summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp/evp.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/evp/evp.h')
-rw-r--r--src/lib/libcrypto/evp/evp.h80
1 files changed, 80 insertions, 0 deletions
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
index bdd3b7ecaa..79c097181f 100644
--- a/src/lib/libcrypto/evp/evp.h
+++ b/src/lib/libcrypto/evp/evp.h
@@ -75,6 +75,10 @@
75#include <openssl/bio.h> 75#include <openssl/bio.h>
76#endif 76#endif
77 77
78#ifdef OPENSSL_FIPS
79#include <openssl/fips.h>
80#endif
81
78/* 82/*
79#define EVP_RC2_KEY_SIZE 16 83#define EVP_RC2_KEY_SIZE 16
80#define EVP_RC4_KEY_SIZE 16 84#define EVP_RC4_KEY_SIZE 16
@@ -250,9 +254,19 @@ typedef int evp_verify_method(int type,const unsigned char *m,
250 unsigned int m_length,const unsigned char *sigbuf, 254 unsigned int m_length,const unsigned char *sigbuf,
251 unsigned int siglen, void *key); 255 unsigned int siglen, void *key);
252 256
257typedef struct
258 {
259 EVP_MD_CTX *mctx;
260 void *key;
261 } EVP_MD_SVCTX;
262
253#define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single 263#define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single
254 * block */ 264 * block */
255 265
266#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */
267
268#define EVP_MD_FLAG_SVCTX 0x0800 /* pass EVP_MD_SVCTX to sign/verify */
269
256#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0} 270#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
257 271
258#ifndef OPENSSL_NO_DSA 272#ifndef OPENSSL_NO_DSA
@@ -303,6 +317,17 @@ struct env_md_ctx_st
303 * cleaned */ 317 * cleaned */
304#define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data 318#define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data
305 * in EVP_MD_CTX_cleanup */ 319 * in EVP_MD_CTX_cleanup */
320#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non FIPS digest
321 * in FIPS mode */
322
323#define EVP_MD_CTX_FLAG_PAD_MASK 0xF0 /* RSA mode to use */
324#define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00 /* PKCS#1 v1.5 mode */
325#define EVP_MD_CTX_FLAG_PAD_X931 0x10 /* X9.31 mode */
326#define EVP_MD_CTX_FLAG_PAD_PSS 0x20 /* PSS mode */
327#define M_EVP_MD_CTX_FLAG_PSS_SALT(ctx) \
328 ((ctx->flags>>16) &0xFFFF) /* seed length */
329#define EVP_MD_CTX_FLAG_PSS_MDLEN 0xFFFF /* salt len same as digest */
330#define EVP_MD_CTX_FLAG_PSS_MREC 0xFFFE /* salt max or auto recovered */
306 331
307struct evp_cipher_st 332struct evp_cipher_st
308 { 333 {
@@ -347,6 +372,14 @@ struct evp_cipher_st
347#define EVP_CIPH_NO_PADDING 0x100 372#define EVP_CIPH_NO_PADDING 0x100
348/* cipher handles random key generation */ 373/* cipher handles random key generation */
349#define EVP_CIPH_RAND_KEY 0x200 374#define EVP_CIPH_RAND_KEY 0x200
375/* Note if suitable for use in FIPS mode */
376#define EVP_CIPH_FLAG_FIPS 0x400
377/* Allow non FIPS cipher in FIPS mode */
378#define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x800
379/* Allow use default ASN1 get/set iv */
380#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000
381/* Buffer length in bits not bytes: CFB1 mode only */
382#define EVP_CIPH_FLAG_LENGTH_BITS 0x2000
350 383
351/* ctrl() values */ 384/* ctrl() values */
352 385
@@ -429,6 +462,18 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
429#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) 462#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
430#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) 463#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
431 464
465/* Macros to reduce FIPS dependencies: do NOT use in applications */
466#define M_EVP_MD_size(e) ((e)->md_size)
467#define M_EVP_MD_block_size(e) ((e)->block_size)
468#define M_EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
469#define M_EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs))
470#define M_EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs))
471#define M_EVP_MD_type(e) ((e)->type)
472#define M_EVP_MD_CTX_type(e) M_EVP_MD_type(M_EVP_MD_CTX_md(e))
473#define M_EVP_MD_CTX_md(e) ((e)->digest)
474
475#define M_EVP_CIPHER_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
476
432int EVP_MD_type(const EVP_MD *md); 477int EVP_MD_type(const EVP_MD *md);
433#define EVP_MD_nid(e) EVP_MD_type(e) 478#define EVP_MD_nid(e) EVP_MD_type(e)
434#define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e)) 479#define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e))
@@ -524,6 +569,10 @@ int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
524 const unsigned char *salt, const unsigned char *data, 569 const unsigned char *salt, const unsigned char *data,
525 int datal, int count, unsigned char *key,unsigned char *iv); 570 int datal, int count, unsigned char *key,unsigned char *iv);
526 571
572void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags);
573void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags);
574int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx,int flags);
575
527int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, 576int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher,
528 const unsigned char *key, const unsigned char *iv); 577 const unsigned char *key, const unsigned char *iv);
529int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, 578int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
@@ -879,6 +928,24 @@ int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
879 EVP_PBE_KEYGEN *keygen); 928 EVP_PBE_KEYGEN *keygen);
880void EVP_PBE_cleanup(void); 929void EVP_PBE_cleanup(void);
881 930
931#ifdef OPENSSL_FIPS
932#ifndef OPENSSL_NO_ENGINE
933void int_EVP_MD_set_engine_callbacks(
934 int (*eng_md_init)(ENGINE *impl),
935 int (*eng_md_fin)(ENGINE *impl),
936 int (*eng_md_evp)
937 (EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl));
938void int_EVP_MD_init_engine_callbacks(void);
939void int_EVP_CIPHER_set_engine_callbacks(
940 int (*eng_ciph_fin)(ENGINE *impl),
941 int (*eng_ciph_evp)
942 (EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pciph, ENGINE *impl));
943void int_EVP_CIPHER_init_engine_callbacks(void);
944#endif
945#endif
946
947void EVP_add_alg_module(void);
948
882/* BEGIN ERROR CODES */ 949/* BEGIN ERROR CODES */
883/* The following lines are auto generated by the script mkerr.pl. Any changes 950/* The following lines are auto generated by the script mkerr.pl. Any changes
884 * made after this point may be overwritten when the script is next run. 951 * made after this point may be overwritten when the script is next run.
@@ -889,16 +956,23 @@ void ERR_load_EVP_strings(void);
889 956
890/* Function codes. */ 957/* Function codes. */
891#define EVP_F_AES_INIT_KEY 133 958#define EVP_F_AES_INIT_KEY 133
959#define EVP_F_ALG_MODULE_INIT 138
892#define EVP_F_CAMELLIA_INIT_KEY 159 960#define EVP_F_CAMELLIA_INIT_KEY 159
893#define EVP_F_D2I_PKEY 100 961#define EVP_F_D2I_PKEY 100
962#define EVP_F_DO_EVP_ENC_ENGINE 140
963#define EVP_F_DO_EVP_ENC_ENGINE_FULL 141
964#define EVP_F_DO_EVP_MD_ENGINE 139
965#define EVP_F_DO_EVP_MD_ENGINE_FULL 142
894#define EVP_F_DSAPKEY2PKCS8 134 966#define EVP_F_DSAPKEY2PKCS8 134
895#define EVP_F_DSA_PKEY2PKCS8 135 967#define EVP_F_DSA_PKEY2PKCS8 135
896#define EVP_F_ECDSA_PKEY2PKCS8 129 968#define EVP_F_ECDSA_PKEY2PKCS8 129
897#define EVP_F_ECKEY_PKEY2PKCS8 132 969#define EVP_F_ECKEY_PKEY2PKCS8 132
970#define EVP_F_EVP_CIPHERINIT 137
898#define EVP_F_EVP_CIPHERINIT_EX 123 971#define EVP_F_EVP_CIPHERINIT_EX 123
899#define EVP_F_EVP_CIPHER_CTX_CTRL 124 972#define EVP_F_EVP_CIPHER_CTX_CTRL 124
900#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 973#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
901#define EVP_F_EVP_DECRYPTFINAL_EX 101 974#define EVP_F_EVP_DECRYPTFINAL_EX 101
975#define EVP_F_EVP_DIGESTINIT 136
902#define EVP_F_EVP_DIGESTINIT_EX 128 976#define EVP_F_EVP_DIGESTINIT_EX 128
903#define EVP_F_EVP_ENCRYPTFINAL_EX 127 977#define EVP_F_EVP_ENCRYPTFINAL_EX 127
904#define EVP_F_EVP_MD_CTX_COPY_EX 110 978#define EVP_F_EVP_MD_CTX_COPY_EX 110
@@ -940,15 +1014,20 @@ void ERR_load_EVP_strings(void);
940#define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138 1014#define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138
941#define EVP_R_DECODE_ERROR 114 1015#define EVP_R_DECODE_ERROR 114
942#define EVP_R_DIFFERENT_KEY_TYPES 101 1016#define EVP_R_DIFFERENT_KEY_TYPES 101
1017#define EVP_R_DISABLED_FOR_FIPS 144
943#define EVP_R_ENCODE_ERROR 115 1018#define EVP_R_ENCODE_ERROR 115
1019#define EVP_R_ERROR_LOADING_SECTION 145
1020#define EVP_R_ERROR_SETTING_FIPS_MODE 146
944#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 1021#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
945#define EVP_R_EXPECTING_AN_RSA_KEY 127 1022#define EVP_R_EXPECTING_AN_RSA_KEY 127
946#define EVP_R_EXPECTING_A_DH_KEY 128 1023#define EVP_R_EXPECTING_A_DH_KEY 128
947#define EVP_R_EXPECTING_A_DSA_KEY 129 1024#define EVP_R_EXPECTING_A_DSA_KEY 129
948#define EVP_R_EXPECTING_A_ECDSA_KEY 141 1025#define EVP_R_EXPECTING_A_ECDSA_KEY 141
949#define EVP_R_EXPECTING_A_EC_KEY 142 1026#define EVP_R_EXPECTING_A_EC_KEY 142
1027#define EVP_R_FIPS_MODE_NOT_SUPPORTED 147
950#define EVP_R_INITIALIZATION_ERROR 134 1028#define EVP_R_INITIALIZATION_ERROR 134
951#define EVP_R_INPUT_NOT_INITIALIZED 111 1029#define EVP_R_INPUT_NOT_INITIALIZED 111
1030#define EVP_R_INVALID_FIPS_MODE 148
952#define EVP_R_INVALID_KEY_LENGTH 130 1031#define EVP_R_INVALID_KEY_LENGTH 130
953#define EVP_R_IV_TOO_LARGE 102 1032#define EVP_R_IV_TOO_LARGE 102
954#define EVP_R_KEYGEN_FAILURE 120 1033#define EVP_R_KEYGEN_FAILURE 120
@@ -960,6 +1039,7 @@ void ERR_load_EVP_strings(void);
960#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105 1039#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
961#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117 1040#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117
962#define EVP_R_PUBLIC_KEY_NOT_RSA 106 1041#define EVP_R_PUBLIC_KEY_NOT_RSA 106
1042#define EVP_R_UNKNOWN_OPTION 149
963#define EVP_R_UNKNOWN_PBE_ALGORITHM 121 1043#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
964#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135 1044#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
965#define EVP_R_UNSUPPORTED_CIPHER 107 1045#define EVP_R_UNSUPPORTED_CIPHER 107
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-15 04:39:31 +0000