src/shared/openssl-util.h

   1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
   2 #pragma once
   3
   4 #include "macro.h"
   5
   6 #if HAVE_OPENSSL
   7 #  include <openssl/bio.h>
   8 #  include <openssl/bn.h>
   9 #  include <openssl/err.h>
  10 #  include <openssl/evp.h>
  11 #  include <openssl/opensslv.h>
  12 #  include <openssl/pkcs7.h>
  13 #  include <openssl/ssl.h>
  14 #  include <openssl/x509v3.h>
  15 #  ifndef OPENSSL_VERSION_MAJOR
  16 /* OPENSSL_VERSION_MAJOR macro was added in OpenSSL 3. Thus, if it doesn't exist,  we must be before OpenSSL 3. */
  17 #    define OPENSSL_VERSION_MAJOR 1
  18 #  endif
  19 #  if OPENSSL_VERSION_MAJOR >= 3
  20 #    include <openssl/core_names.h>
  21 #  endif
  22
  23 DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(X509*, X509_free, NULL);
  24 DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(X509_NAME*, X509_NAME_free, NULL);
  25 DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_PKEY_CTX*, EVP_PKEY_CTX_free, NULL);
  26 DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_PKEY*, EVP_PKEY_free, NULL);
  27 DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_CIPHER_CTX*, EVP_CIPHER_CTX_free, NULL);
  28 DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EC_POINT*, EC_POINT_free, NULL);
  29 DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EC_GROUP*, EC_GROUP_free, NULL);
  30 DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(BIGNUM*, BN_free, NULL);
  31 DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(BN_CTX*, BN_CTX_free, NULL);
  32 DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(ECDSA_SIG*, ECDSA_SIG_free, NULL);
  33 DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(PKCS7*, PKCS7_free, NULL);
  34 DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(SSL*, SSL_free, NULL);
  35 DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(BIO*, BIO_free, NULL);
  36 DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_MD_CTX*, EVP_MD_CTX_free, NULL);
  37
  38 static inline void sk_X509_free_allp(STACK_OF(X509) **sk) {
  39         if (!sk || !*sk)
  40                 return;
  41
  42         sk_X509_pop_free(*sk, X509_free);
  43 }
  44
  45 int openssl_hash(const EVP_MD *alg, const void *msg, size_t msg_len, uint8_t *ret_hash, size_t *ret_hash_len);
  46
  47 int rsa_encrypt_bytes(EVP_PKEY *pkey, const void *decrypted_key, size_t decrypted_key_size, void **ret_encrypt_key, size_t *ret_encrypt_key_size);
  48
  49 int rsa_pkey_to_suitable_key_size(EVP_PKEY *pkey, size_t *ret_suitable_key_size);
  50
  51 int pubkey_fingerprint(EVP_PKEY *pk, const EVP_MD *md, void **ret, size_t *ret_size);
  52
  53 #endif
  54
  55 #if PREFER_OPENSSL
  56 /* The openssl definition */
  57 typedef const EVP_MD* hash_md_t;
  58 typedef const EVP_MD* hash_algorithm_t;
  59 typedef int elliptic_curve_t;
  60 typedef EVP_MD_CTX* hash_context_t;
  61 #  define OPENSSL_OR_GCRYPT(a, b) (a)
  62
  63 #elif HAVE_GCRYPT
  64
  65 #  include <gcrypt.h>
  66
  67 /* The gcrypt definition */
  68 typedef int hash_md_t;
  69 typedef const char* hash_algorithm_t;
  70 typedef const char* elliptic_curve_t;
  71 typedef gcry_md_hd_t hash_context_t;
  72 #  define OPENSSL_OR_GCRYPT(a, b) (b)
  73 #endif
  74
  75 #if PREFER_OPENSSL
  76 int string_hashsum(const char *s, size_t len, hash_algorithm_t md_algorithm, char **ret);
  77
  78 static inline int string_hashsum_sha224(const char *s, size_t len, char **ret) {
  79         return string_hashsum(s, len, EVP_sha224(), ret);
  80 }
  81
  82 static inline int string_hashsum_sha256(const char *s, size_t len, char **ret) {
  83         return string_hashsum(s, len, EVP_sha256(), ret);
  84 }
  85 #endif