2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
11 #ifndef OPENSSL_CRYPTO_H
12 # define OPENSSL_CRYPTO_H
15 # include <openssl/macros.h>
17 # define HEADER_CRYPTO_H
23 # include <openssl/e_os2.h>
25 # ifndef OPENSSL_NO_STDIO
29 # include <openssl/safestack.h>
30 # include <openssl/opensslv.h>
31 # include <openssl/types.h>
32 # include <openssl/opensslconf.h>
33 # include <openssl/cryptoerr.h>
35 # ifdef CHARSET_EBCDIC
36 # include <openssl/ebcdic.h>
40 * Resolve problems on some operating systems with symbol names that clash
43 # include <openssl/symhacks.h>
45 # if !OPENSSL_API_1_1_0
46 # include <openssl/opensslv.h>
53 # if !OPENSSL_API_1_1_0
54 # define SSLeay OpenSSL_version_num
55 # define SSLeay_version OpenSSL_version
56 # define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
57 # define SSLEAY_VERSION OPENSSL_VERSION
58 # define SSLEAY_CFLAGS OPENSSL_CFLAGS
59 # define SSLEAY_BUILT_ON OPENSSL_BUILT_ON
60 # define SSLEAY_PLATFORM OPENSSL_PLATFORM
61 # define SSLEAY_DIR OPENSSL_DIR
64 * Old type for allocating dynamic locks. No longer used. Use the new thread
71 # endif /* OPENSSL_API_1_1_0 */
73 typedef void CRYPTO_RWLOCK;
75 CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void);
76 int CRYPTO_THREAD_read_lock(CRYPTO_RWLOCK *lock);
77 int CRYPTO_THREAD_write_lock(CRYPTO_RWLOCK *lock);
78 int CRYPTO_THREAD_unlock(CRYPTO_RWLOCK *lock);
79 void CRYPTO_THREAD_lock_free(CRYPTO_RWLOCK *lock);
81 int CRYPTO_atomic_add(int *val, int amount, int *ret, CRYPTO_RWLOCK *lock);
84 * The following can be used to detect memory leaks in the library. If
85 * used, it turns on malloc checking
87 # define CRYPTO_MEM_CHECK_OFF 0x0 /* Control only */
88 # define CRYPTO_MEM_CHECK_ON 0x1 /* Control and mode bit */
89 # define CRYPTO_MEM_CHECK_ENABLE 0x2 /* Control and mode bit */
90 # define CRYPTO_MEM_CHECK_DISABLE 0x3 /* Control only */
92 struct crypto_ex_data_st {
99 * Per class, we have a STACK of function pointers.
101 # define CRYPTO_EX_INDEX_SSL 0
102 # define CRYPTO_EX_INDEX_SSL_CTX 1
103 # define CRYPTO_EX_INDEX_SSL_SESSION 2
104 # define CRYPTO_EX_INDEX_X509 3
105 # define CRYPTO_EX_INDEX_X509_STORE 4
106 # define CRYPTO_EX_INDEX_X509_STORE_CTX 5
107 # define CRYPTO_EX_INDEX_DH 6
108 # define CRYPTO_EX_INDEX_DSA 7
109 # define CRYPTO_EX_INDEX_EC_KEY 8
110 # define CRYPTO_EX_INDEX_RSA 9
111 # define CRYPTO_EX_INDEX_ENGINE 10
112 # define CRYPTO_EX_INDEX_UI 11
113 # define CRYPTO_EX_INDEX_BIO 12
114 # define CRYPTO_EX_INDEX_APP 13
115 # define CRYPTO_EX_INDEX_UI_METHOD 14
116 # define CRYPTO_EX_INDEX_DRBG 15
117 # define CRYPTO_EX_INDEX_OPENSSL_CTX 16
118 # define CRYPTO_EX_INDEX__COUNT 17
120 /* No longer needed, so this is a no-op */
121 #define OPENSSL_malloc_init() while(0) continue
123 int CRYPTO_mem_ctrl(int mode);
125 # define OPENSSL_malloc(num) \
126 CRYPTO_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
127 # define OPENSSL_zalloc(num) \
128 CRYPTO_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
129 # define OPENSSL_realloc(addr, num) \
130 CRYPTO_realloc(addr, num, OPENSSL_FILE, OPENSSL_LINE)
131 # define OPENSSL_clear_realloc(addr, old_num, num) \
132 CRYPTO_clear_realloc(addr, old_num, num, OPENSSL_FILE, OPENSSL_LINE)
133 # define OPENSSL_clear_free(addr, num) \
134 CRYPTO_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
135 # define OPENSSL_free(addr) \
136 CRYPTO_free(addr, OPENSSL_FILE, OPENSSL_LINE)
137 # define OPENSSL_memdup(str, s) \
138 CRYPTO_memdup((str), s, OPENSSL_FILE, OPENSSL_LINE)
139 # define OPENSSL_strdup(str) \
140 CRYPTO_strdup(str, OPENSSL_FILE, OPENSSL_LINE)
141 # define OPENSSL_strndup(str, n) \
142 CRYPTO_strndup(str, n, OPENSSL_FILE, OPENSSL_LINE)
143 # define OPENSSL_secure_malloc(num) \
144 CRYPTO_secure_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
145 # define OPENSSL_secure_zalloc(num) \
146 CRYPTO_secure_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
147 # define OPENSSL_secure_free(addr) \
148 CRYPTO_secure_free(addr, OPENSSL_FILE, OPENSSL_LINE)
149 # define OPENSSL_secure_clear_free(addr, num) \
150 CRYPTO_secure_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
151 # define OPENSSL_secure_actual_size(ptr) \
152 CRYPTO_secure_actual_size(ptr)
154 size_t OPENSSL_strlcpy(char *dst, const char *src, size_t siz);
155 size_t OPENSSL_strlcat(char *dst, const char *src, size_t siz);
156 size_t OPENSSL_strnlen(const char *str, size_t maxlen);
157 int OPENSSL_buf2hexstr_ex(char *str, size_t str_n, size_t *strlen,
158 const unsigned char *buf, size_t buflen);
159 char *OPENSSL_buf2hexstr(const unsigned char *buf, long buflen);
160 int OPENSSL_hexstr2buf_ex(unsigned char *buf, size_t buf_n, size_t *buflen,
162 unsigned char *OPENSSL_hexstr2buf(const char *str, long *buflen);
163 int OPENSSL_hexchar2int(unsigned char c);
165 # define OPENSSL_MALLOC_MAX_NELEMS(type) (((1U<<(sizeof(int)*8-1))-1)/sizeof(type))
168 * These functions return the values of OPENSSL_VERSION_MAJOR,
169 * OPENSSL_VERSION_MINOR, OPENSSL_VERSION_PATCH, OPENSSL_VERSION_PRE_RELEASE
170 * and OPENSSL_VERSION_BUILD_METADATA, respectively.
172 unsigned int OPENSSL_version_major(void);
173 unsigned int OPENSSL_version_minor(void);
174 unsigned int OPENSSL_version_patch(void);
175 const char *OPENSSL_version_pre_release(void);
176 const char *OPENSSL_version_build_metadata(void);
178 unsigned long OpenSSL_version_num(void);
179 const char *OpenSSL_version(int type);
180 # define OPENSSL_VERSION 0
181 # define OPENSSL_CFLAGS 1
182 # define OPENSSL_BUILT_ON 2
183 # define OPENSSL_PLATFORM 3
184 # define OPENSSL_DIR 4
185 # define OPENSSL_ENGINES_DIR 5
186 # define OPENSSL_VERSION_STRING 6
187 # define OPENSSL_FULL_VERSION_STRING 7
188 # define OPENSSL_MODULES_DIR 8
189 # define OPENSSL_CPU_INFO 9
191 const char *OPENSSL_info(int type);
193 * The series starts at 1001 to avoid confusion with the OpenSSL_version
196 # define OPENSSL_INFO_CONFIG_DIR 1001
197 # define OPENSSL_INFO_ENGINES_DIR 1002
198 # define OPENSSL_INFO_MODULES_DIR 1003
199 # define OPENSSL_INFO_DSO_EXTENSION 1004
200 # define OPENSSL_INFO_DIR_FILENAME_SEPARATOR 1005
201 # define OPENSSL_INFO_LIST_SEPARATOR 1006
202 # define OPENSSL_INFO_SEED_SOURCE 1007
203 # define OPENSSL_INFO_CPU_SETTINGS 1008
205 int OPENSSL_issetugid(void);
207 typedef void CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
208 int idx, long argl, void *argp);
209 typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
210 int idx, long argl, void *argp);
211 typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
212 void *from_d, int idx, long argl, void *argp);
213 __owur int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
214 CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
215 CRYPTO_EX_free *free_func);
216 /* No longer use an index. */
217 int CRYPTO_free_ex_index(int class_index, int idx);
220 * Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
221 * given class (invokes whatever per-class callbacks are applicable)
223 int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
224 int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
225 const CRYPTO_EX_DATA *from);
227 void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
229 /* Allocate a single item in the CRYPTO_EX_DATA variable */
230 int CRYPTO_alloc_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad,
234 * Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
235 * index (relative to the class type involved)
237 int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val);
238 void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx);
240 # if !OPENSSL_API_1_1_0
242 * This function cleans up all "ex_data" state. It mustn't be called under
243 * potential race-conditions.
245 # define CRYPTO_cleanup_all_ex_data() while(0) continue
248 * The old locking functions have been removed completely without compatibility
249 * macros. This is because the old functions either could not properly report
250 * errors, or the returned error values were not clearly documented.
251 * Replacing the locking functions with no-ops would cause race condition
252 * issues in the affected applications. It is far better for them to fail at
254 * On the other hand, the locking callbacks are no longer used. Consequently,
255 * the callback management functions can be safely replaced with no-op macros.
257 # define CRYPTO_num_locks() (1)
258 # define CRYPTO_set_locking_callback(func)
259 # define CRYPTO_get_locking_callback() (NULL)
260 # define CRYPTO_set_add_lock_callback(func)
261 # define CRYPTO_get_add_lock_callback() (NULL)
264 * These defines where used in combination with the old locking callbacks,
265 * they are not called anymore, but old code that's not called might still
268 # define CRYPTO_LOCK 1
269 # define CRYPTO_UNLOCK 2
270 # define CRYPTO_READ 4
271 # define CRYPTO_WRITE 8
273 /* This structure is no longer used */
274 typedef struct crypto_threadid_st {
277 /* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
278 # define CRYPTO_THREADID_set_numeric(id, val)
279 # define CRYPTO_THREADID_set_pointer(id, ptr)
280 # define CRYPTO_THREADID_set_callback(threadid_func) (0)
281 # define CRYPTO_THREADID_get_callback() (NULL)
282 # define CRYPTO_THREADID_current(id)
283 # define CRYPTO_THREADID_cmp(a, b) (-1)
284 # define CRYPTO_THREADID_cpy(dest, src)
285 # define CRYPTO_THREADID_hash(id) (0UL)
287 # if !OPENSSL_API_1_0_0
288 # define CRYPTO_set_id_callback(func)
289 # define CRYPTO_get_id_callback() (NULL)
290 # define CRYPTO_thread_id() (0UL)
291 # endif /* OPENSSL_API_1_0_0 */
293 # define CRYPTO_set_dynlock_create_callback(dyn_create_function)
294 # define CRYPTO_set_dynlock_lock_callback(dyn_lock_function)
295 # define CRYPTO_set_dynlock_destroy_callback(dyn_destroy_function)
296 # define CRYPTO_get_dynlock_create_callback() (NULL)
297 # define CRYPTO_get_dynlock_lock_callback() (NULL)
298 # define CRYPTO_get_dynlock_destroy_callback() (NULL)
299 # endif /* OPENSSL_API_1_1_0 */
301 int CRYPTO_set_mem_functions(
302 void *(*m) (size_t, const char *, int),
303 void *(*r) (void *, size_t, const char *, int),
304 void (*f) (void *, const char *, int));
305 int CRYPTO_set_mem_debug(int flag);
306 void CRYPTO_get_mem_functions(
307 void *(**m) (size_t, const char *, int),
308 void *(**r) (void *, size_t, const char *, int),
309 void (**f) (void *, const char *, int));
311 void *CRYPTO_malloc(size_t num, const char *file, int line);
312 void *CRYPTO_zalloc(size_t num, const char *file, int line);
313 void *CRYPTO_memdup(const void *str, size_t siz, const char *file, int line);
314 char *CRYPTO_strdup(const char *str, const char *file, int line);
315 char *CRYPTO_strndup(const char *str, size_t s, const char *file, int line);
316 void CRYPTO_free(void *ptr, const char *file, int line);
317 void CRYPTO_clear_free(void *ptr, size_t num, const char *file, int line);
318 void *CRYPTO_realloc(void *addr, size_t num, const char *file, int line);
319 void *CRYPTO_clear_realloc(void *addr, size_t old_num, size_t num,
320 const char *file, int line);
322 int CRYPTO_secure_malloc_init(size_t sz, int minsize);
323 int CRYPTO_secure_malloc_done(void);
324 void *CRYPTO_secure_malloc(size_t num, const char *file, int line);
325 void *CRYPTO_secure_zalloc(size_t num, const char *file, int line);
326 void CRYPTO_secure_free(void *ptr, const char *file, int line);
327 void CRYPTO_secure_clear_free(void *ptr, size_t num,
328 const char *file, int line);
329 int CRYPTO_secure_allocated(const void *ptr);
330 int CRYPTO_secure_malloc_initialized(void);
331 size_t CRYPTO_secure_actual_size(void *ptr);
332 size_t CRYPTO_secure_used(void);
334 void OPENSSL_cleanse(void *ptr, size_t len);
336 # ifndef OPENSSL_NO_CRYPTO_MDEBUG
338 # define OPENSSL_mem_debug_push(info) \
339 CRYPTO_mem_debug_push(info, OPENSSL_FILE, OPENSSL_LINE)
340 # define OPENSSL_mem_debug_pop() \
341 CRYPTO_mem_debug_pop()
343 DEPRECATEDIN_3(int CRYPTO_mem_debug_push(const char *info,
344 const char *file, int line))
345 DEPRECATEDIN_3(int CRYPTO_mem_debug_pop(void))
347 void CRYPTO_get_alloc_counts(int *mcount, int *rcount, int *fcount);
350 * Debugging functions (enabled by CRYPTO_set_mem_debug(1))
351 * The flag argument has the following significance:
352 * 0: called before the actual memory allocation has taken place
353 * 1: called after the actual memory allocation has taken place
355 void CRYPTO_mem_debug_malloc(void *addr, size_t num, int flag,
356 const char *file, int line);
357 void CRYPTO_mem_debug_realloc(void *addr1, void *addr2, size_t num, int flag,
358 const char *file, int line);
359 void CRYPTO_mem_debug_free(void *addr, int flag,
360 const char *file, int line);
362 int CRYPTO_mem_leaks_cb(int (*cb) (const char *str, size_t len, void *u),
364 # ifndef OPENSSL_NO_STDIO
365 int CRYPTO_mem_leaks_fp(FILE *);
367 int CRYPTO_mem_leaks(BIO *bio);
370 /* die if we have to */
371 ossl_noreturn void OPENSSL_die(const char *assertion, const char *file, int line);
372 # if !OPENSSL_API_1_1_0
373 # define OpenSSLDie(f,l,a) OPENSSL_die((a),(f),(l))
375 # define OPENSSL_assert(e) \
376 (void)((e) ? 0 : (OPENSSL_die("assertion failed: " #e, OPENSSL_FILE, OPENSSL_LINE), 1))
378 int OPENSSL_isservice(void);
381 int FIPS_mode_set(int r);
383 void OPENSSL_init(void);
384 # ifdef OPENSSL_SYS_UNIX
385 void OPENSSL_fork_prepare(void);
386 void OPENSSL_fork_parent(void);
387 void OPENSSL_fork_child(void);
390 struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result);
391 int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
392 int OPENSSL_gmtime_diff(int *pday, int *psec,
393 const struct tm *from, const struct tm *to);
396 * CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal.
397 * It takes an amount of time dependent on |len|, but independent of the
398 * contents of |a| and |b|. Unlike memcmp, it cannot be used to put elements
399 * into a defined order as the return value when a != b is undefined, other
400 * than to be non-zero.
402 int CRYPTO_memcmp(const void * in_a, const void * in_b, size_t len);
404 /* Standard initialisation options */
405 # define OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS 0x00000001L
406 # define OPENSSL_INIT_LOAD_CRYPTO_STRINGS 0x00000002L
407 # define OPENSSL_INIT_ADD_ALL_CIPHERS 0x00000004L
408 # define OPENSSL_INIT_ADD_ALL_DIGESTS 0x00000008L
409 # define OPENSSL_INIT_NO_ADD_ALL_CIPHERS 0x00000010L
410 # define OPENSSL_INIT_NO_ADD_ALL_DIGESTS 0x00000020L
411 # define OPENSSL_INIT_LOAD_CONFIG 0x00000040L
412 # define OPENSSL_INIT_NO_LOAD_CONFIG 0x00000080L
413 # define OPENSSL_INIT_ASYNC 0x00000100L
414 # define OPENSSL_INIT_ENGINE_RDRAND 0x00000200L
415 # define OPENSSL_INIT_ENGINE_DYNAMIC 0x00000400L
416 # define OPENSSL_INIT_ENGINE_OPENSSL 0x00000800L
417 # define OPENSSL_INIT_ENGINE_CRYPTODEV 0x00001000L
418 # define OPENSSL_INIT_ENGINE_CAPI 0x00002000L
419 # define OPENSSL_INIT_ENGINE_PADLOCK 0x00004000L
420 # define OPENSSL_INIT_ENGINE_AFALG 0x00008000L
421 /* OPENSSL_INIT_ZLIB 0x00010000L */
422 # define OPENSSL_INIT_ATFORK 0x00020000L
423 /* OPENSSL_INIT_BASE_ONLY 0x00040000L */
424 # define OPENSSL_INIT_NO_ATEXIT 0x00080000L
425 /* OPENSSL_INIT flag range 0x03f00000 reserved for OPENSSL_init_ssl() */
426 /* FREE: 0x04000000L */
427 /* FREE: 0x08000000L */
428 /* FREE: 0x10000000L */
429 /* FREE: 0x20000000L */
430 /* FREE: 0x40000000L */
431 /* FREE: 0x80000000L */
432 /* Max OPENSSL_INIT flag value is 0x80000000 */
434 /* openssl and dasync not counted as builtin */
435 # define OPENSSL_INIT_ENGINE_ALL_BUILTIN \
436 (OPENSSL_INIT_ENGINE_RDRAND | OPENSSL_INIT_ENGINE_DYNAMIC \
437 | OPENSSL_INIT_ENGINE_CRYPTODEV | OPENSSL_INIT_ENGINE_CAPI | \
438 OPENSSL_INIT_ENGINE_PADLOCK)
441 /* Library initialisation functions */
442 void OPENSSL_cleanup(void);
443 int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
444 int OPENSSL_atexit(void (*handler)(void));
445 void OPENSSL_thread_stop(void);
446 void OPENSSL_thread_stop_ex(OPENSSL_CTX *ctx);
448 /* Low-level control of initialization */
449 OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void);
450 # ifndef OPENSSL_NO_STDIO
451 int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *settings,
452 const char *config_filename);
453 void OPENSSL_INIT_set_config_file_flags(OPENSSL_INIT_SETTINGS *settings,
454 unsigned long flags);
455 int OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS *settings,
456 const char *config_appname);
458 void OPENSSL_INIT_free(OPENSSL_INIT_SETTINGS *settings);
460 # if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG)
462 # if defined(BASETYPES) || defined(_WINDEF_H)
463 /* application has to include <windows.h> in order to use this */
464 typedef DWORD CRYPTO_THREAD_LOCAL;
465 typedef DWORD CRYPTO_THREAD_ID;
467 typedef LONG CRYPTO_ONCE;
468 # define CRYPTO_ONCE_STATIC_INIT 0
471 # include <pthread.h>
472 typedef pthread_once_t CRYPTO_ONCE;
473 typedef pthread_key_t CRYPTO_THREAD_LOCAL;
474 typedef pthread_t CRYPTO_THREAD_ID;
476 # define CRYPTO_ONCE_STATIC_INIT PTHREAD_ONCE_INIT
480 # if !defined(CRYPTO_ONCE_STATIC_INIT)
481 typedef unsigned int CRYPTO_ONCE;
482 typedef unsigned int CRYPTO_THREAD_LOCAL;
483 typedef unsigned int CRYPTO_THREAD_ID;
484 # define CRYPTO_ONCE_STATIC_INIT 0
487 int CRYPTO_THREAD_run_once(CRYPTO_ONCE *once, void (*init)(void));
489 int CRYPTO_THREAD_init_local(CRYPTO_THREAD_LOCAL *key, void (*cleanup)(void *));
490 void *CRYPTO_THREAD_get_local(CRYPTO_THREAD_LOCAL *key);
491 int CRYPTO_THREAD_set_local(CRYPTO_THREAD_LOCAL *key, void *val);
492 int CRYPTO_THREAD_cleanup_local(CRYPTO_THREAD_LOCAL *key);
494 CRYPTO_THREAD_ID CRYPTO_THREAD_get_current_id(void);
495 int CRYPTO_THREAD_compare_id(CRYPTO_THREAD_ID a, CRYPTO_THREAD_ID b);
497 OPENSSL_CTX *OPENSSL_CTX_new(void);
498 void OPENSSL_CTX_free(OPENSSL_CTX *);