X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fcrypto.h;h=0e4fb0723ced502d6138efa908e2a7f9d4b71395;hb=4a9d335bb442a59ecd87c09812a8f6cc88065ff7;hp=d2b5ffe3325bcfc7a6b3b82fd81d807ab19490c5;hpb=b0c0f200712ea51b6442fa0d496a6e0088017890;p=oweals%2Fopenssl.git diff --git a/crypto/crypto.h b/crypto/crypto.h index d2b5ffe332..0e4fb0723c 100644 --- a/crypto/crypto.h +++ b/crypto/crypto.h @@ -219,7 +219,13 @@ typedef struct openssl_item_st #define CRYPTO_LOCK_EC_PRE_COMP 36 #define CRYPTO_LOCK_STORE 37 #define CRYPTO_LOCK_COMP 38 +#ifndef OPENSSL_FIPS #define CRYPTO_NUM_LOCKS 39 +#else +#define CRYPTO_LOCK_FIPS 39 +#define CRYPTO_LOCK_FIPS2 40 +#define CRYPTO_NUM_LOCKS 41 +#endif #define CRYPTO_LOCK 1 #define CRYPTO_UNLOCK 2 @@ -341,14 +347,7 @@ DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS) /* Set standard debugging functions (not done by default * unless CRYPTO_MDEBUG is defined) */ -#define CRYPTO_malloc_debug_init() do {\ - CRYPTO_set_mem_debug_functions(\ - CRYPTO_dbg_malloc,\ - CRYPTO_dbg_realloc,\ - CRYPTO_dbg_free,\ - CRYPTO_dbg_set_options,\ - CRYPTO_dbg_get_options);\ - } while(0) +void CRYPTO_malloc_debug_init(void); int CRYPTO_mem_ctrl(int mode); int CRYPTO_is_mem_check_on(void); @@ -363,6 +362,7 @@ int CRYPTO_is_mem_check_on(void); #define is_MemCheck_on() CRYPTO_is_mem_check_on() #define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) +#define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__) #define OPENSSL_realloc(addr,num) \ CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__) #define OPENSSL_realloc_clean(addr,old_num,num) \ @@ -427,6 +427,9 @@ const char *CRYPTO_get_lock_name(int type); int CRYPTO_add_lock(int *pointer,int amount,int type, const char *file, int line); +void int_CRYPTO_set_do_dynlock_callback( + void (*do_dynlock_cb)(int mode, int type, const char *file, int line)); + int CRYPTO_get_new_dynlockid(void); void CRYPTO_destroy_dynlockid(int i); struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i); @@ -451,6 +454,10 @@ int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int), void (*f)(void *,int), void (*so)(long), long (*go)(void)); +void CRYPTO_set_mem_info_functions( + int (*push_info_fn)(const char *info, const char *file, int line), + int (*pop_info_fn)(void), + int (*remove_all_info_fn)(void)); void CRYPTO_get_mem_functions(void *(**m)(size_t),void *(**r)(void *, size_t), void (**f)(void *)); void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *)); void CRYPTO_get_mem_ex_functions(void *(**m)(size_t,const char *,int), @@ -467,6 +474,7 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int), void *CRYPTO_malloc_locked(int num, const char *file, int line); void CRYPTO_free_locked(void *); void *CRYPTO_malloc(int num, const char *file, int line); +char *CRYPTO_strdup(const char *str, const char *file, int line); void CRYPTO_free(void *); void *CRYPTO_realloc(void *addr,int num, const char *file, int line); void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file, @@ -506,6 +514,9 @@ void CRYPTO_dbg_free(void *addr,int before_p); void CRYPTO_dbg_set_options(long bits); long CRYPTO_dbg_get_options(void); +int CRYPTO_dbg_push_info(const char *info, const char *file, int line); +int CRYPTO_dbg_pop_info(void); +int CRYPTO_dbg_remove_all_info(void); #ifndef OPENSSL_NO_FP_API void CRYPTO_mem_leaks_fp(FILE *); @@ -521,6 +532,61 @@ void OpenSSLDie(const char *file,int line,const char *assertion); unsigned long *OPENSSL_ia32cap_loc(void); #define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc())) +int OPENSSL_isservice(void); + +#ifdef OPENSSL_FIPS +#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \ + alg " previous FIPS forbidden algorithm error ignored"); + +#define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \ + #alg " Algorithm forbidden in FIPS mode"); + +#ifdef OPENSSL_FIPS_STRICT +#define FIPS_BAD_ALGORITHM(alg) FIPS_BAD_ABORT(alg) +#else +#define FIPS_BAD_ALGORITHM(alg) \ + { \ + FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); \ + ERR_add_error_data(2, "Algorithm=", #alg); \ + return 0; \ + } +#endif + +/* Low level digest API blocking macro */ + +#define FIPS_NON_FIPS_MD_Init(alg) \ + int alg##_Init(alg##_CTX *c) \ + { \ + if (FIPS_mode()) \ + FIPS_BAD_ALGORITHM(alg) \ + return private_##alg##_Init(c); \ + } \ + int private_##alg##_Init(alg##_CTX *c) + +/* For ciphers the API often varies from cipher to cipher and each needs to + * be treated as a special case. Variable key length ciphers (Blowfish, RC4, + * CAST) however are very similar and can use a blocking macro. + */ + +#define FIPS_NON_FIPS_VCIPHER_Init(alg) \ + void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) \ + { \ + if (FIPS_mode()) \ + FIPS_BAD_ABORT(alg) \ + private_##alg##_set_key(key, len, data); \ + } \ + void private_##alg##_set_key(alg##_KEY *key, int len, \ + const unsigned char *data) + +#else + +#define FIPS_NON_FIPS_VCIPHER_Init(alg) \ + void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) + +#define FIPS_NON_FIPS_MD_Init(alg) \ + int alg##_Init(alg##_CTX *c) + +#endif /* def OPENSSL_FIPS */ /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes @@ -528,6 +594,9 @@ unsigned long *OPENSSL_ia32cap_loc(void); */ void ERR_load_CRYPTO_strings(void); +#define OPENSSL_HAVE_INIT 1 +void OPENSSL_init(void); + /* Error codes for the CRYPTO functions. */ /* Function codes. */