Todd Ouska
CyaSSL is an SSL library for devices like mbed.
Dependents: cyassl-client Sync
Embed:
(wiki syntax)
Show/hide line numbers
ssl.h
00001 /* ssl.h 00002 * 00003 * Copyright (C) 2006-2009 Sawtooth Consulting Ltd. 00004 * 00005 * This file is part of CyaSSL. 00006 * 00007 * CyaSSL is free software; you can redistribute it and/or modify 00008 * it under the terms of the GNU General Public License as published by 00009 * the Free Software Foundation; either version 2 of the License, or 00010 * (at your option) any later version. 00011 * 00012 * CyaSSL is distributed in the hope that it will be useful, 00013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00015 * GNU General Public License for more details. 00016 * 00017 * You should have received a copy of the GNU General Public License 00018 * along with this program; if not, write to the Free Software 00019 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA 00020 */ 00021 00022 00023 /* ssl.h defines openssl compatibility layer 00024 * 00025 */ 00026 00027 00028 00029 #ifndef CYASSL_OPENSSL_H_ 00030 #define CYASSL_OPENSSL_H_ 00031 00032 #include "os_settings.h" /* for users not using preprocessor flags */ 00033 00034 #ifndef NO_FILESYTEM 00035 #include <stdio.h> /* ERR_print fp */ 00036 #endif 00037 00038 #ifdef YASSL_PREFIX 00039 #include "prefix_ssl.h" 00040 #endif 00041 00042 #undef X509_NAME /* wincrypt.h clash */ 00043 00044 #ifdef __cplusplus 00045 extern "C" { 00046 #endif 00047 00048 00049 00050 typedef struct SSL SSL; 00051 typedef struct SSL_SESSION SSL_SESSION; 00052 typedef struct SSL_METHOD SSL_METHOD; 00053 typedef struct SSL_CTX SSL_CTX; 00054 00055 typedef struct X509 X509; 00056 typedef struct X509_NAME X509_NAME; 00057 typedef struct X509_CHAIN X509_CHAIN; 00058 00059 00060 /* redeclare guard */ 00061 #define SSL_TYPES_DEFINED 00062 00063 00064 00065 00066 typedef struct EVP_PKEY EVP_PKEY; 00067 typedef struct RSA RSA; 00068 typedef struct BIO BIO; 00069 typedef struct BIO_METHOD BIO_METHOD; 00070 typedef struct SSL_CIPHER SSL_CIPHER; 00071 typedef struct X509_LOOKUP X509_LOOKUP; 00072 typedef struct X509_LOOKUP_METHOD X509_LOOKUP_METHOD; 00073 typedef struct X509_CRL X509_CRL; 00074 typedef struct X509_EXTENSION X509_EXTENSION; 00075 typedef struct ASN1_TIME ASN1_TIME; 00076 typedef struct ASN1_INTEGER ASN1_INTEGER; 00077 typedef struct ASN1_OBJECT ASN1_OBJECT; 00078 typedef struct ASN1_STRING ASN1_STRING; 00079 typedef struct CRYPTO_dynlock_value CRYPTO_dynlock_value; 00080 00081 #define ASN1_UTCTIME ASN1_TIME 00082 00083 typedef struct MD4_CTX { 00084 int buffer[32]; /* big enough to hold, check size in Init */ 00085 } MD4_CTX; 00086 00087 00088 typedef struct COMP_METHOD { 00089 int type; /* stunnel dereference */ 00090 } COMP_METHOD; 00091 00092 00093 typedef struct X509_STORE { 00094 int cache; /* stunnel dereference */ 00095 } X509_STORE; 00096 00097 00098 typedef struct X509_REVOKED { 00099 ASN1_INTEGER* serialNumber; /* stunnel dereference */ 00100 } X509_REVOKED; 00101 00102 00103 typedef struct X509_OBJECT { 00104 union { 00105 char* ptr; 00106 X509_CRL* crl; /* stunnel dereference */ 00107 } data; 00108 } X509_OBJECT; 00109 00110 00111 /* in cyassl_int.h too, change there !! */ 00112 typedef struct X509_STORE_CTX { 00113 int error; 00114 int error_depth; 00115 X509* current_cert; /* stunnel dereference */ 00116 char* domain; /* subject CN domain name */ 00117 /* in cyassl_int.h too, change there !! */ 00118 } X509_STORE_CTX; 00119 00120 00121 SSL_METHOD *SSLv3_server_method(void); 00122 SSL_METHOD *SSLv3_client_method(void); 00123 SSL_METHOD *TLSv1_server_method(void); 00124 SSL_METHOD *TLSv1_client_method(void); 00125 SSL_METHOD *TLSv1_1_server_method(void); 00126 SSL_METHOD *TLSv1_1_client_method(void); 00127 SSL_METHOD *TLSv1_2_server_method(void); 00128 SSL_METHOD *TLSv1_2_client_method(void); 00129 00130 #ifdef CYASSL_DTLS 00131 SSL_METHOD *DTLSv1_client_method(void); 00132 SSL_METHOD *DTLSv1_server_method(void); 00133 #endif 00134 00135 #ifndef NO_FILESYSTEM 00136 00137 int SSL_CTX_use_certificate_file(SSL_CTX*, const char*, int); 00138 int SSL_CTX_use_PrivateKey_file(SSL_CTX*, const char*, int); 00139 int SSL_CTX_load_verify_locations(SSL_CTX*, const char*, const char*); 00140 int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); 00141 int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX*, const char*, int); 00142 00143 #ifdef CYASSL_DER_LOAD 00144 int CyaSSL_CTX_load_verify_locations(SSL_CTX*, const char*, int); 00145 #endif 00146 00147 #ifdef HAVE_NTRU 00148 int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); /* load NTRU 00149 private key blob */ 00150 #endif 00151 00152 int CyaSSL_PemCertToDer(const char*, unsigned char*, int); 00153 00154 #endif /* NO_FILESYSTEM */ 00155 00156 SSL_CTX* SSL_CTX_new(SSL_METHOD*); 00157 SSL* SSL_new(SSL_CTX*); 00158 int SSL_set_fd (SSL*, int); 00159 int SSL_get_fd(const SSL*); 00160 int SSL_connect(SSL*); /* please see note at top of README 00161 if you get an error from connect */ 00162 int SSL_write(SSL*, const void*, int); 00163 int SSL_read(SSL*, void*, int); 00164 int SSL_accept(SSL*); 00165 void SSL_CTX_free(SSL_CTX*); 00166 void SSL_free(SSL*); 00167 int SSL_shutdown(SSL*); 00168 00169 void SSL_CTX_set_quiet_shutdown(SSL_CTX*, int); 00170 00171 int SSL_get_error(SSL*, int); 00172 00173 int SSL_set_session(SSL *ssl, SSL_SESSION *session); 00174 SSL_SESSION* SSL_get_session(SSL* ssl); 00175 void SSL_flush_sessions(SSL_CTX *ctx, long tm); 00176 00177 00178 typedef int (*VerifyCallback)(int, X509_STORE_CTX*); 00179 typedef int (*pem_password_cb)(char*, int, int, void*); 00180 00181 void SSL_CTX_set_verify(SSL_CTX*, int, VerifyCallback verify_callback); 00182 00183 00184 int SSL_pending(SSL*); 00185 00186 00187 void SSL_load_error_strings(void); 00188 int SSL_library_init(void); 00189 long SSL_CTX_set_session_cache_mode(SSL_CTX*, long); 00190 00191 /* only supports full name from cipher_name[] delimited by : */ 00192 int SSL_CTX_set_cipher_list(SSL_CTX*, const char*); 00193 00194 char* ERR_error_string(unsigned long,char*); 00195 void ERR_error_string_n(unsigned long e, char *buf, size_t len); 00196 00197 00198 /* extras */ 00199 00200 #define STACK_OF(x) x 00201 00202 int SSL_set_ex_data(SSL*, int, void*); 00203 int SSL_get_shutdown(const SSL*); 00204 int SSL_set_rfd(SSL*, int); 00205 int SSL_set_wfd(SSL*, int); 00206 void SSL_set_shutdown(SSL*, int); 00207 int SSL_set_session_id_context(SSL*, const unsigned char*, unsigned int); 00208 void SSL_set_connect_state(SSL*); 00209 void SSL_set_accept_state(SSL*); 00210 int SSL_session_reused(SSL*); 00211 void SSL_SESSION_free(SSL_SESSION* session); 00212 00213 const char* SSL_get_version(SSL*); 00214 SSL_CIPHER* SSL_get_current_cipher(SSL*); 00215 char* SSL_CIPHER_description(SSL_CIPHER*, char*, int); 00216 const char* SSL_CIPHER_get_name(const SSL_CIPHER* cipher); 00217 SSL_SESSION* SSL_get1_session(SSL* ssl); /* what's ref count */ 00218 00219 void X509_free(X509*); 00220 void OPENSSL_free(void*); 00221 00222 int OCSP_parse_url(char* url, char** host, char** port, char** path, int* ssl); 00223 00224 SSL_METHOD* SSLv23_client_method(void); 00225 SSL_METHOD* SSLv2_client_method(void); 00226 SSL_METHOD* SSLv2_server_method(void); 00227 00228 void MD4_Init(MD4_CTX*); 00229 void MD4_Update(MD4_CTX*, const void*, size_t); 00230 void MD4_Final(unsigned char*, MD4_CTX*); 00231 00232 BIO* BIO_new(BIO_METHOD*); 00233 int BIO_free(BIO*); 00234 int BIO_free_all(BIO*); 00235 int BIO_read(BIO*, void*, int); 00236 int BIO_write(BIO*, const void*, int); 00237 BIO* BIO_push(BIO*, BIO* append); 00238 BIO* BIO_pop(BIO*); 00239 int BIO_flush(BIO*); 00240 int BIO_pending(BIO*); 00241 00242 BIO_METHOD* BIO_f_buffer(void); 00243 long BIO_set_write_buffer_size(BIO*, long size); 00244 BIO_METHOD* BIO_f_ssl(void); 00245 BIO* BIO_new_socket(int sfd, int flag); 00246 void SSL_set_bio(SSL*, BIO* rd, BIO* wr); 00247 int BIO_eof(BIO*); 00248 long BIO_set_ssl(BIO*, SSL*, int flag); 00249 00250 BIO_METHOD* BIO_s_mem(void); 00251 BIO_METHOD* BIO_f_base64(void); 00252 void BIO_set_flags(BIO*, int); 00253 00254 void OpenSSL_add_all_algorithms(void); 00255 int SSLeay_add_ssl_algorithms(void); 00256 int SSLeay_add_all_algorithms(void); 00257 00258 void RAND_screen(void); 00259 const char* RAND_file_name(char*, size_t); 00260 int RAND_write_file(const char*); 00261 int RAND_load_file(const char*, long); 00262 int RAND_egd(const char*); 00263 00264 COMP_METHOD* COMP_zlib(void); 00265 COMP_METHOD* COMP_rle(void); 00266 int SSL_COMP_add_compression_method(int, void*); 00267 00268 int SSL_get_ex_new_index(long, void*, void*, void*, void*); 00269 00270 void CRYPTO_set_id_callback(unsigned long (*f)(void)); 00271 void CRYPTO_set_locking_callback(void (*f)(int, int, const char*, int)); 00272 void CRYPTO_set_dynlock_create_callback(CRYPTO_dynlock_value* (*f)(const char*, 00273 int)); 00274 void CRYPTO_set_dynlock_lock_callback(void (*f)(int, CRYPTO_dynlock_value*, 00275 const char*, int)); 00276 void CRYPTO_set_dynlock_destroy_callback(void (*f)(CRYPTO_dynlock_value*, 00277 const char*, int)); 00278 00279 X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX*); 00280 int X509_STORE_CTX_get_error(X509_STORE_CTX*); 00281 int X509_STORE_CTX_get_error_depth(X509_STORE_CTX*); 00282 00283 char* X509_NAME_oneline(X509_NAME*, char*, int); 00284 X509_NAME* X509_get_issuer_name(X509*); 00285 X509_NAME* X509_get_subject_name(X509*); 00286 const char* X509_verify_cert_error_string(long); 00287 00288 int X509_LOOKUP_add_dir(X509_LOOKUP*, const char*, long); 00289 int X509_LOOKUP_load_file(X509_LOOKUP*, const char*, long); 00290 X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void); 00291 X509_LOOKUP_METHOD* X509_LOOKUP_file(void); 00292 00293 X509_LOOKUP* X509_STORE_add_lookup(X509_STORE*, X509_LOOKUP_METHOD*); 00294 X509_STORE* X509_STORE_new(void); 00295 int X509_STORE_get_by_subject(X509_STORE_CTX*, int, X509_NAME*, 00296 X509_OBJECT*); 00297 int X509_STORE_CTX_init(X509_STORE_CTX*, X509_STORE*, X509*, STACK_OF(X509)*); 00298 void X509_STORE_CTX_cleanup(X509_STORE_CTX*); 00299 00300 ASN1_TIME* X509_CRL_get_lastUpdate(X509_CRL*); 00301 ASN1_TIME* X509_CRL_get_nextUpdate(X509_CRL*); 00302 00303 EVP_PKEY* X509_get_pubkey(X509*); 00304 int X509_CRL_verify(X509_CRL*, EVP_PKEY*); 00305 void X509_STORE_CTX_set_error(X509_STORE_CTX*, int); 00306 void X509_OBJECT_free_contents(X509_OBJECT*); 00307 void EVP_PKEY_free(EVP_PKEY*); 00308 int X509_cmp_current_time(const ASN1_TIME*); 00309 int sk_X509_REVOKED_num(X509_REVOKED*); 00310 00311 X509_REVOKED* X509_CRL_get_REVOKED(X509_CRL*); 00312 X509_REVOKED* sk_X509_REVOKED_value(X509_REVOKED*, int); 00313 00314 ASN1_INTEGER* X509_get_serialNumber(X509*); 00315 00316 int ASN1_TIME_print(BIO*, const ASN1_TIME*); 00317 00318 int ASN1_INTEGER_cmp(const ASN1_INTEGER*, const ASN1_INTEGER*); 00319 long ASN1_INTEGER_get(const ASN1_INTEGER*); 00320 00321 STACK_OF(X509_NAME)* SSL_load_client_CA_file(const char*); 00322 00323 void SSL_CTX_set_client_CA_list(SSL_CTX*, STACK_OF(X509_NAME)*); 00324 void* X509_STORE_CTX_get_ex_data(X509_STORE_CTX*, int); 00325 int SSL_get_ex_data_X509_STORE_CTX_idx(void); 00326 void* SSL_get_ex_data(const SSL*, int); 00327 00328 void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*, void* userdata); 00329 void SSL_CTX_set_default_passwd_cb(SSL_CTX*, pem_password_cb); 00330 00331 00332 long SSL_CTX_set_timeout(SSL_CTX*, long); 00333 void SSL_CTX_set_info_callback(SSL_CTX*, void (*)()); 00334 00335 unsigned long ERR_peek_error(void); 00336 int ERR_GET_REASON(int); 00337 00338 char* SSL_alert_type_string_long(int); 00339 char* SSL_alert_desc_string_long(int); 00340 char* SSL_state_string_long(SSL*); 00341 00342 void RSA_free(RSA*); 00343 RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), void*); 00344 void SSL_CTX_set_tmp_rsa_callback(SSL_CTX*, RSA*(*)(SSL*, int, int)); 00345 00346 int PEM_def_callback(char*, int num, int w, void* key); 00347 00348 long SSL_CTX_sess_accept(SSL_CTX*); 00349 long SSL_CTX_sess_connect(SSL_CTX*); 00350 long SSL_CTX_sess_accept_good(SSL_CTX*); 00351 long SSL_CTX_sess_connect_good(SSL_CTX*); 00352 long SSL_CTX_sess_accept_renegotiate(SSL_CTX*); 00353 long SSL_CTX_sess_connect_renegotiate(SSL_CTX*); 00354 long SSL_CTX_sess_hits(SSL_CTX*); 00355 long SSL_CTX_sess_cb_hits(SSL_CTX*); 00356 long SSL_CTX_sess_cache_full(SSL_CTX*); 00357 long SSL_CTX_sess_misses(SSL_CTX*); 00358 long SSL_CTX_sess_timeouts(SSL_CTX*); 00359 long SSL_CTX_sess_number(SSL_CTX*); 00360 long SSL_CTX_sess_get_cache_size(SSL_CTX*); 00361 00362 00363 #define SSL_DEFAULT_CIPHER_LIST "" /* default all */ 00364 #define RSA_F4 0x10001L 00365 00366 enum { 00367 OCSP_NOCERTS = 1, 00368 OCSP_NOINTERN = 2, 00369 OCSP_NOSIGS = 4, 00370 OCSP_NOCHAIN = 8, 00371 OCSP_NOVERIFY = 16, 00372 OCSP_NOEXPLICIT = 32, 00373 OCSP_NOCASIGN = 64, 00374 OCSP_NODELEGATED = 128, 00375 OCSP_NOCHECKS = 256, 00376 OCSP_TRUSTOTHER = 512, 00377 OCSP_RESPID_KEY = 1024, 00378 OCSP_NOTIME = 2048, 00379 00380 OCSP_CERTID = 2, 00381 OCSP_REQUEST = 4, 00382 OCSP_RESPONSE = 8, 00383 OCSP_BASICRESP = 16, 00384 00385 ASN1_GENERALIZEDTIME = 4, 00386 00387 SSL_OP_MICROSOFT_SESS_ID_BUG = 1, 00388 SSL_OP_NETSCAPE_CHALLENGE_BUG = 2, 00389 SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 3, 00390 SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 4, 00391 SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 5, 00392 SSL_OP_MSIE_SSLV2_RSA_PADDING = 6, 00393 SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 7, 00394 SSL_OP_TLS_D5_BUG = 8, 00395 SSL_OP_TLS_BLOCK_PADDING_BUG = 9, 00396 SSL_OP_TLS_ROLLBACK_BUG = 10, 00397 SSL_OP_ALL = 11, 00398 SSL_OP_EPHEMERAL_RSA = 12, 00399 SSL_OP_NO_SSLv3 = 13, 00400 SSL_OP_NO_TLSv1 = 14, 00401 SSL_OP_PKCS1_CHECK_1 = 15, 00402 SSL_OP_PKCS1_CHECK_2 = 16, 00403 SSL_OP_NETSCAPE_CA_DN_BUG = 17, 00404 SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 18, 00405 SSL_OP_SINGLE_DH_USE = 19, 00406 SSL_OP_NO_TICKET = 20, 00407 SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 21, 00408 SSL_OP_NO_QUERY_MTU = 22, 00409 SSL_OP_COOKIE_EXCHANGE = 23, 00410 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 24, 00411 SSL_OP_SINGLE_ECDH_USE = 25, 00412 SSL_OP_CIPHER_SERVER_PREFERENCE = 26, 00413 00414 SSL_MAX_SSL_SESSION_ID_LENGTH = 32, 00415 00416 EVP_R_BAD_DECRYPT = 2, 00417 00418 SSL_CB_LOOP = 4, 00419 SSL_ST_CONNECT = 5, 00420 SSL_ST_ACCEPT = 6, 00421 SSL_CB_ALERT = 7, 00422 SSL_CB_READ = 8, 00423 SSL_CB_HANDSHAKE_DONE = 9, 00424 00425 SSL_MODE_ENABLE_PARTIAL_WRITE = 2, 00426 00427 BIO_FLAGS_BASE64_NO_NL = 1, 00428 BIO_CLOSE = 1, 00429 BIO_NOCLOSE = 0, 00430 00431 NID_undef = 0, 00432 00433 X509_FILETYPE_PEM = 8, 00434 X509_LU_X509 = 9, 00435 X509_LU_CRL = 12, 00436 00437 X509_V_ERR_CRL_SIGNATURE_FAILURE = 13, 00438 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 14, 00439 X509_V_ERR_CRL_HAS_EXPIRED = 15, 00440 X509_V_ERR_CERT_REVOKED = 16, 00441 X509_V_ERR_CERT_CHAIN_TOO_LONG = 17, 00442 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 18, 00443 X509_V_ERR_CERT_NOT_YET_VALID = 19, 00444 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 20, 00445 X509_V_ERR_CERT_HAS_EXPIRED = 21, 00446 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 22, 00447 00448 X509_V_OK = 0, 00449 00450 CRYPTO_LOCK = 1, 00451 CRYPTO_NUM_LOCKS = 10, 00452 00453 }; 00454 00455 /* extras end */ 00456 00457 #ifndef NO_FILESYSTEM 00458 /* CyaSSL extension, provide last error from SSL_get_error 00459 since not using thread storage error queue */ 00460 void ERR_print_errors_fp(FILE*, int err); 00461 #endif 00462 00463 enum { /* ssl Constants */ 00464 SSL_ERROR_NONE = 0, /* for most functions */ 00465 SSL_FAILURE = 0, /* for some functions */ 00466 SSL_SUCCESS = 1, 00467 00468 SSL_BAD_CERTTYPE = -8, 00469 SSL_BAD_STAT = -7, 00470 SSL_BAD_PATH = -6, 00471 SSL_BAD_FILETYPE = -5, 00472 SSL_BAD_FILE = -4, 00473 SSL_NOT_IMPLEMENTED = -3, 00474 SSL_UNKNOWN = -2, 00475 SSL_FATAL_ERROR = -1, 00476 00477 SSL_FILETYPE_ASN1 = 2, 00478 SSL_FILETYPE_PEM = 1, 00479 SSL_FILETYPE_DEFAULT = 2, /* ASN1 */ 00480 SSL_FILETYPE_RAW = 3, /* NTRU raw key blob */ 00481 00482 SSL_VERIFY_NONE = 0, 00483 SSL_VERIFY_PEER = 1, 00484 SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2, 00485 SSL_VERIFY_CLIENT_ONCE = 4, 00486 00487 SSL_SESS_CACHE_OFF = 30, 00488 SSL_SESS_CACHE_CLIENT = 31, 00489 SSL_SESS_CACHE_SERVER = 32, 00490 SSL_SESS_CACHE_BOTH = 33, 00491 SSL_SESS_CACHE_NO_AUTO_CLEAR = 34, 00492 SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 35, 00493 00494 SSL_ERROR_WANT_READ = 2, 00495 SSL_ERROR_WANT_WRITE = 3, 00496 SSL_ERROR_WANT_CONNECT = 7, 00497 SSL_ERROR_WANT_ACCEPT = 8, 00498 SSL_ERROR_SYSCALL = 5, 00499 SSL_ERROR_WANT_X509_LOOKUP = 83, 00500 SSL_ERROR_ZERO_RETURN = 6, 00501 SSL_ERROR_SSL = 85, 00502 00503 SSL_SENT_SHUTDOWN = 1, 00504 SSL_RECEIVED_SHUTDOWN = 2, 00505 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = 4, 00506 SSL_OP_NO_SSLv2 = 8, 00507 00508 SSL_R_SSL_HANDSHAKE_FAILURE = 101, 00509 SSL_R_TLSV1_ALERT_UNKNOWN_CA = 102, 00510 SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 103, 00511 SSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 104, 00512 00513 PEM_BUFSIZE = 1024, 00514 }; 00515 00516 00517 #ifndef NO_PSK 00518 typedef unsigned int (*psk_client_callback)(SSL*, const char*, char*, 00519 unsigned int, unsigned char*, unsigned int); 00520 void SSL_CTX_set_psk_client_callback(SSL_CTX*, psk_client_callback); 00521 void SSL_set_psk_client_callback(SSL*, psk_client_callback); 00522 00523 const char* SSL_get_psk_identity_hint(const SSL*); 00524 const char* SSL_get_psk_identity(const SSL*); 00525 00526 int SSL_CTX_use_psk_identity_hint(SSL_CTX*, const char*); 00527 int SSL_use_psk_identity_hint(SSL*, const char*); 00528 00529 typedef unsigned int (*psk_server_callback)(SSL*, const char*, 00530 unsigned char*, unsigned int); 00531 void SSL_CTX_set_psk_server_callback(SSL_CTX*, psk_server_callback); 00532 void SSL_set_psk_server_callback(SSL*, psk_server_callback); 00533 00534 #define PSK_TYPES_DEFINED 00535 #endif /* NO_PSK */ 00536 00537 00538 /* extra begins */ 00539 00540 enum { /* ERR Constants */ 00541 ERR_TXT_STRING = 1, 00542 }; 00543 00544 unsigned long ERR_get_error_line_data(const char**, int*, const char**, int *); 00545 00546 unsigned long ERR_get_error(void); 00547 void ERR_clear_error(void); 00548 00549 00550 int RAND_status(void); 00551 int RAND_bytes(unsigned char* buf, int num); 00552 SSL_METHOD *SSLv23_server_method(void); 00553 long SSL_CTX_set_options(SSL_CTX*, long); 00554 int SSL_CTX_check_private_key(SSL_CTX*); 00555 00556 00557 void ERR_free_strings(void); 00558 void ERR_remove_state(unsigned long); 00559 void EVP_cleanup(void); 00560 00561 void CRYPTO_cleanup_all_ex_data(void); 00562 long SSL_CTX_set_mode(SSL_CTX* ctx, long mode); 00563 long SSL_CTX_get_mode(SSL_CTX* ctx); 00564 void SSL_CTX_set_default_read_ahead(SSL_CTX* ctx, int m); 00565 00566 long SSL_CTX_sess_set_cache_size(SSL_CTX*, long); 00567 00568 int SSL_CTX_set_default_verify_paths(SSL_CTX*); 00569 int SSL_CTX_set_session_id_context(SSL_CTX*, const unsigned char*, 00570 unsigned int); 00571 00572 X509* SSL_get_peer_certificate(SSL* ssl); 00573 00574 int SSL_want_read(SSL*); 00575 int SSL_want_write(SSL*); 00576 00577 int BIO_printf(BIO*, const char*, ...); 00578 int ASN1_UTCTIME_print(BIO*, const ASN1_UTCTIME*); 00579 00580 int sk_num(X509_REVOKED*); 00581 void* sk_value(X509_REVOKED*, int); 00582 00583 /* stunnel 4.28 needs */ 00584 void* SSL_CTX_get_ex_data(const SSL_CTX*, int); 00585 int SSL_CTX_set_ex_data(SSL_CTX*, int, void*); 00586 void SSL_CTX_sess_set_get_cb(SSL_CTX*, SSL_SESSION*(*f)(SSL*, unsigned char*, 00587 int, int*)); 00588 void SSL_CTX_sess_set_new_cb(SSL_CTX*, int (*f)(SSL*, SSL_SESSION*)); 00589 void SSL_CTX_sess_set_remove_cb(SSL_CTX*, void (*f)(SSL_CTX*, SSL_SESSION*)); 00590 00591 int i2d_SSL_SESSION(SSL_SESSION*, unsigned char**); 00592 SSL_SESSION* d2i_SSL_SESSION(SSL_SESSION**,const unsigned char**, long); 00593 00594 long SSL_SESSION_get_timeout(const SSL_SESSION*); 00595 long SSL_SESSION_get_time(const SSL_SESSION*); 00596 int SSL_CTX_get_ex_new_index(long, void*, void*, void*, void*); 00597 00598 /* extra ends */ 00599 00600 00601 /* CyaSSL extensions */ 00602 00603 /* call before SSL_connect, if verifying will add name check to 00604 date check and signature check */ 00605 int CyaSSL_check_domain_name(SSL* ssl, const char* dn); 00606 00607 int InitCyaSSL(void); /* need to call once to load library (session cache) */ 00608 int FreeCyaSSL(void); /* call when done to free session cache mutex */ 00609 00610 int CyaSSL_Debugging_ON(void); /* turn logging on, only if compiled in */ 00611 void CyaSSL_Debugging_OFF(void); /* turn logging off */ 00612 00613 int CyaSSL_set_compression(SSL* ssl); /* turn on CyaSSL data compression */ 00614 00615 int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); /* load NTRU 00616 private key blob */ 00617 X509_CHAIN* CyaSSL_get_peer_chain(SSL* ssl); /* get CyaSSL peer X509_CHAIN */ 00618 int CyaSSL_get_chain_count(X509_CHAIN* chain); /* peer chain count */ 00619 int CyaSSL_get_chain_length(X509_CHAIN*, int idx); /* index cert length */ 00620 unsigned char* CyaSSL_get_chain_cert(X509_CHAIN*, int idx); /* index cert */ 00621 int CyaSSL_get_chain_cert_pem(X509_CHAIN*, int idx, unsigned char* buffer, 00622 int inLen, int* outLen); /* get index cert in PEM */ 00623 const unsigned char* CyaSSL_get_sessionID(const SSL_SESSION* session); 00624 00625 #ifndef _WIN32 00626 #ifndef NO_WRITEV 00627 #include <sys/uio.h> 00628 /* allow writev style writing */ 00629 int CyaSSL_writev(SSL* ssl, const struct iovec* iov, int iovcnt); 00630 #endif 00631 #endif 00632 00633 #if defined(NO_FILESYSTEM) || defined(MICRIUM) 00634 00635 int CyaSSL_CTX_load_verify_buffer(SSL_CTX*, const unsigned char*, long, int); 00636 int CyaSSL_CTX_use_certificate_buffer(SSL_CTX*, const unsigned char*, long,int); 00637 int CyaSSL_CTX_use_PrivateKey_buffer(SSL_CTX*, const unsigned char*, long, int); 00638 int CyaSSL_CTX_use_certificate_chain_buffer(SSL_CTX*,const unsigned char*,long); 00639 00640 #endif /* NO_FILESYSTEM || MICRIUM */ 00641 00642 00643 /* I/O callbacks */ 00644 typedef int (*CallbackIORecv)(char *buf, int sz, void *ctx); 00645 typedef int (*CallbackIOSend)(char *buf, int sz, void *ctx); 00646 00647 void CyaSSL_SetIORecv(SSL_CTX*, CallbackIORecv); 00648 void CyaSSL_SetIOSend(SSL_CTX*, CallbackIOSend); 00649 00650 void CyaSSL_SetIOReadCtx(SSL* ssl, void *ctx); 00651 void CyaSSL_SetIOWriteCtx(SSL* ssl, void *ctx); 00652 00653 00654 #ifdef CYASSL_CALLBACKS 00655 00656 /* used internally by CyaSSL while OpenSSL types aren't */ 00657 #include "cyassl_callbacks.h" 00658 00659 typedef int (*HandShakeCallBack)(HandShakeInfo*); 00660 typedef int (*TimeoutCallBack)(TimeoutInfo*); 00661 00662 /* CyaSSL connect extension allowing HandShakeCallBack and/or TimeoutCallBack 00663 for diagnostics */ 00664 int CyaSSL_connect_ex(SSL*, HandShakeCallBack, TimeoutCallBack, Timeval); 00665 int CyaSSL_accept_ex(SSL*, HandShakeCallBack, TimeoutCallBack, Timeval); 00666 00667 #endif /* CYASSL_CALLBACKS */ 00668 00669 00670 #ifdef __cplusplus 00671 } /* extern "C" */ 00672 #endif 00673 00674 00675 #endif /* CyaSSL_openssl_h__ */
Generated on Tue Jul 12 2022 18:43:19 by
1.7.2