diff options
Diffstat (limited to 'deps/openssl/openssl/crypto/include')
29 files changed, 752 insertions, 281 deletions
diff --git a/deps/openssl/openssl/crypto/include/internal/__DECC_INCLUDE_EPILOGUE.H b/deps/openssl/openssl/crypto/include/internal/__DECC_INCLUDE_EPILOGUE.H index 5f63860808..c350018ad1 100644 --- a/deps/openssl/openssl/crypto/include/internal/__DECC_INCLUDE_EPILOGUE.H +++ b/deps/openssl/openssl/crypto/include/internal/__DECC_INCLUDE_EPILOGUE.H @@ -1,5 +1,5 @@ /* - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/deps/openssl/openssl/crypto/include/internal/__DECC_INCLUDE_PROLOGUE.H b/deps/openssl/openssl/crypto/include/internal/__DECC_INCLUDE_PROLOGUE.H index 78b2a87d88..9a9c777f93 100644 --- a/deps/openssl/openssl/crypto/include/internal/__DECC_INCLUDE_PROLOGUE.H +++ b/deps/openssl/openssl/crypto/include/internal/__DECC_INCLUDE_PROLOGUE.H @@ -1,5 +1,5 @@ /* - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/deps/openssl/openssl/crypto/include/internal/aria.h b/deps/openssl/openssl/crypto/include/internal/aria.h new file mode 100644 index 0000000000..355abe5398 --- /dev/null +++ b/deps/openssl/openssl/crypto/include/internal/aria.h @@ -0,0 +1,50 @@ +/* + * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + + /* Copyright (c) 2017 National Security Research Institute. All rights reserved. */ + +#ifndef HEADER_ARIA_H +# define HEADER_ARIA_H + +# include <openssl/opensslconf.h> + +# ifdef OPENSSL_NO_ARIA +# error ARIA is disabled. +# endif + +# define ARIA_ENCRYPT 1 +# define ARIA_DECRYPT 0 + +# define ARIA_BLOCK_SIZE 16 /* Size of each encryption/decryption block */ +# define ARIA_MAX_KEYS 17 /* Number of keys needed in the worst case */ + +typedef union { + unsigned char c[ARIA_BLOCK_SIZE]; + unsigned int u[ARIA_BLOCK_SIZE / sizeof(unsigned int)]; +} ARIA_u128; + +typedef unsigned char ARIA_c128[ARIA_BLOCK_SIZE]; + +struct aria_key_st { + ARIA_u128 rd_key[ARIA_MAX_KEYS]; + unsigned int rounds; +}; +typedef struct aria_key_st ARIA_KEY; + + +int aria_set_encrypt_key(const unsigned char *userKey, const int bits, + ARIA_KEY *key); +int aria_set_decrypt_key(const unsigned char *userKey, const int bits, + ARIA_KEY *key); + +void aria_encrypt(const unsigned char *in, unsigned char *out, + const ARIA_KEY *key); + +#endif diff --git a/deps/openssl/openssl/crypto/include/internal/asn1_int.h b/deps/openssl/openssl/crypto/include/internal/asn1_int.h index ba9c062702..9c9b4d8974 100644 --- a/deps/openssl/openssl/crypto/include/internal/asn1_int.h +++ b/deps/openssl/openssl/crypto/include/internal/asn1_int.h @@ -52,6 +52,17 @@ struct evp_pkey_asn1_method_st { int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, X509_ALGOR *alg1, X509_ALGOR *alg2, ASN1_BIT_STRING *sig); + int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg, + const ASN1_STRING *sig); + /* Check */ + int (*pkey_check) (const EVP_PKEY *pk); + int (*pkey_public_check) (const EVP_PKEY *pk); + int (*pkey_param_check) (const EVP_PKEY *pk); + /* Get/set raw private/public key data */ + int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len); + int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len); + int (*get_priv_key) (const EVP_PKEY *pk, unsigned char *priv, size_t *len); + int (*get_pub_key) (const EVP_PKEY *pk, unsigned char *pub, size_t *len); } /* EVP_PKEY_ASN1_METHOD */ ; DEFINE_STACK_OF_CONST(EVP_PKEY_ASN1_METHOD) @@ -62,8 +73,16 @@ extern const EVP_PKEY_ASN1_METHOD dhx_asn1_meth; extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[5]; extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth; extern const EVP_PKEY_ASN1_METHOD ecx25519_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD ecx448_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD ed448_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD sm2_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD poly1305_asn1_meth; + extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[2]; +extern const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD siphash_asn1_meth; /* * These are used internally in the ASN1_OBJECT to keep track of whether the @@ -90,3 +109,5 @@ struct asn1_pctx_st { unsigned long oid_flags; unsigned long str_flags; } /* ASN1_PCTX */ ; + +int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb); diff --git a/deps/openssl/openssl/crypto/include/internal/bn_conf.h b/deps/openssl/openssl/crypto/include/internal/bn_conf.h deleted file mode 100644 index 79400c6472..0000000000 --- a/deps/openssl/openssl/crypto/include/internal/bn_conf.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../../config/bn_conf.h" diff --git a/deps/openssl/openssl/crypto/include/internal/bn_dh.h b/deps/openssl/openssl/crypto/include/internal/bn_dh.h index f49f039835..70ebca2875 100644 --- a/deps/openssl/openssl/crypto/include/internal/bn_dh.h +++ b/deps/openssl/openssl/crypto/include/internal/bn_dh.h @@ -15,3 +15,10 @@ declare_dh_bn(1024_160) declare_dh_bn(2048_224) declare_dh_bn(2048_256) + +extern const BIGNUM _bignum_ffdhe2048_p; +extern const BIGNUM _bignum_ffdhe3072_p; +extern const BIGNUM _bignum_ffdhe4096_p; +extern const BIGNUM _bignum_ffdhe6144_p; +extern const BIGNUM _bignum_ffdhe8192_p; +extern const BIGNUM _bignum_const_2; diff --git a/deps/openssl/openssl/crypto/include/internal/bn_int.h b/deps/openssl/openssl/crypto/include/internal/bn_int.h index 2be7fdd0d3..cffe5cfc16 100644 --- a/deps/openssl/openssl/crypto/include/internal/bn_int.h +++ b/deps/openssl/openssl/crypto/include/internal/bn_int.h @@ -13,10 +13,6 @@ # include <openssl/bn.h> # include <limits.h> -#ifdef __cplusplus -extern "C" { -#endif - BIGNUM *bn_wexpand(BIGNUM *a, int words); BIGNUM *bn_expand2(BIGNUM *a, int words); @@ -34,8 +30,6 @@ signed char *bn_compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len); int bn_get_top(const BIGNUM *a); -void bn_set_top(BIGNUM *a, int top); - int bn_get_dmax(const BIGNUM *a); /* Set all words to zero */ @@ -66,14 +60,6 @@ void bn_set_static_words(BIGNUM *a, const BN_ULONG *words, int size); */ int bn_set_words(BIGNUM *a, const BN_ULONG *words, int num_words); -size_t bn_sizeof_BIGNUM(void); - -/* - * Return element el from an array of BIGNUMs starting at base (required - * because callers do not know the size of BIGNUM at compilation time) - */ -BIGNUM *bn_array_el(BIGNUM *base, int el); - /* * Some BIGNUM functions assume most significant limb to be non-zero, which * is customarily arranged by bn_correct_top. Output from below functions @@ -94,8 +80,4 @@ int bn_mod_sub_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, int bn_mul_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); int bn_sqr_fixed_top(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx); -#ifdef __cplusplus -} -#endif - #endif diff --git a/deps/openssl/openssl/crypto/include/internal/chacha.h b/deps/openssl/openssl/crypto/include/internal/chacha.h index 7d4366ea25..67243f2228 100644 --- a/deps/openssl/openssl/crypto/include/internal/chacha.h +++ b/deps/openssl/openssl/crypto/include/internal/chacha.h @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -12,10 +12,6 @@ #include <stddef.h> -#ifdef __cplusplus -extern "C" { -#endif - /* * ChaCha20_ctr32 encrypts |len| bytes from |inp| with the given key and * nonce and writes the result to |out|, which may be equal to |inp|. @@ -43,7 +39,4 @@ void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp, #define CHACHA_CTR_SIZE 16 #define CHACHA_BLK_SIZE 64 -#ifdef __cplusplus -} -#endif #endif diff --git a/deps/openssl/openssl/crypto/include/internal/cryptlib.h b/deps/openssl/openssl/crypto/include/internal/cryptlib.h deleted file mode 100644 index d42a134bdf..0000000000 --- a/deps/openssl/openssl/crypto/include/internal/cryptlib.h +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#ifndef HEADER_CRYPTLIB_H -# define HEADER_CRYPTLIB_H - -# include <stdlib.h> -# include <string.h> - -# include "e_os.h" - -# ifdef OPENSSL_USE_APPLINK -# undef BIO_FLAGS_UPLINK -# define BIO_FLAGS_UPLINK 0x8000 -# include "ms/uplink.h" -# endif - -# include <openssl/crypto.h> -# include <openssl/buffer.h> -# include <openssl/bio.h> -# include <openssl/err.h> - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct ex_callback_st EX_CALLBACK; - -DEFINE_STACK_OF(EX_CALLBACK) - -typedef struct app_mem_info_st APP_INFO; - -typedef struct mem_st MEM; -DEFINE_LHASH_OF(MEM); - -# ifndef OPENSSL_SYS_VMS -# define X509_CERT_AREA OPENSSLDIR -# define X509_CERT_DIR OPENSSLDIR "/certs" -# define X509_CERT_FILE OPENSSLDIR "/cert.pem" -# define X509_PRIVATE_DIR OPENSSLDIR "/private" -# define CTLOG_FILE OPENSSLDIR "/ct_log_list.cnf" -# else -# define X509_CERT_AREA "OSSL$DATAROOT:[000000]" -# define X509_CERT_DIR "OSSL$DATAROOT:[CERTS]" -# define X509_CERT_FILE "OSSL$DATAROOT:[000000]cert.pem" -# define X509_PRIVATE_DIR "OSSL$DATAROOT:[PRIVATE]" -# define CTLOG_FILE "OSSL$DATAROOT:[000000]ct_log_list.cnf" -# endif - -# define X509_CERT_DIR_EVP "SSL_CERT_DIR" -# define X509_CERT_FILE_EVP "SSL_CERT_FILE" -# define CTLOG_FILE_EVP "CTLOG_FILE" - -/* size of string representations */ -# define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) -# define HEX_SIZE(type) (sizeof(type)*2) - -void OPENSSL_cpuid_setup(void); -extern unsigned int OPENSSL_ia32cap_P[]; -void OPENSSL_showfatal(const char *fmta, ...); -extern int OPENSSL_NONPIC_relocated; -void crypto_cleanup_all_ex_data_int(void); - -char *ossl_safe_getenv(const char *name); - -int openssl_strerror_r(int errnum, char *buf, size_t buflen); -# if !defined(OPENSSL_NO_STDIO) -FILE *openssl_fopen(const char *filename, const char *mode); -# else -void *openssl_fopen(const char *filename, const char *mode); -# endif - -unsigned long OPENSSL_rdtsc(void); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/deps/openssl/openssl/crypto/include/internal/cryptlib_int.h b/deps/openssl/openssl/crypto/include/internal/cryptlib_int.h index ceeb63ddd0..38b5dac9a3 100644 --- a/deps/openssl/openssl/crypto/include/internal/cryptlib_int.h +++ b/deps/openssl/openssl/crypto/include/internal/cryptlib_int.h @@ -7,13 +7,14 @@ * https://www.openssl.org/source/license.html */ -#include <internal/cryptlib.h> +#include "internal/cryptlib.h" /* This file is not scanned by mkdef.pl, whereas cryptlib.h is */ struct thread_local_inits_st { int async; int err_state; + int rand; }; int ossl_init_thread_start(uint64_t opts); @@ -29,4 +30,6 @@ int ossl_init_thread_start(uint64_t opts); /* OPENSSL_INIT_THREAD flags */ # define OPENSSL_INIT_THREAD_ASYNC 0x01 # define OPENSSL_INIT_THREAD_ERR_STATE 0x02 +# define OPENSSL_INIT_THREAD_RAND 0x04 +void ossl_malloc_setup_failures(void); diff --git a/deps/openssl/openssl/crypto/include/internal/ctype.h b/deps/openssl/openssl/crypto/include/internal/ctype.h new file mode 100644 index 0000000000..a35b12bfbf --- /dev/null +++ b/deps/openssl/openssl/crypto/include/internal/ctype.h @@ -0,0 +1,80 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * This version of ctype.h provides a standardised and platform + * independent implementation that supports seven bit ASCII characters. + * The specific intent is to not pass extended ASCII characters (> 127) + * even if the host operating system would. + * + * There is EBCDIC support included for machines which use this. However, + * there are a number of concerns about how well EBCDIC is supported + * throughout the rest of the source code. Refer to issue #4154 for + * details. + */ +#ifndef INTERNAL_CTYPE_H +# define INTERNAL_CTYPE_H + +# define CTYPE_MASK_lower 0x1 +# define CTYPE_MASK_upper 0x2 +# define CTYPE_MASK_digit 0x4 +# define CTYPE_MASK_space 0x8 +# define CTYPE_MASK_xdigit 0x10 +# define CTYPE_MASK_blank 0x20 +# define CTYPE_MASK_cntrl 0x40 +# define CTYPE_MASK_graph 0x80 +# define CTYPE_MASK_print 0x100 +# define CTYPE_MASK_punct 0x200 +# define CTYPE_MASK_base64 0x400 +# define CTYPE_MASK_asn1print 0x800 + +# define CTYPE_MASK_alpha (CTYPE_MASK_lower | CTYPE_MASK_upper) +# define CTYPE_MASK_alnum (CTYPE_MASK_alpha | CTYPE_MASK_digit) + +/* + * The ascii mask assumes that any other classification implies that + * the character is ASCII and that there are no ASCII characters + * that aren't in any of the classifications. + * + * This assumption holds at the moment, but it might not in the future. + */ +# define CTYPE_MASK_ascii (~0) + +# ifdef CHARSET_EBCDIC +int ossl_toascii(int c); +int ossl_fromascii(int c); +# else +# define ossl_toascii(c) (c) +# define ossl_fromascii(c) (c) +# endif +int ossl_ctype_check(int c, unsigned int mask); +int ossl_tolower(int c); +int ossl_toupper(int c); + +# define ossl_isalnum(c) (ossl_ctype_check((c), CTYPE_MASK_alnum)) +# define ossl_isalpha(c) (ossl_ctype_check((c), CTYPE_MASK_alpha)) +# ifdef CHARSET_EBCDIC +# define ossl_isascii(c) (ossl_ctype_check((c), CTYPE_MASK_ascii)) +# else +# define ossl_isascii(c) (((c) & ~127) == 0) +# endif +# define ossl_isblank(c) (ossl_ctype_check((c), CTYPE_MASK_blank)) +# define ossl_iscntrl(c) (ossl_ctype_check((c), CTYPE_MASK_cntrl)) +# define ossl_isdigit(c) (ossl_ctype_check((c), CTYPE_MASK_digit)) +# define ossl_isgraph(c) (ossl_ctype_check((c), CTYPE_MASK_graph)) +# define ossl_islower(c) (ossl_ctype_check((c), CTYPE_MASK_lower)) +# define ossl_isprint(c) (ossl_ctype_check((c), CTYPE_MASK_print)) +# define ossl_ispunct(c) (ossl_ctype_check((c), CTYPE_MASK_punct)) +# define ossl_isspace(c) (ossl_ctype_check((c), CTYPE_MASK_space)) +# define ossl_isupper(c) (ossl_ctype_check((c), CTYPE_MASK_upper)) +# define ossl_isxdigit(c) (ossl_ctype_check((c), CTYPE_MASK_xdigit)) +# define ossl_isbase64(c) (ossl_ctype_check((c), CTYPE_MASK_base64)) +# define ossl_isasn1print(c) (ossl_ctype_check((c), CTYPE_MASK_asn1print)) + +#endif diff --git a/deps/openssl/openssl/crypto/include/internal/dso_conf.h b/deps/openssl/openssl/crypto/include/internal/dso_conf.h deleted file mode 100644 index e7f2afa987..0000000000 --- a/deps/openssl/openssl/crypto/include/internal/dso_conf.h +++ /dev/null @@ -1 +0,0 @@ -#include "../../../config/dso_conf.h" diff --git a/deps/openssl/openssl/crypto/include/internal/dso_conf.h.in b/deps/openssl/openssl/crypto/include/internal/dso_conf.h.in index daa5e247a3..d6e9d1b1ba 100644 --- a/deps/openssl/openssl/crypto/include/internal/dso_conf.h.in +++ b/deps/openssl/openssl/crypto/include/internal/dso_conf.h.in @@ -1,6 +1,6 @@ {- join("\n",map { "/* $_ */" } @autowarntext) -} /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -10,6 +10,21 @@ #ifndef HEADER_DSO_CONF_H # define HEADER_DSO_CONF_H - +{- output_off() if $disabled{dso} -} +{- # The DSO code currently always implements all functions so that no + # applications will have to worry about that from a compilation point + # of view. However, the "method"s may return zero unless that platform + # has support compiled in for them. Currently each method is enabled + # by a define "DSO_<name>" ... we translate the "dso_scheme" config + # string entry into using the following logic; + my $scheme = uc $target{dso_scheme}; + my @macros = ( "DSO_$scheme" ); + if ($scheme eq 'DLFCN') { + @macros = ( "DSO_DLFCN", "HAVE_DLFCN_H" ); + } elsif ($scheme eq "DLFCN_NO_H") { + @macros = ( "DSO_DLFCN" ); + } + join("\n", map { "# define $_" } @macros); -} # define DSO_EXTENSION "{- $target{dso_extension} -}" +{- output_on() if $disabled{dso} -} #endif diff --git a/deps/openssl/openssl/crypto/include/internal/ec_int.h b/deps/openssl/openssl/crypto/include/internal/ec_int.h new file mode 100644 index 0000000000..182c39cc80 --- /dev/null +++ b/deps/openssl/openssl/crypto/include/internal/ec_int.h @@ -0,0 +1,53 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* Internal EC functions for other submodules: not for application use */ + +#ifndef HEADER_OSSL_EC_INTERNAL_H +# define HEADER_OSSL_EC_INTERNAL_H +# include <openssl/opensslconf.h> + +# ifndef OPENSSL_NO_EC + +# include <openssl/ec.h> + +/*- + * Computes the multiplicative inverse of x in the range + * [1,EC_GROUP::order), where EC_GROUP::order is the cardinality of the + * subgroup generated by the generator G: + * + * res := x^(-1) (mod EC_GROUP::order). + * + * This function expects the following two conditions to hold: + * - the EC_GROUP order is prime, and + * - x is included in the range [1, EC_GROUP::order). + * + * This function returns 1 on success, 0 on error. + * + * If the EC_GROUP order is even, this function explicitly returns 0 as + * an error. + * In case any of the two conditions stated above is not satisfied, + * the correctness of its output is not guaranteed, even if the return + * value could still be 1 (as primality testing and a conditional modular + * reduction round on the input can be omitted by the underlying + * implementations for better SCA properties on regular input values). + */ +__owur int ec_group_do_inverse_ord(const EC_GROUP *group, BIGNUM *res, + const BIGNUM *x, BN_CTX *ctx); + +/*- + * ECDH Key Derivation Function as defined in ANSI X9.63 + */ +int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, + const unsigned char *Z, size_t Zlen, + const unsigned char *sinfo, size_t sinfolen, + const EVP_MD *md); + +# endif /* OPENSSL_NO_EC */ +#endif diff --git a/deps/openssl/openssl/crypto/include/internal/engine.h b/deps/openssl/openssl/crypto/include/internal/engine.h index 977cf06d43..f80ae3ec30 100644 --- a/deps/openssl/openssl/crypto/include/internal/engine.h +++ b/deps/openssl/openssl/crypto/include/internal/engine.h @@ -10,7 +10,7 @@ #include <openssl/engine.h> void engine_load_openssl_int(void); -void engine_load_cryptodev_int(void); +void engine_load_devcrypto_int(void); void engine_load_rdrand_int(void); void engine_load_dynamic_int(void); void engine_load_padlock_int(void); diff --git a/deps/openssl/openssl/crypto/include/internal/evp_int.h b/deps/openssl/openssl/crypto/include/internal/evp_int.h index f34699bfa8..d86aed36f0 100644 --- a/deps/openssl/openssl/crypto/include/internal/evp_int.h +++ b/deps/openssl/openssl/crypto/include/internal/evp_int.h @@ -7,6 +7,15 @@ * https://www.openssl.org/source/license.html */ +#include <openssl/evp.h> +#include "internal/refcount.h" + +/* + * Don't free up md_ctx->pctx in EVP_MD_CTX_reset, use the reserved flag + * values in evp.h + */ +#define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400 + struct evp_pkey_ctx_st { /* Method associated with this operation */ const EVP_PKEY_METHOD *pmeth; @@ -68,6 +77,16 @@ struct evp_pkey_method_st { int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2); int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value); + int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen, + const unsigned char *tbs, size_t tbslen); + int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig, + size_t siglen, const unsigned char *tbs, + size_t tbslen); + int (*check) (EVP_PKEY *pkey); + int (*public_check) (EVP_PKEY *pkey); + int (*param_check) (EVP_PKEY *pkey); + + int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); } /* EVP_PKEY_METHOD */ ; DEFINE_STACK_OF_CONST(EVP_PKEY_METHOD) @@ -79,11 +98,19 @@ extern const EVP_PKEY_METHOD dh_pkey_meth; extern const EVP_PKEY_METHOD dhx_pkey_meth; extern const EVP_PKEY_METHOD dsa_pkey_meth; extern const EVP_PKEY_METHOD ec_pkey_meth; +extern const EVP_PKEY_METHOD sm2_pkey_meth; extern const EVP_PKEY_METHOD ecx25519_pkey_meth; +extern const EVP_PKEY_METHOD ecx448_pkey_meth; +extern const EVP_PKEY_METHOD ed25519_pkey_meth; +extern const EVP_PKEY_METHOD ed448_pkey_meth; extern const EVP_PKEY_METHOD hmac_pkey_meth; extern const EVP_PKEY_METHOD rsa_pkey_meth; +extern const EVP_PKEY_METHOD rsa_pss_pkey_meth; +extern const EVP_PKEY_METHOD scrypt_pkey_meth; extern const EVP_PKEY_METHOD tls1_prf_pkey_meth; extern const EVP_PKEY_METHOD hkdf_pkey_meth; +extern const EVP_PKEY_METHOD poly1305_pkey_meth; +extern const EVP_PKEY_METHOD siphash_pkey_meth; struct evp_md_st { int type; @@ -346,6 +373,21 @@ const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } cipher##_init_key, NULL, NULL, NULL, NULL) +# ifndef OPENSSL_NO_EC + +#define X25519_KEYLEN 32 +#define X448_KEYLEN 56 +#define ED448_KEYLEN 57 + +#define MAX_KEYLEN ED448_KEYLEN + +typedef struct { + unsigned char pubkey[MAX_KEYLEN]; + unsigned char *privkey; +} ECX_KEY; + +#endif + /* * Type needs to be a bit field Sub-type needs to be for variations on the * method, as in, can it do arbitrary encryption.... @@ -353,7 +395,7 @@ const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } struct evp_pkey_st { int type; int save_type; - int references; + CRYPTO_REF_COUNT references; const EVP_PKEY_ASN1_METHOD *ameth; ENGINE *engine; ENGINE *pmeth_engine; /* If not NULL public key ENGINE to use */ @@ -370,6 +412,7 @@ struct evp_pkey_st { # endif # ifndef OPENSSL_NO_EC struct ec_key_st *ec; /* ECC */ + ECX_KEY *ecx; /* X25519, X448, Ed25519, Ed448 */ # endif } pkey; int save_parameters; @@ -381,10 +424,19 @@ struct evp_pkey_st { void openssl_add_all_ciphers_int(void); void openssl_add_all_digests_int(void); void evp_cleanup_int(void); +void evp_app_cleanup_int(void); -/* Pulling defines out of C soure files */ +/* Pulling defines out of C source files */ #define EVP_RC4_KEY_SIZE 16 #ifndef TLS1_1_VERSION # define TLS1_1_VERSION 0x0302 #endif + +void evp_encode_ctx_set_flags(EVP_ENCODE_CTX *ctx, unsigned int flags); + +/* EVP_ENCODE_CTX flags */ +/* Don't generate new lines when encoding */ +#define EVP_ENCODE_CTX_NO_NEWLINES 1 +/* Use the SRP base64 alphabet instead of the standard one */ +#define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2 diff --git a/deps/openssl/openssl/crypto/include/internal/md32_common.h b/deps/openssl/openssl/crypto/include/internal/md32_common.h index 6e4ce14e99..1124e9c24b 100644 --- a/deps/openssl/openssl/crypto/include/internal/md32_common.h +++ b/deps/openssl/openssl/crypto/include/internal/md32_common.h @@ -1,5 +1,5 @@ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -22,7 +22,7 @@ * HASH_CBLOCK * size of a unit chunk HASH_BLOCK operates on. * HASH_LONG - * has to be at lest 32 bit wide. + * has to be at least 32 bit wide. * HASH_CTX * context structure that at least contains following * members: @@ -48,7 +48,7 @@ * name of "block" function capable of treating *unaligned* input * message in original (data) byte order, implemented externally. * HASH_MAKE_STRING - * macro convering context variables to an ASCII hash string. + * macro converting context variables to an ASCII hash string. * * MD5 example: * @@ -61,8 +61,6 @@ * #define HASH_TRANSFORM MD5_Transform * #define HASH_FINAL MD5_Final * #define HASH_BLOCK_DATA_ORDER md5_block_data_order - * - * <appro@fy.chalmers.se> */ #include <openssl/crypto.h> @@ -95,155 +93,36 @@ # error "HASH_BLOCK_DATA_ORDER must be defined!" #endif -/* - * Engage compiler specific rotate intrinsic function if available. - */ -#undef ROTATE -#ifndef PEDANTIC -# if defined(_MSC_VER) -# define ROTATE(a,n) _lrotl(a,n) -# elif defined(__ICC) -# define ROTATE(a,n) _rotl(a,n) -# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) - /* - * Some GNU C inline assembler templates. Note that these are - * rotates by *constant* number of bits! But that's exactly - * what we need here... - * <appro@fy.chalmers.se> - */ -# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__) -# define ROTATE(a,n) ({ register unsigned int ret; \ - asm ( \ - "roll %1,%0" \ - : "=r"(ret) \ - : "I"(n), "0"((unsigned int)(a)) \ - : "cc"); \ - ret; \ - }) -# elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \ - defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__) -# define ROTATE(a,n) ({ register unsigned int ret; \ - asm ( \ - "rlwinm %0,%1,%2,0,31" \ - : "=r"(ret) \ - : "r"(a), "I"(n)); \ - ret; \ - }) -# elif defined(__s390x__) -# define ROTATE(a,n) ({ register unsigned int ret; \ - asm ("rll %0,%1,%2" \ - : "=r"(ret) \ - : "r"(a), "I"(n)); \ - ret; \ - }) -# endif -# endif -#endif /* PEDANTIC */ - -#ifndef ROTATE -# define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n)))) -#endif +#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n)))) #if defined(DATA_ORDER_IS_BIG_ENDIAN) -# ifndef PEDANTIC -# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) -# if ((defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)) || \ - (defined(__x86_64) || defined(__x86_64__)) -# if !defined(B_ENDIAN) - /* - * This gives ~30-40% performance improvement in SHA-256 compiled - * with gcc [on P4]. Well, first macro to be frank. We can pull - * this trick on x86* platforms only, because these CPUs can fetch - * unaligned data without raising an exception. - */ -# define HOST_c2l(c,l) ({ unsigned int r=*((const unsigned int *)(c)); \ - asm ("bswapl %0":"=r"(r):"0"(r)); \ - (c)+=4; (l)=r; }) -# define HOST_l2c(l,c) ({ unsigned int r=(l); \ - asm ("bswapl %0":"=r"(r):"0"(r)); \ - *((unsigned int *)(c))=r; (c)+=4; r; }) -# endif -# elif defined(__aarch64__) -# if defined(__BYTE_ORDER__) -# if defined(__ORDER_LITTLE_ENDIAN__) && __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__ -# define HOST_c2l(c,l) ({ unsigned int r; \ - asm ("rev %w0,%w1" \ - :"=r"(r) \ - :"r"(*((const unsigned int *)(c))));\ - (c)+=4; (l)=r; }) -# define HOST_l2c(l,c) ({ unsigned int r; \ - asm ("rev %w0,%w1" \ - :"=r"(r) \ - :"r"((unsigned int)(l)));\ - *((unsigned int *)(c))=r; (c)+=4; r; }) -# elif defined(__ORDER_BIG_ENDIAN__) && __BYTE_ORDER__==__ORDER_BIG_ENDIAN__ -# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, (l)) -# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, (l)) -# endif -# endif -# endif -# endif -# if defined(__s390__) || defined(__s390x__) -# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, (l)) -# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, (l)) -# endif -# endif - -# ifndef HOST_c2l -# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ +# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ l|=(((unsigned long)(*((c)++)))<<16), \ l|=(((unsigned long)(*((c)++)))<< 8), \ l|=(((unsigned long)(*((c)++))) ) ) -# endif -# ifndef HOST_l2c -# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ +# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ *((c)++)=(unsigned char)(((l)>>16)&0xff), \ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ *((c)++)=(unsigned char)(((l) )&0xff), \ l) -# endif #elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) -# ifndef PEDANTIC -# if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) -# if defined(__s390x__) -# define HOST_c2l(c,l) ({ asm ("lrv %0,%1" \ - :"=d"(l) :"m"(*(const unsigned int *)(c)));\ - (c)+=4; (l); }) -# define HOST_l2c(l,c) ({ asm ("strv %1,%0" \ - :"=m"(*(unsigned int *)(c)) :"d"(l));\ - (c)+=4; (l); }) -# endif -# endif -# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__) -# ifndef B_ENDIAN - /* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */ -# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, l) -# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, l) -# endif -# endif -# endif - -# ifndef HOST_c2l -# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \ +# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \ l|=(((unsigned long)(*((c)++)))<< 8), \ l|=(((unsigned long)(*((c)++)))<<16), \ l|=(((unsigned long)(*((c)++)))<<24) ) -# endif -# ifndef HOST_l2c -# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ +# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ *((c)++)=(unsigned char)(((l)>>16)&0xff), \ *((c)++)=(unsigned char)(((l)>>24)&0xff), \ l) -# endif #endif /* - * Time for some action:-) + * Time for some action :-) */ int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len) @@ -257,10 +136,6 @@ int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len) return 1; l = (c->Nl + (((HASH_LONG) len) << 3)) & 0xffffffffUL; - /* - * 95-05-24 eay Fixed a bug with the overflow handling, thanks to Wei Dai - * <weidai@eskimo.com> for pointing it out. - */ if (l < c->Nl) /* overflow */ c->Nh++; c->Nh += (HASH_LONG) (len >> 29); /* might cause compiler warning on @@ -368,7 +243,6 @@ int HASH_FINAL(unsigned char *md, HASH_CTX *c) * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. * Well, to be honest it should say that this *prevents* * performance degradation. - * <appro@fy.chalmers.se> */ # else /* @@ -376,7 +250,6 @@ int HASH_FINAL(unsigned char *md, HASH_CTX *c) * generate better code if MD32_REG_T is defined int. The above * pre-processor condition reflects the circumstances under which * the conclusion was made and is subject to further extension. - * <appro@fy.chalmers.se> */ # define MD32_REG_T int # endif diff --git a/deps/openssl/openssl/crypto/include/internal/poly1305.h b/deps/openssl/openssl/crypto/include/internal/poly1305.h index 1bc8716fca..5fef239d0f 100644 --- a/deps/openssl/openssl/crypto/include/internal/poly1305.h +++ b/deps/openssl/openssl/crypto/include/internal/poly1305.h @@ -9,7 +9,9 @@ #include <stddef.h> -#define POLY1305_BLOCK_SIZE 16 +#define POLY1305_BLOCK_SIZE 16 +#define POLY1305_DIGEST_SIZE 16 +#define POLY1305_KEY_SIZE 32 typedef struct poly1305_context POLY1305; diff --git a/deps/openssl/openssl/crypto/include/internal/rand.h b/deps/openssl/openssl/crypto/include/internal/rand.h deleted file mode 100644 index 30887c4a7c..0000000000 --- a/deps/openssl/openssl/crypto/include/internal/rand.h +++ /dev/null @@ -1,20 +0,0 @@ -/* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * Licensed under the OpenSSL licenses, (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * https://www.openssl.org/source/license.html - * or in the file LICENSE in the source distribution. - */ - -#include <openssl/rand.h> - -void rand_cleanup_int(void); diff --git a/deps/openssl/openssl/crypto/include/internal/rand_int.h b/deps/openssl/openssl/crypto/include/internal/rand_int.h new file mode 100644 index 0000000000..888cab1b8f --- /dev/null +++ b/deps/openssl/openssl/crypto/include/internal/rand_int.h @@ -0,0 +1,134 @@ +/* + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Licensed under the OpenSSL licenses, (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * https://www.openssl.org/source/license.html + * or in the file LICENSE in the source distribution. + */ + +#ifndef HEADER_RAND_INT_H +# define HEADER_RAND_INT_H + +# include <openssl/rand.h> + +/* forward declaration */ +typedef struct rand_pool_st RAND_POOL; + +void rand_cleanup_int(void); +void rand_drbg_cleanup_int(void); +void drbg_delete_thread_state(void); +void rand_fork(void); + +/* Hardware-based seeding functions. */ +size_t rand_acquire_entropy_from_tsc(RAND_POOL *pool); +size_t rand_acquire_entropy_from_cpu(RAND_POOL *pool); + +/* DRBG entropy callbacks. */ +size_t rand_drbg_get_entropy(RAND_DRBG *drbg, + unsigned char **pout, + int entropy, size_t min_len, size_t max_len, + int prediction_resistance); +void rand_drbg_cleanup_entropy(RAND_DRBG *drbg, + unsigned char *out, size_t outlen); +size_t rand_drbg_get_nonce(RAND_DRBG *drbg, + unsigned char **pout, + int entropy, size_t min_len, size_t max_len); +void rand_drbg_cleanup_nonce(RAND_DRBG *drbg, + unsigned char *out, size_t outlen); + +size_t rand_drbg_get_additional_data(RAND_POOL *pool, unsigned char **pout); + +void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out); + +/* + * RAND_POOL functions + */ +RAND_POOL *rand_pool_new(int entropy_requested, size_t min_len, size_t max_len); +RAND_POOL *rand_pool_attach(const unsigned char *buffer, size_t len, + size_t entropy); +void rand_pool_free(RAND_POOL *pool); + +const unsigned char *rand_pool_buffer(RAND_POOL *pool); +unsigned char *rand_pool_detach(RAND_POOL *pool); +void rand_pool_reattach(RAND_POOL *pool, unsigned char *buffer); + +size_t rand_pool_entropy(RAND_POOL *pool); +size_t rand_pool_length(RAND_POOL *pool); + +size_t rand_pool_entropy_available(RAND_POOL *pool); +size_t rand_pool_entropy_needed(RAND_POOL *pool); +/* |entropy_factor| expresses how many bits of data contain 1 bit of entropy */ +size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor); +size_t rand_pool_bytes_remaining(RAND_POOL *pool); + +int rand_pool_add(RAND_POOL *pool, + const unsigned char *buffer, size_t len, size_t entropy); +unsigned char *rand_pool_add_begin(RAND_POOL *pool, size_t len); +int rand_pool_add_end(RAND_POOL *pool, size_t len, size_t entropy); + + +/* + * Add random bytes to the pool to acquire requested amount of entropy + * + * This function is platform specific and tries to acquire the requested + * amount of entropy by polling platform specific entropy sources. + * + * If the function succeeds in acquiring at least |entropy_requested| bits + * of entropy, the total entropy count is returned. If it fails, it returns + * an entropy count of 0. + */ +size_t rand_pool_acquire_entropy(RAND_POOL *pool); + +/* + * Add some application specific nonce data + * + * This function is platform specific and adds some application specific + * data to the nonce used for instantiating the drbg. + * + * This data currently consists of the process and thread id, and a high + * resolution timestamp. The data does not include an atomic counter, + * because that is added by the calling function rand_drbg_get_nonce(). + * + * Returns 1 on success and 0 on failure. + */ +int rand_pool_add_nonce_data(RAND_POOL *pool); + + +/* + * Add some platform specific additional data + * + * This function is platform specific and adds some random noise to the + * additional data used for generating random bytes and for reseeding + * the drbg. + * + * Returns 1 on success and 0 on failure. + */ +int rand_pool_add_additional_data(RAND_POOL *pool); + +/* + * Initialise the random pool reseeding sources. + * + * Returns 1 on success and 0 on failure. + */ +int rand_pool_init(void); + +/* + * Finalise the random pool reseeding sources. + */ +void rand_pool_cleanup(void); + +/* + * Control the random pool use of open file descriptors. + */ +void rand_pool_keep_random_devices_open(int keep); + +#endif diff --git a/deps/openssl/openssl/crypto/include/internal/sha.h b/deps/openssl/openssl/crypto/include/internal/sha.h new file mode 100644 index 0000000000..458a75e89d --- /dev/null +++ b/deps/openssl/openssl/crypto/include/internal/sha.h @@ -0,0 +1,19 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_INTERNAL_SHA_H +# define HEADER_INTERNAL_SHA_H + +# include <openssl/opensslconf.h> + +int sha512_224_init(SHA512_CTX *); +int sha512_256_init(SHA512_CTX *); + +#endif diff --git a/deps/openssl/openssl/crypto/include/internal/siphash.h b/deps/openssl/openssl/crypto/include/internal/siphash.h new file mode 100644 index 0000000000..9573680f0f --- /dev/null +++ b/deps/openssl/openssl/crypto/include/internal/siphash.h @@ -0,0 +1,25 @@ +/* + * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include <stddef.h> + +#define SIPHASH_BLOCK_SIZE 8 +#define SIPHASH_KEY_SIZE 16 +#define SIPHASH_MIN_DIGEST_SIZE 8 +#define SIPHASH_MAX_DIGEST_SIZE 16 + +typedef struct siphash_st SIPHASH; + +size_t SipHash_ctx_size(void); +size_t SipHash_hash_size(SIPHASH *ctx); +int SipHash_set_hash_size(SIPHASH *ctx, size_t hash_size); +int SipHash_Init(SIPHASH *ctx, const unsigned char *k, + int crounds, int drounds); +void SipHash_Update(SIPHASH *ctx, const unsigned char *in, size_t inlen); +int SipHash_Final(SIPHASH *ctx, unsigned char *out, size_t outlen); diff --git a/deps/openssl/openssl/crypto/include/internal/sm2.h b/deps/openssl/openssl/crypto/include/internal/sm2.h new file mode 100644 index 0000000000..5c5cd4b4f5 --- /dev/null +++ b/deps/openssl/openssl/crypto/include/internal/sm2.h @@ -0,0 +1,78 @@ +/* + * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017 Ribose Inc. All Rights Reserved. + * Ported from Ribose contributions from Botan. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_SM2_H +# define HEADER_SM2_H +# include <openssl/opensslconf.h> + +# ifndef OPENSSL_NO_SM2 + +# include <openssl/ec.h> + +/* The default user id as specified in GM/T 0009-2012 */ +# define SM2_DEFAULT_USERID "1234567812345678" + +int sm2_compute_z_digest(uint8_t *out, + const EVP_MD *digest, + const uint8_t *id, + const size_t id_len, + const EC_KEY *key); + +/* + * SM2 signature operation. Computes Z and then signs H(Z || msg) using SM2 + */ +ECDSA_SIG *sm2_do_sign(const EC_KEY *key, + const EVP_MD *digest, + const uint8_t *id, + const size_t id_len, + const uint8_t *msg, size_t msg_len); + +int sm2_do_verify(const EC_KEY *key, + const EVP_MD *digest, + const ECDSA_SIG *signature, + const uint8_t *id, + const size_t id_len, + const uint8_t *msg, size_t msg_len); + +/* + * SM2 signature generation. + */ +int sm2_sign(const unsigned char *dgst, int dgstlen, + unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); + +/* + * SM2 signature verification. + */ +int sm2_verify(const unsigned char *dgst, int dgstlen, + const unsigned char *sig, int siglen, EC_KEY *eckey); + +/* + * SM2 encryption + */ +int sm2_ciphertext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, + size_t *ct_size); + +int sm2_plaintext_size(const EC_KEY *key, const EVP_MD *digest, size_t msg_len, + size_t *pt_size); + +int sm2_encrypt(const EC_KEY *key, + const EVP_MD *digest, + const uint8_t *msg, + size_t msg_len, + uint8_t *ciphertext_buf, size_t *ciphertext_len); + +int sm2_decrypt(const EC_KEY *key, + const EVP_MD *digest, + const uint8_t *ciphertext, + size_t ciphertext_len, uint8_t *ptext_buf, size_t *ptext_len); + +# endif /* OPENSSL_NO_SM2 */ +#endif diff --git a/deps/openssl/openssl/crypto/include/internal/sm2err.h b/deps/openssl/openssl/crypto/include/internal/sm2err.h new file mode 100644 index 0000000000..a4db1b73d7 --- /dev/null +++ b/deps/openssl/openssl/crypto/include/internal/sm2err.h @@ -0,0 +1,61 @@ +/* + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_SM2ERR_H +# define HEADER_SM2ERR_H + +# include <openssl/opensslconf.h> + +# ifndef OPENSSL_NO_SM2 + +# ifdef __cplusplus +extern "C" +# endif +int ERR_load_SM2_strings(void); + +/* + * SM2 function codes. + */ +# define SM2_F_PKEY_SM2_COPY 115 +# define SM2_F_PKEY_SM2_CTRL 109 +# define SM2_F_PKEY_SM2_CTRL_STR 110 +# define SM2_F_PKEY_SM2_DIGEST_CUSTOM 114 +# define SM2_F_PKEY_SM2_INIT 111 +# define SM2_F_PKEY_SM2_SIGN 112 +# define SM2_F_SM2_COMPUTE_MSG_HASH 100 +# define SM2_F_SM2_COMPUTE_USERID_DIGEST 101 +# define SM2_F_SM2_COMPUTE_Z_DIGEST 113 +# define SM2_F_SM2_DECRYPT 102 +# define SM2_F_SM2_ENCRYPT 103 +# define SM2_F_SM2_PLAINTEXT_SIZE 104 +# define SM2_F_SM2_SIGN 105 +# define SM2_F_SM2_SIG_GEN 106 +# define SM2_F_SM2_SIG_VERIFY 107 +# define SM2_F_SM2_VERIFY 108 + +/* + * SM2 reason codes. + */ +# define SM2_R_ASN1_ERROR 100 +# define SM2_R_BAD_SIGNATURE 101 +# define SM2_R_BUFFER_TOO_SMALL 107 +# define SM2_R_DIST_ID_TOO_LARGE 110 +# define SM2_R_ID_NOT_SET 112 +# define SM2_R_ID_TOO_LARGE 111 +# define SM2_R_INVALID_CURVE 108 +# define SM2_R_INVALID_DIGEST 102 +# define SM2_R_INVALID_DIGEST_TYPE 103 +# define SM2_R_INVALID_ENCODING 104 +# define SM2_R_INVALID_FIELD 105 +# define SM2_R_NO_PARAMETERS_SET 109 +# define SM2_R_USER_ID_TOO_LARGE 106 + +# endif +#endif diff --git a/deps/openssl/openssl/crypto/include/internal/sm3.h b/deps/openssl/openssl/crypto/include/internal/sm3.h new file mode 100644 index 0000000000..27eb471c28 --- /dev/null +++ b/deps/openssl/openssl/crypto/include/internal/sm3.h @@ -0,0 +1,39 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017 Ribose Inc. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_SM3_H +# define HEADER_SM3_H + +# include <openssl/opensslconf.h> + +# ifdef OPENSSL_NO_SM3 +# error SM3 is disabled. +# endif + +# define SM3_DIGEST_LENGTH 32 +# define SM3_WORD unsigned int + +# define SM3_CBLOCK 64 +# define SM3_LBLOCK (SM3_CBLOCK/4) + +typedef struct SM3state_st { + SM3_WORD A, B, C, D, E, F, G, H; + SM3_WORD Nl, Nh; + SM3_WORD data[SM3_LBLOCK]; + unsigned int num; +} SM3_CTX; + +int sm3_init(SM3_CTX *c); +int sm3_update(SM3_CTX *c, const void *data, size_t len); +int sm3_final(unsigned char *md, SM3_CTX *c); + +void sm3_block_data_order(SM3_CTX *c, const void *p, size_t num); + +#endif diff --git a/deps/openssl/openssl/crypto/include/internal/sm4.h b/deps/openssl/openssl/crypto/include/internal/sm4.h new file mode 100644 index 0000000000..f1f157ef53 --- /dev/null +++ b/deps/openssl/openssl/crypto/include/internal/sm4.h @@ -0,0 +1,37 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017 Ribose Inc. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_SM4_H +# define HEADER_SM4_H + +# include <openssl/opensslconf.h> +# include <openssl/e_os2.h> + +# ifdef OPENSSL_NO_SM4 +# error SM4 is disabled. +# endif + +# define SM4_ENCRYPT 1 +# define SM4_DECRYPT 0 + +# define SM4_BLOCK_SIZE 16 +# define SM4_KEY_SCHEDULE 32 + +typedef struct SM4_KEY_st { + uint32_t rk[SM4_KEY_SCHEDULE]; +} SM4_KEY; + +int SM4_set_key(const uint8_t *key, SM4_KEY *ks); + +void SM4_encrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); + +void SM4_decrypt(const uint8_t *in, uint8_t *out, const SM4_KEY *ks); + +#endif diff --git a/deps/openssl/openssl/crypto/include/internal/store.h b/deps/openssl/openssl/crypto/include/internal/store.h new file mode 100644 index 0000000000..f5013dc367 --- /dev/null +++ b/deps/openssl/openssl/crypto/include/internal/store.h @@ -0,0 +1,10 @@ +/* + * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +void ossl_store_cleanup_int(void); diff --git a/deps/openssl/openssl/crypto/include/internal/store_int.h b/deps/openssl/openssl/crypto/include/internal/store_int.h new file mode 100644 index 0000000000..6f31e019ea --- /dev/null +++ b/deps/openssl/openssl/crypto/include/internal/store_int.h @@ -0,0 +1,26 @@ +/* + * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_STORE_INT_H +# define HEADER_STORE_INT_H + +# include <openssl/bio.h> +# include <openssl/store.h> +# include <openssl/ui.h> + +/* + * Two functions to read PEM data off an already opened BIO. To be used + * instead of OSSLSTORE_open() and OSSLSTORE_close(). Everything is done + * as usual with OSSLSTORE_load() and OSSLSTORE_eof(). + */ +OSSL_STORE_CTX *ossl_store_attach_pem_bio(BIO *bp, const UI_METHOD *ui_method, + void *ui_data); +int ossl_store_detach_pem_bio(OSSL_STORE_CTX *ctx); + +#endif diff --git a/deps/openssl/openssl/crypto/include/internal/x509_int.h b/deps/openssl/openssl/crypto/include/internal/x509_int.h index eb43997704..b53c2b03c3 100644 --- a/deps/openssl/openssl/crypto/include/internal/x509_int.h +++ b/deps/openssl/openssl/crypto/include/internal/x509_int.h @@ -7,6 +7,8 @@ * https://www.openssl.org/source/license.html */ +#include "internal/refcount.h" + /* Internal X509 structures and functions: not for application use */ /* Note: unless otherwise stated a field pointer is mandatory and should @@ -35,6 +37,19 @@ struct X509_name_st { int canon_enclen; } /* X509_NAME */ ; +/* Signature info structure */ + +struct x509_sig_info_st { + /* NID of message digest */ + int mdnid; + /* NID of public key algorithm */ + int pknid; + /* Security bits */ + int secbits; + /* Various flags */ + uint32_t flags; +}; + /* PKCS#10 certificate request */ struct X509_req_info_st { @@ -54,7 +69,7 @@ struct X509_req_st { X509_REQ_INFO req_info; /* signed certificate request data */ X509_ALGOR sig_alg; /* signature algorithm */ ASN1_BIT_STRING *signature; /* signature */ - int references; + CRYPTO_REF_COUNT references; CRYPTO_RWLOCK *lock; }; @@ -73,7 +88,7 @@ struct X509_crl_st { X509_CRL_INFO crl; /* signed CRL data */ X509_ALGOR sig_alg; /* CRL signature algorithm */ ASN1_BIT_STRING signature; /* CRL signature */ - int references; + CRYPTO_REF_COUNT references; int flags; /* * Cached copies of decoded extension values, since extensions @@ -144,7 +159,8 @@ struct x509_st { X509_CINF cert_info; X509_ALGOR sig_alg; ASN1_BIT_STRING signature; - int references; + X509_SIG_INFO siginf; + CRYPTO_REF_COUNT references; CRYPTO_EX_DATA ex_data; /* These contain copies of various extension values */ long ex_pathlen; @@ -266,3 +282,5 @@ struct x509_object_st { int a2i_ipadd(unsigned char *ipout, const char *ipasc); int x509_set1_time(ASN1_TIME **ptm, const ASN1_TIME *tm); + +void x509_init_sig_info(X509 *x); |