[thirdparty/systemd.git] / src / shared / openssl-util.h

/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once

#include "iovec-util.h"
#include "macro.h"
#include "sha256.h"

typedef enum KeySourceType {
        OPENSSL_KEY_SOURCE_FILE,
        OPENSSL_KEY_SOURCE_ENGINE,
        OPENSSL_KEY_SOURCE_PROVIDER,
        _OPENSSL_KEY_SOURCE_MAX,
        _OPENSSL_KEY_SOURCE_INVALID = -EINVAL,
} KeySourceType;

int parse_openssl_key_source_argument(const char *argument, char **private_key_source, KeySourceType *private_key_source_type);

#define X509_FINGERPRINT_SIZE SHA256_DIGEST_SIZE

#if HAVE_OPENSSL
#  include <openssl/bio.h>
#  include <openssl/bn.h>
#  include <openssl/crypto.h>
#  include <openssl/err.h>
#  include <openssl/evp.h>
#  include <openssl/opensslv.h>
#  include <openssl/pkcs7.h>
#  include <openssl/ssl.h>
#  include <openssl/x509v3.h>
#  ifndef OPENSSL_VERSION_MAJOR
/* OPENSSL_VERSION_MAJOR macro was added in OpenSSL 3. Thus, if it doesn't exist,  we must be before OpenSSL 3. */
#    define OPENSSL_VERSION_MAJOR 1
#  endif
#  if OPENSSL_VERSION_MAJOR >= 3
#    include <openssl/core_names.h>
#    include <openssl/kdf.h>
#    include <openssl/param_build.h>
#    include <openssl/provider.h>
#    include <openssl/store.h>
#  endif

DEFINE_TRIVIAL_CLEANUP_FUNC_FULL_MACRO(void*, OPENSSL_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(X509_NAME*, X509_NAME_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_PKEY_CTX*, EVP_PKEY_CTX_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_CIPHER_CTX*, EVP_CIPHER_CTX_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EC_POINT*, EC_POINT_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EC_GROUP*, EC_GROUP_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(BIGNUM*, BN_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(BN_CTX*, BN_CTX_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(ECDSA_SIG*, ECDSA_SIG_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(PKCS7*, PKCS7_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(SSL*, SSL_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(BIO*, BIO_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_MD_CTX*, EVP_MD_CTX_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(ASN1_OCTET_STRING*, ASN1_OCTET_STRING_free, NULL);

#if OPENSSL_VERSION_MAJOR >= 3
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_CIPHER*, EVP_CIPHER_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_KDF*, EVP_KDF_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_KDF_CTX*, EVP_KDF_CTX_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_MAC*, EVP_MAC_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_MAC_CTX*, EVP_MAC_CTX_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_MD*, EVP_MD_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(OSSL_PARAM*, OSSL_PARAM_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(OSSL_PARAM_BLD*, OSSL_PARAM_BLD_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(OSSL_STORE_CTX*, OSSL_STORE_close, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(OSSL_STORE_INFO*, OSSL_STORE_INFO_free, NULL);
#else
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EC_KEY*, EC_KEY_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(HMAC_CTX*, HMAC_CTX_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(RSA*, RSA_free, NULL);
#endif

static inline void sk_X509_free_allp(STACK_OF(X509) **sk) {
        if (!sk || !*sk)
                return;

        sk_X509_pop_free(*sk, X509_free);
}

int openssl_pkey_from_pem(const void *pem, size_t pem_size, EVP_PKEY **ret);

int openssl_digest_size(const char *digest_alg, size_t *ret_digest_size);

int openssl_digest_many(const char *digest_alg, const struct iovec data[], size_t n_data, void **ret_digest, size_t *ret_digest_size);

static inline int openssl_digest(const char *digest_alg, const void *buf, size_t len, void **ret_digest, size_t *ret_digest_size) {
        return openssl_digest_many(digest_alg, &IOVEC_MAKE((void*) buf, len), 1, ret_digest, ret_digest_size);
}

int openssl_hmac_many(const char *digest_alg, const void *key, size_t key_size, const struct iovec data[], size_t n_data, void **ret_digest, size_t *ret_digest_size);

static inline int openssl_hmac(const char *digest_alg, const void *key, size_t key_size, const void *buf, size_t len, void **ret_digest, size_t *ret_digest_size) {
        return openssl_hmac_many(digest_alg, key, key_size, &IOVEC_MAKE((void*) buf, len), 1, ret_digest, ret_digest_size);
}

int openssl_cipher_many(const char *alg, size_t bits, const char *mode, const void *key, size_t key_size, const void *iv, size_t iv_size, const struct iovec data[], size_t n_data, void **ret, size_t *ret_size);

static inline int openssl_cipher(const char *alg, size_t bits, const char *mode, const void *key, size_t key_size, const void *iv, size_t iv_size, const void *buf, size_t len, void **ret, size_t *ret_size) {
        return openssl_cipher_many(alg, bits, mode, key, key_size, iv, iv_size, &IOVEC_MAKE((void*) buf, len), 1, ret, ret_size);
}

int kdf_ss_derive(const char *digest, const void *key, size_t key_size, const void *salt, size_t salt_size, const void *info, size_t info_size, size_t derive_size, void **ret);

int kdf_kb_hmac_derive(const char *mode, const char *digest, const void *key, size_t key_size, const void *salt, size_t salt_size, const void *info, size_t info_size, const void *seed, size_t seed_size, size_t derive_size, void **ret);

int rsa_encrypt_bytes(EVP_PKEY *pkey, const void *decrypted_key, size_t decrypted_key_size, void **ret_encrypt_key, size_t *ret_encrypt_key_size);

int rsa_oaep_encrypt_bytes(const EVP_PKEY *pkey, const char *digest_alg, const char *label, const void *decrypted_key, size_t decrypted_key_size, void **ret_encrypt_key, size_t *ret_encrypt_key_size);

int rsa_pkey_to_suitable_key_size(EVP_PKEY *pkey, size_t *ret_suitable_key_size);

int rsa_pkey_new(size_t bits, EVP_PKEY **ret);

int rsa_pkey_from_n_e(const void *n, size_t n_size, const void *e, size_t e_size, EVP_PKEY **ret);

int rsa_pkey_to_n_e(const EVP_PKEY *pkey, void **ret_n, size_t *ret_n_size, void **ret_e, size_t *ret_e_size);

int ecc_pkey_from_curve_x_y(int curve_id, const void *x, size_t x_size, const void *y, size_t y_size, EVP_PKEY **ret);

int ecc_pkey_to_curve_x_y(const EVP_PKEY *pkey, int *ret_curve_id, void **ret_x, size_t *ret_x_size, void **ret_y, size_t *ret_y_size);

int ecc_pkey_new(int curve_id, EVP_PKEY **ret);

int ecc_ecdh(const EVP_PKEY *private_pkey, const EVP_PKEY *peer_pkey, void **ret_shared_secret, size_t *ret_shared_secret_size);

int pkey_generate_volume_keys(EVP_PKEY *pkey, void **ret_decrypted_key, size_t *ret_decrypted_key_size, void **ret_saved_key, size_t *ret_saved_key_size);

int pubkey_fingerprint(EVP_PKEY *pk, const EVP_MD *md, void **ret, size_t *ret_size);

int digest_and_sign(const EVP_MD *md, EVP_PKEY *privkey, const void *data, size_t size, void **ret, size_t *ret_size);

int openssl_load_key_from_token(KeySourceType private_key_source_type, const char *private_key_source, const char *private_key, EVP_PKEY **ret);

#else

typedef struct X509 X509;
typedef struct EVP_PKEY EVP_PKEY;

static inline void *X509_free(X509 *p) {
        assert(p == NULL);
        return NULL;
}

static inline void *EVP_PKEY_free(EVP_PKEY *p) {
        assert(p == NULL);
        return NULL;
}

static inline int openssl_load_key_from_token(
                KeySourceType private_key_source_type,
                const char *private_key_source,
                const char *private_key,
                EVP_PKEY **ret) {

        return -EOPNOTSUPP;
}

#endif

DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(X509*, X509_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_PKEY*, EVP_PKEY_free, NULL);

int x509_fingerprint(X509 *cert, uint8_t buffer[static X509_FINGERPRINT_SIZE]);

#if PREFER_OPENSSL
/* The openssl definition */
typedef const EVP_MD* hash_md_t;
typedef const EVP_MD* hash_algorithm_t;
typedef int elliptic_curve_t;
typedef EVP_MD_CTX* hash_context_t;
#  define OPENSSL_OR_GCRYPT(a, b) (a)

#elif HAVE_GCRYPT

#  include <gcrypt.h>

/* The gcrypt definition */
typedef int hash_md_t;
typedef const char* hash_algorithm_t;
typedef const char* elliptic_curve_t;
typedef gcry_md_hd_t hash_context_t;
#  define OPENSSL_OR_GCRYPT(a, b) (b)
#endif

#if PREFER_OPENSSL
int string_hashsum(const char *s, size_t len, const char *md_algorithm, char **ret);

static inline int string_hashsum_sha224(const char *s, size_t len, char **ret) {
        return string_hashsum(s, len, "SHA224", ret);
}

static inline int string_hashsum_sha256(const char *s, size_t len, char **ret) {
        return string_hashsum(s, len, "SHA256", ret);
}
#endif
Commit	Line	Data
db9ecf05	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
3f637019 LP	2	#pragma once
3f637019 LP	3
bd1ae178	4	#include "iovec-util.h"
f2d5df8a	5	#include "macro.h"
8939d335 DDM	6	#include "sha256.h"
8939d335 DDM	7
a73144bb LB	8	typedef enum KeySourceType {
	9	OPENSSL_KEY_SOURCE_FILE,
	10	OPENSSL_KEY_SOURCE_ENGINE,
	11	OPENSSL_KEY_SOURCE_PROVIDER,
	12	_OPENSSL_KEY_SOURCE_MAX,
	13	_OPENSSL_KEY_SOURCE_INVALID = -EINVAL,
	14	} KeySourceType;
	15
	16	int parse_openssl_key_source_argument(const char argument, char private_key_source, KeySourceType private_key_source_type);
	17
8939d335	18	#define X509_FINGERPRINT_SIZE SHA256_DIGEST_SIZE
f2d5df8a	19
b012a1f4	20	#if HAVE_OPENSSL
c2fa92e7	21	# include <openssl/bio.h>
57633d23	22	# include <openssl/bn.h>
900e73f8	23	# include <openssl/crypto.h>
57633d23	24	# include <openssl/err.h>
4ef65db3	25	# include <openssl/evp.h>
d9b5841d	26	# include <openssl/opensslv.h>
c2fa92e7 LP	27	# include <openssl/pkcs7.h>
	28	# include <openssl/ssl.h>
	29	# include <openssl/x509v3.h>
d9b5841d LP	30	# ifndef OPENSSL_VERSION_MAJOR
	31	/* OPENSSL_VERSION_MAJOR macro was added in OpenSSL 3. Thus, if it doesn't exist, we must be before OpenSSL 3. */
	32	# define OPENSSL_VERSION_MAJOR 1
	33	# endif
	34	# if OPENSSL_VERSION_MAJOR >= 3
	35	# include <openssl/core_names.h>
a65a25be	36	# include <openssl/kdf.h>
dcec950c	37	# include <openssl/param_build.h>
dba0afa1 LB	38	# include <openssl/provider.h>
dba0afa1 LB	39	# include <openssl/store.h>
d9b5841d	40	# endif
3f637019	41
900e73f8	42	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL_MACRO(void*, OPENSSL_free, NULL);
fd421c4a ZJS	43	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(X509_NAME*, X509_NAME_free, NULL);
	44	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_PKEY_CTX*, EVP_PKEY_CTX_free, NULL);
	45	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_CIPHER_CTX*, EVP_CIPHER_CTX_free, NULL);
57633d23 ZJS	46	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EC_POINT*, EC_POINT_free, NULL);
	47	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EC_GROUP*, EC_GROUP_free, NULL);
	48	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(BIGNUM*, BN_free, NULL);
	49	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(BN_CTX*, BN_CTX_free, NULL);
	50	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(ECDSA_SIG*, ECDSA_SIG_free, NULL);
c2fa92e7 LP	51	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(PKCS7*, PKCS7_free, NULL);
	52	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(SSL*, SSL_free, NULL);
	53	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(BIO*, BIO_free, NULL);
18f568b8	54	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_MD_CTX*, EVP_MD_CTX_free, NULL);
85686b37	55	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(ASN1_OCTET_STRING*, ASN1_OCTET_STRING_free, NULL);
81d61d6a	56
dcec950c	57	#if OPENSSL_VERSION_MAJOR >= 3
58f215a0	58	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_CIPHER*, EVP_CIPHER_free, NULL);
a65a25be DS	59	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_KDF*, EVP_KDF_free, NULL);
a65a25be DS	60	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_KDF_CTX*, EVP_KDF_CTX_free, NULL);
a95e8fa2 DS	61	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_MAC*, EVP_MAC_free, NULL);
a95e8fa2 DS	62	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_MAC_CTX*, EVP_MAC_CTX_free, NULL);
c52a003d	63	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_MD*, EVP_MD_free, NULL);
dcec950c DS	64	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(OSSL_PARAM*, OSSL_PARAM_free, NULL);
dcec950c DS	65	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(OSSL_PARAM_BLD*, OSSL_PARAM_BLD_free, NULL);
dba0afa1 LB	66	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(OSSL_STORE_CTX*, OSSL_STORE_close, NULL);
dba0afa1 LB	67	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(OSSL_STORE_INFO*, OSSL_STORE_INFO_free, NULL);
dcec950c DS	68	#else
dcec950c DS	69	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EC_KEY*, EC_KEY_free, NULL);
a95e8fa2	70	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(HMAC_CTX*, HMAC_CTX_free, NULL);
dcec950c DS	71	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(RSA*, RSA_free, NULL);
dcec950c DS	72	#endif
c2fa92e7 LP	73
	74	static inline void sk_X509_free_allp(STACK_OF(X509) **sk) {
	75	if (!sk \|\| !*sk)
	76	return;
	77
	78	sk_X509_pop_free(*sk, X509_free);
	79	}
b012a1f4	80
4af788c7 DS	81	int openssl_pkey_from_pem(const void pem, size_t pem_size, EVP_PKEY *ret);
4af788c7 DS	82
c52a003d DS	83	int openssl_digest_size(const char digest_alg, size_t ret_digest_size);
c52a003d DS	84
bed4831c DS	85	int openssl_digest_many(const char digest_alg, const struct iovec data[], size_t n_data, void ret_digest, size_t ret_digest_size);
	86
	87	static inline int openssl_digest(const char digest_alg, const void buf, size_t len, void *ret_digest, size_t ret_digest_size) {
	88	return openssl_digest_many(digest_alg, &IOVEC_MAKE((void*) buf, len), 1, ret_digest, ret_digest_size);
	89	}
	90
a95e8fa2 DS	91	int openssl_hmac_many(const char digest_alg, const void key, size_t key_size, const struct iovec data[], size_t n_data, void *ret_digest, size_t ret_digest_size);
	92
	93	static inline int openssl_hmac(const char digest_alg, const void key, size_t key_size, const void buf, size_t len, void ret_digest, size_t ret_digest_size) {
	94	return openssl_hmac_many(digest_alg, key, key_size, &IOVEC_MAKE((void*) buf, len), 1, ret_digest, ret_digest_size);
	95	}
	96
58f215a0 DS	97	int openssl_cipher_many(const char alg, size_t bits, const char mode, const void key, size_t key_size, const void iv, size_t iv_size, const struct iovec data[], size_t n_data, void *ret, size_t ret_size);
	98
	99	static inline int openssl_cipher(const char alg, size_t bits, const char mode, const void key, size_t key_size, const void iv, size_t iv_size, const void buf, size_t len, void ret, size_t ret_size) {
	100	return openssl_cipher_many(alg, bits, mode, key, key_size, iv, iv_size, &IOVEC_MAKE((void*) buf, len), 1, ret, ret_size);
	101	}
	102
8c2205bb DS	103	int kdf_ss_derive(const char digest, const void key, size_t key_size, const void salt, size_t salt_size, const void info, size_t info_size, size_t derive_size, void **ret);
8c2205bb DS	104
a65a25be DS	105	int kdf_kb_hmac_derive(const char mode, const char digest, const void key, size_t key_size, const void salt, size_t salt_size, const void info, size_t info_size, const void seed, size_t seed_size, size_t derive_size, void **ret);
a65a25be DS	106
f2d5df8a LP	107	int rsa_encrypt_bytes(EVP_PKEY pkey, const void decrypted_key, size_t decrypted_key_size, void *ret_encrypt_key, size_t ret_encrypt_key_size);
f2d5df8a LP	108
816b1dc4 DS	109	int rsa_oaep_encrypt_bytes(const EVP_PKEY pkey, const char digest_alg, const char label, const void decrypted_key, size_t decrypted_key_size, void *ret_encrypt_key, size_t ret_encrypt_key_size);
816b1dc4 DS	110
d041e4fc	111	int rsa_pkey_to_suitable_key_size(EVP_PKEY pkey, size_t ret_suitable_key_size);
e8ccb5c7	112
dcec950c DS	113	int rsa_pkey_new(size_t bits, EVP_PKEY **ret);
	114
	115	int rsa_pkey_from_n_e(const void n, size_t n_size, const void e, size_t e_size, EVP_PKEY **ret);
	116
	117	int rsa_pkey_to_n_e(const EVP_PKEY pkey, void ret_n, size_t ret_n_size, void *ret_e, size_t ret_e_size);
	118
900e73f8 DS	119	int ecc_pkey_from_curve_x_y(int curve_id, const void x, size_t x_size, const void y, size_t y_size, EVP_PKEY **ret);
	120
	121	int ecc_pkey_to_curve_x_y(const EVP_PKEY pkey, int ret_curve_id, void *ret_x, size_t ret_x_size, void *ret_y, size_t ret_y_size);
	122
	123	int ecc_pkey_new(int curve_id, EVP_PKEY **ret);
	124
779b80d8 DS	125	int ecc_ecdh(const EVP_PKEY private_pkey, const EVP_PKEY peer_pkey, void *ret_shared_secret, size_t ret_shared_secret_size);
779b80d8 DS	126
85686b37	127	int pkey_generate_volume_keys(EVP_PKEY pkey, void ret_decrypted_key, size_t ret_decrypted_key_size, void *ret_saved_key, size_t ret_saved_key_size);
876206f2	128
e8ccb5c7 LP	129	int pubkey_fingerprint(EVP_PKEY pk, const EVP_MD md, void *ret, size_t ret_size);
e8ccb5c7 LP	130
ef65c0f6 LP	131	int digest_and_sign(const EVP_MD md, EVP_PKEY privkey, const void data, size_t size, void ret, size_t ret_size);
ef65c0f6 LP	132
a73144bb	133	int openssl_load_key_from_token(KeySourceType private_key_source_type, const char private_key_source, const char private_key, EVP_PKEY **ret);
dba0afa1	134
bc958a19 DDM	135	#else
	136
	137	typedef struct X509 X509;
	138	typedef struct EVP_PKEY EVP_PKEY;
	139
	140	static inline void X509_free(X509 p) {
	141	assert(p == NULL);
	142	return NULL;
	143	}
	144
	145	static inline void EVP_PKEY_free(EVP_PKEY p) {
	146	assert(p == NULL);
	147	return NULL;
	148	}
	149
a73144bb LB	150	static inline int openssl_load_key_from_token(
	151	KeySourceType private_key_source_type,
	152	const char *private_key_source,
	153	const char *private_key,
	154	EVP_PKEY **ret) {
	155
dba0afa1 LB	156	return -EOPNOTSUPP;
	157	}
	158
57633d23 ZJS	159	#endif
57633d23 ZJS	160
bc958a19 DDM	161	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(X509*, X509_free, NULL);
	162	DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_PKEY*, EVP_PKEY_free, NULL);
	163
8939d335 DDM	164	int x509_fingerprint(X509 *cert, uint8_t buffer[static X509_FINGERPRINT_SIZE]);
8939d335 DDM	165
57633d23 ZJS	166	#if PREFER_OPENSSL
	167	/* The openssl definition */
	168	typedef const EVP_MD* hash_md_t;
	169	typedef const EVP_MD* hash_algorithm_t;
	170	typedef int elliptic_curve_t;
	171	typedef EVP_MD_CTX* hash_context_t;
	172	# define OPENSSL_OR_GCRYPT(a, b) (a)
	173
	174	#elif HAVE_GCRYPT
	175
	176	# include <gcrypt.h>
d041e4fc	177
57633d23 ZJS	178	/* The gcrypt definition */
	179	typedef int hash_md_t;
	180	typedef const char* hash_algorithm_t;
	181	typedef const char* elliptic_curve_t;
	182	typedef gcry_md_hd_t hash_context_t;
	183	# define OPENSSL_OR_GCRYPT(a, b) (b)
b012a1f4	184	#endif
7e8facb3 ZJS	185
7e8facb3 ZJS	186	#if PREFER_OPENSSL
11f7bc5e	187	int string_hashsum(const char s, size_t len, const char md_algorithm, char **ret);
7e8facb3 ZJS	188
7e8facb3 ZJS	189	static inline int string_hashsum_sha224(const char s, size_t len, char *ret) {
11f7bc5e	190	return string_hashsum(s, len, "SHA224", ret);
7e8facb3 ZJS	191	}
	192
	193	static inline int string_hashsum_sha256(const char s, size_t len, char *ret) {
11f7bc5e	194	return string_hashsum(s, len, "SHA256", ret);
7e8facb3 ZJS	195	}
7e8facb3 ZJS	196	#endif