summaryrefslogtreecommitdiffstats
path: root/src/include
diff options
context:
space:
mode:
Diffstat (limited to 'src/include')
-rw-r--r--src/include/openssl/aead.h19
-rw-r--r--src/include/openssl/aes.h2
-rw-r--r--src/include/openssl/arm_arch.h136
-rw-r--r--src/include/openssl/asn1.h67
-rw-r--r--src/include/openssl/base.h37
-rw-r--r--src/include/openssl/base64.h8
-rw-r--r--src/include/openssl/bio.h43
-rw-r--r--src/include/openssl/bn.h76
-rw-r--r--src/include/openssl/buf.h5
-rw-r--r--src/include/openssl/bytestring.h40
-rw-r--r--src/include/openssl/chacha.h6
-rw-r--r--src/include/openssl/cipher.h43
-rw-r--r--src/include/openssl/conf.h4
-rw-r--r--src/include/openssl/cpu.h5
-rw-r--r--src/include/openssl/crypto.h9
-rw-r--r--src/include/openssl/des.h27
-rw-r--r--src/include/openssl/dh.h6
-rw-r--r--src/include/openssl/digest.h8
-rw-r--r--src/include/openssl/dsa.h5
-rw-r--r--src/include/openssl/ec.h71
-rw-r--r--src/include/openssl/ec_key.h6
-rw-r--r--src/include/openssl/ecdh.h1
-rw-r--r--src/include/openssl/ecdsa.h34
-rw-r--r--src/include/openssl/err.h74
-rw-r--r--src/include/openssl/evp.h119
-rw-r--r--src/include/openssl/ex_data.h6
-rw-r--r--src/include/openssl/hkdf.h1
-rw-r--r--src/include/openssl/lhash.h3
-rw-r--r--src/include/openssl/md4.h5
-rw-r--r--src/include/openssl/md5.h5
-rw-r--r--src/include/openssl/mem.h3
-rw-r--r--src/include/openssl/obj.h6
-rw-r--r--src/include/openssl/pem.h26
-rw-r--r--src/include/openssl/pkcs8.h68
-rw-r--r--src/include/openssl/poly1305.h13
-rw-r--r--src/include/openssl/rand.h51
-rw-r--r--src/include/openssl/rsa.h180
-rw-r--r--src/include/openssl/srtp.h188
-rw-r--r--src/include/openssl/ssl.h4161
-rw-r--r--src/include/openssl/ssl2.h268
-rw-r--r--src/include/openssl/ssl23.h85
-rw-r--r--src/include/openssl/ssl3.h136
-rw-r--r--src/include/openssl/stack.h9
-rw-r--r--src/include/openssl/stack_macros.h392
-rw-r--r--src/include/openssl/tls1.h47
-rw-r--r--src/include/openssl/x509.h148
-rw-r--r--src/include/openssl/x509v3.h57
47 files changed, 3608 insertions, 3101 deletions
diff --git a/src/include/openssl/aead.h b/src/include/openssl/aead.h
index dc453e3..659f05f 100644
--- a/src/include/openssl/aead.h
+++ b/src/include/openssl/aead.h
@@ -153,6 +153,8 @@ OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_cbc_sha384_tls(void);
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls(void);
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls_implicit_iv(void);
+OPENSSL_EXPORT const EVP_AEAD *EVP_aead_null_sha1_tls(void);
+
/* SSLv3-specific AEAD algorithms.
*
@@ -167,6 +169,7 @@ OPENSSL_EXPORT const EVP_AEAD *EVP_aead_rc4_sha1_ssl3(void);
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_cbc_sha1_ssl3(void);
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_cbc_sha1_ssl3(void);
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_ssl3(void);
+OPENSSL_EXPORT const EVP_AEAD *EVP_aead_null_sha1_ssl3(void);
/* Utility functions. */
@@ -223,11 +226,17 @@ enum evp_aead_direction_t {
evp_aead_seal,
};
-/* EVP_AEAD_CTX_init initializes |ctx| for the given AEAD algorithm from |impl|.
- * The |impl| argument may be NULL to choose the default implementation.
- * Authentication tags may be truncated by passing a size as |tag_len|. A
- * |tag_len| of zero indicates the default tag length and this is defined as
- * EVP_AEAD_DEFAULT_TAG_LENGTH for readability.
+/* EVP_AEAD_CTX_zero sets an uninitialized |ctx| to the zero state. It must be
+ * initialized with |EVP_AEAD_CTX_init| before use. It is safe, but not
+ * necessary, to call |EVP_AEAD_CTX_cleanup| in this state. This may be used for
+ * more uniform cleanup of |EVP_AEAD_CTX|. */
+OPENSSL_EXPORT void EVP_AEAD_CTX_zero(EVP_AEAD_CTX *ctx);
+
+/* EVP_AEAD_CTX_init initializes |ctx| for the given AEAD algorithm. The |impl|
+ * argument is ignored and should be NULL. Authentication tags may be truncated
+ * by passing a size as |tag_len|. A |tag_len| of zero indicates the default
+ * tag length and this is defined as EVP_AEAD_DEFAULT_TAG_LENGTH for
+ * readability.
*
* Returns 1 on success. Otherwise returns 0 and pushes to the error stack. In
* the error case, you do not need to call |EVP_AEAD_CTX_cleanup|, but it's
diff --git a/src/include/openssl/aes.h b/src/include/openssl/aes.h
index 84cde41..ed060ff 100644
--- a/src/include/openssl/aes.h
+++ b/src/include/openssl/aes.h
@@ -124,7 +124,7 @@ OPENSSL_EXPORT void AES_cbc_encrypt(const uint8_t *in, uint8_t *out, size_t len,
const AES_KEY *key, uint8_t *ivec,
const int enc);
-/* AES_ofb128_encrypt encrypts (or decrypts, it's the same in CTR mode) |len|
+/* AES_ofb128_encrypt encrypts (or decrypts, it's the same in OFB mode) |len|
* bytes from |in| to |out|. The |num| parameter must be set to zero on the
* first call. */
OPENSSL_EXPORT void AES_ofb128_encrypt(const uint8_t *in, uint8_t *out,
diff --git a/src/include/openssl/arm_arch.h b/src/include/openssl/arm_arch.h
new file mode 100644
index 0000000..123a890
--- /dev/null
+++ b/src/include/openssl/arm_arch.h
@@ -0,0 +1,136 @@
+/* ====================================================================
+ * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com). */
+
+#ifndef OPENSSL_HEADER_ARM_ARCH_H
+#define OPENSSL_HEADER_ARM_ARCH_H
+
+#if !defined(__ARM_ARCH__)
+# if defined(__CC_ARM)
+# define __ARM_ARCH__ __TARGET_ARCH_ARM
+# if defined(__BIG_ENDIAN)
+# define __ARMEB__
+# else
+# define __ARMEL__
+# endif
+# elif defined(__GNUC__)
+# if defined(__aarch64__)
+# define __ARM_ARCH__ 8
+# if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
+# define __ARMEB__
+# else
+# define __ARMEL__
+# endif
+ /* Why doesn't gcc define __ARM_ARCH__? Instead it defines
+ * bunch of below macros. See all_architectires[] table in
+ * gcc/config/arm/arm.c. On a side note it defines
+ * __ARMEL__/__ARMEB__ for little-/big-endian. */
+# elif defined(__ARM_ARCH)
+# define __ARM_ARCH__ __ARM_ARCH
+# elif defined(__ARM_ARCH_8A__)
+# define __ARM_ARCH__ 8
+# elif defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) || \
+ defined(__ARM_ARCH_7R__)|| defined(__ARM_ARCH_7M__) || \
+ defined(__ARM_ARCH_7EM__)
+# define __ARM_ARCH__ 7
+# elif defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__) || \
+ defined(__ARM_ARCH_6K__)|| defined(__ARM_ARCH_6M__) || \
+ defined(__ARM_ARCH_6Z__)|| defined(__ARM_ARCH_6ZK__) || \
+ defined(__ARM_ARCH_6T2__)
+# define __ARM_ARCH__ 6
+# elif defined(__ARM_ARCH_5__) || defined(__ARM_ARCH_5T__) || \
+ defined(__ARM_ARCH_5E__)|| defined(__ARM_ARCH_5TE__) || \
+ defined(__ARM_ARCH_5TEJ__)
+# define __ARM_ARCH__ 5
+# elif defined(__ARM_ARCH_4__) || defined(__ARM_ARCH_4T__)
+# define __ARM_ARCH__ 4
+# else
+# error "unsupported ARM architecture"
+# endif
+# endif
+#endif
+
+/* Even when building for 32-bit ARM, support for aarch64 crypto instructions
+ * will be included. */
+#define __ARM_MAX_ARCH__ 8
+
+#if !__ASSEMBLER__
+
+/* OPENSSL_armcap_P contains flags describing the capabilities of the CPU and
+ * is easy for assembly code to acesss. For C code, see the functions in
+ * |cpu.h|. */
+extern uint32_t OPENSSL_armcap_P;
+
+#endif /* !__ASSEMBLER__ */
+
+/* ARMV7_NEON is true when a NEON unit is present in the current CPU. */
+#define ARMV7_NEON (1 << 0)
+
+/* ARMV7_NEON_FUNCTIONAL is true when the NEON unit doesn't contain subtle bugs.
+ * The Poly1305 NEON code is known to trigger bugs in the NEON units of some
+ * phones. If this bit isn't set then the Poly1305 NEON code won't be used.
+ * See https://code.google.com/p/chromium/issues/detail?id=341598. */
+#define ARMV7_NEON_FUNCTIONAL (1 << 10)
+
+/* ARMV8_AES indicates support for hardware AES instructions. */
+#define ARMV8_AES (1 << 2)
+
+/* ARMV8_SHA1 indicates support for hardware SHA-1 instructions. */
+#define ARMV8_SHA1 (1 << 3)
+
+/* ARMV8_SHA256 indicates support for hardware SHA-256 instructions. */
+#define ARMV8_SHA256 (1 << 4)
+
+/* ARMV8_PMULL indicates support for carryless multiplication. */
+#define ARMV8_PMULL (1 << 5)
+
+
+#endif /* OPENSSL_HEADER_ARM_ARCH_H */
diff --git a/src/include/openssl/asn1.h b/src/include/openssl/asn1.h
index 4baf81c..043524d 100644
--- a/src/include/openssl/asn1.h
+++ b/src/include/openssl/asn1.h
@@ -515,7 +515,6 @@ struct X509_algor_st
ASN1_OBJECT *algorithm;
ASN1_TYPE *parameter;
} /* X509_ALGOR */;
-DEFINE_STACK_OF(X509_ALGOR);
DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
@@ -950,7 +949,7 @@ OPENSSL_EXPORT void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in
CHECKED_PPTR_OF(type, x)))
OPENSSL_EXPORT void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
-OPENSSL_EXPORT int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, unsigned char *x);
+OPENSSL_EXPORT int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, void *x);
#define ASN1_i2d_bio_of(type,i2d,out,x) \
(ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
@@ -1078,70 +1077,6 @@ OPENSSL_EXPORT int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix, asn1_ps_f
}
#endif
-#define ASN1_F_ASN1_BIT_STRING_set_bit 100
-#define ASN1_F_ASN1_ENUMERATED_set 101
-#define ASN1_F_ASN1_ENUMERATED_to_BN 102
-#define ASN1_F_ASN1_GENERALIZEDTIME_adj 103
-#define ASN1_F_ASN1_INTEGER_set 104
-#define ASN1_F_ASN1_INTEGER_to_BN 105
-#define ASN1_F_ASN1_OBJECT_new 106
-#define ASN1_F_ASN1_PCTX_new 107
-#define ASN1_F_ASN1_STRING_TABLE_add 108
-#define ASN1_F_ASN1_STRING_set 109
-#define ASN1_F_ASN1_STRING_type_new 110
-#define ASN1_F_ASN1_TIME_adj 111
-#define ASN1_F_ASN1_UTCTIME_adj 112
-#define ASN1_F_ASN1_d2i_fp 113
-#define ASN1_F_ASN1_dup 114
-#define ASN1_F_ASN1_generate_v3 115
-#define ASN1_F_ASN1_get_object 116
-#define ASN1_F_ASN1_i2d_bio 117
-#define ASN1_F_ASN1_i2d_fp 118
-#define ASN1_F_ASN1_item_d2i_fp 119
-#define ASN1_F_ASN1_item_dup 120
-#define ASN1_F_ASN1_item_ex_d2i 121
-#define ASN1_F_ASN1_item_i2d_bio 122
-#define ASN1_F_ASN1_item_i2d_fp 123
-#define ASN1_F_ASN1_item_pack 124
-#define ASN1_F_ASN1_item_unpack 125
-#define ASN1_F_ASN1_mbstring_ncopy 126
-#define ASN1_F_ASN1_template_new 127
-#define ASN1_F_BIO_new_NDEF 128
-#define ASN1_F_BN_to_ASN1_ENUMERATED 129
-#define ASN1_F_BN_to_ASN1_INTEGER 130
-#define ASN1_F_a2d_ASN1_OBJECT 131
-#define ASN1_F_a2i_ASN1_ENUMERATED 132
-#define ASN1_F_a2i_ASN1_INTEGER 133
-#define ASN1_F_a2i_ASN1_STRING 134
-#define ASN1_F_append_exp 135
-#define ASN1_F_asn1_cb 136
-#define ASN1_F_asn1_check_tlen 137
-#define ASN1_F_asn1_collate_primitive 138
-#define ASN1_F_asn1_collect 139
-#define ASN1_F_asn1_d2i_ex_primitive 140
-#define ASN1_F_asn1_d2i_read_bio 141
-#define ASN1_F_asn1_do_adb 142
-#define ASN1_F_asn1_ex_c2i 143
-#define ASN1_F_asn1_find_end 144
-#define ASN1_F_asn1_item_ex_combine_new 145
-#define ASN1_F_asn1_str2type 146
-#define ASN1_F_asn1_template_ex_d2i 147
-#define ASN1_F_asn1_template_noexp_d2i 148
-#define ASN1_F_bitstr_cb 149
-#define ASN1_F_c2i_ASN1_BIT_STRING 150
-#define ASN1_F_c2i_ASN1_INTEGER 151
-#define ASN1_F_c2i_ASN1_OBJECT 152
-#define ASN1_F_collect_data 153
-#define ASN1_F_d2i_ASN1_BOOLEAN 154
-#define ASN1_F_d2i_ASN1_OBJECT 155
-#define ASN1_F_d2i_ASN1_UINTEGER 156
-#define ASN1_F_d2i_ASN1_UTCTIME 157
-#define ASN1_F_d2i_ASN1_bytes 158
-#define ASN1_F_d2i_ASN1_type_bytes 159
-#define ASN1_F_i2d_ASN1_TIME 160
-#define ASN1_F_i2d_PrivateKey 161
-#define ASN1_F_long_c2i 162
-#define ASN1_F_parse_tagging 163
#define ASN1_R_ASN1_LENGTH_MISMATCH 100
#define ASN1_R_AUX_ERROR 101
#define ASN1_R_BAD_GET_ASN1_OBJECT_CALL 102
diff --git a/src/include/openssl/base.h b/src/include/openssl/base.h
index b769ad5..661817a 100644
--- a/src/include/openssl/base.h
+++ b/src/include/openssl/base.h
@@ -79,9 +79,8 @@ extern "C" {
#elif defined(__arm) || defined(__arm__) || defined(_M_ARM)
#define OPENSSL_32_BIT
#define OPENSSL_ARM
-#elif defined(__aarch64__)
+#elif defined(__PPC64__) || defined(__powerpc64__)
#define OPENSSL_64_BIT
-#define OPENSSL_AARCH64
#elif defined(__mips__) && !defined(__LP64__)
#define OPENSSL_32_BIT
#define OPENSSL_MIPS
@@ -99,7 +98,7 @@ extern "C" {
#define OPENSSL_APPLE
#endif
-#if defined(WIN32) || defined(_WIN32)
+#if defined(_WIN32)
#define OPENSSL_WINDOWS
#endif
@@ -109,7 +108,9 @@ extern "C" {
#endif
#define OPENSSL_IS_BORINGSSL
+#define BORINGSSL_201509
#define OPENSSL_VERSION_NUMBER 0x10002000
+#define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
#if defined(BORINGSSL_SHARED_LIBRARY)
@@ -166,13 +167,29 @@ typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID;
typedef struct DIST_POINT_st DIST_POINT;
typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT;
typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
+typedef struct Netscape_certificate_sequence NETSCAPE_CERT_SEQUENCE;
+typedef struct Netscape_spkac_st NETSCAPE_SPKAC;
+typedef struct Netscape_spki_st NETSCAPE_SPKI;
+typedef struct PBE2PARAM_st PBE2PARAM;
+typedef struct PBEPARAM_st PBEPARAM;
+typedef struct PBKDF2PARAM_st PBKDF2PARAM;
typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE;
typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
typedef struct X509_algor_st X509_ALGOR;
+typedef struct X509_crl_info_st X509_CRL_INFO;
typedef struct X509_crl_st X509_CRL;
+typedef struct X509_extension_st X509_EXTENSION;
+typedef struct X509_info_st X509_INFO;
+typedef struct X509_name_entry_st X509_NAME_ENTRY;
+typedef struct X509_name_st X509_NAME;
+typedef struct X509_objects_st X509_OBJECTS;
typedef struct X509_pubkey_st X509_PUBKEY;
+typedef struct X509_req_info_st X509_REQ_INFO;
+typedef struct X509_req_st X509_REQ;
+typedef struct X509_sig_st X509_SIG;
+typedef struct X509_val_st X509_VAL;
typedef struct bignum_ctx BN_CTX;
typedef struct bignum_st BIGNUM;
typedef struct bio_method_st BIO_METHOD;
@@ -205,8 +222,9 @@ typedef struct evp_pkey_st EVP_PKEY;
typedef struct hmac_ctx_st HMAC_CTX;
typedef struct md4_state_st MD4_CTX;
typedef struct md5_state_st MD5_CTX;
-typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO;
typedef struct pkcs12_st PKCS12;
+typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO;
+typedef struct private_key_st X509_PKEY;
typedef struct rand_meth_st RAND_METHOD;
typedef struct rc4_key_st RC4_KEY;
typedef struct rsa_meth_st RSA_METHOD;
@@ -214,15 +232,26 @@ typedef struct rsa_st RSA;
typedef struct sha256_state_st SHA256_CTX;
typedef struct sha512_state_st SHA512_CTX;
typedef struct sha_state_st SHA_CTX;
+typedef struct srtp_protection_profile_st SRTP_PROTECTION_PROFILE;
+typedef struct ssl_cipher_st SSL_CIPHER;
typedef struct ssl_ctx_st SSL_CTX;
+typedef struct ssl_custom_extension SSL_CUSTOM_EXTENSION;
+typedef struct ssl_method_st SSL_METHOD;
+typedef struct ssl_session_st SSL_SESSION;
typedef struct ssl_st SSL;
typedef struct st_ERR_FNS ERR_FNS;
typedef struct v3_ext_ctx X509V3_CTX;
+typedef struct x509_attributes_st X509_ATTRIBUTE;
+typedef struct x509_cert_aux_st X509_CERT_AUX;
+typedef struct x509_cert_pair_st X509_CERT_PAIR;
+typedef struct x509_cinf_st X509_CINF;
typedef struct x509_crl_method_st X509_CRL_METHOD;
typedef struct x509_revoked_st X509_REVOKED;
typedef struct x509_st X509;
typedef struct x509_store_ctx_st X509_STORE_CTX;
typedef struct x509_store_st X509_STORE;
+typedef struct x509_trust_st X509_TRUST;
+
typedef void *OPENSSL_BLOCK;
diff --git a/src/include/openssl/base64.h b/src/include/openssl/base64.h
index 7aee990..2d27c89 100644
--- a/src/include/openssl/base64.h
+++ b/src/include/openssl/base64.h
@@ -148,9 +148,11 @@ OPENSSL_EXPORT int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, uint8_t *out,
OPENSSL_EXPORT int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, uint8_t *out,
int *out_len);
-/* Deprecated: EVP_DecodeBlock encodes |src_len| bytes from |src| and
- * writes the result to |dst|. It returns the number of bytes written
- * or -1 on error.
+
+/* Deprecated functions. */
+
+/* EVP_DecodeBlock encodes |src_len| bytes from |src| and writes the result to
+ * |dst|. It returns the number of bytes written or -1 on error.
*
* WARNING: EVP_DecodeBlock's return value does not take padding into
* account. It also strips leading whitespace and trailing
diff --git a/src/include/openssl/bio.h b/src/include/openssl/bio.h
index 8724657..04e3790 100644
--- a/src/include/openssl/bio.h
+++ b/src/include/openssl/bio.h
@@ -76,8 +76,6 @@ extern "C" {
/* Allocation and freeing. */
-DEFINE_STACK_OF(BIO);
-
/* BIO_new creates a new BIO with the given type and a reference count of one.
* It returns the fresh |BIO|, or NULL on error. */
OPENSSL_EXPORT BIO *BIO_new(const BIO_METHOD *type);
@@ -207,7 +205,7 @@ OPENSSL_EXPORT void BIO_clear_flags(BIO *bio, int flags);
* flags on |bio|. */
OPENSSL_EXPORT void BIO_set_retry_read(BIO *bio);
-/* BIO_set_retry_read sets the |BIO_FLAGS_WRITE| and |BIO_FLAGS_SHOULD_RETRY|
+/* BIO_set_retry_write sets the |BIO_FLAGS_WRITE| and |BIO_FLAGS_SHOULD_RETRY|
* flags on |bio|. */
OPENSSL_EXPORT void BIO_set_retry_write(BIO *bio);
@@ -656,7 +654,7 @@ OPENSSL_EXPORT int BIO_zero_copy_get_read_buf(BIO* bio,
* error stack. */
OPENSSL_EXPORT int BIO_zero_copy_get_read_buf_done(BIO* bio, size_t bytes_read);
-/* BIO_zero_copy_get_write_buf_done initiates a zero copy write operation.
+/* BIO_zero_copy_get_write_buf initiates a zero copy write operation.
* |out_write_buf| is set to to the internal write buffer, and |out_buf_offset|
* is set to the current write position of |out_write_buf|.
* The number of bytes available for write from |out_write_buf| +
@@ -667,7 +665,7 @@ OPENSSL_EXPORT int BIO_zero_copy_get_read_buf_done(BIO* bio, size_t bytes_read);
* stack.
*
* The zero copy write operation is completed by calling
- * |BIO_zero_copy_write_buf_done|. Neither |BIO_zero_copy_get_write_buf|
+ * |BIO_zero_copy_get_write_buf_done|. Neither |BIO_zero_copy_get_write_buf|
* nor any other I/O write operation may be called while a zero copy write
* operation is active. */
OPENSSL_EXPORT int BIO_zero_copy_get_write_buf(BIO* bio,
@@ -675,8 +673,8 @@ OPENSSL_EXPORT int BIO_zero_copy_get_write_buf(BIO* bio,
size_t* out_buf_offset,
size_t* out_available_bytes);
-/* BIO_zero_copy_write_buf_done must be called after writing to a BIO using
- * |BIO_zero_copy_get_write_buf_done| to finish the write operation. The
+/* BIO_zero_copy_get_write_buf_done must be called after writing to a BIO using
+ * |BIO_zero_copy_get_write_buf| to finish the write operation. The
* |bytes_written| argument gives the number of bytes written.
*
* It returns one on success. In case of error it returns zero and pushes to the
@@ -727,6 +725,18 @@ OPENSSL_EXPORT int BIO_zero_copy_get_write_buf_done(BIO* bio,
#define BIO_print_errors_fp ERR_print_errors_fp
+/* Deprecated functions. */
+
+/* Returns a filter |BIO| that base64-encodes data written into it, and decodes
+ * data read from it. |BIO_gets| is not supported. Call |BIO_flush| when done
+ * writing, to signal that no more data are to be encoded. The flag
+ * |BIO_FLAGS_BASE64_NO_NL| may be set to encode all the data on one line. */
+OPENSSL_EXPORT const BIO_METHOD *BIO_f_base64(void);
+
+/* ERR_print_errors is an alias for |BIO_print_errors|. */
+OPENSSL_EXPORT void ERR_print_errors(BIO *bio);
+
+
/* Private functions */
#define BIO_FLAGS_READ 0x01
@@ -870,25 +880,6 @@ struct bio_st {
} /* extern C */
#endif
-#define BIO_F_BIO_callback_ctrl 100
-#define BIO_F_BIO_ctrl 101
-#define BIO_F_BIO_new 102
-#define BIO_F_BIO_new_file 103
-#define BIO_F_BIO_new_mem_buf 104
-#define BIO_F_BIO_zero_copy_get_read_buf 105
-#define BIO_F_BIO_zero_copy_get_read_buf_done 106
-#define BIO_F_BIO_zero_copy_get_write_buf 107
-#define BIO_F_BIO_zero_copy_get_write_buf_done 108
-#define BIO_F_bio_io 109
-#define BIO_F_bio_make_pair 110
-#define BIO_F_bio_write 111
-#define BIO_F_buffer_ctrl 112
-#define BIO_F_conn_ctrl 113
-#define BIO_F_conn_state 114
-#define BIO_F_file_ctrl 115
-#define BIO_F_file_read 116
-#define BIO_F_mem_write 117
-#define BIO_F_BIO_printf 118
#define BIO_R_BAD_FOPEN_MODE 100
#define BIO_R_BROKEN_PIPE 101
#define BIO_R_CONNECT_ERROR 102
diff --git a/src/include/openssl/bn.h b/src/include/openssl/bn.h
index ec1c8ff..8de8cc4 100644
--- a/src/include/openssl/bn.h
+++ b/src/include/openssl/bn.h
@@ -182,7 +182,8 @@ OPENSSL_EXPORT void BN_clear_free(BIGNUM *bn);
* allocated BIGNUM on success or NULL otherwise. */
OPENSSL_EXPORT BIGNUM *BN_dup(const BIGNUM *src);
-/* BN_copy sets |dest| equal to |src| and returns |dest|. */
+/* BN_copy sets |dest| equal to |src| and returns |dest| or NULL on allocation
+ * failure. */
OPENSSL_EXPORT BIGNUM *BN_copy(BIGNUM *dest, const BIGNUM *src);
/* BN_clear sets |bn| to zero and erases the old data. */
@@ -297,6 +298,21 @@ OPENSSL_EXPORT int BN_print_fp(FILE *fp, const BIGNUM *a);
OPENSSL_EXPORT BN_ULONG BN_get_word(const BIGNUM *bn);
+/* ASN.1 functions. */
+
+/* BN_cbs2unsigned parses a non-negative DER INTEGER from |cbs| writes the
+ * result to |ret|. It returns one on success and zero on failure. */
+OPENSSL_EXPORT int BN_cbs2unsigned(CBS *cbs, BIGNUM *ret);
+
+/* BN_cbs2unsigned_buggy acts like |BN_cbs2unsigned| but tolerates some invalid
+ * encodings. Do not use this function. */
+OPENSSL_EXPORT int BN_cbs2unsigned_buggy(CBS *cbs, BIGNUM *ret);
+
+/* BN_bn2cbb marshals |bn| as a non-negative DER INTEGER and appends the result
+ * to |cbb|. It returns one on success and zero on failure. */
+OPENSSL_EXPORT int BN_bn2cbb(CBB *cbb, const BIGNUM *bn);
+
+
/* Internal functions.
*
* These functions are useful for code that is doing low-level manipulations of
@@ -310,7 +326,7 @@ OPENSSL_EXPORT void bn_correct_top(BIGNUM *bn);
/* bn_wexpand ensures that |bn| has at least |words| works of space without
* altering its value. It returns one on success or zero on allocation
* failure. */
-OPENSSL_EXPORT BIGNUM *bn_wexpand(BIGNUM *bn, unsigned words);
+OPENSSL_EXPORT BIGNUM *bn_wexpand(BIGNUM *bn, size_t words);
/* BIGNUM pools.
@@ -694,6 +710,14 @@ OPENSSL_EXPORT int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
OPENSSL_EXPORT BIGNUM *BN_mod_inverse(BIGNUM *out, const BIGNUM *a,
const BIGNUM *n, BN_CTX *ctx);
+/* BN_mod_inverse_ex acts like |BN_mod_inverse| except that, when it returns
+ * zero, it will set |*out_no_inverse| to one if the failure was caused because
+ * |a| has no inverse mod |n|. Otherwise it will set |*out_no_inverse| to
+ * zero. */
+OPENSSL_EXPORT BIGNUM *BN_mod_inverse_ex(BIGNUM *out, int *out_no_inverse,
+ const BIGNUM *a, const BIGNUM *n,
+ BN_CTX *ctx);
+
/* BN_kronecker returns the Kronecker symbol of |a| and |b| (which is -1, 0 or
* 1), or -2 on error. */
OPENSSL_EXPORT int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
@@ -782,6 +806,25 @@ OPENSSL_EXPORT int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1,
BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+/* Deprecated functions */
+
+/* BN_bn2mpi serialises the value of |in| to |out|, using a format that consists
+ * of the number's length in bytes represented as a 4-byte big-endian number,
+ * and the number itself in big-endian format, where the most significant bit
+ * signals a negative number. (The representation of numbers with the MSB set is
+ * prefixed with null byte). |out| must have sufficient space available; to
+ * find the needed amount of space, call the function with |out| set to NULL. */
+OPENSSL_EXPORT size_t BN_bn2mpi(const BIGNUM *in, uint8_t *out);
+
+/* BN_bin2bn parses |len| bytes from |in| and returns the resulting value. The
+ * bytes at |in| are expected to be in the format emitted by |BN_bn2mpi|.
+ *
+ * If |out| is NULL then a fresh |BIGNUM| is allocated and returned, otherwise
+ * |out| is reused and returned. On error, NULL is returned and the error queue
+ * is updated. */
+OPENSSL_EXPORT BIGNUM *BN_mpi2bn(const uint8_t *in, size_t len, BIGNUM *out);
+
+
/* Private functions */
struct bignum_st {
@@ -827,33 +870,6 @@ OPENSSL_EXPORT BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn);
} /* extern C */
#endif
-#define BN_F_BN_CTX_get 100
-#define BN_F_BN_CTX_new 101
-#define BN_F_BN_CTX_start 102
-#define BN_F_BN_bn2dec 103
-#define BN_F_BN_bn2hex 104
-#define BN_F_BN_div 105
-#define BN_F_BN_div_recp 106
-#define BN_F_BN_exp 107
-#define BN_F_BN_generate_dsa_nonce 108
-#define BN_F_BN_generate_prime_ex 109
-#define BN_F_BN_mod_exp2_mont 110
-#define BN_F_BN_mod_exp_mont 111
-#define BN_F_BN_mod_exp_mont_consttime 112
-#define BN_F_BN_mod_exp_mont_word 113
-#define BN_F_BN_mod_inverse 114
-#define BN_F_BN_mod_inverse_no_branch 115
-#define BN_F_BN_mod_lshift_quick 116
-#define BN_F_BN_mod_sqrt 117
-#define BN_F_BN_new 118
-#define BN_F_BN_rand 119
-#define BN_F_BN_rand_range 120
-#define BN_F_BN_sqrt 121
-#define BN_F_BN_usub 122
-#define BN_F_bn_wexpand 123
-#define BN_F_mod_exp_recp 124
-#define BN_F_BN_lshift 125
-#define BN_F_BN_rshift 126
#define BN_R_ARG2_LT_ARG3 100
#define BN_R_BAD_RECIPROCAL 101
#define BN_R_BIGNUM_TOO_LONG 102
@@ -871,5 +887,7 @@ OPENSSL_EXPORT BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn);
#define BN_R_P_IS_NOT_PRIME 114
#define BN_R_TOO_MANY_ITERATIONS 115
#define BN_R_TOO_MANY_TEMPORARY_VARIABLES 116
+#define BN_R_BAD_ENCODING 117
+#define BN_R_ENCODE_ERROR 118
#endif /* OPENSSL_HEADER_BN_H */
diff --git a/src/include/openssl/buf.h b/src/include/openssl/buf.h
index 2b36ce4..76e3795 100644
--- a/src/include/openssl/buf.h
+++ b/src/include/openssl/buf.h
@@ -115,9 +115,4 @@ OPENSSL_EXPORT size_t BUF_strlcat(char *dst, const char *src, size_t size);
} /* extern C */
#endif
-#define BUF_F_BUF_MEM_new 100
-#define BUF_F_BUF_memdup 101
-#define BUF_F_BUF_strndup 102
-#define BUF_F_buf_mem_grow 103
-
#endif /* OPENSSL_HEADER_BUFFER_H */
diff --git a/src/include/openssl/bytestring.h b/src/include/openssl/bytestring.h
index 9963426..1b1a0a9 100644
--- a/src/include/openssl/bytestring.h
+++ b/src/include/openssl/bytestring.h
@@ -99,6 +99,10 @@ OPENSSL_EXPORT int CBS_get_u32(CBS *cbs, uint32_t *out);
* |cbs|. It returns one on success and zero on error. */
OPENSSL_EXPORT int CBS_get_bytes(CBS *cbs, CBS *out, size_t len);
+/* CBS_copy_bytes copies the next |len| bytes from |cbs| to |out| and advances
+ * |cbs|. It returns one on success and zero on error. */
+OPENSSL_EXPORT int CBS_copy_bytes(CBS *cbs, uint8_t *out, size_t len);
+
/* CBS_get_u8_length_prefixed sets |*out| to the contents of an 8-bit,
* length-prefixed value from |cbs| and advances |cbs| over it. It returns one
* on success and zero on error. */
@@ -121,10 +125,12 @@ OPENSSL_EXPORT int CBS_get_u24_length_prefixed(CBS *cbs, CBS *out);
#define CBS_ASN1_INTEGER 0x2
#define CBS_ASN1_BITSTRING 0x3
#define CBS_ASN1_OCTETSTRING 0x4
+#define CBS_ASN1_NULL 0x5
#define CBS_ASN1_OBJECT 0x6
#define CBS_ASN1_ENUMERATED 0xa
#define CBS_ASN1_SEQUENCE (0x10 | CBS_ASN1_CONSTRUCTED)
#define CBS_ASN1_SET (0x11 | CBS_ASN1_CONSTRUCTED)
+#define CBS_ASN1_GENERALIZEDTIME 0x18
#define CBS_ASN1_CONSTRUCTED 0x20
#define CBS_ASN1_CONTEXT_SPECIFIC 0x80
@@ -158,16 +164,24 @@ OPENSSL_EXPORT int CBS_get_any_asn1_element(CBS *cbs, CBS *out,
unsigned *out_tag,
size_t *out_header_len);
+/* CBS_get_any_ber_asn1_element acts the same as |CBS_get_any_asn1_element| but
+ * also allows indefinite-length elements to be returned. In that case,
+ * |*out_header_len| and |CBS_len(out)| will both be two as only the header is
+ * returned, otherwise it behaves the same as the previous function. */
+OPENSSL_EXPORT int CBS_get_any_ber_asn1_element(CBS *cbs, CBS *out,
+ unsigned *out_tag,
+ size_t *out_header_len);
+
/* CBS_get_asn1_uint64 gets an ASN.1 INTEGER from |cbs| using |CBS_get_asn1|
* and sets |*out| to its value. It returns one on success and zero on error,
* where error includes the integer being negative, or too large to represent
* in 64 bits. */
OPENSSL_EXPORT int CBS_get_asn1_uint64(CBS *cbs, uint64_t *out);
-/* CBS_get_optional_asn1 gets an optional explicitly-tagged element
- * from |cbs| tagged with |tag| and sets |*out| to its contents. If
- * present, it sets |*out_present| to one, otherwise zero. It returns
- * one on success, whether or not the element was present, and zero on
+/* CBS_get_optional_asn1 gets an optional explicitly-tagged element from |cbs|
+ * tagged with |tag| and sets |*out| to its contents. If present and if
+ * |out_present| is not NULL, it sets |*out_present| to one, otherwise zero. It
+ * returns one on success, whether or not the element was present, and zero on
* decode failure. */
OPENSSL_EXPORT int CBS_get_optional_asn1(CBS *cbs, CBS *out, int *out_present,
unsigned tag);
@@ -238,6 +252,12 @@ struct cbb_st {
char is_top_level;
};
+/* CBB_zero sets an uninitialised |cbb| to the zero state. It must be
+ * initialised with |CBB_init| or |CBB_init_fixed| before use, but it is safe to
+ * call |CBB_cleanup| without a successful |CBB_init|. This may be used for more
+ * uniform cleanup of a |CBB|. */
+OPENSSL_EXPORT void CBB_zero(CBB *cbb);
+
/* CBB_init initialises |cbb| with |initial_capacity|. Since a |CBB| grows as
* needed, the |initial_capacity| is just a hint. It returns one on success or
* zero on error. */
@@ -268,6 +288,14 @@ OPENSSL_EXPORT int CBB_finish(CBB *cbb, uint8_t **out_data, size_t *out_len);
* on error. */
OPENSSL_EXPORT int CBB_flush(CBB *cbb);
+/* CBB_len returns the number of bytes written to |cbb|'s top-level |CBB|. It
+ * may be compared before and after an operation to determine how many bytes
+ * were written.
+ *
+ * It is a fatal error to call this on a CBB with any active children. This does
+ * not flush |cbb|. */
+OPENSSL_EXPORT size_t CBB_len(const CBB *cbb);
+
/* CBB_add_u8_length_prefixed sets |*out_contents| to a new child of |cbb|. The
* data written to |*out_contents| will be prefixed in |cbb| with an 8-bit
* length. It returns one on success or zero on error. */
@@ -283,7 +311,7 @@ OPENSSL_EXPORT int CBB_add_u16_length_prefixed(CBB *cbb, CBB *out_contents);
* big-endian length. It returns one on success or zero on error. */
OPENSSL_EXPORT int CBB_add_u24_length_prefixed(CBB *cbb, CBB *out_contents);
-/* CBB_add_asn sets |*out_contents| to a |CBB| into which the contents of an
+/* CBB_add_asn1 sets |*out_contents| to a |CBB| into which the contents of an
* ASN.1 object can be written. The |tag| argument will be used as the tag for
* the object. Passing in |tag| number 31 will return in an error since only
* single octet identifiers are supported. It returns one on success or zero
@@ -304,7 +332,7 @@ OPENSSL_EXPORT int CBB_add_space(CBB *cbb, uint8_t **out_data, size_t len);
* success and zero otherwise. */
OPENSSL_EXPORT int CBB_add_u8(CBB *cbb, uint8_t value);
-/* CBB_add_u8 appends a 16-bit, big-endian number from |value| to |cbb|. It
+/* CBB_add_u16 appends a 16-bit, big-endian number from |value| to |cbb|. It
* returns one on success and zero otherwise. */
OPENSSL_EXPORT int CBB_add_u16(CBB *cbb, uint16_t value);
diff --git a/src/include/openssl/chacha.h b/src/include/openssl/chacha.h
index ce53d49..b7f5882 100644
--- a/src/include/openssl/chacha.h
+++ b/src/include/openssl/chacha.h
@@ -25,9 +25,9 @@ extern "C" {
/* CRYPTO_chacha_20 encrypts |in_len| bytes from |in| with the given key and
* nonce and writes the result to |out|, which may be equal to |in|. The
* initial block counter is specified by |counter|. */
-void CRYPTO_chacha_20(uint8_t *out, const uint8_t *in,
- size_t in_len, const uint8_t key[32],
- const uint8_t nonce[8], size_t counter);
+OPENSSL_EXPORT void CRYPTO_chacha_20(uint8_t *out, const uint8_t *in,
+ size_t in_len, const uint8_t key[32],
+ const uint8_t nonce[8], size_t counter);
#if defined(__cplusplus)
diff --git a/src/include/openssl/cipher.h b/src/include/openssl/cipher.h
index 7f5fe04..a4e79dd 100644
--- a/src/include/openssl/cipher.h
+++ b/src/include/openssl/cipher.h
@@ -75,6 +75,9 @@ extern "C" {
OPENSSL_EXPORT const EVP_CIPHER *EVP_rc4(void);
OPENSSL_EXPORT const EVP_CIPHER *EVP_des_cbc(void);
+OPENSSL_EXPORT const EVP_CIPHER *EVP_des_ecb(void);
+OPENSSL_EXPORT const EVP_CIPHER *EVP_des_ede(void);
+OPENSSL_EXPORT const EVP_CIPHER *EVP_des_ede_cbc(void);
OPENSSL_EXPORT const EVP_CIPHER *EVP_des_ede3_cbc(void);
OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_128_ecb(void);
@@ -86,6 +89,7 @@ OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_ecb(void);
OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_cbc(void);
OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_ctr(void);
OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_ofb(void);
+OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_xts(void);
/* Deprecated AES-GCM implementations that set |EVP_CIPH_FLAG_CUSTOM_CIPHER|.
* Use |EVP_aead_aes_128_gcm| and |EVP_aead_aes_256_gcm| instead. */
@@ -102,6 +106,9 @@ OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_192_gcm(void);
* ciphertext. */
OPENSSL_EXPORT const EVP_CIPHER *EVP_enc_null(void);
+/* EVP_rc2_cbc returns a cipher that implements 128-bit RC2 in CBC mode. */
+OPENSSL_EXPORT const EVP_CIPHER *EVP_rc2_cbc(void);
+
/* EVP_rc2_40_cbc returns a cipher that implements 40-bit RC2 in CBC mode. This
* is obviously very, very weak and is included only in order to read PKCS#12
* files, which often encrypt the certificate chain using this cipher. It is
@@ -338,6 +345,7 @@ OPENSSL_EXPORT int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
#define EVP_CIPH_OFB_MODE 0x4
#define EVP_CIPH_CTR_MODE 0x5
#define EVP_CIPH_GCM_MODE 0x6
+#define EVP_CIPH_XTS_MODE 0x7
/* Cipher flags (for |EVP_CIPHER_flags|). */
@@ -533,41 +541,6 @@ struct evp_cipher_st {
} /* extern C */
#endif
-#define CIPHER_F_EVP_AEAD_CTX_init 100
-#define CIPHER_F_EVP_AEAD_CTX_open 101
-#define CIPHER_F_EVP_AEAD_CTX_seal 102
-#define CIPHER_F_EVP_CIPHER_CTX_copy 103
-#define CIPHER_F_EVP_CIPHER_CTX_ctrl 104
-#define CIPHER_F_EVP_CIPHER_CTX_set_key_length 105
-#define CIPHER_F_EVP_CipherInit_ex 106
-#define CIPHER_F_EVP_DecryptFinal_ex 107
-#define CIPHER_F_EVP_EncryptFinal_ex 108
-#define CIPHER_F_aead_aes_gcm_init 109
-#define CIPHER_F_aead_aes_gcm_open 110
-#define CIPHER_F_aead_aes_gcm_seal 111
-#define CIPHER_F_aead_aes_key_wrap_init 112
-#define CIPHER_F_aead_aes_key_wrap_open 113
-#define CIPHER_F_aead_aes_key_wrap_seal 114
-#define CIPHER_F_aead_chacha20_poly1305_init 115
-#define CIPHER_F_aead_chacha20_poly1305_open 116
-#define CIPHER_F_aead_chacha20_poly1305_seal 117
-#define CIPHER_F_aead_rc4_md5_tls_init 118
-#define CIPHER_F_aead_rc4_md5_tls_open 119
-#define CIPHER_F_aead_rc4_md5_tls_seal 120
-#define CIPHER_F_aead_ssl3_ensure_cipher_init 121
-#define CIPHER_F_aead_ssl3_init 122
-#define CIPHER_F_aead_ssl3_open 123
-#define CIPHER_F_aead_ssl3_seal 124
-#define CIPHER_F_aead_tls_ensure_cipher_init 125
-#define CIPHER_F_aead_tls_init 126
-#define CIPHER_F_aead_tls_open 127
-#define CIPHER_F_aead_tls_seal 128
-#define CIPHER_F_aes_init_key 129
-#define CIPHER_F_aesni_init_key 130
-#define CIPHER_F_EVP_AEAD_CTX_init_with_direction 131
-#define CIPHER_F_aead_aes_ctr_hmac_sha256_init 132
-#define CIPHER_F_aead_aes_ctr_hmac_sha256_open 133
-#define CIPHER_F_aead_aes_ctr_hmac_sha256_seal 134
#define CIPHER_R_AES_KEY_SETUP_FAILED 100
#define CIPHER_R_BAD_DECRYPT 101
#define CIPHER_R_BAD_KEY_LENGTH 102
diff --git a/src/include/openssl/conf.h b/src/include/openssl/conf.h
index 84fc94f..a2741a8 100644
--- a/src/include/openssl/conf.h
+++ b/src/include/openssl/conf.h
@@ -135,10 +135,6 @@ int CONF_parse_list(const char *list, char sep, int remove_whitespace,
} /* extern C */
#endif
-#define CONF_F_CONF_parse_list 100
-#define CONF_F_NCONF_load 101
-#define CONF_F_def_load_bio 102
-#define CONF_F_str_copy 103
#define CONF_R_LIST_CANNOT_BE_NULL 100
#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 101
#define CONF_R_MISSING_EQUAL_SIGN 102
diff --git a/src/include/openssl/cpu.h b/src/include/openssl/cpu.h
index 83ec473..981d246 100644
--- a/src/include/openssl/cpu.h
+++ b/src/include/openssl/cpu.h
@@ -77,11 +77,16 @@ extern "C" {
*
* Index 0:
* EDX for CPUID where EAX = 1
+ * Bit 20 is always zero
+ * Bit 28 is adjusted to reflect whether the data cache is shared between
+ * multiple logical cores
* Bit 30 is used to indicate an Intel CPU
* Index 1:
* ECX for CPUID where EAX = 1
+ * Bit 11 is used to indicate AMD XOP support, not SDBG
* Index 2:
* EBX for CPUID where EAX = 7
+ * Index 3 is set to zero.
*
* Note: the CPUID bits are pre-adjusted for the OSXSAVE bit and the YMM and XMM
* bits in XCR0, so it is not necessary to check those. */
diff --git a/src/include/openssl/crypto.h b/src/include/openssl/crypto.h
index 3af1547..5207a12 100644
--- a/src/include/openssl/crypto.h
+++ b/src/include/openssl/crypto.h
@@ -21,6 +21,10 @@
* mem.h. */
#include <openssl/mem.h>
+/* Upstream OpenSSL defines |CRYPTO_LOCK|, etc., in crypto.h rather than
+ * thread.h. */
+#include <openssl/thread.h>
+
#if defined(__cplusplus)
extern "C" {
@@ -55,9 +59,4 @@ OPENSSL_EXPORT unsigned long SSLeay(void);
} /* extern C */
#endif
-#define CRYPTO_F_CRYPTO_get_ex_new_index 100
-#define CRYPTO_F_CRYPTO_set_ex_data 101
-#define CRYPTO_F_get_class 102
-#define CRYPTO_F_get_func_pointers 103
-
#endif /* OPENSSL_HEADER_CRYPTO_H */
diff --git a/src/include/openssl/des.h b/src/include/openssl/des.h
index 6e1b0cf..f9db62d 100644
--- a/src/include/openssl/des.h
+++ b/src/include/openssl/des.h
@@ -72,12 +72,7 @@ typedef struct DES_cblock_st {
} DES_cblock;
typedef struct DES_ks {
- union {
- DES_cblock cblock;
- /* make sure things are correct size on machines with
- * 8 byte longs */
- uint32_t deslong[2];
- } ks[16];
+ uint32_t subkeys[16][2];
} DES_key_schedule;
@@ -142,6 +137,26 @@ OPENSSL_EXPORT void DES_ede2_cbc_encrypt(const uint8_t *in, uint8_t *out,
DES_cblock *ivec, int enc);
+/* Deprecated functions. */
+
+/* DES_set_key_unchecked calls |DES_set_key|. */
+OPENSSL_EXPORT void DES_set_key_unchecked(const DES_cblock *key,
+ DES_key_schedule *schedule);
+
+OPENSSL_EXPORT void DES_ede3_cfb64_encrypt(const uint8_t *in, uint8_t *out,
+ long length, DES_key_schedule *ks1,
+ DES_key_schedule *ks2,
+ DES_key_schedule *ks3,
+ DES_cblock *ivec, int *num, int enc);
+
+OPENSSL_EXPORT void DES_ede3_cfb_encrypt(const uint8_t *in, uint8_t *out,
+ int numbits, long length,
+ DES_key_schedule *ks1,
+ DES_key_schedule *ks2,
+ DES_key_schedule *ks3,
+ DES_cblock *ivec, int enc);
+
+
#if defined(__cplusplus)
} /* extern C */
#endif
diff --git a/src/include/openssl/dh.h b/src/include/openssl/dh.h
index 17574d5..75df632 100644
--- a/src/include/openssl/dh.h
+++ b/src/include/openssl/dh.h
@@ -235,7 +235,7 @@ struct dh_st {
BIGNUM *p;
BIGNUM *g;
- BIGNUM *pub_key; /* g^x */
+ BIGNUM *pub_key; /* g^x mod p */
BIGNUM *priv_key; /* x */
/* priv_length contains the length, in bits, of the private value. If zero,
@@ -262,10 +262,6 @@ struct dh_st {
} /* extern C */
#endif
-#define DH_F_DH_new_method 100
-#define DH_F_compute_key 101
-#define DH_F_generate_key 102
-#define DH_F_generate_parameters 103
#define DH_R_BAD_GENERATOR 100
#define DH_R_INVALID_PUBKEY 101
#define DH_R_MODULUS_TOO_LARGE 102
diff --git a/src/include/openssl/digest.h b/src/include/openssl/digest.h
index 2ea4ec4..66be4d0 100644
--- a/src/include/openssl/digest.h
+++ b/src/include/openssl/digest.h
@@ -234,15 +234,9 @@ struct evp_md_pctx_ops;
struct env_md_ctx_st {
/* digest is the underlying digest function, or NULL if not set. */
const EVP_MD *digest;
- /* flags is the OR of a number of |EVP_MD_CTX_FLAG_*| values. */
- uint32_t flags;
/* md_data points to a block of memory that contains the hash-specific
* context. */
void *md_data;
- /* update is usually copied from |digest->update| but can differ in some
- * cases, i.e. HMAC.
- * TODO(davidben): Remove this hook once |EVP_PKEY_HMAC| is gone. */
- void (*update)(EVP_MD_CTX *ctx, const void *data, size_t count);
/* pctx is an opaque (at this layer) pointer to additional context that
* EVP_PKEY functions may store in this object. */
@@ -258,8 +252,6 @@ struct env_md_ctx_st {
} /* extern C */
#endif
-#define DIGEST_F_EVP_DigestInit_ex 100
-#define DIGEST_F_EVP_MD_CTX_copy_ex 101
#define DIGEST_R_INPUT_NOT_INITIALIZED 100
#endif /* OPENSSL_HEADER_DIGEST_H */
diff --git a/src/include/openssl/dsa.h b/src/include/openssl/dsa.h
index 7274e4c..b1e7309 100644
--- a/src/include/openssl/dsa.h
+++ b/src/include/openssl/dsa.h
@@ -366,11 +366,6 @@ struct dsa_st {
} /* extern C */
#endif
-#define DSA_F_DSA_new_method 100
-#define DSA_F_dsa_sig_cb 101
-#define DSA_F_sign 102
-#define DSA_F_sign_setup 103
-#define DSA_F_verify 104
#define DSA_R_BAD_Q_VALUE 100
#define DSA_R_MISSING_PARAMETERS 101
#define DSA_R_MODULUS_TOO_LARGE 102
diff --git a/src/include/openssl/ec.h b/src/include/openssl/ec.h
index 25b4551..f664211 100644
--- a/src/include/openssl/ec.h
+++ b/src/include/openssl/ec.h
@@ -220,7 +220,7 @@ OPENSSL_EXPORT int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
BIGNUM *x, BIGNUM *y,
BN_CTX *ctx);
-/* EC_POINT_set_affine_coordinates sets the value of |p| to be (|x|, |y|). The
+/* EC_POINT_set_affine_coordinates_GFp sets the value of |p| to be (|x|, |y|). The
* |ctx| argument may be used if not NULL. */
OPENSSL_EXPORT int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group,
EC_POINT *point,
@@ -265,7 +265,7 @@ OPENSSL_EXPORT int EC_POINT_add(const EC_GROUP *group, EC_POINT *r,
OPENSSL_EXPORT int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r,
const EC_POINT *a, BN_CTX *ctx);
-/* EC_POINT_dbl sets |a| equal to minus |a|. It returns one on success and zero
+/* EC_POINT_invert sets |a| equal to minus |a|. It returns one on success and zero
* otherwise. If |ctx| is not NULL, it may be used. */
OPENSSL_EXPORT int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a,
BN_CTX *ctx);
@@ -334,73 +334,6 @@ OPENSSL_EXPORT void EC_GROUP_set_point_conversion_form(
} /* extern C */
#endif
-#define EC_F_EC_GROUP_copy 100
-#define EC_F_EC_GROUP_get_curve_GFp 101
-#define EC_F_EC_GROUP_get_degree 102
-#define EC_F_EC_GROUP_new_by_curve_name 103
-#define EC_F_EC_KEY_check_key 104
-#define EC_F_EC_KEY_copy 105
-#define EC_F_EC_KEY_generate_key 106
-#define EC_F_EC_KEY_new_method 107
-#define EC_F_EC_KEY_set_public_key_affine_coordinates 108
-#define EC_F_EC_POINT_add 109
-#define EC_F_EC_POINT_cmp 110
-#define EC_F_EC_POINT_copy 111
-#define EC_F_EC_POINT_dbl 112
-#define EC_F_EC_POINT_dup 113
-#define EC_F_EC_POINT_get_affine_coordinates_GFp 114
-#define EC_F_EC_POINT_invert 115
-#define EC_F_EC_POINT_is_at_infinity 116
-#define EC_F_EC_POINT_is_on_curve 117
-#define EC_F_EC_POINT_make_affine 118
-#define EC_F_EC_POINT_new 119
-#define EC_F_EC_POINT_oct2point 120
-#define EC_F_EC_POINT_point2oct 121
-#define EC_F_EC_POINT_set_affine_coordinates_GFp 122
-#define EC_F_EC_POINT_set_compressed_coordinates_GFp 123
-#define EC_F_EC_POINT_set_to_infinity 124
-#define EC_F_EC_POINTs_make_affine 125
-#define EC_F_compute_wNAF 126
-#define EC_F_d2i_ECPKParameters 127
-#define EC_F_d2i_ECParameters 128
-#define EC_F_d2i_ECPrivateKey 129
-#define EC_F_ec_GFp_mont_field_decode 130
-#define EC_F_ec_GFp_mont_field_encode 131
-#define EC_F_ec_GFp_mont_field_mul 132
-#define EC_F_ec_GFp_mont_field_set_to_one 133
-#define EC_F_ec_GFp_mont_field_sqr 134
-#define EC_F_ec_GFp_mont_group_set_curve 135
-#define EC_F_ec_GFp_simple_group_check_discriminant 136
-#define EC_F_ec_GFp_simple_group_set_curve 137
-#define EC_F_ec_GFp_simple_make_affine 138
-#define EC_F_ec_GFp_simple_oct2point 139
-#define EC_F_ec_GFp_simple_point2oct 140
-#define EC_F_ec_GFp_simple_point_get_affine_coordinates 141
-#define EC_F_ec_GFp_simple_point_set_affine_coordinates 142
-#define EC_F_ec_GFp_simple_points_make_affine 143
-#define EC_F_ec_GFp_simple_set_compressed_coordinates 144
-#define EC_F_ec_asn1_group2pkparameters 145
-#define EC_F_ec_asn1_pkparameters2group 146
-#define EC_F_ec_group_new 147
-#define EC_F_ec_group_new_curve_GFp 148
-#define EC_F_ec_group_new_from_data 149
-#define EC_F_ec_point_set_Jprojective_coordinates_GFp 150
-#define EC_F_ec_pre_comp_new 151
-#define EC_F_ec_wNAF_mul 152
-#define EC_F_ec_wNAF_precompute_mult 153
-#define EC_F_i2d_ECPKParameters 154
-#define EC_F_i2d_ECParameters 155
-#define EC_F_i2d_ECPrivateKey 156
-#define EC_F_i2o_ECPublicKey 157
-#define EC_F_o2i_ECPublicKey 158
-#define EC_F_BN_to_felem 159
-#define EC_F_ec_GFp_nistp256_group_set_curve 160
-#define EC_F_ec_GFp_nistp256_point_get_affine_coordinates 161
-#define EC_F_ec_GFp_nistp256_points_mul 162
-#define EC_F_ec_group_copy 163
-#define EC_F_nistp256_pre_comp_new 164
-#define EC_F_EC_KEY_new_by_curve_name 165
-#define EC_F_EC_GROUP_new_curve_GFp 166
#define EC_R_BUFFER_TOO_SMALL 100
#define EC_R_COORDINATES_OUT_OF_RANGE 101
#define EC_R_D2I_ECPKPARAMETERS_FAILURE 102
diff --git a/src/include/openssl/ec_key.h b/src/include/openssl/ec_key.h
index ee64030..1cd4e6e 100644
--- a/src/include/openssl/ec_key.h
+++ b/src/include/openssl/ec_key.h
@@ -192,7 +192,7 @@ OPENSSL_EXPORT int EC_KEY_generate_key(EC_KEY *key);
OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey(EC_KEY **out_key, const uint8_t **inp,
long len);
-/* i2d_ECParameters marshals an EC private key from |key| to an ASN.1, DER
+/* i2d_ECPrivateKey marshals an EC private key from |key| to an ASN.1, DER
* structure. If |outp| is not NULL then the result is written to |*outp| and
* |*outp| is advanced just past the output. It returns the number of bytes in
* the result, whether written or not, or a negative value on error. */
@@ -215,8 +215,8 @@ OPENSSL_EXPORT int i2d_ECParameters(const EC_KEY *key, uint8_t **outp);
/* o2i_ECPublicKey parses an EC point from |len| bytes at |*inp| into
* |*out_key|. Note that this differs from the d2i format in that |*out_key|
- * must be non-NULL. On successful exit, |*inp| is advanced past the DER
- * structure. It returns |*out_key| or NULL on error. */
+ * must be non-NULL with a group set. On successful exit, |*inp| is advanced by
+ * |len| bytes. It returns |*out_key| or NULL on error. */
OPENSSL_EXPORT EC_KEY *o2i_ECPublicKey(EC_KEY **out_key, const uint8_t **inp,
long len);
diff --git a/src/include/openssl/ecdh.h b/src/include/openssl/ecdh.h
index 27a8578..878cbeb 100644
--- a/src/include/openssl/ecdh.h
+++ b/src/include/openssl/ecdh.h
@@ -95,7 +95,6 @@ OPENSSL_EXPORT int ECDH_compute_key(void *out, size_t outlen,
} /* extern C */
#endif
-#define ECDH_F_ECDH_compute_key 100
#define ECDH_R_KDF_FAILED 100
#define ECDH_R_NO_PRIVATE_VALUE 101
#define ECDH_R_POINT_ARITHMETIC_FAILURE 102
diff --git a/src/include/openssl/ecdsa.h b/src/include/openssl/ecdsa.h
index e045463..84702c3 100644
--- a/src/include/openssl/ecdsa.h
+++ b/src/include/openssl/ecdsa.h
@@ -148,6 +148,34 @@ OPENSSL_EXPORT int ECDSA_sign_ex(int type, const uint8_t *digest,
/* ASN.1 functions. */
+/* ECDSA_SIG_parse parses a DER-encoded ECDSA-Sig-Value structure from |cbs| and
+ * advances |cbs|. It returns a newly-allocated |ECDSA_SIG| or NULL on error. */
+OPENSSL_EXPORT ECDSA_SIG *ECDSA_SIG_parse(CBS *cbs);
+
+/* ECDSA_SIG_from_bytes parses |in| as a DER-encoded ECDSA-Sig-Value structure.
+ * It returns a newly-allocated |ECDSA_SIG| structure or NULL on error. */
+OPENSSL_EXPORT ECDSA_SIG *ECDSA_SIG_from_bytes(const uint8_t *in,
+ size_t in_len);
+
+/* ECDSA_SIG_marshal marshals |sig| as a DER-encoded ECDSA-Sig-Value and appends
+ * the result to |cbb|. It returns one on success and zero on error. */
+OPENSSL_EXPORT int ECDSA_SIG_marshal(CBB *cbb, const ECDSA_SIG *sig);
+
+/* ECDSA_SIG_to_asn1 marshals |sig| as a DER-encoded ECDSA-Sig-Value and, on
+ * success, sets |*out_bytes| to a newly allocated buffer containing the result
+ * and returns one. Otherwise, it returns zero. The result should be freed with
+ * |OPENSSL_free|. */
+OPENSSL_EXPORT int ECDSA_SIG_to_bytes(uint8_t **out_bytes, size_t *out_len,
+ const ECDSA_SIG *sig);
+
+/* ECDSA_SIG_max_len returns the maximum length of a DER-encoded ECDSA-Sig-Value
+ * structure for a group whose order is represented in |order_len| bytes, or
+ * zero on overflow. */
+OPENSSL_EXPORT size_t ECDSA_SIG_max_len(size_t order_len);
+
+
+/* Deprecated functions. */
+
/* d2i_ECDSA_SIG parses an ASN.1, DER-encoded, signature from |len| bytes at
* |*inp|. If |out| is not NULL then, on exit, a pointer to the result is in
* |*out|. If |*out| is already non-NULL on entry then the result is written
@@ -168,15 +196,11 @@ OPENSSL_EXPORT int i2d_ECDSA_SIG(const ECDSA_SIG *sig, uint8_t **outp);
} /* extern C */
#endif
-#define ECDSA_F_ECDSA_do_sign_ex 100
-#define ECDSA_F_ECDSA_do_verify 101
-#define ECDSA_F_ECDSA_sign_ex 102
-#define ECDSA_F_digest_to_bn 103
-#define ECDSA_F_ecdsa_sign_setup 104
#define ECDSA_R_BAD_SIGNATURE 100
#define ECDSA_R_MISSING_PARAMETERS 101
#define ECDSA_R_NEED_NEW_SETUP_VALUES 102
#define ECDSA_R_NOT_IMPLEMENTED 103
#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
+#define ECDSA_R_ENCODE_ERROR 105
#endif /* OPENSSL_HEADER_ECDSA_H */
diff --git a/src/include/openssl/err.h b/src/include/openssl/err.h
index 30dc4af..c61e1ef 100644
--- a/src/include/openssl/err.h
+++ b/src/include/openssl/err.h
@@ -126,12 +126,11 @@ extern "C" {
*
* Each error contains:
* 1) The library (i.e. ec, pem, rsa) which created it.
- * 2) A function identifier and reason code.
- * 3) The file and line number of the call that added the error.
- * 4) A pointer to some error specific data, which may be NULL.
+ * 2) The function, file, and line number of the call that added the error.
+ * 3) A pointer to some error specific data, which may be NULL.
*
- * The library identifier, function identifier and reason code are packed in a
- * uint32_t and there exist various functions for unpacking it.
+ * The library identifier and reason code are packed in a uint32_t and there
+ * exist various functions for unpacking it.
*
* The typical behaviour is that an error will occur deep in a call queue and
* that code will push an error onto the error queue. As the error queue
@@ -184,6 +183,10 @@ OPENSSL_EXPORT uint32_t ERR_peek_error_line(const char **file, int *line);
OPENSSL_EXPORT uint32_t ERR_peek_error_line_data(const char **file, int *line,
const char **data, int *flags);
+/* ERR_peek_function returns the name of the function which added the least
+ * recent error or NULL if the queue is empty. */
+OPENSSL_EXPORT const char *ERR_peek_function(void);
+
/* The "peek last" functions act like the "peek" functions, above, except that
* they return the most recent error. */
OPENSSL_EXPORT uint32_t ERR_peek_last_error(void);
@@ -202,10 +205,10 @@ OPENSSL_EXPORT uint32_t ERR_peek_last_error_line_data(const char **file,
*
* The string will have the following format:
*
- * error:[error code]:[library name]:[function name]:[reason string]
+ * error:[error code]:[library name]:OPENSSL_internal:[reason string]
*
- * error code is an 8 digit hexadecimal number; library name, function name
- * and reason string are ASCII text.
+ * error code is an 8 digit hexadecimal number; library name and reason string
+ * are ASCII text.
*
* TODO(fork): remove in favour of |ERR_error_string_n|. */
OPENSSL_EXPORT char *ERR_error_string(uint32_t packed_error, char *buf);
@@ -222,10 +225,6 @@ OPENSSL_EXPORT void ERR_error_string_n(uint32_t packed_error, char *buf,
* generated |packed_error|. */
OPENSSL_EXPORT const char *ERR_lib_error_string(uint32_t packed_error);
-/* ERR_func_error_string returns a string representation of the function that
- * generated |packed_error|. */
-OPENSSL_EXPORT const char *ERR_func_error_string(uint32_t packed_error);
-
/* ERR_reason_error_string returns a string representation of the reason for
* |packed_error|. */
OPENSSL_EXPORT const char *ERR_reason_error_string(uint32_t packed_error);
@@ -258,11 +257,11 @@ typedef int (*ERR_print_errors_callback_t)(const char *str, size_t len,
OPENSSL_EXPORT void ERR_print_errors_cb(ERR_print_errors_callback_t callback,
void *ctx);
-
/* ERR_print_errors_fp prints the current contents of the error stack to |file|
* using human readable strings where possible. */
OPENSSL_EXPORT void ERR_print_errors_fp(FILE *file);
+
/* Clearing errors. */
/* ERR_clear_error clears the error queue for the current thread. */
@@ -287,30 +286,41 @@ OPENSSL_EXPORT int ERR_get_next_error_library(void);
/* Deprecated functions. */
-/* |ERR_remove_state| calls |ERR_clear_error|. */
+/* ERR_remove_state calls |ERR_clear_error|. */
OPENSSL_EXPORT void ERR_remove_state(unsigned long pid);
+/* ERR_func_error_string returns the string "OPENSSL_internal". */
+OPENSSL_EXPORT const char *ERR_func_error_string(uint32_t packed_error);
+
/* Private functions. */
/* ERR_clear_system_error clears the system's error value (i.e. errno). */
OPENSSL_EXPORT void ERR_clear_system_error(void);
+#if defined(OPENSSL_WINDOWS)
+/* TODO(davidben): Use |__func__| directly once the minimum MSVC version
+ * supports it. */
+#define OPENSSL_CURRENT_FUNCTION __FUNCTION__
+#else
+#define OPENSSL_CURRENT_FUNCTION __func__
+#endif
+
/* OPENSSL_PUT_ERROR is used by OpenSSL code to add an error to the error
* queue. */
-#define OPENSSL_PUT_ERROR(library, func, reason) \
- ERR_put_error(ERR_LIB_##library, library##_F_##func, reason, __FILE__, \
+#define OPENSSL_PUT_ERROR(library, reason) \
+ ERR_put_error(ERR_LIB_##library, reason, OPENSSL_CURRENT_FUNCTION, __FILE__, \
__LINE__)
/* OPENSSL_PUT_SYSTEM_ERROR is used by OpenSSL code to add an error from the
* operating system to the error queue. */
/* TODO(fork): include errno. */
#define OPENSSL_PUT_SYSTEM_ERROR(func) \
- ERR_put_error(ERR_LIB_SYS, SYS_F_##func, 0, __FILE__, __LINE__);
+ ERR_put_error(ERR_LIB_SYS, 0, #func, __FILE__, __LINE__);
/* ERR_put_error adds an error to the error queue, dropping the least recent
* error if neccessary for space reasons. */
-OPENSSL_EXPORT void ERR_put_error(int library, int func, int reason,
+OPENSSL_EXPORT void ERR_put_error(int library, int reason, const char *function,
const char *file, unsigned line);
/* ERR_add_error_data takes a variable number (|count|) of const char*
@@ -333,6 +343,8 @@ OPENSSL_EXPORT int ERR_set_mark(void);
OPENSSL_EXPORT int ERR_pop_to_mark(void);
struct err_error_st {
+ /* function contains the name of the function where the error occured. */
+ const char *function;
/* file contains the filename where the error occured. */
const char *file;
/* data contains optional data. It must be freed with |OPENSSL_free| if
@@ -418,8 +430,8 @@ enum {
ERR_LIB_HMAC,
ERR_LIB_DIGEST,
ERR_LIB_CIPHER,
- ERR_LIB_USER,
ERR_LIB_HKDF,
+ ERR_LIB_USER,
ERR_NUM_LIBS
};
@@ -469,22 +481,11 @@ enum {
#define ERR_R_INTERNAL_ERROR (4 | ERR_R_FATAL)
#define ERR_R_OVERFLOW (5 | ERR_R_FATAL)
-/* System error functions */
-#define SYS_F_fopen 100
-#define SYS_F_fclose 101
-#define SYS_F_fread 102
-#define SYS_F_fwrite 103
-#define SYS_F_socket 104
-#define SYS_F_setsockopt 105
-#define SYS_F_connect 106
-#define SYS_F_getaddrinfo 107
-
-#define ERR_PACK(lib, func, reason) \
- (((((uint32_t)lib) & 0xff) << 24) | ((((uint32_t)func) & 0xfff) << 12) | \
- ((((uint32_t)reason) & 0xfff)))
+#define ERR_PACK(lib, reason) \
+ (((((uint32_t)lib) & 0xff) << 24) | ((((uint32_t)reason) & 0xfff)))
#define ERR_GET_LIB(packed_error) ((int)(((packed_error) >> 24) & 0xff))
-#define ERR_GET_FUNC(packed_error) ((int)(((packed_error) >> 12) & 0xfff))
+#define ERR_GET_FUNC(packed_error) 0
#define ERR_GET_REASON(packed_error) ((int)((packed_error) & 0xfff))
/* OPENSSL_DECLARE_ERROR_REASON is used by util/make_errors.h (which generates
@@ -494,13 +495,6 @@ enum {
* ${lib}_R_${reason}. */
#define OPENSSL_DECLARE_ERROR_REASON(lib, reason)
-/* OPENSSL_DECLARE_ERROR_FUNCTION is used by util/make_errors.h (which
- * generates the error * defines to recognise that an additional function value
- * is needed. This is * needed when the function value is used outside of an
- * |OPENSSL_PUT_ERROR| * macro. The resulting define will be
- * ${lib}_F_${reason}. */
-#define OPENSSL_DECLARE_ERROR_FUNCTION(lib, function_name)
-
#if defined(__cplusplus)
} /* extern C */
diff --git a/src/include/openssl/evp.h b/src/include/openssl/evp.h
index 490a951..99b147e 100644
--- a/src/include/openssl/evp.h
+++ b/src/include/openssl/evp.h
@@ -66,6 +66,7 @@
*
* TODO(fork): clean up callers so that they include what they use. */
#include <openssl/aead.h>
+#include <openssl/base64.h>
#include <openssl/cipher.h>
#include <openssl/digest.h>
#include <openssl/obj.h>
@@ -136,14 +137,6 @@ OPENSSL_EXPORT int EVP_PKEY_id(const EVP_PKEY *pkey);
* |EVP_PKEY_RSA2| will be turned into |EVP_PKEY_RSA|. */
OPENSSL_EXPORT int EVP_PKEY_type(int nid);
-/* Deprecated: EVP_PKEY_new_mac_key allocates a fresh |EVP_PKEY| of the given
- * type (e.g. |EVP_PKEY_HMAC|), sets |mac_key| as the MAC key and "generates" a
- * new key, suitable for signing. It returns the fresh |EVP_PKEY|, or NULL on
- * error. Use |HMAC_CTX| directly instead. */
-OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *engine,
- const uint8_t *mac_key,
- size_t mac_key_len);
-
/* Getting and setting concrete public key types.
*
@@ -177,9 +170,6 @@ OPENSSL_EXPORT struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
#define EVP_PKEY_DHX NID_dhpublicnumber
#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
-/* Deprecated: Use |HMAC_CTX| directly instead. */
-#define EVP_PKEY_HMAC NID_hmac
-
/* EVP_PKEY_assign sets the underlying key of |pkey| to |key|, which must be of
* the given type. The |type| argument should be one of the |EVP_PKEY_*|
* values. */
@@ -220,10 +210,13 @@ OPENSSL_EXPORT EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp,
* the result, whether written or not, or a negative value on error. */
OPENSSL_EXPORT int i2d_PrivateKey(const EVP_PKEY *key, uint8_t **outp);
-/* i2d_PublicKey marshals a public key from |key| to an ASN.1, DER
- * structure. If |outp| is not NULL then the result is written to |*outp| and
+/* i2d_PublicKey marshals a public key from |key| to a type-specific format.
+ * If |outp| is not NULL then the result is written to |*outp| and
* |*outp| is advanced just past the output. It returns the number of bytes in
- * the result, whether written or not, or a negative value on error. */
+ * the result, whether written or not, or a negative value on error.
+ *
+ * RSA keys are serialized as a DER-encoded RSAPublicKey (RFC 3447) structure.
+ * EC keys are serialized as an EC point per SEC 1. */
OPENSSL_EXPORT int i2d_PublicKey(EVP_PKEY *key, uint8_t **outp);
@@ -377,12 +370,12 @@ OPENSSL_EXPORT int EVP_VerifyFinal(EVP_MD_CTX *ctx, const uint8_t *sig,
OPENSSL_EXPORT int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
int indent, ASN1_PCTX *pctx);
-/* EVP_PKEY_print_public prints a textual representation of the private key in
+/* EVP_PKEY_print_private prints a textual representation of the private key in
* |pkey| to |out|. Returns one on success or zero otherwise. */
OPENSSL_EXPORT int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
int indent, ASN1_PCTX *pctx);
-/* EVP_PKEY_print_public prints a textual representation of the parameters in
+/* EVP_PKEY_print_params prints a textual representation of the parameters in
* |pkey| to |out|. Returns one on success or zero otherwise. */
OPENSSL_EXPORT int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
int indent, ASN1_PCTX *pctx);
@@ -419,13 +412,13 @@ OPENSSL_EXPORT int PKCS5_PBKDF2_HMAC_SHA1(const char *password,
* returns the context or NULL on error. */
OPENSSL_EXPORT EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
-/* EVP_PKEY_CTX_new allocates a fresh |EVP_PKEY_CTX| for a key of type |id|
+/* EVP_PKEY_CTX_new_id allocates a fresh |EVP_PKEY_CTX| for a key of type |id|
* (e.g. |EVP_PKEY_HMAC|). This can be used for key generation where
* |EVP_PKEY_CTX_new| can't be used because there isn't an |EVP_PKEY| to pass
* it. It returns the context or NULL on error. */
OPENSSL_EXPORT EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
-/* EVP_KEY_CTX_free frees |ctx| and the data it owns. */
+/* EVP_PKEY_CTX_free frees |ctx| and the data it owns. */
OPENSSL_EXPORT void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
/* EVP_PKEY_CTX_dup allocates a fresh |EVP_PKEY_CTX| and sets it equal to the
@@ -650,17 +643,6 @@ OPENSSL_EXPORT int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx,
/* Deprecated functions. */
-/* EVP_PKEY_dup adds one to the reference count of |pkey| and returns
- * |pkey|.
- *
- * WARNING: this is a |_dup| function that doesn't actually duplicate! Use
- * |EVP_PKEY_up_ref| if you want to increment the reference count without
- * confusion. */
-OPENSSL_EXPORT EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey);
-
-
-/* Private functions */
-
/* OpenSSL_add_all_algorithms does nothing. */
OPENSSL_EXPORT void OpenSSL_add_all_algorithms(void);
@@ -673,6 +655,9 @@ OPENSSL_EXPORT void OpenSSL_add_all_digests(void);
/* EVP_cleanup does nothing. */
OPENSSL_EXPORT void EVP_cleanup(void);
+
+/* Private functions */
+
/* EVP_PKEY_asn1_find returns the ASN.1 method table for the given |nid|, which
* should be one of the |EVP_PKEY_*| values. It returns NULL if |nid| is
* unknown. */
@@ -692,10 +677,10 @@ struct evp_pkey_st {
union {
char *ptr;
- struct rsa_st *rsa; /* RSA */
- struct dsa_st *dsa; /* DSA */
- struct dh_st *dh; /* DH */
- struct ec_key_st *ec; /* ECC */
+ RSA *rsa;
+ DSA *dsa;
+ DH *dh;
+ EC_KEY *ec;
} pkey;
/* ameth contains a pointer to a method table that contains many ASN.1
@@ -708,74 +693,6 @@ struct evp_pkey_st {
} /* extern C */
#endif
-#define EVP_F_EVP_PKEY_derive_init 108
-#define EVP_F_EVP_PKEY_encrypt 110
-#define EVP_F_EVP_PKEY_encrypt_init 111
-#define EVP_F_EVP_PKEY_get1_DH 112
-#define EVP_F_EVP_PKEY_get1_EC_KEY 114
-#define EVP_F_EVP_PKEY_get1_RSA 115
-#define EVP_F_EVP_PKEY_keygen 116
-#define EVP_F_EVP_PKEY_sign 120
-#define EVP_F_EVP_PKEY_sign_init 121
-#define EVP_F_EVP_PKEY_verify 122
-#define EVP_F_EVP_PKEY_verify_init 123
-#define EVP_F_d2i_AutoPrivateKey 125
-#define EVP_F_d2i_PrivateKey 126
-#define EVP_F_do_EC_KEY_print 127
-#define EVP_F_do_sigver_init 129
-#define EVP_F_eckey_param2type 130
-#define EVP_F_eckey_param_decode 131
-#define EVP_F_eckey_priv_decode 132
-#define EVP_F_eckey_priv_encode 133
-#define EVP_F_eckey_pub_decode 134
-#define EVP_F_eckey_pub_encode 135
-#define EVP_F_eckey_type2param 136
-#define EVP_F_evp_pkey_ctx_new 137
-#define EVP_F_hmac_signctx 138
-#define EVP_F_i2d_PublicKey 139
-#define EVP_F_old_ec_priv_decode 140
-#define EVP_F_old_rsa_priv_decode 141
-#define EVP_F_pkey_ec_ctrl 142
-#define EVP_F_pkey_ec_derive 143
-#define EVP_F_pkey_ec_keygen 144
-#define EVP_F_pkey_ec_paramgen 145
-#define EVP_F_pkey_ec_sign 146
-#define EVP_F_pkey_rsa_ctrl 147
-#define EVP_F_pkey_rsa_decrypt 148
-#define EVP_F_pkey_rsa_encrypt 149
-#define EVP_F_pkey_rsa_sign 150
-#define EVP_F_rsa_algor_to_md 151
-#define EVP_F_rsa_digest_verify_init_from_algorithm 152
-#define EVP_F_rsa_mgf1_to_md 153
-#define EVP_F_rsa_priv_decode 154
-#define EVP_F_rsa_priv_encode 155
-#define EVP_F_rsa_pss_to_ctx 156
-#define EVP_F_rsa_pub_decode 157
-#define EVP_F_pkey_hmac_ctrl 158
-#define EVP_F_EVP_PKEY_CTX_get0_rsa_oaep_label 159
-#define EVP_F_EVP_DigestSignAlgorithm 160
-#define EVP_F_EVP_DigestVerifyInitFromAlgorithm 161
-#define EVP_F_EVP_PKEY_CTX_ctrl 162
-#define EVP_F_EVP_PKEY_CTX_dup 163
-#define EVP_F_EVP_PKEY_copy_parameters 164
-#define EVP_F_EVP_PKEY_decrypt 165
-#define EVP_F_EVP_PKEY_decrypt_init 166
-#define EVP_F_EVP_PKEY_derive 167
-#define EVP_F_EVP_PKEY_derive_set_peer 168
-#define EVP_F_EVP_PKEY_get1_DSA 169
-#define EVP_F_EVP_PKEY_keygen_init 170
-#define EVP_F_EVP_PKEY_new 171
-#define EVP_F_EVP_PKEY_set_type 172
-#define EVP_F_check_padding_md 173
-#define EVP_F_do_dsa_print 174
-#define EVP_F_do_rsa_print 175
-#define EVP_F_dsa_param_decode 176
-#define EVP_F_dsa_priv_decode 177
-#define EVP_F_dsa_priv_encode 178
-#define EVP_F_dsa_pub_decode 179
-#define EVP_F_dsa_pub_encode 180
-#define EVP_F_dsa_sig_print 181
-#define EVP_F_old_dsa_priv_decode 182
#define EVP_R_BUFFER_TOO_SMALL 100
#define EVP_R_COMMAND_NOT_SUPPORTED 101
#define EVP_R_DIFFERENT_KEY_TYPES 104
diff --git a/src/include/openssl/ex_data.h b/src/include/openssl/ex_data.h
index 2303eb4..c0d3773 100644
--- a/src/include/openssl/ex_data.h
+++ b/src/include/openssl/ex_data.h
@@ -134,7 +134,7 @@ typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
#if 0 /* Sample */
-/* |TYPE_get_ex_new_index| allocates a new index for |TYPE|. See the
+/* TYPE_get_ex_new_index allocates a new index for |TYPE|. See the
* descriptions of the callback typedefs for details of when they are
* called. Any of the callback arguments may be NULL. The |argl| and |argp|
* arguments are opaque values that are passed to the callbacks. It returns the
@@ -146,11 +146,11 @@ OPENSSL_EXPORT int TYPE_get_ex_new_index(long argl, void *argp,
CRYPTO_EX_dup *dup_func,
CRYPTO_EX_free *free_func);
-/* |TYPE_set_ex_data| sets an extra data pointer on |t|. The |index| argument
+/* TYPE_set_ex_data sets an extra data pointer on |t|. The |index| argument
* should have been returned from a previous call to |TYPE_get_ex_new_index|. */
OPENSSL_EXPORT int TYPE_set_ex_data(TYPE *t, int index, void *arg);
-/* |TYPE_get_ex_data| returns an extra data pointer for |t|, or NULL if no such
+/* TYPE_get_ex_data returns an extra data pointer for |t|, or NULL if no such
* pointer exists. The |index| argument should have been returned from a
* previous call to |TYPE_get_ex_new_index|. */
OPENSSL_EXPORT void *TYPE_get_ex_data(const TYPE *t, int index);
diff --git a/src/include/openssl/hkdf.h b/src/include/openssl/hkdf.h
index 4091b84..b7a0dc2 100644
--- a/src/include/openssl/hkdf.h
+++ b/src/include/openssl/hkdf.h
@@ -39,7 +39,6 @@ OPENSSL_EXPORT int HKDF(uint8_t *out_key, size_t out_len, const EVP_MD *digest,
} /* extern C */
#endif
-#define HKDF_F_HKDF 100
#define HKDF_R_OUTPUT_TOO_LARGE 100
#endif /* OPENSSL_HEADER_HKDF_H */
diff --git a/src/include/openssl/lhash.h b/src/include/openssl/lhash.h
index d2ee982..691b247 100644
--- a/src/include/openssl/lhash.h
+++ b/src/include/openssl/lhash.h
@@ -1,4 +1,5 @@
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved.
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
diff --git a/src/include/openssl/md4.h b/src/include/openssl/md4.h
index ce4fa99..1db7499 100644
--- a/src/include/openssl/md4.h
+++ b/src/include/openssl/md4.h
@@ -1,4 +1,5 @@
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved.
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
@@ -71,7 +72,7 @@ extern "C" {
/* MD4_DIGEST_LENGTH is the length of an MD4 digest. */
#define MD4_DIGEST_LENGTH 16
-/* MD41_Init initialises |md4| and returns one. */
+/* MD4_Init initialises |md4| and returns one. */
OPENSSL_EXPORT int MD4_Init(MD4_CTX *md4);
/* MD4_Update adds |len| bytes from |data| to |md4| and returns one. */
diff --git a/src/include/openssl/md5.h b/src/include/openssl/md5.h
index efedc98..9b13922 100644
--- a/src/include/openssl/md5.h
+++ b/src/include/openssl/md5.h
@@ -1,4 +1,5 @@
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved.
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
@@ -72,7 +73,7 @@ extern "C" {
/* MD5_DIGEST_LENGTH is the length of an MD5 digest. */
#define MD5_DIGEST_LENGTH 16
-/* MD51_Init initialises |md5| and returns one. */
+/* MD5_Init initialises |md5| and returns one. */
OPENSSL_EXPORT int MD5_Init(MD5_CTX *md5);
/* MD5_Update adds |len| bytes from |data| to |md5| and returns one. */
diff --git a/src/include/openssl/mem.h b/src/include/openssl/mem.h
index 42ec46a..c8e2b3e 100644
--- a/src/include/openssl/mem.h
+++ b/src/include/openssl/mem.h
@@ -1,4 +1,5 @@
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved.
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
diff --git a/src/include/openssl/obj.h b/src/include/openssl/obj.h
index f476617..0c7ae60 100644
--- a/src/include/openssl/obj.h
+++ b/src/include/openssl/obj.h
@@ -128,7 +128,7 @@ OPENSSL_EXPORT const char *OBJ_nid2sn(int nid);
/* OBJ_nid2sn returns the long name for |nid|, or NULL if |nid| is unknown. */
OPENSSL_EXPORT const char *OBJ_nid2ln(int nid);
-/* OBJ_nid2cbs writes |nid| as an ASN.1 OBJECT IDENTIFIER to |out|. It returns
+/* OBJ_nid2cbb writes |nid| as an ASN.1 OBJECT IDENTIFIER to |out|. It returns
* one on success or zero otherwise. */
OPENSSL_EXPORT int OBJ_nid2cbb(CBB *out, int nid);
@@ -193,10 +193,6 @@ OPENSSL_EXPORT int OBJ_find_sigid_by_algs(int *out_sign_nid, int digest_nid,
} /* extern C */
#endif
-#define OBJ_F_OBJ_create 100
-#define OBJ_F_OBJ_dup 101
-#define OBJ_F_OBJ_nid2obj 102
-#define OBJ_F_OBJ_txt2obj 103
#define OBJ_R_UNKNOWN_NID 100
#endif /* OPENSSL_HEADER_OBJECTS_H */
diff --git a/src/include/openssl/pem.h b/src/include/openssl/pem.h
index 7756e45..db763d5 100644
--- a/src/include/openssl/pem.h
+++ b/src/include/openssl/pem.h
@@ -410,7 +410,7 @@ OPENSSL_EXPORT void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
OPENSSL_EXPORT void PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
OPENSSL_EXPORT int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, EVP_PKEY *pkey);
-/* |PEM_def_callback| treats |userdata| as a string and copies it into |buf|,
+/* PEM_def_callback treats |userdata| as a string and copies it into |buf|,
* assuming its |size| is sufficient. Returns the length of the string, or 0
* if there is not enough room. If either |buf| or |userdata| is NULL, 0 is
* returned. Note that this is different from OpenSSL, which prompts for a
@@ -502,30 +502,6 @@ void ERR_load_PEM_strings(void);
}
#endif
-#define PEM_F_PEM_ASN1_read 100
-#define PEM_F_PEM_ASN1_read_bio 101
-#define PEM_F_PEM_ASN1_write 102
-#define PEM_F_PEM_ASN1_write_bio 103
-#define PEM_F_PEM_X509_INFO_read 104
-#define PEM_F_PEM_X509_INFO_read_bio 105
-#define PEM_F_PEM_X509_INFO_write_bio 106
-#define PEM_F_PEM_do_header 107
-#define PEM_F_PEM_get_EVP_CIPHER_INFO 108
-#define PEM_F_PEM_read 109
-#define PEM_F_PEM_read_DHparams 110
-#define PEM_F_PEM_read_PrivateKey 111
-#define PEM_F_PEM_read_bio 112
-#define PEM_F_PEM_read_bio_DHparams 113
-#define PEM_F_PEM_read_bio_Parameters 114
-#define PEM_F_PEM_read_bio_PrivateKey 115
-#define PEM_F_PEM_write 116
-#define PEM_F_PEM_write_PrivateKey 117
-#define PEM_F_PEM_write_bio 118
-#define PEM_F_d2i_PKCS8PrivateKey_bio 119
-#define PEM_F_d2i_PKCS8PrivateKey_fp 120
-#define PEM_F_do_pk8pkey 121
-#define PEM_F_do_pk8pkey_fp 122
-#define PEM_F_load_iv 123
#define PEM_R_BAD_BASE64_DECODE 100
#define PEM_R_BAD_DECRYPT 101
#define PEM_R_BAD_END_LINE 102
diff --git a/src/include/openssl/pkcs8.h b/src/include/openssl/pkcs8.h
index 8dc7731..bb6b03c 100644
--- a/src/include/openssl/pkcs8.h
+++ b/src/include/openssl/pkcs8.h
@@ -66,13 +66,15 @@ extern "C" {
#endif
-/* PKCS8_encrypt_pbe serializes and encrypts a PKCS8_PRIV_KEY_INFO with PBES1 as
- * defined in PKCS #5. Only pbeWithSHAAnd128BitRC4,
+/* PKCS8_encrypt_pbe serializes and encrypts a PKCS8_PRIV_KEY_INFO with PBES1 or
+ * PBES2 as defined in PKCS #5. Only pbeWithSHAAnd128BitRC4,
* pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHA1And40BitRC2, defined in PKCS
- * #12, are supported. The |pass_raw_len| bytes pointed to by |pass_raw| are
- * used as the password. Note that any conversions from the password as
- * supplied in a text string (such as those specified in B.1 of PKCS #12) must
- * be performed by the caller.
+ * #12, and PBES2, are supported. PBES2 is selected by setting |cipher| and
+ * passing -1 for |pbe_nid|. Otherwise, PBES1 is used and |cipher| is ignored.
+ *
+ * The |pass_raw_len| bytes pointed to by |pass_raw| are used as the password.
+ * Note that any conversions from the password as supplied in a text string
+ * (such as those specified in B.1 of PKCS #12) must be performed by the caller.
*
* If |salt| is NULL, a random salt of |salt_len| bytes is generated. If
* |salt_len| is zero, a default salt length is used instead.
@@ -83,19 +85,21 @@ extern "C" {
* TODO(davidben): Really? An X509_SIG? OpenSSL probably did that because it has
* the same structure as EncryptedPrivateKeyInfo. */
OPENSSL_EXPORT X509_SIG *PKCS8_encrypt_pbe(int pbe_nid,
+ const EVP_CIPHER *cipher,
const uint8_t *pass_raw,
size_t pass_raw_len,
uint8_t *salt, size_t salt_len,
int iterations,
PKCS8_PRIV_KEY_INFO *p8inf);
-/* PKCS8_decrypt_pbe decrypts and decodes a PKCS8_PRIV_KEY_INFO with PBES1 as
- * defined in PKCS #5. Only pbeWithSHAAnd128BitRC4,
- * pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHA1And40BitRC2, defined in PKCS
- * #12, are supported. The |pass_raw_len| bytes pointed to by |pass_raw| are
- * used as the password. Note that any conversions from the password as
- * supplied in a text string (such as those specified in B.1 of PKCS #12) must
- * be performed by the caller.
+/* PKCS8_decrypt_pbe decrypts and decodes a PKCS8_PRIV_KEY_INFO with PBES1 or
+ * PBES2 as defined in PKCS #5. Only pbeWithSHAAnd128BitRC4,
+ * pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHA1And40BitRC2, and PBES2,
+ * defined in PKCS #12, are supported.
+ *
+ * The |pass_raw_len| bytes pointed to by |pass_raw| are used as the password.
+ * Note that any conversions from the password as supplied in a text string
+ * (such as those specified in B.1 of PKCS #12) must be performed by the caller.
*
* The resulting structure must be freed by the caller. */
OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *PKCS8_decrypt_pbe(X509_SIG *pkcs8,
@@ -105,18 +109,20 @@ OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *PKCS8_decrypt_pbe(X509_SIG *pkcs8,
/* Deprecated functions. */
-/* PKCS8_encrypt calls PKCS8_encrypt_pbe after treating |pass| as an ASCII
- * string, appending U+0000, and converting to UCS-2. (So the empty password
- * encodes as two NUL bytes.) The |cipher| argument is ignored. */
+/* PKCS8_encrypt calls |PKCS8_encrypt_pbe| after (in the PKCS#12 case) treating
+ * |pass| as an ASCII string, appending U+0000, and converting to UCS-2. (So the
+ * empty password encodes as two NUL bytes.) In the PBES2 case, the password is
+ * unchanged. */
OPENSSL_EXPORT X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
const char *pass, int pass_len,
uint8_t *salt, size_t salt_len,
int iterations,
PKCS8_PRIV_KEY_INFO *p8inf);
-/* PKCS8_decrypt calls PKCS8_decrypt_pbe after treating |pass| as an ASCII
- * string, appending U+0000, and converting to UCS-2. (So the empty password
- * encodes as two NUL bytes.) */
+/* PKCS8_decrypt calls PKCS8_decrypt_pbe after (in the PKCS#12 case) treating
+ * |pass| as an ASCII string, appending U+0000, and converting to UCS-2. (So the
+ * empty password encodes as two NUL bytes.) In the PBES2 case, the password is
+ * unchanged. */
OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *pkcs8,
const char *pass,
int pass_len);
@@ -170,24 +176,6 @@ OPENSSL_EXPORT void PKCS12_free(PKCS12 *p12);
} /* extern C */
#endif
-#define PKCS8_F_EVP_PKCS82PKEY 100
-#define PKCS8_F_EVP_PKEY2PKCS8 101
-#define PKCS8_F_PKCS12_get_key_and_certs 102
-#define PKCS8_F_PKCS12_handle_content_info 103
-#define PKCS8_F_PKCS12_handle_content_infos 104
-#define PKCS8_F_PKCS5_pbe2_set_iv 105
-#define PKCS8_F_PKCS5_pbe_set 106
-#define PKCS8_F_PKCS5_pbe_set0_algor 107
-#define PKCS8_F_PKCS5_pbkdf2_set 108
-#define PKCS8_F_PKCS8_decrypt 109
-#define PKCS8_F_PKCS8_encrypt 110
-#define PKCS8_F_PKCS8_encrypt_pbe 111
-#define PKCS8_F_pbe_cipher_init 112
-#define PKCS8_F_pbe_crypt 113
-#define PKCS8_F_pkcs12_item_decrypt_d2i 114
-#define PKCS8_F_pkcs12_item_i2d_encrypt 115
-#define PKCS8_F_pkcs12_key_gen_raw 116
-#define PKCS8_F_pkcs12_pbe_keyivgen 117
#define PKCS8_R_BAD_PKCS12_DATA 100
#define PKCS8_R_BAD_PKCS12_VERSION 101
#define PKCS8_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 102
@@ -213,5 +201,11 @@ OPENSSL_EXPORT void PKCS12_free(PKCS12 *p12);
#define PKCS8_R_UNKNOWN_DIGEST 122
#define PKCS8_R_UNKNOWN_HASH 123
#define PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 124
+#define PKCS8_R_UNSUPPORTED_KEYLENGTH 125
+#define PKCS8_R_UNSUPPORTED_SALT_TYPE 126
+#define PKCS8_R_UNSUPPORTED_CIPHER 127
+#define PKCS8_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 128
+#define PKCS8_R_BAD_ITERATION_COUNT 129
+#define PKCS8_R_UNSUPPORTED_PRF 130
#endif /* OPENSSL_HEADER_PKCS8_H */
diff --git a/src/include/openssl/poly1305.h b/src/include/openssl/poly1305.h
index aa90486..0da9f6e 100644
--- a/src/include/openssl/poly1305.h
+++ b/src/include/openssl/poly1305.h
@@ -22,22 +22,25 @@ extern "C" {
#endif
-typedef unsigned char poly1305_state[512];
+typedef uint8_t poly1305_state[512];
/* poly1305_init sets up |state| so that it can be used to calculate an
* authentication tag with the one-time key |key|. Note that |key| is a
* one-time key and therefore there is no `reset' method because that would
* enable several messages to be authenticated with the same key. */
-extern void CRYPTO_poly1305_init(poly1305_state* state, const uint8_t key[32]);
+OPENSSL_EXPORT void CRYPTO_poly1305_init(poly1305_state* state,
+ const uint8_t key[32]);
/* poly1305_update processes |in_len| bytes from |in|. It can be called zero or
* more times after poly1305_init. */
-extern void CRYPTO_poly1305_update(poly1305_state* state, const uint8_t* in,
- size_t in_len);
+OPENSSL_EXPORT void CRYPTO_poly1305_update(poly1305_state* state,
+ const uint8_t* in,
+ size_t in_len);
/* poly1305_finish completes the poly1305 calculation and writes a 16 byte
* authentication tag to |mac|. The |mac| address must be 16-byte aligned. */
-extern void CRYPTO_poly1305_finish(poly1305_state* state, uint8_t mac[16]);
+OPENSSL_EXPORT void CRYPTO_poly1305_finish(poly1305_state* state,
+ uint8_t mac[16]);
#if defined(__cplusplus)
diff --git a/src/include/openssl/rand.h b/src/include/openssl/rand.h
index 300bf42..de1bd8d 100644
--- a/src/include/openssl/rand.h
+++ b/src/include/openssl/rand.h
@@ -33,6 +33,36 @@ OPENSSL_EXPORT int RAND_bytes(uint8_t *buf, size_t len);
OPENSSL_EXPORT void RAND_cleanup(void);
+/* Obscure functions. */
+
+#if !defined(OPENSSL_WINDOWS)
+/* RAND_set_urandom_fd causes the module to use a copy of |fd| for system
+ * randomness rather opening /dev/urandom internally. The caller retains
+ * ownership of |fd| and is at liberty to close it at any time. This is useful
+ * if, due to a sandbox, /dev/urandom isn't available. If used, it must be
+ * called before the first call to |RAND_bytes|, and it is mutually exclusive
+ * with |RAND_enable_fork_unsafe_buffering|.
+ *
+ * |RAND_set_urandom_fd| does not buffer any entropy, so it is safe to call
+ * |fork| at any time after calling |RAND_set_urandom_fd|. */
+OPENSSL_EXPORT void RAND_set_urandom_fd(int fd);
+
+/* RAND_enable_fork_unsafe_buffering enables efficient buffered reading of
+ * /dev/urandom. It adds an overhead of a few KB of memory per thread. It must
+ * be called before the first call to |RAND_bytes| and it is mutually exclusive
+ * with calls to |RAND_set_urandom_fd|.
+ *
+ * If |fd| is non-negative then a copy of |fd| will be used rather than opening
+ * /dev/urandom internally. Like |RAND_set_urandom_fd|, the caller retains
+ * ownership of |fd|. If |fd| is negative then /dev/urandom will be opened and
+ * any error from open(2) crashes the address space.
+ *
+ * It has an unusual name because the buffer is unsafe across calls to |fork|.
+ * Hence, this function should never be called by libraries. */
+OPENSSL_EXPORT void RAND_enable_fork_unsafe_buffering(int fd);
+#endif
+
+
/* Deprecated functions */
/* RAND_pseudo_bytes is a wrapper around |RAND_bytes|. */
@@ -47,12 +77,33 @@ OPENSSL_EXPORT int RAND_load_file(const char *path, long num);
/* RAND_add does nothing. */
OPENSSL_EXPORT void RAND_add(const void *buf, int num, double entropy);
+/* RAND_egd returns 255. */
+OPENSSL_EXPORT int RAND_egd(const char *);
+
/* RAND_poll returns one. */
OPENSSL_EXPORT int RAND_poll(void);
/* RAND_status returns one. */
OPENSSL_EXPORT int RAND_status(void);
+/* rand_meth_st is typedefed to |RAND_METHOD| in base.h. It isn't used; it
+ * exists only to be the return type of |RAND_SSLeay|. It's
+ * external so that variables of this type can be initialized. */
+struct rand_meth_st {
+ void (*seed) (const void *buf, int num);
+ int (*bytes) (uint8_t *buf, size_t num);
+ void (*cleanup) (void);
+ void (*add) (const void *buf, int num, double entropy);
+ int (*pseudorand) (uint8_t *buf, size_t num);
+ int (*status) (void);
+};
+
+/* RAND_SSLeay returns a pointer to a dummy |RAND_METHOD|. */
+OPENSSL_EXPORT RAND_METHOD *RAND_SSLeay(void);
+
+/* RAND_set_rand_method does nothing. */
+OPENSSL_EXPORT void RAND_set_rand_method(const RAND_METHOD *);
+
#if defined(__cplusplus)
} /* extern C */
diff --git a/src/include/openssl/rsa.h b/src/include/openssl/rsa.h
index 9b415d7..2be50dc 100644
--- a/src/include/openssl/rsa.h
+++ b/src/include/openssl/rsa.h
@@ -59,6 +59,7 @@
#include <openssl/base.h>
+#include <openssl/asn1.h>
#include <openssl/engine.h>
#include <openssl/ex_data.h>
#include <openssl/thread.h>
@@ -100,6 +101,12 @@ OPENSSL_EXPORT int RSA_up_ref(RSA *rsa);
OPENSSL_EXPORT int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
BN_GENCB *cb);
+/* RSA_generate_multi_prime_key acts like |RSA_generate_key_ex| but can
+ * generate an RSA private key with more than two primes. */
+OPENSSL_EXPORT int RSA_generate_multi_prime_key(RSA *rsa, int bits,
+ int num_primes, BIGNUM *e,
+ BN_GENCB *cb);
+
/* Encryption / Decryption */
@@ -240,7 +247,7 @@ OPENSSL_EXPORT int RSA_verify_raw(RSA *rsa, size_t *out_len, uint8_t *out,
OPENSSL_EXPORT int RSA_private_encrypt(int flen, const uint8_t *from,
uint8_t *to, RSA *rsa, int padding);
-/* RSA_private_encrypt verifies |flen| bytes of signature from |from| using the
+/* RSA_public_decrypt verifies |flen| bytes of signature from |from| using the
* public key in |rsa| and writes the plaintext to |to|. The |to| buffer must
* have at least |RSA_size| bytes of space. It returns the number of bytes
* written, or -1 on error. The |padding| argument must be one of the
@@ -266,7 +273,7 @@ OPENSSL_EXPORT int RSA_is_opaque(const RSA *rsa);
* of type |md|. Otherwise it returns zero. */
OPENSSL_EXPORT int RSA_supports_digest(const RSA *rsa, const EVP_MD *md);
-/* RSAPublicKey_dup allocates a fresh |RSA| and copies the private key from
+/* RSAPublicKey_dup allocates a fresh |RSA| and copies the public key from
* |rsa| into it. It returns the fresh |RSA| object, or NULL on error. */
OPENSSL_EXPORT RSA *RSAPublicKey_dup(const RSA *rsa);
@@ -315,36 +322,63 @@ OPENSSL_EXPORT int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, uint8_t *EM,
const EVP_MD *mgf1Hash,
int sLen);
+/* RSA_add_pkcs1_prefix builds a version of |msg| prefixed with the DigestInfo
+ * header for the given hash function and sets |out_msg| to point to it. On
+ * successful return, |*out_msg| may be allocated memory and, if so,
+ * |*is_alloced| will be 1. */
+OPENSSL_EXPORT int RSA_add_pkcs1_prefix(uint8_t **out_msg, size_t *out_msg_len,
+ int *is_alloced, int hash_nid,
+ const uint8_t *msg, size_t msg_len);
-/* ASN.1 functions. */
-/* d2i_RSAPublicKey parses an ASN.1, DER-encoded, RSA public key from |len|
- * bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result
- * is in |*out|. If |*out| is already non-NULL on entry then the result is
- * written directly into |*out|, otherwise a fresh |RSA| is allocated. On
- * successful exit, |*inp| is advanced past the DER structure. It returns the
- * result or NULL on error. */
-OPENSSL_EXPORT RSA *d2i_RSAPublicKey(RSA **out, const uint8_t **inp, long len);
-
-/* i2d_RSAPublicKey marshals |in| to an ASN.1, DER structure. If |outp| is not
- * NULL then the result is written to |*outp| and |*outp| is advanced just past
- * the output. It returns the number of bytes in the result, whether written or
- * not, or a negative value on error. */
-OPENSSL_EXPORT int i2d_RSAPublicKey(const RSA *in, uint8_t **outp);
-
-/* d2i_RSAPrivateKey parses an ASN.1, DER-encoded, RSA private key from |len|
- * bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result
- * is in |*out|. If |*out| is already non-NULL on entry then the result is
- * written directly into |*out|, otherwise a fresh |RSA| is allocated. On
- * successful exit, |*inp| is advanced past the DER structure. It returns the
- * result or NULL on error. */
-OPENSSL_EXPORT RSA *d2i_RSAPrivateKey(RSA **out, const uint8_t **inp, long len);
+/* ASN.1 functions. */
-/* i2d_RSAPrivateKey marshals |in| to an ASN.1, DER structure. If |outp| is not
- * NULL then the result is written to |*outp| and |*outp| is advanced just past
- * the output. It returns the number of bytes in the result, whether written or
- * not, or a negative value on error. */
-OPENSSL_EXPORT int i2d_RSAPrivateKey(const RSA *in, uint8_t **outp);
+/* RSA_parse_public_key parses a DER-encoded RSAPublicKey structure (RFC 3447)
+ * from |cbs| and advances |cbs|. It returns a newly-allocated |RSA| or NULL on
+ * error. */
+OPENSSL_EXPORT RSA *RSA_parse_public_key(CBS *cbs);
+
+/* RSA_parse_public_key_buggy behaves like |RSA_parse_public_key|, but it
+ * tolerates some invalid encodings. Do not use this function. */
+OPENSSL_EXPORT RSA *RSA_parse_public_key_buggy(CBS *cbs);
+
+/* RSA_public_key_from_bytes parses |in| as a DER-encoded RSAPublicKey structure
+ * (RFC 3447). It returns a newly-allocated |RSA| or NULL on error. */
+OPENSSL_EXPORT RSA *RSA_public_key_from_bytes(const uint8_t *in, size_t in_len);
+
+/* RSA_marshal_public_key marshals |rsa| as a DER-encoded RSAPublicKey structure
+ * (RFC 3447) and appends the result to |cbb|. It returns one on success and
+ * zero on failure. */
+OPENSSL_EXPORT int RSA_marshal_public_key(CBB *cbb, const RSA *rsa);
+
+/* RSA_public_key_to_bytes marshals |rsa| as a DER-encoded RSAPublicKey
+ * structure (RFC 3447) and, on success, sets |*out_bytes| to a newly allocated
+ * buffer containing the result and returns one. Otherwise, it returns zero. The
+ * result should be freed with |OPENSSL_free|. */
+OPENSSL_EXPORT int RSA_public_key_to_bytes(uint8_t **out_bytes, size_t *out_len,
+ const RSA *rsa);
+
+/* RSA_parse_private_key parses a DER-encoded RSAPrivateKey structure (RFC 3447)
+ * from |cbs| and advances |cbs|. It returns a newly-allocated |RSA| or NULL on
+ * error. */
+OPENSSL_EXPORT RSA *RSA_parse_private_key(CBS *cbs);
+
+/* RSA_private_key_from_bytes parses |in| as a DER-encoded RSAPrivateKey
+ * structure (RFC 3447). It returns a newly-allocated |RSA| or NULL on error. */
+OPENSSL_EXPORT RSA *RSA_private_key_from_bytes(const uint8_t *in,
+ size_t in_len);
+
+/* RSA_marshal_private_key marshals |rsa| as a DER-encoded RSAPrivateKey
+ * structure (RFC 3447) and appends the result to |cbb|. It returns one on
+ * success and zero on failure. */
+OPENSSL_EXPORT int RSA_marshal_private_key(CBB *cbb, const RSA *rsa);
+
+/* RSA_private_key_to_bytes marshals |rsa| as a DER-encoded RSAPrivateKey
+ * structure (RFC 3447) and, on success, sets |*out_bytes| to a newly allocated
+ * buffer containing the result and returns one. Otherwise, it returns zero. The
+ * result should be freed with |OPENSSL_free|. */
+OPENSSL_EXPORT int RSA_private_key_to_bytes(uint8_t **out_bytes,
+ size_t *out_len, const RSA *rsa);
/* ex_data functions.
@@ -358,6 +392,9 @@ OPENSSL_EXPORT int RSA_get_ex_new_index(long argl, void *argp,
OPENSSL_EXPORT int RSA_set_ex_data(RSA *r, int idx, void *arg);
OPENSSL_EXPORT void *RSA_get_ex_data(const RSA *r, int idx);
+
+/* Flags. */
+
/* RSA_FLAG_OPAQUE specifies that this RSA_METHOD does not expose its key
* material. This may be set if, for instance, it is wrapping some other crypto
* API, like a platform key store. */
@@ -395,6 +432,50 @@ OPENSSL_EXPORT void *RSA_get_ex_data(const RSA *r, int idx);
/* RSA_blinding_on returns one. */
OPENSSL_EXPORT int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
+/* RSA_generate_key behaves like |RSA_generate_key_ex|, which is what you
+ * should use instead. It returns NULL on error, or a newly-allocated |RSA| on
+ * success. This function is provided for compatibility only. The |callback|
+ * and |cb_arg| parameters must be NULL. */
+OPENSSL_EXPORT RSA *RSA_generate_key(int bits, unsigned long e, void *callback,
+ void *cb_arg);
+
+/* d2i_RSAPublicKey parses an ASN.1, DER-encoded, RSA public key from |len|
+ * bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result
+ * is in |*out|. If |*out| is already non-NULL on entry then the result is
+ * written directly into |*out|, otherwise a fresh |RSA| is allocated. On
+ * successful exit, |*inp| is advanced past the DER structure. It returns the
+ * result or NULL on error. */
+OPENSSL_EXPORT RSA *d2i_RSAPublicKey(RSA **out, const uint8_t **inp, long len);
+
+/* i2d_RSAPublicKey marshals |in| to an ASN.1, DER structure. If |outp| is not
+ * NULL then the result is written to |*outp| and |*outp| is advanced just past
+ * the output. It returns the number of bytes in the result, whether written or
+ * not, or a negative value on error. */
+OPENSSL_EXPORT int i2d_RSAPublicKey(const RSA *in, uint8_t **outp);
+
+/* d2i_RSAPrivateKey parses an ASN.1, DER-encoded, RSA private key from |len|
+ * bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result
+ * is in |*out|. If |*out| is already non-NULL on entry then the result is
+ * written directly into |*out|, otherwise a fresh |RSA| is allocated. On
+ * successful exit, |*inp| is advanced past the DER structure. It returns the
+ * result or NULL on error. */
+OPENSSL_EXPORT RSA *d2i_RSAPrivateKey(RSA **out, const uint8_t **inp, long len);
+
+/* i2d_RSAPrivateKey marshals |in| to an ASN.1, DER structure. If |outp| is not
+ * NULL then the result is written to |*outp| and |*outp| is advanced just past
+ * the output. It returns the number of bytes in the result, whether written or
+ * not, or a negative value on error. */
+OPENSSL_EXPORT int i2d_RSAPrivateKey(const RSA *in, uint8_t **outp);
+
+typedef struct rsa_pss_params_st {
+ X509_ALGOR *hashAlgorithm;
+ X509_ALGOR *maskGenAlgorithm;
+ ASN1_INTEGER *saltLength;
+ ASN1_INTEGER *trailerField;
+} RSA_PSS_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
+
struct rsa_meth_st {
struct openssl_method_common_st common;
@@ -450,6 +531,9 @@ struct rsa_meth_st {
int (*keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+ int (*multi_prime_keygen)(RSA *rsa, int bits, int num_primes, BIGNUM *e,
+ BN_GENCB *cb);
+
/* supports_digest returns one if |rsa| supports digests of type
* |md|. If null, it is assumed that all digests are supported. */
int (*supports_digest)(const RSA *rsa, const EVP_MD *md);
@@ -461,8 +545,6 @@ struct rsa_meth_st {
typedef struct bn_blinding_st BN_BLINDING;
struct rsa_st {
- /* version is only used during ASN.1 (de)serialisation. */
- long version;
RSA_METHOD *meth;
BIGNUM *n;
@@ -473,6 +555,9 @@ struct rsa_st {
BIGNUM *dmp1;
BIGNUM *dmq1;
BIGNUM *iqmp;
+
+ STACK_OF(RSA_additional_prime) *additional_primes;
+
/* be careful using this if the RSA structure is shared */
CRYPTO_EX_DATA ex_data;
CRYPTO_refcount_t references;
@@ -502,34 +587,6 @@ struct rsa_st {
} /* extern C */
#endif
-#define RSA_F_BN_BLINDING_convert_ex 100
-#define RSA_F_BN_BLINDING_create_param 101
-#define RSA_F_BN_BLINDING_invert_ex 102
-#define RSA_F_BN_BLINDING_new 103
-#define RSA_F_BN_BLINDING_update 104
-#define RSA_F_RSA_check_key 105
-#define RSA_F_RSA_new_method 106
-#define RSA_F_RSA_padding_add_PKCS1_OAEP_mgf1 107
-#define RSA_F_RSA_padding_add_PKCS1_PSS_mgf1 108
-#define RSA_F_RSA_padding_add_PKCS1_type_1 109
-#define RSA_F_RSA_padding_add_PKCS1_type_2 110
-#define RSA_F_RSA_padding_add_none 111
-#define RSA_F_RSA_padding_check_PKCS1_OAEP_mgf1 112
-#define RSA_F_RSA_padding_check_PKCS1_type_1 113
-#define RSA_F_RSA_padding_check_PKCS1_type_2 114
-#define RSA_F_RSA_padding_check_none 115
-#define RSA_F_RSA_recover_crt_params 116
-#define RSA_F_RSA_sign 117
-#define RSA_F_RSA_verify 118
-#define RSA_F_RSA_verify_PKCS1_PSS_mgf1 119
-#define RSA_F_decrypt 120
-#define RSA_F_encrypt 121
-#define RSA_F_keygen 122
-#define RSA_F_pkcs1_prefixed_msg 123
-#define RSA_F_private_transform 124
-#define RSA_F_rsa_setup_blinding 125
-#define RSA_F_sign_raw 126
-#define RSA_F_verify_raw 127
#define RSA_R_BAD_E_VALUE 100
#define RSA_R_BAD_FIXED_HEADER_DECRYPT 101
#define RSA_R_BAD_PAD_BYTE_COUNT 102
@@ -571,5 +628,10 @@ struct rsa_st {
#define RSA_R_UNKNOWN_PADDING_TYPE 138
#define RSA_R_VALUE_MISSING 139
#define RSA_R_WRONG_SIGNATURE_LENGTH 140
+#define RSA_R_MUST_HAVE_AT_LEAST_TWO_PRIMES 141
+#define RSA_R_CANNOT_RECOVER_MULTI_PRIME_KEY 142
+#define RSA_R_BAD_ENCODING 143
+#define RSA_R_ENCODE_ERROR 144
+#define RSA_R_BAD_VERSION 145
#endif /* OPENSSL_HEADER_RSA_H */
diff --git a/src/include/openssl/srtp.h b/src/include/openssl/srtp.h
index 3f5a53e..39f6a85 100644
--- a/src/include/openssl/srtp.h
+++ b/src/include/openssl/srtp.h
@@ -1,178 +1,18 @@
-/* ssl/tls1.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/* Copyright (c) 2015, Google Inc.
*
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/*
- DTLS code by Eric Rescorla <ekr@rtfm.com>
-
- Copyright (C) 2006, Network Resonance, Inc.
- Copyright (C) 2011, RTFM, Inc.
-*/
-
-#ifndef OPENSSL_HEADER_SRTP_H
-#define OPENSSL_HEADER_SRTP_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-
-/* Constants for SRTP profiles */
-#define SRTP_AES128_CM_SHA1_80 0x0001
-#define SRTP_AES128_CM_SHA1_32 0x0002
-#define SRTP_AES128_F8_SHA1_80 0x0003
-#define SRTP_AES128_F8_SHA1_32 0x0004
-#define SRTP_NULL_SHA1_80 0x0005
-#define SRTP_NULL_SHA1_32 0x0006
-
-/* SSL_CTX_set_srtp_profiles enables SRTP for all SSL objects created from
- * |ctx|. |profile| contains a colon-separated list of profile names. It returns
- * one on success and zero on failure. */
-OPENSSL_EXPORT int SSL_CTX_set_srtp_profiles(SSL_CTX *ctx,
- const char *profiles);
-
-/* SSL_set_srtp_profiles enables SRTP for |ssl|. |profile| contains a
- * colon-separated list of profile names. It returns one on success and zero on
- * failure. */
-OPENSSL_EXPORT int SSL_set_srtp_profiles(SSL *ctx, const char *profiles);
-
-/* SSL_get_srtp_profiles returns the SRTP profiles supported by |ssl|. */
-OPENSSL_EXPORT STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(
- SSL *ssl);
-
-/* SSL_get_selected_srtp_profile returns the selected SRTP profile, or NULL if
- * SRTP was not negotiated. */
-OPENSSL_EXPORT const SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(
- SSL *s);
-
-
-/* Deprecated functions */
-
-/* SSL_CTX_set_tlsext_use_srtp calls SSL_CTX_set_srtp_profiles. It returns zero
- * on success and one on failure.
- *
- * WARNING: this function is dangerous because it breaks the usual return value
- * convention. Use SSL_CTX_set_srtp_profiles instead. */
-OPENSSL_EXPORT int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx,
- const char *profiles);
-
-/* SSL_set_tlsext_use_srtp calls SSL_set_srtp_profiles. It returns zero on
- * success and one on failure.
- *
- * WARNING: this function is dangerous because it breaks the usual return value
- * convention. Use SSL_set_srtp_profiles instead. */
-OPENSSL_EXPORT int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles);
-
-
-#ifdef __cplusplus
-} /* extern C */
-#endif
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
-#endif /* OPENSSL_HEADER_SRTP_H */
+/* This header is provided in order to make compiling against code that expects
+ OpenSSL easier. */
+#include "ssl.h"
diff --git a/src/include/openssl/ssl.h b/src/include/openssl/ssl.h
index 217dbaf..24bdf8e 100644
--- a/src/include/openssl/ssl.h
+++ b/src/include/openssl/ssl.h
@@ -179,32 +179,9 @@ extern "C" {
OPENSSL_EXPORT int SSL_library_init(void);
-/* Cipher suites. */
-
-/* An SSL_CIPHER represents a cipher suite. */
-typedef struct ssl_cipher_st {
- /* name is the OpenSSL name for the cipher. */
- const char *name;
- /* id is the cipher suite value bitwise OR-d with 0x03000000. */
- uint32_t id;
-
- /* The following are internal fields. See ssl/internal.h for their values. */
-
- uint32_t algorithm_mkey;
- uint32_t algorithm_auth;
- uint32_t algorithm_enc;
- uint32_t algorithm_mac;
- uint32_t algorithm_ssl;
- uint32_t algo_strength;
-
- /* algorithm2 contains extra flags. See ssl/internal.h. */
- uint32_t algorithm2;
-
- /* strength_bits is the strength of the cipher in bits. */
- int strength_bits;
- /* alg_bits is the number of bits of key material used by the algorithm. */
- int alg_bits;
-} SSL_CIPHER;
+/* Cipher suites.
+ *
+ * |SSL_CIPHER| objects represent cipher suites. */
DECLARE_STACK_OF(SSL_CIPHER)
@@ -231,6 +208,15 @@ OPENSSL_EXPORT int SSL_CIPHER_is_AESGCM(const SSL_CIPHER *cipher);
* CHACHA20_POLY1305. */
OPENSSL_EXPORT int SSL_CIPHER_is_CHACHA20POLY1305(const SSL_CIPHER *cipher);
+/* SSL_CIPHER_is_NULL returns one if |cipher| does not encrypt. */
+OPENSSL_EXPORT int SSL_CIPHER_is_NULL(const SSL_CIPHER *cipher);
+
+/* SSL_CIPHER_is_RC4 returns one if |cipher| uses RC4. */
+OPENSSL_EXPORT int SSL_CIPHER_is_RC4(const SSL_CIPHER *cipher);
+
+/* SSL_CIPHER_is_block_cipher returns one if |cipher| is a block cipher. */
+OPENSSL_EXPORT int SSL_CIPHER_is_block_cipher(const SSL_CIPHER *cipher);
+
/* SSL_CIPHER_get_name returns the OpenSSL name of |cipher|. */
OPENSSL_EXPORT const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
@@ -251,10 +237,15 @@ OPENSSL_EXPORT int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher,
int *out_alg_bits);
-/* SSL contexts. */
-
-/* An SSL_METHOD selects whether to use TLS or DTLS. */
-typedef struct ssl_method_st SSL_METHOD;
+/* SSL contexts.
+ *
+ * |SSL_CTX| objects manage shared state and configuration between multiple TLS
+ * or DTLS connections. Whether the connections are TLS or DTLS is selected by
+ * an |SSL_METHOD| on creation.
+ *
+ * |SSL_CTX| are reference-counted and may be shared by connections across
+ * multiple threads. Once shared, functions which change the |SSL_CTX|'s
+ * configuration may not be used. */
/* TLS_method is the |SSL_METHOD| used for TLS (and SSLv3) connections. */
OPENSSL_EXPORT const SSL_METHOD *TLS_method(void);
@@ -263,20 +254,22 @@ OPENSSL_EXPORT const SSL_METHOD *TLS_method(void);
OPENSSL_EXPORT const SSL_METHOD *DTLS_method(void);
/* SSL_CTX_new returns a newly-allocated |SSL_CTX| with default settings or NULL
- * on error. An |SSL_CTX| manages shared state and configuration between
- * multiple TLS or DTLS connections. */
+ * on error. */
OPENSSL_EXPORT SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
/* SSL_CTX_free releases memory associated with |ctx|. */
OPENSSL_EXPORT void SSL_CTX_free(SSL_CTX *ctx);
-/* SSL connections. */
+/* SSL connections.
+ *
+ * An |SSL| object represents a single TLS or DTLS connection. Although the
+ * shared |SSL_CTX| is thread-safe, an |SSL| is not thread-safe and may only be
+ * used on one thread at a time. */
-/* SSL_new returns a newly-allocated |SSL| using |ctx| or NULL on error. An
- * |SSL| object represents a single TLS or DTLS connection. It inherits settings
- * from |ctx| at the time of creation. Settings may also be individually
- * configured on the connection.
+/* SSL_new returns a newly-allocated |SSL| using |ctx| or NULL on error. The new
+ * connection inherits settings from |ctx| at the time of creation. Settings may
+ * also be individually configured on the connection.
*
* On creation, an |SSL| is not configured to be either a client or server. Call
* |SSL_set_connect_state| or |SSL_set_accept_state| to set this. */
@@ -291,9 +284,183 @@ OPENSSL_EXPORT void SSL_set_connect_state(SSL *ssl);
/* SSL_set_accept_state configures |ssl| to be a server. */
OPENSSL_EXPORT void SSL_set_accept_state(SSL *ssl);
+/* SSL_is_server returns one if |ssl| is configured as a server and zero
+ * otherwise. */
+OPENSSL_EXPORT int SSL_is_server(SSL *ssl);
+
+/* SSL_set_bio configures |ssl| to read from |rbio| and write to |wbio|. |ssl|
+ * takes ownership of the two |BIO|s. If |rbio| and |wbio| are the same, |ssl|
+ * only takes ownership of one reference.
+ *
+ * Calling this function on an already-configured |ssl| is deprecated. */
+OPENSSL_EXPORT void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);
+
+/* SSL_get_rbio returns the |BIO| that |ssl| reads from. */
+OPENSSL_EXPORT BIO *SSL_get_rbio(const SSL *ssl);
+
+/* SSL_get_wbio returns the |BIO| that |ssl| writes to. */
+OPENSSL_EXPORT BIO *SSL_get_wbio(const SSL *ssl);
+
+/* SSL_do_handshake continues the current handshake. If there is none or the
+ * handshake has completed or False Started, it returns one. Otherwise, it
+ * returns <= 0. The caller should pass the value into |SSL_get_error| to
+ * determine how to proceed.
+ *
+ * TODO(davidben): Ensure 0 is only returned on transport EOF.
+ * https://crbug.com/466303. */
+OPENSSL_EXPORT int SSL_do_handshake(SSL *ssl);
+
+/* SSL_connect configures |ssl| as a client, if unconfigured, and calls
+ * |SSL_do_handshake|. */
+OPENSSL_EXPORT int SSL_connect(SSL *ssl);
+
+/* SSL_accept configures |ssl| as a server, if unconfigured, and calls
+ * |SSL_do_handshake|. */
+OPENSSL_EXPORT int SSL_accept(SSL *ssl);
+
+/* SSL_read reads up to |num| bytes from |ssl| into |buf|. It implicitly runs
+ * any pending handshakes, including renegotiations when enabled. On success, it
+ * returns the number of bytes read. Otherwise, it returns <= 0. The caller
+ * should pass the value into |SSL_get_error| to determine how to proceed.
+ *
+ * TODO(davidben): Ensure 0 is only returned on transport EOF.
+ * https://crbug.com/466303. */
+OPENSSL_EXPORT int SSL_read(SSL *ssl, void *buf, int num);
+
+/* SSL_peek behaves like |SSL_read| but does not consume any bytes returned. */
+OPENSSL_EXPORT int SSL_peek(SSL *ssl, void *buf, int num);
+
+/* SSL_write writes up to |num| bytes from |buf| into |ssl|. It implicitly runs
+ * any pending handshakes, including renegotiations when enabled. On success, it
+ * returns the number of bytes read. Otherwise, it returns <= 0. The caller
+ * should pass the value into |SSL_get_error| to determine how to proceed.
+ *
+ * A non-blocking |SSL_write| differs from non-blocking |write| in that a failed
+ * |SSL_write| still commits to the data passed in. When retrying, the caller
+ * must supply the original write buffer (or a larger one containing the
+ * original as a prefix). By default, retries will fail if they also do not
+ * reuse the same |buf| pointer. This may be relaxed with
+ * |SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER|, but the buffer contents still must be
+ * unchanged.
+ *
+ * By default, |SSL_write| will not return success until all |num| bytes are
+ * written. This may be relaxed with |SSL_MODE_ENABLE_PARTIAL_WRITE|. It allows
+ * |SSL_write| to complete with a partial result when only part of the input was
+ * written in a single record.
+ *
+ * TODO(davidben): Ensure 0 is only returned on transport EOF.
+ * https://crbug.com/466303. */
+OPENSSL_EXPORT int SSL_write(SSL *ssl, const void *buf, int num);
+
+/* SSL_shutdown shuts down |ssl|. On success, it completes in two stages. First,
+ * it returns 0 if |ssl| completed uni-directional shutdown; close_notify has
+ * been sent, but the peer's close_notify has not been received. Most callers
+ * may stop at this point. For bi-directional shutdown, call |SSL_shutdown|
+ * again. It returns 1 if close_notify has been both sent and received.
+ *
+ * If the peer's close_notify arrived first, the first stage is skipped.
+ * |SSL_shutdown| will return 1 once close_notify is sent and skip 0. Callers
+ * only interested in uni-directional shutdown must therefore allow for the
+ * first stage returning either 0 or 1.
+ *
+ * |SSL_shutdown| returns -1 on failure. The caller should pass the return value
+ * into |SSL_get_error| to determine how to proceed. If the underlying |BIO| is
+ * non-blocking, both stages may require retry.
+ *
+ * |SSL_shutdown| must be called to retain |ssl|'s session in the session
+ * cache. Use |SSL_CTX_set_quiet_shutdown| to configure |SSL_shutdown| to
+ * neither send nor wait for close_notify but still retain the session.
+ *
+ * TODO(davidben): Is there any point in the session cache interaction? Remove
+ * it? */
+OPENSSL_EXPORT int SSL_shutdown(SSL *ssl);
+
+/* SSL_get_error returns a |SSL_ERROR_*| value for the most recent operation on
+ * |ssl|. It should be called after an operation failed to determine. */
+OPENSSL_EXPORT int SSL_get_error(const SSL *ssl, int ret_code);
+
+/* SSL_ERROR_NONE indicates the operation succeeded. */
+#define SSL_ERROR_NONE 0
+
+/* SSL_ERROR_SSL indicates the operation failed within the library. The caller
+ * may inspect the error queue for more information. */
+#define SSL_ERROR_SSL 1
+
+/* SSL_ERROR_WANT_READ indicates the operation failed attempting to read from
+ * the transport. The caller may retry the operation when the transport is ready
+ * for reading. */
+#define SSL_ERROR_WANT_READ 2
+
+/* SSL_ERROR_WANT_READ indicates the operation failed attempting to write to
+ * the transport. The caller may retry the operation when the transport is ready
+ * for writing. */
+#define SSL_ERROR_WANT_WRITE 3
+
+/* SSL_ERROR_WANT_X509_LOOKUP indicates the operation failed in calling the
+ * |cert_cb| or |client_cert_cb|. The caller may retry the operation when the
+ * callback is ready to return a certificate or one has been configured
+ * externally.
+ *
+ * See also |SSL_CTX_set_cert_cb| and |SSL_CTX_set_client_cert_cb|. */
+#define SSL_ERROR_WANT_X509_LOOKUP 4
+
+/* SSL_ERROR_WANT_SYSCALL indicates the operation failed externally to the
+ * library. The caller should consult the system-specific error mechanism. This
+ * is typically |errno| but may be something custom if using a custom |BIO|. It
+ * may also be signaled if the transport returned EOF, in which case the
+ * operation's return value will be zero. */
+#define SSL_ERROR_SYSCALL 5
+
+/* SSL_ERROR_ZERO_RETURN indicates the operation failed because the connection
+ * was cleanly shut down with a close_notify alert. */
+#define SSL_ERROR_ZERO_RETURN 6
+
+/* SSL_ERROR_WANT_CONNECT indicates the operation failed attempting to connect
+ * the transport (the |BIO| signaled |BIO_RR_CONNECT|). The caller may retry the
+ * operation when the transport is ready. */
+#define SSL_ERROR_WANT_CONNECT 7
+
+/* SSL_ERROR_WANT_ACCEPT indicates the operation failed attempting to accept a
+ * connection from the transport (the |BIO| signaled |BIO_RR_ACCEPT|). The
+ * caller may retry the operation when the transport is ready.
+ *
+ * TODO(davidben): Remove this. It's used by accept BIOs which are bizarre. */
+#define SSL_ERROR_WANT_ACCEPT 8
+
+/* SSL_ERROR_WANT_CHANNEL_ID_LOOKUP indicates the operation failed looking up
+ * the Channel ID key. The caller may retry the operation when |channel_id_cb|
+ * is ready to return a key or one has been configured with
+ * |SSL_set1_tls_channel_id|.
+ *
+ * See also |SSL_CTX_set_channel_id_cb|. */
+#define SSL_ERROR_WANT_CHANNEL_ID_LOOKUP 9
+
+/* SSL_ERROR_PENDING_SESSION indicates the operation failed because the session
+ * lookup callback indicated the session was unavailable. The caller may retry
+ * the operation when lookup has completed.
+ *
+ * See also |SSL_CTX_sess_set_get_cb| and |SSL_magic_pending_session_ptr|. */
+#define SSL_ERROR_PENDING_SESSION 11
+
+/* SSL_ERROR_PENDING_CERTIFICATE indicates the operation failed because the
+ * early callback indicated certificate lookup was incomplete. The caller may
+ * retry the operation when lookup has completed. Note: when the operation is
+ * retried, the early callback will not be called a second time.
+ *
+ * See also |select_certificate_cb| on |SSL_CTX|. */
+#define SSL_ERROR_PENDING_CERTIFICATE 12
+
+/* SSL_ERROR_WANT_PRIVATE_KEY_OPERATION indicates the operation failed because
+ * a private key operation was unfinished. The caller may retry the operation
+ * when the private key operation is complete.
+ *
+ * See also |SSL_set_private_key_method|. */
+#define SSL_ERROR_WANT_PRIVATE_KEY_OPERATION 13
+
/* Protocol versions. */
+#define DTLS1_VERSION_MAJOR 0xfe
#define SSL3_VERSION_MAJOR 0x03
#define SSL3_VERSION 0x0300
@@ -320,6 +487,11 @@ OPENSSL_EXPORT void SSL_set_min_version(SSL *ssl, uint16_t version);
* |version|. */
OPENSSL_EXPORT void SSL_set_max_version(SSL *ssl, uint16_t version);
+/* SSL_version returns the TLS or DTLS protocol version used by |ssl|, which is
+ * one of the |*_VERSION| values. (E.g. |TLS1_2_VERSION|.) Before the version
+ * is negotiated, the result is undefined. */
+OPENSSL_EXPORT int SSL_version(const SSL *ssl);
+
/* Options.
*
@@ -346,41 +518,14 @@ OPENSSL_EXPORT void SSL_set_max_version(SSL *ssl, uint16_t version);
* |BIO|. Instead, the MTU is configured with |SSL_set_mtu|. */
#define SSL_OP_NO_QUERY_MTU 0x00001000L
-/* SSL_OP_NO_TICKET disables session ticket support (RFC 4507). */
+/* SSL_OP_NO_TICKET disables session ticket support (RFC 5077). */
#define SSL_OP_NO_TICKET 0x00004000L
-/* SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION permits unsafe legacy renegotiation
- * without renegotiation_info (RFC 5746) support. */
-#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L
-
/* SSL_OP_CIPHER_SERVER_PREFERENCE configures servers to select ciphers and
* ECDHE curves according to the server's preferences instead of the
* client's. */
#define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L
-/* The following flags toggle individual protocol versions. This is deprecated.
- * Use |SSL_CTX_set_min_version| and |SSL_CTX_set_max_version| instead. */
-#define SSL_OP_NO_SSLv3 0x02000000L
-#define SSL_OP_NO_TLSv1 0x04000000L
-#define SSL_OP_NO_TLSv1_2 0x08000000L
-#define SSL_OP_NO_TLSv1_1 0x10000000L
-#define SSL_OP_NO_DTLSv1 SSL_OP_NO_TLSv1
-#define SSL_OP_NO_DTLSv1_2 SSL_OP_NO_TLSv1_2
-
-/* The following flags do nothing and are included only to make it easier to
- * compile code with BoringSSL. */
-#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0
-#define SSL_OP_MICROSOFT_SESS_ID_BUG 0
-#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0
-#define SSL_OP_NO_COMPRESSION 0
-#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0
-#define SSL_OP_NO_SSLv2 0
-#define SSL_OP_SINGLE_DH_USE 0
-#define SSL_OP_SINGLE_ECDH_USE 0
-#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0
-#define SSL_OP_TLS_BLOCK_PADDING_BUG 0
-#define SSL_OP_TLS_ROLLBACK_BUG 0
-
/* SSL_CTX_set_options enables all options set in |options| (which should be one
* or more of the |SSL_OP_*| values, ORed together) in |ctx|. It returns a
* bitmask representing the resulting enabled options. */
@@ -434,10 +579,6 @@ OPENSSL_EXPORT uint32_t SSL_get_options(const SSL *ssl);
* in one RTT. See draft-bmoeller-tls-falsestart-01. */
#define SSL_MODE_ENABLE_FALSE_START 0x00000080L
-/* Deprecated: SSL_MODE_HANDSHAKE_CUTTHROUGH is the same as
- * SSL_MODE_ENABLE_FALSE_START. */
-#define SSL_MODE_HANDSHAKE_CUTTHROUGH SSL_MODE_ENABLE_FALSE_START
-
/* SSL_MODE_CBC_RECORD_SPLITTING causes multi-byte CBC records in SSL 3.0 and
* TLS 1.0 to be split in two: the first record will contain a single byte and
* the second will contain the remainder. This effectively randomises the IV and
@@ -451,21 +592,12 @@ OPENSSL_EXPORT uint32_t SSL_get_options(const SSL *ssl);
/* SSL_MODE_SEND_FALLBACK_SCSV sends TLS_FALLBACK_SCSV in the ClientHello.
* To be set only by applications that reconnect with a downgraded protocol
- * version; see https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-05
- * for details.
+ * version; see RFC 7507 for details.
*
* DO NOT ENABLE THIS if your application attempts a normal handshake. Only use
- * this in explicit fallback retries, following the guidance in
- * draft-ietf-tls-downgrade-scsv-05. */
+ * this in explicit fallback retries, following the guidance in RFC 7507. */
#define SSL_MODE_SEND_FALLBACK_SCSV 0x00000400L
-/* The following flags do nothing and are included only to make it easier to
- * compile code with BoringSSL. */
-#define SSL_MODE_AUTO_RETRY 0
-#define SSL_MODE_RELEASE_BUFFERS 0
-#define SSL_MODE_SEND_CLIENTHELLO_TIME 0
-#define SSL_MODE_SEND_SERVERHELLO_TIME 0
-
/* SSL_CTX_set_mode enables all modes set in |mode| (which should be one or more
* of the |SSL_MODE_*| values, ORed together) in |ctx|. It returns a bitmask
* representing the resulting enabled modes. */
@@ -495,8 +627,309 @@ OPENSSL_EXPORT uint32_t SSL_clear_mode(SSL *ssl, uint32_t mode);
OPENSSL_EXPORT uint32_t SSL_get_mode(const SSL *ssl);
+/* Configuring certificates and private keys.
+ *
+ * These functions configure the connection's leaf certificate, private key, and
+ * certificate chain. The certificate chain is ordered leaf to root (as sent on
+ * the wire) but does not include the leaf. Both client and server certificates
+ * use these functions.
+ *
+ * Certificates and keys may be configured before the handshake or dynamically
+ * in the early callback and certificate callback. */
+
+/* SSL_CTX_use_certificate sets |ctx|'s leaf certificate to |x509|. It returns
+ * one on success and zero on failure. */
+OPENSSL_EXPORT int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x509);
+
+/* SSL_use_certificate sets |ssl|'s leaf certificate to |x509|. It returns one
+ * on success and zero on failure. */
+OPENSSL_EXPORT int SSL_use_certificate(SSL *ssl, X509 *x509);
+
+/* SSL_CTX_use_PrivateKey sets |ctx|'s private key to |pkey|. It returns one on
+ * success and zero on failure. */
+OPENSSL_EXPORT int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+
+/* SSL_use_PrivateKey sets |ssl|'s private key to |pkey|. It returns one on
+ * success and zero on failure. */
+OPENSSL_EXPORT int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+
+/* SSL_CTX_set0_chain sets |ctx|'s certificate chain, excluding the leaf, to
+ * |chain|. On success, it returns one and takes ownership of |chain|.
+ * Otherwise, it returns zero. */
+OPENSSL_EXPORT int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *chain);
+
+/* SSL_CTX_set1_chain sets |ctx|'s certificate chain, excluding the leaf, to
+ * |chain|. It returns one on success and zero on failure. The caller retains
+ * ownership of |chain| and may release it freely. */
+OPENSSL_EXPORT int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *chain);
+
+/* SSL_set0_chain sets |ssl|'s certificate chain, excluding the leaf, to
+ * |chain|. On success, it returns one and takes ownership of |chain|.
+ * Otherwise, it returns zero. */
+OPENSSL_EXPORT int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *chain);
+
+/* SSL_set1_chain sets |ssl|'s certificate chain, excluding the leaf, to
+ * |chain|. It returns one on success and zero on failure. The caller retains
+ * ownership of |chain| and may release it freely. */
+OPENSSL_EXPORT int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *chain);
+
+/* SSL_CTX_add0_chain_cert appends |x509| to |ctx|'s certificate chain. On
+ * success, it returns one and takes ownership of |x509|. Otherwise, it returns
+ * zero. */
+OPENSSL_EXPORT int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+
+/* SSL_CTX_add1_chain_cert appends |x509| to |ctx|'s certificate chain. It
+ * returns one on success and zero on failure. The caller retains ownership of
+ * |x509| and may release it freely. */
+OPENSSL_EXPORT int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+
+/* SSL_add0_chain_cert appends |x509| to |ctx|'s certificate chain. On success,
+ * it returns one and takes ownership of |x509|. Otherwise, it returns zero. */
+OPENSSL_EXPORT int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+
+/* SSL_CTX_add_extra_chain_cert calls |SSL_CTX_add0_chain_cert|. */
+OPENSSL_EXPORT int SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509);
+
+/* SSL_add1_chain_cert appends |x509| to |ctx|'s certificate chain. It returns
+ * one on success and zero on failure. The caller retains ownership of |x509|
+ * and may release it freely. */
+OPENSSL_EXPORT int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+
+/* SSL_CTX_clear_chain_certs clears |ctx|'s certificate chain and returns
+ * one. */
+OPENSSL_EXPORT int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+/* SSL_CTX_clear_extra_chain_certs calls |SSL_CTX_clear_chain_certs|. */
+OPENSSL_EXPORT int SSL_CTX_clear_extra_chain_certs(SSL_CTX *ctx);
+
+/* SSL_clear_chain_certs clears |ssl|'s certificate chain and returns one. */
+OPENSSL_EXPORT int SSL_clear_chain_certs(SSL *ssl);
+
+/* SSL_CTX_set_cert_cb sets a callback that is called to select a certificate.
+ * The callback returns one on success, zero on internal error, and a negative
+ * number on failure or to pause the handshake. If the handshake is paused,
+ * |SSL_get_error| will return |SSL_ERROR_WANT_X509_LOOKUP|. */
+OPENSSL_EXPORT void SSL_CTX_set_cert_cb(SSL_CTX *ctx,
+ int (*cb)(SSL *ssl, void *arg),
+ void *arg);
+
+/* SSL_set_cert_cb sets a callback that is called to select a certificate. The
+ * callback returns one on success, zero on internal error, and a negative
+ * number on failure or to pause the handshake. If the handshake is paused,
+ * |SSL_get_error| will return |SSL_ERROR_WANT_X509_LOOKUP|. */
+OPENSSL_EXPORT void SSL_set_cert_cb(SSL *ssl, int (*cb)(SSL *ssl, void *arg),
+ void *arg);
+
+/* SSL_certs_clear resets the private key, leaf certificate, and certificate
+ * chain of |ssl|. */
+OPENSSL_EXPORT void SSL_certs_clear(SSL *ssl);
+
+/* SSL_CTX_check_private_key returns one if the certificate and private key
+ * configured in |ctx| are consistent and zero otherwise. */
+OPENSSL_EXPORT int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+
+/* SSL_check_private_key returns one if the certificate and private key
+ * configured in |ssl| are consistent and zero otherwise. */
+OPENSSL_EXPORT int SSL_check_private_key(const SSL *ssl);
+
+/* SSL_CTX_get0_certificate returns |ctx|'s leaf certificate. */
+OPENSSL_EXPORT X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);
+
+/* SSL_get_certificate returns |ssl|'s leaf certificate. */
+OPENSSL_EXPORT X509 *SSL_get_certificate(const SSL *ssl);
+
+/* SSL_CTX_get0_privatekey returns |ctx|'s private key. */
+OPENSSL_EXPORT EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx);
+
+/* SSL_get_privatekey returns |ssl|'s private key. */
+OPENSSL_EXPORT EVP_PKEY *SSL_get_privatekey(const SSL *ssl);
+
+/* SSL_CTX_get0_chain_certs sets |*out_chain| to |ctx|'s certificate chain and
+ * returns one. */
+OPENSSL_EXPORT int SSL_CTX_get0_chain_certs(const SSL_CTX *ctx,
+ STACK_OF(X509) **out_chain);
+
+/* SSL_CTX_get_extra_chain_certs calls |SSL_CTX_get0_chain_certs|. */
+OPENSSL_EXPORT int SSL_CTX_get_extra_chain_certs(const SSL_CTX *ctx,
+ STACK_OF(X509) **out_chain);
+
+/* SSL_get0_chain_certs sets |*out_chain| to |ssl|'s certificate chain and
+ * returns one. */
+OPENSSL_EXPORT int SSL_get0_chain_certs(const SSL *ssl,
+ STACK_OF(X509) **out_chain);
+
+/* SSL_CTX_set_signed_cert_timestamp_list sets the list of signed certificate
+ * timestamps that is sent to clients that request it. The |list| argument must
+ * contain one or more SCT structures serialised as a SignedCertificateTimestamp
+ * List (see https://tools.ietf.org/html/rfc6962#section-3.3) – i.e. each SCT
+ * is prefixed by a big-endian, uint16 length and the concatenation of one or
+ * more such prefixed SCTs are themselves also prefixed by a uint16 length. It
+ * returns one on success and zero on error. The caller retains ownership of
+ * |list|. */
+OPENSSL_EXPORT int SSL_CTX_set_signed_cert_timestamp_list(SSL_CTX *ctx,
+ const uint8_t *list,
+ size_t list_len);
+
+/* SSL_CTX_set_ocsp_response sets the OCSP reponse that is sent to clients
+ * which request it. It returns one on success and zero on error. The caller
+ * retains ownership of |response|. */
+OPENSSL_EXPORT int SSL_CTX_set_ocsp_response(SSL_CTX *ctx,
+ const uint8_t *response,
+ size_t response_len);
+
+/* SSL_set_private_key_digest_prefs copies |num_digests| NIDs from |digest_nids|
+ * into |ssl|. These digests will be used, in decreasing order of preference,
+ * when signing with |ssl|'s private key. It returns one on success and zero on
+ * error. */
+OPENSSL_EXPORT int SSL_set_private_key_digest_prefs(SSL *ssl,
+ const int *digest_nids,
+ size_t num_digests);
+
+
+/* Certificate and private key convenience functions. */
+
+/* SSL_CTX_use_RSAPrivateKey sets |ctx|'s private key to |rsa|. It returns one
+ * on success and zero on failure. */
+OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+
+/* SSL_use_RSAPrivateKey sets |ctx|'s private key to |rsa|. It returns one on
+ * success and zero on failure. */
+OPENSSL_EXPORT int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+
+/* The following functions configure certificates or private keys but take as
+ * input DER-encoded structures. They return one on success and zero on
+ * failure. */
+
+OPENSSL_EXPORT int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,
+ const uint8_t *d);
+OPENSSL_EXPORT int SSL_use_certificate_ASN1(SSL *ssl, const uint8_t *der,
+ int len);
+
+OPENSSL_EXPORT int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx,
+ const uint8_t *d, long len);
+OPENSSL_EXPORT int SSL_use_PrivateKey_ASN1(int type, SSL *ssl,
+ const uint8_t *d, long len);
+
+OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx,
+ const uint8_t *der,
+ size_t der_len);
+OPENSSL_EXPORT int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const uint8_t *der,
+ size_t der_len);
+
+/* The following functions configure certificates or private keys but take as
+ * input files to read from. They return one on success and zero on failure. The
+ * |type| parameter is one of the |SSL_FILETYPE_*| values and determines whether
+ * the file's contents are read as PEM or DER. */
+
+#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
+#define SSL_FILETYPE_PEM X509_FILETYPE_PEM
+
+OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx,
+ const char *file,
+ int type);
+OPENSSL_EXPORT int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file,
+ int type);
+
+OPENSSL_EXPORT int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file,
+ int type);
+OPENSSL_EXPORT int SSL_use_certificate_file(SSL *ssl, const char *file,
+ int type);
+
+OPENSSL_EXPORT int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file,
+ int type);
+OPENSSL_EXPORT int SSL_use_PrivateKey_file(SSL *ssl, const char *file,
+ int type);
+
+/* SSL_CTX_use_certificate_file configures certificates for |ctx|. It reads the
+ * contents of |file| as a PEM-encoded leaf certificate followed optionally by
+ * the certificate chain to send to the peer. It returns one on success and zero
+ * on failure. */
+OPENSSL_EXPORT int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx,
+ const char *file);
+
+/* SSL_CTX_set_default_passwd_cb sets the password callback for PEM-based
+ * convenience functions called on |ctx|. */
+OPENSSL_EXPORT void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx,
+ pem_password_cb *cb);
+
+/* SSL_CTX_set_default_passwd_cb_userdata sets the userdata parameter for
+ * |ctx|'s password callback. */
+OPENSSL_EXPORT void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx,
+ void *data);
+
+
+/* Custom private keys. */
+
+enum ssl_private_key_result_t {
+ ssl_private_key_success,
+ ssl_private_key_retry,
+ ssl_private_key_failure,
+};
+
+/* SSL_PRIVATE_KEY_METHOD describes private key hooks. This is used to off-load
+ * signing operations to a custom, potentially asynchronous, backend. */
+typedef struct ssl_private_key_method_st {
+ /* type returns either |EVP_PKEY_RSA| or |EVP_PKEY_EC| to denote the type of
+ * key used by |ssl|. */
+ int (*type)(SSL *ssl);
+
+ /* max_signature_len returns the maximum length of a signature signed by the
+ * key used by |ssl|. This must be a constant value for a given |ssl|. */
+ size_t (*max_signature_len)(SSL *ssl);
+
+ /* sign signs |in_len| bytes of digest from |in|. |md| is the hash function
+ * used to calculate |in|. On success, it returns |ssl_private_key_success|
+ * and writes at most |max_out| bytes of signature data to |out|. On failure,
+ * it returns |ssl_private_key_failure|. If the operation has not completed,
+ * it returns |ssl_private_key_retry|. |sign| should arrange for the
+ * high-level operation on |ssl| to be retried when the operation is
+ * completed. This will result in a call to |sign_complete|.
+ *
+ * If the key is an RSA key, implementations must use PKCS#1 padding. |in| is
+ * the digest itself, so the DigestInfo prefix, if any, must be prepended by
+ * |sign|. If |md| is |EVP_md5_sha1|, there is no prefix.
+ *
+ * It is an error to call |sign| while another private key operation is in
+ * progress on |ssl|. */
+ enum ssl_private_key_result_t (*sign)(SSL *ssl, uint8_t *out, size_t *out_len,
+ size_t max_out, const EVP_MD *md,
+ const uint8_t *in, size_t in_len);
+
+ /* sign_complete completes a pending |sign| operation. If the operation has
+ * completed, it returns |ssl_private_key_success| and writes the result to
+ * |out| as in |sign|. Otherwise, it returns |ssl_private_key_failure| on
+ * failure and |ssl_private_key_retry| if the operation is still in progress.
+ *
+ * |sign_complete| may be called arbitrarily many times before completion, but
+ * it is an error to call |sign_complete| if there is no pending |sign|
+ * operation in progress on |ssl|. */
+ enum ssl_private_key_result_t (*sign_complete)(SSL *ssl, uint8_t *out,
+ size_t *out_len, size_t max_out);
+} SSL_PRIVATE_KEY_METHOD;
+
+/* SSL_set_private_key_method configures a custom private key on |ssl|.
+ * |key_method| must remain valid for the lifetime of |ssl|. */
+OPENSSL_EXPORT void SSL_set_private_key_method(
+ SSL *ssl, const SSL_PRIVATE_KEY_METHOD *key_method);
+
+
/* Connection information. */
+/* SSL_get_peer_certificate returns the peer's leaf certificate or NULL if the
+ * peer did not use certificates. The caller must call |X509_free| on the
+ * result to release it. */
+OPENSSL_EXPORT X509 *SSL_get_peer_certificate(const SSL *ssl);
+
+/* SSL_get_peer_cert_chain returns the peer's certificate chain or NULL if
+ * unavailable or the peer did not use certificates. For historical reasons,
+ * this may not be available if resuming a serialized |SSL_SESSION|. The caller
+ * does not take ownership of the result.
+ *
+ * WARNING: This function behaves differently between client and server. If
+ * |ssl| is a server, the returned chain does not include the leaf certificate.
+ * If a client, it does. */
+OPENSSL_EXPORT STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *ssl);
+
/* SSL_get_tls_unique writes at most |max_out| bytes of the tls-unique value
* for |ssl| to |out| and sets |*out_len| to the number of bytes written. It
* returns one on success or zero on error. In general |max_out| should be at
@@ -517,6 +950,1218 @@ OPENSSL_EXPORT uint32_t SSL_get_mode(const SSL *ssl);
OPENSSL_EXPORT int SSL_get_tls_unique(const SSL *ssl, uint8_t *out,
size_t *out_len, size_t max_out);
+/* SSL_get_extms_support returns one if the Extended Master Secret
+ * extension was negotiated. Otherwise, it returns zero. */
+OPENSSL_EXPORT int SSL_get_extms_support(const SSL *ssl);
+
+/* SSL_get_current_cipher returns the cipher used in the current outgoing
+ * connection state, or NULL if the null cipher is active. */
+OPENSSL_EXPORT const SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl);
+
+/* SSL_session_reused returns one if |ssl| performed an abbreviated handshake
+ * and zero otherwise.
+ *
+ * TODO(davidben): Hammer down the semantics of this API while a handshake,
+ * initial or renego, is in progress. */
+OPENSSL_EXPORT int SSL_session_reused(const SSL *ssl);
+
+/* SSL_get_secure_renegotiation_support returns one if the peer supports secure
+ * renegotiation (RFC 5746) and zero otherwise. */
+OPENSSL_EXPORT int SSL_get_secure_renegotiation_support(const SSL *ssl);
+
+
+/* Custom extensions.
+ *
+ * The custom extension functions allow TLS extensions to be added to
+ * ClientHello and ServerHello messages. */
+
+/* SSL_custom_ext_add_cb is a callback function that is called when the
+ * ClientHello (for clients) or ServerHello (for servers) is constructed. In
+ * the case of a server, this callback will only be called for a given
+ * extension if the ClientHello contained that extension – it's not possible to
+ * inject extensions into a ServerHello that the client didn't request.
+ *
+ * When called, |extension_value| will contain the extension number that is
+ * being considered for addition (so that a single callback can handle multiple
+ * extensions). If the callback wishes to include the extension, it must set
+ * |*out| to point to |*out_len| bytes of extension contents and return one. In
+ * this case, the corresponding |SSL_custom_ext_free_cb| callback will later be
+ * called with the value of |*out| once that data has been copied.
+ *
+ * If the callback does not wish to add an extension it must return zero.
+ *
+ * Alternatively, the callback can abort the connection by setting
+ * |*out_alert_value| to a TLS alert number and returning -1. */
+typedef int (*SSL_custom_ext_add_cb)(SSL *ssl, unsigned extension_value,
+ const uint8_t **out, size_t *out_len,
+ int *out_alert_value, void *add_arg);
+
+/* SSL_custom_ext_free_cb is a callback function that is called by OpenSSL iff
+ * an |SSL_custom_ext_add_cb| callback previously returned one. In that case,
+ * this callback is called and passed the |out| pointer that was returned by
+ * the add callback. This is to free any dynamically allocated data created by
+ * the add callback. */
+typedef void (*SSL_custom_ext_free_cb)(SSL *ssl, unsigned extension_value,
+ const uint8_t *out, void *add_arg);
+
+/* SSL_custom_ext_parse_cb is a callback function that is called by OpenSSL to
+ * parse an extension from the peer: that is from the ServerHello for a client
+ * and from the ClientHello for a server.
+ *
+ * When called, |extension_value| will contain the extension number and the
+ * contents of the extension are |contents_len| bytes at |contents|.
+ *
+ * The callback must return one to continue the handshake. Otherwise, if it
+ * returns zero, a fatal alert with value |*out_alert_value| is sent and the
+ * handshake is aborted. */
+typedef int (*SSL_custom_ext_parse_cb)(SSL *ssl, unsigned extension_value,
+ const uint8_t *contents,
+ size_t contents_len,
+ int *out_alert_value, void *parse_arg);
+
+/* SSL_extension_supported returns one iff OpenSSL internally handles
+ * extensions of type |extension_value|. This can be used to avoid registering
+ * custom extension handlers for extensions that a future version of OpenSSL
+ * may handle internally. */
+OPENSSL_EXPORT int SSL_extension_supported(unsigned extension_value);
+
+/* SSL_CTX_add_client_custom_ext registers callback functions for handling
+ * custom TLS extensions for client connections.
+ *
+ * If |add_cb| is NULL then an empty extension will be added in each
+ * ClientHello. Otherwise, see the comment for |SSL_custom_ext_add_cb| about
+ * this callback.
+ *
+ * The |free_cb| may be NULL if |add_cb| doesn't dynamically allocate data that
+ * needs to be freed.
+ *
+ * It returns one on success or zero on error. It's always an error to register
+ * callbacks for the same extension twice, or to register callbacks for an
+ * extension that OpenSSL handles internally. See |SSL_extension_supported| to
+ * discover, at runtime, which extensions OpenSSL handles internally. */
+OPENSSL_EXPORT int SSL_CTX_add_client_custom_ext(
+ SSL_CTX *ctx, unsigned extension_value, SSL_custom_ext_add_cb add_cb,
+ SSL_custom_ext_free_cb free_cb, void *add_arg,
+ SSL_custom_ext_parse_cb parse_cb, void *parse_arg);
+
+/* SSL_CTX_add_server_custom_ext is the same as
+ * |SSL_CTX_add_client_custom_ext|, but for server connections.
+ *
+ * Unlike on the client side, if |add_cb| is NULL no extension will be added.
+ * The |add_cb|, if any, will only be called if the ClientHello contained a
+ * matching extension. */
+OPENSSL_EXPORT int SSL_CTX_add_server_custom_ext(
+ SSL_CTX *ctx, unsigned extension_value, SSL_custom_ext_add_cb add_cb,
+ SSL_custom_ext_free_cb free_cb, void *add_arg,
+ SSL_custom_ext_parse_cb parse_cb, void *parse_arg);
+
+
+/* Sessions.
+ *
+ * An |SSL_SESSION| represents an SSL session that may be resumed in an
+ * abbreviated handshake. It is reference-counted and immutable. Once
+ * established, an |SSL_SESSION| may be shared by multiple |SSL| objects on
+ * different threads and must not be modified. */
+
+DECLARE_LHASH_OF(SSL_SESSION)
+
+/* SSL_SESSION_new returns a newly-allocated blank |SSL_SESSION| or NULL on
+ * error. This may be useful in writing tests but otherwise should not be
+ * used outside the library. */
+OPENSSL_EXPORT SSL_SESSION *SSL_SESSION_new(void);
+
+/* SSL_SESSION_up_ref, if |session| is not NULL, increments the reference count
+ * of |session|. It then returns |session|. */
+OPENSSL_EXPORT SSL_SESSION *SSL_SESSION_up_ref(SSL_SESSION *session);
+
+/* SSL_SESSION_free decrements the reference count of |session|. If it reaches
+ * zero, all data referenced by |session| and |session| itself are released. */
+OPENSSL_EXPORT void SSL_SESSION_free(SSL_SESSION *session);
+
+/* SSL_SESSION_to_bytes serializes |in| into a newly allocated buffer and sets
+ * |*out_data| to that buffer and |*out_len| to its length. The caller takes
+ * ownership of the buffer and must call |OPENSSL_free| when done. It returns
+ * one on success and zero on error. */
+OPENSSL_EXPORT int SSL_SESSION_to_bytes(const SSL_SESSION *in,
+ uint8_t **out_data, size_t *out_len);
+
+/* SSL_SESSION_to_bytes_for_ticket serializes |in|, but excludes the session
+ * identification information, namely the session ID and ticket. */
+OPENSSL_EXPORT int SSL_SESSION_to_bytes_for_ticket(const SSL_SESSION *in,
+ uint8_t **out_data,
+ size_t *out_len);
+
+/* SSL_SESSION_from_bytes parses |in_len| bytes from |in| as an SSL_SESSION. It
+ * returns a newly-allocated |SSL_SESSION| on success or NULL on error. */
+OPENSSL_EXPORT SSL_SESSION *SSL_SESSION_from_bytes(const uint8_t *in,
+ size_t in_len);
+
+/* SSL_SESSION_get_version returns a string describing the TLS version |session|
+ * was established at. For example, "TLSv1.2" or "SSLv3". */
+OPENSSL_EXPORT const char *SSL_SESSION_get_version(const SSL_SESSION *session);
+
+/* SSL_SESSION_get_id returns a pointer to a buffer containg |session|'s session
+ * ID and sets |*out_len| to its length. */
+OPENSSL_EXPORT const uint8_t *SSL_SESSION_get_id(const SSL_SESSION *session,
+ unsigned *out_len);
+
+/* SSL_SESSION_get_time returns the time at which |session| was established in
+ * seconds since the UNIX epoch. */
+OPENSSL_EXPORT long SSL_SESSION_get_time(const SSL_SESSION *session);
+
+/* SSL_SESSION_get_timeout returns the lifetime of |session| in seconds. */
+OPENSSL_EXPORT long SSL_SESSION_get_timeout(const SSL_SESSION *session);
+
+/* SSL_SESSION_get_key_exchange_info returns a value that describes the
+ * strength of the asymmetric operation that provides confidentiality to
+ * |session|. Its interpretation depends on the operation used. See the
+ * documentation for this value in the |SSL_SESSION| structure. */
+OPENSSL_EXPORT uint32_t SSL_SESSION_get_key_exchange_info(
+ const SSL_SESSION *session);
+
+/* SSL_SESSION_get0_peer return's the peer leaf certificate stored in
+ * |session|.
+ *
+ * TODO(davidben): This should return a const X509 *. */
+OPENSSL_EXPORT X509 *SSL_SESSION_get0_peer(const SSL_SESSION *session);
+
+/* SSL_SESSION_set_time sets |session|'s creation time to |time| and returns
+ * |time|. This function may be useful in writing tests but otherwise should not
+ * be used. */
+OPENSSL_EXPORT long SSL_SESSION_set_time(SSL_SESSION *session, long time);
+
+/* SSL_SESSION_set_time sets |session|'s timeout to |timeout| and returns one.
+ * This function may be useful in writing tests but otherwise should not be
+ * used. */
+OPENSSL_EXPORT long SSL_SESSION_set_timeout(SSL_SESSION *session, long timeout);
+
+/* SSL_SESSION_set1_id_context sets |session|'s session ID context (see
+ * |SSL_CTX_set_session_id_context|) to |sid_ctx|. It returns one on success and
+ * zero on error. This function may be useful in writing tests but otherwise
+ * should not be used. */
+OPENSSL_EXPORT int SSL_SESSION_set1_id_context(SSL_SESSION *session,
+ const uint8_t *sid_ctx,
+ unsigned sid_ctx_len);
+
+
+/* Session caching.
+ *
+ * Session caching allows clients to reconnect to a server based on saved
+ * parameters from a previous connection.
+ *
+ * For a server, the library implements a built-in internal session cache as an
+ * in-memory hash table. One may also register callbacks to implement a custom
+ * external session cache. An external cache may be used in addition to or
+ * instead of the internal one. Use |SSL_CTX_set_session_cache_mode| to toggle
+ * the internal cache.
+ *
+ * For a client, the only option is an external session cache. Prior to
+ * handshaking, the consumer should look up a session externally (keyed, for
+ * instance, by hostname) and use |SSL_set_session| to configure which session
+ * to offer. The callbacks may be used to determine when new sessions are
+ * available.
+ *
+ * Note that offering or accepting a session short-circuits most parameter
+ * negotiation. Resuming sessions across different configurations may result in
+ * surprising behavor. So, for instance, a client implementing a version
+ * fallback should shard its session cache by maximum protocol version. */
+
+/* SSL_SESS_CACHE_OFF disables all session caching. */
+#define SSL_SESS_CACHE_OFF 0x0000
+
+/* SSL_SESS_CACHE_CLIENT enables session caching for a client.
+ *
+ * TODO(davidben): The internal cache is useless on the client. Always act as if
+ * SSL_SESS_CACHE_NO_INTERNAL is set. https://crbug.com/531194. Also see TODO
+ * attached to |SSL_CTX_sess_set_new_cb|. */
+#define SSL_SESS_CACHE_CLIENT 0x0001
+
+/* SSL_SESS_CACHE_SERVER enables session caching for a server. */
+#define SSL_SESS_CACHE_SERVER 0x0002
+
+/* SSL_SESS_CACHE_SERVER enables session caching for both client and server. */
+#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_SERVER)
+
+/* SSL_SESS_CACHE_NO_AUTO_CLEAR disables automatically calling
+ * |SSL_CTX_flush_sessions| every 255 connections. */
+#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080
+
+/* SSL_SESS_CACHE_NO_INTERNAL_LOOKUP disables looking up a session from the
+ * internal session cache. */
+#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
+
+/* SSL_SESS_CACHE_NO_INTERNAL_STORE disables storing sessions in the internal
+ * session cache. */
+#define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200
+
+/* SSL_SESS_CACHE_NO_INTERNAL disables the internal session cache. */
+#define SSL_SESS_CACHE_NO_INTERNAL \
+ (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP | SSL_SESS_CACHE_NO_INTERNAL_STORE)
+
+/* SSL_CTX_set_session_cache_mode sets the session cache mode bits for |ctx| to
+ * |mode|. It returns the previous value. */
+OPENSSL_EXPORT int SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, int mode);
+
+/* SSL_CTX_get_session_cache_mode returns the session cache mode bits for
+ * |ctx| */
+OPENSSL_EXPORT int SSL_CTX_get_session_cache_mode(const SSL_CTX *ctx);
+
+ /* SSL_set_session, for a client, configures |ssl| to offer to resume |session|
+ * in the initial handshake. */
+OPENSSL_EXPORT int SSL_set_session(SSL *ssl, SSL_SESSION *session);
+
+/* SSL_get_session returns a non-owning pointer to |ssl|'s session. Prior to the
+ * initial handshake beginning, this is the session to be offered, set by
+ * |SSL_set_session|. After a handshake has finished, this is the currently
+ * active session. Its behavior is undefined while a handshake is progress. */
+OPENSSL_EXPORT SSL_SESSION *SSL_get_session(const SSL *ssl);
+
+/* SSL_get0_session is an alias for |SSL_get_session|. */
+#define SSL_get0_session SSL_get_session
+
+/* SSL_get1_session acts like |SSL_get_session| but returns a new reference to
+ * the session. */
+OPENSSL_EXPORT SSL_SESSION *SSL_get1_session(SSL *ssl);
+
+/* SSL_DEFAULT_SESSION_TIMEOUT is the default lifetime, in seconds, of a
+ * session. */
+#define SSL_DEFAULT_SESSION_TIMEOUT (2 * 60 * 60)
+
+/* SSL_CTX_set_timeout sets the lifetime, in seconds, of sessions created in
+ * |ctx| to |timeout|. */
+OPENSSL_EXPORT long SSL_CTX_set_timeout(SSL_CTX *ctx, long timeout);
+
+/* SSL_CTX_get_timeout returns the lifetime, in seconds, of sessions created in
+ * |ctx|. */
+OPENSSL_EXPORT long SSL_CTX_get_timeout(const SSL_CTX *ctx);
+
+/* SSL_CTX_set_session_id_context sets |ctx|'s session ID context to |sid_ctx|.
+ * It returns one on success and zero on error. The session ID context is an
+ * application-defined opaque byte string. A session will not be used in a
+ * connection without a matching session ID context.
+ *
+ * For a server, if |SSL_VERIFY_PEER| is enabled, it is an error to not set a
+ * session ID context.
+ *
+ * TODO(davidben): Is that check needed? That seems a special case of taking
+ * care not to cross-resume across configuration changes, and this is only
+ * relevant if a server requires client auth. */
+OPENSSL_EXPORT int SSL_CTX_set_session_id_context(SSL_CTX *ctx,
+ const uint8_t *sid_ctx,
+ unsigned sid_ctx_len);
+
+/* SSL_set_session_id_context sets |ssl|'s session ID context to |sid_ctx|. It
+ * returns one on success and zero on error. See also
+ * |SSL_CTX_set_session_id_context|. */
+OPENSSL_EXPORT int SSL_set_session_id_context(SSL *ssl, const uint8_t *sid_ctx,
+ unsigned sid_ctx_len);
+
+/* SSL_SESSION_CACHE_MAX_SIZE_DEFAULT is the default maximum size of a session
+ * cache. */
+#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024 * 20)
+
+/* SSL_CTX_sess_set_cache_size sets the maximum size of |ctx|'s internal session
+ * cache to |size|. It returns the previous value. */
+OPENSSL_EXPORT unsigned long SSL_CTX_sess_set_cache_size(SSL_CTX *ctx,
+ unsigned long size);
+
+/* SSL_CTX_sess_get_cache_size returns the maximum size of |ctx|'s internal
+ * session cache. */
+OPENSSL_EXPORT unsigned long SSL_CTX_sess_get_cache_size(const SSL_CTX *ctx);
+
+/* SSL_CTX_sessions returns |ctx|'s internal session cache. */
+OPENSSL_EXPORT LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx);
+
+/* SSL_CTX_sess_number returns the number of sessions in |ctx|'s internal
+ * session cache. */
+OPENSSL_EXPORT size_t SSL_CTX_sess_number(const SSL_CTX *ctx);
+
+/* SSL_CTX_add_session inserts |session| into |ctx|'s internal session cache. It
+ * returns one on success and zero on error or if |ctx| already included a
+ * session with that session ID. The caller retains its reference to
+ * |session|. */
+OPENSSL_EXPORT int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *session);
+
+/* SSL_CTX_remove_session removes |session| from |ctx|'s internal session cache.
+ * It returns one on success and zero on error or if no session with a matching
+ * ID was found. */
+OPENSSL_EXPORT int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *session);
+
+/* SSL_CTX_flush_sessions removes all sessions from |ctx| which have expired as
+ * of time |time|. If |time| is zero, all sessions are removed. */
+OPENSSL_EXPORT void SSL_CTX_flush_sessions(SSL_CTX *ctx, long time);
+
+/* SSL_CTX_sess_set_new_cb sets the callback to be called when a new session is
+ * established and ready to be cached. If the session cache is disabled (the
+ * appropriate one of |SSL_SESS_CACHE_CLIENT| or |SSL_SESS_CACHE_SERVER| is
+ * unset), the callback is not called.
+ *
+ * The callback is passed a reference to |session|. It returns one if it takes
+ * ownership and zero otherwise.
+ *
+ * Note: For a client, the callback may be called on abbreviated handshakes if a
+ * ticket is renewed. Further, it may not be called until some time after
+ * |SSL_do_handshake| or |SSL_connect| completes if False Start is enabled. Thus
+ * it's recommended to use this callback over checking |SSL_session_reused| on
+ * handshake completion.
+ *
+ * TODO(davidben): Conditioning callbacks on |SSL_SESS_CACHE_CLIENT| or
+ * |SSL_SESS_CACHE_SERVER| doesn't make any sense when one could just as easily
+ * not supply the callbacks. Removing that condition and the client internal
+ * cache would simplify things. */
+OPENSSL_EXPORT void SSL_CTX_sess_set_new_cb(
+ SSL_CTX *ctx, int (*new_session_cb)(SSL *ssl, SSL_SESSION *session));
+
+/* SSL_CTX_sess_get_new_cb returns the callback set by
+ * |SSL_CTX_sess_set_new_cb|. */
+OPENSSL_EXPORT int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(
+ SSL *ssl, SSL_SESSION *session);
+
+/* SSL_CTX_sess_set_remove_cb sets a callback which is called when a session is
+ * removed from the internal session cache.
+ *
+ * TODO(davidben): What is the point of this callback? It seems useless since it
+ * only fires on sessions in the internal cache. */
+OPENSSL_EXPORT void SSL_CTX_sess_set_remove_cb(
+ SSL_CTX *ctx,
+ void (*remove_session_cb)(SSL_CTX *ctx, SSL_SESSION *session));
+
+/* SSL_CTX_sess_get_remove_cb returns the callback set by
+ * |SSL_CTX_sess_set_remove_cb|. */
+OPENSSL_EXPORT void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(
+ SSL_CTX *ctx, SSL_SESSION *session);
+
+/* SSL_CTX_sess_set_get_cb sets a callback to look up a session by ID for a
+ * server. The callback is passed the session ID and should return a matching
+ * |SSL_SESSION| or NULL if not found. It should set |*out_copy| to zero and
+ * return a new reference to the session. This callback is not used for a
+ * client.
+ *
+ * For historical reasons, if |*out_copy| is set to one (default), the SSL
+ * library will take a new reference to the returned |SSL_SESSION|, expecting
+ * the callback to return a non-owning pointer. This is not recommended. If
+ * |ctx| and thus the callback is used on multiple threads, the session may be
+ * removed and invalidated before the SSL library calls |SSL_SESSION_up_ref|,
+ * whereas the callback may synchronize internally.
+ *
+ * To look up a session asynchronously, the callback may return
+ * |SSL_magic_pending_session_ptr|. See the documentation for that function and
+ * |SSL_ERROR_PENDING_SESSION|.
+ *
+ * If the internal session cache is enabled, the callback is only consulted if
+ * the internal cache does not return a match. */
+OPENSSL_EXPORT void SSL_CTX_sess_set_get_cb(
+ SSL_CTX *ctx,
+ SSL_SESSION *(*get_session_cb)(SSL *ssl, uint8_t *id, int id_len,
+ int *out_copy));
+
+/* SSL_CTX_sess_get_get_cb returns the callback set by
+ * |SSL_CTX_sess_set_get_cb|. */
+OPENSSL_EXPORT SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(
+ SSL *ssl, uint8_t *id, int id_len, int *out_copy);
+
+/* SSL_magic_pending_session_ptr returns a magic |SSL_SESSION|* which indicates
+ * that the session isn't currently unavailable. |SSL_get_error| will then
+ * return |SSL_ERROR_PENDING_SESSION| and the handshake can be retried later
+ * when the lookup has completed. */
+OPENSSL_EXPORT SSL_SESSION *SSL_magic_pending_session_ptr(void);
+
+/* GEN_SESSION_CB is a callback to generate session IDs for |ssl|. It returns
+ * one on success and zero on error. On success, the generated ID is written to
+ * |id| and |*id_len| set to the length. On entry, |*id_len| is the maximum
+ * length of the ID, but the callback may shorten it if desired. It is an error
+ * for the callback to set the size to zero.
+ *
+ * Callbacks may use |SSL_has_matching_session_id| to check that the generated
+ * ID is unique. */
+typedef int (*GEN_SESSION_CB)(const SSL *ssl, uint8_t *id, unsigned *id_len);
+
+/* SSL_CTX_set_generate_session_id sets the session ID callback of |ctx| to
+ * |cb| and returns one. It will be called on the server when establishing a new
+ * session. */
+OPENSSL_EXPORT int SSL_CTX_set_generate_session_id(SSL_CTX *ctx,
+ GEN_SESSION_CB cb);
+
+/* SSL_set_generate_session_id sets the session ID callback of |ssl| to |cb| and
+ * returns one. It will be called on the server when establishing a new
+ * session. */
+OPENSSL_EXPORT int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb);
+
+/* SSL_has_matching_session_id returns one if |ssl|'s session cache has a
+ * session of value |id| and zero otherwise. */
+OPENSSL_EXPORT int SSL_has_matching_session_id(const SSL *ssl,
+ const uint8_t *id,
+ unsigned id_len);
+
+
+/* Session tickets.
+ *
+ * Session tickets, from RFC 5077, allow session resumption without server-side
+ * state. Session tickets are supported in by default but may be disabled with
+ * |SSL_OP_NO_TICKET|.
+ *
+ * On the client, ticket-based sessions use the same APIs as ID-based tickets.
+ * Callers do not need to handle them differently.
+ *
+ * On the server, tickets are encrypted and authenticated with a secret key. By
+ * default, an |SSL_CTX| generates a key on creation. Tickets are minted and
+ * processed transparently. The following functions may be used to configure a
+ * persistent key or implement more custom behavior. */
+
+/* SSL_CTX_get_tlsext_ticket_keys writes |ctx|'s session ticket key material to
+ * |len| bytes of |out|. It returns one on success and zero if |len| is not
+ * 48. If |out| is NULL, it returns 48 instead. */
+OPENSSL_EXPORT int SSL_CTX_get_tlsext_ticket_keys(SSL_CTX *ctx, void *out,
+ size_t len);
+
+/* SSL_CTX_set_tlsext_ticket_keys sets |ctx|'s session ticket key material to
+ * |len| bytes of |in|. It returns one on success and zero if |len| is not
+ * 48. If |in| is NULL, it returns 48 instead. */
+OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_keys(SSL_CTX *ctx, const void *in,
+ size_t len);
+
+/* SSL_TICKET_KEY_NAME_LEN is the length of the key name prefix of a session
+ * ticket. */
+#define SSL_TICKET_KEY_NAME_LEN 16
+
+/* SSL_CTX_set_tlsext_ticket_key_cb sets the ticket callback to |callback| and
+ * returns one. |callback| will be called when encrypting a new ticket and when
+ * decrypting a ticket from the client.
+ *
+ * In both modes, |ctx| and |hmac_ctx| will already have been initialized with
+ * |EVP_CIPHER_CTX_init| and |HMAC_CTX_init|, respectively. |callback|
+ * configures |hmac_ctx| with an HMAC digest and key, and configures |ctx|
+ * for encryption or decryption, based on the mode.
+ *
+ * When encrypting a new ticket, |encrypt| will be one. It writes a public
+ * 16-byte key name to |key_name| and a fresh IV to |iv|. The output IV length
+ * must match |EVP_CIPHER_CTX_iv_length| of the cipher selected. In this mode,
+ * |callback| returns 1 on success and -1 on error.
+ *
+ * When decrypting a ticket, |encrypt| will be zero. |key_name| will point to a
+ * 16-byte key name and |iv| points to an IV. The length of the IV consumed must
+ * match |EVP_CIPHER_CTX_iv_length| of the cipher selected. In this mode,
+ * |callback| returns -1 to abort the handshake, 0 if decrypting the ticket
+ * failed, and 1 or 2 on success. If it returns 2, the ticket will be renewed.
+ * This may be used to re-key the ticket.
+ *
+ * WARNING: |callback| wildly breaks the usual return value convention and is
+ * called in two different modes. */
+OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_key_cb(
+ SSL_CTX *ctx, int (*callback)(SSL *ssl, uint8_t *key_name, uint8_t *iv,
+ EVP_CIPHER_CTX *ctx, HMAC_CTX *hmac_ctx,
+ int encrypt));
+
+
+/* Elliptic curve Diffie-Hellman.
+ *
+ * Cipher suites using an ECDHE key exchange perform Diffie-Hellman over an
+ * elliptic curve negotiated by both endpoints. See RFC 4492. Only named curves
+ * are supported. ECDHE is always enabled, but the curve preferences may be
+ * configured with these functions.
+ *
+ * A client may use |SSL_SESSION_get_key_exchange_info| to determine the curve
+ * selected. */
+
+/* SSL_CTX_set1_curves sets the preferred curves for |ctx| to be |curves|. Each
+ * element of |curves| should be a curve nid. It returns one on success and
+ * zero on failure. */
+OPENSSL_EXPORT int SSL_CTX_set1_curves(SSL_CTX *ctx, const int *curves,
+ size_t curves_len);
+
+/* SSL_set1_curves sets the preferred curves for |ssl| to be |curves|. Each
+ * element of |curves| should be a curve nid. It returns one on success and
+ * zero on failure. */
+OPENSSL_EXPORT int SSL_set1_curves(SSL *ssl, const int *curves,
+ size_t curves_len);
+
+/* SSL_CTX_set_tmp_ecdh configures |ctx| to use the curve from |ecdh| as the
+ * curve for ephemeral ECDH keys. For historical reasons, this API expects an
+ * |EC_KEY|, but only the curve is used. It returns one on success and zero on
+ * error. If unset, an appropriate curve will be chosen based on curve
+ * preferences. (This is recommended.) */
+OPENSSL_EXPORT int SSL_CTX_set_tmp_ecdh(SSL_CTX *ctx, const EC_KEY *ec_key);
+
+/* SSL_set_tmp_ecdh configures |ssl| to use the curve from |ecdh| as the curve
+ * for ephemeral ECDH keys. For historical reasons, this API expects an
+ * |EC_KEY|, but only the curve is used. It returns one on success and zero on
+ * error. If unset, an appropriate curve will be chosen based on curve
+ * preferences. (This is recommended.) */
+OPENSSL_EXPORT int SSL_set_tmp_ecdh(SSL *ssl, const EC_KEY *ec_key);
+
+/* SSL_CTX_set_tmp_ecdh_callback configures |ctx| to use |callback| to determine
+ * the curve for ephemeral ECDH keys. |callback| should ignore |is_export| and
+ * |keylength| and return an |EC_KEY| of the selected curve or NULL on
+ * error. Only the curve is used, so the |EC_KEY| needn't have a generated
+ * keypair.
+ *
+ * If the callback is unset, an appropriate curve will be chosen based on curve
+ * preferences. (This is recommended.)
+ *
+ * WARNING: The caller does not take ownership of the resulting |EC_KEY|, so
+ * |callback| must save and release the object elsewhere. */
+OPENSSL_EXPORT void SSL_CTX_set_tmp_ecdh_callback(
+ SSL_CTX *ctx, EC_KEY *(*callback)(SSL *ssl, int is_export, int keylength));
+
+/* SSL_set_tmp_ecdh_callback configures |ssl| to use |callback| to determine the
+ * curve for ephemeral ECDH keys. |callback| should ignore |is_export| and
+ * |keylength| and return an |EC_KEY| of the selected curve or NULL on
+ * error. Only the curve is used, so the |EC_KEY| needn't have a generated
+ * keypair.
+ *
+ * If the callback is unset, an appropriate curve will be chosen based on curve
+ * preferences. (This is recommended.)
+ *
+ * WARNING: The caller does not take ownership of the resulting |EC_KEY|, so
+ * |callback| must save and release the object elsewhere. */
+OPENSSL_EXPORT void SSL_set_tmp_ecdh_callback(
+ SSL *ssl, EC_KEY *(*callback)(SSL *ssl, int is_export, int keylength));
+
+/* SSL_get_curve_name returns a human-readable name for the elliptic curve
+ * specified by the given TLS curve id, or NULL if the curve if unknown. */
+OPENSSL_EXPORT const char *SSL_get_curve_name(uint16_t curve_id);
+
+
+/* Multiplicative Diffie-Hellman.
+ *
+ * Cipher suites using a DHE key exchange perform Diffie-Hellman over a
+ * multiplicative group selected by the server. These ciphers are disabled for a
+ * server unless a group is chosen with one of these functions.
+ *
+ * A client may use |SSL_SESSION_get_key_exchange_info| to determine the size of
+ * the selected group's prime, but note that servers may select degenerate
+ * groups. */
+
+/* SSL_CTX_set_tmp_dh configures |ctx| to use the group from |dh| as the group
+ * for DHE. Only the group is used, so |dh| needn't have a keypair. It returns
+ * one on success and zero on error. */
+OPENSSL_EXPORT int SSL_CTX_set_tmp_dh(SSL_CTX *ctx, const DH *dh);
+
+/* SSL_set_tmp_dh configures |ssl| to use the group from |dh| as the group for
+ * DHE. Only the group is used, so |dh| needn't have a keypair. It returns one
+ * on success and zero on error. */
+OPENSSL_EXPORT int SSL_set_tmp_dh(SSL *ssl, const DH *dh);
+
+/* SSL_CTX_set_tmp_dh_callback configures |ctx| to use |callback| to determine
+ * the group for DHE ciphers. |callback| should ignore |is_export| and
+ * |keylength| and return a |DH| of the selected group or NULL on error. Only
+ * the parameters are used, so the |DH| needn't have a generated keypair.
+ *
+ * WARNING: The caller does not take ownership of the resulting |DH|, so
+ * |callback| must save and release the object elsewhere. */
+OPENSSL_EXPORT void SSL_CTX_set_tmp_dh_callback(
+ SSL_CTX *ctx, DH *(*callback)(SSL *ssl, int is_export, int keylength));
+
+/* SSL_set_tmp_dh_callback configures |ssl| to use |callback| to determine the
+ * group for DHE ciphers. |callback| should ignore |is_export| and |keylength|
+ * and return a |DH| of the selected group or NULL on error. Only the
+ * parameters are used, so the |DH| needn't have a generated keypair.
+ *
+ * WARNING: The caller does not take ownership of the resulting |DH|, so
+ * |callback| must save and release the object elsewhere. */
+OPENSSL_EXPORT void SSL_set_tmp_dh_callback(SSL *ssl,
+ DH *(*dh)(SSL *ssl, int is_export,
+ int keylength));
+
+
+/* Certificate verification.
+ *
+ * SSL may authenticate either endpoint with an X.509 certificate. Typically
+ * this is used to authenticate the server to the client. These functions
+ * configure certificate verification.
+ *
+ * WARNING: By default, certificate verification errors on a client are not
+ * fatal. See |SSL_VERIFY_NONE| This may be configured with
+ * |SSL_CTX_set_verify|.
+ *
+ * By default clients are anonymous but a server may request a certificate from
+ * the client by setting |SSL_VERIFY_PEER|.
+ *
+ * Many of these functions use OpenSSL's legacy X.509 stack which is
+ * underdocumented and deprecated, but the replacement isn't ready yet. For
+ * now, consumers may use the existing stack or bypass it by performing
+ * certificate verification externally. This may be done with
+ * |SSL_CTX_set_cert_verify_callback| or by extracting the chain with
+ * |SSL_get_peer_cert_chain| after the handshake. In the future, functions will
+ * be added to use the SSL stack without depending on any part of the legacy
+ * X.509 and ASN.1 stack. */
+
+/* SSL_VERIFY_NONE, on a client, verifies the server certificate but does not
+ * make errors fatal. The result may be checked with |SSL_get_verify_result|. On
+ * a server it does not request a client certificate. This is the default. */
+#define SSL_VERIFY_NONE 0x00
+
+/* SSL_VERIFY_PEER, on a client, makes server certificate errors fatal. On a
+ * server it requests a client certificate and makes errors fatal. However,
+ * anonymous clients are still allowed. See
+ * |SSL_VERIFY_FAIL_IF_NO_PEER_CERT|. */
+#define SSL_VERIFY_PEER 0x01
+
+/* SSL_VERIFY_FAIL_IF_NO_PEER_CERT configures a server to reject connections if
+ * the client declines to send a certificate. Otherwise |SSL_VERIFY_PEER| still
+ * allows anonymous clients. */
+#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
+
+/* SSL_VERIFY_PEER_IF_NO_OBC configures a server to request a client certificate
+ * if and only if Channel ID is not negotiated. */
+#define SSL_VERIFY_PEER_IF_NO_OBC 0x04
+
+/* SSL_CTX_set_verify configures certificate verification behavior. |mode| is
+ * one of the |SSL_VERIFY_*| values defined above. |callback|, if not NULL, is
+ * used to customize certificate verification. See the behavior of
+ * |X509_STORE_CTX_set_verify_cb|.
+ *
+ * The callback may use |SSL_get_ex_data_X509_STORE_CTX_idx| with
+ * |X509_STORE_CTX_get_ex_data| to look up the |SSL| from |store_ctx|. */
+OPENSSL_EXPORT void SSL_CTX_set_verify(
+ SSL_CTX *ctx, int mode, int (*callback)(int ok, X509_STORE_CTX *store_ctx));
+
+/* SSL_set_verify configures certificate verification behavior. |mode| is one of
+ * the |SSL_VERIFY_*| values defined above. |callback|, if not NULL, is used to
+ * customize certificate verification. See the behavior of
+ * |X509_STORE_CTX_set_verify_cb|.
+ *
+ * The callback may use |SSL_get_ex_data_X509_STORE_CTX_idx| with
+ * |X509_STORE_CTX_get_ex_data| to look up the |SSL| from |store_ctx|. */
+OPENSSL_EXPORT void SSL_set_verify(SSL *ssl, int mode,
+ int (*callback)(int ok,
+ X509_STORE_CTX *store_ctx));
+
+/* SSL_CTX_get_verify_mode returns |ctx|'s verify mode, set by
+ * |SSL_CTX_set_verify|. */
+OPENSSL_EXPORT int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
+
+/* SSL_get_verify_mode returns |ssl|'s verify mode, set by |SSL_CTX_set_verify|
+ * or |SSL_set_verify|. */
+OPENSSL_EXPORT int SSL_get_verify_mode(const SSL *ssl);
+
+/* SSL_CTX_get_verify_callback returns the callback set by
+ * |SSL_CTX_set_verify|. */
+OPENSSL_EXPORT int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(
+ int ok, X509_STORE_CTX *store_ctx);
+
+/* SSL_get_verify_callback returns the callback set by |SSL_CTX_set_verify| or
+ * |SSL_set_verify|. */
+OPENSSL_EXPORT int (*SSL_get_verify_callback(const SSL *ssl))(
+ int ok, X509_STORE_CTX *store_ctx);
+
+/* SSL_CTX_set_verify_depth sets the maximum depth of a certificate chain
+ * accepted in verification. This number does not include the leaf, so a depth
+ * of 1 allows the leaf and one CA certificate. */
+OPENSSL_EXPORT void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
+
+/* SSL_set_verify_depth sets the maximum depth of a certificate chain accepted
+ * in verification. This number does not include the leaf, so a depth of 1
+ * allows the leaf and one CA certificate. */
+OPENSSL_EXPORT void SSL_set_verify_depth(SSL *ssl, int depth);
+
+/* SSL_CTX_get_verify_depth returns the maximum depth of a certificate accepted
+ * in verification. */
+OPENSSL_EXPORT int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
+
+/* SSL_get_verify_depth returns the maximum depth of a certificate accepted in
+ * verification. */
+OPENSSL_EXPORT int SSL_get_verify_depth(const SSL *ssl);
+
+/* SSL_CTX_set1_param sets verification parameters from |param|. It returns one
+ * on success and zero on failure. The caller retains ownership of |param|. */
+OPENSSL_EXPORT int SSL_CTX_set1_param(SSL_CTX *ctx,
+ const X509_VERIFY_PARAM *param);
+
+/* SSL_set1_param sets verification parameters from |param|. It returns one on
+ * success and zero on failure. The caller retains ownership of |param|. */
+OPENSSL_EXPORT int SSL_set1_param(SSL *ssl,
+ const X509_VERIFY_PARAM *param);
+
+/* SSL_CTX_get0_param returns |ctx|'s |X509_VERIFY_PARAM| for certificate
+ * verification. The caller must not release the returned pointer but may call
+ * functions on it to configure it. */
+OPENSSL_EXPORT X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx);
+
+/* SSL_get0_param returns |ssl|'s |X509_VERIFY_PARAM| for certificate
+ * verification. The caller must not release the returned pointer but may call
+ * functions on it to configure it. */
+OPENSSL_EXPORT X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl);
+
+/* SSL_CTX_set_purpose sets |ctx|'s |X509_VERIFY_PARAM|'s 'purpose' parameter to
+ * |purpose|. It returns one on success and zero on error. */
+OPENSSL_EXPORT int SSL_CTX_set_purpose(SSL_CTX *ctx, int purpose);
+
+/* SSL_set_purpose sets |ssl|'s |X509_VERIFY_PARAM|'s 'purpose' parameter to
+ * |purpose|. It returns one on success and zero on error. */
+OPENSSL_EXPORT int SSL_set_purpose(SSL *ssl, int purpose);
+
+/* SSL_CTX_set_trust sets |ctx|'s |X509_VERIFY_PARAM|'s 'trust' parameter to
+ * |trust|. It returns one on success and zero on error. */
+OPENSSL_EXPORT int SSL_CTX_set_trust(SSL_CTX *ctx, int trust);
+
+/* SSL_set_trust sets |ssl|'s |X509_VERIFY_PARAM|'s 'trust' parameter to
+ * |trust|. It returns one on success and zero on error. */
+OPENSSL_EXPORT int SSL_set_trust(SSL *ssl, int trust);
+
+/* SSL_CTX_set_cert_store sets |ctx|'s certificate store to |store|. It takes
+ * ownership of |store|. The store is used for certificate verification.
+ *
+ * The store is also used for the auto-chaining feature, but this is deprecated.
+ * See also |SSL_MODE_NO_AUTO_CHAIN|. */
+OPENSSL_EXPORT void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store);
+
+/* SSL_CTX_get_cert_store returns |ctx|'s certificate store. */
+OPENSSL_EXPORT X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx);
+
+/* SSL_CTX_set_default_verify_paths loads the OpenSSL system-default trust
+ * anchors into |ctx|'s store. It returns one on success and zero on failure. */
+OPENSSL_EXPORT int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
+
+/* SSL_CTX_load_verify_locations loads trust anchors into |ctx|'s store from
+ * |ca_file| and |ca_dir|, either of which may be NULL. If |ca_file| is passed,
+ * it is opened and PEM-encoded CA certificates are read. If |ca_dir| is passed,
+ * it is treated as a directory in OpenSSL's hashed directory format. It returns
+ * one on success and zero on failure.
+ *
+ * See
+ * https://www.openssl.org/docs/manmaster/ssl/SSL_CTX_load_verify_locations.html
+ * for documentation on the directory format. */
+OPENSSL_EXPORT int SSL_CTX_load_verify_locations(SSL_CTX *ctx,
+ const char *ca_file,
+ const char *ca_dir);
+
+/* SSL_get_verify_result returns the result of certificate verification. It is
+ * either |X509_V_OK| or a |X509_V_ERR_*| value. */
+OPENSSL_EXPORT long SSL_get_verify_result(const SSL *ssl);
+
+/* SSL_set_verify_result overrides the result of certificate verification. */
+OPENSSL_EXPORT void SSL_set_verify_result(SSL *ssl, long result);
+
+/* SSL_get_ex_data_X509_STORE_CTX_idx returns the ex_data index used to look up
+ * the |SSL| associated with an |X509_STORE_CTX| in the verify callback. */
+OPENSSL_EXPORT int SSL_get_ex_data_X509_STORE_CTX_idx(void);
+
+/* SSL_CTX_set_cert_verify_callback sets a custom callback to be called on
+ * certificate verification rather than |X509_verify_cert|. |store_ctx| contains
+ * the verification parameters. The callback should return one on success and
+ * zero on fatal error. It may use |X509_STORE_CTX_set_error| to set a
+ * verification result.
+ *
+ * The callback may use either the |arg| parameter or
+ * |SSL_get_ex_data_X509_STORE_CTX_idx| to recover the associated |SSL|
+ * object. */
+OPENSSL_EXPORT void SSL_CTX_set_cert_verify_callback(
+ SSL_CTX *ctx, int (*callback)(X509_STORE_CTX *store_ctx, void *arg),
+ void *arg);
+
+
+/* Client certificate CA list.
+ *
+ * When requesting a client certificate, a server may advertise a list of
+ * certificate authorities which are accepted. These functions may be used to
+ * configure this list. */
+
+/* SSL_set_client_CA_list sets |ssl|'s client certificate CA list to
+ * |name_list|. It takes ownership of |name_list|. */
+OPENSSL_EXPORT void SSL_set_client_CA_list(SSL *ssl,
+ STACK_OF(X509_NAME) *name_list);
+
+/* SSL_CTX_set_client_CA_list sets |ctx|'s client certificate CA list to
+ * |name_list|. It takes ownership of |name_list|. */
+OPENSSL_EXPORT void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,
+ STACK_OF(X509_NAME) *name_list);
+
+/* SSL_get_client_CA_list returns |ssl|'s client certificate CA list. */
+OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *ssl);
+
+/* SSL_CTX_get_client_CA_list returns |ctx|'s client certificate CA list. */
+OPENSSL_EXPORT STACK_OF(X509_NAME) *
+ SSL_CTX_get_client_CA_list(const SSL_CTX *ctx);
+
+/* SSL_add_client_CA appends |x509|'s subject to the client certificate CA list.
+ * It returns one on success or zero on error. The caller retains ownership of
+ * |x509|. */
+OPENSSL_EXPORT int SSL_add_client_CA(SSL *ssl, X509 *x509);
+
+/* SSL_CTX_add_client_CA appends |x509|'s subject to the client certificate CA
+ * list. It returns one on success or zero on error. The caller retains
+ * ownership of |x509|. */
+OPENSSL_EXPORT int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x509);
+
+/* SSL_load_client_CA_file opens |file| and reads PEM-encoded certificates from
+ * it. It returns a newly-allocated stack of the certificate subjects or NULL
+ * on error. */
+OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
+
+/* SSL_dup_CA_list makes a deep copy of |list|. It returns the new list on
+ * success or NULL on allocation error. */
+OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *list);
+
+/* SSL_add_file_cert_subjects_to_stack behaves like |SSL_load_client_CA_file|
+ * but appends the result to |out|. It returns one on success or zero on
+ * error. */
+OPENSSL_EXPORT int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *out,
+ const char *file);
+
+/* SSL_add_dir_cert_subjects_to_stack lists files in directory |dir|. It calls
+ * |SSL_add_file_cert_subjects_to_stack| on each file and returns one on success
+ * or zero on error. */
+OPENSSL_EXPORT int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *out,
+ const char *dir);
+
+
+/* Application-layer protocol negotation.
+ *
+ * The ALPN extension (RFC 7301) allows negotiating different application-layer
+ * protocols over a single port. This is used, for example, to negotiate
+ * HTTP/2. */
+
+/* SSL_CTX_set_alpn_protos sets the client ALPN protocol list on |ctx| to
+ * |protos|. |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
+ * length-prefixed strings). It returns zero on success and one on failure.
+ * Configuring this list enables ALPN on a client.
+ *
+ * WARNING: this function is dangerous because it breaks the usual return value
+ * convention. */
+OPENSSL_EXPORT int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const uint8_t *protos,
+ unsigned protos_len);
+
+/* SSL_set_alpn_protos sets the client ALPN protocol list on |ssl| to |protos|.
+ * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
+ * length-prefixed strings). It returns zero on success and one on failure.
+ * Configuring this list enables ALPN on a client.
+ *
+ * WARNING: this function is dangerous because it breaks the usual return value
+ * convention. */
+OPENSSL_EXPORT int SSL_set_alpn_protos(SSL *ssl, const uint8_t *protos,
+ unsigned protos_len);
+
+/* SSL_CTX_set_alpn_select_cb sets a callback function on |ctx| that is called
+ * during ClientHello processing in order to select an ALPN protocol from the
+ * client's list of offered protocols. Configuring this callback enables ALPN on
+ * a server.
+ *
+ * The callback is passed a wire-format (i.e. a series of non-empty, 8-bit
+ * length-prefixed strings) ALPN protocol list in |in|. It should set |*out| and
+ * |*out_len| to the selected protocol and return |SSL_TLSEXT_ERR_OK| on
+ * success. It does not pass ownership of the buffer. Otherwise, it should
+ * return |SSL_TLSEXT_ERR_NOACK|. Other |SSL_TLSEXT_ERR_*| values are
+ * unimplemented and will be treated as |SSL_TLSEXT_ERR_NOACK|. */
+OPENSSL_EXPORT void SSL_CTX_set_alpn_select_cb(
+ SSL_CTX *ctx, int (*cb)(SSL *ssl, const uint8_t **out, uint8_t *out_len,
+ const uint8_t *in, unsigned in_len, void *arg),
+ void *arg);
+
+/* SSL_get0_alpn_selected gets the selected ALPN protocol (if any) from |ssl|.
+ * On return it sets |*out_data| to point to |*out_len| bytes of protocol name
+ * (not including the leading length-prefix byte). If the server didn't respond
+ * with a negotiated protocol then |*out_len| will be zero. */
+OPENSSL_EXPORT void SSL_get0_alpn_selected(const SSL *ssl,
+ const uint8_t **out_data,
+ unsigned *out_len);
+
+
+/* Next protocol negotiation.
+ *
+ * The NPN extension (draft-agl-tls-nextprotoneg-03) is the predecessor to ALPN
+ * and deprecated in favor of it. */
+
+/* SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when a
+ * TLS server needs a list of supported protocols for Next Protocol
+ * Negotiation. The returned list must be in wire format. The list is returned
+ * by setting |*out| to point to it and |*out_len| to its length. This memory
+ * will not be modified, but one should assume that |ssl| keeps a reference to
+ * it.
+ *
+ * The callback should return |SSL_TLSEXT_ERR_OK| if it wishes to advertise.
+ * Otherwise, no such extension will be included in the ServerHello. */
+OPENSSL_EXPORT void SSL_CTX_set_next_protos_advertised_cb(
+ SSL_CTX *ctx,
+ int (*cb)(SSL *ssl, const uint8_t **out, unsigned *out_len, void *arg),
+ void *arg);
+
+/* SSL_CTX_set_next_proto_select_cb sets a callback that is called when a client
+ * needs to select a protocol from the server's provided list. |*out| must be
+ * set to point to the selected protocol (which may be within |in|). The length
+ * of the protocol name must be written into |*out_len|. The server's advertised
+ * protocols are provided in |in| and |in_len|. The callback can assume that
+ * |in| is syntactically valid.
+ *
+ * The client must select a protocol. It is fatal to the connection if this
+ * callback returns a value other than |SSL_TLSEXT_ERR_OK|.
+ *
+ * Configuring this callback enables NPN on a client. */
+OPENSSL_EXPORT void SSL_CTX_set_next_proto_select_cb(
+ SSL_CTX *ctx, int (*cb)(SSL *ssl, uint8_t **out, uint8_t *out_len,
+ const uint8_t *in, unsigned in_len, void *arg),
+ void *arg);
+
+/* SSL_get0_next_proto_negotiated sets |*out_data| and |*out_len| to point to
+ * the client's requested protocol for this connection. If the client didn't
+ * request any protocol, then |*out_data| is set to NULL.
+ *
+ * Note that the client can request any protocol it chooses. The value returned
+ * from this function need not be a member of the list of supported protocols
+ * provided by the server. */
+OPENSSL_EXPORT void SSL_get0_next_proto_negotiated(const SSL *ssl,
+ const uint8_t **out_data,
+ unsigned *out_len);
+
+/* SSL_select_next_proto implements the standard protocol selection. It is
+ * expected that this function is called from the callback set by
+ * |SSL_CTX_set_next_proto_select_cb|.
+ *
+ * The protocol data is assumed to be a vector of 8-bit, length prefixed byte
+ * strings. The length byte itself is not included in the length. A byte
+ * string of length 0 is invalid. No byte string may be truncated.
+ *
+ * The current, but experimental algorithm for selecting the protocol is:
+ *
+ * 1) If the server doesn't support NPN then this is indicated to the
+ * callback. In this case, the client application has to abort the connection
+ * or have a default application level protocol.
+ *
+ * 2) If the server supports NPN, but advertises an empty list then the
+ * client selects the first protcol in its list, but indicates via the
+ * API that this fallback case was enacted.
+ *
+ * 3) Otherwise, the client finds the first protocol in the server's list
+ * that it supports and selects this protocol. This is because it's
+ * assumed that the server has better information about which protocol
+ * a client should use.
+ *
+ * 4) If the client doesn't support any of the server's advertised
+ * protocols, then this is treated the same as case 2.
+ *
+ * It returns either |OPENSSL_NPN_NEGOTIATED| if a common protocol was found, or
+ * |OPENSSL_NPN_NO_OVERLAP| if the fallback case was reached. */
+OPENSSL_EXPORT int SSL_select_next_proto(uint8_t **out, uint8_t *out_len,
+ const uint8_t *server,
+ unsigned server_len,
+ const uint8_t *client,
+ unsigned client_len);
+
+#define OPENSSL_NPN_UNSUPPORTED 0
+#define OPENSSL_NPN_NEGOTIATED 1
+#define OPENSSL_NPN_NO_OVERLAP 2
+
+
+/* Channel ID.
+ *
+ * See draft-balfanz-tls-channelid-01. */
+
+/* SSL_CTX_enable_tls_channel_id either configures a TLS server to accept TLS
+ * Channel IDs from clients, or configures a client to send TLS Channel IDs to
+ * a server. It returns one. */
+OPENSSL_EXPORT int SSL_CTX_enable_tls_channel_id(SSL_CTX *ctx);
+
+/* SSL_enable_tls_channel_id either configures a TLS server to accept TLS
+ * Channel IDs from clients, or configures a client to send TLS Channel IDs to
+ * server. It returns one. */
+OPENSSL_EXPORT int SSL_enable_tls_channel_id(SSL *ssl);
+
+/* SSL_CTX_set1_tls_channel_id configures a TLS client to send a TLS Channel ID
+ * to compatible servers. |private_key| must be a P-256 EC key. It returns one
+ * on success and zero on error. */
+OPENSSL_EXPORT int SSL_CTX_set1_tls_channel_id(SSL_CTX *ctx,
+ EVP_PKEY *private_key);
+
+/* SSL_set1_tls_channel_id configures a TLS client to send a TLS Channel ID to
+ * compatible servers. |private_key| must be a P-256 EC key. It returns one on
+ * success and zero on error. */
+OPENSSL_EXPORT int SSL_set1_tls_channel_id(SSL *ssl, EVP_PKEY *private_key);
+
+/* SSL_get_tls_channel_id gets the client's TLS Channel ID from a server |SSL*|
+ * and copies up to the first |max_out| bytes into |out|. The Channel ID
+ * consists of the client's P-256 public key as an (x,y) pair where each is a
+ * 32-byte, big-endian field element. It returns 0 if the client didn't offer a
+ * Channel ID and the length of the complete Channel ID otherwise. */
+OPENSSL_EXPORT size_t SSL_get_tls_channel_id(SSL *ssl, uint8_t *out,
+ size_t max_out);
+
+/* SSL_CTX_set_channel_id_cb sets a callback to be called when a TLS Channel ID
+ * is requested. The callback may set |*out_pkey| to a key, passing a reference
+ * to the caller. If none is returned, the handshake will pause and
+ * |SSL_get_error| will return |SSL_ERROR_WANT_CHANNEL_ID_LOOKUP|.
+ *
+ * See also |SSL_ERROR_WANT_CHANNEL_ID_LOOKUP|. */
+OPENSSL_EXPORT void SSL_CTX_set_channel_id_cb(
+ SSL_CTX *ctx, void (*channel_id_cb)(SSL *ssl, EVP_PKEY **out_pkey));
+
+/* SSL_CTX_get_channel_id_cb returns the callback set by
+ * |SSL_CTX_set_channel_id_cb|. */
+OPENSSL_EXPORT void (*SSL_CTX_get_channel_id_cb(SSL_CTX *ctx))(
+ SSL *ssl, EVP_PKEY **out_pkey);
+
+
+/* DTLS-SRTP.
+ *
+ * See RFC 5764. */
+
+/* An SRTP_PROTECTION_PROFILE is an SRTP profile for use with the use_srtp
+ * extension. */
+struct srtp_protection_profile_st {
+ const char *name;
+ unsigned long id;
+} /* SRTP_PROTECTION_PROFILE */;
+
+DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
+
+/* SRTP_* define constants for SRTP profiles. */
+#define SRTP_AES128_CM_SHA1_80 0x0001
+#define SRTP_AES128_CM_SHA1_32 0x0002
+#define SRTP_AES128_F8_SHA1_80 0x0003
+#define SRTP_AES128_F8_SHA1_32 0x0004
+#define SRTP_NULL_SHA1_80 0x0005
+#define SRTP_NULL_SHA1_32 0x0006
+
+/* SSL_CTX_set_srtp_profiles enables SRTP for all SSL objects created from
+ * |ctx|. |profile| contains a colon-separated list of profile names. It returns
+ * one on success and zero on failure. */
+OPENSSL_EXPORT int SSL_CTX_set_srtp_profiles(SSL_CTX *ctx,
+ const char *profiles);
+
+/* SSL_set_srtp_profiles enables SRTP for |ssl|. |profile| contains a
+ * colon-separated list of profile names. It returns one on success and zero on
+ * failure. */
+OPENSSL_EXPORT int SSL_set_srtp_profiles(SSL *ssl, const char *profiles);
+
+/* SSL_get_srtp_profiles returns the SRTP profiles supported by |ssl|. */
+OPENSSL_EXPORT STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(
+ SSL *ssl);
+
+/* SSL_get_selected_srtp_profile returns the selected SRTP profile, or NULL if
+ * SRTP was not negotiated. */
+OPENSSL_EXPORT const SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(
+ SSL *ssl);
+
+
+/* Pre-shared keys.
+ *
+ * Connections may be configured with PSK (Pre-Shared Key) cipher suites. These
+ * authenticate using out-of-band pre-shared keys rather than certificates. See
+ * RFC 4279.
+ *
+ * This implementation uses NUL-terminated C strings for identities and identity
+ * hints, so values with a NUL character are not supported. (RFC 4279 does not
+ * specify the format of an identity.) */
+
+/* PSK_MAX_IDENTITY_LEN is the maximum supported length of a PSK identity,
+ * excluding the NUL terminator. */
+#define PSK_MAX_IDENTITY_LEN 128
+
+/* PSK_MAX_PSK_LEN is the maximum supported length of a pre-shared key. */
+#define PSK_MAX_PSK_LEN 256
+
+/* SSL_CTX_set_psk_client_callback sets the callback to be called when PSK is
+ * negotiated on the client. This callback must be set to enable PSK cipher
+ * suites on the client.
+ *
+ * The callback is passed the identity hint in |hint| or NULL if none was
+ * provided. It should select a PSK identity and write the identity and the
+ * corresponding PSK to |identity| and |psk|, respectively. The identity is
+ * written as a NUL-terminated C string of length (excluding the NUL terminator)
+ * at most |max_identity_len|. The PSK's length must be at most |max_psk_len|.
+ * The callback returns the length of the PSK or 0 if no suitable identity was
+ * found. */
+OPENSSL_EXPORT void SSL_CTX_set_psk_client_callback(
+ SSL_CTX *ctx,
+ unsigned (*psk_client_callback)(
+ SSL *ssl, const char *hint, char *identity,
+ unsigned max_identity_len, uint8_t *psk, unsigned max_psk_len));
+
+/* SSL_set_psk_client_callback sets the callback to be called when PSK is
+ * negotiated on the client. This callback must be set to enable PSK cipher
+ * suites on the client. See also |SSL_CTX_set_psk_client_callback|. */
+OPENSSL_EXPORT void SSL_set_psk_client_callback(
+ SSL *ssl, unsigned (*psk_client_callback)(SSL *ssl, const char *hint,
+ char *identity,
+ unsigned max_identity_len,
+ uint8_t *psk,
+ unsigned max_psk_len));
+
+/* SSL_CTX_set_psk_server_callback sets the callback to be called when PSK is
+ * negotiated on the server. This callback must be set to enable PSK cipher
+ * suites on the server.
+ *
+ * The callback is passed the identity in |identity|. It should write a PSK of
+ * length at most |max_psk_len| to |psk| and return the number of bytes written
+ * or zero if the PSK identity is unknown. */
+OPENSSL_EXPORT void SSL_CTX_set_psk_server_callback(
+ SSL_CTX *ctx,
+ unsigned (*psk_server_callback)(SSL *ssl, const char *identity,
+ uint8_t *psk,
+ unsigned max_psk_len));
+
+/* SSL_set_psk_server_callback sets the callback to be called when PSK is
+ * negotiated on the server. This callback must be set to enable PSK cipher
+ * suites on the server. See also |SSL_CTX_set_psk_server_callback|. */
+OPENSSL_EXPORT void SSL_set_psk_server_callback(
+ SSL *ssl,
+ unsigned (*psk_server_callback)(SSL *ssl, const char *identity,
+ uint8_t *psk,
+ unsigned max_psk_len));
+
+/* SSL_CTX_use_psk_identity_hint configures server connections to advertise an
+ * identity hint of |identity_hint|. It returns one on success and zero on
+ * error. */
+OPENSSL_EXPORT int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx,
+ const char *identity_hint);
+
+/* SSL_use_psk_identity_hint configures server connections to advertise an
+ * identity hint of |identity_hint|. It returns one on success and zero on
+ * error. */
+OPENSSL_EXPORT int SSL_use_psk_identity_hint(SSL *ssl,
+ const char *identity_hint);
+
+/* SSL_get_psk_identity_hint returns the PSK identity hint advertised for |ssl|
+ * or NULL if there is none. */
+OPENSSL_EXPORT const char *SSL_get_psk_identity_hint(const SSL *ssl);
+
+/* SSL_get_psk_identity, after the handshake completes, returns the PSK identity
+ * that was negotiated by |ssl| or NULL if PSK was not used. */
+OPENSSL_EXPORT const char *SSL_get_psk_identity(const SSL *ssl);
+
+
+/* ex_data functions.
+ *
+ * See |ex_data.h| for details. */
+
+OPENSSL_EXPORT int SSL_set_ex_data(SSL *ssl, int idx, void *data);
+OPENSSL_EXPORT void *SSL_get_ex_data(const SSL *ssl, int idx);
+OPENSSL_EXPORT int SSL_get_ex_new_index(long argl, void *argp,
+ CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+
+OPENSSL_EXPORT int SSL_SESSION_set_ex_data(SSL_SESSION *session, int idx,
+ void *data);
+OPENSSL_EXPORT void *SSL_SESSION_get_ex_data(const SSL_SESSION *session,
+ int idx);
+OPENSSL_EXPORT int SSL_SESSION_get_ex_new_index(long argl, void *argp,
+ CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+
+OPENSSL_EXPORT int SSL_CTX_set_ex_data(SSL_CTX *ctx, int idx, void *data);
+OPENSSL_EXPORT void *SSL_CTX_get_ex_data(const SSL_CTX *ctx, int idx);
+OPENSSL_EXPORT int SSL_CTX_get_ex_new_index(long argl, void *argp,
+ CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func,
+ CRYPTO_EX_free *free_func);
+
+
+/* Obscure functions. */
+
+/* SSL_get_rc4_state sets |*read_key| and |*write_key| to the RC4 states for
+ * the read and write directions. It returns one on success or zero if |ssl|
+ * isn't using an RC4-based cipher suite. */
+OPENSSL_EXPORT int SSL_get_rc4_state(const SSL *ssl, const RC4_KEY **read_key,
+ const RC4_KEY **write_key);
+
+/* SSL_get_structure_sizes returns the sizes of the SSL, SSL_CTX and
+ * SSL_SESSION structures so that a test can ensure that outside code agrees on
+ * these values. */
+OPENSSL_EXPORT void SSL_get_structure_sizes(size_t *ssl_size,
+ size_t *ssl_ctx_size,
+ size_t *ssl_session_size);
+
/* Underdocumented functions.
*
@@ -607,122 +2252,14 @@ OPENSSL_EXPORT int SSL_get_tls_unique(const SSL *ssl, uint8_t *out,
#define SSL_SENT_SHUTDOWN 1
#define SSL_RECEIVED_SHUTDOWN 2
-#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
-#define SSL_FILETYPE_PEM X509_FILETYPE_PEM
-
typedef struct ssl_protocol_method_st SSL_PROTOCOL_METHOD;
-typedef struct ssl_session_st SSL_SESSION;
-typedef struct tls_sigalgs_st TLS_SIGALGS;
typedef struct ssl_conf_ctx_st SSL_CONF_CTX;
typedef struct ssl3_enc_method SSL3_ENC_METHOD;
-/* SRTP protection profiles for use with the use_srtp extension (RFC 5764). */
-typedef struct srtp_protection_profile_st {
- const char *name;
- unsigned long id;
-} SRTP_PROTECTION_PROFILE;
-
-DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
-
-/* An SSL_SESSION represents an SSL session that may be resumed in an
- * abbreviated handshake. */
-struct ssl_session_st {
- int ssl_version; /* what ssl version session info is being kept in here? */
-
- int master_key_length;
- uint8_t master_key[SSL_MAX_MASTER_KEY_LENGTH];
- /* session_id - valid? */
- unsigned int session_id_length;
- uint8_t session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
- /* this is used to determine whether the session is being reused in
- * the appropriate context. It is up to the application to set this,
- * via SSL_new */
- unsigned int sid_ctx_length;
- uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-
- char *psk_identity;
- /* Used to indicate that session resumption is not allowed. Applications can
- * also set this bit for a new session via not_resumable_session_cb to
- * disable session caching and tickets. */
- int not_resumable;
-
- /* The cert is the certificate used to establish this connection */
- struct sess_cert_st /* SESS_CERT */ *sess_cert;
-
- /* This is the cert for the other end. On clients, it will be the same as
- * sess_cert->peer_key->x509 (the latter is not enough as sess_cert is not
- * retained in the external representation of sessions, see ssl_asn1.c). */
- X509 *peer;
- /* when app_verify_callback accepts a session where the peer's certificate is
- * not ok, we must remember the error for session reuse: */
- long verify_result; /* only for servers */
-
- CRYPTO_refcount_t references;
- long timeout;
- long time;
-
- const SSL_CIPHER *cipher;
-
- CRYPTO_EX_DATA ex_data; /* application specific data */
-
- /* These are used to make removal of session-ids more efficient and to
- * implement a maximum cache size. */
- SSL_SESSION *prev, *next;
- char *tlsext_hostname;
- /* RFC4507 info */
- uint8_t *tlsext_tick; /* Session ticket */
- size_t tlsext_ticklen; /* Session ticket length */
- uint32_t tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
-
- size_t tlsext_signed_cert_timestamp_list_length;
- uint8_t *tlsext_signed_cert_timestamp_list; /* Server's list. */
-
- /* The OCSP response that came with the session. */
- size_t ocsp_response_length;
- uint8_t *ocsp_response;
-
- char peer_sha256_valid; /* Non-zero if peer_sha256 is valid */
- uint8_t
- peer_sha256[SHA256_DIGEST_LENGTH]; /* SHA256 of peer certificate */
-
- /* original_handshake_hash contains the handshake hash (either SHA-1+MD5 or
- * SHA-2, depending on TLS version) for the original, full handshake that
- * created a session. This is used by Channel IDs during resumption. */
- uint8_t original_handshake_hash[EVP_MAX_MD_SIZE];
- unsigned int original_handshake_hash_len;
-
- /* extended_master_secret is true if the master secret in this session was
- * generated using EMS and thus isn't vulnerable to the Triple Handshake
- * attack. */
- char extended_master_secret;
-};
-
-
-/* Cert related flags */
-/* Many implementations ignore some aspects of the TLS standards such as
- * enforcing certifcate chain algorithms. When this is set we enforce them. */
-#define SSL_CERT_FLAG_TLS_STRICT 0x00000001L
-
-/* Flags for building certificate chains */
-/* Treat any existing certificates as untrusted CAs */
-#define SSL_BUILD_CHAIN_FLAG_UNTRUSTED 0x1
-/* Don't include root CA in chain */
-#define SSL_BUILD_CHAIN_FLAG_NO_ROOT 0x2
-/* Just check certificates already there */
-#define SSL_BUILD_CHAIN_FLAG_CHECK 0x4
-/* Ignore verification errors */
-#define SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR 0x8
-/* Clear verification errors from queue */
-#define SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR 0x10
-
/* SSL_set_mtu sets the |ssl|'s MTU in DTLS to |mtu|. It returns one on success
* and zero on failure. */
OPENSSL_EXPORT int SSL_set_mtu(SSL *ssl, unsigned mtu);
-/* SSL_get_secure_renegotiation_support returns one if the peer supports secure
- * renegotiation (RFC 5746) and zero otherwise. */
-OPENSSL_EXPORT int SSL_get_secure_renegotiation_support(const SSL *ssl);
-
/* SSL_CTX_set_msg_callback installs |cb| as the message callback for |ctx|.
* This callback will be called when sending or receiving low-level record
* headers, complete handshake messages, ChangeCipherSpec, and alerts.
@@ -768,26 +2305,6 @@ typedef struct ssl_aead_ctx_st SSL_AEAD_CTX;
#define SSL_MAX_CERT_LIST_DEFAULT 1024 * 100 /* 100k max cert list */
-#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024 * 20)
-
-#define SSL_DEFAULT_SESSION_TIMEOUT (2 * 60 * 60)
-
-/* This callback type is used inside SSL_CTX, SSL, and in the functions that
- * set them. It is used to override the generation of SSL/TLS session IDs in a
- * server. Return value should be zero on an error, non-zero to proceed. Also,
- * callbacks should themselves check if the id they generate is unique
- * otherwise the SSL handshake will fail with an error - callbacks can do this
- * using the 'ssl' value they're passed by;
- * SSL_has_matching_session_id(ssl, id, *id_len)
- * The length value passed in is set at the maximum size the session ID can be.
- * In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback
- * can alter this length to be less if desired, but under SSLv2 session IDs are
- * supposed to be fixed at 16 bytes so the id will be padded after the callback
- * returns in this case. It is also an error for the callback to set the size
- * to zero. */
-typedef int (*GEN_SESSION_CB)(const SSL *ssl, uint8_t *id,
- unsigned int *id_len);
-
/* ssl_early_callback_ctx is passed to certain callbacks that are called very
* early on during the server handshake. At this point, much of the SSL* hasn't
* been filled out and only the ClientHello can be depended on. */
@@ -814,6 +2331,511 @@ OPENSSL_EXPORT char SSL_early_callback_ctx_extension_get(
const struct ssl_early_callback_ctx *ctx, uint16_t extension_type,
const uint8_t **out_data, size_t *out_len);
+OPENSSL_EXPORT void SSL_CTX_set_info_callback(SSL_CTX *ctx,
+ void (*cb)(const SSL *ssl,
+ int type, int val));
+OPENSSL_EXPORT void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,
+ int type,
+ int val);
+OPENSSL_EXPORT void SSL_CTX_set_client_cert_cb(
+ SSL_CTX *ctx,
+ int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
+OPENSSL_EXPORT int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl,
+ X509 **x509,
+ EVP_PKEY **pkey);
+/* SSL_enable_signed_cert_timestamps causes |ssl| (which must be the client end
+ * of a connection) to request SCTs from the server. See
+ * https://tools.ietf.org/html/rfc6962. It returns one. */
+OPENSSL_EXPORT int SSL_enable_signed_cert_timestamps(SSL *ssl);
+
+/* SSL_CTX_enable_signed_cert_timestamps enables SCT requests on all client SSL
+ * objects created from |ctx|. */
+OPENSSL_EXPORT void SSL_CTX_enable_signed_cert_timestamps(SSL_CTX *ctx);
+
+/* SSL_enable_ocsp_stapling causes |ssl| (which must be the client end of a
+ * connection) to request a stapled OCSP response from the server. It returns
+ * one. */
+OPENSSL_EXPORT int SSL_enable_ocsp_stapling(SSL *ssl);
+
+/* SSL_CTX_enable_ocsp_stapling enables OCSP stapling on all client SSL objects
+ * created from |ctx|. */
+OPENSSL_EXPORT void SSL_CTX_enable_ocsp_stapling(SSL_CTX *ctx);
+
+/* SSL_get0_signed_cert_timestamp_list sets |*out| and |*out_len| to point to
+ * |*out_len| bytes of SCT information from the server. This is only valid if
+ * |ssl| is a client. The SCT information is a SignedCertificateTimestampList
+ * (including the two leading length bytes).
+ * See https://tools.ietf.org/html/rfc6962#section-3.3
+ * If no SCT was received then |*out_len| will be zero on return.
+ *
+ * WARNING: the returned data is not guaranteed to be well formed. */
+OPENSSL_EXPORT void SSL_get0_signed_cert_timestamp_list(const SSL *ssl,
+ const uint8_t **out,
+ size_t *out_len);
+
+/* SSL_get0_ocsp_response sets |*out| and |*out_len| to point to |*out_len|
+ * bytes of an OCSP response from the server. This is the DER encoding of an
+ * OCSPResponse type as defined in RFC 2560.
+ *
+ * WARNING: the returned data is not guaranteed to be well formed. */
+OPENSSL_EXPORT void SSL_get0_ocsp_response(const SSL *ssl, const uint8_t **out,
+ size_t *out_len);
+
+/* SSL_set_reject_peer_renegotiations controls whether renegotiation attempts by
+ * the peer are rejected. It may be set at any point in a connection's lifetime
+ * to control future renegotiations programmatically. By default, renegotiations
+ * are rejected. (Renegotiations requested by a client are always rejected.) */
+OPENSSL_EXPORT void SSL_set_reject_peer_renegotiations(SSL *ssl, int reject);
+
+#define SSL_NOTHING 1
+#define SSL_WRITING 2
+#define SSL_READING 3
+#define SSL_X509_LOOKUP 4
+#define SSL_CHANNEL_ID_LOOKUP 5
+#define SSL_PENDING_SESSION 7
+#define SSL_CERTIFICATE_SELECTION_PENDING 8
+#define SSL_PRIVATE_KEY_OPERATION 9
+
+/* These will only be used when doing non-blocking IO */
+#define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
+#define SSL_want_read(s) (SSL_want(s) == SSL_READING)
+#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
+#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
+#define SSL_want_channel_id_lookup(s) (SSL_want(s) == SSL_CHANNEL_ID_LOOKUP)
+#define SSL_want_session(s) (SSL_want(s) == SSL_PENDING_SESSION)
+#define SSL_want_certificate(s) \
+ (SSL_want(s) == SSL_CERTIFICATE_SELECTION_PENDING)
+#define SSL_want_private_key_operation(s) \
+ (SSL_want(s) == SSL_PRIVATE_KEY_OPERATION)
+
+/* The following are the possible values for ssl->state are are used to
+ * indicate where we are up to in the SSL connection establishment. The macros
+ * that follow are about the only things you should need to use and even then,
+ * only when using non-blocking IO. It can also be useful to work out where you
+ * were when the connection failed */
+
+#define SSL_ST_CONNECT 0x1000
+#define SSL_ST_ACCEPT 0x2000
+#define SSL_ST_MASK 0x0FFF
+#define SSL_ST_INIT (SSL_ST_CONNECT | SSL_ST_ACCEPT)
+#define SSL_ST_OK 0x03
+#define SSL_ST_RENEGOTIATE (0x04 | SSL_ST_INIT)
+
+#define SSL_CB_LOOP 0x01
+#define SSL_CB_EXIT 0x02
+#define SSL_CB_READ 0x04
+#define SSL_CB_WRITE 0x08
+#define SSL_CB_ALERT 0x4000 /* used in callback */
+#define SSL_CB_READ_ALERT (SSL_CB_ALERT | SSL_CB_READ)
+#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT | SSL_CB_WRITE)
+#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT | SSL_CB_LOOP)
+#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT | SSL_CB_EXIT)
+#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT | SSL_CB_LOOP)
+#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT | SSL_CB_EXIT)
+#define SSL_CB_HANDSHAKE_START 0x10
+#define SSL_CB_HANDSHAKE_DONE 0x20
+
+/* Is the SSL_connection established? */
+#define SSL_get_state(a) SSL_state(a)
+#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)
+#define SSL_in_init(a) (SSL_state(a) & SSL_ST_INIT)
+#define SSL_in_connect_init(a) (SSL_state(a) & SSL_ST_CONNECT)
+#define SSL_in_accept_init(a) (SSL_state(a) & SSL_ST_ACCEPT)
+
+/* SSL_in_false_start returns one if |s| has a pending unfinished handshake that
+ * is in False Start. |SSL_write| may be called at this point without waiting
+ * for the peer, but |SSL_read| will require the handshake to be completed. */
+OPENSSL_EXPORT int SSL_in_false_start(const SSL *s);
+
+/* Obtain latest Finished message
+ * -- that we sent (SSL_get_finished)
+ * -- that we expected from peer (SSL_get_peer_finished).
+ * Returns length (0 == no Finished so far), copies up to 'count' bytes. */
+OPENSSL_EXPORT size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
+OPENSSL_EXPORT size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
+
+#define d2i_SSL_SESSION_bio(bp, s_id) \
+ ASN1_d2i_bio_of(SSL_SESSION, SSL_SESSION_new, d2i_SSL_SESSION, bp, s_id)
+#define i2d_SSL_SESSION_bio(bp, s_id) \
+ ASN1_i2d_bio_of(SSL_SESSION, i2d_SSL_SESSION, bp, s_id)
+
+DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
+
+/* make_errors.go reserves error codes above 1000 for manually-assigned errors.
+ * This value must be kept in sync with reservedReasonCode in make_errors.h */
+#define SSL_AD_REASON_OFFSET \
+ 1000 /* offset to get SSL_R_... value from SSL_AD_... */
+
+/* These alert types are for SSLv3 and TLSv1 */
+#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
+#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */
+#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */
+#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED
+#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW
+#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE /* fatal */
+#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE /* fatal */
+#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */
+#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
+#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE
+#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED
+#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED
+#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN
+#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */
+#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */
+#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */
+#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */
+#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR
+#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION /* fatal */
+#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */
+#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY /* fatal */
+#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */
+#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
+#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
+#define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION
+#define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE
+#define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME
+#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE \
+ TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
+#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
+#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */
+#define SSL_AD_INAPPROPRIATE_FALLBACK SSL3_AD_INAPPROPRIATE_FALLBACK /* fatal */
+
+/* DTLSv1_get_timeout queries the next DTLS handshake timeout. If there is a
+ * timeout in progress, it sets |*out| to the time remaining and returns one.
+ * Otherwise, it returns zero.
+ *
+ * When the timeout expires, call |DTLSv1_handle_timeout| to handle the
+ * retransmit behavior.
+ *
+ * NOTE: This function must be queried again whenever the handshake state
+ * machine changes, including when |DTLSv1_handle_timeout| is called. */
+OPENSSL_EXPORT int DTLSv1_get_timeout(const SSL *ssl, struct timeval *out);
+
+/* DTLSv1_handle_timeout is called when a DTLS handshake timeout expires. If no
+ * timeout had expired, it returns 0. Otherwise, it retransmits the previous
+ * flight of handshake messages and returns 1. If too many timeouts had expired
+ * without progress or an error occurs, it returns -1.
+ *
+ * NOTE: The caller's external timer should be compatible with the one |ssl|
+ * queries within some fudge factor. Otherwise, the call will be a no-op, but
+ * |DTLSv1_get_timeout| will return an updated timeout.
+ *
+ * WARNING: This function breaks the usual return value convention. */
+OPENSSL_EXPORT int DTLSv1_handle_timeout(SSL *ssl);
+
+/* SSL_total_renegotiations returns the total number of renegotiation handshakes
+ * peformed by |ssl|. This includes the pending renegotiation, if any. */
+OPENSSL_EXPORT int SSL_total_renegotiations(const SSL *ssl);
+
+/* SSL_get0_certificate_types, for a client, sets |*out_types| to an array
+ * containing the client certificate types requested by a server. It returns the
+ * length of the array. */
+OPENSSL_EXPORT size_t SSL_get0_certificate_types(SSL *ssl,
+ const uint8_t **out_types);
+
+OPENSSL_EXPORT int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str);
+OPENSSL_EXPORT int SSL_CTX_set_cipher_list_tls10(SSL_CTX *, const char *str);
+OPENSSL_EXPORT int SSL_CTX_set_cipher_list_tls11(SSL_CTX *, const char *str);
+OPENSSL_EXPORT int SSL_want(const SSL *s);
+
+OPENSSL_EXPORT int SSL_get_fd(const SSL *s);
+OPENSSL_EXPORT int SSL_get_rfd(const SSL *s);
+OPENSSL_EXPORT int SSL_get_wfd(const SSL *s);
+OPENSSL_EXPORT const char *SSL_get_cipher_list(const SSL *s, int n);
+OPENSSL_EXPORT int SSL_pending(const SSL *s);
+OPENSSL_EXPORT int SSL_set_fd(SSL *s, int fd);
+OPENSSL_EXPORT int SSL_set_rfd(SSL *s, int fd);
+OPENSSL_EXPORT int SSL_set_wfd(SSL *s, int fd);
+OPENSSL_EXPORT int SSL_set_cipher_list(SSL *s, const char *str);
+
+OPENSSL_EXPORT const char *SSL_state_string(const SSL *s);
+OPENSSL_EXPORT const char *SSL_state_string_long(const SSL *s);
+
+OPENSSL_EXPORT int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses);
+OPENSSL_EXPORT int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses);
+
+OPENSSL_EXPORT STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
+
+/* SSL_renegotiate_pending returns one if |ssl| is in the middle of a
+ * renegotiation. */
+OPENSSL_EXPORT int SSL_renegotiate_pending(SSL *ssl);
+
+OPENSSL_EXPORT const char *SSL_alert_type_string_long(int value);
+OPENSSL_EXPORT const char *SSL_alert_type_string(int value);
+OPENSSL_EXPORT const char *SSL_alert_desc_string_long(int value);
+OPENSSL_EXPORT const char *SSL_alert_desc_string(int value);
+
+OPENSSL_EXPORT void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
+OPENSSL_EXPORT int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
+OPENSSL_EXPORT void SSL_set_quiet_shutdown(SSL *ssl, int mode);
+OPENSSL_EXPORT int SSL_get_quiet_shutdown(const SSL *ssl);
+OPENSSL_EXPORT void SSL_set_shutdown(SSL *ssl, int mode);
+OPENSSL_EXPORT int SSL_get_shutdown(const SSL *ssl);
+OPENSSL_EXPORT SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
+OPENSSL_EXPORT SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx);
+OPENSSL_EXPORT void SSL_set_info_callback(SSL *ssl,
+ void (*cb)(const SSL *ssl, int type,
+ int val));
+OPENSSL_EXPORT void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl,
+ int type, int val);
+OPENSSL_EXPORT int SSL_state(const SSL *ssl);
+
+/* SSL_CTX_get_max_cert_list returns the maximum length, in bytes, of a peer
+ * certificate chain accepted by |ctx|. */
+OPENSSL_EXPORT size_t SSL_CTX_get_max_cert_list(const SSL_CTX *ctx);
+
+/* SSL_CTX_set_max_cert_list sets the maximum length, in bytes, of a peer
+ * certificate chain to |max_cert_list|. This affects how much memory may be
+ * consumed during the handshake. */
+OPENSSL_EXPORT void SSL_CTX_set_max_cert_list(SSL_CTX *ctx,
+ size_t max_cert_list);
+
+/* SSL_get_max_cert_list returns the maximum length, in bytes, of a peer
+ * certificate chain accepted by |ssl|. */
+OPENSSL_EXPORT size_t SSL_get_max_cert_list(const SSL *ssl);
+
+/* SSL_set_max_cert_list sets the maximum length, in bytes, of a peer
+ * certificate chain to |max_cert_list|. This affects how much memory may be
+ * consumed during the handshake. */
+OPENSSL_EXPORT void SSL_set_max_cert_list(SSL *ssl, size_t max_cert_list);
+
+/* SSL_CTX_set_max_send_fragment sets the maximum length, in bytes, of records
+ * sent by |ctx|. Beyond this length, handshake messages and application data
+ * will be split into multiple records. */
+OPENSSL_EXPORT void SSL_CTX_set_max_send_fragment(SSL_CTX *ctx,
+ size_t max_send_fragment);
+
+/* SSL_set_max_send_fragment sets the maximum length, in bytes, of records
+ * sent by |ssl|. Beyond this length, handshake messages and application data
+ * will be split into multiple records. */
+OPENSSL_EXPORT void SSL_set_max_send_fragment(SSL *ssl,
+ size_t max_send_fragment);
+
+/* SSL_CTX_set_dos_protection_cb sets a callback that is called once the
+ * resumption decision for a ClientHello has been made. It can return 1 to
+ * allow the handshake to continue or zero to cause the handshake to abort. */
+OPENSSL_EXPORT void SSL_CTX_set_dos_protection_cb(
+ SSL_CTX *ctx, int (*cb)(const struct ssl_early_callback_ctx *));
+
+
+/* Deprecated functions. */
+
+/* SSL_CIPHER_description writes a description of |cipher| into |buf| and
+ * returns |buf|. If |buf| is NULL, it returns a newly allocated string, to be
+ * freed with |OPENSSL_free|, or NULL on error.
+ *
+ * The description includes a trailing newline and has the form:
+ * AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
+ *
+ * Consider |SSL_CIPHER_get_name| or |SSL_CIPHER_get_rfc_name| instead. */
+OPENSSL_EXPORT const char *SSL_CIPHER_description(const SSL_CIPHER *cipher,
+ char *buf, int len);
+
+/* SSL_CIPHER_get_version returns the string "TLSv1/SSLv3". */
+OPENSSL_EXPORT const char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+
+typedef void COMP_METHOD;
+
+/* SSL_COMP_get_compression_methods returns NULL. */
+OPENSSL_EXPORT COMP_METHOD *SSL_COMP_get_compression_methods(void);
+
+/* SSL_COMP_add_compression_method returns one. */
+OPENSSL_EXPORT int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
+
+/* SSL_COMP_get_name returns NULL. */
+OPENSSL_EXPORT const char *SSL_COMP_get_name(const COMP_METHOD *comp);
+
+/* SSLv23_method calls |TLS_method|. */
+OPENSSL_EXPORT const SSL_METHOD *SSLv23_method(void);
+
+/* Version-specific methods behave exactly like |TLS_method| and |DTLS_method|
+ * except they also call |SSL_CTX_set_min_version| and |SSL_CTX_set_max_version|
+ * to lock connections to that protocol version. */
+OPENSSL_EXPORT const SSL_METHOD *SSLv3_method(void);
+OPENSSL_EXPORT const SSL_METHOD *TLSv1_method(void);
+OPENSSL_EXPORT const SSL_METHOD *TLSv1_1_method(void);
+OPENSSL_EXPORT const SSL_METHOD *TLSv1_2_method(void);
+OPENSSL_EXPORT const SSL_METHOD *DTLSv1_method(void);
+OPENSSL_EXPORT const SSL_METHOD *DTLSv1_2_method(void);
+
+/* Client- and server-specific methods call their corresponding generic
+ * methods. */
+OPENSSL_EXPORT const SSL_METHOD *SSLv23_server_method(void);
+OPENSSL_EXPORT const SSL_METHOD *SSLv23_client_method(void);
+OPENSSL_EXPORT const SSL_METHOD *SSLv3_server_method(void);
+OPENSSL_EXPORT const SSL_METHOD *SSLv3_client_method(void);
+OPENSSL_EXPORT const SSL_METHOD *TLSv1_server_method(void);
+OPENSSL_EXPORT const SSL_METHOD *TLSv1_client_method(void);
+OPENSSL_EXPORT const SSL_METHOD *TLSv1_1_server_method(void);
+OPENSSL_EXPORT const SSL_METHOD *TLSv1_1_client_method(void);
+OPENSSL_EXPORT const SSL_METHOD *TLSv1_2_server_method(void);
+OPENSSL_EXPORT const SSL_METHOD *TLSv1_2_client_method(void);
+OPENSSL_EXPORT const SSL_METHOD *DTLS_server_method(void);
+OPENSSL_EXPORT const SSL_METHOD *DTLS_client_method(void);
+OPENSSL_EXPORT const SSL_METHOD *DTLSv1_server_method(void);
+OPENSSL_EXPORT const SSL_METHOD *DTLSv1_client_method(void);
+OPENSSL_EXPORT const SSL_METHOD *DTLSv1_2_server_method(void);
+OPENSSL_EXPORT const SSL_METHOD *DTLSv1_2_client_method(void);
+
+/* SSL_clear resets |ssl| to allow another connection and returns one on success
+ * or zero on failure. It returns most configuration state but releases memory
+ * associated with the current connection.
+ *
+ * Free |ssl| and create a new one instead. */
+OPENSSL_EXPORT int SSL_clear(SSL *ssl);
+
+/* SSL_CTX_set_tmp_rsa_callback does nothing. */
+OPENSSL_EXPORT void SSL_CTX_set_tmp_rsa_callback(
+ SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export, int keylength));
+
+/* SSL_set_tmp_rsa_callback does nothing. */
+OPENSSL_EXPORT void SSL_set_tmp_rsa_callback(SSL *ssl,
+ RSA *(*cb)(SSL *ssl, int is_export,
+ int keylength));
+
+/* SSL_CTX_sess_connect returns zero. */
+OPENSSL_EXPORT int SSL_CTX_sess_connect(const SSL_CTX *ctx);
+
+/* SSL_CTX_sess_connect_good returns zero. */
+OPENSSL_EXPORT int SSL_CTX_sess_connect_good(const SSL_CTX *ctx);
+
+/* SSL_CTX_sess_connect_renegotiate returns zero. */
+OPENSSL_EXPORT int SSL_CTX_sess_connect_renegotiate(const SSL_CTX *ctx);
+
+/* SSL_CTX_sess_accept returns zero. */
+OPENSSL_EXPORT int SSL_CTX_sess_accept(const SSL_CTX *ctx);
+
+/* SSL_CTX_sess_accept_renegotiate returns zero. */
+OPENSSL_EXPORT int SSL_CTX_sess_accept_renegotiate(const SSL_CTX *ctx);
+
+/* SSL_CTX_sess_accept_good returns zero. */
+OPENSSL_EXPORT int SSL_CTX_sess_accept_good(const SSL_CTX *ctx);
+
+/* SSL_CTX_sess_hits returns zero. */
+OPENSSL_EXPORT int SSL_CTX_sess_hits(const SSL_CTX *ctx);
+
+/* SSL_CTX_sess_cb_hits returns zero. */
+OPENSSL_EXPORT int SSL_CTX_sess_cb_hits(const SSL_CTX *ctx);
+
+/* SSL_CTX_sess_misses returns zero. */
+OPENSSL_EXPORT int SSL_CTX_sess_misses(const SSL_CTX *ctx);
+
+/* SSL_CTX_sess_timeouts returns zero. */
+OPENSSL_EXPORT int SSL_CTX_sess_timeouts(const SSL_CTX *ctx);
+
+/* SSL_CTX_sess_cache_full returns zero. */
+OPENSSL_EXPORT int SSL_CTX_sess_cache_full(const SSL_CTX *ctx);
+
+/* SSL_cutthrough_complete calls |SSL_in_false_start|. */
+OPENSSL_EXPORT int SSL_cutthrough_complete(const SSL *s);
+
+/* SSL_num_renegotiations calls |SSL_total_renegotiations|. */
+OPENSSL_EXPORT int SSL_num_renegotiations(const SSL *ssl);
+
+/* SSL_CTX_need_tmp_RSA returns zero. */
+OPENSSL_EXPORT int SSL_CTX_need_tmp_RSA(const SSL_CTX *ctx);
+
+/* SSL_need_tmp_RSA returns zero. */
+OPENSSL_EXPORT int SSL_need_tmp_RSA(const SSL *ssl);
+
+/* SSL_CTX_set_tmp_rsa returns one. */
+OPENSSL_EXPORT int SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, const RSA *rsa);
+
+/* SSL_set_tmp_rsa returns one. */
+OPENSSL_EXPORT int SSL_set_tmp_rsa(SSL *ssl, const RSA *rsa);
+
+/* SSL_CTX_get_read_ahead returns zero. */
+OPENSSL_EXPORT int SSL_CTX_get_read_ahead(const SSL_CTX *ctx);
+
+/* SSL_CTX_set_read_ahead does nothing. */
+OPENSSL_EXPORT void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes);
+
+/* SSL_get_read_ahead returns zero. */
+OPENSSL_EXPORT int SSL_get_read_ahead(const SSL *s);
+
+/* SSL_set_read_ahead does nothing. */
+OPENSSL_EXPORT void SSL_set_read_ahead(SSL *s, int yes);
+
+/* SSL_renegotiate put an error on the error queue and returns zero. */
+OPENSSL_EXPORT int SSL_renegotiate(SSL *ssl);
+
+/* SSL_set_state does nothing. */
+OPENSSL_EXPORT void SSL_set_state(SSL *ssl, int state);
+
+/* SSL_MODE_HANDSHAKE_CUTTHROUGH is the same as SSL_MODE_ENABLE_FALSE_START. */
+#define SSL_MODE_HANDSHAKE_CUTTHROUGH SSL_MODE_ENABLE_FALSE_START
+
+/* i2d_SSL_SESSION serializes |in| to the bytes pointed to by |*pp|. On success,
+ * it returns the number of bytes written and advances |*pp| by that many bytes.
+ * On failure, it returns -1. If |pp| is NULL, no bytes are written and only the
+ * length is returned.
+ *
+ * Use |SSL_SESSION_to_bytes| instead. */
+OPENSSL_EXPORT int i2d_SSL_SESSION(SSL_SESSION *in, uint8_t **pp);
+
+/* d2i_SSL_SESSION parses a serialized session from the |length| bytes pointed
+ * to by |*pp|. It returns the new |SSL_SESSION| and advances |*pp| by the
+ * number of bytes consumed on success and NULL on failure. The caller takes
+ * ownership of the new session and must call |SSL_SESSION_free| when done.
+ *
+ * If |a| is non-NULL, |*a| is released and set the new |SSL_SESSION|.
+ *
+ * Use |SSL_SESSION_from_bytes| instead. */
+OPENSSL_EXPORT SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const uint8_t **pp,
+ long length);
+
+/* ERR_load_SSL_strings does nothing. */
+OPENSSL_EXPORT void ERR_load_SSL_strings(void);
+
+/* SSL_load_error_strings does nothing. */
+OPENSSL_EXPORT void SSL_load_error_strings(void);
+
+/* SSL_CTX_set_tlsext_use_srtp calls |SSL_CTX_set_srtp_profiles|. It returns
+ * zero on success and one on failure.
+ *
+ * WARNING: this function is dangerous because it breaks the usual return value
+ * convention. Use |SSL_CTX_set_srtp_profiles| instead. */
+OPENSSL_EXPORT int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx,
+ const char *profiles);
+
+/* SSL_set_tlsext_use_srtp calls |SSL_set_srtp_profiles|. It returns zero on
+ * success and one on failure.
+ *
+ * WARNING: this function is dangerous because it breaks the usual return value
+ * convention. Use |SSL_set_srtp_profiles| instead. */
+OPENSSL_EXPORT int SSL_set_tlsext_use_srtp(SSL *ssl, const char *profiles);
+
+/* SSL_get_current_compression returns NULL. */
+OPENSSL_EXPORT const COMP_METHOD *SSL_get_current_compression(SSL *s);
+
+/* SSL_get_current_expansion returns NULL. */
+OPENSSL_EXPORT const COMP_METHOD *SSL_get_current_expansion(SSL *s);
+
+#define SSL_set_app_data(s, arg) (SSL_set_ex_data(s, 0, (char *)arg))
+#define SSL_get_app_data(s) (SSL_get_ex_data(s, 0))
+#define SSL_SESSION_set_app_data(s, a) \
+ (SSL_SESSION_set_ex_data(s, 0, (char *)a))
+#define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s, 0))
+#define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx, 0))
+#define SSL_CTX_set_app_data(ctx, arg) \
+ (SSL_CTX_set_ex_data(ctx, 0, (char *)arg))
+
+#define OpenSSL_add_ssl_algorithms() SSL_library_init()
+#define SSLeay_add_ssl_algorithms() SSL_library_init()
+
+#define SSL_get_cipher(ssl) SSL_CIPHER_get_name(SSL_get_current_cipher(ssl))
+#define SSL_get_cipher_bits(ssl, out_alg_bits) \
+ SSL_CIPHER_get_bits(SSL_get_current_cipher(ssl), out_alg_bits)
+#define SSL_get_cipher_version(ssl) \
+ SSL_CIPHER_get_version(SSL_get_current_cipher(ssl))
+#define SSL_get_cipher_name(ssl) \
+ SSL_CIPHER_get_name(SSL_get_current_cipher(ssl))
+#define SSL_get_time(session) SSL_SESSION_get_time(session)
+#define SSL_set_time(session, time) SSL_SESSION_set_time((session), (time))
+#define SSL_get_timeout(session) SSL_SESSION_get_timeout(session)
+#define SSL_set_timeout(session, timeout) \
+ SSL_SESSION_set_timeout((session), (timeout))
+
typedef struct ssl_comp_st SSL_COMP;
struct ssl_comp_st {
@@ -823,7 +2845,165 @@ struct ssl_comp_st {
};
DECLARE_STACK_OF(SSL_COMP)
-DECLARE_LHASH_OF(SSL_SESSION)
+
+/* The following flags toggle individual protocol versions. This is deprecated.
+ * Use |SSL_CTX_set_min_version| and |SSL_CTX_set_max_version| instead. */
+#define SSL_OP_NO_SSLv3 0x02000000L
+#define SSL_OP_NO_TLSv1 0x04000000L
+#define SSL_OP_NO_TLSv1_2 0x08000000L
+#define SSL_OP_NO_TLSv1_1 0x10000000L
+#define SSL_OP_NO_DTLSv1 SSL_OP_NO_TLSv1
+#define SSL_OP_NO_DTLSv1_2 SSL_OP_NO_TLSv1_2
+
+/* The following flags do nothing and are included only to make it easier to
+ * compile code with BoringSSL. */
+#define SSL_MODE_AUTO_RETRY 0
+#define SSL_MODE_RELEASE_BUFFERS 0
+#define SSL_MODE_SEND_CLIENTHELLO_TIME 0
+#define SSL_MODE_SEND_SERVERHELLO_TIME 0
+#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0
+#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0
+#define SSL_OP_EPHEMERAL_RSA 0
+#define SSL_OP_MICROSOFT_SESS_ID_BUG 0
+#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0
+#define SSL_OP_NETSCAPE_CA_DN_BUG 0
+#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0
+#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0
+#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0
+#define SSL_OP_NO_COMPRESSION 0
+#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0
+#define SSL_OP_NO_SSLv2 0
+#define SSL_OP_PKCS1_CHECK_1 0
+#define SSL_OP_PKCS1_CHECK_2 0
+#define SSL_OP_SINGLE_DH_USE 0
+#define SSL_OP_SINGLE_ECDH_USE 0
+#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0
+#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0
+#define SSL_OP_TLS_BLOCK_PADDING_BUG 0
+#define SSL_OP_TLS_ROLLBACK_BUG 0
+#define SSL_VERIFY_CLIENT_ONCE 0
+
+/* SSL_cache_hit calls |SSL_session_resumed|. */
+OPENSSL_EXPORT int SSL_cache_hit(SSL *ssl);
+
+/* SSL_get_default_timeout returns |SSL_DEFAULT_SESSION_TIMEOUT|. */
+OPENSSL_EXPORT long SSL_get_default_timeout(const SSL *ssl);
+
+/* SSL_get_version returns a string describing the TLS version used by |ssl|.
+ * For example, "TLSv1.2" or "SSLv3". */
+OPENSSL_EXPORT const char *SSL_get_version(const SSL *ssl);
+
+
+/* Private structures.
+ *
+ * This structures are exposed for historical reasons, but access to them is
+ * deprecated. */
+
+struct ssl_cipher_st {
+ /* name is the OpenSSL name for the cipher. */
+ const char *name;
+ /* id is the cipher suite value bitwise OR-d with 0x03000000. */
+ uint32_t id;
+
+ /* The following are internal fields. See ssl/internal.h for their values. */
+
+ uint32_t algorithm_mkey;
+ uint32_t algorithm_auth;
+ uint32_t algorithm_enc;
+ uint32_t algorithm_mac;
+ uint32_t algorithm_ssl;
+ uint32_t algo_strength;
+ uint32_t algorithm_prf;
+
+ /* strength_bits is the strength of the cipher in bits. */
+ int strength_bits;
+ /* alg_bits is the number of bits of key material used by the algorithm. */
+ int alg_bits;
+};
+
+struct ssl_session_st {
+ int ssl_version; /* what ssl version session info is being kept in here? */
+
+ int master_key_length;
+ uint8_t master_key[SSL_MAX_MASTER_KEY_LENGTH];
+ /* session_id - valid? */
+ unsigned int session_id_length;
+ uint8_t session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
+ /* this is used to determine whether the session is being reused in
+ * the appropriate context. It is up to the application to set this,
+ * via SSL_new */
+ unsigned int sid_ctx_length;
+ uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH];
+
+ char *psk_identity;
+ /* Used to indicate that session resumption is not allowed. Applications can
+ * also set this bit for a new session via not_resumable_session_cb to
+ * disable session caching and tickets. */
+ int not_resumable;
+
+ /* peer is the peer's certificate. */
+ X509 *peer;
+
+ /* cert_chain is the certificate chain sent by the peer. NOTE: for historical
+ * reasons, when a client (so the peer is a server), the chain includes
+ * |peer|, but when a server it does not. */
+ STACK_OF(X509) *cert_chain;
+
+ /* when app_verify_callback accepts a session where the peer's certificate is
+ * not ok, we must remember the error for session reuse: */
+ long verify_result; /* only for servers */
+
+ CRYPTO_refcount_t references;
+ long timeout;
+ long time;
+
+ const SSL_CIPHER *cipher;
+
+ /* key_exchange_info contains an indication of the size of the asymmetric
+ * primitive used in the handshake that created this session. In the event
+ * that two asymmetric operations are used, this value applies to the one
+ * that controls the confidentiality of the connection. Its interpretation
+ * depends on the primitive that was used; as specified by the cipher suite:
+ * DHE: the size, in bits, of the multiplicative group.
+ * RSA: the size, in bits, of the modulus.
+ * ECDHE: the TLS id for the curve.
+ *
+ * A zero indicates that the value is unknown. */
+ uint32_t key_exchange_info;
+
+ CRYPTO_EX_DATA ex_data; /* application specific data */
+
+ /* These are used to make removal of session-ids more efficient and to
+ * implement a maximum cache size. */
+ SSL_SESSION *prev, *next;
+ char *tlsext_hostname;
+ /* RFC4507 info */
+ uint8_t *tlsext_tick; /* Session ticket */
+ size_t tlsext_ticklen; /* Session ticket length */
+ uint32_t tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
+
+ size_t tlsext_signed_cert_timestamp_list_length;
+ uint8_t *tlsext_signed_cert_timestamp_list; /* Server's list. */
+
+ /* The OCSP response that came with the session. */
+ size_t ocsp_response_length;
+ uint8_t *ocsp_response;
+
+ char peer_sha256_valid; /* Non-zero if peer_sha256 is valid */
+ uint8_t
+ peer_sha256[SHA256_DIGEST_LENGTH]; /* SHA256 of peer certificate */
+
+ /* original_handshake_hash contains the handshake hash (either SHA-1+MD5 or
+ * SHA-2, depending on TLS version) for the original, full handshake that
+ * created a session. This is used by Channel IDs during resumption. */
+ uint8_t original_handshake_hash[EVP_MAX_MD_SIZE];
+ unsigned int original_handshake_hash_len;
+
+ /* extended_master_secret is true if the master secret in this session was
+ * generated using EMS and thus isn't vulnerable to the Triple Handshake
+ * attack. */
+ char extended_master_secret;
+};
/* ssl_cipher_preference_list_st contains a list of SSL_CIPHERs with
* equal-preference groups. For TLS clients, the groups are moot because the
@@ -878,6 +3058,17 @@ struct ssl_ctx_st {
struct ssl_cipher_preference_list_st *cipher_list;
/* same as above but sorted for lookup */
STACK_OF(SSL_CIPHER) *cipher_list_by_id;
+
+ /* cipher_list_tls10 is the list of ciphers when TLS 1.0 or greater is in
+ * use. This only applies to server connections as, for clients, the version
+ * number is known at connect time and so the cipher list can be set then. If
+ * |cipher_list_tls11| is non-NULL then this applies only to TLS 1.0
+ * connections.
+ *
+ * TODO(agl): this exists to assist in the death of SSLv3. It can hopefully
+ * be removed after that. */
+ struct ssl_cipher_preference_list_st *cipher_list_tls10;
+
/* cipher_list_tls11 is the list of ciphers when TLS 1.1 or greater is in
* use. This only applies to server connections as, for clients, the version
* number is known at connect time and so the cipher list can be set then. */
@@ -921,10 +3112,8 @@ struct ssl_ctx_st {
CRYPTO_refcount_t references;
/* if defined, these override the X509_verify_cert() calls */
- int (*app_verify_callback)(X509_STORE_CTX *, void *);
+ int (*app_verify_callback)(X509_STORE_CTX *store_ctx, void *arg);
void *app_verify_arg;
- /* before OpenSSL 0.9.7, 'app_verify_arg' was ignored ('app_verify_callback'
- * was called with just one argument) */
/* Default password callback. */
pem_password_cb *default_passwd_callback;
@@ -936,12 +3125,14 @@ struct ssl_ctx_st {
int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
/* get channel id callback */
- void (*channel_id_cb)(SSL *ssl, EVP_PKEY **pkey);
+ void (*channel_id_cb)(SSL *ssl, EVP_PKEY **out_pkey);
CRYPTO_EX_DATA ex_data;
- STACK_OF(X509) *extra_certs;
-
+ /* custom_*_extensions stores any callback sets for custom extensions. Note
+ * that these pointers will be NULL if the stack would otherwise be empty. */
+ STACK_OF(SSL_CUSTOM_EXTENSION) *client_custom_extensions;
+ STACK_OF(SSL_CUSTOM_EXTENSION) *server_custom_extensions;
/* Default values used when no per-SSL value is defined follow */
@@ -1002,7 +3193,7 @@ struct ssl_ctx_st {
int (*tlsext_servername_callback)(SSL *, int *, void *);
void *tlsext_servername_arg;
/* RFC 4507 session ticket keys */
- uint8_t tlsext_tick_key_name[16];
+ uint8_t tlsext_tick_key_name[SSL_TICKET_KEY_NAME_LEN];
uint8_t tlsext_tick_hmac_key[16];
uint8_t tlsext_tick_aes_key[16];
/* Callback to support customisation of ticket key setting */
@@ -1031,13 +3222,13 @@ struct ssl_ctx_st {
/* For a server, this contains a callback function by which the set of
* advertised protocols can be provided. */
- int (*next_protos_advertised_cb)(SSL *s, const uint8_t **buf,
- unsigned int *len, void *arg);
+ int (*next_protos_advertised_cb)(SSL *ssl, const uint8_t **out,
+ unsigned *out_len, void *arg);
void *next_protos_advertised_cb_arg;
/* For a client, this contains a callback function that selects the
* next protocol from the list provided by the server. */
- int (*next_proto_select_cb)(SSL *s, uint8_t **out, uint8_t *outlen,
- const uint8_t *in, unsigned int inlen, void *arg);
+ int (*next_proto_select_cb)(SSL *ssl, uint8_t **out, uint8_t *out_len,
+ const uint8_t *in, unsigned in_len, void *arg);
void *next_proto_select_cb_arg;
/* ALPN information
@@ -1051,8 +3242,8 @@ struct ssl_ctx_st {
* in: points to the client's list of supported protocols in
* wire-format.
* inlen: the length of |in|. */
- int (*alpn_select_cb)(SSL *s, const uint8_t **out, uint8_t *outlen,
- const uint8_t *in, unsigned int inlen, void *arg);
+ int (*alpn_select_cb)(SSL *s, const uint8_t **out, uint8_t *out_len,
+ const uint8_t *in, unsigned in_len, void *arg);
void *alpn_select_cb_arg;
/* For a client, this contains the list of supported protocols in wire
@@ -1064,27 +3255,29 @@ struct ssl_ctx_st {
STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
/* EC extension values inherited by SSL structure */
- size_t tlsext_ecpointformatlist_length;
- uint8_t *tlsext_ecpointformatlist;
size_t tlsext_ellipticcurvelist_length;
uint16_t *tlsext_ellipticcurvelist;
/* If true, a client will advertise the Channel ID extension and a server
* will echo it. */
char tlsext_channel_id_enabled;
- /* tlsext_channel_id_enabled_new is a hack to support both old and new
- * ChannelID signatures. It indicates that a client should advertise the new
- * ChannelID extension number. */
- char tlsext_channel_id_enabled_new;
/* The client's Channel ID private key. */
EVP_PKEY *tlsext_channel_id_private;
/* If true, a client will request certificate timestamps. */
char signed_cert_timestamps_enabled;
+ /* Signed certificate timestamp list to be sent to the client, if requested */
+ uint8_t *signed_cert_timestamp_list;
+ size_t signed_cert_timestamp_list_length;
+
/* If true, a client will request a stapled OCSP response. */
char ocsp_stapling_enabled;
+ /* OCSP response to be sent to the client, if requested. */
+ uint8_t *ocsp_response;
+ size_t ocsp_response_length;
+
/* If not NULL, session key material will be logged to this BIO for debugging
* purposes. The format matches NSS's and is readable by Wireshark. */
BIO *keylog_bio;
@@ -1094,193 +3287,6 @@ struct ssl_ctx_st {
void (*current_time_cb)(const SSL *ssl, struct timeval *out_clock);
};
-OPENSSL_EXPORT LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx);
-
-/* SSL_CTX_sess_number returns the number of sessions in |ctx|'s internal
- * session cache. */
-OPENSSL_EXPORT size_t SSL_CTX_sess_number(const SSL_CTX *ctx);
-
-OPENSSL_EXPORT void SSL_CTX_sess_set_new_cb(
- SSL_CTX *ctx, int (*new_session_cb)(SSL *ssl, SSL_SESSION *sess));
-OPENSSL_EXPORT int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(SSL *ssl,
- SSL_SESSION *sess);
-OPENSSL_EXPORT void SSL_CTX_sess_set_remove_cb(
- SSL_CTX *ctx,
- void (*remove_session_cb)(SSL_CTX *ctx, SSL_SESSION *sess));
-OPENSSL_EXPORT void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(
- SSL_CTX *ctx, SSL_SESSION *sess);
-OPENSSL_EXPORT void SSL_CTX_sess_set_get_cb(
- SSL_CTX *ctx,
- SSL_SESSION *(*get_session_cb)(SSL *ssl, uint8_t *data, int len,
- int *copy));
-OPENSSL_EXPORT SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(
- SSL *ssl, uint8_t *data, int len, int *copy);
-/* SSL_magic_pending_session_ptr returns a magic SSL_SESSION* which indicates
- * that the session isn't currently unavailable. SSL_get_error will then return
- * SSL_ERROR_PENDING_SESSION and the handshake can be retried later when the
- * lookup has completed. */
-OPENSSL_EXPORT SSL_SESSION *SSL_magic_pending_session_ptr(void);
-OPENSSL_EXPORT void SSL_CTX_set_info_callback(SSL_CTX *ctx,
- void (*cb)(const SSL *ssl,
- int type, int val));
-OPENSSL_EXPORT void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,
- int type,
- int val);
-OPENSSL_EXPORT void SSL_CTX_set_client_cert_cb(
- SSL_CTX *ctx,
- int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
-OPENSSL_EXPORT int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl,
- X509 **x509,
- EVP_PKEY **pkey);
-OPENSSL_EXPORT void SSL_CTX_set_channel_id_cb(
- SSL_CTX *ctx, void (*channel_id_cb)(SSL *ssl, EVP_PKEY **pkey));
-OPENSSL_EXPORT void (*SSL_CTX_get_channel_id_cb(SSL_CTX *ctx))(SSL *ssl,
- EVP_PKEY **pkey);
-
-/* SSL_enable_signed_cert_timestamps causes |ssl| (which must be the client end
- * of a connection) to request SCTs from the server. See
- * https://tools.ietf.org/html/rfc6962. It returns one. */
-OPENSSL_EXPORT int SSL_enable_signed_cert_timestamps(SSL *ssl);
-
-/* SSL_CTX_enable_signed_cert_timestamps enables SCT requests on all client SSL
- * objects created from |ctx|. */
-OPENSSL_EXPORT void SSL_CTX_enable_signed_cert_timestamps(SSL_CTX *ctx);
-
-/* SSL_enable_ocsp_stapling causes |ssl| (which must be the client end of a
- * connection) to request a stapled OCSP response from the server. It returns
- * one. */
-OPENSSL_EXPORT int SSL_enable_ocsp_stapling(SSL *ssl);
-
-/* SSL_CTX_enable_ocsp_stapling enables OCSP stapling on all client SSL objects
- * created from |ctx|. */
-OPENSSL_EXPORT void SSL_CTX_enable_ocsp_stapling(SSL_CTX *ctx);
-
-/* SSL_get0_signed_cert_timestamp_list sets |*out| and |*out_len| to point to
- * |*out_len| bytes of SCT information from the server. This is only valid if
- * |ssl| is a client. The SCT information is a SignedCertificateTimestampList
- * (including the two leading length bytes).
- * See https://tools.ietf.org/html/rfc6962#section-3.3
- * If no SCT was received then |*out_len| will be zero on return.
- *
- * WARNING: the returned data is not guaranteed to be well formed. */
-OPENSSL_EXPORT void SSL_get0_signed_cert_timestamp_list(const SSL *ssl,
- const uint8_t **out,
- size_t *out_len);
-
-/* SSL_get0_ocsp_response sets |*out| and |*out_len| to point to |*out_len|
- * bytes of an OCSP response from the server. This is the DER encoding of an
- * OCSPResponse type as defined in RFC 2560.
- *
- * WARNING: the returned data is not guaranteed to be well formed. */
-OPENSSL_EXPORT void SSL_get0_ocsp_response(const SSL *ssl, const uint8_t **out,
- size_t *out_len);
-
-OPENSSL_EXPORT void SSL_CTX_set_next_protos_advertised_cb(
- SSL_CTX *s,
- int (*cb)(SSL *ssl, const uint8_t **out, unsigned int *outlen, void *arg),
- void *arg);
-OPENSSL_EXPORT void SSL_CTX_set_next_proto_select_cb(
- SSL_CTX *s, int (*cb)(SSL *ssl, uint8_t **out, uint8_t *outlen,
- const uint8_t *in, unsigned int inlen, void *arg),
- void *arg);
-OPENSSL_EXPORT void SSL_get0_next_proto_negotiated(const SSL *s,
- const uint8_t **data,
- unsigned *len);
-
-OPENSSL_EXPORT int SSL_select_next_proto(uint8_t **out, uint8_t *outlen,
- const uint8_t *in, unsigned int inlen,
- const uint8_t *client,
- unsigned int client_len);
-
-#define OPENSSL_NPN_UNSUPPORTED 0
-#define OPENSSL_NPN_NEGOTIATED 1
-#define OPENSSL_NPN_NO_OVERLAP 2
-
-/* SSL_CTX_set_alpn_protos sets the ALPN protocol list on |ctx| to |protos|.
- * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
- * length-prefixed strings). It returns zero on success and one on failure.
- *
- * WARNING: this function is dangerous because it breaks the usual return value
- * convention. */
-OPENSSL_EXPORT int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const uint8_t *protos,
- unsigned protos_len);
-
-/* SSL_set_alpn_protos sets the ALPN protocol list on |ssl| to |protos|.
- * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
- * length-prefixed strings). It returns zero on success and one on failure.
- *
- * WARNING: this function is dangerous because it breaks the usual return value
- * convention. */
-OPENSSL_EXPORT int SSL_set_alpn_protos(SSL *ssl, const uint8_t *protos,
- unsigned protos_len);
-
-OPENSSL_EXPORT void SSL_CTX_set_alpn_select_cb(
- SSL_CTX *ctx, int (*cb)(SSL *ssl, const uint8_t **out, uint8_t *outlen,
- const uint8_t *in, unsigned int inlen, void *arg),
- void *arg);
-OPENSSL_EXPORT void SSL_get0_alpn_selected(const SSL *ssl, const uint8_t **data,
- unsigned *len);
-
-/* SSL_enable_fastradio_padding controls whether fastradio padding is enabled
- * on |ssl|. If it is, ClientHello messages are padded to 1024 bytes. This
- * causes 3G radios to switch to DCH mode (high data rate). */
-OPENSSL_EXPORT void SSL_enable_fastradio_padding(SSL *ssl, char on_off);
-
-/* SSL_set_reject_peer_renegotiations controls whether renegotiation attempts by
- * the peer are rejected. It may be set at any point in a connection's lifetime
- * to control future renegotiations programmatically. By default, renegotiations
- * are rejected. (Renegotiations requested by a client are always rejected.) */
-OPENSSL_EXPORT void SSL_set_reject_peer_renegotiations(SSL *ssl, int reject);
-
-/* the maximum length of the buffer given to callbacks containing the resulting
- * identity/psk */
-#define PSK_MAX_IDENTITY_LEN 128
-#define PSK_MAX_PSK_LEN 256
-OPENSSL_EXPORT void SSL_CTX_set_psk_client_callback(
- SSL_CTX *ctx,
- unsigned int (*psk_client_callback)(
- SSL *ssl, const char *hint, char *identity,
- unsigned int max_identity_len, uint8_t *psk, unsigned int max_psk_len));
-OPENSSL_EXPORT void SSL_set_psk_client_callback(
- SSL *ssl, unsigned int (*psk_client_callback)(SSL *ssl, const char *hint,
- char *identity,
- unsigned int max_identity_len,
- uint8_t *psk,
- unsigned int max_psk_len));
-OPENSSL_EXPORT void SSL_CTX_set_psk_server_callback(
- SSL_CTX *ctx,
- unsigned int (*psk_server_callback)(SSL *ssl, const char *identity,
- uint8_t *psk,
- unsigned int max_psk_len));
-OPENSSL_EXPORT void SSL_set_psk_server_callback(
- SSL *ssl,
- unsigned int (*psk_server_callback)(SSL *ssl, const char *identity,
- uint8_t *psk,
- unsigned int max_psk_len));
-OPENSSL_EXPORT int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx,
- const char *identity_hint);
-OPENSSL_EXPORT int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint);
-OPENSSL_EXPORT const char *SSL_get_psk_identity_hint(const SSL *s);
-OPENSSL_EXPORT const char *SSL_get_psk_identity(const SSL *s);
-
-#define SSL_NOTHING 1
-#define SSL_WRITING 2
-#define SSL_READING 3
-#define SSL_X509_LOOKUP 4
-#define SSL_CHANNEL_ID_LOOKUP 5
-#define SSL_PENDING_SESSION 7
-#define SSL_CERTIFICATE_SELECTION_PENDING 8
-
-/* These will only be used when doing non-blocking IO */
-#define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
-#define SSL_want_read(s) (SSL_want(s) == SSL_READING)
-#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
-#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
-#define SSL_want_channel_id_lookup(s) (SSL_want(s) == SSL_CHANNEL_ID_LOOKUP)
-#define SSL_want_session(s) (SSL_want(s) == SSL_PENDING_SESSION)
-#define SSL_want_certificate(s) \
- (SSL_want(s) == SSL_CERTIFICATE_SELECTION_PENDING)
-
struct ssl_st {
/* version is the protocol version. */
int version;
@@ -1336,7 +3342,6 @@ struct ssl_st {
int shutdown; /* we have shut things down, 0x01 sent, 0x02
* for received */
int state; /* where we are */
- int rstate; /* where we are when reading */
BUF_MEM *init_buf; /* buffer used during init */
uint8_t *init_msg; /* pointer to handshake message body, set by
@@ -1344,10 +3349,6 @@ struct ssl_st {
int init_num; /* amount read/written */
int init_off; /* amount read/written */
- /* used internally to point at a raw packet */
- uint8_t *packet;
- unsigned int packet_length;
-
struct ssl3_state_st *s3; /* SSLv3 variables */
struct dtls1_state_st *d1; /* DTLSv1 variables */
@@ -1420,13 +3421,8 @@ struct ssl_st {
* SSLv3/TLS rollback check */
uint16_t max_send_fragment;
char *tlsext_hostname;
- /* should_ack_sni is true if the SNI extension should be acked. This is
- * only used by a server. */
- char should_ack_sni;
/* RFC4507 session ticket expected to be received or sent */
int tlsext_ticket_expected;
- size_t tlsext_ecpointformatlist_length;
- uint8_t *tlsext_ecpointformatlist; /* our list */
size_t tlsext_ellipticcurvelist_length;
uint16_t *tlsext_ellipticcurvelist; /* our list */
@@ -1458,9 +3454,8 @@ struct ssl_st {
/* Enable signed certificate time stamps. Currently client only. */
char signed_cert_timestamps_enabled;
- /* Enable OCSP stapling. Currently client only.
- * TODO(davidben): Add a server-side implementation when it becomes
- * necesary. */
+ /* ocsp_stapling_enabled is only used by client connections and indicates
+ * whether OCSP stapling will be requested. */
char ocsp_stapling_enabled;
/* For a client, this contains the list of supported protocols in wire
@@ -1468,11 +3463,6 @@ struct ssl_st {
uint8_t *alpn_client_proto_list;
unsigned alpn_client_proto_list_len;
- /* fastradio_padding, if true, causes ClientHellos to be padded to 1024
- * bytes. This ensures that the cellular radio is fast forwarded to DCH (high
- * data rate) state in 3G networks. */
- char fastradio_padding;
-
/* accept_peer_renegotiations, if one, accepts renegotiation attempts from the
* peer. Otherwise, they will be rejected with a fatal error. */
char accept_peer_renegotiations;
@@ -1484,947 +3474,6 @@ struct ssl_st {
EVP_MD_CTX *read_hash;
};
-/* compatibility */
-#define SSL_set_app_data(s, arg) (SSL_set_ex_data(s, 0, (char *)arg))
-#define SSL_get_app_data(s) (SSL_get_ex_data(s, 0))
-#define SSL_SESSION_set_app_data(s, a) \
- (SSL_SESSION_set_ex_data(s, 0, (char *)a))
-#define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s, 0))
-#define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx, 0))
-#define SSL_CTX_set_app_data(ctx, arg) \
- (SSL_CTX_set_ex_data(ctx, 0, (char *)arg))
-
-/* The following are the possible values for ssl->state are are used to
- * indicate where we are up to in the SSL connection establishment. The macros
- * that follow are about the only things you should need to use and even then,
- * only when using non-blocking IO. It can also be useful to work out where you
- * were when the connection failed */
-
-#define SSL_ST_CONNECT 0x1000
-#define SSL_ST_ACCEPT 0x2000
-#define SSL_ST_MASK 0x0FFF
-#define SSL_ST_INIT (SSL_ST_CONNECT | SSL_ST_ACCEPT)
-#define SSL_ST_OK 0x03
-#define SSL_ST_RENEGOTIATE (0x04 | SSL_ST_INIT)
-
-#define SSL_CB_LOOP 0x01
-#define SSL_CB_EXIT 0x02
-#define SSL_CB_READ 0x04
-#define SSL_CB_WRITE 0x08
-#define SSL_CB_ALERT 0x4000 /* used in callback */
-#define SSL_CB_READ_ALERT (SSL_CB_ALERT | SSL_CB_READ)
-#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT | SSL_CB_WRITE)
-#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT | SSL_CB_LOOP)
-#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT | SSL_CB_EXIT)
-#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT | SSL_CB_LOOP)
-#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT | SSL_CB_EXIT)
-#define SSL_CB_HANDSHAKE_START 0x10
-#define SSL_CB_HANDSHAKE_DONE 0x20
-
-/* Is the SSL_connection established? */
-#define SSL_get_state(a) SSL_state(a)
-#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)
-#define SSL_in_init(a) (SSL_state(a) & SSL_ST_INIT)
-#define SSL_in_connect_init(a) (SSL_state(a) & SSL_ST_CONNECT)
-#define SSL_in_accept_init(a) (SSL_state(a) & SSL_ST_ACCEPT)
-
-/* SSL_in_false_start returns one if |s| has a pending unfinished handshake that
- * is in False Start. |SSL_write| may be called at this point without waiting
- * for the peer, but |SSL_read| will require the handshake to be completed. */
-OPENSSL_EXPORT int SSL_in_false_start(const SSL *s);
-
-/* The following 2 states are kept in ssl->rstate when reads fail,
- * you should not need these */
-#define SSL_ST_READ_HEADER 0xF0
-#define SSL_ST_READ_BODY 0xF1
-#define SSL_ST_READ_DONE 0xF2
-
-/* Obtain latest Finished message
- * -- that we sent (SSL_get_finished)
- * -- that we expected from peer (SSL_get_peer_finished).
- * Returns length (0 == no Finished so far), copies up to 'count' bytes. */
-OPENSSL_EXPORT size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
-OPENSSL_EXPORT size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
-
-/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 3 options
- * are 'ored' with SSL_VERIFY_PEER if they are desired */
-#define SSL_VERIFY_NONE 0x00
-#define SSL_VERIFY_PEER 0x01
-#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
-/* SSL_VERIFY_CLIENT_ONCE does nothing. */
-#define SSL_VERIFY_CLIENT_ONCE 0x04
-#define SSL_VERIFY_PEER_IF_NO_OBC 0x08
-
-#define OpenSSL_add_ssl_algorithms() SSL_library_init()
-#define SSLeay_add_ssl_algorithms() SSL_library_init()
-
-/* For backward compatibility */
-#define SSL_get_cipher(s) SSL_CIPHER_get_name(SSL_get_current_cipher(s))
-#define SSL_get_cipher_bits(s, np) \
- SSL_CIPHER_get_bits(SSL_get_current_cipher(s), np)
-#define SSL_get_cipher_version(s) \
- SSL_CIPHER_get_version(SSL_get_current_cipher(s))
-#define SSL_get_cipher_name(s) SSL_CIPHER_get_name(SSL_get_current_cipher(s))
-#define SSL_get_time(a) SSL_SESSION_get_time(a)
-#define SSL_set_time(a, b) SSL_SESSION_set_time((a), (b))
-#define SSL_get_timeout(a) SSL_SESSION_get_timeout(a)
-#define SSL_set_timeout(a, b) SSL_SESSION_set_timeout((a), (b))
-
-#define d2i_SSL_SESSION_bio(bp, s_id) \
- ASN1_d2i_bio_of(SSL_SESSION, SSL_SESSION_new, d2i_SSL_SESSION, bp, s_id)
-#define i2d_SSL_SESSION_bio(bp, s_id) \
- ASN1_i2d_bio_of(SSL_SESSION, i2d_SSL_SESSION, bp, s_id)
-
-DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
-
-/* make_errors.go reserves error codes above 1000 for manually-assigned errors.
- * This value must be kept in sync with reservedReasonCode in make_errors.h */
-#define SSL_AD_REASON_OFFSET \
- 1000 /* offset to get SSL_R_... value from SSL_AD_... */
-
-/* These alert types are for SSLv3 and TLSv1 */
-#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
-#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */
-#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */
-#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED
-#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW
-#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE /* fatal */
-#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE /* fatal */
-#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */
-#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
-#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE
-#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED
-#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED
-#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN
-#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */
-#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */
-#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */
-#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */
-#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR
-#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION /* fatal */
-#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */
-#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY /* fatal */
-#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */
-#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED
-#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
-#define SSL_AD_UNSUPPORTED_EXTENSION TLS1_AD_UNSUPPORTED_EXTENSION
-#define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE
-#define SSL_AD_UNRECOGNIZED_NAME TLS1_AD_UNRECOGNIZED_NAME
-#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE \
- TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
-#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
-#define SSL_AD_UNKNOWN_PSK_IDENTITY TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */
-#define SSL_AD_INAPPROPRIATE_FALLBACK SSL3_AD_INAPPROPRIATE_FALLBACK /* fatal */
-
-#define SSL_ERROR_NONE 0
-#define SSL_ERROR_SSL 1
-#define SSL_ERROR_WANT_READ 2
-#define SSL_ERROR_WANT_WRITE 3
-#define SSL_ERROR_WANT_X509_LOOKUP 4
-#define SSL_ERROR_SYSCALL 5 /* look at error stack/return value/errno */
-#define SSL_ERROR_ZERO_RETURN 6
-#define SSL_ERROR_WANT_CONNECT 7
-#define SSL_ERROR_WANT_ACCEPT 8
-#define SSL_ERROR_WANT_CHANNEL_ID_LOOKUP 9
-#define SSL_ERROR_PENDING_SESSION 11
-#define SSL_ERROR_PENDING_CERTIFICATE 12
-
-#define SSL_CTRL_EXTRA_CHAIN_CERT 14
-
-/* see tls1.h for macros based on these */
-#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
-#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
-
-#define SSL_CTRL_SET_SRP_ARG 78
-#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79
-#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80
-#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81
-
-#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS 82
-#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS 83
-
-#define SSL_CTRL_CHAIN 88
-#define SSL_CTRL_CHAIN_CERT 89
-
-#define SSL_CTRL_GET_CURVES 90
-#define SSL_CTRL_SET_CURVES 91
-#define SSL_CTRL_SET_CURVES_LIST 92
-#define SSL_CTRL_SET_SIGALGS 97
-#define SSL_CTRL_SET_SIGALGS_LIST 98
-#define SSL_CTRL_SET_CLIENT_SIGALGS 101
-#define SSL_CTRL_SET_CLIENT_SIGALGS_LIST 102
-#define SSL_CTRL_GET_CLIENT_CERT_TYPES 103
-#define SSL_CTRL_SET_CLIENT_CERT_TYPES 104
-#define SSL_CTRL_BUILD_CERT_CHAIN 105
-#define SSL_CTRL_SET_VERIFY_CERT_STORE 106
-#define SSL_CTRL_SET_CHAIN_CERT_STORE 107
-#define SSL_CTRL_GET_SERVER_TMP_KEY 109
-#define SSL_CTRL_GET_EC_POINT_FORMATS 111
-
-#define SSL_CTRL_GET_CHAIN_CERTS 115
-#define SSL_CTRL_SELECT_CURRENT_CERT 116
-
-/* DTLSv1_get_timeout queries the next DTLS handshake timeout. If there is a
- * timeout in progress, it sets |*out| to the time remaining and returns one.
- * Otherwise, it returns zero.
- *
- * When the timeout expires, call |DTLSv1_handle_timeout| to handle the
- * retransmit behavior.
- *
- * NOTE: This function must be queried again whenever the handshake state
- * machine changes, including when |DTLSv1_handle_timeout| is called. */
-OPENSSL_EXPORT int DTLSv1_get_timeout(const SSL *ssl, struct timeval *out);
-
-/* DTLSv1_handle_timeout is called when a DTLS handshake timeout expires. If no
- * timeout had expired, it returns 0. Otherwise, it retransmits the previous
- * flight of handshake messages and returns 1. If too many timeouts had expired
- * without progress or an error occurs, it returns -1.
- *
- * NOTE: The caller's external timer should be compatible with the one |ssl|
- * queries within some fudge factor. Otherwise, the call will be a no-op, but
- * |DTLSv1_get_timeout| will return an updated timeout.
- *
- * WARNING: This function breaks the usual return value convention. */
-OPENSSL_EXPORT int DTLSv1_handle_timeout(SSL *ssl);
-
-/* SSL_session_reused returns one if |ssl| performed an abbreviated handshake
- * and zero otherwise.
- *
- * TODO(davidben): Hammer down the semantics of this API while a handshake,
- * initial or renego, is in progress. */
-OPENSSL_EXPORT int SSL_session_reused(const SSL *ssl);
-
-/* SSL_total_renegotiations returns the total number of renegotiation handshakes
- * peformed by |ssl|. This includes the pending renegotiation, if any. */
-OPENSSL_EXPORT int SSL_total_renegotiations(const SSL *ssl);
-
-/* SSL_CTX_set_tmp_dh configures |ctx| to use the group from |dh| as the group
- * for DHE. Only the group is used, so |dh| needn't have a keypair. It returns
- * one on success and zero on error. */
-OPENSSL_EXPORT int SSL_CTX_set_tmp_dh(SSL_CTX *ctx, const DH *dh);
-
-/* SSL_set_tmp_dh configures |ssl| to use the group from |dh| as the group for
- * DHE. Only the group is used, so |dh| needn't have a keypair. It returns one
- * on success and zero on error. */
-OPENSSL_EXPORT int SSL_set_tmp_dh(SSL *ssl, const DH *dh);
-
-/* SSL_CTX_set_tmp_ecdh configures |ctx| to use the curve from |ecdh| as the
- * curve for ephemeral ECDH keys. For historical reasons, this API expects an
- * |EC_KEY|, but only the curve is used. It returns one on success and zero on
- * error. If unset, an appropriate curve will be chosen automatically. (This is
- * recommended.) */
-OPENSSL_EXPORT int SSL_CTX_set_tmp_ecdh(SSL_CTX *ctx, const EC_KEY *ec_key);
-
-/* SSL_set_tmp_ecdh configures |ssl| to use the curve from |ecdh| as the curve
- * for ephemeral ECDH keys. For historical reasons, this API expects an
- * |EC_KEY|, but only the curve is used. It returns one on success and zero on
- * error. If unset, an appropriate curve will be chosen automatically. (This is
- * recommended.) */
-OPENSSL_EXPORT int SSL_set_tmp_ecdh(SSL *ssl, const EC_KEY *ec_key);
-
-/* SSL_CTX_enable_tls_channel_id either configures a TLS server to accept TLS
- * client IDs from clients, or configures a client to send TLS client IDs to
- * a server. It returns one. */
-OPENSSL_EXPORT int SSL_CTX_enable_tls_channel_id(SSL_CTX *ctx);
-
-/* SSL_enable_tls_channel_id either configures a TLS server to accept TLS
- * client IDs from clients, or configure a client to send TLS client IDs to
- * server. It returns one. */
-OPENSSL_EXPORT int SSL_enable_tls_channel_id(SSL *ssl);
-
-/* SSL_CTX_set1_tls_channel_id configures a TLS client to send a TLS Channel ID
- * to compatible servers. |private_key| must be a P-256 EC key. It returns one
- * on success and zero on error. */
-OPENSSL_EXPORT int SSL_CTX_set1_tls_channel_id(SSL_CTX *ctx,
- EVP_PKEY *private_key);
-
-/* SSL_set1_tls_channel_id configures a TLS client to send a TLS Channel ID to
- * compatible servers. |private_key| must be a P-256 EC key. It returns one on
- * success and zero on error. */
-OPENSSL_EXPORT int SSL_set1_tls_channel_id(SSL *ssl, EVP_PKEY *private_key);
-
-/* SSL_get_tls_channel_id gets the client's TLS Channel ID from a server SSL*
- * and copies up to the first |max_out| bytes into |out|. The Channel ID
- * consists of the client's P-256 public key as an (x,y) pair where each is a
- * 32-byte, big-endian field element. It returns 0 if the client didn't offer a
- * Channel ID and the length of the complete Channel ID otherwise. */
-OPENSSL_EXPORT size_t SSL_get_tls_channel_id(SSL *ssl, uint8_t *out,
- size_t max_out);
-
-#define SSL_CTX_add_extra_chain_cert(ctx, x509) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, (char *)x509)
-#define SSL_CTX_get_extra_chain_certs(ctx, px509) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, px509)
-#define SSL_CTX_get_extra_chain_certs_only(ctx, px509) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 1, px509)
-#define SSL_CTX_clear_extra_chain_certs(ctx) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS, 0, NULL)
-
-#define SSL_CTX_set0_chain(ctx, sk) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN, 0, (char *)sk)
-#define SSL_CTX_set1_chain(ctx, sk) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN, 1, (char *)sk)
-#define SSL_CTX_add0_chain_cert(ctx, x509) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 0, (char *)x509)
-#define SSL_CTX_add1_chain_cert(ctx, x509) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 1, (char *)x509)
-#define SSL_CTX_get0_chain_certs(ctx, px509) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_GET_CHAIN_CERTS, 0, px509)
-#define SSL_CTX_clear_chain_certs(ctx) SSL_CTX_set0_chain(ctx, NULL)
-#define SSL_CTX_build_cert_chain(ctx, flags) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
-#define SSL_CTX_select_current_cert(ctx, x509) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_SELECT_CURRENT_CERT, 0, (char *)x509)
-
-#define SSL_CTX_set0_verify_cert_store(ctx, st) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, (char *)st)
-#define SSL_CTX_set1_verify_cert_store(ctx, st) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 1, (char *)st)
-#define SSL_CTX_set0_chain_cert_store(ctx, st) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CHAIN_CERT_STORE, 0, (char *)st)
-#define SSL_CTX_set1_chain_cert_store(ctx, st) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CHAIN_CERT_STORE, 1, (char *)st)
-
-#define SSL_set0_chain(ctx, sk) SSL_ctrl(ctx, SSL_CTRL_CHAIN, 0, (char *)sk)
-#define SSL_set1_chain(ctx, sk) SSL_ctrl(ctx, SSL_CTRL_CHAIN, 1, (char *)sk)
-#define SSL_add0_chain_cert(ctx, x509) \
- SSL_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 0, (char *)x509)
-#define SSL_add1_chain_cert(ctx, x509) \
- SSL_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 1, (char *)x509)
-#define SSL_get0_chain_certs(ctx, px509) \
- SSL_ctrl(ctx, SSL_CTRL_GET_CHAIN_CERTS, 0, px509)
-#define SSL_clear_chain_certs(ctx) SSL_set0_chain(ctx, NULL)
-#define SSL_build_cert_chain(s, flags) \
- SSL_ctrl(s, SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
-#define SSL_select_current_cert(ctx, x509) \
- SSL_ctrl(ctx, SSL_CTRL_SELECT_CURRENT_CERT, 0, (char *)x509)
-
-#define SSL_set0_verify_cert_store(s, st) \
- SSL_ctrl(s, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, (char *)st)
-#define SSL_set1_verify_cert_store(s, st) \
- SSL_ctrl(s, SSL_CTRL_SET_VERIFY_CERT_STORE, 1, (char *)st)
-#define SSL_set0_chain_cert_store(s, st) \
- SSL_ctrl(s, SSL_CTRL_SET_CHAIN_CERT_STORE, 0, (char *)st)
-#define SSL_set1_chain_cert_store(s, st) \
- SSL_ctrl(s, SSL_CTRL_SET_CHAIN_CERT_STORE, 1, (char *)st)
-
-#define SSL_get1_curves(ctx, s) SSL_ctrl(ctx, SSL_CTRL_GET_CURVES, 0, (char *)s)
-#define SSL_CTX_set1_curves(ctx, clist, clistlen) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CURVES, clistlen, (char *)clist)
-#define SSL_CTX_set1_curves_list(ctx, s) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CURVES_LIST, 0, (char *)s)
-#define SSL_set1_curves(ctx, clist, clistlen) \
- SSL_ctrl(ctx, SSL_CTRL_SET_CURVES, clistlen, (char *)clist)
-#define SSL_set1_curves_list(ctx, s) \
- SSL_ctrl(ctx, SSL_CTRL_SET_CURVES_LIST, 0, (char *)s)
-
-#define SSL_CTX_set1_sigalgs(ctx, slist, slistlen) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS, slistlen, (int *)slist)
-#define SSL_CTX_set1_sigalgs_list(ctx, s) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS_LIST, 0, (char *)s)
-#define SSL_set1_sigalgs(ctx, slist, slistlen) \
- SSL_ctrl(ctx, SSL_CTRL_SET_SIGALGS, clistlen, (int *)slist)
-#define SSL_set1_sigalgs_list(ctx, s) \
- SSL_ctrl(ctx, SSL_CTRL_SET_SIGALGS_LIST, 0, (char *)s)
-
-#define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS, slistlen, (int *)slist)
-#define SSL_CTX_set1_client_sigalgs_list(ctx, s) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS_LIST, 0, (char *)s)
-#define SSL_set1_client_sigalgs(ctx, slist, slistlen) \
- SSL_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS, clistlen, (int *)slist)
-#define SSL_set1_client_sigalgs_list(ctx, s) \
- SSL_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS_LIST, 0, (char *)s)
-
-#define SSL_get0_certificate_types(s, clist) \
- SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, (char *)clist)
-
-#define SSL_CTX_set1_client_certificate_types(ctx, clist, clistlen) \
- SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_CERT_TYPES, clistlen, (char *)clist)
-#define SSL_set1_client_certificate_types(s, clist, clistlen) \
- SSL_ctrl(s, SSL_CTRL_SET_CLIENT_CERT_TYPES, clistlen, (char *)clist)
-
-#define SSL_get_server_tmp_key(s, pk) \
- SSL_ctrl(s, SSL_CTRL_GET_SERVER_TMP_KEY, 0, pk)
-
-#define SSL_get0_ec_point_formats(s, plst) \
- SSL_ctrl(s, SSL_CTRL_GET_EC_POINT_FORMATS, 0, (char *)plst)
-
-OPENSSL_EXPORT int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str);
-OPENSSL_EXPORT int SSL_CTX_set_cipher_list_tls11(SSL_CTX *, const char *str);
-OPENSSL_EXPORT long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
-OPENSSL_EXPORT long SSL_CTX_get_timeout(const SSL_CTX *ctx);
-OPENSSL_EXPORT X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
-OPENSSL_EXPORT void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *);
-OPENSSL_EXPORT int SSL_want(const SSL *s);
-
-OPENSSL_EXPORT void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);
-
-/* SSL_get_current_cipher returns the cipher used in the current outgoing
- * connection state, or NULL if the null cipher is active. */
-OPENSSL_EXPORT const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
-
-OPENSSL_EXPORT int SSL_get_fd(const SSL *s);
-OPENSSL_EXPORT int SSL_get_rfd(const SSL *s);
-OPENSSL_EXPORT int SSL_get_wfd(const SSL *s);
-OPENSSL_EXPORT const char *SSL_get_cipher_list(const SSL *s, int n);
-OPENSSL_EXPORT int SSL_pending(const SSL *s);
-OPENSSL_EXPORT int SSL_set_fd(SSL *s, int fd);
-OPENSSL_EXPORT int SSL_set_rfd(SSL *s, int fd);
-OPENSSL_EXPORT int SSL_set_wfd(SSL *s, int fd);
-OPENSSL_EXPORT void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio);
-OPENSSL_EXPORT BIO *SSL_get_rbio(const SSL *s);
-OPENSSL_EXPORT BIO *SSL_get_wbio(const SSL *s);
-OPENSSL_EXPORT int SSL_set_cipher_list(SSL *s, const char *str);
-OPENSSL_EXPORT int SSL_get_verify_mode(const SSL *s);
-OPENSSL_EXPORT int SSL_get_verify_depth(const SSL *s);
-OPENSSL_EXPORT int (*SSL_get_verify_callback(const SSL *s))(int,
- X509_STORE_CTX *);
-OPENSSL_EXPORT void SSL_set_verify(SSL *s, int mode,
- int (*callback)(int ok,
- X509_STORE_CTX *ctx));
-OPENSSL_EXPORT void SSL_set_verify_depth(SSL *s, int depth);
-OPENSSL_EXPORT void SSL_set_cert_cb(SSL *s, int (*cb)(SSL *ssl, void *arg),
- void *arg);
-OPENSSL_EXPORT int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
-OPENSSL_EXPORT int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, uint8_t *d, long len);
-OPENSSL_EXPORT int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
-OPENSSL_EXPORT int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const uint8_t *d,
- long len);
-OPENSSL_EXPORT int SSL_use_certificate(SSL *ssl, X509 *x);
-OPENSSL_EXPORT int SSL_use_certificate_ASN1(SSL *ssl, const uint8_t *d,
- int len);
-
-OPENSSL_EXPORT int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file,
- int type);
-OPENSSL_EXPORT int SSL_use_PrivateKey_file(SSL *ssl, const char *file,
- int type);
-OPENSSL_EXPORT int SSL_use_certificate_file(SSL *ssl, const char *file,
- int type);
-OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx,
- const char *file, int type);
-OPENSSL_EXPORT int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file,
- int type);
-OPENSSL_EXPORT int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file,
- int type);
-OPENSSL_EXPORT int SSL_CTX_use_certificate_chain_file(
- SSL_CTX *ctx, const char *file); /* PEM type */
-OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
-OPENSSL_EXPORT int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *
- stackCAs,
- const char *file);
-OPENSSL_EXPORT int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *
- stackCAs,
- const char *dir);
-
-/* SSL_load_error_strings does nothing. */
-OPENSSL_EXPORT void SSL_load_error_strings(void);
-
-OPENSSL_EXPORT const char *SSL_state_string(const SSL *s);
-OPENSSL_EXPORT const char *SSL_rstate_string(const SSL *s);
-OPENSSL_EXPORT const char *SSL_state_string_long(const SSL *s);
-OPENSSL_EXPORT const char *SSL_rstate_string_long(const SSL *s);
-OPENSSL_EXPORT long SSL_SESSION_get_time(const SSL_SESSION *s);
-OPENSSL_EXPORT long SSL_SESSION_set_time(SSL_SESSION *s, long t);
-OPENSSL_EXPORT long SSL_SESSION_get_timeout(const SSL_SESSION *s);
-OPENSSL_EXPORT long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
-OPENSSL_EXPORT X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
-OPENSSL_EXPORT int SSL_SESSION_set1_id_context(SSL_SESSION *s,
- const uint8_t *sid_ctx,
- unsigned int sid_ctx_len);
-
-OPENSSL_EXPORT SSL_SESSION *SSL_SESSION_new(void);
-OPENSSL_EXPORT const uint8_t *SSL_SESSION_get_id(const SSL_SESSION *s,
- unsigned int *len);
-OPENSSL_EXPORT int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses);
-OPENSSL_EXPORT int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses);
-
-/* SSL_SESSION_up_ref, if |session| is not NULL, increments the reference count
- * of |session|. It then returns |session|. */
-OPENSSL_EXPORT SSL_SESSION *SSL_SESSION_up_ref(SSL_SESSION *session);
-
-/* SSL_SESSION_free decrements the reference count of |session|. If it reaches
- * zero, all data referenced by |session| and |session| itself are released. */
-OPENSSL_EXPORT void SSL_SESSION_free(SSL_SESSION *session);
-
-OPENSSL_EXPORT int SSL_set_session(SSL *to, SSL_SESSION *session);
-OPENSSL_EXPORT int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
-OPENSSL_EXPORT int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c);
-OPENSSL_EXPORT int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
-OPENSSL_EXPORT int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
-OPENSSL_EXPORT int SSL_has_matching_session_id(const SSL *ssl,
- const uint8_t *id,
- unsigned int id_len);
-
-/* SSL_SESSION_to_bytes serializes |in| into a newly allocated buffer and sets
- * |*out_data| to that buffer and |*out_len| to its length. The caller takes
- * ownership of the buffer and must call |OPENSSL_free| when done. It returns
- * one on success and zero on error. */
-OPENSSL_EXPORT int SSL_SESSION_to_bytes(SSL_SESSION *in, uint8_t **out_data,
- size_t *out_len);
-
-/* SSL_SESSION_to_bytes_for_ticket serializes |in|, but excludes the session ID
- * which is not necessary in a session ticket. */
-OPENSSL_EXPORT int SSL_SESSION_to_bytes_for_ticket(SSL_SESSION *in,
- uint8_t **out_data,
- size_t *out_len);
-
-/* Deprecated: i2d_SSL_SESSION serializes |in| to the bytes pointed to by
- * |*pp|. On success, it returns the number of bytes written and advances |*pp|
- * by that many bytes. On failure, it returns -1. If |pp| is NULL, no bytes are
- * written and only the length is returned.
- *
- * Use SSL_SESSION_to_bytes instead. */
-OPENSSL_EXPORT int i2d_SSL_SESSION(SSL_SESSION *in, uint8_t **pp);
-
-/* d2i_SSL_SESSION deserializes a serialized buffer contained in the |length|
- * bytes pointed to by |*pp|. It returns the new SSL_SESSION and advances |*pp|
- * by the number of bytes consumed on success and NULL on failure. If |a| is
- * NULL, the caller takes ownership of the new session and must call
- * |SSL_SESSION_free| when done.
- *
- * If |a| and |*a| are not NULL, the SSL_SESSION at |*a| is overridden with the
- * deserialized session rather than allocating a new one. In addition, |a| is
- * not NULL, but |*a| is, |*a| is set to the new SSL_SESSION.
- *
- * Passing a value other than NULL to |a| is deprecated. */
-OPENSSL_EXPORT SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const uint8_t **pp,
- long length);
-
-OPENSSL_EXPORT X509 *SSL_get_peer_certificate(const SSL *s);
-
-OPENSSL_EXPORT STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s);
-
-OPENSSL_EXPORT int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
-OPENSSL_EXPORT int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
-OPENSSL_EXPORT int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(
- int, X509_STORE_CTX *);
-OPENSSL_EXPORT void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
- int (*callback)(int, X509_STORE_CTX *));
-OPENSSL_EXPORT void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
-OPENSSL_EXPORT void SSL_CTX_set_cert_verify_callback(
- SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *, void *), void *arg);
-OPENSSL_EXPORT void SSL_CTX_set_cert_cb(SSL_CTX *c,
- int (*cb)(SSL *ssl, void *arg),
- void *arg);
-OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
-OPENSSL_EXPORT int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx,
- const uint8_t *d, long len);
-OPENSSL_EXPORT int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
-OPENSSL_EXPORT int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx,
- const uint8_t *d, long len);
-OPENSSL_EXPORT int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
-OPENSSL_EXPORT int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,
- const uint8_t *d);
-
-OPENSSL_EXPORT void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx,
- pem_password_cb *cb);
-OPENSSL_EXPORT void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx,
- void *u);
-
-OPENSSL_EXPORT int SSL_CTX_check_private_key(const SSL_CTX *ctx);
-OPENSSL_EXPORT int SSL_check_private_key(const SSL *ctx);
-
-OPENSSL_EXPORT int SSL_CTX_set_session_id_context(SSL_CTX *ctx,
- const uint8_t *sid_ctx,
- unsigned int sid_ctx_len);
-
-OPENSSL_EXPORT int SSL_set_session_id_context(SSL *ssl, const uint8_t *sid_ctx,
- unsigned int sid_ctx_len);
-
-OPENSSL_EXPORT int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
-OPENSSL_EXPORT int SSL_set_purpose(SSL *s, int purpose);
-OPENSSL_EXPORT int SSL_CTX_set_trust(SSL_CTX *s, int trust);
-OPENSSL_EXPORT int SSL_set_trust(SSL *s, int trust);
-
-OPENSSL_EXPORT int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
-OPENSSL_EXPORT int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
-
-OPENSSL_EXPORT X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx);
-OPENSSL_EXPORT X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl);
-
-OPENSSL_EXPORT void SSL_certs_clear(SSL *s);
-OPENSSL_EXPORT int SSL_accept(SSL *ssl);
-OPENSSL_EXPORT int SSL_connect(SSL *ssl);
-OPENSSL_EXPORT int SSL_read(SSL *ssl, void *buf, int num);
-OPENSSL_EXPORT int SSL_peek(SSL *ssl, void *buf, int num);
-OPENSSL_EXPORT int SSL_write(SSL *ssl, const void *buf, int num);
-OPENSSL_EXPORT long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
-OPENSSL_EXPORT long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
-
-OPENSSL_EXPORT int SSL_get_error(const SSL *s, int ret_code);
-/* SSL_get_version returns a string describing the TLS version used by |s|. For
- * example, "TLSv1.2" or "SSLv3". */
-OPENSSL_EXPORT const char *SSL_get_version(const SSL *s);
-/* SSL_SESSION_get_version returns a string describing the TLS version used by
- * |sess|. For example, "TLSv1.2" or "SSLv3". */
-OPENSSL_EXPORT const char *SSL_SESSION_get_version(const SSL_SESSION *sess);
-
-OPENSSL_EXPORT STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
-
-OPENSSL_EXPORT int SSL_do_handshake(SSL *s);
-
-/* SSL_renegotiate_pending returns one if |ssl| is in the middle of a
- * renegotiation. */
-OPENSSL_EXPORT int SSL_renegotiate_pending(SSL *ssl);
-
-OPENSSL_EXPORT int SSL_shutdown(SSL *s);
-
-OPENSSL_EXPORT const char *SSL_alert_type_string_long(int value);
-OPENSSL_EXPORT const char *SSL_alert_type_string(int value);
-OPENSSL_EXPORT const char *SSL_alert_desc_string_long(int value);
-OPENSSL_EXPORT const char *SSL_alert_desc_string(int value);
-
-OPENSSL_EXPORT void SSL_set_client_CA_list(SSL *s,
- STACK_OF(X509_NAME) *name_list);
-OPENSSL_EXPORT void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,
- STACK_OF(X509_NAME) *name_list);
-OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
-OPENSSL_EXPORT STACK_OF(X509_NAME) *
- SSL_CTX_get_client_CA_list(const SSL_CTX *s);
-OPENSSL_EXPORT int SSL_add_client_CA(SSL *ssl, X509 *x);
-OPENSSL_EXPORT int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
-
-OPENSSL_EXPORT long SSL_get_default_timeout(const SSL *s);
-
-OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
-
-OPENSSL_EXPORT X509 *SSL_get_certificate(const SSL *ssl);
-OPENSSL_EXPORT EVP_PKEY *SSL_get_privatekey(const SSL *ssl);
-
-OPENSSL_EXPORT X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);
-OPENSSL_EXPORT EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx);
-
-OPENSSL_EXPORT void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
-OPENSSL_EXPORT int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
-OPENSSL_EXPORT void SSL_set_quiet_shutdown(SSL *ssl, int mode);
-OPENSSL_EXPORT int SSL_get_quiet_shutdown(const SSL *ssl);
-OPENSSL_EXPORT void SSL_set_shutdown(SSL *ssl, int mode);
-OPENSSL_EXPORT int SSL_get_shutdown(const SSL *ssl);
-OPENSSL_EXPORT int SSL_version(const SSL *ssl);
-OPENSSL_EXPORT int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
-OPENSSL_EXPORT int SSL_CTX_load_verify_locations(SSL_CTX *ctx,
- const char *CAfile,
- const char *CApath);
-#define SSL_get0_session SSL_get_session /* just peek at pointer */
-OPENSSL_EXPORT SSL_SESSION *SSL_get_session(const SSL *ssl);
-OPENSSL_EXPORT SSL_SESSION *SSL_get1_session(
- SSL *ssl); /* obtain a reference count */
-OPENSSL_EXPORT SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
-OPENSSL_EXPORT SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx);
-OPENSSL_EXPORT void SSL_set_info_callback(SSL *ssl,
- void (*cb)(const SSL *ssl, int type,
- int val));
-OPENSSL_EXPORT void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl,
- int type, int val);
-OPENSSL_EXPORT int SSL_state(const SSL *ssl);
-
-OPENSSL_EXPORT void SSL_set_verify_result(SSL *ssl, long v);
-OPENSSL_EXPORT long SSL_get_verify_result(const SSL *ssl);
-
-OPENSSL_EXPORT int SSL_set_ex_data(SSL *ssl, int idx, void *data);
-OPENSSL_EXPORT void *SSL_get_ex_data(const SSL *ssl, int idx);
-OPENSSL_EXPORT int SSL_get_ex_new_index(long argl, void *argp,
- CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-
-OPENSSL_EXPORT int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx,
- void *data);
-OPENSSL_EXPORT void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss, int idx);
-OPENSSL_EXPORT int SSL_SESSION_get_ex_new_index(long argl, void *argp,
- CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-
-OPENSSL_EXPORT int SSL_CTX_set_ex_data(SSL_CTX *ssl, int idx, void *data);
-OPENSSL_EXPORT void *SSL_CTX_get_ex_data(const SSL_CTX *ssl, int idx);
-OPENSSL_EXPORT int SSL_CTX_get_ex_new_index(long argl, void *argp,
- CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func,
- CRYPTO_EX_free *free_func);
-
-OPENSSL_EXPORT int SSL_get_ex_data_X509_STORE_CTX_idx(void);
-
-/* SSL_CTX_sess_set_cache_size sets the maximum size of |ctx|'s session cache to
- * |size|. It returns the previous value. */
-OPENSSL_EXPORT unsigned long SSL_CTX_sess_set_cache_size(SSL_CTX *ctx,
- unsigned long size);
-
-/* SSL_CTX_sess_get_cache_size returns the maximum size of |ctx|'s session
- * cache. */
-OPENSSL_EXPORT unsigned long SSL_CTX_sess_get_cache_size(const SSL_CTX *ctx);
-
-/* SSL_SESS_CACHE_* are the possible session cache mode bits.
- * TODO(davidben): Document. */
-#define SSL_SESS_CACHE_OFF 0x0000
-#define SSL_SESS_CACHE_CLIENT 0x0001
-#define SSL_SESS_CACHE_SERVER 0x0002
-#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_SERVER)
-#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080
-#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
-#define SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200
-#define SSL_SESS_CACHE_NO_INTERNAL \
- (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP | SSL_SESS_CACHE_NO_INTERNAL_STORE)
-
-/* SSL_CTX_set_session_cache_mode sets the session cache mode bits for |ctx| to
- * |mode|. It returns the previous value. */
-OPENSSL_EXPORT int SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, int mode);
-
-/* SSL_CTX_get_session_cache_mode returns the session cache mode bits for
- * |ctx| */
-OPENSSL_EXPORT int SSL_CTX_get_session_cache_mode(const SSL_CTX *ctx);
-
-/* SSL_CTX_get_max_cert_list returns the maximum length, in bytes, of a peer
- * certificate chain accepted by |ctx|. */
-OPENSSL_EXPORT size_t SSL_CTX_get_max_cert_list(const SSL_CTX *ctx);
-
-/* SSL_CTX_set_max_cert_list sets the maximum length, in bytes, of a peer
- * certificate chain to |max_cert_list|. This affects how much memory may be
- * consumed during the handshake. */
-OPENSSL_EXPORT void SSL_CTX_set_max_cert_list(SSL_CTX *ctx,
- size_t max_cert_list);
-
-/* SSL_get_max_cert_list returns the maximum length, in bytes, of a peer
- * certificate chain accepted by |ssl|. */
-OPENSSL_EXPORT size_t SSL_get_max_cert_list(const SSL *ssl);
-
-/* SSL_set_max_cert_list sets the maximum length, in bytes, of a peer
- * certificate chain to |max_cert_list|. This affects how much memory may be
- * consumed during the handshake. */
-OPENSSL_EXPORT void SSL_set_max_cert_list(SSL *ssl, size_t max_cert_list);
-
-/* SSL_CTX_set_max_send_fragment sets the maximum length, in bytes, of records
- * sent by |ctx|. Beyond this length, handshake messages and application data
- * will be split into multiple records. */
-OPENSSL_EXPORT void SSL_CTX_set_max_send_fragment(SSL_CTX *ctx,
- size_t max_send_fragment);
-
-/* SSL_set_max_send_fragment sets the maximum length, in bytes, of records
- * sent by |ssl|. Beyond this length, handshake messages and application data
- * will be split into multiple records. */
-OPENSSL_EXPORT void SSL_set_max_send_fragment(SSL *ssl,
- size_t max_send_fragment);
-
-/* SSL_CTX_set_tmp_dh_callback configures |ctx| to use |callback| to determine
- * the group for DHE ciphers. |callback| should ignore |is_export| and
- * |keylength| and return a |DH| of the selected group or NULL on error. Only
- * the parameters are used, so the |DH| needn't have a generated keypair.
- *
- * WARNING: The caller does not take ownership of the resulting |DH|, so
- * |callback| must save and release the object elsewhere. */
-OPENSSL_EXPORT void SSL_CTX_set_tmp_dh_callback(
- SSL_CTX *ctx, DH *(*callback)(SSL *ssl, int is_export, int keylength));
-
-/* SSL_set_tmp_dh_callback configures |ssl| to use |callback| to determine the
- * group for DHE ciphers. |callback| should ignore |is_export| and |keylength|
- * and return a |DH| of the selected group or NULL on error. Only the
- * parameters are used, so the |DH| needn't have a generated keypair.
- *
- * WARNING: The caller does not take ownership of the resulting |DH|, so
- * |callback| must save and release the object elsewhere. */
-OPENSSL_EXPORT void SSL_set_tmp_dh_callback(SSL *ssl,
- DH *(*dh)(SSL *ssl, int is_export,
- int keylength));
-
-/* SSL_CTX_set_tmp_ecdh_callback configures |ctx| to use |callback| to determine
- * the curve for ephemeral ECDH keys. |callback| should ignore |is_export| and
- * |keylength| and return an |EC_KEY| of the selected curve or NULL on
- * error. Only the curve is used, so the |EC_KEY| needn't have a generated
- * keypair.
- *
- * If the callback is unset, an appropriate curve will be chosen automatically.
- * (This is recommended.)
- *
- * WARNING: The caller does not take ownership of the resulting |EC_KEY|, so
- * |callback| must save and release the object elsewhere. */
-OPENSSL_EXPORT void SSL_CTX_set_tmp_ecdh_callback(
- SSL_CTX *ctx, EC_KEY *(*callback)(SSL *ssl, int is_export, int keylength));
-
-/* SSL_set_tmp_ecdh_callback configures |ssl| to use |callback| to determine the
- * curve for ephemeral ECDH keys. |callback| should ignore |is_export| and
- * |keylength| and return an |EC_KEY| of the selected curve or NULL on
- * error. Only the curve is used, so the |EC_KEY| needn't have a generated
- * keypair.
- *
- * If the callback is unset, an appropriate curve will be chosen automatically.
- * (This is recommended.)
- *
- * WARNING: The caller does not take ownership of the resulting |EC_KEY|, so
- * |callback| must save and release the object elsewhere. */
-OPENSSL_EXPORT void SSL_set_tmp_ecdh_callback(
- SSL *ssl, EC_KEY *(*callback)(SSL *ssl, int is_export, int keylength));
-
-OPENSSL_EXPORT const void *SSL_get_current_compression(SSL *s);
-OPENSSL_EXPORT const void *SSL_get_current_expansion(SSL *s);
-
-OPENSSL_EXPORT int SSL_cache_hit(SSL *s);
-OPENSSL_EXPORT int SSL_is_server(SSL *s);
-
-/* SSL_CTX_set_dos_protection_cb sets a callback that is called once the
- * resumption decision for a ClientHello has been made. It can return 1 to
- * allow the handshake to continue or zero to cause the handshake to abort. */
-OPENSSL_EXPORT void SSL_CTX_set_dos_protection_cb(
- SSL_CTX *ctx, int (*cb)(const struct ssl_early_callback_ctx *));
-
-/* SSL_get_structure_sizes returns the sizes of the SSL, SSL_CTX and
- * SSL_SESSION structures so that a test can ensure that outside code agrees on
- * these values. */
-OPENSSL_EXPORT void SSL_get_structure_sizes(size_t *ssl_size,
- size_t *ssl_ctx_size,
- size_t *ssl_session_size);
-
-OPENSSL_EXPORT void ERR_load_SSL_strings(void);
-
-/* SSL_get_rc4_state sets |*read_key| and |*write_key| to the RC4 states for
- * the read and write directions. It returns one on success or zero if |ssl|
- * isn't using an RC4-based cipher suite. */
-OPENSSL_EXPORT int SSL_get_rc4_state(const SSL *ssl, const RC4_KEY **read_key,
- const RC4_KEY **write_key);
-
-
-/* Deprecated functions. */
-
-/* SSL_CIPHER_description writes a description of |cipher| into |buf| and
- * returns |buf|. If |buf| is NULL, it returns a newly allocated string, to be
- * freed with |OPENSSL_free|, or NULL on error.
- *
- * The description includes a trailing newline and has the form:
- * AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
- *
- * Consider |SSL_CIPHER_get_name| or |SSL_CIPHER_get_rfc_name| instead. */
-OPENSSL_EXPORT const char *SSL_CIPHER_description(const SSL_CIPHER *cipher,
- char *buf, int len);
-
-/* SSL_CIPHER_get_version returns the string "TLSv1/SSLv3". */
-OPENSSL_EXPORT const char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
-
-/* SSL_COMP_get_compression_methods returns NULL. */
-OPENSSL_EXPORT void *SSL_COMP_get_compression_methods(void);
-
-/* SSL_COMP_add_compression_method returns one. */
-OPENSSL_EXPORT int SSL_COMP_add_compression_method(int id, void *cm);
-
-/* SSL_COMP_get_name returns NULL. */
-OPENSSL_EXPORT const char *SSL_COMP_get_name(const void *comp);
-
-/* SSLv23_method calls |TLS_method|. */
-OPENSSL_EXPORT const SSL_METHOD *SSLv23_method(void);
-
-/* Version-specific methods behave exactly like |TLS_method| and |DTLS_method|
- * except they also call |SSL_CTX_set_min_version| and |SSL_CTX_set_max_version|
- * to lock connections to that protocol version. */
-OPENSSL_EXPORT const SSL_METHOD *SSLv3_method(void);
-OPENSSL_EXPORT const SSL_METHOD *TLSv1_method(void);
-OPENSSL_EXPORT const SSL_METHOD *TLSv1_1_method(void);
-OPENSSL_EXPORT const SSL_METHOD *TLSv1_2_method(void);
-OPENSSL_EXPORT const SSL_METHOD *DTLSv1_method(void);
-OPENSSL_EXPORT const SSL_METHOD *DTLSv1_2_method(void);
-
-/* Client- and server-specific methods call their corresponding generic
- * methods. */
-OPENSSL_EXPORT const SSL_METHOD *SSLv23_server_method(void);
-OPENSSL_EXPORT const SSL_METHOD *SSLv23_client_method(void);
-OPENSSL_EXPORT const SSL_METHOD *SSLv3_server_method(void);
-OPENSSL_EXPORT const SSL_METHOD *SSLv3_client_method(void);
-OPENSSL_EXPORT const SSL_METHOD *TLSv1_server_method(void);
-OPENSSL_EXPORT const SSL_METHOD *TLSv1_client_method(void);
-OPENSSL_EXPORT const SSL_METHOD *TLSv1_1_server_method(void);
-OPENSSL_EXPORT const SSL_METHOD *TLSv1_1_client_method(void);
-OPENSSL_EXPORT const SSL_METHOD *TLSv1_2_server_method(void);
-OPENSSL_EXPORT const SSL_METHOD *TLSv1_2_client_method(void);
-OPENSSL_EXPORT const SSL_METHOD *DTLS_server_method(void);
-OPENSSL_EXPORT const SSL_METHOD *DTLS_client_method(void);
-OPENSSL_EXPORT const SSL_METHOD *DTLSv1_server_method(void);
-OPENSSL_EXPORT const SSL_METHOD *DTLSv1_client_method(void);
-OPENSSL_EXPORT const SSL_METHOD *DTLSv1_2_server_method(void);
-OPENSSL_EXPORT const SSL_METHOD *DTLSv1_2_client_method(void);
-
-/* SSL_clear resets |ssl| to allow another connection and returns one on success
- * or zero on failure. It returns most configuration state but releases memory
- * associated with the current connection.
- *
- * Free |ssl| and create a new one instead. */
-OPENSSL_EXPORT int SSL_clear(SSL *ssl);
-
-/* SSL_CTX_set_tmp_rsa_callback does nothing. */
-OPENSSL_EXPORT void SSL_CTX_set_tmp_rsa_callback(
- SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export, int keylength));
-
-/* SSL_set_tmp_rsa_callback does nothing. */
-OPENSSL_EXPORT void SSL_set_tmp_rsa_callback(SSL *ssl,
- RSA *(*cb)(SSL *ssl, int is_export,
- int keylength));
-
-/* SSL_CTX_sess_connect returns zero. */
-OPENSSL_EXPORT int SSL_CTX_sess_connect(const SSL_CTX *ctx);
-
-/* SSL_CTX_sess_connect_good returns zero. */
-OPENSSL_EXPORT int SSL_CTX_sess_connect_good(const SSL_CTX *ctx);
-
-/* SSL_CTX_sess_connect_renegotiate returns zero. */
-OPENSSL_EXPORT int SSL_CTX_sess_connect_renegotiate(const SSL_CTX *ctx);
-
-/* SSL_CTX_sess_accept returns zero. */
-OPENSSL_EXPORT int SSL_CTX_sess_accept(const SSL_CTX *ctx);
-
-/* SSL_CTX_sess_accept_renegotiate returns zero. */
-OPENSSL_EXPORT int SSL_CTX_sess_accept_renegotiate(const SSL_CTX *ctx);
-
-/* SSL_CTX_sess_accept_good returns zero. */
-OPENSSL_EXPORT int SSL_CTX_sess_accept_good(const SSL_CTX *ctx);
-
-/* SSL_CTX_sess_hits returns zero. */
-OPENSSL_EXPORT int SSL_CTX_sess_hits(const SSL_CTX *ctx);
-
-/* SSL_CTX_sess_cb_hits returns zero. */
-OPENSSL_EXPORT int SSL_CTX_sess_cb_hits(const SSL_CTX *ctx);
-
-/* SSL_CTX_sess_misses returns zero. */
-OPENSSL_EXPORT int SSL_CTX_sess_misses(const SSL_CTX *ctx);
-
-/* SSL_CTX_sess_timeouts returns zero. */
-OPENSSL_EXPORT int SSL_CTX_sess_timeouts(const SSL_CTX *ctx);
-
-/* SSL_CTX_sess_cache_full returns zero. */
-OPENSSL_EXPORT int SSL_CTX_sess_cache_full(const SSL_CTX *ctx);
-
-/* SSL_cutthrough_complete calls |SSL_in_false_start|. */
-OPENSSL_EXPORT int SSL_cutthrough_complete(const SSL *s);
-
-/* SSL_num_renegotiations calls |SSL_total_renegotiations|. */
-OPENSSL_EXPORT int SSL_num_renegotiations(const SSL *ssl);
-
-/* SSL_CTX_need_tmp_RSA returns zero. */
-OPENSSL_EXPORT int SSL_CTX_need_tmp_RSA(const SSL_CTX *ctx);
-
-/* SSL_need_tmp_RSA returns zero. */
-OPENSSL_EXPORT int SSL_need_tmp_RSA(const SSL *ssl);
-
-/* SSL_CTX_set_tmp_rsa returns one. */
-OPENSSL_EXPORT int SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, const RSA *rsa);
-
-/* SSL_set_tmp_rsa returns one. */
-OPENSSL_EXPORT int SSL_set_tmp_rsa(SSL *ssl, const RSA *rsa);
-
-/* SSL_CTX_get_read_head returns zero. */
-OPENSSL_EXPORT int SSL_CTX_get_read_ahead(const SSL_CTX *ctx);
-
-/* SSL_CTX_set_read_ahead does nothing. */
-OPENSSL_EXPORT void SSL_CTX_set_read_ahead(SSL_CTX *ctx, int yes);
-
-/* SSL_get_read_head returns zero. */
-OPENSSL_EXPORT int SSL_get_read_ahead(const SSL *s);
-
-/* SSL_set_read_ahead does nothing. */
-OPENSSL_EXPORT void SSL_set_read_ahead(SSL *s, int yes);
-
-/* SSL_renegotiate put an error on the error queue and returns zero. */
-OPENSSL_EXPORT int SSL_renegotiate(SSL *ssl);
-
-/* SSL_set_state does nothing. */
-OPENSSL_EXPORT void SSL_set_state(SSL *ssl, int state);
-
/* Android compatibility section.
*
@@ -2453,99 +3502,133 @@ OPENSSL_EXPORT const char *SSLeay_version(int unused);
*
* Historically, a number of APIs were implemented in OpenSSL as macros and
* constants to 'ctrl' functions. To avoid breaking #ifdefs in consumers, this
- * section defines a number of legacy macros. */
+ * section defines a number of legacy macros.
+ *
+ * Although using either the CTRL values or their wrapper macros in #ifdefs is
+ * still supported, the CTRL values may not be passed to |SSL_ctrl| and
+ * |SSL_CTX_ctrl|. Call the functions (previously wrapper macros) instead. */
-#define SSL_CTRL_NEED_TMP_RSA doesnt_exist
-#define SSL_CTRL_SET_TMP_RSA doesnt_exist
-#define SSL_CTRL_SET_TMP_DH doesnt_exist
-#define SSL_CTRL_SET_TMP_ECDH doesnt_exist
-#define SSL_CTRL_SET_TMP_RSA_CB doesnt_exist
-#define SSL_CTRL_SET_TMP_DH_CB doesnt_exist
-#define SSL_CTRL_SET_TMP_ECDH_CB doesnt_exist
-#define SSL_CTRL_GET_SESSION_REUSED doesnt_exist
+#define DTLS_CTRL_GET_TIMEOUT doesnt_exist
+#define DTLS_CTRL_HANDLE_TIMEOUT doesnt_exist
+#define SSL_CTRL_CHAIN doesnt_exist
+#define SSL_CTRL_CHAIN_CERT doesnt_exist
+#define SSL_CTRL_CHANNEL_ID doesnt_exist
+#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS doesnt_exist
+#define SSL_CTRL_CLEAR_MODE doesnt_exist
+#define SSL_CTRL_CLEAR_OPTIONS doesnt_exist
+#define SSL_CTRL_EXTRA_CHAIN_CERT doesnt_exist
+#define SSL_CTRL_GET_CHAIN_CERTS doesnt_exist
+#define SSL_CTRL_GET_CHANNEL_ID doesnt_exist
+#define SSL_CTRL_GET_CLIENT_CERT_TYPES doesnt_exist
+#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS doesnt_exist
+#define SSL_CTRL_GET_MAX_CERT_LIST doesnt_exist
#define SSL_CTRL_GET_NUM_RENEGOTIATIONS doesnt_exist
+#define SSL_CTRL_GET_READ_AHEAD doesnt_exist
+#define SSL_CTRL_GET_RI_SUPPORT doesnt_exist
+#define SSL_CTRL_GET_SESSION_REUSED doesnt_exist
+#define SSL_CTRL_GET_SESS_CACHE_MODE doesnt_exist
+#define SSL_CTRL_GET_SESS_CACHE_SIZE doesnt_exist
+#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS doesnt_exist
#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS doesnt_exist
+#define SSL_CTRL_MODE doesnt_exist
+#define SSL_CTRL_NEED_TMP_RSA doesnt_exist
+#define SSL_CTRL_OPTIONS doesnt_exist
+#define SSL_CTRL_SESS_NUMBER doesnt_exist
+#define SSL_CTRL_SET_CHANNEL_ID doesnt_exist
+#define SSL_CTRL_SET_CURVES doesnt_exist
+#define SSL_CTRL_SET_MAX_CERT_LIST doesnt_exist
+#define SSL_CTRL_SET_MAX_SEND_FRAGMENT doesnt_exist
#define SSL_CTRL_SET_MSG_CALLBACK doesnt_exist
#define SSL_CTRL_SET_MSG_CALLBACK_ARG doesnt_exist
#define SSL_CTRL_SET_MTU doesnt_exist
-#define SSL_CTRL_SESS_NUMBER doesnt_exist
-#define SSL_CTRL_OPTIONS doesnt_exist
-#define SSL_CTRL_MODE doesnt_exist
-#define SSL_CTRL_GET_READ_AHEAD doesnt_exist
#define SSL_CTRL_SET_READ_AHEAD doesnt_exist
-#define SSL_CTRL_SET_SESS_CACHE_SIZE doesnt_exist
-#define SSL_CTRL_GET_SESS_CACHE_SIZE doesnt_exist
#define SSL_CTRL_SET_SESS_CACHE_MODE doesnt_exist
-#define SSL_CTRL_GET_SESS_CACHE_MODE doesnt_exist
-#define SSL_CTRL_GET_MAX_CERT_LIST doesnt_exist
-#define SSL_CTRL_SET_MAX_CERT_LIST doesnt_exist
-#define SSL_CTRL_SET_MAX_SEND_FRAGMENT doesnt_exist
-#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB doesnt_exist
-#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG doesnt_exist
+#define SSL_CTRL_SET_SESS_CACHE_SIZE doesnt_exist
#define SSL_CTRL_SET_TLSEXT_HOSTNAME doesnt_exist
+#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG doesnt_exist
+#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB doesnt_exist
+#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS doesnt_exist
#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB doesnt_exist
-#define DTLS_CTRL_GET_TIMEOUT doesnt_exist
-#define DTLS_CTRL_HANDLE_TIMEOUT doesnt_exist
-#define SSL_CTRL_GET_RI_SUPPORT doesnt_exist
-#define SSL_CTRL_CLEAR_OPTIONS doesnt_exist
-#define SSL_CTRL_CLEAR_MODE doesnt_exist
-#define SSL_CTRL_CHANNEL_ID doesnt_exist
-#define SSL_CTRL_GET_CHANNEL_ID doesnt_exist
-#define SSL_CTRL_SET_CHANNEL_ID doesnt_exist
+#define SSL_CTRL_SET_TMP_DH doesnt_exist
+#define SSL_CTRL_SET_TMP_DH_CB doesnt_exist
+#define SSL_CTRL_SET_TMP_ECDH doesnt_exist
+#define SSL_CTRL_SET_TMP_ECDH_CB doesnt_exist
+#define SSL_CTRL_SET_TMP_RSA doesnt_exist
+#define SSL_CTRL_SET_TMP_RSA_CB doesnt_exist
-#define SSL_CTX_need_tmp_RSA SSL_CTX_need_tmp_RSA
-#define SSL_need_tmp_RSA SSL_need_tmp_RSA
-#define SSL_CTX_set_tmp_rsa SSL_CTX_set_tmp_rsa
-#define SSL_set_tmp_rsa SSL_set_tmp_rsa
-#define SSL_CTX_set_tmp_dh SSL_CTX_set_tmp_dh
-#define SSL_set_tmp_dh SSL_set_tmp_dh
-#define SSL_CTX_set_tmp_ecdh SSL_CTX_set_tmp_ecdh
-#define SSL_set_tmp_ecdh SSL_set_tmp_ecdh
-#define SSL_session_reused SSL_session_reused
-#define SSL_num_renegotiations SSL_num_renegotiations
-#define SSL_total_renegotiations SSL_total_renegotiations
-#define SSL_CTX_set_msg_callback_arg SSL_CTX_set_msg_callback_arg
-#define SSL_set_msg_callback_arg SSL_set_msg_callback_arg
-#define SSL_set_mtu SSL_set_mtu
-#define SSL_CTX_sess_number SSL_CTX_sess_number
-#define SSL_CTX_get_options SSL_CTX_get_options
-#define SSL_CTX_set_options SSL_CTX_set_options
-#define SSL_get_options SSL_get_options
-#define SSL_set_options SSL_set_options
+#define DTLSv1_get_timeout DTLSv1_get_timeout
+#define DTLSv1_handle_timeout DTLSv1_handle_timeout
+#define SSL_CTX_add0_chain_cert SSL_CTX_add0_chain_cert
+#define SSL_CTX_add1_chain_cert SSL_CTX_add1_chain_cert
+#define SSL_CTX_add_extra_chain_cert SSL_CTX_add_extra_chain_cert
+#define SSL_CTX_clear_extra_chain_certs SSL_CTX_clear_extra_chain_certs
+#define SSL_CTX_clear_chain_certs SSL_CTX_clear_chain_certs
+#define SSL_CTX_clear_mode SSL_CTX_clear_mode
+#define SSL_CTX_clear_options SSL_CTX_clear_options
+#define SSL_CTX_enable_tls_channel_id SSL_CTX_enable_tls_channel_id
+#define SSL_CTX_get0_chain_certs SSL_CTX_get0_chain_certs
+#define SSL_CTX_get_extra_chain_certs SSL_CTX_get_extra_chain_certs
+#define SSL_CTX_get_max_cert_list SSL_CTX_get_max_cert_list
#define SSL_CTX_get_mode SSL_CTX_get_mode
-#define SSL_CTX_set_mode SSL_CTX_set_mode
-#define SSL_get_mode SSL_get_mode
-#define SSL_set_mode SSL_set_mode
+#define SSL_CTX_get_options SSL_CTX_get_options
#define SSL_CTX_get_read_ahead SSL_CTX_get_read_ahead
-#define SSL_CTX_set_read_ahead SSL_CTX_set_read_ahead
-#define SSL_CTX_sess_set_cache_size SSL_CTX_sess_set_cache_size
-#define SSL_CTX_sess_get_cache_size SSL_CTX_sess_get_cache_size
-#define SSL_CTX_set_session_cache_mode SSL_CTX_set_session_cache_mode
#define SSL_CTX_get_session_cache_mode SSL_CTX_get_session_cache_mode
-#define SSL_CTX_get_max_cert_list SSL_CTX_get_max_cert_list
-#define SSL_get_max_cert_list SSL_get_max_cert_list
+#define SSL_CTX_get_tlsext_ticket_keys SSL_CTX_get_tlsext_ticket_keys
+#define SSL_CTX_need_tmp_RSA SSL_CTX_need_tmp_RSA
+#define SSL_CTX_sess_get_cache_size SSL_CTX_sess_get_cache_size
+#define SSL_CTX_sess_number SSL_CTX_sess_number
+#define SSL_CTX_sess_set_cache_size SSL_CTX_sess_set_cache_size
+#define SSL_CTX_set0_chain SSL_CTX_set0_chain
+#define SSL_CTX_set1_chain SSL_CTX_set1_chain
+#define SSL_CTX_set1_curves SSL_CTX_set1_curves
+#define SSL_CTX_set1_tls_channel_id SSL_CTX_set1_tls_channel_id
#define SSL_CTX_set_max_cert_list SSL_CTX_set_max_cert_list
-#define SSL_set_max_cert_list SSL_set_max_cert_list
#define SSL_CTX_set_max_send_fragment SSL_CTX_set_max_send_fragment
-#define SSL_set_max_send_fragment SSL_set_max_send_fragment
+#define SSL_CTX_set_mode SSL_CTX_set_mode
+#define SSL_CTX_set_msg_callback_arg SSL_CTX_set_msg_callback_arg
+#define SSL_CTX_set_options SSL_CTX_set_options
+#define SSL_CTX_set_read_ahead SSL_CTX_set_read_ahead
+#define SSL_CTX_set_session_cache_mode SSL_CTX_set_session_cache_mode
+#define SSL_CTX_set_tlsext_servername_arg SSL_CTX_set_tlsext_servername_arg
#define SSL_CTX_set_tlsext_servername_callback \
SSL_CTX_set_tlsext_servername_callback
-#define SSL_CTX_set_tlsext_servername_arg SSL_CTX_set_tlsext_servername_arg
-#define SSL_set_tlsext_host_name SSL_set_tlsext_host_name
#define SSL_CTX_set_tlsext_ticket_key_cb SSL_CTX_set_tlsext_ticket_key_cb
-#define DTLSv1_get_timeout DTLSv1_get_timeout
-#define DTLSv1_handle_timeout DTLSv1_handle_timeout
-#define SSL_get_secure_renegotiation_support \
- SSL_get_secure_renegotiation_support
-#define SSL_CTX_clear_options SSL_CTX_clear_options
-#define SSL_clear_options SSL_clear_options
-#define SSL_CTX_clear_mode SSL_CTX_clear_mode
+#define SSL_CTX_set_tlsext_ticket_keys SSL_CTX_set_tlsext_ticket_keys
+#define SSL_CTX_set_tmp_dh SSL_CTX_set_tmp_dh
+#define SSL_CTX_set_tmp_ecdh SSL_CTX_set_tmp_ecdh
+#define SSL_CTX_set_tmp_rsa SSL_CTX_set_tmp_rsa
+#define SSL_add0_chain_cert SSL_add0_chain_cert
+#define SSL_add1_chain_cert SSL_add1_chain_cert
+#define SSL_clear_chain_certs SSL_clear_chain_certs
#define SSL_clear_mode SSL_clear_mode
-#define SSL_CTX_enable_tls_channel_id SSL_CTX_enable_tls_channel_id
+#define SSL_clear_options SSL_clear_options
#define SSL_enable_tls_channel_id SSL_enable_tls_channel_id
-#define SSL_set1_tls_channel_id SSL_set1_tls_channel_id
-#define SSL_CTX_set1_tls_channel_id SSL_CTX_set1_tls_channel_id
+#define SSL_get0_certificate_types SSL_get0_certificate_types
+#define SSL_get0_chain_certs SSL_get0_chain_certs
+#define SSL_get_max_cert_list SSL_get_max_cert_list
+#define SSL_get_mode SSL_get_mode
+#define SSL_get_options SSL_get_options
+#define SSL_get_secure_renegotiation_support \
+ SSL_get_secure_renegotiation_support
#define SSL_get_tls_channel_id SSL_get_tls_channel_id
+#define SSL_need_tmp_RSA SSL_need_tmp_RSA
+#define SSL_num_renegotiations SSL_num_renegotiations
+#define SSL_session_reused SSL_session_reused
+#define SSL_set0_chain SSL_set0_chain
+#define SSL_set1_chain SSL_set1_chain
+#define SSL_set1_curves SSL_set1_curves
+#define SSL_set1_tls_channel_id SSL_set1_tls_channel_id
+#define SSL_set_max_cert_list SSL_set_max_cert_list
+#define SSL_set_max_send_fragment SSL_set_max_send_fragment
+#define SSL_set_mode SSL_set_mode
+#define SSL_set_msg_callback_arg SSL_set_msg_callback_arg
+#define SSL_set_mtu SSL_set_mtu
+#define SSL_set_options SSL_set_options
+#define SSL_set_tlsext_host_name SSL_set_tlsext_host_name
+#define SSL_set_tmp_dh SSL_set_tmp_dh
+#define SSL_set_tmp_ecdh SSL_set_tmp_ecdh
+#define SSL_set_tmp_rsa SSL_set_tmp_rsa
+#define SSL_total_renegotiations SSL_total_renegotiations
#if defined(__cplusplus)
@@ -2560,193 +3643,14 @@ OPENSSL_EXPORT const char *SSLeay_version(int unused);
* headers introduces circular dependencies and is inconsistent. The function
* declarations should move to ssl.h. Many of the constants can probably be
* pruned or unexported. */
-#include <openssl/ssl2.h>
#include <openssl/ssl3.h>
#include <openssl/tls1.h> /* This is mostly sslv3 with a few tweaks */
-#include <openssl/ssl23.h>
-#include <openssl/srtp.h> /* Support for the use_srtp extension */
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script make_errors.go. Any
* changes made after this point may be overwritten when the script is next run.
*/
-#define SSL_F_SSL_CTX_check_private_key 100
-#define SSL_F_SSL_CTX_new 101
-#define SSL_F_SSL_CTX_set_cipher_list 102
-#define SSL_F_SSL_CTX_set_cipher_list_tls11 103
-#define SSL_F_SSL_CTX_set_session_id_context 104
-#define SSL_F_SSL_CTX_use_PrivateKey 105
-#define SSL_F_SSL_CTX_use_PrivateKey_ASN1 106
-#define SSL_F_SSL_CTX_use_PrivateKey_file 107
-#define SSL_F_SSL_CTX_use_RSAPrivateKey 108
-#define SSL_F_SSL_CTX_use_RSAPrivateKey_ASN1 109
-#define SSL_F_SSL_CTX_use_RSAPrivateKey_file 110
-#define SSL_F_SSL_CTX_use_certificate 111
-#define SSL_F_SSL_CTX_use_certificate_ASN1 112
-#define SSL_F_SSL_CTX_use_certificate_chain_file 113
-#define SSL_F_SSL_CTX_use_certificate_file 114
-#define SSL_F_SSL_CTX_use_psk_identity_hint 115
-#define SSL_F_SSL_SESSION_new 116
-#define SSL_F_SSL_SESSION_print_fp 117
-#define SSL_F_SSL_SESSION_set1_id_context 118
-#define SSL_F_SSL_SESSION_to_bytes_full 119
-#define SSL_F_SSL_accept 120
-#define SSL_F_SSL_add_dir_cert_subjects_to_stack 121
-#define SSL_F_SSL_add_file_cert_subjects_to_stack 122
-#define SSL_F_SSL_check_private_key 123
-#define SSL_F_SSL_clear 124
-#define SSL_F_SSL_connect 125
-#define SSL_F_SSL_do_handshake 126
-#define SSL_F_SSL_load_client_CA_file 127
-#define SSL_F_SSL_new 128
-#define SSL_F_SSL_peek 129
-#define SSL_F_SSL_read 130
-#define SSL_F_SSL_renegotiate 131
-#define SSL_F_SSL_set_cipher_list 132
-#define SSL_F_SSL_set_fd 133
-#define SSL_F_SSL_set_rfd 134
-#define SSL_F_SSL_set_session_id_context 135
-#define SSL_F_SSL_set_wfd 136
-#define SSL_F_SSL_shutdown 137
-#define SSL_F_SSL_use_PrivateKey 138
-#define SSL_F_SSL_use_PrivateKey_ASN1 139
-#define SSL_F_SSL_use_PrivateKey_file 140
-#define SSL_F_SSL_use_RSAPrivateKey 141
-#define SSL_F_SSL_use_RSAPrivateKey_ASN1 142
-#define SSL_F_SSL_use_RSAPrivateKey_file 143
-#define SSL_F_SSL_use_certificate 144
-#define SSL_F_SSL_use_certificate_ASN1 145
-#define SSL_F_SSL_use_certificate_file 146
-#define SSL_F_SSL_use_psk_identity_hint 147
-#define SSL_F_SSL_write 148
-#define SSL_F_d2i_SSL_SESSION 149
-#define SSL_F_d2i_SSL_SESSION_get_octet_string 150
-#define SSL_F_d2i_SSL_SESSION_get_string 151
-#define SSL_F_do_ssl3_write 152
-#define SSL_F_dtls1_accept 153
-#define SSL_F_dtls1_buffer_record 154
-#define SSL_F_dtls1_check_timeout_num 155
-#define SSL_F_dtls1_connect 156
-#define SSL_F_dtls1_do_write 157
-#define SSL_F_dtls1_get_hello_verify 158
-#define SSL_F_dtls1_get_message 159
-#define SSL_F_dtls1_get_message_fragment 160
-#define SSL_F_dtls1_preprocess_fragment 161
-#define SSL_F_dtls1_process_record 162
-#define SSL_F_dtls1_read_bytes 163
-#define SSL_F_dtls1_send_hello_verify_request 164
-#define SSL_F_dtls1_write_app_data 165
-#define SSL_F_i2d_SSL_SESSION 166
-#define SSL_F_ssl3_accept 167
-#define SSL_F_ssl3_cert_verify_hash 169
-#define SSL_F_ssl3_check_cert_and_algorithm 170
-#define SSL_F_ssl3_connect 171
-#define SSL_F_ssl3_ctrl 172
-#define SSL_F_ssl3_ctx_ctrl 173
-#define SSL_F_ssl3_digest_cached_records 174
-#define SSL_F_ssl3_do_change_cipher_spec 175
-#define SSL_F_ssl3_expect_change_cipher_spec 176
-#define SSL_F_ssl3_get_cert_status 177
-#define SSL_F_ssl3_get_cert_verify 178
-#define SSL_F_ssl3_get_certificate_request 179
-#define SSL_F_ssl3_get_channel_id 180
-#define SSL_F_ssl3_get_client_certificate 181
-#define SSL_F_ssl3_get_client_hello 182
-#define SSL_F_ssl3_get_client_key_exchange 183
-#define SSL_F_ssl3_get_finished 184
-#define SSL_F_ssl3_get_initial_bytes 185
-#define SSL_F_ssl3_get_message 186
-#define SSL_F_ssl3_get_new_session_ticket 187
-#define SSL_F_ssl3_get_next_proto 188
-#define SSL_F_ssl3_get_record 189
-#define SSL_F_ssl3_get_server_certificate 190
-#define SSL_F_ssl3_get_server_done 191
-#define SSL_F_ssl3_get_server_hello 192
-#define SSL_F_ssl3_get_server_key_exchange 193
-#define SSL_F_ssl3_get_v2_client_hello 194
-#define SSL_F_ssl3_handshake_mac 195
-#define SSL_F_ssl3_prf 196
-#define SSL_F_ssl3_read_bytes 197
-#define SSL_F_ssl3_read_n 198
-#define SSL_F_ssl3_send_cert_verify 199
-#define SSL_F_ssl3_send_certificate_request 200
-#define SSL_F_ssl3_send_channel_id 201
-#define SSL_F_ssl3_send_client_certificate 202
-#define SSL_F_ssl3_send_client_hello 203
-#define SSL_F_ssl3_send_client_key_exchange 204
-#define SSL_F_ssl3_send_server_certificate 205
-#define SSL_F_ssl3_send_server_hello 206
-#define SSL_F_ssl3_send_server_key_exchange 207
-#define SSL_F_ssl3_setup_read_buffer 208
-#define SSL_F_ssl3_setup_write_buffer 209
-#define SSL_F_ssl3_write_bytes 210
-#define SSL_F_ssl3_write_pending 211
-#define SSL_F_ssl_add_cert_chain 212
-#define SSL_F_ssl_add_cert_to_buf 213
-#define SSL_F_ssl_add_clienthello_renegotiate_ext 214
-#define SSL_F_ssl_add_clienthello_tlsext 215
-#define SSL_F_ssl_add_clienthello_use_srtp_ext 216
-#define SSL_F_ssl_add_serverhello_renegotiate_ext 217
-#define SSL_F_ssl_add_serverhello_tlsext 218
-#define SSL_F_ssl_add_serverhello_use_srtp_ext 219
-#define SSL_F_ssl_build_cert_chain 220
-#define SSL_F_ssl_bytes_to_cipher_list 221
-#define SSL_F_ssl_cert_dup 222
-#define SSL_F_ssl_cert_inst 223
-#define SSL_F_ssl_cert_new 224
-#define SSL_F_ssl_check_serverhello_tlsext 225
-#define SSL_F_ssl_check_srvr_ecc_cert_and_alg 226
-#define SSL_F_ssl_cipher_process_rulestr 227
-#define SSL_F_ssl_cipher_strength_sort 228
-#define SSL_F_ssl_create_cipher_list 229
-#define SSL_F_ssl_ctx_log_master_secret 230
-#define SSL_F_ssl_ctx_log_rsa_client_key_exchange 231
-#define SSL_F_ssl_ctx_make_profiles 232
-#define SSL_F_ssl_get_new_session 233
-#define SSL_F_ssl_get_prev_session 234
-#define SSL_F_ssl_get_server_cert_index 235
-#define SSL_F_ssl_get_sign_pkey 236
-#define SSL_F_ssl_init_wbio_buffer 237
-#define SSL_F_ssl_parse_clienthello_renegotiate_ext 238
-#define SSL_F_ssl_parse_clienthello_tlsext 239
-#define SSL_F_ssl_parse_clienthello_use_srtp_ext 240
-#define SSL_F_ssl_parse_serverhello_renegotiate_ext 241
-#define SSL_F_ssl_parse_serverhello_tlsext 242
-#define SSL_F_ssl_parse_serverhello_use_srtp_ext 243
-#define SSL_F_ssl_scan_clienthello_tlsext 244
-#define SSL_F_ssl_scan_serverhello_tlsext 245
-#define SSL_F_ssl_sess_cert_new 246
-#define SSL_F_ssl_set_cert 247
-#define SSL_F_ssl_set_pkey 248
-#define SSL_F_ssl_verify_cert_chain 252
-#define SSL_F_tls12_check_peer_sigalg 253
-#define SSL_F_tls1_aead_ctx_init 254
-#define SSL_F_tls1_cert_verify_mac 255
-#define SSL_F_tls1_change_cipher_state 256
-#define SSL_F_tls1_change_cipher_state_aead 257
-#define SSL_F_tls1_check_duplicate_extensions 258
-#define SSL_F_tls1_enc 259
-#define SSL_F_tls1_export_keying_material 260
-#define SSL_F_tls1_prf 261
-#define SSL_F_tls1_setup_key_block 262
-#define SSL_F_dtls1_get_buffered_message 263
-#define SSL_F_dtls1_process_fragment 264
-#define SSL_F_dtls1_hm_fragment_new 265
-#define SSL_F_ssl3_seal_record 266
-#define SSL_F_ssl3_record_sequence_update 267
-#define SSL_F_SSL_CTX_set_tmp_dh 268
-#define SSL_F_SSL_CTX_set_tmp_ecdh 269
-#define SSL_F_SSL_set_tmp_dh 270
-#define SSL_F_SSL_set_tmp_ecdh 271
-#define SSL_F_SSL_CTX_set1_tls_channel_id 272
-#define SSL_F_SSL_set1_tls_channel_id 273
-#define SSL_F_SSL_set_tlsext_host_name 274
-#define SSL_F_ssl3_output_cert_chain 275
-#define SSL_F_SSL_AEAD_CTX_new 276
-#define SSL_F_SSL_AEAD_CTX_open 277
-#define SSL_F_SSL_AEAD_CTX_seal 278
-#define SSL_F_dtls1_seal_record 279
#define SSL_R_APP_DATA_IN_HANDSHAKE 100
#define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 101
#define SSL_R_BAD_ALERT 102
@@ -2925,6 +3829,15 @@ OPENSSL_EXPORT const char *SSLeay_version(int unused);
#define SSL_R_RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION 275
#define SSL_R_EMS_STATE_INCONSISTENT 276
#define SSL_R_RESUMED_NON_EMS_SESSION_WITH_EMS_EXTENSION 277
+#define SSL_R_TOO_MANY_WARNING_ALERTS 278
+#define SSL_R_UNEXPECTED_EXTENSION 279
+#define SSL_R_SIGNATURE_ALGORITHMS_EXTENSION_SENT_BY_SERVER 280
+#define SSL_R_ERROR_ADDING_EXTENSION 281
+#define SSL_R_ERROR_PARSING_EXTENSION 282
+#define SSL_R_MISSING_EXTENSION 283
+#define SSL_R_CUSTOM_EXTENSION_CONTENTS_TOO_LARGE 284
+#define SSL_R_CUSTOM_EXTENSION_ERROR 285
+#define SSL_R_NEGOTIATED_BOTH_NPN_AND_ALPN 286
#define SSL_R_SSLV3_ALERT_CLOSE_NOTIFY 1000
#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
diff --git a/src/include/openssl/ssl2.h b/src/include/openssl/ssl2.h
deleted file mode 100644
index b8401fa..0000000
--- a/src/include/openssl/ssl2.h
+++ /dev/null
@@ -1,268 +0,0 @@
-/* ssl/ssl2.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SSL2_H
-#define HEADER_SSL2_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Protocol Version Codes */
-#define SSL2_VERSION 0x0002
-#define SSL2_VERSION_MAJOR 0x00
-#define SSL2_VERSION_MINOR 0x02
-/* #define SSL2_CLIENT_VERSION 0x0002 */
-/* #define SSL2_SERVER_VERSION 0x0002 */
-
-/* Protocol Message Codes */
-#define SSL2_MT_ERROR 0
-#define SSL2_MT_CLIENT_HELLO 1
-#define SSL2_MT_CLIENT_MASTER_KEY 2
-#define SSL2_MT_CLIENT_FINISHED 3
-#define SSL2_MT_SERVER_HELLO 4
-#define SSL2_MT_SERVER_VERIFY 5
-#define SSL2_MT_SERVER_FINISHED 6
-#define SSL2_MT_REQUEST_CERTIFICATE 7
-#define SSL2_MT_CLIENT_CERTIFICATE 8
-
-/* Error Message Codes */
-#define SSL2_PE_UNDEFINED_ERROR 0x0000
-#define SSL2_PE_NO_CIPHER 0x0001
-#define SSL2_PE_NO_CERTIFICATE 0x0002
-#define SSL2_PE_BAD_CERTIFICATE 0x0004
-#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
-
-/* Cipher Kind Values */
-#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */
-#define SSL2_CK_RC4_128_WITH_MD5 0x02010080
-#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080
-#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080
-#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080
-#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080
-#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040
-#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */
-#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0
-#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */
-#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */
-
-#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */
-#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */
-
-#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1"
-#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5"
-#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5"
-#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5"
-#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5"
-#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5"
-#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5"
-#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5"
-#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA"
-#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5"
-#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA"
-#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5"
-
-#define SSL2_TXT_NULL "NULL"
-
-/* Flags for the SSL_CIPHER.algorithm2 field */
-#define SSL2_CF_5_BYTE_ENC 0x01
-#define SSL2_CF_8_BYTE_ENC 0x02
-
-/* Certificate Type Codes */
-#define SSL2_CT_X509_CERTIFICATE 0x01
-
-/* Authentication Type Code */
-#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01
-
-#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32
-
-/* Upper/Lower Bounds */
-#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256
-#ifdef OPENSSL_SYS_MPE
-#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 29998u
-#else
-#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u /* 2^15-1 */
-#endif
-#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /* 2^14-1 */
-
-#define SSL2_CHALLENGE_LENGTH 16
-/*#define SSL2_CHALLENGE_LENGTH 32 */
-#define SSL2_MIN_CHALLENGE_LENGTH 16
-#define SSL2_MAX_CHALLENGE_LENGTH 32
-#define SSL2_CONNECTION_ID_LENGTH 16
-#define SSL2_MAX_CONNECTION_ID_LENGTH 16
-#define SSL2_SSL_SESSION_ID_LENGTH 16
-#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32
-#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16
-#define SSL2_MAX_KEY_MATERIAL_LENGTH 24
-
-#ifndef OPENSSL_NO_SSL_INTERN
-
-typedef struct ssl2_state_st
- {
- int three_byte_header;
- int clear_text; /* clear text */
- int escape; /* not used in SSLv2 */
- int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */
-
- /* non-blocking io info, used to make sure the same
- * args were passwd */
- unsigned int wnum; /* number of bytes sent so far */
- int wpend_tot;
- const unsigned char *wpend_buf;
-
- int wpend_off; /* offset to data to write */
- int wpend_len; /* number of bytes passwd to write */
- int wpend_ret; /* number of bytes to return to caller */
-
- /* buffer raw data */
- int rbuf_left;
- int rbuf_offs;
- unsigned char *rbuf;
- unsigned char *wbuf;
-
- unsigned char *write_ptr;/* used to point to the start due to
- * 2/3 byte header. */
-
- unsigned int padding;
- unsigned int rlength; /* passed to ssl2_enc */
- int ract_data_length; /* Set when things are encrypted. */
- unsigned int wlength; /* passed to ssl2_enc */
- int wact_data_length; /* Set when things are decrypted. */
- unsigned char *ract_data;
- unsigned char *wact_data;
- unsigned char *mac_data;
-
- unsigned char *read_key;
- unsigned char *write_key;
-
- /* Stuff specifically to do with this SSL session */
- unsigned int challenge_length;
- unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH];
- unsigned int conn_id_length;
- unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
- unsigned int key_material_length;
- unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2];
-
- unsigned long read_sequence;
- unsigned long write_sequence;
-
- struct {
- unsigned int conn_id_length;
- unsigned int cert_type;
- unsigned int cert_length;
- unsigned int csl;
- unsigned int clear;
- unsigned int enc;
- unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH];
- unsigned int cipher_spec_length;
- unsigned int session_id_length;
- unsigned int clen;
- unsigned int rlen;
- } tmp;
- } SSL2_STATE;
-
-#endif
-
-/* SSLv2 */
-/* client */
-#define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_HELLO_B (0x11|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_HELLO_A (0x20|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_HELLO_B (0x21|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_MASTER_KEY_A (0x30|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_MASTER_KEY_B (0x31|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_FINISHED_A (0x40|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_FINISHED_B (0x41|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_CERTIFICATE_A (0x50|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_CERTIFICATE_B (0x51|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_CERTIFICATE_C (0x52|SSL_ST_CONNECT)
-#define SSL2_ST_SEND_CLIENT_CERTIFICATE_D (0x53|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_VERIFY_A (0x60|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_VERIFY_B (0x61|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_FINISHED_A (0x70|SSL_ST_CONNECT)
-#define SSL2_ST_GET_SERVER_FINISHED_B (0x71|SSL_ST_CONNECT)
-#define SSL2_ST_CLIENT_START_ENCRYPTION (0x80|SSL_ST_CONNECT)
-#define SSL2_ST_X509_GET_CLIENT_CERTIFICATE (0x90|SSL_ST_CONNECT)
-/* server */
-#define SSL2_ST_GET_CLIENT_HELLO_A (0x10|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_HELLO_B (0x11|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_HELLO_C (0x12|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_HELLO_A (0x20|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_HELLO_B (0x21|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_MASTER_KEY_A (0x30|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_MASTER_KEY_B (0x31|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_VERIFY_A (0x40|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_VERIFY_B (0x41|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_VERIFY_C (0x42|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_FINISHED_A (0x50|SSL_ST_ACCEPT)
-#define SSL2_ST_GET_CLIENT_FINISHED_B (0x51|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_FINISHED_A (0x60|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_SERVER_FINISHED_B (0x61|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_REQUEST_CERTIFICATE_A (0x70|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_REQUEST_CERTIFICATE_B (0x71|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_REQUEST_CERTIFICATE_C (0x72|SSL_ST_ACCEPT)
-#define SSL2_ST_SEND_REQUEST_CERTIFICATE_D (0x73|SSL_ST_ACCEPT)
-#define SSL2_ST_SERVER_START_ENCRYPTION (0x80|SSL_ST_ACCEPT)
-#define SSL2_ST_X509_GET_SERVER_CERTIFICATE (0x90|SSL_ST_ACCEPT)
-
-#ifdef __cplusplus
-}
-#endif
-#endif
-
diff --git a/src/include/openssl/ssl23.h b/src/include/openssl/ssl23.h
deleted file mode 100644
index df395a8..0000000
--- a/src/include/openssl/ssl23.h
+++ /dev/null
@@ -1,85 +0,0 @@
-/* ssl/ssl23.h */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SSL23_H
-#define HEADER_SSL23_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-
-/*client */
-/* write to server */
-#define SSL23_ST_CW_CLNT_HELLO_A (0x210 | SSL_ST_CONNECT)
-#define SSL23_ST_CW_CLNT_HELLO_B (0x211 | SSL_ST_CONNECT)
-/* read from server */
-#define SSL23_ST_CR_SRVR_HELLO_A (0x220 | SSL_ST_CONNECT)
-#define SSL23_ST_CR_SRVR_HELLO_B (0x221 | SSL_ST_CONNECT)
-
-/* server */
-/* read from client */
-#define SSL23_ST_SR_CLNT_HELLO (0x210 | SSL_ST_ACCEPT)
-#define SSL23_ST_SR_V2_CLNT_HELLO (0x220 | SSL_ST_ACCEPT)
-#define SSL23_ST_SR_SWITCH_VERSION (0x230 | SSL_ST_ACCEPT)
-
-
-#ifdef __cplusplus
-}
-#endif
-#endif
diff --git a/src/include/openssl/ssl3.h b/src/include/openssl/ssl3.h
index 640a228..1f6ca31 100644
--- a/src/include/openssl/ssl3.h
+++ b/src/include/openssl/ssl3.h
@@ -127,11 +127,14 @@
extern "C" {
#endif
+/* These are kept to support clients that negotiates higher protocol versions
+ * using SSLv2 client hello records. */
+#define SSL2_MT_CLIENT_HELLO 1
+#define SSL2_VERSION 0x0002
-/* Signalling cipher suite value: from RFC5746 */
+/* Signalling cipher suite value from RFC 5746. */
#define SSL3_CK_SCSV 0x030000FF
-/* Fallback signalling cipher suite value: not IANA assigned.
- * See https://tools.ietf.org/html/draft-bmoeller-tls-downgrade-scsv-01 */
+/* Fallback signalling cipher suite value from RFC 7507. */
#define SSL3_CK_FALLBACK_SCSV 0x03005600
#define SSL3_CK_RSA_NULL_MD5 0x03000001
@@ -269,29 +272,11 @@ OPENSSL_COMPILE_ASSERT(
#define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54"
#define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52"
-#define SSL3_VERSION 0x0300
-#define SSL3_VERSION_MAJOR 0x03
-#define SSL3_VERSION_MINOR 0x00
-
#define SSL3_RT_CHANGE_CIPHER_SPEC 20
#define SSL3_RT_ALERT 21
#define SSL3_RT_HANDSHAKE 22
#define SSL3_RT_APPLICATION_DATA 23
-/* Pseudo content types to indicate additional parameters */
-#define TLS1_RT_CRYPTO 0x1000
-#define TLS1_RT_CRYPTO_PREMASTER (TLS1_RT_CRYPTO | 0x1)
-#define TLS1_RT_CRYPTO_CLIENT_RANDOM (TLS1_RT_CRYPTO | 0x2)
-#define TLS1_RT_CRYPTO_SERVER_RANDOM (TLS1_RT_CRYPTO | 0x3)
-#define TLS1_RT_CRYPTO_MASTER (TLS1_RT_CRYPTO | 0x4)
-
-#define TLS1_RT_CRYPTO_READ 0x0000
-#define TLS1_RT_CRYPTO_WRITE 0x0100
-#define TLS1_RT_CRYPTO_MAC (TLS1_RT_CRYPTO | 0x5)
-#define TLS1_RT_CRYPTO_KEY (TLS1_RT_CRYPTO | 0x6)
-#define TLS1_RT_CRYPTO_IV (TLS1_RT_CRYPTO | 0x7)
-#define TLS1_RT_CRYPTO_FIXED_IV (TLS1_RT_CRYPTO | 0x8)
-
/* Pseudo content type for SSL/TLS header info */
#define SSL3_RT_HEADER 0x100
@@ -322,22 +307,17 @@ typedef struct ssl3_record_st {
/* data is a non-owning pointer to the record contents. The total length of
* the buffer is |off| + |length|. */
uint8_t *data;
- /* epoch, in DTLS, is the epoch number of the record. */
- uint16_t epoch;
- /* seq_num, in DTLS, is the sequence number of the record. The top two bytes
- * are always zero.
- *
- * TODO(davidben): This is confusing. They should include the epoch or the
- * field should be six bytes. */
- uint8_t seq_num[8];
} SSL3_RECORD;
typedef struct ssl3_buffer_st {
- uint8_t *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes, see
- ssl3_setup_buffers() */
- size_t len; /* buffer size */
- int offset; /* where to 'copy from' */
- int left; /* how many bytes left */
+ /* buf is the memory allocated for this buffer. */
+ uint8_t *buf;
+ /* offset is the offset into |buf| which the buffer contents start at. */
+ uint16_t offset;
+ /* len is the length of the buffer contents from |buf| + |offset|. */
+ uint16_t len;
+ /* cap is how much memory beyond |buf| + |offset| is available. */
+ uint16_t cap;
} SSL3_BUFFER;
#define SSL3_CT_RSA_SIGN 1
@@ -369,9 +349,6 @@ typedef struct ssl3_state_st {
/* flags for countermeasure against known-IV weakness */
int need_record_splitting;
- /* The value of 'extra' when the buffers were initialized */
- int init_extra;
-
/* have_version is true if the connection's final version is known. Otherwise
* the version has not been negotiated yet. */
char have_version;
@@ -380,13 +357,10 @@ typedef struct ssl3_state_st {
* completed. */
char initial_handshake_complete;
- /* sniff_buffer is used by the server in the initial handshake to read a
- * V2ClientHello before the record layer is initialized. */
- BUF_MEM *sniff_buffer;
- size_t sniff_buffer_len;
-
- SSL3_BUFFER rbuf; /* read IO goes into here */
- SSL3_BUFFER wbuf; /* write IO goes into here */
+ /* read_buffer holds data from the transport to be processed. */
+ SSL3_BUFFER read_buffer;
+ /* write_buffer holds data to be written to the transport. */
+ SSL3_BUFFER write_buffer;
SSL3_RECORD rrec; /* each decoded record goes in here */
@@ -402,11 +376,15 @@ typedef struct ssl3_state_st {
int wpend_ret; /* number of bytes submitted */
const uint8_t *wpend_buf;
- /* used during startup, digest all incoming/outgoing packets */
- BIO *handshake_buffer;
- /* When set of handshake digests is determined, buffer is hashed and freed
- * and MD_CTX-es for all required digests are stored in this array */
- EVP_MD_CTX **handshake_dgst;
+ /* handshake_buffer, if non-NULL, contains the handshake transcript. */
+ BUF_MEM *handshake_buffer;
+ /* handshake_hash, if initialized with an |EVP_MD|, maintains the handshake
+ * hash. For TLS 1.1 and below, it is the SHA-1 half. */
+ EVP_MD_CTX handshake_hash;
+ /* handshake_md5, if initialized with an |EVP_MD|, maintains the MD5 half of
+ * the handshake hash for TLS 1.1 and below. */
+ EVP_MD_CTX handshake_md5;
+
/* this is set whenerver we see a change_cipher_spec message come in when we
* are not looking for one */
int change_cipher_spec;
@@ -420,6 +398,13 @@ typedef struct ssl3_state_st {
int total_renegotiations;
+ /* empty_record_count is the number of consecutive empty records received. */
+ uint8_t empty_record_count;
+
+ /* warning_alert_count is the number of consecutive warning alerts
+ * received. */
+ uint8_t warning_alert_count;
+
/* State pertaining to the pending handshake.
*
* TODO(davidben): State is current spread all over the place. Move
@@ -446,6 +431,34 @@ typedef struct ssl3_state_st {
int reuse_message;
+ union {
+ /* sent is a bitset where the bits correspond to elements of kExtensions
+ * in t1_lib.c. Each bit is set if that extension was sent in a
+ * ClientHello. It's not used by servers. */
+ uint32_t sent;
+ /* received is a bitset, like |sent|, but is used by servers to record
+ * which extensions were received from a client. */
+ uint32_t received;
+ } extensions;
+
+ union {
+ /* sent is a bitset where the bits correspond to elements of
+ * |client_custom_extensions| in the |SSL_CTX|. Each bit is set if that
+ * extension was sent in a ClientHello. It's not used by servers. */
+ uint16_t sent;
+ /* received is a bitset, like |sent|, but is used by servers to record
+ * which custom extensions were received from a client. The bits here
+ * correspond to |server_custom_extensions|. */
+ uint16_t received;
+ } custom_extensions;
+
+ /* SNI extension */
+
+ /* should_ack_sni is used by a server and indicates that the SNI extension
+ * should be echoed in the ServerHello. */
+ unsigned should_ack_sni:1;
+
+
/* Client-only: cert_req determines if a client certificate is to be sent.
* This is 0 if no client Certificate message is to be sent, 1 if there is
* a client certificate, and 2 to send an empty client Certificate
@@ -474,13 +487,12 @@ typedef struct ssl3_state_st {
int cert_request;
/* certificate_status_expected is true if OCSP stapling was negotiated and
- * the server is expected to send a CertificateStatus message. */
- char certificate_status_expected;
+ * the server is expected to send a CertificateStatus message. (This is
+ * used on both the client and server sides.) */
+ unsigned certificate_status_expected:1;
- /* peer_ecpointformatlist contains the EC point formats advertised by the
- * peer. */
- uint8_t *peer_ecpointformatlist;
- size_t peer_ecpointformatlist_length;
+ /* ocsp_stapling_requested is true if a client requested OCSP stapling. */
+ unsigned ocsp_stapling_requested:1;
/* Server-only: peer_ellipticcurvelist contains the EC curve IDs advertised
* by the peer. This is only set on the server's end. The server does not
@@ -507,6 +519,12 @@ typedef struct ssl3_state_st {
/* Client-only: in_false_start is one if there is a pending handshake in
* False Start. The client may write data at this point. */
char in_false_start;
+
+ /* peer_dh_tmp, on a client, is the server's DHE public key. */
+ DH *peer_dh_tmp;
+
+ /* peer_ecdh_tmp, on a client, is the server's ECDHE public key. */
+ EC_KEY *peer_ecdh_tmp;
} tmp;
/* Connection binding to prevent renegotiation attacks */
@@ -533,11 +551,6 @@ typedef struct ssl3_state_st {
* Channel IDs and that tlsext_channel_id will be valid after the
* handshake. */
char tlsext_channel_id_valid;
- /* tlsext_channel_id_new means that the updated Channel ID extension was
- * negotiated. This is a temporary hack in the code to support both forms of
- * Channel ID extension while we transition to the new format, which fixed a
- * security issue. */
- char tlsext_channel_id_new;
/* For a server:
* If |tlsext_channel_id_valid| is true, then this contains the
* verified Channel ID from the client: a P256 point, (x,y), where
@@ -550,6 +563,7 @@ typedef struct ssl3_state_st {
/* extra state */
#define SSL3_ST_CW_FLUSH (0x100 | SSL_ST_CONNECT)
#define SSL3_ST_FALSE_START (0x101 | SSL_ST_CONNECT)
+#define SSL3_ST_VERIFY_SERVER_CERT (0x102 | SSL_ST_CONNECT)
/* write to server */
#define SSL3_ST_CW_CLNT_HELLO_A (0x110 | SSL_ST_CONNECT)
#define SSL3_ST_CW_CLNT_HELLO_B (0x111 | SSL_ST_CONNECT)
@@ -575,6 +589,7 @@ typedef struct ssl3_state_st {
#define SSL3_ST_CW_KEY_EXCH_B (0x181 | SSL_ST_CONNECT)
#define SSL3_ST_CW_CERT_VRFY_A (0x190 | SSL_ST_CONNECT)
#define SSL3_ST_CW_CERT_VRFY_B (0x191 | SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_VRFY_C (0x192 | SSL_ST_CONNECT)
#define SSL3_ST_CW_CHANGE_A (0x1A0 | SSL_ST_CONNECT)
#define SSL3_ST_CW_CHANGE_B (0x1A1 | SSL_ST_CONNECT)
#define SSL3_ST_CW_NEXT_PROTO_A (0x200 | SSL_ST_CONNECT)
@@ -613,6 +628,7 @@ typedef struct ssl3_state_st {
#define SSL3_ST_SW_CERT_B (0x141 | SSL_ST_ACCEPT)
#define SSL3_ST_SW_KEY_EXCH_A (0x150 | SSL_ST_ACCEPT)
#define SSL3_ST_SW_KEY_EXCH_B (0x151 | SSL_ST_ACCEPT)
+#define SSL3_ST_SW_KEY_EXCH_C (0x152 | SSL_ST_ACCEPT)
#define SSL3_ST_SW_CERT_REQ_A (0x160 | SSL_ST_ACCEPT)
#define SSL3_ST_SW_CERT_REQ_B (0x161 | SSL_ST_ACCEPT)
#define SSL3_ST_SW_SRVR_DONE_A (0x170 | SSL_ST_ACCEPT)
diff --git a/src/include/openssl/stack.h b/src/include/openssl/stack.h
index 350fa14..b600b43 100644
--- a/src/include/openssl/stack.h
+++ b/src/include/openssl/stack.h
@@ -111,11 +111,6 @@ typedef struct stack_st {
#define STACK_OF(type) struct stack_st_##type
-#define DEFINE_STACK_OF(type) \
-STACK_OF(type) {\
- _STACK stack; \
-}
-
#define DECLARE_STACK_OF(type) STACK_OF(type);
/* The make_macros.sh script in this directory parses the following lines and
@@ -140,12 +135,14 @@ STACK_OF(type) {\
* STACK_OF:GENERAL_NAMES
* STACK_OF:GENERAL_SUBTREE
* STACK_OF:MIME_HEADER
- * STACK_OF:PKCS7_SIGNER_INFO
* STACK_OF:PKCS7_RECIP_INFO
+ * STACK_OF:PKCS7_SIGNER_INFO
* STACK_OF:POLICYINFO
* STACK_OF:POLICYQUALINFO
* STACK_OF:POLICY_MAPPING
+ * STACK_OF:RSA_additional_prime
* STACK_OF:SSL_COMP
+ * STACK_OF:SSL_CUSTOM_EXTENSION
* STACK_OF:STACK_OF_X509_NAME_ENTRY
* STACK_OF:SXNETID
* STACK_OF:X509
diff --git a/src/include/openssl/stack_macros.h b/src/include/openssl/stack_macros.h
index dadcf6b..08097af 100644
--- a/src/include/openssl/stack_macros.h
+++ b/src/include/openssl/stack_macros.h
@@ -1511,6 +1511,93 @@
copy_func), \
CHECKED_CAST(void (*)(void *), void (*)(MIME_HEADER *), free_func)))
+/* PKCS7_RECIP_INFO */
+#define sk_PKCS7_RECIP_INFO_new(comp) \
+ ((STACK_OF(PKCS7_RECIP_INFO) *)sk_new(CHECKED_CAST( \
+ stack_cmp_func, \
+ int (*)(const PKCS7_RECIP_INFO **a, const PKCS7_RECIP_INFO **b), comp)))
+
+#define sk_PKCS7_RECIP_INFO_new_null() \
+ ((STACK_OF(PKCS7_RECIP_INFO) *)sk_new_null())
+
+#define sk_PKCS7_RECIP_INFO_num(sk) \
+ sk_num(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk))
+
+#define sk_PKCS7_RECIP_INFO_zero(sk) \
+ sk_zero(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk));
+
+#define sk_PKCS7_RECIP_INFO_value(sk, i) \
+ ((PKCS7_RECIP_INFO *)sk_value( \
+ CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk), (i)))
+
+#define sk_PKCS7_RECIP_INFO_set(sk, i, p) \
+ ((PKCS7_RECIP_INFO *)sk_set( \
+ CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), (i), \
+ CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p)))
+
+#define sk_PKCS7_RECIP_INFO_free(sk) \
+ sk_free(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk))
+
+#define sk_PKCS7_RECIP_INFO_pop_free(sk, free_func) \
+ sk_pop_free( \
+ CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \
+ CHECKED_CAST(void (*)(void *), void (*)(PKCS7_RECIP_INFO *), free_func))
+
+#define sk_PKCS7_RECIP_INFO_insert(sk, p, where) \
+ sk_insert(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \
+ CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p), (where))
+
+#define sk_PKCS7_RECIP_INFO_delete(sk, where) \
+ ((PKCS7_RECIP_INFO *)sk_delete( \
+ CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), (where)))
+
+#define sk_PKCS7_RECIP_INFO_delete_ptr(sk, p) \
+ ((PKCS7_RECIP_INFO *)sk_delete_ptr( \
+ CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \
+ CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p)))
+
+#define sk_PKCS7_RECIP_INFO_find(sk, out_index, p) \
+ sk_find(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \
+ (out_index), CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p))
+
+#define sk_PKCS7_RECIP_INFO_shift(sk) \
+ ((PKCS7_RECIP_INFO *)sk_shift( \
+ CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk)))
+
+#define sk_PKCS7_RECIP_INFO_push(sk, p) \
+ sk_push(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \
+ CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p))
+
+#define sk_PKCS7_RECIP_INFO_pop(sk) \
+ ((PKCS7_RECIP_INFO *)sk_pop( \
+ CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk)))
+
+#define sk_PKCS7_RECIP_INFO_dup(sk) \
+ ((STACK_OF(PKCS7_RECIP_INFO) *)sk_dup( \
+ CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk)))
+
+#define sk_PKCS7_RECIP_INFO_sort(sk) \
+ sk_sort(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk))
+
+#define sk_PKCS7_RECIP_INFO_is_sorted(sk) \
+ sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk))
+
+#define sk_PKCS7_RECIP_INFO_set_cmp_func(sk, comp) \
+ ((int (*)(const PKCS7_RECIP_INFO **a, const PKCS7_RECIP_INFO **b)) \
+ sk_set_cmp_func( \
+ CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \
+ CHECKED_CAST(stack_cmp_func, int (*)(const PKCS7_RECIP_INFO **a, \
+ const PKCS7_RECIP_INFO **b), \
+ comp)))
+
+#define sk_PKCS7_RECIP_INFO_deep_copy(sk, copy_func, free_func) \
+ ((STACK_OF(PKCS7_RECIP_INFO) *)sk_deep_copy( \
+ CHECKED_CAST(const _STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk), \
+ CHECKED_CAST(void *(*)(void *), \
+ PKCS7_RECIP_INFO *(*)(PKCS7_RECIP_INFO *), copy_func), \
+ CHECKED_CAST(void (*)(void *), void (*)(PKCS7_RECIP_INFO *), \
+ free_func)))
+
/* PKCS7_SIGNER_INFO */
#define sk_PKCS7_SIGNER_INFO_new(comp) \
((STACK_OF(PKCS7_SIGNER_INFO) *)sk_new(CHECKED_CAST( \
@@ -1599,93 +1686,6 @@
CHECKED_CAST(void (*)(void *), void (*)(PKCS7_SIGNER_INFO *), \
free_func)))
-/* PKCS7_RECIP_INFO */
-#define sk_PKCS7_RECIP_INFO_new(comp) \
- ((STACK_OF(PKCS7_RECIP_INFO) *)sk_new(CHECKED_CAST( \
- stack_cmp_func, \
- int (*)(const PKCS7_RECIP_INFO **a, const PKCS7_RECIP_INFO **b), comp)))
-
-#define sk_PKCS7_RECIP_INFO_new_null() \
- ((STACK_OF(PKCS7_RECIP_INFO) *)sk_new_null())
-
-#define sk_PKCS7_RECIP_INFO_num(sk) \
- sk_num(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk))
-
-#define sk_PKCS7_RECIP_INFO_zero(sk) \
- sk_zero(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk));
-
-#define sk_PKCS7_RECIP_INFO_value(sk, i) \
- ((PKCS7_RECIP_INFO *)sk_value( \
- CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk), (i)))
-
-#define sk_PKCS7_RECIP_INFO_set(sk, i, p) \
- ((PKCS7_RECIP_INFO *)sk_set( \
- CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), (i), \
- CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p)))
-
-#define sk_PKCS7_RECIP_INFO_free(sk) \
- sk_free(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk))
-
-#define sk_PKCS7_RECIP_INFO_pop_free(sk, free_func) \
- sk_pop_free( \
- CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \
- CHECKED_CAST(void (*)(void *), void (*)(PKCS7_RECIP_INFO *), free_func))
-
-#define sk_PKCS7_RECIP_INFO_insert(sk, p, where) \
- sk_insert(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \
- CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p), (where))
-
-#define sk_PKCS7_RECIP_INFO_delete(sk, where) \
- ((PKCS7_RECIP_INFO *)sk_delete( \
- CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), (where)))
-
-#define sk_PKCS7_RECIP_INFO_delete_ptr(sk, p) \
- ((PKCS7_RECIP_INFO *)sk_delete_ptr( \
- CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \
- CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p)))
-
-#define sk_PKCS7_RECIP_INFO_find(sk, out_index, p) \
- sk_find(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \
- (out_index), CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p))
-
-#define sk_PKCS7_RECIP_INFO_shift(sk) \
- ((PKCS7_RECIP_INFO *)sk_shift( \
- CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk)))
-
-#define sk_PKCS7_RECIP_INFO_push(sk, p) \
- sk_push(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \
- CHECKED_CAST(void *, PKCS7_RECIP_INFO *, p))
-
-#define sk_PKCS7_RECIP_INFO_pop(sk) \
- ((PKCS7_RECIP_INFO *)sk_pop( \
- CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk)))
-
-#define sk_PKCS7_RECIP_INFO_dup(sk) \
- ((STACK_OF(PKCS7_RECIP_INFO) *)sk_dup( \
- CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk)))
-
-#define sk_PKCS7_RECIP_INFO_sort(sk) \
- sk_sort(CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk))
-
-#define sk_PKCS7_RECIP_INFO_is_sorted(sk) \
- sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk))
-
-#define sk_PKCS7_RECIP_INFO_set_cmp_func(sk, comp) \
- ((int (*)(const PKCS7_RECIP_INFO **a, const PKCS7_RECIP_INFO **b)) \
- sk_set_cmp_func( \
- CHECKED_CAST(_STACK *, STACK_OF(PKCS7_RECIP_INFO) *, sk), \
- CHECKED_CAST(stack_cmp_func, int (*)(const PKCS7_RECIP_INFO **a, \
- const PKCS7_RECIP_INFO **b), \
- comp)))
-
-#define sk_PKCS7_RECIP_INFO_deep_copy(sk, copy_func, free_func) \
- ((STACK_OF(PKCS7_RECIP_INFO) *)sk_deep_copy( \
- CHECKED_CAST(const _STACK *, const STACK_OF(PKCS7_RECIP_INFO) *, sk), \
- CHECKED_CAST(void *(*)(void *), \
- PKCS7_RECIP_INFO *(*)(PKCS7_RECIP_INFO *), copy_func), \
- CHECKED_CAST(void (*)(void *), void (*)(PKCS7_RECIP_INFO *), \
- free_func)))
-
/* POLICYINFO */
#define sk_POLICYINFO_new(comp) \
((STACK_OF(POLICYINFO) *)sk_new(CHECKED_CAST( \
@@ -1937,6 +1937,99 @@
copy_func), \
CHECKED_CAST(void (*)(void *), void (*)(POLICY_MAPPING *), free_func)))
+/* RSA_additional_prime */
+#define sk_RSA_additional_prime_new(comp) \
+ ((STACK_OF(RSA_additional_prime) *)sk_new(CHECKED_CAST( \
+ stack_cmp_func, \
+ int (*)(const RSA_additional_prime **a, const RSA_additional_prime **b), \
+ comp)))
+
+#define sk_RSA_additional_prime_new_null() \
+ ((STACK_OF(RSA_additional_prime) *)sk_new_null())
+
+#define sk_RSA_additional_prime_num(sk) \
+ sk_num(CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk))
+
+#define sk_RSA_additional_prime_zero(sk) \
+ sk_zero(CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk));
+
+#define sk_RSA_additional_prime_value(sk, i) \
+ ((RSA_additional_prime *)sk_value( \
+ CHECKED_CAST(_STACK *, const STACK_OF(RSA_additional_prime) *, sk), \
+ (i)))
+
+#define sk_RSA_additional_prime_set(sk, i, p) \
+ ((RSA_additional_prime *)sk_set( \
+ CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk), (i), \
+ CHECKED_CAST(void *, RSA_additional_prime *, p)))
+
+#define sk_RSA_additional_prime_free(sk) \
+ sk_free(CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk))
+
+#define sk_RSA_additional_prime_pop_free(sk, free_func) \
+ sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk), \
+ CHECKED_CAST(void (*)(void *), void (*)(RSA_additional_prime *), \
+ free_func))
+
+#define sk_RSA_additional_prime_insert(sk, p, where) \
+ sk_insert(CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk), \
+ CHECKED_CAST(void *, RSA_additional_prime *, p), (where))
+
+#define sk_RSA_additional_prime_delete(sk, where) \
+ ((RSA_additional_prime *)sk_delete( \
+ CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk), (where)))
+
+#define sk_RSA_additional_prime_delete_ptr(sk, p) \
+ ((RSA_additional_prime *)sk_delete_ptr( \
+ CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk), \
+ CHECKED_CAST(void *, RSA_additional_prime *, p)))
+
+#define sk_RSA_additional_prime_find(sk, out_index, p) \
+ sk_find(CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk), \
+ (out_index), CHECKED_CAST(void *, RSA_additional_prime *, p))
+
+#define sk_RSA_additional_prime_shift(sk) \
+ ((RSA_additional_prime *)sk_shift( \
+ CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk)))
+
+#define sk_RSA_additional_prime_push(sk, p) \
+ sk_push(CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk), \
+ CHECKED_CAST(void *, RSA_additional_prime *, p))
+
+#define sk_RSA_additional_prime_pop(sk) \
+ ((RSA_additional_prime *)sk_pop( \
+ CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk)))
+
+#define sk_RSA_additional_prime_dup(sk) \
+ ((STACK_OF(RSA_additional_prime) *)sk_dup( \
+ CHECKED_CAST(_STACK *, const STACK_OF(RSA_additional_prime) *, sk)))
+
+#define sk_RSA_additional_prime_sort(sk) \
+ sk_sort(CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk))
+
+#define sk_RSA_additional_prime_is_sorted(sk) \
+ sk_is_sorted( \
+ CHECKED_CAST(_STACK *, const STACK_OF(RSA_additional_prime) *, sk))
+
+#define sk_RSA_additional_prime_set_cmp_func(sk, comp) \
+ ((int (*)(const RSA_additional_prime **a, const RSA_additional_prime **b)) \
+ sk_set_cmp_func( \
+ CHECKED_CAST(_STACK *, STACK_OF(RSA_additional_prime) *, sk), \
+ CHECKED_CAST(stack_cmp_func, \
+ int (*)(const RSA_additional_prime **a, \
+ const RSA_additional_prime **b), \
+ comp)))
+
+#define sk_RSA_additional_prime_deep_copy(sk, copy_func, free_func) \
+ ((STACK_OF(RSA_additional_prime) *)sk_deep_copy( \
+ CHECKED_CAST(const _STACK *, const STACK_OF(RSA_additional_prime) *, \
+ sk), \
+ CHECKED_CAST(void *(*)(void *), \
+ RSA_additional_prime *(*)(RSA_additional_prime *), \
+ copy_func), \
+ CHECKED_CAST(void (*)(void *), void (*)(RSA_additional_prime *), \
+ free_func)))
+
/* SSL_COMP */
#define sk_SSL_COMP_new(comp) \
((STACK_OF(SSL_COMP) *)sk_new(CHECKED_CAST( \
@@ -2013,6 +2106,99 @@
CHECKED_CAST(void *(*)(void *), SSL_COMP *(*)(SSL_COMP *), copy_func), \
CHECKED_CAST(void (*)(void *), void (*)(SSL_COMP *), free_func)))
+/* SSL_CUSTOM_EXTENSION */
+#define sk_SSL_CUSTOM_EXTENSION_new(comp) \
+ ((STACK_OF(SSL_CUSTOM_EXTENSION) *)sk_new(CHECKED_CAST( \
+ stack_cmp_func, \
+ int (*)(const SSL_CUSTOM_EXTENSION **a, const SSL_CUSTOM_EXTENSION **b), \
+ comp)))
+
+#define sk_SSL_CUSTOM_EXTENSION_new_null() \
+ ((STACK_OF(SSL_CUSTOM_EXTENSION) *)sk_new_null())
+
+#define sk_SSL_CUSTOM_EXTENSION_num(sk) \
+ sk_num(CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk))
+
+#define sk_SSL_CUSTOM_EXTENSION_zero(sk) \
+ sk_zero(CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk));
+
+#define sk_SSL_CUSTOM_EXTENSION_value(sk, i) \
+ ((SSL_CUSTOM_EXTENSION *)sk_value( \
+ CHECKED_CAST(_STACK *, const STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), \
+ (i)))
+
+#define sk_SSL_CUSTOM_EXTENSION_set(sk, i, p) \
+ ((SSL_CUSTOM_EXTENSION *)sk_set( \
+ CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), (i), \
+ CHECKED_CAST(void *, SSL_CUSTOM_EXTENSION *, p)))
+
+#define sk_SSL_CUSTOM_EXTENSION_free(sk) \
+ sk_free(CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk))
+
+#define sk_SSL_CUSTOM_EXTENSION_pop_free(sk, free_func) \
+ sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), \
+ CHECKED_CAST(void (*)(void *), void (*)(SSL_CUSTOM_EXTENSION *), \
+ free_func))
+
+#define sk_SSL_CUSTOM_EXTENSION_insert(sk, p, where) \
+ sk_insert(CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), \
+ CHECKED_CAST(void *, SSL_CUSTOM_EXTENSION *, p), (where))
+
+#define sk_SSL_CUSTOM_EXTENSION_delete(sk, where) \
+ ((SSL_CUSTOM_EXTENSION *)sk_delete( \
+ CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), (where)))
+
+#define sk_SSL_CUSTOM_EXTENSION_delete_ptr(sk, p) \
+ ((SSL_CUSTOM_EXTENSION *)sk_delete_ptr( \
+ CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), \
+ CHECKED_CAST(void *, SSL_CUSTOM_EXTENSION *, p)))
+
+#define sk_SSL_CUSTOM_EXTENSION_find(sk, out_index, p) \
+ sk_find(CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), \
+ (out_index), CHECKED_CAST(void *, SSL_CUSTOM_EXTENSION *, p))
+
+#define sk_SSL_CUSTOM_EXTENSION_shift(sk) \
+ ((SSL_CUSTOM_EXTENSION *)sk_shift( \
+ CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk)))
+
+#define sk_SSL_CUSTOM_EXTENSION_push(sk, p) \
+ sk_push(CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), \
+ CHECKED_CAST(void *, SSL_CUSTOM_EXTENSION *, p))
+
+#define sk_SSL_CUSTOM_EXTENSION_pop(sk) \
+ ((SSL_CUSTOM_EXTENSION *)sk_pop( \
+ CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk)))
+
+#define sk_SSL_CUSTOM_EXTENSION_dup(sk) \
+ ((STACK_OF(SSL_CUSTOM_EXTENSION) *)sk_dup( \
+ CHECKED_CAST(_STACK *, const STACK_OF(SSL_CUSTOM_EXTENSION) *, sk)))
+
+#define sk_SSL_CUSTOM_EXTENSION_sort(sk) \
+ sk_sort(CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk))
+
+#define sk_SSL_CUSTOM_EXTENSION_is_sorted(sk) \
+ sk_is_sorted( \
+ CHECKED_CAST(_STACK *, const STACK_OF(SSL_CUSTOM_EXTENSION) *, sk))
+
+#define sk_SSL_CUSTOM_EXTENSION_set_cmp_func(sk, comp) \
+ ((int (*)(const SSL_CUSTOM_EXTENSION **a, const SSL_CUSTOM_EXTENSION **b)) \
+ sk_set_cmp_func( \
+ CHECKED_CAST(_STACK *, STACK_OF(SSL_CUSTOM_EXTENSION) *, sk), \
+ CHECKED_CAST(stack_cmp_func, \
+ int (*)(const SSL_CUSTOM_EXTENSION **a, \
+ const SSL_CUSTOM_EXTENSION **b), \
+ comp)))
+
+#define sk_SSL_CUSTOM_EXTENSION_deep_copy(sk, copy_func, free_func) \
+ ((STACK_OF(SSL_CUSTOM_EXTENSION) *)sk_deep_copy( \
+ CHECKED_CAST(const _STACK *, const STACK_OF(SSL_CUSTOM_EXTENSION) *, \
+ sk), \
+ CHECKED_CAST(void *(*)(void *), \
+ SSL_CUSTOM_EXTENSION *(*)(SSL_CUSTOM_EXTENSION *), \
+ copy_func), \
+ CHECKED_CAST(void (*)(void *), void (*)(SSL_CUSTOM_EXTENSION *), \
+ free_func)))
+
/* STACK_OF_X509_NAME_ENTRY */
#define sk_STACK_OF_X509_NAME_ENTRY_new(comp) \
((STACK_OF(STACK_OF_X509_NAME_ENTRY) *)sk_new(CHECKED_CAST( \
@@ -3591,25 +3777,25 @@
#define sk_void_new_null() ((STACK_OF(void)*)sk_new_null())
-#define sk_void_num(sk) sk_num(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk))
+#define sk_void_num(sk) sk_num(CHECKED_CAST(_STACK *, STACK_OF(void) *, sk))
-#define sk_void_zero(sk) sk_zero(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk));
+#define sk_void_zero(sk) sk_zero(CHECKED_CAST(_STACK *, STACK_OF(void) *, sk));
#define sk_void_value(sk, i) \
- ((void *)sk_value(CHECKED_CAST(_STACK *, const STACK_OF(void)*, sk), (i)))
+ ((void *)sk_value(CHECKED_CAST(_STACK *, const STACK_OF(void) *, sk), (i)))
#define sk_void_set(sk, i, p) \
((void *)sk_set(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), (i), \
CHECKED_CAST(void *, void *, p)))
-#define sk_void_free(sk) sk_free(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk))
+#define sk_void_free(sk) sk_free(CHECKED_CAST(_STACK *, STACK_OF(void) *, sk))
-#define sk_void_pop_free(sk, free_func) \
- sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), \
+#define sk_void_pop_free(sk, free_func) \
+ sk_pop_free(CHECKED_CAST(_STACK *, STACK_OF(void) *, sk), \
CHECKED_CAST(void (*)(void *), void (*)(void *), free_func))
-#define sk_void_insert(sk, p, where) \
- sk_insert(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), \
+#define sk_void_insert(sk, p, where) \
+ sk_insert(CHECKED_CAST(_STACK *, STACK_OF(void) *, sk), \
CHECKED_CAST(void *, void *, p), (where))
#define sk_void_delete(sk, where) \
@@ -3619,27 +3805,27 @@
((void *)sk_delete_ptr(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), \
CHECKED_CAST(void *, void *, p)))
-#define sk_void_find(sk, out_index, p) \
- sk_find(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), (out_index), \
+#define sk_void_find(sk, out_index, p) \
+ sk_find(CHECKED_CAST(_STACK *, STACK_OF(void) *, sk), (out_index), \
CHECKED_CAST(void *, void *, p))
#define sk_void_shift(sk) \
((void *)sk_shift(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk)))
-#define sk_void_push(sk, p) \
- sk_push(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk), \
+#define sk_void_push(sk, p) \
+ sk_push(CHECKED_CAST(_STACK *, STACK_OF(void) *, sk), \
CHECKED_CAST(void *, void *, p))
#define sk_void_pop(sk) \
((void *)sk_pop(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk)))
#define sk_void_dup(sk) \
- ((STACK_OF(void)*)sk_dup(CHECKED_CAST(_STACK *, const STACK_OF(void)*, sk)))
+ ((STACK_OF(void)*)sk_dup(CHECKED_CAST(_STACK *, const STACK_OF(void) *, sk)))
-#define sk_void_sort(sk) sk_sort(CHECKED_CAST(_STACK *, STACK_OF(void)*, sk))
+#define sk_void_sort(sk) sk_sort(CHECKED_CAST(_STACK *, STACK_OF(void) *, sk))
#define sk_void_is_sorted(sk) \
- sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(void)*, sk))
+ sk_is_sorted(CHECKED_CAST(_STACK *, const STACK_OF(void) *, sk))
#define sk_void_set_cmp_func(sk, comp) \
((int (*)(const void **a, const void **b))sk_set_cmp_func( \
@@ -3649,7 +3835,7 @@
#define sk_void_deep_copy(sk, copy_func, free_func) \
((STACK_OF(void)*)sk_deep_copy( \
- CHECKED_CAST(const _STACK *, const STACK_OF(void)*, sk), \
+ CHECKED_CAST(const _STACK *, const STACK_OF(void) *, sk), \
CHECKED_CAST(void *(*)(void *), void *(*)(void *), copy_func), \
CHECKED_CAST(void (*)(void *), void (*)(void *), free_func)))
diff --git a/src/include/openssl/tls1.h b/src/include/openssl/tls1.h
index f2bee27..7d16b55 100644
--- a/src/include/openssl/tls1.h
+++ b/src/include/openssl/tls1.h
@@ -209,7 +209,7 @@ extern "C" {
#define TLSEXT_TYPE_signature_algorithms 13
/* ExtensionType value from RFC5764 */
-#define TLSEXT_TYPE_use_srtp 14
+#define TLSEXT_TYPE_srtp 14
/* ExtensionType value from RFC5620 */
#define TLSEXT_TYPE_heartbeat 15
@@ -239,8 +239,7 @@ extern "C" {
#define TLSEXT_TYPE_next_proto_neg 13172
/* This is not an IANA defined extension number */
-#define TLSEXT_TYPE_channel_id 30031
-#define TLSEXT_TYPE_channel_id_new 30032
+#define TLSEXT_TYPE_channel_id 30032
/* NameType value from RFC 3546 */
#define TLSEXT_NAMETYPE_host_name 0
@@ -291,14 +290,6 @@ OPENSSL_EXPORT int SSL_export_keying_material(
SSL *s, uint8_t *out, size_t out_len, const char *label, size_t label_len,
const uint8_t *context, size_t context_len, int use_context);
-OPENSSL_EXPORT int SSL_get_sigalgs(SSL *s, int idx, int *psign, int *phash,
- int *psignandhash, uint8_t *rsig,
- uint8_t *rhash);
-
-OPENSSL_EXPORT int SSL_get_shared_sigalgs(SSL *s, int idx, int *psign,
- int *phash, int *psignandhash,
- uint8_t *rsig, uint8_t *rhash);
-
/* SSL_set_tlsext_host_name, for a client, configures |ssl| to advertise |name|
* in the server_name extension. It returns one on success and zero on error. */
OPENSSL_EXPORT int SSL_set_tlsext_host_name(SSL *ssl, const char *name);
@@ -322,39 +313,6 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_servername_callback(
* callback and returns one. See |SSL_CTX_set_tlsext_servername_callback|. */
OPENSSL_EXPORT int SSL_CTX_set_tlsext_servername_arg(SSL_CTX *ctx, void *arg);
-#define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
- SSL_CTX_ctrl((ctx), SSL_CTRL_GET_TLSEXT_TICKET_KEYS, (keylen), (keys))
-#define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
- SSL_CTX_ctrl((ctx), SSL_CTRL_SET_TLSEXT_TICKET_KEYS, (keylen), (keys))
-
-/* SSL_CTX_set_tlsext_ticket_key_cb sets the ticket callback to |callback| and
- * returns one. |callback| will be called when encrypting a new ticket and when
- * decrypting a ticket from the client.
- *
- * In both modes, |ctx| and |hmac_ctx| will already have been initialized with
- * |EVP_CIPHER_CTX_init| and |HMAC_CTX_init|, respectively. |callback|
- * configures |hmac_ctx| with an HMAC digest and key, and configures |ctx|
- * for encryption or decryption, based on the mode.
- *
- * When encrypting a new ticket, |encrypt| will be one. It writes a public
- * 16-byte key name to |key_name| and a fresh IV to |iv|. The output IV length
- * must match |EVP_CIPHER_CTX_iv_length| of the cipher selected. In this mode,
- * |callback| returns 1 on success and -1 on error.
- *
- * When decrypting a ticket, |encrypt| will be zero. |key_name| will point to a
- * 16-byte key name and |iv| points to an IV. The length of the IV consumed must
- * match |EVP_CIPHER_CTX_iv_length| of the cipher selected. In this mode,
- * |callback| returns -1 to abort the handshake, 0 if decrypting the ticket
- * failed, and 1 or 2 on success. If it returns 2, the ticket will be renewed.
- * This may be used to re-key the ticket.
- *
- * WARNING: |callback| wildly breaks the usual return value convention and is
- * called in two different modes. */
-OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_key_cb(
- SSL_CTX *ctx, int (*callback)(SSL *ssl, uint8_t *key_name, uint8_t *iv,
- EVP_CIPHER_CTX *ctx, HMAC_CTX *hmac_ctx,
- int encrypt));
-
/* PSK ciphersuites from 4279 */
#define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A
#define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA 0x0300008B
@@ -514,7 +472,6 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_key_cb(
#define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305 0x0300CC13
#define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305 0x0300CC14
-#define TLS1_CK_DHE_RSA_CHACHA20_POLY1305 0x0300CC15
/* XXX
* Inconsistency alert:
diff --git a/src/include/openssl/x509.h b/src/include/openssl/x509.h
index 69c7da6..f6b3af0 100644
--- a/src/include/openssl/x509.h
+++ b/src/include/openssl/x509.h
@@ -102,22 +102,22 @@ extern "C" {
#define X509v3_KU_DECIPHER_ONLY 0x8000
#define X509v3_KU_UNDEF 0xffff
-typedef struct X509_objects_st
+struct X509_objects_st
{
int nid;
int (*a2i)(void);
int (*i2a)(void);
- } X509_OBJECTS;
+ } /* X509_OBJECTS */;
DECLARE_ASN1_SET_OF(X509_ALGOR)
typedef STACK_OF(X509_ALGOR) X509_ALGORS;
-typedef struct X509_val_st
+struct X509_val_st
{
ASN1_TIME *notBefore;
ASN1_TIME *notAfter;
- } X509_VAL;
+ } /* X509_VAL */;
struct X509_pubkey_st
{
@@ -126,25 +126,25 @@ struct X509_pubkey_st
EVP_PKEY *pkey;
};
-typedef struct X509_sig_st
+struct X509_sig_st
{
X509_ALGOR *algor;
ASN1_OCTET_STRING *digest;
- } X509_SIG;
+ } /* X509_SIG */;
-typedef struct X509_name_entry_st
+struct X509_name_entry_st
{
ASN1_OBJECT *object;
ASN1_STRING *value;
int set;
int size; /* temp variable */
- } X509_NAME_ENTRY;
+ } /* X509_NAME_ENTRY */;
DECLARE_STACK_OF(X509_NAME_ENTRY)
DECLARE_ASN1_SET_OF(X509_NAME_ENTRY)
/* we always keep X509_NAMEs in 2 forms. */
-typedef struct X509_name_st
+struct X509_name_st
{
STACK_OF(X509_NAME_ENTRY) *entries;
int modified; /* true if 'bytes' needs to be built */
@@ -156,18 +156,18 @@ typedef struct X509_name_st
/* unsigned long hash; Keep the hash around for lookups */
unsigned char *canon_enc;
int canon_enclen;
- } X509_NAME;
+ } /* X509_NAME */;
DECLARE_STACK_OF(X509_NAME)
#define X509_EX_V_NETSCAPE_HACK 0x8000
#define X509_EX_V_INIT 0x0001
-typedef struct X509_extension_st
+struct X509_extension_st
{
ASN1_OBJECT *object;
ASN1_BOOLEAN critical;
ASN1_OCTET_STRING *value;
- } X509_EXTENSION;
+ } /* X509_EXTENSION */;
typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
@@ -175,7 +175,7 @@ DECLARE_STACK_OF(X509_EXTENSION)
DECLARE_ASN1_SET_OF(X509_EXTENSION)
/* a sequence of these are used */
-typedef struct x509_attributes_st
+struct x509_attributes_st
{
ASN1_OBJECT *object;
int single; /* 0 for a set, 1 for a single item (which is wrong) */
@@ -184,13 +184,13 @@ typedef struct x509_attributes_st
/* 0 */ STACK_OF(ASN1_TYPE) *set;
/* 1 */ ASN1_TYPE *single;
} value;
- } X509_ATTRIBUTE;
+ } /* X509_ATTRIBUTE */;
DECLARE_STACK_OF(X509_ATTRIBUTE)
DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
-typedef struct X509_req_info_st
+struct X509_req_info_st
{
ASN1_ENCODING enc;
ASN1_INTEGER *version;
@@ -198,17 +198,17 @@ typedef struct X509_req_info_st
X509_PUBKEY *pubkey;
/* d=2 hl=2 l= 0 cons: cont: 00 */
STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
- } X509_REQ_INFO;
+ } /* X509_REQ_INFO */;
-typedef struct X509_req_st
+struct X509_req_st
{
X509_REQ_INFO *req_info;
X509_ALGOR *sig_alg;
ASN1_BIT_STRING *signature;
CRYPTO_refcount_t references;
- } X509_REQ;
+ } /* X509_REQ */;
-typedef struct x509_cinf_st
+struct x509_cinf_st
{
ASN1_INTEGER *version; /* [ 0 ] default of v1 */
ASN1_INTEGER *serialNumber;
@@ -221,7 +221,7 @@ typedef struct x509_cinf_st
ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
ASN1_ENCODING enc;
- } X509_CINF;
+ } /* X509_CINF */;
/* This stuff is certificate "auxiliary info"
* it contains details which are useful in certificate
@@ -229,14 +229,14 @@ typedef struct x509_cinf_st
* the end of the certificate itself
*/
-typedef struct x509_cert_aux_st
+struct x509_cert_aux_st
{
STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
ASN1_UTF8STRING *alias; /* "friendly name" */
ASN1_OCTET_STRING *keyid; /* key id of private key */
STACK_OF(X509_ALGOR) *other; /* other unspecified info */
- } X509_CERT_AUX;
+ } /* X509_CERT_AUX */;
struct x509_st
{
@@ -269,21 +269,21 @@ DECLARE_ASN1_SET_OF(X509)
/* This is used for a table of trust checking functions */
-typedef struct x509_trust_st {
+struct x509_trust_st {
int trust;
int flags;
int (*check_trust)(struct x509_trust_st *, X509 *, int);
char *name;
int arg1;
void *arg2;
-} X509_TRUST;
+} /* X509_TRUST */;
DECLARE_STACK_OF(X509_TRUST)
-typedef struct x509_cert_pair_st {
+struct x509_cert_pair_st {
X509 *forward;
X509 *reverse;
-} X509_CERT_PAIR;
+} /* X509_CERT_PAIR */;
/* standard trust ids */
@@ -403,7 +403,7 @@ struct x509_revoked_st
DECLARE_STACK_OF(X509_REVOKED)
DECLARE_ASN1_SET_OF(X509_REVOKED)
-typedef struct X509_crl_info_st
+struct X509_crl_info_st
{
ASN1_INTEGER *version;
X509_ALGOR *sig_alg;
@@ -413,7 +413,7 @@ typedef struct X509_crl_info_st
STACK_OF(X509_REVOKED) *revoked;
STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
ASN1_ENCODING enc;
- } X509_CRL_INFO;
+ } /* X509_CRL_INFO */;
struct X509_crl_st
{
@@ -441,7 +441,7 @@ struct X509_crl_st
DECLARE_STACK_OF(X509_CRL)
DECLARE_ASN1_SET_OF(X509_CRL)
-typedef struct private_key_st
+struct private_key_st
{
int version;
/* The PKCS#8 data types */
@@ -458,10 +458,10 @@ typedef struct private_key_st
/* expanded version of 'enc_algor' */
EVP_CIPHER_INFO cipher;
- } X509_PKEY;
+ } /* X509_PKEY */;
#ifndef OPENSSL_NO_EVP
-typedef struct X509_info_st
+struct X509_info_st
{
X509 *x509;
X509_CRL *crl;
@@ -471,7 +471,7 @@ typedef struct X509_info_st
int enc_len;
char *enc_data;
- } X509_INFO;
+ } /* X509_INFO */;
DECLARE_STACK_OF(X509_INFO)
#endif
@@ -480,25 +480,25 @@ DECLARE_STACK_OF(X509_INFO)
* Pat Richard <patr@x509.com> and are used to manipulate
* Netscapes spki structures - useful if you are writing a CA web page
*/
-typedef struct Netscape_spkac_st
+struct Netscape_spkac_st
{
X509_PUBKEY *pubkey;
ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */
- } NETSCAPE_SPKAC;
+ } /* NETSCAPE_SPKAC */;
-typedef struct Netscape_spki_st
+struct Netscape_spki_st
{
NETSCAPE_SPKAC *spkac; /* signed public key and challenge */
X509_ALGOR *sig_algor;
ASN1_BIT_STRING *signature;
- } NETSCAPE_SPKI;
+ } /* NETSCAPE_SPKI */;
/* Netscape certificate sequence structure */
-typedef struct Netscape_certificate_sequence
+struct Netscape_certificate_sequence
{
ASN1_OBJECT *type;
STACK_OF(X509) *certs;
- } NETSCAPE_CERT_SEQUENCE;
+ } /* NETSCAPE_CERT_SEQUENCE */;
/* Unused (and iv length is wrong)
typedef struct CBCParameter_st
@@ -509,24 +509,24 @@ typedef struct CBCParameter_st
/* Password based encryption structure */
-typedef struct PBEPARAM_st {
+struct PBEPARAM_st {
ASN1_OCTET_STRING *salt;
ASN1_INTEGER *iter;
-} PBEPARAM;
+} /* PBEPARAM */;
/* Password based encryption V2 structures */
-typedef struct PBE2PARAM_st {
+struct PBE2PARAM_st {
X509_ALGOR *keyfunc;
X509_ALGOR *encryption;
-} PBE2PARAM;
+} /* PBE2PARAM */;
-typedef struct PBKDF2PARAM_st {
+struct PBKDF2PARAM_st {
ASN1_TYPE *salt; /* Usually OCTET STRING but could be anything */
ASN1_INTEGER *iter;
ASN1_INTEGER *keylength;
X509_ALGOR *prf;
-} PBKDF2PARAM;
+} /* PBKDF2PARAM */;
/* PKCS#8 private key info structure */
@@ -896,6 +896,7 @@ OPENSSL_EXPORT int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
OPENSSL_EXPORT int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
OPENSSL_EXPORT int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
OPENSSL_EXPORT int X509_CRL_sort(X509_CRL *crl);
+OPENSSL_EXPORT void X509_CRL_up_ref(X509_CRL *crl);
OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
@@ -1217,65 +1218,6 @@ OPENSSL_EXPORT int PKCS7_get_PEM_CRLs(STACK_OF(X509_CRL) *out_crls,
}
#endif
-#define X509_F_ASN1_digest 100
-#define X509_F_ASN1_item_sign_ctx 101
-#define X509_F_ASN1_item_verify 102
-#define X509_F_NETSCAPE_SPKI_b64_decode 103
-#define X509_F_NETSCAPE_SPKI_b64_encode 104
-#define X509_F_PKCS7_get_certificates 105
-#define X509_F_X509_ATTRIBUTE_create_by_NID 106
-#define X509_F_X509_ATTRIBUTE_create_by_OBJ 107
-#define X509_F_X509_ATTRIBUTE_create_by_txt 108
-#define X509_F_X509_ATTRIBUTE_get0_data 109
-#define X509_F_X509_ATTRIBUTE_set1_data 110
-#define X509_F_X509_CRL_add0_revoked 111
-#define X509_F_X509_CRL_diff 112
-#define X509_F_X509_CRL_print_fp 113
-#define X509_F_X509_EXTENSION_create_by_NID 114
-#define X509_F_X509_EXTENSION_create_by_OBJ 115
-#define X509_F_X509_INFO_new 116
-#define X509_F_X509_NAME_ENTRY_create_by_NID 117
-#define X509_F_X509_NAME_ENTRY_create_by_txt 118
-#define X509_F_X509_NAME_ENTRY_set_object 119
-#define X509_F_X509_NAME_add_entry 120
-#define X509_F_X509_NAME_oneline 121
-#define X509_F_X509_NAME_print 122
-#define X509_F_X509_PKEY_new 123
-#define X509_F_X509_PUBKEY_get 124
-#define X509_F_X509_PUBKEY_set 125
-#define X509_F_X509_REQ_check_private_key 126
-#define X509_F_X509_REQ_to_X509 127
-#define X509_F_X509_STORE_CTX_get1_issuer 128
-#define X509_F_X509_STORE_CTX_init 129
-#define X509_F_X509_STORE_CTX_new 130
-#define X509_F_X509_STORE_CTX_purpose_inherit 131
-#define X509_F_X509_STORE_add_cert 132
-#define X509_F_X509_STORE_add_crl 133
-#define X509_F_X509_TRUST_add 134
-#define X509_F_X509_TRUST_set 135
-#define X509_F_X509_check_private_key 136
-#define X509_F_X509_get_pubkey_parameters 137
-#define X509_F_X509_load_cert_crl_file 138
-#define X509_F_X509_load_cert_file 139
-#define X509_F_X509_load_crl_file 140
-#define X509_F_X509_print_ex_fp 141
-#define X509_F_X509_to_X509_REQ 142
-#define X509_F_X509_verify_cert 143
-#define X509_F_X509at_add1_attr 144
-#define X509_F_X509v3_add_ext 145
-#define X509_F_add_cert_dir 146
-#define X509_F_by_file_ctrl 147
-#define X509_F_check_policy 148
-#define X509_F_dir_ctrl 149
-#define X509_F_get_cert_by_subject 150
-#define X509_F_i2d_DSA_PUBKEY 151
-#define X509_F_i2d_EC_PUBKEY 152
-#define X509_F_i2d_RSA_PUBKEY 153
-#define X509_F_x509_name_encode 154
-#define X509_F_x509_name_ex_d2i 155
-#define X509_F_x509_name_ex_new 156
-#define X509_F_pkcs7_parse_header 157
-#define X509_F_PKCS7_get_CRLs 158
#define X509_R_AKID_MISMATCH 100
#define X509_R_BAD_PKCS7_VERSION 101
#define X509_R_BAD_X509_FILETYPE 102
diff --git a/src/include/openssl/x509v3.h b/src/include/openssl/x509v3.h
index 5caa5c1..b7b8ba7 100644
--- a/src/include/openssl/x509v3.h
+++ b/src/include/openssl/x509v3.h
@@ -731,63 +731,6 @@ void ERR_load_X509V3_strings(void);
#ifdef __cplusplus
}
#endif
-#define X509V3_F_SXNET_add_id_INTEGER 100
-#define X509V3_F_SXNET_add_id_asc 101
-#define X509V3_F_SXNET_add_id_ulong 102
-#define X509V3_F_SXNET_get_id_asc 103
-#define X509V3_F_SXNET_get_id_ulong 104
-#define X509V3_F_X509V3_EXT_add 105
-#define X509V3_F_X509V3_EXT_add_alias 106
-#define X509V3_F_X509V3_EXT_free 107
-#define X509V3_F_X509V3_EXT_i2d 108
-#define X509V3_F_X509V3_EXT_nconf 109
-#define X509V3_F_X509V3_add1_i2d 110
-#define X509V3_F_X509V3_add_value 111
-#define X509V3_F_X509V3_get_section 112
-#define X509V3_F_X509V3_get_string 113
-#define X509V3_F_X509V3_get_value_bool 114
-#define X509V3_F_X509V3_parse_list 115
-#define X509V3_F_X509_PURPOSE_add 116
-#define X509V3_F_X509_PURPOSE_set 117
-#define X509V3_F_a2i_GENERAL_NAME 118
-#define X509V3_F_copy_email 119
-#define X509V3_F_copy_issuer 120
-#define X509V3_F_do_dirname 121
-#define X509V3_F_do_ext_i2d 122
-#define X509V3_F_do_ext_nconf 123
-#define X509V3_F_gnames_from_sectname 124
-#define X509V3_F_hex_to_string 125
-#define X509V3_F_i2s_ASN1_ENUMERATED 126
-#define X509V3_F_i2s_ASN1_IA5STRING 127
-#define X509V3_F_i2s_ASN1_INTEGER 128
-#define X509V3_F_i2v_AUTHORITY_INFO_ACCESS 129
-#define X509V3_F_notice_section 130
-#define X509V3_F_nref_nos 131
-#define X509V3_F_policy_section 132
-#define X509V3_F_process_pci_value 133
-#define X509V3_F_r2i_certpol 134
-#define X509V3_F_r2i_pci 135
-#define X509V3_F_s2i_ASN1_IA5STRING 136
-#define X509V3_F_s2i_ASN1_INTEGER 137
-#define X509V3_F_s2i_ASN1_OCTET_STRING 138
-#define X509V3_F_s2i_skey_id 139
-#define X509V3_F_set_dist_point_name 140
-#define X509V3_F_string_to_hex 141
-#define X509V3_F_v2i_ASN1_BIT_STRING 142
-#define X509V3_F_v2i_AUTHORITY_INFO_ACCESS 143
-#define X509V3_F_v2i_AUTHORITY_KEYID 144
-#define X509V3_F_v2i_BASIC_CONSTRAINTS 145
-#define X509V3_F_v2i_EXTENDED_KEY_USAGE 146
-#define X509V3_F_v2i_GENERAL_NAMES 147
-#define X509V3_F_v2i_GENERAL_NAME_ex 148
-#define X509V3_F_v2i_NAME_CONSTRAINTS 149
-#define X509V3_F_v2i_POLICY_CONSTRAINTS 150
-#define X509V3_F_v2i_POLICY_MAPPINGS 151
-#define X509V3_F_v2i_crld 152
-#define X509V3_F_v2i_idp 153
-#define X509V3_F_v2i_issuer_alt 154
-#define X509V3_F_v2i_subject_alt 155
-#define X509V3_F_v3_generic_extension 156
#define X509V3_R_BAD_IP_ADDRESS 100
#define X509V3_R_BAD_OBJECT 101
#define X509V3_R_BN_DEC2BN_ERROR 102