1 /* 2 * Copyright (C) 2007 Red Hat, Inc. 3 * 4 * Permission is hereby granted, free of charge, to any person obtaining a 5 * copy of this software and associated documentation files (the 6 * "Software"), to deal in the Software without restriction, including 7 * without limitation the rights to use, copy, modify, merge, publish, 8 * distribute, sublicense, and/or sell copies of the Software, and to 9 * permit persons to whom the Software is furnished to do so, subject 10 * to the following conditions: 11 * 12 * The above copyright notice and this permission notice shall be 13 * included in all copies or substantial portions of the Software. 14 * 15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 22 * SOFTWARE. 23 */ 24 25 #ifndef NSS_COMPAT_OSSL_H 26 #define NSS_COMPAT_OSSL_H 1 27 28 #undef HAVE_OPENSSL 29 #undef HAVE_OSSL_ENGINE_H 30 31 #include <nspr.h> 32 #include <nss.h> 33 #include <pk11pub.h> 34 #include <sechash.h> 35 #include <ssl.h> 36 #include <base64.h> 37 #include <keyhi.h> 38 #include <sslproto.h> 39 #include <pk11func.h> 40 #include <cert.h> 41 42 #include <secerr.h> 43 #include <sslerr.h> 44 45 46 /* extra stuff we made up ... */ 47 48 #define SSLeay_version(x) "nss-3.11.4" /* FIXME: hack job */ 49 #define SSLEAY_VERSION_NUMBER 0x0922 50 #define OPENSSL_VERSION_NUMBER 0x0090802fL 51 #define NO_RSA 1 /* FIXME: ? */ 52 #define USE_NSS 1 /* FIXME: autoconf? */ 53 54 #define PEM_BUFSIZE 1024 55 56 /* FIXME: need to map from SSL -> SSL_CTX */ 57 #define OSSL_SSL2CTX(x) ((SSL_CTX *)NULL) 58 #define OSSL_X509_STORE_CTX2CERT(x) NULL 59 #define OSSL_X509_STORE_CTX2ERROR_DEPTH(x) 0 60 #define OSSL_X509_STORE_CTX2ERROR(x) NULL 61 #define OSSL_X509_REVOKED2SERIAL_NUMBER(x) NULL 62 63 /* defs. mapping... */ 64 #define CRYPTO_LOCK 1 65 #define CRYPTO_NUM_LOCKS 1 66 67 /* hack: PR uses PR_SHUTDOWN_BOTH instead of Or'ig the flags... *sigh */ 68 #define SSL_SENT_SHUTDOWN 0x1 /* PR_SHUTDOWN_SEND */ 69 #define SSL_RECEIVED_SHUTDOWN 0x2 /* PR_SHUTDOWN_RCV */ 70 71 #define SSL_ERROR_NONE 0 72 #define SSL_ERROR_WANT_WRITE 1 73 #define SSL_ERROR_WANT_READ 2 74 #define SSL_ERROR_WANT_X509_LOOKUP 3 75 #define SSL_ERROR_SYSCALL 4 76 #define SSL_ERROR_ZERO_RETURN 5 77 #define SSL_ERROR_SSL 6 78 79 #define SSL_DEFAULT_CIPHER_LIST "RSA" 80 81 #define SSL_VERIFY_NONE 0 82 #define SSL_VERIFY_PEER 1 83 #define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 2 84 #define SSL_VERIFY_CLIENT_ONCE 4 85 86 #define SSL_CB_LOOP 0x01 87 #define SSL_CB_EXIT 0x02 88 #define SSL_CB_READ 0x04 89 #define SSL_CB_WRITE 0x08 90 #define SSL_CB_ALERT 0x10 91 #define SSL_CB_HANDSHAKE_DONE 0x20 92 93 94 #define SSL_SESS_CACHE_BOTH 1 95 96 #define X509_FILETYPE_PEM 1 97 #define X509_FILETYPE_ASN1 2 98 #define X509_FILETYPE_ENGINE 3 99 #define X509_FILETYPE_PKCS12 4 100 101 #define SSL_FILETYPE_PEM X509_FILETYPE_PEM 102 #define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1 103 #define SSL_FILETYPE_ENGINE X509_FILETYPE_ENGINE 104 #define SSL_FILETYPE_PKCS12 X509_FILETYPE_PKCS12 105 106 /* FIXME: These are ignored */ 107 #define SSL_MODE_ENABLE_PARTIAL_WRITE 1 108 #define SSL_MODE_AUTO_RETRY 2 109 110 #define SSL_ST_OK 0x01 111 #define SSL_ST_CONNECT 0x02 112 #define SSL_ST_ACCEPT 0x04 113 114 #define X509_LU_X509 1 115 #define X509_LU_CRL 2 116 117 #define X509_V_OK SEC_ERROR_CERT_VALID 118 #define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT SEC_ERROR_UNKNOWN_ISSUER 119 #define X509_V_ERR_UNABLE_TO_GET_CRL SEC_ERROR_CRL_NOT_FOUND 120 #define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE SEC_ERROR_BAD_SIGNATURE 121 #define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE SEC_ERROR_CRL_BAD_SIGNATURE 122 #define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY SEC_ERROR_INVALID_KEY 123 #define X509_V_ERR_CERT_SIGNATURE_FAILURE SEC_ERROR_BAD_SIGNATURE 124 #define X509_V_ERR_CRL_SIGNATURE_FAILURE SEC_ERROR_CRL_BAD_SIGNATURE 125 #define X509_V_ERR_CERT_NOT_YET_VALID SEC_ERROR_CERT_NOT_VALID 126 #define X509_V_ERR_CERT_HAS_EXPIRED SEC_ERROR_EXPIRED_CERTIFICATE 127 #define X509_V_ERR_CRL_NOT_YET_VALID SEC_ERROR_CRL_INVALID 128 #define X509_V_ERR_CRL_HAS_EXPIRED SEC_ERROR_CRL_EXPIRED 129 #define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD SEC_ERROR_INVALID_TIME 130 #define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD SEC_ERROR_INVALID_TIME 131 #define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD SEC_ERROR_INVALID_TIME 132 #define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD SEC_ERROR_INVALID_TIME 133 #define X509_V_ERR_OUT_OF_MEM SEC_ERROR_NO_MEMORY 134 #define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT SEC_ERROR_UNTRUSTED_ISSUER 135 #define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN SEC_ERROR_UNTRUSTED_ISSUER 136 #define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY SEC_ERROR_UNKNOWN_ISSUER 137 #define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE SEC_ERROR_UNTRUSTED_CERT 138 #define X509_V_ERR_CERT_CHAIN_TOO_LONG SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID 139 #define X509_V_ERR_CERT_REVOKED SEC_ERROR_REVOKED_CERTIFICATE 140 #define X509_V_ERR_INVALID_CA SEC_ERROR_CA_CERT_INVALID 141 #define X509_V_ERR_PATH_LENGTH_EXCEEDED SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID 142 #define X509_V_ERR_INVALID_PURPOSE SEC_ERROR_CERT_USAGES_INVALID 143 #define X509_V_ERR_CERT_UNTRUSTED SEC_ERROR_UNTRUSTED_CERT 144 #define X509_V_ERR_CERT_REJECTED SEC_ERROR_CERT_NOT_VALID 145 #define X509_V_ERR_SUBJECT_ISSUER_MISMATCH SEC_ERROR_CERT_ADDR_MISMATCH 146 #define X509_V_ERR_AKID_SKID_MISMATCH SEC_ERROR_INVALID_KEY 147 #define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH SEC_ERROR_REUSED_ISSUER_AND_SERIAL 148 #define X509_V_ERR_KEYUSAGE_NO_CERTSIGN SEC_ERROR_CERT_USAGES_INVALID 149 #define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER SEC_ERROR_CRL_INVALID 150 #define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION 151 #define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN SEC_ERROR_CRL_INVALID 152 #define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION SEC_ERROR_CRL_INVALID 153 #define X509_V_ERR_INVALID_NON_CA SEC_ERROR_CERT_NOT_VALID 154 #define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE SEC_ERROR_CRL_BAD_SIGNATURE 155 #define X509_V_ERR_INVALID_EXTENSION SEC_ERROR_EXTENSION_VALUE_INVALID 156 157 #define NID_commonName SEC_OID_AVA_COMMON_NAME 158 #define NID_subject_alt_name SEC_OID_X509_SUBJECT_ALT_NAME 159 160 #define EVP_R_BAD_DECRYPT 1 161 162 /* Type mapping ... */ 163 164 #define SSL_CTX PRFileDesc 165 #define SSL PRFileDesc 166 #define SSL_METHOD PRFileDesc 167 168 #define SSL_SESSION SECItem 169 170 typedef struct x509_st 171 { 172 CERTCertificate *cert; 173 PLArenaPool *arena; 174 } X509; 175 176 typedef struct 177 { 178 X509 *current_cert; 179 SSL *ssl__; 180 int error; 181 } X509_STORE_CTX; 182 183 #define X509_OBJECT SECItem 184 #define X509_LOOKUP SECItem 185 #define X509_LOOKUP_METHOD SECItem 186 #define X509_STORE SECItem 187 #define X509_NAME CERTName 188 #define X509_REVOKED SECItem 189 #define X509_CRL SECItem 190 #define EVP_PKEY SECItem 191 192 /* 193 * BIO stuff 194 */ 195 typedef struct bio_method_st BIO_METHOD; 196 197 typedef struct bio_st 198 { 199 void *ptr; 200 BIO_METHOD *m; 201 } BIO; 202 203 struct bio_method_st 204 { 205 int type; 206 const char *name; 207 int (*bwrite) (BIO *bio, const char *data, int len); 208 int (*bread) (BIO *bio, char *data, int len); 209 int (*bputs) (BIO *bio, const char *data); 210 int (*bgets) (BIO *bio, char *data, int len); 211 int (*ctrl) (BIO *bio, int, long, void *); 212 int (*create) (BIO *bio); 213 int (*destroy)(BIO *bio); 214 }; 215 216 #define BIO_C_GET_FD 207 217 #define BIO_C_GET_PEERNAME 209 218 219 BIO *BIO_new(BIO_METHOD *); 220 int SSL_set_bio(SSL *, BIO *, BIO *); 221 222 typedef struct asn1_string_st { 223 int length; 224 int type; 225 unsigned char *data; 226 long flags; 227 } ASN1_STRING; 228 229 #define ASN1_TIME ASN1_STRING 230 #define ASN1_UTCTIME ASN1_STRING 231 #define ASN1_INTEGER ASN1_STRING 232 #define V_ASN1_UTF8STRING ASN1_STRING 233 234 /* ASN1 types */ 235 #define V_ASN1_INTEGER 1 236 #define V_ASN1_UTCTIME 2 237 238 #define STACK_OF(name) void 239 #define STACK_OF(name) void 240 #define STACK int 241 242 #define SSL_CIPHER PRFileDesc 243 244 #define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L 245 #define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L 246 #define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L 247 #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L 248 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L 249 #define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L 250 #define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L 251 #define SSL_OP_TLS_D5_BUG 0x00000100L 252 #define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L 253 #define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS 0x00000800L 254 #define SSL_OP_ALL 0x00000FF7L 255 #define SSL_OP_NO_QUERY_MTU 0x00001000L 256 #define SSL_OP_COOKIE_EXCHANGE 0x00002000L 257 #define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION 0x00010000L 258 #define SSL_OP_SINGLE_ECDH_USE 0x00080000L 259 #define SSL_OP_SINGLE_DH_USE 0x00100000L 260 #define SSL_OP_EPHEMERAL_RSA 0x00200000L 261 #define SSL_OP_CIPHER_SERVER_PREFERENCE 0x00400000L 262 #define SSL_OP_TLS_ROLLBACK_BUG 0x00800000L 263 #define SSL_OP_NO_SSLv2 0x01000000L 264 #define SSL_OP_NO_SSLv3 0x02000000L 265 #define SSL_OP_NO_TLSv1 0x04000000L 266 #define SSL_OP_PKCS1_CHECK_1 0x08000000L 267 #define SSL_OP_PKCS1_CHECK_2 0x10000000L 268 #define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L 269 #define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x40000000L 270 271 struct NSS__missing_engine_API; 272 typedef struct NSS__missing_engine_API NSS__missing_engine_API; 273 274 #define ENGINE NSS__missing_engine_API 275 276 typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata); 277 278 /* Functions ... */ 279 280 #if 0 281 BIO_METHOD *BIO_f_base64(void); 282 BIO_METHOD *BIO_s_mem(void); 283 284 BIO *BIO_new(BIO_METHOD *) 285 BIO *BIO_new(BIO_METHOD *) 286 #endif 287 288 #if 0 289 #define SSL_VERIFY_NONE 0x00 290 #define SSL_VERIFY_PEER 0x01 291 #define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02 292 #define SSL_VERIFY_CLIENT_ONCE 0x04 293 #endif 294 295 /* Library initialization */ 296 297 #define OpenSSL_add_ssl_algorithms() SSL_library_init() 298 #define SSLeay_add_ssl_algorithms() SSL_library_init() 299 #define SSLeay_add_all_algorithms() SSL_library_init() 300 301 int SSL_library_init(void); 302 303 /* SSL context handling */ 304 305 SSL_CTX *SSL_CTX_new(SSL_METHOD *passed); 306 void SSL_CTX_free(SSL_CTX *s); 307 int SSL_CTX_set_default_verify_paths (SSL_CTX * ctx); 308 int SSL_CTX_use_certificate_file (SSL_CTX * ctx, const char *certfile, 309 int type); 310 int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); 311 int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type); 312 long SSL_CTX_set_options(SSL_CTX *ctx, long mode); 313 int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str); 314 void SSL_CTX_set_verify(SSL_CTX *ctx,int mode, 315 int (*callback)(int, X509_STORE_CTX *)); 316 void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list); 317 int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, 318 const char *CApath); 319 void SSL_CTX_set_info_callback(SSL_CTX *ctx, void(*cb)()); 320 long SSL_CTX_set_session_cache_mode(SSL_CTX *c, long i); 321 int SSL_CTX_check_private_key(const SSL_CTX *ctx); 322 long SSL_CTX_set_mode(SSL_CTX *ctx, long mode); 323 void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb); 324 void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u); 325 int PEM_def_callback(char *buf, int num, int w, void *key); 326 327 /* SSL context statistics */ 328 329 long SSL_CTX_set_timeout(SSL_CTX *s, long tm); 330 long SSL_CTX_sess_number(SSL_CTX *s); 331 long SSL_CTX_sess_connect(SSL_CTX *s); 332 long SSL_CTX_sess_connect_good(SSL_CTX *s); 333 long SSL_CTX_sess_connect_renegotiate(SSL_CTX *s); 334 long SSL_CTX_sess_accept(SSL_CTX *s); 335 long SSL_CTX_sess_accept_good(SSL_CTX *s); 336 long SSL_CTX_sess_accept_renegotiate(SSL_CTX *s); 337 long SSL_CTX_sess_hits(SSL_CTX *s); 338 long SSL_CTX_sess_misses(SSL_CTX *s); 339 long SSL_CTX_sess_timeouts(SSL_CTX *s); 340 341 /* SSL structure handling */ 342 343 SSL *SSL_new(SSL_CTX *templ_s); 344 void SSL_free(SSL *s); 345 void SSL_load_error_strings(void); 346 int SSL_get_error(SSL *s, int i); 347 int SSL_set_fd(SSL *s, int fd); 348 int SSL_set_rfd(SSL *s, int fd); 349 int SSL_set_wfd(SSL *s, int fd); 350 void SSL_set_connect_state(SSL *s); 351 void SSL_set_accept_state(SSL *s); 352 void SSL_set_verify(SSL *s, int mode, 353 int (*callback)(int ok,X509_STORE_CTX *ctx)); 354 long SSL_get_verify_result(const SSL *ssl); 355 356 #define OPENSSL_free(addr) CRYPTO_free(addr) 357 void CRYPTO_free(void *); 358 void CRYPTO_cleanup_all_ex_data(void); 359 360 /* SSL basic I/O functions */ 361 362 int SSL_accept(SSL *ssl); 363 int SSL_connect(SSL *ssl); 364 int SSL_pending(SSL *s); 365 int SSL_read(SSL *, void *, int); 366 int SSL_write(SSL *, const void *, int); 367 int SSL_shutdown(SSL *s); 368 int SSL_get_shutdown(SSL *s); 369 int SSL_set_shutdown(SSL *ssl, int flags); 370 int SSL_want(SSL *s); 371 int SSL_peek(SSL *ssl, void *buf, int num); 372 373 #define SSL_NOTHING 1 374 #define SSL_WRITING 2 375 #define SSL_READING 3 376 #define SSL_X509_LOOKUP 4 377 378 #define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING) 379 #define SSL_want_read(s) (SSL_want(s) == SSL_READING) 380 #define SSL_want_write(s) (SSL_want(s) == SSL_WRITING) 381 #define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP) 382 383 /* SSL_METHOD */ 384 385 SSL_METHOD *SSLv2_client_method(void); 386 SSL_METHOD *SSLv3_client_method(void); 387 SSL_METHOD *SSLv23_client_method(void); 388 SSL_METHOD *TLSv1_client_method(void); 389 SSL_METHOD *SSLv2_server_method(void); 390 SSL_METHOD *SSLv23_server_method(void); 391 SSL_METHOD *SSLv3_server_method(void); 392 SSL_METHOD *TLSv1_server_method(void); 393 394 /* Cipher functions */ 395 396 SSL_CIPHER *SSL_get_current_cipher(SSL *s); 397 void SSL_CIPHER_description(SSL_CIPHER *c, char *s, int len); 398 const char *SSL_CIPHER_get_name(SSL_CIPHER *c); 399 int SSL_CIPHER_get_bits(SSL_CIPHER *c, int *bits); 400 char *SSL_CIPHER_get_version(SSL_CIPHER *c); 401 #define SSL_get_cipher(s) \ 402 SSL_CIPHER_get_name(SSL_get_current_cipher(s)) 403 #define SSL_get_cipher_name(s) \ 404 SSL_CIPHER_get_name(SSL_get_current_cipher(s)) 405 #define SSL_get_cipher_bits(s,np) \ 406 SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np) 407 #define SSL_get_cipher_version(s) \ 408 SSL_CIPHER_get_version(SSL_get_current_cipher(s)) 409 410 411 /* X509 */ 412 #define X509_L_FILE_LOAD 1 413 #define X509_L_ADD_DIR 2 414 415 #define X509_LU_X509 1 416 417 X509 *d2i_X509(void *reserved, unsigned char **data, int len); 418 X509_NAME *X509_get_issuer_name(X509 *x); 419 X509_NAME *X509_get_subject_name(X509 *x); 420 void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx); 421 ASN1_TIME *X509_get_notBefore(X509 *x); 422 ASN1_TIME *X509_get_notAfter(X509 *x); 423 ASN1_INTEGER * X509_get_serialNumber(X509 *x); 424 char *i2s_ASN1_INTEGER(void *, ASN1_INTEGER *); 425 X509 *SSL_get_certificate(SSL *ssl); 426 X509 *SSL_get_peer_certificate(SSL *s); 427 const char *X509_verify_cert_error_string(long n); 428 int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf,int len); 429 430 #define X509_LOOKUP_load_file(x,name,type) \ 431 X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL) 432 433 #define X509_LOOKUP_add_dir(x,name,type) \ 434 X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL) 435 436 X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); 437 int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name, 438 X509_OBJECT *ret); 439 int SSL_get_ex_data_X509_STORE_CTX_idx(void); 440 void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx); 441 442 /* Other */ 443 444 STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); 445 446 void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list); 447 448 char *X509_NAME_oneline(X509_NAME *x, char *s, int len); 449 void X509_free(X509 *x); 450 char *SSL_get_version(SSL *ssl); 451 int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, 452 const char *CApath); 453 454 /* Error handling */ 455 456 #define ERR_GET_REASON(l) (int)((l)&0xfffL) 457 unsigned long ERR_get_error(void); 458 char *ERR_error_string(unsigned long e, char *buf); 459 char *ERR_error_string_n(unsigned long e, char *buf, size_t len); 460 unsigned long ERR_peek_error(void); 461 unsigned long ERR_peek_last_error(void); 462 void ERR_remove_state(unsigned long pid); 463 void ERR_free_strings(void); 464 void EVP_cleanup(void); 465 466 /* Callback types for crypto.h */ 467 468 typedef struct crypto_ex_data_st CRYPTO_EX_DATA; 469 470 struct crypto_ex_data_st 471 { 472 void *sk; 473 int dummy; /* gcc is screwing up this data structure :-( */ 474 }; 475 476 typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, 477 int idx, long argl, void *argp); 478 typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, 479 int idx, long argl, void *argp); 480 typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, 481 int idx, long argl, void *argp); 482 483 484 int SSL_set_ex_data(SSL *ssl,int idx,void *data); 485 void *SSL_get_ex_data(const SSL *ssl,int idx); 486 int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 487 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); 488 489 int SSL_set_session_id_context(SSL *ssl, 490 const unsigned char *sid_ctx, 491 unsigned int sid_ctx_len); 492 493 SSL_SESSION *SSL_get_session(SSL *ssl); 494 #define SSL_get0_session(s) SSL_get_session(s) 495 #define SSL_get1_session(s) SSL_get_session(s) 496 int SSL_set_session(SSL *to, SSL_SESSION *session); 497 long SSL_session_reused(SSL *s); 498 void SSL_SESSION_free(SSL_SESSION *sess); 499 500 #if 0 501 int ENGINE_init(ENGINE *); 502 503 void ENGINE_register_all_complete(void); 504 505 int ENGINE_set_default(ENGINE *, int); 506 507 ENGINE *ENGINE_by_id(const char *); 508 509 int ENGINE_ctrl_cmd_string(ENGINE *, const char *, const char *, const char *); 510 511 void ENGINE_finish(ENGINE *); 512 void ENGINE_free(ENGINE *); 513 #endif 514 515 const char *SSL_alert_type_string_long(int value); 516 const char *SSL_alert_desc_string_long(int value); 517 518 const char *SSL_state_string_long(const SSL *s); 519 520 void CRYPTO_set_id_callback(unsigned long (*func)(void)); 521 void CRYPTO_set_locking_callback(void (*func)(int mode,int type, 522 const char *file, int line)); 523 524 /* RNG */ 525 526 #define RAND_bytes(b,n) PK11_GenerateRandom(b,n) 527 #define RAND_pseudo_bytes(b,n) PK11_GenerateRandom(b,n) 528 void RAND_add(const void *buf, int num, double entropy); 529 int RAND_status(void); 530 void RAND_seed(const void *buf, int num); 531 int RAND_load_file(const char *file, long max_bytes); 532 int RAND_write_file(const char *file); 533 const char *RAND_file_name(char *file, size_t num); 534 int RAND_egd(const char *path); 535 536 const char *nss_error(int error); 537 538 /* ASN1 funcs */ 539 unsigned char * ASN1_STRING_data(ASN1_STRING *x); 540 int ASN1_STRING_type(ASN1_STRING *x); 541 int ASN1_STRING_length(ASN1_STRING *x); 542 543 #endif /* NSS_COMPAT_OSSL_H */ 544