#include <openssl/bio.h>
#endif
-/*
+/*-
#define EVP_RC2_KEY_SIZE 16
#define EVP_RC4_KEY_SIZE 16
#define EVP_BLOWFISH_KEY_SIZE 16
unsigned int m_length,const unsigned char *sigbuf,
unsigned int siglen, void *key);
-#define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single
- * block */
+/* digest can only handle a single block */
+#define EVP_MD_FLAG_ONESHOT 0x0001
-#define EVP_MD_FLAG_PKEY_DIGEST 0x0002 /* digest is a "clone" digest used
- * which is a copy of an existing
- * one for a specific public key type.
- * EVP_dss1() etc */
+/*
+ * digest is a "clone" digest used
+ * which is a copy of an existing
+ * one for a specific public key type.
+ * EVP_dss1() etc
+ */
+#define EVP_MD_FLAG_PKEY_DIGEST 0x0002
/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
#define EVP_MD_FLAG_DIGALGID_CUSTOM 0x0018
-#define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */
+/* Note if suitable for use in FIPS mode */
+#define EVP_MD_FLAG_FIPS 0x0400
/* Digest ctrls */
{
int nid;
int block_size;
- int key_len; /* Default value for variable length ciphers */
+
+ /* Default value for variable length ciphers */
+ int key_len;
int iv_len;
- unsigned long flags; /* Various flags */
+
+ /* Various flags */
+ unsigned long flags;
+
+ /* init key */
int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc); /* init key */
+ const unsigned char *iv, int enc);
+
+ /* encrypt/decrypt data */
int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t inl);/* encrypt/decrypt data */
- int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
- int ctx_size; /* how big ctx->cipher_data needs to be */
- int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
- int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
- int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
- void *app_data; /* Application data */
+ const unsigned char *in, size_t inl);
+
+ /* cleanup ctx */
+ int (*cleanup)(EVP_CIPHER_CTX *);
+
+ /* how big ctx->cipher_data needs to be */
+ int ctx_size;
+
+ /* Populate a ASN1_TYPE with parameters */
+ int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *);
+
+ /* Get parameters from a ASN1_TYPE */
+ int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *);
+
+ /* Miscellaneous operations */
+ int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr);
+
+ /* Application data */
+ void *app_data;
} /* EVP_CIPHER */;
/* Values for cipher flags */
#define EVP_CIPH_CCM_MODE 0x7
#define EVP_CIPH_XTS_MODE 0x10001
#define EVP_CIPH_WRAP_MODE 0x10002
+#define EVP_CIPH_OCB_MODE 0x10003
#define EVP_CIPH_MODE 0xF0007
/* Set if variable length cipher */
#define EVP_CIPH_VARIABLE_LENGTH 0x8
#define EVP_CTRL_TLS1_1_MULTIBLOCK_AAD 0x19
#define EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT 0x1a
#define EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT 0x1b
+#define EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE 0x1c
typedef struct {
unsigned char *out;
unsigned int interleave;
} EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM;
+#define EVP_CTRL_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
+#define EVP_CTRL_GET_TAG EVP_CTRL_GCM_GET_TAG
+#define EVP_CTRL_SET_TAG EVP_CTRL_GCM_SET_TAG
+#define EVP_CTRL_OCB_SET_TAGLEN 0x1c
+
+
/* GCM TLS constants */
/* Length of fixed part of IV derived from PRF */
#define EVP_GCM_TLS_FIXED_IV_LEN 4
typedef struct evp_Encode_Ctx_st
{
- int num; /* number saved in a partial encode/decode */
- int length; /* The length is either the output line length
- * (in input bytes) or the shortest input line
- * length that is ok. Once decoding begins,
- * the length is adjusted up each time a longer
- * line is decoded */
- unsigned char enc_data[80]; /* data to encode */
- int line_num; /* number read on current line */
+ /* number saved in a partial encode/decode */
+ int num;
+
+ /* The length is either the output line length
+ * (in input bytes) or the shortest input line
+ * length that is ok. Once decoding begins,
+ * the length is adjusted up each time a longer
+ * line is decoded
+ */
+ int length;
+
+ /* data to encode */
+ unsigned char enc_data[80];
+
+ /* number read on current line */
+ int line_num;
int expect_nl;
} EVP_ENCODE_CTX;
#ifndef OPENSSL_NO_MDC2
const EVP_MD *EVP_mdc2(void);
#endif
-#ifndef OPENSSL_NO_RIPEMD
+#ifndef OPENSSL_NO_RMD160
const EVP_MD *EVP_ripemd160(void);
#endif
#ifndef OPENSSL_NO_WHIRLPOOL
const EVP_CIPHER *EVP_aes_128_gcm(void);
const EVP_CIPHER *EVP_aes_128_xts(void);
const EVP_CIPHER *EVP_aes_128_wrap(void);
+const EVP_CIPHER *EVP_aes_128_wrap_pad(void);
+#ifndef OPENSSL_NO_OCB
+const EVP_CIPHER *EVP_aes_128_ocb(void);
+#endif
const EVP_CIPHER *EVP_aes_192_ecb(void);
const EVP_CIPHER *EVP_aes_192_cbc(void);
const EVP_CIPHER *EVP_aes_192_cfb1(void);
const EVP_CIPHER *EVP_aes_192_ccm(void);
const EVP_CIPHER *EVP_aes_192_gcm(void);
const EVP_CIPHER *EVP_aes_192_wrap(void);
+const EVP_CIPHER *EVP_aes_192_wrap_pad(void);
+#ifndef OPENSSL_NO_OCB
+const EVP_CIPHER *EVP_aes_192_ocb(void);
+#endif
const EVP_CIPHER *EVP_aes_256_ecb(void);
const EVP_CIPHER *EVP_aes_256_cbc(void);
const EVP_CIPHER *EVP_aes_256_cfb1(void);
const EVP_CIPHER *EVP_aes_256_gcm(void);
const EVP_CIPHER *EVP_aes_256_xts(void);
const EVP_CIPHER *EVP_aes_256_wrap(void);
+const EVP_CIPHER *EVP_aes_256_wrap_pad(void);
+#ifndef OPENSSL_NO_OCB
+const EVP_CIPHER *EVP_aes_256_ocb(void);
+#endif
# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
int EVP_PKEY_id(const EVP_PKEY *pkey);
int EVP_PKEY_base_id(const EVP_PKEY *pkey);
int EVP_PKEY_bits(EVP_PKEY *pkey);
+int EVP_PKEY_security_bits(const EVP_PKEY *pkey);
int EVP_PKEY_size(EVP_PKEY *pkey);
int EVP_PKEY_set_type(EVP_PKEY *pkey,int type);
int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
int (*pkey_ctrl)(EVP_PKEY *pkey, int op,
long arg1, void *arg2));
+void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth,
+ int (*pkey_security_bits)(const EVP_PKEY *pk));
+
#define EVP_PKEY_OP_UNDEFINED 0
#define EVP_PKEY_OP_PARAMGEN (1<<1)