sara matheu
/
CyaSSL
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Fork of
CyaSSL
by 
Todd Ouska
Embed:
(wiki syntax)
Show/hide line numbers
ssl.h
00001 /* ssl.h 00002 * 00003 * Copyright (C) 2006-2009 Sawtooth Consulting Ltd. 00004 * 00005 * This file is part of CyaSSL. 00006 * 00007 * CyaSSL is free software; you can redistribute it and/or modify 00008 * it under the terms of the GNU General Public License as published by 00009 * the Free Software Foundation; either version 2 of the License, or 00010 * (at your option) any later version. 00011 * 00012 * CyaSSL is distributed in the hope that it will be useful, 00013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00015 * GNU General Public License for more details. 00016 * 00017 * You should have received a copy of the GNU General Public License 00018 * along with this program; if not, write to the Free Software 00019 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA 00020 */ 00021 00022 00023 /* ssl.h defines openssl compatibility layer 00024 * 00025 */ 00026 00027 00028 00029 #ifndef CYASSL_OPENSSL_H_ 00030 #define CYASSL_OPENSSL_H_ 00031 00032 #include "os_settings.h" /* for users not using preprocessor flags */ 00033 00034 #ifndef NO_FILESYTEM 00035 #include <stdio.h> /* ERR_print fp */ 00036 #endif 00037 00038 #ifdef YASSL_PREFIX 00039 #include "prefix_ssl.h" 00040 #endif 00041 00042 #undef X509_NAME /* wincrypt.h clash */ 00043 00044 #ifdef __cplusplus 00045 extern "C" { 00046 #endif 00047 00048 00049 00050 typedef struct SSL SSL; 00051 typedef struct SSL_SESSION SSL_SESSION; 00052 typedef struct SSL_METHOD SSL_METHOD; 00053 typedef struct SSL_CTX SSL_CTX; 00054 00055 typedef struct X509 X509; 00056 typedef struct X509_NAME X509_NAME; 00057 typedef struct X509_CHAIN X509_CHAIN; 00058 00059 00060 /* redeclare guard */ 00061 #define SSL_TYPES_DEFINED 00062 00063 00064 00065 00066 typedef struct EVP_PKEY EVP_PKEY; 00067 typedef struct RSA RSA; 00068 typedef struct BIO BIO; 00069 typedef struct BIO_METHOD BIO_METHOD; 00070 typedef struct SSL_CIPHER SSL_CIPHER; 00071 typedef struct X509_LOOKUP X509_LOOKUP; 00072 typedef struct X509_LOOKUP_METHOD X509_LOOKUP_METHOD; 00073 typedef struct X509_CRL X509_CRL; 00074 typedef struct X509_EXTENSION X509_EXTENSION; 00075 typedef struct ASN1_TIME ASN1_TIME; 00076 typedef struct ASN1_INTEGER ASN1_INTEGER; 00077 typedef struct ASN1_OBJECT ASN1_OBJECT; 00078 typedef struct ASN1_STRING ASN1_STRING; 00079 typedef struct CRYPTO_dynlock_value CRYPTO_dynlock_value; 00080 00081 #define ASN1_UTCTIME ASN1_TIME 00082 00083 typedef struct MD4_CTX { 00084 int buffer[32]; /* big enough to hold, check size in Init */ 00085 } MD4_CTX; 00086 00087 00088 typedef struct COMP_METHOD { 00089 int type; /* stunnel dereference */ 00090 } COMP_METHOD; 00091 00092 00093 typedef struct X509_STORE { 00094 int cache; /* stunnel dereference */ 00095 } X509_STORE; 00096 00097 00098 typedef struct X509_REVOKED { 00099 ASN1_INTEGER* serialNumber; /* stunnel dereference */ 00100 } X509_REVOKED; 00101 00102 00103 typedef struct X509_OBJECT { 00104 union { 00105 char* ptr; 00106 X509_CRL* crl; /* stunnel dereference */ 00107 } data; 00108 } X509_OBJECT; 00109 00110 00111 /* in cyassl_int.h too, change there !! */ 00112 typedef struct X509_STORE_CTX { 00113 int error; 00114 int error_depth; 00115 X509* current_cert; /* stunnel dereference */ 00116 char* domain; /* subject CN domain name */ 00117 /* in cyassl_int.h too, change there !! */ 00118 } X509_STORE_CTX; 00119 00120 00121 SSL_METHOD *SSLv3_server_method(void); 00122 SSL_METHOD *SSLv3_client_method(void); 00123 SSL_METHOD *TLSv1_server_method(void); 00124 SSL_METHOD *TLSv1_client_method(void); 00125 SSL_METHOD *TLSv1_1_server_method(void); 00126 SSL_METHOD *TLSv1_1_client_method(void); 00127 SSL_METHOD *TLSv1_2_server_method(void); 00128 SSL_METHOD *TLSv1_2_client_method(void); 00129 00130 #ifdef CYASSL_DTLS 00131 SSL_METHOD *DTLSv1_client_method(void); 00132 SSL_METHOD *DTLSv1_server_method(void); 00133 #endif 00134 00135 #ifndef NO_FILESYSTEM 00136 00137 int SSL_CTX_use_certificate_file(SSL_CTX*, const char*, int); 00138 int SSL_CTX_use_PrivateKey_file(SSL_CTX*, const char*, int); 00139 int SSL_CTX_load_verify_locations(SSL_CTX*, const char*, const char*); 00140 int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); 00141 int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX*, const char*, int); 00142 00143 #ifdef CYASSL_DER_LOAD 00144 int CyaSSL_CTX_load_verify_locations(SSL_CTX*, const char*, int); 00145 #endif 00146 00147 #ifdef HAVE_NTRU 00148 int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); /* load NTRU 00149 private key blob */ 00150 #endif 00151 00152 int CyaSSL_PemCertToDer(const char*, unsigned char*, int); 00153 00154 #endif /* NO_FILESYSTEM */ 00155 00156 SSL_CTX* SSL_CTX_new(SSL_METHOD*); 00157 SSL* SSL_new(SSL_CTX*); 00158 int SSL_set_fd (SSL*, int); 00159 int SSL_get_fd(const SSL*); 00160 int SSL_connect(SSL*); /* please see note at top of README 00161 if you get an error from connect */ 00162 int SSL_write(SSL*, const void*, int); 00163 int SSL_read(SSL*, void*, int); 00164 int SSL_accept(SSL*); 00165 void SSL_CTX_free(SSL_CTX*); 00166 void SSL_free(SSL*); 00167 int SSL_shutdown(SSL*); 00168 00169 void SSL_CTX_set_quiet_shutdown(SSL_CTX*, int); 00170 00171 int SSL_get_error(SSL*, int); 00172 00173 int SSL_set_session(SSL *ssl, SSL_SESSION *session); 00174 SSL_SESSION* SSL_get_session(SSL* ssl); 00175 void SSL_flush_sessions(SSL_CTX *ctx, long tm); 00176 00177 00178 typedef int (*VerifyCallback)(int, X509_STORE_CTX*); 00179 typedef int (*pem_password_cb)(char*, int, int, void*); 00180 00181 void SSL_CTX_set_verify(SSL_CTX*, int, VerifyCallback verify_callback); 00182 00183 00184 int SSL_pending(SSL*); 00185 00186 00187 void SSL_load_error_strings(void); 00188 int SSL_library_init(void); 00189 long SSL_CTX_set_session_cache_mode(SSL_CTX*, long); 00190 00191 /* only supports full name from cipher_name[] delimited by : */ 00192 int SSL_CTX_set_cipher_list(SSL_CTX*, const char*); 00193 00194 char* ERR_error_string(unsigned long,char*); 00195 void ERR_error_string_n(unsigned long e, char *buf, size_t len); 00196 00197 00198 /* extras */ 00199 00200 #define STACK_OF(x) x 00201 00202 int SSL_set_ex_data(SSL*, int, void*); 00203 int SSL_get_shutdown(const SSL*); 00204 int SSL_set_rfd(SSL*, int); 00205 int SSL_set_wfd(SSL*, int); 00206 void SSL_set_shutdown(SSL*, int); 00207 int SSL_set_session_id_context(SSL*, const unsigned char*, unsigned int); 00208 void SSL_set_connect_state(SSL*); 00209 void SSL_set_accept_state(SSL*); 00210 int SSL_session_reused(SSL*); 00211 void SSL_SESSION_free(SSL_SESSION* session); 00212 00213 const char* SSL_get_version(SSL*); 00214 SSL_CIPHER* SSL_get_current_cipher(SSL*); 00215 char* SSL_CIPHER_description(SSL_CIPHER*, char*, int); 00216 const char* SSL_CIPHER_get_name(const SSL_CIPHER* cipher); 00217 SSL_SESSION* SSL_get1_session(SSL* ssl); /* what's ref count */ 00218 00219 void X509_free(X509*); 00220 void OPENSSL_free(void*); 00221 00222 int OCSP_parse_url(char* url, char** host, char** port, char** path, int* ssl); 00223 00224 SSL_METHOD* SSLv23_client_method(void); 00225 SSL_METHOD* SSLv2_client_method(void); 00226 SSL_METHOD* SSLv2_server_method(void); 00227 00228 void MD4_Init(MD4_CTX*); 00229 void MD4_Update(MD4_CTX*, const void*, size_t); 00230 void MD4_Final(unsigned char*, MD4_CTX*); 00231 00232 BIO* BIO_new(BIO_METHOD*); 00233 int BIO_free(BIO*); 00234 int BIO_free_all(BIO*); 00235 int BIO_read(BIO*, void*, int); 00236 int BIO_write(BIO*, const void*, int); 00237 BIO* BIO_push(BIO*, BIO* append); 00238 BIO* BIO_pop(BIO*); 00239 int BIO_flush(BIO*); 00240 int BIO_pending(BIO*); 00241 00242 BIO_METHOD* BIO_f_buffer(void); 00243 long BIO_set_write_buffer_size(BIO*, long size); 00244 BIO_METHOD* BIO_f_ssl(void); 00245 BIO* BIO_new_socket(int sfd, int flag); 00246 void SSL_set_bio(SSL*, BIO* rd, BIO* wr); 00247 int BIO_eof(BIO*); 00248 long BIO_set_ssl(BIO*, SSL*, int flag); 00249 00250 BIO_METHOD* BIO_s_mem(void); 00251 BIO_METHOD* BIO_f_base64(void); 00252 void BIO_set_flags(BIO*, int); 00253 00254 void OpenSSL_add_all_algorithms(void); 00255 int SSLeay_add_ssl_algorithms(void); 00256 int SSLeay_add_all_algorithms(void); 00257 00258 void RAND_screen(void); 00259 const char* RAND_file_name(char*, size_t); 00260 int RAND_write_file(const char*); 00261 int RAND_load_file(const char*, long); 00262 int RAND_egd(const char*); 00263 00264 COMP_METHOD* COMP_zlib(void); 00265 COMP_METHOD* COMP_rle(void); 00266 int SSL_COMP_add_compression_method(int, void*); 00267 00268 int SSL_get_ex_new_index(long, void*, void*, void*, void*); 00269 00270 void CRYPTO_set_id_callback(unsigned long (*f)(void)); 00271 void CRYPTO_set_locking_callback(void (*f)(int, int, const char*, int)); 00272 void CRYPTO_set_dynlock_create_callback(CRYPTO_dynlock_value* (*f)(const char*, 00273 int)); 00274 void CRYPTO_set_dynlock_lock_callback(void (*f)(int, CRYPTO_dynlock_value*, 00275 const char*, int)); 00276 void CRYPTO_set_dynlock_destroy_callback(void (*f)(CRYPTO_dynlock_value*, 00277 const char*, int)); 00278 00279 X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX*); 00280 int X509_STORE_CTX_get_error(X509_STORE_CTX*); 00281 int X509_STORE_CTX_get_error_depth(X509_STORE_CTX*); 00282 00283 char* X509_NAME_oneline(X509_NAME*, char*, int); 00284 X509_NAME* X509_get_issuer_name(X509*); 00285 X509_NAME* X509_get_subject_name(X509*); 00286 const char* X509_verify_cert_error_string(long); 00287 00288 int X509_LOOKUP_add_dir(X509_LOOKUP*, const char*, long); 00289 int X509_LOOKUP_load_file(X509_LOOKUP*, const char*, long); 00290 X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void); 00291 X509_LOOKUP_METHOD* X509_LOOKUP_file(void); 00292 00293 X509_LOOKUP* X509_STORE_add_lookup(X509_STORE*, X509_LOOKUP_METHOD*); 00294 X509_STORE* X509_STORE_new(void); 00295 int X509_STORE_get_by_subject(X509_STORE_CTX*, int, X509_NAME*, 00296 X509_OBJECT*); 00297 int X509_STORE_CTX_init(X509_STORE_CTX*, X509_STORE*, X509*, STACK_OF(X509)*); 00298 void X509_STORE_CTX_cleanup(X509_STORE_CTX*); 00299 00300 ASN1_TIME* X509_CRL_get_lastUpdate(X509_CRL*); 00301 ASN1_TIME* X509_CRL_get_nextUpdate(X509_CRL*); 00302 00303 EVP_PKEY* X509_get_pubkey(X509*); 00304 int X509_CRL_verify(X509_CRL*, EVP_PKEY*); 00305 void X509_STORE_CTX_set_error(X509_STORE_CTX*, int); 00306 void X509_OBJECT_free_contents(X509_OBJECT*); 00307 void EVP_PKEY_free(EVP_PKEY*); 00308 int X509_cmp_current_time(const ASN1_TIME*); 00309 int sk_X509_REVOKED_num(X509_REVOKED*); 00310 00311 X509_REVOKED* X509_CRL_get_REVOKED(X509_CRL*); 00312 X509_REVOKED* sk_X509_REVOKED_value(X509_REVOKED*, int); 00313 00314 ASN1_INTEGER* X509_get_serialNumber(X509*); 00315 00316 int ASN1_TIME_print(BIO*, const ASN1_TIME*); 00317 00318 int ASN1_INTEGER_cmp(const ASN1_INTEGER*, const ASN1_INTEGER*); 00319 long ASN1_INTEGER_get(const ASN1_INTEGER*); 00320 00321 STACK_OF(X509_NAME)* SSL_load_client_CA_file(const char*); 00322 00323 void SSL_CTX_set_client_CA_list(SSL_CTX*, STACK_OF(X509_NAME)*); 00324 void* X509_STORE_CTX_get_ex_data(X509_STORE_CTX*, int); 00325 int SSL_get_ex_data_X509_STORE_CTX_idx(void); 00326 void* SSL_get_ex_data(const SSL*, int); 00327 00328 void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*, void* userdata); 00329 void SSL_CTX_set_default_passwd_cb(SSL_CTX*, pem_password_cb); 00330 00331 00332 long SSL_CTX_set_timeout(SSL_CTX*, long); 00333 void SSL_CTX_set_info_callback(SSL_CTX*, void (*)()); 00334 00335 unsigned long ERR_peek_error(void); 00336 int ERR_GET_REASON(int); 00337 00338 char* SSL_alert_type_string_long(int); 00339 char* SSL_alert_desc_string_long(int); 00340 char* SSL_state_string_long(SSL*); 00341 00342 void RSA_free(RSA*); 00343 RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), void*); 00344 void SSL_CTX_set_tmp_rsa_callback(SSL_CTX*, RSA*(*)(SSL*, int, int)); 00345 00346 int PEM_def_callback(char*, int num, int w, void* key); 00347 00348 long SSL_CTX_sess_accept(SSL_CTX*); 00349 long SSL_CTX_sess_connect(SSL_CTX*); 00350 long SSL_CTX_sess_accept_good(SSL_CTX*); 00351 long SSL_CTX_sess_connect_good(SSL_CTX*); 00352 long SSL_CTX_sess_accept_renegotiate(SSL_CTX*); 00353 long SSL_CTX_sess_connect_renegotiate(SSL_CTX*); 00354 long SSL_CTX_sess_hits(SSL_CTX*); 00355 long SSL_CTX_sess_cb_hits(SSL_CTX*); 00356 long SSL_CTX_sess_cache_full(SSL_CTX*); 00357 long SSL_CTX_sess_misses(SSL_CTX*); 00358 long SSL_CTX_sess_timeouts(SSL_CTX*); 00359 long SSL_CTX_sess_number(SSL_CTX*); 00360 long SSL_CTX_sess_get_cache_size(SSL_CTX*); 00361 00362 00363 #define SSL_DEFAULT_CIPHER_LIST "" /* default all */ 00364 #define RSA_F4 0x10001L 00365 00366 enum { 00367 OCSP_NOCERTS = 1, 00368 OCSP_NOINTERN = 2, 00369 OCSP_NOSIGS = 4, 00370 OCSP_NOCHAIN = 8, 00371 OCSP_NOVERIFY = 16, 00372 OCSP_NOEXPLICIT = 32, 00373 OCSP_NOCASIGN = 64, 00374 OCSP_NODELEGATED = 128, 00375 OCSP_NOCHECKS = 256, 00376 OCSP_TRUSTOTHER = 512, 00377 OCSP_RESPID_KEY = 1024, 00378 OCSP_NOTIME = 2048, 00379 00380 OCSP_CERTID = 2, 00381 OCSP_REQUEST = 4, 00382 OCSP_RESPONSE = 8, 00383 OCSP_BASICRESP = 16, 00384 00385 ASN1_GENERALIZEDTIME = 4, 00386 00387 SSL_OP_MICROSOFT_SESS_ID_BUG = 1, 00388 SSL_OP_NETSCAPE_CHALLENGE_BUG = 2, 00389 SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 3, 00390 SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 4, 00391 SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 5, 00392 SSL_OP_MSIE_SSLV2_RSA_PADDING = 6, 00393 SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 7, 00394 SSL_OP_TLS_D5_BUG = 8, 00395 SSL_OP_TLS_BLOCK_PADDING_BUG = 9, 00396 SSL_OP_TLS_ROLLBACK_BUG = 10, 00397 SSL_OP_ALL = 11, 00398 SSL_OP_EPHEMERAL_RSA = 12, 00399 SSL_OP_NO_SSLv3 = 13, 00400 SSL_OP_NO_TLSv1 = 14, 00401 SSL_OP_PKCS1_CHECK_1 = 15, 00402 SSL_OP_PKCS1_CHECK_2 = 16, 00403 SSL_OP_NETSCAPE_CA_DN_BUG = 17, 00404 SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 18, 00405 SSL_OP_SINGLE_DH_USE = 19, 00406 SSL_OP_NO_TICKET = 20, 00407 SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 21, 00408 SSL_OP_NO_QUERY_MTU = 22, 00409 SSL_OP_COOKIE_EXCHANGE = 23, 00410 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 24, 00411 SSL_OP_SINGLE_ECDH_USE = 25, 00412 SSL_OP_CIPHER_SERVER_PREFERENCE = 26, 00413 00414 SSL_MAX_SSL_SESSION_ID_LENGTH = 32, 00415 00416 EVP_R_BAD_DECRYPT = 2, 00417 00418 SSL_CB_LOOP = 4, 00419 SSL_ST_CONNECT = 5, 00420 SSL_ST_ACCEPT = 6, 00421 SSL_CB_ALERT = 7, 00422 SSL_CB_READ = 8, 00423 SSL_CB_HANDSHAKE_DONE = 9, 00424 00425 SSL_MODE_ENABLE_PARTIAL_WRITE = 2, 00426 00427 BIO_FLAGS_BASE64_NO_NL = 1, 00428 BIO_CLOSE = 1, 00429 BIO_NOCLOSE = 0, 00430 00431 NID_undef = 0, 00432 00433 X509_FILETYPE_PEM = 8, 00434 X509_LU_X509 = 9, 00435 X509_LU_CRL = 12, 00436 00437 X509_V_ERR_CRL_SIGNATURE_FAILURE = 13, 00438 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 14, 00439 X509_V_ERR_CRL_HAS_EXPIRED = 15, 00440 X509_V_ERR_CERT_REVOKED = 16, 00441 X509_V_ERR_CERT_CHAIN_TOO_LONG = 17, 00442 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 18, 00443 X509_V_ERR_CERT_NOT_YET_VALID = 19, 00444 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 20, 00445 X509_V_ERR_CERT_HAS_EXPIRED = 21, 00446 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 22, 00447 00448 X509_V_OK = 0, 00449 00450 CRYPTO_LOCK = 1, 00451 CRYPTO_NUM_LOCKS = 10, 00452 00453 }; 00454 00455 /* extras end */ 00456 00457 #ifndef NO_FILESYSTEM 00458 /* CyaSSL extension, provide last error from SSL_get_error 00459 since not using thread storage error queue */ 00460 void ERR_print_errors_fp(FILE*, int err); 00461 #endif 00462 00463 enum { /* ssl Constants */ 00464 SSL_ERROR_NONE = 0, /* for most functions */ 00465 SSL_FAILURE = 0, /* for some functions */ 00466 SSL_SUCCESS = 1, 00467 00468 SSL_BAD_CERTTYPE = -8, 00469 SSL_BAD_STAT = -7, 00470 SSL_BAD_PATH = -6, 00471 SSL_BAD_FILETYPE = -5, 00472 SSL_BAD_FILE = -4, 00473 SSL_NOT_IMPLEMENTED = -3, 00474 SSL_UNKNOWN = -2, 00475 SSL_FATAL_ERROR = -1, 00476 00477 SSL_FILETYPE_ASN1 = 2, 00478 SSL_FILETYPE_PEM = 1, 00479 SSL_FILETYPE_DEFAULT = 2, /* ASN1 */ 00480 SSL_FILETYPE_RAW = 3, /* NTRU raw key blob */ 00481 00482 SSL_VERIFY_NONE = 0, 00483 SSL_VERIFY_PEER = 1, 00484 SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2, 00485 SSL_VERIFY_CLIENT_ONCE = 4, 00486 00487 SSL_SESS_CACHE_OFF = 30, 00488 SSL_SESS_CACHE_CLIENT = 31, 00489 SSL_SESS_CACHE_SERVER = 32, 00490 SSL_SESS_CACHE_BOTH = 33, 00491 SSL_SESS_CACHE_NO_AUTO_CLEAR = 34, 00492 SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 35, 00493 00494 SSL_ERROR_WANT_READ = 2, 00495 SSL_ERROR_WANT_WRITE = 3, 00496 SSL_ERROR_WANT_CONNECT = 7, 00497 SSL_ERROR_WANT_ACCEPT = 8, 00498 SSL_ERROR_SYSCALL = 5, 00499 SSL_ERROR_WANT_X509_LOOKUP = 83, 00500 SSL_ERROR_ZERO_RETURN = 6, 00501 SSL_ERROR_SSL = 85, 00502 00503 SSL_SENT_SHUTDOWN = 1, 00504 SSL_RECEIVED_SHUTDOWN = 2, 00505 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = 4, 00506 SSL_OP_NO_SSLv2 = 8, 00507 00508 SSL_R_SSL_HANDSHAKE_FAILURE = 101, 00509 SSL_R_TLSV1_ALERT_UNKNOWN_CA = 102, 00510 SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 103, 00511 SSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 104, 00512 00513 PEM_BUFSIZE = 1024, 00514 }; 00515 00516 00517 #ifndef NO_PSK 00518 typedef unsigned int (*psk_client_callback)(SSL*, const char*, char*, 00519 unsigned int, unsigned char*, unsigned int); 00520 void SSL_CTX_set_psk_client_callback(SSL_CTX*, psk_client_callback); 00521 void SSL_set_psk_client_callback(SSL*, psk_client_callback); 00522 00523 const char* SSL_get_psk_identity_hint(const SSL*); 00524 const char* SSL_get_psk_identity(const SSL*); 00525 00526 int SSL_CTX_use_psk_identity_hint(SSL_CTX*, const char*); 00527 int SSL_use_psk_identity_hint(SSL*, const char*); 00528 00529 typedef unsigned int (*psk_server_callback)(SSL*, const char*, 00530 unsigned char*, unsigned int); 00531 void SSL_CTX_set_psk_server_callback(SSL_CTX*, psk_server_callback); 00532 void SSL_set_psk_server_callback(SSL*, psk_server_callback); 00533 00534 #define PSK_TYPES_DEFINED 00535 #endif /* NO_PSK */ 00536 00537 00538 /* extra begins */ 00539 00540 enum { /* ERR Constants */ 00541 ERR_TXT_STRING = 1, 00542 }; 00543 00544 unsigned long ERR_get_error_line_data(const char**, int*, const char**, int *); 00545 00546 unsigned long ERR_get_error(void); 00547 void ERR_clear_error(void); 00548 00549 00550 int RAND_status(void); 00551 int RAND_bytes(unsigned char* buf, int num); 00552 SSL_METHOD *SSLv23_server_method(void); 00553 long SSL_CTX_set_options(SSL_CTX*, long); 00554 int SSL_CTX_check_private_key(SSL_CTX*); 00555 00556 00557 void ERR_free_strings(void); 00558 void ERR_remove_state(unsigned long); 00559 void EVP_cleanup(void); 00560 00561 void CRYPTO_cleanup_all_ex_data(void); 00562 long SSL_CTX_set_mode(SSL_CTX* ctx, long mode); 00563 long SSL_CTX_get_mode(SSL_CTX* ctx); 00564 void SSL_CTX_set_default_read_ahead(SSL_CTX* ctx, int m); 00565 00566 long SSL_CTX_sess_set_cache_size(SSL_CTX*, long); 00567 00568 int SSL_CTX_set_default_verify_paths(SSL_CTX*); 00569 int SSL_CTX_set_session_id_context(SSL_CTX*, const unsigned char*, 00570 unsigned int); 00571 00572 X509* SSL_get_peer_certificate(SSL* ssl); 00573 00574 int SSL_want_read(SSL*); 00575 int SSL_want_write(SSL*); 00576 00577 int BIO_printf(BIO*, const char*, ...); 00578 int ASN1_UTCTIME_print(BIO*, const ASN1_UTCTIME*); 00579 00580 int sk_num(X509_REVOKED*); 00581 void* sk_value(X509_REVOKED*, int); 00582 00583 /* stunnel 4.28 needs */ 00584 void* SSL_CTX_get_ex_data(const SSL_CTX*, int); 00585 int SSL_CTX_set_ex_data(SSL_CTX*, int, void*); 00586 void SSL_CTX_sess_set_get_cb(SSL_CTX*, SSL_SESSION*(*f)(SSL*, unsigned char*, 00587 int, int*)); 00588 void SSL_CTX_sess_set_new_cb(SSL_CTX*, int (*f)(SSL*, SSL_SESSION*)); 00589 void SSL_CTX_sess_set_remove_cb(SSL_CTX*, void (*f)(SSL_CTX*, SSL_SESSION*)); 00590 00591 int i2d_SSL_SESSION(SSL_SESSION*, unsigned char**); 00592 SSL_SESSION* d2i_SSL_SESSION(SSL_SESSION**,const unsigned char**, long); 00593 00594 long SSL_SESSION_get_timeout(const SSL_SESSION*); 00595 long SSL_SESSION_get_time(const SSL_SESSION*); 00596 int SSL_CTX_get_ex_new_index(long, void*, void*, void*, void*); 00597 00598 /* extra ends */ 00599 00600 00601 /* CyaSSL extensions */ 00602 00603 /* call before SSL_connect, if verifying will add name check to 00604 date check and signature check */ 00605 int CyaSSL_check_domain_name(SSL* ssl, const char* dn); 00606 00607 int InitCyaSSL(void); /* need to call once to load library (session cache) */ 00608 int FreeCyaSSL(void); /* call when done to free session cache mutex */ 00609 00610 int CyaSSL_Debugging_ON(void); /* turn logging on, only if compiled in */ 00611 void CyaSSL_Debugging_OFF(void); /* turn logging off */ 00612 00613 int CyaSSL_set_compression(SSL* ssl); /* turn on CyaSSL data compression */ 00614 00615 int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); /* load NTRU 00616 private key blob */ 00617 X509_CHAIN* CyaSSL_get_peer_chain(SSL* ssl); /* get CyaSSL peer X509_CHAIN */ 00618 int CyaSSL_get_chain_count(X509_CHAIN* chain); /* peer chain count */ 00619 int CyaSSL_get_chain_length(X509_CHAIN*, int idx); /* index cert length */ 00620 unsigned char* CyaSSL_get_chain_cert(X509_CHAIN*, int idx); /* index cert */ 00621 int CyaSSL_get_chain_cert_pem(X509_CHAIN*, int idx, unsigned char* buffer, 00622 int inLen, int* outLen); /* get index cert in PEM */ 00623 const unsigned char* CyaSSL_get_sessionID(const SSL_SESSION* session); 00624 00625 #ifndef _WIN32 00626 #ifndef NO_WRITEV 00627 #include <sys/uio.h> 00628 /* allow writev style writing */ 00629 int CyaSSL_writev(SSL* ssl, const struct iovec* iov, int iovcnt); 00630 #endif 00631 #endif 00632 00633 #if defined(NO_FILESYSTEM) || defined(MICRIUM) 00634 00635 int CyaSSL_CTX_load_verify_buffer(SSL_CTX*, const unsigned char*, long, int); 00636 int CyaSSL_CTX_use_certificate_buffer(SSL_CTX*, const unsigned char*, long,int); 00637 int CyaSSL_CTX_use_PrivateKey_buffer(SSL_CTX*, const unsigned char*, long, int); 00638 int CyaSSL_CTX_use_certificate_chain_buffer(SSL_CTX*,const unsigned char*,long); 00639 00640 #endif /* NO_FILESYSTEM || MICRIUM */ 00641 00642 00643 /* I/O callbacks */ 00644 typedef int (*CallbackIORecv)(char *buf, int sz, void *ctx); 00645 typedef int (*CallbackIOSend)(char *buf, int sz, void *ctx); 00646 00647 void CyaSSL_SetIORecv(SSL_CTX*, CallbackIORecv); 00648 void CyaSSL_SetIOSend(SSL_CTX*, CallbackIOSend); 00649 00650 void CyaSSL_SetIOReadCtx(SSL* ssl, void *ctx); 00651 void CyaSSL_SetIOWriteCtx(SSL* ssl, void *ctx); 00652 00653 00654 #ifdef CYASSL_CALLBACKS 00655 00656 /* used internally by CyaSSL while OpenSSL types aren't */ 00657 #include "cyassl_callbacks.h" 00658 00659 typedef int (*HandShakeCallBack)(HandShakeInfo*); 00660 typedef int (*TimeoutCallBack)(TimeoutInfo*); 00661 00662 /* CyaSSL connect extension allowing HandShakeCallBack and/or TimeoutCallBack 00663 for diagnostics */ 00664 int CyaSSL_connect_ex(SSL*, HandShakeCallBack, TimeoutCallBack, Timeval); 00665 int CyaSSL_accept_ex(SSL*, HandShakeCallBack, TimeoutCallBack, Timeval); 00666 00667 #endif /* CYASSL_CALLBACKS */ 00668 00669 00670 #ifdef __cplusplus 00671 } /* extern "C" */ 00672 #endif 00673 00674 00675 #endif /* CyaSSL_openssl_h__ */
Generated on Sat Jul 16 2022 04:51:03 by
1.7.2