Hi there,
I am still working on a new EVP interface.
Todays subject are the message digests and public keys.
When first looking at the EVP definitions the thing that bothered me
most was the fact that in the sym ciphers the classes and methods are
cleanly from the instances (ciphers and cipher contexts), while this
is not done cleanly in the message digest and not at all in the
public keys.
In the following are my ideas to remedy this.
(BTW, I had a look at the number of places in the code an EVP_PKEY
is used. A puny 1083. That'll be a breeze to change B-} )
OK here goes:
1. There will be no sub types of the public key mechanisms, but the
flags field
will be put to use if nessecary. A thing is a EVP_PKEY_RSA or a
EVP_PKEY_DH,
but none of this RSA2,3,4,5 stuff.
2. EVP_PKEY will contain the pointers to the methods of the objects.
They are handle
and retrieve just like the sym. ciphers and their generator functions
take STACK*'s of
options.
/* all methods must be implemented, even if just as
* dummy as in the null-method set. */
typedef struct evp_pkey_st
{
char *name;
int flags;
int alg_type; /* RSA, DSA, an SSLeay specific constant
* describing the underlying mechanism */
int oid; /* For the pub-key type */
int encrypt_oid; /* pub/priv key encryption */
int (*get_NID)(); /* get the NID of the PKEY type */
int (*init)(/* EVP_PKEY_CTX* */);
int (*cleanup)(/* EVP_PKEY_CTX* */);
int (*sign)(/* EVP_PKEY_CTX* */);
int (*verify)(/* EVP_PKEY_CTX* */);
struct
{
int (*set)(); /* get and/or set the underlying type */
int (*get)();
int (*encrypt)(/* EVP_PKEY_CTX* */);
int (*decrypt)(/* EVP_PKEY_CTX* */);
int (*i2d)( /* EVP_PKEY_CTX*, unsigned char **pp */);
/* will set the value _in_ the PKEY struct, not return a new one.
*/
int (*d2i)( /* EVP_PKEY_CTX*, unsigned char **pp,long length */);
/* will return copy of object or NULL on failure */
struct evp_key_st* (*dup)( /* EVP_PKEY_CTX* orig */ );
} pub,priv;
int (*set_asn1_parameters)(/* EVP_PKEY_CTX*,ASN1_TYPE* */);
int (*get_asn1_parameters)(/* EVP_PKEY_CTX*,ASN1_TYPE* */);
int (*num_bits)( /* EVP_PKEY_CTX* */); /* lenght of key */
int (*size)( /* EVP_PKEY_CTX* */); /* size of key in byte */
/* methods that only apply to some of the pkey mechanisems */
/* compare parameters, for DSA */
int (*cmp_parameters)( /*EVP_PKEY_CTX*,EVP_PKEY_CTX* */);
/* check whether any of the parameters are missing, for DSA */
int (*missing_parameters)( /* EVP_PKEY_CTX* */);
/* set the save mode for the parameters returning the old mode,
usually null operation for non-DSA */
int (*save_parameters)( /* EVP_PKEY_CTX*, int */);
/* copies DSA params p,q,g */
int (*copy_parameters)( /* EVP_PKEY_CTX *fro, EVP_PKEY_CTX *to */);
} EVP_PKEY;
3. The actual instance of a key will be put into EVP_PKEY_CTX
to be honest I do not quite know what to do with the save_type field.
typedef struct evp_pkey_ctx_st
{
int save_type;
int references;
EVP_PKEY *methods;
union
{
char *ptr;
struct rsa_st *rsa; /* RSA */
struct dsa_st *dsa; /* DSA */
struct dh_st *dh; /* DH */
#ifndef NO_PKCS11
struct pkcs11_st *pkcs11; /* PKCS11 */
#endif
} pkey;
int save_parameters;
#ifdef HEADER_STACK_H
STACK /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */
#else
char /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */
#endif
} EVP_PKEY_CTX;
4. the EVP_MD looses its pkey variants. Something is eiher a message
digest or
a signing mechanism. The EVP_PKEY_MD and EVP_PKEY_MD_CTX will take the
place of
the combinations. Since a null operation for the md as well as for the
pkey
algorithm is possible this should be easily wrappable for backward
compatibility.
The actual structures for both are rather simple.
/* This structure is required to tie the message digest and signing
together.
* The lookup can be done by md/pkey_method, oid, oid/pkey_method, or
* oid, md and pkey.
* This is required because for various smart-card perform the digest
and
* signing/verification on-board. To handle this case, the specific
* EVP_MD and EVP_PKEY_METHODs need to be closely associated.
* When a EVP_PKEY_CTX is created, it will have a EVP_PKEY associated
with it.
* This can either be software or a token to provide the required low
level
* routines.
*/
typedef struct evp_pkey_md_st
{
int oid;
EVP_MD *md;
EVP_PKEY *pkey;
} EVP_PKEY_MD;
typedef struct evp_pkey_md_ctx_st
{
int oid;
EVP_MD_CTX *md_ctx;
EVP_PKEY_CTX *pkey_ctx;
} EVP_PKEY_MD_CTX;
The current state of the evp.h is attached. It still contains a lot of
defines for all kinds
of old stuff and needs to be cleaned up.
I have changed to code for the ciphers to use the new ext form dicussed
earlier. Lacking the
needed understanding of ASN.1 I cannot write the direct ASN.1-to-cipher
method right now though.
mfg lutz
--
*******************************************************************
Lutz Behnke Tel.: 040 / 766 29 1423
TC TrustCenter for Security Fax.: 040 / 766 29 577
in Data Networks GmbH email: [EMAIL PROTECTED]
Am Werder 1
21073 Hamburg, Germany
/* -*- c -*- */
/* crypto/evp/evp.h */
/* Copyright (C) 1995-1998 Eric Young ([EMAIL PROTECTED])
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young ([EMAIL PROTECTED]).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson ([EMAIL PROTECTED]).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young ([EMAIL PROTECTED])"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson ([EMAIL PROTECTED])"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#ifndef HEADER_ENVELOPE_H
#define HEADER_ENVELOPE_H
#ifdef __cplusplus
extern "C" {
#endif
#ifndef NO_MD2
#include "md2.h"
#endif
#ifndef NO_MD5
#include "md5.h"
#endif
#if !defined(NO_SHA) || !defined(NO_SHA1)
#include "sha.h"
#endif
#ifndef NO_RMD160
#include "ripemd.h"
#endif
#ifndef NO_DES
#include "des.h"
#endif
#ifndef NO_RC4
#include "rc4.h"
#endif
#ifndef NO_RC2
#include "rc2.h"
#endif
#ifndef NO_RC5
#include "rc5.h"
#endif
#ifndef NO_BLOWFISH
#include "blowfish.h"
#endif
#ifndef NO_CAST
#include "cast.h"
#endif
#ifndef NO_IDEA
#include "idea.h"
#endif
#ifndef NO_MDC2
#include "mdc2.h"
#endif
#define EVP_RC2_KEY_SIZE 16
#define EVP_RC4_KEY_SIZE 16
#define EVP_BLOWFISH_KEY_SIZE 16
#define EVP_CAST5_KEY_SIZE 16
#define EVP_RC5_32_12_16_KEY_SIZE 16
#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
#define EVP_MAX_KEY_LENGTH 24
#define EVP_MAX_IV_LENGTH 8
/* CIPHER_PARAM types */
typedef struct evp_cipher_param_st {
unsigned long int param_type;
void* param_value;
} EVP_CIPHER_PARAM;
/* uses a unsigned int. */
#define EVP_CP_KEY_BIT_LENGTH 1
#define EVP_CP_NID 2
#ifndef NO_RSA
#include "rsa.h"
#else
#define RSA long
#endif
#ifndef NO_DSA
#include "dsa.h"
#else
#define DSA long
#endif
#ifndef NO_DH
#include "dh.h"
#else
#define DH long
#endif
#define NO_PKCS11
#ifndef NO_PKCS11
/* #include "pkcs11_lib.h" */
#else
#define PKCS11 long
#endif
#include "objects.h"
/* PK: key type
* PKT: key use (operations allowed)
* PKS: signature type
* PKEY: object IDs
*/
#define EVP_PK_RSA 0x0001
#define EVP_PK_DSA 0x0002
#define EVP_PK_DH 0x0004
#define EVP_PKT_SIGN 0x0010
#define EVP_PKT_ENC 0x0020
#define EVP_PKT_EXCH 0x0040
#define EVP_PKS_RSA 0x0100
#define EVP_PKS_DSA 0x0200
#define EVP_PKT_EXP 0x1000 /* Export: <= 512 bit key */
#ifndef NO_PKCS11
#define EVP_PKT_PKCS11 0x2000 /* key is based on a PKCS11 token */
#endif
#define EVP_PKEY_NONE NID_undef
#define EVP_PKEY_RSA NID_rsa
#define EVP_PKEY_RSA2 NID_rsa_raw
#define EVP_PKEY_DSA NID_dsa
#define EVP_PKEY_DH NID_dhKeyAgreement
#define EVP_PKEY_PKCS11 NID_pkcs11_rsa
#define EVP_PKEY_MAX_SUBTYPE 6 /* number of PKEY subtypes+1 */
/* {{{ EVP_PKEY */
/* all methods must be implemented, even if just as
* dummy as in the null-method set. */
typedef struct evp_pkey_st
{
char *name;
int flags;
int alg_type; /* RSA, DSA, an SSLeay specific constant
* describing the underlying mechanism */
int oid; /* For the pub-key type */
int encrypt_oid; /* pub/priv key encryption */
int (*get_NID)(); /* get the NID of the PKEY type */
int (*init)(/* EVP_PKEY_CTX* */);
int (*cleanup)(/* EVP_PKEY_CTX* */);
int (*sign)(/* EVP_PKEY_CTX* */);
int (*verify)(/* EVP_PKEY_CTX* */);
struct
{
int (*set)(); /* get and/or set the underlying type */
int (*get)();
int (*encrypt)(/* EVP_PKEY_CTX* */);
int (*decrypt)(/* EVP_PKEY_CTX* */);
int (*i2d)( /* EVP_PKEY_CTX*, unsigned char **pp */);
/* will set the value _in_ the PKEY struct, not return a new one. */
int (*d2i)( /* EVP_PKEY_CTX*, unsigned char **pp,long length */);
/* will return copy of object or NULL on failure */
struct evp_key_st* (*dup)( /* EVP_PKEY_CTX* orig */ );
} pub,priv;
int (*set_asn1_parameters)(/* EVP_PKEY_CTX*,ASN1_TYPE* */);
int (*get_asn1_parameters)(/* EVP_PKEY_CTX*,ASN1_TYPE* */);
int (*num_bits)( /* EVP_PKEY_CTX* */); /* lenght of key */
int (*size)( /* EVP_PKEY_CTX* */); /* size of key in byte */
/* methods that only apply to some of the pkey mechanisems */
/* compare parameters, for DSA */
int (*cmp_parameters)( /*EVP_PKEY_CTX*,EVP_PKEY_CTX* */);
/* check whether any of the parameters are missing, for DSA */
int (*missing_parameters)( /* EVP_PKEY_CTX* */);
/* set the save mode for the parameters returning the old mode,
usually null operation for non-DSA */
int (*save_parameters)( /* EVP_PKEY_CTX*, int */);
/* copies DSA params p,q,g */
int (*copy_parameters)( /* EVP_PKEY_CTX *fro, EVP_PKEY_CTX *to */);
} EVP_PKEY;
/* }}} */
/* {{{ EVP_PKEY_CTX */
typedef struct evp_pkey_ctx_st
{
int save_type;
int references;
EVP_PKEY *methods;
union
{
char *ptr;
struct rsa_st *rsa; /* RSA */
struct dsa_st *dsa; /* DSA */
struct dh_st *dh; /* DH */
#ifndef NO_PKCS11
struct pkcs11_st *pkcs11; /* PKCS11 */
#endif
} pkey;
int save_parameters;
#ifdef HEADER_STACK_H
STACK /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */
#else
char /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */
#endif
} EVP_PKEY_CTX;
#define EVP_PKEY_MO_SIGN 0x0001
#define EVP_PKEY_MO_VERIFY 0x0002
#define EVP_PKEY_MO_ENCRYPT 0x0004
#define EVP_PKEY_MO_DECRYPT 0x0008
/* }}} */
/* {{{ EVP_MD and EVP_MD_CTX */
#ifndef EVP_MD
typedef struct env_md_st
{
int type;
int md_size;
void (*init)();
void (*update)();
void (*final)();
int block_size;
int ctx_size; /* how big does the ctx need to be */
} EVP_MD;
#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0,0,0}
#ifndef NO_DSA
#define EVP_PKEY_DSA_method DSA_sign,DSA_verify, \
{EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
EVP_PKEY_DSA4,EVP_PKEY_DSA4,0}
#else
#define EVP_PKEY_DSA_method EVP_PKEY_NULL_method
#endif
#ifndef NO_RSA
#define EVP_PKEY_RSA_method RSA_sign,RSA_verify, \
{EVP_PKEY_RSA,EVP_PKEY_RSA2,EVP_PKEY_RSA3,0,0,0}
#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
RSA_sign_ASN1_OCTET_STRING, \
RSA_verify_ASN1_OCTET_STRING, \
{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0,0}
#else
#define EVP_PKEY_RSA_method EVP_PKEY_NULL_method
#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
#endif
#ifndef NO_DH
#define EVP_PKEY_DH_method DH_sign,DH_verify, \
{EVP_PKEY_DH,EVP_PKEY_DH2,0,0,0,0}
#else
#define EVP_PKEY_DH_method EVP_PKEY_NULL_method
#endif
#endif /* !EVP_MD */
typedef struct env_md_ctx_st
{
EVP_MD *digest;
union {
unsigned char base[4];
#ifndef NO_MD2
MD2_CTX md2;
#endif
#ifndef NO_MD5
MD5_CTX md5;
#endif
#ifndef NO_RMD160
RIPEMD160_CTX ripemd160;
#endif
#if !defined(NO_SHA) || !defined(NO_SHA1)
SHA_CTX sha;
#endif
#ifndef NO_MDC2
MDC2_CTX mdc2;
#endif
} md;
} EVP_MD_CTX;
/* }}} */
/* {{{ EVP_PKEY_MD */
/* This structure is required to tie the message digest and signing together.
* The lookup can be done by md/pkey_method, oid, oid/pkey_method, or
* oid, md and pkey.
* This is required because for various smart-card perform the digest and
* signing/verification on-board. To handle this case, the specific
* EVP_MD and EVP_PKEY_METHODs need to be closely associated.
* When a EVP_PKEY_CTX is created, it will have a EVP_PKEY associated with it.
* This can either be software or a token to provide the required low level
* routines.
*/
typedef struct evp_pkey_md_st
{
int oid;
EVP_MD *md;
EVP_PKEY *pkey;
} EVP_PKEY_MD;
typedef struct evp_pkey_md_ctx_st
{
int oid;
EVP_MD_CTX *md_ctx;
EVP_PKEY_CTX *pkey_ctx;
} EVP_PKEY_MD_CTX;
#define EVP_rsa_md2() EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\
EVP_rsa_pkcs1(),EVP_md2())
#define EVP_rsa_md5() EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\
EVP_rsa_pkcs1(),EVP_md5())
#define EVP_rsa_sha0() EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\
EVP_rsa_pkcs1(),EVP_sha())
#define EVP_rsa_sha1() EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\
EVP_rsa_pkcs1(),EVP_sha1())
#define EVP_rsa_ripemd160() EVP_PKEY_MD_add(NID_ripemd160WithRSA,\
EVP_rsa_pkcs1(),EVP_ripemd160())
#define EVP_rsa_mdc2()EVP_PKEY_MD_add(NID_mdc2WithRSA,\
EVP_rsa_octet_string(),EVP_mdc2())
#define EVP_dsa_sha() EVP_PKEY_MD_add(NID_dsaWithSHA,\
EVP_dsa(),EVP_mdc2())
#define EVP_dsa_sha1() EVP_PKEY_MD_add(NID_dsaWithSHA1,\
EVP_dsa(),EVP_sha1())
/* }}} */
/* {{{ CIPHER and CIPHER_CTX */
typedef struct evp_cipher_st
{
int nid;
int block_size;
int key_len;
int iv_len;
void (*init)(); /* init for encryption */
void (*do_cipher)(); /* encrypt data */
void (*cleanup)(); /* used by cipher method */
int ctx_size; /* how big the ctx needs to be */
/* int set_asn1_parameters(EVP_CIPHER_CTX,ASN1_TYPE *); */
int (*set_asn1_parameters)(); /* Populate a ASN1_TYPE with parameters */
/* int get_asn1_parameters(EVP_CIPHER_CTX,ASN1_TYPE *); */
int (*get_asn1_parameters)(); /* Get parameters from a ASN1_TYPE */
} EVP_CIPHER;
typedef struct evp_cipher_info_st
{
EVP_CIPHER *cipher;
unsigned char iv[EVP_MAX_IV_LENGTH];
} EVP_CIPHER_INFO;
#ifndef NO_DES
/*
* Values for EVP_CIPHER_CTX.des_weak_keys. The values matter, see e_cbc_3d.c
* ... [EMAIL PROTECTED] 12 Jun 98
*/
#define EVP_DES_UNKNOWN_WEAK 0 /* Not relevant or not tested */
#define EVP_DES_NONE_WEAK 1 /* None of the DES keys are weak */
#define EVP_DES_SOME_WEAK 2 /* One or more weak DES keys */
#define EVP_DES_ALL_WEAK 3 /* All DES keys are weak */
#endif
typedef struct evp_cipher_ctx_st
{
EVP_CIPHER *cipher;
int encrypt; /* encrypt or decrypt */
int buf_len; /* number we have left */
unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
unsigned char buf[EVP_MAX_IV_LENGTH]; /* saved partial block */
int num; /* used by cfb/ofb mode */
#ifndef NO_DES
int des_weak_keys; /* used by the des modes */
#endif
char *app_data; /* aplication stuff */
union {
#ifndef NO_RC4
struct
{
unsigned char key[EVP_RC4_KEY_SIZE];
RC4_KEY ks; /* working key */
} rc4;
#endif
#ifndef NO_DES
des_key_schedule des_ks;/* key schedule */
struct
{
des_key_schedule ks;/* key schedule */
C_Block inw;
C_Block outw;
} desx_cbc;
struct
{
des_key_schedule ks1;/* key schedule */
des_key_schedule ks2;/* key schedule (for ede) */
des_key_schedule ks3;/* key schedule (for ede3) */
} des_ede;
#endif
#ifndef NO_IDEA
IDEA_KEY_SCHEDULE idea_ks;/* key schedule */
#endif
#ifndef NO_RC2
RC2_KEY rc2_ks;/* key schedule */
#endif
#ifndef NO_RC5
RC5_32_KEY rc5_ks;/* key schedule */
#endif
#ifndef NO_BLOWFISH
BF_KEY bf_ks;/* key schedule */
#endif
#ifndef NO_CAST
CAST_KEY cast_ks;/* key schedule */
#endif
#ifndef NO_PKCS11
CK_SESSION_HANDLE; /* active session */
#endif
} c;
} EVP_CIPHER_CTX;
/* }}} */
/* {{{ EVP_ENCODE_CTX */
typedef struct evp_Encode_Ctx_st
{
int num; /* number saved in a partial encode/decode */
int length; /* The length is either the output line length
* (in input bytes) or the shortest input line
* length that is ok. Once decoding begins,
* the length is adjusted up each time a longer
* line is decoded */
unsigned char enc_data[80]; /* data to encode */
int line_num; /* number read on current line */
int expect_nl;
} EVP_ENCODE_CTX;
/* }}} */
typedef EVP_CIPHER* (*cipher_ext_method)(STACK*);
typedef EVP_CIPHER* (*cipher_method)();
typedef EVP_MD* (*digest_method)();
#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
(char *)(rsa))
#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
(char *)(dsa))
#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
(char *)(dh))
#define EVP_PKEY_assign_PKCS11(pkey,pkcs11) EVP_PKEY_assign((pkey),EVP_PKEY_PKCS11,\
(char *)(pkcs11))
/* {{{ Add some extra combinations */
#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
#define EVP_MD_type(e) ((e)->type)
#define EVP_MD_pkey_type(e) ((e)->pkey_type)
#define EVP_MD_size(e) ((e)->md_size)
#define EVP_MD_block_size(e) ((e)->block_size)
#define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest)
#define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest)
#define EVP_MD_CTX_type(e) ((e)->digest)
#define EVP_CIPHER_nid(e) ((e)->nid)
#define EVP_CIPHER_block_size(e) ((e)->block_size)
#define EVP_CIPHER_key_length(e) ((e)->key_len)
#define EVP_CIPHER_iv_length(e) ((e)->iv_len)
#define EVP_CIPHER_CTX_cipher(e) ((e)->cipher)
#define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid)
#define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size)
#define EVP_CIPHER_CTX_key_length(e) ((e)->cipher->key_len)
#define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len)
#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
#ifndef NO_DES
#define EVP_CIPHER_CTX_weak_des_key(e) ((e)->des_weak_keys)
#endif
#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80)
#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80)
#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
#define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
#define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
#define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
#define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
#define EVP_Cipher(c,o,i,l) (c)->cipher->do_cipher((c),(o),(i),(l))
#define EVP_add_cipher_alias(n,alias) \
OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
#define EVP_add_digest_alias(n,alias) \
OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n))
#define EVP_delete_cipher_alias(alias) \
OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
#define EVP_delete_digest_alias(alias) \
OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
/* }}} */
/* {{{ top level functions */
#ifdef NOPROTO
#define _P(params) ()
#else
#define _P(params) params
#endif /* NOPROTO */
/* BEGIN FUNCTION PROTOTYPES */
/* functions that create the pkey methods */
EVP_PKEY* EVP_rsa_ext _P((STACK* param_list));
EVP_PKEY* EVP_dh_ext _P((STACK* param_list));
EVP_PKEY* EVP_dsa_ext _P((STACK* param_list));
#ifndef NO_PKCS11
/* will take another EVP_PKEY_METHOD as paramter to formulate the proper mechanism */
EVP_PKEY* EVP_pkcs11_ext _P((STACK* param_list));
#endif
int EVP_MD_CTX_copy _P((EVP_MD_CTX *out,EVP_MD_CTX *in));
void EVP_DigestInit _P((EVP_MD_CTX *ctx, EVP_MD *type));
void EVP_DigestUpdate _P((EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt));
void EVP_DigestFinal _P((EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s));
int EVP_read_pw_string _P((char *buf,int length,char *prompt,int verify));
void EVP_set_pw_prompt _P((char *prompt));
char * EVP_get_pw_prompt _P((void));
int EVP_BytesToKey _P((EVP_CIPHER *type,EVP_MD *md,unsigned char *salt,
unsigned char *data, int datal, int count,
unsigned char *key,unsigned char *iv));
EVP_CIPHER *EVP_get_cipherbyname _P((char *name));
void EVP_EncryptInit _P((EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,
unsigned char *key, unsigned char *iv));
void EVP_EncryptUpdate _P((EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, unsigned char *in, int inl));
void EVP_EncryptFinal _P((EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl));
void EVP_DecryptInit _P((EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,
unsigned char *key, unsigned char *iv));
void EVP_DecryptUpdate _P((EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, unsigned char *in, int inl));
int EVP_DecryptFinal _P((EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl));
int EVP_CipherInitExt _P((EVP_CIPHER_CTX *ctx,EVP_CIPHER *type, unsigned char
*key,
int keylen, void *param, int enc));
void EVP_CipherInit _P((EVP_CIPHER_CTX *ctx,EVP_CIPHER *type, unsigned char *key,
unsigned char *iv,int enc));
void EVP_CipherUpdate _P((EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl, unsigned char *in, int inl));
int EVP_CipherFinal _P((EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl));
void EVP_SignInit _P((EVP_PKEY_MD_CTX *ctx, EVP_MD *md_type));
void EVP_SignUpdate _P((EVP_PKEY_MD_CTX *ctx, unsigned char *data,unsigned int
count));
int EVP_SignFinal _P((EVP_PKEY_MD_CTX *ctx,unsigned char *md,unsigned int *s,
EVP_PKEY_CTX *pkey));
void EVP_VerifyInit _P((EVP_PKEY_MD_CTX *ctx, EVP_MD *type));
void EVP_VerifyUpdate _P((EVP_PKEY_MD_CTX *ctx, unsigned char *d,unsigned int cnt));
int EVP_VerifyFinal _P((EVP_PKEY_MD_CTX *ctx,unsigned char *sigbuf,
unsigned int siglen,EVP_PKEY_CTX *pkey));
int EVP_OpenInit _P((EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
int ekl,unsigned char *iv,EVP_PKEY_CTX *priv));
int EVP_OpenFinal _P((EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl));
int EVP_SealInit _P((EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
int *ekl, unsigned char *iv,EVP_PKEY_CTX **pubk, int npubk));
void EVP_SealFinal _P((EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl));
void EVP_EncodeInit _P((EVP_ENCODE_CTX *ctx));
void EVP_EncodeUpdate _P((EVP_ENCODE_CTX *ctx,unsigned char *out,
int *outl,unsigned char *in,int inl));
void EVP_EncodeFinal _P((EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl));
int EVP_EncodeBlock _P((unsigned char *t, unsigned char *f, int n));
void EVP_DecodeInit _P((EVP_ENCODE_CTX *ctx));
int EVP_DecodeUpdate _P((EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
unsigned char *in, int inl));
int EVP_DecodeFinal _P((EVP_ENCODE_CTX *ctx, unsigned
char *out, int *outl));
int EVP_DecodeBlock _P((unsigned char *t, unsigned
char *f, int n));
void ERR_load_EVP_strings _P((void ));
void EVP_CIPHER_CTX_init _P((EVP_CIPHER_CTX *a));
void EVP_CIPHER_CTX_cleanup _P((EVP_CIPHER_CTX *a));
#ifdef HEADER_BIO_H
BIO_METHOD *BIO_f_md _P((void));
BIO_METHOD *BIO_f_base64 _P((void));
BIO_METHOD *BIO_f_cipher _P((void));
void BIO_set_cipher _P((BIO *b,EVP_CIPHER *c,unsigned char *k,
unsigned char *i, int enc));
#endif
EVP_MD *EVP_md_null _P((void));
EVP_MD *EVP_md2 _P((void));
EVP_MD *EVP_md5 _P((void));
EVP_MD *EVP_sha _P((void));
EVP_MD *EVP_sha1 _P((void));
EVP_MD *EVP_dss _P((void));
EVP_MD *EVP_dss1 _P((void));
EVP_MD *EVP_mdc2 _P((void));
EVP_MD *EVP_ripemd160 _P((void));
EVP_CIPHER *EVP_enc_null _P((void)); /* does nothing :-) */
EVP_CIPHER *EVP_des_ecb _P((void));
EVP_CIPHER *EVP_des_ede _P((void));
EVP_CIPHER *EVP_des_ede3 _P((void));
EVP_CIPHER *EVP_des_cfb _P((void));
EVP_CIPHER *EVP_des_ede_cfb _P((void));
EVP_CIPHER *EVP_des_ede3_cfb _P((void));
EVP_CIPHER *EVP_des_ofb _P((void));
EVP_CIPHER *EVP_des_ede_ofb _P((void));
EVP_CIPHER *EVP_des_ede3_ofb _P((void));
EVP_CIPHER *EVP_des_cbc _P((void));
EVP_CIPHER *EVP_des_ede_cbc _P((void));
EVP_CIPHER *EVP_des_ede3_cbc _P((void));
EVP_CIPHER *EVP_desx_cbc _P((void));
EVP_CIPHER *EVP_rc4 _P((void));
EVP_CIPHER *EVP_idea_ecb _P((void));
EVP_CIPHER *EVP_idea_cfb _P((void));
EVP_CIPHER *EVP_idea_ofb _P((void));
EVP_CIPHER *EVP_idea_cbc _P((void));
EVP_CIPHER *EVP_rc2_ecb _P((void));
EVP_CIPHER *EVP_rc2_cbc _P((void));
EVP_CIPHER *EVP_rc2_40_cbc _P((void));
EVP_CIPHER *EVP_rc2_64_cbc _P((void));
EVP_CIPHER *EVP_rc2_cfb _P((void));
EVP_CIPHER *EVP_rc2_ofb _P((void));
EVP_CIPHER *EVP_bf_ecb _P((void));
EVP_CIPHER *EVP_bf_cbc _P((void));
EVP_CIPHER *EVP_bf_cfb _P((void));
EVP_CIPHER *EVP_bf_ofb _P((void));
EVP_CIPHER *EVP_cast5_ecb _P((void));
EVP_CIPHER *EVP_cast5_cbc _P((void));
EVP_CIPHER *EVP_cast5_cfb _P((void));
EVP_CIPHER *EVP_cast5_ofb _P((void));
EVP_CIPHER *EVP_rc5_32_12_16_cbc _P((void));
EVP_CIPHER *EVP_rc5_32_12_16_ecb _P((void));
EVP_CIPHER *EVP_rc5_32_12_16_cfb _P((void));
EVP_CIPHER *EVP_rc5_32_12_16_ofb _P((void));
EVP_CIPHER *EVP_enc_null_ext _P((STACK* param_list)); /* does nothing :-) */
EVP_CIPHER *EVP_des_ecb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_des_ede_ext _P((STACK* param_list));
EVP_CIPHER *EVP_des_ede3_ext _P((STACK* param_list));
EVP_CIPHER *EVP_des_cfb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_des_ede_cfb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_des_ede3_cfb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_des_ofb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_des_ede_ofb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_des_ede3_ofb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_des_cbc_ext _P((STACK* param_list));
EVP_CIPHER *EVP_des_ede_cbc_ext _P((STACK* param_list));
EVP_CIPHER *EVP_des_ede3_cbc_ext _P((STACK* param_list));
EVP_CIPHER *EVP_desx_cbc_ext _P((STACK* param_list));
EVP_CIPHER *EVP_rc4_ext _P((STACK* param_list));
EVP_CIPHER *EVP_idea_ecb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_idea_cfb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_idea_ofb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_idea_cbc_ext _P((STACK* param_list));
EVP_CIPHER *EVP_rc2_ecb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_rc2_cbc_ext _P((STACK* param_list));
EVP_CIPHER *EVP_rc2_cfb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_rc2_ofb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_bf_ecb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_bf_cbc_ext _P((STACK* param_list));
EVP_CIPHER *EVP_bf_cfb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_bf_ofb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_cast5_ecb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_cast5_cbc_ext _P((STACK* param_list));
EVP_CIPHER *EVP_cast5_cfb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_cast5_ofb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_rc5_32_12_16_cbc_ext _P((STACK* param_list));
EVP_CIPHER *EVP_rc5_32_12_16_ecb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_rc5_32_12_16_cfb_ext _P((STACK* param_list));
EVP_CIPHER *EVP_rc5_32_12_16_ofb_ext _P((STACK* param_list));
int EVP_cipher_mem_init _P(());
void EVP_cipher_mem_cleanup _P(());
void EVP_cipher_mem_add _P((void* data));
int EVP_cipher_mem_remove _P((void* data));
void SSLeay_add_all_algorithms _P((void));
void SSLeay_add_all_ciphers _P((void));
void SSLeay_add_all_digests _P((void));
int EVP_add_cipher _P((cipher_method c_meth));
int EVP_add_ext_cipher _P((cipher_ext_method c_meth));
int EVP_add_digest _P((digest_method d_meth));
EVP_CIPHER *EVP_get_cipherbyname _P((char *name));
EVP_MD *EVP_get_digestbyname _P((char *name));
void EVP_cleanup _P((void));
/* ### public/private key methods ### */
int EVP_PKEY_decrypt _P((unsigned char *dec_key,unsigned char *enc_key, \
int enc_key_len,EVP_PKEY_CTX *private_key));
int EVP_PKEY_encrypt _P((unsigned char *enc_key, unsigned char *key, \
int key_len,EVP_PKEY_CTX *pub_key));
int EVP_PKEY_type _P((EVP_PKEY_CTX *pkey));
int EVP_PKEY_bits _P((EVP_PKEY_CTX *pkey));
int EVP_PKEY_size _P((EVP_PKEY_CTX *pkey));
void EVP_PKEY_free _P((EVP_PKEY_CTX *pkey));
EVP_PKEY *d2i_PublicKey _P((int type,EVP_PKEY **a, unsigned char **pp, long length));
int i2d_PublicKey _P((EVP_PKEY *a, unsigned char **pp));
EVP_PKEY *d2i_PrivateKey _P((int type,EVP_PKEY **a, unsigned char **pp, long length));
int i2d_PrivateKey _P((EVP_PKEY *a, unsigned char **pp));
int EVP_PKEY_copy_parameters _P((EVP_PKEY_CTX *to,EVP_PKEY_CTX *from));
int EVP_PKEY_missing_parameters _P((EVP_PKEY_CTX *pkey));
int EVP_PKEY_save_parameters _P((EVP_PKEY_CTX *pkey,int mode));
int EVP_PKEY_cmp_parameters _P((EVP_PKEY_CTX *a,EVP_PKEY_CTX *b));
/* calls methods */
int EVP_CIPHER_param_to_asn1 _P((EVP_CIPHER_CTX *c, ASN1_TYPE *type));
int EVP_CIPHER_asn1_to_param _P((EVP_CIPHER_CTX *c, ASN1_TYPE *type));
/* These are used by EVP_CIPHER methods */
int EVP_CIPHER_set_asn1_iv _P((EVP_CIPHER_CTX *c,ASN1_TYPE *type));
int EVP_CIPHER_get_asn1_iv _P((EVP_CIPHER_CTX *c,ASN1_TYPE *type));
int EVP_PKEY_assign _P((EVP_PKEY_CTX *pkey,EVP_PKEY* pcipher,char *key));
EVP_PKEY *EVP_PKEY_new _P((void));
EVP_PKEY *EVP_null_pcipher _P((STACK* param_list));
EVP_PKEY *EVP_pkcs11_pcipher _P((STACK* param_list));
EVP_PKEY *EVP_rsa_pcipher _P((STACK* param_list));
/* END FUNCION PROTOTYPES */
/* }}} */
/* {{{ ERROR CODES */
/* BEGIN ERROR CODES */
/* Error codes for the EVP functions. */
/* Function codes. */
#define EVP_F_D2I_PKEY 100
#define EVP_F_EVP_DECRYPTFINAL 101
#define EVP_F_EVP_OPENINIT 102
#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
#define EVP_F_EVP_PKEY_DECRYPT 104
#define EVP_F_EVP_PKEY_ENCRYPT 105
#define EVP_F_EVP_PKEY_NEW 106
#define EVP_F_EVP_SIGNFINAL 107
#define EVP_F_EVP_VERIFYFINAL 108
#define EVP_F_RC2_MAGIC_TO_METH 109
#define EVP_F_EVP_MD_CTX_COPY 110
/* Reason codes. */
#define EVP_R_BAD_DECRYPT 100
#define EVP_R_DIFFERENT_KEY_TYPES 101
#define EVP_R_IV_TOO_LARGE 102
#define EVP_R_MISSING_PARMATERS 103
#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
#define EVP_R_PUBLIC_KEY_NOT_RSA 106
#define EVP_R_UNSUPPORTED_CIPHER 107
#define EVP_R_UNSUPPORTED_KEY_SIZE 108
#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110
#define EVP_R_INPUT_NOT_INITALISED 111
/* }}} */
#ifdef __cplusplus
}
#endif
#endif
S/MIME Cryptographic Signature
