diff --git a/SConstruct b/SConstruct index ec76448235d461..48a5e0e2af2406 100644 --- a/SConstruct +++ b/SConstruct @@ -183,7 +183,6 @@ env = Environment( "#third_party/acados/include/blasfeo/include", "#third_party/acados/include/hpipm/include", "#third_party/catch2/include", - "#third_party/bzip2", "#third_party/libyuv/include", "#third_party/openmax/include", "#third_party/json11", diff --git a/release/files_common b/release/files_common index 8c1214f73d4be9..1592fcf8ad06ea 100644 --- a/release/files_common +++ b/release/files_common @@ -444,8 +444,6 @@ third_party/SConscript third_party/linux/** third_party/opencl/** -third_party/zlib/* -third_party/bzip2/* third_party/openmax/** third_party/json11/json11.cpp diff --git a/third_party/boringssl/LICENSE b/third_party/boringssl/LICENSE deleted file mode 100644 index 2f4dfcdb04c830..00000000000000 --- a/third_party/boringssl/LICENSE +++ /dev/null @@ -1,274 +0,0 @@ -BoringSSL is a fork of OpenSSL. As such, large parts of it fall under OpenSSL -licensing. Files that are completely new have a Google copyright and an ISC -license. This license is reproduced at the bottom of this file. - -Contributors to BoringSSL are required to follow the CLA rules for Chromium: -https://cla.developers.google.com/clas - -Files in third_party/ have their own licenses, as described therein. The MIT -license, for third_party/fiat, which, unlike other third_party directories, is -compiled into non-test libraries, is included below. - -The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the -OpenSSL License and the original SSLeay license apply to the toolkit. See below -for the actual license texts. Actually both licenses are BSD-style Open Source -licenses. In case of any license issues related to OpenSSL please contact -openssl-core@openssl.org. - -The following are Google-internal bug numbers where explicit permission from -some authors is recorded for use of their work. (This is purely for our own -record keeping.) - 27287199 - 27287880 - 27287883 - - OpenSSL License - --------------- - -/* ==================================================================== - * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - Original SSLeay License - ----------------------- - -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - - -ISC license used for completely new code in BoringSSL: - -/* Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - - -The code in third_party/fiat carries the MIT license: - -Copyright (c) 2015-2016 the fiat-crypto authors (see -https://github.com/mit-plv/fiat-crypto/blob/master/AUTHORS). - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. - - -The code in third_party/sike also carries the MIT license: - -Copyright (c) Microsoft Corporation. All rights reserved. - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE - - -Licenses for support code -------------------------- - -Parts of the TLS test suite are under the Go license. This code is not included -in BoringSSL (i.e. libcrypto and libssl) when compiled, however, so -distributing code linked against BoringSSL does not trigger this license: - -Copyright (c) 2009 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - -BoringSSL uses the Chromium test infrastructure to run a continuous build, -trybots etc. The scripts which manage this, and the script for generating build -metadata, are under the Chromium license. Distributing code linked against -BoringSSL does not trigger this license. - -Copyright 2015 The Chromium Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/third_party/boringssl/LICENSE.boringssl b/third_party/boringssl/LICENSE.boringssl deleted file mode 100644 index 0b0b9b3292837f..00000000000000 --- a/third_party/boringssl/LICENSE.boringssl +++ /dev/null @@ -1,192 +0,0 @@ -BoringSSL is a fork of OpenSSL. As such, large parts of it fall under OpenSSL -licensing. Files that are completely new have a Google copyright and an ISC -license. This license is reproduced at the bottom of this file. - -Contributors to BoringSSL are required to follow the CLA rules for Chromium: -https://cla.developers.google.com/clas - -Some files from Intel are under yet another license, which is also included -underneath. - -The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the -OpenSSL License and the original SSLeay license apply to the toolkit. See below -for the actual license texts. Actually both licenses are BSD-style Open Source -licenses. In case of any license issues related to OpenSSL please contact -openssl-core@openssl.org. - -The following are Google-internal bug numbers where explicit permission from -some authors is recorded for use of their work. (This is purely for our own -record keeping.) - 27287199 - 27287880 - 27287883 - - OpenSSL License - --------------- - -/* ==================================================================== - * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - Original SSLeay License - ----------------------- - -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - - -ISC license used for completely new code in BoringSSL: - -/* Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - - -Some files from Intel carry the following license: - -# Copyright (c) 2012, Intel Corporation -# -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions are -# met: -# -# * Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# * Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the -# distribution. -# -# * Neither the name of the Intel Corporation nor the names of its -# contributors may be used to endorse or promote products derived from -# this software without specific prior written permission. -# -# -# THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION ""AS IS"" AND ANY -# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION OR -# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, -# EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR -# PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF -# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/third_party/boringssl/build.txt b/third_party/boringssl/build.txt deleted file mode 100644 index 0c9cd0d31d244e..00000000000000 --- a/third_party/boringssl/build.txt +++ /dev/null @@ -1,7 +0,0 @@ -# with neos tree -cd ~/android/system -mka libcrypt_static libssl_static - -cp ~/android/system/out/target/product/oneplus3/obj/STATIC_LIBRARIES/libcrypto_static_intermediates/libcrypto_static.a lib/ -cp ~/android/system/out/target/product/oneplus3/obj/STATIC_LIBRARIES/libssl_static_intermediates/libssl_static.a lib/ - diff --git a/third_party/boringssl/include/openssl/aead.h b/third_party/boringssl/include/openssl/aead.h deleted file mode 100644 index dc453e342d204c..00000000000000 --- a/third_party/boringssl/include/openssl/aead.h +++ /dev/null @@ -1,315 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#ifndef OPENSSL_HEADER_AEAD_H -#define OPENSSL_HEADER_AEAD_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* Authenticated Encryption with Additional Data. - * - * AEAD couples confidentiality and integrity in a single primtive. AEAD - * algorithms take a key and then can seal and open individual messages. Each - * message has a unique, per-message nonce and, optionally, additional data - * which is authenticated but not included in the ciphertext. - * - * The |EVP_AEAD_CTX_init| function initialises an |EVP_AEAD_CTX| structure and - * performs any precomputation needed to use |aead| with |key|. The length of - * the key, |key_len|, is given in bytes. - * - * The |tag_len| argument contains the length of the tags, in bytes, and allows - * for the processing of truncated authenticators. A zero value indicates that - * the default tag length should be used and this is defined as - * |EVP_AEAD_DEFAULT_TAG_LENGTH| in order to make the code clear. Using - * truncated tags increases an attacker's chance of creating a valid forgery. - * Be aware that the attacker's chance may increase more than exponentially as - * would naively be expected. - * - * When no longer needed, the initialised |EVP_AEAD_CTX| structure must be - * passed to |EVP_AEAD_CTX_cleanup|, which will deallocate any memory used. - * - * With an |EVP_AEAD_CTX| in hand, one can seal and open messages. These - * operations are intended to meet the standard notions of privacy and - * authenticity for authenticated encryption. For formal definitions see - * Bellare and Namprempre, "Authenticated encryption: relations among notions - * and analysis of the generic composition paradigm," Lecture Notes in Computer - * Science B<1976> (2000), 531–545, - * http://www-cse.ucsd.edu/~mihir/papers/oem.html. - * - * When sealing messages, a nonce must be given. The length of the nonce is - * fixed by the AEAD in use and is returned by |EVP_AEAD_nonce_length|. *The - * nonce must be unique for all messages with the same key*. This is critically - * important - nonce reuse may completely undermine the security of the AEAD. - * Nonces may be predictable and public, so long as they are unique. Uniqueness - * may be achieved with a simple counter or, if large enough, may be generated - * randomly. The nonce must be passed into the "open" operation by the receiver - * so must either be implicit (e.g. a counter), or must be transmitted along - * with the sealed message. - * - * The "seal" and "open" operations are atomic - an entire message must be - * encrypted or decrypted in a single call. Large messages may have to be split - * up in order to accomodate this. When doing so, be mindful of the need not to - * repeat nonces and the possibility that an attacker could duplicate, reorder - * or drop message chunks. For example, using a single key for a given (large) - * message and sealing chunks with nonces counting from zero would be secure as - * long as the number of chunks was securely transmitted. (Otherwise an - * attacker could truncate the message by dropping chunks from the end.) - * - * The number of chunks could be transmitted by prefixing it to the plaintext, - * for example. This also assumes that no other message would ever use the same - * key otherwise the rule that nonces must be unique for a given key would be - * violated. - * - * The "seal" and "open" operations also permit additional data to be - * authenticated via the |ad| parameter. This data is not included in the - * ciphertext and must be identical for both the "seal" and "open" call. This - * permits implicit context to be authenticated but may be empty if not needed. - * - * The "seal" and "open" operations may work in-place if the |out| and |in| - * arguments are equal. They may also be used to shift the data left inside the - * same buffer if |out| is less than |in|. However, |out| may not point inside - * the input data otherwise the input may be overwritten before it has been - * read. This situation will cause an error. - * - * The "seal" and "open" operations return one on success and zero on error. */ - - -/* AEAD algorithms. */ - -/* EVP_aead_aes_128_gcm is AES-128 in Galois Counter Mode. */ -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_gcm(void); - -/* EVP_aead_aes_256_gcm is AES-256 in Galois Counter Mode. */ -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_gcm(void); - -/* EVP_aead_chacha20_poly1305 is an AEAD built from ChaCha20 and Poly1305. */ -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_chacha20_poly1305(void); - -/* EVP_aead_aes_128_key_wrap is AES-128 Key Wrap mode. This should never be - * used except to interoperate with existing systems that use this mode. - * - * If the nonce is empty then the default nonce will be used, otherwise it must - * be eight bytes long. The input must be a multiple of eight bytes long. No - * additional data can be given to this mode. */ -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_key_wrap(void); - -/* EVP_aead_aes_256_key_wrap is AES-256 in Key Wrap mode. This should never be - * used except to interoperate with existing systems that use this mode. - * - * See |EVP_aead_aes_128_key_wrap| for details. */ -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_key_wrap(void); - -/* EVP_aead_aes_128_ctr_hmac_sha256 is AES-128 in CTR mode with HMAC-SHA256 for - * authentication. The nonce is 12 bytes; the bottom 32-bits are used as the - * block counter, thus the maximum plaintext size is 64GB. */ -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_ctr_hmac_sha256(void); - -/* EVP_aead_aes_128_ctr_hmac_sha256 is AES-256 in CTR mode with HMAC-SHA256 for - * authentication. See |EVP_aead_aes_128_ctr_hmac_sha256| for details. */ -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_ctr_hmac_sha256(void); - -/* EVP_has_aes_hardware returns one if we enable hardware support for fast and - * constant-time AES-GCM. */ -OPENSSL_EXPORT int EVP_has_aes_hardware(void); - - -/* TLS-specific AEAD algorithms. - * - * These AEAD primitives do not meet the definition of generic AEADs. They are - * all specific to TLS and should not be used outside of that context. They must - * be initialized with |EVP_AEAD_CTX_init_with_direction|, are stateful, and may - * not be used concurrently. Any nonces are used as IVs, so they must be - * unpredictable. They only accept an |ad| parameter of length 11 (the standard - * TLS one with length omitted). */ - -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_rc4_md5_tls(void); -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_rc4_sha1_tls(void); - -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_cbc_sha1_tls(void); -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_cbc_sha1_tls_implicit_iv(void); -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_cbc_sha256_tls(void); - -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_cbc_sha1_tls(void); -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_cbc_sha1_tls_implicit_iv(void); -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_cbc_sha256_tls(void); -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_cbc_sha384_tls(void); - -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls(void); -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls_implicit_iv(void); - - -/* SSLv3-specific AEAD algorithms. - * - * These AEAD primitives do not meet the definition of generic AEADs. They are - * all specific to SSLv3 and should not be used outside of that context. They - * must be initialized with |EVP_AEAD_CTX_init_with_direction|, are stateful, - * and may not be used concurrently. They only accept an |ad| parameter of - * length 9 (the standard TLS one with length and version omitted). */ - -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_rc4_md5_ssl3(void); -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_rc4_sha1_ssl3(void); -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_cbc_sha1_ssl3(void); -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_cbc_sha1_ssl3(void); -OPENSSL_EXPORT const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_ssl3(void); - - -/* Utility functions. */ - -/* EVP_AEAD_key_length returns the length, in bytes, of the keys used by - * |aead|. */ -OPENSSL_EXPORT size_t EVP_AEAD_key_length(const EVP_AEAD *aead); - -/* EVP_AEAD_nonce_length returns the length, in bytes, of the per-message nonce - * for |aead|. */ -OPENSSL_EXPORT size_t EVP_AEAD_nonce_length(const EVP_AEAD *aead); - -/* EVP_AEAD_max_overhead returns the maximum number of additional bytes added - * by the act of sealing data with |aead|. */ -OPENSSL_EXPORT size_t EVP_AEAD_max_overhead(const EVP_AEAD *aead); - -/* EVP_AEAD_max_tag_len returns the maximum tag length when using |aead|. This - * is the largest value that can be passed as |tag_len| to - * |EVP_AEAD_CTX_init|. */ -OPENSSL_EXPORT size_t EVP_AEAD_max_tag_len(const EVP_AEAD *aead); - - -/* AEAD operations. */ - -/* An EVP_AEAD_CTX represents an AEAD algorithm configured with a specific key - * and message-independent IV. */ -typedef struct evp_aead_ctx_st { - const EVP_AEAD *aead; - /* aead_state is an opaque pointer to whatever state the AEAD needs to - * maintain. */ - void *aead_state; -} EVP_AEAD_CTX; - -/* EVP_AEAD_MAX_KEY_LENGTH contains the maximum key length used by - * any AEAD defined in this header. */ -#define EVP_AEAD_MAX_KEY_LENGTH 80 - -/* EVP_AEAD_MAX_NONCE_LENGTH contains the maximum nonce length used by - * any AEAD defined in this header. */ -#define EVP_AEAD_MAX_NONCE_LENGTH 16 - -/* EVP_AEAD_MAX_OVERHEAD contains the maximum overhead used by any AEAD - * defined in this header. */ -#define EVP_AEAD_MAX_OVERHEAD 64 - -/* EVP_AEAD_DEFAULT_TAG_LENGTH is a magic value that can be passed to - * EVP_AEAD_CTX_init to indicate that the default tag length for an AEAD should - * be used. */ -#define EVP_AEAD_DEFAULT_TAG_LENGTH 0 - -/* evp_aead_direction_t denotes the direction of an AEAD operation. */ -enum evp_aead_direction_t { - evp_aead_open, - evp_aead_seal, -}; - -/* EVP_AEAD_CTX_init initializes |ctx| for the given AEAD algorithm from |impl|. - * The |impl| argument may be NULL to choose the default implementation. - * Authentication tags may be truncated by passing a size as |tag_len|. A - * |tag_len| of zero indicates the default tag length and this is defined as - * EVP_AEAD_DEFAULT_TAG_LENGTH for readability. - * - * Returns 1 on success. Otherwise returns 0 and pushes to the error stack. In - * the error case, you do not need to call |EVP_AEAD_CTX_cleanup|, but it's - * harmless to do so. */ -OPENSSL_EXPORT int EVP_AEAD_CTX_init(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead, - const uint8_t *key, size_t key_len, - size_t tag_len, ENGINE *impl); - -/* EVP_AEAD_CTX_init_with_direction calls |EVP_AEAD_CTX_init| for normal - * AEADs. For TLS-specific and SSL3-specific AEADs, it initializes |ctx| for a - * given direction. */ -OPENSSL_EXPORT int EVP_AEAD_CTX_init_with_direction( - EVP_AEAD_CTX *ctx, const EVP_AEAD *aead, const uint8_t *key, size_t key_len, - size_t tag_len, enum evp_aead_direction_t dir); - -/* EVP_AEAD_CTX_cleanup frees any data allocated by |ctx|. It is a no-op to - * call |EVP_AEAD_CTX_cleanup| on a |EVP_AEAD_CTX| that has been |memset| to - * all zeros. */ -OPENSSL_EXPORT void EVP_AEAD_CTX_cleanup(EVP_AEAD_CTX *ctx); - -/* EVP_AEAD_CTX_seal encrypts and authenticates |in_len| bytes from |in| and - * authenticates |ad_len| bytes from |ad| and writes the result to |out|. It - * returns one on success and zero otherwise. - * - * This function may be called (with the same |EVP_AEAD_CTX|) concurrently with - * itself or |EVP_AEAD_CTX_open|. - * - * At most |max_out_len| bytes are written to |out| and, in order to ensure - * success, |max_out_len| should be |in_len| plus the result of - * |EVP_AEAD_max_overhead|. On successful return, |*out_len| is set to the - * actual number of bytes written. - * - * The length of |nonce|, |nonce_len|, must be equal to the result of - * |EVP_AEAD_nonce_length| for this AEAD. - * - * |EVP_AEAD_CTX_seal| never results in a partial output. If |max_out_len| is - * insufficient, zero will be returned. (In this case, |*out_len| is set to - * zero.) - * - * If |in| and |out| alias then |out| must be <= |in|. */ -OPENSSL_EXPORT int EVP_AEAD_CTX_seal(const EVP_AEAD_CTX *ctx, uint8_t *out, - size_t *out_len, size_t max_out_len, - const uint8_t *nonce, size_t nonce_len, - const uint8_t *in, size_t in_len, - const uint8_t *ad, size_t ad_len); - -/* EVP_AEAD_CTX_open authenticates |in_len| bytes from |in| and |ad_len| bytes - * from |ad| and decrypts at most |in_len| bytes into |out|. It returns one on - * success and zero otherwise. - * - * This function may be called (with the same |EVP_AEAD_CTX|) concurrently with - * itself or |EVP_AEAD_CTX_seal|. - * - * At most |in_len| bytes are written to |out|. In order to ensure success, - * |max_out_len| should be at least |in_len|. On successful return, |*out_len| - * is set to the the actual number of bytes written. - * - * The length of |nonce|, |nonce_len|, must be equal to the result of - * |EVP_AEAD_nonce_length| for this AEAD. - * - * |EVP_AEAD_CTX_open| never results in a partial output. If |max_out_len| is - * insufficient, zero will be returned. (In this case, |*out_len| is set to - * zero.) - * - * If |in| and |out| alias then |out| must be <= |in|. */ -OPENSSL_EXPORT int EVP_AEAD_CTX_open(const EVP_AEAD_CTX *ctx, uint8_t *out, - size_t *out_len, size_t max_out_len, - const uint8_t *nonce, size_t nonce_len, - const uint8_t *in, size_t in_len, - const uint8_t *ad, size_t ad_len); - - -/* Obscure functions. */ - -/* EVP_AEAD_CTX_get_rc4_state sets |*out_key| to point to an RC4 key structure. - * It returns one on success or zero if |ctx| doesn't have an RC4 key. */ -OPENSSL_EXPORT int EVP_AEAD_CTX_get_rc4_state(const EVP_AEAD_CTX *ctx, - const RC4_KEY **out_key); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_AEAD_H */ diff --git a/third_party/boringssl/include/openssl/aes.h b/third_party/boringssl/include/openssl/aes.h deleted file mode 100644 index 84cde416e64432..00000000000000 --- a/third_party/boringssl/include/openssl/aes.h +++ /dev/null @@ -1,158 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2002-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== */ - -#ifndef OPENSSL_HEADER_AES_H -#define OPENSSL_HEADER_AES_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* Raw AES functions. */ - - -#define AES_ENCRYPT 1 -#define AES_DECRYPT 0 - -/* AES_MAXNR is the maximum number of AES rounds. */ -#define AES_MAXNR 14 - -#define AES_BLOCK_SIZE 16 - -/* aes_key_st should be an opaque type, but EVP requires that the size be - * known. */ -struct aes_key_st { - uint32_t rd_key[4 * (AES_MAXNR + 1)]; - unsigned rounds; -}; -typedef struct aes_key_st AES_KEY; - -/* AES_set_encrypt_key configures |aeskey| to encrypt with the |bits|-bit key, - * |key|. - * - * WARNING: unlike other OpenSSL functions, this returns zero on success and a - * negative number on error. */ -OPENSSL_EXPORT int AES_set_encrypt_key(const uint8_t *key, unsigned bits, - AES_KEY *aeskey); - -/* AES_set_decrypt_key configures |aeskey| to decrypt with the |bits|-bit key, - * |key|. - * - * WARNING: unlike other OpenSSL functions, this returns zero on success and a - * negative number on error. */ -OPENSSL_EXPORT int AES_set_decrypt_key(const uint8_t *key, unsigned bits, - AES_KEY *aeskey); - -/* AES_encrypt encrypts a single block from |in| to |out| with |key|. The |in| - * and |out| pointers may overlap. */ -OPENSSL_EXPORT void AES_encrypt(const uint8_t *in, uint8_t *out, - const AES_KEY *key); - -/* AES_decrypt decrypts a single block from |in| to |out| with |key|. The |in| - * and |out| pointers may overlap. */ -OPENSSL_EXPORT void AES_decrypt(const uint8_t *in, uint8_t *out, - const AES_KEY *key); - - -/* Block cipher modes. */ - -/* AES_ctr128_encrypt encrypts (or decrypts, it's the same in CTR mode) |len| - * bytes from |in| to |out|. The |num| parameter must be set to zero on the - * first call and |ivec| will be incremented. */ -OPENSSL_EXPORT void AES_ctr128_encrypt(const uint8_t *in, uint8_t *out, - size_t len, const AES_KEY *key, - uint8_t ivec[AES_BLOCK_SIZE], - uint8_t ecount_buf[AES_BLOCK_SIZE], - unsigned int *num); - -/* AES_ecb_encrypt encrypts (or decrypts, if |enc| == |AES_DECRYPT|) a single, - * 16 byte block from |in| to |out|. */ -OPENSSL_EXPORT void AES_ecb_encrypt(const uint8_t *in, uint8_t *out, - const AES_KEY *key, const int enc); - -/* AES_cbc_encrypt encrypts (or decrypts, if |enc| == |AES_DECRYPT|) |len| - * bytes from |in| to |out|. The length must be a multiple of the block size. */ -OPENSSL_EXPORT void AES_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t len, - const AES_KEY *key, uint8_t *ivec, - const int enc); - -/* AES_ofb128_encrypt encrypts (or decrypts, it's the same in CTR mode) |len| - * bytes from |in| to |out|. The |num| parameter must be set to zero on the - * first call. */ -OPENSSL_EXPORT void AES_ofb128_encrypt(const uint8_t *in, uint8_t *out, - size_t len, const AES_KEY *key, - uint8_t *ivec, int *num); - -/* AES_cfb128_encrypt encrypts (or decrypts, if |enc| == |AES_DECRYPT|) |len| - * bytes from |in| to |out|. The |num| parameter must be set to zero on the - * first call. */ -OPENSSL_EXPORT void AES_cfb128_encrypt(const uint8_t *in, uint8_t *out, - size_t len, const AES_KEY *key, - uint8_t *ivec, int *num, int enc); - - -/* Android compatibility section. - * - * These functions are declared, temporarily, for Android because - * wpa_supplicant will take a little time to sync with upstream. Outside of - * Android they'll have no definition. */ - -OPENSSL_EXPORT int AES_wrap_key(AES_KEY *key, const uint8_t *iv, uint8_t *out, - const uint8_t *in, unsigned in_len); -OPENSSL_EXPORT int AES_unwrap_key(AES_KEY *key, const uint8_t *iv, uint8_t *out, - const uint8_t *in, unsigned in_len); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_AES_H */ diff --git a/third_party/boringssl/include/openssl/asn1.h b/third_party/boringssl/include/openssl/asn1.h deleted file mode 100644 index 4baf81c6bdc442..00000000000000 --- a/third_party/boringssl/include/openssl/asn1.h +++ /dev/null @@ -1,1234 +0,0 @@ -/* crypto/asn1/asn1.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_ASN1_H -#define HEADER_ASN1_H - -#include - -#include - -#include -#include - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define V_ASN1_UNIVERSAL 0x00 -#define V_ASN1_APPLICATION 0x40 -#define V_ASN1_CONTEXT_SPECIFIC 0x80 -#define V_ASN1_PRIVATE 0xc0 - -#define V_ASN1_CONSTRUCTED 0x20 -#define V_ASN1_PRIMITIVE_TAG 0x1f -#define V_ASN1_PRIMATIVE_TAG 0x1f - -#define V_ASN1_APP_CHOOSE -2 /* let the recipient choose */ -#define V_ASN1_OTHER -3 /* used in ASN1_TYPE */ -#define V_ASN1_ANY -4 /* used in ASN1 template code */ - -#define V_ASN1_NEG 0x100 /* negative flag */ - -#define V_ASN1_UNDEF -1 -#define V_ASN1_EOC 0 -#define V_ASN1_BOOLEAN 1 /**/ -#define V_ASN1_INTEGER 2 -#define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG) -#define V_ASN1_BIT_STRING 3 -#define V_ASN1_OCTET_STRING 4 -#define V_ASN1_NULL 5 -#define V_ASN1_OBJECT 6 -#define V_ASN1_OBJECT_DESCRIPTOR 7 -#define V_ASN1_EXTERNAL 8 -#define V_ASN1_REAL 9 -#define V_ASN1_ENUMERATED 10 -#define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG) -#define V_ASN1_UTF8STRING 12 -#define V_ASN1_SEQUENCE 16 -#define V_ASN1_SET 17 -#define V_ASN1_NUMERICSTRING 18 /**/ -#define V_ASN1_PRINTABLESTRING 19 -#define V_ASN1_T61STRING 20 -#define V_ASN1_TELETEXSTRING 20 /* alias */ -#define V_ASN1_VIDEOTEXSTRING 21 /**/ -#define V_ASN1_IA5STRING 22 -#define V_ASN1_UTCTIME 23 -#define V_ASN1_GENERALIZEDTIME 24 /**/ -#define V_ASN1_GRAPHICSTRING 25 /**/ -#define V_ASN1_ISO64STRING 26 /**/ -#define V_ASN1_VISIBLESTRING 26 /* alias */ -#define V_ASN1_GENERALSTRING 27 /**/ -#define V_ASN1_UNIVERSALSTRING 28 /**/ -#define V_ASN1_BMPSTRING 30 - -/* For use with d2i_ASN1_type_bytes() */ -#define B_ASN1_NUMERICSTRING 0x0001 -#define B_ASN1_PRINTABLESTRING 0x0002 -#define B_ASN1_T61STRING 0x0004 -#define B_ASN1_TELETEXSTRING 0x0004 -#define B_ASN1_VIDEOTEXSTRING 0x0008 -#define B_ASN1_IA5STRING 0x0010 -#define B_ASN1_GRAPHICSTRING 0x0020 -#define B_ASN1_ISO64STRING 0x0040 -#define B_ASN1_VISIBLESTRING 0x0040 -#define B_ASN1_GENERALSTRING 0x0080 -#define B_ASN1_UNIVERSALSTRING 0x0100 -#define B_ASN1_OCTET_STRING 0x0200 -#define B_ASN1_BIT_STRING 0x0400 -#define B_ASN1_BMPSTRING 0x0800 -#define B_ASN1_UNKNOWN 0x1000 -#define B_ASN1_UTF8STRING 0x2000 -#define B_ASN1_UTCTIME 0x4000 -#define B_ASN1_GENERALIZEDTIME 0x8000 -#define B_ASN1_SEQUENCE 0x10000 - -/* For use with ASN1_mbstring_copy() */ -#define MBSTRING_FLAG 0x1000 -#define MBSTRING_UTF8 (MBSTRING_FLAG) -#define MBSTRING_ASC (MBSTRING_FLAG|1) -#define MBSTRING_BMP (MBSTRING_FLAG|2) -#define MBSTRING_UNIV (MBSTRING_FLAG|4) - -#define SMIME_OLDMIME 0x400 -#define SMIME_CRLFEOL 0x800 -#define SMIME_STREAM 0x1000 - -#define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */ -#define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */ - -/* We MUST make sure that, except for constness, asn1_ctx_st and - asn1_const_ctx are exactly the same. Fortunately, as soon as - the old ASN1 parsing macros are gone, we can throw this away - as well... */ -typedef struct asn1_ctx_st - { - unsigned char *p;/* work char pointer */ - int eos; /* end of sequence read for indefinite encoding */ - int error; /* error code to use when returning an error */ - int inf; /* constructed if 0x20, indefinite is 0x21 */ - int tag; /* tag from last 'get object' */ - int xclass; /* class from last 'get object' */ - long slen; /* length of last 'get object' */ - unsigned char *max; /* largest value of p allowed */ - unsigned char *q;/* temporary variable */ - unsigned char **pp;/* variable */ - int line; /* used in error processing */ - } ASN1_CTX; - -typedef struct asn1_const_ctx_st - { - const unsigned char *p;/* work char pointer */ - int eos; /* end of sequence read for indefinite encoding */ - int error; /* error code to use when returning an error */ - int inf; /* constructed if 0x20, indefinite is 0x21 */ - int tag; /* tag from last 'get object' */ - int xclass; /* class from last 'get object' */ - long slen; /* length of last 'get object' */ - const unsigned char *max; /* largest value of p allowed */ - const unsigned char *q;/* temporary variable */ - const unsigned char **pp;/* variable */ - int line; /* used in error processing */ - } ASN1_const_CTX; - -/* These are used internally in the ASN1_OBJECT to keep track of - * whether the names and data need to be free()ed */ -#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */ -#define ASN1_OBJECT_FLAG_CRITICAL 0x02 /* critical x509v3 object id */ -#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 /* internal use */ -#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */ -struct asn1_object_st - { - const char *sn,*ln; - int nid; - int length; - const unsigned char *data; /* data remains const after init */ - int flags; /* Should we free this one */ - }; - -#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */ -/* This indicates that the ASN1_STRING is not a real value but just a place - * holder for the location where indefinite length constructed data should - * be inserted in the memory buffer - */ -#define ASN1_STRING_FLAG_NDEF 0x010 - -/* This flag is used by the CMS code to indicate that a string is not - * complete and is a place holder for content when it had all been - * accessed. The flag will be reset when content has been written to it. - */ - -#define ASN1_STRING_FLAG_CONT 0x020 -/* This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING - * type. - */ -#define ASN1_STRING_FLAG_MSTRING 0x040 -/* This is the base type that holds just about everything :-) */ -struct asn1_string_st - { - int length; - int type; - unsigned char *data; - /* The value of the following field depends on the type being - * held. It is mostly being used for BIT_STRING so if the - * input data has a non-zero 'unused bits' value, it will be - * handled correctly */ - long flags; - }; - -/* ASN1_ENCODING structure: this is used to save the received - * encoding of an ASN1 type. This is useful to get round - * problems with invalid encodings which can break signatures. - */ - -typedef struct ASN1_ENCODING_st - { - unsigned char *enc; /* DER encoding */ - long len; /* Length of encoding */ - int modified; /* set to 1 if 'enc' is invalid */ - } ASN1_ENCODING; - -/* Used with ASN1 LONG type: if a long is set to this it is omitted */ -#define ASN1_LONG_UNDEF 0x7fffffffL - -#define STABLE_FLAGS_MALLOC 0x01 -#define STABLE_NO_MASK 0x02 -#define DIRSTRING_TYPE \ - (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING) -#define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING) - -typedef struct asn1_string_table_st { - int nid; - long minsize; - long maxsize; - unsigned long mask; - unsigned long flags; -} ASN1_STRING_TABLE; - -/* size limits: this stuff is taken straight from RFC2459 */ - -#define ub_name 32768 -#define ub_common_name 64 -#define ub_locality_name 128 -#define ub_state_name 128 -#define ub_organization_name 64 -#define ub_organization_unit_name 64 -#define ub_title 64 -#define ub_email_address 128 - -/* Declarations for template structures: for full definitions - * see asn1t.h - */ -typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE; -typedef struct ASN1_TLC_st ASN1_TLC; -/* This is just an opaque pointer */ -typedef struct ASN1_VALUE_st ASN1_VALUE; - -/* Declare ASN1 functions: the implement macro in in asn1t.h */ - -#define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type) - -#define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \ - DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type) - -#define DECLARE_ASN1_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) - -#define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \ - DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) - -#define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \ - OPENSSL_EXPORT type *d2i_##name(type **a, const unsigned char **in, long len); \ - OPENSSL_EXPORT int i2d_##name(type *a, unsigned char **out); \ - DECLARE_ASN1_ITEM(itname) - -#define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \ - OPENSSL_EXPORT type *d2i_##name(type **a, const unsigned char **in, long len); \ - OPENSSL_EXPORT int i2d_##name(const type *a, unsigned char **out); \ - DECLARE_ASN1_ITEM(name) - -#define DECLARE_ASN1_NDEF_FUNCTION(name) \ - OPENSSL_EXPORT int i2d_##name##_NDEF(name *a, unsigned char **out); - -#define DECLARE_ASN1_FUNCTIONS_const(name) \ - DECLARE_ASN1_ALLOC_FUNCTIONS(name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name) - -#define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ - OPENSSL_EXPORT type *name##_new(void); \ - OPENSSL_EXPORT void name##_free(type *a); - -#define DECLARE_ASN1_PRINT_FUNCTION(stname) \ - DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname) - -#define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \ - OPENSSL_EXPORT int fname##_print_ctx(BIO *out, stname *x, int indent, \ - const ASN1_PCTX *pctx); - -#define D2I_OF(type) type *(*)(type **,const unsigned char **,long) -#define I2D_OF(type) int (*)(type *,unsigned char **) -#define I2D_OF_const(type) int (*)(const type *,unsigned char **) - -#define CHECKED_D2I_OF(type, d2i) \ - ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0))) -#define CHECKED_I2D_OF(type, i2d) \ - ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0))) -#define CHECKED_NEW_OF(type, xnew) \ - ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0))) -#define CHECKED_PPTR_OF(type, p) \ - ((void**) (1 ? p : (type**)0)) - -#define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long) -#define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(const type *,unsigned char **) -#define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type) - -TYPEDEF_D2I2D_OF(void); - -/* The following macros and typedefs allow an ASN1_ITEM - * to be embedded in a structure and referenced. Since - * the ASN1_ITEM pointers need to be globally accessible - * (possibly from shared libraries) they may exist in - * different forms. On platforms that support it the - * ASN1_ITEM structure itself will be globally exported. - * Other platforms will export a function that returns - * an ASN1_ITEM pointer. - * - * To handle both cases transparently the macros below - * should be used instead of hard coding an ASN1_ITEM - * pointer in a structure. - * - * The structure will look like this: - * - * typedef struct SOMETHING_st { - * ... - * ASN1_ITEM_EXP *iptr; - * ... - * } SOMETHING; - * - * It would be initialised as e.g.: - * - * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...}; - * - * and the actual pointer extracted with: - * - * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr); - * - * Finally an ASN1_ITEM pointer can be extracted from an - * appropriate reference with: ASN1_ITEM_rptr(X509). This - * would be used when a function takes an ASN1_ITEM * argument. - * - */ - -/* ASN1_ITEM pointer exported type */ -typedef const ASN1_ITEM ASN1_ITEM_EXP; - -/* Macro to obtain ASN1_ITEM pointer from exported type */ -#define ASN1_ITEM_ptr(iptr) (iptr) - -/* Macro to include ASN1_ITEM pointer from base type */ -#define ASN1_ITEM_ref(iptr) (&(iptr##_it)) - -#define ASN1_ITEM_rptr(ref) (&(ref##_it)) - -#define DECLARE_ASN1_ITEM(name) \ - extern OPENSSL_EXPORT const ASN1_ITEM name##_it; - -/* Parameters used by ASN1_STRING_print_ex() */ - -/* These determine which characters to escape: - * RFC2253 special characters, control characters and - * MSB set characters - */ - -#define ASN1_STRFLGS_ESC_2253 1 -#define ASN1_STRFLGS_ESC_CTRL 2 -#define ASN1_STRFLGS_ESC_MSB 4 - - -/* This flag determines how we do escaping: normally - * RC2253 backslash only, set this to use backslash and - * quote. - */ - -#define ASN1_STRFLGS_ESC_QUOTE 8 - - -/* These three flags are internal use only. */ - -/* Character is a valid PrintableString character */ -#define CHARTYPE_PRINTABLESTRING 0x10 -/* Character needs escaping if it is the first character */ -#define CHARTYPE_FIRST_ESC_2253 0x20 -/* Character needs escaping if it is the last character */ -#define CHARTYPE_LAST_ESC_2253 0x40 - -/* NB the internal flags are safely reused below by flags - * handled at the top level. - */ - -/* If this is set we convert all character strings - * to UTF8 first - */ - -#define ASN1_STRFLGS_UTF8_CONVERT 0x10 - -/* If this is set we don't attempt to interpret content: - * just assume all strings are 1 byte per character. This - * will produce some pretty odd looking output! - */ - -#define ASN1_STRFLGS_IGNORE_TYPE 0x20 - -/* If this is set we include the string type in the output */ -#define ASN1_STRFLGS_SHOW_TYPE 0x40 - -/* This determines which strings to display and which to - * 'dump' (hex dump of content octets or DER encoding). We can - * only dump non character strings or everything. If we - * don't dump 'unknown' they are interpreted as character - * strings with 1 octet per character and are subject to - * the usual escaping options. - */ - -#define ASN1_STRFLGS_DUMP_ALL 0x80 -#define ASN1_STRFLGS_DUMP_UNKNOWN 0x100 - -/* These determine what 'dumping' does, we can dump the - * content octets or the DER encoding: both use the - * RFC2253 #XXXXX notation. - */ - -#define ASN1_STRFLGS_DUMP_DER 0x200 - -/* All the string flags consistent with RFC2253, - * escaping control characters isn't essential in - * RFC2253 but it is advisable anyway. - */ - -#define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \ - ASN1_STRFLGS_ESC_CTRL | \ - ASN1_STRFLGS_ESC_MSB | \ - ASN1_STRFLGS_UTF8_CONVERT | \ - ASN1_STRFLGS_DUMP_UNKNOWN | \ - ASN1_STRFLGS_DUMP_DER) - -DECLARE_ASN1_SET_OF(ASN1_INTEGER) - -typedef struct asn1_type_st - { - int type; - union { - char *ptr; - ASN1_BOOLEAN boolean; - ASN1_STRING * asn1_string; - ASN1_OBJECT * object; - ASN1_INTEGER * integer; - ASN1_ENUMERATED * enumerated; - ASN1_BIT_STRING * bit_string; - ASN1_OCTET_STRING * octet_string; - ASN1_PRINTABLESTRING * printablestring; - ASN1_T61STRING * t61string; - ASN1_IA5STRING * ia5string; - ASN1_GENERALSTRING * generalstring; - ASN1_BMPSTRING * bmpstring; - ASN1_UNIVERSALSTRING * universalstring; - ASN1_UTCTIME * utctime; - ASN1_GENERALIZEDTIME * generalizedtime; - ASN1_VISIBLESTRING * visiblestring; - ASN1_UTF8STRING * utf8string; - /* set and sequence are left complete and still - * contain the set or sequence bytes */ - ASN1_STRING * set; - ASN1_STRING * sequence; - ASN1_VALUE * asn1_value; - } value; - } ASN1_TYPE; - -DECLARE_ASN1_SET_OF(ASN1_TYPE) - -typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY; - -DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY) -DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY) - -struct X509_algor_st - { - ASN1_OBJECT *algorithm; - ASN1_TYPE *parameter; - } /* X509_ALGOR */; -DEFINE_STACK_OF(X509_ALGOR); - -DECLARE_ASN1_FUNCTIONS(X509_ALGOR) - -typedef struct NETSCAPE_X509_st - { - ASN1_OCTET_STRING *header; - X509 *cert; - } NETSCAPE_X509; - -/* This is used to contain a list of bit names */ -typedef struct BIT_STRING_BITNAME_st { - int bitnum; - const char *lname; - const char *sname; -} BIT_STRING_BITNAME; - - -#define M_ASN1_STRING_length(x) ((x)->length) -#define M_ASN1_STRING_length_set(x, n) ((x)->length = (n)) -#define M_ASN1_STRING_type(x) ((x)->type) -#define M_ASN1_STRING_data(x) ((x)->data) - -/* Macros for string operations */ -#define M_ASN1_BIT_STRING_new() (ASN1_BIT_STRING *)\ - ASN1_STRING_type_new(V_ASN1_BIT_STRING) -#define M_ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\ - ASN1_STRING_dup((const ASN1_STRING *)a) -#define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\ - (const ASN1_STRING *)a,(const ASN1_STRING *)b) -#define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c) - -#define M_ASN1_INTEGER_new() (ASN1_INTEGER *)\ - ASN1_STRING_type_new(V_ASN1_INTEGER) -#define M_ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)\ - ASN1_STRING_dup((const ASN1_STRING *)a) -#define M_ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\ - (const ASN1_STRING *)a,(const ASN1_STRING *)b) - -#define M_ASN1_ENUMERATED_new() (ASN1_ENUMERATED *)\ - ASN1_STRING_type_new(V_ASN1_ENUMERATED) -#define M_ASN1_ENUMERATED_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)\ - ASN1_STRING_dup((const ASN1_STRING *)a) -#define M_ASN1_ENUMERATED_cmp(a,b) ASN1_STRING_cmp(\ - (const ASN1_STRING *)a,(const ASN1_STRING *)b) - -#define M_ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\ - ASN1_STRING_type_new(V_ASN1_OCTET_STRING) -#define M_ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\ - ASN1_STRING_dup((const ASN1_STRING *)a) -#define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\ - (const ASN1_STRING *)a,(const ASN1_STRING *)b) -#define M_ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c) -#define M_ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b) -#define M_i2d_ASN1_OCTET_STRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\ - V_ASN1_UNIVERSAL) - -#define B_ASN1_TIME \ - B_ASN1_UTCTIME | \ - B_ASN1_GENERALIZEDTIME - -#define B_ASN1_PRINTABLE \ - B_ASN1_NUMERICSTRING| \ - B_ASN1_PRINTABLESTRING| \ - B_ASN1_T61STRING| \ - B_ASN1_IA5STRING| \ - B_ASN1_BIT_STRING| \ - B_ASN1_UNIVERSALSTRING|\ - B_ASN1_BMPSTRING|\ - B_ASN1_UTF8STRING|\ - B_ASN1_SEQUENCE|\ - B_ASN1_UNKNOWN - -#define B_ASN1_DIRECTORYSTRING \ - B_ASN1_PRINTABLESTRING| \ - B_ASN1_TELETEXSTRING|\ - B_ASN1_BMPSTRING|\ - B_ASN1_UNIVERSALSTRING|\ - B_ASN1_UTF8STRING - -#define B_ASN1_DISPLAYTEXT \ - B_ASN1_IA5STRING| \ - B_ASN1_VISIBLESTRING| \ - B_ASN1_BMPSTRING|\ - B_ASN1_UTF8STRING - -#define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING) -#define M_ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ - pp,a->type,V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_PRINTABLE(a,pp,l) \ - d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ - B_ASN1_PRINTABLE) - -#define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING) -#define M_DIRECTORYSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ - pp,a->type,V_ASN1_UNIVERSAL) -#define M_d2i_DIRECTORYSTRING(a,pp,l) \ - d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ - B_ASN1_DIRECTORYSTRING) - -#define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING) -#define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ - pp,a->type,V_ASN1_UNIVERSAL) -#define M_d2i_DISPLAYTEXT(a,pp,l) \ - d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ - B_ASN1_DISPLAYTEXT) - -#define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\ - ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING) -#define M_ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_PRINTABLESTRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\ - V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \ - (ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING) - -#define M_ASN1_T61STRING_new() (ASN1_T61STRING *)\ - ASN1_STRING_type_new(V_ASN1_T61STRING) -#define M_ASN1_T61STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_T61STRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\ - V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_T61STRING(a,pp,l) \ - (ASN1_T61STRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING) - -#define M_ASN1_IA5STRING_new() (ASN1_IA5STRING *)\ - ASN1_STRING_type_new(V_ASN1_IA5STRING) -#define M_ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_IA5STRING_dup(a) \ - (ASN1_IA5STRING *)ASN1_STRING_dup((const ASN1_STRING *)a) -#define M_i2d_ASN1_IA5STRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\ - V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_IA5STRING(a,pp,l) \ - (ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\ - B_ASN1_IA5STRING) - -#define M_ASN1_UTCTIME_new() (ASN1_UTCTIME *)\ - ASN1_STRING_type_new(V_ASN1_UTCTIME) -#define M_ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)\ - ASN1_STRING_dup((const ASN1_STRING *)a) - -#define M_ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\ - ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME) -#define M_ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\ - (const ASN1_STRING *)a) - -#define M_ASN1_TIME_new() (ASN1_TIME *)\ - ASN1_STRING_type_new(V_ASN1_UTCTIME) -#define M_ASN1_TIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_TIME_dup(a) (ASN1_TIME *)\ - ASN1_STRING_dup((const ASN1_STRING *)a) - -#define M_ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\ - ASN1_STRING_type_new(V_ASN1_GENERALSTRING) -#define M_ASN1_GENERALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_GENERALSTRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\ - V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_GENERALSTRING(a,pp,l) \ - (ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING) - -#define M_ASN1_UNIVERSALSTRING_new() (ASN1_UNIVERSALSTRING *)\ - ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING) -#define M_ASN1_UNIVERSALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\ - V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \ - (ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING) - -#define M_ASN1_BMPSTRING_new() (ASN1_BMPSTRING *)\ - ASN1_STRING_type_new(V_ASN1_BMPSTRING) -#define M_ASN1_BMPSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_BMPSTRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\ - V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_BMPSTRING(a,pp,l) \ - (ASN1_BMPSTRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING) - -#define M_ASN1_VISIBLESTRING_new() (ASN1_VISIBLESTRING *)\ - ASN1_STRING_type_new(V_ASN1_VISIBLESTRING) -#define M_ASN1_VISIBLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_VISIBLESTRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_VISIBLESTRING,\ - V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_VISIBLESTRING(a,pp,l) \ - (ASN1_VISIBLESTRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_VISIBLESTRING) - -#define M_ASN1_UTF8STRING_new() (ASN1_UTF8STRING *)\ - ASN1_STRING_type_new(V_ASN1_UTF8STRING) -#define M_ASN1_UTF8STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_UTF8STRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UTF8STRING,\ - V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_UTF8STRING(a,pp,l) \ - (ASN1_UTF8STRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_UTF8STRING) - - /* for the is_set parameter to i2d_ASN1_SET */ -#define IS_SEQUENCE 0 -#define IS_SET 1 - -DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE) - -OPENSSL_EXPORT int ASN1_TYPE_get(ASN1_TYPE *a); -OPENSSL_EXPORT void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value); -OPENSSL_EXPORT int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value); -OPENSSL_EXPORT int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b); - -OPENSSL_EXPORT ASN1_OBJECT * ASN1_OBJECT_new(void ); -OPENSSL_EXPORT void ASN1_OBJECT_free(ASN1_OBJECT *a); -OPENSSL_EXPORT int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp); -OPENSSL_EXPORT ASN1_OBJECT * c2i_ASN1_OBJECT(ASN1_OBJECT **a,const unsigned char **pp, - long length); -OPENSSL_EXPORT ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,const unsigned char **pp, - long length); - -DECLARE_ASN1_ITEM(ASN1_OBJECT) - -DECLARE_ASN1_SET_OF(ASN1_OBJECT) - -OPENSSL_EXPORT ASN1_STRING * ASN1_STRING_new(void); -OPENSSL_EXPORT void ASN1_STRING_free(ASN1_STRING *a); -OPENSSL_EXPORT int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str); -OPENSSL_EXPORT ASN1_STRING * ASN1_STRING_dup(const ASN1_STRING *a); -OPENSSL_EXPORT ASN1_STRING * ASN1_STRING_type_new(int type ); -OPENSSL_EXPORT int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b); - /* Since this is used to store all sorts of things, via macros, for now, make - its data void * */ -OPENSSL_EXPORT int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len); -OPENSSL_EXPORT void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len); -OPENSSL_EXPORT int ASN1_STRING_length(const ASN1_STRING *x); -OPENSSL_EXPORT void ASN1_STRING_length_set(ASN1_STRING *x, int n); -OPENSSL_EXPORT int ASN1_STRING_type(ASN1_STRING *x); -OPENSSL_EXPORT unsigned char * ASN1_STRING_data(ASN1_STRING *x); - -DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING) -OPENSSL_EXPORT int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp); -OPENSSL_EXPORT ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,const unsigned char **pp, long length); -OPENSSL_EXPORT int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length ); -OPENSSL_EXPORT int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value); -OPENSSL_EXPORT int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n); -OPENSSL_EXPORT int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a, unsigned char *flags, int flags_len); - -OPENSSL_EXPORT int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs, BIT_STRING_BITNAME *tbl, int indent); -OPENSSL_EXPORT int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl); -OPENSSL_EXPORT int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value, BIT_STRING_BITNAME *tbl); - -OPENSSL_EXPORT int i2d_ASN1_BOOLEAN(int a,unsigned char **pp); -OPENSSL_EXPORT int d2i_ASN1_BOOLEAN(int *a,const unsigned char **pp,long length); - -DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER) -OPENSSL_EXPORT int i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp); -OPENSSL_EXPORT ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,const unsigned char **pp, long length); -OPENSSL_EXPORT ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,const unsigned char **pp, long length); -OPENSSL_EXPORT ASN1_INTEGER * ASN1_INTEGER_dup(const ASN1_INTEGER *x); -OPENSSL_EXPORT int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y); - -DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED) - -OPENSSL_EXPORT int ASN1_UTCTIME_check(const ASN1_UTCTIME *a); -OPENSSL_EXPORT ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t); -OPENSSL_EXPORT ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, int offset_day, long offset_sec); -OPENSSL_EXPORT int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str); -OPENSSL_EXPORT int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t); -#if 0 -time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s); -#endif - -OPENSSL_EXPORT int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *a); -OPENSSL_EXPORT ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t); -OPENSSL_EXPORT ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, time_t t, int offset_day, long offset_sec); -OPENSSL_EXPORT int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str); -OPENSSL_EXPORT int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from, const ASN1_TIME *to); - -DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING) -OPENSSL_EXPORT ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a); -OPENSSL_EXPORT int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, const ASN1_OCTET_STRING *b); -OPENSSL_EXPORT int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, int len); - -DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING) -DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING) -DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING) -DECLARE_ASN1_FUNCTIONS(ASN1_NULL) -DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING) - -OPENSSL_EXPORT int UTF8_getc(const unsigned char *str, int len, unsigned long *val); -OPENSSL_EXPORT int UTF8_putc(unsigned char *str, int len, unsigned long value); - -DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE) - -DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING) -DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT) -DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING) -DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING) -DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING) -DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING) -DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME) -DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME) -DECLARE_ASN1_FUNCTIONS(ASN1_TIME) - -DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF) - -OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t); -OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s,time_t t, int offset_day, long offset_sec); -OPENSSL_EXPORT int ASN1_TIME_check(ASN1_TIME *t); -OPENSSL_EXPORT ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out); -OPENSSL_EXPORT int ASN1_TIME_set_string(ASN1_TIME *s, const char *str); - -OPENSSL_EXPORT int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp, i2d_of_void *i2d, int ex_tag, int ex_class, int is_set); -OPENSSL_EXPORT STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a, - const unsigned char **pp, - long length, d2i_of_void *d2i, - void (*free_func)(OPENSSL_BLOCK), int ex_tag, - int ex_class); - -OPENSSL_EXPORT int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a); -OPENSSL_EXPORT int a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size); -OPENSSL_EXPORT int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a); -OPENSSL_EXPORT int a2i_ASN1_ENUMERATED(BIO *bp,ASN1_ENUMERATED *bs,char *buf,int size); -OPENSSL_EXPORT int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *a); -OPENSSL_EXPORT int a2i_ASN1_STRING(BIO *bp,ASN1_STRING *bs,char *buf,int size); -OPENSSL_EXPORT int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type); -OPENSSL_EXPORT int i2t_ASN1_OBJECT(char *buf,int buf_len,ASN1_OBJECT *a); - -OPENSSL_EXPORT int a2d_ASN1_OBJECT(unsigned char *out,int olen, const char *buf, int num); -OPENSSL_EXPORT ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len, const char *sn, const char *ln); - -OPENSSL_EXPORT int ASN1_INTEGER_set(ASN1_INTEGER *a, long v); -OPENSSL_EXPORT long ASN1_INTEGER_get(const ASN1_INTEGER *a); -OPENSSL_EXPORT ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai); -OPENSSL_EXPORT BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai,BIGNUM *bn); - -OPENSSL_EXPORT int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v); -OPENSSL_EXPORT long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a); -OPENSSL_EXPORT ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai); -OPENSSL_EXPORT BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai,BIGNUM *bn); - -/* General */ -/* given a string, return the correct type, max is the maximum length */ -OPENSSL_EXPORT int ASN1_PRINTABLE_type(const unsigned char *s, int max); - -OPENSSL_EXPORT int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass); -OPENSSL_EXPORT ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, long length, int Ptag, int Pclass); -OPENSSL_EXPORT unsigned long ASN1_tag2bit(int tag); -/* type is one or more of the B_ASN1_ values. */ -OPENSSL_EXPORT ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,const unsigned char **pp, long length,int type); - -/* PARSING */ -OPENSSL_EXPORT int asn1_Finish(ASN1_CTX *c); -OPENSSL_EXPORT int asn1_const_Finish(ASN1_const_CTX *c); - -/* SPECIALS */ -OPENSSL_EXPORT int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, int *pclass, long omax); -OPENSSL_EXPORT int ASN1_check_infinite_end(unsigned char **p,long len); -OPENSSL_EXPORT int ASN1_const_check_infinite_end(const unsigned char **p,long len); -OPENSSL_EXPORT void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag, int xclass); -OPENSSL_EXPORT int ASN1_put_eoc(unsigned char **pp); -OPENSSL_EXPORT int ASN1_object_size(int constructed, int length, int tag); - -/* Used to implement other functions */ -OPENSSL_EXPORT void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x); - -#define ASN1_dup_of(type,i2d,d2i,x) \ - ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \ - CHECKED_D2I_OF(type, d2i), \ - CHECKED_PTR_OF(type, x))) - -#define ASN1_dup_of_const(type,i2d,d2i,x) \ - ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \ - CHECKED_D2I_OF(type, d2i), \ - CHECKED_PTR_OF(const type, x))) - -OPENSSL_EXPORT void *ASN1_item_dup(const ASN1_ITEM *it, void *x); - -/* ASN1 alloc/free macros for when a type is only used internally */ - -#define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type)) -#define M_ASN1_free_of(x, type) \ - ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type)) - -#ifndef OPENSSL_NO_FP_API -OPENSSL_EXPORT void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x); - -#define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \ - ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \ - CHECKED_D2I_OF(type, d2i), \ - in, \ - CHECKED_PPTR_OF(type, x))) - -OPENSSL_EXPORT void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x); -OPENSSL_EXPORT int ASN1_i2d_fp(i2d_of_void *i2d,FILE *out,void *x); - -#define ASN1_i2d_fp_of(type,i2d,out,x) \ - (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \ - out, \ - CHECKED_PTR_OF(type, x))) - -#define ASN1_i2d_fp_of_const(type,i2d,out,x) \ - (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \ - out, \ - CHECKED_PTR_OF(const type, x))) - -OPENSSL_EXPORT int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x); -OPENSSL_EXPORT int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags); -#endif - -OPENSSL_EXPORT int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in); - -OPENSSL_EXPORT void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x); - -#define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \ - ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \ - CHECKED_D2I_OF(type, d2i), \ - in, \ - CHECKED_PPTR_OF(type, x))) - -OPENSSL_EXPORT void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x); -OPENSSL_EXPORT int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, unsigned char *x); - -#define ASN1_i2d_bio_of(type,i2d,out,x) \ - (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \ - out, \ - CHECKED_PTR_OF(type, x))) - -#define ASN1_i2d_bio_of_const(type,i2d,out,x) \ - (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \ - out, \ - CHECKED_PTR_OF(const type, x))) - -OPENSSL_EXPORT int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x); -OPENSSL_EXPORT int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a); -OPENSSL_EXPORT int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a); -OPENSSL_EXPORT int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a); -OPENSSL_EXPORT int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v); -OPENSSL_EXPORT int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags); -OPENSSL_EXPORT int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num, unsigned char *buf, int off); -OPENSSL_EXPORT int ASN1_parse(BIO *bp,const unsigned char *pp,long len,int indent); -OPENSSL_EXPORT int ASN1_parse_dump(BIO *bp,const unsigned char *pp,long len,int indent,int dump); -OPENSSL_EXPORT const char *ASN1_tag2str(int tag); - -/* Used to load and write netscape format cert */ - -DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509) - -int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s); - -OPENSSL_EXPORT STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len, d2i_of_void *d2i, void (*free_func)(OPENSSL_BLOCK)); -OPENSSL_EXPORT unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d, unsigned char **buf, int *len ); -OPENSSL_EXPORT void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i); -OPENSSL_EXPORT void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it); -OPENSSL_EXPORT ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_OCTET_STRING **oct); - -#define ASN1_pack_string_of(type,obj,i2d,oct) \ - (ASN1_pack_string(CHECKED_PTR_OF(type, obj), \ - CHECKED_I2D_OF(type, i2d), \ - oct)) - -OPENSSL_EXPORT ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct); - -OPENSSL_EXPORT void ASN1_STRING_set_default_mask(unsigned long mask); -OPENSSL_EXPORT int ASN1_STRING_set_default_mask_asc(const char *p); -OPENSSL_EXPORT unsigned long ASN1_STRING_get_default_mask(void); -OPENSSL_EXPORT int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len, int inform, unsigned long mask); -OPENSSL_EXPORT int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, int inform, unsigned long mask, long minsize, long maxsize); - -OPENSSL_EXPORT ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in, int inlen, int inform, int nid); -OPENSSL_EXPORT ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid); -OPENSSL_EXPORT int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long); -OPENSSL_EXPORT void ASN1_STRING_TABLE_cleanup(void); - -/* ASN1 template functions */ - -/* Old API compatible functions */ -OPENSSL_EXPORT ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it); -OPENSSL_EXPORT void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it); -OPENSSL_EXPORT ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it); -OPENSSL_EXPORT int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); -OPENSSL_EXPORT int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); - -OPENSSL_EXPORT void ASN1_add_oid_module(void); - -OPENSSL_EXPORT ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf); -OPENSSL_EXPORT ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf); - -/* ASN1 Print flags */ - -/* Indicate missing OPTIONAL fields */ -#define ASN1_PCTX_FLAGS_SHOW_ABSENT 0x001 -/* Mark start and end of SEQUENCE */ -#define ASN1_PCTX_FLAGS_SHOW_SEQUENCE 0x002 -/* Mark start and end of SEQUENCE/SET OF */ -#define ASN1_PCTX_FLAGS_SHOW_SSOF 0x004 -/* Show the ASN1 type of primitives */ -#define ASN1_PCTX_FLAGS_SHOW_TYPE 0x008 -/* Don't show ASN1 type of ANY */ -#define ASN1_PCTX_FLAGS_NO_ANY_TYPE 0x010 -/* Don't show ASN1 type of MSTRINGs */ -#define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE 0x020 -/* Don't show field names in SEQUENCE */ -#define ASN1_PCTX_FLAGS_NO_FIELD_NAME 0x040 -/* Show structure names of each SEQUENCE field */ -#define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME 0x080 -/* Don't show structure name even at top level */ -#define ASN1_PCTX_FLAGS_NO_STRUCT_NAME 0x100 - -OPENSSL_EXPORT int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent, const ASN1_ITEM *it, const ASN1_PCTX *pctx); -OPENSSL_EXPORT ASN1_PCTX *ASN1_PCTX_new(void); -OPENSSL_EXPORT void ASN1_PCTX_free(ASN1_PCTX *p); -OPENSSL_EXPORT unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p); -OPENSSL_EXPORT void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags); -OPENSSL_EXPORT unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p); -OPENSSL_EXPORT void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags); -OPENSSL_EXPORT unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p); -OPENSSL_EXPORT void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags); -OPENSSL_EXPORT unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p); -OPENSSL_EXPORT void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags); -OPENSSL_EXPORT unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p); -OPENSSL_EXPORT void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags); - -OPENSSL_EXPORT const BIO_METHOD *BIO_f_asn1(void); - -OPENSSL_EXPORT BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it); - -OPENSSL_EXPORT int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, const ASN1_ITEM *it); -OPENSSL_EXPORT int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, const char *hdr, const ASN1_ITEM *it); -OPENSSL_EXPORT ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it); -OPENSSL_EXPORT int SMIME_crlf_copy(BIO *in, BIO *out, int flags); -OPENSSL_EXPORT int SMIME_text(BIO *in, BIO *out); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_ASN1_strings(void); - -typedef int asn1_ps_func(BIO *b, unsigned char **pbuf, int *plen, void *parg); -OPENSSL_EXPORT int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix, asn1_ps_func *prefix_free); -OPENSSL_EXPORT int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix, asn1_ps_func **pprefix_free); -OPENSSL_EXPORT int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix, asn1_ps_func *suffix_free); -OPENSSL_EXPORT int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix, asn1_ps_func **psuffix_free); - -#ifdef __cplusplus -} -#endif - -#define ASN1_F_ASN1_BIT_STRING_set_bit 100 -#define ASN1_F_ASN1_ENUMERATED_set 101 -#define ASN1_F_ASN1_ENUMERATED_to_BN 102 -#define ASN1_F_ASN1_GENERALIZEDTIME_adj 103 -#define ASN1_F_ASN1_INTEGER_set 104 -#define ASN1_F_ASN1_INTEGER_to_BN 105 -#define ASN1_F_ASN1_OBJECT_new 106 -#define ASN1_F_ASN1_PCTX_new 107 -#define ASN1_F_ASN1_STRING_TABLE_add 108 -#define ASN1_F_ASN1_STRING_set 109 -#define ASN1_F_ASN1_STRING_type_new 110 -#define ASN1_F_ASN1_TIME_adj 111 -#define ASN1_F_ASN1_UTCTIME_adj 112 -#define ASN1_F_ASN1_d2i_fp 113 -#define ASN1_F_ASN1_dup 114 -#define ASN1_F_ASN1_generate_v3 115 -#define ASN1_F_ASN1_get_object 116 -#define ASN1_F_ASN1_i2d_bio 117 -#define ASN1_F_ASN1_i2d_fp 118 -#define ASN1_F_ASN1_item_d2i_fp 119 -#define ASN1_F_ASN1_item_dup 120 -#define ASN1_F_ASN1_item_ex_d2i 121 -#define ASN1_F_ASN1_item_i2d_bio 122 -#define ASN1_F_ASN1_item_i2d_fp 123 -#define ASN1_F_ASN1_item_pack 124 -#define ASN1_F_ASN1_item_unpack 125 -#define ASN1_F_ASN1_mbstring_ncopy 126 -#define ASN1_F_ASN1_template_new 127 -#define ASN1_F_BIO_new_NDEF 128 -#define ASN1_F_BN_to_ASN1_ENUMERATED 129 -#define ASN1_F_BN_to_ASN1_INTEGER 130 -#define ASN1_F_a2d_ASN1_OBJECT 131 -#define ASN1_F_a2i_ASN1_ENUMERATED 132 -#define ASN1_F_a2i_ASN1_INTEGER 133 -#define ASN1_F_a2i_ASN1_STRING 134 -#define ASN1_F_append_exp 135 -#define ASN1_F_asn1_cb 136 -#define ASN1_F_asn1_check_tlen 137 -#define ASN1_F_asn1_collate_primitive 138 -#define ASN1_F_asn1_collect 139 -#define ASN1_F_asn1_d2i_ex_primitive 140 -#define ASN1_F_asn1_d2i_read_bio 141 -#define ASN1_F_asn1_do_adb 142 -#define ASN1_F_asn1_ex_c2i 143 -#define ASN1_F_asn1_find_end 144 -#define ASN1_F_asn1_item_ex_combine_new 145 -#define ASN1_F_asn1_str2type 146 -#define ASN1_F_asn1_template_ex_d2i 147 -#define ASN1_F_asn1_template_noexp_d2i 148 -#define ASN1_F_bitstr_cb 149 -#define ASN1_F_c2i_ASN1_BIT_STRING 150 -#define ASN1_F_c2i_ASN1_INTEGER 151 -#define ASN1_F_c2i_ASN1_OBJECT 152 -#define ASN1_F_collect_data 153 -#define ASN1_F_d2i_ASN1_BOOLEAN 154 -#define ASN1_F_d2i_ASN1_OBJECT 155 -#define ASN1_F_d2i_ASN1_UINTEGER 156 -#define ASN1_F_d2i_ASN1_UTCTIME 157 -#define ASN1_F_d2i_ASN1_bytes 158 -#define ASN1_F_d2i_ASN1_type_bytes 159 -#define ASN1_F_i2d_ASN1_TIME 160 -#define ASN1_F_i2d_PrivateKey 161 -#define ASN1_F_long_c2i 162 -#define ASN1_F_parse_tagging 163 -#define ASN1_R_ASN1_LENGTH_MISMATCH 100 -#define ASN1_R_AUX_ERROR 101 -#define ASN1_R_BAD_GET_ASN1_OBJECT_CALL 102 -#define ASN1_R_BAD_OBJECT_HEADER 103 -#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 104 -#define ASN1_R_BN_LIB 105 -#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106 -#define ASN1_R_BUFFER_TOO_SMALL 107 -#define ASN1_R_DECODE_ERROR 108 -#define ASN1_R_DEPTH_EXCEEDED 109 -#define ASN1_R_ENCODE_ERROR 110 -#define ASN1_R_ERROR_GETTING_TIME 111 -#define ASN1_R_EXPECTING_AN_ASN1_SEQUENCE 112 -#define ASN1_R_EXPECTING_AN_INTEGER 113 -#define ASN1_R_EXPECTING_AN_OBJECT 114 -#define ASN1_R_EXPECTING_A_BOOLEAN 115 -#define ASN1_R_EXPECTING_A_TIME 116 -#define ASN1_R_EXPLICIT_LENGTH_MISMATCH 117 -#define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 118 -#define ASN1_R_FIELD_MISSING 119 -#define ASN1_R_FIRST_NUM_TOO_LARGE 120 -#define ASN1_R_HEADER_TOO_LONG 121 -#define ASN1_R_ILLEGAL_BITSTRING_FORMAT 122 -#define ASN1_R_ILLEGAL_BOOLEAN 123 -#define ASN1_R_ILLEGAL_CHARACTERS 124 -#define ASN1_R_ILLEGAL_FORMAT 125 -#define ASN1_R_ILLEGAL_HEX 126 -#define ASN1_R_ILLEGAL_IMPLICIT_TAG 127 -#define ASN1_R_ILLEGAL_INTEGER 128 -#define ASN1_R_ILLEGAL_NESTED_TAGGING 129 -#define ASN1_R_ILLEGAL_NULL 130 -#define ASN1_R_ILLEGAL_NULL_VALUE 131 -#define ASN1_R_ILLEGAL_OBJECT 132 -#define ASN1_R_ILLEGAL_OPTIONAL_ANY 133 -#define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 134 -#define ASN1_R_ILLEGAL_TAGGED_ANY 135 -#define ASN1_R_ILLEGAL_TIME_VALUE 136 -#define ASN1_R_INTEGER_NOT_ASCII_FORMAT 137 -#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 138 -#define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 139 -#define ASN1_R_INVALID_BMPSTRING_LENGTH 140 -#define ASN1_R_INVALID_DIGIT 141 -#define ASN1_R_INVALID_MODIFIER 142 -#define ASN1_R_INVALID_NUMBER 143 -#define ASN1_R_INVALID_OBJECT_ENCODING 144 -#define ASN1_R_INVALID_SEPARATOR 145 -#define ASN1_R_INVALID_TIME_FORMAT 146 -#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 147 -#define ASN1_R_INVALID_UTF8STRING 148 -#define ASN1_R_LIST_ERROR 149 -#define ASN1_R_MALLOC_FAILURE 150 -#define ASN1_R_MISSING_ASN1_EOS 151 -#define ASN1_R_MISSING_EOC 152 -#define ASN1_R_MISSING_SECOND_NUMBER 153 -#define ASN1_R_MISSING_VALUE 154 -#define ASN1_R_MSTRING_NOT_UNIVERSAL 155 -#define ASN1_R_MSTRING_WRONG_TAG 156 -#define ASN1_R_NESTED_ASN1_ERROR 157 -#define ASN1_R_NESTED_ASN1_STRING 158 -#define ASN1_R_NON_HEX_CHARACTERS 159 -#define ASN1_R_NOT_ASCII_FORMAT 160 -#define ASN1_R_NOT_ENOUGH_DATA 161 -#define ASN1_R_NO_MATCHING_CHOICE_TYPE 162 -#define ASN1_R_NULL_IS_WRONG_LENGTH 163 -#define ASN1_R_OBJECT_NOT_ASCII_FORMAT 164 -#define ASN1_R_ODD_NUMBER_OF_CHARS 165 -#define ASN1_R_SECOND_NUMBER_TOO_LARGE 166 -#define ASN1_R_SEQUENCE_LENGTH_MISMATCH 167 -#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 168 -#define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 169 -#define ASN1_R_SHORT_LINE 170 -#define ASN1_R_STREAMING_NOT_SUPPORTED 171 -#define ASN1_R_STRING_TOO_LONG 172 -#define ASN1_R_STRING_TOO_SHORT 173 -#define ASN1_R_TAG_VALUE_TOO_HIGH 174 -#define ASN1_R_TIME_NOT_ASCII_FORMAT 175 -#define ASN1_R_TOO_LONG 176 -#define ASN1_R_TYPE_NOT_CONSTRUCTED 177 -#define ASN1_R_TYPE_NOT_PRIMITIVE 178 -#define ASN1_R_UNEXPECTED_EOC 179 -#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 180 -#define ASN1_R_UNKNOWN_FORMAT 181 -#define ASN1_R_UNKNOWN_TAG 182 -#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 183 -#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 184 -#define ASN1_R_UNSUPPORTED_TYPE 185 -#define ASN1_R_WRONG_TAG 186 -#define ASN1_R_WRONG_TYPE 187 - -#endif diff --git a/third_party/boringssl/include/openssl/asn1_mac.h b/third_party/boringssl/include/openssl/asn1_mac.h deleted file mode 100644 index 49b2a286b77020..00000000000000 --- a/third_party/boringssl/include/openssl/asn1_mac.h +++ /dev/null @@ -1,76 +0,0 @@ -/* crypto/asn1/asn1_mac.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_ASN1_MAC_H -#define HEADER_ASN1_MAC_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -OPENSSL_EXPORT int asn1_GetSequence(ASN1_const_CTX *c, long *length); - - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/third_party/boringssl/include/openssl/asn1t.h b/third_party/boringssl/include/openssl/asn1t.h deleted file mode 100644 index 0f2560b7156396..00000000000000 --- a/third_party/boringssl/include/openssl/asn1t.h +++ /dev/null @@ -1,907 +0,0 @@ -/* asn1t.h */ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#ifndef HEADER_ASN1T_H -#define HEADER_ASN1T_H - -#include -#include - -#ifdef OPENSSL_BUILD_SHLIBCRYPTO -# undef OPENSSL_EXTERN -# define OPENSSL_EXTERN OPENSSL_EXPORT -#endif - -/* ASN1 template defines, structures and functions */ - -#ifdef __cplusplus -extern "C" { -#endif - - -/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */ -#define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr)) - - -/* Macros for start and end of ASN1_ITEM definition */ - -#define ASN1_ITEM_start(itname) \ - const ASN1_ITEM itname##_it = { - -#define ASN1_ITEM_end(itname) \ - }; - -/* Macros to aid ASN1 template writing */ - -#define ASN1_ITEM_TEMPLATE(tname) \ - static const ASN1_TEMPLATE tname##_item_tt - -#define ASN1_ITEM_TEMPLATE_END(tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_PRIMITIVE,\ - -1,\ - &tname##_item_tt,\ - 0,\ - NULL,\ - 0,\ - #tname \ - ASN1_ITEM_end(tname) - - -/* This is a ASN1 type which just embeds a template */ - -/* This pair helps declare a SEQUENCE. We can do: - * - * ASN1_SEQUENCE(stname) = { - * ... SEQUENCE components ... - * } ASN1_SEQUENCE_END(stname) - * - * This will produce an ASN1_ITEM called stname_it - * for a structure called stname. - * - * If you want the same structure but a different - * name then use: - * - * ASN1_SEQUENCE(itname) = { - * ... SEQUENCE components ... - * } ASN1_SEQUENCE_END_name(stname, itname) - * - * This will create an item called itname_it using - * a structure called stname. - */ - -#define ASN1_SEQUENCE(tname) \ - static const ASN1_TEMPLATE tname##_seq_tt[] - -#define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname) - -#define ASN1_SEQUENCE_END_name(stname, tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -#define ASN1_NDEF_SEQUENCE(tname) \ - ASN1_SEQUENCE(tname) - -#define ASN1_NDEF_SEQUENCE_cb(tname, cb) \ - ASN1_SEQUENCE_cb(tname, cb) - -#define ASN1_SEQUENCE_cb(tname, cb) \ - static const ASN1_AUX tname##_aux = {NULL, 0, 0, cb, 0}; \ - ASN1_SEQUENCE(tname) - -#define ASN1_BROKEN_SEQUENCE(tname) \ - static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0}; \ - ASN1_SEQUENCE(tname) - -#define ASN1_SEQUENCE_ref(tname, cb) \ - static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), cb, 0}; \ - ASN1_SEQUENCE(tname) - -#define ASN1_SEQUENCE_enc(tname, enc, cb) \ - static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, cb, offsetof(tname, enc)}; \ - ASN1_SEQUENCE(tname) - -#define ASN1_NDEF_SEQUENCE_END(tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_NDEF_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(tname),\ - #tname \ - ASN1_ITEM_end(tname) - -#define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname) - -#define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname) - -#define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname) - -#define ASN1_SEQUENCE_END_ref(stname, tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - &tname##_aux,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -#define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_NDEF_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - &tname##_aux,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - - -/* This pair helps declare a CHOICE type. We can do: - * - * ASN1_CHOICE(chname) = { - * ... CHOICE options ... - * ASN1_CHOICE_END(chname) - * - * This will produce an ASN1_ITEM called chname_it - * for a structure called chname. The structure - * definition must look like this: - * typedef struct { - * int type; - * union { - * ASN1_SOMETHING *opt1; - * ASN1_SOMEOTHER *opt2; - * } value; - * } chname; - * - * the name of the selector must be 'type'. - * to use an alternative selector name use the - * ASN1_CHOICE_END_selector() version. - */ - -#define ASN1_CHOICE(tname) \ - static const ASN1_TEMPLATE tname##_ch_tt[] - -#define ASN1_CHOICE_cb(tname, cb) \ - static const ASN1_AUX tname##_aux = {NULL, 0, 0, cb, 0}; \ - ASN1_CHOICE(tname) - -#define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname) - -#define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type) - -#define ASN1_CHOICE_END_selector(stname, tname, selname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_CHOICE,\ - offsetof(stname,selname) ,\ - tname##_ch_tt,\ - sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -#define ASN1_CHOICE_END_cb(stname, tname, selname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_CHOICE,\ - offsetof(stname,selname) ,\ - tname##_ch_tt,\ - sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\ - &tname##_aux,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -/* This helps with the template wrapper form of ASN1_ITEM */ - -#define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \ - (flags), (tag), 0,\ - #name, ASN1_ITEM_ref(type) } - -/* These help with SEQUENCE or CHOICE components */ - -/* used to declare other types */ - -#define ASN1_EX_TYPE(flags, tag, stname, field, type) { \ - (flags), (tag), offsetof(stname, field),\ - #field, ASN1_ITEM_ref(type) } - -/* used when the structure is combined with the parent */ - -#define ASN1_EX_COMBINE(flags, tag, type) { \ - (flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) } - -/* implicit and explicit helper macros */ - -#define ASN1_IMP_EX(stname, field, type, tag, ex) \ - ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type) - -#define ASN1_EXP_EX(stname, field, type, tag, ex) \ - ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type) - -/* Any defined by macros: the field used is in the table itself */ - -#define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) } -#define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) } -/* Plain simple type */ -#define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type) - -/* OPTIONAL simple type */ -#define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type) - -/* IMPLICIT tagged simple type */ -#define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0) - -/* IMPLICIT tagged OPTIONAL simple type */ -#define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL) - -/* Same as above but EXPLICIT */ - -#define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0) -#define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL) - -/* SEQUENCE OF type */ -#define ASN1_SEQUENCE_OF(stname, field, type) \ - ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type) - -/* OPTIONAL SEQUENCE OF */ -#define ASN1_SEQUENCE_OF_OPT(stname, field, type) \ - ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type) - -/* Same as above but for SET OF */ - -#define ASN1_SET_OF(stname, field, type) \ - ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type) - -#define ASN1_SET_OF_OPT(stname, field, type) \ - ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type) - -/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */ - -#define ASN1_IMP_SET_OF(stname, field, type, tag) \ - ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF) - -#define ASN1_EXP_SET_OF(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF) - -#define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \ - ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL) - -#define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL) - -#define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \ - ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF) - -#define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \ - ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL) - -#define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF) - -#define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL) - -/* EXPLICIT using indefinite length constructed form */ -#define ASN1_NDEF_EXP(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF) - -/* EXPLICIT OPTIONAL using indefinite length constructed form */ -#define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF) - -/* Macros for the ASN1_ADB structure */ - -#define ASN1_ADB(name) \ - static const ASN1_ADB_TABLE name##_adbtbl[] - -#define ASN1_ADB_END(name, flags, field, app_table, def, none) \ - ;\ - static const ASN1_ADB name##_adb = {\ - flags,\ - offsetof(name, field),\ - app_table,\ - name##_adbtbl,\ - sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\ - def,\ - none\ - } - -#define ADB_ENTRY(val, template) {val, template} - -#define ASN1_ADB_TEMPLATE(name) \ - static const ASN1_TEMPLATE name##_tt - -/* This is the ASN1 template structure that defines - * a wrapper round the actual type. It determines the - * actual position of the field in the value structure, - * various flags such as OPTIONAL and the field name. - */ - -struct ASN1_TEMPLATE_st { -unsigned long flags; /* Various flags */ -long tag; /* tag, not used if no tagging */ -unsigned long offset; /* Offset of this field in structure */ -#ifndef NO_ASN1_FIELD_NAMES -const char *field_name; /* Field name */ -#endif -ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */ -}; - -/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */ - -#define ASN1_TEMPLATE_item(t) (t->item_ptr) -#define ASN1_TEMPLATE_adb(t) (t->item_ptr) - -typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE; -typedef struct ASN1_ADB_st ASN1_ADB; - -struct ASN1_ADB_st { - unsigned long flags; /* Various flags */ - unsigned long offset; /* Offset of selector field */ - STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */ - const ASN1_ADB_TABLE *tbl; /* Table of possible types */ - long tblcount; /* Number of entries in tbl */ - const ASN1_TEMPLATE *default_tt; /* Type to use if no match */ - const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */ -}; - -struct ASN1_ADB_TABLE_st { - long value; /* NID for an object or value for an int */ - const ASN1_TEMPLATE tt; /* item for this value */ -}; - -/* template flags */ - -/* Field is optional */ -#define ASN1_TFLG_OPTIONAL (0x1) - -/* Field is a SET OF */ -#define ASN1_TFLG_SET_OF (0x1 << 1) - -/* Field is a SEQUENCE OF */ -#define ASN1_TFLG_SEQUENCE_OF (0x2 << 1) - -/* Special case: this refers to a SET OF that - * will be sorted into DER order when encoded *and* - * the corresponding STACK will be modified to match - * the new order. - */ -#define ASN1_TFLG_SET_ORDER (0x3 << 1) - -/* Mask for SET OF or SEQUENCE OF */ -#define ASN1_TFLG_SK_MASK (0x3 << 1) - -/* These flags mean the tag should be taken from the - * tag field. If EXPLICIT then the underlying type - * is used for the inner tag. - */ - -/* IMPLICIT tagging */ -#define ASN1_TFLG_IMPTAG (0x1 << 3) - - -/* EXPLICIT tagging, inner tag from underlying type */ -#define ASN1_TFLG_EXPTAG (0x2 << 3) - -#define ASN1_TFLG_TAG_MASK (0x3 << 3) - -/* context specific IMPLICIT */ -#define ASN1_TFLG_IMPLICIT ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT - -/* context specific EXPLICIT */ -#define ASN1_TFLG_EXPLICIT ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT - -/* If tagging is in force these determine the - * type of tag to use. Otherwise the tag is - * determined by the underlying type. These - * values reflect the actual octet format. - */ - -/* Universal tag */ -#define ASN1_TFLG_UNIVERSAL (0x0<<6) -/* Application tag */ -#define ASN1_TFLG_APPLICATION (0x1<<6) -/* Context specific tag */ -#define ASN1_TFLG_CONTEXT (0x2<<6) -/* Private tag */ -#define ASN1_TFLG_PRIVATE (0x3<<6) - -#define ASN1_TFLG_TAG_CLASS (0x3<<6) - -/* These are for ANY DEFINED BY type. In this case - * the 'item' field points to an ASN1_ADB structure - * which contains a table of values to decode the - * relevant type - */ - -#define ASN1_TFLG_ADB_MASK (0x3<<8) - -#define ASN1_TFLG_ADB_OID (0x1<<8) - -#define ASN1_TFLG_ADB_INT (0x1<<9) - -/* This flag means a parent structure is passed - * instead of the field: this is useful is a - * SEQUENCE is being combined with a CHOICE for - * example. Since this means the structure and - * item name will differ we need to use the - * ASN1_CHOICE_END_name() macro for example. - */ - -#define ASN1_TFLG_COMBINE (0x1<<10) - -/* This flag when present in a SEQUENCE OF, SET OF - * or EXPLICIT causes indefinite length constructed - * encoding to be used if required. - */ - -#define ASN1_TFLG_NDEF (0x1<<11) - -/* This is the actual ASN1 item itself */ - -struct ASN1_ITEM_st { -char itype; /* The item type, primitive, SEQUENCE, CHOICE or extern */ -long utype; /* underlying type */ -const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains the contents */ -long tcount; /* Number of templates if SEQUENCE or CHOICE */ -const void *funcs; /* functions that handle this type */ -long size; /* Structure size (usually)*/ -#ifndef NO_ASN1_FIELD_NAMES -const char *sname; /* Structure name */ -#endif -}; - -/* These are values for the itype field and - * determine how the type is interpreted. - * - * For PRIMITIVE types the underlying type - * determines the behaviour if items is NULL. - * - * Otherwise templates must contain a single - * template and the type is treated in the - * same way as the type specified in the template. - * - * For SEQUENCE types the templates field points - * to the members, the size field is the - * structure size. - * - * For CHOICE types the templates field points - * to each possible member (typically a union) - * and the 'size' field is the offset of the - * selector. - * - * The 'funcs' field is used for application - * specific functions. - * - * For COMPAT types the funcs field gives a - * set of functions that handle this type, this - * supports the old d2i, i2d convention. - * - * The EXTERN type uses a new style d2i/i2d. - * The new style should be used where possible - * because it avoids things like the d2i IMPLICIT - * hack. - * - * MSTRING is a multiple string type, it is used - * for a CHOICE of character strings where the - * actual strings all occupy an ASN1_STRING - * structure. In this case the 'utype' field - * has a special meaning, it is used as a mask - * of acceptable types using the B_ASN1 constants. - * - * NDEF_SEQUENCE is the same as SEQUENCE except - * that it will use indefinite length constructed - * encoding if requested. - * - */ - -#define ASN1_ITYPE_PRIMITIVE 0x0 - -#define ASN1_ITYPE_SEQUENCE 0x1 - -#define ASN1_ITYPE_CHOICE 0x2 - -#define ASN1_ITYPE_COMPAT 0x3 - -#define ASN1_ITYPE_EXTERN 0x4 - -#define ASN1_ITYPE_MSTRING 0x5 - -#define ASN1_ITYPE_NDEF_SEQUENCE 0x6 - -/* Cache for ASN1 tag and length, so we - * don't keep re-reading it for things - * like CHOICE - */ - -struct ASN1_TLC_st{ - char valid; /* Values below are valid */ - int ret; /* return value */ - long plen; /* length */ - int ptag; /* class value */ - int pclass; /* class value */ - int hdrlen; /* header length */ -}; - -/* Typedefs for ASN1 function pointers */ - -typedef ASN1_VALUE * ASN1_new_func(void); -typedef void ASN1_free_func(ASN1_VALUE *a); -typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, const unsigned char ** in, long length); -typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in); - -typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, - int tag, int aclass, char opt, ASN1_TLC *ctx); - -typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); -typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it); -typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it); - -typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval, - int indent, const char *fname, - const ASN1_PCTX *pctx); - -typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); -typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); -typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx); - -typedef struct ASN1_COMPAT_FUNCS_st { - ASN1_new_func *asn1_new; - ASN1_free_func *asn1_free; - ASN1_d2i_func *asn1_d2i; - ASN1_i2d_func *asn1_i2d; -} ASN1_COMPAT_FUNCS; - -typedef struct ASN1_EXTERN_FUNCS_st { - void *app_data; - ASN1_ex_new_func *asn1_ex_new; - ASN1_ex_free_func *asn1_ex_free; - ASN1_ex_free_func *asn1_ex_clear; - ASN1_ex_d2i *asn1_ex_d2i; - ASN1_ex_i2d *asn1_ex_i2d; - ASN1_ex_print_func *asn1_ex_print; -} ASN1_EXTERN_FUNCS; - -typedef struct ASN1_PRIMITIVE_FUNCS_st { - void *app_data; - unsigned long flags; - ASN1_ex_new_func *prim_new; - ASN1_ex_free_func *prim_free; - ASN1_ex_free_func *prim_clear; - ASN1_primitive_c2i *prim_c2i; - ASN1_primitive_i2c *prim_i2c; - ASN1_primitive_print *prim_print; -} ASN1_PRIMITIVE_FUNCS; - -/* This is the ASN1_AUX structure: it handles various - * miscellaneous requirements. For example the use of - * reference counts and an informational callback. - * - * The "informational callback" is called at various - * points during the ASN1 encoding and decoding. It can - * be used to provide minor customisation of the structures - * used. This is most useful where the supplied routines - * *almost* do the right thing but need some extra help - * at a few points. If the callback returns zero then - * it is assumed a fatal error has occurred and the - * main operation should be abandoned. - * - * If major changes in the default behaviour are required - * then an external type is more appropriate. - */ - -typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it, - void *exarg); - -typedef struct ASN1_AUX_st { - void *app_data; - int flags; - int ref_offset; /* Offset of reference value */ - ASN1_aux_cb *asn1_cb; - int enc_offset; /* Offset of ASN1_ENCODING structure */ -} ASN1_AUX; - -/* For print related callbacks exarg points to this structure */ -typedef struct ASN1_PRINT_ARG_st { - BIO *out; - int indent; - const ASN1_PCTX *pctx; -} ASN1_PRINT_ARG; - -/* For streaming related callbacks exarg points to this structure */ -typedef struct ASN1_STREAM_ARG_st { - /* BIO to stream through */ - BIO *out; - /* BIO with filters appended */ - BIO *ndef_bio; - /* Streaming I/O boundary */ - unsigned char **boundary; -} ASN1_STREAM_ARG; - -/* Flags in ASN1_AUX */ - -/* Use a reference count */ -#define ASN1_AFLG_REFCOUNT 1 -/* Save the encoding of structure (useful for signatures) */ -#define ASN1_AFLG_ENCODING 2 -/* The Sequence length is invalid */ -#define ASN1_AFLG_BROKEN 4 - -/* operation values for asn1_cb */ - -#define ASN1_OP_NEW_PRE 0 -#define ASN1_OP_NEW_POST 1 -#define ASN1_OP_FREE_PRE 2 -#define ASN1_OP_FREE_POST 3 -#define ASN1_OP_D2I_PRE 4 -#define ASN1_OP_D2I_POST 5 -#define ASN1_OP_I2D_PRE 6 -#define ASN1_OP_I2D_POST 7 -#define ASN1_OP_PRINT_PRE 8 -#define ASN1_OP_PRINT_POST 9 -#define ASN1_OP_STREAM_PRE 10 -#define ASN1_OP_STREAM_POST 11 -#define ASN1_OP_DETACHED_PRE 12 -#define ASN1_OP_DETACHED_POST 13 - -/* Macro to implement a primitive type */ -#define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0) -#define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \ - ASN1_ITEM_start(itname) \ - ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \ - ASN1_ITEM_end(itname) - -/* Macro to implement a multi string type */ -#define IMPLEMENT_ASN1_MSTRING(itname, mask) \ - ASN1_ITEM_start(itname) \ - ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \ - ASN1_ITEM_end(itname) - -/* Macro to implement an ASN1_ITEM in terms of old style funcs */ - -#define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE) - -#define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \ - static const ASN1_COMPAT_FUNCS sname##_ff = { \ - (ASN1_new_func *)sname##_new, \ - (ASN1_free_func *)sname##_free, \ - (ASN1_d2i_func *)d2i_##sname, \ - (ASN1_i2d_func *)i2d_##sname, \ - }; \ - ASN1_ITEM_start(sname) \ - ASN1_ITYPE_COMPAT, \ - tag, \ - NULL, \ - 0, \ - &sname##_ff, \ - 0, \ - #sname \ - ASN1_ITEM_end(sname) - -#define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \ - ASN1_ITEM_start(sname) \ - ASN1_ITYPE_EXTERN, \ - tag, \ - NULL, \ - 0, \ - &fptrs, \ - 0, \ - #sname \ - ASN1_ITEM_end(sname) - -/* Macro to implement standard functions in terms of ASN1_ITEM structures */ - -#define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname) - -#define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname) - -#define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \ - IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname) - -#define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname) - -#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname) - -#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \ - pre stname *fname##_new(void) \ - { \ - return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \ - } \ - pre void fname##_free(stname *a) \ - { \ - ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \ - } - -#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \ - stname *fname##_new(void) \ - { \ - return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \ - } \ - void fname##_free(stname *a) \ - { \ - ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \ - } - -#define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) - -#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ - stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ - { \ - return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ - } \ - int i2d_##fname(stname *a, unsigned char **out) \ - { \ - return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\ - } - -#define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \ - int i2d_##stname##_NDEF(stname *a, unsigned char **out) \ - { \ - return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\ - } - -/* This includes evil casts to remove const: they will go away when full - * ASN1 constification is done. - */ -#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ - stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ - { \ - return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ - } \ - int i2d_##fname(const stname *a, unsigned char **out) \ - { \ - return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\ - } - -#define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \ - stname * stname##_dup(stname *x) \ - { \ - return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \ - } - -#define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \ - IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname) - -#define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \ - int fname##_print_ctx(BIO *out, stname *x, int indent, \ - const ASN1_PCTX *pctx) \ - { \ - return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \ - ASN1_ITEM_rptr(itname), pctx); \ - } - -#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \ - IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name) - -#define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) - -/* external definitions for primitive types */ - -DECLARE_ASN1_ITEM(ASN1_BOOLEAN) -DECLARE_ASN1_ITEM(ASN1_TBOOLEAN) -DECLARE_ASN1_ITEM(ASN1_FBOOLEAN) -DECLARE_ASN1_ITEM(ASN1_SEQUENCE) -DECLARE_ASN1_ITEM(CBIGNUM) -DECLARE_ASN1_ITEM(BIGNUM) -DECLARE_ASN1_ITEM(LONG) -DECLARE_ASN1_ITEM(ZLONG) - -DECLARE_STACK_OF(ASN1_VALUE) - -/* Functions used internally by the ASN1 code */ - -int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it); -void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it); -int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); -int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it); - -void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); -int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt); -int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, - int tag, int aclass, char opt, ASN1_TLC *ctx); - -int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); -int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt); -void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it); - -int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); -int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); - -int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it); -int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it); - -ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); - -const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr); - -void asn1_refcount_set_one(ASN1_VALUE **pval, const ASN1_ITEM *it); -int asn1_refcount_dec_and_test_zero(ASN1_VALUE **pval, const ASN1_ITEM *it); - -void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it); -void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it); -int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it); -int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, const ASN1_ITEM *it); - -#ifdef __cplusplus -} -#endif -#endif diff --git a/third_party/boringssl/include/openssl/base.h b/third_party/boringssl/include/openssl/base.h deleted file mode 100644 index b769ad5348c08a..00000000000000 --- a/third_party/boringssl/include/openssl/base.h +++ /dev/null @@ -1,233 +0,0 @@ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#ifndef OPENSSL_HEADER_BASE_H -#define OPENSSL_HEADER_BASE_H - - -/* This file should be the first included by all BoringSSL headers. */ - -#include -#include -#include - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -#if defined(__x86_64) || defined(_M_AMD64) || defined(_M_X64) -#define OPENSSL_64_BIT -#define OPENSSL_X86_64 -#elif defined(__x86) || defined(__i386) || defined(__i386__) || defined(_M_IX86) -#define OPENSSL_32_BIT -#define OPENSSL_X86 -#elif defined(__aarch64__) -#define OPENSSL_64_BIT -#define OPENSSL_AARCH64 -#elif defined(__arm) || defined(__arm__) || defined(_M_ARM) -#define OPENSSL_32_BIT -#define OPENSSL_ARM -#elif defined(__aarch64__) -#define OPENSSL_64_BIT -#define OPENSSL_AARCH64 -#elif defined(__mips__) && !defined(__LP64__) -#define OPENSSL_32_BIT -#define OPENSSL_MIPS -#elif defined(__mips__) && defined(__LP64__) -#define OPENSSL_64_BIT -#define OPENSSL_MIPS64 -#elif defined(__pnacl__) -#define OPENSSL_32_BIT -#define OPENSSL_PNACL -#else -#error "Unknown target CPU" -#endif - -#if defined(__APPLE__) -#define OPENSSL_APPLE -#endif - -#if defined(WIN32) || defined(_WIN32) -#define OPENSSL_WINDOWS -#endif - -#if defined(TRUSTY) -#define OPENSSL_TRUSTY -#define OPENSSL_NO_THREADS -#endif - -#define OPENSSL_IS_BORINGSSL -#define OPENSSL_VERSION_NUMBER 0x10002000 - -#if defined(BORINGSSL_SHARED_LIBRARY) - -#if defined(OPENSSL_WINDOWS) - -#if defined(BORINGSSL_IMPLEMENTATION) -#define OPENSSL_EXPORT __declspec(dllexport) -#else -#define OPENSSL_EXPORT __declspec(dllimport) -#endif - -#else /* defined(OPENSSL_WINDOWS) */ - -#if defined(BORINGSSL_IMPLEMENTATION) -#define OPENSSL_EXPORT __attribute__((visibility("default"))) -#else -#define OPENSSL_EXPORT -#endif - -#endif /* defined(OPENSSL_WINDOWS) */ - -#else /* defined(BORINGSSL_SHARED_LIBRARY) */ - -#define OPENSSL_EXPORT - -#endif /* defined(BORINGSSL_SHARED_LIBRARY) */ - -/* CRYPTO_THREADID is a dummy value. */ -typedef int CRYPTO_THREADID; - -typedef int ASN1_BOOLEAN; -typedef int ASN1_NULL; -typedef struct ASN1_ITEM_st ASN1_ITEM; -typedef struct asn1_object_st ASN1_OBJECT; -typedef struct asn1_pctx_st ASN1_PCTX; -typedef struct asn1_string_st ASN1_BIT_STRING; -typedef struct asn1_string_st ASN1_BMPSTRING; -typedef struct asn1_string_st ASN1_ENUMERATED; -typedef struct asn1_string_st ASN1_GENERALIZEDTIME; -typedef struct asn1_string_st ASN1_GENERALSTRING; -typedef struct asn1_string_st ASN1_IA5STRING; -typedef struct asn1_string_st ASN1_INTEGER; -typedef struct asn1_string_st ASN1_OCTET_STRING; -typedef struct asn1_string_st ASN1_PRINTABLESTRING; -typedef struct asn1_string_st ASN1_STRING; -typedef struct asn1_string_st ASN1_T61STRING; -typedef struct asn1_string_st ASN1_TIME; -typedef struct asn1_string_st ASN1_UNIVERSALSTRING; -typedef struct asn1_string_st ASN1_UTCTIME; -typedef struct asn1_string_st ASN1_UTF8STRING; -typedef struct asn1_string_st ASN1_VISIBLESTRING; - -typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID; -typedef struct DIST_POINT_st DIST_POINT; -typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT; -typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS; -typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE; -typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL; -typedef struct X509_POLICY_NODE_st X509_POLICY_NODE; -typedef struct X509_POLICY_TREE_st X509_POLICY_TREE; -typedef struct X509_algor_st X509_ALGOR; -typedef struct X509_crl_st X509_CRL; -typedef struct X509_pubkey_st X509_PUBKEY; -typedef struct bignum_ctx BN_CTX; -typedef struct bignum_st BIGNUM; -typedef struct bio_method_st BIO_METHOD; -typedef struct bio_st BIO; -typedef struct bn_gencb_st BN_GENCB; -typedef struct bn_mont_ctx_st BN_MONT_CTX; -typedef struct buf_mem_st BUF_MEM; -typedef struct cbb_st CBB; -typedef struct cbs_st CBS; -typedef struct cmac_ctx_st CMAC_CTX; -typedef struct conf_st CONF; -typedef struct conf_value_st CONF_VALUE; -typedef struct dh_method DH_METHOD; -typedef struct dh_st DH; -typedef struct dsa_method DSA_METHOD; -typedef struct dsa_st DSA; -typedef struct ec_key_st EC_KEY; -typedef struct ecdsa_method_st ECDSA_METHOD; -typedef struct ecdsa_sig_st ECDSA_SIG; -typedef struct engine_st ENGINE; -typedef struct env_md_ctx_st EVP_MD_CTX; -typedef struct env_md_st EVP_MD; -typedef struct evp_aead_st EVP_AEAD; -typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX; -typedef struct evp_cipher_st EVP_CIPHER; -typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD; -typedef struct evp_pkey_ctx_st EVP_PKEY_CTX; -typedef struct evp_pkey_method_st EVP_PKEY_METHOD; -typedef struct evp_pkey_st EVP_PKEY; -typedef struct hmac_ctx_st HMAC_CTX; -typedef struct md4_state_st MD4_CTX; -typedef struct md5_state_st MD5_CTX; -typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO; -typedef struct pkcs12_st PKCS12; -typedef struct rand_meth_st RAND_METHOD; -typedef struct rc4_key_st RC4_KEY; -typedef struct rsa_meth_st RSA_METHOD; -typedef struct rsa_st RSA; -typedef struct sha256_state_st SHA256_CTX; -typedef struct sha512_state_st SHA512_CTX; -typedef struct sha_state_st SHA_CTX; -typedef struct ssl_ctx_st SSL_CTX; -typedef struct ssl_st SSL; -typedef struct st_ERR_FNS ERR_FNS; -typedef struct v3_ext_ctx X509V3_CTX; -typedef struct x509_crl_method_st X509_CRL_METHOD; -typedef struct x509_revoked_st X509_REVOKED; -typedef struct x509_st X509; -typedef struct x509_store_ctx_st X509_STORE_CTX; -typedef struct x509_store_st X509_STORE; -typedef void *OPENSSL_BLOCK; - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_BASE_H */ diff --git a/third_party/boringssl/include/openssl/base64.h b/third_party/boringssl/include/openssl/base64.h deleted file mode 100644 index 7aee9907f9239b..00000000000000 --- a/third_party/boringssl/include/openssl/base64.h +++ /dev/null @@ -1,179 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_BASE64_H -#define OPENSSL_HEADER_BASE64_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* base64 functions. - * - * For historical reasons, these functions have the EVP_ prefix but just do - * base64 encoding and decoding. */ - - -typedef struct evp_encode_ctx_st EVP_ENCODE_CTX; - - -/* Encoding */ - -/* EVP_EncodeInit initialises |*ctx|, which is typically stack - * allocated, for an encoding operation. - * - * NOTE: The encoding operation breaks its output with newlines every - * 64 characters of output (48 characters of input). Use - * EVP_EncodeBlock to encode raw base64. */ -OPENSSL_EXPORT void EVP_EncodeInit(EVP_ENCODE_CTX *ctx); - -/* EVP_EncodeUpdate encodes |in_len| bytes from |in| and writes an encoded - * version of them to |out| and sets |*out_len| to the number of bytes written. - * Some state may be contained in |ctx| so |EVP_EncodeFinal| must be used to - * flush it before using the encoded data. */ -OPENSSL_EXPORT void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, uint8_t *out, - int *out_len, const uint8_t *in, - size_t in_len); - -/* EVP_EncodeFinal flushes any remaining output bytes from |ctx| to |out| and - * sets |*out_len| to the number of bytes written. */ -OPENSSL_EXPORT void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, uint8_t *out, - int *out_len); - -/* EVP_EncodeBlock encodes |src_len| bytes from |src| and writes the - * result to |dst| with a trailing NUL. It returns the number of bytes - * written, not including this trailing NUL. */ -OPENSSL_EXPORT size_t EVP_EncodeBlock(uint8_t *dst, const uint8_t *src, - size_t src_len); - -/* EVP_EncodedLength sets |*out_len| to the number of bytes that will be needed - * to call |EVP_EncodeBlock| on an input of length |len|. This includes the - * final NUL that |EVP_EncodeBlock| writes. It returns one on success or zero - * on error. */ -OPENSSL_EXPORT int EVP_EncodedLength(size_t *out_len, size_t len); - - -/* Decoding */ - -/* EVP_DecodedLength sets |*out_len| to the maximum number of bytes - * that will be needed to call |EVP_DecodeBase64| on an input of - * length |len|. */ -OPENSSL_EXPORT int EVP_DecodedLength(size_t *out_len, size_t len); - -/* EVP_DecodeBase64 decodes |in_len| bytes from base64 and writes - * |*out_len| bytes to |out|. |max_out| is the size of the output - * buffer. If it is not enough for the maximum output size, the - * operation fails. */ -OPENSSL_EXPORT int EVP_DecodeBase64(uint8_t *out, size_t *out_len, - size_t max_out, const uint8_t *in, - size_t in_len); - -/* EVP_DecodeInit initialises |*ctx|, which is typically stack allocated, for - * a decoding operation. - * - * TODO(davidben): This isn't a straight-up base64 decode either. Document - * and/or fix exactly what's going on here; maximum line length and such. */ -OPENSSL_EXPORT void EVP_DecodeInit(EVP_ENCODE_CTX *ctx); - -/* EVP_DecodeUpdate decodes |in_len| bytes from |in| and writes the decoded - * data to |out| and sets |*out_len| to the number of bytes written. Some state - * may be contained in |ctx| so |EVP_DecodeFinal| must be used to flush it - * before using the encoded data. - * - * It returns -1 on error, one if a full line of input was processed and zero - * if the line was short (i.e. it was the last line). */ -OPENSSL_EXPORT int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, uint8_t *out, - int *out_len, const uint8_t *in, - size_t in_len); - -/* EVP_DecodeFinal flushes any remaining output bytes from |ctx| to |out| and - * sets |*out_len| to the number of bytes written. It returns one on success - * and minus one on error. */ -OPENSSL_EXPORT int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, uint8_t *out, - int *out_len); - -/* Deprecated: EVP_DecodeBlock encodes |src_len| bytes from |src| and - * writes the result to |dst|. It returns the number of bytes written - * or -1 on error. - * - * WARNING: EVP_DecodeBlock's return value does not take padding into - * account. It also strips leading whitespace and trailing - * whitespace. */ -OPENSSL_EXPORT int EVP_DecodeBlock(uint8_t *dst, const uint8_t *src, - size_t src_len); - - -struct evp_encode_ctx_st { - unsigned num; /* number saved in a partial encode/decode */ - unsigned length; /* The length is either the output line length - * (in input bytes) or the shortest input line - * length that is ok. Once decoding begins, - * the length is adjusted up each time a longer - * line is decoded */ - uint8_t enc_data[80]; /* data to encode */ - unsigned line_num; /* number read on current line */ - int expect_nl; -}; - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_BASE64_H */ diff --git a/third_party/boringssl/include/openssl/bio.h b/third_party/boringssl/include/openssl/bio.h deleted file mode 100644 index 872465750b5aa7..00000000000000 --- a/third_party/boringssl/include/openssl/bio.h +++ /dev/null @@ -1,910 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_BIO_H -#define OPENSSL_HEADER_BIO_H - -#include - -#include /* For FILE */ - -#include /* for ERR_print_errors_fp */ -#include -#include -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* BIO abstracts over a file-descriptor like interface. */ - - -/* Allocation and freeing. */ - -DEFINE_STACK_OF(BIO); - -/* BIO_new creates a new BIO with the given type and a reference count of one. - * It returns the fresh |BIO|, or NULL on error. */ -OPENSSL_EXPORT BIO *BIO_new(const BIO_METHOD *type); - -/* BIO_free decrements the reference count of |bio|. If the reference count - * drops to zero, it (optionally) calls the BIO's callback with |BIO_CB_FREE|, - * frees the ex_data and then, if the BIO has a destroy callback for the - * method, calls it. Finally it frees |bio| itself. It then repeats that for - * the next BIO in the chain, if any. - * - * It returns one on success or zero otherwise. */ -OPENSSL_EXPORT int BIO_free(BIO *bio); - -/* BIO_vfree performs the same actions as |BIO_free|, but has a void return - * value. This is provided for API-compat. - * - * TODO(fork): remove. */ -OPENSSL_EXPORT void BIO_vfree(BIO *bio); - -/* BIO_up_ref increments the reference count of |bio| and returns it. */ -OPENSSL_EXPORT BIO *BIO_up_ref(BIO *bio); - - -/* Basic I/O. */ - -/* BIO_read attempts to read |len| bytes into |data|. It returns the number of - * bytes read, zero on EOF, or a negative number on error. */ -OPENSSL_EXPORT int BIO_read(BIO *bio, void *data, int len); - -/* BIO_gets "reads a line" from |bio| and puts at most |size| bytes into |buf|. - * It returns the number of bytes read or a negative number on error. The - * phrase "reads a line" is in quotes in the previous sentence because the - * exact operation depends on the BIO's method. For example, a digest BIO will - * return the digest in response to a |BIO_gets| call. - * - * TODO(fork): audit the set of BIOs that we end up needing. If all actually - * return a line for this call, remove the warning above. */ -OPENSSL_EXPORT int BIO_gets(BIO *bio, char *buf, int size); - -/* BIO_write writes |len| bytes from |data| to BIO. It returns the number of - * bytes written or a negative number on error. */ -OPENSSL_EXPORT int BIO_write(BIO *bio, const void *data, int len); - -/* BIO_puts writes a NUL terminated string from |buf| to |bio|. It returns the - * number of bytes written or a negative number on error. */ -OPENSSL_EXPORT int BIO_puts(BIO *bio, const char *buf); - -/* BIO_flush flushes any buffered output. It returns one on success and zero - * otherwise. */ -OPENSSL_EXPORT int BIO_flush(BIO *bio); - - -/* Low-level control functions. - * - * These are generic functions for sending control requests to a BIO. In - * general one should use the wrapper functions like |BIO_get_close|. */ - -/* BIO_ctrl sends the control request |cmd| to |bio|. The |cmd| argument should - * be one of the |BIO_C_*| values. */ -OPENSSL_EXPORT long BIO_ctrl(BIO *bio, int cmd, long larg, void *parg); - -/* BIO_ptr_ctrl acts like |BIO_ctrl| but passes the address of a |void*| - * pointer as |parg| and returns the value that is written to it, or NULL if - * the control request returns <= 0. */ -OPENSSL_EXPORT char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg); - -/* BIO_int_ctrl acts like |BIO_ctrl| but passes the address of a copy of |iarg| - * as |parg|. */ -OPENSSL_EXPORT long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg); - -/* BIO_reset resets |bio| to its initial state, the precise meaning of which - * depends on the concrete type of |bio|. It returns one on success and zero - * otherwise. */ -OPENSSL_EXPORT int BIO_reset(BIO *bio); - -/* BIO_set_flags ORs |flags| with |bio->flags|. */ -OPENSSL_EXPORT void BIO_set_flags(BIO *bio, int flags); - -/* BIO_test_flags returns |bio->flags| AND |flags|. */ -OPENSSL_EXPORT int BIO_test_flags(const BIO *bio, int flags); - -/* BIO_should_read returns non-zero if |bio| encountered a temporary error - * while reading (i.e. EAGAIN), indicating that the caller should retry the - * read. */ -OPENSSL_EXPORT int BIO_should_read(const BIO *bio); - -/* BIO_should_write returns non-zero if |bio| encountered a temporary error - * while writing (i.e. EAGAIN), indicating that the caller should retry the - * write. */ -OPENSSL_EXPORT int BIO_should_write(const BIO *bio); - -/* BIO_should_retry returns non-zero if the reason that caused a failed I/O - * operation is temporary and thus the operation should be retried. Otherwise, - * it was a permanent error and it returns zero. */ -OPENSSL_EXPORT int BIO_should_retry(const BIO *bio); - -/* BIO_should_io_special returns non-zero if |bio| encountered a temporary - * error while performing a special I/O operation, indicating that the caller - * should retry. The operation that caused the error is returned by - * |BIO_get_retry_reason|. */ -OPENSSL_EXPORT int BIO_should_io_special(const BIO *bio); - -/* BIO_RR_SSL_X509_LOOKUP indicates that an SSL BIO blocked because the SSL - * library returned with SSL_ERROR_WANT_X509_LOOKUP. - * - * TODO(fork): remove. */ -#define BIO_RR_SSL_X509_LOOKUP 0x01 - -/* BIO_RR_CONNECT indicates that a connect would have blocked */ -#define BIO_RR_CONNECT 0x02 - -/* BIO_RR_ACCEPT indicates that an accept would have blocked */ -#define BIO_RR_ACCEPT 0x03 - -/* BIO_RR_SSL_CHANNEL_ID_LOOKUP indicates that the ChannelID code cannot find - * a private key for a TLS connection. */ -#define BIO_RR_SSL_CHANNEL_ID_LOOKUP 0x04 - -/* BIO_get_retry_reason returns the special I/O operation that needs to be - * retried. The return value is one of the |BIO_RR_*| values. */ -OPENSSL_EXPORT int BIO_get_retry_reason(const BIO *bio); - -/* BIO_clear_flags ANDs |bio->flags| with the bitwise-complement of |flags|. */ -OPENSSL_EXPORT void BIO_clear_flags(BIO *bio, int flags); - -/* BIO_set_retry_read sets the |BIO_FLAGS_READ| and |BIO_FLAGS_SHOULD_RETRY| - * flags on |bio|. */ -OPENSSL_EXPORT void BIO_set_retry_read(BIO *bio); - -/* BIO_set_retry_read sets the |BIO_FLAGS_WRITE| and |BIO_FLAGS_SHOULD_RETRY| - * flags on |bio|. */ -OPENSSL_EXPORT void BIO_set_retry_write(BIO *bio); - -/* BIO_get_retry_flags gets the |BIO_FLAGS_READ|, |BIO_FLAGS_WRITE|, - * |BIO_FLAGS_IO_SPECIAL| and |BIO_FLAGS_SHOULD_RETRY| flags from |bio|. */ -OPENSSL_EXPORT int BIO_get_retry_flags(BIO *bio); - -/* BIO_clear_retry_flags clears the |BIO_FLAGS_READ|, |BIO_FLAGS_WRITE|, - * |BIO_FLAGS_IO_SPECIAL| and |BIO_FLAGS_SHOULD_RETRY| flags from |bio|. */ -OPENSSL_EXPORT void BIO_clear_retry_flags(BIO *bio); - -/* BIO_method_type returns the type of |bio|, which is one of the |BIO_TYPE_*| - * values. */ -OPENSSL_EXPORT int BIO_method_type(const BIO *bio); - -/* bio_info_cb is the type of a callback function that can be called for most - * BIO operations. The |event| argument is one of |BIO_CB_*| and can be ORed - * with |BIO_CB_RETURN| if the callback is being made after the operation in - * question. In that case, |return_value| will contain the return value from - * the operation. */ -typedef long (*bio_info_cb)(BIO *bio, int event, const char *parg, int cmd, - long larg, long return_value); - -/* BIO_callback_ctrl allows the callback function to be manipulated. The |cmd| - * arg will generally be |BIO_CTRL_SET_CALLBACK| but arbitary command values - * can be interpreted by the |BIO|. */ -OPENSSL_EXPORT long BIO_callback_ctrl(BIO *bio, int cmd, bio_info_cb fp); - -/* BIO_pending returns the number of bytes pending to be read. */ -OPENSSL_EXPORT size_t BIO_pending(const BIO *bio); - -/* BIO_ctrl_pending calls |BIO_pending| and exists only for compatibility with - * OpenSSL. */ -OPENSSL_EXPORT size_t BIO_ctrl_pending(const BIO *bio); - -/* BIO_wpending returns the number of bytes pending to be written. */ -OPENSSL_EXPORT size_t BIO_wpending(const BIO *bio); - -/* BIO_set_close sets the close flag for |bio|. The meaning of which depends on - * the type of |bio| but, for example, a memory BIO interprets the close flag - * as meaning that it owns its buffer. It returns one on success and zero - * otherwise. */ -OPENSSL_EXPORT int BIO_set_close(BIO *bio, int close_flag); - -/* BIO_set_callback sets a callback function that will be called before and - * after most operations. See the comment above |bio_info_cb|. */ -OPENSSL_EXPORT void BIO_set_callback(BIO *bio, bio_info_cb callback_func); - -/* BIO_set_callback_arg sets the opaque pointer value that can be read within a - * callback with |BIO_get_callback_arg|. */ -OPENSSL_EXPORT void BIO_set_callback_arg(BIO *bio, char *arg); - -/* BIO_get_callback_arg returns the last value of the opaque callback pointer - * set by |BIO_set_callback_arg|. */ -OPENSSL_EXPORT char *BIO_get_callback_arg(const BIO *bio); - -/* BIO_number_read returns the number of bytes that have been read from - * |bio|. */ -OPENSSL_EXPORT size_t BIO_number_read(const BIO *bio); - -/* BIO_number_written returns the number of bytes that have been written to - * |bio|. */ -OPENSSL_EXPORT size_t BIO_number_written(const BIO *bio); - - -/* Managing chains of BIOs. - * - * BIOs can be put into chains where the output of one is used as the input of - * the next etc. The most common case is a buffering BIO, which accepts and - * buffers writes until flushed into the next BIO in the chain. */ - -/* BIO_push adds |appended_bio| to the end of the chain with |bio| at the head. - * It returns |bio|. Note that |appended_bio| may be the head of a chain itself - * and thus this function can be used to join two chains. - * - * BIO_push takes ownership of the caller's reference to |appended_bio|. */ -OPENSSL_EXPORT BIO *BIO_push(BIO *bio, BIO *appended_bio); - -/* BIO_pop removes |bio| from the head of a chain and returns the next BIO in - * the chain, or NULL if there is no next BIO. - * - * The caller takes ownership of the chain's reference to |bio|. */ -OPENSSL_EXPORT BIO *BIO_pop(BIO *bio); - -/* BIO_next returns the next BIO in the chain after |bio|, or NULL if there is - * no such BIO. */ -OPENSSL_EXPORT BIO *BIO_next(BIO *bio); - -/* BIO_free_all calls |BIO_free|. - * - * TODO(fork): update callers and remove. */ -OPENSSL_EXPORT void BIO_free_all(BIO *bio); - -/* BIO_find_type walks a chain of BIOs and returns the first that matches - * |type|, which is one of the |BIO_TYPE_*| values. */ -OPENSSL_EXPORT BIO *BIO_find_type(BIO *bio, int type); - -/* BIO_copy_next_retry sets the retry flags and |retry_reason| of |bio| from - * the next BIO in the chain. */ -OPENSSL_EXPORT void BIO_copy_next_retry(BIO *bio); - - -/* Printf functions. - * - * These functions are versions of printf functions that output to a BIO rather - * than a FILE. */ -#ifdef __GNUC__ -#define __bio_h__attr__ __attribute__ -#else -#define __bio_h__attr__(x) -#endif -OPENSSL_EXPORT int BIO_printf(BIO *bio, const char *format, ...) - __bio_h__attr__((__format__(__printf__, 2, 3))); -#undef __bio_h__attr__ - - -/* Utility functions. */ - -/* BIO_indent prints min(|indent|, |max_indent|) spaces. It returns one on - * success and zero otherwise. */ -OPENSSL_EXPORT int BIO_indent(BIO *bio, unsigned indent, unsigned max_indent); - -/* BIO_hexdump writes a hex dump of |data| to |bio|. Each line will be indented - * by |indent| spaces. */ -OPENSSL_EXPORT int BIO_hexdump(BIO *bio, const uint8_t *data, size_t len, - unsigned indent); - -/* BIO_print_errors prints the current contents of the error stack to |bio| - * using human readable strings where possible. */ -OPENSSL_EXPORT void BIO_print_errors(BIO *bio); - -/* BIO_read_asn1 reads a single ASN.1 object from |bio|. If successful it sets - * |*out| to be an allocated buffer (that should be freed with |OPENSSL_free|), - * |*out_size| to the length, in bytes, of that buffer and returns one. - * Otherwise it returns zero. - * - * If the length of the object is greater than |max_len| or 2^32 then the - * function will fail. Long-form tags are not supported. If the length of the - * object is indefinite the full contents of |bio| are read, unless it would be - * greater than |max_len|, in which case the function fails. - * - * If the function fails then some unknown amount of data may have been read - * from |bio|. */ -OPENSSL_EXPORT int BIO_read_asn1(BIO *bio, uint8_t **out, size_t *out_len, - size_t max_len); - - -/* Memory BIOs. - * - * Memory BIOs can be used as a read-only source (with |BIO_new_mem_buf|) or a - * writable sink (with |BIO_new|, |BIO_s_mem| and |BIO_get_mem_buf|). Data - * written to a writable, memory BIO can be recalled by reading from it. - * - * Calling |BIO_reset| on a read-only BIO resets it to the original contents. - * On a writable BIO, it clears any data. - * - * If the close flag is set to |BIO_NOCLOSE| (not the default) then the - * underlying |BUF_MEM| will not be freed when the |BIO| is freed. - * - * Memory BIOs support |BIO_gets| and |BIO_puts|. - * - * |BIO_eof| is true if no data is in the BIO. - * - * |BIO_ctrl_pending| returns the number of bytes currently stored. */ - -/* BIO_s_mem returns a |BIO_METHOD| that uses a in-memory buffer. */ -OPENSSL_EXPORT const BIO_METHOD *BIO_s_mem(void); - -/* BIO_new_mem_buf creates BIO that reads and writes from |len| bytes at |buf|. - * It does not take ownership of |buf|. It returns the BIO or NULL on error. - * - * If |len| is negative, then |buf| is treated as a NUL-terminated string, but - * don't depend on this in new code. */ -OPENSSL_EXPORT BIO *BIO_new_mem_buf(void *buf, int len); - -/* BIO_mem_contents sets |*out_contents| to point to the current contents of - * |bio| and |*out_len| to contain the length of that data. It returns one on - * success and zero otherwise. */ -OPENSSL_EXPORT int BIO_mem_contents(const BIO *bio, - const uint8_t **out_contents, - size_t *out_len); - -/* BIO_get_mem_data sets |*contents| to point to the current contents of |bio| - * and returns the length of the data. - * - * WARNING: don't use this, use |BIO_mem_contents|. A return value of zero from - * this function can mean either that it failed or that the memory buffer is - * empty. */ -OPENSSL_EXPORT long BIO_get_mem_data(BIO *bio, char **contents); - -/* BIO_get_mem_ptr sets |*out| to a BUF_MEM containing the current contents of - * |bio|. It returns one on success or zero on error. */ -OPENSSL_EXPORT int BIO_get_mem_ptr(BIO *bio, BUF_MEM **out); - -/* BIO_set_mem_buf sets |b| as the contents of |bio|. If |take_ownership| is - * non-zero, then |b| will be freed when |bio| is closed. Returns one on - * success or zero otherwise. */ -OPENSSL_EXPORT int BIO_set_mem_buf(BIO *bio, BUF_MEM *b, int take_ownership); - -/* BIO_set_mem_eof_return sets the value that will be returned from reading - * |bio| when empty. If |eof_value| is zero then an empty memory BIO will - * return EOF (that is it will return zero and |BIO_should_retry| will be - * false). If |eof_value| is non zero then it will return |eof_value| when it - * is empty and it will set the read retry flag (that is |BIO_read_retry| is - * true). To avoid ambiguity with a normal positive return value, |eof_value| - * should be set to a negative value, typically -1. - * - * For a read-only BIO, the default is zero (EOF). For a writable BIO, the - * default is -1 so that additional data can be written once exhausted. */ -OPENSSL_EXPORT int BIO_set_mem_eof_return(BIO *bio, int eof_value); - - -/* File descriptor BIOs. - * - * File descriptor BIOs are wrappers around the system's |read| and |write| - * functions. If the close flag is set then then |close| is called on the - * underlying file descriptor when the BIO is freed. - * - * |BIO_reset| attempts to seek the file pointer to the start of file using - * |lseek|. - * - * |BIO_seek| sets the file pointer to position |off| from start of file using - * |lseek|. - * - * |BIO_tell| returns the current file position. */ - -/* BIO_s_fd returns a |BIO_METHOD| for file descriptor fds. */ -OPENSSL_EXPORT const BIO_METHOD *BIO_s_fd(void); - -/* BIO_new_fd creates a new file descriptor BIO wrapping |fd|. If |close_flag| - * is non-zero, then |fd| will be closed when the BIO is. */ -OPENSSL_EXPORT BIO *BIO_new_fd(int fd, int close_flag); - -/* BIO_set_fd sets the file descriptor of |bio| to |fd|. If |close_flag| is - * non-zero then |fd| will be closed when |bio| is. It returns one on success - * or zero on error. */ -OPENSSL_EXPORT int BIO_set_fd(BIO *bio, int fd, int close_flag); - -/* BIO_get_fd sets |*out_fd| to the file descriptor currently in use by |bio|. - * It returns one on success and zero on error. */ -OPENSSL_EXPORT int BIO_get_fd(BIO *bio, int *out_fd); - - -/* File BIOs. - * - * File BIOs are wrappers around a C |FILE| object. - * - * |BIO_flush| on a file BIO calls |fflush| on the wrapped stream. - * - * |BIO_reset| attempts to seek the file pointer to the start of file using - * |fseek|. - * - * |BIO_seek| sets the file pointer to the given position from the start of - * file using |fseek|. - * - * |BIO_eof| calls |feof|. - * - * Setting the close flag causes |fclose| to be called on the stream when the - * BIO is freed. */ - -/* BIO_s_file returns a BIO_METHOD that wraps a |FILE|. */ -OPENSSL_EXPORT const BIO_METHOD *BIO_s_file(void); - -/* BIO_new_file creates a file BIO by opening |filename| with the given mode. - * See the |fopen| manual page for details of the mode argument. */ -OPENSSL_EXPORT BIO *BIO_new_file(const char *filename, const char *mode); - -/* BIO_new_fp creates a new file BIO that wraps the given |FILE|. If - * |close_flag| is |BIO_CLOSE|, then |fclose| will be called on |stream| when - * the BIO is closed. */ -OPENSSL_EXPORT BIO *BIO_new_fp(FILE *stream, int close_flag); - -/* BIO_get_fp sets |*out_file| to the current |FILE| for |bio|. It returns one - * on success and zero otherwise. */ -OPENSSL_EXPORT int BIO_get_fp(BIO *bio, FILE **out_file); - -/* BIO_set_fp sets the |FILE| for |bio|. If |close_flag| is |BIO_CLOSE| then - * |fclose| will be called on |file| when |bio| is closed. It returns one on - * sucess and zero otherwise. */ -OPENSSL_EXPORT int BIO_set_fp(BIO *bio, FILE *file, int close_flag); - -/* BIO_read_filename opens |filename| for reading and sets the result as the - * |FILE| for |bio|. It returns one on success and zero otherwise. The |FILE| - * will be closed when |bio| is freed. */ -OPENSSL_EXPORT int BIO_read_filename(BIO *bio, const char *filename); - -/* BIO_write_filename opens |filename| for writing and sets the result as the - * |FILE| for |bio|. It returns one on success and zero otherwise. The |FILE| - * will be closed when |bio| is freed. */ -OPENSSL_EXPORT int BIO_write_filename(BIO *bio, const char *filename); - -/* BIO_append_filename opens |filename| for appending and sets the result as - * the |FILE| for |bio|. It returns one on success and zero otherwise. The - * |FILE| will be closed when |bio| is freed. */ -OPENSSL_EXPORT int BIO_append_filename(BIO *bio, const char *filename); - -/* BIO_rw_filename opens |filename| for reading and writing and sets the result - * as the |FILE| for |bio|. It returns one on success and zero otherwise. The - * |FILE| will be closed when |bio| is freed. */ -OPENSSL_EXPORT int BIO_rw_filename(BIO *bio, const char *filename); - - -/* Buffer BIOs. - * - * Buffer BIOs are a filter-type BIO, i.e. they are designed to be used in a - * chain of BIOs. They provide buffering to reduce the number of operations on - * the underlying BIOs. */ - -OPENSSL_EXPORT const BIO_METHOD *BIO_f_buffer(void); - -/* BIO_set_read_buffer_size sets the size, in bytes, of the read buffer and - * clears it. It returns one on success and zero on failure. */ -OPENSSL_EXPORT int BIO_set_read_buffer_size(BIO *bio, int buffer_size); - -/* BIO_set_write_buffer_size sets the size, in bytes, of the write buffer and - * clears it. It returns one on success and zero on failure. */ -OPENSSL_EXPORT int BIO_set_write_buffer_size(BIO *bio, int buffer_size); - - -/* Socket BIOs. */ - -OPENSSL_EXPORT const BIO_METHOD *BIO_s_socket(void); - -/* BIO_new_socket allocates and initialises a fresh BIO which will read and - * write to the socket |fd|. If |close_flag| is |BIO_CLOSE| then closing the - * BIO will close |fd|. It returns the fresh |BIO| or NULL on error. */ -OPENSSL_EXPORT BIO *BIO_new_socket(int fd, int close_flag); - - -/* Connect BIOs. - * - * A connection BIO creates a network connection and transfers data over the - * resulting socket. */ - -OPENSSL_EXPORT const BIO_METHOD *BIO_s_connect(void); - -/* BIO_new_connect returns a BIO that connects to the given hostname and port. - * The |host_and_optional_port| argument should be of the form - * "www.example.com" or "www.example.com:443". If the port is omitted, it must - * be provided with |BIO_set_conn_port|. - * - * It returns the new BIO on success, or NULL on error. */ -OPENSSL_EXPORT BIO *BIO_new_connect(const char *host_and_optional_port); - -/* BIO_set_conn_hostname sets |host_and_optional_port| as the hostname and - * optional port that |bio| will connect to. If the port is omitted, it must be - * provided with |BIO_set_conn_port|. - * - * It returns one on success and zero otherwise. */ -OPENSSL_EXPORT int BIO_set_conn_hostname(BIO *bio, - const char *host_and_optional_port); - -/* BIO_set_conn_port sets |port_str| as the port or service name that |bio| - * will connect to. It returns one on success and zero otherwise. */ -OPENSSL_EXPORT int BIO_set_conn_port(BIO *bio, const char *port_str); - -/* BIO_set_nbio sets whether |bio| will use non-blocking I/O operations. It - * returns one on success and zero otherwise. */ -OPENSSL_EXPORT int BIO_set_nbio(BIO *bio, int on); - - -/* Datagram BIOs. - * - * TODO(fork): not implemented. */ - -#define BIO_CTRL_DGRAM_QUERY_MTU 40 /* as kernel for current MTU */ - -#define BIO_CTRL_DGRAM_SET_MTU 42 /* set cached value for MTU. want to use - this if asking the kernel fails */ - -#define BIO_CTRL_DGRAM_MTU_EXCEEDED 43 /* check whether the MTU was exceed in - the previous write operation. */ - -#define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT \ - 45 /* Next DTLS handshake timeout to adjust socket timeouts */ - -#define BIO_CTRL_DGRAM_GET_PEER 46 - -#define BIO_CTRL_DGRAM_GET_FALLBACK_MTU 47 - - -/* BIO Pairs. - * - * BIO pairs provide a "loopback" like system: a pair of BIOs where data - * written to one can be read from the other and vice versa. */ - -/* BIO_new_bio_pair sets |*out1| and |*out2| to two freshly created BIOs where - * data written to one can be read from the other and vice versa. The - * |writebuf1| argument gives the size of the buffer used in |*out1| and - * |writebuf2| for |*out2|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int BIO_new_bio_pair(BIO **out1, size_t writebuf1, BIO **out2, - size_t writebuf2); - -/* BIO_new_bio_pair_external_buf is the same as |BIO_new_bio_pair| with the - * difference that the caller keeps ownership of the write buffers - * |ext_writebuf1_len| and |ext_writebuf2_len|. This is useful when using zero - * copy API for read and write operations, in cases where the buffers need to - * outlive the BIO pairs. It returns one on success and zero on error. */ -OPENSSL_EXPORT int BIO_new_bio_pair_external_buf(BIO** bio1_p, - size_t writebuf1_len, - uint8_t* ext_writebuf1, - BIO** bio2_p, - size_t writebuf2_len, - uint8_t* ext_writebuf2); - -/* BIO_ctrl_get_read_request returns the number of bytes that the other side of - * |bio| tried (unsuccessfully) to read. */ -OPENSSL_EXPORT size_t BIO_ctrl_get_read_request(BIO *bio); - -/* BIO_ctrl_get_write_guarantee returns the number of bytes that |bio| (which - * must have been returned by |BIO_new_bio_pair|) will accept on the next - * |BIO_write| call. */ -OPENSSL_EXPORT size_t BIO_ctrl_get_write_guarantee(BIO *bio); - -/* BIO_shutdown_wr marks |bio| as closed, from the point of view of the other - * side of the pair. Future |BIO_write| calls on |bio| will fail. It returns - * one on success and zero otherwise. */ -OPENSSL_EXPORT int BIO_shutdown_wr(BIO *bio); - - -/* Zero copy versions of BIO_read and BIO_write for BIO pairs. */ - -/* BIO_zero_copy_get_read_buf initiates a zero copy read operation. - * |out_read_buf| is set to the internal read buffer, and |out_buf_offset| is - * set to the current read position of |out_read_buf|. The number of bytes - * available for read from |out_read_buf| + |out_buf_offset| is returned in - * |out_available_bytes|. Note that this function might report fewer bytes - * available than |BIO_pending|, if the internal ring buffer is wrapped. It - * returns one on success. In case of error it returns zero and pushes to the - * error stack. - * - * The zero copy read operation is completed by calling - * |BIO_zero_copy_get_read_buf_done|. Neither |BIO_zero_copy_get_read_buf| nor - * any other I/O read operation may be called while a zero copy read operation - * is active. */ -OPENSSL_EXPORT int BIO_zero_copy_get_read_buf(BIO* bio, - uint8_t** out_read_buf, - size_t* out_buf_offset, - size_t* out_available_bytes); - -/* BIO_zero_copy_get_read_buf_done must be called after reading from a BIO using - * |BIO_zero_copy_get_read_buf| to finish the read operation. The |bytes_read| - * argument is the number of bytes read. - * - * It returns one on success. In case of error it returns zero and pushes to the - * error stack. */ -OPENSSL_EXPORT int BIO_zero_copy_get_read_buf_done(BIO* bio, size_t bytes_read); - -/* BIO_zero_copy_get_write_buf_done initiates a zero copy write operation. - * |out_write_buf| is set to to the internal write buffer, and |out_buf_offset| - * is set to the current write position of |out_write_buf|. - * The number of bytes available for write from |out_write_buf| + - * |out_buf_offset| is returned in |out_available_bytes|. Note that this - * function might report fewer bytes available than - * |BIO_ctrl_get_write_guarantee|, if the internal buffer is wrapped. It returns - * one on success. In case of error it returns zero and pushes to the error - * stack. - * - * The zero copy write operation is completed by calling - * |BIO_zero_copy_write_buf_done|. Neither |BIO_zero_copy_get_write_buf| - * nor any other I/O write operation may be called while a zero copy write - * operation is active. */ -OPENSSL_EXPORT int BIO_zero_copy_get_write_buf(BIO* bio, - uint8_t** out_write_buf, - size_t* out_buf_offset, - size_t* out_available_bytes); - -/* BIO_zero_copy_write_buf_done must be called after writing to a BIO using - * |BIO_zero_copy_get_write_buf_done| to finish the write operation. The - * |bytes_written| argument gives the number of bytes written. - * - * It returns one on success. In case of error it returns zero and pushes to the - * error stack. */ -OPENSSL_EXPORT int BIO_zero_copy_get_write_buf_done(BIO* bio, - size_t bytes_written); - - -/* BIO_NOCLOSE and |BIO_CLOSE| can be used as symbolic arguments when a "close - * flag" is passed to a BIO function. */ -#define BIO_NOCLOSE 0 -#define BIO_CLOSE 1 - -/* These are passed to the BIO callback */ -#define BIO_CB_FREE 0x01 -#define BIO_CB_READ 0x02 -#define BIO_CB_WRITE 0x03 -#define BIO_CB_PUTS 0x04 -#define BIO_CB_GETS 0x05 -#define BIO_CB_CTRL 0x06 - -/* The callback is called before and after the underling operation, - * The BIO_CB_RETURN flag indicates if it is after the call */ -#define BIO_CB_RETURN 0x80 - -/* These are values of the |cmd| argument to |BIO_ctrl|. */ -#define BIO_CTRL_RESET 1 /* opt - rewind/zero etc */ -#define BIO_CTRL_EOF 2 /* opt - are we at the eof */ -#define BIO_CTRL_INFO 3 /* opt - extra tit-bits */ -#define BIO_CTRL_SET 4 /* man - set the 'IO' type */ -#define BIO_CTRL_GET 5 /* man - get the 'IO' type */ -#define BIO_CTRL_GET_CLOSE 8 /* man - set the 'close' on free */ -#define BIO_CTRL_SET_CLOSE 9 /* man - set the 'close' on free */ -#define BIO_CTRL_PENDING 10 /* opt - is their more data buffered */ -#define BIO_CTRL_FLUSH 11 /* opt - 'flush' buffered output */ -#define BIO_CTRL_WPENDING 13 /* opt - number of bytes still to write */ -/* callback is int cb(BIO *bio,state,ret); */ -#define BIO_CTRL_SET_CALLBACK 14 /* opt - set callback function */ -#define BIO_CTRL_GET_CALLBACK 15 /* opt - set callback function */ -#define BIO_CTRL_SET_FILENAME 30 /* BIO_s_file special */ - - -/* Android compatibility section. - * - * A previous version of BoringSSL used in Android renamed ERR_print_errors_fp - * to BIO_print_errors_fp. It has subsequently been renamed back to - * ERR_print_errors_fp. */ -#define BIO_print_errors_fp ERR_print_errors_fp - - -/* Private functions */ - -#define BIO_FLAGS_READ 0x01 -#define BIO_FLAGS_WRITE 0x02 -#define BIO_FLAGS_IO_SPECIAL 0x04 -#define BIO_FLAGS_RWS (BIO_FLAGS_READ | BIO_FLAGS_WRITE | BIO_FLAGS_IO_SPECIAL) -#define BIO_FLAGS_SHOULD_RETRY 0x08 -#define BIO_FLAGS_BASE64_NO_NL 0x100 -/* This is used with memory BIOs: it means we shouldn't free up or change the - * data in any way. */ -#define BIO_FLAGS_MEM_RDONLY 0x200 - -/* These are the 'types' of BIOs */ -#define BIO_TYPE_NONE 0 -#define BIO_TYPE_MEM (1 | 0x0400) -#define BIO_TYPE_FILE (2 | 0x0400) -#define BIO_TYPE_FD (4 | 0x0400 | 0x0100) -#define BIO_TYPE_SOCKET (5 | 0x0400 | 0x0100) -#define BIO_TYPE_NULL (6 | 0x0400) -#define BIO_TYPE_SSL (7 | 0x0200) -#define BIO_TYPE_MD (8 | 0x0200) /* passive filter */ -#define BIO_TYPE_BUFFER (9 | 0x0200) /* filter */ -#define BIO_TYPE_CIPHER (10 | 0x0200) /* filter */ -#define BIO_TYPE_BASE64 (11 | 0x0200) /* filter */ -#define BIO_TYPE_CONNECT (12 | 0x0400 | 0x0100) /* socket - connect */ -#define BIO_TYPE_ACCEPT (13 | 0x0400 | 0x0100) /* socket for accept */ -#define BIO_TYPE_PROXY_CLIENT (14 | 0x0200) /* client proxy BIO */ -#define BIO_TYPE_PROXY_SERVER (15 | 0x0200) /* server proxy BIO */ -#define BIO_TYPE_NBIO_TEST (16 | 0x0200) /* server proxy BIO */ -#define BIO_TYPE_NULL_FILTER (17 | 0x0200) -#define BIO_TYPE_BER (18 | 0x0200) /* BER -> bin filter */ -#define BIO_TYPE_BIO (19 | 0x0400) /* (half a) BIO pair */ -#define BIO_TYPE_LINEBUFFER (20 | 0x0200) /* filter */ -#define BIO_TYPE_DGRAM (21 | 0x0400 | 0x0100) -#define BIO_TYPE_ASN1 (22 | 0x0200) /* filter */ -#define BIO_TYPE_COMP (23 | 0x0200) /* filter */ - -#define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */ -#define BIO_TYPE_FILTER 0x0200 -#define BIO_TYPE_SOURCE_SINK 0x0400 - -struct bio_method_st { - int type; - const char *name; - int (*bwrite)(BIO *, const char *, int); - int (*bread)(BIO *, char *, int); - /* TODO(fork): remove bputs. */ - int (*bputs)(BIO *, const char *); - int (*bgets)(BIO *, char *, int); - long (*ctrl)(BIO *, int, long, void *); - int (*create)(BIO *); - int (*destroy)(BIO *); - long (*callback_ctrl)(BIO *, int, bio_info_cb); -}; - -struct bio_st { - const BIO_METHOD *method; - /* bio, mode, argp, argi, argl, ret */ - long (*callback)(struct bio_st *, int, const char *, int, long, long); - char *cb_arg; /* first argument for the callback */ - - /* init is non-zero if this |BIO| has been initialised. */ - int init; - /* shutdown is often used by specific |BIO_METHOD|s to determine whether - * they own some underlying resource. This flag can often by controlled by - * |BIO_set_close|. For example, whether an fd BIO closes the underlying fd - * when it, itself, is closed. */ - int shutdown; - int flags; - int retry_reason; - /* num is a BIO-specific value. For example, in fd BIOs it's used to store a - * file descriptor. */ - int num; - CRYPTO_refcount_t references; - void *ptr; - /* next_bio points to the next |BIO| in a chain. This |BIO| owns a reference - * to |next_bio|. */ - struct bio_st *next_bio; /* used by filter BIOs */ - size_t num_read, num_write; -}; - -#define BIO_C_SET_CONNECT 100 -#define BIO_C_DO_STATE_MACHINE 101 -#define BIO_C_SET_NBIO 102 -#define BIO_C_SET_PROXY_PARAM 103 -#define BIO_C_SET_FD 104 -#define BIO_C_GET_FD 105 -#define BIO_C_SET_FILE_PTR 106 -#define BIO_C_GET_FILE_PTR 107 -#define BIO_C_SET_FILENAME 108 -#define BIO_C_SET_SSL 109 -#define BIO_C_GET_SSL 110 -#define BIO_C_SET_MD 111 -#define BIO_C_GET_MD 112 -#define BIO_C_GET_CIPHER_STATUS 113 -#define BIO_C_SET_BUF_MEM 114 -#define BIO_C_GET_BUF_MEM_PTR 115 -#define BIO_C_GET_BUFF_NUM_LINES 116 -#define BIO_C_SET_BUFF_SIZE 117 -#define BIO_C_SET_ACCEPT 118 -#define BIO_C_SSL_MODE 119 -#define BIO_C_GET_MD_CTX 120 -#define BIO_C_GET_PROXY_PARAM 121 -#define BIO_C_SET_BUFF_READ_DATA 122 /* data to read first */ -#define BIO_C_GET_CONNECT 123 -#define BIO_C_GET_ACCEPT 124 -#define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125 -#define BIO_C_GET_SSL_NUM_RENEGOTIATES 126 -#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127 -#define BIO_C_FILE_SEEK 128 -#define BIO_C_GET_CIPHER_CTX 129 -#define BIO_C_SET_BUF_MEM_EOF_RETURN 130/*return end of input value*/ -#define BIO_C_SET_BIND_MODE 131 -#define BIO_C_GET_BIND_MODE 132 -#define BIO_C_FILE_TELL 133 -#define BIO_C_GET_SOCKS 134 -#define BIO_C_SET_SOCKS 135 - -#define BIO_C_SET_WRITE_BUF_SIZE 136/* for BIO_s_bio */ -#define BIO_C_GET_WRITE_BUF_SIZE 137 -#define BIO_C_GET_WRITE_GUARANTEE 140 -#define BIO_C_GET_READ_REQUEST 141 -#define BIO_C_SHUTDOWN_WR 142 -#define BIO_C_NREAD0 143 -#define BIO_C_NREAD 144 -#define BIO_C_NWRITE0 145 -#define BIO_C_NWRITE 146 -#define BIO_C_RESET_READ_REQUEST 147 -#define BIO_C_SET_MD_CTX 148 - -#define BIO_C_SET_PREFIX 149 -#define BIO_C_GET_PREFIX 150 -#define BIO_C_SET_SUFFIX 151 -#define BIO_C_GET_SUFFIX 152 - -#define BIO_C_SET_EX_ARG 153 -#define BIO_C_GET_EX_ARG 154 - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define BIO_F_BIO_callback_ctrl 100 -#define BIO_F_BIO_ctrl 101 -#define BIO_F_BIO_new 102 -#define BIO_F_BIO_new_file 103 -#define BIO_F_BIO_new_mem_buf 104 -#define BIO_F_BIO_zero_copy_get_read_buf 105 -#define BIO_F_BIO_zero_copy_get_read_buf_done 106 -#define BIO_F_BIO_zero_copy_get_write_buf 107 -#define BIO_F_BIO_zero_copy_get_write_buf_done 108 -#define BIO_F_bio_io 109 -#define BIO_F_bio_make_pair 110 -#define BIO_F_bio_write 111 -#define BIO_F_buffer_ctrl 112 -#define BIO_F_conn_ctrl 113 -#define BIO_F_conn_state 114 -#define BIO_F_file_ctrl 115 -#define BIO_F_file_read 116 -#define BIO_F_mem_write 117 -#define BIO_F_BIO_printf 118 -#define BIO_R_BAD_FOPEN_MODE 100 -#define BIO_R_BROKEN_PIPE 101 -#define BIO_R_CONNECT_ERROR 102 -#define BIO_R_ERROR_SETTING_NBIO 103 -#define BIO_R_INVALID_ARGUMENT 104 -#define BIO_R_IN_USE 105 -#define BIO_R_KEEPALIVE 106 -#define BIO_R_NBIO_CONNECT_ERROR 107 -#define BIO_R_NO_HOSTNAME_SPECIFIED 108 -#define BIO_R_NO_PORT_SPECIFIED 109 -#define BIO_R_NO_SUCH_FILE 110 -#define BIO_R_NULL_PARAMETER 111 -#define BIO_R_SYS_LIB 112 -#define BIO_R_UNABLE_TO_CREATE_SOCKET 113 -#define BIO_R_UNINITIALIZED 114 -#define BIO_R_UNSUPPORTED_METHOD 115 -#define BIO_R_WRITE_TO_READ_ONLY_BIO 116 - -#endif /* OPENSSL_HEADER_BIO_H */ diff --git a/third_party/boringssl/include/openssl/blowfish.h b/third_party/boringssl/include/openssl/blowfish.h deleted file mode 100644 index fa60d5336fcb07..00000000000000 --- a/third_party/boringssl/include/openssl/blowfish.h +++ /dev/null @@ -1,93 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_BLOWFISH_H -#define OPENSSL_HEADER_BLOWFISH_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -#define BF_ENCRYPT 1 -#define BF_DECRYPT 0 - -#define BF_ROUNDS 16 -#define BF_BLOCK 8 - -typedef struct bf_key_st { - uint32_t P[BF_ROUNDS + 2]; - uint32_t S[4 * 256]; -} BF_KEY; - -OPENSSL_EXPORT void BF_set_key(BF_KEY *key, size_t len, const uint8_t *data); -OPENSSL_EXPORT void BF_encrypt(uint32_t *data, const BF_KEY *key); -OPENSSL_EXPORT void BF_decrypt(uint32_t *data, const BF_KEY *key); - -OPENSSL_EXPORT void BF_ecb_encrypt(const uint8_t *in, uint8_t *out, - const BF_KEY *key, int enc); -OPENSSL_EXPORT void BF_cbc_encrypt(const uint8_t *in, uint8_t *out, long length, - const BF_KEY *schedule, uint8_t *ivec, - int enc); - - -#ifdef __cplusplus -} -#endif - -#endif /* OPENSSL_HEADER_BLOWFISH_H */ diff --git a/third_party/boringssl/include/openssl/bn.h b/third_party/boringssl/include/openssl/bn.h deleted file mode 100644 index ec1c8ff5c32d1f..00000000000000 --- a/third_party/boringssl/include/openssl/bn.h +++ /dev/null @@ -1,875 +0,0 @@ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the Eric Young open source - * license provided above. - * - * The binary polynomial arithmetic software is originally written by - * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems - * Laboratories. */ - -#ifndef OPENSSL_HEADER_BN_H -#define OPENSSL_HEADER_BN_H - -#include -#include - -#include /* for PRIu64 and friends */ -#include /* for FILE* */ - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* BN provides support for working with arbitary sized integers. For example, - * although the largest integer supported by the compiler might be 64 bits, BN - * will allow you to work with numbers until you run out of memory. */ - - -/* BN_ULONG is the native word size when working with big integers. - * - * Note: on some platforms, inttypes.h does not define print format macros in - * C++ unless |__STDC_FORMAT_MACROS| defined. As this is a public header, bn.h - * does not define |__STDC_FORMAT_MACROS| itself. C++ source files which use the - * FMT macros must define it externally. */ -#if defined(OPENSSL_64_BIT) -#define BN_ULONG uint64_t -#define BN_BITS2 64 -#define BN_DEC_FMT1 "%" PRIu64 -#define BN_DEC_FMT2 "%019" PRIu64 -#define BN_HEX_FMT1 "%" PRIx64 -#elif defined(OPENSSL_32_BIT) -#define BN_ULONG uint32_t -#define BN_BITS2 32 -#define BN_DEC_FMT1 "%" PRIu32 -#define BN_DEC_FMT2 "%09" PRIu32 -#define BN_HEX_FMT1 "%" PRIx32 -#else -#error "Must define either OPENSSL_32_BIT or OPENSSL_64_BIT" -#endif - - -/* Allocation and freeing. */ - -/* BN_new creates a new, allocated BIGNUM and initialises it. */ -OPENSSL_EXPORT BIGNUM *BN_new(void); - -/* BN_init initialises a stack allocated |BIGNUM|. */ -OPENSSL_EXPORT void BN_init(BIGNUM *bn); - -/* BN_free frees the data referenced by |bn| and, if |bn| was originally - * allocated on the heap, frees |bn| also. */ -OPENSSL_EXPORT void BN_free(BIGNUM *bn); - -/* BN_clear_free erases and frees the data referenced by |bn| and, if |bn| was - * originally allocated on the heap, frees |bn| also. */ -OPENSSL_EXPORT void BN_clear_free(BIGNUM *bn); - -/* BN_dup allocates a new BIGNUM and sets it equal to |src|. It returns the - * allocated BIGNUM on success or NULL otherwise. */ -OPENSSL_EXPORT BIGNUM *BN_dup(const BIGNUM *src); - -/* BN_copy sets |dest| equal to |src| and returns |dest|. */ -OPENSSL_EXPORT BIGNUM *BN_copy(BIGNUM *dest, const BIGNUM *src); - -/* BN_clear sets |bn| to zero and erases the old data. */ -OPENSSL_EXPORT void BN_clear(BIGNUM *bn); - -/* BN_value_one returns a static BIGNUM with value 1. */ -OPENSSL_EXPORT const BIGNUM *BN_value_one(void); - -/* BN_with_flags initialises a stack allocated |BIGNUM| with pointers to the - * contents of |in| but with |flags| ORed into the flags field. - * - * Note: the two BIGNUMs share state and so |out| should /not/ be passed to - * |BN_free|. */ -OPENSSL_EXPORT void BN_with_flags(BIGNUM *out, const BIGNUM *in, int flags); - - -/* Basic functions. */ - -/* BN_num_bits returns the minimum number of bits needed to represent the - * absolute value of |bn|. */ -OPENSSL_EXPORT unsigned BN_num_bits(const BIGNUM *bn); - -/* BN_num_bytes returns the minimum number of bytes needed to represent the - * absolute value of |bn|. */ -OPENSSL_EXPORT unsigned BN_num_bytes(const BIGNUM *bn); - -/* BN_zero sets |bn| to zero. */ -OPENSSL_EXPORT void BN_zero(BIGNUM *bn); - -/* BN_one sets |bn| to one. It returns one on success or zero on allocation - * failure. */ -OPENSSL_EXPORT int BN_one(BIGNUM *bn); - -/* BN_set_word sets |bn| to |value|. It returns one on success or zero on - * allocation failure. */ -OPENSSL_EXPORT int BN_set_word(BIGNUM *bn, BN_ULONG value); - -/* BN_set_negative sets the sign of |bn|. */ -OPENSSL_EXPORT void BN_set_negative(BIGNUM *bn, int sign); - -/* BN_is_negative returns one if |bn| is negative and zero otherwise. */ -OPENSSL_EXPORT int BN_is_negative(const BIGNUM *bn); - -/* BN_get_flags returns |bn->flags| & |flags|. */ -OPENSSL_EXPORT int BN_get_flags(const BIGNUM *bn, int flags); - -/* BN_set_flags sets |flags| on |bn|. */ -OPENSSL_EXPORT void BN_set_flags(BIGNUM *bn, int flags); - - -/* Conversion functions. */ - -/* BN_bin2bn sets |*ret| to the value of |len| bytes from |in|, interpreted as - * a big-endian number, and returns |ret|. If |ret| is NULL then a fresh - * |BIGNUM| is allocated and returned. It returns NULL on allocation - * failure. */ -OPENSSL_EXPORT BIGNUM *BN_bin2bn(const uint8_t *in, size_t len, BIGNUM *ret); - -/* BN_bn2bin serialises the absolute value of |in| to |out| as a big-endian - * integer, which must have |BN_num_bytes| of space available. It returns the - * number of bytes written. */ -OPENSSL_EXPORT size_t BN_bn2bin(const BIGNUM *in, uint8_t *out); - -/* BN_bn2bin_padded serialises the absolute value of |in| to |out| as a - * big-endian integer. The integer is padded with leading zeros up to size - * |len|. If |len| is smaller than |BN_num_bytes|, the function fails and - * returns 0. Otherwise, it returns 1. */ -OPENSSL_EXPORT int BN_bn2bin_padded(uint8_t *out, size_t len, const BIGNUM *in); - -/* BN_bn2hex returns an allocated string that contains a NUL-terminated, hex - * representation of |bn|. If |bn| is negative, the first char in the resulting - * string will be '-'. Returns NULL on allocation failure. */ -OPENSSL_EXPORT char *BN_bn2hex(const BIGNUM *bn); - -/* BN_hex2bn parses the leading hex number from |in|, which may be proceeded by - * a '-' to indicate a negative number and may contain trailing, non-hex data. - * If |outp| is not NULL, it constructs a BIGNUM equal to the hex number and - * stores it in |*outp|. If |*outp| is NULL then it allocates a new BIGNUM and - * updates |*outp|. It returns the number of bytes of |in| processed or zero on - * error. */ -OPENSSL_EXPORT int BN_hex2bn(BIGNUM **outp, const char *in); - -/* BN_bn2dec returns an allocated string that contains a NUL-terminated, - * decimal representation of |bn|. If |bn| is negative, the first char in the - * resulting string will be '-'. Returns NULL on allocation failure. */ -OPENSSL_EXPORT char *BN_bn2dec(const BIGNUM *a); - -/* BN_dec2bn parses the leading decimal number from |in|, which may be - * proceeded by a '-' to indicate a negative number and may contain trailing, - * non-decimal data. If |outp| is not NULL, it constructs a BIGNUM equal to the - * decimal number and stores it in |*outp|. If |*outp| is NULL then it - * allocates a new BIGNUM and updates |*outp|. It returns the number of bytes - * of |in| processed or zero on error. */ -OPENSSL_EXPORT int BN_dec2bn(BIGNUM **outp, const char *in); - -/* BN_asc2bn acts like |BN_dec2bn| or |BN_hex2bn| depending on whether |in| - * begins with "0X" or "0x" (indicating hex) or not (indicating decimal). A - * leading '-' is still permitted and comes before the optional 0X/0x. It - * returns one on success or zero on error. */ -OPENSSL_EXPORT int BN_asc2bn(BIGNUM **outp, const char *in); - -/* BN_print writes a hex encoding of |a| to |bio|. It returns one on success - * and zero on error. */ -OPENSSL_EXPORT int BN_print(BIO *bio, const BIGNUM *a); - -/* BN_print_fp acts like |BIO_print|, but wraps |fp| in a |BIO| first. */ -OPENSSL_EXPORT int BN_print_fp(FILE *fp, const BIGNUM *a); - -/* BN_get_word returns the absolute value of |bn| as a single word. If |bn| is - * too large to be represented as a single word, the maximum possible value - * will be returned. */ -OPENSSL_EXPORT BN_ULONG BN_get_word(const BIGNUM *bn); - - -/* Internal functions. - * - * These functions are useful for code that is doing low-level manipulations of - * BIGNUM values. However, be sure that no other function in this file does - * what you want before turning to these. */ - -/* bn_correct_top decrements |bn->top| until |bn->d[top-1]| is non-zero or - * until |top| is zero. */ -OPENSSL_EXPORT void bn_correct_top(BIGNUM *bn); - -/* bn_wexpand ensures that |bn| has at least |words| works of space without - * altering its value. It returns one on success or zero on allocation - * failure. */ -OPENSSL_EXPORT BIGNUM *bn_wexpand(BIGNUM *bn, unsigned words); - - -/* BIGNUM pools. - * - * Certain BIGNUM operations need to use many temporary variables and - * allocating and freeing them can be quite slow. Thus such opertions typically - * take a |BN_CTX| parameter, which contains a pool of |BIGNUMs|. The |ctx| - * argument to a public function may be NULL, in which case a local |BN_CTX| - * will be created just for the lifetime of that call. - * - * A function must call |BN_CTX_start| first. Then, |BN_CTX_get| may be called - * repeatedly to obtain temporary |BIGNUM|s. All |BN_CTX_get| calls must be made - * before calling any other functions that use the |ctx| as an argument. - * - * Finally, |BN_CTX_end| must be called before returning from the function. - * When |BN_CTX_end| is called, the |BIGNUM| pointers obtained from - * |BN_CTX_get| become invalid. */ - -/* BN_CTX_new returns a new, empty BN_CTX or NULL on allocation failure. */ -OPENSSL_EXPORT BN_CTX *BN_CTX_new(void); - -/* BN_CTX_free frees all BIGNUMs contained in |ctx| and then frees |ctx| - * itself. */ -OPENSSL_EXPORT void BN_CTX_free(BN_CTX *ctx); - -/* BN_CTX_start "pushes" a new entry onto the |ctx| stack and allows future - * calls to |BN_CTX_get|. */ -OPENSSL_EXPORT void BN_CTX_start(BN_CTX *ctx); - -/* BN_CTX_get returns a new |BIGNUM|, or NULL on allocation failure. Once - * |BN_CTX_get| has returned NULL, all future calls will also return NULL until - * |BN_CTX_end| is called. */ -OPENSSL_EXPORT BIGNUM *BN_CTX_get(BN_CTX *ctx); - -/* BN_CTX_end invalidates all |BIGNUM|s returned from |BN_CTX_get| since the - * matching |BN_CTX_start| call. */ -OPENSSL_EXPORT void BN_CTX_end(BN_CTX *ctx); - - -/* Simple arithmetic */ - -/* BN_add sets |r| = |a| + |b|, where |r| may be the same pointer as either |a| - * or |b|. It returns one on success and zero on allocation failure. */ -OPENSSL_EXPORT int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); - -/* BN_uadd sets |r| = |a| + |b|, where |a| and |b| are non-negative and |r| may - * be the same pointer as either |a| or |b|. It returns one on success and zero - * on allocation failure. */ -OPENSSL_EXPORT int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); - -/* BN_add_word adds |w| to |a|. It returns one on success and zero otherwise. */ -OPENSSL_EXPORT int BN_add_word(BIGNUM *a, BN_ULONG w); - -/* BN_sub sets |r| = |a| - |b|, where |r| must be a distinct pointer from |a| - * and |b|. It returns one on success and zero on allocation failure. */ -OPENSSL_EXPORT int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); - -/* BN_usub sets |r| = |a| - |b|, where |a| and |b| are non-negative integers, - * |b| < |a| and |r| must be a distinct pointer from |a| and |b|. It returns - * one on success and zero on allocation failure. */ -OPENSSL_EXPORT int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); - -/* BN_sub_word subtracts |w| from |a|. It returns one on success and zero on - * allocation failure. */ -OPENSSL_EXPORT int BN_sub_word(BIGNUM *a, BN_ULONG w); - -/* BN_mul sets |r| = |a| * |b|, where |r| may be the same pointer as |a| or - * |b|. Returns one on success and zero otherwise. */ -OPENSSL_EXPORT int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - BN_CTX *ctx); - -/* BN_mul_word sets |bn| = |bn| * |w|. It returns one on success or zero on - * allocation failure. */ -OPENSSL_EXPORT int BN_mul_word(BIGNUM *bn, BN_ULONG w); - -/* BN_sqr sets |r| = |a|^2 (i.e. squares), where |r| may be the same pointer as - * |a|. Returns one on success and zero otherwise. This is more efficient than - * BN_mul(r, a, a, ctx). */ -OPENSSL_EXPORT int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx); - -/* BN_div divides |numerator| by |divisor| and places the result in |quotient| - * and the remainder in |rem|. Either of |quotient| or |rem| may be NULL, in - * which case the respective value is not returned. The result is rounded - * towards zero; thus if |numerator| is negative, the remainder will be zero or - * negative. It returns one on success or zero on error. */ -OPENSSL_EXPORT int BN_div(BIGNUM *quotient, BIGNUM *rem, - const BIGNUM *numerator, const BIGNUM *divisor, - BN_CTX *ctx); - -/* BN_div_word sets |numerator| = |numerator|/|divisor| and returns the - * remainder or (BN_ULONG)-1 on error. */ -OPENSSL_EXPORT BN_ULONG BN_div_word(BIGNUM *numerator, BN_ULONG divisor); - -/* BN_sqrt sets |*out_sqrt| (which may be the same |BIGNUM| as |in|) to the - * square root of |in|, using |ctx|. It returns one on success or zero on - * error. Negative numbers and non-square numbers will result in an error with - * appropriate errors on the error queue. */ -OPENSSL_EXPORT int BN_sqrt(BIGNUM *out_sqrt, const BIGNUM *in, BN_CTX *ctx); - - -/* Comparison functions */ - -/* BN_cmp returns a value less than, equal to or greater than zero if |a| is - * less than, equal to or greater than |b|, respectively. */ -OPENSSL_EXPORT int BN_cmp(const BIGNUM *a, const BIGNUM *b); - -/* BN_ucmp returns a value less than, equal to or greater than zero if the - * absolute value of |a| is less than, equal to or greater than the absolute - * value of |b|, respectively. */ -OPENSSL_EXPORT int BN_ucmp(const BIGNUM *a, const BIGNUM *b); - -/* BN_abs_is_word returns one if the absolute value of |bn| equals |w| and zero - * otherwise. */ -OPENSSL_EXPORT int BN_abs_is_word(const BIGNUM *bn, BN_ULONG w); - -/* BN_is_zero returns one if |bn| is zero and zero otherwise. */ -OPENSSL_EXPORT int BN_is_zero(const BIGNUM *bn); - -/* BN_is_one returns one if |bn| equals one and zero otherwise. */ -OPENSSL_EXPORT int BN_is_one(const BIGNUM *bn); - -/* BN_is_word returns one if |bn| is exactly |w| and zero otherwise. */ -OPENSSL_EXPORT int BN_is_word(const BIGNUM *bn, BN_ULONG w); - -/* BN_is_odd returns one if |bn| is odd and zero otherwise. */ -OPENSSL_EXPORT int BN_is_odd(const BIGNUM *bn); - - -/* Bitwise operations. */ - -/* BN_lshift sets |r| equal to |a| << n. The |a| and |r| arguments may be the - * same |BIGNUM|. It returns one on success and zero on allocation failure. */ -OPENSSL_EXPORT int BN_lshift(BIGNUM *r, const BIGNUM *a, int n); - -/* BN_lshift1 sets |r| equal to |a| << 1, where |r| and |a| may be the same - * pointer. It returns one on success and zero on allocation failure. */ -OPENSSL_EXPORT int BN_lshift1(BIGNUM *r, const BIGNUM *a); - -/* BN_rshift sets |r| equal to |a| >> n, where |r| and |a| may be the same - * pointer. It returns one on success and zero on allocation failure. */ -OPENSSL_EXPORT int BN_rshift(BIGNUM *r, const BIGNUM *a, int n); - -/* BN_rshift1 sets |r| equal to |a| >> 1, where |r| and |a| may be the same - * pointer. It returns one on success and zero on allocation failure. */ -OPENSSL_EXPORT int BN_rshift1(BIGNUM *r, const BIGNUM *a); - -/* BN_set_bit sets the |n|th, least-significant bit in |a|. For example, if |a| - * is 2 then setting bit zero will make it 3. It returns one on success or zero - * on allocation failure. */ -OPENSSL_EXPORT int BN_set_bit(BIGNUM *a, int n); - -/* BN_clear_bit clears the |n|th, least-significant bit in |a|. For example, if - * |a| is 3, clearing bit zero will make it two. It returns one on success or - * zero on allocation failure. */ -OPENSSL_EXPORT int BN_clear_bit(BIGNUM *a, int n); - -/* BN_is_bit_set returns the value of the |n|th, least-significant bit in |a|, - * or zero if the bit doesn't exist. */ -OPENSSL_EXPORT int BN_is_bit_set(const BIGNUM *a, int n); - -/* BN_mask_bits truncates |a| so that it is only |n| bits long. It returns one - * on success or zero if |n| is greater than the length of |a| already. */ -OPENSSL_EXPORT int BN_mask_bits(BIGNUM *a, int n); - - -/* Modulo arithmetic. */ - -/* BN_mod_word returns |a| mod |w|. */ -OPENSSL_EXPORT BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w); - -/* BN_mod is a helper macro that calls |BN_div| and discards the quotient. */ -#define BN_mod(rem, numerator, divisor, ctx) \ - BN_div(NULL, (rem), (numerator), (divisor), (ctx)) - -/* BN_nnmod is a non-negative modulo function. It acts like |BN_mod|, but 0 <= - * |rem| < |divisor| is always true. It returns one on success and zero on - * error. */ -OPENSSL_EXPORT int BN_nnmod(BIGNUM *rem, const BIGNUM *numerator, - const BIGNUM *divisor, BN_CTX *ctx); - -/* BN_mod_add sets |r| = |a| + |b| mod |m|. It returns one on success and zero - * on error. */ -OPENSSL_EXPORT int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const BIGNUM *m, BN_CTX *ctx); - -/* BN_mod_add_quick acts like |BN_mod_add| but requires that |a| and |b| be - * non-negative and less than |m|. */ -OPENSSL_EXPORT int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const BIGNUM *m); - -/* BN_mod_sub sets |r| = |a| - |b| mod |m|. It returns one on success and zero - * on error. */ -OPENSSL_EXPORT int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const BIGNUM *m, BN_CTX *ctx); - -/* BN_mod_sub_quick acts like |BN_mod_sub| but requires that |a| and |b| be - * non-negative and less than |m|. */ -OPENSSL_EXPORT int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const BIGNUM *m); - -/* BN_mod_mul sets |r| = |a|*|b| mod |m|. It returns one on success and zero - * on error. */ -OPENSSL_EXPORT int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const BIGNUM *m, BN_CTX *ctx); - -/* BN_mod_mul sets |r| = |a|^2 mod |m|. It returns one on success and zero - * on error. */ -OPENSSL_EXPORT int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, - BN_CTX *ctx); - -/* BN_mod_lshift sets |r| = (|a| << n) mod |m|, where |r| and |a| may be the - * same pointer. It returns one on success and zero on error. */ -OPENSSL_EXPORT int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, - const BIGNUM *m, BN_CTX *ctx); - -/* BN_mod_lshift_quick acts like |BN_mod_lshift| but requires that |a| be - * non-negative and less than |m|. */ -OPENSSL_EXPORT int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, - const BIGNUM *m); - -/* BN_mod_lshift1 sets |r| = (|a| << 1) mod |m|, where |r| and |a| may be the - * same pointer. It returns one on success and zero on error. */ -OPENSSL_EXPORT int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, - BN_CTX *ctx); - -/* BN_mod_lshift1_quick acts like |BN_mod_lshift1| but requires that |a| be - * non-negative and less than |m|. */ -OPENSSL_EXPORT int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, - const BIGNUM *m); - -/* BN_mod_sqrt returns a |BIGNUM|, r, such that r^2 == a (mod p). */ -OPENSSL_EXPORT BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, - BN_CTX *ctx); - - -/* Random and prime number generation. */ - -/* BN_rand sets |rnd| to a random number of length |bits|. If |top| is zero, the - * most-significant bit, if any, will be set. If |top| is one, the two most - * significant bits, if any, will be set. - * - * If |top| is -1 then no extra action will be taken and |BN_num_bits(rnd)| may - * not equal |bits| if the most significant bits randomly ended up as zeros. - * - * If |bottom| is non-zero, the least-significant bit, if any, will be set. The - * function returns one on success or zero otherwise. */ -OPENSSL_EXPORT int BN_rand(BIGNUM *rnd, int bits, int top, int bottom); - -/* BN_pseudo_rand is an alias for |BN_rand|. */ -OPENSSL_EXPORT int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom); - -/* BN_rand_range sets |rnd| to a random value [0..range). It returns one on - * success and zero otherwise. */ -OPENSSL_EXPORT int BN_rand_range(BIGNUM *rnd, const BIGNUM *range); - -/* BN_pseudo_rand_range is an alias for BN_rand_range. */ -OPENSSL_EXPORT int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range); - -/* BN_generate_dsa_nonce generates a random number 0 <= out < range. Unlike - * BN_rand_range, it also includes the contents of |priv| and |message| in the - * generation so that an RNG failure isn't fatal as long as |priv| remains - * secret. This is intended for use in DSA and ECDSA where an RNG weakness - * leads directly to private key exposure unless this function is used. - * It returns one on success and zero on error. */ -OPENSSL_EXPORT int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, - const BIGNUM *priv, - const uint8_t *message, - size_t message_len, BN_CTX *ctx); - -/* BN_GENCB holds a callback function that is used by generation functions that - * can take a very long time to complete. Use |BN_GENCB_set| to initialise a - * |BN_GENCB| structure. - * - * The callback receives the address of that |BN_GENCB| structure as its last - * argument and the user is free to put an arbitary pointer in |arg|. The other - * arguments are set as follows: - * event=BN_GENCB_GENERATED, n=i: after generating the i'th possible prime - * number. - * event=BN_GENCB_PRIME_TEST, n=-1: when finished trial division primality - * checks. - * event=BN_GENCB_PRIME_TEST, n=i: when the i'th primality test has finished. - * - * The callback can return zero to abort the generation progress or one to - * allow it to continue. - * - * When other code needs to call a BN generation function it will often take a - * BN_GENCB argument and may call the function with other argument values. */ -#define BN_GENCB_GENERATED 0 -#define BN_GENCB_PRIME_TEST 1 - -struct bn_gencb_st { - void *arg; /* callback-specific data */ - int (*callback)(int event, int n, struct bn_gencb_st *); -}; - -/* BN_GENCB_set configures |callback| to call |f| and sets |callout->arg| to - * |arg|. */ -OPENSSL_EXPORT void BN_GENCB_set(BN_GENCB *callback, - int (*f)(int event, int n, - struct bn_gencb_st *), - void *arg); - -/* BN_GENCB_call calls |callback|, if not NULL, and returns the return value of - * the callback, or 1 if |callback| is NULL. */ -OPENSSL_EXPORT int BN_GENCB_call(BN_GENCB *callback, int event, int n); - -/* BN_generate_prime_ex sets |ret| to a prime number of |bits| length. If safe - * is non-zero then the prime will be such that (ret-1)/2 is also a prime. - * (This is needed for Diffie-Hellman groups to ensure that the only subgroups - * are of size 2 and (p-1)/2.). - * - * If |add| is not NULL, the prime will fulfill the condition |ret| % |add| == - * |rem| in order to suit a given generator. (If |rem| is NULL then |ret| % - * |add| == 1.) - * - * If |cb| is not NULL, it will be called during processing to give an - * indication of progress. See the comments for |BN_GENCB|. It returns one on - * success and zero otherwise. */ -OPENSSL_EXPORT int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, - const BIGNUM *add, const BIGNUM *rem, - BN_GENCB *cb); - -/* BN_prime_checks is magic value that can be used as the |checks| argument to - * the primality testing functions in order to automatically select a number of - * Miller-Rabin checks that gives a false positive rate of ~2^{-80}. */ -#define BN_prime_checks 0 - -/* BN_primality_test sets |*is_probably_prime| to one if |candidate| is - * probably a prime number by the Miller-Rabin test or zero if it's certainly - * not. - * - * If |do_trial_division| is non-zero then |candidate| will be tested against a - * list of small primes before Miller-Rabin tests. The probability of this - * function returning a false positive is 2^{2*checks}. If |checks| is - * |BN_prime_checks| then a value that results in approximately 2^{-80} false - * positive probability is used. If |cb| is not NULL then it is called during - * the checking process. See the comment above |BN_GENCB|. - * - * The function returns one on success and zero on error. - * - * (If you are unsure whether you want |do_trial_division|, don't set it.) */ -OPENSSL_EXPORT int BN_primality_test(int *is_probably_prime, - const BIGNUM *candidate, int checks, - BN_CTX *ctx, int do_trial_division, - BN_GENCB *cb); - -/* BN_is_prime_fasttest_ex returns one if |candidate| is probably a prime - * number by the Miller-Rabin test, zero if it's certainly not and -1 on error. - * - * If |do_trial_division| is non-zero then |candidate| will be tested against a - * list of small primes before Miller-Rabin tests. The probability of this - * function returning one when |candidate| is composite is 2^{2*checks}. If - * |checks| is |BN_prime_checks| then a value that results in approximately - * 2^{-80} false positive probability is used. If |cb| is not NULL then it is - * called during the checking process. See the comment above |BN_GENCB|. - * - * WARNING: deprecated. Use |BN_primality_test|. */ -OPENSSL_EXPORT int BN_is_prime_fasttest_ex(const BIGNUM *candidate, int checks, - BN_CTX *ctx, int do_trial_division, - BN_GENCB *cb); - -/* BN_is_prime_ex acts the same as |BN_is_prime_fasttest_ex| with - * |do_trial_division| set to zero. - * - * WARNING: deprecated: Use |BN_primality_test|. */ -OPENSSL_EXPORT int BN_is_prime_ex(const BIGNUM *candidate, int checks, - BN_CTX *ctx, BN_GENCB *cb); - - -/* Number theory functions */ - -/* BN_gcd sets |r| = gcd(|a|, |b|). It returns one on success and zero - * otherwise. */ -OPENSSL_EXPORT int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - BN_CTX *ctx); - -/* BN_mod_inverse sets |out| equal to |a|^-1, mod |n|. If either of |a| or |n| - * have |BN_FLG_CONSTTIME| set then the operation is performed in constant - * time. If |out| is NULL, a fresh BIGNUM is allocated. It returns the result - * or NULL on error. */ -OPENSSL_EXPORT BIGNUM *BN_mod_inverse(BIGNUM *out, const BIGNUM *a, - const BIGNUM *n, BN_CTX *ctx); - -/* BN_kronecker returns the Kronecker symbol of |a| and |b| (which is -1, 0 or - * 1), or -2 on error. */ -OPENSSL_EXPORT int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); - - -/* Montgomery arithmetic. */ - -/* BN_MONT_CTX contains the precomputed values needed to work in a specific - * Montgomery domain. */ - -/* BN_MONT_CTX_new returns a fresh BN_MONT_CTX or NULL on allocation failure. */ -OPENSSL_EXPORT BN_MONT_CTX *BN_MONT_CTX_new(void); - -/* BN_MONT_CTX_init initialises a stack allocated |BN_MONT_CTX|. */ -OPENSSL_EXPORT void BN_MONT_CTX_init(BN_MONT_CTX *mont); - -/* BN_MONT_CTX_free frees the contexts of |mont| and, if it was originally - * allocated with |BN_MONT_CTX_new|, |mont| itself. */ -OPENSSL_EXPORT void BN_MONT_CTX_free(BN_MONT_CTX *mont); - -/* BN_MONT_CTX_copy sets |to| equal to |from|. It returns |to| on success or - * NULL on error. */ -OPENSSL_EXPORT BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, - BN_MONT_CTX *from); - -/* BN_MONT_CTX_set sets up a Montgomery context given the modulus, |mod|. It - * returns one on success and zero on error. */ -OPENSSL_EXPORT int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, - BN_CTX *ctx); - -/* BN_MONT_CTX_set_locked takes |lock| and checks whether |*pmont| is NULL. If - * so, it creates a new |BN_MONT_CTX| and sets the modulus for it to |mod|. It - * then stores it as |*pmont| and returns it, or NULL on error. - * - * If |*pmont| is already non-NULL then the existing value is returned. */ -BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, CRYPTO_MUTEX *lock, - const BIGNUM *mod, BN_CTX *bn_ctx); - -/* BN_to_montgomery sets |ret| equal to |a| in the Montgomery domain. It - * returns one on success and zero on error. */ -OPENSSL_EXPORT int BN_to_montgomery(BIGNUM *ret, const BIGNUM *a, - const BN_MONT_CTX *mont, BN_CTX *ctx); - -/* BN_from_montgomery sets |ret| equal to |a| * R^-1, i.e. translates values - * out of the Montgomery domain. It returns one on success or zero on error. */ -OPENSSL_EXPORT int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, - const BN_MONT_CTX *mont, BN_CTX *ctx); - -/* BN_mod_mul_montgomery set |r| equal to |a| * |b|, in the Montgomery domain. - * Both |a| and |b| must already be in the Montgomery domain (by - * |BN_to_montgomery|). It returns one on success or zero on error. */ -OPENSSL_EXPORT int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, - const BIGNUM *b, - const BN_MONT_CTX *mont, BN_CTX *ctx); - - -/* Exponentiation. */ - -/* BN_exp sets |r| equal to |a|^{|p|}. It does so with a square-and-multiply - * algorithm that leaks side-channel information. It returns one on success or - * zero otherwise. */ -OPENSSL_EXPORT int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - BN_CTX *ctx); - -/* BN_mod_exp sets |r| equal to |a|^{|p|} mod |m|. It does so with the best - * algorithm for the values provided and can run in constant time if - * |BN_FLG_CONSTTIME| is set for |p|. It returns one on success or zero - * otherwise. */ -OPENSSL_EXPORT int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - -OPENSSL_EXPORT int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); - -OPENSSL_EXPORT int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont); - -OPENSSL_EXPORT int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -OPENSSL_EXPORT int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, - const BIGNUM *p1, const BIGNUM *a2, - const BIGNUM *p2, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *m_ctx); - - -/* Private functions */ - -struct bignum_st { - BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks in little-endian - order. */ - int top; /* Index of last used element in |d|, plus one. */ - int dmax; /* Size of |d|, in words. */ - int neg; /* one if the number is negative */ - int flags; /* bitmask of BN_FLG_* values */ -}; - -struct bn_mont_ctx_st { - BIGNUM RR; /* used to convert to montgomery form */ - BIGNUM N; /* The modulus */ - BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 - * (Ni is only stored for bignum algorithm) */ - BN_ULONG n0[2]; /* least significant word(s) of Ni; - (type changed with 0.9.9, was "BN_ULONG n0;" before) */ - int flags; - int ri; /* number of bits in R */ -}; - -OPENSSL_EXPORT unsigned BN_num_bits_word(BN_ULONG l); - -#define BN_FLG_MALLOCED 0x01 -#define BN_FLG_STATIC_DATA 0x02 -/* avoid leaking exponent information through timing, BN_mod_exp_mont() will - * call BN_mod_exp_mont_consttime, BN_div() will call BN_div_no_branch, - * BN_mod_inverse() will call BN_mod_inverse_no_branch. */ -#define BN_FLG_CONSTTIME 0x04 - - -/* Android compatibility section. - * - * These functions are declared, temporarily, for Android because - * wpa_supplicant will take a little time to sync with upstream. Outside of - * Android they'll have no definition. */ - -OPENSSL_EXPORT BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define BN_F_BN_CTX_get 100 -#define BN_F_BN_CTX_new 101 -#define BN_F_BN_CTX_start 102 -#define BN_F_BN_bn2dec 103 -#define BN_F_BN_bn2hex 104 -#define BN_F_BN_div 105 -#define BN_F_BN_div_recp 106 -#define BN_F_BN_exp 107 -#define BN_F_BN_generate_dsa_nonce 108 -#define BN_F_BN_generate_prime_ex 109 -#define BN_F_BN_mod_exp2_mont 110 -#define BN_F_BN_mod_exp_mont 111 -#define BN_F_BN_mod_exp_mont_consttime 112 -#define BN_F_BN_mod_exp_mont_word 113 -#define BN_F_BN_mod_inverse 114 -#define BN_F_BN_mod_inverse_no_branch 115 -#define BN_F_BN_mod_lshift_quick 116 -#define BN_F_BN_mod_sqrt 117 -#define BN_F_BN_new 118 -#define BN_F_BN_rand 119 -#define BN_F_BN_rand_range 120 -#define BN_F_BN_sqrt 121 -#define BN_F_BN_usub 122 -#define BN_F_bn_wexpand 123 -#define BN_F_mod_exp_recp 124 -#define BN_F_BN_lshift 125 -#define BN_F_BN_rshift 126 -#define BN_R_ARG2_LT_ARG3 100 -#define BN_R_BAD_RECIPROCAL 101 -#define BN_R_BIGNUM_TOO_LONG 102 -#define BN_R_BITS_TOO_SMALL 103 -#define BN_R_CALLED_WITH_EVEN_MODULUS 104 -#define BN_R_DIV_BY_ZERO 105 -#define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 106 -#define BN_R_INPUT_NOT_REDUCED 107 -#define BN_R_INVALID_RANGE 108 -#define BN_R_NEGATIVE_NUMBER 109 -#define BN_R_NOT_A_SQUARE 110 -#define BN_R_NOT_INITIALIZED 111 -#define BN_R_NO_INVERSE 112 -#define BN_R_PRIVATE_KEY_TOO_LARGE 113 -#define BN_R_P_IS_NOT_PRIME 114 -#define BN_R_TOO_MANY_ITERATIONS 115 -#define BN_R_TOO_MANY_TEMPORARY_VARIABLES 116 - -#endif /* OPENSSL_HEADER_BN_H */ diff --git a/third_party/boringssl/include/openssl/buf.h b/third_party/boringssl/include/openssl/buf.h deleted file mode 100644 index 2b36ce40585c33..00000000000000 --- a/third_party/boringssl/include/openssl/buf.h +++ /dev/null @@ -1,123 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_BUFFER_H -#define OPENSSL_HEADER_BUFFER_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* Memory and string functions, see also mem.h. */ - - -/* BUF_MEM is a generic buffer object used by OpenSSL. */ -struct buf_mem_st { - size_t length; /* current number of bytes */ - char *data; - size_t max; /* size of buffer */ -}; - -/* BUF_MEM_new creates a new BUF_MEM which has no allocated data buffer. */ -OPENSSL_EXPORT BUF_MEM *BUF_MEM_new(void); - -/* BUF_MEM_free frees |buf->data| if needed and then frees |buf| itself. */ -OPENSSL_EXPORT void BUF_MEM_free(BUF_MEM *buf); - -/* BUF_MEM_grow ensures that |buf| has length |len| and allocates memory if - * needed. If the length of |buf| increased, the new bytes are filled with - * zeros. It returns the length of |buf|, or zero if there's an error. */ -OPENSSL_EXPORT size_t BUF_MEM_grow(BUF_MEM *buf, size_t len); - -/* BUF_MEM_grow_clean acts the same as |BUF_MEM_grow|, but clears the previous - * contents of memory if reallocing. */ -OPENSSL_EXPORT size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len); - -/* BUF_strdup returns an allocated, duplicate of |str|. */ -OPENSSL_EXPORT char *BUF_strdup(const char *str); - -/* BUF_strnlen returns the number of characters in |str|, excluding the NUL - * byte, but at most |max_len|. This function never reads more than |max_len| - * bytes from |str|. */ -OPENSSL_EXPORT size_t BUF_strnlen(const char *str, size_t max_len); - -/* BUF_strndup returns an allocated, duplicate of |str|, which is, at most, - * |size| bytes. The result is always NUL terminated. */ -OPENSSL_EXPORT char *BUF_strndup(const char *str, size_t size); - -/* BUF_memdup returns an allocated, duplicate of |size| bytes from |data|. */ -OPENSSL_EXPORT void *BUF_memdup(const void *data, size_t size); - -/* BUF_strlcpy acts like strlcpy(3). */ -OPENSSL_EXPORT size_t BUF_strlcpy(char *dst, const char *src, size_t dst_size); - -/* BUF_strlcat acts like strlcat(3). */ -OPENSSL_EXPORT size_t BUF_strlcat(char *dst, const char *src, size_t size); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define BUF_F_BUF_MEM_new 100 -#define BUF_F_BUF_memdup 101 -#define BUF_F_BUF_strndup 102 -#define BUF_F_buf_mem_grow 103 - -#endif /* OPENSSL_HEADER_BUFFER_H */ diff --git a/third_party/boringssl/include/openssl/buffer.h b/third_party/boringssl/include/openssl/buffer.h deleted file mode 100644 index c6b721c277b4a9..00000000000000 --- a/third_party/boringssl/include/openssl/buffer.h +++ /dev/null @@ -1,18 +0,0 @@ -/* Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -/* This header is provided in order to make compiling against code that expects - OpenSSL easier. */ - -#include "buf.h" diff --git a/third_party/boringssl/include/openssl/bytestring.h b/third_party/boringssl/include/openssl/bytestring.h deleted file mode 100644 index 9963426ca3f1db..00000000000000 --- a/third_party/boringssl/include/openssl/bytestring.h +++ /dev/null @@ -1,325 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#ifndef OPENSSL_HEADER_BYTESTRING_H -#define OPENSSL_HEADER_BYTESTRING_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* Bytestrings are used for parsing and building TLS and ASN.1 messages. - * - * A "CBS" (CRYPTO ByteString) represents a string of bytes in memory and - * provides utility functions for safely parsing length-prefixed structures - * like TLS and ASN.1 from it. - * - * A "CBB" (CRYPTO ByteBuilder) is a memory buffer that grows as needed and - * provides utility functions for building length-prefixed messages. */ - - -/* CRYPTO ByteString */ - -struct cbs_st { - const uint8_t *data; - size_t len; -}; - -/* CBS_init sets |cbs| to point to |data|. It does not take ownership of - * |data|. */ -OPENSSL_EXPORT void CBS_init(CBS *cbs, const uint8_t *data, size_t len); - -/* CBS_skip advances |cbs| by |len| bytes. It returns one on success and zero - * otherwise. */ -OPENSSL_EXPORT int CBS_skip(CBS *cbs, size_t len); - -/* CBS_data returns a pointer to the contents of |cbs|. */ -OPENSSL_EXPORT const uint8_t *CBS_data(const CBS *cbs); - -/* CBS_len returns the number of bytes remaining in |cbs|. */ -OPENSSL_EXPORT size_t CBS_len(const CBS *cbs); - -/* CBS_stow copies the current contents of |cbs| into |*out_ptr| and - * |*out_len|. If |*out_ptr| is not NULL, the contents are freed with - * OPENSSL_free. It returns one on success and zero on allocation failure. On - * success, |*out_ptr| should be freed with OPENSSL_free. If |cbs| is empty, - * |*out_ptr| will be NULL. */ -OPENSSL_EXPORT int CBS_stow(const CBS *cbs, uint8_t **out_ptr, size_t *out_len); - -/* CBS_strdup copies the current contents of |cbs| into |*out_ptr| as a - * NUL-terminated C string. If |*out_ptr| is not NULL, the contents are freed - * with OPENSSL_free. It returns one on success and zero on allocation - * failure. On success, |*out_ptr| should be freed with OPENSSL_free. - * - * NOTE: If |cbs| contains NUL bytes, the string will be truncated. Call - * |CBS_contains_zero_byte(cbs)| to check for NUL bytes. */ -OPENSSL_EXPORT int CBS_strdup(const CBS *cbs, char **out_ptr); - -/* CBS_contains_zero_byte returns one if the current contents of |cbs| contains - * a NUL byte and zero otherwise. */ -OPENSSL_EXPORT int CBS_contains_zero_byte(const CBS *cbs); - -/* CBS_mem_equal compares the current contents of |cbs| with the |len| bytes - * starting at |data|. If they're equal, it returns one, otherwise zero. If the - * lengths match, it uses a constant-time comparison. */ -OPENSSL_EXPORT int CBS_mem_equal(const CBS *cbs, const uint8_t *data, - size_t len); - -/* CBS_get_u8 sets |*out| to the next uint8_t from |cbs| and advances |cbs|. It - * returns one on success and zero on error. */ -OPENSSL_EXPORT int CBS_get_u8(CBS *cbs, uint8_t *out); - -/* CBS_get_u16 sets |*out| to the next, big-endian uint16_t from |cbs| and - * advances |cbs|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int CBS_get_u16(CBS *cbs, uint16_t *out); - -/* CBS_get_u24 sets |*out| to the next, big-endian 24-bit value from |cbs| and - * advances |cbs|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int CBS_get_u24(CBS *cbs, uint32_t *out); - -/* CBS_get_u32 sets |*out| to the next, big-endian uint32_t value from |cbs| - * and advances |cbs|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int CBS_get_u32(CBS *cbs, uint32_t *out); - -/* CBS_get_bytes sets |*out| to the next |len| bytes from |cbs| and advances - * |cbs|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int CBS_get_bytes(CBS *cbs, CBS *out, size_t len); - -/* CBS_get_u8_length_prefixed sets |*out| to the contents of an 8-bit, - * length-prefixed value from |cbs| and advances |cbs| over it. It returns one - * on success and zero on error. */ -OPENSSL_EXPORT int CBS_get_u8_length_prefixed(CBS *cbs, CBS *out); - -/* CBS_get_u16_length_prefixed sets |*out| to the contents of a 16-bit, - * big-endian, length-prefixed value from |cbs| and advances |cbs| over it. It - * returns one on success and zero on error. */ -OPENSSL_EXPORT int CBS_get_u16_length_prefixed(CBS *cbs, CBS *out); - -/* CBS_get_u24_length_prefixed sets |*out| to the contents of a 24-bit, - * big-endian, length-prefixed value from |cbs| and advances |cbs| over it. It - * returns one on success and zero on error. */ -OPENSSL_EXPORT int CBS_get_u24_length_prefixed(CBS *cbs, CBS *out); - - -/* Parsing ASN.1 */ - -#define CBS_ASN1_BOOLEAN 0x1 -#define CBS_ASN1_INTEGER 0x2 -#define CBS_ASN1_BITSTRING 0x3 -#define CBS_ASN1_OCTETSTRING 0x4 -#define CBS_ASN1_OBJECT 0x6 -#define CBS_ASN1_ENUMERATED 0xa -#define CBS_ASN1_SEQUENCE (0x10 | CBS_ASN1_CONSTRUCTED) -#define CBS_ASN1_SET (0x11 | CBS_ASN1_CONSTRUCTED) - -#define CBS_ASN1_CONSTRUCTED 0x20 -#define CBS_ASN1_CONTEXT_SPECIFIC 0x80 - -/* CBS_get_asn1 sets |*out| to the contents of DER-encoded, ASN.1 element (not - * including tag and length bytes) and advances |cbs| over it. The ASN.1 - * element must match |tag_value|. It returns one on success and zero - * on error. - * - * Tag numbers greater than 30 are not supported (i.e. short form only). */ -OPENSSL_EXPORT int CBS_get_asn1(CBS *cbs, CBS *out, unsigned tag_value); - -/* CBS_get_asn1_element acts like |CBS_get_asn1| but |out| will include the - * ASN.1 header bytes too. */ -OPENSSL_EXPORT int CBS_get_asn1_element(CBS *cbs, CBS *out, unsigned tag_value); - -/* CBS_peek_asn1_tag looks ahead at the next ASN.1 tag and returns one - * if the next ASN.1 element on |cbs| would have tag |tag_value|. If - * |cbs| is empty or the tag does not match, it returns zero. Note: if - * it returns one, CBS_get_asn1 may still fail if the rest of the - * element is malformed. */ -OPENSSL_EXPORT int CBS_peek_asn1_tag(const CBS *cbs, unsigned tag_value); - -/* CBS_get_any_asn1_element sets |*out| to contain the next ASN.1 element from - * |*cbs| (including header bytes) and advances |*cbs|. It sets |*out_tag| to - * the tag number and |*out_header_len| to the length of the ASN.1 header. Each - * of |out|, |out_tag|, and |out_header_len| may be NULL to ignore the value. - * - * Tag numbers greater than 30 are not supported (i.e. short form only). */ -OPENSSL_EXPORT int CBS_get_any_asn1_element(CBS *cbs, CBS *out, - unsigned *out_tag, - size_t *out_header_len); - -/* CBS_get_asn1_uint64 gets an ASN.1 INTEGER from |cbs| using |CBS_get_asn1| - * and sets |*out| to its value. It returns one on success and zero on error, - * where error includes the integer being negative, or too large to represent - * in 64 bits. */ -OPENSSL_EXPORT int CBS_get_asn1_uint64(CBS *cbs, uint64_t *out); - -/* CBS_get_optional_asn1 gets an optional explicitly-tagged element - * from |cbs| tagged with |tag| and sets |*out| to its contents. If - * present, it sets |*out_present| to one, otherwise zero. It returns - * one on success, whether or not the element was present, and zero on - * decode failure. */ -OPENSSL_EXPORT int CBS_get_optional_asn1(CBS *cbs, CBS *out, int *out_present, - unsigned tag); - -/* CBS_get_optional_asn1_octet_string gets an optional - * explicitly-tagged OCTET STRING from |cbs|. If present, it sets - * |*out| to the string and |*out_present| to one. Otherwise, it sets - * |*out| to empty and |*out_present| to zero. |out_present| may be - * NULL. It returns one on success, whether or not the element was - * present, and zero on decode failure. */ -OPENSSL_EXPORT int CBS_get_optional_asn1_octet_string(CBS *cbs, CBS *out, - int *out_present, - unsigned tag); - -/* CBS_get_optional_asn1_uint64 gets an optional explicitly-tagged - * INTEGER from |cbs|. If present, it sets |*out| to the - * value. Otherwise, it sets |*out| to |default_value|. It returns one - * on success, whether or not the element was present, and zero on - * decode failure. */ -OPENSSL_EXPORT int CBS_get_optional_asn1_uint64(CBS *cbs, uint64_t *out, - unsigned tag, - uint64_t default_value); - -/* CBS_get_optional_asn1_bool gets an optional, explicitly-tagged BOOLEAN from - * |cbs|. If present, it sets |*out| to either zero or one, based on the - * boolean. Otherwise, it sets |*out| to |default_value|. It returns one on - * success, whether or not the element was present, and zero on decode - * failure. */ -OPENSSL_EXPORT int CBS_get_optional_asn1_bool(CBS *cbs, int *out, unsigned tag, - int default_value); - - -/* CRYPTO ByteBuilder. - * - * |CBB| objects allow one to build length-prefixed serialisations. A |CBB| - * object is associated with a buffer and new buffers are created with - * |CBB_init|. Several |CBB| objects can point at the same buffer when a - * length-prefix is pending, however only a single |CBB| can be 'current' at - * any one time. For example, if one calls |CBB_add_u8_length_prefixed| then - * the new |CBB| points at the same buffer as the original. But if the original - * |CBB| is used then the length prefix is written out and the new |CBB| must - * not be used again. - * - * If one needs to force a length prefix to be written out because a |CBB| is - * going out of scope, use |CBB_flush|. */ - -struct cbb_buffer_st { - uint8_t *buf; - size_t len; /* The number of valid bytes. */ - size_t cap; /* The size of buf. */ - char can_resize; /* One iff |buf| is owned by this object. If not then |buf| - cannot be resized. */ -}; - -struct cbb_st { - struct cbb_buffer_st *base; - /* offset is the offset from the start of |base->buf| to the position of any - * pending length-prefix. */ - size_t offset; - /* child points to a child CBB if a length-prefix is pending. */ - struct cbb_st *child; - /* pending_len_len contains the number of bytes in a pending length-prefix, - * or zero if no length-prefix is pending. */ - uint8_t pending_len_len; - char pending_is_asn1; - /* is_top_level is true iff this is a top-level |CBB| (as opposed to a child - * |CBB|). Top-level objects are valid arguments for |CBB_finish|. */ - char is_top_level; -}; - -/* CBB_init initialises |cbb| with |initial_capacity|. Since a |CBB| grows as - * needed, the |initial_capacity| is just a hint. It returns one on success or - * zero on error. */ -OPENSSL_EXPORT int CBB_init(CBB *cbb, size_t initial_capacity); - -/* CBB_init_fixed initialises |cbb| to write to |len| bytes at |buf|. Since - * |buf| cannot grow, trying to write more than |len| bytes will cause CBB - * functions to fail. It returns one on success or zero on error. */ -OPENSSL_EXPORT int CBB_init_fixed(CBB *cbb, uint8_t *buf, size_t len); - -/* CBB_cleanup frees all resources owned by |cbb| and other |CBB| objects - * writing to the same buffer. This should be used in an error case where a - * serialisation is abandoned. */ -OPENSSL_EXPORT void CBB_cleanup(CBB *cbb); - -/* CBB_finish completes any pending length prefix and sets |*out_data| to a - * malloced buffer and |*out_len| to the length of that buffer. The caller - * takes ownership of the buffer and, unless the buffer was fixed with - * |CBB_init_fixed|, must call |OPENSSL_free| when done. - * - * It can only be called on a "top level" |CBB|, i.e. one initialised with - * |CBB_init| or |CBB_init_fixed|. It returns one on success and zero on - * error. */ -OPENSSL_EXPORT int CBB_finish(CBB *cbb, uint8_t **out_data, size_t *out_len); - -/* CBB_flush causes any pending length prefixes to be written out and any child - * |CBB| objects of |cbb| to be invalidated. It returns one on success or zero - * on error. */ -OPENSSL_EXPORT int CBB_flush(CBB *cbb); - -/* CBB_add_u8_length_prefixed sets |*out_contents| to a new child of |cbb|. The - * data written to |*out_contents| will be prefixed in |cbb| with an 8-bit - * length. It returns one on success or zero on error. */ -OPENSSL_EXPORT int CBB_add_u8_length_prefixed(CBB *cbb, CBB *out_contents); - -/* CBB_add_u16_length_prefixed sets |*out_contents| to a new child of |cbb|. - * The data written to |*out_contents| will be prefixed in |cbb| with a 16-bit, - * big-endian length. It returns one on success or zero on error. */ -OPENSSL_EXPORT int CBB_add_u16_length_prefixed(CBB *cbb, CBB *out_contents); - -/* CBB_add_u24_length_prefixed sets |*out_contents| to a new child of |cbb|. - * The data written to |*out_contents| will be prefixed in |cbb| with a 24-bit, - * big-endian length. It returns one on success or zero on error. */ -OPENSSL_EXPORT int CBB_add_u24_length_prefixed(CBB *cbb, CBB *out_contents); - -/* CBB_add_asn sets |*out_contents| to a |CBB| into which the contents of an - * ASN.1 object can be written. The |tag| argument will be used as the tag for - * the object. Passing in |tag| number 31 will return in an error since only - * single octet identifiers are supported. It returns one on success or zero - * on error. */ -OPENSSL_EXPORT int CBB_add_asn1(CBB *cbb, CBB *out_contents, uint8_t tag); - -/* CBB_add_bytes appends |len| bytes from |data| to |cbb|. It returns one on - * success and zero otherwise. */ -OPENSSL_EXPORT int CBB_add_bytes(CBB *cbb, const uint8_t *data, size_t len); - -/* CBB_add_space appends |len| bytes to |cbb| and sets |*out_data| to point to - * the beginning of that space. The caller must then write |len| bytes of - * actual contents to |*out_data|. It returns one on success and zero - * otherwise. */ -OPENSSL_EXPORT int CBB_add_space(CBB *cbb, uint8_t **out_data, size_t len); - -/* CBB_add_u8 appends an 8-bit number from |value| to |cbb|. It returns one on - * success and zero otherwise. */ -OPENSSL_EXPORT int CBB_add_u8(CBB *cbb, uint8_t value); - -/* CBB_add_u8 appends a 16-bit, big-endian number from |value| to |cbb|. It - * returns one on success and zero otherwise. */ -OPENSSL_EXPORT int CBB_add_u16(CBB *cbb, uint16_t value); - -/* CBB_add_u24 appends a 24-bit, big-endian number from |value| to |cbb|. It - * returns one on success and zero otherwise. */ -OPENSSL_EXPORT int CBB_add_u24(CBB *cbb, uint32_t value); - -/* CBB_add_asn1_uint64 writes an ASN.1 INTEGER into |cbb| using |CBB_add_asn1| - * and writes |value| in its contents. It returns one on success and zero on - * error. */ -OPENSSL_EXPORT int CBB_add_asn1_uint64(CBB *cbb, uint64_t value); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_BYTESTRING_H */ diff --git a/third_party/boringssl/include/openssl/cast.h b/third_party/boringssl/include/openssl/cast.h deleted file mode 100644 index 802172394e5b12..00000000000000 --- a/third_party/boringssl/include/openssl/cast.h +++ /dev/null @@ -1,96 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_CAST_H -#define OPENSSL_HEADER_CAST_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -#define CAST_ENCRYPT 1 -#define CAST_DECRYPT 0 - -#define CAST_BLOCK 8 -#define CAST_KEY_LENGTH 16 - -typedef struct cast_key_st { - uint32_t data[32]; - int short_key; /* Use reduced rounds for short key */ -} CAST_KEY; - -OPENSSL_EXPORT void CAST_set_key(CAST_KEY *key, size_t len, - const uint8_t *data); -OPENSSL_EXPORT void CAST_ecb_encrypt(const uint8_t *in, uint8_t *out, - const CAST_KEY *key, int enc); -OPENSSL_EXPORT void CAST_encrypt(uint32_t *data, const CAST_KEY *key); -OPENSSL_EXPORT void CAST_decrypt(uint32_t *data, const CAST_KEY *key); -OPENSSL_EXPORT void CAST_cbc_encrypt(const uint8_t *in, uint8_t *out, - long length, const CAST_KEY *ks, - uint8_t *iv, int enc); - -OPENSSL_EXPORT void CAST_cfb64_encrypt(const uint8_t *in, uint8_t *out, - long length, const CAST_KEY *schedule, - uint8_t *ivec, int *num, int enc); - -#ifdef __cplusplus -} -#endif - -#endif /* OPENSSL_HEADER_CAST_H */ diff --git a/third_party/boringssl/include/openssl/chacha.h b/third_party/boringssl/include/openssl/chacha.h deleted file mode 100644 index ce53d49fdaefed..00000000000000 --- a/third_party/boringssl/include/openssl/chacha.h +++ /dev/null @@ -1,37 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#ifndef OPENSSL_HEADER_CHACHA_H -#define OPENSSL_HEADER_CHACHA_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -/* CRYPTO_chacha_20 encrypts |in_len| bytes from |in| with the given key and - * nonce and writes the result to |out|, which may be equal to |in|. The - * initial block counter is specified by |counter|. */ -void CRYPTO_chacha_20(uint8_t *out, const uint8_t *in, - size_t in_len, const uint8_t key[32], - const uint8_t nonce[8], size_t counter); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_CHACHA_H */ diff --git a/third_party/boringssl/include/openssl/cipher.h b/third_party/boringssl/include/openssl/cipher.h deleted file mode 100644 index 3e496f15b50e9a..00000000000000 --- a/third_party/boringssl/include/openssl/cipher.h +++ /dev/null @@ -1,598 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_CIPHER_H -#define OPENSSL_HEADER_CIPHER_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* Ciphers. */ - - -/* Cipher primitives. - * - * The following functions return |EVP_CIPHER| objects that implement the named - * cipher algorithm. */ - -OPENSSL_EXPORT const EVP_CIPHER *EVP_rc4(void); - -OPENSSL_EXPORT const EVP_CIPHER *EVP_des_cbc(void); -OPENSSL_EXPORT const EVP_CIPHER *EVP_des_ecb(void); -OPENSSL_EXPORT const EVP_CIPHER *EVP_des_ede3_cbc(void); - -OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_128_ecb(void); -OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_128_cbc(void); -OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_128_ctr(void); -OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_128_ofb(void); - -OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_ecb(void); -OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_cbc(void); -OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_ctr(void); -OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_ofb(void); - -/* Deprecated AES-GCM implementations that set |EVP_CIPH_FLAG_CUSTOM_CIPHER|. - * Use |EVP_aead_aes_128_gcm| and |EVP_aead_aes_256_gcm| instead. */ -OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_128_gcm(void); -OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_gcm(void); - -/* Deprecated 192-bit version of AES. */ -OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_192_ecb(void); -OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_192_cbc(void); -OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_192_ctr(void); -OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_192_gcm(void); - -/* EVP_enc_null returns a 'cipher' that passes plaintext through as - * ciphertext. */ -OPENSSL_EXPORT const EVP_CIPHER *EVP_enc_null(void); - -/* EVP_rc2_40_cbc returns a cipher that implements 40-bit RC2 in CBC mode. This - * is obviously very, very weak and is included only in order to read PKCS#12 - * files, which often encrypt the certificate chain using this cipher. It is - * deliberately not exported. */ -const EVP_CIPHER *EVP_rc2_40_cbc(void); - -/* EVP_get_cipherbynid returns the cipher corresponding to the given NID, or - * NULL if no such cipher is known. */ -OPENSSL_EXPORT const EVP_CIPHER *EVP_get_cipherbynid(int nid); - - -/* Cipher context allocation. - * - * An |EVP_CIPHER_CTX| represents the state of an encryption or decryption in - * progress. */ - -/* EVP_CIPHER_CTX_init initialises an, already allocated, |EVP_CIPHER_CTX|. */ -OPENSSL_EXPORT void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx); - -/* EVP_CIPHER_CTX_new allocates a fresh |EVP_CIPHER_CTX|, calls - * |EVP_CIPHER_CTX_init| and returns it, or NULL on allocation failure. */ -OPENSSL_EXPORT EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void); - -/* EVP_CIPHER_CTX_cleanup frees any memory referenced by |ctx|. It returns - * one. */ -OPENSSL_EXPORT int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *ctx); - -/* EVP_CIPHER_CTX_free calls |EVP_CIPHER_CTX_cleanup| on |ctx| and then frees - * |ctx| itself. */ -OPENSSL_EXPORT void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx); - -/* EVP_CIPHER_CTX_copy sets |out| to be a duplicate of the current state of - * |in|. The |out| argument must have been previously initialised. */ -OPENSSL_EXPORT int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, - const EVP_CIPHER_CTX *in); - - -/* Cipher context configuration. */ - -/* EVP_CipherInit_ex configures |ctx| for a fresh encryption (or decryption, if - * |enc| is zero) operation using |cipher|. If |ctx| has been previously - * configured with a cipher then |cipher|, |key| and |iv| may be |NULL| and - * |enc| may be -1 to reuse the previous values. The operation will use |key| - * as the key and |iv| as the IV (if any). These should have the correct - * lengths given by |EVP_CIPHER_key_length| and |EVP_CIPHER_iv_length|. It - * returns one on success and zero on error. */ -OPENSSL_EXPORT int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, - const EVP_CIPHER *cipher, ENGINE *engine, - const uint8_t *key, const uint8_t *iv, - int enc); - -/* EVP_EncryptInit_ex calls |EVP_CipherInit_ex| with |enc| equal to one. */ -OPENSSL_EXPORT int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, - const EVP_CIPHER *cipher, ENGINE *impl, - const uint8_t *key, const uint8_t *iv); - -/* EVP_DecryptInit_ex calls |EVP_CipherInit_ex| with |enc| equal to zero. */ -OPENSSL_EXPORT int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, - const EVP_CIPHER *cipher, ENGINE *impl, - const uint8_t *key, const uint8_t *iv); - - -/* Cipher operations. */ - -/* EVP_EncryptUpdate encrypts |in_len| bytes from |in| to |out|. The number - * of output bytes may be up to |in_len| plus the block length minus one and - * |out| must have sufficient space. The number of bytes actually output is - * written to |*out_len|. It returns one on success and zero otherwise. */ -OPENSSL_EXPORT int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, uint8_t *out, - int *out_len, const uint8_t *in, - int in_len); - -/* EVP_EncryptFinal_ex writes at most a block of ciphertext to |out| and sets - * |*out_len| to the number of bytes written. If padding is enabled (the - * default) then standard padding is applied to create the final block. If - * padding is disabled (with |EVP_CIPHER_CTX_set_padding|) then any partial - * block remaining will cause an error. The function returns one on success and - * zero otherwise. */ -OPENSSL_EXPORT int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, uint8_t *out, - int *out_len); - -/* EVP_DecryptUpdate decrypts |in_len| bytes from |in| to |out|. The number of - * output bytes may be up to |in_len| plus the block length minus one and |out| - * must have sufficient space. The number of bytes actually output is written - * to |*out_len|. It returns one on success and zero otherwise. */ -OPENSSL_EXPORT int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, uint8_t *out, - int *out_len, const uint8_t *in, - int in_len); - -/* EVP_DecryptFinal_ex writes at most a block of ciphertext to |out| and sets - * |*out_len| to the number of bytes written. If padding is enabled (the - * default) then padding is removed from the final block. - * - * WARNING: it is unsafe to call this function with unauthenticted - * ciphertext if padding is enabled. */ -OPENSSL_EXPORT int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *out_len); - -/* EVP_Cipher performs a one-shot encryption/decryption operation. No partial - * blocks are maintained between calls. However, any internal cipher state is - * still updated. For CBC-mode ciphers, the IV is updated to the final - * ciphertext block. For stream ciphers, the stream is advanced past the bytes - * used. It returns one on success and zero otherwise, unless |EVP_CIPHER_flags| - * has |EVP_CIPH_FLAG_CUSTOM_CIPHER| set. Then it returns the number of bytes - * written or -1 on error. - * - * WARNING: this differs from the usual return value convention when using - * |EVP_CIPH_FLAG_CUSTOM_CIPHER|. - * - * TODO(davidben): The normal ciphers currently never fail, even if, e.g., - * |in_len| is not a multiple of the block size for CBC-mode decryption. The - * input just gets rounded up while the output gets truncated. This should - * either be officially documented or fail. */ -OPENSSL_EXPORT int EVP_Cipher(EVP_CIPHER_CTX *ctx, uint8_t *out, - const uint8_t *in, size_t in_len); - -/* EVP_CipherUpdate calls either |EVP_EncryptUpdate| or |EVP_DecryptUpdate| - * depending on how |ctx| has been setup. */ -OPENSSL_EXPORT int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, uint8_t *out, - int *out_len, const uint8_t *in, - int in_len); - -/* EVP_CipherFinal_ex calls either |EVP_EncryptFinal_ex| or - * |EVP_DecryptFinal_ex| depending on how |ctx| has been setup. */ -OPENSSL_EXPORT int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, uint8_t *out, - int *out_len); - - -/* Cipher context accessors. */ - -/* EVP_CIPHER_CTX_cipher returns the |EVP_CIPHER| underlying |ctx|, or NULL if - * none has been set. */ -OPENSSL_EXPORT const EVP_CIPHER *EVP_CIPHER_CTX_cipher( - const EVP_CIPHER_CTX *ctx); - -/* EVP_CIPHER_CTX_nid returns a NID identifying the |EVP_CIPHER| underlying - * |ctx| (e.g. |NID_aes_128_gcm|). It will crash if no cipher has been - * configured. */ -OPENSSL_EXPORT int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx); - -/* EVP_CIPHER_CTX_block_size returns the block size, in bytes, of the cipher - * underlying |ctx|, or one if the cipher is a stream cipher. It will crash if - * no cipher has been configured. */ -OPENSSL_EXPORT unsigned EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx); - -/* EVP_CIPHER_CTX_key_length returns the key size, in bytes, of the cipher - * underlying |ctx| or zero if no cipher has been configured. */ -OPENSSL_EXPORT unsigned EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx); - -/* EVP_CIPHER_CTX_iv_length returns the IV size, in bytes, of the cipher - * underlying |ctx|. It will crash if no cipher has been configured. */ -OPENSSL_EXPORT unsigned EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx); - -/* EVP_CIPHER_CTX_get_app_data returns the opaque, application data pointer for - * |ctx|, or NULL if none has been set. */ -OPENSSL_EXPORT void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx); - -/* EVP_CIPHER_CTX_set_app_data sets the opaque, application data pointer for - * |ctx| to |data|. */ -OPENSSL_EXPORT void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, - void *data); - -/* EVP_CIPHER_CTX_flags returns a value which is the OR of zero or more - * |EVP_CIPH_*| flags. It will crash if no cipher has been configured. */ -OPENSSL_EXPORT uint32_t EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx); - -/* EVP_CIPHER_CTX_mode returns one of the |EVP_CIPH_*| cipher mode values - * enumerated below. It will crash if no cipher has been configured. */ -OPENSSL_EXPORT uint32_t EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx); - -/* EVP_CIPHER_CTX_ctrl is an |ioctl| like function. The |command| argument - * should be one of the |EVP_CTRL_*| values. The |arg| and |ptr| arguments are - * specific to the command in question. */ -OPENSSL_EXPORT int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int command, - int arg, void *ptr); - -/* EVP_CIPHER_CTX_set_padding sets whether padding is enabled for |ctx| and - * returns one. Pass a non-zero |pad| to enable padding (the default) or zero - * to disable. */ -OPENSSL_EXPORT int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad); - -/* EVP_CIPHER_CTX_set_key_length sets the key length for |ctx|. This is only - * valid for ciphers that can take a variable length key. It returns one on - * success and zero on error. */ -OPENSSL_EXPORT int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *ctx, unsigned key_len); - - -/* Cipher accessors. */ - -/* EVP_CIPHER_nid returns a NID identifing |cipher|. (For example, - * |NID_aes_128_gcm|.) */ -OPENSSL_EXPORT int EVP_CIPHER_nid(const EVP_CIPHER *cipher); - -/* EVP_CIPHER_block_size returns the block size, in bytes, for |cipher|, or one - * if |cipher| is a stream cipher. */ -OPENSSL_EXPORT unsigned EVP_CIPHER_block_size(const EVP_CIPHER *cipher); - -/* EVP_CIPHER_key_length returns the key size, in bytes, for |cipher|. If - * |cipher| can take a variable key length then this function returns the - * default key length and |EVP_CIPHER_flags| will return a value with - * |EVP_CIPH_VARIABLE_LENGTH| set. */ -OPENSSL_EXPORT unsigned EVP_CIPHER_key_length(const EVP_CIPHER *cipher); - -/* EVP_CIPHER_iv_length returns the IV size, in bytes, of |cipher|, or zero if - * |cipher| doesn't take an IV. */ -OPENSSL_EXPORT unsigned EVP_CIPHER_iv_length(const EVP_CIPHER *cipher); - -/* EVP_CIPHER_flags returns a value which is the OR of zero or more - * |EVP_CIPH_*| flags. */ -OPENSSL_EXPORT uint32_t EVP_CIPHER_flags(const EVP_CIPHER *cipher); - -/* EVP_CIPHER_mode returns one of the cipher mode values enumerated below. */ -OPENSSL_EXPORT uint32_t EVP_CIPHER_mode(const EVP_CIPHER *cipher); - - -/* Key derivation. */ - -/* EVP_BytesToKey generates a key and IV for the cipher |type| by iterating - * |md| |count| times using |data| and |salt|. On entry, the |key| and |iv| - * buffers must have enough space to hold a key and IV for |type|. It returns - * the length of the key on success or zero on error. */ -OPENSSL_EXPORT int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, - const uint8_t *salt, const uint8_t *data, - size_t data_len, unsigned count, uint8_t *key, - uint8_t *iv); - - -/* Cipher modes (for |EVP_CIPHER_mode|). */ - -#define EVP_CIPH_STREAM_CIPHER 0x0 -#define EVP_CIPH_ECB_MODE 0x1 -#define EVP_CIPH_CBC_MODE 0x2 -#define EVP_CIPH_CFB_MODE 0x3 -#define EVP_CIPH_OFB_MODE 0x4 -#define EVP_CIPH_CTR_MODE 0x5 -#define EVP_CIPH_GCM_MODE 0x6 - - -/* Cipher flags (for |EVP_CIPHER_flags|). */ - -/* EVP_CIPH_VARIABLE_LENGTH indicates that the cipher takes a variable length - * key. */ -#define EVP_CIPH_VARIABLE_LENGTH 0x40 - -/* EVP_CIPH_ALWAYS_CALL_INIT indicates that the |init| function for the cipher - * should always be called when initialising a new operation, even if the key - * is NULL to indicate that the same key is being used. */ -#define EVP_CIPH_ALWAYS_CALL_INIT 0x80 - -/* EVP_CIPH_CUSTOM_IV indicates that the cipher manages the IV itself rather - * than keeping it in the |iv| member of |EVP_CIPHER_CTX|. */ -#define EVP_CIPH_CUSTOM_IV 0x100 - -/* EVP_CIPH_CTRL_INIT indicates that EVP_CTRL_INIT should be used when - * initialising an |EVP_CIPHER_CTX|. */ -#define EVP_CIPH_CTRL_INIT 0x200 - -/* EVP_CIPH_FLAG_CUSTOM_CIPHER indicates that the cipher manages blocking - * itself. This causes EVP_(En|De)crypt_ex to be simple wrapper functions. */ -#define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x400 - -/* EVP_CIPH_FLAG_AEAD_CIPHER specifies that the cipher is an AEAD. This is an - * older version of the proper AEAD interface. See aead.h for the current - * one. */ -#define EVP_CIPH_FLAG_AEAD_CIPHER 0x800 - -/* EVP_CIPH_CUSTOM_COPY indicates that the |ctrl| callback should be called - * with |EVP_CTRL_COPY| at the end of normal |EVP_CIPHER_CTX_copy| - * processing. */ -#define EVP_CIPH_CUSTOM_COPY 0x1000 - - -/* Deprecated functions */ - -/* EVP_CipherInit acts like EVP_CipherInit_ex except that |EVP_CIPHER_CTX_init| - * is called on |cipher| first, if |cipher| is not NULL. */ -OPENSSL_EXPORT int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - const uint8_t *key, const uint8_t *iv, - int enc); - -/* EVP_EncryptInit calls |EVP_CipherInit| with |enc| equal to one. */ -OPENSSL_EXPORT int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, - const EVP_CIPHER *cipher, const uint8_t *key, - const uint8_t *iv); - -/* EVP_DecryptInit calls |EVP_CipherInit| with |enc| equal to zero. */ -OPENSSL_EXPORT int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, - const EVP_CIPHER *cipher, const uint8_t *key, - const uint8_t *iv); - -/* EVP_add_cipher_alias does nothing and returns one. */ -OPENSSL_EXPORT int EVP_add_cipher_alias(const char *a, const char *b); - -/* EVP_get_cipherbyname returns an |EVP_CIPHER| given a human readable name in - * |name|, or NULL if the name is unknown. */ -OPENSSL_EXPORT const EVP_CIPHER *EVP_get_cipherbyname(const char *name); - - -/* Private functions. */ - -/* EVP_CIPH_NO_PADDING disables padding in block ciphers. */ -#define EVP_CIPH_NO_PADDING 0x800 - -/* EVP_CIPHER_CTX_ctrl commands. */ -#define EVP_CTRL_INIT 0x0 -#define EVP_CTRL_SET_KEY_LENGTH 0x1 -#define EVP_CTRL_GET_RC2_KEY_BITS 0x2 -#define EVP_CTRL_SET_RC2_KEY_BITS 0x3 -#define EVP_CTRL_GET_RC5_ROUNDS 0x4 -#define EVP_CTRL_SET_RC5_ROUNDS 0x5 -#define EVP_CTRL_RAND_KEY 0x6 -#define EVP_CTRL_PBE_PRF_NID 0x7 -#define EVP_CTRL_COPY 0x8 -#define EVP_CTRL_GCM_SET_IVLEN 0x9 -#define EVP_CTRL_GCM_GET_TAG 0x10 -#define EVP_CTRL_GCM_SET_TAG 0x11 -#define EVP_CTRL_GCM_SET_IV_FIXED 0x12 -#define EVP_CTRL_GCM_IV_GEN 0x13 -#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17 -/* Set the GCM invocation field, decrypt only */ -#define EVP_CTRL_GCM_SET_IV_INV 0x18 - -/* GCM TLS constants */ -/* Length of fixed part of IV derived from PRF */ -#define EVP_GCM_TLS_FIXED_IV_LEN 4 -/* Length of explicit part of IV part of TLS records */ -#define EVP_GCM_TLS_EXPLICIT_IV_LEN 8 -/* Length of tag for TLS */ -#define EVP_GCM_TLS_TAG_LEN 16 - -#define EVP_MAX_KEY_LENGTH 64 -#define EVP_MAX_IV_LENGTH 16 -#define EVP_MAX_BLOCK_LENGTH 32 - -struct evp_cipher_ctx_st { - /* cipher contains the underlying cipher for this context. */ - const EVP_CIPHER *cipher; - - /* app_data is a pointer to opaque, user data. */ - void *app_data; /* application stuff */ - - /* cipher_data points to the |cipher| specific state. */ - void *cipher_data; - - /* key_len contains the length of the key, which may differ from - * |cipher->key_len| if the cipher can take a variable key length. */ - unsigned key_len; - - /* encrypt is one if encrypting and zero if decrypting. */ - int encrypt; - - /* flags contains the OR of zero or more |EVP_CIPH_*| flags, above. */ - uint32_t flags; - - /* oiv contains the original IV value. */ - uint8_t oiv[EVP_MAX_IV_LENGTH]; - - /* iv contains the current IV value, which may have been updated. */ - uint8_t iv[EVP_MAX_IV_LENGTH]; - - /* buf contains a partial block which is used by, for example, CTR mode to - * store unused keystream bytes. */ - uint8_t buf[EVP_MAX_BLOCK_LENGTH]; - - /* buf_len contains the number of bytes of a partial block contained in - * |buf|. */ - int buf_len; - - /* num contains the number of bytes of |iv| which are valid for modes that - * manage partial blocks themselves. */ - int num; - - /* final_used is non-zero if the |final| buffer contains plaintext. */ - int final_used; - - /* block_mask contains |cipher->block_size| minus one. (The block size - * assumed to be a power of two.) */ - int block_mask; - - uint8_t final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */ -} /* EVP_CIPHER_CTX */; - -typedef struct evp_cipher_info_st { - const EVP_CIPHER *cipher; - unsigned char iv[EVP_MAX_IV_LENGTH]; -} EVP_CIPHER_INFO; - -struct evp_cipher_st { - /* type contains a NID identifing the cipher. (e.g. NID_aes_128_gcm.) */ - int nid; - - /* block_size contains the block size, in bytes, of the cipher, or 1 for a - * stream cipher. */ - unsigned block_size; - - /* key_len contains the key size, in bytes, for the cipher. If the cipher - * takes a variable key size then this contains the default size. */ - unsigned key_len; - - /* iv_len contains the IV size, in bytes, or zero if inapplicable. */ - unsigned iv_len; - - /* ctx_size contains the size, in bytes, of the per-key context for this - * cipher. */ - unsigned ctx_size; - - /* flags contains the OR of a number of flags. See |EVP_CIPH_*|. */ - uint32_t flags; - - /* app_data is a pointer to opaque, user data. */ - void *app_data; - - int (*init)(EVP_CIPHER_CTX *ctx, const uint8_t *key, const uint8_t *iv, - int enc); - - int (*cipher)(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in, - size_t inl); - - /* cleanup, if non-NULL, releases memory associated with the context. It is - * called if |EVP_CTRL_INIT| succeeds. Note that |init| may not have been - * called at this point. */ - void (*cleanup)(EVP_CIPHER_CTX *); - - int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); -}; - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define CIPHER_F_EVP_AEAD_CTX_init 100 -#define CIPHER_F_EVP_AEAD_CTX_open 101 -#define CIPHER_F_EVP_AEAD_CTX_seal 102 -#define CIPHER_F_EVP_CIPHER_CTX_copy 103 -#define CIPHER_F_EVP_CIPHER_CTX_ctrl 104 -#define CIPHER_F_EVP_CIPHER_CTX_set_key_length 105 -#define CIPHER_F_EVP_CipherInit_ex 106 -#define CIPHER_F_EVP_DecryptFinal_ex 107 -#define CIPHER_F_EVP_EncryptFinal_ex 108 -#define CIPHER_F_aead_aes_gcm_init 109 -#define CIPHER_F_aead_aes_gcm_open 110 -#define CIPHER_F_aead_aes_gcm_seal 111 -#define CIPHER_F_aead_aes_key_wrap_init 112 -#define CIPHER_F_aead_aes_key_wrap_open 113 -#define CIPHER_F_aead_aes_key_wrap_seal 114 -#define CIPHER_F_aead_chacha20_poly1305_init 115 -#define CIPHER_F_aead_chacha20_poly1305_open 116 -#define CIPHER_F_aead_chacha20_poly1305_seal 117 -#define CIPHER_F_aead_rc4_md5_tls_init 118 -#define CIPHER_F_aead_rc4_md5_tls_open 119 -#define CIPHER_F_aead_rc4_md5_tls_seal 120 -#define CIPHER_F_aead_ssl3_ensure_cipher_init 121 -#define CIPHER_F_aead_ssl3_init 122 -#define CIPHER_F_aead_ssl3_open 123 -#define CIPHER_F_aead_ssl3_seal 124 -#define CIPHER_F_aead_tls_ensure_cipher_init 125 -#define CIPHER_F_aead_tls_init 126 -#define CIPHER_F_aead_tls_open 127 -#define CIPHER_F_aead_tls_seal 128 -#define CIPHER_F_aes_init_key 129 -#define CIPHER_F_aesni_init_key 130 -#define CIPHER_F_EVP_AEAD_CTX_init_with_direction 131 -#define CIPHER_F_aead_aes_ctr_hmac_sha256_init 132 -#define CIPHER_F_aead_aes_ctr_hmac_sha256_open 133 -#define CIPHER_F_aead_aes_ctr_hmac_sha256_seal 134 -#define CIPHER_R_AES_KEY_SETUP_FAILED 100 -#define CIPHER_R_BAD_DECRYPT 101 -#define CIPHER_R_BAD_KEY_LENGTH 102 -#define CIPHER_R_BUFFER_TOO_SMALL 103 -#define CIPHER_R_CTRL_NOT_IMPLEMENTED 104 -#define CIPHER_R_CTRL_OPERATION_NOT_IMPLEMENTED 105 -#define CIPHER_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 106 -#define CIPHER_R_INITIALIZATION_ERROR 107 -#define CIPHER_R_INPUT_NOT_INITIALIZED 108 -#define CIPHER_R_INVALID_AD_SIZE 109 -#define CIPHER_R_INVALID_KEY_LENGTH 110 -#define CIPHER_R_INVALID_NONCE_SIZE 111 -#define CIPHER_R_INVALID_OPERATION 112 -#define CIPHER_R_IV_TOO_LARGE 113 -#define CIPHER_R_NO_CIPHER_SET 114 -#define CIPHER_R_OUTPUT_ALIASES_INPUT 115 -#define CIPHER_R_TAG_TOO_LARGE 116 -#define CIPHER_R_TOO_LARGE 117 -#define CIPHER_R_UNSUPPORTED_AD_SIZE 118 -#define CIPHER_R_UNSUPPORTED_INPUT_SIZE 119 -#define CIPHER_R_UNSUPPORTED_KEY_SIZE 120 -#define CIPHER_R_UNSUPPORTED_NONCE_SIZE 121 -#define CIPHER_R_UNSUPPORTED_TAG_SIZE 122 -#define CIPHER_R_WRONG_FINAL_BLOCK_LENGTH 123 -#define CIPHER_R_NO_DIRECTION_SET 124 - -#endif /* OPENSSL_HEADER_CIPHER_H */ diff --git a/third_party/boringssl/include/openssl/cmac.h b/third_party/boringssl/include/openssl/cmac.h deleted file mode 100644 index 183f41bca05630..00000000000000 --- a/third_party/boringssl/include/openssl/cmac.h +++ /dev/null @@ -1,76 +0,0 @@ -/* Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#ifndef OPENSSL_HEADER_CMAC_H -#define OPENSSL_HEADER_CMAC_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* CMAC. - * - * CMAC is a MAC based on AES-CBC and defined in - * https://tools.ietf.org/html/rfc4493#section-2.3. */ - - -/* One-shot functions. */ - -/* AES_CMAC calculates the 16-byte, CMAC authenticator of |in_len| bytes of - * |in| and writes it to |out|. The |key_len| may be 16 or 32 bytes to select - * between AES-128 and AES-256. It returns one on success or zero on error. */ -OPENSSL_EXPORT int AES_CMAC(uint8_t out[16], const uint8_t *key, size_t key_len, - const uint8_t *in, size_t in_len); - - -/* Incremental interface. */ - -/* CMAC_CTX_new allocates a fresh |CMAC_CTX| and returns it, or NULL on - * error. */ -OPENSSL_EXPORT CMAC_CTX *CMAC_CTX_new(void); - -/* CMAC_CTX_free frees a |CMAC_CTX|. */ -OPENSSL_EXPORT void CMAC_CTX_free(CMAC_CTX *ctx); - -/* CMAC_Init configures |ctx| to use the given |key| and |cipher|. The CMAC RFC - * only specifies the use of AES-128 thus |key_len| should be 16 and |cipher| - * should be |EVP_aes_128_cbc()|. However, this implementation also supports - * AES-256 by setting |key_len| to 32 and |cipher| to |EVP_aes_256_cbc()|. The - * |engine| argument is ignored. - * - * It returns one on success or zero on error. */ -OPENSSL_EXPORT int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t key_len, - const EVP_CIPHER *cipher, ENGINE *engine); - - -/* CMAC_Reset resets |ctx| so that a fresh message can be authenticated. */ -OPENSSL_EXPORT int CMAC_Reset(CMAC_CTX *ctx); - -/* CMAC_Update processes |in_len| bytes of message from |in|. It returns one on - * success or zero on error. */ -OPENSSL_EXPORT int CMAC_Update(CMAC_CTX *ctx, const uint8_t *in, size_t in_len); - -/* CMAC_Final sets |*out_len| to 16 and, if |out| is not NULL, writes 16 bytes - * of authenticator to it. It returns one on success or zero on error. */ -OPENSSL_EXPORT int CMAC_Final(CMAC_CTX *ctx, uint8_t *out, size_t *out_len); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_CBC_H */ diff --git a/third_party/boringssl/include/openssl/conf.h b/third_party/boringssl/include/openssl/conf.h deleted file mode 100644 index 84fc94f99e5b63..00000000000000 --- a/third_party/boringssl/include/openssl/conf.h +++ /dev/null @@ -1,149 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_CONF_H -#define OPENSSL_HEADER_CONF_H - -#include - -#include -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* Config files look like: - * - * # Comment - * - * # This key is in the default section. - * key=value - * - * [section_name] - * key2=value2 - * - * Config files are representated by a |CONF|. */ - -struct conf_value_st { - char *section; - char *name; - char *value; -}; - -struct conf_st { - LHASH_OF(CONF_VALUE) *data; -}; - - -/* NCONF_new returns a fresh, empty |CONF|, or NULL on error. The |method| - * argument must be NULL. */ -CONF *NCONF_new(void *method); - -/* NCONF_free frees all the data owned by |conf| and then |conf| itself. */ -void NCONF_free(CONF *conf); - -/* NCONF_load parses the file named |filename| and adds the values found to - * |conf|. It returns one on success and zero on error. In the event of an - * error, if |out_error_line| is not NULL, |*out_error_line| is set to the - * number of the line that contained the error. */ -int NCONF_load(CONF *conf, const char *filename, long *out_error_line); - -/* NCONF_load_bio acts like |NCONF_load| but reads from |bio| rather than from - * a named file. */ -int NCONF_load_bio(CONF *conf, BIO *bio, long *out_error_line); - -/* NCONF_get_section returns a stack of values for a given section in |conf|. - * If |section| is NULL, the default section is returned. It returns NULL on - * error. */ -STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf, const char *section); - -/* NCONF_get_string returns the value of the key |name|, in section |section|. - * The |section| argument may be NULL to indicate the default section. It - * returns the value or NULL on error. */ -const char *NCONF_get_string(const CONF *conf, const char *section, - const char *name); - - -/* Utility functions */ - -/* CONF_parse_list takes a list separated by 'sep' and calls |list_cb| giving - * the start and length of each member, optionally stripping leading and - * trailing whitespace. This can be used to parse comma separated lists for - * example. If |list_cb| returns <= 0, then the iteration is halted and that - * value is returned immediately. Otherwise it returns one. Note that |list_cb| - * may be called on an empty member. */ -int CONF_parse_list(const char *list, char sep, int remove_whitespace, - int (*list_cb)(const char *elem, int len, void *usr), - void *arg); - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define CONF_F_CONF_parse_list 100 -#define CONF_F_NCONF_load 101 -#define CONF_F_def_load_bio 102 -#define CONF_F_str_copy 103 -#define CONF_R_LIST_CANNOT_BE_NULL 100 -#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 101 -#define CONF_R_MISSING_EQUAL_SIGN 102 -#define CONF_R_NO_CLOSE_BRACE 103 -#define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 104 -#define CONF_R_VARIABLE_HAS_NO_VALUE 105 - -#endif /* OPENSSL_HEADER_THREAD_H */ diff --git a/third_party/boringssl/include/openssl/cpu.h b/third_party/boringssl/include/openssl/cpu.h deleted file mode 100644 index 83ec473fabcb8f..00000000000000 --- a/third_party/boringssl/include/openssl/cpu.h +++ /dev/null @@ -1,121 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#ifndef OPENSSL_HEADER_CPU_H -#define OPENSSL_HEADER_CPU_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* Runtime CPU feature support */ - - -#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64) -/* OPENSSL_ia32cap_P contains the Intel CPUID bits when running on an x86 or - * x86-64 system. - * - * Index 0: - * EDX for CPUID where EAX = 1 - * Bit 30 is used to indicate an Intel CPU - * Index 1: - * ECX for CPUID where EAX = 1 - * Index 2: - * EBX for CPUID where EAX = 7 - * - * Note: the CPUID bits are pre-adjusted for the OSXSAVE bit and the YMM and XMM - * bits in XCR0, so it is not necessary to check those. */ -extern uint32_t OPENSSL_ia32cap_P[4]; -#endif - -#if defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64) -/* CRYPTO_is_NEON_capable returns true if the current CPU has a NEON unit. Note - * that |OPENSSL_armcap_P| also exists and contains the same information in a - * form that's easier for assembly to use. */ -OPENSSL_EXPORT char CRYPTO_is_NEON_capable(void); - -/* CRYPTO_set_NEON_capable sets the return value of |CRYPTO_is_NEON_capable|. - * By default, unless the code was compiled with |-mfpu=neon|, NEON is assumed - * not to be present. It is not autodetected. Calling this with a zero - * argument also causes |CRYPTO_is_NEON_functional| to return false. */ -OPENSSL_EXPORT void CRYPTO_set_NEON_capable(char neon_capable); - -/* CRYPTO_is_NEON_functional returns true if the current CPU has a /working/ - * NEON unit. Some phones have a NEON unit, but the Poly1305 NEON code causes - * it to fail. See https://code.google.com/p/chromium/issues/detail?id=341598 */ -OPENSSL_EXPORT char CRYPTO_is_NEON_functional(void); - -/* CRYPTO_set_NEON_functional sets the "NEON functional" flag. For - * |CRYPTO_is_NEON_functional| to return true, both this flag and the NEON flag - * must be true. By default NEON is assumed to be functional if the code was - * compiled with |-mfpu=neon| or if |CRYPTO_set_NEON_capable| has been called - * with a non-zero argument. */ -OPENSSL_EXPORT void CRYPTO_set_NEON_functional(char neon_functional); -#endif /* OPENSSL_ARM */ - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_CPU_H */ diff --git a/third_party/boringssl/include/openssl/crypto.h b/third_party/boringssl/include/openssl/crypto.h deleted file mode 100644 index 3af1547d87ebbc..00000000000000 --- a/third_party/boringssl/include/openssl/crypto.h +++ /dev/null @@ -1,63 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#ifndef OPENSSL_HEADER_CRYPTO_H -#define OPENSSL_HEADER_CRYPTO_H - -#include - -/* Upstream OpenSSL defines |OPENSSL_malloc|, etc., in crypto.h rather than - * mem.h. */ -#include - - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* crypto.h contains functions for initializing the crypto library. */ - - -/* CRYPTO_library_init initializes the crypto library. It must be called if the - * library is built with BORINGSSL_NO_STATIC_INITIALIZER. Otherwise, it does - * nothing and a static initializer is used instead. */ -OPENSSL_EXPORT void CRYPTO_library_init(void); - - -/* Deprecated functions. */ - -#define OPENSSL_VERSION_TEXT "BoringSSL" - -#define SSLEAY_VERSION 0 - -/* SSLeay_version is a compatibility function that returns the string - * "BoringSSL". */ -OPENSSL_EXPORT const char *SSLeay_version(int unused); - -/* SSLeay is a compatibility function that returns OPENSSL_VERSION_NUMBER from - * base.h. */ -OPENSSL_EXPORT unsigned long SSLeay(void); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define CRYPTO_F_CRYPTO_get_ex_new_index 100 -#define CRYPTO_F_CRYPTO_set_ex_data 101 -#define CRYPTO_F_get_class 102 -#define CRYPTO_F_get_func_pointers 103 - -#endif /* OPENSSL_HEADER_CRYPTO_H */ diff --git a/third_party/boringssl/include/openssl/des.h b/third_party/boringssl/include/openssl/des.h deleted file mode 100644 index 6e1b0cfe5f76da..00000000000000 --- a/third_party/boringssl/include/openssl/des.h +++ /dev/null @@ -1,149 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_DES_H -#define OPENSSL_HEADER_DES_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* DES. */ - - -typedef struct DES_cblock_st { - uint8_t bytes[8]; -} DES_cblock; - -typedef struct DES_ks { - union { - DES_cblock cblock; - /* make sure things are correct size on machines with - * 8 byte longs */ - uint32_t deslong[2]; - } ks[16]; -} DES_key_schedule; - - -#define DES_KEY_SZ (sizeof(DES_cblock)) -#define DES_SCHEDULE_SZ (sizeof(DES_key_schedule)) - -#define DES_ENCRYPT 1 -#define DES_DECRYPT 0 - -#define DES_CBC_MODE 0 -#define DES_PCBC_MODE 1 - -/* DES_set_key performs a key schedule and initialises |schedule| with |key|. */ -OPENSSL_EXPORT void DES_set_key(const DES_cblock *key, - DES_key_schedule *schedule); - -/* DES_set_odd_parity sets the parity bits (the least-significant bits in each - * byte) of |key| given the other bits in each byte. */ -OPENSSL_EXPORT void DES_set_odd_parity(DES_cblock *key); - -/* DES_ecb_encrypt encrypts (or decrypts, if |is_encrypt| is |DES_DECRYPT|) a - * single DES block (8 bytes) from in to out, using the key configured in - * |schedule|. */ -OPENSSL_EXPORT void DES_ecb_encrypt(const DES_cblock *in, DES_cblock *out, - const DES_key_schedule *schedule, - int is_encrypt); - -/* DES_ncbc_encrypt encrypts (or decrypts, if |enc| is |DES_DECRYPT|) |len| - * bytes from |in| to |out| with DES in CBC mode. */ -OPENSSL_EXPORT void DES_ncbc_encrypt(const uint8_t *in, uint8_t *out, - size_t len, - const DES_key_schedule *schedule, - DES_cblock *ivec, int enc); - -/* DES_ecb3_encrypt encrypts (or decrypts, if |enc| is |DES_DECRYPT|) a single - * block (8 bytes) of data from |input| to |output| using 3DES. */ -OPENSSL_EXPORT void DES_ecb3_encrypt(const DES_cblock *input, - DES_cblock *output, - const DES_key_schedule *ks1, - const DES_key_schedule *ks2, - const DES_key_schedule *ks3, - int enc); - -/* DES_ede3_cbc_encrypt encrypts (or decrypts, if |enc| is |DES_DECRYPT|) |len| - * bytes from |in| to |out| with 3DES in CBC mode. 3DES uses three keys, thus - * the function takes three different |DES_key_schedule|s. */ -OPENSSL_EXPORT void DES_ede3_cbc_encrypt(const uint8_t *in, uint8_t *out, - size_t len, - const DES_key_schedule *ks1, - const DES_key_schedule *ks2, - const DES_key_schedule *ks3, - DES_cblock *ivec, int enc); - -/* DES_ede2_cbc_encrypt encrypts (or decrypts, if |enc| is |DES_DECRYPT|) |len| - * bytes from |in| to |out| with 3DES in CBC mode. With this keying option, the - * first and third 3DES keys are identical. Thus, this function takes only two - * different |DES_key_schedule|s. */ -OPENSSL_EXPORT void DES_ede2_cbc_encrypt(const uint8_t *in, uint8_t *out, - size_t len, - const DES_key_schedule *ks1, - const DES_key_schedule *ks2, - DES_cblock *ivec, int enc); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_DES_H */ diff --git a/third_party/boringssl/include/openssl/dh.h b/third_party/boringssl/include/openssl/dh.h deleted file mode 100644 index 17574d51edf5b1..00000000000000 --- a/third_party/boringssl/include/openssl/dh.h +++ /dev/null @@ -1,274 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_DH_H -#define OPENSSL_HEADER_DH_H - -#include - -#include -#include -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* DH contains functions for performing Diffie-Hellman key agreement in - * multiplicative groups. */ - - -/* Allocation and destruction. */ - -/* DH_new returns a new, empty DH object or NULL on error. */ -OPENSSL_EXPORT DH *DH_new(void); - -/* DH_new_method acts the same as |DH_new| but takes an explicit |ENGINE|. */ -OPENSSL_EXPORT DH *DH_new_method(const ENGINE *engine); - -/* DH_free decrements the reference count of |dh| and frees it if the reference - * count drops to zero. */ -OPENSSL_EXPORT void DH_free(DH *dh); - -/* DH_up_ref increments the reference count of |dh|. */ -OPENSSL_EXPORT int DH_up_ref(DH *dh); - - -/* Standard parameters. - * - * These functions return new DH objects with standard parameters configured - * that use the given ENGINE, which may be NULL. They return NULL on allocation - * failure. */ - -/* These parameters are taken from RFC 5114. */ - -OPENSSL_EXPORT DH *DH_get_1024_160(const ENGINE *engine); -OPENSSL_EXPORT DH *DH_get_2048_224(const ENGINE *engine); -OPENSSL_EXPORT DH *DH_get_2048_256(const ENGINE *engine); - - -/* Parameter generation. */ - -#define DH_GENERATOR_2 2 -#define DH_GENERATOR_5 5 - -/* DH_generate_parameters_ex generates a suitable Diffie-Hellman group with a - * prime that is |prime_bits| long and stores it in |dh|. The generator of the - * group will be |generator|, which should be |DH_GENERATOR_2| unless there's a - * good reason to use a different value. The |cb| argument contains a callback - * function that will be called during the generation. See the documentation in - * |bn.h| about this. In addition to the callback invocations from |BN|, |cb| - * will also be called with |event| equal to three when the generation is - * complete. */ -OPENSSL_EXPORT int DH_generate_parameters_ex(DH *dh, int prime_bits, - int generator, BN_GENCB *cb); - - -/* Diffie-Hellman operations. */ - -/* DH_generate_key generates a new, random, private key and stores it in - * |dh|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int DH_generate_key(DH *dh); - -/* DH_compute_key calculates the shared key between |dh| and |peers_key| and - * writes it as a big-endian integer into |out|, which must have |DH_size| - * bytes of space. It returns the number of bytes written, or a negative number - * on error. */ -OPENSSL_EXPORT int DH_compute_key(uint8_t *out, const BIGNUM *peers_key, - DH *dh); - - -/* Utility functions. */ - -/* DH_size returns the number of bytes in the DH group's prime. */ -OPENSSL_EXPORT int DH_size(const DH *dh); - -/* DH_num_bits returns the minimum number of bits needed to represent the - * absolute value of the DH group's prime. */ -OPENSSL_EXPORT unsigned DH_num_bits(const DH *dh); - -#define DH_CHECK_P_NOT_PRIME 0x01 -#define DH_CHECK_P_NOT_SAFE_PRIME 0x02 -#define DH_CHECK_UNABLE_TO_CHECK_GENERATOR 0x04 -#define DH_CHECK_NOT_SUITABLE_GENERATOR 0x08 -#define DH_CHECK_Q_NOT_PRIME 0x10 -#define DH_CHECK_INVALID_Q_VALUE 0x20 -#define DH_CHECK_INVALID_J_VALUE 0x40 - -/* These are compatibility defines. */ -#define DH_NOT_SUITABLE_GENERATOR DH_CHECK_NOT_SUITABLE_GENERATOR -#define DH_UNABLE_TO_CHECK_GENERATOR DH_CHECK_UNABLE_TO_CHECK_GENERATOR - -/* DH_check checks the suitability of |dh| as a Diffie-Hellman group. and sets - * |DH_CHECK_*| flags in |*out_flags| if it finds any errors. It returns one if - * |*out_flags| was successfully set and zero on error. - * - * Note: these checks may be quite computationally expensive. */ -OPENSSL_EXPORT int DH_check(const DH *dh, int *out_flags); - -#define DH_CHECK_PUBKEY_TOO_SMALL 1 -#define DH_CHECK_PUBKEY_TOO_LARGE 2 - -/* DH_check_pub_key checks the suitability of |pub_key| as a public key for the - * DH group in |dh| and sets |DH_CHECK_PUBKEY_*| flags in |*out_flags| if it - * finds any errors. It returns one if |*out_flags| was successfully set and - * zero on error. */ -OPENSSL_EXPORT int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, - int *out_flags); - -/* DHparams_dup allocates a fresh |DH| and copies the parameters from |dh| into - * it. It returns the new |DH| or NULL on error. */ -OPENSSL_EXPORT DH *DHparams_dup(const DH *dh); - - -/* ASN.1 functions. */ - -/* d2i_DHparams parses an ASN.1, DER encoded Diffie-Hellman parameters - * structure from |len| bytes at |*inp|. If |ret| is not NULL then, on exit, a - * pointer to the result is in |*ret|. If |*ret| is already non-NULL on entry - * then the result is written directly into |*ret|, otherwise a fresh |DH| is - * allocated. On successful exit, |*inp| is advanced past the DER structure. It - * returns the result or NULL on error. */ -OPENSSL_EXPORT DH *d2i_DHparams(DH **ret, const unsigned char **inp, long len); - -/* i2d_DHparams marshals |in| to an ASN.1, DER structure. If |outp| is not NULL - * then the result is written to |*outp| and |*outp| is advanced just past the - * output. It returns the number of bytes in the result, whether written or - * not, or a negative value on error. */ -OPENSSL_EXPORT int i2d_DHparams(const DH *in, unsigned char **outp); - - -/* ex_data functions. - * - * See |ex_data.h| for details. */ - -OPENSSL_EXPORT int DH_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); -OPENSSL_EXPORT int DH_set_ex_data(DH *d, int idx, void *arg); -OPENSSL_EXPORT void *DH_get_ex_data(DH *d, int idx); - - -/* dh_method contains function pointers to override the implementation of DH. - * See |engine.h| for details. */ -struct dh_method { - struct openssl_method_common_st common; - - /* app_data is an opaque pointer for the method to use. */ - void *app_data; - - /* init is called just before the return of |DH_new_method|. It returns one - * on success or zero on error. */ - int (*init)(DH *dh); - - /* finish is called before |dh| is destructed. */ - void (*finish)(DH *dh); - - /* generate_parameters is called by |DH_generate_parameters_ex|. */ - int (*generate_parameters)(DH *dh, int prime_bits, int generator, - BN_GENCB *cb); - - /* generate_parameters is called by |DH_generate_key|. */ - int (*generate_key)(DH *dh); - - /* compute_key is called by |DH_compute_key|. */ - int (*compute_key)(DH *dh, uint8_t *out, const BIGNUM *pub_key); -}; - -struct dh_st { - DH_METHOD *meth; - - BIGNUM *p; - BIGNUM *g; - BIGNUM *pub_key; /* g^x */ - BIGNUM *priv_key; /* x */ - - /* priv_length contains the length, in bits, of the private value. If zero, - * the private value will be the same length as |p|. */ - unsigned priv_length; - - CRYPTO_MUTEX method_mont_p_lock; - BN_MONT_CTX *method_mont_p; - - /* Place holders if we want to do X9.42 DH */ - BIGNUM *q; - BIGNUM *j; - unsigned char *seed; - int seedlen; - BIGNUM *counter; - - int flags; - CRYPTO_refcount_t references; - CRYPTO_EX_DATA ex_data; -}; - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define DH_F_DH_new_method 100 -#define DH_F_compute_key 101 -#define DH_F_generate_key 102 -#define DH_F_generate_parameters 103 -#define DH_R_BAD_GENERATOR 100 -#define DH_R_INVALID_PUBKEY 101 -#define DH_R_MODULUS_TOO_LARGE 102 -#define DH_R_NO_PRIVATE_VALUE 103 - -#endif /* OPENSSL_HEADER_DH_H */ diff --git a/third_party/boringssl/include/openssl/digest.h b/third_party/boringssl/include/openssl/digest.h deleted file mode 100644 index 2ea4ec4d7d3dda..00000000000000 --- a/third_party/boringssl/include/openssl/digest.h +++ /dev/null @@ -1,265 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_DIGEST_H -#define OPENSSL_HEADER_DIGEST_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* Digest functions. - * - * An EVP_MD abstracts the details of a specific hash function allowing code to - * deal with the concept of a "hash function" without needing to know exactly - * which hash function it is. */ - - -/* Hash algorithms. - * - * The following functions return |EVP_MD| objects that implement the named hash - * function. */ - -OPENSSL_EXPORT const EVP_MD *EVP_md4(void); -OPENSSL_EXPORT const EVP_MD *EVP_md5(void); -OPENSSL_EXPORT const EVP_MD *EVP_sha1(void); -OPENSSL_EXPORT const EVP_MD *EVP_sha224(void); -OPENSSL_EXPORT const EVP_MD *EVP_sha256(void); -OPENSSL_EXPORT const EVP_MD *EVP_sha384(void); -OPENSSL_EXPORT const EVP_MD *EVP_sha512(void); - -/* EVP_md5_sha1 is a TLS-specific |EVP_MD| which computes the concatenation of - * MD5 and SHA-1, as used in TLS 1.1 and below. */ -OPENSSL_EXPORT const EVP_MD *EVP_md5_sha1(void); - -/* EVP_get_digestbynid returns an |EVP_MD| for the given NID, or NULL if no - * such digest is known. */ -OPENSSL_EXPORT const EVP_MD *EVP_get_digestbynid(int nid); - -/* EVP_get_digestbyobj returns an |EVP_MD| for the given |ASN1_OBJECT|, or NULL - * if no such digest is known. */ -OPENSSL_EXPORT const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *obj); - - -/* Digest contexts. - * - * An EVP_MD_CTX represents the state of a specific digest operation in - * progress. */ - -/* EVP_MD_CTX_init initialises an, already allocated, |EVP_MD_CTX|. */ -OPENSSL_EXPORT void EVP_MD_CTX_init(EVP_MD_CTX *ctx); - -/* EVP_MD_CTX_create allocates and initialises a fresh |EVP_MD_CTX| and returns - * it, or NULL on allocation failure. */ -OPENSSL_EXPORT EVP_MD_CTX *EVP_MD_CTX_create(void); - -/* EVP_MD_CTX_cleanup frees any resources owned by |ctx| and resets it to a - * freshly initialised state. It does not free |ctx| itself. It returns one. */ -OPENSSL_EXPORT int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx); - -/* EVP_MD_CTX_destroy calls |EVP_MD_CTX_cleanup| and then frees |ctx| itself. */ -OPENSSL_EXPORT void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); - -/* EVP_MD_CTX_copy_ex sets |out|, which must already be initialised, to be a - * copy of |in|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in); - - -/* Digest operations. */ - -/* EVP_DigestInit_ex configures |ctx|, which must already have been - * initialised, for a fresh hashing operation using |type|. It returns one on - * success and zero otherwise. */ -OPENSSL_EXPORT int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, - ENGINE *engine); - -/* EVP_DigestInit acts like |EVP_DigestInit_ex| except that |ctx| is - * initialised before use. */ -OPENSSL_EXPORT int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); - -/* EVP_DigestUpdate hashes |len| bytes from |data| into the hashing operation - * in |ctx|. It returns one. */ -OPENSSL_EXPORT int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, - size_t len); - -/* EVP_MAX_MD_SIZE is the largest digest size supported. Functions that output - * a digest generally require the buffer have at least this much space. */ -#define EVP_MAX_MD_SIZE 64 /* SHA-512 is the longest so far. */ - -/* EVP_DigestFinal_ex finishes the digest in |ctx| and writes the output to - * |md_out|. At most |EVP_MAX_MD_SIZE| bytes are written. If |out_size| is not - * NULL then |*out_size| is set to the number of bytes written. It returns one. - * After this call, the hash cannot be updated or finished again until - * |EVP_DigestInit_ex| is called to start another hashing operation. */ -OPENSSL_EXPORT int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, uint8_t *md_out, - unsigned int *out_size); - -/* EVP_DigestFinal acts like |EVP_DigestFinal_ex| except that - * |EVP_MD_CTX_cleanup| is called on |ctx| before returning. */ -OPENSSL_EXPORT int EVP_DigestFinal(EVP_MD_CTX *ctx, uint8_t *md_out, - unsigned int *out_size); - -/* EVP_Digest performs a complete hashing operation in one call. It hashes - * |len| bytes from |data| and writes the digest to |md_out|. At most - * |EVP_MAX_MD_SIZE| bytes are written. If |out_size| is not NULL then - * |*out_size| is set to the number of bytes written. It returns one on success - * and zero otherwise. */ -OPENSSL_EXPORT int EVP_Digest(const void *data, size_t len, uint8_t *md_out, - unsigned int *md_out_size, const EVP_MD *type, - ENGINE *impl); - - -/* Digest function accessors. - * - * These functions allow code to learn details about an abstract hash - * function. */ - -/* EVP_MD_type returns a NID identifing |md|. (For example, |NID_sha256|.) */ -OPENSSL_EXPORT int EVP_MD_type(const EVP_MD *md); - -/* EVP_MD_flags returns the flags for |md|, which is a set of |EVP_MD_FLAG_*| - * values, ORed together. */ -OPENSSL_EXPORT uint32_t EVP_MD_flags(const EVP_MD *md); - -/* EVP_MD_size returns the digest size of |md|, in bytes. */ -OPENSSL_EXPORT size_t EVP_MD_size(const EVP_MD *md); - -/* EVP_MD_block_size returns the native block-size of |md|. */ -OPENSSL_EXPORT size_t EVP_MD_block_size(const EVP_MD *md); - -/* EVP_MD_FLAG_PKEY_DIGEST indicates the the digest function is used with a - * specific public key in order to verify signatures. (For example, - * EVP_dss1.) */ -#define EVP_MD_FLAG_PKEY_DIGEST 1 - -/* EVP_MD_FLAG_DIGALGID_ABSENT indicates that the parameter type in an X.509 - * DigestAlgorithmIdentifier representing this digest function should be - * undefined rather than NULL. */ -#define EVP_MD_FLAG_DIGALGID_ABSENT 2 - - -/* Deprecated functions. */ - -/* EVP_MD_CTX_copy sets |out|, which must /not/ be initialised, to be a copy of - * |in|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in); - -/* EVP_add_digest does nothing and returns one. It exists only for - * compatibility with OpenSSL. */ -OPENSSL_EXPORT int EVP_add_digest(const EVP_MD *digest); - -/* EVP_get_cipherbyname returns an |EVP_MD| given a human readable name in - * |name|, or NULL if the name is unknown. */ -OPENSSL_EXPORT const EVP_MD *EVP_get_digestbyname(const char *); - - -/* Digest operation accessors. */ - -/* EVP_MD_CTX_md returns the underlying digest function, or NULL if one has not - * been set. */ -OPENSSL_EXPORT const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx); - -/* EVP_MD_CTX_size returns the digest size of |ctx|. It will crash if a digest - * hasn't been set on |ctx|. */ -OPENSSL_EXPORT unsigned EVP_MD_CTX_size(const EVP_MD_CTX *ctx); - -/* EVP_MD_CTX_block_size returns the block size of the digest function used by - * |ctx|. It will crash if a digest hasn't been set on |ctx|. */ -OPENSSL_EXPORT unsigned EVP_MD_CTX_block_size(const EVP_MD_CTX *ctx); - -/* EVP_MD_CTX_type returns a NID describing the digest function used by |ctx|. - * (For example, |NID_sha256|.) It will crash if a digest hasn't been set on - * |ctx|. */ -OPENSSL_EXPORT int EVP_MD_CTX_type(const EVP_MD_CTX *ctx); - - -struct evp_md_pctx_ops; - -struct env_md_ctx_st { - /* digest is the underlying digest function, or NULL if not set. */ - const EVP_MD *digest; - /* flags is the OR of a number of |EVP_MD_CTX_FLAG_*| values. */ - uint32_t flags; - /* md_data points to a block of memory that contains the hash-specific - * context. */ - void *md_data; - /* update is usually copied from |digest->update| but can differ in some - * cases, i.e. HMAC. - * TODO(davidben): Remove this hook once |EVP_PKEY_HMAC| is gone. */ - void (*update)(EVP_MD_CTX *ctx, const void *data, size_t count); - - /* pctx is an opaque (at this layer) pointer to additional context that - * EVP_PKEY functions may store in this object. */ - EVP_PKEY_CTX *pctx; - - /* pctx_ops, if not NULL, points to a vtable that contains functions to - * manipulate |pctx|. */ - const struct evp_md_pctx_ops *pctx_ops; -} /* EVP_MD_CTX */; - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define DIGEST_F_EVP_DigestInit_ex 100 -#define DIGEST_F_EVP_MD_CTX_copy_ex 101 -#define DIGEST_R_INPUT_NOT_INITIALIZED 100 - -#endif /* OPENSSL_HEADER_DIGEST_H */ diff --git a/third_party/boringssl/include/openssl/dsa.h b/third_party/boringssl/include/openssl/dsa.h deleted file mode 100644 index 7274e4c8c90d29..00000000000000 --- a/third_party/boringssl/include/openssl/dsa.h +++ /dev/null @@ -1,379 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - * - * The DSS routines are based on patches supplied by - * Steven Schoch . */ - -#ifndef OPENSSL_HEADER_DSA_H -#define OPENSSL_HEADER_DSA_H - -#include - -#include -#include -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* DSA contains functions for signing and verifing with the Digital Signature - * Algorithm. */ - - -/* Allocation and destruction. */ - -/* DSA_new returns a new, empty DSA object or NULL on error. */ -OPENSSL_EXPORT DSA *DSA_new(void); - -/* DSA_new_method acts the same as |DH_new| but takes an explicit |ENGINE|. */ -OPENSSL_EXPORT DSA *DSA_new_method(const ENGINE *engine); - -/* DSA_free decrements the reference count of |dsa| and frees it if the - * reference count drops to zero. */ -OPENSSL_EXPORT void DSA_free(DSA *dsa); - -/* DSA_up_ref increments the reference count of |dsa|. */ -OPENSSL_EXPORT int DSA_up_ref(DSA *dsa); - - -/* Parameter generation. */ - -/* DSA_generate_parameters_ex generates a set of DSA parameters by following - * the procedure given in FIPS 186-4, appendix A. - * (http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf) - * - * The larger prime will have a length of |bits| (e.g. 2048). The |seed| value - * allows others to generate and verify the same parameters and should be - * random input which is kept for reference. If |out_counter| or |out_h| are - * not NULL then the counter and h value used in the generation are written to - * them. - * - * The |cb| argument is passed to |BN_generate_prime_ex| and is thus called - * during the generation process in order to indicate progress. See the - * comments for that function for details. In addition to the calls made by - * |BN_generate_prime_ex|, |DSA_generate_parameters_ex| will call it with - * |event| equal to 2 and 3 at different stages of the process. - * - * It returns one on success and zero otherwise. */ -OPENSSL_EXPORT int DSA_generate_parameters_ex(DSA *dsa, unsigned bits, - const uint8_t *seed, - size_t seed_len, int *out_counter, - unsigned long *out_h, - BN_GENCB *cb); - -/* DSAparams_dup returns a freshly allocated |DSA| that contains a copy of the - * parameters from |dsa|. It returns NULL on error. */ -OPENSSL_EXPORT DSA *DSAparams_dup(const DSA *dsa); - - -/* Key generation. */ - -/* DSA_generate_key generates a public/private key pair in |dsa|, which must - * already have parameters setup. It returns one on success and zero on - * error. */ -OPENSSL_EXPORT int DSA_generate_key(DSA *dsa); - - -/* Signatures. */ - -/* DSA_SIG contains a DSA signature as a pair of integers. */ -typedef struct DSA_SIG_st { - BIGNUM *r, *s; -} DSA_SIG; - -/* DSA_SIG_new returns a freshly allocated, DIG_SIG structure or NULL on error. - * Both |r| and |s| in the signature will be NULL. */ -OPENSSL_EXPORT DSA_SIG *DSA_SIG_new(void); - -/* DSA_SIG_free frees the contents of |sig| and then frees |sig| itself. */ -OPENSSL_EXPORT void DSA_SIG_free(DSA_SIG *sig); - -/* DSA_do_sign returns a signature of the hash in |digest| by the key in |dsa| - * and returns an allocated, DSA_SIG structure, or NULL on error. */ -OPENSSL_EXPORT DSA_SIG *DSA_do_sign(const uint8_t *digest, size_t digest_len, - DSA *dsa); - -/* DSA_do_verify verifies that |sig| is a valid signature, by the public key in - * |dsa|, of the hash in |digest|. It returns one if so, zero if invalid and -1 - * on error. - * - * WARNING: do not use. This function returns -1 for error, 0 for invalid and 1 - * for valid. However, this is dangerously different to the usual OpenSSL - * convention and could be a disaster if a user did |if (DSA_do_verify(...))|. - * Because of this, |DSA_check_signature| is a safer version of this. - * - * TODO(fork): deprecate. */ -OPENSSL_EXPORT int DSA_do_verify(const uint8_t *digest, size_t digest_len, - DSA_SIG *sig, const DSA *dsa); - -/* DSA_do_check_signature sets |*out_valid| to zero. Then it verifies that |sig| - * is a valid signature, by the public key in |dsa| of the hash in |digest| - * and, if so, it sets |*out_valid| to one. - * - * It returns one if it was able to verify the signature as valid or invalid, - * and zero on error. */ -OPENSSL_EXPORT int DSA_do_check_signature(int *out_valid, const uint8_t *digest, - size_t digest_len, DSA_SIG *sig, - const DSA *dsa); - - -/* ASN.1 signatures. - * - * These functions also perform DSA signature operations, but deal with ASN.1 - * encoded signatures as opposed to raw |BIGNUM|s. If you don't know what - * encoding a DSA signature is in, it's probably ASN.1. */ - -/* DSA_sign signs |digest| with the key in |dsa| and writes the resulting - * signature, in ASN.1 form, to |out_sig| and the length of the signature to - * |*out_siglen|. There must be, at least, |DSA_size(dsa)| bytes of space in - * |out_sig|. It returns one on success and zero otherwise. - * - * (The |type| argument is ignored.) */ -OPENSSL_EXPORT int DSA_sign(int type, const uint8_t *digest, size_t digest_len, - uint8_t *out_sig, unsigned int *out_siglen, - DSA *dsa); - -/* DSA_verify verifies that |sig| is a valid, ASN.1 signature, by the public - * key in |dsa|, of the hash in |digest|. It returns one if so, zero if invalid - * and -1 on error. - * - * (The |type| argument is ignored.) - * - * WARNING: do not use. This function returns -1 for error, 0 for invalid and 1 - * for valid. However, this is dangerously different to the usual OpenSSL - * convention and could be a disaster if a user did |if (DSA_do_verify(...))|. - * Because of this, |DSA_check_signature| is a safer version of this. - * - * TODO(fork): deprecate. */ -OPENSSL_EXPORT int DSA_verify(int type, const uint8_t *digest, - size_t digest_len, const uint8_t *sig, - size_t sig_len, const DSA *dsa); - -/* DSA_check_signature sets |*out_valid| to zero. Then it verifies that |sig| - * is a valid, ASN.1 signature, by the public key in |dsa|, of the hash in - * |digest|. If so, it sets |*out_valid| to one. - * - * It returns one if it was able to verify the signature as valid or invalid, - * and zero on error. */ -OPENSSL_EXPORT int DSA_check_signature(int *out_valid, const uint8_t *digest, - size_t digest_len, const uint8_t *sig, - size_t sig_len, const DSA *dsa); - -/* DSA_size returns the size, in bytes, of an ASN.1 encoded, DSA signature - * generated by |dsa|. Parameters must already have been setup in |dsa|. */ -OPENSSL_EXPORT int DSA_size(const DSA *dsa); - - -/* ASN.1 encoding. */ - -/* d2i_DSA_SIG parses an ASN.1, DER-encoded, DSA signature from |len| bytes at - * |*inp|. If |out_sig| is not NULL then, on exit, a pointer to the result is - * in |*out_sig|. If |*out_sig| is already non-NULL on entry then the result is - * written directly into |*out_sig|, otherwise a fresh |DSA_SIG| is allocated. - * On successful exit, |*inp| is advanced past the DER structure. It returns - * the result or NULL on error. */ -OPENSSL_EXPORT DSA_SIG *d2i_DSA_SIG(DSA_SIG **out_sig, const uint8_t **inp, - long len); - -/* i2d_DSA_SIG marshals |in| to an ASN.1, DER structure. If |outp| is not NULL - * then the result is written to |*outp| and |*outp| is advanced just past the - * output. It returns the number of bytes in the result, whether written or not, - * or a negative value on error. */ -OPENSSL_EXPORT int i2d_DSA_SIG(const DSA_SIG *in, uint8_t **outp); - -/* d2i_DSAPublicKey parses an ASN.1, DER-encoded, DSA public key from |len| - * bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result - * is in |*out|. If |*out| is already non-NULL on entry then the result is - * written directly into |*out|, otherwise a fresh |DSA| is allocated. On - * successful exit, |*inp| is advanced past the DER structure. It returns the - * result or NULL on error. */ -OPENSSL_EXPORT DSA *d2i_DSAPublicKey(DSA **out, const uint8_t **inp, long len); - -/* i2d_DSAPublicKey marshals a public key from |in| to an ASN.1, DER structure. - * If |outp| is not NULL then the result is written to |*outp| and |*outp| is - * advanced just past the output. It returns the number of bytes in the result, - * whether written or not, or a negative value on error. */ -OPENSSL_EXPORT int i2d_DSAPublicKey(const DSA *in, unsigned char **outp); - -/* d2i_DSAPrivateKey parses an ASN.1, DER-encoded, DSA private key from |len| - * bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result - * is in |*out|. If |*out| is already non-NULL on entry then the result is - * written directly into |*out|, otherwise a fresh |DSA| is allocated. On - * successful exit, |*inp| is advanced past the DER structure. It returns the - * result or NULL on error. */ -OPENSSL_EXPORT DSA *d2i_DSAPrivateKey(DSA **out, const uint8_t **inp, long len); - -/* i2d_DSAPrivateKey marshals a private key from |in| to an ASN.1, DER structure. - * If |outp| is not NULL then the result is written to |*outp| and |*outp| is - * advanced just past the output. It returns the number of bytes in the result, - * whether written or not, or a negative value on error. */ -OPENSSL_EXPORT int i2d_DSAPrivateKey(const DSA *in, unsigned char **outp); - -/* d2i_DSAparams parses ASN.1, DER-encoded, DSA parameters from |len| bytes at - * |*inp|. If |out| is not NULL then, on exit, a pointer to the result is in - * |*out|. If |*out| is already non-NULL on entry then the result is written - * directly into |*out|, otherwise a fresh |DSA| is allocated. On successful - * exit, |*inp| is advanced past the DER structure. It returns the result or - * NULL on error. */ -OPENSSL_EXPORT DSA *d2i_DSAparams(DSA **out, const uint8_t **inp, long len); - -/* i2d_DSAparams marshals DSA parameters from |in| to an ASN.1, DER structure. - * If |outp| is not NULL then the result is written to |*outp| and |*outp| is - * advanced just past the output. It returns the number of bytes in the result, - * whether written or not, or a negative value on error. */ -OPENSSL_EXPORT int i2d_DSAparams(const DSA *in, unsigned char **outp); - - -/* Precomputation. */ - -/* DSA_sign_setup precomputes the message independent part of the DSA signature - * and writes them to |*out_kinv| and |*out_r|. Returns one on success, zero on - * error. - * - * TODO(fork): decide what to do with this. Since making DSA* opaque there's no - * way for the user to install them. Also, it forces the DSA* not to be const - * when passing to the signing function. */ -OPENSSL_EXPORT int DSA_sign_setup(const DSA *dsa, BN_CTX *ctx, - BIGNUM **out_kinv, BIGNUM **out_r); - - -/* Conversion. */ - -/* DSA_dup_DH returns a |DH| constructed from the parameters of |dsa|. This is - * sometimes needed when Diffie-Hellman parameters are stored in the form of - * DSA parameters. It returns an allocated |DH| on success or NULL on error. */ -OPENSSL_EXPORT DH *DSA_dup_DH(const DSA *dsa); - - -/* ex_data functions. - * - * See |ex_data.h| for details. */ - -OPENSSL_EXPORT int DSA_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); -OPENSSL_EXPORT int DSA_set_ex_data(DSA *d, int idx, void *arg); -OPENSSL_EXPORT void *DSA_get_ex_data(const DSA *d, int idx); - - -struct dsa_method { - struct openssl_method_common_st common; - - void *app_data; - - int (*init)(DSA *dsa); - int (*finish)(DSA *dsa); - - DSA_SIG *(*sign)(const uint8_t *digest, size_t digest_len, DSA *dsa); - - int (*sign_setup)(const DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp, - const uint8_t *digest, size_t digest_len); - - int (*verify)(int *out_valid, const uint8_t *digest, size_t digest_len, - DSA_SIG *sig, const DSA *dsa); - - /* generate_parameters, if non-NULL, is used to generate DSA parameters. */ - int (*generate_parameters)(DSA *dsa, unsigned bits, const uint8_t *seed, - size_t seed_len, int *counter_ret, - unsigned long *h_ret, BN_GENCB *cb); - - /* keygen, if non-NULL, is used to generate DSA keys. */ - int (*keygen)(DSA *dsa); -}; - -struct dsa_st { - long version; - int write_params; - BIGNUM *p; - BIGNUM *q; /* == 20 */ - BIGNUM *g; - - BIGNUM *pub_key; /* y public key */ - BIGNUM *priv_key; /* x private key */ - - BIGNUM *kinv; /* Signing pre-calc */ - BIGNUM *r; /* Signing pre-calc */ - - int flags; - /* Normally used to cache montgomery values */ - CRYPTO_MUTEX method_mont_p_lock; - BN_MONT_CTX *method_mont_p; - CRYPTO_refcount_t references; - CRYPTO_EX_DATA ex_data; - DSA_METHOD *meth; - /* functional reference if 'meth' is ENGINE-provided */ - ENGINE *engine; -}; - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define DSA_F_DSA_new_method 100 -#define DSA_F_dsa_sig_cb 101 -#define DSA_F_sign 102 -#define DSA_F_sign_setup 103 -#define DSA_F_verify 104 -#define DSA_R_BAD_Q_VALUE 100 -#define DSA_R_MISSING_PARAMETERS 101 -#define DSA_R_MODULUS_TOO_LARGE 102 -#define DSA_R_NEED_NEW_SETUP_VALUES 103 - -#endif /* OPENSSL_HEADER_DSA_H */ diff --git a/third_party/boringssl/include/openssl/dtls1.h b/third_party/boringssl/include/openssl/dtls1.h deleted file mode 100644 index 38ca801cb1044e..00000000000000 --- a/third_party/boringssl/include/openssl/dtls1.h +++ /dev/null @@ -1,16 +0,0 @@ -/* Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -/* This header is provided in order to make compiling against code that expects - OpenSSL easier. */ diff --git a/third_party/boringssl/include/openssl/ec.h b/third_party/boringssl/include/openssl/ec.h deleted file mode 100644 index 25b455185e7503..00000000000000 --- a/third_party/boringssl/include/openssl/ec.h +++ /dev/null @@ -1,433 +0,0 @@ -/* Originally written by Bodo Moeller for the OpenSSL project. - * ==================================================================== - * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the OpenSSL open source - * license provided above. - * - * The elliptic curve binary polynomial software is originally written by - * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems - * Laboratories. */ - -#ifndef OPENSSL_HEADER_EC_H -#define OPENSSL_HEADER_EC_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* Low-level operations on elliptic curves. */ - - -typedef struct ec_group_st EC_GROUP; -typedef struct ec_point_st EC_POINT; - -/** Enum for the point conversion form as defined in X9.62 (ECDSA) - * for the encoding of a elliptic curve point (x,y) */ -typedef enum { - /** the point is encoded as z||x, where the octet z specifies - * which solution of the quadratic equation y is */ - POINT_CONVERSION_COMPRESSED = 2, - /** the point is encoded as z||x||y, where z is the octet 0x02 */ - POINT_CONVERSION_UNCOMPRESSED = 4 -} point_conversion_form_t; - - -/* Elliptic curve groups. */ - -/* EC_GROUP_new_by_curve_name returns a fresh EC_GROUP object for the elliptic - * curve specified by |nid|, or NULL on error. - * - * The supported NIDs are: - * NID_secp224r1, - * NID_X9_62_prime256v1, - * NID_secp384r1, - * NID_secp521r1 */ -OPENSSL_EXPORT EC_GROUP *EC_GROUP_new_by_curve_name(int nid); - -/* EC_GROUP_free frees |group| and the data that it points to. */ -OPENSSL_EXPORT void EC_GROUP_free(EC_GROUP *group); - -/* EC_GROUP_dup returns a fresh |EC_GROUP| which is equal to |a| or NULL on - * error. */ -OPENSSL_EXPORT EC_GROUP *EC_GROUP_dup(const EC_GROUP *a); - -/* EC_GROUP_cmp returns zero if |a| and |b| are the same group and non-zero - * otherwise. */ -OPENSSL_EXPORT int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, - BN_CTX *ignored); - -/* EC_GROUP_get0_generator returns a pointer to the internal |EC_POINT| object - * in |group| that specifies the generator for the group. */ -OPENSSL_EXPORT const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group); - -/* EC_GROUP_get_order sets |*order| to the order of |group|, if it's not - * NULL. It returns one on success and zero otherwise. |ctx| is ignored. */ -OPENSSL_EXPORT int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, - BN_CTX *ctx); - -/* EC_GROUP_get_cofactor sets |*cofactor| to the cofactor of |group| using - * |ctx|, if it's not NULL. It returns one on success and zero otherwise. */ -OPENSSL_EXPORT int EC_GROUP_get_cofactor(const EC_GROUP *group, - BIGNUM *cofactor, BN_CTX *ctx); - -/* EC_GROUP_get_curve_GFp gets various parameters about a group. It sets - * |*out_p| to the order of the coordinate field and |*out_a| and |*out_b| to - * the parameters of the curve when expressed as y² = x³ + ax + b. Any of the - * output parameters can be NULL. It returns one on success and zero on - * error. */ -OPENSSL_EXPORT int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *out_p, - BIGNUM *out_a, BIGNUM *out_b, - BN_CTX *ctx); - -/* EC_GROUP_get_curve_name returns a NID that identifies |group|. */ -OPENSSL_EXPORT int EC_GROUP_get_curve_name(const EC_GROUP *group); - -/* EC_GROUP_get_degree returns the number of bits needed to represent an - * element of the field underlying |group|. */ -OPENSSL_EXPORT int EC_GROUP_get_degree(const EC_GROUP *group); - -/* EC_GROUP_precompute_mult precomputes multiplies of the generator in order to - * speed up operations that involve calculating generator multiples. It returns - * one on sucess and zero otherwise. If |ctx| is not NULL, it may be used. */ -OPENSSL_EXPORT int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx); - -/* EC_GROUP_have_precompute_mult returns one if |group| contains precomputed - * generator multiples. */ -OPENSSL_EXPORT int EC_GROUP_have_precompute_mult(const EC_GROUP *group); - - -/* Points on elliptic curves. */ - -/* EC_POINT_new returns a fresh |EC_POINT| object in the given group, or NULL - * on error. */ -OPENSSL_EXPORT EC_POINT *EC_POINT_new(const EC_GROUP *group); - -/* EC_POINT_free frees |point| and the data that it points to. */ -OPENSSL_EXPORT void EC_POINT_free(EC_POINT *point); - -/* EC_POINT_clear_free clears the data that |point| points to, frees it and - * then frees |point| itself. */ -OPENSSL_EXPORT void EC_POINT_clear_free(EC_POINT *point); - -/* EC_POINT_copy sets |*dest| equal to |*src|. It returns one on success and - * zero otherwise. */ -OPENSSL_EXPORT int EC_POINT_copy(EC_POINT *dest, const EC_POINT *src); - -/* EC_POINT_dup returns a fresh |EC_POINT| that contains the same values as - * |src|, or NULL on error. */ -OPENSSL_EXPORT EC_POINT *EC_POINT_dup(const EC_POINT *src, - const EC_GROUP *group); - -/* EC_POINT_set_to_infinity sets |point| to be the "point at infinity" for the - * given group. */ -OPENSSL_EXPORT int EC_POINT_set_to_infinity(const EC_GROUP *group, - EC_POINT *point); - -/* EC_POINT_is_at_infinity returns one iff |point| is the point at infinity and - * zero otherwise. */ -OPENSSL_EXPORT int EC_POINT_is_at_infinity(const EC_GROUP *group, - const EC_POINT *point); - -/* EC_POINT_is_on_curve returns one if |point| is an element of |group| and - * zero otheriwse. If |ctx| is non-NULL, it may be used. */ -OPENSSL_EXPORT int EC_POINT_is_on_curve(const EC_GROUP *group, - const EC_POINT *point, BN_CTX *ctx); - -/* EC_POINT_cmp returns zero if |a| is equal to |b|, greater than zero is - * non-equal and -1 on error. If |ctx| is not NULL, it may be used. */ -OPENSSL_EXPORT int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, - const EC_POINT *b, BN_CTX *ctx); - -/* EC_POINT_make_affine converts |point| to affine form, internally. It returns - * one on success and zero otherwise. If |ctx| is not NULL, it may be used. */ -OPENSSL_EXPORT int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, - BN_CTX *ctx); - -/* EC_POINTs_make_affine converts |num| points from |points| to affine form, - * internally. It returns one on success and zero otherwise. If |ctx| is not - * NULL, it may be used. */ -OPENSSL_EXPORT int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, - EC_POINT *points[], BN_CTX *ctx); - - -/* Point conversion. */ - -/* EC_POINT_get_affine_coordinates_GFp sets |x| and |y| to the affine value of - * |point| using |ctx|, if it's not NULL. It returns one on success and zero - * otherwise. */ -OPENSSL_EXPORT int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, - const EC_POINT *point, - BIGNUM *x, BIGNUM *y, - BN_CTX *ctx); - -/* EC_POINT_set_affine_coordinates sets the value of |p| to be (|x|, |y|). The - * |ctx| argument may be used if not NULL. */ -OPENSSL_EXPORT int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, - EC_POINT *point, - const BIGNUM *x, - const BIGNUM *y, - BN_CTX *ctx); - -/* EC_POINT_point2oct serialises |point| into the X9.62 form given by |form| - * into, at most, |len| bytes at |buf|. It returns the number of bytes written - * or zero on error if |buf| is non-NULL, else the number of bytes needed. The - * |ctx| argument may be used if not NULL. */ -OPENSSL_EXPORT size_t EC_POINT_point2oct(const EC_GROUP *group, - const EC_POINT *point, - point_conversion_form_t form, - uint8_t *buf, size_t len, BN_CTX *ctx); - -/* EC_POINT_oct2point sets |point| from |len| bytes of X9.62 format - * serialisation in |buf|. It returns one on success and zero otherwise. The - * |ctx| argument may be used if not NULL. */ -OPENSSL_EXPORT int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *point, - const uint8_t *buf, size_t len, - BN_CTX *ctx); - -/* EC_POINT_set_compressed_coordinates_GFp sets |point| to equal the point with - * the given |x| coordinate and the y coordinate specified by |y_bit| (see - * X9.62). It returns one on success and zero otherwise. */ -OPENSSL_EXPORT int EC_POINT_set_compressed_coordinates_GFp( - const EC_GROUP *group, EC_POINT *point, const BIGNUM *x, int y_bit, - BN_CTX *ctx); - - -/* Group operations. */ - -/* EC_POINT_add sets |r| equal to |a| plus |b|. It returns one on success and - * zero otherwise. If |ctx| is not NULL, it may be used. */ -OPENSSL_EXPORT int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, - const EC_POINT *a, const EC_POINT *b, - BN_CTX *ctx); - -/* EC_POINT_dbl sets |r| equal to |a| plus |a|. It returns one on success and - * zero otherwise. If |ctx| is not NULL, it may be used. */ -OPENSSL_EXPORT int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, - const EC_POINT *a, BN_CTX *ctx); - -/* EC_POINT_dbl sets |a| equal to minus |a|. It returns one on success and zero - * otherwise. If |ctx| is not NULL, it may be used. */ -OPENSSL_EXPORT int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, - BN_CTX *ctx); - -/* EC_POINT_mul sets r = generator*n + q*m. It returns one on success and zero - * otherwise. If |ctx| is not NULL, it may be used. */ -OPENSSL_EXPORT int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, - const BIGNUM *n, const EC_POINT *q, - const BIGNUM *m, BN_CTX *ctx); - -/* EC_POINTs_mul sets r = generator*n + sum(p[i]*m[i]). It returns one on - * success and zero otherwise. If |ctx| is not NULL, it may be used. */ -OPENSSL_EXPORT int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, - const BIGNUM *n, size_t num, - const EC_POINT *p[], const BIGNUM *m[], - BN_CTX *ctx); - - -/* Deprecated functions. */ - -/* EC_GROUP_new_curve_GFp creates a new, arbitrary elliptic curve group based - * on the equation y² = x³ + a·x + b. It returns the new group or NULL on - * error. - * - * |EC_GROUP|s returned by this function will always compare as unequal via - * |EC_GROUP_cmp| (even to themselves). |EC_GROUP_get_curve_name| will always - * return |NID_undef|. */ -OPENSSL_EXPORT EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, - const BIGNUM *a, - const BIGNUM *b, BN_CTX *ctx); - -/* EC_GROUP_set_generator sets the generator for |group| to |generator|, which - * must have the given order and cofactor. This should only be used with - * |EC_GROUP| objects returned by |EC_GROUP_new_curve_GFp|. */ -OPENSSL_EXPORT int EC_GROUP_set_generator(EC_GROUP *group, - const EC_POINT *generator, - const BIGNUM *order, - const BIGNUM *cofactor); - -/* EC_GROUP_set_asn1_flag does nothing. */ -OPENSSL_EXPORT void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag); - -#define OPENSSL_EC_NAMED_CURVE 0 - -typedef struct ec_method_st EC_METHOD; - -/* EC_GROUP_method_of returns NULL. */ -OPENSSL_EXPORT const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group); - -/* EC_METHOD_get_field_type returns NID_X9_62_prime_field. */ -OPENSSL_EXPORT int EC_METHOD_get_field_type(const EC_METHOD *meth); - -/* EC_GROUP_set_point_conversion_form aborts the process if |form| is not - * |POINT_CONVERSION_UNCOMPRESSED| and otherwise does nothing. */ -OPENSSL_EXPORT void EC_GROUP_set_point_conversion_form( - EC_GROUP *group, point_conversion_form_t form); - - -/* Old code expects to get EC_KEY from ec.h. */ -#if !defined(OPENSSL_HEADER_EC_KEY_H) -#include -#endif - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define EC_F_EC_GROUP_copy 100 -#define EC_F_EC_GROUP_get_curve_GFp 101 -#define EC_F_EC_GROUP_get_degree 102 -#define EC_F_EC_GROUP_new_by_curve_name 103 -#define EC_F_EC_KEY_check_key 104 -#define EC_F_EC_KEY_copy 105 -#define EC_F_EC_KEY_generate_key 106 -#define EC_F_EC_KEY_new_method 107 -#define EC_F_EC_KEY_set_public_key_affine_coordinates 108 -#define EC_F_EC_POINT_add 109 -#define EC_F_EC_POINT_cmp 110 -#define EC_F_EC_POINT_copy 111 -#define EC_F_EC_POINT_dbl 112 -#define EC_F_EC_POINT_dup 113 -#define EC_F_EC_POINT_get_affine_coordinates_GFp 114 -#define EC_F_EC_POINT_invert 115 -#define EC_F_EC_POINT_is_at_infinity 116 -#define EC_F_EC_POINT_is_on_curve 117 -#define EC_F_EC_POINT_make_affine 118 -#define EC_F_EC_POINT_new 119 -#define EC_F_EC_POINT_oct2point 120 -#define EC_F_EC_POINT_point2oct 121 -#define EC_F_EC_POINT_set_affine_coordinates_GFp 122 -#define EC_F_EC_POINT_set_compressed_coordinates_GFp 123 -#define EC_F_EC_POINT_set_to_infinity 124 -#define EC_F_EC_POINTs_make_affine 125 -#define EC_F_compute_wNAF 126 -#define EC_F_d2i_ECPKParameters 127 -#define EC_F_d2i_ECParameters 128 -#define EC_F_d2i_ECPrivateKey 129 -#define EC_F_ec_GFp_mont_field_decode 130 -#define EC_F_ec_GFp_mont_field_encode 131 -#define EC_F_ec_GFp_mont_field_mul 132 -#define EC_F_ec_GFp_mont_field_set_to_one 133 -#define EC_F_ec_GFp_mont_field_sqr 134 -#define EC_F_ec_GFp_mont_group_set_curve 135 -#define EC_F_ec_GFp_simple_group_check_discriminant 136 -#define EC_F_ec_GFp_simple_group_set_curve 137 -#define EC_F_ec_GFp_simple_make_affine 138 -#define EC_F_ec_GFp_simple_oct2point 139 -#define EC_F_ec_GFp_simple_point2oct 140 -#define EC_F_ec_GFp_simple_point_get_affine_coordinates 141 -#define EC_F_ec_GFp_simple_point_set_affine_coordinates 142 -#define EC_F_ec_GFp_simple_points_make_affine 143 -#define EC_F_ec_GFp_simple_set_compressed_coordinates 144 -#define EC_F_ec_asn1_group2pkparameters 145 -#define EC_F_ec_asn1_pkparameters2group 146 -#define EC_F_ec_group_new 147 -#define EC_F_ec_group_new_curve_GFp 148 -#define EC_F_ec_group_new_from_data 149 -#define EC_F_ec_point_set_Jprojective_coordinates_GFp 150 -#define EC_F_ec_pre_comp_new 151 -#define EC_F_ec_wNAF_mul 152 -#define EC_F_ec_wNAF_precompute_mult 153 -#define EC_F_i2d_ECPKParameters 154 -#define EC_F_i2d_ECParameters 155 -#define EC_F_i2d_ECPrivateKey 156 -#define EC_F_i2o_ECPublicKey 157 -#define EC_F_o2i_ECPublicKey 158 -#define EC_F_BN_to_felem 159 -#define EC_F_ec_GFp_nistp256_group_set_curve 160 -#define EC_F_ec_GFp_nistp256_point_get_affine_coordinates 161 -#define EC_F_ec_GFp_nistp256_points_mul 162 -#define EC_F_ec_group_copy 163 -#define EC_F_nistp256_pre_comp_new 164 -#define EC_F_EC_KEY_new_by_curve_name 165 -#define EC_F_EC_GROUP_new_curve_GFp 166 -#define EC_R_BUFFER_TOO_SMALL 100 -#define EC_R_COORDINATES_OUT_OF_RANGE 101 -#define EC_R_D2I_ECPKPARAMETERS_FAILURE 102 -#define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 103 -#define EC_R_GROUP2PKPARAMETERS_FAILURE 104 -#define EC_R_I2D_ECPKPARAMETERS_FAILURE 105 -#define EC_R_INCOMPATIBLE_OBJECTS 106 -#define EC_R_INVALID_COMPRESSED_POINT 107 -#define EC_R_INVALID_COMPRESSION_BIT 108 -#define EC_R_INVALID_ENCODING 109 -#define EC_R_INVALID_FIELD 110 -#define EC_R_INVALID_FORM 111 -#define EC_R_INVALID_GROUP_ORDER 112 -#define EC_R_INVALID_PRIVATE_KEY 113 -#define EC_R_MISSING_PARAMETERS 114 -#define EC_R_MISSING_PRIVATE_KEY 115 -#define EC_R_NON_NAMED_CURVE 116 -#define EC_R_NOT_INITIALIZED 117 -#define EC_R_PKPARAMETERS2GROUP_FAILURE 118 -#define EC_R_POINT_AT_INFINITY 119 -#define EC_R_POINT_IS_NOT_ON_CURVE 120 -#define EC_R_SLOT_FULL 121 -#define EC_R_UNDEFINED_GENERATOR 122 -#define EC_R_UNKNOWN_GROUP 123 -#define EC_R_UNKNOWN_ORDER 124 -#define EC_R_WRONG_ORDER 125 -#define EC_R_BIGNUM_OUT_OF_RANGE 126 -#define EC_R_WRONG_CURVE_PARAMETERS 127 - -#endif /* OPENSSL_HEADER_EC_H */ diff --git a/third_party/boringssl/include/openssl/ec_key.h b/third_party/boringssl/include/openssl/ec_key.h deleted file mode 100644 index ee64030b8efca9..00000000000000 --- a/third_party/boringssl/include/openssl/ec_key.h +++ /dev/null @@ -1,286 +0,0 @@ -/* Originally written by Bodo Moeller for the OpenSSL project. - * ==================================================================== - * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the OpenSSL open source - * license provided above. - * - * The elliptic curve binary polynomial software is originally written by - * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems - * Laboratories. */ - -#ifndef OPENSSL_HEADER_EC_KEY_H -#define OPENSSL_HEADER_EC_KEY_H - -#include - -#include -#include -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* ec_key.h contains functions that handle elliptic-curve points that are - * public/private keys. */ - - -/* EC key objects. */ - -/* EC_KEY_new returns a fresh |EC_KEY| object or NULL on error. */ -OPENSSL_EXPORT EC_KEY *EC_KEY_new(void); - -/* EC_KEY_new_method acts the same as |EC_KEY_new|, but takes an explicit - * |ENGINE|. */ -OPENSSL_EXPORT EC_KEY *EC_KEY_new_method(const ENGINE *engine); - -/* EC_KEY_new_by_curve_name returns a fresh EC_KEY for group specified by |nid| - * or NULL on error. */ -OPENSSL_EXPORT EC_KEY *EC_KEY_new_by_curve_name(int nid); - -/* EC_KEY_free frees all the data owned by |key| and |key| itself. */ -OPENSSL_EXPORT void EC_KEY_free(EC_KEY *key); - -/* EC_KEY_copy sets |dst| equal to |src| and returns |dst| or NULL on error. */ -OPENSSL_EXPORT EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src); - -/* EC_KEY_dup returns a fresh copy of |src| or NULL on error. */ -OPENSSL_EXPORT EC_KEY *EC_KEY_dup(const EC_KEY *src); - -/* EC_KEY_up_ref increases the reference count of |key|. It returns one on - * success and zero otherwise. */ -OPENSSL_EXPORT int EC_KEY_up_ref(EC_KEY *key); - -/* EC_KEY_is_opaque returns one if |key| is opaque and doesn't expose its key - * material. Otherwise it return zero. */ -OPENSSL_EXPORT int EC_KEY_is_opaque(const EC_KEY *key); - -/* EC_KEY_get0_group returns a pointer to the |EC_GROUP| object inside |key|. */ -OPENSSL_EXPORT const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key); - -/* EC_KEY_set_group sets the |EC_GROUP| object that |key| will use to |group|. - * It returns one on success and zero otherwise. */ -OPENSSL_EXPORT int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group); - -/* EC_KEY_get0_private_key returns a pointer to the private key inside |key|. */ -OPENSSL_EXPORT const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key); - -/* EC_KEY_set_private_key sets the private key of |key| to |priv|. It returns - * one on success and zero otherwise. */ -OPENSSL_EXPORT int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv); - -/* EC_KEY_get0_public_key returns a pointer to the public key point inside - * |key|. */ -OPENSSL_EXPORT const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key); - -/* EC_KEY_set_public_key sets the public key of |key| to |pub|, by copying it. - * It returns one on success and zero otherwise. */ -OPENSSL_EXPORT int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub); - -#define EC_PKEY_NO_PARAMETERS 0x001 -#define EC_PKEY_NO_PUBKEY 0x002 - -/* EC_KEY_get_enc_flags returns the encoding flags for |key|, which is a - * bitwise-OR of |EC_PKEY_*| values. */ -OPENSSL_EXPORT unsigned EC_KEY_get_enc_flags(const EC_KEY *key); - -/* EC_KEY_set_enc_flags sets the encoding flags for |key|, which is a - * bitwise-OR of |EC_PKEY_*| values. */ -OPENSSL_EXPORT void EC_KEY_set_enc_flags(EC_KEY *key, unsigned flags); - -/* EC_KEY_get_conv_form returns the conversation form that will be used by - * |key|. */ -OPENSSL_EXPORT point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key); - -/* EC_KEY_set_conv_form sets the conversion form to be used by |key|. */ -OPENSSL_EXPORT void EC_KEY_set_conv_form(EC_KEY *key, - point_conversion_form_t cform); - -/* EC_KEY_precompute_mult precomputes multiplies of the generator of the - * underlying group in order to speed up operations that calculate generator - * multiples. If |ctx| is not NULL, it may be used. It returns one on success - * and zero otherwise. */ -OPENSSL_EXPORT int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx); - -/* EC_KEY_check_key performs several checks on |key| (possibly including an - * expensive check that the public key is in the primary subgroup). It returns - * one if all checks pass and zero otherwise. If it returns zero then detail - * about the problem can be found on the error stack. */ -OPENSSL_EXPORT int EC_KEY_check_key(const EC_KEY *key); - -/* EC_KEY_set_public_key_affine_coordinates sets the public key in |key| to - * (|x|, |y|). It returns one on success and zero otherwise. */ -OPENSSL_EXPORT int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, - BIGNUM *x, - BIGNUM *y); - - -/* Key generation. */ - -/* EC_KEY_generate_key generates a random, private key, calculates the - * corresponding public key and stores both in |key|. It returns one on success - * or zero otherwise. */ -OPENSSL_EXPORT int EC_KEY_generate_key(EC_KEY *key); - - -/* Serialisation. */ - -/* d2i_ECPrivateKey parses an ASN.1, DER-encoded, private key from |len| bytes - * at |*inp|. If |out_key| is not NULL then, on exit, a pointer to the result - * is in |*out_key|. If |*out_key| is already non-NULL on entry then the result - * is written directly into |*out_key|, otherwise a fresh |EC_KEY| is - * allocated. On successful exit, |*inp| is advanced past the DER structure. It - * returns the result or NULL on error. */ -OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey(EC_KEY **out_key, const uint8_t **inp, - long len); - -/* i2d_ECParameters marshals an EC private key from |key| to an ASN.1, DER - * structure. If |outp| is not NULL then the result is written to |*outp| and - * |*outp| is advanced just past the output. It returns the number of bytes in - * the result, whether written or not, or a negative value on error. */ -OPENSSL_EXPORT int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp); - -/* d2i_ECParameters parses an ASN.1, DER-encoded, set of EC parameters from - * |len| bytes at |*inp|. If |out_key| is not NULL then, on exit, a pointer to - * the result is in |*out_key|. If |*out_key| is already non-NULL on entry then - * the result is written directly into |*out_key|, otherwise a fresh |EC_KEY| - * is allocated. On successful exit, |*inp| is advanced past the DER structure. - * It returns the result or NULL on error. */ -OPENSSL_EXPORT EC_KEY *d2i_ECParameters(EC_KEY **out_key, const uint8_t **inp, - long len); - -/* i2d_ECParameters marshals EC parameters from |key| to an ASN.1, DER - * structure. If |outp| is not NULL then the result is written to |*outp| and - * |*outp| is advanced just past the output. It returns the number of bytes in - * the result, whether written or not, or a negative value on error. */ -OPENSSL_EXPORT int i2d_ECParameters(const EC_KEY *key, uint8_t **outp); - -/* o2i_ECPublicKey parses an EC point from |len| bytes at |*inp| into - * |*out_key|. Note that this differs from the d2i format in that |*out_key| - * must be non-NULL. On successful exit, |*inp| is advanced past the DER - * structure. It returns |*out_key| or NULL on error. */ -OPENSSL_EXPORT EC_KEY *o2i_ECPublicKey(EC_KEY **out_key, const uint8_t **inp, - long len); - -/* i2o_ECPublicKey marshals an EC point from |key|. If |outp| is not NULL then - * the result is written to |*outp| and |*outp| is advanced just past the - * output. It returns the number of bytes in the result, whether written or - * not, or a negative value on error. */ -OPENSSL_EXPORT int i2o_ECPublicKey(const EC_KEY *key, unsigned char **outp); - - -/* ex_data functions. - * - * These functions are wrappers. See |ex_data.h| for details. */ - -OPENSSL_EXPORT int EC_KEY_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); -OPENSSL_EXPORT int EC_KEY_set_ex_data(EC_KEY *r, int idx, void *arg); -OPENSSL_EXPORT void *EC_KEY_get_ex_data(const EC_KEY *r, int idx); - - -/* ECDSA method. */ - -/* ECDSA_FLAG_OPAQUE specifies that this ECDSA_METHOD does not expose its key - * material. This may be set if, for instance, it is wrapping some other crypto - * API, like a platform key store. */ -#define ECDSA_FLAG_OPAQUE 1 - -/* ecdsa_method_st is a structure of function pointers for implementing ECDSA. - * See engine.h. */ -struct ecdsa_method_st { - struct openssl_method_common_st common; - - void *app_data; - - int (*init)(EC_KEY *key); - int (*finish)(EC_KEY *key); - - /* group_order_size returns the number of bytes needed to represent the order - * of the group. This is used to calculate the maximum size of an ECDSA - * signature in |ECDSA_size|. */ - size_t (*group_order_size)(const EC_KEY *key); - - /* sign matches the arguments and behaviour of |ECDSA_sign|. */ - int (*sign)(const uint8_t *digest, size_t digest_len, uint8_t *sig, - unsigned int *sig_len, EC_KEY *eckey); - - /* verify matches the arguments and behaviour of |ECDSA_verify|. */ - int (*verify)(const uint8_t *digest, size_t digest_len, const uint8_t *sig, - size_t sig_len, EC_KEY *eckey); - - int flags; -}; - - -/* Deprecated functions. */ - -/* EC_KEY_set_asn1_flag does nothing. */ -OPENSSL_EXPORT void EC_KEY_set_asn1_flag(EC_KEY *key, int flag); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_EC_KEY_H */ diff --git a/third_party/boringssl/include/openssl/ecdh.h b/third_party/boringssl/include/openssl/ecdh.h deleted file mode 100644 index 27a85781275ddf..00000000000000 --- a/third_party/boringssl/include/openssl/ecdh.h +++ /dev/null @@ -1,103 +0,0 @@ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * The Elliptic Curve Public-Key Crypto Library (ECC Code) included - * herein is developed by SUN MICROSYSTEMS, INC., and is contributed - * to the OpenSSL project. - * - * The ECC Code is licensed pursuant to the OpenSSL open source - * license provided below. - * - * The ECDH software is originally written by Douglas Stebila of - * Sun Microsystems Laboratories. - * - */ -/* ==================================================================== - * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#ifndef OPENSSL_HEADER_ECDH_H -#define OPENSSL_HEADER_ECDH_H - -#include - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* Elliptic curve Diffie-Hellman. */ - - -/* ECDH_compute_key calculates the shared key between |pub_key| and |priv_key|. - * If |KDF| is not NULL, then it is called with the bytes of the shared key and - * the parameter |out|. When |KDF| returns, the value of |*outlen| becomes the - * return value. Otherwise, as many bytes of the shared key as will fit are - * copied directly to, at most, |outlen| bytes at |out|. It returns the number - * of bytes written to |out|, or -1 on error. */ -OPENSSL_EXPORT int ECDH_compute_key(void *out, size_t outlen, - const EC_POINT *pub_key, EC_KEY *priv_key, - void *(*KDF)(const void *in, size_t inlen, - void *out, size_t *outlen)); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define ECDH_F_ECDH_compute_key 100 -#define ECDH_R_KDF_FAILED 100 -#define ECDH_R_NO_PRIVATE_VALUE 101 -#define ECDH_R_POINT_ARITHMETIC_FAILURE 102 - -#endif /* OPENSSL_HEADER_ECDH_H */ diff --git a/third_party/boringssl/include/openssl/ecdsa.h b/third_party/boringssl/include/openssl/ecdsa.h deleted file mode 100644 index e04546345660c3..00000000000000 --- a/third_party/boringssl/include/openssl/ecdsa.h +++ /dev/null @@ -1,182 +0,0 @@ -/* ==================================================================== - * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#ifndef OPENSSL_HEADER_ECDSA_H -#define OPENSSL_HEADER_ECDSA_H - -#include - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* ECDSA contains functions for signing and verifying with the Digital Signature - * Algorithm over elliptic curves. */ - - -/* Signing and verifing. */ - -/* ECDSA_sign signs |digest_len| bytes from |digest| with |key| and writes the - * resulting signature to |sig|, which must have |ECDSA_size(key)| bytes of - * space. On successful exit, |*sig_len| is set to the actual number of bytes - * written. The |type| argument should be zero. It returns one on success and - * zero otherwise. */ -OPENSSL_EXPORT int ECDSA_sign(int type, const uint8_t *digest, - size_t digest_len, uint8_t *sig, - unsigned int *sig_len, EC_KEY *key); - -/* ECDSA_verify verifies that |sig_len| bytes from |sig| constitute a valid - * signature by |key| of |digest|. (The |type| argument should be zero.) It - * returns one on success or zero if the signature is invalid or an error - * occured. */ -OPENSSL_EXPORT int ECDSA_verify(int type, const uint8_t *digest, - size_t digest_len, const uint8_t *sig, - size_t sig_len, EC_KEY *key); - -/* ECDSA_size returns the maximum size of an ECDSA signature using |key|. It - * returns zero on error. */ -OPENSSL_EXPORT size_t ECDSA_size(const EC_KEY *key); - - -/* Low-level signing and verification. - * - * Low-level functions handle signatures as |ECDSA_SIG| structures which allow - * the two values in an ECDSA signature to be handled separately. */ - -struct ecdsa_sig_st { - BIGNUM *r; - BIGNUM *s; -}; - -/* ECDSA_SIG_new returns a fresh |ECDSA_SIG| structure or NULL on error. */ -OPENSSL_EXPORT ECDSA_SIG *ECDSA_SIG_new(void); - -/* ECDSA_SIG_free frees |sig| its member |BIGNUM|s. */ -OPENSSL_EXPORT void ECDSA_SIG_free(ECDSA_SIG *sig); - -/* ECDSA_sign signs |digest_len| bytes from |digest| with |key| and returns the - * resulting signature structure, or NULL on error. */ -OPENSSL_EXPORT ECDSA_SIG *ECDSA_do_sign(const uint8_t *digest, - size_t digest_len, EC_KEY *key); - -/* ECDSA_verify verifies that |sig| constitutes a valid signature by |key| of - * |digest|. It returns one on success or zero if the signature is invalid or - * on error. */ -OPENSSL_EXPORT int ECDSA_do_verify(const uint8_t *digest, size_t digest_len, - const ECDSA_SIG *sig, EC_KEY *key); - - -/* Signing with precomputation. - * - * Parts of the ECDSA signature can be independent of the message to be signed - * thus it's possible to precompute them and reduce the signing latency. - * - * TODO(fork): remove support for this as it cannot support safe-randomness. */ - -/* ECDSA_sign_setup precomputes parts of an ECDSA signing operation. It sets - * |*kinv| and |*rp| to the precomputed values and uses the |ctx| argument, if - * not NULL. It returns one on success and zero otherwise. */ -OPENSSL_EXPORT int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, - BIGNUM **rp); - -/* ECDSA_do_sign_ex is the same as |ECDSA_do_sign| but takes precomputed values - * as generated by |ECDSA_sign_setup|. */ -OPENSSL_EXPORT ECDSA_SIG *ECDSA_do_sign_ex(const uint8_t *digest, - size_t digest_len, - const BIGNUM *kinv, const BIGNUM *rp, - EC_KEY *eckey); - -/* ECDSA_sign_ex is the same as |ECDSA_sign| but takes precomputed values as - * generated by |ECDSA_sign_setup|. */ -OPENSSL_EXPORT int ECDSA_sign_ex(int type, const uint8_t *digest, - size_t digest_len, uint8_t *sig, - unsigned int *sig_len, const BIGNUM *kinv, - const BIGNUM *rp, EC_KEY *eckey); - - -/* ASN.1 functions. */ - -/* d2i_ECDSA_SIG parses an ASN.1, DER-encoded, signature from |len| bytes at - * |*inp|. If |out| is not NULL then, on exit, a pointer to the result is in - * |*out|. If |*out| is already non-NULL on entry then the result is written - * directly into |*out|, otherwise a fresh |ECDSA_SIG| is allocated. On - * successful exit, |*inp| is advanced past the DER structure. It returns the - * result or NULL on error. */ -OPENSSL_EXPORT ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **out, const uint8_t **inp, - long len); - -/* i2d_ECDSA_SIG marshals a signature from |sig| to an ASN.1, DER - * structure. If |outp| is not NULL then the result is written to |*outp| and - * |*outp| is advanced just past the output. It returns the number of bytes in - * the result, whether written or not, or a negative value on error. */ -OPENSSL_EXPORT int i2d_ECDSA_SIG(const ECDSA_SIG *sig, uint8_t **outp); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define ECDSA_F_ECDSA_do_sign_ex 100 -#define ECDSA_F_ECDSA_do_verify 101 -#define ECDSA_F_ECDSA_sign_ex 102 -#define ECDSA_F_digest_to_bn 103 -#define ECDSA_F_ecdsa_sign_setup 104 -#define ECDSA_R_BAD_SIGNATURE 100 -#define ECDSA_R_MISSING_PARAMETERS 101 -#define ECDSA_R_NEED_NEW_SETUP_VALUES 102 -#define ECDSA_R_NOT_IMPLEMENTED 103 -#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104 - -#endif /* OPENSSL_HEADER_ECDSA_H */ diff --git a/third_party/boringssl/include/openssl/engine.h b/third_party/boringssl/include/openssl/engine.h deleted file mode 100644 index d3d278a69b77a4..00000000000000 --- a/third_party/boringssl/include/openssl/engine.h +++ /dev/null @@ -1,107 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#ifndef OPENSSL_HEADER_ENGINE_H -#define OPENSSL_HEADER_ENGINE_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* Engines are collections of methods. Methods are tables of function pointers, - * defined for certain algorithms, that allow operations on those algorithms to - * be overridden via a callback. This can be used, for example, to implement an - * RSA* that forwards operations to a hardware module. - * - * Methods are reference counted but |ENGINE|s are not. When creating a method, - * you should zero the whole structure and fill in the function pointers that - * you wish before setting it on an |ENGINE|. Any functions pointers that - * are NULL indicate that the default behaviour should be used. */ - - -/* Allocation and destruction. */ - -/* ENGINE_new returns an empty ENGINE that uses the default method for all - * algorithms. */ -OPENSSL_EXPORT ENGINE *ENGINE_new(void); - -/* ENGINE_free decrements the reference counts for all methods linked from - * |engine| and frees |engine| itself. */ -OPENSSL_EXPORT void ENGINE_free(ENGINE *engine); - - -/* Method accessors. - * - * Method accessors take a method pointer and the size of the structure. The - * size allows for ABI compatibility in the case that the method structure is - * extended with extra elements at the end. Methods are always copied by the - * set functions. - * - * Set functions return one on success and zero on allocation failure. */ - -OPENSSL_EXPORT int ENGINE_set_DH_method(ENGINE *engine, const DH_METHOD *method, - size_t method_size); -OPENSSL_EXPORT DH_METHOD *ENGINE_get_DH_method(const ENGINE *engine); - -OPENSSL_EXPORT int ENGINE_set_DSA_method(ENGINE *engine, - const DSA_METHOD *method, - size_t method_size); -OPENSSL_EXPORT DSA_METHOD *ENGINE_get_DSA_method(const ENGINE *engine); - -OPENSSL_EXPORT int ENGINE_set_RSA_method(ENGINE *engine, - const RSA_METHOD *method, - size_t method_size); -OPENSSL_EXPORT RSA_METHOD *ENGINE_get_RSA_method(const ENGINE *engine); - -OPENSSL_EXPORT int ENGINE_set_ECDSA_method(ENGINE *engine, - const ECDSA_METHOD *method, - size_t method_size); -OPENSSL_EXPORT ECDSA_METHOD *ENGINE_get_ECDSA_method(const ENGINE *engine); - - -/* Generic method functions. - * - * These functions take a void* type but actually operate on all method - * structures. */ - -/* METHOD_ref increments the reference count of |method|. This is a no-op for - * now because all methods are currently static. */ -void METHOD_ref(void *method); - -/* METHOD_unref decrements the reference count of |method| and frees it if the - * reference count drops to zero. This is a no-op for now because all methods - * are currently static. */ -void METHOD_unref(void *method); - - -/* Private functions. */ - -/* openssl_method_common_st contains the common part of all method structures. - * This must be the first member of all method structures. */ -struct openssl_method_common_st { - int references; /* dummy – not used. */ - char is_static; -}; - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define ENGINE_R_OPERATION_NOT_SUPPORTED 100 - -#endif /* OPENSSL_HEADER_ENGINE_H */ diff --git a/third_party/boringssl/include/openssl/err.h b/third_party/boringssl/include/openssl/err.h deleted file mode 100644 index 30dc4afe9b9a54..00000000000000 --- a/third_party/boringssl/include/openssl/err.h +++ /dev/null @@ -1,509 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#ifndef OPENSSL_HEADER_ERR_H -#define OPENSSL_HEADER_ERR_H - -#include - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* Error queue handling functions. - * - * Errors in OpenSSL are generally signalled by the return value of a function. - * When a function fails it may add an entry to a per-thread error queue, - * which is managed by the functions in this header. - * - * Each error contains: - * 1) The library (i.e. ec, pem, rsa) which created it. - * 2) A function identifier and reason code. - * 3) The file and line number of the call that added the error. - * 4) A pointer to some error specific data, which may be NULL. - * - * The library identifier, function identifier and reason code are packed in a - * uint32_t and there exist various functions for unpacking it. - * - * The typical behaviour is that an error will occur deep in a call queue and - * that code will push an error onto the error queue. As the error queue - * unwinds, other functions will push their own errors. Thus, the "least - * recent" error is the most specific and the other errors will provide a - * backtrace of sorts. */ - - -/* Startup and shutdown. */ - -/* ERR_load_BIO_strings does nothing. - * - * TODO(fork): remove. libjingle calls this. */ -OPENSSL_EXPORT void ERR_load_BIO_strings(void); - -/* ERR_load_ERR_strings does nothing. */ -OPENSSL_EXPORT void ERR_load_ERR_strings(void); - -/* ERR_load_crypto_strings does nothing. */ -OPENSSL_EXPORT void ERR_load_crypto_strings(void); - -/* ERR_free_strings does nothing. */ -OPENSSL_EXPORT void ERR_free_strings(void); - - -/* Reading and formatting errors. */ - -/* ERR_get_error gets the packed error code for the least recent error and - * removes that error from the queue. If there are no errors in the queue then - * it returns zero. */ -OPENSSL_EXPORT uint32_t ERR_get_error(void); - -/* ERR_get_error_line acts like |ERR_get_error|, except that the file and line - * number of the call that added the error are also returned. */ -OPENSSL_EXPORT uint32_t ERR_get_error_line(const char **file, int *line); - -/* ERR_get_error_line_data acts like |ERR_get_error_line|, but also returns the - * error-specific data pointer and flags. The flags are a bitwise-OR of - * |ERR_FLAG_*| values. The error-specific data is owned by the error queue - * and the pointer becomes invalid after the next call that affects the same - * thread's error queue. If |*flags| contains |ERR_FLAG_STRING| then |*data| is - * human-readable. */ -OPENSSL_EXPORT uint32_t ERR_get_error_line_data(const char **file, int *line, - const char **data, int *flags); - -/* The "peek" functions act like the |ERR_get_error| functions, above, but they - * do not remove the error from the queue. */ -OPENSSL_EXPORT uint32_t ERR_peek_error(void); -OPENSSL_EXPORT uint32_t ERR_peek_error_line(const char **file, int *line); -OPENSSL_EXPORT uint32_t ERR_peek_error_line_data(const char **file, int *line, - const char **data, int *flags); - -/* The "peek last" functions act like the "peek" functions, above, except that - * they return the most recent error. */ -OPENSSL_EXPORT uint32_t ERR_peek_last_error(void); -OPENSSL_EXPORT uint32_t ERR_peek_last_error_line(const char **file, int *line); -OPENSSL_EXPORT uint32_t ERR_peek_last_error_line_data(const char **file, - int *line, - const char **data, - int *flags); - -/* ERR_error_string generates a human-readable string representing - * |packed_error|, places it at |buf| (which must be at least - * ERR_ERROR_STRING_BUF_LEN bytes long) and returns |buf|. If |buf| is NULL, - * the error string is placed in a static buffer which is returned. (The static - * buffer may be overridden by concurrent calls in other threads so this form - * is deprecated.) - * - * The string will have the following format: - * - * error:[error code]:[library name]:[function name]:[reason string] - * - * error code is an 8 digit hexadecimal number; library name, function name - * and reason string are ASCII text. - * - * TODO(fork): remove in favour of |ERR_error_string_n|. */ -OPENSSL_EXPORT char *ERR_error_string(uint32_t packed_error, char *buf); -#define ERR_ERROR_STRING_BUF_LEN 256 - -/* ERR_error_string_n is a variant of |ERR_error_string| that writes at most - * len characters (including the terminating NUL) and truncates the string if - * necessary. If |len| is greater than zero then |buf| is always NUL - * terminated. */ -OPENSSL_EXPORT void ERR_error_string_n(uint32_t packed_error, char *buf, - size_t len); - -/* ERR_lib_error_string returns a string representation of the library that - * generated |packed_error|. */ -OPENSSL_EXPORT const char *ERR_lib_error_string(uint32_t packed_error); - -/* ERR_func_error_string returns a string representation of the function that - * generated |packed_error|. */ -OPENSSL_EXPORT const char *ERR_func_error_string(uint32_t packed_error); - -/* ERR_reason_error_string returns a string representation of the reason for - * |packed_error|. */ -OPENSSL_EXPORT const char *ERR_reason_error_string(uint32_t packed_error); - -/* ERR_print_errors_callback_t is the type of a function used by - * |ERR_print_errors_cb|. It takes a pointer to a human readable string (and - * its length) that describes an entry in the error queue. The |ctx| argument - * is an opaque pointer given to |ERR_print_errors_cb|. - * - * It should return one on success or zero on error, which will stop the - * iteration over the error queue. */ -typedef int (*ERR_print_errors_callback_t)(const char *str, size_t len, - void *ctx); - -/* ERR_print_errors_cb calls |callback| with a string representation of each - * error in the current thread's error queue, from the least recent to the most - * recent error. - * - * The string will have the following format (which differs from - * |ERR_error_string|): - * - * [thread id]:error:[error code]:[library name]:[function name]: - * [reason string]:[file]:[line number]:[optional string data] - * - * (All in one line.) - * - * The callback can return one to continue the iteration or zero to stop it. - * The |ctx| argument is an opaque value that is passed through to the - * callback. */ -OPENSSL_EXPORT void ERR_print_errors_cb(ERR_print_errors_callback_t callback, - void *ctx); - - -/* ERR_print_errors_fp prints the current contents of the error stack to |file| - * using human readable strings where possible. */ -OPENSSL_EXPORT void ERR_print_errors_fp(FILE *file); - -/* Clearing errors. */ - -/* ERR_clear_error clears the error queue for the current thread. */ -OPENSSL_EXPORT void ERR_clear_error(void); - -/* ERR_remove_thread_state clears the error queue for the current thread if - * |tid| is NULL. Otherwise it calls |assert(0)|, because it's no longer - * possible to delete the error queue for other threads. - * - * Error queues are thread-local data and are deleted automatically. You do not - * need to call this function. Use |ERR_clear_error|. */ -OPENSSL_EXPORT void ERR_remove_thread_state(const CRYPTO_THREADID *tid); - - -/* Custom errors. */ - -/* ERR_get_next_error_library returns a value suitable for passing as the - * |library| argument to |ERR_put_error|. This is intended for code that wishes - * to push its own, non-standard errors to the error queue. */ -OPENSSL_EXPORT int ERR_get_next_error_library(void); - - -/* Deprecated functions. */ - -/* |ERR_remove_state| calls |ERR_clear_error|. */ -OPENSSL_EXPORT void ERR_remove_state(unsigned long pid); - - -/* Private functions. */ - -/* ERR_clear_system_error clears the system's error value (i.e. errno). */ -OPENSSL_EXPORT void ERR_clear_system_error(void); - -/* OPENSSL_PUT_ERROR is used by OpenSSL code to add an error to the error - * queue. */ -#define OPENSSL_PUT_ERROR(library, func, reason) \ - ERR_put_error(ERR_LIB_##library, library##_F_##func, reason, __FILE__, \ - __LINE__) - -/* OPENSSL_PUT_SYSTEM_ERROR is used by OpenSSL code to add an error from the - * operating system to the error queue. */ -/* TODO(fork): include errno. */ -#define OPENSSL_PUT_SYSTEM_ERROR(func) \ - ERR_put_error(ERR_LIB_SYS, SYS_F_##func, 0, __FILE__, __LINE__); - -/* ERR_put_error adds an error to the error queue, dropping the least recent - * error if neccessary for space reasons. */ -OPENSSL_EXPORT void ERR_put_error(int library, int func, int reason, - const char *file, unsigned line); - -/* ERR_add_error_data takes a variable number (|count|) of const char* - * pointers, concatenates them and sets the result as the data on the most - * recent error. */ -OPENSSL_EXPORT void ERR_add_error_data(unsigned count, ...); - -/* ERR_add_error_dataf takes a printf-style format and arguments, and sets the - * result as the data on the most recent error. */ -OPENSSL_EXPORT void ERR_add_error_dataf(const char *format, ...); - -/* ERR_set_mark "marks" the most recent error for use with |ERR_pop_to_mark|. - * It returns one if an error was marked and zero if there are no errors. */ -OPENSSL_EXPORT int ERR_set_mark(void); - -/* ERR_pop_to_mark removes errors from the most recent to the least recent - * until (and not including) a "marked" error. It returns zero if no marked - * error was found (and thus all errors were removed) and one otherwise. Errors - * are marked using |ERR_set_mark|. */ -OPENSSL_EXPORT int ERR_pop_to_mark(void); - -struct err_error_st { - /* file contains the filename where the error occured. */ - const char *file; - /* data contains optional data. It must be freed with |OPENSSL_free| if - * |flags&ERR_FLAG_MALLOCED|. */ - char *data; - /* packed contains the error library, function and reason, as packed by - * ERR_PACK. */ - uint32_t packed; - /* line contains the line number where the error occured. */ - uint16_t line; - /* flags contains a bitwise-OR of ERR_FLAG_* values. */ - uint8_t flags; -}; - -/* ERR_FLAG_STRING means that the |data| member is a NUL-terminated string that - * can be printed. */ -#define ERR_FLAG_STRING 1 -/* ERR_TXT_STRING is provided for compatibility with code that assumes that - * it's using OpenSSL. */ -#define ERR_TXT_STRING ERR_FLAG_STRING - -/* ERR_FLAG_PUBLIC_MASK is applied to the flags field before it is returned - * from functions like |ERR_get_error_line_data|. */ -#define ERR_FLAG_PUBLIC_MASK 0xf - -/* The following flag values are internal and are masked when flags are - * returned from functions like |ERR_get_error_line_data|. */ - -/* ERR_FLAG_MALLOCED means the the |data| member must be freed when no longer - * needed. */ -#define ERR_FLAG_MALLOCED 16 -/* ERR_FLAG_MARK is used to indicate a reversion point in the queue. See - * |ERR_pop_to_mark|. */ -#define ERR_FLAG_MARK 32 - -/* ERR_NUM_ERRORS is the limit of the number of errors in the queue. */ -#define ERR_NUM_ERRORS 16 - -/* ERR_STATE contains the per-thread, error queue. */ -typedef struct err_state_st { - /* errors contains the ERR_NUM_ERRORS most recent errors, organised as a ring - * buffer. */ - struct err_error_st errors[ERR_NUM_ERRORS]; - /* top contains the index one past the most recent error. If |top| equals - * |bottom| then the queue is empty. */ - unsigned top; - /* bottom contains the index of the last error in the queue. */ - unsigned bottom; - - /* to_free, if not NULL, contains a pointer owned by this structure that was - * previously a |data| pointer of one of the elements of |errors|. */ - void *to_free; -} ERR_STATE; - -enum { - ERR_LIB_NONE = 1, - ERR_LIB_SYS, - ERR_LIB_BN, - ERR_LIB_RSA, - ERR_LIB_DH, - ERR_LIB_EVP, - ERR_LIB_BUF, - ERR_LIB_OBJ, - ERR_LIB_PEM, - ERR_LIB_DSA, - ERR_LIB_X509, - ERR_LIB_ASN1, - ERR_LIB_CONF, - ERR_LIB_CRYPTO, - ERR_LIB_EC, - ERR_LIB_SSL, - ERR_LIB_BIO, - ERR_LIB_PKCS7, - ERR_LIB_PKCS8, - ERR_LIB_X509V3, - ERR_LIB_RAND, - ERR_LIB_ENGINE, - ERR_LIB_OCSP, - ERR_LIB_UI, - ERR_LIB_COMP, - ERR_LIB_ECDSA, - ERR_LIB_ECDH, - ERR_LIB_HMAC, - ERR_LIB_DIGEST, - ERR_LIB_CIPHER, - ERR_LIB_USER, - ERR_LIB_HKDF, - ERR_NUM_LIBS -}; - -#define ERR_R_SYS_LIB ERR_LIB_SYS -#define ERR_R_BN_LIB ERR_LIB_BN -#define ERR_R_RSA_LIB ERR_LIB_RSA -#define ERR_R_DH_LIB ERR_LIB_DH -#define ERR_R_EVP_LIB ERR_LIB_EVP -#define ERR_R_BUF_LIB ERR_LIB_BUF -#define ERR_R_OBJ_LIB ERR_LIB_OBJ -#define ERR_R_PEM_LIB ERR_LIB_PEM -#define ERR_R_DSA_LIB ERR_LIB_DSA -#define ERR_R_X509_LIB ERR_LIB_X509 -#define ERR_R_ASN1_LIB ERR_LIB_ASN1 -#define ERR_R_CONF_LIB ERR_LIB_CONF -#define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO -#define ERR_R_EC_LIB ERR_LIB_EC -#define ERR_R_SSL_LIB ERR_LIB_SSL -#define ERR_R_BIO_LIB ERR_LIB_BIO -#define ERR_R_PKCS7_LIB ERR_LIB_PKCS7 -#define ERR_R_PKCS8_LIB ERR_LIB_PKCS8 -#define ERR_R_X509V3_LIB ERR_LIB_X509V3 -#define ERR_R_RAND_LIB ERR_LIB_RAND -#define ERR_R_DSO_LIB ERR_LIB_DSO -#define ERR_R_ENGINE_LIB ERR_LIB_ENGINE -#define ERR_R_OCSP_LIB ERR_LIB_OCSP -#define ERR_R_UI_LIB ERR_LIB_UI -#define ERR_R_COMP_LIB ERR_LIB_COMP -#define ERR_R_ECDSA_LIB ERR_LIB_ECDSA -#define ERR_R_ECDH_LIB ERR_LIB_ECDH -#define ERR_R_STORE_LIB ERR_LIB_STORE -#define ERR_R_FIPS_LIB ERR_LIB_FIPS -#define ERR_R_CMS_LIB ERR_LIB_CMS -#define ERR_R_TS_LIB ERR_LIB_TS -#define ERR_R_HMAC_LIB ERR_LIB_HMAC -#define ERR_R_JPAKE_LIB ERR_LIB_JPAKE -#define ERR_R_USER_LIB ERR_LIB_USER -#define ERR_R_DIGEST_LIB ERR_LIB_DIGEST -#define ERR_R_CIPHER_LIB ERR_LIB_CIPHER -#define ERR_R_HKDF_LIB ERR_LIB_HKDF - -/* Global reasons. */ -#define ERR_R_FATAL 64 -#define ERR_R_MALLOC_FAILURE (1 | ERR_R_FATAL) -#define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2 | ERR_R_FATAL) -#define ERR_R_PASSED_NULL_PARAMETER (3 | ERR_R_FATAL) -#define ERR_R_INTERNAL_ERROR (4 | ERR_R_FATAL) -#define ERR_R_OVERFLOW (5 | ERR_R_FATAL) - -/* System error functions */ -#define SYS_F_fopen 100 -#define SYS_F_fclose 101 -#define SYS_F_fread 102 -#define SYS_F_fwrite 103 -#define SYS_F_socket 104 -#define SYS_F_setsockopt 105 -#define SYS_F_connect 106 -#define SYS_F_getaddrinfo 107 - -#define ERR_PACK(lib, func, reason) \ - (((((uint32_t)lib) & 0xff) << 24) | ((((uint32_t)func) & 0xfff) << 12) | \ - ((((uint32_t)reason) & 0xfff))) - -#define ERR_GET_LIB(packed_error) ((int)(((packed_error) >> 24) & 0xff)) -#define ERR_GET_FUNC(packed_error) ((int)(((packed_error) >> 12) & 0xfff)) -#define ERR_GET_REASON(packed_error) ((int)((packed_error) & 0xfff)) - -/* OPENSSL_DECLARE_ERROR_REASON is used by util/make_errors.h (which generates - * the error defines) to recognise that an additional reason value is needed. - * This is needed when the reason value is used outside of an - * |OPENSSL_PUT_ERROR| macro. The resulting define will be - * ${lib}_R_${reason}. */ -#define OPENSSL_DECLARE_ERROR_REASON(lib, reason) - -/* OPENSSL_DECLARE_ERROR_FUNCTION is used by util/make_errors.h (which - * generates the error * defines to recognise that an additional function value - * is needed. This is * needed when the function value is used outside of an - * |OPENSSL_PUT_ERROR| * macro. The resulting define will be - * ${lib}_F_${reason}. */ -#define OPENSSL_DECLARE_ERROR_FUNCTION(lib, function_name) - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_ERR_H */ diff --git a/third_party/boringssl/include/openssl/evp.h b/third_party/boringssl/include/openssl/evp.h deleted file mode 100644 index 490a9514c33281..00000000000000 --- a/third_party/boringssl/include/openssl/evp.h +++ /dev/null @@ -1,826 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_EVP_H -#define OPENSSL_HEADER_EVP_H - -#include - -#include - -/* OpenSSL included digest and cipher functions in this header so we include - * them for users that still expect that. - * - * TODO(fork): clean up callers so that they include what they use. */ -#include -#include -#include -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* EVP abstracts over public/private key algorithms. */ - - -/* Public key objects. */ - -/* EVP_PKEY_new creates a new, empty public-key object and returns it or NULL - * on allocation failure. */ -OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_new(void); - -/* EVP_PKEY_free frees all data referenced by |pkey| and then frees |pkey| - * itself. */ -OPENSSL_EXPORT void EVP_PKEY_free(EVP_PKEY *pkey); - -/* EVP_PKEY_up_ref increments the reference count of |pkey| and returns it. */ -OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_up_ref(EVP_PKEY *pkey); - -/* EVP_PKEY_is_opaque returns one if |pkey| is opaque. Opaque keys are backed by - * custom implementations which do not expose key material and parameters. It is - * an error to attempt to duplicate, export, or compare an opaque key. */ -OPENSSL_EXPORT int EVP_PKEY_is_opaque(const EVP_PKEY *pkey); - -/* EVP_PKEY_supports_digest returns one if |pkey| supports digests of - * type |md|. This is intended for use with EVP_PKEYs backing custom - * implementations which can't sign all digests. */ -OPENSSL_EXPORT int EVP_PKEY_supports_digest(const EVP_PKEY *pkey, - const EVP_MD *md); - -/* EVP_PKEY_cmp compares |a| and |b| and returns one if they are equal, zero if - * not and a negative number on error. - * - * WARNING: this differs from the traditional return value of a "cmp" - * function. */ -OPENSSL_EXPORT int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b); - -/* EVP_PKEY_copy_parameters sets the parameters of |to| to equal the parameters - * of |from|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from); - -/* EVP_PKEY_missing_parameters returns one if |pkey| is missing needed - * parameters or zero if not, or if the algorithm doesn't take parameters. */ -OPENSSL_EXPORT int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey); - -/* EVP_PKEY_size returns the maximum size, in bytes, of a signature signed by - * |pkey|. For an RSA key, this returns the number of bytes needed to represent - * the modulus. For an EC key, this returns the maximum size of a DER-encoded - * ECDSA signature. */ -OPENSSL_EXPORT int EVP_PKEY_size(const EVP_PKEY *pkey); - -/* EVP_PKEY_bits returns the "size", in bits, of |pkey|. For an RSA key, this - * returns the bit length of the modulus. For an EC key, this returns the bit - * length of the group order. */ -OPENSSL_EXPORT int EVP_PKEY_bits(EVP_PKEY *pkey); - -/* EVP_PKEY_id returns the type of |pkey|, which is one of the |EVP_PKEY_*| - * values. */ -OPENSSL_EXPORT int EVP_PKEY_id(const EVP_PKEY *pkey); - -/* EVP_PKEY_type returns a canonicalised form of |NID|. For example, - * |EVP_PKEY_RSA2| will be turned into |EVP_PKEY_RSA|. */ -OPENSSL_EXPORT int EVP_PKEY_type(int nid); - -/* Deprecated: EVP_PKEY_new_mac_key allocates a fresh |EVP_PKEY| of the given - * type (e.g. |EVP_PKEY_HMAC|), sets |mac_key| as the MAC key and "generates" a - * new key, suitable for signing. It returns the fresh |EVP_PKEY|, or NULL on - * error. Use |HMAC_CTX| directly instead. */ -OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *engine, - const uint8_t *mac_key, - size_t mac_key_len); - - -/* Getting and setting concrete public key types. - * - * The following functions get and set the underlying public key in an - * |EVP_PKEY| object. The |set1| functions take an additional reference to the - * underlying key and return one on success or zero on error. The |assign| - * functions adopt the caller's reference. The getters return a fresh reference - * to the underlying object. */ - -OPENSSL_EXPORT int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key); -OPENSSL_EXPORT int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key); -OPENSSL_EXPORT RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey); - -OPENSSL_EXPORT int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, struct dsa_st *key); -OPENSSL_EXPORT int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key); -OPENSSL_EXPORT struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey); - -OPENSSL_EXPORT int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, struct ec_key_st *key); -OPENSSL_EXPORT int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key); -OPENSSL_EXPORT struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey); - -OPENSSL_EXPORT int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key); -OPENSSL_EXPORT int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key); -OPENSSL_EXPORT struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey); - -#define EVP_PKEY_NONE NID_undef -#define EVP_PKEY_RSA NID_rsaEncryption -#define EVP_PKEY_RSA2 NID_rsa -#define EVP_PKEY_DSA NID_dsa -#define EVP_PKEY_DH NID_dhKeyAgreement -#define EVP_PKEY_DHX NID_dhpublicnumber -#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey - -/* Deprecated: Use |HMAC_CTX| directly instead. */ -#define EVP_PKEY_HMAC NID_hmac - -/* EVP_PKEY_assign sets the underlying key of |pkey| to |key|, which must be of - * the given type. The |type| argument should be one of the |EVP_PKEY_*| - * values. */ -OPENSSL_EXPORT int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key); - -/* EVP_PKEY_set_type sets the type of |pkey| to |type|, which should be one of - * the |EVP_PKEY_*| values. It returns one if sucessful or zero otherwise. If - * |pkey| is NULL, it simply reports whether the type is known. */ -OPENSSL_EXPORT int EVP_PKEY_set_type(EVP_PKEY *pkey, int type); - -/* EVP_PKEY_cmp_parameters compares the parameters of |a| and |b|. It returns - * one if they match, zero if not, or a negative number of on error. - * - * WARNING: the return value differs from the usual return value convention. */ -OPENSSL_EXPORT int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, - const EVP_PKEY *b); - - -/* ASN.1 functions */ - -/* d2i_PrivateKey parses an ASN.1, DER-encoded, private key from |len| bytes at - * |*inp|. If |out| is not NULL then, on exit, a pointer to the result is in - * |*out|. If |*out| is already non-NULL on entry then the result is written - * directly into |*out|, otherwise a fresh |EVP_PKEY| is allocated. On - * successful exit, |*inp| is advanced past the DER structure. It returns the - * result or NULL on error. */ -OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **out, - const uint8_t **inp, long len); - -/* d2i_AutoPrivateKey acts the same as |d2i_PrivateKey|, but detects the type - * of the private key. */ -OPENSSL_EXPORT EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp, - long len); - -/* i2d_PrivateKey marshals a private key from |key| to an ASN.1, DER - * structure. If |outp| is not NULL then the result is written to |*outp| and - * |*outp| is advanced just past the output. It returns the number of bytes in - * the result, whether written or not, or a negative value on error. */ -OPENSSL_EXPORT int i2d_PrivateKey(const EVP_PKEY *key, uint8_t **outp); - -/* i2d_PublicKey marshals a public key from |key| to an ASN.1, DER - * structure. If |outp| is not NULL then the result is written to |*outp| and - * |*outp| is advanced just past the output. It returns the number of bytes in - * the result, whether written or not, or a negative value on error. */ -OPENSSL_EXPORT int i2d_PublicKey(EVP_PKEY *key, uint8_t **outp); - - -/* Signing */ - -/* EVP_DigestSignInit sets up |ctx| for a signing operation with |type| and - * |pkey|. The |ctx| argument must have been initialised with - * |EVP_MD_CTX_init|. If |pctx| is not NULL, the |EVP_PKEY_CTX| of the signing - * operation will be written to |*pctx|; this can be used to set alternative - * signing options. - * - * It returns one on success, or zero on error. */ -OPENSSL_EXPORT int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const EVP_MD *type, ENGINE *e, - EVP_PKEY *pkey); - -/* EVP_DigestSignUpdate appends |len| bytes from |data| to the data which will - * be signed in |EVP_DigestSignFinal|. It returns one. */ -OPENSSL_EXPORT int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, - size_t len); - -/* EVP_DigestSignFinal signs the data that has been included by one or more - * calls to |EVP_DigestSignUpdate|. If |out_sig| is NULL then |*out_sig_len| is - * set to the maximum number of output bytes. Otherwise, on entry, - * |*out_sig_len| must contain the length of the |out_sig| buffer. If the call - * is successful, the signature is written to |out_sig| and |*out_sig_len| is - * set to its length. - * - * It returns one on success, or zero on error. */ -OPENSSL_EXPORT int EVP_DigestSignFinal(EVP_MD_CTX *ctx, uint8_t *out_sig, - size_t *out_sig_len); - -/* EVP_DigestSignAlgorithm encodes the signing parameters of |ctx| as an - * AlgorithmIdentifer and saves the result in |algor|. - * - * It returns one on success, or zero on error. - * - * TODO(davidben): This API should eventually lose the dependency on - * crypto/asn1/. */ -OPENSSL_EXPORT int EVP_DigestSignAlgorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor); - - -/* Verifying */ - -/* EVP_DigestVerifyInit sets up |ctx| for a signature verification operation - * with |type| and |pkey|. The |ctx| argument must have been initialised with - * |EVP_MD_CTX_init|. If |pctx| is not NULL, the |EVP_PKEY_CTX| of the signing - * operation will be written to |*pctx|; this can be used to set alternative - * signing options. - * - * It returns one on success, or zero on error. */ -OPENSSL_EXPORT int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const EVP_MD *type, ENGINE *e, - EVP_PKEY *pkey); - -/* EVP_DigestVerifyInitFromAlgorithm sets up |ctx| for a signature verification - * operation with public key |pkey| and parameters from |algor|. The |ctx| - * argument must have been initialised with |EVP_MD_CTX_init|. - * - * It returns one on success, or zero on error. - * - * TODO(davidben): This API should eventually lose the dependency on - * crypto/asn1/. */ -OPENSSL_EXPORT int EVP_DigestVerifyInitFromAlgorithm(EVP_MD_CTX *ctx, - X509_ALGOR *algor, - EVP_PKEY *pkey); - -/* EVP_DigestVerifyUpdate appends |len| bytes from |data| to the data which - * will be verified by |EVP_DigestVerifyFinal|. It returns one. */ -OPENSSL_EXPORT int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, - size_t len); - -/* EVP_DigestVerifyFinal verifies that |sig_len| bytes of |sig| are a valid - * signature for the data that has been included by one or more calls to - * |EVP_DigestVerifyUpdate|. It returns one on success and zero otherwise. */ -OPENSSL_EXPORT int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const uint8_t *sig, - size_t sig_len); - - -/* Signing (old functions) */ - -/* EVP_SignInit_ex configures |ctx|, which must already have been initialised, - * for a fresh signing operation using the hash function |type|. It returns one - * on success and zero otherwise. - * - * (In order to initialise |ctx|, either obtain it initialised with - * |EVP_MD_CTX_create|, or use |EVP_MD_CTX_init|.) */ -OPENSSL_EXPORT int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, - ENGINE *impl); - -/* EVP_SignInit is a deprecated version of |EVP_SignInit_ex|. - * - * TODO(fork): remove. */ -OPENSSL_EXPORT int EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type); - -/* EVP_SignUpdate appends |len| bytes from |data| to the data which will be - * signed in |EVP_SignFinal|. */ -OPENSSL_EXPORT int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *data, - size_t len); - -/* EVP_SignFinal signs the data that has been included by one or more calls to - * |EVP_SignUpdate|, using the key |pkey|, and writes it to |sig|. On entry, - * |sig| must point to at least |EVP_PKEY_size(pkey)| bytes of space. The - * actual size of the signature is written to |*out_sig_len|. - * - * It returns one on success and zero otherwise. - * - * It does not modify |ctx|, thus it's possible to continue to use |ctx| in - * order to sign a longer message. */ -OPENSSL_EXPORT int EVP_SignFinal(const EVP_MD_CTX *ctx, uint8_t *sig, - unsigned int *out_sig_len, EVP_PKEY *pkey); - - -/* Verifying (old functions) */ - -/* EVP_VerifyInit_ex configures |ctx|, which must already have been - * initialised, for a fresh signature verification operation using the hash - * function |type|. It returns one on success and zero otherwise. - * - * (In order to initialise |ctx|, either obtain it initialised with - * |EVP_MD_CTX_create|, or use |EVP_MD_CTX_init|.) */ -OPENSSL_EXPORT int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, - ENGINE *impl); - -/* EVP_VerifyInit is a deprecated version of |EVP_VerifyInit_ex|. - * - * TODO(fork): remove. */ -OPENSSL_EXPORT int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type); - -/* EVP_VerifyUpdate appends |len| bytes from |data| to the data which will be - * signed in |EVP_VerifyFinal|. */ -OPENSSL_EXPORT int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *data, - size_t len); - -/* EVP_VerifyFinal verifies that |sig_len| bytes of |sig| are a valid - * signature, by |pkey|, for the data that has been included by one or more - * calls to |EVP_VerifyUpdate|. - * - * It returns one on success and zero otherwise. - * - * It does not modify |ctx|, thus it's possible to continue to use |ctx| in - * order to sign a longer message. */ -OPENSSL_EXPORT int EVP_VerifyFinal(EVP_MD_CTX *ctx, const uint8_t *sig, - size_t sig_len, EVP_PKEY *pkey); - - -/* Printing */ - -/* EVP_PKEY_print_public prints a textual representation of the public key in - * |pkey| to |out|. Returns one on success or zero otherwise. */ -OPENSSL_EXPORT int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, - int indent, ASN1_PCTX *pctx); - -/* EVP_PKEY_print_public prints a textual representation of the private key in - * |pkey| to |out|. Returns one on success or zero otherwise. */ -OPENSSL_EXPORT int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, - int indent, ASN1_PCTX *pctx); - -/* EVP_PKEY_print_public prints a textual representation of the parameters in - * |pkey| to |out|. Returns one on success or zero otherwise. */ -OPENSSL_EXPORT int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, - int indent, ASN1_PCTX *pctx); - - -/* Password stretching. - * - * Password stretching functions take a low-entropy password and apply a slow - * function that results in a key suitable for use in symmetric - * cryptography. */ - -/* PKCS5_PBKDF2_HMAC computes |iterations| iterations of PBKDF2 of |password| - * and |salt|, using |digest|, and outputs |key_len| bytes to |out_key|. It - * returns one on success and zero on error. */ -OPENSSL_EXPORT int PKCS5_PBKDF2_HMAC(const char *password, size_t password_len, - const uint8_t *salt, size_t salt_len, - unsigned iterations, const EVP_MD *digest, - size_t key_len, uint8_t *out_key); - -/* PKCS5_PBKDF2_HMAC_SHA1 is the same as PKCS5_PBKDF2_HMAC, but with |digest| - * fixed to |EVP_sha1|. */ -OPENSSL_EXPORT int PKCS5_PBKDF2_HMAC_SHA1(const char *password, - size_t password_len, const uint8_t *salt, - size_t salt_len, unsigned iterations, - size_t key_len, uint8_t *out_key); - - -/* Public key contexts. - * - * |EVP_PKEY_CTX| objects hold the context of an operation (e.g. signing or - * encrypting) that uses a public key. */ - -/* EVP_PKEY_CTX_new allocates a fresh |EVP_PKEY_CTX| for use with |pkey|. It - * returns the context or NULL on error. */ -OPENSSL_EXPORT EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e); - -/* EVP_PKEY_CTX_new allocates a fresh |EVP_PKEY_CTX| for a key of type |id| - * (e.g. |EVP_PKEY_HMAC|). This can be used for key generation where - * |EVP_PKEY_CTX_new| can't be used because there isn't an |EVP_PKEY| to pass - * it. It returns the context or NULL on error. */ -OPENSSL_EXPORT EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e); - -/* EVP_KEY_CTX_free frees |ctx| and the data it owns. */ -OPENSSL_EXPORT void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx); - -/* EVP_PKEY_CTX_dup allocates a fresh |EVP_PKEY_CTX| and sets it equal to the - * state of |ctx|. It returns the fresh |EVP_PKEY_CTX| or NULL on error. */ -OPENSSL_EXPORT EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx); - -/* EVP_PKEY_CTX_get0_pkey returns the |EVP_PKEY| associated with |ctx|. */ -OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx); - -/* EVP_PKEY_CTX_set_app_data sets an opaque pointer on |ctx|. */ -OPENSSL_EXPORT void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data); - -/* EVP_PKEY_CTX_get_app_data returns the opaque pointer from |ctx| that was - * previously set with |EVP_PKEY_CTX_set_app_data|, or NULL if none has been - * set. */ -OPENSSL_EXPORT void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx); - -/* EVP_PKEY_sign_init initialises an |EVP_PKEY_CTX| for a signing operation. It - * should be called before |EVP_PKEY_sign|. - * - * It returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx); - -/* EVP_PKEY_sign signs |data_len| bytes from |data| using |ctx|. If |sig| is - * NULL, the maximum size of the signature is written to - * |out_sig_len|. Otherwise, |*sig_len| must contain the number of bytes of - * space available at |sig|. If sufficient, the signature will be written to - * |sig| and |*sig_len| updated with the true length. - * - * WARNING: Setting |sig| to NULL only gives the maximum size of the - * signature. The actual signature may be smaller. - * - * It returns one on success or zero on error. (Note: this differs from - * OpenSSL, which can also return negative values to indicate an error. ) */ -OPENSSL_EXPORT int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, - size_t *sig_len, const uint8_t *data, - size_t data_len); - -/* EVP_PKEY_verify_init initialises an |EVP_PKEY_CTX| for a signature - * verification operation. It should be called before |EVP_PKEY_verify|. - * - * It returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx); - -/* EVP_PKEY_verify verifies that |sig_len| bytes from |sig| are a valid signature - * for |data|. - * - * It returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const uint8_t *sig, - size_t sig_len, const uint8_t *data, - size_t data_len); - -/* EVP_PKEY_encrypt_init initialises an |EVP_PKEY_CTX| for an encryption - * operation. It should be called before |EVP_PKEY_encrypt|. - * - * It returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx); - -/* EVP_PKEY_encrypt encrypts |in_len| bytes from |in|. If |out| is NULL, the - * maximum size of the ciphertext is written to |out_len|. Otherwise, |*out_len| - * must contain the number of bytes of space available at |out|. If sufficient, - * the ciphertext will be written to |out| and |*out_len| updated with the true - * length. - * - * WARNING: Setting |out| to NULL only gives the maximum size of the - * ciphertext. The actual ciphertext may be smaller. - * - * It returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, uint8_t *out, - size_t *out_len, const uint8_t *in, - size_t in_len); - -/* EVP_PKEY_decrypt_init initialises an |EVP_PKEY_CTX| for a decryption - * operation. It should be called before |EVP_PKEY_decrypt|. - * - * It returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx); - -/* EVP_PKEY_decrypt decrypts |in_len| bytes from |in|. If |out| is NULL, the - * maximum size of the plaintext is written to |out_len|. Otherwise, |*out_len| - * must contain the number of bytes of space available at |out|. If sufficient, - * the ciphertext will be written to |out| and |*out_len| updated with the true - * length. - * - * WARNING: Setting |out| to NULL only gives the maximum size of the - * plaintext. The actual plaintext may be smaller. - * - * It returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, uint8_t *out, - size_t *out_len, const uint8_t *in, - size_t in_len); - -/* EVP_PKEY_derive_init initialises an |EVP_PKEY_CTX| for a key derivation - * operation. It should be called before |EVP_PKEY_derive_set_peer| and - * |EVP_PKEY_derive|. - * - * It returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx); - -/* EVP_PKEY_derive_set_peer sets the peer's key to be used for key derivation - * by |ctx| to |peer|. It should be called after |EVP_PKEY_derive_init|. (For - * example, this is used to set the peer's key in (EC)DH.) It returns one on - * success and zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer); - -/* EVP_PKEY_derive derives a shared key between the two keys configured in - * |ctx|. If |key| is non-NULL then, on entry, |out_key_len| must contain the - * amount of space at |key|. If sufficient then the shared key will be written - * to |key| and |*out_key_len| will be set to the length. If |key| is NULL then - * |out_key_len| will be set to the maximum length. - * - * WARNING: Setting |out| to NULL only gives the maximum size of the key. The - * actual key may be smaller. - * - * It returns one on success and zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, uint8_t *key, - size_t *out_key_len); - -/* EVP_PKEY_keygen_init initialises an |EVP_PKEY_CTX| for a key generation - * operation. It should be called before |EVP_PKEY_keygen|. - * - * It returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx); - -/* EVP_PKEY_keygen performs a key generation operation using the values from - * |ctx| and sets |*ppkey| to a fresh |EVP_PKEY| containing the resulting key. - * It returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey); - - -/* Generic control functions. */ - -/* EVP_PKEY_CTX_set_signature_md sets |md| as the digest to be used in a - * signature operation. It returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, - const EVP_MD *md); - -/* EVP_PKEY_CTX_get_signature_md sets |*out_md| to the digest to be used in a - * signature operation. It returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, - const EVP_MD **out_md); - - -/* RSA specific control functions. */ - -/* EVP_PKEY_CTX_set_rsa_padding sets the padding type to use. It should be one - * of the |RSA_*_PADDING| values. Returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int padding); - -/* EVP_PKEY_CTX_get_rsa_padding sets |*out_padding| to the current padding - * value, which is one of the |RSA_*_PADDING| values. Returns one on success or - * zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, - int *out_padding); - -/* EVP_PKEY_CTX_set_rsa_pss_saltlen sets the length of the salt in a PSS-padded - * signature. A value of -1 cause the salt to be the same length as the digest - * in the signature. A value of -2 causes the salt to be the maximum length - * that will fit. Otherwise the value gives the size of the salt in bytes. - * - * Returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, - int salt_len); - -/* EVP_PKEY_CTX_get_rsa_pss_saltlen sets |*out_salt_len| to the salt length of - * a PSS-padded signature. See the documentation for - * |EVP_PKEY_CTX_set_rsa_pss_saltlen| for details of the special values that it - * can take. - * - * Returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, - int *out_salt_len); - -/* EVP_PKEY_CTX_set_rsa_keygen_bits sets the size of the desired RSA modulus, - * in bits, for key generation. Returns one on success or zero on - * error. */ -OPENSSL_EXPORT int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, - int bits); - -/* EVP_PKEY_CTX_set_rsa_keygen_pubexp sets |e| as the public exponent for key - * generation. Returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, - BIGNUM *e); - -/* EVP_PKEY_CTX_set_rsa_oaep_md sets |md| as the digest used in OAEP padding. - * Returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, - const EVP_MD *md); - -/* EVP_PKEY_CTX_get_rsa_oaep_md sets |*out_md| to the digest function used in - * OAEP padding. Returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, - const EVP_MD **out_md); - -/* EVP_PKEY_CTX_set_rsa_mgf1_md sets |md| as the digest used in MGF1. Returns - * one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, - const EVP_MD *md); - -/* EVP_PKEY_CTX_get_rsa_mgf1_md sets |*out_md| to the digest function used in - * MGF1. Returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, - const EVP_MD **out_md); - -/* EVP_PKEY_CTX_set0_rsa_oaep_label sets |label_len| bytes from |label| as the - * label used in OAEP. DANGER: On success, this call takes ownership of |label| - * and will call |OPENSSL_free| on it when |ctx| is destroyed. - * - * Returns one on success or zero on error. */ -OPENSSL_EXPORT int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, - const uint8_t *label, - size_t label_len); - -/* EVP_PKEY_CTX_get0_rsa_oaep_label sets |*out_label| to point to the internal - * buffer containing the OAEP label (which may be NULL) and returns the length - * of the label or a negative value on error. - * - * WARNING: the return value differs from the usual return value convention. */ -OPENSSL_EXPORT int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, - const uint8_t **out_label); - - -/* Deprecated functions. */ - -/* EVP_PKEY_dup adds one to the reference count of |pkey| and returns - * |pkey|. - * - * WARNING: this is a |_dup| function that doesn't actually duplicate! Use - * |EVP_PKEY_up_ref| if you want to increment the reference count without - * confusion. */ -OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey); - - -/* Private functions */ - -/* OpenSSL_add_all_algorithms does nothing. */ -OPENSSL_EXPORT void OpenSSL_add_all_algorithms(void); - -/* OpenSSL_add_all_ciphers does nothing. */ -OPENSSL_EXPORT void OpenSSL_add_all_ciphers(void); - -/* OpenSSL_add_all_digests does nothing. */ -OPENSSL_EXPORT void OpenSSL_add_all_digests(void); - -/* EVP_cleanup does nothing. */ -OPENSSL_EXPORT void EVP_cleanup(void); - -/* EVP_PKEY_asn1_find returns the ASN.1 method table for the given |nid|, which - * should be one of the |EVP_PKEY_*| values. It returns NULL if |nid| is - * unknown. */ -OPENSSL_EXPORT const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pengine, - int nid); - -/* TODO(fork): move to PEM? */ -OPENSSL_EXPORT const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str( - ENGINE **pengine, const char *name, size_t len); - -struct evp_pkey_st { - CRYPTO_refcount_t references; - - /* type contains one of the EVP_PKEY_* values or NID_undef and determines - * which element (if any) of the |pkey| union is valid. */ - int type; - - union { - char *ptr; - struct rsa_st *rsa; /* RSA */ - struct dsa_st *dsa; /* DSA */ - struct dh_st *dh; /* DH */ - struct ec_key_st *ec; /* ECC */ - } pkey; - - /* ameth contains a pointer to a method table that contains many ASN.1 - * methods for the key type. */ - const EVP_PKEY_ASN1_METHOD *ameth; -} /* EVP_PKEY */; - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define EVP_F_EVP_PKEY_derive_init 108 -#define EVP_F_EVP_PKEY_encrypt 110 -#define EVP_F_EVP_PKEY_encrypt_init 111 -#define EVP_F_EVP_PKEY_get1_DH 112 -#define EVP_F_EVP_PKEY_get1_EC_KEY 114 -#define EVP_F_EVP_PKEY_get1_RSA 115 -#define EVP_F_EVP_PKEY_keygen 116 -#define EVP_F_EVP_PKEY_sign 120 -#define EVP_F_EVP_PKEY_sign_init 121 -#define EVP_F_EVP_PKEY_verify 122 -#define EVP_F_EVP_PKEY_verify_init 123 -#define EVP_F_d2i_AutoPrivateKey 125 -#define EVP_F_d2i_PrivateKey 126 -#define EVP_F_do_EC_KEY_print 127 -#define EVP_F_do_sigver_init 129 -#define EVP_F_eckey_param2type 130 -#define EVP_F_eckey_param_decode 131 -#define EVP_F_eckey_priv_decode 132 -#define EVP_F_eckey_priv_encode 133 -#define EVP_F_eckey_pub_decode 134 -#define EVP_F_eckey_pub_encode 135 -#define EVP_F_eckey_type2param 136 -#define EVP_F_evp_pkey_ctx_new 137 -#define EVP_F_hmac_signctx 138 -#define EVP_F_i2d_PublicKey 139 -#define EVP_F_old_ec_priv_decode 140 -#define EVP_F_old_rsa_priv_decode 141 -#define EVP_F_pkey_ec_ctrl 142 -#define EVP_F_pkey_ec_derive 143 -#define EVP_F_pkey_ec_keygen 144 -#define EVP_F_pkey_ec_paramgen 145 -#define EVP_F_pkey_ec_sign 146 -#define EVP_F_pkey_rsa_ctrl 147 -#define EVP_F_pkey_rsa_decrypt 148 -#define EVP_F_pkey_rsa_encrypt 149 -#define EVP_F_pkey_rsa_sign 150 -#define EVP_F_rsa_algor_to_md 151 -#define EVP_F_rsa_digest_verify_init_from_algorithm 152 -#define EVP_F_rsa_mgf1_to_md 153 -#define EVP_F_rsa_priv_decode 154 -#define EVP_F_rsa_priv_encode 155 -#define EVP_F_rsa_pss_to_ctx 156 -#define EVP_F_rsa_pub_decode 157 -#define EVP_F_pkey_hmac_ctrl 158 -#define EVP_F_EVP_PKEY_CTX_get0_rsa_oaep_label 159 -#define EVP_F_EVP_DigestSignAlgorithm 160 -#define EVP_F_EVP_DigestVerifyInitFromAlgorithm 161 -#define EVP_F_EVP_PKEY_CTX_ctrl 162 -#define EVP_F_EVP_PKEY_CTX_dup 163 -#define EVP_F_EVP_PKEY_copy_parameters 164 -#define EVP_F_EVP_PKEY_decrypt 165 -#define EVP_F_EVP_PKEY_decrypt_init 166 -#define EVP_F_EVP_PKEY_derive 167 -#define EVP_F_EVP_PKEY_derive_set_peer 168 -#define EVP_F_EVP_PKEY_get1_DSA 169 -#define EVP_F_EVP_PKEY_keygen_init 170 -#define EVP_F_EVP_PKEY_new 171 -#define EVP_F_EVP_PKEY_set_type 172 -#define EVP_F_check_padding_md 173 -#define EVP_F_do_dsa_print 174 -#define EVP_F_do_rsa_print 175 -#define EVP_F_dsa_param_decode 176 -#define EVP_F_dsa_priv_decode 177 -#define EVP_F_dsa_priv_encode 178 -#define EVP_F_dsa_pub_decode 179 -#define EVP_F_dsa_pub_encode 180 -#define EVP_F_dsa_sig_print 181 -#define EVP_F_old_dsa_priv_decode 182 -#define EVP_R_BUFFER_TOO_SMALL 100 -#define EVP_R_COMMAND_NOT_SUPPORTED 101 -#define EVP_R_DIFFERENT_KEY_TYPES 104 -#define EVP_R_DIFFERENT_PARAMETERS 105 -#define EVP_R_EXPECTING_AN_EC_KEY_KEY 107 -#define EVP_R_EXPECTING_A_DH_KEY 109 -#define EVP_R_EXPECTING_A_DSA_KEY 110 -#define EVP_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 111 -#define EVP_R_INVALID_CURVE 112 -#define EVP_R_INVALID_DIGEST_LENGTH 113 -#define EVP_R_INVALID_DIGEST_TYPE 114 -#define EVP_R_INVALID_KEYBITS 115 -#define EVP_R_INVALID_MGF1_MD 116 -#define EVP_R_INVALID_PADDING_MODE 118 -#define EVP_R_INVALID_PSS_PARAMETERS 119 -#define EVP_R_INVALID_SALT_LENGTH 121 -#define EVP_R_INVALID_TRAILER 122 -#define EVP_R_KEYS_NOT_SET 123 -#define EVP_R_MISSING_PARAMETERS 124 -#define EVP_R_NO_DEFAULT_DIGEST 125 -#define EVP_R_NO_KEY_SET 126 -#define EVP_R_NO_MDC2_SUPPORT 127 -#define EVP_R_NO_NID_FOR_CURVE 128 -#define EVP_R_NO_OPERATION_SET 129 -#define EVP_R_NO_PARAMETERS_SET 130 -#define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 131 -#define EVP_R_OPERATON_NOT_INITIALIZED 132 -#define EVP_R_UNKNOWN_DIGEST 133 -#define EVP_R_UNKNOWN_MASK_DIGEST 134 -#define EVP_R_UNSUPPORTED_ALGORITHM 138 -#define EVP_R_UNSUPPORTED_MASK_ALGORITHM 139 -#define EVP_R_UNSUPPORTED_MASK_PARAMETER 140 -#define EVP_R_EXPECTING_AN_RSA_KEY 141 -#define EVP_R_INVALID_OPERATION 142 -#define EVP_R_DECODE_ERROR 143 -#define EVP_R_INVALID_PSS_SALTLEN 144 -#define EVP_R_UNKNOWN_PUBLIC_KEY_TYPE 145 -#define EVP_R_CONTEXT_NOT_INITIALISED 146 -#define EVP_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 147 -#define EVP_R_WRONG_PUBLIC_KEY_TYPE 148 -#define EVP_R_UNKNOWN_SIGNATURE_ALGORITHM 149 -#define EVP_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 150 -#define EVP_R_BN_DECODE_ERROR 151 -#define EVP_R_PARAMETER_ENCODING_ERROR 152 -#define EVP_R_UNSUPPORTED_PUBLIC_KEY_TYPE 153 -#define EVP_R_UNSUPPORTED_SIGNATURE_TYPE 154 - -#endif /* OPENSSL_HEADER_EVP_H */ diff --git a/third_party/boringssl/include/openssl/ex_data.h b/third_party/boringssl/include/openssl/ex_data.h deleted file mode 100644 index 2303eb425014e2..00000000000000 --- a/third_party/boringssl/include/openssl/ex_data.h +++ /dev/null @@ -1,214 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#ifndef OPENSSL_HEADER_EX_DATA_H -#define OPENSSL_HEADER_EX_DATA_H - -#include - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* ex_data is a mechanism for associating arbitrary extra data with objects. - * For each type of object that supports ex_data, different users can be - * assigned indexes in which to store their data. Each index has callback - * functions that are called when a new object of that type is created, freed - * and duplicated. */ - - -typedef struct crypto_ex_data_st CRYPTO_EX_DATA; - - -/* Type-specific functions. - * - * Each type that supports ex_data provides three functions: */ - -#if 0 /* Sample */ - -/* |TYPE_get_ex_new_index| allocates a new index for |TYPE|. See the - * descriptions of the callback typedefs for details of when they are - * called. Any of the callback arguments may be NULL. The |argl| and |argp| - * arguments are opaque values that are passed to the callbacks. It returns the - * new index or a negative number on error. - * - * TODO(fork): this should follow the standard calling convention. */ -OPENSSL_EXPORT int TYPE_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - -/* |TYPE_set_ex_data| sets an extra data pointer on |t|. The |index| argument - * should have been returned from a previous call to |TYPE_get_ex_new_index|. */ -OPENSSL_EXPORT int TYPE_set_ex_data(TYPE *t, int index, void *arg); - -/* |TYPE_get_ex_data| returns an extra data pointer for |t|, or NULL if no such - * pointer exists. The |index| argument should have been returned from a - * previous call to |TYPE_get_ex_new_index|. */ -OPENSSL_EXPORT void *TYPE_get_ex_data(const TYPE *t, int index); - -#endif /* Sample */ - - -/* Callback types. */ - -/* CRYPTO_EX_new is the type of a callback function that is called whenever a - * new object of a given class is created. For example, if this callback has - * been passed to |SSL_get_ex_new_index| then it'll be called each time an SSL* - * is created. - * - * The callback is passed the new object (i.e. the SSL*) in |parent|. The - * arguments |argl| and |argp| contain opaque values that were given to - * |CRYPTO_get_ex_new_index|. The callback should return one on success, but - * the value is ignored. - * - * TODO(fork): the |ptr| argument is always NULL, no? */ -typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int index, long argl, void *argp); - -/* CRYPTO_EX_free is a callback function that is called when an object of the - * class is being destroyed. See |CRYPTO_EX_new| for a discussion of the - * arguments. - * - * If |CRYPTO_get_ex_new_index| was called after the creation of objects of the - * class that this applies to then, when those those objects are destroyed, - * this callback will be called with a NULL value for |ptr|. */ -typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int index, long argl, void *argp); - -/* CRYPTO_EX_dup is a callback function that is called when an object of the - * class is being copied and thus the ex_data linked to it also needs to be - * copied. On entry, |*from_d| points to the data for this index from the - * original object. When the callback returns, |*from_d| will be set as the - * data for this index in |to|. - * - * If |CRYPTO_get_ex_new_index| was called after the creation of objects of the - * class that this applies to then, when those those objects are copies, this - * callback will be called with a NULL value for |*from_d|. */ -typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from, - void **from_d, int index, long argl, void *argp); - - -/* Deprecated functions. */ - -/* CRYPTO_cleanup_all_ex_data does nothing. */ -OPENSSL_EXPORT void CRYPTO_cleanup_all_ex_data(void); - -struct crypto_ex_data_st { - STACK_OF(void) *sk; -}; - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_EX_DATA_H */ diff --git a/third_party/boringssl/include/openssl/hkdf.h b/third_party/boringssl/include/openssl/hkdf.h deleted file mode 100644 index 4091b84beb8eff..00000000000000 --- a/third_party/boringssl/include/openssl/hkdf.h +++ /dev/null @@ -1,45 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#ifndef OPENSSL_HEADER_HKDF_H -#define OPENSSL_HEADER_HKDF_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -/* Computes HKDF (as specified by RFC 5869) of initial keying material |secret| - * with |salt| and |info| using |digest|, and outputs |out_len| bytes to - * |out_key|. It returns one on success and zero on error. - * - * HKDF is an Extract-and-Expand algorithm. It does not do any key stretching, - * and as such, is not suited to be used alone to generate a key from a - * password. */ -OPENSSL_EXPORT int HKDF(uint8_t *out_key, size_t out_len, const EVP_MD *digest, - const uint8_t *secret, size_t secret_len, - const uint8_t *salt, size_t salt_len, - const uint8_t *info, size_t info_len); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define HKDF_F_HKDF 100 -#define HKDF_R_OUTPUT_TOO_LARGE 100 - -#endif /* OPENSSL_HEADER_HKDF_H */ diff --git a/third_party/boringssl/include/openssl/hmac.h b/third_party/boringssl/include/openssl/hmac.h deleted file mode 100644 index e521212d4cd254..00000000000000 --- a/third_party/boringssl/include/openssl/hmac.h +++ /dev/null @@ -1,160 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_HMAC_H -#define OPENSSL_HEADER_HMAC_H - -#include - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* HMAC contains functions for constructing PRFs from Merkle–Damgård hash - * functions using HMAC. */ - - -/* One-shot operation. */ - -/* HMAC calculates the HMAC of |data_len| bytes of |data|, using the given key - * and hash function, and writes the result to |out|. On entry, |out| must - * contain |EVP_MAX_MD_SIZE| bytes of space. The actual length of the result is - * written to |*out_len|. It returns |out| or NULL on error. */ -OPENSSL_EXPORT uint8_t *HMAC(const EVP_MD *evp_md, const void *key, - size_t key_len, const uint8_t *data, - size_t data_len, uint8_t *out, - unsigned int *out_len); - - -/* Incremental operation. */ - -/* HMAC_CTX_init initialises |ctx| for use in an HMAC operation. It's assumed - * that HMAC_CTX objects will be allocated on the stack thus no allocation - * function is provided. If needed, allocate |sizeof(HMAC_CTX)| and call - * |HMAC_CTX_init| on it. */ -OPENSSL_EXPORT void HMAC_CTX_init(HMAC_CTX *ctx); - -/* HMAC_CTX_cleanup frees data owned by |ctx|. */ -OPENSSL_EXPORT void HMAC_CTX_cleanup(HMAC_CTX *ctx); - -/* HMAC_Init_ex sets up an initialised |HMAC_CTX| to use |md| as the hash - * function and |key| as the key. For a non-initial call, |md| may be NULL, in - * which case the previous hash function will be used. If the hash function has - * not changed and |key| is NULL, |ctx| reuses the previous key. It returns one - * on success or zero otherwise. - * - * WARNING: NULL and empty keys are ambiguous on non-initial calls. Passing NULL - * |key| but repeating the previous |md| reuses the previous key rather than the - * empty key. */ -OPENSSL_EXPORT int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, size_t key_len, - const EVP_MD *md, ENGINE *impl); - -/* HMAC_Update hashes |data_len| bytes from |data| into the current HMAC - * operation in |ctx|. It returns one. */ -OPENSSL_EXPORT int HMAC_Update(HMAC_CTX *ctx, const uint8_t *data, - size_t data_len); - -/* HMAC_Final completes the HMAC operation in |ctx| and writes the result to - * |out| and the sets |*out_len| to the length of the result. On entry, |out| - * must contain at least |EVP_MAX_MD_SIZE| bytes of space. It returns one on - * success or zero on error. */ -OPENSSL_EXPORT int HMAC_Final(HMAC_CTX *ctx, uint8_t *out, - unsigned int *out_len); - - -/* Utility functions. */ - -/* HMAC_size returns the size, in bytes, of the HMAC that will be produced by - * |ctx|. On entry, |ctx| must have been setup with |HMAC_Init_ex|. */ -OPENSSL_EXPORT size_t HMAC_size(const HMAC_CTX *ctx); - -/* HMAC_CTX_copy_ex sets |dest| equal to |src|. On entry, |dest| must have been - * initialised by calling |HMAC_CTX_init|. It returns one on success and zero - * on error. */ -OPENSSL_EXPORT int HMAC_CTX_copy_ex(HMAC_CTX *dest, const HMAC_CTX *src); - - -/* Deprecated functions. */ - -OPENSSL_EXPORT int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len, - const EVP_MD *md); - -/* HMAC_CTX_copy calls |HMAC_CTX_init| on |dest| and then sets it equal to - * |src|. On entry, |dest| must /not/ be initialised for an operation with - * |HMAC_Init_ex|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int HMAC_CTX_copy(HMAC_CTX *dest, const HMAC_CTX *src); - - -/* Private functions */ - -#define HMAC_MAX_MD_CBLOCK 128 /* largest known is SHA512 */ - -struct hmac_ctx_st { - const EVP_MD *md; - EVP_MD_CTX md_ctx; - EVP_MD_CTX i_ctx; - EVP_MD_CTX o_ctx; -} /* HMAC_CTX */; - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_HMAC_H */ diff --git a/third_party/boringssl/include/openssl/lhash.h b/third_party/boringssl/include/openssl/lhash.h deleted file mode 100644 index d2ee982ebccb4e..00000000000000 --- a/third_party/boringssl/include/openssl/lhash.h +++ /dev/null @@ -1,191 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_LHASH_H -#define OPENSSL_HEADER_LHASH_H - -#include -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* lhash is a traditional, chaining hash table that automatically expands and - * contracts as needed. One should not use the lh_* functions directly, rather - * use the type-safe macro wrappers: - * - * A hash table of a specific type of object has type |LHASH_OF(type)|. This - * can be defined (once) with |DEFINE_LHASH_OF(type)| and declared where needed - * with |DECLARE_LHASH_OF(type)|. For example: - * - * struct foo { - * int bar; - * }; - * - * DEFINE_LHASH_OF(struct foo); - * - * Although note that the hash table will contain /pointers/ to |foo|. - * - * A macro will be defined for each of the lh_* functions below. For - * LHASH_OF(foo), the macros would be lh_foo_new, lh_foo_num_items etc. */ - - -#define LHASH_OF(type) struct lhash_st_##type - -#define DEFINE_LHASH_OF(type) LHASH_OF(type) { int dummy; } - -#define DECLARE_LHASH_OF(type) LHASH_OF(type); - -/* The make_macros.sh script in this directory parses the following lines and - * generates the lhash_macros.h file that contains macros for the following - * types of stacks: - * - * LHASH_OF:ASN1_OBJECT - * LHASH_OF:CONF_VALUE - * LHASH_OF:SSL_SESSION */ - -#define IN_LHASH_H -#include -#undef IN_LHASH_H - - -/* lhash_item_st is an element of a hash chain. It points to the opaque data - * for this element and to the next item in the chain. The linked-list is NULL - * terminated. */ -typedef struct lhash_item_st { - void *data; - struct lhash_item_st *next; - /* hash contains the cached, hash value of |data|. */ - uint32_t hash; -} LHASH_ITEM; - -/* lhash_cmp_func is a comparison function that returns a value equal, or not - * equal, to zero depending on whether |*a| is equal, or not equal to |*b|, - * respectively. Note the difference between this and |stack_cmp_func| in that - * this takes pointers to the objects directly. */ -typedef int (*lhash_cmp_func)(const void *a, const void *b); - -/* lhash_hash_func is a function that maps an object to a uniformly distributed - * uint32_t. */ -typedef uint32_t (*lhash_hash_func)(const void *a); - -typedef struct lhash_st { - /* num_items contains the total number of items in the hash table. */ - size_t num_items; - /* buckets is an array of |num_buckets| pointers. Each points to the head of - * a chain of LHASH_ITEM objects that have the same hash value, mod - * |num_buckets|. */ - LHASH_ITEM **buckets; - /* num_buckets contains the length of |buckets|. This value is always >= - * kMinNumBuckets. */ - size_t num_buckets; - /* callback_depth contains the current depth of |lh_doall| or |lh_doall_arg| - * calls. If non-zero then this suppresses resizing of the |buckets| array, - * which would otherwise disrupt the iteration. */ - unsigned callback_depth; - - lhash_cmp_func comp; - lhash_hash_func hash; -} _LHASH; - -/* lh_new returns a new, empty hash table or NULL on error. If |comp| is NULL, - * |strcmp| will be used. If |hash| is NULL, a generic hash function will be - * used. */ -OPENSSL_EXPORT _LHASH *lh_new(lhash_hash_func hash, lhash_cmp_func comp); - -/* lh_free frees the hash table itself but none of the elements. See - * |lh_doall|. */ -OPENSSL_EXPORT void lh_free(_LHASH *lh); - -/* lh_num_items returns the number of items in |lh|. */ -OPENSSL_EXPORT size_t lh_num_items(const _LHASH *lh); - -/* lh_retrieve finds an element equal to |data| in the hash table and returns - * it. If no such element exists, it returns NULL. */ -OPENSSL_EXPORT void *lh_retrieve(const _LHASH *lh, const void *data); - -/* lh_insert inserts |data| into the hash table. If an existing element is - * equal to |data| (with respect to the comparison function) then |*old_data| - * will be set to that value and it will be replaced. Otherwise, or in the - * event of an error, |*old_data| will be set to NULL. It returns one on - * success or zero in the case of an allocation error. */ -OPENSSL_EXPORT int lh_insert(_LHASH *lh, void **old_data, void *data); - -/* lh_delete removes an element equal to |data| from the hash table and returns - * it. If no such element is found, it returns NULL. */ -OPENSSL_EXPORT void *lh_delete(_LHASH *lh, const void *data); - -/* lh_doall calls |func| on each element of the hash table. - * TODO(fork): rename this */ -OPENSSL_EXPORT void lh_doall(_LHASH *lh, void (*func)(void *)); - -/* lh_doall_arg calls |func| on each element of the hash table and also passes - * |arg| as the second argument. - * TODO(fork): rename this */ -OPENSSL_EXPORT void lh_doall_arg(_LHASH *lh, void (*func)(void *, void *), - void *arg); - -/* lh_strhash is the default hash function which processes NUL-terminated - * strings. */ -OPENSSL_EXPORT uint32_t lh_strhash(const char *c); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_STACK_H */ diff --git a/third_party/boringssl/include/openssl/lhash_macros.h b/third_party/boringssl/include/openssl/lhash_macros.h deleted file mode 100644 index 1d981073ea9e7c..00000000000000 --- a/third_party/boringssl/include/openssl/lhash_macros.h +++ /dev/null @@ -1,132 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#if !defined(IN_LHASH_H) -#error "Don't include this file directly. Include lhash.h" -#endif - -/* ASN1_OBJECT */ -#define lh_ASN1_OBJECT_new(hash, comp) \ - ((LHASH_OF(ASN1_OBJECT) *)lh_new( \ - CHECKED_CAST(lhash_hash_func, uint32_t (*)(const ASN1_OBJECT *), hash), \ - CHECKED_CAST(lhash_cmp_func, \ - int (*)(const ASN1_OBJECT *a, const ASN1_OBJECT *b), \ - comp))) - -#define lh_ASN1_OBJECT_free(lh) \ - lh_free(CHECKED_CAST(_LHASH *, LHASH_OF(ASN1_OBJECT) *, lh)); - -#define lh_ASN1_OBJECT_num_items(lh) \ - lh_num_items(CHECKED_CAST(_LHASH *, LHASH_OF(ASN1_OBJECT) *, lh)) - -#define lh_ASN1_OBJECT_retrieve(lh, data) \ - ((ASN1_OBJECT *)lh_retrieve( \ - CHECKED_CAST(_LHASH *, LHASH_OF(ASN1_OBJECT) *, lh), \ - CHECKED_CAST(void *, ASN1_OBJECT *, data))) - -#define lh_ASN1_OBJECT_insert(lh, old_data, data) \ - lh_insert(CHECKED_CAST(_LHASH *, LHASH_OF(ASN1_OBJECT) *, lh), \ - CHECKED_CAST(void **, ASN1_OBJECT **, old_data), \ - CHECKED_CAST(void *, ASN1_OBJECT *, data)) - -#define lh_ASN1_OBJECT_delete(lh, data) \ - ((ASN1_OBJECT *)lh_delete( \ - CHECKED_CAST(_LHASH *, LHASH_OF(ASN1_OBJECT) *, lh), \ - CHECKED_CAST(void *, ASN1_OBJECT *, data))) - -#define lh_ASN1_OBJECT_doall(lh, func) \ - lh_doall(CHECKED_CAST(_LHASH *, LHASH_OF(ASN1_OBJECT) *, lh), \ - CHECKED_CAST(void (*)(void *), void (*)(ASN1_OBJECT *), func)); - -#define lh_ASN1_OBJECT_doall_arg(lh, func, arg) \ - lh_doall_arg(CHECKED_CAST(_LHASH *, LHASH_OF(ASN1_OBJECT) *, lh), \ - CHECKED_CAST(void (*)(void *, void *), \ - void (*)(ASN1_OBJECT *, void *), func), \ - arg); - -/* CONF_VALUE */ -#define lh_CONF_VALUE_new(hash, comp) \ - ((LHASH_OF(CONF_VALUE) *)lh_new( \ - CHECKED_CAST(lhash_hash_func, uint32_t (*)(const CONF_VALUE *), hash), \ - CHECKED_CAST(lhash_cmp_func, \ - int (*)(const CONF_VALUE *a, const CONF_VALUE *b), comp))) - -#define lh_CONF_VALUE_free(lh) \ - lh_free(CHECKED_CAST(_LHASH *, LHASH_OF(CONF_VALUE) *, lh)); - -#define lh_CONF_VALUE_num_items(lh) \ - lh_num_items(CHECKED_CAST(_LHASH *, LHASH_OF(CONF_VALUE) *, lh)) - -#define lh_CONF_VALUE_retrieve(lh, data) \ - ((CONF_VALUE *)lh_retrieve( \ - CHECKED_CAST(_LHASH *, LHASH_OF(CONF_VALUE) *, lh), \ - CHECKED_CAST(void *, CONF_VALUE *, data))) - -#define lh_CONF_VALUE_insert(lh, old_data, data) \ - lh_insert(CHECKED_CAST(_LHASH *, LHASH_OF(CONF_VALUE) *, lh), \ - CHECKED_CAST(void **, CONF_VALUE **, old_data), \ - CHECKED_CAST(void *, CONF_VALUE *, data)) - -#define lh_CONF_VALUE_delete(lh, data) \ - ((CONF_VALUE *)lh_delete(CHECKED_CAST(_LHASH *, LHASH_OF(CONF_VALUE) *, lh), \ - CHECKED_CAST(void *, CONF_VALUE *, data))) - -#define lh_CONF_VALUE_doall(lh, func) \ - lh_doall(CHECKED_CAST(_LHASH *, LHASH_OF(CONF_VALUE) *, lh), \ - CHECKED_CAST(void (*)(void *), void (*)(CONF_VALUE *), func)); - -#define lh_CONF_VALUE_doall_arg(lh, func, arg) \ - lh_doall_arg(CHECKED_CAST(_LHASH *, LHASH_OF(CONF_VALUE) *, lh), \ - CHECKED_CAST(void (*)(void *, void *), \ - void (*)(CONF_VALUE *, void *), func), \ - arg); - -/* SSL_SESSION */ -#define lh_SSL_SESSION_new(hash, comp) \ - ((LHASH_OF(SSL_SESSION) *)lh_new( \ - CHECKED_CAST(lhash_hash_func, uint32_t (*)(const SSL_SESSION *), hash), \ - CHECKED_CAST(lhash_cmp_func, \ - int (*)(const SSL_SESSION *a, const SSL_SESSION *b), \ - comp))) - -#define lh_SSL_SESSION_free(lh) \ - lh_free(CHECKED_CAST(_LHASH *, LHASH_OF(SSL_SESSION) *, lh)); - -#define lh_SSL_SESSION_num_items(lh) \ - lh_num_items(CHECKED_CAST(_LHASH *, LHASH_OF(SSL_SESSION) *, lh)) - -#define lh_SSL_SESSION_retrieve(lh, data) \ - ((SSL_SESSION *)lh_retrieve( \ - CHECKED_CAST(_LHASH *, LHASH_OF(SSL_SESSION) *, lh), \ - CHECKED_CAST(void *, SSL_SESSION *, data))) - -#define lh_SSL_SESSION_insert(lh, old_data, data) \ - lh_insert(CHECKED_CAST(_LHASH *, LHASH_OF(SSL_SESSION) *, lh), \ - CHECKED_CAST(void **, SSL_SESSION **, old_data), \ - CHECKED_CAST(void *, SSL_SESSION *, data)) - -#define lh_SSL_SESSION_delete(lh, data) \ - ((SSL_SESSION *)lh_delete( \ - CHECKED_CAST(_LHASH *, LHASH_OF(SSL_SESSION) *, lh), \ - CHECKED_CAST(void *, SSL_SESSION *, data))) - -#define lh_SSL_SESSION_doall(lh, func) \ - lh_doall(CHECKED_CAST(_LHASH *, LHASH_OF(SSL_SESSION) *, lh), \ - CHECKED_CAST(void (*)(void *), void (*)(SSL_SESSION *), func)); - -#define lh_SSL_SESSION_doall_arg(lh, func, arg) \ - lh_doall_arg(CHECKED_CAST(_LHASH *, LHASH_OF(SSL_SESSION) *, lh), \ - CHECKED_CAST(void (*)(void *, void *), \ - void (*)(SSL_SESSION *, void *), func), \ - arg); diff --git a/third_party/boringssl/include/openssl/md4.h b/third_party/boringssl/include/openssl/md4.h deleted file mode 100644 index ce4fa99bb8c010..00000000000000 --- a/third_party/boringssl/include/openssl/md4.h +++ /dev/null @@ -1,101 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_MD4_H -#define OPENSSL_HEADER_MD4_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* MD4. */ - -/* MD4_CBLOCK is the block size of MD4. */ -#define MD4_CBLOCK 64 - -/* MD4_DIGEST_LENGTH is the length of an MD4 digest. */ -#define MD4_DIGEST_LENGTH 16 - -/* MD41_Init initialises |md4| and returns one. */ -OPENSSL_EXPORT int MD4_Init(MD4_CTX *md4); - -/* MD4_Update adds |len| bytes from |data| to |md4| and returns one. */ -OPENSSL_EXPORT int MD4_Update(MD4_CTX *md4, const void *data, size_t len); - -/* MD4_Final adds the final padding to |md4| and writes the resulting digest to - * |md|, which must have at least |MD4_DIGEST_LENGTH| bytes of space. It - * returns one. */ -OPENSSL_EXPORT int MD4_Final(uint8_t *md, MD4_CTX *md4); - -/* MD4_Transform is a low-level function that performs a single, MD4 block - * transformation using the state from |md4| and 64 bytes from |block|. */ -OPENSSL_EXPORT void MD4_Transform(MD4_CTX *md4, const uint8_t *block); - -struct md4_state_st { - uint32_t A, B, C, D; - uint32_t Nl, Nh; - uint32_t data[16]; - unsigned int num; -}; - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_MD4_H */ diff --git a/third_party/boringssl/include/openssl/md5.h b/third_party/boringssl/include/openssl/md5.h deleted file mode 100644 index efedc983debdcd..00000000000000 --- a/third_party/boringssl/include/openssl/md5.h +++ /dev/null @@ -1,106 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_MD5_H -#define OPENSSL_HEADER_MD5_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* MD5. */ - - -/* MD5_CBLOCK is the block size of MD5. */ -#define MD5_CBLOCK 64 - -/* MD5_DIGEST_LENGTH is the length of an MD5 digest. */ -#define MD5_DIGEST_LENGTH 16 - -/* MD51_Init initialises |md5| and returns one. */ -OPENSSL_EXPORT int MD5_Init(MD5_CTX *md5); - -/* MD5_Update adds |len| bytes from |data| to |md5| and returns one. */ -OPENSSL_EXPORT int MD5_Update(MD5_CTX *md5, const void *data, size_t len); - -/* MD5_Final adds the final padding to |md5| and writes the resulting digest to - * |md|, which must have at least |MD5_DIGEST_LENGTH| bytes of space. It - * returns one. */ -OPENSSL_EXPORT int MD5_Final(uint8_t *md, MD5_CTX *md5); - -/* MD5 writes the digest of |len| bytes from |data| to |out| and returns |out|. - * There must be at least |MD5_DIGEST_LENGTH| bytes of space in |out|. */ -OPENSSL_EXPORT uint8_t *MD5(const uint8_t *data, size_t len, uint8_t *out); - -/* MD5_Transform is a low-level function that performs a single, MD5 block - * transformation using the state from |md5| and 64 bytes from |block|. */ -OPENSSL_EXPORT void MD5_Transform(MD5_CTX *md5, const uint8_t *block); - -struct md5_state_st { - uint32_t A, B, C, D; - uint32_t Nl, Nh; - uint32_t data[16]; - unsigned int num; -}; - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_MD5_H */ diff --git a/third_party/boringssl/include/openssl/mem.h b/third_party/boringssl/include/openssl/mem.h deleted file mode 100644 index 42ec46a073e19f..00000000000000 --- a/third_party/boringssl/include/openssl/mem.h +++ /dev/null @@ -1,139 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_MEM_H -#define OPENSSL_HEADER_MEM_H - -#include - -#include -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* Memory and string functions, see also buf.h. - * - * OpenSSL has, historically, had a complex set of malloc debugging options. - * However, that was written in a time before Valgrind and ASAN. Since we now - * have those tools, the OpenSSL allocation functions are simply macros around - * the standard memory functions. */ - - -#define OPENSSL_malloc malloc -#define OPENSSL_realloc realloc -#define OPENSSL_free free - -/* OPENSSL_realloc_clean acts like |realloc|, but clears the previous memory - * buffer. Because this is implemented as a wrapper around |malloc|, it needs - * to be given the size of the buffer pointed to by |ptr|. */ -void *OPENSSL_realloc_clean(void *ptr, size_t old_size, size_t new_size); - -/* OPENSSL_cleanse zeros out |len| bytes of memory at |ptr|. This is similar to - * |memset_s| from C11. */ -OPENSSL_EXPORT void OPENSSL_cleanse(void *ptr, size_t len); - -/* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal. It - * takes an amount of time dependent on |len|, but independent of the contents - * of |a| and |b|. Unlike memcmp, it cannot be used to put elements into a - * defined order as the return value when a != b is undefined, other than to be - * non-zero. */ -OPENSSL_EXPORT int CRYPTO_memcmp(const void *a, const void *b, size_t len); - -/* OPENSSL_hash32 implements the 32 bit, FNV-1a hash. */ -OPENSSL_EXPORT uint32_t OPENSSL_hash32(const void *ptr, size_t len); - -/* OPENSSL_strdup has the same behaviour as strdup(3). */ -OPENSSL_EXPORT char *OPENSSL_strdup(const char *s); - -/* OPENSSL_strnlen has the same behaviour as strnlen(3). */ -OPENSSL_EXPORT size_t OPENSSL_strnlen(const char *s, size_t len); - -/* OPENSSL_strcasecmp has the same behaviour as strcasecmp(3). */ -OPENSSL_EXPORT int OPENSSL_strcasecmp(const char *a, const char *b); - -/* OPENSSL_strncasecmp has the same behaviour as strncasecmp(3). */ -OPENSSL_EXPORT int OPENSSL_strncasecmp(const char *a, const char *b, size_t n); - -/* DECIMAL_SIZE returns an upper bound for the length of the decimal - * representation of the given type. */ -#define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) - -/* Printf functions. - * - * These functions are either OpenSSL wrappers for standard functions (i.e. - * |BIO_snprintf| and |BIO_vsnprintf|) which don't exist in C89, or are - * versions of printf functions that output to a BIO rather than a FILE. */ -#ifdef __GNUC__ -#define __bio_h__attr__ __attribute__ -#else -#define __bio_h__attr__(x) -#endif -OPENSSL_EXPORT int BIO_snprintf(char *buf, size_t n, const char *format, ...) - __bio_h__attr__((__format__(__printf__, 3, 4))); - -OPENSSL_EXPORT int BIO_vsnprintf(char *buf, size_t n, const char *format, - va_list args) - __bio_h__attr__((__format__(__printf__, 3, 0))); -#undef __bio_h__attr__ - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_MEM_H */ diff --git a/third_party/boringssl/include/openssl/modes.h b/third_party/boringssl/include/openssl/modes.h deleted file mode 100644 index 220adec552d8be..00000000000000 --- a/third_party/boringssl/include/openssl/modes.h +++ /dev/null @@ -1,223 +0,0 @@ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== */ - -#ifndef OPENSSL_HEADER_MODES_H -#define OPENSSL_HEADER_MODES_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* modes.h contains functions that implement various block-cipher modes. */ - - -/* block128_f is the type of a 128-bit, block cipher. */ -typedef void (*block128_f)(const uint8_t in[16], uint8_t out[16], - const void *key); - - -/* CTR. */ - -/* ctr128_f is the type of a function that performs CTR-mode encryption. */ -typedef void (*ctr128_f)(const uint8_t *in, uint8_t *out, size_t blocks, - const void *key, const uint8_t ivec[16]); - -/* CRYPTO_ctr128_encrypt encrypts (or decrypts, it's the same in CTR mode) - * |len| bytes from |in| to |out| using |block| in counter mode. There's no - * requirement that |len| be a multiple of any value and any partial blocks are - * stored in |ecount_buf| and |*num|, which must be zeroed before the initial - * call. The counter is a 128-bit, big-endian value in |ivec| and is - * incremented by this function. */ -OPENSSL_EXPORT void CRYPTO_ctr128_encrypt(const uint8_t *in, uint8_t *out, - size_t len, const void *key, - uint8_t ivec[16], - uint8_t ecount_buf[16], - unsigned int *num, block128_f block); - -/* CRYPTO_ctr128_encrypt_ctr32 acts like |CRYPTO_ctr128_encrypt| but takes - * |ctr|, a function that performs CTR mode but only deals with the lower 32 - * bits of the counter. This is useful when |ctr| can be an optimised - * function. */ -OPENSSL_EXPORT void CRYPTO_ctr128_encrypt_ctr32( - const uint8_t *in, uint8_t *out, size_t len, const void *key, - uint8_t ivec[16], uint8_t ecount_buf[16], unsigned int *num, ctr128_f ctr); - - -/* GCM. */ - -typedef struct gcm128_context GCM128_CONTEXT; - -/* CRYPTO_gcm128_new allocates a fresh |GCM128_CONTEXT| and calls - * |CRYPTO_gcm128_init|. It returns the new context, or NULL on error. */ -OPENSSL_EXPORT GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block); - -/* CRYPTO_gcm128_init initialises |ctx| to use |block| (typically AES) with the - * given key. */ -OPENSSL_EXPORT void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, - block128_f block); - -/* CRYPTO_gcm128_setiv sets the IV (nonce) for |ctx|. */ -OPENSSL_EXPORT void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const uint8_t *iv, - size_t len); - -/* CRYPTO_gcm128_aad sets the authenticated data for an instance of GCM. This - * must be called before and data is encrypted. It returns one on success and - * zero otherwise. */ -OPENSSL_EXPORT int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const uint8_t *aad, - size_t len); - -/* CRYPTO_gcm128_encrypt encrypts |len| bytes from |in| to |out|. It returns - * one on success and zero otherwise. */ -OPENSSL_EXPORT int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, const uint8_t *in, - uint8_t *out, size_t len); - -/* CRYPTO_gcm128_decrypt decrypts |len| bytes from |in| to |out|. It returns - * one on success and zero otherwise. */ -OPENSSL_EXPORT int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, const uint8_t *in, - uint8_t *out, size_t len); - -/* CRYPTO_gcm128_encrypt_ctr32 encrypts |len| bytes from |in| to |out| using a - * CTR function that only handles the bottom 32 bits of the nonce, like - * |CRYPTO_ctr128_encrypt_ctr32|. It returns one on success and zero - * otherwise. */ -OPENSSL_EXPORT int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, - const uint8_t *in, uint8_t *out, - size_t len, ctr128_f stream); - -/* CRYPTO_gcm128_decrypt_ctr32 decrypts |len| bytes from |in| to |out| using a - * CTR function that only handles the bottom 32 bits of the nonce, like - * |CRYPTO_ctr128_encrypt_ctr32|. It returns one on success and zero - * otherwise. */ -OPENSSL_EXPORT int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, - const uint8_t *in, uint8_t *out, - size_t len, ctr128_f stream); - -/* CRYPTO_gcm128_finish calculates the authenticator and compares it against - * |len| bytes of |tag|. It returns one on success and zero otherwise. */ -OPENSSL_EXPORT int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const uint8_t *tag, - size_t len); - -/* CRYPTO_gcm128_tag calculates the authenticator and copies it into |tag|. The - * minimum of |len| and 16 bytes are copied into |tag|. */ -OPENSSL_EXPORT void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, uint8_t *tag, - size_t len); - -/* CRYPTO_gcm128_release clears and frees |ctx|. */ -OPENSSL_EXPORT void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx); - - -/* CBC. */ - -/* cbc128_f is the type of a function that performs CBC-mode encryption. */ -typedef void (*cbc128_f)(const uint8_t *in, uint8_t *out, size_t len, - const void *key, uint8_t ivec[16], int enc); - -/* CRYPTO_cbc128_encrypt encrypts |len| bytes from |in| to |out| using the - * given IV and block cipher in CBC mode. The input need not be a multiple of - * 128 bits long, but the output will round up to the nearest 128 bit multiple, - * zero padding the input if needed. The IV will be updated on return. */ -void CRYPTO_cbc128_encrypt(const uint8_t *in, uint8_t *out, size_t len, - const void *key, uint8_t ivec[16], block128_f block); - -/* CRYPTO_cbc128_decrypt decrypts |len| bytes from |in| to |out| using the - * given IV and block cipher in CBC mode. If |len| is not a multiple of 128 - * bits then only that many bytes will be written, but a multiple of 128 bits - * is always read from |in|. The IV will be updated on return. */ -void CRYPTO_cbc128_decrypt(const uint8_t *in, uint8_t *out, size_t len, - const void *key, uint8_t ivec[16], block128_f block); - - -/* OFB. */ - -/* CRYPTO_ofb128_encrypt encrypts (or decrypts, it's the same with OFB mode) - * |len| bytes from |in| to |out| using |block| in OFB mode. There's no - * requirement that |len| be a multiple of any value and any partial blocks are - * stored in |ivec| and |*num|, the latter must be zero before the initial - * call. */ -void CRYPTO_ofb128_encrypt(const uint8_t *in, uint8_t *out, - size_t len, const void *key, uint8_t ivec[16], - int *num, block128_f block); - - -/* CFB. */ - -/* CRYPTO_cfb128_encrypt encrypts (or decrypts, if |enc| is zero) |len| bytes - * from |in| to |out| using |block| in CFB mode. There's no requirement that - * |len| be a multiple of any value and any partial blocks are stored in |ivec| - * and |*num|, the latter must be zero before the initial call. */ -void CRYPTO_cfb128_encrypt(const uint8_t *in, uint8_t *out, size_t len, - const void *key, uint8_t ivec[16], int *num, int enc, - block128_f block); - -/* CRYPTO_cfb128_8_encrypt encrypts (or decrypts, if |enc| is zero) |len| bytes - * from |in| to |out| using |block| in CFB-8 mode. Prior to the first call - * |num| should be set to zero. */ -void CRYPTO_cfb128_8_encrypt(const uint8_t *in, uint8_t *out, size_t len, - const void *key, uint8_t ivec[16], int *num, - int enc, block128_f block); - -/* CRYPTO_cfb128_1_encrypt encrypts (or decrypts, if |enc| is zero) |len| bytes - * from |in| to |out| using |block| in CFB-1 mode. Prior to the first call - * |num| should be set to zero. */ -void CRYPTO_cfb128_1_encrypt(const uint8_t *in, uint8_t *out, size_t bits, - const void *key, uint8_t ivec[16], int *num, - int enc, block128_f block); - -size_t CRYPTO_cts128_encrypt_block(const uint8_t *in, uint8_t *out, size_t len, - const void *key, uint8_t ivec[16], - block128_f block); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_MODES_H */ diff --git a/third_party/boringssl/include/openssl/obj.h b/third_party/boringssl/include/openssl/obj.h deleted file mode 100644 index f476617e18e427..00000000000000 --- a/third_party/boringssl/include/openssl/obj.h +++ /dev/null @@ -1,202 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_OBJECTS_H -#define OPENSSL_HEADER_OBJECTS_H - -#include - -#include -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* The objects library deals with the registration and indexing of ASN.1 object - * identifiers. These values are often written as a dotted sequence of numbers, - * e.g. 1.2.840.113549.1.9.16.3.9. - * - * Internally, OpenSSL likes to deal with these values by numbering them with - * numbers called "nids". OpenSSL has a large, built-in database of common - * object identifiers and also has both short and long names for them. - * - * This library provides functions for translating between object identifiers, - * nids, short names and long names. - * - * The nid values should not be used outside of a single process: they are not - * stable identifiers. */ - - -/* Basic operations. */ - -/* OBJ_dup returns a duplicate copy of |obj| or NULL on allocation failure. */ -OPENSSL_EXPORT ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *obj); - -/* OBJ_cmp returns a value less than, equal to or greater than zero if |a| is - * less than, equal to or greater than |b|, respectively. */ -OPENSSL_EXPORT int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b); - - -/* Looking up nids. */ - -/* OBJ_obj2nid returns the nid corresponding to |obj|, or |NID_undef| if no - * such object is known. */ -OPENSSL_EXPORT int OBJ_obj2nid(const ASN1_OBJECT *obj); - -/* OBJ_cbs2nid returns the nid corresponding to the DER data in |cbs|, or - * |NID_undef| if no such object is known. */ -OPENSSL_EXPORT int OBJ_cbs2nid(const CBS *cbs); - -/* OBJ_sn2nid returns the nid corresponding to |short_name|, or |NID_undef| if - * no such short name is known. */ -OPENSSL_EXPORT int OBJ_sn2nid(const char *short_name); - -/* OBJ_ln2nid returns the nid corresponding to |long_name|, or |NID_undef| if - * no such long name is known. */ -OPENSSL_EXPORT int OBJ_ln2nid(const char *long_name); - -/* OBJ_txt2nid returns the nid corresponding to |s|, which may be a short name, - * long name, or an ASCII string containing a dotted sequence of numbers. It - * returns the nid or NID_undef if unknown. */ -OPENSSL_EXPORT int OBJ_txt2nid(const char *s); - - -/* Getting information about nids. */ - -/* OBJ_nid2obj returns the ASN1_OBJECT corresponding to |nid|, or NULL if |nid| - * is unknown. */ -OPENSSL_EXPORT const ASN1_OBJECT *OBJ_nid2obj(int nid); - -/* OBJ_nid2sn returns the short name for |nid|, or NULL if |nid| is unknown. */ -OPENSSL_EXPORT const char *OBJ_nid2sn(int nid); - -/* OBJ_nid2sn returns the long name for |nid|, or NULL if |nid| is unknown. */ -OPENSSL_EXPORT const char *OBJ_nid2ln(int nid); - -/* OBJ_nid2cbs writes |nid| as an ASN.1 OBJECT IDENTIFIER to |out|. It returns - * one on success or zero otherwise. */ -OPENSSL_EXPORT int OBJ_nid2cbb(CBB *out, int nid); - - -/* Dealing with textual representations of object identifiers. */ - -/* OBJ_txt2obj returns an ASN1_OBJECT for the textual respresentation in |s|. - * If |dont_search_names| is zero, then |s| will be matched against the long - * and short names of a known objects to find a match. Otherwise |s| must - * contain an ASCII string with a dotted sequence of numbers. The resulting - * object need not be previously known. It returns a freshly allocated - * |ASN1_OBJECT| or NULL on error. */ -OPENSSL_EXPORT ASN1_OBJECT *OBJ_txt2obj(const char *s, int dont_search_names); - -/* OBJ_obj2txt converts |obj| to a textual representation. If - * |dont_return_name| is zero then |obj| will be matched against known objects - * and the long (preferably) or short name will be used if found. Otherwise - * |obj| will be converted into a dotted sequence of integers. If |out| is not - * NULL, then at most |out_len| bytes of the textual form will be written - * there. If |out_len| is at least one, then string written to |out| will - * always be NUL terminated. It returns the number of characters that could - * have been written, not including the final NUL, or -1 on error. */ -OPENSSL_EXPORT int OBJ_obj2txt(char *out, int out_len, const ASN1_OBJECT *obj, - int dont_return_name); - - -/* Adding objects at runtime. */ - -/* OBJ_create adds a known object and returns the nid of the new object, or - * NID_undef on error. */ -OPENSSL_EXPORT int OBJ_create(const char *oid, const char *short_name, - const char *long_name); - - -/* Handling signature algorithm identifiers. - * - * Some NIDs (e.g. sha256WithRSAEncryption) specify both a digest algorithm and - * a public key algorithm. The following functions map between pairs of digest - * and public-key algorithms and the NIDs that specify their combination. - * - * Sometimes the combination NID leaves the digest unspecified (e.g. - * rsassaPss). In these cases, the digest NID is |NID_undef|. */ - -/* OBJ_find_sigid_algs finds the digest and public-key NIDs that correspond to - * the signing algorithm |sign_nid|. If successful, it sets |*out_digest_nid| - * and |*out_pkey_nid| and returns one. Otherwise it returns zero. Any of - * |out_digest_nid| or |out_pkey_nid| can be NULL if the caller doesn't need - * that output value. */ -OPENSSL_EXPORT int OBJ_find_sigid_algs(int sign_nid, int *out_digest_nid, - int *out_pkey_nid); - -/* OBJ_find_sigid_by_algs finds the signature NID that corresponds to the - * combination of |digest_nid| and |pkey_nid|. If success, it sets - * |*out_sign_nid| and returns one. Otherwise it returns zero. The - * |out_sign_nid| argument can be NULL if the caller only wishes to learn - * whether the combination is valid. */ -OPENSSL_EXPORT int OBJ_find_sigid_by_algs(int *out_sign_nid, int digest_nid, - int pkey_nid); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define OBJ_F_OBJ_create 100 -#define OBJ_F_OBJ_dup 101 -#define OBJ_F_OBJ_nid2obj 102 -#define OBJ_F_OBJ_txt2obj 103 -#define OBJ_R_UNKNOWN_NID 100 - -#endif /* OPENSSL_HEADER_OBJECTS_H */ diff --git a/third_party/boringssl/include/openssl/obj_mac.h b/third_party/boringssl/include/openssl/obj_mac.h deleted file mode 100644 index 55e1cba2fee7bc..00000000000000 --- a/third_party/boringssl/include/openssl/obj_mac.h +++ /dev/null @@ -1,4140 +0,0 @@ -/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the - * following command: - * perl objects.pl objects.txt obj_mac.num ../../include/openssl/obj_mac.h */ - -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#define SN_undef "UNDEF" -#define LN_undef "undefined" -#define NID_undef 0 -#define OBJ_undef 0L - -#define SN_itu_t "ITU-T" -#define LN_itu_t "itu-t" -#define NID_itu_t 645 -#define OBJ_itu_t 0L - -#define NID_ccitt 404 -#define OBJ_ccitt OBJ_itu_t - -#define SN_iso "ISO" -#define LN_iso "iso" -#define NID_iso 181 -#define OBJ_iso 1L - -#define SN_joint_iso_itu_t "JOINT-ISO-ITU-T" -#define LN_joint_iso_itu_t "joint-iso-itu-t" -#define NID_joint_iso_itu_t 646 -#define OBJ_joint_iso_itu_t 2L - -#define NID_joint_iso_ccitt 393 -#define OBJ_joint_iso_ccitt OBJ_joint_iso_itu_t - -#define SN_member_body "member-body" -#define LN_member_body "ISO Member Body" -#define NID_member_body 182 -#define OBJ_member_body OBJ_iso,2L - -#define SN_identified_organization "identified-organization" -#define NID_identified_organization 676 -#define OBJ_identified_organization OBJ_iso,3L - -#define SN_hmac_md5 "HMAC-MD5" -#define LN_hmac_md5 "hmac-md5" -#define NID_hmac_md5 780 -#define OBJ_hmac_md5 OBJ_identified_organization,6L,1L,5L,5L,8L,1L,1L - -#define SN_hmac_sha1 "HMAC-SHA1" -#define LN_hmac_sha1 "hmac-sha1" -#define NID_hmac_sha1 781 -#define OBJ_hmac_sha1 OBJ_identified_organization,6L,1L,5L,5L,8L,1L,2L - -#define SN_certicom_arc "certicom-arc" -#define NID_certicom_arc 677 -#define OBJ_certicom_arc OBJ_identified_organization,132L - -#define SN_international_organizations "international-organizations" -#define LN_international_organizations "International Organizations" -#define NID_international_organizations 647 -#define OBJ_international_organizations OBJ_joint_iso_itu_t,23L - -#define SN_wap "wap" -#define NID_wap 678 -#define OBJ_wap OBJ_international_organizations,43L - -#define SN_wap_wsg "wap-wsg" -#define NID_wap_wsg 679 -#define OBJ_wap_wsg OBJ_wap,1L - -#define SN_selected_attribute_types "selected-attribute-types" -#define LN_selected_attribute_types "Selected Attribute Types" -#define NID_selected_attribute_types 394 -#define OBJ_selected_attribute_types OBJ_joint_iso_itu_t,5L,1L,5L - -#define SN_clearance "clearance" -#define NID_clearance 395 -#define OBJ_clearance OBJ_selected_attribute_types,55L - -#define SN_ISO_US "ISO-US" -#define LN_ISO_US "ISO US Member Body" -#define NID_ISO_US 183 -#define OBJ_ISO_US OBJ_member_body,840L - -#define SN_X9_57 "X9-57" -#define LN_X9_57 "X9.57" -#define NID_X9_57 184 -#define OBJ_X9_57 OBJ_ISO_US,10040L - -#define SN_X9cm "X9cm" -#define LN_X9cm "X9.57 CM ?" -#define NID_X9cm 185 -#define OBJ_X9cm OBJ_X9_57,4L - -#define SN_dsa "DSA" -#define LN_dsa "dsaEncryption" -#define NID_dsa 116 -#define OBJ_dsa OBJ_X9cm,1L - -#define SN_dsaWithSHA1 "DSA-SHA1" -#define LN_dsaWithSHA1 "dsaWithSHA1" -#define NID_dsaWithSHA1 113 -#define OBJ_dsaWithSHA1 OBJ_X9cm,3L - -#define SN_ansi_X9_62 "ansi-X9-62" -#define LN_ansi_X9_62 "ANSI X9.62" -#define NID_ansi_X9_62 405 -#define OBJ_ansi_X9_62 OBJ_ISO_US,10045L - -#define OBJ_X9_62_id_fieldType OBJ_ansi_X9_62,1L - -#define SN_X9_62_prime_field "prime-field" -#define NID_X9_62_prime_field 406 -#define OBJ_X9_62_prime_field OBJ_X9_62_id_fieldType,1L - -#define SN_X9_62_characteristic_two_field "characteristic-two-field" -#define NID_X9_62_characteristic_two_field 407 -#define OBJ_X9_62_characteristic_two_field OBJ_X9_62_id_fieldType,2L - -#define SN_X9_62_id_characteristic_two_basis "id-characteristic-two-basis" -#define NID_X9_62_id_characteristic_two_basis 680 -#define OBJ_X9_62_id_characteristic_two_basis OBJ_X9_62_characteristic_two_field,3L - -#define SN_X9_62_onBasis "onBasis" -#define NID_X9_62_onBasis 681 -#define OBJ_X9_62_onBasis OBJ_X9_62_id_characteristic_two_basis,1L - -#define SN_X9_62_tpBasis "tpBasis" -#define NID_X9_62_tpBasis 682 -#define OBJ_X9_62_tpBasis OBJ_X9_62_id_characteristic_two_basis,2L - -#define SN_X9_62_ppBasis "ppBasis" -#define NID_X9_62_ppBasis 683 -#define OBJ_X9_62_ppBasis OBJ_X9_62_id_characteristic_two_basis,3L - -#define OBJ_X9_62_id_publicKeyType OBJ_ansi_X9_62,2L - -#define SN_X9_62_id_ecPublicKey "id-ecPublicKey" -#define NID_X9_62_id_ecPublicKey 408 -#define OBJ_X9_62_id_ecPublicKey OBJ_X9_62_id_publicKeyType,1L - -#define OBJ_X9_62_ellipticCurve OBJ_ansi_X9_62,3L - -#define OBJ_X9_62_c_TwoCurve OBJ_X9_62_ellipticCurve,0L - -#define SN_X9_62_c2pnb163v1 "c2pnb163v1" -#define NID_X9_62_c2pnb163v1 684 -#define OBJ_X9_62_c2pnb163v1 OBJ_X9_62_c_TwoCurve,1L - -#define SN_X9_62_c2pnb163v2 "c2pnb163v2" -#define NID_X9_62_c2pnb163v2 685 -#define OBJ_X9_62_c2pnb163v2 OBJ_X9_62_c_TwoCurve,2L - -#define SN_X9_62_c2pnb163v3 "c2pnb163v3" -#define NID_X9_62_c2pnb163v3 686 -#define OBJ_X9_62_c2pnb163v3 OBJ_X9_62_c_TwoCurve,3L - -#define SN_X9_62_c2pnb176v1 "c2pnb176v1" -#define NID_X9_62_c2pnb176v1 687 -#define OBJ_X9_62_c2pnb176v1 OBJ_X9_62_c_TwoCurve,4L - -#define SN_X9_62_c2tnb191v1 "c2tnb191v1" -#define NID_X9_62_c2tnb191v1 688 -#define OBJ_X9_62_c2tnb191v1 OBJ_X9_62_c_TwoCurve,5L - -#define SN_X9_62_c2tnb191v2 "c2tnb191v2" -#define NID_X9_62_c2tnb191v2 689 -#define OBJ_X9_62_c2tnb191v2 OBJ_X9_62_c_TwoCurve,6L - -#define SN_X9_62_c2tnb191v3 "c2tnb191v3" -#define NID_X9_62_c2tnb191v3 690 -#define OBJ_X9_62_c2tnb191v3 OBJ_X9_62_c_TwoCurve,7L - -#define SN_X9_62_c2onb191v4 "c2onb191v4" -#define NID_X9_62_c2onb191v4 691 -#define OBJ_X9_62_c2onb191v4 OBJ_X9_62_c_TwoCurve,8L - -#define SN_X9_62_c2onb191v5 "c2onb191v5" -#define NID_X9_62_c2onb191v5 692 -#define OBJ_X9_62_c2onb191v5 OBJ_X9_62_c_TwoCurve,9L - -#define SN_X9_62_c2pnb208w1 "c2pnb208w1" -#define NID_X9_62_c2pnb208w1 693 -#define OBJ_X9_62_c2pnb208w1 OBJ_X9_62_c_TwoCurve,10L - -#define SN_X9_62_c2tnb239v1 "c2tnb239v1" -#define NID_X9_62_c2tnb239v1 694 -#define OBJ_X9_62_c2tnb239v1 OBJ_X9_62_c_TwoCurve,11L - -#define SN_X9_62_c2tnb239v2 "c2tnb239v2" -#define NID_X9_62_c2tnb239v2 695 -#define OBJ_X9_62_c2tnb239v2 OBJ_X9_62_c_TwoCurve,12L - -#define SN_X9_62_c2tnb239v3 "c2tnb239v3" -#define NID_X9_62_c2tnb239v3 696 -#define OBJ_X9_62_c2tnb239v3 OBJ_X9_62_c_TwoCurve,13L - -#define SN_X9_62_c2onb239v4 "c2onb239v4" -#define NID_X9_62_c2onb239v4 697 -#define OBJ_X9_62_c2onb239v4 OBJ_X9_62_c_TwoCurve,14L - -#define SN_X9_62_c2onb239v5 "c2onb239v5" -#define NID_X9_62_c2onb239v5 698 -#define OBJ_X9_62_c2onb239v5 OBJ_X9_62_c_TwoCurve,15L - -#define SN_X9_62_c2pnb272w1 "c2pnb272w1" -#define NID_X9_62_c2pnb272w1 699 -#define OBJ_X9_62_c2pnb272w1 OBJ_X9_62_c_TwoCurve,16L - -#define SN_X9_62_c2pnb304w1 "c2pnb304w1" -#define NID_X9_62_c2pnb304w1 700 -#define OBJ_X9_62_c2pnb304w1 OBJ_X9_62_c_TwoCurve,17L - -#define SN_X9_62_c2tnb359v1 "c2tnb359v1" -#define NID_X9_62_c2tnb359v1 701 -#define OBJ_X9_62_c2tnb359v1 OBJ_X9_62_c_TwoCurve,18L - -#define SN_X9_62_c2pnb368w1 "c2pnb368w1" -#define NID_X9_62_c2pnb368w1 702 -#define OBJ_X9_62_c2pnb368w1 OBJ_X9_62_c_TwoCurve,19L - -#define SN_X9_62_c2tnb431r1 "c2tnb431r1" -#define NID_X9_62_c2tnb431r1 703 -#define OBJ_X9_62_c2tnb431r1 OBJ_X9_62_c_TwoCurve,20L - -#define OBJ_X9_62_primeCurve OBJ_X9_62_ellipticCurve,1L - -#define SN_X9_62_prime192v1 "prime192v1" -#define NID_X9_62_prime192v1 409 -#define OBJ_X9_62_prime192v1 OBJ_X9_62_primeCurve,1L - -#define SN_X9_62_prime192v2 "prime192v2" -#define NID_X9_62_prime192v2 410 -#define OBJ_X9_62_prime192v2 OBJ_X9_62_primeCurve,2L - -#define SN_X9_62_prime192v3 "prime192v3" -#define NID_X9_62_prime192v3 411 -#define OBJ_X9_62_prime192v3 OBJ_X9_62_primeCurve,3L - -#define SN_X9_62_prime239v1 "prime239v1" -#define NID_X9_62_prime239v1 412 -#define OBJ_X9_62_prime239v1 OBJ_X9_62_primeCurve,4L - -#define SN_X9_62_prime239v2 "prime239v2" -#define NID_X9_62_prime239v2 413 -#define OBJ_X9_62_prime239v2 OBJ_X9_62_primeCurve,5L - -#define SN_X9_62_prime239v3 "prime239v3" -#define NID_X9_62_prime239v3 414 -#define OBJ_X9_62_prime239v3 OBJ_X9_62_primeCurve,6L - -#define SN_X9_62_prime256v1 "prime256v1" -#define NID_X9_62_prime256v1 415 -#define OBJ_X9_62_prime256v1 OBJ_X9_62_primeCurve,7L - -#define OBJ_X9_62_id_ecSigType OBJ_ansi_X9_62,4L - -#define SN_ecdsa_with_SHA1 "ecdsa-with-SHA1" -#define NID_ecdsa_with_SHA1 416 -#define OBJ_ecdsa_with_SHA1 OBJ_X9_62_id_ecSigType,1L - -#define SN_ecdsa_with_Recommended "ecdsa-with-Recommended" -#define NID_ecdsa_with_Recommended 791 -#define OBJ_ecdsa_with_Recommended OBJ_X9_62_id_ecSigType,2L - -#define SN_ecdsa_with_Specified "ecdsa-with-Specified" -#define NID_ecdsa_with_Specified 792 -#define OBJ_ecdsa_with_Specified OBJ_X9_62_id_ecSigType,3L - -#define SN_ecdsa_with_SHA224 "ecdsa-with-SHA224" -#define NID_ecdsa_with_SHA224 793 -#define OBJ_ecdsa_with_SHA224 OBJ_ecdsa_with_Specified,1L - -#define SN_ecdsa_with_SHA256 "ecdsa-with-SHA256" -#define NID_ecdsa_with_SHA256 794 -#define OBJ_ecdsa_with_SHA256 OBJ_ecdsa_with_Specified,2L - -#define SN_ecdsa_with_SHA384 "ecdsa-with-SHA384" -#define NID_ecdsa_with_SHA384 795 -#define OBJ_ecdsa_with_SHA384 OBJ_ecdsa_with_Specified,3L - -#define SN_ecdsa_with_SHA512 "ecdsa-with-SHA512" -#define NID_ecdsa_with_SHA512 796 -#define OBJ_ecdsa_with_SHA512 OBJ_ecdsa_with_Specified,4L - -#define OBJ_secg_ellipticCurve OBJ_certicom_arc,0L - -#define SN_secp112r1 "secp112r1" -#define NID_secp112r1 704 -#define OBJ_secp112r1 OBJ_secg_ellipticCurve,6L - -#define SN_secp112r2 "secp112r2" -#define NID_secp112r2 705 -#define OBJ_secp112r2 OBJ_secg_ellipticCurve,7L - -#define SN_secp128r1 "secp128r1" -#define NID_secp128r1 706 -#define OBJ_secp128r1 OBJ_secg_ellipticCurve,28L - -#define SN_secp128r2 "secp128r2" -#define NID_secp128r2 707 -#define OBJ_secp128r2 OBJ_secg_ellipticCurve,29L - -#define SN_secp160k1 "secp160k1" -#define NID_secp160k1 708 -#define OBJ_secp160k1 OBJ_secg_ellipticCurve,9L - -#define SN_secp160r1 "secp160r1" -#define NID_secp160r1 709 -#define OBJ_secp160r1 OBJ_secg_ellipticCurve,8L - -#define SN_secp160r2 "secp160r2" -#define NID_secp160r2 710 -#define OBJ_secp160r2 OBJ_secg_ellipticCurve,30L - -#define SN_secp192k1 "secp192k1" -#define NID_secp192k1 711 -#define OBJ_secp192k1 OBJ_secg_ellipticCurve,31L - -#define SN_secp224k1 "secp224k1" -#define NID_secp224k1 712 -#define OBJ_secp224k1 OBJ_secg_ellipticCurve,32L - -#define SN_secp224r1 "secp224r1" -#define NID_secp224r1 713 -#define OBJ_secp224r1 OBJ_secg_ellipticCurve,33L - -#define SN_secp256k1 "secp256k1" -#define NID_secp256k1 714 -#define OBJ_secp256k1 OBJ_secg_ellipticCurve,10L - -#define SN_secp384r1 "secp384r1" -#define NID_secp384r1 715 -#define OBJ_secp384r1 OBJ_secg_ellipticCurve,34L - -#define SN_secp521r1 "secp521r1" -#define NID_secp521r1 716 -#define OBJ_secp521r1 OBJ_secg_ellipticCurve,35L - -#define SN_sect113r1 "sect113r1" -#define NID_sect113r1 717 -#define OBJ_sect113r1 OBJ_secg_ellipticCurve,4L - -#define SN_sect113r2 "sect113r2" -#define NID_sect113r2 718 -#define OBJ_sect113r2 OBJ_secg_ellipticCurve,5L - -#define SN_sect131r1 "sect131r1" -#define NID_sect131r1 719 -#define OBJ_sect131r1 OBJ_secg_ellipticCurve,22L - -#define SN_sect131r2 "sect131r2" -#define NID_sect131r2 720 -#define OBJ_sect131r2 OBJ_secg_ellipticCurve,23L - -#define SN_sect163k1 "sect163k1" -#define NID_sect163k1 721 -#define OBJ_sect163k1 OBJ_secg_ellipticCurve,1L - -#define SN_sect163r1 "sect163r1" -#define NID_sect163r1 722 -#define OBJ_sect163r1 OBJ_secg_ellipticCurve,2L - -#define SN_sect163r2 "sect163r2" -#define NID_sect163r2 723 -#define OBJ_sect163r2 OBJ_secg_ellipticCurve,15L - -#define SN_sect193r1 "sect193r1" -#define NID_sect193r1 724 -#define OBJ_sect193r1 OBJ_secg_ellipticCurve,24L - -#define SN_sect193r2 "sect193r2" -#define NID_sect193r2 725 -#define OBJ_sect193r2 OBJ_secg_ellipticCurve,25L - -#define SN_sect233k1 "sect233k1" -#define NID_sect233k1 726 -#define OBJ_sect233k1 OBJ_secg_ellipticCurve,26L - -#define SN_sect233r1 "sect233r1" -#define NID_sect233r1 727 -#define OBJ_sect233r1 OBJ_secg_ellipticCurve,27L - -#define SN_sect239k1 "sect239k1" -#define NID_sect239k1 728 -#define OBJ_sect239k1 OBJ_secg_ellipticCurve,3L - -#define SN_sect283k1 "sect283k1" -#define NID_sect283k1 729 -#define OBJ_sect283k1 OBJ_secg_ellipticCurve,16L - -#define SN_sect283r1 "sect283r1" -#define NID_sect283r1 730 -#define OBJ_sect283r1 OBJ_secg_ellipticCurve,17L - -#define SN_sect409k1 "sect409k1" -#define NID_sect409k1 731 -#define OBJ_sect409k1 OBJ_secg_ellipticCurve,36L - -#define SN_sect409r1 "sect409r1" -#define NID_sect409r1 732 -#define OBJ_sect409r1 OBJ_secg_ellipticCurve,37L - -#define SN_sect571k1 "sect571k1" -#define NID_sect571k1 733 -#define OBJ_sect571k1 OBJ_secg_ellipticCurve,38L - -#define SN_sect571r1 "sect571r1" -#define NID_sect571r1 734 -#define OBJ_sect571r1 OBJ_secg_ellipticCurve,39L - -#define OBJ_wap_wsg_idm_ecid OBJ_wap_wsg,4L - -#define SN_wap_wsg_idm_ecid_wtls1 "wap-wsg-idm-ecid-wtls1" -#define NID_wap_wsg_idm_ecid_wtls1 735 -#define OBJ_wap_wsg_idm_ecid_wtls1 OBJ_wap_wsg_idm_ecid,1L - -#define SN_wap_wsg_idm_ecid_wtls3 "wap-wsg-idm-ecid-wtls3" -#define NID_wap_wsg_idm_ecid_wtls3 736 -#define OBJ_wap_wsg_idm_ecid_wtls3 OBJ_wap_wsg_idm_ecid,3L - -#define SN_wap_wsg_idm_ecid_wtls4 "wap-wsg-idm-ecid-wtls4" -#define NID_wap_wsg_idm_ecid_wtls4 737 -#define OBJ_wap_wsg_idm_ecid_wtls4 OBJ_wap_wsg_idm_ecid,4L - -#define SN_wap_wsg_idm_ecid_wtls5 "wap-wsg-idm-ecid-wtls5" -#define NID_wap_wsg_idm_ecid_wtls5 738 -#define OBJ_wap_wsg_idm_ecid_wtls5 OBJ_wap_wsg_idm_ecid,5L - -#define SN_wap_wsg_idm_ecid_wtls6 "wap-wsg-idm-ecid-wtls6" -#define NID_wap_wsg_idm_ecid_wtls6 739 -#define OBJ_wap_wsg_idm_ecid_wtls6 OBJ_wap_wsg_idm_ecid,6L - -#define SN_wap_wsg_idm_ecid_wtls7 "wap-wsg-idm-ecid-wtls7" -#define NID_wap_wsg_idm_ecid_wtls7 740 -#define OBJ_wap_wsg_idm_ecid_wtls7 OBJ_wap_wsg_idm_ecid,7L - -#define SN_wap_wsg_idm_ecid_wtls8 "wap-wsg-idm-ecid-wtls8" -#define NID_wap_wsg_idm_ecid_wtls8 741 -#define OBJ_wap_wsg_idm_ecid_wtls8 OBJ_wap_wsg_idm_ecid,8L - -#define SN_wap_wsg_idm_ecid_wtls9 "wap-wsg-idm-ecid-wtls9" -#define NID_wap_wsg_idm_ecid_wtls9 742 -#define OBJ_wap_wsg_idm_ecid_wtls9 OBJ_wap_wsg_idm_ecid,9L - -#define SN_wap_wsg_idm_ecid_wtls10 "wap-wsg-idm-ecid-wtls10" -#define NID_wap_wsg_idm_ecid_wtls10 743 -#define OBJ_wap_wsg_idm_ecid_wtls10 OBJ_wap_wsg_idm_ecid,10L - -#define SN_wap_wsg_idm_ecid_wtls11 "wap-wsg-idm-ecid-wtls11" -#define NID_wap_wsg_idm_ecid_wtls11 744 -#define OBJ_wap_wsg_idm_ecid_wtls11 OBJ_wap_wsg_idm_ecid,11L - -#define SN_wap_wsg_idm_ecid_wtls12 "wap-wsg-idm-ecid-wtls12" -#define NID_wap_wsg_idm_ecid_wtls12 745 -#define OBJ_wap_wsg_idm_ecid_wtls12 OBJ_wap_wsg_idm_ecid,12L - -#define SN_cast5_cbc "CAST5-CBC" -#define LN_cast5_cbc "cast5-cbc" -#define NID_cast5_cbc 108 -#define OBJ_cast5_cbc OBJ_ISO_US,113533L,7L,66L,10L - -#define SN_cast5_ecb "CAST5-ECB" -#define LN_cast5_ecb "cast5-ecb" -#define NID_cast5_ecb 109 - -#define SN_cast5_cfb64 "CAST5-CFB" -#define LN_cast5_cfb64 "cast5-cfb" -#define NID_cast5_cfb64 110 - -#define SN_cast5_ofb64 "CAST5-OFB" -#define LN_cast5_ofb64 "cast5-ofb" -#define NID_cast5_ofb64 111 - -#define LN_pbeWithMD5AndCast5_CBC "pbeWithMD5AndCast5CBC" -#define NID_pbeWithMD5AndCast5_CBC 112 -#define OBJ_pbeWithMD5AndCast5_CBC OBJ_ISO_US,113533L,7L,66L,12L - -#define SN_id_PasswordBasedMAC "id-PasswordBasedMAC" -#define LN_id_PasswordBasedMAC "password based MAC" -#define NID_id_PasswordBasedMAC 782 -#define OBJ_id_PasswordBasedMAC OBJ_ISO_US,113533L,7L,66L,13L - -#define SN_id_DHBasedMac "id-DHBasedMac" -#define LN_id_DHBasedMac "Diffie-Hellman based MAC" -#define NID_id_DHBasedMac 783 -#define OBJ_id_DHBasedMac OBJ_ISO_US,113533L,7L,66L,30L - -#define SN_rsadsi "rsadsi" -#define LN_rsadsi "RSA Data Security, Inc." -#define NID_rsadsi 1 -#define OBJ_rsadsi OBJ_ISO_US,113549L - -#define SN_pkcs "pkcs" -#define LN_pkcs "RSA Data Security, Inc. PKCS" -#define NID_pkcs 2 -#define OBJ_pkcs OBJ_rsadsi,1L - -#define SN_pkcs1 "pkcs1" -#define NID_pkcs1 186 -#define OBJ_pkcs1 OBJ_pkcs,1L - -#define LN_rsaEncryption "rsaEncryption" -#define NID_rsaEncryption 6 -#define OBJ_rsaEncryption OBJ_pkcs1,1L - -#define SN_md2WithRSAEncryption "RSA-MD2" -#define LN_md2WithRSAEncryption "md2WithRSAEncryption" -#define NID_md2WithRSAEncryption 7 -#define OBJ_md2WithRSAEncryption OBJ_pkcs1,2L - -#define SN_md4WithRSAEncryption "RSA-MD4" -#define LN_md4WithRSAEncryption "md4WithRSAEncryption" -#define NID_md4WithRSAEncryption 396 -#define OBJ_md4WithRSAEncryption OBJ_pkcs1,3L - -#define SN_md5WithRSAEncryption "RSA-MD5" -#define LN_md5WithRSAEncryption "md5WithRSAEncryption" -#define NID_md5WithRSAEncryption 8 -#define OBJ_md5WithRSAEncryption OBJ_pkcs1,4L - -#define SN_sha1WithRSAEncryption "RSA-SHA1" -#define LN_sha1WithRSAEncryption "sha1WithRSAEncryption" -#define NID_sha1WithRSAEncryption 65 -#define OBJ_sha1WithRSAEncryption OBJ_pkcs1,5L - -#define SN_rsaesOaep "RSAES-OAEP" -#define LN_rsaesOaep "rsaesOaep" -#define NID_rsaesOaep 919 -#define OBJ_rsaesOaep OBJ_pkcs1,7L - -#define SN_mgf1 "MGF1" -#define LN_mgf1 "mgf1" -#define NID_mgf1 911 -#define OBJ_mgf1 OBJ_pkcs1,8L - -#define SN_pSpecified "PSPECIFIED" -#define LN_pSpecified "pSpecified" -#define NID_pSpecified 935 -#define OBJ_pSpecified OBJ_pkcs1,9L - -#define SN_rsassaPss "RSASSA-PSS" -#define LN_rsassaPss "rsassaPss" -#define NID_rsassaPss 912 -#define OBJ_rsassaPss OBJ_pkcs1,10L - -#define SN_sha256WithRSAEncryption "RSA-SHA256" -#define LN_sha256WithRSAEncryption "sha256WithRSAEncryption" -#define NID_sha256WithRSAEncryption 668 -#define OBJ_sha256WithRSAEncryption OBJ_pkcs1,11L - -#define SN_sha384WithRSAEncryption "RSA-SHA384" -#define LN_sha384WithRSAEncryption "sha384WithRSAEncryption" -#define NID_sha384WithRSAEncryption 669 -#define OBJ_sha384WithRSAEncryption OBJ_pkcs1,12L - -#define SN_sha512WithRSAEncryption "RSA-SHA512" -#define LN_sha512WithRSAEncryption "sha512WithRSAEncryption" -#define NID_sha512WithRSAEncryption 670 -#define OBJ_sha512WithRSAEncryption OBJ_pkcs1,13L - -#define SN_sha224WithRSAEncryption "RSA-SHA224" -#define LN_sha224WithRSAEncryption "sha224WithRSAEncryption" -#define NID_sha224WithRSAEncryption 671 -#define OBJ_sha224WithRSAEncryption OBJ_pkcs1,14L - -#define SN_pkcs3 "pkcs3" -#define NID_pkcs3 27 -#define OBJ_pkcs3 OBJ_pkcs,3L - -#define LN_dhKeyAgreement "dhKeyAgreement" -#define NID_dhKeyAgreement 28 -#define OBJ_dhKeyAgreement OBJ_pkcs3,1L - -#define SN_pkcs5 "pkcs5" -#define NID_pkcs5 187 -#define OBJ_pkcs5 OBJ_pkcs,5L - -#define SN_pbeWithMD2AndDES_CBC "PBE-MD2-DES" -#define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC" -#define NID_pbeWithMD2AndDES_CBC 9 -#define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs5,1L - -#define SN_pbeWithMD5AndDES_CBC "PBE-MD5-DES" -#define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC" -#define NID_pbeWithMD5AndDES_CBC 10 -#define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs5,3L - -#define SN_pbeWithMD2AndRC2_CBC "PBE-MD2-RC2-64" -#define LN_pbeWithMD2AndRC2_CBC "pbeWithMD2AndRC2-CBC" -#define NID_pbeWithMD2AndRC2_CBC 168 -#define OBJ_pbeWithMD2AndRC2_CBC OBJ_pkcs5,4L - -#define SN_pbeWithMD5AndRC2_CBC "PBE-MD5-RC2-64" -#define LN_pbeWithMD5AndRC2_CBC "pbeWithMD5AndRC2-CBC" -#define NID_pbeWithMD5AndRC2_CBC 169 -#define OBJ_pbeWithMD5AndRC2_CBC OBJ_pkcs5,6L - -#define SN_pbeWithSHA1AndDES_CBC "PBE-SHA1-DES" -#define LN_pbeWithSHA1AndDES_CBC "pbeWithSHA1AndDES-CBC" -#define NID_pbeWithSHA1AndDES_CBC 170 -#define OBJ_pbeWithSHA1AndDES_CBC OBJ_pkcs5,10L - -#define SN_pbeWithSHA1AndRC2_CBC "PBE-SHA1-RC2-64" -#define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC" -#define NID_pbeWithSHA1AndRC2_CBC 68 -#define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs5,11L - -#define LN_id_pbkdf2 "PBKDF2" -#define NID_id_pbkdf2 69 -#define OBJ_id_pbkdf2 OBJ_pkcs5,12L - -#define LN_pbes2 "PBES2" -#define NID_pbes2 161 -#define OBJ_pbes2 OBJ_pkcs5,13L - -#define LN_pbmac1 "PBMAC1" -#define NID_pbmac1 162 -#define OBJ_pbmac1 OBJ_pkcs5,14L - -#define SN_pkcs7 "pkcs7" -#define NID_pkcs7 20 -#define OBJ_pkcs7 OBJ_pkcs,7L - -#define LN_pkcs7_data "pkcs7-data" -#define NID_pkcs7_data 21 -#define OBJ_pkcs7_data OBJ_pkcs7,1L - -#define LN_pkcs7_signed "pkcs7-signedData" -#define NID_pkcs7_signed 22 -#define OBJ_pkcs7_signed OBJ_pkcs7,2L - -#define LN_pkcs7_enveloped "pkcs7-envelopedData" -#define NID_pkcs7_enveloped 23 -#define OBJ_pkcs7_enveloped OBJ_pkcs7,3L - -#define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData" -#define NID_pkcs7_signedAndEnveloped 24 -#define OBJ_pkcs7_signedAndEnveloped OBJ_pkcs7,4L - -#define LN_pkcs7_digest "pkcs7-digestData" -#define NID_pkcs7_digest 25 -#define OBJ_pkcs7_digest OBJ_pkcs7,5L - -#define LN_pkcs7_encrypted "pkcs7-encryptedData" -#define NID_pkcs7_encrypted 26 -#define OBJ_pkcs7_encrypted OBJ_pkcs7,6L - -#define SN_pkcs9 "pkcs9" -#define NID_pkcs9 47 -#define OBJ_pkcs9 OBJ_pkcs,9L - -#define LN_pkcs9_emailAddress "emailAddress" -#define NID_pkcs9_emailAddress 48 -#define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L - -#define LN_pkcs9_unstructuredName "unstructuredName" -#define NID_pkcs9_unstructuredName 49 -#define OBJ_pkcs9_unstructuredName OBJ_pkcs9,2L - -#define LN_pkcs9_contentType "contentType" -#define NID_pkcs9_contentType 50 -#define OBJ_pkcs9_contentType OBJ_pkcs9,3L - -#define LN_pkcs9_messageDigest "messageDigest" -#define NID_pkcs9_messageDigest 51 -#define OBJ_pkcs9_messageDigest OBJ_pkcs9,4L - -#define LN_pkcs9_signingTime "signingTime" -#define NID_pkcs9_signingTime 52 -#define OBJ_pkcs9_signingTime OBJ_pkcs9,5L - -#define LN_pkcs9_countersignature "countersignature" -#define NID_pkcs9_countersignature 53 -#define OBJ_pkcs9_countersignature OBJ_pkcs9,6L - -#define LN_pkcs9_challengePassword "challengePassword" -#define NID_pkcs9_challengePassword 54 -#define OBJ_pkcs9_challengePassword OBJ_pkcs9,7L - -#define LN_pkcs9_unstructuredAddress "unstructuredAddress" -#define NID_pkcs9_unstructuredAddress 55 -#define OBJ_pkcs9_unstructuredAddress OBJ_pkcs9,8L - -#define LN_pkcs9_extCertAttributes "extendedCertificateAttributes" -#define NID_pkcs9_extCertAttributes 56 -#define OBJ_pkcs9_extCertAttributes OBJ_pkcs9,9L - -#define SN_ext_req "extReq" -#define LN_ext_req "Extension Request" -#define NID_ext_req 172 -#define OBJ_ext_req OBJ_pkcs9,14L - -#define SN_SMIMECapabilities "SMIME-CAPS" -#define LN_SMIMECapabilities "S/MIME Capabilities" -#define NID_SMIMECapabilities 167 -#define OBJ_SMIMECapabilities OBJ_pkcs9,15L - -#define SN_SMIME "SMIME" -#define LN_SMIME "S/MIME" -#define NID_SMIME 188 -#define OBJ_SMIME OBJ_pkcs9,16L - -#define SN_id_smime_mod "id-smime-mod" -#define NID_id_smime_mod 189 -#define OBJ_id_smime_mod OBJ_SMIME,0L - -#define SN_id_smime_ct "id-smime-ct" -#define NID_id_smime_ct 190 -#define OBJ_id_smime_ct OBJ_SMIME,1L - -#define SN_id_smime_aa "id-smime-aa" -#define NID_id_smime_aa 191 -#define OBJ_id_smime_aa OBJ_SMIME,2L - -#define SN_id_smime_alg "id-smime-alg" -#define NID_id_smime_alg 192 -#define OBJ_id_smime_alg OBJ_SMIME,3L - -#define SN_id_smime_cd "id-smime-cd" -#define NID_id_smime_cd 193 -#define OBJ_id_smime_cd OBJ_SMIME,4L - -#define SN_id_smime_spq "id-smime-spq" -#define NID_id_smime_spq 194 -#define OBJ_id_smime_spq OBJ_SMIME,5L - -#define SN_id_smime_cti "id-smime-cti" -#define NID_id_smime_cti 195 -#define OBJ_id_smime_cti OBJ_SMIME,6L - -#define SN_id_smime_mod_cms "id-smime-mod-cms" -#define NID_id_smime_mod_cms 196 -#define OBJ_id_smime_mod_cms OBJ_id_smime_mod,1L - -#define SN_id_smime_mod_ess "id-smime-mod-ess" -#define NID_id_smime_mod_ess 197 -#define OBJ_id_smime_mod_ess OBJ_id_smime_mod,2L - -#define SN_id_smime_mod_oid "id-smime-mod-oid" -#define NID_id_smime_mod_oid 198 -#define OBJ_id_smime_mod_oid OBJ_id_smime_mod,3L - -#define SN_id_smime_mod_msg_v3 "id-smime-mod-msg-v3" -#define NID_id_smime_mod_msg_v3 199 -#define OBJ_id_smime_mod_msg_v3 OBJ_id_smime_mod,4L - -#define SN_id_smime_mod_ets_eSignature_88 "id-smime-mod-ets-eSignature-88" -#define NID_id_smime_mod_ets_eSignature_88 200 -#define OBJ_id_smime_mod_ets_eSignature_88 OBJ_id_smime_mod,5L - -#define SN_id_smime_mod_ets_eSignature_97 "id-smime-mod-ets-eSignature-97" -#define NID_id_smime_mod_ets_eSignature_97 201 -#define OBJ_id_smime_mod_ets_eSignature_97 OBJ_id_smime_mod,6L - -#define SN_id_smime_mod_ets_eSigPolicy_88 "id-smime-mod-ets-eSigPolicy-88" -#define NID_id_smime_mod_ets_eSigPolicy_88 202 -#define OBJ_id_smime_mod_ets_eSigPolicy_88 OBJ_id_smime_mod,7L - -#define SN_id_smime_mod_ets_eSigPolicy_97 "id-smime-mod-ets-eSigPolicy-97" -#define NID_id_smime_mod_ets_eSigPolicy_97 203 -#define OBJ_id_smime_mod_ets_eSigPolicy_97 OBJ_id_smime_mod,8L - -#define SN_id_smime_ct_receipt "id-smime-ct-receipt" -#define NID_id_smime_ct_receipt 204 -#define OBJ_id_smime_ct_receipt OBJ_id_smime_ct,1L - -#define SN_id_smime_ct_authData "id-smime-ct-authData" -#define NID_id_smime_ct_authData 205 -#define OBJ_id_smime_ct_authData OBJ_id_smime_ct,2L - -#define SN_id_smime_ct_publishCert "id-smime-ct-publishCert" -#define NID_id_smime_ct_publishCert 206 -#define OBJ_id_smime_ct_publishCert OBJ_id_smime_ct,3L - -#define SN_id_smime_ct_TSTInfo "id-smime-ct-TSTInfo" -#define NID_id_smime_ct_TSTInfo 207 -#define OBJ_id_smime_ct_TSTInfo OBJ_id_smime_ct,4L - -#define SN_id_smime_ct_TDTInfo "id-smime-ct-TDTInfo" -#define NID_id_smime_ct_TDTInfo 208 -#define OBJ_id_smime_ct_TDTInfo OBJ_id_smime_ct,5L - -#define SN_id_smime_ct_contentInfo "id-smime-ct-contentInfo" -#define NID_id_smime_ct_contentInfo 209 -#define OBJ_id_smime_ct_contentInfo OBJ_id_smime_ct,6L - -#define SN_id_smime_ct_DVCSRequestData "id-smime-ct-DVCSRequestData" -#define NID_id_smime_ct_DVCSRequestData 210 -#define OBJ_id_smime_ct_DVCSRequestData OBJ_id_smime_ct,7L - -#define SN_id_smime_ct_DVCSResponseData "id-smime-ct-DVCSResponseData" -#define NID_id_smime_ct_DVCSResponseData 211 -#define OBJ_id_smime_ct_DVCSResponseData OBJ_id_smime_ct,8L - -#define SN_id_smime_ct_compressedData "id-smime-ct-compressedData" -#define NID_id_smime_ct_compressedData 786 -#define OBJ_id_smime_ct_compressedData OBJ_id_smime_ct,9L - -#define SN_id_ct_asciiTextWithCRLF "id-ct-asciiTextWithCRLF" -#define NID_id_ct_asciiTextWithCRLF 787 -#define OBJ_id_ct_asciiTextWithCRLF OBJ_id_smime_ct,27L - -#define SN_id_smime_aa_receiptRequest "id-smime-aa-receiptRequest" -#define NID_id_smime_aa_receiptRequest 212 -#define OBJ_id_smime_aa_receiptRequest OBJ_id_smime_aa,1L - -#define SN_id_smime_aa_securityLabel "id-smime-aa-securityLabel" -#define NID_id_smime_aa_securityLabel 213 -#define OBJ_id_smime_aa_securityLabel OBJ_id_smime_aa,2L - -#define SN_id_smime_aa_mlExpandHistory "id-smime-aa-mlExpandHistory" -#define NID_id_smime_aa_mlExpandHistory 214 -#define OBJ_id_smime_aa_mlExpandHistory OBJ_id_smime_aa,3L - -#define SN_id_smime_aa_contentHint "id-smime-aa-contentHint" -#define NID_id_smime_aa_contentHint 215 -#define OBJ_id_smime_aa_contentHint OBJ_id_smime_aa,4L - -#define SN_id_smime_aa_msgSigDigest "id-smime-aa-msgSigDigest" -#define NID_id_smime_aa_msgSigDigest 216 -#define OBJ_id_smime_aa_msgSigDigest OBJ_id_smime_aa,5L - -#define SN_id_smime_aa_encapContentType "id-smime-aa-encapContentType" -#define NID_id_smime_aa_encapContentType 217 -#define OBJ_id_smime_aa_encapContentType OBJ_id_smime_aa,6L - -#define SN_id_smime_aa_contentIdentifier "id-smime-aa-contentIdentifier" -#define NID_id_smime_aa_contentIdentifier 218 -#define OBJ_id_smime_aa_contentIdentifier OBJ_id_smime_aa,7L - -#define SN_id_smime_aa_macValue "id-smime-aa-macValue" -#define NID_id_smime_aa_macValue 219 -#define OBJ_id_smime_aa_macValue OBJ_id_smime_aa,8L - -#define SN_id_smime_aa_equivalentLabels "id-smime-aa-equivalentLabels" -#define NID_id_smime_aa_equivalentLabels 220 -#define OBJ_id_smime_aa_equivalentLabels OBJ_id_smime_aa,9L - -#define SN_id_smime_aa_contentReference "id-smime-aa-contentReference" -#define NID_id_smime_aa_contentReference 221 -#define OBJ_id_smime_aa_contentReference OBJ_id_smime_aa,10L - -#define SN_id_smime_aa_encrypKeyPref "id-smime-aa-encrypKeyPref" -#define NID_id_smime_aa_encrypKeyPref 222 -#define OBJ_id_smime_aa_encrypKeyPref OBJ_id_smime_aa,11L - -#define SN_id_smime_aa_signingCertificate "id-smime-aa-signingCertificate" -#define NID_id_smime_aa_signingCertificate 223 -#define OBJ_id_smime_aa_signingCertificate OBJ_id_smime_aa,12L - -#define SN_id_smime_aa_smimeEncryptCerts "id-smime-aa-smimeEncryptCerts" -#define NID_id_smime_aa_smimeEncryptCerts 224 -#define OBJ_id_smime_aa_smimeEncryptCerts OBJ_id_smime_aa,13L - -#define SN_id_smime_aa_timeStampToken "id-smime-aa-timeStampToken" -#define NID_id_smime_aa_timeStampToken 225 -#define OBJ_id_smime_aa_timeStampToken OBJ_id_smime_aa,14L - -#define SN_id_smime_aa_ets_sigPolicyId "id-smime-aa-ets-sigPolicyId" -#define NID_id_smime_aa_ets_sigPolicyId 226 -#define OBJ_id_smime_aa_ets_sigPolicyId OBJ_id_smime_aa,15L - -#define SN_id_smime_aa_ets_commitmentType "id-smime-aa-ets-commitmentType" -#define NID_id_smime_aa_ets_commitmentType 227 -#define OBJ_id_smime_aa_ets_commitmentType OBJ_id_smime_aa,16L - -#define SN_id_smime_aa_ets_signerLocation "id-smime-aa-ets-signerLocation" -#define NID_id_smime_aa_ets_signerLocation 228 -#define OBJ_id_smime_aa_ets_signerLocation OBJ_id_smime_aa,17L - -#define SN_id_smime_aa_ets_signerAttr "id-smime-aa-ets-signerAttr" -#define NID_id_smime_aa_ets_signerAttr 229 -#define OBJ_id_smime_aa_ets_signerAttr OBJ_id_smime_aa,18L - -#define SN_id_smime_aa_ets_otherSigCert "id-smime-aa-ets-otherSigCert" -#define NID_id_smime_aa_ets_otherSigCert 230 -#define OBJ_id_smime_aa_ets_otherSigCert OBJ_id_smime_aa,19L - -#define SN_id_smime_aa_ets_contentTimestamp "id-smime-aa-ets-contentTimestamp" -#define NID_id_smime_aa_ets_contentTimestamp 231 -#define OBJ_id_smime_aa_ets_contentTimestamp OBJ_id_smime_aa,20L - -#define SN_id_smime_aa_ets_CertificateRefs "id-smime-aa-ets-CertificateRefs" -#define NID_id_smime_aa_ets_CertificateRefs 232 -#define OBJ_id_smime_aa_ets_CertificateRefs OBJ_id_smime_aa,21L - -#define SN_id_smime_aa_ets_RevocationRefs "id-smime-aa-ets-RevocationRefs" -#define NID_id_smime_aa_ets_RevocationRefs 233 -#define OBJ_id_smime_aa_ets_RevocationRefs OBJ_id_smime_aa,22L - -#define SN_id_smime_aa_ets_certValues "id-smime-aa-ets-certValues" -#define NID_id_smime_aa_ets_certValues 234 -#define OBJ_id_smime_aa_ets_certValues OBJ_id_smime_aa,23L - -#define SN_id_smime_aa_ets_revocationValues "id-smime-aa-ets-revocationValues" -#define NID_id_smime_aa_ets_revocationValues 235 -#define OBJ_id_smime_aa_ets_revocationValues OBJ_id_smime_aa,24L - -#define SN_id_smime_aa_ets_escTimeStamp "id-smime-aa-ets-escTimeStamp" -#define NID_id_smime_aa_ets_escTimeStamp 236 -#define OBJ_id_smime_aa_ets_escTimeStamp OBJ_id_smime_aa,25L - -#define SN_id_smime_aa_ets_certCRLTimestamp "id-smime-aa-ets-certCRLTimestamp" -#define NID_id_smime_aa_ets_certCRLTimestamp 237 -#define OBJ_id_smime_aa_ets_certCRLTimestamp OBJ_id_smime_aa,26L - -#define SN_id_smime_aa_ets_archiveTimeStamp "id-smime-aa-ets-archiveTimeStamp" -#define NID_id_smime_aa_ets_archiveTimeStamp 238 -#define OBJ_id_smime_aa_ets_archiveTimeStamp OBJ_id_smime_aa,27L - -#define SN_id_smime_aa_signatureType "id-smime-aa-signatureType" -#define NID_id_smime_aa_signatureType 239 -#define OBJ_id_smime_aa_signatureType OBJ_id_smime_aa,28L - -#define SN_id_smime_aa_dvcs_dvc "id-smime-aa-dvcs-dvc" -#define NID_id_smime_aa_dvcs_dvc 240 -#define OBJ_id_smime_aa_dvcs_dvc OBJ_id_smime_aa,29L - -#define SN_id_smime_alg_ESDHwith3DES "id-smime-alg-ESDHwith3DES" -#define NID_id_smime_alg_ESDHwith3DES 241 -#define OBJ_id_smime_alg_ESDHwith3DES OBJ_id_smime_alg,1L - -#define SN_id_smime_alg_ESDHwithRC2 "id-smime-alg-ESDHwithRC2" -#define NID_id_smime_alg_ESDHwithRC2 242 -#define OBJ_id_smime_alg_ESDHwithRC2 OBJ_id_smime_alg,2L - -#define SN_id_smime_alg_3DESwrap "id-smime-alg-3DESwrap" -#define NID_id_smime_alg_3DESwrap 243 -#define OBJ_id_smime_alg_3DESwrap OBJ_id_smime_alg,3L - -#define SN_id_smime_alg_RC2wrap "id-smime-alg-RC2wrap" -#define NID_id_smime_alg_RC2wrap 244 -#define OBJ_id_smime_alg_RC2wrap OBJ_id_smime_alg,4L - -#define SN_id_smime_alg_ESDH "id-smime-alg-ESDH" -#define NID_id_smime_alg_ESDH 245 -#define OBJ_id_smime_alg_ESDH OBJ_id_smime_alg,5L - -#define SN_id_smime_alg_CMS3DESwrap "id-smime-alg-CMS3DESwrap" -#define NID_id_smime_alg_CMS3DESwrap 246 -#define OBJ_id_smime_alg_CMS3DESwrap OBJ_id_smime_alg,6L - -#define SN_id_smime_alg_CMSRC2wrap "id-smime-alg-CMSRC2wrap" -#define NID_id_smime_alg_CMSRC2wrap 247 -#define OBJ_id_smime_alg_CMSRC2wrap OBJ_id_smime_alg,7L - -#define SN_id_alg_PWRI_KEK "id-alg-PWRI-KEK" -#define NID_id_alg_PWRI_KEK 893 -#define OBJ_id_alg_PWRI_KEK OBJ_id_smime_alg,9L - -#define SN_id_smime_cd_ldap "id-smime-cd-ldap" -#define NID_id_smime_cd_ldap 248 -#define OBJ_id_smime_cd_ldap OBJ_id_smime_cd,1L - -#define SN_id_smime_spq_ets_sqt_uri "id-smime-spq-ets-sqt-uri" -#define NID_id_smime_spq_ets_sqt_uri 249 -#define OBJ_id_smime_spq_ets_sqt_uri OBJ_id_smime_spq,1L - -#define SN_id_smime_spq_ets_sqt_unotice "id-smime-spq-ets-sqt-unotice" -#define NID_id_smime_spq_ets_sqt_unotice 250 -#define OBJ_id_smime_spq_ets_sqt_unotice OBJ_id_smime_spq,2L - -#define SN_id_smime_cti_ets_proofOfOrigin "id-smime-cti-ets-proofOfOrigin" -#define NID_id_smime_cti_ets_proofOfOrigin 251 -#define OBJ_id_smime_cti_ets_proofOfOrigin OBJ_id_smime_cti,1L - -#define SN_id_smime_cti_ets_proofOfReceipt "id-smime-cti-ets-proofOfReceipt" -#define NID_id_smime_cti_ets_proofOfReceipt 252 -#define OBJ_id_smime_cti_ets_proofOfReceipt OBJ_id_smime_cti,2L - -#define SN_id_smime_cti_ets_proofOfDelivery "id-smime-cti-ets-proofOfDelivery" -#define NID_id_smime_cti_ets_proofOfDelivery 253 -#define OBJ_id_smime_cti_ets_proofOfDelivery OBJ_id_smime_cti,3L - -#define SN_id_smime_cti_ets_proofOfSender "id-smime-cti-ets-proofOfSender" -#define NID_id_smime_cti_ets_proofOfSender 254 -#define OBJ_id_smime_cti_ets_proofOfSender OBJ_id_smime_cti,4L - -#define SN_id_smime_cti_ets_proofOfApproval "id-smime-cti-ets-proofOfApproval" -#define NID_id_smime_cti_ets_proofOfApproval 255 -#define OBJ_id_smime_cti_ets_proofOfApproval OBJ_id_smime_cti,5L - -#define SN_id_smime_cti_ets_proofOfCreation "id-smime-cti-ets-proofOfCreation" -#define NID_id_smime_cti_ets_proofOfCreation 256 -#define OBJ_id_smime_cti_ets_proofOfCreation OBJ_id_smime_cti,6L - -#define LN_friendlyName "friendlyName" -#define NID_friendlyName 156 -#define OBJ_friendlyName OBJ_pkcs9,20L - -#define LN_localKeyID "localKeyID" -#define NID_localKeyID 157 -#define OBJ_localKeyID OBJ_pkcs9,21L - -#define SN_ms_csp_name "CSPName" -#define LN_ms_csp_name "Microsoft CSP Name" -#define NID_ms_csp_name 417 -#define OBJ_ms_csp_name 1L,3L,6L,1L,4L,1L,311L,17L,1L - -#define SN_LocalKeySet "LocalKeySet" -#define LN_LocalKeySet "Microsoft Local Key set" -#define NID_LocalKeySet 856 -#define OBJ_LocalKeySet 1L,3L,6L,1L,4L,1L,311L,17L,2L - -#define OBJ_certTypes OBJ_pkcs9,22L - -#define LN_x509Certificate "x509Certificate" -#define NID_x509Certificate 158 -#define OBJ_x509Certificate OBJ_certTypes,1L - -#define LN_sdsiCertificate "sdsiCertificate" -#define NID_sdsiCertificate 159 -#define OBJ_sdsiCertificate OBJ_certTypes,2L - -#define OBJ_crlTypes OBJ_pkcs9,23L - -#define LN_x509Crl "x509Crl" -#define NID_x509Crl 160 -#define OBJ_x509Crl OBJ_crlTypes,1L - -#define OBJ_pkcs12 OBJ_pkcs,12L - -#define OBJ_pkcs12_pbeids OBJ_pkcs12,1L - -#define SN_pbe_WithSHA1And128BitRC4 "PBE-SHA1-RC4-128" -#define LN_pbe_WithSHA1And128BitRC4 "pbeWithSHA1And128BitRC4" -#define NID_pbe_WithSHA1And128BitRC4 144 -#define OBJ_pbe_WithSHA1And128BitRC4 OBJ_pkcs12_pbeids,1L - -#define SN_pbe_WithSHA1And40BitRC4 "PBE-SHA1-RC4-40" -#define LN_pbe_WithSHA1And40BitRC4 "pbeWithSHA1And40BitRC4" -#define NID_pbe_WithSHA1And40BitRC4 145 -#define OBJ_pbe_WithSHA1And40BitRC4 OBJ_pkcs12_pbeids,2L - -#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC "PBE-SHA1-3DES" -#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC "pbeWithSHA1And3-KeyTripleDES-CBC" -#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 146 -#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC OBJ_pkcs12_pbeids,3L - -#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC "PBE-SHA1-2DES" -#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC "pbeWithSHA1And2-KeyTripleDES-CBC" -#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC 147 -#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC OBJ_pkcs12_pbeids,4L - -#define SN_pbe_WithSHA1And128BitRC2_CBC "PBE-SHA1-RC2-128" -#define LN_pbe_WithSHA1And128BitRC2_CBC "pbeWithSHA1And128BitRC2-CBC" -#define NID_pbe_WithSHA1And128BitRC2_CBC 148 -#define OBJ_pbe_WithSHA1And128BitRC2_CBC OBJ_pkcs12_pbeids,5L - -#define SN_pbe_WithSHA1And40BitRC2_CBC "PBE-SHA1-RC2-40" -#define LN_pbe_WithSHA1And40BitRC2_CBC "pbeWithSHA1And40BitRC2-CBC" -#define NID_pbe_WithSHA1And40BitRC2_CBC 149 -#define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids,6L - -#define OBJ_pkcs12_Version1 OBJ_pkcs12,10L - -#define OBJ_pkcs12_BagIds OBJ_pkcs12_Version1,1L - -#define LN_keyBag "keyBag" -#define NID_keyBag 150 -#define OBJ_keyBag OBJ_pkcs12_BagIds,1L - -#define LN_pkcs8ShroudedKeyBag "pkcs8ShroudedKeyBag" -#define NID_pkcs8ShroudedKeyBag 151 -#define OBJ_pkcs8ShroudedKeyBag OBJ_pkcs12_BagIds,2L - -#define LN_certBag "certBag" -#define NID_certBag 152 -#define OBJ_certBag OBJ_pkcs12_BagIds,3L - -#define LN_crlBag "crlBag" -#define NID_crlBag 153 -#define OBJ_crlBag OBJ_pkcs12_BagIds,4L - -#define LN_secretBag "secretBag" -#define NID_secretBag 154 -#define OBJ_secretBag OBJ_pkcs12_BagIds,5L - -#define LN_safeContentsBag "safeContentsBag" -#define NID_safeContentsBag 155 -#define OBJ_safeContentsBag OBJ_pkcs12_BagIds,6L - -#define SN_md2 "MD2" -#define LN_md2 "md2" -#define NID_md2 3 -#define OBJ_md2 OBJ_rsadsi,2L,2L - -#define SN_md4 "MD4" -#define LN_md4 "md4" -#define NID_md4 257 -#define OBJ_md4 OBJ_rsadsi,2L,4L - -#define SN_md5 "MD5" -#define LN_md5 "md5" -#define NID_md5 4 -#define OBJ_md5 OBJ_rsadsi,2L,5L - -#define SN_md5_sha1 "MD5-SHA1" -#define LN_md5_sha1 "md5-sha1" -#define NID_md5_sha1 114 - -#define LN_hmacWithMD5 "hmacWithMD5" -#define NID_hmacWithMD5 797 -#define OBJ_hmacWithMD5 OBJ_rsadsi,2L,6L - -#define LN_hmacWithSHA1 "hmacWithSHA1" -#define NID_hmacWithSHA1 163 -#define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L - -#define LN_hmacWithSHA224 "hmacWithSHA224" -#define NID_hmacWithSHA224 798 -#define OBJ_hmacWithSHA224 OBJ_rsadsi,2L,8L - -#define LN_hmacWithSHA256 "hmacWithSHA256" -#define NID_hmacWithSHA256 799 -#define OBJ_hmacWithSHA256 OBJ_rsadsi,2L,9L - -#define LN_hmacWithSHA384 "hmacWithSHA384" -#define NID_hmacWithSHA384 800 -#define OBJ_hmacWithSHA384 OBJ_rsadsi,2L,10L - -#define LN_hmacWithSHA512 "hmacWithSHA512" -#define NID_hmacWithSHA512 801 -#define OBJ_hmacWithSHA512 OBJ_rsadsi,2L,11L - -#define SN_rc2_cbc "RC2-CBC" -#define LN_rc2_cbc "rc2-cbc" -#define NID_rc2_cbc 37 -#define OBJ_rc2_cbc OBJ_rsadsi,3L,2L - -#define SN_rc2_ecb "RC2-ECB" -#define LN_rc2_ecb "rc2-ecb" -#define NID_rc2_ecb 38 - -#define SN_rc2_cfb64 "RC2-CFB" -#define LN_rc2_cfb64 "rc2-cfb" -#define NID_rc2_cfb64 39 - -#define SN_rc2_ofb64 "RC2-OFB" -#define LN_rc2_ofb64 "rc2-ofb" -#define NID_rc2_ofb64 40 - -#define SN_rc2_40_cbc "RC2-40-CBC" -#define LN_rc2_40_cbc "rc2-40-cbc" -#define NID_rc2_40_cbc 98 - -#define SN_rc2_64_cbc "RC2-64-CBC" -#define LN_rc2_64_cbc "rc2-64-cbc" -#define NID_rc2_64_cbc 166 - -#define SN_rc4 "RC4" -#define LN_rc4 "rc4" -#define NID_rc4 5 -#define OBJ_rc4 OBJ_rsadsi,3L,4L - -#define SN_rc4_40 "RC4-40" -#define LN_rc4_40 "rc4-40" -#define NID_rc4_40 97 - -#define SN_des_ede3_cbc "DES-EDE3-CBC" -#define LN_des_ede3_cbc "des-ede3-cbc" -#define NID_des_ede3_cbc 44 -#define OBJ_des_ede3_cbc OBJ_rsadsi,3L,7L - -#define SN_rc5_cbc "RC5-CBC" -#define LN_rc5_cbc "rc5-cbc" -#define NID_rc5_cbc 120 -#define OBJ_rc5_cbc OBJ_rsadsi,3L,8L - -#define SN_rc5_ecb "RC5-ECB" -#define LN_rc5_ecb "rc5-ecb" -#define NID_rc5_ecb 121 - -#define SN_rc5_cfb64 "RC5-CFB" -#define LN_rc5_cfb64 "rc5-cfb" -#define NID_rc5_cfb64 122 - -#define SN_rc5_ofb64 "RC5-OFB" -#define LN_rc5_ofb64 "rc5-ofb" -#define NID_rc5_ofb64 123 - -#define SN_ms_ext_req "msExtReq" -#define LN_ms_ext_req "Microsoft Extension Request" -#define NID_ms_ext_req 171 -#define OBJ_ms_ext_req 1L,3L,6L,1L,4L,1L,311L,2L,1L,14L - -#define SN_ms_code_ind "msCodeInd" -#define LN_ms_code_ind "Microsoft Individual Code Signing" -#define NID_ms_code_ind 134 -#define OBJ_ms_code_ind 1L,3L,6L,1L,4L,1L,311L,2L,1L,21L - -#define SN_ms_code_com "msCodeCom" -#define LN_ms_code_com "Microsoft Commercial Code Signing" -#define NID_ms_code_com 135 -#define OBJ_ms_code_com 1L,3L,6L,1L,4L,1L,311L,2L,1L,22L - -#define SN_ms_ctl_sign "msCTLSign" -#define LN_ms_ctl_sign "Microsoft Trust List Signing" -#define NID_ms_ctl_sign 136 -#define OBJ_ms_ctl_sign 1L,3L,6L,1L,4L,1L,311L,10L,3L,1L - -#define SN_ms_sgc "msSGC" -#define LN_ms_sgc "Microsoft Server Gated Crypto" -#define NID_ms_sgc 137 -#define OBJ_ms_sgc 1L,3L,6L,1L,4L,1L,311L,10L,3L,3L - -#define SN_ms_efs "msEFS" -#define LN_ms_efs "Microsoft Encrypted File System" -#define NID_ms_efs 138 -#define OBJ_ms_efs 1L,3L,6L,1L,4L,1L,311L,10L,3L,4L - -#define SN_ms_smartcard_login "msSmartcardLogin" -#define LN_ms_smartcard_login "Microsoft Smartcardlogin" -#define NID_ms_smartcard_login 648 -#define OBJ_ms_smartcard_login 1L,3L,6L,1L,4L,1L,311L,20L,2L,2L - -#define SN_ms_upn "msUPN" -#define LN_ms_upn "Microsoft Universal Principal Name" -#define NID_ms_upn 649 -#define OBJ_ms_upn 1L,3L,6L,1L,4L,1L,311L,20L,2L,3L - -#define SN_idea_cbc "IDEA-CBC" -#define LN_idea_cbc "idea-cbc" -#define NID_idea_cbc 34 -#define OBJ_idea_cbc 1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L - -#define SN_idea_ecb "IDEA-ECB" -#define LN_idea_ecb "idea-ecb" -#define NID_idea_ecb 36 - -#define SN_idea_cfb64 "IDEA-CFB" -#define LN_idea_cfb64 "idea-cfb" -#define NID_idea_cfb64 35 - -#define SN_idea_ofb64 "IDEA-OFB" -#define LN_idea_ofb64 "idea-ofb" -#define NID_idea_ofb64 46 - -#define SN_bf_cbc "BF-CBC" -#define LN_bf_cbc "bf-cbc" -#define NID_bf_cbc 91 -#define OBJ_bf_cbc 1L,3L,6L,1L,4L,1L,3029L,1L,2L - -#define SN_bf_ecb "BF-ECB" -#define LN_bf_ecb "bf-ecb" -#define NID_bf_ecb 92 - -#define SN_bf_cfb64 "BF-CFB" -#define LN_bf_cfb64 "bf-cfb" -#define NID_bf_cfb64 93 - -#define SN_bf_ofb64 "BF-OFB" -#define LN_bf_ofb64 "bf-ofb" -#define NID_bf_ofb64 94 - -#define SN_id_pkix "PKIX" -#define NID_id_pkix 127 -#define OBJ_id_pkix 1L,3L,6L,1L,5L,5L,7L - -#define SN_id_pkix_mod "id-pkix-mod" -#define NID_id_pkix_mod 258 -#define OBJ_id_pkix_mod OBJ_id_pkix,0L - -#define SN_id_pe "id-pe" -#define NID_id_pe 175 -#define OBJ_id_pe OBJ_id_pkix,1L - -#define SN_id_qt "id-qt" -#define NID_id_qt 259 -#define OBJ_id_qt OBJ_id_pkix,2L - -#define SN_id_kp "id-kp" -#define NID_id_kp 128 -#define OBJ_id_kp OBJ_id_pkix,3L - -#define SN_id_it "id-it" -#define NID_id_it 260 -#define OBJ_id_it OBJ_id_pkix,4L - -#define SN_id_pkip "id-pkip" -#define NID_id_pkip 261 -#define OBJ_id_pkip OBJ_id_pkix,5L - -#define SN_id_alg "id-alg" -#define NID_id_alg 262 -#define OBJ_id_alg OBJ_id_pkix,6L - -#define SN_id_cmc "id-cmc" -#define NID_id_cmc 263 -#define OBJ_id_cmc OBJ_id_pkix,7L - -#define SN_id_on "id-on" -#define NID_id_on 264 -#define OBJ_id_on OBJ_id_pkix,8L - -#define SN_id_pda "id-pda" -#define NID_id_pda 265 -#define OBJ_id_pda OBJ_id_pkix,9L - -#define SN_id_aca "id-aca" -#define NID_id_aca 266 -#define OBJ_id_aca OBJ_id_pkix,10L - -#define SN_id_qcs "id-qcs" -#define NID_id_qcs 267 -#define OBJ_id_qcs OBJ_id_pkix,11L - -#define SN_id_cct "id-cct" -#define NID_id_cct 268 -#define OBJ_id_cct OBJ_id_pkix,12L - -#define SN_id_ppl "id-ppl" -#define NID_id_ppl 662 -#define OBJ_id_ppl OBJ_id_pkix,21L - -#define SN_id_ad "id-ad" -#define NID_id_ad 176 -#define OBJ_id_ad OBJ_id_pkix,48L - -#define SN_id_pkix1_explicit_88 "id-pkix1-explicit-88" -#define NID_id_pkix1_explicit_88 269 -#define OBJ_id_pkix1_explicit_88 OBJ_id_pkix_mod,1L - -#define SN_id_pkix1_implicit_88 "id-pkix1-implicit-88" -#define NID_id_pkix1_implicit_88 270 -#define OBJ_id_pkix1_implicit_88 OBJ_id_pkix_mod,2L - -#define SN_id_pkix1_explicit_93 "id-pkix1-explicit-93" -#define NID_id_pkix1_explicit_93 271 -#define OBJ_id_pkix1_explicit_93 OBJ_id_pkix_mod,3L - -#define SN_id_pkix1_implicit_93 "id-pkix1-implicit-93" -#define NID_id_pkix1_implicit_93 272 -#define OBJ_id_pkix1_implicit_93 OBJ_id_pkix_mod,4L - -#define SN_id_mod_crmf "id-mod-crmf" -#define NID_id_mod_crmf 273 -#define OBJ_id_mod_crmf OBJ_id_pkix_mod,5L - -#define SN_id_mod_cmc "id-mod-cmc" -#define NID_id_mod_cmc 274 -#define OBJ_id_mod_cmc OBJ_id_pkix_mod,6L - -#define SN_id_mod_kea_profile_88 "id-mod-kea-profile-88" -#define NID_id_mod_kea_profile_88 275 -#define OBJ_id_mod_kea_profile_88 OBJ_id_pkix_mod,7L - -#define SN_id_mod_kea_profile_93 "id-mod-kea-profile-93" -#define NID_id_mod_kea_profile_93 276 -#define OBJ_id_mod_kea_profile_93 OBJ_id_pkix_mod,8L - -#define SN_id_mod_cmp "id-mod-cmp" -#define NID_id_mod_cmp 277 -#define OBJ_id_mod_cmp OBJ_id_pkix_mod,9L - -#define SN_id_mod_qualified_cert_88 "id-mod-qualified-cert-88" -#define NID_id_mod_qualified_cert_88 278 -#define OBJ_id_mod_qualified_cert_88 OBJ_id_pkix_mod,10L - -#define SN_id_mod_qualified_cert_93 "id-mod-qualified-cert-93" -#define NID_id_mod_qualified_cert_93 279 -#define OBJ_id_mod_qualified_cert_93 OBJ_id_pkix_mod,11L - -#define SN_id_mod_attribute_cert "id-mod-attribute-cert" -#define NID_id_mod_attribute_cert 280 -#define OBJ_id_mod_attribute_cert OBJ_id_pkix_mod,12L - -#define SN_id_mod_timestamp_protocol "id-mod-timestamp-protocol" -#define NID_id_mod_timestamp_protocol 281 -#define OBJ_id_mod_timestamp_protocol OBJ_id_pkix_mod,13L - -#define SN_id_mod_ocsp "id-mod-ocsp" -#define NID_id_mod_ocsp 282 -#define OBJ_id_mod_ocsp OBJ_id_pkix_mod,14L - -#define SN_id_mod_dvcs "id-mod-dvcs" -#define NID_id_mod_dvcs 283 -#define OBJ_id_mod_dvcs OBJ_id_pkix_mod,15L - -#define SN_id_mod_cmp2000 "id-mod-cmp2000" -#define NID_id_mod_cmp2000 284 -#define OBJ_id_mod_cmp2000 OBJ_id_pkix_mod,16L - -#define SN_info_access "authorityInfoAccess" -#define LN_info_access "Authority Information Access" -#define NID_info_access 177 -#define OBJ_info_access OBJ_id_pe,1L - -#define SN_biometricInfo "biometricInfo" -#define LN_biometricInfo "Biometric Info" -#define NID_biometricInfo 285 -#define OBJ_biometricInfo OBJ_id_pe,2L - -#define SN_qcStatements "qcStatements" -#define NID_qcStatements 286 -#define OBJ_qcStatements OBJ_id_pe,3L - -#define SN_ac_auditEntity "ac-auditEntity" -#define NID_ac_auditEntity 287 -#define OBJ_ac_auditEntity OBJ_id_pe,4L - -#define SN_ac_targeting "ac-targeting" -#define NID_ac_targeting 288 -#define OBJ_ac_targeting OBJ_id_pe,5L - -#define SN_aaControls "aaControls" -#define NID_aaControls 289 -#define OBJ_aaControls OBJ_id_pe,6L - -#define SN_sbgp_ipAddrBlock "sbgp-ipAddrBlock" -#define NID_sbgp_ipAddrBlock 290 -#define OBJ_sbgp_ipAddrBlock OBJ_id_pe,7L - -#define SN_sbgp_autonomousSysNum "sbgp-autonomousSysNum" -#define NID_sbgp_autonomousSysNum 291 -#define OBJ_sbgp_autonomousSysNum OBJ_id_pe,8L - -#define SN_sbgp_routerIdentifier "sbgp-routerIdentifier" -#define NID_sbgp_routerIdentifier 292 -#define OBJ_sbgp_routerIdentifier OBJ_id_pe,9L - -#define SN_ac_proxying "ac-proxying" -#define NID_ac_proxying 397 -#define OBJ_ac_proxying OBJ_id_pe,10L - -#define SN_sinfo_access "subjectInfoAccess" -#define LN_sinfo_access "Subject Information Access" -#define NID_sinfo_access 398 -#define OBJ_sinfo_access OBJ_id_pe,11L - -#define SN_proxyCertInfo "proxyCertInfo" -#define LN_proxyCertInfo "Proxy Certificate Information" -#define NID_proxyCertInfo 663 -#define OBJ_proxyCertInfo OBJ_id_pe,14L - -#define SN_id_qt_cps "id-qt-cps" -#define LN_id_qt_cps "Policy Qualifier CPS" -#define NID_id_qt_cps 164 -#define OBJ_id_qt_cps OBJ_id_qt,1L - -#define SN_id_qt_unotice "id-qt-unotice" -#define LN_id_qt_unotice "Policy Qualifier User Notice" -#define NID_id_qt_unotice 165 -#define OBJ_id_qt_unotice OBJ_id_qt,2L - -#define SN_textNotice "textNotice" -#define NID_textNotice 293 -#define OBJ_textNotice OBJ_id_qt,3L - -#define SN_server_auth "serverAuth" -#define LN_server_auth "TLS Web Server Authentication" -#define NID_server_auth 129 -#define OBJ_server_auth OBJ_id_kp,1L - -#define SN_client_auth "clientAuth" -#define LN_client_auth "TLS Web Client Authentication" -#define NID_client_auth 130 -#define OBJ_client_auth OBJ_id_kp,2L - -#define SN_code_sign "codeSigning" -#define LN_code_sign "Code Signing" -#define NID_code_sign 131 -#define OBJ_code_sign OBJ_id_kp,3L - -#define SN_email_protect "emailProtection" -#define LN_email_protect "E-mail Protection" -#define NID_email_protect 132 -#define OBJ_email_protect OBJ_id_kp,4L - -#define SN_ipsecEndSystem "ipsecEndSystem" -#define LN_ipsecEndSystem "IPSec End System" -#define NID_ipsecEndSystem 294 -#define OBJ_ipsecEndSystem OBJ_id_kp,5L - -#define SN_ipsecTunnel "ipsecTunnel" -#define LN_ipsecTunnel "IPSec Tunnel" -#define NID_ipsecTunnel 295 -#define OBJ_ipsecTunnel OBJ_id_kp,6L - -#define SN_ipsecUser "ipsecUser" -#define LN_ipsecUser "IPSec User" -#define NID_ipsecUser 296 -#define OBJ_ipsecUser OBJ_id_kp,7L - -#define SN_time_stamp "timeStamping" -#define LN_time_stamp "Time Stamping" -#define NID_time_stamp 133 -#define OBJ_time_stamp OBJ_id_kp,8L - -#define SN_OCSP_sign "OCSPSigning" -#define LN_OCSP_sign "OCSP Signing" -#define NID_OCSP_sign 180 -#define OBJ_OCSP_sign OBJ_id_kp,9L - -#define SN_dvcs "DVCS" -#define LN_dvcs "dvcs" -#define NID_dvcs 297 -#define OBJ_dvcs OBJ_id_kp,10L - -#define SN_id_it_caProtEncCert "id-it-caProtEncCert" -#define NID_id_it_caProtEncCert 298 -#define OBJ_id_it_caProtEncCert OBJ_id_it,1L - -#define SN_id_it_signKeyPairTypes "id-it-signKeyPairTypes" -#define NID_id_it_signKeyPairTypes 299 -#define OBJ_id_it_signKeyPairTypes OBJ_id_it,2L - -#define SN_id_it_encKeyPairTypes "id-it-encKeyPairTypes" -#define NID_id_it_encKeyPairTypes 300 -#define OBJ_id_it_encKeyPairTypes OBJ_id_it,3L - -#define SN_id_it_preferredSymmAlg "id-it-preferredSymmAlg" -#define NID_id_it_preferredSymmAlg 301 -#define OBJ_id_it_preferredSymmAlg OBJ_id_it,4L - -#define SN_id_it_caKeyUpdateInfo "id-it-caKeyUpdateInfo" -#define NID_id_it_caKeyUpdateInfo 302 -#define OBJ_id_it_caKeyUpdateInfo OBJ_id_it,5L - -#define SN_id_it_currentCRL "id-it-currentCRL" -#define NID_id_it_currentCRL 303 -#define OBJ_id_it_currentCRL OBJ_id_it,6L - -#define SN_id_it_unsupportedOIDs "id-it-unsupportedOIDs" -#define NID_id_it_unsupportedOIDs 304 -#define OBJ_id_it_unsupportedOIDs OBJ_id_it,7L - -#define SN_id_it_subscriptionRequest "id-it-subscriptionRequest" -#define NID_id_it_subscriptionRequest 305 -#define OBJ_id_it_subscriptionRequest OBJ_id_it,8L - -#define SN_id_it_subscriptionResponse "id-it-subscriptionResponse" -#define NID_id_it_subscriptionResponse 306 -#define OBJ_id_it_subscriptionResponse OBJ_id_it,9L - -#define SN_id_it_keyPairParamReq "id-it-keyPairParamReq" -#define NID_id_it_keyPairParamReq 307 -#define OBJ_id_it_keyPairParamReq OBJ_id_it,10L - -#define SN_id_it_keyPairParamRep "id-it-keyPairParamRep" -#define NID_id_it_keyPairParamRep 308 -#define OBJ_id_it_keyPairParamRep OBJ_id_it,11L - -#define SN_id_it_revPassphrase "id-it-revPassphrase" -#define NID_id_it_revPassphrase 309 -#define OBJ_id_it_revPassphrase OBJ_id_it,12L - -#define SN_id_it_implicitConfirm "id-it-implicitConfirm" -#define NID_id_it_implicitConfirm 310 -#define OBJ_id_it_implicitConfirm OBJ_id_it,13L - -#define SN_id_it_confirmWaitTime "id-it-confirmWaitTime" -#define NID_id_it_confirmWaitTime 311 -#define OBJ_id_it_confirmWaitTime OBJ_id_it,14L - -#define SN_id_it_origPKIMessage "id-it-origPKIMessage" -#define NID_id_it_origPKIMessage 312 -#define OBJ_id_it_origPKIMessage OBJ_id_it,15L - -#define SN_id_it_suppLangTags "id-it-suppLangTags" -#define NID_id_it_suppLangTags 784 -#define OBJ_id_it_suppLangTags OBJ_id_it,16L - -#define SN_id_regCtrl "id-regCtrl" -#define NID_id_regCtrl 313 -#define OBJ_id_regCtrl OBJ_id_pkip,1L - -#define SN_id_regInfo "id-regInfo" -#define NID_id_regInfo 314 -#define OBJ_id_regInfo OBJ_id_pkip,2L - -#define SN_id_regCtrl_regToken "id-regCtrl-regToken" -#define NID_id_regCtrl_regToken 315 -#define OBJ_id_regCtrl_regToken OBJ_id_regCtrl,1L - -#define SN_id_regCtrl_authenticator "id-regCtrl-authenticator" -#define NID_id_regCtrl_authenticator 316 -#define OBJ_id_regCtrl_authenticator OBJ_id_regCtrl,2L - -#define SN_id_regCtrl_pkiPublicationInfo "id-regCtrl-pkiPublicationInfo" -#define NID_id_regCtrl_pkiPublicationInfo 317 -#define OBJ_id_regCtrl_pkiPublicationInfo OBJ_id_regCtrl,3L - -#define SN_id_regCtrl_pkiArchiveOptions "id-regCtrl-pkiArchiveOptions" -#define NID_id_regCtrl_pkiArchiveOptions 318 -#define OBJ_id_regCtrl_pkiArchiveOptions OBJ_id_regCtrl,4L - -#define SN_id_regCtrl_oldCertID "id-regCtrl-oldCertID" -#define NID_id_regCtrl_oldCertID 319 -#define OBJ_id_regCtrl_oldCertID OBJ_id_regCtrl,5L - -#define SN_id_regCtrl_protocolEncrKey "id-regCtrl-protocolEncrKey" -#define NID_id_regCtrl_protocolEncrKey 320 -#define OBJ_id_regCtrl_protocolEncrKey OBJ_id_regCtrl,6L - -#define SN_id_regInfo_utf8Pairs "id-regInfo-utf8Pairs" -#define NID_id_regInfo_utf8Pairs 321 -#define OBJ_id_regInfo_utf8Pairs OBJ_id_regInfo,1L - -#define SN_id_regInfo_certReq "id-regInfo-certReq" -#define NID_id_regInfo_certReq 322 -#define OBJ_id_regInfo_certReq OBJ_id_regInfo,2L - -#define SN_id_alg_des40 "id-alg-des40" -#define NID_id_alg_des40 323 -#define OBJ_id_alg_des40 OBJ_id_alg,1L - -#define SN_id_alg_noSignature "id-alg-noSignature" -#define NID_id_alg_noSignature 324 -#define OBJ_id_alg_noSignature OBJ_id_alg,2L - -#define SN_id_alg_dh_sig_hmac_sha1 "id-alg-dh-sig-hmac-sha1" -#define NID_id_alg_dh_sig_hmac_sha1 325 -#define OBJ_id_alg_dh_sig_hmac_sha1 OBJ_id_alg,3L - -#define SN_id_alg_dh_pop "id-alg-dh-pop" -#define NID_id_alg_dh_pop 326 -#define OBJ_id_alg_dh_pop OBJ_id_alg,4L - -#define SN_id_cmc_statusInfo "id-cmc-statusInfo" -#define NID_id_cmc_statusInfo 327 -#define OBJ_id_cmc_statusInfo OBJ_id_cmc,1L - -#define SN_id_cmc_identification "id-cmc-identification" -#define NID_id_cmc_identification 328 -#define OBJ_id_cmc_identification OBJ_id_cmc,2L - -#define SN_id_cmc_identityProof "id-cmc-identityProof" -#define NID_id_cmc_identityProof 329 -#define OBJ_id_cmc_identityProof OBJ_id_cmc,3L - -#define SN_id_cmc_dataReturn "id-cmc-dataReturn" -#define NID_id_cmc_dataReturn 330 -#define OBJ_id_cmc_dataReturn OBJ_id_cmc,4L - -#define SN_id_cmc_transactionId "id-cmc-transactionId" -#define NID_id_cmc_transactionId 331 -#define OBJ_id_cmc_transactionId OBJ_id_cmc,5L - -#define SN_id_cmc_senderNonce "id-cmc-senderNonce" -#define NID_id_cmc_senderNonce 332 -#define OBJ_id_cmc_senderNonce OBJ_id_cmc,6L - -#define SN_id_cmc_recipientNonce "id-cmc-recipientNonce" -#define NID_id_cmc_recipientNonce 333 -#define OBJ_id_cmc_recipientNonce OBJ_id_cmc,7L - -#define SN_id_cmc_addExtensions "id-cmc-addExtensions" -#define NID_id_cmc_addExtensions 334 -#define OBJ_id_cmc_addExtensions OBJ_id_cmc,8L - -#define SN_id_cmc_encryptedPOP "id-cmc-encryptedPOP" -#define NID_id_cmc_encryptedPOP 335 -#define OBJ_id_cmc_encryptedPOP OBJ_id_cmc,9L - -#define SN_id_cmc_decryptedPOP "id-cmc-decryptedPOP" -#define NID_id_cmc_decryptedPOP 336 -#define OBJ_id_cmc_decryptedPOP OBJ_id_cmc,10L - -#define SN_id_cmc_lraPOPWitness "id-cmc-lraPOPWitness" -#define NID_id_cmc_lraPOPWitness 337 -#define OBJ_id_cmc_lraPOPWitness OBJ_id_cmc,11L - -#define SN_id_cmc_getCert "id-cmc-getCert" -#define NID_id_cmc_getCert 338 -#define OBJ_id_cmc_getCert OBJ_id_cmc,15L - -#define SN_id_cmc_getCRL "id-cmc-getCRL" -#define NID_id_cmc_getCRL 339 -#define OBJ_id_cmc_getCRL OBJ_id_cmc,16L - -#define SN_id_cmc_revokeRequest "id-cmc-revokeRequest" -#define NID_id_cmc_revokeRequest 340 -#define OBJ_id_cmc_revokeRequest OBJ_id_cmc,17L - -#define SN_id_cmc_regInfo "id-cmc-regInfo" -#define NID_id_cmc_regInfo 341 -#define OBJ_id_cmc_regInfo OBJ_id_cmc,18L - -#define SN_id_cmc_responseInfo "id-cmc-responseInfo" -#define NID_id_cmc_responseInfo 342 -#define OBJ_id_cmc_responseInfo OBJ_id_cmc,19L - -#define SN_id_cmc_queryPending "id-cmc-queryPending" -#define NID_id_cmc_queryPending 343 -#define OBJ_id_cmc_queryPending OBJ_id_cmc,21L - -#define SN_id_cmc_popLinkRandom "id-cmc-popLinkRandom" -#define NID_id_cmc_popLinkRandom 344 -#define OBJ_id_cmc_popLinkRandom OBJ_id_cmc,22L - -#define SN_id_cmc_popLinkWitness "id-cmc-popLinkWitness" -#define NID_id_cmc_popLinkWitness 345 -#define OBJ_id_cmc_popLinkWitness OBJ_id_cmc,23L - -#define SN_id_cmc_confirmCertAcceptance "id-cmc-confirmCertAcceptance" -#define NID_id_cmc_confirmCertAcceptance 346 -#define OBJ_id_cmc_confirmCertAcceptance OBJ_id_cmc,24L - -#define SN_id_on_personalData "id-on-personalData" -#define NID_id_on_personalData 347 -#define OBJ_id_on_personalData OBJ_id_on,1L - -#define SN_id_on_permanentIdentifier "id-on-permanentIdentifier" -#define LN_id_on_permanentIdentifier "Permanent Identifier" -#define NID_id_on_permanentIdentifier 858 -#define OBJ_id_on_permanentIdentifier OBJ_id_on,3L - -#define SN_id_pda_dateOfBirth "id-pda-dateOfBirth" -#define NID_id_pda_dateOfBirth 348 -#define OBJ_id_pda_dateOfBirth OBJ_id_pda,1L - -#define SN_id_pda_placeOfBirth "id-pda-placeOfBirth" -#define NID_id_pda_placeOfBirth 349 -#define OBJ_id_pda_placeOfBirth OBJ_id_pda,2L - -#define SN_id_pda_gender "id-pda-gender" -#define NID_id_pda_gender 351 -#define OBJ_id_pda_gender OBJ_id_pda,3L - -#define SN_id_pda_countryOfCitizenship "id-pda-countryOfCitizenship" -#define NID_id_pda_countryOfCitizenship 352 -#define OBJ_id_pda_countryOfCitizenship OBJ_id_pda,4L - -#define SN_id_pda_countryOfResidence "id-pda-countryOfResidence" -#define NID_id_pda_countryOfResidence 353 -#define OBJ_id_pda_countryOfResidence OBJ_id_pda,5L - -#define SN_id_aca_authenticationInfo "id-aca-authenticationInfo" -#define NID_id_aca_authenticationInfo 354 -#define OBJ_id_aca_authenticationInfo OBJ_id_aca,1L - -#define SN_id_aca_accessIdentity "id-aca-accessIdentity" -#define NID_id_aca_accessIdentity 355 -#define OBJ_id_aca_accessIdentity OBJ_id_aca,2L - -#define SN_id_aca_chargingIdentity "id-aca-chargingIdentity" -#define NID_id_aca_chargingIdentity 356 -#define OBJ_id_aca_chargingIdentity OBJ_id_aca,3L - -#define SN_id_aca_group "id-aca-group" -#define NID_id_aca_group 357 -#define OBJ_id_aca_group OBJ_id_aca,4L - -#define SN_id_aca_role "id-aca-role" -#define NID_id_aca_role 358 -#define OBJ_id_aca_role OBJ_id_aca,5L - -#define SN_id_aca_encAttrs "id-aca-encAttrs" -#define NID_id_aca_encAttrs 399 -#define OBJ_id_aca_encAttrs OBJ_id_aca,6L - -#define SN_id_qcs_pkixQCSyntax_v1 "id-qcs-pkixQCSyntax-v1" -#define NID_id_qcs_pkixQCSyntax_v1 359 -#define OBJ_id_qcs_pkixQCSyntax_v1 OBJ_id_qcs,1L - -#define SN_id_cct_crs "id-cct-crs" -#define NID_id_cct_crs 360 -#define OBJ_id_cct_crs OBJ_id_cct,1L - -#define SN_id_cct_PKIData "id-cct-PKIData" -#define NID_id_cct_PKIData 361 -#define OBJ_id_cct_PKIData OBJ_id_cct,2L - -#define SN_id_cct_PKIResponse "id-cct-PKIResponse" -#define NID_id_cct_PKIResponse 362 -#define OBJ_id_cct_PKIResponse OBJ_id_cct,3L - -#define SN_id_ppl_anyLanguage "id-ppl-anyLanguage" -#define LN_id_ppl_anyLanguage "Any language" -#define NID_id_ppl_anyLanguage 664 -#define OBJ_id_ppl_anyLanguage OBJ_id_ppl,0L - -#define SN_id_ppl_inheritAll "id-ppl-inheritAll" -#define LN_id_ppl_inheritAll "Inherit all" -#define NID_id_ppl_inheritAll 665 -#define OBJ_id_ppl_inheritAll OBJ_id_ppl,1L - -#define SN_Independent "id-ppl-independent" -#define LN_Independent "Independent" -#define NID_Independent 667 -#define OBJ_Independent OBJ_id_ppl,2L - -#define SN_ad_OCSP "OCSP" -#define LN_ad_OCSP "OCSP" -#define NID_ad_OCSP 178 -#define OBJ_ad_OCSP OBJ_id_ad,1L - -#define SN_ad_ca_issuers "caIssuers" -#define LN_ad_ca_issuers "CA Issuers" -#define NID_ad_ca_issuers 179 -#define OBJ_ad_ca_issuers OBJ_id_ad,2L - -#define SN_ad_timeStamping "ad_timestamping" -#define LN_ad_timeStamping "AD Time Stamping" -#define NID_ad_timeStamping 363 -#define OBJ_ad_timeStamping OBJ_id_ad,3L - -#define SN_ad_dvcs "AD_DVCS" -#define LN_ad_dvcs "ad dvcs" -#define NID_ad_dvcs 364 -#define OBJ_ad_dvcs OBJ_id_ad,4L - -#define SN_caRepository "caRepository" -#define LN_caRepository "CA Repository" -#define NID_caRepository 785 -#define OBJ_caRepository OBJ_id_ad,5L - -#define OBJ_id_pkix_OCSP OBJ_ad_OCSP - -#define SN_id_pkix_OCSP_basic "basicOCSPResponse" -#define LN_id_pkix_OCSP_basic "Basic OCSP Response" -#define NID_id_pkix_OCSP_basic 365 -#define OBJ_id_pkix_OCSP_basic OBJ_id_pkix_OCSP,1L - -#define SN_id_pkix_OCSP_Nonce "Nonce" -#define LN_id_pkix_OCSP_Nonce "OCSP Nonce" -#define NID_id_pkix_OCSP_Nonce 366 -#define OBJ_id_pkix_OCSP_Nonce OBJ_id_pkix_OCSP,2L - -#define SN_id_pkix_OCSP_CrlID "CrlID" -#define LN_id_pkix_OCSP_CrlID "OCSP CRL ID" -#define NID_id_pkix_OCSP_CrlID 367 -#define OBJ_id_pkix_OCSP_CrlID OBJ_id_pkix_OCSP,3L - -#define SN_id_pkix_OCSP_acceptableResponses "acceptableResponses" -#define LN_id_pkix_OCSP_acceptableResponses "Acceptable OCSP Responses" -#define NID_id_pkix_OCSP_acceptableResponses 368 -#define OBJ_id_pkix_OCSP_acceptableResponses OBJ_id_pkix_OCSP,4L - -#define SN_id_pkix_OCSP_noCheck "noCheck" -#define LN_id_pkix_OCSP_noCheck "OCSP No Check" -#define NID_id_pkix_OCSP_noCheck 369 -#define OBJ_id_pkix_OCSP_noCheck OBJ_id_pkix_OCSP,5L - -#define SN_id_pkix_OCSP_archiveCutoff "archiveCutoff" -#define LN_id_pkix_OCSP_archiveCutoff "OCSP Archive Cutoff" -#define NID_id_pkix_OCSP_archiveCutoff 370 -#define OBJ_id_pkix_OCSP_archiveCutoff OBJ_id_pkix_OCSP,6L - -#define SN_id_pkix_OCSP_serviceLocator "serviceLocator" -#define LN_id_pkix_OCSP_serviceLocator "OCSP Service Locator" -#define NID_id_pkix_OCSP_serviceLocator 371 -#define OBJ_id_pkix_OCSP_serviceLocator OBJ_id_pkix_OCSP,7L - -#define SN_id_pkix_OCSP_extendedStatus "extendedStatus" -#define LN_id_pkix_OCSP_extendedStatus "Extended OCSP Status" -#define NID_id_pkix_OCSP_extendedStatus 372 -#define OBJ_id_pkix_OCSP_extendedStatus OBJ_id_pkix_OCSP,8L - -#define SN_id_pkix_OCSP_valid "valid" -#define NID_id_pkix_OCSP_valid 373 -#define OBJ_id_pkix_OCSP_valid OBJ_id_pkix_OCSP,9L - -#define SN_id_pkix_OCSP_path "path" -#define NID_id_pkix_OCSP_path 374 -#define OBJ_id_pkix_OCSP_path OBJ_id_pkix_OCSP,10L - -#define SN_id_pkix_OCSP_trustRoot "trustRoot" -#define LN_id_pkix_OCSP_trustRoot "Trust Root" -#define NID_id_pkix_OCSP_trustRoot 375 -#define OBJ_id_pkix_OCSP_trustRoot OBJ_id_pkix_OCSP,11L - -#define SN_algorithm "algorithm" -#define LN_algorithm "algorithm" -#define NID_algorithm 376 -#define OBJ_algorithm 1L,3L,14L,3L,2L - -#define SN_md5WithRSA "RSA-NP-MD5" -#define LN_md5WithRSA "md5WithRSA" -#define NID_md5WithRSA 104 -#define OBJ_md5WithRSA OBJ_algorithm,3L - -#define SN_des_ecb "DES-ECB" -#define LN_des_ecb "des-ecb" -#define NID_des_ecb 29 -#define OBJ_des_ecb OBJ_algorithm,6L - -#define SN_des_cbc "DES-CBC" -#define LN_des_cbc "des-cbc" -#define NID_des_cbc 31 -#define OBJ_des_cbc OBJ_algorithm,7L - -#define SN_des_ofb64 "DES-OFB" -#define LN_des_ofb64 "des-ofb" -#define NID_des_ofb64 45 -#define OBJ_des_ofb64 OBJ_algorithm,8L - -#define SN_des_cfb64 "DES-CFB" -#define LN_des_cfb64 "des-cfb" -#define NID_des_cfb64 30 -#define OBJ_des_cfb64 OBJ_algorithm,9L - -#define SN_rsaSignature "rsaSignature" -#define NID_rsaSignature 377 -#define OBJ_rsaSignature OBJ_algorithm,11L - -#define SN_dsa_2 "DSA-old" -#define LN_dsa_2 "dsaEncryption-old" -#define NID_dsa_2 67 -#define OBJ_dsa_2 OBJ_algorithm,12L - -#define SN_dsaWithSHA "DSA-SHA" -#define LN_dsaWithSHA "dsaWithSHA" -#define NID_dsaWithSHA 66 -#define OBJ_dsaWithSHA OBJ_algorithm,13L - -#define SN_shaWithRSAEncryption "RSA-SHA" -#define LN_shaWithRSAEncryption "shaWithRSAEncryption" -#define NID_shaWithRSAEncryption 42 -#define OBJ_shaWithRSAEncryption OBJ_algorithm,15L - -#define SN_des_ede_ecb "DES-EDE" -#define LN_des_ede_ecb "des-ede" -#define NID_des_ede_ecb 32 -#define OBJ_des_ede_ecb OBJ_algorithm,17L - -#define SN_des_ede3_ecb "DES-EDE3" -#define LN_des_ede3_ecb "des-ede3" -#define NID_des_ede3_ecb 33 - -#define SN_des_ede_cbc "DES-EDE-CBC" -#define LN_des_ede_cbc "des-ede-cbc" -#define NID_des_ede_cbc 43 - -#define SN_des_ede_cfb64 "DES-EDE-CFB" -#define LN_des_ede_cfb64 "des-ede-cfb" -#define NID_des_ede_cfb64 60 - -#define SN_des_ede3_cfb64 "DES-EDE3-CFB" -#define LN_des_ede3_cfb64 "des-ede3-cfb" -#define NID_des_ede3_cfb64 61 - -#define SN_des_ede_ofb64 "DES-EDE-OFB" -#define LN_des_ede_ofb64 "des-ede-ofb" -#define NID_des_ede_ofb64 62 - -#define SN_des_ede3_ofb64 "DES-EDE3-OFB" -#define LN_des_ede3_ofb64 "des-ede3-ofb" -#define NID_des_ede3_ofb64 63 - -#define SN_desx_cbc "DESX-CBC" -#define LN_desx_cbc "desx-cbc" -#define NID_desx_cbc 80 - -#define SN_sha "SHA" -#define LN_sha "sha" -#define NID_sha 41 -#define OBJ_sha OBJ_algorithm,18L - -#define SN_sha1 "SHA1" -#define LN_sha1 "sha1" -#define NID_sha1 64 -#define OBJ_sha1 OBJ_algorithm,26L - -#define SN_dsaWithSHA1_2 "DSA-SHA1-old" -#define LN_dsaWithSHA1_2 "dsaWithSHA1-old" -#define NID_dsaWithSHA1_2 70 -#define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L - -#define SN_sha1WithRSA "RSA-SHA1-2" -#define LN_sha1WithRSA "sha1WithRSA" -#define NID_sha1WithRSA 115 -#define OBJ_sha1WithRSA OBJ_algorithm,29L - -#define SN_ripemd160 "RIPEMD160" -#define LN_ripemd160 "ripemd160" -#define NID_ripemd160 117 -#define OBJ_ripemd160 1L,3L,36L,3L,2L,1L - -#define SN_ripemd160WithRSA "RSA-RIPEMD160" -#define LN_ripemd160WithRSA "ripemd160WithRSA" -#define NID_ripemd160WithRSA 119 -#define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L - -#define SN_sxnet "SXNetID" -#define LN_sxnet "Strong Extranet ID" -#define NID_sxnet 143 -#define OBJ_sxnet 1L,3L,101L,1L,4L,1L - -#define SN_X500 "X500" -#define LN_X500 "directory services (X.500)" -#define NID_X500 11 -#define OBJ_X500 2L,5L - -#define SN_X509 "X509" -#define NID_X509 12 -#define OBJ_X509 OBJ_X500,4L - -#define SN_commonName "CN" -#define LN_commonName "commonName" -#define NID_commonName 13 -#define OBJ_commonName OBJ_X509,3L - -#define SN_surname "SN" -#define LN_surname "surname" -#define NID_surname 100 -#define OBJ_surname OBJ_X509,4L - -#define LN_serialNumber "serialNumber" -#define NID_serialNumber 105 -#define OBJ_serialNumber OBJ_X509,5L - -#define SN_countryName "C" -#define LN_countryName "countryName" -#define NID_countryName 14 -#define OBJ_countryName OBJ_X509,6L - -#define SN_localityName "L" -#define LN_localityName "localityName" -#define NID_localityName 15 -#define OBJ_localityName OBJ_X509,7L - -#define SN_stateOrProvinceName "ST" -#define LN_stateOrProvinceName "stateOrProvinceName" -#define NID_stateOrProvinceName 16 -#define OBJ_stateOrProvinceName OBJ_X509,8L - -#define SN_streetAddress "street" -#define LN_streetAddress "streetAddress" -#define NID_streetAddress 660 -#define OBJ_streetAddress OBJ_X509,9L - -#define SN_organizationName "O" -#define LN_organizationName "organizationName" -#define NID_organizationName 17 -#define OBJ_organizationName OBJ_X509,10L - -#define SN_organizationalUnitName "OU" -#define LN_organizationalUnitName "organizationalUnitName" -#define NID_organizationalUnitName 18 -#define OBJ_organizationalUnitName OBJ_X509,11L - -#define SN_title "title" -#define LN_title "title" -#define NID_title 106 -#define OBJ_title OBJ_X509,12L - -#define LN_description "description" -#define NID_description 107 -#define OBJ_description OBJ_X509,13L - -#define LN_searchGuide "searchGuide" -#define NID_searchGuide 859 -#define OBJ_searchGuide OBJ_X509,14L - -#define LN_businessCategory "businessCategory" -#define NID_businessCategory 860 -#define OBJ_businessCategory OBJ_X509,15L - -#define LN_postalAddress "postalAddress" -#define NID_postalAddress 861 -#define OBJ_postalAddress OBJ_X509,16L - -#define LN_postalCode "postalCode" -#define NID_postalCode 661 -#define OBJ_postalCode OBJ_X509,17L - -#define LN_postOfficeBox "postOfficeBox" -#define NID_postOfficeBox 862 -#define OBJ_postOfficeBox OBJ_X509,18L - -#define LN_physicalDeliveryOfficeName "physicalDeliveryOfficeName" -#define NID_physicalDeliveryOfficeName 863 -#define OBJ_physicalDeliveryOfficeName OBJ_X509,19L - -#define LN_telephoneNumber "telephoneNumber" -#define NID_telephoneNumber 864 -#define OBJ_telephoneNumber OBJ_X509,20L - -#define LN_telexNumber "telexNumber" -#define NID_telexNumber 865 -#define OBJ_telexNumber OBJ_X509,21L - -#define LN_teletexTerminalIdentifier "teletexTerminalIdentifier" -#define NID_teletexTerminalIdentifier 866 -#define OBJ_teletexTerminalIdentifier OBJ_X509,22L - -#define LN_facsimileTelephoneNumber "facsimileTelephoneNumber" -#define NID_facsimileTelephoneNumber 867 -#define OBJ_facsimileTelephoneNumber OBJ_X509,23L - -#define LN_x121Address "x121Address" -#define NID_x121Address 868 -#define OBJ_x121Address OBJ_X509,24L - -#define LN_internationaliSDNNumber "internationaliSDNNumber" -#define NID_internationaliSDNNumber 869 -#define OBJ_internationaliSDNNumber OBJ_X509,25L - -#define LN_registeredAddress "registeredAddress" -#define NID_registeredAddress 870 -#define OBJ_registeredAddress OBJ_X509,26L - -#define LN_destinationIndicator "destinationIndicator" -#define NID_destinationIndicator 871 -#define OBJ_destinationIndicator OBJ_X509,27L - -#define LN_preferredDeliveryMethod "preferredDeliveryMethod" -#define NID_preferredDeliveryMethod 872 -#define OBJ_preferredDeliveryMethod OBJ_X509,28L - -#define LN_presentationAddress "presentationAddress" -#define NID_presentationAddress 873 -#define OBJ_presentationAddress OBJ_X509,29L - -#define LN_supportedApplicationContext "supportedApplicationContext" -#define NID_supportedApplicationContext 874 -#define OBJ_supportedApplicationContext OBJ_X509,30L - -#define SN_member "member" -#define NID_member 875 -#define OBJ_member OBJ_X509,31L - -#define SN_owner "owner" -#define NID_owner 876 -#define OBJ_owner OBJ_X509,32L - -#define LN_roleOccupant "roleOccupant" -#define NID_roleOccupant 877 -#define OBJ_roleOccupant OBJ_X509,33L - -#define SN_seeAlso "seeAlso" -#define NID_seeAlso 878 -#define OBJ_seeAlso OBJ_X509,34L - -#define LN_userPassword "userPassword" -#define NID_userPassword 879 -#define OBJ_userPassword OBJ_X509,35L - -#define LN_userCertificate "userCertificate" -#define NID_userCertificate 880 -#define OBJ_userCertificate OBJ_X509,36L - -#define LN_cACertificate "cACertificate" -#define NID_cACertificate 881 -#define OBJ_cACertificate OBJ_X509,37L - -#define LN_authorityRevocationList "authorityRevocationList" -#define NID_authorityRevocationList 882 -#define OBJ_authorityRevocationList OBJ_X509,38L - -#define LN_certificateRevocationList "certificateRevocationList" -#define NID_certificateRevocationList 883 -#define OBJ_certificateRevocationList OBJ_X509,39L - -#define LN_crossCertificatePair "crossCertificatePair" -#define NID_crossCertificatePair 884 -#define OBJ_crossCertificatePair OBJ_X509,40L - -#define SN_name "name" -#define LN_name "name" -#define NID_name 173 -#define OBJ_name OBJ_X509,41L - -#define SN_givenName "GN" -#define LN_givenName "givenName" -#define NID_givenName 99 -#define OBJ_givenName OBJ_X509,42L - -#define SN_initials "initials" -#define LN_initials "initials" -#define NID_initials 101 -#define OBJ_initials OBJ_X509,43L - -#define LN_generationQualifier "generationQualifier" -#define NID_generationQualifier 509 -#define OBJ_generationQualifier OBJ_X509,44L - -#define LN_x500UniqueIdentifier "x500UniqueIdentifier" -#define NID_x500UniqueIdentifier 503 -#define OBJ_x500UniqueIdentifier OBJ_X509,45L - -#define SN_dnQualifier "dnQualifier" -#define LN_dnQualifier "dnQualifier" -#define NID_dnQualifier 174 -#define OBJ_dnQualifier OBJ_X509,46L - -#define LN_enhancedSearchGuide "enhancedSearchGuide" -#define NID_enhancedSearchGuide 885 -#define OBJ_enhancedSearchGuide OBJ_X509,47L - -#define LN_protocolInformation "protocolInformation" -#define NID_protocolInformation 886 -#define OBJ_protocolInformation OBJ_X509,48L - -#define LN_distinguishedName "distinguishedName" -#define NID_distinguishedName 887 -#define OBJ_distinguishedName OBJ_X509,49L - -#define LN_uniqueMember "uniqueMember" -#define NID_uniqueMember 888 -#define OBJ_uniqueMember OBJ_X509,50L - -#define LN_houseIdentifier "houseIdentifier" -#define NID_houseIdentifier 889 -#define OBJ_houseIdentifier OBJ_X509,51L - -#define LN_supportedAlgorithms "supportedAlgorithms" -#define NID_supportedAlgorithms 890 -#define OBJ_supportedAlgorithms OBJ_X509,52L - -#define LN_deltaRevocationList "deltaRevocationList" -#define NID_deltaRevocationList 891 -#define OBJ_deltaRevocationList OBJ_X509,53L - -#define SN_dmdName "dmdName" -#define NID_dmdName 892 -#define OBJ_dmdName OBJ_X509,54L - -#define LN_pseudonym "pseudonym" -#define NID_pseudonym 510 -#define OBJ_pseudonym OBJ_X509,65L - -#define SN_role "role" -#define LN_role "role" -#define NID_role 400 -#define OBJ_role OBJ_X509,72L - -#define SN_X500algorithms "X500algorithms" -#define LN_X500algorithms "directory services - algorithms" -#define NID_X500algorithms 378 -#define OBJ_X500algorithms OBJ_X500,8L - -#define SN_rsa "RSA" -#define LN_rsa "rsa" -#define NID_rsa 19 -#define OBJ_rsa OBJ_X500algorithms,1L,1L - -#define SN_mdc2WithRSA "RSA-MDC2" -#define LN_mdc2WithRSA "mdc2WithRSA" -#define NID_mdc2WithRSA 96 -#define OBJ_mdc2WithRSA OBJ_X500algorithms,3L,100L - -#define SN_mdc2 "MDC2" -#define LN_mdc2 "mdc2" -#define NID_mdc2 95 -#define OBJ_mdc2 OBJ_X500algorithms,3L,101L - -#define SN_id_ce "id-ce" -#define NID_id_ce 81 -#define OBJ_id_ce OBJ_X500,29L - -#define SN_subject_directory_attributes "subjectDirectoryAttributes" -#define LN_subject_directory_attributes "X509v3 Subject Directory Attributes" -#define NID_subject_directory_attributes 769 -#define OBJ_subject_directory_attributes OBJ_id_ce,9L - -#define SN_subject_key_identifier "subjectKeyIdentifier" -#define LN_subject_key_identifier "X509v3 Subject Key Identifier" -#define NID_subject_key_identifier 82 -#define OBJ_subject_key_identifier OBJ_id_ce,14L - -#define SN_key_usage "keyUsage" -#define LN_key_usage "X509v3 Key Usage" -#define NID_key_usage 83 -#define OBJ_key_usage OBJ_id_ce,15L - -#define SN_private_key_usage_period "privateKeyUsagePeriod" -#define LN_private_key_usage_period "X509v3 Private Key Usage Period" -#define NID_private_key_usage_period 84 -#define OBJ_private_key_usage_period OBJ_id_ce,16L - -#define SN_subject_alt_name "subjectAltName" -#define LN_subject_alt_name "X509v3 Subject Alternative Name" -#define NID_subject_alt_name 85 -#define OBJ_subject_alt_name OBJ_id_ce,17L - -#define SN_issuer_alt_name "issuerAltName" -#define LN_issuer_alt_name "X509v3 Issuer Alternative Name" -#define NID_issuer_alt_name 86 -#define OBJ_issuer_alt_name OBJ_id_ce,18L - -#define SN_basic_constraints "basicConstraints" -#define LN_basic_constraints "X509v3 Basic Constraints" -#define NID_basic_constraints 87 -#define OBJ_basic_constraints OBJ_id_ce,19L - -#define SN_crl_number "crlNumber" -#define LN_crl_number "X509v3 CRL Number" -#define NID_crl_number 88 -#define OBJ_crl_number OBJ_id_ce,20L - -#define SN_crl_reason "CRLReason" -#define LN_crl_reason "X509v3 CRL Reason Code" -#define NID_crl_reason 141 -#define OBJ_crl_reason OBJ_id_ce,21L - -#define SN_invalidity_date "invalidityDate" -#define LN_invalidity_date "Invalidity Date" -#define NID_invalidity_date 142 -#define OBJ_invalidity_date OBJ_id_ce,24L - -#define SN_delta_crl "deltaCRL" -#define LN_delta_crl "X509v3 Delta CRL Indicator" -#define NID_delta_crl 140 -#define OBJ_delta_crl OBJ_id_ce,27L - -#define SN_issuing_distribution_point "issuingDistributionPoint" -#define LN_issuing_distribution_point "X509v3 Issuing Distribution Point" -#define NID_issuing_distribution_point 770 -#define OBJ_issuing_distribution_point OBJ_id_ce,28L - -#define SN_certificate_issuer "certificateIssuer" -#define LN_certificate_issuer "X509v3 Certificate Issuer" -#define NID_certificate_issuer 771 -#define OBJ_certificate_issuer OBJ_id_ce,29L - -#define SN_name_constraints "nameConstraints" -#define LN_name_constraints "X509v3 Name Constraints" -#define NID_name_constraints 666 -#define OBJ_name_constraints OBJ_id_ce,30L - -#define SN_crl_distribution_points "crlDistributionPoints" -#define LN_crl_distribution_points "X509v3 CRL Distribution Points" -#define NID_crl_distribution_points 103 -#define OBJ_crl_distribution_points OBJ_id_ce,31L - -#define SN_certificate_policies "certificatePolicies" -#define LN_certificate_policies "X509v3 Certificate Policies" -#define NID_certificate_policies 89 -#define OBJ_certificate_policies OBJ_id_ce,32L - -#define SN_any_policy "anyPolicy" -#define LN_any_policy "X509v3 Any Policy" -#define NID_any_policy 746 -#define OBJ_any_policy OBJ_certificate_policies,0L - -#define SN_policy_mappings "policyMappings" -#define LN_policy_mappings "X509v3 Policy Mappings" -#define NID_policy_mappings 747 -#define OBJ_policy_mappings OBJ_id_ce,33L - -#define SN_authority_key_identifier "authorityKeyIdentifier" -#define LN_authority_key_identifier "X509v3 Authority Key Identifier" -#define NID_authority_key_identifier 90 -#define OBJ_authority_key_identifier OBJ_id_ce,35L - -#define SN_policy_constraints "policyConstraints" -#define LN_policy_constraints "X509v3 Policy Constraints" -#define NID_policy_constraints 401 -#define OBJ_policy_constraints OBJ_id_ce,36L - -#define SN_ext_key_usage "extendedKeyUsage" -#define LN_ext_key_usage "X509v3 Extended Key Usage" -#define NID_ext_key_usage 126 -#define OBJ_ext_key_usage OBJ_id_ce,37L - -#define SN_freshest_crl "freshestCRL" -#define LN_freshest_crl "X509v3 Freshest CRL" -#define NID_freshest_crl 857 -#define OBJ_freshest_crl OBJ_id_ce,46L - -#define SN_inhibit_any_policy "inhibitAnyPolicy" -#define LN_inhibit_any_policy "X509v3 Inhibit Any Policy" -#define NID_inhibit_any_policy 748 -#define OBJ_inhibit_any_policy OBJ_id_ce,54L - -#define SN_target_information "targetInformation" -#define LN_target_information "X509v3 AC Targeting" -#define NID_target_information 402 -#define OBJ_target_information OBJ_id_ce,55L - -#define SN_no_rev_avail "noRevAvail" -#define LN_no_rev_avail "X509v3 No Revocation Available" -#define NID_no_rev_avail 403 -#define OBJ_no_rev_avail OBJ_id_ce,56L - -#define SN_anyExtendedKeyUsage "anyExtendedKeyUsage" -#define LN_anyExtendedKeyUsage "Any Extended Key Usage" -#define NID_anyExtendedKeyUsage 910 -#define OBJ_anyExtendedKeyUsage OBJ_ext_key_usage,0L - -#define SN_netscape "Netscape" -#define LN_netscape "Netscape Communications Corp." -#define NID_netscape 57 -#define OBJ_netscape 2L,16L,840L,1L,113730L - -#define SN_netscape_cert_extension "nsCertExt" -#define LN_netscape_cert_extension "Netscape Certificate Extension" -#define NID_netscape_cert_extension 58 -#define OBJ_netscape_cert_extension OBJ_netscape,1L - -#define SN_netscape_data_type "nsDataType" -#define LN_netscape_data_type "Netscape Data Type" -#define NID_netscape_data_type 59 -#define OBJ_netscape_data_type OBJ_netscape,2L - -#define SN_netscape_cert_type "nsCertType" -#define LN_netscape_cert_type "Netscape Cert Type" -#define NID_netscape_cert_type 71 -#define OBJ_netscape_cert_type OBJ_netscape_cert_extension,1L - -#define SN_netscape_base_url "nsBaseUrl" -#define LN_netscape_base_url "Netscape Base Url" -#define NID_netscape_base_url 72 -#define OBJ_netscape_base_url OBJ_netscape_cert_extension,2L - -#define SN_netscape_revocation_url "nsRevocationUrl" -#define LN_netscape_revocation_url "Netscape Revocation Url" -#define NID_netscape_revocation_url 73 -#define OBJ_netscape_revocation_url OBJ_netscape_cert_extension,3L - -#define SN_netscape_ca_revocation_url "nsCaRevocationUrl" -#define LN_netscape_ca_revocation_url "Netscape CA Revocation Url" -#define NID_netscape_ca_revocation_url 74 -#define OBJ_netscape_ca_revocation_url OBJ_netscape_cert_extension,4L - -#define SN_netscape_renewal_url "nsRenewalUrl" -#define LN_netscape_renewal_url "Netscape Renewal Url" -#define NID_netscape_renewal_url 75 -#define OBJ_netscape_renewal_url OBJ_netscape_cert_extension,7L - -#define SN_netscape_ca_policy_url "nsCaPolicyUrl" -#define LN_netscape_ca_policy_url "Netscape CA Policy Url" -#define NID_netscape_ca_policy_url 76 -#define OBJ_netscape_ca_policy_url OBJ_netscape_cert_extension,8L - -#define SN_netscape_ssl_server_name "nsSslServerName" -#define LN_netscape_ssl_server_name "Netscape SSL Server Name" -#define NID_netscape_ssl_server_name 77 -#define OBJ_netscape_ssl_server_name OBJ_netscape_cert_extension,12L - -#define SN_netscape_comment "nsComment" -#define LN_netscape_comment "Netscape Comment" -#define NID_netscape_comment 78 -#define OBJ_netscape_comment OBJ_netscape_cert_extension,13L - -#define SN_netscape_cert_sequence "nsCertSequence" -#define LN_netscape_cert_sequence "Netscape Certificate Sequence" -#define NID_netscape_cert_sequence 79 -#define OBJ_netscape_cert_sequence OBJ_netscape_data_type,5L - -#define SN_ns_sgc "nsSGC" -#define LN_ns_sgc "Netscape Server Gated Crypto" -#define NID_ns_sgc 139 -#define OBJ_ns_sgc OBJ_netscape,4L,1L - -#define SN_org "ORG" -#define LN_org "org" -#define NID_org 379 -#define OBJ_org OBJ_iso,3L - -#define SN_dod "DOD" -#define LN_dod "dod" -#define NID_dod 380 -#define OBJ_dod OBJ_org,6L - -#define SN_iana "IANA" -#define LN_iana "iana" -#define NID_iana 381 -#define OBJ_iana OBJ_dod,1L - -#define OBJ_internet OBJ_iana - -#define SN_Directory "directory" -#define LN_Directory "Directory" -#define NID_Directory 382 -#define OBJ_Directory OBJ_internet,1L - -#define SN_Management "mgmt" -#define LN_Management "Management" -#define NID_Management 383 -#define OBJ_Management OBJ_internet,2L - -#define SN_Experimental "experimental" -#define LN_Experimental "Experimental" -#define NID_Experimental 384 -#define OBJ_Experimental OBJ_internet,3L - -#define SN_Private "private" -#define LN_Private "Private" -#define NID_Private 385 -#define OBJ_Private OBJ_internet,4L - -#define SN_Security "security" -#define LN_Security "Security" -#define NID_Security 386 -#define OBJ_Security OBJ_internet,5L - -#define SN_SNMPv2 "snmpv2" -#define LN_SNMPv2 "SNMPv2" -#define NID_SNMPv2 387 -#define OBJ_SNMPv2 OBJ_internet,6L - -#define LN_Mail "Mail" -#define NID_Mail 388 -#define OBJ_Mail OBJ_internet,7L - -#define SN_Enterprises "enterprises" -#define LN_Enterprises "Enterprises" -#define NID_Enterprises 389 -#define OBJ_Enterprises OBJ_Private,1L - -#define SN_dcObject "dcobject" -#define LN_dcObject "dcObject" -#define NID_dcObject 390 -#define OBJ_dcObject OBJ_Enterprises,1466L,344L - -#define SN_mime_mhs "mime-mhs" -#define LN_mime_mhs "MIME MHS" -#define NID_mime_mhs 504 -#define OBJ_mime_mhs OBJ_Mail,1L - -#define SN_mime_mhs_headings "mime-mhs-headings" -#define LN_mime_mhs_headings "mime-mhs-headings" -#define NID_mime_mhs_headings 505 -#define OBJ_mime_mhs_headings OBJ_mime_mhs,1L - -#define SN_mime_mhs_bodies "mime-mhs-bodies" -#define LN_mime_mhs_bodies "mime-mhs-bodies" -#define NID_mime_mhs_bodies 506 -#define OBJ_mime_mhs_bodies OBJ_mime_mhs,2L - -#define SN_id_hex_partial_message "id-hex-partial-message" -#define LN_id_hex_partial_message "id-hex-partial-message" -#define NID_id_hex_partial_message 507 -#define OBJ_id_hex_partial_message OBJ_mime_mhs_headings,1L - -#define SN_id_hex_multipart_message "id-hex-multipart-message" -#define LN_id_hex_multipart_message "id-hex-multipart-message" -#define NID_id_hex_multipart_message 508 -#define OBJ_id_hex_multipart_message OBJ_mime_mhs_headings,2L - -#define SN_zlib_compression "ZLIB" -#define LN_zlib_compression "zlib compression" -#define NID_zlib_compression 125 -#define OBJ_zlib_compression OBJ_id_smime_alg,8L - -#define OBJ_csor 2L,16L,840L,1L,101L,3L - -#define OBJ_nistAlgorithms OBJ_csor,4L - -#define OBJ_aes OBJ_nistAlgorithms,1L - -#define SN_aes_128_ecb "AES-128-ECB" -#define LN_aes_128_ecb "aes-128-ecb" -#define NID_aes_128_ecb 418 -#define OBJ_aes_128_ecb OBJ_aes,1L - -#define SN_aes_128_cbc "AES-128-CBC" -#define LN_aes_128_cbc "aes-128-cbc" -#define NID_aes_128_cbc 419 -#define OBJ_aes_128_cbc OBJ_aes,2L - -#define SN_aes_128_ofb128 "AES-128-OFB" -#define LN_aes_128_ofb128 "aes-128-ofb" -#define NID_aes_128_ofb128 420 -#define OBJ_aes_128_ofb128 OBJ_aes,3L - -#define SN_aes_128_cfb128 "AES-128-CFB" -#define LN_aes_128_cfb128 "aes-128-cfb" -#define NID_aes_128_cfb128 421 -#define OBJ_aes_128_cfb128 OBJ_aes,4L - -#define SN_id_aes128_wrap "id-aes128-wrap" -#define NID_id_aes128_wrap 788 -#define OBJ_id_aes128_wrap OBJ_aes,5L - -#define SN_aes_128_gcm "id-aes128-GCM" -#define LN_aes_128_gcm "aes-128-gcm" -#define NID_aes_128_gcm 895 -#define OBJ_aes_128_gcm OBJ_aes,6L - -#define SN_aes_128_ccm "id-aes128-CCM" -#define LN_aes_128_ccm "aes-128-ccm" -#define NID_aes_128_ccm 896 -#define OBJ_aes_128_ccm OBJ_aes,7L - -#define SN_id_aes128_wrap_pad "id-aes128-wrap-pad" -#define NID_id_aes128_wrap_pad 897 -#define OBJ_id_aes128_wrap_pad OBJ_aes,8L - -#define SN_aes_192_ecb "AES-192-ECB" -#define LN_aes_192_ecb "aes-192-ecb" -#define NID_aes_192_ecb 422 -#define OBJ_aes_192_ecb OBJ_aes,21L - -#define SN_aes_192_cbc "AES-192-CBC" -#define LN_aes_192_cbc "aes-192-cbc" -#define NID_aes_192_cbc 423 -#define OBJ_aes_192_cbc OBJ_aes,22L - -#define SN_aes_192_ofb128 "AES-192-OFB" -#define LN_aes_192_ofb128 "aes-192-ofb" -#define NID_aes_192_ofb128 424 -#define OBJ_aes_192_ofb128 OBJ_aes,23L - -#define SN_aes_192_cfb128 "AES-192-CFB" -#define LN_aes_192_cfb128 "aes-192-cfb" -#define NID_aes_192_cfb128 425 -#define OBJ_aes_192_cfb128 OBJ_aes,24L - -#define SN_id_aes192_wrap "id-aes192-wrap" -#define NID_id_aes192_wrap 789 -#define OBJ_id_aes192_wrap OBJ_aes,25L - -#define SN_aes_192_gcm "id-aes192-GCM" -#define LN_aes_192_gcm "aes-192-gcm" -#define NID_aes_192_gcm 898 -#define OBJ_aes_192_gcm OBJ_aes,26L - -#define SN_aes_192_ccm "id-aes192-CCM" -#define LN_aes_192_ccm "aes-192-ccm" -#define NID_aes_192_ccm 899 -#define OBJ_aes_192_ccm OBJ_aes,27L - -#define SN_id_aes192_wrap_pad "id-aes192-wrap-pad" -#define NID_id_aes192_wrap_pad 900 -#define OBJ_id_aes192_wrap_pad OBJ_aes,28L - -#define SN_aes_256_ecb "AES-256-ECB" -#define LN_aes_256_ecb "aes-256-ecb" -#define NID_aes_256_ecb 426 -#define OBJ_aes_256_ecb OBJ_aes,41L - -#define SN_aes_256_cbc "AES-256-CBC" -#define LN_aes_256_cbc "aes-256-cbc" -#define NID_aes_256_cbc 427 -#define OBJ_aes_256_cbc OBJ_aes,42L - -#define SN_aes_256_ofb128 "AES-256-OFB" -#define LN_aes_256_ofb128 "aes-256-ofb" -#define NID_aes_256_ofb128 428 -#define OBJ_aes_256_ofb128 OBJ_aes,43L - -#define SN_aes_256_cfb128 "AES-256-CFB" -#define LN_aes_256_cfb128 "aes-256-cfb" -#define NID_aes_256_cfb128 429 -#define OBJ_aes_256_cfb128 OBJ_aes,44L - -#define SN_id_aes256_wrap "id-aes256-wrap" -#define NID_id_aes256_wrap 790 -#define OBJ_id_aes256_wrap OBJ_aes,45L - -#define SN_aes_256_gcm "id-aes256-GCM" -#define LN_aes_256_gcm "aes-256-gcm" -#define NID_aes_256_gcm 901 -#define OBJ_aes_256_gcm OBJ_aes,46L - -#define SN_aes_256_ccm "id-aes256-CCM" -#define LN_aes_256_ccm "aes-256-ccm" -#define NID_aes_256_ccm 902 -#define OBJ_aes_256_ccm OBJ_aes,47L - -#define SN_id_aes256_wrap_pad "id-aes256-wrap-pad" -#define NID_id_aes256_wrap_pad 903 -#define OBJ_id_aes256_wrap_pad OBJ_aes,48L - -#define SN_aes_128_cfb1 "AES-128-CFB1" -#define LN_aes_128_cfb1 "aes-128-cfb1" -#define NID_aes_128_cfb1 650 - -#define SN_aes_192_cfb1 "AES-192-CFB1" -#define LN_aes_192_cfb1 "aes-192-cfb1" -#define NID_aes_192_cfb1 651 - -#define SN_aes_256_cfb1 "AES-256-CFB1" -#define LN_aes_256_cfb1 "aes-256-cfb1" -#define NID_aes_256_cfb1 652 - -#define SN_aes_128_cfb8 "AES-128-CFB8" -#define LN_aes_128_cfb8 "aes-128-cfb8" -#define NID_aes_128_cfb8 653 - -#define SN_aes_192_cfb8 "AES-192-CFB8" -#define LN_aes_192_cfb8 "aes-192-cfb8" -#define NID_aes_192_cfb8 654 - -#define SN_aes_256_cfb8 "AES-256-CFB8" -#define LN_aes_256_cfb8 "aes-256-cfb8" -#define NID_aes_256_cfb8 655 - -#define SN_aes_128_ctr "AES-128-CTR" -#define LN_aes_128_ctr "aes-128-ctr" -#define NID_aes_128_ctr 904 - -#define SN_aes_192_ctr "AES-192-CTR" -#define LN_aes_192_ctr "aes-192-ctr" -#define NID_aes_192_ctr 905 - -#define SN_aes_256_ctr "AES-256-CTR" -#define LN_aes_256_ctr "aes-256-ctr" -#define NID_aes_256_ctr 906 - -#define SN_aes_128_xts "AES-128-XTS" -#define LN_aes_128_xts "aes-128-xts" -#define NID_aes_128_xts 913 - -#define SN_aes_256_xts "AES-256-XTS" -#define LN_aes_256_xts "aes-256-xts" -#define NID_aes_256_xts 914 - -#define SN_des_cfb1 "DES-CFB1" -#define LN_des_cfb1 "des-cfb1" -#define NID_des_cfb1 656 - -#define SN_des_cfb8 "DES-CFB8" -#define LN_des_cfb8 "des-cfb8" -#define NID_des_cfb8 657 - -#define SN_des_ede3_cfb1 "DES-EDE3-CFB1" -#define LN_des_ede3_cfb1 "des-ede3-cfb1" -#define NID_des_ede3_cfb1 658 - -#define SN_des_ede3_cfb8 "DES-EDE3-CFB8" -#define LN_des_ede3_cfb8 "des-ede3-cfb8" -#define NID_des_ede3_cfb8 659 - -#define OBJ_nist_hashalgs OBJ_nistAlgorithms,2L - -#define SN_sha256 "SHA256" -#define LN_sha256 "sha256" -#define NID_sha256 672 -#define OBJ_sha256 OBJ_nist_hashalgs,1L - -#define SN_sha384 "SHA384" -#define LN_sha384 "sha384" -#define NID_sha384 673 -#define OBJ_sha384 OBJ_nist_hashalgs,2L - -#define SN_sha512 "SHA512" -#define LN_sha512 "sha512" -#define NID_sha512 674 -#define OBJ_sha512 OBJ_nist_hashalgs,3L - -#define SN_sha224 "SHA224" -#define LN_sha224 "sha224" -#define NID_sha224 675 -#define OBJ_sha224 OBJ_nist_hashalgs,4L - -#define OBJ_dsa_with_sha2 OBJ_nistAlgorithms,3L - -#define SN_dsa_with_SHA224 "dsa_with_SHA224" -#define NID_dsa_with_SHA224 802 -#define OBJ_dsa_with_SHA224 OBJ_dsa_with_sha2,1L - -#define SN_dsa_with_SHA256 "dsa_with_SHA256" -#define NID_dsa_with_SHA256 803 -#define OBJ_dsa_with_SHA256 OBJ_dsa_with_sha2,2L - -#define SN_hold_instruction_code "holdInstructionCode" -#define LN_hold_instruction_code "Hold Instruction Code" -#define NID_hold_instruction_code 430 -#define OBJ_hold_instruction_code OBJ_id_ce,23L - -#define OBJ_holdInstruction OBJ_X9_57,2L - -#define SN_hold_instruction_none "holdInstructionNone" -#define LN_hold_instruction_none "Hold Instruction None" -#define NID_hold_instruction_none 431 -#define OBJ_hold_instruction_none OBJ_holdInstruction,1L - -#define SN_hold_instruction_call_issuer "holdInstructionCallIssuer" -#define LN_hold_instruction_call_issuer "Hold Instruction Call Issuer" -#define NID_hold_instruction_call_issuer 432 -#define OBJ_hold_instruction_call_issuer OBJ_holdInstruction,2L - -#define SN_hold_instruction_reject "holdInstructionReject" -#define LN_hold_instruction_reject "Hold Instruction Reject" -#define NID_hold_instruction_reject 433 -#define OBJ_hold_instruction_reject OBJ_holdInstruction,3L - -#define SN_data "data" -#define NID_data 434 -#define OBJ_data OBJ_itu_t,9L - -#define SN_pss "pss" -#define NID_pss 435 -#define OBJ_pss OBJ_data,2342L - -#define SN_ucl "ucl" -#define NID_ucl 436 -#define OBJ_ucl OBJ_pss,19200300L - -#define SN_pilot "pilot" -#define NID_pilot 437 -#define OBJ_pilot OBJ_ucl,100L - -#define LN_pilotAttributeType "pilotAttributeType" -#define NID_pilotAttributeType 438 -#define OBJ_pilotAttributeType OBJ_pilot,1L - -#define LN_pilotAttributeSyntax "pilotAttributeSyntax" -#define NID_pilotAttributeSyntax 439 -#define OBJ_pilotAttributeSyntax OBJ_pilot,3L - -#define LN_pilotObjectClass "pilotObjectClass" -#define NID_pilotObjectClass 440 -#define OBJ_pilotObjectClass OBJ_pilot,4L - -#define LN_pilotGroups "pilotGroups" -#define NID_pilotGroups 441 -#define OBJ_pilotGroups OBJ_pilot,10L - -#define LN_iA5StringSyntax "iA5StringSyntax" -#define NID_iA5StringSyntax 442 -#define OBJ_iA5StringSyntax OBJ_pilotAttributeSyntax,4L - -#define LN_caseIgnoreIA5StringSyntax "caseIgnoreIA5StringSyntax" -#define NID_caseIgnoreIA5StringSyntax 443 -#define OBJ_caseIgnoreIA5StringSyntax OBJ_pilotAttributeSyntax,5L - -#define LN_pilotObject "pilotObject" -#define NID_pilotObject 444 -#define OBJ_pilotObject OBJ_pilotObjectClass,3L - -#define LN_pilotPerson "pilotPerson" -#define NID_pilotPerson 445 -#define OBJ_pilotPerson OBJ_pilotObjectClass,4L - -#define SN_account "account" -#define NID_account 446 -#define OBJ_account OBJ_pilotObjectClass,5L - -#define SN_document "document" -#define NID_document 447 -#define OBJ_document OBJ_pilotObjectClass,6L - -#define SN_room "room" -#define NID_room 448 -#define OBJ_room OBJ_pilotObjectClass,7L - -#define LN_documentSeries "documentSeries" -#define NID_documentSeries 449 -#define OBJ_documentSeries OBJ_pilotObjectClass,9L - -#define SN_Domain "domain" -#define LN_Domain "Domain" -#define NID_Domain 392 -#define OBJ_Domain OBJ_pilotObjectClass,13L - -#define LN_rFC822localPart "rFC822localPart" -#define NID_rFC822localPart 450 -#define OBJ_rFC822localPart OBJ_pilotObjectClass,14L - -#define LN_dNSDomain "dNSDomain" -#define NID_dNSDomain 451 -#define OBJ_dNSDomain OBJ_pilotObjectClass,15L - -#define LN_domainRelatedObject "domainRelatedObject" -#define NID_domainRelatedObject 452 -#define OBJ_domainRelatedObject OBJ_pilotObjectClass,17L - -#define LN_friendlyCountry "friendlyCountry" -#define NID_friendlyCountry 453 -#define OBJ_friendlyCountry OBJ_pilotObjectClass,18L - -#define LN_simpleSecurityObject "simpleSecurityObject" -#define NID_simpleSecurityObject 454 -#define OBJ_simpleSecurityObject OBJ_pilotObjectClass,19L - -#define LN_pilotOrganization "pilotOrganization" -#define NID_pilotOrganization 455 -#define OBJ_pilotOrganization OBJ_pilotObjectClass,20L - -#define LN_pilotDSA "pilotDSA" -#define NID_pilotDSA 456 -#define OBJ_pilotDSA OBJ_pilotObjectClass,21L - -#define LN_qualityLabelledData "qualityLabelledData" -#define NID_qualityLabelledData 457 -#define OBJ_qualityLabelledData OBJ_pilotObjectClass,22L - -#define SN_userId "UID" -#define LN_userId "userId" -#define NID_userId 458 -#define OBJ_userId OBJ_pilotAttributeType,1L - -#define LN_textEncodedORAddress "textEncodedORAddress" -#define NID_textEncodedORAddress 459 -#define OBJ_textEncodedORAddress OBJ_pilotAttributeType,2L - -#define SN_rfc822Mailbox "mail" -#define LN_rfc822Mailbox "rfc822Mailbox" -#define NID_rfc822Mailbox 460 -#define OBJ_rfc822Mailbox OBJ_pilotAttributeType,3L - -#define SN_info "info" -#define NID_info 461 -#define OBJ_info OBJ_pilotAttributeType,4L - -#define LN_favouriteDrink "favouriteDrink" -#define NID_favouriteDrink 462 -#define OBJ_favouriteDrink OBJ_pilotAttributeType,5L - -#define LN_roomNumber "roomNumber" -#define NID_roomNumber 463 -#define OBJ_roomNumber OBJ_pilotAttributeType,6L - -#define SN_photo "photo" -#define NID_photo 464 -#define OBJ_photo OBJ_pilotAttributeType,7L - -#define LN_userClass "userClass" -#define NID_userClass 465 -#define OBJ_userClass OBJ_pilotAttributeType,8L - -#define SN_host "host" -#define NID_host 466 -#define OBJ_host OBJ_pilotAttributeType,9L - -#define SN_manager "manager" -#define NID_manager 467 -#define OBJ_manager OBJ_pilotAttributeType,10L - -#define LN_documentIdentifier "documentIdentifier" -#define NID_documentIdentifier 468 -#define OBJ_documentIdentifier OBJ_pilotAttributeType,11L - -#define LN_documentTitle "documentTitle" -#define NID_documentTitle 469 -#define OBJ_documentTitle OBJ_pilotAttributeType,12L - -#define LN_documentVersion "documentVersion" -#define NID_documentVersion 470 -#define OBJ_documentVersion OBJ_pilotAttributeType,13L - -#define LN_documentAuthor "documentAuthor" -#define NID_documentAuthor 471 -#define OBJ_documentAuthor OBJ_pilotAttributeType,14L - -#define LN_documentLocation "documentLocation" -#define NID_documentLocation 472 -#define OBJ_documentLocation OBJ_pilotAttributeType,15L - -#define LN_homeTelephoneNumber "homeTelephoneNumber" -#define NID_homeTelephoneNumber 473 -#define OBJ_homeTelephoneNumber OBJ_pilotAttributeType,20L - -#define SN_secretary "secretary" -#define NID_secretary 474 -#define OBJ_secretary OBJ_pilotAttributeType,21L - -#define LN_otherMailbox "otherMailbox" -#define NID_otherMailbox 475 -#define OBJ_otherMailbox OBJ_pilotAttributeType,22L - -#define LN_lastModifiedTime "lastModifiedTime" -#define NID_lastModifiedTime 476 -#define OBJ_lastModifiedTime OBJ_pilotAttributeType,23L - -#define LN_lastModifiedBy "lastModifiedBy" -#define NID_lastModifiedBy 477 -#define OBJ_lastModifiedBy OBJ_pilotAttributeType,24L - -#define SN_domainComponent "DC" -#define LN_domainComponent "domainComponent" -#define NID_domainComponent 391 -#define OBJ_domainComponent OBJ_pilotAttributeType,25L - -#define LN_aRecord "aRecord" -#define NID_aRecord 478 -#define OBJ_aRecord OBJ_pilotAttributeType,26L - -#define LN_pilotAttributeType27 "pilotAttributeType27" -#define NID_pilotAttributeType27 479 -#define OBJ_pilotAttributeType27 OBJ_pilotAttributeType,27L - -#define LN_mXRecord "mXRecord" -#define NID_mXRecord 480 -#define OBJ_mXRecord OBJ_pilotAttributeType,28L - -#define LN_nSRecord "nSRecord" -#define NID_nSRecord 481 -#define OBJ_nSRecord OBJ_pilotAttributeType,29L - -#define LN_sOARecord "sOARecord" -#define NID_sOARecord 482 -#define OBJ_sOARecord OBJ_pilotAttributeType,30L - -#define LN_cNAMERecord "cNAMERecord" -#define NID_cNAMERecord 483 -#define OBJ_cNAMERecord OBJ_pilotAttributeType,31L - -#define LN_associatedDomain "associatedDomain" -#define NID_associatedDomain 484 -#define OBJ_associatedDomain OBJ_pilotAttributeType,37L - -#define LN_associatedName "associatedName" -#define NID_associatedName 485 -#define OBJ_associatedName OBJ_pilotAttributeType,38L - -#define LN_homePostalAddress "homePostalAddress" -#define NID_homePostalAddress 486 -#define OBJ_homePostalAddress OBJ_pilotAttributeType,39L - -#define LN_personalTitle "personalTitle" -#define NID_personalTitle 487 -#define OBJ_personalTitle OBJ_pilotAttributeType,40L - -#define LN_mobileTelephoneNumber "mobileTelephoneNumber" -#define NID_mobileTelephoneNumber 488 -#define OBJ_mobileTelephoneNumber OBJ_pilotAttributeType,41L - -#define LN_pagerTelephoneNumber "pagerTelephoneNumber" -#define NID_pagerTelephoneNumber 489 -#define OBJ_pagerTelephoneNumber OBJ_pilotAttributeType,42L - -#define LN_friendlyCountryName "friendlyCountryName" -#define NID_friendlyCountryName 490 -#define OBJ_friendlyCountryName OBJ_pilotAttributeType,43L - -#define LN_organizationalStatus "organizationalStatus" -#define NID_organizationalStatus 491 -#define OBJ_organizationalStatus OBJ_pilotAttributeType,45L - -#define LN_janetMailbox "janetMailbox" -#define NID_janetMailbox 492 -#define OBJ_janetMailbox OBJ_pilotAttributeType,46L - -#define LN_mailPreferenceOption "mailPreferenceOption" -#define NID_mailPreferenceOption 493 -#define OBJ_mailPreferenceOption OBJ_pilotAttributeType,47L - -#define LN_buildingName "buildingName" -#define NID_buildingName 494 -#define OBJ_buildingName OBJ_pilotAttributeType,48L - -#define LN_dSAQuality "dSAQuality" -#define NID_dSAQuality 495 -#define OBJ_dSAQuality OBJ_pilotAttributeType,49L - -#define LN_singleLevelQuality "singleLevelQuality" -#define NID_singleLevelQuality 496 -#define OBJ_singleLevelQuality OBJ_pilotAttributeType,50L - -#define LN_subtreeMinimumQuality "subtreeMinimumQuality" -#define NID_subtreeMinimumQuality 497 -#define OBJ_subtreeMinimumQuality OBJ_pilotAttributeType,51L - -#define LN_subtreeMaximumQuality "subtreeMaximumQuality" -#define NID_subtreeMaximumQuality 498 -#define OBJ_subtreeMaximumQuality OBJ_pilotAttributeType,52L - -#define LN_personalSignature "personalSignature" -#define NID_personalSignature 499 -#define OBJ_personalSignature OBJ_pilotAttributeType,53L - -#define LN_dITRedirect "dITRedirect" -#define NID_dITRedirect 500 -#define OBJ_dITRedirect OBJ_pilotAttributeType,54L - -#define SN_audio "audio" -#define NID_audio 501 -#define OBJ_audio OBJ_pilotAttributeType,55L - -#define LN_documentPublisher "documentPublisher" -#define NID_documentPublisher 502 -#define OBJ_documentPublisher OBJ_pilotAttributeType,56L - -#define SN_id_set "id-set" -#define LN_id_set "Secure Electronic Transactions" -#define NID_id_set 512 -#define OBJ_id_set OBJ_international_organizations,42L - -#define SN_set_ctype "set-ctype" -#define LN_set_ctype "content types" -#define NID_set_ctype 513 -#define OBJ_set_ctype OBJ_id_set,0L - -#define SN_set_msgExt "set-msgExt" -#define LN_set_msgExt "message extensions" -#define NID_set_msgExt 514 -#define OBJ_set_msgExt OBJ_id_set,1L - -#define SN_set_attr "set-attr" -#define NID_set_attr 515 -#define OBJ_set_attr OBJ_id_set,3L - -#define SN_set_policy "set-policy" -#define NID_set_policy 516 -#define OBJ_set_policy OBJ_id_set,5L - -#define SN_set_certExt "set-certExt" -#define LN_set_certExt "certificate extensions" -#define NID_set_certExt 517 -#define OBJ_set_certExt OBJ_id_set,7L - -#define SN_set_brand "set-brand" -#define NID_set_brand 518 -#define OBJ_set_brand OBJ_id_set,8L - -#define SN_setct_PANData "setct-PANData" -#define NID_setct_PANData 519 -#define OBJ_setct_PANData OBJ_set_ctype,0L - -#define SN_setct_PANToken "setct-PANToken" -#define NID_setct_PANToken 520 -#define OBJ_setct_PANToken OBJ_set_ctype,1L - -#define SN_setct_PANOnly "setct-PANOnly" -#define NID_setct_PANOnly 521 -#define OBJ_setct_PANOnly OBJ_set_ctype,2L - -#define SN_setct_OIData "setct-OIData" -#define NID_setct_OIData 522 -#define OBJ_setct_OIData OBJ_set_ctype,3L - -#define SN_setct_PI "setct-PI" -#define NID_setct_PI 523 -#define OBJ_setct_PI OBJ_set_ctype,4L - -#define SN_setct_PIData "setct-PIData" -#define NID_setct_PIData 524 -#define OBJ_setct_PIData OBJ_set_ctype,5L - -#define SN_setct_PIDataUnsigned "setct-PIDataUnsigned" -#define NID_setct_PIDataUnsigned 525 -#define OBJ_setct_PIDataUnsigned OBJ_set_ctype,6L - -#define SN_setct_HODInput "setct-HODInput" -#define NID_setct_HODInput 526 -#define OBJ_setct_HODInput OBJ_set_ctype,7L - -#define SN_setct_AuthResBaggage "setct-AuthResBaggage" -#define NID_setct_AuthResBaggage 527 -#define OBJ_setct_AuthResBaggage OBJ_set_ctype,8L - -#define SN_setct_AuthRevReqBaggage "setct-AuthRevReqBaggage" -#define NID_setct_AuthRevReqBaggage 528 -#define OBJ_setct_AuthRevReqBaggage OBJ_set_ctype,9L - -#define SN_setct_AuthRevResBaggage "setct-AuthRevResBaggage" -#define NID_setct_AuthRevResBaggage 529 -#define OBJ_setct_AuthRevResBaggage OBJ_set_ctype,10L - -#define SN_setct_CapTokenSeq "setct-CapTokenSeq" -#define NID_setct_CapTokenSeq 530 -#define OBJ_setct_CapTokenSeq OBJ_set_ctype,11L - -#define SN_setct_PInitResData "setct-PInitResData" -#define NID_setct_PInitResData 531 -#define OBJ_setct_PInitResData OBJ_set_ctype,12L - -#define SN_setct_PI_TBS "setct-PI-TBS" -#define NID_setct_PI_TBS 532 -#define OBJ_setct_PI_TBS OBJ_set_ctype,13L - -#define SN_setct_PResData "setct-PResData" -#define NID_setct_PResData 533 -#define OBJ_setct_PResData OBJ_set_ctype,14L - -#define SN_setct_AuthReqTBS "setct-AuthReqTBS" -#define NID_setct_AuthReqTBS 534 -#define OBJ_setct_AuthReqTBS OBJ_set_ctype,16L - -#define SN_setct_AuthResTBS "setct-AuthResTBS" -#define NID_setct_AuthResTBS 535 -#define OBJ_setct_AuthResTBS OBJ_set_ctype,17L - -#define SN_setct_AuthResTBSX "setct-AuthResTBSX" -#define NID_setct_AuthResTBSX 536 -#define OBJ_setct_AuthResTBSX OBJ_set_ctype,18L - -#define SN_setct_AuthTokenTBS "setct-AuthTokenTBS" -#define NID_setct_AuthTokenTBS 537 -#define OBJ_setct_AuthTokenTBS OBJ_set_ctype,19L - -#define SN_setct_CapTokenData "setct-CapTokenData" -#define NID_setct_CapTokenData 538 -#define OBJ_setct_CapTokenData OBJ_set_ctype,20L - -#define SN_setct_CapTokenTBS "setct-CapTokenTBS" -#define NID_setct_CapTokenTBS 539 -#define OBJ_setct_CapTokenTBS OBJ_set_ctype,21L - -#define SN_setct_AcqCardCodeMsg "setct-AcqCardCodeMsg" -#define NID_setct_AcqCardCodeMsg 540 -#define OBJ_setct_AcqCardCodeMsg OBJ_set_ctype,22L - -#define SN_setct_AuthRevReqTBS "setct-AuthRevReqTBS" -#define NID_setct_AuthRevReqTBS 541 -#define OBJ_setct_AuthRevReqTBS OBJ_set_ctype,23L - -#define SN_setct_AuthRevResData "setct-AuthRevResData" -#define NID_setct_AuthRevResData 542 -#define OBJ_setct_AuthRevResData OBJ_set_ctype,24L - -#define SN_setct_AuthRevResTBS "setct-AuthRevResTBS" -#define NID_setct_AuthRevResTBS 543 -#define OBJ_setct_AuthRevResTBS OBJ_set_ctype,25L - -#define SN_setct_CapReqTBS "setct-CapReqTBS" -#define NID_setct_CapReqTBS 544 -#define OBJ_setct_CapReqTBS OBJ_set_ctype,26L - -#define SN_setct_CapReqTBSX "setct-CapReqTBSX" -#define NID_setct_CapReqTBSX 545 -#define OBJ_setct_CapReqTBSX OBJ_set_ctype,27L - -#define SN_setct_CapResData "setct-CapResData" -#define NID_setct_CapResData 546 -#define OBJ_setct_CapResData OBJ_set_ctype,28L - -#define SN_setct_CapRevReqTBS "setct-CapRevReqTBS" -#define NID_setct_CapRevReqTBS 547 -#define OBJ_setct_CapRevReqTBS OBJ_set_ctype,29L - -#define SN_setct_CapRevReqTBSX "setct-CapRevReqTBSX" -#define NID_setct_CapRevReqTBSX 548 -#define OBJ_setct_CapRevReqTBSX OBJ_set_ctype,30L - -#define SN_setct_CapRevResData "setct-CapRevResData" -#define NID_setct_CapRevResData 549 -#define OBJ_setct_CapRevResData OBJ_set_ctype,31L - -#define SN_setct_CredReqTBS "setct-CredReqTBS" -#define NID_setct_CredReqTBS 550 -#define OBJ_setct_CredReqTBS OBJ_set_ctype,32L - -#define SN_setct_CredReqTBSX "setct-CredReqTBSX" -#define NID_setct_CredReqTBSX 551 -#define OBJ_setct_CredReqTBSX OBJ_set_ctype,33L - -#define SN_setct_CredResData "setct-CredResData" -#define NID_setct_CredResData 552 -#define OBJ_setct_CredResData OBJ_set_ctype,34L - -#define SN_setct_CredRevReqTBS "setct-CredRevReqTBS" -#define NID_setct_CredRevReqTBS 553 -#define OBJ_setct_CredRevReqTBS OBJ_set_ctype,35L - -#define SN_setct_CredRevReqTBSX "setct-CredRevReqTBSX" -#define NID_setct_CredRevReqTBSX 554 -#define OBJ_setct_CredRevReqTBSX OBJ_set_ctype,36L - -#define SN_setct_CredRevResData "setct-CredRevResData" -#define NID_setct_CredRevResData 555 -#define OBJ_setct_CredRevResData OBJ_set_ctype,37L - -#define SN_setct_PCertReqData "setct-PCertReqData" -#define NID_setct_PCertReqData 556 -#define OBJ_setct_PCertReqData OBJ_set_ctype,38L - -#define SN_setct_PCertResTBS "setct-PCertResTBS" -#define NID_setct_PCertResTBS 557 -#define OBJ_setct_PCertResTBS OBJ_set_ctype,39L - -#define SN_setct_BatchAdminReqData "setct-BatchAdminReqData" -#define NID_setct_BatchAdminReqData 558 -#define OBJ_setct_BatchAdminReqData OBJ_set_ctype,40L - -#define SN_setct_BatchAdminResData "setct-BatchAdminResData" -#define NID_setct_BatchAdminResData 559 -#define OBJ_setct_BatchAdminResData OBJ_set_ctype,41L - -#define SN_setct_CardCInitResTBS "setct-CardCInitResTBS" -#define NID_setct_CardCInitResTBS 560 -#define OBJ_setct_CardCInitResTBS OBJ_set_ctype,42L - -#define SN_setct_MeAqCInitResTBS "setct-MeAqCInitResTBS" -#define NID_setct_MeAqCInitResTBS 561 -#define OBJ_setct_MeAqCInitResTBS OBJ_set_ctype,43L - -#define SN_setct_RegFormResTBS "setct-RegFormResTBS" -#define NID_setct_RegFormResTBS 562 -#define OBJ_setct_RegFormResTBS OBJ_set_ctype,44L - -#define SN_setct_CertReqData "setct-CertReqData" -#define NID_setct_CertReqData 563 -#define OBJ_setct_CertReqData OBJ_set_ctype,45L - -#define SN_setct_CertReqTBS "setct-CertReqTBS" -#define NID_setct_CertReqTBS 564 -#define OBJ_setct_CertReqTBS OBJ_set_ctype,46L - -#define SN_setct_CertResData "setct-CertResData" -#define NID_setct_CertResData 565 -#define OBJ_setct_CertResData OBJ_set_ctype,47L - -#define SN_setct_CertInqReqTBS "setct-CertInqReqTBS" -#define NID_setct_CertInqReqTBS 566 -#define OBJ_setct_CertInqReqTBS OBJ_set_ctype,48L - -#define SN_setct_ErrorTBS "setct-ErrorTBS" -#define NID_setct_ErrorTBS 567 -#define OBJ_setct_ErrorTBS OBJ_set_ctype,49L - -#define SN_setct_PIDualSignedTBE "setct-PIDualSignedTBE" -#define NID_setct_PIDualSignedTBE 568 -#define OBJ_setct_PIDualSignedTBE OBJ_set_ctype,50L - -#define SN_setct_PIUnsignedTBE "setct-PIUnsignedTBE" -#define NID_setct_PIUnsignedTBE 569 -#define OBJ_setct_PIUnsignedTBE OBJ_set_ctype,51L - -#define SN_setct_AuthReqTBE "setct-AuthReqTBE" -#define NID_setct_AuthReqTBE 570 -#define OBJ_setct_AuthReqTBE OBJ_set_ctype,52L - -#define SN_setct_AuthResTBE "setct-AuthResTBE" -#define NID_setct_AuthResTBE 571 -#define OBJ_setct_AuthResTBE OBJ_set_ctype,53L - -#define SN_setct_AuthResTBEX "setct-AuthResTBEX" -#define NID_setct_AuthResTBEX 572 -#define OBJ_setct_AuthResTBEX OBJ_set_ctype,54L - -#define SN_setct_AuthTokenTBE "setct-AuthTokenTBE" -#define NID_setct_AuthTokenTBE 573 -#define OBJ_setct_AuthTokenTBE OBJ_set_ctype,55L - -#define SN_setct_CapTokenTBE "setct-CapTokenTBE" -#define NID_setct_CapTokenTBE 574 -#define OBJ_setct_CapTokenTBE OBJ_set_ctype,56L - -#define SN_setct_CapTokenTBEX "setct-CapTokenTBEX" -#define NID_setct_CapTokenTBEX 575 -#define OBJ_setct_CapTokenTBEX OBJ_set_ctype,57L - -#define SN_setct_AcqCardCodeMsgTBE "setct-AcqCardCodeMsgTBE" -#define NID_setct_AcqCardCodeMsgTBE 576 -#define OBJ_setct_AcqCardCodeMsgTBE OBJ_set_ctype,58L - -#define SN_setct_AuthRevReqTBE "setct-AuthRevReqTBE" -#define NID_setct_AuthRevReqTBE 577 -#define OBJ_setct_AuthRevReqTBE OBJ_set_ctype,59L - -#define SN_setct_AuthRevResTBE "setct-AuthRevResTBE" -#define NID_setct_AuthRevResTBE 578 -#define OBJ_setct_AuthRevResTBE OBJ_set_ctype,60L - -#define SN_setct_AuthRevResTBEB "setct-AuthRevResTBEB" -#define NID_setct_AuthRevResTBEB 579 -#define OBJ_setct_AuthRevResTBEB OBJ_set_ctype,61L - -#define SN_setct_CapReqTBE "setct-CapReqTBE" -#define NID_setct_CapReqTBE 580 -#define OBJ_setct_CapReqTBE OBJ_set_ctype,62L - -#define SN_setct_CapReqTBEX "setct-CapReqTBEX" -#define NID_setct_CapReqTBEX 581 -#define OBJ_setct_CapReqTBEX OBJ_set_ctype,63L - -#define SN_setct_CapResTBE "setct-CapResTBE" -#define NID_setct_CapResTBE 582 -#define OBJ_setct_CapResTBE OBJ_set_ctype,64L - -#define SN_setct_CapRevReqTBE "setct-CapRevReqTBE" -#define NID_setct_CapRevReqTBE 583 -#define OBJ_setct_CapRevReqTBE OBJ_set_ctype,65L - -#define SN_setct_CapRevReqTBEX "setct-CapRevReqTBEX" -#define NID_setct_CapRevReqTBEX 584 -#define OBJ_setct_CapRevReqTBEX OBJ_set_ctype,66L - -#define SN_setct_CapRevResTBE "setct-CapRevResTBE" -#define NID_setct_CapRevResTBE 585 -#define OBJ_setct_CapRevResTBE OBJ_set_ctype,67L - -#define SN_setct_CredReqTBE "setct-CredReqTBE" -#define NID_setct_CredReqTBE 586 -#define OBJ_setct_CredReqTBE OBJ_set_ctype,68L - -#define SN_setct_CredReqTBEX "setct-CredReqTBEX" -#define NID_setct_CredReqTBEX 587 -#define OBJ_setct_CredReqTBEX OBJ_set_ctype,69L - -#define SN_setct_CredResTBE "setct-CredResTBE" -#define NID_setct_CredResTBE 588 -#define OBJ_setct_CredResTBE OBJ_set_ctype,70L - -#define SN_setct_CredRevReqTBE "setct-CredRevReqTBE" -#define NID_setct_CredRevReqTBE 589 -#define OBJ_setct_CredRevReqTBE OBJ_set_ctype,71L - -#define SN_setct_CredRevReqTBEX "setct-CredRevReqTBEX" -#define NID_setct_CredRevReqTBEX 590 -#define OBJ_setct_CredRevReqTBEX OBJ_set_ctype,72L - -#define SN_setct_CredRevResTBE "setct-CredRevResTBE" -#define NID_setct_CredRevResTBE 591 -#define OBJ_setct_CredRevResTBE OBJ_set_ctype,73L - -#define SN_setct_BatchAdminReqTBE "setct-BatchAdminReqTBE" -#define NID_setct_BatchAdminReqTBE 592 -#define OBJ_setct_BatchAdminReqTBE OBJ_set_ctype,74L - -#define SN_setct_BatchAdminResTBE "setct-BatchAdminResTBE" -#define NID_setct_BatchAdminResTBE 593 -#define OBJ_setct_BatchAdminResTBE OBJ_set_ctype,75L - -#define SN_setct_RegFormReqTBE "setct-RegFormReqTBE" -#define NID_setct_RegFormReqTBE 594 -#define OBJ_setct_RegFormReqTBE OBJ_set_ctype,76L - -#define SN_setct_CertReqTBE "setct-CertReqTBE" -#define NID_setct_CertReqTBE 595 -#define OBJ_setct_CertReqTBE OBJ_set_ctype,77L - -#define SN_setct_CertReqTBEX "setct-CertReqTBEX" -#define NID_setct_CertReqTBEX 596 -#define OBJ_setct_CertReqTBEX OBJ_set_ctype,78L - -#define SN_setct_CertResTBE "setct-CertResTBE" -#define NID_setct_CertResTBE 597 -#define OBJ_setct_CertResTBE OBJ_set_ctype,79L - -#define SN_setct_CRLNotificationTBS "setct-CRLNotificationTBS" -#define NID_setct_CRLNotificationTBS 598 -#define OBJ_setct_CRLNotificationTBS OBJ_set_ctype,80L - -#define SN_setct_CRLNotificationResTBS "setct-CRLNotificationResTBS" -#define NID_setct_CRLNotificationResTBS 599 -#define OBJ_setct_CRLNotificationResTBS OBJ_set_ctype,81L - -#define SN_setct_BCIDistributionTBS "setct-BCIDistributionTBS" -#define NID_setct_BCIDistributionTBS 600 -#define OBJ_setct_BCIDistributionTBS OBJ_set_ctype,82L - -#define SN_setext_genCrypt "setext-genCrypt" -#define LN_setext_genCrypt "generic cryptogram" -#define NID_setext_genCrypt 601 -#define OBJ_setext_genCrypt OBJ_set_msgExt,1L - -#define SN_setext_miAuth "setext-miAuth" -#define LN_setext_miAuth "merchant initiated auth" -#define NID_setext_miAuth 602 -#define OBJ_setext_miAuth OBJ_set_msgExt,3L - -#define SN_setext_pinSecure "setext-pinSecure" -#define NID_setext_pinSecure 603 -#define OBJ_setext_pinSecure OBJ_set_msgExt,4L - -#define SN_setext_pinAny "setext-pinAny" -#define NID_setext_pinAny 604 -#define OBJ_setext_pinAny OBJ_set_msgExt,5L - -#define SN_setext_track2 "setext-track2" -#define NID_setext_track2 605 -#define OBJ_setext_track2 OBJ_set_msgExt,7L - -#define SN_setext_cv "setext-cv" -#define LN_setext_cv "additional verification" -#define NID_setext_cv 606 -#define OBJ_setext_cv OBJ_set_msgExt,8L - -#define SN_set_policy_root "set-policy-root" -#define NID_set_policy_root 607 -#define OBJ_set_policy_root OBJ_set_policy,0L - -#define SN_setCext_hashedRoot "setCext-hashedRoot" -#define NID_setCext_hashedRoot 608 -#define OBJ_setCext_hashedRoot OBJ_set_certExt,0L - -#define SN_setCext_certType "setCext-certType" -#define NID_setCext_certType 609 -#define OBJ_setCext_certType OBJ_set_certExt,1L - -#define SN_setCext_merchData "setCext-merchData" -#define NID_setCext_merchData 610 -#define OBJ_setCext_merchData OBJ_set_certExt,2L - -#define SN_setCext_cCertRequired "setCext-cCertRequired" -#define NID_setCext_cCertRequired 611 -#define OBJ_setCext_cCertRequired OBJ_set_certExt,3L - -#define SN_setCext_tunneling "setCext-tunneling" -#define NID_setCext_tunneling 612 -#define OBJ_setCext_tunneling OBJ_set_certExt,4L - -#define SN_setCext_setExt "setCext-setExt" -#define NID_setCext_setExt 613 -#define OBJ_setCext_setExt OBJ_set_certExt,5L - -#define SN_setCext_setQualf "setCext-setQualf" -#define NID_setCext_setQualf 614 -#define OBJ_setCext_setQualf OBJ_set_certExt,6L - -#define SN_setCext_PGWYcapabilities "setCext-PGWYcapabilities" -#define NID_setCext_PGWYcapabilities 615 -#define OBJ_setCext_PGWYcapabilities OBJ_set_certExt,7L - -#define SN_setCext_TokenIdentifier "setCext-TokenIdentifier" -#define NID_setCext_TokenIdentifier 616 -#define OBJ_setCext_TokenIdentifier OBJ_set_certExt,8L - -#define SN_setCext_Track2Data "setCext-Track2Data" -#define NID_setCext_Track2Data 617 -#define OBJ_setCext_Track2Data OBJ_set_certExt,9L - -#define SN_setCext_TokenType "setCext-TokenType" -#define NID_setCext_TokenType 618 -#define OBJ_setCext_TokenType OBJ_set_certExt,10L - -#define SN_setCext_IssuerCapabilities "setCext-IssuerCapabilities" -#define NID_setCext_IssuerCapabilities 619 -#define OBJ_setCext_IssuerCapabilities OBJ_set_certExt,11L - -#define SN_setAttr_Cert "setAttr-Cert" -#define NID_setAttr_Cert 620 -#define OBJ_setAttr_Cert OBJ_set_attr,0L - -#define SN_setAttr_PGWYcap "setAttr-PGWYcap" -#define LN_setAttr_PGWYcap "payment gateway capabilities" -#define NID_setAttr_PGWYcap 621 -#define OBJ_setAttr_PGWYcap OBJ_set_attr,1L - -#define SN_setAttr_TokenType "setAttr-TokenType" -#define NID_setAttr_TokenType 622 -#define OBJ_setAttr_TokenType OBJ_set_attr,2L - -#define SN_setAttr_IssCap "setAttr-IssCap" -#define LN_setAttr_IssCap "issuer capabilities" -#define NID_setAttr_IssCap 623 -#define OBJ_setAttr_IssCap OBJ_set_attr,3L - -#define SN_set_rootKeyThumb "set-rootKeyThumb" -#define NID_set_rootKeyThumb 624 -#define OBJ_set_rootKeyThumb OBJ_setAttr_Cert,0L - -#define SN_set_addPolicy "set-addPolicy" -#define NID_set_addPolicy 625 -#define OBJ_set_addPolicy OBJ_setAttr_Cert,1L - -#define SN_setAttr_Token_EMV "setAttr-Token-EMV" -#define NID_setAttr_Token_EMV 626 -#define OBJ_setAttr_Token_EMV OBJ_setAttr_TokenType,1L - -#define SN_setAttr_Token_B0Prime "setAttr-Token-B0Prime" -#define NID_setAttr_Token_B0Prime 627 -#define OBJ_setAttr_Token_B0Prime OBJ_setAttr_TokenType,2L - -#define SN_setAttr_IssCap_CVM "setAttr-IssCap-CVM" -#define NID_setAttr_IssCap_CVM 628 -#define OBJ_setAttr_IssCap_CVM OBJ_setAttr_IssCap,3L - -#define SN_setAttr_IssCap_T2 "setAttr-IssCap-T2" -#define NID_setAttr_IssCap_T2 629 -#define OBJ_setAttr_IssCap_T2 OBJ_setAttr_IssCap,4L - -#define SN_setAttr_IssCap_Sig "setAttr-IssCap-Sig" -#define NID_setAttr_IssCap_Sig 630 -#define OBJ_setAttr_IssCap_Sig OBJ_setAttr_IssCap,5L - -#define SN_setAttr_GenCryptgrm "setAttr-GenCryptgrm" -#define LN_setAttr_GenCryptgrm "generate cryptogram" -#define NID_setAttr_GenCryptgrm 631 -#define OBJ_setAttr_GenCryptgrm OBJ_setAttr_IssCap_CVM,1L - -#define SN_setAttr_T2Enc "setAttr-T2Enc" -#define LN_setAttr_T2Enc "encrypted track 2" -#define NID_setAttr_T2Enc 632 -#define OBJ_setAttr_T2Enc OBJ_setAttr_IssCap_T2,1L - -#define SN_setAttr_T2cleartxt "setAttr-T2cleartxt" -#define LN_setAttr_T2cleartxt "cleartext track 2" -#define NID_setAttr_T2cleartxt 633 -#define OBJ_setAttr_T2cleartxt OBJ_setAttr_IssCap_T2,2L - -#define SN_setAttr_TokICCsig "setAttr-TokICCsig" -#define LN_setAttr_TokICCsig "ICC or token signature" -#define NID_setAttr_TokICCsig 634 -#define OBJ_setAttr_TokICCsig OBJ_setAttr_IssCap_Sig,1L - -#define SN_setAttr_SecDevSig "setAttr-SecDevSig" -#define LN_setAttr_SecDevSig "secure device signature" -#define NID_setAttr_SecDevSig 635 -#define OBJ_setAttr_SecDevSig OBJ_setAttr_IssCap_Sig,2L - -#define SN_set_brand_IATA_ATA "set-brand-IATA-ATA" -#define NID_set_brand_IATA_ATA 636 -#define OBJ_set_brand_IATA_ATA OBJ_set_brand,1L - -#define SN_set_brand_Diners "set-brand-Diners" -#define NID_set_brand_Diners 637 -#define OBJ_set_brand_Diners OBJ_set_brand,30L - -#define SN_set_brand_AmericanExpress "set-brand-AmericanExpress" -#define NID_set_brand_AmericanExpress 638 -#define OBJ_set_brand_AmericanExpress OBJ_set_brand,34L - -#define SN_set_brand_JCB "set-brand-JCB" -#define NID_set_brand_JCB 639 -#define OBJ_set_brand_JCB OBJ_set_brand,35L - -#define SN_set_brand_Visa "set-brand-Visa" -#define NID_set_brand_Visa 640 -#define OBJ_set_brand_Visa OBJ_set_brand,4L - -#define SN_set_brand_MasterCard "set-brand-MasterCard" -#define NID_set_brand_MasterCard 641 -#define OBJ_set_brand_MasterCard OBJ_set_brand,5L - -#define SN_set_brand_Novus "set-brand-Novus" -#define NID_set_brand_Novus 642 -#define OBJ_set_brand_Novus OBJ_set_brand,6011L - -#define SN_des_cdmf "DES-CDMF" -#define LN_des_cdmf "des-cdmf" -#define NID_des_cdmf 643 -#define OBJ_des_cdmf OBJ_rsadsi,3L,10L - -#define SN_rsaOAEPEncryptionSET "rsaOAEPEncryptionSET" -#define NID_rsaOAEPEncryptionSET 644 -#define OBJ_rsaOAEPEncryptionSET OBJ_rsadsi,1L,1L,6L - -#define SN_ipsec3 "Oakley-EC2N-3" -#define LN_ipsec3 "ipsec3" -#define NID_ipsec3 749 - -#define SN_ipsec4 "Oakley-EC2N-4" -#define LN_ipsec4 "ipsec4" -#define NID_ipsec4 750 - -#define SN_whirlpool "whirlpool" -#define NID_whirlpool 804 -#define OBJ_whirlpool OBJ_iso,0L,10118L,3L,0L,55L - -#define SN_cryptopro "cryptopro" -#define NID_cryptopro 805 -#define OBJ_cryptopro OBJ_member_body,643L,2L,2L - -#define SN_cryptocom "cryptocom" -#define NID_cryptocom 806 -#define OBJ_cryptocom OBJ_member_body,643L,2L,9L - -#define SN_id_GostR3411_94_with_GostR3410_2001 "id-GostR3411-94-with-GostR3410-2001" -#define LN_id_GostR3411_94_with_GostR3410_2001 "GOST R 34.11-94 with GOST R 34.10-2001" -#define NID_id_GostR3411_94_with_GostR3410_2001 807 -#define OBJ_id_GostR3411_94_with_GostR3410_2001 OBJ_cryptopro,3L - -#define SN_id_GostR3411_94_with_GostR3410_94 "id-GostR3411-94-with-GostR3410-94" -#define LN_id_GostR3411_94_with_GostR3410_94 "GOST R 34.11-94 with GOST R 34.10-94" -#define NID_id_GostR3411_94_with_GostR3410_94 808 -#define OBJ_id_GostR3411_94_with_GostR3410_94 OBJ_cryptopro,4L - -#define SN_id_GostR3411_94 "md_gost94" -#define LN_id_GostR3411_94 "GOST R 34.11-94" -#define NID_id_GostR3411_94 809 -#define OBJ_id_GostR3411_94 OBJ_cryptopro,9L - -#define SN_id_HMACGostR3411_94 "id-HMACGostR3411-94" -#define LN_id_HMACGostR3411_94 "HMAC GOST 34.11-94" -#define NID_id_HMACGostR3411_94 810 -#define OBJ_id_HMACGostR3411_94 OBJ_cryptopro,10L - -#define SN_id_GostR3410_2001 "gost2001" -#define LN_id_GostR3410_2001 "GOST R 34.10-2001" -#define NID_id_GostR3410_2001 811 -#define OBJ_id_GostR3410_2001 OBJ_cryptopro,19L - -#define SN_id_GostR3410_94 "gost94" -#define LN_id_GostR3410_94 "GOST R 34.10-94" -#define NID_id_GostR3410_94 812 -#define OBJ_id_GostR3410_94 OBJ_cryptopro,20L - -#define SN_id_Gost28147_89 "gost89" -#define LN_id_Gost28147_89 "GOST 28147-89" -#define NID_id_Gost28147_89 813 -#define OBJ_id_Gost28147_89 OBJ_cryptopro,21L - -#define SN_gost89_cnt "gost89-cnt" -#define NID_gost89_cnt 814 - -#define SN_id_Gost28147_89_MAC "gost-mac" -#define LN_id_Gost28147_89_MAC "GOST 28147-89 MAC" -#define NID_id_Gost28147_89_MAC 815 -#define OBJ_id_Gost28147_89_MAC OBJ_cryptopro,22L - -#define SN_id_GostR3411_94_prf "prf-gostr3411-94" -#define LN_id_GostR3411_94_prf "GOST R 34.11-94 PRF" -#define NID_id_GostR3411_94_prf 816 -#define OBJ_id_GostR3411_94_prf OBJ_cryptopro,23L - -#define SN_id_GostR3410_2001DH "id-GostR3410-2001DH" -#define LN_id_GostR3410_2001DH "GOST R 34.10-2001 DH" -#define NID_id_GostR3410_2001DH 817 -#define OBJ_id_GostR3410_2001DH OBJ_cryptopro,98L - -#define SN_id_GostR3410_94DH "id-GostR3410-94DH" -#define LN_id_GostR3410_94DH "GOST R 34.10-94 DH" -#define NID_id_GostR3410_94DH 818 -#define OBJ_id_GostR3410_94DH OBJ_cryptopro,99L - -#define SN_id_Gost28147_89_CryptoPro_KeyMeshing "id-Gost28147-89-CryptoPro-KeyMeshing" -#define NID_id_Gost28147_89_CryptoPro_KeyMeshing 819 -#define OBJ_id_Gost28147_89_CryptoPro_KeyMeshing OBJ_cryptopro,14L,1L - -#define SN_id_Gost28147_89_None_KeyMeshing "id-Gost28147-89-None-KeyMeshing" -#define NID_id_Gost28147_89_None_KeyMeshing 820 -#define OBJ_id_Gost28147_89_None_KeyMeshing OBJ_cryptopro,14L,0L - -#define SN_id_GostR3411_94_TestParamSet "id-GostR3411-94-TestParamSet" -#define NID_id_GostR3411_94_TestParamSet 821 -#define OBJ_id_GostR3411_94_TestParamSet OBJ_cryptopro,30L,0L - -#define SN_id_GostR3411_94_CryptoProParamSet "id-GostR3411-94-CryptoProParamSet" -#define NID_id_GostR3411_94_CryptoProParamSet 822 -#define OBJ_id_GostR3411_94_CryptoProParamSet OBJ_cryptopro,30L,1L - -#define SN_id_Gost28147_89_TestParamSet "id-Gost28147-89-TestParamSet" -#define NID_id_Gost28147_89_TestParamSet 823 -#define OBJ_id_Gost28147_89_TestParamSet OBJ_cryptopro,31L,0L - -#define SN_id_Gost28147_89_CryptoPro_A_ParamSet "id-Gost28147-89-CryptoPro-A-ParamSet" -#define NID_id_Gost28147_89_CryptoPro_A_ParamSet 824 -#define OBJ_id_Gost28147_89_CryptoPro_A_ParamSet OBJ_cryptopro,31L,1L - -#define SN_id_Gost28147_89_CryptoPro_B_ParamSet "id-Gost28147-89-CryptoPro-B-ParamSet" -#define NID_id_Gost28147_89_CryptoPro_B_ParamSet 825 -#define OBJ_id_Gost28147_89_CryptoPro_B_ParamSet OBJ_cryptopro,31L,2L - -#define SN_id_Gost28147_89_CryptoPro_C_ParamSet "id-Gost28147-89-CryptoPro-C-ParamSet" -#define NID_id_Gost28147_89_CryptoPro_C_ParamSet 826 -#define OBJ_id_Gost28147_89_CryptoPro_C_ParamSet OBJ_cryptopro,31L,3L - -#define SN_id_Gost28147_89_CryptoPro_D_ParamSet "id-Gost28147-89-CryptoPro-D-ParamSet" -#define NID_id_Gost28147_89_CryptoPro_D_ParamSet 827 -#define OBJ_id_Gost28147_89_CryptoPro_D_ParamSet OBJ_cryptopro,31L,4L - -#define SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" -#define NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 828 -#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet OBJ_cryptopro,31L,5L - -#define SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" -#define NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 829 -#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet OBJ_cryptopro,31L,6L - -#define SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" -#define NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 830 -#define OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet OBJ_cryptopro,31L,7L - -#define SN_id_GostR3410_94_TestParamSet "id-GostR3410-94-TestParamSet" -#define NID_id_GostR3410_94_TestParamSet 831 -#define OBJ_id_GostR3410_94_TestParamSet OBJ_cryptopro,32L,0L - -#define SN_id_GostR3410_94_CryptoPro_A_ParamSet "id-GostR3410-94-CryptoPro-A-ParamSet" -#define NID_id_GostR3410_94_CryptoPro_A_ParamSet 832 -#define OBJ_id_GostR3410_94_CryptoPro_A_ParamSet OBJ_cryptopro,32L,2L - -#define SN_id_GostR3410_94_CryptoPro_B_ParamSet "id-GostR3410-94-CryptoPro-B-ParamSet" -#define NID_id_GostR3410_94_CryptoPro_B_ParamSet 833 -#define OBJ_id_GostR3410_94_CryptoPro_B_ParamSet OBJ_cryptopro,32L,3L - -#define SN_id_GostR3410_94_CryptoPro_C_ParamSet "id-GostR3410-94-CryptoPro-C-ParamSet" -#define NID_id_GostR3410_94_CryptoPro_C_ParamSet 834 -#define OBJ_id_GostR3410_94_CryptoPro_C_ParamSet OBJ_cryptopro,32L,4L - -#define SN_id_GostR3410_94_CryptoPro_D_ParamSet "id-GostR3410-94-CryptoPro-D-ParamSet" -#define NID_id_GostR3410_94_CryptoPro_D_ParamSet 835 -#define OBJ_id_GostR3410_94_CryptoPro_D_ParamSet OBJ_cryptopro,32L,5L - -#define SN_id_GostR3410_94_CryptoPro_XchA_ParamSet "id-GostR3410-94-CryptoPro-XchA-ParamSet" -#define NID_id_GostR3410_94_CryptoPro_XchA_ParamSet 836 -#define OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet OBJ_cryptopro,33L,1L - -#define SN_id_GostR3410_94_CryptoPro_XchB_ParamSet "id-GostR3410-94-CryptoPro-XchB-ParamSet" -#define NID_id_GostR3410_94_CryptoPro_XchB_ParamSet 837 -#define OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet OBJ_cryptopro,33L,2L - -#define SN_id_GostR3410_94_CryptoPro_XchC_ParamSet "id-GostR3410-94-CryptoPro-XchC-ParamSet" -#define NID_id_GostR3410_94_CryptoPro_XchC_ParamSet 838 -#define OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet OBJ_cryptopro,33L,3L - -#define SN_id_GostR3410_2001_TestParamSet "id-GostR3410-2001-TestParamSet" -#define NID_id_GostR3410_2001_TestParamSet 839 -#define OBJ_id_GostR3410_2001_TestParamSet OBJ_cryptopro,35L,0L - -#define SN_id_GostR3410_2001_CryptoPro_A_ParamSet "id-GostR3410-2001-CryptoPro-A-ParamSet" -#define NID_id_GostR3410_2001_CryptoPro_A_ParamSet 840 -#define OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet OBJ_cryptopro,35L,1L - -#define SN_id_GostR3410_2001_CryptoPro_B_ParamSet "id-GostR3410-2001-CryptoPro-B-ParamSet" -#define NID_id_GostR3410_2001_CryptoPro_B_ParamSet 841 -#define OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet OBJ_cryptopro,35L,2L - -#define SN_id_GostR3410_2001_CryptoPro_C_ParamSet "id-GostR3410-2001-CryptoPro-C-ParamSet" -#define NID_id_GostR3410_2001_CryptoPro_C_ParamSet 842 -#define OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet OBJ_cryptopro,35L,3L - -#define SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet "id-GostR3410-2001-CryptoPro-XchA-ParamSet" -#define NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet 843 -#define OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet OBJ_cryptopro,36L,0L - -#define SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet "id-GostR3410-2001-CryptoPro-XchB-ParamSet" -#define NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet 844 -#define OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet OBJ_cryptopro,36L,1L - -#define SN_id_GostR3410_94_a "id-GostR3410-94-a" -#define NID_id_GostR3410_94_a 845 -#define OBJ_id_GostR3410_94_a OBJ_id_GostR3410_94,1L - -#define SN_id_GostR3410_94_aBis "id-GostR3410-94-aBis" -#define NID_id_GostR3410_94_aBis 846 -#define OBJ_id_GostR3410_94_aBis OBJ_id_GostR3410_94,2L - -#define SN_id_GostR3410_94_b "id-GostR3410-94-b" -#define NID_id_GostR3410_94_b 847 -#define OBJ_id_GostR3410_94_b OBJ_id_GostR3410_94,3L - -#define SN_id_GostR3410_94_bBis "id-GostR3410-94-bBis" -#define NID_id_GostR3410_94_bBis 848 -#define OBJ_id_GostR3410_94_bBis OBJ_id_GostR3410_94,4L - -#define SN_id_Gost28147_89_cc "id-Gost28147-89-cc" -#define LN_id_Gost28147_89_cc "GOST 28147-89 Cryptocom ParamSet" -#define NID_id_Gost28147_89_cc 849 -#define OBJ_id_Gost28147_89_cc OBJ_cryptocom,1L,6L,1L - -#define SN_id_GostR3410_94_cc "gost94cc" -#define LN_id_GostR3410_94_cc "GOST 34.10-94 Cryptocom" -#define NID_id_GostR3410_94_cc 850 -#define OBJ_id_GostR3410_94_cc OBJ_cryptocom,1L,5L,3L - -#define SN_id_GostR3410_2001_cc "gost2001cc" -#define LN_id_GostR3410_2001_cc "GOST 34.10-2001 Cryptocom" -#define NID_id_GostR3410_2001_cc 851 -#define OBJ_id_GostR3410_2001_cc OBJ_cryptocom,1L,5L,4L - -#define SN_id_GostR3411_94_with_GostR3410_94_cc "id-GostR3411-94-with-GostR3410-94-cc" -#define LN_id_GostR3411_94_with_GostR3410_94_cc "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom" -#define NID_id_GostR3411_94_with_GostR3410_94_cc 852 -#define OBJ_id_GostR3411_94_with_GostR3410_94_cc OBJ_cryptocom,1L,3L,3L - -#define SN_id_GostR3411_94_with_GostR3410_2001_cc "id-GostR3411-94-with-GostR3410-2001-cc" -#define LN_id_GostR3411_94_with_GostR3410_2001_cc "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom" -#define NID_id_GostR3411_94_with_GostR3410_2001_cc 853 -#define OBJ_id_GostR3411_94_with_GostR3410_2001_cc OBJ_cryptocom,1L,3L,4L - -#define SN_id_GostR3410_2001_ParamSet_cc "id-GostR3410-2001-ParamSet-cc" -#define LN_id_GostR3410_2001_ParamSet_cc "GOST R 3410-2001 Parameter Set Cryptocom" -#define NID_id_GostR3410_2001_ParamSet_cc 854 -#define OBJ_id_GostR3410_2001_ParamSet_cc OBJ_cryptocom,1L,8L,1L - -#define SN_camellia_128_cbc "CAMELLIA-128-CBC" -#define LN_camellia_128_cbc "camellia-128-cbc" -#define NID_camellia_128_cbc 751 -#define OBJ_camellia_128_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,2L - -#define SN_camellia_192_cbc "CAMELLIA-192-CBC" -#define LN_camellia_192_cbc "camellia-192-cbc" -#define NID_camellia_192_cbc 752 -#define OBJ_camellia_192_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,3L - -#define SN_camellia_256_cbc "CAMELLIA-256-CBC" -#define LN_camellia_256_cbc "camellia-256-cbc" -#define NID_camellia_256_cbc 753 -#define OBJ_camellia_256_cbc 1L,2L,392L,200011L,61L,1L,1L,1L,4L - -#define SN_id_camellia128_wrap "id-camellia128-wrap" -#define NID_id_camellia128_wrap 907 -#define OBJ_id_camellia128_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,2L - -#define SN_id_camellia192_wrap "id-camellia192-wrap" -#define NID_id_camellia192_wrap 908 -#define OBJ_id_camellia192_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,3L - -#define SN_id_camellia256_wrap "id-camellia256-wrap" -#define NID_id_camellia256_wrap 909 -#define OBJ_id_camellia256_wrap 1L,2L,392L,200011L,61L,1L,1L,3L,4L - -#define OBJ_ntt_ds 0L,3L,4401L,5L - -#define OBJ_camellia OBJ_ntt_ds,3L,1L,9L - -#define SN_camellia_128_ecb "CAMELLIA-128-ECB" -#define LN_camellia_128_ecb "camellia-128-ecb" -#define NID_camellia_128_ecb 754 -#define OBJ_camellia_128_ecb OBJ_camellia,1L - -#define SN_camellia_128_ofb128 "CAMELLIA-128-OFB" -#define LN_camellia_128_ofb128 "camellia-128-ofb" -#define NID_camellia_128_ofb128 766 -#define OBJ_camellia_128_ofb128 OBJ_camellia,3L - -#define SN_camellia_128_cfb128 "CAMELLIA-128-CFB" -#define LN_camellia_128_cfb128 "camellia-128-cfb" -#define NID_camellia_128_cfb128 757 -#define OBJ_camellia_128_cfb128 OBJ_camellia,4L - -#define SN_camellia_192_ecb "CAMELLIA-192-ECB" -#define LN_camellia_192_ecb "camellia-192-ecb" -#define NID_camellia_192_ecb 755 -#define OBJ_camellia_192_ecb OBJ_camellia,21L - -#define SN_camellia_192_ofb128 "CAMELLIA-192-OFB" -#define LN_camellia_192_ofb128 "camellia-192-ofb" -#define NID_camellia_192_ofb128 767 -#define OBJ_camellia_192_ofb128 OBJ_camellia,23L - -#define SN_camellia_192_cfb128 "CAMELLIA-192-CFB" -#define LN_camellia_192_cfb128 "camellia-192-cfb" -#define NID_camellia_192_cfb128 758 -#define OBJ_camellia_192_cfb128 OBJ_camellia,24L - -#define SN_camellia_256_ecb "CAMELLIA-256-ECB" -#define LN_camellia_256_ecb "camellia-256-ecb" -#define NID_camellia_256_ecb 756 -#define OBJ_camellia_256_ecb OBJ_camellia,41L - -#define SN_camellia_256_ofb128 "CAMELLIA-256-OFB" -#define LN_camellia_256_ofb128 "camellia-256-ofb" -#define NID_camellia_256_ofb128 768 -#define OBJ_camellia_256_ofb128 OBJ_camellia,43L - -#define SN_camellia_256_cfb128 "CAMELLIA-256-CFB" -#define LN_camellia_256_cfb128 "camellia-256-cfb" -#define NID_camellia_256_cfb128 759 -#define OBJ_camellia_256_cfb128 OBJ_camellia,44L - -#define SN_camellia_128_cfb1 "CAMELLIA-128-CFB1" -#define LN_camellia_128_cfb1 "camellia-128-cfb1" -#define NID_camellia_128_cfb1 760 - -#define SN_camellia_192_cfb1 "CAMELLIA-192-CFB1" -#define LN_camellia_192_cfb1 "camellia-192-cfb1" -#define NID_camellia_192_cfb1 761 - -#define SN_camellia_256_cfb1 "CAMELLIA-256-CFB1" -#define LN_camellia_256_cfb1 "camellia-256-cfb1" -#define NID_camellia_256_cfb1 762 - -#define SN_camellia_128_cfb8 "CAMELLIA-128-CFB8" -#define LN_camellia_128_cfb8 "camellia-128-cfb8" -#define NID_camellia_128_cfb8 763 - -#define SN_camellia_192_cfb8 "CAMELLIA-192-CFB8" -#define LN_camellia_192_cfb8 "camellia-192-cfb8" -#define NID_camellia_192_cfb8 764 - -#define SN_camellia_256_cfb8 "CAMELLIA-256-CFB8" -#define LN_camellia_256_cfb8 "camellia-256-cfb8" -#define NID_camellia_256_cfb8 765 - -#define SN_kisa "KISA" -#define LN_kisa "kisa" -#define NID_kisa 773 -#define OBJ_kisa OBJ_member_body,410L,200004L - -#define SN_seed_ecb "SEED-ECB" -#define LN_seed_ecb "seed-ecb" -#define NID_seed_ecb 776 -#define OBJ_seed_ecb OBJ_kisa,1L,3L - -#define SN_seed_cbc "SEED-CBC" -#define LN_seed_cbc "seed-cbc" -#define NID_seed_cbc 777 -#define OBJ_seed_cbc OBJ_kisa,1L,4L - -#define SN_seed_cfb128 "SEED-CFB" -#define LN_seed_cfb128 "seed-cfb" -#define NID_seed_cfb128 779 -#define OBJ_seed_cfb128 OBJ_kisa,1L,5L - -#define SN_seed_ofb128 "SEED-OFB" -#define LN_seed_ofb128 "seed-ofb" -#define NID_seed_ofb128 778 -#define OBJ_seed_ofb128 OBJ_kisa,1L,6L - -#define SN_hmac "HMAC" -#define LN_hmac "hmac" -#define NID_hmac 855 - -#define SN_cmac "CMAC" -#define LN_cmac "cmac" -#define NID_cmac 894 - -#define SN_rc4_hmac_md5 "RC4-HMAC-MD5" -#define LN_rc4_hmac_md5 "rc4-hmac-md5" -#define NID_rc4_hmac_md5 915 - -#define SN_aes_128_cbc_hmac_sha1 "AES-128-CBC-HMAC-SHA1" -#define LN_aes_128_cbc_hmac_sha1 "aes-128-cbc-hmac-sha1" -#define NID_aes_128_cbc_hmac_sha1 916 - -#define SN_aes_192_cbc_hmac_sha1 "AES-192-CBC-HMAC-SHA1" -#define LN_aes_192_cbc_hmac_sha1 "aes-192-cbc-hmac-sha1" -#define NID_aes_192_cbc_hmac_sha1 917 - -#define SN_aes_256_cbc_hmac_sha1 "AES-256-CBC-HMAC-SHA1" -#define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1" -#define NID_aes_256_cbc_hmac_sha1 918 - -#define SN_dhpublicnumber "dhpublicnumber" -#define LN_dhpublicnumber "X9.42 DH" -#define NID_dhpublicnumber 920 -#define OBJ_dhpublicnumber OBJ_ISO_US,10046L,2L,1L - -#define SN_brainpoolP160r1 "brainpoolP160r1" -#define NID_brainpoolP160r1 921 -#define OBJ_brainpoolP160r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,1L - -#define SN_brainpoolP160t1 "brainpoolP160t1" -#define NID_brainpoolP160t1 922 -#define OBJ_brainpoolP160t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,2L - -#define SN_brainpoolP192r1 "brainpoolP192r1" -#define NID_brainpoolP192r1 923 -#define OBJ_brainpoolP192r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,3L - -#define SN_brainpoolP192t1 "brainpoolP192t1" -#define NID_brainpoolP192t1 924 -#define OBJ_brainpoolP192t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,4L - -#define SN_brainpoolP224r1 "brainpoolP224r1" -#define NID_brainpoolP224r1 925 -#define OBJ_brainpoolP224r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,5L - -#define SN_brainpoolP224t1 "brainpoolP224t1" -#define NID_brainpoolP224t1 926 -#define OBJ_brainpoolP224t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,6L - -#define SN_brainpoolP256r1 "brainpoolP256r1" -#define NID_brainpoolP256r1 927 -#define OBJ_brainpoolP256r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,7L - -#define SN_brainpoolP256t1 "brainpoolP256t1" -#define NID_brainpoolP256t1 928 -#define OBJ_brainpoolP256t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,8L - -#define SN_brainpoolP320r1 "brainpoolP320r1" -#define NID_brainpoolP320r1 929 -#define OBJ_brainpoolP320r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,9L - -#define SN_brainpoolP320t1 "brainpoolP320t1" -#define NID_brainpoolP320t1 930 -#define OBJ_brainpoolP320t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,10L - -#define SN_brainpoolP384r1 "brainpoolP384r1" -#define NID_brainpoolP384r1 931 -#define OBJ_brainpoolP384r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,11L - -#define SN_brainpoolP384t1 "brainpoolP384t1" -#define NID_brainpoolP384t1 932 -#define OBJ_brainpoolP384t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,12L - -#define SN_brainpoolP512r1 "brainpoolP512r1" -#define NID_brainpoolP512r1 933 -#define OBJ_brainpoolP512r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,13L - -#define SN_brainpoolP512t1 "brainpoolP512t1" -#define NID_brainpoolP512t1 934 -#define OBJ_brainpoolP512t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,14L - -#define OBJ_x9_63_scheme 1L,3L,133L,16L,840L,63L,0L - -#define OBJ_secg_scheme OBJ_certicom_arc,1L - -#define SN_dhSinglePass_stdDH_sha1kdf_scheme "dhSinglePass-stdDH-sha1kdf-scheme" -#define NID_dhSinglePass_stdDH_sha1kdf_scheme 936 -#define OBJ_dhSinglePass_stdDH_sha1kdf_scheme OBJ_x9_63_scheme,2L - -#define SN_dhSinglePass_stdDH_sha224kdf_scheme "dhSinglePass-stdDH-sha224kdf-scheme" -#define NID_dhSinglePass_stdDH_sha224kdf_scheme 937 -#define OBJ_dhSinglePass_stdDH_sha224kdf_scheme OBJ_secg_scheme,11L,0L - -#define SN_dhSinglePass_stdDH_sha256kdf_scheme "dhSinglePass-stdDH-sha256kdf-scheme" -#define NID_dhSinglePass_stdDH_sha256kdf_scheme 938 -#define OBJ_dhSinglePass_stdDH_sha256kdf_scheme OBJ_secg_scheme,11L,1L - -#define SN_dhSinglePass_stdDH_sha384kdf_scheme "dhSinglePass-stdDH-sha384kdf-scheme" -#define NID_dhSinglePass_stdDH_sha384kdf_scheme 939 -#define OBJ_dhSinglePass_stdDH_sha384kdf_scheme OBJ_secg_scheme,11L,2L - -#define SN_dhSinglePass_stdDH_sha512kdf_scheme "dhSinglePass-stdDH-sha512kdf-scheme" -#define NID_dhSinglePass_stdDH_sha512kdf_scheme 940 -#define OBJ_dhSinglePass_stdDH_sha512kdf_scheme OBJ_secg_scheme,11L,3L - -#define SN_dhSinglePass_cofactorDH_sha1kdf_scheme "dhSinglePass-cofactorDH-sha1kdf-scheme" -#define NID_dhSinglePass_cofactorDH_sha1kdf_scheme 941 -#define OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme OBJ_x9_63_scheme,3L - -#define SN_dhSinglePass_cofactorDH_sha224kdf_scheme "dhSinglePass-cofactorDH-sha224kdf-scheme" -#define NID_dhSinglePass_cofactorDH_sha224kdf_scheme 942 -#define OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme OBJ_secg_scheme,14L,0L - -#define SN_dhSinglePass_cofactorDH_sha256kdf_scheme "dhSinglePass-cofactorDH-sha256kdf-scheme" -#define NID_dhSinglePass_cofactorDH_sha256kdf_scheme 943 -#define OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme OBJ_secg_scheme,14L,1L - -#define SN_dhSinglePass_cofactorDH_sha384kdf_scheme "dhSinglePass-cofactorDH-sha384kdf-scheme" -#define NID_dhSinglePass_cofactorDH_sha384kdf_scheme 944 -#define OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme OBJ_secg_scheme,14L,2L - -#define SN_dhSinglePass_cofactorDH_sha512kdf_scheme "dhSinglePass-cofactorDH-sha512kdf-scheme" -#define NID_dhSinglePass_cofactorDH_sha512kdf_scheme 945 -#define OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme OBJ_secg_scheme,14L,3L - -#define SN_dh_std_kdf "dh-std-kdf" -#define NID_dh_std_kdf 946 - -#define SN_dh_cofactor_kdf "dh-cofactor-kdf" -#define NID_dh_cofactor_kdf 947 - diff --git a/third_party/boringssl/include/openssl/objects.h b/third_party/boringssl/include/openssl/objects.h deleted file mode 100644 index dd6556f26489c5..00000000000000 --- a/third_party/boringssl/include/openssl/objects.h +++ /dev/null @@ -1,18 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -/* This header is provided in order to make compiling against code that expects - OpenSSL easier. */ - -#include "obj.h" diff --git a/third_party/boringssl/include/openssl/opensslfeatures.h b/third_party/boringssl/include/openssl/opensslfeatures.h deleted file mode 100644 index c3f97d5a48e620..00000000000000 --- a/third_party/boringssl/include/openssl/opensslfeatures.h +++ /dev/null @@ -1,60 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -/* This header is provided in order to make compiling against code that expects - OpenSSL easier. */ - -#ifndef OPENSSL_HEADER_OPENSSLFEATURES_H -#define OPENSSL_HEADER_OPENSSLFEATURES_H - - -#define OPENSSL_NO_BF -#define OPENSSL_NO_BUF_FREELISTS -#define OPENSSL_NO_CAMELLIA -#define OPENSSL_NO_CAPIENG -#define OPENSSL_NO_CAST -#define OPENSSL_NO_CMS -#define OPENSSL_NO_COMP -#define OPENSSL_NO_DANE -#define OPENSSL_NO_DEPRECATED -#define OPENSSL_NO_DYNAMIC_ENGINE -#define OPENSSL_NO_EC_NISTP_64_GCC_128 -#define OPENSSL_NO_EC2M -#define OPENSSL_NO_ENGINE -#define OPENSSL_NO_GMP -#define OPENSSL_NO_GOST -#define OPENSSL_NO_HEARTBEATS -#define OPENSSL_NO_HW -#define OPENSSL_NO_IDEA -#define OPENSSL_NO_JPAKE -#define OPENSSL_NO_KRB5 -#define OPENSSL_NO_MD2 -#define OPENSSL_NO_MDC2 -#define OPENSSL_NO_OCB -#define OPENSSL_NO_OCSP -#define OPENSSL_NO_RC2 -#define OPENSSL_NO_RC5 -#define OPENSSL_NO_RFC3779 -#define OPENSSL_NO_RIPEMD -#define OPENSSL_NO_RMD160 -#define OPENSSL_NO_SCTP -#define OPENSSL_NO_SEED -#define OPENSSL_NO_SRP -#define OPENSSL_NO_SSL2 -#define OPENSSL_NO_STATIC_ENGINE -#define OPENSSL_NO_STORE -#define OPENSSL_NO_WHIRLPOOL - - -#endif /* OPENSSL_HEADER_OPENSSLFEATURES_H */ diff --git a/third_party/boringssl/include/openssl/opensslv.h b/third_party/boringssl/include/openssl/opensslv.h deleted file mode 100644 index a3555d4f8b0027..00000000000000 --- a/third_party/boringssl/include/openssl/opensslv.h +++ /dev/null @@ -1,18 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -/* This header is provided in order to make compiling against code that expects - OpenSSL easier. */ - -#include "crypto.h" diff --git a/third_party/boringssl/include/openssl/ossl_typ.h b/third_party/boringssl/include/openssl/ossl_typ.h deleted file mode 100644 index c2b3fe7c500965..00000000000000 --- a/third_party/boringssl/include/openssl/ossl_typ.h +++ /dev/null @@ -1,18 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -/* This header is provided in order to make compiling against code that expects - OpenSSL easier. */ - -#include "base.h" diff --git a/third_party/boringssl/include/openssl/pem.h b/third_party/boringssl/include/openssl/pem.h deleted file mode 100644 index 7756e45ed3e73c..00000000000000 --- a/third_party/boringssl/include/openssl/pem.h +++ /dev/null @@ -1,545 +0,0 @@ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_PEM_H -#define OPENSSL_HEADER_PEM_H - -#include -#include -#include -#include -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -#define PEM_BUFSIZE 1024 - -#define PEM_OBJ_UNDEF 0 -#define PEM_OBJ_X509 1 -#define PEM_OBJ_X509_REQ 2 -#define PEM_OBJ_CRL 3 -#define PEM_OBJ_SSL_SESSION 4 -#define PEM_OBJ_PRIV_KEY 10 -#define PEM_OBJ_PRIV_RSA 11 -#define PEM_OBJ_PRIV_DSA 12 -#define PEM_OBJ_PRIV_DH 13 -#define PEM_OBJ_PUB_RSA 14 -#define PEM_OBJ_PUB_DSA 15 -#define PEM_OBJ_PUB_DH 16 -#define PEM_OBJ_DHPARAMS 17 -#define PEM_OBJ_DSAPARAMS 18 -#define PEM_OBJ_PRIV_RSA_PUBLIC 19 -#define PEM_OBJ_PRIV_ECDSA 20 -#define PEM_OBJ_PUB_ECDSA 21 -#define PEM_OBJ_ECPARAMETERS 22 - -#define PEM_ERROR 30 -#define PEM_DEK_DES_CBC 40 -#define PEM_DEK_IDEA_CBC 45 -#define PEM_DEK_DES_EDE 50 -#define PEM_DEK_DES_ECB 60 -#define PEM_DEK_RSA 70 -#define PEM_DEK_RSA_MD2 80 -#define PEM_DEK_RSA_MD5 90 - -#define PEM_MD_MD2 NID_md2 -#define PEM_MD_MD5 NID_md5 -#define PEM_MD_SHA NID_sha -#define PEM_MD_MD2_RSA NID_md2WithRSAEncryption -#define PEM_MD_MD5_RSA NID_md5WithRSAEncryption -#define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption - -#define PEM_STRING_X509_OLD "X509 CERTIFICATE" -#define PEM_STRING_X509 "CERTIFICATE" -#define PEM_STRING_X509_PAIR "CERTIFICATE PAIR" -#define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE" -#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST" -#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST" -#define PEM_STRING_X509_CRL "X509 CRL" -#define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY" -#define PEM_STRING_PUBLIC "PUBLIC KEY" -#define PEM_STRING_RSA "RSA PRIVATE KEY" -#define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY" -#define PEM_STRING_DSA "DSA PRIVATE KEY" -#define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY" -#define PEM_STRING_PKCS7 "PKCS7" -#define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA" -#define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY" -#define PEM_STRING_PKCS8INF "PRIVATE KEY" -#define PEM_STRING_DHPARAMS "DH PARAMETERS" -#define PEM_STRING_DHXPARAMS "X9.42 DH PARAMETERS" -#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS" -#define PEM_STRING_DSAPARAMS "DSA PARAMETERS" -#define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY" -#define PEM_STRING_ECPARAMETERS "EC PARAMETERS" -#define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY" -#define PEM_STRING_PARAMETERS "PARAMETERS" -#define PEM_STRING_CMS "CMS" - - /* Note that this structure is initialised by PEM_SealInit and cleaned up - by PEM_SealFinal (at least for now) */ -typedef struct PEM_Encode_Seal_st - { - EVP_ENCODE_CTX encode; - EVP_MD_CTX md; - EVP_CIPHER_CTX cipher; - } PEM_ENCODE_SEAL_CTX; - -/* enc_type is one off */ -#define PEM_TYPE_ENCRYPTED 10 -#define PEM_TYPE_MIC_ONLY 20 -#define PEM_TYPE_MIC_CLEAR 30 -#define PEM_TYPE_CLEAR 40 - -typedef struct pem_recip_st - { - char *name; - X509_NAME *dn; - - int cipher; - int key_enc; - /* char iv[8]; unused and wrong size */ - } PEM_USER; - -typedef struct pem_ctx_st - { - int type; /* what type of object */ - - struct { - int version; - int mode; - } proc_type; - - char *domain; - - struct { - int cipher; - /* unused, and wrong size - unsigned char iv[8]; */ - } DEK_info; - - PEM_USER *originator; - - int num_recipient; - PEM_USER **recipient; - - EVP_MD *md; /* signature type */ - - int md_enc; /* is the md encrypted or not? */ - int md_len; /* length of md_data */ - char *md_data; /* message digest, could be pkey encrypted */ - - EVP_CIPHER *dec; /* date encryption cipher */ - int key_len; /* key length */ - unsigned char *key; /* key */ - /* unused, and wrong size - unsigned char iv[8]; */ - - - int data_enc; /* is the data encrypted */ - int data_len; - unsigned char *data; - } PEM_CTX; - -/* These macros make the PEM_read/PEM_write functions easier to maintain and - * write. Now they are all implemented with either: - * IMPLEMENT_PEM_rw(...) or IMPLEMENT_PEM_rw_cb(...) - */ - -#ifdef OPENSSL_NO_FP_API - -#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/ -#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/ -#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) /**/ -#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/ -#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) /**/ - -#else - -#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \ -OPENSSL_EXPORT type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\ -{ \ -return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \ -} - -#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \ -OPENSSL_EXPORT int PEM_write_##name(FILE *fp, type *x) \ -{ \ -return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \ -} - -#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \ -OPENSSL_EXPORT int PEM_write_##name(FILE *fp, const type *x) \ -{ \ -return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \ -} - -#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \ -OPENSSL_EXPORT int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, \ - void *u) \ - { \ - return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \ - } - -#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \ -OPENSSL_EXPORT int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, \ - void *u) \ - { \ - return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \ - } - -#endif - -#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ -OPENSSL_EXPORT type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\ -{ \ -return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \ -} - -#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ -OPENSSL_EXPORT int PEM_write_bio_##name(BIO *bp, type *x) \ -{ \ -return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \ -} - -#define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ -OPENSSL_EXPORT int PEM_write_bio_##name(BIO *bp, const type *x) \ -{ \ -return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \ -} - -#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ -OPENSSL_EXPORT int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ - { \ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \ - } - -#define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ -OPENSSL_EXPORT int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ - { \ - return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \ - } - -#define IMPLEMENT_PEM_write(name, type, str, asn1) \ - IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ - IMPLEMENT_PEM_write_fp(name, type, str, asn1) - -#define IMPLEMENT_PEM_write_const(name, type, str, asn1) \ - IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ - IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) - -#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) - -#define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) - -#define IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ - IMPLEMENT_PEM_read_fp(name, type, str, asn1) - -#define IMPLEMENT_PEM_rw(name, type, str, asn1) \ - IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_write(name, type, str, asn1) - -#define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \ - IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_write_const(name, type, str, asn1) - -#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \ - IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb(name, type, str, asn1) - -/* These are the same except they are for the declarations */ - -#if defined(OPENSSL_NO_FP_API) - -#define DECLARE_PEM_read_fp(name, type) /**/ -#define DECLARE_PEM_write_fp(name, type) /**/ -#define DECLARE_PEM_write_cb_fp(name, type) /**/ - -#else - -#define DECLARE_PEM_read_fp(name, type) \ - OPENSSL_EXPORT type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u); - -#define DECLARE_PEM_write_fp(name, type) \ - OPENSSL_EXPORT int PEM_write_##name(FILE *fp, type *x); - -#define DECLARE_PEM_write_fp_const(name, type) \ - OPENSSL_EXPORT int PEM_write_##name(FILE *fp, const type *x); - -#define DECLARE_PEM_write_cb_fp(name, type) \ - OPENSSL_EXPORT int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u); - -#endif - -#define DECLARE_PEM_read_bio(name, type) \ - OPENSSL_EXPORT type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u); - -#define DECLARE_PEM_write_bio(name, type) \ - OPENSSL_EXPORT int PEM_write_bio_##name(BIO *bp, type *x); - -#define DECLARE_PEM_write_bio_const(name, type) \ - OPENSSL_EXPORT int PEM_write_bio_##name(BIO *bp, const type *x); - -#define DECLARE_PEM_write_cb_bio(name, type) \ - OPENSSL_EXPORT int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u); - - -#define DECLARE_PEM_write(name, type) \ - DECLARE_PEM_write_bio(name, type) \ - DECLARE_PEM_write_fp(name, type) - -#define DECLARE_PEM_write_const(name, type) \ - DECLARE_PEM_write_bio_const(name, type) \ - DECLARE_PEM_write_fp_const(name, type) - -#define DECLARE_PEM_write_cb(name, type) \ - DECLARE_PEM_write_cb_bio(name, type) \ - DECLARE_PEM_write_cb_fp(name, type) - -#define DECLARE_PEM_read(name, type) \ - DECLARE_PEM_read_bio(name, type) \ - DECLARE_PEM_read_fp(name, type) - -#define DECLARE_PEM_rw(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write(name, type) - -#define DECLARE_PEM_rw_const(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write_const(name, type) - -#define DECLARE_PEM_rw_cb(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write_cb(name, type) - -/* "userdata": new with OpenSSL 0.9.4 */ -typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata); - -OPENSSL_EXPORT int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher); -OPENSSL_EXPORT int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len, pem_password_cb *callback,void *u); - -OPENSSL_EXPORT int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,long *len); -OPENSSL_EXPORT int PEM_write_bio(BIO *bp,const char *name, const char *hdr, const unsigned char *data, long len); -OPENSSL_EXPORT int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char *name, BIO *bp, pem_password_cb *cb, void *u); -OPENSSL_EXPORT void * PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x, pem_password_cb *cb, void *u); -OPENSSL_EXPORT int PEM_ASN1_write_bio(i2d_of_void *i2d,const char *name,BIO *bp, void *x, const EVP_CIPHER *enc,unsigned char *kstr,int klen, pem_password_cb *cb, void *u); - -OPENSSL_EXPORT STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u); -OPENSSL_EXPORT int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cd, void *u); - -OPENSSL_EXPORT int PEM_read(FILE *fp, char **name, char **header, unsigned char **data,long *len); -OPENSSL_EXPORT int PEM_write(FILE *fp, const char *name, const char *hdr, const unsigned char *data, long len); -OPENSSL_EXPORT void * PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, pem_password_cb *cb, void *u); -OPENSSL_EXPORT int PEM_ASN1_write(i2d_of_void *i2d,const char *name,FILE *fp, void *x,const EVP_CIPHER *enc,unsigned char *kstr, int klen,pem_password_cb *callback, void *u); -OPENSSL_EXPORT STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u); - -OPENSSL_EXPORT int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk); -OPENSSL_EXPORT void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl, unsigned char *in, int inl); -OPENSSL_EXPORT int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig,int *sigl, unsigned char *out, int *outl, EVP_PKEY *priv); - -OPENSSL_EXPORT void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type); -OPENSSL_EXPORT void PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt); -OPENSSL_EXPORT int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, EVP_PKEY *pkey); - -/* |PEM_def_callback| treats |userdata| as a string and copies it into |buf|, - * assuming its |size| is sufficient. Returns the length of the string, or 0 - * if there is not enough room. If either |buf| or |userdata| is NULL, 0 is - * returned. Note that this is different from OpenSSL, which prompts for a - * password. */ -OPENSSL_EXPORT int PEM_def_callback(char *buf, int size, int rwflag, void *userdata); -OPENSSL_EXPORT void PEM_proc_type(char *buf, int type); -OPENSSL_EXPORT void PEM_dek_info(char *buf, const char *type, int len, char *str); - - -DECLARE_PEM_rw(X509, X509) - -DECLARE_PEM_rw(X509_AUX, X509) - -DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR) - -DECLARE_PEM_rw(X509_REQ, X509_REQ) -DECLARE_PEM_write(X509_REQ_NEW, X509_REQ) - -DECLARE_PEM_rw(X509_CRL, X509_CRL) - -/* DECLARE_PEM_rw(PKCS7, PKCS7) */ - -DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE) - -DECLARE_PEM_rw(PKCS8, X509_SIG) - -DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO) - -DECLARE_PEM_rw_cb(RSAPrivateKey, RSA) - -DECLARE_PEM_rw_const(RSAPublicKey, RSA) -DECLARE_PEM_rw(RSA_PUBKEY, RSA) - -#ifndef OPENSSL_NO_DSA - -DECLARE_PEM_rw_cb(DSAPrivateKey, DSA) - -DECLARE_PEM_rw(DSA_PUBKEY, DSA) - -DECLARE_PEM_rw_const(DSAparams, DSA) - -#endif - -DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP) -DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY) -DECLARE_PEM_rw(EC_PUBKEY, EC_KEY) - - -DECLARE_PEM_rw_const(DHparams, DH) -DECLARE_PEM_write_const(DHxparams, DH) - - -DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY) - -DECLARE_PEM_rw(PUBKEY, EVP_PKEY) - -OPENSSL_EXPORT int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid, char *kstr, int klen, pem_password_cb *cb, void *u); -OPENSSL_EXPORT int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *, char *, int, pem_password_cb *, void *); -OPENSSL_EXPORT int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u); -OPENSSL_EXPORT int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid, char *kstr, int klen, pem_password_cb *cb, void *u); -OPENSSL_EXPORT EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u); - -OPENSSL_EXPORT int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u); -OPENSSL_EXPORT int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid, char *kstr, int klen, pem_password_cb *cb, void *u); -OPENSSL_EXPORT int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid, char *kstr, int klen, pem_password_cb *cb, void *u); - -OPENSSL_EXPORT EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u); - -OPENSSL_EXPORT int PEM_write_PKCS8PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc, char *kstr,int klen, pem_password_cb *cd, void *u); - -OPENSSL_EXPORT EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x); -OPENSSL_EXPORT int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x); - - -OPENSSL_EXPORT EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length); -OPENSSL_EXPORT EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length); -OPENSSL_EXPORT EVP_PKEY *b2i_PrivateKey_bio(BIO *in); -OPENSSL_EXPORT EVP_PKEY *b2i_PublicKey_bio(BIO *in); -OPENSSL_EXPORT int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk); -OPENSSL_EXPORT int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk); -OPENSSL_EXPORT EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u); -OPENSSL_EXPORT int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel, pem_password_cb *cb, void *u); - - -void ERR_load_PEM_strings(void); - - -#ifdef __cplusplus -} -#endif - -#define PEM_F_PEM_ASN1_read 100 -#define PEM_F_PEM_ASN1_read_bio 101 -#define PEM_F_PEM_ASN1_write 102 -#define PEM_F_PEM_ASN1_write_bio 103 -#define PEM_F_PEM_X509_INFO_read 104 -#define PEM_F_PEM_X509_INFO_read_bio 105 -#define PEM_F_PEM_X509_INFO_write_bio 106 -#define PEM_F_PEM_do_header 107 -#define PEM_F_PEM_get_EVP_CIPHER_INFO 108 -#define PEM_F_PEM_read 109 -#define PEM_F_PEM_read_DHparams 110 -#define PEM_F_PEM_read_PrivateKey 111 -#define PEM_F_PEM_read_bio 112 -#define PEM_F_PEM_read_bio_DHparams 113 -#define PEM_F_PEM_read_bio_Parameters 114 -#define PEM_F_PEM_read_bio_PrivateKey 115 -#define PEM_F_PEM_write 116 -#define PEM_F_PEM_write_PrivateKey 117 -#define PEM_F_PEM_write_bio 118 -#define PEM_F_d2i_PKCS8PrivateKey_bio 119 -#define PEM_F_d2i_PKCS8PrivateKey_fp 120 -#define PEM_F_do_pk8pkey 121 -#define PEM_F_do_pk8pkey_fp 122 -#define PEM_F_load_iv 123 -#define PEM_R_BAD_BASE64_DECODE 100 -#define PEM_R_BAD_DECRYPT 101 -#define PEM_R_BAD_END_LINE 102 -#define PEM_R_BAD_IV_CHARS 103 -#define PEM_R_BAD_PASSWORD_READ 104 -#define PEM_R_CIPHER_IS_NULL 105 -#define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 106 -#define PEM_R_NOT_DEK_INFO 107 -#define PEM_R_NOT_ENCRYPTED 108 -#define PEM_R_NOT_PROC_TYPE 109 -#define PEM_R_NO_START_LINE 110 -#define PEM_R_READ_KEY 111 -#define PEM_R_SHORT_HEADER 112 -#define PEM_R_UNSUPPORTED_CIPHER 113 -#define PEM_R_UNSUPPORTED_ENCRYPTION 114 - -#endif /* OPENSSL_HEADER_PEM_H */ diff --git a/third_party/boringssl/include/openssl/pkcs12.h b/third_party/boringssl/include/openssl/pkcs12.h deleted file mode 100644 index b5e951638275f8..00000000000000 --- a/third_party/boringssl/include/openssl/pkcs12.h +++ /dev/null @@ -1,18 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -/* This header is provided in order to make compiling against code that expects - OpenSSL easier. */ - -#include "pkcs8.h" diff --git a/third_party/boringssl/include/openssl/pkcs7.h b/third_party/boringssl/include/openssl/pkcs7.h deleted file mode 100644 index 6e5e433074f867..00000000000000 --- a/third_party/boringssl/include/openssl/pkcs7.h +++ /dev/null @@ -1,16 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -/* This header is provided in order to make compiling against code that expects - OpenSSL easier. */ diff --git a/third_party/boringssl/include/openssl/pkcs8.h b/third_party/boringssl/include/openssl/pkcs8.h deleted file mode 100644 index 8dc7731bf5f349..00000000000000 --- a/third_party/boringssl/include/openssl/pkcs8.h +++ /dev/null @@ -1,217 +0,0 @@ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - - -#ifndef OPENSSL_HEADER_PKCS8_H -#define OPENSSL_HEADER_PKCS8_H - -#include -#include - - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* PKCS8_encrypt_pbe serializes and encrypts a PKCS8_PRIV_KEY_INFO with PBES1 as - * defined in PKCS #5. Only pbeWithSHAAnd128BitRC4, - * pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHA1And40BitRC2, defined in PKCS - * #12, are supported. The |pass_raw_len| bytes pointed to by |pass_raw| are - * used as the password. Note that any conversions from the password as - * supplied in a text string (such as those specified in B.1 of PKCS #12) must - * be performed by the caller. - * - * If |salt| is NULL, a random salt of |salt_len| bytes is generated. If - * |salt_len| is zero, a default salt length is used instead. - * - * The resulting structure is stored in an X509_SIG which must be freed by the - * caller. - * - * TODO(davidben): Really? An X509_SIG? OpenSSL probably did that because it has - * the same structure as EncryptedPrivateKeyInfo. */ -OPENSSL_EXPORT X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, - const uint8_t *pass_raw, - size_t pass_raw_len, - uint8_t *salt, size_t salt_len, - int iterations, - PKCS8_PRIV_KEY_INFO *p8inf); - -/* PKCS8_decrypt_pbe decrypts and decodes a PKCS8_PRIV_KEY_INFO with PBES1 as - * defined in PKCS #5. Only pbeWithSHAAnd128BitRC4, - * pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHA1And40BitRC2, defined in PKCS - * #12, are supported. The |pass_raw_len| bytes pointed to by |pass_raw| are - * used as the password. Note that any conversions from the password as - * supplied in a text string (such as those specified in B.1 of PKCS #12) must - * be performed by the caller. - * - * The resulting structure must be freed by the caller. */ -OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *PKCS8_decrypt_pbe(X509_SIG *pkcs8, - const uint8_t *pass_raw, - size_t pass_raw_len); - - -/* Deprecated functions. */ - -/* PKCS8_encrypt calls PKCS8_encrypt_pbe after treating |pass| as an ASCII - * string, appending U+0000, and converting to UCS-2. (So the empty password - * encodes as two NUL bytes.) The |cipher| argument is ignored. */ -OPENSSL_EXPORT X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, - const char *pass, int pass_len, - uint8_t *salt, size_t salt_len, - int iterations, - PKCS8_PRIV_KEY_INFO *p8inf); - -/* PKCS8_decrypt calls PKCS8_decrypt_pbe after treating |pass| as an ASCII - * string, appending U+0000, and converting to UCS-2. (So the empty password - * encodes as two NUL bytes.) */ -OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *pkcs8, - const char *pass, - int pass_len); - -/* PKCS12_get_key_and_certs parses a PKCS#12 structure from |in|, authenticates - * and decrypts it using |password|, sets |*out_key| to the included private - * key and appends the included certificates to |out_certs|. It returns one on - * success and zero on error. The caller takes ownership of the outputs. */ -OPENSSL_EXPORT int PKCS12_get_key_and_certs(EVP_PKEY **out_key, - STACK_OF(X509) *out_certs, - CBS *in, const char *password); - - -/* Deprecated functions. */ - -/* PKCS12_PBE_add does nothing. It exists for compatibility with OpenSSL. */ -OPENSSL_EXPORT void PKCS12_PBE_add(void); - -/* d2i_PKCS12 is a dummy function that copies |*ber_bytes| into a - * |PKCS12| structure. The |out_p12| argument must be NULL. On exit, - * |*ber_bytes| will be advanced by |ber_len|. It returns a fresh |PKCS12| - * structure or NULL on error. - * - * Note: unlike other d2i functions, |d2i_PKCS12| will always consume |ber_len| - * bytes.*/ -OPENSSL_EXPORT PKCS12 *d2i_PKCS12(PKCS12 **out_p12, const uint8_t **ber_bytes, - size_t ber_len); - -/* d2i_PKCS12_bio acts like |d2i_PKCS12| but reads from a |BIO|. */ -OPENSSL_EXPORT PKCS12* d2i_PKCS12_bio(BIO *bio, PKCS12 **out_p12); - -/* d2i_PKCS12_fp acts like |d2i_PKCS12| but reads from a |FILE|. */ -OPENSSL_EXPORT PKCS12* d2i_PKCS12_fp(FILE *fp, PKCS12 **out_p12); - -/* PKCS12_parse calls |PKCS12_get_key_and_certs| on the ASN.1 data stored in - * |p12|. The |out_pkey| and |out_cert| arguments must not be NULL and, on - * successful exit, the private key and first certificate will be stored in - * them. The |out_ca_certs| argument may be NULL but, if not, then any extra - * certificates will be appended to |*out_ca_certs|. If |*out_ca_certs| is NULL - * then it will be set to a freshly allocated stack containing the extra certs. - * - * It returns one on success and zero on error. */ -OPENSSL_EXPORT int PKCS12_parse(const PKCS12 *p12, const char *password, - EVP_PKEY **out_pkey, X509 **out_cert, - STACK_OF(X509) **out_ca_certs); - -/* PKCS12_free frees |p12| and its contents. */ -OPENSSL_EXPORT void PKCS12_free(PKCS12 *p12); - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define PKCS8_F_EVP_PKCS82PKEY 100 -#define PKCS8_F_EVP_PKEY2PKCS8 101 -#define PKCS8_F_PKCS12_get_key_and_certs 102 -#define PKCS8_F_PKCS12_handle_content_info 103 -#define PKCS8_F_PKCS12_handle_content_infos 104 -#define PKCS8_F_PKCS5_pbe2_set_iv 105 -#define PKCS8_F_PKCS5_pbe_set 106 -#define PKCS8_F_PKCS5_pbe_set0_algor 107 -#define PKCS8_F_PKCS5_pbkdf2_set 108 -#define PKCS8_F_PKCS8_decrypt 109 -#define PKCS8_F_PKCS8_encrypt 110 -#define PKCS8_F_PKCS8_encrypt_pbe 111 -#define PKCS8_F_pbe_cipher_init 112 -#define PKCS8_F_pbe_crypt 113 -#define PKCS8_F_pkcs12_item_decrypt_d2i 114 -#define PKCS8_F_pkcs12_item_i2d_encrypt 115 -#define PKCS8_F_pkcs12_key_gen_raw 116 -#define PKCS8_F_pkcs12_pbe_keyivgen 117 -#define PKCS8_R_BAD_PKCS12_DATA 100 -#define PKCS8_R_BAD_PKCS12_VERSION 101 -#define PKCS8_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 102 -#define PKCS8_R_CRYPT_ERROR 103 -#define PKCS8_R_DECODE_ERROR 104 -#define PKCS8_R_ENCODE_ERROR 105 -#define PKCS8_R_ENCRYPT_ERROR 106 -#define PKCS8_R_ERROR_SETTING_CIPHER_PARAMS 107 -#define PKCS8_R_INCORRECT_PASSWORD 108 -#define PKCS8_R_KEYGEN_FAILURE 109 -#define PKCS8_R_KEY_GEN_ERROR 110 -#define PKCS8_R_METHOD_NOT_SUPPORTED 111 -#define PKCS8_R_MISSING_MAC 112 -#define PKCS8_R_MULTIPLE_PRIVATE_KEYS_IN_PKCS12 113 -#define PKCS8_R_PKCS12_PUBLIC_KEY_INTEGRITY_NOT_SUPPORTED 114 -#define PKCS8_R_PKCS12_TOO_DEEPLY_NESTED 115 -#define PKCS8_R_PRIVATE_KEY_DECODE_ERROR 116 -#define PKCS8_R_PRIVATE_KEY_ENCODE_ERROR 117 -#define PKCS8_R_TOO_LONG 118 -#define PKCS8_R_UNKNOWN_ALGORITHM 119 -#define PKCS8_R_UNKNOWN_CIPHER 120 -#define PKCS8_R_UNKNOWN_CIPHER_ALGORITHM 121 -#define PKCS8_R_UNKNOWN_DIGEST 122 -#define PKCS8_R_UNKNOWN_HASH 123 -#define PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 124 - -#endif /* OPENSSL_HEADER_PKCS8_H */ diff --git a/third_party/boringssl/include/openssl/poly1305.h b/third_party/boringssl/include/openssl/poly1305.h deleted file mode 100644 index aa904869ce5f17..00000000000000 --- a/third_party/boringssl/include/openssl/poly1305.h +++ /dev/null @@ -1,47 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#ifndef OPENSSL_HEADER_POLY1305_H -#define OPENSSL_HEADER_POLY1305_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -typedef unsigned char poly1305_state[512]; - -/* poly1305_init sets up |state| so that it can be used to calculate an - * authentication tag with the one-time key |key|. Note that |key| is a - * one-time key and therefore there is no `reset' method because that would - * enable several messages to be authenticated with the same key. */ -extern void CRYPTO_poly1305_init(poly1305_state* state, const uint8_t key[32]); - -/* poly1305_update processes |in_len| bytes from |in|. It can be called zero or - * more times after poly1305_init. */ -extern void CRYPTO_poly1305_update(poly1305_state* state, const uint8_t* in, - size_t in_len); - -/* poly1305_finish completes the poly1305 calculation and writes a 16 byte - * authentication tag to |mac|. The |mac| address must be 16-byte aligned. */ -extern void CRYPTO_poly1305_finish(poly1305_state* state, uint8_t mac[16]); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_POLY1305_H */ diff --git a/third_party/boringssl/include/openssl/pqueue.h b/third_party/boringssl/include/openssl/pqueue.h deleted file mode 100644 index ceb1fa2a749757..00000000000000 --- a/third_party/boringssl/include/openssl/pqueue.h +++ /dev/null @@ -1,146 +0,0 @@ -/* - * DTLS implementation written by Nagendra Modadugu - * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. - */ -/* ==================================================================== - * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#ifndef OPENSSL_HEADER_PQUEUE_H -#define OPENSSL_HEADER_PQUEUE_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* Priority queue. - * - * The priority queue maintains a linked-list of nodes, each with a unique, - * 64-bit priority, in ascending priority order. */ - -typedef struct _pqueue *pqueue; - -typedef struct _pitem { - uint8_t priority[8]; /* 64-bit value in big-endian encoding */ - void *data; - struct _pitem *next; -} pitem; - -typedef struct _pitem *piterator; - - -/* Creating and freeing queues. */ - -/* pqueue_new allocates a fresh, empty priority queue object and returns it, or - * NULL on error. */ -OPENSSL_EXPORT pqueue pqueue_new(void); - -/* pqueue_free frees |pq| but not any of the items it points to. Thus |pq| must - * be empty or a memory leak will occur. */ -OPENSSL_EXPORT void pqueue_free(pqueue pq); - - -/* Creating and freeing items. */ - -/* pitem_new allocates a fresh priority queue item that points at |data| and - * has a priority given by |prio64be|, which is a 64-bit, unsigned number - * expressed in big-endian form. It returns the fresh item, or NULL on - * error. */ -OPENSSL_EXPORT pitem *pitem_new(uint8_t prio64be[8], void *data); - -/* pitem_free frees |item|, but not any data that it points to. */ -OPENSSL_EXPORT void pitem_free(pitem *item); - - -/* Queue accessor functions */ - -/* pqueue_peek returns the item with the smallest priority from |pq|, or NULL - * if empty. */ -OPENSSL_EXPORT pitem *pqueue_peek(pqueue pq); - -/* pqueue_find returns the item whose priority matches |prio64be| or NULL if no - * such item exists. */ -OPENSSL_EXPORT pitem *pqueue_find(pqueue pq, uint8_t *prio64be); - - -/* Queue mutation functions */ - -/* pqueue_insert inserts |item| into |pq| and returns item. */ -OPENSSL_EXPORT pitem *pqueue_insert(pqueue pq, pitem *item); - -/* pqueue_pop takes the item with the least priority from |pq| and returns it, - * or NULL if |pq| is empty. */ -OPENSSL_EXPORT pitem *pqueue_pop(pqueue pq); - -/* pqueue_size returns the number of items in |pq|. */ -OPENSSL_EXPORT size_t pqueue_size(pqueue pq); - - -/* Iterating */ - -/* pqueue_iterator returns an iterator that can be used to iterate over the - * contents of the queue. */ -OPENSSL_EXPORT piterator pqueue_iterator(pqueue pq); - -/* pqueue_next returns the current value of |iter| and advances it to the next - * position. If the iterator has advanced over all the elements, it returns - * NULL. */ -OPENSSL_EXPORT pitem *pqueue_next(piterator *iter); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_PQUEUE_H */ diff --git a/third_party/boringssl/include/openssl/rand.h b/third_party/boringssl/include/openssl/rand.h deleted file mode 100644 index 300bf422877c6a..00000000000000 --- a/third_party/boringssl/include/openssl/rand.h +++ /dev/null @@ -1,61 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#ifndef OPENSSL_HEADER_RAND_H -#define OPENSSL_HEADER_RAND_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* Random number generation. */ - - -/* RAND_bytes writes |len| bytes of random data to |buf| and returns one. */ -OPENSSL_EXPORT int RAND_bytes(uint8_t *buf, size_t len); - -/* RAND_cleanup frees any resources used by the RNG. This is not safe if other - * threads might still be calling |RAND_bytes|. */ -OPENSSL_EXPORT void RAND_cleanup(void); - - -/* Deprecated functions */ - -/* RAND_pseudo_bytes is a wrapper around |RAND_bytes|. */ -OPENSSL_EXPORT int RAND_pseudo_bytes(uint8_t *buf, size_t len); - -/* RAND_seed does nothing. */ -OPENSSL_EXPORT void RAND_seed(const void *buf, int num); - -/* RAND_load_file returns a nonnegative number. */ -OPENSSL_EXPORT int RAND_load_file(const char *path, long num); - -/* RAND_add does nothing. */ -OPENSSL_EXPORT void RAND_add(const void *buf, int num, double entropy); - -/* RAND_poll returns one. */ -OPENSSL_EXPORT int RAND_poll(void); - -/* RAND_status returns one. */ -OPENSSL_EXPORT int RAND_status(void); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_RAND_H */ diff --git a/third_party/boringssl/include/openssl/rc4.h b/third_party/boringssl/include/openssl/rc4.h deleted file mode 100644 index 0619cac35507fc..00000000000000 --- a/third_party/boringssl/include/openssl/rc4.h +++ /dev/null @@ -1,90 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_RC4_H -#define OPENSSL_HEADER_RC4_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* RC4. */ - - -struct rc4_key_st { - uint32_t x, y; - uint32_t data[256]; -} /* RC4_KEY */; - -/* RC4_set_key performs an RC4 key schedule and initialises |rc4key| with |len| - * bytes of key material from |key|. */ -OPENSSL_EXPORT void RC4_set_key(RC4_KEY *rc4key, unsigned len, - const uint8_t *key); - -/* RC4 encrypts (or decrypts, it's the same with RC4) |len| bytes from |in| to - * |out|. */ -OPENSSL_EXPORT void RC4(RC4_KEY *key, size_t len, const uint8_t *in, - uint8_t *out); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_RC4_H */ diff --git a/third_party/boringssl/include/openssl/rsa.h b/third_party/boringssl/include/openssl/rsa.h deleted file mode 100644 index 9b415d75e1b141..00000000000000 --- a/third_party/boringssl/include/openssl/rsa.h +++ /dev/null @@ -1,575 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_RSA_H -#define OPENSSL_HEADER_RSA_H - -#include - -#include -#include -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* rsa.h contains functions for handling encryption and signature using RSA. */ - - -/* Allocation and destruction. */ - -/* RSA_new returns a new, empty RSA object or NULL on error. */ -OPENSSL_EXPORT RSA *RSA_new(void); - -/* RSA_new_method acts the same as |RSA_new| but takes an explicit |ENGINE|. */ -OPENSSL_EXPORT RSA *RSA_new_method(const ENGINE *engine); - -/* RSA_free decrements the reference count of |rsa| and frees it if the - * reference count drops to zero. */ -OPENSSL_EXPORT void RSA_free(RSA *rsa); - -/* RSA_up_ref increments the reference count of |rsa|. */ -OPENSSL_EXPORT int RSA_up_ref(RSA *rsa); - - -/* Key generation. */ - -/* RSA_generate_key_ex generates a new RSA key where the modulus has size - * |bits| and the public exponent is |e|. If unsure, |RSA_F4| is a good value - * for |e|. If |cb| is not NULL then it is called during the key generation - * process. In addition to the calls documented for |BN_generate_prime_ex|, it - * is called with event=2 when the n'th prime is rejected as unsuitable and - * with event=3 when a suitable value for |p| is found. - * - * It returns one on success or zero on error. */ -OPENSSL_EXPORT int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, - BN_GENCB *cb); - - -/* Encryption / Decryption */ - -/* Padding types for encryption. */ -#define RSA_PKCS1_PADDING 1 -#define RSA_NO_PADDING 3 -#define RSA_PKCS1_OAEP_PADDING 4 -/* RSA_PKCS1_PSS_PADDING can only be used via the EVP interface. */ -#define RSA_PKCS1_PSS_PADDING 6 - -/* RSA_encrypt encrypts |in_len| bytes from |in| to the public key from |rsa| - * and writes, at most, |max_out| bytes of encrypted data to |out|. The - * |max_out| argument must be, at least, |RSA_size| in order to ensure success. - * - * It returns 1 on success or zero on error. - * - * The |padding| argument must be one of the |RSA_*_PADDING| values. If in - * doubt, |RSA_PKCS1_PADDING| is the most common but |RSA_PKCS1_OAEP_PADDING| - * is the most secure. */ -OPENSSL_EXPORT int RSA_encrypt(RSA *rsa, size_t *out_len, uint8_t *out, - size_t max_out, const uint8_t *in, size_t in_len, - int padding); - -/* RSA_decrypt decrypts |in_len| bytes from |in| with the private key from - * |rsa| and writes, at most, |max_out| bytes of plaintext to |out|. The - * |max_out| argument must be, at least, |RSA_size| in order to ensure success. - * - * It returns 1 on success or zero on error. - * - * The |padding| argument must be one of the |RSA_*_PADDING| values. If in - * doubt, |RSA_PKCS1_PADDING| is the most common but |RSA_PKCS1_OAEP_PADDING| - * is the most secure. */ -OPENSSL_EXPORT int RSA_decrypt(RSA *rsa, size_t *out_len, uint8_t *out, - size_t max_out, const uint8_t *in, size_t in_len, - int padding); - -/* RSA_public_encrypt encrypts |flen| bytes from |from| to the public key in - * |rsa| and writes the encrypted data to |to|. The |to| buffer must have at - * least |RSA_size| bytes of space. It returns the number of bytes written, or - * -1 on error. The |padding| argument must be one of the |RSA_*_PADDING| - * values. If in doubt, |RSA_PKCS1_PADDING| is the most common but - * |RSA_PKCS1_OAEP_PADDING| is the most secure. - * - * WARNING: this function is dangerous because it breaks the usual return value - * convention. Use |RSA_encrypt| instead. */ -OPENSSL_EXPORT int RSA_public_encrypt(int flen, const uint8_t *from, - uint8_t *to, RSA *rsa, int padding); - -/* RSA_private_decrypt decrypts |flen| bytes from |from| with the public key in - * |rsa| and writes the plaintext to |to|. The |to| buffer must have at - * least |RSA_size| bytes of space. It returns the number of bytes written, or - * -1 on error. The |padding| argument must be one of the |RSA_*_PADDING| - * values. If in doubt, |RSA_PKCS1_PADDING| is the most common but - * |RSA_PKCS1_OAEP_PADDING| is the most secure. - * - * WARNING: this function is dangerous because it breaks the usual return value - * convention. Use |RSA_decrypt| instead. */ -OPENSSL_EXPORT int RSA_private_decrypt(int flen, const uint8_t *from, - uint8_t *to, RSA *rsa, int padding); - -/* RSA_message_index_PKCS1_type_2 performs the first step of a PKCS #1 padding - * check for decryption. If the |from_len| bytes pointed to at |from| are a - * valid PKCS #1 message, it returns one and sets |*out_index| to the start of - * the unpadded message. The unpadded message is a suffix of the input and has - * length |from_len - *out_index|. Otherwise, it returns zero and sets - * |*out_index| to zero. This function runs in time independent of the input - * data and is intended to be used directly to avoid Bleichenbacher's attack. - * - * WARNING: This function behaves differently from the usual OpenSSL convention - * in that it does NOT put an error on the queue in the error case. */ -OPENSSL_EXPORT int RSA_message_index_PKCS1_type_2(const uint8_t *from, - size_t from_len, - size_t *out_index); - - -/* Signing / Verification */ - -/* RSA_sign signs |in_len| bytes of digest from |in| with |rsa| and writes, at - * most, |RSA_size(rsa)| bytes to |out|. On successful return, the actual - * number of bytes written is written to |*out_len|. - * - * The |hash_nid| argument identifies the hash function used to calculate |in| - * and is embedded in the resulting signature. For example, it might be - * |NID_sha256|. - * - * It returns 1 on success and zero on error. */ -OPENSSL_EXPORT int RSA_sign(int hash_nid, const uint8_t *in, - unsigned int in_len, uint8_t *out, - unsigned int *out_len, RSA *rsa); - -/* RSA_sign_raw signs |in_len| bytes from |in| with the public key from |rsa| - * and writes, at most, |max_out| bytes of signature data to |out|. The - * |max_out| argument must be, at least, |RSA_size| in order to ensure success. - * - * It returns 1 on success or zero on error. - * - * The |padding| argument must be one of the |RSA_*_PADDING| values. If in - * doubt, |RSA_PKCS1_PADDING| is the most common. */ -OPENSSL_EXPORT int RSA_sign_raw(RSA *rsa, size_t *out_len, uint8_t *out, - size_t max_out, const uint8_t *in, - size_t in_len, int padding); - -/* RSA_verify verifies that |sig_len| bytes from |sig| are a valid, PKCS#1 - * signature of |msg_len| bytes at |msg| by |rsa|. - * - * The |hash_nid| argument identifies the hash function used to calculate |in| - * and is embedded in the resulting signature in order to prevent hash - * confusion attacks. For example, it might be |NID_sha256|. - * - * It returns one if the signature is valid and zero otherwise. - * - * WARNING: this differs from the original, OpenSSL function which additionally - * returned -1 on error. */ -OPENSSL_EXPORT int RSA_verify(int hash_nid, const uint8_t *msg, size_t msg_len, - const uint8_t *sig, size_t sig_len, RSA *rsa); - -/* RSA_verify_raw verifies |in_len| bytes of signature from |in| using the - * public key from |rsa| and writes, at most, |max_out| bytes of plaintext to - * |out|. The |max_out| argument must be, at least, |RSA_size| in order to - * ensure success. - * - * It returns 1 on success or zero on error. - * - * The |padding| argument must be one of the |RSA_*_PADDING| values. If in - * doubt, |RSA_PKCS1_PADDING| is the most common. */ -OPENSSL_EXPORT int RSA_verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, - size_t max_out, const uint8_t *in, - size_t in_len, int padding); - -/* RSA_private_encrypt encrypts |flen| bytes from |from| with the private key in - * |rsa| and writes the encrypted data to |to|. The |to| buffer must have at - * least |RSA_size| bytes of space. It returns the number of bytes written, or - * -1 on error. The |padding| argument must be one of the |RSA_*_PADDING| - * values. If in doubt, |RSA_PKCS1_PADDING| is the most common. - * - * WARNING: this function is dangerous because it breaks the usual return value - * convention. Use |RSA_sign_raw| instead. */ -OPENSSL_EXPORT int RSA_private_encrypt(int flen, const uint8_t *from, - uint8_t *to, RSA *rsa, int padding); - -/* RSA_private_encrypt verifies |flen| bytes of signature from |from| using the - * public key in |rsa| and writes the plaintext to |to|. The |to| buffer must - * have at least |RSA_size| bytes of space. It returns the number of bytes - * written, or -1 on error. The |padding| argument must be one of the - * |RSA_*_PADDING| values. If in doubt, |RSA_PKCS1_PADDING| is the most common. - * - * WARNING: this function is dangerous because it breaks the usual return value - * convention. Use |RSA_verify_raw| instead. */ -OPENSSL_EXPORT int RSA_public_decrypt(int flen, const uint8_t *from, - uint8_t *to, RSA *rsa, int padding); - - -/* Utility functions. */ - -/* RSA_size returns the number of bytes in the modulus, which is also the size - * of a signature or encrypted value using |rsa|. */ -OPENSSL_EXPORT unsigned RSA_size(const RSA *rsa); - -/* RSA_is_opaque returns one if |rsa| is opaque and doesn't expose its key - * material. Otherwise it returns zero. */ -OPENSSL_EXPORT int RSA_is_opaque(const RSA *rsa); - -/* RSA_supports_digest returns one if |rsa| supports signing digests - * of type |md|. Otherwise it returns zero. */ -OPENSSL_EXPORT int RSA_supports_digest(const RSA *rsa, const EVP_MD *md); - -/* RSAPublicKey_dup allocates a fresh |RSA| and copies the private key from - * |rsa| into it. It returns the fresh |RSA| object, or NULL on error. */ -OPENSSL_EXPORT RSA *RSAPublicKey_dup(const RSA *rsa); - -/* RSAPrivateKey_dup allocates a fresh |RSA| and copies the private key from - * |rsa| into it. It returns the fresh |RSA| object, or NULL on error. */ -OPENSSL_EXPORT RSA *RSAPrivateKey_dup(const RSA *rsa); - -/* RSA_check_key performs basic validatity tests on |rsa|. It returns one if - * they pass and zero otherwise. Opaque keys and public keys always pass. If it - * returns zero then a more detailed error is available on the error queue. */ -OPENSSL_EXPORT int RSA_check_key(const RSA *rsa); - -/* RSA_recover_crt_params uses |rsa->n|, |rsa->d| and |rsa->e| in order to - * calculate the two primes used and thus the precomputed, CRT values. These - * values are set in the |p|, |q|, |dmp1|, |dmq1| and |iqmp| members of |rsa|, - * which must be |NULL| on entry. It returns one on success and zero - * otherwise. */ -OPENSSL_EXPORT int RSA_recover_crt_params(RSA *rsa); - -/* RSA_verify_PKCS1_PSS_mgf1 verifies that |EM| is a correct PSS padding of - * |mHash|, where |mHash| is a digest produced by |Hash|. |EM| must point to - * exactly |RSA_size(rsa)| bytes of data. The |mgf1Hash| argument specifies the - * hash function for generating the mask. If NULL, |Hash| is used. The |sLen| - * argument specifies the expected salt length in bytes. If |sLen| is -1 then - * the salt length is the same as the hash length. If -2, then the salt length - * is maximal and is taken from the size of |EM|. - * - * It returns one on success or zero on error. */ -OPENSSL_EXPORT int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const uint8_t *mHash, - const EVP_MD *Hash, - const EVP_MD *mgf1Hash, - const uint8_t *EM, int sLen); - -/* RSA_padding_add_PKCS1_PSS_mgf1 writes a PSS padding of |mHash| to |EM|, - * where |mHash| is a digest produced by |Hash|. |RSA_size(rsa)| bytes of - * output will be written to |EM|. The |mgf1Hash| argument specifies the hash - * function for generating the mask. If NULL, |Hash| is used. The |sLen| - * argument specifies the expected salt length in bytes. If |sLen| is -1 then - * the salt length is the same as the hash length. If -2, then the salt length - * is maximal given the space in |EM|. - * - * It returns one on success or zero on error. */ -OPENSSL_EXPORT int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, uint8_t *EM, - const uint8_t *mHash, - const EVP_MD *Hash, - const EVP_MD *mgf1Hash, - int sLen); - - -/* ASN.1 functions. */ - -/* d2i_RSAPublicKey parses an ASN.1, DER-encoded, RSA public key from |len| - * bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result - * is in |*out|. If |*out| is already non-NULL on entry then the result is - * written directly into |*out|, otherwise a fresh |RSA| is allocated. On - * successful exit, |*inp| is advanced past the DER structure. It returns the - * result or NULL on error. */ -OPENSSL_EXPORT RSA *d2i_RSAPublicKey(RSA **out, const uint8_t **inp, long len); - -/* i2d_RSAPublicKey marshals |in| to an ASN.1, DER structure. If |outp| is not - * NULL then the result is written to |*outp| and |*outp| is advanced just past - * the output. It returns the number of bytes in the result, whether written or - * not, or a negative value on error. */ -OPENSSL_EXPORT int i2d_RSAPublicKey(const RSA *in, uint8_t **outp); - -/* d2i_RSAPrivateKey parses an ASN.1, DER-encoded, RSA private key from |len| - * bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result - * is in |*out|. If |*out| is already non-NULL on entry then the result is - * written directly into |*out|, otherwise a fresh |RSA| is allocated. On - * successful exit, |*inp| is advanced past the DER structure. It returns the - * result or NULL on error. */ -OPENSSL_EXPORT RSA *d2i_RSAPrivateKey(RSA **out, const uint8_t **inp, long len); - -/* i2d_RSAPrivateKey marshals |in| to an ASN.1, DER structure. If |outp| is not - * NULL then the result is written to |*outp| and |*outp| is advanced just past - * the output. It returns the number of bytes in the result, whether written or - * not, or a negative value on error. */ -OPENSSL_EXPORT int i2d_RSAPrivateKey(const RSA *in, uint8_t **outp); - - -/* ex_data functions. - * - * See |ex_data.h| for details. */ - -OPENSSL_EXPORT int RSA_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); -OPENSSL_EXPORT int RSA_set_ex_data(RSA *r, int idx, void *arg); -OPENSSL_EXPORT void *RSA_get_ex_data(const RSA *r, int idx); - -/* RSA_FLAG_OPAQUE specifies that this RSA_METHOD does not expose its key - * material. This may be set if, for instance, it is wrapping some other crypto - * API, like a platform key store. */ -#define RSA_FLAG_OPAQUE 1 - -/* RSA_FLAG_CACHE_PUBLIC causes a precomputed Montgomery context to be created, - * on demand, for the public key operations. */ -#define RSA_FLAG_CACHE_PUBLIC 2 - -/* RSA_FLAG_CACHE_PRIVATE causes a precomputed Montgomery context to be - * created, on demand, for the private key operations. */ -#define RSA_FLAG_CACHE_PRIVATE 4 - -/* RSA_FLAG_NO_BLINDING disables blinding of private operations. */ -#define RSA_FLAG_NO_BLINDING 8 - -/* RSA_FLAG_EXT_PKEY means that private key operations will be handled by - * |mod_exp| and that they do not depend on the private key components being - * present: for example a key stored in external hardware. */ -#define RSA_FLAG_EXT_PKEY 0x20 - -/* RSA_FLAG_SIGN_VER causes the |sign| and |verify| functions of |rsa_meth_st| - * to be called when set. */ -#define RSA_FLAG_SIGN_VER 0x40 - - -/* RSA public exponent values. */ - -#define RSA_3 0x3 -#define RSA_F4 0x10001 - - -/* Deprecated functions. */ - -/* RSA_blinding_on returns one. */ -OPENSSL_EXPORT int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); - - -struct rsa_meth_st { - struct openssl_method_common_st common; - - void *app_data; - - int (*init)(RSA *rsa); - int (*finish)(RSA *rsa); - - /* size returns the size of the RSA modulus in bytes. */ - size_t (*size)(const RSA *rsa); - - int (*sign)(int type, const uint8_t *m, unsigned int m_length, - uint8_t *sigret, unsigned int *siglen, const RSA *rsa); - - int (*verify)(int dtype, const uint8_t *m, unsigned int m_length, - const uint8_t *sigbuf, unsigned int siglen, const RSA *rsa); - - - /* These functions mirror the |RSA_*| functions of the same name. */ - int (*encrypt)(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, - const uint8_t *in, size_t in_len, int padding); - int (*sign_raw)(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, - const uint8_t *in, size_t in_len, int padding); - - int (*decrypt)(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, - const uint8_t *in, size_t in_len, int padding); - int (*verify_raw)(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, - const uint8_t *in, size_t in_len, int padding); - - /* private_transform takes a big-endian integer from |in|, calculates the - * d'th power of it, modulo the RSA modulus and writes the result as a - * big-endian integer to |out|. Both |in| and |out| are |len| bytes long and - * |len| is always equal to |RSA_size(rsa)|. If the result of the transform - * can be represented in fewer than |len| bytes, then |out| must be zero - * padded on the left. - * - * It returns one on success and zero otherwise. - * - * RSA decrypt and sign operations will call this, thus an ENGINE might wish - * to override it in order to avoid having to implement the padding - * functionality demanded by those, higher level, operations. */ - int (*private_transform)(RSA *rsa, uint8_t *out, const uint8_t *in, - size_t len); - - int (*mod_exp)(BIGNUM *r0, const BIGNUM *I, RSA *rsa, - BN_CTX *ctx); /* Can be null */ - int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); - - int flags; - - int (*keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); - - /* supports_digest returns one if |rsa| supports digests of type - * |md|. If null, it is assumed that all digests are supported. */ - int (*supports_digest)(const RSA *rsa, const EVP_MD *md); -}; - - -/* Private functions. */ - -typedef struct bn_blinding_st BN_BLINDING; - -struct rsa_st { - /* version is only used during ASN.1 (de)serialisation. */ - long version; - RSA_METHOD *meth; - - BIGNUM *n; - BIGNUM *e; - BIGNUM *d; - BIGNUM *p; - BIGNUM *q; - BIGNUM *dmp1; - BIGNUM *dmq1; - BIGNUM *iqmp; - /* be careful using this if the RSA structure is shared */ - CRYPTO_EX_DATA ex_data; - CRYPTO_refcount_t references; - int flags; - - CRYPTO_MUTEX lock; - - /* Used to cache montgomery values. The creation of these values is protected - * by |lock|. */ - BN_MONT_CTX *_method_mod_n; - BN_MONT_CTX *_method_mod_p; - BN_MONT_CTX *_method_mod_q; - - /* num_blindings contains the size of the |blindings| and |blindings_inuse| - * arrays. This member and the |blindings_inuse| array are protected by - * |lock|. */ - unsigned num_blindings; - /* blindings is an array of BN_BLINDING structures that can be reserved by a - * thread by locking |lock| and changing the corresponding element in - * |blindings_inuse| from 0 to 1. */ - BN_BLINDING **blindings; - unsigned char *blindings_inuse; -}; - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#define RSA_F_BN_BLINDING_convert_ex 100 -#define RSA_F_BN_BLINDING_create_param 101 -#define RSA_F_BN_BLINDING_invert_ex 102 -#define RSA_F_BN_BLINDING_new 103 -#define RSA_F_BN_BLINDING_update 104 -#define RSA_F_RSA_check_key 105 -#define RSA_F_RSA_new_method 106 -#define RSA_F_RSA_padding_add_PKCS1_OAEP_mgf1 107 -#define RSA_F_RSA_padding_add_PKCS1_PSS_mgf1 108 -#define RSA_F_RSA_padding_add_PKCS1_type_1 109 -#define RSA_F_RSA_padding_add_PKCS1_type_2 110 -#define RSA_F_RSA_padding_add_none 111 -#define RSA_F_RSA_padding_check_PKCS1_OAEP_mgf1 112 -#define RSA_F_RSA_padding_check_PKCS1_type_1 113 -#define RSA_F_RSA_padding_check_PKCS1_type_2 114 -#define RSA_F_RSA_padding_check_none 115 -#define RSA_F_RSA_recover_crt_params 116 -#define RSA_F_RSA_sign 117 -#define RSA_F_RSA_verify 118 -#define RSA_F_RSA_verify_PKCS1_PSS_mgf1 119 -#define RSA_F_decrypt 120 -#define RSA_F_encrypt 121 -#define RSA_F_keygen 122 -#define RSA_F_pkcs1_prefixed_msg 123 -#define RSA_F_private_transform 124 -#define RSA_F_rsa_setup_blinding 125 -#define RSA_F_sign_raw 126 -#define RSA_F_verify_raw 127 -#define RSA_R_BAD_E_VALUE 100 -#define RSA_R_BAD_FIXED_HEADER_DECRYPT 101 -#define RSA_R_BAD_PAD_BYTE_COUNT 102 -#define RSA_R_BAD_RSA_PARAMETERS 103 -#define RSA_R_BAD_SIGNATURE 104 -#define RSA_R_BLOCK_TYPE_IS_NOT_01 105 -#define RSA_R_BN_NOT_INITIALIZED 106 -#define RSA_R_CRT_PARAMS_ALREADY_GIVEN 107 -#define RSA_R_CRT_VALUES_INCORRECT 108 -#define RSA_R_DATA_LEN_NOT_EQUAL_TO_MOD_LEN 109 -#define RSA_R_DATA_TOO_LARGE 110 -#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 111 -#define RSA_R_DATA_TOO_LARGE_FOR_MODULUS 112 -#define RSA_R_DATA_TOO_SMALL 113 -#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 114 -#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 115 -#define RSA_R_D_E_NOT_CONGRUENT_TO_1 116 -#define RSA_R_EMPTY_PUBLIC_KEY 117 -#define RSA_R_FIRST_OCTET_INVALID 118 -#define RSA_R_INCONSISTENT_SET_OF_CRT_VALUES 119 -#define RSA_R_INTERNAL_ERROR 120 -#define RSA_R_INVALID_MESSAGE_LENGTH 121 -#define RSA_R_KEY_SIZE_TOO_SMALL 122 -#define RSA_R_LAST_OCTET_INVALID 123 -#define RSA_R_MODULUS_TOO_LARGE 124 -#define RSA_R_NO_PUBLIC_EXPONENT 125 -#define RSA_R_NULL_BEFORE_BLOCK_MISSING 126 -#define RSA_R_N_NOT_EQUAL_P_Q 127 -#define RSA_R_OAEP_DECODING_ERROR 128 -#define RSA_R_ONLY_ONE_OF_P_Q_GIVEN 129 -#define RSA_R_OUTPUT_BUFFER_TOO_SMALL 130 -#define RSA_R_PADDING_CHECK_FAILED 131 -#define RSA_R_PKCS_DECODING_ERROR 132 -#define RSA_R_SLEN_CHECK_FAILED 133 -#define RSA_R_SLEN_RECOVERY_FAILED 134 -#define RSA_R_TOO_LONG 135 -#define RSA_R_TOO_MANY_ITERATIONS 136 -#define RSA_R_UNKNOWN_ALGORITHM_TYPE 137 -#define RSA_R_UNKNOWN_PADDING_TYPE 138 -#define RSA_R_VALUE_MISSING 139 -#define RSA_R_WRONG_SIGNATURE_LENGTH 140 - -#endif /* OPENSSL_HEADER_RSA_H */ diff --git a/third_party/boringssl/include/openssl/safestack.h b/third_party/boringssl/include/openssl/safestack.h deleted file mode 100644 index 6e5e433074f867..00000000000000 --- a/third_party/boringssl/include/openssl/safestack.h +++ /dev/null @@ -1,16 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -/* This header is provided in order to make compiling against code that expects - OpenSSL easier. */ diff --git a/third_party/boringssl/include/openssl/sha.h b/third_party/boringssl/include/openssl/sha.h deleted file mode 100644 index ac2ab758b41a85..00000000000000 --- a/third_party/boringssl/include/openssl/sha.h +++ /dev/null @@ -1,241 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_SHA_H -#define OPENSSL_HEADER_SHA_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* The SHA family of hash functions (SHA-1 and SHA-2). */ - - -/* SHA_CBLOCK is the block size of SHA-1. */ -#define SHA_CBLOCK 64 - -/* SHA_DIGEST_LENGTH is the length of a SHA-1 digest. */ -#define SHA_DIGEST_LENGTH 20 - -/* TODO(fork): remove */ -#define SHA_LBLOCK 16 -#define SHA_LONG uint32_t - -/* SHA1_Init initialises |sha| and returns one. */ -OPENSSL_EXPORT int SHA1_Init(SHA_CTX *sha); - -/* SHA1_Update adds |len| bytes from |data| to |sha| and returns one. */ -OPENSSL_EXPORT int SHA1_Update(SHA_CTX *sha, const void *data, size_t len); - -/* SHA1_Final adds the final padding to |sha| and writes the resulting digest - * to |md|, which must have at least |SHA_DIGEST_LENGTH| bytes of space. It - * returns one. */ -OPENSSL_EXPORT int SHA1_Final(uint8_t *md, SHA_CTX *sha); - -/* SHA1 writes the digest of |len| bytes from |data| to |out| and returns - * |out|. There must be at least |SHA_DIGEST_LENGTH| bytes of space in - * |out|. */ -OPENSSL_EXPORT uint8_t *SHA1(const uint8_t *data, size_t len, uint8_t *out); - -/* SHA1_Transform is a low-level function that performs a single, SHA-1 block - * transformation using the state from |sha| and 64 bytes from |block|. */ -OPENSSL_EXPORT void SHA1_Transform(SHA_CTX *sha, const uint8_t *block); - -struct sha_state_st { - uint32_t h0, h1, h2, h3, h4; - uint32_t Nl, Nh; - uint32_t data[16]; - unsigned int num; -}; - - -/* SHA-224. */ - -/* SHA224_CBLOCK is the block size of SHA-224. */ -#define SHA224_CBLOCK 64 - -/* SHA224_DIGEST_LENGTH is the length of a SHA-224 digest. */ -#define SHA224_DIGEST_LENGTH 28 - -/* SHA224_Init initialises |sha| and returns 1. */ -OPENSSL_EXPORT int SHA224_Init(SHA256_CTX *sha); - -/* SHA224_Update adds |len| bytes from |data| to |sha| and returns 1. */ -OPENSSL_EXPORT int SHA224_Update(SHA256_CTX *sha, const void *data, size_t len); - -/* SHA224_Final adds the final padding to |sha| and writes the resulting digest - * to |md|, which must have at least |SHA224_DIGEST_LENGTH| bytes of space. It - * returns one on success and zero on programmer error. */ -OPENSSL_EXPORT int SHA224_Final(uint8_t *md, SHA256_CTX *sha); - -/* SHA224 writes the digest of |len| bytes from |data| to |out| and returns - * |out|. There must be at least |SHA224_DIGEST_LENGTH| bytes of space in - * |out|. */ -OPENSSL_EXPORT uint8_t *SHA224(const uint8_t *data, size_t len, uint8_t *out); - - -/* SHA-256. */ - -/* SHA256_CBLOCK is the block size of SHA-256. */ -#define SHA256_CBLOCK 64 - -/* SHA256_DIGEST_LENGTH is the length of a SHA-256 digest. */ -#define SHA256_DIGEST_LENGTH 32 - -/* SHA256_Init initialises |sha| and returns 1. */ -OPENSSL_EXPORT int SHA256_Init(SHA256_CTX *sha); - -/* SHA256_Update adds |len| bytes from |data| to |sha| and returns 1. */ -OPENSSL_EXPORT int SHA256_Update(SHA256_CTX *sha, const void *data, size_t len); - -/* SHA256_Final adds the final padding to |sha| and writes the resulting digest - * to |md|, which must have at least |SHA256_DIGEST_LENGTH| bytes of space. It - * returns one on success and zero on programmer error. */ -OPENSSL_EXPORT int SHA256_Final(uint8_t *md, SHA256_CTX *sha); - -/* SHA256 writes the digest of |len| bytes from |data| to |out| and returns - * |out|. There must be at least |SHA256_DIGEST_LENGTH| bytes of space in - * |out|. */ -OPENSSL_EXPORT uint8_t *SHA256(const uint8_t *data, size_t len, uint8_t *out); - -/* SHA256_Transform is a low-level function that performs a single, SHA-1 block - * transformation using the state from |sha| and 64 bytes from |block|. */ -OPENSSL_EXPORT void SHA256_Transform(SHA256_CTX *sha, const uint8_t *data); - -struct sha256_state_st { - uint32_t h[8]; - uint32_t Nl, Nh; - uint32_t data[16]; - unsigned int num, md_len; -}; - - -/* SHA-384. */ - -/* SHA384_CBLOCK is the block size of SHA-384. */ -#define SHA384_CBLOCK 128 - -/* SHA384_DIGEST_LENGTH is the length of a SHA-384 digest. */ -#define SHA384_DIGEST_LENGTH 48 - -/* SHA384_Init initialises |sha| and returns 1. */ -OPENSSL_EXPORT int SHA384_Init(SHA512_CTX *sha); - -/* SHA384_Update adds |len| bytes from |data| to |sha| and returns 1. */ -OPENSSL_EXPORT int SHA384_Update(SHA512_CTX *sha, const void *data, size_t len); - -/* SHA384_Final adds the final padding to |sha| and writes the resulting digest - * to |md|, which must have at least |SHA384_DIGEST_LENGTH| bytes of space. It - * returns one on success and zero on programmer error. */ -OPENSSL_EXPORT int SHA384_Final(uint8_t *md, SHA512_CTX *sha); - -/* SHA384 writes the digest of |len| bytes from |data| to |out| and returns - * |out|. There must be at least |SHA384_DIGEST_LENGTH| bytes of space in - * |out|. */ -OPENSSL_EXPORT uint8_t *SHA384(const uint8_t *data, size_t len, uint8_t *out); - -/* SHA384_Transform is a low-level function that performs a single, SHA-1 block - * transformation using the state from |sha| and 64 bytes from |block|. */ -OPENSSL_EXPORT void SHA384_Transform(SHA512_CTX *sha, const uint8_t *data); - - -/* SHA-512. */ - -/* SHA512_CBLOCK is the block size of SHA-512. */ -#define SHA512_CBLOCK 128 - -/* SHA512_DIGEST_LENGTH is the length of a SHA-512 digest. */ -#define SHA512_DIGEST_LENGTH 64 - -/* SHA512_Init initialises |sha| and returns 1. */ -OPENSSL_EXPORT int SHA512_Init(SHA512_CTX *sha); - -/* SHA512_Update adds |len| bytes from |data| to |sha| and returns 1. */ -OPENSSL_EXPORT int SHA512_Update(SHA512_CTX *sha, const void *data, size_t len); - -/* SHA512_Final adds the final padding to |sha| and writes the resulting digest - * to |md|, which must have at least |SHA512_DIGEST_LENGTH| bytes of space. It - * returns one on success and zero on programmer error. */ -OPENSSL_EXPORT int SHA512_Final(uint8_t *md, SHA512_CTX *sha); - -/* SHA512 writes the digest of |len| bytes from |data| to |out| and returns - * |out|. There must be at least |SHA512_DIGEST_LENGTH| bytes of space in - * |out|. */ -OPENSSL_EXPORT uint8_t *SHA512(const uint8_t *data, size_t len, uint8_t *out); - -/* SHA512_Transform is a low-level function that performs a single, SHA-1 block - * transformation using the state from |sha| and 64 bytes from |block|. */ -OPENSSL_EXPORT void SHA512_Transform(SHA512_CTX *sha, const uint8_t *data); - -struct sha512_state_st { - uint64_t h[8]; - uint64_t Nl, Nh; - union { - uint64_t d[16]; - uint8_t p[128]; - } u; - unsigned int num, md_len; -}; - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_SHA_H */ diff --git a/third_party/boringssl/include/openssl/srtp.h b/third_party/boringssl/include/openssl/srtp.h deleted file mode 100644 index 3f5a53e2c1e1de..00000000000000 --- a/third_party/boringssl/include/openssl/srtp.h +++ /dev/null @@ -1,178 +0,0 @@ -/* ssl/tls1.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* - DTLS code by Eric Rescorla - - Copyright (C) 2006, Network Resonance, Inc. - Copyright (C) 2011, RTFM, Inc. -*/ - -#ifndef OPENSSL_HEADER_SRTP_H -#define OPENSSL_HEADER_SRTP_H - -#ifdef __cplusplus -extern "C" { -#endif - - -/* Constants for SRTP profiles */ -#define SRTP_AES128_CM_SHA1_80 0x0001 -#define SRTP_AES128_CM_SHA1_32 0x0002 -#define SRTP_AES128_F8_SHA1_80 0x0003 -#define SRTP_AES128_F8_SHA1_32 0x0004 -#define SRTP_NULL_SHA1_80 0x0005 -#define SRTP_NULL_SHA1_32 0x0006 - -/* SSL_CTX_set_srtp_profiles enables SRTP for all SSL objects created from - * |ctx|. |profile| contains a colon-separated list of profile names. It returns - * one on success and zero on failure. */ -OPENSSL_EXPORT int SSL_CTX_set_srtp_profiles(SSL_CTX *ctx, - const char *profiles); - -/* SSL_set_srtp_profiles enables SRTP for |ssl|. |profile| contains a - * colon-separated list of profile names. It returns one on success and zero on - * failure. */ -OPENSSL_EXPORT int SSL_set_srtp_profiles(SSL *ctx, const char *profiles); - -/* SSL_get_srtp_profiles returns the SRTP profiles supported by |ssl|. */ -OPENSSL_EXPORT STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles( - SSL *ssl); - -/* SSL_get_selected_srtp_profile returns the selected SRTP profile, or NULL if - * SRTP was not negotiated. */ -OPENSSL_EXPORT const SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile( - SSL *s); - - -/* Deprecated functions */ - -/* SSL_CTX_set_tlsext_use_srtp calls SSL_CTX_set_srtp_profiles. It returns zero - * on success and one on failure. - * - * WARNING: this function is dangerous because it breaks the usual return value - * convention. Use SSL_CTX_set_srtp_profiles instead. */ -OPENSSL_EXPORT int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, - const char *profiles); - -/* SSL_set_tlsext_use_srtp calls SSL_set_srtp_profiles. It returns zero on - * success and one on failure. - * - * WARNING: this function is dangerous because it breaks the usual return value - * convention. Use SSL_set_srtp_profiles instead. */ -OPENSSL_EXPORT int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles); - - -#ifdef __cplusplus -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_SRTP_H */ - diff --git a/third_party/boringssl/include/openssl/ssl.h b/third_party/boringssl/include/openssl/ssl.h deleted file mode 100644 index 217dbaf2f45173..00000000000000 --- a/third_party/boringssl/include/openssl/ssl.h +++ /dev/null @@ -1,2959 +0,0 @@ -/* ssl/ssl.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECC cipher suite support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ -/* ==================================================================== - * Copyright 2005 Nokia. All rights reserved. - * - * The portions of the attached software ("Contribution") is developed by - * Nokia Corporation and is licensed pursuant to the OpenSSL open source - * license. - * - * The Contribution, originally written by Mika Kousa and Pasi Eronen of - * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites - * support (see RFC 4279) to OpenSSL. - * - * No patent licenses or other rights except those expressly stated in - * the OpenSSL open source license shall be deemed granted or received - * expressly, by implication, estoppel, or otherwise. - * - * No assurances are provided by Nokia that the Contribution does not - * infringe the patent or other intellectual property rights of any third - * party or that the license provides you with all the necessary rights - * to make use of the Contribution. - * - * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN - * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA - * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY - * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR - * OTHERWISE. - */ - -#ifndef OPENSSL_HEADER_SSL_H -#define OPENSSL_HEADER_SSL_H - -#include - -#include -#include -#include -#include -#include -#include -#include - -#if !defined(OPENSSL_WINDOWS) -#include -#endif - -/* wpa_supplicant expects to get the version functions from ssl.h */ -#include - -/* Forward-declare struct timeval. On Windows, it is defined in winsock2.h and - * Windows headers define too many macros to be included in public headers. - * However, only a forward declaration is needed. */ -struct timeval; - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* SSL implementation. */ - - -/* Initialization. */ - -/* SSL_library_init initializes the crypto and SSL libraries and returns one. */ -OPENSSL_EXPORT int SSL_library_init(void); - - -/* Cipher suites. */ - -/* An SSL_CIPHER represents a cipher suite. */ -typedef struct ssl_cipher_st { - /* name is the OpenSSL name for the cipher. */ - const char *name; - /* id is the cipher suite value bitwise OR-d with 0x03000000. */ - uint32_t id; - - /* The following are internal fields. See ssl/internal.h for their values. */ - - uint32_t algorithm_mkey; - uint32_t algorithm_auth; - uint32_t algorithm_enc; - uint32_t algorithm_mac; - uint32_t algorithm_ssl; - uint32_t algo_strength; - - /* algorithm2 contains extra flags. See ssl/internal.h. */ - uint32_t algorithm2; - - /* strength_bits is the strength of the cipher in bits. */ - int strength_bits; - /* alg_bits is the number of bits of key material used by the algorithm. */ - int alg_bits; -} SSL_CIPHER; - -DECLARE_STACK_OF(SSL_CIPHER) - -/* SSL_get_cipher_by_value returns the structure representing a TLS cipher - * suite based on its assigned number, or NULL if unknown. See - * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4. */ -OPENSSL_EXPORT const SSL_CIPHER *SSL_get_cipher_by_value(uint16_t value); - -/* SSL_CIPHER_get_id returns |cipher|'s id. It may be cast to a |uint16_t| to - * get the cipher suite value. */ -OPENSSL_EXPORT uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *cipher); - -/* SSL_CIPHER_is_AES returns one if |cipher| uses AES (either GCM or CBC - * mode). */ -OPENSSL_EXPORT int SSL_CIPHER_is_AES(const SSL_CIPHER *cipher); - -/* SSL_CIPHER_has_MD5_HMAC returns one if |cipher| uses HMAC-MD5. */ -OPENSSL_EXPORT int SSL_CIPHER_has_MD5_HMAC(const SSL_CIPHER *cipher); - -/* SSL_CIPHER_is_AESGCM returns one if |cipher| uses AES-GCM. */ -OPENSSL_EXPORT int SSL_CIPHER_is_AESGCM(const SSL_CIPHER *cipher); - -/* SSL_CIPHER_is_CHACHA20POLY1305 returns one if |cipher| uses - * CHACHA20_POLY1305. */ -OPENSSL_EXPORT int SSL_CIPHER_is_CHACHA20POLY1305(const SSL_CIPHER *cipher); - -/* SSL_CIPHER_get_name returns the OpenSSL name of |cipher|. */ -OPENSSL_EXPORT const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher); - -/* SSL_CIPHER_get_kx_name returns a string that describes the key-exchange - * method used by |cipher|. For example, "ECDHE_ECDSA". */ -OPENSSL_EXPORT const char *SSL_CIPHER_get_kx_name(const SSL_CIPHER *cipher); - -/* SSL_CIPHER_get_rfc_name returns a newly-allocated string with the standard - * name for |cipher| or NULL on error. For example, - * "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256". The caller is responsible for - * calling |OPENSSL_free| on the result. */ -OPENSSL_EXPORT char *SSL_CIPHER_get_rfc_name(const SSL_CIPHER *cipher); - -/* SSL_CIPHER_get_bits returns the strength, in bits, of |cipher|. If - * |out_alg_bits| is not NULL, it writes the number of bits consumed by the - * symmetric algorithm to |*out_alg_bits|. */ -OPENSSL_EXPORT int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, - int *out_alg_bits); - - -/* SSL contexts. */ - -/* An SSL_METHOD selects whether to use TLS or DTLS. */ -typedef struct ssl_method_st SSL_METHOD; - -/* TLS_method is the |SSL_METHOD| used for TLS (and SSLv3) connections. */ -OPENSSL_EXPORT const SSL_METHOD *TLS_method(void); - -/* DTLS_method is the |SSL_METHOD| used for DTLS connections. */ -OPENSSL_EXPORT const SSL_METHOD *DTLS_method(void); - -/* SSL_CTX_new returns a newly-allocated |SSL_CTX| with default settings or NULL - * on error. An |SSL_CTX| manages shared state and configuration between - * multiple TLS or DTLS connections. */ -OPENSSL_EXPORT SSL_CTX *SSL_CTX_new(const SSL_METHOD *method); - -/* SSL_CTX_free releases memory associated with |ctx|. */ -OPENSSL_EXPORT void SSL_CTX_free(SSL_CTX *ctx); - - -/* SSL connections. */ - -/* SSL_new returns a newly-allocated |SSL| using |ctx| or NULL on error. An - * |SSL| object represents a single TLS or DTLS connection. It inherits settings - * from |ctx| at the time of creation. Settings may also be individually - * configured on the connection. - * - * On creation, an |SSL| is not configured to be either a client or server. Call - * |SSL_set_connect_state| or |SSL_set_accept_state| to set this. */ -OPENSSL_EXPORT SSL *SSL_new(SSL_CTX *ctx); - -/* SSL_free releases memory associated with |ssl|. */ -OPENSSL_EXPORT void SSL_free(SSL *ssl); - -/* SSL_set_connect_state configures |ssl| to be a client. */ -OPENSSL_EXPORT void SSL_set_connect_state(SSL *ssl); - -/* SSL_set_accept_state configures |ssl| to be a server. */ -OPENSSL_EXPORT void SSL_set_accept_state(SSL *ssl); - - -/* Protocol versions. */ - -#define SSL3_VERSION_MAJOR 0x03 - -#define SSL3_VERSION 0x0300 -#define TLS1_VERSION 0x0301 -#define TLS1_1_VERSION 0x0302 -#define TLS1_2_VERSION 0x0303 - -#define DTLS1_VERSION 0xfeff -#define DTLS1_2_VERSION 0xfefd - -/* SSL_CTX_set_min_version sets the minimum protocol version for |ctx| to - * |version|. */ -OPENSSL_EXPORT void SSL_CTX_set_min_version(SSL_CTX *ctx, uint16_t version); - -/* SSL_CTX_set_max_version sets the maximum protocol version for |ctx| to - * |version|. */ -OPENSSL_EXPORT void SSL_CTX_set_max_version(SSL_CTX *ctx, uint16_t version); - -/* SSL_set_min_version sets the minimum protocol version for |ssl| to - * |version|. */ -OPENSSL_EXPORT void SSL_set_min_version(SSL *ssl, uint16_t version); - -/* SSL_set_max_version sets the maximum protocol version for |ssl| to - * |version|. */ -OPENSSL_EXPORT void SSL_set_max_version(SSL *ssl, uint16_t version); - - -/* Options. - * - * Options configure protocol behavior. */ - -/* SSL_OP_LEGACY_SERVER_CONNECT allows initial connections to servers that don't - * support the renegotiation_info extension (RFC 5746). It is on by default. */ -#define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L - -/* SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER allows for record sizes |SSL3_RT_MAX_EXTRA| - * bytes above the maximum record size. */ -#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L - -/* SSL_OP_TLS_D5_BUG accepts an RSAClientKeyExchange in TLS encoded as in SSL3 - * (i.e. without a length prefix). */ -#define SSL_OP_TLS_D5_BUG 0x00000100L - -/* SSL_OP_ALL enables the above bug workarounds that are enabled by many - * consumers. - * TODO(davidben): Determine which of the remaining may be removed now. */ -#define SSL_OP_ALL 0x00000BFFL - -/* SSL_OP_NO_QUERY_MTU, in DTLS, disables querying the MTU from the underlying - * |BIO|. Instead, the MTU is configured with |SSL_set_mtu|. */ -#define SSL_OP_NO_QUERY_MTU 0x00001000L - -/* SSL_OP_NO_TICKET disables session ticket support (RFC 4507). */ -#define SSL_OP_NO_TICKET 0x00004000L - -/* SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION permits unsafe legacy renegotiation - * without renegotiation_info (RFC 5746) support. */ -#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L - -/* SSL_OP_CIPHER_SERVER_PREFERENCE configures servers to select ciphers and - * ECDHE curves according to the server's preferences instead of the - * client's. */ -#define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L - -/* The following flags toggle individual protocol versions. This is deprecated. - * Use |SSL_CTX_set_min_version| and |SSL_CTX_set_max_version| instead. */ -#define SSL_OP_NO_SSLv3 0x02000000L -#define SSL_OP_NO_TLSv1 0x04000000L -#define SSL_OP_NO_TLSv1_2 0x08000000L -#define SSL_OP_NO_TLSv1_1 0x10000000L -#define SSL_OP_NO_DTLSv1 SSL_OP_NO_TLSv1 -#define SSL_OP_NO_DTLSv1_2 SSL_OP_NO_TLSv1_2 - -/* The following flags do nothing and are included only to make it easier to - * compile code with BoringSSL. */ -#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0 -#define SSL_OP_MICROSOFT_SESS_ID_BUG 0 -#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0 -#define SSL_OP_NO_COMPRESSION 0 -#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0 -#define SSL_OP_NO_SSLv2 0 -#define SSL_OP_SINGLE_DH_USE 0 -#define SSL_OP_SINGLE_ECDH_USE 0 -#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0 -#define SSL_OP_TLS_BLOCK_PADDING_BUG 0 -#define SSL_OP_TLS_ROLLBACK_BUG 0 - -/* SSL_CTX_set_options enables all options set in |options| (which should be one - * or more of the |SSL_OP_*| values, ORed together) in |ctx|. It returns a - * bitmask representing the resulting enabled options. */ -OPENSSL_EXPORT uint32_t SSL_CTX_set_options(SSL_CTX *ctx, uint32_t options); - -/* SSL_CTX_clear_options disables all options set in |options| (which should be - * one or more of the |SSL_OP_*| values, ORed together) in |ctx|. It returns a - * bitmask representing the resulting enabled options. */ -OPENSSL_EXPORT uint32_t SSL_CTX_clear_options(SSL_CTX *ctx, uint32_t options); - -/* SSL_CTX_get_options returns a bitmask of |SSL_OP_*| values that represent all - * the options enabled for |ctx|. */ -OPENSSL_EXPORT uint32_t SSL_CTX_get_options(const SSL_CTX *ctx); - -/* SSL_set_options enables all options set in |options| (which should be one or - * more of the |SSL_OP_*| values, ORed together) in |ssl|. It returns a bitmask - * representing the resulting enabled options. */ -OPENSSL_EXPORT uint32_t SSL_set_options(SSL *ssl, uint32_t options); - -/* SSL_clear_options disables all options set in |options| (which should be one - * or more of the |SSL_OP_*| values, ORed together) in |ssl|. It returns a - * bitmask representing the resulting enabled options. */ -OPENSSL_EXPORT uint32_t SSL_clear_options(SSL *ssl, uint32_t options); - -/* SSL_get_options returns a bitmask of |SSL_OP_*| values that represent all the - * options enabled for |ssl|. */ -OPENSSL_EXPORT uint32_t SSL_get_options(const SSL *ssl); - - -/* Modes. - * - * Modes configure API behavior. */ - -/* SSL_MODE_ENABLE_PARTIAL_WRITE allows |SSL_write| to complete with a partial - * result when the only part of the input was written in a single record. */ -#define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L - -/* SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER allows retrying an incomplete |SSL_write| - * with a different buffer. However, |SSL_write| still assumes the buffer - * contents are unchanged. This is not the default to avoid the misconception - * that non-blocking |SSL_write| behaves like non-blocking |write|. */ -#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L - -/* SSL_MODE_NO_AUTO_CHAIN disables automatically building a certificate chain - * before sending certificates to the peer. - * TODO(davidben): Remove this behavior. https://crbug.com/486295. */ -#define SSL_MODE_NO_AUTO_CHAIN 0x00000008L - -/* SSL_MODE_ENABLE_FALSE_START allows clients to send application data before - * receipt of CCS and Finished. This mode enables full-handshakes to 'complete' - * in one RTT. See draft-bmoeller-tls-falsestart-01. */ -#define SSL_MODE_ENABLE_FALSE_START 0x00000080L - -/* Deprecated: SSL_MODE_HANDSHAKE_CUTTHROUGH is the same as - * SSL_MODE_ENABLE_FALSE_START. */ -#define SSL_MODE_HANDSHAKE_CUTTHROUGH SSL_MODE_ENABLE_FALSE_START - -/* SSL_MODE_CBC_RECORD_SPLITTING causes multi-byte CBC records in SSL 3.0 and - * TLS 1.0 to be split in two: the first record will contain a single byte and - * the second will contain the remainder. This effectively randomises the IV and - * prevents BEAST attacks. */ -#define SSL_MODE_CBC_RECORD_SPLITTING 0x00000100L - -/* SSL_MODE_NO_SESSION_CREATION will cause any attempts to create a session to - * fail with SSL_R_SESSION_MAY_NOT_BE_CREATED. This can be used to enforce that - * session resumption is used for a given SSL*. */ -#define SSL_MODE_NO_SESSION_CREATION 0x00000200L - -/* SSL_MODE_SEND_FALLBACK_SCSV sends TLS_FALLBACK_SCSV in the ClientHello. - * To be set only by applications that reconnect with a downgraded protocol - * version; see https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-05 - * for details. - * - * DO NOT ENABLE THIS if your application attempts a normal handshake. Only use - * this in explicit fallback retries, following the guidance in - * draft-ietf-tls-downgrade-scsv-05. */ -#define SSL_MODE_SEND_FALLBACK_SCSV 0x00000400L - -/* The following flags do nothing and are included only to make it easier to - * compile code with BoringSSL. */ -#define SSL_MODE_AUTO_RETRY 0 -#define SSL_MODE_RELEASE_BUFFERS 0 -#define SSL_MODE_SEND_CLIENTHELLO_TIME 0 -#define SSL_MODE_SEND_SERVERHELLO_TIME 0 - -/* SSL_CTX_set_mode enables all modes set in |mode| (which should be one or more - * of the |SSL_MODE_*| values, ORed together) in |ctx|. It returns a bitmask - * representing the resulting enabled modes. */ -OPENSSL_EXPORT uint32_t SSL_CTX_set_mode(SSL_CTX *ctx, uint32_t mode); - -/* SSL_CTX_clear_mode disables all modes set in |mode| (which should be one or - * more of the |SSL_MODE_*| values, ORed together) in |ctx|. It returns a - * bitmask representing the resulting enabled modes. */ -OPENSSL_EXPORT uint32_t SSL_CTX_clear_mode(SSL_CTX *ctx, uint32_t mode); - -/* SSL_CTX_get_mode returns a bitmask of |SSL_MODE_*| values that represent all - * the modes enabled for |ssl|. */ -OPENSSL_EXPORT uint32_t SSL_CTX_get_mode(const SSL_CTX *ctx); - -/* SSL_set_mode enables all modes set in |mode| (which should be one or more of - * the |SSL_MODE_*| values, ORed together) in |ssl|. It returns a bitmask - * representing the resulting enabled modes. */ -OPENSSL_EXPORT uint32_t SSL_set_mode(SSL *ssl, uint32_t mode); - -/* SSL_clear_mode disables all modes set in |mode| (which should be one or more - * of the |SSL_MODE_*| values, ORed together) in |ssl|. It returns a bitmask - * representing the resulting enabled modes. */ -OPENSSL_EXPORT uint32_t SSL_clear_mode(SSL *ssl, uint32_t mode); - -/* SSL_get_mode returns a bitmask of |SSL_MODE_*| values that represent all the - * modes enabled for |ssl|. */ -OPENSSL_EXPORT uint32_t SSL_get_mode(const SSL *ssl); - - -/* Connection information. */ - -/* SSL_get_tls_unique writes at most |max_out| bytes of the tls-unique value - * for |ssl| to |out| and sets |*out_len| to the number of bytes written. It - * returns one on success or zero on error. In general |max_out| should be at - * least 12. - * - * This function will always fail if the initial handshake has not completed. - * The tls-unique value will change after a renegotiation but, since - * renegotiations can be initiated by the server at any point, the higher-level - * protocol must either leave them disabled or define states in which the - * tls-unique value can be read. - * - * The tls-unique value is defined by - * https://tools.ietf.org/html/rfc5929#section-3.1. Due to a weakness in the - * TLS protocol, tls-unique is broken for resumed connections unless the - * Extended Master Secret extension is negotiated. Thus this function will - * return zero if |ssl| performed session resumption unless EMS was used when - * negotiating the original session. */ -OPENSSL_EXPORT int SSL_get_tls_unique(const SSL *ssl, uint8_t *out, - size_t *out_len, size_t max_out); - - -/* Underdocumented functions. - * - * Functions below here haven't been touched up and may be underdocumented. */ - -/* SSLeay version number for ASN.1 encoding of the session information */ -/* Version 0 - initial version - * Version 1 - added the optional peer certificate. */ -#define SSL_SESSION_ASN1_VERSION 0x0001 - -#define SSL_MAX_SSL_SESSION_ID_LENGTH 32 -#define SSL_MAX_SID_CTX_LENGTH 32 -#define SSL_MAX_MASTER_KEY_LENGTH 48 - -/* These are used to specify which ciphers to use and not to use */ - -#define SSL_TXT_MEDIUM "MEDIUM" -#define SSL_TXT_HIGH "HIGH" -#define SSL_TXT_FIPS "FIPS" - -#define SSL_TXT_kRSA "kRSA" -#define SSL_TXT_kDHE "kDHE" -#define SSL_TXT_kEDH "kEDH" /* same as "kDHE" */ -#define SSL_TXT_kECDHE "kECDHE" -#define SSL_TXT_kEECDH "kEECDH" /* same as "kECDHE" */ -#define SSL_TXT_kPSK "kPSK" - -#define SSL_TXT_aRSA "aRSA" -#define SSL_TXT_aECDSA "aECDSA" -#define SSL_TXT_aPSK "aPSK" - -#define SSL_TXT_DH "DH" -#define SSL_TXT_DHE "DHE" /* same as "kDHE" */ -#define SSL_TXT_EDH "EDH" /* same as "DHE" */ -#define SSL_TXT_RSA "RSA" -#define SSL_TXT_ECDH "ECDH" -#define SSL_TXT_ECDHE "ECDHE" /* same as "kECDHE" */ -#define SSL_TXT_EECDH "EECDH" /* same as "ECDHE" */ -#define SSL_TXT_ECDSA "ECDSA" -#define SSL_TXT_PSK "PSK" - -#define SSL_TXT_3DES "3DES" -#define SSL_TXT_RC4 "RC4" -#define SSL_TXT_AES128 "AES128" -#define SSL_TXT_AES256 "AES256" -#define SSL_TXT_AES "AES" -#define SSL_TXT_AES_GCM "AESGCM" -#define SSL_TXT_CHACHA20 "CHACHA20" - -#define SSL_TXT_MD5 "MD5" -#define SSL_TXT_SHA1 "SHA1" -#define SSL_TXT_SHA "SHA" /* same as "SHA1" */ -#define SSL_TXT_SHA256 "SHA256" -#define SSL_TXT_SHA384 "SHA384" - -#define SSL_TXT_SSLV3 "SSLv3" -#define SSL_TXT_TLSV1 "TLSv1" -#define SSL_TXT_TLSV1_1 "TLSv1.1" -#define SSL_TXT_TLSV1_2 "TLSv1.2" - -#define SSL_TXT_ALL "ALL" - -/* COMPLEMENTOF* definitions. These identifiers are used to (de-select) ciphers - * normally not being used. - * - * Example: "RC4" will activate all ciphers using RC4 including ciphers without - * authentication, which would normally disabled by DEFAULT (due the "!ADH" - * being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT" will make sure - * that it is also disabled in the specific selection. COMPLEMENTOF* - * identifiers are portable between version, as adjustments to the default - * cipher setup will also be included here. - * - * COMPLEMENTOFDEFAULT does not experience the same special treatment that - * DEFAULT gets, as only selection is being done and no sorting as needed for - * DEFAULT. */ -#define SSL_TXT_CMPDEF "COMPLEMENTOFDEFAULT" - -/* The following cipher list is used by default. It also is substituted when an - * application-defined cipher list string starts with 'DEFAULT'. */ -#define SSL_DEFAULT_CIPHER_LIST "ALL" - -/* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always - * starts with a reasonable order, and all we have to do for DEFAULT is - * throwing out anonymous and unencrypted ciphersuites! (The latter are not - * actually enabled by ALL, but "ALL:RSA" would enable some of them.) */ - -/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ -#define SSL_SENT_SHUTDOWN 1 -#define SSL_RECEIVED_SHUTDOWN 2 - -#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1 -#define SSL_FILETYPE_PEM X509_FILETYPE_PEM - -typedef struct ssl_protocol_method_st SSL_PROTOCOL_METHOD; -typedef struct ssl_session_st SSL_SESSION; -typedef struct tls_sigalgs_st TLS_SIGALGS; -typedef struct ssl_conf_ctx_st SSL_CONF_CTX; -typedef struct ssl3_enc_method SSL3_ENC_METHOD; - -/* SRTP protection profiles for use with the use_srtp extension (RFC 5764). */ -typedef struct srtp_protection_profile_st { - const char *name; - unsigned long id; -} SRTP_PROTECTION_PROFILE; - -DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE) - -/* An SSL_SESSION represents an SSL session that may be resumed in an - * abbreviated handshake. */ -struct ssl_session_st { - int ssl_version; /* what ssl version session info is being kept in here? */ - - int master_key_length; - uint8_t master_key[SSL_MAX_MASTER_KEY_LENGTH]; - /* session_id - valid? */ - unsigned int session_id_length; - uint8_t session_id[SSL_MAX_SSL_SESSION_ID_LENGTH]; - /* this is used to determine whether the session is being reused in - * the appropriate context. It is up to the application to set this, - * via SSL_new */ - unsigned int sid_ctx_length; - uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH]; - - char *psk_identity; - /* Used to indicate that session resumption is not allowed. Applications can - * also set this bit for a new session via not_resumable_session_cb to - * disable session caching and tickets. */ - int not_resumable; - - /* The cert is the certificate used to establish this connection */ - struct sess_cert_st /* SESS_CERT */ *sess_cert; - - /* This is the cert for the other end. On clients, it will be the same as - * sess_cert->peer_key->x509 (the latter is not enough as sess_cert is not - * retained in the external representation of sessions, see ssl_asn1.c). */ - X509 *peer; - /* when app_verify_callback accepts a session where the peer's certificate is - * not ok, we must remember the error for session reuse: */ - long verify_result; /* only for servers */ - - CRYPTO_refcount_t references; - long timeout; - long time; - - const SSL_CIPHER *cipher; - - CRYPTO_EX_DATA ex_data; /* application specific data */ - - /* These are used to make removal of session-ids more efficient and to - * implement a maximum cache size. */ - SSL_SESSION *prev, *next; - char *tlsext_hostname; - /* RFC4507 info */ - uint8_t *tlsext_tick; /* Session ticket */ - size_t tlsext_ticklen; /* Session ticket length */ - uint32_t tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */ - - size_t tlsext_signed_cert_timestamp_list_length; - uint8_t *tlsext_signed_cert_timestamp_list; /* Server's list. */ - - /* The OCSP response that came with the session. */ - size_t ocsp_response_length; - uint8_t *ocsp_response; - - char peer_sha256_valid; /* Non-zero if peer_sha256 is valid */ - uint8_t - peer_sha256[SHA256_DIGEST_LENGTH]; /* SHA256 of peer certificate */ - - /* original_handshake_hash contains the handshake hash (either SHA-1+MD5 or - * SHA-2, depending on TLS version) for the original, full handshake that - * created a session. This is used by Channel IDs during resumption. */ - uint8_t original_handshake_hash[EVP_MAX_MD_SIZE]; - unsigned int original_handshake_hash_len; - - /* extended_master_secret is true if the master secret in this session was - * generated using EMS and thus isn't vulnerable to the Triple Handshake - * attack. */ - char extended_master_secret; -}; - - -/* Cert related flags */ -/* Many implementations ignore some aspects of the TLS standards such as - * enforcing certifcate chain algorithms. When this is set we enforce them. */ -#define SSL_CERT_FLAG_TLS_STRICT 0x00000001L - -/* Flags for building certificate chains */ -/* Treat any existing certificates as untrusted CAs */ -#define SSL_BUILD_CHAIN_FLAG_UNTRUSTED 0x1 -/* Don't include root CA in chain */ -#define SSL_BUILD_CHAIN_FLAG_NO_ROOT 0x2 -/* Just check certificates already there */ -#define SSL_BUILD_CHAIN_FLAG_CHECK 0x4 -/* Ignore verification errors */ -#define SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR 0x8 -/* Clear verification errors from queue */ -#define SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR 0x10 - -/* SSL_set_mtu sets the |ssl|'s MTU in DTLS to |mtu|. It returns one on success - * and zero on failure. */ -OPENSSL_EXPORT int SSL_set_mtu(SSL *ssl, unsigned mtu); - -/* SSL_get_secure_renegotiation_support returns one if the peer supports secure - * renegotiation (RFC 5746) and zero otherwise. */ -OPENSSL_EXPORT int SSL_get_secure_renegotiation_support(const SSL *ssl); - -/* SSL_CTX_set_msg_callback installs |cb| as the message callback for |ctx|. - * This callback will be called when sending or receiving low-level record - * headers, complete handshake messages, ChangeCipherSpec, and alerts. - * |write_p| is one for outgoing messages and zero for incoming messages. - * - * For each record header, |cb| is called with |version| = 0 and |content_type| - * = |SSL3_RT_HEADER|. The |len| bytes from |buf| contain the header. Note that - * this does not include the record body. If the record is sealed, the length - * in the header is the length of the ciphertext. - * - * For each handshake message, ChangeCipherSpec, and alert, |version| is the - * protocol version and |content_type| is the corresponding record type. The - * |len| bytes from |buf| contain the handshake message, one-byte - * ChangeCipherSpec body, and two-byte alert, respectively. */ -OPENSSL_EXPORT void SSL_CTX_set_msg_callback( - SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, - const void *buf, size_t len, SSL *ssl, void *arg)); - -/* SSL_CTX_set_msg_callback_arg sets the |arg| parameter of the message - * callback. */ -OPENSSL_EXPORT void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg); - -/* SSL_set_msg_callback installs |cb| as the message callback of |ssl|. See - * |SSL_CTX_set_msg_callback| for when this callback is called. */ -OPENSSL_EXPORT void SSL_set_msg_callback( - SSL *ssl, void (*cb)(int write_p, int version, int content_type, - const void *buf, size_t len, SSL *ssl, void *arg)); - -/* SSL_set_msg_callback_arg sets the |arg| parameter of the message callback. */ -OPENSSL_EXPORT void SSL_set_msg_callback_arg(SSL *ssl, void *arg); - -/* SSL_CTX_set_keylog_bio sets configures all SSL objects attached to |ctx| to - * log session material to |keylog_bio|. This is intended for debugging use - * with tools like Wireshark. |ctx| takes ownership of |keylog_bio|. - * - * The format is described in - * https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format. */ -OPENSSL_EXPORT void SSL_CTX_set_keylog_bio(SSL_CTX *ctx, BIO *keylog_bio); - - -struct ssl_aead_ctx_st; -typedef struct ssl_aead_ctx_st SSL_AEAD_CTX; - -#define SSL_MAX_CERT_LIST_DEFAULT 1024 * 100 /* 100k max cert list */ - -#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024 * 20) - -#define SSL_DEFAULT_SESSION_TIMEOUT (2 * 60 * 60) - -/* This callback type is used inside SSL_CTX, SSL, and in the functions that - * set them. It is used to override the generation of SSL/TLS session IDs in a - * server. Return value should be zero on an error, non-zero to proceed. Also, - * callbacks should themselves check if the id they generate is unique - * otherwise the SSL handshake will fail with an error - callbacks can do this - * using the 'ssl' value they're passed by; - * SSL_has_matching_session_id(ssl, id, *id_len) - * The length value passed in is set at the maximum size the session ID can be. - * In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback - * can alter this length to be less if desired, but under SSLv2 session IDs are - * supposed to be fixed at 16 bytes so the id will be padded after the callback - * returns in this case. It is also an error for the callback to set the size - * to zero. */ -typedef int (*GEN_SESSION_CB)(const SSL *ssl, uint8_t *id, - unsigned int *id_len); - -/* ssl_early_callback_ctx is passed to certain callbacks that are called very - * early on during the server handshake. At this point, much of the SSL* hasn't - * been filled out and only the ClientHello can be depended on. */ -struct ssl_early_callback_ctx { - SSL *ssl; - const uint8_t *client_hello; - size_t client_hello_len; - const uint8_t *session_id; - size_t session_id_len; - const uint8_t *cipher_suites; - size_t cipher_suites_len; - const uint8_t *compression_methods; - size_t compression_methods_len; - const uint8_t *extensions; - size_t extensions_len; -}; - -/* SSL_early_callback_ctx_extension_get searches the extensions in |ctx| for an - * extension of the given type. If not found, it returns zero. Otherwise it - * sets |out_data| to point to the extension contents (not including the type - * and length bytes), sets |out_len| to the length of the extension contents - * and returns one. */ -OPENSSL_EXPORT char SSL_early_callback_ctx_extension_get( - const struct ssl_early_callback_ctx *ctx, uint16_t extension_type, - const uint8_t **out_data, size_t *out_len); - -typedef struct ssl_comp_st SSL_COMP; - -struct ssl_comp_st { - int id; - const char *name; - char *method; -}; - -DECLARE_STACK_OF(SSL_COMP) -DECLARE_LHASH_OF(SSL_SESSION) - -/* ssl_cipher_preference_list_st contains a list of SSL_CIPHERs with - * equal-preference groups. For TLS clients, the groups are moot because the - * server picks the cipher and groups cannot be expressed on the wire. However, - * for servers, the equal-preference groups allow the client's preferences to - * be partially respected. (This only has an effect with - * SSL_OP_CIPHER_SERVER_PREFERENCE). - * - * The equal-preference groups are expressed by grouping SSL_CIPHERs together. - * All elements of a group have the same priority: no ordering is expressed - * within a group. - * - * The values in |ciphers| are in one-to-one correspondence with - * |in_group_flags|. (That is, sk_SSL_CIPHER_num(ciphers) is the number of - * bytes in |in_group_flags|.) The bytes in |in_group_flags| are either 1, to - * indicate that the corresponding SSL_CIPHER is not the last element of a - * group, or 0 to indicate that it is. - * - * For example, if |in_group_flags| contains all zeros then that indicates a - * traditional, fully-ordered preference. Every SSL_CIPHER is the last element - * of the group (i.e. they are all in a one-element group). - * - * For a more complex example, consider: - * ciphers: A B C D E F - * in_group_flags: 1 1 0 0 1 0 - * - * That would express the following, order: - * - * A E - * B -> D -> F - * C - */ -struct ssl_cipher_preference_list_st { - STACK_OF(SSL_CIPHER) *ciphers; - uint8_t *in_group_flags; -}; - -struct ssl_ctx_st { - const SSL_PROTOCOL_METHOD *method; - - /* lock is used to protect various operations on this object. */ - CRYPTO_MUTEX lock; - - /* max_version is the maximum acceptable protocol version. If zero, the - * maximum supported version, currently (D)TLS 1.2, is used. */ - uint16_t max_version; - - /* min_version is the minimum acceptable protocl version. If zero, the - * minimum supported version, currently SSL 3.0 and DTLS 1.0, is used */ - uint16_t min_version; - - struct ssl_cipher_preference_list_st *cipher_list; - /* same as above but sorted for lookup */ - STACK_OF(SSL_CIPHER) *cipher_list_by_id; - /* cipher_list_tls11 is the list of ciphers when TLS 1.1 or greater is in - * use. This only applies to server connections as, for clients, the version - * number is known at connect time and so the cipher list can be set then. */ - struct ssl_cipher_preference_list_st *cipher_list_tls11; - - X509_STORE *cert_store; - LHASH_OF(SSL_SESSION) *sessions; - /* Most session-ids that will be cached, default is - * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */ - unsigned long session_cache_size; - SSL_SESSION *session_cache_head; - SSL_SESSION *session_cache_tail; - - /* handshakes_since_cache_flush is the number of successful handshakes since - * the last cache flush. */ - int handshakes_since_cache_flush; - - /* This can have one of 2 values, ored together, - * SSL_SESS_CACHE_CLIENT, - * SSL_SESS_CACHE_SERVER, - * Default is SSL_SESSION_CACHE_SERVER, which means only - * SSL_accept which cache SSL_SESSIONS. */ - int session_cache_mode; - - /* If timeout is not 0, it is the default timeout value set when SSL_new() is - * called. This has been put in to make life easier to set things up */ - long session_timeout; - - /* If this callback is not null, it will be called each time a session id is - * added to the cache. If this function returns 1, it means that the - * callback will do a SSL_SESSION_free() when it has finished using it. - * Otherwise, on 0, it means the callback has finished with it. If - * remove_session_cb is not null, it will be called when a session-id is - * removed from the cache. After the call, OpenSSL will SSL_SESSION_free() - * it. */ - int (*new_session_cb)(SSL *ssl, SSL_SESSION *sess); - void (*remove_session_cb)(SSL_CTX *ctx, SSL_SESSION *sess); - SSL_SESSION *(*get_session_cb)(SSL *ssl, uint8_t *data, int len, - int *copy); - - CRYPTO_refcount_t references; - - /* if defined, these override the X509_verify_cert() calls */ - int (*app_verify_callback)(X509_STORE_CTX *, void *); - void *app_verify_arg; - /* before OpenSSL 0.9.7, 'app_verify_arg' was ignored ('app_verify_callback' - * was called with just one argument) */ - - /* Default password callback. */ - pem_password_cb *default_passwd_callback; - - /* Default password callback user data. */ - void *default_passwd_callback_userdata; - - /* get client cert callback */ - int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey); - - /* get channel id callback */ - void (*channel_id_cb)(SSL *ssl, EVP_PKEY **pkey); - - CRYPTO_EX_DATA ex_data; - - STACK_OF(X509) *extra_certs; - - - /* Default values used when no per-SSL value is defined follow */ - - void (*info_callback)(const SSL *ssl, int type, - int val); /* used if SSL's info_callback is NULL */ - - /* what we put in client cert requests */ - STACK_OF(X509_NAME) *client_CA; - - - /* Default values to use in SSL structures follow (these are copied by - * SSL_new) */ - - uint32_t options; - uint32_t mode; - uint32_t max_cert_list; - - struct cert_st /* CERT */ *cert; - - /* callback that allows applications to peek at protocol messages */ - void (*msg_callback)(int write_p, int version, int content_type, - const void *buf, size_t len, SSL *ssl, void *arg); - void *msg_callback_arg; - - int verify_mode; - unsigned int sid_ctx_length; - uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH]; - int (*default_verify_callback)( - int ok, X509_STORE_CTX *ctx); /* called 'verify_callback' in the SSL */ - - /* Default generate session ID callback. */ - GEN_SESSION_CB generate_session_id; - - X509_VERIFY_PARAM *param; - - /* select_certificate_cb is called before most ClientHello processing and - * before the decision whether to resume a session is made. It may return one - * to continue the handshake or zero to cause the handshake loop to return - * with an error and cause SSL_get_error to return - * SSL_ERROR_PENDING_CERTIFICATE. Note: when the handshake loop is resumed, it - * will not call the callback a second time. */ - int (*select_certificate_cb)(const struct ssl_early_callback_ctx *); - - /* dos_protection_cb is called once the resumption decision for a ClientHello - * has been made. It returns one to continue the handshake or zero to - * abort. */ - int (*dos_protection_cb) (const struct ssl_early_callback_ctx *); - - /* quiet_shutdown is true if the connection should not send a close_notify on - * shutdown. */ - int quiet_shutdown; - - /* Maximum amount of data to send in one fragment. actual record size can be - * more than this due to padding and MAC overheads. */ - uint16_t max_send_fragment; - - /* TLS extensions servername callback */ - int (*tlsext_servername_callback)(SSL *, int *, void *); - void *tlsext_servername_arg; - /* RFC 4507 session ticket keys */ - uint8_t tlsext_tick_key_name[16]; - uint8_t tlsext_tick_hmac_key[16]; - uint8_t tlsext_tick_aes_key[16]; - /* Callback to support customisation of ticket key setting */ - int (*tlsext_ticket_key_cb)(SSL *ssl, uint8_t *name, uint8_t *iv, - EVP_CIPHER_CTX *ectx, HMAC_CTX *hctx, int enc); - - /* Server-only: psk_identity_hint is the default identity hint to send in - * PSK-based key exchanges. */ - char *psk_identity_hint; - - unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, - char *identity, - unsigned int max_identity_len, - uint8_t *psk, unsigned int max_psk_len); - unsigned int (*psk_server_callback)(SSL *ssl, const char *identity, - uint8_t *psk, unsigned int max_psk_len); - - - /* retain_only_sha256_of_client_certs is true if we should compute the SHA256 - * hash of the peer's certifiate and then discard it to save memory and - * session space. Only effective on the server side. */ - char retain_only_sha256_of_client_certs; - - /* Next protocol negotiation information */ - /* (for experimental NPN extension). */ - - /* For a server, this contains a callback function by which the set of - * advertised protocols can be provided. */ - int (*next_protos_advertised_cb)(SSL *s, const uint8_t **buf, - unsigned int *len, void *arg); - void *next_protos_advertised_cb_arg; - /* For a client, this contains a callback function that selects the - * next protocol from the list provided by the server. */ - int (*next_proto_select_cb)(SSL *s, uint8_t **out, uint8_t *outlen, - const uint8_t *in, unsigned int inlen, void *arg); - void *next_proto_select_cb_arg; - - /* ALPN information - * (we are in the process of transitioning from NPN to ALPN.) */ - - /* For a server, this contains a callback function that allows the - * server to select the protocol for the connection. - * out: on successful return, this must point to the raw protocol - * name (without the length prefix). - * outlen: on successful return, this contains the length of |*out|. - * in: points to the client's list of supported protocols in - * wire-format. - * inlen: the length of |in|. */ - int (*alpn_select_cb)(SSL *s, const uint8_t **out, uint8_t *outlen, - const uint8_t *in, unsigned int inlen, void *arg); - void *alpn_select_cb_arg; - - /* For a client, this contains the list of supported protocols in wire - * format. */ - uint8_t *alpn_client_proto_list; - unsigned alpn_client_proto_list_len; - - /* SRTP profiles we are willing to do from RFC 5764 */ - STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; - - /* EC extension values inherited by SSL structure */ - size_t tlsext_ecpointformatlist_length; - uint8_t *tlsext_ecpointformatlist; - size_t tlsext_ellipticcurvelist_length; - uint16_t *tlsext_ellipticcurvelist; - - /* If true, a client will advertise the Channel ID extension and a server - * will echo it. */ - char tlsext_channel_id_enabled; - /* tlsext_channel_id_enabled_new is a hack to support both old and new - * ChannelID signatures. It indicates that a client should advertise the new - * ChannelID extension number. */ - char tlsext_channel_id_enabled_new; - /* The client's Channel ID private key. */ - EVP_PKEY *tlsext_channel_id_private; - - /* If true, a client will request certificate timestamps. */ - char signed_cert_timestamps_enabled; - - /* If true, a client will request a stapled OCSP response. */ - char ocsp_stapling_enabled; - - /* If not NULL, session key material will be logged to this BIO for debugging - * purposes. The format matches NSS's and is readable by Wireshark. */ - BIO *keylog_bio; - - /* current_time_cb, if not NULL, is the function to use to get the current - * time. It sets |*out_clock| to the current time. */ - void (*current_time_cb)(const SSL *ssl, struct timeval *out_clock); -}; - -OPENSSL_EXPORT LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx); - -/* SSL_CTX_sess_number returns the number of sessions in |ctx|'s internal - * session cache. */ -OPENSSL_EXPORT size_t SSL_CTX_sess_number(const SSL_CTX *ctx); - -OPENSSL_EXPORT void SSL_CTX_sess_set_new_cb( - SSL_CTX *ctx, int (*new_session_cb)(SSL *ssl, SSL_SESSION *sess)); -OPENSSL_EXPORT int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(SSL *ssl, - SSL_SESSION *sess); -OPENSSL_EXPORT void SSL_CTX_sess_set_remove_cb( - SSL_CTX *ctx, - void (*remove_session_cb)(SSL_CTX *ctx, SSL_SESSION *sess)); -OPENSSL_EXPORT void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))( - SSL_CTX *ctx, SSL_SESSION *sess); -OPENSSL_EXPORT void SSL_CTX_sess_set_get_cb( - SSL_CTX *ctx, - SSL_SESSION *(*get_session_cb)(SSL *ssl, uint8_t *data, int len, - int *copy)); -OPENSSL_EXPORT SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))( - SSL *ssl, uint8_t *data, int len, int *copy); -/* SSL_magic_pending_session_ptr returns a magic SSL_SESSION* which indicates - * that the session isn't currently unavailable. SSL_get_error will then return - * SSL_ERROR_PENDING_SESSION and the handshake can be retried later when the - * lookup has completed. */ -OPENSSL_EXPORT SSL_SESSION *SSL_magic_pending_session_ptr(void); -OPENSSL_EXPORT void SSL_CTX_set_info_callback(SSL_CTX *ctx, - void (*cb)(const SSL *ssl, - int type, int val)); -OPENSSL_EXPORT void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl, - int type, - int val); -OPENSSL_EXPORT void SSL_CTX_set_client_cert_cb( - SSL_CTX *ctx, - int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)); -OPENSSL_EXPORT int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, - X509 **x509, - EVP_PKEY **pkey); -OPENSSL_EXPORT void SSL_CTX_set_channel_id_cb( - SSL_CTX *ctx, void (*channel_id_cb)(SSL *ssl, EVP_PKEY **pkey)); -OPENSSL_EXPORT void (*SSL_CTX_get_channel_id_cb(SSL_CTX *ctx))(SSL *ssl, - EVP_PKEY **pkey); - -/* SSL_enable_signed_cert_timestamps causes |ssl| (which must be the client end - * of a connection) to request SCTs from the server. See - * https://tools.ietf.org/html/rfc6962. It returns one. */ -OPENSSL_EXPORT int SSL_enable_signed_cert_timestamps(SSL *ssl); - -/* SSL_CTX_enable_signed_cert_timestamps enables SCT requests on all client SSL - * objects created from |ctx|. */ -OPENSSL_EXPORT void SSL_CTX_enable_signed_cert_timestamps(SSL_CTX *ctx); - -/* SSL_enable_ocsp_stapling causes |ssl| (which must be the client end of a - * connection) to request a stapled OCSP response from the server. It returns - * one. */ -OPENSSL_EXPORT int SSL_enable_ocsp_stapling(SSL *ssl); - -/* SSL_CTX_enable_ocsp_stapling enables OCSP stapling on all client SSL objects - * created from |ctx|. */ -OPENSSL_EXPORT void SSL_CTX_enable_ocsp_stapling(SSL_CTX *ctx); - -/* SSL_get0_signed_cert_timestamp_list sets |*out| and |*out_len| to point to - * |*out_len| bytes of SCT information from the server. This is only valid if - * |ssl| is a client. The SCT information is a SignedCertificateTimestampList - * (including the two leading length bytes). - * See https://tools.ietf.org/html/rfc6962#section-3.3 - * If no SCT was received then |*out_len| will be zero on return. - * - * WARNING: the returned data is not guaranteed to be well formed. */ -OPENSSL_EXPORT void SSL_get0_signed_cert_timestamp_list(const SSL *ssl, - const uint8_t **out, - size_t *out_len); - -/* SSL_get0_ocsp_response sets |*out| and |*out_len| to point to |*out_len| - * bytes of an OCSP response from the server. This is the DER encoding of an - * OCSPResponse type as defined in RFC 2560. - * - * WARNING: the returned data is not guaranteed to be well formed. */ -OPENSSL_EXPORT void SSL_get0_ocsp_response(const SSL *ssl, const uint8_t **out, - size_t *out_len); - -OPENSSL_EXPORT void SSL_CTX_set_next_protos_advertised_cb( - SSL_CTX *s, - int (*cb)(SSL *ssl, const uint8_t **out, unsigned int *outlen, void *arg), - void *arg); -OPENSSL_EXPORT void SSL_CTX_set_next_proto_select_cb( - SSL_CTX *s, int (*cb)(SSL *ssl, uint8_t **out, uint8_t *outlen, - const uint8_t *in, unsigned int inlen, void *arg), - void *arg); -OPENSSL_EXPORT void SSL_get0_next_proto_negotiated(const SSL *s, - const uint8_t **data, - unsigned *len); - -OPENSSL_EXPORT int SSL_select_next_proto(uint8_t **out, uint8_t *outlen, - const uint8_t *in, unsigned int inlen, - const uint8_t *client, - unsigned int client_len); - -#define OPENSSL_NPN_UNSUPPORTED 0 -#define OPENSSL_NPN_NEGOTIATED 1 -#define OPENSSL_NPN_NO_OVERLAP 2 - -/* SSL_CTX_set_alpn_protos sets the ALPN protocol list on |ctx| to |protos|. - * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit - * length-prefixed strings). It returns zero on success and one on failure. - * - * WARNING: this function is dangerous because it breaks the usual return value - * convention. */ -OPENSSL_EXPORT int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const uint8_t *protos, - unsigned protos_len); - -/* SSL_set_alpn_protos sets the ALPN protocol list on |ssl| to |protos|. - * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit - * length-prefixed strings). It returns zero on success and one on failure. - * - * WARNING: this function is dangerous because it breaks the usual return value - * convention. */ -OPENSSL_EXPORT int SSL_set_alpn_protos(SSL *ssl, const uint8_t *protos, - unsigned protos_len); - -OPENSSL_EXPORT void SSL_CTX_set_alpn_select_cb( - SSL_CTX *ctx, int (*cb)(SSL *ssl, const uint8_t **out, uint8_t *outlen, - const uint8_t *in, unsigned int inlen, void *arg), - void *arg); -OPENSSL_EXPORT void SSL_get0_alpn_selected(const SSL *ssl, const uint8_t **data, - unsigned *len); - -/* SSL_enable_fastradio_padding controls whether fastradio padding is enabled - * on |ssl|. If it is, ClientHello messages are padded to 1024 bytes. This - * causes 3G radios to switch to DCH mode (high data rate). */ -OPENSSL_EXPORT void SSL_enable_fastradio_padding(SSL *ssl, char on_off); - -/* SSL_set_reject_peer_renegotiations controls whether renegotiation attempts by - * the peer are rejected. It may be set at any point in a connection's lifetime - * to control future renegotiations programmatically. By default, renegotiations - * are rejected. (Renegotiations requested by a client are always rejected.) */ -OPENSSL_EXPORT void SSL_set_reject_peer_renegotiations(SSL *ssl, int reject); - -/* the maximum length of the buffer given to callbacks containing the resulting - * identity/psk */ -#define PSK_MAX_IDENTITY_LEN 128 -#define PSK_MAX_PSK_LEN 256 -OPENSSL_EXPORT void SSL_CTX_set_psk_client_callback( - SSL_CTX *ctx, - unsigned int (*psk_client_callback)( - SSL *ssl, const char *hint, char *identity, - unsigned int max_identity_len, uint8_t *psk, unsigned int max_psk_len)); -OPENSSL_EXPORT void SSL_set_psk_client_callback( - SSL *ssl, unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, - char *identity, - unsigned int max_identity_len, - uint8_t *psk, - unsigned int max_psk_len)); -OPENSSL_EXPORT void SSL_CTX_set_psk_server_callback( - SSL_CTX *ctx, - unsigned int (*psk_server_callback)(SSL *ssl, const char *identity, - uint8_t *psk, - unsigned int max_psk_len)); -OPENSSL_EXPORT void SSL_set_psk_server_callback( - SSL *ssl, - unsigned int (*psk_server_callback)(SSL *ssl, const char *identity, - uint8_t *psk, - unsigned int max_psk_len)); -OPENSSL_EXPORT int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, - const char *identity_hint); -OPENSSL_EXPORT int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint); -OPENSSL_EXPORT const char *SSL_get_psk_identity_hint(const SSL *s); -OPENSSL_EXPORT const char *SSL_get_psk_identity(const SSL *s); - -#define SSL_NOTHING 1 -#define SSL_WRITING 2 -#define SSL_READING 3 -#define SSL_X509_LOOKUP 4 -#define SSL_CHANNEL_ID_LOOKUP 5 -#define SSL_PENDING_SESSION 7 -#define SSL_CERTIFICATE_SELECTION_PENDING 8 - -/* These will only be used when doing non-blocking IO */ -#define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING) -#define SSL_want_read(s) (SSL_want(s) == SSL_READING) -#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING) -#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP) -#define SSL_want_channel_id_lookup(s) (SSL_want(s) == SSL_CHANNEL_ID_LOOKUP) -#define SSL_want_session(s) (SSL_want(s) == SSL_PENDING_SESSION) -#define SSL_want_certificate(s) \ - (SSL_want(s) == SSL_CERTIFICATE_SELECTION_PENDING) - -struct ssl_st { - /* version is the protocol version. */ - int version; - - /* method is the method table corresponding to the current protocol (DTLS or - * TLS). */ - const SSL_PROTOCOL_METHOD *method; - - /* enc_method is the method table corresponding to the current protocol - * version. */ - const SSL3_ENC_METHOD *enc_method; - - /* max_version is the maximum acceptable protocol version. If zero, the - * maximum supported version, currently (D)TLS 1.2, is used. */ - uint16_t max_version; - - /* min_version is the minimum acceptable protocl version. If zero, the - * minimum supported version, currently SSL 3.0 and DTLS 1.0, is used */ - uint16_t min_version; - - /* There are 2 BIO's even though they are normally both the same. This is so - * data can be read and written to different handlers */ - - BIO *rbio; /* used by SSL_read */ - BIO *wbio; /* used by SSL_write */ - BIO *bbio; /* used during session-id reuse to concatenate - * messages */ - - /* This holds a variable that indicates what we were doing when a 0 or -1 is - * returned. This is needed for non-blocking IO so we know what request - * needs re-doing when in SSL_accept or SSL_connect */ - int rwstate; - - /* true when we are actually in SSL_accept() or SSL_connect() */ - int in_handshake; - int (*handshake_func)(SSL *); - - /* Imagine that here's a boolean member "init" that is switched as soon as - * SSL_set_{accept/connect}_state is called for the first time, so that - * "state" and "handshake_func" are properly initialized. But as - * handshake_func is == 0 until then, we use this test instead of an "init" - * member. */ - - /* server is true iff the this SSL* is the server half. Note: before the SSL* - * is initialized by either SSL_set_accept_state or SSL_set_connect_state, - * the side is not determined. In this state, server is always false. */ - int server; - - /* quiet_shutdown is true if the connection should not send a close_notify on - * shutdown. */ - int quiet_shutdown; - - int shutdown; /* we have shut things down, 0x01 sent, 0x02 - * for received */ - int state; /* where we are */ - int rstate; /* where we are when reading */ - - BUF_MEM *init_buf; /* buffer used during init */ - uint8_t *init_msg; /* pointer to handshake message body, set by - ssl3_get_message() */ - int init_num; /* amount read/written */ - int init_off; /* amount read/written */ - - /* used internally to point at a raw packet */ - uint8_t *packet; - unsigned int packet_length; - - struct ssl3_state_st *s3; /* SSLv3 variables */ - struct dtls1_state_st *d1; /* DTLSv1 variables */ - - /* callback that allows applications to peek at protocol messages */ - void (*msg_callback)(int write_p, int version, int content_type, - const void *buf, size_t len, SSL *ssl, void *arg); - void *msg_callback_arg; - - int hit; /* reusing a previous session */ - - X509_VERIFY_PARAM *param; - - /* crypto */ - struct ssl_cipher_preference_list_st *cipher_list; - STACK_OF(SSL_CIPHER) *cipher_list_by_id; - - SSL_AEAD_CTX *aead_read_ctx; - SSL_AEAD_CTX *aead_write_ctx; - - /* session info */ - - /* client cert? */ - /* This is used to hold the server certificate used */ - struct cert_st /* CERT */ *cert; - - /* the session_id_context is used to ensure sessions are only reused - * in the appropriate context */ - unsigned int sid_ctx_length; - uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH]; - - /* This can also be in the session once a session is established */ - SSL_SESSION *session; - - /* Default generate session ID callback. */ - GEN_SESSION_CB generate_session_id; - - /* Used in SSL2 and SSL3 */ - int verify_mode; /* 0 don't care about verify failure. - * 1 fail if verify fails */ - int (*verify_callback)(int ok, - X509_STORE_CTX *ctx); /* fail if callback returns 0 */ - - void (*info_callback)(const SSL *ssl, int type, - int val); /* optional informational callback */ - - /* Server-only: psk_identity_hint is the identity hint to send in - * PSK-based key exchanges. */ - char *psk_identity_hint; - - unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, - char *identity, - unsigned int max_identity_len, - uint8_t *psk, unsigned int max_psk_len); - unsigned int (*psk_server_callback)(SSL *ssl, const char *identity, - uint8_t *psk, unsigned int max_psk_len); - - SSL_CTX *ctx; - - /* extra application data */ - long verify_result; - CRYPTO_EX_DATA ex_data; - - /* for server side, keep the list of CA_dn we can use */ - STACK_OF(X509_NAME) *client_CA; - - uint32_t options; /* protocol behaviour */ - uint32_t mode; /* API behaviour */ - uint32_t max_cert_list; - int client_version; /* what was passed, used for - * SSLv3/TLS rollback check */ - uint16_t max_send_fragment; - char *tlsext_hostname; - /* should_ack_sni is true if the SNI extension should be acked. This is - * only used by a server. */ - char should_ack_sni; - /* RFC4507 session ticket expected to be received or sent */ - int tlsext_ticket_expected; - size_t tlsext_ecpointformatlist_length; - uint8_t *tlsext_ecpointformatlist; /* our list */ - size_t tlsext_ellipticcurvelist_length; - uint16_t *tlsext_ellipticcurvelist; /* our list */ - - SSL_CTX *initial_ctx; /* initial ctx, used to store sessions */ - - /* Next protocol negotiation. For the client, this is the protocol that we - * sent in NextProtocol and is set when handling ServerHello extensions. - * - * For a server, this is the client's selected_protocol from NextProtocol and - * is set when handling the NextProtocol message, before the Finished - * message. */ - uint8_t *next_proto_negotiated; - size_t next_proto_negotiated_len; - - /* srtp_profiles is the list of configured SRTP protection profiles for - * DTLS-SRTP. */ - STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; - - /* srtp_profile is the selected SRTP protection profile for - * DTLS-SRTP. */ - const SRTP_PROTECTION_PROFILE *srtp_profile; - - /* Copied from the SSL_CTX. For a server, means that we'll accept Channel IDs - * from clients. For a client, means that we'll advertise support. */ - char tlsext_channel_id_enabled; - /* The client's Channel ID private key. */ - EVP_PKEY *tlsext_channel_id_private; - - /* Enable signed certificate time stamps. Currently client only. */ - char signed_cert_timestamps_enabled; - - /* Enable OCSP stapling. Currently client only. - * TODO(davidben): Add a server-side implementation when it becomes - * necesary. */ - char ocsp_stapling_enabled; - - /* For a client, this contains the list of supported protocols in wire - * format. */ - uint8_t *alpn_client_proto_list; - unsigned alpn_client_proto_list_len; - - /* fastradio_padding, if true, causes ClientHellos to be padded to 1024 - * bytes. This ensures that the cellular radio is fast forwarded to DCH (high - * data rate) state in 3G networks. */ - char fastradio_padding; - - /* accept_peer_renegotiations, if one, accepts renegotiation attempts from the - * peer. Otherwise, they will be rejected with a fatal error. */ - char accept_peer_renegotiations; - - /* These fields are always NULL and exist only to keep wpa_supplicant happy - * about the change to EVP_AEAD. They are only needed for EAP-FAST, which we - * don't support. */ - EVP_CIPHER_CTX *enc_read_ctx; - EVP_MD_CTX *read_hash; -}; - -/* compatibility */ -#define SSL_set_app_data(s, arg) (SSL_set_ex_data(s, 0, (char *)arg)) -#define SSL_get_app_data(s) (SSL_get_ex_data(s, 0)) -#define SSL_SESSION_set_app_data(s, a) \ - (SSL_SESSION_set_ex_data(s, 0, (char *)a)) -#define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s, 0)) -#define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx, 0)) -#define SSL_CTX_set_app_data(ctx, arg) \ - (SSL_CTX_set_ex_data(ctx, 0, (char *)arg)) - -/* The following are the possible values for ssl->state are are used to - * indicate where we are up to in the SSL connection establishment. The macros - * that follow are about the only things you should need to use and even then, - * only when using non-blocking IO. It can also be useful to work out where you - * were when the connection failed */ - -#define SSL_ST_CONNECT 0x1000 -#define SSL_ST_ACCEPT 0x2000 -#define SSL_ST_MASK 0x0FFF -#define SSL_ST_INIT (SSL_ST_CONNECT | SSL_ST_ACCEPT) -#define SSL_ST_OK 0x03 -#define SSL_ST_RENEGOTIATE (0x04 | SSL_ST_INIT) - -#define SSL_CB_LOOP 0x01 -#define SSL_CB_EXIT 0x02 -#define SSL_CB_READ 0x04 -#define SSL_CB_WRITE 0x08 -#define SSL_CB_ALERT 0x4000 /* used in callback */ -#define SSL_CB_READ_ALERT (SSL_CB_ALERT | SSL_CB_READ) -#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT | SSL_CB_WRITE) -#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT | SSL_CB_LOOP) -#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT | SSL_CB_EXIT) -#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT | SSL_CB_LOOP) -#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT | SSL_CB_EXIT) -#define SSL_CB_HANDSHAKE_START 0x10 -#define SSL_CB_HANDSHAKE_DONE 0x20 - -/* Is the SSL_connection established? */ -#define SSL_get_state(a) SSL_state(a) -#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK) -#define SSL_in_init(a) (SSL_state(a) & SSL_ST_INIT) -#define SSL_in_connect_init(a) (SSL_state(a) & SSL_ST_CONNECT) -#define SSL_in_accept_init(a) (SSL_state(a) & SSL_ST_ACCEPT) - -/* SSL_in_false_start returns one if |s| has a pending unfinished handshake that - * is in False Start. |SSL_write| may be called at this point without waiting - * for the peer, but |SSL_read| will require the handshake to be completed. */ -OPENSSL_EXPORT int SSL_in_false_start(const SSL *s); - -/* The following 2 states are kept in ssl->rstate when reads fail, - * you should not need these */ -#define SSL_ST_READ_HEADER 0xF0 -#define SSL_ST_READ_BODY 0xF1 -#define SSL_ST_READ_DONE 0xF2 - -/* Obtain latest Finished message - * -- that we sent (SSL_get_finished) - * -- that we expected from peer (SSL_get_peer_finished). - * Returns length (0 == no Finished so far), copies up to 'count' bytes. */ -OPENSSL_EXPORT size_t SSL_get_finished(const SSL *s, void *buf, size_t count); -OPENSSL_EXPORT size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count); - -/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 3 options - * are 'ored' with SSL_VERIFY_PEER if they are desired */ -#define SSL_VERIFY_NONE 0x00 -#define SSL_VERIFY_PEER 0x01 -#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02 -/* SSL_VERIFY_CLIENT_ONCE does nothing. */ -#define SSL_VERIFY_CLIENT_ONCE 0x04 -#define SSL_VERIFY_PEER_IF_NO_OBC 0x08 - -#define OpenSSL_add_ssl_algorithms() SSL_library_init() -#define SSLeay_add_ssl_algorithms() SSL_library_init() - -/* For backward compatibility */ -#define SSL_get_cipher(s) SSL_CIPHER_get_name(SSL_get_current_cipher(s)) -#define SSL_get_cipher_bits(s, np) \ - SSL_CIPHER_get_bits(SSL_get_current_cipher(s), np) -#define SSL_get_cipher_version(s) \ - SSL_CIPHER_get_version(SSL_get_current_cipher(s)) -#define SSL_get_cipher_name(s) SSL_CIPHER_get_name(SSL_get_current_cipher(s)) -#define SSL_get_time(a) SSL_SESSION_get_time(a) -#define SSL_set_time(a, b) SSL_SESSION_set_time((a), (b)) -#define SSL_get_timeout(a) SSL_SESSION_get_timeout(a) -#define SSL_set_timeout(a, b) SSL_SESSION_set_timeout((a), (b)) - -#define d2i_SSL_SESSION_bio(bp, s_id) \ - ASN1_d2i_bio_of(SSL_SESSION, SSL_SESSION_new, d2i_SSL_SESSION, bp, s_id) -#define i2d_SSL_SESSION_bio(bp, s_id) \ - ASN1_i2d_bio_of(SSL_SESSION, i2d_SSL_SESSION, bp, s_id) - -DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) - -/* make_errors.go reserves error codes above 1000 for manually-assigned errors. - * This value must be kept in sync with reservedReasonCode in make_errors.h */ -#define SSL_AD_REASON_OFFSET \ - 1000 /* offset to get SSL_R_... value from SSL_AD_... */ - -/* These alert types are for SSLv3 and TLSv1 */ -#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY -#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */ -#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */ -#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED -#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW -#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE /* fatal */ -#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE /* fatal */ -#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */ -#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE -#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE -#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED -#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED -#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN -#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */ -#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */ -#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */ -#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */ -#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR -#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION /* fatal */ -#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */ -#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY /* fatal */ -#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */ -#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED -#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION -#define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION -#define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE -#define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME -#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE \ - TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE -#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE -#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */ -#define SSL_AD_INAPPROPRIATE_FALLBACK SSL3_AD_INAPPROPRIATE_FALLBACK /* fatal */ - -#define SSL_ERROR_NONE 0 -#define SSL_ERROR_SSL 1 -#define SSL_ERROR_WANT_READ 2 -#define SSL_ERROR_WANT_WRITE 3 -#define SSL_ERROR_WANT_X509_LOOKUP 4 -#define SSL_ERROR_SYSCALL 5 /* look at error stack/return value/errno */ -#define SSL_ERROR_ZERO_RETURN 6 -#define SSL_ERROR_WANT_CONNECT 7 -#define SSL_ERROR_WANT_ACCEPT 8 -#define SSL_ERROR_WANT_CHANNEL_ID_LOOKUP 9 -#define SSL_ERROR_PENDING_SESSION 11 -#define SSL_ERROR_PENDING_CERTIFICATE 12 - -#define SSL_CTRL_EXTRA_CHAIN_CERT 14 - -/* see tls1.h for macros based on these */ -#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58 -#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59 - -#define SSL_CTRL_SET_SRP_ARG 78 -#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79 -#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80 -#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81 - -#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82 -#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83 - -#define SSL_CTRL_CHAIN 88 -#define SSL_CTRL_CHAIN_CERT 89 - -#define SSL_CTRL_GET_CURVES 90 -#define SSL_CTRL_SET_CURVES 91 -#define SSL_CTRL_SET_CURVES_LIST 92 -#define SSL_CTRL_SET_SIGALGS 97 -#define SSL_CTRL_SET_SIGALGS_LIST 98 -#define SSL_CTRL_SET_CLIENT_SIGALGS 101 -#define SSL_CTRL_SET_CLIENT_SIGALGS_LIST 102 -#define SSL_CTRL_GET_CLIENT_CERT_TYPES 103 -#define SSL_CTRL_SET_CLIENT_CERT_TYPES 104 -#define SSL_CTRL_BUILD_CERT_CHAIN 105 -#define SSL_CTRL_SET_VERIFY_CERT_STORE 106 -#define SSL_CTRL_SET_CHAIN_CERT_STORE 107 -#define SSL_CTRL_GET_SERVER_TMP_KEY 109 -#define SSL_CTRL_GET_EC_POINT_FORMATS 111 - -#define SSL_CTRL_GET_CHAIN_CERTS 115 -#define SSL_CTRL_SELECT_CURRENT_CERT 116 - -/* DTLSv1_get_timeout queries the next DTLS handshake timeout. If there is a - * timeout in progress, it sets |*out| to the time remaining and returns one. - * Otherwise, it returns zero. - * - * When the timeout expires, call |DTLSv1_handle_timeout| to handle the - * retransmit behavior. - * - * NOTE: This function must be queried again whenever the handshake state - * machine changes, including when |DTLSv1_handle_timeout| is called. */ -OPENSSL_EXPORT int DTLSv1_get_timeout(const SSL *ssl, struct timeval *out); - -/* DTLSv1_handle_timeout is called when a DTLS handshake timeout expires. If no - * timeout had expired, it returns 0. Otherwise, it retransmits the previous - * flight of handshake messages and returns 1. If too many timeouts had expired - * without progress or an error occurs, it returns -1. - * - * NOTE: The caller's external timer should be compatible with the one |ssl| - * queries within some fudge factor. Otherwise, the call will be a no-op, but - * |DTLSv1_get_timeout| will return an updated timeout. - * - * WARNING: This function breaks the usual return value convention. */ -OPENSSL_EXPORT int DTLSv1_handle_timeout(SSL *ssl); - -/* SSL_session_reused returns one if |ssl| performed an abbreviated handshake - * and zero otherwise. - * - * TODO(davidben): Hammer down the semantics of this API while a handshake, - * initial or renego, is in progress. */ -OPENSSL_EXPORT int SSL_session_reused(const SSL *ssl); - -/* SSL_total_renegotiations returns the total number of renegotiation handshakes - * peformed by |ssl|. This includes the pending renegotiation, if any. */ -OPENSSL_EXPORT int SSL_total_renegotiations(const SSL *ssl); - -/* SSL_CTX_set_tmp_dh configures |ctx| to use the group from |dh| as the group - * for DHE. Only the group is used, so |dh| needn't have a keypair. It returns - * one on success and zero on error. */ -OPENSSL_EXPORT int SSL_CTX_set_tmp_dh(SSL_CTX *ctx, const DH *dh); - -/* SSL_set_tmp_dh configures |ssl| to use the group from |dh| as the group for - * DHE. Only the group is used, so |dh| needn't have a keypair. It returns one - * on success and zero on error. */ -OPENSSL_EXPORT int SSL_set_tmp_dh(SSL *ssl, const DH *dh); - -/* SSL_CTX_set_tmp_ecdh configures |ctx| to use the curve from |ecdh| as the - * curve for ephemeral ECDH keys. For historical reasons, this API expects an - * |EC_KEY|, but only the curve is used. It returns one on success and zero on - * error. If unset, an appropriate curve will be chosen automatically. (This is - * recommended.) */ -OPENSSL_EXPORT int SSL_CTX_set_tmp_ecdh(SSL_CTX *ctx, const EC_KEY *ec_key); - -/* SSL_set_tmp_ecdh configures |ssl| to use the curve from |ecdh| as the curve - * for ephemeral ECDH keys. For historical reasons, this API expects an - * |EC_KEY|, but only the curve is used. It returns one on success and zero on - * error. If unset, an appropriate curve will be chosen automatically. (This is - * recommended.) */ -OPENSSL_EXPORT int SSL_set_tmp_ecdh(SSL *ssl, const EC_KEY *ec_key); - -/* SSL_CTX_enable_tls_channel_id either configures a TLS server to accept TLS - * client IDs from clients, or configures a client to send TLS client IDs to - * a server. It returns one. */ -OPENSSL_EXPORT int SSL_CTX_enable_tls_channel_id(SSL_CTX *ctx); - -/* SSL_enable_tls_channel_id either configures a TLS server to accept TLS - * client IDs from clients, or configure a client to send TLS client IDs to - * server. It returns one. */ -OPENSSL_EXPORT int SSL_enable_tls_channel_id(SSL *ssl); - -/* SSL_CTX_set1_tls_channel_id configures a TLS client to send a TLS Channel ID - * to compatible servers. |private_key| must be a P-256 EC key. It returns one - * on success and zero on error. */ -OPENSSL_EXPORT int SSL_CTX_set1_tls_channel_id(SSL_CTX *ctx, - EVP_PKEY *private_key); - -/* SSL_set1_tls_channel_id configures a TLS client to send a TLS Channel ID to - * compatible servers. |private_key| must be a P-256 EC key. It returns one on - * success and zero on error. */ -OPENSSL_EXPORT int SSL_set1_tls_channel_id(SSL *ssl, EVP_PKEY *private_key); - -/* SSL_get_tls_channel_id gets the client's TLS Channel ID from a server SSL* - * and copies up to the first |max_out| bytes into |out|. The Channel ID - * consists of the client's P-256 public key as an (x,y) pair where each is a - * 32-byte, big-endian field element. It returns 0 if the client didn't offer a - * Channel ID and the length of the complete Channel ID otherwise. */ -OPENSSL_EXPORT size_t SSL_get_tls_channel_id(SSL *ssl, uint8_t *out, - size_t max_out); - -#define SSL_CTX_add_extra_chain_cert(ctx, x509) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, (char *)x509) -#define SSL_CTX_get_extra_chain_certs(ctx, px509) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, px509) -#define SSL_CTX_get_extra_chain_certs_only(ctx, px509) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 1, px509) -#define SSL_CTX_clear_extra_chain_certs(ctx) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS, 0, NULL) - -#define SSL_CTX_set0_chain(ctx, sk) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN, 0, (char *)sk) -#define SSL_CTX_set1_chain(ctx, sk) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN, 1, (char *)sk) -#define SSL_CTX_add0_chain_cert(ctx, x509) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 0, (char *)x509) -#define SSL_CTX_add1_chain_cert(ctx, x509) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 1, (char *)x509) -#define SSL_CTX_get0_chain_certs(ctx, px509) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_GET_CHAIN_CERTS, 0, px509) -#define SSL_CTX_clear_chain_certs(ctx) SSL_CTX_set0_chain(ctx, NULL) -#define SSL_CTX_build_cert_chain(ctx, flags) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL) -#define SSL_CTX_select_current_cert(ctx, x509) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_SELECT_CURRENT_CERT, 0, (char *)x509) - -#define SSL_CTX_set0_verify_cert_store(ctx, st) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, (char *)st) -#define SSL_CTX_set1_verify_cert_store(ctx, st) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 1, (char *)st) -#define SSL_CTX_set0_chain_cert_store(ctx, st) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CHAIN_CERT_STORE, 0, (char *)st) -#define SSL_CTX_set1_chain_cert_store(ctx, st) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CHAIN_CERT_STORE, 1, (char *)st) - -#define SSL_set0_chain(ctx, sk) SSL_ctrl(ctx, SSL_CTRL_CHAIN, 0, (char *)sk) -#define SSL_set1_chain(ctx, sk) SSL_ctrl(ctx, SSL_CTRL_CHAIN, 1, (char *)sk) -#define SSL_add0_chain_cert(ctx, x509) \ - SSL_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 0, (char *)x509) -#define SSL_add1_chain_cert(ctx, x509) \ - SSL_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 1, (char *)x509) -#define SSL_get0_chain_certs(ctx, px509) \ - SSL_ctrl(ctx, SSL_CTRL_GET_CHAIN_CERTS, 0, px509) -#define SSL_clear_chain_certs(ctx) SSL_set0_chain(ctx, NULL) -#define SSL_build_cert_chain(s, flags) \ - SSL_ctrl(s, SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL) -#define SSL_select_current_cert(ctx, x509) \ - SSL_ctrl(ctx, SSL_CTRL_SELECT_CURRENT_CERT, 0, (char *)x509) - -#define SSL_set0_verify_cert_store(s, st) \ - SSL_ctrl(s, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, (char *)st) -#define SSL_set1_verify_cert_store(s, st) \ - SSL_ctrl(s, SSL_CTRL_SET_VERIFY_CERT_STORE, 1, (char *)st) -#define SSL_set0_chain_cert_store(s, st) \ - SSL_ctrl(s, SSL_CTRL_SET_CHAIN_CERT_STORE, 0, (char *)st) -#define SSL_set1_chain_cert_store(s, st) \ - SSL_ctrl(s, SSL_CTRL_SET_CHAIN_CERT_STORE, 1, (char *)st) - -#define SSL_get1_curves(ctx, s) SSL_ctrl(ctx, SSL_CTRL_GET_CURVES, 0, (char *)s) -#define SSL_CTX_set1_curves(ctx, clist, clistlen) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CURVES, clistlen, (char *)clist) -#define SSL_CTX_set1_curves_list(ctx, s) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CURVES_LIST, 0, (char *)s) -#define SSL_set1_curves(ctx, clist, clistlen) \ - SSL_ctrl(ctx, SSL_CTRL_SET_CURVES, clistlen, (char *)clist) -#define SSL_set1_curves_list(ctx, s) \ - SSL_ctrl(ctx, SSL_CTRL_SET_CURVES_LIST, 0, (char *)s) - -#define SSL_CTX_set1_sigalgs(ctx, slist, slistlen) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS, slistlen, (int *)slist) -#define SSL_CTX_set1_sigalgs_list(ctx, s) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS_LIST, 0, (char *)s) -#define SSL_set1_sigalgs(ctx, slist, slistlen) \ - SSL_ctrl(ctx, SSL_CTRL_SET_SIGALGS, clistlen, (int *)slist) -#define SSL_set1_sigalgs_list(ctx, s) \ - SSL_ctrl(ctx, SSL_CTRL_SET_SIGALGS_LIST, 0, (char *)s) - -#define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS, slistlen, (int *)slist) -#define SSL_CTX_set1_client_sigalgs_list(ctx, s) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS_LIST, 0, (char *)s) -#define SSL_set1_client_sigalgs(ctx, slist, slistlen) \ - SSL_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS, clistlen, (int *)slist) -#define SSL_set1_client_sigalgs_list(ctx, s) \ - SSL_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS_LIST, 0, (char *)s) - -#define SSL_get0_certificate_types(s, clist) \ - SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, (char *)clist) - -#define SSL_CTX_set1_client_certificate_types(ctx, clist, clistlen) \ - SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_CERT_TYPES, clistlen, (char *)clist) -#define SSL_set1_client_certificate_types(s, clist, clistlen) \ - SSL_ctrl(s, SSL_CTRL_SET_CLIENT_CERT_TYPES, clistlen, (char *)clist) - -#define SSL_get_server_tmp_key(s, pk) \ - SSL_ctrl(s, SSL_CTRL_GET_SERVER_TMP_KEY, 0, pk) - -#define SSL_get0_ec_point_formats(s, plst) \ - SSL_ctrl(s, SSL_CTRL_GET_EC_POINT_FORMATS, 0, (char *)plst) - -OPENSSL_EXPORT int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str); -OPENSSL_EXPORT int SSL_CTX_set_cipher_list_tls11(SSL_CTX *, const char *str); -OPENSSL_EXPORT long SSL_CTX_set_timeout(SSL_CTX *ctx, long t); -OPENSSL_EXPORT long SSL_CTX_get_timeout(const SSL_CTX *ctx); -OPENSSL_EXPORT X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *); -OPENSSL_EXPORT void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *); -OPENSSL_EXPORT int SSL_want(const SSL *s); - -OPENSSL_EXPORT void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm); - -/* SSL_get_current_cipher returns the cipher used in the current outgoing - * connection state, or NULL if the null cipher is active. */ -OPENSSL_EXPORT const SSL_CIPHER *SSL_get_current_cipher(const SSL *s); - -OPENSSL_EXPORT int SSL_get_fd(const SSL *s); -OPENSSL_EXPORT int SSL_get_rfd(const SSL *s); -OPENSSL_EXPORT int SSL_get_wfd(const SSL *s); -OPENSSL_EXPORT const char *SSL_get_cipher_list(const SSL *s, int n); -OPENSSL_EXPORT int SSL_pending(const SSL *s); -OPENSSL_EXPORT int SSL_set_fd(SSL *s, int fd); -OPENSSL_EXPORT int SSL_set_rfd(SSL *s, int fd); -OPENSSL_EXPORT int SSL_set_wfd(SSL *s, int fd); -OPENSSL_EXPORT void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio); -OPENSSL_EXPORT BIO *SSL_get_rbio(const SSL *s); -OPENSSL_EXPORT BIO *SSL_get_wbio(const SSL *s); -OPENSSL_EXPORT int SSL_set_cipher_list(SSL *s, const char *str); -OPENSSL_EXPORT int SSL_get_verify_mode(const SSL *s); -OPENSSL_EXPORT int SSL_get_verify_depth(const SSL *s); -OPENSSL_EXPORT int (*SSL_get_verify_callback(const SSL *s))(int, - X509_STORE_CTX *); -OPENSSL_EXPORT void SSL_set_verify(SSL *s, int mode, - int (*callback)(int ok, - X509_STORE_CTX *ctx)); -OPENSSL_EXPORT void SSL_set_verify_depth(SSL *s, int depth); -OPENSSL_EXPORT void SSL_set_cert_cb(SSL *s, int (*cb)(SSL *ssl, void *arg), - void *arg); -OPENSSL_EXPORT int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa); -OPENSSL_EXPORT int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, uint8_t *d, long len); -OPENSSL_EXPORT int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey); -OPENSSL_EXPORT int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const uint8_t *d, - long len); -OPENSSL_EXPORT int SSL_use_certificate(SSL *ssl, X509 *x); -OPENSSL_EXPORT int SSL_use_certificate_ASN1(SSL *ssl, const uint8_t *d, - int len); - -OPENSSL_EXPORT int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, - int type); -OPENSSL_EXPORT int SSL_use_PrivateKey_file(SSL *ssl, const char *file, - int type); -OPENSSL_EXPORT int SSL_use_certificate_file(SSL *ssl, const char *file, - int type); -OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, - const char *file, int type); -OPENSSL_EXPORT int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, - int type); -OPENSSL_EXPORT int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, - int type); -OPENSSL_EXPORT int SSL_CTX_use_certificate_chain_file( - SSL_CTX *ctx, const char *file); /* PEM type */ -OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); -OPENSSL_EXPORT int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) * - stackCAs, - const char *file); -OPENSSL_EXPORT int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) * - stackCAs, - const char *dir); - -/* SSL_load_error_strings does nothing. */ -OPENSSL_EXPORT void SSL_load_error_strings(void); - -OPENSSL_EXPORT const char *SSL_state_string(const SSL *s); -OPENSSL_EXPORT const char *SSL_rstate_string(const SSL *s); -OPENSSL_EXPORT const char *SSL_state_string_long(const SSL *s); -OPENSSL_EXPORT const char *SSL_rstate_string_long(const SSL *s); -OPENSSL_EXPORT long SSL_SESSION_get_time(const SSL_SESSION *s); -OPENSSL_EXPORT long SSL_SESSION_set_time(SSL_SESSION *s, long t); -OPENSSL_EXPORT long SSL_SESSION_get_timeout(const SSL_SESSION *s); -OPENSSL_EXPORT long SSL_SESSION_set_timeout(SSL_SESSION *s, long t); -OPENSSL_EXPORT X509 *SSL_SESSION_get0_peer(SSL_SESSION *s); -OPENSSL_EXPORT int SSL_SESSION_set1_id_context(SSL_SESSION *s, - const uint8_t *sid_ctx, - unsigned int sid_ctx_len); - -OPENSSL_EXPORT SSL_SESSION *SSL_SESSION_new(void); -OPENSSL_EXPORT const uint8_t *SSL_SESSION_get_id(const SSL_SESSION *s, - unsigned int *len); -OPENSSL_EXPORT int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses); -OPENSSL_EXPORT int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses); - -/* SSL_SESSION_up_ref, if |session| is not NULL, increments the reference count - * of |session|. It then returns |session|. */ -OPENSSL_EXPORT SSL_SESSION *SSL_SESSION_up_ref(SSL_SESSION *session); - -/* SSL_SESSION_free decrements the reference count of |session|. If it reaches - * zero, all data referenced by |session| and |session| itself are released. */ -OPENSSL_EXPORT void SSL_SESSION_free(SSL_SESSION *session); - -OPENSSL_EXPORT int SSL_set_session(SSL *to, SSL_SESSION *session); -OPENSSL_EXPORT int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c); -OPENSSL_EXPORT int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c); -OPENSSL_EXPORT int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB); -OPENSSL_EXPORT int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB); -OPENSSL_EXPORT int SSL_has_matching_session_id(const SSL *ssl, - const uint8_t *id, - unsigned int id_len); - -/* SSL_SESSION_to_bytes serializes |in| into a newly allocated buffer and sets - * |*out_data| to that buffer and |*out_len| to its length. The caller takes - * ownership of the buffer and must call |OPENSSL_free| when done. It returns - * one on success and zero on error. */ -OPENSSL_EXPORT int SSL_SESSION_to_bytes(SSL_SESSION *in, uint8_t **out_data, - size_t *out_len); - -/* SSL_SESSION_to_bytes_for_ticket serializes |in|, but excludes the session ID - * which is not necessary in a session ticket. */ -OPENSSL_EXPORT int SSL_SESSION_to_bytes_for_ticket(SSL_SESSION *in, - uint8_t **out_data, - size_t *out_len); - -/* Deprecated: i2d_SSL_SESSION serializes |in| to the bytes pointed to by - * |*pp|. On success, it returns the number of bytes written and advances |*pp| - * by that many bytes. On failure, it returns -1. If |pp| is NULL, no bytes are - * written and only the length is returned. - * - * Use SSL_SESSION_to_bytes instead. */ -OPENSSL_EXPORT int i2d_SSL_SESSION(SSL_SESSION *in, uint8_t **pp); - -/* d2i_SSL_SESSION deserializes a serialized buffer contained in the |length| - * bytes pointed to by |*pp|. It returns the new SSL_SESSION and advances |*pp| - * by the number of bytes consumed on success and NULL on failure. If |a| is - * NULL, the caller takes ownership of the new session and must call - * |SSL_SESSION_free| when done. - * - * If |a| and |*a| are not NULL, the SSL_SESSION at |*a| is overridden with the - * deserialized session rather than allocating a new one. In addition, |a| is - * not NULL, but |*a| is, |*a| is set to the new SSL_SESSION. - * - * Passing a value other than NULL to |a| is deprecated. */ -OPENSSL_EXPORT SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const uint8_t **pp, - long length); - -OPENSSL_EXPORT X509 *SSL_get_peer_certificate(const SSL *s); - -OPENSSL_EXPORT STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s); - -OPENSSL_EXPORT int SSL_CTX_get_verify_mode(const SSL_CTX *ctx); -OPENSSL_EXPORT int SSL_CTX_get_verify_depth(const SSL_CTX *ctx); -OPENSSL_EXPORT int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))( - int, X509_STORE_CTX *); -OPENSSL_EXPORT void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, - int (*callback)(int, X509_STORE_CTX *)); -OPENSSL_EXPORT void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth); -OPENSSL_EXPORT void SSL_CTX_set_cert_verify_callback( - SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *, void *), void *arg); -OPENSSL_EXPORT void SSL_CTX_set_cert_cb(SSL_CTX *c, - int (*cb)(SSL *ssl, void *arg), - void *arg); -OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa); -OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, - const uint8_t *d, long len); -OPENSSL_EXPORT int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); -OPENSSL_EXPORT int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, - const uint8_t *d, long len); -OPENSSL_EXPORT int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x); -OPENSSL_EXPORT int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, - const uint8_t *d); - -OPENSSL_EXPORT void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, - pem_password_cb *cb); -OPENSSL_EXPORT void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, - void *u); - -OPENSSL_EXPORT int SSL_CTX_check_private_key(const SSL_CTX *ctx); -OPENSSL_EXPORT int SSL_check_private_key(const SSL *ctx); - -OPENSSL_EXPORT int SSL_CTX_set_session_id_context(SSL_CTX *ctx, - const uint8_t *sid_ctx, - unsigned int sid_ctx_len); - -OPENSSL_EXPORT int SSL_set_session_id_context(SSL *ssl, const uint8_t *sid_ctx, - unsigned int sid_ctx_len); - -OPENSSL_EXPORT int SSL_CTX_set_purpose(SSL_CTX *s, int purpose); -OPENSSL_EXPORT int SSL_set_purpose(SSL *s, int purpose); -OPENSSL_EXPORT int SSL_CTX_set_trust(SSL_CTX *s, int trust); -OPENSSL_EXPORT int SSL_set_trust(SSL *s, int trust); - -OPENSSL_EXPORT int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm); -OPENSSL_EXPORT int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm); - -OPENSSL_EXPORT X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx); -OPENSSL_EXPORT X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl); - -OPENSSL_EXPORT void SSL_certs_clear(SSL *s); -OPENSSL_EXPORT int SSL_accept(SSL *ssl); -OPENSSL_EXPORT int SSL_connect(SSL *ssl); -OPENSSL_EXPORT int SSL_read(SSL *ssl, void *buf, int num); -OPENSSL_EXPORT int SSL_peek(SSL *ssl, void *buf, int num); -OPENSSL_EXPORT int SSL_write(SSL *ssl, const void *buf, int num); -OPENSSL_EXPORT long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg); -OPENSSL_EXPORT long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg); - -OPENSSL_EXPORT int SSL_get_error(const SSL *s, int ret_code); -/* SSL_get_version returns a string describing the TLS version used by |s|. For - * example, "TLSv1.2" or "SSLv3". */ -OPENSSL_EXPORT const char *SSL_get_version(const SSL *s); -/* SSL_SESSION_get_version returns a string describing the TLS version used by - * |sess|. For example, "TLSv1.2" or "SSLv3". */ -OPENSSL_EXPORT const char *SSL_SESSION_get_version(const SSL_SESSION *sess); - -OPENSSL_EXPORT STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s); - -OPENSSL_EXPORT int SSL_do_handshake(SSL *s); - -/* SSL_renegotiate_pending returns one if |ssl| is in the middle of a - * renegotiation. */ -OPENSSL_EXPORT int SSL_renegotiate_pending(SSL *ssl); - -OPENSSL_EXPORT int SSL_shutdown(SSL *s); - -OPENSSL_EXPORT const char *SSL_alert_type_string_long(int value); -OPENSSL_EXPORT const char *SSL_alert_type_string(int value); -OPENSSL_EXPORT const char *SSL_alert_desc_string_long(int value); -OPENSSL_EXPORT const char *SSL_alert_desc_string(int value); - -OPENSSL_EXPORT void SSL_set_client_CA_list(SSL *s, - STACK_OF(X509_NAME) *name_list); -OPENSSL_EXPORT void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, - STACK_OF(X509_NAME) *name_list); -OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s); -OPENSSL_EXPORT STACK_OF(X509_NAME) * - SSL_CTX_get_client_CA_list(const SSL_CTX *s); -OPENSSL_EXPORT int SSL_add_client_CA(SSL *ssl, X509 *x); -OPENSSL_EXPORT int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x); - -OPENSSL_EXPORT long SSL_get_default_timeout(const SSL *s); - -OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk); - -OPENSSL_EXPORT X509 *SSL_get_certificate(const SSL *ssl); -OPENSSL_EXPORT EVP_PKEY *SSL_get_privatekey(const SSL *ssl); - -OPENSSL_EXPORT X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx); -OPENSSL_EXPORT EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx); - -OPENSSL_EXPORT void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode); -OPENSSL_EXPORT int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx); -OPENSSL_EXPORT void SSL_set_quiet_shutdown(SSL *ssl, int mode); -OPENSSL_EXPORT int SSL_get_quiet_shutdown(const SSL *ssl); -OPENSSL_EXPORT void SSL_set_shutdown(SSL *ssl, int mode); -OPENSSL_EXPORT int SSL_get_shutdown(const SSL *ssl); -OPENSSL_EXPORT int SSL_version(const SSL *ssl); -OPENSSL_EXPORT int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx); -OPENSSL_EXPORT int SSL_CTX_load_verify_locations(SSL_CTX *ctx, - const char *CAfile, - const char *CApath); -#define SSL_get0_session SSL_get_session /* just peek at pointer */ -OPENSSL_EXPORT SSL_SESSION *SSL_get_session(const SSL *ssl); -OPENSSL_EXPORT SSL_SESSION *SSL_get1_session( - SSL *ssl); /* obtain a reference count */ -OPENSSL_EXPORT SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl); -OPENSSL_EXPORT SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx); -OPENSSL_EXPORT void SSL_set_info_callback(SSL *ssl, - void (*cb)(const SSL *ssl, int type, - int val)); -OPENSSL_EXPORT void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, - int type, int val); -OPENSSL_EXPORT int SSL_state(const SSL *ssl); - -OPENSSL_EXPORT void SSL_set_verify_result(SSL *ssl, long v); -OPENSSL_EXPORT long SSL_get_verify_result(const SSL *ssl); - -OPENSSL_EXPORT int SSL_set_ex_data(SSL *ssl, int idx, void *data); -OPENSSL_EXPORT void *SSL_get_ex_data(const SSL *ssl, int idx); -OPENSSL_EXPORT int SSL_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - -OPENSSL_EXPORT int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, - void *data); -OPENSSL_EXPORT void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss, int idx); -OPENSSL_EXPORT int SSL_SESSION_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - -OPENSSL_EXPORT int SSL_CTX_set_ex_data(SSL_CTX *ssl, int idx, void *data); -OPENSSL_EXPORT void *SSL_CTX_get_ex_data(const SSL_CTX *ssl, int idx); -OPENSSL_EXPORT int SSL_CTX_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - -OPENSSL_EXPORT int SSL_get_ex_data_X509_STORE_CTX_idx(void); - -/* SSL_CTX_sess_set_cache_size sets the maximum size of |ctx|'s session cache to - * |size|. It returns the previous value. */ -OPENSSL_EXPORT unsigned long SSL_CTX_sess_set_cache_size(SSL_CTX *ctx, - unsigned long size); - -/* SSL_CTX_sess_get_cache_size returns the maximum size of |ctx|'s session - * cache. */ -OPENSSL_EXPORT unsigned long SSL_CTX_sess_get_cache_size(const SSL_CTX *ctx); - -/* SSL_SESS_CACHE_* are the possible session cache mode bits. - * TODO(davidben): Document. */ -#define SSL_SESS_CACHE_OFF 0x0000 -#define SSL_SESS_CACHE_CLIENT 0x0001 -#define SSL_SESS_CACHE_SERVER 0x0002 -#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_SERVER) -#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080 -#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100 -#define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200 -#define SSL_SESS_CACHE_NO_INTERNAL \ - (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP | SSL_SESS_CACHE_NO_INTERNAL_STORE) - -/* SSL_CTX_set_session_cache_mode sets the session cache mode bits for |ctx| to - * |mode|. It returns the previous value. */ -OPENSSL_EXPORT int SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, int mode); - -/* SSL_CTX_get_session_cache_mode returns the session cache mode bits for - * |ctx| */ -OPENSSL_EXPORT int SSL_CTX_get_session_cache_mode(const SSL_CTX *ctx); - -/* SSL_CTX_get_max_cert_list returns the maximum length, in bytes, of a peer - * certificate chain accepted by |ctx|. */ -OPENSSL_EXPORT size_t SSL_CTX_get_max_cert_list(const SSL_CTX *ctx); - -/* SSL_CTX_set_max_cert_list sets the maximum length, in bytes, of a peer - * certificate chain to |max_cert_list|. This affects how much memory may be - * consumed during the handshake. */ -OPENSSL_EXPORT void SSL_CTX_set_max_cert_list(SSL_CTX *ctx, - size_t max_cert_list); - -/* SSL_get_max_cert_list returns the maximum length, in bytes, of a peer - * certificate chain accepted by |ssl|. */ -OPENSSL_EXPORT size_t SSL_get_max_cert_list(const SSL *ssl); - -/* SSL_set_max_cert_list sets the maximum length, in bytes, of a peer - * certificate chain to |max_cert_list|. This affects how much memory may be - * consumed during the handshake. */ -OPENSSL_EXPORT void SSL_set_max_cert_list(SSL *ssl, size_t max_cert_list); - -/* SSL_CTX_set_max_send_fragment sets the maximum length, in bytes, of records - * sent by |ctx|. Beyond this length, handshake messages and application data - * will be split into multiple records. */ -OPENSSL_EXPORT void SSL_CTX_set_max_send_fragment(SSL_CTX *ctx, - size_t max_send_fragment); - -/* SSL_set_max_send_fragment sets the maximum length, in bytes, of records - * sent by |ssl|. Beyond this length, handshake messages and application data - * will be split into multiple records. */ -OPENSSL_EXPORT void SSL_set_max_send_fragment(SSL *ssl, - size_t max_send_fragment); - -/* SSL_CTX_set_tmp_dh_callback configures |ctx| to use |callback| to determine - * the group for DHE ciphers. |callback| should ignore |is_export| and - * |keylength| and return a |DH| of the selected group or NULL on error. Only - * the parameters are used, so the |DH| needn't have a generated keypair. - * - * WARNING: The caller does not take ownership of the resulting |DH|, so - * |callback| must save and release the object elsewhere. */ -OPENSSL_EXPORT void SSL_CTX_set_tmp_dh_callback( - SSL_CTX *ctx, DH *(*callback)(SSL *ssl, int is_export, int keylength)); - -/* SSL_set_tmp_dh_callback configures |ssl| to use |callback| to determine the - * group for DHE ciphers. |callback| should ignore |is_export| and |keylength| - * and return a |DH| of the selected group or NULL on error. Only the - * parameters are used, so the |DH| needn't have a generated keypair. - * - * WARNING: The caller does not take ownership of the resulting |DH|, so - * |callback| must save and release the object elsewhere. */ -OPENSSL_EXPORT void SSL_set_tmp_dh_callback(SSL *ssl, - DH *(*dh)(SSL *ssl, int is_export, - int keylength)); - -/* SSL_CTX_set_tmp_ecdh_callback configures |ctx| to use |callback| to determine - * the curve for ephemeral ECDH keys. |callback| should ignore |is_export| and - * |keylength| and return an |EC_KEY| of the selected curve or NULL on - * error. Only the curve is used, so the |EC_KEY| needn't have a generated - * keypair. - * - * If the callback is unset, an appropriate curve will be chosen automatically. - * (This is recommended.) - * - * WARNING: The caller does not take ownership of the resulting |EC_KEY|, so - * |callback| must save and release the object elsewhere. */ -OPENSSL_EXPORT void SSL_CTX_set_tmp_ecdh_callback( - SSL_CTX *ctx, EC_KEY *(*callback)(SSL *ssl, int is_export, int keylength)); - -/* SSL_set_tmp_ecdh_callback configures |ssl| to use |callback| to determine the - * curve for ephemeral ECDH keys. |callback| should ignore |is_export| and - * |keylength| and return an |EC_KEY| of the selected curve or NULL on - * error. Only the curve is used, so the |EC_KEY| needn't have a generated - * keypair. - * - * If the callback is unset, an appropriate curve will be chosen automatically. - * (This is recommended.) - * - * WARNING: The caller does not take ownership of the resulting |EC_KEY|, so - * |callback| must save and release the object elsewhere. */ -OPENSSL_EXPORT void SSL_set_tmp_ecdh_callback( - SSL *ssl, EC_KEY *(*callback)(SSL *ssl, int is_export, int keylength)); - -OPENSSL_EXPORT const void *SSL_get_current_compression(SSL *s); -OPENSSL_EXPORT const void *SSL_get_current_expansion(SSL *s); - -OPENSSL_EXPORT int SSL_cache_hit(SSL *s); -OPENSSL_EXPORT int SSL_is_server(SSL *s); - -/* SSL_CTX_set_dos_protection_cb sets a callback that is called once the - * resumption decision for a ClientHello has been made. It can return 1 to - * allow the handshake to continue or zero to cause the handshake to abort. */ -OPENSSL_EXPORT void SSL_CTX_set_dos_protection_cb( - SSL_CTX *ctx, int (*cb)(const struct ssl_early_callback_ctx *)); - -/* SSL_get_structure_sizes returns the sizes of the SSL, SSL_CTX and - * SSL_SESSION structures so that a test can ensure that outside code agrees on - * these values. */ -OPENSSL_EXPORT void SSL_get_structure_sizes(size_t *ssl_size, - size_t *ssl_ctx_size, - size_t *ssl_session_size); - -OPENSSL_EXPORT void ERR_load_SSL_strings(void); - -/* SSL_get_rc4_state sets |*read_key| and |*write_key| to the RC4 states for - * the read and write directions. It returns one on success or zero if |ssl| - * isn't using an RC4-based cipher suite. */ -OPENSSL_EXPORT int SSL_get_rc4_state(const SSL *ssl, const RC4_KEY **read_key, - const RC4_KEY **write_key); - - -/* Deprecated functions. */ - -/* SSL_CIPHER_description writes a description of |cipher| into |buf| and - * returns |buf|. If |buf| is NULL, it returns a newly allocated string, to be - * freed with |OPENSSL_free|, or NULL on error. - * - * The description includes a trailing newline and has the form: - * AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1 - * - * Consider |SSL_CIPHER_get_name| or |SSL_CIPHER_get_rfc_name| instead. */ -OPENSSL_EXPORT const char *SSL_CIPHER_description(const SSL_CIPHER *cipher, - char *buf, int len); - -/* SSL_CIPHER_get_version returns the string "TLSv1/SSLv3". */ -OPENSSL_EXPORT const char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher); - -/* SSL_COMP_get_compression_methods returns NULL. */ -OPENSSL_EXPORT void *SSL_COMP_get_compression_methods(void); - -/* SSL_COMP_add_compression_method returns one. */ -OPENSSL_EXPORT int SSL_COMP_add_compression_method(int id, void *cm); - -/* SSL_COMP_get_name returns NULL. */ -OPENSSL_EXPORT const char *SSL_COMP_get_name(const void *comp); - -/* SSLv23_method calls |TLS_method|. */ -OPENSSL_EXPORT const SSL_METHOD *SSLv23_method(void); - -/* Version-specific methods behave exactly like |TLS_method| and |DTLS_method| - * except they also call |SSL_CTX_set_min_version| and |SSL_CTX_set_max_version| - * to lock connections to that protocol version. */ -OPENSSL_EXPORT const SSL_METHOD *SSLv3_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_1_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_2_method(void); -OPENSSL_EXPORT const SSL_METHOD *DTLSv1_method(void); -OPENSSL_EXPORT const SSL_METHOD *DTLSv1_2_method(void); - -/* Client- and server-specific methods call their corresponding generic - * methods. */ -OPENSSL_EXPORT const SSL_METHOD *SSLv23_server_method(void); -OPENSSL_EXPORT const SSL_METHOD *SSLv23_client_method(void); -OPENSSL_EXPORT const SSL_METHOD *SSLv3_server_method(void); -OPENSSL_EXPORT const SSL_METHOD *SSLv3_client_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_server_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_client_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_1_server_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_1_client_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_2_server_method(void); -OPENSSL_EXPORT const SSL_METHOD *TLSv1_2_client_method(void); -OPENSSL_EXPORT const SSL_METHOD *DTLS_server_method(void); -OPENSSL_EXPORT const SSL_METHOD *DTLS_client_method(void); -OPENSSL_EXPORT const SSL_METHOD *DTLSv1_server_method(void); -OPENSSL_EXPORT const SSL_METHOD *DTLSv1_client_method(void); -OPENSSL_EXPORT const SSL_METHOD *DTLSv1_2_server_method(void); -OPENSSL_EXPORT const SSL_METHOD *DTLSv1_2_client_method(void); - -/* SSL_clear resets |ssl| to allow another connection and returns one on success - * or zero on failure. It returns most configuration state but releases memory - * associated with the current connection. - * - * Free |ssl| and create a new one instead. */ -OPENSSL_EXPORT int SSL_clear(SSL *ssl); - -/* SSL_CTX_set_tmp_rsa_callback does nothing. */ -OPENSSL_EXPORT void SSL_CTX_set_tmp_rsa_callback( - SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export, int keylength)); - -/* SSL_set_tmp_rsa_callback does nothing. */ -OPENSSL_EXPORT void SSL_set_tmp_rsa_callback(SSL *ssl, - RSA *(*cb)(SSL *ssl, int is_export, - int keylength)); - -/* SSL_CTX_sess_connect returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_connect(const SSL_CTX *ctx); - -/* SSL_CTX_sess_connect_good returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_connect_good(const SSL_CTX *ctx); - -/* SSL_CTX_sess_connect_renegotiate returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_connect_renegotiate(const SSL_CTX *ctx); - -/* SSL_CTX_sess_accept returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_accept(const SSL_CTX *ctx); - -/* SSL_CTX_sess_accept_renegotiate returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_accept_renegotiate(const SSL_CTX *ctx); - -/* SSL_CTX_sess_accept_good returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_accept_good(const SSL_CTX *ctx); - -/* SSL_CTX_sess_hits returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_hits(const SSL_CTX *ctx); - -/* SSL_CTX_sess_cb_hits returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_cb_hits(const SSL_CTX *ctx); - -/* SSL_CTX_sess_misses returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_misses(const SSL_CTX *ctx); - -/* SSL_CTX_sess_timeouts returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_timeouts(const SSL_CTX *ctx); - -/* SSL_CTX_sess_cache_full returns zero. */ -OPENSSL_EXPORT int SSL_CTX_sess_cache_full(const SSL_CTX *ctx); - -/* SSL_cutthrough_complete calls |SSL_in_false_start|. */ -OPENSSL_EXPORT int SSL_cutthrough_complete(const SSL *s); - -/* SSL_num_renegotiations calls |SSL_total_renegotiations|. */ -OPENSSL_EXPORT int SSL_num_renegotiations(const SSL *ssl); - -/* SSL_CTX_need_tmp_RSA returns zero. */ -OPENSSL_EXPORT int SSL_CTX_need_tmp_RSA(const SSL_CTX *ctx); - -/* SSL_need_tmp_RSA returns zero. */ -OPENSSL_EXPORT int SSL_need_tmp_RSA(const SSL *ssl); - -/* SSL_CTX_set_tmp_rsa returns one. */ -OPENSSL_EXPORT int SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, const RSA *rsa); - -/* SSL_set_tmp_rsa returns one. */ -OPENSSL_EXPORT int SSL_set_tmp_rsa(SSL *ssl, const RSA *rsa); - -/* SSL_CTX_get_read_head returns zero. */ -OPENSSL_EXPORT int SSL_CTX_get_read_ahead(const SSL_CTX *ctx); - -/* SSL_CTX_set_read_ahead does nothing. */ -OPENSSL_EXPORT void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes); - -/* SSL_get_read_head returns zero. */ -OPENSSL_EXPORT int SSL_get_read_ahead(const SSL *s); - -/* SSL_set_read_ahead does nothing. */ -OPENSSL_EXPORT void SSL_set_read_ahead(SSL *s, int yes); - -/* SSL_renegotiate put an error on the error queue and returns zero. */ -OPENSSL_EXPORT int SSL_renegotiate(SSL *ssl); - -/* SSL_set_state does nothing. */ -OPENSSL_EXPORT void SSL_set_state(SSL *ssl, int state); - - -/* Android compatibility section. - * - * These functions are declared, temporarily, for Android because - * wpa_supplicant will take a little time to sync with upstream. Outside of - * Android they'll have no definition. */ - -#define SSL_F_SSL_SET_SESSION_TICKET_EXT doesnt_exist - -OPENSSL_EXPORT int SSL_set_session_ticket_ext(SSL *s, void *ext_data, - int ext_len); -OPENSSL_EXPORT int SSL_set_session_secret_cb(SSL *s, void *cb, void *arg); -OPENSSL_EXPORT int SSL_set_session_ticket_ext_cb(SSL *s, void *cb, void *arg); -OPENSSL_EXPORT int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method); - -#define OPENSSL_VERSION_TEXT "BoringSSL" - -#define SSLEAY_VERSION 0 - -/* SSLeay_version is a compatibility function that returns the string - * "BoringSSL". */ -OPENSSL_EXPORT const char *SSLeay_version(int unused); - - -/* Preprocessor compatibility section. - * - * Historically, a number of APIs were implemented in OpenSSL as macros and - * constants to 'ctrl' functions. To avoid breaking #ifdefs in consumers, this - * section defines a number of legacy macros. */ - -#define SSL_CTRL_NEED_TMP_RSA doesnt_exist -#define SSL_CTRL_SET_TMP_RSA doesnt_exist -#define SSL_CTRL_SET_TMP_DH doesnt_exist -#define SSL_CTRL_SET_TMP_ECDH doesnt_exist -#define SSL_CTRL_SET_TMP_RSA_CB doesnt_exist -#define SSL_CTRL_SET_TMP_DH_CB doesnt_exist -#define SSL_CTRL_SET_TMP_ECDH_CB doesnt_exist -#define SSL_CTRL_GET_SESSION_REUSED doesnt_exist -#define SSL_CTRL_GET_NUM_RENEGOTIATIONS doesnt_exist -#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS doesnt_exist -#define SSL_CTRL_SET_MSG_CALLBACK doesnt_exist -#define SSL_CTRL_SET_MSG_CALLBACK_ARG doesnt_exist -#define SSL_CTRL_SET_MTU doesnt_exist -#define SSL_CTRL_SESS_NUMBER doesnt_exist -#define SSL_CTRL_OPTIONS doesnt_exist -#define SSL_CTRL_MODE doesnt_exist -#define SSL_CTRL_GET_READ_AHEAD doesnt_exist -#define SSL_CTRL_SET_READ_AHEAD doesnt_exist -#define SSL_CTRL_SET_SESS_CACHE_SIZE doesnt_exist -#define SSL_CTRL_GET_SESS_CACHE_SIZE doesnt_exist -#define SSL_CTRL_SET_SESS_CACHE_MODE doesnt_exist -#define SSL_CTRL_GET_SESS_CACHE_MODE doesnt_exist -#define SSL_CTRL_GET_MAX_CERT_LIST doesnt_exist -#define SSL_CTRL_SET_MAX_CERT_LIST doesnt_exist -#define SSL_CTRL_SET_MAX_SEND_FRAGMENT doesnt_exist -#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB doesnt_exist -#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG doesnt_exist -#define SSL_CTRL_SET_TLSEXT_HOSTNAME doesnt_exist -#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB doesnt_exist -#define DTLS_CTRL_GET_TIMEOUT doesnt_exist -#define DTLS_CTRL_HANDLE_TIMEOUT doesnt_exist -#define SSL_CTRL_GET_RI_SUPPORT doesnt_exist -#define SSL_CTRL_CLEAR_OPTIONS doesnt_exist -#define SSL_CTRL_CLEAR_MODE doesnt_exist -#define SSL_CTRL_CHANNEL_ID doesnt_exist -#define SSL_CTRL_GET_CHANNEL_ID doesnt_exist -#define SSL_CTRL_SET_CHANNEL_ID doesnt_exist - -#define SSL_CTX_need_tmp_RSA SSL_CTX_need_tmp_RSA -#define SSL_need_tmp_RSA SSL_need_tmp_RSA -#define SSL_CTX_set_tmp_rsa SSL_CTX_set_tmp_rsa -#define SSL_set_tmp_rsa SSL_set_tmp_rsa -#define SSL_CTX_set_tmp_dh SSL_CTX_set_tmp_dh -#define SSL_set_tmp_dh SSL_set_tmp_dh -#define SSL_CTX_set_tmp_ecdh SSL_CTX_set_tmp_ecdh -#define SSL_set_tmp_ecdh SSL_set_tmp_ecdh -#define SSL_session_reused SSL_session_reused -#define SSL_num_renegotiations SSL_num_renegotiations -#define SSL_total_renegotiations SSL_total_renegotiations -#define SSL_CTX_set_msg_callback_arg SSL_CTX_set_msg_callback_arg -#define SSL_set_msg_callback_arg SSL_set_msg_callback_arg -#define SSL_set_mtu SSL_set_mtu -#define SSL_CTX_sess_number SSL_CTX_sess_number -#define SSL_CTX_get_options SSL_CTX_get_options -#define SSL_CTX_set_options SSL_CTX_set_options -#define SSL_get_options SSL_get_options -#define SSL_set_options SSL_set_options -#define SSL_CTX_get_mode SSL_CTX_get_mode -#define SSL_CTX_set_mode SSL_CTX_set_mode -#define SSL_get_mode SSL_get_mode -#define SSL_set_mode SSL_set_mode -#define SSL_CTX_get_read_ahead SSL_CTX_get_read_ahead -#define SSL_CTX_set_read_ahead SSL_CTX_set_read_ahead -#define SSL_CTX_sess_set_cache_size SSL_CTX_sess_set_cache_size -#define SSL_CTX_sess_get_cache_size SSL_CTX_sess_get_cache_size -#define SSL_CTX_set_session_cache_mode SSL_CTX_set_session_cache_mode -#define SSL_CTX_get_session_cache_mode SSL_CTX_get_session_cache_mode -#define SSL_CTX_get_max_cert_list SSL_CTX_get_max_cert_list -#define SSL_get_max_cert_list SSL_get_max_cert_list -#define SSL_CTX_set_max_cert_list SSL_CTX_set_max_cert_list -#define SSL_set_max_cert_list SSL_set_max_cert_list -#define SSL_CTX_set_max_send_fragment SSL_CTX_set_max_send_fragment -#define SSL_set_max_send_fragment SSL_set_max_send_fragment -#define SSL_CTX_set_tlsext_servername_callback \ - SSL_CTX_set_tlsext_servername_callback -#define SSL_CTX_set_tlsext_servername_arg SSL_CTX_set_tlsext_servername_arg -#define SSL_set_tlsext_host_name SSL_set_tlsext_host_name -#define SSL_CTX_set_tlsext_ticket_key_cb SSL_CTX_set_tlsext_ticket_key_cb -#define DTLSv1_get_timeout DTLSv1_get_timeout -#define DTLSv1_handle_timeout DTLSv1_handle_timeout -#define SSL_get_secure_renegotiation_support \ - SSL_get_secure_renegotiation_support -#define SSL_CTX_clear_options SSL_CTX_clear_options -#define SSL_clear_options SSL_clear_options -#define SSL_CTX_clear_mode SSL_CTX_clear_mode -#define SSL_clear_mode SSL_clear_mode -#define SSL_CTX_enable_tls_channel_id SSL_CTX_enable_tls_channel_id -#define SSL_enable_tls_channel_id SSL_enable_tls_channel_id -#define SSL_set1_tls_channel_id SSL_set1_tls_channel_id -#define SSL_CTX_set1_tls_channel_id SSL_CTX_set1_tls_channel_id -#define SSL_get_tls_channel_id SSL_get_tls_channel_id - - -#if defined(__cplusplus) -} /* extern C */ -#endif - - -/* Library consumers assume these headers are included by ssl.h, but they depend - * on ssl.h, so include them after all declarations. - * - * TODO(davidben): The separation between ssl.h and these version-specific - * headers introduces circular dependencies and is inconsistent. The function - * declarations should move to ssl.h. Many of the constants can probably be - * pruned or unexported. */ -#include -#include -#include /* This is mostly sslv3 with a few tweaks */ -#include -#include /* Support for the use_srtp extension */ - - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script make_errors.go. Any - * changes made after this point may be overwritten when the script is next run. - */ -#define SSL_F_SSL_CTX_check_private_key 100 -#define SSL_F_SSL_CTX_new 101 -#define SSL_F_SSL_CTX_set_cipher_list 102 -#define SSL_F_SSL_CTX_set_cipher_list_tls11 103 -#define SSL_F_SSL_CTX_set_session_id_context 104 -#define SSL_F_SSL_CTX_use_PrivateKey 105 -#define SSL_F_SSL_CTX_use_PrivateKey_ASN1 106 -#define SSL_F_SSL_CTX_use_PrivateKey_file 107 -#define SSL_F_SSL_CTX_use_RSAPrivateKey 108 -#define SSL_F_SSL_CTX_use_RSAPrivateKey_ASN1 109 -#define SSL_F_SSL_CTX_use_RSAPrivateKey_file 110 -#define SSL_F_SSL_CTX_use_certificate 111 -#define SSL_F_SSL_CTX_use_certificate_ASN1 112 -#define SSL_F_SSL_CTX_use_certificate_chain_file 113 -#define SSL_F_SSL_CTX_use_certificate_file 114 -#define SSL_F_SSL_CTX_use_psk_identity_hint 115 -#define SSL_F_SSL_SESSION_new 116 -#define SSL_F_SSL_SESSION_print_fp 117 -#define SSL_F_SSL_SESSION_set1_id_context 118 -#define SSL_F_SSL_SESSION_to_bytes_full 119 -#define SSL_F_SSL_accept 120 -#define SSL_F_SSL_add_dir_cert_subjects_to_stack 121 -#define SSL_F_SSL_add_file_cert_subjects_to_stack 122 -#define SSL_F_SSL_check_private_key 123 -#define SSL_F_SSL_clear 124 -#define SSL_F_SSL_connect 125 -#define SSL_F_SSL_do_handshake 126 -#define SSL_F_SSL_load_client_CA_file 127 -#define SSL_F_SSL_new 128 -#define SSL_F_SSL_peek 129 -#define SSL_F_SSL_read 130 -#define SSL_F_SSL_renegotiate 131 -#define SSL_F_SSL_set_cipher_list 132 -#define SSL_F_SSL_set_fd 133 -#define SSL_F_SSL_set_rfd 134 -#define SSL_F_SSL_set_session_id_context 135 -#define SSL_F_SSL_set_wfd 136 -#define SSL_F_SSL_shutdown 137 -#define SSL_F_SSL_use_PrivateKey 138 -#define SSL_F_SSL_use_PrivateKey_ASN1 139 -#define SSL_F_SSL_use_PrivateKey_file 140 -#define SSL_F_SSL_use_RSAPrivateKey 141 -#define SSL_F_SSL_use_RSAPrivateKey_ASN1 142 -#define SSL_F_SSL_use_RSAPrivateKey_file 143 -#define SSL_F_SSL_use_certificate 144 -#define SSL_F_SSL_use_certificate_ASN1 145 -#define SSL_F_SSL_use_certificate_file 146 -#define SSL_F_SSL_use_psk_identity_hint 147 -#define SSL_F_SSL_write 148 -#define SSL_F_d2i_SSL_SESSION 149 -#define SSL_F_d2i_SSL_SESSION_get_octet_string 150 -#define SSL_F_d2i_SSL_SESSION_get_string 151 -#define SSL_F_do_ssl3_write 152 -#define SSL_F_dtls1_accept 153 -#define SSL_F_dtls1_buffer_record 154 -#define SSL_F_dtls1_check_timeout_num 155 -#define SSL_F_dtls1_connect 156 -#define SSL_F_dtls1_do_write 157 -#define SSL_F_dtls1_get_hello_verify 158 -#define SSL_F_dtls1_get_message 159 -#define SSL_F_dtls1_get_message_fragment 160 -#define SSL_F_dtls1_preprocess_fragment 161 -#define SSL_F_dtls1_process_record 162 -#define SSL_F_dtls1_read_bytes 163 -#define SSL_F_dtls1_send_hello_verify_request 164 -#define SSL_F_dtls1_write_app_data 165 -#define SSL_F_i2d_SSL_SESSION 166 -#define SSL_F_ssl3_accept 167 -#define SSL_F_ssl3_cert_verify_hash 169 -#define SSL_F_ssl3_check_cert_and_algorithm 170 -#define SSL_F_ssl3_connect 171 -#define SSL_F_ssl3_ctrl 172 -#define SSL_F_ssl3_ctx_ctrl 173 -#define SSL_F_ssl3_digest_cached_records 174 -#define SSL_F_ssl3_do_change_cipher_spec 175 -#define SSL_F_ssl3_expect_change_cipher_spec 176 -#define SSL_F_ssl3_get_cert_status 177 -#define SSL_F_ssl3_get_cert_verify 178 -#define SSL_F_ssl3_get_certificate_request 179 -#define SSL_F_ssl3_get_channel_id 180 -#define SSL_F_ssl3_get_client_certificate 181 -#define SSL_F_ssl3_get_client_hello 182 -#define SSL_F_ssl3_get_client_key_exchange 183 -#define SSL_F_ssl3_get_finished 184 -#define SSL_F_ssl3_get_initial_bytes 185 -#define SSL_F_ssl3_get_message 186 -#define SSL_F_ssl3_get_new_session_ticket 187 -#define SSL_F_ssl3_get_next_proto 188 -#define SSL_F_ssl3_get_record 189 -#define SSL_F_ssl3_get_server_certificate 190 -#define SSL_F_ssl3_get_server_done 191 -#define SSL_F_ssl3_get_server_hello 192 -#define SSL_F_ssl3_get_server_key_exchange 193 -#define SSL_F_ssl3_get_v2_client_hello 194 -#define SSL_F_ssl3_handshake_mac 195 -#define SSL_F_ssl3_prf 196 -#define SSL_F_ssl3_read_bytes 197 -#define SSL_F_ssl3_read_n 198 -#define SSL_F_ssl3_send_cert_verify 199 -#define SSL_F_ssl3_send_certificate_request 200 -#define SSL_F_ssl3_send_channel_id 201 -#define SSL_F_ssl3_send_client_certificate 202 -#define SSL_F_ssl3_send_client_hello 203 -#define SSL_F_ssl3_send_client_key_exchange 204 -#define SSL_F_ssl3_send_server_certificate 205 -#define SSL_F_ssl3_send_server_hello 206 -#define SSL_F_ssl3_send_server_key_exchange 207 -#define SSL_F_ssl3_setup_read_buffer 208 -#define SSL_F_ssl3_setup_write_buffer 209 -#define SSL_F_ssl3_write_bytes 210 -#define SSL_F_ssl3_write_pending 211 -#define SSL_F_ssl_add_cert_chain 212 -#define SSL_F_ssl_add_cert_to_buf 213 -#define SSL_F_ssl_add_clienthello_renegotiate_ext 214 -#define SSL_F_ssl_add_clienthello_tlsext 215 -#define SSL_F_ssl_add_clienthello_use_srtp_ext 216 -#define SSL_F_ssl_add_serverhello_renegotiate_ext 217 -#define SSL_F_ssl_add_serverhello_tlsext 218 -#define SSL_F_ssl_add_serverhello_use_srtp_ext 219 -#define SSL_F_ssl_build_cert_chain 220 -#define SSL_F_ssl_bytes_to_cipher_list 221 -#define SSL_F_ssl_cert_dup 222 -#define SSL_F_ssl_cert_inst 223 -#define SSL_F_ssl_cert_new 224 -#define SSL_F_ssl_check_serverhello_tlsext 225 -#define SSL_F_ssl_check_srvr_ecc_cert_and_alg 226 -#define SSL_F_ssl_cipher_process_rulestr 227 -#define SSL_F_ssl_cipher_strength_sort 228 -#define SSL_F_ssl_create_cipher_list 229 -#define SSL_F_ssl_ctx_log_master_secret 230 -#define SSL_F_ssl_ctx_log_rsa_client_key_exchange 231 -#define SSL_F_ssl_ctx_make_profiles 232 -#define SSL_F_ssl_get_new_session 233 -#define SSL_F_ssl_get_prev_session 234 -#define SSL_F_ssl_get_server_cert_index 235 -#define SSL_F_ssl_get_sign_pkey 236 -#define SSL_F_ssl_init_wbio_buffer 237 -#define SSL_F_ssl_parse_clienthello_renegotiate_ext 238 -#define SSL_F_ssl_parse_clienthello_tlsext 239 -#define SSL_F_ssl_parse_clienthello_use_srtp_ext 240 -#define SSL_F_ssl_parse_serverhello_renegotiate_ext 241 -#define SSL_F_ssl_parse_serverhello_tlsext 242 -#define SSL_F_ssl_parse_serverhello_use_srtp_ext 243 -#define SSL_F_ssl_scan_clienthello_tlsext 244 -#define SSL_F_ssl_scan_serverhello_tlsext 245 -#define SSL_F_ssl_sess_cert_new 246 -#define SSL_F_ssl_set_cert 247 -#define SSL_F_ssl_set_pkey 248 -#define SSL_F_ssl_verify_cert_chain 252 -#define SSL_F_tls12_check_peer_sigalg 253 -#define SSL_F_tls1_aead_ctx_init 254 -#define SSL_F_tls1_cert_verify_mac 255 -#define SSL_F_tls1_change_cipher_state 256 -#define SSL_F_tls1_change_cipher_state_aead 257 -#define SSL_F_tls1_check_duplicate_extensions 258 -#define SSL_F_tls1_enc 259 -#define SSL_F_tls1_export_keying_material 260 -#define SSL_F_tls1_prf 261 -#define SSL_F_tls1_setup_key_block 262 -#define SSL_F_dtls1_get_buffered_message 263 -#define SSL_F_dtls1_process_fragment 264 -#define SSL_F_dtls1_hm_fragment_new 265 -#define SSL_F_ssl3_seal_record 266 -#define SSL_F_ssl3_record_sequence_update 267 -#define SSL_F_SSL_CTX_set_tmp_dh 268 -#define SSL_F_SSL_CTX_set_tmp_ecdh 269 -#define SSL_F_SSL_set_tmp_dh 270 -#define SSL_F_SSL_set_tmp_ecdh 271 -#define SSL_F_SSL_CTX_set1_tls_channel_id 272 -#define SSL_F_SSL_set1_tls_channel_id 273 -#define SSL_F_SSL_set_tlsext_host_name 274 -#define SSL_F_ssl3_output_cert_chain 275 -#define SSL_F_SSL_AEAD_CTX_new 276 -#define SSL_F_SSL_AEAD_CTX_open 277 -#define SSL_F_SSL_AEAD_CTX_seal 278 -#define SSL_F_dtls1_seal_record 279 -#define SSL_R_APP_DATA_IN_HANDSHAKE 100 -#define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 101 -#define SSL_R_BAD_ALERT 102 -#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103 -#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 104 -#define SSL_R_BAD_DH_P_LENGTH 105 -#define SSL_R_BAD_DIGEST_LENGTH 106 -#define SSL_R_BAD_ECC_CERT 107 -#define SSL_R_BAD_ECPOINT 108 -#define SSL_R_BAD_HANDSHAKE_LENGTH 109 -#define SSL_R_BAD_HANDSHAKE_RECORD 110 -#define SSL_R_BAD_HELLO_REQUEST 111 -#define SSL_R_BAD_LENGTH 112 -#define SSL_R_BAD_PACKET_LENGTH 113 -#define SSL_R_BAD_RSA_ENCRYPT 114 -#define SSL_R_BAD_SIGNATURE 115 -#define SSL_R_BAD_SRTP_MKI_VALUE 116 -#define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 117 -#define SSL_R_BAD_SSL_FILETYPE 118 -#define SSL_R_BAD_WRITE_RETRY 119 -#define SSL_R_BIO_NOT_SET 120 -#define SSL_R_BN_LIB 121 -#define SSL_R_CANNOT_SERIALIZE_PUBLIC_KEY 122 -#define SSL_R_CA_DN_LENGTH_MISMATCH 123 -#define SSL_R_CA_DN_TOO_LONG 124 -#define SSL_R_CCS_RECEIVED_EARLY 125 -#define SSL_R_CERTIFICATE_VERIFY_FAILED 126 -#define SSL_R_CERT_CB_ERROR 127 -#define SSL_R_CERT_LENGTH_MISMATCH 128 -#define SSL_R_CHANNEL_ID_NOT_P256 129 -#define SSL_R_CHANNEL_ID_SIGNATURE_INVALID 130 -#define SSL_R_CIPHER_CODE_WRONG_LENGTH 131 -#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 132 -#define SSL_R_CLIENTHELLO_PARSE_FAILED 133 -#define SSL_R_CLIENTHELLO_TLSEXT 134 -#define SSL_R_CONNECTION_REJECTED 135 -#define SSL_R_CONNECTION_TYPE_NOT_SET 136 -#define SSL_R_COOKIE_MISMATCH 137 -#define SSL_R_D2I_ECDSA_SIG 138 -#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 139 -#define SSL_R_DATA_LENGTH_TOO_LONG 140 -#define SSL_R_DECODE_ERROR 141 -#define SSL_R_DECRYPTION_FAILED 142 -#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 143 -#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 144 -#define SSL_R_DIGEST_CHECK_FAILED 145 -#define SSL_R_DTLS_MESSAGE_TOO_BIG 146 -#define SSL_R_ECC_CERT_NOT_FOR_SIGNING 147 -#define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST 148 -#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 149 -#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 150 -#define SSL_R_EVP_DIGESTSIGNFINAL_FAILED 151 -#define SSL_R_EVP_DIGESTSIGNINIT_FAILED 152 -#define SSL_R_EXCESSIVE_MESSAGE_SIZE 153 -#define SSL_R_EXTRA_DATA_IN_MESSAGE 154 -#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 155 -#define SSL_R_GOT_CHANNEL_ID_BEFORE_A_CCS 156 -#define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS 157 -#define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION 158 -#define SSL_R_HANDSHAKE_FAILURE_ON_CLIENT_HELLO 159 -#define SSL_R_HANDSHAKE_RECORD_BEFORE_CCS 160 -#define SSL_R_HTTPS_PROXY_REQUEST 161 -#define SSL_R_HTTP_REQUEST 162 -#define SSL_R_INAPPROPRIATE_FALLBACK 163 -#define SSL_R_INVALID_COMMAND 164 -#define SSL_R_INVALID_MESSAGE 165 -#define SSL_R_INVALID_SSL_SESSION 166 -#define SSL_R_INVALID_TICKET_KEYS_LENGTH 167 -#define SSL_R_LENGTH_MISMATCH 168 -#define SSL_R_LIBRARY_HAS_NO_CIPHERS 169 -#define SSL_R_MISSING_DH_KEY 170 -#define SSL_R_MISSING_ECDSA_SIGNING_CERT 171 -#define SSL_R_MISSING_RSA_CERTIFICATE 172 -#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 173 -#define SSL_R_MISSING_RSA_SIGNING_CERT 174 -#define SSL_R_MISSING_TMP_DH_KEY 175 -#define SSL_R_MISSING_TMP_ECDH_KEY 176 -#define SSL_R_MIXED_SPECIAL_OPERATOR_WITH_GROUPS 177 -#define SSL_R_MTU_TOO_SMALL 178 -#define SSL_R_NESTED_GROUP 179 -#define SSL_R_NO_CERTIFICATES_RETURNED 180 -#define SSL_R_NO_CERTIFICATE_ASSIGNED 181 -#define SSL_R_NO_CERTIFICATE_SET 182 -#define SSL_R_NO_CIPHERS_AVAILABLE 183 -#define SSL_R_NO_CIPHERS_PASSED 184 -#define SSL_R_NO_CIPHERS_SPECIFIED 185 -#define SSL_R_NO_CIPHER_MATCH 186 -#define SSL_R_NO_COMPRESSION_SPECIFIED 187 -#define SSL_R_NO_METHOD_SPECIFIED 188 -#define SSL_R_NO_P256_SUPPORT 189 -#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190 -#define SSL_R_NO_RENEGOTIATION 191 -#define SSL_R_NO_REQUIRED_DIGEST 192 -#define SSL_R_NO_SHARED_CIPHER 193 -#define SSL_R_NO_SHARED_SIGATURE_ALGORITHMS 194 -#define SSL_R_NO_SRTP_PROFILES 195 -#define SSL_R_NULL_SSL_CTX 196 -#define SSL_R_NULL_SSL_METHOD_PASSED 197 -#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 198 -#define SSL_R_PACKET_LENGTH_TOO_LONG 199 -#define SSL_R_PARSE_TLSEXT 200 -#define SSL_R_PATH_TOO_LONG 201 -#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 202 -#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 203 -#define SSL_R_PROTOCOL_IS_SHUTDOWN 204 -#define SSL_R_PSK_IDENTITY_NOT_FOUND 205 -#define SSL_R_PSK_NO_CLIENT_CB 206 -#define SSL_R_PSK_NO_SERVER_CB 207 -#define SSL_R_READ_BIO_NOT_SET 208 -#define SSL_R_READ_TIMEOUT_EXPIRED 209 -#define SSL_R_RECORD_LENGTH_MISMATCH 210 -#define SSL_R_RECORD_TOO_LARGE 211 -#define SSL_R_RENEGOTIATE_EXT_TOO_LONG 212 -#define SSL_R_RENEGOTIATION_ENCODING_ERR 213 -#define SSL_R_RENEGOTIATION_MISMATCH 214 -#define SSL_R_REQUIRED_CIPHER_MISSING 215 -#define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 216 -#define SSL_R_SERVERHELLO_TLSEXT 217 -#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 218 -#define SSL_R_SESSION_MAY_NOT_BE_CREATED 219 -#define SSL_R_SIGNATURE_ALGORITHMS_ERROR 220 -#define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 221 -#define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 222 -#define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 223 -#define SSL_R_SSL3_EXT_INVALID_SERVERNAME 224 -#define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 225 -#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 226 -#define SSL_R_SSL_HANDSHAKE_FAILURE 227 -#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 228 -#define SSL_R_SSL_SESSION_ID_CONFLICT 229 -#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 230 -#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 231 -#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232 -#define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 233 -#define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 234 -#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 235 -#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 236 -#define SSL_R_TOO_MANY_EMPTY_FRAGMENTS 237 -#define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 238 -#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239 -#define SSL_R_UNEXPECTED_GROUP_CLOSE 240 -#define SSL_R_UNEXPECTED_MESSAGE 241 -#define SSL_R_UNEXPECTED_OPERATOR_IN_GROUP 242 -#define SSL_R_UNEXPECTED_RECORD 243 -#define SSL_R_UNINITIALIZED 244 -#define SSL_R_UNKNOWN_ALERT_TYPE 245 -#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 246 -#define SSL_R_UNKNOWN_CIPHER_RETURNED 247 -#define SSL_R_UNKNOWN_CIPHER_TYPE 248 -#define SSL_R_UNKNOWN_DIGEST 249 -#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250 -#define SSL_R_UNKNOWN_PROTOCOL 251 -#define SSL_R_UNKNOWN_SSL_VERSION 252 -#define SSL_R_UNKNOWN_STATE 253 -#define SSL_R_UNPROCESSED_HANDSHAKE_DATA 254 -#define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED 255 -#define SSL_R_UNSUPPORTED_CIPHER 256 -#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257 -#define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 258 -#define SSL_R_UNSUPPORTED_PROTOCOL 259 -#define SSL_R_UNSUPPORTED_SSL_VERSION 260 -#define SSL_R_USE_SRTP_NOT_NEGOTIATED 261 -#define SSL_R_WRONG_CERTIFICATE_TYPE 262 -#define SSL_R_WRONG_CIPHER_RETURNED 263 -#define SSL_R_WRONG_CURVE 264 -#define SSL_R_WRONG_MESSAGE_TYPE 265 -#define SSL_R_WRONG_SIGNATURE_TYPE 266 -#define SSL_R_WRONG_SSL_VERSION 267 -#define SSL_R_WRONG_VERSION_NUMBER 268 -#define SSL_R_X509_LIB 269 -#define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 270 -#define SSL_R_FRAGMENT_MISMATCH 271 -#define SSL_R_BUFFER_TOO_SMALL 272 -#define SSL_R_OLD_SESSION_VERSION_NOT_RETURNED 273 -#define SSL_R_OUTPUT_ALIASES_INPUT 274 -#define SSL_R_RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION 275 -#define SSL_R_EMS_STATE_INCONSISTENT 276 -#define SSL_R_RESUMED_NON_EMS_SESSION_WITH_EMS_EXTENSION 277 -#define SSL_R_SSLV3_ALERT_CLOSE_NOTIFY 1000 -#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010 -#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 -#define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021 -#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022 -#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030 -#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040 -#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041 -#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 -#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043 -#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044 -#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045 -#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046 -#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047 -#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048 -#define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 -#define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 -#define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 -#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060 -#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 -#define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 -#define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 -#define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086 -#define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 -#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 -#define SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110 -#define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE 1111 -#define SSL_R_TLSV1_UNRECOGNIZED_NAME 1112 -#define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE 1113 -#define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE 1114 - -#endif /* OPENSSL_HEADER_SSL_H */ diff --git a/third_party/boringssl/include/openssl/ssl2.h b/third_party/boringssl/include/openssl/ssl2.h deleted file mode 100644 index b8401faaf6684a..00000000000000 --- a/third_party/boringssl/include/openssl/ssl2.h +++ /dev/null @@ -1,268 +0,0 @@ -/* ssl/ssl2.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_SSL2_H -#define HEADER_SSL2_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* Protocol Version Codes */ -#define SSL2_VERSION 0x0002 -#define SSL2_VERSION_MAJOR 0x00 -#define SSL2_VERSION_MINOR 0x02 -/* #define SSL2_CLIENT_VERSION 0x0002 */ -/* #define SSL2_SERVER_VERSION 0x0002 */ - -/* Protocol Message Codes */ -#define SSL2_MT_ERROR 0 -#define SSL2_MT_CLIENT_HELLO 1 -#define SSL2_MT_CLIENT_MASTER_KEY 2 -#define SSL2_MT_CLIENT_FINISHED 3 -#define SSL2_MT_SERVER_HELLO 4 -#define SSL2_MT_SERVER_VERIFY 5 -#define SSL2_MT_SERVER_FINISHED 6 -#define SSL2_MT_REQUEST_CERTIFICATE 7 -#define SSL2_MT_CLIENT_CERTIFICATE 8 - -/* Error Message Codes */ -#define SSL2_PE_UNDEFINED_ERROR 0x0000 -#define SSL2_PE_NO_CIPHER 0x0001 -#define SSL2_PE_NO_CERTIFICATE 0x0002 -#define SSL2_PE_BAD_CERTIFICATE 0x0004 -#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006 - -/* Cipher Kind Values */ -#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */ -#define SSL2_CK_RC4_128_WITH_MD5 0x02010080 -#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080 -#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080 -#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080 -#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080 -#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040 -#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */ -#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0 -#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */ -#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */ - -#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */ -#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */ - -#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1" -#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5" -#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5" -#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5" -#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5" -#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5" -#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5" -#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5" -#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA" -#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5" -#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA" -#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5" - -#define SSL2_TXT_NULL "NULL" - -/* Flags for the SSL_CIPHER.algorithm2 field */ -#define SSL2_CF_5_BYTE_ENC 0x01 -#define SSL2_CF_8_BYTE_ENC 0x02 - -/* Certificate Type Codes */ -#define SSL2_CT_X509_CERTIFICATE 0x01 - -/* Authentication Type Code */ -#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01 - -#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32 - -/* Upper/Lower Bounds */ -#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256 -#ifdef OPENSSL_SYS_MPE -#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 29998u -#else -#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u /* 2^15-1 */ -#endif -#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /* 2^14-1 */ - -#define SSL2_CHALLENGE_LENGTH 16 -/*#define SSL2_CHALLENGE_LENGTH 32 */ -#define SSL2_MIN_CHALLENGE_LENGTH 16 -#define SSL2_MAX_CHALLENGE_LENGTH 32 -#define SSL2_CONNECTION_ID_LENGTH 16 -#define SSL2_MAX_CONNECTION_ID_LENGTH 16 -#define SSL2_SSL_SESSION_ID_LENGTH 16 -#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32 -#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16 -#define SSL2_MAX_KEY_MATERIAL_LENGTH 24 - -#ifndef OPENSSL_NO_SSL_INTERN - -typedef struct ssl2_state_st - { - int three_byte_header; - int clear_text; /* clear text */ - int escape; /* not used in SSLv2 */ - int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */ - - /* non-blocking io info, used to make sure the same - * args were passwd */ - unsigned int wnum; /* number of bytes sent so far */ - int wpend_tot; - const unsigned char *wpend_buf; - - int wpend_off; /* offset to data to write */ - int wpend_len; /* number of bytes passwd to write */ - int wpend_ret; /* number of bytes to return to caller */ - - /* buffer raw data */ - int rbuf_left; - int rbuf_offs; - unsigned char *rbuf; - unsigned char *wbuf; - - unsigned char *write_ptr;/* used to point to the start due to - * 2/3 byte header. */ - - unsigned int padding; - unsigned int rlength; /* passed to ssl2_enc */ - int ract_data_length; /* Set when things are encrypted. */ - unsigned int wlength; /* passed to ssl2_enc */ - int wact_data_length; /* Set when things are decrypted. */ - unsigned char *ract_data; - unsigned char *wact_data; - unsigned char *mac_data; - - unsigned char *read_key; - unsigned char *write_key; - - /* Stuff specifically to do with this SSL session */ - unsigned int challenge_length; - unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH]; - unsigned int conn_id_length; - unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH]; - unsigned int key_material_length; - unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2]; - - unsigned long read_sequence; - unsigned long write_sequence; - - struct { - unsigned int conn_id_length; - unsigned int cert_type; - unsigned int cert_length; - unsigned int csl; - unsigned int clear; - unsigned int enc; - unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH]; - unsigned int cipher_spec_length; - unsigned int session_id_length; - unsigned int clen; - unsigned int rlen; - } tmp; - } SSL2_STATE; - -#endif - -/* SSLv2 */ -/* client */ -#define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_HELLO_B (0x11|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_HELLO_A (0x20|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_HELLO_B (0x21|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_MASTER_KEY_A (0x30|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_MASTER_KEY_B (0x31|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_FINISHED_A (0x40|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_FINISHED_B (0x41|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_CERTIFICATE_A (0x50|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_CERTIFICATE_B (0x51|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_CERTIFICATE_C (0x52|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_CERTIFICATE_D (0x53|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_VERIFY_A (0x60|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_VERIFY_B (0x61|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_FINISHED_A (0x70|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_FINISHED_B (0x71|SSL_ST_CONNECT) -#define SSL2_ST_CLIENT_START_ENCRYPTION (0x80|SSL_ST_CONNECT) -#define SSL2_ST_X509_GET_CLIENT_CERTIFICATE (0x90|SSL_ST_CONNECT) -/* server */ -#define SSL2_ST_GET_CLIENT_HELLO_A (0x10|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_HELLO_B (0x11|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_HELLO_C (0x12|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_HELLO_A (0x20|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_HELLO_B (0x21|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_MASTER_KEY_A (0x30|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_MASTER_KEY_B (0x31|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_VERIFY_A (0x40|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_VERIFY_B (0x41|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_VERIFY_C (0x42|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_FINISHED_A (0x50|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_FINISHED_B (0x51|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_FINISHED_A (0x60|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_FINISHED_B (0x61|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_REQUEST_CERTIFICATE_A (0x70|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_REQUEST_CERTIFICATE_B (0x71|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_REQUEST_CERTIFICATE_C (0x72|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_REQUEST_CERTIFICATE_D (0x73|SSL_ST_ACCEPT) -#define SSL2_ST_SERVER_START_ENCRYPTION (0x80|SSL_ST_ACCEPT) -#define SSL2_ST_X509_GET_SERVER_CERTIFICATE (0x90|SSL_ST_ACCEPT) - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/third_party/boringssl/include/openssl/ssl23.h b/third_party/boringssl/include/openssl/ssl23.h deleted file mode 100644 index df395a8e978df7..00000000000000 --- a/third_party/boringssl/include/openssl/ssl23.h +++ /dev/null @@ -1,85 +0,0 @@ -/* ssl/ssl23.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_SSL23_H -#define HEADER_SSL23_H - -#ifdef __cplusplus -extern "C" { -#endif - - -/*client */ -/* write to server */ -#define SSL23_ST_CW_CLNT_HELLO_A (0x210 | SSL_ST_CONNECT) -#define SSL23_ST_CW_CLNT_HELLO_B (0x211 | SSL_ST_CONNECT) -/* read from server */ -#define SSL23_ST_CR_SRVR_HELLO_A (0x220 | SSL_ST_CONNECT) -#define SSL23_ST_CR_SRVR_HELLO_B (0x221 | SSL_ST_CONNECT) - -/* server */ -/* read from client */ -#define SSL23_ST_SR_CLNT_HELLO (0x210 | SSL_ST_ACCEPT) -#define SSL23_ST_SR_V2_CLNT_HELLO (0x220 | SSL_ST_ACCEPT) -#define SSL23_ST_SR_SWITCH_VERSION (0x230 | SSL_ST_ACCEPT) - - -#ifdef __cplusplus -} -#endif -#endif diff --git a/third_party/boringssl/include/openssl/ssl3.h b/third_party/boringssl/include/openssl/ssl3.h deleted file mode 100644 index 640a22826ec1c1..00000000000000 --- a/third_party/boringssl/include/openssl/ssl3.h +++ /dev/null @@ -1,681 +0,0 @@ -/* ssl/ssl3.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECC cipher suite support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#ifndef HEADER_SSL3_H -#define HEADER_SSL3_H - -#include -#include -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -/* Signalling cipher suite value: from RFC5746 */ -#define SSL3_CK_SCSV 0x030000FF -/* Fallback signalling cipher suite value: not IANA assigned. - * See https://tools.ietf.org/html/draft-bmoeller-tls-downgrade-scsv-01 */ -#define SSL3_CK_FALLBACK_SCSV 0x03005600 - -#define SSL3_CK_RSA_NULL_MD5 0x03000001 -#define SSL3_CK_RSA_NULL_SHA 0x03000002 -#define SSL3_CK_RSA_RC4_40_MD5 0x03000003 -#define SSL3_CK_RSA_RC4_128_MD5 0x03000004 -#define SSL3_CK_RSA_RC4_128_SHA 0x03000005 -#define SSL3_CK_RSA_RC2_40_MD5 0x03000006 -#define SSL3_CK_RSA_IDEA_128_SHA 0x03000007 -#define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008 -#define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009 -#define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A - -#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B -#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C -#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D -#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E -#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F -#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010 - -#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011 -#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012 -#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013 -#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014 -#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015 -#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016 - -#define SSL3_CK_ADH_RC4_40_MD5 0x03000017 -#define SSL3_CK_ADH_RC4_128_MD5 0x03000018 -#define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019 -#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A -#define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B - -#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" -#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" -#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5" -#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5" -#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA" -#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5" -#define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA" -#define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA" -#define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA" -#define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA" - -#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA" -#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA" -#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA" -#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA" -#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA" -#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA" - -#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA" -#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA" -#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA" -#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA" -#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA" -#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA" - -#define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5" -#define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5" -#define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA" -#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA" -#define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA" - -#define SSL3_SSL_SESSION_ID_LENGTH 32 -#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 - -#define SSL3_MASTER_SECRET_SIZE 48 -#define SSL3_RANDOM_SIZE 32 -#define SSL3_SESSION_ID_SIZE 32 -#define SSL3_RT_HEADER_LENGTH 5 - -#define SSL3_HM_HEADER_LENGTH 4 - -#ifndef SSL3_ALIGN_PAYLOAD -/* Some will argue that this increases memory footprint, but it's not actually - * true. Point is that malloc has to return at least 64-bit aligned pointers, - * meaning that allocating 5 bytes wastes 3 bytes in either case. Suggested - * pre-gaping simply moves these wasted bytes from the end of allocated region - * to its front, but makes data payload aligned, which improves performance. */ -#define SSL3_ALIGN_PAYLOAD 8 -#else -#if (SSL3_ALIGN_PAYLOAD & (SSL3_ALIGN_PAYLOAD - 1)) != 0 -#error "insane SSL3_ALIGN_PAYLOAD" -#undef SSL3_ALIGN_PAYLOAD -#endif -#endif - -/* This is the maximum MAC (digest) size used by the SSL library. Currently - * maximum of 20 is used by SHA1, but we reserve for future extension for - * 512-bit hashes. */ - -#define SSL3_RT_MAX_MD_SIZE 64 - -/* Maximum block size used in all ciphersuites. Currently 16 for AES. */ - -#define SSL_RT_MAX_CIPHER_BLOCK_SIZE 16 - -#define SSL3_RT_MAX_EXTRA (16384) - -/* Maximum plaintext length: defined by SSL/TLS standards */ -#define SSL3_RT_MAX_PLAIN_LENGTH 16384 -/* Maximum compression overhead: defined by SSL/TLS standards */ -#define SSL3_RT_MAX_COMPRESSED_OVERHEAD 1024 - -/* The standards give a maximum encryption overhead of 1024 bytes. In practice - * the value is lower than this. The overhead is the maximum number of padding - * bytes (256) plus the mac size. - * - * TODO(davidben): This derivation doesn't take AEADs into account, or TLS 1.1 - * explicit nonces. It happens to work because |SSL3_RT_MAX_MD_SIZE| is larger - * than necessary and no true AEAD has variable overhead in TLS 1.2. */ -#define SSL3_RT_MAX_ENCRYPTED_OVERHEAD (256 + SSL3_RT_MAX_MD_SIZE) - -/* SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD is the maximum overhead in encrypting a - * record. This does not include the record header. Some ciphers use explicit - * nonces, so it includes both the AEAD overhead as well as the nonce. */ -#define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \ - (EVP_AEAD_MAX_OVERHEAD + EVP_AEAD_MAX_NONCE_LENGTH) - -OPENSSL_COMPILE_ASSERT( - SSL3_RT_MAX_ENCRYPTED_OVERHEAD >= SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD, - max_overheads_are_consistent); - -/* SSL3_RT_MAX_COMPRESSED_LENGTH is an alias for - * |SSL3_RT_MAX_PLAIN_LENGTH|. Compression is gone, so don't include the - * compression overhead. */ -#define SSL3_RT_MAX_COMPRESSED_LENGTH SSL3_RT_MAX_PLAIN_LENGTH - -#define SSL3_RT_MAX_ENCRYPTED_LENGTH \ - (SSL3_RT_MAX_ENCRYPTED_OVERHEAD + SSL3_RT_MAX_COMPRESSED_LENGTH) -#define SSL3_RT_MAX_PACKET_SIZE \ - (SSL3_RT_MAX_ENCRYPTED_LENGTH + SSL3_RT_HEADER_LENGTH) - -#define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54" -#define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52" - -#define SSL3_VERSION 0x0300 -#define SSL3_VERSION_MAJOR 0x03 -#define SSL3_VERSION_MINOR 0x00 - -#define SSL3_RT_CHANGE_CIPHER_SPEC 20 -#define SSL3_RT_ALERT 21 -#define SSL3_RT_HANDSHAKE 22 -#define SSL3_RT_APPLICATION_DATA 23 - -/* Pseudo content types to indicate additional parameters */ -#define TLS1_RT_CRYPTO 0x1000 -#define TLS1_RT_CRYPTO_PREMASTER (TLS1_RT_CRYPTO | 0x1) -#define TLS1_RT_CRYPTO_CLIENT_RANDOM (TLS1_RT_CRYPTO | 0x2) -#define TLS1_RT_CRYPTO_SERVER_RANDOM (TLS1_RT_CRYPTO | 0x3) -#define TLS1_RT_CRYPTO_MASTER (TLS1_RT_CRYPTO | 0x4) - -#define TLS1_RT_CRYPTO_READ 0x0000 -#define TLS1_RT_CRYPTO_WRITE 0x0100 -#define TLS1_RT_CRYPTO_MAC (TLS1_RT_CRYPTO | 0x5) -#define TLS1_RT_CRYPTO_KEY (TLS1_RT_CRYPTO | 0x6) -#define TLS1_RT_CRYPTO_IV (TLS1_RT_CRYPTO | 0x7) -#define TLS1_RT_CRYPTO_FIXED_IV (TLS1_RT_CRYPTO | 0x8) - -/* Pseudo content type for SSL/TLS header info */ -#define SSL3_RT_HEADER 0x100 - -#define SSL3_AL_WARNING 1 -#define SSL3_AL_FATAL 2 - -#define SSL3_AD_CLOSE_NOTIFY 0 -#define SSL3_AD_UNEXPECTED_MESSAGE 10 /* fatal */ -#define SSL3_AD_BAD_RECORD_MAC 20 /* fatal */ -#define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */ -#define SSL3_AD_HANDSHAKE_FAILURE 40 /* fatal */ -#define SSL3_AD_NO_CERTIFICATE 41 -#define SSL3_AD_BAD_CERTIFICATE 42 -#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43 -#define SSL3_AD_CERTIFICATE_REVOKED 44 -#define SSL3_AD_CERTIFICATE_EXPIRED 45 -#define SSL3_AD_CERTIFICATE_UNKNOWN 46 -#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */ -#define SSL3_AD_INAPPROPRIATE_FALLBACK 86 /* fatal */ - -typedef struct ssl3_record_st { - /* type is the record type. */ - uint8_t type; - /* length is the number of unconsumed bytes of |data|. */ - uint16_t length; - /* off is the number of consumed bytes of |data|. */ - uint16_t off; - /* data is a non-owning pointer to the record contents. The total length of - * the buffer is |off| + |length|. */ - uint8_t *data; - /* epoch, in DTLS, is the epoch number of the record. */ - uint16_t epoch; - /* seq_num, in DTLS, is the sequence number of the record. The top two bytes - * are always zero. - * - * TODO(davidben): This is confusing. They should include the epoch or the - * field should be six bytes. */ - uint8_t seq_num[8]; -} SSL3_RECORD; - -typedef struct ssl3_buffer_st { - uint8_t *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes, see - ssl3_setup_buffers() */ - size_t len; /* buffer size */ - int offset; /* where to 'copy from' */ - int left; /* how many bytes left */ -} SSL3_BUFFER; - -#define SSL3_CT_RSA_SIGN 1 -#define SSL3_CT_DSS_SIGN 2 -#define SSL3_CT_RSA_FIXED_DH 3 -#define SSL3_CT_DSS_FIXED_DH 4 -#define SSL3_CT_RSA_EPHEMERAL_DH 5 -#define SSL3_CT_DSS_EPHEMERAL_DH 6 -#define SSL3_CT_FORTEZZA_DMS 20 - - -/* TODO(davidben): This flag can probably be merged into s3->change_cipher_spec - * to something tri-state. (Normal / Expect CCS / Between CCS and Finished). */ -#define SSL3_FLAGS_EXPECT_CCS 0x0080 - -typedef struct ssl3_state_st { - long flags; - - uint8_t read_sequence[8]; - int read_mac_secret_size; - uint8_t read_mac_secret[EVP_MAX_MD_SIZE]; - uint8_t write_sequence[8]; - int write_mac_secret_size; - uint8_t write_mac_secret[EVP_MAX_MD_SIZE]; - - uint8_t server_random[SSL3_RANDOM_SIZE]; - uint8_t client_random[SSL3_RANDOM_SIZE]; - - /* flags for countermeasure against known-IV weakness */ - int need_record_splitting; - - /* The value of 'extra' when the buffers were initialized */ - int init_extra; - - /* have_version is true if the connection's final version is known. Otherwise - * the version has not been negotiated yet. */ - char have_version; - - /* initial_handshake_complete is true if the initial handshake has - * completed. */ - char initial_handshake_complete; - - /* sniff_buffer is used by the server in the initial handshake to read a - * V2ClientHello before the record layer is initialized. */ - BUF_MEM *sniff_buffer; - size_t sniff_buffer_len; - - SSL3_BUFFER rbuf; /* read IO goes into here */ - SSL3_BUFFER wbuf; /* write IO goes into here */ - - SSL3_RECORD rrec; /* each decoded record goes in here */ - - /* storage for Handshake protocol data received but not yet processed by - * ssl3_read_bytes: */ - uint8_t handshake_fragment[4]; - unsigned int handshake_fragment_len; - - /* partial write - check the numbers match */ - unsigned int wnum; /* number of bytes sent so far */ - int wpend_tot; /* number bytes written */ - int wpend_type; - int wpend_ret; /* number of bytes submitted */ - const uint8_t *wpend_buf; - - /* used during startup, digest all incoming/outgoing packets */ - BIO *handshake_buffer; - /* When set of handshake digests is determined, buffer is hashed and freed - * and MD_CTX-es for all required digests are stored in this array */ - EVP_MD_CTX **handshake_dgst; - /* this is set whenerver we see a change_cipher_spec message come in when we - * are not looking for one */ - int change_cipher_spec; - - int warn_alert; - int fatal_alert; - /* we allow one fatal and one warning alert to be outstanding, send close - * alert via the warning alert */ - int alert_dispatch; - uint8_t send_alert[2]; - - int total_renegotiations; - - /* State pertaining to the pending handshake. - * - * TODO(davidben): State is current spread all over the place. Move - * pending handshake state here so it can be managed separately from - * established connection state in case of renegotiations. */ - struct { - /* actually only need to be 16+20 for SSLv3 and 12 for TLS */ - uint8_t finish_md[EVP_MAX_MD_SIZE * 2]; - int finish_md_len; - uint8_t peer_finish_md[EVP_MAX_MD_SIZE * 2]; - int peer_finish_md_len; - - unsigned long message_size; - int message_type; - - /* used to hold the new cipher we are going to use */ - const SSL_CIPHER *new_cipher; - DH *dh; - - EC_KEY *ecdh; /* holds short lived ECDH key */ - - /* used when SSL_ST_FLUSH_DATA is entered */ - int next_state; - - int reuse_message; - - /* Client-only: cert_req determines if a client certificate is to be sent. - * This is 0 if no client Certificate message is to be sent, 1 if there is - * a client certificate, and 2 to send an empty client Certificate - * message. */ - int cert_req; - - /* Client-only: ca_names contains the list of CAs received in a - * CertificateRequest message. */ - STACK_OF(X509_NAME) *ca_names; - - /* Client-only: certificate_types contains the set of certificate types - * received in a CertificateRequest message. */ - uint8_t *certificate_types; - size_t num_certificate_types; - - int key_block_length; - uint8_t *key_block; - - const EVP_AEAD *new_aead; - uint8_t new_mac_secret_len; - uint8_t new_fixed_iv_len; - uint8_t new_variable_iv_len; - - /* Server-only: cert_request is true if a client certificate was - * requested. */ - int cert_request; - - /* certificate_status_expected is true if OCSP stapling was negotiated and - * the server is expected to send a CertificateStatus message. */ - char certificate_status_expected; - - /* peer_ecpointformatlist contains the EC point formats advertised by the - * peer. */ - uint8_t *peer_ecpointformatlist; - size_t peer_ecpointformatlist_length; - - /* Server-only: peer_ellipticcurvelist contains the EC curve IDs advertised - * by the peer. This is only set on the server's end. The server does not - * advertise this extension to the client. */ - uint16_t *peer_ellipticcurvelist; - size_t peer_ellipticcurvelist_length; - - /* extended_master_secret indicates whether the extended master secret - * computation is used in this handshake. Note that this is different from - * whether it was used for the current session. If this is a resumption - * handshake then EMS might be negotiated in the client and server hello - * messages, but it doesn't matter if the session that's being resumed - * didn't use it to create the master secret initially. */ - char extended_master_secret; - - /* Client-only: peer_psk_identity_hint is the psk_identity_hint sent by the - * server when using a PSK key exchange. */ - char *peer_psk_identity_hint; - - /* new_mac_secret_size is unused and exists only until wpa_supplicant can - * be updated. It is only needed for EAP-FAST, which we don't support. */ - uint8_t new_mac_secret_size; - - /* Client-only: in_false_start is one if there is a pending handshake in - * False Start. The client may write data at this point. */ - char in_false_start; - } tmp; - - /* Connection binding to prevent renegotiation attacks */ - uint8_t previous_client_finished[EVP_MAX_MD_SIZE]; - uint8_t previous_client_finished_len; - uint8_t previous_server_finished[EVP_MAX_MD_SIZE]; - uint8_t previous_server_finished_len; - int send_connection_binding; /* TODOEKR */ - - /* Set if we saw the Next Protocol Negotiation extension from our peer. */ - int next_proto_neg_seen; - - /* ALPN information - * (we are in the process of transitioning from NPN to ALPN.) */ - - /* In a server these point to the selected ALPN protocol after the - * ClientHello has been processed. In a client these contain the protocol - * that the server selected once the ServerHello has been processed. */ - uint8_t *alpn_selected; - size_t alpn_selected_len; - - /* In a client, this means that the server supported Channel ID and that a - * Channel ID was sent. In a server it means that we echoed support for - * Channel IDs and that tlsext_channel_id will be valid after the - * handshake. */ - char tlsext_channel_id_valid; - /* tlsext_channel_id_new means that the updated Channel ID extension was - * negotiated. This is a temporary hack in the code to support both forms of - * Channel ID extension while we transition to the new format, which fixed a - * security issue. */ - char tlsext_channel_id_new; - /* For a server: - * If |tlsext_channel_id_valid| is true, then this contains the - * verified Channel ID from the client: a P256 point, (x,y), where - * each are big-endian values. */ - uint8_t tlsext_channel_id[64]; -} SSL3_STATE; - -/* SSLv3 */ -/* client */ -/* extra state */ -#define SSL3_ST_CW_FLUSH (0x100 | SSL_ST_CONNECT) -#define SSL3_ST_FALSE_START (0x101 | SSL_ST_CONNECT) -/* write to server */ -#define SSL3_ST_CW_CLNT_HELLO_A (0x110 | SSL_ST_CONNECT) -#define SSL3_ST_CW_CLNT_HELLO_B (0x111 | SSL_ST_CONNECT) -/* read from server */ -#define SSL3_ST_CR_SRVR_HELLO_A (0x120 | SSL_ST_CONNECT) -#define SSL3_ST_CR_SRVR_HELLO_B (0x121 | SSL_ST_CONNECT) -#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126 | SSL_ST_CONNECT) -#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127 | SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_A (0x130 | SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_B (0x131 | SSL_ST_CONNECT) -#define SSL3_ST_CR_KEY_EXCH_A (0x140 | SSL_ST_CONNECT) -#define SSL3_ST_CR_KEY_EXCH_B (0x141 | SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_REQ_A (0x150 | SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_REQ_B (0x151 | SSL_ST_CONNECT) -#define SSL3_ST_CR_SRVR_DONE_A (0x160 | SSL_ST_CONNECT) -#define SSL3_ST_CR_SRVR_DONE_B (0x161 | SSL_ST_CONNECT) -/* write to server */ -#define SSL3_ST_CW_CERT_A (0x170 | SSL_ST_CONNECT) -#define SSL3_ST_CW_CERT_B (0x171 | SSL_ST_CONNECT) -#define SSL3_ST_CW_CERT_C (0x172 | SSL_ST_CONNECT) -#define SSL3_ST_CW_CERT_D (0x173 | SSL_ST_CONNECT) -#define SSL3_ST_CW_KEY_EXCH_A (0x180 | SSL_ST_CONNECT) -#define SSL3_ST_CW_KEY_EXCH_B (0x181 | SSL_ST_CONNECT) -#define SSL3_ST_CW_CERT_VRFY_A (0x190 | SSL_ST_CONNECT) -#define SSL3_ST_CW_CERT_VRFY_B (0x191 | SSL_ST_CONNECT) -#define SSL3_ST_CW_CHANGE_A (0x1A0 | SSL_ST_CONNECT) -#define SSL3_ST_CW_CHANGE_B (0x1A1 | SSL_ST_CONNECT) -#define SSL3_ST_CW_NEXT_PROTO_A (0x200 | SSL_ST_CONNECT) -#define SSL3_ST_CW_NEXT_PROTO_B (0x201 | SSL_ST_CONNECT) -#define SSL3_ST_CW_CHANNEL_ID_A (0x220 | SSL_ST_CONNECT) -#define SSL3_ST_CW_CHANNEL_ID_B (0x221 | SSL_ST_CONNECT) -#define SSL3_ST_CW_FINISHED_A (0x1B0 | SSL_ST_CONNECT) -#define SSL3_ST_CW_FINISHED_B (0x1B1 | SSL_ST_CONNECT) -/* read from server */ -#define SSL3_ST_CR_CHANGE (0x1C0 | SSL_ST_CONNECT) -#define SSL3_ST_CR_FINISHED_A (0x1D0 | SSL_ST_CONNECT) -#define SSL3_ST_CR_FINISHED_B (0x1D1 | SSL_ST_CONNECT) -#define SSL3_ST_CR_SESSION_TICKET_A (0x1E0 | SSL_ST_CONNECT) -#define SSL3_ST_CR_SESSION_TICKET_B (0x1E1 | SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_STATUS_A (0x1F0 | SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_STATUS_B (0x1F1 | SSL_ST_CONNECT) - -/* server */ -/* extra state */ -#define SSL3_ST_SW_FLUSH (0x100 | SSL_ST_ACCEPT) -/* read from client */ -#define SSL3_ST_SR_INITIAL_BYTES (0x240 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_V2_CLIENT_HELLO (0x241 | SSL_ST_ACCEPT) -/* Do not change the number values, they do matter */ -#define SSL3_ST_SR_CLNT_HELLO_A (0x110 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_CLNT_HELLO_B (0x111 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_CLNT_HELLO_C (0x112 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_CLNT_HELLO_D (0x115 | SSL_ST_ACCEPT) -/* write to client */ -#define SSL3_ST_SW_HELLO_REQ_A (0x120 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_HELLO_REQ_B (0x121 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_HELLO_REQ_C (0x122 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_SRVR_HELLO_A (0x130 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_SRVR_HELLO_B (0x131 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_CERT_A (0x140 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_CERT_B (0x141 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_KEY_EXCH_A (0x150 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_KEY_EXCH_B (0x151 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_CERT_REQ_A (0x160 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_CERT_REQ_B (0x161 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_SRVR_DONE_A (0x170 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_SRVR_DONE_B (0x171 | SSL_ST_ACCEPT) -/* read from client */ -#define SSL3_ST_SR_CERT_A (0x180 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_CERT_B (0x181 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_KEY_EXCH_A (0x190 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_KEY_EXCH_B (0x191 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_CERT_VRFY_A (0x1A0 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_CERT_VRFY_B (0x1A1 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_CHANGE (0x1B0 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_NEXT_PROTO_A (0x210 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_NEXT_PROTO_B (0x211 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_CHANNEL_ID_A (0x230 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_CHANNEL_ID_B (0x231 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_FINISHED_A (0x1C0 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_FINISHED_B (0x1C1 | SSL_ST_ACCEPT) - -/* write to client */ -#define SSL3_ST_SW_CHANGE_A (0x1D0 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_CHANGE_B (0x1D1 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_FINISHED_A (0x1E0 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_FINISHED_B (0x1E1 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_SESSION_TICKET_A (0x1F0 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_SESSION_TICKET_B (0x1F1 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_CERT_STATUS_A (0x200 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_CERT_STATUS_B (0x201 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_SUPPLEMENTAL_DATA_A (0x220 | SSL_ST_ACCEPT) -#define SSL3_ST_SW_SUPPLEMENTAL_DATA_B (0x221 | SSL_ST_ACCEPT) - -#define SSL3_MT_HELLO_REQUEST 0 -#define SSL3_MT_CLIENT_HELLO 1 -#define SSL3_MT_SERVER_HELLO 2 -#define SSL3_MT_NEWSESSION_TICKET 4 -#define SSL3_MT_CERTIFICATE 11 -#define SSL3_MT_SERVER_KEY_EXCHANGE 12 -#define SSL3_MT_CERTIFICATE_REQUEST 13 -#define SSL3_MT_SERVER_DONE 14 -#define SSL3_MT_CERTIFICATE_VERIFY 15 -#define SSL3_MT_CLIENT_KEY_EXCHANGE 16 -#define SSL3_MT_FINISHED 20 -#define SSL3_MT_CERTIFICATE_STATUS 22 -#define SSL3_MT_SUPPLEMENTAL_DATA 23 -#define SSL3_MT_NEXT_PROTO 67 -#define SSL3_MT_ENCRYPTED_EXTENSIONS 203 -#define DTLS1_MT_HELLO_VERIFY_REQUEST 3 - - -#define SSL3_MT_CCS 1 - -/* These are used when changing over to a new cipher */ -#define SSL3_CC_READ 0x01 -#define SSL3_CC_WRITE 0x02 -#define SSL3_CC_CLIENT 0x10 -#define SSL3_CC_SERVER 0x20 -#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT | SSL3_CC_WRITE) -#define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER | SSL3_CC_READ) -#define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT | SSL3_CC_READ) -#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER | SSL3_CC_WRITE) - - -#ifdef __cplusplus -} -#endif -#endif diff --git a/third_party/boringssl/include/openssl/stack.h b/third_party/boringssl/include/openssl/stack.h deleted file mode 100644 index 350fa145781ea4..00000000000000 --- a/third_party/boringssl/include/openssl/stack.h +++ /dev/null @@ -1,301 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_STACK_H -#define OPENSSL_HEADER_STACK_H - -#include - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* A stack, in OpenSSL, is an array of pointers. They are the most commonly - * used collection object. - * - * This file defines macros for type safe use of the stack functions. A stack - * of a specific type of object has type |STACK_OF(type)|. This can be defined - * (once) with |DEFINE_STACK_OF(type)| and declared where needed with - * |DECLARE_STACK_OF(type)|. For example: - * - * struct foo { - * int bar; - * }; - * - * DEFINE_STACK_OF(struct foo); - * - * Although note that the stack will contain /pointers/ to |foo|. - * - * A macro will be defined for each of the sk_* functions below. For - * STACK_OF(foo), the macros would be sk_foo_new, sk_foo_pop etc. */ - - -/* stack_cmp_func is a comparison function that returns a value < 0, 0 or > 0 - * if |*a| is less than, equal to or greater than |*b|, respectively. Note the - * extra indirection - the function is given a pointer to a pointer to the - * element. This differs from the usual qsort/bsearch comparison function. */ -typedef int (*stack_cmp_func)(const void **a, const void **b); - -/* stack_st contains an array of pointers. It is not designed to be used - * directly, rather the wrapper macros should be used. */ -typedef struct stack_st { - /* num contains the number of valid pointers in |data|. */ - size_t num; - void **data; - /* sorted is non-zero if the values pointed to by |data| are in ascending - * order, based on |comp|. */ - size_t sorted; - /* num_alloc contains the number of pointers allocated in the buffer pointed - * to by |data|, which may be larger than |num|. */ - size_t num_alloc; - /* comp is an optional comparison function. */ - stack_cmp_func comp; -} _STACK; - - -#define STACK_OF(type) struct stack_st_##type - -#define DEFINE_STACK_OF(type) \ -STACK_OF(type) {\ - _STACK stack; \ -} - -#define DECLARE_STACK_OF(type) STACK_OF(type); - -/* The make_macros.sh script in this directory parses the following lines and - * generates the stack_macros.h file that contains macros for the following - * types of stacks: - * - * STACK_OF:ACCESS_DESCRIPTION - * STACK_OF:ASN1_ADB_TABLE - * STACK_OF:ASN1_GENERALSTRING - * STACK_OF:ASN1_INTEGER - * STACK_OF:ASN1_OBJECT - * STACK_OF:ASN1_STRING_TABLE - * STACK_OF:ASN1_TYPE - * STACK_OF:ASN1_VALUE - * STACK_OF:BIO - * STACK_OF:BY_DIR_ENTRY - * STACK_OF:BY_DIR_HASH - * STACK_OF:CONF_VALUE - * STACK_OF:CRYPTO_EX_DATA_FUNCS - * STACK_OF:DIST_POINT - * STACK_OF:GENERAL_NAME - * STACK_OF:GENERAL_NAMES - * STACK_OF:GENERAL_SUBTREE - * STACK_OF:MIME_HEADER - * STACK_OF:PKCS7_SIGNER_INFO - * STACK_OF:PKCS7_RECIP_INFO - * STACK_OF:POLICYINFO - * STACK_OF:POLICYQUALINFO - * STACK_OF:POLICY_MAPPING - * STACK_OF:SSL_COMP - * STACK_OF:STACK_OF_X509_NAME_ENTRY - * STACK_OF:SXNETID - * STACK_OF:X509 - * STACK_OF:X509V3_EXT_METHOD - * STACK_OF:X509_ALGOR - * STACK_OF:X509_ATTRIBUTE - * STACK_OF:X509_CRL - * STACK_OF:X509_EXTENSION - * STACK_OF:X509_INFO - * STACK_OF:X509_LOOKUP - * STACK_OF:X509_NAME - * STACK_OF:X509_NAME_ENTRY - * STACK_OF:X509_OBJECT - * STACK_OF:X509_POLICY_DATA - * STACK_OF:X509_POLICY_NODE - * STACK_OF:X509_PURPOSE - * STACK_OF:X509_REVOKED - * STACK_OF:X509_TRUST - * STACK_OF:X509_VERIFY_PARAM - * STACK_OF:void - * - * Some stacks contain only const structures, so the stack should return const - * pointers to retain type-checking. - * - * CONST_STACK_OF:SRTP_PROTECTION_PROFILE - * CONST_STACK_OF:SSL_CIPHER */ - - -/* Some stacks are special because, although we would like STACK_OF(char *), - * that would actually be a stack of pointers to char*, but we just want to - * point to the string directly. In this case we call them "special" and use - * |DEFINE_SPECIAL_STACK_OF(type)| */ -#define DEFINE_SPECIAL_STACK_OF(type, inner) \ - STACK_OF(type) { _STACK special_stack; }; \ - OPENSSL_COMPILE_ASSERT(sizeof(type) == sizeof(void *), \ - special_stack_of_non_pointer_##type); - -typedef char *OPENSSL_STRING; - -DEFINE_SPECIAL_STACK_OF(OPENSSL_STRING, char) -DEFINE_SPECIAL_STACK_OF(OPENSSL_BLOCK, uint8_t) - -/* The make_macros.sh script in this directory parses the following lines and - * generates the stack_macros.h file that contains macros for the following - * types of stacks: - * - * SPECIAL_STACK_OF:OPENSSL_STRING - * SPECIAL_STACK_OF:OPENSSL_BLOCK */ - -#define IN_STACK_H -#include -#undef IN_STACK_H - - -/* These are the raw stack functions, you shouldn't be using them. Rather you - * should be using the type stack macros implemented above. */ - -/* sk_new creates a new, empty stack with the given comparison function, which - * may be zero. It returns the new stack or NULL on allocation failure. */ -OPENSSL_EXPORT _STACK *sk_new(stack_cmp_func comp); - -/* sk_new_null creates a new, empty stack. It returns the new stack or NULL on - * allocation failure. */ -OPENSSL_EXPORT _STACK *sk_new_null(void); - -/* sk_num returns the number of elements in |s|. */ -OPENSSL_EXPORT size_t sk_num(const _STACK *sk); - -/* sk_zero resets |sk| to the empty state but does nothing to free the - * individual elements themselves. */ -OPENSSL_EXPORT void sk_zero(_STACK *sk); - -/* sk_value returns the |i|th pointer in |sk|, or NULL if |i| is out of - * range. */ -OPENSSL_EXPORT void *sk_value(const _STACK *sk, size_t i); - -/* sk_set sets the |i|th pointer in |sk| to |p| and returns |p|. If |i| is out - * of range, it returns NULL. */ -OPENSSL_EXPORT void *sk_set(_STACK *sk, size_t i, void *p); - -/* sk_free frees the given stack and array of pointers, but does nothing to - * free the individual elements. Also see |sk_pop_free|. */ -OPENSSL_EXPORT void sk_free(_STACK *sk); - -/* sk_pop_free calls |free_func| on each element in the stack and then frees - * the stack itself. */ -OPENSSL_EXPORT void sk_pop_free(_STACK *sk, void (*free_func)(void *)); - -/* sk_insert inserts |p| into the stack at index |where|, moving existing - * elements if needed. It returns the length of the new stack, or zero on - * error. */ -OPENSSL_EXPORT size_t sk_insert(_STACK *sk, void *p, size_t where); - -/* sk_delete removes the pointer at index |where|, moving other elements down - * if needed. It returns the removed pointer, or NULL if |where| is out of - * range. */ -OPENSSL_EXPORT void *sk_delete(_STACK *sk, size_t where); - -/* sk_delete_ptr removes, at most, one instance of |p| from the stack based on - * pointer equality. If an instance of |p| is found then |p| is returned, - * otherwise it returns NULL. */ -OPENSSL_EXPORT void *sk_delete_ptr(_STACK *sk, void *p); - -/* sk_find returns the first value in the stack equal to |p|. If a comparison - * function has been set on the stack, then equality is defined by it and the - * stack will be sorted if need be so that a binary search can be used. - * Otherwise pointer equality is used. If a matching element is found, its - * index is written to |*out_index| (if |out_index| is not NULL) and one is - * returned. Otherwise zero is returned. */ -OPENSSL_EXPORT int sk_find(_STACK *sk, size_t *out_index, void *p); - -/* sk_shift removes and returns the first element in the stack, or returns NULL - * if the stack is empty. */ -OPENSSL_EXPORT void *sk_shift(_STACK *sk); - -/* sk_push appends |p| to the stack and returns the length of the new stack, or - * 0 on allocation failure. */ -OPENSSL_EXPORT size_t sk_push(_STACK *sk, void *p); - -/* sk_pop returns and removes the last element on the stack, or NULL if the - * stack is empty. */ -OPENSSL_EXPORT void *sk_pop(_STACK *sk); - -/* sk_dup performs a shallow copy of a stack and returns the new stack, or NULL - * on error. */ -OPENSSL_EXPORT _STACK *sk_dup(const _STACK *sk); - -/* sk_sort sorts the elements of |sk| into ascending order based on the - * comparison function. The stack maintains a |sorted| flag and sorting an - * already sorted stack is a no-op. */ -OPENSSL_EXPORT void sk_sort(_STACK *sk); - -/* sk_is_sorted returns one if |sk| is known to be sorted and zero - * otherwise. */ -OPENSSL_EXPORT int sk_is_sorted(const _STACK *sk); - -/* sk_set_cmp_func sets the comparison function to be used by |sk| and returns - * the previous one. */ -OPENSSL_EXPORT stack_cmp_func sk_set_cmp_func(_STACK *sk, stack_cmp_func comp); - -/* sk_deep_copy performs a copy of |sk| and of each of the non-NULL elements in - * |sk| by using |copy_func|. If an error occurs, |free_func| is used to free - * any copies already made and NULL is returned. */ -OPENSSL_EXPORT _STACK *sk_deep_copy(const _STACK *sk, - void *(*copy_func)(void *), - void (*free_func)(void *)); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_STACK_H */ diff --git a/third_party/boringssl/include/openssl/stack_macros.h b/third_party/boringssl/include/openssl/stack_macros.h deleted file mode 100644 index dadcf6bec5d818..00000000000000 --- a/third_party/boringssl/include/openssl/stack_macros.h +++ /dev/null @@ -1,4004 +0,0 @@ -/* Copyright (c) 2014, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - -#if !defined(IN_STACK_H) -#error "Don't include this file directly. Include stack.h." -#endif - -/* ACCESS_DESCRIPTION */ -#define sk_ACCESS_DESCRIPTION_new(comp) \ - ((STACK_OF(ACCESS_DESCRIPTION) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const ACCESS_DESCRIPTION **a, const ACCESS_DESCRIPTION **b), \ - comp))) - -#define sk_ACCESS_DESCRIPTION_new_null() \ - ((STACK_OF(ACCESS_DESCRIPTION) *)sk_new_null()) - -#define sk_ACCESS_DESCRIPTION_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(ACCESS_DESCRIPTION) *, sk)) - -#define sk_ACCESS_DESCRIPTION_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(ACCESS_DESCRIPTION) *, sk)); - -#define sk_ACCESS_DESCRIPTION_value(sk, i) \ - ((ACCESS_DESCRIPTION *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(ACCESS_DESCRIPTION) *, sk), (i))) - -#define sk_ACCESS_DESCRIPTION_set(sk, i, p) \ - ((ACCESS_DESCRIPTION *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(ACCESS_DESCRIPTION) *, sk), (i), \ - CHECKED_CAST(void *, ACCESS_DESCRIPTION *, p))) - -#define sk_ACCESS_DESCRIPTION_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(ACCESS_DESCRIPTION) *, sk)) - -#define sk_ACCESS_DESCRIPTION_pop_free(sk, free_func) \ - sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(ACCESS_DESCRIPTION) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(ACCESS_DESCRIPTION *), \ - free_func)) - -#define sk_ACCESS_DESCRIPTION_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(ACCESS_DESCRIPTION) *, sk), \ - CHECKED_CAST(void *, ACCESS_DESCRIPTION *, p), (where)) - -#define sk_ACCESS_DESCRIPTION_delete(sk, where) \ - ((ACCESS_DESCRIPTION *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(ACCESS_DESCRIPTION) *, sk), (where))) - -#define sk_ACCESS_DESCRIPTION_delete_ptr(sk, p) \ - ((ACCESS_DESCRIPTION *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(ACCESS_DESCRIPTION) *, sk), \ - CHECKED_CAST(void *, ACCESS_DESCRIPTION *, p))) - -#define sk_ACCESS_DESCRIPTION_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(ACCESS_DESCRIPTION) *, sk), \ - (out_index), CHECKED_CAST(void *, ACCESS_DESCRIPTION *, p)) - -#define sk_ACCESS_DESCRIPTION_shift(sk) \ - ((ACCESS_DESCRIPTION *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(ACCESS_DESCRIPTION) *, sk))) - -#define sk_ACCESS_DESCRIPTION_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(ACCESS_DESCRIPTION) *, sk), \ - CHECKED_CAST(void *, ACCESS_DESCRIPTION *, p)) - -#define sk_ACCESS_DESCRIPTION_pop(sk) \ - ((ACCESS_DESCRIPTION *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(ACCESS_DESCRIPTION) *, sk))) - -#define sk_ACCESS_DESCRIPTION_dup(sk) \ - ((STACK_OF(ACCESS_DESCRIPTION) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(ACCESS_DESCRIPTION) *, sk))) - -#define sk_ACCESS_DESCRIPTION_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(ACCESS_DESCRIPTION) *, sk)) - -#define sk_ACCESS_DESCRIPTION_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(ACCESS_DESCRIPTION) *, sk)) - -#define sk_ACCESS_DESCRIPTION_set_cmp_func(sk, comp) \ - ((int (*)(const ACCESS_DESCRIPTION **a, const ACCESS_DESCRIPTION **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(ACCESS_DESCRIPTION) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const ACCESS_DESCRIPTION **a, \ - const ACCESS_DESCRIPTION **b), \ - comp))) - -#define sk_ACCESS_DESCRIPTION_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(ACCESS_DESCRIPTION) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(ACCESS_DESCRIPTION) *, sk), \ - CHECKED_CAST(void *(*)(void *), \ - ACCESS_DESCRIPTION *(*)(ACCESS_DESCRIPTION *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(ACCESS_DESCRIPTION *), \ - free_func))) - -/* ASN1_ADB_TABLE */ -#define sk_ASN1_ADB_TABLE_new(comp) \ - ((STACK_OF(ASN1_ADB_TABLE) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const ASN1_ADB_TABLE **a, const ASN1_ADB_TABLE **b), comp))) - -#define sk_ASN1_ADB_TABLE_new_null() ((STACK_OF(ASN1_ADB_TABLE) *)sk_new_null()) - -#define sk_ASN1_ADB_TABLE_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(ASN1_ADB_TABLE) *, sk)) - -#define sk_ASN1_ADB_TABLE_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(ASN1_ADB_TABLE) *, sk)); - -#define sk_ASN1_ADB_TABLE_value(sk, i) \ - ((ASN1_ADB_TABLE *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(ASN1_ADB_TABLE) *, sk), (i))) - -#define sk_ASN1_ADB_TABLE_set(sk, i, p) \ - ((ASN1_ADB_TABLE *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_ADB_TABLE) *, sk), (i), \ - CHECKED_CAST(void *, ASN1_ADB_TABLE *, p))) - -#define sk_ASN1_ADB_TABLE_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(ASN1_ADB_TABLE) *, sk)) - -#define sk_ASN1_ADB_TABLE_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_ADB_TABLE) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(ASN1_ADB_TABLE *), free_func)) - -#define sk_ASN1_ADB_TABLE_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(ASN1_ADB_TABLE) *, sk), \ - CHECKED_CAST(void *, ASN1_ADB_TABLE *, p), (where)) - -#define sk_ASN1_ADB_TABLE_delete(sk, where) \ - ((ASN1_ADB_TABLE *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_ADB_TABLE) *, sk), (where))) - -#define sk_ASN1_ADB_TABLE_delete_ptr(sk, p) \ - ((ASN1_ADB_TABLE *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_ADB_TABLE) *, sk), \ - CHECKED_CAST(void *, ASN1_ADB_TABLE *, p))) - -#define sk_ASN1_ADB_TABLE_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(ASN1_ADB_TABLE) *, sk), (out_index), \ - CHECKED_CAST(void *, ASN1_ADB_TABLE *, p)) - -#define sk_ASN1_ADB_TABLE_shift(sk) \ - ((ASN1_ADB_TABLE *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_ADB_TABLE) *, sk))) - -#define sk_ASN1_ADB_TABLE_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(ASN1_ADB_TABLE) *, sk), \ - CHECKED_CAST(void *, ASN1_ADB_TABLE *, p)) - -#define sk_ASN1_ADB_TABLE_pop(sk) \ - ((ASN1_ADB_TABLE *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_ADB_TABLE) *, sk))) - -#define sk_ASN1_ADB_TABLE_dup(sk) \ - ((STACK_OF(ASN1_ADB_TABLE) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(ASN1_ADB_TABLE) *, sk))) - -#define sk_ASN1_ADB_TABLE_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(ASN1_ADB_TABLE) *, sk)) - -#define sk_ASN1_ADB_TABLE_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(ASN1_ADB_TABLE) *, sk)) - -#define sk_ASN1_ADB_TABLE_set_cmp_func(sk, comp) \ - ((int (*)(const ASN1_ADB_TABLE **a, const ASN1_ADB_TABLE **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_ADB_TABLE) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const ASN1_ADB_TABLE **a, \ - const ASN1_ADB_TABLE **b), \ - comp))) - -#define sk_ASN1_ADB_TABLE_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(ASN1_ADB_TABLE) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(ASN1_ADB_TABLE) *, sk), \ - CHECKED_CAST(void *(*)(void *), ASN1_ADB_TABLE *(*)(ASN1_ADB_TABLE *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(ASN1_ADB_TABLE *), free_func))) - -/* ASN1_GENERALSTRING */ -#define sk_ASN1_GENERALSTRING_new(comp) \ - ((STACK_OF(ASN1_GENERALSTRING) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const ASN1_GENERALSTRING **a, const ASN1_GENERALSTRING **b), \ - comp))) - -#define sk_ASN1_GENERALSTRING_new_null() \ - ((STACK_OF(ASN1_GENERALSTRING) *)sk_new_null()) - -#define sk_ASN1_GENERALSTRING_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(ASN1_GENERALSTRING) *, sk)) - -#define sk_ASN1_GENERALSTRING_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(ASN1_GENERALSTRING) *, sk)); - -#define sk_ASN1_GENERALSTRING_value(sk, i) \ - ((ASN1_GENERALSTRING *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(ASN1_GENERALSTRING) *, sk), (i))) - -#define sk_ASN1_GENERALSTRING_set(sk, i, p) \ - ((ASN1_GENERALSTRING *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_GENERALSTRING) *, sk), (i), \ - CHECKED_CAST(void *, ASN1_GENERALSTRING *, p))) - -#define sk_ASN1_GENERALSTRING_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(ASN1_GENERALSTRING) *, sk)) - -#define sk_ASN1_GENERALSTRING_pop_free(sk, free_func) \ - sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(ASN1_GENERALSTRING) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(ASN1_GENERALSTRING *), \ - free_func)) - -#define sk_ASN1_GENERALSTRING_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(ASN1_GENERALSTRING) *, sk), \ - CHECKED_CAST(void *, ASN1_GENERALSTRING *, p), (where)) - -#define sk_ASN1_GENERALSTRING_delete(sk, where) \ - ((ASN1_GENERALSTRING *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_GENERALSTRING) *, sk), (where))) - -#define sk_ASN1_GENERALSTRING_delete_ptr(sk, p) \ - ((ASN1_GENERALSTRING *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_GENERALSTRING) *, sk), \ - CHECKED_CAST(void *, ASN1_GENERALSTRING *, p))) - -#define sk_ASN1_GENERALSTRING_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(ASN1_GENERALSTRING) *, sk), \ - (out_index), CHECKED_CAST(void *, ASN1_GENERALSTRING *, p)) - -#define sk_ASN1_GENERALSTRING_shift(sk) \ - ((ASN1_GENERALSTRING *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_GENERALSTRING) *, sk))) - -#define sk_ASN1_GENERALSTRING_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(ASN1_GENERALSTRING) *, sk), \ - CHECKED_CAST(void *, ASN1_GENERALSTRING *, p)) - -#define sk_ASN1_GENERALSTRING_pop(sk) \ - ((ASN1_GENERALSTRING *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_GENERALSTRING) *, sk))) - -#define sk_ASN1_GENERALSTRING_dup(sk) \ - ((STACK_OF(ASN1_GENERALSTRING) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(ASN1_GENERALSTRING) *, sk))) - -#define sk_ASN1_GENERALSTRING_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(ASN1_GENERALSTRING) *, sk)) - -#define sk_ASN1_GENERALSTRING_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(ASN1_GENERALSTRING) *, sk)) - -#define sk_ASN1_GENERALSTRING_set_cmp_func(sk, comp) \ - ((int (*)(const ASN1_GENERALSTRING **a, const ASN1_GENERALSTRING **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_GENERALSTRING) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const ASN1_GENERALSTRING **a, \ - const ASN1_GENERALSTRING **b), \ - comp))) - -#define sk_ASN1_GENERALSTRING_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(ASN1_GENERALSTRING) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(ASN1_GENERALSTRING) *, sk), \ - CHECKED_CAST(void *(*)(void *), \ - ASN1_GENERALSTRING *(*)(ASN1_GENERALSTRING *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(ASN1_GENERALSTRING *), \ - free_func))) - -/* ASN1_INTEGER */ -#define sk_ASN1_INTEGER_new(comp) \ - ((STACK_OF(ASN1_INTEGER) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const ASN1_INTEGER **a, const ASN1_INTEGER **b), \ - comp))) - -#define sk_ASN1_INTEGER_new_null() ((STACK_OF(ASN1_INTEGER) *)sk_new_null()) - -#define sk_ASN1_INTEGER_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(ASN1_INTEGER) *, sk)) - -#define sk_ASN1_INTEGER_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(ASN1_INTEGER) *, sk)); - -#define sk_ASN1_INTEGER_value(sk, i) \ - ((ASN1_INTEGER *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(ASN1_INTEGER) *, sk), (i))) - -#define sk_ASN1_INTEGER_set(sk, i, p) \ - ((ASN1_INTEGER *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_INTEGER) *, sk), (i), \ - CHECKED_CAST(void *, ASN1_INTEGER *, p))) - -#define sk_ASN1_INTEGER_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(ASN1_INTEGER) *, sk)) - -#define sk_ASN1_INTEGER_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_INTEGER) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(ASN1_INTEGER *), free_func)) - -#define sk_ASN1_INTEGER_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(ASN1_INTEGER) *, sk), \ - CHECKED_CAST(void *, ASN1_INTEGER *, p), (where)) - -#define sk_ASN1_INTEGER_delete(sk, where) \ - ((ASN1_INTEGER *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_INTEGER) *, sk), (where))) - -#define sk_ASN1_INTEGER_delete_ptr(sk, p) \ - ((ASN1_INTEGER *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_INTEGER) *, sk), \ - CHECKED_CAST(void *, ASN1_INTEGER *, p))) - -#define sk_ASN1_INTEGER_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(ASN1_INTEGER) *, sk), (out_index), \ - CHECKED_CAST(void *, ASN1_INTEGER *, p)) - -#define sk_ASN1_INTEGER_shift(sk) \ - ((ASN1_INTEGER *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_INTEGER) *, sk))) - -#define sk_ASN1_INTEGER_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(ASN1_INTEGER) *, sk), \ - CHECKED_CAST(void *, ASN1_INTEGER *, p)) - -#define sk_ASN1_INTEGER_pop(sk) \ - ((ASN1_INTEGER *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(ASN1_INTEGER) *, sk))) - -#define sk_ASN1_INTEGER_dup(sk) \ - ((STACK_OF(ASN1_INTEGER) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(ASN1_INTEGER) *, sk))) - -#define sk_ASN1_INTEGER_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(ASN1_INTEGER) *, sk)) - -#define sk_ASN1_INTEGER_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(ASN1_INTEGER) *, sk)) - -#define sk_ASN1_INTEGER_set_cmp_func(sk, comp) \ - ((int (*)(const ASN1_INTEGER **a, const ASN1_INTEGER **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_INTEGER) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const ASN1_INTEGER **a, const ASN1_INTEGER **b), \ - comp))) - -#define sk_ASN1_INTEGER_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(ASN1_INTEGER) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(ASN1_INTEGER) *, sk), \ - CHECKED_CAST(void *(*)(void *), ASN1_INTEGER *(*)(ASN1_INTEGER *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(ASN1_INTEGER *), free_func))) - -/* ASN1_OBJECT */ -#define sk_ASN1_OBJECT_new(comp) \ - ((STACK_OF(ASN1_OBJECT) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const ASN1_OBJECT **a, const ASN1_OBJECT **b), \ - comp))) - -#define sk_ASN1_OBJECT_new_null() ((STACK_OF(ASN1_OBJECT) *)sk_new_null()) - -#define sk_ASN1_OBJECT_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(ASN1_OBJECT) *, sk)) - -#define sk_ASN1_OBJECT_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(ASN1_OBJECT) *, sk)); - -#define sk_ASN1_OBJECT_value(sk, i) \ - ((ASN1_OBJECT *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(ASN1_OBJECT) *, sk), (i))) - -#define sk_ASN1_OBJECT_set(sk, i, p) \ - ((ASN1_OBJECT *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(ASN1_OBJECT) *, sk), \ - (i), CHECKED_CAST(void *, ASN1_OBJECT *, p))) - -#define sk_ASN1_OBJECT_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(ASN1_OBJECT) *, sk)) - -#define sk_ASN1_OBJECT_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_OBJECT) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(ASN1_OBJECT *), free_func)) - -#define sk_ASN1_OBJECT_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(ASN1_OBJECT) *, sk), \ - CHECKED_CAST(void *, ASN1_OBJECT *, p), (where)) - -#define sk_ASN1_OBJECT_delete(sk, where) \ - ((ASN1_OBJECT *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_OBJECT) *, sk), (where))) - -#define sk_ASN1_OBJECT_delete_ptr(sk, p) \ - ((ASN1_OBJECT *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_OBJECT) *, sk), \ - CHECKED_CAST(void *, ASN1_OBJECT *, p))) - -#define sk_ASN1_OBJECT_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(ASN1_OBJECT) *, sk), (out_index), \ - CHECKED_CAST(void *, ASN1_OBJECT *, p)) - -#define sk_ASN1_OBJECT_shift(sk) \ - ((ASN1_OBJECT *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(ASN1_OBJECT) *, sk))) - -#define sk_ASN1_OBJECT_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(ASN1_OBJECT) *, sk), \ - CHECKED_CAST(void *, ASN1_OBJECT *, p)) - -#define sk_ASN1_OBJECT_pop(sk) \ - ((ASN1_OBJECT *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(ASN1_OBJECT) *, sk))) - -#define sk_ASN1_OBJECT_dup(sk) \ - ((STACK_OF(ASN1_OBJECT) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(ASN1_OBJECT) *, sk))) - -#define sk_ASN1_OBJECT_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(ASN1_OBJECT) *, sk)) - -#define sk_ASN1_OBJECT_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(ASN1_OBJECT) *, sk)) - -#define sk_ASN1_OBJECT_set_cmp_func(sk, comp) \ - ((int (*)(const ASN1_OBJECT **a, const ASN1_OBJECT **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_OBJECT) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const ASN1_OBJECT **a, const ASN1_OBJECT **b), \ - comp))) - -#define sk_ASN1_OBJECT_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(ASN1_OBJECT) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(ASN1_OBJECT) *, sk), \ - CHECKED_CAST(void *(*)(void *), ASN1_OBJECT *(*)(ASN1_OBJECT *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(ASN1_OBJECT *), free_func))) - -/* ASN1_STRING_TABLE */ -#define sk_ASN1_STRING_TABLE_new(comp) \ - ((STACK_OF(ASN1_STRING_TABLE) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const ASN1_STRING_TABLE **a, const ASN1_STRING_TABLE **b), \ - comp))) - -#define sk_ASN1_STRING_TABLE_new_null() \ - ((STACK_OF(ASN1_STRING_TABLE) *)sk_new_null()) - -#define sk_ASN1_STRING_TABLE_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(ASN1_STRING_TABLE) *, sk)) - -#define sk_ASN1_STRING_TABLE_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(ASN1_STRING_TABLE) *, sk)); - -#define sk_ASN1_STRING_TABLE_value(sk, i) \ - ((ASN1_STRING_TABLE *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(ASN1_STRING_TABLE) *, sk), (i))) - -#define sk_ASN1_STRING_TABLE_set(sk, i, p) \ - ((ASN1_STRING_TABLE *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_STRING_TABLE) *, sk), (i), \ - CHECKED_CAST(void *, ASN1_STRING_TABLE *, p))) - -#define sk_ASN1_STRING_TABLE_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(ASN1_STRING_TABLE) *, sk)) - -#define sk_ASN1_STRING_TABLE_pop_free(sk, free_func) \ - sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(ASN1_STRING_TABLE) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(ASN1_STRING_TABLE *), \ - free_func)) - -#define sk_ASN1_STRING_TABLE_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(ASN1_STRING_TABLE) *, sk), \ - CHECKED_CAST(void *, ASN1_STRING_TABLE *, p), (where)) - -#define sk_ASN1_STRING_TABLE_delete(sk, where) \ - ((ASN1_STRING_TABLE *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_STRING_TABLE) *, sk), (where))) - -#define sk_ASN1_STRING_TABLE_delete_ptr(sk, p) \ - ((ASN1_STRING_TABLE *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_STRING_TABLE) *, sk), \ - CHECKED_CAST(void *, ASN1_STRING_TABLE *, p))) - -#define sk_ASN1_STRING_TABLE_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(ASN1_STRING_TABLE) *, sk), \ - (out_index), CHECKED_CAST(void *, ASN1_STRING_TABLE *, p)) - -#define sk_ASN1_STRING_TABLE_shift(sk) \ - ((ASN1_STRING_TABLE *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_STRING_TABLE) *, sk))) - -#define sk_ASN1_STRING_TABLE_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(ASN1_STRING_TABLE) *, sk), \ - CHECKED_CAST(void *, ASN1_STRING_TABLE *, p)) - -#define sk_ASN1_STRING_TABLE_pop(sk) \ - ((ASN1_STRING_TABLE *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_STRING_TABLE) *, sk))) - -#define sk_ASN1_STRING_TABLE_dup(sk) \ - ((STACK_OF(ASN1_STRING_TABLE) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(ASN1_STRING_TABLE) *, sk))) - -#define sk_ASN1_STRING_TABLE_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(ASN1_STRING_TABLE) *, sk)) - -#define sk_ASN1_STRING_TABLE_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(ASN1_STRING_TABLE) *, sk)) - -#define sk_ASN1_STRING_TABLE_set_cmp_func(sk, comp) \ - ((int (*)(const ASN1_STRING_TABLE **a, const ASN1_STRING_TABLE **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_STRING_TABLE) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const ASN1_STRING_TABLE **a, \ - const ASN1_STRING_TABLE **b), \ - comp))) - -#define sk_ASN1_STRING_TABLE_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(ASN1_STRING_TABLE) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(ASN1_STRING_TABLE) *, sk), \ - CHECKED_CAST(void *(*)(void *), \ - ASN1_STRING_TABLE *(*)(ASN1_STRING_TABLE *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(ASN1_STRING_TABLE *), \ - free_func))) - -/* ASN1_TYPE */ -#define sk_ASN1_TYPE_new(comp) \ - ((STACK_OF(ASN1_TYPE) *)sk_new( \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const ASN1_TYPE **a, const ASN1_TYPE **b), comp))) - -#define sk_ASN1_TYPE_new_null() ((STACK_OF(ASN1_TYPE) *)sk_new_null()) - -#define sk_ASN1_TYPE_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(ASN1_TYPE) *, sk)) - -#define sk_ASN1_TYPE_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(ASN1_TYPE) *, sk)); - -#define sk_ASN1_TYPE_value(sk, i) \ - ((ASN1_TYPE *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(ASN1_TYPE) *, sk), (i))) - -#define sk_ASN1_TYPE_set(sk, i, p) \ - ((ASN1_TYPE *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(ASN1_TYPE) *, sk), (i), \ - CHECKED_CAST(void *, ASN1_TYPE *, p))) - -#define sk_ASN1_TYPE_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(ASN1_TYPE) *, sk)) - -#define sk_ASN1_TYPE_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_TYPE) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(ASN1_TYPE *), free_func)) - -#define sk_ASN1_TYPE_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(ASN1_TYPE) *, sk), \ - CHECKED_CAST(void *, ASN1_TYPE *, p), (where)) - -#define sk_ASN1_TYPE_delete(sk, where) \ - ((ASN1_TYPE *)sk_delete(CHECKED_CAST(_STACK *, STACK_OF(ASN1_TYPE) *, sk), \ - (where))) - -#define sk_ASN1_TYPE_delete_ptr(sk, p) \ - ((ASN1_TYPE *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_TYPE) *, sk), \ - CHECKED_CAST(void *, ASN1_TYPE *, p))) - -#define sk_ASN1_TYPE_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(ASN1_TYPE) *, sk), (out_index), \ - CHECKED_CAST(void *, ASN1_TYPE *, p)) - -#define sk_ASN1_TYPE_shift(sk) \ - ((ASN1_TYPE *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(ASN1_TYPE) *, sk))) - -#define sk_ASN1_TYPE_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(ASN1_TYPE) *, sk), \ - CHECKED_CAST(void *, ASN1_TYPE *, p)) - -#define sk_ASN1_TYPE_pop(sk) \ - ((ASN1_TYPE *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(ASN1_TYPE) *, sk))) - -#define sk_ASN1_TYPE_dup(sk) \ - ((STACK_OF(ASN1_TYPE) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(ASN1_TYPE) *, sk))) - -#define sk_ASN1_TYPE_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(ASN1_TYPE) *, sk)) - -#define sk_ASN1_TYPE_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(ASN1_TYPE) *, sk)) - -#define sk_ASN1_TYPE_set_cmp_func(sk, comp) \ - ((int (*)(const ASN1_TYPE **a, const ASN1_TYPE **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_TYPE) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const ASN1_TYPE **a, const ASN1_TYPE **b), comp))) - -#define sk_ASN1_TYPE_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(ASN1_TYPE) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(ASN1_TYPE) *, sk), \ - CHECKED_CAST(void *(*)(void *), ASN1_TYPE *(*)(ASN1_TYPE *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(ASN1_TYPE *), free_func))) - -/* ASN1_VALUE */ -#define sk_ASN1_VALUE_new(comp) \ - ((STACK_OF(ASN1_VALUE) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const ASN1_VALUE **a, const ASN1_VALUE **b), \ - comp))) - -#define sk_ASN1_VALUE_new_null() ((STACK_OF(ASN1_VALUE) *)sk_new_null()) - -#define sk_ASN1_VALUE_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(ASN1_VALUE) *, sk)) - -#define sk_ASN1_VALUE_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(ASN1_VALUE) *, sk)); - -#define sk_ASN1_VALUE_value(sk, i) \ - ((ASN1_VALUE *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(ASN1_VALUE) *, sk), (i))) - -#define sk_ASN1_VALUE_set(sk, i, p) \ - ((ASN1_VALUE *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(ASN1_VALUE) *, sk), \ - (i), CHECKED_CAST(void *, ASN1_VALUE *, p))) - -#define sk_ASN1_VALUE_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(ASN1_VALUE) *, sk)) - -#define sk_ASN1_VALUE_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_VALUE) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(ASN1_VALUE *), free_func)) - -#define sk_ASN1_VALUE_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(ASN1_VALUE) *, sk), \ - CHECKED_CAST(void *, ASN1_VALUE *, p), (where)) - -#define sk_ASN1_VALUE_delete(sk, where) \ - ((ASN1_VALUE *)sk_delete(CHECKED_CAST(_STACK *, STACK_OF(ASN1_VALUE) *, sk), \ - (where))) - -#define sk_ASN1_VALUE_delete_ptr(sk, p) \ - ((ASN1_VALUE *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_VALUE) *, sk), \ - CHECKED_CAST(void *, ASN1_VALUE *, p))) - -#define sk_ASN1_VALUE_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(ASN1_VALUE) *, sk), (out_index), \ - CHECKED_CAST(void *, ASN1_VALUE *, p)) - -#define sk_ASN1_VALUE_shift(sk) \ - ((ASN1_VALUE *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(ASN1_VALUE) *, sk))) - -#define sk_ASN1_VALUE_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(ASN1_VALUE) *, sk), \ - CHECKED_CAST(void *, ASN1_VALUE *, p)) - -#define sk_ASN1_VALUE_pop(sk) \ - ((ASN1_VALUE *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(ASN1_VALUE) *, sk))) - -#define sk_ASN1_VALUE_dup(sk) \ - ((STACK_OF(ASN1_VALUE) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(ASN1_VALUE) *, sk))) - -#define sk_ASN1_VALUE_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(ASN1_VALUE) *, sk)) - -#define sk_ASN1_VALUE_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(ASN1_VALUE) *, sk)) - -#define sk_ASN1_VALUE_set_cmp_func(sk, comp) \ - ((int (*)(const ASN1_VALUE **a, const ASN1_VALUE **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(ASN1_VALUE) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const ASN1_VALUE **a, const ASN1_VALUE **b), \ - comp))) - -#define sk_ASN1_VALUE_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(ASN1_VALUE) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(ASN1_VALUE) *, sk), \ - CHECKED_CAST(void *(*)(void *), ASN1_VALUE *(*)(ASN1_VALUE *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(ASN1_VALUE *), free_func))) - -/* BIO */ -#define sk_BIO_new(comp) \ - ((STACK_OF(BIO) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const BIO **a, const BIO **b), comp))) - -#define sk_BIO_new_null() ((STACK_OF(BIO) *)sk_new_null()) - -#define sk_BIO_num(sk) sk_num(CHECKED_CAST(_STACK *, STACK_OF(BIO) *, sk)) - -#define sk_BIO_zero(sk) sk_zero(CHECKED_CAST(_STACK *, STACK_OF(BIO) *, sk)); - -#define sk_BIO_value(sk, i) \ - ((BIO *)sk_value(CHECKED_CAST(_STACK *, const STACK_OF(BIO) *, sk), (i))) - -#define sk_BIO_set(sk, i, p) \ - ((BIO *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(BIO) *, sk), (i), \ - CHECKED_CAST(void *, BIO *, p))) - -#define sk_BIO_free(sk) sk_free(CHECKED_CAST(_STACK *, STACK_OF(BIO) *, sk)) - -#define sk_BIO_pop_free(sk, free_func) \ - sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(BIO) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(BIO *), free_func)) - -#define sk_BIO_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(BIO) *, sk), \ - CHECKED_CAST(void *, BIO *, p), (where)) - -#define sk_BIO_delete(sk, where) \ - ((BIO *)sk_delete(CHECKED_CAST(_STACK *, STACK_OF(BIO) *, sk), (where))) - -#define sk_BIO_delete_ptr(sk, p) \ - ((BIO *)sk_delete_ptr(CHECKED_CAST(_STACK *, STACK_OF(BIO) *, sk), \ - CHECKED_CAST(void *, BIO *, p))) - -#define sk_BIO_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(BIO) *, sk), (out_index), \ - CHECKED_CAST(void *, BIO *, p)) - -#define sk_BIO_shift(sk) \ - ((BIO *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(BIO) *, sk))) - -#define sk_BIO_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(BIO) *, sk), \ - CHECKED_CAST(void *, BIO *, p)) - -#define sk_BIO_pop(sk) \ - ((BIO *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(BIO) *, sk))) - -#define sk_BIO_dup(sk) \ - ((STACK_OF(BIO) *)sk_dup(CHECKED_CAST(_STACK *, const STACK_OF(BIO) *, sk))) - -#define sk_BIO_sort(sk) sk_sort(CHECKED_CAST(_STACK *, STACK_OF(BIO) *, sk)) - -#define sk_BIO_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(BIO) *, sk)) - -#define sk_BIO_set_cmp_func(sk, comp) \ - ((int (*)(const BIO **a, const BIO **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(BIO) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const BIO **a, const BIO **b), \ - comp))) - -#define sk_BIO_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(BIO) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(BIO) *, sk), \ - CHECKED_CAST(void *(*)(void *), BIO *(*)(BIO *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(BIO *), free_func))) - -/* BY_DIR_ENTRY */ -#define sk_BY_DIR_ENTRY_new(comp) \ - ((STACK_OF(BY_DIR_ENTRY) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const BY_DIR_ENTRY **a, const BY_DIR_ENTRY **b), \ - comp))) - -#define sk_BY_DIR_ENTRY_new_null() ((STACK_OF(BY_DIR_ENTRY) *)sk_new_null()) - -#define sk_BY_DIR_ENTRY_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_ENTRY) *, sk)) - -#define sk_BY_DIR_ENTRY_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_ENTRY) *, sk)); - -#define sk_BY_DIR_ENTRY_value(sk, i) \ - ((BY_DIR_ENTRY *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(BY_DIR_ENTRY) *, sk), (i))) - -#define sk_BY_DIR_ENTRY_set(sk, i, p) \ - ((BY_DIR_ENTRY *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_ENTRY) *, sk), (i), \ - CHECKED_CAST(void *, BY_DIR_ENTRY *, p))) - -#define sk_BY_DIR_ENTRY_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_ENTRY) *, sk)) - -#define sk_BY_DIR_ENTRY_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_ENTRY) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(BY_DIR_ENTRY *), free_func)) - -#define sk_BY_DIR_ENTRY_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_ENTRY) *, sk), \ - CHECKED_CAST(void *, BY_DIR_ENTRY *, p), (where)) - -#define sk_BY_DIR_ENTRY_delete(sk, where) \ - ((BY_DIR_ENTRY *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_ENTRY) *, sk), (where))) - -#define sk_BY_DIR_ENTRY_delete_ptr(sk, p) \ - ((BY_DIR_ENTRY *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_ENTRY) *, sk), \ - CHECKED_CAST(void *, BY_DIR_ENTRY *, p))) - -#define sk_BY_DIR_ENTRY_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_ENTRY) *, sk), (out_index), \ - CHECKED_CAST(void *, BY_DIR_ENTRY *, p)) - -#define sk_BY_DIR_ENTRY_shift(sk) \ - ((BY_DIR_ENTRY *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_ENTRY) *, sk))) - -#define sk_BY_DIR_ENTRY_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_ENTRY) *, sk), \ - CHECKED_CAST(void *, BY_DIR_ENTRY *, p)) - -#define sk_BY_DIR_ENTRY_pop(sk) \ - ((BY_DIR_ENTRY *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_ENTRY) *, sk))) - -#define sk_BY_DIR_ENTRY_dup(sk) \ - ((STACK_OF(BY_DIR_ENTRY) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(BY_DIR_ENTRY) *, sk))) - -#define sk_BY_DIR_ENTRY_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_ENTRY) *, sk)) - -#define sk_BY_DIR_ENTRY_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(BY_DIR_ENTRY) *, sk)) - -#define sk_BY_DIR_ENTRY_set_cmp_func(sk, comp) \ - ((int (*)(const BY_DIR_ENTRY **a, const BY_DIR_ENTRY **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_ENTRY) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const BY_DIR_ENTRY **a, const BY_DIR_ENTRY **b), \ - comp))) - -#define sk_BY_DIR_ENTRY_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(BY_DIR_ENTRY) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(BY_DIR_ENTRY) *, sk), \ - CHECKED_CAST(void *(*)(void *), BY_DIR_ENTRY *(*)(BY_DIR_ENTRY *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(BY_DIR_ENTRY *), free_func))) - -/* BY_DIR_HASH */ -#define sk_BY_DIR_HASH_new(comp) \ - ((STACK_OF(BY_DIR_HASH) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const BY_DIR_HASH **a, const BY_DIR_HASH **b), \ - comp))) - -#define sk_BY_DIR_HASH_new_null() ((STACK_OF(BY_DIR_HASH) *)sk_new_null()) - -#define sk_BY_DIR_HASH_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_HASH) *, sk)) - -#define sk_BY_DIR_HASH_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_HASH) *, sk)); - -#define sk_BY_DIR_HASH_value(sk, i) \ - ((BY_DIR_HASH *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(BY_DIR_HASH) *, sk), (i))) - -#define sk_BY_DIR_HASH_set(sk, i, p) \ - ((BY_DIR_HASH *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_HASH) *, sk), \ - (i), CHECKED_CAST(void *, BY_DIR_HASH *, p))) - -#define sk_BY_DIR_HASH_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_HASH) *, sk)) - -#define sk_BY_DIR_HASH_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_HASH) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(BY_DIR_HASH *), free_func)) - -#define sk_BY_DIR_HASH_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_HASH) *, sk), \ - CHECKED_CAST(void *, BY_DIR_HASH *, p), (where)) - -#define sk_BY_DIR_HASH_delete(sk, where) \ - ((BY_DIR_HASH *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_HASH) *, sk), (where))) - -#define sk_BY_DIR_HASH_delete_ptr(sk, p) \ - ((BY_DIR_HASH *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_HASH) *, sk), \ - CHECKED_CAST(void *, BY_DIR_HASH *, p))) - -#define sk_BY_DIR_HASH_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_HASH) *, sk), (out_index), \ - CHECKED_CAST(void *, BY_DIR_HASH *, p)) - -#define sk_BY_DIR_HASH_shift(sk) \ - ((BY_DIR_HASH *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_HASH) *, sk))) - -#define sk_BY_DIR_HASH_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_HASH) *, sk), \ - CHECKED_CAST(void *, BY_DIR_HASH *, p)) - -#define sk_BY_DIR_HASH_pop(sk) \ - ((BY_DIR_HASH *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_HASH) *, sk))) - -#define sk_BY_DIR_HASH_dup(sk) \ - ((STACK_OF(BY_DIR_HASH) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(BY_DIR_HASH) *, sk))) - -#define sk_BY_DIR_HASH_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_HASH) *, sk)) - -#define sk_BY_DIR_HASH_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(BY_DIR_HASH) *, sk)) - -#define sk_BY_DIR_HASH_set_cmp_func(sk, comp) \ - ((int (*)(const BY_DIR_HASH **a, const BY_DIR_HASH **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(BY_DIR_HASH) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const BY_DIR_HASH **a, const BY_DIR_HASH **b), \ - comp))) - -#define sk_BY_DIR_HASH_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(BY_DIR_HASH) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(BY_DIR_HASH) *, sk), \ - CHECKED_CAST(void *(*)(void *), BY_DIR_HASH *(*)(BY_DIR_HASH *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(BY_DIR_HASH *), free_func))) - -/* CONF_VALUE */ -#define sk_CONF_VALUE_new(comp) \ - ((STACK_OF(CONF_VALUE) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const CONF_VALUE **a, const CONF_VALUE **b), \ - comp))) - -#define sk_CONF_VALUE_new_null() ((STACK_OF(CONF_VALUE) *)sk_new_null()) - -#define sk_CONF_VALUE_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(CONF_VALUE) *, sk)) - -#define sk_CONF_VALUE_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(CONF_VALUE) *, sk)); - -#define sk_CONF_VALUE_value(sk, i) \ - ((CONF_VALUE *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(CONF_VALUE) *, sk), (i))) - -#define sk_CONF_VALUE_set(sk, i, p) \ - ((CONF_VALUE *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(CONF_VALUE) *, sk), \ - (i), CHECKED_CAST(void *, CONF_VALUE *, p))) - -#define sk_CONF_VALUE_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(CONF_VALUE) *, sk)) - -#define sk_CONF_VALUE_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(CONF_VALUE) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(CONF_VALUE *), free_func)) - -#define sk_CONF_VALUE_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(CONF_VALUE) *, sk), \ - CHECKED_CAST(void *, CONF_VALUE *, p), (where)) - -#define sk_CONF_VALUE_delete(sk, where) \ - ((CONF_VALUE *)sk_delete(CHECKED_CAST(_STACK *, STACK_OF(CONF_VALUE) *, sk), \ - (where))) - -#define sk_CONF_VALUE_delete_ptr(sk, p) \ - ((CONF_VALUE *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(CONF_VALUE) *, sk), \ - CHECKED_CAST(void *, CONF_VALUE *, p))) - -#define sk_CONF_VALUE_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(CONF_VALUE) *, sk), (out_index), \ - CHECKED_CAST(void *, CONF_VALUE *, p)) - -#define sk_CONF_VALUE_shift(sk) \ - ((CONF_VALUE *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(CONF_VALUE) *, sk))) - -#define sk_CONF_VALUE_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(CONF_VALUE) *, sk), \ - CHECKED_CAST(void *, CONF_VALUE *, p)) - -#define sk_CONF_VALUE_pop(sk) \ - ((CONF_VALUE *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(CONF_VALUE) *, sk))) - -#define sk_CONF_VALUE_dup(sk) \ - ((STACK_OF(CONF_VALUE) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(CONF_VALUE) *, sk))) - -#define sk_CONF_VALUE_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(CONF_VALUE) *, sk)) - -#define sk_CONF_VALUE_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(CONF_VALUE) *, sk)) - -#define sk_CONF_VALUE_set_cmp_func(sk, comp) \ - ((int (*)(const CONF_VALUE **a, const CONF_VALUE **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(CONF_VALUE) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const CONF_VALUE **a, const CONF_VALUE **b), \ - comp))) - -#define sk_CONF_VALUE_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(CONF_VALUE) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(CONF_VALUE) *, sk), \ - CHECKED_CAST(void *(*)(void *), CONF_VALUE *(*)(CONF_VALUE *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(CONF_VALUE *), free_func))) - -/* CRYPTO_EX_DATA_FUNCS */ -#define sk_CRYPTO_EX_DATA_FUNCS_new(comp) \ - ((STACK_OF(CRYPTO_EX_DATA_FUNCS) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const CRYPTO_EX_DATA_FUNCS **a, const CRYPTO_EX_DATA_FUNCS **b), \ - comp))) - -#define sk_CRYPTO_EX_DATA_FUNCS_new_null() \ - ((STACK_OF(CRYPTO_EX_DATA_FUNCS) *)sk_new_null()) - -#define sk_CRYPTO_EX_DATA_FUNCS_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk)) - -#define sk_CRYPTO_EX_DATA_FUNCS_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk)); - -#define sk_CRYPTO_EX_DATA_FUNCS_value(sk, i) \ - ((CRYPTO_EX_DATA_FUNCS *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk), \ - (i))) - -#define sk_CRYPTO_EX_DATA_FUNCS_set(sk, i, p) \ - ((CRYPTO_EX_DATA_FUNCS *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk), (i), \ - CHECKED_CAST(void *, CRYPTO_EX_DATA_FUNCS *, p))) - -#define sk_CRYPTO_EX_DATA_FUNCS_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk)) - -#define sk_CRYPTO_EX_DATA_FUNCS_pop_free(sk, free_func) \ - sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(CRYPTO_EX_DATA_FUNCS *), \ - free_func)) - -#define sk_CRYPTO_EX_DATA_FUNCS_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk), \ - CHECKED_CAST(void *, CRYPTO_EX_DATA_FUNCS *, p), (where)) - -#define sk_CRYPTO_EX_DATA_FUNCS_delete(sk, where) \ - ((CRYPTO_EX_DATA_FUNCS *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk), (where))) - -#define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(sk, p) \ - ((CRYPTO_EX_DATA_FUNCS *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk), \ - CHECKED_CAST(void *, CRYPTO_EX_DATA_FUNCS *, p))) - -#define sk_CRYPTO_EX_DATA_FUNCS_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk), \ - (out_index), CHECKED_CAST(void *, CRYPTO_EX_DATA_FUNCS *, p)) - -#define sk_CRYPTO_EX_DATA_FUNCS_shift(sk) \ - ((CRYPTO_EX_DATA_FUNCS *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk))) - -#define sk_CRYPTO_EX_DATA_FUNCS_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk), \ - CHECKED_CAST(void *, CRYPTO_EX_DATA_FUNCS *, p)) - -#define sk_CRYPTO_EX_DATA_FUNCS_pop(sk) \ - ((CRYPTO_EX_DATA_FUNCS *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk))) - -#define sk_CRYPTO_EX_DATA_FUNCS_dup(sk) \ - ((STACK_OF(CRYPTO_EX_DATA_FUNCS) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk))) - -#define sk_CRYPTO_EX_DATA_FUNCS_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk)) - -#define sk_CRYPTO_EX_DATA_FUNCS_is_sorted(sk) \ - sk_is_sorted( \ - CHECKED_CAST(_STACK *, const STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk)) - -#define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func(sk, comp) \ - ((int (*)(const CRYPTO_EX_DATA_FUNCS **a, const CRYPTO_EX_DATA_FUNCS **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(CRYPTO_EX_DATA_FUNCS) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const CRYPTO_EX_DATA_FUNCS **a, \ - const CRYPTO_EX_DATA_FUNCS **b), \ - comp))) - -#define sk_CRYPTO_EX_DATA_FUNCS_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(CRYPTO_EX_DATA_FUNCS) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(CRYPTO_EX_DATA_FUNCS) *, \ - sk), \ - CHECKED_CAST(void *(*)(void *), \ - CRYPTO_EX_DATA_FUNCS *(*)(CRYPTO_EX_DATA_FUNCS *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(CRYPTO_EX_DATA_FUNCS *), \ - free_func))) - -/* DIST_POINT */ -#define sk_DIST_POINT_new(comp) \ - ((STACK_OF(DIST_POINT) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const DIST_POINT **a, const DIST_POINT **b), \ - comp))) - -#define sk_DIST_POINT_new_null() ((STACK_OF(DIST_POINT) *)sk_new_null()) - -#define sk_DIST_POINT_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(DIST_POINT) *, sk)) - -#define sk_DIST_POINT_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(DIST_POINT) *, sk)); - -#define sk_DIST_POINT_value(sk, i) \ - ((DIST_POINT *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(DIST_POINT) *, sk), (i))) - -#define sk_DIST_POINT_set(sk, i, p) \ - ((DIST_POINT *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(DIST_POINT) *, sk), \ - (i), CHECKED_CAST(void *, DIST_POINT *, p))) - -#define sk_DIST_POINT_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(DIST_POINT) *, sk)) - -#define sk_DIST_POINT_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(DIST_POINT) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(DIST_POINT *), free_func)) - -#define sk_DIST_POINT_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(DIST_POINT) *, sk), \ - CHECKED_CAST(void *, DIST_POINT *, p), (where)) - -#define sk_DIST_POINT_delete(sk, where) \ - ((DIST_POINT *)sk_delete(CHECKED_CAST(_STACK *, STACK_OF(DIST_POINT) *, sk), \ - (where))) - -#define sk_DIST_POINT_delete_ptr(sk, p) \ - ((DIST_POINT *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(DIST_POINT) *, sk), \ - CHECKED_CAST(void *, DIST_POINT *, p))) - -#define sk_DIST_POINT_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(DIST_POINT) *, sk), (out_index), \ - CHECKED_CAST(void *, DIST_POINT *, p)) - -#define sk_DIST_POINT_shift(sk) \ - ((DIST_POINT *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(DIST_POINT) *, sk))) - -#define sk_DIST_POINT_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(DIST_POINT) *, sk), \ - CHECKED_CAST(void *, DIST_POINT *, p)) - -#define sk_DIST_POINT_pop(sk) \ - ((DIST_POINT *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(DIST_POINT) *, sk))) - -#define sk_DIST_POINT_dup(sk) \ - ((STACK_OF(DIST_POINT) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(DIST_POINT) *, sk))) - -#define sk_DIST_POINT_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(DIST_POINT) *, sk)) - -#define sk_DIST_POINT_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(DIST_POINT) *, sk)) - -#define sk_DIST_POINT_set_cmp_func(sk, comp) \ - ((int (*)(const DIST_POINT **a, const DIST_POINT **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(DIST_POINT) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const DIST_POINT **a, const DIST_POINT **b), \ - comp))) - -#define sk_DIST_POINT_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(DIST_POINT) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(DIST_POINT) *, sk), \ - CHECKED_CAST(void *(*)(void *), DIST_POINT *(*)(DIST_POINT *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(DIST_POINT *), free_func))) - -/* GENERAL_NAME */ -#define sk_GENERAL_NAME_new(comp) \ - ((STACK_OF(GENERAL_NAME) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const GENERAL_NAME **a, const GENERAL_NAME **b), \ - comp))) - -#define sk_GENERAL_NAME_new_null() ((STACK_OF(GENERAL_NAME) *)sk_new_null()) - -#define sk_GENERAL_NAME_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAME) *, sk)) - -#define sk_GENERAL_NAME_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAME) *, sk)); - -#define sk_GENERAL_NAME_value(sk, i) \ - ((GENERAL_NAME *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(GENERAL_NAME) *, sk), (i))) - -#define sk_GENERAL_NAME_set(sk, i, p) \ - ((GENERAL_NAME *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAME) *, sk), (i), \ - CHECKED_CAST(void *, GENERAL_NAME *, p))) - -#define sk_GENERAL_NAME_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAME) *, sk)) - -#define sk_GENERAL_NAME_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAME) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(GENERAL_NAME *), free_func)) - -#define sk_GENERAL_NAME_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAME) *, sk), \ - CHECKED_CAST(void *, GENERAL_NAME *, p), (where)) - -#define sk_GENERAL_NAME_delete(sk, where) \ - ((GENERAL_NAME *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAME) *, sk), (where))) - -#define sk_GENERAL_NAME_delete_ptr(sk, p) \ - ((GENERAL_NAME *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAME) *, sk), \ - CHECKED_CAST(void *, GENERAL_NAME *, p))) - -#define sk_GENERAL_NAME_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAME) *, sk), (out_index), \ - CHECKED_CAST(void *, GENERAL_NAME *, p)) - -#define sk_GENERAL_NAME_shift(sk) \ - ((GENERAL_NAME *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAME) *, sk))) - -#define sk_GENERAL_NAME_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAME) *, sk), \ - CHECKED_CAST(void *, GENERAL_NAME *, p)) - -#define sk_GENERAL_NAME_pop(sk) \ - ((GENERAL_NAME *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAME) *, sk))) - -#define sk_GENERAL_NAME_dup(sk) \ - ((STACK_OF(GENERAL_NAME) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(GENERAL_NAME) *, sk))) - -#define sk_GENERAL_NAME_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAME) *, sk)) - -#define sk_GENERAL_NAME_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(GENERAL_NAME) *, sk)) - -#define sk_GENERAL_NAME_set_cmp_func(sk, comp) \ - ((int (*)(const GENERAL_NAME **a, const GENERAL_NAME **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAME) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const GENERAL_NAME **a, const GENERAL_NAME **b), \ - comp))) - -#define sk_GENERAL_NAME_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(GENERAL_NAME) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(GENERAL_NAME) *, sk), \ - CHECKED_CAST(void *(*)(void *), GENERAL_NAME *(*)(GENERAL_NAME *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(GENERAL_NAME *), free_func))) - -/* GENERAL_NAMES */ -#define sk_GENERAL_NAMES_new(comp) \ - ((STACK_OF(GENERAL_NAMES) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const GENERAL_NAMES **a, const GENERAL_NAMES **b), comp))) - -#define sk_GENERAL_NAMES_new_null() ((STACK_OF(GENERAL_NAMES) *)sk_new_null()) - -#define sk_GENERAL_NAMES_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAMES) *, sk)) - -#define sk_GENERAL_NAMES_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAMES) *, sk)); - -#define sk_GENERAL_NAMES_value(sk, i) \ - ((GENERAL_NAMES *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(GENERAL_NAMES) *, sk), (i))) - -#define sk_GENERAL_NAMES_set(sk, i, p) \ - ((GENERAL_NAMES *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAMES) *, sk), (i), \ - CHECKED_CAST(void *, GENERAL_NAMES *, p))) - -#define sk_GENERAL_NAMES_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAMES) *, sk)) - -#define sk_GENERAL_NAMES_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAMES) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(GENERAL_NAMES *), free_func)) - -#define sk_GENERAL_NAMES_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAMES) *, sk), \ - CHECKED_CAST(void *, GENERAL_NAMES *, p), (where)) - -#define sk_GENERAL_NAMES_delete(sk, where) \ - ((GENERAL_NAMES *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAMES) *, sk), (where))) - -#define sk_GENERAL_NAMES_delete_ptr(sk, p) \ - ((GENERAL_NAMES *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAMES) *, sk), \ - CHECKED_CAST(void *, GENERAL_NAMES *, p))) - -#define sk_GENERAL_NAMES_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAMES) *, sk), (out_index), \ - CHECKED_CAST(void *, GENERAL_NAMES *, p)) - -#define sk_GENERAL_NAMES_shift(sk) \ - ((GENERAL_NAMES *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAMES) *, sk))) - -#define sk_GENERAL_NAMES_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAMES) *, sk), \ - CHECKED_CAST(void *, GENERAL_NAMES *, p)) - -#define sk_GENERAL_NAMES_pop(sk) \ - ((GENERAL_NAMES *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAMES) *, sk))) - -#define sk_GENERAL_NAMES_dup(sk) \ - ((STACK_OF(GENERAL_NAMES) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(GENERAL_NAMES) *, sk))) - -#define sk_GENERAL_NAMES_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAMES) *, sk)) - -#define sk_GENERAL_NAMES_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(GENERAL_NAMES) *, sk)) - -#define sk_GENERAL_NAMES_set_cmp_func(sk, comp) \ - ((int (*)(const GENERAL_NAMES **a, const GENERAL_NAMES **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_NAMES) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const GENERAL_NAMES **a, const GENERAL_NAMES **b), \ - comp))) - -#define sk_GENERAL_NAMES_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(GENERAL_NAMES) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(GENERAL_NAMES) *, sk), \ - CHECKED_CAST(void *(*)(void *), GENERAL_NAMES *(*)(GENERAL_NAMES *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(GENERAL_NAMES *), free_func))) - -/* GENERAL_SUBTREE */ -#define sk_GENERAL_SUBTREE_new(comp) \ - ((STACK_OF(GENERAL_SUBTREE) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const GENERAL_SUBTREE **a, const GENERAL_SUBTREE **b), comp))) - -#define sk_GENERAL_SUBTREE_new_null() \ - ((STACK_OF(GENERAL_SUBTREE) *)sk_new_null()) - -#define sk_GENERAL_SUBTREE_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_SUBTREE) *, sk)) - -#define sk_GENERAL_SUBTREE_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_SUBTREE) *, sk)); - -#define sk_GENERAL_SUBTREE_value(sk, i) \ - ((GENERAL_SUBTREE *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(GENERAL_SUBTREE) *, sk), (i))) - -#define sk_GENERAL_SUBTREE_set(sk, i, p) \ - ((GENERAL_SUBTREE *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_SUBTREE) *, sk), (i), \ - CHECKED_CAST(void *, GENERAL_SUBTREE *, p))) - -#define sk_GENERAL_SUBTREE_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_SUBTREE) *, sk)) - -#define sk_GENERAL_SUBTREE_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_SUBTREE) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(GENERAL_SUBTREE *), free_func)) - -#define sk_GENERAL_SUBTREE_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_SUBTREE) *, sk), \ - CHECKED_CAST(void *, GENERAL_SUBTREE *, p), (where)) - -#define sk_GENERAL_SUBTREE_delete(sk, where) \ - ((GENERAL_SUBTREE *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_SUBTREE) *, sk), (where))) - -#define sk_GENERAL_SUBTREE_delete_ptr(sk, p) \ - ((GENERAL_SUBTREE *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_SUBTREE) *, sk), \ - CHECKED_CAST(void *, GENERAL_SUBTREE *, p))) - -#define sk_GENERAL_SUBTREE_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_SUBTREE) *, sk), \ - (out_index), CHECKED_CAST(void *, GENERAL_SUBTREE *, p)) - -#define sk_GENERAL_SUBTREE_shift(sk) \ - ((GENERAL_SUBTREE *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_SUBTREE) *, sk))) - -#define sk_GENERAL_SUBTREE_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_SUBTREE) *, sk), \ - CHECKED_CAST(void *, GENERAL_SUBTREE *, p)) - -#define sk_GENERAL_SUBTREE_pop(sk) \ - ((GENERAL_SUBTREE *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_SUBTREE) *, sk))) - -#define sk_GENERAL_SUBTREE_dup(sk) \ - ((STACK_OF(GENERAL_SUBTREE) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(GENERAL_SUBTREE) *, sk))) - -#define sk_GENERAL_SUBTREE_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(GENERAL_SUBTREE) *, sk)) - -#define sk_GENERAL_SUBTREE_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(GENERAL_SUBTREE) *, sk)) - -#define sk_GENERAL_SUBTREE_set_cmp_func(sk, comp) \ - ((int (*)(const GENERAL_SUBTREE **a, const GENERAL_SUBTREE **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(GENERAL_SUBTREE) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const GENERAL_SUBTREE **a, \ - const GENERAL_SUBTREE **b), \ - comp))) - -#define sk_GENERAL_SUBTREE_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(GENERAL_SUBTREE) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(GENERAL_SUBTREE) *, sk), \ - CHECKED_CAST(void *(*)(void *), GENERAL_SUBTREE *(*)(GENERAL_SUBTREE *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(GENERAL_SUBTREE *), free_func))) - -/* MIME_HEADER */ -#define sk_MIME_HEADER_new(comp) \ - ((STACK_OF(MIME_HEADER) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const MIME_HEADER **a, const MIME_HEADER **b), \ - comp))) - -#define sk_MIME_HEADER_new_null() ((STACK_OF(MIME_HEADER) *)sk_new_null()) - -#define sk_MIME_HEADER_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(MIME_HEADER) *, sk)) - -#define sk_MIME_HEADER_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(MIME_HEADER) *, sk)); - -#define sk_MIME_HEADER_value(sk, i) \ - ((MIME_HEADER *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(MIME_HEADER) *, sk), (i))) - -#define sk_MIME_HEADER_set(sk, i, p) \ - ((MIME_HEADER *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(MIME_HEADER) *, sk), \ - (i), CHECKED_CAST(void *, MIME_HEADER *, p))) - -#define sk_MIME_HEADER_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(MIME_HEADER) *, sk)) - -#define sk_MIME_HEADER_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(MIME_HEADER) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(MIME_HEADER *), free_func)) - -#define sk_MIME_HEADER_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(MIME_HEADER) *, sk), \ - CHECKED_CAST(void *, MIME_HEADER *, p), (where)) - -#define sk_MIME_HEADER_delete(sk, where) \ - ((MIME_HEADER *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(MIME_HEADER) *, sk), (where))) - -#define sk_MIME_HEADER_delete_ptr(sk, p) \ - ((MIME_HEADER *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(MIME_HEADER) *, sk), \ - CHECKED_CAST(void *, MIME_HEADER *, p))) - -#define sk_MIME_HEADER_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(MIME_HEADER) *, sk), (out_index), \ - CHECKED_CAST(void *, MIME_HEADER *, p)) - -#define sk_MIME_HEADER_shift(sk) \ - ((MIME_HEADER *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(MIME_HEADER) *, sk))) - -#define sk_MIME_HEADER_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(MIME_HEADER) *, sk), \ - CHECKED_CAST(void *, MIME_HEADER *, p)) - -#define sk_MIME_HEADER_pop(sk) \ - ((MIME_HEADER *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(MIME_HEADER) *, sk))) - -#define sk_MIME_HEADER_dup(sk) \ - ((STACK_OF(MIME_HEADER) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(MIME_HEADER) *, sk))) - -#define sk_MIME_HEADER_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(MIME_HEADER) *, sk)) - -#define sk_MIME_HEADER_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(MIME_HEADER) *, sk)) - -#define sk_MIME_HEADER_set_cmp_func(sk, comp) \ - ((int (*)(const MIME_HEADER **a, const MIME_HEADER **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(MIME_HEADER) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const MIME_HEADER **a, const MIME_HEADER **b), \ - comp))) - -#define sk_MIME_HEADER_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(MIME_HEADER) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(MIME_HEADER) *, sk), \ - CHECKED_CAST(void *(*)(void *), MIME_HEADER *(*)(MIME_HEADER *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(MIME_HEADER *), free_func))) - -/* PKCS7_SIGNER_INFO */ -#define sk_PKCS7_SIGNER_INFO_new(comp) \ - ((STACK_OF(PKCS7_SIGNER_INFO) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const PKCS7_SIGNER_INFO **a, const PKCS7_SIGNER_INFO **b), \ - comp))) - -#define sk_PKCS7_SIGNER_INFO_new_null() \ - ((STACK_OF(PKCS7_SIGNER_INFO) *)sk_new_null()) - -#define sk_PKCS7_SIGNER_INFO_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_SIGNER_INFO) *, sk)) - -#define sk_PKCS7_SIGNER_INFO_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_SIGNER_INFO) *, sk)); - -#define sk_PKCS7_SIGNER_INFO_value(sk, i) \ - ((PKCS7_SIGNER_INFO *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_SIGNER_INFO) *, sk), (i))) - -#define sk_PKCS7_SIGNER_INFO_set(sk, i, p) \ - ((PKCS7_SIGNER_INFO *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_SIGNER_INFO) *, sk), (i), \ - CHECKED_CAST(void *, PKCS7_SIGNER_INFO *, p))) - -#define sk_PKCS7_SIGNER_INFO_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_SIGNER_INFO) *, sk)) - -#define sk_PKCS7_SIGNER_INFO_pop_free(sk, free_func) \ - sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_SIGNER_INFO) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(PKCS7_SIGNER_INFO *), \ - free_func)) - -#define sk_PKCS7_SIGNER_INFO_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_SIGNER_INFO) *, sk), \ - CHECKED_CAST(void *, PKCS7_SIGNER_INFO *, p), (where)) - -#define sk_PKCS7_SIGNER_INFO_delete(sk, where) \ - ((PKCS7_SIGNER_INFO *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_SIGNER_INFO) *, sk), (where))) - -#define sk_PKCS7_SIGNER_INFO_delete_ptr(sk, p) \ - ((PKCS7_SIGNER_INFO *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_SIGNER_INFO) *, sk), \ - CHECKED_CAST(void *, PKCS7_SIGNER_INFO *, p))) - -#define sk_PKCS7_SIGNER_INFO_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_SIGNER_INFO) *, sk), \ - (out_index), CHECKED_CAST(void *, PKCS7_SIGNER_INFO *, p)) - -#define sk_PKCS7_SIGNER_INFO_shift(sk) \ - ((PKCS7_SIGNER_INFO *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_SIGNER_INFO) *, sk))) - -#define sk_PKCS7_SIGNER_INFO_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_SIGNER_INFO) *, sk), \ - CHECKED_CAST(void *, PKCS7_SIGNER_INFO *, p)) - -#define sk_PKCS7_SIGNER_INFO_pop(sk) \ - ((PKCS7_SIGNER_INFO *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_SIGNER_INFO) *, sk))) - -#define sk_PKCS7_SIGNER_INFO_dup(sk) \ - ((STACK_OF(PKCS7_SIGNER_INFO) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_SIGNER_INFO) *, sk))) - -#define sk_PKCS7_SIGNER_INFO_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_SIGNER_INFO) *, sk)) - -#define sk_PKCS7_SIGNER_INFO_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_SIGNER_INFO) *, sk)) - -#define sk_PKCS7_SIGNER_INFO_set_cmp_func(sk, comp) \ - ((int (*)(const PKCS7_SIGNER_INFO **a, const PKCS7_SIGNER_INFO **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_SIGNER_INFO) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const PKCS7_SIGNER_INFO **a, \ - const PKCS7_SIGNER_INFO **b), \ - comp))) - -#define sk_PKCS7_SIGNER_INFO_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(PKCS7_SIGNER_INFO) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(PKCS7_SIGNER_INFO) *, sk), \ - CHECKED_CAST(void *(*)(void *), \ - PKCS7_SIGNER_INFO *(*)(PKCS7_SIGNER_INFO *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(PKCS7_SIGNER_INFO *), \ - free_func))) - -/* PKCS7_RECIP_INFO */ -#define sk_PKCS7_RECIP_INFO_new(comp) \ - ((STACK_OF(PKCS7_RECIP_INFO) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const PKCS7_RECIP_INFO **a, const PKCS7_RECIP_INFO **b), comp))) - -#define sk_PKCS7_RECIP_INFO_new_null() \ - ((STACK_OF(PKCS7_RECIP_INFO) *)sk_new_null()) - -#define sk_PKCS7_RECIP_INFO_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk)) - -#define sk_PKCS7_RECIP_INFO_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk)); - -#define sk_PKCS7_RECIP_INFO_value(sk, i) \ - ((PKCS7_RECIP_INFO *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk), (i))) - -#define sk_PKCS7_RECIP_INFO_set(sk, i, p) \ - ((PKCS7_RECIP_INFO *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), (i), \ - CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p))) - -#define sk_PKCS7_RECIP_INFO_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk)) - -#define sk_PKCS7_RECIP_INFO_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(PKCS7_RECIP_INFO *), free_func)) - -#define sk_PKCS7_RECIP_INFO_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ - CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p), (where)) - -#define sk_PKCS7_RECIP_INFO_delete(sk, where) \ - ((PKCS7_RECIP_INFO *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), (where))) - -#define sk_PKCS7_RECIP_INFO_delete_ptr(sk, p) \ - ((PKCS7_RECIP_INFO *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ - CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p))) - -#define sk_PKCS7_RECIP_INFO_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ - (out_index), CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p)) - -#define sk_PKCS7_RECIP_INFO_shift(sk) \ - ((PKCS7_RECIP_INFO *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk))) - -#define sk_PKCS7_RECIP_INFO_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ - CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p)) - -#define sk_PKCS7_RECIP_INFO_pop(sk) \ - ((PKCS7_RECIP_INFO *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk))) - -#define sk_PKCS7_RECIP_INFO_dup(sk) \ - ((STACK_OF(PKCS7_RECIP_INFO) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk))) - -#define sk_PKCS7_RECIP_INFO_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk)) - -#define sk_PKCS7_RECIP_INFO_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk)) - -#define sk_PKCS7_RECIP_INFO_set_cmp_func(sk, comp) \ - ((int (*)(const PKCS7_RECIP_INFO **a, const PKCS7_RECIP_INFO **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const PKCS7_RECIP_INFO **a, \ - const PKCS7_RECIP_INFO **b), \ - comp))) - -#define sk_PKCS7_RECIP_INFO_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(PKCS7_RECIP_INFO) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk), \ - CHECKED_CAST(void *(*)(void *), \ - PKCS7_RECIP_INFO *(*)(PKCS7_RECIP_INFO *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(PKCS7_RECIP_INFO *), \ - free_func))) - -/* POLICYINFO */ -#define sk_POLICYINFO_new(comp) \ - ((STACK_OF(POLICYINFO) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const POLICYINFO **a, const POLICYINFO **b), \ - comp))) - -#define sk_POLICYINFO_new_null() ((STACK_OF(POLICYINFO) *)sk_new_null()) - -#define sk_POLICYINFO_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(POLICYINFO) *, sk)) - -#define sk_POLICYINFO_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(POLICYINFO) *, sk)); - -#define sk_POLICYINFO_value(sk, i) \ - ((POLICYINFO *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(POLICYINFO) *, sk), (i))) - -#define sk_POLICYINFO_set(sk, i, p) \ - ((POLICYINFO *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(POLICYINFO) *, sk), \ - (i), CHECKED_CAST(void *, POLICYINFO *, p))) - -#define sk_POLICYINFO_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(POLICYINFO) *, sk)) - -#define sk_POLICYINFO_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICYINFO) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(POLICYINFO *), free_func)) - -#define sk_POLICYINFO_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(POLICYINFO) *, sk), \ - CHECKED_CAST(void *, POLICYINFO *, p), (where)) - -#define sk_POLICYINFO_delete(sk, where) \ - ((POLICYINFO *)sk_delete(CHECKED_CAST(_STACK *, STACK_OF(POLICYINFO) *, sk), \ - (where))) - -#define sk_POLICYINFO_delete_ptr(sk, p) \ - ((POLICYINFO *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICYINFO) *, sk), \ - CHECKED_CAST(void *, POLICYINFO *, p))) - -#define sk_POLICYINFO_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(POLICYINFO) *, sk), (out_index), \ - CHECKED_CAST(void *, POLICYINFO *, p)) - -#define sk_POLICYINFO_shift(sk) \ - ((POLICYINFO *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(POLICYINFO) *, sk))) - -#define sk_POLICYINFO_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(POLICYINFO) *, sk), \ - CHECKED_CAST(void *, POLICYINFO *, p)) - -#define sk_POLICYINFO_pop(sk) \ - ((POLICYINFO *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(POLICYINFO) *, sk))) - -#define sk_POLICYINFO_dup(sk) \ - ((STACK_OF(POLICYINFO) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(POLICYINFO) *, sk))) - -#define sk_POLICYINFO_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(POLICYINFO) *, sk)) - -#define sk_POLICYINFO_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(POLICYINFO) *, sk)) - -#define sk_POLICYINFO_set_cmp_func(sk, comp) \ - ((int (*)(const POLICYINFO **a, const POLICYINFO **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICYINFO) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const POLICYINFO **a, const POLICYINFO **b), \ - comp))) - -#define sk_POLICYINFO_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(POLICYINFO) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(POLICYINFO) *, sk), \ - CHECKED_CAST(void *(*)(void *), POLICYINFO *(*)(POLICYINFO *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(POLICYINFO *), free_func))) - -/* POLICYQUALINFO */ -#define sk_POLICYQUALINFO_new(comp) \ - ((STACK_OF(POLICYQUALINFO) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const POLICYQUALINFO **a, const POLICYQUALINFO **b), comp))) - -#define sk_POLICYQUALINFO_new_null() ((STACK_OF(POLICYQUALINFO) *)sk_new_null()) - -#define sk_POLICYQUALINFO_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(POLICYQUALINFO) *, sk)) - -#define sk_POLICYQUALINFO_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(POLICYQUALINFO) *, sk)); - -#define sk_POLICYQUALINFO_value(sk, i) \ - ((POLICYQUALINFO *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(POLICYQUALINFO) *, sk), (i))) - -#define sk_POLICYQUALINFO_set(sk, i, p) \ - ((POLICYQUALINFO *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICYQUALINFO) *, sk), (i), \ - CHECKED_CAST(void *, POLICYQUALINFO *, p))) - -#define sk_POLICYQUALINFO_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(POLICYQUALINFO) *, sk)) - -#define sk_POLICYQUALINFO_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICYQUALINFO) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(POLICYQUALINFO *), free_func)) - -#define sk_POLICYQUALINFO_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(POLICYQUALINFO) *, sk), \ - CHECKED_CAST(void *, POLICYQUALINFO *, p), (where)) - -#define sk_POLICYQUALINFO_delete(sk, where) \ - ((POLICYQUALINFO *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICYQUALINFO) *, sk), (where))) - -#define sk_POLICYQUALINFO_delete_ptr(sk, p) \ - ((POLICYQUALINFO *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICYQUALINFO) *, sk), \ - CHECKED_CAST(void *, POLICYQUALINFO *, p))) - -#define sk_POLICYQUALINFO_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(POLICYQUALINFO) *, sk), (out_index), \ - CHECKED_CAST(void *, POLICYQUALINFO *, p)) - -#define sk_POLICYQUALINFO_shift(sk) \ - ((POLICYQUALINFO *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICYQUALINFO) *, sk))) - -#define sk_POLICYQUALINFO_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(POLICYQUALINFO) *, sk), \ - CHECKED_CAST(void *, POLICYQUALINFO *, p)) - -#define sk_POLICYQUALINFO_pop(sk) \ - ((POLICYQUALINFO *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICYQUALINFO) *, sk))) - -#define sk_POLICYQUALINFO_dup(sk) \ - ((STACK_OF(POLICYQUALINFO) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(POLICYQUALINFO) *, sk))) - -#define sk_POLICYQUALINFO_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(POLICYQUALINFO) *, sk)) - -#define sk_POLICYQUALINFO_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(POLICYQUALINFO) *, sk)) - -#define sk_POLICYQUALINFO_set_cmp_func(sk, comp) \ - ((int (*)(const POLICYQUALINFO **a, const POLICYQUALINFO **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICYQUALINFO) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const POLICYQUALINFO **a, \ - const POLICYQUALINFO **b), \ - comp))) - -#define sk_POLICYQUALINFO_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(POLICYQUALINFO) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(POLICYQUALINFO) *, sk), \ - CHECKED_CAST(void *(*)(void *), POLICYQUALINFO *(*)(POLICYQUALINFO *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(POLICYQUALINFO *), free_func))) - -/* POLICY_MAPPING */ -#define sk_POLICY_MAPPING_new(comp) \ - ((STACK_OF(POLICY_MAPPING) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const POLICY_MAPPING **a, const POLICY_MAPPING **b), comp))) - -#define sk_POLICY_MAPPING_new_null() ((STACK_OF(POLICY_MAPPING) *)sk_new_null()) - -#define sk_POLICY_MAPPING_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(POLICY_MAPPING) *, sk)) - -#define sk_POLICY_MAPPING_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(POLICY_MAPPING) *, sk)); - -#define sk_POLICY_MAPPING_value(sk, i) \ - ((POLICY_MAPPING *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(POLICY_MAPPING) *, sk), (i))) - -#define sk_POLICY_MAPPING_set(sk, i, p) \ - ((POLICY_MAPPING *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICY_MAPPING) *, sk), (i), \ - CHECKED_CAST(void *, POLICY_MAPPING *, p))) - -#define sk_POLICY_MAPPING_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(POLICY_MAPPING) *, sk)) - -#define sk_POLICY_MAPPING_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICY_MAPPING) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(POLICY_MAPPING *), free_func)) - -#define sk_POLICY_MAPPING_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(POLICY_MAPPING) *, sk), \ - CHECKED_CAST(void *, POLICY_MAPPING *, p), (where)) - -#define sk_POLICY_MAPPING_delete(sk, where) \ - ((POLICY_MAPPING *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICY_MAPPING) *, sk), (where))) - -#define sk_POLICY_MAPPING_delete_ptr(sk, p) \ - ((POLICY_MAPPING *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICY_MAPPING) *, sk), \ - CHECKED_CAST(void *, POLICY_MAPPING *, p))) - -#define sk_POLICY_MAPPING_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(POLICY_MAPPING) *, sk), (out_index), \ - CHECKED_CAST(void *, POLICY_MAPPING *, p)) - -#define sk_POLICY_MAPPING_shift(sk) \ - ((POLICY_MAPPING *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICY_MAPPING) *, sk))) - -#define sk_POLICY_MAPPING_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(POLICY_MAPPING) *, sk), \ - CHECKED_CAST(void *, POLICY_MAPPING *, p)) - -#define sk_POLICY_MAPPING_pop(sk) \ - ((POLICY_MAPPING *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICY_MAPPING) *, sk))) - -#define sk_POLICY_MAPPING_dup(sk) \ - ((STACK_OF(POLICY_MAPPING) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(POLICY_MAPPING) *, sk))) - -#define sk_POLICY_MAPPING_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(POLICY_MAPPING) *, sk)) - -#define sk_POLICY_MAPPING_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(POLICY_MAPPING) *, sk)) - -#define sk_POLICY_MAPPING_set_cmp_func(sk, comp) \ - ((int (*)(const POLICY_MAPPING **a, const POLICY_MAPPING **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(POLICY_MAPPING) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const POLICY_MAPPING **a, \ - const POLICY_MAPPING **b), \ - comp))) - -#define sk_POLICY_MAPPING_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(POLICY_MAPPING) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(POLICY_MAPPING) *, sk), \ - CHECKED_CAST(void *(*)(void *), POLICY_MAPPING *(*)(POLICY_MAPPING *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(POLICY_MAPPING *), free_func))) - -/* SSL_COMP */ -#define sk_SSL_COMP_new(comp) \ - ((STACK_OF(SSL_COMP) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const SSL_COMP **a, const SSL_COMP **b), comp))) - -#define sk_SSL_COMP_new_null() ((STACK_OF(SSL_COMP) *)sk_new_null()) - -#define sk_SSL_COMP_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(SSL_COMP) *, sk)) - -#define sk_SSL_COMP_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(SSL_COMP) *, sk)); - -#define sk_SSL_COMP_value(sk, i) \ - ((SSL_COMP *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(SSL_COMP) *, sk), (i))) - -#define sk_SSL_COMP_set(sk, i, p) \ - ((SSL_COMP *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(SSL_COMP) *, sk), (i), \ - CHECKED_CAST(void *, SSL_COMP *, p))) - -#define sk_SSL_COMP_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(SSL_COMP) *, sk)) - -#define sk_SSL_COMP_pop_free(sk, free_func) \ - sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(SSL_COMP) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(SSL_COMP *), free_func)) - -#define sk_SSL_COMP_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(SSL_COMP) *, sk), \ - CHECKED_CAST(void *, SSL_COMP *, p), (where)) - -#define sk_SSL_COMP_delete(sk, where) \ - ((SSL_COMP *)sk_delete(CHECKED_CAST(_STACK *, STACK_OF(SSL_COMP) *, sk), \ - (where))) - -#define sk_SSL_COMP_delete_ptr(sk, p) \ - ((SSL_COMP *)sk_delete_ptr(CHECKED_CAST(_STACK *, STACK_OF(SSL_COMP) *, sk), \ - CHECKED_CAST(void *, SSL_COMP *, p))) - -#define sk_SSL_COMP_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(SSL_COMP) *, sk), (out_index), \ - CHECKED_CAST(void *, SSL_COMP *, p)) - -#define sk_SSL_COMP_shift(sk) \ - ((SSL_COMP *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(SSL_COMP) *, sk))) - -#define sk_SSL_COMP_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(SSL_COMP) *, sk), \ - CHECKED_CAST(void *, SSL_COMP *, p)) - -#define sk_SSL_COMP_pop(sk) \ - ((SSL_COMP *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(SSL_COMP) *, sk))) - -#define sk_SSL_COMP_dup(sk) \ - ((STACK_OF(SSL_COMP) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(SSL_COMP) *, sk))) - -#define sk_SSL_COMP_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(SSL_COMP) *, sk)) - -#define sk_SSL_COMP_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(SSL_COMP) *, sk)) - -#define sk_SSL_COMP_set_cmp_func(sk, comp) \ - ((int (*)(const SSL_COMP **a, const SSL_COMP **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(SSL_COMP) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const SSL_COMP **a, const SSL_COMP **b), comp))) - -#define sk_SSL_COMP_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(SSL_COMP) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(SSL_COMP) *, sk), \ - CHECKED_CAST(void *(*)(void *), SSL_COMP *(*)(SSL_COMP *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(SSL_COMP *), free_func))) - -/* STACK_OF_X509_NAME_ENTRY */ -#define sk_STACK_OF_X509_NAME_ENTRY_new(comp) \ - ((STACK_OF(STACK_OF_X509_NAME_ENTRY) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const STACK_OF_X509_NAME_ENTRY **a, \ - const STACK_OF_X509_NAME_ENTRY **b), \ - comp))) - -#define sk_STACK_OF_X509_NAME_ENTRY_new_null() \ - ((STACK_OF(STACK_OF_X509_NAME_ENTRY) *)sk_new_null()) - -#define sk_STACK_OF_X509_NAME_ENTRY_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk)) - -#define sk_STACK_OF_X509_NAME_ENTRY_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk)); - -#define sk_STACK_OF_X509_NAME_ENTRY_value(sk, i) \ - ((STACK_OF_X509_NAME_ENTRY *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk), \ - (i))) - -#define sk_STACK_OF_X509_NAME_ENTRY_set(sk, i, p) \ - ((STACK_OF_X509_NAME_ENTRY *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk), (i), \ - CHECKED_CAST(void *, STACK_OF_X509_NAME_ENTRY *, p))) - -#define sk_STACK_OF_X509_NAME_ENTRY_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk)) - -#define sk_STACK_OF_X509_NAME_ENTRY_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(STACK_OF_X509_NAME_ENTRY *), \ - free_func)) - -#define sk_STACK_OF_X509_NAME_ENTRY_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk), \ - CHECKED_CAST(void *, STACK_OF_X509_NAME_ENTRY *, p), (where)) - -#define sk_STACK_OF_X509_NAME_ENTRY_delete(sk, where) \ - ((STACK_OF_X509_NAME_ENTRY *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk), \ - (where))) - -#define sk_STACK_OF_X509_NAME_ENTRY_delete_ptr(sk, p) \ - ((STACK_OF_X509_NAME_ENTRY *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk), \ - CHECKED_CAST(void *, STACK_OF_X509_NAME_ENTRY *, p))) - -#define sk_STACK_OF_X509_NAME_ENTRY_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk), \ - (out_index), CHECKED_CAST(void *, STACK_OF_X509_NAME_ENTRY *, p)) - -#define sk_STACK_OF_X509_NAME_ENTRY_shift(sk) \ - ((STACK_OF_X509_NAME_ENTRY *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk))) - -#define sk_STACK_OF_X509_NAME_ENTRY_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk), \ - CHECKED_CAST(void *, STACK_OF_X509_NAME_ENTRY *, p)) - -#define sk_STACK_OF_X509_NAME_ENTRY_pop(sk) \ - ((STACK_OF_X509_NAME_ENTRY *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk))) - -#define sk_STACK_OF_X509_NAME_ENTRY_dup(sk) \ - ((STACK_OF(STACK_OF_X509_NAME_ENTRY) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk))) - -#define sk_STACK_OF_X509_NAME_ENTRY_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk)) - -#define sk_STACK_OF_X509_NAME_ENTRY_is_sorted(sk) \ - sk_is_sorted( \ - CHECKED_CAST(_STACK *, const STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk)) - -#define sk_STACK_OF_X509_NAME_ENTRY_set_cmp_func(sk, comp) \ - ((int (*)(const STACK_OF_X509_NAME_ENTRY **a, \ - const STACK_OF_X509_NAME_ENTRY **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(STACK_OF_X509_NAME_ENTRY) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const STACK_OF_X509_NAME_ENTRY **a, \ - const STACK_OF_X509_NAME_ENTRY **b), \ - comp))) - -#define sk_STACK_OF_X509_NAME_ENTRY_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(STACK_OF_X509_NAME_ENTRY) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(STACK_OF_X509_NAME_ENTRY) *, \ - sk), \ - CHECKED_CAST(void *(*)(void *), \ - STACK_OF_X509_NAME_ENTRY *(*)(STACK_OF_X509_NAME_ENTRY *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(STACK_OF_X509_NAME_ENTRY *), \ - free_func))) - -/* SXNETID */ -#define sk_SXNETID_new(comp) \ - ((STACK_OF(SXNETID) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const SXNETID **a, const SXNETID **b), comp))) - -#define sk_SXNETID_new_null() ((STACK_OF(SXNETID) *)sk_new_null()) - -#define sk_SXNETID_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(SXNETID) *, sk)) - -#define sk_SXNETID_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(SXNETID) *, sk)); - -#define sk_SXNETID_value(sk, i) \ - ((SXNETID *)sk_value(CHECKED_CAST(_STACK *, const STACK_OF(SXNETID) *, sk), \ - (i))) - -#define sk_SXNETID_set(sk, i, p) \ - ((SXNETID *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(SXNETID) *, sk), (i), \ - CHECKED_CAST(void *, SXNETID *, p))) - -#define sk_SXNETID_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(SXNETID) *, sk)) - -#define sk_SXNETID_pop_free(sk, free_func) \ - sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(SXNETID) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(SXNETID *), free_func)) - -#define sk_SXNETID_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(SXNETID) *, sk), \ - CHECKED_CAST(void *, SXNETID *, p), (where)) - -#define sk_SXNETID_delete(sk, where) \ - ((SXNETID *)sk_delete(CHECKED_CAST(_STACK *, STACK_OF(SXNETID) *, sk), \ - (where))) - -#define sk_SXNETID_delete_ptr(sk, p) \ - ((SXNETID *)sk_delete_ptr(CHECKED_CAST(_STACK *, STACK_OF(SXNETID) *, sk), \ - CHECKED_CAST(void *, SXNETID *, p))) - -#define sk_SXNETID_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(SXNETID) *, sk), (out_index), \ - CHECKED_CAST(void *, SXNETID *, p)) - -#define sk_SXNETID_shift(sk) \ - ((SXNETID *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(SXNETID) *, sk))) - -#define sk_SXNETID_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(SXNETID) *, sk), \ - CHECKED_CAST(void *, SXNETID *, p)) - -#define sk_SXNETID_pop(sk) \ - ((SXNETID *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(SXNETID) *, sk))) - -#define sk_SXNETID_dup(sk) \ - ((STACK_OF(SXNETID) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(SXNETID) *, sk))) - -#define sk_SXNETID_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(SXNETID) *, sk)) - -#define sk_SXNETID_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(SXNETID) *, sk)) - -#define sk_SXNETID_set_cmp_func(sk, comp) \ - ((int (*)(const SXNETID **a, const SXNETID **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(SXNETID) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const SXNETID **a, const SXNETID **b), comp))) - -#define sk_SXNETID_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(SXNETID) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(SXNETID) *, sk), \ - CHECKED_CAST(void *(*)(void *), SXNETID *(*)(SXNETID *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(SXNETID *), free_func))) - -/* X509 */ -#define sk_X509_new(comp) \ - ((STACK_OF(X509) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const X509 **a, const X509 **b), comp))) - -#define sk_X509_new_null() ((STACK_OF(X509) *)sk_new_null()) - -#define sk_X509_num(sk) sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509) *, sk)) - -#define sk_X509_zero(sk) sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509) *, sk)); - -#define sk_X509_value(sk, i) \ - ((X509 *)sk_value(CHECKED_CAST(_STACK *, const STACK_OF(X509) *, sk), (i))) - -#define sk_X509_set(sk, i, p) \ - ((X509 *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(X509) *, sk), (i), \ - CHECKED_CAST(void *, X509 *, p))) - -#define sk_X509_free(sk) sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509) *, sk)) - -#define sk_X509_pop_free(sk, free_func) \ - sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(X509) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509 *), free_func)) - -#define sk_X509_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509) *, sk), \ - CHECKED_CAST(void *, X509 *, p), (where)) - -#define sk_X509_delete(sk, where) \ - ((X509 *)sk_delete(CHECKED_CAST(_STACK *, STACK_OF(X509) *, sk), (where))) - -#define sk_X509_delete_ptr(sk, p) \ - ((X509 *)sk_delete_ptr(CHECKED_CAST(_STACK *, STACK_OF(X509) *, sk), \ - CHECKED_CAST(void *, X509 *, p))) - -#define sk_X509_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509) *, sk), (out_index), \ - CHECKED_CAST(void *, X509 *, p)) - -#define sk_X509_shift(sk) \ - ((X509 *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(X509) *, sk))) - -#define sk_X509_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509) *, sk), \ - CHECKED_CAST(void *, X509 *, p)) - -#define sk_X509_pop(sk) \ - ((X509 *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(X509) *, sk))) - -#define sk_X509_dup(sk) \ - ((STACK_OF(X509) *)sk_dup(CHECKED_CAST(_STACK *, const STACK_OF(X509) *, sk))) - -#define sk_X509_sort(sk) sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509) *, sk)) - -#define sk_X509_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509) *, sk)) - -#define sk_X509_set_cmp_func(sk, comp) \ - ((int (*)(const X509 **a, const X509 **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const X509 **a, const X509 **b), \ - comp))) - -#define sk_X509_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509) *, sk), \ - CHECKED_CAST(void *(*)(void *), X509 *(*)(X509 *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509 *), free_func))) - -/* X509V3_EXT_METHOD */ -#define sk_X509V3_EXT_METHOD_new(comp) \ - ((STACK_OF(X509V3_EXT_METHOD) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const X509V3_EXT_METHOD **a, const X509V3_EXT_METHOD **b), \ - comp))) - -#define sk_X509V3_EXT_METHOD_new_null() \ - ((STACK_OF(X509V3_EXT_METHOD) *)sk_new_null()) - -#define sk_X509V3_EXT_METHOD_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509V3_EXT_METHOD) *, sk)) - -#define sk_X509V3_EXT_METHOD_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509V3_EXT_METHOD) *, sk)); - -#define sk_X509V3_EXT_METHOD_value(sk, i) \ - ((X509V3_EXT_METHOD *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509V3_EXT_METHOD) *, sk), (i))) - -#define sk_X509V3_EXT_METHOD_set(sk, i, p) \ - ((X509V3_EXT_METHOD *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(X509V3_EXT_METHOD) *, sk), (i), \ - CHECKED_CAST(void *, X509V3_EXT_METHOD *, p))) - -#define sk_X509V3_EXT_METHOD_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509V3_EXT_METHOD) *, sk)) - -#define sk_X509V3_EXT_METHOD_pop_free(sk, free_func) \ - sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(X509V3_EXT_METHOD) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509V3_EXT_METHOD *), \ - free_func)) - -#define sk_X509V3_EXT_METHOD_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509V3_EXT_METHOD) *, sk), \ - CHECKED_CAST(void *, X509V3_EXT_METHOD *, p), (where)) - -#define sk_X509V3_EXT_METHOD_delete(sk, where) \ - ((X509V3_EXT_METHOD *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(X509V3_EXT_METHOD) *, sk), (where))) - -#define sk_X509V3_EXT_METHOD_delete_ptr(sk, p) \ - ((X509V3_EXT_METHOD *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(X509V3_EXT_METHOD) *, sk), \ - CHECKED_CAST(void *, X509V3_EXT_METHOD *, p))) - -#define sk_X509V3_EXT_METHOD_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509V3_EXT_METHOD) *, sk), \ - (out_index), CHECKED_CAST(void *, X509V3_EXT_METHOD *, p)) - -#define sk_X509V3_EXT_METHOD_shift(sk) \ - ((X509V3_EXT_METHOD *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(X509V3_EXT_METHOD) *, sk))) - -#define sk_X509V3_EXT_METHOD_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509V3_EXT_METHOD) *, sk), \ - CHECKED_CAST(void *, X509V3_EXT_METHOD *, p)) - -#define sk_X509V3_EXT_METHOD_pop(sk) \ - ((X509V3_EXT_METHOD *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(X509V3_EXT_METHOD) *, sk))) - -#define sk_X509V3_EXT_METHOD_dup(sk) \ - ((STACK_OF(X509V3_EXT_METHOD) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509V3_EXT_METHOD) *, sk))) - -#define sk_X509V3_EXT_METHOD_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509V3_EXT_METHOD) *, sk)) - -#define sk_X509V3_EXT_METHOD_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509V3_EXT_METHOD) *, sk)) - -#define sk_X509V3_EXT_METHOD_set_cmp_func(sk, comp) \ - ((int (*)(const X509V3_EXT_METHOD **a, const X509V3_EXT_METHOD **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509V3_EXT_METHOD) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const X509V3_EXT_METHOD **a, \ - const X509V3_EXT_METHOD **b), \ - comp))) - -#define sk_X509V3_EXT_METHOD_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509V3_EXT_METHOD) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509V3_EXT_METHOD) *, sk), \ - CHECKED_CAST(void *(*)(void *), \ - X509V3_EXT_METHOD *(*)(X509V3_EXT_METHOD *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509V3_EXT_METHOD *), \ - free_func))) - -/* X509_ALGOR */ -#define sk_X509_ALGOR_new(comp) \ - ((STACK_OF(X509_ALGOR) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const X509_ALGOR **a, const X509_ALGOR **b), \ - comp))) - -#define sk_X509_ALGOR_new_null() ((STACK_OF(X509_ALGOR) *)sk_new_null()) - -#define sk_X509_ALGOR_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509_ALGOR) *, sk)) - -#define sk_X509_ALGOR_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509_ALGOR) *, sk)); - -#define sk_X509_ALGOR_value(sk, i) \ - ((X509_ALGOR *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_ALGOR) *, sk), (i))) - -#define sk_X509_ALGOR_set(sk, i, p) \ - ((X509_ALGOR *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(X509_ALGOR) *, sk), \ - (i), CHECKED_CAST(void *, X509_ALGOR *, p))) - -#define sk_X509_ALGOR_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509_ALGOR) *, sk)) - -#define sk_X509_ALGOR_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_ALGOR) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_ALGOR *), free_func)) - -#define sk_X509_ALGOR_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509_ALGOR) *, sk), \ - CHECKED_CAST(void *, X509_ALGOR *, p), (where)) - -#define sk_X509_ALGOR_delete(sk, where) \ - ((X509_ALGOR *)sk_delete(CHECKED_CAST(_STACK *, STACK_OF(X509_ALGOR) *, sk), \ - (where))) - -#define sk_X509_ALGOR_delete_ptr(sk, p) \ - ((X509_ALGOR *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_ALGOR) *, sk), \ - CHECKED_CAST(void *, X509_ALGOR *, p))) - -#define sk_X509_ALGOR_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509_ALGOR) *, sk), (out_index), \ - CHECKED_CAST(void *, X509_ALGOR *, p)) - -#define sk_X509_ALGOR_shift(sk) \ - ((X509_ALGOR *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(X509_ALGOR) *, sk))) - -#define sk_X509_ALGOR_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509_ALGOR) *, sk), \ - CHECKED_CAST(void *, X509_ALGOR *, p)) - -#define sk_X509_ALGOR_pop(sk) \ - ((X509_ALGOR *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(X509_ALGOR) *, sk))) - -#define sk_X509_ALGOR_dup(sk) \ - ((STACK_OF(X509_ALGOR) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_ALGOR) *, sk))) - -#define sk_X509_ALGOR_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509_ALGOR) *, sk)) - -#define sk_X509_ALGOR_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509_ALGOR) *, sk)) - -#define sk_X509_ALGOR_set_cmp_func(sk, comp) \ - ((int (*)(const X509_ALGOR **a, const X509_ALGOR **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_ALGOR) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const X509_ALGOR **a, const X509_ALGOR **b), \ - comp))) - -#define sk_X509_ALGOR_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509_ALGOR) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509_ALGOR) *, sk), \ - CHECKED_CAST(void *(*)(void *), X509_ALGOR *(*)(X509_ALGOR *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_ALGOR *), free_func))) - -/* X509_ATTRIBUTE */ -#define sk_X509_ATTRIBUTE_new(comp) \ - ((STACK_OF(X509_ATTRIBUTE) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const X509_ATTRIBUTE **a, const X509_ATTRIBUTE **b), comp))) - -#define sk_X509_ATTRIBUTE_new_null() ((STACK_OF(X509_ATTRIBUTE) *)sk_new_null()) - -#define sk_X509_ATTRIBUTE_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509_ATTRIBUTE) *, sk)) - -#define sk_X509_ATTRIBUTE_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509_ATTRIBUTE) *, sk)); - -#define sk_X509_ATTRIBUTE_value(sk, i) \ - ((X509_ATTRIBUTE *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_ATTRIBUTE) *, sk), (i))) - -#define sk_X509_ATTRIBUTE_set(sk, i, p) \ - ((X509_ATTRIBUTE *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_ATTRIBUTE) *, sk), (i), \ - CHECKED_CAST(void *, X509_ATTRIBUTE *, p))) - -#define sk_X509_ATTRIBUTE_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509_ATTRIBUTE) *, sk)) - -#define sk_X509_ATTRIBUTE_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_ATTRIBUTE) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_ATTRIBUTE *), free_func)) - -#define sk_X509_ATTRIBUTE_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509_ATTRIBUTE) *, sk), \ - CHECKED_CAST(void *, X509_ATTRIBUTE *, p), (where)) - -#define sk_X509_ATTRIBUTE_delete(sk, where) \ - ((X509_ATTRIBUTE *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_ATTRIBUTE) *, sk), (where))) - -#define sk_X509_ATTRIBUTE_delete_ptr(sk, p) \ - ((X509_ATTRIBUTE *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_ATTRIBUTE) *, sk), \ - CHECKED_CAST(void *, X509_ATTRIBUTE *, p))) - -#define sk_X509_ATTRIBUTE_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509_ATTRIBUTE) *, sk), (out_index), \ - CHECKED_CAST(void *, X509_ATTRIBUTE *, p)) - -#define sk_X509_ATTRIBUTE_shift(sk) \ - ((X509_ATTRIBUTE *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_ATTRIBUTE) *, sk))) - -#define sk_X509_ATTRIBUTE_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509_ATTRIBUTE) *, sk), \ - CHECKED_CAST(void *, X509_ATTRIBUTE *, p)) - -#define sk_X509_ATTRIBUTE_pop(sk) \ - ((X509_ATTRIBUTE *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_ATTRIBUTE) *, sk))) - -#define sk_X509_ATTRIBUTE_dup(sk) \ - ((STACK_OF(X509_ATTRIBUTE) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_ATTRIBUTE) *, sk))) - -#define sk_X509_ATTRIBUTE_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509_ATTRIBUTE) *, sk)) - -#define sk_X509_ATTRIBUTE_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509_ATTRIBUTE) *, sk)) - -#define sk_X509_ATTRIBUTE_set_cmp_func(sk, comp) \ - ((int (*)(const X509_ATTRIBUTE **a, const X509_ATTRIBUTE **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_ATTRIBUTE) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const X509_ATTRIBUTE **a, \ - const X509_ATTRIBUTE **b), \ - comp))) - -#define sk_X509_ATTRIBUTE_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509_ATTRIBUTE) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509_ATTRIBUTE) *, sk), \ - CHECKED_CAST(void *(*)(void *), X509_ATTRIBUTE *(*)(X509_ATTRIBUTE *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_ATTRIBUTE *), free_func))) - -/* X509_CRL */ -#define sk_X509_CRL_new(comp) \ - ((STACK_OF(X509_CRL) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const X509_CRL **a, const X509_CRL **b), comp))) - -#define sk_X509_CRL_new_null() ((STACK_OF(X509_CRL) *)sk_new_null()) - -#define sk_X509_CRL_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509_CRL) *, sk)) - -#define sk_X509_CRL_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509_CRL) *, sk)); - -#define sk_X509_CRL_value(sk, i) \ - ((X509_CRL *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_CRL) *, sk), (i))) - -#define sk_X509_CRL_set(sk, i, p) \ - ((X509_CRL *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(X509_CRL) *, sk), (i), \ - CHECKED_CAST(void *, X509_CRL *, p))) - -#define sk_X509_CRL_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509_CRL) *, sk)) - -#define sk_X509_CRL_pop_free(sk, free_func) \ - sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(X509_CRL) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_CRL *), free_func)) - -#define sk_X509_CRL_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509_CRL) *, sk), \ - CHECKED_CAST(void *, X509_CRL *, p), (where)) - -#define sk_X509_CRL_delete(sk, where) \ - ((X509_CRL *)sk_delete(CHECKED_CAST(_STACK *, STACK_OF(X509_CRL) *, sk), \ - (where))) - -#define sk_X509_CRL_delete_ptr(sk, p) \ - ((X509_CRL *)sk_delete_ptr(CHECKED_CAST(_STACK *, STACK_OF(X509_CRL) *, sk), \ - CHECKED_CAST(void *, X509_CRL *, p))) - -#define sk_X509_CRL_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509_CRL) *, sk), (out_index), \ - CHECKED_CAST(void *, X509_CRL *, p)) - -#define sk_X509_CRL_shift(sk) \ - ((X509_CRL *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(X509_CRL) *, sk))) - -#define sk_X509_CRL_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509_CRL) *, sk), \ - CHECKED_CAST(void *, X509_CRL *, p)) - -#define sk_X509_CRL_pop(sk) \ - ((X509_CRL *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(X509_CRL) *, sk))) - -#define sk_X509_CRL_dup(sk) \ - ((STACK_OF(X509_CRL) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_CRL) *, sk))) - -#define sk_X509_CRL_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509_CRL) *, sk)) - -#define sk_X509_CRL_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509_CRL) *, sk)) - -#define sk_X509_CRL_set_cmp_func(sk, comp) \ - ((int (*)(const X509_CRL **a, const X509_CRL **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_CRL) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const X509_CRL **a, const X509_CRL **b), comp))) - -#define sk_X509_CRL_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509_CRL) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509_CRL) *, sk), \ - CHECKED_CAST(void *(*)(void *), X509_CRL *(*)(X509_CRL *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_CRL *), free_func))) - -/* X509_EXTENSION */ -#define sk_X509_EXTENSION_new(comp) \ - ((STACK_OF(X509_EXTENSION) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const X509_EXTENSION **a, const X509_EXTENSION **b), comp))) - -#define sk_X509_EXTENSION_new_null() ((STACK_OF(X509_EXTENSION) *)sk_new_null()) - -#define sk_X509_EXTENSION_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509_EXTENSION) *, sk)) - -#define sk_X509_EXTENSION_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509_EXTENSION) *, sk)); - -#define sk_X509_EXTENSION_value(sk, i) \ - ((X509_EXTENSION *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_EXTENSION) *, sk), (i))) - -#define sk_X509_EXTENSION_set(sk, i, p) \ - ((X509_EXTENSION *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_EXTENSION) *, sk), (i), \ - CHECKED_CAST(void *, X509_EXTENSION *, p))) - -#define sk_X509_EXTENSION_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509_EXTENSION) *, sk)) - -#define sk_X509_EXTENSION_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_EXTENSION) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_EXTENSION *), free_func)) - -#define sk_X509_EXTENSION_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509_EXTENSION) *, sk), \ - CHECKED_CAST(void *, X509_EXTENSION *, p), (where)) - -#define sk_X509_EXTENSION_delete(sk, where) \ - ((X509_EXTENSION *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_EXTENSION) *, sk), (where))) - -#define sk_X509_EXTENSION_delete_ptr(sk, p) \ - ((X509_EXTENSION *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_EXTENSION) *, sk), \ - CHECKED_CAST(void *, X509_EXTENSION *, p))) - -#define sk_X509_EXTENSION_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509_EXTENSION) *, sk), (out_index), \ - CHECKED_CAST(void *, X509_EXTENSION *, p)) - -#define sk_X509_EXTENSION_shift(sk) \ - ((X509_EXTENSION *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_EXTENSION) *, sk))) - -#define sk_X509_EXTENSION_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509_EXTENSION) *, sk), \ - CHECKED_CAST(void *, X509_EXTENSION *, p)) - -#define sk_X509_EXTENSION_pop(sk) \ - ((X509_EXTENSION *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_EXTENSION) *, sk))) - -#define sk_X509_EXTENSION_dup(sk) \ - ((STACK_OF(X509_EXTENSION) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_EXTENSION) *, sk))) - -#define sk_X509_EXTENSION_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509_EXTENSION) *, sk)) - -#define sk_X509_EXTENSION_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509_EXTENSION) *, sk)) - -#define sk_X509_EXTENSION_set_cmp_func(sk, comp) \ - ((int (*)(const X509_EXTENSION **a, const X509_EXTENSION **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_EXTENSION) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const X509_EXTENSION **a, \ - const X509_EXTENSION **b), \ - comp))) - -#define sk_X509_EXTENSION_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509_EXTENSION) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509_EXTENSION) *, sk), \ - CHECKED_CAST(void *(*)(void *), X509_EXTENSION *(*)(X509_EXTENSION *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_EXTENSION *), free_func))) - -/* X509_INFO */ -#define sk_X509_INFO_new(comp) \ - ((STACK_OF(X509_INFO) *)sk_new( \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const X509_INFO **a, const X509_INFO **b), comp))) - -#define sk_X509_INFO_new_null() ((STACK_OF(X509_INFO) *)sk_new_null()) - -#define sk_X509_INFO_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509_INFO) *, sk)) - -#define sk_X509_INFO_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509_INFO) *, sk)); - -#define sk_X509_INFO_value(sk, i) \ - ((X509_INFO *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_INFO) *, sk), (i))) - -#define sk_X509_INFO_set(sk, i, p) \ - ((X509_INFO *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(X509_INFO) *, sk), (i), \ - CHECKED_CAST(void *, X509_INFO *, p))) - -#define sk_X509_INFO_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509_INFO) *, sk)) - -#define sk_X509_INFO_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_INFO) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_INFO *), free_func)) - -#define sk_X509_INFO_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509_INFO) *, sk), \ - CHECKED_CAST(void *, X509_INFO *, p), (where)) - -#define sk_X509_INFO_delete(sk, where) \ - ((X509_INFO *)sk_delete(CHECKED_CAST(_STACK *, STACK_OF(X509_INFO) *, sk), \ - (where))) - -#define sk_X509_INFO_delete_ptr(sk, p) \ - ((X509_INFO *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_INFO) *, sk), \ - CHECKED_CAST(void *, X509_INFO *, p))) - -#define sk_X509_INFO_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509_INFO) *, sk), (out_index), \ - CHECKED_CAST(void *, X509_INFO *, p)) - -#define sk_X509_INFO_shift(sk) \ - ((X509_INFO *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(X509_INFO) *, sk))) - -#define sk_X509_INFO_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509_INFO) *, sk), \ - CHECKED_CAST(void *, X509_INFO *, p)) - -#define sk_X509_INFO_pop(sk) \ - ((X509_INFO *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(X509_INFO) *, sk))) - -#define sk_X509_INFO_dup(sk) \ - ((STACK_OF(X509_INFO) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_INFO) *, sk))) - -#define sk_X509_INFO_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509_INFO) *, sk)) - -#define sk_X509_INFO_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509_INFO) *, sk)) - -#define sk_X509_INFO_set_cmp_func(sk, comp) \ - ((int (*)(const X509_INFO **a, const X509_INFO **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_INFO) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const X509_INFO **a, const X509_INFO **b), comp))) - -#define sk_X509_INFO_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509_INFO) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509_INFO) *, sk), \ - CHECKED_CAST(void *(*)(void *), X509_INFO *(*)(X509_INFO *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_INFO *), free_func))) - -/* X509_LOOKUP */ -#define sk_X509_LOOKUP_new(comp) \ - ((STACK_OF(X509_LOOKUP) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const X509_LOOKUP **a, const X509_LOOKUP **b), \ - comp))) - -#define sk_X509_LOOKUP_new_null() ((STACK_OF(X509_LOOKUP) *)sk_new_null()) - -#define sk_X509_LOOKUP_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509_LOOKUP) *, sk)) - -#define sk_X509_LOOKUP_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509_LOOKUP) *, sk)); - -#define sk_X509_LOOKUP_value(sk, i) \ - ((X509_LOOKUP *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_LOOKUP) *, sk), (i))) - -#define sk_X509_LOOKUP_set(sk, i, p) \ - ((X509_LOOKUP *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(X509_LOOKUP) *, sk), \ - (i), CHECKED_CAST(void *, X509_LOOKUP *, p))) - -#define sk_X509_LOOKUP_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509_LOOKUP) *, sk)) - -#define sk_X509_LOOKUP_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_LOOKUP) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_LOOKUP *), free_func)) - -#define sk_X509_LOOKUP_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509_LOOKUP) *, sk), \ - CHECKED_CAST(void *, X509_LOOKUP *, p), (where)) - -#define sk_X509_LOOKUP_delete(sk, where) \ - ((X509_LOOKUP *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_LOOKUP) *, sk), (where))) - -#define sk_X509_LOOKUP_delete_ptr(sk, p) \ - ((X509_LOOKUP *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_LOOKUP) *, sk), \ - CHECKED_CAST(void *, X509_LOOKUP *, p))) - -#define sk_X509_LOOKUP_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509_LOOKUP) *, sk), (out_index), \ - CHECKED_CAST(void *, X509_LOOKUP *, p)) - -#define sk_X509_LOOKUP_shift(sk) \ - ((X509_LOOKUP *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(X509_LOOKUP) *, sk))) - -#define sk_X509_LOOKUP_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509_LOOKUP) *, sk), \ - CHECKED_CAST(void *, X509_LOOKUP *, p)) - -#define sk_X509_LOOKUP_pop(sk) \ - ((X509_LOOKUP *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(X509_LOOKUP) *, sk))) - -#define sk_X509_LOOKUP_dup(sk) \ - ((STACK_OF(X509_LOOKUP) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_LOOKUP) *, sk))) - -#define sk_X509_LOOKUP_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509_LOOKUP) *, sk)) - -#define sk_X509_LOOKUP_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509_LOOKUP) *, sk)) - -#define sk_X509_LOOKUP_set_cmp_func(sk, comp) \ - ((int (*)(const X509_LOOKUP **a, const X509_LOOKUP **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_LOOKUP) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const X509_LOOKUP **a, const X509_LOOKUP **b), \ - comp))) - -#define sk_X509_LOOKUP_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509_LOOKUP) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509_LOOKUP) *, sk), \ - CHECKED_CAST(void *(*)(void *), X509_LOOKUP *(*)(X509_LOOKUP *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_LOOKUP *), free_func))) - -/* X509_NAME */ -#define sk_X509_NAME_new(comp) \ - ((STACK_OF(X509_NAME) *)sk_new( \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const X509_NAME **a, const X509_NAME **b), comp))) - -#define sk_X509_NAME_new_null() ((STACK_OF(X509_NAME) *)sk_new_null()) - -#define sk_X509_NAME_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME) *, sk)) - -#define sk_X509_NAME_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME) *, sk)); - -#define sk_X509_NAME_value(sk, i) \ - ((X509_NAME *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_NAME) *, sk), (i))) - -#define sk_X509_NAME_set(sk, i, p) \ - ((X509_NAME *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME) *, sk), (i), \ - CHECKED_CAST(void *, X509_NAME *, p))) - -#define sk_X509_NAME_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME) *, sk)) - -#define sk_X509_NAME_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_NAME) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_NAME *), free_func)) - -#define sk_X509_NAME_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME) *, sk), \ - CHECKED_CAST(void *, X509_NAME *, p), (where)) - -#define sk_X509_NAME_delete(sk, where) \ - ((X509_NAME *)sk_delete(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME) *, sk), \ - (where))) - -#define sk_X509_NAME_delete_ptr(sk, p) \ - ((X509_NAME *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_NAME) *, sk), \ - CHECKED_CAST(void *, X509_NAME *, p))) - -#define sk_X509_NAME_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME) *, sk), (out_index), \ - CHECKED_CAST(void *, X509_NAME *, p)) - -#define sk_X509_NAME_shift(sk) \ - ((X509_NAME *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME) *, sk))) - -#define sk_X509_NAME_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME) *, sk), \ - CHECKED_CAST(void *, X509_NAME *, p)) - -#define sk_X509_NAME_pop(sk) \ - ((X509_NAME *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME) *, sk))) - -#define sk_X509_NAME_dup(sk) \ - ((STACK_OF(X509_NAME) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_NAME) *, sk))) - -#define sk_X509_NAME_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME) *, sk)) - -#define sk_X509_NAME_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509_NAME) *, sk)) - -#define sk_X509_NAME_set_cmp_func(sk, comp) \ - ((int (*)(const X509_NAME **a, const X509_NAME **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_NAME) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const X509_NAME **a, const X509_NAME **b), comp))) - -#define sk_X509_NAME_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509_NAME) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509_NAME) *, sk), \ - CHECKED_CAST(void *(*)(void *), X509_NAME *(*)(X509_NAME *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_NAME *), free_func))) - -/* X509_NAME_ENTRY */ -#define sk_X509_NAME_ENTRY_new(comp) \ - ((STACK_OF(X509_NAME_ENTRY) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const X509_NAME_ENTRY **a, const X509_NAME_ENTRY **b), comp))) - -#define sk_X509_NAME_ENTRY_new_null() \ - ((STACK_OF(X509_NAME_ENTRY) *)sk_new_null()) - -#define sk_X509_NAME_ENTRY_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME_ENTRY) *, sk)) - -#define sk_X509_NAME_ENTRY_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME_ENTRY) *, sk)); - -#define sk_X509_NAME_ENTRY_value(sk, i) \ - ((X509_NAME_ENTRY *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_NAME_ENTRY) *, sk), (i))) - -#define sk_X509_NAME_ENTRY_set(sk, i, p) \ - ((X509_NAME_ENTRY *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_NAME_ENTRY) *, sk), (i), \ - CHECKED_CAST(void *, X509_NAME_ENTRY *, p))) - -#define sk_X509_NAME_ENTRY_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME_ENTRY) *, sk)) - -#define sk_X509_NAME_ENTRY_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_NAME_ENTRY) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_NAME_ENTRY *), free_func)) - -#define sk_X509_NAME_ENTRY_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME_ENTRY) *, sk), \ - CHECKED_CAST(void *, X509_NAME_ENTRY *, p), (where)) - -#define sk_X509_NAME_ENTRY_delete(sk, where) \ - ((X509_NAME_ENTRY *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_NAME_ENTRY) *, sk), (where))) - -#define sk_X509_NAME_ENTRY_delete_ptr(sk, p) \ - ((X509_NAME_ENTRY *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_NAME_ENTRY) *, sk), \ - CHECKED_CAST(void *, X509_NAME_ENTRY *, p))) - -#define sk_X509_NAME_ENTRY_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME_ENTRY) *, sk), \ - (out_index), CHECKED_CAST(void *, X509_NAME_ENTRY *, p)) - -#define sk_X509_NAME_ENTRY_shift(sk) \ - ((X509_NAME_ENTRY *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_NAME_ENTRY) *, sk))) - -#define sk_X509_NAME_ENTRY_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME_ENTRY) *, sk), \ - CHECKED_CAST(void *, X509_NAME_ENTRY *, p)) - -#define sk_X509_NAME_ENTRY_pop(sk) \ - ((X509_NAME_ENTRY *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_NAME_ENTRY) *, sk))) - -#define sk_X509_NAME_ENTRY_dup(sk) \ - ((STACK_OF(X509_NAME_ENTRY) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_NAME_ENTRY) *, sk))) - -#define sk_X509_NAME_ENTRY_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509_NAME_ENTRY) *, sk)) - -#define sk_X509_NAME_ENTRY_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509_NAME_ENTRY) *, sk)) - -#define sk_X509_NAME_ENTRY_set_cmp_func(sk, comp) \ - ((int (*)(const X509_NAME_ENTRY **a, const X509_NAME_ENTRY **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_NAME_ENTRY) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const X509_NAME_ENTRY **a, \ - const X509_NAME_ENTRY **b), \ - comp))) - -#define sk_X509_NAME_ENTRY_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509_NAME_ENTRY) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509_NAME_ENTRY) *, sk), \ - CHECKED_CAST(void *(*)(void *), X509_NAME_ENTRY *(*)(X509_NAME_ENTRY *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_NAME_ENTRY *), free_func))) - -/* X509_OBJECT */ -#define sk_X509_OBJECT_new(comp) \ - ((STACK_OF(X509_OBJECT) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const X509_OBJECT **a, const X509_OBJECT **b), \ - comp))) - -#define sk_X509_OBJECT_new_null() ((STACK_OF(X509_OBJECT) *)sk_new_null()) - -#define sk_X509_OBJECT_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509_OBJECT) *, sk)) - -#define sk_X509_OBJECT_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509_OBJECT) *, sk)); - -#define sk_X509_OBJECT_value(sk, i) \ - ((X509_OBJECT *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_OBJECT) *, sk), (i))) - -#define sk_X509_OBJECT_set(sk, i, p) \ - ((X509_OBJECT *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(X509_OBJECT) *, sk), \ - (i), CHECKED_CAST(void *, X509_OBJECT *, p))) - -#define sk_X509_OBJECT_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509_OBJECT) *, sk)) - -#define sk_X509_OBJECT_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_OBJECT) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_OBJECT *), free_func)) - -#define sk_X509_OBJECT_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509_OBJECT) *, sk), \ - CHECKED_CAST(void *, X509_OBJECT *, p), (where)) - -#define sk_X509_OBJECT_delete(sk, where) \ - ((X509_OBJECT *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_OBJECT) *, sk), (where))) - -#define sk_X509_OBJECT_delete_ptr(sk, p) \ - ((X509_OBJECT *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_OBJECT) *, sk), \ - CHECKED_CAST(void *, X509_OBJECT *, p))) - -#define sk_X509_OBJECT_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509_OBJECT) *, sk), (out_index), \ - CHECKED_CAST(void *, X509_OBJECT *, p)) - -#define sk_X509_OBJECT_shift(sk) \ - ((X509_OBJECT *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(X509_OBJECT) *, sk))) - -#define sk_X509_OBJECT_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509_OBJECT) *, sk), \ - CHECKED_CAST(void *, X509_OBJECT *, p)) - -#define sk_X509_OBJECT_pop(sk) \ - ((X509_OBJECT *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(X509_OBJECT) *, sk))) - -#define sk_X509_OBJECT_dup(sk) \ - ((STACK_OF(X509_OBJECT) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_OBJECT) *, sk))) - -#define sk_X509_OBJECT_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509_OBJECT) *, sk)) - -#define sk_X509_OBJECT_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509_OBJECT) *, sk)) - -#define sk_X509_OBJECT_set_cmp_func(sk, comp) \ - ((int (*)(const X509_OBJECT **a, const X509_OBJECT **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_OBJECT) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const X509_OBJECT **a, const X509_OBJECT **b), \ - comp))) - -#define sk_X509_OBJECT_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509_OBJECT) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509_OBJECT) *, sk), \ - CHECKED_CAST(void *(*)(void *), X509_OBJECT *(*)(X509_OBJECT *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_OBJECT *), free_func))) - -/* X509_POLICY_DATA */ -#define sk_X509_POLICY_DATA_new(comp) \ - ((STACK_OF(X509_POLICY_DATA) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const X509_POLICY_DATA **a, const X509_POLICY_DATA **b), comp))) - -#define sk_X509_POLICY_DATA_new_null() \ - ((STACK_OF(X509_POLICY_DATA) *)sk_new_null()) - -#define sk_X509_POLICY_DATA_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_DATA) *, sk)) - -#define sk_X509_POLICY_DATA_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_DATA) *, sk)); - -#define sk_X509_POLICY_DATA_value(sk, i) \ - ((X509_POLICY_DATA *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_POLICY_DATA) *, sk), (i))) - -#define sk_X509_POLICY_DATA_set(sk, i, p) \ - ((X509_POLICY_DATA *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_DATA) *, sk), (i), \ - CHECKED_CAST(void *, X509_POLICY_DATA *, p))) - -#define sk_X509_POLICY_DATA_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_DATA) *, sk)) - -#define sk_X509_POLICY_DATA_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_DATA) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_POLICY_DATA *), free_func)) - -#define sk_X509_POLICY_DATA_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_DATA) *, sk), \ - CHECKED_CAST(void *, X509_POLICY_DATA *, p), (where)) - -#define sk_X509_POLICY_DATA_delete(sk, where) \ - ((X509_POLICY_DATA *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_DATA) *, sk), (where))) - -#define sk_X509_POLICY_DATA_delete_ptr(sk, p) \ - ((X509_POLICY_DATA *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_DATA) *, sk), \ - CHECKED_CAST(void *, X509_POLICY_DATA *, p))) - -#define sk_X509_POLICY_DATA_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_DATA) *, sk), \ - (out_index), CHECKED_CAST(void *, X509_POLICY_DATA *, p)) - -#define sk_X509_POLICY_DATA_shift(sk) \ - ((X509_POLICY_DATA *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_DATA) *, sk))) - -#define sk_X509_POLICY_DATA_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_DATA) *, sk), \ - CHECKED_CAST(void *, X509_POLICY_DATA *, p)) - -#define sk_X509_POLICY_DATA_pop(sk) \ - ((X509_POLICY_DATA *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_DATA) *, sk))) - -#define sk_X509_POLICY_DATA_dup(sk) \ - ((STACK_OF(X509_POLICY_DATA) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_POLICY_DATA) *, sk))) - -#define sk_X509_POLICY_DATA_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_DATA) *, sk)) - -#define sk_X509_POLICY_DATA_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509_POLICY_DATA) *, sk)) - -#define sk_X509_POLICY_DATA_set_cmp_func(sk, comp) \ - ((int (*)(const X509_POLICY_DATA **a, const X509_POLICY_DATA **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_DATA) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const X509_POLICY_DATA **a, \ - const X509_POLICY_DATA **b), \ - comp))) - -#define sk_X509_POLICY_DATA_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509_POLICY_DATA) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509_POLICY_DATA) *, sk), \ - CHECKED_CAST(void *(*)(void *), \ - X509_POLICY_DATA *(*)(X509_POLICY_DATA *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_POLICY_DATA *), \ - free_func))) - -/* X509_POLICY_NODE */ -#define sk_X509_POLICY_NODE_new(comp) \ - ((STACK_OF(X509_POLICY_NODE) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const X509_POLICY_NODE **a, const X509_POLICY_NODE **b), comp))) - -#define sk_X509_POLICY_NODE_new_null() \ - ((STACK_OF(X509_POLICY_NODE) *)sk_new_null()) - -#define sk_X509_POLICY_NODE_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_NODE) *, sk)) - -#define sk_X509_POLICY_NODE_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_NODE) *, sk)); - -#define sk_X509_POLICY_NODE_value(sk, i) \ - ((X509_POLICY_NODE *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_POLICY_NODE) *, sk), (i))) - -#define sk_X509_POLICY_NODE_set(sk, i, p) \ - ((X509_POLICY_NODE *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_NODE) *, sk), (i), \ - CHECKED_CAST(void *, X509_POLICY_NODE *, p))) - -#define sk_X509_POLICY_NODE_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_NODE) *, sk)) - -#define sk_X509_POLICY_NODE_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_NODE) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_POLICY_NODE *), free_func)) - -#define sk_X509_POLICY_NODE_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_NODE) *, sk), \ - CHECKED_CAST(void *, X509_POLICY_NODE *, p), (where)) - -#define sk_X509_POLICY_NODE_delete(sk, where) \ - ((X509_POLICY_NODE *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_NODE) *, sk), (where))) - -#define sk_X509_POLICY_NODE_delete_ptr(sk, p) \ - ((X509_POLICY_NODE *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_NODE) *, sk), \ - CHECKED_CAST(void *, X509_POLICY_NODE *, p))) - -#define sk_X509_POLICY_NODE_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_NODE) *, sk), \ - (out_index), CHECKED_CAST(void *, X509_POLICY_NODE *, p)) - -#define sk_X509_POLICY_NODE_shift(sk) \ - ((X509_POLICY_NODE *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_NODE) *, sk))) - -#define sk_X509_POLICY_NODE_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_NODE) *, sk), \ - CHECKED_CAST(void *, X509_POLICY_NODE *, p)) - -#define sk_X509_POLICY_NODE_pop(sk) \ - ((X509_POLICY_NODE *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_NODE) *, sk))) - -#define sk_X509_POLICY_NODE_dup(sk) \ - ((STACK_OF(X509_POLICY_NODE) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_POLICY_NODE) *, sk))) - -#define sk_X509_POLICY_NODE_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_NODE) *, sk)) - -#define sk_X509_POLICY_NODE_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509_POLICY_NODE) *, sk)) - -#define sk_X509_POLICY_NODE_set_cmp_func(sk, comp) \ - ((int (*)(const X509_POLICY_NODE **a, const X509_POLICY_NODE **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_POLICY_NODE) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const X509_POLICY_NODE **a, \ - const X509_POLICY_NODE **b), \ - comp))) - -#define sk_X509_POLICY_NODE_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509_POLICY_NODE) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509_POLICY_NODE) *, sk), \ - CHECKED_CAST(void *(*)(void *), \ - X509_POLICY_NODE *(*)(X509_POLICY_NODE *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_POLICY_NODE *), \ - free_func))) - -/* X509_PURPOSE */ -#define sk_X509_PURPOSE_new(comp) \ - ((STACK_OF(X509_PURPOSE) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const X509_PURPOSE **a, const X509_PURPOSE **b), \ - comp))) - -#define sk_X509_PURPOSE_new_null() ((STACK_OF(X509_PURPOSE) *)sk_new_null()) - -#define sk_X509_PURPOSE_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509_PURPOSE) *, sk)) - -#define sk_X509_PURPOSE_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509_PURPOSE) *, sk)); - -#define sk_X509_PURPOSE_value(sk, i) \ - ((X509_PURPOSE *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_PURPOSE) *, sk), (i))) - -#define sk_X509_PURPOSE_set(sk, i, p) \ - ((X509_PURPOSE *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_PURPOSE) *, sk), (i), \ - CHECKED_CAST(void *, X509_PURPOSE *, p))) - -#define sk_X509_PURPOSE_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509_PURPOSE) *, sk)) - -#define sk_X509_PURPOSE_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_PURPOSE) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_PURPOSE *), free_func)) - -#define sk_X509_PURPOSE_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509_PURPOSE) *, sk), \ - CHECKED_CAST(void *, X509_PURPOSE *, p), (where)) - -#define sk_X509_PURPOSE_delete(sk, where) \ - ((X509_PURPOSE *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_PURPOSE) *, sk), (where))) - -#define sk_X509_PURPOSE_delete_ptr(sk, p) \ - ((X509_PURPOSE *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_PURPOSE) *, sk), \ - CHECKED_CAST(void *, X509_PURPOSE *, p))) - -#define sk_X509_PURPOSE_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509_PURPOSE) *, sk), (out_index), \ - CHECKED_CAST(void *, X509_PURPOSE *, p)) - -#define sk_X509_PURPOSE_shift(sk) \ - ((X509_PURPOSE *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_PURPOSE) *, sk))) - -#define sk_X509_PURPOSE_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509_PURPOSE) *, sk), \ - CHECKED_CAST(void *, X509_PURPOSE *, p)) - -#define sk_X509_PURPOSE_pop(sk) \ - ((X509_PURPOSE *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(X509_PURPOSE) *, sk))) - -#define sk_X509_PURPOSE_dup(sk) \ - ((STACK_OF(X509_PURPOSE) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_PURPOSE) *, sk))) - -#define sk_X509_PURPOSE_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509_PURPOSE) *, sk)) - -#define sk_X509_PURPOSE_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509_PURPOSE) *, sk)) - -#define sk_X509_PURPOSE_set_cmp_func(sk, comp) \ - ((int (*)(const X509_PURPOSE **a, const X509_PURPOSE **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_PURPOSE) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const X509_PURPOSE **a, const X509_PURPOSE **b), \ - comp))) - -#define sk_X509_PURPOSE_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509_PURPOSE) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509_PURPOSE) *, sk), \ - CHECKED_CAST(void *(*)(void *), X509_PURPOSE *(*)(X509_PURPOSE *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_PURPOSE *), free_func))) - -/* X509_REVOKED */ -#define sk_X509_REVOKED_new(comp) \ - ((STACK_OF(X509_REVOKED) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const X509_REVOKED **a, const X509_REVOKED **b), \ - comp))) - -#define sk_X509_REVOKED_new_null() ((STACK_OF(X509_REVOKED) *)sk_new_null()) - -#define sk_X509_REVOKED_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509_REVOKED) *, sk)) - -#define sk_X509_REVOKED_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509_REVOKED) *, sk)); - -#define sk_X509_REVOKED_value(sk, i) \ - ((X509_REVOKED *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_REVOKED) *, sk), (i))) - -#define sk_X509_REVOKED_set(sk, i, p) \ - ((X509_REVOKED *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_REVOKED) *, sk), (i), \ - CHECKED_CAST(void *, X509_REVOKED *, p))) - -#define sk_X509_REVOKED_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509_REVOKED) *, sk)) - -#define sk_X509_REVOKED_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_REVOKED) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_REVOKED *), free_func)) - -#define sk_X509_REVOKED_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509_REVOKED) *, sk), \ - CHECKED_CAST(void *, X509_REVOKED *, p), (where)) - -#define sk_X509_REVOKED_delete(sk, where) \ - ((X509_REVOKED *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_REVOKED) *, sk), (where))) - -#define sk_X509_REVOKED_delete_ptr(sk, p) \ - ((X509_REVOKED *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_REVOKED) *, sk), \ - CHECKED_CAST(void *, X509_REVOKED *, p))) - -#define sk_X509_REVOKED_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509_REVOKED) *, sk), (out_index), \ - CHECKED_CAST(void *, X509_REVOKED *, p)) - -#define sk_X509_REVOKED_shift(sk) \ - ((X509_REVOKED *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_REVOKED) *, sk))) - -#define sk_X509_REVOKED_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509_REVOKED) *, sk), \ - CHECKED_CAST(void *, X509_REVOKED *, p)) - -#define sk_X509_REVOKED_pop(sk) \ - ((X509_REVOKED *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(X509_REVOKED) *, sk))) - -#define sk_X509_REVOKED_dup(sk) \ - ((STACK_OF(X509_REVOKED) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_REVOKED) *, sk))) - -#define sk_X509_REVOKED_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509_REVOKED) *, sk)) - -#define sk_X509_REVOKED_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509_REVOKED) *, sk)) - -#define sk_X509_REVOKED_set_cmp_func(sk, comp) \ - ((int (*)(const X509_REVOKED **a, const X509_REVOKED **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_REVOKED) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const X509_REVOKED **a, const X509_REVOKED **b), \ - comp))) - -#define sk_X509_REVOKED_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509_REVOKED) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509_REVOKED) *, sk), \ - CHECKED_CAST(void *(*)(void *), X509_REVOKED *(*)(X509_REVOKED *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_REVOKED *), free_func))) - -/* X509_TRUST */ -#define sk_X509_TRUST_new(comp) \ - ((STACK_OF(X509_TRUST) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const X509_TRUST **a, const X509_TRUST **b), \ - comp))) - -#define sk_X509_TRUST_new_null() ((STACK_OF(X509_TRUST) *)sk_new_null()) - -#define sk_X509_TRUST_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509_TRUST) *, sk)) - -#define sk_X509_TRUST_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509_TRUST) *, sk)); - -#define sk_X509_TRUST_value(sk, i) \ - ((X509_TRUST *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_TRUST) *, sk), (i))) - -#define sk_X509_TRUST_set(sk, i, p) \ - ((X509_TRUST *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(X509_TRUST) *, sk), \ - (i), CHECKED_CAST(void *, X509_TRUST *, p))) - -#define sk_X509_TRUST_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509_TRUST) *, sk)) - -#define sk_X509_TRUST_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_TRUST) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_TRUST *), free_func)) - -#define sk_X509_TRUST_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509_TRUST) *, sk), \ - CHECKED_CAST(void *, X509_TRUST *, p), (where)) - -#define sk_X509_TRUST_delete(sk, where) \ - ((X509_TRUST *)sk_delete(CHECKED_CAST(_STACK *, STACK_OF(X509_TRUST) *, sk), \ - (where))) - -#define sk_X509_TRUST_delete_ptr(sk, p) \ - ((X509_TRUST *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_TRUST) *, sk), \ - CHECKED_CAST(void *, X509_TRUST *, p))) - -#define sk_X509_TRUST_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509_TRUST) *, sk), (out_index), \ - CHECKED_CAST(void *, X509_TRUST *, p)) - -#define sk_X509_TRUST_shift(sk) \ - ((X509_TRUST *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(X509_TRUST) *, sk))) - -#define sk_X509_TRUST_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509_TRUST) *, sk), \ - CHECKED_CAST(void *, X509_TRUST *, p)) - -#define sk_X509_TRUST_pop(sk) \ - ((X509_TRUST *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(X509_TRUST) *, sk))) - -#define sk_X509_TRUST_dup(sk) \ - ((STACK_OF(X509_TRUST) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_TRUST) *, sk))) - -#define sk_X509_TRUST_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509_TRUST) *, sk)) - -#define sk_X509_TRUST_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509_TRUST) *, sk)) - -#define sk_X509_TRUST_set_cmp_func(sk, comp) \ - ((int (*)(const X509_TRUST **a, const X509_TRUST **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_TRUST) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const X509_TRUST **a, const X509_TRUST **b), \ - comp))) - -#define sk_X509_TRUST_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509_TRUST) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509_TRUST) *, sk), \ - CHECKED_CAST(void *(*)(void *), X509_TRUST *(*)(X509_TRUST *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_TRUST *), free_func))) - -/* X509_VERIFY_PARAM */ -#define sk_X509_VERIFY_PARAM_new(comp) \ - ((STACK_OF(X509_VERIFY_PARAM) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const X509_VERIFY_PARAM **a, const X509_VERIFY_PARAM **b), \ - comp))) - -#define sk_X509_VERIFY_PARAM_new_null() \ - ((STACK_OF(X509_VERIFY_PARAM) *)sk_new_null()) - -#define sk_X509_VERIFY_PARAM_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(X509_VERIFY_PARAM) *, sk)) - -#define sk_X509_VERIFY_PARAM_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(X509_VERIFY_PARAM) *, sk)); - -#define sk_X509_VERIFY_PARAM_value(sk, i) \ - ((X509_VERIFY_PARAM *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_VERIFY_PARAM) *, sk), (i))) - -#define sk_X509_VERIFY_PARAM_set(sk, i, p) \ - ((X509_VERIFY_PARAM *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_VERIFY_PARAM) *, sk), (i), \ - CHECKED_CAST(void *, X509_VERIFY_PARAM *, p))) - -#define sk_X509_VERIFY_PARAM_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(X509_VERIFY_PARAM) *, sk)) - -#define sk_X509_VERIFY_PARAM_pop_free(sk, free_func) \ - sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(X509_VERIFY_PARAM) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_VERIFY_PARAM *), \ - free_func)) - -#define sk_X509_VERIFY_PARAM_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(X509_VERIFY_PARAM) *, sk), \ - CHECKED_CAST(void *, X509_VERIFY_PARAM *, p), (where)) - -#define sk_X509_VERIFY_PARAM_delete(sk, where) \ - ((X509_VERIFY_PARAM *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_VERIFY_PARAM) *, sk), (where))) - -#define sk_X509_VERIFY_PARAM_delete_ptr(sk, p) \ - ((X509_VERIFY_PARAM *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_VERIFY_PARAM) *, sk), \ - CHECKED_CAST(void *, X509_VERIFY_PARAM *, p))) - -#define sk_X509_VERIFY_PARAM_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(X509_VERIFY_PARAM) *, sk), \ - (out_index), CHECKED_CAST(void *, X509_VERIFY_PARAM *, p)) - -#define sk_X509_VERIFY_PARAM_shift(sk) \ - ((X509_VERIFY_PARAM *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_VERIFY_PARAM) *, sk))) - -#define sk_X509_VERIFY_PARAM_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(X509_VERIFY_PARAM) *, sk), \ - CHECKED_CAST(void *, X509_VERIFY_PARAM *, p)) - -#define sk_X509_VERIFY_PARAM_pop(sk) \ - ((X509_VERIFY_PARAM *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_VERIFY_PARAM) *, sk))) - -#define sk_X509_VERIFY_PARAM_dup(sk) \ - ((STACK_OF(X509_VERIFY_PARAM) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(X509_VERIFY_PARAM) *, sk))) - -#define sk_X509_VERIFY_PARAM_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(X509_VERIFY_PARAM) *, sk)) - -#define sk_X509_VERIFY_PARAM_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(X509_VERIFY_PARAM) *, sk)) - -#define sk_X509_VERIFY_PARAM_set_cmp_func(sk, comp) \ - ((int (*)(const X509_VERIFY_PARAM **a, const X509_VERIFY_PARAM **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(X509_VERIFY_PARAM) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const X509_VERIFY_PARAM **a, \ - const X509_VERIFY_PARAM **b), \ - comp))) - -#define sk_X509_VERIFY_PARAM_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(X509_VERIFY_PARAM) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(X509_VERIFY_PARAM) *, sk), \ - CHECKED_CAST(void *(*)(void *), \ - X509_VERIFY_PARAM *(*)(X509_VERIFY_PARAM *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(X509_VERIFY_PARAM *), \ - free_func))) - -/* void */ -#define sk_void_new(comp) \ - ((STACK_OF(void)*)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const void **a, const void **b), comp))) - -#define sk_void_new_null() ((STACK_OF(void)*)sk_new_null()) - -#define sk_void_num(sk) sk_num(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk)) - -#define sk_void_zero(sk) sk_zero(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk)); - -#define sk_void_value(sk, i) \ - ((void *)sk_value(CHECKED_CAST(_STACK *, const STACK_OF(void)*, sk), (i))) - -#define sk_void_set(sk, i, p) \ - ((void *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), (i), \ - CHECKED_CAST(void *, void *, p))) - -#define sk_void_free(sk) sk_free(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk)) - -#define sk_void_pop_free(sk, free_func) \ - sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(void *), free_func)) - -#define sk_void_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), \ - CHECKED_CAST(void *, void *, p), (where)) - -#define sk_void_delete(sk, where) \ - ((void *)sk_delete(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), (where))) - -#define sk_void_delete_ptr(sk, p) \ - ((void *)sk_delete_ptr(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), \ - CHECKED_CAST(void *, void *, p))) - -#define sk_void_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), (out_index), \ - CHECKED_CAST(void *, void *, p)) - -#define sk_void_shift(sk) \ - ((void *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk))) - -#define sk_void_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), \ - CHECKED_CAST(void *, void *, p)) - -#define sk_void_pop(sk) \ - ((void *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk))) - -#define sk_void_dup(sk) \ - ((STACK_OF(void)*)sk_dup(CHECKED_CAST(_STACK *, const STACK_OF(void)*, sk))) - -#define sk_void_sort(sk) sk_sort(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk)) - -#define sk_void_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(void)*, sk)) - -#define sk_void_set_cmp_func(sk, comp) \ - ((int (*)(const void **a, const void **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const void **a, const void **b), \ - comp))) - -#define sk_void_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(void)*)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(void)*, sk), \ - CHECKED_CAST(void *(*)(void *), void *(*)(void *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(void *), free_func))) - -/* SRTP_PROTECTION_PROFILE */ -#define sk_SRTP_PROTECTION_PROFILE_new(comp) \ - ((STACK_OF(SRTP_PROTECTION_PROFILE) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const const SRTP_PROTECTION_PROFILE **a, \ - const const SRTP_PROTECTION_PROFILE **b), \ - comp))) - -#define sk_SRTP_PROTECTION_PROFILE_new_null() \ - ((STACK_OF(SRTP_PROTECTION_PROFILE) *)sk_new_null()) - -#define sk_SRTP_PROTECTION_PROFILE_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(SRTP_PROTECTION_PROFILE) *, sk)) - -#define sk_SRTP_PROTECTION_PROFILE_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(SRTP_PROTECTION_PROFILE) *, sk)); - -#define sk_SRTP_PROTECTION_PROFILE_value(sk, i) \ - ((const SRTP_PROTECTION_PROFILE *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(SRTP_PROTECTION_PROFILE) *, sk), \ - (i))) - -#define sk_SRTP_PROTECTION_PROFILE_set(sk, i, p) \ - ((const SRTP_PROTECTION_PROFILE *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(SRTP_PROTECTION_PROFILE) *, sk), (i), \ - CHECKED_CAST(void *, const SRTP_PROTECTION_PROFILE *, p))) - -#define sk_SRTP_PROTECTION_PROFILE_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(SRTP_PROTECTION_PROFILE) *, sk)) - -#define sk_SRTP_PROTECTION_PROFILE_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(SRTP_PROTECTION_PROFILE) *, sk), \ - CHECKED_CAST(void (*)(void *), \ - void (*)(const SRTP_PROTECTION_PROFILE *), free_func)) - -#define sk_SRTP_PROTECTION_PROFILE_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(SRTP_PROTECTION_PROFILE) *, sk), \ - CHECKED_CAST(void *, const SRTP_PROTECTION_PROFILE *, p), (where)) - -#define sk_SRTP_PROTECTION_PROFILE_delete(sk, where) \ - ((const SRTP_PROTECTION_PROFILE *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(SRTP_PROTECTION_PROFILE) *, sk), \ - (where))) - -#define sk_SRTP_PROTECTION_PROFILE_delete_ptr(sk, p) \ - ((const SRTP_PROTECTION_PROFILE *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(SRTP_PROTECTION_PROFILE) *, sk), \ - CHECKED_CAST(void *, const SRTP_PROTECTION_PROFILE *, p))) - -#define sk_SRTP_PROTECTION_PROFILE_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(SRTP_PROTECTION_PROFILE) *, sk), \ - (out_index), \ - CHECKED_CAST(void *, const SRTP_PROTECTION_PROFILE *, p)) - -#define sk_SRTP_PROTECTION_PROFILE_shift(sk) \ - ((const SRTP_PROTECTION_PROFILE *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(SRTP_PROTECTION_PROFILE) *, sk))) - -#define sk_SRTP_PROTECTION_PROFILE_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(SRTP_PROTECTION_PROFILE) *, sk), \ - CHECKED_CAST(void *, const SRTP_PROTECTION_PROFILE *, p)) - -#define sk_SRTP_PROTECTION_PROFILE_pop(sk) \ - ((const SRTP_PROTECTION_PROFILE *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(SRTP_PROTECTION_PROFILE) *, sk))) - -#define sk_SRTP_PROTECTION_PROFILE_dup(sk) \ - ((STACK_OF(SRTP_PROTECTION_PROFILE) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(SRTP_PROTECTION_PROFILE) *, sk))) - -#define sk_SRTP_PROTECTION_PROFILE_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(SRTP_PROTECTION_PROFILE) *, sk)) - -#define sk_SRTP_PROTECTION_PROFILE_is_sorted(sk) \ - sk_is_sorted( \ - CHECKED_CAST(_STACK *, const STACK_OF(SRTP_PROTECTION_PROFILE) *, sk)) - -#define sk_SRTP_PROTECTION_PROFILE_set_cmp_func(sk, comp) \ - ((int (*)(const SRTP_PROTECTION_PROFILE **a, \ - const SRTP_PROTECTION_PROFILE **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(SRTP_PROTECTION_PROFILE) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const SRTP_PROTECTION_PROFILE **a, \ - const SRTP_PROTECTION_PROFILE **b), \ - comp))) - -#define sk_SRTP_PROTECTION_PROFILE_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(SRTP_PROTECTION_PROFILE) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(SRTP_PROTECTION_PROFILE) *, \ - sk), \ - CHECKED_CAST(void *(*)(void *), const SRTP_PROTECTION_PROFILE *(*)( \ - const SRTP_PROTECTION_PROFILE *), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), \ - void (*)(const SRTP_PROTECTION_PROFILE *), free_func))) - -/* SSL_CIPHER */ -#define sk_SSL_CIPHER_new(comp) \ - ((STACK_OF(SSL_CIPHER) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const const SSL_CIPHER **a, const const SSL_CIPHER **b), comp))) - -#define sk_SSL_CIPHER_new_null() ((STACK_OF(SSL_CIPHER) *)sk_new_null()) - -#define sk_SSL_CIPHER_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(SSL_CIPHER) *, sk)) - -#define sk_SSL_CIPHER_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(SSL_CIPHER) *, sk)); - -#define sk_SSL_CIPHER_value(sk, i) \ - ((const SSL_CIPHER *)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(SSL_CIPHER) *, sk), (i))) - -#define sk_SSL_CIPHER_set(sk, i, p) \ - ((const SSL_CIPHER *)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(SSL_CIPHER) *, sk), (i), \ - CHECKED_CAST(void *, const SSL_CIPHER *, p))) - -#define sk_SSL_CIPHER_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(SSL_CIPHER) *, sk)) - -#define sk_SSL_CIPHER_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(SSL_CIPHER) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(const SSL_CIPHER *), free_func)) - -#define sk_SSL_CIPHER_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(SSL_CIPHER) *, sk), \ - CHECKED_CAST(void *, const SSL_CIPHER *, p), (where)) - -#define sk_SSL_CIPHER_delete(sk, where) \ - ((const SSL_CIPHER *)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(SSL_CIPHER) *, sk), (where))) - -#define sk_SSL_CIPHER_delete_ptr(sk, p) \ - ((const SSL_CIPHER *)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(SSL_CIPHER) *, sk), \ - CHECKED_CAST(void *, const SSL_CIPHER *, p))) - -#define sk_SSL_CIPHER_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(SSL_CIPHER) *, sk), (out_index), \ - CHECKED_CAST(void *, const SSL_CIPHER *, p)) - -#define sk_SSL_CIPHER_shift(sk) \ - ((const SSL_CIPHER *)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(SSL_CIPHER) *, sk))) - -#define sk_SSL_CIPHER_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(SSL_CIPHER) *, sk), \ - CHECKED_CAST(void *, const SSL_CIPHER *, p)) - -#define sk_SSL_CIPHER_pop(sk) \ - ((const SSL_CIPHER *)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(SSL_CIPHER) *, sk))) - -#define sk_SSL_CIPHER_dup(sk) \ - ((STACK_OF(SSL_CIPHER) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(SSL_CIPHER) *, sk))) - -#define sk_SSL_CIPHER_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(SSL_CIPHER) *, sk)) - -#define sk_SSL_CIPHER_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(SSL_CIPHER) *, sk)) - -#define sk_SSL_CIPHER_set_cmp_func(sk, comp) \ - ((int (*)(const SSL_CIPHER **a, const SSL_CIPHER **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(SSL_CIPHER) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const SSL_CIPHER **a, const SSL_CIPHER **b), \ - comp))) - -#define sk_SSL_CIPHER_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(SSL_CIPHER) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(SSL_CIPHER) *, sk), \ - CHECKED_CAST(void *(*)(void *), \ - const SSL_CIPHER *(*)(const SSL_CIPHER *), copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(const SSL_CIPHER *), \ - free_func))) - -/* OPENSSL_STRING */ -#define sk_OPENSSL_STRING_new(comp) \ - ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, \ - int (*)(const OPENSSL_STRING *a, const OPENSSL_STRING *b), comp))) - -#define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null()) - -#define sk_OPENSSL_STRING_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_STRING) *, sk)) - -#define sk_OPENSSL_STRING_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_STRING) *, sk)); - -#define sk_OPENSSL_STRING_value(sk, i) \ - ((OPENSSL_STRING)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(OPENSSL_STRING) *, sk), (i))) - -#define sk_OPENSSL_STRING_set(sk, i, p) \ - ((OPENSSL_STRING)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_STRING) *, sk), (i), \ - CHECKED_CAST(void *, OPENSSL_STRING, p))) - -#define sk_OPENSSL_STRING_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_STRING) *, sk)) - -#define sk_OPENSSL_STRING_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_STRING) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(OPENSSL_STRING), free_func)) - -#define sk_OPENSSL_STRING_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_STRING) *, sk), \ - CHECKED_CAST(void *, OPENSSL_STRING, p), (where)) - -#define sk_OPENSSL_STRING_delete(sk, where) \ - ((OPENSSL_STRING)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_STRING) *, sk), (where))) - -#define sk_OPENSSL_STRING_delete_ptr(sk, p) \ - ((OPENSSL_STRING)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_STRING) *, sk), \ - CHECKED_CAST(void *, OPENSSL_STRING, p))) - -#define sk_OPENSSL_STRING_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_STRING) *, sk), (out_index), \ - CHECKED_CAST(void *, OPENSSL_STRING, p)) - -#define sk_OPENSSL_STRING_shift(sk) \ - ((OPENSSL_STRING)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_STRING) *, sk))) - -#define sk_OPENSSL_STRING_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_STRING) *, sk), \ - CHECKED_CAST(void *, OPENSSL_STRING, p)) - -#define sk_OPENSSL_STRING_pop(sk) \ - ((OPENSSL_STRING)sk_pop( \ - CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_STRING) *, sk))) - -#define sk_OPENSSL_STRING_dup(sk) \ - ((STACK_OF(OPENSSL_STRING) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(OPENSSL_STRING) *, sk))) - -#define sk_OPENSSL_STRING_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_STRING) *, sk)) - -#define sk_OPENSSL_STRING_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(OPENSSL_STRING) *, sk)) - -#define sk_OPENSSL_STRING_set_cmp_func(sk, comp) \ - ((int (*)(const OPENSSL_STRING **a, const OPENSSL_STRING **b)) \ - sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_STRING) *, sk), \ - CHECKED_CAST(stack_cmp_func, int (*)(const OPENSSL_STRING **a, \ - const OPENSSL_STRING **b), \ - comp))) - -#define sk_OPENSSL_STRING_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(OPENSSL_STRING) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(OPENSSL_STRING) *, sk), \ - CHECKED_CAST(void *(*)(void *), OPENSSL_STRING (*)(OPENSSL_STRING), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(OPENSSL_STRING), free_func))) - -/* OPENSSL_BLOCK */ -#define sk_OPENSSL_BLOCK_new(comp) \ - ((STACK_OF(OPENSSL_BLOCK) *)sk_new(CHECKED_CAST( \ - stack_cmp_func, int (*)(const OPENSSL_BLOCK *a, const OPENSSL_BLOCK *b), \ - comp))) - -#define sk_OPENSSL_BLOCK_new_null() ((STACK_OF(OPENSSL_BLOCK) *)sk_new_null()) - -#define sk_OPENSSL_BLOCK_num(sk) \ - sk_num(CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_BLOCK) *, sk)) - -#define sk_OPENSSL_BLOCK_zero(sk) \ - sk_zero(CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_BLOCK) *, sk)); - -#define sk_OPENSSL_BLOCK_value(sk, i) \ - ((OPENSSL_BLOCK)sk_value( \ - CHECKED_CAST(_STACK *, const STACK_OF(OPENSSL_BLOCK) *, sk), (i))) - -#define sk_OPENSSL_BLOCK_set(sk, i, p) \ - ((OPENSSL_BLOCK)sk_set( \ - CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_BLOCK) *, sk), (i), \ - CHECKED_CAST(void *, OPENSSL_BLOCK, p))) - -#define sk_OPENSSL_BLOCK_free(sk) \ - sk_free(CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_BLOCK) *, sk)) - -#define sk_OPENSSL_BLOCK_pop_free(sk, free_func) \ - sk_pop_free( \ - CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_BLOCK) *, sk), \ - CHECKED_CAST(void (*)(void *), void (*)(OPENSSL_BLOCK), free_func)) - -#define sk_OPENSSL_BLOCK_insert(sk, p, where) \ - sk_insert(CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_BLOCK) *, sk), \ - CHECKED_CAST(void *, OPENSSL_BLOCK, p), (where)) - -#define sk_OPENSSL_BLOCK_delete(sk, where) \ - ((OPENSSL_BLOCK)sk_delete( \ - CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_BLOCK) *, sk), (where))) - -#define sk_OPENSSL_BLOCK_delete_ptr(sk, p) \ - ((OPENSSL_BLOCK)sk_delete_ptr( \ - CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_BLOCK) *, sk), \ - CHECKED_CAST(void *, OPENSSL_BLOCK, p))) - -#define sk_OPENSSL_BLOCK_find(sk, out_index, p) \ - sk_find(CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_BLOCK) *, sk), (out_index), \ - CHECKED_CAST(void *, OPENSSL_BLOCK, p)) - -#define sk_OPENSSL_BLOCK_shift(sk) \ - ((OPENSSL_BLOCK)sk_shift( \ - CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_BLOCK) *, sk))) - -#define sk_OPENSSL_BLOCK_push(sk, p) \ - sk_push(CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_BLOCK) *, sk), \ - CHECKED_CAST(void *, OPENSSL_BLOCK, p)) - -#define sk_OPENSSL_BLOCK_pop(sk) \ - ((OPENSSL_BLOCK)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_BLOCK) *, sk))) - -#define sk_OPENSSL_BLOCK_dup(sk) \ - ((STACK_OF(OPENSSL_BLOCK) *)sk_dup( \ - CHECKED_CAST(_STACK *, const STACK_OF(OPENSSL_BLOCK) *, sk))) - -#define sk_OPENSSL_BLOCK_sort(sk) \ - sk_sort(CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_BLOCK) *, sk)) - -#define sk_OPENSSL_BLOCK_is_sorted(sk) \ - sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(OPENSSL_BLOCK) *, sk)) - -#define sk_OPENSSL_BLOCK_set_cmp_func(sk, comp) \ - ((int (*)(const OPENSSL_BLOCK **a, const OPENSSL_BLOCK **b))sk_set_cmp_func( \ - CHECKED_CAST(_STACK *, STACK_OF(OPENSSL_BLOCK) *, sk), \ - CHECKED_CAST(stack_cmp_func, \ - int (*)(const OPENSSL_BLOCK **a, const OPENSSL_BLOCK **b), \ - comp))) - -#define sk_OPENSSL_BLOCK_deep_copy(sk, copy_func, free_func) \ - ((STACK_OF(OPENSSL_BLOCK) *)sk_deep_copy( \ - CHECKED_CAST(const _STACK *, const STACK_OF(OPENSSL_BLOCK) *, sk), \ - CHECKED_CAST(void *(*)(void *), OPENSSL_BLOCK (*)(OPENSSL_BLOCK), \ - copy_func), \ - CHECKED_CAST(void (*)(void *), void (*)(OPENSSL_BLOCK), free_func))) diff --git a/third_party/boringssl/include/openssl/thread.h b/third_party/boringssl/include/openssl/thread.h deleted file mode 100644 index 568a858332ac8c..00000000000000 --- a/third_party/boringssl/include/openssl/thread.h +++ /dev/null @@ -1,173 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_THREAD_H -#define OPENSSL_HEADER_THREAD_H - -#include - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -#if defined(OPENSSL_NO_THREADS) -typedef struct crypto_mutex_st {} CRYPTO_MUTEX; -#elif defined(OPENSSL_WINDOWS) -/* CRYPTO_MUTEX can appear in public header files so we really don't want to - * pull in windows.h. It's statically asserted that this structure is large - * enough to contain a Windows CRITICAL_SECTION by thread_win.c. */ -typedef union crypto_mutex_st { - double alignment; - uint8_t padding[4*sizeof(void*) + 2*sizeof(int)]; -} CRYPTO_MUTEX; -#elif defined(__MACH__) && defined(__APPLE__) -typedef pthread_rwlock_t CRYPTO_MUTEX; -#else -/* It is reasonable to include pthread.h on non-Windows systems, however the - * |pthread_rwlock_t| that we need is hidden under feature flags, and we can't - * ensure that we'll be able to get it. It's statically asserted that this - * structure is large enough to contain a |pthread_rwlock_t| by - * thread_pthread.c. */ -typedef union crypto_mutex_st { - double alignment; - uint8_t padding[3*sizeof(int) + 5*sizeof(unsigned) + 16 + 8]; -} CRYPTO_MUTEX; -#endif - -/* CRYPTO_refcount_t is the type of a reference count. - * - * Since some platforms use C11 atomics to access this, it should have the - * _Atomic qualifier. However, this header is included by C++ programs as well - * as C code that might not set -std=c11. So, in practice, it's not possible to - * do that. Instead we statically assert that the size and native alignment of - * a plain uint32_t and an _Atomic uint32_t are equal in refcount_c11.c. */ -typedef uint32_t CRYPTO_refcount_t; - - -/* Deprecated functions */ - -/* These defines do nothing but are provided to make old code easier to - * compile. */ -#define CRYPTO_LOCK 1 -#define CRYPTO_UNLOCK 2 -#define CRYPTO_READ 4 -#define CRYPTO_WRITE 8 - -/* CRYPTO_num_locks returns one. (This is non-zero that callers who allocate - * sizeof(lock) times this value don't get zero and then fail because malloc(0) - * returned NULL.) */ -OPENSSL_EXPORT int CRYPTO_num_locks(void); - -/* CRYPTO_set_locking_callback does nothing. */ -OPENSSL_EXPORT void CRYPTO_set_locking_callback( - void (*func)(int mode, int lock_num, const char *file, int line)); - -/* CRYPTO_set_add_lock_callback does nothing. */ -OPENSSL_EXPORT void CRYPTO_set_add_lock_callback(int (*func)( - int *num, int amount, int lock_num, const char *file, int line)); - -/* CRYPTO_get_lock_name returns a fixed, dummy string. */ -OPENSSL_EXPORT const char *CRYPTO_get_lock_name(int lock_num); - -/* CRYPTO_THREADID_set_callback returns one. */ -OPENSSL_EXPORT int CRYPTO_THREADID_set_callback( - void (*threadid_func)(CRYPTO_THREADID *threadid)); - -/* CRYPTO_THREADID_set_numeric does nothing. */ -OPENSSL_EXPORT void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, - unsigned long val); - -/* CRYPTO_THREADID_set_pointer does nothing. */ -OPENSSL_EXPORT void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr); - -/* CRYPTO_THREADID_current does nothing. */ -OPENSSL_EXPORT void CRYPTO_THREADID_current(CRYPTO_THREADID *id); - - -/* Private functions. - * - * Some old code calls these functions and so no-op implementations are - * provided. - * - * TODO(fork): cleanup callers and remove. */ - -OPENSSL_EXPORT void CRYPTO_set_id_callback(unsigned long (*func)(void)); - -typedef struct { - int references; - struct CRYPTO_dynlock_value *data; -} CRYPTO_dynlock; - -OPENSSL_EXPORT void CRYPTO_set_dynlock_create_callback( - struct CRYPTO_dynlock_value *(*dyn_create_function)(const char *file, - int line)); - -OPENSSL_EXPORT void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)( - int mode, struct CRYPTO_dynlock_value *l, const char *file, int line)); - -OPENSSL_EXPORT void CRYPTO_set_dynlock_destroy_callback( - void (*dyn_destroy_function)(struct CRYPTO_dynlock_value *l, - const char *file, int line)); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_THREAD_H */ diff --git a/third_party/boringssl/include/openssl/time_support.h b/third_party/boringssl/include/openssl/time_support.h deleted file mode 100644 index 912e6724152f7a..00000000000000 --- a/third_party/boringssl/include/openssl/time_support.h +++ /dev/null @@ -1,90 +0,0 @@ -/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL - * project 2001. - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 2008. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#ifndef OPENSSL_HEADER_TIME_H -#define OPENSSL_HEADER_TIME_H - -#include - - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* Wrapper functions for time functions. */ - - -/* OPENSSL_gmtime wraps |gmtime_r|. See the manual page for that function. */ -struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result); - -/* OPENSSL_gmtime_adj updates |tm| by adding |offset_day| days and |offset_sec| - * seconds. */ -int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec); - -/* OPENSSL_gmtime_diff calculates the difference between |from| and |to| and - * outputs the difference as a number of days and seconds in |*out_days| and - * |*out_secs|. */ -int OPENSSL_gmtime_diff(int *out_days, int *out_secs, const struct tm *from, - const struct tm *to); - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_TIME_H */ diff --git a/third_party/boringssl/include/openssl/tls1.h b/third_party/boringssl/include/openssl/tls1.h deleted file mode 100644 index f2bee2738f956e..00000000000000 --- a/third_party/boringssl/include/openssl/tls1.h +++ /dev/null @@ -1,714 +0,0 @@ -/* ssl/tls1.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the OpenSSL open source - * license provided above. - * - * ECC cipher suite support in OpenSSL originally written by - * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories. - * - */ -/* ==================================================================== - * Copyright 2005 Nokia. All rights reserved. - * - * The portions of the attached software ("Contribution") is developed by - * Nokia Corporation and is licensed pursuant to the OpenSSL open source - * license. - * - * The Contribution, originally written by Mika Kousa and Pasi Eronen of - * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites - * support (see RFC 4279) to OpenSSL. - * - * No patent licenses or other rights except those expressly stated in - * the OpenSSL open source license shall be deemed granted or received - * expressly, by implication, estoppel, or otherwise. - * - * No assurances are provided by Nokia that the Contribution does not - * infringe the patent or other intellectual property rights of any third - * party or that the license provides you with all the necessary rights - * to make use of the Contribution. - * - * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN - * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA - * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY - * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR - * OTHERWISE. - */ - -#ifndef HEADER_TLS1_H -#define HEADER_TLS1_H - -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 0 - -#define TLS1_AD_DECRYPTION_FAILED 21 -#define TLS1_AD_RECORD_OVERFLOW 22 -#define TLS1_AD_UNKNOWN_CA 48 /* fatal */ -#define TLS1_AD_ACCESS_DENIED 49 /* fatal */ -#define TLS1_AD_DECODE_ERROR 50 /* fatal */ -#define TLS1_AD_DECRYPT_ERROR 51 -#define TLS1_AD_EXPORT_RESTRICTION 60 /* fatal */ -#define TLS1_AD_PROTOCOL_VERSION 70 /* fatal */ -#define TLS1_AD_INSUFFICIENT_SECURITY 71 /* fatal */ -#define TLS1_AD_INTERNAL_ERROR 80 /* fatal */ -#define TLS1_AD_USER_CANCELLED 90 -#define TLS1_AD_NO_RENEGOTIATION 100 -/* codes 110-114 are from RFC3546 */ -#define TLS1_AD_UNSUPPORTED_EXTENSION 110 -#define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111 -#define TLS1_AD_UNRECOGNIZED_NAME 112 -#define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113 -#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114 -#define TLS1_AD_UNKNOWN_PSK_IDENTITY 115 /* fatal */ - -/* ExtensionType values from RFC3546 / RFC4366 / RFC6066 */ -#define TLSEXT_TYPE_server_name 0 -#define TLSEXT_TYPE_max_fragment_length 1 -#define TLSEXT_TYPE_client_certificate_url 2 -#define TLSEXT_TYPE_trusted_ca_keys 3 -#define TLSEXT_TYPE_truncated_hmac 4 -#define TLSEXT_TYPE_status_request 5 -/* ExtensionType values from RFC4681 */ -#define TLSEXT_TYPE_user_mapping 6 - -/* ExtensionType values from RFC5878 */ -#define TLSEXT_TYPE_client_authz 7 -#define TLSEXT_TYPE_server_authz 8 - -/* ExtensionType values from RFC6091 */ -#define TLSEXT_TYPE_cert_type 9 - -/* ExtensionType values from RFC4492 */ -#define TLSEXT_TYPE_elliptic_curves 10 -#define TLSEXT_TYPE_ec_point_formats 11 - -/* ExtensionType value from RFC5054 */ -#define TLSEXT_TYPE_srp 12 - -/* ExtensionType values from RFC5246 */ -#define TLSEXT_TYPE_signature_algorithms 13 - -/* ExtensionType value from RFC5764 */ -#define TLSEXT_TYPE_use_srtp 14 - -/* ExtensionType value from RFC5620 */ -#define TLSEXT_TYPE_heartbeat 15 - -/* ExtensionType value from RFC7301 */ -#define TLSEXT_TYPE_application_layer_protocol_negotiation 16 - -/* ExtensionType value for TLS padding extension. - * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml - * http://tools.ietf.org/html/draft-agl-tls-padding-03 - */ -#define TLSEXT_TYPE_padding 21 - -/* https://tools.ietf.org/html/draft-ietf-tls-session-hash-01 */ -#define TLSEXT_TYPE_extended_master_secret 23 - -/* ExtensionType value from RFC4507 */ -#define TLSEXT_TYPE_session_ticket 35 - -/* ExtensionType value from RFC5746 */ -#define TLSEXT_TYPE_renegotiate 0xff01 - -/* ExtensionType value from RFC6962 */ -#define TLSEXT_TYPE_certificate_timestamp 18 - -/* This is not an IANA defined extension number */ -#define TLSEXT_TYPE_next_proto_neg 13172 - -/* This is not an IANA defined extension number */ -#define TLSEXT_TYPE_channel_id 30031 -#define TLSEXT_TYPE_channel_id_new 30032 - -/* NameType value from RFC 3546 */ -#define TLSEXT_NAMETYPE_host_name 0 -/* status request value from RFC 3546 */ -#define TLSEXT_STATUSTYPE_ocsp 1 - -/* ECPointFormat values from RFC 4492 */ -#define TLSEXT_ECPOINTFORMAT_uncompressed 0 -#define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1 -#define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2 - -/* Signature and hash algorithms from RFC 5246 */ - -#define TLSEXT_signature_anonymous 0 -#define TLSEXT_signature_rsa 1 -#define TLSEXT_signature_dsa 2 -#define TLSEXT_signature_ecdsa 3 - -#define TLSEXT_hash_none 0 -#define TLSEXT_hash_md5 1 -#define TLSEXT_hash_sha1 2 -#define TLSEXT_hash_sha224 3 -#define TLSEXT_hash_sha256 4 -#define TLSEXT_hash_sha384 5 -#define TLSEXT_hash_sha512 6 - -/* Flag set for unrecognised algorithms */ -#define TLSEXT_nid_unknown 0x1000000 - -/* ECC curves */ - -#define TLSEXT_curve_P_256 23 -#define TLSEXT_curve_P_384 24 - - -#define TLSEXT_MAXLEN_host_name 255 - -OPENSSL_EXPORT const char *SSL_get_servername(const SSL *s, const int type); -OPENSSL_EXPORT int SSL_get_servername_type(const SSL *s); - -/* SSL_export_keying_material exports a value derived from the master secret, as - * specified in RFC 5705. It writes |out_len| bytes to |out| given a label and - * optional context. (Since a zero length context is allowed, the |use_context| - * flag controls whether a context is included.) - * - * It returns one on success and zero otherwise. */ -OPENSSL_EXPORT int SSL_export_keying_material( - SSL *s, uint8_t *out, size_t out_len, const char *label, size_t label_len, - const uint8_t *context, size_t context_len, int use_context); - -OPENSSL_EXPORT int SSL_get_sigalgs(SSL *s, int idx, int *psign, int *phash, - int *psignandhash, uint8_t *rsig, - uint8_t *rhash); - -OPENSSL_EXPORT int SSL_get_shared_sigalgs(SSL *s, int idx, int *psign, - int *phash, int *psignandhash, - uint8_t *rsig, uint8_t *rhash); - -/* SSL_set_tlsext_host_name, for a client, configures |ssl| to advertise |name| - * in the server_name extension. It returns one on success and zero on error. */ -OPENSSL_EXPORT int SSL_set_tlsext_host_name(SSL *ssl, const char *name); - -/* SSL_CTX_set_tlsext_servername_callback configures |callback| to be called on - * the server after ClientHello extensions have been parsed and returns one. - * |callback| may use |SSL_get_servername| to examine the server_name extension - * and return a |SSL_TLSEXT_ERR_*| value. If it returns |SSL_TLSEXT_ERR_NOACK|, - * the server_name extension is not acknowledged in the ServerHello. If the - * return value signals an alert, |callback| should set |*out_alert| to the - * alert to send. */ -OPENSSL_EXPORT int SSL_CTX_set_tlsext_servername_callback( - SSL_CTX *ctx, int (*callback)(SSL *ssl, int *out_alert, void *arg)); - -#define SSL_TLSEXT_ERR_OK 0 -#define SSL_TLSEXT_ERR_ALERT_WARNING 1 -#define SSL_TLSEXT_ERR_ALERT_FATAL 2 -#define SSL_TLSEXT_ERR_NOACK 3 - -/* SSL_CTX_set_tlsext_servername_arg sets the argument to the servername - * callback and returns one. See |SSL_CTX_set_tlsext_servername_callback|. */ -OPENSSL_EXPORT int SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg); - -#define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \ - SSL_CTX_ctrl((ctx), SSL_CTRL_GET_TLSEXT_TICKET_KEYS, (keylen), (keys)) -#define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \ - SSL_CTX_ctrl((ctx), SSL_CTRL_SET_TLSEXT_TICKET_KEYS, (keylen), (keys)) - -/* SSL_CTX_set_tlsext_ticket_key_cb sets the ticket callback to |callback| and - * returns one. |callback| will be called when encrypting a new ticket and when - * decrypting a ticket from the client. - * - * In both modes, |ctx| and |hmac_ctx| will already have been initialized with - * |EVP_CIPHER_CTX_init| and |HMAC_CTX_init|, respectively. |callback| - * configures |hmac_ctx| with an HMAC digest and key, and configures |ctx| - * for encryption or decryption, based on the mode. - * - * When encrypting a new ticket, |encrypt| will be one. It writes a public - * 16-byte key name to |key_name| and a fresh IV to |iv|. The output IV length - * must match |EVP_CIPHER_CTX_iv_length| of the cipher selected. In this mode, - * |callback| returns 1 on success and -1 on error. - * - * When decrypting a ticket, |encrypt| will be zero. |key_name| will point to a - * 16-byte key name and |iv| points to an IV. The length of the IV consumed must - * match |EVP_CIPHER_CTX_iv_length| of the cipher selected. In this mode, - * |callback| returns -1 to abort the handshake, 0 if decrypting the ticket - * failed, and 1 or 2 on success. If it returns 2, the ticket will be renewed. - * This may be used to re-key the ticket. - * - * WARNING: |callback| wildly breaks the usual return value convention and is - * called in two different modes. */ -OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_key_cb( - SSL_CTX *ctx, int (*callback)(SSL *ssl, uint8_t *key_name, uint8_t *iv, - EVP_CIPHER_CTX *ctx, HMAC_CTX *hmac_ctx, - int encrypt)); - -/* PSK ciphersuites from 4279 */ -#define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A -#define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008B -#define TLS1_CK_PSK_WITH_AES_128_CBC_SHA 0x0300008C -#define TLS1_CK_PSK_WITH_AES_256_CBC_SHA 0x0300008D - -/* PSK ciphersuites from RFC 5489 */ -#define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA 0x0300C035 -#define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA 0x0300C036 - -/* Additional TLS ciphersuites from expired Internet Draft - * draft-ietf-tls-56-bit-ciphersuites-01.txt - * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see - * s3_lib.c). We actually treat them like SSL 3.0 ciphers, which we probably - * shouldn't. Note that the first two are actually not in the IDs. */ -#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060 /* not in ID */ -#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061 /* not in ID */ -#define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x03000062 -#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x03000063 -#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064 -#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065 -#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066 - -/* AES ciphersuites from RFC3268 */ - -#define TLS1_CK_RSA_WITH_AES_128_SHA 0x0300002F -#define TLS1_CK_DH_DSS_WITH_AES_128_SHA 0x03000030 -#define TLS1_CK_DH_RSA_WITH_AES_128_SHA 0x03000031 -#define TLS1_CK_DHE_DSS_WITH_AES_128_SHA 0x03000032 -#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA 0x03000033 -#define TLS1_CK_ADH_WITH_AES_128_SHA 0x03000034 - -#define TLS1_CK_RSA_WITH_AES_256_SHA 0x03000035 -#define TLS1_CK_DH_DSS_WITH_AES_256_SHA 0x03000036 -#define TLS1_CK_DH_RSA_WITH_AES_256_SHA 0x03000037 -#define TLS1_CK_DHE_DSS_WITH_AES_256_SHA 0x03000038 -#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA 0x03000039 -#define TLS1_CK_ADH_WITH_AES_256_SHA 0x0300003A - -/* TLS v1.2 ciphersuites */ -#define TLS1_CK_RSA_WITH_NULL_SHA256 0x0300003B -#define TLS1_CK_RSA_WITH_AES_128_SHA256 0x0300003C -#define TLS1_CK_RSA_WITH_AES_256_SHA256 0x0300003D -#define TLS1_CK_DH_DSS_WITH_AES_128_SHA256 0x0300003E -#define TLS1_CK_DH_RSA_WITH_AES_128_SHA256 0x0300003F -#define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 0x03000040 - -/* Camellia ciphersuites from RFC4132 */ -#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000041 -#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000042 -#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000043 -#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA 0x03000044 -#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x03000045 -#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA 0x03000046 - -/* TLS v1.2 ciphersuites */ -#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 0x03000067 -#define TLS1_CK_DH_DSS_WITH_AES_256_SHA256 0x03000068 -#define TLS1_CK_DH_RSA_WITH_AES_256_SHA256 0x03000069 -#define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 0x0300006A -#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 0x0300006B -#define TLS1_CK_ADH_WITH_AES_128_SHA256 0x0300006C -#define TLS1_CK_ADH_WITH_AES_256_SHA256 0x0300006D - -/* Camellia ciphersuites from RFC4132 */ -#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000084 -#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000085 -#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000086 -#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA 0x03000087 -#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x03000088 -#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA 0x03000089 - -/* SEED ciphersuites from RFC4162 */ -#define TLS1_CK_RSA_WITH_SEED_SHA 0x03000096 -#define TLS1_CK_DH_DSS_WITH_SEED_SHA 0x03000097 -#define TLS1_CK_DH_RSA_WITH_SEED_SHA 0x03000098 -#define TLS1_CK_DHE_DSS_WITH_SEED_SHA 0x03000099 -#define TLS1_CK_DHE_RSA_WITH_SEED_SHA 0x0300009A -#define TLS1_CK_ADH_WITH_SEED_SHA 0x0300009B - -/* TLS v1.2 GCM ciphersuites from RFC5288 */ -#define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 0x0300009C -#define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 0x0300009D -#define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 0x0300009E -#define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 0x0300009F -#define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 0x030000A0 -#define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 0x030000A1 -#define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 0x030000A2 -#define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 0x030000A3 -#define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 0x030000A4 -#define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 0x030000A5 -#define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 0x030000A6 -#define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 0x030000A7 - -/* ECC ciphersuites from RFC4492 */ -#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA 0x0300C001 -#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA 0x0300C002 -#define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C003 -#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0x0300C004 -#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0x0300C005 - -#define TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA 0x0300C006 -#define TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA 0x0300C007 -#define TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA 0x0300C008 -#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0x0300C009 -#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0x0300C00A - -#define TLS1_CK_ECDH_RSA_WITH_NULL_SHA 0x0300C00B -#define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA 0x0300C00C -#define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA 0x0300C00D -#define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA 0x0300C00E -#define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA 0x0300C00F - -#define TLS1_CK_ECDHE_RSA_WITH_NULL_SHA 0x0300C010 -#define TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA 0x0300C011 -#define TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA 0x0300C012 -#define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA 0x0300C013 -#define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA 0x0300C014 - -#define TLS1_CK_ECDH_anon_WITH_NULL_SHA 0x0300C015 -#define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA 0x0300C016 -#define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA 0x0300C017 -#define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA 0x0300C018 -#define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA 0x0300C019 - -/* SRP ciphersuites from RFC 5054 */ -#define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA 0x0300C01A -#define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA 0x0300C01B -#define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA 0x0300C01C -#define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA 0x0300C01D -#define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA 0x0300C01E -#define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA 0x0300C01F -#define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA 0x0300C020 -#define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA 0x0300C021 -#define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA 0x0300C022 - -/* ECDH HMAC based ciphersuites from RFC5289 */ - -#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 0x0300C023 -#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 0x0300C024 -#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 0x0300C025 -#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 0x0300C026 -#define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 0x0300C027 -#define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 0x0300C028 -#define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 0x0300C029 -#define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 0x0300C02A - -/* ECDH GCM based ciphersuites from RFC5289 */ -#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02B -#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02C -#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0x0300C02D -#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0x0300C02E -#define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0x0300C02F -#define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0x0300C030 -#define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 0x0300C031 -#define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 0x0300C032 - -#define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305 0x0300CC13 -#define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305 0x0300CC14 -#define TLS1_CK_DHE_RSA_CHACHA20_POLY1305 0x0300CC15 - -/* XXX - * Inconsistency alert: - * The OpenSSL names of ciphers with ephemeral DH here include the string - * "DHE", while elsewhere it has always been "EDH". - * (The alias for the list of all such ciphers also is "EDH".) - * The specifications speak of "EDH"; maybe we should allow both forms - * for everything. */ -#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5 "EXP1024-RC4-MD5" -#define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 "EXP1024-RC2-CBC-MD5" -#define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DES-CBC-SHA" -#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA \ - "EXP1024-DHE-DSS-DES-CBC-SHA" -#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA" -#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA" -#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA" - -/* AES ciphersuites from RFC3268 */ -#define TLS1_TXT_RSA_WITH_AES_128_SHA "AES128-SHA" -#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA "DH-DSS-AES128-SHA" -#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA "DH-RSA-AES128-SHA" -#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA "DHE-DSS-AES128-SHA" -#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA "DHE-RSA-AES128-SHA" -#define TLS1_TXT_ADH_WITH_AES_128_SHA "ADH-AES128-SHA" - -#define TLS1_TXT_RSA_WITH_AES_256_SHA "AES256-SHA" -#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA "DH-DSS-AES256-SHA" -#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA "DH-RSA-AES256-SHA" -#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA "DHE-DSS-AES256-SHA" -#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA "DHE-RSA-AES256-SHA" -#define TLS1_TXT_ADH_WITH_AES_256_SHA "ADH-AES256-SHA" - -/* ECC ciphersuites from RFC4492 */ -#define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA "ECDH-ECDSA-NULL-SHA" -#define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA "ECDH-ECDSA-RC4-SHA" -#define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA "ECDH-ECDSA-DES-CBC3-SHA" -#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA "ECDH-ECDSA-AES128-SHA" -#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA "ECDH-ECDSA-AES256-SHA" - -#define TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA "ECDHE-ECDSA-NULL-SHA" -#define TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA "ECDHE-ECDSA-RC4-SHA" -#define TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA "ECDHE-ECDSA-DES-CBC3-SHA" -#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA "ECDHE-ECDSA-AES128-SHA" -#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA "ECDHE-ECDSA-AES256-SHA" - -#define TLS1_TXT_ECDH_RSA_WITH_NULL_SHA "ECDH-RSA-NULL-SHA" -#define TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA "ECDH-RSA-RC4-SHA" -#define TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA "ECDH-RSA-DES-CBC3-SHA" -#define TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA "ECDH-RSA-AES128-SHA" -#define TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA "ECDH-RSA-AES256-SHA" - -#define TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA "ECDHE-RSA-NULL-SHA" -#define TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA "ECDHE-RSA-RC4-SHA" -#define TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA "ECDHE-RSA-DES-CBC3-SHA" -#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA "ECDHE-RSA-AES128-SHA" -#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA "ECDHE-RSA-AES256-SHA" - -#define TLS1_TXT_ECDH_anon_WITH_NULL_SHA "AECDH-NULL-SHA" -#define TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA "AECDH-RC4-SHA" -#define TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA "AECDH-DES-CBC3-SHA" -#define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA "AECDH-AES128-SHA" -#define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA "AECDH-AES256-SHA" - -/* PSK ciphersuites from RFC 4279 */ -#define TLS1_TXT_PSK_WITH_RC4_128_SHA "PSK-RC4-SHA" -#define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA "PSK-3DES-EDE-CBC-SHA" -#define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA" -#define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA" - -/* PSK ciphersuites from RFC 5489 */ -#define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA "ECDHE-PSK-AES128-CBC-SHA" -#define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA "ECDHE-PSK-AES256-CBC-SHA" - -/* SRP ciphersuite from RFC 5054 */ -#define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA" -#define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA" -#define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA "SRP-DSS-3DES-EDE-CBC-SHA" -#define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA "SRP-AES-128-CBC-SHA" -#define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA "SRP-RSA-AES-128-CBC-SHA" -#define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA "SRP-DSS-AES-128-CBC-SHA" -#define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA "SRP-AES-256-CBC-SHA" -#define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA "SRP-RSA-AES-256-CBC-SHA" -#define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA "SRP-DSS-AES-256-CBC-SHA" - -/* Camellia ciphersuites from RFC4132 */ -#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA "CAMELLIA128-SHA" -#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA "DH-DSS-CAMELLIA128-SHA" -#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA "DH-RSA-CAMELLIA128-SHA" -#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA "DHE-DSS-CAMELLIA128-SHA" -#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA "DHE-RSA-CAMELLIA128-SHA" -#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA "ADH-CAMELLIA128-SHA" - -#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA "CAMELLIA256-SHA" -#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA "DH-DSS-CAMELLIA256-SHA" -#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA "DH-RSA-CAMELLIA256-SHA" -#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA "DHE-DSS-CAMELLIA256-SHA" -#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA "DHE-RSA-CAMELLIA256-SHA" -#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA "ADH-CAMELLIA256-SHA" - -/* SEED ciphersuites from RFC4162 */ -#define TLS1_TXT_RSA_WITH_SEED_SHA "SEED-SHA" -#define TLS1_TXT_DH_DSS_WITH_SEED_SHA "DH-DSS-SEED-SHA" -#define TLS1_TXT_DH_RSA_WITH_SEED_SHA "DH-RSA-SEED-SHA" -#define TLS1_TXT_DHE_DSS_WITH_SEED_SHA "DHE-DSS-SEED-SHA" -#define TLS1_TXT_DHE_RSA_WITH_SEED_SHA "DHE-RSA-SEED-SHA" -#define TLS1_TXT_ADH_WITH_SEED_SHA "ADH-SEED-SHA" - -/* TLS v1.2 ciphersuites */ -#define TLS1_TXT_RSA_WITH_NULL_SHA256 "NULL-SHA256" -#define TLS1_TXT_RSA_WITH_AES_128_SHA256 "AES128-SHA256" -#define TLS1_TXT_RSA_WITH_AES_256_SHA256 "AES256-SHA256" -#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 "DH-DSS-AES128-SHA256" -#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 "DH-RSA-AES128-SHA256" -#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 "DHE-DSS-AES128-SHA256" -#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 "DHE-RSA-AES128-SHA256" -#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 "DH-DSS-AES256-SHA256" -#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 "DH-RSA-AES256-SHA256" -#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 "DHE-DSS-AES256-SHA256" -#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 "DHE-RSA-AES256-SHA256" -#define TLS1_TXT_ADH_WITH_AES_128_SHA256 "ADH-AES128-SHA256" -#define TLS1_TXT_ADH_WITH_AES_256_SHA256 "ADH-AES256-SHA256" - -/* TLS v1.2 GCM ciphersuites from RFC5288 */ -#define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 "AES128-GCM-SHA256" -#define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 "AES256-GCM-SHA384" -#define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 "DHE-RSA-AES128-GCM-SHA256" -#define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 "DHE-RSA-AES256-GCM-SHA384" -#define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 "DH-RSA-AES128-GCM-SHA256" -#define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 "DH-RSA-AES256-GCM-SHA384" -#define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 "DHE-DSS-AES128-GCM-SHA256" -#define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 "DHE-DSS-AES256-GCM-SHA384" -#define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 "DH-DSS-AES128-GCM-SHA256" -#define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 "DH-DSS-AES256-GCM-SHA384" -#define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 "ADH-AES128-GCM-SHA256" -#define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 "ADH-AES256-GCM-SHA384" - -/* ECDH HMAC based ciphersuites from RFC5289 */ - -#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 "ECDHE-ECDSA-AES128-SHA256" -#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 "ECDHE-ECDSA-AES256-SHA384" -#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 "ECDH-ECDSA-AES128-SHA256" -#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 "ECDH-ECDSA-AES256-SHA384" -#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 "ECDHE-RSA-AES128-SHA256" -#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 "ECDHE-RSA-AES256-SHA384" -#define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 "ECDH-RSA-AES128-SHA256" -#define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 "ECDH-RSA-AES256-SHA384" - -/* ECDH GCM based ciphersuites from RFC5289 */ -#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 \ - "ECDHE-ECDSA-AES128-GCM-SHA256" -#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 \ - "ECDHE-ECDSA-AES256-GCM-SHA384" -#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 \ - "ECDH-ECDSA-AES128-GCM-SHA256" -#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 \ - "ECDH-ECDSA-AES256-GCM-SHA384" -#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 "ECDHE-RSA-AES128-GCM-SHA256" -#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 "ECDHE-RSA-AES256-GCM-SHA384" -#define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 "ECDH-RSA-AES128-GCM-SHA256" -#define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 "ECDH-RSA-AES256-GCM-SHA384" - -#define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 "ECDHE-RSA-CHACHA20-POLY1305" -#define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 \ - "ECDHE-ECDSA-CHACHA20-POLY1305" -#define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 "DHE-RSA-CHACHA20-POLY1305" - -#define TLS_CT_RSA_SIGN 1 -#define TLS_CT_DSS_SIGN 2 -#define TLS_CT_RSA_FIXED_DH 3 -#define TLS_CT_DSS_FIXED_DH 4 -#define TLS_CT_ECDSA_SIGN 64 -#define TLS_CT_RSA_FIXED_ECDH 65 -#define TLS_CT_ECDSA_FIXED_ECDH 66 - -#define TLS_MD_MAX_CONST_SIZE 20 -#define TLS_MD_CLIENT_FINISH_CONST "client finished" -#define TLS_MD_CLIENT_FINISH_CONST_SIZE 15 -#define TLS_MD_SERVER_FINISH_CONST "server finished" -#define TLS_MD_SERVER_FINISH_CONST_SIZE 15 -#define TLS_MD_KEY_EXPANSION_CONST "key expansion" -#define TLS_MD_KEY_EXPANSION_CONST_SIZE 13 -#define TLS_MD_CLIENT_WRITE_KEY_CONST "client write key" -#define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16 -#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key" -#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16 -#define TLS_MD_IV_BLOCK_CONST "IV block" -#define TLS_MD_IV_BLOCK_CONST_SIZE 8 -#define TLS_MD_MASTER_SECRET_CONST "master secret" -#define TLS_MD_MASTER_SECRET_CONST_SIZE 13 -#define TLS_MD_EXTENDED_MASTER_SECRET_CONST "extended master secret" -#define TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE 22 - - -#ifdef __cplusplus -} -#endif -#endif diff --git a/third_party/boringssl/include/openssl/type_check.h b/third_party/boringssl/include/openssl/type_check.h deleted file mode 100644 index 674913a354a04c..00000000000000 --- a/third_party/boringssl/include/openssl/type_check.h +++ /dev/null @@ -1,91 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] */ - -#ifndef OPENSSL_HEADER_TYPE_CHECK_H -#define OPENSSL_HEADER_TYPE_CHECK_H - -#include - -#if defined(__cplusplus) -extern "C" { -#endif - - -/* This header file contains some common macros for enforcing type checking. - * Several, common OpenSSL structures (i.e. stack and lhash) operate on void - * pointers, but we wish to have type checking when they are used with a - * specific type. */ - -/* CHECKED_CAST casts |p| from type |from| to type |to|. */ -#define CHECKED_CAST(to, from, p) ((to) (1 ? (p) : (from)0)) - -/* CHECKED_PTR_OF casts a given pointer to void* and statically checks that it - * was a pointer to |type|. */ -#define CHECKED_PTR_OF(type, p) CHECKED_CAST(void*, type*, (p)) - -#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 201112L -#define OPENSSL_COMPILE_ASSERT(cond, msg) _Static_assert(cond, #msg) -#else -#define OPENSSL_COMPILE_ASSERT(cond, msg) \ - typedef char OPENSSL_COMPILE_ASSERT_##msg[((cond) ? 1 : -1)] -#endif - - -#if defined(__cplusplus) -} /* extern C */ -#endif - -#endif /* OPENSSL_HEADER_TYPE_CHECK_H */ diff --git a/third_party/boringssl/include/openssl/x509.h b/third_party/boringssl/include/openssl/x509.h deleted file mode 100644 index 69c7da64e840d7..00000000000000 --- a/third_party/boringssl/include/openssl/x509.h +++ /dev/null @@ -1,1317 +0,0 @@ -/* crypto/x509/x509.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#ifndef HEADER_X509_H -#define HEADER_X509_H - -#include - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -#define X509_FILETYPE_PEM 1 -#define X509_FILETYPE_ASN1 2 -#define X509_FILETYPE_DEFAULT 3 - -#define X509v3_KU_DIGITAL_SIGNATURE 0x0080 -#define X509v3_KU_NON_REPUDIATION 0x0040 -#define X509v3_KU_KEY_ENCIPHERMENT 0x0020 -#define X509v3_KU_DATA_ENCIPHERMENT 0x0010 -#define X509v3_KU_KEY_AGREEMENT 0x0008 -#define X509v3_KU_KEY_CERT_SIGN 0x0004 -#define X509v3_KU_CRL_SIGN 0x0002 -#define X509v3_KU_ENCIPHER_ONLY 0x0001 -#define X509v3_KU_DECIPHER_ONLY 0x8000 -#define X509v3_KU_UNDEF 0xffff - -typedef struct X509_objects_st - { - int nid; - int (*a2i)(void); - int (*i2a)(void); - } X509_OBJECTS; - -DECLARE_ASN1_SET_OF(X509_ALGOR) - -typedef STACK_OF(X509_ALGOR) X509_ALGORS; - -typedef struct X509_val_st - { - ASN1_TIME *notBefore; - ASN1_TIME *notAfter; - } X509_VAL; - -struct X509_pubkey_st - { - X509_ALGOR *algor; - ASN1_BIT_STRING *public_key; - EVP_PKEY *pkey; - }; - -typedef struct X509_sig_st - { - X509_ALGOR *algor; - ASN1_OCTET_STRING *digest; - } X509_SIG; - -typedef struct X509_name_entry_st - { - ASN1_OBJECT *object; - ASN1_STRING *value; - int set; - int size; /* temp variable */ - } X509_NAME_ENTRY; - -DECLARE_STACK_OF(X509_NAME_ENTRY) -DECLARE_ASN1_SET_OF(X509_NAME_ENTRY) - -/* we always keep X509_NAMEs in 2 forms. */ -typedef struct X509_name_st - { - STACK_OF(X509_NAME_ENTRY) *entries; - int modified; /* true if 'bytes' needs to be built */ -#ifndef OPENSSL_NO_BUFFER - BUF_MEM *bytes; -#else - char *bytes; -#endif -/* unsigned long hash; Keep the hash around for lookups */ - unsigned char *canon_enc; - int canon_enclen; - } X509_NAME; - -DECLARE_STACK_OF(X509_NAME) - -#define X509_EX_V_NETSCAPE_HACK 0x8000 -#define X509_EX_V_INIT 0x0001 -typedef struct X509_extension_st - { - ASN1_OBJECT *object; - ASN1_BOOLEAN critical; - ASN1_OCTET_STRING *value; - } X509_EXTENSION; - -typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS; - -DECLARE_STACK_OF(X509_EXTENSION) -DECLARE_ASN1_SET_OF(X509_EXTENSION) - -/* a sequence of these are used */ -typedef struct x509_attributes_st - { - ASN1_OBJECT *object; - int single; /* 0 for a set, 1 for a single item (which is wrong) */ - union { - char *ptr; -/* 0 */ STACK_OF(ASN1_TYPE) *set; -/* 1 */ ASN1_TYPE *single; - } value; - } X509_ATTRIBUTE; - -DECLARE_STACK_OF(X509_ATTRIBUTE) -DECLARE_ASN1_SET_OF(X509_ATTRIBUTE) - - -typedef struct X509_req_info_st - { - ASN1_ENCODING enc; - ASN1_INTEGER *version; - X509_NAME *subject; - X509_PUBKEY *pubkey; - /* d=2 hl=2 l= 0 cons: cont: 00 */ - STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ - } X509_REQ_INFO; - -typedef struct X509_req_st - { - X509_REQ_INFO *req_info; - X509_ALGOR *sig_alg; - ASN1_BIT_STRING *signature; - CRYPTO_refcount_t references; - } X509_REQ; - -typedef struct x509_cinf_st - { - ASN1_INTEGER *version; /* [ 0 ] default of v1 */ - ASN1_INTEGER *serialNumber; - X509_ALGOR *signature; - X509_NAME *issuer; - X509_VAL *validity; - X509_NAME *subject; - X509_PUBKEY *key; - ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ - ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ - STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ - ASN1_ENCODING enc; - } X509_CINF; - -/* This stuff is certificate "auxiliary info" - * it contains details which are useful in certificate - * stores and databases. When used this is tagged onto - * the end of the certificate itself - */ - -typedef struct x509_cert_aux_st - { - STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ - STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ - ASN1_UTF8STRING *alias; /* "friendly name" */ - ASN1_OCTET_STRING *keyid; /* key id of private key */ - STACK_OF(X509_ALGOR) *other; /* other unspecified info */ - } X509_CERT_AUX; - -struct x509_st - { - X509_CINF *cert_info; - X509_ALGOR *sig_alg; - ASN1_BIT_STRING *signature; - int valid; - CRYPTO_refcount_t references; - char *name; - CRYPTO_EX_DATA ex_data; - /* These contain copies of various extension values */ - long ex_pathlen; - long ex_pcpathlen; - unsigned long ex_flags; - unsigned long ex_kusage; - unsigned long ex_xkusage; - unsigned long ex_nscert; - ASN1_OCTET_STRING *skid; - AUTHORITY_KEYID *akid; - X509_POLICY_CACHE *policy_cache; - STACK_OF(DIST_POINT) *crldp; - STACK_OF(GENERAL_NAME) *altname; - NAME_CONSTRAINTS *nc; - unsigned char sha1_hash[SHA_DIGEST_LENGTH]; - X509_CERT_AUX *aux; - } /* X509 */; - -DECLARE_STACK_OF(X509) -DECLARE_ASN1_SET_OF(X509) - -/* This is used for a table of trust checking functions */ - -typedef struct x509_trust_st { - int trust; - int flags; - int (*check_trust)(struct x509_trust_st *, X509 *, int); - char *name; - int arg1; - void *arg2; -} X509_TRUST; - -DECLARE_STACK_OF(X509_TRUST) - -typedef struct x509_cert_pair_st { - X509 *forward; - X509 *reverse; -} X509_CERT_PAIR; - -/* standard trust ids */ - -#define X509_TRUST_DEFAULT -1 /* Only valid in purpose settings */ - -#define X509_TRUST_COMPAT 1 -#define X509_TRUST_SSL_CLIENT 2 -#define X509_TRUST_SSL_SERVER 3 -#define X509_TRUST_EMAIL 4 -#define X509_TRUST_OBJECT_SIGN 5 -#define X509_TRUST_OCSP_SIGN 6 -#define X509_TRUST_OCSP_REQUEST 7 -#define X509_TRUST_TSA 8 - -/* Keep these up to date! */ -#define X509_TRUST_MIN 1 -#define X509_TRUST_MAX 8 - - -/* trust_flags values */ -#define X509_TRUST_DYNAMIC 1 -#define X509_TRUST_DYNAMIC_NAME 2 - -/* check_trust return codes */ - -#define X509_TRUST_TRUSTED 1 -#define X509_TRUST_REJECTED 2 -#define X509_TRUST_UNTRUSTED 3 - -/* Flags for X509_print_ex() */ - -#define X509_FLAG_COMPAT 0 -#define X509_FLAG_NO_HEADER 1L -#define X509_FLAG_NO_VERSION (1L << 1) -#define X509_FLAG_NO_SERIAL (1L << 2) -#define X509_FLAG_NO_SIGNAME (1L << 3) -#define X509_FLAG_NO_ISSUER (1L << 4) -#define X509_FLAG_NO_VALIDITY (1L << 5) -#define X509_FLAG_NO_SUBJECT (1L << 6) -#define X509_FLAG_NO_PUBKEY (1L << 7) -#define X509_FLAG_NO_EXTENSIONS (1L << 8) -#define X509_FLAG_NO_SIGDUMP (1L << 9) -#define X509_FLAG_NO_AUX (1L << 10) -#define X509_FLAG_NO_ATTRIBUTES (1L << 11) -#define X509_FLAG_NO_IDS (1L << 12) - -/* Flags specific to X509_NAME_print_ex() */ - -/* The field separator information */ - -#define XN_FLAG_SEP_MASK (0xf << 16) - -#define XN_FLAG_COMPAT 0 /* Traditional SSLeay: use old X509_NAME_print */ -#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) /* RFC2253 ,+ */ -#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) /* ,+ spaced: more readable */ -#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) /* ;+ spaced */ -#define XN_FLAG_SEP_MULTILINE (4 << 16) /* One line per field */ - -#define XN_FLAG_DN_REV (1 << 20) /* Reverse DN order */ - -/* How the field name is shown */ - -#define XN_FLAG_FN_MASK (0x3 << 21) - -#define XN_FLAG_FN_SN 0 /* Object short name */ -#define XN_FLAG_FN_LN (1 << 21) /* Object long name */ -#define XN_FLAG_FN_OID (2 << 21) /* Always use OIDs */ -#define XN_FLAG_FN_NONE (3 << 21) /* No field names */ - -#define XN_FLAG_SPC_EQ (1 << 23) /* Put spaces round '=' */ - -/* This determines if we dump fields we don't recognise: - * RFC2253 requires this. - */ - -#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24) - -#define XN_FLAG_FN_ALIGN (1 << 25) /* Align field names to 20 characters */ - -/* Complete set of RFC2253 flags */ - -#define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \ - XN_FLAG_SEP_COMMA_PLUS | \ - XN_FLAG_DN_REV | \ - XN_FLAG_FN_SN | \ - XN_FLAG_DUMP_UNKNOWN_FIELDS) - -/* readable oneline form */ - -#define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \ - ASN1_STRFLGS_ESC_QUOTE | \ - XN_FLAG_SEP_CPLUS_SPC | \ - XN_FLAG_SPC_EQ | \ - XN_FLAG_FN_SN) - -/* readable multiline form */ - -#define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \ - ASN1_STRFLGS_ESC_MSB | \ - XN_FLAG_SEP_MULTILINE | \ - XN_FLAG_SPC_EQ | \ - XN_FLAG_FN_LN | \ - XN_FLAG_FN_ALIGN) - -struct x509_revoked_st - { - ASN1_INTEGER *serialNumber; - ASN1_TIME *revocationDate; - STACK_OF(X509_EXTENSION) /* optional */ *extensions; - /* Set up if indirect CRL */ - STACK_OF(GENERAL_NAME) *issuer; - /* Revocation reason */ - int reason; - int sequence; /* load sequence */ - }; - -DECLARE_STACK_OF(X509_REVOKED) -DECLARE_ASN1_SET_OF(X509_REVOKED) - -typedef struct X509_crl_info_st - { - ASN1_INTEGER *version; - X509_ALGOR *sig_alg; - X509_NAME *issuer; - ASN1_TIME *lastUpdate; - ASN1_TIME *nextUpdate; - STACK_OF(X509_REVOKED) *revoked; - STACK_OF(X509_EXTENSION) /* [0] */ *extensions; - ASN1_ENCODING enc; - } X509_CRL_INFO; - -struct X509_crl_st - { - /* actual signature */ - X509_CRL_INFO *crl; - X509_ALGOR *sig_alg; - ASN1_BIT_STRING *signature; - CRYPTO_refcount_t references; - int flags; - /* Copies of various extensions */ - AUTHORITY_KEYID *akid; - ISSUING_DIST_POINT *idp; - /* Convenient breakdown of IDP */ - int idp_flags; - int idp_reasons; - /* CRL and base CRL numbers for delta processing */ - ASN1_INTEGER *crl_number; - ASN1_INTEGER *base_crl_number; - unsigned char sha1_hash[SHA_DIGEST_LENGTH]; - STACK_OF(GENERAL_NAMES) *issuers; - const X509_CRL_METHOD *meth; - void *meth_data; - } /* X509_CRL */; - -DECLARE_STACK_OF(X509_CRL) -DECLARE_ASN1_SET_OF(X509_CRL) - -typedef struct private_key_st - { - int version; - /* The PKCS#8 data types */ - X509_ALGOR *enc_algor; - ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */ - - /* When decrypted, the following will not be NULL */ - EVP_PKEY *dec_pkey; - - /* used to encrypt and decrypt */ - int key_length; - char *key_data; - int key_free; /* true if we should auto free key_data */ - - /* expanded version of 'enc_algor' */ - EVP_CIPHER_INFO cipher; - } X509_PKEY; - -#ifndef OPENSSL_NO_EVP -typedef struct X509_info_st - { - X509 *x509; - X509_CRL *crl; - X509_PKEY *x_pkey; - - EVP_CIPHER_INFO enc_cipher; - int enc_len; - char *enc_data; - - } X509_INFO; - -DECLARE_STACK_OF(X509_INFO) -#endif - -/* The next 2 structures and their 8 routines were sent to me by - * Pat Richard and are used to manipulate - * Netscapes spki structures - useful if you are writing a CA web page - */ -typedef struct Netscape_spkac_st - { - X509_PUBKEY *pubkey; - ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */ - } NETSCAPE_SPKAC; - -typedef struct Netscape_spki_st - { - NETSCAPE_SPKAC *spkac; /* signed public key and challenge */ - X509_ALGOR *sig_algor; - ASN1_BIT_STRING *signature; - } NETSCAPE_SPKI; - -/* Netscape certificate sequence structure */ -typedef struct Netscape_certificate_sequence - { - ASN1_OBJECT *type; - STACK_OF(X509) *certs; - } NETSCAPE_CERT_SEQUENCE; - -/* Unused (and iv length is wrong) -typedef struct CBCParameter_st - { - unsigned char iv[8]; - } CBC_PARAM; -*/ - -/* Password based encryption structure */ - -typedef struct PBEPARAM_st { -ASN1_OCTET_STRING *salt; -ASN1_INTEGER *iter; -} PBEPARAM; - -/* Password based encryption V2 structures */ - -typedef struct PBE2PARAM_st { -X509_ALGOR *keyfunc; -X509_ALGOR *encryption; -} PBE2PARAM; - -typedef struct PBKDF2PARAM_st { -ASN1_TYPE *salt; /* Usually OCTET STRING but could be anything */ -ASN1_INTEGER *iter; -ASN1_INTEGER *keylength; -X509_ALGOR *prf; -} PBKDF2PARAM; - - -/* PKCS#8 private key info structure */ - -struct pkcs8_priv_key_info_st - { - int broken; /* Flag for various broken formats */ -#define PKCS8_OK 0 -#define PKCS8_NO_OCTET 1 -#define PKCS8_EMBEDDED_PARAM 2 -#define PKCS8_NS_DB 3 -#define PKCS8_NEG_PRIVKEY 4 - ASN1_INTEGER *version; - X509_ALGOR *pkeyalg; - ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */ - STACK_OF(X509_ATTRIBUTE) *attributes; - }; - -#ifdef __cplusplus -} -#endif - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define X509_EXT_PACK_UNKNOWN 1 -#define X509_EXT_PACK_STRING 2 - -#define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version) -/* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */ -#define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore) -#define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter) -#define X509_get_cert_info(x) ((x)->cert_info) -#define X509_extract_key(x) X509_get_pubkey(x) /*****/ -#define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version) -#define X509_REQ_get_subject_name(x) ((x)->req_info->subject) -#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a) -#define X509_name_cmp(a,b) X509_NAME_cmp((a),(b)) -#define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm)) - -#define X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version) -#define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate) -#define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate) -#define X509_CRL_get_issuer(x) ((x)->crl->issuer) -#define X509_CRL_get_REVOKED(x) ((x)->crl->revoked) - -#define X509_CINF_set_modified(c) ((c)->enc.modified = 1) -#define X509_CINF_get_issuer(c) (&(c)->issuer) -#define X509_CINF_get_extensions(c) ((c)->extensions) -#define X509_CINF_get_signature(c) ((c)->signature) - -OPENSSL_EXPORT void X509_CRL_set_default_method(const X509_CRL_METHOD *meth); -OPENSSL_EXPORT X509_CRL_METHOD *X509_CRL_METHOD_new( - int (*crl_init)(X509_CRL *crl), - int (*crl_free)(X509_CRL *crl), - int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret, - ASN1_INTEGER *ser, X509_NAME *issuer), - int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk)); -OPENSSL_EXPORT void X509_CRL_METHOD_free(X509_CRL_METHOD *m); - -OPENSSL_EXPORT void X509_CRL_set_meth_data(X509_CRL *crl, void *dat); -OPENSSL_EXPORT void *X509_CRL_get_meth_data(X509_CRL *crl); - -/* This one is only used so that a binary form can output, as in - * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */ -#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key) - - -OPENSSL_EXPORT const char *X509_verify_cert_error_string(long n); - -#ifndef OPENSSL_NO_EVP -OPENSSL_EXPORT int X509_verify(X509 *a, EVP_PKEY *r); - -OPENSSL_EXPORT int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); -OPENSSL_EXPORT int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); -OPENSSL_EXPORT int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r); - -OPENSSL_EXPORT NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len); -OPENSSL_EXPORT char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x); -OPENSSL_EXPORT EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x); -OPENSSL_EXPORT int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey); - -OPENSSL_EXPORT int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki); - -OPENSSL_EXPORT int X509_signature_dump(BIO *bp,const ASN1_STRING *sig, int indent); -OPENSSL_EXPORT int X509_signature_print(BIO *bp,X509_ALGOR *alg, ASN1_STRING *sig); - -OPENSSL_EXPORT int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); -OPENSSL_EXPORT int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx); -/* int X509_http_nbio(OCSP_REQ_CTX *rctx, X509 **pcert); */ -OPENSSL_EXPORT int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md); -OPENSSL_EXPORT int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx); -OPENSSL_EXPORT int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md); -OPENSSL_EXPORT int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx); -/* int X509_CRL_http_nbio(OCSP_REQ_CTX *rctx, X509_CRL **pcrl); */ -OPENSSL_EXPORT int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md); - -OPENSSL_EXPORT int X509_pubkey_digest(const X509 *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -OPENSSL_EXPORT int X509_digest(const X509 *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -OPENSSL_EXPORT int X509_CRL_digest(const X509_CRL *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -OPENSSL_EXPORT int X509_REQ_digest(const X509_REQ *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -OPENSSL_EXPORT int X509_NAME_digest(const X509_NAME *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -#endif - -#ifndef OPENSSL_NO_FP_API -OPENSSL_EXPORT X509 *d2i_X509_fp(FILE *fp, X509 **x509); -OPENSSL_EXPORT int i2d_X509_fp(FILE *fp,X509 *x509); -OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl); -OPENSSL_EXPORT int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl); -OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req); -OPENSSL_EXPORT int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req); -OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa); -OPENSSL_EXPORT int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa); -OPENSSL_EXPORT RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa); -OPENSSL_EXPORT int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa); -OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_fp(FILE *fp,RSA **rsa); -OPENSSL_EXPORT int i2d_RSA_PUBKEY_fp(FILE *fp,RSA *rsa); -#ifndef OPENSSL_NO_DSA -OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa); -OPENSSL_EXPORT int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa); -OPENSSL_EXPORT DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); -OPENSSL_EXPORT int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); -#endif -OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey); -OPENSSL_EXPORT int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey); -OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey); -OPENSSL_EXPORT int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey); -OPENSSL_EXPORT X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8); -OPENSSL_EXPORT int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8); -OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, - PKCS8_PRIV_KEY_INFO **p8inf); -OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,PKCS8_PRIV_KEY_INFO *p8inf); -OPENSSL_EXPORT int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key); -OPENSSL_EXPORT int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey); -OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a); -OPENSSL_EXPORT int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey); -OPENSSL_EXPORT EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a); -#endif - -OPENSSL_EXPORT X509 *d2i_X509_bio(BIO *bp,X509 **x509); -OPENSSL_EXPORT int i2d_X509_bio(BIO *bp,X509 *x509); -OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl); -OPENSSL_EXPORT int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl); -OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req); -OPENSSL_EXPORT int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req); -OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa); -OPENSSL_EXPORT int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa); -OPENSSL_EXPORT RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa); -OPENSSL_EXPORT int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa); -OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_bio(BIO *bp,RSA **rsa); -OPENSSL_EXPORT int i2d_RSA_PUBKEY_bio(BIO *bp,RSA *rsa); -#ifndef OPENSSL_NO_DSA -OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa); -OPENSSL_EXPORT int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa); -OPENSSL_EXPORT DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); -OPENSSL_EXPORT int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); -#endif -OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey); -OPENSSL_EXPORT int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey); -OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey); -OPENSSL_EXPORT int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey); -OPENSSL_EXPORT X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8); -OPENSSL_EXPORT int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8); -OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, - PKCS8_PRIV_KEY_INFO **p8inf); -OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,PKCS8_PRIV_KEY_INFO *p8inf); -OPENSSL_EXPORT int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key); -OPENSSL_EXPORT int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey); -OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a); -OPENSSL_EXPORT int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey); -OPENSSL_EXPORT EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a); - -OPENSSL_EXPORT X509 *X509_dup(X509 *x509); -OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa); -OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex); -OPENSSL_EXPORT X509_CRL *X509_CRL_dup(X509_CRL *crl); -OPENSSL_EXPORT X509_REVOKED *X509_REVOKED_dup(X509_REVOKED *rev); -OPENSSL_EXPORT X509_REQ *X509_REQ_dup(X509_REQ *req); -OPENSSL_EXPORT X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); -OPENSSL_EXPORT int X509_ALGOR_set0(X509_ALGOR *alg, const ASN1_OBJECT *aobj, int ptype, void *pval); -OPENSSL_EXPORT void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval, - X509_ALGOR *algor); -OPENSSL_EXPORT void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md); -OPENSSL_EXPORT int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b); - -OPENSSL_EXPORT X509_NAME *X509_NAME_dup(X509_NAME *xn); -OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); - -OPENSSL_EXPORT int X509_cmp_time(const ASN1_TIME *s, time_t *t); -OPENSSL_EXPORT int X509_cmp_current_time(const ASN1_TIME *s); -OPENSSL_EXPORT ASN1_TIME * X509_time_adj(ASN1_TIME *s, long adj, time_t *t); -OPENSSL_EXPORT ASN1_TIME * X509_time_adj_ex(ASN1_TIME *s, int offset_day, long offset_sec, time_t *t); -OPENSSL_EXPORT ASN1_TIME * X509_gmtime_adj(ASN1_TIME *s, long adj); - -OPENSSL_EXPORT const char * X509_get_default_cert_area(void ); -OPENSSL_EXPORT const char * X509_get_default_cert_dir(void ); -OPENSSL_EXPORT const char * X509_get_default_cert_file(void ); -OPENSSL_EXPORT const char * X509_get_default_cert_dir_env(void ); -OPENSSL_EXPORT const char * X509_get_default_cert_file_env(void ); -OPENSSL_EXPORT const char * X509_get_default_private_dir(void ); - -OPENSSL_EXPORT X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); -OPENSSL_EXPORT X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); - -DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS) -DECLARE_ASN1_FUNCTIONS(X509_VAL) - -DECLARE_ASN1_FUNCTIONS(X509_PUBKEY) - -OPENSSL_EXPORT int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); -OPENSSL_EXPORT EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); -OPENSSL_EXPORT int i2d_PUBKEY(const EVP_PKEY *a,unsigned char **pp); -OPENSSL_EXPORT EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,const unsigned char **pp, - long length); -OPENSSL_EXPORT int i2d_RSA_PUBKEY(const RSA *a,unsigned char **pp); -OPENSSL_EXPORT RSA * d2i_RSA_PUBKEY(RSA **a,const unsigned char **pp, - long length); -#ifndef OPENSSL_NO_DSA -OPENSSL_EXPORT int i2d_DSA_PUBKEY(const DSA *a,unsigned char **pp); -OPENSSL_EXPORT DSA * d2i_DSA_PUBKEY(DSA **a,const unsigned char **pp, - long length); -#endif -OPENSSL_EXPORT int i2d_EC_PUBKEY(const EC_KEY *a, unsigned char **pp); -OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, - long length); - -DECLARE_ASN1_FUNCTIONS(X509_SIG) -DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO) -DECLARE_ASN1_FUNCTIONS(X509_REQ) - -DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE) -OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); - -DECLARE_ASN1_FUNCTIONS(X509_EXTENSION) -DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS) - -DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY) - -DECLARE_ASN1_FUNCTIONS(X509_NAME) - -OPENSSL_EXPORT int X509_NAME_set(X509_NAME **xn, X509_NAME *name); - -DECLARE_ASN1_FUNCTIONS(X509_CINF) - -DECLARE_ASN1_FUNCTIONS(X509) -DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) - -DECLARE_ASN1_FUNCTIONS(X509_CERT_PAIR) - -/* X509_up_ref adds one to the reference count of |x| and returns - * |x|. */ -OPENSSL_EXPORT X509 *X509_up_ref(X509 *x); - -OPENSSL_EXPORT int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -OPENSSL_EXPORT int X509_set_ex_data(X509 *r, int idx, void *arg); -OPENSSL_EXPORT void *X509_get_ex_data(X509 *r, int idx); -OPENSSL_EXPORT int i2d_X509_AUX(X509 *a,unsigned char **pp); -OPENSSL_EXPORT X509 * d2i_X509_AUX(X509 **a,const unsigned char **pp,long length); - -OPENSSL_EXPORT void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, - const X509 *x); -OPENSSL_EXPORT int X509_get_signature_nid(const X509 *x); - -OPENSSL_EXPORT int X509_alias_set1(X509 *x, unsigned char *name, int len); -OPENSSL_EXPORT int X509_keyid_set1(X509 *x, unsigned char *id, int len); -OPENSSL_EXPORT unsigned char * X509_alias_get0(X509 *x, int *len); -OPENSSL_EXPORT unsigned char * X509_keyid_get0(X509 *x, int *len); -OPENSSL_EXPORT int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int); -OPENSSL_EXPORT int X509_TRUST_set(int *t, int trust); -OPENSSL_EXPORT int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); -OPENSSL_EXPORT int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj); -OPENSSL_EXPORT void X509_trust_clear(X509 *x); -OPENSSL_EXPORT void X509_reject_clear(X509 *x); - -DECLARE_ASN1_FUNCTIONS(X509_REVOKED) -DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO) -DECLARE_ASN1_FUNCTIONS(X509_CRL) - -OPENSSL_EXPORT int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); -OPENSSL_EXPORT int X509_CRL_get0_by_serial(X509_CRL *crl, - X509_REVOKED **ret, ASN1_INTEGER *serial); -OPENSSL_EXPORT int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x); - -OPENSSL_EXPORT X509_PKEY * X509_PKEY_new(void ); -OPENSSL_EXPORT void X509_PKEY_free(X509_PKEY *a); - -DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI) -DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC) -DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE) - -#ifndef OPENSSL_NO_EVP -OPENSSL_EXPORT X509_INFO * X509_INFO_new(void); -OPENSSL_EXPORT void X509_INFO_free(X509_INFO *a); -OPENSSL_EXPORT char * X509_NAME_oneline(X509_NAME *a,char *buf,int size); - -OPENSSL_EXPORT int ASN1_digest(i2d_of_void *i2d,const EVP_MD *type,char *data, - unsigned char *md,unsigned int *len); - -OPENSSL_EXPORT int ASN1_item_digest(const ASN1_ITEM *it,const EVP_MD *type,void *data, - unsigned char *md,unsigned int *len); - -OPENSSL_EXPORT int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1, - ASN1_BIT_STRING *signature,void *data,EVP_PKEY *pkey); - -OPENSSL_EXPORT int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, - ASN1_BIT_STRING *signature, - void *data, EVP_PKEY *pkey, const EVP_MD *type); -OPENSSL_EXPORT int ASN1_item_sign_ctx(const ASN1_ITEM *it, - X509_ALGOR *algor1, X509_ALGOR *algor2, - ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx); -#endif - -OPENSSL_EXPORT int X509_set_version(X509 *x,long version); -OPENSSL_EXPORT int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial); -OPENSSL_EXPORT ASN1_INTEGER * X509_get_serialNumber(X509 *x); -OPENSSL_EXPORT int X509_set_issuer_name(X509 *x, X509_NAME *name); -OPENSSL_EXPORT X509_NAME * X509_get_issuer_name(X509 *a); -OPENSSL_EXPORT int X509_set_subject_name(X509 *x, X509_NAME *name); -OPENSSL_EXPORT X509_NAME * X509_get_subject_name(X509 *a); -OPENSSL_EXPORT int X509_set_notBefore(X509 *x, const ASN1_TIME *tm); -OPENSSL_EXPORT int X509_set_notAfter(X509 *x, const ASN1_TIME *tm); -OPENSSL_EXPORT int X509_set_pubkey(X509 *x, EVP_PKEY *pkey); -OPENSSL_EXPORT EVP_PKEY * X509_get_pubkey(X509 *x); -OPENSSL_EXPORT ASN1_BIT_STRING * X509_get0_pubkey_bitstr(const X509 *x); -OPENSSL_EXPORT int X509_certificate_type(X509 *x,EVP_PKEY *pubkey /* optional */); - -OPENSSL_EXPORT int X509_REQ_set_version(X509_REQ *x,long version); -OPENSSL_EXPORT int X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name); -OPENSSL_EXPORT int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); -OPENSSL_EXPORT EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req); -OPENSSL_EXPORT int X509_REQ_extension_nid(int nid); -OPENSSL_EXPORT const int * X509_REQ_get_extension_nids(void); -OPENSSL_EXPORT void X509_REQ_set_extension_nids(const int *nids); -OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req); -OPENSSL_EXPORT int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, - int nid); -OPENSSL_EXPORT int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts); -OPENSSL_EXPORT int X509_REQ_get_attr_count(const X509_REQ *req); -OPENSSL_EXPORT int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, - int lastpos); -OPENSSL_EXPORT int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj, - int lastpos); -OPENSSL_EXPORT X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc); -OPENSSL_EXPORT X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc); -OPENSSL_EXPORT int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr); -OPENSSL_EXPORT int X509_REQ_add1_attr_by_OBJ(X509_REQ *req, - const ASN1_OBJECT *obj, int type, - const unsigned char *bytes, int len); -OPENSSL_EXPORT int X509_REQ_add1_attr_by_NID(X509_REQ *req, - int nid, int type, - const unsigned char *bytes, int len); -OPENSSL_EXPORT int X509_REQ_add1_attr_by_txt(X509_REQ *req, - const char *attrname, int type, - const unsigned char *bytes, int len); - -OPENSSL_EXPORT int X509_CRL_set_version(X509_CRL *x, long version); -OPENSSL_EXPORT int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name); -OPENSSL_EXPORT int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm); -OPENSSL_EXPORT int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm); -OPENSSL_EXPORT int X509_CRL_sort(X509_CRL *crl); - -OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); -OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); - -OPENSSL_EXPORT X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer, - EVP_PKEY *skey, const EVP_MD *md, unsigned int flags); - -OPENSSL_EXPORT int X509_REQ_check_private_key(X509_REQ *x509,EVP_PKEY *pkey); - -OPENSSL_EXPORT int X509_check_private_key(X509 *x509,EVP_PKEY *pkey); -OPENSSL_EXPORT int X509_chain_check_suiteb(int *perror_depth, - X509 *x, STACK_OF(X509) *chain, - unsigned long flags); -OPENSSL_EXPORT int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, - unsigned long flags); -OPENSSL_EXPORT STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain); - -OPENSSL_EXPORT int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); -OPENSSL_EXPORT unsigned long X509_issuer_and_serial_hash(X509 *a); - -OPENSSL_EXPORT int X509_issuer_name_cmp(const X509 *a, const X509 *b); -OPENSSL_EXPORT unsigned long X509_issuer_name_hash(X509 *a); - -OPENSSL_EXPORT int X509_subject_name_cmp(const X509 *a, const X509 *b); -OPENSSL_EXPORT unsigned long X509_subject_name_hash(X509 *x); - -OPENSSL_EXPORT unsigned long X509_issuer_name_hash_old(X509 *a); -OPENSSL_EXPORT unsigned long X509_subject_name_hash_old(X509 *x); - -OPENSSL_EXPORT int X509_cmp(const X509 *a, const X509 *b); -OPENSSL_EXPORT int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); -OPENSSL_EXPORT unsigned long X509_NAME_hash(X509_NAME *x); -OPENSSL_EXPORT unsigned long X509_NAME_hash_old(X509_NAME *x); - -OPENSSL_EXPORT int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); -OPENSSL_EXPORT int X509_CRL_match(const X509_CRL *a, const X509_CRL *b); -#ifndef OPENSSL_NO_FP_API -OPENSSL_EXPORT int X509_print_ex_fp(FILE *bp,X509 *x, unsigned long nmflag, unsigned long cflag); -OPENSSL_EXPORT int X509_print_fp(FILE *bp,X509 *x); -OPENSSL_EXPORT int X509_CRL_print_fp(FILE *bp,X509_CRL *x); -OPENSSL_EXPORT int X509_REQ_print_fp(FILE *bp,X509_REQ *req); -OPENSSL_EXPORT int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags); -#endif - -OPENSSL_EXPORT int X509_NAME_print(BIO *bp, X509_NAME *name, int obase); -OPENSSL_EXPORT int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags); -OPENSSL_EXPORT int X509_print_ex(BIO *bp,X509 *x, unsigned long nmflag, unsigned long cflag); -OPENSSL_EXPORT int X509_print(BIO *bp,X509 *x); -OPENSSL_EXPORT int X509_ocspid_print(BIO *bp,X509 *x); -OPENSSL_EXPORT int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); -OPENSSL_EXPORT int X509_CRL_print(BIO *bp,X509_CRL *x); -OPENSSL_EXPORT int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, unsigned long cflag); -OPENSSL_EXPORT int X509_REQ_print(BIO *bp,X509_REQ *req); - -OPENSSL_EXPORT int X509_NAME_entry_count(X509_NAME *name); -OPENSSL_EXPORT int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, - char *buf,int len); -OPENSSL_EXPORT int X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, - char *buf,int len); - -/* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use - * lastpos, search after that position on. */ -OPENSSL_EXPORT int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos); -OPENSSL_EXPORT int X509_NAME_get_index_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, - int lastpos); -OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc); -OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); -OPENSSL_EXPORT int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, - int loc, int set); -OPENSSL_EXPORT int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, - unsigned char *bytes, int len, int loc, int set); -OPENSSL_EXPORT int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, - unsigned char *bytes, int len, int loc, int set); -OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, - const char *field, int type, const unsigned char *bytes, int len); -OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, - int type,unsigned char *bytes, int len); -OPENSSL_EXPORT int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, - const unsigned char *bytes, int len, int loc, int set); -OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, - const ASN1_OBJECT *obj, int type,const unsigned char *bytes, - int len); -OPENSSL_EXPORT int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, - const ASN1_OBJECT *obj); -OPENSSL_EXPORT int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, - const unsigned char *bytes, int len); -OPENSSL_EXPORT ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne); -OPENSSL_EXPORT ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne); - -OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x); -OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, - int nid, int lastpos); -OPENSSL_EXPORT int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x, - const ASN1_OBJECT *obj,int lastpos); -OPENSSL_EXPORT int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x, - int crit, int lastpos); -OPENSSL_EXPORT X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc); -OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc); -OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, - X509_EXTENSION *ex, int loc); - -OPENSSL_EXPORT int X509_get_ext_count(X509 *x); -OPENSSL_EXPORT int X509_get_ext_by_NID(X509 *x, int nid, int lastpos); -OPENSSL_EXPORT int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos); -OPENSSL_EXPORT int X509_get_ext_by_critical(X509 *x, int crit, int lastpos); -OPENSSL_EXPORT X509_EXTENSION *X509_get_ext(X509 *x, int loc); -OPENSSL_EXPORT X509_EXTENSION *X509_delete_ext(X509 *x, int loc); -OPENSSL_EXPORT int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); -OPENSSL_EXPORT void * X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx); -OPENSSL_EXPORT int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit, - unsigned long flags); - -OPENSSL_EXPORT int X509_CRL_get_ext_count(X509_CRL *x); -OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos); -OPENSSL_EXPORT int X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int lastpos); -OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos); -OPENSSL_EXPORT X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc); -OPENSSL_EXPORT X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc); -OPENSSL_EXPORT int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc); -OPENSSL_EXPORT void * X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx); -OPENSSL_EXPORT int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit, - unsigned long flags); - -OPENSSL_EXPORT int X509_REVOKED_get_ext_count(X509_REVOKED *x); -OPENSSL_EXPORT int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos); -OPENSSL_EXPORT int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int lastpos); -OPENSSL_EXPORT int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos); -OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc); -OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc); -OPENSSL_EXPORT int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc); -OPENSSL_EXPORT void * X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx); -OPENSSL_EXPORT int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit, - unsigned long flags); - -OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, - int nid, int crit, ASN1_OCTET_STRING *data); -OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, - const ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data); -OPENSSL_EXPORT int X509_EXTENSION_set_object(X509_EXTENSION *ex,const ASN1_OBJECT *obj); -OPENSSL_EXPORT int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit); -OPENSSL_EXPORT int X509_EXTENSION_set_data(X509_EXTENSION *ex, - ASN1_OCTET_STRING *data); -OPENSSL_EXPORT ASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex); -OPENSSL_EXPORT ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne); -OPENSSL_EXPORT int X509_EXTENSION_get_critical(X509_EXTENSION *ex); - -OPENSSL_EXPORT int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x); -OPENSSL_EXPORT int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, - int lastpos); -OPENSSL_EXPORT int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, const ASN1_OBJECT *obj, - int lastpos); -OPENSSL_EXPORT X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc); -OPENSSL_EXPORT X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc); -OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, - X509_ATTRIBUTE *attr); -OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, - const ASN1_OBJECT *obj, int type, - const unsigned char *bytes, int len); -OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, - int nid, int type, - const unsigned char *bytes, int len); -OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, - const char *attrname, int type, - const unsigned char *bytes, int len); -OPENSSL_EXPORT void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, - ASN1_OBJECT *obj, int lastpos, int type); -OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, - int atrtype, const void *data, int len); -OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, - const ASN1_OBJECT *obj, int atrtype, const void *data, int len); -OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, - const char *atrname, int type, const unsigned char *bytes, int len); -OPENSSL_EXPORT int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj); -OPENSSL_EXPORT int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len); -OPENSSL_EXPORT void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, - int atrtype, void *data); -OPENSSL_EXPORT int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr); -OPENSSL_EXPORT ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr); -OPENSSL_EXPORT ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx); - -OPENSSL_EXPORT int EVP_PKEY_get_attr_count(const EVP_PKEY *key); -OPENSSL_EXPORT int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, - int lastpos); -OPENSSL_EXPORT int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, - int lastpos); -OPENSSL_EXPORT X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc); -OPENSSL_EXPORT X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc); -OPENSSL_EXPORT int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr); -OPENSSL_EXPORT int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, - const ASN1_OBJECT *obj, int type, - const unsigned char *bytes, int len); -OPENSSL_EXPORT int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, - int nid, int type, - const unsigned char *bytes, int len); -OPENSSL_EXPORT int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, - const char *attrname, int type, - const unsigned char *bytes, int len); - -OPENSSL_EXPORT int X509_verify_cert(X509_STORE_CTX *ctx); - -/* lookup a cert from a X509 STACK */ -OPENSSL_EXPORT X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name, - ASN1_INTEGER *serial); -OPENSSL_EXPORT X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name); - -DECLARE_ASN1_FUNCTIONS(PBEPARAM) -DECLARE_ASN1_FUNCTIONS(PBE2PARAM) -DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM) - -OPENSSL_EXPORT int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter, - const unsigned char *salt, int saltlen); - -OPENSSL_EXPORT X509_ALGOR *PKCS5_pbe_set(int alg, int iter, - const unsigned char *salt, int saltlen); -OPENSSL_EXPORT X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen); -OPENSSL_EXPORT X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen, - unsigned char *aiv, int prf_nid); - -OPENSSL_EXPORT X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, - int prf_nid, int keylen); - -/* PKCS#8 utilities */ - -DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) - -OPENSSL_EXPORT EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8); -OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey); -OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken); -OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken); - -OPENSSL_EXPORT int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, - int version, int ptype, void *pval, - unsigned char *penc, int penclen); -OPENSSL_EXPORT int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, - const unsigned char **pk, int *ppklen, - X509_ALGOR **pa, - PKCS8_PRIV_KEY_INFO *p8); - -OPENSSL_EXPORT int X509_PUBKEY_set0_param(X509_PUBKEY *pub, const ASN1_OBJECT *aobj, - int ptype, void *pval, - unsigned char *penc, int penclen); -OPENSSL_EXPORT int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, - const unsigned char **pk, int *ppklen, - X509_ALGOR **pa, - X509_PUBKEY *pub); - -OPENSSL_EXPORT int X509_check_trust(X509 *x, int id, int flags); -OPENSSL_EXPORT int X509_TRUST_get_count(void); -OPENSSL_EXPORT X509_TRUST * X509_TRUST_get0(int idx); -OPENSSL_EXPORT int X509_TRUST_get_by_id(int id); -OPENSSL_EXPORT int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), - char *name, int arg1, void *arg2); -OPENSSL_EXPORT void X509_TRUST_cleanup(void); -OPENSSL_EXPORT int X509_TRUST_get_flags(X509_TRUST *xp); -OPENSSL_EXPORT char *X509_TRUST_get0_name(X509_TRUST *xp); -OPENSSL_EXPORT int X509_TRUST_get_trust(X509_TRUST *xp); - -/* PKCS7_get_certificates parses a PKCS#7, SignedData structure from |cbs| and - * appends the included certificates to |out_certs|. It returns one on success - * and zero on error. */ -OPENSSL_EXPORT int PKCS7_get_certificates(STACK_OF(X509) *out_certs, CBS *cbs); - -/* PKCS7_bundle_certificates appends a PKCS#7, SignedData structure containing - * |certs| to |out|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int PKCS7_bundle_certificates( - CBB *out, const STACK_OF(X509) *certs); - -/* PKCS7_get_CRLs parses a PKCS#7, SignedData structure from |cbs| and appends - * the included CRLs to |out_crls|. It returns one on success and zero on - * error. */ -OPENSSL_EXPORT int PKCS7_get_CRLs(STACK_OF(X509_CRL) *out_crls, CBS *cbs); - -/* PKCS7_bundle_CRLs appends a PKCS#7, SignedData structure containing - * |crls| to |out|. It returns one on success and zero on error. */ -OPENSSL_EXPORT int PKCS7_bundle_CRLs(CBB *out, const STACK_OF(X509_CRL) *crls); - -/* PKCS7_get_PEM_certificates reads a PEM-encoded, PKCS#7, SignedData structure - * from |pem_bio| and appends the included certificates to |out_certs|. It - * returns one on success and zero on error. */ -OPENSSL_EXPORT int PKCS7_get_PEM_certificates(STACK_OF(X509) *out_certs, - BIO *pem_bio); - -/* PKCS7_get_PEM_CRLs reads a PEM-encoded, PKCS#7, SignedData structure from - * |pem_bio| and appends the included CRLs to |out_crls|. It returns one on - * success and zero on error. */ -OPENSSL_EXPORT int PKCS7_get_PEM_CRLs(STACK_OF(X509_CRL) *out_crls, - BIO *pem_bio); - -/* EVP_PK values indicate the algorithm of the public key in a certificate. */ - -#define EVP_PK_RSA 0x0001 -#define EVP_PK_DSA 0x0002 -#define EVP_PK_DH 0x0004 -#define EVP_PK_EC 0x0008 - -/* EVP_PKS values indicate the algorithm used to sign a certificate. */ - -#define EVP_PKS_RSA 0x0100 -#define EVP_PKS_DSA 0x0200 -#define EVP_PKS_EC 0x0400 - -/* EVP_PKT values are flags that define what public-key operations can be - * performed with the public key from a certificate. */ - -/* EVP_PKT_SIGN indicates that the public key can be used for signing. */ -#define EVP_PKT_SIGN 0x0010 -/* EVP_PKT_ENC indicates that a session key can be encrypted to the public - * key. */ -#define EVP_PKT_ENC 0x0020 -/* EVP_PKT_EXCH indicates that key-agreement can be performed. */ -#define EVP_PKT_EXCH 0x0040 -/* EVP_PKT_EXP indicates that key is weak (i.e. "export"). */ -#define EVP_PKT_EXP 0x1000 - - -#ifdef __cplusplus -} -#endif - -#define X509_F_ASN1_digest 100 -#define X509_F_ASN1_item_sign_ctx 101 -#define X509_F_ASN1_item_verify 102 -#define X509_F_NETSCAPE_SPKI_b64_decode 103 -#define X509_F_NETSCAPE_SPKI_b64_encode 104 -#define X509_F_PKCS7_get_certificates 105 -#define X509_F_X509_ATTRIBUTE_create_by_NID 106 -#define X509_F_X509_ATTRIBUTE_create_by_OBJ 107 -#define X509_F_X509_ATTRIBUTE_create_by_txt 108 -#define X509_F_X509_ATTRIBUTE_get0_data 109 -#define X509_F_X509_ATTRIBUTE_set1_data 110 -#define X509_F_X509_CRL_add0_revoked 111 -#define X509_F_X509_CRL_diff 112 -#define X509_F_X509_CRL_print_fp 113 -#define X509_F_X509_EXTENSION_create_by_NID 114 -#define X509_F_X509_EXTENSION_create_by_OBJ 115 -#define X509_F_X509_INFO_new 116 -#define X509_F_X509_NAME_ENTRY_create_by_NID 117 -#define X509_F_X509_NAME_ENTRY_create_by_txt 118 -#define X509_F_X509_NAME_ENTRY_set_object 119 -#define X509_F_X509_NAME_add_entry 120 -#define X509_F_X509_NAME_oneline 121 -#define X509_F_X509_NAME_print 122 -#define X509_F_X509_PKEY_new 123 -#define X509_F_X509_PUBKEY_get 124 -#define X509_F_X509_PUBKEY_set 125 -#define X509_F_X509_REQ_check_private_key 126 -#define X509_F_X509_REQ_to_X509 127 -#define X509_F_X509_STORE_CTX_get1_issuer 128 -#define X509_F_X509_STORE_CTX_init 129 -#define X509_F_X509_STORE_CTX_new 130 -#define X509_F_X509_STORE_CTX_purpose_inherit 131 -#define X509_F_X509_STORE_add_cert 132 -#define X509_F_X509_STORE_add_crl 133 -#define X509_F_X509_TRUST_add 134 -#define X509_F_X509_TRUST_set 135 -#define X509_F_X509_check_private_key 136 -#define X509_F_X509_get_pubkey_parameters 137 -#define X509_F_X509_load_cert_crl_file 138 -#define X509_F_X509_load_cert_file 139 -#define X509_F_X509_load_crl_file 140 -#define X509_F_X509_print_ex_fp 141 -#define X509_F_X509_to_X509_REQ 142 -#define X509_F_X509_verify_cert 143 -#define X509_F_X509at_add1_attr 144 -#define X509_F_X509v3_add_ext 145 -#define X509_F_add_cert_dir 146 -#define X509_F_by_file_ctrl 147 -#define X509_F_check_policy 148 -#define X509_F_dir_ctrl 149 -#define X509_F_get_cert_by_subject 150 -#define X509_F_i2d_DSA_PUBKEY 151 -#define X509_F_i2d_EC_PUBKEY 152 -#define X509_F_i2d_RSA_PUBKEY 153 -#define X509_F_x509_name_encode 154 -#define X509_F_x509_name_ex_d2i 155 -#define X509_F_x509_name_ex_new 156 -#define X509_F_pkcs7_parse_header 157 -#define X509_F_PKCS7_get_CRLs 158 -#define X509_R_AKID_MISMATCH 100 -#define X509_R_BAD_PKCS7_VERSION 101 -#define X509_R_BAD_X509_FILETYPE 102 -#define X509_R_BASE64_DECODE_ERROR 103 -#define X509_R_CANT_CHECK_DH_KEY 104 -#define X509_R_CERT_ALREADY_IN_HASH_TABLE 105 -#define X509_R_CRL_ALREADY_DELTA 106 -#define X509_R_CRL_VERIFY_FAILURE 107 -#define X509_R_IDP_MISMATCH 108 -#define X509_R_INVALID_BIT_STRING_BITS_LEFT 109 -#define X509_R_INVALID_DIRECTORY 110 -#define X509_R_INVALID_FIELD_NAME 111 -#define X509_R_INVALID_TRUST 112 -#define X509_R_ISSUER_MISMATCH 113 -#define X509_R_KEY_TYPE_MISMATCH 114 -#define X509_R_KEY_VALUES_MISMATCH 115 -#define X509_R_LOADING_CERT_DIR 116 -#define X509_R_LOADING_DEFAULTS 117 -#define X509_R_METHOD_NOT_SUPPORTED 118 -#define X509_R_NEWER_CRL_NOT_NEWER 119 -#define X509_R_NOT_PKCS7_SIGNED_DATA 120 -#define X509_R_NO_CERTIFICATES_INCLUDED 121 -#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 122 -#define X509_R_NO_CRL_NUMBER 123 -#define X509_R_PUBLIC_KEY_DECODE_ERROR 124 -#define X509_R_PUBLIC_KEY_ENCODE_ERROR 125 -#define X509_R_SHOULD_RETRY 126 -#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 127 -#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 128 -#define X509_R_UNKNOWN_KEY_TYPE 129 -#define X509_R_UNKNOWN_NID 130 -#define X509_R_UNKNOWN_PURPOSE_ID 131 -#define X509_R_UNKNOWN_TRUST_ID 132 -#define X509_R_UNSUPPORTED_ALGORITHM 133 -#define X509_R_WRONG_LOOKUP_TYPE 134 -#define X509_R_WRONG_TYPE 135 -#define X509_R_NO_CRLS_INCLUDED 136 - -#endif diff --git a/third_party/boringssl/include/openssl/x509_vfy.h b/third_party/boringssl/include/openssl/x509_vfy.h deleted file mode 100644 index 146e047a6d7d4d..00000000000000 --- a/third_party/boringssl/include/openssl/x509_vfy.h +++ /dev/null @@ -1,612 +0,0 @@ -/* crypto/x509/x509_vfy.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_X509_H -#include -/* openssl/x509.h ends up #include-ing this file at about the only - * appropriate moment. */ -#endif - -#ifndef HEADER_X509_VFY_H -#define HEADER_X509_VFY_H - -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#if 0 -/* Outer object */ -typedef struct x509_hash_dir_st - { - int num_dirs; - char **dirs; - int *dirs_type; - int num_dirs_alloced; - } X509_HASH_DIR_CTX; -#endif - -typedef struct x509_file_st - { - int num_paths; /* number of paths to files or directories */ - int num_alloced; - char **paths; /* the list of paths or directories */ - int *path_type; - } X509_CERT_FILE_CTX; - -/*******************************/ -/* -SSL_CTX -> X509_STORE - -> X509_LOOKUP - ->X509_LOOKUP_METHOD - -> X509_LOOKUP - ->X509_LOOKUP_METHOD - -SSL -> X509_STORE_CTX - ->X509_STORE - -The X509_STORE holds the tables etc for verification stuff. -A X509_STORE_CTX is used while validating a single certificate. -The X509_STORE has X509_LOOKUPs for looking up certs. -The X509_STORE then calls a function to actually verify the -certificate chain. -*/ - -#define X509_LU_RETRY -1 -#define X509_LU_FAIL 0 -#define X509_LU_X509 1 -#define X509_LU_CRL 2 -#define X509_LU_PKEY 3 - -typedef struct x509_object_st - { - /* one of the above types */ - int type; - union { - char *ptr; - X509 *x509; - X509_CRL *crl; - EVP_PKEY *pkey; - } data; - } X509_OBJECT; - -typedef struct x509_lookup_st X509_LOOKUP; - -DECLARE_STACK_OF(X509_LOOKUP) -DECLARE_STACK_OF(X509_OBJECT) - -/* This is a static that defines the function interface */ -typedef struct x509_lookup_method_st - { - const char *name; - int (*new_item)(X509_LOOKUP *ctx); - void (*free)(X509_LOOKUP *ctx); - int (*init)(X509_LOOKUP *ctx); - int (*shutdown)(X509_LOOKUP *ctx); - int (*ctrl)(X509_LOOKUP *ctx,int cmd,const char *argc,long argl, - char **ret); - int (*get_by_subject)(X509_LOOKUP *ctx,int type,X509_NAME *name, - X509_OBJECT *ret); - int (*get_by_issuer_serial)(X509_LOOKUP *ctx,int type,X509_NAME *name, - ASN1_INTEGER *serial,X509_OBJECT *ret); - int (*get_by_fingerprint)(X509_LOOKUP *ctx,int type, - unsigned char *bytes,int len, - X509_OBJECT *ret); - int (*get_by_alias)(X509_LOOKUP *ctx,int type,char *str,int len, - X509_OBJECT *ret); - } X509_LOOKUP_METHOD; - -typedef struct X509_VERIFY_PARAM_ID_st X509_VERIFY_PARAM_ID; - -/* This structure hold all parameters associated with a verify operation - * by including an X509_VERIFY_PARAM structure in related structures the - * parameters used can be customized - */ - -typedef struct X509_VERIFY_PARAM_st - { - char *name; - time_t check_time; /* Time to use */ - unsigned long inh_flags; /* Inheritance flags */ - unsigned long flags; /* Various verify flags */ - int purpose; /* purpose to check untrusted certificates */ - int trust; /* trust setting to check */ - int depth; /* Verify depth */ - STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */ - X509_VERIFY_PARAM_ID *id; /* opaque ID data */ - } X509_VERIFY_PARAM; - -DECLARE_STACK_OF(X509_VERIFY_PARAM) - -/* This is used to hold everything. It is used for all certificate - * validation. Once we have a certificate chain, the 'verify' - * function is then called to actually check the cert chain. */ -struct x509_store_st - { - /* The following is a cache of trusted certs */ - int cache; /* if true, stash any hits */ - STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */ - CRYPTO_MUTEX objs_lock; - - /* These are external lookup methods */ - STACK_OF(X509_LOOKUP) *get_cert_methods; - - X509_VERIFY_PARAM *param; - - /* Callbacks for various operations */ - int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */ - int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */ - int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */ - int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */ - int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */ - int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */ - int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */ - int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */ - STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm); - STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm); - int (*cleanup)(X509_STORE_CTX *ctx); - - CRYPTO_refcount_t references; - } /* X509_STORE */; - -OPENSSL_EXPORT int X509_STORE_set_depth(X509_STORE *store, int depth); - -#define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func)) -#define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func)) - -/* This is the functions plus an instance of the local variables. */ -struct x509_lookup_st - { - int init; /* have we been started */ - int skip; /* don't use us. */ - X509_LOOKUP_METHOD *method; /* the functions */ - char *method_data; /* method data */ - - X509_STORE *store_ctx; /* who owns us */ - } /* X509_LOOKUP */; - -/* This is a used when verifying cert chains. Since the - * gathering of the cert chain can take some time (and have to be - * 'retried', this needs to be kept and passed around. */ -struct x509_store_ctx_st /* X509_STORE_CTX */ - { - X509_STORE *ctx; - int current_method; /* used when looking up certs */ - - /* The following are set by the caller */ - X509 *cert; /* The cert to check */ - STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */ - STACK_OF(X509_CRL) *crls; /* set of CRLs passed in */ - - X509_VERIFY_PARAM *param; - void *other_ctx; /* Other info for use with get_issuer() */ - - /* Callbacks for various operations */ - int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */ - int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */ - int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */ - int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */ - int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */ - int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */ - int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */ - int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */ - int (*check_policy)(X509_STORE_CTX *ctx); - STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm); - STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm); - int (*cleanup)(X509_STORE_CTX *ctx); - - /* The following is built up */ - int valid; /* if 0, rebuild chain */ - int last_untrusted; /* index of last untrusted cert */ - STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */ - X509_POLICY_TREE *tree; /* Valid policy tree */ - - int explicit_policy; /* Require explicit policy value */ - - /* When something goes wrong, this is why */ - int error_depth; - int error; - X509 *current_cert; - X509 *current_issuer; /* cert currently being tested as valid issuer */ - X509_CRL *current_crl; /* current CRL */ - - int current_crl_score; /* score of current CRL */ - unsigned int current_reasons; /* Reason mask */ - - X509_STORE_CTX *parent; /* For CRL path validation: parent context */ - - CRYPTO_EX_DATA ex_data; - } /* X509_STORE_CTX */; - -OPENSSL_EXPORT void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); - -#define X509_STORE_CTX_set_app_data(ctx,data) \ - X509_STORE_CTX_set_ex_data(ctx,0,data) -#define X509_STORE_CTX_get_app_data(ctx) \ - X509_STORE_CTX_get_ex_data(ctx,0) - -#define X509_L_FILE_LOAD 1 -#define X509_L_ADD_DIR 2 - -#define X509_LOOKUP_load_file(x,name,type) \ - X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL) - -#define X509_LOOKUP_add_dir(x,name,type) \ - X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL) - -#define X509_V_OK 0 -/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */ - -#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2 -#define X509_V_ERR_UNABLE_TO_GET_CRL 3 -#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4 -#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5 -#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6 -#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7 -#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8 -#define X509_V_ERR_CERT_NOT_YET_VALID 9 -#define X509_V_ERR_CERT_HAS_EXPIRED 10 -#define X509_V_ERR_CRL_NOT_YET_VALID 11 -#define X509_V_ERR_CRL_HAS_EXPIRED 12 -#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13 -#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14 -#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15 -#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16 -#define X509_V_ERR_OUT_OF_MEM 17 -#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18 -#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19 -#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20 -#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21 -#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22 -#define X509_V_ERR_CERT_REVOKED 23 -#define X509_V_ERR_INVALID_CA 24 -#define X509_V_ERR_PATH_LENGTH_EXCEEDED 25 -#define X509_V_ERR_INVALID_PURPOSE 26 -#define X509_V_ERR_CERT_UNTRUSTED 27 -#define X509_V_ERR_CERT_REJECTED 28 -/* These are 'informational' when looking for issuer cert */ -#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29 -#define X509_V_ERR_AKID_SKID_MISMATCH 30 -#define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31 -#define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32 - -#define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33 -#define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34 -#define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35 -#define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36 -#define X509_V_ERR_INVALID_NON_CA 37 -#define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38 -#define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39 -#define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40 - -#define X509_V_ERR_INVALID_EXTENSION 41 -#define X509_V_ERR_INVALID_POLICY_EXTENSION 42 -#define X509_V_ERR_NO_EXPLICIT_POLICY 43 -#define X509_V_ERR_DIFFERENT_CRL_SCOPE 44 -#define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45 - -#define X509_V_ERR_UNNESTED_RESOURCE 46 - -#define X509_V_ERR_PERMITTED_VIOLATION 47 -#define X509_V_ERR_EXCLUDED_VIOLATION 48 -#define X509_V_ERR_SUBTREE_MINMAX 49 -#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51 -#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52 -#define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53 -#define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54 - -/* Suite B mode algorithm violation */ -#define X509_V_ERR_SUITE_B_INVALID_VERSION 56 -#define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57 -#define X509_V_ERR_SUITE_B_INVALID_CURVE 58 -#define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59 -#define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60 -#define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61 - -/* Host, email and IP check errors */ -#define X509_V_ERR_HOSTNAME_MISMATCH 62 -#define X509_V_ERR_EMAIL_MISMATCH 63 -#define X509_V_ERR_IP_ADDRESS_MISMATCH 64 - -/* The application is not happy */ -#define X509_V_ERR_APPLICATION_VERIFICATION 50 - -/* Certificate verify flags */ - -/* Send issuer+subject checks to verify_cb */ -#define X509_V_FLAG_CB_ISSUER_CHECK 0x1 -/* Use check time instead of current time */ -#define X509_V_FLAG_USE_CHECK_TIME 0x2 -/* Lookup CRLs */ -#define X509_V_FLAG_CRL_CHECK 0x4 -/* Lookup CRLs for whole chain */ -#define X509_V_FLAG_CRL_CHECK_ALL 0x8 -/* Ignore unhandled critical extensions */ -#define X509_V_FLAG_IGNORE_CRITICAL 0x10 -/* Disable workarounds for broken certificates */ -#define X509_V_FLAG_X509_STRICT 0x20 -/* Enable proxy certificate validation */ -#define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40 -/* Enable policy checking */ -#define X509_V_FLAG_POLICY_CHECK 0x80 -/* Policy variable require-explicit-policy */ -#define X509_V_FLAG_EXPLICIT_POLICY 0x100 -/* Policy variable inhibit-any-policy */ -#define X509_V_FLAG_INHIBIT_ANY 0x200 -/* Policy variable inhibit-policy-mapping */ -#define X509_V_FLAG_INHIBIT_MAP 0x400 -/* Notify callback that policy is OK */ -#define X509_V_FLAG_NOTIFY_POLICY 0x800 -/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */ -#define X509_V_FLAG_EXTENDED_CRL_SUPPORT 0x1000 -/* Delta CRL support */ -#define X509_V_FLAG_USE_DELTAS 0x2000 -/* Check selfsigned CA signature */ -#define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000 -/* Use trusted store first */ -#define X509_V_FLAG_TRUSTED_FIRST 0x8000 -/* Suite B 128 bit only mode: not normally used */ -#define X509_V_FLAG_SUITEB_128_LOS_ONLY 0x10000 -/* Suite B 192 bit only mode */ -#define X509_V_FLAG_SUITEB_192_LOS 0x20000 -/* Suite B 128 bit mode allowing 192 bit algorithms */ -#define X509_V_FLAG_SUITEB_128_LOS 0x30000 - -/* Allow partial chains if at least one certificate is in trusted store */ -#define X509_V_FLAG_PARTIAL_CHAIN 0x80000 - -#define X509_VP_FLAG_DEFAULT 0x1 -#define X509_VP_FLAG_OVERWRITE 0x2 -#define X509_VP_FLAG_RESET_FLAGS 0x4 -#define X509_VP_FLAG_LOCKED 0x8 -#define X509_VP_FLAG_ONCE 0x10 - -/* Internal use: mask of policy related options */ -#define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \ - | X509_V_FLAG_EXPLICIT_POLICY \ - | X509_V_FLAG_INHIBIT_ANY \ - | X509_V_FLAG_INHIBIT_MAP) - -OPENSSL_EXPORT int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type, - X509_NAME *name); -OPENSSL_EXPORT X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,int type,X509_NAME *name); -OPENSSL_EXPORT X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x); -OPENSSL_EXPORT void X509_OBJECT_up_ref_count(X509_OBJECT *a); -OPENSSL_EXPORT void X509_OBJECT_free_contents(X509_OBJECT *a); -OPENSSL_EXPORT X509_STORE *X509_STORE_new(void ); -OPENSSL_EXPORT void X509_STORE_free(X509_STORE *v); - -OPENSSL_EXPORT STACK_OF(X509)* X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm); -OPENSSL_EXPORT STACK_OF(X509_CRL)* X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm); -OPENSSL_EXPORT int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags); -OPENSSL_EXPORT int X509_STORE_set_purpose(X509_STORE *ctx, int purpose); -OPENSSL_EXPORT int X509_STORE_set_trust(X509_STORE *ctx, int trust); -OPENSSL_EXPORT int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm); - -OPENSSL_EXPORT void X509_STORE_set_verify_cb(X509_STORE *ctx, - int (*verify_cb)(int, X509_STORE_CTX *)); - -OPENSSL_EXPORT void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx, - STACK_OF(X509_CRL)* (*cb)(X509_STORE_CTX *ctx, X509_NAME *nm)); - -OPENSSL_EXPORT X509_STORE_CTX *X509_STORE_CTX_new(void); - -OPENSSL_EXPORT int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); - -OPENSSL_EXPORT void X509_STORE_CTX_free(X509_STORE_CTX *ctx); -OPENSSL_EXPORT int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, - X509 *x509, STACK_OF(X509) *chain); -OPENSSL_EXPORT void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk); -OPENSSL_EXPORT void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx); - -OPENSSL_EXPORT X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx); - -OPENSSL_EXPORT X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m); - -OPENSSL_EXPORT X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void); -OPENSSL_EXPORT X509_LOOKUP_METHOD *X509_LOOKUP_file(void); - -OPENSSL_EXPORT int X509_STORE_add_cert(X509_STORE *ctx, X509 *x); -OPENSSL_EXPORT int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x); - -OPENSSL_EXPORT int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name, - X509_OBJECT *ret); - -OPENSSL_EXPORT int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, - long argl, char **ret); - -#ifndef OPENSSL_NO_STDIO -OPENSSL_EXPORT int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type); -OPENSSL_EXPORT int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type); -OPENSSL_EXPORT int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type); -#endif - - -OPENSSL_EXPORT X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method); -OPENSSL_EXPORT void X509_LOOKUP_free(X509_LOOKUP *ctx); -OPENSSL_EXPORT int X509_LOOKUP_init(X509_LOOKUP *ctx); -OPENSSL_EXPORT int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name, - X509_OBJECT *ret); -OPENSSL_EXPORT int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name, - ASN1_INTEGER *serial, X509_OBJECT *ret); -OPENSSL_EXPORT int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type, - unsigned char *bytes, int len, X509_OBJECT *ret); -OPENSSL_EXPORT int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, - int len, X509_OBJECT *ret); -OPENSSL_EXPORT int X509_LOOKUP_shutdown(X509_LOOKUP *ctx); - -#ifndef OPENSSL_NO_STDIO -OPENSSL_EXPORT int X509_STORE_load_locations (X509_STORE *ctx, - const char *file, const char *dir); -OPENSSL_EXPORT int X509_STORE_set_default_paths(X509_STORE *ctx); -#endif - -OPENSSL_EXPORT int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -OPENSSL_EXPORT int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,void *data); -OPENSSL_EXPORT void * X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx); -OPENSSL_EXPORT int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx); -OPENSSL_EXPORT void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s); -OPENSSL_EXPORT int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); -OPENSSL_EXPORT X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); -OPENSSL_EXPORT X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx); -OPENSSL_EXPORT X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx); -OPENSSL_EXPORT X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx); -OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx); -OPENSSL_EXPORT STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx); -OPENSSL_EXPORT void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x); -OPENSSL_EXPORT void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk); -OPENSSL_EXPORT void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c,STACK_OF(X509_CRL) *sk); -OPENSSL_EXPORT int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); -OPENSSL_EXPORT int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust); -OPENSSL_EXPORT int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, - int purpose, int trust); -OPENSSL_EXPORT void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags); -OPENSSL_EXPORT void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, - time_t t); -OPENSSL_EXPORT void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, - int (*verify_cb)(int, X509_STORE_CTX *)); - -OPENSSL_EXPORT X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx); -OPENSSL_EXPORT int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx); - -OPENSSL_EXPORT X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx); -OPENSSL_EXPORT void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param); -OPENSSL_EXPORT int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name); - -/* X509_VERIFY_PARAM functions */ - -OPENSSL_EXPORT X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void); -OPENSSL_EXPORT void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param); -OPENSSL_EXPORT int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to, - const X509_VERIFY_PARAM *from); -OPENSSL_EXPORT int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to, - const X509_VERIFY_PARAM *from); -OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name); -OPENSSL_EXPORT int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags); -OPENSSL_EXPORT int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param, - unsigned long flags); -OPENSSL_EXPORT unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param); -OPENSSL_EXPORT int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose); -OPENSSL_EXPORT int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust); -OPENSSL_EXPORT void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth); -OPENSSL_EXPORT void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t); -OPENSSL_EXPORT int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param, - ASN1_OBJECT *policy); -OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, - STACK_OF(ASN1_OBJECT) *policies); - -OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param, - const char *name, size_t namelen); -OPENSSL_EXPORT int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param, - const char *name, - size_t namelen); -OPENSSL_EXPORT void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param, - unsigned int flags); -OPENSSL_EXPORT char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *); -OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param, - const char *email, size_t emaillen); -OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param, - const unsigned char *ip, size_t iplen); -OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc); - -OPENSSL_EXPORT int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param); -OPENSSL_EXPORT const char *X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param); - -OPENSSL_EXPORT int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param); -OPENSSL_EXPORT int X509_VERIFY_PARAM_get_count(void); -OPENSSL_EXPORT const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id); -OPENSSL_EXPORT const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name); -OPENSSL_EXPORT void X509_VERIFY_PARAM_table_cleanup(void); - -OPENSSL_EXPORT int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy, - STACK_OF(X509) *certs, - STACK_OF(ASN1_OBJECT) *policy_oids, - unsigned int flags); - -OPENSSL_EXPORT void X509_policy_tree_free(X509_POLICY_TREE *tree); - -OPENSSL_EXPORT int X509_policy_tree_level_count(const X509_POLICY_TREE *tree); -OPENSSL_EXPORT X509_POLICY_LEVEL * - X509_policy_tree_get0_level(const X509_POLICY_TREE *tree, int i); - -OPENSSL_EXPORT STACK_OF(X509_POLICY_NODE) * - X509_policy_tree_get0_policies(const X509_POLICY_TREE *tree); - -OPENSSL_EXPORT STACK_OF(X509_POLICY_NODE) * - X509_policy_tree_get0_user_policies(const X509_POLICY_TREE *tree); - -OPENSSL_EXPORT int X509_policy_level_node_count(X509_POLICY_LEVEL *level); - -OPENSSL_EXPORT X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level, int i); - -OPENSSL_EXPORT const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node); - -OPENSSL_EXPORT STACK_OF(POLICYQUALINFO) * - X509_policy_node_get0_qualifiers(const X509_POLICY_NODE *node); -OPENSSL_EXPORT const X509_POLICY_NODE * - X509_policy_node_get0_parent(const X509_POLICY_NODE *node); - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/third_party/boringssl/include/openssl/x509v3.h b/third_party/boringssl/include/openssl/x509v3.h deleted file mode 100644 index 5caa5c1f4e348b..00000000000000 --- a/third_party/boringssl/include/openssl/x509v3.h +++ /dev/null @@ -1,855 +0,0 @@ -/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project 1999. */ -/* ==================================================================== - * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). */ - -#ifndef HEADER_X509V3_H -#define HEADER_X509V3_H - -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* Forward reference */ -struct v3_ext_method; -struct v3_ext_ctx; - -/* Useful typedefs */ - -typedef void * (*X509V3_EXT_NEW)(void); -typedef void (*X509V3_EXT_FREE)(void *); -typedef void * (*X509V3_EXT_D2I)(void *, const unsigned char ** , long); -typedef int (*X509V3_EXT_I2D)(void *, unsigned char **); -typedef STACK_OF(CONF_VALUE) * - (*X509V3_EXT_I2V)(const struct v3_ext_method *method, void *ext, - STACK_OF(CONF_VALUE) *extlist); -typedef void * (*X509V3_EXT_V2I)(const struct v3_ext_method *method, - struct v3_ext_ctx *ctx, - STACK_OF(CONF_VALUE) *values); -typedef char * (*X509V3_EXT_I2S)(const struct v3_ext_method *method, void *ext); -typedef void * (*X509V3_EXT_S2I)(const struct v3_ext_method *method, - struct v3_ext_ctx *ctx, const char *str); -typedef int (*X509V3_EXT_I2R)(const struct v3_ext_method *method, void *ext, - BIO *out, int indent); -typedef void * (*X509V3_EXT_R2I)(const struct v3_ext_method *method, - struct v3_ext_ctx *ctx, const char *str); - -/* V3 extension structure */ - -struct v3_ext_method { -int ext_nid; -int ext_flags; -/* If this is set the following four fields are ignored */ -ASN1_ITEM_EXP *it; -/* Old style ASN1 calls */ -X509V3_EXT_NEW ext_new; -X509V3_EXT_FREE ext_free; -X509V3_EXT_D2I d2i; -X509V3_EXT_I2D i2d; - -/* The following pair is used for string extensions */ -X509V3_EXT_I2S i2s; -X509V3_EXT_S2I s2i; - -/* The following pair is used for multi-valued extensions */ -X509V3_EXT_I2V i2v; -X509V3_EXT_V2I v2i; - -/* The following are used for raw extensions */ -X509V3_EXT_I2R i2r; -X509V3_EXT_R2I r2i; - -void *usr_data; /* Any extension specific data */ -}; - -typedef struct X509V3_CONF_METHOD_st { -char * (*get_string)(void *db, char *section, char *value); -STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section); -void (*free_string)(void *db, char * string); -void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section); -} X509V3_CONF_METHOD; - -/* Context specific info */ -struct v3_ext_ctx { -#define CTX_TEST 0x1 -int flags; -X509 *issuer_cert; -X509 *subject_cert; -X509_REQ *subject_req; -X509_CRL *crl; -const X509V3_CONF_METHOD *db_meth; -void *db; -/* Maybe more here */ -}; - -typedef struct v3_ext_method X509V3_EXT_METHOD; - -DECLARE_STACK_OF(X509V3_EXT_METHOD) - -/* ext_flags values */ -#define X509V3_EXT_DYNAMIC 0x1 -#define X509V3_EXT_CTX_DEP 0x2 -#define X509V3_EXT_MULTILINE 0x4 - -typedef BIT_STRING_BITNAME ENUMERATED_NAMES; - -typedef struct BASIC_CONSTRAINTS_st { -int ca; -ASN1_INTEGER *pathlen; -} BASIC_CONSTRAINTS; - - -typedef struct PKEY_USAGE_PERIOD_st { -ASN1_GENERALIZEDTIME *notBefore; -ASN1_GENERALIZEDTIME *notAfter; -} PKEY_USAGE_PERIOD; - -typedef struct otherName_st { -ASN1_OBJECT *type_id; -ASN1_TYPE *value; -} OTHERNAME; - -typedef struct EDIPartyName_st { - ASN1_STRING *nameAssigner; - ASN1_STRING *partyName; -} EDIPARTYNAME; - -typedef struct GENERAL_NAME_st { - -#define GEN_OTHERNAME 0 -#define GEN_EMAIL 1 -#define GEN_DNS 2 -#define GEN_X400 3 -#define GEN_DIRNAME 4 -#define GEN_EDIPARTY 5 -#define GEN_URI 6 -#define GEN_IPADD 7 -#define GEN_RID 8 - -int type; -union { - char *ptr; - OTHERNAME *otherName; /* otherName */ - ASN1_IA5STRING *rfc822Name; - ASN1_IA5STRING *dNSName; - ASN1_TYPE *x400Address; - X509_NAME *directoryName; - EDIPARTYNAME *ediPartyName; - ASN1_IA5STRING *uniformResourceIdentifier; - ASN1_OCTET_STRING *iPAddress; - ASN1_OBJECT *registeredID; - - /* Old names */ - ASN1_OCTET_STRING *ip; /* iPAddress */ - X509_NAME *dirn; /* dirn */ - ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */ - ASN1_OBJECT *rid; /* registeredID */ - ASN1_TYPE *other; /* x400Address */ -} d; -} GENERAL_NAME; - -typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES; - -typedef struct ACCESS_DESCRIPTION_st { - ASN1_OBJECT *method; - GENERAL_NAME *location; -} ACCESS_DESCRIPTION; - -typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; - -typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE; - -DECLARE_STACK_OF(GENERAL_NAME) -DECLARE_ASN1_SET_OF(GENERAL_NAME) - -DECLARE_STACK_OF(ACCESS_DESCRIPTION) -DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION) - -typedef struct DIST_POINT_NAME_st { -int type; -union { - GENERAL_NAMES *fullname; - STACK_OF(X509_NAME_ENTRY) *relativename; -} name; -/* If relativename then this contains the full distribution point name */ -X509_NAME *dpname; -} DIST_POINT_NAME; -/* All existing reasons */ -#define CRLDP_ALL_REASONS 0x807f - -#define CRL_REASON_NONE -1 -#define CRL_REASON_UNSPECIFIED 0 -#define CRL_REASON_KEY_COMPROMISE 1 -#define CRL_REASON_CA_COMPROMISE 2 -#define CRL_REASON_AFFILIATION_CHANGED 3 -#define CRL_REASON_SUPERSEDED 4 -#define CRL_REASON_CESSATION_OF_OPERATION 5 -#define CRL_REASON_CERTIFICATE_HOLD 6 -#define CRL_REASON_REMOVE_FROM_CRL 8 -#define CRL_REASON_PRIVILEGE_WITHDRAWN 9 -#define CRL_REASON_AA_COMPROMISE 10 - -struct DIST_POINT_st { -DIST_POINT_NAME *distpoint; -ASN1_BIT_STRING *reasons; -GENERAL_NAMES *CRLissuer; -int dp_reasons; -}; - -typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS; - -DECLARE_STACK_OF(DIST_POINT) -DECLARE_ASN1_SET_OF(DIST_POINT) - -struct AUTHORITY_KEYID_st { -ASN1_OCTET_STRING *keyid; -GENERAL_NAMES *issuer; -ASN1_INTEGER *serial; -}; - -/* Strong extranet structures */ - -typedef struct SXNET_ID_st { - ASN1_INTEGER *zone; - ASN1_OCTET_STRING *user; -} SXNETID; - -DECLARE_STACK_OF(SXNETID) -DECLARE_ASN1_SET_OF(SXNETID) - -typedef struct SXNET_st { - ASN1_INTEGER *version; - STACK_OF(SXNETID) *ids; -} SXNET; - -typedef struct NOTICEREF_st { - ASN1_STRING *organization; - STACK_OF(ASN1_INTEGER) *noticenos; -} NOTICEREF; - -typedef struct USERNOTICE_st { - NOTICEREF *noticeref; - ASN1_STRING *exptext; -} USERNOTICE; - -typedef struct POLICYQUALINFO_st { - ASN1_OBJECT *pqualid; - union { - ASN1_IA5STRING *cpsuri; - USERNOTICE *usernotice; - ASN1_TYPE *other; - } d; -} POLICYQUALINFO; - -DECLARE_STACK_OF(POLICYQUALINFO) -DECLARE_ASN1_SET_OF(POLICYQUALINFO) - -typedef struct POLICYINFO_st { - ASN1_OBJECT *policyid; - STACK_OF(POLICYQUALINFO) *qualifiers; -} POLICYINFO; - -typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES; - -DECLARE_STACK_OF(POLICYINFO) -DECLARE_ASN1_SET_OF(POLICYINFO) - -typedef struct POLICY_MAPPING_st { - ASN1_OBJECT *issuerDomainPolicy; - ASN1_OBJECT *subjectDomainPolicy; -} POLICY_MAPPING; - -DECLARE_STACK_OF(POLICY_MAPPING) - -typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS; - -typedef struct GENERAL_SUBTREE_st { - GENERAL_NAME *base; - ASN1_INTEGER *minimum; - ASN1_INTEGER *maximum; -} GENERAL_SUBTREE; - -DECLARE_STACK_OF(GENERAL_SUBTREE) - -struct NAME_CONSTRAINTS_st { - STACK_OF(GENERAL_SUBTREE) *permittedSubtrees; - STACK_OF(GENERAL_SUBTREE) *excludedSubtrees; -}; - -typedef struct POLICY_CONSTRAINTS_st { - ASN1_INTEGER *requireExplicitPolicy; - ASN1_INTEGER *inhibitPolicyMapping; -} POLICY_CONSTRAINTS; - -/* Proxy certificate structures, see RFC 3820 */ -typedef struct PROXY_POLICY_st - { - ASN1_OBJECT *policyLanguage; - ASN1_OCTET_STRING *policy; - } PROXY_POLICY; - -typedef struct PROXY_CERT_INFO_EXTENSION_st - { - ASN1_INTEGER *pcPathLengthConstraint; - PROXY_POLICY *proxyPolicy; - } PROXY_CERT_INFO_EXTENSION; - -DECLARE_ASN1_FUNCTIONS(PROXY_POLICY) -DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION) - -struct ISSUING_DIST_POINT_st - { - DIST_POINT_NAME *distpoint; - int onlyuser; - int onlyCA; - ASN1_BIT_STRING *onlysomereasons; - int indirectCRL; - int onlyattr; - }; - -/* Values in idp_flags field */ -/* IDP present */ -#define IDP_PRESENT 0x1 -/* IDP values inconsistent */ -#define IDP_INVALID 0x2 -/* onlyuser true */ -#define IDP_ONLYUSER 0x4 -/* onlyCA true */ -#define IDP_ONLYCA 0x8 -/* onlyattr true */ -#define IDP_ONLYATTR 0x10 -/* indirectCRL true */ -#define IDP_INDIRECT 0x20 -/* onlysomereasons present */ -#define IDP_REASONS 0x40 - -#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \ -",name:", val->name, ",value:", val->value); - -#define X509V3_set_ctx_test(ctx) \ - X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST) -#define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL; - -#define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \ - 0,0,0,0, \ - 0,0, \ - (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \ - (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \ - NULL, NULL, \ - (void *)table} - -#define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \ - 0,0,0,0, \ - (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \ - (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \ - 0,0,0,0, \ - NULL} - -#define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} - - -/* X509_PURPOSE stuff */ - -#define EXFLAG_BCONS 0x1 -#define EXFLAG_KUSAGE 0x2 -#define EXFLAG_XKUSAGE 0x4 -#define EXFLAG_NSCERT 0x8 - -#define EXFLAG_CA 0x10 -/* Really self issued not necessarily self signed */ -#define EXFLAG_SI 0x20 -#define EXFLAG_V1 0x40 -#define EXFLAG_INVALID 0x80 -#define EXFLAG_SET 0x100 -#define EXFLAG_CRITICAL 0x200 -#define EXFLAG_PROXY 0x400 - -#define EXFLAG_INVALID_POLICY 0x800 -#define EXFLAG_FRESHEST 0x1000 -/* Self signed */ -#define EXFLAG_SS 0x2000 - -#define KU_DIGITAL_SIGNATURE 0x0080 -#define KU_NON_REPUDIATION 0x0040 -#define KU_KEY_ENCIPHERMENT 0x0020 -#define KU_DATA_ENCIPHERMENT 0x0010 -#define KU_KEY_AGREEMENT 0x0008 -#define KU_KEY_CERT_SIGN 0x0004 -#define KU_CRL_SIGN 0x0002 -#define KU_ENCIPHER_ONLY 0x0001 -#define KU_DECIPHER_ONLY 0x8000 - -#define NS_SSL_CLIENT 0x80 -#define NS_SSL_SERVER 0x40 -#define NS_SMIME 0x20 -#define NS_OBJSIGN 0x10 -#define NS_SSL_CA 0x04 -#define NS_SMIME_CA 0x02 -#define NS_OBJSIGN_CA 0x01 -#define NS_ANY_CA (NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA) - -#define XKU_SSL_SERVER 0x1 -#define XKU_SSL_CLIENT 0x2 -#define XKU_SMIME 0x4 -#define XKU_CODE_SIGN 0x8 -#define XKU_SGC 0x10 -#define XKU_OCSP_SIGN 0x20 -#define XKU_TIMESTAMP 0x40 -#define XKU_DVCS 0x80 -#define XKU_ANYEKU 0x100 - -#define X509_PURPOSE_DYNAMIC 0x1 -#define X509_PURPOSE_DYNAMIC_NAME 0x2 - -typedef struct x509_purpose_st { - int purpose; - int trust; /* Default trust ID */ - int flags; - int (*check_purpose)(const struct x509_purpose_st *, - const X509 *, int); - char *name; - char *sname; - void *usr_data; -} X509_PURPOSE; - -#define X509_PURPOSE_SSL_CLIENT 1 -#define X509_PURPOSE_SSL_SERVER 2 -#define X509_PURPOSE_NS_SSL_SERVER 3 -#define X509_PURPOSE_SMIME_SIGN 4 -#define X509_PURPOSE_SMIME_ENCRYPT 5 -#define X509_PURPOSE_CRL_SIGN 6 -#define X509_PURPOSE_ANY 7 -#define X509_PURPOSE_OCSP_HELPER 8 -#define X509_PURPOSE_TIMESTAMP_SIGN 9 - -#define X509_PURPOSE_MIN 1 -#define X509_PURPOSE_MAX 9 - -/* Flags for X509V3_EXT_print() */ - -#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16) -/* Return error for unknown extensions */ -#define X509V3_EXT_DEFAULT 0 -/* Print error for unknown extensions */ -#define X509V3_EXT_ERROR_UNKNOWN (1L << 16) -/* ASN1 parse unknown extensions */ -#define X509V3_EXT_PARSE_UNKNOWN (2L << 16) -/* BIO_dump unknown extensions */ -#define X509V3_EXT_DUMP_UNKNOWN (3L << 16) - -/* Flags for X509V3_add1_i2d */ - -#define X509V3_ADD_OP_MASK 0xfL -#define X509V3_ADD_DEFAULT 0L -#define X509V3_ADD_APPEND 1L -#define X509V3_ADD_REPLACE 2L -#define X509V3_ADD_REPLACE_EXISTING 3L -#define X509V3_ADD_KEEP_EXISTING 4L -#define X509V3_ADD_DELETE 5L -#define X509V3_ADD_SILENT 0x10 - -DECLARE_STACK_OF(X509_PURPOSE) - -DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS) - -DECLARE_ASN1_FUNCTIONS(SXNET) -DECLARE_ASN1_FUNCTIONS(SXNETID) - -int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen); -int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen); -int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user, int userlen); - -ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone); -ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone); -ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone); - -DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID) - -DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD) - -DECLARE_ASN1_FUNCTIONS(GENERAL_NAME) -OPENSSL_EXPORT GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a); -OPENSSL_EXPORT int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b); - - - -OPENSSL_EXPORT ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -OPENSSL_EXPORT STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, - ASN1_BIT_STRING *bits, - STACK_OF(CONF_VALUE) *extlist); - -OPENSSL_EXPORT STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret); -OPENSSL_EXPORT int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen); - -DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES) - -OPENSSL_EXPORT STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, - GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist); -OPENSSL_EXPORT GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); - -DECLARE_ASN1_FUNCTIONS(OTHERNAME) -DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME) -OPENSSL_EXPORT int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b); -OPENSSL_EXPORT void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value); -OPENSSL_EXPORT void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype); -OPENSSL_EXPORT int GENERAL_NAME_set0_othername(GENERAL_NAME *gen, - ASN1_OBJECT *oid, ASN1_TYPE *value); -OPENSSL_EXPORT int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, - ASN1_OBJECT **poid, ASN1_TYPE **pvalue); - -OPENSSL_EXPORT char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5); -OPENSSL_EXPORT ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); - -DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE) -OPENSSL_EXPORT int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a); - -DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES) -DECLARE_ASN1_FUNCTIONS(POLICYINFO) -DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO) -DECLARE_ASN1_FUNCTIONS(USERNOTICE) -DECLARE_ASN1_FUNCTIONS(NOTICEREF) - -DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS) -DECLARE_ASN1_FUNCTIONS(DIST_POINT) -DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME) -DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT) - -OPENSSL_EXPORT int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname); - -OPENSSL_EXPORT int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc); - -DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION) -DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS) - -DECLARE_ASN1_ITEM(POLICY_MAPPING) -DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING) -DECLARE_ASN1_ITEM(POLICY_MAPPINGS) - -DECLARE_ASN1_ITEM(GENERAL_SUBTREE) -DECLARE_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE) - -DECLARE_ASN1_ITEM(NAME_CONSTRAINTS) -DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS) - -DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS) -DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS) - -OPENSSL_EXPORT GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, - const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - int gen_type, char *value, int is_nc); - -OPENSSL_EXPORT GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - CONF_VALUE *cnf); -OPENSSL_EXPORT GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, - const X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc); -OPENSSL_EXPORT void X509V3_conf_free(CONF_VALUE *val); - -OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value); -OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, char *value); -OPENSSL_EXPORT int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section, STACK_OF(X509_EXTENSION) **sk); -OPENSSL_EXPORT int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509 *cert); -OPENSSL_EXPORT int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_REQ *req); -OPENSSL_EXPORT int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl); - -OPENSSL_EXPORT int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, - char *section, X509_CRL *crl); - -OPENSSL_EXPORT int X509V3_add_value_bool_nf(char *name, int asn1_bool, - STACK_OF(CONF_VALUE) **extlist); -OPENSSL_EXPORT int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool); -OPENSSL_EXPORT int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint); -OPENSSL_EXPORT void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf); - -OPENSSL_EXPORT char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section); -OPENSSL_EXPORT STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section); -OPENSSL_EXPORT void X509V3_string_free(X509V3_CTX *ctx, char *str); -OPENSSL_EXPORT void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section); -OPENSSL_EXPORT void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject, - X509_REQ *req, X509_CRL *crl, int flags); - -OPENSSL_EXPORT int X509V3_add_value(const char *name, const char *value, - STACK_OF(CONF_VALUE) **extlist); -OPENSSL_EXPORT int X509V3_add_value_uchar(const char *name, const unsigned char *value, - STACK_OF(CONF_VALUE) **extlist); -OPENSSL_EXPORT int X509V3_add_value_bool(const char *name, int asn1_bool, - STACK_OF(CONF_VALUE) **extlist); -OPENSSL_EXPORT int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint, - STACK_OF(CONF_VALUE) **extlist); -OPENSSL_EXPORT char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint); -OPENSSL_EXPORT ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value); -OPENSSL_EXPORT char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint); -OPENSSL_EXPORT char * i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint); -OPENSSL_EXPORT int X509V3_EXT_add(X509V3_EXT_METHOD *ext); -OPENSSL_EXPORT int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist); -OPENSSL_EXPORT int X509V3_EXT_add_alias(int nid_to, int nid_from); -OPENSSL_EXPORT void X509V3_EXT_cleanup(void); - -OPENSSL_EXPORT const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext); -OPENSSL_EXPORT const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid); -OPENSSL_EXPORT int X509V3_add_standard_extensions(void); -OPENSSL_EXPORT STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line); -OPENSSL_EXPORT void *X509V3_EXT_d2i(X509_EXTENSION *ext); -OPENSSL_EXPORT void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx); - - -OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc); -OPENSSL_EXPORT int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, int crit, unsigned long flags); - -char *hex_to_string(const unsigned char *buffer, long len); -unsigned char *string_to_hex(const char *str, long *len); -int name_cmp(const char *name, const char *cmp); - -OPENSSL_EXPORT void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, - int ml); -OPENSSL_EXPORT int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent); -OPENSSL_EXPORT int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent); - -OPENSSL_EXPORT int X509V3_extensions_print(BIO *out, const char *title, STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent); - -OPENSSL_EXPORT int X509_check_ca(X509 *x); -OPENSSL_EXPORT int X509_check_purpose(X509 *x, int id, int ca); -OPENSSL_EXPORT int X509_supported_extension(X509_EXTENSION *ex); -OPENSSL_EXPORT int X509_PURPOSE_set(int *p, int purpose); -OPENSSL_EXPORT int X509_check_issued(X509 *issuer, X509 *subject); -OPENSSL_EXPORT int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid); -OPENSSL_EXPORT int X509_PURPOSE_get_count(void); -OPENSSL_EXPORT X509_PURPOSE * X509_PURPOSE_get0(int idx); -OPENSSL_EXPORT int X509_PURPOSE_get_by_sname(char *sname); -OPENSSL_EXPORT int X509_PURPOSE_get_by_id(int id); -OPENSSL_EXPORT int X509_PURPOSE_add(int id, int trust, int flags, - int (*ck)(const X509_PURPOSE *, const X509 *, int), - char *name, char *sname, void *arg); -OPENSSL_EXPORT char *X509_PURPOSE_get0_name(X509_PURPOSE *xp); -OPENSSL_EXPORT char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp); -OPENSSL_EXPORT int X509_PURPOSE_get_trust(X509_PURPOSE *xp); -OPENSSL_EXPORT void X509_PURPOSE_cleanup(void); -OPENSSL_EXPORT int X509_PURPOSE_get_id(X509_PURPOSE *); - -OPENSSL_EXPORT STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x); -OPENSSL_EXPORT STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x); -OPENSSL_EXPORT void X509_email_free(STACK_OF(OPENSSL_STRING) *sk); -OPENSSL_EXPORT STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x); -/* Flags for X509_check_* functions */ - -/* Always check subject name for host match even if subject alt names present */ -#define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT 0x1 -/* Disable wildcard matching for dnsName fields and common name. */ -#define X509_CHECK_FLAG_NO_WILDCARDS 0x2 -/* Wildcards must not match a partial label. */ -#define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS 0x4 -/* Allow (non-partial) wildcards to match multiple labels. */ -#define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS 0x8 -/* Constraint verifier subdomain patterns to match a single labels. */ -#define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS 0x10 -/* - * Match reference identifiers starting with "." to any sub-domain. - * This is a non-public flag, turned on implicitly when the subject - * reference identity is a DNS name. - */ -#define _X509_CHECK_FLAG_DOT_SUBDOMAINS 0x8000 - -OPENSSL_EXPORT int X509_check_host(X509 *x, const char *chk, size_t chklen, - unsigned int flags, char **peername); -OPENSSL_EXPORT int X509_check_email(X509 *x, const char *chk, size_t chklen, - unsigned int flags); -OPENSSL_EXPORT int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen, - unsigned int flags); -OPENSSL_EXPORT int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags); - -OPENSSL_EXPORT ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc); -OPENSSL_EXPORT ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc); -OPENSSL_EXPORT int a2i_ipadd(unsigned char *ipout, const char *ipasc); -OPENSSL_EXPORT int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk, - unsigned long chtype); - -OPENSSL_EXPORT void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent); -DECLARE_STACK_OF(X509_POLICY_NODE) - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_X509V3_strings(void); - - -#ifdef __cplusplus -} -#endif -#define X509V3_F_SXNET_add_id_INTEGER 100 -#define X509V3_F_SXNET_add_id_asc 101 -#define X509V3_F_SXNET_add_id_ulong 102 -#define X509V3_F_SXNET_get_id_asc 103 -#define X509V3_F_SXNET_get_id_ulong 104 -#define X509V3_F_X509V3_EXT_add 105 -#define X509V3_F_X509V3_EXT_add_alias 106 -#define X509V3_F_X509V3_EXT_free 107 -#define X509V3_F_X509V3_EXT_i2d 108 -#define X509V3_F_X509V3_EXT_nconf 109 -#define X509V3_F_X509V3_add1_i2d 110 -#define X509V3_F_X509V3_add_value 111 -#define X509V3_F_X509V3_get_section 112 -#define X509V3_F_X509V3_get_string 113 -#define X509V3_F_X509V3_get_value_bool 114 -#define X509V3_F_X509V3_parse_list 115 -#define X509V3_F_X509_PURPOSE_add 116 -#define X509V3_F_X509_PURPOSE_set 117 -#define X509V3_F_a2i_GENERAL_NAME 118 -#define X509V3_F_copy_email 119 -#define X509V3_F_copy_issuer 120 -#define X509V3_F_do_dirname 121 -#define X509V3_F_do_ext_i2d 122 -#define X509V3_F_do_ext_nconf 123 -#define X509V3_F_gnames_from_sectname 124 -#define X509V3_F_hex_to_string 125 -#define X509V3_F_i2s_ASN1_ENUMERATED 126 -#define X509V3_F_i2s_ASN1_IA5STRING 127 -#define X509V3_F_i2s_ASN1_INTEGER 128 -#define X509V3_F_i2v_AUTHORITY_INFO_ACCESS 129 -#define X509V3_F_notice_section 130 -#define X509V3_F_nref_nos 131 -#define X509V3_F_policy_section 132 -#define X509V3_F_process_pci_value 133 -#define X509V3_F_r2i_certpol 134 -#define X509V3_F_r2i_pci 135 -#define X509V3_F_s2i_ASN1_IA5STRING 136 -#define X509V3_F_s2i_ASN1_INTEGER 137 -#define X509V3_F_s2i_ASN1_OCTET_STRING 138 -#define X509V3_F_s2i_skey_id 139 -#define X509V3_F_set_dist_point_name 140 -#define X509V3_F_string_to_hex 141 -#define X509V3_F_v2i_ASN1_BIT_STRING 142 -#define X509V3_F_v2i_AUTHORITY_INFO_ACCESS 143 -#define X509V3_F_v2i_AUTHORITY_KEYID 144 -#define X509V3_F_v2i_BASIC_CONSTRAINTS 145 -#define X509V3_F_v2i_EXTENDED_KEY_USAGE 146 -#define X509V3_F_v2i_GENERAL_NAMES 147 -#define X509V3_F_v2i_GENERAL_NAME_ex 148 -#define X509V3_F_v2i_NAME_CONSTRAINTS 149 -#define X509V3_F_v2i_POLICY_CONSTRAINTS 150 -#define X509V3_F_v2i_POLICY_MAPPINGS 151 -#define X509V3_F_v2i_crld 152 -#define X509V3_F_v2i_idp 153 -#define X509V3_F_v2i_issuer_alt 154 -#define X509V3_F_v2i_subject_alt 155 -#define X509V3_F_v3_generic_extension 156 -#define X509V3_R_BAD_IP_ADDRESS 100 -#define X509V3_R_BAD_OBJECT 101 -#define X509V3_R_BN_DEC2BN_ERROR 102 -#define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 103 -#define X509V3_R_CANNOT_FIND_FREE_FUNCTION 104 -#define X509V3_R_DIRNAME_ERROR 105 -#define X509V3_R_DISTPOINT_ALREADY_SET 106 -#define X509V3_R_DUPLICATE_ZONE_ID 107 -#define X509V3_R_ERROR_CONVERTING_ZONE 108 -#define X509V3_R_ERROR_CREATING_EXTENSION 109 -#define X509V3_R_ERROR_IN_EXTENSION 110 -#define X509V3_R_EXPECTED_A_SECTION_NAME 111 -#define X509V3_R_EXTENSION_EXISTS 112 -#define X509V3_R_EXTENSION_NAME_ERROR 113 -#define X509V3_R_EXTENSION_NOT_FOUND 114 -#define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 115 -#define X509V3_R_EXTENSION_VALUE_ERROR 116 -#define X509V3_R_ILLEGAL_EMPTY_EXTENSION 117 -#define X509V3_R_ILLEGAL_HEX_DIGIT 118 -#define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 119 -#define X509V3_R_INVALID_BOOLEAN_STRING 120 -#define X509V3_R_INVALID_EXTENSION_STRING 121 -#define X509V3_R_INVALID_MULTIPLE_RDNS 122 -#define X509V3_R_INVALID_NAME 123 -#define X509V3_R_INVALID_NULL_ARGUMENT 124 -#define X509V3_R_INVALID_NULL_NAME 125 -#define X509V3_R_INVALID_NULL_VALUE 126 -#define X509V3_R_INVALID_NUMBER 127 -#define X509V3_R_INVALID_NUMBERS 128 -#define X509V3_R_INVALID_OBJECT_IDENTIFIER 129 -#define X509V3_R_INVALID_OPTION 130 -#define X509V3_R_INVALID_POLICY_IDENTIFIER 131 -#define X509V3_R_INVALID_PROXY_POLICY_SETTING 132 -#define X509V3_R_INVALID_PURPOSE 133 -#define X509V3_R_INVALID_SECTION 134 -#define X509V3_R_INVALID_SYNTAX 135 -#define X509V3_R_ISSUER_DECODE_ERROR 136 -#define X509V3_R_MISSING_VALUE 137 -#define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 138 -#define X509V3_R_NO_CONFIG_DATABASE 139 -#define X509V3_R_NO_ISSUER_CERTIFICATE 140 -#define X509V3_R_NO_ISSUER_DETAILS 141 -#define X509V3_R_NO_POLICY_IDENTIFIER 142 -#define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 143 -#define X509V3_R_NO_PUBLIC_KEY 144 -#define X509V3_R_NO_SUBJECT_DETAILS 145 -#define X509V3_R_ODD_NUMBER_OF_DIGITS 146 -#define X509V3_R_OPERATION_NOT_DEFINED 147 -#define X509V3_R_OTHERNAME_ERROR 148 -#define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED 149 -#define X509V3_R_POLICY_PATH_LENGTH 150 -#define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED 151 -#define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 152 -#define X509V3_R_SECTION_NOT_FOUND 153 -#define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 154 -#define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 155 -#define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 156 -#define X509V3_R_UNKNOWN_EXTENSION 157 -#define X509V3_R_UNKNOWN_EXTENSION_NAME 158 -#define X509V3_R_UNKNOWN_OPTION 159 -#define X509V3_R_UNSUPPORTED_OPTION 160 -#define X509V3_R_UNSUPPORTED_TYPE 161 -#define X509V3_R_USER_TOO_LONG 162 - -#endif diff --git a/third_party/boringssl/lib/libcrypto_static.a b/third_party/boringssl/lib/libcrypto_static.a deleted file mode 100644 index f683cb11d42ead..00000000000000 Binary files a/third_party/boringssl/lib/libcrypto_static.a and /dev/null differ diff --git a/third_party/boringssl/lib/libssl_static.a b/third_party/boringssl/lib/libssl_static.a deleted file mode 100644 index b6c52d03a04e8c..00000000000000 Binary files a/third_party/boringssl/lib/libssl_static.a and /dev/null differ diff --git a/third_party/bzip2/LICENSE b/third_party/bzip2/LICENSE deleted file mode 100644 index cc614178cf7958..00000000000000 --- a/third_party/bzip2/LICENSE +++ /dev/null @@ -1,42 +0,0 @@ - --------------------------------------------------------------------------- - -This program, "bzip2", the associated library "libbzip2", and all -documentation, are copyright (C) 1996-2010 Julian R Seward. All -rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - -2. The origin of this software must not be misrepresented; you must - not claim that you wrote the original software. If you use this - software in a product, an acknowledgment in the product - documentation would be appreciated but is not required. - -3. Altered source versions must be plainly marked as such, and must - not be misrepresented as being the original software. - -4. The name of the author may not be used to endorse or promote - products derived from this software without specific prior written - permission. - -THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS -OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY -DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE -GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -Julian Seward, jseward@bzip.org -bzip2/libbzip2 version 1.0.6 of 6 September 2010 - --------------------------------------------------------------------------- diff --git a/third_party/bzip2/build.txt b/third_party/bzip2/build.txt deleted file mode 100644 index ceb3226210027a..00000000000000 --- a/third_party/bzip2/build.txt +++ /dev/null @@ -1,6 +0,0 @@ -git clone https://github.com/enthought/bzip2-1.0.6.git -cd bzip2-1.0.6 -git reset --hard 288acf97a15d558f96c24c89f578b724d6e06b0c - -make libbz2.a -cp libbz2.a ../ diff --git a/third_party/bzip2/bzlib.h b/third_party/bzip2/bzlib.h deleted file mode 100644 index 8277123da8cf70..00000000000000 --- a/third_party/bzip2/bzlib.h +++ /dev/null @@ -1,282 +0,0 @@ - -/*-------------------------------------------------------------*/ -/*--- Public header file for the library. ---*/ -/*--- bzlib.h ---*/ -/*-------------------------------------------------------------*/ - -/* ------------------------------------------------------------------ - This file is part of bzip2/libbzip2, a program and library for - lossless, block-sorting data compression. - - bzip2/libbzip2 version 1.0.6 of 6 September 2010 - Copyright (C) 1996-2010 Julian Seward - - Please read the WARNING, DISCLAIMER and PATENTS sections in the - README file. - - This program is released under the terms of the license contained - in the file LICENSE. - ------------------------------------------------------------------ */ - - -#ifndef _BZLIB_H -#define _BZLIB_H - -#ifdef __cplusplus -extern "C" { -#endif - -#define BZ_RUN 0 -#define BZ_FLUSH 1 -#define BZ_FINISH 2 - -#define BZ_OK 0 -#define BZ_RUN_OK 1 -#define BZ_FLUSH_OK 2 -#define BZ_FINISH_OK 3 -#define BZ_STREAM_END 4 -#define BZ_SEQUENCE_ERROR (-1) -#define BZ_PARAM_ERROR (-2) -#define BZ_MEM_ERROR (-3) -#define BZ_DATA_ERROR (-4) -#define BZ_DATA_ERROR_MAGIC (-5) -#define BZ_IO_ERROR (-6) -#define BZ_UNEXPECTED_EOF (-7) -#define BZ_OUTBUFF_FULL (-8) -#define BZ_CONFIG_ERROR (-9) - -typedef - struct { - char *next_in; - unsigned int avail_in; - unsigned int total_in_lo32; - unsigned int total_in_hi32; - - char *next_out; - unsigned int avail_out; - unsigned int total_out_lo32; - unsigned int total_out_hi32; - - void *state; - - void *(*bzalloc)(void *,int,int); - void (*bzfree)(void *,void *); - void *opaque; - } - bz_stream; - - -#ifndef BZ_IMPORT -#define BZ_EXPORT -#endif - -#ifndef BZ_NO_STDIO -/* Need a definitition for FILE */ -#include -#endif - -#ifdef _WIN32 -# include -# ifdef small - /* windows.h define small to char */ -# undef small -# endif -# ifdef BZ_EXPORT -# define BZ_API(func) WINAPI func -# define BZ_EXTERN extern -# else - /* import windows dll dynamically */ -# define BZ_API(func) (WINAPI * func) -# define BZ_EXTERN -# endif -#else -# define BZ_API(func) func -# define BZ_EXTERN extern -#endif - - -/*-- Core (low-level) library functions --*/ - -BZ_EXTERN int BZ_API(BZ2_bzCompressInit) ( - bz_stream* strm, - int blockSize100k, - int verbosity, - int workFactor - ); - -BZ_EXTERN int BZ_API(BZ2_bzCompress) ( - bz_stream* strm, - int action - ); - -BZ_EXTERN int BZ_API(BZ2_bzCompressEnd) ( - bz_stream* strm - ); - -BZ_EXTERN int BZ_API(BZ2_bzDecompressInit) ( - bz_stream *strm, - int verbosity, - int small - ); - -BZ_EXTERN int BZ_API(BZ2_bzDecompress) ( - bz_stream* strm - ); - -BZ_EXTERN int BZ_API(BZ2_bzDecompressEnd) ( - bz_stream *strm - ); - - - -/*-- High(er) level library functions --*/ - -#ifndef BZ_NO_STDIO -#define BZ_MAX_UNUSED 5000 - -typedef void BZFILE; - -BZ_EXTERN BZFILE* BZ_API(BZ2_bzReadOpen) ( - int* bzerror, - FILE* f, - int verbosity, - int small, - void* unused, - int nUnused - ); - -BZ_EXTERN void BZ_API(BZ2_bzReadClose) ( - int* bzerror, - BZFILE* b - ); - -BZ_EXTERN void BZ_API(BZ2_bzReadGetUnused) ( - int* bzerror, - BZFILE* b, - void** unused, - int* nUnused - ); - -BZ_EXTERN int BZ_API(BZ2_bzRead) ( - int* bzerror, - BZFILE* b, - void* buf, - int len - ); - -BZ_EXTERN BZFILE* BZ_API(BZ2_bzWriteOpen) ( - int* bzerror, - FILE* f, - int blockSize100k, - int verbosity, - int workFactor - ); - -BZ_EXTERN void BZ_API(BZ2_bzWrite) ( - int* bzerror, - BZFILE* b, - void* buf, - int len - ); - -BZ_EXTERN void BZ_API(BZ2_bzWriteClose) ( - int* bzerror, - BZFILE* b, - int abandon, - unsigned int* nbytes_in, - unsigned int* nbytes_out - ); - -BZ_EXTERN void BZ_API(BZ2_bzWriteClose64) ( - int* bzerror, - BZFILE* b, - int abandon, - unsigned int* nbytes_in_lo32, - unsigned int* nbytes_in_hi32, - unsigned int* nbytes_out_lo32, - unsigned int* nbytes_out_hi32 - ); -#endif - - -/*-- Utility functions --*/ - -BZ_EXTERN int BZ_API(BZ2_bzBuffToBuffCompress) ( - char* dest, - unsigned int* destLen, - char* source, - unsigned int sourceLen, - int blockSize100k, - int verbosity, - int workFactor - ); - -BZ_EXTERN int BZ_API(BZ2_bzBuffToBuffDecompress) ( - char* dest, - unsigned int* destLen, - char* source, - unsigned int sourceLen, - int small, - int verbosity - ); - - -/*-- - Code contributed by Yoshioka Tsuneo (tsuneo@rr.iij4u.or.jp) - to support better zlib compatibility. - This code is not _officially_ part of libbzip2 (yet); - I haven't tested it, documented it, or considered the - threading-safeness of it. - If this code breaks, please contact both Yoshioka and me. ---*/ - -BZ_EXTERN const char * BZ_API(BZ2_bzlibVersion) ( - void - ); - -#ifndef BZ_NO_STDIO -BZ_EXTERN BZFILE * BZ_API(BZ2_bzopen) ( - const char *path, - const char *mode - ); - -BZ_EXTERN BZFILE * BZ_API(BZ2_bzdopen) ( - int fd, - const char *mode - ); - -BZ_EXTERN int BZ_API(BZ2_bzread) ( - BZFILE* b, - void* buf, - int len - ); - -BZ_EXTERN int BZ_API(BZ2_bzwrite) ( - BZFILE* b, - void* buf, - int len - ); - -BZ_EXTERN int BZ_API(BZ2_bzflush) ( - BZFILE* b - ); - -BZ_EXTERN void BZ_API(BZ2_bzclose) ( - BZFILE* b - ); - -BZ_EXTERN const char * BZ_API(BZ2_bzerror) ( - BZFILE *b, - int *errnum - ); -#endif - -#ifdef __cplusplus -} -#endif - -#endif - -/*-------------------------------------------------------------*/ -/*--- end bzlib.h ---*/ -/*-------------------------------------------------------------*/ diff --git a/third_party/bzip2/libbz2.a b/third_party/bzip2/libbz2.a deleted file mode 100644 index 0efccceb17bba5..00000000000000 Binary files a/third_party/bzip2/libbz2.a and /dev/null differ diff --git a/third_party/zlib/build.txt b/third_party/zlib/build.txt deleted file mode 100644 index b67f9cd57ac853..00000000000000 --- a/third_party/zlib/build.txt +++ /dev/null @@ -1,5 +0,0 @@ -# with neos tree -cd ~/android/system -mka libz - -cp ~/android/system/out/target/product/oneplus3/obj/STATIC_LIBRARIES/libz_intermediates/libz.a lib/ diff --git a/third_party/zlib/lib/libz.a b/third_party/zlib/lib/libz.a deleted file mode 100644 index d2170d8b87eb3b..00000000000000 Binary files a/third_party/zlib/lib/libz.a and /dev/null differ