diff options
Diffstat (limited to 'src/include/openssl/evp.h')
-rw-r--r-- | src/include/openssl/evp.h | 119 |
1 files changed, 101 insertions, 18 deletions
diff --git a/src/include/openssl/evp.h b/src/include/openssl/evp.h index 99b147e..490a951 100644 --- a/src/include/openssl/evp.h +++ b/src/include/openssl/evp.h @@ -66,7 +66,6 @@ * * TODO(fork): clean up callers so that they include what they use. */ #include <openssl/aead.h> -#include <openssl/base64.h> #include <openssl/cipher.h> #include <openssl/digest.h> #include <openssl/obj.h> @@ -137,6 +136,14 @@ OPENSSL_EXPORT int EVP_PKEY_id(const EVP_PKEY *pkey); * |EVP_PKEY_RSA2| will be turned into |EVP_PKEY_RSA|. */ OPENSSL_EXPORT int EVP_PKEY_type(int nid); +/* Deprecated: EVP_PKEY_new_mac_key allocates a fresh |EVP_PKEY| of the given + * type (e.g. |EVP_PKEY_HMAC|), sets |mac_key| as the MAC key and "generates" a + * new key, suitable for signing. It returns the fresh |EVP_PKEY|, or NULL on + * error. Use |HMAC_CTX| directly instead. */ +OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *engine, + const uint8_t *mac_key, + size_t mac_key_len); + /* Getting and setting concrete public key types. * @@ -170,6 +177,9 @@ OPENSSL_EXPORT struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey); #define EVP_PKEY_DHX NID_dhpublicnumber #define EVP_PKEY_EC NID_X9_62_id_ecPublicKey +/* Deprecated: Use |HMAC_CTX| directly instead. */ +#define EVP_PKEY_HMAC NID_hmac + /* EVP_PKEY_assign sets the underlying key of |pkey| to |key|, which must be of * the given type. The |type| argument should be one of the |EVP_PKEY_*| * values. */ @@ -210,13 +220,10 @@ OPENSSL_EXPORT EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp, * the result, whether written or not, or a negative value on error. */ OPENSSL_EXPORT int i2d_PrivateKey(const EVP_PKEY *key, uint8_t **outp); -/* i2d_PublicKey marshals a public key from |key| to a type-specific format. - * If |outp| is not NULL then the result is written to |*outp| and +/* i2d_PublicKey marshals a public key from |key| to an ASN.1, DER + * structure. If |outp| is not NULL then the result is written to |*outp| and * |*outp| is advanced just past the output. It returns the number of bytes in - * the result, whether written or not, or a negative value on error. - * - * RSA keys are serialized as a DER-encoded RSAPublicKey (RFC 3447) structure. - * EC keys are serialized as an EC point per SEC 1. */ + * the result, whether written or not, or a negative value on error. */ OPENSSL_EXPORT int i2d_PublicKey(EVP_PKEY *key, uint8_t **outp); @@ -370,12 +377,12 @@ OPENSSL_EXPORT int EVP_VerifyFinal(EVP_MD_CTX *ctx, const uint8_t *sig, OPENSSL_EXPORT int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx); -/* EVP_PKEY_print_private prints a textual representation of the private key in +/* EVP_PKEY_print_public prints a textual representation of the private key in * |pkey| to |out|. Returns one on success or zero otherwise. */ OPENSSL_EXPORT int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx); -/* EVP_PKEY_print_params prints a textual representation of the parameters in +/* EVP_PKEY_print_public prints a textual representation of the parameters in * |pkey| to |out|. Returns one on success or zero otherwise. */ OPENSSL_EXPORT int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx); @@ -412,13 +419,13 @@ OPENSSL_EXPORT int PKCS5_PBKDF2_HMAC_SHA1(const char *password, * returns the context or NULL on error. */ OPENSSL_EXPORT EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e); -/* EVP_PKEY_CTX_new_id allocates a fresh |EVP_PKEY_CTX| for a key of type |id| +/* EVP_PKEY_CTX_new allocates a fresh |EVP_PKEY_CTX| for a key of type |id| * (e.g. |EVP_PKEY_HMAC|). This can be used for key generation where * |EVP_PKEY_CTX_new| can't be used because there isn't an |EVP_PKEY| to pass * it. It returns the context or NULL on error. */ OPENSSL_EXPORT EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e); -/* EVP_PKEY_CTX_free frees |ctx| and the data it owns. */ +/* EVP_KEY_CTX_free frees |ctx| and the data it owns. */ OPENSSL_EXPORT void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx); /* EVP_PKEY_CTX_dup allocates a fresh |EVP_PKEY_CTX| and sets it equal to the @@ -643,6 +650,17 @@ OPENSSL_EXPORT int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, /* Deprecated functions. */ +/* EVP_PKEY_dup adds one to the reference count of |pkey| and returns + * |pkey|. + * + * WARNING: this is a |_dup| function that doesn't actually duplicate! Use + * |EVP_PKEY_up_ref| if you want to increment the reference count without + * confusion. */ +OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey); + + +/* Private functions */ + /* OpenSSL_add_all_algorithms does nothing. */ OPENSSL_EXPORT void OpenSSL_add_all_algorithms(void); @@ -655,9 +673,6 @@ OPENSSL_EXPORT void OpenSSL_add_all_digests(void); /* EVP_cleanup does nothing. */ OPENSSL_EXPORT void EVP_cleanup(void); - -/* Private functions */ - /* EVP_PKEY_asn1_find returns the ASN.1 method table for the given |nid|, which * should be one of the |EVP_PKEY_*| values. It returns NULL if |nid| is * unknown. */ @@ -677,10 +692,10 @@ struct evp_pkey_st { union { char *ptr; - RSA *rsa; - DSA *dsa; - DH *dh; - EC_KEY *ec; + struct rsa_st *rsa; /* RSA */ + struct dsa_st *dsa; /* DSA */ + struct dh_st *dh; /* DH */ + struct ec_key_st *ec; /* ECC */ } pkey; /* ameth contains a pointer to a method table that contains many ASN.1 @@ -693,6 +708,74 @@ struct evp_pkey_st { } /* extern C */ #endif +#define EVP_F_EVP_PKEY_derive_init 108 +#define EVP_F_EVP_PKEY_encrypt 110 +#define EVP_F_EVP_PKEY_encrypt_init 111 +#define EVP_F_EVP_PKEY_get1_DH 112 +#define EVP_F_EVP_PKEY_get1_EC_KEY 114 +#define EVP_F_EVP_PKEY_get1_RSA 115 +#define EVP_F_EVP_PKEY_keygen 116 +#define EVP_F_EVP_PKEY_sign 120 +#define EVP_F_EVP_PKEY_sign_init 121 +#define EVP_F_EVP_PKEY_verify 122 +#define EVP_F_EVP_PKEY_verify_init 123 +#define EVP_F_d2i_AutoPrivateKey 125 +#define EVP_F_d2i_PrivateKey 126 +#define EVP_F_do_EC_KEY_print 127 +#define EVP_F_do_sigver_init 129 +#define EVP_F_eckey_param2type 130 +#define EVP_F_eckey_param_decode 131 +#define EVP_F_eckey_priv_decode 132 +#define EVP_F_eckey_priv_encode 133 +#define EVP_F_eckey_pub_decode 134 +#define EVP_F_eckey_pub_encode 135 +#define EVP_F_eckey_type2param 136 +#define EVP_F_evp_pkey_ctx_new 137 +#define EVP_F_hmac_signctx 138 +#define EVP_F_i2d_PublicKey 139 +#define EVP_F_old_ec_priv_decode 140 +#define EVP_F_old_rsa_priv_decode 141 +#define EVP_F_pkey_ec_ctrl 142 +#define EVP_F_pkey_ec_derive 143 +#define EVP_F_pkey_ec_keygen 144 +#define EVP_F_pkey_ec_paramgen 145 +#define EVP_F_pkey_ec_sign 146 +#define EVP_F_pkey_rsa_ctrl 147 +#define EVP_F_pkey_rsa_decrypt 148 +#define EVP_F_pkey_rsa_encrypt 149 +#define EVP_F_pkey_rsa_sign 150 +#define EVP_F_rsa_algor_to_md 151 +#define EVP_F_rsa_digest_verify_init_from_algorithm 152 +#define EVP_F_rsa_mgf1_to_md 153 +#define EVP_F_rsa_priv_decode 154 +#define EVP_F_rsa_priv_encode 155 +#define EVP_F_rsa_pss_to_ctx 156 +#define EVP_F_rsa_pub_decode 157 +#define EVP_F_pkey_hmac_ctrl 158 +#define EVP_F_EVP_PKEY_CTX_get0_rsa_oaep_label 159 +#define EVP_F_EVP_DigestSignAlgorithm 160 +#define EVP_F_EVP_DigestVerifyInitFromAlgorithm 161 +#define EVP_F_EVP_PKEY_CTX_ctrl 162 +#define EVP_F_EVP_PKEY_CTX_dup 163 +#define EVP_F_EVP_PKEY_copy_parameters 164 +#define EVP_F_EVP_PKEY_decrypt 165 +#define EVP_F_EVP_PKEY_decrypt_init 166 +#define EVP_F_EVP_PKEY_derive 167 +#define EVP_F_EVP_PKEY_derive_set_peer 168 +#define EVP_F_EVP_PKEY_get1_DSA 169 +#define EVP_F_EVP_PKEY_keygen_init 170 +#define EVP_F_EVP_PKEY_new 171 +#define EVP_F_EVP_PKEY_set_type 172 +#define EVP_F_check_padding_md 173 +#define EVP_F_do_dsa_print 174 +#define EVP_F_do_rsa_print 175 +#define EVP_F_dsa_param_decode 176 +#define EVP_F_dsa_priv_decode 177 +#define EVP_F_dsa_priv_encode 178 +#define EVP_F_dsa_pub_decode 179 +#define EVP_F_dsa_pub_encode 180 +#define EVP_F_dsa_sig_print 181 +#define EVP_F_old_dsa_priv_decode 182 #define EVP_R_BUFFER_TOO_SMALL 100 #define EVP_R_COMMAND_NOT_SUPPORTED 101 #define EVP_R_DIFFERENT_KEY_TYPES 104 |