summaryrefslogtreecommitdiff
path: root/src/lib/libssl/src/crypto/evp/evp.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/src/crypto/evp/evp.h')
-rw-r--r--src/lib/libssl/src/crypto/evp/evp.h94
1 files changed, 86 insertions, 8 deletions
diff --git a/src/lib/libssl/src/crypto/evp/evp.h b/src/lib/libssl/src/crypto/evp/evp.h
index 9f9795e2d9..0d1b20a7d3 100644
--- a/src/lib/libssl/src/crypto/evp/evp.h
+++ b/src/lib/libssl/src/crypto/evp/evp.h
@@ -83,7 +83,7 @@
83#define EVP_RC5_32_12_16_KEY_SIZE 16 83#define EVP_RC5_32_12_16_KEY_SIZE 16
84*/ 84*/
85#define EVP_MAX_MD_SIZE 64 /* longest known is SHA512 */ 85#define EVP_MAX_MD_SIZE 64 /* longest known is SHA512 */
86#define EVP_MAX_KEY_LENGTH 32 86#define EVP_MAX_KEY_LENGTH 64
87#define EVP_MAX_IV_LENGTH 16 87#define EVP_MAX_IV_LENGTH 16
88#define EVP_MAX_BLOCK_LENGTH 32 88#define EVP_MAX_BLOCK_LENGTH 32
89 89
@@ -116,6 +116,7 @@
116#define EVP_PKEY_DH NID_dhKeyAgreement 116#define EVP_PKEY_DH NID_dhKeyAgreement
117#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey 117#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
118#define EVP_PKEY_HMAC NID_hmac 118#define EVP_PKEY_HMAC NID_hmac
119#define EVP_PKEY_CMAC NID_cmac
119 120
120#ifdef __cplusplus 121#ifdef __cplusplus
121extern "C" { 122extern "C" {
@@ -216,6 +217,8 @@ typedef int evp_verify_method(int type,const unsigned char *m,
216 217
217#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018 218#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
218 219
220#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */
221
219/* Digest ctrls */ 222/* Digest ctrls */
220 223
221#define EVP_MD_CTRL_DIGALGID 0x1 224#define EVP_MD_CTRL_DIGALGID 0x1
@@ -325,6 +328,10 @@ struct evp_cipher_st
325#define EVP_CIPH_CBC_MODE 0x2 328#define EVP_CIPH_CBC_MODE 0x2
326#define EVP_CIPH_CFB_MODE 0x3 329#define EVP_CIPH_CFB_MODE 0x3
327#define EVP_CIPH_OFB_MODE 0x4 330#define EVP_CIPH_OFB_MODE 0x4
331#define EVP_CIPH_CTR_MODE 0x5
332#define EVP_CIPH_GCM_MODE 0x6
333#define EVP_CIPH_CCM_MODE 0x7
334#define EVP_CIPH_XTS_MODE 0x10001
328#define EVP_CIPH_MODE 0xF0007 335#define EVP_CIPH_MODE 0xF0007
329/* Set if variable length cipher */ 336/* Set if variable length cipher */
330#define EVP_CIPH_VARIABLE_LENGTH 0x8 337#define EVP_CIPH_VARIABLE_LENGTH 0x8
@@ -346,6 +353,15 @@ struct evp_cipher_st
346#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000 353#define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000
347/* Buffer length in bits not bytes: CFB1 mode only */ 354/* Buffer length in bits not bytes: CFB1 mode only */
348#define EVP_CIPH_FLAG_LENGTH_BITS 0x2000 355#define EVP_CIPH_FLAG_LENGTH_BITS 0x2000
356/* Note if suitable for use in FIPS mode */
357#define EVP_CIPH_FLAG_FIPS 0x4000
358/* Allow non FIPS cipher in FIPS mode */
359#define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x8000
360/* Cipher handles any and all padding logic as well
361 * as finalisation.
362 */
363#define EVP_CIPH_FLAG_CUSTOM_CIPHER 0x100000
364#define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
349 365
350/* ctrl() values */ 366/* ctrl() values */
351 367
@@ -358,6 +374,34 @@ struct evp_cipher_st
358#define EVP_CTRL_RAND_KEY 0x6 374#define EVP_CTRL_RAND_KEY 0x6
359#define EVP_CTRL_PBE_PRF_NID 0x7 375#define EVP_CTRL_PBE_PRF_NID 0x7
360#define EVP_CTRL_COPY 0x8 376#define EVP_CTRL_COPY 0x8
377#define EVP_CTRL_GCM_SET_IVLEN 0x9
378#define EVP_CTRL_GCM_GET_TAG 0x10
379#define EVP_CTRL_GCM_SET_TAG 0x11
380#define EVP_CTRL_GCM_SET_IV_FIXED 0x12
381#define EVP_CTRL_GCM_IV_GEN 0x13
382#define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
383#define EVP_CTRL_CCM_GET_TAG EVP_CTRL_GCM_GET_TAG
384#define EVP_CTRL_CCM_SET_TAG EVP_CTRL_GCM_SET_TAG
385#define EVP_CTRL_CCM_SET_L 0x14
386#define EVP_CTRL_CCM_SET_MSGLEN 0x15
387/* AEAD cipher deduces payload length and returns number of bytes
388 * required to store MAC and eventual padding. Subsequent call to
389 * EVP_Cipher even appends/verifies MAC.
390 */
391#define EVP_CTRL_AEAD_TLS1_AAD 0x16
392/* Used by composite AEAD ciphers, no-op in GCM, CCM... */
393#define EVP_CTRL_AEAD_SET_MAC_KEY 0x17
394/* Set the GCM invocation field, decrypt only */
395#define EVP_CTRL_GCM_SET_IV_INV 0x18
396
397/* GCM TLS constants */
398/* Length of fixed part of IV derived from PRF */
399#define EVP_GCM_TLS_FIXED_IV_LEN 4
400/* Length of explicit part of IV part of TLS records */
401#define EVP_GCM_TLS_EXPLICIT_IV_LEN 8
402/* Length of tag for TLS */
403#define EVP_GCM_TLS_TAG_LEN 16
404
361 405
362typedef struct evp_cipher_info_st 406typedef struct evp_cipher_info_st
363 { 407 {
@@ -375,7 +419,7 @@ struct evp_cipher_ctx_st
375 unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */ 419 unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
376 unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */ 420 unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
377 unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */ 421 unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */
378 int num; /* used by cfb/ofb mode */ 422 int num; /* used by cfb/ofb/ctr mode */
379 423
380 void *app_data; /* application stuff */ 424 void *app_data; /* application stuff */
381 int key_len; /* May change for variable length cipher */ 425 int key_len; /* May change for variable length cipher */
@@ -695,6 +739,9 @@ const EVP_MD *EVP_dev_crypto_md5(void);
695#ifndef OPENSSL_NO_RC4 739#ifndef OPENSSL_NO_RC4
696const EVP_CIPHER *EVP_rc4(void); 740const EVP_CIPHER *EVP_rc4(void);
697const EVP_CIPHER *EVP_rc4_40(void); 741const EVP_CIPHER *EVP_rc4_40(void);
742#ifndef OPENSSL_NO_MD5
743const EVP_CIPHER *EVP_rc4_hmac_md5(void);
744#endif
698#endif 745#endif
699#ifndef OPENSSL_NO_IDEA 746#ifndef OPENSSL_NO_IDEA
700const EVP_CIPHER *EVP_idea_ecb(void); 747const EVP_CIPHER *EVP_idea_ecb(void);
@@ -741,9 +788,10 @@ const EVP_CIPHER *EVP_aes_128_cfb8(void);
741const EVP_CIPHER *EVP_aes_128_cfb128(void); 788const EVP_CIPHER *EVP_aes_128_cfb128(void);
742# define EVP_aes_128_cfb EVP_aes_128_cfb128 789# define EVP_aes_128_cfb EVP_aes_128_cfb128
743const EVP_CIPHER *EVP_aes_128_ofb(void); 790const EVP_CIPHER *EVP_aes_128_ofb(void);
744#if 0
745const EVP_CIPHER *EVP_aes_128_ctr(void); 791const EVP_CIPHER *EVP_aes_128_ctr(void);
746#endif 792const EVP_CIPHER *EVP_aes_128_gcm(void);
793const EVP_CIPHER *EVP_aes_128_ccm(void);
794const EVP_CIPHER *EVP_aes_128_xts(void);
747const EVP_CIPHER *EVP_aes_192_ecb(void); 795const EVP_CIPHER *EVP_aes_192_ecb(void);
748const EVP_CIPHER *EVP_aes_192_cbc(void); 796const EVP_CIPHER *EVP_aes_192_cbc(void);
749const EVP_CIPHER *EVP_aes_192_cfb1(void); 797const EVP_CIPHER *EVP_aes_192_cfb1(void);
@@ -751,9 +799,9 @@ const EVP_CIPHER *EVP_aes_192_cfb8(void);
751const EVP_CIPHER *EVP_aes_192_cfb128(void); 799const EVP_CIPHER *EVP_aes_192_cfb128(void);
752# define EVP_aes_192_cfb EVP_aes_192_cfb128 800# define EVP_aes_192_cfb EVP_aes_192_cfb128
753const EVP_CIPHER *EVP_aes_192_ofb(void); 801const EVP_CIPHER *EVP_aes_192_ofb(void);
754#if 0
755const EVP_CIPHER *EVP_aes_192_ctr(void); 802const EVP_CIPHER *EVP_aes_192_ctr(void);
756#endif 803const EVP_CIPHER *EVP_aes_192_gcm(void);
804const EVP_CIPHER *EVP_aes_192_ccm(void);
757const EVP_CIPHER *EVP_aes_256_ecb(void); 805const EVP_CIPHER *EVP_aes_256_ecb(void);
758const EVP_CIPHER *EVP_aes_256_cbc(void); 806const EVP_CIPHER *EVP_aes_256_cbc(void);
759const EVP_CIPHER *EVP_aes_256_cfb1(void); 807const EVP_CIPHER *EVP_aes_256_cfb1(void);
@@ -761,8 +809,13 @@ const EVP_CIPHER *EVP_aes_256_cfb8(void);
761const EVP_CIPHER *EVP_aes_256_cfb128(void); 809const EVP_CIPHER *EVP_aes_256_cfb128(void);
762# define EVP_aes_256_cfb EVP_aes_256_cfb128 810# define EVP_aes_256_cfb EVP_aes_256_cfb128
763const EVP_CIPHER *EVP_aes_256_ofb(void); 811const EVP_CIPHER *EVP_aes_256_ofb(void);
764#if 0
765const EVP_CIPHER *EVP_aes_256_ctr(void); 812const EVP_CIPHER *EVP_aes_256_ctr(void);
813const EVP_CIPHER *EVP_aes_256_gcm(void);
814const EVP_CIPHER *EVP_aes_256_ccm(void);
815const EVP_CIPHER *EVP_aes_256_xts(void);
816#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
817const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
818const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
766#endif 819#endif
767#endif 820#endif
768#ifndef OPENSSL_NO_CAMELLIA 821#ifndef OPENSSL_NO_CAMELLIA
@@ -1047,13 +1100,22 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
1047#define EVP_PKEY_CTRL_CMS_DECRYPT 10 1100#define EVP_PKEY_CTRL_CMS_DECRYPT 10
1048#define EVP_PKEY_CTRL_CMS_SIGN 11 1101#define EVP_PKEY_CTRL_CMS_SIGN 11
1049 1102
1103#define EVP_PKEY_CTRL_CIPHER 12
1104
1050#define EVP_PKEY_ALG_CTRL 0x1000 1105#define EVP_PKEY_ALG_CTRL 0x1000
1051 1106
1052 1107
1053#define EVP_PKEY_FLAG_AUTOARGLEN 2 1108#define EVP_PKEY_FLAG_AUTOARGLEN 2
1109/* Method handles all operations: don't assume any digest related
1110 * defaults.
1111 */
1112#define EVP_PKEY_FLAG_SIGCTX_CUSTOM 4
1054 1113
1055const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type); 1114const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
1056EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags); 1115EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags);
1116void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
1117 const EVP_PKEY_METHOD *meth);
1118void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
1057void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth); 1119void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
1058int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth); 1120int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
1059 1121
@@ -1071,7 +1133,7 @@ int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
1071void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen); 1133void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
1072 1134
1073EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, 1135EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
1074 unsigned char *key, int keylen); 1136 const unsigned char *key, int keylen);
1075 1137
1076void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data); 1138void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
1077void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx); 1139void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
@@ -1190,8 +1252,13 @@ void ERR_load_EVP_strings(void);
1190/* Error codes for the EVP functions. */ 1252/* Error codes for the EVP functions. */
1191 1253
1192/* Function codes. */ 1254/* Function codes. */
1255#define EVP_F_AESNI_INIT_KEY 165
1256#define EVP_F_AESNI_XTS_CIPHER 176
1193#define EVP_F_AES_INIT_KEY 133 1257#define EVP_F_AES_INIT_KEY 133
1258#define EVP_F_AES_XTS 172
1259#define EVP_F_AES_XTS_CIPHER 175
1194#define EVP_F_CAMELLIA_INIT_KEY 159 1260#define EVP_F_CAMELLIA_INIT_KEY 159
1261#define EVP_F_CMAC_INIT 173
1195#define EVP_F_D2I_PKEY 100 1262#define EVP_F_D2I_PKEY 100
1196#define EVP_F_DO_SIGVER_INIT 161 1263#define EVP_F_DO_SIGVER_INIT 161
1197#define EVP_F_DSAPKEY2PKCS8 134 1264#define EVP_F_DSAPKEY2PKCS8 134
@@ -1246,15 +1313,24 @@ void ERR_load_EVP_strings(void);
1246#define EVP_F_EVP_RIJNDAEL 126 1313#define EVP_F_EVP_RIJNDAEL 126
1247#define EVP_F_EVP_SIGNFINAL 107 1314#define EVP_F_EVP_SIGNFINAL 107
1248#define EVP_F_EVP_VERIFYFINAL 108 1315#define EVP_F_EVP_VERIFYFINAL 108
1316#define EVP_F_FIPS_CIPHERINIT 166
1317#define EVP_F_FIPS_CIPHER_CTX_COPY 170
1318#define EVP_F_FIPS_CIPHER_CTX_CTRL 167
1319#define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH 171
1320#define EVP_F_FIPS_DIGESTINIT 168
1321#define EVP_F_FIPS_MD_CTX_COPY 169
1322#define EVP_F_HMAC_INIT_EX 174
1249#define EVP_F_INT_CTX_NEW 157 1323#define EVP_F_INT_CTX_NEW 157
1250#define EVP_F_PKCS5_PBE_KEYIVGEN 117 1324#define EVP_F_PKCS5_PBE_KEYIVGEN 117
1251#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118 1325#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
1326#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
1252#define EVP_F_PKCS8_SET_BROKEN 112 1327#define EVP_F_PKCS8_SET_BROKEN 112
1253#define EVP_F_PKEY_SET_TYPE 158 1328#define EVP_F_PKEY_SET_TYPE 158
1254#define EVP_F_RC2_MAGIC_TO_METH 109 1329#define EVP_F_RC2_MAGIC_TO_METH 109
1255#define EVP_F_RC5_CTRL 125 1330#define EVP_F_RC5_CTRL 125
1256 1331
1257/* Reason codes. */ 1332/* Reason codes. */
1333#define EVP_R_AES_IV_SETUP_FAILED 162
1258#define EVP_R_AES_KEY_SETUP_FAILED 143 1334#define EVP_R_AES_KEY_SETUP_FAILED 143
1259#define EVP_R_ASN1_LIB 140 1335#define EVP_R_ASN1_LIB 140
1260#define EVP_R_BAD_BLOCK_LENGTH 136 1336#define EVP_R_BAD_BLOCK_LENGTH 136
@@ -1272,6 +1348,7 @@ void ERR_load_EVP_strings(void);
1272#define EVP_R_DECODE_ERROR 114 1348#define EVP_R_DECODE_ERROR 114
1273#define EVP_R_DIFFERENT_KEY_TYPES 101 1349#define EVP_R_DIFFERENT_KEY_TYPES 101
1274#define EVP_R_DIFFERENT_PARAMETERS 153 1350#define EVP_R_DIFFERENT_PARAMETERS 153
1351#define EVP_R_DISABLED_FOR_FIPS 163
1275#define EVP_R_ENCODE_ERROR 115 1352#define EVP_R_ENCODE_ERROR 115
1276#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 1353#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
1277#define EVP_R_EXPECTING_AN_RSA_KEY 127 1354#define EVP_R_EXPECTING_AN_RSA_KEY 127
@@ -1303,6 +1380,7 @@ void ERR_load_EVP_strings(void);
1303#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145 1380#define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
1304#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146 1381#define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
1305#define EVP_R_PUBLIC_KEY_NOT_RSA 106 1382#define EVP_R_PUBLIC_KEY_NOT_RSA 106
1383#define EVP_R_TOO_LARGE 164
1306#define EVP_R_UNKNOWN_CIPHER 160 1384#define EVP_R_UNKNOWN_CIPHER 160
1307#define EVP_R_UNKNOWN_DIGEST 161 1385#define EVP_R_UNKNOWN_DIGEST 161
1308#define EVP_R_UNKNOWN_PBE_ALGORITHM 121 1386#define EVP_R_UNKNOWN_PBE_ALGORITHM 121
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-04 05:47:00 +0000