#include "buffer.h"#include <openssl/rsa.h>#include <openssl/ssl.h>#include <openssl/x509.h>#include <openssl/err.h>
Go to the source code of this file.
Macros | |
| #define | SSL_CTX_set1_groups SSL_CTX_set1_curves |
| #define | EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG |
| #define | EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG |
| #define | RSA_F_RSA_OSSL_PRIVATE_ENCRYPT RSA_F_RSA_EAY_PRIVATE_ENCRYPT |
| #define | SSL_get_peer_tmp_key SSL_get_server_tmp_key |
| #define | EVP_CIPHER_CTX_reset EVP_CIPHER_CTX_init |
| #define | X509_get0_notBefore X509_get_notBefore |
| #define | X509_get0_notAfter X509_get_notAfter |
| #define | OPENSSL_VERSION SSLEAY_VERSION |
| #define | OpenSSL_version SSLeay_version |
| #define | EVP_MD_get0_name EVP_MD_name |
| #define | EVP_CIPHER_get0_name EVP_CIPHER_name |
| #define | EVP_CIPHER_CTX_get_mode EVP_CIPHER_CTX_mode |
| #define | SSL_CTX_new_ex(libctx, propq, method) SSL_CTX_new((method)) |
| Reduce SSL_CTX_new_ex() to SSL_CTX_new() for OpenSSL < 3. More... | |
Typedefs | |
| typedef void | OSSL_LIB_CTX |
| typedef void | OSSL_PROVIDER |
Functions | |
| static void | X509_OBJECT_free (X509_OBJECT *obj) |
| Destroy a X509 object. More... | |
| static int | EVP_MD_CTX_reset (EVP_MD_CTX *ctx) |
| Reset a message digest context. More... | |
| static void | EVP_MD_CTX_free (EVP_MD_CTX *ctx) |
| Free an existing message digest context. More... | |
| static EVP_MD_CTX * | EVP_MD_CTX_new (void) |
| Allocate a new message digest object. More... | |
| static int | HMAC_CTX_reset (HMAC_CTX *ctx) |
| Reset a HMAC context. More... | |
| static void | HMAC_CTX_free (HMAC_CTX *ctx) |
| Cleanup and free an existing HMAC context. More... | |
| static HMAC_CTX * | HMAC_CTX_new (void) |
| Allocate a new HMAC context object. More... | |
| static void * | SSL_CTX_get_default_passwd_cb_userdata (SSL_CTX *ctx) |
| Fetch the default password callback user data from the SSL context. More... | |
| static pem_password_cb * | SSL_CTX_get_default_passwd_cb (SSL_CTX *ctx) |
| Fetch the default password callback from the SSL context. More... | |
| static EVP_PKEY * | X509_get0_pubkey (const X509 *x) |
| Get the public key from a X509 certificate. More... | |
| static | STACK_OF (X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *store) |
| Fetch the X509 object stack from the X509 store. More... | |
| static int | X509_OBJECT_get_type (const X509_OBJECT *obj) |
| Get the type of an X509 object. More... | |
| static RSA * | EVP_PKEY_get0_RSA (EVP_PKEY *pkey) |
| Get the RSA object of a public key. More... | |
| static EC_KEY * | EVP_PKEY_get0_EC_KEY (EVP_PKEY *pkey) |
| Get the EC_KEY object of a public key. More... | |
| static DSA * | EVP_PKEY_get0_DSA (EVP_PKEY *pkey) |
| Get the DSA object of a public key. More... | |
| static void | RSA_set_flags (RSA *rsa, int flags) |
| Set the RSA flags. More... | |
| static void | RSA_get0_key (const RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) |
| Get the RSA parameters. More... | |
| static int | RSA_set0_key (RSA *rsa, BIGNUM *n, BIGNUM *e, BIGNUM *d) |
| Set the RSA parameters. More... | |
| static int | RSA_bits (const RSA *rsa) |
| Number of significant RSA bits. More... | |
| static void | DSA_get0_pqg (const DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) |
| Get the DSA parameters. More... | |
| static int | DSA_bits (const DSA *dsa) |
| Number of significant DSA bits. More... | |
| static RSA_METHOD * | RSA_meth_new (const char *name, int flags) |
| Allocate a new RSA method object. More... | |
| static void | RSA_meth_free (RSA_METHOD *meth) |
| Free an existing RSA_METHOD object. More... | |
| static int | RSA_meth_set_pub_enc (RSA_METHOD *meth, int(*pub_enc)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)) |
| Set the public encoding function of an RSA_METHOD object. More... | |
| static int | RSA_meth_set_pub_dec (RSA_METHOD *meth, int(*pub_dec)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)) |
| Set the public decoding function of an RSA_METHOD object. More... | |
| static int | RSA_meth_set_priv_enc (RSA_METHOD *meth, int(*priv_enc)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)) |
| Set the private encoding function of an RSA_METHOD object. More... | |
| static int | RSA_meth_set_priv_dec (RSA_METHOD *meth, int(*priv_dec)(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)) |
| Set the private decoding function of an RSA_METHOD object. More... | |
| static int | RSA_meth_set_init (RSA_METHOD *meth, int(*init)(RSA *rsa)) |
| Set the init function of an RSA_METHOD object. More... | |
| static int | RSA_meth_set_sign (RSA_METHOD *meth, int(*sign)(int type, const unsigned char *m, unsigned int m_length, unsigned char *sigret, unsigned int *siglen, const RSA *rsa)) |
| Set the sign function of an RSA_METHOD object. More... | |
| static int | RSA_meth_set_finish (RSA_METHOD *meth, int(*finish)(RSA *rsa)) |
| Set the finish function of an RSA_METHOD object. More... | |
| static int | RSA_meth_set0_app_data (RSA_METHOD *meth, void *app_data) |
| Set the application data of an RSA_METHOD object. More... | |
| static void * | RSA_meth_get0_app_data (const RSA_METHOD *meth) |
| Get the application data of an RSA_METHOD object. More... | |
| static int | EC_GROUP_order_bits (const EC_GROUP *group) |
| Gets the number of bits of the order of an EC_GROUP. More... | |
| static int | SSL_CTX_get_min_proto_version (SSL_CTX *ctx) |
| Return the min SSL protocol version currently enabled in the context. More... | |
| static int | SSL_CTX_get_max_proto_version (SSL_CTX *ctx) |
| Return the max SSL protocol version currently enabled in the context. More... | |
| static int | SSL_CTX_set_min_proto_version (SSL_CTX *ctx, long tls_ver_min) |
| Mimics SSL_CTX_set_min_proto_version for OpenSSL < 1.1. More... | |
| static int | SSL_CTX_set_max_proto_version (SSL_CTX *ctx, long tls_ver_max) |
| Mimics SSL_CTX_set_max_proto_version for OpenSSL < 1.1. More... | |
| static int | EVP_PKEY_get_group_name (EVP_PKEY *pkey, char *gname, size_t gname_sz, size_t *gname_len) |
| static const EVP_CIPHER * | EVP_CIPHER_fetch (void *ctx, const char *algorithm, const char *properties) |
| static const EVP_MD * | EVP_MD_fetch (void *ctx, const char *algorithm, const char *properties) |
| static void | EVP_CIPHER_free (const EVP_CIPHER *cipher) |
| static void | EVP_MD_free (const EVP_MD *md) |
| static unsigned long | ERR_get_error_all (const char **file, int *line, const char **func, const char **data, int *flags) |
Macro Definition Documentation
◆ EVP_CIPHER_CTX_get_mode
| #define EVP_CIPHER_CTX_get_mode EVP_CIPHER_CTX_mode |
Definition at line 767 of file openssl_compat.h.
◆ EVP_CIPHER_CTX_reset
| #define EVP_CIPHER_CTX_reset EVP_CIPHER_CTX_init |
Definition at line 121 of file openssl_compat.h.
◆ EVP_CIPHER_get0_name
| #define EVP_CIPHER_get0_name EVP_CIPHER_name |
Definition at line 766 of file openssl_compat.h.
◆ EVP_CTRL_AEAD_GET_TAG
| #define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG |
Definition at line 71 of file openssl_compat.h.
◆ EVP_CTRL_AEAD_SET_TAG
| #define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG |
Definition at line 70 of file openssl_compat.h.
◆ EVP_MD_get0_name
| #define EVP_MD_get0_name EVP_MD_name |
Definition at line 765 of file openssl_compat.h.
◆ OPENSSL_VERSION
| #define OPENSSL_VERSION SSLEAY_VERSION |
Definition at line 627 of file openssl_compat.h.
◆ OpenSSL_version
| #define OpenSSL_version SSLeay_version |
Definition at line 628 of file openssl_compat.h.
◆ RSA_F_RSA_OSSL_PRIVATE_ENCRYPT
| #define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT RSA_F_RSA_EAY_PRIVATE_ENCRYPT |
Definition at line 75 of file openssl_compat.h.
◆ SSL_CTX_new_ex
| #define SSL_CTX_new_ex | ( | libctx, | |
| propq, | |||
| method | |||
| ) | SSL_CTX_new((method)) |
Reduce SSL_CTX_new_ex() to SSL_CTX_new() for OpenSSL < 3.
Definition at line 770 of file openssl_compat.h.
◆ SSL_CTX_set1_groups
| #define SSL_CTX_set1_groups SSL_CTX_set1_curves |
Definition at line 50 of file openssl_compat.h.
◆ SSL_get_peer_tmp_key
| #define SSL_get_peer_tmp_key SSL_get_server_tmp_key |
Definition at line 79 of file openssl_compat.h.
◆ X509_get0_notAfter
| #define X509_get0_notAfter X509_get_notAfter |
Definition at line 123 of file openssl_compat.h.
◆ X509_get0_notBefore
| #define X509_get0_notBefore X509_get_notBefore |
Definition at line 122 of file openssl_compat.h.
Typedef Documentation
◆ OSSL_LIB_CTX
| typedef void OSSL_LIB_CTX |
Definition at line 774 of file openssl_compat.h.
◆ OSSL_PROVIDER
| typedef void OSSL_PROVIDER |
Definition at line 775 of file openssl_compat.h.
Function Documentation
◆ DSA_bits()
|
inlinestatic |
Number of significant DSA bits.
- Parameters
-
rsa The DSA object ; shall not be NULL
- Returns
- The number of DSA bits or 0 on error
Definition at line 396 of file openssl_compat.h.
References DSA_get0_pqg().
◆ DSA_get0_pqg()
|
inlinestatic |
Get the DSA parameters.
- Parameters
-
dsa The DSA object p The pparameterq The qparameterg The gparameter
Definition at line 372 of file openssl_compat.h.
Referenced by DSA_bits().
◆ EC_GROUP_order_bits()
|
inlinestatic |
Gets the number of bits of the order of an EC_GROUP.
- Parameters
-
group EC_GROUP object
- Returns
- number of bits of group order.
Definition at line 617 of file openssl_compat.h.
◆ ERR_get_error_all()
|
inlinestatic |
Definition at line 808 of file openssl_compat.h.
Referenced by crypto_print_openssl_errors().
◆ EVP_CIPHER_fetch()
|
inlinestatic |
Definition at line 780 of file openssl_compat.h.
References ASSERT.
Referenced by cipher_get(), and cipher_kt_block_size().
◆ EVP_CIPHER_free()
|
inlinestatic |
Definition at line 796 of file openssl_compat.h.
Referenced by cipher_ctx_init(), cipher_kt_block_size(), cipher_kt_insecure(), cipher_kt_iv_size(), cipher_kt_key_size(), cipher_kt_mode_aead(), cipher_kt_mode_cbc(), cipher_kt_mode_ofb_cfb(), cipher_kt_name(), and cipher_valid_reason().
◆ EVP_MD_CTX_free()
|
inlinestatic |
Free an existing message digest context.
- Parameters
-
ctx The message digest context
Definition at line 103 of file openssl_compat.h.
Referenced by md_ctx_free(), and tls1_P_hash().
◆ EVP_MD_CTX_new()
|
inlinestatic |
Allocate a new message digest object.
- Returns
- A zero'ed message digest object
Definition at line 114 of file openssl_compat.h.
References ALLOC_OBJ_CLEAR.
Referenced by md_ctx_new().
◆ EVP_MD_CTX_reset()
|
inlinestatic |
Reset a message digest context.
- Parameters
-
ctx The message digest context
- Returns
- 1 on success, 0 on error
Definition at line 91 of file openssl_compat.h.
Referenced by md_ctx_cleanup().
◆ EVP_MD_fetch()
|
inlinestatic |
Definition at line 788 of file openssl_compat.h.
References ASSERT.
Referenced by md_get(), and md_valid().
◆ EVP_MD_free()
|
inlinestatic |
Definition at line 802 of file openssl_compat.h.
Referenced by md_ctx_init(), md_full(), md_kt_name(), md_kt_size(), and md_valid().
◆ EVP_PKEY_get0_DSA()
|
inlinestatic |
Get the DSA object of a public key.
- Parameters
-
pkey Public key object
- Returns
- The underlying DSA object
Definition at line 266 of file openssl_compat.h.
◆ EVP_PKEY_get0_EC_KEY()
|
inlinestatic |
Get the EC_KEY object of a public key.
- Parameters
-
pkey Public key object
- Returns
- The underlying EC_KEY object
Definition at line 253 of file openssl_compat.h.
Referenced by EVP_PKEY_get_group_name().
◆ EVP_PKEY_get0_RSA()
|
inlinestatic |
Get the RSA object of a public key.
- Parameters
-
pkey Public key object
- Returns
- The underlying RSA object
Definition at line 241 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
◆ EVP_PKEY_get_group_name()
|
inlinestatic |
Definition at line 735 of file openssl_compat.h.
References EVP_PKEY_get0_EC_KEY(), and strncpynt().
Referenced by print_pkey_details().
◆ HMAC_CTX_free()
|
inlinestatic |
Cleanup and free an existing HMAC context.
- Parameters
-
ctx The HMAC context
Definition at line 154 of file openssl_compat.h.
Referenced by hmac_ctx_free().
◆ HMAC_CTX_new()
|
inlinestatic |
Allocate a new HMAC context object.
- Returns
- A zero'ed HMAC context object
Definition at line 166 of file openssl_compat.h.
References ALLOC_OBJ_CLEAR.
Referenced by hmac_ctx_new().
◆ HMAC_CTX_reset()
|
inlinestatic |
Reset a HMAC context.
OpenSSL 1.1+ removes APIs HMAC_CTX_init() and HMAC_CTX_cleanup() and replace them with a single call that does a cleanup followed by an init. A proper _reset() for OpenSSL < 1.1 should perform a similar set of operations.
It means that before we kill a HMAC context, we'll have to cleanup again, as we probably have allocated a few resources when we forced an init.
- Parameters
-
ctx The HMAC context
- Returns
- 1 on success, 0 on error
Definition at line 141 of file openssl_compat.h.
Referenced by hmac_ctx_cleanup(), and hmac_ctx_init().
◆ RSA_bits()
|
inlinestatic |
Number of significant RSA bits.
- Parameters
-
rsa The RSA object ; shall not be NULL
- Returns
- The number of RSA bits or 0 on error
Definition at line 356 of file openssl_compat.h.
References RSA_get0_key().
◆ RSA_get0_key()
|
inlinestatic |
Get the RSA parameters.
- Parameters
-
rsa The RSA object n The nparametere The eparameterd The dparameter
Definition at line 295 of file openssl_compat.h.
Referenced by RSA_bits(), and tls_ctx_use_external_rsa_key().
◆ RSA_meth_free()
|
inlinestatic |
Free an existing RSA_METHOD object.
- Parameters
-
meth The RSA_METHOD object
Definition at line 426 of file openssl_compat.h.
Referenced by openvpn_extkey_rsa_finish(), and tls_ctx_use_external_rsa_key().
◆ RSA_meth_get0_app_data()
|
inlinestatic |
Get the application data of an RSA_METHOD object.
- Parameters
-
meth The RSA_METHOD object
- Returns
- pointer to application data, may be NULL
Definition at line 605 of file openssl_compat.h.
◆ RSA_meth_new()
|
inlinestatic |
Allocate a new RSA method object.
- Parameters
-
name The object name flags Configuration flags
- Returns
- A new RSA method object
Definition at line 411 of file openssl_compat.h.
References ALLOC_OBJ_CLEAR, and string_alloc().
Referenced by tls_ctx_use_external_rsa_key().
◆ RSA_meth_set0_app_data()
|
inlinestatic |
Set the application data of an RSA_METHOD object.
- Parameters
-
meth The RSA_METHOD object app_data Application data
- Returns
- 1 on success, 0 on error
Definition at line 588 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
◆ RSA_meth_set_finish()
|
inlinestatic |
Set the finish function of an RSA_METHOD object.
- Parameters
-
meth The RSA_METHOD object finish the finish function
- Returns
- 1 on success, 0 on error
Definition at line 570 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
◆ RSA_meth_set_init()
|
inlinestatic |
Set the init function of an RSA_METHOD object.
- Parameters
-
meth The RSA_METHOD object init the init function
- Returns
- 1 on success, 0 on error
Definition at line 533 of file openssl_compat.h.
References init().
Referenced by tls_ctx_use_external_rsa_key().
◆ RSA_meth_set_priv_dec()
|
inlinestatic |
Set the private decoding function of an RSA_METHOD object.
- Parameters
-
meth The RSA_METHOD object priv_dec the private decoding function
- Returns
- 1 on success, 0 on error
Definition at line 512 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
◆ RSA_meth_set_priv_enc()
|
inlinestatic |
Set the private encoding function of an RSA_METHOD object.
- Parameters
-
meth The RSA_METHOD object priv_enc the private encoding function
- Returns
- 1 on success, 0 on error
Definition at line 491 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
◆ RSA_meth_set_pub_dec()
|
inlinestatic |
Set the public decoding function of an RSA_METHOD object.
- Parameters
-
meth The RSA_METHOD object pub_dec the public decoding function
- Returns
- 1 on success, 0 on error
Definition at line 470 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
◆ RSA_meth_set_pub_enc()
|
inlinestatic |
Set the public encoding function of an RSA_METHOD object.
- Parameters
-
meth The RSA_METHOD object pub_enc the public encoding function
- Returns
- 1 on success, 0 on error
Definition at line 449 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
◆ RSA_meth_set_sign()
|
inlinestatic |
Set the sign function of an RSA_METHOD object.
- Parameters
-
meth The RSA_METHOD object sign The sign function
- Returns
- 1 on success, 0 on error
Definition at line 552 of file openssl_compat.h.
◆ RSA_set0_key()
|
inlinestatic |
Set the RSA parameters.
- Parameters
-
rsa The RSA object n The nparametere The eparameterd The dparameter
- Returns
- 1 on success, 0 on error
Definition at line 322 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
◆ RSA_set_flags()
|
inlinestatic |
Set the RSA flags.
- Parameters
-
rsa The RSA object flags New flags value
Definition at line 278 of file openssl_compat.h.
Referenced by tls_ctx_use_external_rsa_key().
◆ SSL_CTX_get_default_passwd_cb()
|
inlinestatic |
Fetch the default password callback from the SSL context.
- Parameters
-
ctx SSL context
- Returns
- The password callback
Definition at line 192 of file openssl_compat.h.
Referenced by tls_ctx_load_cert_file(), and tls_ctx_load_priv_file().
◆ SSL_CTX_get_default_passwd_cb_userdata()
|
inlinestatic |
Fetch the default password callback user data from the SSL context.
- Parameters
-
ctx SSL context
- Returns
- The password callback user data
Definition at line 180 of file openssl_compat.h.
Referenced by tls_ctx_load_cert_file(), and tls_ctx_load_priv_file().
◆ SSL_CTX_get_max_proto_version()
|
inlinestatic |
Return the max SSL protocol version currently enabled in the context.
If no valid version >= TLS1.0 is found, return 0.
Definition at line 654 of file openssl_compat.h.
◆ SSL_CTX_get_min_proto_version()
|
inlinestatic |
Return the min SSL protocol version currently enabled in the context.
If no valid version >= TLS1.0 is found, return 0.
Definition at line 633 of file openssl_compat.h.
Referenced by tls_ctx_set_tls_versions().
◆ SSL_CTX_set_max_proto_version()
|
inlinestatic |
Mimics SSL_CTX_set_max_proto_version for OpenSSL < 1.1.
Definition at line 701 of file openssl_compat.h.
Referenced by show_available_tls_ciphers_list(), and tls_ctx_set_tls_versions().
◆ SSL_CTX_set_min_proto_version()
|
inlinestatic |
Mimics SSL_CTX_set_min_proto_version for OpenSSL < 1.1.
Definition at line 674 of file openssl_compat.h.
Referenced by show_available_tls_ciphers_list(), and tls_ctx_set_tls_versions().
◆ STACK_OF()
|
inlinestatic |
Fetch the X509 object stack from the X509 store.
- Parameters
-
store X509 object store
- Returns
- the X509 object stack
Definition at line 216 of file openssl_compat.h.
Referenced by backend_tls_ctx_reload_crl(), show_available_tls_ciphers_list(), tls_ctx_load_ca(), tls_ctx_load_pkcs12(), and tls_verify_crl_missing().
◆ X509_get0_pubkey()
|
inlinestatic |
Get the public key from a X509 certificate.
- Parameters
-
x X509 certificate
- Returns
- The certificate public key
Definition at line 204 of file openssl_compat.h.
Referenced by test_tls_ctx_use_pkcs11(), and tls_ctx_use_management_external_key().
◆ X509_OBJECT_free()
|
inlinestatic |
Destroy a X509 object.
- Parameters
-
obj X509 object
Definition at line 61 of file openssl_compat.h.
Referenced by backend_tls_ctx_reload_crl().
◆ X509_OBJECT_get_type()
|
inlinestatic |
Get the type of an X509 object.
- Parameters
-
obj X509 object
- Returns
- The underlying object type
Definition at line 229 of file openssl_compat.h.
Referenced by backend_tls_ctx_reload_crl(), and tls_verify_crl_missing().
