From: Dr. Matthias St. Pierre Date: Fri, 27 Sep 2019 21:57:58 +0000 (+0200) Subject: Reorganize private crypto header files X-Git-Tag: OpenSSL_1_1_1e~214 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=0c994d54afbb734ed744330d4b03a653a8477fe3;p=oweals%2Fopenssl.git Reorganize private crypto header files Currently, there are two different directories which contain internal header files of libcrypto which are meant to be shared internally: While header files in 'include/internal' are intended to be shared between libcrypto and libssl, the files in 'crypto/include/internal' are intended to be shared inside libcrypto only. To make things complicated, the include search path is set up in such a way that the directive #include "internal/file.h" could refer to a file in either of these two directoroes. This makes it necessary in some cases to add a '_int.h' suffix to some files to resolve this ambiguity: #include "internal/file.h" # located in 'include/internal' #include "internal/file_int.h" # located in 'crypto/include/internal' This commit moves the private crypto headers from 'crypto/include/internal' to 'include/crypto' As a result, the include directives become unambiguous #include "internal/file.h" # located in 'include/internal' #include "crypto/file.h" # located in 'include/crypto' hence the superfluous '_int.h' suffixes can be stripped. The files 'store_int.h' and 'store.h' need to be treated specially; they are joined into a single file. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/9681) --- diff --git a/.gitignore b/.gitignore index 1b0f25cc81..c7e660b6a7 100644 --- a/.gitignore +++ b/.gitignore @@ -27,7 +27,7 @@ Makefile # Auto generated headers /crypto/buildinf.h /apps/progs.h -/crypto/include/internal/*_conf.h +/include/crypto/*_conf.h /openssl/include/opensslconf.h /util/domd diff --git a/build.info b/build.info index 3dda4e89bf..05c9bdd19c 100644 --- a/build.info +++ b/build.info @@ -9,20 +9,20 @@ ""; -} LIBS=libcrypto libssl -INCLUDE[libcrypto]=. crypto/include include +INCLUDE[libcrypto]=. include INCLUDE[libssl]=. include DEPEND[libssl]=libcrypto # Empty DEPEND "indices" means the dependencies are expected to be built # unconditionally before anything else. -DEPEND[]=include/openssl/opensslconf.h crypto/include/internal/bn_conf.h \ - crypto/include/internal/dso_conf.h +DEPEND[]=include/openssl/opensslconf.h include/crypto/bn_conf.h \ + include/crypto/dso_conf.h DEPEND[include/openssl/opensslconf.h]=configdata.pm GENERATE[include/openssl/opensslconf.h]=include/openssl/opensslconf.h.in -DEPEND[crypto/include/internal/bn_conf.h]=configdata.pm -GENERATE[crypto/include/internal/bn_conf.h]=crypto/include/internal/bn_conf.h.in -DEPEND[crypto/include/internal/dso_conf.h]=configdata.pm -GENERATE[crypto/include/internal/dso_conf.h]=crypto/include/internal/dso_conf.h.in +DEPEND[include/crypto/bn_conf.h]=configdata.pm +GENERATE[include/crypto/bn_conf.h]=include/crypto/bn_conf.h.in +DEPEND[include/crypto/dso_conf.h]=configdata.pm +GENERATE[include/crypto/dso_conf.h]=include/crypto/dso_conf.h.in IF[{- defined $target{shared_defflag} -}] IF[{- $config{target} =~ /^mingw/ -}] diff --git a/crypto/aria/aria.c b/crypto/aria/aria.c index 293bcc72bd..ce55d52664 100644 --- a/crypto/aria/aria.c +++ b/crypto/aria/aria.c @@ -19,7 +19,7 @@ */ #include -#include "internal/aria.h" +#include "crypto/aria.h" #include #include diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c index a1a17901b8..a452b3deba 100644 --- a/crypto/asn1/a_d2i_fp.c +++ b/crypto/asn1/a_d2i_fp.c @@ -13,7 +13,7 @@ #include "internal/numbers.h" #include #include -#include "internal/asn1_int.h" +#include "crypto/asn1.h" #ifndef NO_OLD_ASN1 # ifndef OPENSSL_NO_STDIO diff --git a/crypto/asn1/a_mbstr.c b/crypto/asn1/a_mbstr.c index 949fe6c161..bdb697ab30 100644 --- a/crypto/asn1/a_mbstr.c +++ b/crypto/asn1/a_mbstr.c @@ -8,7 +8,7 @@ */ #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include "internal/cryptlib.h" #include diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c index 5e1424a806..064835b7ec 100644 --- a/crypto/asn1/a_object.c +++ b/crypto/asn1/a_object.c @@ -9,13 +9,13 @@ #include #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include "internal/cryptlib.h" #include #include #include #include -#include "internal/asn1_int.h" +#include "crypto/asn1.h" #include "asn1_locl.h" int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp) diff --git a/crypto/asn1/a_print.c b/crypto/asn1/a_print.c index 8a373d9da9..85a631a27a 100644 --- a/crypto/asn1/a_print.c +++ b/crypto/asn1/a_print.c @@ -8,7 +8,7 @@ */ #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include "internal/cryptlib.h" #include diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index 146fdb9626..72381b6655 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -18,8 +18,8 @@ #include #include #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" #ifndef NO_ASN1_OLD diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c index ea4dd1c5b1..4879b33785 100644 --- a/crypto/asn1/a_strex.c +++ b/crypto/asn1/a_strex.c @@ -10,7 +10,7 @@ #include #include #include "internal/cryptlib.h" -#include "internal/asn1_int.h" +#include "crypto/asn1.h" #include #include #include diff --git a/crypto/asn1/a_time.c b/crypto/asn1/a_time.c index c36dd95001..bbb07fd6d8 100644 --- a/crypto/asn1/a_time.c +++ b/crypto/asn1/a_time.c @@ -16,7 +16,7 @@ #include #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include "internal/cryptlib.h" #include #include "asn1_locl.h" diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index cdaf17c3cb..4b5f54234f 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -18,8 +18,8 @@ #include #include #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" #ifndef NO_ASN1_OLD diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c index d7d270dbb5..5e8c3ed1d5 100644 --- a/crypto/asn1/ameth_lib.c +++ b/crypto/asn1/ameth_lib.c @@ -13,8 +13,8 @@ #include #include #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" #include "standard_methods.h" diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c index dfd5be6347..c7f05f24e2 100644 --- a/crypto/asn1/asn_mime.c +++ b/crypto/asn1/asn_mime.c @@ -8,13 +8,13 @@ */ #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include "internal/cryptlib.h" #include #include #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" #include "internal/bio.h" #include "asn1_locl.h" diff --git a/crypto/asn1/asn_moid.c b/crypto/asn1/asn_moid.c index 68a01f3117..732ce972aa 100644 --- a/crypto/asn1/asn_moid.c +++ b/crypto/asn1/asn_moid.c @@ -8,13 +8,13 @@ */ #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include #include "internal/cryptlib.h" #include #include -#include "internal/asn1_int.h" -#include "internal/objects.h" +#include "crypto/asn1.h" +#include "crypto/objects.h" /* Simple ASN1 OID module: add all objects in a given section */ diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c index aa0d6ad6ae..6ec0107380 100644 --- a/crypto/asn1/d2i_pr.c +++ b/crypto/asn1/d2i_pr.c @@ -15,8 +15,8 @@ #include #include #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, long length) diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c index 7bc16c7bce..8327ac16ca 100644 --- a/crypto/asn1/d2i_pu.c +++ b/crypto/asn1/d2i_pu.c @@ -17,7 +17,7 @@ #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, long length) diff --git a/crypto/asn1/f_int.c b/crypto/asn1/f_int.c index 6d6bddc651..3a18381173 100644 --- a/crypto/asn1/f_int.c +++ b/crypto/asn1/f_int.c @@ -8,7 +8,7 @@ */ #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include "internal/cryptlib.h" #include #include diff --git a/crypto/asn1/f_string.c b/crypto/asn1/f_string.c index f893489a67..53dfec71b5 100644 --- a/crypto/asn1/f_string.c +++ b/crypto/asn1/f_string.c @@ -8,7 +8,7 @@ */ #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include "internal/cryptlib.h" #include #include diff --git a/crypto/asn1/i2d_pr.c b/crypto/asn1/i2d_pr.c index 445b0c8425..0374c0bfbd 100644 --- a/crypto/asn1/i2d_pr.c +++ b/crypto/asn1/i2d_pr.c @@ -11,8 +11,8 @@ #include "internal/cryptlib.h" #include #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) { diff --git a/crypto/asn1/p8_pkey.c b/crypto/asn1/p8_pkey.c index dbee827e0d..ab509b1ac9 100644 --- a/crypto/asn1/p8_pkey.c +++ b/crypto/asn1/p8_pkey.c @@ -11,7 +11,7 @@ #include "internal/cryptlib.h" #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" /* Minor tweak to operation: zero private key data */ static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c index 3b2c9df891..651622aedc 100644 --- a/crypto/asn1/t_pkey.c +++ b/crypto/asn1/t_pkey.c @@ -11,7 +11,7 @@ #include "internal/cryptlib.h" #include #include -#include "internal/bn_int.h" +#include "crypto/bn.h" /* Number of octets per line */ #define ASN1_BUF_PRINT_WIDTH 15 diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c index 30be314ff9..0d32f4d979 100644 --- a/crypto/asn1/tasn_enc.c +++ b/crypto/asn1/tasn_enc.c @@ -13,7 +13,7 @@ #include #include #include -#include "internal/asn1_int.h" +#include "crypto/asn1.h" #include "asn1_locl.h" static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, diff --git a/crypto/asn1/tasn_prn.c b/crypto/asn1/tasn_prn.c index 1fb66f1062..dc0876508b 100644 --- a/crypto/asn1/tasn_prn.c +++ b/crypto/asn1/tasn_prn.c @@ -15,7 +15,7 @@ #include #include #include -#include "internal/asn1_int.h" +#include "crypto/asn1.h" #include "asn1_locl.h" /* diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c index 853d45b8bc..4c4a718850 100644 --- a/crypto/asn1/x_algor.c +++ b/crypto/asn1/x_algor.c @@ -11,7 +11,7 @@ #include #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" ASN1_SEQUENCE(X509_ALGOR) = { ASN1_SIMPLE(X509_ALGOR, algorithm, ASN1_OBJECT), diff --git a/crypto/asn1/x_sig.c b/crypto/asn1/x_sig.c index e465cf2d4d..fb24e240cb 100644 --- a/crypto/asn1/x_sig.c +++ b/crypto/asn1/x_sig.c @@ -11,7 +11,7 @@ #include "internal/cryptlib.h" #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" ASN1_SEQUENCE(X509_SIG) = { ASN1_SIMPLE(X509_SIG, algor, X509_ALGOR), diff --git a/crypto/async/async.c b/crypto/async/async.c index 1d83e4576f..fba15e83e8 100644 --- a/crypto/async/async.c +++ b/crypto/async/async.c @@ -19,7 +19,7 @@ #include "async_locl.h" #include -#include "internal/cryptlib_int.h" +#include "crypto/cryptlib.h" #include #define ASYNC_JOB_RUNNING 0 diff --git a/crypto/async/async_locl.h b/crypto/async/async_locl.h index d7790293f7..dd1a85e026 100644 --- a/crypto/async/async_locl.h +++ b/crypto/async/async_locl.h @@ -20,7 +20,7 @@ # include #endif -#include "internal/async.h" +#include "crypto/async.h" #include typedef struct async_ctx_st async_ctx; diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c index 9e907fcaa7..8ef90ac1d4 100644 --- a/crypto/bio/b_print.c +++ b/crypto/bio/b_print.c @@ -10,7 +10,7 @@ #include #include #include "internal/cryptlib.h" -#include "internal/ctype.h" +#include "crypto/ctype.h" #include "internal/numbers.h" #include diff --git a/crypto/blake2/m_blake2b.c b/crypto/blake2/m_blake2b.c index c493648c3c..93ed70ce7f 100644 --- a/crypto/blake2/m_blake2b.c +++ b/crypto/blake2/m_blake2b.c @@ -21,7 +21,7 @@ # include # include # include "blake2_locl.h" -# include "internal/evp_int.h" +# include "crypto/evp.h" static int init(EVP_MD_CTX *ctx) { diff --git a/crypto/blake2/m_blake2s.c b/crypto/blake2/m_blake2s.c index 83b2811e44..271068692c 100644 --- a/crypto/blake2/m_blake2s.c +++ b/crypto/blake2/m_blake2s.c @@ -21,7 +21,7 @@ # include # include # include "blake2_locl.h" -# include "internal/evp_int.h" +# include "crypto/evp.h" static int init(EVP_MD_CTX *ctx) { diff --git a/crypto/bn/bn_dh.c b/crypto/bn/bn_dh.c index 38acdee234..3f0af5e49d 100644 --- a/crypto/bn/bn_dh.c +++ b/crypto/bn/bn_dh.c @@ -12,7 +12,7 @@ #ifndef OPENSSL_NO_DH #include -#include "internal/bn_dh.h" +#include "crypto/bn_dh.h" /* DH parameters from RFC5114 */ # if BN_BITS2 == 64 diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_lcl.h index 7f823a6178..5e895b0cd1 100644 --- a/crypto/bn/bn_lcl.h +++ b/crypto/bn/bn_lcl.h @@ -18,10 +18,10 @@ # include # if !defined(OPENSSL_SYS_UEFI) -# include "internal/bn_conf.h" +# include "crypto/bn_conf.h" # endif -# include "internal/bn_int.h" +# include "crypto/bn.h" /* * These preprocessor symbols control various aspects of the bignum headers diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c index 1853269d90..89a4ac31e6 100644 --- a/crypto/bn/bn_print.c +++ b/crypto/bn/bn_print.c @@ -8,7 +8,7 @@ */ #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include #include "internal/cryptlib.h" #include diff --git a/crypto/bn/bn_srp.c b/crypto/bn/bn_srp.c index 27b6ebe518..de07b045d6 100644 --- a/crypto/bn/bn_srp.c +++ b/crypto/bn/bn_srp.c @@ -13,7 +13,7 @@ #ifndef OPENSSL_NO_SRP #include -#include "internal/bn_srp.h" +#include "crypto/bn_srp.h" # if (BN_BYTES == 8) # if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) diff --git a/crypto/chacha/chacha_enc.c b/crypto/chacha/chacha_enc.c index 239f68ab82..afe5b5136a 100644 --- a/crypto/chacha/chacha_enc.c +++ b/crypto/chacha/chacha_enc.c @@ -11,7 +11,7 @@ #include -#include "internal/chacha.h" +#include "crypto/chacha.h" typedef unsigned int u32; typedef unsigned char u8; diff --git a/crypto/cmac/cm_ameth.c b/crypto/cmac/cm_ameth.c index a58454a089..82adf18c80 100644 --- a/crypto/cmac/cm_ameth.c +++ b/crypto/cmac/cm_ameth.c @@ -11,7 +11,7 @@ #include "internal/cryptlib.h" #include #include -#include "internal/asn1_int.h" +#include "crypto/asn1.h" /* * CMAC "ASN1" method. This is just here to indicate the maximum CMAC output diff --git a/crypto/cmac/cm_pmeth.c b/crypto/cmac/cm_pmeth.c index 10748f1488..5574f25be8 100644 --- a/crypto/cmac/cm_pmeth.c +++ b/crypto/cmac/cm_pmeth.c @@ -13,7 +13,7 @@ #include #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" /* The context structure and "key" is simply a CMAC_CTX */ diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c index 26fb81f79a..5d8615c03e 100644 --- a/crypto/cms/cms_env.c +++ b/crypto/cms/cms_env.c @@ -15,8 +15,8 @@ #include #include #include "cms_lcl.h" -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" /* CMS EnvelopedData Utilities */ diff --git a/crypto/cms/cms_kari.c b/crypto/cms/cms_kari.c index 5e83814d0f..7398918317 100644 --- a/crypto/cms/cms_kari.c +++ b/crypto/cms/cms_kari.c @@ -15,7 +15,7 @@ #include #include #include "cms_lcl.h" -#include "internal/asn1_int.h" +#include "crypto/asn1.h" /* Key Agreement Recipient Info (KARI) routines */ diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c index 26e3bdcf9e..159d788040 100644 --- a/crypto/cms/cms_pwri.c +++ b/crypto/cms/cms_pwri.c @@ -16,7 +16,7 @@ #include #include #include "cms_lcl.h" -#include "internal/asn1_int.h" +#include "crypto/asn1.h" int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, unsigned char *pass, ossl_ssize_t passlen) diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c index 3841513f8b..face7e2aa8 100644 --- a/crypto/cms/cms_sd.c +++ b/crypto/cms/cms_sd.c @@ -15,8 +15,8 @@ #include #include #include "cms_lcl.h" -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" /* CMS SignedData Utilities */ diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c index 10815639f8..e0f5dc872a 100644 --- a/crypto/cms/cms_smime.c +++ b/crypto/cms/cms_smime.c @@ -14,7 +14,7 @@ #include #include #include "cms_lcl.h" -#include "internal/asn1_int.h" +#include "crypto/asn1.h" static BIO *cms_get_text_bio(BIO *out, unsigned int flags) { diff --git a/crypto/comp/c_zlib.c b/crypto/comp/c_zlib.c index 7c1be358fd..a23d0d0bc2 100644 --- a/crypto/comp/c_zlib.c +++ b/crypto/comp/c_zlib.c @@ -13,7 +13,7 @@ #include #include "internal/comp.h" #include -#include "internal/cryptlib_int.h" +#include "crypto/cryptlib.h" #include "internal/bio.h" #include "comp_lcl.h" diff --git a/crypto/conf/conf_lib.c b/crypto/conf/conf_lib.c index 2d40ac97ec..0b7dd26d63 100644 --- a/crypto/conf/conf_lib.c +++ b/crypto/conf/conf_lib.c @@ -11,7 +11,7 @@ #include #include #include "internal/conf.h" -#include "internal/ctype.h" +#include "crypto/ctype.h" #include #include #include diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c index 7b761a3adc..1f36b20c86 100644 --- a/crypto/cryptlib.c +++ b/crypto/cryptlib.c @@ -9,7 +9,7 @@ */ #include "e_os.h" -#include "internal/cryptlib_int.h" +#include "crypto/cryptlib.h" #include #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ @@ -49,7 +49,7 @@ typedef char variant_char; # define ossl_getenv getenv # endif -# include "internal/ctype.h" +# include "crypto/ctype.h" static int todigit(variant_char c) { diff --git a/crypto/ctype.c b/crypto/ctype.c index e05f84cd40..b7f1183f9c 100644 --- a/crypto/ctype.c +++ b/crypto/ctype.c @@ -9,7 +9,7 @@ #include #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include "openssl/ebcdic.h" /* diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index 05a1d4227e..57705e497b 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -13,8 +13,8 @@ #include #include "dh_locl.h" #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" #include /* diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 718aa422d9..6aef7f2420 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -10,7 +10,7 @@ #include #include "internal/cryptlib.h" #include "dh_locl.h" -#include "internal/bn_int.h" +#include "crypto/bn.h" static int generate_key(DH *dh); static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c index 568831f1c2..fc317e274e 100644 --- a/crypto/dh/dh_pmeth.c +++ b/crypto/dh/dh_pmeth.c @@ -16,7 +16,7 @@ #include #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" /* DH pkey context structure */ diff --git a/crypto/dh/dh_rfc5114.c b/crypto/dh/dh_rfc5114.c index c4a219590e..9417558435 100644 --- a/crypto/dh/dh_rfc5114.c +++ b/crypto/dh/dh_rfc5114.c @@ -11,7 +11,7 @@ #include "internal/cryptlib.h" #include "dh_locl.h" #include -#include "internal/bn_dh.h" +#include "crypto/bn_dh.h" /* * Macro to make a DH structure from BIGNUM data. NB: although just copying diff --git a/crypto/dh/dh_rfc7919.c b/crypto/dh/dh_rfc7919.c index a54b468e55..09c9ce7b9d 100644 --- a/crypto/dh/dh_rfc7919.c +++ b/crypto/dh/dh_rfc7919.c @@ -12,7 +12,7 @@ #include "dh_locl.h" #include #include -#include "internal/bn_dh.h" +#include "crypto/bn_dh.h" static DH *dh_param_init(const BIGNUM *p, int32_t nbits) { diff --git a/crypto/dllmain.c b/crypto/dllmain.c index 0838c55e48..e8217893b9 100644 --- a/crypto/dllmain.c +++ b/crypto/dllmain.c @@ -8,7 +8,7 @@ */ #include "e_os.h" -#include "internal/cryptlib_int.h" +#include "crypto/cryptlib.h" #if defined(_WIN32) || defined(__CYGWIN__) # ifdef __CYGWIN__ diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 49aa1ae23b..343d0fd5bb 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -14,8 +14,8 @@ #include "dsa_locl.h" #include #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 16161dcadf..1d28684e3c 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -9,7 +9,7 @@ #include #include "internal/cryptlib.h" -#include "internal/bn_int.h" +#include "crypto/bn.h" #include #include #include "dsa_locl.h" diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c index 1dd2fef9be..a085b902a8 100644 --- a/crypto/dsa/dsa_pmeth.c +++ b/crypto/dsa/dsa_pmeth.c @@ -13,7 +13,7 @@ #include #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" #include "dsa_locl.h" /* DSA pkey context structure */ diff --git a/crypto/dso/dso_locl.h b/crypto/dso/dso_locl.h index 14a0ccb7c0..43b7df9d78 100644 --- a/crypto/dso/dso_locl.h +++ b/crypto/dso/dso_locl.h @@ -10,7 +10,7 @@ #include #include "internal/cryptlib.h" #include "internal/dso.h" -#include "internal/dso_conf.h" +#include "crypto/dso_conf.h" #include "internal/refcount.h" /**********************************************************************/ diff --git a/crypto/ec/ec2_smpl.c b/crypto/ec/ec2_smpl.c index 898e741fcb..99ba7c13c5 100644 --- a/crypto/ec/ec2_smpl.c +++ b/crypto/ec/ec2_smpl.c @@ -10,7 +10,7 @@ #include -#include "internal/bn_int.h" +#include "crypto/bn.h" #include "ec_lcl.h" #ifndef OPENSSL_NO_EC2M diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index c086f47ab3..3bd66c400c 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -14,8 +14,8 @@ #include #include #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" #include "ec_lcl.h" #ifndef OPENSSL_NO_CMS diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_lcl.h index fbdb04ea3a..e656fbd5e7 100644 --- a/crypto/ec/ec_lcl.h +++ b/crypto/ec/ec_lcl.h @@ -14,7 +14,7 @@ #include #include #include "internal/refcount.h" -#include "internal/ec_int.h" +#include "crypto/ec.h" #if defined(__SUNPRO_C) # if __SUNPRO_C >= 0x520 diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c index 57bdf116f1..13fd5b1a33 100644 --- a/crypto/ec/ec_mult.c +++ b/crypto/ec/ec_mult.c @@ -12,7 +12,7 @@ #include #include "internal/cryptlib.h" -#include "internal/bn_int.h" +#include "crypto/bn.h" #include "ec_lcl.h" #include "internal/refcount.h" diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c index 454be16c54..b7d5cdf310 100644 --- a/crypto/ec/ec_pmeth.c +++ b/crypto/ec/ec_pmeth.c @@ -14,7 +14,7 @@ #include #include "ec_lcl.h" #include -#include "internal/evp_int.h" +#include "crypto/evp.h" /* EC pkey context structure */ diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c index c35ed2dcd0..f21a689902 100644 --- a/crypto/ec/ecdsa_ossl.c +++ b/crypto/ec/ecdsa_ossl.c @@ -11,7 +11,7 @@ #include #include #include -#include "internal/bn_int.h" +#include "crypto/bn.h" #include "ec_lcl.h" int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen, diff --git a/crypto/ec/ecp_nistz256.c b/crypto/ec/ecp_nistz256.c index 7ad5eb627d..43becb2fec 100644 --- a/crypto/ec/ecp_nistz256.c +++ b/crypto/ec/ecp_nistz256.c @@ -21,7 +21,7 @@ #include #include "internal/cryptlib.h" -#include "internal/bn_int.h" +#include "crypto/bn.h" #include "ec_lcl.h" #include "internal/refcount.h" diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c index 55429642fd..0504831b11 100644 --- a/crypto/ec/ecx_meth.c +++ b/crypto/ec/ecx_meth.c @@ -12,8 +12,8 @@ #include #include #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" #include "ec_lcl.h" #include "curve448/curve448_lcl.h" diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c index a727c6f646..49e9ce1af3 100644 --- a/crypto/engine/eng_devcrypto.c +++ b/crypto/engine/eng_devcrypto.c @@ -22,7 +22,7 @@ #include #include -#include "internal/engine.h" +#include "crypto/engine.h" /* #define ENGINE_DEVCRYPTO_DEBUG */ diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_int.h index b95483341e..b5f3b502c1 100644 --- a/crypto/engine/eng_int.h +++ b/crypto/engine/eng_int.h @@ -12,7 +12,7 @@ # define HEADER_ENGINE_INT_H # include "internal/cryptlib.h" -# include "internal/engine.h" +# include "crypto/engine.h" # include "internal/thread_once.h" # include "internal/refcount.h" diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c index d9b3067a13..baedc73284 100644 --- a/crypto/engine/eng_openssl.c +++ b/crypto/engine/eng_openssl.c @@ -11,7 +11,7 @@ #include #include #include "internal/cryptlib.h" -#include "internal/engine.h" +#include "crypto/engine.h" #include #include #include diff --git a/crypto/engine/eng_rdrand.c b/crypto/engine/eng_rdrand.c index 261e5debbf..9dceb16710 100644 --- a/crypto/engine/eng_rdrand.c +++ b/crypto/engine/eng_rdrand.c @@ -11,7 +11,7 @@ #include #include -#include "internal/engine.h" +#include "crypto/engine.h" #include #include #include diff --git a/crypto/engine/tb_asnmth.c b/crypto/engine/tb_asnmth.c index 4bcc76136a..9c7e73d65f 100644 --- a/crypto/engine/tb_asnmth.c +++ b/crypto/engine/tb_asnmth.c @@ -10,7 +10,7 @@ #include "e_os.h" #include "eng_int.h" #include -#include "internal/asn1_int.h" +#include "crypto/asn1.h" /* * If this symbol is defined then ENGINE_get_pkey_asn1_meth_engine(), the diff --git a/crypto/err/err.c b/crypto/err/err.c index 3a58ccb958..ec8a7851af 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -10,16 +10,16 @@ #include #include #include -#include "internal/cryptlib_int.h" +#include "crypto/cryptlib.h" #include "internal/err.h" -#include "internal/err_int.h" +#include "crypto/err.h" #include #include #include #include #include #include "internal/thread_once.h" -#include "internal/ctype.h" +#include "crypto/ctype.h" #include "internal/constant_time_locl.h" #include "e_os.h" diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c index d9ec04b606..7c0a5f0b9c 100644 --- a/crypto/err/err_all.c +++ b/crypto/err/err_all.c @@ -8,7 +8,7 @@ */ #include -#include "internal/err_int.h" +#include "crypto/err.h" #include #include #include diff --git a/crypto/err/openssl.ec b/crypto/err/openssl.ec index 3e092eae0a..f9f8c404c3 100644 --- a/crypto/err/openssl.ec +++ b/crypto/err/openssl.ec @@ -32,7 +32,7 @@ L CMS include/openssl/cms.h crypto/cms/cms_err.c L CT include/openssl/ct.h crypto/ct/ct_err.c L ASYNC include/openssl/async.h crypto/async/async_err.c L KDF include/openssl/kdf.h crypto/kdf/kdf_err.c -L SM2 crypto/include/internal/sm2.h crypto/sm2/sm2_err.c +L SM2 include/crypto/sm2.h crypto/sm2/sm2_err.c L OSSL_STORE include/openssl/store.h crypto/store/store_err.c # additional header files to be scanned for function names diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c index 288dee01b2..6a78c359a1 100644 --- a/crypto/evp/bio_md.c +++ b/crypto/evp/bio_md.c @@ -12,7 +12,7 @@ #include "internal/cryptlib.h" #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" #include "evp_locl.h" #include "internal/bio.h" diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c index 300db6cd32..a77cfb1552 100644 --- a/crypto/evp/bio_ok.c +++ b/crypto/evp/bio_ok.c @@ -76,7 +76,7 @@ #include "internal/bio.h" #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" static int ok_write(BIO *h, const char *buf, int num); static int ok_read(BIO *h, char *buf, int size); diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index 086b3c4d51..22fdcc409c 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -10,7 +10,7 @@ #include #include "internal/cryptlib.h" #include -#include "internal/evp_int.h" +#include "crypto/evp.h" #include #include diff --git a/crypto/evp/c_alld.c b/crypto/evp/c_alld.c index 1267531a7d..16ac1b67f4 100644 --- a/crypto/evp/c_alld.c +++ b/crypto/evp/c_alld.c @@ -10,7 +10,7 @@ #include #include "internal/cryptlib.h" #include -#include "internal/evp_int.h" +#include "crypto/evp.h" #include #include diff --git a/crypto/evp/cmeth_lib.c b/crypto/evp/cmeth_lib.c index e2295c4dc5..d635dfca4e 100644 --- a/crypto/evp/cmeth_lib.c +++ b/crypto/evp/cmeth_lib.c @@ -10,7 +10,7 @@ #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" #include "evp_locl.h" EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 6693f270b6..d1b127a19d 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -12,7 +12,7 @@ #include #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" #include "evp_locl.h" /* This call frees resources associated with the context */ diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 1db346fc86..046bc2745a 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -14,7 +14,7 @@ #include #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" #include "modes_lcl.h" #include #include "evp_locl.h" diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c index 09d24dc3d0..853c5f9c6f 100644 --- a/crypto/evp/e_aes_cbc_hmac_sha1.c +++ b/crypto/evp/e_aes_cbc_hmac_sha1.c @@ -18,7 +18,7 @@ #include #include #include "modes_lcl.h" -#include "internal/evp_int.h" +#include "crypto/evp.h" #include "internal/constant_time_locl.h" typedef struct { diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c index caac0c9d3d..570ec00bc6 100644 --- a/crypto/evp/e_aes_cbc_hmac_sha256.c +++ b/crypto/evp/e_aes_cbc_hmac_sha256.c @@ -20,7 +20,7 @@ #include #include "modes_lcl.h" #include "internal/constant_time_locl.h" -#include "internal/evp_int.h" +#include "crypto/evp.h" typedef struct { AES_KEY ks; diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c index fcaceb3bca..a6998bad54 100644 --- a/crypto/evp/e_aria.c +++ b/crypto/evp/e_aria.c @@ -14,8 +14,8 @@ # include # include # include -# include "internal/aria.h" -# include "internal/evp_int.h" +# include "crypto/aria.h" +# include "crypto/evp.h" # include "modes_lcl.h" # include "evp_locl.h" diff --git a/crypto/evp/e_bf.c b/crypto/evp/e_bf.c index dc386905c5..9a065582c6 100644 --- a/crypto/evp/e_bf.c +++ b/crypto/evp/e_bf.c @@ -11,7 +11,7 @@ #include "internal/cryptlib.h" #ifndef OPENSSL_NO_BF # include -# include "internal/evp_int.h" +# include "crypto/evp.h" # include # include diff --git a/crypto/evp/e_camellia.c b/crypto/evp/e_camellia.c index 2df4a6e3e0..d70d3964cf 100644 --- a/crypto/evp/e_camellia.c +++ b/crypto/evp/e_camellia.c @@ -17,7 +17,7 @@ NON_EMPTY_TRANSLATION_UNIT # include # include # include -# include "internal/evp_int.h" +# include "crypto/evp.h" # include "modes_lcl.h" static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, diff --git a/crypto/evp/e_cast.c b/crypto/evp/e_cast.c index 259d44059b..df9f445bd0 100644 --- a/crypto/evp/e_cast.c +++ b/crypto/evp/e_cast.c @@ -13,7 +13,7 @@ #ifndef OPENSSL_NO_CAST # include # include -# include "internal/evp_int.h" +# include "crypto/evp.h" # include static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, diff --git a/crypto/evp/e_chacha20_poly1305.c b/crypto/evp/e_chacha20_poly1305.c index 435a38d365..5d7dca3ba6 100644 --- a/crypto/evp/e_chacha20_poly1305.c +++ b/crypto/evp/e_chacha20_poly1305.c @@ -15,8 +15,8 @@ # include # include # include "evp_locl.h" -# include "internal/evp_int.h" -# include "internal/chacha.h" +# include "crypto/evp.h" +# include "crypto/chacha.h" typedef struct { union { @@ -146,7 +146,7 @@ const EVP_CIPHER *EVP_chacha20(void) } # ifndef OPENSSL_NO_POLY1305 -# include "internal/poly1305.h" +# include "crypto/poly1305.h" typedef struct { EVP_CHACHA_KEY key; diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c index c13fb3e25a..6d6e919af6 100644 --- a/crypto/evp/e_des.c +++ b/crypto/evp/e_des.c @@ -12,7 +12,7 @@ #ifndef OPENSSL_NO_DES # include # include -# include "internal/evp_int.h" +# include "crypto/evp.h" # include # include diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index 6b492ce470..bb426bd9b4 100644 --- a/crypto/evp/e_des3.c +++ b/crypto/evp/e_des3.c @@ -12,7 +12,7 @@ #ifndef OPENSSL_NO_DES # include # include -# include "internal/evp_int.h" +# include "crypto/evp.h" # include # include # include "evp_locl.h" diff --git a/crypto/evp/e_idea.c b/crypto/evp/e_idea.c index 93f6a4131f..1068378ddc 100644 --- a/crypto/evp/e_idea.c +++ b/crypto/evp/e_idea.c @@ -13,7 +13,7 @@ #ifndef OPENSSL_NO_IDEA # include # include -# include "internal/evp_int.h" +# include "crypto/evp.h" # include /* Can't use IMPLEMENT_BLOCK_CIPHER because IDEA_ecb_encrypt is different */ diff --git a/crypto/evp/e_null.c b/crypto/evp/e_null.c index 18a8468216..0725454a3a 100644 --- a/crypto/evp/e_null.c +++ b/crypto/evp/e_null.c @@ -11,7 +11,7 @@ #include "internal/cryptlib.h" #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc); diff --git a/crypto/evp/e_rc2.c b/crypto/evp/e_rc2.c index aa0d140186..4d8a0ee4b0 100644 --- a/crypto/evp/e_rc2.c +++ b/crypto/evp/e_rc2.c @@ -14,7 +14,7 @@ # include # include -# include "internal/evp_int.h" +# include "crypto/evp.h" # include static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, diff --git a/crypto/evp/e_rc4.c b/crypto/evp/e_rc4.c index d16abdd0d2..c24bc8fe59 100644 --- a/crypto/evp/e_rc4.c +++ b/crypto/evp/e_rc4.c @@ -16,7 +16,7 @@ # include # include -# include "internal/evp_int.h" +# include "crypto/evp.h" typedef struct { RC4_KEY ks; /* working key */ diff --git a/crypto/evp/e_rc4_hmac_md5.c b/crypto/evp/e_rc4_hmac_md5.c index b1e8ccd6dd..201ce44343 100644 --- a/crypto/evp/e_rc4_hmac_md5.c +++ b/crypto/evp/e_rc4_hmac_md5.c @@ -19,7 +19,7 @@ # include # include # include -# include "internal/evp_int.h" +# include "crypto/evp.h" typedef struct { RC4_KEY ks; diff --git a/crypto/evp/e_rc5.c b/crypto/evp/e_rc5.c index dc5589b688..a105339190 100644 --- a/crypto/evp/e_rc5.c +++ b/crypto/evp/e_rc5.c @@ -13,7 +13,7 @@ #ifndef OPENSSL_NO_RC5 # include -# include "internal/evp_int.h" +# include "crypto/evp.h" # include # include "evp_locl.h" # include diff --git a/crypto/evp/e_seed.c b/crypto/evp/e_seed.c index 40aec5fc6a..aeb2363bea 100644 --- a/crypto/evp/e_seed.c +++ b/crypto/evp/e_seed.c @@ -16,7 +16,7 @@ NON_EMPTY_TRANSLATION_UNIT # include # include # include -# include "internal/evp_int.h" +# include "crypto/evp.h" static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc); diff --git a/crypto/evp/e_sm4.c b/crypto/evp/e_sm4.c index 79deb65636..fce32794fc 100644 --- a/crypto/evp/e_sm4.c +++ b/crypto/evp/e_sm4.c @@ -13,8 +13,8 @@ #ifndef OPENSSL_NO_SM4 # include # include -# include "internal/sm4.h" -# include "internal/evp_int.h" +# include "crypto/sm4.h" +# include "crypto/evp.h" typedef struct { SM4_KEY ks; diff --git a/crypto/evp/e_xcbc_d.c b/crypto/evp/e_xcbc_d.c index 57ce813da8..b730775422 100644 --- a/crypto/evp/e_xcbc_d.c +++ b/crypto/evp/e_xcbc_d.c @@ -14,7 +14,7 @@ # include # include -# include "internal/evp_int.h" +# include "crypto/evp.h" # include static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c index da32d4fd19..e70f80f5c9 100644 --- a/crypto/evp/encode.c +++ b/crypto/evp/encode.c @@ -12,7 +12,7 @@ #include "internal/cryptlib.h" #include #include "evp_locl.h" -#include "internal/evp_int.h" +#include "crypto/evp.h" static unsigned char conv_ascii2bin(unsigned char a, const unsigned char *table); diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 05dd791b6c..ddf3045f56 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -15,7 +15,7 @@ #include #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" #include "evp_locl.h" int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *c) diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c index 4935c2a94a..1931e5a3a9 100644 --- a/crypto/evp/evp_lib.c +++ b/crypto/evp/evp_lib.c @@ -11,7 +11,7 @@ #include "internal/cryptlib.h" #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" #include "evp_locl.h" int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index e61a8761a9..586b74605c 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -12,9 +12,9 @@ #include "internal/cryptlib.h" #include #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" -#include "internal/x509_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" +#include "crypto/x509.h" /* Extract a private key from a PKCS8 structure */ diff --git a/crypto/evp/m_md2.c b/crypto/evp/m_md2.c index c4e28ae17a..1aec518523 100644 --- a/crypto/evp/m_md2.c +++ b/crypto/evp/m_md2.c @@ -18,7 +18,7 @@ # include # include -#include "internal/evp_int.h" +#include "crypto/evp.h" static int init(EVP_MD_CTX *ctx) { diff --git a/crypto/evp/m_md4.c b/crypto/evp/m_md4.c index 0efc586dba..45d2cafee1 100644 --- a/crypto/evp/m_md4.c +++ b/crypto/evp/m_md4.c @@ -17,7 +17,7 @@ # include # include # include -# include "internal/evp_int.h" +# include "crypto/evp.h" static int init(EVP_MD_CTX *ctx) { diff --git a/crypto/evp/m_md5.c b/crypto/evp/m_md5.c index 3d96ae93b6..d26b5a4d31 100644 --- a/crypto/evp/m_md5.c +++ b/crypto/evp/m_md5.c @@ -17,7 +17,7 @@ # include # include # include -# include "internal/evp_int.h" +# include "crypto/evp.h" static int init(EVP_MD_CTX *ctx) { diff --git a/crypto/evp/m_md5_sha1.c b/crypto/evp/m_md5_sha1.c index 2d98886ba0..eeec2b13e9 100644 --- a/crypto/evp/m_md5_sha1.c +++ b/crypto/evp/m_md5_sha1.c @@ -15,7 +15,7 @@ # include # include # include "internal/cryptlib.h" -# include "internal/evp_int.h" +# include "crypto/evp.h" # include struct md5_sha1_ctx { diff --git a/crypto/evp/m_mdc2.c b/crypto/evp/m_mdc2.c index 1051a9070f..fffa751efd 100644 --- a/crypto/evp/m_mdc2.c +++ b/crypto/evp/m_mdc2.c @@ -17,7 +17,7 @@ # include # include # include -# include "internal/evp_int.h" +# include "crypto/evp.h" static int init(EVP_MD_CTX *ctx) { diff --git a/crypto/evp/m_null.c b/crypto/evp/m_null.c index 5dce1d510e..0847139df1 100644 --- a/crypto/evp/m_null.c +++ b/crypto/evp/m_null.c @@ -12,7 +12,7 @@ #include #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" static int init(EVP_MD_CTX *ctx) { diff --git a/crypto/evp/m_ripemd.c b/crypto/evp/m_ripemd.c index 7ab320843c..d93ad24fe5 100644 --- a/crypto/evp/m_ripemd.c +++ b/crypto/evp/m_ripemd.c @@ -17,7 +17,7 @@ # include # include # include -# include "internal/evp_int.h" +# include "crypto/evp.h" static int init(EVP_MD_CTX *ctx) { diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c index ac52417855..22b9bbc7d8 100644 --- a/crypto/evp/m_sha1.c +++ b/crypto/evp/m_sha1.c @@ -14,8 +14,8 @@ #include #include #include -#include "internal/evp_int.h" -#include "internal/sha.h" +#include "crypto/evp.h" +#include "crypto/sha.h" static int init(EVP_MD_CTX *ctx) { diff --git a/crypto/evp/m_sha3.c b/crypto/evp/m_sha3.c index 01cf57d313..e0f8e9e416 100644 --- a/crypto/evp/m_sha3.c +++ b/crypto/evp/m_sha3.c @@ -12,7 +12,7 @@ #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" #include "evp_locl.h" size_t SHA3_absorb(uint64_t A[5][5], const unsigned char *inp, size_t len, diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index 94e37f02b2..e16546f7e0 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -12,7 +12,7 @@ #include #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" #include "evp_locl.h" static int update(EVP_MD_CTX *ctx, const void *data, size_t datalen) diff --git a/crypto/evp/m_wp.c b/crypto/evp/m_wp.c index 27e2b3c5ca..5ce15d2d5e 100644 --- a/crypto/evp/m_wp.c +++ b/crypto/evp/m_wp.c @@ -16,7 +16,7 @@ # include # include # include -# include "internal/evp_int.h" +# include "crypto/evp.h" static int init(EVP_MD_CTX *ctx) { diff --git a/crypto/evp/names.c b/crypto/evp/names.c index 077c2a6c4b..90c7b73b7a 100644 --- a/crypto/evp/names.c +++ b/crypto/evp/names.c @@ -10,9 +10,9 @@ #include #include "internal/cryptlib.h" #include -#include "internal/objects.h" +#include "crypto/objects.h" #include -#include "internal/evp_int.h" +#include "crypto/evp.h" int EVP_add_cipher(const EVP_CIPHER *c) { diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 3cd7ca8d54..e57fa9e289 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -21,8 +21,8 @@ #include #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" static void EVP_PKEY_free_it(EVP_PKEY *x); diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c index 6cb442e4f9..0383294a87 100644 --- a/crypto/evp/p_sign.c +++ b/crypto/evp/p_sign.c @@ -12,7 +12,7 @@ #include #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, EVP_PKEY *pkey) diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c index 6e8c565dfd..e27196f7c2 100644 --- a/crypto/evp/p_verify.c +++ b/crypto/evp/p_verify.c @@ -12,7 +12,7 @@ #include #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey) diff --git a/crypto/evp/pmeth_fn.c b/crypto/evp/pmeth_fn.c index de1c07e171..02f4093461 100644 --- a/crypto/evp/pmeth_fn.c +++ b/crypto/evp/pmeth_fn.c @@ -12,7 +12,7 @@ #include "internal/cryptlib.h" #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" #define M_check_autoarg(ctx, arg, arglen, err) \ if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) { \ diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c index e14965f333..3ad6d5c7c7 100644 --- a/crypto/evp/pmeth_gn.c +++ b/crypto/evp/pmeth_gn.c @@ -12,9 +12,9 @@ #include "internal/cryptlib.h" #include #include -#include "internal/bn_int.h" -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/bn.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx) { diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 7fbf895e07..d44063de53 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -13,8 +13,8 @@ #include #include #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" #include "internal/numbers.h" typedef int sk_cmp_fn_type(const char *const *a, const char *const *b); diff --git a/crypto/ex_data.c b/crypto/ex_data.c index 08dc7c4073..22f3b70edf 100644 --- a/crypto/ex_data.c +++ b/crypto/ex_data.c @@ -7,7 +7,7 @@ * https://www.openssl.org/source/license.html */ -#include "internal/cryptlib_int.h" +#include "crypto/cryptlib.h" #include "internal/thread_once.h" /* diff --git a/crypto/hmac/hm_ameth.c b/crypto/hmac/hm_ameth.c index fa204e9068..638f61b586 100644 --- a/crypto/hmac/hm_ameth.c +++ b/crypto/hmac/hm_ameth.c @@ -10,8 +10,8 @@ #include #include "internal/cryptlib.h" #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" /* * HMAC "ASN1" method. This is just here to indicate the maximum HMAC output diff --git a/crypto/hmac/hm_pmeth.c b/crypto/hmac/hm_pmeth.c index 55dd27d63b..56f98707f5 100644 --- a/crypto/hmac/hm_pmeth.c +++ b/crypto/hmac/hm_pmeth.c @@ -14,7 +14,7 @@ #include #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" /* HMAC pkey context structure */ diff --git a/crypto/include/internal/__DECC_INCLUDE_EPILOGUE.H b/crypto/include/internal/__DECC_INCLUDE_EPILOGUE.H deleted file mode 100644 index c350018ad1..0000000000 --- a/crypto/include/internal/__DECC_INCLUDE_EPILOGUE.H +++ /dev/null @@ -1,16 +0,0 @@ -/* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * This file is only used by HP C on VMS, and is included automatically - * after each header file from this directory - */ - -/* restore state. Must correspond to the save in __decc_include_prologue.h */ -#pragma names restore diff --git a/crypto/include/internal/__DECC_INCLUDE_PROLOGUE.H b/crypto/include/internal/__DECC_INCLUDE_PROLOGUE.H deleted file mode 100644 index 9a9c777f93..0000000000 --- a/crypto/include/internal/__DECC_INCLUDE_PROLOGUE.H +++ /dev/null @@ -1,20 +0,0 @@ -/* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * This file is only used by HP C on VMS, and is included automatically - * after each header file from this directory - */ - -/* save state */ -#pragma names save -/* have the compiler shorten symbols larger than 31 chars to 23 chars - * followed by a 8 hex char CRC - */ -#pragma names as_is,shortened diff --git a/crypto/include/internal/aria.h b/crypto/include/internal/aria.h deleted file mode 100644 index 355abe5398..0000000000 --- a/crypto/include/internal/aria.h +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved. - * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - - /* Copyright (c) 2017 National Security Research Institute. All rights reserved. */ - -#ifndef HEADER_ARIA_H -# define HEADER_ARIA_H - -# include - -# ifdef OPENSSL_NO_ARIA -# error ARIA is disabled. -# endif - -# define ARIA_ENCRYPT 1 -# define ARIA_DECRYPT 0 - -# define ARIA_BLOCK_SIZE 16 /* Size of each encryption/decryption block */ -# define ARIA_MAX_KEYS 17 /* Number of keys needed in the worst case */ - -typedef union { - unsigned char c[ARIA_BLOCK_SIZE]; - unsigned int u[ARIA_BLOCK_SIZE / sizeof(unsigned int)]; -} ARIA_u128; - -typedef unsigned char ARIA_c128[ARIA_BLOCK_SIZE]; - -struct aria_key_st { - ARIA_u128 rd_key[ARIA_MAX_KEYS]; - unsigned int rounds; -}; -typedef struct aria_key_st ARIA_KEY; - - -int aria_set_encrypt_key(const unsigned char *userKey, const int bits, - ARIA_KEY *key); -int aria_set_decrypt_key(const unsigned char *userKey, const int bits, - ARIA_KEY *key); - -void aria_encrypt(const unsigned char *in, unsigned char *out, - const ARIA_KEY *key); - -#endif diff --git a/crypto/include/internal/asn1_int.h b/crypto/include/internal/asn1_int.h deleted file mode 100644 index 9c9b4d8974..0000000000 --- a/crypto/include/internal/asn1_int.h +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* Internal ASN1 structures and functions: not for application use */ - -/* ASN1 public key method structure */ - -struct evp_pkey_asn1_method_st { - int pkey_id; - int pkey_base_id; - unsigned long pkey_flags; - char *pem_str; - char *info; - int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub); - int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk); - int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b); - int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx); - int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf); - int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk); - int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx); - int (*pkey_size) (const EVP_PKEY *pk); - int (*pkey_bits) (const EVP_PKEY *pk); - int (*pkey_security_bits) (const EVP_PKEY *pk); - int (*param_decode) (EVP_PKEY *pkey, - const unsigned char **pder, int derlen); - int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder); - int (*param_missing) (const EVP_PKEY *pk); - int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from); - int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b); - int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx); - int (*sig_print) (BIO *out, - const X509_ALGOR *sigalg, const ASN1_STRING *sig, - int indent, ASN1_PCTX *pctx); - void (*pkey_free) (EVP_PKEY *pkey); - int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2); - /* Legacy functions for old PEM */ - int (*old_priv_decode) (EVP_PKEY *pkey, - const unsigned char **pder, int derlen); - int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder); - /* Custom ASN1 signature verification */ - int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, - X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey); - int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, - X509_ALGOR *alg1, X509_ALGOR *alg2, - ASN1_BIT_STRING *sig); - int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg, - const ASN1_STRING *sig); - /* Check */ - int (*pkey_check) (const EVP_PKEY *pk); - int (*pkey_public_check) (const EVP_PKEY *pk); - int (*pkey_param_check) (const EVP_PKEY *pk); - /* Get/set raw private/public key data */ - int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len); - int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len); - int (*get_priv_key) (const EVP_PKEY *pk, unsigned char *priv, size_t *len); - int (*get_pub_key) (const EVP_PKEY *pk, unsigned char *pub, size_t *len); -} /* EVP_PKEY_ASN1_METHOD */ ; - -DEFINE_STACK_OF_CONST(EVP_PKEY_ASN1_METHOD) - -extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD dhx_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[5]; -extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD ecx25519_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD ecx448_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD ed448_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD sm2_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD poly1305_asn1_meth; - -extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[2]; -extern const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD siphash_asn1_meth; - -/* - * These are used internally in the ASN1_OBJECT to keep track of whether the - * names and data need to be free()ed - */ -# define ASN1_OBJECT_FLAG_DYNAMIC 0x01/* internal use */ -# define ASN1_OBJECT_FLAG_CRITICAL 0x02/* critical x509v3 object id */ -# define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04/* internal use */ -# define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08/* internal use */ -struct asn1_object_st { - const char *sn, *ln; - int nid; - int length; - const unsigned char *data; /* data remains const after init */ - int flags; /* Should we free this one */ -}; - -/* ASN1 print context structure */ - -struct asn1_pctx_st { - unsigned long flags; - unsigned long nm_flags; - unsigned long cert_flags; - unsigned long oid_flags; - unsigned long str_flags; -} /* ASN1_PCTX */ ; - -int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb); diff --git a/crypto/include/internal/async.h b/crypto/include/internal/async.h deleted file mode 100644 index dc8e937b0c..0000000000 --- a/crypto/include/internal/async.h +++ /dev/null @@ -1,15 +0,0 @@ -/* - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include - -int async_init(void); -void async_deinit(void); -void async_delete_thread_state(void); - diff --git a/crypto/include/internal/bn_conf.h.in b/crypto/include/internal/bn_conf.h.in deleted file mode 100644 index ec6e4f6c1b..0000000000 --- a/crypto/include/internal/bn_conf.h.in +++ /dev/null @@ -1,27 +0,0 @@ -{- join("\n",map { "/* $_ */" } @autowarntext) -} -/* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef HEADER_BN_CONF_H -# define HEADER_BN_CONF_H - -/* - * The contents of this file are not used in the UEFI build, as - * both 32-bit and 64-bit builds are supported from a single run - * of the Configure script. - */ - -/* Should we define BN_DIV2W here? */ - -/* Only one for the following should be defined */ -{- $config{b64l} ? "#define" : "#undef" -} SIXTY_FOUR_BIT_LONG -{- $config{b64} ? "#define" : "#undef" -} SIXTY_FOUR_BIT -{- $config{b32} ? "#define" : "#undef" -} THIRTY_TWO_BIT - -#endif diff --git a/crypto/include/internal/bn_dh.h b/crypto/include/internal/bn_dh.h deleted file mode 100644 index 70ebca2875..0000000000 --- a/crypto/include/internal/bn_dh.h +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#define declare_dh_bn(x) \ - extern const BIGNUM _bignum_dh##x##_p; \ - extern const BIGNUM _bignum_dh##x##_g; \ - extern const BIGNUM _bignum_dh##x##_q; - -declare_dh_bn(1024_160) -declare_dh_bn(2048_224) -declare_dh_bn(2048_256) - -extern const BIGNUM _bignum_ffdhe2048_p; -extern const BIGNUM _bignum_ffdhe3072_p; -extern const BIGNUM _bignum_ffdhe4096_p; -extern const BIGNUM _bignum_ffdhe6144_p; -extern const BIGNUM _bignum_ffdhe8192_p; -extern const BIGNUM _bignum_const_2; diff --git a/crypto/include/internal/bn_int.h b/crypto/include/internal/bn_int.h deleted file mode 100644 index 30be7efe14..0000000000 --- a/crypto/include/internal/bn_int.h +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef HEADER_BN_INT_H -# define HEADER_BN_INT_H - -# include -# include - -BIGNUM *bn_wexpand(BIGNUM *a, int words); -BIGNUM *bn_expand2(BIGNUM *a, int words); - -void bn_correct_top(BIGNUM *a); - -/* - * Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'. - * This is an array r[] of values that are either zero or odd with an - * absolute value less than 2^w satisfying scalar = \sum_j r[j]*2^j where at - * most one of any w+1 consecutive digits is non-zero with the exception that - * the most significant digit may be only w-1 zeros away from that next - * non-zero digit. - */ -signed char *bn_compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len); - -int bn_get_top(const BIGNUM *a); - -int bn_get_dmax(const BIGNUM *a); - -/* Set all words to zero */ -void bn_set_all_zero(BIGNUM *a); - -/* - * Copy the internal BIGNUM words into out which holds size elements (and size - * must be bigger than top) - */ -int bn_copy_words(BN_ULONG *out, const BIGNUM *in, int size); - -BN_ULONG *bn_get_words(const BIGNUM *a); - -/* - * Set the internal data words in a to point to words which contains size - * elements. The BN_FLG_STATIC_DATA flag is set - */ -void bn_set_static_words(BIGNUM *a, const BN_ULONG *words, int size); - -/* - * Copy words into the BIGNUM |a|, reallocating space as necessary. - * The negative flag of |a| is not modified. - * Returns 1 on success and 0 on failure. - */ -/* - * |num_words| is int because bn_expand2 takes an int. This is an internal - * function so we simply trust callers not to pass negative values. - */ -int bn_set_words(BIGNUM *a, const BN_ULONG *words, int num_words); - -/* - * Some BIGNUM functions assume most significant limb to be non-zero, which - * is customarily arranged by bn_correct_top. Output from below functions - * is not processed with bn_correct_top, and for this reason it may not be - * returned out of public API. It may only be passed internally into other - * functions known to support non-minimal or zero-padded BIGNUMs. Even - * though the goal is to facilitate constant-time-ness, not each subroutine - * is constant-time by itself. They all have pre-conditions, consult source - * code... - */ -int bn_mul_mont_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - BN_MONT_CTX *mont, BN_CTX *ctx); -int bn_to_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont, - BN_CTX *ctx); -int bn_from_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont, - BN_CTX *ctx); -int bn_mod_add_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const BIGNUM *m); -int bn_mod_sub_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const BIGNUM *m); -int bn_mul_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); -int bn_sqr_fixed_top(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx); -int bn_lshift_fixed_top(BIGNUM *r, const BIGNUM *a, int n); -int bn_rshift_fixed_top(BIGNUM *r, const BIGNUM *a, int n); -int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, - const BIGNUM *d, BN_CTX *ctx); - -#endif diff --git a/crypto/include/internal/bn_srp.h b/crypto/include/internal/bn_srp.h deleted file mode 100644 index d4b282a6bb..0000000000 --- a/crypto/include/internal/bn_srp.h +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef OPENSSL_NO_SRP - -extern const BIGNUM bn_group_1024; - -extern const BIGNUM bn_group_1536; - -extern const BIGNUM bn_group_2048; - -extern const BIGNUM bn_group_3072; - -extern const BIGNUM bn_group_4096; - -extern const BIGNUM bn_group_6144; - -extern const BIGNUM bn_group_8192; - -extern const BIGNUM bn_generator_19; - -extern const BIGNUM bn_generator_5; - -extern const BIGNUM bn_generator_2; - -#endif diff --git a/crypto/include/internal/chacha.h b/crypto/include/internal/chacha.h deleted file mode 100644 index 67243f2228..0000000000 --- a/crypto/include/internal/chacha.h +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef HEADER_CHACHA_H -#define HEADER_CHACHA_H - -#include - -/* - * ChaCha20_ctr32 encrypts |len| bytes from |inp| with the given key and - * nonce and writes the result to |out|, which may be equal to |inp|. - * The |key| is not 32 bytes of verbatim key material though, but the - * said material collected into 8 32-bit elements array in host byte - * order. Same approach applies to nonce: the |counter| argument is - * pointer to concatenated nonce and counter values collected into 4 - * 32-bit elements. This, passing crypto material collected into 32-bit - * elements as opposite to passing verbatim byte vectors, is chosen for - * efficiency in multi-call scenarios. - */ -void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp, - size_t len, const unsigned int key[8], - const unsigned int counter[4]); -/* - * You can notice that there is no key setup procedure. Because it's - * as trivial as collecting bytes into 32-bit elements, it's reckoned - * that below macro is sufficient. - */ -#define CHACHA_U8TOU32(p) ( \ - ((unsigned int)(p)[0]) | ((unsigned int)(p)[1]<<8) | \ - ((unsigned int)(p)[2]<<16) | ((unsigned int)(p)[3]<<24) ) - -#define CHACHA_KEY_SIZE 32 -#define CHACHA_CTR_SIZE 16 -#define CHACHA_BLK_SIZE 64 - -#endif diff --git a/crypto/include/internal/cryptlib_int.h b/crypto/include/internal/cryptlib_int.h deleted file mode 100644 index 38b5dac9a3..0000000000 --- a/crypto/include/internal/cryptlib_int.h +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include "internal/cryptlib.h" - -/* This file is not scanned by mkdef.pl, whereas cryptlib.h is */ - -struct thread_local_inits_st { - int async; - int err_state; - int rand; -}; - -int ossl_init_thread_start(uint64_t opts); - -/* - * OPENSSL_INIT flags. The primary list of these is in crypto.h. Flags below - * are those omitted from crypto.h because they are "reserved for internal - * use". - */ -# define OPENSSL_INIT_ZLIB 0x00010000L -# define OPENSSL_INIT_BASE_ONLY 0x00040000L - -/* OPENSSL_INIT_THREAD flags */ -# define OPENSSL_INIT_THREAD_ASYNC 0x01 -# define OPENSSL_INIT_THREAD_ERR_STATE 0x02 -# define OPENSSL_INIT_THREAD_RAND 0x04 - -void ossl_malloc_setup_failures(void); diff --git a/crypto/include/internal/ctype.h b/crypto/include/internal/ctype.h deleted file mode 100644 index 9f3a58339c..0000000000 --- a/crypto/include/internal/ctype.h +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * This version of ctype.h provides a standardised and platform - * independent implementation that supports seven bit ASCII characters. - * The specific intent is to not pass extended ASCII characters (> 127) - * even if the host operating system would. - * - * There is EBCDIC support included for machines which use this. However, - * there are a number of concerns about how well EBCDIC is supported - * throughout the rest of the source code. Refer to issue #4154 for - * details. - */ -#ifndef INTERNAL_CTYPE_H -# define INTERNAL_CTYPE_H - -# define CTYPE_MASK_lower 0x1 -# define CTYPE_MASK_upper 0x2 -# define CTYPE_MASK_digit 0x4 -# define CTYPE_MASK_space 0x8 -# define CTYPE_MASK_xdigit 0x10 -# define CTYPE_MASK_blank 0x20 -# define CTYPE_MASK_cntrl 0x40 -# define CTYPE_MASK_graph 0x80 -# define CTYPE_MASK_print 0x100 -# define CTYPE_MASK_punct 0x200 -# define CTYPE_MASK_base64 0x400 -# define CTYPE_MASK_asn1print 0x800 - -# define CTYPE_MASK_alpha (CTYPE_MASK_lower | CTYPE_MASK_upper) -# define CTYPE_MASK_alnum (CTYPE_MASK_alpha | CTYPE_MASK_digit) - -/* - * The ascii mask assumes that any other classification implies that - * the character is ASCII and that there are no ASCII characters - * that aren't in any of the classifications. - * - * This assumption holds at the moment, but it might not in the future. - */ -# define CTYPE_MASK_ascii (~0) - -# ifdef CHARSET_EBCDIC -int ossl_toascii(int c); -int ossl_fromascii(int c); -# else -# define ossl_toascii(c) (c) -# define ossl_fromascii(c) (c) -# endif -int ossl_ctype_check(int c, unsigned int mask); -int ossl_tolower(int c); -int ossl_toupper(int c); - -int ascii_isdigit(const char inchar); - -# define ossl_isalnum(c) (ossl_ctype_check((c), CTYPE_MASK_alnum)) -# define ossl_isalpha(c) (ossl_ctype_check((c), CTYPE_MASK_alpha)) -# ifdef CHARSET_EBCDIC -# define ossl_isascii(c) (ossl_ctype_check((c), CTYPE_MASK_ascii)) -# else -# define ossl_isascii(c) (((c) & ~127) == 0) -# endif -# define ossl_isblank(c) (ossl_ctype_check((c), CTYPE_MASK_blank)) -# define ossl_iscntrl(c) (ossl_ctype_check((c), CTYPE_MASK_cntrl)) -# define ossl_isdigit(c) (ossl_ctype_check((c), CTYPE_MASK_digit)) -# define ossl_isgraph(c) (ossl_ctype_check((c), CTYPE_MASK_graph)) -# define ossl_islower(c) (ossl_ctype_check((c), CTYPE_MASK_lower)) -# define ossl_isprint(c) (ossl_ctype_check((c), CTYPE_MASK_print)) -# define ossl_ispunct(c) (ossl_ctype_check((c), CTYPE_MASK_punct)) -# define ossl_isspace(c) (ossl_ctype_check((c), CTYPE_MASK_space)) -# define ossl_isupper(c) (ossl_ctype_check((c), CTYPE_MASK_upper)) -# define ossl_isxdigit(c) (ossl_ctype_check((c), CTYPE_MASK_xdigit)) -# define ossl_isbase64(c) (ossl_ctype_check((c), CTYPE_MASK_base64)) -# define ossl_isasn1print(c) (ossl_ctype_check((c), CTYPE_MASK_asn1print)) - -#endif diff --git a/crypto/include/internal/dso_conf.h.in b/crypto/include/internal/dso_conf.h.in deleted file mode 100644 index b2ace48a80..0000000000 --- a/crypto/include/internal/dso_conf.h.in +++ /dev/null @@ -1,31 +0,0 @@ -{- join("\n",map { "/* $_ */" } @autowarntext) -} -/* - * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef HEADER_DSO_CONF_H -# define HEADER_DSO_CONF_H -{- # The DSO code currently always implements all functions so that no - # applications will have to worry about that from a compilation point - # of view. However, the "method"s may return zero unless that platform - # has support compiled in for them. Currently each method is enabled - # by a define "DSO_" ... we translate the "dso_scheme" config - # string entry into using the following logic; - my $scheme = $disabled{dso} ? undef : uc $target{dso_scheme}; - if (!$scheme) { - $scheme = "NONE"; - } - my @macros = ( "DSO_$scheme" ); - if ($scheme eq 'DLFCN') { - @macros = ( "DSO_DLFCN", "HAVE_DLFCN_H" ); - } elsif ($scheme eq "DLFCN_NO_H") { - @macros = ( "DSO_DLFCN" ); - } - join("\n", map { "# define $_" } @macros); -} -# define DSO_EXTENSION "{- $target{dso_extension} -}" -#endif diff --git a/crypto/include/internal/ec_int.h b/crypto/include/internal/ec_int.h deleted file mode 100644 index 182c39cc80..0000000000 --- a/crypto/include/internal/ec_int.h +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* Internal EC functions for other submodules: not for application use */ - -#ifndef HEADER_OSSL_EC_INTERNAL_H -# define HEADER_OSSL_EC_INTERNAL_H -# include - -# ifndef OPENSSL_NO_EC - -# include - -/*- - * Computes the multiplicative inverse of x in the range - * [1,EC_GROUP::order), where EC_GROUP::order is the cardinality of the - * subgroup generated by the generator G: - * - * res := x^(-1) (mod EC_GROUP::order). - * - * This function expects the following two conditions to hold: - * - the EC_GROUP order is prime, and - * - x is included in the range [1, EC_GROUP::order). - * - * This function returns 1 on success, 0 on error. - * - * If the EC_GROUP order is even, this function explicitly returns 0 as - * an error. - * In case any of the two conditions stated above is not satisfied, - * the correctness of its output is not guaranteed, even if the return - * value could still be 1 (as primality testing and a conditional modular - * reduction round on the input can be omitted by the underlying - * implementations for better SCA properties on regular input values). - */ -__owur int ec_group_do_inverse_ord(const EC_GROUP *group, BIGNUM *res, - const BIGNUM *x, BN_CTX *ctx); - -/*- - * ECDH Key Derivation Function as defined in ANSI X9.63 - */ -int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, - const unsigned char *Z, size_t Zlen, - const unsigned char *sinfo, size_t sinfolen, - const EVP_MD *md); - -# endif /* OPENSSL_NO_EC */ -#endif diff --git a/crypto/include/internal/engine.h b/crypto/include/internal/engine.h deleted file mode 100644 index f80ae3ec30..0000000000 --- a/crypto/include/internal/engine.h +++ /dev/null @@ -1,20 +0,0 @@ -/* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include - -void engine_load_openssl_int(void); -void engine_load_devcrypto_int(void); -void engine_load_rdrand_int(void); -void engine_load_dynamic_int(void); -void engine_load_padlock_int(void); -void engine_load_capi_int(void); -void engine_load_dasync_int(void); -void engine_load_afalg_int(void); -void engine_cleanup_int(void); diff --git a/crypto/include/internal/err_int.h b/crypto/include/internal/err_int.h deleted file mode 100644 index 44ac944627..0000000000 --- a/crypto/include/internal/err_int.h +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef INTERNAL_ERR_INT_H -# define INTERNAL_ERR_INT_H - -int err_load_crypto_strings_int(void); -void err_cleanup(void); -void err_delete_thread_state(void); -int err_shelve_state(void **); -void err_unshelve_state(void *); - -#endif diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h deleted file mode 100644 index d86aed36f0..0000000000 --- a/crypto/include/internal/evp_int.h +++ /dev/null @@ -1,442 +0,0 @@ -/* - * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include -#include "internal/refcount.h" - -/* - * Don't free up md_ctx->pctx in EVP_MD_CTX_reset, use the reserved flag - * values in evp.h - */ -#define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400 - -struct evp_pkey_ctx_st { - /* Method associated with this operation */ - const EVP_PKEY_METHOD *pmeth; - /* Engine that implements this method or NULL if builtin */ - ENGINE *engine; - /* Key: may be NULL */ - EVP_PKEY *pkey; - /* Peer key for key agreement, may be NULL */ - EVP_PKEY *peerkey; - /* Actual operation */ - int operation; - /* Algorithm specific data */ - void *data; - /* Application specific data */ - void *app_data; - /* Keygen callback */ - EVP_PKEY_gen_cb *pkey_gencb; - /* implementation specific keygen data */ - int *keygen_info; - int keygen_info_count; -} /* EVP_PKEY_CTX */ ; - -#define EVP_PKEY_FLAG_DYNAMIC 1 - -struct evp_pkey_method_st { - int pkey_id; - int flags; - int (*init) (EVP_PKEY_CTX *ctx); - int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src); - void (*cleanup) (EVP_PKEY_CTX *ctx); - int (*paramgen_init) (EVP_PKEY_CTX *ctx); - int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); - int (*keygen_init) (EVP_PKEY_CTX *ctx); - int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); - int (*sign_init) (EVP_PKEY_CTX *ctx); - int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen); - int (*verify_init) (EVP_PKEY_CTX *ctx); - int (*verify) (EVP_PKEY_CTX *ctx, - const unsigned char *sig, size_t siglen, - const unsigned char *tbs, size_t tbslen); - int (*verify_recover_init) (EVP_PKEY_CTX *ctx); - int (*verify_recover) (EVP_PKEY_CTX *ctx, - unsigned char *rout, size_t *routlen, - const unsigned char *sig, size_t siglen); - int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); - int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, - EVP_MD_CTX *mctx); - int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); - int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, - EVP_MD_CTX *mctx); - int (*encrypt_init) (EVP_PKEY_CTX *ctx); - int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen); - int (*decrypt_init) (EVP_PKEY_CTX *ctx); - int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, - const unsigned char *in, size_t inlen); - int (*derive_init) (EVP_PKEY_CTX *ctx); - int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); - int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2); - int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value); - int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen, - const unsigned char *tbs, size_t tbslen); - int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig, - size_t siglen, const unsigned char *tbs, - size_t tbslen); - int (*check) (EVP_PKEY *pkey); - int (*public_check) (EVP_PKEY *pkey); - int (*param_check) (EVP_PKEY *pkey); - - int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); -} /* EVP_PKEY_METHOD */ ; - -DEFINE_STACK_OF_CONST(EVP_PKEY_METHOD) - -void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx); - -extern const EVP_PKEY_METHOD cmac_pkey_meth; -extern const EVP_PKEY_METHOD dh_pkey_meth; -extern const EVP_PKEY_METHOD dhx_pkey_meth; -extern const EVP_PKEY_METHOD dsa_pkey_meth; -extern const EVP_PKEY_METHOD ec_pkey_meth; -extern const EVP_PKEY_METHOD sm2_pkey_meth; -extern const EVP_PKEY_METHOD ecx25519_pkey_meth; -extern const EVP_PKEY_METHOD ecx448_pkey_meth; -extern const EVP_PKEY_METHOD ed25519_pkey_meth; -extern const EVP_PKEY_METHOD ed448_pkey_meth; -extern const EVP_PKEY_METHOD hmac_pkey_meth; -extern const EVP_PKEY_METHOD rsa_pkey_meth; -extern const EVP_PKEY_METHOD rsa_pss_pkey_meth; -extern const EVP_PKEY_METHOD scrypt_pkey_meth; -extern const EVP_PKEY_METHOD tls1_prf_pkey_meth; -extern const EVP_PKEY_METHOD hkdf_pkey_meth; -extern const EVP_PKEY_METHOD poly1305_pkey_meth; -extern const EVP_PKEY_METHOD siphash_pkey_meth; - -struct evp_md_st { - int type; - int pkey_type; - int md_size; - unsigned long flags; - int (*init) (EVP_MD_CTX *ctx); - int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count); - int (*final) (EVP_MD_CTX *ctx, unsigned char *md); - int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from); - int (*cleanup) (EVP_MD_CTX *ctx); - int block_size; - int ctx_size; /* how big does the ctx->md_data need to be */ - /* control function */ - int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2); -} /* EVP_MD */ ; - -struct evp_cipher_st { - int nid; - int block_size; - /* Default value for variable length ciphers */ - int key_len; - int iv_len; - /* Various flags */ - unsigned long flags; - /* init key */ - int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); - /* encrypt/decrypt data */ - int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); - /* cleanup ctx */ - int (*cleanup) (EVP_CIPHER_CTX *); - /* how big ctx->cipher_data needs to be */ - int ctx_size; - /* Populate a ASN1_TYPE with parameters */ - int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *); - /* Get parameters from a ASN1_TYPE */ - int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *); - /* Miscellaneous operations */ - int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr); - /* Application data */ - void *app_data; -} /* EVP_CIPHER */ ; - -/* Macros to code block cipher wrappers */ - -/* Wrapper functions for each cipher mode */ - -#define EVP_C_DATA(kstruct, ctx) \ - ((kstruct *)EVP_CIPHER_CTX_get_cipher_data(ctx)) - -#define BLOCK_CIPHER_ecb_loop() \ - size_t i, bl; \ - bl = EVP_CIPHER_CTX_cipher(ctx)->block_size; \ - if (inl < bl) return 1;\ - inl -= bl; \ - for (i=0; i <= inl; i+=bl) - -#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \ -static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ -{\ - BLOCK_CIPHER_ecb_loop() \ - cprefix##_ecb_encrypt(in + i, out + i, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_encrypting(ctx)); \ - return 1;\ -} - -#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2)) - -#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \ - static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ -{\ - while(inl>=EVP_MAXCHUNK) {\ - int num = EVP_CIPHER_CTX_num(ctx);\ - cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \ - EVP_CIPHER_CTX_set_num(ctx, num);\ - inl-=EVP_MAXCHUNK;\ - in +=EVP_MAXCHUNK;\ - out+=EVP_MAXCHUNK;\ - }\ - if (inl) {\ - int num = EVP_CIPHER_CTX_num(ctx);\ - cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \ - EVP_CIPHER_CTX_set_num(ctx, num);\ - }\ - return 1;\ -} - -#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \ -static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ -{\ - while(inl>=EVP_MAXCHUNK) \ - {\ - cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\ - inl-=EVP_MAXCHUNK;\ - in +=EVP_MAXCHUNK;\ - out+=EVP_MAXCHUNK;\ - }\ - if (inl)\ - cprefix##_cbc_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\ - return 1;\ -} - -#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ -static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ -{\ - size_t chunk = EVP_MAXCHUNK;\ - if (cbits == 1) chunk >>= 3;\ - if (inl < chunk) chunk = inl;\ - while (inl && inl >= chunk)\ - {\ - int num = EVP_CIPHER_CTX_num(ctx);\ - cprefix##_cfb##cbits##_encrypt(in, out, (long) \ - ((cbits == 1) \ - && !EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS) \ - ? chunk*8 : chunk), \ - &EVP_C_DATA(kstruct, ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx),\ - &num, EVP_CIPHER_CTX_encrypting(ctx));\ - EVP_CIPHER_CTX_set_num(ctx, num);\ - inl -= chunk;\ - in += chunk;\ - out += chunk;\ - if (inl < chunk) chunk = inl;\ - }\ - return 1;\ -} - -#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \ - BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \ - BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ - BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \ - BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) - -#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \ - key_len, iv_len, flags, init_key, cleanup, \ - set_asn1, get_asn1, ctrl) \ -static const EVP_CIPHER cname##_##mode = { \ - nid##_##nmode, block_size, key_len, iv_len, \ - flags | EVP_CIPH_##MODE##_MODE, \ - init_key, \ - cname##_##mode##_cipher, \ - cleanup, \ - sizeof(kstruct), \ - set_asn1, get_asn1,\ - ctrl, \ - NULL \ -}; \ -const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; } - -#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \ - iv_len, flags, init_key, cleanup, set_asn1, \ - get_asn1, ctrl) \ -BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \ - iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl) - -#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \ - iv_len, cbits, flags, init_key, cleanup, \ - set_asn1, get_asn1, ctrl) \ -BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \ - key_len, iv_len, flags, init_key, cleanup, set_asn1, \ - get_asn1, ctrl) - -#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \ - iv_len, cbits, flags, init_key, cleanup, \ - set_asn1, get_asn1, ctrl) \ -BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \ - key_len, iv_len, flags, init_key, cleanup, set_asn1, \ - get_asn1, ctrl) - -#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \ - flags, init_key, cleanup, set_asn1, \ - get_asn1, ctrl) \ -BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \ - 0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl) - -#define BLOCK_CIPHER_defs(cname, kstruct, \ - nid, block_size, key_len, iv_len, cbits, flags, \ - init_key, cleanup, set_asn1, get_asn1, ctrl) \ -BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \ - init_key, cleanup, set_asn1, get_asn1, ctrl) \ -BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \ - flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \ -BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \ - flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \ -BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \ - init_key, cleanup, set_asn1, get_asn1, ctrl) - -/*- -#define BLOCK_CIPHER_defs(cname, kstruct, \ - nid, block_size, key_len, iv_len, flags,\ - init_key, cleanup, set_asn1, get_asn1, ctrl)\ -static const EVP_CIPHER cname##_cbc = {\ - nid##_cbc, block_size, key_len, iv_len, \ - flags | EVP_CIPH_CBC_MODE,\ - init_key,\ - cname##_cbc_cipher,\ - cleanup,\ - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ - set_asn1, get_asn1,\ - ctrl, \ - NULL \ -};\ -const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\ -static const EVP_CIPHER cname##_cfb = {\ - nid##_cfb64, 1, key_len, iv_len, \ - flags | EVP_CIPH_CFB_MODE,\ - init_key,\ - cname##_cfb_cipher,\ - cleanup,\ - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ - set_asn1, get_asn1,\ - ctrl,\ - NULL \ -};\ -const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\ -static const EVP_CIPHER cname##_ofb = {\ - nid##_ofb64, 1, key_len, iv_len, \ - flags | EVP_CIPH_OFB_MODE,\ - init_key,\ - cname##_ofb_cipher,\ - cleanup,\ - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ - set_asn1, get_asn1,\ - ctrl,\ - NULL \ -};\ -const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\ -static const EVP_CIPHER cname##_ecb = {\ - nid##_ecb, block_size, key_len, iv_len, \ - flags | EVP_CIPH_ECB_MODE,\ - init_key,\ - cname##_ecb_cipher,\ - cleanup,\ - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ - set_asn1, get_asn1,\ - ctrl,\ - NULL \ -};\ -const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } -*/ - -#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \ - block_size, key_len, iv_len, cbits, \ - flags, init_key, \ - cleanup, set_asn1, get_asn1, ctrl) \ - BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \ - BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \ - cbits, flags, init_key, cleanup, set_asn1, \ - get_asn1, ctrl) - -#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \ - BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \ - BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \ - NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \ - (fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \ - cipher##_init_key, NULL, NULL, NULL, NULL) - - -# ifndef OPENSSL_NO_EC - -#define X25519_KEYLEN 32 -#define X448_KEYLEN 56 -#define ED448_KEYLEN 57 - -#define MAX_KEYLEN ED448_KEYLEN - -typedef struct { - unsigned char pubkey[MAX_KEYLEN]; - unsigned char *privkey; -} ECX_KEY; - -#endif - -/* - * Type needs to be a bit field Sub-type needs to be for variations on the - * method, as in, can it do arbitrary encryption.... - */ -struct evp_pkey_st { - int type; - int save_type; - CRYPTO_REF_COUNT references; - const EVP_PKEY_ASN1_METHOD *ameth; - ENGINE *engine; - ENGINE *pmeth_engine; /* If not NULL public key ENGINE to use */ - union { - void *ptr; -# ifndef OPENSSL_NO_RSA - struct rsa_st *rsa; /* RSA */ -# endif -# ifndef OPENSSL_NO_DSA - struct dsa_st *dsa; /* DSA */ -# endif -# ifndef OPENSSL_NO_DH - struct dh_st *dh; /* DH */ -# endif -# ifndef OPENSSL_NO_EC - struct ec_key_st *ec; /* ECC */ - ECX_KEY *ecx; /* X25519, X448, Ed25519, Ed448 */ -# endif - } pkey; - int save_parameters; - STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ - CRYPTO_RWLOCK *lock; -} /* EVP_PKEY */ ; - - -void openssl_add_all_ciphers_int(void); -void openssl_add_all_digests_int(void); -void evp_cleanup_int(void); -void evp_app_cleanup_int(void); - -/* Pulling defines out of C source files */ - -#define EVP_RC4_KEY_SIZE 16 -#ifndef TLS1_1_VERSION -# define TLS1_1_VERSION 0x0302 -#endif - -void evp_encode_ctx_set_flags(EVP_ENCODE_CTX *ctx, unsigned int flags); - -/* EVP_ENCODE_CTX flags */ -/* Don't generate new lines when encoding */ -#define EVP_ENCODE_CTX_NO_NEWLINES 1 -/* Use the SRP base64 alphabet instead of the standard one */ -#define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2 diff --git a/crypto/include/internal/lhash.h b/crypto/include/internal/lhash.h deleted file mode 100644 index 200ba8685d..0000000000 --- a/crypto/include/internal/lhash.h +++ /dev/null @@ -1,15 +0,0 @@ -/* - * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef INTERNAL_LHASH_H -# define INTERNAL_LHASH_H - -unsigned long openssl_lh_strcasehash(const char *); - -#endif diff --git a/crypto/include/internal/md32_common.h b/crypto/include/internal/md32_common.h deleted file mode 100644 index 1124e9c24b..0000000000 --- a/crypto/include/internal/md32_common.h +++ /dev/null @@ -1,256 +0,0 @@ -/* - * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/*- - * This is a generic 32 bit "collector" for message digest algorithms. - * Whenever needed it collects input character stream into chunks of - * 32 bit values and invokes a block function that performs actual hash - * calculations. - * - * Porting guide. - * - * Obligatory macros: - * - * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN - * this macro defines byte order of input stream. - * HASH_CBLOCK - * size of a unit chunk HASH_BLOCK operates on. - * HASH_LONG - * has to be at least 32 bit wide. - * HASH_CTX - * context structure that at least contains following - * members: - * typedef struct { - * ... - * HASH_LONG Nl,Nh; - * either { - * HASH_LONG data[HASH_LBLOCK]; - * unsigned char data[HASH_CBLOCK]; - * }; - * unsigned int num; - * ... - * } HASH_CTX; - * data[] vector is expected to be zeroed upon first call to - * HASH_UPDATE. - * HASH_UPDATE - * name of "Update" function, implemented here. - * HASH_TRANSFORM - * name of "Transform" function, implemented here. - * HASH_FINAL - * name of "Final" function, implemented here. - * HASH_BLOCK_DATA_ORDER - * name of "block" function capable of treating *unaligned* input - * message in original (data) byte order, implemented externally. - * HASH_MAKE_STRING - * macro converting context variables to an ASCII hash string. - * - * MD5 example: - * - * #define DATA_ORDER_IS_LITTLE_ENDIAN - * - * #define HASH_LONG MD5_LONG - * #define HASH_CTX MD5_CTX - * #define HASH_CBLOCK MD5_CBLOCK - * #define HASH_UPDATE MD5_Update - * #define HASH_TRANSFORM MD5_Transform - * #define HASH_FINAL MD5_Final - * #define HASH_BLOCK_DATA_ORDER md5_block_data_order - */ - -#include - -#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN) -# error "DATA_ORDER must be defined!" -#endif - -#ifndef HASH_CBLOCK -# error "HASH_CBLOCK must be defined!" -#endif -#ifndef HASH_LONG -# error "HASH_LONG must be defined!" -#endif -#ifndef HASH_CTX -# error "HASH_CTX must be defined!" -#endif - -#ifndef HASH_UPDATE -# error "HASH_UPDATE must be defined!" -#endif -#ifndef HASH_TRANSFORM -# error "HASH_TRANSFORM must be defined!" -#endif -#ifndef HASH_FINAL -# error "HASH_FINAL must be defined!" -#endif - -#ifndef HASH_BLOCK_DATA_ORDER -# error "HASH_BLOCK_DATA_ORDER must be defined!" -#endif - -#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n)))) - -#if defined(DATA_ORDER_IS_BIG_ENDIAN) - -# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ - l|=(((unsigned long)(*((c)++)))<<16), \ - l|=(((unsigned long)(*((c)++)))<< 8), \ - l|=(((unsigned long)(*((c)++))) ) ) -# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff), \ - l) - -#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) - -# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \ - l|=(((unsigned long)(*((c)++)))<< 8), \ - l|=(((unsigned long)(*((c)++)))<<16), \ - l|=(((unsigned long)(*((c)++)))<<24) ) -# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16)&0xff), \ - *((c)++)=(unsigned char)(((l)>>24)&0xff), \ - l) - -#endif - -/* - * Time for some action :-) - */ - -int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len) -{ - const unsigned char *data = data_; - unsigned char *p; - HASH_LONG l; - size_t n; - - if (len == 0) - return 1; - - l = (c->Nl + (((HASH_LONG) len) << 3)) & 0xffffffffUL; - if (l < c->Nl) /* overflow */ - c->Nh++; - c->Nh += (HASH_LONG) (len >> 29); /* might cause compiler warning on - * 16-bit */ - c->Nl = l; - - n = c->num; - if (n != 0) { - p = (unsigned char *)c->data; - - if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) { - memcpy(p + n, data, HASH_CBLOCK - n); - HASH_BLOCK_DATA_ORDER(c, p, 1); - n = HASH_CBLOCK - n; - data += n; - len -= n; - c->num = 0; - /* - * We use memset rather than OPENSSL_cleanse() here deliberately. - * Using OPENSSL_cleanse() here could be a performance issue. It - * will get properly cleansed on finalisation so this isn't a - * security problem. - */ - memset(p, 0, HASH_CBLOCK); /* keep it zeroed */ - } else { - memcpy(p + n, data, len); - c->num += (unsigned int)len; - return 1; - } - } - - n = len / HASH_CBLOCK; - if (n > 0) { - HASH_BLOCK_DATA_ORDER(c, data, n); - n *= HASH_CBLOCK; - data += n; - len -= n; - } - - if (len != 0) { - p = (unsigned char *)c->data; - c->num = (unsigned int)len; - memcpy(p, data, len); - } - return 1; -} - -void HASH_TRANSFORM(HASH_CTX *c, const unsigned char *data) -{ - HASH_BLOCK_DATA_ORDER(c, data, 1); -} - -int HASH_FINAL(unsigned char *md, HASH_CTX *c) -{ - unsigned char *p = (unsigned char *)c->data; - size_t n = c->num; - - p[n] = 0x80; /* there is always room for one */ - n++; - - if (n > (HASH_CBLOCK - 8)) { - memset(p + n, 0, HASH_CBLOCK - n); - n = 0; - HASH_BLOCK_DATA_ORDER(c, p, 1); - } - memset(p + n, 0, HASH_CBLOCK - 8 - n); - - p += HASH_CBLOCK - 8; -#if defined(DATA_ORDER_IS_BIG_ENDIAN) - (void)HOST_l2c(c->Nh, p); - (void)HOST_l2c(c->Nl, p); -#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) - (void)HOST_l2c(c->Nl, p); - (void)HOST_l2c(c->Nh, p); -#endif - p -= HASH_CBLOCK; - HASH_BLOCK_DATA_ORDER(c, p, 1); - c->num = 0; - OPENSSL_cleanse(p, HASH_CBLOCK); - -#ifndef HASH_MAKE_STRING -# error "HASH_MAKE_STRING must be defined!" -#else - HASH_MAKE_STRING(c, md); -#endif - - return 1; -} - -#ifndef MD32_REG_T -# if defined(__alpha) || defined(__sparcv9) || defined(__mips) -# define MD32_REG_T long -/* - * This comment was originally written for MD5, which is why it - * discusses A-D. But it basically applies to all 32-bit digests, - * which is why it was moved to common header file. - * - * In case you wonder why A-D are declared as long and not - * as MD5_LONG. Doing so results in slight performance - * boost on LP64 architectures. The catch is we don't - * really care if 32 MSBs of a 64-bit register get polluted - * with eventual overflows as we *save* only 32 LSBs in - * *either* case. Now declaring 'em long excuses the compiler - * from keeping 32 MSBs zeroed resulting in 13% performance - * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. - * Well, to be honest it should say that this *prevents* - * performance degradation. - */ -# else -/* - * Above is not absolute and there are LP64 compilers that - * generate better code if MD32_REG_T is defined int. The above - * pre-processor condition reflects the circumstances under which - * the conclusion was made and is subject to further extension. - */ -# define MD32_REG_T int -# endif -#endif diff --git a/crypto/include/internal/objects.h b/crypto/include/internal/objects.h deleted file mode 100644 index 76e1b4d988..0000000000 --- a/crypto/include/internal/objects.h +++ /dev/null @@ -1,12 +0,0 @@ -/* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include - -void obj_cleanup_int(void); diff --git a/crypto/include/internal/poly1305.h b/crypto/include/internal/poly1305.h deleted file mode 100644 index 5fef239d0f..0000000000 --- a/crypto/include/internal/poly1305.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include - -#define POLY1305_BLOCK_SIZE 16 -#define POLY1305_DIGEST_SIZE 16 -#define POLY1305_KEY_SIZE 32 - -typedef struct poly1305_context POLY1305; - -size_t Poly1305_ctx_size(void); -void Poly1305_Init(POLY1305 *ctx, const unsigned char key[32]); -void Poly1305_Update(POLY1305 *ctx, const unsigned char *inp, size_t len); -void Poly1305_Final(POLY1305 *ctx, unsigned char mac[16]); diff --git a/crypto/include/internal/rand_int.h b/crypto/include/internal/rand_int.h deleted file mode 100644 index 10347ab0e3..0000000000 --- a/crypto/include/internal/rand_int.h +++ /dev/null @@ -1,134 +0,0 @@ -/* - * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * Licensed under the OpenSSL licenses, (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * https://www.openssl.org/source/license.html - * or in the file LICENSE in the source distribution. - */ - -#ifndef HEADER_RAND_INT_H -# define HEADER_RAND_INT_H - -# include - -/* forward declaration */ -typedef struct rand_pool_st RAND_POOL; - -void rand_cleanup_int(void); -void rand_drbg_cleanup_int(void); -void drbg_delete_thread_state(void); - -/* Hardware-based seeding functions. */ -size_t rand_acquire_entropy_from_tsc(RAND_POOL *pool); -size_t rand_acquire_entropy_from_cpu(RAND_POOL *pool); - -/* DRBG entropy callbacks. */ -size_t rand_drbg_get_entropy(RAND_DRBG *drbg, - unsigned char **pout, - int entropy, size_t min_len, size_t max_len, - int prediction_resistance); -void rand_drbg_cleanup_entropy(RAND_DRBG *drbg, - unsigned char *out, size_t outlen); -size_t rand_drbg_get_nonce(RAND_DRBG *drbg, - unsigned char **pout, - int entropy, size_t min_len, size_t max_len); -void rand_drbg_cleanup_nonce(RAND_DRBG *drbg, - unsigned char *out, size_t outlen); - -size_t rand_drbg_get_additional_data(RAND_POOL *pool, unsigned char **pout); - -void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out); - -/* - * RAND_POOL functions - */ -RAND_POOL *rand_pool_new(int entropy_requested, int secure, - size_t min_len, size_t max_len); -RAND_POOL *rand_pool_attach(const unsigned char *buffer, size_t len, - size_t entropy); -void rand_pool_free(RAND_POOL *pool); - -const unsigned char *rand_pool_buffer(RAND_POOL *pool); -unsigned char *rand_pool_detach(RAND_POOL *pool); -void rand_pool_reattach(RAND_POOL *pool, unsigned char *buffer); - -size_t rand_pool_entropy(RAND_POOL *pool); -size_t rand_pool_length(RAND_POOL *pool); - -size_t rand_pool_entropy_available(RAND_POOL *pool); -size_t rand_pool_entropy_needed(RAND_POOL *pool); -/* |entropy_factor| expresses how many bits of data contain 1 bit of entropy */ -size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor); -size_t rand_pool_bytes_remaining(RAND_POOL *pool); - -int rand_pool_add(RAND_POOL *pool, - const unsigned char *buffer, size_t len, size_t entropy); -unsigned char *rand_pool_add_begin(RAND_POOL *pool, size_t len); -int rand_pool_add_end(RAND_POOL *pool, size_t len, size_t entropy); - - -/* - * Add random bytes to the pool to acquire requested amount of entropy - * - * This function is platform specific and tries to acquire the requested - * amount of entropy by polling platform specific entropy sources. - * - * If the function succeeds in acquiring at least |entropy_requested| bits - * of entropy, the total entropy count is returned. If it fails, it returns - * an entropy count of 0. - */ -size_t rand_pool_acquire_entropy(RAND_POOL *pool); - -/* - * Add some application specific nonce data - * - * This function is platform specific and adds some application specific - * data to the nonce used for instantiating the drbg. - * - * This data currently consists of the process and thread id, and a high - * resolution timestamp. The data does not include an atomic counter, - * because that is added by the calling function rand_drbg_get_nonce(). - * - * Returns 1 on success and 0 on failure. - */ -int rand_pool_add_nonce_data(RAND_POOL *pool); - - -/* - * Add some platform specific additional data - * - * This function is platform specific and adds some random noise to the - * additional data used for generating random bytes and for reseeding - * the drbg. - * - * Returns 1 on success and 0 on failure. - */ -int rand_pool_add_additional_data(RAND_POOL *pool); - -/* - * Initialise the random pool reseeding sources. - * - * Returns 1 on success and 0 on failure. - */ -int rand_pool_init(void); - -/* - * Finalise the random pool reseeding sources. - */ -void rand_pool_cleanup(void); - -/* - * Control the random pool use of open file descriptors. - */ -void rand_pool_keep_random_devices_open(int keep); - -#endif diff --git a/crypto/include/internal/sha.h b/crypto/include/internal/sha.h deleted file mode 100644 index 458a75e89d..0000000000 --- a/crypto/include/internal/sha.h +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. - * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef HEADER_INTERNAL_SHA_H -# define HEADER_INTERNAL_SHA_H - -# include - -int sha512_224_init(SHA512_CTX *); -int sha512_256_init(SHA512_CTX *); - -#endif diff --git a/crypto/include/internal/siphash.h b/crypto/include/internal/siphash.h deleted file mode 100644 index 9573680f0f..0000000000 --- a/crypto/include/internal/siphash.h +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include - -#define SIPHASH_BLOCK_SIZE 8 -#define SIPHASH_KEY_SIZE 16 -#define SIPHASH_MIN_DIGEST_SIZE 8 -#define SIPHASH_MAX_DIGEST_SIZE 16 - -typedef struct siphash_st SIPHASH; - -size_t SipHash_ctx_size(void); -size_t SipHash_hash_size(SIPHASH *ctx); -int SipHash_set_hash_size(SIPHASH *ctx, size_t hash_size); -int SipHash_Init(SIPHASH *ctx, const unsigned char *k, - int crounds, int drounds); -void SipHash_Update(SIPHASH *ctx, const unsigned char *in, size_t inlen); -int SipHash_Final(SIPHASH *ctx, unsigned char *out, size_t outlen); diff --git a/crypto/include/internal/sm2.h b/crypto/include/internal/sm2.h deleted file mode 100644 index 5c5cd4b4f5..0000000000 --- a/crypto/include/internal/sm2.h +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. - * Copyright 2017 Ribose Inc. All Rights Reserved. - * Ported from Ribose contributions from Botan. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef HEADER_SM2_H -# define HEADER_SM2_H -# include - -# ifndef OPENSSL_NO_SM2 - -# include - -/* The default user id as specified in GM/T 0009-2012 */ -# define SM2_DEFAULT_USERID "1234567812345678" - -int sm2_compute_z_digest(uint8_t *out, - const EVP_MD *digest, - const uint8_t *id, - const size_t id_len, - const EC_KEY *key); - -/* - * SM2 signature operation. Computes Z and then signs H(Z || msg) using SM2 - */ -ECDSA_SIG *sm2_do_sign(const EC_KEY *key, - const EVP_MD *digest, - const uint8_t *id, - const size_t id_len, - const uint8_t *msg, size_t msg_len); - -int sm2_do_verify(const EC_KEY *key, - const EVP_MD *digest, - const ECDSA_SIG *signature, - const uint8_t *id, - const size_t id_len, - const uint8_t *msg, size_t msg_len); - -/* - * SM2 signature generation. - */ -int sm2_sign(const unsigned char *dgst, int dgstlen, - unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); - -/* - * SM2 signature verification. - */ -int sm2_verify(const unsigned char *dgst, int dgstlen, - const unsigned char *sig, int siglen, EC_KEY *eckey); - -/* - * SM2 encryption - */ -int sm2_ciphertext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, - size_t *ct_size); - -int sm2_plaintext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, - size_t *pt_size); - -int sm2_encrypt(const EC_KEY *key, - const EVP_MD *digest, - const uint8_t *msg, - size_t msg_len, - uint8_t *ciphertext_buf, size_t *ciphertext_len); - -int sm2_decrypt(const EC_KEY *key, - const EVP_MD *digest, - const uint8_t *ciphertext, - size_t ciphertext_len, uint8_t *ptext_buf, size_t *ptext_len); - -# endif /* OPENSSL_NO_SM2 */ -#endif diff --git a/crypto/include/internal/sm2err.h b/crypto/include/internal/sm2err.h deleted file mode 100644 index 09edfab787..0000000000 --- a/crypto/include/internal/sm2err.h +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef HEADER_SM2ERR_H -# define HEADER_SM2ERR_H - -# ifndef HEADER_SYMHACKS_H -# include -# endif - -# include - -# ifndef OPENSSL_NO_SM2 - -# ifdef __cplusplus -extern "C" -# endif -int ERR_load_SM2_strings(void); - -/* - * SM2 function codes. - */ -# define SM2_F_PKEY_SM2_COPY 115 -# define SM2_F_PKEY_SM2_CTRL 109 -# define SM2_F_PKEY_SM2_CTRL_STR 110 -# define SM2_F_PKEY_SM2_DIGEST_CUSTOM 114 -# define SM2_F_PKEY_SM2_INIT 111 -# define SM2_F_PKEY_SM2_SIGN 112 -# define SM2_F_SM2_COMPUTE_MSG_HASH 100 -# define SM2_F_SM2_COMPUTE_USERID_DIGEST 101 -# define SM2_F_SM2_COMPUTE_Z_DIGEST 113 -# define SM2_F_SM2_DECRYPT 102 -# define SM2_F_SM2_ENCRYPT 103 -# define SM2_F_SM2_PLAINTEXT_SIZE 104 -# define SM2_F_SM2_SIGN 105 -# define SM2_F_SM2_SIG_GEN 106 -# define SM2_F_SM2_SIG_VERIFY 107 -# define SM2_F_SM2_VERIFY 108 - -/* - * SM2 reason codes. - */ -# define SM2_R_ASN1_ERROR 100 -# define SM2_R_BAD_SIGNATURE 101 -# define SM2_R_BUFFER_TOO_SMALL 107 -# define SM2_R_DIST_ID_TOO_LARGE 110 -# define SM2_R_ID_NOT_SET 112 -# define SM2_R_ID_TOO_LARGE 111 -# define SM2_R_INVALID_CURVE 108 -# define SM2_R_INVALID_DIGEST 102 -# define SM2_R_INVALID_DIGEST_TYPE 103 -# define SM2_R_INVALID_ENCODING 104 -# define SM2_R_INVALID_FIELD 105 -# define SM2_R_NO_PARAMETERS_SET 109 -# define SM2_R_USER_ID_TOO_LARGE 106 - -# endif -#endif diff --git a/crypto/include/internal/sm3.h b/crypto/include/internal/sm3.h deleted file mode 100644 index 27eb471c28..0000000000 --- a/crypto/include/internal/sm3.h +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. - * Copyright 2017 Ribose Inc. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef HEADER_SM3_H -# define HEADER_SM3_H - -# include - -# ifdef OPENSSL_NO_SM3 -# error SM3 is disabled. -# endif - -# define SM3_DIGEST_LENGTH 32 -# define SM3_WORD unsigned int - -# define SM3_CBLOCK 64 -# define SM3_LBLOCK (SM3_CBLOCK/4) - -typedef struct SM3state_st { - SM3_WORD A, B, C, D, E, F, G, H; - SM3_WORD Nl, Nh; - SM3_WORD data[SM3_LBLOCK]; - unsigned int num; -} SM3_CTX; - -int sm3_init(SM3_CTX *c); -int sm3_update(SM3_CTX *c, const void *data, size_t len); -int sm3_final(unsigned char *md, SM3_CTX *c); - -void sm3_block_data_order(SM3_CTX *c, const void *p, size_t num); - -#endif diff --git a/crypto/include/internal/sm4.h b/crypto/include/internal/sm4.h deleted file mode 100644 index f1f157ef53..0000000000 --- a/crypto/include/internal/sm4.h +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. - * Copyright 2017 Ribose Inc. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef HEADER_SM4_H -# define HEADER_SM4_H - -# include -# include - -# ifdef OPENSSL_NO_SM4 -# error SM4 is disabled. -# endif - -# define SM4_ENCRYPT 1 -# define SM4_DECRYPT 0 - -# define SM4_BLOCK_SIZE 16 -# define SM4_KEY_SCHEDULE 32 - -typedef struct SM4_KEY_st { - uint32_t rk[SM4_KEY_SCHEDULE]; -} SM4_KEY; - -int SM4_set_key(const uint8_t *key, SM4_KEY *ks); - -void SM4_encrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); - -void SM4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); - -#endif diff --git a/crypto/include/internal/store.h b/crypto/include/internal/store.h deleted file mode 100644 index f5013dc367..0000000000 --- a/crypto/include/internal/store.h +++ /dev/null @@ -1,10 +0,0 @@ -/* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -void ossl_store_cleanup_int(void); diff --git a/crypto/include/internal/store_int.h b/crypto/include/internal/store_int.h deleted file mode 100644 index 6f31e019ea..0000000000 --- a/crypto/include/internal/store_int.h +++ /dev/null @@ -1,26 +0,0 @@ -/* - * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef HEADER_STORE_INT_H -# define HEADER_STORE_INT_H - -# include -# include -# include - -/* - * Two functions to read PEM data off an already opened BIO. To be used - * instead of OSSLSTORE_open() and OSSLSTORE_close(). Everything is done - * as usual with OSSLSTORE_load() and OSSLSTORE_eof(). - */ -OSSL_STORE_CTX *ossl_store_attach_pem_bio(BIO *bp, const UI_METHOD *ui_method, - void *ui_data); -int ossl_store_detach_pem_bio(OSSL_STORE_CTX *ctx); - -#endif diff --git a/crypto/include/internal/x509_int.h b/crypto/include/internal/x509_int.h deleted file mode 100644 index b53c2b03c3..0000000000 --- a/crypto/include/internal/x509_int.h +++ /dev/null @@ -1,286 +0,0 @@ -/* - * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include "internal/refcount.h" - -/* Internal X509 structures and functions: not for application use */ - -/* Note: unless otherwise stated a field pointer is mandatory and should - * never be set to NULL: the ASN.1 code and accessors rely on mandatory - * fields never being NULL. - */ - -/* - * name entry structure, equivalent to AttributeTypeAndValue defined - * in RFC5280 et al. - */ -struct X509_name_entry_st { - ASN1_OBJECT *object; /* AttributeType */ - ASN1_STRING *value; /* AttributeValue */ - int set; /* index of RDNSequence for this entry */ - int size; /* temp variable */ -}; - -/* Name from RFC 5280. */ -struct X509_name_st { - STACK_OF(X509_NAME_ENTRY) *entries; /* DN components */ - int modified; /* true if 'bytes' needs to be built */ - BUF_MEM *bytes; /* cached encoding: cannot be NULL */ - /* canonical encoding used for rapid Name comparison */ - unsigned char *canon_enc; - int canon_enclen; -} /* X509_NAME */ ; - -/* Signature info structure */ - -struct x509_sig_info_st { - /* NID of message digest */ - int mdnid; - /* NID of public key algorithm */ - int pknid; - /* Security bits */ - int secbits; - /* Various flags */ - uint32_t flags; -}; - -/* PKCS#10 certificate request */ - -struct X509_req_info_st { - ASN1_ENCODING enc; /* cached encoding of signed part */ - ASN1_INTEGER *version; /* version, defaults to v1(0) so can be NULL */ - X509_NAME *subject; /* certificate request DN */ - X509_PUBKEY *pubkey; /* public key of request */ - /* - * Zero or more attributes. - * NB: although attributes is a mandatory field some broken - * encodings omit it so this may be NULL in that case. - */ - STACK_OF(X509_ATTRIBUTE) *attributes; -}; - -struct X509_req_st { - X509_REQ_INFO req_info; /* signed certificate request data */ - X509_ALGOR sig_alg; /* signature algorithm */ - ASN1_BIT_STRING *signature; /* signature */ - CRYPTO_REF_COUNT references; - CRYPTO_RWLOCK *lock; -}; - -struct X509_crl_info_st { - ASN1_INTEGER *version; /* version: defaults to v1(0) so may be NULL */ - X509_ALGOR sig_alg; /* signature algorithm */ - X509_NAME *issuer; /* CRL issuer name */ - ASN1_TIME *lastUpdate; /* lastUpdate field */ - ASN1_TIME *nextUpdate; /* nextUpdate field: optional */ - STACK_OF(X509_REVOKED) *revoked; /* revoked entries: optional */ - STACK_OF(X509_EXTENSION) *extensions; /* extensions: optional */ - ASN1_ENCODING enc; /* encoding of signed portion of CRL */ -}; - -struct X509_crl_st { - X509_CRL_INFO crl; /* signed CRL data */ - X509_ALGOR sig_alg; /* CRL signature algorithm */ - ASN1_BIT_STRING signature; /* CRL signature */ - CRYPTO_REF_COUNT references; - int flags; - /* - * Cached copies of decoded extension values, since extensions - * are optional any of these can be NULL. - */ - AUTHORITY_KEYID *akid; - ISSUING_DIST_POINT *idp; - /* Convenient breakdown of IDP */ - int idp_flags; - int idp_reasons; - /* CRL and base CRL numbers for delta processing */ - ASN1_INTEGER *crl_number; - ASN1_INTEGER *base_crl_number; - STACK_OF(GENERAL_NAMES) *issuers; - /* hash of CRL */ - unsigned char sha1_hash[SHA_DIGEST_LENGTH]; - /* alternative method to handle this CRL */ - const X509_CRL_METHOD *meth; - void *meth_data; - CRYPTO_RWLOCK *lock; -}; - -struct x509_revoked_st { - ASN1_INTEGER serialNumber; /* revoked entry serial number */ - ASN1_TIME *revocationDate; /* revocation date */ - STACK_OF(X509_EXTENSION) *extensions; /* CRL entry extensions: optional */ - /* decoded value of CRLissuer extension: set if indirect CRL */ - STACK_OF(GENERAL_NAME) *issuer; - /* revocation reason: set to CRL_REASON_NONE if reason extension absent */ - int reason; - /* - * CRL entries are reordered for faster lookup of serial numbers. This - * field contains the original load sequence for this entry. - */ - int sequence; -}; - -/* - * This stuff is certificate "auxiliary info": it contains details which are - * useful in certificate stores and databases. When used this is tagged onto - * the end of the certificate itself. OpenSSL specific structure not defined - * in any RFC. - */ - -struct x509_cert_aux_st { - STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ - STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ - ASN1_UTF8STRING *alias; /* "friendly name" */ - ASN1_OCTET_STRING *keyid; /* key id of private key */ - STACK_OF(X509_ALGOR) *other; /* other unspecified info */ -}; - -struct x509_cinf_st { - ASN1_INTEGER *version; /* [ 0 ] default of v1 */ - ASN1_INTEGER serialNumber; - X509_ALGOR signature; - X509_NAME *issuer; - X509_VAL validity; - X509_NAME *subject; - X509_PUBKEY *key; - ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ - ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ - STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ - ASN1_ENCODING enc; -}; - -struct x509_st { - X509_CINF cert_info; - X509_ALGOR sig_alg; - ASN1_BIT_STRING signature; - X509_SIG_INFO siginf; - CRYPTO_REF_COUNT references; - CRYPTO_EX_DATA ex_data; - /* These contain copies of various extension values */ - long ex_pathlen; - long ex_pcpathlen; - uint32_t ex_flags; - uint32_t ex_kusage; - uint32_t ex_xkusage; - uint32_t ex_nscert; - ASN1_OCTET_STRING *skid; - AUTHORITY_KEYID *akid; - X509_POLICY_CACHE *policy_cache; - STACK_OF(DIST_POINT) *crldp; - STACK_OF(GENERAL_NAME) *altname; - NAME_CONSTRAINTS *nc; -#ifndef OPENSSL_NO_RFC3779 - STACK_OF(IPAddressFamily) *rfc3779_addr; - struct ASIdentifiers_st *rfc3779_asid; -# endif - unsigned char sha1_hash[SHA_DIGEST_LENGTH]; - X509_CERT_AUX *aux; - CRYPTO_RWLOCK *lock; - volatile int ex_cached; -} /* X509 */ ; - -/* - * This is a used when verifying cert chains. Since the gathering of the - * cert chain can take some time (and have to be 'retried', this needs to be - * kept and passed around. - */ -struct x509_store_ctx_st { /* X509_STORE_CTX */ - X509_STORE *ctx; - /* The following are set by the caller */ - /* The cert to check */ - X509 *cert; - /* chain of X509s - untrusted - passed in */ - STACK_OF(X509) *untrusted; - /* set of CRLs passed in */ - STACK_OF(X509_CRL) *crls; - X509_VERIFY_PARAM *param; - /* Other info for use with get_issuer() */ - void *other_ctx; - /* Callbacks for various operations */ - /* called to verify a certificate */ - int (*verify) (X509_STORE_CTX *ctx); - /* error callback */ - int (*verify_cb) (int ok, X509_STORE_CTX *ctx); - /* get issuers cert from ctx */ - int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x); - /* check issued */ - int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer); - /* Check revocation status of chain */ - int (*check_revocation) (X509_STORE_CTX *ctx); - /* retrieve CRL */ - int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); - /* Check CRL validity */ - int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl); - /* Check certificate against CRL */ - int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); - /* Check policy status of the chain */ - int (*check_policy) (X509_STORE_CTX *ctx); - STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm); - STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm); - int (*cleanup) (X509_STORE_CTX *ctx); - /* The following is built up */ - /* if 0, rebuild chain */ - int valid; - /* number of untrusted certs */ - int num_untrusted; - /* chain of X509s - built up and trusted */ - STACK_OF(X509) *chain; - /* Valid policy tree */ - X509_POLICY_TREE *tree; - /* Require explicit policy value */ - int explicit_policy; - /* When something goes wrong, this is why */ - int error_depth; - int error; - X509 *current_cert; - /* cert currently being tested as valid issuer */ - X509 *current_issuer; - /* current CRL */ - X509_CRL *current_crl; - /* score of current CRL */ - int current_crl_score; - /* Reason mask */ - unsigned int current_reasons; - /* For CRL path validation: parent context */ - X509_STORE_CTX *parent; - CRYPTO_EX_DATA ex_data; - SSL_DANE *dane; - /* signed via bare TA public key, rather than CA certificate */ - int bare_ta_signed; -}; - -/* PKCS#8 private key info structure */ - -struct pkcs8_priv_key_info_st { - ASN1_INTEGER *version; - X509_ALGOR *pkeyalg; - ASN1_OCTET_STRING *pkey; - STACK_OF(X509_ATTRIBUTE) *attributes; -}; - -struct X509_sig_st { - X509_ALGOR *algor; - ASN1_OCTET_STRING *digest; -}; - -struct x509_object_st { - /* one of the above types */ - X509_LOOKUP_TYPE type; - union { - char *ptr; - X509 *x509; - X509_CRL *crl; - EVP_PKEY *pkey; - } data; -}; - -int a2i_ipadd(unsigned char *ipout, const char *ipasc); -int x509_set1_time(ASN1_TIME **ptm, const ASN1_TIME *tm); - -void x509_init_sig_info(X509 *x); diff --git a/crypto/init.c b/crypto/init.c index 9fc0e8ef68..1b0d523bea 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -8,25 +8,25 @@ */ #include "e_os.h" -#include "internal/cryptlib_int.h" +#include "crypto/cryptlib.h" #include -#include "internal/rand_int.h" +#include "crypto/rand.h" #include "internal/bio.h" #include -#include "internal/evp_int.h" +#include "crypto/evp.h" #include "internal/conf.h" -#include "internal/async.h" -#include "internal/engine.h" +#include "crypto/async.h" +#include "crypto/engine.h" #include "internal/comp.h" #include "internal/err.h" -#include "internal/err_int.h" -#include "internal/objects.h" +#include "crypto/err.h" +#include "crypto/objects.h" #include #include #include "internal/thread_once.h" -#include "internal/dso_conf.h" +#include "crypto/dso_conf.h" #include "internal/dso.h" -#include "internal/store.h" +#include "crypto/store.h" static int stopped = 0; diff --git a/crypto/kdf/hkdf.c b/crypto/kdf/hkdf.c index ae46fad609..25bf4b729f 100644 --- a/crypto/kdf/hkdf.c +++ b/crypto/kdf/hkdf.c @@ -13,7 +13,7 @@ #include #include #include "internal/cryptlib.h" -#include "internal/evp_int.h" +#include "crypto/evp.h" #define HKDF_MAXBUF 1024 diff --git a/crypto/kdf/scrypt.c b/crypto/kdf/scrypt.c index 61fd390e95..68606ac00a 100644 --- a/crypto/kdf/scrypt.c +++ b/crypto/kdf/scrypt.c @@ -13,7 +13,7 @@ #include #include #include "internal/cryptlib.h" -#include "internal/evp_int.h" +#include "crypto/evp.h" #ifndef OPENSSL_NO_SCRYPT diff --git a/crypto/kdf/tls1_prf.c b/crypto/kdf/tls1_prf.c index 49f7ecced9..e9ca8e1278 100644 --- a/crypto/kdf/tls1_prf.c +++ b/crypto/kdf/tls1_prf.c @@ -11,7 +11,7 @@ #include "internal/cryptlib.h" #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" static int tls1_prf_alg(const EVP_MD *md, const unsigned char *sec, size_t slen, diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c index 485d4c3fff..65e73226ae 100644 --- a/crypto/lhash/lhash.c +++ b/crypto/lhash/lhash.c @@ -13,8 +13,8 @@ #include #include #include -#include "internal/ctype.h" -#include "internal/lhash.h" +#include "crypto/ctype.h" +#include "crypto/lhash.h" #include "lhash_lcl.h" /* diff --git a/crypto/md4/md4_locl.h b/crypto/md4/md4_locl.h index a6c4003fdb..391fee8869 100644 --- a/crypto/md4/md4_locl.h +++ b/crypto/md4/md4_locl.h @@ -31,7 +31,7 @@ void md4_block_data_order(MD4_CTX *c, const void *p, size_t num); } while (0) #define HASH_BLOCK_DATA_ORDER md4_block_data_order -#include "internal/md32_common.h" +#include "crypto/md32_common.h" /*- #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) diff --git a/crypto/md5/md5_locl.h b/crypto/md5/md5_locl.h index 4eb7e50ef4..9e537ed15b 100644 --- a/crypto/md5/md5_locl.h +++ b/crypto/md5/md5_locl.h @@ -42,7 +42,7 @@ void md5_block_data_order(MD5_CTX *c, const void *p, size_t num); } while (0) #define HASH_BLOCK_DATA_ORDER md5_block_data_order -#include "internal/md32_common.h" +#include "crypto/md32_common.h" /*- #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) diff --git a/crypto/mem.c b/crypto/mem.c index 780053ffef..2b39ca3a10 100644 --- a/crypto/mem.c +++ b/crypto/mem.c @@ -9,7 +9,7 @@ #include "e_os.h" #include "internal/cryptlib.h" -#include "internal/cryptlib_int.h" +#include "crypto/cryptlib.h" #include #include #include diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c index c4355370cb..e04a075977 100644 --- a/crypto/objects/o_names.c +++ b/crypto/objects/o_names.c @@ -17,7 +17,7 @@ #include #include #include "internal/thread_once.h" -#include "internal/lhash.h" +#include "crypto/lhash.h" #include "obj_lcl.h" #include "e_os.h" diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index ef2d1e0dda..6e6b9c373b 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -8,14 +8,14 @@ */ #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include #include "internal/cryptlib.h" #include #include -#include "internal/objects.h" +#include "crypto/objects.h" #include -#include "internal/asn1_int.h" +#include "crypto/asn1.h" #include "obj_lcl.h" /* obj_dat.h is generated from objects.h by obj_dat.pl */ diff --git a/crypto/objects/obj_lib.c b/crypto/objects/obj_lib.c index acbdeec2c9..456a1598ce 100644 --- a/crypto/objects/obj_lib.c +++ b/crypto/objects/obj_lib.c @@ -11,7 +11,7 @@ #include "internal/cryptlib.h" #include #include -#include "internal/asn1_int.h" +#include "crypto/asn1.h" ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) { diff --git a/crypto/ocsp/ocsp_ht.c b/crypto/ocsp/ocsp_ht.c index 42c3686431..ba408bc86f 100644 --- a/crypto/ocsp/ocsp_ht.c +++ b/crypto/ocsp/ocsp_ht.c @@ -10,7 +10,7 @@ #include "e_os.h" #include #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include #include #include diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 4bb86463fa..64baf7108e 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -8,7 +8,7 @@ */ #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include #include "internal/cryptlib.h" #include @@ -18,7 +18,7 @@ #include #include #include -#include "internal/asn1_int.h" +#include "crypto/asn1.h" #include #include diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c index aa032d2b1c..e58cdf4a3e 100644 --- a/crypto/pem/pem_pkey.c +++ b/crypto/pem/pem_pkey.c @@ -17,8 +17,8 @@ #include #include #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" int pem_check_suffix(const char *pem_str, const char *suffix); diff --git a/crypto/pkcs12/p12_p8e.c b/crypto/pkcs12/p12_p8e.c index 86a07e1335..05fc388a99 100644 --- a/crypto/pkcs12/p12_p8e.c +++ b/crypto/pkcs12/p12_p8e.c @@ -10,7 +10,7 @@ #include #include "internal/cryptlib.h" #include -#include "internal/x509_int.h" +#include "crypto/x509.h" X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass, int passlen, diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c index 16b76431d1..ec4d9abd58 100644 --- a/crypto/pkcs7/pk7_lib.c +++ b/crypto/pkcs7/pk7_lib.c @@ -11,8 +11,8 @@ #include "internal/cryptlib.h" #include #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) { diff --git a/crypto/poly1305/poly1305.c b/crypto/poly1305/poly1305.c index 1d182364ae..b01d0cfbd3 100644 --- a/crypto/poly1305/poly1305.c +++ b/crypto/poly1305/poly1305.c @@ -11,7 +11,7 @@ #include #include -#include "internal/poly1305.h" +#include "crypto/poly1305.h" #include "poly1305_local.h" size_t Poly1305_ctx_size(void) diff --git a/crypto/poly1305/poly1305_ameth.c b/crypto/poly1305/poly1305_ameth.c index 033ee8cd96..0c8a91dc79 100644 --- a/crypto/poly1305/poly1305_ameth.c +++ b/crypto/poly1305/poly1305_ameth.c @@ -10,10 +10,10 @@ #include #include "internal/cryptlib.h" #include -#include "internal/asn1_int.h" -#include "internal/poly1305.h" +#include "crypto/asn1.h" +#include "crypto/poly1305.h" #include "poly1305_local.h" -#include "internal/evp_int.h" +#include "crypto/evp.h" /* * POLY1305 "ASN1" method. This is just here to indicate the maximum diff --git a/crypto/poly1305/poly1305_pmeth.c b/crypto/poly1305/poly1305_pmeth.c index 3bc24c98cd..49a799a12f 100644 --- a/crypto/poly1305/poly1305_pmeth.c +++ b/crypto/poly1305/poly1305_pmeth.c @@ -13,9 +13,9 @@ #include #include #include -#include "internal/poly1305.h" +#include "crypto/poly1305.h" #include "poly1305_local.h" -#include "internal/evp_int.h" +#include "crypto/evp.h" /* POLY1305 pkey context structure */ diff --git a/crypto/ppccap.c b/crypto/ppccap.c index a59485207b..e4a1441978 100644 --- a/crypto/ppccap.c +++ b/crypto/ppccap.c @@ -29,7 +29,7 @@ #include #include #include -#include +#include #include "bn/bn_lcl.h" #include "ppc_arch.h" diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c index 12bb627a04..24fd6b2cbb 100644 --- a/crypto/rand/drbg_lib.c +++ b/crypto/rand/drbg_lib.c @@ -13,8 +13,8 @@ #include #include "rand_lcl.h" #include "internal/thread_once.h" -#include "internal/rand_int.h" -#include "internal/cryptlib_int.h" +#include "crypto/rand.h" +#include "crypto/cryptlib.h" /* * Support framework for NIST SP 800-90A DRBG diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 91b2652311..74b31bedcb 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -11,7 +11,7 @@ #include #include "internal/cryptlib.h" #include -#include "internal/rand_int.h" +#include "crypto/rand.h" #include #include "internal/thread_once.h" #include "rand_lcl.h" diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index 69efcdeed7..1da09107c6 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -16,7 +16,7 @@ #include #include #include "rand_lcl.h" -#include "internal/rand_int.h" +#include "crypto/rand.h" #include #include "internal/dso.h" #ifdef __linux diff --git a/crypto/rand/rand_vms.c b/crypto/rand/rand_vms.c index e1e1c0b9db..63ccc55d8f 100644 --- a/crypto/rand/rand_vms.c +++ b/crypto/rand/rand_vms.c @@ -14,7 +14,7 @@ # include # include "internal/cryptlib.h" # include -# include "internal/rand_int.h" +# include "crypto/rand.h" # include "rand_lcl.h" # include # include diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c index a9c5751f1a..5a1f8a7b25 100644 --- a/crypto/rand/rand_win.c +++ b/crypto/rand/rand_win.c @@ -10,7 +10,7 @@ #include "internal/cryptlib.h" #include #include "rand_lcl.h" -#include "internal/rand_int.h" +#include "crypto/rand.h" #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) # ifndef OPENSSL_RAND_SEED_OS diff --git a/crypto/ripemd/rmd_locl.h b/crypto/ripemd/rmd_locl.h index f1ae4323ca..a4fb54d89a 100644 --- a/crypto/ripemd/rmd_locl.h +++ b/crypto/ripemd/rmd_locl.h @@ -42,7 +42,7 @@ void ripemd160_block_data_order(RIPEMD160_CTX *c, const void *p, size_t num); } while (0) #define HASH_BLOCK_DATA_ORDER ripemd160_block_data_order -#include "internal/md32_common.h" +#include "crypto/md32_common.h" /* * Transformed F2 and F4 are courtesy of Wei Dai diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index 9dcb85d837..fe49a61ab6 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -13,8 +13,8 @@ #include #include #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" #include "rsa_locl.h" #ifndef OPENSSL_NO_CMS diff --git a/crypto/rsa/rsa_crpt.c b/crypto/rsa/rsa_crpt.c index f4ef8b4381..52abfaed71 100644 --- a/crypto/rsa/rsa_crpt.c +++ b/crypto/rsa/rsa_crpt.c @@ -10,7 +10,7 @@ #include #include #include "internal/cryptlib.h" -#include "internal/bn_int.h" +#include "crypto/bn.h" #include #include "rsa_locl.h" diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index e737a28898..709a3856d4 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -11,10 +11,10 @@ #include #include "internal/cryptlib.h" #include "internal/refcount.h" -#include "internal/bn_int.h" +#include "crypto/bn.h" #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" #include "rsa_locl.h" RSA *RSA_new(void) diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c index c8c3b7886a..01c712bab7 100644 --- a/crypto/rsa/rsa_ossl.c +++ b/crypto/rsa/rsa_ossl.c @@ -8,7 +8,7 @@ */ #include "internal/cryptlib.h" -#include "internal/bn_int.h" +#include "crypto/bn.h" #include "rsa_locl.h" #include "internal/constant_time_locl.h" diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index 082ab8fd8a..aabd245f11 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -18,7 +18,7 @@ #include #include #include -#include "internal/evp_int.h" +#include "crypto/evp.h" #include "rsa_locl.h" /* RSA pkey context structure */ diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index 952d24fb8a..e3cc2d4829 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -13,7 +13,7 @@ #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include "rsa_locl.h" /* Size of an SSL signature: MD5+SHA1 */ diff --git a/crypto/sha/sha256.c b/crypto/sha/sha256.c index bf78f075ee..11050ba547 100644 --- a/crypto/sha/sha256.c +++ b/crypto/sha/sha256.c @@ -128,7 +128,7 @@ static #endif void sha256_block_data_order(SHA256_CTX *ctx, const void *in, size_t num); -#include "internal/md32_common.h" +#include "crypto/md32_common.h" #ifndef SHA256_ASM static const SHA_LONG K256[64] = { diff --git a/crypto/sha/sha512.c b/crypto/sha/sha512.c index 50b65ee811..ca1f387a64 100644 --- a/crypto/sha/sha512.c +++ b/crypto/sha/sha512.c @@ -50,7 +50,7 @@ #include #include "internal/cryptlib.h" -#include "internal/sha.h" +#include "crypto/sha.h" #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ defined(__x86_64) || defined(_M_AMD64) || defined(_M_X64) || \ diff --git a/crypto/sha/sha_locl.h b/crypto/sha/sha_locl.h index 4e5a090382..6edb9ef1d2 100644 --- a/crypto/sha/sha_locl.h +++ b/crypto/sha/sha_locl.h @@ -42,7 +42,7 @@ static void sha1_block_data_order(SHA_CTX *c, const void *p, size_t num); void sha1_block_data_order(SHA_CTX *c, const void *p, size_t num); #endif -#include "internal/md32_common.h" +#include "crypto/md32_common.h" #define INIT_DATA_h0 0x67452301UL #define INIT_DATA_h1 0xefcdab89UL diff --git a/crypto/siphash/siphash.c b/crypto/siphash/siphash.c index be74a38d93..07d94c1e6e 100644 --- a/crypto/siphash/siphash.c +++ b/crypto/siphash/siphash.c @@ -27,7 +27,7 @@ #include #include -#include "internal/siphash.h" +#include "crypto/siphash.h" #include "siphash_local.h" /* default: SipHash-2-4 */ diff --git a/crypto/siphash/siphash_ameth.c b/crypto/siphash/siphash_ameth.c index c0ab7efae4..2da6dfec80 100644 --- a/crypto/siphash/siphash_ameth.c +++ b/crypto/siphash/siphash_ameth.c @@ -10,10 +10,10 @@ #include #include "internal/cryptlib.h" #include -#include "internal/asn1_int.h" -#include "internal/siphash.h" +#include "crypto/asn1.h" +#include "crypto/siphash.h" #include "siphash_local.h" -#include "internal/evp_int.h" +#include "crypto/evp.h" /* * SIPHASH "ASN1" method. This is just here to indicate the maximum diff --git a/crypto/siphash/siphash_pmeth.c b/crypto/siphash/siphash_pmeth.c index 66e552fec5..0c7d2c6190 100644 --- a/crypto/siphash/siphash_pmeth.c +++ b/crypto/siphash/siphash_pmeth.c @@ -13,9 +13,9 @@ #include #include #include -#include "internal/siphash.h" +#include "crypto/siphash.h" #include "siphash_local.h" -#include "internal/evp_int.h" +#include "crypto/evp.h" /* SIPHASH pkey context structure */ diff --git a/crypto/sm2/sm2_crypt.c b/crypto/sm2/sm2_crypt.c index 4389fc731e..ef505f6441 100644 --- a/crypto/sm2/sm2_crypt.c +++ b/crypto/sm2/sm2_crypt.c @@ -9,9 +9,9 @@ * https://www.openssl.org/source/license.html */ -#include "internal/sm2.h" -#include "internal/sm2err.h" -#include "internal/ec_int.h" /* ecdh_KDF_X9_63() */ +#include "crypto/sm2.h" +#include "crypto/sm2err.h" +#include "crypto/ec.h" /* ecdh_KDF_X9_63() */ #include #include #include diff --git a/crypto/sm2/sm2_err.c b/crypto/sm2/sm2_err.c index 653c6797f8..e5973e9c71 100644 --- a/crypto/sm2/sm2_err.c +++ b/crypto/sm2/sm2_err.c @@ -9,7 +9,7 @@ */ #include -#include "internal/sm2err.h" +#include "crypto/sm2err.h" #ifndef OPENSSL_NO_ERR diff --git a/crypto/sm2/sm2_pmeth.c b/crypto/sm2/sm2_pmeth.c index d187699cc4..62a5b5534d 100644 --- a/crypto/sm2/sm2_pmeth.c +++ b/crypto/sm2/sm2_pmeth.c @@ -11,9 +11,9 @@ #include #include #include -#include "internal/evp_int.h" -#include "internal/sm2.h" -#include "internal/sm2err.h" +#include "crypto/evp.h" +#include "crypto/sm2.h" +#include "crypto/sm2err.h" /* EC pkey context structure */ diff --git a/crypto/sm2/sm2_sign.c b/crypto/sm2/sm2_sign.c index 50ecb4d68c..683f03f935 100644 --- a/crypto/sm2/sm2_sign.c +++ b/crypto/sm2/sm2_sign.c @@ -9,9 +9,9 @@ * https://www.openssl.org/source/license.html */ -#include "internal/sm2.h" -#include "internal/sm2err.h" -#include "internal/ec_int.h" /* ec_group_do_inverse_ord() */ +#include "crypto/sm2.h" +#include "crypto/sm2err.h" +#include "crypto/ec.h" /* ec_group_do_inverse_ord() */ #include "internal/numbers.h" #include #include diff --git a/crypto/sm3/m_sm3.c b/crypto/sm3/m_sm3.c index 85538dc8af..7e54f42984 100644 --- a/crypto/sm3/m_sm3.c +++ b/crypto/sm3/m_sm3.c @@ -12,8 +12,8 @@ #ifndef OPENSSL_NO_SM3 # include -# include "internal/evp_int.h" -# include "internal/sm3.h" +# include "crypto/evp.h" +# include "crypto/sm3.h" static int init(EVP_MD_CTX *ctx) { diff --git a/crypto/sm3/sm3_locl.h b/crypto/sm3/sm3_locl.h index efa6db57c6..7171de510d 100644 --- a/crypto/sm3/sm3_locl.h +++ b/crypto/sm3/sm3_locl.h @@ -10,7 +10,7 @@ */ #include -#include "internal/sm3.h" +#include "crypto/sm3.h" #define DATA_ORDER_IS_BIG_ENDIAN @@ -36,7 +36,7 @@ void sm3_transform(SM3_CTX *c, const unsigned char *data); -#include "internal/md32_common.h" +#include "crypto/md32_common.h" #define P0(X) (X ^ ROTATE(X, 9) ^ ROTATE(X, 17)) #define P1(X) (X ^ ROTATE(X, 15) ^ ROTATE(X, 23)) diff --git a/crypto/sm4/sm4.c b/crypto/sm4/sm4.c index 0c819a4b68..5750e76331 100644 --- a/crypto/sm4/sm4.c +++ b/crypto/sm4/sm4.c @@ -10,7 +10,7 @@ */ #include -#include "internal/sm4.h" +#include "crypto/sm4.h" static const uint8_t SM4_S[256] = { 0xD6, 0x90, 0xE9, 0xFE, 0xCC, 0xE1, 0x3D, 0xB7, 0x16, 0xB6, 0x14, 0xC2, diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c index ca20f6d097..4f417de0c9 100644 --- a/crypto/srp/srp_lib.c +++ b/crypto/srp/srp_lib.c @@ -16,7 +16,7 @@ # include # include # include -# include "internal/bn_srp.h" +# include "crypto/bn_srp.h" /* calculate = SHA1(PAD(x) || PAD(y)) */ diff --git a/crypto/srp/srp_vfy.c b/crypto/srp/srp_vfy.c index eb279dd418..3dd2ab0507 100644 --- a/crypto/srp/srp_vfy.c +++ b/crypto/srp/srp_vfy.c @@ -13,7 +13,7 @@ #ifndef OPENSSL_NO_SRP # include "internal/cryptlib.h" -# include "internal/evp_int.h" +# include "crypto/evp.h" # include # include # include diff --git a/crypto/store/loader_file.c b/crypto/store/loader_file.c index 6f569ee62d..bb3410dfd4 100644 --- a/crypto/store/loader_file.c +++ b/crypto/store/loader_file.c @@ -24,11 +24,11 @@ #include #include #include /* For the PKCS8 stuff o.O */ -#include "internal/asn1_int.h" -#include "internal/ctype.h" +#include "crypto/asn1.h" +#include "crypto/ctype.h" #include "internal/o_dir.h" #include "internal/cryptlib.h" -#include "internal/store_int.h" +#include "crypto/store.h" #include "store_locl.h" #ifdef _WIN32 diff --git a/crypto/store/store_init.c b/crypto/store/store_init.c index b398bf598f..5f81ef19b1 100644 --- a/crypto/store/store_init.c +++ b/crypto/store/store_init.c @@ -8,7 +8,7 @@ */ #include -#include "internal/store.h" +#include "crypto/store.h" #include "store_locl.h" static CRYPTO_ONCE store_init = CRYPTO_ONCE_STATIC_INIT; diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c index 7de2e31f55..ddbc1e0091 100644 --- a/crypto/store/store_lib.c +++ b/crypto/store/store_lib.c @@ -18,7 +18,7 @@ #include #include #include "internal/thread_once.h" -#include "internal/store_int.h" +#include "crypto/store.h" #include "store_locl.h" struct ossl_store_ctx_st { diff --git a/crypto/store/store_register.c b/crypto/store/store_register.c index e68cb3c568..79c4fcce9c 100644 --- a/crypto/store/store_register.c +++ b/crypto/store/store_register.c @@ -8,7 +8,7 @@ */ #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include #include diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c index b691a83a0d..aaaecdfcd4 100644 --- a/crypto/x509/by_dir.c +++ b/crypto/x509/by_dir.c @@ -19,7 +19,7 @@ #endif #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include "x509_lcl.h" struct lookup_dir_hashes_st { diff --git a/crypto/x509/t_x509.c b/crypto/x509/t_x509.c index ccacbe7cbf..12d807f705 100644 --- a/crypto/x509/t_x509.c +++ b/crypto/x509/t_x509.c @@ -14,7 +14,7 @@ #include #include #include -#include "internal/asn1_int.h" +#include "crypto/asn1.h" #ifndef OPENSSL_NO_STDIO int X509_print_fp(FILE *fp, X509 *x) diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index 833bfce1bf..e06489c334 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -13,7 +13,7 @@ #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b) { diff --git a/crypto/x509/x509_ext.c b/crypto/x509/x509_ext.c index 2db843760c..4cdab724ea 100644 --- a/crypto/x509/x509_ext.c +++ b/crypto/x509/x509_ext.c @@ -13,7 +13,7 @@ #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include int X509_CRL_get_ext_count(const X509_CRL *x) diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index b7d2e66574..658fad34df 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -11,7 +11,7 @@ #include "internal/cryptlib.h" #include "internal/refcount.h" #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include #include "x509_lcl.h" diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c index 85c39415c1..f54d483cc4 100644 --- a/crypto/x509/x509_obj.c +++ b/crypto/x509/x509_obj.c @@ -12,7 +12,7 @@ #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" /* * Limit to ensure we don't overflow: much greater than diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c index 3d72787d31..6b1623feac 100644 --- a/crypto/x509/x509_r2x.c +++ b/crypto/x509/x509_r2x.c @@ -13,7 +13,7 @@ #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include #include diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c index 0bdbb81db8..7ba0f26495 100644 --- a/crypto/x509/x509_req.c +++ b/crypto/x509/x509_req.c @@ -14,7 +14,7 @@ #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include #include #include diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c index 3ab6bf3511..01ebec9721 100644 --- a/crypto/x509/x509_set.c +++ b/crypto/x509/x509_set.c @@ -15,8 +15,8 @@ #include #include #include -#include "internal/asn1_int.h" -#include "internal/x509_int.h" +#include "crypto/asn1.h" +#include "crypto/x509.h" #include "x509_lcl.h" int X509_set_version(X509 *x, long version) diff --git a/crypto/x509/x509_trs.c b/crypto/x509/x509_trs.c index d749af4d59..9e199d63e4 100644 --- a/crypto/x509/x509_trs.c +++ b/crypto/x509/x509_trs.c @@ -10,7 +10,7 @@ #include #include "internal/cryptlib.h" #include -#include "internal/x509_int.h" +#include "crypto/x509.h" static int tr_cmp(const X509_TRUST *const *a, const X509_TRUST *const *b); static void trtable_free(X509_TRUST *p); diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 6be2c71e86..db0d9ae2d4 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -12,7 +12,7 @@ #include #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include "internal/cryptlib.h" #include #include @@ -22,7 +22,7 @@ #include #include #include "internal/dane.h" -#include "internal/x509_int.h" +#include "crypto/x509.h" #include "x509_lcl.h" /* CRL score values */ diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c index aea186295c..12a78e784c 100644 --- a/crypto/x509/x509_vpm.c +++ b/crypto/x509/x509_vpm.c @@ -14,7 +14,7 @@ #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include "x509_lcl.h" diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c index 7645ce3759..6c08509138 100644 --- a/crypto/x509/x509cset.c +++ b/crypto/x509/x509cset.c @@ -14,7 +14,7 @@ #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" int X509_CRL_set_version(X509_CRL *x, long version) { diff --git a/crypto/x509/x509name.c b/crypto/x509/x509name.c index 64a73e793f..c86d8e7914 100644 --- a/crypto/x509/x509name.c +++ b/crypto/x509/x509name.c @@ -14,7 +14,7 @@ #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len) { diff --git a/crypto/x509/x509rset.c b/crypto/x509/x509rset.c index e8921b82a8..9da3f2ee27 100644 --- a/crypto/x509/x509rset.c +++ b/crypto/x509/x509rset.c @@ -13,7 +13,7 @@ #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" int X509_REQ_set_version(X509_REQ *x, long version) { diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c index 24e4114601..6cccfa99d1 100644 --- a/crypto/x509/x_all.c +++ b/crypto/x509/x_all.c @@ -13,7 +13,7 @@ #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include #include #include diff --git a/crypto/x509/x_crl.c b/crypto/x509/x_crl.c index 12ab3cca42..ad41d14099 100644 --- a/crypto/x509/x_crl.c +++ b/crypto/x509/x_crl.c @@ -11,7 +11,7 @@ #include "internal/cryptlib.h" #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include #include "x509_lcl.h" diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c index a1e9bbdb66..ef2a275876 100644 --- a/crypto/x509/x_name.c +++ b/crypto/x509/x_name.c @@ -8,12 +8,12 @@ */ #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include "internal/cryptlib.h" #include #include -#include "internal/x509_int.h" -#include "internal/asn1_int.h" +#include "crypto/x509.h" +#include "crypto/asn1.h" #include "x509_lcl.h" /* diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c index 1c87b8268e..4f694b93fb 100644 --- a/crypto/x509/x_pubkey.c +++ b/crypto/x509/x_pubkey.c @@ -11,9 +11,9 @@ #include "internal/cryptlib.h" #include #include -#include "internal/asn1_int.h" -#include "internal/evp_int.h" -#include "internal/x509_int.h" +#include "crypto/asn1.h" +#include "crypto/evp.h" +#include "crypto/x509.h" #include #include diff --git a/crypto/x509/x_req.c b/crypto/x509/x_req.c index c2da95a73e..d2b02f6dae 100644 --- a/crypto/x509/x_req.c +++ b/crypto/x509/x_req.c @@ -11,7 +11,7 @@ #include "internal/cryptlib.h" #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" /*- * X509_REQ_INFO is handled in an unusual way to get round diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c index afe59c46c5..7aa8b77ae7 100644 --- a/crypto/x509/x_x509.c +++ b/crypto/x509/x_x509.c @@ -13,7 +13,7 @@ #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = { ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0), diff --git a/crypto/x509/x_x509a.c b/crypto/x509/x_x509a.c index 8c9ad71d1b..c5175faef7 100644 --- a/crypto/x509/x_x509a.c +++ b/crypto/x509/x_x509a.c @@ -12,7 +12,7 @@ #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" /* * X509_CERT_AUX routines. These are used to encode additional user diff --git a/crypto/x509v3/pcy_cache.c b/crypto/x509v3/pcy_cache.c index 623870b1f6..6a4db42051 100644 --- a/crypto/x509v3/pcy_cache.c +++ b/crypto/x509v3/pcy_cache.c @@ -10,7 +10,7 @@ #include "internal/cryptlib.h" #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include "pcy_int.h" diff --git a/crypto/x509v3/pcy_map.c b/crypto/x509v3/pcy_map.c index ab9dd21b7d..4fc3eb6d42 100644 --- a/crypto/x509v3/pcy_map.c +++ b/crypto/x509v3/pcy_map.c @@ -10,7 +10,7 @@ #include "internal/cryptlib.h" #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include "pcy_int.h" diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c index bb58e04846..4258dbc40c 100644 --- a/crypto/x509v3/v3_addr.c +++ b/crypto/x509v3/v3_addr.c @@ -20,7 +20,7 @@ #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include "ext_dat.h" #ifndef OPENSSL_NO_RFC3779 diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c index ef2d64826f..ac68572672 100644 --- a/crypto/x509v3/v3_asid.c +++ b/crypto/x509v3/v3_asid.c @@ -20,7 +20,7 @@ #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include #include "ext_dat.h" diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c index 7acaebfa22..e93de34546 100644 --- a/crypto/x509v3/v3_conf.c +++ b/crypto/x509v3/v3_conf.c @@ -10,11 +10,11 @@ /* extension creation utilities */ #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include "internal/cryptlib.h" #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include static int v3_check_critical(const char **value); diff --git a/crypto/x509v3/v3_crld.c b/crypto/x509v3/v3_crld.c index 6cba4240ab..4854748ffb 100644 --- a/crypto/x509v3/v3_crld.c +++ b/crypto/x509v3/v3_crld.c @@ -14,7 +14,7 @@ #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include "ext_dat.h" static void *v2i_crld(const X509V3_EXT_METHOD *method, diff --git a/crypto/x509v3/v3_ncons.c b/crypto/x509v3/v3_ncons.c index 9a2cd5af00..2a7b4f0992 100644 --- a/crypto/x509v3/v3_ncons.c +++ b/crypto/x509v3/v3_ncons.c @@ -10,12 +10,12 @@ #include "internal/cryptlib.h" #include "internal/numbers.h" #include -#include "internal/asn1_int.h" +#include "crypto/asn1.h" #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include "ext_dat.h" static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c index 2f06289d19..3f60c2ea1d 100644 --- a/crypto/x509v3/v3_purp.c +++ b/crypto/x509v3/v3_purp.c @@ -12,7 +12,7 @@ #include "internal/numbers.h" #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include "internal/tsan_assist.h" static void x509v3_cache_extensions(X509 *x); diff --git a/crypto/x509v3/v3_skey.c b/crypto/x509v3/v3_skey.c index 749f51b2f0..c2e8204568 100644 --- a/crypto/x509v3/v3_skey.c +++ b/crypto/x509v3/v3_skey.c @@ -10,7 +10,7 @@ #include #include "internal/cryptlib.h" #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include "ext_dat.h" static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c index c9b40d2c76..7281a7b917 100644 --- a/crypto/x509v3/v3_utl.c +++ b/crypto/x509v3/v3_utl.c @@ -12,11 +12,11 @@ #include "e_os.h" #include "internal/cryptlib.h" #include -#include "internal/ctype.h" +#include "crypto/ctype.h" #include #include #include -#include "internal/x509_int.h" +#include "crypto/x509.h" #include #include "ext_dat.h" diff --git a/include/crypto/__DECC_INCLUDE_EPILOGUE.H b/include/crypto/__DECC_INCLUDE_EPILOGUE.H new file mode 100644 index 0000000000..c350018ad1 --- /dev/null +++ b/include/crypto/__DECC_INCLUDE_EPILOGUE.H @@ -0,0 +1,16 @@ +/* + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * This file is only used by HP C on VMS, and is included automatically + * after each header file from this directory + */ + +/* restore state. Must correspond to the save in __decc_include_prologue.h */ +#pragma names restore diff --git a/include/crypto/__DECC_INCLUDE_PROLOGUE.H b/include/crypto/__DECC_INCLUDE_PROLOGUE.H new file mode 100644 index 0000000000..9a9c777f93 --- /dev/null +++ b/include/crypto/__DECC_INCLUDE_PROLOGUE.H @@ -0,0 +1,20 @@ +/* + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * This file is only used by HP C on VMS, and is included automatically + * after each header file from this directory + */ + +/* save state */ +#pragma names save +/* have the compiler shorten symbols larger than 31 chars to 23 chars + * followed by a 8 hex char CRC + */ +#pragma names as_is,shortened diff --git a/include/crypto/aria.h b/include/crypto/aria.h new file mode 100644 index 0000000000..355abe5398 --- /dev/null +++ b/include/crypto/aria.h @@ -0,0 +1,50 @@ +/* + * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + + /* Copyright (c) 2017 National Security Research Institute. All rights reserved. */ + +#ifndef HEADER_ARIA_H +# define HEADER_ARIA_H + +# include + +# ifdef OPENSSL_NO_ARIA +# error ARIA is disabled. +# endif + +# define ARIA_ENCRYPT 1 +# define ARIA_DECRYPT 0 + +# define ARIA_BLOCK_SIZE 16 /* Size of each encryption/decryption block */ +# define ARIA_MAX_KEYS 17 /* Number of keys needed in the worst case */ + +typedef union { + unsigned char c[ARIA_BLOCK_SIZE]; + unsigned int u[ARIA_BLOCK_SIZE / sizeof(unsigned int)]; +} ARIA_u128; + +typedef unsigned char ARIA_c128[ARIA_BLOCK_SIZE]; + +struct aria_key_st { + ARIA_u128 rd_key[ARIA_MAX_KEYS]; + unsigned int rounds; +}; +typedef struct aria_key_st ARIA_KEY; + + +int aria_set_encrypt_key(const unsigned char *userKey, const int bits, + ARIA_KEY *key); +int aria_set_decrypt_key(const unsigned char *userKey, const int bits, + ARIA_KEY *key); + +void aria_encrypt(const unsigned char *in, unsigned char *out, + const ARIA_KEY *key); + +#endif diff --git a/include/crypto/asn1.h b/include/crypto/asn1.h new file mode 100644 index 0000000000..9c9b4d8974 --- /dev/null +++ b/include/crypto/asn1.h @@ -0,0 +1,113 @@ +/* + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Internal ASN1 structures and functions: not for application use */ + +/* ASN1 public key method structure */ + +struct evp_pkey_asn1_method_st { + int pkey_id; + int pkey_base_id; + unsigned long pkey_flags; + char *pem_str; + char *info; + int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub); + int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk); + int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b); + int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent, + ASN1_PCTX *pctx); + int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf); + int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk); + int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent, + ASN1_PCTX *pctx); + int (*pkey_size) (const EVP_PKEY *pk); + int (*pkey_bits) (const EVP_PKEY *pk); + int (*pkey_security_bits) (const EVP_PKEY *pk); + int (*param_decode) (EVP_PKEY *pkey, + const unsigned char **pder, int derlen); + int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder); + int (*param_missing) (const EVP_PKEY *pk); + int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from); + int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b); + int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent, + ASN1_PCTX *pctx); + int (*sig_print) (BIO *out, + const X509_ALGOR *sigalg, const ASN1_STRING *sig, + int indent, ASN1_PCTX *pctx); + void (*pkey_free) (EVP_PKEY *pkey); + int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2); + /* Legacy functions for old PEM */ + int (*old_priv_decode) (EVP_PKEY *pkey, + const unsigned char **pder, int derlen); + int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder); + /* Custom ASN1 signature verification */ + int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, + X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey); + int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, + X509_ALGOR *alg1, X509_ALGOR *alg2, + ASN1_BIT_STRING *sig); + int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg, + const ASN1_STRING *sig); + /* Check */ + int (*pkey_check) (const EVP_PKEY *pk); + int (*pkey_public_check) (const EVP_PKEY *pk); + int (*pkey_param_check) (const EVP_PKEY *pk); + /* Get/set raw private/public key data */ + int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len); + int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len); + int (*get_priv_key) (const EVP_PKEY *pk, unsigned char *priv, size_t *len); + int (*get_pub_key) (const EVP_PKEY *pk, unsigned char *pub, size_t *len); +} /* EVP_PKEY_ASN1_METHOD */ ; + +DEFINE_STACK_OF_CONST(EVP_PKEY_ASN1_METHOD) + +extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD dhx_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[5]; +extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD ecx25519_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD ecx448_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD ed448_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD sm2_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD poly1305_asn1_meth; + +extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[2]; +extern const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD siphash_asn1_meth; + +/* + * These are used internally in the ASN1_OBJECT to keep track of whether the + * names and data need to be free()ed + */ +# define ASN1_OBJECT_FLAG_DYNAMIC 0x01/* internal use */ +# define ASN1_OBJECT_FLAG_CRITICAL 0x02/* critical x509v3 object id */ +# define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04/* internal use */ +# define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08/* internal use */ +struct asn1_object_st { + const char *sn, *ln; + int nid; + int length; + const unsigned char *data; /* data remains const after init */ + int flags; /* Should we free this one */ +}; + +/* ASN1 print context structure */ + +struct asn1_pctx_st { + unsigned long flags; + unsigned long nm_flags; + unsigned long cert_flags; + unsigned long oid_flags; + unsigned long str_flags; +} /* ASN1_PCTX */ ; + +int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb); diff --git a/include/crypto/async.h b/include/crypto/async.h new file mode 100644 index 0000000000..dc8e937b0c --- /dev/null +++ b/include/crypto/async.h @@ -0,0 +1,15 @@ +/* + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include + +int async_init(void); +void async_deinit(void); +void async_delete_thread_state(void); + diff --git a/include/crypto/bn.h b/include/crypto/bn.h new file mode 100644 index 0000000000..30be7efe14 --- /dev/null +++ b/include/crypto/bn.h @@ -0,0 +1,90 @@ +/* + * Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_BN_INT_H +# define HEADER_BN_INT_H + +# include +# include + +BIGNUM *bn_wexpand(BIGNUM *a, int words); +BIGNUM *bn_expand2(BIGNUM *a, int words); + +void bn_correct_top(BIGNUM *a); + +/* + * Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'. + * This is an array r[] of values that are either zero or odd with an + * absolute value less than 2^w satisfying scalar = \sum_j r[j]*2^j where at + * most one of any w+1 consecutive digits is non-zero with the exception that + * the most significant digit may be only w-1 zeros away from that next + * non-zero digit. + */ +signed char *bn_compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len); + +int bn_get_top(const BIGNUM *a); + +int bn_get_dmax(const BIGNUM *a); + +/* Set all words to zero */ +void bn_set_all_zero(BIGNUM *a); + +/* + * Copy the internal BIGNUM words into out which holds size elements (and size + * must be bigger than top) + */ +int bn_copy_words(BN_ULONG *out, const BIGNUM *in, int size); + +BN_ULONG *bn_get_words(const BIGNUM *a); + +/* + * Set the internal data words in a to point to words which contains size + * elements. The BN_FLG_STATIC_DATA flag is set + */ +void bn_set_static_words(BIGNUM *a, const BN_ULONG *words, int size); + +/* + * Copy words into the BIGNUM |a|, reallocating space as necessary. + * The negative flag of |a| is not modified. + * Returns 1 on success and 0 on failure. + */ +/* + * |num_words| is int because bn_expand2 takes an int. This is an internal + * function so we simply trust callers not to pass negative values. + */ +int bn_set_words(BIGNUM *a, const BN_ULONG *words, int num_words); + +/* + * Some BIGNUM functions assume most significant limb to be non-zero, which + * is customarily arranged by bn_correct_top. Output from below functions + * is not processed with bn_correct_top, and for this reason it may not be + * returned out of public API. It may only be passed internally into other + * functions known to support non-minimal or zero-padded BIGNUMs. Even + * though the goal is to facilitate constant-time-ness, not each subroutine + * is constant-time by itself. They all have pre-conditions, consult source + * code... + */ +int bn_mul_mont_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, + BN_MONT_CTX *mont, BN_CTX *ctx); +int bn_to_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont, + BN_CTX *ctx); +int bn_from_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont, + BN_CTX *ctx); +int bn_mod_add_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, + const BIGNUM *m); +int bn_mod_sub_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, + const BIGNUM *m); +int bn_mul_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); +int bn_sqr_fixed_top(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx); +int bn_lshift_fixed_top(BIGNUM *r, const BIGNUM *a, int n); +int bn_rshift_fixed_top(BIGNUM *r, const BIGNUM *a, int n); +int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, + const BIGNUM *d, BN_CTX *ctx); + +#endif diff --git a/include/crypto/bn_conf.h.in b/include/crypto/bn_conf.h.in new file mode 100644 index 0000000000..ec6e4f6c1b --- /dev/null +++ b/include/crypto/bn_conf.h.in @@ -0,0 +1,27 @@ +{- join("\n",map { "/* $_ */" } @autowarntext) -} +/* + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_BN_CONF_H +# define HEADER_BN_CONF_H + +/* + * The contents of this file are not used in the UEFI build, as + * both 32-bit and 64-bit builds are supported from a single run + * of the Configure script. + */ + +/* Should we define BN_DIV2W here? */ + +/* Only one for the following should be defined */ +{- $config{b64l} ? "#define" : "#undef" -} SIXTY_FOUR_BIT_LONG +{- $config{b64} ? "#define" : "#undef" -} SIXTY_FOUR_BIT +{- $config{b32} ? "#define" : "#undef" -} THIRTY_TWO_BIT + +#endif diff --git a/include/crypto/bn_dh.h b/include/crypto/bn_dh.h new file mode 100644 index 0000000000..70ebca2875 --- /dev/null +++ b/include/crypto/bn_dh.h @@ -0,0 +1,24 @@ +/* + * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#define declare_dh_bn(x) \ + extern const BIGNUM _bignum_dh##x##_p; \ + extern const BIGNUM _bignum_dh##x##_g; \ + extern const BIGNUM _bignum_dh##x##_q; + +declare_dh_bn(1024_160) +declare_dh_bn(2048_224) +declare_dh_bn(2048_256) + +extern const BIGNUM _bignum_ffdhe2048_p; +extern const BIGNUM _bignum_ffdhe3072_p; +extern const BIGNUM _bignum_ffdhe4096_p; +extern const BIGNUM _bignum_ffdhe6144_p; +extern const BIGNUM _bignum_ffdhe8192_p; +extern const BIGNUM _bignum_const_2; diff --git a/include/crypto/bn_srp.h b/include/crypto/bn_srp.h new file mode 100644 index 0000000000..d4b282a6bb --- /dev/null +++ b/include/crypto/bn_srp.h @@ -0,0 +1,32 @@ +/* + * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef OPENSSL_NO_SRP + +extern const BIGNUM bn_group_1024; + +extern const BIGNUM bn_group_1536; + +extern const BIGNUM bn_group_2048; + +extern const BIGNUM bn_group_3072; + +extern const BIGNUM bn_group_4096; + +extern const BIGNUM bn_group_6144; + +extern const BIGNUM bn_group_8192; + +extern const BIGNUM bn_generator_19; + +extern const BIGNUM bn_generator_5; + +extern const BIGNUM bn_generator_2; + +#endif diff --git a/include/crypto/chacha.h b/include/crypto/chacha.h new file mode 100644 index 0000000000..67243f2228 --- /dev/null +++ b/include/crypto/chacha.h @@ -0,0 +1,42 @@ +/* + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_CHACHA_H +#define HEADER_CHACHA_H + +#include + +/* + * ChaCha20_ctr32 encrypts |len| bytes from |inp| with the given key and + * nonce and writes the result to |out|, which may be equal to |inp|. + * The |key| is not 32 bytes of verbatim key material though, but the + * said material collected into 8 32-bit elements array in host byte + * order. Same approach applies to nonce: the |counter| argument is + * pointer to concatenated nonce and counter values collected into 4 + * 32-bit elements. This, passing crypto material collected into 32-bit + * elements as opposite to passing verbatim byte vectors, is chosen for + * efficiency in multi-call scenarios. + */ +void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp, + size_t len, const unsigned int key[8], + const unsigned int counter[4]); +/* + * You can notice that there is no key setup procedure. Because it's + * as trivial as collecting bytes into 32-bit elements, it's reckoned + * that below macro is sufficient. + */ +#define CHACHA_U8TOU32(p) ( \ + ((unsigned int)(p)[0]) | ((unsigned int)(p)[1]<<8) | \ + ((unsigned int)(p)[2]<<16) | ((unsigned int)(p)[3]<<24) ) + +#define CHACHA_KEY_SIZE 32 +#define CHACHA_CTR_SIZE 16 +#define CHACHA_BLK_SIZE 64 + +#endif diff --git a/include/crypto/cryptlib.h b/include/crypto/cryptlib.h new file mode 100644 index 0000000000..38b5dac9a3 --- /dev/null +++ b/include/crypto/cryptlib.h @@ -0,0 +1,35 @@ +/* + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "internal/cryptlib.h" + +/* This file is not scanned by mkdef.pl, whereas cryptlib.h is */ + +struct thread_local_inits_st { + int async; + int err_state; + int rand; +}; + +int ossl_init_thread_start(uint64_t opts); + +/* + * OPENSSL_INIT flags. The primary list of these is in crypto.h. Flags below + * are those omitted from crypto.h because they are "reserved for internal + * use". + */ +# define OPENSSL_INIT_ZLIB 0x00010000L +# define OPENSSL_INIT_BASE_ONLY 0x00040000L + +/* OPENSSL_INIT_THREAD flags */ +# define OPENSSL_INIT_THREAD_ASYNC 0x01 +# define OPENSSL_INIT_THREAD_ERR_STATE 0x02 +# define OPENSSL_INIT_THREAD_RAND 0x04 + +void ossl_malloc_setup_failures(void); diff --git a/include/crypto/ctype.h b/include/crypto/ctype.h new file mode 100644 index 0000000000..9f3a58339c --- /dev/null +++ b/include/crypto/ctype.h @@ -0,0 +1,82 @@ +/* + * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * This version of ctype.h provides a standardised and platform + * independent implementation that supports seven bit ASCII characters. + * The specific intent is to not pass extended ASCII characters (> 127) + * even if the host operating system would. + * + * There is EBCDIC support included for machines which use this. However, + * there are a number of concerns about how well EBCDIC is supported + * throughout the rest of the source code. Refer to issue #4154 for + * details. + */ +#ifndef INTERNAL_CTYPE_H +# define INTERNAL_CTYPE_H + +# define CTYPE_MASK_lower 0x1 +# define CTYPE_MASK_upper 0x2 +# define CTYPE_MASK_digit 0x4 +# define CTYPE_MASK_space 0x8 +# define CTYPE_MASK_xdigit 0x10 +# define CTYPE_MASK_blank 0x20 +# define CTYPE_MASK_cntrl 0x40 +# define CTYPE_MASK_graph 0x80 +# define CTYPE_MASK_print 0x100 +# define CTYPE_MASK_punct 0x200 +# define CTYPE_MASK_base64 0x400 +# define CTYPE_MASK_asn1print 0x800 + +# define CTYPE_MASK_alpha (CTYPE_MASK_lower | CTYPE_MASK_upper) +# define CTYPE_MASK_alnum (CTYPE_MASK_alpha | CTYPE_MASK_digit) + +/* + * The ascii mask assumes that any other classification implies that + * the character is ASCII and that there are no ASCII characters + * that aren't in any of the classifications. + * + * This assumption holds at the moment, but it might not in the future. + */ +# define CTYPE_MASK_ascii (~0) + +# ifdef CHARSET_EBCDIC +int ossl_toascii(int c); +int ossl_fromascii(int c); +# else +# define ossl_toascii(c) (c) +# define ossl_fromascii(c) (c) +# endif +int ossl_ctype_check(int c, unsigned int mask); +int ossl_tolower(int c); +int ossl_toupper(int c); + +int ascii_isdigit(const char inchar); + +# define ossl_isalnum(c) (ossl_ctype_check((c), CTYPE_MASK_alnum)) +# define ossl_isalpha(c) (ossl_ctype_check((c), CTYPE_MASK_alpha)) +# ifdef CHARSET_EBCDIC +# define ossl_isascii(c) (ossl_ctype_check((c), CTYPE_MASK_ascii)) +# else +# define ossl_isascii(c) (((c) & ~127) == 0) +# endif +# define ossl_isblank(c) (ossl_ctype_check((c), CTYPE_MASK_blank)) +# define ossl_iscntrl(c) (ossl_ctype_check((c), CTYPE_MASK_cntrl)) +# define ossl_isdigit(c) (ossl_ctype_check((c), CTYPE_MASK_digit)) +# define ossl_isgraph(c) (ossl_ctype_check((c), CTYPE_MASK_graph)) +# define ossl_islower(c) (ossl_ctype_check((c), CTYPE_MASK_lower)) +# define ossl_isprint(c) (ossl_ctype_check((c), CTYPE_MASK_print)) +# define ossl_ispunct(c) (ossl_ctype_check((c), CTYPE_MASK_punct)) +# define ossl_isspace(c) (ossl_ctype_check((c), CTYPE_MASK_space)) +# define ossl_isupper(c) (ossl_ctype_check((c), CTYPE_MASK_upper)) +# define ossl_isxdigit(c) (ossl_ctype_check((c), CTYPE_MASK_xdigit)) +# define ossl_isbase64(c) (ossl_ctype_check((c), CTYPE_MASK_base64)) +# define ossl_isasn1print(c) (ossl_ctype_check((c), CTYPE_MASK_asn1print)) + +#endif diff --git a/include/crypto/dso_conf.h.in b/include/crypto/dso_conf.h.in new file mode 100644 index 0000000000..b2ace48a80 --- /dev/null +++ b/include/crypto/dso_conf.h.in @@ -0,0 +1,31 @@ +{- join("\n",map { "/* $_ */" } @autowarntext) -} +/* + * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_DSO_CONF_H +# define HEADER_DSO_CONF_H +{- # The DSO code currently always implements all functions so that no + # applications will have to worry about that from a compilation point + # of view. However, the "method"s may return zero unless that platform + # has support compiled in for them. Currently each method is enabled + # by a define "DSO_" ... we translate the "dso_scheme" config + # string entry into using the following logic; + my $scheme = $disabled{dso} ? undef : uc $target{dso_scheme}; + if (!$scheme) { + $scheme = "NONE"; + } + my @macros = ( "DSO_$scheme" ); + if ($scheme eq 'DLFCN') { + @macros = ( "DSO_DLFCN", "HAVE_DLFCN_H" ); + } elsif ($scheme eq "DLFCN_NO_H") { + @macros = ( "DSO_DLFCN" ); + } + join("\n", map { "# define $_" } @macros); -} +# define DSO_EXTENSION "{- $target{dso_extension} -}" +#endif diff --git a/include/crypto/ec.h b/include/crypto/ec.h new file mode 100644 index 0000000000..182c39cc80 --- /dev/null +++ b/include/crypto/ec.h @@ -0,0 +1,53 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Internal EC functions for other submodules: not for application use */ + +#ifndef HEADER_OSSL_EC_INTERNAL_H +# define HEADER_OSSL_EC_INTERNAL_H +# include + +# ifndef OPENSSL_NO_EC + +# include + +/*- + * Computes the multiplicative inverse of x in the range + * [1,EC_GROUP::order), where EC_GROUP::order is the cardinality of the + * subgroup generated by the generator G: + * + * res := x^(-1) (mod EC_GROUP::order). + * + * This function expects the following two conditions to hold: + * - the EC_GROUP order is prime, and + * - x is included in the range [1, EC_GROUP::order). + * + * This function returns 1 on success, 0 on error. + * + * If the EC_GROUP order is even, this function explicitly returns 0 as + * an error. + * In case any of the two conditions stated above is not satisfied, + * the correctness of its output is not guaranteed, even if the return + * value could still be 1 (as primality testing and a conditional modular + * reduction round on the input can be omitted by the underlying + * implementations for better SCA properties on regular input values). + */ +__owur int ec_group_do_inverse_ord(const EC_GROUP *group, BIGNUM *res, + const BIGNUM *x, BN_CTX *ctx); + +/*- + * ECDH Key Derivation Function as defined in ANSI X9.63 + */ +int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, + const unsigned char *Z, size_t Zlen, + const unsigned char *sinfo, size_t sinfolen, + const EVP_MD *md); + +# endif /* OPENSSL_NO_EC */ +#endif diff --git a/include/crypto/engine.h b/include/crypto/engine.h new file mode 100644 index 0000000000..f80ae3ec30 --- /dev/null +++ b/include/crypto/engine.h @@ -0,0 +1,20 @@ +/* + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include + +void engine_load_openssl_int(void); +void engine_load_devcrypto_int(void); +void engine_load_rdrand_int(void); +void engine_load_dynamic_int(void); +void engine_load_padlock_int(void); +void engine_load_capi_int(void); +void engine_load_dasync_int(void); +void engine_load_afalg_int(void); +void engine_cleanup_int(void); diff --git a/include/crypto/err.h b/include/crypto/err.h new file mode 100644 index 0000000000..44ac944627 --- /dev/null +++ b/include/crypto/err.h @@ -0,0 +1,19 @@ +/* + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef INTERNAL_ERR_INT_H +# define INTERNAL_ERR_INT_H + +int err_load_crypto_strings_int(void); +void err_cleanup(void); +void err_delete_thread_state(void); +int err_shelve_state(void **); +void err_unshelve_state(void *); + +#endif diff --git a/include/crypto/evp.h b/include/crypto/evp.h new file mode 100644 index 0000000000..d86aed36f0 --- /dev/null +++ b/include/crypto/evp.h @@ -0,0 +1,442 @@ +/* + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include "internal/refcount.h" + +/* + * Don't free up md_ctx->pctx in EVP_MD_CTX_reset, use the reserved flag + * values in evp.h + */ +#define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400 + +struct evp_pkey_ctx_st { + /* Method associated with this operation */ + const EVP_PKEY_METHOD *pmeth; + /* Engine that implements this method or NULL if builtin */ + ENGINE *engine; + /* Key: may be NULL */ + EVP_PKEY *pkey; + /* Peer key for key agreement, may be NULL */ + EVP_PKEY *peerkey; + /* Actual operation */ + int operation; + /* Algorithm specific data */ + void *data; + /* Application specific data */ + void *app_data; + /* Keygen callback */ + EVP_PKEY_gen_cb *pkey_gencb; + /* implementation specific keygen data */ + int *keygen_info; + int keygen_info_count; +} /* EVP_PKEY_CTX */ ; + +#define EVP_PKEY_FLAG_DYNAMIC 1 + +struct evp_pkey_method_st { + int pkey_id; + int flags; + int (*init) (EVP_PKEY_CTX *ctx); + int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src); + void (*cleanup) (EVP_PKEY_CTX *ctx); + int (*paramgen_init) (EVP_PKEY_CTX *ctx); + int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); + int (*keygen_init) (EVP_PKEY_CTX *ctx); + int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); + int (*sign_init) (EVP_PKEY_CTX *ctx); + int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, + const unsigned char *tbs, size_t tbslen); + int (*verify_init) (EVP_PKEY_CTX *ctx); + int (*verify) (EVP_PKEY_CTX *ctx, + const unsigned char *sig, size_t siglen, + const unsigned char *tbs, size_t tbslen); + int (*verify_recover_init) (EVP_PKEY_CTX *ctx); + int (*verify_recover) (EVP_PKEY_CTX *ctx, + unsigned char *rout, size_t *routlen, + const unsigned char *sig, size_t siglen); + int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); + int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, + EVP_MD_CTX *mctx); + int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); + int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, + EVP_MD_CTX *mctx); + int (*encrypt_init) (EVP_PKEY_CTX *ctx); + int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, + const unsigned char *in, size_t inlen); + int (*decrypt_init) (EVP_PKEY_CTX *ctx); + int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, + const unsigned char *in, size_t inlen); + int (*derive_init) (EVP_PKEY_CTX *ctx); + int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); + int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2); + int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value); + int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen, + const unsigned char *tbs, size_t tbslen); + int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig, + size_t siglen, const unsigned char *tbs, + size_t tbslen); + int (*check) (EVP_PKEY *pkey); + int (*public_check) (EVP_PKEY *pkey); + int (*param_check) (EVP_PKEY *pkey); + + int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); +} /* EVP_PKEY_METHOD */ ; + +DEFINE_STACK_OF_CONST(EVP_PKEY_METHOD) + +void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx); + +extern const EVP_PKEY_METHOD cmac_pkey_meth; +extern const EVP_PKEY_METHOD dh_pkey_meth; +extern const EVP_PKEY_METHOD dhx_pkey_meth; +extern const EVP_PKEY_METHOD dsa_pkey_meth; +extern const EVP_PKEY_METHOD ec_pkey_meth; +extern const EVP_PKEY_METHOD sm2_pkey_meth; +extern const EVP_PKEY_METHOD ecx25519_pkey_meth; +extern const EVP_PKEY_METHOD ecx448_pkey_meth; +extern const EVP_PKEY_METHOD ed25519_pkey_meth; +extern const EVP_PKEY_METHOD ed448_pkey_meth; +extern const EVP_PKEY_METHOD hmac_pkey_meth; +extern const EVP_PKEY_METHOD rsa_pkey_meth; +extern const EVP_PKEY_METHOD rsa_pss_pkey_meth; +extern const EVP_PKEY_METHOD scrypt_pkey_meth; +extern const EVP_PKEY_METHOD tls1_prf_pkey_meth; +extern const EVP_PKEY_METHOD hkdf_pkey_meth; +extern const EVP_PKEY_METHOD poly1305_pkey_meth; +extern const EVP_PKEY_METHOD siphash_pkey_meth; + +struct evp_md_st { + int type; + int pkey_type; + int md_size; + unsigned long flags; + int (*init) (EVP_MD_CTX *ctx); + int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count); + int (*final) (EVP_MD_CTX *ctx, unsigned char *md); + int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from); + int (*cleanup) (EVP_MD_CTX *ctx); + int block_size; + int ctx_size; /* how big does the ctx->md_data need to be */ + /* control function */ + int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2); +} /* EVP_MD */ ; + +struct evp_cipher_st { + int nid; + int block_size; + /* Default value for variable length ciphers */ + int key_len; + int iv_len; + /* Various flags */ + unsigned long flags; + /* init key */ + int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); + /* encrypt/decrypt data */ + int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl); + /* cleanup ctx */ + int (*cleanup) (EVP_CIPHER_CTX *); + /* how big ctx->cipher_data needs to be */ + int ctx_size; + /* Populate a ASN1_TYPE with parameters */ + int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *); + /* Get parameters from a ASN1_TYPE */ + int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *); + /* Miscellaneous operations */ + int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr); + /* Application data */ + void *app_data; +} /* EVP_CIPHER */ ; + +/* Macros to code block cipher wrappers */ + +/* Wrapper functions for each cipher mode */ + +#define EVP_C_DATA(kstruct, ctx) \ + ((kstruct *)EVP_CIPHER_CTX_get_cipher_data(ctx)) + +#define BLOCK_CIPHER_ecb_loop() \ + size_t i, bl; \ + bl = EVP_CIPHER_CTX_cipher(ctx)->block_size; \ + if (inl < bl) return 1;\ + inl -= bl; \ + for (i=0; i <= inl; i+=bl) + +#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \ +static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ +{\ + BLOCK_CIPHER_ecb_loop() \ + cprefix##_ecb_encrypt(in + i, out + i, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_encrypting(ctx)); \ + return 1;\ +} + +#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2)) + +#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \ + static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ +{\ + while(inl>=EVP_MAXCHUNK) {\ + int num = EVP_CIPHER_CTX_num(ctx);\ + cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \ + EVP_CIPHER_CTX_set_num(ctx, num);\ + inl-=EVP_MAXCHUNK;\ + in +=EVP_MAXCHUNK;\ + out+=EVP_MAXCHUNK;\ + }\ + if (inl) {\ + int num = EVP_CIPHER_CTX_num(ctx);\ + cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \ + EVP_CIPHER_CTX_set_num(ctx, num);\ + }\ + return 1;\ +} + +#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \ +static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ +{\ + while(inl>=EVP_MAXCHUNK) \ + {\ + cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\ + inl-=EVP_MAXCHUNK;\ + in +=EVP_MAXCHUNK;\ + out+=EVP_MAXCHUNK;\ + }\ + if (inl)\ + cprefix##_cbc_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\ + return 1;\ +} + +#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ +static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \ +{\ + size_t chunk = EVP_MAXCHUNK;\ + if (cbits == 1) chunk >>= 3;\ + if (inl < chunk) chunk = inl;\ + while (inl && inl >= chunk)\ + {\ + int num = EVP_CIPHER_CTX_num(ctx);\ + cprefix##_cfb##cbits##_encrypt(in, out, (long) \ + ((cbits == 1) \ + && !EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS) \ + ? chunk*8 : chunk), \ + &EVP_C_DATA(kstruct, ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx),\ + &num, EVP_CIPHER_CTX_encrypting(ctx));\ + EVP_CIPHER_CTX_set_num(ctx, num);\ + inl -= chunk;\ + in += chunk;\ + out += chunk;\ + if (inl < chunk) chunk = inl;\ + }\ + return 1;\ +} + +#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \ + BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \ + BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ + BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \ + BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) + +#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \ + key_len, iv_len, flags, init_key, cleanup, \ + set_asn1, get_asn1, ctrl) \ +static const EVP_CIPHER cname##_##mode = { \ + nid##_##nmode, block_size, key_len, iv_len, \ + flags | EVP_CIPH_##MODE##_MODE, \ + init_key, \ + cname##_##mode##_cipher, \ + cleanup, \ + sizeof(kstruct), \ + set_asn1, get_asn1,\ + ctrl, \ + NULL \ +}; \ +const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; } + +#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \ + iv_len, flags, init_key, cleanup, set_asn1, \ + get_asn1, ctrl) \ +BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \ + iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl) + +#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \ + iv_len, cbits, flags, init_key, cleanup, \ + set_asn1, get_asn1, ctrl) \ +BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \ + key_len, iv_len, flags, init_key, cleanup, set_asn1, \ + get_asn1, ctrl) + +#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \ + iv_len, cbits, flags, init_key, cleanup, \ + set_asn1, get_asn1, ctrl) \ +BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \ + key_len, iv_len, flags, init_key, cleanup, set_asn1, \ + get_asn1, ctrl) + +#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \ + flags, init_key, cleanup, set_asn1, \ + get_asn1, ctrl) \ +BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \ + 0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl) + +#define BLOCK_CIPHER_defs(cname, kstruct, \ + nid, block_size, key_len, iv_len, cbits, flags, \ + init_key, cleanup, set_asn1, get_asn1, ctrl) \ +BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \ + init_key, cleanup, set_asn1, get_asn1, ctrl) \ +BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \ + flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \ +BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \ + flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \ +BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \ + init_key, cleanup, set_asn1, get_asn1, ctrl) + +/*- +#define BLOCK_CIPHER_defs(cname, kstruct, \ + nid, block_size, key_len, iv_len, flags,\ + init_key, cleanup, set_asn1, get_asn1, ctrl)\ +static const EVP_CIPHER cname##_cbc = {\ + nid##_cbc, block_size, key_len, iv_len, \ + flags | EVP_CIPH_CBC_MODE,\ + init_key,\ + cname##_cbc_cipher,\ + cleanup,\ + sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ + sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ + set_asn1, get_asn1,\ + ctrl, \ + NULL \ +};\ +const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\ +static const EVP_CIPHER cname##_cfb = {\ + nid##_cfb64, 1, key_len, iv_len, \ + flags | EVP_CIPH_CFB_MODE,\ + init_key,\ + cname##_cfb_cipher,\ + cleanup,\ + sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ + sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ + set_asn1, get_asn1,\ + ctrl,\ + NULL \ +};\ +const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\ +static const EVP_CIPHER cname##_ofb = {\ + nid##_ofb64, 1, key_len, iv_len, \ + flags | EVP_CIPH_OFB_MODE,\ + init_key,\ + cname##_ofb_cipher,\ + cleanup,\ + sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ + sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ + set_asn1, get_asn1,\ + ctrl,\ + NULL \ +};\ +const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\ +static const EVP_CIPHER cname##_ecb = {\ + nid##_ecb, block_size, key_len, iv_len, \ + flags | EVP_CIPH_ECB_MODE,\ + init_key,\ + cname##_ecb_cipher,\ + cleanup,\ + sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ + sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ + set_asn1, get_asn1,\ + ctrl,\ + NULL \ +};\ +const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } +*/ + +#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \ + block_size, key_len, iv_len, cbits, \ + flags, init_key, \ + cleanup, set_asn1, get_asn1, ctrl) \ + BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \ + BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \ + cbits, flags, init_key, cleanup, set_asn1, \ + get_asn1, ctrl) + +#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \ + BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \ + BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \ + NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \ + (fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \ + cipher##_init_key, NULL, NULL, NULL, NULL) + + +# ifndef OPENSSL_NO_EC + +#define X25519_KEYLEN 32 +#define X448_KEYLEN 56 +#define ED448_KEYLEN 57 + +#define MAX_KEYLEN ED448_KEYLEN + +typedef struct { + unsigned char pubkey[MAX_KEYLEN]; + unsigned char *privkey; +} ECX_KEY; + +#endif + +/* + * Type needs to be a bit field Sub-type needs to be for variations on the + * method, as in, can it do arbitrary encryption.... + */ +struct evp_pkey_st { + int type; + int save_type; + CRYPTO_REF_COUNT references; + const EVP_PKEY_ASN1_METHOD *ameth; + ENGINE *engine; + ENGINE *pmeth_engine; /* If not NULL public key ENGINE to use */ + union { + void *ptr; +# ifndef OPENSSL_NO_RSA + struct rsa_st *rsa; /* RSA */ +# endif +# ifndef OPENSSL_NO_DSA + struct dsa_st *dsa; /* DSA */ +# endif +# ifndef OPENSSL_NO_DH + struct dh_st *dh; /* DH */ +# endif +# ifndef OPENSSL_NO_EC + struct ec_key_st *ec; /* ECC */ + ECX_KEY *ecx; /* X25519, X448, Ed25519, Ed448 */ +# endif + } pkey; + int save_parameters; + STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ + CRYPTO_RWLOCK *lock; +} /* EVP_PKEY */ ; + + +void openssl_add_all_ciphers_int(void); +void openssl_add_all_digests_int(void); +void evp_cleanup_int(void); +void evp_app_cleanup_int(void); + +/* Pulling defines out of C source files */ + +#define EVP_RC4_KEY_SIZE 16 +#ifndef TLS1_1_VERSION +# define TLS1_1_VERSION 0x0302 +#endif + +void evp_encode_ctx_set_flags(EVP_ENCODE_CTX *ctx, unsigned int flags); + +/* EVP_ENCODE_CTX flags */ +/* Don't generate new lines when encoding */ +#define EVP_ENCODE_CTX_NO_NEWLINES 1 +/* Use the SRP base64 alphabet instead of the standard one */ +#define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2 diff --git a/include/crypto/lhash.h b/include/crypto/lhash.h new file mode 100644 index 0000000000..200ba8685d --- /dev/null +++ b/include/crypto/lhash.h @@ -0,0 +1,15 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef INTERNAL_LHASH_H +# define INTERNAL_LHASH_H + +unsigned long openssl_lh_strcasehash(const char *); + +#endif diff --git a/include/crypto/md32_common.h b/include/crypto/md32_common.h new file mode 100644 index 0000000000..1124e9c24b --- /dev/null +++ b/include/crypto/md32_common.h @@ -0,0 +1,256 @@ +/* + * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/*- + * This is a generic 32 bit "collector" for message digest algorithms. + * Whenever needed it collects input character stream into chunks of + * 32 bit values and invokes a block function that performs actual hash + * calculations. + * + * Porting guide. + * + * Obligatory macros: + * + * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN + * this macro defines byte order of input stream. + * HASH_CBLOCK + * size of a unit chunk HASH_BLOCK operates on. + * HASH_LONG + * has to be at least 32 bit wide. + * HASH_CTX + * context structure that at least contains following + * members: + * typedef struct { + * ... + * HASH_LONG Nl,Nh; + * either { + * HASH_LONG data[HASH_LBLOCK]; + * unsigned char data[HASH_CBLOCK]; + * }; + * unsigned int num; + * ... + * } HASH_CTX; + * data[] vector is expected to be zeroed upon first call to + * HASH_UPDATE. + * HASH_UPDATE + * name of "Update" function, implemented here. + * HASH_TRANSFORM + * name of "Transform" function, implemented here. + * HASH_FINAL + * name of "Final" function, implemented here. + * HASH_BLOCK_DATA_ORDER + * name of "block" function capable of treating *unaligned* input + * message in original (data) byte order, implemented externally. + * HASH_MAKE_STRING + * macro converting context variables to an ASCII hash string. + * + * MD5 example: + * + * #define DATA_ORDER_IS_LITTLE_ENDIAN + * + * #define HASH_LONG MD5_LONG + * #define HASH_CTX MD5_CTX + * #define HASH_CBLOCK MD5_CBLOCK + * #define HASH_UPDATE MD5_Update + * #define HASH_TRANSFORM MD5_Transform + * #define HASH_FINAL MD5_Final + * #define HASH_BLOCK_DATA_ORDER md5_block_data_order + */ + +#include + +#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN) +# error "DATA_ORDER must be defined!" +#endif + +#ifndef HASH_CBLOCK +# error "HASH_CBLOCK must be defined!" +#endif +#ifndef HASH_LONG +# error "HASH_LONG must be defined!" +#endif +#ifndef HASH_CTX +# error "HASH_CTX must be defined!" +#endif + +#ifndef HASH_UPDATE +# error "HASH_UPDATE must be defined!" +#endif +#ifndef HASH_TRANSFORM +# error "HASH_TRANSFORM must be defined!" +#endif +#ifndef HASH_FINAL +# error "HASH_FINAL must be defined!" +#endif + +#ifndef HASH_BLOCK_DATA_ORDER +# error "HASH_BLOCK_DATA_ORDER must be defined!" +#endif + +#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n)))) + +#if defined(DATA_ORDER_IS_BIG_ENDIAN) + +# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ + l|=(((unsigned long)(*((c)++)))<<16), \ + l|=(((unsigned long)(*((c)++)))<< 8), \ + l|=(((unsigned long)(*((c)++))) ) ) +# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l) )&0xff), \ + l) + +#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) + +# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \ + l|=(((unsigned long)(*((c)++)))<< 8), \ + l|=(((unsigned long)(*((c)++)))<<16), \ + l|=(((unsigned long)(*((c)++)))<<24) ) +# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16)&0xff), \ + *((c)++)=(unsigned char)(((l)>>24)&0xff), \ + l) + +#endif + +/* + * Time for some action :-) + */ + +int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len) +{ + const unsigned char *data = data_; + unsigned char *p; + HASH_LONG l; + size_t n; + + if (len == 0) + return 1; + + l = (c->Nl + (((HASH_LONG) len) << 3)) & 0xffffffffUL; + if (l < c->Nl) /* overflow */ + c->Nh++; + c->Nh += (HASH_LONG) (len >> 29); /* might cause compiler warning on + * 16-bit */ + c->Nl = l; + + n = c->num; + if (n != 0) { + p = (unsigned char *)c->data; + + if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) { + memcpy(p + n, data, HASH_CBLOCK - n); + HASH_BLOCK_DATA_ORDER(c, p, 1); + n = HASH_CBLOCK - n; + data += n; + len -= n; + c->num = 0; + /* + * We use memset rather than OPENSSL_cleanse() here deliberately. + * Using OPENSSL_cleanse() here could be a performance issue. It + * will get properly cleansed on finalisation so this isn't a + * security problem. + */ + memset(p, 0, HASH_CBLOCK); /* keep it zeroed */ + } else { + memcpy(p + n, data, len); + c->num += (unsigned int)len; + return 1; + } + } + + n = len / HASH_CBLOCK; + if (n > 0) { + HASH_BLOCK_DATA_ORDER(c, data, n); + n *= HASH_CBLOCK; + data += n; + len -= n; + } + + if (len != 0) { + p = (unsigned char *)c->data; + c->num = (unsigned int)len; + memcpy(p, data, len); + } + return 1; +} + +void HASH_TRANSFORM(HASH_CTX *c, const unsigned char *data) +{ + HASH_BLOCK_DATA_ORDER(c, data, 1); +} + +int HASH_FINAL(unsigned char *md, HASH_CTX *c) +{ + unsigned char *p = (unsigned char *)c->data; + size_t n = c->num; + + p[n] = 0x80; /* there is always room for one */ + n++; + + if (n > (HASH_CBLOCK - 8)) { + memset(p + n, 0, HASH_CBLOCK - n); + n = 0; + HASH_BLOCK_DATA_ORDER(c, p, 1); + } + memset(p + n, 0, HASH_CBLOCK - 8 - n); + + p += HASH_CBLOCK - 8; +#if defined(DATA_ORDER_IS_BIG_ENDIAN) + (void)HOST_l2c(c->Nh, p); + (void)HOST_l2c(c->Nl, p); +#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) + (void)HOST_l2c(c->Nl, p); + (void)HOST_l2c(c->Nh, p); +#endif + p -= HASH_CBLOCK; + HASH_BLOCK_DATA_ORDER(c, p, 1); + c->num = 0; + OPENSSL_cleanse(p, HASH_CBLOCK); + +#ifndef HASH_MAKE_STRING +# error "HASH_MAKE_STRING must be defined!" +#else + HASH_MAKE_STRING(c, md); +#endif + + return 1; +} + +#ifndef MD32_REG_T +# if defined(__alpha) || defined(__sparcv9) || defined(__mips) +# define MD32_REG_T long +/* + * This comment was originally written for MD5, which is why it + * discusses A-D. But it basically applies to all 32-bit digests, + * which is why it was moved to common header file. + * + * In case you wonder why A-D are declared as long and not + * as MD5_LONG. Doing so results in slight performance + * boost on LP64 architectures. The catch is we don't + * really care if 32 MSBs of a 64-bit register get polluted + * with eventual overflows as we *save* only 32 LSBs in + * *either* case. Now declaring 'em long excuses the compiler + * from keeping 32 MSBs zeroed resulting in 13% performance + * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. + * Well, to be honest it should say that this *prevents* + * performance degradation. + */ +# else +/* + * Above is not absolute and there are LP64 compilers that + * generate better code if MD32_REG_T is defined int. The above + * pre-processor condition reflects the circumstances under which + * the conclusion was made and is subject to further extension. + */ +# define MD32_REG_T int +# endif +#endif diff --git a/include/crypto/objects.h b/include/crypto/objects.h new file mode 100644 index 0000000000..76e1b4d988 --- /dev/null +++ b/include/crypto/objects.h @@ -0,0 +1,12 @@ +/* + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include + +void obj_cleanup_int(void); diff --git a/include/crypto/poly1305.h b/include/crypto/poly1305.h new file mode 100644 index 0000000000..5fef239d0f --- /dev/null +++ b/include/crypto/poly1305.h @@ -0,0 +1,21 @@ +/* + * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include + +#define POLY1305_BLOCK_SIZE 16 +#define POLY1305_DIGEST_SIZE 16 +#define POLY1305_KEY_SIZE 32 + +typedef struct poly1305_context POLY1305; + +size_t Poly1305_ctx_size(void); +void Poly1305_Init(POLY1305 *ctx, const unsigned char key[32]); +void Poly1305_Update(POLY1305 *ctx, const unsigned char *inp, size_t len); +void Poly1305_Final(POLY1305 *ctx, unsigned char mac[16]); diff --git a/include/crypto/rand.h b/include/crypto/rand.h new file mode 100644 index 0000000000..10347ab0e3 --- /dev/null +++ b/include/crypto/rand.h @@ -0,0 +1,134 @@ +/* + * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Licensed under the OpenSSL licenses, (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * https://www.openssl.org/source/license.html + * or in the file LICENSE in the source distribution. + */ + +#ifndef HEADER_RAND_INT_H +# define HEADER_RAND_INT_H + +# include + +/* forward declaration */ +typedef struct rand_pool_st RAND_POOL; + +void rand_cleanup_int(void); +void rand_drbg_cleanup_int(void); +void drbg_delete_thread_state(void); + +/* Hardware-based seeding functions. */ +size_t rand_acquire_entropy_from_tsc(RAND_POOL *pool); +size_t rand_acquire_entropy_from_cpu(RAND_POOL *pool); + +/* DRBG entropy callbacks. */ +size_t rand_drbg_get_entropy(RAND_DRBG *drbg, + unsigned char **pout, + int entropy, size_t min_len, size_t max_len, + int prediction_resistance); +void rand_drbg_cleanup_entropy(RAND_DRBG *drbg, + unsigned char *out, size_t outlen); +size_t rand_drbg_get_nonce(RAND_DRBG *drbg, + unsigned char **pout, + int entropy, size_t min_len, size_t max_len); +void rand_drbg_cleanup_nonce(RAND_DRBG *drbg, + unsigned char *out, size_t outlen); + +size_t rand_drbg_get_additional_data(RAND_POOL *pool, unsigned char **pout); + +void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out); + +/* + * RAND_POOL functions + */ +RAND_POOL *rand_pool_new(int entropy_requested, int secure, + size_t min_len, size_t max_len); +RAND_POOL *rand_pool_attach(const unsigned char *buffer, size_t len, + size_t entropy); +void rand_pool_free(RAND_POOL *pool); + +const unsigned char *rand_pool_buffer(RAND_POOL *pool); +unsigned char *rand_pool_detach(RAND_POOL *pool); +void rand_pool_reattach(RAND_POOL *pool, unsigned char *buffer); + +size_t rand_pool_entropy(RAND_POOL *pool); +size_t rand_pool_length(RAND_POOL *pool); + +size_t rand_pool_entropy_available(RAND_POOL *pool); +size_t rand_pool_entropy_needed(RAND_POOL *pool); +/* |entropy_factor| expresses how many bits of data contain 1 bit of entropy */ +size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor); +size_t rand_pool_bytes_remaining(RAND_POOL *pool); + +int rand_pool_add(RAND_POOL *pool, + const unsigned char *buffer, size_t len, size_t entropy); +unsigned char *rand_pool_add_begin(RAND_POOL *pool, size_t len); +int rand_pool_add_end(RAND_POOL *pool, size_t len, size_t entropy); + + +/* + * Add random bytes to the pool to acquire requested amount of entropy + * + * This function is platform specific and tries to acquire the requested + * amount of entropy by polling platform specific entropy sources. + * + * If the function succeeds in acquiring at least |entropy_requested| bits + * of entropy, the total entropy count is returned. If it fails, it returns + * an entropy count of 0. + */ +size_t rand_pool_acquire_entropy(RAND_POOL *pool); + +/* + * Add some application specific nonce data + * + * This function is platform specific and adds some application specific + * data to the nonce used for instantiating the drbg. + * + * This data currently consists of the process and thread id, and a high + * resolution timestamp. The data does not include an atomic counter, + * because that is added by the calling function rand_drbg_get_nonce(). + * + * Returns 1 on success and 0 on failure. + */ +int rand_pool_add_nonce_data(RAND_POOL *pool); + + +/* + * Add some platform specific additional data + * + * This function is platform specific and adds some random noise to the + * additional data used for generating random bytes and for reseeding + * the drbg. + * + * Returns 1 on success and 0 on failure. + */ +int rand_pool_add_additional_data(RAND_POOL *pool); + +/* + * Initialise the random pool reseeding sources. + * + * Returns 1 on success and 0 on failure. + */ +int rand_pool_init(void); + +/* + * Finalise the random pool reseeding sources. + */ +void rand_pool_cleanup(void); + +/* + * Control the random pool use of open file descriptors. + */ +void rand_pool_keep_random_devices_open(int keep); + +#endif diff --git a/include/crypto/sha.h b/include/crypto/sha.h new file mode 100644 index 0000000000..458a75e89d --- /dev/null +++ b/include/crypto/sha.h @@ -0,0 +1,19 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_INTERNAL_SHA_H +# define HEADER_INTERNAL_SHA_H + +# include + +int sha512_224_init(SHA512_CTX *); +int sha512_256_init(SHA512_CTX *); + +#endif diff --git a/include/crypto/siphash.h b/include/crypto/siphash.h new file mode 100644 index 0000000000..9573680f0f --- /dev/null +++ b/include/crypto/siphash.h @@ -0,0 +1,25 @@ +/* + * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include + +#define SIPHASH_BLOCK_SIZE 8 +#define SIPHASH_KEY_SIZE 16 +#define SIPHASH_MIN_DIGEST_SIZE 8 +#define SIPHASH_MAX_DIGEST_SIZE 16 + +typedef struct siphash_st SIPHASH; + +size_t SipHash_ctx_size(void); +size_t SipHash_hash_size(SIPHASH *ctx); +int SipHash_set_hash_size(SIPHASH *ctx, size_t hash_size); +int SipHash_Init(SIPHASH *ctx, const unsigned char *k, + int crounds, int drounds); +void SipHash_Update(SIPHASH *ctx, const unsigned char *in, size_t inlen); +int SipHash_Final(SIPHASH *ctx, unsigned char *out, size_t outlen); diff --git a/include/crypto/sm2.h b/include/crypto/sm2.h new file mode 100644 index 0000000000..5c5cd4b4f5 --- /dev/null +++ b/include/crypto/sm2.h @@ -0,0 +1,78 @@ +/* + * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017 Ribose Inc. All Rights Reserved. + * Ported from Ribose contributions from Botan. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_SM2_H +# define HEADER_SM2_H +# include + +# ifndef OPENSSL_NO_SM2 + +# include + +/* The default user id as specified in GM/T 0009-2012 */ +# define SM2_DEFAULT_USERID "1234567812345678" + +int sm2_compute_z_digest(uint8_t *out, + const EVP_MD *digest, + const uint8_t *id, + const size_t id_len, + const EC_KEY *key); + +/* + * SM2 signature operation. Computes Z and then signs H(Z || msg) using SM2 + */ +ECDSA_SIG *sm2_do_sign(const EC_KEY *key, + const EVP_MD *digest, + const uint8_t *id, + const size_t id_len, + const uint8_t *msg, size_t msg_len); + +int sm2_do_verify(const EC_KEY *key, + const EVP_MD *digest, + const ECDSA_SIG *signature, + const uint8_t *id, + const size_t id_len, + const uint8_t *msg, size_t msg_len); + +/* + * SM2 signature generation. + */ +int sm2_sign(const unsigned char *dgst, int dgstlen, + unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); + +/* + * SM2 signature verification. + */ +int sm2_verify(const unsigned char *dgst, int dgstlen, + const unsigned char *sig, int siglen, EC_KEY *eckey); + +/* + * SM2 encryption + */ +int sm2_ciphertext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, + size_t *ct_size); + +int sm2_plaintext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, + size_t *pt_size); + +int sm2_encrypt(const EC_KEY *key, + const EVP_MD *digest, + const uint8_t *msg, + size_t msg_len, + uint8_t *ciphertext_buf, size_t *ciphertext_len); + +int sm2_decrypt(const EC_KEY *key, + const EVP_MD *digest, + const uint8_t *ciphertext, + size_t ciphertext_len, uint8_t *ptext_buf, size_t *ptext_len); + +# endif /* OPENSSL_NO_SM2 */ +#endif diff --git a/include/crypto/sm2err.h b/include/crypto/sm2err.h new file mode 100644 index 0000000000..09edfab787 --- /dev/null +++ b/include/crypto/sm2err.h @@ -0,0 +1,65 @@ +/* + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_SM2ERR_H +# define HEADER_SM2ERR_H + +# ifndef HEADER_SYMHACKS_H +# include +# endif + +# include + +# ifndef OPENSSL_NO_SM2 + +# ifdef __cplusplus +extern "C" +# endif +int ERR_load_SM2_strings(void); + +/* + * SM2 function codes. + */ +# define SM2_F_PKEY_SM2_COPY 115 +# define SM2_F_PKEY_SM2_CTRL 109 +# define SM2_F_PKEY_SM2_CTRL_STR 110 +# define SM2_F_PKEY_SM2_DIGEST_CUSTOM 114 +# define SM2_F_PKEY_SM2_INIT 111 +# define SM2_F_PKEY_SM2_SIGN 112 +# define SM2_F_SM2_COMPUTE_MSG_HASH 100 +# define SM2_F_SM2_COMPUTE_USERID_DIGEST 101 +# define SM2_F_SM2_COMPUTE_Z_DIGEST 113 +# define SM2_F_SM2_DECRYPT 102 +# define SM2_F_SM2_ENCRYPT 103 +# define SM2_F_SM2_PLAINTEXT_SIZE 104 +# define SM2_F_SM2_SIGN 105 +# define SM2_F_SM2_SIG_GEN 106 +# define SM2_F_SM2_SIG_VERIFY 107 +# define SM2_F_SM2_VERIFY 108 + +/* + * SM2 reason codes. + */ +# define SM2_R_ASN1_ERROR 100 +# define SM2_R_BAD_SIGNATURE 101 +# define SM2_R_BUFFER_TOO_SMALL 107 +# define SM2_R_DIST_ID_TOO_LARGE 110 +# define SM2_R_ID_NOT_SET 112 +# define SM2_R_ID_TOO_LARGE 111 +# define SM2_R_INVALID_CURVE 108 +# define SM2_R_INVALID_DIGEST 102 +# define SM2_R_INVALID_DIGEST_TYPE 103 +# define SM2_R_INVALID_ENCODING 104 +# define SM2_R_INVALID_FIELD 105 +# define SM2_R_NO_PARAMETERS_SET 109 +# define SM2_R_USER_ID_TOO_LARGE 106 + +# endif +#endif diff --git a/include/crypto/sm3.h b/include/crypto/sm3.h new file mode 100644 index 0000000000..27eb471c28 --- /dev/null +++ b/include/crypto/sm3.h @@ -0,0 +1,39 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017 Ribose Inc. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_SM3_H +# define HEADER_SM3_H + +# include + +# ifdef OPENSSL_NO_SM3 +# error SM3 is disabled. +# endif + +# define SM3_DIGEST_LENGTH 32 +# define SM3_WORD unsigned int + +# define SM3_CBLOCK 64 +# define SM3_LBLOCK (SM3_CBLOCK/4) + +typedef struct SM3state_st { + SM3_WORD A, B, C, D, E, F, G, H; + SM3_WORD Nl, Nh; + SM3_WORD data[SM3_LBLOCK]; + unsigned int num; +} SM3_CTX; + +int sm3_init(SM3_CTX *c); +int sm3_update(SM3_CTX *c, const void *data, size_t len); +int sm3_final(unsigned char *md, SM3_CTX *c); + +void sm3_block_data_order(SM3_CTX *c, const void *p, size_t num); + +#endif diff --git a/include/crypto/sm4.h b/include/crypto/sm4.h new file mode 100644 index 0000000000..f1f157ef53 --- /dev/null +++ b/include/crypto/sm4.h @@ -0,0 +1,37 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017 Ribose Inc. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_SM4_H +# define HEADER_SM4_H + +# include +# include + +# ifdef OPENSSL_NO_SM4 +# error SM4 is disabled. +# endif + +# define SM4_ENCRYPT 1 +# define SM4_DECRYPT 0 + +# define SM4_BLOCK_SIZE 16 +# define SM4_KEY_SCHEDULE 32 + +typedef struct SM4_KEY_st { + uint32_t rk[SM4_KEY_SCHEDULE]; +} SM4_KEY; + +int SM4_set_key(const uint8_t *key, SM4_KEY *ks); + +void SM4_encrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); + +void SM4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); + +#endif diff --git a/include/crypto/store.h b/include/crypto/store.h new file mode 100644 index 0000000000..81c075b92b --- /dev/null +++ b/include/crypto/store.h @@ -0,0 +1,28 @@ +/* + * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_STORE_H +# define HEADER_STORE_H + +# include +# include +# include + +/* + * Two functions to read PEM data off an already opened BIO. To be used + * instead of OSSLSTORE_open() and OSSLSTORE_close(). Everything is done + * as usual with OSSLSTORE_load() and OSSLSTORE_eof(). + */ +OSSL_STORE_CTX *ossl_store_attach_pem_bio(BIO *bp, const UI_METHOD *ui_method, + void *ui_data); +int ossl_store_detach_pem_bio(OSSL_STORE_CTX *ctx); + +void ossl_store_cleanup_int(void); + +#endif diff --git a/include/crypto/x509.h b/include/crypto/x509.h new file mode 100644 index 0000000000..b53c2b03c3 --- /dev/null +++ b/include/crypto/x509.h @@ -0,0 +1,286 @@ +/* + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "internal/refcount.h" + +/* Internal X509 structures and functions: not for application use */ + +/* Note: unless otherwise stated a field pointer is mandatory and should + * never be set to NULL: the ASN.1 code and accessors rely on mandatory + * fields never being NULL. + */ + +/* + * name entry structure, equivalent to AttributeTypeAndValue defined + * in RFC5280 et al. + */ +struct X509_name_entry_st { + ASN1_OBJECT *object; /* AttributeType */ + ASN1_STRING *value; /* AttributeValue */ + int set; /* index of RDNSequence for this entry */ + int size; /* temp variable */ +}; + +/* Name from RFC 5280. */ +struct X509_name_st { + STACK_OF(X509_NAME_ENTRY) *entries; /* DN components */ + int modified; /* true if 'bytes' needs to be built */ + BUF_MEM *bytes; /* cached encoding: cannot be NULL */ + /* canonical encoding used for rapid Name comparison */ + unsigned char *canon_enc; + int canon_enclen; +} /* X509_NAME */ ; + +/* Signature info structure */ + +struct x509_sig_info_st { + /* NID of message digest */ + int mdnid; + /* NID of public key algorithm */ + int pknid; + /* Security bits */ + int secbits; + /* Various flags */ + uint32_t flags; +}; + +/* PKCS#10 certificate request */ + +struct X509_req_info_st { + ASN1_ENCODING enc; /* cached encoding of signed part */ + ASN1_INTEGER *version; /* version, defaults to v1(0) so can be NULL */ + X509_NAME *subject; /* certificate request DN */ + X509_PUBKEY *pubkey; /* public key of request */ + /* + * Zero or more attributes. + * NB: although attributes is a mandatory field some broken + * encodings omit it so this may be NULL in that case. + */ + STACK_OF(X509_ATTRIBUTE) *attributes; +}; + +struct X509_req_st { + X509_REQ_INFO req_info; /* signed certificate request data */ + X509_ALGOR sig_alg; /* signature algorithm */ + ASN1_BIT_STRING *signature; /* signature */ + CRYPTO_REF_COUNT references; + CRYPTO_RWLOCK *lock; +}; + +struct X509_crl_info_st { + ASN1_INTEGER *version; /* version: defaults to v1(0) so may be NULL */ + X509_ALGOR sig_alg; /* signature algorithm */ + X509_NAME *issuer; /* CRL issuer name */ + ASN1_TIME *lastUpdate; /* lastUpdate field */ + ASN1_TIME *nextUpdate; /* nextUpdate field: optional */ + STACK_OF(X509_REVOKED) *revoked; /* revoked entries: optional */ + STACK_OF(X509_EXTENSION) *extensions; /* extensions: optional */ + ASN1_ENCODING enc; /* encoding of signed portion of CRL */ +}; + +struct X509_crl_st { + X509_CRL_INFO crl; /* signed CRL data */ + X509_ALGOR sig_alg; /* CRL signature algorithm */ + ASN1_BIT_STRING signature; /* CRL signature */ + CRYPTO_REF_COUNT references; + int flags; + /* + * Cached copies of decoded extension values, since extensions + * are optional any of these can be NULL. + */ + AUTHORITY_KEYID *akid; + ISSUING_DIST_POINT *idp; + /* Convenient breakdown of IDP */ + int idp_flags; + int idp_reasons; + /* CRL and base CRL numbers for delta processing */ + ASN1_INTEGER *crl_number; + ASN1_INTEGER *base_crl_number; + STACK_OF(GENERAL_NAMES) *issuers; + /* hash of CRL */ + unsigned char sha1_hash[SHA_DIGEST_LENGTH]; + /* alternative method to handle this CRL */ + const X509_CRL_METHOD *meth; + void *meth_data; + CRYPTO_RWLOCK *lock; +}; + +struct x509_revoked_st { + ASN1_INTEGER serialNumber; /* revoked entry serial number */ + ASN1_TIME *revocationDate; /* revocation date */ + STACK_OF(X509_EXTENSION) *extensions; /* CRL entry extensions: optional */ + /* decoded value of CRLissuer extension: set if indirect CRL */ + STACK_OF(GENERAL_NAME) *issuer; + /* revocation reason: set to CRL_REASON_NONE if reason extension absent */ + int reason; + /* + * CRL entries are reordered for faster lookup of serial numbers. This + * field contains the original load sequence for this entry. + */ + int sequence; +}; + +/* + * This stuff is certificate "auxiliary info": it contains details which are + * useful in certificate stores and databases. When used this is tagged onto + * the end of the certificate itself. OpenSSL specific structure not defined + * in any RFC. + */ + +struct x509_cert_aux_st { + STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ + STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ + ASN1_UTF8STRING *alias; /* "friendly name" */ + ASN1_OCTET_STRING *keyid; /* key id of private key */ + STACK_OF(X509_ALGOR) *other; /* other unspecified info */ +}; + +struct x509_cinf_st { + ASN1_INTEGER *version; /* [ 0 ] default of v1 */ + ASN1_INTEGER serialNumber; + X509_ALGOR signature; + X509_NAME *issuer; + X509_VAL validity; + X509_NAME *subject; + X509_PUBKEY *key; + ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ + ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ + STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ + ASN1_ENCODING enc; +}; + +struct x509_st { + X509_CINF cert_info; + X509_ALGOR sig_alg; + ASN1_BIT_STRING signature; + X509_SIG_INFO siginf; + CRYPTO_REF_COUNT references; + CRYPTO_EX_DATA ex_data; + /* These contain copies of various extension values */ + long ex_pathlen; + long ex_pcpathlen; + uint32_t ex_flags; + uint32_t ex_kusage; + uint32_t ex_xkusage; + uint32_t ex_nscert; + ASN1_OCTET_STRING *skid; + AUTHORITY_KEYID *akid; + X509_POLICY_CACHE *policy_cache; + STACK_OF(DIST_POINT) *crldp; + STACK_OF(GENERAL_NAME) *altname; + NAME_CONSTRAINTS *nc; +#ifndef OPENSSL_NO_RFC3779 + STACK_OF(IPAddressFamily) *rfc3779_addr; + struct ASIdentifiers_st *rfc3779_asid; +# endif + unsigned char sha1_hash[SHA_DIGEST_LENGTH]; + X509_CERT_AUX *aux; + CRYPTO_RWLOCK *lock; + volatile int ex_cached; +} /* X509 */ ; + +/* + * This is a used when verifying cert chains. Since the gathering of the + * cert chain can take some time (and have to be 'retried', this needs to be + * kept and passed around. + */ +struct x509_store_ctx_st { /* X509_STORE_CTX */ + X509_STORE *ctx; + /* The following are set by the caller */ + /* The cert to check */ + X509 *cert; + /* chain of X509s - untrusted - passed in */ + STACK_OF(X509) *untrusted; + /* set of CRLs passed in */ + STACK_OF(X509_CRL) *crls; + X509_VERIFY_PARAM *param; + /* Other info for use with get_issuer() */ + void *other_ctx; + /* Callbacks for various operations */ + /* called to verify a certificate */ + int (*verify) (X509_STORE_CTX *ctx); + /* error callback */ + int (*verify_cb) (int ok, X509_STORE_CTX *ctx); + /* get issuers cert from ctx */ + int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x); + /* check issued */ + int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer); + /* Check revocation status of chain */ + int (*check_revocation) (X509_STORE_CTX *ctx); + /* retrieve CRL */ + int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); + /* Check CRL validity */ + int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl); + /* Check certificate against CRL */ + int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); + /* Check policy status of the chain */ + int (*check_policy) (X509_STORE_CTX *ctx); + STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm); + STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm); + int (*cleanup) (X509_STORE_CTX *ctx); + /* The following is built up */ + /* if 0, rebuild chain */ + int valid; + /* number of untrusted certs */ + int num_untrusted; + /* chain of X509s - built up and trusted */ + STACK_OF(X509) *chain; + /* Valid policy tree */ + X509_POLICY_TREE *tree; + /* Require explicit policy value */ + int explicit_policy; + /* When something goes wrong, this is why */ + int error_depth; + int error; + X509 *current_cert; + /* cert currently being tested as valid issuer */ + X509 *current_issuer; + /* current CRL */ + X509_CRL *current_crl; + /* score of current CRL */ + int current_crl_score; + /* Reason mask */ + unsigned int current_reasons; + /* For CRL path validation: parent context */ + X509_STORE_CTX *parent; + CRYPTO_EX_DATA ex_data; + SSL_DANE *dane; + /* signed via bare TA public key, rather than CA certificate */ + int bare_ta_signed; +}; + +/* PKCS#8 private key info structure */ + +struct pkcs8_priv_key_info_st { + ASN1_INTEGER *version; + X509_ALGOR *pkeyalg; + ASN1_OCTET_STRING *pkey; + STACK_OF(X509_ATTRIBUTE) *attributes; +}; + +struct X509_sig_st { + X509_ALGOR *algor; + ASN1_OCTET_STRING *digest; +}; + +struct x509_object_st { + /* one of the above types */ + X509_LOOKUP_TYPE type; + union { + char *ptr; + X509 *x509; + X509_CRL *crl; + EVP_PKEY *pkey; + } data; +}; + +int a2i_ipadd(unsigned char *ipout, const char *ipasc); +int x509_set1_time(ASN1_TIME **ptm, const ASN1_TIME *tm); + +void x509_init_sig_info(X509 *x); diff --git a/test/asn1_internal_test.c b/test/asn1_internal_test.c index 63278040b6..865e058421 100644 --- a/test/asn1_internal_test.c +++ b/test/asn1_internal_test.c @@ -59,7 +59,7 @@ static int test_tbl_standard(void) * ***/ -#include "internal/asn1_int.h" +#include "crypto/asn1.h" #include "../crypto/asn1/standard_methods.h" static int test_standard_methods(void) diff --git a/test/build.info b/test/build.info index 1727f28626..a1822ab706 100644 --- a/test/build.info +++ b/test/build.info @@ -491,7 +491,7 @@ INCLUDE_MAIN___test_libtestutil_OLB = /INCLUDE=MAIN DEPEND[wpackettest]=../libcrypto ../libssl.a libtestutil.a SOURCE[ctype_internal_test]=ctype_internal_test.c - INCLUDE[ctype_internal_test]=.. ../crypto/include ../include + INCLUDE[ctype_internal_test]=.. ../include DEPEND[ctype_internal_test]=../libcrypto.a libtestutil.a SOURCE[siphash_internal_test]=siphash_internal_test.c diff --git a/test/chacha_internal_test.c b/test/chacha_internal_test.c index be44012187..dcb3c23728 100644 --- a/test/chacha_internal_test.c +++ b/test/chacha_internal_test.c @@ -15,7 +15,7 @@ #include #include #include "testutil.h" -#include "internal/chacha.h" +#include "crypto/chacha.h" static const unsigned int key[] = { 0x03020100, 0x07060504, 0x0b0a0908, 0x0f0e0d0c, diff --git a/test/ctype_internal_test.c b/test/ctype_internal_test.c index a4613031fe..1bb61ab1fc 100644 --- a/test/ctype_internal_test.c +++ b/test/ctype_internal_test.c @@ -8,7 +8,7 @@ */ #include "testutil.h" -#include "internal/ctype.h" +#include "crypto/ctype.h" #include "internal/nelem.h" #include #include diff --git a/test/drbgtest.c b/test/drbgtest.c index 7325e2ffa3..9f04a68f0e 100644 --- a/test/drbgtest.c +++ b/test/drbgtest.c @@ -16,7 +16,7 @@ #include #include #include "../crypto/rand/rand_lcl.h" -#include "../crypto/include/internal/rand_int.h" +#include "../include/crypto/rand.h" #if defined(_WIN32) # include diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index 3ae6408f09..88aba1a4ac 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -20,7 +20,7 @@ #include #include "testutil.h" #include "internal/nelem.h" -#include "internal/evp_int.h" +#include "crypto/evp.h" /* * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you diff --git a/test/poly1305_internal_test.c b/test/poly1305_internal_test.c index 7f7a9e39c5..2b6a529baa 100644 --- a/test/poly1305_internal_test.c +++ b/test/poly1305_internal_test.c @@ -13,7 +13,7 @@ #include #include "testutil.h" -#include "internal/poly1305.h" +#include "crypto/poly1305.h" #include "../crypto/poly1305/poly1305_local.h" #include "internal/nelem.h" diff --git a/test/shlibloadtest.c b/test/shlibloadtest.c index 86bbfcd849..9649a941ad 100644 --- a/test/shlibloadtest.c +++ b/test/shlibloadtest.c @@ -13,7 +13,7 @@ #include #include #include -#include "internal/dso_conf.h" +#include "crypto/dso_conf.h" typedef void DSO; diff --git a/test/siphash_internal_test.c b/test/siphash_internal_test.c index ae9082bc7e..be86ee119c 100644 --- a/test/siphash_internal_test.c +++ b/test/siphash_internal_test.c @@ -14,7 +14,7 @@ #include #include "testutil.h" -#include "internal/siphash.h" +#include "crypto/siphash.h" #include "../crypto/siphash/siphash_local.h" #include "internal/nelem.h" diff --git a/test/sm2_internal_test.c b/test/sm2_internal_test.c index 015fa85e68..952f688e8b 100644 --- a/test/sm2_internal_test.c +++ b/test/sm2_internal_test.c @@ -21,7 +21,7 @@ #ifndef OPENSSL_NO_SM2 -# include "internal/sm2.h" +# include "crypto/sm2.h" static RAND_METHOD fake_rand; static const RAND_METHOD *saved_rand; diff --git a/test/sm4_internal_test.c b/test/sm4_internal_test.c index 2f3eaecbce..ce61b56428 100644 --- a/test/sm4_internal_test.c +++ b/test/sm4_internal_test.c @@ -17,7 +17,7 @@ #include "testutil.h" #ifndef OPENSSL_NO_SM4 -# include "internal/sm4.h" +# include "crypto/sm4.h" static int test_sm4_ecb(void) {