- _ossl_old_des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num, int enc);
-void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
- _ossl_old_des_key_schedule schedule, _ossl_old_des_cblock *ivec, int *num);
+int _ossl_old_des_set_key(_ossl_old_des_cblock *key,
+ _ossl_old_des_key_schedule schedule);
+int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,
+ _ossl_old_des_key_schedule schedule);
+void _ossl_old_des_string_to_key(char *str, _ossl_old_des_cblock *key);
+void _ossl_old_des_string_to_2keys(char *str, _ossl_old_des_cblock *key1,
+ _ossl_old_des_cblock *key2);
+void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out,
+ long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int *num,
+ int enc);
+void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out,
+ long length,
+ _ossl_old_des_key_schedule schedule,
+ _ossl_old_des_cblock *ivec, int *num);
void _ossl_096_des_random_seed(des_cblock *key);
-/* The following definitions provide compatibility with the MIT Kerberos
- * library. The _ossl_old_des_key_schedule structure is not binary compatible. */
+/*
+ * The following definitions provide compatibility with the MIT Kerberos
+ * library. The _ossl_old_des_key_schedule structure is not binary
+ * compatible.
+ */
-#define _KERBEROS_DES_H
+# define _KERBEROS_DES_H
-#define KRBDES_ENCRYPT DES_ENCRYPT
-#define KRBDES_DECRYPT DES_DECRYPT
+# define KRBDES_ENCRYPT DES_ENCRYPT
+# define KRBDES_DECRYPT DES_DECRYPT
-#ifdef KERBEROS
+# ifdef KERBEROS
# define ENCRYPT DES_ENCRYPT
# define DECRYPT DES_DECRYPT
-#endif
+# endif
-#ifndef NCOMPAT
+# ifndef NCOMPAT
# define C_Block des_cblock
# define Key_schedule des_key_schedule
# define KEY_SZ DES_KEY_SZ
@@ -432,15 +483,15 @@ void _ossl_096_des_random_seed(des_cblock *key);
# define cbc_cksum des_cbc_cksum
# define quad_cksum des_quad_cksum
# define check_parity des_check_key_parity
-#endif
+# endif
-#define des_fixup_key_parity DES_fixup_key_parity
+# define des_fixup_key_parity DES_fixup_key_parity
#ifdef __cplusplus
}
#endif
/* for DES_read_pw_string et al */
-#include
+# include
#endif
diff --git a/Cryptlib/Include/openssl/dh.h b/Cryptlib/Include/openssl/dh.h
index 10475ac..0502f1a 100644
--- a/Cryptlib/Include/openssl/dh.h
+++ b/Cryptlib/Include/openssl/dh.h
@@ -5,21 +5,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,10 +34,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
@@ -57,36 +57,54 @@
*/
#ifndef HEADER_DH_H
-#define HEADER_DH_H
+# define HEADER_DH_H
-#include
+# include
-#ifdef OPENSSL_NO_DH
-#error DH is disabled.
-#endif
+# ifdef OPENSSL_NO_DH
+# error DH is disabled.
+# endif
-#ifndef OPENSSL_NO_BIO
-#include
-#endif
-#include
-#ifndef OPENSSL_NO_DEPRECATED
-#include
-#endif
-
-#ifndef OPENSSL_DH_MAX_MODULUS_BITS
-# define OPENSSL_DH_MAX_MODULUS_BITS 10000
-#endif
+# ifndef OPENSSL_NO_BIO
+# include
+# endif
+# include
+# ifndef OPENSSL_NO_DEPRECATED
+# include
+# endif
-#define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024
+# ifndef OPENSSL_DH_MAX_MODULUS_BITS
+# define OPENSSL_DH_MAX_MODULUS_BITS 10000
+# endif
-#define DH_FLAG_CACHE_MONT_P 0x01
-#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
- * implementation now uses constant time
- * modular exponentiation for secret exponents
- * by default. This flag causes the
- * faster variable sliding window method to
- * be used for all exponents.
- */
+# define DH_FLAG_CACHE_MONT_P 0x01
+
+/*
+ * new with 0.9.7h; the built-in DH
+ * implementation now uses constant time
+ * modular exponentiation for secret exponents
+ * by default. This flag causes the
+ * faster variable sliding window method to
+ * be used for all exponents.
+ */
+# define DH_FLAG_NO_EXP_CONSTTIME 0x02
+
+/*
+ * If this flag is set the DH method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its reposibility to ensure the
+ * result is compliant.
+ */
+
+# define DH_FLAG_FIPS_METHOD 0x0400
+
+/*
+ * If this flag is set the operations normally disabled in FIPS mode are
+ * permitted it is then the applications responsibility to ensure that the
+ * usage is compliant.
+ */
+
+# define DH_FLAG_NON_FIPS_ALLOW 0x0400
#ifdef __cplusplus
extern "C" {
@@ -96,124 +114,233 @@ extern "C" {
/* typedef struct dh_st DH; */
/* typedef struct dh_method DH_METHOD; */
-struct dh_method
- {
- const char *name;
- /* Methods here */
- int (*generate_key)(DH *dh);
- int (*compute_key)(unsigned char *key,const BIGNUM *pub_key,DH *dh);
- int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx); /* Can be null */
+struct dh_method {
+ const char *name;
+ /* Methods here */
+ int (*generate_key) (DH *dh);
+ int (*compute_key) (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+ /* Can be null */
+ int (*bn_mod_exp) (const DH *dh, BIGNUM *r, const BIGNUM *a,
+ const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *m_ctx);
+ int (*init) (DH *dh);
+ int (*finish) (DH *dh);
+ int flags;
+ char *app_data;
+ /* If this is non-NULL, it will be used to generate parameters */
+ int (*generate_params) (DH *dh, int prime_len, int generator,
+ BN_GENCB *cb);
+};
- int (*init)(DH *dh);
- int (*finish)(DH *dh);
- int flags;
- char *app_data;
- /* If this is non-NULL, it will be used to generate parameters */
- int (*generate_params)(DH *dh, int prime_len, int generator, BN_GENCB *cb);
- };
+struct dh_st {
+ /*
+ * This first argument is used to pick up errors when a DH is passed
+ * instead of a EVP_PKEY
+ */
+ int pad;
+ int version;
+ BIGNUM *p;
+ BIGNUM *g;
+ long length; /* optional */
+ BIGNUM *pub_key; /* g^x */
+ BIGNUM *priv_key; /* x */
+ int flags;
+ BN_MONT_CTX *method_mont_p;
+ /* Place holders if we want to do X9.42 DH */
+ BIGNUM *q;
+ BIGNUM *j;
+ unsigned char *seed;
+ int seedlen;
+ BIGNUM *counter;
+ int references;
+ CRYPTO_EX_DATA ex_data;
+ const DH_METHOD *meth;
+ ENGINE *engine;
+};
-struct dh_st
- {
- /* This first argument is used to pick up errors when
- * a DH is passed instead of a EVP_PKEY */
- int pad;
- int version;
- BIGNUM *p;
- BIGNUM *g;
- long length; /* optional */
- BIGNUM *pub_key; /* g^x */
- BIGNUM *priv_key; /* x */
-
- int flags;
- BN_MONT_CTX *method_mont_p;
- /* Place holders if we want to do X9.42 DH */
- BIGNUM *q;
- BIGNUM *j;
- unsigned char *seed;
- int seedlen;
- BIGNUM *counter;
-
- int references;
- CRYPTO_EX_DATA ex_data;
- const DH_METHOD *meth;
- ENGINE *engine;
- };
-
-#define DH_GENERATOR_2 2
-/* #define DH_GENERATOR_3 3 */
-#define DH_GENERATOR_5 5
+# define DH_GENERATOR_2 2
+/* #define DH_GENERATOR_3 3 */
+# define DH_GENERATOR_5 5
/* DH_check error codes */
-#define DH_CHECK_P_NOT_PRIME 0x01
-#define DH_CHECK_P_NOT_SAFE_PRIME 0x02
-#define DH_UNABLE_TO_CHECK_GENERATOR 0x04
-#define DH_NOT_SUITABLE_GENERATOR 0x08
+# define DH_CHECK_P_NOT_PRIME 0x01
+# define DH_CHECK_P_NOT_SAFE_PRIME 0x02
+# define DH_UNABLE_TO_CHECK_GENERATOR 0x04
+# define DH_NOT_SUITABLE_GENERATOR 0x08
+# define DH_CHECK_Q_NOT_PRIME 0x10
+# define DH_CHECK_INVALID_Q_VALUE 0x20
+# define DH_CHECK_INVALID_J_VALUE 0x40
/* DH_check_pub_key error codes */
-#define DH_CHECK_PUBKEY_TOO_SMALL 0x01
-#define DH_CHECK_PUBKEY_TOO_LARGE 0x02
+# define DH_CHECK_PUBKEY_TOO_SMALL 0x01
+# define DH_CHECK_PUBKEY_TOO_LARGE 0x02
-/* primes p where (p-1)/2 is prime too are called "safe"; we define
- this for backward compatibility: */
-#define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
+/*
+ * primes p where (p-1)/2 is prime too are called "safe"; we define this for
+ * backward compatibility:
+ */
+# define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
-#define DHparams_dup(x) ASN1_dup_of_const(DH,i2d_DHparams,d2i_DHparams,x)
-#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
- (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
-#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
- (unsigned char *)(x))
-#define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
-#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
+# define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+ (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
+# define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
+ (unsigned char *)(x))
+# define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
+# define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
+
+DH *DHparams_dup(DH *);
const DH_METHOD *DH_OpenSSL(void);
-#ifdef OPENSSL_FIPS
-DH * FIPS_dh_new(void);
-void FIPS_dh_free(DH *dh);
-#endif
-
void DH_set_default_method(const DH_METHOD *meth);
const DH_METHOD *DH_get_default_method(void);
int DH_set_method(DH *dh, const DH_METHOD *meth);
DH *DH_new_method(ENGINE *engine);
-DH * DH_new(void);
-void DH_free(DH *dh);
-int DH_up_ref(DH *dh);
-int DH_size(const DH *dh);
+DH *DH_new(void);
+void DH_free(DH *dh);
+int DH_up_ref(DH *dh);
+int DH_size(const DH *dh);
int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int DH_set_ex_data(DH *d, int idx, void *arg);
void *DH_get_ex_data(DH *d, int idx);
/* Deprecated version */
-#ifndef OPENSSL_NO_DEPRECATED
-DH * DH_generate_parameters(int prime_len,int generator,
- void (*callback)(int,int,void *),void *cb_arg);
-#endif /* !defined(OPENSSL_NO_DEPRECATED) */
+# ifndef OPENSSL_NO_DEPRECATED
+DH *DH_generate_parameters(int prime_len, int generator,
+ void (*callback) (int, int, void *), void *cb_arg);
+# endif /* !defined(OPENSSL_NO_DEPRECATED) */
/* New version */
-int DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb);
+int DH_generate_parameters_ex(DH *dh, int prime_len, int generator,
+ BN_GENCB *cb);
-int DH_check(const DH *dh,int *codes);
-int DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes);
-int DH_generate_key(DH *dh);
-int DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
-DH * d2i_DHparams(DH **a,const unsigned char **pp, long length);
-int i2d_DHparams(const DH *a,unsigned char **pp);
-#ifndef OPENSSL_NO_FP_API
-int DHparams_print_fp(FILE *fp, const DH *x);
-#endif
-#ifndef OPENSSL_NO_BIO
-int DHparams_print(BIO *bp, const DH *x);
-#else
-int DHparams_print(char *bp, const DH *x);
-#endif
+int DH_check(const DH *dh, int *codes);
+int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *codes);
+int DH_generate_key(DH *dh);
+int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
+int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh);
+DH *d2i_DHparams(DH **a, const unsigned char **pp, long length);
+int i2d_DHparams(const DH *a, unsigned char **pp);
+DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length);
+int i2d_DHxparams(const DH *a, unsigned char **pp);
+# ifndef OPENSSL_NO_FP_API
+int DHparams_print_fp(FILE *fp, const DH *x);
+# endif
+# ifndef OPENSSL_NO_BIO
+int DHparams_print(BIO *bp, const DH *x);
+# else
+int DHparams_print(char *bp, const DH *x);
+# endif
+
+/* RFC 5114 parameters */
+DH *DH_get_1024_160(void);
+DH *DH_get_2048_224(void);
+DH *DH_get_2048_256(void);
+
+/* RFC2631 KDF */
+int DH_KDF_X9_42(unsigned char *out, size_t outlen,
+ const unsigned char *Z, size_t Zlen,
+ ASN1_OBJECT *key_oid,
+ const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
+
+# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, len, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dhx_rfc5114(ctx, gen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
+
+# define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
+
+# define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)oid)
+
+# define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)poid)
+
+# define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)md)
+
+# define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)pmd)
+
+# define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
+
+# define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)plen)
+
+# define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)p)
+
+# define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)p)
+
+# define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_DH_RFC5114 (EVP_PKEY_ALG_CTRL + 3)
+# define EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN (EVP_PKEY_ALG_CTRL + 4)
+# define EVP_PKEY_CTRL_DH_PARAMGEN_TYPE (EVP_PKEY_ALG_CTRL + 5)
+# define EVP_PKEY_CTRL_DH_KDF_TYPE (EVP_PKEY_ALG_CTRL + 6)
+# define EVP_PKEY_CTRL_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 7)
+# define EVP_PKEY_CTRL_GET_DH_KDF_MD (EVP_PKEY_ALG_CTRL + 8)
+# define EVP_PKEY_CTRL_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 9)
+# define EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 10)
+# define EVP_PKEY_CTRL_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 11)
+# define EVP_PKEY_CTRL_GET_DH_KDF_UKM (EVP_PKEY_ALG_CTRL + 12)
+# define EVP_PKEY_CTRL_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 13)
+# define EVP_PKEY_CTRL_GET_DH_KDF_OID (EVP_PKEY_ALG_CTRL + 14)
+
+/* KDF types */
+# define EVP_PKEY_DH_KDF_NONE 1
+# define EVP_PKEY_DH_KDF_X9_42 2
/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_DH_strings(void);
@@ -221,23 +348,43 @@ void ERR_load_DH_strings(void);
/* Error codes for the DH functions. */
/* Function codes. */
-#define DH_F_COMPUTE_KEY 102
-#define DH_F_DHPARAMS_PRINT 100
-#define DH_F_DHPARAMS_PRINT_FP 101
-#define DH_F_DH_BUILTIN_GENPARAMS 106
-#define DH_F_DH_COMPUTE_KEY 107
-#define DH_F_DH_GENERATE_KEY 108
-#define DH_F_DH_GENERATE_PARAMETERS 109
-#define DH_F_DH_NEW_METHOD 105
-#define DH_F_GENERATE_KEY 103
-#define DH_F_GENERATE_PARAMETERS 104
+# define DH_F_COMPUTE_KEY 102
+# define DH_F_DHPARAMS_PRINT_FP 101
+# define DH_F_DH_BUILTIN_GENPARAMS 106
+# define DH_F_DH_CMS_DECRYPT 117
+# define DH_F_DH_CMS_SET_PEERKEY 118
+# define DH_F_DH_CMS_SET_SHARED_INFO 119
+# define DH_F_DH_COMPUTE_KEY 114
+# define DH_F_DH_GENERATE_KEY 115
+# define DH_F_DH_GENERATE_PARAMETERS_EX 116
+# define DH_F_DH_NEW_METHOD 105
+# define DH_F_DH_PARAM_DECODE 107
+# define DH_F_DH_PRIV_DECODE 110
+# define DH_F_DH_PRIV_ENCODE 111
+# define DH_F_DH_PUB_DECODE 108
+# define DH_F_DH_PUB_ENCODE 109
+# define DH_F_DO_DH_PRINT 100
+# define DH_F_GENERATE_KEY 103
+# define DH_F_GENERATE_PARAMETERS 104
+# define DH_F_PKEY_DH_DERIVE 112
+# define DH_F_PKEY_DH_KEYGEN 113
/* Reason codes. */
-#define DH_R_BAD_GENERATOR 101
-#define DH_R_INVALID_PUBKEY 102
-#define DH_R_KEY_SIZE_TOO_SMALL 104
-#define DH_R_MODULUS_TOO_LARGE 103
-#define DH_R_NO_PRIVATE_VALUE 100
+# define DH_R_BAD_GENERATOR 101
+# define DH_R_BN_DECODE_ERROR 109
+# define DH_R_BN_ERROR 106
+# define DH_R_DECODE_ERROR 104
+# define DH_R_INVALID_PUBKEY 102
+# define DH_R_KDF_PARAMETER_ERROR 112
+# define DH_R_KEYS_NOT_SET 108
+# define DH_R_KEY_SIZE_TOO_SMALL 110
+# define DH_R_MODULUS_TOO_LARGE 103
+# define DH_R_NON_FIPS_METHOD 111
+# define DH_R_NO_PARAMETERS_SET 107
+# define DH_R_NO_PRIVATE_VALUE 100
+# define DH_R_PARAMETER_ENCODING_ERROR 105
+# define DH_R_PEER_KEY_ERROR 113
+# define DH_R_SHARED_INFO_ERROR 114
#ifdef __cplusplus
}
diff --git a/Cryptlib/Include/openssl/dsa.h b/Cryptlib/Include/openssl/dsa.h
index 702c50d..545358f 100644
--- a/Cryptlib/Include/openssl/dsa.h
+++ b/Cryptlib/Include/openssl/dsa.h
@@ -5,21 +5,21 @@
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@@ -34,10 +34,10 @@
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
@@ -63,60 +63,55 @@
* stylistic vision for SSLeay :-) */
#ifndef HEADER_DSA_H
-#define HEADER_DSA_H
+# define HEADER_DSA_H
-#include
+# include
-#ifdef OPENSSL_NO_DSA
-#error DSA is disabled.
-#endif
+# ifdef OPENSSL_NO_DSA
+# error DSA is disabled.
+# endif
-#ifndef OPENSSL_NO_BIO
-#include
-#endif
-#include
-#include
+# ifndef OPENSSL_NO_BIO
+# include
+# endif
+# include
+# include
-#ifndef OPENSSL_NO_DEPRECATED
-#include
-#ifndef OPENSSL_NO_DH
-# include
-#endif
-#endif
+# ifndef OPENSSL_NO_DEPRECATED
+# include
+# ifndef OPENSSL_NO_DH
+# include
+# endif
+# endif
-#ifndef OPENSSL_DSA_MAX_MODULUS_BITS
-# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
-#endif
+# ifndef OPENSSL_DSA_MAX_MODULUS_BITS
+# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
+# endif
-#define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024
+# define DSA_FLAG_CACHE_MONT_P 0x01
+/*
+ * new with 0.9.7h; the built-in DSA implementation now uses constant time
+ * modular exponentiation for secret exponents by default. This flag causes
+ * the faster variable sliding window method to be used for all exponents.
+ */
+# define DSA_FLAG_NO_EXP_CONSTTIME 0x02
-#define DSA_FLAG_CACHE_MONT_P 0x01
-#define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA
- * implementation now uses constant time
- * modular exponentiation for secret exponents
- * by default. This flag causes the
- * faster variable sliding window method to
- * be used for all exponents.
- */
-
-/* If this flag is set the DSA method is FIPS compliant and can be used
- * in FIPS mode. This is set in the validated module method. If an
- * application sets this flag in its own methods it is its reposibility
- * to ensure the result is compliant.
+/*
+ * If this flag is set the DSA method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its reposibility to ensure the
+ * result is compliant.
*/
-#define DSA_FLAG_FIPS_METHOD 0x0400
+# define DSA_FLAG_FIPS_METHOD 0x0400
-/* If this flag is set the operations normally disabled in FIPS mode are
+/*
+ * If this flag is set the operations normally disabled in FIPS mode are
* permitted it is then the applications responsibility to ensure that the
* usage is compliant.
*/
-#define DSA_FLAG_NON_FIPS_ALLOW 0x0400
-
-#ifdef OPENSSL_FIPS
-#define FIPS_DSA_SIZE_T int
-#endif
+# define DSA_FLAG_NON_FIPS_ALLOW 0x0400
#ifdef __cplusplus
extern "C" {
@@ -126,162 +121,161 @@ extern "C" {
/* typedef struct dsa_st DSA; */
/* typedef struct dsa_method DSA_METHOD; */
-typedef struct DSA_SIG_st
- {
- BIGNUM *r;
- BIGNUM *s;
- } DSA_SIG;
+typedef struct DSA_SIG_st {
+ BIGNUM *r;
+ BIGNUM *s;
+} DSA_SIG;
-struct dsa_method
- {
- const char *name;
- DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa);
- int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
- BIGNUM **rp);
- int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa);
- int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
- BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *in_mont);
- int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx); /* Can be null */
- int (*init)(DSA *dsa);
- int (*finish)(DSA *dsa);
- int flags;
- char *app_data;
- /* If this is non-NULL, it is used to generate DSA parameters */
- int (*dsa_paramgen)(DSA *dsa, int bits,
- unsigned char *seed, int seed_len,
- int *counter_ret, unsigned long *h_ret,
- BN_GENCB *cb);
- /* If this is non-NULL, it is used to generate DSA keys */
- int (*dsa_keygen)(DSA *dsa);
- };
+struct dsa_method {
+ const char *name;
+ DSA_SIG *(*dsa_do_sign) (const unsigned char *dgst, int dlen, DSA *dsa);
+ int (*dsa_sign_setup) (DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
+ BIGNUM **rp);
+ int (*dsa_do_verify) (const unsigned char *dgst, int dgst_len,
+ DSA_SIG *sig, DSA *dsa);
+ int (*dsa_mod_exp) (DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
+ BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *in_mont);
+ /* Can be null */
+ int (*bn_mod_exp) (DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+ int (*init) (DSA *dsa);
+ int (*finish) (DSA *dsa);
+ int flags;
+ char *app_data;
+ /* If this is non-NULL, it is used to generate DSA parameters */
+ int (*dsa_paramgen) (DSA *dsa, int bits,
+ const unsigned char *seed, int seed_len,
+ int *counter_ret, unsigned long *h_ret,
+ BN_GENCB *cb);
+ /* If this is non-NULL, it is used to generate DSA keys */
+ int (*dsa_keygen) (DSA *dsa);
+};
-struct dsa_st
- {
- /* This first variable is used to pick up errors where
- * a DSA is passed instead of of a EVP_PKEY */
- int pad;
- long version;
- int write_params;
- BIGNUM *p;
- BIGNUM *q; /* == 20 */
- BIGNUM *g;
+struct dsa_st {
+ /*
+ * This first variable is used to pick up errors where a DSA is passed
+ * instead of of a EVP_PKEY
+ */
+ int pad;
+ long version;
+ int write_params;
+ BIGNUM *p;
+ BIGNUM *q; /* == 20 */
+ BIGNUM *g;
+ BIGNUM *pub_key; /* y public key */
+ BIGNUM *priv_key; /* x private key */
+ BIGNUM *kinv; /* Signing pre-calc */
+ BIGNUM *r; /* Signing pre-calc */
+ int flags;
+ /* Normally used to cache montgomery values */
+ BN_MONT_CTX *method_mont_p;
+ int references;
+ CRYPTO_EX_DATA ex_data;
+ const DSA_METHOD *meth;
+ /* functional reference if 'meth' is ENGINE-provided */
+ ENGINE *engine;
+};
- BIGNUM *pub_key; /* y public key */
- BIGNUM *priv_key; /* x private key */
+# define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
+ (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
+# define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
+ (unsigned char *)(x))
+# define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
+# define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
- BIGNUM *kinv; /* Signing pre-calc */
- BIGNUM *r; /* Signing pre-calc */
+DSA *DSAparams_dup(DSA *x);
+DSA_SIG *DSA_SIG_new(void);
+void DSA_SIG_free(DSA_SIG *a);
+int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
+DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length);
- int flags;
- /* Normally used to cache montgomery values */
- BN_MONT_CTX *method_mont_p;
- int references;
- CRYPTO_EX_DATA ex_data;
- const DSA_METHOD *meth;
- /* functional reference if 'meth' is ENGINE-provided */
- ENGINE *engine;
- };
-
-#define DSAparams_dup(x) ASN1_dup_of_const(DSA,i2d_DSAparams,d2i_DSAparams,x)
-#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
- (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
-#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
- (unsigned char *)(x))
-#define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
-#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
-
-
-DSA_SIG * DSA_SIG_new(void);
-void DSA_SIG_free(DSA_SIG *a);
-int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
-DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length);
-
-DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa);
-int DSA_do_verify(const unsigned char *dgst,int dgst_len,
- DSA_SIG *sig,DSA *dsa);
+DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+int DSA_do_verify(const unsigned char *dgst, int dgst_len,
+ DSA_SIG *sig, DSA *dsa);
const DSA_METHOD *DSA_OpenSSL(void);
-void DSA_set_default_method(const DSA_METHOD *);
+void DSA_set_default_method(const DSA_METHOD *);
const DSA_METHOD *DSA_get_default_method(void);
-int DSA_set_method(DSA *dsa, const DSA_METHOD *);
+int DSA_set_method(DSA *dsa, const DSA_METHOD *);
-#ifdef OPENSSL_FIPS
-DSA * FIPS_dsa_new(void);
-void FIPS_dsa_free (DSA *r);
-#endif
-
-DSA * DSA_new(void);
-DSA * DSA_new_method(ENGINE *engine);
-void DSA_free (DSA *r);
+DSA *DSA_new(void);
+DSA *DSA_new_method(ENGINE *engine);
+void DSA_free(DSA *r);
/* "up" the DSA object's reference count */
-int DSA_up_ref(DSA *r);
-int DSA_size(const DSA *);
- /* next 4 return -1 on error */
-int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
-int DSA_sign(int type,const unsigned char *dgst,int dlen,
- unsigned char *sig, unsigned int *siglen, DSA *dsa);
-int DSA_verify(int type,const unsigned char *dgst,int dgst_len,
- const unsigned char *sigbuf, int siglen, DSA *dsa);
+int DSA_up_ref(DSA *r);
+int DSA_size(const DSA *);
+ /* next 4 return -1 on error */
+int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
+int DSA_sign(int type, const unsigned char *dgst, int dlen,
+ unsigned char *sig, unsigned int *siglen, DSA *dsa);
+int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
+ const unsigned char *sigbuf, int siglen, DSA *dsa);
int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int DSA_set_ex_data(DSA *d, int idx, void *arg);
void *DSA_get_ex_data(DSA *d, int idx);
-DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
-DSA * d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
-DSA * d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
+DSA *d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
+DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
+DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
/* Deprecated version */
-#ifndef OPENSSL_NO_DEPRECATED
-DSA * DSA_generate_parameters(int bits,
- unsigned char *seed,int seed_len,
- int *counter_ret, unsigned long *h_ret,void
- (*callback)(int, int, void *),void *cb_arg);
-#endif /* !defined(OPENSSL_NO_DEPRECATED) */
+# ifndef OPENSSL_NO_DEPRECATED
+DSA *DSA_generate_parameters(int bits,
+ unsigned char *seed, int seed_len,
+ int *counter_ret, unsigned long *h_ret, void
+ (*callback) (int, int, void *), void *cb_arg);
+# endif /* !defined(OPENSSL_NO_DEPRECATED) */
/* New version */
-int DSA_generate_parameters_ex(DSA *dsa, int bits,
- unsigned char *seed,int seed_len,
- int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
+int DSA_generate_parameters_ex(DSA *dsa, int bits,
+ const unsigned char *seed, int seed_len,
+ int *counter_ret, unsigned long *h_ret,
+ BN_GENCB *cb);
-int DSA_generate_key(DSA *a);
-int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
-int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
-int i2d_DSAparams(const DSA *a,unsigned char **pp);
+int DSA_generate_key(DSA *a);
+int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
+int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
+int i2d_DSAparams(const DSA *a, unsigned char **pp);
-#ifndef OPENSSL_NO_BIO
-int DSAparams_print(BIO *bp, const DSA *x);
-int DSA_print(BIO *bp, const DSA *x, int off);
-#endif
-#ifndef OPENSSL_NO_FP_API
-int DSAparams_print_fp(FILE *fp, const DSA *x);
-int DSA_print_fp(FILE *bp, const DSA *x, int off);
-#endif
+# ifndef OPENSSL_NO_BIO
+int DSAparams_print(BIO *bp, const DSA *x);
+int DSA_print(BIO *bp, const DSA *x, int off);
+# endif
+# ifndef OPENSSL_NO_FP_API
+int DSAparams_print_fp(FILE *fp, const DSA *x);
+int DSA_print_fp(FILE *bp, const DSA *x, int off);
+# endif
-#define DSS_prime_checks 50
-/* Primality test according to FIPS PUB 186[-1], Appendix 2.1:
- * 50 rounds of Rabin-Miller */
-#define DSA_is_prime(n, callback, cb_arg) \
- BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
+# define DSS_prime_checks 50
+/*
+ * Primality test according to FIPS PUB 186[-1], Appendix 2.1: 50 rounds of
+ * Rabin-Miller
+ */
+# define DSA_is_prime(n, callback, cb_arg) \
+ BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
-#ifndef OPENSSL_NO_DH
-/* Convert DSA structure (key or just parameters) into DH structure
- * (be careful to avoid small subgroup attacks when using this!) */
+# ifndef OPENSSL_NO_DH
+/*
+ * Convert DSA structure (key or just parameters) into DH structure (be
+ * careful to avoid small subgroup attacks when using this!)
+ */
DH *DSA_dup_DH(const DSA *r);
-#endif
+# endif
-#ifdef OPENSSL_FIPS
-int FIPS_dsa_sig_encode(unsigned char *out, DSA_SIG *sig);
-int FIPS_dsa_sig_decode(DSA_SIG *sig, const unsigned char *in, int inlen);
-#endif
+# define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+ EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
+
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3)
/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_DSA_strings(void);
@@ -289,34 +283,48 @@ void ERR_load_DSA_strings(void);
/* Error codes for the DSA functions. */
/* Function codes. */
-#define DSA_F_D2I_DSA_SIG 110
-#define DSA_F_DSAPARAMS_PRINT 100
-#define DSA_F_DSAPARAMS_PRINT_FP 101
-#define DSA_F_DSA_BUILTIN_KEYGEN 119
-#define DSA_F_DSA_BUILTIN_PARAMGEN 118
-#define DSA_F_DSA_DO_SIGN 112
-#define DSA_F_DSA_DO_VERIFY 113
-#define DSA_F_DSA_GENERATE_PARAMETERS 117
-#define DSA_F_DSA_NEW_METHOD 103
-#define DSA_F_DSA_PRINT 104
-#define DSA_F_DSA_PRINT_FP 105
-#define DSA_F_DSA_SET_DEFAULT_METHOD 115
-#define DSA_F_DSA_SET_METHOD 116
-#define DSA_F_DSA_SIGN 106
-#define DSA_F_DSA_SIGN_SETUP 107
-#define DSA_F_DSA_SIG_NEW 109
-#define DSA_F_DSA_VERIFY 108
-#define DSA_F_I2D_DSA_SIG 111
-#define DSA_F_SIG_CB 114
+# define DSA_F_D2I_DSA_SIG 110
+# define DSA_F_DO_DSA_PRINT 104
+# define DSA_F_DSAPARAMS_PRINT 100
+# define DSA_F_DSAPARAMS_PRINT_FP 101
+# define DSA_F_DSA_BUILTIN_PARAMGEN2 126
+# define DSA_F_DSA_DO_SIGN 112
+# define DSA_F_DSA_DO_VERIFY 113
+# define DSA_F_DSA_GENERATE_KEY 124
+# define DSA_F_DSA_GENERATE_PARAMETERS_EX 123
+# define DSA_F_DSA_NEW_METHOD 103
+# define DSA_F_DSA_PARAM_DECODE 119
+# define DSA_F_DSA_PRINT_FP 105
+# define DSA_F_DSA_PRIV_DECODE 115
+# define DSA_F_DSA_PRIV_ENCODE 116
+# define DSA_F_DSA_PUB_DECODE 117
+# define DSA_F_DSA_PUB_ENCODE 118
+# define DSA_F_DSA_SIGN 106
+# define DSA_F_DSA_SIGN_SETUP 107
+# define DSA_F_DSA_SIG_NEW 109
+# define DSA_F_DSA_SIG_PRINT 125
+# define DSA_F_DSA_VERIFY 108
+# define DSA_F_I2D_DSA_SIG 111
+# define DSA_F_OLD_DSA_PRIV_DECODE 122
+# define DSA_F_PKEY_DSA_CTRL 120
+# define DSA_F_PKEY_DSA_KEYGEN 121
+# define DSA_F_SIG_CB 114
/* Reason codes. */
-#define DSA_R_BAD_Q_VALUE 102
-#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
-#define DSA_R_KEY_SIZE_TOO_SMALL 106
-#define DSA_R_MISSING_PARAMETERS 101
-#define DSA_R_MODULUS_TOO_LARGE 103
-#define DSA_R_NON_FIPS_METHOD 104
-#define DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 105
+# define DSA_R_BAD_Q_VALUE 102
+# define DSA_R_BN_DECODE_ERROR 108
+# define DSA_R_BN_ERROR 109
+# define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
+# define DSA_R_DECODE_ERROR 104
+# define DSA_R_INVALID_DIGEST_TYPE 106
+# define DSA_R_INVALID_PARAMETERS 112
+# define DSA_R_MISSING_PARAMETERS 101
+# define DSA_R_MODULUS_TOO_LARGE 103
+# define DSA_R_NEED_NEW_SETUP_VALUES 110
+# define DSA_R_NON_FIPS_DSA_METHOD 111
+# define DSA_R_NO_PARAMETERS_SET 107
+# define DSA_R_PARAMETER_ENCODING_ERROR 105
+# define DSA_R_Q_NOT_PRIME 113
#ifdef __cplusplus
}
diff --git a/Cryptlib/Include/openssl/dso.h b/Cryptlib/Include/openssl/dso.h
index 3e51913..7c4a1dc 100644
--- a/Cryptlib/Include/openssl/dso.h
+++ b/Cryptlib/Include/openssl/dso.h
@@ -1,6 +1,7 @@
/* dso.h -*- mode:C; c-file-style: "eay" -*- */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
*/
/* ====================================================================
* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
@@ -10,7 +11,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@@ -57,212 +58,248 @@
*/
#ifndef HEADER_DSO_H
-#define HEADER_DSO_H
+# define HEADER_DSO_H
-#include
+# include
#ifdef __cplusplus
extern "C" {
#endif
/* These values are used as commands to DSO_ctrl() */
-#define DSO_CTRL_GET_FLAGS 1
-#define DSO_CTRL_SET_FLAGS 2
-#define DSO_CTRL_OR_FLAGS 3
+# define DSO_CTRL_GET_FLAGS 1
+# define DSO_CTRL_SET_FLAGS 2
+# define DSO_CTRL_OR_FLAGS 3
-/* By default, DSO_load() will translate the provided filename into a form
+/*
+ * By default, DSO_load() will translate the provided filename into a form
* typical for the platform (more specifically the DSO_METHOD) using the
* dso_name_converter function of the method. Eg. win32 will transform "blah"
* into "blah.dll", and dlfcn will transform it into "libblah.so". The
- * behaviour can be overriden by setting the name_converter callback in the DSO
- * object (using DSO_set_name_converter()). This callback could even utilise
- * the DSO_METHOD's converter too if it only wants to override behaviour for
- * one or two possible DSO methods. However, the following flag can be set in a
- * DSO to prevent *any* native name-translation at all - eg. if the caller has
- * prompted the user for a path to a driver library so the filename should be
- * interpreted as-is. */
-#define DSO_FLAG_NO_NAME_TRANSLATION 0x01
-/* An extra flag to give if only the extension should be added as
- * translation. This is obviously only of importance on Unix and
- * other operating systems where the translation also may prefix
- * the name with something, like 'lib', and ignored everywhere else.
- * This flag is also ignored if DSO_FLAG_NO_NAME_TRANSLATION is used
- * at the same time. */
-#define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY 0x02
-
-/* The following flag controls the translation of symbol names to upper
- * case. This is currently only being implemented for OpenVMS.
+ * behaviour can be overriden by setting the name_converter callback in the
+ * DSO object (using DSO_set_name_converter()). This callback could even
+ * utilise the DSO_METHOD's converter too if it only wants to override
+ * behaviour for one or two possible DSO methods. However, the following flag
+ * can be set in a DSO to prevent *any* native name-translation at all - eg.
+ * if the caller has prompted the user for a path to a driver library so the
+ * filename should be interpreted as-is.
*/
-#define DSO_FLAG_UPCASE_SYMBOL 0x10
-
-/* This flag loads the library with public symbols.
- * Meaning: The exported symbols of this library are public
- * to all libraries loaded after this library.
- * At the moment only implemented in unix.
+# define DSO_FLAG_NO_NAME_TRANSLATION 0x01
+/*
+ * An extra flag to give if only the extension should be added as
+ * translation. This is obviously only of importance on Unix and other
+ * operating systems where the translation also may prefix the name with
+ * something, like 'lib', and ignored everywhere else. This flag is also
+ * ignored if DSO_FLAG_NO_NAME_TRANSLATION is used at the same time.
*/
-#define DSO_FLAG_GLOBAL_SYMBOLS 0x20
+# define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY 0x02
+/*
+ * The following flag controls the translation of symbol names to upper case.
+ * This is currently only being implemented for OpenVMS.
+ */
+# define DSO_FLAG_UPCASE_SYMBOL 0x10
-typedef void (*DSO_FUNC_TYPE)(void);
+/*
+ * This flag loads the library with public symbols. Meaning: The exported
+ * symbols of this library are public to all libraries loaded after this
+ * library. At the moment only implemented in unix.
+ */
+# define DSO_FLAG_GLOBAL_SYMBOLS 0x20
+
+typedef void (*DSO_FUNC_TYPE) (void);
typedef struct dso_st DSO;
-/* The function prototype used for method functions (or caller-provided
- * callbacks) that transform filenames. They are passed a DSO structure pointer
- * (or NULL if they are to be used independantly of a DSO object) and a
- * filename to transform. They should either return NULL (if there is an error
- * condition) or a newly allocated string containing the transformed form that
- * the caller will need to free with OPENSSL_free() when done. */
-typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
-/* The function prototype used for method functions (or caller-provided
- * callbacks) that merge two file specifications. They are passed a
- * DSO structure pointer (or NULL if they are to be used independantly of
- * a DSO object) and two file specifications to merge. They should
- * either return NULL (if there is an error condition) or a newly allocated
- * string containing the result of merging that the caller will need
- * to free with OPENSSL_free() when done.
- * Here, merging means that bits and pieces are taken from each of the
- * file specifications and added together in whatever fashion that is
- * sensible for the DSO method in question. The only rule that really
- * applies is that if the two specification contain pieces of the same
- * type, the copy from the first string takes priority. One could see
- * it as the first specification is the one given by the user and the
- * second being a bunch of defaults to add on if they're missing in the
- * first. */
-typedef char* (*DSO_MERGER_FUNC)(DSO *, const char *, const char *);
-
-typedef struct dso_meth_st
- {
- const char *name;
- /* Loads a shared library, NB: new DSO_METHODs must ensure that a
- * successful load populates the loaded_filename field, and likewise a
- * successful unload OPENSSL_frees and NULLs it out. */
- int (*dso_load)(DSO *dso);
- /* Unloads a shared library */
- int (*dso_unload)(DSO *dso);
- /* Binds a variable */
- void *(*dso_bind_var)(DSO *dso, const char *symname);
- /* Binds a function - assumes a return type of DSO_FUNC_TYPE.
- * This should be cast to the real function prototype by the
- * caller. Platforms that don't have compatible representations
- * for different prototypes (this is possible within ANSI C)
- * are highly unlikely to have shared libraries at all, let
- * alone a DSO_METHOD implemented for them. */
- DSO_FUNC_TYPE (*dso_bind_func)(DSO *dso, const char *symname);
+/*
+ * The function prototype used for method functions (or caller-provided
+ * callbacks) that transform filenames. They are passed a DSO structure
+ * pointer (or NULL if they are to be used independantly of a DSO object) and
+ * a filename to transform. They should either return NULL (if there is an
+ * error condition) or a newly allocated string containing the transformed
+ * form that the caller will need to free with OPENSSL_free() when done.
+ */
+typedef char *(*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
+/*
+ * The function prototype used for method functions (or caller-provided
+ * callbacks) that merge two file specifications. They are passed a DSO
+ * structure pointer (or NULL if they are to be used independantly of a DSO
+ * object) and two file specifications to merge. They should either return
+ * NULL (if there is an error condition) or a newly allocated string
+ * containing the result of merging that the caller will need to free with
+ * OPENSSL_free() when done. Here, merging means that bits and pieces are
+ * taken from each of the file specifications and added together in whatever
+ * fashion that is sensible for the DSO method in question. The only rule
+ * that really applies is that if the two specification contain pieces of the
+ * same type, the copy from the first string takes priority. One could see
+ * it as the first specification is the one given by the user and the second
+ * being a bunch of defaults to add on if they're missing in the first.
+ */
+typedef char *(*DSO_MERGER_FUNC)(DSO *, const char *, const char *);
+typedef struct dso_meth_st {
+ const char *name;
+ /*
+ * Loads a shared library, NB: new DSO_METHODs must ensure that a
+ * successful load populates the loaded_filename field, and likewise a
+ * successful unload OPENSSL_frees and NULLs it out.
+ */
+ int (*dso_load) (DSO *dso);
+ /* Unloads a shared library */
+ int (*dso_unload) (DSO *dso);
+ /* Binds a variable */
+ void *(*dso_bind_var) (DSO *dso, const char *symname);
+ /*
+ * Binds a function - assumes a return type of DSO_FUNC_TYPE. This should
+ * be cast to the real function prototype by the caller. Platforms that
+ * don't have compatible representations for different prototypes (this
+ * is possible within ANSI C) are highly unlikely to have shared
+ * libraries at all, let alone a DSO_METHOD implemented for them.
+ */
+ DSO_FUNC_TYPE (*dso_bind_func) (DSO *dso, const char *symname);
/* I don't think this would actually be used in any circumstances. */
-#if 0
- /* Unbinds a variable */
- int (*dso_unbind_var)(DSO *dso, char *symname, void *symptr);
- /* Unbinds a function */
- int (*dso_unbind_func)(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
-#endif
- /* The generic (yuck) "ctrl()" function. NB: Negative return
- * values (rather than zero) indicate errors. */
- long (*dso_ctrl)(DSO *dso, int cmd, long larg, void *parg);
- /* The default DSO_METHOD-specific function for converting filenames to
- * a canonical native form. */
- DSO_NAME_CONVERTER_FUNC dso_name_converter;
- /* The default DSO_METHOD-specific function for converting filenames to
- * a canonical native form. */
- DSO_MERGER_FUNC dso_merger;
-
- /* [De]Initialisation handlers. */
- int (*init)(DSO *dso);
- int (*finish)(DSO *dso);
- } DSO_METHOD;
+# if 0
+ /* Unbinds a variable */
+ int (*dso_unbind_var) (DSO *dso, char *symname, void *symptr);
+ /* Unbinds a function */
+ int (*dso_unbind_func) (DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
+# endif
+ /*
+ * The generic (yuck) "ctrl()" function. NB: Negative return values
+ * (rather than zero) indicate errors.
+ */
+ long (*dso_ctrl) (DSO *dso, int cmd, long larg, void *parg);
+ /*
+ * The default DSO_METHOD-specific function for converting filenames to a
+ * canonical native form.
+ */
+ DSO_NAME_CONVERTER_FUNC dso_name_converter;
+ /*
+ * The default DSO_METHOD-specific function for converting filenames to a
+ * canonical native form.
+ */
+ DSO_MERGER_FUNC dso_merger;
+ /* [De]Initialisation handlers. */
+ int (*init) (DSO *dso);
+ int (*finish) (DSO *dso);
+ /* Return pathname of the module containing location */
+ int (*pathbyaddr) (void *addr, char *path, int sz);
+ /* Perform global symbol lookup, i.e. among *all* modules */
+ void *(*globallookup) (const char *symname);
+} DSO_METHOD;
/**********************************************************************/
/* The low-level handle type used to refer to a loaded shared library */
-struct dso_st
- {
- DSO_METHOD *meth;
- /* Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS
- * doesn't use anything but will need to cache the filename
- * for use in the dso_bind handler. All in all, let each
- * method control its own destiny. "Handles" and such go in
- * a STACK. */
- STACK *meth_data;
- int references;
- int flags;
- /* For use by applications etc ... use this for your bits'n'pieces,
- * don't touch meth_data! */
- CRYPTO_EX_DATA ex_data;
- /* If this callback function pointer is set to non-NULL, then it will
- * be used in DSO_load() in place of meth->dso_name_converter. NB: This
- * should normally set using DSO_set_name_converter(). */
- DSO_NAME_CONVERTER_FUNC name_converter;
- /* If this callback function pointer is set to non-NULL, then it will
- * be used in DSO_load() in place of meth->dso_merger. NB: This
- * should normally set using DSO_set_merger(). */
- DSO_MERGER_FUNC merger;
- /* This is populated with (a copy of) the platform-independant
- * filename used for this DSO. */
- char *filename;
- /* This is populated with (a copy of) the translated filename by which
- * the DSO was actually loaded. It is NULL iff the DSO is not currently
- * loaded. NB: This is here because the filename translation process
- * may involve a callback being invoked more than once not only to
- * convert to a platform-specific form, but also to try different
- * filenames in the process of trying to perform a load. As such, this
- * variable can be used to indicate (a) whether this DSO structure
- * corresponds to a loaded library or not, and (b) the filename with
- * which it was actually loaded. */
- char *loaded_filename;
- };
+struct dso_st {
+ DSO_METHOD *meth;
+ /*
+ * Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS doesn't use
+ * anything but will need to cache the filename for use in the dso_bind
+ * handler. All in all, let each method control its own destiny.
+ * "Handles" and such go in a STACK.
+ */
+ STACK_OF(void) *meth_data;
+ int references;
+ int flags;
+ /*
+ * For use by applications etc ... use this for your bits'n'pieces, don't
+ * touch meth_data!
+ */
+ CRYPTO_EX_DATA ex_data;
+ /*
+ * If this callback function pointer is set to non-NULL, then it will be
+ * used in DSO_load() in place of meth->dso_name_converter. NB: This
+ * should normally set using DSO_set_name_converter().
+ */
+ DSO_NAME_CONVERTER_FUNC name_converter;
+ /*
+ * If this callback function pointer is set to non-NULL, then it will be
+ * used in DSO_load() in place of meth->dso_merger. NB: This should
+ * normally set using DSO_set_merger().
+ */
+ DSO_MERGER_FUNC merger;
+ /*
+ * This is populated with (a copy of) the platform-independant filename
+ * used for this DSO.
+ */
+ char *filename;
+ /*
+ * This is populated with (a copy of) the translated filename by which
+ * the DSO was actually loaded. It is NULL iff the DSO is not currently
+ * loaded. NB: This is here because the filename translation process may
+ * involve a callback being invoked more than once not only to convert to
+ * a platform-specific form, but also to try different filenames in the
+ * process of trying to perform a load. As such, this variable can be
+ * used to indicate (a) whether this DSO structure corresponds to a
+ * loaded library or not, and (b) the filename with which it was actually
+ * loaded.
+ */
+ char *loaded_filename;
+};
+DSO *DSO_new(void);
+DSO *DSO_new_method(DSO_METHOD *method);
+int DSO_free(DSO *dso);
+int DSO_flags(DSO *dso);
+int DSO_up_ref(DSO *dso);
+long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
-DSO * DSO_new(void);
-DSO * DSO_new_method(DSO_METHOD *method);
-int DSO_free(DSO *dso);
-int DSO_flags(DSO *dso);
-int DSO_up_ref(DSO *dso);
-long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
-
-/* This function sets the DSO's name_converter callback. If it is non-NULL,
+/*
+ * This function sets the DSO's name_converter callback. If it is non-NULL,
* then it will be used instead of the associated DSO_METHOD's function. If
* oldcb is non-NULL then it is set to the function pointer value being
- * replaced. Return value is non-zero for success. */
-int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
- DSO_NAME_CONVERTER_FUNC *oldcb);
-/* These functions can be used to get/set the platform-independant filename
- * used for a DSO. NB: set will fail if the DSO is already loaded. */
+ * replaced. Return value is non-zero for success.
+ */
+int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
+ DSO_NAME_CONVERTER_FUNC *oldcb);
+/*
+ * These functions can be used to get/set the platform-independant filename
+ * used for a DSO. NB: set will fail if the DSO is already loaded.
+ */
const char *DSO_get_filename(DSO *dso);
-int DSO_set_filename(DSO *dso, const char *filename);
-/* This function will invoke the DSO's name_converter callback to translate a
+int DSO_set_filename(DSO *dso, const char *filename);
+/*
+ * This function will invoke the DSO's name_converter callback to translate a
* filename, or if the callback isn't set it will instead use the DSO_METHOD's
* converter. If "filename" is NULL, the "filename" in the DSO itself will be
* used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is
* simply duplicated. NB: This function is usually called from within a
- * DSO_METHOD during the processing of a DSO_load() call, and is exposed so that
- * caller-created DSO_METHODs can do the same thing. A non-NULL return value
- * will need to be OPENSSL_free()'d. */
-char *DSO_convert_filename(DSO *dso, const char *filename);
-/* This function will invoke the DSO's merger callback to merge two file
+ * DSO_METHOD during the processing of a DSO_load() call, and is exposed so
+ * that caller-created DSO_METHODs can do the same thing. A non-NULL return
+ * value will need to be OPENSSL_free()'d.
+ */
+char *DSO_convert_filename(DSO *dso, const char *filename);
+/*
+ * This function will invoke the DSO's merger callback to merge two file
* specifications, or if the callback isn't set it will instead use the
* DSO_METHOD's merger. A non-NULL return value will need to be
- * OPENSSL_free()'d. */
-char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2);
-/* If the DSO is currently loaded, this returns the filename that it was loaded
- * under, otherwise it returns NULL. So it is also useful as a test as to
- * whether the DSO is currently loaded. NB: This will not necessarily return
- * the same value as DSO_convert_filename(dso, dso->filename), because the
- * DSO_METHOD's load function may have tried a variety of filenames (with
+ * OPENSSL_free()'d.
+ */
+char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2);
+/*
+ * If the DSO is currently loaded, this returns the filename that it was
+ * loaded under, otherwise it returns NULL. So it is also useful as a test as
+ * to whether the DSO is currently loaded. NB: This will not necessarily
+ * return the same value as DSO_convert_filename(dso, dso->filename), because
+ * the DSO_METHOD's load function may have tried a variety of filenames (with
* and/or without the aid of the converters) before settling on the one it
- * actually loaded. */
+ * actually loaded.
+ */
const char *DSO_get_loaded_filename(DSO *dso);
-void DSO_set_default_method(DSO_METHOD *meth);
+void DSO_set_default_method(DSO_METHOD *meth);
DSO_METHOD *DSO_get_default_method(void);
DSO_METHOD *DSO_get_method(DSO *dso);
DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
-/* The all-singing all-dancing load function, you normally pass NULL
- * for the first and third parameters. Use DSO_up and DSO_free for
- * subsequent reference count handling. Any flags passed in will be set
- * in the constructed DSO after its init() function but before the
- * load operation. If 'dso' is non-NULL, 'flags' is ignored. */
+/*
+ * The all-singing all-dancing load function, you normally pass NULL for the
+ * first and third parameters. Use DSO_up and DSO_free for subsequent
+ * reference count handling. Any flags passed in will be set in the
+ * constructed DSO after its init() function but before the load operation.
+ * If 'dso' is non-NULL, 'flags' is ignored.
+ */
DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
/* This function binds to a variable inside a shared library. */
@@ -271,23 +308,31 @@ void *DSO_bind_var(DSO *dso, const char *symname);
/* This function binds to a function inside a shared library. */
DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
-/* This method is the default, but will beg, borrow, or steal whatever
- * method should be the default on any particular platform (including
- * DSO_METH_null() if necessary). */
+/*
+ * This method is the default, but will beg, borrow, or steal whatever method
+ * should be the default on any particular platform (including
+ * DSO_METH_null() if necessary).
+ */
DSO_METHOD *DSO_METHOD_openssl(void);
-/* This method is defined for all platforms - if a platform has no
- * DSO support then this will be the only method! */
+/*
+ * This method is defined for all platforms - if a platform has no DSO
+ * support then this will be the only method!
+ */
DSO_METHOD *DSO_METHOD_null(void);
-/* If DSO_DLFCN is defined, the standard dlfcn.h-style functions
- * (dlopen, dlclose, dlsym, etc) will be used and incorporated into
- * this method. If not, this method will return NULL. */
+/*
+ * If DSO_DLFCN is defined, the standard dlfcn.h-style functions (dlopen,
+ * dlclose, dlsym, etc) will be used and incorporated into this method. If
+ * not, this method will return NULL.
+ */
DSO_METHOD *DSO_METHOD_dlfcn(void);
-/* If DSO_DL is defined, the standard dl.h-style functions (shl_load,
- * shl_unload, shl_findsym, etc) will be used and incorporated into
- * this method. If not, this method will return NULL. */
+/*
+ * If DSO_DL is defined, the standard dl.h-style functions (shl_load,
+ * shl_unload, shl_findsym, etc) will be used and incorporated into this
+ * method. If not, this method will return NULL.
+ */
DSO_METHOD *DSO_METHOD_dl(void);
/* If WIN32 is defined, use DLLs. If not, return NULL. */
@@ -296,8 +341,34 @@ DSO_METHOD *DSO_METHOD_win32(void);
/* If VMS is defined, use shared images. If not, return NULL. */
DSO_METHOD *DSO_METHOD_vms(void);
+/*
+ * This function writes null-terminated pathname of DSO module containing
+ * 'addr' into 'sz' large caller-provided 'path' and returns the number of
+ * characters [including trailing zero] written to it. If 'sz' is 0 or
+ * negative, 'path' is ignored and required amount of charachers [including
+ * trailing zero] to accomodate pathname is returned. If 'addr' is NULL, then
+ * pathname of cryptolib itself is returned. Negative or zero return value
+ * denotes error.
+ */
+int DSO_pathbyaddr(void *addr, char *path, int sz);
+
+/*
+ * This function should be used with caution! It looks up symbols in *all*
+ * loaded modules and if module gets unloaded by somebody else attempt to
+ * dereference the pointer is doomed to have fatal consequences. Primary
+ * usage for this function is to probe *core* system functionality, e.g.
+ * check if getnameinfo(3) is available at run-time without bothering about
+ * OS-specific details such as libc.so.versioning or where does it actually
+ * reside: in libc itself or libsocket.
+ */
+void *DSO_global_lookup(const char *name);
+
+/* If BeOS is defined, use shared images. If not, return NULL. */
+DSO_METHOD *DSO_METHOD_beos(void);
+
/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_DSO_strings(void);
@@ -305,62 +376,74 @@ void ERR_load_DSO_strings(void);
/* Error codes for the DSO functions. */
/* Function codes. */
-#define DSO_F_DLFCN_BIND_FUNC 100
-#define DSO_F_DLFCN_BIND_VAR 101
-#define DSO_F_DLFCN_LOAD 102
-#define DSO_F_DLFCN_MERGER 130
-#define DSO_F_DLFCN_NAME_CONVERTER 123
-#define DSO_F_DLFCN_UNLOAD 103
-#define DSO_F_DL_BIND_FUNC 104
-#define DSO_F_DL_BIND_VAR 105
-#define DSO_F_DL_LOAD 106
-#define DSO_F_DL_MERGER 131
-#define DSO_F_DL_NAME_CONVERTER 124
-#define DSO_F_DL_UNLOAD 107
-#define DSO_F_DSO_BIND_FUNC 108
-#define DSO_F_DSO_BIND_VAR 109
-#define DSO_F_DSO_CONVERT_FILENAME 126
-#define DSO_F_DSO_CTRL 110
-#define DSO_F_DSO_FREE 111
-#define DSO_F_DSO_GET_FILENAME 127
-#define DSO_F_DSO_GET_LOADED_FILENAME 128
-#define DSO_F_DSO_LOAD 112
-#define DSO_F_DSO_MERGE 132
-#define DSO_F_DSO_NEW_METHOD 113
-#define DSO_F_DSO_SET_FILENAME 129
-#define DSO_F_DSO_SET_NAME_CONVERTER 122
-#define DSO_F_DSO_UP_REF 114
-#define DSO_F_VMS_BIND_SYM 115
-#define DSO_F_VMS_LOAD 116
-#define DSO_F_VMS_MERGER 133
-#define DSO_F_VMS_UNLOAD 117
-#define DSO_F_WIN32_BIND_FUNC 118
-#define DSO_F_WIN32_BIND_VAR 119
-#define DSO_F_WIN32_JOINER 135
-#define DSO_F_WIN32_LOAD 120
-#define DSO_F_WIN32_MERGER 134
-#define DSO_F_WIN32_NAME_CONVERTER 125
-#define DSO_F_WIN32_SPLITTER 136
-#define DSO_F_WIN32_UNLOAD 121
+# define DSO_F_BEOS_BIND_FUNC 144
+# define DSO_F_BEOS_BIND_VAR 145
+# define DSO_F_BEOS_LOAD 146
+# define DSO_F_BEOS_NAME_CONVERTER 147
+# define DSO_F_BEOS_UNLOAD 148
+# define DSO_F_DLFCN_BIND_FUNC 100
+# define DSO_F_DLFCN_BIND_VAR 101
+# define DSO_F_DLFCN_LOAD 102
+# define DSO_F_DLFCN_MERGER 130
+# define DSO_F_DLFCN_NAME_CONVERTER 123
+# define DSO_F_DLFCN_UNLOAD 103
+# define DSO_F_DL_BIND_FUNC 104
+# define DSO_F_DL_BIND_VAR 105
+# define DSO_F_DL_LOAD 106
+# define DSO_F_DL_MERGER 131
+# define DSO_F_DL_NAME_CONVERTER 124
+# define DSO_F_DL_UNLOAD 107
+# define DSO_F_DSO_BIND_FUNC 108
+# define DSO_F_DSO_BIND_VAR 109
+# define DSO_F_DSO_CONVERT_FILENAME 126
+# define DSO_F_DSO_CTRL 110
+# define DSO_F_DSO_FREE 111
+# define DSO_F_DSO_GET_FILENAME 127
+# define DSO_F_DSO_GET_LOADED_FILENAME 128
+# define DSO_F_DSO_GLOBAL_LOOKUP 139
+# define DSO_F_DSO_LOAD 112
+# define DSO_F_DSO_MERGE 132
+# define DSO_F_DSO_NEW_METHOD 113
+# define DSO_F_DSO_PATHBYADDR 140
+# define DSO_F_DSO_SET_FILENAME 129
+# define DSO_F_DSO_SET_NAME_CONVERTER 122
+# define DSO_F_DSO_UP_REF 114
+# define DSO_F_GLOBAL_LOOKUP_FUNC 138
+# define DSO_F_PATHBYADDR 137
+# define DSO_F_VMS_BIND_SYM 115
+# define DSO_F_VMS_LOAD 116
+# define DSO_F_VMS_MERGER 133
+# define DSO_F_VMS_UNLOAD 117
+# define DSO_F_WIN32_BIND_FUNC 118
+# define DSO_F_WIN32_BIND_VAR 119
+# define DSO_F_WIN32_GLOBALLOOKUP 142
+# define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143
+# define DSO_F_WIN32_JOINER 135
+# define DSO_F_WIN32_LOAD 120
+# define DSO_F_WIN32_MERGER 134
+# define DSO_F_WIN32_NAME_CONVERTER 125
+# define DSO_F_WIN32_PATHBYADDR 141
+# define DSO_F_WIN32_SPLITTER 136
+# define DSO_F_WIN32_UNLOAD 121
/* Reason codes. */
-#define DSO_R_CTRL_FAILED 100
-#define DSO_R_DSO_ALREADY_LOADED 110
-#define DSO_R_EMPTY_FILE_STRUCTURE 113
-#define DSO_R_FAILURE 114
-#define DSO_R_FILENAME_TOO_BIG 101
-#define DSO_R_FINISH_FAILED 102
-#define DSO_R_INCORRECT_FILE_SYNTAX 115
-#define DSO_R_LOAD_FAILED 103
-#define DSO_R_NAME_TRANSLATION_FAILED 109
-#define DSO_R_NO_FILENAME 111
-#define DSO_R_NO_FILE_SPECIFICATION 116
-#define DSO_R_NULL_HANDLE 104
-#define DSO_R_SET_FILENAME_FAILED 112
-#define DSO_R_STACK_ERROR 105
-#define DSO_R_SYM_FAILURE 106
-#define DSO_R_UNLOAD_FAILED 107
-#define DSO_R_UNSUPPORTED 108
+# define DSO_R_CTRL_FAILED 100
+# define DSO_R_DSO_ALREADY_LOADED 110
+# define DSO_R_EMPTY_FILE_STRUCTURE 113
+# define DSO_R_FAILURE 114
+# define DSO_R_FILENAME_TOO_BIG 101
+# define DSO_R_FINISH_FAILED 102
+# define DSO_R_INCORRECT_FILE_SYNTAX 115
+# define DSO_R_LOAD_FAILED 103
+# define DSO_R_NAME_TRANSLATION_FAILED 109
+# define DSO_R_NO_FILENAME 111
+# define DSO_R_NO_FILE_SPECIFICATION 116
+# define DSO_R_NULL_HANDLE 104
+# define DSO_R_SET_FILENAME_FAILED 112
+# define DSO_R_STACK_ERROR 105
+# define DSO_R_SYM_FAILURE 106
+# define DSO_R_UNLOAD_FAILED 107
+# define DSO_R_UNSUPPORTED 108
#ifdef __cplusplus
}
diff --git a/Cryptlib/Include/openssl/dtls1.h b/Cryptlib/Include/openssl/dtls1.h
index 697ff6e..30bbcf2 100644
--- a/Cryptlib/Include/openssl/dtls1.h
+++ b/Cryptlib/Include/openssl/dtls1.h
@@ -1,7 +1,7 @@
/* ssl/dtls1.h */
-/*
+/*
* DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
*/
/* ====================================================================
* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
@@ -11,7 +11,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@@ -57,209 +57,216 @@
*
*/
-#ifndef HEADER_DTLS1_H
-#define HEADER_DTLS1_H
+#ifndef HEADER_DTLS1_H
+# define HEADER_DTLS1_H
-#include
-#include
-#ifdef OPENSSL_SYS_VMS
-#include
-#include
-#endif
-#ifdef OPENSSL_SYS_WIN32
+# include
+# include
+# ifdef OPENSSL_SYS_VMS
+# include
+# include
+# endif
+# ifdef OPENSSL_SYS_WIN32
/* Needed for struct timeval */
-#include
-#elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
-#include
-#else
-#include
-#endif
+# include
+# elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
+# include
+# else
+# if defined(OPENSSL_SYS_VXWORKS)
+# include
+# else
+# include
+# endif
+# endif
#ifdef __cplusplus
extern "C" {
#endif
-#define DTLS1_VERSION 0xFEFF
-#define DTLS1_BAD_VER 0x0100
+# define DTLS1_VERSION 0xFEFF
+# define DTLS1_2_VERSION 0xFEFD
+# define DTLS_MAX_VERSION DTLS1_2_VERSION
+# define DTLS1_VERSION_MAJOR 0xFE
-#if 0
+# define DTLS1_BAD_VER 0x0100
+
+/* Special value for method supporting multiple versions */
+# define DTLS_ANY_VERSION 0x1FFFF
+
+# if 0
/* this alert description is not specified anywhere... */
-#define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE 110
-#endif
+# define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE 110
+# endif
/* lengths of messages */
-#define DTLS1_COOKIE_LENGTH 256
+# define DTLS1_COOKIE_LENGTH 256
-#define DTLS1_RT_HEADER_LENGTH 13
+# define DTLS1_RT_HEADER_LENGTH 13
-#define DTLS1_HM_HEADER_LENGTH 12
+# define DTLS1_HM_HEADER_LENGTH 12
-#define DTLS1_HM_BAD_FRAGMENT -2
-#define DTLS1_HM_FRAGMENT_RETRY -3
+# define DTLS1_HM_BAD_FRAGMENT -2
+# define DTLS1_HM_FRAGMENT_RETRY -3
-#define DTLS1_CCS_HEADER_LENGTH 1
+# define DTLS1_CCS_HEADER_LENGTH 1
-#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
-#define DTLS1_AL_HEADER_LENGTH 7
-#else
-#define DTLS1_AL_HEADER_LENGTH 2
-#endif
+# ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+# define DTLS1_AL_HEADER_LENGTH 7
+# else
+# define DTLS1_AL_HEADER_LENGTH 2
+# endif
+# ifndef OPENSSL_NO_SSL_INTERN
-typedef struct dtls1_bitmap_st
- {
- PQ_64BIT map;
- unsigned long length; /* sizeof the bitmap in bits */
- PQ_64BIT max_seq_num; /* max record number seen so far */
- } DTLS1_BITMAP;
+# ifndef OPENSSL_NO_SCTP
+# define DTLS1_SCTP_AUTH_LABEL "EXPORTER_DTLS_OVER_SCTP"
+# endif
-struct dtls1_retransmit_state
- {
- EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
- const EVP_MD *write_hash; /* used for mac generation */
-#ifndef OPENSSL_NO_COMP
- COMP_CTX *compress; /* compression */
-#else
- char *compress;
-#endif
- SSL_SESSION *session;
- unsigned short epoch;
- };
+/* Max MTU overhead we know about so far is 40 for IPv6 + 8 for UDP */
+# define DTLS1_MAX_MTU_OVERHEAD 48
-struct hm_header_st
- {
- unsigned char type;
- unsigned long msg_len;
- unsigned short seq;
- unsigned long frag_off;
- unsigned long frag_len;
- unsigned int is_ccs;
- struct dtls1_retransmit_state saved_retransmit_state;
- };
+typedef struct dtls1_bitmap_st {
+ unsigned long map; /* track 32 packets on 32-bit systems and 64
+ * - on 64-bit systems */
+ unsigned char max_seq_num[8]; /* max record number seen so far, 64-bit
+ * value in big-endian encoding */
+} DTLS1_BITMAP;
-struct ccs_header_st
- {
- unsigned char type;
- unsigned short seq;
- };
+struct dtls1_retransmit_state {
+ EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
+ EVP_MD_CTX *write_hash; /* used for mac generation */
+# ifndef OPENSSL_NO_COMP
+ COMP_CTX *compress; /* compression */
+# else
+ char *compress;
+# endif
+ SSL_SESSION *session;
+ unsigned short epoch;
+};
-struct dtls1_timeout_st
- {
- /* Number of read timeouts so far */
- unsigned int read_timeouts;
-
- /* Number of write timeouts so far */
- unsigned int write_timeouts;
-
- /* Number of alerts received so far */
- unsigned int num_alerts;
- };
+struct hm_header_st {
+ unsigned char type;
+ unsigned long msg_len;
+ unsigned short seq;
+ unsigned long frag_off;
+ unsigned long frag_len;
+ unsigned int is_ccs;
+ struct dtls1_retransmit_state saved_retransmit_state;
+};
-typedef struct record_pqueue_st
- {
- unsigned short epoch;
- pqueue q;
- } record_pqueue;
+struct ccs_header_st {
+ unsigned char type;
+ unsigned short seq;
+};
-typedef struct hm_fragment_st
- {
- struct hm_header_st msg_header;
- unsigned char *fragment;
- unsigned char *reassembly;
- } hm_fragment;
+struct dtls1_timeout_st {
+ /* Number of read timeouts so far */
+ unsigned int read_timeouts;
+ /* Number of write timeouts so far */
+ unsigned int write_timeouts;
+ /* Number of alerts received so far */
+ unsigned int num_alerts;
+};
-typedef struct dtls1_state_st
- {
- unsigned int send_cookie;
- unsigned char cookie[DTLS1_COOKIE_LENGTH];
- unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
- unsigned int cookie_len;
+typedef struct record_pqueue_st {
+ unsigned short epoch;
+ pqueue q;
+} record_pqueue;
- /*
- * The current data and handshake epoch. This is initially
- * undefined, and starts at zero once the initial handshake is
- * completed
- */
- unsigned short r_epoch;
- unsigned short w_epoch;
+typedef struct hm_fragment_st {
+ struct hm_header_st msg_header;
+ unsigned char *fragment;
+ unsigned char *reassembly;
+} hm_fragment;
- /* records being received in the current epoch */
- DTLS1_BITMAP bitmap;
+typedef struct dtls1_state_st {
+ unsigned int send_cookie;
+ unsigned char cookie[DTLS1_COOKIE_LENGTH];
+ unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
+ unsigned int cookie_len;
+ /*
+ * The current data and handshake epoch. This is initially
+ * undefined, and starts at zero once the initial handshake is
+ * completed
+ */
+ unsigned short r_epoch;
+ unsigned short w_epoch;
+ /* records being received in the current epoch */
+ DTLS1_BITMAP bitmap;
+ /* renegotiation starts a new set of sequence numbers */
+ DTLS1_BITMAP next_bitmap;
+ /* handshake message numbers */
+ unsigned short handshake_write_seq;
+ unsigned short next_handshake_write_seq;
+ unsigned short handshake_read_seq;
+ /* save last sequence number for retransmissions */
+ unsigned char last_write_sequence[8];
+ /* Received handshake records (processed and unprocessed) */
+ record_pqueue unprocessed_rcds;
+ record_pqueue processed_rcds;
+ /* Buffered handshake messages */
+ pqueue buffered_messages;
+ /* Buffered (sent) handshake records */
+ pqueue sent_messages;
+ /*
+ * Buffered application records. Only for records between CCS and
+ * Finished to prevent either protocol violation or unnecessary message
+ * loss.
+ */
+ record_pqueue buffered_app_data;
+ /* Is set when listening for new connections with dtls1_listen() */
+ unsigned int listen;
+ unsigned int link_mtu; /* max on-the-wire DTLS packet size */
+ unsigned int mtu; /* max DTLS packet size */
+ struct hm_header_st w_msg_hdr;
+ struct hm_header_st r_msg_hdr;
+ struct dtls1_timeout_st timeout;
+ /*
+ * Indicates when the last handshake msg or heartbeat sent will timeout
+ */
+ struct timeval next_timeout;
+ /* Timeout duration */
+ unsigned short timeout_duration;
+ /*
+ * storage for Alert/Handshake protocol data received but not yet
+ * processed by ssl3_read_bytes:
+ */
+ unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
+ unsigned int alert_fragment_len;
+ unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
+ unsigned int handshake_fragment_len;
+ unsigned int retransmitting;
+ /*
+ * Set when the handshake is ready to process peer's ChangeCipherSpec message.
+ * Cleared after the message has been processed.
+ */
+ unsigned int change_cipher_spec_ok;
+# ifndef OPENSSL_NO_SCTP
+ /* used when SSL_ST_XX_FLUSH is entered */
+ int next_state;
+ int shutdown_received;
+# endif
+} DTLS1_STATE;
- /* renegotiation starts a new set of sequence numbers */
- DTLS1_BITMAP next_bitmap;
-
- /* handshake message numbers */
- unsigned short handshake_write_seq;
- unsigned short next_handshake_write_seq;
-
- unsigned short handshake_read_seq;
-
- /* save last sequence number for retransmissions */
- unsigned char last_write_sequence[8];
-
- /* Received handshake records (processed and unprocessed) */
- record_pqueue unprocessed_rcds;
- record_pqueue processed_rcds;
-
- /* Buffered handshake messages */
- pqueue buffered_messages;
-
- /* Buffered (sent) handshake records */
- pqueue sent_messages;
-
- /* Buffered application records.
- * Only for records between CCS and Finished
- * to prevent either protocol violation or
- * unnecessary message loss.
- */
- record_pqueue buffered_app_data;
-
- /* Is set when listening for new connections with dtls1_listen() */
- unsigned int listen;
-
- unsigned int mtu; /* max DTLS packet size */
-
- struct hm_header_st w_msg_hdr;
- struct hm_header_st r_msg_hdr;
-
- struct dtls1_timeout_st timeout;
-
- /* Indicates when the last handshake msg sent will timeout */
- struct timeval next_timeout;
-
- /* Timeout duration */
- unsigned short timeout_duration;
-
- /* storage for Alert/Handshake protocol data received but not
- * yet processed by ssl3_read_bytes: */
- unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
- unsigned int alert_fragment_len;
- unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
- unsigned int handshake_fragment_len;
-
- unsigned int retransmitting;
- unsigned int change_cipher_spec_ok;
-
- } DTLS1_STATE;
-
-typedef struct dtls1_record_data_st
- {
- unsigned char *packet;
- unsigned int packet_length;
- SSL3_BUFFER rbuf;
- SSL3_RECORD rrec;
- } DTLS1_RECORD_DATA;
+typedef struct dtls1_record_data_st {
+ unsigned char *packet;
+ unsigned int packet_length;
+ SSL3_BUFFER rbuf;
+ SSL3_RECORD rrec;
+# ifndef OPENSSL_NO_SCTP
+ struct bio_dgram_sctp_rcvinfo recordinfo;
+# endif
+} DTLS1_RECORD_DATA;
+# endif
/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
-#define DTLS1_TMO_READ_COUNT 2
-#define DTLS1_TMO_WRITE_COUNT 2
+# define DTLS1_TMO_READ_COUNT 2
+# define DTLS1_TMO_WRITE_COUNT 2
-#define DTLS1_TMO_ALERT_COUNT 12
+# define DTLS1_TMO_ALERT_COUNT 12
#ifdef __cplusplus
}
#endif
#endif
-
diff --git a/Cryptlib/Include/openssl/e_os2.h b/Cryptlib/Include/openssl/e_os2.h
index 9da0b65..7be9989 100644
--- a/Cryptlib/Include/openssl/e_os2.h
+++ b/Cryptlib/Include/openssl/e_os2.h
@@ -7,7 +7,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@@ -56,7 +56,7 @@
#include
#ifndef HEADER_E_OS2_H
-#define HEADER_E_OS2_H
+# define HEADER_E_OS2_H
#ifdef __cplusplus
extern "C" {
@@ -68,210 +68,259 @@ extern "C" {
* However, if none is defined, Unix is assumed.
**/
-#define OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_UNIX
-/* ----------------------- Macintosh, before MacOS X ----------------------- */
-#if defined(__MWERKS__) && defined(macintosh) || defined(OPENSSL_SYSNAME_MAC)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_MACINTOSH_CLASSIC
-#endif
-
-/* ----------------------- NetWare ----------------------------------------- */
-#if defined(NETWARE) || defined(OPENSSL_SYSNAME_NETWARE)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_NETWARE
-#endif
-
-/* ---------------------- Microsoft operating systems ---------------------- */
-
-/* Note that MSDOS actually denotes 32-bit environments running on top of
- MS-DOS, such as DJGPP one. */
-#if defined(OPENSSL_SYSNAME_MSDOS)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_MSDOS
-#endif
-
-/* For 32 bit environment, there seems to be the CygWin environment and then
- all the others that try to do the same thing Microsoft does... */
-#if defined(OPENSSL_SYSNAME_UWIN)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_WIN32_UWIN
-#else
-# if defined(__CYGWIN32__) || defined(OPENSSL_SYSNAME_CYGWIN32)
+/* ---------------------- Macintosh, before MacOS X ----------------------- */
+# if defined(__MWERKS__) && defined(macintosh) || defined(OPENSSL_SYSNAME_MAC)
# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_WIN32_CYGWIN
-# else
-# if defined(_WIN32) || defined(OPENSSL_SYSNAME_WIN32)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_WIN32
-# endif
-# if defined(OPENSSL_SYSNAME_WINNT)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_WINNT
-# endif
-# if defined(OPENSSL_SYSNAME_WINCE)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_WINCE
-# endif
+# define OPENSSL_SYS_MACINTOSH_CLASSIC
# endif
-#endif
-/* Anything that tries to look like Microsoft is "Windows" */
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_WINDOWS
-# ifndef OPENSSL_SYS_MSDOS
+/* ---------------------- NetWare ----------------------------------------- */
+# if defined(NETWARE) || defined(OPENSSL_SYSNAME_NETWARE)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_NETWARE
+# endif
+
+/* --------------------- Microsoft operating systems ---------------------- */
+
+/*
+ * Note that MSDOS actually denotes 32-bit environments running on top of
+ * MS-DOS, such as DJGPP one.
+ */
+# if defined(OPENSSL_SYSNAME_MSDOS)
+# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_MSDOS
# endif
-#endif
-/* DLL settings. This part is a bit tough, because it's up to the application
- implementor how he or she will link the application, so it requires some
- macro to be used. */
-#ifdef OPENSSL_SYS_WINDOWS
-# ifndef OPENSSL_OPT_WINDLL
-# if defined(_WINDLL) /* This is used when building OpenSSL to indicate that
- DLL linkage should be used */
-# define OPENSSL_OPT_WINDLL
+/*
+ * For 32 bit environment, there seems to be the CygWin environment and then
+ * all the others that try to do the same thing Microsoft does...
+ */
+# if defined(OPENSSL_SYSNAME_UWIN)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_WIN32_UWIN
+# else
+# if defined(__CYGWIN__) || defined(OPENSSL_SYSNAME_CYGWIN)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_WIN32_CYGWIN
+# else
+# if defined(_WIN32) || defined(OPENSSL_SYSNAME_WIN32)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_WIN32
+# endif
+# if defined(_WIN64) || defined(OPENSSL_SYSNAME_WIN64)
+# undef OPENSSL_SYS_UNIX
+# if !defined(OPENSSL_SYS_WIN64)
+# define OPENSSL_SYS_WIN64
+# endif
+# endif
+# if defined(OPENSSL_SYSNAME_WINNT)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_WINNT
+# endif
+# if defined(OPENSSL_SYSNAME_WINCE)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_WINCE
+# endif
# endif
# endif
-#endif
-/* -------------------------------- OpenVMS -------------------------------- */
-#if defined(__VMS) || defined(VMS) || defined(OPENSSL_SYSNAME_VMS)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_VMS
-# if defined(__DECC)
-# define OPENSSL_SYS_VMS_DECC
-# elif defined(__DECCXX)
-# define OPENSSL_SYS_VMS_DECC
-# define OPENSSL_SYS_VMS_DECCXX
-# else
-# define OPENSSL_SYS_VMS_NODECC
+/* Anything that tries to look like Microsoft is "Windows" */
+# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN64) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_WINDOWS
+# ifndef OPENSSL_SYS_MSDOS
+# define OPENSSL_SYS_MSDOS
+# endif
# endif
-#endif
-/* --------------------------------- OS/2 ---------------------------------- */
-#if defined(__EMX__) || defined(__OS2__)
-# undef OPENSSL_SYS_UNIX
-# define OPENSSL_SYS_OS2
-#endif
+/*
+ * DLL settings. This part is a bit tough, because it's up to the
+ * application implementor how he or she will link the application, so it
+ * requires some macro to be used.
+ */
+# ifdef OPENSSL_SYS_WINDOWS
+# ifndef OPENSSL_OPT_WINDLL
+# if defined(_WINDLL) /* This is used when building OpenSSL to
+ * indicate that DLL linkage should be used */
+# define OPENSSL_OPT_WINDLL
+# endif
+# endif
+# endif
-/* --------------------------------- Unix ---------------------------------- */
-#ifdef OPENSSL_SYS_UNIX
-# if defined(linux) || defined(__linux__) || defined(OPENSSL_SYSNAME_LINUX)
-# define OPENSSL_SYS_LINUX
+/* ------------------------------- OpenVMS -------------------------------- */
+# if defined(__VMS) || defined(VMS) || defined(OPENSSL_SYSNAME_VMS)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_VMS
+# if defined(__DECC)
+# define OPENSSL_SYS_VMS_DECC
+# elif defined(__DECCXX)
+# define OPENSSL_SYS_VMS_DECC
+# define OPENSSL_SYS_VMS_DECCXX
+# else
+# define OPENSSL_SYS_VMS_NODECC
+# endif
# endif
-# ifdef OPENSSL_SYSNAME_MPE
-# define OPENSSL_SYS_MPE
-# endif
-# ifdef OPENSSL_SYSNAME_SNI
-# define OPENSSL_SYS_SNI
-# endif
-# ifdef OPENSSL_SYSNAME_ULTRASPARC
-# define OPENSSL_SYS_ULTRASPARC
-# endif
-# ifdef OPENSSL_SYSNAME_NEWS4
-# define OPENSSL_SYS_NEWS4
-# endif
-# ifdef OPENSSL_SYSNAME_MACOSX
-# define OPENSSL_SYS_MACOSX
-# endif
-# ifdef OPENSSL_SYSNAME_MACOSX_RHAPSODY
-# define OPENSSL_SYS_MACOSX_RHAPSODY
-# define OPENSSL_SYS_MACOSX
-# endif
-# ifdef OPENSSL_SYSNAME_SUNOS
-# define OPENSSL_SYS_SUNOS
-#endif
-# if defined(_CRAY) || defined(OPENSSL_SYSNAME_CRAY)
-# define OPENSSL_SYS_CRAY
-# endif
-# if defined(_AIX) || defined(OPENSSL_SYSNAME_AIX)
-# define OPENSSL_SYS_AIX
-# endif
-#endif
-/* --------------------------------- VOS ----------------------------------- */
-#ifdef OPENSSL_SYSNAME_VOS
-# define OPENSSL_SYS_VOS
-#endif
+/* -------------------------------- OS/2 ---------------------------------- */
+# if defined(__EMX__) || defined(__OS2__)
+# undef OPENSSL_SYS_UNIX
+# define OPENSSL_SYS_OS2
+# endif
-/* ------------------------------- VxWorks --------------------------------- */
-#ifdef OPENSSL_SYSNAME_VXWORKS
-# define OPENSSL_SYS_VXWORKS
-#endif
+/* -------------------------------- Unix ---------------------------------- */
+# ifdef OPENSSL_SYS_UNIX
+# if defined(linux) || defined(__linux__) || defined(OPENSSL_SYSNAME_LINUX)
+# define OPENSSL_SYS_LINUX
+# endif
+# ifdef OPENSSL_SYSNAME_MPE
+# define OPENSSL_SYS_MPE
+# endif
+# ifdef OPENSSL_SYSNAME_SNI
+# define OPENSSL_SYS_SNI
+# endif
+# ifdef OPENSSL_SYSNAME_ULTRASPARC
+# define OPENSSL_SYS_ULTRASPARC
+# endif
+# ifdef OPENSSL_SYSNAME_NEWS4
+# define OPENSSL_SYS_NEWS4
+# endif
+# ifdef OPENSSL_SYSNAME_MACOSX
+# define OPENSSL_SYS_MACOSX
+# endif
+# ifdef OPENSSL_SYSNAME_MACOSX_RHAPSODY
+# define OPENSSL_SYS_MACOSX_RHAPSODY
+# define OPENSSL_SYS_MACOSX
+# endif
+# ifdef OPENSSL_SYSNAME_SUNOS
+# define OPENSSL_SYS_SUNOS
+# endif
+# if defined(_CRAY) || defined(OPENSSL_SYSNAME_CRAY)
+# define OPENSSL_SYS_CRAY
+# endif
+# if defined(_AIX) || defined(OPENSSL_SYSNAME_AIX)
+# define OPENSSL_SYS_AIX
+# endif
+# endif
+
+/* -------------------------------- VOS ----------------------------------- */
+# if defined(__VOS__) || defined(OPENSSL_SYSNAME_VOS)
+# define OPENSSL_SYS_VOS
+# ifdef __HPPA__
+# define OPENSSL_SYS_VOS_HPPA
+# endif
+# ifdef __IA32__
+# define OPENSSL_SYS_VOS_IA32
+# endif
+# endif
+
+/* ------------------------------ VxWorks --------------------------------- */
+# ifdef OPENSSL_SYSNAME_VXWORKS
+# define OPENSSL_SYS_VXWORKS
+# endif
+
+/* -------------------------------- BeOS ---------------------------------- */
+# if defined(__BEOS__)
+# define OPENSSL_SYS_BEOS
+# include
+# if defined(BONE_VERSION)
+# define OPENSSL_SYS_BEOS_BONE
+# else
+# define OPENSSL_SYS_BEOS_R5
+# endif
+# endif
/**
* That's it for OS-specific stuff
*****************************************************************************/
-
/* Specials for I/O an exit */
-#ifdef OPENSSL_SYS_MSDOS
-# define OPENSSL_UNISTD_IO
-# define OPENSSL_DECLARE_EXIT extern void exit(int);
-#else
-# define OPENSSL_UNISTD_IO OPENSSL_UNISTD
-# define OPENSSL_DECLARE_EXIT /* declared in unistd.h */
-#endif
+# ifdef OPENSSL_SYS_MSDOS
+# define OPENSSL_UNISTD_IO
+# define OPENSSL_DECLARE_EXIT extern void exit(int);
+# else
+# define OPENSSL_UNISTD_IO OPENSSL_UNISTD
+# define OPENSSL_DECLARE_EXIT /* declared in unistd.h */
+# endif
-/* Definitions of OPENSSL_GLOBAL and OPENSSL_EXTERN, to define and declare
- certain global symbols that, with some compilers under VMS, have to be
- defined and declared explicitely with globaldef and globalref.
- Definitions of OPENSSL_EXPORT and OPENSSL_IMPORT, to define and declare
- DLL exports and imports for compilers under Win32. These are a little
- more complicated to use. Basically, for any library that exports some
- global variables, the following code must be present in the header file
- that declares them, before OPENSSL_EXTERN is used:
+/*-
+ * Definitions of OPENSSL_GLOBAL and OPENSSL_EXTERN, to define and declare
+ * certain global symbols that, with some compilers under VMS, have to be
+ * defined and declared explicitely with globaldef and globalref.
+ * Definitions of OPENSSL_EXPORT and OPENSSL_IMPORT, to define and declare
+ * DLL exports and imports for compilers under Win32. These are a little
+ * more complicated to use. Basically, for any library that exports some
+ * global variables, the following code must be present in the header file
+ * that declares them, before OPENSSL_EXTERN is used:
+ *
+ * #ifdef SOME_BUILD_FLAG_MACRO
+ * # undef OPENSSL_EXTERN
+ * # define OPENSSL_EXTERN OPENSSL_EXPORT
+ * #endif
+ *
+ * The default is to have OPENSSL_EXPORT, OPENSSL_IMPORT and OPENSSL_GLOBAL
+ * have some generally sensible values, and for OPENSSL_EXTERN to have the
+ * value OPENSSL_IMPORT.
+ */
- #ifdef SOME_BUILD_FLAG_MACRO
- # undef OPENSSL_EXTERN
- # define OPENSSL_EXTERN OPENSSL_EXPORT
- #endif
+# if defined(OPENSSL_SYS_VMS_NODECC)
+# define OPENSSL_EXPORT globalref
+# define OPENSSL_IMPORT globalref
+# define OPENSSL_GLOBAL globaldef
+# elif defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL)
+# define OPENSSL_EXPORT extern __declspec(dllexport)
+# define OPENSSL_IMPORT extern __declspec(dllimport)
+# define OPENSSL_GLOBAL
+# else
+# define OPENSSL_EXPORT extern
+# define OPENSSL_IMPORT extern
+# define OPENSSL_GLOBAL
+# endif
+# define OPENSSL_EXTERN OPENSSL_IMPORT
- The default is to have OPENSSL_EXPORT, OPENSSL_IMPORT and OPENSSL_GLOBAL
- have some generally sensible values, and for OPENSSL_EXTERN to have the
- value OPENSSL_IMPORT.
-*/
+/*-
+ * Macros to allow global variables to be reached through function calls when
+ * required (if a shared library version requires it, for example.
+ * The way it's done allows definitions like this:
+ *
+ * // in foobar.c
+ * OPENSSL_IMPLEMENT_GLOBAL(int,foobar,0)
+ * // in foobar.h
+ * OPENSSL_DECLARE_GLOBAL(int,foobar);
+ * #define foobar OPENSSL_GLOBAL_REF(foobar)
+ */
+# ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
+# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) \
+ type *_shadow_##name(void) \
+ { static type _hide_##name=value; return &_hide_##name; }
+# define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
+# define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
+# else
+# define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) OPENSSL_GLOBAL type _shadow_##name=value;
+# define OPENSSL_DECLARE_GLOBAL(type,name) OPENSSL_EXPORT type _shadow_##name
+# define OPENSSL_GLOBAL_REF(name) _shadow_##name
+# endif
-#if defined(OPENSSL_SYS_VMS_NODECC)
-# define OPENSSL_EXPORT globalref
-# define OPENSSL_IMPORT globalref
-# define OPENSSL_GLOBAL globaldef
-#elif defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL)
-# define OPENSSL_EXPORT extern __declspec(dllexport)
-# define OPENSSL_IMPORT extern __declspec(dllimport)
-# define OPENSSL_GLOBAL
-#else
-# define OPENSSL_EXPORT extern
-# define OPENSSL_IMPORT extern
-# define OPENSSL_GLOBAL
-#endif
-#define OPENSSL_EXTERN OPENSSL_IMPORT
+# if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && macintosh==1 && !defined(MAC_OS_GUSI_SOURCE)
+# define ossl_ssize_t long
+# endif
-/* Macros to allow global variables to be reached through function calls when
- required (if a shared library version requvres it, for example.
- The way it's done allows definitions like this:
+# ifdef OPENSSL_SYS_MSDOS
+# define ossl_ssize_t long
+# endif
- // in foobar.c
- OPENSSL_IMPLEMENT_GLOBAL(int,foobar) = 0;
- // in foobar.h
- OPENSSL_DECLARE_GLOBAL(int,foobar);
- #define foobar OPENSSL_GLOBAL_REF(foobar)
-*/
-#ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
-# define OPENSSL_IMPLEMENT_GLOBAL(type,name) \
- extern type _hide_##name; \
- type *_shadow_##name(void) { return &_hide_##name; } \
- static type _hide_##name
-# define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
-# define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
-#else
-# define OPENSSL_IMPLEMENT_GLOBAL(type,name) OPENSSL_GLOBAL type _shadow_##name
-# define OPENSSL_DECLARE_GLOBAL(type,name) OPENSSL_EXPORT type _shadow_##name
-# define OPENSSL_GLOBAL_REF(name) _shadow_##name
-#endif
+# if defined(NeXT) || defined(OPENSSL_SYS_NEWS4) || defined(OPENSSL_SYS_SUNOS)
+# define ssize_t int
+# endif
+
+# if defined(__ultrix) && !defined(ssize_t)
+# define ossl_ssize_t int
+# endif
+
+# ifndef ossl_ssize_t
+# define ossl_ssize_t ssize_t
+# endif
#ifdef __cplusplus
}
diff --git a/Cryptlib/Include/openssl/ebcdic.h b/Cryptlib/Include/openssl/ebcdic.h
index 6d65afc..4cbdfeb 100644
--- a/Cryptlib/Include/openssl/ebcdic.h
+++ b/Cryptlib/Include/openssl/ebcdic.h
@@ -1,19 +1,26 @@
/* crypto/ebcdic.h */
#ifndef HEADER_EBCDIC_H
-#define HEADER_EBCDIC_H
+# define HEADER_EBCDIC_H
-#include
+# include
+
+#ifdef __cplusplus
+extern "C" {
+#endif
/* Avoid name clashes with other applications */
-#define os_toascii _openssl_os_toascii
-#define os_toebcdic _openssl_os_toebcdic
-#define ebcdic2ascii _openssl_ebcdic2ascii
-#define ascii2ebcdic _openssl_ascii2ebcdic
+# define os_toascii _openssl_os_toascii
+# define os_toebcdic _openssl_os_toebcdic
+# define ebcdic2ascii _openssl_ebcdic2ascii
+# define ascii2ebcdic _openssl_ascii2ebcdic
extern const unsigned char os_toascii[256];
extern const unsigned char os_toebcdic[256];
void *ebcdic2ascii(void *dest, const void *srce, size_t count);
void *ascii2ebcdic(void *dest, const void *srce, size_t count);
+#ifdef __cplusplus
+}
+#endif
#endif
diff --git a/Cryptlib/Include/openssl/ec.h b/Cryptlib/Include/openssl/ec.h
index 367307f..6d3178f 100644
--- a/Cryptlib/Include/openssl/ec.h
+++ b/Cryptlib/Include/openssl/ec.h
@@ -2,15 +2,19 @@
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
+/**
+ * \file crypto/ec/ec.h Include file for the OpenSSL EC functions
+ * \author Originally written by Bodo Moeller for the OpenSSL project
+ */
/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@@ -58,269 +62,785 @@
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
- * Portions of the attached software ("Contribution") are developed by
+ * Portions of the attached software ("Contribution") are developed by
* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
*
* The Contribution is licensed pursuant to the OpenSSL open source
* license provided above.
*
- * The elliptic curve binary polynomial software is originally written by
+ * The elliptic curve binary polynomial software is originally written by
* Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
*
*/
#ifndef HEADER_EC_H
-#define HEADER_EC_H
+# define HEADER_EC_H
-#include
+# include
-#ifdef OPENSSL_NO_EC
-#error EC is disabled.
-#endif
-
-#include
-#include
-#ifndef OPENSSL_NO_DEPRECATED
-#include
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#elif defined(__SUNPRO_C)
-# if __SUNPRO_C >= 0x520
-# pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
+# ifdef OPENSSL_NO_EC
+# error EC is disabled.
# endif
-#endif
+# include
+# include
+# ifndef OPENSSL_NO_DEPRECATED
+# include
+# endif
-#ifndef OPENSSL_ECC_MAX_FIELD_BITS
-# define OPENSSL_ECC_MAX_FIELD_BITS 661
-#endif
+# ifdef __cplusplus
+extern "C" {
+# elif defined(__SUNPRO_C)
+# if __SUNPRO_C >= 0x520
+# pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
+# endif
+# endif
+# ifndef OPENSSL_ECC_MAX_FIELD_BITS
+# define OPENSSL_ECC_MAX_FIELD_BITS 661
+# endif
+
+/** Enum for the point conversion form as defined in X9.62 (ECDSA)
+ * for the encoding of a elliptic curve point (x,y) */
typedef enum {
- /* values as defined in X9.62 (ECDSA) and elsewhere */
- POINT_CONVERSION_COMPRESSED = 2,
- POINT_CONVERSION_UNCOMPRESSED = 4,
- POINT_CONVERSION_HYBRID = 6
+ /** the point is encoded as z||x, where the octet z specifies
+ * which solution of the quadratic equation y is */
+ POINT_CONVERSION_COMPRESSED = 2,
+ /** the point is encoded as z||x||y, where z is the octet 0x02 */
+ POINT_CONVERSION_UNCOMPRESSED = 4,
+ /** the point is encoded as z||x||y, where the octet z specifies
+ * which solution of the quadratic equation y is */
+ POINT_CONVERSION_HYBRID = 6
} point_conversion_form_t;
-
typedef struct ec_method_st EC_METHOD;
typedef struct ec_group_st
- /*
- EC_METHOD *meth;
- -- field definition
- -- curve coefficients
- -- optional generator with associated information (order, cofactor)
- -- optional extra data (precomputed table for fast computation of multiples of generator)
- -- ASN1 stuff
- */
- EC_GROUP;
+ /*-
+ EC_METHOD *meth;
+ -- field definition
+ -- curve coefficients
+ -- optional generator with associated information (order, cofactor)
+ -- optional extra data (precomputed table for fast computation of multiples of generator)
+ -- ASN1 stuff
+ */
+ EC_GROUP;
typedef struct ec_point_st EC_POINT;
+/********************************************************************/
+/* EC_METHODs for curves over GF(p) */
+/********************************************************************/
-/* EC_METHODs for curves over GF(p).
- * EC_GFp_simple_method provides the basis for the optimized methods.
+/** Returns the basic GFp ec methods which provides the basis for the
+ * optimized methods.
+ * \return EC_METHOD object
*/
const EC_METHOD *EC_GFp_simple_method(void);
+
+/** Returns GFp methods using montgomery multiplication.
+ * \return EC_METHOD object
+ */
const EC_METHOD *EC_GFp_mont_method(void);
+
+/** Returns GFp methods using optimized methods for NIST recommended curves
+ * \return EC_METHOD object
+ */
const EC_METHOD *EC_GFp_nist_method(void);
-/* EC_METHOD for curves over GF(2^m).
+# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+/** Returns 64-bit optimized methods for nistp224
+ * \return EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nistp224_method(void);
+
+/** Returns 64-bit optimized methods for nistp256
+ * \return EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nistp256_method(void);
+
+/** Returns 64-bit optimized methods for nistp521
+ * \return EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nistp521_method(void);
+# endif
+
+# ifndef OPENSSL_NO_EC2M
+/********************************************************************/
+/* EC_METHOD for curves over GF(2^m) */
+/********************************************************************/
+
+/** Returns the basic GF2m ec method
+ * \return EC_METHOD object
*/
const EC_METHOD *EC_GF2m_simple_method(void);
+# endif
-EC_GROUP *EC_GROUP_new(const EC_METHOD *);
-void EC_GROUP_free(EC_GROUP *);
-void EC_GROUP_clear_free(EC_GROUP *);
-int EC_GROUP_copy(EC_GROUP *, const EC_GROUP *);
-EC_GROUP *EC_GROUP_dup(const EC_GROUP *);
+/********************************************************************/
+/* EC_GROUP functions */
+/********************************************************************/
-const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *);
-int EC_METHOD_get_field_type(const EC_METHOD *);
+/** Creates a new EC_GROUP object
+ * \param meth EC_METHOD to use
+ * \return newly created EC_GROUP object or NULL in case of an error.
+ */
+EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
-int EC_GROUP_set_generator(EC_GROUP *, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
-const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *);
-int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *);
-int EC_GROUP_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *);
+/** Frees a EC_GROUP object
+ * \param group EC_GROUP object to be freed.
+ */
+void EC_GROUP_free(EC_GROUP *group);
-void EC_GROUP_set_curve_name(EC_GROUP *, int nid);
-int EC_GROUP_get_curve_name(const EC_GROUP *);
+/** Clears and frees a EC_GROUP object
+ * \param group EC_GROUP object to be cleared and freed.
+ */
+void EC_GROUP_clear_free(EC_GROUP *group);
-void EC_GROUP_set_asn1_flag(EC_GROUP *, int flag);
-int EC_GROUP_get_asn1_flag(const EC_GROUP *);
+/** Copies EC_GROUP objects. Note: both EC_GROUPs must use the same EC_METHOD.
+ * \param dst destination EC_GROUP object
+ * \param src source EC_GROUP object
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
-void EC_GROUP_set_point_conversion_form(EC_GROUP *, point_conversion_form_t);
+/** Creates a new EC_GROUP object and copies the copies the content
+ * form src to the newly created EC_KEY object
+ * \param src source EC_GROUP object
+ * \return newly created EC_GROUP object or NULL in case of an error.
+ */
+EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+/** Returns the EC_METHOD of the EC_GROUP object.
+ * \param group EC_GROUP object
+ * \return EC_METHOD used in this EC_GROUP object.
+ */
+const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+/** Returns the field type of the EC_METHOD.
+ * \param meth EC_METHOD object
+ * \return NID of the underlying field type OID.
+ */
+int EC_METHOD_get_field_type(const EC_METHOD *meth);
+
+/** Sets the generator and it's order/cofactor of a EC_GROUP object.
+ * \param group EC_GROUP object
+ * \param generator EC_POINT object with the generator.
+ * \param order the order of the group generated by the generator.
+ * \param cofactor the index of the sub-group generated by the generator
+ * in the group of all points on the elliptic curve.
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+ const BIGNUM *order, const BIGNUM *cofactor);
+
+/** Returns the generator of a EC_GROUP object.
+ * \param group EC_GROUP object
+ * \return the currently used generator (possibly NULL).
+ */
+const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+/** Returns the montgomery data for order(Generator)
+ * \param group EC_GROUP object
+ * \return the currently used generator (possibly NULL).
+*/
+BN_MONT_CTX *EC_GROUP_get_mont_data(const EC_GROUP *group);
+
+/** Gets the order of a EC_GROUP
+ * \param group EC_GROUP object
+ * \param order BIGNUM to which the order is copied
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+
+/** Gets the cofactor of a EC_GROUP
+ * \param group EC_GROUP object
+ * \param cofactor BIGNUM to which the cofactor is copied
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor,
+ BN_CTX *ctx);
+
+/** Sets the name of a EC_GROUP object
+ * \param group EC_GROUP object
+ * \param nid NID of the curve name OID
+ */
+void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+
+/** Returns the curve name of a EC_GROUP object
+ * \param group EC_GROUP object
+ * \return NID of the curve name OID or 0 if not set.
+ */
+int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+void EC_GROUP_set_point_conversion_form(EC_GROUP *group,
+ point_conversion_form_t form);
point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
-unsigned char *EC_GROUP_get0_seed(const EC_GROUP *);
+unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
size_t EC_GROUP_get_seed_len(const EC_GROUP *);
size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
-int EC_GROUP_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int EC_GROUP_get_curve_GFp(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
-int EC_GROUP_set_curve_GF2m(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int EC_GROUP_get_curve_GF2m(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
+/** Sets the parameter of a ec over GFp defined by y^2 = x^3 + a*x + b
+ * \param group EC_GROUP object
+ * \param p BIGNUM with the prime number
+ * \param a BIGNUM with parameter a of the equation
+ * \param b BIGNUM with parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *ctx);
-/* returns the number of bits needed to represent a field element */
-int EC_GROUP_get_degree(const EC_GROUP *);
+/** Gets the parameter of the ec over GFp defined by y^2 = x^3 + a*x + b
+ * \param group EC_GROUP object
+ * \param p BIGNUM for the prime number
+ * \param a BIGNUM for parameter a of the equation
+ * \param b BIGNUM for parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
+ BIGNUM *b, BN_CTX *ctx);
-/* EC_GROUP_check() returns 1 if 'group' defines a valid group, 0 otherwise */
+# ifndef OPENSSL_NO_EC2M
+/** Sets the parameter of a ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
+ * \param group EC_GROUP object
+ * \param p BIGNUM with the polynomial defining the underlying field
+ * \param a BIGNUM with parameter a of the equation
+ * \param b BIGNUM with parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *ctx);
+
+/** Gets the parameter of the ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
+ * \param group EC_GROUP object
+ * \param p BIGNUM for the polynomial defining the underlying field
+ * \param a BIGNUM for parameter a of the equation
+ * \param b BIGNUM for parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
+ BIGNUM *b, BN_CTX *ctx);
+# endif
+/** Returns the number of bits needed to represent a field element
+ * \param group EC_GROUP object
+ * \return number of bits needed to represent a field element
+ */
+int EC_GROUP_get_degree(const EC_GROUP *group);
+
+/** Checks whether the parameter in the EC_GROUP define a valid ec group
+ * \param group EC_GROUP object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 if group is a valid ec group and 0 otherwise
+ */
int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
-/* EC_GROUP_check_discriminant() returns 1 if the discriminant of the
- * elliptic curve is not zero, 0 otherwise */
-int EC_GROUP_check_discriminant(const EC_GROUP *, BN_CTX *);
-/* EC_GROUP_cmp() returns 0 if both groups are equal and 1 otherwise */
-int EC_GROUP_cmp(const EC_GROUP *, const EC_GROUP *, BN_CTX *);
+/** Checks whether the discriminant of the elliptic curve is zero or not
+ * \param group EC_GROUP object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 if the discriminant is not zero and 0 otherwise
+ */
+int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
-/* EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*()
- * after choosing an appropriate EC_METHOD */
-EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
+/** Compares two EC_GROUP objects
+ * \param a first EC_GROUP object
+ * \param b second EC_GROUP object
+ * \param ctx BN_CTX object (optional)
+ * \return 0 if both groups are equal and 1 otherwise
+ */
+int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
-/* EC_GROUP_new_by_curve_name() creates a EC_GROUP structure
- * specified by a curve name (in form of a NID) */
+/*
+ * EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*() after
+ * choosing an appropriate EC_METHOD
+ */
+
+/** Creates a new EC_GROUP object with the specified parameters defined
+ * over GFp (defined by the equation y^2 = x^3 + a*x + b)
+ * \param p BIGNUM with the prime number
+ * \param a BIGNUM with the parameter a of the equation
+ * \param b BIGNUM with the parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return newly created EC_GROUP object with the specified parameters
+ */
+EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *ctx);
+# ifndef OPENSSL_NO_EC2M
+/** Creates a new EC_GROUP object with the specified parameters defined
+ * over GF2m (defined by the equation y^2 + x*y = x^3 + a*x^2 + b)
+ * \param p BIGNUM with the polynomial defining the underlying field
+ * \param a BIGNUM with the parameter a of the equation
+ * \param b BIGNUM with the parameter b of the equation
+ * \param ctx BN_CTX object (optional)
+ * \return newly created EC_GROUP object with the specified parameters
+ */
+EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *ctx);
+# endif
+/** Creates a EC_GROUP object with a curve specified by a NID
+ * \param nid NID of the OID of the curve name
+ * \return newly created EC_GROUP object with specified curve or NULL
+ * if an error occurred
+ */
EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
-/* handling of internal curves */
-typedef struct {
- int nid;
- const char *comment;
- } EC_builtin_curve;
-/* EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number
- * of all available curves or zero if a error occurred.
- * In case r ist not zero nitems EC_builtin_curve structures
- * are filled with the data of the first nitems internal groups */
+
+/********************************************************************/
+/* handling of internal curves */
+/********************************************************************/
+
+typedef struct {
+ int nid;
+ const char *comment;
+} EC_builtin_curve;
+
+/*
+ * EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number of all
+ * available curves or zero if a error occurred. In case r ist not zero
+ * nitems EC_builtin_curve structures are filled with the data of the first
+ * nitems internal groups
+ */
size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
+const char *EC_curve_nid2nist(int nid);
+int EC_curve_nist2nid(const char *name);
-/* EC_POINT functions */
+/********************************************************************/
+/* EC_POINT functions */
+/********************************************************************/
-EC_POINT *EC_POINT_new(const EC_GROUP *);
-void EC_POINT_free(EC_POINT *);
-void EC_POINT_clear_free(EC_POINT *);
-int EC_POINT_copy(EC_POINT *, const EC_POINT *);
-EC_POINT *EC_POINT_dup(const EC_POINT *, const EC_GROUP *);
-
-const EC_METHOD *EC_POINT_method_of(const EC_POINT *);
+/** Creates a new EC_POINT object for the specified EC_GROUP
+ * \param group EC_GROUP the underlying EC_GROUP object
+ * \return newly created EC_POINT object or NULL if an error occurred
+ */
+EC_POINT *EC_POINT_new(const EC_GROUP *group);
-int EC_POINT_set_to_infinity(const EC_GROUP *, EC_POINT *);
-int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *);
-int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *, const EC_POINT *,
- BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *);
-int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, const BIGNUM *y, BN_CTX *);
-int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *, const EC_POINT *,
- BIGNUM *x, BIGNUM *y, BN_CTX *);
-int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, int y_bit, BN_CTX *);
+/** Frees a EC_POINT object
+ * \param point EC_POINT object to be freed
+ */
+void EC_POINT_free(EC_POINT *point);
-int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, const BIGNUM *y, BN_CTX *);
-int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *, const EC_POINT *,
- BIGNUM *x, BIGNUM *y, BN_CTX *);
-int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, int y_bit, BN_CTX *);
+/** Clears and frees a EC_POINT object
+ * \param point EC_POINT object to be cleared and freed
+ */
+void EC_POINT_clear_free(EC_POINT *point);
-size_t EC_POINT_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form,
- unsigned char *buf, size_t len, BN_CTX *);
-int EC_POINT_oct2point(const EC_GROUP *, EC_POINT *,
- const unsigned char *buf, size_t len, BN_CTX *);
+/** Copies EC_POINT object
+ * \param dst destination EC_POINT object
+ * \param src source EC_POINT object
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+
+/** Creates a new EC_POINT object and copies the content of the supplied
+ * EC_POINT
+ * \param src source EC_POINT object
+ * \param group underlying the EC_GROUP object
+ * \return newly created EC_POINT object or NULL if an error occurred
+ */
+EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+
+/** Returns the EC_METHOD used in EC_POINT object
+ * \param point EC_POINT object
+ * \return the EC_METHOD used
+ */
+const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+
+/** Sets a point to infinity (neutral element)
+ * \param group underlying EC_GROUP object
+ * \param point EC_POINT to set to infinity
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+
+/** Sets the jacobian projective coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with the x-coordinate
+ * \param y BIGNUM with the y-coordinate
+ * \param z BIGNUM with the z-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+ EC_POINT *p, const BIGNUM *x,
+ const BIGNUM *y, const BIGNUM *z,
+ BN_CTX *ctx);
+
+/** Gets the jacobian projective coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM for the x-coordinate
+ * \param y BIGNUM for the y-coordinate
+ * \param z BIGNUM for the z-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+ const EC_POINT *p, BIGNUM *x,
+ BIGNUM *y, BIGNUM *z,
+ BN_CTX *ctx);
+
+/** Sets the affine coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with the x-coordinate
+ * \param y BIGNUM with the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+ const BIGNUM *x, const BIGNUM *y,
+ BN_CTX *ctx);
+
+/** Gets the affine coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM for the x-coordinate
+ * \param y BIGNUM for the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+ const EC_POINT *p, BIGNUM *x,
+ BIGNUM *y, BN_CTX *ctx);
+
+/** Sets the x9.62 compressed coordinates of a EC_POINT over GFp
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with x-coordinate
+ * \param y_bit integer with the y-Bit (either 0 or 1)
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+ EC_POINT *p, const BIGNUM *x,
+ int y_bit, BN_CTX *ctx);
+# ifndef OPENSSL_NO_EC2M
+/** Sets the affine coordinates of a EC_POINT over GF2m
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with the x-coordinate
+ * \param y BIGNUM with the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+ const BIGNUM *x, const BIGNUM *y,
+ BN_CTX *ctx);
+
+/** Gets the affine coordinates of a EC_POINT over GF2m
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM for the x-coordinate
+ * \param y BIGNUM for the y-coordinate
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+ const EC_POINT *p, BIGNUM *x,
+ BIGNUM *y, BN_CTX *ctx);
+
+/** Sets the x9.62 compressed coordinates of a EC_POINT over GF2m
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param x BIGNUM with x-coordinate
+ * \param y_bit integer with the y-Bit (either 0 or 1)
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+ EC_POINT *p, const BIGNUM *x,
+ int y_bit, BN_CTX *ctx);
+# endif
+/** Encodes a EC_POINT object to a octet string
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param form point conversion form
+ * \param buf memory buffer for the result. If NULL the function returns
+ * required buffer size.
+ * \param len length of the memory buffer
+ * \param ctx BN_CTX object (optional)
+ * \return the length of the encoded octet string or 0 if an error occurred
+ */
+size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+ point_conversion_form_t form,
+ unsigned char *buf, size_t len, BN_CTX *ctx);
+
+/** Decodes a EC_POINT from a octet string
+ * \param group underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \param buf memory buffer with the encoded ec point
+ * \param len length of the encoded ec point
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+ const unsigned char *buf, size_t len, BN_CTX *ctx);
/* other interfaces to point2oct/oct2point: */
BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,
- point_conversion_form_t form, BIGNUM *, BN_CTX *);
+ point_conversion_form_t form, BIGNUM *, BN_CTX *);
EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *,
- EC_POINT *, BN_CTX *);
+ EC_POINT *, BN_CTX *);
char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,
- point_conversion_form_t form, BN_CTX *);
+ point_conversion_form_t form, BN_CTX *);
EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
- EC_POINT *, BN_CTX *);
+ EC_POINT *, BN_CTX *);
-int EC_POINT_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-int EC_POINT_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
-int EC_POINT_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
+/********************************************************************/
+/* functions for doing EC_POINT arithmetic */
+/********************************************************************/
-int EC_POINT_is_at_infinity(const EC_GROUP *, const EC_POINT *);
-int EC_POINT_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
-int EC_POINT_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
+/** Computes the sum of two EC_POINT
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result (r = a + b)
+ * \param a EC_POINT object with the first summand
+ * \param b EC_POINT object with the second summand
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+ const EC_POINT *b, BN_CTX *ctx);
-int EC_POINT_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int EC_POINTs_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
+/** Computes the double of a EC_POINT
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result (r = 2 * a)
+ * \param a EC_POINT object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+ BN_CTX *ctx);
+/** Computes the inverse of a EC_POINT
+ * \param group underlying EC_GROUP object
+ * \param a EC_POINT object to be inverted (it's used for the result as well)
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
-int EC_POINTs_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, size_t num, const EC_POINT *[], const BIGNUM *[], BN_CTX *);
-int EC_POINT_mul(const EC_GROUP *, EC_POINT *r, const BIGNUM *, const EC_POINT *, const BIGNUM *, BN_CTX *);
+/** Checks whether the point is the neutral element of the group
+ * \param group the underlying EC_GROUP object
+ * \param p EC_POINT object
+ * \return 1 if the point is the neutral element and 0 otherwise
+ */
+int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
-/* EC_GROUP_precompute_mult() stores multiples of generator for faster point multiplication */
-int EC_GROUP_precompute_mult(EC_GROUP *, BN_CTX *);
-/* EC_GROUP_have_precompute_mult() reports whether such precomputation has been done */
-int EC_GROUP_have_precompute_mult(const EC_GROUP *);
+/** Checks whether the point is on the curve
+ * \param group underlying EC_GROUP object
+ * \param point EC_POINT object to check
+ * \param ctx BN_CTX object (optional)
+ * \return 1 if point if on the curve and 0 otherwise
+ */
+int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
+ BN_CTX *ctx);
+/** Compares two EC_POINTs
+ * \param group underlying EC_GROUP object
+ * \param a first EC_POINT object
+ * \param b second EC_POINT object
+ * \param ctx BN_CTX object (optional)
+ * \return 0 if both points are equal and a value != 0 otherwise
+ */
+int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b,
+ BN_CTX *ctx);
+int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+ EC_POINT *points[], BN_CTX *ctx);
-/* ASN1 stuff */
+/** Computes r = generator * n sum_{i=0}^{num-1} p[i] * m[i]
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result
+ * \param n BIGNUM with the multiplier for the group generator (optional)
+ * \param num number futher summands
+ * \param p array of size num of EC_POINT objects
+ * \param m array of size num of BIGNUM objects
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+ size_t num, const EC_POINT *p[], const BIGNUM *m[],
+ BN_CTX *ctx);
-/* EC_GROUP_get_basis_type() returns the NID of the basis type
- * used to represent the field elements */
+/** Computes r = generator * n + q * m
+ * \param group underlying EC_GROUP object
+ * \param r EC_POINT object for the result
+ * \param n BIGNUM with the multiplier for the group generator (optional)
+ * \param q EC_POINT object with the first factor of the second summand
+ * \param m BIGNUM with the second factor of the second summand
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+ const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+
+/** Stores multiples of generator for faster point multiplication
+ * \param group EC_GROUP object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+
+/** Reports whether a precomputation has been done
+ * \param group EC_GROUP object
+ * \return 1 if a pre-computation has been done and 0 otherwise
+ */
+int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
+
+/********************************************************************/
+/* ASN1 stuff */
+/********************************************************************/
+
+/*
+ * EC_GROUP_get_basis_type() returns the NID of the basis type used to
+ * represent the field elements
+ */
int EC_GROUP_get_basis_type(const EC_GROUP *);
+# ifndef OPENSSL_NO_EC2M
int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
-int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
- unsigned int *k2, unsigned int *k3);
+int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+ unsigned int *k2, unsigned int *k3);
+# endif
-#define OPENSSL_EC_NAMED_CURVE 0x001
+# define OPENSSL_EC_NAMED_CURVE 0x001
typedef struct ecpk_parameters_st ECPKPARAMETERS;
EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len);
int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out);
-#define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x)
-#define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x)
-#define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \
+# define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x)
+# define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x)
+# define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \
(char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x))
-#define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \
- (unsigned char *)(x))
+# define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \
+ (unsigned char *)(x))
-#ifndef OPENSSL_NO_BIO
-int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
-#endif
-#ifndef OPENSSL_NO_FP_API
-int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
-#endif
+# ifndef OPENSSL_NO_BIO
+int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
+# endif
+# ifndef OPENSSL_NO_FP_API
+int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
+# endif
+
+/********************************************************************/
+/* EC_KEY functions */
+/********************************************************************/
-/* the EC_KEY stuff */
typedef struct ec_key_st EC_KEY;
/* some values for the encoding_flag */
-#define EC_PKEY_NO_PARAMETERS 0x001
-#define EC_PKEY_NO_PUBKEY 0x002
+# define EC_PKEY_NO_PARAMETERS 0x001
+# define EC_PKEY_NO_PUBKEY 0x002
+/* some values for the flags field */
+# define EC_FLAG_NON_FIPS_ALLOW 0x1
+# define EC_FLAG_FIPS_CHECKED 0x2
+
+/** Creates a new EC_KEY object.
+ * \return EC_KEY object or NULL if an error occurred.
+ */
EC_KEY *EC_KEY_new(void);
+
+int EC_KEY_get_flags(const EC_KEY *key);
+
+void EC_KEY_set_flags(EC_KEY *key, int flags);
+
+void EC_KEY_clear_flags(EC_KEY *key, int flags);
+
+/** Creates a new EC_KEY object using a named curve as underlying
+ * EC_GROUP object.
+ * \param nid NID of the named curve.
+ * \return EC_KEY object or NULL if an error occurred.
+ */
EC_KEY *EC_KEY_new_by_curve_name(int nid);
-void EC_KEY_free(EC_KEY *);
-EC_KEY *EC_KEY_copy(EC_KEY *, const EC_KEY *);
-EC_KEY *EC_KEY_dup(const EC_KEY *);
-int EC_KEY_up_ref(EC_KEY *);
+/** Frees a EC_KEY object.
+ * \param key EC_KEY object to be freed.
+ */
+void EC_KEY_free(EC_KEY *key);
-const EC_GROUP *EC_KEY_get0_group(const EC_KEY *);
-int EC_KEY_set_group(EC_KEY *, const EC_GROUP *);
-const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *);
-int EC_KEY_set_private_key(EC_KEY *, const BIGNUM *);
-const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *);
-int EC_KEY_set_public_key(EC_KEY *, const EC_POINT *);
-unsigned EC_KEY_get_enc_flags(const EC_KEY *);
-void EC_KEY_set_enc_flags(EC_KEY *, unsigned int);
-point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *);
-void EC_KEY_set_conv_form(EC_KEY *, point_conversion_form_t);
+/** Copies a EC_KEY object.
+ * \param dst destination EC_KEY object
+ * \param src src EC_KEY object
+ * \return dst or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+
+/** Creates a new EC_KEY object and copies the content from src to it.
+ * \param src the source EC_KEY object
+ * \return newly created EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_dup(const EC_KEY *src);
+
+/** Increases the internal reference count of a EC_KEY object.
+ * \param key EC_KEY object
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_up_ref(EC_KEY *key);
+
+/** Returns the EC_GROUP object of a EC_KEY object
+ * \param key EC_KEY object
+ * \return the EC_GROUP object (possibly NULL).
+ */
+const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+
+/** Sets the EC_GROUP of a EC_KEY object.
+ * \param key EC_KEY object
+ * \param group EC_GROUP to use in the EC_KEY object (note: the EC_KEY
+ * object will use an own copy of the EC_GROUP).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+
+/** Returns the private key of a EC_KEY object.
+ * \param key EC_KEY object
+ * \return a BIGNUM with the private key (possibly NULL).
+ */
+const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+
+/** Sets the private key of a EC_KEY object.
+ * \param key EC_KEY object
+ * \param prv BIGNUM with the private key (note: the EC_KEY object
+ * will use an own copy of the BIGNUM).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+
+/** Returns the public key of a EC_KEY object.
+ * \param key the EC_KEY object
+ * \return a EC_POINT object with the public key (possibly NULL)
+ */
+const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+
+/** Sets the public key of a EC_KEY object.
+ * \param key EC_KEY object
+ * \param pub EC_POINT object with the public key (note: the EC_KEY object
+ * will use an own copy of the EC_POINT object).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+
+unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
+void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
+point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
/* functions to set/get method specific data */
-void *EC_KEY_get_key_method_data(EC_KEY *,
- void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
+void *EC_KEY_get_key_method_data(EC_KEY *key,
+ void *(*dup_func) (void *),
+ void (*free_func) (void *),
+ void (*clear_free_func) (void *));
/** Sets the key method data of an EC_KEY object, if none has yet been set.
* \param key EC_KEY object
* \param data opaque data to install.
@@ -330,48 +850,227 @@ void *EC_KEY_get_key_method_data(EC_KEY *,
* \return the previously set data pointer, or NULL if |data| was inserted.
*/
void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
- void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
+ void *(*dup_func) (void *),
+ void (*free_func) (void *),
+ void (*clear_free_func) (void *));
/* wrapper functions for the underlying EC_GROUP object */
-void EC_KEY_set_asn1_flag(EC_KEY *, int);
-int EC_KEY_precompute_mult(EC_KEY *, BN_CTX *ctx);
+void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
-/* EC_KEY_generate_key() creates a ec private (public) key */
-int EC_KEY_generate_key(EC_KEY *);
-/* EC_KEY_check_key() */
-int EC_KEY_check_key(const EC_KEY *);
+/** Creates a table of pre-computed multiples of the generator to
+ * accelerate further EC_KEY operations.
+ * \param key EC_KEY object
+ * \param ctx BN_CTX object (optional)
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
-/* de- and encoding functions for SEC1 ECPrivateKey */
-EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len);
-int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out);
-/* de- and encoding functions for EC parameters */
-EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len);
-int i2d_ECParameters(EC_KEY *a, unsigned char **out);
-/* de- and encoding functions for EC public key
- * (octet string, not DER -- hence 'o2i' and 'i2o') */
-EC_KEY *o2i_ECPublicKey(EC_KEY **a, const unsigned char **in, long len);
-int i2o_ECPublicKey(EC_KEY *a, unsigned char **out);
+/** Creates a new ec private (and optional a new public) key.
+ * \param key EC_KEY object
+ * \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_generate_key(EC_KEY *key);
-#ifndef OPENSSL_NO_BIO
-int ECParameters_print(BIO *bp, const EC_KEY *x);
-int EC_KEY_print(BIO *bp, const EC_KEY *x, int off);
-#endif
-#ifndef OPENSSL_NO_FP_API
-int ECParameters_print_fp(FILE *fp, const EC_KEY *x);
-int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off);
-#endif
+/** Verifies that a private and/or public key is valid.
+ * \param key the EC_KEY object
+ * \return 1 on success and 0 otherwise.
+ */
+int EC_KEY_check_key(const EC_KEY *key);
-#define ECParameters_dup(x) ASN1_dup_of(EC_KEY,i2d_ECParameters,d2i_ECParameters,x)
+/** Sets a public key from affine coordindates performing
+ * neccessary NIST PKV tests.
+ * \param key the EC_KEY object
+ * \param x public key x coordinate
+ * \param y public key y coordinate
+ * \return 1 on success and 0 otherwise.
+ */
+int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
+ BIGNUM *y);
-#ifndef __cplusplus
-#if defined(__SUNPRO_C)
-# if __SUNPRO_C >= 0x520
-# pragma error_messages (default,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
+/********************************************************************/
+/* de- and encoding functions for SEC1 ECPrivateKey */
+/********************************************************************/
+
+/** Decodes a private key from a memory buffer.
+ * \param key a pointer to a EC_KEY object which should be used (or NULL)
+ * \param in pointer to memory with the DER encoded private key
+ * \param len length of the DER encoded private key
+ * \return the decoded private key or NULL if an error occurred.
+ */
+EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes a private key object and stores the result in a buffer.
+ * \param key the EC_KEY object to encode
+ * \param out the buffer for the result (if NULL the function returns number
+ * of bytes needed).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out);
+
+/********************************************************************/
+/* de- and encoding functions for EC parameters */
+/********************************************************************/
+
+/** Decodes ec parameter from a memory buffer.
+ * \param key a pointer to a EC_KEY object which should be used (or NULL)
+ * \param in pointer to memory with the DER encoded ec parameters
+ * \param len length of the DER encoded ec parameters
+ * \return a EC_KEY object with the decoded parameters or NULL if an error
+ * occurred.
+ */
+EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes ec parameter and stores the result in a buffer.
+ * \param key the EC_KEY object with ec paramters to encode
+ * \param out the buffer for the result (if NULL the function returns number
+ * of bytes needed).
+ * \return 1 on success and 0 if an error occurred.
+ */
+int i2d_ECParameters(EC_KEY *key, unsigned char **out);
+
+/********************************************************************/
+/* de- and encoding functions for EC public key */
+/* (octet string, not DER -- hence 'o2i' and 'i2o') */
+/********************************************************************/
+
+/** Decodes a ec public key from a octet string.
+ * \param key a pointer to a EC_KEY object which should be used
+ * \param in memory buffer with the encoded public key
+ * \param len length of the encoded public key
+ * \return EC_KEY object with decoded public key or NULL if an error
+ * occurred.
+ */
+EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes a ec public key in an octet string.
+ * \param key the EC_KEY object with the public key
+ * \param out the buffer for the result (if NULL the function returns number
+ * of bytes needed).
+ * \return 1 on success and 0 if an error occurred
+ */
+int i2o_ECPublicKey(EC_KEY *key, unsigned char **out);
+
+# ifndef OPENSSL_NO_BIO
+/** Prints out the ec parameters on human readable form.
+ * \param bp BIO object to which the information is printed
+ * \param key EC_KEY object
+ * \return 1 on success and 0 if an error occurred
+ */
+int ECParameters_print(BIO *bp, const EC_KEY *key);
+
+/** Prints out the contents of a EC_KEY object
+ * \param bp BIO object to which the information is printed
+ * \param key EC_KEY object
+ * \param off line offset
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
+
+# endif
+# ifndef OPENSSL_NO_FP_API
+/** Prints out the ec parameters on human readable form.
+ * \param fp file descriptor to which the information is printed
+ * \param key EC_KEY object
+ * \return 1 on success and 0 if an error occurred
+ */
+int ECParameters_print_fp(FILE *fp, const EC_KEY *key);
+
+/** Prints out the contents of a EC_KEY object
+ * \param fp file descriptor to which the information is printed
+ * \param key EC_KEY object
+ * \param off line offset
+ * \return 1 on success and 0 if an error occurred
+ */
+int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
+
+# endif
+
+# define ECParameters_dup(x) ASN1_dup_of(EC_KEY,i2d_ECParameters,d2i_ECParameters,x)
+
+# ifndef __cplusplus
+# if defined(__SUNPRO_C)
+# if __SUNPRO_C >= 0x520
+# pragma error_messages (default,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
+# endif
# endif
# endif
-#endif
+
+# define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
+ EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL)
+
+# define EVP_PKEY_CTX_set_ec_param_enc(ctx, flag) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
+ EVP_PKEY_CTRL_EC_PARAM_ENC, flag, NULL)
+
+# define EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, flag) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_ECDH_COFACTOR, flag, NULL)
+
+# define EVP_PKEY_CTX_get_ecdh_cofactor_mode(ctx) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_ECDH_COFACTOR, -2, NULL)
+
+# define EVP_PKEY_CTX_set_ecdh_kdf_type(ctx, kdf) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL)
+
+# define EVP_PKEY_CTX_get_ecdh_kdf_type(ctx) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL)
+
+# define EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)md)
+
+# define EVP_PKEY_CTX_get_ecdh_kdf_md(ctx, pmd) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)pmd)
+
+# define EVP_PKEY_CTX_set_ecdh_kdf_outlen(ctx, len) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_KDF_OUTLEN, len, NULL)
+
+# define EVP_PKEY_CTX_get_ecdh_kdf_outlen(ctx, plen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, 0, (void *)plen)
+
+# define EVP_PKEY_CTX_set0_ecdh_kdf_ukm(ctx, p, plen) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_EC_KDF_UKM, plen, (void *)p)
+
+# define EVP_PKEY_CTX_get0_ecdh_kdf_ukm(ctx, p) \
+ EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+ EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_GET_EC_KDF_UKM, 0, (void *)p)
+
+# define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_EC_PARAM_ENC (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_EC_ECDH_COFACTOR (EVP_PKEY_ALG_CTRL + 3)
+# define EVP_PKEY_CTRL_EC_KDF_TYPE (EVP_PKEY_ALG_CTRL + 4)
+# define EVP_PKEY_CTRL_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 5)
+# define EVP_PKEY_CTRL_GET_EC_KDF_MD (EVP_PKEY_ALG_CTRL + 6)
+# define EVP_PKEY_CTRL_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 7)
+# define EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN (EVP_PKEY_ALG_CTRL + 8)
+# define EVP_PKEY_CTRL_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 9)
+# define EVP_PKEY_CTRL_GET_EC_KDF_UKM (EVP_PKEY_ALG_CTRL + 10)
+/* KDF types */
+# define EVP_PKEY_ECDH_KDF_NONE 1
+# define EVP_PKEY_ECDH_KDF_X9_62 2
/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_EC_strings(void);
@@ -379,154 +1078,203 @@ void ERR_load_EC_strings(void);
/* Error codes for the EC functions. */
/* Function codes. */
-#define EC_F_COMPUTE_WNAF 143
-#define EC_F_D2I_ECPARAMETERS 144
-#define EC_F_D2I_ECPKPARAMETERS 145
-#define EC_F_D2I_ECPRIVATEKEY 146
-#define EC_F_ECPARAMETERS_PRINT 147
-#define EC_F_ECPARAMETERS_PRINT_FP 148
-#define EC_F_ECPKPARAMETERS_PRINT 149
-#define EC_F_ECPKPARAMETERS_PRINT_FP 150
-#define EC_F_ECP_NIST_MOD_192 203
-#define EC_F_ECP_NIST_MOD_224 204
-#define EC_F_ECP_NIST_MOD_256 205
-#define EC_F_ECP_NIST_MOD_521 206
-#define EC_F_EC_ASN1_GROUP2CURVE 153
-#define EC_F_EC_ASN1_GROUP2FIELDID 154
-#define EC_F_EC_ASN1_GROUP2PARAMETERS 155
-#define EC_F_EC_ASN1_GROUP2PKPARAMETERS 156
-#define EC_F_EC_ASN1_PARAMETERS2GROUP 157
-#define EC_F_EC_ASN1_PKPARAMETERS2GROUP 158
-#define EC_F_EC_EX_DATA_SET_DATA 211
-#define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 208
-#define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 159
-#define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 195
-#define EC_F_EC_GF2M_SIMPLE_OCT2POINT 160
-#define EC_F_EC_GF2M_SIMPLE_POINT2OCT 161
-#define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162
-#define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163
-#define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 164
-#define EC_F_EC_GFP_MONT_FIELD_DECODE 133
-#define EC_F_EC_GFP_MONT_FIELD_ENCODE 134
-#define EC_F_EC_GFP_MONT_FIELD_MUL 131
-#define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 209
-#define EC_F_EC_GFP_MONT_FIELD_SQR 132
-#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189
-#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP 135
-#define EC_F_EC_GFP_NIST_FIELD_MUL 200
-#define EC_F_EC_GFP_NIST_FIELD_SQR 201
-#define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202
-#define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 165
-#define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 166
-#define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP 100
-#define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR 101
-#define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 102
-#define EC_F_EC_GFP_SIMPLE_OCT2POINT 103
-#define EC_F_EC_GFP_SIMPLE_POINT2OCT 104
-#define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137
-#define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 167
-#define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105
-#define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 168
-#define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128
-#define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 169
-#define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129
-#define EC_F_EC_GROUP_CHECK 170
-#define EC_F_EC_GROUP_CHECK_DISCRIMINANT 171
-#define EC_F_EC_GROUP_COPY 106
-#define EC_F_EC_GROUP_GET0_GENERATOR 139
-#define EC_F_EC_GROUP_GET_COFACTOR 140
-#define EC_F_EC_GROUP_GET_CURVE_GF2M 172
-#define EC_F_EC_GROUP_GET_CURVE_GFP 130
-#define EC_F_EC_GROUP_GET_DEGREE 173
-#define EC_F_EC_GROUP_GET_ORDER 141
-#define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 193
-#define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 194
-#define EC_F_EC_GROUP_NEW 108
-#define EC_F_EC_GROUP_NEW_BY_CURVE_NAME 174
-#define EC_F_EC_GROUP_NEW_FROM_DATA 175
-#define EC_F_EC_GROUP_PRECOMPUTE_MULT 142
-#define EC_F_EC_GROUP_SET_CURVE_GF2M 176
-#define EC_F_EC_GROUP_SET_CURVE_GFP 109
-#define EC_F_EC_GROUP_SET_EXTRA_DATA 110
-#define EC_F_EC_GROUP_SET_GENERATOR 111
-#define EC_F_EC_KEY_CHECK_KEY 177
-#define EC_F_EC_KEY_COPY 178
-#define EC_F_EC_KEY_GENERATE_KEY 179
-#define EC_F_EC_KEY_NEW 182
-#define EC_F_EC_KEY_PRINT 180
-#define EC_F_EC_KEY_PRINT_FP 181
-#define EC_F_EC_POINTS_MAKE_AFFINE 136
-#define EC_F_EC_POINTS_MUL 138
-#define EC_F_EC_POINT_ADD 112
-#define EC_F_EC_POINT_CMP 113
-#define EC_F_EC_POINT_COPY 114
-#define EC_F_EC_POINT_DBL 115
-#define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 183
-#define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 116
-#define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 117
-#define EC_F_EC_POINT_INVERT 210
-#define EC_F_EC_POINT_IS_AT_INFINITY 118
-#define EC_F_EC_POINT_IS_ON_CURVE 119
-#define EC_F_EC_POINT_MAKE_AFFINE 120
-#define EC_F_EC_POINT_MUL 184
-#define EC_F_EC_POINT_NEW 121
-#define EC_F_EC_POINT_OCT2POINT 122
-#define EC_F_EC_POINT_POINT2OCT 123
-#define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 185
-#define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 124
-#define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 186
-#define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125
-#define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126
-#define EC_F_EC_POINT_SET_TO_INFINITY 127
-#define EC_F_EC_PRE_COMP_DUP 207
-#define EC_F_EC_PRE_COMP_NEW 196
-#define EC_F_EC_WNAF_MUL 187
-#define EC_F_EC_WNAF_PRECOMPUTE_MULT 188
-#define EC_F_I2D_ECPARAMETERS 190
-#define EC_F_I2D_ECPKPARAMETERS 191
-#define EC_F_I2D_ECPRIVATEKEY 192
-#define EC_F_I2O_ECPUBLICKEY 151
-#define EC_F_O2I_ECPUBLICKEY 152
+# define EC_F_BN_TO_FELEM 224
+# define EC_F_COMPUTE_WNAF 143
+# define EC_F_D2I_ECPARAMETERS 144
+# define EC_F_D2I_ECPKPARAMETERS 145
+# define EC_F_D2I_ECPRIVATEKEY 146
+# define EC_F_DO_EC_KEY_PRINT 221
+# define EC_F_ECDH_CMS_DECRYPT 238
+# define EC_F_ECDH_CMS_SET_SHARED_INFO 239
+# define EC_F_ECKEY_PARAM2TYPE 223
+# define EC_F_ECKEY_PARAM_DECODE 212
+# define EC_F_ECKEY_PRIV_DECODE 213
+# define EC_F_ECKEY_PRIV_ENCODE 214
+# define EC_F_ECKEY_PUB_DECODE 215
+# define EC_F_ECKEY_PUB_ENCODE 216
+# define EC_F_ECKEY_TYPE2PARAM 220
+# define EC_F_ECPARAMETERS_PRINT 147
+# define EC_F_ECPARAMETERS_PRINT_FP 148
+# define EC_F_ECPKPARAMETERS_PRINT 149
+# define EC_F_ECPKPARAMETERS_PRINT_FP 150
+# define EC_F_ECP_NISTZ256_GET_AFFINE 240
+# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243
+# define EC_F_ECP_NISTZ256_POINTS_MUL 241
+# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244
+# define EC_F_ECP_NISTZ256_SET_WORDS 245
+# define EC_F_ECP_NISTZ256_WINDOWED_MUL 242
+# define EC_F_ECP_NIST_MOD_192 203
+# define EC_F_ECP_NIST_MOD_224 204
+# define EC_F_ECP_NIST_MOD_256 205
+# define EC_F_ECP_NIST_MOD_521 206
+# define EC_F_EC_ASN1_GROUP2CURVE 153
+# define EC_F_EC_ASN1_GROUP2FIELDID 154
+# define EC_F_EC_ASN1_GROUP2PARAMETERS 155
+# define EC_F_EC_ASN1_GROUP2PKPARAMETERS 156
+# define EC_F_EC_ASN1_PARAMETERS2GROUP 157
+# define EC_F_EC_ASN1_PKPARAMETERS2GROUP 158
+# define EC_F_EC_EX_DATA_SET_DATA 211
+# define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 208
+# define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 159
+# define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 195
+# define EC_F_EC_GF2M_SIMPLE_OCT2POINT 160
+# define EC_F_EC_GF2M_SIMPLE_POINT2OCT 161
+# define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162
+# define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163
+# define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 164
+# define EC_F_EC_GFP_MONT_FIELD_DECODE 133
+# define EC_F_EC_GFP_MONT_FIELD_ENCODE 134
+# define EC_F_EC_GFP_MONT_FIELD_MUL 131
+# define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 209
+# define EC_F_EC_GFP_MONT_FIELD_SQR 132
+# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189
+# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP 135
+# define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 225
+# define EC_F_EC_GFP_NISTP224_POINTS_MUL 228
+# define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226
+# define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 230
+# define EC_F_EC_GFP_NISTP256_POINTS_MUL 231
+# define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232
+# define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 233
+# define EC_F_EC_GFP_NISTP521_POINTS_MUL 234
+# define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235
+# define EC_F_EC_GFP_NIST_FIELD_MUL 200
+# define EC_F_EC_GFP_NIST_FIELD_SQR 201
+# define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202
+# define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 165
+# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 166
+# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP 100
+# define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR 101
+# define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 102
+# define EC_F_EC_GFP_SIMPLE_OCT2POINT 103
+# define EC_F_EC_GFP_SIMPLE_POINT2OCT 104
+# define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137
+# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 167
+# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105
+# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 168
+# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128
+# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 169
+# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129
+# define EC_F_EC_GROUP_CHECK 170
+# define EC_F_EC_GROUP_CHECK_DISCRIMINANT 171
+# define EC_F_EC_GROUP_COPY 106
+# define EC_F_EC_GROUP_GET0_GENERATOR 139
+# define EC_F_EC_GROUP_GET_COFACTOR 140
+# define EC_F_EC_GROUP_GET_CURVE_GF2M 172
+# define EC_F_EC_GROUP_GET_CURVE_GFP 130
+# define EC_F_EC_GROUP_GET_DEGREE 173
+# define EC_F_EC_GROUP_GET_ORDER 141
+# define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 193
+# define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 194
+# define EC_F_EC_GROUP_NEW 108
+# define EC_F_EC_GROUP_NEW_BY_CURVE_NAME 174
+# define EC_F_EC_GROUP_NEW_FROM_DATA 175
+# define EC_F_EC_GROUP_PRECOMPUTE_MULT 142
+# define EC_F_EC_GROUP_SET_CURVE_GF2M 176
+# define EC_F_EC_GROUP_SET_CURVE_GFP 109
+# define EC_F_EC_GROUP_SET_EXTRA_DATA 110
+# define EC_F_EC_GROUP_SET_GENERATOR 111
+# define EC_F_EC_KEY_CHECK_KEY 177
+# define EC_F_EC_KEY_COPY 178
+# define EC_F_EC_KEY_GENERATE_KEY 179
+# define EC_F_EC_KEY_NEW 182
+# define EC_F_EC_KEY_PRINT 180
+# define EC_F_EC_KEY_PRINT_FP 181
+# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 229
+# define EC_F_EC_POINTS_MAKE_AFFINE 136
+# define EC_F_EC_POINT_ADD 112
+# define EC_F_EC_POINT_CMP 113
+# define EC_F_EC_POINT_COPY 114
+# define EC_F_EC_POINT_DBL 115
+# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 183
+# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 116
+# define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 117
+# define EC_F_EC_POINT_INVERT 210
+# define EC_F_EC_POINT_IS_AT_INFINITY 118
+# define EC_F_EC_POINT_IS_ON_CURVE 119
+# define EC_F_EC_POINT_MAKE_AFFINE 120
+# define EC_F_EC_POINT_MUL 184
+# define EC_F_EC_POINT_NEW 121
+# define EC_F_EC_POINT_OCT2POINT 122
+# define EC_F_EC_POINT_POINT2OCT 123
+# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 185
+# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 124
+# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 186
+# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125
+# define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126
+# define EC_F_EC_POINT_SET_TO_INFINITY 127
+# define EC_F_EC_PRE_COMP_DUP 207
+# define EC_F_EC_PRE_COMP_NEW 196
+# define EC_F_EC_WNAF_MUL 187
+# define EC_F_EC_WNAF_PRECOMPUTE_MULT 188
+# define EC_F_I2D_ECPARAMETERS 190
+# define EC_F_I2D_ECPKPARAMETERS 191
+# define EC_F_I2D_ECPRIVATEKEY 192
+# define EC_F_I2O_ECPUBLICKEY 151
+# define EC_F_NISTP224_PRE_COMP_NEW 227
+# define EC_F_NISTP256_PRE_COMP_NEW 236
+# define EC_F_NISTP521_PRE_COMP_NEW 237
+# define EC_F_O2I_ECPUBLICKEY 152
+# define EC_F_OLD_EC_PRIV_DECODE 222
+# define EC_F_PKEY_EC_CTRL 197
+# define EC_F_PKEY_EC_CTRL_STR 198
+# define EC_F_PKEY_EC_DERIVE 217
+# define EC_F_PKEY_EC_KEYGEN 199
+# define EC_F_PKEY_EC_PARAMGEN 219
+# define EC_F_PKEY_EC_SIGN 218
/* Reason codes. */
-#define EC_R_ASN1_ERROR 115
-#define EC_R_ASN1_UNKNOWN_FIELD 116
-#define EC_R_BUFFER_TOO_SMALL 100
-#define EC_R_D2I_ECPKPARAMETERS_FAILURE 117
-#define EC_R_DISCRIMINANT_IS_ZERO 118
-#define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119
-#define EC_R_FIELD_TOO_LARGE 138
-#define EC_R_GROUP2PKPARAMETERS_FAILURE 120
-#define EC_R_I2D_ECPKPARAMETERS_FAILURE 121
-#define EC_R_INCOMPATIBLE_OBJECTS 101
-#define EC_R_INVALID_ARGUMENT 112
-#define EC_R_INVALID_COMPRESSED_POINT 110
-#define EC_R_INVALID_COMPRESSION_BIT 109
-#define EC_R_INVALID_ENCODING 102
-#define EC_R_INVALID_FIELD 103
-#define EC_R_INVALID_FORM 104
-#define EC_R_INVALID_GROUP_ORDER 122
-#define EC_R_INVALID_PENTANOMIAL_BASIS 132
-#define EC_R_INVALID_PRIVATE_KEY 123
-#define EC_R_INVALID_TRINOMIAL_BASIS 137
-#define EC_R_MISSING_PARAMETERS 124
-#define EC_R_MISSING_PRIVATE_KEY 125
-#define EC_R_NOT_A_NIST_PRIME 135
-#define EC_R_NOT_A_SUPPORTED_NIST_PRIME 136
-#define EC_R_NOT_IMPLEMENTED 126
-#define EC_R_NOT_INITIALIZED 111
-#define EC_R_NO_FIELD_MOD 133
-#define EC_R_PASSED_NULL_PARAMETER 134
-#define EC_R_PKPARAMETERS2GROUP_FAILURE 127
-#define EC_R_POINT_AT_INFINITY 106
-#define EC_R_POINT_IS_NOT_ON_CURVE 107
-#define EC_R_SLOT_FULL 108
-#define EC_R_UNDEFINED_GENERATOR 113
-#define EC_R_UNDEFINED_ORDER 128
-#define EC_R_UNKNOWN_GROUP 129
-#define EC_R_UNKNOWN_ORDER 114
-#define EC_R_UNSUPPORTED_FIELD 131
-#define EC_R_WRONG_ORDER 130
+# define EC_R_ASN1_ERROR 115
+# define EC_R_ASN1_UNKNOWN_FIELD 116
+# define EC_R_BIGNUM_OUT_OF_RANGE 144
+# define EC_R_BUFFER_TOO_SMALL 100
+# define EC_R_COORDINATES_OUT_OF_RANGE 146
+# define EC_R_D2I_ECPKPARAMETERS_FAILURE 117
+# define EC_R_DECODE_ERROR 142
+# define EC_R_DISCRIMINANT_IS_ZERO 118
+# define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119
+# define EC_R_FIELD_TOO_LARGE 143
+# define EC_R_GF2M_NOT_SUPPORTED 147
+# define EC_R_GROUP2PKPARAMETERS_FAILURE 120
+# define EC_R_I2D_ECPKPARAMETERS_FAILURE 121
+# define EC_R_INCOMPATIBLE_OBJECTS 101
+# define EC_R_INVALID_ARGUMENT 112
+# define EC_R_INVALID_COMPRESSED_POINT 110
+# define EC_R_INVALID_COMPRESSION_BIT 109
+# define EC_R_INVALID_CURVE 141
+# define EC_R_INVALID_DIGEST 151
+# define EC_R_INVALID_DIGEST_TYPE 138
+# define EC_R_INVALID_ENCODING 102
+# define EC_R_INVALID_FIELD 103
+# define EC_R_INVALID_FORM 104
+# define EC_R_INVALID_GROUP_ORDER 122
+# define EC_R_INVALID_PENTANOMIAL_BASIS 132
+# define EC_R_INVALID_PRIVATE_KEY 123
+# define EC_R_INVALID_TRINOMIAL_BASIS 137
+# define EC_R_KDF_PARAMETER_ERROR 148
+# define EC_R_KEYS_NOT_SET 140
+# define EC_R_MISSING_PARAMETERS 124
+# define EC_R_MISSING_PRIVATE_KEY 125
+# define EC_R_NOT_A_NIST_PRIME 135
+# define EC_R_NOT_A_SUPPORTED_NIST_PRIME 136
+# define EC_R_NOT_IMPLEMENTED 126
+# define EC_R_NOT_INITIALIZED 111
+# define EC_R_NO_FIELD_MOD 133
+# define EC_R_NO_PARAMETERS_SET 139
+# define EC_R_PASSED_NULL_PARAMETER 134
+# define EC_R_PEER_KEY_ERROR 149
+# define EC_R_PKPARAMETERS2GROUP_FAILURE 127
+# define EC_R_POINT_AT_INFINITY 106
+# define EC_R_POINT_IS_NOT_ON_CURVE 107
+# define EC_R_SHARED_INFO_ERROR 150
+# define EC_R_SLOT_FULL 108
+# define EC_R_UNDEFINED_GENERATOR 113
+# define EC_R_UNDEFINED_ORDER 128
+# define EC_R_UNKNOWN_GROUP 129
+# define EC_R_UNKNOWN_ORDER 114
+# define EC_R_UNSUPPORTED_FIELD 131
+# define EC_R_WRONG_CURVE_PARAMETERS 145
+# define EC_R_WRONG_ORDER 130
#ifdef __cplusplus
}
diff --git a/Cryptlib/Include/openssl/ecdh.h b/Cryptlib/Include/openssl/ecdh.h
index b4b58ee..25348b3 100644
--- a/Cryptlib/Include/openssl/ecdh.h
+++ b/Cryptlib/Include/openssl/ecdh.h
@@ -21,7 +21,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@@ -67,41 +67,50 @@
*
*/
#ifndef HEADER_ECDH_H
-#define HEADER_ECDH_H
+# define HEADER_ECDH_H
-#include
+# include
-#ifdef OPENSSL_NO_ECDH
-#error ECDH is disabled.
-#endif
+# ifdef OPENSSL_NO_ECDH
+# error ECDH is disabled.
+# endif
-#include
-#include
-#ifndef OPENSSL_NO_DEPRECATED
-#include
-#endif
+# include
+# include
+# ifndef OPENSSL_NO_DEPRECATED
+# include
+# endif
#ifdef __cplusplus
extern "C" {
#endif
+# define EC_FLAG_COFACTOR_ECDH 0x1000
+
const ECDH_METHOD *ECDH_OpenSSL(void);
-void ECDH_set_default_method(const ECDH_METHOD *);
+void ECDH_set_default_method(const ECDH_METHOD *);
const ECDH_METHOD *ECDH_get_default_method(void);
-int ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
+int ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
-int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
- void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
+int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+ EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen,
+ void *out, size_t *outlen));
-int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
- *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
-void *ECDH_get_ex_data(EC_KEY *d, int idx);
+int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
+ *new_func, CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
+void *ECDH_get_ex_data(EC_KEY *d, int idx);
+int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
+ const unsigned char *Z, size_t Zlen,
+ const unsigned char *sinfo, size_t sinfolen,
+ const EVP_MD *md);
/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_ECDH_strings(void);
@@ -109,13 +118,15 @@ void ERR_load_ECDH_strings(void);
/* Error codes for the ECDH functions. */
/* Function codes. */
-#define ECDH_F_ECDH_COMPUTE_KEY 100
-#define ECDH_F_ECDH_DATA_NEW_METHOD 101
+# define ECDH_F_ECDH_CHECK 102
+# define ECDH_F_ECDH_COMPUTE_KEY 100
+# define ECDH_F_ECDH_DATA_NEW_METHOD 101
/* Reason codes. */
-#define ECDH_R_KDF_FAILED 102
-#define ECDH_R_NO_PRIVATE_VALUE 100
-#define ECDH_R_POINT_ARITHMETIC_FAILURE 101
+# define ECDH_R_KDF_FAILED 102
+# define ECDH_R_NON_FIPS_METHOD 103
+# define ECDH_R_NO_PRIVATE_VALUE 100
+# define ECDH_R_POINT_ARITHMETIC_FAILURE 101
#ifdef __cplusplus
}
diff --git a/Cryptlib/Include/openssl/ecdsa.h b/Cryptlib/Include/openssl/ecdsa.h
index f20c8ee..c4016ac 100644
--- a/Cryptlib/Include/openssl/ecdsa.h
+++ b/Cryptlib/Include/openssl/ecdsa.h
@@ -4,14 +4,14 @@
* \author Written by Nils Larsch for the OpenSSL project
*/
/* ====================================================================
- * Copyright (c) 2000-2003 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@@ -57,193 +57,254 @@
*
*/
#ifndef HEADER_ECDSA_H
-#define HEADER_ECDSA_H
+# define HEADER_ECDSA_H
-#include
+# include
-#ifdef OPENSSL_NO_ECDSA
-#error ECDSA is disabled.
-#endif
+# ifdef OPENSSL_NO_ECDSA
+# error ECDSA is disabled.
+# endif
-#include
-#include
-#ifndef OPENSSL_NO_DEPRECATED
-#include
-#endif
+# include
+# include
+# ifndef OPENSSL_NO_DEPRECATED
+# include
+# endif
#ifdef __cplusplus
extern "C" {
#endif
-typedef struct ECDSA_SIG_st
- {
- BIGNUM *r;
- BIGNUM *s;
- } ECDSA_SIG;
+typedef struct ECDSA_SIG_st {
+ BIGNUM *r;
+ BIGNUM *s;
+} ECDSA_SIG;
-/** ECDSA_SIG *ECDSA_SIG_new(void)
- * allocates and initialize a ECDSA_SIG structure
- * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
+/** Allocates and initialize a ECDSA_SIG structure
+ * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
ECDSA_SIG *ECDSA_SIG_new(void);
-/** ECDSA_SIG_free
- * frees a ECDSA_SIG structure
- * \param a pointer to the ECDSA_SIG structure
+/** frees a ECDSA_SIG structure
+ * \param sig pointer to the ECDSA_SIG structure
*/
-void ECDSA_SIG_free(ECDSA_SIG *a);
+void ECDSA_SIG_free(ECDSA_SIG *sig);
-/** i2d_ECDSA_SIG
- * DER encode content of ECDSA_SIG object (note: this function modifies *pp
- * (*pp += length of the DER encoded signature)).
- * \param a pointer to the ECDSA_SIG object
- * \param pp pointer to a unsigned char pointer for the output or NULL
- * \return the length of the DER encoded ECDSA_SIG object or 0
+/** DER encode content of ECDSA_SIG object (note: this function modifies *pp
+ * (*pp += length of the DER encoded signature)).
+ * \param sig pointer to the ECDSA_SIG object
+ * \param pp pointer to a unsigned char pointer for the output or NULL
+ * \return the length of the DER encoded ECDSA_SIG object or 0
*/
-int i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **pp);
+int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
-/** d2i_ECDSA_SIG
- * decodes a DER encoded ECDSA signature (note: this function changes *pp
- * (*pp += len)).
- * \param v pointer to ECDSA_SIG pointer (may be NULL)
- * \param pp buffer with the DER encoded signature
- * \param len bufferlength
- * \return pointer to the decoded ECDSA_SIG structure (or NULL)
+/** Decodes a DER encoded ECDSA signature (note: this function changes *pp
+ * (*pp += len)).
+ * \param sig pointer to ECDSA_SIG pointer (may be NULL)
+ * \param pp memory buffer with the DER encoded signature
+ * \param len length of the buffer
+ * \return pointer to the decoded ECDSA_SIG structure (or NULL)
*/
-ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long len);
+ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
-/** ECDSA_do_sign
- * computes the ECDSA signature of the given hash value using
- * the supplied private key and returns the created signature.
- * \param dgst pointer to the hash value
- * \param dgst_len length of the hash value
- * \param eckey pointer to the EC_KEY object containing a private EC key
- * \return pointer to a ECDSA_SIG structure or NULL
+/** Computes the ECDSA signature of the given hash value using
+ * the supplied private key and returns the created signature.
+ * \param dgst pointer to the hash value
+ * \param dgst_len length of the hash value
+ * \param eckey EC_KEY object containing a private EC key
+ * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
-ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,int dgst_len,EC_KEY *eckey);
+ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+ EC_KEY *eckey);
-/** ECDSA_do_sign_ex
- * computes ECDSA signature of a given hash value using the supplied
- * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- * \param dgst pointer to the hash value to sign
- * \param dgstlen length of the hash value
- * \param kinv optional pointer to a pre-computed inverse k
- * \param rp optional pointer to the pre-computed rp value (see
- * ECDSA_sign_setup
- * \param eckey pointer to the EC_KEY object containing a private EC key
- * \return pointer to a ECDSA_SIG structure or NULL
+/** Computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param kinv BIGNUM with a pre-computed inverse k (optional)
+ * \param rp BIGNUM with a pre-computed rp value (optioanl),
+ * see ECDSA_sign_setup
+ * \param eckey EC_KEY object containing a private EC key
+ * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
-ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
- const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
+ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+ const BIGNUM *kinv, const BIGNUM *rp,
+ EC_KEY *eckey);
-/** ECDSA_do_verify
- * verifies that the supplied signature is a valid ECDSA
- * signature of the supplied hash value using the supplied public key.
- * \param dgst pointer to the hash value
- * \param dgst_len length of the hash value
- * \param sig pointer to the ECDSA_SIG structure
- * \param eckey pointer to the EC_KEY object containing a public EC key
- * \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
+/** Verifies that the supplied signature is a valid ECDSA
+ * signature of the supplied hash value using the supplied public key.
+ * \param dgst pointer to the hash value
+ * \param dgst_len length of the hash value
+ * \param sig ECDSA_SIG structure
+ * \param eckey EC_KEY object containing a public EC key
+ * \return 1 if the signature is valid, 0 if the signature is invalid
+ * and -1 on error
*/
-int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
- const ECDSA_SIG *sig, EC_KEY* eckey);
+int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+ const ECDSA_SIG *sig, EC_KEY *eckey);
const ECDSA_METHOD *ECDSA_OpenSSL(void);
-/** ECDSA_set_default_method
- * sets the default ECDSA method
- * \param meth the new default ECDSA_METHOD
+/** Sets the default ECDSA method
+ * \param meth new default ECDSA_METHOD
*/
-void ECDSA_set_default_method(const ECDSA_METHOD *meth);
+void ECDSA_set_default_method(const ECDSA_METHOD *meth);
-/** ECDSA_get_default_method
- * returns the default ECDSA method
- * \return pointer to ECDSA_METHOD structure containing the default method
+/** Returns the default ECDSA method
+ * \return pointer to ECDSA_METHOD structure containing the default method
*/
const ECDSA_METHOD *ECDSA_get_default_method(void);
-/** ECDSA_set_method
- * sets method to be used for the ECDSA operations
- * \param eckey pointer to the EC_KEY object
- * \param meth pointer to the new method
- * \return 1 on success and 0 otherwise
+/** Sets method to be used for the ECDSA operations
+ * \param eckey EC_KEY object
+ * \param meth new method
+ * \return 1 on success and 0 otherwise
*/
-int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
+int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
-/** ECDSA_size
- * returns the maximum length of the DER encoded signature
- * \param eckey pointer to a EC_KEY object
- * \return numbers of bytes required for the DER encoded signature
+/** Returns the maximum length of the DER encoded signature
+ * \param eckey EC_KEY object
+ * \return numbers of bytes required for the DER encoded signature
*/
-int ECDSA_size(const EC_KEY *eckey);
+int ECDSA_size(const EC_KEY *eckey);
-/** ECDSA_sign_setup
- * precompute parts of the signing operation.
- * \param eckey pointer to the EC_KEY object containing a private EC key
- * \param ctx pointer to a BN_CTX object (may be NULL)
- * \param kinv pointer to a BIGNUM pointer for the inverse of k
- * \param rp pointer to a BIGNUM pointer for x coordinate of k * generator
- * \return 1 on success and 0 otherwise
+/** Precompute parts of the signing operation
+ * \param eckey EC_KEY object containing a private EC key
+ * \param ctx BN_CTX object (optional)
+ * \param kinv BIGNUM pointer for the inverse of k
+ * \param rp BIGNUM pointer for x coordinate of k * generator
+ * \return 1 on success and 0 otherwise
*/
-int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
- BIGNUM **rp);
+int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
-/** ECDSA_sign
- * computes ECDSA signature of a given hash value using the supplied
- * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- * \param type this parameter is ignored
- * \param dgst pointer to the hash value to sign
- * \param dgstlen length of the hash value
- * \param sig buffer to hold the DER encoded signature
- * \param siglen pointer to the length of the returned signature
- * \param eckey pointer to the EC_KEY object containing a private EC key
- * \return 1 on success and 0 otherwise
+/** Computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param type this parameter is ignored
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param sig memory for the DER encoded created signature
+ * \param siglen pointer to the length of the returned signature
+ * \param eckey EC_KEY object containing a private EC key
+ * \return 1 on success and 0 otherwise
*/
-int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
- unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+ unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
-
-/** ECDSA_sign_ex
- * computes ECDSA signature of a given hash value using the supplied
- * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- * \param type this parameter is ignored
- * \param dgst pointer to the hash value to sign
- * \param dgstlen length of the hash value
- * \param sig buffer to hold the DER encoded signature
- * \param siglen pointer to the length of the returned signature
- * \param kinv optional pointer to a pre-computed inverse k
- * \param rp optional pointer to the pre-computed rp value (see
- * ECDSA_sign_setup
- * \param eckey pointer to the EC_KEY object containing a private EC key
- * \return 1 on success and 0 otherwise
+/** Computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param type this parameter is ignored
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param sig buffer to hold the DER encoded signature
+ * \param siglen pointer to the length of the returned signature
+ * \param kinv BIGNUM with a pre-computed inverse k (optional)
+ * \param rp BIGNUM with a pre-computed rp value (optioanl),
+ * see ECDSA_sign_setup
+ * \param eckey EC_KEY object containing a private EC key
+ * \return 1 on success and 0 otherwise
*/
-int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
- unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv,
- const BIGNUM *rp, EC_KEY *eckey);
+int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+ unsigned char *sig, unsigned int *siglen,
+ const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
-/** ECDSA_verify
- * verifies that the given signature is valid ECDSA signature
- * of the supplied hash value using the specified public key.
- * \param type this parameter is ignored
- * \param dgst pointer to the hash value
- * \param dgstlen length of the hash value
- * \param sig pointer to the DER encoded signature
- * \param siglen length of the DER encoded signature
- * \param eckey pointer to the EC_KEY object containing a public EC key
- * \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
+/** Verifies that the given signature is valid ECDSA signature
+ * of the supplied hash value using the specified public key.
+ * \param type this parameter is ignored
+ * \param dgst pointer to the hash value
+ * \param dgstlen length of the hash value
+ * \param sig pointer to the DER encoded signature
+ * \param siglen length of the DER encoded signature
+ * \param eckey EC_KEY object containing a public EC key
+ * \return 1 if the signature is valid, 0 if the signature is invalid
+ * and -1 on error
*/
-int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
- const unsigned char *sig, int siglen, EC_KEY *eckey);
+int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+ const unsigned char *sig, int siglen, EC_KEY *eckey);
/* the standard ex_data functions */
-int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
- *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
-void *ECDSA_get_ex_data(EC_KEY *d, int idx);
+int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
+ *new_func, CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
+void *ECDSA_get_ex_data(EC_KEY *d, int idx);
+/** Allocates and initialize a ECDSA_METHOD structure
+ * \param ecdsa_method pointer to ECDSA_METHOD to copy. (May be NULL)
+ * \return pointer to a ECDSA_METHOD structure or NULL if an error occurred
+ */
+
+ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_method);
+
+/** frees a ECDSA_METHOD structure
+ * \param ecdsa_method pointer to the ECDSA_METHOD structure
+ */
+void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method);
+
+/** Sets application specific data in the ECDSA_METHOD
+ * \param ecdsa_method pointer to existing ECDSA_METHOD
+ * \param app application specific data to set
+ */
+
+void ECDSA_METHOD_set_app_data(ECDSA_METHOD *ecdsa_method, void *app);
+
+/** Returns application specific data from a ECDSA_METHOD structure
+ * \param ecdsa_method pointer to ECDSA_METHOD structure
+ * \return pointer to application specific data.
+ */
+
+void *ECDSA_METHOD_get_app_data(ECDSA_METHOD *ecdsa_method);
+
+/** Set the ECDSA_do_sign function in the ECDSA_METHOD
+ * \param ecdsa_method pointer to existing ECDSA_METHOD
+ * \param ecdsa_do_sign a funtion of type ECDSA_do_sign
+ */
+
+void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method,
+ ECDSA_SIG *(*ecdsa_do_sign) (const unsigned char
+ *dgst, int dgst_len,
+ const BIGNUM *inv,
+ const BIGNUM *rp,
+ EC_KEY *eckey));
+
+/** Set the ECDSA_sign_setup function in the ECDSA_METHOD
+ * \param ecdsa_method pointer to existing ECDSA_METHOD
+ * \param ecdsa_sign_setup a funtion of type ECDSA_sign_setup
+ */
+
+void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method,
+ int (*ecdsa_sign_setup) (EC_KEY *eckey,
+ BN_CTX *ctx,
+ BIGNUM **kinv,
+ BIGNUM **r));
+
+/** Set the ECDSA_do_verify function in the ECDSA_METHOD
+ * \param ecdsa_method pointer to existing ECDSA_METHOD
+ * \param ecdsa_do_verify a funtion of type ECDSA_do_verify
+ */
+
+void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
+ int (*ecdsa_do_verify) (const unsigned char
+ *dgst, int dgst_len,
+ const ECDSA_SIG *sig,
+ EC_KEY *eckey));
+
+void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags);
+
+/** Set the flags field in the ECDSA_METHOD
+ * \param ecdsa_method pointer to existing ECDSA_METHOD
+ * \param flags flags value to set
+ */
+
+void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name);
+
+/** Set the name field in the ECDSA_METHOD
+ * \param ecdsa_method pointer to existing ECDSA_METHOD
+ * \param name name to set
+ */
/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_ECDSA_strings(void);
@@ -251,19 +312,22 @@ void ERR_load_ECDSA_strings(void);
/* Error codes for the ECDSA functions. */
/* Function codes. */
-#define ECDSA_F_ECDSA_DATA_NEW_METHOD 100
-#define ECDSA_F_ECDSA_DO_SIGN 101
-#define ECDSA_F_ECDSA_DO_VERIFY 102
-#define ECDSA_F_ECDSA_SIGN_SETUP 103
+# define ECDSA_F_ECDSA_CHECK 104
+# define ECDSA_F_ECDSA_DATA_NEW_METHOD 100
+# define ECDSA_F_ECDSA_DO_SIGN 101
+# define ECDSA_F_ECDSA_DO_VERIFY 102
+# define ECDSA_F_ECDSA_METHOD_NEW 105
+# define ECDSA_F_ECDSA_SIGN_SETUP 103
/* Reason codes. */
-#define ECDSA_R_BAD_SIGNATURE 100
-#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101
-#define ECDSA_R_ERR_EC_LIB 102
-#define ECDSA_R_MISSING_PARAMETERS 103
-#define ECDSA_R_NEED_NEW_SETUP_VALUES 106
-#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
-#define ECDSA_R_SIGNATURE_MALLOC_FAILED 105
+# define ECDSA_R_BAD_SIGNATURE 100
+# define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101
+# define ECDSA_R_ERR_EC_LIB 102
+# define ECDSA_R_MISSING_PARAMETERS 103
+# define ECDSA_R_NEED_NEW_SETUP_VALUES 106
+# define ECDSA_R_NON_FIPS_METHOD 107
+# define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
+# define ECDSA_R_SIGNATURE_MALLOC_FAILED 105
#ifdef __cplusplus
}
diff --git a/Cryptlib/Include/openssl/engine.h b/Cryptlib/Include/openssl/engine.h
index b4e0444..bd7b591 100644
--- a/Cryptlib/Include/openssl/engine.h
+++ b/Cryptlib/Include/openssl/engine.h
@@ -1,6 +1,7 @@
/* openssl/engine.h */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
*/
/* ====================================================================
* Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved.
@@ -10,7 +11,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@@ -57,233 +58,294 @@
*/
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
+ * ECDH support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
#ifndef HEADER_ENGINE_H
-#define HEADER_ENGINE_H
+# define HEADER_ENGINE_H
-#include
+# include
-#ifdef OPENSSL_NO_ENGINE
-#error ENGINE is disabled.
-#endif
+# ifdef OPENSSL_NO_ENGINE
+# error ENGINE is disabled.
+# endif
-#ifndef OPENSSL_NO_DEPRECATED
-#include
-#ifndef OPENSSL_NO_RSA
-#include
-#endif
-#ifndef OPENSSL_NO_DSA
-#include
-#endif
-#ifndef OPENSSL_NO_DH
-#include
-#endif
-#ifndef OPENSSL_NO_ECDH
-#include
-#endif
-#ifndef OPENSSL_NO_ECDSA
-#include
-#endif
-#include
-#include
-#include
-#include
-#endif
+# ifndef OPENSSL_NO_DEPRECATED
+# include
+# ifndef OPENSSL_NO_RSA
+# include
+# endif
+# ifndef OPENSSL_NO_DSA
+# include
+# endif
+# ifndef OPENSSL_NO_DH
+# include
+# endif
+# ifndef OPENSSL_NO_ECDH
+# include
+# endif
+# ifndef OPENSSL_NO_ECDSA
+# include
+# endif
+# include
+# include