From 1d1d4d5a877f09f4affb085bbab425afb4de727b Mon Sep 17 00:00:00 2001 From: Les De Ridder Date: Thu, 2 May 2019 02:21:06 +0200 Subject: [PATCH] Use rdmd so the bot can be used as a script --- deimos/openssl/_d_util.d | 17 + deimos/openssl/aes.d | 140 ++ deimos/openssl/asn1.d | 1430 ++++++++++++ deimos/openssl/asn1_mac.d | 577 +++++ deimos/openssl/asn1t.d | 961 ++++++++ deimos/openssl/bio.d | 838 +++++++ deimos/openssl/blowfish.d | 124 ++ deimos/openssl/bn.d | 908 ++++++++ deimos/openssl/buffer.d | 114 + deimos/openssl/camellia.d | 125 ++ deimos/openssl/cast_.d | 101 + deimos/openssl/cmac.d | 78 + deimos/openssl/cms.d | 506 +++++ deimos/openssl/comp.d | 75 + deimos/openssl/conf.d | 258 +++ deimos/openssl/conf_api.d | 83 + deimos/openssl/crypto.d | 605 +++++ deimos/openssl/des.d | 236 ++ deimos/openssl/des_old.d | 440 ++++ deimos/openssl/dh.d | 280 +++ deimos/openssl/dsa.d | 327 +++ deimos/openssl/dso.d | 405 ++++ deimos/openssl/dtls1.d | 290 +++ deimos/openssl/e_os2.d | 64 + deimos/openssl/ebcdic.d | 16 + deimos/openssl/ec.d | 1155 ++++++++++ deimos/openssl/ecdh.d | 120 + deimos/openssl/ecdsa.d | 255 +++ deimos/openssl/engine.d | 850 +++++++ deimos/openssl/err.d | 391 ++++ deimos/openssl/evp.d | 1408 ++++++++++++ deimos/openssl/hmac.d | 104 + deimos/openssl/idea.d | 98 + deimos/openssl/krb5_asn.d | 252 +++ deimos/openssl/kssl.d | 194 ++ deimos/openssl/lhash.d | 242 ++ deimos/openssl/md4.d | 116 + deimos/openssl/md5.d | 116 + deimos/openssl/mdc2.d | 91 + deimos/openssl/modes.d | 141 ++ deimos/openssl/obj_mac.d | 4033 ++++++++++++++++++++++++++++++++++ deimos/openssl/objects.d | 1149 ++++++++++ deimos/openssl/ocsp.d | 624 ++++++ deimos/openssl/opensslconf.d | 233 ++ deimos/openssl/opensslv.d | 113 + deimos/openssl/ossl_typ.d | 242 ++ deimos/openssl/pem.d | 650 ++++++ deimos/openssl/pem2.d | 65 + deimos/openssl/pkcs12.d | 330 +++ deimos/openssl/pkcs7.d | 500 +++++ deimos/openssl/pqueue.d | 94 + deimos/openssl/rand.d | 148 ++ deimos/openssl/rc2.d | 97 + deimos/openssl/rc4.d | 84 + deimos/openssl/ripemd.d | 103 + deimos/openssl/rsa.d | 588 +++++ deimos/openssl/safestack.d | 2599 ++++++++++++++++++++++ deimos/openssl/seed.d | 134 ++ deimos/openssl/sha.d | 219 ++ deimos/openssl/srp.d | 167 ++ deimos/openssl/srtp.d | 139 ++ deimos/openssl/ssl.d | 2652 ++++++++++++++++++++++ deimos/openssl/ssl2.d | 270 +++ deimos/openssl/ssl23.d | 79 + deimos/openssl/ssl3.d | 690 ++++++ deimos/openssl/stack.d | 168 ++ deimos/openssl/symhacks.d | 64 + deimos/openssl/tls1.d | 763 +++++++ deimos/openssl/ts.d | 854 +++++++ deimos/openssl/txt_db.d | 105 + deimos/openssl/ui.d | 379 ++++ deimos/openssl/ui_compat.d | 76 + deimos/openssl/whrlpool.d | 36 + deimos/openssl/x509.d | 1297 +++++++++++ deimos/openssl/x509_vfy.d | 573 +++++ deimos/openssl/x509v3.d | 1039 +++++++++ dub.sdl | 6 - dub.selections.json | 6 - source/app.d => ircbot.d | 4 +- 79 files changed, 35890 insertions(+), 13 deletions(-) create mode 100644 deimos/openssl/_d_util.d create mode 100644 deimos/openssl/aes.d create mode 100644 deimos/openssl/asn1.d create mode 100644 deimos/openssl/asn1_mac.d create mode 100644 deimos/openssl/asn1t.d create mode 100644 deimos/openssl/bio.d create mode 100644 deimos/openssl/blowfish.d create mode 100644 deimos/openssl/bn.d create mode 100644 deimos/openssl/buffer.d create mode 100644 deimos/openssl/camellia.d create mode 100644 deimos/openssl/cast_.d create mode 100644 deimos/openssl/cmac.d create mode 100644 deimos/openssl/cms.d create mode 100644 deimos/openssl/comp.d create mode 100644 deimos/openssl/conf.d create mode 100644 deimos/openssl/conf_api.d create mode 100644 deimos/openssl/crypto.d create mode 100644 deimos/openssl/des.d create mode 100644 deimos/openssl/des_old.d create mode 100644 deimos/openssl/dh.d create mode 100644 deimos/openssl/dsa.d create mode 100644 deimos/openssl/dso.d create mode 100644 deimos/openssl/dtls1.d create mode 100644 deimos/openssl/e_os2.d create mode 100644 deimos/openssl/ebcdic.d create mode 100644 deimos/openssl/ec.d create mode 100644 deimos/openssl/ecdh.d create mode 100644 deimos/openssl/ecdsa.d create mode 100644 deimos/openssl/engine.d create mode 100644 deimos/openssl/err.d create mode 100644 deimos/openssl/evp.d create mode 100644 deimos/openssl/hmac.d create mode 100644 deimos/openssl/idea.d create mode 100644 deimos/openssl/krb5_asn.d create mode 100644 deimos/openssl/kssl.d create mode 100644 deimos/openssl/lhash.d create mode 100644 deimos/openssl/md4.d create mode 100644 deimos/openssl/md5.d create mode 100644 deimos/openssl/mdc2.d create mode 100644 deimos/openssl/modes.d create mode 100644 deimos/openssl/obj_mac.d create mode 100644 deimos/openssl/objects.d create mode 100644 deimos/openssl/ocsp.d create mode 100644 deimos/openssl/opensslconf.d create mode 100644 deimos/openssl/opensslv.d create mode 100644 deimos/openssl/ossl_typ.d create mode 100644 deimos/openssl/pem.d create mode 100644 deimos/openssl/pem2.d create mode 100644 deimos/openssl/pkcs12.d create mode 100644 deimos/openssl/pkcs7.d create mode 100644 deimos/openssl/pqueue.d create mode 100644 deimos/openssl/rand.d create mode 100644 deimos/openssl/rc2.d create mode 100644 deimos/openssl/rc4.d create mode 100644 deimos/openssl/ripemd.d create mode 100644 deimos/openssl/rsa.d create mode 100644 deimos/openssl/safestack.d create mode 100644 deimos/openssl/seed.d create mode 100644 deimos/openssl/sha.d create mode 100644 deimos/openssl/srp.d create mode 100644 deimos/openssl/srtp.d create mode 100644 deimos/openssl/ssl.d create mode 100644 deimos/openssl/ssl2.d create mode 100644 deimos/openssl/ssl23.d create mode 100644 deimos/openssl/ssl3.d create mode 100644 deimos/openssl/stack.d create mode 100644 deimos/openssl/symhacks.d create mode 100644 deimos/openssl/tls1.d create mode 100644 deimos/openssl/ts.d create mode 100644 deimos/openssl/txt_db.d create mode 100644 deimos/openssl/ui.d create mode 100644 deimos/openssl/ui_compat.d create mode 100644 deimos/openssl/whrlpool.d create mode 100644 deimos/openssl/x509.d create mode 100644 deimos/openssl/x509_vfy.d create mode 100644 deimos/openssl/x509v3.d delete mode 100644 dub.sdl delete mode 100644 dub.selections.json rename source/app.d => ircbot.d (99%) mode change 100644 => 100755 diff --git a/deimos/openssl/_d_util.d b/deimos/openssl/_d_util.d new file mode 100644 index 0000000..04dd352 --- /dev/null +++ b/deimos/openssl/_d_util.d @@ -0,0 +1,17 @@ +module deimos.openssl._d_util; + +public import core.stdc.config; +version (OPENSSL_NO_FP_API) {} else { public import core.stdc.stdio; } + +package: + +// Very boiled down version because we cannot use std.traits without causing +// DMD to create a ModuleInfo reference for _d_util, which would require users +// to include the Deimos files in the build. +template ExternC(T) if (is(typeof(*(T.init)) P == function)) { + static if (is(typeof(*(T.init)) R == return)) { + static if (is(typeof(*(T.init)) P == function)) { + alias extern(C) R function(P) ExternC; + } + } +} diff --git a/deimos/openssl/aes.d b/deimos/openssl/aes.d new file mode 100644 index 0000000..90c0c8b --- /dev/null +++ b/deimos/openssl/aes.d @@ -0,0 +1,140 @@ +/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */ +/* ==================================================================== + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + */ + +module deimos.openssl.aes; + +import deimos.openssl._d_util; + +public import deimos.openssl.opensslconf; + +version (OPENSSL_NO_AES) { + static assert(false, "AES is disabled."); +} + +import core.stdc.config; + +enum AES_ENCRYPT = 1; +enum AES_DECRYPT = 0; + +/* Because array size can't be a const in C, the following two are macros. + Both sizes are in bytes. */ +enum AES_MAXNR = 14; +enum AES_BLOCK_SIZE = 16; + +extern (C): +nothrow: + +/* This should be a hidden type, but EVP requires that the size be known */ +struct aes_key_st { +version (AES_LONG) { + c_ulong[4* (AES_MAXNR + 1)] rd_key; +} else { + uint[4* (AES_MAXNR + 1)] rd_key; +} + int rounds; +}; +alias aes_key_st AES_KEY; + +const(char)* AES_options(); + +int AES_set_encrypt_key(const(ubyte)* userKey, const int bits, + AES_KEY* key); +int AES_set_decrypt_key(const(ubyte)* userKey, const int bits, + AES_KEY* key); + +int private_AES_set_encrypt_key(const(ubyte)* userKey, const int bits, + AES_KEY *key); +int private_AES_set_decrypt_key(const(ubyte)* userKey, const int bits, + AES_KEY *key); + +void AES_encrypt(const(ubyte)* in_, ubyte* out_, + const(AES_KEY)* key); +void AES_decrypt(const(ubyte)* in_, ubyte* out_, + const(AES_KEY)* key); + +void AES_ecb_encrypt(const(ubyte)* in_, ubyte* out_, + const(AES_KEY)* key, const int enc); +void AES_cbc_encrypt(const(ubyte)* in_, ubyte* out_, + size_t length, const(AES_KEY)* key, + ubyte* ivec, const int enc); +void AES_cfb128_encrypt(const(ubyte)* in_, ubyte* out_, + size_t length, const(AES_KEY)* key, + ubyte* ivec, int* num, const int enc); +void AES_cfb1_encrypt(const(ubyte)* in_, ubyte* out_, + size_t length, const(AES_KEY)* key, + ubyte* ivec, int* num, const int enc); +void AES_cfb8_encrypt(const(ubyte)* in_, ubyte* out_, + size_t length, const(AES_KEY)* key, + ubyte* ivec, int* num, const int enc); +void AES_ofb128_encrypt(const(ubyte)* in_, ubyte* out_, + size_t length, const(AES_KEY)* key, + ubyte* ivec, int* num); +void AES_ctr128_encrypt(const(ubyte)* in_, ubyte* out_, + size_t length, const(AES_KEY)* key, + ubyte[AES_BLOCK_SIZE] ivec, + ubyte[AES_BLOCK_SIZE] ecount_buf, + uint* num); +/* NB: the IV is _two_ blocks long */ +void AES_ige_encrypt(const(ubyte)* in_, ubyte* out_, + size_t length, const(AES_KEY)* key, + ubyte* ivec, const int enc); +/* NB: the IV is _four_ blocks long */ +void AES_bi_ige_encrypt(const(ubyte)* in_, ubyte* out_, + size_t length, const(AES_KEY)* key, + const(AES_KEY)* key2, const(ubyte)* ivec, + const int enc); + +int AES_wrap_key(AES_KEY* key, const(ubyte)* iv, + ubyte* out_, + const(ubyte)* in_, uint inlen); +int AES_unwrap_key(AES_KEY* key, const(ubyte)* iv, + ubyte* out_, + const(ubyte)* in_, uint inlen); diff --git a/deimos/openssl/asn1.d b/deimos/openssl/asn1.d new file mode 100644 index 0000000..9482fda --- /dev/null +++ b/deimos/openssl/asn1.d @@ -0,0 +1,1430 @@ +/* crypto/asn1/asn1.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.asn1; + +import deimos.openssl._d_util; + +import deimos.openssl.asn1t; // Needed for ASN1_ITEM_st. + +import core.stdc.time; +public import deimos.openssl.e_os2; +version(OPENSSL_NO_BIO) {} else { +public import deimos.openssl.bio; +} +public import deimos.openssl.stack; +public import deimos.openssl.safestack; + +public import deimos.openssl.symhacks; + +public import deimos.openssl.ossl_typ; +version(OPENSSL_NO_DEPRECATED) {} else { +public import deimos.openssl.bn; +} + + +extern (C): +nothrow: + +enum V_ASN1_UNIVERSAL = 0x00; +enum V_ASN1_APPLICATION = 0x40; +enum V_ASN1_CONTEXT_SPECIFIC = 0x80; +enum V_ASN1_PRIVATE = 0xc0; + +enum V_ASN1_CONSTRUCTED = 0x20; +enum V_ASN1_PRIMITIVE_TAG = 0x1f; +enum V_ASN1_PRIMATIVE_TAG = 0x1f; + +enum V_ASN1_APP_CHOOSE = -2; /* let the recipient choose */ +enum V_ASN1_OTHER = -3; /* used in ASN1_TYPE */ +enum V_ASN1_ANY = -4; /* used in ASN1 template code */ + +enum V_ASN1_NEG = 0x100; /* negative flag */ + +enum V_ASN1_UNDEF = -1; +enum V_ASN1_EOC = 0; +enum V_ASN1_BOOLEAN = 1; /**/ +enum V_ASN1_INTEGER = 2; +enum V_ASN1_NEG_INTEGER = (2 | V_ASN1_NEG); +enum V_ASN1_BIT_STRING = 3; +enum V_ASN1_OCTET_STRING = 4; +enum V_ASN1_NULL = 5; +enum V_ASN1_OBJECT = 6; +enum V_ASN1_OBJECT_DESCRIPTOR = 7; +enum V_ASN1_EXTERNAL = 8; +enum V_ASN1_REAL = 9; +enum V_ASN1_ENUMERATED = 10; +enum V_ASN1_NEG_ENUMERATED = (10 | V_ASN1_NEG); +enum V_ASN1_UTF8STRING = 12; +enum V_ASN1_SEQUENCE = 16; +enum V_ASN1_SET = 17; +enum V_ASN1_NUMERICSTRING = 18; /**/ +enum V_ASN1_PRINTABLESTRING = 19; +enum V_ASN1_T61STRING = 20; +enum V_ASN1_TELETEXSTRING = 20; /* alias */ +enum V_ASN1_VIDEOTEXSTRING = 21; /**/ +enum V_ASN1_IA5STRING = 22; +enum V_ASN1_UTCTIME = 23; +enum V_ASN1_GENERALIZEDTIME = 24; /**/ +enum V_ASN1_GRAPHICSTRING = 25; /**/ +enum V_ASN1_ISO64STRING = 26; /**/ +enum V_ASN1_VISIBLESTRING = 26; /* alias */ +enum V_ASN1_GENERALSTRING = 27; /**/ +enum V_ASN1_UNIVERSALSTRING = 28; /**/ +enum V_ASN1_BMPSTRING = 30; + +/* For use with d2i_ASN1_type_bytes() */ +enum B_ASN1_NUMERICSTRING = 0x0001; +enum B_ASN1_PRINTABLESTRING = 0x0002; +enum B_ASN1_T61STRING = 0x0004; +enum B_ASN1_TELETEXSTRING = 0x0004; +enum B_ASN1_VIDEOTEXSTRING = 0x0008; +enum B_ASN1_IA5STRING = 0x0010; +enum B_ASN1_GRAPHICSTRING = 0x0020; +enum B_ASN1_ISO64STRING = 0x0040; +enum B_ASN1_VISIBLESTRING = 0x0040; +enum B_ASN1_GENERALSTRING = 0x0080; +enum B_ASN1_UNIVERSALSTRING = 0x0100; +enum B_ASN1_OCTET_STRING = 0x0200; +enum B_ASN1_BIT_STRING = 0x0400; +enum B_ASN1_BMPSTRING = 0x0800; +enum B_ASN1_UNKNOWN = 0x1000; +enum B_ASN1_UTF8STRING = 0x2000; +enum B_ASN1_UTCTIME = 0x4000; +enum B_ASN1_GENERALIZEDTIME = 0x8000; +enum B_ASN1_SEQUENCE = 0x10000; + +/* For use with ASN1_mbstring_copy() */ +enum MBSTRING_FLAG = 0x1000; +enum MBSTRING_UTF8 = (MBSTRING_FLAG); +enum MBSTRING_ASC = (MBSTRING_FLAG|1); +enum MBSTRING_BMP = (MBSTRING_FLAG|2); +enum MBSTRING_UNIV = (MBSTRING_FLAG|4); + +enum SMIME_OLDMIME = 0x400; +enum SMIME_CRLFEOL = 0x800; +enum SMIME_STREAM = 0x1000; + +/+mixin DECLARE_STACK_OF!(X509_ALGOR);+/ + +mixin template DECLARE_ASN1_SET_OF(type) {} /* filled in by mkstack.pl */ +mixin template IMPLEMENT_ASN1_SET_OF(type) {} /* nothing, no longer needed */ + +/* We MUST make sure that, except for constness, asn1_ctx_st and + asn1_const_ctx are exactly the same. Fortunately, as soon as + the old ASN1 parsing macros are gone, we can throw this away + as well... */ +struct asn1_ctx_st { + ubyte* p;/* work char pointer */ + int eos; /* end of sequence read for indefinite encoding */ + int error; /* error code to use when returning an error */ + int inf; /* constructed if 0x20, indefinite is 0x21 */ + int tag; /* tag from last 'get object' */ + int xclass; /* class from last 'get object' */ + c_long slen; /* length of last 'get object' */ + ubyte* max; /* largest value of p allowed */ + ubyte* q;/* temporary variable */ + ubyte** pp;/* variable */ + int line; /* used in error processing */ + } +alias asn1_ctx_st ASN1_CTX; + +struct asn1_const_ctx_st { + const(ubyte)* p;/* work char pointer */ + int eos; /* end of sequence read for indefinite encoding */ + int error; /* error code to use when returning an error */ + int inf; /* constructed if 0x20, indefinite is 0x21 */ + int tag; /* tag from last 'get object' */ + int xclass; /* class from last 'get object' */ + c_long slen; /* length of last 'get object' */ + const(ubyte)* max; /* largest value of p allowed */ + const(ubyte)* q;/* temporary variable */ + const(ubyte)** pp;/* variable */ + int line; /* used in error processing */ + } +alias asn1_const_ctx_st ASN1_const_CTX; + +/* These are used internally in the ASN1_OBJECT to keep track of + * whether the names and data need to be free()ed */ +enum ASN1_OBJECT_FLAG_DYNAMIC = 0x01; /* internal use */ +enum ASN1_OBJECT_FLAG_CRITICAL = 0x02; /* critical x509v3 object id */ +enum ASN1_OBJECT_FLAG_DYNAMIC_STRINGS = 0x04; /* internal use */ +enum ASN1_OBJECT_FLAG_DYNAMIC_DATA = 0x08; /* internal use */ +struct asn1_object_st { + const(char)* sn,ln; + int nid; + int length; + const(ubyte)* data; /* data remains const after init */ + int flags; /* Should we free this one */ + } +alias asn1_object_st ASN1_OBJECT; + +enum ASN1_STRING_FLAG_BITS_LEFT = 0x08; /* Set if 0x07 has bits left value */ +/* This indicates that the ASN1_STRING is not a real value but just a place + * holder for the location where indefinite length constructed data should + * be inserted in the memory buffer + */ +enum ASN1_STRING_FLAG_NDEF = 0x010; + +/* This flag is used by the CMS code to indicate that a string is not + * complete and is a place holder for content when it had all been + * accessed. The flag will be reset when content has been written to it. + */ + +enum ASN1_STRING_FLAG_CONT = 0x020; +/* This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING + * type. + */ +enum ASN1_STRING_FLAG_MSTRING = 0x040; +/* This is the base type that holds just about everything :-) */ +struct asn1_string_st { + int length; + int type; + ubyte* data; + /* The value of the following field depends on the type being + * held. It is mostly being used for BIT_STRING so if the + * input data has a non-zero 'unused bits' value, it will be + * handled correctly */ + c_long flags; + } + +/* ASN1_ENCODING structure: this is used to save the received + * encoding of an ASN1 type. This is useful to get round + * problems with invalid encodings which can break signatures. + */ + +struct ASN1_ENCODING_st { + ubyte* enc; /* DER encoding */ + c_long len; /* Length of encoding */ + int modified; /* set to 1 if 'enc' is invalid */ + } +alias ASN1_ENCODING_st ASN1_ENCODING; + +/* Used with ASN1 LONG type: if a c_long is set to this it is omitted */ +enum ASN1_LONG_UNDEF = 0x7fffffff; + +enum STABLE_FLAGS_MALLOC = 0x01; +enum STABLE_NO_MASK = 0x02; +enum DIRSTRING_TYPE = (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING); +enum PKCS9STRING_TYPE = (DIRSTRING_TYPE|B_ASN1_IA5STRING); + +struct asn1_string_table_st { + int nid; + c_long minsize; + c_long maxsize; + c_ulong mask; + c_ulong flags; +} +alias asn1_string_table_st ASN1_STRING_TABLE; + +/+mixin DECLARE_STACK_OF!(ASN1_STRING_TABLE);+/ + +/* size limits: this stuff is taken straight from RFC2459 */ + +enum ub_name = 32768; +enum ub_common_name = 64; +enum ub_locality_name = 128; +enum ub_state_name = 128; +enum ub_organization_name = 64; +enum ub_organization_unit_name = 64; +enum ub_title = 64; +enum ub_email_address = 128; + +/* Declarations for template structures: for full definitions + * see asn1t.h + */ +alias ASN1_TEMPLATE_st ASN1_TEMPLATE; +import deimos.openssl.asn1t; /*struct ASN1_TLC_st;*/ +alias ASN1_TLC_st ASN1_TLC; +/* This is just an opaque pointer */ +struct ASN1_VALUE_st; +alias ASN1_VALUE_st ASN1_VALUE; + +/* Declare ASN1 functions: the implement macro in in asn1t.h */ +// Need to use string mixins here to avoid DMD mangling extern(C) symbol names. + +template DECLARE_ASN1_FUNCTIONS(string type) { + enum DECLARE_ASN1_FUNCTIONS = DECLARE_ASN1_FUNCTIONS_name!(type, type); +} + +template DECLARE_ASN1_ALLOC_FUNCTIONS(string type) { + enum DECLARE_ASN1_ALLOC_FUNCTIONS = + DECLARE_ASN1_ALLOC_FUNCTIONS_name!(type, type); +} + +template DECLARE_ASN1_FUNCTIONS_name(string type, string name) { + enum DECLARE_ASN1_FUNCTIONS_name = + DECLARE_ASN1_ALLOC_FUNCTIONS_name!(type, name) ~ + DECLARE_ASN1_ENCODE_FUNCTIONS!(type, name, name); +} + +template DECLARE_ASN1_FUNCTIONS_fname(string type, string itname, string name) { + enum DECLARE_ASN1_FUNCTIONS_fname = + DECLARE_ASN1_ALLOC_FUNCTIONS_name!(type, name) ~ + DECLARE_ASN1_ENCODE_FUNCTIONS!(type, itname, name); +} + +template DECLARE_ASN1_ENCODE_FUNCTIONS(string type, string itname, string name) { + enum DECLARE_ASN1_ENCODE_FUNCTIONS = " + " ~ type ~ "* d2i_" ~ name ~ "(" ~ type ~ "** a, const(ubyte)** in_, c_long len); + int i2d_" ~ name ~ "(" ~ type ~ "* a, ubyte** out_); + " ~ DECLARE_ASN1_ITEM!itname; +} + +template DECLARE_ASN1_ENCODE_FUNCTIONS_const(string type, string name) { + enum DECLARE_ASN1_ENCODE_FUNCTIONS_const = " + " ~ type ~ "* d2i_" ~ name ~ "(" ~ type ~ "** a, const(ubyte)** in_, c_long len); + int i2d_" ~ name ~ "(const(" ~ type ~ ")* a, ubyte** out_); + " ~ DECLARE_ASN1_ITEM!name; +} + +template DECLARE_ASN1_NDEF_FUNCTION(string name) { + enum DECLARE_ASN1_NDEF_FUNCTION = " + int i2d_" ~ name ~ "_NDEF(" ~ name ~ "* a, ubyte** out_); + "; +} + +template DECLARE_ASN1_FUNCTIONS_const(string name) { + enum DECLARE_ASN1_FUNCTIONS_const = + DECLARE_ASN1_ALLOC_FUNCTIONS!name ~ + DECLARE_ASN1_ENCODE_FUNCTIONS_const!(name, name); +} + +template DECLARE_ASN1_ALLOC_FUNCTIONS_name(string type, string name) { + enum DECLARE_ASN1_ALLOC_FUNCTIONS_name = " + extern(C) " ~ type ~ "* " ~ name ~ "_new(); + extern(C) void " ~ name ~ "_free(" ~ type ~ "* a); + "; +} + +template DECLARE_ASN1_PRINT_FUNCTION(string stname) { + enum DECLARE_ASN1_PRINT_FUNCTION = + DECLARE_ASN1_PRINT_FUNCTION_fname!(stname, stname); +} + +template DECLARE_ASN1_PRINT_FUNCTION_fname(string stname, string fname) { + enum DECLARE_ASN1_PRINT_FUNCTION_fname = " + int " ~ fname ~ "_print_ctx(BIO* out_, " ~ stname ~ "* x, int indent, + const(ASN1_PCTX)* pctx); + "; +} + +template D2I_OF(type) { + alias ExternC!(type* function(type**, const(ubyte)**, c_long)) D2I_OF; +} +template I2D_OF(type) { + alias ExternC!(int function(type*, ubyte**)) I2D_OF; +} +template I2D_OF_const(type) { + alias ExternC!(int function(const(type)*, ubyte**)) I2D_OF_const; +} + +d2i_of_void* CHECKED_D2I_OF(type)(D2I_OF!type d2i) { + return cast(d2i_of_void*) (1 ? d2i : null); +} +i2d_of_void* CHECKED_I2D_OF(type)(I2D_OF!type i2d) { + return cast(i2d_of_void*) (1 ? i2d : null); +} +ExternC!(type* function()) CHECKED_NEW_OF(type)(ExternC!(type* function()) xnew) { + return typeof(return)(1 ? xnew : null); +} +void* CHECKED_PTR_OF(type)(type* p) { + return cast(void*)(1 ? p : null); +} +void* CHECKED_PPTR_OF(type)(type** p) { + return cast(void**)(1 ? p : null); +} + +template TYPEDEF_D2I_OF(string type) { + enum TYPEDEF_D2I_OF = "alias typeof(D2I_OF!(" ~ type ~ ").init) d2i_of_" ~ type ~ ";"; +} +template TYPEDEF_I2D_OF(string type) { + enum TYPEDEF_I2D_OF = "alias typeof(I2D_OF!(" ~ type ~ ").init) i2d_of_" ~ type ~ ";"; +} +template TYPEDEF_D2I2D_OF(string type) { + enum TYPEDEF_D2I2D_OF = TYPEDEF_D2I_OF!type ~ TYPEDEF_I2D_OF!type; +} + +// Probably due to a DMD @@BUG@@, the types are not available to all modules +// if the mixin is used. +// mixin(TYPEDEF_D2I2D_OF!"void"); +alias typeof(*(D2I_OF!void).init) d2i_of_void; +alias typeof(*(I2D_OF!void).init) i2d_of_void; + +/* The following macros and typedefs allow an ASN1_ITEM + * to be embedded in a structure and referenced. Since + * the ASN1_ITEM pointers need to be globally accessible + * (possibly from shared libraries) they may exist in + * different forms. On platforms that support it the + * ASN1_ITEM structure itself will be globally exported. + * Other platforms will export a function that returns + * an ASN1_ITEM pointer. + * + * To handle both cases transparently the macros below + * should be used instead of hard coding an ASN1_ITEM + * pointer in a structure. + * + * The structure will look like this: + * + * struct SOMETHING_st { + * ... + * ASN1_ITEM_EXP* iptr; + * ... + * } +alias SOMETHING_st SOMETHING; + * + * It would be initialised as e.g.: + * + * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...}; + * + * and the actual pointer extracted with: + * + * const(ASN1_ITEM)* it = ASN1_ITEM_ptr(somevar.iptr); + * + * Finally an ASN1_ITEM pointer can be extracted from an + * appropriate reference with: ASN1_ITEM_rptr(X509). This + * would be used when a function takes an ASN1_ITEM* argument. + * + */ + +version (OPENSSL_EXPORT_VAR_AS_FUNCTION) { + /* Platforms that can't easily handle shared global variables are declared + * as functions returning ASN1_ITEM pointers. + */ + + /* ASN1_ITEM pointer exported type */ + alias const(ASN1_ITEM)* ASN1_ITEM_EXP; + + /* Macro to obtain ASN1_ITEM pointer from exported type */ + template ASN1_ITEM_ptr(string iptr) { + enum ASN1_ITEM_ptr = "(" ~ iptr ~ ")()"; + } + + /* Macro to include ASN1_ITEM pointer from base type */ + template ASN1_ITEM_ref(string iptr) { + enum ASN1_ITEM_ref = "(" ~ iptr ~ "_it)"; + } + + template ASN1_ITEM_rptr(string ref_) { + enum ASN1_ITEM_rptr = "(" ~ ref_ ~ "_it())"; + } + + template DECLARE_ASN1_ITEM(string name) { + enum DECLARE_ASN1_ITEM = "extern(C) const(ASN1_ITEM)* " ~ name ~ "_it();"; + } +} else { + /* ASN1_ITEM pointer exported type */ + alias const(ASN1_ITEM) ASN1_ITEM_EXP; + + /* Macro to obtain ASN1_ITEM pointer from exported type */ + template ASN1_ITEM_ptr(string iptr) { + enum ASN1_ITEM_ptr = iptr; + } + + /* Macro to include ASN1_ITEM pointer from base type */ + template ASN1_ITEM_ref(string iptr) { + enum ASN1_ITEM_ref = "(&(" ~ iptr ~ "_it))"; + } + + template ASN1_ITEM_rptr(string ref_) { + enum ASN1_ITEM_rptr = "(&(" ~ ref_ ~ "_it))"; + } + + template DECLARE_ASN1_ITEM(string name) { + enum DECLARE_ASN1_ITEM = "extern const(ASN1_ITEM) " ~ name ~ "_it;"; + } +} + +/* Parameters used by ASN1_STRING_print_ex() */ + +/* These determine which characters to escape: + * RFC2253 special characters, control characters and + * MSB set characters + */ + +enum ASN1_STRFLGS_ESC_2253 = 1; +enum ASN1_STRFLGS_ESC_CTRL = 2; +enum ASN1_STRFLGS_ESC_MSB = 4; + + +/* This flag determines how we do escaping: normally + * RC2253 backslash only, set this to use backslash and + * quote. + */ + +enum ASN1_STRFLGS_ESC_QUOTE = 8; + + +/* These three flags are internal use only. */ + +/* Character is a valid PrintableString character */ +enum CHARTYPE_PRINTABLESTRING = 0x10; +/* Character needs escaping if it is the first character */ +enum CHARTYPE_FIRST_ESC_2253 = 0x20; +/* Character needs escaping if it is the last character */ +enum CHARTYPE_LAST_ESC_2253 = 0x40; + +/* NB the internal flags are safely reused below by flags + * handled at the top level. + */ + +/* If this is set we convert all character strings + * to UTF8 first + */ + +enum ASN1_STRFLGS_UTF8_CONVERT = 0x10; + +/* If this is set we don't attempt to interpret content: + * just assume all strings are 1 byte per character. This + * will produce some pretty odd looking output! + */ + +enum ASN1_STRFLGS_IGNORE_TYPE = 0x20; + +/* If this is set we include the string type in the output */ +enum ASN1_STRFLGS_SHOW_TYPE = 0x40; + +/* This determines which strings to display and which to + * 'dump' (hex dump of content octets or DER encoding). We can + * only dump non character strings or everything. If we + * don't dump 'unknown' they are interpreted as character + * strings with 1 octet per character and are subject to + * the usual escaping options. + */ + +enum ASN1_STRFLGS_DUMP_ALL = 0x80; +enum ASN1_STRFLGS_DUMP_UNKNOWN = 0x100; + +/* These determine what 'dumping' does, we can dump the + * content octets or the DER encoding: both use the + * RFC2253 #XXXXX notation. + */ + +enum ASN1_STRFLGS_DUMP_DER = 0x200; + +/* All the string flags consistent with RFC2253, + * escaping control characters isn't essential in + * RFC2253 but it is advisable anyway. + */ + +enum ASN1_STRFLGS_RFC2253 = (ASN1_STRFLGS_ESC_2253 | + ASN1_STRFLGS_ESC_CTRL | + ASN1_STRFLGS_ESC_MSB | + ASN1_STRFLGS_UTF8_CONVERT | + ASN1_STRFLGS_DUMP_UNKNOWN | + ASN1_STRFLGS_DUMP_DER); + +/+mixin DECLARE_STACK_OF!(ASN1_INTEGER);+/ +mixin DECLARE_ASN1_SET_OF!(ASN1_INTEGER); + +/+mixin DECLARE_STACK_OF!(ASN1_GENERALSTRING);+/ + +struct asn1_type_st + { + int type; + union value_ { + char* ptr; + ASN1_BOOLEAN boolean; + ASN1_STRING* asn1_string; + ASN1_OBJECT* object; + ASN1_INTEGER* integer; + ASN1_ENUMERATED* enumerated; + ASN1_BIT_STRING* bit_string; + ASN1_OCTET_STRING* octet_string; + ASN1_PRINTABLESTRING* printablestring; + ASN1_T61STRING* t61string; + ASN1_IA5STRING* ia5string; + ASN1_GENERALSTRING* generalstring; + ASN1_BMPSTRING* bmpstring; + ASN1_UNIVERSALSTRING* universalstring; + ASN1_UTCTIME* utctime; + ASN1_GENERALIZEDTIME* generalizedtime; + ASN1_VISIBLESTRING* visiblestring; + ASN1_UTF8STRING* utf8string; + /* set and sequence are left complete and still + * contain the set or sequence bytes */ + ASN1_STRING* set; + ASN1_STRING* sequence; + ASN1_VALUE* asn1_value; + } + value_ value; + } +alias asn1_type_st ASN1_TYPE; + +/+mixin DECLARE_STACK_OF!(ASN1_TYPE);+/ +mixin DECLARE_ASN1_SET_OF!(ASN1_TYPE); + +alias STACK_OF!(ASN1_TYPE) ASN1_SEQUENCE_ANY; + +mixin(DECLARE_ASN1_ENCODE_FUNCTIONS_const!("ASN1_SEQUENCE_ANY", "ASN1_SEQUENCE_ANY")); +mixin(DECLARE_ASN1_ENCODE_FUNCTIONS_const!("ASN1_SEQUENCE_ANY", "ASN1_SET_ANY")); + +struct NETSCAPE_X509_st { + ASN1_OCTET_STRING* header; + X509* cert; + } +alias NETSCAPE_X509_st NETSCAPE_X509; + +/* This is used to contain a list of bit names */ +struct BIT_STRING_BITNAME_st { + int bitnum; + const(char)* lname; + const(char)* sname; +} +alias BIT_STRING_BITNAME_st BIT_STRING_BITNAME; + + +auto M_ASN1_STRING_length()(ASN1_STRING* x) { return x.length; } +void M_ASN1_STRING_length_set()(ASN1_STRING* x, int n) { x.length = n; } +auto M_ASN1_STRING_type()(ASN1_STRING* x) { return x.type; } +auto M_ASN1_STRING_data()(ASN1_STRING* x) { return x.data; } + +/* Macros for string operations */ +ASN1_BIT_STRING* M_ASN1_BIT_STRING_new()() { return cast(ASN1_BIT_STRING*)ASN1_STRING_type_new(V_ASN1_BIT_STRING); } +void M_ASN1_BIT_STRING_free()(ASN1_BIT_STRING* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +ASN1_BIT_STRING* M_ASN1_BIT_STRING_dup()(ASN1_BIT_STRING* a) { return cast(ASN1_BIT_STRING*)ASN1_STRING_dup(cast(ASN1_STRING*)a); } +auto M_ASN1_BIT_STRING_cmp()(const(ASN1_BIT_STRING)* a, const(ASN1_BIT_STRING)* b) { return ASN1_STRING_cmp(cast(const(ASN1_STRING)*)a, cast(const(ASN1_STRING)*)b); } +auto M_ASN1_BIT_STRING_set()(ASN1_BIT_STRING* a,const(void)* b, int c){ return ASN1_STRING_set(cast(ASN1_STRING*)a, b, c); } + +ASN1_INTEGER* M_ASN1_INTEGER_new()() { return cast(ASN1_INTEGER*)ASN1_STRING_type_new(V_ASN1_INTEGER); } +void M_ASN1_INTEGER_free()(ASN1_INTEGER* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +ASN1_INTEGER* M_ASN1_INTEGER_dup()(ASN1_INTEGER* a) { return cast(ASN1_INTEGER*)ASN1_STRING_dup(cast(ASN1_STRING*)a); } +auto M_ASN1_INTEGER_cmp()(const(ASN1_INTEGER)* a, const(ASN1_INTEGER)* b) { return ASN1_STRING_cmp(cast(const(ASN1_STRING)*)a, cast(const(ASN1_STRING)*)b); } + +ASN1_ENUMERATED* M_ASN1_ENUMERATED_new()() { return cast(ASN1_ENUMERATED*)ASN1_STRING_type_new(V_ASN1_ENUMERATED); } +void M_ASN1_ENUMERATED_free()(ASN1_ENUMERATED* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +ASN1_ENUMERATED* M_ASN1_ENUMERATED_dup()(ASN1_ENUMERATED* a) { return cast(ASN1_ENUMERATED*)ASN1_STRING_dup(cast(ASN1_STRING*)a); } +auto M_ASN1_ENUMERATED_cmp()(const(ASN1_ENUMERATED)* a, const(ASN1_ENUMERATED)* b) { return ASN1_STRING_cmp(cast(const(ASN1_STRING)*)a, cast(const(ASN1_STRING)*)b); } + +ASN1_OCTET_STRING* M_ASN1_OCTET_STRING_new()() { return cast(ASN1_OCTET_STRING*)ASN1_STRING_type_new(V_ASN1_OCTET_STRING); } +void M_ASN1_OCTET_STRING_free()(ASN1_OCTET_STRING* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +ASN1_OCTET_STRING* M_ASN1_OCTET_STRING_dup()(ASN1_OCTET_STRING* a) { return cast(ASN1_OCTET_STRING*)ASN1_STRING_dup(cast(ASN1_STRING*)a); } +auto M_ASN1_OCTET_STRING_cmp()(const(ASN1_OCTET_STRING)* a, const(ASN1_OCTET_STRING)* b) { return ASN1_STRING_cmp(cast(const(ASN1_STRING)*)a, cast(const(ASN1_STRING)*)b); } +auto M_ASN1_OCTET_STRING_set()(ASN1_OCTET_STRING* a,const(void)* b, int c){ return ASN1_STRING_set(cast(ASN1_STRING*)a, b, c); } +auto M_ASN1_OCTET_STRING_print()(BIO* a,const(ASN1_OCTET_STRING)* b) { return ASN1_STRING_print(a,cast(ASN1_STRING*)b); } +auto M_i2d_ASN1_OCTET_STRING()(const(ASN1_OCTET_STRING)* a, ubyte** pp) { return i2d_ASN1_bytes(cast(ASN1_STRING*)a,pp,V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL); } + +enum B_ASN1_TIME = + B_ASN1_UTCTIME | + B_ASN1_GENERALIZEDTIME; + +enum B_ASN1_PRINTABLE = + B_ASN1_NUMERICSTRING| + B_ASN1_PRINTABLESTRING| + B_ASN1_T61STRING| + B_ASN1_IA5STRING| + B_ASN1_BIT_STRING| + B_ASN1_UNIVERSALSTRING| + B_ASN1_BMPSTRING| + B_ASN1_UTF8STRING| + B_ASN1_SEQUENCE| + B_ASN1_UNKNOWN; + +enum B_ASN1_DIRECTORYSTRING = + B_ASN1_PRINTABLESTRING| + B_ASN1_TELETEXSTRING| + B_ASN1_BMPSTRING| + B_ASN1_UNIVERSALSTRING| + B_ASN1_UTF8STRING; + +enum B_ASN1_DISPLAYTEXT = + B_ASN1_IA5STRING| + B_ASN1_VISIBLESTRING| + B_ASN1_BMPSTRING| + B_ASN1_UTF8STRING; +/+ +auto M_ASN1_PRINTABLE_new()() { return ASN1_STRING_type_new(V_ASN1_T61STRING); } +void M_ASN1_PRINTABLE_free()(ASN1_PRINTABLE* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING*)a,\ + pp,a->type,V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_PRINTABLE(a,pp,l) \ + d2i_ASN1_type_bytes((ASN1_STRING**)a,pp,l, \ + B_ASN1_PRINTABLE) + +auto M_DIRECTORYSTRING_new()() { return ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING); } +void M_DIRECTORYSTRING_free()(DIRECTORYSTRING* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +#define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING*)a,\ + pp,a->type,V_ASN1_UNIVERSAL) +#define M_d2i_DIRECTORYSTRING(a,pp,l) \ + d2i_ASN1_type_bytes((ASN1_STRING**)a,pp,l, \ + B_ASN1_DIRECTORYSTRING) + +auto M_DISPLAYTEXT_new()() { return ASN1_STRING_type_new(V_ASN1_VISIBLESTRING); } +void M_DISPLAYTEXT_free()(DISPLAYTEXT* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +#define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING*)a,\ + pp,a->type,V_ASN1_UNIVERSAL) +#define M_d2i_DISPLAYTEXT(a,pp,l) \ + d2i_ASN1_type_bytes((ASN1_STRING**)a,pp,l, \ + B_ASN1_DISPLAYTEXT) + +ASN1_PRINTABLESTRING* M_ASN1_PRINTABLESTRING_new()() { return cast(ASN1_PRINTABLESTRING*)ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING); } +void M_ASN1_PRINTABLESTRING_free()(ASN1_PRINTABLESTRING* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +#define M_i2d_ASN1_PRINTABLESTRING(a,pp) \ + i2d_ASN1_bytes((ASN1_STRING*)a,pp,V_ASN1_PRINTABLESTRING,\ + V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \ + (ASN1_PRINTABLESTRING*)d2i_ASN1_type_bytes\ + ((ASN1_STRING**)a,pp,l,B_ASN1_PRINTABLESTRING) + +ASN1_T61STRING* M_ASN1_T61STRING_new()() { return cast(ASN1_T61STRING*)ASN1_STRING_type_new(V_ASN1_T61STRING); } +void M_ASN1_T61STRING_free()(ASN1_T61STRING* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +#define M_i2d_ASN1_T61STRING(a,pp) \ + i2d_ASN1_bytes((ASN1_STRING*)a,pp,V_ASN1_T61STRING,\ + V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_T61STRING(a,pp,l) \ + (ASN1_T61STRING*)d2i_ASN1_type_bytes\ + ((ASN1_STRING**)a,pp,l,B_ASN1_T61STRING) + +ASN1_IA5STRING* M_ASN1_IA5STRING_new()() { return cast(ASN1_IA5STRING*)ASN1_STRING_type_new(V_ASN1_IA5STRING); } +void M_ASN1_IA5STRING_free()(ASN1_IA5STRING* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +#define M_ASN1_IA5STRING_dup(a) \ + (ASN1_IA5STRING*)ASN1_STRING_dup((const(ASN1_STRING)*)a) +#define M_i2d_ASN1_IA5STRING(a,pp) \ + i2d_ASN1_bytes((ASN1_STRING*)a,pp,V_ASN1_IA5STRING,\ + V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_IA5STRING(a,pp,l) \ + (ASN1_IA5STRING*)d2i_ASN1_type_bytes((ASN1_STRING**)a,pp,l,\ + B_ASN1_IA5STRING) + +ASN1_UTCTIME* M_ASN1_UTCTIME_new()() { return cast(ASN1_UTCTIME*)ASN1_STRING_type_new(V_ASN1_UTCTIME); } +void M_ASN1_UTCTIME_free()(ASN1_UTCTIME* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +ASN1_UTCTIME* M_ASN1_UTCTIME_dup()(ASN1_UTCTIME* a) { return cast(ASN1_UTCTIME*)ASN1_STRING_dup(cast(ASN1_STRING*)a); } + +ASN1_GENERALIZEDTIME* M_ASN1_GENERALIZEDTIME_new()() { return cast(ASN1_GENERALIZEDTIME*)ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME); } +void M_ASN1_GENERALIZEDTIME_free()(ASN1_GENERALIZEDTIME* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +ASN1_GENERALIZEDTIME* M_ASN1_GENERALIZEDTIME_dup()(ASN1_GENERALIZEDTIME* a) { return cast(ASN1_GENERALIZEDTIME*)ASN1_STRING_dup(cast(ASN1_STRING*)a); } + +ASN1_TIME* M_ASN1_TIME_new()() { return cast(ASN1_TIME*)ASN1_STRING_type_new(V_ASN1_UTCTIME); } +void M_ASN1_TIME_free()(ASN1_TIME* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +ASN1_TIME* M_ASN1_TIME_dup()(ASN1_TIME* a) { return cast(ASN1_TIME*)ASN1_STRING_dup(cast(ASN1_STRING*)a); } + +ASN1_GENERALSTRING* M_ASN1_GENERALSTRING_new()() { return cast(ASN1_GENERALSTRING*)ASN1_STRING_type_new(V_ASN1_GENERALSTRING); } +void M_ASN1_GENERALSTRING_free()(ASN1_GENERALSTRING* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +#define M_i2d_ASN1_GENERALSTRING(a,pp) \ + i2d_ASN1_bytes((ASN1_STRING*)a,pp,V_ASN1_GENERALSTRING,\ + V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_GENERALSTRING(a,pp,l) \ + (ASN1_GENERALSTRING*)d2i_ASN1_type_bytes\ + ((ASN1_STRING**)a,pp,l,B_ASN1_GENERALSTRING) + +ASN1_UNIVERSALSTRING* M_ASN1_UNIVERSALSTRING_new()() { return cast(ASN1_UNIVERSALSTRING*)ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING); } +void M_ASN1_UNIVERSALSTRING_free()(ASN1_UNIVERSALSTRING* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +#define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \ + i2d_ASN1_bytes((ASN1_STRING*)a,pp,V_ASN1_UNIVERSALSTRING,\ + V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \ + (ASN1_UNIVERSALSTRING*)d2i_ASN1_type_bytes\ + ((ASN1_STRING**)a,pp,l,B_ASN1_UNIVERSALSTRING) + +ASN1_BMPSTRING* M_ASN1_BMPSTRING_new()() { return cast(ASN1_BMPSTRING*)ASN1_STRING_type_new(V_ASN1_BMPSTRING); } +void M_ASN1_BMPSTRING_free()(ASN1_BMPSTRING* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +#define M_i2d_ASN1_BMPSTRING(a,pp) \ + i2d_ASN1_bytes((ASN1_STRING*)a,pp,V_ASN1_BMPSTRING,\ + V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_BMPSTRING(a,pp,l) \ + (ASN1_BMPSTRING*)d2i_ASN1_type_bytes\ + ((ASN1_STRING**)a,pp,l,B_ASN1_BMPSTRING) + +ASN1_VISIBLESTRING* M_ASN1_VISIBLESTRING_new()() { return cast(ASN1_VISIBLESTRING*)ASN1_STRING_type_new(V_ASN1_VISIBLESTRING); } +void M_ASN1_VISIBLESTRING_free()(ASN1_VISIBLESTRING* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +#define M_i2d_ASN1_VISIBLESTRING(a,pp) \ + i2d_ASN1_bytes((ASN1_STRING*)a,pp,V_ASN1_VISIBLESTRING,\ + V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_VISIBLESTRING(a,pp,l) \ + (ASN1_VISIBLESTRING*)d2i_ASN1_type_bytes\ + ((ASN1_STRING**)a,pp,l,B_ASN1_VISIBLESTRING) + +ASN1_UTF8STRING* M_ASN1_UTF8STRING_new()() { return cast(ASN1_UTF8STRING*)ASN1_STRING_type_new(V_ASN1_UTF8STRING); } +void M_ASN1_UTF8STRING_free()(ASN1_UTF8STRING* a) { ASN1_STRING_free(cast(ASN1_STRING*)a); } +#define M_i2d_ASN1_UTF8STRING(a,pp) \ + i2d_ASN1_bytes((ASN1_STRING*)a,pp,V_ASN1_UTF8STRING,\ + V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_UTF8STRING(a,pp,l) \ + (ASN1_UTF8STRING*)d2i_ASN1_type_bytes\ + ((ASN1_STRING**)a,pp,l,B_ASN1_UTF8STRING) ++/ + /* for the is_set parameter to i2d_ASN1_SET */ +enum IS_SEQUENCE = 0; +enum IS_SET = 1; + +mixin(DECLARE_ASN1_FUNCTIONS_fname!("ASN1_TYPE", "ASN1_ANY", "ASN1_TYPE")); + +int ASN1_TYPE_get(ASN1_TYPE* a); +void ASN1_TYPE_set(ASN1_TYPE* a, int type, void* value); +int ASN1_TYPE_set1(ASN1_TYPE* a, int type, const(void)* value); +int ASN1_TYPE_cmp(ASN1_TYPE* a, ASN1_TYPE* b); + +ASN1_OBJECT* ASN1_OBJECT_new(); +void ASN1_OBJECT_free(ASN1_OBJECT* a); +int i2d_ASN1_OBJECT(ASN1_OBJECT* a,ubyte** pp); +ASN1_OBJECT* c2i_ASN1_OBJECT(ASN1_OBJECT** a,const(ubyte)** pp, + c_long length); +ASN1_OBJECT* d2i_ASN1_OBJECT(ASN1_OBJECT** a,const(ubyte)** pp, + c_long length); + +mixin(DECLARE_ASN1_ITEM!"ASN1_OBJECT"); + +/+mixin DECLARE_STACK_OF!(ASN1_OBJECT);+/ +mixin DECLARE_ASN1_SET_OF!(ASN1_OBJECT); + +ASN1_STRING* ASN1_STRING_new(); +void ASN1_STRING_free(ASN1_STRING* a); +int ASN1_STRING_copy(ASN1_STRING* dst, const(ASN1_STRING)* str); +ASN1_STRING* ASN1_STRING_dup(const(ASN1_STRING)* a); +ASN1_STRING* ASN1_STRING_type_new(int type ); +int ASN1_STRING_cmp(const(ASN1_STRING)* a, const(ASN1_STRING)* b); + /* Since this is used to store all sorts of things, via macros, for now, make + its data void* */ +int ASN1_STRING_set(ASN1_STRING* str, const(void)* data, int len); +void ASN1_STRING_set0(ASN1_STRING* str, void* data, int len); +int ASN1_STRING_length(const(ASN1_STRING)* x); +void ASN1_STRING_length_set(ASN1_STRING* x, int n); +int ASN1_STRING_type(ASN1_STRING* x); +ubyte* ASN1_STRING_data(ASN1_STRING* x); + +mixin(DECLARE_ASN1_FUNCTIONS!"ASN1_BIT_STRING"); +int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING* a,ubyte** pp); +ASN1_BIT_STRING* c2i_ASN1_BIT_STRING(ASN1_BIT_STRING** a,const(ubyte)** pp, + c_long length); +int ASN1_BIT_STRING_set(ASN1_BIT_STRING* a, ubyte* d, + int length ); +int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING* a, int n, int value); +int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING* a, int n); +int ASN1_BIT_STRING_check(ASN1_BIT_STRING* a, + ubyte* flags, int flags_len); + +version(OPENSSL_NO_BIO) {} else { +int ASN1_BIT_STRING_name_print(BIO* out_, ASN1_BIT_STRING* bs, + BIT_STRING_BITNAME* tbl, int indent); +} +int ASN1_BIT_STRING_num_asc(char* name, BIT_STRING_BITNAME* tbl); +int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING* bs, char* name, int value, + BIT_STRING_BITNAME* tbl); + +int i2d_ASN1_BOOLEAN(int a,ubyte** pp); +int d2i_ASN1_BOOLEAN(int* a,const(ubyte)** pp,c_long length); + +mixin(DECLARE_ASN1_FUNCTIONS!"ASN1_INTEGER"); +int i2c_ASN1_INTEGER(ASN1_INTEGER* a,ubyte** pp); +ASN1_INTEGER* c2i_ASN1_INTEGER(ASN1_INTEGER** a,const(ubyte)** pp, + c_long length); +ASN1_INTEGER* d2i_ASN1_UINTEGER(ASN1_INTEGER** a,const(ubyte)** pp, + c_long length); +ASN1_INTEGER* ASN1_INTEGER_dup(const(ASN1_INTEGER)* x); +int ASN1_INTEGER_cmp(const(ASN1_INTEGER)* x, const(ASN1_INTEGER)* y); + +mixin(DECLARE_ASN1_FUNCTIONS!"ASN1_ENUMERATED"); + +int ASN1_UTCTIME_check(ASN1_UTCTIME* a); +ASN1_UTCTIME* ASN1_UTCTIME_set(ASN1_UTCTIME* s,time_t t); +ASN1_UTCTIME* ASN1_UTCTIME_adj(ASN1_UTCTIME* s, time_t t, + int offset_day, c_long offset_sec); +int ASN1_UTCTIME_set_string(ASN1_UTCTIME* s, const(char)* str); +int ASN1_UTCTIME_cmp_time_t(const(ASN1_UTCTIME)* s, time_t t); +version (none) { +time_t ASN1_UTCTIME_get(const(ASN1_UTCTIME)* s); +} + +int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME* a); +ASN1_GENERALIZEDTIME* ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME* s,time_t t); +ASN1_GENERALIZEDTIME* ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME* s, + time_t t, int offset_day, c_long offset_sec); +int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME* s, const(char)* str); + +mixin(DECLARE_ASN1_FUNCTIONS!"ASN1_OCTET_STRING"); +ASN1_OCTET_STRING* ASN1_OCTET_STRING_dup(const(ASN1_OCTET_STRING)* a); +int ASN1_OCTET_STRING_cmp(const(ASN1_OCTET_STRING)* a, const(ASN1_OCTET_STRING)* b); +int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING* str, const(ubyte)* data, int len); + +mixin(DECLARE_ASN1_FUNCTIONS!"ASN1_VISIBLESTRING"); +mixin(DECLARE_ASN1_FUNCTIONS!"ASN1_UNIVERSALSTRING"); +mixin(DECLARE_ASN1_FUNCTIONS!"ASN1_UTF8STRING"); +mixin(DECLARE_ASN1_FUNCTIONS!"ASN1_NULL"); +mixin(DECLARE_ASN1_FUNCTIONS!"ASN1_BMPSTRING"); + +int UTF8_getc(const(char)* str, int len, c_ulong* val); +int UTF8_putc(char* str, int len, c_ulong value); + +mixin(DECLARE_ASN1_FUNCTIONS_name!("ASN1_STRING", "ASN1_PRINTABLE")); + +mixin(DECLARE_ASN1_FUNCTIONS_name!("ASN1_STRING", "DIRECTORYSTRING")); +mixin(DECLARE_ASN1_FUNCTIONS_name!("ASN1_STRING", "DISPLAYTEXT")); +mixin(DECLARE_ASN1_FUNCTIONS!"ASN1_PRINTABLESTRING"); +mixin(DECLARE_ASN1_FUNCTIONS!"ASN1_T61STRING"); +mixin(DECLARE_ASN1_FUNCTIONS!"ASN1_IA5STRING"); +mixin(DECLARE_ASN1_FUNCTIONS!"ASN1_GENERALSTRING"); +mixin(DECLARE_ASN1_FUNCTIONS!"ASN1_UTCTIME"); +mixin(DECLARE_ASN1_FUNCTIONS!"ASN1_GENERALIZEDTIME"); +mixin(DECLARE_ASN1_FUNCTIONS!"ASN1_TIME"); + +mixin(DECLARE_ASN1_ITEM!"ASN1_OCTET_STRING_NDEF"); + +ASN1_TIME* ASN1_TIME_set(ASN1_TIME* s,time_t t); +ASN1_TIME* ASN1_TIME_adj(ASN1_TIME* s,time_t t, + int offset_day, c_long offset_sec); +int ASN1_TIME_check(ASN1_TIME* t); +ASN1_GENERALIZEDTIME* ASN1_TIME_to_generalizedtime(ASN1_TIME* t, ASN1_GENERALIZEDTIME** out_); +int ASN1_TIME_set_string(ASN1_TIME* s, const(char)* str); + +int i2d_ASN1_SET(STACK_OF!(OPENSSL_BLOCK) *a, ubyte** pp, + i2d_of_void* i2d, int ex_tag, int ex_class, + int is_set); +STACK_OF!(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF!(OPENSSL_BLOCK) **a, + const(ubyte)** pp, + c_long length, d2i_of_void* d2i, + ExternC!(void function(OPENSSL_BLOCK)) free_func, int ex_tag, + int ex_class); + +version(OPENSSL_NO_BIO) {} else { +int i2a_ASN1_INTEGER(BIO* bp, ASN1_INTEGER* a); +int a2i_ASN1_INTEGER(BIO* bp,ASN1_INTEGER* bs,char* buf,int size); +int i2a_ASN1_ENUMERATED(BIO* bp, ASN1_ENUMERATED* a); +int a2i_ASN1_ENUMERATED(BIO* bp,ASN1_ENUMERATED* bs,char* buf,int size); +int i2a_ASN1_OBJECT(BIO* bp,ASN1_OBJECT* a); +int a2i_ASN1_STRING(BIO* bp,ASN1_STRING* bs,char* buf,int size); +int i2a_ASN1_STRING(BIO* bp, ASN1_STRING* a, int type); +} +int i2t_ASN1_OBJECT(char* buf,int buf_len,ASN1_OBJECT* a); + +int a2d_ASN1_OBJECT(ubyte* out_,int olen, const(char)* buf, int num); +ASN1_OBJECT* ASN1_OBJECT_create(int nid, ubyte* data,int len, + const(char)* sn, const(char)* ln); + +int ASN1_INTEGER_set(ASN1_INTEGER* a, c_long v); +c_long ASN1_INTEGER_get(const(ASN1_INTEGER)* a); +ASN1_INTEGER* BN_to_ASN1_INTEGER(const(BIGNUM)* bn, ASN1_INTEGER* ai); +BIGNUM* ASN1_INTEGER_to_BN(const(ASN1_INTEGER)* ai,BIGNUM* bn); + +int ASN1_ENUMERATED_set(ASN1_ENUMERATED* a, c_long v); +c_long ASN1_ENUMERATED_get(ASN1_ENUMERATED* a); +ASN1_ENUMERATED* BN_to_ASN1_ENUMERATED(BIGNUM* bn, ASN1_ENUMERATED* ai); +BIGNUM* ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED* ai,BIGNUM* bn); + +/* General */ +/* given a string, return the correct type, max is the maximum length */ +int ASN1_PRINTABLE_type(const(ubyte)* s, int max); + +int i2d_ASN1_bytes(ASN1_STRING* a, ubyte** pp, int tag, int xclass); +ASN1_STRING* d2i_ASN1_bytes(ASN1_STRING** a, const(ubyte)** pp, + c_long length, int Ptag, int Pclass); +c_ulong ASN1_tag2bit(int tag); +/* type is one or more of the B_ASN1_ values. */ +ASN1_STRING* d2i_ASN1_type_bytes(ASN1_STRING** a,const(ubyte)** pp, + c_long length,int type); + +/* PARSING */ +int asn1_Finish(ASN1_CTX* c); +int asn1_const_Finish(ASN1_const_CTX* c); + +/* SPECIALS */ +int ASN1_get_object(const(ubyte)** pp, c_long* plength, int* ptag, + int* pclass, c_long omax); +int ASN1_check_infinite_end(ubyte** p,c_long len); +int ASN1_const_check_infinite_end(const(ubyte)** p,c_long len); +void ASN1_put_object(ubyte** pp, int constructed, int length, + int tag, int xclass); +int ASN1_put_eoc(ubyte** pp); +int ASN1_object_size(int constructed, int length, int tag); + +/* Used to implement other functions */ +void* ASN1_dup(i2d_of_void* i2d, d2i_of_void* d2i, void* x); + +auto ASN1_dup_of(type)(I2D_OF!type* i2d, D2I_OF!type* d2i, type* x) { + return cast(type*)(ASN1_dup(CHECKED_I2D_OF!type(i2d), + CHECKED_D2I_OF!type(d2i), + CHECKED_PTR_OF!type(x))); +} + +auto ASN1_dup_of_const(type)(I2D_OF!(const(type))* i2d, D2I_OF!type* d2i, const(type)* x) { + return cast(type*)(ASN1_dup(CHECKED_I2D_OF!(const(type))(i2d), + CHECKED_D2I_OF!type(d2i), + CHECKED_PTR_OF!(const(type))(x))); +} + +void* ASN1_item_dup(const(ASN1_ITEM)* it, void* x); + +/* ASN1 alloc/free macros for when a type is only used internally */ + +template M_ASN1_new_of(string type) { + enum M_ASN1_new_of = "(cast(" ~ type ~ "*)ASN1_item_new(ASN1_ITEM_rptr!`" ~ type ~ "`))"; +} +template M_ASN1_free_of(string x, string type) { + enum M_ASN1_free_of = "ASN1_item_free(CHECKED_PTR_OF!(" ~ type ~ ")(" ~ x ~ "), ASN1_ITEM_rptr!`" ~ type ~ "`))"; +} + +version (OPENSSL_NO_FP_API) {} else { +void* ASN1_d2i_fp(ExternC!(void* function()) xnew, d2i_of_void* d2i, FILE* in_, void** x); + +type* ASN1_d2i_fp_of(type)(ExternC!(type* function()) xnew, d2i,in_,x) { + return cast(type*)(ASN1_d2i_fp(CHECKED_NEW_OF!type(xnew), + CHECKED_D2I_OF!type(d2i), + in_, + CHECKED_PPTR_OF!type(x))); +} + +void* ASN1_item_d2i_fp(const(ASN1_ITEM)* it, FILE* in_, void* x); +int ASN1_i2d_fp(i2d_of_void* i2d,FILE* out_,void* x); + +auto ASN1_i2d_fp_of(type)(I2D_OF!(type) i2d, FILE* out_, const(type)* x) { + return ASN1_i2d_fp(CHECKED_I2D_OF!(type)(i2d), out_, CHECKED_PTR_OF!(type)(x)); +} + +auto ASN1_i2d_fp_of_const(type)(I2D_OF!(const(type)) i2d, FILE* out_, const(type)* x) { + return ASN1_i2d_fp(CHECKED_I2D_OF!(const(type))(i2d), out_, CHECKED_PTR_OF!(const(type))(x)); +} + +int ASN1_item_i2d_fp(const(ASN1_ITEM)* it, FILE* out_, void* x); +int ASN1_STRING_print_ex_fp(FILE* fp, ASN1_STRING* str, c_ulong flags); +} + +int ASN1_STRING_to_UTF8(char** out_, ASN1_STRING* in_); + +version(OPENSSL_NO_BIO) {} else { +void* ASN1_d2i_bio(ExternC!(void* function()) xnew, d2i_of_void* d2i, BIO* in_, void** x); + +type* ASN1_d2i_bio_of(type)(ExternC!(type* function()) xnew, D2I_OF!type d2i, BIO* in_, type** x) { + return cast(type*)ASN1_d2i_bio(CHECKED_NEW_OF!type(xnew), + CHECKED_D2I_OF!type(d2i), in_, CHECKED_PPTR_OF!type(x)); +} + +void* ASN1_item_d2i_bio(const(ASN1_ITEM)* it, BIO* in_, void* x); +int ASN1_i2d_bio(i2d_of_void* i2d,BIO* out_, ubyte* x); + +int ASN1_i2d_bio_of(type)(I2D_OF!type* i2d,BIO* out_,type* x) { + return ASN1_i2d_bio(CHECKED_I2D_OF!type(i2d), out_, CHECKED_PTR_OF!type(x)); +} + +int ASN1_i2d_bio_of_const(type)(I2D_OF!(const(type))* i2d,BIO* out_,type* x) { + return ASN1_i2d_bio(CHECKED_I2D_OF!type(i2d), out_, CHECKED_PTR_OF!(const(type))(x)); +} + +int ASN1_item_i2d_bio(const(ASN1_ITEM)* it, BIO* out_, void* x); +int ASN1_UTCTIME_print(BIO* fp, const(ASN1_UTCTIME)* a); +int ASN1_GENERALIZEDTIME_print(BIO* fp, const(ASN1_GENERALIZEDTIME)* a); +int ASN1_TIME_print(BIO* fp, const(ASN1_TIME)* a); +int ASN1_STRING_print(BIO* bp, const(ASN1_STRING)* v); +int ASN1_STRING_print_ex(BIO* out_, ASN1_STRING* str, c_ulong flags); +int ASN1_bn_print(BIO* bp, const(char)* number, const(BIGNUM)* num, + ubyte* buf, int off); +int ASN1_parse(BIO* bp,const(ubyte)* pp,c_long len,int indent); +int ASN1_parse_dump(BIO* bp,const(ubyte)* pp,c_long len,int indent,int dump); +} +const(char)* ASN1_tag2str(int tag); + +/* Used to load and write netscape format cert */ + +mixin(DECLARE_ASN1_FUNCTIONS!"NETSCAPE_X509"); + +int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING* s); + +int ASN1_TYPE_set_octetstring(ASN1_TYPE* a, + ubyte* data, int len); +int ASN1_TYPE_get_octetstring(ASN1_TYPE* a, + ubyte* data, int max_len); +int ASN1_TYPE_set_int_octetstring(ASN1_TYPE* a, c_long num, + ubyte* data, int len); +int ASN1_TYPE_get_int_octetstring(ASN1_TYPE* a,c_long* num, + ubyte* data, int max_len); + +STACK_OF!(OPENSSL_BLOCK) *ASN1_seq_unpack(const(ubyte)* buf, int len, + d2i_of_void* d2i, ExternC!(void function(OPENSSL_BLOCK)) free_func); +ubyte* ASN1_seq_pack(STACK_OF!(OPENSSL_BLOCK) *safes, i2d_of_void* i2d, + ubyte** buf, int* len ); +void* ASN1_unpack_string(ASN1_STRING* oct, d2i_of_void* d2i); +void* ASN1_item_unpack(ASN1_STRING* oct, const(ASN1_ITEM)* it); +ASN1_STRING* ASN1_pack_string(void* obj, i2d_of_void* i2d, + ASN1_OCTET_STRING** oct); + +auto ASN1_pack_string_of(type)(type* obj, I2D_OF!type* i2d, ASN1_OCTET_STRING** oct) { + return ASN1_pack_string(CHECKED_PTR_OF!type(obj), CHECKED_I2D_OF!type(i2d), oct); +} + +ASN1_STRING* ASN1_item_pack(void* obj, const(ASN1_ITEM)* it, ASN1_OCTET_STRING** oct); + +void ASN1_STRING_set_default_mask(c_ulong mask); +int ASN1_STRING_set_default_mask_asc(const(char)* p); +c_ulong ASN1_STRING_get_default_mask(); +int ASN1_mbstring_copy(ASN1_STRING** out_, const(ubyte)* in_, int len, + int inform, c_ulong mask); +int ASN1_mbstring_ncopy(ASN1_STRING** out_, const(ubyte)* in_, int len, + int inform, c_ulong mask, + c_long minsize, c_long maxsize); + +ASN1_STRING* ASN1_STRING_set_by_NID(ASN1_STRING** out_, + const(ubyte)* in_, int inlen, int inform, int nid); +ASN1_STRING_TABLE* ASN1_STRING_TABLE_get(int nid); +int ASN1_STRING_TABLE_add(int, c_long, c_long, c_ulong, c_ulong); +void ASN1_STRING_TABLE_cleanup(); + +/* ASN1 template functions */ + +/* Old API compatible functions */ +ASN1_VALUE* ASN1_item_new(const(ASN1_ITEM)* it); +void ASN1_item_free(ASN1_VALUE* val, const(ASN1_ITEM)* it); +ASN1_VALUE* ASN1_item_d2i(ASN1_VALUE** val, const(ubyte)** in_, c_long len, const(ASN1_ITEM)* it); +int ASN1_item_i2d(ASN1_VALUE* val, ubyte** out_, const(ASN1_ITEM)* it); +int ASN1_item_ndef_i2d(ASN1_VALUE* val, ubyte** out_, const(ASN1_ITEM)* it); + +void ASN1_add_oid_module(); + +ASN1_TYPE* ASN1_generate_nconf(char* str, CONF* nconf); +ASN1_TYPE* ASN1_generate_v3(char* str, X509V3_CTX* cnf); + +/* ASN1 Print flags */ + +/* Indicate missing OPTIONAL fields */ +enum ASN1_PCTX_FLAGS_SHOW_ABSENT = 0x001; +/* Mark start and end of SEQUENCE */ +enum ASN1_PCTX_FLAGS_SHOW_SEQUENCE = 0x002; +/* Mark start and end of SEQUENCE/SET OF */ +enum ASN1_PCTX_FLAGS_SHOW_SSOF = 0x004; +/* Show the ASN1 type of primitives */ +enum ASN1_PCTX_FLAGS_SHOW_TYPE = 0x008; +/* Don't show ASN1 type of ANY */ +enum ASN1_PCTX_FLAGS_NO_ANY_TYPE = 0x010; +/* Don't show ASN1 type of MSTRINGs */ +enum ASN1_PCTX_FLAGS_NO_MSTRING_TYPE = 0x020; +/* Don't show field names in SEQUENCE */ +enum ASN1_PCTX_FLAGS_NO_FIELD_NAME = 0x040; +/* Show structure names of each SEQUENCE field */ +enum ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME = 0x080; +/* Don't show structure name even at top level */ +enum ASN1_PCTX_FLAGS_NO_STRUCT_NAME = 0x100; + +int ASN1_item_print(BIO* out_, ASN1_VALUE* ifld, int indent, + const(ASN1_ITEM)* it, const(ASN1_PCTX)* pctx); +ASN1_PCTX* ASN1_PCTX_new(); +void ASN1_PCTX_free(ASN1_PCTX* p); +c_ulong ASN1_PCTX_get_flags(ASN1_PCTX* p); +void ASN1_PCTX_set_flags(ASN1_PCTX* p, c_ulong flags); +c_ulong ASN1_PCTX_get_nm_flags(ASN1_PCTX* p); +void ASN1_PCTX_set_nm_flags(ASN1_PCTX* p, c_ulong flags); +c_ulong ASN1_PCTX_get_cert_flags(ASN1_PCTX* p); +void ASN1_PCTX_set_cert_flags(ASN1_PCTX* p, c_ulong flags); +c_ulong ASN1_PCTX_get_oid_flags(ASN1_PCTX* p); +void ASN1_PCTX_set_oid_flags(ASN1_PCTX* p, c_ulong flags); +c_ulong ASN1_PCTX_get_str_flags(ASN1_PCTX* p); +void ASN1_PCTX_set_str_flags(ASN1_PCTX* p, c_ulong flags); + +BIO_METHOD* BIO_f_asn1(); + +BIO* BIO_new_NDEF(BIO* out_, ASN1_VALUE* val, const(ASN1_ITEM)* it); + +int i2d_ASN1_bio_stream(BIO* out_, ASN1_VALUE* val, BIO* in_, int flags, + const(ASN1_ITEM)* it); +int PEM_write_bio_ASN1_stream(BIO* out_, ASN1_VALUE* val, BIO* in_, int flags, + const(char)* hdr, + const(ASN1_ITEM)* it); +int SMIME_write_ASN1(BIO* bio, ASN1_VALUE* val, BIO* data, int flags, + int ctype_nid, int econt_nid, + STACK_OF!(X509_ALGOR) *mdalgs, + const(ASN1_ITEM)* it); +ASN1_VALUE* SMIME_read_ASN1(BIO* bio, BIO** bcont, const(ASN1_ITEM)* it); +int SMIME_crlf_copy(BIO* in_, BIO* out_, int flags); +int SMIME_text(BIO* in_, BIO* out_); + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_ASN1_strings(); + +/* Error codes for the ASN1 functions. */ + +/* Function codes. */ +enum ASN1_F_A2D_ASN1_OBJECT = 100; +enum ASN1_F_A2I_ASN1_ENUMERATED = 101; +enum ASN1_F_A2I_ASN1_INTEGER = 102; +enum ASN1_F_A2I_ASN1_STRING = 103; +enum ASN1_F_APPEND_EXP = 176; +enum ASN1_F_ASN1_BIT_STRING_SET_BIT = 183; +enum ASN1_F_ASN1_CB = 177; +enum ASN1_F_ASN1_CHECK_TLEN = 104; +enum ASN1_F_ASN1_COLLATE_PRIMITIVE = 105; +enum ASN1_F_ASN1_COLLECT = 106; +enum ASN1_F_ASN1_D2I_EX_PRIMITIVE = 108; +enum ASN1_F_ASN1_D2I_FP = 109; +enum ASN1_F_ASN1_D2I_READ_BIO = 107; +enum ASN1_F_ASN1_DIGEST = 184; +enum ASN1_F_ASN1_DO_ADB = 110; +enum ASN1_F_ASN1_DUP = 111; +enum ASN1_F_ASN1_ENUMERATED_SET = 112; +enum ASN1_F_ASN1_ENUMERATED_TO_BN = 113; +enum ASN1_F_ASN1_EX_C2I = 204; +enum ASN1_F_ASN1_FIND_END = 190; +enum ASN1_F_ASN1_GENERALIZEDTIME_ADJ = 216; +enum ASN1_F_ASN1_GENERALIZEDTIME_SET = 185; +enum ASN1_F_ASN1_GENERATE_V3 = 178; +enum ASN1_F_ASN1_GET_OBJECT = 114; +enum ASN1_F_ASN1_HEADER_NEW = 115; +enum ASN1_F_ASN1_I2D_BIO = 116; +enum ASN1_F_ASN1_I2D_FP = 117; +enum ASN1_F_ASN1_INTEGER_SET = 118; +enum ASN1_F_ASN1_INTEGER_TO_BN = 119; +enum ASN1_F_ASN1_ITEM_D2I_FP = 206; +enum ASN1_F_ASN1_ITEM_DUP = 191; +enum ASN1_F_ASN1_ITEM_EX_COMBINE_NEW = 121; +enum ASN1_F_ASN1_ITEM_EX_D2I = 120; +enum ASN1_F_ASN1_ITEM_I2D_BIO = 192; +enum ASN1_F_ASN1_ITEM_I2D_FP = 193; +enum ASN1_F_ASN1_ITEM_PACK = 198; +enum ASN1_F_ASN1_ITEM_SIGN = 195; +enum ASN1_F_ASN1_ITEM_SIGN_CTX = 220; +enum ASN1_F_ASN1_ITEM_UNPACK = 199; +enum ASN1_F_ASN1_ITEM_VERIFY = 197; +enum ASN1_F_ASN1_MBSTRING_NCOPY = 122; +enum ASN1_F_ASN1_OBJECT_NEW = 123; +enum ASN1_F_ASN1_OUTPUT_DATA = 214; +enum ASN1_F_ASN1_PACK_STRING = 124; +enum ASN1_F_ASN1_PCTX_NEW = 205; +enum ASN1_F_ASN1_PKCS5_PBE_SET = 125; +enum ASN1_F_ASN1_SEQ_PACK = 126; +enum ASN1_F_ASN1_SEQ_UNPACK = 127; +enum ASN1_F_ASN1_SIGN = 128; +enum ASN1_F_ASN1_STR2TYPE = 179; +enum ASN1_F_ASN1_STRING_SET = 186; +enum ASN1_F_ASN1_STRING_TABLE_ADD = 129; +enum ASN1_F_ASN1_STRING_TYPE_NEW = 130; +enum ASN1_F_ASN1_TEMPLATE_EX_D2I = 132; +enum ASN1_F_ASN1_TEMPLATE_NEW = 133; +enum ASN1_F_ASN1_TEMPLATE_NOEXP_D2I = 131; +enum ASN1_F_ASN1_TIME_ADJ = 217; +enum ASN1_F_ASN1_TIME_SET = 175; +enum ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING = 134; +enum ASN1_F_ASN1_TYPE_GET_OCTETSTRING = 135; +enum ASN1_F_ASN1_UNPACK_STRING = 136; +enum ASN1_F_ASN1_UTCTIME_ADJ = 218; +enum ASN1_F_ASN1_UTCTIME_SET = 187; +enum ASN1_F_ASN1_VERIFY = 137; +enum ASN1_F_B64_READ_ASN1 = 209; +enum ASN1_F_B64_WRITE_ASN1 = 210; +enum ASN1_F_BIO_NEW_NDEF = 208; +enum ASN1_F_BITSTR_CB = 180; +enum ASN1_F_BN_TO_ASN1_ENUMERATED = 138; +enum ASN1_F_BN_TO_ASN1_INTEGER = 139; +enum ASN1_F_C2I_ASN1_BIT_STRING = 189; +enum ASN1_F_C2I_ASN1_INTEGER = 194; +enum ASN1_F_C2I_ASN1_OBJECT = 196; +enum ASN1_F_COLLECT_DATA = 140; +enum ASN1_F_D2I_ASN1_BIT_STRING = 141; +enum ASN1_F_D2I_ASN1_BOOLEAN = 142; +enum ASN1_F_D2I_ASN1_BYTES = 143; +enum ASN1_F_D2I_ASN1_GENERALIZEDTIME = 144; +enum ASN1_F_D2I_ASN1_HEADER = 145; +enum ASN1_F_D2I_ASN1_INTEGER = 146; +enum ASN1_F_D2I_ASN1_OBJECT = 147; +enum ASN1_F_D2I_ASN1_SET = 148; +enum ASN1_F_D2I_ASN1_TYPE_BYTES = 149; +enum ASN1_F_D2I_ASN1_UINTEGER = 150; +enum ASN1_F_D2I_ASN1_UTCTIME = 151; +enum ASN1_F_D2I_AUTOPRIVATEKEY = 207; +enum ASN1_F_D2I_NETSCAPE_RSA = 152; +enum ASN1_F_D2I_NETSCAPE_RSA_2 = 153; +enum ASN1_F_D2I_PRIVATEKEY = 154; +enum ASN1_F_D2I_PUBLICKEY = 155; +enum ASN1_F_D2I_RSA_NET = 200; +enum ASN1_F_D2I_RSA_NET_2 = 201; +enum ASN1_F_D2I_X509 = 156; +enum ASN1_F_D2I_X509_CINF = 157; +enum ASN1_F_D2I_X509_PKEY = 159; +enum ASN1_F_I2D_ASN1_BIO_STREAM = 211; +enum ASN1_F_I2D_ASN1_SET = 188; +enum ASN1_F_I2D_ASN1_TIME = 160; +enum ASN1_F_I2D_DSA_PUBKEY = 161; +enum ASN1_F_I2D_EC_PUBKEY = 181; +enum ASN1_F_I2D_PRIVATEKEY = 163; +enum ASN1_F_I2D_PUBLICKEY = 164; +enum ASN1_F_I2D_RSA_NET = 162; +enum ASN1_F_I2D_RSA_PUBKEY = 165; +enum ASN1_F_LONG_C2I = 166; +enum ASN1_F_OID_MODULE_INIT = 174; +enum ASN1_F_PARSE_TAGGING = 182; +enum ASN1_F_PKCS5_PBE2_SET_IV = 167; +enum ASN1_F_PKCS5_PBE_SET = 202; +enum ASN1_F_PKCS5_PBE_SET0_ALGOR = 215; +enum ASN1_F_PKCS5_PBKDF2_SET = 219; +enum ASN1_F_SMIME_READ_ASN1 = 212; +enum ASN1_F_SMIME_TEXT = 213; +enum ASN1_F_X509_CINF_NEW = 168; +enum ASN1_F_X509_CRL_ADD0_REVOKED = 169; +enum ASN1_F_X509_INFO_NEW = 170; +enum ASN1_F_X509_NAME_ENCODE = 203; +enum ASN1_F_X509_NAME_EX_D2I = 158; +enum ASN1_F_X509_NAME_EX_NEW = 171; +enum ASN1_F_X509_NEW = 172; +enum ASN1_F_X509_PKEY_NEW = 173; + +/* Reason codes. */ +enum ASN1_R_ADDING_OBJECT = 171; +enum ASN1_R_ASN1_PARSE_ERROR = 203; +enum ASN1_R_ASN1_SIG_PARSE_ERROR = 204; +enum ASN1_R_AUX_ERROR = 100; +enum ASN1_R_BAD_CLASS = 101; +enum ASN1_R_BAD_OBJECT_HEADER = 102; +enum ASN1_R_BAD_PASSWORD_READ = 103; +enum ASN1_R_BAD_TAG = 104; +enum ASN1_R_BMPSTRING_IS_WRONG_LENGTH = 214; +enum ASN1_R_BN_LIB = 105; +enum ASN1_R_BOOLEAN_IS_WRONG_LENGTH = 106; +enum ASN1_R_BUFFER_TOO_SMALL = 107; +enum ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER = 108; +enum ASN1_R_CONTEXT_NOT_INITIALISED = 217; +enum ASN1_R_DATA_IS_WRONG = 109; +enum ASN1_R_DECODE_ERROR = 110; +enum ASN1_R_DECODING_ERROR = 111; +enum ASN1_R_DEPTH_EXCEEDED = 174; +enum ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED = 198; +enum ASN1_R_ENCODE_ERROR = 112; +enum ASN1_R_ERROR_GETTING_TIME = 173; +enum ASN1_R_ERROR_LOADING_SECTION = 172; +enum ASN1_R_ERROR_PARSING_SET_ELEMENT = 113; +enum ASN1_R_ERROR_SETTING_CIPHER_PARAMS = 114; +enum ASN1_R_EXPECTING_AN_INTEGER = 115; +enum ASN1_R_EXPECTING_AN_OBJECT = 116; +enum ASN1_R_EXPECTING_A_BOOLEAN = 117; +enum ASN1_R_EXPECTING_A_TIME = 118; +enum ASN1_R_EXPLICIT_LENGTH_MISMATCH = 119; +enum ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED = 120; +enum ASN1_R_FIELD_MISSING = 121; +enum ASN1_R_FIRST_NUM_TOO_LARGE = 122; +enum ASN1_R_HEADER_TOO_LONG = 123; +enum ASN1_R_ILLEGAL_BITSTRING_FORMAT = 175; +enum ASN1_R_ILLEGAL_BOOLEAN = 176; +enum ASN1_R_ILLEGAL_CHARACTERS = 124; +enum ASN1_R_ILLEGAL_FORMAT = 177; +enum ASN1_R_ILLEGAL_HEX = 178; +enum ASN1_R_ILLEGAL_IMPLICIT_TAG = 179; +enum ASN1_R_ILLEGAL_INTEGER = 180; +enum ASN1_R_ILLEGAL_NESTED_TAGGING = 181; +enum ASN1_R_ILLEGAL_NULL = 125; +enum ASN1_R_ILLEGAL_NULL_VALUE = 182; +enum ASN1_R_ILLEGAL_OBJECT = 183; +enum ASN1_R_ILLEGAL_OPTIONAL_ANY = 126; +enum ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE = 170; +enum ASN1_R_ILLEGAL_TAGGED_ANY = 127; +enum ASN1_R_ILLEGAL_TIME_VALUE = 184; +enum ASN1_R_INTEGER_NOT_ASCII_FORMAT = 185; +enum ASN1_R_INTEGER_TOO_LARGE_FOR_LONG = 128; +enum ASN1_R_INVALID_BMPSTRING_LENGTH = 129; +enum ASN1_R_INVALID_DIGIT = 130; +enum ASN1_R_INVALID_MIME_TYPE = 205; +enum ASN1_R_INVALID_MODIFIER = 186; +enum ASN1_R_INVALID_NUMBER = 187; +enum ASN1_R_INVALID_OBJECT_ENCODING = 216; +enum ASN1_R_INVALID_SEPARATOR = 131; +enum ASN1_R_INVALID_TIME_FORMAT = 132; +enum ASN1_R_INVALID_UNIVERSALSTRING_LENGTH = 133; +enum ASN1_R_INVALID_UTF8STRING = 134; +enum ASN1_R_IV_TOO_LARGE = 135; +enum ASN1_R_LENGTH_ERROR = 136; +enum ASN1_R_LIST_ERROR = 188; +enum ASN1_R_MIME_NO_CONTENT_TYPE = 206; +enum ASN1_R_MIME_PARSE_ERROR = 207; +enum ASN1_R_MIME_SIG_PARSE_ERROR = 208; +enum ASN1_R_MISSING_EOC = 137; +enum ASN1_R_MISSING_SECOND_NUMBER = 138; +enum ASN1_R_MISSING_VALUE = 189; +enum ASN1_R_MSTRING_NOT_UNIVERSAL = 139; +enum ASN1_R_MSTRING_WRONG_TAG = 140; +enum ASN1_R_NESTED_ASN1_STRING = 197; +enum ASN1_R_NON_HEX_CHARACTERS = 141; +enum ASN1_R_NOT_ASCII_FORMAT = 190; +enum ASN1_R_NOT_ENOUGH_DATA = 142; +enum ASN1_R_NO_CONTENT_TYPE = 209; +enum ASN1_R_NO_DEFAULT_DIGEST = 201; +enum ASN1_R_NO_MATCHING_CHOICE_TYPE = 143; +enum ASN1_R_NO_MULTIPART_BODY_FAILURE = 210; +enum ASN1_R_NO_MULTIPART_BOUNDARY = 211; +enum ASN1_R_NO_SIG_CONTENT_TYPE = 212; +enum ASN1_R_NULL_IS_WRONG_LENGTH = 144; +enum ASN1_R_OBJECT_NOT_ASCII_FORMAT = 191; +enum ASN1_R_ODD_NUMBER_OF_CHARS = 145; +enum ASN1_R_PRIVATE_KEY_HEADER_MISSING = 146; +enum ASN1_R_SECOND_NUMBER_TOO_LARGE = 147; +enum ASN1_R_SEQUENCE_LENGTH_MISMATCH = 148; +enum ASN1_R_SEQUENCE_NOT_CONSTRUCTED = 149; +enum ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG = 192; +enum ASN1_R_SHORT_LINE = 150; +enum ASN1_R_SIG_INVALID_MIME_TYPE = 213; +enum ASN1_R_STREAMING_NOT_SUPPORTED = 202; +enum ASN1_R_STRING_TOO_LONG = 151; +enum ASN1_R_STRING_TOO_SHORT = 152; +enum ASN1_R_TAG_VALUE_TOO_HIGH = 153; +enum ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD = 154; +enum ASN1_R_TIME_NOT_ASCII_FORMAT = 193; +enum ASN1_R_TOO_LONG = 155; +enum ASN1_R_TYPE_NOT_CONSTRUCTED = 156; +enum ASN1_R_UNABLE_TO_DECODE_RSA_KEY = 157; +enum ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY = 158; +enum ASN1_R_UNEXPECTED_EOC = 159; +enum ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH = 215; +enum ASN1_R_UNKNOWN_FORMAT = 160; +enum ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM = 161; +enum ASN1_R_UNKNOWN_OBJECT_TYPE = 162; +enum ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE = 163; +enum ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM = 199; +enum ASN1_R_UNKNOWN_TAG = 194; +enum ASN1_R_UNKOWN_FORMAT = 195; +enum ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE = 164; +enum ASN1_R_UNSUPPORTED_CIPHER = 165; +enum ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM = 166; +enum ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE = 167; +enum ASN1_R_UNSUPPORTED_TYPE = 196; +enum ASN1_R_WRONG_PUBLIC_KEY_TYPE = 200; +enum ASN1_R_WRONG_TAG = 168; +enum ASN1_R_WRONG_TYPE = 169; diff --git a/deimos/openssl/asn1_mac.d b/deimos/openssl/asn1_mac.d new file mode 100644 index 0000000..6baee06 --- /dev/null +++ b/deimos/openssl/asn1_mac.d @@ -0,0 +1,577 @@ +/* crypto/asn1/asn1_mac.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.asn1_mac; + +import deimos.openssl._d_util; + +import deimos.openssl.err; // Needed for ERR_LIB_ASN1. + +public import deimos.openssl.asn1; + +extern (C): +nothrow: + +// #ifndef ASN1_MAC_ERR_LIB +alias ERR_LIB_ASN1 ASN1_MAC_ERR_LIB; +// #endif + +/+ FIXME: Not yet ported. +#define ASN1_MAC_H_err(f,r,line) \ + ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line)) + +#define M_ASN1_D2I_vars(a,type,func) \ + ASN1_const_CTX c; \ + type ret=NULL; \ + \ + c.pp=(const(ubyte)**)pp; \ + c.q= *(const(ubyte)**)pp; \ + c.error=ERR_R_NESTED_ASN1_ERROR; \ + if ((a == NULL) || ((*a) == NULL)) \ + { if ((ret=(type)func()) == NULL) \ + { c.line=__LINE__; goto err; } } \ + else ret=(*a); + +#define M_ASN1_D2I_Init() \ + c.p= *(const(ubyte)**)pp; \ + c.max=(length == 0)?0:(c.p+length); + +#define M_ASN1_D2I_Finish_2(a) \ + if (!asn1_const_Finish(&c)) \ + { c.line=__LINE__; goto err; } \ + *(const(ubyte)**)pp=c.p; \ + if (a != NULL) (*a)=ret; \ + return(ret); + +#define M_ASN1_D2I_Finish(a,func,e) \ + M_ASN1_D2I_Finish_2(a); \ +err:\ + ASN1_MAC_H_err((e),c.error,c.line); \ + asn1_add_error(*(const(ubyte)**)pp,(int)(c.q- *pp)); \ + if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \ + return(NULL) + +#define M_ASN1_D2I_start_sequence() \ + if (!asn1_GetSequence(&c,&length)) \ + { c.line=__LINE__; goto err; } +/* Begin reading ASN1 without a surrounding sequence */ +#define M_ASN1_D2I_begin() \ + c.slen = length; + +/* End reading ASN1 with no check on length */ +#define M_ASN1_D2I_Finish_nolen(a, func, e) \ + *pp=c.p; \ + if (a != NULL) (*a)=ret; \ + return(ret); \ +err:\ + ASN1_MAC_H_err((e),c.error,c.line); \ + asn1_add_error(*pp,(int)(c.q- *pp)); \ + if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \ + return(NULL) + +#define M_ASN1_D2I_end_sequence() \ + (((c.inf&1) == 0)?(c.slen <= 0): \ + (c.eos=ASN1_const_check_infinite_end(&c.p,c.slen))) + +/* Don't use this with d2i_ASN1_BOOLEAN() */ +#define M_ASN1_D2I_get(b, func) \ + c.q=c.p; \ + if (func(&(b),&c.p,c.slen) == NULL) \ + {c.line=__LINE__; goto err; } \ + c.slen-=(c.p-c.q); + +/* Don't use this with d2i_ASN1_BOOLEAN() */ +#define M_ASN1_D2I_get_x(type,b,func) \ + c.q=c.p; \ + if (((D2I_OF(type))func)(&(b),&c.p,c.slen) == NULL) \ + {c.line=__LINE__; goto err; } \ + c.slen-=(c.p-c.q); + +/* use this instead () */ +#define M_ASN1_D2I_get_int(b,func) \ + c.q=c.p; \ + if (func(&(b),&c.p,c.slen) < 0) \ + {c.line=__LINE__; goto err; } \ + c.slen-=(c.p-c.q); + +#define M_ASN1_D2I_get_opt(b,func,type) \ + if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \ + == (V_ASN1_UNIVERSAL|(type)))) \ + { \ + M_ASN1_D2I_get(b,func); \ + } + +#define M_ASN1_D2I_get_int_opt(b,func,type) \ + if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \ + == (V_ASN1_UNIVERSAL|(type)))) \ + { \ + M_ASN1_D2I_get_int(b,func); \ + } + +#define M_ASN1_D2I_get_imp(b,func, type) \ + M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \ + c.q=c.p; \ + if (func(&(b),&c.p,c.slen) == NULL) \ + {c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \ + c.slen-=(c.p-c.q);\ + M_ASN1_next_prev=_tmp; + +#define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \ + if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \ + (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \ + { \ + ubyte _tmp = M_ASN1_next; \ + M_ASN1_D2I_get_imp(b,func, type);\ + } + +#define M_ASN1_D2I_get_set(r,func,free_func) \ + M_ASN1_D2I_get_imp_set(r,func,free_func, \ + V_ASN1_SET,V_ASN1_UNIVERSAL); + +#define M_ASN1_D2I_get_set_type(type,r,func,free_func) \ + M_ASN1_D2I_get_imp_set_type(type,r,func,free_func, \ + V_ASN1_SET,V_ASN1_UNIVERSAL); + +#define M_ASN1_D2I_get_set_opt(r,func,free_func) \ + if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ + V_ASN1_CONSTRUCTED|V_ASN1_SET)))\ + { M_ASN1_D2I_get_set(r,func,free_func); } + +#define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \ + if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ + V_ASN1_CONSTRUCTED|V_ASN1_SET)))\ + { M_ASN1_D2I_get_set_type(type,r,func,free_func); } + +#define M_ASN1_I2D_len_SET_opt(a,f) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + M_ASN1_I2D_len_SET(a,f); + +#define M_ASN1_I2D_put_SET_opt(a,f) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + M_ASN1_I2D_put_SET(a,f); + +#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + M_ASN1_I2D_put_SEQUENCE(a,f); + +#define M_ASN1_I2D_put_SEQUENCE_opt_type(type,a,f) \ + if ((a != NULL) && (sk_##type##_num(a) != 0)) \ + M_ASN1_I2D_put_SEQUENCE_type(type,a,f); + +#define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \ + if ((c.slen != 0) && \ + (M_ASN1_next == \ + (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\ + { \ + M_ASN1_D2I_get_imp_set(b,func,free_func,\ + tag,V_ASN1_CONTEXT_SPECIFIC); \ + } + +#define M_ASN1_D2I_get_IMP_set_opt_type(type,b,func,free_func,tag) \ + if ((c.slen != 0) && \ + (M_ASN1_next == \ + (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\ + { \ + M_ASN1_D2I_get_imp_set_type(type,b,func,free_func,\ + tag,V_ASN1_CONTEXT_SPECIFIC); \ + } + +#define M_ASN1_D2I_get_seq(r,func,free_func) \ + M_ASN1_D2I_get_imp_set(r,func,free_func,\ + V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); + +#define M_ASN1_D2I_get_seq_type(type,r,func,free_func) \ + M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\ + V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL) + +#define M_ASN1_D2I_get_seq_opt(r,func,free_func) \ + if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ + V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\ + { M_ASN1_D2I_get_seq(r,func,free_func); } + +#define M_ASN1_D2I_get_seq_opt_type(type,r,func,free_func) \ + if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ + V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\ + { M_ASN1_D2I_get_seq_type(type,r,func,free_func); } + +#define M_ASN1_D2I_get_IMP_set(r,func,free_func,x) \ + M_ASN1_D2I_get_imp_set(r,func,free_func,\ + x,V_ASN1_CONTEXT_SPECIFIC); + +#define M_ASN1_D2I_get_IMP_set_type(type,r,func,free_func,x) \ + M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\ + x,V_ASN1_CONTEXT_SPECIFIC); + +#define M_ASN1_D2I_get_imp_set(r,func,free_func,a,b) \ + c.q=c.p; \ + if (d2i_ASN1_SET(&(r),&c.p,c.slen,(ExternC!(char* function()) )func,\ + (ExternC!(void function()) )free_func,a,b) == NULL) \ + { c.line=__LINE__; goto err; } \ + c.slen-=(c.p-c.q); + +#define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \ + c.q=c.p; \ + if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\ + free_func,a,b) == NULL) \ + { c.line=__LINE__; goto err; } \ + c.slen-=(c.p-c.q); + +#define M_ASN1_D2I_get_set_strings(r,func,a,b) \ + c.q=c.p; \ + if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \ + { c.line=__LINE__; goto err; } \ + c.slen-=(c.p-c.q); + +#define M_ASN1_D2I_get_EXP_opt(r,func,tag) \ + if ((c.slen != 0L) && (M_ASN1_next == \ + (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \ + { \ + int Tinf,Ttag,Tclass; \ + c_long Tlen; \ + \ + c.q=c.p; \ + Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \ + if (Tinf & 0x80) \ + { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \ + c.line=__LINE__; goto err; } \ + if (Tinf == (V_ASN1_CONSTRUCTED+1)) \ + Tlen = c.slen - (c.p - c.q) - 2; \ + if (func(&(r),&c.p,Tlen) == NULL) \ + { c.line=__LINE__; goto err; } \ + if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \ + Tlen = c.slen - (c.p - c.q); \ + if(!ASN1_const_check_infinite_end(&c.p, Tlen)) \ + { c.error=ERR_R_MISSING_ASN1_EOS; \ + c.line=__LINE__; goto err; } \ + }\ + c.slen-=(c.p-c.q); \ + } + +#define M_ASN1_D2I_get_EXP_set_opt(r,func,free_func,tag,b) \ + if ((c.slen != 0) && (M_ASN1_next == \ + (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \ + { \ + int Tinf,Ttag,Tclass; \ + c_long Tlen; \ + \ + c.q=c.p; \ + Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \ + if (Tinf & 0x80) \ + { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \ + c.line=__LINE__; goto err; } \ + if (Tinf == (V_ASN1_CONSTRUCTED+1)) \ + Tlen = c.slen - (c.p - c.q) - 2; \ + if (d2i_ASN1_SET(&(r),&c.p,Tlen,(ExternC!(char* function()) )func, \ + (ExternC!(void function()) )free_func, \ + b,V_ASN1_UNIVERSAL) == NULL) \ + { c.line=__LINE__; goto err; } \ + if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \ + Tlen = c.slen - (c.p - c.q); \ + if(!ASN1_check_infinite_end(&c.p, Tlen)) \ + { c.error=ERR_R_MISSING_ASN1_EOS; \ + c.line=__LINE__; goto err; } \ + }\ + c.slen-=(c.p-c.q); \ + } + +#define M_ASN1_D2I_get_EXP_set_opt_type(type,r,func,free_func,tag,b) \ + if ((c.slen != 0) && (M_ASN1_next == \ + (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \ + { \ + int Tinf,Ttag,Tclass; \ + c_long Tlen; \ + \ + c.q=c.p; \ + Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \ + if (Tinf & 0x80) \ + { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \ + c.line=__LINE__; goto err; } \ + if (Tinf == (V_ASN1_CONSTRUCTED+1)) \ + Tlen = c.slen - (c.p - c.q) - 2; \ + if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \ + free_func,b,V_ASN1_UNIVERSAL) == NULL) \ + { c.line=__LINE__; goto err; } \ + if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \ + Tlen = c.slen - (c.p - c.q); \ + if(!ASN1_check_infinite_end(&c.p, Tlen)) \ + { c.error=ERR_R_MISSING_ASN1_EOS; \ + c.line=__LINE__; goto err; } \ + }\ + c.slen-=(c.p-c.q); \ + } + +/* New macros */ +#define M_ASN1_New_Malloc(ret,type) \ + if ((ret=(type*)OPENSSL_malloc(sizeof(type))) == NULL) \ + { c.line=__LINE__; goto err2; } + +#define M_ASN1_New(arg,func) \ + if (((arg)=func()) == NULL) return(NULL) + +#define M_ASN1_New_Error(a) \ +/* err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \ + return(NULL);*/ \ + err2: ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \ + return(NULL) + + +/* BIG UGLY WARNING! This is so damn ugly I wanna puke. Unfortunately, + some macros that use ASN1_const_CTX still insist on writing in the input + stream. ARGH! ARGH! ARGH! Let's get rid of this macro package. + Please? -- Richard Levitte */ +#define M_ASN1_next (*((ubyte*)(c.p))) +#define M_ASN1_next_prev (*((ubyte*)(c.q))) + +/*************************************************/ + +#define M_ASN1_I2D_vars(a) int r=0,ret=0; \ + ubyte* p; \ + if (a == NULL) return(0) + +/* Length Macros */ +#define M_ASN1_I2D_len(a,f) ret+=f(a,NULL) +#define M_ASN1_I2D_len_IMP_opt(a,f) if (a != NULL) M_ASN1_I2D_len(a,f) + +#define M_ASN1_I2D_len_SET(a,f) \ + ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET); + +#define M_ASN1_I2D_len_SET_type(type,a,f) \ + ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SET, \ + V_ASN1_UNIVERSAL,IS_SET); + +#define M_ASN1_I2D_len_SEQUENCE(a,f) \ + ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \ + IS_SEQUENCE); + +#define M_ASN1_I2D_len_SEQUENCE_type(type,a,f) \ + ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SEQUENCE, \ + V_ASN1_UNIVERSAL,IS_SEQUENCE) + +#define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + M_ASN1_I2D_len_SEQUENCE(a,f); + +#define M_ASN1_I2D_len_SEQUENCE_opt_type(type,a,f) \ + if ((a != NULL) && (sk_##type##_num(a) != 0)) \ + M_ASN1_I2D_len_SEQUENCE_type(type,a,f); + +#define M_ASN1_I2D_len_IMP_SET(a,f,x) \ + ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET); + +#define M_ASN1_I2D_len_IMP_SET_type(type,a,f,x) \ + ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \ + V_ASN1_CONTEXT_SPECIFIC,IS_SET); + +#define M_ASN1_I2D_len_IMP_SET_opt(a,f,x) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \ + IS_SET); + +#define M_ASN1_I2D_len_IMP_SET_opt_type(type,a,f,x) \ + if ((a != NULL) && (sk_##type##_num(a) != 0)) \ + ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \ + V_ASN1_CONTEXT_SPECIFIC,IS_SET); + +#define M_ASN1_I2D_len_IMP_SEQUENCE(a,f,x) \ + ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \ + IS_SEQUENCE); + +#define M_ASN1_I2D_len_IMP_SEQUENCE_opt(a,f,x) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \ + IS_SEQUENCE); + +#define M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(type,a,f,x) \ + if ((a != NULL) && (sk_##type##_num(a) != 0)) \ + ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \ + V_ASN1_CONTEXT_SPECIFIC, \ + IS_SEQUENCE); + +#define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \ + if (a != NULL)\ + { \ + v=f(a,NULL); \ + ret+=ASN1_object_size(1,v,mtag); \ + } + +#define M_ASN1_I2D_len_EXP_SET_opt(a,f,mtag,tag,v) \ + if ((a != NULL) && (sk_num(a) != 0))\ + { \ + v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL,IS_SET); \ + ret+=ASN1_object_size(1,v,mtag); \ + } + +#define M_ASN1_I2D_len_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \ + if ((a != NULL) && (sk_num(a) != 0))\ + { \ + v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL, \ + IS_SEQUENCE); \ + ret+=ASN1_object_size(1,v,mtag); \ + } + +#define M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \ + if ((a != NULL) && (sk_##type##_num(a) != 0))\ + { \ + v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \ + V_ASN1_UNIVERSAL, \ + IS_SEQUENCE); \ + ret+=ASN1_object_size(1,v,mtag); \ + } + +/* Put Macros */ +#define M_ASN1_I2D_put(a,f) f(a,&p) + +#define M_ASN1_I2D_put_IMP_opt(a,f,t) \ + if (a != NULL) \ + { \ + ubyte* q=p; \ + f(a,&p); \ + *q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\ + } + +#define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\ + V_ASN1_UNIVERSAL,IS_SET) +#define M_ASN1_I2D_put_SET_type(type,a,f) \ + i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET) +#define M_ASN1_I2D_put_IMP_SET(a,f,x) i2d_ASN1_SET(a,&p,f,x,\ + V_ASN1_CONTEXT_SPECIFIC,IS_SET) +#define M_ASN1_I2D_put_IMP_SET_type(type,a,f,x) \ + i2d_ASN1_SET_OF_##type(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET) +#define M_ASN1_I2D_put_IMP_SEQUENCE(a,f,x) i2d_ASN1_SET(a,&p,f,x,\ + V_ASN1_CONTEXT_SPECIFIC,IS_SEQUENCE) + +#define M_ASN1_I2D_put_SEQUENCE(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\ + V_ASN1_UNIVERSAL,IS_SEQUENCE) + +#define M_ASN1_I2D_put_SEQUENCE_type(type,a,f) \ + i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \ + IS_SEQUENCE) + +#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + M_ASN1_I2D_put_SEQUENCE(a,f); + +#define M_ASN1_I2D_put_IMP_SET_opt(a,f,x) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \ + IS_SET); } + +#define M_ASN1_I2D_put_IMP_SET_opt_type(type,a,f,x) \ + if ((a != NULL) && (sk_##type##_num(a) != 0)) \ + { i2d_ASN1_SET_OF_##type(a,&p,f,x, \ + V_ASN1_CONTEXT_SPECIFIC, \ + IS_SET); } + +#define M_ASN1_I2D_put_IMP_SEQUENCE_opt(a,f,x) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \ + IS_SEQUENCE); } + +#define M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(type,a,f,x) \ + if ((a != NULL) && (sk_##type##_num(a) != 0)) \ + { i2d_ASN1_SET_OF_##type(a,&p,f,x, \ + V_ASN1_CONTEXT_SPECIFIC, \ + IS_SEQUENCE); } + +#define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \ + if (a != NULL) \ + { \ + ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \ + f(a,&p); \ + } + +#define M_ASN1_I2D_put_EXP_SET_opt(a,f,mtag,tag,v) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + { \ + ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \ + i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SET); \ + } + +#define M_ASN1_I2D_put_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \ + if ((a != NULL) && (sk_num(a) != 0)) \ + { \ + ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \ + i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SEQUENCE); \ + } + +#define M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \ + if ((a != NULL) && (sk_##type##_num(a) != 0)) \ + { \ + ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \ + i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \ + IS_SEQUENCE); \ + } + +#define M_ASN1_I2D_seq_total() \ + r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \ + if (pp == NULL) return(r); \ + p= *pp; \ + ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL) + +#define M_ASN1_I2D_INF_seq_start(tag,ctx) \ + *(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \ + *(p++)=0x80 + +#define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00 + +#define M_ASN1_I2D_finish() *pp=p; \ + return(r); ++/ + +int asn1_GetSequence(ASN1_const_CTX* c, c_long* length); +void asn1_add_error(const(ubyte)* address,int offset); diff --git a/deimos/openssl/asn1t.d b/deimos/openssl/asn1t.d new file mode 100644 index 0000000..f6047f0 --- /dev/null +++ b/deimos/openssl/asn1t.d @@ -0,0 +1,961 @@ +/* asn1t.h */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +module deimos.openssl.asn1t; + +import deimos.openssl._d_util; + +import deimos.openssl.ossl_typ; // Needed for ASN1_BOOLEAN, etc. + +import core.stdc.config; +public import deimos.openssl.e_os2; +public import deimos.openssl.asn1; + + +/* ASN1 template defines, structures and functions */ + +extern (C): +nothrow: + +/+ FIXME: Not yet ported. +#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION + +/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */ +#define ASN1_ADB_ptr(iptr) ((const(ASN1_ADB)*)(iptr)) + + +/* Macros for start and end of ASN1_ITEM definition */ + +#define ASN1_ITEM_start(itname) \ + OPENSSL_GLOBAL const ASN1_ITEM itname##_it = { + +#define ASN1_ITEM_end(itname) \ + }; + +#else + +/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */ +#define ASN1_ADB_ptr(iptr) ((const(ASN1_ADB)*)(iptr())) + + +/* Macros for start and end of ASN1_ITEM definition */ + +#define ASN1_ITEM_start(itname) \ + const(ASN1_ITEM)* itname##_it() \ + { \ + static const ASN1_ITEM local_it = { + +#define ASN1_ITEM_end(itname) \ + }; \ + return &local_it; \ + } + +#endif + + +/* Macros to aid ASN1 template writing */ + +#define ASN1_ITEM_TEMPLATE(tname) \ + static const ASN1_TEMPLATE tname##_item_tt + +#define ASN1_ITEM_TEMPLATE_END(tname) \ + ;\ + ASN1_ITEM_start(tname) \ + ASN1_ITYPE_PRIMITIVE,\ + -1,\ + &tname##_item_tt,\ + 0,\ + NULL,\ + 0,\ + #tname \ + ASN1_ITEM_end(tname) + + +/* This is a ASN1 type which just embeds a template */ + +/* This pair helps declare a SEQUENCE. We can do: + * + * ASN1_SEQUENCE(stname) = { + * ... SEQUENCE components ... + * } ASN1_SEQUENCE_END(stname) + * + * This will produce an ASN1_ITEM called stname_it + * for a structure called stname. + * + * If you want the same structure but a different + * name then use: + * + * ASN1_SEQUENCE(itname) = { + * ... SEQUENCE components ... + * } ASN1_SEQUENCE_END_name(stname, itname) + * + * This will create an item called itname_it using + * a structure called stname. + */ + +#define ASN1_SEQUENCE(tname) \ + static const ASN1_TEMPLATE[] tname##_seq_tt + +#define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname) + +#define ASN1_SEQUENCE_END_name(stname, tname) \ + ;\ + ASN1_ITEM_start(tname) \ + ASN1_ITYPE_SEQUENCE,\ + V_ASN1_SEQUENCE,\ + tname##_seq_tt,\ + sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ + NULL,\ + sizeof(stname),\ + #stname \ + ASN1_ITEM_end(tname) + +#define ASN1_NDEF_SEQUENCE(tname) \ + ASN1_SEQUENCE(tname) + +#define ASN1_NDEF_SEQUENCE_cb(tname, cb) \ + ASN1_SEQUENCE_cb(tname, cb) + +#define ASN1_SEQUENCE_cb(tname, cb) \ + static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ + ASN1_SEQUENCE(tname) + +#define ASN1_BROKEN_SEQUENCE(tname) \ + static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \ + ASN1_SEQUENCE(tname) + +#define ASN1_SEQUENCE_ref(tname, cb, lck) \ + static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \ + ASN1_SEQUENCE(tname) + +#define ASN1_SEQUENCE_enc(tname, enc, cb) \ + static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \ + ASN1_SEQUENCE(tname) + +#define ASN1_NDEF_SEQUENCE_END(tname) \ + ;\ + ASN1_ITEM_start(tname) \ + ASN1_ITYPE_NDEF_SEQUENCE,\ + V_ASN1_SEQUENCE,\ + tname##_seq_tt,\ + sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ + NULL,\ + sizeof(tname),\ + #tname \ + ASN1_ITEM_end(tname) + +#define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname) + +#define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname) + +#define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname) + +#define ASN1_SEQUENCE_END_ref(stname, tname) \ + ;\ + ASN1_ITEM_start(tname) \ + ASN1_ITYPE_SEQUENCE,\ + V_ASN1_SEQUENCE,\ + tname##_seq_tt,\ + sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ + &tname##_aux,\ + sizeof(stname),\ + #stname \ + ASN1_ITEM_end(tname) + +#define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \ + ;\ + ASN1_ITEM_start(tname) \ + ASN1_ITYPE_NDEF_SEQUENCE,\ + V_ASN1_SEQUENCE,\ + tname##_seq_tt,\ + sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ + &tname##_aux,\ + sizeof(stname),\ + #stname \ + ASN1_ITEM_end(tname) + + +/* This pair helps declare a CHOICE type. We can do: + * + * ASN1_CHOICE(chname) = { + * ... CHOICE options ... + * ASN1_CHOICE_END(chname) + * + * This will produce an ASN1_ITEM called chname_it + * for a structure called chname. The structure + * definition must look like this: + * typedef struct { + * int type; + * union { + * ASN1_SOMETHING* opt1; + * ASN1_SOMEOTHER* opt2; + * } value; + * } chname; + * + * the name of the selector must be 'type'. + * to use an alternative selector name use the + * ASN1_CHOICE_END_selector() version. + */ + +#define ASN1_CHOICE(tname) \ + static const ASN1_TEMPLATE[] tname##_ch_tt + +#define ASN1_CHOICE_cb(tname, cb) \ + static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ + ASN1_CHOICE(tname) + +#define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname) + +#define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type) + +#define ASN1_CHOICE_END_selector(stname, tname, selname) \ + ;\ + ASN1_ITEM_start(tname) \ + ASN1_ITYPE_CHOICE,\ + offsetof(stname,selname) ,\ + tname##_ch_tt,\ + sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\ + NULL,\ + sizeof(stname),\ + #stname \ + ASN1_ITEM_end(tname) + +#define ASN1_CHOICE_END_cb(stname, tname, selname) \ + ;\ + ASN1_ITEM_start(tname) \ + ASN1_ITYPE_CHOICE,\ + offsetof(stname,selname) ,\ + tname##_ch_tt,\ + sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\ + &tname##_aux,\ + sizeof(stname),\ + #stname \ + ASN1_ITEM_end(tname) + +/* This helps with the template wrapper form of ASN1_ITEM */ + +#define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \ + (flags), (tag), 0,\ + #name, ASN1_ITEM_ref(type) } + +/* These help with SEQUENCE or CHOICE components */ + +/* used to declare other types */ + +#define ASN1_EX_TYPE(flags, tag, stname, field, type) { \ + (flags), (tag), offsetof(stname, field),\ + #field, ASN1_ITEM_ref(type) } + +/* used when the structure is combined with the parent */ + +#define ASN1_EX_COMBINE(flags, tag, type) { \ + (flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) } + +/* implicit and explicit helper macros */ + +#define ASN1_IMP_EX(stname, field, type, tag, ex) \ + ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type) + +#define ASN1_EXP_EX(stname, field, type, tag, ex) \ + ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type) + +/* Any defined by macros: the field used is in the table itself */ + +#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION +#define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const(ASN1_ITEM)*)&(tblname##_adb) } +#define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const(ASN1_ITEM)*)&(tblname##_adb) } +#else +#define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb } +#define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb } +#endif +/* Plain simple type */ +#define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type) + +/* OPTIONAL simple type */ +#define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type) + +/* IMPLICIT tagged simple type */ +#define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0) + +/* IMPLICIT tagged OPTIONAL simple type */ +#define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL) + +/* Same as above but EXPLICIT */ + +#define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0) +#define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL) + +/* SEQUENCE OF type */ +#define ASN1_SEQUENCE_OF(stname, field, type) \ + ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type) + +/* OPTIONAL SEQUENCE OF */ +#define ASN1_SEQUENCE_OF_OPT(stname, field, type) \ + ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type) + +/* Same as above but for SET OF */ + +#define ASN1_SET_OF(stname, field, type) \ + ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type) + +#define ASN1_SET_OF_OPT(stname, field, type) \ + ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type) + +/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */ + +#define ASN1_IMP_SET_OF(stname, field, type, tag) \ + ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF) + +#define ASN1_EXP_SET_OF(stname, field, type, tag) \ + ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF) + +#define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \ + ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL) + +#define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \ + ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL) + +#define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \ + ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF) + +#define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \ + ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL) + +#define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \ + ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF) + +#define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \ + ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL) + +/* EXPLICIT using indefinite length constructed form */ +#define ASN1_NDEF_EXP(stname, field, type, tag) \ + ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF) + +/* EXPLICIT OPTIONAL using indefinite length constructed form */ +#define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \ + ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF) + +/* Macros for the ASN1_ADB structure */ + +#define ASN1_ADB(name) \ + static const ASN1_ADB_TABLE[] name##_adbtbl + +#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION + +#define ASN1_ADB_END(name, flags, field, app_table, def, none) \ + ;\ + static const ASN1_ADB name##_adb = {\ + flags,\ + offsetof(name, field),\ + app_table,\ + name##_adbtbl,\ + sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\ + def,\ + none\ + } + +#else + +#define ASN1_ADB_END(name, flags, field, app_table, def, none) \ + ;\ + static const(ASN1_ITEM)* name##_adb() \ + { \ + static const ASN1_ADB internal_adb = \ + {\ + flags,\ + offsetof(name, field),\ + app_table,\ + name##_adbtbl,\ + sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\ + def,\ + none\ + }; \ + return (const(ASN1_ITEM)*) &internal_adb; \ + } \ + void dummy_function() + +#endif + +#define ADB_ENTRY(val, template) {val, template} + +#define ASN1_ADB_TEMPLATE(name) \ + static const ASN1_TEMPLATE name##_tt ++/ +/* This is the ASN1 template structure that defines + * a wrapper round the actual type. It determines the + * actual position of the field in the value structure, + * various flags such as OPTIONAL and the field name. + */ + +struct ASN1_TEMPLATE_st { +c_ulong flags; /* Various flags */ +c_long tag; /* tag, not used if no tagging */ +c_ulong offset; /* Offset of this field in structure */ +version (NO_ASN1_FIELD_NAMES) {} else { +const(char)* field_name; /* Field name */ +} +ASN1_ITEM_EXP* item; /* Relevant ASN1_ITEM or ASN1_ADB */ +}; + +/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */ + +auto ASN1_TEMPLATE_item()(ASN1_TEMPLATE_st* t) { return (t.item_ptr); } +auto ASN1_TEMPLATE_adb()(ASN1_TEMPLATE_st* t) { return (t.item_ptr); } + +alias ASN1_ADB_TABLE_st ASN1_ADB_TABLE; +alias ASN1_ADB_st ASN1_ADB; + +struct ASN1_ADB_st { + c_ulong flags; /* Various flags */ + c_ulong offset; /* Offset of selector field */ + STACK_OF!(ASN1_ADB_TABLE) **app_items; /* Application defined items */ + const(ASN1_ADB_TABLE)* tbl; /* Table of possible types */ + c_long tblcount; /* Number of entries in tbl */ + const(ASN1_TEMPLATE)* default_tt; /* Type to use if no match */ + const(ASN1_TEMPLATE)* null_tt; /* Type to use if selector is NULL */ +}; + +struct ASN1_ADB_TABLE_st { + c_long value; /* NID for an object or value for an int */ + const ASN1_TEMPLATE tt; /* item for this value */ +}; + +/* template flags */ + +/* Field is optional */ +enum ASN1_TFLG_OPTIONAL = (0x1); + +/* Field is a SET OF */ +enum ASN1_TFLG_SET_OF = (0x1 << 1); + +/* Field is a SEQUENCE OF */ +enum ASN1_TFLG_SEQUENCE_OF = (0x2 << 1); + +/* Special case: this refers to a SET OF that + * will be sorted into DER order when encoded* and* + * the corresponding STACK will be modified to match + * the new order. + */ +enum ASN1_TFLG_SET_ORDER = (0x3 << 1); + +/* Mask for SET OF or SEQUENCE OF */ +enum ASN1_TFLG_SK_MASK = (0x3 << 1); + +/* These flags mean the tag should be taken from the + * tag field. If EXPLICIT then the underlying type + * is used for the inner tag. + */ + +/* IMPLICIT tagging */ +enum ASN1_TFLG_IMPTAG = (0x1 << 3); + + +/* EXPLICIT tagging, inner tag from underlying type */ +enum ASN1_TFLG_EXPTAG = (0x2 << 3); + +enum ASN1_TFLG_TAG_MASK = (0x3 << 3); + +/* context specific IMPLICIT */ +enum ASN1_TFLG_IMPLICIT = ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT; + +/* context specific EXPLICIT */ +enum ASN1_TFLG_EXPLICIT = ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT; + +/* If tagging is in force these determine the + * type of tag to use. Otherwise the tag is + * determined by the underlying type. These + * values reflect the actual octet format. + */ + +/* Universal tag */ +enum ASN1_TFLG_UNIVERSAL = (0x0<<6); +/* Application tag */ +enum ASN1_TFLG_APPLICATION = (0x1<<6); +/* Context specific tag */ +enum ASN1_TFLG_CONTEXT = (0x2<<6); +/* Private tag */ +enum ASN1_TFLG_PRIVATE = (0x3<<6); + +enum ASN1_TFLG_TAG_CLASS = (0x3<<6); + +/* These are for ANY DEFINED BY type. In this case + * the 'item' field points to an ASN1_ADB structure + * which contains a table of values to decode the + * relevant type + */ + +enum ASN1_TFLG_ADB_MASK = (0x3<<8); + +enum ASN1_TFLG_ADB_OID = (0x1<<8); + +enum ASN1_TFLG_ADB_INT = (0x1<<9); + +/* This flag means a parent structure is passed + * instead of the field: this is useful is a + * SEQUENCE is being combined with a CHOICE for + * example. Since this means the structure and + * item name will differ we need to use the + * ASN1_CHOICE_END_name() macro for example. + */ + +enum ASN1_TFLG_COMBINE = (0x1<<10); + +/* This flag when present in a SEQUENCE OF, SET OF + * or EXPLICIT causes indefinite length constructed + * encoding to be used if required. + */ + +enum ASN1_TFLG_NDEF = (0x1<<11); + +/* This is the actual ASN1 item itself */ + +struct ASN1_ITEM_st { +char itype; /* The item type, primitive, SEQUENCE, CHOICE or extern */ +c_long utype; /* underlying type */ +const(ASN1_TEMPLATE)* templates; /* If SEQUENCE or CHOICE this contains the contents */ +c_long tcount; /* Number of templates if SEQUENCE or CHOICE */ +const(void)* funcs; /* functions that handle this type */ +c_long size; /* Structure size (usually)*/ +version (NO_ASN1_FIELD_NAMES) {} else { +const(char)* sname; /* Structure name */ +} +}; + +/* These are values for the itype field and + * determine how the type is interpreted. + * + * For PRIMITIVE types the underlying type + * determines the behaviour if items is NULL. + * + * Otherwise templates must contain a single + * template and the type is treated in the + * same way as the type specified in the template. + * + * For SEQUENCE types the templates field points + * to the members, the size field is the + * structure size. + * + * For CHOICE types the templates field points + * to each possible member (typically a union) + * and the 'size' field is the offset of the + * selector. + * + * The 'funcs' field is used for application + * specific functions. + * + * For COMPAT types the funcs field gives a + * set of functions that handle this type, this + * supports the old d2i, i2d convention. + * + * The EXTERN type uses a new style d2i/i2d. + * The new style should be used where possible + * because it avoids things like the d2i IMPLICIT + * hack. + * + * MSTRING is a multiple string type, it is used + * for a CHOICE of character strings where the + * actual strings all occupy an ASN1_STRING + * structure. In this case the 'utype' field + * has a special meaning, it is used as a mask + * of acceptable types using the B_ASN1 constants. + * + * NDEF_SEQUENCE is the same as SEQUENCE except + * that it will use indefinite length constructed + * encoding if requested. + * + */ + +enum ASN1_ITYPE_PRIMITIVE = 0x0; + +enum ASN1_ITYPE_SEQUENCE = 0x1; + +enum ASN1_ITYPE_CHOICE = 0x2; + +enum ASN1_ITYPE_COMPAT = 0x3; + +enum ASN1_ITYPE_EXTERN = 0x4; + +enum ASN1_ITYPE_MSTRING = 0x5; + +enum ASN1_ITYPE_NDEF_SEQUENCE = 0x6; + +/* Cache for ASN1 tag and length, so we + * don't keep re-reading it for things + * like CHOICE + */ + +struct ASN1_TLC_st{ + char valid; /* Values below are valid */ + int ret; /* return value */ + c_long plen; /* length */ + int ptag; /* class value */ + int pclass; /* class value */ + int hdrlen; /* header length */ +}; + +/* Typedefs for ASN1 function pointers */ + +alias typeof(*(ExternC!(ASN1_VALUE* function())).init) ASN1_new_func; +alias typeof(*(ExternC!(void function(ASN1_VALUE* a))).init) ASN1_free_func; +alias typeof(*(ExternC!(ASN1_VALUE* function(ASN1_VALUE** a, const(ubyte)** in_, c_long length))).init) ASN1_d2i_func; +alias typeof(*(ExternC!(int function(ASN1_VALUE* a, ubyte** in_))).init) ASN1_i2d_func; + +alias typeof(*(ExternC!(int function(ASN1_VALUE** pval, const(ubyte)** in_, c_long len, const(ASN1_ITEM)* it, + int tag, int aclass, char opt, ASN1_TLC* ctx))).init) ASN1_ex_d2i; + +alias typeof(*(ExternC!(int function(ASN1_VALUE** pval, ubyte** out_, const(ASN1_ITEM)* it, int tag, int aclass))).init) ASN1_ex_i2d; +alias typeof(*(ExternC!(int function(ASN1_VALUE** pval, const(ASN1_ITEM)* it))).init) ASN1_ex_new_func; +alias typeof(*(ExternC!(void function(ASN1_VALUE** pval, const(ASN1_ITEM)* it))).init) ASN1_ex_free_func; + +alias typeof(*(ExternC!(int function(BIO* out_, ASN1_VALUE** pval, + int indent, const(char)* fname, + const(ASN1_PCTX)* pctx))).init) ASN1_ex_print_func; + +alias typeof(*(ExternC!(int function(ASN1_VALUE** pval, ubyte* cont, int* putype, const(ASN1_ITEM)* it))).init) ASN1_primitive_i2c; +alias typeof(*(ExternC!(int function(ASN1_VALUE** pval, const(ubyte)* cont, int len, int utype, char* free_cont, const(ASN1_ITEM)* it))).init) ASN1_primitive_c2i; +alias typeof(*(ExternC!(int function(BIO* out_, ASN1_VALUE** pval, const(ASN1_ITEM)* it, int indent, const(ASN1_PCTX)* pctx))).init) ASN1_primitive_print; + +struct ASN1_COMPAT_FUNCS_st { + ASN1_new_func* asn1_new; + ASN1_free_func* asn1_free; + ASN1_d2i_func* asn1_d2i; + ASN1_i2d_func* asn1_i2d; +} +alias ASN1_COMPAT_FUNCS_st ASN1_COMPAT_FUNCS; + +struct ASN1_EXTERN_FUNCS_st { + void* app_data; + ASN1_ex_new_func* asn1_ex_new; + ASN1_ex_free_func* asn1_ex_free; + ASN1_ex_free_func* asn1_ex_clear; + ASN1_ex_d2i* asn1_ex_d2i; + ASN1_ex_i2d* asn1_ex_i2d; + ASN1_ex_print_func* asn1_ex_print; +} +alias ASN1_EXTERN_FUNCS_st ASN1_EXTERN_FUNCS; + +struct ASN1_PRIMITIVE_FUNCS_st { + void* app_data; + c_ulong flags; + ASN1_ex_new_func* prim_new; + ASN1_ex_free_func* prim_free; + ASN1_ex_free_func* prim_clear; + ASN1_primitive_c2i* prim_c2i; + ASN1_primitive_i2c* prim_i2c; + ASN1_primitive_print* prim_print; +} +alias ASN1_PRIMITIVE_FUNCS_st ASN1_PRIMITIVE_FUNCS; + +/* This is the ASN1_AUX structure: it handles various + * miscellaneous requirements. For example the use of + * reference counts and an informational callback. + * + * The "informational callback" is called at various + * points during the ASN1 encoding and decoding. It can + * be used to provide minor customisation of the structures + * used. This is most useful where the supplied routines + ** almost* do the right thing but need some extra help + * at a few points. If the callback returns zero then + * it is assumed a fatal error has occurred and the + * main operation should be abandoned. + * + * If major changes in the default behaviour are required + * then an external type is more appropriate. + */ + +alias typeof(*(ExternC!(int function(int operation, ASN1_VALUE** in_, const(ASN1_ITEM)* it, + void* exarg))).init) ASN1_aux_cb; + +struct ASN1_AUX_st { + void* app_data; + int flags; + int ref_offset; /* Offset of reference value */ + int ref_lock; /* Lock type to use */ + ASN1_aux_cb* asn1_cb; + int enc_offset; /* Offset of ASN1_ENCODING structure */ +} +alias ASN1_AUX_st ASN1_AUX; + +/* For print related callbacks exarg points to this structure */ +struct ASN1_PRINT_ARG_st { + BIO* out_; + int indent; + const(ASN1_PCTX)* pctx; +} +alias ASN1_PRINT_ARG_st ASN1_PRINT_ARG; + +/* For streaming related callbacks exarg points to this structure */ +struct ASN1_STREAM_ARG_st { + /* BIO to stream through */ + BIO* out_; + /* BIO with filters appended */ + BIO* ndef_bio; + /* Streaming I/O boundary */ + ubyte** boundary; +} +alias ASN1_STREAM_ARG_st ASN1_STREAM_ARG; + +/* Flags in ASN1_AUX */ + +/* Use a reference count */ +enum ASN1_AFLG_REFCOUNT = 1; +/* Save the encoding of structure (useful for signatures) */ +enum ASN1_AFLG_ENCODING = 2; +/* The Sequence length is invalid */ +enum ASN1_AFLG_BROKEN = 4; + +/* operation values for asn1_cb */ + +enum ASN1_OP_NEW_PRE = 0; +enum ASN1_OP_NEW_POST = 1; +enum ASN1_OP_FREE_PRE = 2; +enum ASN1_OP_FREE_POST = 3; +enum ASN1_OP_D2I_PRE = 4; +enum ASN1_OP_D2I_POST = 5; +enum ASN1_OP_I2D_PRE = 6; +enum ASN1_OP_I2D_POST = 7; +enum ASN1_OP_PRINT_PRE = 8; +enum ASN1_OP_PRINT_POST = 9; +enum ASN1_OP_STREAM_PRE = 10; +enum ASN1_OP_STREAM_POST = 11; +enum ASN1_OP_DETACHED_PRE = 12; +enum ASN1_OP_DETACHED_POST = 13; + +/+ FIXME: Not yet ported. +/* Macro to implement a primitive type */ +#define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0) +#define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \ + ASN1_ITEM_start(itname) \ + ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \ + ASN1_ITEM_end(itname) + +/* Macro to implement a multi string type */ +#define IMPLEMENT_ASN1_MSTRING(itname, mask) \ + ASN1_ITEM_start(itname) \ + ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \ + ASN1_ITEM_end(itname) + +/* Macro to implement an ASN1_ITEM in terms of old style funcs */ + +#define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE) + +#define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \ + static const ASN1_COMPAT_FUNCS sname##_ff = { \ + (ASN1_new_func*)sname##_new, \ + (ASN1_free_func*)sname##_free, \ + (ASN1_d2i_func*)d2i_##sname, \ + (ASN1_i2d_func*)i2d_##sname, \ + }; \ + ASN1_ITEM_start(sname) \ + ASN1_ITYPE_COMPAT, \ + tag, \ + NULL, \ + 0, \ + &sname##_ff, \ + 0, \ + #sname \ + ASN1_ITEM_end(sname) + +#define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \ + ASN1_ITEM_start(sname) \ + ASN1_ITYPE_EXTERN, \ + tag, \ + NULL, \ + 0, \ + &fptrs, \ + 0, \ + #sname \ + ASN1_ITEM_end(sname) + +/* Macro to implement standard functions in terms of ASN1_ITEM structures */ + +#define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname) + +#define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname) + +#define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \ + IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname) + +#define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \ + IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname) + +#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \ + IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname) + +#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \ + pre stname* fname##_new() \ + { \ + return (stname*)ASN1_item_new(ASN1_ITEM_rptr(itname)); \ + } \ + pre void fname##_free(stname* a) \ + { \ + ASN1_item_free((ASN1_VALUE*)a, ASN1_ITEM_rptr(itname)); \ + } + +#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \ + stname* fname##_new() \ + { \ + return (stname*)ASN1_item_new(ASN1_ITEM_rptr(itname)); \ + } \ + void fname##_free(stname* a) \ + { \ + ASN1_item_free((ASN1_VALUE*)a, ASN1_ITEM_rptr(itname)); \ + } + +#define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) + +#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ + stname* d2i_##fname(stname** a, const(ubyte)** in_, c_long len) \ + { \ + return (stname*)ASN1_item_d2i((ASN1_VALUE**)a, in_, len, ASN1_ITEM_rptr(itname));\ + } \ + int i2d_##fname(stname* a, ubyte** out_) \ + { \ + return ASN1_item_i2d((ASN1_VALUE*)a, out_, ASN1_ITEM_rptr(itname));\ + } + +#define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \ + int i2d_##stname##_NDEF(stname* a, ubyte** out_) \ + { \ + return ASN1_item_ndef_i2d((ASN1_VALUE*)a, out_, ASN1_ITEM_rptr(stname));\ + } + +/* This includes evil casts to remove const: they will go away when full + * ASN1 constification is done. + */ +#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ + stname* d2i_##fname(stname** a, const(ubyte)** in_, c_long len) \ + { \ + return (stname*)ASN1_item_d2i((ASN1_VALUE**)a, in_, len, ASN1_ITEM_rptr(itname));\ + } \ + int i2d_##fname(const(stname)* a, ubyte** out_) \ + { \ + return ASN1_item_i2d((ASN1_VALUE*)a, out_, ASN1_ITEM_rptr(itname));\ + } + +#define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \ + stname* stname##_dup(stname* x) \ + { \ + return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \ + } + +#define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \ + IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname) + +#define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \ + int fname##_print_ctx(BIO* out_, stname* x, int indent, \ + const(ASN1_PCTX)* pctx) \ + { \ + return ASN1_item_print(out, (ASN1_VALUE*)x, indent, \ + ASN1_ITEM_rptr(itname), pctx); \ + } + +#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \ + IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name) + +#define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) ++/ + +/* external definitions for primitive types */ + +mixin(DECLARE_ASN1_ITEM!"ASN1_BOOLEAN"); +mixin(DECLARE_ASN1_ITEM!"ASN1_TBOOLEAN"); +mixin(DECLARE_ASN1_ITEM!"ASN1_FBOOLEAN"); +mixin(DECLARE_ASN1_ITEM!"ASN1_SEQUENCE"); +mixin(DECLARE_ASN1_ITEM!"CBIGNUM"); +mixin(DECLARE_ASN1_ITEM!"BIGNUM"); +mixin(DECLARE_ASN1_ITEM!"LONG"); +mixin(DECLARE_ASN1_ITEM!"ZLONG"); + +/+mixin DECLARE_STACK_OF!(ASN1_VALUE);+/ + +/* Functions used internally by the ASN1 code */ + +int ASN1_item_ex_new(ASN1_VALUE** pval, const(ASN1_ITEM)* it); +void ASN1_item_ex_free(ASN1_VALUE** pval, const(ASN1_ITEM)* it); +int ASN1_template_new(ASN1_VALUE** pval, const(ASN1_TEMPLATE)* tt); +int ASN1_primitive_new(ASN1_VALUE** pval, const(ASN1_ITEM)* it); + +void ASN1_template_free(ASN1_VALUE** pval, const(ASN1_TEMPLATE)* tt); +int ASN1_template_d2i(ASN1_VALUE** pval, const(ubyte)** in_, c_long len, const(ASN1_TEMPLATE)* tt); +int ASN1_item_ex_d2i(ASN1_VALUE** pval, const(ubyte)** in_, c_long len, const(ASN1_ITEM)* it, + int tag, int aclass, char opt, ASN1_TLC* ctx); + +int ASN1_item_ex_i2d(ASN1_VALUE** pval, ubyte** out_, const(ASN1_ITEM)* it, int tag, int aclass); +int ASN1_template_i2d(ASN1_VALUE** pval, ubyte** out_, const(ASN1_TEMPLATE)* tt); +void ASN1_primitive_free(ASN1_VALUE** pval, const(ASN1_ITEM)* it); + +int asn1_ex_i2c(ASN1_VALUE** pval, ubyte* cont, int* putype, const(ASN1_ITEM)* it); +int asn1_ex_c2i(ASN1_VALUE** pval, const(ubyte)* cont, int len, int utype, char* free_cont, const(ASN1_ITEM)* it); + +int asn1_get_choice_selector(ASN1_VALUE** pval, const(ASN1_ITEM)* it); +int asn1_set_choice_selector(ASN1_VALUE** pval, int value, const(ASN1_ITEM)* it); + +ASN1_VALUE** asn1_get_field_ptr(ASN1_VALUE** pval, const(ASN1_TEMPLATE)* tt); + +const(ASN1_TEMPLATE)* asn1_do_adb(ASN1_VALUE** pval, const(ASN1_TEMPLATE)* tt, int nullerr); + +int asn1_do_lock(ASN1_VALUE** pval, int op, const(ASN1_ITEM)* it); + +void asn1_enc_init(ASN1_VALUE** pval, const(ASN1_ITEM)* it); +void asn1_enc_free(ASN1_VALUE** pval, const(ASN1_ITEM)* it); +int asn1_enc_restore(int* len, ubyte** out_, ASN1_VALUE** pval, const(ASN1_ITEM)* it); +int asn1_enc_save(ASN1_VALUE** pval, const(ubyte)* in_, int inlen, const(ASN1_ITEM)* it); diff --git a/deimos/openssl/bio.d b/deimos/openssl/bio.d new file mode 100644 index 0000000..d178d6f --- /dev/null +++ b/deimos/openssl/bio.d @@ -0,0 +1,838 @@ +/* crypto/bio/bio.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.bio; + +import deimos.openssl._d_util; + +import core.stdc.stdarg; +public import deimos.openssl.e_os2; + +version(OPENSSL_NO_FP_API) {} else { +import core.stdc.stdio; +} + +// TODO: review imports +version(OPENSSL_NO_SCTP) {} else { + version(OPENSSL_SYS_VMS) + import inttypes; + else + import core.stdc.stdint; +} + +version (Posix) { + import core.sys.posix.netdb; +} else version (Windows) { + static if (__VERSION__ >= 2070) + import core.sys.windows.winsock2; + else + import std.c.windows.winsock; +} else version (Win64) { + import core.sys.windows.winsock2; +} + +public import deimos.openssl.crypto; + +extern (C): +nothrow: + +/* These are the 'types' of BIOs */ +enum BIO_TYPE_NONE = 0; +enum BIO_TYPE_MEM = (1|0x0400); +enum BIO_TYPE_FILE = (2|0x0400); + +enum BIO_TYPE_FD = (4|0x0400|0x0100); +enum BIO_TYPE_SOCKET = (5|0x0400|0x0100); +enum BIO_TYPE_NULL = (6|0x0400); +enum BIO_TYPE_SSL = (7|0x0200); +enum BIO_TYPE_MD = (8|0x0200); /* passive filter */ +enum BIO_TYPE_BUFFER = (9|0x0200); /* filter */ +enum BIO_TYPE_CIPHER = (10|0x0200); /* filter */ +enum BIO_TYPE_BASE64 = (11|0x0200); /* filter */ +enum BIO_TYPE_CONNECT = (12|0x0400|0x0100); /* socket - connect */ +enum BIO_TYPE_ACCEPT = (13|0x0400|0x0100); /* socket for accept */ +enum BIO_TYPE_PROXY_CLIENT = (14|0x0200); /* client proxy BIO */ +enum BIO_TYPE_PROXY_SERVER = (15|0x0200); /* server proxy BIO */ +enum BIO_TYPE_NBIO_TEST = (16|0x0200); /* server proxy BIO */ +enum BIO_TYPE_NULL_FILTER = (17|0x0200); +enum BIO_TYPE_BER = (18|0x0200); /* BER -> bin filter */ +enum BIO_TYPE_BIO = (19|0x0400); /* (half a) BIO pair */ +enum BIO_TYPE_LINEBUFFER = (20|0x0200); /* filter */ +enum BIO_TYPE_DGRAM = (21|0x0400|0x0100); +version (OPENSSL_NO_SCTP) {} else { +enum BIO_TYPE_DGRAM_SCTP = (24|0x0400|0x0100); +} +enum BIO_TYPE_ASN1 = (22|0x0200); /* filter */ +enum BIO_TYPE_COMP = (23|0x0200); /* filter */ + +enum BIO_TYPE_DESCRIPTOR = 0x0100; /* socket, fd, connect or accept */ +enum BIO_TYPE_FILTER = 0x0200; +enum BIO_TYPE_SOURCE_SINK = 0x0400; + +/* BIO_FILENAME_READ|BIO_CLOSE to open or close on free. + * BIO_set_fp(in,stdin,BIO_NOCLOSE); */ +enum BIO_NOCLOSE = 0x00; +enum BIO_CLOSE = 0x01; + +/* These are used in the following macros and are passed to + * BIO_ctrl() */ +enum BIO_CTRL_RESET = 1; /* opt - rewind/zero etc */ +enum BIO_CTRL_EOF = 2; /* opt - are we at the eof */ +enum BIO_CTRL_INFO = 3; /* opt - extra tit-bits */ +enum BIO_CTRL_SET = 4; /* man - set the 'IO' type */ +enum BIO_CTRL_GET = 5; /* man - get the 'IO' type */ +enum BIO_CTRL_PUSH = 6; /* opt - internal, used to signify change */ +enum BIO_CTRL_POP = 7; /* opt - internal, used to signify change */ +enum BIO_CTRL_GET_CLOSE = 8; /* man - set the 'close' on free */ +enum BIO_CTRL_SET_CLOSE = 9; /* man - set the 'close' on free */ +enum BIO_CTRL_PENDING = 10; /* opt - is their more data buffered */ +enum BIO_CTRL_FLUSH = 11; /* opt - 'flush' buffered output */ +enum BIO_CTRL_DUP = 12; /* man - extra stuff for 'duped' BIO */ +enum BIO_CTRL_WPENDING = 13; /* opt - number of bytes still to write */ +/* callback is int cb(BIO* bio,state,ret); */ +enum BIO_CTRL_SET_CALLBACK = 14; /* opt - set callback function */ +enum BIO_CTRL_GET_CALLBACK = 15; /* opt - set callback function */ + +enum BIO_CTRL_SET_FILENAME = 30; /* BIO_s_file special */ + +/* dgram BIO stuff */ +enum BIO_CTRL_DGRAM_CONNECT = 31; /* BIO dgram special */ +enum BIO_CTRL_DGRAM_SET_CONNECTED = 32; /* allow for an externally + * connected socket to be + * passed in */ +enum BIO_CTRL_DGRAM_SET_RECV_TIMEOUT = 33; /* setsockopt, essentially */ +enum BIO_CTRL_DGRAM_GET_RECV_TIMEOUT = 34; /* getsockopt, essentially */ +enum BIO_CTRL_DGRAM_SET_SEND_TIMEOUT = 35; /* setsockopt, essentially */ +enum BIO_CTRL_DGRAM_GET_SEND_TIMEOUT = 36; /* getsockopt, essentially */ + +enum BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP = 37; /* flag whether the last */ +enum BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP = 38; /* I/O operation tiemd out */ + +/* #ifdef IP_MTU_DISCOVER */ +enum BIO_CTRL_DGRAM_MTU_DISCOVER = 39; /* set DF bit on egress packets */ +/* #endif */ + +enum BIO_CTRL_DGRAM_QUERY_MTU = 40; /* as kernel for current MTU */ +enum BIO_CTRL_DGRAM_GET_FALLBACK_MTU = 47; +enum BIO_CTRL_DGRAM_GET_MTU = 41; /* get cached value for MTU */ +enum BIO_CTRL_DGRAM_SET_MTU = 42; /* set cached value for + * MTU. want to use this + * if asking the kernel + * fails */ + +enum BIO_CTRL_DGRAM_MTU_EXCEEDED = 43; /* check whether the MTU + * was exceed in the + * previous write + * operation */ + +enum BIO_CTRL_DGRAM_GET_PEER = 46; +enum BIO_CTRL_DGRAM_SET_PEER = 44; /* Destination for the data */ + +enum BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT = 45; /* Next DTLS handshake timeout to + * adjust socket timeouts */ + +version(OPENSSL_NO_SCTP) {} else { + /* SCTP stuff */ + enum BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE = 50; + enum BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY = 51; + enum BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY = 52; + enum BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD = 53; + enum BIO_CTRL_DGRAM_SCTP_GET_SNDINFO = 60; + enum BIO_CTRL_DGRAM_SCTP_SET_SNDINFO = 61; + enum BIO_CTRL_DGRAM_SCTP_GET_RCVINFO = 62; + enum BIO_CTRL_DGRAM_SCTP_SET_RCVINFO = 63; + enum BIO_CTRL_DGRAM_SCTP_GET_PRINFO = 64; + enum BIO_CTRL_DGRAM_SCTP_SET_PRINFO = 65; + enum BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN = 70; +} + +/* modifiers */ +enum BIO_FP_READ = 0x02; +enum BIO_FP_WRITE = 0x04; +enum BIO_FP_APPEND = 0x08; +enum BIO_FP_TEXT = 0x10; + +enum BIO_FLAGS_READ = 0x01; +enum BIO_FLAGS_WRITE = 0x02; +enum BIO_FLAGS_IO_SPECIAL = 0x04; +enum BIO_FLAGS_RWS = (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL); +enum BIO_FLAGS_SHOULD_RETRY = 0x08; +/* "UPLINK" flag denotes file descriptors provided by application. + It defaults to 0, as most platforms don't require UPLINK interface. */ +enum BIO_FLAGS_UPLINK = 0; + +/* Used in BIO_gethostbyname() */ +enum BIO_GHBN_CTRL_HITS = 1; +enum BIO_GHBN_CTRL_MISSES = 2; +enum BIO_GHBN_CTRL_CACHE_SIZE = 3; +enum BIO_GHBN_CTRL_GET_ENTRY = 4; +enum BIO_GHBN_CTRL_FLUSH = 5; + +/* Mostly used in the SSL BIO */ +/* Not used anymore + * enum BIO_FLAGS_PROTOCOL_DELAYED_READ = 0x10; + * enum BIO_FLAGS_PROTOCOL_DELAYED_WRITE = 0x20; + * enum BIO_FLAGS_PROTOCOL_STARTUP = 0x40; + */ + +enum BIO_FLAGS_BASE64_NO_NL = 0x100; + +/* This is used with memory BIOs: it means we shouldn't free up or change the + * data in any way. + */ +enum BIO_FLAGS_MEM_RDONLY = 0x200; + +alias bio_st BIO; + +void BIO_set_flags(BIO* b, int flags); +int BIO_test_flags(const(BIO)* b, int flags); +void BIO_clear_flags(BIO* b, int flags); + +auto BIO_get_flags()(const(BIO)* b) { return BIO_test_flags(b, ~(0x0)); } +auto BIO_set_retry_special()(BIO* b) { + return BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY)); +} +auto BIO_set_retry_read()(BIO* b) { + return BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)); +} +auto BIO_set_retry_write()(BIO* b) { + return BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY)); +} + +/* These are normally used internally in BIOs */ +auto BIO_clear_retry_flags()(BIO* b) { + return BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)); +} +auto BIO_get_retry_flags()(const(BIO)* b) { + return BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)); +} + +/* These should be used by the application to tell why we should retry */ +auto BIO_should_read()(const(BIO)* a) { return BIO_test_flags(a, BIO_FLAGS_READ); } +auto BIO_should_write()(const(BIO)* a) { return BIO_test_flags(a, BIO_FLAGS_WRITE); } +auto BIO_should_io_special()(const(BIO)* a) { return BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL); } +auto BIO_retry_type()(const(BIO)* a) { return BIO_test_flags(a, BIO_FLAGS_RWS); } +auto BIO_should_retry()(const(BIO)* a) { return BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY); } + +/* The next three are used in conjunction with the + * BIO_should_io_special() condition. After this returns true, + * BIO* BIO_get_retry_BIO(BIO* bio, int* reason); will walk the BIO + * stack and return the 'reason' for the special and the offending BIO. + * Given a BIO, BIO_get_retry_reason(bio) will return the code. */ +/* Returned from the SSL bio when the certificate retrieval code had an error */ +enum BIO_RR_SSL_X509_LOOKUP = 0x01; +/* Returned from the connect BIO when a connect would have blocked */ +enum BIO_RR_CONNECT = 0x02; +/* Returned from the accept BIO when an accept would have blocked */ +enum BIO_RR_ACCEPT = 0x03; + +/* These are passed by the BIO callback */ +enum BIO_CB_FREE = 0x01; +enum BIO_CB_READ = 0x02; +enum BIO_CB_WRITE = 0x03; +enum BIO_CB_PUTS = 0x04; +enum BIO_CB_GETS = 0x05; +enum BIO_CB_CTRL = 0x06; + +/* The callback is called before and after the underling operation, + * The BIO_CB_RETURN flag indicates if it is after the call */ +enum BIO_CB_RETURN = 0x80; +auto BIO_CB_return()(int a) { return a|BIO_CB_RETURN; } +auto BIO_cb_pre()(int a) { return !((a)&BIO_CB_RETURN); } +auto BIO_cb_post()(int a) { return a&BIO_CB_RETURN; } + +ExternC!(c_long function(bio_st*,int,const(char)*,int, c_long,long)) BIO_get_callback(const(BIO)* b); +void BIO_set_callback(BIO* b, + ExternC!(c_long function(bio_st*,int,const(char)*,int, c_long,long)) callback); +char* BIO_get_callback_arg(const(BIO)* b); +void BIO_set_callback_arg(BIO* b, char* arg); + +const(char)* BIO_method_name(const(BIO)* b); +int BIO_method_type(const(BIO)* b); + +alias typeof(*(ExternC!(void function(bio_st*, int, const(char)*, int, c_long, c_long))).init) bio_info_cb; + +struct bio_method_st { + int type; + const(char)* name; + ExternC!(int function(BIO*, const(char)*, int)) bwrite; + ExternC!(int function(BIO*, char*, int)) bread; + ExternC!(int function(BIO*, const(char)*)) bputs; + ExternC!(int function(BIO*, char*, int)) bgets; + ExternC!(c_long function(BIO*, int, c_long, void*)) ctrl; + ExternC!(int function(BIO*)) create; + ExternC!(int function(BIO*)) destroy; + ExternC!(c_long function(BIO*, int, bio_info_cb*)) callback_ctrl; + } +alias bio_method_st BIO_METHOD; + +struct bio_st + { + BIO_METHOD* method; + /* bio, mode, argp, argi, argl, ret */ + ExternC!(c_long function(bio_st*,int,const(char)*,int, c_long,long)) callback; + char* cb_arg; /* first argument for the callback */ + + int init_; + int shutdown; + int flags; /* extra storage */ + int retry_reason; + int num; + void* ptr; + bio_st* next_bio; /* used by filter BIOs */ + bio_st* prev_bio; /* used by filter BIOs */ + int references; + c_ulong num_read; + c_ulong num_write; + + CRYPTO_EX_DATA ex_data; + }; + +/+mixin DECLARE_STACK_OF!(BIO);+/ + +struct bio_f_buffer_ctx_struct { + + /* Buffers are setup like this: + * + * <---------------------- size -----------------------> + * +---------------------------------------------------+ + * | consumed | remaining | free space | + * +---------------------------------------------------+ + * <-- off --><------- len -------> + */ + + /* BIO* bio; */ /* this is now in the BIO struct */ + int ibuf_size; /* how big is the input buffer */ + int obuf_size; /* how big is the output buffer */ + + char* ibuf; /* the char array */ + int ibuf_len; /* how many bytes are in it */ + int ibuf_off; /* write/read offset */ + + char* obuf; /* the char array */ + int obuf_len; /* how many bytes are in it */ + int obuf_off; /* write/read offset */ + } +alias bio_f_buffer_ctx_struct BIO_F_BUFFER_CTX; + +/* Prefix and suffix callback in ASN1 BIO */ +alias typeof(*(ExternC!(int function(BIO* b, ubyte** pbuf, int* plen, void* parg))).init) asn1_ps_func; + +version(OPENSSL_NO_SCTP) {} else { +/* SCTP parameter structs */ +struct bio_dgram_sctp_sndinfo + { + uint16_t snd_sid; + uint16_t snd_flags; + uint32_t snd_ppid; + uint32_t snd_context; + }; + +struct bio_dgram_sctp_rcvinfo + { + uint16_t rcv_sid; + uint16_t rcv_ssn; + uint16_t rcv_flags; + uint32_t rcv_ppid; + uint32_t rcv_tsn; + uint32_t rcv_cumtsn; + uint32_t rcv_context; + }; + +struct bio_dgram_sctp_prinfo + { + uint16_t pr_policy; + uint32_t pr_value; + }; +} + +/* connect BIO stuff */ +enum BIO_CONN_S_BEFORE = 1; +enum BIO_CONN_S_GET_IP = 2; +enum BIO_CONN_S_GET_PORT = 3; +enum BIO_CONN_S_CREATE_SOCKET = 4; +enum BIO_CONN_S_CONNECT = 5; +enum BIO_CONN_S_OK = 6; +enum BIO_CONN_S_BLOCKED_CONNECT = 7; +enum BIO_CONN_S_NBIO = 8; +/*alias BIO_ctrl BIO_CONN_get_param_hostname; */ + +enum BIO_C_SET_CONNECT = 100; +enum BIO_C_DO_STATE_MACHINE = 101; +enum BIO_C_SET_NBIO = 102; +enum BIO_C_SET_PROXY_PARAM = 103; +enum BIO_C_SET_FD = 104; +enum BIO_C_GET_FD = 105; +enum BIO_C_SET_FILE_PTR = 106; +enum BIO_C_GET_FILE_PTR = 107; +enum BIO_C_SET_FILENAME = 108; +enum BIO_C_SET_SSL = 109; +enum BIO_C_GET_SSL = 110; +enum BIO_C_SET_MD = 111; +enum BIO_C_GET_MD = 112; +enum BIO_C_GET_CIPHER_STATUS = 113; +enum BIO_C_SET_BUF_MEM = 114; +enum BIO_C_GET_BUF_MEM_PTR = 115; +enum BIO_C_GET_BUFF_NUM_LINES = 116; +enum BIO_C_SET_BUFF_SIZE = 117; +enum BIO_C_SET_ACCEPT = 118; +enum BIO_C_SSL_MODE = 119; +enum BIO_C_GET_MD_CTX = 120; +enum BIO_C_GET_PROXY_PARAM = 121; +enum BIO_C_SET_BUFF_READ_DATA = 122; /* data to read first */ +enum BIO_C_GET_CONNECT = 123; +enum BIO_C_GET_ACCEPT = 124; +enum BIO_C_SET_SSL_RENEGOTIATE_BYTES = 125; +enum BIO_C_GET_SSL_NUM_RENEGOTIATES = 126; +enum BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT = 127; +enum BIO_C_FILE_SEEK = 128; +enum BIO_C_GET_CIPHER_CTX = 129; +enum BIO_C_SET_BUF_MEM_EOF_RETURN = 130;/*return end of input value*/ +enum BIO_C_SET_BIND_MODE = 131; +enum BIO_C_GET_BIND_MODE = 132; +enum BIO_C_FILE_TELL = 133; +enum BIO_C_GET_SOCKS = 134; +enum BIO_C_SET_SOCKS = 135; + +enum BIO_C_SET_WRITE_BUF_SIZE = 136;/* for BIO_s_bio */ +enum BIO_C_GET_WRITE_BUF_SIZE = 137; +enum BIO_C_MAKE_BIO_PAIR = 138; +enum BIO_C_DESTROY_BIO_PAIR = 139; +enum BIO_C_GET_WRITE_GUARANTEE = 140; +enum BIO_C_GET_READ_REQUEST = 141; +enum BIO_C_SHUTDOWN_WR = 142; +enum BIO_C_NREAD0 = 143; +enum BIO_C_NREAD = 144; +enum BIO_C_NWRITE0 = 145; +enum BIO_C_NWRITE = 146; +enum BIO_C_RESET_READ_REQUEST = 147; +enum BIO_C_SET_MD_CTX = 148; + +enum BIO_C_SET_PREFIX = 149; +enum BIO_C_GET_PREFIX = 150; +enum BIO_C_SET_SUFFIX = 151; +enum BIO_C_GET_SUFFIX = 152; + +enum BIO_C_SET_EX_ARG = 153; +enum BIO_C_GET_EX_ARG = 154; + +auto BIO_set_app_data()(BIO* s, void* arg) { return BIO_set_ex_data(s,0,arg); } +auto BIO_get_app_data()(BIO* s) { return BIO_get_ex_data(s,0); } + +/* BIO_s_connect() and BIO_s_socks4a_connect() */ +auto BIO_set_conn_hostname()(BIO* b, char* name) { return BIO_ctrl(b,BIO_C_SET_CONNECT,0,name); } +auto BIO_set_conn_port()(BIO* b,char* port) { return BIO_ctrl(b,BIO_C_SET_CONNECT,1,port); } +auto BIO_set_conn_ip()(BIO* b,char* ip) { return BIO_ctrl(b,BIO_C_SET_CONNECT,2,ip); } +auto BIO_set_conn_int_port()(BIO* b,char* port) { return BIO_ctrl(b,BIO_C_SET_CONNECT,3,port); } +auto BIO_get_conn_hostname()(BIO* b) { return { return BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0); }; } +auto BIO_get_conn_port()(BIO* b) { return { return BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1); }; } +auto BIO_get_conn_ip()(BIO* b) { return { return BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2); }; } +auto BIO_get_conn_int_port()(BIO* b) { return { return BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0); }; } + + +auto BIO_set_nbio()(BIO* b,n) { return BIO_ctrl(b,BIO_C_SET_NBIO,(n),null); } + +/* BIO_s_accept_socket() */ +auto BIO_set_accept_port()(BIO* b,char* name) { return BIO_ctrl(b,BIO_C_SET_ACCEPT,0,name); } +auto BIO_get_accept_port()(BIO* b) { return BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0); } +/* auto BIO_set_nbio()(BIO* b,n) { return BIO_ctrl(b,BIO_C_SET_NBIO,(n),null); } */ +auto BIO_set_nbio_accept()(BIO* b,int n) { return BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?"a".ptr:null); } +auto BIO_set_accept_bios()(BIO* b,char* bio) { return BIO_ctrl(b,BIO_C_SET_ACCEPT,2,bio); } + +enum BIO_BIND_NORMAL = 0; +enum BIO_BIND_REUSEADDR_IF_UNUSED = 1; +enum BIO_BIND_REUSEADDR = 2; +auto BIO_set_bind_mode()(BIO* b,c_long mode) { return BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,null); } +auto BIO_get_bind_mode()(BIO* b, c_long dummy) { return BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,null); } + +alias BIO_do_handshake BIO_do_connect; +alias BIO_do_handshake BIO_do_accept; +auto BIO_do_handshake()(BIO* b) { return BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,null); } + +/* BIO_s_proxy_client() */ +auto BIO_set_url()(BIO* b,char* url) { return BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,url); } +auto BIO_set_proxies()(BIO* b,char* p) { return BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,p); } +/* BIO_set_nbio()(BIO* b,n) */ +auto BIO_set_filter_bio()(BIO* b,char* s) { return BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,s); } +/* BIO* BIO_get_filter_bio(BIO* bio); */ +auto BIO_set_proxy_cb()(BIO* b,ExternC!(void* function()) cb) { return BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,cb); } +auto BIO_set_proxy_header()(BIO* b,char* sk) { return BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,sk); } +auto BIO_set_no_connect_return()(BIO* b,bool t) { return BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,t); } + +auto BIO_get_proxy_header()(BIO* b,char* skp) { return BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,skp); } +auto BIO_get_proxies()(BIO* b,char* pxy_p) { return BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(pxy_p)); } +auto BIO_get_url()(BIO* b,char*url) { return BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(url)); } +auto BIO_get_no_connect_return()(BIO* b) { return BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,null); } + +auto BIO_set_fd()(BIO* b,int fd, c_long c) { return BIO_int_ctrl(b,BIO_C_SET_FD,c,fd); } +auto BIO_get_fd()(BIO* b,c_long c) { return BIO_ctrl(b,BIO_C_GET_FD,0,cast(void*)c); } + +auto BIO_set_fp()(BIO* b,FILE* fp,c_long c) { return BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,fp); } +auto BIO_get_fp()(BIO* b,FILE** fpp) { return BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,fpp); } + +auto BIO_seek()(BIO* b,ofs) { return cast(int) BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,null); } +auto BIO_tell()(BIO* b) { return cast(int) BIO_ctrl(b,BIO_C_FILE_TELL,0,null); } + +/* name is cast to lose const, but might be better to route through a function + so we can do it safely */ +//#ifdef CONST_STRICT +///* If you are wondering why this isn't defined, its because CONST_STRICT is +// * purely a compile-time kludge to allow const to be checked. +// */ +//int BIO_read_filename(BIO* b,const(char)* name); +//#else +auto BIO_read_filename()(BIO* b,const(char)* name) { return BIO_ctrl(b,BIO_C_SET_FILENAME,BIO_CLOSE|BIO_FP_READ,name); } +//#endif +auto BIO_write_filename()(BIO* b,const(char)* name) { return BIO_ctrl(b,BIO_C_SET_FILENAME,BIO_CLOSE|BIO_FP_WRITE,name); } +auto BIO_append_filename()(BIO* b,const(char)* name) { return BIO_ctrl(b,BIO_C_SET_FILENAME,BIO_CLOSE|BIO_FP_APPEND,name); } +auto BIO_rw_filename()(BIO* b,const(char)* name) { return BIO_ctrl(b,BIO_C_SET_FILENAME,BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name); } + +/* WARNING WARNING, this ups the reference count on the read bio of the + * SSL structure. This is because the ssl read BIO is now pointed to by + * the next_bio field in the bio. So when you free the BIO, make sure + * you are doing a BIO_free_all() to catch the underlying BIO. */ +auto BIO_set_ssl()(BIO* b,SSL* ssl,c_long c) { return BIO_ctrl(b,BIO_C_SET_SSL,c,ssl); } +auto BIO_get_ssl()(BIO* b,SSL** sslp) { return BIO_ctrl(b,BIO_C_GET_SSL,0,sslp); } +auto BIO_set_ssl_mode()(BIO* b,c_long client) { return BIO_ctrl(b,BIO_C_SSL_MODE,client,null); } +auto BIO_set_ssl_renegotiate_bytes()(BIO* b,c_long num) { + return BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,null); +}; +auto BIO_get_num_renegotiates()(BIO* b) { + return BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,null); +}; +auto BIO_set_ssl_renegotiate_timeout()(BIO* b,c_long seconds) { + return BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,null); +}; + +/* defined in evp.h */ +/* auto BIO_set_md()(BIO* b,md) { return BIO_ctrl(b,BIO_C_SET_MD,1,(char*)md); } */ + +auto BIO_get_mem_data()(BIO* b,BUF_MEM** pp) { return BIO_ctrl(b,BIO_CTRL_INFO,0,pp); } +auto BIO_set_mem_buf()(BIO* b,BUF_MEM* bm,c_long c) { return BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,bm); } +auto BIO_get_mem_ptr()(BIO* b,BUF_MEM** pp) { return BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,pp); } +auto BIO_set_mem_eof_return()(BIO* b,c_long v) { return BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,null); } + +/* For the BIO_f_buffer() type */ +auto BIO_get_buffer_num_lines()(BIO* b) { return BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,null); } +auto BIO_set_buffer_size()(BIO* b,size) { return BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,null); } +auto BIO_set_read_buffer_size()(BIO* b,size) { return BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0); } +auto BIO_set_write_buffer_size()(BIO* b,size) { return BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1); } +auto BIO_set_buffer_read_data()(BIO* b,buf,num) { return BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf); } + +/* Don't use the next one unless you know what you are doing :-) */ +auto BIO_dup_state()(BIO* b,void* ret) { return BIO_ctrl(b,BIO_CTRL_DUP,0,ret); } + +auto BIO_reset()(BIO* b) { return cast(int) BIO_ctrl(b,BIO_CTRL_RESET,0,null); } +auto BIO_eof()(BIO* b) { return cast(int) BIO_ctrl(b,BIO_CTRL_EOF,0,null); } +auto BIO_set_close()(BIO* b,int c) { return cast(int) BIO_ctrl(b,BIO_CTRL_SET_CLOSE,c,null); } +auto BIO_get_close()(BIO* b) { return cast(int) BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,null); } +auto BIO_pending()(BIO* b) { return cast(int) BIO_ctrl(b,BIO_CTRL_PENDING,0,null); } +auto BIO_wpending()(BIO* b) { return cast(int) BIO_ctrl(b,BIO_CTRL_WPENDING,0,null); } +/* ...pending macros have inappropriate return type */ +size_t BIO_ctrl_pending(BIO* b); +size_t BIO_ctrl_wpending(BIO* b); +auto BIO_flush()(BIO* b) { return cast(int) BIO_ctrl(b,BIO_CTRL_FLUSH,0,null); } +auto BIO_get_info_callback()(BIO* b,bio_info_cb** cbp) { return cast(int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0,cbp); } +auto BIO_set_info_callback()(BIO* b,bio_info_cb* cb) { return cast(int) BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb); } + +/* For the BIO_f_buffer() type */ +auto BIO_buffer_get_num_lines()(BIO* b) { return BIO_ctrl(b,BIO_CTRL_GET,0,null); } + +/* For BIO_s_bio() */ +auto BIO_set_write_buf_size()(BIO* b,size) { return cast(int) BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,null); } +auto BIO_get_write_buf_size()(BIO* b,size) { return cast(size_t) BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,null); } +auto BIO_make_bio_pair()(BIO* b1,b2) { return cast(int) BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2); } +auto BIO_destroy_bio_pair()(BIO* b) { return cast(int) BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,null); } +auto BIO_shutdown_wr()(BIO* b) { return cast(int) BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, null); } +/* macros with inappropriate type -- but ...pending macros use int too: */ +auto BIO_get_write_guarantee()(BIO* b) { return cast(int) BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,null); } +auto BIO_get_read_request()(BIO* b) { return cast(int) BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,null); } +size_t BIO_ctrl_get_write_guarantee(BIO* b); +size_t BIO_ctrl_get_read_request(BIO* b); +int BIO_ctrl_reset_read_request(BIO* b); + +/* ctrl macros for dgram */ +auto BIO_ctrl_dgram_connect()(BIO* b,void* peer) { return cast(int) BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, peer); } +auto BIO_ctrl_set_connected()(BIO* b, c_long state, peer) { return cast(int) BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, peer); } +auto BIO_dgram_recv_timedout()(BIO* b) { return cast(int) BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, null); } +auto BIO_dgram_send_timedout()(BIO* b) { return cast(int) BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, null); } +auto BIO_dgram_get_peer()(BIO* b,void* peer) { return cast(int) BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, peer); } +auto BIO_dgram_set_peer()(BIO* b,void* peer) { return cast(int) BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, peer); } + +/* These two aren't currently implemented */ +/* int BIO_get_ex_num(BIO* bio); */ +/* void BIO_set_ex_free_func(BIO* bio,int idx,ExternC!(void function()) cb); */ +int BIO_set_ex_data(BIO* bio,int idx,void* data); +void* BIO_get_ex_data(BIO* bio,int idx); +int BIO_get_ex_new_index(c_long argl, void* argp, CRYPTO_EX_new* new_func, + CRYPTO_EX_dup* dup_func, CRYPTO_EX_free* free_func); +c_ulong BIO_number_read(BIO* bio); +c_ulong BIO_number_written(BIO* bio); + +/* For BIO_f_asn1() */ +int BIO_asn1_set_prefix(BIO* b, asn1_ps_func* prefix, + asn1_ps_func* prefix_free); +int BIO_asn1_get_prefix(BIO* b, asn1_ps_func** pprefix, + asn1_ps_func** pprefix_free); +int BIO_asn1_set_suffix(BIO* b, asn1_ps_func* suffix, + asn1_ps_func* suffix_free); +int BIO_asn1_get_suffix(BIO* b, asn1_ps_func** psuffix, + asn1_ps_func** psuffix_free); + +version (OPENSSL_NO_FP_API) {} else { +BIO_METHOD* BIO_s_file(); +BIO* BIO_new_file(const(char)* filename, const(char)* mode); +BIO* BIO_new_fp(FILE* stream, int close_flag); +alias BIO_s_file BIO_s_file_internal; +} +BIO* BIO_new(BIO_METHOD* type); +int BIO_set(BIO* a,BIO_METHOD* type); +int BIO_free(BIO* a); +void BIO_vfree(BIO* a); +int BIO_read(BIO* b, void* data, int len); +int BIO_gets(BIO* bp,char* buf, int size); +int BIO_write(BIO* b, const(void)* data, int len); +int BIO_puts(BIO* bp,const(char)* buf); +int BIO_indent(BIO* b,int indent,int max); +c_long BIO_ctrl(BIO* bp,int cmd,c_long larg,void* parg); +c_long BIO_callback_ctrl(BIO* b, int cmd, ExternC!(void function(bio_st*, int, const(char)*, int, c_long, c_long)) fp); +char* BIO_ptr_ctrl(BIO* bp,int cmd,c_long larg); +c_long BIO_int_ctrl(BIO* bp,int cmd,c_long larg,int iarg); +BIO* BIO_push(BIO* b,BIO* append); +BIO* BIO_pop(BIO* b); +void BIO_free_all(BIO* a); +BIO* BIO_find_type(BIO* b,int bio_type); +BIO* BIO_next(BIO* b); +BIO* BIO_get_retry_BIO(BIO* bio, int* reason); +int BIO_get_retry_reason(BIO* bio); +BIO* BIO_dup_chain(BIO* in_); + +int BIO_nread0(BIO* bio, char** buf); +int BIO_nread(BIO* bio, char** buf, int num); +int BIO_nwrite0(BIO* bio, char** buf); +int BIO_nwrite(BIO* bio, char** buf, int num); + +c_long BIO_debug_callback(BIO* bio,int cmd,const(char)* argp,int argi, + c_long argl,c_long ret); + +BIO_METHOD* BIO_s_mem(); +BIO* BIO_new_mem_buf(void* buf, int len); +BIO_METHOD* BIO_s_socket(); +BIO_METHOD* BIO_s_connect(); +BIO_METHOD* BIO_s_accept(); +BIO_METHOD* BIO_s_fd(); +// #ifndef OPENSSL_SYS_OS2 +BIO_METHOD* BIO_s_log(); +// #endif +BIO_METHOD* BIO_s_bio(); +BIO_METHOD* BIO_s_null(); +BIO_METHOD* BIO_f_null(); +BIO_METHOD* BIO_f_buffer(); +//#ifdef OPENSSL_SYS_VMS +//BIO_METHOD* BIO_f_linebuffer(); +//#endif +BIO_METHOD* BIO_f_nbio_test(); +version (OPENSSL_NO_DGRAM) {} else { +BIO_METHOD* BIO_s_datagram(); +version(OPENSSL_NO_SCTP) {} else { +BIO_METHOD *BIO_s_datagram_sctp(); +} +} + +/* BIO_METHOD* BIO_f_ber(); */ + +int BIO_sock_should_retry(int i); +int BIO_sock_non_fatal_error(int error); +int BIO_dgram_non_fatal_error(int error); + +int BIO_fd_should_retry(int i); +int BIO_fd_non_fatal_error(int error); +int BIO_dump_cb(ExternC!(int function(const(void)* data, size_t len, void* u)) cb, + void* u, const(char)* s, int len); +int BIO_dump_indent_cb(ExternC!(int function(const(void)* data, size_t len, void* u)) cb, + void* u, const(char)* s, int len, int indent); +int BIO_dump(BIO* b,const(char)* bytes,int len); +int BIO_dump_indent(BIO* b,const(char)* bytes,int len,int indent); +version (OPENSSL_NO_FP_API) {} else { +int BIO_dump_fp(FILE* fp, const(char)* s, int len); +int BIO_dump_indent_fp(FILE* fp, const(char)* s, int len, int indent); +} +hostent* BIO_gethostbyname(const(char)* name); +/* We might want a thread-safe interface too: + * hostent* BIO_gethostbyname_r(const(char)* name, + * hostent* result, void* buffer, size_t buflen); + * or something similar (caller allocates a struct hostent, + * pointed to by "result", and additional buffer space for the various + * substructures; if the buffer does not suffice, NULL is returned + * and an appropriate error code is set). + */ +int BIO_sock_error(int sock); +int BIO_socket_ioctl(int fd, c_long type, void* arg); +int BIO_socket_nbio(int fd,int mode); +int BIO_get_port(const(char)* str, ushort* port_ptr); +int BIO_get_host_ip(const(char)* str, ubyte* ip); +int BIO_get_accept_socket(char* host_port,int mode); +int BIO_accept(int sock,char** ip_port); +int BIO_sock_init(); +void BIO_sock_cleanup(); +int BIO_set_tcp_ndelay(int sock,int turn_on); + +BIO* BIO_new_socket(int sock, int close_flag); +BIO* BIO_new_dgram(int fd, int close_flag); +version(OPENSSL_NO_SCTP) {} else { +BIO *BIO_new_dgram_sctp(int fd, int close_flag); +int BIO_dgram_is_sctp(BIO *bio); +int BIO_dgram_sctp_notification_cb(BIO *b, + ExternC!(void function(BIO *bio, void *context, void *buf)) handle_notifications, + void *context); +int BIO_dgram_sctp_wait_for_dry(BIO *b); +int BIO_dgram_sctp_msg_waiting(BIO *b); +} +BIO* BIO_new_fd(int fd, int close_flag); +BIO* BIO_new_connect(char* host_port); +BIO* BIO_new_accept(char* host_port); + +int BIO_new_bio_pair(BIO** bio1, size_t writebuf1, + BIO** bio2, size_t writebuf2); +/* If successful, returns 1 and in* bio1, *bio2 two BIO pair endpoints. + * Otherwise returns 0 and sets* bio1 and* bio2 to NULL. + * Size 0 uses default value. + */ + +void BIO_copy_next_retry(BIO* b); + +/*long BIO_ghbn_ctrl(int cmd,int iarg,char* parg);*/ + +int BIO_printf(BIO* bio, const(char)* format, ...); +int BIO_vprintf(BIO* bio, const(char)* format, va_list args); +int BIO_snprintf(char* buf, size_t n, const(char)* format, ...); +int BIO_vsnprintf(char* buf, size_t n, const(char)* format, va_list args); + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_BIO_strings(); + +/* Error codes for the BIO functions. */ + +/* Function codes. */ +enum BIO_F_ACPT_STATE = 100; +enum BIO_F_BIO_ACCEPT = 101; +enum BIO_F_BIO_BER_GET_HEADER = 102; +enum BIO_F_BIO_CALLBACK_CTRL = 131; +enum BIO_F_BIO_CTRL = 103; +enum BIO_F_BIO_GETHOSTBYNAME = 120; +enum BIO_F_BIO_GETS = 104; +enum BIO_F_BIO_GET_ACCEPT_SOCKET = 105; +enum BIO_F_BIO_GET_HOST_IP = 106; +enum BIO_F_BIO_GET_PORT = 107; +enum BIO_F_BIO_MAKE_PAIR = 121; +enum BIO_F_BIO_NEW = 108; +enum BIO_F_BIO_NEW_FILE = 109; +enum BIO_F_BIO_NEW_MEM_BUF = 126; +enum BIO_F_BIO_NREAD = 123; +enum BIO_F_BIO_NREAD0 = 124; +enum BIO_F_BIO_NWRITE = 125; +enum BIO_F_BIO_NWRITE0 = 122; +enum BIO_F_BIO_PUTS = 110; +enum BIO_F_BIO_READ = 111; +enum BIO_F_BIO_SOCK_INIT = 112; +enum BIO_F_BIO_WRITE = 113; +enum BIO_F_BUFFER_CTRL = 114; +enum BIO_F_CONN_CTRL = 127; +enum BIO_F_CONN_STATE = 115; +enum BIO_F_DGRAM_SCTP_READ = 132; +enum BIO_F_FILE_CTRL = 116; +enum BIO_F_FILE_READ = 130; +enum BIO_F_LINEBUFFER_CTRL = 129; +enum BIO_F_MEM_READ = 128; +enum BIO_F_MEM_WRITE = 117; +enum BIO_F_SSL_NEW = 118; +enum BIO_F_WSASTARTUP = 119; + +/* Reason codes. */ +enum BIO_R_ACCEPT_ERROR = 100; +enum BIO_R_BAD_FOPEN_MODE = 101; +enum BIO_R_BAD_HOSTNAME_LOOKUP = 102; +enum BIO_R_BROKEN_PIPE = 124; +enum BIO_R_CONNECT_ERROR = 103; +enum BIO_R_EOF_ON_MEMORY_BIO = 127; +enum BIO_R_ERROR_SETTING_NBIO = 104; +enum BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET = 105; +enum BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET = 106; +enum BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET = 107; +enum BIO_R_INVALID_ARGUMENT = 125; +enum BIO_R_INVALID_IP_ADDRESS = 108; +enum BIO_R_IN_USE = 123; +enum BIO_R_KEEPALIVE = 109; +enum BIO_R_NBIO_CONNECT_ERROR = 110; +enum BIO_R_NO_ACCEPT_PORT_SPECIFIED = 111; +enum BIO_R_NO_HOSTNAME_SPECIFIED = 112; +enum BIO_R_NO_PORT_DEFINED = 113; +enum BIO_R_NO_PORT_SPECIFIED = 114; +enum BIO_R_NO_SUCH_FILE = 128; +enum BIO_R_NULL_PARAMETER = 115; +enum BIO_R_TAG_MISMATCH = 116; +enum BIO_R_UNABLE_TO_BIND_SOCKET = 117; +enum BIO_R_UNABLE_TO_CREATE_SOCKET = 118; +enum BIO_R_UNABLE_TO_LISTEN_SOCKET = 119; +enum BIO_R_UNINITIALIZED = 120; +enum BIO_R_UNSUPPORTED_METHOD = 121; +enum BIO_R_WRITE_TO_READ_ONLY_BIO = 126; +enum BIO_R_WSASTARTUP = 122; diff --git a/deimos/openssl/blowfish.d b/deimos/openssl/blowfish.d new file mode 100644 index 0000000..b806b70 --- /dev/null +++ b/deimos/openssl/blowfish.d @@ -0,0 +1,124 @@ +/* crypto/bf/blowfish.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.blowfish; + +import deimos.openssl._d_util; + +public import deimos.openssl.e_os2; + +extern (C): +nothrow: + +version (OPENSSL_NO_BF) { + static assert(false, "BF is disabled."); +} + +enum BF_ENCRYPT = 1; +enum BF_DECRYPT = 0; + +/* + * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + * ! BF_LONG has to be at least 32 bits wide. If it's wider, then ! + * ! BF_LONG_LOG2 has to be defined along. ! + * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + */ + +// #if defined(__LP32__) +// alias c_ulong BF_LONG; +// #elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__) +// alias c_ulong BF_LONG; +// enum BF_LONG_LOG2 = 3; +// /* +// * _CRAY note. I could declare short, but I have no idea what impact +// * does it have on performance on none-T3E machines. I could declare +// * int, but at least on C90 sizeof(int) can be chosen at compile time. +// * So I've chosen long... +// * +// */ +// #else +// alias uint BF_LONG; +// #endif +alias uint BF_LONG; + +enum BF_ROUNDS = 16; +enum BF_BLOCK = 8; + +struct bf_key_st { + BF_LONG[BF_ROUNDS+2] P; + BF_LONG[4*256] S; + } +alias bf_key_st BF_KEY; + +version(OPENSSL_FIPS) { + void private_BF_set_key(BF_KEY *key, int len, const(ubyte)* data); +} +void BF_set_key(BF_KEY* key, int len, const(ubyte)* data); + +void BF_encrypt(BF_LONG* data,const(BF_KEY)* key); +void BF_decrypt(BF_LONG* data,const(BF_KEY)* key); + +void BF_ecb_encrypt(const(ubyte)* in_, ubyte* out_, + const(BF_KEY)* key, int enc); +void BF_cbc_encrypt(const(ubyte)* in_, ubyte* out_, c_long length, + const(BF_KEY)* schedule, ubyte* ivec, int enc); +void BF_cfb64_encrypt(const(ubyte)* in_, ubyte* out_, c_long length, + const(BF_KEY)* schedule, ubyte* ivec, int* num, int enc); +void BF_ofb64_encrypt(const(ubyte)* in_, ubyte* out_, c_long length, + const(BF_KEY)* schedule, ubyte* ivec, int* num); +const(char)* BF_options(); diff --git a/deimos/openssl/bn.d b/deimos/openssl/bn.d new file mode 100644 index 0000000..28e4ce4 --- /dev/null +++ b/deimos/openssl/bn.d @@ -0,0 +1,908 @@ +/* crypto/bn/bn.h */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +/* ==================================================================== + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * Portions of the attached software ("Contribution") are developed by + * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. + * + * The Contribution is licensed pursuant to the Eric Young open source + * license provided above. + * + * The binary polynomial arithmetic software is originally written by + * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. + * + */ + +module deimos.openssl.bn; + +import deimos.openssl._d_util; + +public import deimos.openssl.e_os2; +version(OPENSSL_NO_FP_API) {} else { +import core.stdc.stdio; /* FILE */ +} +public import deimos.openssl.ossl_typ; +public import deimos.openssl.crypto; + +extern (C): +nothrow: + +/+ Not ported, internal only. +/* These preprocessor symbols control various aspects of the bignum headers and + * library code. They're not defined by any "normal" configuration, as they are + * intended for development and testing purposes. NB: defining all three can be + * useful for debugging application code as well as openssl itself. + * + * BN_DEBUG - turn on various debugging alterations to the bignum code + * BN_DEBUG_RAND - uses random poisoning of unused words to trip up + * mismanagement of bignum internals. You must also define BN_DEBUG. + */ +/* #define BN_DEBUG */ +/* #define BN_DEBUG_RAND */ + +// #ifndef OPENSSL_SMALL_FOOTPRINT +// #define BN_MUL_COMBA +// #define BN_SQR_COMBA +// #define BN_RECURSION +// #endif + +/* This next option uses the C libraries (2 word)/(1 word) function. + * If it is not defined, I use my C version (which is slower). + * The reason for this flag is that when the particular C compiler + * library routine is used, and the library is linked with a different + * compiler, the library is missing. This mostly happens when the + * library is built with gcc and then linked using normal cc. This would + * be a common occurrence because gcc normally produces code that is + * 2 times faster than system compilers for the big number stuff. + * For machines with only one compiler (or shared libraries), this should + * be on. Again this in only really a problem on machines + * using "long long's", are 32bit, and are not using my assembler code. */ +#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \ + defined(OPENSSL_SYS_WIN32) || defined(linux) +# ifndef BN_DIV2W +# define BN_DIV2W +# endif +#endif + + +/* assuming c_long is 64bit - this is the DEC Alpha + * c_ulong c_long is only 64 bits :-(, don't define + * BN_LLONG for the DEC Alpha */ +#ifdef SIXTY_FOUR_BIT_LONG +alias c_ulong BN_ULLONG; c_long +alias c_ulong BN_ULONG; +alias c_long BN_LONG; +enum BN_BITS = 128; +enum BN_BYTES = 8; +enum BN_BITS2 = 64; +enum BN_BITS4 = 32; +#define BN_MASK (0xffffffffffffffffffffffffffffffffLL) +#define BN_MASK2 (0xffffffffffffffffL) +#define BN_MASK2l (0xffffffffL) +#define BN_MASK2h (0xffffffff00000000L) +#define BN_MASK2h1 (0xffffffff80000000L) +#define BN_TBIT (0x8000000000000000L) +enum BN_DEC_CONV = (10000000000000000000UL); +enum BN_DEC_FMT1 = "%lu"; +enum BN_DEC_FMT2 = "%019lu"; +enum BN_DEC_NUM = 19; +enum BN_HEX_FMT1 = "%lX"; +enum BN_HEX_FMT2 = "%016lX"; +#endif + +/* This is where the c_long long data type is 64 bits, but c_long is 32. + * For machines where there are 64bit registers, this is the mode to use. + * IRIX, on R4000 and above should use this mode, along with the relevant + * assembler code :-). Do NOT define BN_LLONG. + */ +#ifdef SIXTY_FOUR_BIT +#undef BN_LLONG +#undef BN_ULLONG +alias c_ulong BN_ULONG; c_long +alias c_long BN_LONG; long +enum BN_BITS = 128; +enum BN_BYTES = 8; +enum BN_BITS2 = 64; +enum BN_BITS4 = 32; +#define BN_MASK2 (0xffffffffffffffffLL) +#define BN_MASK2l (0xffffffffL) +#define BN_MASK2h (0xffffffff00000000LL) +#define BN_MASK2h1 (0xffffffff80000000LL) +#define BN_TBIT (0x8000000000000000LL) +enum BN_DEC_CONV = (10000000000000000000ULL); +enum BN_DEC_FMT1 = "%llu"; +enum BN_DEC_FMT2 = "%019llu"; +enum BN_DEC_NUM = 19; +enum BN_HEX_FMT1 = "%llX"; +enum BN_HEX_FMT2 = "%016llX"; +#endif + +#ifdef THIRTY_TWO_BIT+/ +// #ifdef BN_LLONG +// # if defined(_WIN32) && !defined(__GNUC__) +// # define BN_ULLONG unsigned __int64 +// # define BN_MASK (0xffffffffffffffffI64) +// # else +// # define BN_ULLONG c_ulong c_long +// # define BN_MASK (0xffffffffffffffffLL) +// # endif +// #endif +// FIXME: Is this correct? +alias ulong BN_ULLONG; +alias uint BN_ULONG; +alias int BN_LONG; +enum BN_BITS = 64; +enum BN_BYTES = 4; +enum BN_BITS2 = 32; +enum BN_BITS4 = 16; +enum BN_MASK2 = 0xffffffff; +enum BN_MASK2l = 0xffff; +enum BN_MASK2h1 = 0xffff8000; +enum BN_MASK2h = 0xffff0000; +enum BN_TBIT = 0x80000000; +enum BN_DEC_CONV = 1000000000; +enum BN_DEC_FMT1 = "%u"; +enum BN_DEC_FMT2 = "%09u"; +enum BN_DEC_NUM = 9; +enum BN_HEX_FMT1 = "%X"; +enum BN_HEX_FMT2 = "%08X"; +/+#endif + +/* 2011-02-22 SMS. + * In various places, a size_t variable or a type cast to size_t was + * used to perform integer-only operations on pointers. This failed on + * VMS with 64-bit pointers (CC /POINTER_SIZE = 64) because size_t is + * still only 32 bits. What's needed in these cases is an integer type + * with the same size as a pointer, which size_t is not certain to be. + * The only fix here is VMS-specific. + */ +#if defined(OPENSSL_SYS_VMS) +# if __INITIAL_POINTER_SIZE == 64 +# define PTR_SIZE_INT c_long long +# else /* __INITIAL_POINTER_SIZE == 64 */ +# define PTR_SIZE_INT int +# endif /* __INITIAL_POINTER_SIZE == 64 [else] */ +#else /* defined(OPENSSL_SYS_VMS) */ +# define PTR_SIZE_INT size_t +#endif /* defined(OPENSSL_SYS_VMS) [else] */ ++/ +enum BN_DEFAULT_BITS = 1280; + +enum BN_FLG_MALLOCED = 0x01; +enum BN_FLG_STATIC_DATA = 0x02; +enum BN_FLG_CONSTTIME = 0x04; /* avoid leaking exponent information through timing, + * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime, + * BN_div() will call BN_div_no_branch, + * BN_mod_inverse() will call BN_mod_inverse_no_branch. + */ + +version(OPENSSL_NO_DEPRECATED) {} else { +alias BN_FLG_CONSTTIME BN_FLG_EXP_CONSTTIME; /* deprecated name for the flag */ + /* avoid leaking exponent information through timings + * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */ +} + +version(OPENSSL_NO_DEPRECATED) {} else { +enum BN_FLG_FREE = 0x8000; /* used for debuging */ +} +void BN_set_flags()(BIGNUM* b, int n) { b.flags |= n; } +int BN_get_flags()(const(BIGNUM)* b, int n) { return b.flags & n; } + +/* get a clone of a BIGNUM with changed flags, for* temporary* use only + * (the two BIGNUMs cannot not be used in parallel!) */ +void BN_with_flags()(BIGNUM* dest, BIGNUM* b, int n) { + dest.d=b.d; + dest.top=b.top; + dest.dmax=b.dmax; + dest.neg=b.neg; + dest.flags=(dest.flags & BN_FLG_MALLOCED) + | (b.flags & ~BN_FLG_MALLOCED) + | BN_FLG_STATIC_DATA + | n; +} + +/* Already declared in ossl_typ.h */ +version (none) { +alias bignum_st BIGNUM; +/* Used for temp variables (declaration hidden in bn_lcl.h) */ +alias bignum_ctx BN_CTX; +alias bn_blinding_st BN_BLINDING; +alias bn_mont_ctx_st BN_MONT_CTX; +alias bn_recp_ctx_st BN_RECP_CTX; +alias bn_gencb_st BN_GENCB; +} + +struct bignum_st + { + BN_ULONG* d; /* Pointer to an array of 'BN_BITS2' bit chunks. */ + int top; /* Index of last used d +1. */ + /* The next are internal book keeping for bn_expand. */ + int dmax; /* Size of the d array. */ + int neg; /* one if the number is negative */ + int flags; + }; + +/* Used for montgomery multiplication */ +struct bn_mont_ctx_st + { + int ri; /* number of bits in R */ + BIGNUM RR; /* used to convert to montgomery form */ + BIGNUM N; /* The modulus */ + BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 + * (Ni is only stored for bignum algorithm) */ + BN_ULONG[2] n0;/* least significant word(s) of Ni; + (type changed with 0.9.9, was "BN_ULONG n0;" before) */ + int flags; + }; + +/* Used for reciprocal division/mod functions + * It cannot be shared between threads + */ +struct bn_recp_ctx_st + { + BIGNUM N; /* the divisor */ + BIGNUM Nr; /* the reciprocal */ + int num_bits; + int shift; + int flags; + }; + +/* Used for slow "generation" functions. */ +struct bn_gencb_st + { + uint ver; /* To handle binary (in)compatibility */ + void* arg; /* callback-specific data */ + union cb_ + { + /* if(ver==1) - handles old style callbacks */ + ExternC!(void function(int, int, void*)) cb_1; + /* if(ver==2) - new callback style */ + ExternC!(int function(int, int, BN_GENCB*)) cb_2; + } + cb_ cb; + }; +/* Wrapper function to make using BN_GENCB easier, */ +int BN_GENCB_call(BN_GENCB* cb, int a, int b); +/* Macro to populate a BN_GENCB structure with an "old"-style callback */ +void BN_GENCB_set_old()(gencb, callback, cb_arg) { + BN_GENCB* tmp_gencb = (gencb); + tmp_gencb.ver = 1; + tmp_gencb.arg = (cb_arg); + tmp_gencb.cb.cb_1 = (callback); +} +/* Macro to populate a BN_GENCB structure with a "new"-style callback */ +void BN_GENCB_set()(gencb, callback, cb_arg) { + BN_GENCB* tmp_gencb = (gencb); + tmp_gencb.ver = 2; + tmp_gencb.arg = (cb_arg); + tmp_gencb.cb.cb_2 = (callback); +} + +enum BN_prime_checks = 0; /* default: select number of iterations + based on the size of the number */ + +/* number of Miller-Rabin iterations for an error rate of less than 2^-80 + * for random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook + * of Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996]; + * original paper: Damgaard, Landrock, Pomerance: Average case error estimates + * for the strong probable prime test. -- Math. Comp. 61 (1993) 177-194) */ +auto BN_prime_checks_for_size(T)(T b) { + return ((b) >= 1300 ? 2 : + (b) >= 850 ? 3 : + (b) >= 650 ? 4 : + (b) >= 550 ? 5 : + (b) >= 450 ? 6 : + (b) >= 400 ? 7 : + (b) >= 350 ? 8 : + (b) >= 300 ? 9 : + (b) >= 250 ? 12 : + (b) >= 200 ? 15 : + (b) >= 150 ? 18 : + /* b >= 100 */ 27); +} + +auto BN_num_bytes()(const(BIGNUM)* a) { return (BN_num_bits(a)+7)/8; } + +/* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */ +auto BN_abs_is_word()(const(BIGNUM)* a, BN_ULONG w) { return (((a.top == 1) && (a.d[0] == (w))) || + (((w) == 0) && (a.top == 0))); } +auto BN_is_zero()(const(BIGNUM)* a) { return (a.top == 0); } +auto BN_is_one()(const(BIGNUM)* a) { return (BN_abs_is_word((a),1) && !a.neg); } +auto BN_is_word()(const(BIGNUM)* a, BN_ULONG w) { return (BN_abs_is_word((a),(w)) && (!(w) || !a.neg)); } +auto BN_is_odd()(const(BIGNUM)* a) { return ((a.top > 0) && (a.d[0] & 1)); } + +auto BN_one()(BIGNUM* a) { return BN_set_word((a),1); } +auto BN_zero_ex()(BIGNUM* a) { + a.top = 0; + a.neg = 0; +} +version (OPENSSL_NO_DEPRECATED) { +alias BN_zero_ex BN_zero; +} else { +auto BN_zero()(BIGNUM* a) { return BN_set_word(a,0); } +} + +const(BIGNUM)* BN_value_one(); +char* BN_options(); +BN_CTX* BN_CTX_new(); +version(OPENSSL_NO_DEPRECATED) {} else { +void BN_CTX_init(BN_CTX* c); +} +void BN_CTX_free(BN_CTX* c); +void BN_CTX_start(BN_CTX* ctx); +BIGNUM* BN_CTX_get(BN_CTX* ctx); +void BN_CTX_end(BN_CTX* ctx); +int BN_rand(BIGNUM* rnd, int bits, int top,int bottom); +int BN_pseudo_rand(BIGNUM* rnd, int bits, int top,int bottom); +int BN_rand_range(BIGNUM* rnd, const(BIGNUM)* range); +int BN_pseudo_rand_range(BIGNUM* rnd, const(BIGNUM)* range); +int BN_num_bits(const(BIGNUM)* a); +int BN_num_bits_word(BN_ULONG); +BIGNUM* BN_new(); +void BN_init(BIGNUM*); +void BN_clear_free(BIGNUM* a); +BIGNUM* BN_copy(BIGNUM* a, const(BIGNUM)* b); +void BN_swap(BIGNUM* a, BIGNUM* b); +BIGNUM* BN_bin2bn(const(ubyte)* s,int len,BIGNUM* ret); +int BN_bn2bin(const(BIGNUM)* a, ubyte* to); +BIGNUM* BN_mpi2bn(const(ubyte)* s,int len,BIGNUM* ret); +int BN_bn2mpi(const(BIGNUM)* a, ubyte* to); +int BN_sub(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b); +int BN_usub(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b); +int BN_uadd(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b); +int BN_add(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b); +int BN_mul(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b, BN_CTX* ctx); +int BN_sqr(BIGNUM* r, const(BIGNUM)* a,BN_CTX* ctx); +/** BN_set_negative sets sign of a BIGNUM + * \param b pointer to the BIGNUM object + * \param n 0 if the BIGNUM b should be positive and a value != 0 otherwise + */ +void BN_set_negative(BIGNUM* b, int n); +/** BN_is_negative returns 1 if the BIGNUM is negative + * \param a pointer to the BIGNUM object + * \return 1 if a < 0 and 0 otherwise + */ +auto BN_is_negative()(const(BIGNUM)* a) { return a.neg != 0; } + +int BN_div(BIGNUM* dv, BIGNUM* rem, const(BIGNUM)* m, const(BIGNUM)* d, + BN_CTX* ctx); +auto BN_mod()(BIGNUM* rem,const(BIGNUM)* m,const(BIGNUM)* d,BN_CTX* ctx) { return BN_div(null,(rem),(m),(d),(ctx)); } +int BN_nnmod(BIGNUM* r, const(BIGNUM)* m, const(BIGNUM)* d, BN_CTX* ctx); +int BN_mod_add(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b, const(BIGNUM)* m, BN_CTX* ctx); +int BN_mod_add_quick(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b, const(BIGNUM)* m); +int BN_mod_sub(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b, const(BIGNUM)* m, BN_CTX* ctx); +int BN_mod_sub_quick(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b, const(BIGNUM)* m); +int BN_mod_mul(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b, + const(BIGNUM)* m, BN_CTX* ctx); +int BN_mod_sqr(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* m, BN_CTX* ctx); +int BN_mod_lshift1(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* m, BN_CTX* ctx); +int BN_mod_lshift1_quick(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* m); +int BN_mod_lshift(BIGNUM* r, const(BIGNUM)* a, int n, const(BIGNUM)* m, BN_CTX* ctx); +int BN_mod_lshift_quick(BIGNUM* r, const(BIGNUM)* a, int n, const(BIGNUM)* m); + +BN_ULONG BN_mod_word(const(BIGNUM)* a, BN_ULONG w); +BN_ULONG BN_div_word(BIGNUM* a, BN_ULONG w); +int BN_mul_word(BIGNUM* a, BN_ULONG w); +int BN_add_word(BIGNUM* a, BN_ULONG w); +int BN_sub_word(BIGNUM* a, BN_ULONG w); +int BN_set_word(BIGNUM* a, BN_ULONG w); +BN_ULONG BN_get_word(const(BIGNUM)* a); + +int BN_cmp(const(BIGNUM)* a, const(BIGNUM)* b); +void BN_free(BIGNUM* a); +int BN_is_bit_set(const(BIGNUM)* a, int n); +int BN_lshift(BIGNUM* r, const(BIGNUM)* a, int n); +int BN_lshift1(BIGNUM* r, const(BIGNUM)* a); +int BN_exp(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p,BN_CTX* ctx); + +int BN_mod_exp(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p, + const(BIGNUM)* m,BN_CTX* ctx); +int BN_mod_exp_mont(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p, + const(BIGNUM)* m, BN_CTX* ctx, BN_MONT_CTX* m_ctx); +int BN_mod_exp_mont_consttime(BIGNUM* rr, const(BIGNUM)* a, const(BIGNUM)* p, + const(BIGNUM)* m, BN_CTX* ctx, BN_MONT_CTX* in_mont); +int BN_mod_exp_mont_word(BIGNUM* r, BN_ULONG a, const(BIGNUM)* p, + const(BIGNUM)* m, BN_CTX* ctx, BN_MONT_CTX* m_ctx); +int BN_mod_exp2_mont(BIGNUM* r, const(BIGNUM)* a1, const(BIGNUM)* p1, + const(BIGNUM)* a2, const(BIGNUM)* p2,const(BIGNUM)* m, + BN_CTX* ctx,BN_MONT_CTX* m_ctx); +int BN_mod_exp_simple(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p, + const(BIGNUM)* m,BN_CTX* ctx); + +int BN_mask_bits(BIGNUM* a,int n); +version(OPENSSL_NO_FP_API) {} else { +int BN_print_fp(FILE* fp, const(BIGNUM)* a); +} +// #ifdef HEADER_BIO_H +import deimos.openssl.bio; +int BN_print(BIO* fp, const(BIGNUM)* a); +// #else +// int BN_print(void* fp, const(BIGNUM)* a); +// #endif +int BN_reciprocal(BIGNUM* r, const(BIGNUM)* m, int len, BN_CTX* ctx); +int BN_rshift(BIGNUM* r, const(BIGNUM)* a, int n); +int BN_rshift1(BIGNUM* r, const(BIGNUM)* a); +void BN_clear(BIGNUM* a); +BIGNUM* BN_dup(const(BIGNUM)* a); +int BN_ucmp(const(BIGNUM)* a, const(BIGNUM)* b); +int BN_set_bit(BIGNUM* a, int n); +int BN_clear_bit(BIGNUM* a, int n); +char* BN_bn2hex(const(BIGNUM)* a); +char* BN_bn2dec(const(BIGNUM)* a); +int BN_hex2bn(BIGNUM** a, const(char)* str); +int BN_dec2bn(BIGNUM** a, const(char)* str); +int BN_asc2bn(BIGNUM** a, const(char)* str); +int BN_gcd(BIGNUM* r,const(BIGNUM)* a,const(BIGNUM)* b,BN_CTX* ctx); +int BN_kronecker(const(BIGNUM)* a,const(BIGNUM)* b,BN_CTX* ctx); /* returns -2 for error */ +BIGNUM* BN_mod_inverse(BIGNUM* ret, + const(BIGNUM)* a, const(BIGNUM)* n,BN_CTX* ctx); +BIGNUM* BN_mod_sqrt(BIGNUM* ret, + const(BIGNUM)* a, const(BIGNUM)* n,BN_CTX* ctx); + +void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords); + +/* Deprecated versions */ +version(OPENSSL_NO_DEPRECATED) {} else { +BIGNUM* BN_generate_prime(BIGNUM* ret,int bits,int safe, + const(BIGNUM)* add, const(BIGNUM)* rem, + ExternC!(void function(int,int,void*)) callback,void* cb_arg); +int BN_is_prime(const(BIGNUM)* p,int nchecks, + ExternC!(void function(int,int,void*)) callback, + BN_CTX* ctx,void* cb_arg); +int BN_is_prime_fasttest(const(BIGNUM)* p,int nchecks, + ExternC!(void function(int,int,void*)) callback,BN_CTX* ctx,void* cb_arg, + int do_trial_division); +} /* !defined(OPENSSL_NO_DEPRECATED) */ + +/* Newer versions */ +int BN_generate_prime_ex(BIGNUM* ret,int bits,int safe, const(BIGNUM)* add, + const(BIGNUM)* rem, BN_GENCB* cb); +int BN_is_prime_ex(const(BIGNUM)* p,int nchecks, BN_CTX* ctx, BN_GENCB* cb); +int BN_is_prime_fasttest_ex(const(BIGNUM)* p,int nchecks, BN_CTX* ctx, + int do_trial_division, BN_GENCB* cb); + +int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx); + +int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, + const(BIGNUM)* Xp, const(BIGNUM)* Xp1, const(BIGNUM)* Xp2, + const(BIGNUM)* e, BN_CTX *ctx, BN_GENCB *cb); +int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, + BIGNUM *Xp1, BIGNUM *Xp2, + const(BIGNUM)* Xp, + const(BIGNUM)* e, BN_CTX *ctx, + BN_GENCB *cb); + +BN_MONT_CTX* BN_MONT_CTX_new(); +void BN_MONT_CTX_init(BN_MONT_CTX* ctx); +int BN_mod_mul_montgomery(BIGNUM* r,const(BIGNUM)* a,const(BIGNUM)* b, + BN_MONT_CTX* mont, BN_CTX* ctx); +auto BN_to_montgomery()(BIGNUM* r,const(BIGNUM)* a,BN_MONT_CTX* mont,BN_CTX* ctx) { + BN_mod_mul_montgomery((r),(a),&(mont.RR),(mont),(ctx)); +} +int BN_from_montgomery(BIGNUM* r,const(BIGNUM)* a, + BN_MONT_CTX* mont, BN_CTX* ctx); +void BN_MONT_CTX_free(BN_MONT_CTX* mont); +int BN_MONT_CTX_set(BN_MONT_CTX* mont,const(BIGNUM)* mod,BN_CTX* ctx); +BN_MONT_CTX* BN_MONT_CTX_copy(BN_MONT_CTX* to,BN_MONT_CTX* from); +BN_MONT_CTX* BN_MONT_CTX_set_locked(BN_MONT_CTX** pmont, int lock, + const(BIGNUM)* mod, BN_CTX* ctx); + +/* BN_BLINDING flags */ +enum BN_BLINDING_NO_UPDATE = 0x00000001; +enum BN_BLINDING_NO_RECREATE = 0x00000002; + +BN_BLINDING* BN_BLINDING_new(const(BIGNUM)* A, const(BIGNUM)* Ai, BIGNUM* mod); +void BN_BLINDING_free(BN_BLINDING* b); +int BN_BLINDING_update(BN_BLINDING* b,BN_CTX* ctx); +int BN_BLINDING_convert(BIGNUM* n, BN_BLINDING* b, BN_CTX* ctx); +int BN_BLINDING_invert(BIGNUM* n, BN_BLINDING* b, BN_CTX* ctx); +int BN_BLINDING_convert_ex(BIGNUM* n, BIGNUM* r, BN_BLINDING* b, BN_CTX*); +int BN_BLINDING_invert_ex(BIGNUM* n, const(BIGNUM)* r, BN_BLINDING* b, BN_CTX*); +version(OPENSSL_NO_DEPRECATED) {} else { +c_ulong BN_BLINDING_get_thread_id(const(BN_BLINDING)*); +void BN_BLINDING_set_thread_id(BN_BLINDING*, c_ulong); +} +CRYPTO_THREADID* BN_BLINDING_thread_id(BN_BLINDING*); +c_ulong BN_BLINDING_get_flags(const(BN_BLINDING)*); +void BN_BLINDING_set_flags(BN_BLINDING*, c_ulong); +BN_BLINDING* BN_BLINDING_create_param(BN_BLINDING* b, + const(BIGNUM)* e, BIGNUM* m, BN_CTX* ctx, + ExternC!(int function(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p, + const(BIGNUM)* m, BN_CTX* ctx, BN_MONT_CTX* m_ctx)) bn_mod_exp, + BN_MONT_CTX* m_ctx); + +version(OPENSSL_NO_DEPRECATED) {} else { +void BN_set_params(int mul,int high,int low,int mont); +int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */ +} + +void BN_RECP_CTX_init(BN_RECP_CTX* recp); +BN_RECP_CTX* BN_RECP_CTX_new(); +void BN_RECP_CTX_free(BN_RECP_CTX* recp); +int BN_RECP_CTX_set(BN_RECP_CTX* recp,const(BIGNUM)* rdiv,BN_CTX* ctx); +int BN_mod_mul_reciprocal(BIGNUM* r, const(BIGNUM)* x, const(BIGNUM)* y, + BN_RECP_CTX* recp,BN_CTX* ctx); +int BN_mod_exp_recp(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p, + const(BIGNUM)* m, BN_CTX* ctx); +int BN_div_recp(BIGNUM* dv, BIGNUM* rem, const(BIGNUM)* m, + BN_RECP_CTX* recp, BN_CTX* ctx); + +version(OPENSSL_NO_EC2M) {} else { + +/* Functions for arithmetic over binary polynomials represented by BIGNUMs. + * + * The BIGNUM::neg property of BIGNUMs representing binary polynomials is + * ignored. + * + * Note that input arguments are not const so that their bit arrays can + * be expanded to the appropriate size if needed. + */ + +int BN_GF2m_add(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b); /*r = a + b*/ +alias BN_GF2m_add BN_GF2m_sub; +int BN_GF2m_mod(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p); /*r=a mod p*/ +int BN_GF2m_mod_mul(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b, + const(BIGNUM)* p, BN_CTX* ctx); /* r = (a* b) mod p */ +int BN_GF2m_mod_sqr(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p, + BN_CTX* ctx); /* r = (a* a) mod p */ +int BN_GF2m_mod_inv(BIGNUM* r, const(BIGNUM)* b, const(BIGNUM)* p, + BN_CTX* ctx); /* r = (1 / b) mod p */ +int BN_GF2m_mod_div(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b, + const(BIGNUM)* p, BN_CTX* ctx); /* r = (a / b) mod p */ +int BN_GF2m_mod_exp(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b, + const(BIGNUM)* p, BN_CTX* ctx); /* r = (a ^ b) mod p */ +int BN_GF2m_mod_sqrt(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p, + BN_CTX* ctx); /* r = sqrt(a) mod p */ +int BN_GF2m_mod_solve_quad(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p, + BN_CTX* ctx); /* r^2 + r = a mod p */ +alias BN_ucmp BN_GF2m_cmp; +/* Some functions allow for representation of the irreducible polynomials + * as an uint[], say p. The irreducible f(t) is then of the form: + * t^p[0] + t^p[1] + ... + t^p[k] + * where m = p[0] > p[1] > ... > p[k] = 0. + */ +int BN_GF2m_mod_arr(BIGNUM* r, const(BIGNUM)* a, const int[] p); + /* r = a mod p */ +int BN_GF2m_mod_mul_arr(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b, + const int[] p, BN_CTX* ctx); /* r = (a* b) mod p */ +int BN_GF2m_mod_sqr_arr(BIGNUM* r, const(BIGNUM)* a, const int[] p, + BN_CTX* ctx); /* r = (a* a) mod p */ +int BN_GF2m_mod_inv_arr(BIGNUM* r, const(BIGNUM)* b, const int[] p, + BN_CTX* ctx); /* r = (1 / b) mod p */ +int BN_GF2m_mod_div_arr(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b, + const int[] p, BN_CTX* ctx); /* r = (a / b) mod p */ +int BN_GF2m_mod_exp_arr(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* b, + const int[] p, BN_CTX* ctx); /* r = (a ^ b) mod p */ +int BN_GF2m_mod_sqrt_arr(BIGNUM* r, const(BIGNUM)* a, + const int[] p, BN_CTX* ctx); /* r = sqrt(a) mod p */ +int BN_GF2m_mod_solve_quad_arr(BIGNUM* r, const(BIGNUM)* a, + const int[] p, BN_CTX* ctx); /* r^2 + r = a mod p */ +int BN_GF2m_poly2arr(const(BIGNUM)* a, int[] p, int max); +int BN_GF2m_arr2poly(const int[] p, BIGNUM* a); + +} + +/* faster mod functions for the 'NIST primes' + * 0 <= a < p^2 */ +int BN_nist_mod_192(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p, BN_CTX* ctx); +int BN_nist_mod_224(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p, BN_CTX* ctx); +int BN_nist_mod_256(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p, BN_CTX* ctx); +int BN_nist_mod_384(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p, BN_CTX* ctx); +int BN_nist_mod_521(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p, BN_CTX* ctx); + +const(BIGNUM)* BN_get0_nist_prime_192(); +const(BIGNUM)* BN_get0_nist_prime_224(); +const(BIGNUM)* BN_get0_nist_prime_256(); +const(BIGNUM)* BN_get0_nist_prime_384(); +const(BIGNUM)* BN_get0_nist_prime_521(); + +/* library internal functions */ + +auto bn_expand()(BIGNUM* a, int bits) { return ((((((bits+BN_BITS2-1))/BN_BITS2)) <= a.dmax)? + (a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2)); } +auto bn_wexpand()(BIGNUM* a, int words) { return (((words) <= a.dmax)?(a):bn_expand2((a),(words))); } +BIGNUM* bn_expand2(BIGNUM* a, int words); +version(OPENSSL_NO_DEPRECATED) {} else { +BIGNUM* bn_dup_expand(const(BIGNUM)* a, int words); /* unused */ +} + +/+ FIXME: Not yet ported. +/* Bignum consistency macros + * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from + * bignum data after direct manipulations on the data. There is also an + * "internal" macro, bn_check_top(), for verifying that there are no leading + * zeroes. Unfortunately, some auditing is required due to the fact that + * bn_fix_top() has become an overabused duct-tape because bignum data is + * occasionally passed around in an inconsistent state. So the following + * changes have been made to sort this out_; + * - bn_fix_top()s implementation has been moved to bn_correct_top() + * - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and + * bn_check_top() is as before. + * - if BN_DEBUG* is* defined; + * - bn_check_top() tries to pollute unused words even if the bignum 'top' is + * consistent. (ed: only if BN_DEBUG_RAND is defined) + * - bn_fix_top() maps to bn_check_top() rather than "fixing" anything. + * The idea is to have debug builds flag up inconsistent bignums when they + * occur. If that occurs in a bn_fix_top(), we examine the code in question; if + * the use of bn_fix_top() was appropriate (ie. it follows directly after code + * that manipulates the bignum) it is converted to bn_correct_top(), and if it + * was not appropriate, we convert it permanently to bn_check_top() and track + * down the cause of the bug. Eventually, no internal code should be using the + * bn_fix_top() macro. External applications and libraries should try this with + * their own code too, both in terms of building against the openssl headers + * with BN_DEBUG defined* and* linking with a version of OpenSSL built with it + * defined. This not only improves external code, it provides more test + * coverage for openssl's own code. + */ + +#ifdef BN_DEBUG + +/* We only need assert() when debugging */ +#include + +#ifdef BN_DEBUG_RAND +/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */ +#ifndef RAND_pseudo_bytes +int RAND_pseudo_bytes(ubyte* buf,int num); +#define BN_DEBUG_TRIX +#endif +#define bn_pollute(a) \ + do { \ + const(BIGNUM)* _bnum1 = (a); \ + if(_bnum1->top < _bnum1->dmax) { \ + ubyte _tmp_char; \ + /* We cast away const without the compiler knowing, any \ + ** genuinely* constant variables that aren't mutable \ + * wouldn't be constructed with top!=dmax. */ \ + BN_ULONG* _not_const; \ + memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \ + RAND_pseudo_bytes(&_tmp_char, 1); \ + memset((ubyte*)(_not_const + _bnum1->top), _tmp_char, \ + (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \ + } \ + } while(0) +#ifdef BN_DEBUG_TRIX +#undef RAND_pseudo_bytes +#endif +#else +#define bn_pollute(a) +#endif +#define bn_check_top(a) \ + do { \ + const(BIGNUM)* _bnum2 = (a); \ + if (_bnum2 != NULL) { \ + assert((_bnum2->top == 0) || \ + (_bnum2->d[_bnum2->top - 1] != 0)); \ + bn_pollute(_bnum2); \ + } \ + } while(0) + +#define bn_fix_top(a) bn_check_top(a) + +#define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2) +#define bn_wcheck_size(bn, words) \ + do { \ + const BIGNUM *_bnum2 = (bn); \ + assert(words <= (_bnum2)->dmax && words >= (_bnum2)->top); \ + } while(0) + +#else /* !BN_DEBUG */ ++/ +void bn_pollute()(BIGNUM* a) {} +void bn_check_top()(BIGNUM* a) {} +alias bn_correct_top bn_fix_top; +void bn_check_size()(BIGNUM* bn, size_t bits) {} +void bn_wcheck_size()(BIGNUM* bn, size_t words) {} + +// #endif + +auto bn_correct_top()(BIGNUM* a) { + BN_ULONG* ftl; + int tmp_top = a.top; + if (tmp_top > 0) + { + for (ftl= &(a.d[tmp_top-1]); tmp_top > 0; tmp_top--) + if (*(ftl--)) break; + a.top = tmp_top; + } + bn_pollute(a); +} + +BN_ULONG bn_mul_add_words(BN_ULONG* rp, const(BN_ULONG)* ap, int num, BN_ULONG w); +BN_ULONG bn_mul_words(BN_ULONG* rp, const(BN_ULONG)* ap, int num, BN_ULONG w); +void bn_sqr_words(BN_ULONG* rp, const(BN_ULONG)* ap, int num); +BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d); +BN_ULONG bn_add_words(BN_ULONG* rp, const(BN_ULONG)* ap, const(BN_ULONG)* bp,int num); +BN_ULONG bn_sub_words(BN_ULONG* rp, const(BN_ULONG)* ap, const(BN_ULONG)* bp,int num); + +/* Primes from RFC 2409 */ +BIGNUM* get_rfc2409_prime_768(BIGNUM* bn); +BIGNUM* get_rfc2409_prime_1024(BIGNUM* bn); + +/* Primes from RFC 3526 */ +BIGNUM* get_rfc3526_prime_1536(BIGNUM* bn); +BIGNUM* get_rfc3526_prime_2048(BIGNUM* bn); +BIGNUM* get_rfc3526_prime_3072(BIGNUM* bn); +BIGNUM* get_rfc3526_prime_4096(BIGNUM* bn); +BIGNUM* get_rfc3526_prime_6144(BIGNUM* bn); +BIGNUM* get_rfc3526_prime_8192(BIGNUM* bn); + +int BN_bntest_rand(BIGNUM* rnd, int bits, int top,int bottom); + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_BN_strings(); + +/* Error codes for the BN functions. */ + +/* Function codes. */ +enum BN_F_BNRAND = 127; +enum BN_F_BN_BLINDING_CONVERT_EX = 100; +enum BN_F_BN_BLINDING_CREATE_PARAM = 128; +enum BN_F_BN_BLINDING_INVERT_EX = 101; +enum BN_F_BN_BLINDING_NEW = 102; +enum BN_F_BN_BLINDING_UPDATE = 103; +enum BN_F_BN_BN2DEC = 104; +enum BN_F_BN_BN2HEX = 105; +enum BN_F_BN_CTX_GET = 116; +enum BN_F_BN_CTX_NEW = 106; +enum BN_F_BN_CTX_START = 129; +enum BN_F_BN_DIV = 107; +enum BN_F_BN_DIV_NO_BRANCH = 138; +enum BN_F_BN_DIV_RECP = 130; +enum BN_F_BN_EXP = 123; +enum BN_F_BN_EXPAND2 = 108; +enum BN_F_BN_EXPAND_INTERNAL = 120; +enum BN_F_BN_GF2M_MOD = 131; +enum BN_F_BN_GF2M_MOD_EXP = 132; +enum BN_F_BN_GF2M_MOD_MUL = 133; +enum BN_F_BN_GF2M_MOD_SOLVE_QUAD = 134; +enum BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR = 135; +enum BN_F_BN_GF2M_MOD_SQR = 136; +enum BN_F_BN_GF2M_MOD_SQRT = 137; +enum BN_F_BN_MOD_EXP2_MONT = 118; +enum BN_F_BN_MOD_EXP_MONT = 109; +enum BN_F_BN_MOD_EXP_MONT_CONSTTIME = 124; +enum BN_F_BN_MOD_EXP_MONT_WORD = 117; +enum BN_F_BN_MOD_EXP_RECP = 125; +enum BN_F_BN_MOD_EXP_SIMPLE = 126; +enum BN_F_BN_MOD_INVERSE = 110; +enum BN_F_BN_MOD_INVERSE_NO_BRANCH = 139; +enum BN_F_BN_MOD_LSHIFT_QUICK = 119; +enum BN_F_BN_MOD_MUL_RECIPROCAL = 111; +enum BN_F_BN_MOD_SQRT = 121; +enum BN_F_BN_MPI2BN = 112; +enum BN_F_BN_NEW = 113; +enum BN_F_BN_RAND = 114; +enum BN_F_BN_RAND_RANGE = 122; +enum BN_F_BN_USUB = 115; + +/* Reason codes. */ +enum BN_R_ARG2_LT_ARG3 = 100; +enum BN_R_BAD_RECIPROCAL = 101; +enum BN_R_BIGNUM_TOO_LONG = 114; +enum BN_R_CALLED_WITH_EVEN_MODULUS = 102; +enum BN_R_DIV_BY_ZERO = 103; +enum BN_R_ENCODING_ERROR = 104; +enum BN_R_EXPAND_ON_STATIC_BIGNUM_DATA = 105; +enum BN_R_INPUT_NOT_REDUCED = 110; +enum BN_R_INVALID_LENGTH = 106; +enum BN_R_INVALID_RANGE = 115; +enum BN_R_NOT_A_SQUARE = 111; +enum BN_R_NOT_INITIALIZED = 107; +enum BN_R_NO_INVERSE = 108; +enum BN_R_NO_SOLUTION = 116; +enum BN_R_P_IS_NOT_PRIME = 112; +enum BN_R_TOO_MANY_ITERATIONS = 113; +enum BN_R_TOO_MANY_TEMPORARY_VARIABLES = 109; diff --git a/deimos/openssl/buffer.d b/deimos/openssl/buffer.d new file mode 100644 index 0000000..6ca429d --- /dev/null +++ b/deimos/openssl/buffer.d @@ -0,0 +1,114 @@ +/* crypto/buffer/buffer.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.buffer; + +import deimos.openssl._d_util; + +public import deimos.openssl.ossl_typ; + +extern (C): +nothrow: + +import core.stdc.config; + +//#if !defined(NO_SYS_TYPES_H) +//#include +//#endif + +/* Already declared in ossl_typ.h */ +/* typedef buf_mem_st BUF_MEM; */ + +struct buf_mem_st + { + size_t length; /* current number of bytes */ + char* data; + size_t max; /* size of buffer */ + }; + +BUF_MEM* BUF_MEM_new(); +void BUF_MEM_free(BUF_MEM* a); +int BUF_MEM_grow(BUF_MEM* str, size_t len); +int BUF_MEM_grow_clean(BUF_MEM* str, size_t len); +char* BUF_strdup(const(char)* str); +char* BUF_strndup(const(char)* str, size_t siz); +void* BUF_memdup(const(void)* data, size_t siz); +void BUF_reverse(ubyte* out_, const(ubyte)* in_, size_t siz); + +/* safe string functions */ +size_t BUF_strlcpy(char* dst,const(char)* src,size_t siz); +size_t BUF_strlcat(char* dst,const(char)* src,size_t siz); + + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_BUF_strings(); + +/* Error codes for the BUF functions. */ + +/* Function codes. */ +enum BUF_F_BUF_MEMDUP = 103; +enum BUF_F_BUF_MEM_GROW = 100; +enum BUF_F_BUF_MEM_GROW_CLEAN = 105; +enum BUF_F_BUF_MEM_NEW = 101; +enum BUF_F_BUF_STRDUP = 102; +enum BUF_F_BUF_STRNDUP = 104; + +/* Reason codes. */ diff --git a/deimos/openssl/camellia.d b/deimos/openssl/camellia.d new file mode 100644 index 0000000..6bf0e4e --- /dev/null +++ b/deimos/openssl/camellia.d @@ -0,0 +1,125 @@ +/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */ +/* ==================================================================== + * Copyright (c) 2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + */ + +module deimos.openssl.camellia; + +import deimos.openssl._d_util; + +public import deimos.openssl.opensslconf; + +version (OPENSSL_NO_CAMELLIA) { + static assert(false, "CAMELLIA is disabled."); +} + +import core.stdc.config; + +enum CAMELLIA_ENCRYPT = 1; +enum CAMELLIA_DECRYPT = 0; + +/* Because array size can't be a const in C, the following two are macros. + Both sizes are in bytes. */ + +extern (C): +nothrow: + +/* This should be a hidden type, but EVP requires that the size be known */ + +enum CAMELLIA_BLOCK_SIZE = 16; +enum CAMELLIA_TABLE_BYTE_LEN = 272; +enum CAMELLIA_TABLE_WORD_LEN = (CAMELLIA_TABLE_BYTE_LEN / 4); + +alias uint[CAMELLIA_TABLE_WORD_LEN] KEY_TABLE_TYPE; /* to match with WORD */ + +struct camellia_key_st + { + union u_ { + double d; /* ensures 64-bit align */ + KEY_TABLE_TYPE rd_key; + } + u_ u; + int grand_rounds; + }; +alias camellia_key_st CAMELLIA_KEY; + +version(OPENSSL_FIPS) { +int private_Camellia_set_key(const(ubyte)* userKey, const int bits, + CAMELLIA_KEY *key); +} +int Camellia_set_key(const(ubyte)* userKey, const int bits, + CAMELLIA_KEY* key); + +void Camellia_encrypt(const(ubyte)* in_, ubyte* out_, + const(CAMELLIA_KEY)* key); +void Camellia_decrypt(const(ubyte)* in_, ubyte* out_, + const(CAMELLIA_KEY)* key); + +void Camellia_ecb_encrypt(const(ubyte)* in_, ubyte* out_, + const(CAMELLIA_KEY)* key, const int enc); +void Camellia_cbc_encrypt(const(ubyte)* in_, ubyte* out_, + size_t length, const(CAMELLIA_KEY)* key, + ubyte* ivec, const int enc); +void Camellia_cfb128_encrypt(const(ubyte)* in_, ubyte* out_, + size_t length, const(CAMELLIA_KEY)* key, + ubyte* ivec, int* num, const int enc); +void Camellia_cfb1_encrypt(const(ubyte)* in_, ubyte* out_, + size_t length, const(CAMELLIA_KEY)* key, + ubyte* ivec, int* num, const int enc); +void Camellia_cfb8_encrypt(const(ubyte)* in_, ubyte* out_, + size_t length, const(CAMELLIA_KEY)* key, + ubyte* ivec, int* num, const int enc); +void Camellia_ofb128_encrypt(const(ubyte)* in_, ubyte* out_, + size_t length, const(CAMELLIA_KEY)* key, + ubyte* ivec, int* num); +void Camellia_ctr128_encrypt(const(ubyte)* in_, ubyte* out_, + size_t length, const(CAMELLIA_KEY)* key, + ubyte[CAMELLIA_BLOCK_SIZE] ivec, + ubyte[CAMELLIA_BLOCK_SIZE] ecount_buf, + uint* num); diff --git a/deimos/openssl/cast_.d b/deimos/openssl/cast_.d new file mode 100644 index 0000000..447d8f8 --- /dev/null +++ b/deimos/openssl/cast_.d @@ -0,0 +1,101 @@ +/* crypto/cast/cast.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.cast_; + +import deimos.openssl._d_util; + +extern (C): +nothrow: + +public import deimos.openssl.opensslconf; + +version (OPENSSL_NO_CAST) { + static assert(false, "CAST is disabled."); +} + +enum CAST_ENCRYPT = 1; +enum CAST_DECRYPT = 0; + +alias uint CAST_LONG; + +enum CAST_BLOCK = 8; +enum CAST_KEY_LENGTH = 16; + +struct cast_key_st { + CAST_LONG[32] data; + int short_key; /* Use reduced rounds for short key */ + } +alias cast_key_st CAST_KEY; + +version(OPENSSL_FIPS) { +void private_CAST_set_key(CAST_KEY *key, int len, const(ubyte)* data); +} +void CAST_set_key(CAST_KEY* key, int len, const(ubyte)* data); +void CAST_ecb_encrypt(const(ubyte)* in_, ubyte* out_, const(CAST_KEY)* key, + int enc); +void CAST_encrypt(CAST_LONG* data, const(CAST_KEY)* key); +void CAST_decrypt(CAST_LONG* data, const(CAST_KEY)* key); +void CAST_cbc_encrypt(const(ubyte)* in_, ubyte* out_, c_long length, + const(CAST_KEY)* ks, ubyte* iv, int enc); +void CAST_cfb64_encrypt(const(ubyte)* in_, ubyte* out_, + c_long length, const(CAST_KEY)* schedule, ubyte* ivec, + int* num, int enc); +void CAST_ofb64_encrypt(const(ubyte)* in_, ubyte* out_, + c_long length, const(CAST_KEY)* schedule, ubyte* ivec, + int* num); diff --git a/deimos/openssl/cmac.d b/deimos/openssl/cmac.d new file mode 100644 index 0000000..defb66c --- /dev/null +++ b/deimos/openssl/cmac.d @@ -0,0 +1,78 @@ +/* crypto/cmac/cmac.h */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project. + */ +/* ==================================================================== + * Copyright (c) 2010 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ +module deimos.openssl.cmac; + +import deimos.openssl._d_util; + +public import deimos.openssl.opensslconf; + +public import deimos.openssl.evp; + +extern (C): +nothrow: + +/* Opaque */ +struct CMAC_CTX_st; +alias CMAC_CTX_st CMAC_CTX; + +CMAC_CTX* CMAC_CTX_new(); +void CMAC_CTX_cleanup(CMAC_CTX *ctx); +void CMAC_CTX_free(CMAC_CTX *ctx); +EVP_CIPHER_CTX* CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx); +int CMAC_CTX_copy(CMAC_CTX* out_, const(CMAC_CTX)* in_); + +int CMAC_Init(CMAC_CTX* ctx, const(void)* key, size_t keylen, + const(EVP_CIPHER)* cipher, ENGINE* impl); +int CMAC_Update(CMAC_CTX* ctx, const(ubyte)* data, size_t dlen); +int CMAC_Final(CMAC_CTX* ctx, ubyte* out_, size_t* poutlen); +int CMAC_resume(CMAC_CTX* ctx); diff --git a/deimos/openssl/cms.d b/deimos/openssl/cms.d new file mode 100644 index 0000000..7ad31bc --- /dev/null +++ b/deimos/openssl/cms.d @@ -0,0 +1,506 @@ +/* crypto/cms/cms.h */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project. + */ +/* ==================================================================== + * Copyright (c) 2008 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + + +module deimos.openssl.cms; + +import deimos.openssl._d_util; + +import deimos.openssl.asn1; // Needed for DECLARE_ASN1_*. +import deimos.openssl.x509v3; // Needed for GENERAL_NAMES. + +public import deimos.openssl.x509; + +version (OPENSSL_NO_CMS) { + static assert(false, "CMS is disabled."); +} + +extern (C): +nothrow: + + +struct CMS_ContentInfo_st; +alias CMS_ContentInfo_st CMS_ContentInfo; +struct CMS_SignerInfo_st; +alias CMS_SignerInfo_st CMS_SignerInfo; +// BUG/oversight in the original headers: _st suffix missing. +struct CMS_CertificateChoices; +struct CMS_RevocationInfoChoice_st; +alias CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice; +struct CMS_RecipientInfo_st; +alias CMS_RecipientInfo_st CMS_RecipientInfo; +struct CMS_ReceiptRequest_st; +alias CMS_ReceiptRequest_st CMS_ReceiptRequest; +struct CMS_Receipt_st; +alias CMS_Receipt_st CMS_Receipt; + +/+mixin DECLARE_STACK_OF!(CMS_SignerInfo);+/ +/+mixin DECLARE_STACK_OF!(GENERAL_NAMES);+/ +mixin(DECLARE_ASN1_FUNCTIONS!"CMS_ContentInfo"); +mixin(DECLARE_ASN1_FUNCTIONS!"CMS_ReceiptRequest"); +mixin(DECLARE_ASN1_PRINT_FUNCTION!"CMS_ContentInfo"); + +enum CMS_SIGNERINFO_ISSUER_SERIAL = 0; +enum CMS_SIGNERINFO_KEYIDENTIFIER = 1; + +enum CMS_RECIPINFO_TRANS = 0; +enum CMS_RECIPINFO_AGREE = 1; +enum CMS_RECIPINFO_KEK = 2; +enum CMS_RECIPINFO_PASS = 3; +enum CMS_RECIPINFO_OTHER = 4; + +/* S/MIME related flags */ + +enum CMS_TEXT = 0x1; +enum CMS_NOCERTS = 0x2; +enum CMS_NO_CONTENT_VERIFY = 0x4; +enum CMS_NO_ATTR_VERIFY = 0x8; +enum CMS_NOSIGS = (CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY); +enum CMS_NOINTERN = 0x10; +enum CMS_NO_SIGNER_CERT_VERIFY = 0x20; +enum CMS_NOVERIFY = 0x20; +enum CMS_DETACHED = 0x40; +enum CMS_BINARY = 0x80; +enum CMS_NOATTR = 0x100; +enum CMS_NOSMIMECAP = 0x200; +enum CMS_NOOLDMIMETYPE = 0x400; +enum CMS_CRLFEOL = 0x800; +enum CMS_STREAM = 0x1000; +enum CMS_NOCRL = 0x2000; +enum CMS_PARTIAL = 0x4000; +enum CMS_REUSE_DIGEST = 0x8000; +enum CMS_USE_KEYID = 0x10000; +enum CMS_DEBUG_DECRYPT = 0x20000; + +const(ASN1_OBJECT)* CMS_get0_type(CMS_ContentInfo* cms); + +BIO* CMS_dataInit(CMS_ContentInfo* cms, BIO* icont); +int CMS_dataFinal(CMS_ContentInfo* cms, BIO* bio); + +ASN1_OCTET_STRING** CMS_get0_content(CMS_ContentInfo* cms); +int CMS_is_detached(CMS_ContentInfo* cms); +int CMS_set_detached(CMS_ContentInfo* cms, int detached); + +// #ifdef HEADER_PEM_H +import deimos.openssl.pem; +mixin(DECLARE_PEM_rw_const!("CMS", "CMS_ContentInfo")()); +// #endif + +int CMS_stream(ubyte*** boundary, CMS_ContentInfo* cms); +CMS_ContentInfo* d2i_CMS_bio(BIO* bp, CMS_ContentInfo** cms); +int i2d_CMS_bio(BIO* bp, CMS_ContentInfo* cms); + +BIO* BIO_new_CMS(BIO* out_, CMS_ContentInfo* cms); +int i2d_CMS_bio_stream(BIO* out_, CMS_ContentInfo* cms, BIO* in_, int flags); +int PEM_write_bio_CMS_stream(BIO* out_, CMS_ContentInfo* cms, BIO* in_, int flags); +CMS_ContentInfo* SMIME_read_CMS(BIO* bio, BIO** bcont); +int SMIME_write_CMS(BIO* bio, CMS_ContentInfo* cms, BIO* data, int flags); + +int CMS_final(CMS_ContentInfo* cms, BIO* data, BIO* dcont, uint flags); + +CMS_ContentInfo* CMS_sign(X509* signcert, EVP_PKEY* pkey, STACK_OF!(X509) *certs, + BIO* data, uint flags); + +CMS_ContentInfo* CMS_sign_receipt(CMS_SignerInfo* si, + X509* signcert, EVP_PKEY* pkey, + STACK_OF!(X509) *certs, + uint flags); + +int CMS_data(CMS_ContentInfo* cms, BIO* out_, uint flags); +CMS_ContentInfo* CMS_data_create(BIO* in_, uint flags); + +int CMS_digest_verify(CMS_ContentInfo* cms, BIO* dcont, BIO* out_, + uint flags); +CMS_ContentInfo* CMS_digest_create(BIO* in_, const(EVP_MD)* md, + uint flags); + +int CMS_EncryptedData_decrypt(CMS_ContentInfo* cms, + const(ubyte)* key, size_t keylen, + BIO* dcont, BIO* out_, uint flags); + +CMS_ContentInfo* CMS_EncryptedData_encrypt(BIO* in_, const(EVP_CIPHER)* cipher, + const(ubyte)* key, size_t keylen, + uint flags); + +int CMS_EncryptedData_set1_key(CMS_ContentInfo* cms, const(EVP_CIPHER)* ciph, + const(ubyte)* key, size_t keylen); + +int CMS_verify(CMS_ContentInfo* cms, STACK_OF!(X509) *certs, + X509_STORE* store, BIO* dcont, BIO* out_, uint flags); + +int CMS_verify_receipt(CMS_ContentInfo* rcms, CMS_ContentInfo* ocms, + STACK_OF!(X509) *certs, + X509_STORE* store, uint flags); + +STACK_OF!(X509) *CMS_get0_signers(CMS_ContentInfo* cms); + +CMS_ContentInfo* CMS_encrypt(STACK_OF!(X509) *certs, BIO* in_, + const(EVP_CIPHER)* cipher, uint flags); + +int CMS_decrypt(CMS_ContentInfo* cms, EVP_PKEY* pkey, X509* cert, + BIO* dcont, BIO* out_, + uint flags); + +int CMS_decrypt_set1_pkey(CMS_ContentInfo* cms, EVP_PKEY* pk, X509* cert); +int CMS_decrypt_set1_key(CMS_ContentInfo* cms, + ubyte* key, size_t keylen, + ubyte* id, size_t idlen); +int CMS_decrypt_set1_password(CMS_ContentInfo *cms, + ubyte *pass, ossl_ssize_t passlen); + +STACK_OF!(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo* cms); +int CMS_RecipientInfo_type(CMS_RecipientInfo* ri); +CMS_ContentInfo* CMS_EnvelopedData_create(const(EVP_CIPHER)* cipher); +CMS_RecipientInfo* CMS_add1_recipient_cert(CMS_ContentInfo* cms, + X509* recip, uint flags); +int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo* ri, EVP_PKEY* pkey); +int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo* ri, X509* cert); +int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo* ri, + EVP_PKEY** pk, X509** recip, + X509_ALGOR** palg); +int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo* ri, + ASN1_OCTET_STRING** keyid, + X509_NAME** issuer, ASN1_INTEGER** sno); + +CMS_RecipientInfo* CMS_add0_recipient_key(CMS_ContentInfo* cms, int nid, + ubyte* key, size_t keylen, + ubyte* id, size_t idlen, + ASN1_GENERALIZEDTIME* date, + ASN1_OBJECT* otherTypeId, + ASN1_TYPE* otherType); + +int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo* ri, + X509_ALGOR** palg, + ASN1_OCTET_STRING** pid, + ASN1_GENERALIZEDTIME** pdate, + ASN1_OBJECT** potherid, + ASN1_TYPE** pothertype); + +int CMS_RecipientInfo_set0_key(CMS_RecipientInfo* ri, + ubyte* key, size_t keylen); + +int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo* ri, + const(ubyte)* id, size_t idlen); + +int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, + ubyte* pass, + ossl_ssize_t passlen); + +CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, + int iter, int wrap_nid, int pbe_nid, + ubyte* pass, + ossl_ssize_t passlen, + const(EVP_CIPHER)* kekciph); + +int CMS_RecipientInfo_decrypt(CMS_ContentInfo* cms, CMS_RecipientInfo* ri); + +int CMS_uncompress(CMS_ContentInfo* cms, BIO* dcont, BIO* out_, + uint flags); +CMS_ContentInfo* CMS_compress(BIO* in_, int comp_nid, uint flags); + +int CMS_set1_eContentType(CMS_ContentInfo* cms, const(ASN1_OBJECT)* oid); +const(ASN1_OBJECT)* CMS_get0_eContentType(CMS_ContentInfo* cms); + +CMS_CertificateChoices* CMS_add0_CertificateChoices(CMS_ContentInfo* cms); +int CMS_add0_cert(CMS_ContentInfo* cms, X509* cert); +int CMS_add1_cert(CMS_ContentInfo* cms, X509* cert); +STACK_OF!(X509) *CMS_get1_certs(CMS_ContentInfo* cms); + +CMS_RevocationInfoChoice* CMS_add0_RevocationInfoChoice(CMS_ContentInfo* cms); +int CMS_add0_crl(CMS_ContentInfo* cms, X509_CRL* crl); +int CMS_add1_crl(CMS_ContentInfo* cms, X509_CRL* crl); +STACK_OF!(X509_CRL) *CMS_get1_crls(CMS_ContentInfo* cms); + +int CMS_SignedData_init(CMS_ContentInfo* cms); +CMS_SignerInfo* CMS_add1_signer(CMS_ContentInfo* cms, + X509* signer, EVP_PKEY* pk, const(EVP_MD)* md, + uint flags); +STACK_OF!(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo* cms); + +void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo* si, X509* signer); +int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo* si, + ASN1_OCTET_STRING** keyid, + X509_NAME** issuer, ASN1_INTEGER** sno); +int CMS_SignerInfo_cert_cmp(CMS_SignerInfo* si, X509* cert); +int CMS_set1_signers_certs(CMS_ContentInfo* cms, STACK_OF!(X509) *certs, + uint flags); +void CMS_SignerInfo_get0_algs(CMS_SignerInfo* si, EVP_PKEY** pk, X509** signer, + X509_ALGOR** pdig, X509_ALGOR** psig); +int CMS_SignerInfo_sign(CMS_SignerInfo* si); +int CMS_SignerInfo_verify(CMS_SignerInfo* si); +int CMS_SignerInfo_verify_content(CMS_SignerInfo* si, BIO* chain); + +int CMS_add_smimecap(CMS_SignerInfo* si, STACK_OF!(X509_ALGOR) *algs); +int CMS_add_simple_smimecap(STACK_OF!(X509_ALGOR) **algs, + int algnid, int keysize); +int CMS_add_standard_smimecap(STACK_OF!(X509_ALGOR) **smcap); + +int CMS_signed_get_attr_count(const(CMS_SignerInfo)* si); +int CMS_signed_get_attr_by_NID(const(CMS_SignerInfo)* si, int nid, + int lastpos); +int CMS_signed_get_attr_by_OBJ(const(CMS_SignerInfo)* si, ASN1_OBJECT* obj, + int lastpos); +X509_ATTRIBUTE* CMS_signed_get_attr(const(CMS_SignerInfo)* si, int loc); +X509_ATTRIBUTE* CMS_signed_delete_attr(CMS_SignerInfo* si, int loc); +int CMS_signed_add1_attr(CMS_SignerInfo* si, X509_ATTRIBUTE* attr); +int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo* si, + const(ASN1_OBJECT)* obj, int type, + const(void)* bytes, int len); +int CMS_signed_add1_attr_by_NID(CMS_SignerInfo* si, + int nid, int type, + const(void)* bytes, int len); +int CMS_signed_add1_attr_by_txt(CMS_SignerInfo* si, + const(char)* attrname, int type, + const(void)* bytes, int len); +void* CMS_signed_get0_data_by_OBJ(CMS_SignerInfo* si, ASN1_OBJECT* oid, + int lastpos, int type); + +int CMS_unsigned_get_attr_count(const(CMS_SignerInfo)* si); +int CMS_unsigned_get_attr_by_NID(const(CMS_SignerInfo)* si, int nid, + int lastpos); +int CMS_unsigned_get_attr_by_OBJ(const(CMS_SignerInfo)* si, ASN1_OBJECT* obj, + int lastpos); +X509_ATTRIBUTE* CMS_unsigned_get_attr(const(CMS_SignerInfo)* si, int loc); +X509_ATTRIBUTE* CMS_unsigned_delete_attr(CMS_SignerInfo* si, int loc); +int CMS_unsigned_add1_attr(CMS_SignerInfo* si, X509_ATTRIBUTE* attr); +int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo* si, + const(ASN1_OBJECT)* obj, int type, + const(void)* bytes, int len); +int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo* si, + int nid, int type, + const(void)* bytes, int len); +int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo* si, + const(char)* attrname, int type, + const(void)* bytes, int len); +void* CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo* si, ASN1_OBJECT* oid, + int lastpos, int type); + +// #ifdef HEADER_X509V3_H + +int CMS_get1_ReceiptRequest(CMS_SignerInfo* si, CMS_ReceiptRequest** prr); +CMS_ReceiptRequest* CMS_ReceiptRequest_create0(ubyte* id, int idlen, + int allorfirst, + STACK_OF!(GENERAL_NAMES) *receiptList, + STACK_OF!(GENERAL_NAMES) *receiptsTo); +int CMS_add1_ReceiptRequest(CMS_SignerInfo* si, CMS_ReceiptRequest* rr); +void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest* rr, + ASN1_STRING** pcid, + int* pallorfirst, + STACK_OF!(GENERAL_NAMES) **plist, + STACK_OF!(GENERAL_NAMES) **prto); + +// #endif + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_CMS_strings(); + +/* Error codes for the CMS functions. */ + +/* Function codes. */ +enum CMS_F_CHECK_CONTENT = 99; +enum CMS_F_CMS_ADD0_CERT = 164; +enum CMS_F_CMS_ADD0_RECIPIENT_KEY = 100; +enum CMS_F_CMS_ADD0_RECIPIENT_PASSWORD = 165; +enum CMS_F_CMS_ADD1_RECEIPTREQUEST = 158; +enum CMS_F_CMS_ADD1_RECIPIENT_CERT = 101; +enum CMS_F_CMS_ADD1_SIGNER = 102; +enum CMS_F_CMS_ADD1_SIGNINGTIME = 103; +enum CMS_F_CMS_COMPRESS = 104; +enum CMS_F_CMS_COMPRESSEDDATA_CREATE = 105; +enum CMS_F_CMS_COMPRESSEDDATA_INIT_BIO = 106; +enum CMS_F_CMS_COPY_CONTENT = 107; +enum CMS_F_CMS_COPY_MESSAGEDIGEST = 108; +enum CMS_F_CMS_DATA = 109; +enum CMS_F_CMS_DATAFINAL = 110; +enum CMS_F_CMS_DATAINIT = 111; +enum CMS_F_CMS_DECRYPT = 112; +enum CMS_F_CMS_DECRYPT_SET1_KEY = 113; +enum CMS_F_CMS_DECRYPT_SET1_PASSWORD = 166; +enum CMS_F_CMS_DECRYPT_SET1_PKEY = 114; +enum CMS_F_CMS_DIGESTALGORITHM_FIND_CTX = 115; +enum CMS_F_CMS_DIGESTALGORITHM_INIT_BIO = 116; +enum CMS_F_CMS_DIGESTEDDATA_DO_FINAL = 117; +enum CMS_F_CMS_DIGEST_VERIFY = 118; +enum CMS_F_CMS_ENCODE_RECEIPT = 161; +enum CMS_F_CMS_ENCRYPT = 119; +enum CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO = 120; +enum CMS_F_CMS_ENCRYPTEDDATA_DECRYPT = 121; +enum CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT = 122; +enum CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY = 123; +enum CMS_F_CMS_ENVELOPEDDATA_CREATE = 124; +enum CMS_F_CMS_ENVELOPEDDATA_INIT_BIO = 125; +enum CMS_F_CMS_ENVELOPED_DATA_INIT = 126; +enum CMS_F_CMS_FINAL = 127; +enum CMS_F_CMS_GET0_CERTIFICATE_CHOICES = 128; +enum CMS_F_CMS_GET0_CONTENT = 129; +enum CMS_F_CMS_GET0_ECONTENT_TYPE = 130; +enum CMS_F_CMS_GET0_ENVELOPED = 131; +enum CMS_F_CMS_GET0_REVOCATION_CHOICES = 132; +enum CMS_F_CMS_GET0_SIGNED = 133; +enum CMS_F_CMS_MSGSIGDIGEST_ADD1 = 162; +enum CMS_F_CMS_RECEIPTREQUEST_CREATE0 = 159; +enum CMS_F_CMS_RECEIPT_VERIFY = 160; +enum CMS_F_CMS_RECIPIENTINFO_DECRYPT = 134; +enum CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT = 135; +enum CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT = 136; +enum CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID = 137; +enum CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP = 138; +enum CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP = 139; +enum CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT = 140; +enum CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT = 141; +enum CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS = 142; +enum CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID = 143; +enum CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT = 167; +enum CMS_F_CMS_RECIPIENTINFO_SET0_KEY = 144; +enum CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD = 168; +enum CMS_F_CMS_RECIPIENTINFO_SET0_PKEY = 145; +enum CMS_F_CMS_SET1_SIGNERIDENTIFIER = 146; +enum CMS_F_CMS_SET_DETACHED = 147; +enum CMS_F_CMS_SIGN = 148; +enum CMS_F_CMS_SIGNED_DATA_INIT = 149; +enum CMS_F_CMS_SIGNERINFO_CONTENT_SIGN = 150; +enum CMS_F_CMS_SIGNERINFO_SIGN = 151; +enum CMS_F_CMS_SIGNERINFO_VERIFY = 152; +enum CMS_F_CMS_SIGNERINFO_VERIFY_CERT = 153; +enum CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT = 154; +enum CMS_F_CMS_SIGN_RECEIPT = 163; +enum CMS_F_CMS_STREAM = 155; +enum CMS_F_CMS_UNCOMPRESS = 156; +enum CMS_F_CMS_VERIFY = 157; + +/* Reason codes. */ +enum CMS_R_ADD_SIGNER_ERROR = 99; +enum CMS_R_CERTIFICATE_ALREADY_PRESENT = 175; +enum CMS_R_CERTIFICATE_HAS_NO_KEYID = 160; +enum CMS_R_CERTIFICATE_VERIFY_ERROR = 100; +enum CMS_R_CIPHER_INITIALISATION_ERROR = 101; +enum CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR = 102; +enum CMS_R_CMS_DATAFINAL_ERROR = 103; +enum CMS_R_CMS_LIB = 104; +enum CMS_R_CONTENTIDENTIFIER_MISMATCH = 170; +enum CMS_R_CONTENT_NOT_FOUND = 105; +enum CMS_R_CONTENT_TYPE_MISMATCH = 171; +enum CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA = 106; +enum CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA = 107; +enum CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA = 108; +enum CMS_R_CONTENT_VERIFY_ERROR = 109; +enum CMS_R_CTRL_ERROR = 110; +enum CMS_R_CTRL_FAILURE = 111; +enum CMS_R_DECRYPT_ERROR = 112; +enum CMS_R_DIGEST_ERROR = 161; +enum CMS_R_ERROR_GETTING_PUBLIC_KEY = 113; +enum CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE = 114; +enum CMS_R_ERROR_SETTING_KEY = 115; +enum CMS_R_ERROR_SETTING_RECIPIENTINFO = 116; +enum CMS_R_INVALID_ENCRYPTED_KEY_LENGTH = 117; +enum CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER = 176; +enum CMS_R_INVALID_KEY_LENGTH = 118; +enum CMS_R_MD_BIO_INIT_ERROR = 119; +enum CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH = 120; +enum CMS_R_MESSAGEDIGEST_WRONG_LENGTH = 121; +enum CMS_R_MSGSIGDIGEST_ERROR = 172; +enum CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE = 162; +enum CMS_R_MSGSIGDIGEST_WRONG_LENGTH = 163; +enum CMS_R_NEED_ONE_SIGNER = 164; +enum CMS_R_NOT_A_SIGNED_RECEIPT = 165; +enum CMS_R_NOT_ENCRYPTED_DATA = 122; +enum CMS_R_NOT_KEK = 123; +enum CMS_R_NOT_KEY_TRANSPORT = 124; +enum CMS_R_NOT_PWRI = 177; +enum CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE = 125; +enum CMS_R_NO_CIPHER = 126; +enum CMS_R_NO_CONTENT = 127; +enum CMS_R_NO_CONTENT_TYPE = 173; +enum CMS_R_NO_DEFAULT_DIGEST = 128; +enum CMS_R_NO_DIGEST_SET = 129; +enum CMS_R_NO_KEY = 130; +enum CMS_R_NO_KEY_OR_CERT = 174; +enum CMS_R_NO_MATCHING_DIGEST = 131; +enum CMS_R_NO_MATCHING_RECIPIENT = 132; +enum CMS_R_NO_MATCHING_SIGNATURE = 166; +enum CMS_R_NO_MSGSIGDIGEST = 167; +enum CMS_R_NO_PASSWORD = 178; +enum CMS_R_NO_PRIVATE_KEY = 133; +enum CMS_R_NO_PUBLIC_KEY = 134; +enum CMS_R_NO_RECEIPT_REQUEST = 168; +enum CMS_R_NO_SIGNERS = 135; +enum CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE = 136; +enum CMS_R_RECEIPT_DECODE_ERROR = 169; +enum CMS_R_RECIPIENT_ERROR = 137; +enum CMS_R_SIGNER_CERTIFICATE_NOT_FOUND = 138; +enum CMS_R_SIGNFINAL_ERROR = 139; +enum CMS_R_SMIME_TEXT_ERROR = 140; +enum CMS_R_STORE_INIT_ERROR = 141; +enum CMS_R_TYPE_NOT_COMPRESSED_DATA = 142; +enum CMS_R_TYPE_NOT_DATA = 143; +enum CMS_R_TYPE_NOT_DIGESTED_DATA = 144; +enum CMS_R_TYPE_NOT_ENCRYPTED_DATA = 145; +enum CMS_R_TYPE_NOT_ENVELOPED_DATA = 146; +enum CMS_R_UNABLE_TO_FINALIZE_CONTEXT = 147; +enum CMS_R_UNKNOWN_CIPHER = 148; +enum CMS_R_UNKNOWN_DIGEST_ALGORIHM = 149; +enum CMS_R_UNKNOWN_ID = 150; +enum CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM = 151; +enum CMS_R_UNSUPPORTED_CONTENT_TYPE = 152; +enum CMS_R_UNSUPPORTED_KEK_ALGORITHM = 153; +enum CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM = 179; +enum CMS_R_UNSUPPORTED_RECIPIENT_TYPE = 154; +enum CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE = 155; +enum CMS_R_UNSUPPORTED_TYPE = 156; +enum CMS_R_UNWRAP_ERROR = 157; +enum CMS_R_UNWRAP_FAILURE = 180; +enum CMS_R_VERIFICATION_FAILURE = 158; +enum CMS_R_WRAP_ERROR = 159; diff --git a/deimos/openssl/comp.d b/deimos/openssl/comp.d new file mode 100644 index 0000000..db2e510 --- /dev/null +++ b/deimos/openssl/comp.d @@ -0,0 +1,75 @@ + +module deimos.openssl.comp; + +import deimos.openssl._d_util; + +import deimos.openssl.bio; // Needed for BIO_METHOD. + +public import deimos.openssl.crypto; + +extern (C): +nothrow: + +alias comp_ctx_st COMP_CTX; + +struct comp_method_st { + int type; /* NID for compression library */ + const(char)* name; /* A text string to identify the library */ + ExternC!(int function(COMP_CTX* ctx)) init_; + ExternC!(void function(COMP_CTX* ctx)) finish; + ExternC!(int function(COMP_CTX* ctx, + ubyte* out_, uint olen, + ubyte* in_, uint ilen)) compress; + ExternC!(int function(COMP_CTX* ctx, + ubyte* out_, uint olen, + ubyte* in_, uint ilen)) expand; + /* The following two do NOTHING, but are kept for backward compatibility */ + ExternC!(c_long function()) ctrl; + ExternC!(c_long function()) callback_ctrl; + } +alias comp_method_st COMP_METHOD; + +struct comp_ctx_st + { + COMP_METHOD* meth; + c_ulong compress_in; + c_ulong compress_out; + c_ulong expand_in; + c_ulong expand_out; + + CRYPTO_EX_DATA ex_data; + }; + + +COMP_CTX* COMP_CTX_new(COMP_METHOD* meth); +void COMP_CTX_free(COMP_CTX* ctx); +int COMP_compress_block(COMP_CTX* ctx, ubyte* out_, int olen, + ubyte* in_, int ilen); +int COMP_expand_block(COMP_CTX* ctx, ubyte* out_, int olen, + ubyte* in_, int ilen); +COMP_METHOD* COMP_rle(); +COMP_METHOD* COMP_zlib(); +void COMP_zlib_cleanup(); + +// #ifdef ZLIB +BIO_METHOD* BIO_f_zlib(); +// #endif + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_COMP_strings(); + +/* Error codes for the COMP functions. */ + +/* Function codes. */ +enum COMP_F_BIO_ZLIB_FLUSH = 99; +enum COMP_F_BIO_ZLIB_NEW = 100; +enum COMP_F_BIO_ZLIB_READ = 101; +enum COMP_F_BIO_ZLIB_WRITE = 102; + +/* Reason codes. */ +enum COMP_R_ZLIB_DEFLATE_ERROR = 99; +enum COMP_R_ZLIB_INFLATE_ERROR = 100; +enum COMP_R_ZLIB_NOT_SUPPORTED = 101; diff --git a/deimos/openssl/conf.d b/deimos/openssl/conf.d new file mode 100644 index 0000000..017352b --- /dev/null +++ b/deimos/openssl/conf.d @@ -0,0 +1,258 @@ +/* crypto/conf/conf.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.conf; + +import deimos.openssl._d_util; + +public import deimos.openssl.bio; +public import deimos.openssl.lhash; +public import deimos.openssl.stack; +public import deimos.openssl.safestack; +public import deimos.openssl.e_os2; + +public import deimos.openssl.ossl_typ; + +extern (C): +nothrow: + +struct CONF_VALUE + { + char* section; + char* name; + char* value; + } + +/+mixin DECLARE_STACK_OF!(CONF_VALUE);+/ +mixin DECLARE_LHASH_OF!(CONF_VALUE); + +alias conf_method_st CONF_METHOD; + +struct conf_method_st + { + const(char)* name; + ExternC!(CONF* function(CONF_METHOD* meth)) create; + ExternC!(int function(CONF* conf)) init_; + ExternC!(int function(CONF* conf)) destroy; + ExternC!(int function(CONF* conf)) destroy_data; + ExternC!(int function(CONF* conf, BIO* bp, c_long* eline)) load_bio; + ExternC!(int function(const(CONF)* conf, BIO* bp)) dump; + ExternC!(int function(const(CONF)* conf, char c)) is_number; + ExternC!(int function(const(CONF)* conf, char c)) to_int; + ExternC!(int function(CONF* conf, const(char)* name, c_long* eline)) load; + }; + +/* Module definitions */ + +struct conf_imodule_st; +alias conf_imodule_st CONF_IMODULE; +struct conf_module_st; +alias conf_module_st CONF_MODULE; + +/+mixin DECLARE_STACK_OF!(CONF_MODULE);+/ +/+mixin DECLARE_STACK_OF!(CONF_IMODULE);+/ + +/* DSO module function typedefs */ +alias typeof(*(ExternC!(int function(CONF_IMODULE* md, const(CONF)* cnf))).init) conf_init_func; +alias typeof(*(ExternC!(void function(CONF_IMODULE* md))).init) conf_finish_func; + +enum CONF_MFLAGS_IGNORE_ERRORS = 0x1; +enum CONF_MFLAGS_IGNORE_RETURN_CODES = 0x2; +enum CONF_MFLAGS_SILENT = 0x4; +enum CONF_MFLAGS_NO_DSO = 0x8; +enum CONF_MFLAGS_IGNORE_MISSING_FILE = 0x10; +enum CONF_MFLAGS_DEFAULT_SECTION = 0x20; + +int CONF_set_default_method(CONF_METHOD* meth); +void CONF_set_nconf(CONF* conf,LHASH_OF!(CONF_VALUE) *hash); +LHASH_OF!(CONF_VALUE) *CONF_load(LHASH_OF!(CONF_VALUE) *conf,const(char)* file, + c_long* eline); +version(OPENSSL_NO_FP_API) {} else { +LHASH_OF!(CONF_VALUE) *CONF_load_fp(LHASH_OF!(CONF_VALUE) *conf, FILE* fp, + c_long* eline); +} +LHASH_OF!(CONF_VALUE) *CONF_load_bio(LHASH_OF!(CONF_VALUE) *conf, BIO* bp,c_long* eline); +STACK_OF!(CONF_VALUE) *CONF_get_section(LHASH_OF!(CONF_VALUE) *conf, + const(char)* section); +char* CONF_get_string(LHASH_OF!(CONF_VALUE) *conf,const(char)* group, + const(char)* name); +c_long CONF_get_number(LHASH_OF!(CONF_VALUE) *conf,const(char)* group, + const(char)* name); +void CONF_free(LHASH_OF!(CONF_VALUE) *conf); +int CONF_dump_fp(LHASH_OF!(CONF_VALUE) *conf, FILE* out_); +int CONF_dump_bio(LHASH_OF!(CONF_VALUE) *conf, BIO* out_); + +void OPENSSL_config(const(char)* config_name); +void OPENSSL_no_config(); + +/* New conf code. The semantics are different from the functions above. + If that wasn't the case, the above functions would have been replaced */ + +struct conf_st + { + CONF_METHOD* meth; + void* meth_data; + LHASH_OF!(CONF_VALUE) *data; + }; + +CONF* NCONF_new(CONF_METHOD* meth); +CONF_METHOD* NCONF_default(); +CONF_METHOD* NCONF_WIN32(); +version (none) { /* Just to give you an idea of what I have in mind */ +CONF_METHOD* NCONF_XML(); +} +void NCONF_free(CONF* conf); +void NCONF_free_data(CONF* conf); + +int NCONF_load(CONF* conf,const(char)* file,c_long* eline); +version(OPENSSL_NO_FP_API) {} else { +int NCONF_load_fp(CONF* conf, FILE* fp,c_long* eline); +} +int NCONF_load_bio(CONF* conf, BIO* bp,c_long* eline); +STACK_OF!(CONF_VALUE) *NCONF_get_section(const(CONF)* conf,const(char)* section); +char* NCONF_get_string(const(CONF)* conf,const(char)* group,const(char)* name); +int NCONF_get_number_e(const(CONF)* conf,const(char)* group,const(char)* name, + c_long* result); +int NCONF_dump_fp(const(CONF)* conf, FILE* out_); +int NCONF_dump_bio(const(CONF)* conf, BIO* out_); + +version (none) { /* The following function has no error checking, + and should therefore be avoided */ +c_long NCONF_get_number(CONF* conf,char* group,char* name); +} else { +alias NCONF_get_number_e NCONF_get_number; +} + +/* Module functions */ + +int CONF_modules_load(const(CONF)* cnf, const(char)* appname, + c_ulong flags); +int CONF_modules_load_file(const(char)* filename, const(char)* appname, + c_ulong flags); +void CONF_modules_unload(int all); +void CONF_modules_finish(); +void CONF_modules_free(); +int CONF_module_add(const(char)* name, conf_init_func* ifunc, + conf_finish_func* ffunc); + +const(char)* CONF_imodule_get_name(const(CONF_IMODULE)* md); +const(char)* CONF_imodule_get_value(const(CONF_IMODULE)* md); +void* CONF_imodule_get_usr_data(const(CONF_IMODULE)* md); +void CONF_imodule_set_usr_data(CONF_IMODULE* md, void* usr_data); +CONF_MODULE* CONF_imodule_get_module(const(CONF_IMODULE)* md); +c_ulong CONF_imodule_get_flags(const(CONF_IMODULE)* md); +void CONF_imodule_set_flags(CONF_IMODULE* md, c_ulong flags); +void* CONF_module_get_usr_data(CONF_MODULE* pmod); +void CONF_module_set_usr_data(CONF_MODULE* pmod, void* usr_data); + +char* CONF_get1_default_config_file(); + +int CONF_parse_list(const(char)* list, int sep, int nospc, + ExternC!(int function(const(char)* elem, int len, void* usr)) list_cb, void* arg); + +void OPENSSL_load_builtin_modules(); + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_CONF_strings(); + +/* Error codes for the CONF functions. */ + +/* Function codes. */ +enum CONF_F_CONF_DUMP_FP = 104; +enum CONF_F_CONF_LOAD = 100; +enum CONF_F_CONF_LOAD_BIO = 102; +enum CONF_F_CONF_LOAD_FP = 103; +enum CONF_F_CONF_MODULES_LOAD = 116; +enum CONF_F_CONF_PARSE_LIST = 119; +enum CONF_F_DEF_LOAD = 120; +enum CONF_F_DEF_LOAD_BIO = 121; +enum CONF_F_MODULE_INIT = 115; +enum CONF_F_MODULE_LOAD_DSO = 117; +enum CONF_F_MODULE_RUN = 118; +enum CONF_F_NCONF_DUMP_BIO = 105; +enum CONF_F_NCONF_DUMP_FP = 106; +enum CONF_F_NCONF_GET_NUMBER = 107; +enum CONF_F_NCONF_GET_NUMBER_E = 112; +enum CONF_F_NCONF_GET_SECTION = 108; +enum CONF_F_NCONF_GET_STRING = 109; +enum CONF_F_NCONF_LOAD = 113; +enum CONF_F_NCONF_LOAD_BIO = 110; +enum CONF_F_NCONF_LOAD_FP = 114; +enum CONF_F_NCONF_NEW = 111; +enum CONF_F_STR_COPY = 101; + +/* Reason codes. */ +enum CONF_R_ERROR_LOADING_DSO = 110; +enum CONF_R_LIST_CANNOT_BE_NULL = 115; +enum CONF_R_MISSING_CLOSE_SQUARE_BRACKET = 100; +enum CONF_R_MISSING_EQUAL_SIGN = 101; +enum CONF_R_MISSING_FINISH_FUNCTION = 111; +enum CONF_R_MISSING_INIT_FUNCTION = 112; +enum CONF_R_MODULE_INITIALIZATION_ERROR = 109; +enum CONF_R_NO_CLOSE_BRACE = 102; +enum CONF_R_NO_CONF = 105; +enum CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE = 106; +enum CONF_R_NO_SECTION = 107; +enum CONF_R_NO_SUCH_FILE = 114; +enum CONF_R_NO_VALUE = 108; +enum CONF_R_UNABLE_TO_CREATE_NEW_SECTION = 103; +enum CONF_R_UNKNOWN_MODULE_NAME = 113; +enum CONF_R_VARIABLE_HAS_NO_VALUE = 104; diff --git a/deimos/openssl/conf_api.d b/deimos/openssl/conf_api.d new file mode 100644 index 0000000..e6535ed --- /dev/null +++ b/deimos/openssl/conf_api.d @@ -0,0 +1,83 @@ +/* conf_api.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.conf_api; + +import deimos.openssl._d_util; + +public import deimos.openssl.lhash; +public import deimos.openssl.conf; + +extern (C): +nothrow: + +/* Up until OpenSSL 0.9.5a, this was new_section */ +CONF_VALUE* _CONF_new_section(CONF* conf, const(char)* section); +/* Up until OpenSSL 0.9.5a, this was get_section */ +CONF_VALUE* _CONF_get_section(const(CONF)* conf, const(char)* section); +/* Up until OpenSSL 0.9.5a, this was CONF_get_section */ +STACK_OF!(CONF_VALUE) *_CONF_get_section_values(const(CONF)* conf, + const(char)* section); + +int _CONF_add_string(CONF* conf, CONF_VALUE* section, CONF_VALUE* value); +char* _CONF_get_string(const(CONF)* conf, const(char)* section, + const(char)* name); +c_long _CONF_get_number(const(CONF)* conf, const(char)* section, const(char)* name); + +int _CONF_new_data(CONF* conf); +void _CONF_free_data(CONF* conf); diff --git a/deimos/openssl/crypto.d b/deimos/openssl/crypto.d new file mode 100644 index 0000000..b08ddc1 --- /dev/null +++ b/deimos/openssl/crypto.d @@ -0,0 +1,605 @@ +/* crypto/crypto.h */ +/* ==================================================================== + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECDH support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ + +module deimos.openssl.crypto; + +import deimos.openssl._d_util; + +import core.stdc.stdlib; + +public import deimos.openssl.e_os2; + +version(OPENSSL_NO_FP_API) {} else { +import core.stdc.stdio; +} + +public import deimos.openssl.stack; +public import deimos.openssl.safestack; +public import deimos.openssl.opensslv; +public import deimos.openssl.ossl_typ; + +version (CHARSET_EBCDIC) { +public import deimos.openssl.ebcdic; +} + +/* Resolve problems on some operating systems with symbol names that clash + one way or another */ +public import deimos.openssl.symhacks; + +extern (C): +nothrow: + +/* Backward compatibility to SSLeay */ +/* This is more to be used to check the correct DLL is being used + * in the MS world. */ +alias OPENSSL_VERSION_NUMBER SSLEAY_VERSION_NUMBER; +enum SSLEAY_VERSION = 0; +/* enum SSLEAY_OPTIONS = 1; no longer supported */ +enum SSLEAY_CFLAGS = 2; +enum SSLEAY_BUILT_ON = 3; +enum SSLEAY_PLATFORM = 4; +enum SSLEAY_DIR = 5; + +/* Already declared in ossl_typ.h */ +/+#if 0 +alias crypto_ex_data_st CRYPTO_EX_DATA; +/* Called when a new object is created */ +typedef int CRYPTO_EX_new(void* parent, void* ptr, CRYPTO_EX_DATA* ad, + int idx, c_long argl, void* argp); +/* Called when an object is free()ed */ +typedef void CRYPTO_EX_free(void* parent, void* ptr, CRYPTO_EX_DATA* ad, + int idx, c_long argl, void* argp); +/* Called when we need to dup an object */ +typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA* to, CRYPTO_EX_DATA* from, void* from_d, + int idx, c_long argl, void* argp); +#endif+/ + +/* A generic structure to pass assorted data in a expandable way */ +struct openssl_item_st { + int code; + void* value; /* Not used for flag attributes */ + size_t value_size; /* Max size of value for output, length for input */ + size_t* value_length; /* Returned length of value for output */ + } +alias openssl_item_st OPENSSL_ITEM; + + +/* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock + * names in cryptlib.c + */ + +enum CRYPTO_LOCK_ERR = 1; +enum CRYPTO_LOCK_EX_DATA = 2; +enum CRYPTO_LOCK_X509 = 3; +enum CRYPTO_LOCK_X509_INFO = 4; +enum CRYPTO_LOCK_X509_PKEY = 5; +enum CRYPTO_LOCK_X509_CRL = 6; +enum CRYPTO_LOCK_X509_REQ = 7; +enum CRYPTO_LOCK_DSA = 8; +enum CRYPTO_LOCK_RSA = 9; +enum CRYPTO_LOCK_EVP_PKEY = 10; +enum CRYPTO_LOCK_X509_STORE = 11; +enum CRYPTO_LOCK_SSL_CTX = 12; +enum CRYPTO_LOCK_SSL_CERT = 13; +enum CRYPTO_LOCK_SSL_SESSION = 14; +enum CRYPTO_LOCK_SSL_SESS_CERT = 15; +enum CRYPTO_LOCK_SSL = 16; +enum CRYPTO_LOCK_SSL_METHOD = 17; +enum CRYPTO_LOCK_RAND = 18; +enum CRYPTO_LOCK_RAND2 = 19; +enum CRYPTO_LOCK_MALLOC = 20; +enum CRYPTO_LOCK_BIO = 21; +enum CRYPTO_LOCK_GETHOSTBYNAME = 22; +enum CRYPTO_LOCK_GETSERVBYNAME = 23; +enum CRYPTO_LOCK_READDIR = 24; +enum CRYPTO_LOCK_RSA_BLINDING = 25; +enum CRYPTO_LOCK_DH = 26; +enum CRYPTO_LOCK_MALLOC2 = 27; +enum CRYPTO_LOCK_DSO = 28; +enum CRYPTO_LOCK_DYNLOCK = 29; +enum CRYPTO_LOCK_ENGINE = 30; +enum CRYPTO_LOCK_UI = 31; +enum CRYPTO_LOCK_ECDSA = 32; +enum CRYPTO_LOCK_EC = 33; +enum CRYPTO_LOCK_ECDH = 34; +enum CRYPTO_LOCK_BN = 35; +enum CRYPTO_LOCK_EC_PRE_COMP = 36; +enum CRYPTO_LOCK_STORE = 37; +enum CRYPTO_LOCK_COMP = 38; +enum CRYPTO_LOCK_FIPS = 39; +enum CRYPTO_LOCK_FIPS2 = 40; +enum CRYPTO_NUM_LOCKS = 41; + +enum CRYPTO_LOCK = 1; +enum CRYPTO_UNLOCK = 2; +enum CRYPTO_READ = 4; +enum CRYPTO_WRITE = 8; + +version (OPENSSL_NO_LOCKING) { + void CRYPTO_w_lock()(int type) {} + void CRYPTO_w_unlock()(int type) {} + void CRYPTO_r_lock()(int type) {} + void CRYPTO_r_unlock()(int type) {} + void CRYPTO_add()(int* addr, int amount, int type) { *addr += amount; } +} else { + void CRYPTO_w_lock(string file = __FILE__, size_t line = __LINE__)(int type) { + CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,file.ptr,line); + } + void CRYPTO_w_unlock(string file = __FILE__, size_t line = __LINE__)(int type) { + CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,file.ptr,line); + } + void CRYPTO_r_lock(string file = __FILE__, size_t line = __LINE__)(int type) { + CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,file.ptr,line); + } + void CRYPTO_r_unlock(string file = __FILE__, size_t line = __LINE__)(int type) { + CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,file.ptr,line); + } + void CRYPTO_add(string file = __FILE__, size_t line = __LINE__)(int* addr, int amount, int type) { + CRYPTO_add_lock(addr,amount,type,file.ptr,line); + } +} + +/* Some applications as well as some parts of OpenSSL need to allocate + and deallocate locks in a dynamic fashion. The following typedef + makes this possible in a type-safe manner. */ +/* CRYPTO_dynlock_value has to be defined by the application. */ +// FIXME: struct CRYPTO_dynlock_value; +struct CRYPTO_dynlock + { + int references; + CRYPTO_dynlock_value* data; + } + + +/* The following can be used to detect memory leaks in the SSLeay library. + * It used, it turns on malloc checking */ + +enum CRYPTO_MEM_CHECK_OFF = 0x0; /* an enume */ +enum CRYPTO_MEM_CHECK_ON = 0x1; /* a bit */ +enum CRYPTO_MEM_CHECK_ENABLE = 0x2; /* a bit */ +enum CRYPTO_MEM_CHECK_DISABLE = 0x3; /* an enume */ + +/* The following are bit values to turn on or off options connected to the + * malloc checking functionality */ + +/* Adds time to the memory checking information */ +enum V_CRYPTO_MDEBUG_TIME = 0x1; /* a bit */ +/* Adds thread number to the memory checking information */ +enum V_CRYPTO_MDEBUG_THREAD = 0x2; /* a bit */ + +enum V_CRYPTO_MDEBUG_ALL = (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD); + + +/* predec of the BIO type */ +import deimos.openssl.bio; /*struct bio_st;*/ +alias bio_st BIO_dummy; + +struct crypto_ex_data_st + { + STACK_OF!() *sk; + int dummy; /* gcc is screwing up this data structure :-( */ + }; +/+mixin DECLARE_STACK_OF!();+/ + +/* This stuff is basically class callback functions + * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */ + +struct crypto_ex_data_func_st { + c_long argl; /* Arbitary c_long */ + void* argp; /* Arbitary void* */ + CRYPTO_EX_new* new_func; + CRYPTO_EX_free* free_func; + CRYPTO_EX_dup* dup_func; + } +alias crypto_ex_data_func_st CRYPTO_EX_DATA_FUNCS; + +/+mixin DECLARE_STACK_OF!(CRYPTO_EX_DATA_FUNCS);+/ + +/* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA + * entry. + */ + +enum CRYPTO_EX_INDEX_BIO = 0; +enum CRYPTO_EX_INDEX_SSL = 1; +enum CRYPTO_EX_INDEX_SSL_CTX = 2; +enum CRYPTO_EX_INDEX_SSL_SESSION = 3; +enum CRYPTO_EX_INDEX_X509_STORE = 4; +enum CRYPTO_EX_INDEX_X509_STORE_CTX = 5; +enum CRYPTO_EX_INDEX_RSA = 6; +enum CRYPTO_EX_INDEX_DSA = 7; +enum CRYPTO_EX_INDEX_DH = 8; +enum CRYPTO_EX_INDEX_ENGINE = 9; +enum CRYPTO_EX_INDEX_X509 = 10; +enum CRYPTO_EX_INDEX_UI = 11; +enum CRYPTO_EX_INDEX_ECDSA = 12; +enum CRYPTO_EX_INDEX_ECDH = 13; +enum CRYPTO_EX_INDEX_COMP = 14; +enum CRYPTO_EX_INDEX_STORE = 15; + +/* Dynamically assigned indexes start from this value (don't use directly, use + * via CRYPTO_ex_data_new_class). */ +enum CRYPTO_EX_INDEX_USER = 100; + + +/* This is the default callbacks, but we can have others as well: + * this is needed in Win32 where the application malloc and the + * library malloc may not be the same. + */ +void CRYPTO_malloc_init()() { + CRYPTO_set_mem_functions(&malloc, &realloc, &free); +} + +/+#if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD +# ifndef CRYPTO_MDEBUG /* avoid duplicate #define */ +# define CRYPTO_MDEBUG +# endif +#endif+/ + +/* Set standard debugging functions (not done by default + * unless CRYPTO_MDEBUG is defined) */ +void CRYPTO_malloc_debug_init()() { + CRYPTO_set_mem_debug_functions(&CRYPTO_dbg_malloc, &CRYPTO_dbg_realloc, + &CRYPTO_dbg_free, &CRYPTO_dbg_set_options, &CRYPTO_dbg_get_options); +} + +int CRYPTO_mem_ctrl(int mode); +int CRYPTO_is_mem_check_on(); + +/* for applications */ +int MemCheck_start()() { return CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); } +int MemCheck_stop()(){ return CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF); } + +/* for library-internal use */ +int MemCheck_on()() { return CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE); } +int MemCheck_off()() { return CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE); } +alias CRYPTO_is_mem_check_on is_MemCheck_on; + +auto OPENSSL_malloc(string file = __FILE__, size_t line = __LINE__)(int num) { + return CRYPTO_malloc(num,file.ptr,line); +} +auto OPENSSL_strdup(string file = __FILE__, size_t line = __LINE__)(const(char)* str) { + return CRYPTO_strdup(str,file.ptr,line); +} +auto OPENSSL_realloc(string file = __FILE__, size_t line = __LINE__)(void* addr, int num) { + return CRYPTO_realloc(addr,num,file.ptr,line); +} +auto OPENSSL_realloc_clean(string file = __FILE__, size_t line = __LINE__)(void* addr,int old_num,int num) { + CRYPTO_realloc_clean(addr,old_num,num,file.ptr,line); +} +auto OPENSSL_remalloc(string file = __FILE__, size_t line = __LINE__)(void** addr, int num) { + return CRYPTO_remalloc(cast(char**)addr,num,file.ptr,line); +} +alias CRYPTO_free OPENSSL_freeFunc; +alias CRYPTO_free OPENSSL_free; + +auto OPENSSL_malloc_locked(string file = __FILE__, size_t line = __LINE__)(int num) { + return CRYPTO_malloc_locked(num, file.ptr, line); +} +alias CRYPTO_free_locked OPENSSL_free_locked; + + +const(char)* SSLeay_version(int type); +c_ulong SSLeay(); + +int OPENSSL_issetugid(); + +/* An opaque type representing an implementation of "ex_data" support */ +struct st_CRYPTO_EX_DATA_IMPL; +alias st_CRYPTO_EX_DATA_IMPL CRYPTO_EX_DATA_IMPL; +/* Return an opaque pointer to the current "ex_data" implementation */ +const(CRYPTO_EX_DATA_IMPL)* CRYPTO_get_ex_data_implementation(); +/* Sets the "ex_data" implementation to be used (if it's not too late) */ +int CRYPTO_set_ex_data_implementation(const(CRYPTO_EX_DATA_IMPL)* i); +/* Get a new "ex_data" class, and return the corresponding "class_index" */ +int CRYPTO_ex_data_new_class(); +/* Within a given class, get/register a new index */ +int CRYPTO_get_ex_new_index(int class_index, c_long argl, void* argp, + CRYPTO_EX_new* new_func, CRYPTO_EX_dup* dup_func, + CRYPTO_EX_free* free_func); +/* Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a given + * class (invokes whatever per-class callbacks are applicable) */ +int CRYPTO_new_ex_data(int class_index, void* obj, CRYPTO_EX_DATA* ad); +int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA* to, + CRYPTO_EX_DATA* from); +void CRYPTO_free_ex_data(int class_index, void* obj, CRYPTO_EX_DATA* ad); +/* Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular index + * (relative to the class type involved) */ +int CRYPTO_set_ex_data(CRYPTO_EX_DATA* ad, int idx, void* val); +void* CRYPTO_get_ex_data(const(CRYPTO_EX_DATA)* ad,int idx); + +int CRYPTO_get_new_lockid(char* name); + +void CRYPTO_lock(int mode, int type,const(char)* file,int line); + +/* Don't use this structure directly. */ +struct crypto_threadid_st { + void* ptr; + c_ulong val; + } +alias crypto_threadid_st CRYPTO_THREADID; +/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */ +void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID* id, c_ulong val); +void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID* id, void* ptr); +int CRYPTO_THREADID_set_callback(ExternC!(void function(CRYPTO_THREADID*)) threadid_func); +ExternC!(void function(CRYPTO_THREADID*)) CRYPTO_THREADID_get_callback(); +void CRYPTO_THREADID_current(CRYPTO_THREADID* id); +int CRYPTO_THREADID_cmp(const(CRYPTO_THREADID)* a, const(CRYPTO_THREADID)* b); +void CRYPTO_THREADID_cpy(CRYPTO_THREADID* dest, const(CRYPTO_THREADID)* src); +c_ulong CRYPTO_THREADID_hash(const(CRYPTO_THREADID)* id); +version(OPENSSL_NO_DEPRECATED) {} else { +void CRYPTO_set_id_callback(ExternC!(c_ulong function()) func); +ExternC!(c_ulong function()) CRYPTO_get_id_callback(); +c_ulong CRYPTO_thread_id(); +} + +const(char)* CRYPTO_get_lock_name(int type); +int CRYPTO_add_lock(int* pointer,int amount,int type, const(char)* file, + int line); + +int CRYPTO_get_new_dynlockid(); +void CRYPTO_destroy_dynlockid(int i); +struct CRYPTO_dynlock_value; +CRYPTO_dynlock_value* CRYPTO_get_dynlock_value(int i); + +/* CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions -- + * call the latter last if you need different functions */ +int CRYPTO_set_mem_functions(ExternC!(void* function(size_t)) m,ExternC!(void* function(void*,size_t)) r, ExternC!(void function(void*)) f); +int CRYPTO_set_locked_mem_functions(ExternC!(void* function(size_t)) m, ExternC!(void function(void*)) free_func); +int CRYPTO_set_mem_ex_functions(ExternC!(void* function(size_t,const(char)*,int)) m, + ExternC!(void* function(void*,size_t,const(char)*,int)) r, + ExternC!(void function(void*)) f); +int CRYPTO_set_locked_mem_ex_functions(ExternC!(void* function(size_t,const(char)*,int)) m, + ExternC!(void function(void*)) free_func); +int CRYPTO_set_mem_debug_functions(ExternC!(void function(void*,int,const(char)*,int,int)) m, + ExternC!(void function(void*,void*,int,const(char)*,int,int)) r, + ExternC!(void function(void*,int)) f, + ExternC!(void function(c_long)) so, + ExternC!(c_long function()) go); +void CRYPTO_get_mem_functions(ExternC!(void* function(size_t))* m,ExternC!(void* function(void*, size_t))* r, ExternC!(void function(void*))* f); +void CRYPTO_get_locked_mem_functions(ExternC!(void* function(size_t))* m, ExternC!(void function(void*))* f); +void CRYPTO_get_mem_ex_functions(ExternC!(void* function(size_t,const(char)*,int))* m, + ExternC!(void* function(void*, size_t,const(char)*,int))* r, + ExternC!(void function(void*))* f); +void CRYPTO_get_locked_mem_ex_functions(ExternC!(void* function(size_t,const(char)*,int))* m, + ExternC!(void function(void*))* f); +void CRYPTO_get_mem_debug_functions(ExternC!(void function(void*,int,const(char)*,int,int))* m, + ExternC!(void function(void*,void*,int,const(char)*,int,int))* r, + ExternC!(void function(void*,int))* f, + ExternC!(void function(c_long))* so, + ExternC!(c_long function())* go); + +void* CRYPTO_malloc_locked(int num, const(char)* file, int line); +void CRYPTO_free_locked(void* ptr); +void* CRYPTO_malloc(int num, const(char)* file, int line); +char* CRYPTO_strdup(const(char)* str, const(char)* file, int line); +void CRYPTO_free(void* ptr); +void* CRYPTO_realloc(void* addr,int num, const(char)* file, int line); +void* CRYPTO_realloc_clean(void* addr,int old_num,int num,const(char)* file, + int line); +void* CRYPTO_remalloc(void* addr,int num, const(char)* file, int line); + +void OPENSSL_cleanse(void* ptr, size_t len); + +void CRYPTO_set_mem_debug_options(c_long bits); +c_long CRYPTO_get_mem_debug_options(); + +auto CRYPTO_push_info(string file = __FILE__, size_t line = __LINE__)(const(char)* info) { + return CRYPTO_push_info_(info, file.ptr, line); +} +int CRYPTO_push_info_(const(char)* info, const(char)* file, int line); +int CRYPTO_pop_info(); +int CRYPTO_remove_all_info(); + + +/* Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro; + * used as default in CRYPTO_MDEBUG compilations): */ +/* The last argument has the following significance: + * + * 0: called before the actual memory allocation has taken place + * 1: called after the actual memory allocation has taken place + */ +void CRYPTO_dbg_malloc(void* addr,int num,const(char)* file,int line,int before_p); +void CRYPTO_dbg_realloc(void* addr1,void* addr2,int num,const(char)* file,int line,int before_p); +void CRYPTO_dbg_free(void* addr,int before_p); +/* Tell the debugging code about options. By default, the following values + * apply: + * + * 0: Clear all options. + * V_CRYPTO_MDEBUG_TIME (1): Set the "Show Time" option. + * V_CRYPTO_MDEBUG_THREAD (2): Set the "Show Thread Number" option. + * V_CRYPTO_MDEBUG_ALL (3): 1 + 2 + */ +void CRYPTO_dbg_set_options(c_long bits); +c_long CRYPTO_dbg_get_options(); + + +version(OPENSSL_NO_FP_API) {} else { +void CRYPTO_mem_leaks_fp(FILE*); +} +void CRYPTO_mem_leaks(bio_st* bio); +/* c_ulong order, char* file, int line, int num_bytes, char* addr */ +alias typeof(*(void* function (c_ulong, const(char)*, int, int, void*)).init) CRYPTO_MEM_LEAK_CB; +void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB* cb); + +/* die if we have to */ +void OpenSSLDie(const(char)* file,int line,const(char)* assertion); +void OPENSSL_assert(string file = __FILE__, size_t line = __LINE__)(int e) { + if (!e) OpenSSLDie(file.ptr, line, "assertion failed"); // No good way to translate. +} + +c_ulong* OPENSSL_ia32cap_loc(); +auto OPENSSL_ia32cap()(){ return* OPENSSL_ia32cap_loc(); } +int OPENSSL_isservice(); + +int FIPS_mode(); +int FIPS_mode_set(int r); + +void OPENSSL_init(); + +/+ // TODO: only needed for implementation +#define fips_md_init(alg) fips_md_init_ctx(alg, alg) + +#ifdef OPENSSL_FIPS +#define fips_md_init_ctx(alg, cx) \ + int alg##_Init(cx##_CTX *c) \ + { \ + if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \ + "Low level API call to digest " #alg " forbidden in FIPS mode!"); \ + return private_##alg##_Init(c); \ + } \ + int private_##alg##_Init(cx##_CTX *c) + +#define fips_cipher_abort(alg) \ + if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \ + "Low level API call to cipher " #alg " forbidden in FIPS mode!") + +#else +#define fips_md_init_ctx(alg, cx) \ + int alg##_Init(cx##_CTX *c) +#define fips_cipher_abort(alg) while(0) +#endif ++/ + +/* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal. It + * takes an amount of time dependent on |len|, but independent of the contents + * of |a| and |b|. Unlike memcmp, it cannot be used to put elements into a + * defined order as the return value when a != b is undefined, other than to be + * non-zero. */ +int CRYPTO_memcmp(const(void)* a, const(void)* b, size_t len); + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_CRYPTO_strings(); + +/* Error codes for the CRYPTO functions. */ + +/* Function codes. */ +enum CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX = 100; +enum CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID = 103; +enum CRYPTO_F_CRYPTO_GET_NEW_LOCKID = 101; +enum CRYPTO_F_CRYPTO_SET_EX_DATA = 102; +enum CRYPTO_F_DEF_ADD_INDEX = 104; +enum CRYPTO_F_DEF_GET_CLASS = 105; +enum CRYPTO_F_FIPS_MODE_SET = 109; +enum CRYPTO_F_INT_DUP_EX_DATA = 106; +enum CRYPTO_F_INT_FREE_EX_DATA = 107; +enum CRYPTO_F_INT_NEW_EX_DATA = 108; + +/* Reason codes. */ +enum CRYPTO_R_FIPS_MODE_NOT_SUPPORTED = 101; +enum CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK = 100; diff --git a/deimos/openssl/des.d b/deimos/openssl/des.d new file mode 100644 index 0000000..83327f1 --- /dev/null +++ b/deimos/openssl/des.d @@ -0,0 +1,236 @@ +/* crypto/des/des.h */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.des; + +import deimos.openssl._d_util; + +public import deimos.openssl.e_os2; /* OPENSSL_EXTERN, OPENSSL_NO_DES, + DES_LONG (via openssl/opensslconf.h */ + +version (OPENSSL_NO_DES) { + static assert(false, "DES is disabled."); +} + + +extern (C): +nothrow: + +alias ubyte[8] DES_cblock; +alias ubyte[8] const_DES_cblock; +/* With "const", gcc 2.8.1 on Solaris thinks that DES_cblock* + * and const_DES_cblock* are incompatible pointer types. */ + +struct DES_ks + { + union ks_ + { + DES_cblock cblock; + /* make sure things are correct size on machines with + * 8 byte longs */ + DES_LONG[2] deslong; + } + ks_[16] ks; + } +alias DES_ks DES_key_schedule; + +// #ifndef OPENSSL_DISABLE_OLD_DES_SUPPORT +// # ifndef OPENSSL_ENABLE_OLD_DES_SUPPORT +// # define OPENSSL_ENABLE_OLD_DES_SUPPORT +// # endif +// #endif + +version (OPENSSL_ENABLE_OLD_DES_SUPPORT) { +public import deimos.openssl.des_old; +} + +enum DES_KEY_SZ = DES_cblock.sizeof; +enum DES_SCHEDULE_SZ = DES_key_schedule.sizeof; + +enum DES_ENCRYPT = 1; +enum DES_DECRYPT = 0; + +enum DES_CBC_MODE = 0; +enum DES_PCBC_MODE = 1; + +alias DES_ecb3_encrypt DES_ecb2_encrypt; + +alias DES_ede3_cbc_encrypt DES_ede2_cbc_encrypt; + +alias DES_ede3_cfb64_encrypt DES_ede2_cfb64_encrypt; + +alias DES_ede3_ofb64_encrypt DES_ede2_ofb64_encrypt; + +extern int _shadow_DES_check_key; /* defaults to false */ +alias _shadow_DES_check_key DES_check_key; +extern int _shadow_DES_rw_mode; /* defaults to DES_PCBC_MODE */ +alias _shadow_DES_rw_mode DES_rw_mode; + +const(char)* DES_options(); +void DES_ecb3_encrypt(const_DES_cblock* input, DES_cblock* output, + DES_key_schedule* ks1,DES_key_schedule* ks2, + DES_key_schedule* ks3, int enc); +DES_LONG DES_cbc_cksum(const(ubyte)* input,DES_cblock* output, + c_long length,DES_key_schedule* schedule, + const_DES_cblock* ivec); +/* DES_cbc_encrypt does not update the IV! Use DES_ncbc_encrypt instead. */ +void DES_cbc_encrypt(const(ubyte)* input,ubyte* output, + c_long length,DES_key_schedule* schedule,DES_cblock* ivec, + int enc); +void DES_ncbc_encrypt(const(ubyte)* input,ubyte* output, + c_long length,DES_key_schedule* schedule,DES_cblock* ivec, + int enc); +void DES_xcbc_encrypt(const(ubyte)* input,ubyte* output, + c_long length,DES_key_schedule* schedule,DES_cblock* ivec, + const_DES_cblock* inw,const_DES_cblock* outw,int enc); +void DES_cfb_encrypt(const(ubyte)* in_,ubyte* out_,int numbits, + c_long length,DES_key_schedule* schedule,DES_cblock* ivec, + int enc); +void DES_ecb_encrypt(const_DES_cblock* input,DES_cblock* output, + DES_key_schedule* ks,int enc); + +/* This is the DES encryption function that gets called by just about + every other DES routine in the library. You should not use this + function except to implement 'modes' of DES. I say this because the + functions that call this routine do the conversion from 'char* ' to + c_long, and this needs to be done to make sure 'non-aligned' memory + access do not occur. The characters are loaded 'little endian'. + Data is a pointer to 2 c_ulong's and ks is the + DES_key_schedule to use. enc, is non zero specifies encryption, + zero if decryption. */ +void DES_encrypt1(DES_LONG* data,DES_key_schedule* ks, int enc); + +/* This functions is the same as DES_encrypt1() except that the DES + initial permutation (IP) and final permutation (FP) have been left + out. As for DES_encrypt1(), you should not use this function. + It is used by the routines in the library that implement triple DES. + IP() DES_encrypt2() DES_encrypt2() DES_encrypt2() FP() is the same + as DES_encrypt1() DES_encrypt1() DES_encrypt1() except faster :-). */ +void DES_encrypt2(DES_LONG* data,DES_key_schedule* ks, int enc); + +void DES_encrypt3(DES_LONG* data, DES_key_schedule* ks1, + DES_key_schedule* ks2, DES_key_schedule* ks3); +void DES_decrypt3(DES_LONG* data, DES_key_schedule* ks1, + DES_key_schedule* ks2, DES_key_schedule* ks3); +void DES_ede3_cbc_encrypt(const(ubyte)* input,ubyte* output, + c_long length, + DES_key_schedule* ks1,DES_key_schedule* ks2, + DES_key_schedule* ks3,DES_cblock* ivec,int enc); +void DES_ede3_cbcm_encrypt(const(ubyte)* in_,ubyte* out_, + c_long length, + DES_key_schedule* ks1,DES_key_schedule* ks2, + DES_key_schedule* ks3, + DES_cblock* ivec1,DES_cblock* ivec2, + int enc); +void DES_ede3_cfb64_encrypt(const(ubyte)* in_,ubyte* out_, + c_long length,DES_key_schedule* ks1, + DES_key_schedule* ks2,DES_key_schedule* ks3, + DES_cblock* ivec,int* num,int enc); +void DES_ede3_cfb_encrypt(const(ubyte)* in_,ubyte* out_, + int numbits,c_long length,DES_key_schedule* ks1, + DES_key_schedule* ks2,DES_key_schedule* ks3, + DES_cblock* ivec,int enc); +void DES_ede3_ofb64_encrypt(const(ubyte)* in_,ubyte* out_, + c_long length,DES_key_schedule* ks1, + DES_key_schedule* ks2,DES_key_schedule* ks3, + DES_cblock* ivec,int* num); +version (none) { +void DES_xwhite_in2out(const_DES_cblock* DES_key,const_DES_cblock* in_white, + DES_cblock* out_white); +} + +int DES_enc_read(int fd,void* buf,int len,DES_key_schedule* sched, + DES_cblock* iv); +int DES_enc_write(int fd,const(void)* buf,int len,DES_key_schedule* sched, + DES_cblock* iv); +char* DES_fcrypt(const(char)* buf,const(char)* salt, char* ret); +char* DES_crypt(const(char)* buf,const(char)* salt); +void DES_ofb_encrypt(const(ubyte)* in_,ubyte* out_,int numbits, + c_long length,DES_key_schedule* schedule,DES_cblock* ivec); +void DES_pcbc_encrypt(const(ubyte)* input,ubyte* output, + c_long length,DES_key_schedule* schedule,DES_cblock* ivec, + int enc); +DES_LONG DES_quad_cksum(const(ubyte)* input,DES_cblock[] output, + c_long length,int out_count,DES_cblock* seed); +int DES_random_key(DES_cblock* ret); +void DES_set_odd_parity(DES_cblock* key); +int DES_check_key_parity(const_DES_cblock* key); +int DES_is_weak_key(const_DES_cblock* key); +/* DES_set_key (= set_key = DES_key_sched = key_sched) calls + * DES_set_key_checked if global variable DES_check_key is set, + * DES_set_key_unchecked otherwise. */ +int DES_set_key(const_DES_cblock* key,DES_key_schedule* schedule); +int DES_key_sched(const_DES_cblock* key,DES_key_schedule* schedule); +int DES_set_key_checked(const_DES_cblock* key,DES_key_schedule* schedule); +void DES_set_key_unchecked(const_DES_cblock* key,DES_key_schedule* schedule); +version(OPENSSL_FIPS) { +void private_DES_set_key_unchecked(const_DES_cblock* key,DES_key_schedule* schedule); +} +void DES_string_to_key(const(char)* str,DES_cblock* key); +void DES_string_to_2keys(const(char)* str,DES_cblock* key1,DES_cblock* key2); +void DES_cfb64_encrypt(const(ubyte)* in_,ubyte* out_,c_long length, + DES_key_schedule* schedule,DES_cblock* ivec,int* num, + int enc); +void DES_ofb64_encrypt(const(ubyte)* in_,ubyte* out_,c_long length, + DES_key_schedule* schedule,DES_cblock* ivec,int* num); + +int DES_read_password(DES_cblock* key, const(char)* prompt, int verify); +int DES_read_2passwords(DES_cblock* key1, DES_cblock* key2, const(char)* prompt, + int verify); + +alias DES_set_odd_parity DES_fixup_key_parity; diff --git a/deimos/openssl/des_old.d b/deimos/openssl/des_old.d new file mode 100644 index 0000000..1b89972 --- /dev/null +++ b/deimos/openssl/des_old.d @@ -0,0 +1,440 @@ +/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */ + +/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING + * + * The function names in here are deprecated and are only present to + * provide an interface compatible with openssl 0.9.6 and older as + * well as libdes. OpenSSL now provides functions where "des_" has + * been replaced with "DES_" in the names, to make it possible to + * make incompatible changes that are needed for C type security and + * other stuff. + * + * This include files has two compatibility modes: + * + * - If OPENSSL_DES_LIBDES_COMPATIBILITY is defined, you get an API + * that is compatible with libdes and SSLeay. + * - If OPENSSL_DES_LIBDES_COMPATIBILITY isn't defined, you get an + * API that is compatible with OpenSSL 0.9.5x to 0.9.6x. + * + * Note that these modes break earlier snapshots of OpenSSL, where + * libdes compatibility was the only available mode or (later on) the + * prefered compatibility mode. However, after much consideration + * (and more or less violent discussions with external parties), it + * was concluded that OpenSSL should be compatible with earlier versions + * of itself before anything else. Also, in all honesty, libdes is + * an old beast that shouldn't really be used any more. + * + * Please consider starting to use the DES_ functions rather than the + * des_ ones. The des_ functions will disappear completely before + * OpenSSL 1.0! + * + * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING + */ + +/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL + * project 2001. + */ +/* ==================================================================== + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +/+ FIXME: Not yet ported. +module deimos.openssl.des; + +import deimos.openssl._d_util; + +public import deimos.openssl.e_os2; /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG */ + +version (OPENSSL_NO_DES) { + static assert(false, "DES is disabled."); +} + +#ifndef HEADER_NEW_DES_H +#error You must include des.h, not des_old.h directly. +#endif + +#ifdef _KERBEROS_DES_H +#error replaces . +#endif + +public import deimos.openssl.symhacks; + + +extern (C): +nothrow: + +#ifdef _ +#undef _ +#endif + +typedef ubyte _ossl_old_des_cblock[8]; +typedef struct _ossl_old_des_ks_struct + { + union { + _ossl_old_des_cblock _; + /* make sure things are correct size on machines with + * 8 byte longs */ + DES_LONG pad[2]; + } ks; + } _ossl_old_des_key_schedule[16]; + +#ifndef OPENSSL_DES_LIBDES_COMPATIBILITY +alias DES_cblock des_cblock; +alias const_DES_cblock const_des_cblock; +alias DES_key_schedule des_key_schedule; +#define des_ecb3_encrypt(i,o,k1,k2,k3,e)\ + DES_ecb3_encrypt((i),(o),&(k1),&(k2),&(k3),(e)) +#define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\ + DES_ede3_cbc_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(e)) +#define des_ede3_cbcm_encrypt(i,o,l,k1,k2,k3,iv1,iv2,e)\ + DES_ede3_cbcm_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv1),(iv2),(e)) +#define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\ + DES_ede3_cfb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n),(e)) +#define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\ + DES_ede3_ofb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n)) +#define des_options()\ + DES_options() +#define des_cbc_cksum(i,o,l,k,iv)\ + DES_cbc_cksum((i),(o),(l),&(k),(iv)) +#define des_cbc_encrypt(i,o,l,k,iv,e)\ + DES_cbc_encrypt((i),(o),(l),&(k),(iv),(e)) +#define des_ncbc_encrypt(i,o,l,k,iv,e)\ + DES_ncbc_encrypt((i),(o),(l),&(k),(iv),(e)) +#define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\ + DES_xcbc_encrypt((i),(o),(l),&(k),(iv),(inw),(outw),(e)) +#define des_cfb_encrypt(i,o,n,l,k,iv,e)\ + DES_cfb_encrypt((i),(o),(n),(l),&(k),(iv),(e)) +#define des_ecb_encrypt(i,o,k,e)\ + DES_ecb_encrypt((i),(o),&(k),(e)) +#define des_encrypt1(d,k,e)\ + DES_encrypt1((d),&(k),(e)) +#define des_encrypt2(d,k,e)\ + DES_encrypt2((d),&(k),(e)) +#define des_encrypt3(d,k1,k2,k3)\ + DES_encrypt3((d),&(k1),&(k2),&(k3)) +#define des_decrypt3(d,k1,k2,k3)\ + DES_decrypt3((d),&(k1),&(k2),&(k3)) +#define des_xwhite_in2out(k,i,o)\ + DES_xwhite_in2out((k),(i),(o)) +#define des_enc_read(f,b,l,k,iv)\ + DES_enc_read((f),(b),(l),&(k),(iv)) +#define des_enc_write(f,b,l,k,iv)\ + DES_enc_write((f),(b),(l),&(k),(iv)) +#define des_fcrypt(b,s,r)\ + DES_fcrypt((b),(s),(r)) +#if 0 +#define des_crypt(b,s)\ + DES_crypt((b),(s)) +#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__) +#define crypt(b,s)\ + DES_crypt((b),(s)) +#endif +#endif +#define des_ofb_encrypt(i,o,n,l,k,iv)\ + DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv)) +#define des_pcbc_encrypt(i,o,l,k,iv,e)\ + DES_pcbc_encrypt((i),(o),(l),&(k),(iv),(e)) +#define des_quad_cksum(i,o,l,c,s)\ + DES_quad_cksum((i),(o),(l),(c),(s)) +#define des_random_seed(k)\ + _ossl_096_des_random_seed((k)) +#define des_random_key(r)\ + DES_random_key((r)) +#define des_read_password(k,p,v) \ + DES_read_password((k),(p),(v)) +#define des_read_2passwords(k1,k2,p,v) \ + DES_read_2passwords((k1),(k2),(p),(v)) +#define des_set_odd_parity(k)\ + DES_set_odd_parity((k)) +#define des_check_key_parity(k)\ + DES_check_key_parity((k)) +#define des_is_weak_key(k)\ + DES_is_weak_key((k)) +#define des_set_key(k,ks)\ + DES_set_key((k),&(ks)) +#define des_key_sched(k,ks)\ + DES_key_sched((k),&(ks)) +#define des_set_key_checked(k,ks)\ + DES_set_key_checked((k),&(ks)) +#define des_set_key_unchecked(k,ks)\ + DES_set_key_unchecked((k),&(ks)) +#define des_string_to_key(s,k)\ + DES_string_to_key((s),(k)) +#define des_string_to_2keys(s,k1,k2)\ + DES_string_to_2keys((s),(k1),(k2)) +#define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\ + DES_cfb64_encrypt((i),(o),(l),&(ks),(iv),(n),(e)) +#define des_ofb64_encrypt(i,o,l,ks,iv,n)\ + DES_ofb64_encrypt((i),(o),(l),&(ks),(iv),(n)) + + +#define des_ecb2_encrypt(i,o,k1,k2,e) \ + des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e)) + +#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \ + des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e)) + +#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \ + des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e)) + +#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \ + des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n)) + +alias DES_check_key des_check_key; +alias DES_rw_mode des_rw_mode; +#else /* libdes compatibility */ +/* Map all symbol names to _ossl_old_des_* form, so we avoid all + clashes with libdes */ +alias _ossl_old_des_cblock des_cblock; +alias _ossl_old_des_key_schedule des_key_schedule; +#define des_ecb3_encrypt(i,o,k1,k2,k3,e)\ + _ossl_old_des_ecb3_encrypt((i),(o),(k1),(k2),(k3),(e)) +#define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\ + _ossl_old_des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(e)) +#define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\ + _ossl_old_des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n),(e)) +#define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\ + _ossl_old_des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n)) +#define des_options()\ + _ossl_old_des_options() +#define des_cbc_cksum(i,o,l,k,iv)\ + _ossl_old_des_cbc_cksum((i),(o),(l),(k),(iv)) +#define des_cbc_encrypt(i,o,l,k,iv,e)\ + _ossl_old_des_cbc_encrypt((i),(o),(l),(k),(iv),(e)) +#define des_ncbc_encrypt(i,o,l,k,iv,e)\ + _ossl_old_des_ncbc_encrypt((i),(o),(l),(k),(iv),(e)) +#define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\ + _ossl_old_des_xcbc_encrypt((i),(o),(l),(k),(iv),(inw),(outw),(e)) +#define des_cfb_encrypt(i,o,n,l,k,iv,e)\ + _ossl_old_des_cfb_encrypt((i),(o),(n),(l),(k),(iv),(e)) +#define des_ecb_encrypt(i,o,k,e)\ + _ossl_old_des_ecb_encrypt((i),(o),(k),(e)) +#define des_encrypt(d,k,e)\ + _ossl_old_des_encrypt((d),(k),(e)) +#define des_encrypt2(d,k,e)\ + _ossl_old_des_encrypt2((d),(k),(e)) +#define des_encrypt3(d,k1,k2,k3)\ + _ossl_old_des_encrypt3((d),(k1),(k2),(k3)) +#define des_decrypt3(d,k1,k2,k3)\ + _ossl_old_des_decrypt3((d),(k1),(k2),(k3)) +#define des_xwhite_in2out(k,i,o)\ + _ossl_old_des_xwhite_in2out((k),(i),(o)) +#define des_enc_read(f,b,l,k,iv)\ + _ossl_old_des_enc_read((f),(b),(l),(k),(iv)) +#define des_enc_write(f,b,l,k,iv)\ + _ossl_old_des_enc_write((f),(b),(l),(k),(iv)) +#define des_fcrypt(b,s,r)\ + _ossl_old_des_fcrypt((b),(s),(r)) +#define des_crypt(b,s)\ + _ossl_old_des_crypt((b),(s)) +#if 0 +#define crypt(b,s)\ + _ossl_old_crypt((b),(s)) +#endif +#define des_ofb_encrypt(i,o,n,l,k,iv)\ + _ossl_old_des_ofb_encrypt((i),(o),(n),(l),(k),(iv)) +#define des_pcbc_encrypt(i,o,l,k,iv,e)\ + _ossl_old_des_pcbc_encrypt((i),(o),(l),(k),(iv),(e)) +#define des_quad_cksum(i,o,l,c,s)\ + _ossl_old_des_quad_cksum((i),(o),(l),(c),(s)) +#define des_random_seed(k)\ + _ossl_old_des_random_seed((k)) +#define des_random_key(r)\ + _ossl_old_des_random_key((r)) +#define des_read_password(k,p,v) \ + _ossl_old_des_read_password((k),(p),(v)) +#define des_read_2passwords(k1,k2,p,v) \ + _ossl_old_des_read_2passwords((k1),(k2),(p),(v)) +#define des_set_odd_parity(k)\ + _ossl_old_des_set_odd_parity((k)) +#define des_is_weak_key(k)\ + _ossl_old_des_is_weak_key((k)) +#define des_set_key(k,ks)\ + _ossl_old_des_set_key((k),(ks)) +#define des_key_sched(k,ks)\ + _ossl_old_des_key_sched((k),(ks)) +#define des_string_to_key(s,k)\ + _ossl_old_des_string_to_key((s),(k)) +#define des_string_to_2keys(s,k1,k2)\ + _ossl_old_des_string_to_2keys((s),(k1),(k2)) +#define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\ + _ossl_old_des_cfb64_encrypt((i),(o),(l),(ks),(iv),(n),(e)) +#define des_ofb64_encrypt(i,o,l,ks,iv,n)\ + _ossl_old_des_ofb64_encrypt((i),(o),(l),(ks),(iv),(n)) + + +#define des_ecb2_encrypt(i,o,k1,k2,e) \ + des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e)) + +#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \ + des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e)) + +#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \ + des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e)) + +#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \ + des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n)) + +alias DES_check_key des_check_key; +alias DES_rw_mode des_rw_mode; +#endif + +const(char)* _ossl_old_des_options(); +void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock* input,_ossl_old_des_cblock* output, + _ossl_old_des_key_schedule ks1,_ossl_old_des_key_schedule ks2, + _ossl_old_des_key_schedule ks3, int enc); +DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock* input,_ossl_old_des_cblock* output, + c_long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock* ivec); +void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock* input,_ossl_old_des_cblock* output,c_long length, + _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock* ivec,int enc); +void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock* input,_ossl_old_des_cblock* output,c_long length, + _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock* ivec,int enc); +void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock* input,_ossl_old_des_cblock* output,c_long length, + _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock* ivec, + _ossl_old_des_cblock* inw,_ossl_old_des_cblock* outw,int enc); +void _ossl_old_des_cfb_encrypt(ubyte* in_,ubyte* out_,int numbits, + c_long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock* ivec,int enc); +void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock* input,_ossl_old_des_cblock* output, + _ossl_old_des_key_schedule ks,int enc); +void _ossl_old_des_encrypt(DES_LONG* data,_ossl_old_des_key_schedule ks, int enc); +void _ossl_old_des_encrypt2(DES_LONG* data,_ossl_old_des_key_schedule ks, int enc); +void _ossl_old_des_encrypt3(DES_LONG* data, _ossl_old_des_key_schedule ks1, + _ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3); +void _ossl_old_des_decrypt3(DES_LONG* data, _ossl_old_des_key_schedule ks1, + _ossl_old_des_key_schedule ks2, _ossl_old_des_key_schedule ks3); +void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock* input, _ossl_old_des_cblock* output, + c_long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2, + _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock* ivec, int enc); +void _ossl_old_des_ede3_cfb64_encrypt(ubyte* in_, ubyte* out_, + c_long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2, + _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock* ivec, int* num, int enc); +void _ossl_old_des_ede3_ofb64_encrypt(ubyte* in_, ubyte* out_, + c_long length, _ossl_old_des_key_schedule ks1, _ossl_old_des_key_schedule ks2, + _ossl_old_des_key_schedule ks3, _ossl_old_des_cblock* ivec, int* num); +#if 0 +void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key), _ossl_old_des_cblock (*in_white), + _ossl_old_des_cblock (*out_white)); +#endif + +int _ossl_old_des_enc_read(int fd,char* buf,int len,_ossl_old_des_key_schedule sched, + _ossl_old_des_cblock* iv); +int _ossl_old_des_enc_write(int fd,char* buf,int len,_ossl_old_des_key_schedule sched, + _ossl_old_des_cblock* iv); +char* _ossl_old_des_fcrypt(const(char)* buf,const(char)* salt, char* ret); +char* _ossl_old_des_crypt(const(char)* buf,const(char)* salt); +#if !defined(PERL5) && !defined(NeXT) +char* _ossl_old_crypt(const(char)* buf,const(char)* salt); +#endif +void _ossl_old_des_ofb_encrypt(ubyte* in_,ubyte* out_, + int numbits,c_long length,_ossl_old_des_key_schedule schedule,_ossl_old_des_cblock* ivec); +void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock* input,_ossl_old_des_cblock* output,c_long length, + _ossl_old_des_key_schedule schedule,_ossl_old_des_cblock* ivec,int enc); +DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock* input,_ossl_old_des_cblock* output, + c_long length,int out_count,_ossl_old_des_cblock* seed); +void _ossl_old_des_random_seed(_ossl_old_des_cblock key); +void _ossl_old_des_random_key(_ossl_old_des_cblock ret); +int _ossl_old_des_read_password(_ossl_old_des_cblock* key,const(char)* prompt,int verify); +int _ossl_old_des_read_2passwords(_ossl_old_des_cblock* key1,_ossl_old_des_cblock* key2, + const(char)* prompt,int verify); +void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock* key); +int _ossl_old_des_is_weak_key(_ossl_old_des_cblock* key); +int _ossl_old_des_set_key(_ossl_old_des_cblock* key,_ossl_old_des_key_schedule schedule); +int _ossl_old_des_key_sched(_ossl_old_des_cblock* key,_ossl_old_des_key_schedule schedule); +void _ossl_old_des_string_to_key(char* str,_ossl_old_des_cblock* key); +void _ossl_old_des_string_to_2keys(char* str,_ossl_old_des_cblock* key1,_ossl_old_des_cblock* key2); +void _ossl_old_des_cfb64_encrypt(ubyte* in_, ubyte* out_, c_long length, + _ossl_old_des_key_schedule schedule, _ossl_old_des_cblock* ivec, int* num, int enc); +void _ossl_old_des_ofb64_encrypt(ubyte* in_, ubyte* out_, c_long length, + _ossl_old_des_key_schedule schedule, _ossl_old_des_cblock* ivec, int* num); + +void _ossl_096_des_random_seed(des_cblock* key); + +/* The following definitions provide compatibility with the MIT Kerberos + * library. The _ossl_old_des_key_schedule structure is not binary compatible. */ + +#define _KERBEROS_DES_H + +alias DES_ENCRYPT KRBDES_ENCRYPT; +alias DES_DECRYPT KRBDES_DECRYPT; + +#ifdef KERBEROS +# define ENCRYPT DES_ENCRYPT +# define DECRYPT DES_DECRYPT +#endif + +#ifndef NCOMPAT +# define C_Block des_cblock +# define Key_schedule des_key_schedule +# define KEY_SZ DES_KEY_SZ +# define string_to_key des_string_to_key +# define read_pw_string des_read_pw_string +# define random_key des_random_key +# define pcbc_encrypt des_pcbc_encrypt +# define set_key des_set_key +# define key_sched des_key_sched +# define ecb_encrypt des_ecb_encrypt +# define cbc_encrypt des_cbc_encrypt +# define ncbc_encrypt des_ncbc_encrypt +# define xcbc_encrypt des_xcbc_encrypt +# define cbc_cksum des_cbc_cksum +# define quad_cksum des_quad_cksum +# define check_parity des_check_key_parity +#endif + +alias DES_fixup_key_parity des_fixup_key_parity; + +/* for DES_read_pw_string et al */ +public import deimos.openssl.ui_compat; + +#endif ++/ \ No newline at end of file diff --git a/deimos/openssl/dh.d b/deimos/openssl/dh.d new file mode 100644 index 0000000..340141c --- /dev/null +++ b/deimos/openssl/dh.d @@ -0,0 +1,280 @@ +/* crypto/dh/dh.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.dh; + +import deimos.openssl._d_util; + +import deimos.openssl.evp; // Needed for EVP_PKEY_ALG_CTRL. + +public import deimos.openssl.e_os2; + +version (OPENSSL_NO_DH) { + static assert(false, "DH is disabled."); +} + +version(OPENSSL_NO_BIO) {} else { +public import deimos.openssl.bio; +} +public import deimos.openssl.ossl_typ; +version(OPENSSL_NO_DEPRECATED) {} else { +public import deimos.openssl.bn; +} + +// #ifndef OPENSSL_DH_MAX_MODULUS_BITS +enum OPENSSL_DH_MAX_MODULUS_BITS = 10000; +// #endif + +enum DH_FLAG_CACHE_MONT_P = 0x01; +enum DH_FLAG_NO_EXP_CONSTTIME = 0x02; /* new with 0.9.7h; the built-in DH + * implementation now uses constant time + * modular exponentiation for secret exponents + * by default. This flag causes the + * faster variable sliding window method to + * be used for all exponents. + */ + +/* If this flag is set the DH method is FIPS compliant and can be used + * in FIPS mode. This is set in the validated module method. If an + * application sets this flag in its own methods it is its reposibility + * to ensure the result is compliant. + */ + +enum DH_FLAG_FIPS_METHOD = 0x0400; + +/* If this flag is set the operations normally disabled in FIPS mode are + * permitted it is then the applications responsibility to ensure that the + * usage is compliant. + */ + +enum DH_FLAG_NON_FIPS_ALLOW = 0x0400; + +extern (C): +nothrow: + +/* Already defined in ossl_typ.h */ +/* typedef dh_st DH; */ +/* typedef dh_method DH_METHOD; */ + +struct dh_method + { + const(char)* name; + /* Methods here */ + ExternC!(int function(DH* dh)) generate_key; + ExternC!(int function(ubyte* key,const(BIGNUM)* pub_key,DH* dh)) compute_key; + ExternC!(int function(const(DH)* dh, BIGNUM* r, const(BIGNUM)* a, + const(BIGNUM)* p, const(BIGNUM)* m, BN_CTX* ctx, + BN_MONT_CTX* m_ctx)) bn_mod_exp; /* Can be null */ + + ExternC!(int function(DH* dh)) init_; + ExternC!(int function(DH* dh)) finish; + int flags; + char* app_data; + /* If this is non-NULL, it will be used to generate parameters */ + ExternC!(int function(DH* dh, int prime_len, int generator, BN_GENCB* cb)) generate_params; + }; + +struct dh_st + { + /* This first argument is used to pick up errors when + * a DH is passed instead of a EVP_PKEY */ + int pad; + int version_; + BIGNUM* p; + BIGNUM* g; + c_long length; /* optional */ + BIGNUM* pub_key; /* g^x */ + BIGNUM* priv_key; /* x */ + + int flags; + BN_MONT_CTX* method_mont_p; + /* Place holders if we want to do X9.42 DH */ + BIGNUM* q; + BIGNUM* j; + ubyte* seed; + int seedlen; + BIGNUM* counter; + + int references; + CRYPTO_EX_DATA ex_data; + const(DH_METHOD)* meth; + ENGINE* engine; + }; + +enum DH_GENERATOR_2 = 2; +/* enum DH_GENERATOR_3 = 3; */ +enum DH_GENERATOR_5 = 5; + +/* DH_check error codes */ +enum DH_CHECK_P_NOT_PRIME = 0x01; +enum DH_CHECK_P_NOT_SAFE_PRIME = 0x02; +enum DH_UNABLE_TO_CHECK_GENERATOR = 0x04; +enum DH_NOT_SUITABLE_GENERATOR = 0x08; + +/* DH_check_pub_key error codes */ +enum DH_CHECK_PUBKEY_TOO_SMALL = 0x01; +enum DH_CHECK_PUBKEY_TOO_LARGE = 0x02; + +/* primes p where (p-1)/2 is prime too are called "safe"; we define + this for backward compatibility: */ +alias DH_CHECK_P_NOT_SAFE_PRIME DH_CHECK_P_NOT_STRONG_PRIME; + +auto d2i_DHparams_fp()(FILE* fp, void** x) { + return cast(DH*)ASN1_d2i_fp(cast(ExternC!(void* function()))&DH_new, + cast(d2i_of_void*)&d2i_DHparams,fp,x); +} +auto i2d_DHparams_fp()(FILE* fp, void* x) { return ASN1_i2d_fp(cast(d2i_of_void*)&i2d_DHparams,fp, x); } +auto d2i_DHparams_bio()(BIO* bp, void** x) { return ASN1_d2i_bio_of!DH(&DH_new,&d2i_DHparams,bp,x); } +auto i2d_DHparams_bio()(BIO* bp, void** x) { return ASN1_i2d_bio_of_const!DH(&i2d_DHparams,bp,x); } + +DH* DHparams_dup(DH*); + +const(DH_METHOD)* DH_OpenSSL(); + +void DH_set_default_method(const(DH_METHOD)* meth); +const(DH_METHOD)* DH_get_default_method(); +int DH_set_method(DH* dh, const(DH_METHOD)* meth); +DH* DH_new_method(ENGINE* engine); + +DH* DH_new(); +void DH_free(DH* dh); +int DH_up_ref(DH* dh); +int DH_size(const(DH)* dh); +int DH_get_ex_new_index(c_long argl, void* argp, CRYPTO_EX_new* new_func, + CRYPTO_EX_dup* dup_func, CRYPTO_EX_free* free_func); +int DH_set_ex_data(DH* d, int idx, void* arg); +void* DH_get_ex_data(DH* d, int idx); + +/* Deprecated version */ +version(OPENSSL_NO_DEPRECATED) {} else { +DH* DH_generate_parameters(int prime_len,int generator, + ExternC!(void function(int,int,void*)) callback,void* cb_arg); +} /* !defined(OPENSSL_NO_DEPRECATED) */ + +/* New version */ +int DH_generate_parameters_ex(DH* dh, int prime_len,int generator, BN_GENCB* cb); + +int DH_check(const(DH)* dh,int* codes); +int DH_check_pub_key(const(DH)* dh,const(BIGNUM)* pub_key, int* codes); +int DH_generate_key(DH* dh); +int DH_compute_key(ubyte* key,const(BIGNUM)* pub_key,DH* dh); +DH* d2i_DHparams(DH** a,const(ubyte)** pp, c_long length); +int i2d_DHparams(const(DH)* a,ubyte** pp); +version(OPENSSL_NO_FP_API) {} else { +int DHparams_print_fp(FILE* fp, const(DH)* x); +} +version(OPENSSL_NO_BIO) { +int DHparams_print(char* bp, const(DH)* x); +} else { +int DHparams_print(BIO* bp, const(DH)* x); +} + +auto EVP_PKEY_CTX_set_dh_paramgen_prime_len()(EVP_PKEY_CTX* ctx, int len) { + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, + EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, null); +} + +auto EVP_PKEY_CTX_set_dh_paramgen_generator()(EVP_PKEY_CTX* ctx, int gen) { + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, + EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, null); +} + +enum EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN = (EVP_PKEY_ALG_CTRL + 1); +enum EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR = (EVP_PKEY_ALG_CTRL + 2); + + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_DH_strings(); + +/* Error codes for the DH functions. */ + +/* Function codes. */ +enum DH_F_COMPUTE_KEY = 102; +enum DH_F_DHPARAMS_PRINT_FP = 101; +enum DH_F_DH_BUILTIN_GENPARAMS = 106; +enum DH_F_DH_COMPUTE_KEY = 114; +enum DH_F_DH_GENERATE_KEY = 115; +enum DH_F_DH_GENERATE_PARAMETERS_EX = 116; +enum DH_F_DH_NEW_METHOD = 105; +enum DH_F_DH_PARAM_DECODE = 107; +enum DH_F_DH_PRIV_DECODE = 110; +enum DH_F_DH_PRIV_ENCODE = 111; +enum DH_F_DH_PUB_DECODE = 108; +enum DH_F_DH_PUB_ENCODE = 109; +enum DH_F_DO_DH_PRINT = 100; +enum DH_F_GENERATE_KEY = 103; +enum DH_F_GENERATE_PARAMETERS = 104; +enum DH_F_PKEY_DH_DERIVE = 112; +enum DH_F_PKEY_DH_KEYGEN = 113; + +/* Reason codes. */ +enum DH_R_BAD_GENERATOR = 101; +enum DH_R_BN_DECODE_ERROR = 109; +enum DH_R_BN_ERROR = 106; +enum DH_R_DECODE_ERROR = 104; +enum DH_R_INVALID_PUBKEY = 102; +enum DH_R_KEYS_NOT_SET = 108; +enum DH_R_KEY_SIZE_TOO_SMALL = 110; +enum DH_R_MODULUS_TOO_LARGE = 103; +enum DH_R_NON_FIPS_METHOD = 111; +enum DH_R_NO_PARAMETERS_SET = 107; +enum DH_R_NO_PRIVATE_VALUE = 100; +enum DH_R_PARAMETER_ENCODING_ERROR = 105; diff --git a/deimos/openssl/dsa.d b/deimos/openssl/dsa.d new file mode 100644 index 0000000..e97c957 --- /dev/null +++ b/deimos/openssl/dsa.d @@ -0,0 +1,327 @@ +/* crypto/dsa/dsa.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* + * The DSS routines are based on patches supplied by + * Steven Schoch . He basically did the + * work and I have just tweaked them a little to fit into my + * stylistic vision for SSLeay :-) */ + +module deimos.openssl.dsa; + +import deimos.openssl._d_util; + +import deimos.openssl.evp; // Needed for EVP_PKEY_ALG_CTRL. + +public import deimos.openssl.e_os2; + +version (OPENSSL_NO_DSA) { + static assert(false, "DSA is disabled."); +} + +version(OPENSSL_NO_BIO) {} else { +public import deimos.openssl.bio; +} +public import deimos.openssl.crypto; +public import deimos.openssl.ossl_typ; + +version(OPENSSL_NO_DEPRECATED) {} else { +public import deimos.openssl.bn; +version(OPENSSL_NO_DH) {} else { +public import deimos.openssl.dh; +} +} + +// #ifndef OPENSSL_DSA_MAX_MODULUS_BITS +enum OPENSSL_DSA_MAX_MODULUS_BITS = 10000; +// #endif + +enum DSA_FLAG_CACHE_MONT_P = 0x01; +enum DSA_FLAG_NO_EXP_CONSTTIME = 0x02; /* new with 0.9.7h; the built-in DSA + * implementation now uses constant time + * modular exponentiation for secret exponents + * by default. This flag causes the + * faster variable sliding window method to + * be used for all exponents. + */ + +/* If this flag is set the DSA method is FIPS compliant and can be used + * in FIPS mode. This is set in the validated module method. If an + * application sets this flag in its own methods it is its reposibility + * to ensure the result is compliant. + */ + +enum DSA_FLAG_FIPS_METHOD = 0x0400; + +/* If this flag is set the operations normally disabled in FIPS mode are + * permitted it is then the applications responsibility to ensure that the + * usage is compliant. + */ + +enum DSA_FLAG_NON_FIPS_ALLOW = 0x0400; + +extern (C): +nothrow: + +/* Already defined in ossl_typ.h */ +/* typedef dsa_st DSA; */ +/* typedef dsa_method DSA_METHOD; */ + +struct DSA_SIG_st { + BIGNUM* r; + BIGNUM* s; + } +alias DSA_SIG_st DSA_SIG; + +struct dsa_method + { + const(char)* name; + ExternC!(DSA_SIG* function(const(ubyte)* dgst, int dlen, DSA* dsa)) dsa_do_sign; + ExternC!(int function(DSA* dsa, BN_CTX* ctx_in, BIGNUM** kinvp, + BIGNUM** rp)) dsa_sign_setup; + ExternC!(int function(const(ubyte)* dgst, int dgst_len, + DSA_SIG* sig, DSA* dsa)) dsa_do_verify; + ExternC!(int function(DSA* dsa, BIGNUM* rr, BIGNUM* a1, BIGNUM* p1, + BIGNUM* a2, BIGNUM* p2, BIGNUM* m, BN_CTX* ctx, + BN_MONT_CTX* in_mont)) dsa_mod_exp; + ExternC!(int function(DSA* dsa, BIGNUM* r, BIGNUM* a, const(BIGNUM)* p, + const(BIGNUM)* m, BN_CTX* ctx, + BN_MONT_CTX* m_ctx)) bn_mod_exp; /* Can be null */ + ExternC!(int function(DSA* dsa)) init_; + ExternC!(int function(DSA* dsa)) finish; + int flags; + char* app_data; + /* If this is non-NULL, it is used to generate DSA parameters */ + ExternC!(int function(DSA* dsa, int bits, + const(ubyte)* seed, int seed_len, + int* counter_ret, c_ulong* h_ret, + BN_GENCB* cb)) dsa_paramgen; + /* If this is non-NULL, it is used to generate DSA keys */ + ExternC!(int function(DSA* dsa)) dsa_keygen; + }; + +struct dsa_st + { + /* This first variable is used to pick up errors where + * a DSA is passed instead of of a EVP_PKEY */ + int pad; + c_long version_; + int write_params; + BIGNUM* p; + BIGNUM* q; /* == 20 */ + BIGNUM* g; + + BIGNUM* pub_key; /* y public key */ + BIGNUM* priv_key; /* x private key */ + + BIGNUM* kinv; /* Signing pre-calc */ + BIGNUM* r; /* Signing pre-calc */ + + int flags; + /* Normally used to cache montgomery values */ + BN_MONT_CTX* method_mont_p; + int references; + CRYPTO_EX_DATA ex_data; + const(DSA_METHOD)* meth; + /* functional reference if 'meth' is ENGINE-provided */ + ENGINE* engine; + }; + +auto d2i_DSAparams_fp()(FILE* fp, void** x) { + return cast(DSA*)ASN1_d2i_fp(cast(ExternC!(void* function()))&DSA_new, + cast(d2i_of_void*)&d2i_DSAparams,fp,x); +} +auto i2d_DSAparams_fp()(FILE* fp, void* x) { return ASN1_i2d_fp(cast(d2i_of_void*)&i2d_DSAparams,fp, x); } +auto d2i_DSAparams_bio()(BIO* bp, void** x) { return ASN1_d2i_bio_of!DSA(&DSA_new,&d2i_DSAparams,bp,x); } +auto i2d_DSAparams_bio()(BIO* bp, void** x) { return ASN1_i2d_bio_of_const!DSA(&i2d_DSAparams,bp,x); } + +DSA* DSAparams_dup(DSA* x); +DSA_SIG* DSA_SIG_new(); +void DSA_SIG_free(DSA_SIG* a); +int i2d_DSA_SIG(const(DSA_SIG)* a, ubyte** pp); +DSA_SIG* d2i_DSA_SIG(DSA_SIG** v, const(ubyte)** pp, c_long length); + +DSA_SIG* DSA_do_sign(const(ubyte)* dgst,int dlen,DSA* dsa); +int DSA_do_verify(const(ubyte)* dgst,int dgst_len, + DSA_SIG* sig,DSA* dsa); + +const(DSA_METHOD)* DSA_OpenSSL(); + +void DSA_set_default_method(const(DSA_METHOD)*); +const(DSA_METHOD)* DSA_get_default_method(); +int DSA_set_method(DSA* dsa, const(DSA_METHOD)*); + +DSA* DSA_new(); +DSA* DSA_new_method(ENGINE* engine); +void DSA_free (DSA* r); +/* "up" the DSA object's reference count */ +int DSA_up_ref(DSA* r); +int DSA_size(const(DSA)*); + /* next 4 return -1 on error */ +int DSA_sign_setup( DSA* dsa,BN_CTX* ctx_in,BIGNUM** kinvp,BIGNUM** rp); +int DSA_sign(int type,const(ubyte)* dgst,int dlen, + ubyte* sig, uint* siglen, DSA* dsa); +int DSA_verify(int type,const(ubyte)* dgst,int dgst_len, + const(ubyte)* sigbuf, int siglen, DSA* dsa); +int DSA_get_ex_new_index(c_long argl, void* argp, CRYPTO_EX_new* new_func, + CRYPTO_EX_dup* dup_func, CRYPTO_EX_free* free_func); +int DSA_set_ex_data(DSA* d, int idx, void* arg); +void* DSA_get_ex_data(DSA* d, int idx); + +DSA* d2i_DSAPublicKey(DSA** a, const(ubyte)** pp, c_long length); +DSA* d2i_DSAPrivateKey(DSA** a, const(ubyte)** pp, c_long length); +DSA* d2i_DSAparams(DSA** a, const(ubyte)** pp, c_long length); + +/* Deprecated version */ +version(OPENSSL_NO_DEPRECATED) {} else { +DSA* DSA_generate_parameters(int bits, + ubyte* seed,int seed_len, + int* counter_ret, c_ulong* h_ret,ExternC!(void + function(int, int, void*)) callback,void* cb_arg); +} /* !defined(OPENSSL_NO_DEPRECATED) */ + +/* New version */ +int DSA_generate_parameters_ex(DSA* dsa, int bits, + const(ubyte)* seed,int seed_len, + int* counter_ret, c_ulong* h_ret, BN_GENCB* cb); + +int DSA_generate_key(DSA* a); +int i2d_DSAPublicKey(const(DSA)* a, ubyte** pp); +int i2d_DSAPrivateKey(const(DSA)* a, ubyte** pp); +int i2d_DSAparams(const(DSA)* a,ubyte** pp); + +version(OPENSSL_NO_BIO) {} else { +int DSAparams_print(BIO* bp, const(DSA)* x); +int DSA_print(BIO* bp, const(DSA)* x, int off); +} +version(OPENSSL_NO_FP_API) {} else { +int DSAparams_print_fp(FILE* fp, const(DSA)* x); +int DSA_print_fp(FILE* bp, const(DSA)* x, int off); +} + +enum DSS_prime_checks = 50; +/* Primality test according to FIPS PUB 186[-1], Appendix 2.1: + * 50 rounds of Rabin-Miller */ +int DSA_is_prime()(const(BIGNUM)* n, ExternC!(void function(int,int,void*)) callback, void* cb_arg) { + return BN_is_prime(n, DSS_prime_checks, callback, null, cb_arg); +} + + +version(OPENSSL_NO_DH) {} else { +/* Convert DSA structure (key or just parameters) into DH structure + * (be careful to avoid small subgroup attacks when using this!) */ +DH* DSA_dup_DH(const(DSA)* r); +} + +auto EVP_PKEY_CTX_set_dsa_paramgen_bits()(EVP_PKEY_CTX* ctx, int nbits) { + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, + EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, null); +} + +enum EVP_PKEY_CTRL_DSA_PARAMGEN_BITS = (EVP_PKEY_ALG_CTRL + 1); +enum EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS = (EVP_PKEY_ALG_CTRL + 2); +enum EVP_PKEY_CTRL_DSA_PARAMGEN_MD = (EVP_PKEY_ALG_CTRL + 3); + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_DSA_strings(); + +/* Error codes for the DSA functions. */ + +/* Function codes. */ +enum DSA_F_D2I_DSA_SIG = 110; +enum DSA_F_DO_DSA_PRINT = 104; +enum DSA_F_DSAPARAMS_PRINT = 100; +enum DSA_F_DSAPARAMS_PRINT_FP = 101; +enum DSA_F_DSA_DO_SIGN = 112; +enum DSA_F_DSA_DO_VERIFY = 113; +enum DSA_F_DSA_GENERATE_KEY = 124; +enum DSA_F_DSA_GENERATE_PARAMETERS_EX = 123; +enum DSA_F_DSA_NEW_METHOD = 103; +enum DSA_F_DSA_PARAM_DECODE = 119; +enum DSA_F_DSA_PRINT_FP = 105; +enum DSA_F_DSA_PRIV_DECODE = 115; +enum DSA_F_DSA_PRIV_ENCODE = 116; +enum DSA_F_DSA_PUB_DECODE = 117; +enum DSA_F_DSA_PUB_ENCODE = 118; +enum DSA_F_DSA_SIGN = 106; +enum DSA_F_DSA_SIGN_SETUP = 107; +enum DSA_F_DSA_SIG_NEW = 109; +enum DSA_F_DSA_SIG_PRINT = 125; +enum DSA_F_DSA_VERIFY = 108; +enum DSA_F_I2D_DSA_SIG = 111; +enum DSA_F_OLD_DSA_PRIV_DECODE = 122; +enum DSA_F_PKEY_DSA_CTRL = 120; +enum DSA_F_PKEY_DSA_KEYGEN = 121; +enum DSA_F_SIG_CB = 114; + +/* Reason codes. */ +enum DSA_R_BAD_Q_VALUE = 102; +enum DSA_R_BN_DECODE_ERROR = 108; +enum DSA_R_BN_ERROR = 109; +enum DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE = 100; +enum DSA_R_DECODE_ERROR = 104; +enum DSA_R_INVALID_DIGEST_TYPE = 106; +enum DSA_R_MISSING_PARAMETERS = 101; +enum DSA_R_MODULUS_TOO_LARGE = 103; +enum DSA_R_NEED_NEW_SETUP_VALUES = 110; +enum DSA_R_NON_FIPS_DSA_METHOD = 111; +enum DSA_R_NO_PARAMETERS_SET = 107; +enum DSA_R_PARAMETER_ENCODING_ERROR = 105; diff --git a/deimos/openssl/dso.d b/deimos/openssl/dso.d new file mode 100644 index 0000000..9e0e296 --- /dev/null +++ b/deimos/openssl/dso.d @@ -0,0 +1,405 @@ +/* dso.h -*- mode:C; c-file-style: "eay" -*- */ +/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +module deimos.openssl.dso; + +import deimos.openssl._d_util; + +public import deimos.openssl.crypto; + +extern (C): +nothrow: + +/* These values are used as commands to DSO_ctrl() */ +enum DSO_CTRL_GET_FLAGS = 1; +enum DSO_CTRL_SET_FLAGS = 2; +enum DSO_CTRL_OR_FLAGS = 3; + +/* By default, DSO_load() will translate the provided filename into a form + * typical for the platform (more specifically the DSO_METHOD) using the + * dso_name_converter function of the method. Eg. win32 will transform "blah" + * into "blah.dll", and dlfcn will transform it into "libblah.so". The + * behaviour can be overriden by setting the name_converter callback in the DSO + * object (using DSO_set_name_converter()). This callback could even utilise + * the DSO_METHOD's converter too if it only wants to override behaviour for + * one or two possible DSO methods. However, the following flag can be set in a + * DSO to prevent* any* native name-translation at all - eg. if the caller has + * prompted the user for a path to a driver library so the filename should be + * interpreted as-is. */ +enum DSO_FLAG_NO_NAME_TRANSLATION = 0x01; +/* An extra flag to give if only the extension should be added as + * translation. This is obviously only of importance on Unix and + * other operating systems where the translation also may prefix + * the name with something, like 'lib', and ignored everywhere else. + * This flag is also ignored if DSO_FLAG_NO_NAME_TRANSLATION is used + * at the same time. */ +enum DSO_FLAG_NAME_TRANSLATION_EXT_ONLY = 0x02; + +/* The following flag controls the translation of symbol names to upper + * case. This is currently only being implemented for OpenVMS. + */ +enum DSO_FLAG_UPCASE_SYMBOL = 0x10; + +/* This flag loads the library with public symbols. + * Meaning: The exported symbols of this library are public + * to all libraries loaded after this library. + * At the moment only implemented in unix. + */ +enum DSO_FLAG_GLOBAL_SYMBOLS = 0x20; + + +alias ExternC!(void function()) DSO_FUNC_TYPE; + +alias dso_st DSO; + +/* The function prototype used for method functions (or caller-provided + * callbacks) that transform filenames. They are passed a DSO structure pointer + * (or NULL if they are to be used independantly of a DSO object) and a + * filename to transform. They should either return NULL (if there is an error + * condition) or a newly allocated string containing the transformed form that + * the caller will need to free with OPENSSL_free() when done. */ +alias ExternC!(char*function(DSO*, const(char)*)) DSO_NAME_CONVERTER_FUNC; +/* The function prototype used for method functions (or caller-provided + * callbacks) that merge two file specifications. They are passed a + * DSO structure pointer (or NULL if they are to be used independantly of + * a DSO object) and two file specifications to merge. They should + * either return NULL (if there is an error condition) or a newly allocated + * string containing the result of merging that the caller will need + * to free with OPENSSL_free() when done. + * Here, merging means that bits and pieces are taken from each of the + * file specifications and added together in whatever fashion that is + * sensible for the DSO method in question. The only rule that really + * applies is that if the two specification contain pieces of the same + * type, the copy from the first string takes priority. One could see + * it as the first specification is the one given by the user and the + * second being a bunch of defaults to add on if they're missing in the + * first. */ +alias ExternC!(char*function(DSO*, const(char)*, const(char)*)) DSO_MERGER_FUNC; + +struct dso_meth_st + { + const(char)* name; + /* Loads a shared library, NB: new DSO_METHODs must ensure that a + * successful load populates the loaded_filename field, and likewise a + * successful unload OPENSSL_frees and NULLs it out. */ + ExternC!(int function(DSO* dso)) dso_load; + /* Unloads a shared library */ + ExternC!(int function(DSO* dso)) dso_unload; + /* Binds a variable */ + ExternC!(void* function(DSO* dso, const(char)* symname)) dso_bind_var; + /* Binds a function - assumes a return type of DSO_FUNC_TYPE. + * This should be cast to the real function prototype by the + * caller. Platforms that don't have compatible representations + * for different prototypes (this is possible within ANSI C) + * are highly unlikely to have shared libraries at all, let + * alone a DSO_METHOD implemented for them. */ + ExternC!(DSO_FUNC_TYPE function(DSO* dso, const(char)* symname)) dso_bind_func; + +/* I don't think this would actually be used in any circumstances. */ +version (none) { + /* Unbinds a variable */ + ExternC!(int function(DSO* dso, char* symname, void* symptr)) dso_unbind_var; + /* Unbinds a function */ + ExternC!(int function(DSO* dso, char* symname, DSO_FUNC_TYPE symptr)) dso_unbind_func; +} + /* The generic (yuck) "ctrl()" function. NB: Negative return + * values (rather than zero) indicate errors. */ + ExternC!(c_long function(DSO* dso, int cmd, c_long larg, void* parg)) dso_ctrl; + /* The default DSO_METHOD-specific function for converting filenames to + * a canonical native form. */ + DSO_NAME_CONVERTER_FUNC dso_name_converter; + /* The default DSO_METHOD-specific function for converting filenames to + * a canonical native form. */ + DSO_MERGER_FUNC dso_merger; + + /* [De]Initialisation handlers. */ + ExternC!(int function(DSO* dso)) init_; + ExternC!(int function(DSO* dso)) finish; + + /* Return pathname of the module containing location */ + ExternC!(int function(void* addr,char* path,int sz)) pathbyaddr; + /* Perform global symbol lookup, i.e. among* all* modules */ + ExternC!(void* function(const(char)* symname)) globallookup; + } +alias dso_meth_st DSO_METHOD; + +/**********************************************************************/ +/* The low-level handle type used to refer to a loaded shared library */ + +struct dso_st + { + DSO_METHOD* meth; + /* Standard dlopen uses a (void*). Win32 uses a HANDLE. VMS + * doesn't use anything but will need to cache the filename + * for use in the dso_bind handler. All in all, let each + * method control its own destiny. "Handles" and such go in + * a STACK. */ + STACK_OF!() *meth_data; + int references; + int flags; + /* For use by applications etc ... use this for your bits'n'pieces, + * don't touch meth_data! */ + CRYPTO_EX_DATA ex_data; + /* If this callback function pointer is set to non-NULL, then it will + * be used in DSO_load() in place of meth->dso_name_converter. NB: This + * should normally set using DSO_set_name_converter(). */ + DSO_NAME_CONVERTER_FUNC name_converter; + /* If this callback function pointer is set to non-NULL, then it will + * be used in DSO_load() in place of meth->dso_merger. NB: This + * should normally set using DSO_set_merger(). */ + DSO_MERGER_FUNC merger; + /* This is populated with (a copy of) the platform-independant + * filename used for this DSO. */ + char* filename; + /* This is populated with (a copy of) the translated filename by which + * the DSO was actually loaded. It is NULL iff the DSO is not currently + * loaded. NB: This is here because the filename translation process + * may involve a callback being invoked more than once not only to + * convert to a platform-specific form, but also to try different + * filenames in the process of trying to perform a load. As such, this + * variable can be used to indicate (a) whether this DSO structure + * corresponds to a loaded library or not, and (b) the filename with + * which it was actually loaded. */ + char* loaded_filename; + }; + + +DSO* DSO_new(); +DSO* DSO_new_method(DSO_METHOD* method); +int DSO_free(DSO* dso); +int DSO_flags(DSO* dso); +int DSO_up_ref(DSO* dso); +c_long DSO_ctrl(DSO* dso, int cmd, c_long larg, void* parg); + +/* This function sets the DSO's name_converter callback. If it is non-NULL, + * then it will be used instead of the associated DSO_METHOD's function. If + * oldcb is non-NULL then it is set to the function pointer value being + * replaced. Return value is non-zero for success. */ +int DSO_set_name_converter(DSO* dso, DSO_NAME_CONVERTER_FUNC cb, + DSO_NAME_CONVERTER_FUNC* oldcb); +/* These functions can be used to get/set the platform-independant filename + * used for a DSO. NB: set will fail if the DSO is already loaded. */ +const(char)* DSO_get_filename(DSO* dso); +int DSO_set_filename(DSO* dso, const(char)* filename); +/* This function will invoke the DSO's name_converter callback to translate a + * filename, or if the callback isn't set it will instead use the DSO_METHOD's + * converter. If "filename" is NULL, the "filename" in the DSO itself will be + * used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is + * simply duplicated. NB: This function is usually called from within a + * DSO_METHOD during the processing of a DSO_load() call, and is exposed so that + * caller-created DSO_METHODs can do the same thing. A non-NULL return value + * will need to be OPENSSL_free()'d. */ +char* DSO_convert_filename(DSO* dso, const(char)* filename); +/* This function will invoke the DSO's merger callback to merge two file + * specifications, or if the callback isn't set it will instead use the + * DSO_METHOD's merger. A non-NULL return value will need to be + * OPENSSL_free()'d. */ +char* DSO_merge(DSO* dso, const(char)* filespec1, const(char)* filespec2); +/* If the DSO is currently loaded, this returns the filename that it was loaded + * under, otherwise it returns NULL. So it is also useful as a test as to + * whether the DSO is currently loaded. NB: This will not necessarily return + * the same value as DSO_convert_filename(dso, dso->filename), because the + * DSO_METHOD's load function may have tried a variety of filenames (with + * and/or without the aid of the converters) before settling on the one it + * actually loaded. */ +const(char)* DSO_get_loaded_filename(DSO* dso); + +void DSO_set_default_method(DSO_METHOD* meth); +DSO_METHOD* DSO_get_default_method(); +DSO_METHOD* DSO_get_method(DSO* dso); +DSO_METHOD* DSO_set_method(DSO* dso, DSO_METHOD* meth); + +/* The all-singing all-dancing load function, you normally pass NULL + * for the first and third parameters. Use DSO_up and DSO_free for + * subsequent reference count handling. Any flags passed in will be set + * in the constructed DSO after its init() function but before the + * load operation. If 'dso' is non-NULL, 'flags' is ignored. */ +DSO* DSO_load(DSO* dso, const(char)* filename, DSO_METHOD* meth, int flags); + +/* This function binds to a variable inside a shared library. */ +void* DSO_bind_var(DSO* dso, const(char)* symname); + +/* This function binds to a function inside a shared library. */ +DSO_FUNC_TYPE DSO_bind_func(DSO* dso, const(char)* symname); + +/* This method is the default, but will beg, borrow, or steal whatever + * method should be the default on any particular platform (including + * DSO_METH_null() if necessary). */ +DSO_METHOD* DSO_METHOD_openssl(); + +/* This method is defined for all platforms - if a platform has no + * DSO support then this will be the only method! */ +DSO_METHOD* DSO_METHOD_null(); + +/* If DSO_DLFCN is defined, the standard dlfcn.h-style functions + * (dlopen, dlclose, dlsym, etc) will be used and incorporated into + * this method. If not, this method will return NULL. */ +DSO_METHOD* DSO_METHOD_dlfcn(); + +/* If DSO_DL is defined, the standard dl.h-style functions (shl_load, + * shl_unload, shl_findsym, etc) will be used and incorporated into + * this method. If not, this method will return NULL. */ +DSO_METHOD* DSO_METHOD_dl(); + +/* If WIN32 is defined, use DLLs. If not, return NULL. */ +DSO_METHOD* DSO_METHOD_win32(); + +/* If VMS is defined, use shared images. If not, return NULL. */ +DSO_METHOD* DSO_METHOD_vms(); + +/* This function writes null-terminated pathname of DSO module + * containing 'addr' into 'sz' large caller-provided 'path' and + * returns the number of characters [including trailing zero] + * written to it. If 'sz' is 0 or negative, 'path' is ignored and + * required amount of charachers [including trailing zero] to + * accomodate pathname is returned. If 'addr' is NULL, then + * pathname of cryptolib itself is returned. Negative or zero + * return value denotes error. + */ +int DSO_pathbyaddr(void* addr,char* path,int sz); + +/* This function should be used with caution! It looks up symbols in + ** all* loaded modules and if module gets unloaded by somebody else + * attempt to dereference the pointer is doomed to have fatal + * consequences. Primary usage for this function is to probe* core* + * system functionality, e.g. check if getnameinfo(3) is available + * at run-time without bothering about OS-specific details such as + * libc.so.versioning or where does it actually reside: in libc + * itself or libsocket. */ +void* DSO_global_lookup(const(char)* name); + +/* If BeOS is defined, use shared images. If not, return NULL. */ +DSO_METHOD* DSO_METHOD_beos(); + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_DSO_strings(); + +/* Error codes for the DSO functions. */ + +/* Function codes. */ +enum DSO_F_BEOS_BIND_FUNC = 144; +enum DSO_F_BEOS_BIND_VAR = 145; +enum DSO_F_BEOS_LOAD = 146; +enum DSO_F_BEOS_NAME_CONVERTER = 147; +enum DSO_F_BEOS_UNLOAD = 148; +enum DSO_F_DLFCN_BIND_FUNC = 100; +enum DSO_F_DLFCN_BIND_VAR = 101; +enum DSO_F_DLFCN_LOAD = 102; +enum DSO_F_DLFCN_MERGER = 130; +enum DSO_F_DLFCN_NAME_CONVERTER = 123; +enum DSO_F_DLFCN_UNLOAD = 103; +enum DSO_F_DL_BIND_FUNC = 104; +enum DSO_F_DL_BIND_VAR = 105; +enum DSO_F_DL_LOAD = 106; +enum DSO_F_DL_MERGER = 131; +enum DSO_F_DL_NAME_CONVERTER = 124; +enum DSO_F_DL_UNLOAD = 107; +enum DSO_F_DSO_BIND_FUNC = 108; +enum DSO_F_DSO_BIND_VAR = 109; +enum DSO_F_DSO_CONVERT_FILENAME = 126; +enum DSO_F_DSO_CTRL = 110; +enum DSO_F_DSO_FREE = 111; +enum DSO_F_DSO_GET_FILENAME = 127; +enum DSO_F_DSO_GET_LOADED_FILENAME = 128; +enum DSO_F_DSO_GLOBAL_LOOKUP = 139; +enum DSO_F_DSO_LOAD = 112; +enum DSO_F_DSO_MERGE = 132; +enum DSO_F_DSO_NEW_METHOD = 113; +enum DSO_F_DSO_PATHBYADDR = 140; +enum DSO_F_DSO_SET_FILENAME = 129; +enum DSO_F_DSO_SET_NAME_CONVERTER = 122; +enum DSO_F_DSO_UP_REF = 114; +enum DSO_F_GLOBAL_LOOKUP_FUNC = 138; +enum DSO_F_PATHBYADDR = 137; +enum DSO_F_VMS_BIND_SYM = 115; +enum DSO_F_VMS_LOAD = 116; +enum DSO_F_VMS_MERGER = 133; +enum DSO_F_VMS_UNLOAD = 117; +enum DSO_F_WIN32_BIND_FUNC = 118; +enum DSO_F_WIN32_BIND_VAR = 119; +enum DSO_F_WIN32_GLOBALLOOKUP = 142; +enum DSO_F_WIN32_GLOBALLOOKUP_FUNC = 143; +enum DSO_F_WIN32_JOINER = 135; +enum DSO_F_WIN32_LOAD = 120; +enum DSO_F_WIN32_MERGER = 134; +enum DSO_F_WIN32_NAME_CONVERTER = 125; +enum DSO_F_WIN32_PATHBYADDR = 141; +enum DSO_F_WIN32_SPLITTER = 136; +enum DSO_F_WIN32_UNLOAD = 121; + +/* Reason codes. */ +enum DSO_R_CTRL_FAILED = 100; +enum DSO_R_DSO_ALREADY_LOADED = 110; +enum DSO_R_EMPTY_FILE_STRUCTURE = 113; +enum DSO_R_FAILURE = 114; +enum DSO_R_FILENAME_TOO_BIG = 101; +enum DSO_R_FINISH_FAILED = 102; +enum DSO_R_INCORRECT_FILE_SYNTAX = 115; +enum DSO_R_LOAD_FAILED = 103; +enum DSO_R_NAME_TRANSLATION_FAILED = 109; +enum DSO_R_NO_FILENAME = 111; +enum DSO_R_NO_FILE_SPECIFICATION = 116; +enum DSO_R_NULL_HANDLE = 104; +enum DSO_R_SET_FILENAME_FAILED = 112; +enum DSO_R_STACK_ERROR = 105; +enum DSO_R_SYM_FAILURE = 106; +enum DSO_R_UNLOAD_FAILED = 107; +enum DSO_R_UNSUPPORTED = 108; diff --git a/deimos/openssl/dtls1.d b/deimos/openssl/dtls1.d new file mode 100644 index 0000000..cb11fc2 --- /dev/null +++ b/deimos/openssl/dtls1.d @@ -0,0 +1,290 @@ +/* ssl/dtls1.h */ +/* + * DTLS implementation written by Nagendra Modadugu + * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. + */ +/* ==================================================================== + * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +module deimos.openssl.dtls1; + +import deimos.openssl._d_util; + +import deimos.openssl.comp; // Needed for COMP_CTX. +import deimos.openssl.ssl; // Needed for SSL_SESSION. +import deimos.openssl.ssl3; // Needed for SSL3_BUFFER. + +public import deimos.openssl.buffer; +public import deimos.openssl.pqueue; +// #ifdef OPENSSL_SYS_VMS +// #include +// #include +// #endif +version (Windows) { +/* Needed for timeval */ +static if (__VERSION__ >= 2070) + import core.sys.windows.winsock2; +else + import std.c.windows.winsock; +// #elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_) +// #include +// #else +// #if defined(OPENSSL_SYS_VXWORKS) +// #include +// #else +} else version (Win64) { +import core.sys.windows.winsock2; +} else { +import core.sys.posix.sys.time; +} + +extern (C): +nothrow: + +enum DTLS1_VERSION = 0xFEFF; +enum DTLS1_BAD_VER = 0x0100; + +version (none) { +/* this alert description is not specified anywhere... */ +enum DTLS1_AD_MISSING_HANDSHAKE_MESSAGE = 110; +} + +/* lengths of messages */ +enum DTLS1_COOKIE_LENGTH = 256; + +enum DTLS1_RT_HEADER_LENGTH = 13; + +enum DTLS1_HM_HEADER_LENGTH = 12; + +enum DTLS1_HM_BAD_FRAGMENT = -2; +enum DTLS1_HM_FRAGMENT_RETRY = -3; + +enum DTLS1_CCS_HEADER_LENGTH = 1; + +version (none) { // #ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE +enum DTLS1_AL_HEADER_LENGTH = 7; +} else { +enum DTLS1_AL_HEADER_LENGTH = 2; +} + +version(OPENSSL_NO_SSL_INTERN) {} else { + +version(OPENSSL_NO_SCTP) {} else { + enum DTLS1_SCTP_AUTH_LABEL = "EXPORTER_DTLS_OVER_SCTP"; +} + +struct dtls1_bitmap_st { + c_ulong map; /* track 32 packets on 32-bit systems + and 64 - on 64-bit systems */ + ubyte[8] max_seq_num; /* max record number seen so far, + 64-bit value in big-endian + encoding */ + } +alias dtls1_bitmap_st DTLS1_BITMAP; + +struct dtls1_retransmit_state + { + EVP_CIPHER_CTX* enc_write_ctx; /* cryptographic state */ + EVP_MD_CTX* write_hash; /* used for mac generation */ +version(OPENSSL_NO_COMP) { + char* compress; +} else { + COMP_CTX* compress; /* compression */ +} + SSL_SESSION* session; + ushort epoch; + }; + +struct hm_header_st + { + ubyte type; + c_ulong msg_len; + ushort seq; + c_ulong frag_off; + c_ulong frag_len; + uint is_ccs; + dtls1_retransmit_state saved_retransmit_state; + }; + +struct ccs_header_st + { + ubyte type; + ushort seq; + }; + +struct dtls1_timeout_st + { + /* Number of read timeouts so far */ + uint read_timeouts; + + /* Number of write timeouts so far */ + uint write_timeouts; + + /* Number of alerts received so far */ + uint num_alerts; + }; + +struct record_pqueue_st { + ushort epoch; + pqueue q; + } +alias record_pqueue_st record_pqueue; + +struct hm_fragment_st { + hm_header_st msg_header; + ubyte* fragment; + ubyte* reassembly; + } +alias hm_fragment_st hm_fragment; + +struct dtls1_state_st { + uint send_cookie; + ubyte[DTLS1_COOKIE_LENGTH] cookie; + ubyte[DTLS1_COOKIE_LENGTH] rcvd_cookie; + uint cookie_len; + + /* + * The current data and handshake epoch. This is initially + * undefined, and starts at zero once the initial handshake is + * completed + */ + ushort r_epoch; + ushort w_epoch; + + /* records being received in the current epoch */ + DTLS1_BITMAP bitmap; + + /* renegotiation starts a new set of sequence numbers */ + DTLS1_BITMAP next_bitmap; + + /* handshake message numbers */ + ushort handshake_write_seq; + ushort next_handshake_write_seq; + + ushort handshake_read_seq; + + /* save last sequence number for retransmissions */ + ubyte[8] last_write_sequence; + + /* Received handshake records (processed and unprocessed) */ + record_pqueue unprocessed_rcds; + record_pqueue processed_rcds; + + /* Buffered handshake messages */ + pqueue buffered_messages; + + /* Buffered (sent) handshake records */ + pqueue sent_messages; + + /* Buffered application records. + * Only for records between CCS and Finished + * to prevent either protocol violation or + * unnecessary message loss. + */ + record_pqueue buffered_app_data; + + /* Is set when listening for new connections with dtls1_listen() */ + uint listen; + + uint mtu; /* max DTLS packet size */ + + hm_header_st w_msg_hdr; + hm_header_st r_msg_hdr; + + dtls1_timeout_st timeout; + + /* Indicates when the last handshake msg or heartbeat sent will timeout */ + timeval next_timeout; + + /* Timeout duration */ + ushort timeout_duration; + + /* storage for Alert/Handshake protocol data received but not + * yet processed by ssl3_read_bytes: */ + ubyte[DTLS1_AL_HEADER_LENGTH] alert_fragment; + uint alert_fragment_len; + ubyte[DTLS1_HM_HEADER_LENGTH] handshake_fragment; + uint handshake_fragment_len; + + uint retransmitting; + uint change_cipher_spec_ok; + +version(OPENSSL_NO_SCTP) {} else { + /* used when SSL_ST_XX_FLUSH is entered */ + int next_state; + + int shutdown_received; +} + + } +alias dtls1_state_st DTLS1_STATE; + +struct dtls1_record_data_st { + ubyte* packet; + uint packet_length; + SSL3_BUFFER rbuf; + SSL3_RECORD rrec; + version(OPENSSL_NO_SCTP) {} else { + bio_dgram_sctp_rcvinfo recordinfo; + } + } +alias dtls1_record_data_st DTLS1_RECORD_DATA; + +} + +/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */ +enum DTLS1_TMO_READ_COUNT = 2; +enum DTLS1_TMO_WRITE_COUNT = 2; + +enum DTLS1_TMO_ALERT_COUNT = 12; diff --git a/deimos/openssl/e_os2.d b/deimos/openssl/e_os2.d new file mode 100644 index 0000000..19d2229 --- /dev/null +++ b/deimos/openssl/e_os2.d @@ -0,0 +1,64 @@ +/* e_os2.h */ +/* ==================================================================== + * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +module deimos.openssl.e_os2; + +import deimos.openssl._d_util; + +public import deimos.openssl.opensslconf; + +/+ For D, the predefined OS version identifiers are used. +/ + +alias ossl_ssize_t = ptrdiff_t; \ No newline at end of file diff --git a/deimos/openssl/ebcdic.d b/deimos/openssl/ebcdic.d new file mode 100644 index 0000000..8fe769a --- /dev/null +++ b/deimos/openssl/ebcdic.d @@ -0,0 +1,16 @@ +/* crypto/ebcdic.h */ + +module deimos.openssl.ebcdic; + +import deimos.openssl._d_util; + +/* Avoid name clashes with other applications */ +alias _openssl_os_toascii os_toascii; +alias _openssl_os_toebcdic os_toebcdic; +alias _openssl_ebcdic2ascii ebcdic2ascii; +alias _openssl_ascii2ebcdic ascii2ebcdic; + +extern const ubyte[256] _openssl_os_toascii; +extern const ubyte[256] _openssl_os_toebcdic; +void* _openssl_ebcdic2ascii(void* dest, const(void)* srce, size_t count); +void* _openssl_ascii2ebcdic(void* dest, const(void)* srce, size_t count); diff --git a/deimos/openssl/ec.d b/deimos/openssl/ec.d new file mode 100644 index 0000000..90f1249 --- /dev/null +++ b/deimos/openssl/ec.d @@ -0,0 +1,1155 @@ +/* crypto/ec/ec.h */ +/* + * Originally written by Bodo Moeller for the OpenSSL project. + */ +/** + * \file crypto/ec/ec.h Include file for the OpenSSL EC functions + * \author Originally written by Bodo Moeller for the OpenSSL project + */ +/* ==================================================================== + * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * Portions of the attached software ("Contribution") are developed by + * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. + * + * The Contribution is licensed pursuant to the OpenSSL open source + * license provided above. + * + * The elliptic curve binary polynomial software is originally written by + * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. + * + */ + +module deimos.openssl.ec; + +import deimos.openssl._d_util; + +public import deimos.openssl.opensslconf; +import deimos.openssl.evp; // Needed for EVP_PKEY_ALG_CTRL and ec_key_st. + +version (OPENSSL_NO_EC) { + static assert(false, "EC is disabled."); +} + +public import deimos.openssl.asn1; +public import deimos.openssl.symhacks; +version(OPENSSL_NO_DEPRECATED) {} else { +public import deimos.openssl.bn; +} + +extern (C): +nothrow: + +static if (!is(typeof(OPENSSL_ECC_MAX_FIELD_BITS))) { + enum OPENSSL_ECC_MAX_FIELD_BITS = 661; +} + +/** Enum for the point conversion form as defined in X9.62 (ECDSA) + * for the encoding of a elliptic curve point (x,y) */ +enum point_conversion_form_t { + /** the point is encoded as z||x, where the octet z specifies + * which solution of the quadratic equation y is */ + POINT_CONVERSION_COMPRESSED = 2, + /** the point is encoded as z||x||y, where z is the octet 0x02 */ + POINT_CONVERSION_UNCOMPRESSED = 4, + /** the point is encoded as z||x||y, where the octet z specifies + * which solution of the quadratic equation y is */ + POINT_CONVERSION_HYBRID = 6 +} + + +struct ec_method_st; +alias ec_method_st EC_METHOD; + +struct ec_group_st; + /* + EC_METHOD* meth; + -- field definition + -- curve coefficients + -- optional generator with associated information (order, cofactor) + -- optional extra data (precomputed table for fast computation of multiples of generator) + -- ASN1 stuff + */ +alias ec_group_st EC_GROUP; + +struct ec_point_st; +alias ec_point_st EC_POINT; + + +/********************************************************************/ +/* EC_METHODs for curves over GF(p) */ +/********************************************************************/ + +/** Returns the basic GFp ec methods which provides the basis for the + * optimized methods. + * \return EC_METHOD object + */ +const(EC_METHOD)* EC_GFp_simple_method(); + +/** Returns GFp methods using montgomery multiplication. + * \return EC_METHOD object + */ +const(EC_METHOD)* EC_GFp_mont_method(); + +/** Returns GFp methods using optimized methods for NIST recommended curves + * \return EC_METHOD object + */ +const(EC_METHOD)* EC_GFp_nist_method(); + +version(OPENSSL_NO_EC_NISTP_64_GCC_128) {} else { +/** Returns 64-bit optimized methods for nistp224 + * \return EC_METHOD object + */ +const(EC_METHOD)* EC_GFp_nistp224_method(); + +/** Returns 64-bit optimized methods for nistp256 + * \return EC_METHOD object + */ +const(EC_METHOD)* EC_GFp_nistp256_method(); + +/** Returns 64-bit optimized methods for nistp521 + * \return EC_METHOD object + */ +const(EC_METHOD)* EC_GFp_nistp521_method(); +} + +version(OPENSSL_NO_EC2M) {} else { +/********************************************************************/ +/* EC_METHOD for curves over GF(2^m) */ +/********************************************************************/ + +/** Returns the basic GF2m ec method + * \return EC_METHOD object + */ +const(EC_METHOD)* EC_GF2m_simple_method(); + +} + + +/********************************************************************/ +/* EC_GROUP functions */ +/********************************************************************/ + +/** Creates a new EC_GROUP object + * \param meth EC_METHOD to use + * \return newly created EC_GROUP object or NULL in case of an error. + */ +EC_GROUP* EC_GROUP_new(const(EC_METHOD)* meth); + +/** Frees a EC_GROUP object + * \param group EC_GROUP object to be freed. + */ +void EC_GROUP_free(EC_GROUP* group); + +/** Clears and frees a EC_GROUP object + * \param group EC_GROUP object to be cleared and freed. + */ +void EC_GROUP_clear_free(EC_GROUP* group); + +/** Copies EC_GROUP objects. Note: both EC_GROUPs must use the same EC_METHOD. + * \param dst destination EC_GROUP object + * \param src source EC_GROUP object + * \return 1 on success and 0 if an error occurred. + */ +int EC_GROUP_copy(EC_GROUP* dst, const(EC_GROUP)* src); + +/** Creates a new EC_GROUP object and copies the copies the content + * form src to the newly created EC_KEY object + * \param src source EC_GROUP object + * \return newly created EC_GROUP object or NULL in case of an error. + */ +EC_GROUP* EC_GROUP_dup(const(EC_GROUP)* src); + +/** Returns the EC_METHOD of the EC_GROUP object. + * \param group EC_GROUP object + * \return EC_METHOD used in this EC_GROUP object. + */ +const(EC_METHOD)* EC_GROUP_method_of(const(EC_GROUP)* group); + +/** Returns the field type of the EC_METHOD. + * \param meth EC_METHOD object + * \return NID of the underlying field type OID. + */ +int EC_METHOD_get_field_type(const(EC_METHOD)* meth); + +/** Sets the generator and it's order/cofactor of a EC_GROUP object. + * \param group EC_GROUP object + * \param generator EC_POINT object with the generator. + * \param order the order of the group generated by the generator. + * \param cofactor the index of the sub-group generated by the generator + * in the group of all points on the elliptic curve. + * \return 1 on success and 0 if an error occured + */ +int EC_GROUP_set_generator(EC_GROUP* group, const(EC_POINT)* generator, const(BIGNUM)* order, const(BIGNUM)* cofactor); + +/** Returns the generator of a EC_GROUP object. + * \param group EC_GROUP object + * \return the currently used generator (possibly NULL). + */ +const(EC_POINT)* EC_GROUP_get0_generator(const(EC_GROUP)* group); + +/** Gets the order of a EC_GROUP + * \param group EC_GROUP object + * \param order BIGNUM to which the order is copied + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_GROUP_get_order(const(EC_GROUP)* group, BIGNUM* order, BN_CTX* ctx); + +/** Gets the cofactor of a EC_GROUP + * \param group EC_GROUP object + * \param cofactor BIGNUM to which the cofactor is copied + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_GROUP_get_cofactor(const(EC_GROUP)* group, BIGNUM* cofactor, BN_CTX* ctx); + +/** Sets the name of a EC_GROUP object + * \param group EC_GROUP object + * \param nid NID of the curve name OID + */ +void EC_GROUP_set_curve_name(EC_GROUP* group, int nid); + +/** Returns the curve name of a EC_GROUP object + * \param group EC_GROUP object + * \return NID of the curve name OID or 0 if not set. + */ +int EC_GROUP_get_curve_name(const(EC_GROUP)* group); + +void EC_GROUP_set_asn1_flag(EC_GROUP* group, int flag); +int EC_GROUP_get_asn1_flag(const(EC_GROUP)* group); + +void EC_GROUP_set_point_conversion_form(EC_GROUP* group, point_conversion_form_t); +point_conversion_form_t EC_GROUP_get_point_conversion_form(const(EC_GROUP)*); + +ubyte* EC_GROUP_get0_seed(const(EC_GROUP)* x); +size_t EC_GROUP_get_seed_len(const(EC_GROUP)*); +size_t EC_GROUP_set_seed(EC_GROUP*, const(ubyte)*, size_t len); + +/** Sets the parameter of a ec over GFp defined by y^2 = x^3 + a*x + b + * \param group EC_GROUP object + * \param p BIGNUM with the prime number + * \param a BIGNUM with parameter a of the equation + * \param b BIGNUM with parameter b of the equation + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_GROUP_set_curve_GFp(EC_GROUP* group, const(BIGNUM)* p, const(BIGNUM)* a, const(BIGNUM)* b, BN_CTX* ctx); + +/** Gets the parameter of the ec over GFp defined by y^2 = x^3 + a*x + b + * \param group EC_GROUP object + * \param p BIGNUM for the prime number + * \param a BIGNUM for parameter a of the equation + * \param b BIGNUM for parameter b of the equation + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_GROUP_get_curve_GFp(const(EC_GROUP)* group, BIGNUM* p, BIGNUM* a, BIGNUM* b, BN_CTX* ctx); + +version(OPENSSL_NO_EC2M) {} else { +/** Sets the parameter of a ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b + * \param group EC_GROUP object + * \param p BIGNUM with the polynomial defining the underlying field + * \param a BIGNUM with parameter a of the equation + * \param b BIGNUM with parameter b of the equation + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_GROUP_set_curve_GF2m(EC_GROUP* group, const(BIGNUM)* p, const(BIGNUM)* a, const(BIGNUM)* b, BN_CTX* ctx); + +/** Gets the parameter of the ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b + * \param group EC_GROUP object + * \param p BIGNUM for the polynomial defining the underlying field + * \param a BIGNUM for parameter a of the equation + * \param b BIGNUM for parameter b of the equation + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_GROUP_get_curve_GF2m(const(EC_GROUP)* group, BIGNUM* p, BIGNUM* a, BIGNUM* b, BN_CTX* ctx); +} +/** Returns the number of bits needed to represent a field element + * \param group EC_GROUP object + * \return number of bits needed to represent a field element + */ +int EC_GROUP_get_degree(const(EC_GROUP)* group); + +/** Checks whether the parameter in the EC_GROUP define a valid ec group + * \param group EC_GROUP object + * \param ctx BN_CTX object (optional) + * \return 1 if group is a valid ec group and 0 otherwise + */ +int EC_GROUP_check(const(EC_GROUP)* group, BN_CTX* ctx); + +/** Checks whether the discriminant of the elliptic curve is zero or not + * \param group EC_GROUP object + * \param ctx BN_CTX object (optional) + * \return 1 if the discriminant is not zero and 0 otherwise + */ +int EC_GROUP_check_discriminant(const(EC_GROUP)* group, BN_CTX* ctx); + +/** Compares two EC_GROUP objects + * \param a first EC_GROUP object + * \param b second EC_GROUP object + * \param ctx BN_CTX object (optional) + * \return 0 if both groups are equal and 1 otherwise + */ +int EC_GROUP_cmp(const(EC_GROUP)* a, const(EC_GROUP)* b, BN_CTX* ctx); + +/* EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*() + * after choosing an appropriate EC_METHOD */ + +/** Creates a new EC_GROUP object with the specified parameters defined + * over GFp (defined by the equation y^2 = x^3 + a*x + b) + * \param p BIGNUM with the prime number + * \param a BIGNUM with the parameter a of the equation + * \param b BIGNUM with the parameter b of the equation + * \param ctx BN_CTX object (optional) + * \return newly created EC_GROUP object with the specified parameters + */ +EC_GROUP* EC_GROUP_new_curve_GFp(const(BIGNUM)* p, const(BIGNUM)* a, const(BIGNUM)* b, BN_CTX* ctx); +version(OPENSSL_NO_EC2M) {} else { +/** Creates a new EC_GROUP object with the specified parameters defined + * over GF2m (defined by the equation y^2 + x*y = x^3 + a*x^2 + b) + * \param p BIGNUM with the polynomial defining the underlying field + * \param a BIGNUM with the parameter a of the equation + * \param b BIGNUM with the parameter b of the equation + * \param ctx BN_CTX object (optional) + * \return newly created EC_GROUP object with the specified parameters + */ +EC_GROUP* EC_GROUP_new_curve_GF2m(const(BIGNUM)* p, const(BIGNUM)* a, const(BIGNUM)* b, BN_CTX* ctx); +} +/** Creates a EC_GROUP object with a curve specified by a NID + * \param nid NID of the OID of the curve name + * \return newly created EC_GROUP object with specified curve or NULL + * if an error occurred + */ +EC_GROUP* EC_GROUP_new_by_curve_name(int nid); + + +/********************************************************************/ +/* handling of internal curves */ +/********************************************************************/ + +struct EC_builtin_curve { + int nid; + const(char)* comment; + } + +/* EC_builtin_curves(EC_builtin_curve* r, size_t size) returns number + * of all available curves or zero if a error occurred. + * In case r ist not zero nitems EC_builtin_curve structures + * are filled with the data of the first nitems internal groups */ +size_t EC_get_builtin_curves(EC_builtin_curve* r, size_t nitems); + + +/********************************************************************/ +/* EC_POINT functions */ +/********************************************************************/ + +/** Creates a new EC_POINT object for the specified EC_GROUP + * \param group EC_GROUP the underlying EC_GROUP object + * \return newly created EC_POINT object or NULL if an error occurred + */ +EC_POINT* EC_POINT_new(const(EC_GROUP)* group); + +/** Frees a EC_POINT object + * \param point EC_POINT object to be freed + */ +void EC_POINT_free(EC_POINT* point); + +/** Clears and frees a EC_POINT object + * \param point EC_POINT object to be cleared and freed + */ +void EC_POINT_clear_free(EC_POINT* point); + +/** Copies EC_POINT object + * \param dst destination EC_POINT object + * \param src source EC_POINT object + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_copy(EC_POINT* dst, const(EC_POINT)* src); + +/** Creates a new EC_POINT object and copies the content of the supplied + * EC_POINT + * \param src source EC_POINT object + * \param group underlying the EC_GROUP object + * \return newly created EC_POINT object or NULL if an error occurred + */ +EC_POINT* EC_POINT_dup(const(EC_POINT)* src, const(EC_GROUP)* group); + +/** Returns the EC_METHOD used in EC_POINT object + * \param point EC_POINT object + * \return the EC_METHOD used + */ +const(EC_METHOD)* EC_POINT_method_of(const(EC_POINT)* point); + +/** Sets a point to infinity (neutral element) + * \param group underlying EC_GROUP object + * \param point EC_POINT to set to infinity + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_set_to_infinity(const(EC_GROUP)* group, EC_POINT* point); + +/** Sets the jacobian projective coordinates of a EC_POINT over GFp + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param x BIGNUM with the x-coordinate + * \param y BIGNUM with the y-coordinate + * \param z BIGNUM with the z-coordinate + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_set_Jprojective_coordinates_GFp(const(EC_GROUP)* group, EC_POINT* p, + const(BIGNUM)* x, const(BIGNUM)* y, const(BIGNUM)* z, BN_CTX* ctx); + +/** Gets the jacobian projective coordinates of a EC_POINT over GFp + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param x BIGNUM for the x-coordinate + * \param y BIGNUM for the y-coordinate + * \param z BIGNUM for the z-coordinate + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_get_Jprojective_coordinates_GFp(const(EC_GROUP)* group, + const(EC_POINT)* p, BIGNUM* x, BIGNUM* y, BIGNUM* z, BN_CTX* ctx); + +/** Sets the affine coordinates of a EC_POINT over GFp + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param x BIGNUM with the x-coordinate + * \param y BIGNUM with the y-coordinate + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_set_affine_coordinates_GFp(const(EC_GROUP)* group, EC_POINT* p, + const(BIGNUM)* x, const(BIGNUM)* y, BN_CTX* ctx); + +/** Gets the affine coordinates of a EC_POINT over GFp + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param x BIGNUM for the x-coordinate + * \param y BIGNUM for the y-coordinate + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_get_affine_coordinates_GFp(const(EC_GROUP)* group, + const(EC_POINT)* p, BIGNUM* x, BIGNUM* y, BN_CTX* ctx); + +/** Sets the x9.62 compressed coordinates of a EC_POINT over GFp + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param x BIGNUM with x-coordinate + * \param y_bit integer with the y-Bit (either 0 or 1) + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_set_compressed_coordinates_GFp(const(EC_GROUP)* group, EC_POINT* p, + const(BIGNUM)* x, int y_bit, BN_CTX* ctx); +version(OPENSSL_NO_EC2M) {} else { +/** Sets the affine coordinates of a EC_POINT over GF2m + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param x BIGNUM with the x-coordinate + * \param y BIGNUM with the y-coordinate + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_set_affine_coordinates_GF2m(const(EC_GROUP)* group, EC_POINT* p, + const(BIGNUM)* x, const(BIGNUM)* y, BN_CTX* ctx); + +/** Gets the affine coordinates of a EC_POINT over GF2m + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param x BIGNUM for the x-coordinate + * \param y BIGNUM for the y-coordinate + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_get_affine_coordinates_GF2m(const(EC_GROUP)* group, + const(EC_POINT)* p, BIGNUM* x, BIGNUM* y, BN_CTX* ctx); + +/** Sets the x9.62 compressed coordinates of a EC_POINT over GF2m + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param x BIGNUM with x-coordinate + * \param y_bit integer with the y-Bit (either 0 or 1) + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_set_compressed_coordinates_GF2m(const(EC_GROUP)* group, EC_POINT* p, + const(BIGNUM)* x, int y_bit, BN_CTX* ctx); +} +/** Encodes a EC_POINT object to a octet string + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param form point conversion form + * \param buf memory buffer for the result. If NULL the function returns + * required buffer size. + * \param len length of the memory buffer + * \param ctx BN_CTX object (optional) + * \return the length of the encoded octet string or 0 if an error occurred + */ +size_t EC_POINT_point2oct(const(EC_GROUP)* group, const(EC_POINT)* p, + point_conversion_form_t form, + ubyte* buf, size_t len, BN_CTX* ctx); + +/** Decodes a EC_POINT from a octet string + * \param group underlying EC_GROUP object + * \param p EC_POINT object + * \param buf memory buffer with the encoded ec point + * \param len length of the encoded ec point + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_oct2point(const(EC_GROUP)* group, EC_POINT* p, + const(ubyte)* buf, size_t len, BN_CTX* ctx); + +/* other interfaces to point2oct/oct2point: */ +BIGNUM* EC_POINT_point2bn(const(EC_GROUP)*, const(EC_POINT)*, + point_conversion_form_t form, BIGNUM*, BN_CTX*); +EC_POINT* EC_POINT_bn2point(const(EC_GROUP)*, const(BIGNUM)*, + EC_POINT*, BN_CTX*); +char* EC_POINT_point2hex(const(EC_GROUP)*, const(EC_POINT)*, + point_conversion_form_t form, BN_CTX*); +EC_POINT* EC_POINT_hex2point(const(EC_GROUP)*, const(char)*, + EC_POINT*, BN_CTX*); + + +/********************************************************************/ +/* functions for doing EC_POINT arithmetic */ +/********************************************************************/ + +/** Computes the sum of two EC_POINT + * \param group underlying EC_GROUP object + * \param r EC_POINT object for the result (r = a + b) + * \param a EC_POINT object with the first summand + * \param b EC_POINT object with the second summand + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_add(const(EC_GROUP)* group, EC_POINT* r, const(EC_POINT)* a, const(EC_POINT)* b, BN_CTX* ctx); + +/** Computes the double of a EC_POINT + * \param group underlying EC_GROUP object + * \param r EC_POINT object for the result (r = 2* a) + * \param a EC_POINT object + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_dbl(const(EC_GROUP)* group, EC_POINT* r, const(EC_POINT)* a, BN_CTX* ctx); + +/** Computes the inverse of a EC_POINT + * \param group underlying EC_GROUP object + * \param a EC_POINT object to be inverted (it's used for the result as well) + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_invert(const(EC_GROUP)* group, EC_POINT* a, BN_CTX* ctx); + +/** Checks whether the point is the neutral element of the group + * \param group the underlying EC_GROUP object + * \param p EC_POINT object + * \return 1 if the point is the neutral element and 0 otherwise + */ +int EC_POINT_is_at_infinity(const(EC_GROUP)* group, const(EC_POINT)* p); + +/** Checks whether the point is on the curve + * \param group underlying EC_GROUP object + * \param point EC_POINT object to check + * \param ctx BN_CTX object (optional) + * \return 1 if point if on the curve and 0 otherwise + */ +int EC_POINT_is_on_curve(const(EC_GROUP)* group, const(EC_POINT)* point, BN_CTX* ctx); + +/** Compares two EC_POINTs + * \param group underlying EC_GROUP object + * \param a first EC_POINT object + * \param b second EC_POINT object + * \param ctx BN_CTX object (optional) + * \return 0 if both points are equal and a value != 0 otherwise + */ +int EC_POINT_cmp(const(EC_GROUP)* group, const(EC_POINT)* a, const(EC_POINT)* b, BN_CTX* ctx); + +int EC_POINT_make_affine(const(EC_GROUP)* group, EC_POINT* point, BN_CTX* ctx); +int EC_POINTs_make_affine(const(EC_GROUP)* group, size_t num, EC_POINT*[] points, BN_CTX* ctx); + +/** Computes r = generator* n sum_{i=0}^num p[i] * m[i] + * \param group underlying EC_GROUP object + * \param r EC_POINT object for the result + * \param n BIGNUM with the multiplier for the group generator (optional) + * \param num number futher summands + * \param p array of size num of EC_POINT objects + * \param m array of size num of BIGNUM objects + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINTs_mul(const(EC_GROUP)* group, EC_POINT* r, const(BIGNUM)* n, size_t num, const(EC_POINT)*[] p, const(BIGNUM)*[] m, BN_CTX* ctx); + +/** Computes r = generator* n + q* m + * \param group underlying EC_GROUP object + * \param r EC_POINT object for the result + * \param n BIGNUM with the multiplier for the group generator (optional) + * \param q EC_POINT object with the first factor of the second summand + * \param m BIGNUM with the second factor of the second summand + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_POINT_mul(const(EC_GROUP)* group, EC_POINT* r, const(BIGNUM)* n, const(EC_POINT)* q, const(BIGNUM)* m, BN_CTX* ctx); + +/** Stores multiples of generator for faster point multiplication + * \param group EC_GROUP object + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occured + */ +int EC_GROUP_precompute_mult(EC_GROUP* group, BN_CTX* ctx); + +/** Reports whether a precomputation has been done + * \param group EC_GROUP object + * \return 1 if a pre-computation has been done and 0 otherwise + */ +int EC_GROUP_have_precompute_mult(const(EC_GROUP)* group); + + +/********************************************************************/ +/* ASN1 stuff */ +/********************************************************************/ + +/* EC_GROUP_get_basis_type() returns the NID of the basis type + * used to represent the field elements */ +int EC_GROUP_get_basis_type(const(EC_GROUP)*); +version(OPENSSL_NO_EC2M) {} else { +int EC_GROUP_get_trinomial_basis(const(EC_GROUP)*, uint* k); +int EC_GROUP_get_pentanomial_basis(const(EC_GROUP)*, uint* k1, + uint* k2, uint* k3); +} + +enum OPENSSL_EC_NAMED_CURVE = 0x001; + +struct ecpk_parameters_st; +alias ecpk_parameters_st ECPKPARAMETERS; + +EC_GROUP* d2i_ECPKParameters(EC_GROUP**, const(ubyte)** in_, c_long len); +int i2d_ECPKParameters(const(EC_GROUP)*, ubyte** out_); + +/+XXX +#define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x) +#define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x) +#define d2i_ECPKParameters_fp(fp,x) (EC_GROUP*)ASN1_d2i_fp(NULL, \ + (ExternC!(char* function()) )d2i_ECPKParameters,(fp),(ubyte**)(x)) +#define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \ + (ubyte*)(x)) ++/ + +version(OPENSSL_NO_BIO) {} else { +int ECPKParameters_print(BIO* bp, const(EC_GROUP)* x, int off); +} +version(OPENSSL_NO_FP_API) {} else { +int ECPKParameters_print_fp(FILE* fp, const(EC_GROUP)* x, int off); +} + + +/********************************************************************/ +/* EC_KEY functions */ +/********************************************************************/ + +/*struct ec_key_st;*/ +alias ec_key_st EC_KEY; + +/* some values for the encoding_flag */ +enum EC_PKEY_NO_PARAMETERS = 0x001; +enum EC_PKEY_NO_PUBKEY = 0x002; + +/* some values for the flags field */ +enum EC_FLAG_NON_FIPS_ALLOW = 0x1; +enum EC_FLAG_FIPS_CHECKED = 0x2; + +/** Creates a new EC_KEY object. + * \return EC_KEY object or NULL if an error occurred. + */ +EC_KEY* EC_KEY_new(); + +int EC_KEY_get_flags(const(EC_KEY)* key); + +void EC_KEY_set_flags(EC_KEY* key, int flags); + +void EC_KEY_clear_flags(EC_KEY* key, int flags); + +/** Creates a new EC_KEY object using a named curve as underlying + * EC_GROUP object. + * \param nid NID of the named curve. + * \return EC_KEY object or NULL if an error occurred. + */ +EC_KEY* EC_KEY_new_by_curve_name(int nid); + +/** Frees a EC_KEY object. + * \param key EC_KEY object to be freed. + */ +void EC_KEY_free(EC_KEY* key); + +/** Copies a EC_KEY object. + * \param dst destination EC_KEY object + * \param src src EC_KEY object + * \return dst or NULL if an error occurred. + */ +EC_KEY* EC_KEY_copy(EC_KEY* dst, const(EC_KEY)* src); + +/** Creates a new EC_KEY object and copies the content from src to it. + * \param src the source EC_KEY object + * \return newly created EC_KEY object or NULL if an error occurred. + */ +EC_KEY* EC_KEY_dup(const(EC_KEY)* src); + +/** Increases the internal reference count of a EC_KEY object. + * \param key EC_KEY object + * \return 1 on success and 0 if an error occurred. + */ +int EC_KEY_up_ref(EC_KEY* key); + +/** Returns the EC_GROUP object of a EC_KEY object + * \param key EC_KEY object + * \return the EC_GROUP object (possibly NULL). + */ +const(EC_GROUP)* EC_KEY_get0_group(const(EC_KEY)* key); + +/** Sets the EC_GROUP of a EC_KEY object. + * \param key EC_KEY object + * \param group EC_GROUP to use in the EC_KEY object (note: the EC_KEY + * object will use an own copy of the EC_GROUP). + * \return 1 on success and 0 if an error occurred. + */ +int EC_KEY_set_group(EC_KEY* key, const(EC_GROUP)* group); + +/** Returns the private key of a EC_KEY object. + * \param key EC_KEY object + * \return a BIGNUM with the private key (possibly NULL). + */ +const(BIGNUM)* EC_KEY_get0_private_key(const(EC_KEY)* key); + +/** Sets the private key of a EC_KEY object. + * \param key EC_KEY object + * \param prv BIGNUM with the private key (note: the EC_KEY object + * will use an own copy of the BIGNUM). + * \return 1 on success and 0 if an error occurred. + */ +int EC_KEY_set_private_key(EC_KEY* key, const(BIGNUM)* prv); + +/** Returns the public key of a EC_KEY object. + * \param key the EC_KEY object + * \return a EC_POINT object with the public key (possibly NULL) + */ +const(EC_POINT)* EC_KEY_get0_public_key(const(EC_KEY)* key); + +/** Sets the public key of a EC_KEY object. + * \param key EC_KEY object + * \param pub EC_POINT object with the public key (note: the EC_KEY object + * will use an own copy of the EC_POINT object). + * \return 1 on success and 0 if an error occurred. + */ +int EC_KEY_set_public_key(EC_KEY* key, const(EC_POINT)* pub); + +uint EC_KEY_get_enc_flags(const(EC_KEY)* key); +void EC_KEY_set_enc_flags(EC_KEY* eckey, uint); +point_conversion_form_t EC_KEY_get_conv_form(const(EC_KEY)* key); +void EC_KEY_set_conv_form(EC_KEY* eckey, point_conversion_form_t); +/* functions to set/get method specific data */ +void* EC_KEY_get_key_method_data(EC_KEY* eckey, + ExternC!(void* function(void*)) dup_func, ExternC!(void function(void*)) free_func, ExternC!(void function(void*)) clear_free_func); +/** Sets the key method data of an EC_KEY object, if none has yet been set. + * \param key EC_KEY object + * \param data opaque data to install. + * \param dup_func a function that duplicates |data|. + * \param free_func a function that frees |data|. + * \param clear_free_func a function that wipes and frees |data|. + * \return the previously set data pointer, or NULL if |data| was inserted. + */ +void *EC_KEY_insert_key_method_data(EC_KEY* key, void* data, + ExternC!(void* function(void*)) dup_func, ExternC!(void function(void*)) free_func, ExternC!(void function(void*)) clear_free_func); +/* wrapper functions for the underlying EC_GROUP object */ +void EC_KEY_set_asn1_flag(EC_KEY* eckey, int); + +/** Creates a table of pre-computed multiples of the generator to + * accelerate further EC_KEY operations. + * \param key EC_KEY object + * \param ctx BN_CTX object (optional) + * \return 1 on success and 0 if an error occurred. + */ +int EC_KEY_precompute_mult(EC_KEY* key, BN_CTX* ctx); + +/** Creates a new ec private (and optional a new public) key. + * \param key EC_KEY object + * \return 1 on success and 0 if an error occurred. + */ +int EC_KEY_generate_key(EC_KEY* key); + +/** Verifies that a private and/or public key is valid. + * \param key the EC_KEY object + * \return 1 on success and 0 otherwise. + */ +int EC_KEY_check_key(const(EC_KEY)* key); + + +/********************************************************************/ +/* de- and encoding functions for SEC1 ECPrivateKey */ +/********************************************************************/ + +/** Decodes a private key from a memory buffer. + * \param key a pointer to a EC_KEY object which should be used (or NULL) + * \param in pointer to memory with the DER encoded private key + * \param len length of the DER encoded private key + * \return the decoded private key or NULL if an error occurred. + */ +EC_KEY* d2i_ECPrivateKey(EC_KEY** key, const(ubyte)** in_, c_long len); + +/** Encodes a private key object and stores the result in a buffer. + * \param key the EC_KEY object to encode + * \param out the buffer for the result (if NULL the function returns number + * of bytes needed). + * \return 1 on success and 0 if an error occurred. + */ +int i2d_ECPrivateKey(EC_KEY* key, ubyte** out_); + + +/********************************************************************/ +/* de- and encoding functions for EC parameters */ +/********************************************************************/ + +/** Decodes ec parameter from a memory buffer. + * \param key a pointer to a EC_KEY object which should be used (or NULL) + * \param in pointer to memory with the DER encoded ec parameters + * \param len length of the DER encoded ec parameters + * \return a EC_KEY object with the decoded parameters or NULL if an error + * occurred. + */ +EC_KEY* d2i_ECParameters(EC_KEY** key, const(ubyte)** in_, c_long len); + +/** Encodes ec parameter and stores the result in a buffer. + * \param key the EC_KEY object with ec paramters to encode + * \param out the buffer for the result (if NULL the function returns number + * of bytes needed). + * \return 1 on success and 0 if an error occurred. + */ +int i2d_ECParameters(EC_KEY* key, ubyte** out_); + + +/********************************************************************/ +/* de- and encoding functions for EC public key */ +/* (octet string, not DER -- hence 'o2i' and 'i2o') */ +/********************************************************************/ + +/** Decodes a ec public key from a octet string. + * \param key a pointer to a EC_KEY object which should be used + * \param in memory buffer with the encoded public key + * \param len length of the encoded public key + * \return EC_KEY object with decoded public key or NULL if an error + * occurred. + */ +EC_KEY* o2i_ECPublicKey(EC_KEY** key, const(ubyte)** in_, c_long len); + +/** Encodes a ec public key in an octet string. + * \param key the EC_KEY object with the public key + * \param out the buffer for the result (if NULL the function returns number + * of bytes needed). + * \return 1 on success and 0 if an error occurred + */ +int i2o_ECPublicKey(EC_KEY* key, ubyte** out_); + +version(OPENSSL_NO_BIO) {} else { +/** Prints out the ec parameters on human readable form. + * \param bp BIO object to which the information is printed + * \param key EC_KEY object + * \return 1 on success and 0 if an error occurred + */ +int ECParameters_print(BIO* bp, const(EC_KEY)* key); + +/** Prints out the contents of a EC_KEY object + * \param bp BIO object to which the information is printed + * \param key EC_KEY object + * \param off line offset + * \return 1 on success and 0 if an error occurred + */ +int EC_KEY_print(BIO* bp, const(EC_KEY)* key, int off); + +} +version(OPENSSL_NO_FP_API) {} else { +/** Prints out the ec parameters on human readable form. + * \param fp file descriptor to which the information is printed + * \param key EC_KEY object + * \return 1 on success and 0 if an error occurred + */ +int ECParameters_print_fp(FILE* fp, const(EC_KEY)* key); + +/** Prints out the contents of a EC_KEY object + * \param fp file descriptor to which the information is printed + * \param key EC_KEY object + * \param off line offset + * \return 1 on success and 0 if an error occurred + */ +int EC_KEY_print_fp(FILE* fp, const(EC_KEY)* key, int off); + +} + +auto ECParameters_dup()(EC_KEY* x) {return ASN1_dup_of!EC_KEY(&i2d_ECParameters,&d2i_ECParameters,x); } + +//#ifndef __cplusplus +//#if defined(__SUNPRO_C) +//# if __SUNPRO_C >= 0x520 +//# pragma error_messages (default,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE) +//# endif +//# endif +//#endif + +auto EVP_PKEY_CTX_set_ec_paramgen_curve_nid()(EVP_PKEY_CTX* ctx, int nid) { + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_PARAMGEN, + EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, null); +} + +enum EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = (EVP_PKEY_ALG_CTRL + 1); + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_EC_strings(); + +/* Error codes for the EC functions. */ + +/* Function codes. */ +enum EC_F_BN_TO_FELEM = 224; +enum EC_F_COMPUTE_WNAF = 143; +enum EC_F_D2I_ECPARAMETERS = 144; +enum EC_F_D2I_ECPKPARAMETERS = 145; +enum EC_F_D2I_ECPRIVATEKEY = 146; +enum EC_F_DO_EC_KEY_PRINT = 221; +enum EC_F_ECKEY_PARAM2TYPE = 223; +enum EC_F_ECKEY_PARAM_DECODE = 212; +enum EC_F_ECKEY_PRIV_DECODE = 213; +enum EC_F_ECKEY_PRIV_ENCODE = 214; +enum EC_F_ECKEY_PUB_DECODE = 215; +enum EC_F_ECKEY_PUB_ENCODE = 216; +enum EC_F_ECKEY_TYPE2PARAM = 220; +enum EC_F_ECPARAMETERS_PRINT = 147; +enum EC_F_ECPARAMETERS_PRINT_FP = 148; +enum EC_F_ECPKPARAMETERS_PRINT = 149; +enum EC_F_ECPKPARAMETERS_PRINT_FP = 150; +enum EC_F_ECP_NIST_MOD_192 = 203; +enum EC_F_ECP_NIST_MOD_224 = 204; +enum EC_F_ECP_NIST_MOD_256 = 205; +enum EC_F_ECP_NIST_MOD_521 = 206; +enum EC_F_EC_ASN1_GROUP2CURVE = 153; +enum EC_F_EC_ASN1_GROUP2FIELDID = 154; +enum EC_F_EC_ASN1_GROUP2PARAMETERS = 155; +enum EC_F_EC_ASN1_GROUP2PKPARAMETERS = 156; +enum EC_F_EC_ASN1_PARAMETERS2GROUP = 157; +enum EC_F_EC_ASN1_PKPARAMETERS2GROUP = 158; +enum EC_F_EC_EX_DATA_SET_DATA = 211; +enum EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY = 208; +enum EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT = 159; +enum EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE = 195; +enum EC_F_EC_GF2M_SIMPLE_OCT2POINT = 160; +enum EC_F_EC_GF2M_SIMPLE_POINT2OCT = 161; +enum EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES = 162; +enum EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES = 163; +enum EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES = 164; +enum EC_F_EC_GFP_MONT_FIELD_DECODE = 133; +enum EC_F_EC_GFP_MONT_FIELD_ENCODE = 134; +enum EC_F_EC_GFP_MONT_FIELD_MUL = 131; +enum EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE = 209; +enum EC_F_EC_GFP_MONT_FIELD_SQR = 132; +enum EC_F_EC_GFP_MONT_GROUP_SET_CURVE = 189; +enum EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP = 135; +enum EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE = 225; +enum EC_F_EC_GFP_NISTP224_POINTS_MUL = 228; +enum EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES = 226; +enum EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE = 230; +enum EC_F_EC_GFP_NISTP256_POINTS_MUL = 231; +enum EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES = 232; +enum EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE = 233; +enum EC_F_EC_GFP_NISTP521_POINTS_MUL = 234; +enum EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES = 235; +enum EC_F_EC_GFP_NIST_FIELD_MUL = 200; +enum EC_F_EC_GFP_NIST_FIELD_SQR = 201; +enum EC_F_EC_GFP_NIST_GROUP_SET_CURVE = 202; +enum EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT = 165; +enum EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE = 166; +enum EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP = 100; +enum EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR = 101; +enum EC_F_EC_GFP_SIMPLE_MAKE_AFFINE = 102; +enum EC_F_EC_GFP_SIMPLE_OCT2POINT = 103; +enum EC_F_EC_GFP_SIMPLE_POINT2OCT = 104; +enum EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE = 137; +enum EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES = 167; +enum EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP = 105; +enum EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES = 168; +enum EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP = 128; +enum EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES = 169; +enum EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP = 129; +enum EC_F_EC_GROUP_CHECK = 170; +enum EC_F_EC_GROUP_CHECK_DISCRIMINANT = 171; +enum EC_F_EC_GROUP_COPY = 106; +enum EC_F_EC_GROUP_GET0_GENERATOR = 139; +enum EC_F_EC_GROUP_GET_COFACTOR = 140; +enum EC_F_EC_GROUP_GET_CURVE_GF2M = 172; +enum EC_F_EC_GROUP_GET_CURVE_GFP = 130; +enum EC_F_EC_GROUP_GET_DEGREE = 173; +enum EC_F_EC_GROUP_GET_ORDER = 141; +enum EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS = 193; +enum EC_F_EC_GROUP_GET_TRINOMIAL_BASIS = 194; +enum EC_F_EC_GROUP_NEW = 108; +enum EC_F_EC_GROUP_NEW_BY_CURVE_NAME = 174; +enum EC_F_EC_GROUP_NEW_FROM_DATA = 175; +enum EC_F_EC_GROUP_PRECOMPUTE_MULT = 142; +enum EC_F_EC_GROUP_SET_CURVE_GF2M = 176; +enum EC_F_EC_GROUP_SET_CURVE_GFP = 109; +enum EC_F_EC_GROUP_SET_EXTRA_DATA = 110; +enum EC_F_EC_GROUP_SET_GENERATOR = 111; +enum EC_F_EC_KEY_CHECK_KEY = 177; +enum EC_F_EC_KEY_COPY = 178; +enum EC_F_EC_KEY_GENERATE_KEY = 179; +enum EC_F_EC_KEY_NEW = 182; +enum EC_F_EC_KEY_PRINT = 180; +enum EC_F_EC_KEY_PRINT_FP = 181; +enum EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES = 229; +enum EC_F_EC_POINTS_MAKE_AFFINE = 136; +enum EC_F_EC_POINT_ADD = 112; +enum EC_F_EC_POINT_CMP = 113; +enum EC_F_EC_POINT_COPY = 114; +enum EC_F_EC_POINT_DBL = 115; +enum EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M = 183; +enum EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP = 116; +enum EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP = 117; +enum EC_F_EC_POINT_INVERT = 210; +enum EC_F_EC_POINT_IS_AT_INFINITY = 118; +enum EC_F_EC_POINT_IS_ON_CURVE = 119; +enum EC_F_EC_POINT_MAKE_AFFINE = 120; +enum EC_F_EC_POINT_MUL = 184; +enum EC_F_EC_POINT_NEW = 121; +enum EC_F_EC_POINT_OCT2POINT = 122; +enum EC_F_EC_POINT_POINT2OCT = 123; +enum EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M = 185; +enum EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP = 124; +enum EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M = 186; +enum EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP = 125; +enum EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP = 126; +enum EC_F_EC_POINT_SET_TO_INFINITY = 127; +enum EC_F_EC_PRE_COMP_DUP = 207; +enum EC_F_EC_PRE_COMP_NEW = 196; +enum EC_F_EC_WNAF_MUL = 187; +enum EC_F_EC_WNAF_PRECOMPUTE_MULT = 188; +enum EC_F_I2D_ECPARAMETERS = 190; +enum EC_F_I2D_ECPKPARAMETERS = 191; +enum EC_F_I2D_ECPRIVATEKEY = 192; +enum EC_F_I2O_ECPUBLICKEY = 151; +enum EC_F_NISTP224_PRE_COMP_NEW = 227; +enum EC_F_NISTP256_PRE_COMP_NEW = 236; +enum EC_F_NISTP521_PRE_COMP_NEW = 237; +enum EC_F_O2I_ECPUBLICKEY = 152; +enum EC_F_OLD_EC_PRIV_DECODE = 222; +enum EC_F_PKEY_EC_CTRL = 197; +enum EC_F_PKEY_EC_CTRL_STR = 198; +enum EC_F_PKEY_EC_DERIVE = 217; +enum EC_F_PKEY_EC_KEYGEN = 199; +enum EC_F_PKEY_EC_PARAMGEN = 219; +enum EC_F_PKEY_EC_SIGN = 218; + +/* Reason codes. */ +enum EC_R_ASN1_ERROR = 115; +enum EC_R_ASN1_UNKNOWN_FIELD = 116; +enum EC_R_BIGNUM_OUT_OF_RANGE = 144; +enum EC_R_BUFFER_TOO_SMALL = 100; +enum EC_R_COORDINATES_OUT_OF_RANGE = 146; +enum EC_R_D2I_ECPKPARAMETERS_FAILURE = 117; +enum EC_R_DECODE_ERROR = 142; +enum EC_R_DISCRIMINANT_IS_ZERO = 118; +enum EC_R_EC_GROUP_NEW_BY_NAME_FAILURE = 119; +enum EC_R_FIELD_TOO_LARGE = 143; +enum EC_R_GF2M_NOT_SUPPORTED = 147; +enum EC_R_GROUP2PKPARAMETERS_FAILURE = 120; +enum EC_R_I2D_ECPKPARAMETERS_FAILURE = 121; +enum EC_R_INCOMPATIBLE_OBJECTS = 101; +enum EC_R_INVALID_ARGUMENT = 112; +enum EC_R_INVALID_COMPRESSED_POINT = 110; +enum EC_R_INVALID_COMPRESSION_BIT = 109; +enum EC_R_INVALID_CURVE = 141; +enum EC_R_INVALID_DIGEST_TYPE = 138; +enum EC_R_INVALID_ENCODING = 102; +enum EC_R_INVALID_FIELD = 103; +enum EC_R_INVALID_FORM = 104; +enum EC_R_INVALID_GROUP_ORDER = 122; +enum EC_R_INVALID_PENTANOMIAL_BASIS = 132; +enum EC_R_INVALID_PRIVATE_KEY = 123; +enum EC_R_INVALID_TRINOMIAL_BASIS = 137; +enum EC_R_KEYS_NOT_SET = 140; +enum EC_R_MISSING_PARAMETERS = 124; +enum EC_R_MISSING_PRIVATE_KEY = 125; +enum EC_R_NOT_A_NIST_PRIME = 135; +enum EC_R_NOT_A_SUPPORTED_NIST_PRIME = 136; +enum EC_R_NOT_IMPLEMENTED = 126; +enum EC_R_NOT_INITIALIZED = 111; +enum EC_R_NO_FIELD_MOD = 133; +enum EC_R_NO_PARAMETERS_SET = 139; +enum EC_R_PASSED_NULL_PARAMETER = 134; +enum EC_R_PKPARAMETERS2GROUP_FAILURE = 127; +enum EC_R_POINT_AT_INFINITY = 106; +enum EC_R_POINT_IS_NOT_ON_CURVE = 107; +enum EC_R_SLOT_FULL = 108; +enum EC_R_UNDEFINED_GENERATOR = 113; +enum EC_R_UNDEFINED_ORDER = 128; +enum EC_R_UNKNOWN_GROUP = 129; +enum EC_R_UNKNOWN_ORDER = 114; +enum EC_R_UNSUPPORTED_FIELD = 131; +enum EC_R_WRONG_CURVE_PARAMETERS = 145; +enum EC_R_WRONG_ORDER = 130; diff --git a/deimos/openssl/ecdh.d b/deimos/openssl/ecdh.d new file mode 100644 index 0000000..2da8547 --- /dev/null +++ b/deimos/openssl/ecdh.d @@ -0,0 +1,120 @@ +/* crypto/ecdh/ecdh.h */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * The Elliptic Curve Public-Key Crypto Library (ECC Code) included + * herein is developed by SUN MICROSYSTEMS, INC., and is contributed + * to the OpenSSL project. + * + * The ECC Code is licensed pursuant to the OpenSSL open source + * license provided below. + * + * The ECDH software is originally written by Douglas Stebila of + * Sun Microsystems Laboratories. + * + */ +/* ==================================================================== + * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +module deimos.openssl.ecdh; + +import deimos.openssl._d_util; + +public import deimos.openssl.opensslconf; + +version (OPENSSL_NO_ECDH) { + static assert(false, "ECDH is disabled."); +} + +public import deimos.openssl.ec; +public import deimos.openssl.ossl_typ; +version(OPENSSL_NO_DEPRECATED) {} else { +public import deimos.openssl.bn; +} + +extern (C): +nothrow: + +const(ECDH_METHOD)* ECDH_OpenSSL(); + +void ECDH_set_default_method(const(ECDH_METHOD)*); +const(ECDH_METHOD)* ECDH_get_default_method(); +int ECDH_set_method(EC_KEY*, const(ECDH_METHOD)*); + +int ECDH_compute_key(void* out_, size_t outlen, const(EC_POINT)* pub_key, EC_KEY* ecdh, + ExternC!(void* function(const(void)* in_, size_t inlen, void* out_, size_t* outlen)) KDF); + +int ECDH_get_ex_new_index(c_long argl, void* argp, CRYPTO_EX_new + *new_func, CRYPTO_EX_dup* dup_func, CRYPTO_EX_free* free_func); +int ECDH_set_ex_data(EC_KEY* d, int idx, void* arg); +void* ECDH_get_ex_data(EC_KEY* d, int idx); + + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_ECDH_strings(); + +/* Error codes for the ECDH functions. */ + +/* Function codes. */ +enum ECDH_F_ECDH_CHECK = 102; +enum ECDH_F_ECDH_COMPUTE_KEY = 100; +enum ECDH_F_ECDH_DATA_NEW_METHOD = 101; + +/* Reason codes. */ +enum ECDH_R_KDF_FAILED = 102; +enum ECDH_R_NON_FIPS_METHOD = 103; +enum ECDH_R_NO_PRIVATE_VALUE = 100; +enum ECDH_R_POINT_ARITHMETIC_FAILURE = 101; diff --git a/deimos/openssl/ecdsa.d b/deimos/openssl/ecdsa.d new file mode 100644 index 0000000..e980e0e --- /dev/null +++ b/deimos/openssl/ecdsa.d @@ -0,0 +1,255 @@ +/* crypto/ecdsa/ecdsa.h */ +/** + * \file crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions + * \author Written by Nils Larsch for the OpenSSL project + */ +/* ==================================================================== + * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +module deimos.openssl.ecdsa; + +import deimos.openssl._d_util; + +public import deimos.openssl.opensslconf; + +version (OPENSSL_NO_ECDSA) { + static assert(false, "ECDSA is disabled."); +} + +public import deimos.openssl.ec; +public import deimos.openssl.ossl_typ; +version(OPENSSL_NO_DEPRECATED) {} else { +public import deimos.openssl.bn; +} + +extern (C): +nothrow: + +struct ECDSA_SIG_st { + BIGNUM* r; + BIGNUM* s; + } +alias ECDSA_SIG_st ECDSA_SIG; + +/** Allocates and initialize a ECDSA_SIG structure + * \return pointer to a ECDSA_SIG structure or NULL if an error occurred + */ +ECDSA_SIG* ECDSA_SIG_new(); + +/** frees a ECDSA_SIG structure + * \param sig pointer to the ECDSA_SIG structure + */ +void ECDSA_SIG_free(ECDSA_SIG* sig); + +/** DER encode content of ECDSA_SIG object (note: this function modifies* pp + * (*pp += length of the DER encoded signature)). + * \param sig pointer to the ECDSA_SIG object + * \param pp pointer to a ubyte pointer for the output or NULL + * \return the length of the DER encoded ECDSA_SIG object or 0 + */ +int i2d_ECDSA_SIG(const(ECDSA_SIG)* sig, ubyte** pp); + +/** Decodes a DER encoded ECDSA signature (note: this function changes* pp + * (*pp += len)). + * \param sig pointer to ECDSA_SIG pointer (may be NULL) + * \param pp memory buffer with the DER encoded signature + * \param len length of the buffer + * \return pointer to the decoded ECDSA_SIG structure (or NULL) + */ +ECDSA_SIG* d2i_ECDSA_SIG(ECDSA_SIG** sig, const(ubyte)** pp, c_long len); + +/** Computes the ECDSA signature of the given hash value using + * the supplied private key and returns the created signature. + * \param dgst pointer to the hash value + * \param dgst_len length of the hash value + * \param eckey EC_KEY object containing a private EC key + * \return pointer to a ECDSA_SIG structure or NULL if an error occurred + */ +ECDSA_SIG* ECDSA_do_sign(const(ubyte)* dgst,int dgst_len,EC_KEY* eckey); + +/** Computes ECDSA signature of a given hash value using the supplied + * private key (note: sig must point to ECDSA_size(eckey) bytes of memory). + * \param dgst pointer to the hash value to sign + * \param dgstlen length of the hash value + * \param kinv BIGNUM with a pre-computed inverse k (optional) + * \param rp BIGNUM with a pre-computed rp value (optioanl), + * see ECDSA_sign_setup + * \param eckey EC_KEY object containing a private EC key + * \return pointer to a ECDSA_SIG structure or NULL if an error occurred + */ +ECDSA_SIG* ECDSA_do_sign_ex(const(ubyte)* dgst, int dgstlen, + const(BIGNUM)* kinv, const(BIGNUM)* rp, EC_KEY* eckey); + +/** Verifies that the supplied signature is a valid ECDSA + * signature of the supplied hash value using the supplied public key. + * \param dgst pointer to the hash value + * \param dgst_len length of the hash value + * \param sig ECDSA_SIG structure + * \param eckey EC_KEY object containing a public EC key + * \return 1 if the signature is valid, 0 if the signature is invalid + * and -1 on error + */ +int ECDSA_do_verify(const(ubyte)* dgst, int dgst_len, + const(ECDSA_SIG)* sig, EC_KEY* eckey); + +const(ECDSA_METHOD)* ECDSA_OpenSSL(); + +/** Sets the default ECDSA method + * \param meth new default ECDSA_METHOD + */ +void ECDSA_set_default_method(const(ECDSA_METHOD)* meth); + +/** Returns the default ECDSA method + * \return pointer to ECDSA_METHOD structure containing the default method + */ +const(ECDSA_METHOD)* ECDSA_get_default_method(); + +/** Sets method to be used for the ECDSA operations + * \param eckey EC_KEY object + * \param meth new method + * \return 1 on success and 0 otherwise + */ +int ECDSA_set_method(EC_KEY* eckey, const(ECDSA_METHOD)* meth); + +/** Returns the maximum length of the DER encoded signature + * \param eckey EC_KEY object + * \return numbers of bytes required for the DER encoded signature + */ +int ECDSA_size(const(EC_KEY)* eckey); + +/** Precompute parts of the signing operation + * \param eckey EC_KEY object containing a private EC key + * \param ctx BN_CTX object (optional) + * \param kinv BIGNUM pointer for the inverse of k + * \param rp BIGNUM pointer for x coordinate of k* generator + * \return 1 on success and 0 otherwise + */ +int ECDSA_sign_setup(EC_KEY* eckey, BN_CTX* ctx, BIGNUM** kinv, + BIGNUM** rp); + +/** Computes ECDSA signature of a given hash value using the supplied + * private key (note: sig must point to ECDSA_size(eckey) bytes of memory). + * \param type this parameter is ignored + * \param dgst pointer to the hash value to sign + * \param dgstlen length of the hash value + * \param sig memory for the DER encoded created signature + * \param siglen pointer to the length of the returned signature + * \param eckey EC_KEY object containing a private EC key + * \return 1 on success and 0 otherwise + */ +int ECDSA_sign(int type, const(ubyte)* dgst, int dgstlen, + ubyte* sig, uint* siglen, EC_KEY* eckey); + + +/** Computes ECDSA signature of a given hash value using the supplied + * private key (note: sig must point to ECDSA_size(eckey) bytes of memory). + * \param type this parameter is ignored + * \param dgst pointer to the hash value to sign + * \param dgstlen length of the hash value + * \param sig buffer to hold the DER encoded signature + * \param siglen pointer to the length of the returned signature + * \param kinv BIGNUM with a pre-computed inverse k (optional) + * \param rp BIGNUM with a pre-computed rp value (optioanl), + * see ECDSA_sign_setup + * \param eckey EC_KEY object containing a private EC key + * \return 1 on success and 0 otherwise + */ +int ECDSA_sign_ex(int type, const(ubyte)* dgst, int dgstlen, + ubyte* sig, uint* siglen, const(BIGNUM)* kinv, + const(BIGNUM)* rp, EC_KEY* eckey); + +/** Verifies that the given signature is valid ECDSA signature + * of the supplied hash value using the specified public key. + * \param type this parameter is ignored + * \param dgst pointer to the hash value + * \param dgstlen length of the hash value + * \param sig pointer to the DER encoded signature + * \param siglen length of the DER encoded signature + * \param eckey EC_KEY object containing a public EC key + * \return 1 if the signature is valid, 0 if the signature is invalid + * and -1 on error + */ +int ECDSA_verify(int type, const(ubyte)* dgst, int dgstlen, + const(ubyte)* sig, int siglen, EC_KEY* eckey); + +/* the standard ex_data functions */ +int ECDSA_get_ex_new_index(c_long argl, void* argp, CRYPTO_EX_new + *new_func, CRYPTO_EX_dup* dup_func, CRYPTO_EX_free* free_func); +int ECDSA_set_ex_data(EC_KEY* d, int idx, void* arg); +void* ECDSA_get_ex_data(EC_KEY* d, int idx); + + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_ECDSA_strings(); + +/* Error codes for the ECDSA functions. */ + +/* Function codes. */ +enum ECDSA_F_ECDSA_CHECK = 104; +enum ECDSA_F_ECDSA_DATA_NEW_METHOD = 100; +enum ECDSA_F_ECDSA_DO_SIGN = 101; +enum ECDSA_F_ECDSA_DO_VERIFY = 102; +enum ECDSA_F_ECDSA_SIGN_SETUP = 103; + +/* Reason codes. */ +enum ECDSA_R_BAD_SIGNATURE = 100; +enum ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE = 101; +enum ECDSA_R_ERR_EC_LIB = 102; +enum ECDSA_R_MISSING_PARAMETERS = 103; +enum ECDSA_R_NEED_NEW_SETUP_VALUES = 106; +enum ECDSA_R_NON_FIPS_METHOD = 107; +enum ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED = 104; +enum ECDSA_R_SIGNATURE_MALLOC_FAILED = 105; diff --git a/deimos/openssl/engine.d b/deimos/openssl/engine.d new file mode 100644 index 0000000..f100dfe --- /dev/null +++ b/deimos/openssl/engine.d @@ -0,0 +1,850 @@ +/* openssl/engine.h */ +/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECDH support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ + +module deimos.openssl.engine; + +import deimos.openssl._d_util; + +public import deimos.openssl.opensslconf; + +version (OPENSSL_NO_ENGINE) { + static assert(false, "ENGINE is disabled."); +} + +version(OPENSSL_NO_DEPRECATED) {} else { +public import deimos.openssl.bn; +version(OPENSSL_NO_RSA) {} else { +public import deimos.openssl.rsa; +} +version(OPENSSL_NO_DSA) {} else { +public import deimos.openssl.dsa; +} +version(OPENSSL_NO_DH) {} else { +public import deimos.openssl.dh; +} +version(OPENSSL_NO_ECDH) {} else { +public import deimos.openssl.ecdh; +} +version(OPENSSL_NO_ECDSA) {} else { +public import deimos.openssl.ecdsa; +} +public import deimos.openssl.rand; +public import deimos.openssl.ui; +public import deimos.openssl.err; +} + +public import deimos.openssl.ossl_typ; +import deimos.openssl.ssl : SSL; +public import deimos.openssl.symhacks; + +public import deimos.openssl.x509; + +extern (C): +nothrow: + +/* These flags are used to control combinations of algorithm (methods) + * by bitwise "OR"ing. */ +enum ENGINE_METHOD_RSA = 0x0001; +enum ENGINE_METHOD_DSA = 0x0002; +enum ENGINE_METHOD_DH = 0x0004; +enum ENGINE_METHOD_RAND = 0x0008; +enum ENGINE_METHOD_ECDH = 0x0010; +enum ENGINE_METHOD_ECDSA = 0x0020; +enum ENGINE_METHOD_CIPHERS = 0x0040; +enum ENGINE_METHOD_DIGESTS = 0x0080; +enum ENGINE_METHOD_STORE = 0x0100; +enum ENGINE_METHOD_PKEY_METHS = 0x0200; +enum ENGINE_METHOD_PKEY_ASN1_METHS = 0x0400; +/* Obvious all-or-nothing cases. */ +enum ENGINE_METHOD_ALL = 0xFFFF; +enum ENGINE_METHOD_NONE = 0x0000; + +/* This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used + * internally to control registration of ENGINE implementations, and can be set + * by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to + * initialise registered ENGINEs if they are not already initialised. */ +enum ENGINE_TABLE_FLAG_NOINIT = 0x0001; + +/* ENGINE flags that can be set by ENGINE_set_flags(). */ +/* enum ENGINE_FLAGS_MALLOCED = 0x0001; */ /* Not used */ + +/* This flag is for ENGINEs that wish to handle the various 'CMD'-related + * control commands on their own. Without this flag, ENGINE_ctrl() handles these + * control commands on behalf of the ENGINE using their "cmd_defns" data. */ +enum ENGINE_FLAGS_MANUAL_CMD_CTRL = 0x0002; + +/* This flag is for ENGINEs who return new duplicate structures when found via + * "ENGINE_by_id()". When an ENGINE must store state (eg. if ENGINE_ctrl() + * commands are called in sequence as part of some stateful process like + * key-generation setup and execution), it can set this flag - then each attempt + * to obtain the ENGINE will result in it being copied into a new structure. + * Normally, ENGINEs don't declare this flag so ENGINE_by_id() just increments + * the existing ENGINE's structural reference count. */ +enum ENGINE_FLAGS_BY_ID_COPY = 0x0004; + +/* This flag if for an ENGINE that does not want its methods registered as + * part of ENGINE_register_all_complete() for example if the methods are + * not usable as default methods. + */ + +enum ENGINE_FLAGS_NO_REGISTER_ALL = 0x0008; + +/* ENGINEs can support their own command types, and these flags are used in + * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input each + * command expects. Currently only numeric and string input is supported. If a + * control command supports none of the _NUMERIC, _STRING, or _NO_INPUT options, + * then it is regarded as an "internal" control command - and not for use in + * config setting situations. As such, they're not available to the + * ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl() access. Changes to + * this list of 'command types' should be reflected carefully in + * ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string(). */ + +/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */ +enum ENGINE_CMD_FLAG_NUMERIC = 0x0001; +/* accepts string input (cast from 'void*' to 'const(char)* ', 4th parameter to + * ENGINE_ctrl) */ +enum ENGINE_CMD_FLAG_STRING = 0x0002; +/* Indicates that the control command takes* no* input. Ie. the control command + * is unparameterised. */ +enum ENGINE_CMD_FLAG_NO_INPUT = 0x0004; +/* Indicates that the control command is internal. This control command won't + * be shown in any output, and is only usable through the ENGINE_ctrl_cmd() + * function. */ +enum ENGINE_CMD_FLAG_INTERNAL = 0x0008; + +/* NB: These 3 control commands are deprecated and should not be used. ENGINEs + * relying on these commands should compile conditional support for + * compatibility (eg. if these symbols are defined) but should also migrate the + * same functionality to their own ENGINE-specific control functions that can be + * "discovered" by calling applications. The fact these control commands + * wouldn't be "executable" (ie. usable by text-based config) doesn't change the + * fact that application code can find and use them without requiring per-ENGINE + * hacking. */ + +/* These flags are used to tell the ctrl function what should be done. + * All command numbers are shared between all engines, even if some don't + * make sense to some engines. In such a case, they do nothing but return + * the error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. */ +enum ENGINE_CTRL_SET_LOGSTREAM = 1; +enum ENGINE_CTRL_SET_PASSWORD_CALLBACK = 2; +enum ENGINE_CTRL_HUP = 3; /* Close and reinitialise any + handles/connections etc. */ +enum ENGINE_CTRL_SET_USER_INTERFACE = 4; /* Alternative to callback */ +enum ENGINE_CTRL_SET_CALLBACK_DATA = 5; /* User-specific data, used + when calling the password + callback and the user + interface */ +enum ENGINE_CTRL_LOAD_CONFIGURATION = 6; /* Load a configuration, given + a string that represents a + file name or so */ +enum ENGINE_CTRL_LOAD_SECTION = 7; /* Load data from a given + section in the already loaded + configuration */ + +/* These control commands allow an application to deal with an arbitrary engine + * in a dynamic way. Warn: Negative return values indicate errors FOR THESE + * COMMANDS because zero is used to indicate 'end-of-list'. Other commands, + * including ENGINE-specific command types, return zero for an error. + * + * An ENGINE can choose to implement these ctrl functions, and can internally + * manage things however it chooses - it does so by setting the + * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise the + * ENGINE_ctrl() code handles this on the ENGINE's behalf using the cmd_defns + * data (set using ENGINE_set_cmd_defns()). This means an ENGINE's ctrl() + * handler need only implement its own commands - the above "meta" commands will + * be taken care of. */ + +/* Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not", then + * all the remaining control commands will return failure, so it is worth + * checking this first if the caller is trying to "discover" the engine's + * capabilities and doesn't want errors generated unnecessarily. */ +enum ENGINE_CTRL_HAS_CTRL_FUNCTION = 10; +/* Returns a positive command number for the first command supported by the + * engine. Returns zero if no ctrl commands are supported. */ +enum ENGINE_CTRL_GET_FIRST_CMD_TYPE = 11; +/* The 'long' argument specifies a command implemented by the engine, and the + * return value is the next command supported, or zero if there are no more. */ +enum ENGINE_CTRL_GET_NEXT_CMD_TYPE = 12; +/* The 'void*' argument is a command name (cast from 'const(char)* '), and the + * return value is the command that corresponds to it. */ +enum ENGINE_CTRL_GET_CMD_FROM_NAME = 13; +/* The next two allow a command to be converted into its corresponding string + * form. In each case, the 'long' argument supplies the command. In the NAME_LEN + * case, the return value is the length of the command name (not counting a + * trailing EOL). In the NAME case, the 'void*' argument must be a string buffer + * large enough, and it will be populated with the name of the command (WITH a + * trailing EOL). */ +enum ENGINE_CTRL_GET_NAME_LEN_FROM_CMD = 14; +enum ENGINE_CTRL_GET_NAME_FROM_CMD = 15; +/* The next two are similar but give a "short description" of a command. */ +enum ENGINE_CTRL_GET_DESC_LEN_FROM_CMD = 16; +enum ENGINE_CTRL_GET_DESC_FROM_CMD = 17; +/* With this command, the return value is the OR'd combination of + * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given + * engine-specific ctrl command expects. */ +enum ENGINE_CTRL_GET_CMD_FLAGS = 18; + +/* ENGINE implementations should start the numbering of their own control + * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). */ +enum ENGINE_CMD_BASE = 200; + +/* NB: These 2 nCipher "chil" control commands are deprecated, and their + * functionality is now available through ENGINE-specific control commands + * (exposed through the above-mentioned 'CMD'-handling). Code using these 2 + * commands should be migrated to the more general command handling before these + * are removed. */ + +/* Flags specific to the nCipher "chil" engine */ +enum ENGINE_CTRL_CHIL_SET_FORKCHECK = 100; + /* Depending on the value of the (c_long)i argument, this sets or + * unsets the SimpleForkCheck flag in the CHIL API to enable or + * disable checking and workarounds for applications that fork(). + */ +enum ENGINE_CTRL_CHIL_NO_LOCKING = 101; + /* This prevents the initialisation function from providing mutex + * callbacks to the nCipher library. */ + +/* If an ENGINE supports its own specific control commands and wishes the + * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on its + * behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN entries + * to ENGINE_set_cmd_defns(). It should also implement a ctrl() handler that + * supports the stated commands (ie. the "cmd_num" entries as described by the + * array). NB: The array must be ordered in increasing order of cmd_num. + * "null-terminated" means that the last ENGINE_CMD_DEFN element has cmd_num set + * to zero and/or cmd_name set to NULL. */ +struct ENGINE_CMD_DEFN_st { + uint cmd_num; /* The command number */ + const(char)* cmd_name; /* The command name itself */ + const(char)* cmd_desc; /* A short description of the command */ + uint cmd_flags; /* The input the command expects */ + } +alias ENGINE_CMD_DEFN_st ENGINE_CMD_DEFN; + +/* Generic function pointer */ +alias ExternC!(int function()) ENGINE_GEN_FUNC_PTR; +/* Generic function pointer taking no arguments */ +alias ExternC!(int function(ENGINE*)) ENGINE_GEN_INT_FUNC_PTR; +/* Specific control function pointer */ +alias ExternC!(int function(ENGINE*, int, c_long, void*, ExternC!(void function()) f)) ENGINE_CTRL_FUNC_PTR; +/* Generic load_key function pointer */ +alias ExternC!(EVP_PKEY*function(ENGINE*, const(char)*, + UI_METHOD* ui_method, void* callback_data)) ENGINE_LOAD_KEY_PTR; +alias ExternC!(int function(ENGINE*, SSL* ssl, + STACK_OF!(X509_NAME) *ca_dn, X509** pcert, EVP_PKEY** pkey, + STACK_OF!(X509) **pother, UI_METHOD* ui_method, void* callback_data)) ENGINE_SSL_CLIENT_CERT_PTR; +/* These callback types are for an ENGINE's handler for cipher and digest logic. + * These handlers have these prototypes; + * int foo(ENGINE* e, const(EVP_CIPHER)** cipher, const(int)** nids, int nid); + * int foo(ENGINE* e, const(EVP_MD)** digest, const(int)** nids, int nid); + * Looking at how to implement these handlers in the case of cipher support, if + * the framework wants the EVP_CIPHER for 'nid', it will call; + * foo(e, &p_evp_cipher, NULL, nid); (return zero for failure) + * If the framework wants a list of supported 'nid's, it will call; + * foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error) + */ +/* Returns to a pointer to the array of supported cipher 'nid's. If the second + * parameter is non-NULL it is set to the size of the returned array. */ +alias ExternC!(int function(ENGINE*, const(EVP_CIPHER)**, const(int)**, int)) ENGINE_CIPHERS_PTR; +alias ExternC!(int function(ENGINE*, const(EVP_MD)**, const(int)**, int)) ENGINE_DIGESTS_PTR; +alias ExternC!(int function(ENGINE*, EVP_PKEY_METHOD**, const(int)**, int)) ENGINE_PKEY_METHS_PTR; +alias ExternC!(int function(ENGINE*, EVP_PKEY_ASN1_METHOD**, const(int)**, int)) ENGINE_PKEY_ASN1_METHS_PTR; +/* STRUCTURE functions ... all of these functions deal with pointers to ENGINE + * structures where the pointers have a "structural reference". This means that + * their reference is to allowed access to the structure but it does not imply + * that the structure is functional. To simply increment or decrement the + * structural reference count, use ENGINE_by_id and ENGINE_free. NB: This is not + * required when iterating using ENGINE_get_next as it will automatically + * decrement the structural reference count of the "current" ENGINE and + * increment the structural reference count of the ENGINE it returns (unless it + * is NULL). */ + +/* Get the first/last "ENGINE" type available. */ +ENGINE* ENGINE_get_first(); +ENGINE* ENGINE_get_last(); +/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */ +ENGINE* ENGINE_get_next(ENGINE* e); +ENGINE* ENGINE_get_prev(ENGINE* e); +/* Add another "ENGINE" type into the array. */ +int ENGINE_add(ENGINE* e); +/* Remove an existing "ENGINE" type from the array. */ +int ENGINE_remove(ENGINE* e); +/* Retrieve an engine from the list by its unique "id" value. */ +ENGINE* ENGINE_by_id(const(char)* id); +/* Add all the built-in engines. */ +void ENGINE_load_openssl(); +void ENGINE_load_dynamic(); +version(OPENSSL_NO_STATIC_ENGINE) {} else { +void ENGINE_load_4758cca(); +void ENGINE_load_aep(); +void ENGINE_load_atalla(); +void ENGINE_load_chil(); +void ENGINE_load_cswift(); +void ENGINE_load_nuron(); +void ENGINE_load_sureware(); +void ENGINE_load_ubsec(); +void ENGINE_load_padlock(); +void ENGINE_load_capi(); +version(OPENSSL_NO_GMP) {} else { +void ENGINE_load_gmp(); +} +version(OPENSSL_NO_GOST) {} else { +void ENGINE_load_gost(); +} +} +void ENGINE_load_cryptodev(); +void ENGINE_load_rsax(); +void ENGINE_load_rdrand(); +void ENGINE_load_builtin_engines(); + +/* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation + * "registry" handling. */ +uint ENGINE_get_table_flags(); +void ENGINE_set_table_flags(uint flags); + +/* Manage registration of ENGINEs per "table". For each type, there are 3 + * functions; + * ENGINE_register_***(e) - registers the implementation from 'e' (if it has one) + * ENGINE_unregister_***(e) - unregister the implementation from 'e' + * ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list + * Cleanup is automatically registered from each table when required, so + * ENGINE_cleanup() will reverse any "register" operations. */ + +int ENGINE_register_RSA(ENGINE* e); +void ENGINE_unregister_RSA(ENGINE* e); +void ENGINE_register_all_RSA(); + +int ENGINE_register_DSA(ENGINE* e); +void ENGINE_unregister_DSA(ENGINE* e); +void ENGINE_register_all_DSA(); + +int ENGINE_register_ECDH(ENGINE* e); +void ENGINE_unregister_ECDH(ENGINE* e); +void ENGINE_register_all_ECDH(); + +int ENGINE_register_ECDSA(ENGINE* e); +void ENGINE_unregister_ECDSA(ENGINE* e); +void ENGINE_register_all_ECDSA(); + +int ENGINE_register_DH(ENGINE* e); +void ENGINE_unregister_DH(ENGINE* e); +void ENGINE_register_all_DH(); + +int ENGINE_register_RAND(ENGINE* e); +void ENGINE_unregister_RAND(ENGINE* e); +void ENGINE_register_all_RAND(); + +int ENGINE_register_STORE(ENGINE* e); +void ENGINE_unregister_STORE(ENGINE* e); +void ENGINE_register_all_STORE(); + +int ENGINE_register_ciphers(ENGINE* e); +void ENGINE_unregister_ciphers(ENGINE* e); +void ENGINE_register_all_ciphers(); + +int ENGINE_register_digests(ENGINE* e); +void ENGINE_unregister_digests(ENGINE* e); +void ENGINE_register_all_digests(); + +int ENGINE_register_pkey_meths(ENGINE* e); +void ENGINE_unregister_pkey_meths(ENGINE* e); +void ENGINE_register_all_pkey_meths(); + +int ENGINE_register_pkey_asn1_meths(ENGINE* e); +void ENGINE_unregister_pkey_asn1_meths(ENGINE* e); +void ENGINE_register_all_pkey_asn1_meths(); + +/* These functions register all support from the above categories. Note, use of + * these functions can result in static linkage of code your application may not + * need. If you only need a subset of functionality, consider using more + * selective initialisation. */ +int ENGINE_register_complete(ENGINE* e); +int ENGINE_register_all_complete(); + +/* Send parametrised control commands to the engine. The possibilities to send + * down an integer, a pointer to data or a function pointer are provided. Any of + * the parameters may or may not be NULL, depending on the command number. In + * actuality, this function only requires a structural (rather than functional) + * reference to an engine, but many control commands may require the engine be + * functional. The caller should be aware of trying commands that require an + * operational ENGINE, and only use functional references in such situations. */ +int ENGINE_ctrl(ENGINE* e, int cmd, c_long i, void* p, ExternC!(void function()) f); + +/* This function tests if an ENGINE-specific command is usable as a "setting". + * Eg. in an application's config file that gets processed through + * ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to + * ENGINE_ctrl_cmd_string(), only ENGINE_ctrl(). */ +int ENGINE_cmd_is_executable(ENGINE* e, int cmd); + +/* This function works like ENGINE_ctrl() with the exception of taking a + * command name instead of a command number, and can handle optional commands. + * See the comment on ENGINE_ctrl_cmd_string() for an explanation on how to + * use the cmd_name and cmd_optional. */ +int ENGINE_ctrl_cmd(ENGINE* e, const(char)* cmd_name, + c_long i, void* p, ExternC!(void function()) f, int cmd_optional); + +/* This function passes a command-name and argument to an ENGINE. The cmd_name + * is converted to a command number and the control command is called using + * 'arg' as an argument (unless the ENGINE doesn't support such a command, in + * which case no control command is called). The command is checked for input + * flags, and if necessary the argument will be converted to a numeric value. If + * cmd_optional is non-zero, then if the ENGINE doesn't support the given + * cmd_name the return value will be success anyway. This function is intended + * for applications to use so that users (or config files) can supply + * engine-specific config data to the ENGINE at run-time to control behaviour of + * specific engines. As such, it shouldn't be used for calling ENGINE_ctrl() + * functions that return data, deal with binary data, or that are otherwise + * supposed to be used directly through ENGINE_ctrl() in application code. Any + * "return" data from an ENGINE_ctrl() operation in this function will be lost - + * the return value is interpreted as failure if the return value is zero, + * success otherwise, and this function returns a boolean value as a result. In + * other words, vendors of 'ENGINE'-enabled devices should write ENGINE + * implementations with parameterisations that work in this scheme, so that + * compliant ENGINE-based applications can work consistently with the same + * configuration for the same ENGINE-enabled devices, across applications. */ +int ENGINE_ctrl_cmd_string(ENGINE* e, const(char)* cmd_name, const(char)* arg, + int cmd_optional); + +/* These functions are useful for manufacturing new ENGINE structures. They + * don't address reference counting at all - one uses them to populate an ENGINE + * structure with personalised implementations of things prior to using it + * directly or adding it to the builtin ENGINE list in OpenSSL. These are also + * here so that the ENGINE structure doesn't have to be exposed and break binary + * compatibility! */ +ENGINE* ENGINE_new(); +int ENGINE_free(ENGINE* e); +int ENGINE_up_ref(ENGINE* e); +int ENGINE_set_id(ENGINE* e, const(char)* id); +int ENGINE_set_name(ENGINE* e, const(char)* name); +int ENGINE_set_RSA(ENGINE* e, const(RSA_METHOD)* rsa_meth); +int ENGINE_set_DSA(ENGINE* e, const(DSA_METHOD)* dsa_meth); +int ENGINE_set_ECDH(ENGINE* e, const(ECDH_METHOD)* ecdh_meth); +int ENGINE_set_ECDSA(ENGINE* e, const(ECDSA_METHOD)* ecdsa_meth); +int ENGINE_set_DH(ENGINE* e, const(DH_METHOD)* dh_meth); +int ENGINE_set_RAND(ENGINE* e, const(RAND_METHOD)* rand_meth); +int ENGINE_set_STORE(ENGINE* e, const(STORE_METHOD)* store_meth); +int ENGINE_set_destroy_function(ENGINE* e, ENGINE_GEN_INT_FUNC_PTR destroy_f); +int ENGINE_set_init_function(ENGINE* e, ENGINE_GEN_INT_FUNC_PTR init_f); +int ENGINE_set_finish_function(ENGINE* e, ENGINE_GEN_INT_FUNC_PTR finish_f); +int ENGINE_set_ctrl_function(ENGINE* e, ENGINE_CTRL_FUNC_PTR ctrl_f); +int ENGINE_set_load_privkey_function(ENGINE* e, ENGINE_LOAD_KEY_PTR loadpriv_f); +int ENGINE_set_load_pubkey_function(ENGINE* e, ENGINE_LOAD_KEY_PTR loadpub_f); +int ENGINE_set_load_ssl_client_cert_function(ENGINE* e, + ENGINE_SSL_CLIENT_CERT_PTR loadssl_f); +int ENGINE_set_ciphers(ENGINE* e, ENGINE_CIPHERS_PTR f); +int ENGINE_set_digests(ENGINE* e, ENGINE_DIGESTS_PTR f); +int ENGINE_set_pkey_meths(ENGINE* e, ENGINE_PKEY_METHS_PTR f); +int ENGINE_set_pkey_asn1_meths(ENGINE* e, ENGINE_PKEY_ASN1_METHS_PTR f); +int ENGINE_set_flags(ENGINE* e, int flags); +int ENGINE_set_cmd_defns(ENGINE* e, const(ENGINE_CMD_DEFN)* defns); +/* These functions allow control over any per-structure ENGINE data. */ +int ENGINE_get_ex_new_index(c_long argl, void* argp, CRYPTO_EX_new* new_func, + CRYPTO_EX_dup* dup_func, CRYPTO_EX_free* free_func); +int ENGINE_set_ex_data(ENGINE* e, int idx, void* arg); +void* ENGINE_get_ex_data(const(ENGINE)* e, int idx); + +/* This function cleans up anything that needs it. Eg. the ENGINE_add() function + * automatically ensures the list cleanup function is registered to be called + * from ENGINE_cleanup(). Similarly, all ENGINE_register_*** functions ensure + * ENGINE_cleanup() will clean up after them. */ +void ENGINE_cleanup(); + +/* These return values from within the ENGINE structure. These can be useful + * with functional references as well as structural references - it depends + * which you obtained. Using the result for functional purposes if you only + * obtained a structural reference may be problematic! */ +const(char)* ENGINE_get_id(const(ENGINE)* e); +const(char)* ENGINE_get_name(const(ENGINE)* e); +const(RSA_METHOD)* ENGINE_get_RSA(const(ENGINE)* e); +const(DSA_METHOD)* ENGINE_get_DSA(const(ENGINE)* e); +const(ECDH_METHOD)* ENGINE_get_ECDH(const(ENGINE)* e); +const(ECDSA_METHOD)* ENGINE_get_ECDSA(const(ENGINE)* e); +const(DH_METHOD)* ENGINE_get_DH(const(ENGINE)* e); +const(RAND_METHOD)* ENGINE_get_RAND(const(ENGINE)* e); +const(STORE_METHOD)* ENGINE_get_STORE(const(ENGINE)* e); +ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const(ENGINE)* e); +ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const(ENGINE)* e); +ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const(ENGINE)* e); +ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const(ENGINE)* e); +ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const(ENGINE)* e); +ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const(ENGINE)* e); +ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const(ENGINE)* e); +ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const(ENGINE)* e); +ENGINE_DIGESTS_PTR ENGINE_get_digests(const(ENGINE)* e); +ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const(ENGINE)* e); +ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const(ENGINE)* e); +const(EVP_CIPHER)* ENGINE_get_cipher(ENGINE* e, int nid); +const(EVP_MD)* ENGINE_get_digest(ENGINE* e, int nid); +const(EVP_PKEY_METHOD)* ENGINE_get_pkey_meth(ENGINE* e, int nid); +const(EVP_PKEY_ASN1_METHOD)* ENGINE_get_pkey_asn1_meth(ENGINE* e, int nid); +const(EVP_PKEY_ASN1_METHOD)* ENGINE_get_pkey_asn1_meth_str(ENGINE* e, + const(char)* str, int len); +const(EVP_PKEY_ASN1_METHOD)* ENGINE_pkey_asn1_find_str(ENGINE** pe, + const(char)* str, int len); +const(ENGINE_CMD_DEFN)* ENGINE_get_cmd_defns(const(ENGINE)* e); +int ENGINE_get_flags(const(ENGINE)* e); + +/* FUNCTIONAL functions. These functions deal with ENGINE structures + * that have (or will) be initialised for use. Broadly speaking, the + * structural functions are useful for iterating the list of available + * engine types, creating new engine types, and other "list" operations. + * These functions actually deal with ENGINEs that are to be used. As + * such these functions can fail (if applicable) when particular + * engines are unavailable - eg. if a hardware accelerator is not + * attached or not functioning correctly. Each ENGINE has 2 reference + * counts; structural and functional. Every time a functional reference + * is obtained or released, a corresponding structural reference is + * automatically obtained or released too. */ + +/* Initialise a engine type for use (or up its reference count if it's + * already in use). This will fail if the engine is not currently + * operational and cannot initialise. */ +int ENGINE_init(ENGINE* e); +/* Free a functional reference to a engine type. This does not require + * a corresponding call to ENGINE_free as it also releases a structural + * reference. */ +int ENGINE_finish(ENGINE* e); + +/* The following functions handle keys that are stored in some secondary + * location, handled by the engine. The storage may be on a card or + * whatever. */ +EVP_PKEY* ENGINE_load_private_key(ENGINE* e, const(char)* key_id, + UI_METHOD* ui_method, void* callback_data); +EVP_PKEY* ENGINE_load_public_key(ENGINE* e, const(char)* key_id, + UI_METHOD* ui_method, void* callback_data); +int ENGINE_load_ssl_client_cert(ENGINE* e, SSL* s, + STACK_OF!(X509_NAME) *ca_dn, X509** pcert, EVP_PKEY** ppkey, + STACK_OF!(X509) **pother, + UI_METHOD* ui_method, void* callback_data); + +/* This returns a pointer for the current ENGINE structure that + * is (by default) performing any RSA operations. The value returned + * is an incremented reference, so it should be free'd (ENGINE_finish) + * before it is discarded. */ +ENGINE* ENGINE_get_default_RSA(); +/* Same for the other "methods" */ +ENGINE* ENGINE_get_default_DSA(); +ENGINE* ENGINE_get_default_ECDH(); +ENGINE* ENGINE_get_default_ECDSA(); +ENGINE* ENGINE_get_default_DH(); +ENGINE* ENGINE_get_default_RAND(); +/* These functions can be used to get a functional reference to perform + * ciphering or digesting corresponding to "nid". */ +ENGINE* ENGINE_get_cipher_engine(int nid); +ENGINE* ENGINE_get_digest_engine(int nid); +ENGINE* ENGINE_get_pkey_meth_engine(int nid); +ENGINE* ENGINE_get_pkey_asn1_meth_engine(int nid); + +/* This sets a new default ENGINE structure for performing RSA + * operations. If the result is non-zero (success) then the ENGINE + * structure will have had its reference count up'd so the caller + * should still free their own reference 'e'. */ +int ENGINE_set_default_RSA(ENGINE* e); +int ENGINE_set_default_string(ENGINE* e, const(char)* def_list); +/* Same for the other "methods" */ +int ENGINE_set_default_DSA(ENGINE* e); +int ENGINE_set_default_ECDH(ENGINE* e); +int ENGINE_set_default_ECDSA(ENGINE* e); +int ENGINE_set_default_DH(ENGINE* e); +int ENGINE_set_default_RAND(ENGINE* e); +int ENGINE_set_default_ciphers(ENGINE* e); +int ENGINE_set_default_digests(ENGINE* e); +int ENGINE_set_default_pkey_meths(ENGINE* e); +int ENGINE_set_default_pkey_asn1_meths(ENGINE* e); + +/* The combination "set" - the flags are bitwise "OR"d from the + * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()" + * function, this function can result in unnecessary static linkage. If your + * application requires only specific functionality, consider using more + * selective functions. */ +int ENGINE_set_default(ENGINE* e, uint flags); + +void ENGINE_add_conf_module(); + +/* Deprecated functions ... */ +/* int ENGINE_clear_defaults(); */ + +/**************************/ +/* DYNAMIC ENGINE SUPPORT */ +/**************************/ + +/* Binary/behaviour compatibility levels */ +enum OSSL_DYNAMIC_VERSION = 0x00020000; +/* Binary versions older than this are too old for us (whether we're a loader or + * a loadee) */ +enum OSSL_DYNAMIC_OLDEST = 0x00020000; + +/* When compiling an ENGINE entirely as an external shared library, loadable by + * the "dynamic" ENGINE, these types are needed. The 'dynamic_fns' structure + * type provides the calling application's (or library's) error functionality + * and memory management function pointers to the loaded library. These should + * be used/set in the loaded library code so that the loading application's + * 'state' will be used/changed in all operations. The 'static_state' pointer + * allows the loaded library to know if it shares the same static data as the + * calling application (or library), and thus whether these callbacks need to be + * set or not. */ +alias ExternC!(void*function(size_t)) dyn_MEM_malloc_cb; +alias ExternC!(void*function(void*, size_t)) dyn_MEM_realloc_cb; +alias ExternC!(void function(void*)) dyn_MEM_free_cb; +struct st_dynamic_MEM_fns { + dyn_MEM_malloc_cb malloc_cb; + dyn_MEM_realloc_cb realloc_cb; + dyn_MEM_free_cb free_cb; + } +alias st_dynamic_MEM_fns dynamic_MEM_fns; +/* FIXME: Perhaps the memory and locking code (crypto.h) should declare and use + * these types so we (and any other dependant code) can simplify a bit?? */ +alias ExternC!(void function(int,int,const(char)*,int)) dyn_lock_locking_cb; +alias ExternC!(int function(int*,int,int,const(char)*,int)) dyn_lock_add_lock_cb; +alias ExternC!(CRYPTO_dynlock_value*function( + const(char)*,int)) dyn_dynlock_create_cb; +alias ExternC!(void function(int,CRYPTO_dynlock_value*, + const(char)*,int)) dyn_dynlock_lock_cb; +alias ExternC!(void function(CRYPTO_dynlock_value*, + const(char)*,int)) dyn_dynlock_destroy_cb; +struct st_dynamic_LOCK_fns { + dyn_lock_locking_cb lock_locking_cb; + dyn_lock_add_lock_cb lock_add_lock_cb; + dyn_dynlock_create_cb dynlock_create_cb; + dyn_dynlock_lock_cb dynlock_lock_cb; + dyn_dynlock_destroy_cb dynlock_destroy_cb; + } +alias st_dynamic_LOCK_fns dynamic_LOCK_fns; +/* The top-level structure */ +struct st_dynamic_fns { + void* static_state; + const(ERR_FNS)* err_fns; + const(CRYPTO_EX_DATA_IMPL)* ex_data_fns; + dynamic_MEM_fns mem_fns; + dynamic_LOCK_fns lock_fns; + } +alias st_dynamic_fns dynamic_fns; + +/* The version checking function should be of this prototype. NB: The + * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading code. + * If this function returns zero, it indicates a (potential) version + * incompatibility and the loaded library doesn't believe it can proceed. + * Otherwise, the returned value is the (latest) version supported by the + * loading library. The loader may still decide that the loaded code's version + * is unsatisfactory and could veto the load. The function is expected to + * be implemented with the symbol name "v_check", and a default implementation + * can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */ +alias ExternC!(c_ulong function(c_ulong ossl_version)) dynamic_v_check_fn; +template IMPLEMENT_DYNAMIC_CHECK_FN() { + enum IMPLEMENT_DYNAMIC_CHECK_FN = q{ + extern(C) c_ulong v_check(c_ulong v); + extern(C) c_ulong v_check(c_ulong v) { + if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; + return 0; } + }; +} + +/* This function is passed the ENGINE structure to initialise with its own + * function and command settings. It should not adjust the structural or + * functional reference counts. If this function returns zero, (a) the load will + * be aborted, (b) the previous ENGINE state will be memcpy'd back onto the + * structure, and (c) the shared library will be unloaded. So implementations + * should do their own internal cleanup in failure circumstances otherwise they + * could leak. The 'id' parameter, if non-NULL, represents the ENGINE id that + * the loader is looking for. If this is NULL, the shared library can choose to + * return failure or to initialise a 'default' ENGINE. If non-NULL, the shared + * library must initialise only an ENGINE matching the passed 'id'. The function + * is expected to be implemented with the symbol name "bind_engine". A standard + * implementation can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where + * the parameter 'fn' is a callback function that populates the ENGINE structure + * and returns an int value (zero for failure). 'fn' should have prototype; + * [static] int fn(ENGINE* e, const(char)* id); */ +alias ExternC!(int function(ENGINE* e, const(char)* id, + const(dynamic_fns)* fns)) dynamic_bind_engine; +template IMPLEMENT_DYNAMIC_BIND_FN(fn) { + enum IMPLEMENT_DYNAMIC_BIND_FN = " + extern(C) + int bind_engine(ENGINE* e, const(char)* id, const(dynamic_fns)* fns); + extern(C) + int bind_engine(ENGINE* e, const(char)* id, const(dynamic_fns)* fns) { + if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; + if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, + fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) + return 0; + CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); + CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); + CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); + CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); + CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); + if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) + return 0; + if(!ERR_set_implementation(fns->err_fns)) return 0; + skip_cbs: + if(!" ~ fn ~ "(e,id)) return 0; + return 1; } + "; +} + +/* If the loading application (or library) and the loaded ENGINE library share + * the same static data (eg. they're both dynamically linked to the same + * libcrypto.so) we need a way to avoid trying to set system callbacks - this + * would fail, and for the same reason that it's unnecessary to try. If the + * loaded ENGINE has (or gets from through the loader) its own copy of the + * libcrypto static data, we will need to set the callbacks. The easiest way to + * detect this is to have a function that returns a pointer to some static data + * and let the loading application and loaded ENGINE compare their respective + * values. */ +void* ENGINE_get_static_state(); + +version (BSD) { +void ENGINE_setup_bsd_cryptodev(); +} +version (HAVE_CRYPTODEV) { +void ENGINE_setup_bsd_cryptodev(); +} + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_ENGINE_strings(); + +/* Error codes for the ENGINE functions. */ + +/* Function codes. */ +enum ENGINE_F_DYNAMIC_CTRL = 180; +enum ENGINE_F_DYNAMIC_GET_DATA_CTX = 181; +enum ENGINE_F_DYNAMIC_LOAD = 182; +enum ENGINE_F_DYNAMIC_SET_DATA_CTX = 183; +enum ENGINE_F_ENGINE_ADD = 105; +enum ENGINE_F_ENGINE_BY_ID = 106; +enum ENGINE_F_ENGINE_CMD_IS_EXECUTABLE = 170; +enum ENGINE_F_ENGINE_CTRL = 142; +enum ENGINE_F_ENGINE_CTRL_CMD = 178; +enum ENGINE_F_ENGINE_CTRL_CMD_STRING = 171; +enum ENGINE_F_ENGINE_FINISH = 107; +enum ENGINE_F_ENGINE_FREE_UTIL = 108; +enum ENGINE_F_ENGINE_GET_CIPHER = 185; +enum ENGINE_F_ENGINE_GET_DEFAULT_TYPE = 177; +enum ENGINE_F_ENGINE_GET_DIGEST = 186; +enum ENGINE_F_ENGINE_GET_NEXT = 115; +enum ENGINE_F_ENGINE_GET_PKEY_ASN1_METH = 193; +enum ENGINE_F_ENGINE_GET_PKEY_METH = 192; +enum ENGINE_F_ENGINE_GET_PREV = 116; +enum ENGINE_F_ENGINE_INIT = 119; +enum ENGINE_F_ENGINE_LIST_ADD = 120; +enum ENGINE_F_ENGINE_LIST_REMOVE = 121; +enum ENGINE_F_ENGINE_LOAD_PRIVATE_KEY = 150; +enum ENGINE_F_ENGINE_LOAD_PUBLIC_KEY = 151; +enum ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT = 194; +enum ENGINE_F_ENGINE_NEW = 122; +enum ENGINE_F_ENGINE_REMOVE = 123; +enum ENGINE_F_ENGINE_SET_DEFAULT_STRING = 189; +enum ENGINE_F_ENGINE_SET_DEFAULT_TYPE = 126; +enum ENGINE_F_ENGINE_SET_ID = 129; +enum ENGINE_F_ENGINE_SET_NAME = 130; +enum ENGINE_F_ENGINE_TABLE_REGISTER = 184; +enum ENGINE_F_ENGINE_UNLOAD_KEY = 152; +enum ENGINE_F_ENGINE_UNLOCKED_FINISH = 191; +enum ENGINE_F_ENGINE_UP_REF = 190; +enum ENGINE_F_INT_CTRL_HELPER = 172; +enum ENGINE_F_INT_ENGINE_CONFIGURE = 188; +enum ENGINE_F_INT_ENGINE_MODULE_INIT = 187; +enum ENGINE_F_LOG_MESSAGE = 141; + +/* Reason codes. */ +enum ENGINE_R_ALREADY_LOADED = 100; +enum ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER = 133; +enum ENGINE_R_CMD_NOT_EXECUTABLE = 134; +enum ENGINE_R_COMMAND_TAKES_INPUT = 135; +enum ENGINE_R_COMMAND_TAKES_NO_INPUT = 136; +enum ENGINE_R_CONFLICTING_ENGINE_ID = 103; +enum ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED = 119; +enum ENGINE_R_DH_NOT_IMPLEMENTED = 139; +enum ENGINE_R_DSA_NOT_IMPLEMENTED = 140; +enum ENGINE_R_DSO_FAILURE = 104; +enum ENGINE_R_DSO_NOT_FOUND = 132; +enum ENGINE_R_ENGINES_SECTION_ERROR = 148; +enum ENGINE_R_ENGINE_CONFIGURATION_ERROR = 102; +enum ENGINE_R_ENGINE_IS_NOT_IN_LIST = 105; +enum ENGINE_R_ENGINE_SECTION_ERROR = 149; +enum ENGINE_R_FAILED_LOADING_PRIVATE_KEY = 128; +enum ENGINE_R_FAILED_LOADING_PUBLIC_KEY = 129; +enum ENGINE_R_FINISH_FAILED = 106; +enum ENGINE_R_GET_HANDLE_FAILED = 107; +enum ENGINE_R_ID_OR_NAME_MISSING = 108; +enum ENGINE_R_INIT_FAILED = 109; +enum ENGINE_R_INTERNAL_LIST_ERROR = 110; +enum ENGINE_R_INVALID_ARGUMENT = 143; +enum ENGINE_R_INVALID_CMD_NAME = 137; +enum ENGINE_R_INVALID_CMD_NUMBER = 138; +enum ENGINE_R_INVALID_INIT_VALUE = 151; +enum ENGINE_R_INVALID_STRING = 150; +enum ENGINE_R_NOT_INITIALISED = 117; +enum ENGINE_R_NOT_LOADED = 112; +enum ENGINE_R_NO_CONTROL_FUNCTION = 120; +enum ENGINE_R_NO_INDEX = 144; +enum ENGINE_R_NO_LOAD_FUNCTION = 125; +enum ENGINE_R_NO_REFERENCE = 130; +enum ENGINE_R_NO_SUCH_ENGINE = 116; +enum ENGINE_R_NO_UNLOAD_FUNCTION = 126; +enum ENGINE_R_PROVIDE_PARAMETERS = 113; +enum ENGINE_R_RSA_NOT_IMPLEMENTED = 141; +enum ENGINE_R_UNIMPLEMENTED_CIPHER = 146; +enum ENGINE_R_UNIMPLEMENTED_DIGEST = 147; +enum ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD = 101; +enum ENGINE_R_VERSION_INCOMPATIBILITY = 145; diff --git a/deimos/openssl/err.d b/deimos/openssl/err.d new file mode 100644 index 0000000..c01bb0d --- /dev/null +++ b/deimos/openssl/err.d @@ -0,0 +1,391 @@ +/* crypto/err/err.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +/* ==================================================================== + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +module deimos.openssl.err; + +import deimos.openssl._d_util; + +public import deimos.openssl.e_os2; + +version(OPENSSL_NO_FP_API) {} else { +import core.stdc.stdio; +import core.stdc.stdlib; +} + +public import deimos.openssl.ossl_typ; +version(OPENSSL_NO_BIO) {} else { +public import deimos.openssl.bio; +} +version(OPENSSL_NO_LHASH) {} else { +public import deimos.openssl.lhash; +} + +import core.vararg : va_list; + +extern (C): +nothrow: + +// #ifndef OPENSSL_NO_ERR +// #define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,d,e) +// #else +// #define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,NULL,0) +// #endif +version (OPENSSL_NO_ERR) { + void ERR_PUT_error()(int a, int b,int c,const(char)* d,int e) { + ERR_put_error(a,b,c,null,0); + } +} else { + alias ERR_put_error ERR_PUT_error; +} + +// #include + +enum ERR_TXT_MALLOCED = 0x01; +enum ERR_TXT_STRING = 0x02; + +enum ERR_FLAG_MARK = 0x01; + +enum ERR_NUM_ERRORS = 16; +struct err_state_st { + CRYPTO_THREADID tid; + int[ERR_NUM_ERRORS] err_flags; + c_ulong[ERR_NUM_ERRORS] err_buffer; + char*[ERR_NUM_ERRORS] err_data; + int[ERR_NUM_ERRORS] err_data_flags; + const(char)*[ERR_NUM_ERRORS] err_file; + int[ERR_NUM_ERRORS] err_line; + int top,bottom; + } +alias err_state_st ERR_STATE; + +/* library */ +enum ERR_LIB_NONE = 1; +enum ERR_LIB_SYS = 2; +enum ERR_LIB_BN = 3; +enum ERR_LIB_RSA = 4; +enum ERR_LIB_DH = 5; +enum ERR_LIB_EVP = 6; +enum ERR_LIB_BUF = 7; +enum ERR_LIB_OBJ = 8; +enum ERR_LIB_PEM = 9; +enum ERR_LIB_DSA = 10; +enum ERR_LIB_X509 = 11; +/* enum ERR_LIB_METH = 12; */ +enum ERR_LIB_ASN1 = 13; +enum ERR_LIB_CONF = 14; +enum ERR_LIB_CRYPTO = 15; +enum ERR_LIB_EC = 16; +enum ERR_LIB_SSL = 20; +/* enum ERR_LIB_SSL23 = 21; */ +/* enum ERR_LIB_SSL2 = 22; */ +/* enum ERR_LIB_SSL3 = 23; */ +/* enum ERR_LIB_RSAREF = 30; */ +/* enum ERR_LIB_PROXY = 31; */ +enum ERR_LIB_BIO = 32; +enum ERR_LIB_PKCS7 = 33; +enum ERR_LIB_X509V3 = 34; +enum ERR_LIB_PKCS12 = 35; +enum ERR_LIB_RAND = 36; +enum ERR_LIB_DSO = 37; +enum ERR_LIB_ENGINE = 38; +enum ERR_LIB_OCSP = 39; +enum ERR_LIB_UI = 40; +enum ERR_LIB_COMP = 41; +enum ERR_LIB_ECDSA = 42; +enum ERR_LIB_ECDH = 43; +enum ERR_LIB_STORE = 44; +enum ERR_LIB_FIPS = 45; +enum ERR_LIB_CMS = 46; +enum ERR_LIB_TS = 47; +enum ERR_LIB_HMAC = 48; +enum ERR_LIB_JPAKE = 49; + +enum ERR_LIB_USER = 128; + +void SYSerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_SYS,f,r,file,line); } +void BNerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_BN,f,r,file,line); } +void RSAerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_RSA,f,r,file,line); } +void DHerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_DH,f,r,file,line); } +void EVPerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_EVP,f,r,file,line); } +void BUFerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_BUF,f,r,file,line); } +void OBJerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_OBJ,f,r,file,line); } +void PEMerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_PEM,f,r,file,line); } +void DSAerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_DSA,f,r,file,line); } +void X509err_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_X509,f,r,file,line); } +void ASN1err_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_ASN1,f,r,file,line); } +void CONFerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_CONF,f,r,file,line); } +void CRYPTOerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_CRYPTO,f,r,file,line); } +void ECerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_EC,f,r,file,line); } +void SSLerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_SSL,f,r,file,line); } +void BIOerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_BIO,f,r,file,line); } +void PKCS7err_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_PKCS7,f,r,file,line); } +void X509V3err_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_X509V3,f,r,file,line); } +void PKCS12err_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_PKCS12,f,r,file,line); } +void RANDerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_RAND,f,r,file,line); } +void DSOerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_DSO,f,r,file,line); } +void ENGINEerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_ENGINE,f,r,file,line); } +void OCSPerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_OCSP,f,r,file,line); } +void UIerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_UI,f,r,file,line); } +void COMPerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_COMP,f,r,file,line); } +void ECDSAerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_ECDSA,f,r,file,line); } +void ECDHerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_ECDH,f,r,file,line); } +void STOREerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_STORE,f,r,file,line); } +void FIPSerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_FIPS,f,r,file,line); } +void CMSerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_CMS,f,r,file,line); } +void TSerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_TS,f,r,file,line); } +void HMACerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_HMAC,f,r,file,line); } +void JPAKEerr_err(string file = __FILE__, size_t line = __LINE__)(int f, int r){ ERR_PUT_error(ERR_LIB_JPAKE,f,r,file,line); } + +/* Borland C seems too stupid to be able to shift and do longs in + * the pre-processor :-( */ +auto ERR_PACK()(c_ulong l, c_ulong f, c_ulong r) { + return ((((l)&0xffL)*0x1000000)| + (((f)&0xfffL)*0x1000)| + (((r)&0xfffL))); +} +auto ERR_GET_LIB()(c_ulong l) { return cast(int)(((l)>>24L)&0xffL); } +auto ERR_GET_FUNC()(c_ulong l) { return cast(int)(((l)>>12L)&0xfffL); } +auto ERR_GET_REASON()(c_ulong l) { return cast(int)((l)&0xfffL); } +auto ERR_FATAL_ERROR()(c_ulong l) { return cast(int)((l)&ERR_R_FATAL); } + + +/* OS functions */ +enum SYS_F_FOPEN = 1; +enum SYS_F_CONNECT = 2; +enum SYS_F_GETSERVBYNAME = 3; +enum SYS_F_SOCKET = 4; +enum SYS_F_IOCTLSOCKET = 5; +enum SYS_F_BIND = 6; +enum SYS_F_LISTEN = 7; +enum SYS_F_ACCEPT = 8; +enum SYS_F_WSASTARTUP = 9; /* Winsock stuff */ +enum SYS_F_OPENDIR = 10; +enum SYS_F_FREAD = 11; + + +/* reasons */ +alias ERR_LIB_SYS ERR_R_SYS_LIB ; /* 2 */ +alias ERR_LIB_BN ERR_R_BN_LIB ; /* 3 */ +alias ERR_LIB_RSA ERR_R_RSA_LIB ; /* 4 */ +alias ERR_LIB_DH ERR_R_DH_LIB ; /* 5 */ +alias ERR_LIB_EVP ERR_R_EVP_LIB ; /* 6 */ +alias ERR_LIB_BUF ERR_R_BUF_LIB ; /* 7 */ +alias ERR_LIB_OBJ ERR_R_OBJ_LIB ; /* 8 */ +alias ERR_LIB_PEM ERR_R_PEM_LIB ; /* 9 */ +alias ERR_LIB_DSA ERR_R_DSA_LIB ; /* 10 */ +alias ERR_LIB_X509 ERR_R_X509_LIB ; /* 11 */ +alias ERR_LIB_ASN1 ERR_R_ASN1_LIB ; /* 13 */ +alias ERR_LIB_CONF ERR_R_CONF_LIB ; /* 14 */ +alias ERR_LIB_CRYPTO ERR_R_CRYPTO_LIB ; /* 15 */ +alias ERR_LIB_EC ERR_R_EC_LIB ; /* 16 */ +alias ERR_LIB_SSL ERR_R_SSL_LIB ; /* 20 */ +alias ERR_LIB_BIO ERR_R_BIO_LIB ; /* 32 */ +alias ERR_LIB_PKCS7 ERR_R_PKCS7_LIB ; /* 33 */ +alias ERR_LIB_X509V3 ERR_R_X509V3_LIB ; /* 34 */ +alias ERR_LIB_PKCS12 ERR_R_PKCS12_LIB ; /* 35 */ +alias ERR_LIB_RAND ERR_R_RAND_LIB ; /* 36 */ +alias ERR_LIB_DSO ERR_R_DSO_LIB ; /* 37 */ +alias ERR_LIB_ENGINE ERR_R_ENGINE_LIB ; /* 38 */ +alias ERR_LIB_OCSP ERR_R_OCSP_LIB ; /* 39 */ +alias ERR_LIB_UI ERR_R_UI_LIB ; /* 40 */ +alias ERR_LIB_COMP ERR_R_COMP_LIB ; /* 41 */ +alias ERR_LIB_ECDSA ERR_R_ECDSA_LIB ; /* 42 */ +alias ERR_LIB_ECDH ERR_R_ECDH_LIB ; /* 43 */ +alias ERR_LIB_STORE ERR_R_STORE_LIB ; /* 44 */ +alias ERR_LIB_TS ERR_R_TS_LIB ; /* 45 */ + +enum ERR_R_NESTED_ASN1_ERROR = 58; +enum ERR_R_BAD_ASN1_OBJECT_HEADER = 59; +enum ERR_R_BAD_GET_ASN1_OBJECT_CALL = 60; +enum ERR_R_EXPECTING_AN_ASN1_SEQUENCE = 61; +enum ERR_R_ASN1_LENGTH_MISMATCH = 62; +enum ERR_R_MISSING_ASN1_EOS = 63; + +/* fatal error */ +enum ERR_R_FATAL = 64; +enum ERR_R_MALLOC_FAILURE = (1|ERR_R_FATAL); +enum ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED = (2|ERR_R_FATAL); +enum ERR_R_PASSED_NULL_PARAMETER = (3|ERR_R_FATAL); +enum ERR_R_INTERNAL_ERROR = (4|ERR_R_FATAL); +enum ERR_R_DISABLED = (5|ERR_R_FATAL); + +/* 99 is the maximum possible ERR_R_... code, higher values + * are reserved for the individual libraries */ + + +struct ERR_string_data_st { + c_ulong error; + const(char)* string; + } +alias ERR_string_data_st ERR_STRING_DATA; + +void ERR_put_error(int lib, int func,int reason,const(char)* file,int line); +void ERR_set_error_data(char* data,int flags); + +c_ulong ERR_get_error(); +c_ulong ERR_get_error_line(const(char)** file,int* line); +c_ulong ERR_get_error_line_data(const(char)** file,int* line, + const(char)** data, int* flags); +c_ulong ERR_peek_error(); +c_ulong ERR_peek_error_line(const(char)** file,int* line); +c_ulong ERR_peek_error_line_data(const(char)** file,int* line, + const(char)** data,int* flags); +c_ulong ERR_peek_last_error(); +c_ulong ERR_peek_last_error_line(const(char)** file,int* line); +c_ulong ERR_peek_last_error_line_data(const(char)** file,int* line, + const(char)** data,int* flags); +void ERR_clear_error(); +char* ERR_error_string(c_ulong e,char* buf); +void ERR_error_string_n(c_ulong e, char* buf, size_t len); +const(char)* ERR_lib_error_string(c_ulong e); +const(char)* ERR_func_error_string(c_ulong e); +const(char)* ERR_reason_error_string(c_ulong e); +void ERR_print_errors_cb(ExternC!(int function(const(char)* str, size_t len, void* u)) cb, + void* u); +version(OPENSSL_NO_FP_API) {} else { +void ERR_print_errors_fp(FILE* fp); +} +version(OPENSSL_NO_BIO) {} else { +void ERR_print_errors(BIO* bp); +} +void ERR_add_error_data(int num, ...); +void ERR_add_error_vdata(int num, va_list args); +void ERR_load_strings(int lib,ERR_STRING_DATA[] str); +void ERR_unload_strings(int lib,ERR_STRING_DATA[] str); +void ERR_load_ERR_strings(); +void ERR_load_crypto_strings(); +void ERR_free_strings(); + +void ERR_remove_thread_state(const(CRYPTO_THREADID)* tid); +version(OPENSSL_NO_DEPRECATED) {} else { +void ERR_remove_state(c_ulong pid); /* if zero we look it up */ +} +ERR_STATE* ERR_get_state(); + +version(OPENSSL_NO_LHASH) {} else { +LHASH_OF!(ERR_STRING_DATA) *ERR_get_string_table(); +LHASH_OF!(ERR_STATE) *ERR_get_err_state_table(); +void ERR_release_err_state_table(LHASH_OF!(ERR_STATE) **hash); +} + +int ERR_get_next_error_library(); + +int ERR_set_mark(); +int ERR_pop_to_mark(); + +/* Already defined in ossl_typ.h */ +/* typedef st_ERR_FNS ERR_FNS; */ +/* An application can use this function and provide the return value to loaded + * modules that should use the application's ERR state/functionality */ +const(ERR_FNS)* ERR_get_implementation(); +/* A loaded module should call this function prior to any ERR operations using + * the application's "ERR_FNS". */ +int ERR_set_implementation(const(ERR_FNS)* fns); diff --git a/deimos/openssl/evp.d b/deimos/openssl/evp.d new file mode 100644 index 0000000..cde5b3c --- /dev/null +++ b/deimos/openssl/evp.d @@ -0,0 +1,1408 @@ +/* crypto/evp/evp.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.evp; + +import deimos.openssl._d_util; + +import deimos.openssl.x509; // Needed for X509_ATTRIBUTE. + +//#ifdef OPENSSL_ALGORITHM_DEFINES +public import deimos.openssl.opensslconf; +//#else +//# define OPENSSL_ALGORITHM_DEFINES +//public import deimos.openssl.opensslconf; +//# undef OPENSSL_ALGORITHM_DEFINES +//#endif + +public import deimos.openssl.ossl_typ; + +public import deimos.openssl.symhacks; + +version(OPENSSL_NO_BIO) {} else { +public import deimos.openssl.bio; +} + +/* +enum EVP_RC2_KEY_SIZE = 16; +enum EVP_RC4_KEY_SIZE = 16; +enum EVP_BLOWFISH_KEY_SIZE = 16; +enum EVP_CAST5_KEY_SIZE = 16; +enum EVP_RC5_32_12_16_KEY_SIZE = 16; +*/ +enum EVP_MAX_MD_SIZE = 64; /* longest known is SHA512 */ +enum EVP_MAX_KEY_LENGTH = 64; +enum EVP_MAX_IV_LENGTH = 16; +enum EVP_MAX_BLOCK_LENGTH = 32; + +enum PKCS5_SALT_LEN = 8; +/* Default PKCS#5 iteration count */ +enum PKCS5_DEFAULT_ITER = 2048; + +public import deimos.openssl.objects; + +enum EVP_PK_RSA = 0x0001; +enum EVP_PK_DSA = 0x0002; +enum EVP_PK_DH = 0x0004; +enum EVP_PK_EC = 0x0008; +enum EVP_PKT_SIGN = 0x0010; +enum EVP_PKT_ENC = 0x0020; +enum EVP_PKT_EXCH = 0x0040; +enum EVP_PKS_RSA = 0x0100; +enum EVP_PKS_DSA = 0x0200; +enum EVP_PKS_EC = 0x0400; +enum EVP_PKT_EXP = 0x1000; /* <= 512 bit key */ + +alias NID_undef EVP_PKEY_NONE; +alias NID_rsaEncryption EVP_PKEY_RSA; +alias NID_rsa EVP_PKEY_RSA2; +alias NID_dsa EVP_PKEY_DSA; +alias NID_dsa_2 EVP_PKEY_DSA1; +alias NID_dsaWithSHA EVP_PKEY_DSA2; +alias NID_dsaWithSHA1 EVP_PKEY_DSA3; +alias NID_dsaWithSHA1_2 EVP_PKEY_DSA4; +alias NID_dhKeyAgreement EVP_PKEY_DH; +alias NID_X9_62_id_ecPublicKey EVP_PKEY_EC; +alias NID_hmac EVP_PKEY_HMAC; +alias NID_cmac EVP_PKEY_CMAC; + +extern (C): +nothrow: + +/* Type needs to be a bit field + * Sub-type needs to be for variations on the method, as in_, can it do + * arbitrary encryption.... */ +struct evp_pkey_st + { + int type; + int save_type; + int references; + const(EVP_PKEY_ASN1_METHOD)* ameth; + ENGINE* engine; + union pkey_ { + char* ptr; +version(OPENSSL_NO_RSA) {} else { + rsa_st* rsa; /* RSA */ +} +version(OPENSSL_NO_DSA) {} else { + dsa_st* dsa; /* DSA */ +} +version(OPENSSL_NO_DH) {} else { + dh_st* dh; /* DH */ +} +version(OPENSSL_NO_EC) {} else { + ec_key_st* ec; /* ECC */ +} + } + pkey_ pkey; + int save_parameters; + STACK_OF!(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ + } /* EVP_PKEY */; + +enum EVP_PKEY_MO_SIGN = 0x0001; +enum EVP_PKEY_MO_VERIFY = 0x0002; +enum EVP_PKEY_MO_ENCRYPT = 0x0004; +enum EVP_PKEY_MO_DECRYPT = 0x0008; + +// #ifndef EVP_MD +struct env_md_st + { + int type; + int pkey_type; + int md_size; + c_ulong flags; + ExternC!(int function(EVP_MD_CTX* ctx)) init_; + ExternC!(int function(EVP_MD_CTX* ctx,const(void)* data,size_t count)) update; + ExternC!(int function(EVP_MD_CTX* ctx,ubyte* md)) final_; + ExternC!(int function(EVP_MD_CTX* to,const(EVP_MD_CTX)* from)) copy; + ExternC!(int function(EVP_MD_CTX* ctx)) cleanup; + + /* FIXME: prototype these some day */ + ExternC!(int function(int type, const(ubyte)* m, uint m_length, + ubyte* sigret, uint* siglen, void* key)) sign; + ExternC!(int function(int type, const(ubyte)* m, uint m_length, + const(ubyte)* sigbuf, uint siglen, + void* key)) verify; + int[5] required_pkey_type; /*EVP_PKEY_xxx */ + int block_size; + int ctx_size; /* how big does the ctx->md_data need to be */ + /* control function */ + ExternC!(int function(EVP_MD_CTX* ctx, int cmd, int p1, void* p2)) md_ctrl; + } /* EVP_MD */; + +alias typeof(*(ExternC!(int function(int type,const(ubyte)* m, + uint m_length,ubyte* sigret, + uint* siglen, void* key))).init) evp_sign_method; +alias typeof(*(ExternC!(int function(int type,const(ubyte)* m, + uint m_length,const(ubyte)* sigbuf, + uint siglen, void* key))).init) evp_verify_method; + +enum EVP_MD_FLAG_ONESHOT = 0x0001; /* digest can only handle a single + * block */ + +enum EVP_MD_FLAG_PKEY_DIGEST = 0x0002; /* digest is a "clone" digest used + * which is a copy of an existing + * one for a specific public key type. + * EVP_dss1() etc */ + +/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */ + +enum EVP_MD_FLAG_PKEY_METHOD_SIGNATURE = 0x0004; + +/* DigestAlgorithmIdentifier flags... */ + +enum EVP_MD_FLAG_DIGALGID_MASK = 0x0018; + +/* NULL or absent parameter accepted. Use NULL */ + +enum EVP_MD_FLAG_DIGALGID_NULL = 0x0000; + +/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */ + +enum EVP_MD_FLAG_DIGALGID_ABSENT = 0x0008; + +/* Custom handling via ctrl */ + +enum EVP_MD_FLAG_DIGALGID_CUSTOM = 0x0018; + +enum EVP_MD_FLAG_FIPS = 0x0400; /* Note if suitable for use in FIPS mode */ + +/* Digest ctrls */ + +enum EVP_MD_CTRL_DIGALGID = 0x1; +enum EVP_MD_CTRL_MICALG = 0x2; + +/* Minimum Algorithm specific ctrl value */ + +enum EVP_MD_CTRL_ALG_CTRL = 0x1000; + +enum EVP_PKEY_NULL_method = "null,null,{0,0,0,0}"; + +version (OPENSSL_NO_DSA) { + alias EVP_PKEY_NULL_method EVP_PKEY_DSA_method; +} else { + enum EVP_PKEY_DSA_method = "cast(evp_sign_method*)&DSA_sign," ~ + "cast(evp_verify_method*)&DSA_verify,{EVP_PKEY_DSA,EVP_PKEY_DSA2," ~ + "EVP_PKEY_DSA3, EVP_PKEY_DSA4,0}"; +} + +version(OPENSSL_NO_ECDSA) { + alias EVP_PKEY_NULL_method EVP_PKEY_ECDSA_method; +} else { + enum EVP_PKEY_ECDSA_method = "cast(evp_sign_method*)&ECDSA_sign," ~ + "cast(evp_verify_method*)&ECDSA_verify,{EVP_PKEY_EC,0,0,0}"; +} + +version (OPENSSL_NO_RSA) { + alias EVP_PKEY_NULL_method EVP_PKEY_RSA_method; + alias EVP_PKEY_NULL_method EVP_PKEY_RSA_ASN1_OCTET_STRING_method; +} else { + enum EVP_PKEY_RSA_method = "cast(evp_sign_method*)&RSA_sign," ~ + "cast(evp_verify_method*)RSA_verify,{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}"; + enum EVP_PKEY_RSA_ASN1_OCTET_STRING_method = + "cast(evp_sign_method*)&RSA_sign_ASN1_OCTET_STRING," ~ + "cast(evp_verify_method*)RSA_verify_ASN1_OCTET_STRING," ~ + "{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}"; +} + +// #endif /* !EVP_MD */ + +struct env_md_ctx_st + { + const(EVP_MD)* digest; + ENGINE* engine; /* functional reference if 'digest' is ENGINE-provided */ + c_ulong flags; + void* md_data; + /* Public key context for sign/verify */ + EVP_PKEY_CTX* pctx; + /* Update function: usually copied from EVP_MD */ + ExternC!(int function(EVP_MD_CTX* ctx,const(void)* data,size_t count)) update; + } /* EVP_MD_CTX */; + +/* values for EVP_MD_CTX flags */ + +enum EVP_MD_CTX_FLAG_ONESHOT = 0x0001; /* digest update will be called + * once only */ +enum EVP_MD_CTX_FLAG_CLEANED = 0x0002; /* context has already been + * cleaned */ +enum EVP_MD_CTX_FLAG_REUSE = 0x0004; /* Don't free up ctx->md_data + * in EVP_MD_CTX_cleanup */ +/* FIPS and pad options are ignored in 1.0.0, definitions are here + * so we don't accidentally reuse the values for other purposes. + */ + +enum EVP_MD_CTX_FLAG_NON_FIPS_ALLOW = 0x0008; /* Allow use of non FIPS digest + * in FIPS mode */ + +/* The following PAD options are also currently ignored in 1.0.0, digest + * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*() + * instead. + */ +enum EVP_MD_CTX_FLAG_PAD_MASK = 0xF0; /* RSA mode to use */ +enum EVP_MD_CTX_FLAG_PAD_PKCS1 = 0x00; /* PKCS#1 v1.5 mode */ +enum EVP_MD_CTX_FLAG_PAD_X931 = 0x10; /* X9.31 mode */ +enum EVP_MD_CTX_FLAG_PAD_PSS = 0x20; /* PSS mode */ + +enum EVP_MD_CTX_FLAG_NO_INIT = 0x0100; /* Don't initialize md_data */ + +struct evp_cipher_st + { + int nid; + int block_size; + int key_len; /* Default value for variable length ciphers */ + int iv_len; + c_ulong flags; /* Various flags */ + ExternC!(int function(EVP_CIPHER_CTX* ctx, const(ubyte)* key, + const(ubyte)* iv, int enc)) init_; /* init key */ + ExternC!(int function(EVP_CIPHER_CTX* ctx, ubyte* out_, + const(ubyte)* in_, size_t inl)) do_cipher;/* encrypt/decrypt data */ + ExternC!(int function(EVP_CIPHER_CTX*)) cleanup; /* cleanup ctx */ + int ctx_size; /* how big ctx->cipher_data needs to be */ + ExternC!(int function(EVP_CIPHER_CTX*, ASN1_TYPE*)) set_asn1_parameters; /* Populate a ASN1_TYPE with parameters */ + ExternC!(int function(EVP_CIPHER_CTX*, ASN1_TYPE*)) get_asn1_parameters; /* Get parameters from a ASN1_TYPE */ + ExternC!(int function(EVP_CIPHER_CTX*, int type, int arg, void* ptr)) ctrl; /* Miscellaneous operations */ + void* app_data; /* Application data */ + } /* EVP_CIPHER */; + +/* Values for cipher flags */ + +/* Modes for ciphers */ + +enum EVP_CIPH_STREAM_CIPHER = 0x0; +enum EVP_CIPH_ECB_MODE = 0x1; +enum EVP_CIPH_CBC_MODE = 0x2; +enum EVP_CIPH_CFB_MODE = 0x3; +enum EVP_CIPH_OFB_MODE = 0x4; +enum EVP_CIPH_CTR_MODE = 0x5; +enum EVP_CIPH_GCM_MODE = 0x6; +enum EVP_CIPH_CCM_MODE = 0x7; +enum EVP_CIPH_XTS_MODE = 0x10001; +enum EVP_CIPH_MODE = 0xF0007; +/* Set if variable length cipher */ +enum EVP_CIPH_VARIABLE_LENGTH = 0x8; +/* Set if the iv handling should be done by the cipher itself */ +enum EVP_CIPH_CUSTOM_IV = 0x10; +/* Set if the cipher's init() function should be called if key is NULL */ +enum EVP_CIPH_ALWAYS_CALL_INIT = 0x20; +/* Call ctrl() to init cipher parameters */ +enum EVP_CIPH_CTRL_INIT = 0x40; +/* Don't use standard key length function */ +enum EVP_CIPH_CUSTOM_KEY_LENGTH = 0x80; +/* Don't use standard block padding */ +enum EVP_CIPH_NO_PADDING = 0x100; +/* cipher handles random key generation */ +enum EVP_CIPH_RAND_KEY = 0x200; +/* cipher has its own additional copying logic */ +enum EVP_CIPH_CUSTOM_COPY = 0x400; +/* Allow use default ASN1 get/set iv */ +enum EVP_CIPH_FLAG_DEFAULT_ASN1 = 0x1000; +/* Buffer length in bits not bytes: CFB1 mode only */ +enum EVP_CIPH_FLAG_LENGTH_BITS = 0x2000; +/* Note if suitable for use in FIPS mode */ +enum EVP_CIPH_FLAG_FIPS = 0x4000; +/* Allow non FIPS cipher in FIPS mode */ +enum EVP_CIPH_FLAG_NON_FIPS_ALLOW = 0x8000; +/* Cipher handles any and all padding logic as well + * as finalisation. + */ +enum EVP_CIPH_FLAG_CUSTOM_CIPHER = 0x100000; +enum EVP_CIPH_FLAG_AEAD_CIPHER = 0x200000; + +/* ctrl() values */ + +enum EVP_CTRL_INIT = 0x0; +enum EVP_CTRL_SET_KEY_LENGTH = 0x1; +enum EVP_CTRL_GET_RC2_KEY_BITS = 0x2; +enum EVP_CTRL_SET_RC2_KEY_BITS = 0x3; +enum EVP_CTRL_GET_RC5_ROUNDS = 0x4; +enum EVP_CTRL_SET_RC5_ROUNDS = 0x5; +enum EVP_CTRL_RAND_KEY = 0x6; +enum EVP_CTRL_PBE_PRF_NID = 0x7; +enum EVP_CTRL_COPY = 0x8; +enum EVP_CTRL_GCM_SET_IVLEN = 0x9; +enum EVP_CTRL_GCM_GET_TAG = 0x10; +enum EVP_CTRL_GCM_SET_TAG = 0x11; +enum EVP_CTRL_GCM_SET_IV_FIXED = 0x12; +enum EVP_CTRL_GCM_IV_GEN = 0x13; +alias EVP_CTRL_CCM_SET_IVLEN = EVP_CTRL_GCM_SET_IVLEN; +alias EVP_CTRL_CCM_GET_TAG = EVP_CTRL_GCM_GET_TAG; +alias EVP_CTRL_CCM_SET_TAG = EVP_CTRL_GCM_SET_TAG; +enum EVP_CTRL_CCM_SET_L = 0x14; +enum EVP_CTRL_CCM_SET_MSGLEN = 0x15; +/* AEAD cipher deduces payload length and returns number of bytes + * required to store MAC and eventual padding. Subsequent call to + * EVP_Cipher even appends/verifies MAC. + */ +enum EVP_CTRL_AEAD_TLS1_AAD = 0x16; +/* Used by composite AEAD ciphers, no-op in GCM, CCM... */ +enum EVP_CTRL_AEAD_SET_MAC_KEY = 0x17; +/* Set the GCM invocation field, decrypt only */ +enum EVP_CTRL_GCM_SET_IV_INV = 0x18; + +/* GCM TLS constants */ +/* Length of fixed part of IV derived from PRF */ +enum EVP_GCM_TLS_FIXED_IV_LEN = 4; +/* Length of explicit part of IV part of TLS records */ +enum EVP_GCM_TLS_EXPLICIT_IV_LEN = 8; +/* Length of tag for TLS */ +enum EVP_GCM_TLS_TAG_LEN = 16; + +struct evp_cipher_info_st { + const(EVP_CIPHER)* cipher; + ubyte[EVP_MAX_IV_LENGTH] iv; + } +alias evp_cipher_info_st EVP_CIPHER_INFO; + +struct evp_cipher_ctx_st + { + const(EVP_CIPHER)* cipher; + ENGINE* engine; /* functional reference if 'cipher' is ENGINE-provided */ + int encrypt; /* encrypt or decrypt */ + int buf_len; /* number we have left */ + + ubyte[EVP_MAX_IV_LENGTH] oiv; /* original iv */ + ubyte[EVP_MAX_IV_LENGTH] iv; /* working iv */ + ubyte[EVP_MAX_BLOCK_LENGTH] buf;/* saved partial block */ + int num; /* used by cfb/ofb mode */ + + void* app_data; /* application stuff */ + int key_len; /* May change for variable length cipher */ + c_ulong flags; /* Various flags */ + void* cipher_data; /* per EVP data */ + int final_used; + int block_mask; + ubyte[EVP_MAX_BLOCK_LENGTH] final_;/* possible final block */ + } /* EVP_CIPHER_CTX */; + +struct evp_Encode_Ctx_st { + int num; /* number saved in a partial encode/decode */ + int length; /* The length is either the output line length + * (in input bytes) or the shortest input line + * length that is ok. Once decoding begins, + * the length is adjusted up each time a longer + * line is decoded */ + ubyte[80] enc_data; /* data to encode */ + int line_num; /* number read on current line */ + int expect_nl; + } +alias evp_Encode_Ctx_st EVP_ENCODE_CTX; + +/* Password based encryption function */ +alias typeof(*(ExternC!(int function(EVP_CIPHER_CTX* ctx, const(char)* pass, int passlen, + ASN1_TYPE* param, const(EVP_CIPHER)* cipher, + const(EVP_MD)* md, int en_de))).init) EVP_PBE_KEYGEN; + +version(OPENSSL_NO_RSA) {} else { + auto EVP_PKEY_assign_RSA()(EVP_PKEY* pkey, RSA* key) { + return EVP_PKEY_assign(pkey,EVP_PKEY_RSA,cast(void*)key); + } +} + +version(OPENSSL_NO_DSA) {} else { + auto EVP_PKEY_assign_RSA()(EVP_PKEY* pkey, DSA* key) { + return EVP_PKEY_assign(pkey,EVP_PKEY_DSA,cast(void*)key); + } +} + +version(OPENSSL_NO_DH) {} else { + auto EVP_PKEY_assign_DH()(EVP_PKEY* pkey, DH* key) { + return EVP_PKEY_assign(pkey,EVP_PKEY_DH,cast(void*)key); + } +} + +version(OPENSSL_NO_EC) {} else { + auto EVP_PKEY_assign_EC_KEY()(EVP_PKEY* pkey, EC_KEY* key) { + return EVP_PKEY_assign(pkey,EVP_PKEY_EC,cast(void*)key); + } +} + +/* Add some extra combinations */ +auto EVP_get_digestbynid()(int a) { return EVP_get_digestbyname(OBJ_nid2sn(a)); } +auto EVP_get_digestbyobj()(const(ASN1_OBJECT)* a) { return EVP_get_digestbynid(OBJ_obj2nid(a)); } +auto EVP_get_cipherbynid()(int a) { return EVP_get_cipherbyname(OBJ_nid2sn(a)); } +auto EVP_get_cipherbyobj()(const(ASN1_OBJECT)* a) { return EVP_get_cipherbynid(OBJ_obj2nid(a)); } + +int EVP_MD_type(const(EVP_MD)* md); +alias EVP_MD_type EVP_MD_nid; +auto EVP_MD_name()(const(EVP_MD)* e) { return OBJ_nid2sn(EVP_MD_nid(e)); } +int EVP_MD_pkey_type(const(EVP_MD)* md); +int EVP_MD_size(const(EVP_MD)* md); +int EVP_MD_block_size(const(EVP_MD)* md); +c_ulong EVP_MD_flags(const(EVP_MD)* md); + +const(EVP_MD)* EVP_MD_CTX_md(const(EVP_MD_CTX)* ctx); +auto EVP_MD_CTX_size()(const(EVP_MD_CTX)* e) { return EVP_MD_size(EVP_MD_CTX_md(e)); } +auto EVP_MD_CTX_block_size()(const(EVP_MD_CTX)* e) { return EVP_MD_block_size(EVP_MD_CTX_md(e)); } +auto EVP_MD_CTX_type()(const(EVP_MD_CTX)* e) { return EVP_MD_type(EVP_MD_CTX_md(e)); } + +int EVP_CIPHER_nid(const(EVP_CIPHER)* cipher); +auto EVP_CIPHER_name()(const(EVP_CIPHER)* e){ return OBJ_nid2sn(EVP_CIPHER_nid(e)); } +int EVP_CIPHER_block_size(const(EVP_CIPHER)* cipher); +int EVP_CIPHER_key_length(const(EVP_CIPHER)* cipher); +int EVP_CIPHER_iv_length(const(EVP_CIPHER)* cipher); +c_ulong EVP_CIPHER_flags(const(EVP_CIPHER)* cipher); +auto EVP_CIPHER_mode()(const(EVP_CIPHER)* e) { return (EVP_CIPHER_flags(e) & EVP_CIPH_MODE); } + +const(EVP_CIPHER)* EVP_CIPHER_CTX_cipher(const(EVP_CIPHER_CTX)* ctx); +int EVP_CIPHER_CTX_nid(const(EVP_CIPHER_CTX)* ctx); +int EVP_CIPHER_CTX_block_size(const(EVP_CIPHER_CTX)* ctx); +int EVP_CIPHER_CTX_key_length(const(EVP_CIPHER_CTX)* ctx); +int EVP_CIPHER_CTX_iv_length(const(EVP_CIPHER_CTX)* ctx); +int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX* out_, const(EVP_CIPHER_CTX)* in_); +void* EVP_CIPHER_CTX_get_app_data(const(EVP_CIPHER_CTX)* ctx); +void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX* ctx, void* data); +auto EVP_CIPHER_CTX_type()(const(EVP_CIPHER_CTX)* c) { return EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c)); } +c_ulong EVP_CIPHER_CTX_flags(const(EVP_CIPHER_CTX)* ctx); +auto EVP_CIPHER_CTX_mode()(const(EVP_CIPHER_CTX)* e) { return (EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE); } + +auto EVP_ENCODE_LENGTH(T)(T l) { return (((l+2)/3*4)+(l/48+1)*2+80); } +auto EVP_DECODE_LENGTH(T)(T l) { return ((l+3)/4*3+80); } + +alias EVP_DigestInit_ex EVP_SignInit_ex; +alias EVP_DigestInit EVP_SignInit; +alias EVP_DigestUpdate EVP_SignUpdate; +alias EVP_DigestInit_ex EVP_VerifyInit_ex; +alias EVP_DigestInit EVP_VerifyInit; +alias EVP_DigestUpdate EVP_VerifyUpdate; +alias EVP_DecryptUpdate EVP_OpenUpdate; +alias EVP_EncryptUpdate EVP_SealUpdate; +alias EVP_DigestUpdate EVP_DigestSignUpdate; +alias EVP_DigestUpdate EVP_DigestVerifyUpdate; + +void BIO_set_md()(BIO* b,const(EVP_MD)* md) { return BIO_ctrl(b,BIO_C_SET_MD,0,md); } +auto BIO_get_md()(BIO* b,EVP_MD** mdp) { return BIO_ctrl(b,BIO_C_GET_MD,0,mdp); } +auto BIO_get_md_ctx()(BIO* b,EVP_MD_CTX** mdcp) { return BIO_ctrl(b,BIO_C_GET_MD_CTX,0,mdcp); } +auto BIO_set_md_ctx()(BIO* b,EVP_MD_CTX** mdcp) { return BIO_ctrl(b,BIO_C_SET_MD_CTX,0,mdcp); } +auto BIO_get_cipher_status()(BIO* b) { return BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,null); } +auto BIO_get_cipher_ctx()(BIO* b,EVP_CIPHER_CTX** c_pp) { return BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,c_pp); } + +int EVP_Cipher(EVP_CIPHER_CTX* c, + ubyte* out_, + const(ubyte)* in_, + uint inl); + +auto EVP_add_cipher_alias()(const(char)* n,const(char)* alias_) { + return OBJ_NAME_add(alias_,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n)); +} +auto EVP_add_digest_alias()(const(char)* n,const(char)* alias_) { + return OBJ_NAME_add(alias_,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n)); +} +auto EVP_delete_cipher_alias()(const(char)* alias_) { + return OBJ_NAME_remove(alias_,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS); +} +auto EVP_delete_digest_alias()(const(char)* alias_) { + return OBJ_NAME_remove(alias_,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS); +} + +void EVP_MD_CTX_init(EVP_MD_CTX* ctx); +int EVP_MD_CTX_cleanup(EVP_MD_CTX* ctx); +EVP_MD_CTX* EVP_MD_CTX_create(); +void EVP_MD_CTX_destroy(EVP_MD_CTX* ctx); +int EVP_MD_CTX_copy_ex(EVP_MD_CTX* out_,const(EVP_MD_CTX)* in_); +void EVP_MD_CTX_set_flags(EVP_MD_CTX* ctx, int flags); +void EVP_MD_CTX_clear_flags(EVP_MD_CTX* ctx, int flags); +int EVP_MD_CTX_test_flags(const(EVP_MD_CTX)* ctx,int flags); +int EVP_DigestInit_ex(EVP_MD_CTX* ctx, const(EVP_MD)* type, ENGINE* impl); +int EVP_DigestUpdate(EVP_MD_CTX* ctx,const(void)* d, + size_t cnt); +int EVP_DigestFinal_ex(EVP_MD_CTX* ctx,ubyte* md,uint* s); +int EVP_Digest(const(void)* data, size_t count, + ubyte* md, uint* size, const(EVP_MD)* type, ENGINE* impl); + +int EVP_MD_CTX_copy(EVP_MD_CTX* out_,const(EVP_MD_CTX)* in_); +int EVP_DigestInit(EVP_MD_CTX* ctx, const(EVP_MD)* type); +int EVP_DigestFinal(EVP_MD_CTX* ctx,ubyte* md,uint* s); + +int EVP_read_pw_string(char* buf,int length,const(char)* prompt,int verify); +int EVP_read_pw_string_min(char* buf,int minlen,int maxlen,const(char)* prompt,int verify); +void EVP_set_pw_prompt(const(char)* prompt); +char* EVP_get_pw_prompt(); + +int EVP_BytesToKey(const(EVP_CIPHER)* type,const(EVP_MD)* md, + const(ubyte)* salt, const(ubyte)* data, + int datal, int count, ubyte* key,ubyte* iv); + +void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX* ctx, int flags); +void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX* ctx, int flags); +int EVP_CIPHER_CTX_test_flags(const(EVP_CIPHER_CTX)* ctx,int flags); + +int EVP_EncryptInit(EVP_CIPHER_CTX* ctx,const(EVP_CIPHER)* cipher, + const(ubyte)* key, const(ubyte)* iv); +int EVP_EncryptInit_ex(EVP_CIPHER_CTX* ctx,const(EVP_CIPHER)* cipher, ENGINE* impl, + const(ubyte)* key, const(ubyte)* iv); +int EVP_EncryptUpdate(EVP_CIPHER_CTX* ctx, ubyte* out_, + int* outl, const(ubyte)* in_, int inl); +int EVP_EncryptFinal_ex(EVP_CIPHER_CTX* ctx, ubyte* out_, int* outl); +int EVP_EncryptFinal(EVP_CIPHER_CTX* ctx, ubyte* out_, int* outl); + +int EVP_DecryptInit(EVP_CIPHER_CTX* ctx,const(EVP_CIPHER)* cipher, + const(ubyte)* key, const(ubyte)* iv); +int EVP_DecryptInit_ex(EVP_CIPHER_CTX* ctx,const(EVP_CIPHER)* cipher, ENGINE* impl, + const(ubyte)* key, const(ubyte)* iv); +int EVP_DecryptUpdate(EVP_CIPHER_CTX* ctx, ubyte* out_, + int* outl, const(ubyte)* in_, int inl); +int EVP_DecryptFinal(EVP_CIPHER_CTX* ctx, ubyte* outm, int* outl); +int EVP_DecryptFinal_ex(EVP_CIPHER_CTX* ctx, ubyte* outm, int* outl); + +int EVP_CipherInit(EVP_CIPHER_CTX* ctx,const(EVP_CIPHER)* cipher, + const(ubyte)* key,const(ubyte)* iv, + int enc); +int EVP_CipherInit_ex(EVP_CIPHER_CTX* ctx,const(EVP_CIPHER)* cipher, ENGINE* impl, + const(ubyte)* key,const(ubyte)* iv, + int enc); +int EVP_CipherUpdate(EVP_CIPHER_CTX* ctx, ubyte* out_, + int* outl, const(ubyte)* in_, int inl); +int EVP_CipherFinal(EVP_CIPHER_CTX* ctx, ubyte* outm, int* outl); +int EVP_CipherFinal_ex(EVP_CIPHER_CTX* ctx, ubyte* outm, int* outl); + +int EVP_SignFinal(EVP_MD_CTX* ctx,ubyte* md,uint* s, + EVP_PKEY* pkey); + +int EVP_VerifyFinal(EVP_MD_CTX* ctx,const(ubyte)* sigbuf, + uint siglen,EVP_PKEY* pkey); + +int EVP_DigestSignInit(EVP_MD_CTX* ctx, EVP_PKEY_CTX** pctx, + const(EVP_MD)* type, ENGINE* e, EVP_PKEY* pkey); +int EVP_DigestSignFinal(EVP_MD_CTX* ctx, + ubyte* sigret, size_t* siglen); + +int EVP_DigestVerifyInit(EVP_MD_CTX* ctx, EVP_PKEY_CTX** pctx, + const(EVP_MD)* type, ENGINE* e, EVP_PKEY* pkey); +int EVP_DigestVerifyFinal(EVP_MD_CTX* ctx, + ubyte* sig, size_t siglen); + +int EVP_OpenInit(EVP_CIPHER_CTX* ctx,const(EVP_CIPHER)* type, + const(ubyte)* ek, int ekl, const(ubyte)* iv, + EVP_PKEY* priv); +int EVP_OpenFinal(EVP_CIPHER_CTX* ctx, ubyte* out_, int* outl); + +int EVP_SealInit(EVP_CIPHER_CTX* ctx, const(EVP_CIPHER)* type, + ubyte** ek, int* ekl, ubyte* iv, + EVP_PKEY** pubk, int npubk); +int EVP_SealFinal(EVP_CIPHER_CTX* ctx,ubyte* out_,int* outl); + +void EVP_EncodeInit(EVP_ENCODE_CTX* ctx); +void EVP_EncodeUpdate(EVP_ENCODE_CTX* ctx,ubyte* out_,int* outl, + const(ubyte)* in_,int inl); +void EVP_EncodeFinal(EVP_ENCODE_CTX* ctx,ubyte* out_,int* outl); +int EVP_EncodeBlock(ubyte* t, const(ubyte)* f, int n); + +void EVP_DecodeInit(EVP_ENCODE_CTX* ctx); +int EVP_DecodeUpdate(EVP_ENCODE_CTX* ctx,ubyte* out_,int* outl, + const(ubyte)* in_, int inl); +int EVP_DecodeFinal(EVP_ENCODE_CTX* ctx, ubyte* out_, int* outl); +int EVP_DecodeBlock(ubyte* t, const(ubyte)* f, int n); + +void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX* a); +int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX* a); +EVP_CIPHER_CTX* EVP_CIPHER_CTX_new(); +void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX* a); +int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX* x, int keylen); +int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX* c, int pad); +int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX* ctx, int type, int arg, void* ptr); +int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX* ctx, ubyte* key); + +version(OPENSSL_NO_BIO) {} else { +BIO_METHOD* BIO_f_md(); +BIO_METHOD* BIO_f_base64(); +BIO_METHOD* BIO_f_cipher(); +BIO_METHOD* BIO_f_reliable(); +void BIO_set_cipher(BIO* b,const(EVP_CIPHER)* c,const(ubyte)* k, + const(ubyte)* i, int enc); +} + +const(EVP_MD)* EVP_md_null(); +version(OPENSSL_NO_MD2) {} else { +const(EVP_MD)* EVP_md2(); +} +version(OPENSSL_NO_MD4) {} else { +const(EVP_MD)* EVP_md4(); +} +version(OPENSSL_NO_MD5) {} else { +const(EVP_MD)* EVP_md5(); +} +version(OPENSSL_NO_SHA) {} else { +const(EVP_MD)* EVP_sha(); +const(EVP_MD)* EVP_sha1(); +const(EVP_MD)* EVP_dss(); +const(EVP_MD)* EVP_dss1(); +const(EVP_MD)* EVP_ecdsa(); +} +version(OPENSSL_NO_SHA256) {} else { +const(EVP_MD)* EVP_sha224(); +const(EVP_MD)* EVP_sha256(); +} +version(OPENSSL_NO_SHA512) {} else { +const(EVP_MD)* EVP_sha384(); +const(EVP_MD)* EVP_sha512(); +} +version(OPENSSL_NO_MDC2) {} else { +const(EVP_MD)* EVP_mdc2(); +} +version(OPENSSL_NO_RIPEMD) {} else { +const(EVP_MD)* EVP_ripemd160(); +} +version(OPENSSL_NO_WHIRLPOOL) {} else { +const(EVP_MD)* EVP_whirlpool(); +} +const(EVP_CIPHER)* EVP_enc_null(); /* does nothing :-) */ +version (OPENSSL_NO_DES) {} else { +const(EVP_CIPHER)* EVP_des_ecb(); +const(EVP_CIPHER)* EVP_des_ede(); +const(EVP_CIPHER)* EVP_des_ede3(); +const(EVP_CIPHER)* EVP_des_ede_ecb(); +const(EVP_CIPHER)* EVP_des_ede3_ecb(); +const(EVP_CIPHER)* EVP_des_cfb64(); +alias EVP_des_cfb64 EVP_des_cfb; +const(EVP_CIPHER)* EVP_des_cfb1(); +const(EVP_CIPHER)* EVP_des_cfb8(); +const(EVP_CIPHER)* EVP_des_ede_cfb64(); +alias EVP_des_ede_cfb64 EVP_des_ede_cfb; +version (none) { +const(EVP_CIPHER)* EVP_des_ede_cfb1(); +const(EVP_CIPHER)* EVP_des_ede_cfb8(); +} +const(EVP_CIPHER)* EVP_des_ede3_cfb64(); +alias EVP_des_ede3_cfb64 EVP_des_ede3_cfb; +const(EVP_CIPHER)* EVP_des_ede3_cfb1(); +const(EVP_CIPHER)* EVP_des_ede3_cfb8(); +const(EVP_CIPHER)* EVP_des_ofb(); +const(EVP_CIPHER)* EVP_des_ede_ofb(); +const(EVP_CIPHER)* EVP_des_ede3_ofb(); +const(EVP_CIPHER)* EVP_des_cbc(); +const(EVP_CIPHER)* EVP_des_ede_cbc(); +const(EVP_CIPHER)* EVP_des_ede3_cbc(); +const(EVP_CIPHER)* EVP_desx_cbc(); +/* This should now be supported through the dev_crypto ENGINE. But also, why are + * rc4 and md5 declarations made here inside a "NO_DES" precompiler branch? */ +//#if 0 +//# ifdef OPENSSL_OPENBSD_DEV_CRYPTO +//const(EVP_CIPHER)* EVP_dev_crypto_des_ede3_cbc(); +//const(EVP_CIPHER)* EVP_dev_crypto_rc4(); +//const(EVP_MD)* EVP_dev_crypto_md5(); +//# endif +//#endif +} +version(OPENSSL_NO_RC4) {} else { +const(EVP_CIPHER)* EVP_rc4(); +const(EVP_CIPHER)* EVP_rc4_40(); +version(OPENSSL_NO_MD5) {} else { +const(EVP_CIPHER)* EVP_rc4_hmac_md5(); +} +} +version(OPENSSL_NO_IDEA) {} else { +const(EVP_CIPHER)* EVP_idea_ecb(); +const(EVP_CIPHER)* EVP_idea_cfb64(); +alias EVP_idea_cfb64 EVP_idea_cfb; +const(EVP_CIPHER)* EVP_idea_ofb(); +const(EVP_CIPHER)* EVP_idea_cbc(); +} +version(OPENSSL_NO_RC2) {} else { +const(EVP_CIPHER)* EVP_rc2_ecb(); +const(EVP_CIPHER)* EVP_rc2_cbc(); +const(EVP_CIPHER)* EVP_rc2_40_cbc(); +const(EVP_CIPHER)* EVP_rc2_64_cbc(); +const(EVP_CIPHER)* EVP_rc2_cfb64(); +alias EVP_rc2_cfb64 EVP_rc2_cfb; +const(EVP_CIPHER)* EVP_rc2_ofb(); +} +version(OPENSSL_NO_BF) {} else { +const(EVP_CIPHER)* EVP_bf_ecb(); +const(EVP_CIPHER)* EVP_bf_cbc(); +const(EVP_CIPHER)* EVP_bf_cfb64(); +alias EVP_bf_cfb64 EVP_bf_cfb; +const(EVP_CIPHER)* EVP_bf_ofb(); +} +version(OPENSSL_NO_CAST) {} else { +const(EVP_CIPHER)* EVP_cast5_ecb(); +const(EVP_CIPHER)* EVP_cast5_cbc(); +const(EVP_CIPHER)* EVP_cast5_cfb64(); +alias EVP_cast5_cfb64 EVP_cast5_cfb; +const(EVP_CIPHER)* EVP_cast5_ofb(); +} +version(OPENSSL_NO_RC5) {} else { +const(EVP_CIPHER)* EVP_rc5_32_12_16_cbc(); +const(EVP_CIPHER)* EVP_rc5_32_12_16_ecb(); +const(EVP_CIPHER)* EVP_rc5_32_12_16_cfb64(); +alias EVP_rc5_32_12_16_cfb64 EVP_rc5_32_12_16_cfb; +const(EVP_CIPHER)* EVP_rc5_32_12_16_ofb(); +} +version(OPENSSL_NO_AES) {} else { +const(EVP_CIPHER)* EVP_aes_128_ecb(); +const(EVP_CIPHER)* EVP_aes_128_cbc(); +const(EVP_CIPHER)* EVP_aes_128_cfb1(); +const(EVP_CIPHER)* EVP_aes_128_cfb8(); +const(EVP_CIPHER)* EVP_aes_128_cfb128(); +alias EVP_aes_128_cfb128 EVP_aes_128_cfb; +const(EVP_CIPHER)* EVP_aes_128_ofb(); +const(EVP_CIPHER)* EVP_aes_128_ctr(); +const(EVP_CIPHER)* EVP_aes_128_ccm(); +const(EVP_CIPHER)* EVP_aes_128_gcm(); +const(EVP_CIPHER)* EVP_aes_128_xts(); +const(EVP_CIPHER)* EVP_aes_192_ecb(); +const(EVP_CIPHER)* EVP_aes_192_cbc(); +const(EVP_CIPHER)* EVP_aes_192_cfb1(); +const(EVP_CIPHER)* EVP_aes_192_cfb8(); +const(EVP_CIPHER)* EVP_aes_192_cfb128(); +alias EVP_aes_192_cfb128 EVP_aes_192_cfb; +const(EVP_CIPHER)* EVP_aes_192_ofb(); +const(EVP_CIPHER)* EVP_aes_192_ctr(); +const(EVP_CIPHER)* EVP_aes_192_ccm(); +const(EVP_CIPHER)* EVP_aes_192_gcm(); +const(EVP_CIPHER)* EVP_aes_256_ecb(); +const(EVP_CIPHER)* EVP_aes_256_cbc(); +const(EVP_CIPHER)* EVP_aes_256_cfb1(); +const(EVP_CIPHER)* EVP_aes_256_cfb8(); +const(EVP_CIPHER)* EVP_aes_256_cfb128(); +alias EVP_aes_256_cfb128 EVP_aes_256_cfb; +const(EVP_CIPHER)* EVP_aes_256_ofb(); +const(EVP_CIPHER)* EVP_aes_256_ctr(); +const(EVP_CIPHER)* EVP_aes_256_ccm(); +const(EVP_CIPHER)* EVP_aes_256_gcm(); +const(EVP_CIPHER)* EVP_aes_256_xts(); +version(OPENSSL_NO_SHA) {} else version(OPENSSL_NO_SHA1) {} else { +const(EVP_CIPHER)* EVP_aes_128_cbc_hmac_sha1(); +const(EVP_CIPHER)* EVP_aes_256_cbc_hmac_sha1(); +} +} +version(OPENSSL_NO_CAMELLIA) {} else { +const(EVP_CIPHER)* EVP_camellia_128_ecb(); +const(EVP_CIPHER)* EVP_camellia_128_cbc(); +const(EVP_CIPHER)* EVP_camellia_128_cfb1(); +const(EVP_CIPHER)* EVP_camellia_128_cfb8(); +const(EVP_CIPHER)* EVP_camellia_128_cfb128(); +alias EVP_camellia_128_cfb128 EVP_camellia_128_cfb; +const(EVP_CIPHER)* EVP_camellia_128_ofb(); +const(EVP_CIPHER)* EVP_camellia_192_ecb(); +const(EVP_CIPHER)* EVP_camellia_192_cbc(); +const(EVP_CIPHER)* EVP_camellia_192_cfb1(); +const(EVP_CIPHER)* EVP_camellia_192_cfb8(); +const(EVP_CIPHER)* EVP_camellia_192_cfb128(); +alias EVP_camellia_192_cfb128 EVP_camellia_192_cfb; +const(EVP_CIPHER)* EVP_camellia_192_ofb(); +const(EVP_CIPHER)* EVP_camellia_256_ecb(); +const(EVP_CIPHER)* EVP_camellia_256_cbc(); +const(EVP_CIPHER)* EVP_camellia_256_cfb1(); +const(EVP_CIPHER)* EVP_camellia_256_cfb8(); +const(EVP_CIPHER)* EVP_camellia_256_cfb128(); +alias EVP_camellia_256_cfb128 EVP_camellia_256_cfb; +const(EVP_CIPHER)* EVP_camellia_256_ofb(); +} + +version(OPENSSL_NO_SEED) {} else { +const(EVP_CIPHER)* EVP_seed_ecb(); +const(EVP_CIPHER)* EVP_seed_cbc(); +const(EVP_CIPHER)* EVP_seed_cfb128(); +alias EVP_seed_cfb128 EVP_seed_cfb; +const(EVP_CIPHER)* EVP_seed_ofb(); +} + +void OPENSSL_add_all_algorithms_noconf(); +void OPENSSL_add_all_algorithms_conf(); + +version (OPENSSL_LOAD_CONF) { +alias OPENSSL_add_all_algorithms_conf OpenSSL_add_all_algorithms; +} else { +alias OPENSSL_add_all_algorithms_noconf OpenSSL_add_all_algorithms; +} + +void OpenSSL_add_all_ciphers(); +void OpenSSL_add_all_digests(); +alias OpenSSL_add_all_algorithms SSLeay_add_all_algorithms; +alias OpenSSL_add_all_ciphers SSLeay_add_all_ciphers; +alias OpenSSL_add_all_digests SSLeay_add_all_digests; + +int EVP_add_cipher(const(EVP_CIPHER)* cipher); +int EVP_add_digest(const(EVP_MD)* digest); + +const(EVP_CIPHER)* EVP_get_cipherbyname(const(char)* name); +const(EVP_MD)* EVP_get_digestbyname(const(char)* name); +void EVP_cleanup(); + +void EVP_CIPHER_do_all(ExternC!(void function(const(EVP_CIPHER)* ciph, + const(char)* from, const(char)* to, void* x)) fn, void* arg); +void EVP_CIPHER_do_all_sorted(ExternC!(void function(const(EVP_CIPHER)* ciph, + const(char)* from, const(char)* to, void* x)) fn, void* arg); + +void EVP_MD_do_all(ExternC!(void function(const(EVP_MD)* ciph, + const(char)* from, const(char)* to, void* x)) fn, void* arg); +void EVP_MD_do_all_sorted(ExternC!(void function(const(EVP_MD)* ciph, + const(char)* from, const(char)* to, void* x)) fn, void* arg); + +int EVP_PKEY_decrypt_old(ubyte* dec_key, + const(ubyte)* enc_key,int enc_key_len, + EVP_PKEY* private_key); +int EVP_PKEY_encrypt_old(ubyte* enc_key, + const(ubyte)* key,int key_len, + EVP_PKEY* pub_key); +int EVP_PKEY_type(int type); +int EVP_PKEY_id(const(EVP_PKEY)* pkey); +int EVP_PKEY_base_id(const(EVP_PKEY)* pkey); +int EVP_PKEY_bits(EVP_PKEY* pkey); +int EVP_PKEY_size(EVP_PKEY* pkey); +int EVP_PKEY_set_type(EVP_PKEY* pkey,int type); +int EVP_PKEY_set_type_str(EVP_PKEY* pkey, const(char)* str, int len); +int EVP_PKEY_assign(EVP_PKEY* pkey,int type,void* key); +void* EVP_PKEY_get0(EVP_PKEY* pkey); + +version(OPENSSL_NO_RSA) {} else { +import deimos.openssl.rsa; /*struct rsa_st;*/ +int EVP_PKEY_set1_RSA(EVP_PKEY* pkey,rsa_st* key); +rsa_st* EVP_PKEY_get1_RSA(EVP_PKEY* pkey); +} +version(OPENSSL_NO_DSA) {} else { +import deimos.openssl.dsa; /*struct dsa_st;*/ +int EVP_PKEY_set1_DSA(EVP_PKEY* pkey,dsa_st* key); +dsa_st* EVP_PKEY_get1_DSA(EVP_PKEY* pkey); +} +version(OPENSSL_NO_DH) {} else { +import deimos.openssl.dh; /*struct dh_st;*/ +int EVP_PKEY_set1_DH(EVP_PKEY* pkey,dh_st* key); +dh_st* EVP_PKEY_get1_DH(EVP_PKEY* pkey); +} +version(OPENSSL_NO_EC) {} else { +struct ec_key_st; +int EVP_PKEY_set1_EC_KEY(EVP_PKEY* pkey,ec_key_st* key); +ec_key_st* EVP_PKEY_get1_EC_KEY(EVP_PKEY* pkey); +} + +EVP_PKEY* EVP_PKEY_new(); +void EVP_PKEY_free(EVP_PKEY* pkey); + +EVP_PKEY* d2i_PublicKey(int type,EVP_PKEY** a, const(ubyte)** pp, + c_long length); +int i2d_PublicKey(EVP_PKEY* a, ubyte** pp); + +EVP_PKEY* d2i_PrivateKey(int type,EVP_PKEY** a, const(ubyte)** pp, + c_long length); +EVP_PKEY* d2i_AutoPrivateKey(EVP_PKEY** a, const(ubyte)** pp, + c_long length); +int i2d_PrivateKey(EVP_PKEY* a, ubyte** pp); + +int EVP_PKEY_copy_parameters(EVP_PKEY* to, const(EVP_PKEY)* from); +int EVP_PKEY_missing_parameters(const(EVP_PKEY)* pkey); +int EVP_PKEY_save_parameters(EVP_PKEY* pkey,int mode); +int EVP_PKEY_cmp_parameters(const(EVP_PKEY)* a, const(EVP_PKEY)* b); + +int EVP_PKEY_cmp(const(EVP_PKEY)* a, const(EVP_PKEY)* b); + +int EVP_PKEY_print_public(BIO* out_, const(EVP_PKEY)* pkey, + int indent, ASN1_PCTX* pctx); +int EVP_PKEY_print_private(BIO* out_, const(EVP_PKEY)* pkey, + int indent, ASN1_PCTX* pctx); +int EVP_PKEY_print_params(BIO* out_, const(EVP_PKEY)* pkey, + int indent, ASN1_PCTX* pctx); + +int EVP_PKEY_get_default_digest_nid(EVP_PKEY* pkey, int* pnid); + +int EVP_CIPHER_type(const(EVP_CIPHER)* ctx); + +/* calls methods */ +int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX* c, ASN1_TYPE* type); +int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX* c, ASN1_TYPE* type); + +/* These are used by EVP_CIPHER methods */ +int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX* c,ASN1_TYPE* type); +int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX* c,ASN1_TYPE* type); + +/* PKCS5 password based encryption */ +int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX* ctx, const(char)* pass, int passlen, + ASN1_TYPE* param, const(EVP_CIPHER)* cipher, const(EVP_MD)* md, + int en_de); +int PKCS5_PBKDF2_HMAC_SHA1(const(char)* pass, int passlen, + const(ubyte)* salt, int saltlen, int iter, + int keylen, ubyte* out_); +int PKCS5_PBKDF2_HMAC(const(char)* pass, int passlen, + const(ubyte)* salt, int saltlen, int iter, + const(EVP_MD)* digest, + int keylen, ubyte* out_); +int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX* ctx, const(char)* pass, int passlen, + ASN1_TYPE* param, const(EVP_CIPHER)* cipher, const(EVP_MD)* md, + int en_de); + +void PKCS5_PBE_add(); + +int EVP_PBE_CipherInit (ASN1_OBJECT* pbe_obj, const(char)* pass, int passlen, + ASN1_TYPE* param, EVP_CIPHER_CTX* ctx, int en_de); + +/* PBE type */ + +/* Can appear as the outermost AlgorithmIdentifier */ +enum EVP_PBE_TYPE_OUTER = 0x0; +/* Is an PRF type OID */ +enum EVP_PBE_TYPE_PRF = 0x1; + +int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid, + EVP_PBE_KEYGEN* keygen); +int EVP_PBE_alg_add(int nid, const(EVP_CIPHER)* cipher, const(EVP_MD)* md, + EVP_PBE_KEYGEN* keygen); +int EVP_PBE_find(int type, int pbe_nid, + int* pcnid, int* pmnid, EVP_PBE_KEYGEN** pkeygen); +void EVP_PBE_cleanup(); + +enum ASN1_PKEY_ALIAS = 0x1; +enum ASN1_PKEY_DYNAMIC = 0x2; +enum ASN1_PKEY_SIGPARAM_NULL = 0x4; + +enum ASN1_PKEY_CTRL_PKCS7_SIGN = 0x1; +enum ASN1_PKEY_CTRL_PKCS7_ENCRYPT = 0x2; +enum ASN1_PKEY_CTRL_DEFAULT_MD_NID = 0x3; +enum ASN1_PKEY_CTRL_CMS_SIGN = 0x5; +enum ASN1_PKEY_CTRL_CMS_ENVELOPE = 0x7; + +int EVP_PKEY_asn1_get_count(); +const(EVP_PKEY_ASN1_METHOD)* EVP_PKEY_asn1_get0(int idx); +const(EVP_PKEY_ASN1_METHOD)* EVP_PKEY_asn1_find(ENGINE** pe, int type); +const(EVP_PKEY_ASN1_METHOD)* EVP_PKEY_asn1_find_str(ENGINE** pe, + const(char)* str, int len); +int EVP_PKEY_asn1_add0(const(EVP_PKEY_ASN1_METHOD)* ameth); +int EVP_PKEY_asn1_add_alias(int to, int from); +int EVP_PKEY_asn1_get0_info(int* ppkey_id, int* pkey_base_id, int* ppkey_flags, + const(char)** pinfo, const(char)** ppem_str, + const(EVP_PKEY_ASN1_METHOD)* ameth); + +const(EVP_PKEY_ASN1_METHOD)* EVP_PKEY_get0_asn1(EVP_PKEY* pkey); +EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags, + const(char)* pem_str, const(char)* info); +void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD* dst, + const(EVP_PKEY_ASN1_METHOD)* src); +void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD* ameth); +void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD* ameth, + ExternC!(int function(EVP_PKEY* pk, X509_PUBKEY* pub)) pub_decode, + ExternC!(int function(X509_PUBKEY* pub, const(EVP_PKEY)* pk)) pub_encode, + ExternC!(int function(const(EVP_PKEY)* a, const(EVP_PKEY)* b)) pub_cmp, + ExternC!(int function(BIO* out_, const(EVP_PKEY)* pkey, int indent, + ASN1_PCTX* pctx)) pub_print, + ExternC!(int function(const(EVP_PKEY)* pk)) pkey_size, + ExternC!(int function(const(EVP_PKEY)* pk)) pkey_bits); +void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD* ameth, + ExternC!(int function(EVP_PKEY* pk, PKCS8_PRIV_KEY_INFO* p8inf)) priv_decode, + ExternC!(int function(PKCS8_PRIV_KEY_INFO* p8, const(EVP_PKEY)* pk)) priv_encode, + ExternC!(int function(BIO* out_, const(EVP_PKEY)* pkey, int indent, + ASN1_PCTX* pctx)) priv_print); +void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD* ameth, + ExternC!(int function(EVP_PKEY* pkey, + const(ubyte)** pder, int derlen)) param_decode, + ExternC!(int function(const(EVP_PKEY)* pkey, ubyte** pder)) param_encode, + ExternC!(int function(const(EVP_PKEY)* pk)) param_missing, + ExternC!(int function(EVP_PKEY* to, const(EVP_PKEY)* from)) param_copy, + ExternC!(int function(const(EVP_PKEY)* a, const(EVP_PKEY)* b)) param_cmp, + ExternC!(int function(BIO* out_, const(EVP_PKEY)* pkey, int indent, + ASN1_PCTX* pctx)) param_print); + +void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD* ameth, + ExternC!(void function(EVP_PKEY* pkey)) pkey_free); +void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD* ameth, + ExternC!(int function(EVP_PKEY* pkey, int op, + c_long arg1, void* arg2)) pkey_ctrl); + + +enum EVP_PKEY_OP_UNDEFINED = 0; +enum EVP_PKEY_OP_PARAMGEN = (1<<1); +enum EVP_PKEY_OP_KEYGEN = (1<<2); +enum EVP_PKEY_OP_SIGN = (1<<3); +enum EVP_PKEY_OP_VERIFY = (1<<4); +enum EVP_PKEY_OP_VERIFYRECOVER = (1<<5); +enum EVP_PKEY_OP_SIGNCTX = (1<<6); +enum EVP_PKEY_OP_VERIFYCTX = (1<<7); +enum EVP_PKEY_OP_ENCRYPT = (1<<8); +enum EVP_PKEY_OP_DECRYPT = (1<<9); +enum EVP_PKEY_OP_DERIVE = (1<<10); + +enum EVP_PKEY_OP_TYPE_SIG = + (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER + | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX); + +enum EVP_PKEY_OP_TYPE_CRYPT = + (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT); + +/+ BUG in original headers: EVP_PKEY_OP_SIG, EVP_PKEY_OP_CRYPT are not defined. +enum EVP_PKEY_OP_TYPE_NOGEN = + (EVP_PKEY_OP_SIG | EVP_PKEY_OP_CRYPT | EVP_PKEY_OP_DERIVE); ++/ + +enum EVP_PKEY_OP_TYPE_GEN = + (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN); + +auto EVP_PKEY_CTX_set_signature_md()(EVP_PKEY_CTX* ctx, void* md) { + return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, + EVP_PKEY_CTRL_MD, 0, md); +} + +enum EVP_PKEY_CTRL_MD = 1; +enum EVP_PKEY_CTRL_PEER_KEY = 2; + +enum EVP_PKEY_CTRL_PKCS7_ENCRYPT = 3; +enum EVP_PKEY_CTRL_PKCS7_DECRYPT = 4; + +enum EVP_PKEY_CTRL_PKCS7_SIGN = 5; + +enum EVP_PKEY_CTRL_SET_MAC_KEY = 6; + +enum EVP_PKEY_CTRL_DIGESTINIT = 7; + +/* Used by GOST key encryption in TLS */ +enum EVP_PKEY_CTRL_SET_IV = 8; + +enum EVP_PKEY_CTRL_CMS_ENCRYPT = 9; +enum EVP_PKEY_CTRL_CMS_DECRYPT = 10; +enum EVP_PKEY_CTRL_CMS_SIGN = 11; + +enum EVP_PKEY_CTRL_CIPHER = 12; + +enum EVP_PKEY_ALG_CTRL = 0x1000; + + +enum EVP_PKEY_FLAG_AUTOARGLEN = 2; +/* Method handles all operations: don't assume any digest related + * defaults. + */ +enum EVP_PKEY_FLAG_SIGCTX_CUSTOM = 4; + +const(EVP_PKEY_METHOD)* EVP_PKEY_meth_find(int type); +EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags); +void EVP_PKEY_meth_get0_info(int* ppkey_id, int* pflags, + const(EVP_PKEY_METHOD)* meth); +void EVP_PKEY_meth_copy(EVP_PKEY_METHOD* dst, const(EVP_PKEY_METHOD)* src); +void EVP_PKEY_meth_free(EVP_PKEY_METHOD* pmeth); +int EVP_PKEY_meth_add0(const(EVP_PKEY_METHOD)* pmeth); + +EVP_PKEY_CTX* EVP_PKEY_CTX_new(EVP_PKEY* pkey, ENGINE* e); +EVP_PKEY_CTX* EVP_PKEY_CTX_new_id(int id, ENGINE* e); +EVP_PKEY_CTX* EVP_PKEY_CTX_dup(EVP_PKEY_CTX* ctx); +void EVP_PKEY_CTX_free(EVP_PKEY_CTX* ctx); + +int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX* ctx, int keytype, int optype, + int cmd, int p1, void* p2); +int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX* ctx, const(char)* type, + const(char)* value); + +int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX* ctx); +void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX* ctx, int* dat, int datlen); + +EVP_PKEY* EVP_PKEY_new_mac_key(int type, ENGINE* e, + const(ubyte)* key, int keylen); + +void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX* ctx, void* data); +void* EVP_PKEY_CTX_get_data(EVP_PKEY_CTX* ctx); +EVP_PKEY* EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX* ctx); + +EVP_PKEY* EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX* ctx); + +void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX* ctx, void* data); +void* EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX* ctx); + +int EVP_PKEY_sign_init(EVP_PKEY_CTX* ctx); +int EVP_PKEY_sign(EVP_PKEY_CTX* ctx, + ubyte* sig, size_t* siglen, + const(ubyte)* tbs, size_t tbslen); +int EVP_PKEY_verify_init(EVP_PKEY_CTX* ctx); +int EVP_PKEY_verify(EVP_PKEY_CTX* ctx, + const(ubyte)* sig, size_t siglen, + const(ubyte)* tbs, size_t tbslen); +int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX* ctx); +int EVP_PKEY_verify_recover(EVP_PKEY_CTX* ctx, + ubyte* rout, size_t* routlen, + const(ubyte)* sig, size_t siglen); +int EVP_PKEY_encrypt_init(EVP_PKEY_CTX* ctx); +int EVP_PKEY_encrypt(EVP_PKEY_CTX* ctx, + ubyte* out_, size_t* outlen, + const(ubyte)* in_, size_t inlen); +int EVP_PKEY_decrypt_init(EVP_PKEY_CTX* ctx); +int EVP_PKEY_decrypt(EVP_PKEY_CTX* ctx, + ubyte* out_, size_t* outlen, + const(ubyte)* in_, size_t inlen); + +int EVP_PKEY_derive_init(EVP_PKEY_CTX* ctx); +int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX* ctx, EVP_PKEY* peer); +int EVP_PKEY_derive(EVP_PKEY_CTX* ctx, ubyte* key, size_t* keylen); + +alias typeof(*(ExternC!(int function(EVP_PKEY_CTX* ctx))).init) EVP_PKEY_gen_cb; + +int EVP_PKEY_paramgen_init(EVP_PKEY_CTX* ctx); +int EVP_PKEY_paramgen(EVP_PKEY_CTX* ctx, EVP_PKEY** ppkey); +int EVP_PKEY_keygen_init(EVP_PKEY_CTX* ctx); +int EVP_PKEY_keygen(EVP_PKEY_CTX* ctx, EVP_PKEY** ppkey); + +void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX* ctx, EVP_PKEY_gen_cb* cb); +EVP_PKEY_gen_cb* EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX* ctx); + +int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX* ctx, int idx); + +void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD* pmeth, + ExternC!(int function(EVP_PKEY_CTX* ctx)) init); + +void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD* pmeth, + ExternC!(int function(EVP_PKEY_CTX* dst, EVP_PKEY_CTX* src)) copy); + +void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD* pmeth, + ExternC!(void function(EVP_PKEY_CTX* ctx)) cleanup); + +void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD* pmeth, + ExternC!(int function(EVP_PKEY_CTX* ctx)) paramgen_init, + ExternC!(int function(EVP_PKEY_CTX* ctx, EVP_PKEY* pkey)) paramgen); + +void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD* pmeth, + ExternC!(int function(EVP_PKEY_CTX* ctx)) keygen_init, + ExternC!(int function(EVP_PKEY_CTX* ctx, EVP_PKEY* pkey)) keygen); + +void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD* pmeth, + ExternC!(int function(EVP_PKEY_CTX* ctx)) sign_init, + ExternC!(int function(EVP_PKEY_CTX* ctx, ubyte* sig, size_t* siglen, + const(ubyte)* tbs, size_t tbslen)) sign); + +void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD* pmeth, + ExternC!(int function(EVP_PKEY_CTX* ctx)) verify_init, + ExternC!(int function(EVP_PKEY_CTX* ctx, const(ubyte)* sig, size_t siglen, + const(ubyte)* tbs, size_t tbslen)) verify); + +void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD* pmeth, + ExternC!(int function(EVP_PKEY_CTX* ctx)) verify_recover_init, + ExternC!(int function(EVP_PKEY_CTX* ctx, + ubyte* sig, size_t* siglen, + const(ubyte)* tbs, size_t tbslen)) verify_recover); + +void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD* pmeth, + ExternC!(int function(EVP_PKEY_CTX* ctx, EVP_MD_CTX* mctx)) signctx_init, + ExternC!(int function(EVP_PKEY_CTX* ctx, ubyte* sig, size_t* siglen, + EVP_MD_CTX* mctx)) signctx); + +void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD* pmeth, + ExternC!(int function(EVP_PKEY_CTX* ctx, EVP_MD_CTX* mctx)) verifyctx_init, + ExternC!(int function(EVP_PKEY_CTX* ctx, const(ubyte)* sig,int siglen, + EVP_MD_CTX* mctx)) verifyctx); + +void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD* pmeth, + ExternC!(int function(EVP_PKEY_CTX* ctx)) encrypt_init, + ExternC!(int function(EVP_PKEY_CTX* ctx, ubyte* out_, size_t* outlen, + const(ubyte)* in_, size_t inlen)) encryptfn); + +void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD* pmeth, + ExternC!(int function(EVP_PKEY_CTX* ctx)) decrypt_init, + ExternC!(int function(EVP_PKEY_CTX* ctx, ubyte* out_, size_t* outlen, + const(ubyte)* in_, size_t inlen)) decrypt); + +void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD* pmeth, + ExternC!(int function(EVP_PKEY_CTX* ctx)) derive_init, + ExternC!(int function(EVP_PKEY_CTX* ctx, ubyte* key, size_t* keylen)) derive); + +void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD* pmeth, + ExternC!(int function(EVP_PKEY_CTX* ctx, int type, int p1, void* p2)) ctrl, + ExternC!(int function(EVP_PKEY_CTX* ctx, + const(char)* type, const(char)* value)) ctrl_str); + +void EVP_add_alg_module(); + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_EVP_strings(); + +/* Error codes for the EVP functions. */ + +/* Function codes. */ +enum EVP_F_AESNI_INIT_KEY = 165; +enum EVP_F_AESNI_XTS_CIPHER = 176; +enum EVP_F_AES_INIT_KEY = 133; +enum EVP_F_AES_XTS = 172; +enum EVP_F_AES_XTS_CIPHER = 175; +enum EVP_F_ALG_MODULE_INIT = 177; +enum EVP_F_CAMELLIA_INIT_KEY = 159; +enum EVP_F_CMAC_INIT = 173; +enum EVP_F_D2I_PKEY = 100; +enum EVP_F_DO_SIGVER_INIT = 161; +enum EVP_F_DSAPKEY2PKCS8 = 134; +enum EVP_F_DSA_PKEY2PKCS8 = 135; +enum EVP_F_ECDSA_PKEY2PKCS8 = 129; +enum EVP_F_ECKEY_PKEY2PKCS8 = 132; +enum EVP_F_EVP_CIPHERINIT_EX = 123; +enum EVP_F_EVP_CIPHER_CTX_COPY = 163; +enum EVP_F_EVP_CIPHER_CTX_CTRL = 124; +enum EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH = 122; +enum EVP_F_EVP_DECRYPTFINAL_EX = 101; +enum EVP_F_EVP_DIGESTINIT_EX = 128; +enum EVP_F_EVP_ENCRYPTFINAL_EX = 127; +enum EVP_F_EVP_MD_CTX_COPY_EX = 110; +enum EVP_F_EVP_MD_SIZE = 162; +enum EVP_F_EVP_OPENINIT = 102; +enum EVP_F_EVP_PBE_ALG_ADD = 115; +enum EVP_F_EVP_PBE_ALG_ADD_TYPE = 160; +enum EVP_F_EVP_PBE_CIPHERINIT = 116; +enum EVP_F_EVP_PKCS82PKEY = 111; +enum EVP_F_EVP_PKCS82PKEY_BROKEN = 136; +enum EVP_F_EVP_PKEY2PKCS8_BROKEN = 113; +enum EVP_F_EVP_PKEY_COPY_PARAMETERS = 103; +enum EVP_F_EVP_PKEY_CTX_CTRL = 137; +enum EVP_F_EVP_PKEY_CTX_CTRL_STR = 150; +enum EVP_F_EVP_PKEY_CTX_DUP = 156; +enum EVP_F_EVP_PKEY_DECRYPT = 104; +enum EVP_F_EVP_PKEY_DECRYPT_INIT = 138; +enum EVP_F_EVP_PKEY_DECRYPT_OLD = 151; +enum EVP_F_EVP_PKEY_DERIVE = 153; +enum EVP_F_EVP_PKEY_DERIVE_INIT = 154; +enum EVP_F_EVP_PKEY_DERIVE_SET_PEER = 155; +enum EVP_F_EVP_PKEY_ENCRYPT = 105; +enum EVP_F_EVP_PKEY_ENCRYPT_INIT = 139; +enum EVP_F_EVP_PKEY_ENCRYPT_OLD = 152; +enum EVP_F_EVP_PKEY_GET1_DH = 119; +enum EVP_F_EVP_PKEY_GET1_DSA = 120; +enum EVP_F_EVP_PKEY_GET1_ECDSA = 130; +enum EVP_F_EVP_PKEY_GET1_EC_KEY = 131; +enum EVP_F_EVP_PKEY_GET1_RSA = 121; +enum EVP_F_EVP_PKEY_KEYGEN = 146; +enum EVP_F_EVP_PKEY_KEYGEN_INIT = 147; +enum EVP_F_EVP_PKEY_NEW = 106; +enum EVP_F_EVP_PKEY_PARAMGEN = 148; +enum EVP_F_EVP_PKEY_PARAMGEN_INIT = 149; +enum EVP_F_EVP_PKEY_SIGN = 140; +enum EVP_F_EVP_PKEY_SIGN_INIT = 141; +enum EVP_F_EVP_PKEY_VERIFY = 142; +enum EVP_F_EVP_PKEY_VERIFY_INIT = 143; +enum EVP_F_EVP_PKEY_VERIFY_RECOVER = 144; +enum EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT = 145; +enum EVP_F_EVP_RIJNDAEL = 126; +enum EVP_F_EVP_SIGNFINAL = 107; +enum EVP_F_EVP_VERIFYFINAL = 108; +enum EVP_F_FIPS_CIPHERINIT = 166; +enum EVP_F_FIPS_CIPHER_CTX_COPY = 170; +enum EVP_F_FIPS_CIPHER_CTX_CTRL = 167; +enum EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH = 171; +enum EVP_F_FIPS_DIGESTINIT = 168; +enum EVP_F_FIPS_MD_CTX_COPY = 169; +enum EVP_F_HMAC_INIT_EX = 174; +enum EVP_F_INT_CTX_NEW = 157; +enum EVP_F_PKCS5_PBE_KEYIVGEN = 117; +enum EVP_F_PKCS5_V2_PBE_KEYIVGEN = 118; +enum EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN = 164; +enum EVP_F_PKCS8_SET_BROKEN = 112; +enum EVP_F_PKEY_SET_TYPE = 158; +enum EVP_F_RC2_MAGIC_TO_METH = 109; +enum EVP_F_RC5_CTRL = 125; + +/* Reason codes. */ +enum EVP_R_AES_IV_SETUP_FAILED = 162; +enum EVP_R_AES_KEY_SETUP_FAILED = 143; +enum EVP_R_ASN1_LIB = 140; +enum EVP_R_BAD_BLOCK_LENGTH = 136; +enum EVP_R_BAD_DECRYPT = 100; +enum EVP_R_BAD_KEY_LENGTH = 137; +enum EVP_R_BN_DECODE_ERROR = 112; +enum EVP_R_BN_PUBKEY_ERROR = 113; +enum EVP_R_BUFFER_TOO_SMALL = 155; +enum EVP_R_CAMELLIA_KEY_SETUP_FAILED = 157; +enum EVP_R_CIPHER_PARAMETER_ERROR = 122; +enum EVP_R_COMMAND_NOT_SUPPORTED = 147; +enum EVP_R_CTRL_NOT_IMPLEMENTED = 132; +enum EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED = 133; +enum EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH = 138; +enum EVP_R_DECODE_ERROR = 114; +enum EVP_R_DIFFERENT_KEY_TYPES = 101; +enum EVP_R_DIFFERENT_PARAMETERS = 153; +enum EVP_R_DISABLED_FOR_FIPS = 163; +enum EVP_R_ENCODE_ERROR = 115; +enum EVP_R_ERROR_LOADING_SECTION = 165; +enum EVP_R_ERROR_SETTING_FIPS_MODE = 166; +enum EVP_R_EVP_PBE_CIPHERINIT_ERROR = 119; +enum EVP_R_EXPECTING_AN_RSA_KEY = 127; +enum EVP_R_EXPECTING_A_DH_KEY = 128; +enum EVP_R_EXPECTING_A_DSA_KEY = 129; +enum EVP_R_EXPECTING_A_ECDSA_KEY = 141; +enum EVP_R_EXPECTING_A_EC_KEY = 142; +enum EVP_R_FIPS_MODE_NOT_SUPPORTED = 167; +enum EVP_R_INITIALIZATION_ERROR = 134; +enum EVP_R_INPUT_NOT_INITIALIZED = 111; +enum EVP_R_INVALID_DIGEST = 152; +enum EVP_R_INVALID_FIPS_MODE = 168; +enum EVP_R_INVALID_KEY_LENGTH = 130; +enum EVP_R_INVALID_OPERATION = 148; +enum EVP_R_IV_TOO_LARGE = 102; +enum EVP_R_KEYGEN_FAILURE = 120; +enum EVP_R_MESSAGE_DIGEST_IS_NULL = 159; +enum EVP_R_METHOD_NOT_SUPPORTED = 144; +enum EVP_R_MISSING_PARAMETERS = 103; +enum EVP_R_NO_CIPHER_SET = 131; +enum EVP_R_NO_DEFAULT_DIGEST = 158; +enum EVP_R_NO_DIGEST_SET = 139; +enum EVP_R_NO_DSA_PARAMETERS = 116; +enum EVP_R_NO_KEY_SET = 154; +enum EVP_R_NO_OPERATION_SET = 149; +enum EVP_R_NO_SIGN_FUNCTION_CONFIGURED = 104; +enum EVP_R_NO_VERIFY_FUNCTION_CONFIGURED = 105; +enum EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE = 150; +enum EVP_R_OPERATON_NOT_INITIALIZED = 151; +enum EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE = 117; +enum EVP_R_PRIVATE_KEY_DECODE_ERROR = 145; +enum EVP_R_PRIVATE_KEY_ENCODE_ERROR = 146; +enum EVP_R_PUBLIC_KEY_NOT_RSA = 106; +enum EVP_R_TOO_LARGE = 164; +enum EVP_R_UNKNOWN_CIPHER = 160; +enum EVP_R_UNKNOWN_DIGEST = 161; +enum EVP_R_UNKNOWN_OPTION = 169; +enum EVP_R_UNKNOWN_PBE_ALGORITHM = 121; +enum EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS = 135; +enum EVP_R_UNSUPPORTED_ALGORITHM = 156; +enum EVP_R_UNSUPPORTED_CIPHER = 107; +enum EVP_R_UNSUPPORTED_KEYLENGTH = 123; +enum EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION = 124; +enum EVP_R_UNSUPPORTED_KEY_SIZE = 108; +enum EVP_R_UNSUPPORTED_PRF = 125; +enum EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM = 118; +enum EVP_R_UNSUPPORTED_SALT_TYPE = 126; +enum EVP_R_WRONG_FINAL_BLOCK_LENGTH = 109; +enum EVP_R_WRONG_PUBLIC_KEY_TYPE = 110; diff --git a/deimos/openssl/hmac.d b/deimos/openssl/hmac.d new file mode 100644 index 0000000..ed71e5e --- /dev/null +++ b/deimos/openssl/hmac.d @@ -0,0 +1,104 @@ +/* crypto/hmac/hmac.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +module deimos.openssl.hmac; + +import deimos.openssl._d_util; + +public import deimos.openssl.opensslconf; + +version (OPENSSL_NO_HMAC) { + static assert(false, "HMAC is disabled."); +} + +public import deimos.openssl.evp; + +enum HMAC_MAX_MD_CBLOCK = 128; /* largest known is SHA512 */ + +extern (C): +nothrow: + +struct hmac_ctx_st { + const(EVP_MD)* md; + EVP_MD_CTX md_ctx; + EVP_MD_CTX i_ctx; + EVP_MD_CTX o_ctx; + uint key_length; + ubyte[HMAC_MAX_MD_CBLOCK] key; + } +alias hmac_ctx_st HMAC_CTX; + +auto HMAC_size()(HMAC_CTX* e) { return EVP_MD_size(e.md); } + + +void HMAC_CTX_init(HMAC_CTX* ctx); +void HMAC_CTX_cleanup(HMAC_CTX* ctx); + +alias HMAC_CTX_cleanup HMAC_cleanup; /* deprecated */ + +int HMAC_Init(HMAC_CTX* ctx, const(void)* key, int len, + const(EVP_MD)* md); /* deprecated */ +int HMAC_Init_ex(HMAC_CTX* ctx, const(void)* key, int len, + const(EVP_MD)* md, ENGINE* impl); +int HMAC_Update(HMAC_CTX* ctx, const(ubyte)* data, size_t len); +int HMAC_Final(HMAC_CTX* ctx, ubyte* md, uint* len); +ubyte* HMAC(const(EVP_MD)* evp_md, const(void)* key, int key_len, + const(ubyte)* d, size_t n, ubyte* md, + uint* md_len); +int HMAC_CTX_copy(HMAC_CTX* dctx, HMAC_CTX* sctx); + +void HMAC_CTX_set_flags(HMAC_CTX* ctx, c_ulong flags); diff --git a/deimos/openssl/idea.d b/deimos/openssl/idea.d new file mode 100644 index 0000000..d737d67 --- /dev/null +++ b/deimos/openssl/idea.d @@ -0,0 +1,98 @@ +/* crypto/idea/idea.h */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.idea; + +import deimos.openssl._d_util; + +public import deimos.openssl.opensslconf; /* IDEA_INT, OPENSSL_NO_IDEA */ + +version (OPENSSL_NO_IDEA) { + static assert(false, "IDEA is disabled."); +} + +enum IDEA_ENCRYPT = 1; +enum IDEA_DECRYPT = 0; + +enum IDEA_BLOCK = 8; +enum IDEA_KEY_LENGTH = 16; + +extern (C): +nothrow: + +struct idea_key_st { + IDEA_INT[9][6] data; + } +alias idea_key_st IDEA_KEY_SCHEDULE; + +const(char)* idea_options(); +void idea_ecb_encrypt(const(ubyte)* in_, ubyte* out_, + IDEA_KEY_SCHEDULE* ks); +version(OPENSSL_FIPS) { + void private_idea_set_encrypt_key(const(ubyte)* key, IDEA_KEY_SCHEDULE* ks); +} +void idea_set_encrypt_key(const(ubyte)* key, IDEA_KEY_SCHEDULE* ks); +void idea_set_decrypt_key(IDEA_KEY_SCHEDULE* ek, IDEA_KEY_SCHEDULE* dk); +void idea_cbc_encrypt(const(ubyte)* in_, ubyte* out_, + c_long length, IDEA_KEY_SCHEDULE* ks, ubyte* iv,int enc); +void idea_cfb64_encrypt(const(ubyte)* in_, ubyte* out_, + c_long length, IDEA_KEY_SCHEDULE* ks, ubyte* iv, + int* num,int enc); +void idea_ofb64_encrypt(const(ubyte)* in_, ubyte* out_, + c_long length, IDEA_KEY_SCHEDULE* ks, ubyte* iv, int* num); +void idea_encrypt(c_ulong* in_, IDEA_KEY_SCHEDULE* ks); diff --git a/deimos/openssl/krb5_asn.d b/deimos/openssl/krb5_asn.d new file mode 100644 index 0000000..edcfbda --- /dev/null +++ b/deimos/openssl/krb5_asn.d @@ -0,0 +1,252 @@ +/* krb5_asn.h */ +/* Written by Vern Staats for the OpenSSL project, +** using ocsp/{*.h,*asn*.c} as a starting point +*/ + +/* ==================================================================== + * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +module deimos.openssl.krb5_asn; + +import deimos.openssl._d_util; + +import deimos.openssl.asn1; + +/* +#include +*/ +public import deimos.openssl.safestack; + +extern (C): +nothrow: + + +/* ASN.1 from Kerberos RFC 1510 +*/ + +/* EncryptedData ::= SEQUENCE { +** etype[0] INTEGER, -- EncryptionType +** kvno[1] INTEGER OPTIONAL, +** cipher[2] OCTET STRING -- ciphertext +** } +*/ +struct krb5_encdata_st { + ASN1_INTEGER* etype; + ASN1_INTEGER* kvno; + ASN1_OCTET_STRING* cipher; + } +alias krb5_encdata_st KRB5_ENCDATA; + +/+mixin DECLARE_STACK_OF!(KRB5_ENCDATA);+/ + +/* PrincipalName ::= SEQUENCE { +** name-type[0] INTEGER, +** name-string[1] SEQUENCE OF GeneralString +** } +*/ +struct krb5_princname_st { + ASN1_INTEGER* nametype; + STACK_OF!(ASN1_GENERALSTRING) *namestring; + } +alias krb5_princname_st KRB5_PRINCNAME; + +/+mixin DECLARE_STACK_OF!(KRB5_PRINCNAME);+/ + + +/* Ticket ::= [APPLICATION 1] SEQUENCE { +** tkt-vno[0] INTEGER, +** realm[1] Realm, +** sname[2] PrincipalName, +** enc-part[3] EncryptedData +** } +*/ +struct krb5_tktbody_st { + ASN1_INTEGER* tktvno; + ASN1_GENERALSTRING* realm; + KRB5_PRINCNAME* sname; + KRB5_ENCDATA* encdata; + } +alias krb5_tktbody_st KRB5_TKTBODY; + +alias STACK_OF!(KRB5_TKTBODY) KRB5_TICKET; +/+mixin DECLARE_STACK_OF!(KRB5_TKTBODY);+/ + + +/* AP-REQ ::= [APPLICATION 14] SEQUENCE { +** pvno[0] INTEGER, +** msg-type[1] INTEGER, +** ap-options[2] APOptions, +** ticket[3] Ticket, +** authenticator[4] EncryptedData +** } +** +** APOptions ::= BIT STRING { +** reserved(0), use-session-key(1), mutual-required(2) } +*/ +struct krb5_ap_req_st { + ASN1_INTEGER* pvno; + ASN1_INTEGER* msgtype; + ASN1_BIT_STRING* apoptions; + KRB5_TICKET* ticket; + KRB5_ENCDATA* authenticator; + } +alias krb5_ap_req_st KRB5_APREQBODY; + +alias STACK_OF!(KRB5_APREQBODY) KRB5_APREQ; +/+mixin DECLARE_STACK_OF!(KRB5_APREQBODY);+/ + + +/* Authenticator Stuff */ + + +/* Checksum ::= SEQUENCE { +** cksumtype[0] INTEGER, +** checksum[1] OCTET STRING +** } +*/ +struct krb5_checksum_st { + ASN1_INTEGER* ctype; + ASN1_OCTET_STRING* checksum; + } +alias krb5_checksum_st KRB5_CHECKSUM; + +/+mixin DECLARE_STACK_OF!(KRB5_CHECKSUM);+/ + + +/* EncryptionKey ::= SEQUENCE { +** keytype[0] INTEGER, +** keyvalue[1] OCTET STRING +** } +*/ +struct krb5_encryptionkey_st { + ASN1_INTEGER* ktype; + ASN1_OCTET_STRING* keyvalue; + } +alias krb5_encryptionkey_st KRB5_ENCKEY; + +/+mixin DECLARE_STACK_OF!(KRB5_ENCKEY);+/ + + +/* AuthorizationData ::= SEQUENCE OF SEQUENCE { +** ad-type[0] INTEGER, +** ad-data[1] OCTET STRING +** } +*/ +struct krb5_authorization_st { + ASN1_INTEGER* adtype; + ASN1_OCTET_STRING* addata; + } +alias krb5_authorization_st KRB5_AUTHDATA; + +/+mixin DECLARE_STACK_OF!(KRB5_AUTHDATA);+/ + + +/* -- Unencrypted authenticator +** Authenticator ::= [APPLICATION 2] SEQUENCE { +** authenticator-vno[0] INTEGER, +** crealm[1] Realm, +** cname[2] PrincipalName, +** cksum[3] Checksum OPTIONAL, +** cusec[4] INTEGER, +** ctime[5] KerberosTime, +** subkey[6] EncryptionKey OPTIONAL, +** seq-number[7] INTEGER OPTIONAL, +** authorization-data[8] AuthorizationData OPTIONAL +** } +*/ +struct krb5_authenticator_st { + ASN1_INTEGER* avno; + ASN1_GENERALSTRING* crealm; + KRB5_PRINCNAME* cname; + KRB5_CHECKSUM* cksum; + ASN1_INTEGER* cusec; + ASN1_GENERALIZEDTIME* ctime; + KRB5_ENCKEY* subkey; + ASN1_INTEGER* seqnum; + KRB5_AUTHDATA* authorization; + } +alias krb5_authenticator_st KRB5_AUTHENTBODY; + +alias STACK_OF!(KRB5_AUTHENTBODY) KRB5_AUTHENT; +/+mixin DECLARE_STACK_OF!(KRB5_AUTHENTBODY);+/ + + +/* DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) = +** type* name##_new(); +** void name##_free(type* a); +** DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) = +** DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) = +** type* d2i_##name(type** a, const(ubyte)** in_, c_long len); +** int i2d_##name(type* a, ubyte** out_); +** DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it +*/ + +mixin(DECLARE_ASN1_FUNCTIONS!"KRB5_ENCDATA"); +mixin(DECLARE_ASN1_FUNCTIONS!"KRB5_PRINCNAME"); +mixin(DECLARE_ASN1_FUNCTIONS!"KRB5_TKTBODY"); +mixin(DECLARE_ASN1_FUNCTIONS!"KRB5_APREQBODY"); +mixin(DECLARE_ASN1_FUNCTIONS!"KRB5_TICKET"); +mixin(DECLARE_ASN1_FUNCTIONS!"KRB5_APREQ"); + +mixin(DECLARE_ASN1_FUNCTIONS!"KRB5_CHECKSUM"); +mixin(DECLARE_ASN1_FUNCTIONS!"KRB5_ENCKEY"); +mixin(DECLARE_ASN1_FUNCTIONS!"KRB5_AUTHDATA"); +mixin(DECLARE_ASN1_FUNCTIONS!"KRB5_AUTHENTBODY"); +mixin(DECLARE_ASN1_FUNCTIONS!"KRB5_AUTHENT"); + + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ diff --git a/deimos/openssl/kssl.d b/deimos/openssl/kssl.d new file mode 100644 index 0000000..0a9003c --- /dev/null +++ b/deimos/openssl/kssl.d @@ -0,0 +1,194 @@ +/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */ +/* Written by Vern Staats for the OpenSSL project 2000. + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +/* +** 19990701 VRS Started. +*/ + +module deimos.openssl.kssl; + +public import deimos.openssl.opensslconf; + +// FIXME: krb5.h port available, thus not yet usable. +version (OPENSSL_NO_KRB5) {} else { + +import core.stdc.stdio; +// #include +// #include +// #ifdef OPENSSL_SYS_WIN32 +// /* These can sometimes get redefined indirectly by krb5 header files +// * after they get undefed in ossl_typ.h +// */ +// #undef X509_NAME +// #undef X509_EXTENSIONS +// #undef OCSP_REQUEST +// #undef OCSP_RESPONSE +// #endif + +extern (C): +nothrow: + +/* +** Depending on which KRB5 implementation used, some types from +** the other may be missing. Resolve that here and now +*/ +// #ifdef KRB5_HEIMDAL +alias ubyte krb5_octet; +// #define FAR +// #else + +//#ifndef FAR +//#define FAR +//#endif + + +/* Uncomment this to debug kssl problems or +** to trace usage of the Kerberos session key +** +** #define KSSL_DEBUG +*/ + +// #ifndef KRB5SVC +enum KRB5SVC = "host"; +// #endif + +// #ifndef KRB5KEYTAB +enum KRB5KEYTAB = "/etc/krb5.keytab"; +// #endif + +// #ifndef KRB5SENDAUTH +enum KRB5SENDAUTH = 1; +// #endif + +// #ifndef KRB5CHECKAUTH +enum KRB5CHECKAUTH = 1; +// #endif + +// #ifndef KSSL_CLOCKSKEW +enum KSSL_CLOCKSKEW = 300;; +// #endif + +enum KSSL_ERR_MAX = 255; +struct kssl_err_st { + int reason; + char[KSSL_ERR_MAX+1] text; + } +alias kssl_err_st KSSL_ERR; + + + +// FIXME: krb5.h not available, thus just declare an opaque type. +struct KSSL_CTX; +/+ +/* Context for passing +** (1) Kerberos session key to SSL, and +** (2) Config data between application and SSL lib +*/ +struct kssl_ctx_st { + /* used by: disposition: */ + char* service_name; /* C,S default ok (kssl) */ + char* service_host; /* C input, REQUIRED */ + char* client_princ; /* S output from krb5 ticket */ + char* keytab_file; /* S NULL (/etc/krb5.keytab) */ + char* cred_cache; /* C NULL (default) */ + krb5_enctype enctype; + int length; + krb5_octet* key; + } +alias kssl_ctx_st KSSL_CTX; ++/ + +enum KSSL_CLIENT = 1; +enum KSSL_SERVER = 2; +enum KSSL_SERVICE = 3; +enum KSSL_KEYTAB = 4; + +enum KSSL_CTX_OK = 0; +enum KSSL_CTX_ERR = 1; +enum KSSL_NOMEM = 2; + +/* Public (for use by applications that use OpenSSL with Kerberos 5 support */ +// FIXME: krb5.h not available. +/+krb5_error_code kssl_ctx_setstring(KSSL_CTX* kssl_ctx, int which, char* text); +KSSL_CTX* kssl_ctx_new(); +KSSL_CTX* kssl_ctx_free(KSSL_CTX* kssl_ctx); +void kssl_ctx_show(KSSL_CTX* kssl_ctx); +krb5_error_code kssl_ctx_setprinc(KSSL_CTX* kssl_ctx, int which, + krb5_data* realm, krb5_data* entity, int nentities); +krb5_error_code kssl_cget_tkt(KSSL_CTX* kssl_ctx, krb5_data** enc_tktp, + krb5_data* authenp, KSSL_ERR* kssl_err); +krb5_error_code kssl_sget_tkt(KSSL_CTX* kssl_ctx, krb5_data* indata, + krb5_ticket_times* ttimes, KSSL_ERR* kssl_err); +krb5_error_code kssl_ctx_setkey(KSSL_CTX* kssl_ctx, krb5_keyblock* session); +void kssl_err_set(KSSL_ERR* kssl_err, int reason, char* text); +void kssl_krb5_free_data_contents(krb5_context context, krb5_data* data); +krb5_error_code kssl_build_principal_2(krb5_context context, + krb5_principal* princ, int rlen, const(char)* realm, + int slen, const(char)* svc, int hlen, const(char)* host); +krb5_error_code kssl_validate_times(krb5_timestamp atime, + krb5_ticket_times* ttimes); +krb5_error_code kssl_check_authent(KSSL_CTX* kssl_ctx, krb5_data* authentp, + krb5_timestamp* atimep, KSSL_ERR* kssl_err); +ubyte* kssl_skip_confound(krb5_enctype enctype, ubyte* authn);+/ + +import deimos.openssl.ssl : SSL; +void SSL_set0_kssl_ctx(SSL* s, KSSL_CTX* kctx); +KSSL_CTX* SSL_get0_kssl_ctx(SSL* s); +char* kssl_ctx_get0_client_princ(KSSL_CTX* kctx); + +} diff --git a/deimos/openssl/lhash.d b/deimos/openssl/lhash.d new file mode 100644 index 0000000..49b8533 --- /dev/null +++ b/deimos/openssl/lhash.d @@ -0,0 +1,242 @@ +/* crypto/lhash/lhash.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* Header for dynamic hash table routines + * Author - Eric Young + */ + +module deimos.openssl.lhash; + +import deimos.openssl._d_util; + +public import deimos.openssl.e_os2; +version(OPENSSL_NO_FP_API) {} else { +import core.stdc.stdio; +} + +version(OPENSSL_NO_BIO) {} else { +public import deimos.openssl.bio; +} + +extern (C): +nothrow: + +struct lhash_node_st { + void* data; + lhash_node_st* next; +version(OPENSSL_NO_HASH_COMP) {} else { + c_ulong hash; +} + } +alias lhash_node_st LHASH_NODE; + +alias ExternC!(int function(const(void)*, const(void)*)) LHASH_COMP_FN_TYPE; +alias ExternC!(c_ulong function(const(void)*)) LHASH_HASH_FN_TYPE; +alias ExternC!(void function(void*)) LHASH_DOALL_FN_TYPE; +alias ExternC!(void function(void*, void*)) LHASH_DOALL_ARG_FN_TYPE; + +/* Macros for declaring and implementing type-safe wrappers for LHASH callbacks. + * This way, callbacks can be provided to LHASH structures without function + * pointer casting and the macro-defined callbacks provide per-variable casting + * before deferring to the underlying type-specific callbacks. NB: It is + * possible to place a "static" in front of both the DECLARE and IMPLEMENT + * macros if the functions are strictly internal. */ + +/+ FIXME: Not yet ported. +/* First: "hash" functions */ +#define DECLARE_LHASH_HASH_FN(name, o_type) \ + c_ulong name##_LHASH_HASH(const(void)*); +#define IMPLEMENT_LHASH_HASH_FN(name, o_type) \ + c_ulong name##_LHASH_HASH(const(void)* arg) { \ + const(o_type)* a = arg; \ + return name##_hash(a); } +#define LHASH_HASH_FN(name) name##_LHASH_HASH + +/* Second: "compare" functions */ +#define DECLARE_LHASH_COMP_FN(name, o_type) \ + int name##_LHASH_COMP(const(void)*, const(void)*); +#define IMPLEMENT_LHASH_COMP_FN(name, o_type) \ + int name##_LHASH_COMP(const(void)* arg1, const(void)* arg2) { \ + const(o_type)* a = arg1; \ + const(o_type)* b = arg2; \ + return name##_cmp(a,b); } +#define LHASH_COMP_FN(name) name##_LHASH_COMP + +/* Third: "doall" functions */ +#define DECLARE_LHASH_DOALL_FN(name, o_type) \ + void name##_LHASH_DOALL(void*); +#define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \ + void name##_LHASH_DOALL(void* arg) { \ + o_type* a = arg; \ + name##_doall(a); } +#define LHASH_DOALL_FN(name) name##_LHASH_DOALL + +/* Fourth: "doall_arg" functions */ +#define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \ + void name##_LHASH_DOALL_ARG(void*, void*); +#define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \ + void name##_LHASH_DOALL_ARG(void* arg1, void* arg2) { \ + o_type* a = arg1; \ + a_type* b = arg2; \ + name##_doall_arg(a, b); } +#define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG ++/ + +struct lhash_st { + LHASH_NODE** b; + LHASH_COMP_FN_TYPE comp; + LHASH_HASH_FN_TYPE hash; + uint num_nodes; + uint num_alloc_nodes; + uint p; + uint pmax; + c_ulong up_load; /* load times 256 */ + c_ulong down_load; /* load times 256 */ + c_ulong num_items; + + c_ulong num_expands; + c_ulong num_expand_reallocs; + c_ulong num_contracts; + c_ulong num_contract_reallocs; + c_ulong num_hash_calls; + c_ulong num_comp_calls; + c_ulong num_insert; + c_ulong num_replace; + c_ulong num_delete; + c_ulong num_no_delete; + c_ulong num_retrieve; + c_ulong num_retrieve_miss; + c_ulong num_hash_comps; + + int error; + } +alias lhash_st _LHASH; /* Do not use _LHASH directly, use LHASH_OF + * and friends */ + +enum LH_LOAD_MULT = 256; + +/* Indicates a malloc() error in the last call, this is only bad + * in lh_insert(). */ +auto lh_error()(_LHASH* lh) { return lh.error; } + +_LHASH* lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c); +void lh_free(_LHASH* lh); +void* lh_insert(_LHASH* lh, void* data); +void* lh_delete(_LHASH* lh, const(void)* data); +void* lh_retrieve(_LHASH* lh, const(void)* data); +void lh_doall(_LHASH* lh, LHASH_DOALL_FN_TYPE func); +void lh_doall_arg(_LHASH* lh, LHASH_DOALL_ARG_FN_TYPE func, void* arg); +c_ulong lh_strhash(const(char)* c); +c_ulong lh_num_items(const(_LHASH)* lh); + +version(OPENSSL_NO_FP_API) {} else { +void lh_stats(const(_LHASH)* lh, FILE* out_); +void lh_node_stats(const(_LHASH)* lh, FILE* out_); +void lh_node_usage_stats(const(_LHASH)* lh, FILE* out_); +} + +version(OPENSSL_NO_BIO) {} else { +void lh_stats_bio(const(_LHASH)* lh, BIO* out_); +void lh_node_stats_bio(const(_LHASH)* lh, BIO* out_); +void lh_node_usage_stats_bio(const(_LHASH)* lh, BIO* out_); +} + +/* Type checking... */ + +struct LHASH_OF (type) { + int dummy; +} + +// Empty because we use LHASH_OF directly as a struct. +mixin template DECLARE_LHASH_OF (type) {} + +auto CHECKED_LHASH_OF (type)(LHASH_OF!type* lh) { + return cast(_LHASH*)CHECKED_PTR_OF!(LHASH_OF!type)(lh); +} + +/+ FIXME: Not yet ported. +/* Define wrapper functions. */ +#define LHM_lh_new(type, name) \ + ((LHASH_OF!(type) *)lh_new(LHASH_HASH_FN(name), LHASH_COMP_FN(name))) +#define LHM_lh_error(type, lh) \ + lh_error(CHECKED_LHASH_OF(type,lh)) +#define LHM_lh_insert(type, lh, inst) \ + ((type*)lh_insert(CHECKED_LHASH_OF(type, lh), \ + CHECKED_PTR_OF(type, inst))) +#define LHM_lh_retrieve(type, lh, inst) \ + ((type*)lh_retrieve(CHECKED_LHASH_OF(type, lh), \ + CHECKED_PTR_OF(type, inst))) +#define LHM_lh_delete(type, lh, inst) \ + ((type*)lh_delete(CHECKED_LHASH_OF(type, lh), \ + CHECKED_PTR_OF(type, inst))) +#define LHM_lh_doall(type, lh,fn) lh_doall(CHECKED_LHASH_OF(type, lh), fn) +#define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \ + lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg)) +#define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh)) +#define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load) +#define LHM_lh_node_stats_bio(type, lh, out_) \ + lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out_) +#define LHM_lh_node_usage_stats_bio(type, lh, out_) \ + lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out_) +#define LHM_lh_stats_bio(type, lh, out_) \ + lh_stats_bio(CHECKED_LHASH_OF(type, lh), out_) +#define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh)) + +mixin DECLARE_LHASH_OF!(OPENSSL_STRING); +mixin DECLARE_LHASH_OF!(OPENSSL_CSTRING); ++/ diff --git a/deimos/openssl/md4.d b/deimos/openssl/md4.d new file mode 100644 index 0000000..e42a4e6 --- /dev/null +++ b/deimos/openssl/md4.d @@ -0,0 +1,116 @@ +/* crypto/md4/md4.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.md4; + +import deimos.openssl._d_util; + +public import deimos.openssl.e_os2; +import core.stdc.config; + +extern (C): +nothrow: + +version (OPENSSL_NO_MD4) { + static assert(false, "MD4 is disabled."); +} + +/* + * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + * ! MD4_LONG has to be at least 32 bits wide. If it's wider, then ! + * ! MD4_LONG_LOG2 has to be defined along. ! + * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + */ + +// #if defined(__LP32__) +// alias c_ulong MD4_LONG; +// #elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__) +// alias c_ulong MD4_LONG; +// enum MD4_LONG_LOG2 = 3; +// /* +// * _CRAY note. I could declare short, but I have no idea what impact +// * does it have on performance on none-T3E machines. I could declare +// * int, but at least on C90 sizeof(int) can be chosen at compile time. +// * So I've chosen long... +// * +// */ +// #else +// alias uint MD4_LONG; +// #endif +alias uint MD4_LONG; + +enum MD4_CBLOCK = 64; +enum MD4_LBLOCK = (MD4_CBLOCK/4); +enum MD4_DIGEST_LENGTH = 16; + +struct MD4state_st { + MD4_LONG A,B,C,D; + MD4_LONG Nl,Nh; + MD4_LONG[MD4_LBLOCK] data; + uint num; + } +alias MD4state_st MD4_CTX; + +version(OPENSSL_FIPS) { + int private_MD4_Init(MD4_CTX* c); +} +int MD4_Init(MD4_CTX* c); +int MD4_Update(MD4_CTX* c, const(void)* data, size_t len); +int MD4_Final(ubyte* md, MD4_CTX* c); +ubyte* MD4(const(ubyte)* d, size_t n, ubyte* md); +void MD4_Transform(MD4_CTX* c, const(ubyte)* b); diff --git a/deimos/openssl/md5.d b/deimos/openssl/md5.d new file mode 100644 index 0000000..b3565cb --- /dev/null +++ b/deimos/openssl/md5.d @@ -0,0 +1,116 @@ +/* crypto/md5/md5.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.md5; + +import deimos.openssl._d_util; + +public import deimos.openssl.e_os2; +import core.stdc.config; + +extern (C): +nothrow: + +version (OPENSSL_NO_MD5) { + static assert(false, "MD5 is disabled."); +} + +/* + * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + * ! MD5_LONG has to be at least 32 bits wide. If it's wider, then ! + * ! MD5_LONG_LOG2 has to be defined along. ! + * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + */ + +// #if defined(__LP32__) +// alias c_ulong MD5_LONG; +// #elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__) +// alias c_ulong MD5_LONG; +// enum MD5_LONG_LOG2 = 3; +// /* +// * _CRAY note. I could declare short, but I have no idea what impact +// * does it have on performance on none-T3E machines. I could declare +// * int, but at least on C90 sizeof(int) can be chosen at compile time. +// * So I've chosen long... +// * +// */ +// #else +// alias uint MD5_LONG; +// #endif +alias uint MD5_LONG; + +enum MD5_CBLOCK = 64; +enum MD5_LBLOCK = (MD5_CBLOCK/4); +enum MD5_DIGEST_LENGTH = 16; + +struct MD5state_st { + MD5_LONG A,B,C,D; + MD5_LONG Nl,Nh; + MD5_LONG[MD5_LBLOCK] data; + uint num; + } +alias MD5state_st MD5_CTX; + +version(OPENSSL_FIPS) { + int private_MD5_Init(MD5_CTX* c); +} +int MD5_Init(MD5_CTX* c); +int MD5_Update(MD5_CTX* c, const(void)* data, size_t len); +int MD5_Final(ubyte* md, MD5_CTX* c); +ubyte* MD5(const(ubyte)* d, size_t n, ubyte* md); +void MD5_Transform(MD5_CTX* c, const(ubyte)* b); diff --git a/deimos/openssl/mdc2.d b/deimos/openssl/mdc2.d new file mode 100644 index 0000000..54f6b46 --- /dev/null +++ b/deimos/openssl/mdc2.d @@ -0,0 +1,91 @@ +/* crypto/mdc2/mdc2.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.mdc2; + +import deimos.openssl._d_util; + +public import deimos.openssl.des; + +extern (C): +nothrow: + +version (OPENSSL_NO_MDC2) { + static assert(false, "MDC2 is disabled."); +} + +enum MDC2_BLOCK = 8; +enum MDC2_DIGEST_LENGTH = 16; + +struct mdc2_ctx_st { + uint num; + ubyte[MDC2_BLOCK] data; + DES_cblock h,hh; + int pad_type; /* either 1 or 2, default 1 */ + } +alias mdc2_ctx_st MDC2_CTX; + + +version(OPENSSL_FIPS) { + int private_MDC2_Init(MDC2_CTX* c); +} +int MDC2_Init(MDC2_CTX* c); +int MDC2_Update(MDC2_CTX* c, const(ubyte)* data, size_t len); +int MDC2_Final(ubyte* md, MDC2_CTX* c); +ubyte* MDC2(const(ubyte)* d, size_t n, + ubyte* md); diff --git a/deimos/openssl/modes.d b/deimos/openssl/modes.d new file mode 100644 index 0000000..e285328 --- /dev/null +++ b/deimos/openssl/modes.d @@ -0,0 +1,141 @@ +/* ==================================================================== + * Copyright (c) 2008 The OpenSSL Project. All rights reserved. + * + * Rights for redistribution and usage in source and binary + * forms are granted according to the OpenSSL license. + */ +module deimos.openssl.modes; + +import deimos.openssl._d_util; + +import core.stdc.config; + +alias ExternC!(void function(const(ubyte[16])* in_, + ubyte[16]* out_, + const(void)* key)) block128_f; + +alias ExternC!(void function(const(ubyte)* in_, ubyte* out_, + size_t blocks, const(void)* key, + const(ubyte[16])* ivec)) ctr128_f; + +alias ExternC!(void function(const(ubyte)* in_, ubyte* out_, + size_t blocks, const(void)* key, + const(ubyte[16])* ivec, ubyte[16]* cmac)) ccm128_f; + +alias ExternC!(void function(const(ubyte)* in_, ubyte* out_, + size_t len, const(void)* key, + ubyte[16]* ivec, int enc)) cbc128_f; + +void CRYPTO_cbc128_encrypt(const(ubyte)* in_, ubyte* out_, + size_t len, const(void)* key, + ubyte[16]* ivec, block128_f block); +void CRYPTO_cbc128_decrypt(const(ubyte)* in_, ubyte* out_, + size_t len, const(void)* key, + ubyte[16]* ivec, block128_f block); + +void CRYPTO_ctr128_encrypt_ctr32(const(ubyte)* in_, ubyte* out_, + size_t len, const(void)* key, + ubyte[16]* ivec, ubyte[16]* ecount_buf, + uint *num, ctr128_f ctr); + +void CRYPTO_ctr128_encrypt(const(ubyte)* in_, ubyte* out_, + size_t len, const(void)* key, + ubyte[16]* ivec, ubyte[16]* ecount_buf, + uint* num, block128_f block); + +void CRYPTO_ofb128_encrypt(const(ubyte)* in_, ubyte* out_, + size_t len, const(void)* key, + ubyte[16]* ivec, int* num, + block128_f block); + +void CRYPTO_cfb128_encrypt(const(ubyte)* in_, ubyte* out_, + size_t len, const(void)* key, + ubyte[16]* ivec, int* num, + int enc, block128_f block); +void CRYPTO_cfb128_8_encrypt(const(ubyte)* in_, ubyte* out_, + size_t length, const(void)* key, + ubyte[16]* ivec, int* num, + int enc, block128_f block); +void CRYPTO_cfb128_1_encrypt(const(ubyte)* in_, ubyte* out_, + size_t bits, const(void)* key, + ubyte[16]* ivec, int* num, + int enc, block128_f block); + +size_t CRYPTO_cts128_encrypt_block(const(ubyte)* in_, ubyte* out_, + size_t len, const(void)* key, + ubyte[16]* ivec, block128_f block); +size_t CRYPTO_cts128_encrypt(const(ubyte)* in_, ubyte* out_, + size_t len, const(void)* key, + ubyte[16]* ivec, cbc128_f cbc); +size_t CRYPTO_cts128_decrypt_block(const(ubyte)* in_, ubyte* out_, + size_t len, const(void)* key, + ubyte[16]* ivec, block128_f block); +size_t CRYPTO_cts128_decrypt(const(ubyte)* in_, ubyte* out_, + size_t len, const(void)* key, + ubyte[16]* ivec, cbc128_f cbc); + +size_t CRYPTO_nistcts128_encrypt_block(const(ubyte)* in_, ubyte* out_, + size_t len, const void *key, + ubyte[16]* ivec, block128_f block); +size_t CRYPTO_nistcts128_encrypt(const(ubyte)* in_, ubyte* out_, + size_t len, const void *key, + ubyte[16]* ivec, cbc128_f cbc); +size_t CRYPTO_nistcts128_decrypt_block(const(ubyte)* in_, ubyte* out_, + size_t len, const void *key, + ubyte[16]* ivec, block128_f block); +size_t CRYPTO_nistcts128_decrypt(const(ubyte)* in_, ubyte* out_, + size_t len, const void *key, + ubyte[16]* ivec, cbc128_f cbc); + +struct gcm128_context; +alias gcm128_context GCM128_CONTEXT; + +GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block); +void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx,void *key,block128_f block); +void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const(ubyte)* iv, + size_t len); +int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const(ubyte)* aad, + size_t len); +int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, + const(ubyte)* in_, ubyte* out_, + size_t len); +int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, + const(ubyte)* in_, ubyte* out_, + size_t len); +int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, + const(ubyte)* in_, ubyte* out_, + size_t len, ctr128_f stream); +int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, + const(ubyte)* in_, ubyte* out_, + size_t len, ctr128_f stream); +int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx,const(ubyte)* tag, + size_t len); +void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, ubyte* tag, size_t len); +void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx); + +struct ccm128_context; +alias ccm128_context CCM128_CONTEXT; + +void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx, + uint M, uint L, void *key,block128_f block); +int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx, + const(ubyte)* nonce, size_t nlen, size_t mlen); +void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx, + const(ubyte)* aad, size_t alen); +int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx, + const(ubyte)* inp, ubyte* out_, size_t len); +int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx, + const(ubyte)* inp, ubyte* out_, size_t len); +int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx, + const(ubyte)* inp, ubyte* out_, size_t len, + ccm128_f stream); +int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx, + const(ubyte)* inp, ubyte* out_, size_t len, + ccm128_f stream); +size_t CRYPTO_ccm128_tag(CCM128_CONTEXT* ctx, ubyte* tag, size_t len); + +struct xts128_context; +alias xts128_context XTS128_CONTEXT; + +int CRYPTO_xts128_encrypt(const(XTS128_CONTEXT)* ctx, const(ubyte[16])* iv, + const(ubyte)* inp, ubyte* out_, size_t len, int enc); diff --git a/deimos/openssl/obj_mac.d b/deimos/openssl/obj_mac.d new file mode 100644 index 0000000..ecc1d2d --- /dev/null +++ b/deimos/openssl/obj_mac.d @@ -0,0 +1,4033 @@ +/* crypto/objects/obj_mac.h */ + +/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the + * following command: + * perl objects.pl objects.txt obj_mac.num obj_mac.h + */ + +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +module deimos.openssl.obj_mac; + +enum SN_undef = "UNDEF"; +enum LN_undef = "undefined"; +enum NID_undef = 0; +enum OBJ_undef = "0L"; + +enum SN_itu_t = "ITU-T"; +enum LN_itu_t = "itu-t"; +enum NID_itu_t = 645; +enum OBJ_itu_t = "0L"; + +enum NID_ccitt = 404; +enum OBJ_ccitt = "OBJ_itu_t"; + +enum SN_iso = "ISO"; +enum LN_iso = "iso"; +enum NID_iso = 181; +enum OBJ_iso = "1L"; + +enum SN_joint_iso_itu_t = "JOINT-ISO-ITU-T"; +enum LN_joint_iso_itu_t = "joint-iso-itu-t"; +enum NID_joint_iso_itu_t = 646; +enum OBJ_joint_iso_itu_t = "2L"; + +enum NID_joint_iso_ccitt = 393; +enum OBJ_joint_iso_ccitt = "OBJ_joint_iso_itu_t"; + +enum SN_member_body = "member-body"; +enum LN_member_body = "ISO Member Body"; +enum NID_member_body = 182; +enum OBJ_member_body = "OBJ_iso,2L"; + +enum SN_identified_organization = "identified-organization"; +enum NID_identified_organization = 676; +enum OBJ_identified_organization = "OBJ_iso,3L"; + +enum SN_hmac_md5 = "HMAC-MD5"; +enum LN_hmac_md5 = "hmac-md5"; +enum NID_hmac_md5 = 780; +enum OBJ_hmac_md5 = "OBJ_identified_organization,6L,1L,5L,5L,8L,1L,1L"; + +enum SN_hmac_sha1 = "HMAC-SHA1"; +enum LN_hmac_sha1 = "hmac-sha1"; +enum NID_hmac_sha1 = 781; +enum OBJ_hmac_sha1 = "OBJ_identified_organization,6L,1L,5L,5L,8L,1L,2L"; + +enum SN_certicom_arc = "certicom-arc"; +enum NID_certicom_arc = 677; +enum OBJ_certicom_arc = "OBJ_identified_organization,132L"; + +enum SN_international_organizations = "international-organizations"; +enum LN_international_organizations = "International Organizations"; +enum NID_international_organizations = 647; +enum OBJ_international_organizations = "OBJ_joint_iso_itu_t,23L"; + +enum SN_wap = "wap"; +enum NID_wap = 678; +enum OBJ_wap = "OBJ_international_organizations,43L"; + +enum SN_wap_wsg = "wap-wsg"; +enum NID_wap_wsg = 679; +enum OBJ_wap_wsg = "OBJ_wap,1L"; + +enum SN_selected_attribute_types = "selected-attribute-types"; +enum LN_selected_attribute_types = "Selected Attribute Types"; +enum NID_selected_attribute_types = 394; +enum OBJ_selected_attribute_types = "OBJ_joint_iso_itu_t,5L,1L,5L"; + +enum SN_clearance = "clearance"; +enum NID_clearance = 395; +enum OBJ_clearance = "OBJ_selected_attribute_types,55L"; + +enum SN_ISO_US = "ISO-US"; +enum LN_ISO_US = "ISO US Member Body"; +enum NID_ISO_US = 183; +enum OBJ_ISO_US = "OBJ_member_body,840L"; + +enum SN_X9_57 = "X9-57"; +enum LN_X9_57 = "X9.57"; +enum NID_X9_57 = 184; +enum OBJ_X9_57 = "OBJ_ISO_US,10040L"; + +enum SN_X9cm = "X9cm"; +enum LN_X9cm = "X9.57 CM ?"; +enum NID_X9cm = 185; +enum OBJ_X9cm = "OBJ_X9_57,4L"; + +enum SN_dsa = "DSA"; +enum LN_dsa = "dsaEncryption"; +enum NID_dsa = 116; +enum OBJ_dsa = "OBJ_X9cm,1L"; + +enum SN_dsaWithSHA1 = "DSA-SHA1"; +enum LN_dsaWithSHA1 = "dsaWithSHA1"; +enum NID_dsaWithSHA1 = 113; +enum OBJ_dsaWithSHA1 = "OBJ_X9cm,3L"; + +enum SN_ansi_X9_62 = "ansi-X9-62"; +enum LN_ansi_X9_62 = "ANSI X9.62"; +enum NID_ansi_X9_62 = 405; +enum OBJ_ansi_X9_62 = "OBJ_ISO_US,10045L"; + +enum OBJ_X9_62_id_fieldType = "OBJ_ansi_X9_62,1L"; + +enum SN_X9_62_prime_field = "prime-field"; +enum NID_X9_62_prime_field = 406; +enum OBJ_X9_62_prime_field = "OBJ_X9_62_id_fieldType,1L"; + +enum SN_X9_62_characteristic_two_field = "characteristic-two-field"; +enum NID_X9_62_characteristic_two_field = 407; +enum OBJ_X9_62_characteristic_two_field = "OBJ_X9_62_id_fieldType,2L"; + +enum SN_X9_62_id_characteristic_two_basis = "id-characteristic-two-basis"; +enum NID_X9_62_id_characteristic_two_basis = 680; +enum OBJ_X9_62_id_characteristic_two_basis = "OBJ_X9_62_characteristic_two_field,3L"; + +enum SN_X9_62_onBasis = "onBasis"; +enum NID_X9_62_onBasis = 681; +enum OBJ_X9_62_onBasis = "OBJ_X9_62_id_characteristic_two_basis,1L"; + +enum SN_X9_62_tpBasis = "tpBasis"; +enum NID_X9_62_tpBasis = 682; +enum OBJ_X9_62_tpBasis = "OBJ_X9_62_id_characteristic_two_basis,2L"; + +enum SN_X9_62_ppBasis = "ppBasis"; +enum NID_X9_62_ppBasis = 683; +enum OBJ_X9_62_ppBasis = "OBJ_X9_62_id_characteristic_two_basis,3L"; + +enum OBJ_X9_62_id_publicKeyType = "OBJ_ansi_X9_62,2L"; + +enum SN_X9_62_id_ecPublicKey = "id-ecPublicKey"; +enum NID_X9_62_id_ecPublicKey = 408; +enum OBJ_X9_62_id_ecPublicKey = "OBJ_X9_62_id_publicKeyType,1L"; + +enum OBJ_X9_62_ellipticCurve = "OBJ_ansi_X9_62,3L"; + +enum OBJ_X9_62_c_TwoCurve = "OBJ_X9_62_ellipticCurve,0L"; + +enum SN_X9_62_c2pnb163v1 = "c2pnb163v1"; +enum NID_X9_62_c2pnb163v1 = 684; +enum OBJ_X9_62_c2pnb163v1 = "OBJ_X9_62_c_TwoCurve,1L"; + +enum SN_X9_62_c2pnb163v2 = "c2pnb163v2"; +enum NID_X9_62_c2pnb163v2 = 685; +enum OBJ_X9_62_c2pnb163v2 = "OBJ_X9_62_c_TwoCurve,2L"; + +enum SN_X9_62_c2pnb163v3 = "c2pnb163v3"; +enum NID_X9_62_c2pnb163v3 = 686; +enum OBJ_X9_62_c2pnb163v3 = "OBJ_X9_62_c_TwoCurve,3L"; + +enum SN_X9_62_c2pnb176v1 = "c2pnb176v1"; +enum NID_X9_62_c2pnb176v1 = 687; +enum OBJ_X9_62_c2pnb176v1 = "OBJ_X9_62_c_TwoCurve,4L"; + +enum SN_X9_62_c2tnb191v1 = "c2tnb191v1"; +enum NID_X9_62_c2tnb191v1 = 688; +enum OBJ_X9_62_c2tnb191v1 = "OBJ_X9_62_c_TwoCurve,5L"; + +enum SN_X9_62_c2tnb191v2 = "c2tnb191v2"; +enum NID_X9_62_c2tnb191v2 = 689; +enum OBJ_X9_62_c2tnb191v2 = "OBJ_X9_62_c_TwoCurve,6L"; + +enum SN_X9_62_c2tnb191v3 = "c2tnb191v3"; +enum NID_X9_62_c2tnb191v3 = 690; +enum OBJ_X9_62_c2tnb191v3 = "OBJ_X9_62_c_TwoCurve,7L"; + +enum SN_X9_62_c2onb191v4 = "c2onb191v4"; +enum NID_X9_62_c2onb191v4 = 691; +enum OBJ_X9_62_c2onb191v4 = "OBJ_X9_62_c_TwoCurve,8L"; + +enum SN_X9_62_c2onb191v5 = "c2onb191v5"; +enum NID_X9_62_c2onb191v5 = 692; +enum OBJ_X9_62_c2onb191v5 = "OBJ_X9_62_c_TwoCurve,9L"; + +enum SN_X9_62_c2pnb208w1 = "c2pnb208w1"; +enum NID_X9_62_c2pnb208w1 = 693; +enum OBJ_X9_62_c2pnb208w1 = "OBJ_X9_62_c_TwoCurve,10L"; + +enum SN_X9_62_c2tnb239v1 = "c2tnb239v1"; +enum NID_X9_62_c2tnb239v1 = 694; +enum OBJ_X9_62_c2tnb239v1 = "OBJ_X9_62_c_TwoCurve,11L"; + +enum SN_X9_62_c2tnb239v2 = "c2tnb239v2"; +enum NID_X9_62_c2tnb239v2 = 695; +enum OBJ_X9_62_c2tnb239v2 = "OBJ_X9_62_c_TwoCurve,12L"; + +enum SN_X9_62_c2tnb239v3 = "c2tnb239v3"; +enum NID_X9_62_c2tnb239v3 = 696; +enum OBJ_X9_62_c2tnb239v3 = "OBJ_X9_62_c_TwoCurve,13L"; + +enum SN_X9_62_c2onb239v4 = "c2onb239v4"; +enum NID_X9_62_c2onb239v4 = 697; +enum OBJ_X9_62_c2onb239v4 = "OBJ_X9_62_c_TwoCurve,14L"; + +enum SN_X9_62_c2onb239v5 = "c2onb239v5"; +enum NID_X9_62_c2onb239v5 = 698; +enum OBJ_X9_62_c2onb239v5 = "OBJ_X9_62_c_TwoCurve,15L"; + +enum SN_X9_62_c2pnb272w1 = "c2pnb272w1"; +enum NID_X9_62_c2pnb272w1 = 699; +enum OBJ_X9_62_c2pnb272w1 = "OBJ_X9_62_c_TwoCurve,16L"; + +enum SN_X9_62_c2pnb304w1 = "c2pnb304w1"; +enum NID_X9_62_c2pnb304w1 = 700; +enum OBJ_X9_62_c2pnb304w1 = "OBJ_X9_62_c_TwoCurve,17L"; + +enum SN_X9_62_c2tnb359v1 = "c2tnb359v1"; +enum NID_X9_62_c2tnb359v1 = 701; +enum OBJ_X9_62_c2tnb359v1 = "OBJ_X9_62_c_TwoCurve,18L"; + +enum SN_X9_62_c2pnb368w1 = "c2pnb368w1"; +enum NID_X9_62_c2pnb368w1 = 702; +enum OBJ_X9_62_c2pnb368w1 = "OBJ_X9_62_c_TwoCurve,19L"; + +enum SN_X9_62_c2tnb431r1 = "c2tnb431r1"; +enum NID_X9_62_c2tnb431r1 = 703; +enum OBJ_X9_62_c2tnb431r1 = "OBJ_X9_62_c_TwoCurve,20L"; + +enum OBJ_X9_62_primeCurve = "OBJ_X9_62_ellipticCurve,1L"; + +enum SN_X9_62_prime192v1 = "prime192v1"; +enum NID_X9_62_prime192v1 = 409; +enum OBJ_X9_62_prime192v1 = "OBJ_X9_62_primeCurve,1L"; + +enum SN_X9_62_prime192v2 = "prime192v2"; +enum NID_X9_62_prime192v2 = 410; +enum OBJ_X9_62_prime192v2 = "OBJ_X9_62_primeCurve,2L"; + +enum SN_X9_62_prime192v3 = "prime192v3"; +enum NID_X9_62_prime192v3 = 411; +enum OBJ_X9_62_prime192v3 = "OBJ_X9_62_primeCurve,3L"; + +enum SN_X9_62_prime239v1 = "prime239v1"; +enum NID_X9_62_prime239v1 = 412; +enum OBJ_X9_62_prime239v1 = "OBJ_X9_62_primeCurve,4L"; + +enum SN_X9_62_prime239v2 = "prime239v2"; +enum NID_X9_62_prime239v2 = 413; +enum OBJ_X9_62_prime239v2 = "OBJ_X9_62_primeCurve,5L"; + +enum SN_X9_62_prime239v3 = "prime239v3"; +enum NID_X9_62_prime239v3 = 414; +enum OBJ_X9_62_prime239v3 = "OBJ_X9_62_primeCurve,6L"; + +enum SN_X9_62_prime256v1 = "prime256v1"; +enum NID_X9_62_prime256v1 = 415; +enum OBJ_X9_62_prime256v1 = "OBJ_X9_62_primeCurve,7L"; + +enum OBJ_X9_62_id_ecSigType = "OBJ_ansi_X9_62,4L"; + +enum SN_ecdsa_with_SHA1 = "ecdsa-with-SHA1"; +enum NID_ecdsa_with_SHA1 = 416; +enum OBJ_ecdsa_with_SHA1 = "OBJ_X9_62_id_ecSigType,1L"; + +enum SN_ecdsa_with_Recommended = "ecdsa-with-Recommended"; +enum NID_ecdsa_with_Recommended = 791; +enum OBJ_ecdsa_with_Recommended = "OBJ_X9_62_id_ecSigType,2L"; + +enum SN_ecdsa_with_Specified = "ecdsa-with-Specified"; +enum NID_ecdsa_with_Specified = 792; +enum OBJ_ecdsa_with_Specified = "OBJ_X9_62_id_ecSigType,3L"; + +enum SN_ecdsa_with_SHA224 = "ecdsa-with-SHA224"; +enum NID_ecdsa_with_SHA224 = 793; +enum OBJ_ecdsa_with_SHA224 = "OBJ_ecdsa_with_Specified,1L"; + +enum SN_ecdsa_with_SHA256 = "ecdsa-with-SHA256"; +enum NID_ecdsa_with_SHA256 = 794; +enum OBJ_ecdsa_with_SHA256 = "OBJ_ecdsa_with_Specified,2L"; + +enum SN_ecdsa_with_SHA384 = "ecdsa-with-SHA384"; +enum NID_ecdsa_with_SHA384 = 795; +enum OBJ_ecdsa_with_SHA384 = "OBJ_ecdsa_with_Specified,3L"; + +enum SN_ecdsa_with_SHA512 = "ecdsa-with-SHA512"; +enum NID_ecdsa_with_SHA512 = 796; +enum OBJ_ecdsa_with_SHA512 = "OBJ_ecdsa_with_Specified,4L"; + +enum OBJ_secg_ellipticCurve = "OBJ_certicom_arc,0L"; + +enum SN_secp112r1 = "secp112r1"; +enum NID_secp112r1 = 704; +enum OBJ_secp112r1 = "OBJ_secg_ellipticCurve,6L"; + +enum SN_secp112r2 = "secp112r2"; +enum NID_secp112r2 = 705; +enum OBJ_secp112r2 = "OBJ_secg_ellipticCurve,7L"; + +enum SN_secp128r1 = "secp128r1"; +enum NID_secp128r1 = 706; +enum OBJ_secp128r1 = "OBJ_secg_ellipticCurve,28L"; + +enum SN_secp128r2 = "secp128r2"; +enum NID_secp128r2 = 707; +enum OBJ_secp128r2 = "OBJ_secg_ellipticCurve,29L"; + +enum SN_secp160k1 = "secp160k1"; +enum NID_secp160k1 = 708; +enum OBJ_secp160k1 = "OBJ_secg_ellipticCurve,9L"; + +enum SN_secp160r1 = "secp160r1"; +enum NID_secp160r1 = 709; +enum OBJ_secp160r1 = "OBJ_secg_ellipticCurve,8L"; + +enum SN_secp160r2 = "secp160r2"; +enum NID_secp160r2 = 710; +enum OBJ_secp160r2 = "OBJ_secg_ellipticCurve,30L"; + +enum SN_secp192k1 = "secp192k1"; +enum NID_secp192k1 = 711; +enum OBJ_secp192k1 = "OBJ_secg_ellipticCurve,31L"; + +enum SN_secp224k1 = "secp224k1"; +enum NID_secp224k1 = 712; +enum OBJ_secp224k1 = "OBJ_secg_ellipticCurve,32L"; + +enum SN_secp224r1 = "secp224r1"; +enum NID_secp224r1 = 713; +enum OBJ_secp224r1 = "OBJ_secg_ellipticCurve,33L"; + +enum SN_secp256k1 = "secp256k1"; +enum NID_secp256k1 = 714; +enum OBJ_secp256k1 = "OBJ_secg_ellipticCurve,10L"; + +enum SN_secp384r1 = "secp384r1"; +enum NID_secp384r1 = 715; +enum OBJ_secp384r1 = "OBJ_secg_ellipticCurve,34L"; + +enum SN_secp521r1 = "secp521r1"; +enum NID_secp521r1 = 716; +enum OBJ_secp521r1 = "OBJ_secg_ellipticCurve,35L"; + +enum SN_sect113r1 = "sect113r1"; +enum NID_sect113r1 = 717; +enum OBJ_sect113r1 = "OBJ_secg_ellipticCurve,4L"; + +enum SN_sect113r2 = "sect113r2"; +enum NID_sect113r2 = 718; +enum OBJ_sect113r2 = "OBJ_secg_ellipticCurve,5L"; + +enum SN_sect131r1 = "sect131r1"; +enum NID_sect131r1 = 719; +enum OBJ_sect131r1 = "OBJ_secg_ellipticCurve,22L"; + +enum SN_sect131r2 = "sect131r2"; +enum NID_sect131r2 = 720; +enum OBJ_sect131r2 = "OBJ_secg_ellipticCurve,23L"; + +enum SN_sect163k1 = "sect163k1"; +enum NID_sect163k1 = 721; +enum OBJ_sect163k1 = "OBJ_secg_ellipticCurve,1L"; + +enum SN_sect163r1 = "sect163r1"; +enum NID_sect163r1 = 722; +enum OBJ_sect163r1 = "OBJ_secg_ellipticCurve,2L"; + +enum SN_sect163r2 = "sect163r2"; +enum NID_sect163r2 = 723; +enum OBJ_sect163r2 = "OBJ_secg_ellipticCurve,15L"; + +enum SN_sect193r1 = "sect193r1"; +enum NID_sect193r1 = 724; +enum OBJ_sect193r1 = "OBJ_secg_ellipticCurve,24L"; + +enum SN_sect193r2 = "sect193r2"; +enum NID_sect193r2 = 725; +enum OBJ_sect193r2 = "OBJ_secg_ellipticCurve,25L"; + +enum SN_sect233k1 = "sect233k1"; +enum NID_sect233k1 = 726; +enum OBJ_sect233k1 = "OBJ_secg_ellipticCurve,26L"; + +enum SN_sect233r1 = "sect233r1"; +enum NID_sect233r1 = 727; +enum OBJ_sect233r1 = "OBJ_secg_ellipticCurve,27L"; + +enum SN_sect239k1 = "sect239k1"; +enum NID_sect239k1 = 728; +enum OBJ_sect239k1 = "OBJ_secg_ellipticCurve,3L"; + +enum SN_sect283k1 = "sect283k1"; +enum NID_sect283k1 = 729; +enum OBJ_sect283k1 = "OBJ_secg_ellipticCurve,16L"; + +enum SN_sect283r1 = "sect283r1"; +enum NID_sect283r1 = 730; +enum OBJ_sect283r1 = "OBJ_secg_ellipticCurve,17L"; + +enum SN_sect409k1 = "sect409k1"; +enum NID_sect409k1 = 731; +enum OBJ_sect409k1 = "OBJ_secg_ellipticCurve,36L"; + +enum SN_sect409r1 = "sect409r1"; +enum NID_sect409r1 = 732; +enum OBJ_sect409r1 = "OBJ_secg_ellipticCurve,37L"; + +enum SN_sect571k1 = "sect571k1"; +enum NID_sect571k1 = 733; +enum OBJ_sect571k1 = "OBJ_secg_ellipticCurve,38L"; + +enum SN_sect571r1 = "sect571r1"; +enum NID_sect571r1 = 734; +enum OBJ_sect571r1 = "OBJ_secg_ellipticCurve,39L"; + +enum OBJ_wap_wsg_idm_ecid = "OBJ_wap_wsg,4L"; + +enum SN_wap_wsg_idm_ecid_wtls1 = "wap-wsg-idm-ecid-wtls1"; +enum NID_wap_wsg_idm_ecid_wtls1 = 735; +enum OBJ_wap_wsg_idm_ecid_wtls1 = "OBJ_wap_wsg_idm_ecid,1L"; + +enum SN_wap_wsg_idm_ecid_wtls3 = "wap-wsg-idm-ecid-wtls3"; +enum NID_wap_wsg_idm_ecid_wtls3 = 736; +enum OBJ_wap_wsg_idm_ecid_wtls3 = "OBJ_wap_wsg_idm_ecid,3L"; + +enum SN_wap_wsg_idm_ecid_wtls4 = "wap-wsg-idm-ecid-wtls4"; +enum NID_wap_wsg_idm_ecid_wtls4 = 737; +enum OBJ_wap_wsg_idm_ecid_wtls4 = "OBJ_wap_wsg_idm_ecid,4L"; + +enum SN_wap_wsg_idm_ecid_wtls5 = "wap-wsg-idm-ecid-wtls5"; +enum NID_wap_wsg_idm_ecid_wtls5 = 738; +enum OBJ_wap_wsg_idm_ecid_wtls5 = "OBJ_wap_wsg_idm_ecid,5L"; + +enum SN_wap_wsg_idm_ecid_wtls6 = "wap-wsg-idm-ecid-wtls6"; +enum NID_wap_wsg_idm_ecid_wtls6 = 739; +enum OBJ_wap_wsg_idm_ecid_wtls6 = "OBJ_wap_wsg_idm_ecid,6L"; + +enum SN_wap_wsg_idm_ecid_wtls7 = "wap-wsg-idm-ecid-wtls7"; +enum NID_wap_wsg_idm_ecid_wtls7 = 740; +enum OBJ_wap_wsg_idm_ecid_wtls7 = "OBJ_wap_wsg_idm_ecid,7L"; + +enum SN_wap_wsg_idm_ecid_wtls8 = "wap-wsg-idm-ecid-wtls8"; +enum NID_wap_wsg_idm_ecid_wtls8 = 741; +enum OBJ_wap_wsg_idm_ecid_wtls8 = "OBJ_wap_wsg_idm_ecid,8L"; + +enum SN_wap_wsg_idm_ecid_wtls9 = "wap-wsg-idm-ecid-wtls9"; +enum NID_wap_wsg_idm_ecid_wtls9 = 742; +enum OBJ_wap_wsg_idm_ecid_wtls9 = "OBJ_wap_wsg_idm_ecid,9L"; + +enum SN_wap_wsg_idm_ecid_wtls10 = "wap-wsg-idm-ecid-wtls10"; +enum NID_wap_wsg_idm_ecid_wtls10 = 743; +enum OBJ_wap_wsg_idm_ecid_wtls10 = "OBJ_wap_wsg_idm_ecid,10L"; + +enum SN_wap_wsg_idm_ecid_wtls11 = "wap-wsg-idm-ecid-wtls11"; +enum NID_wap_wsg_idm_ecid_wtls11 = 744; +enum OBJ_wap_wsg_idm_ecid_wtls11 = "OBJ_wap_wsg_idm_ecid,11L"; + +enum SN_wap_wsg_idm_ecid_wtls12 = "wap-wsg-idm-ecid-wtls12"; +enum NID_wap_wsg_idm_ecid_wtls12 = 745; +enum OBJ_wap_wsg_idm_ecid_wtls12 = "OBJ_wap_wsg_idm_ecid,12L"; + +enum SN_cast5_cbc = "CAST5-CBC"; +enum LN_cast5_cbc = "cast5-cbc"; +enum NID_cast5_cbc = 108; +enum OBJ_cast5_cbc = "OBJ_ISO_US,113533L,7L,66L,10L"; + +enum SN_cast5_ecb = "CAST5-ECB"; +enum LN_cast5_ecb = "cast5-ecb"; +enum NID_cast5_ecb = 109; + +enum SN_cast5_cfb64 = "CAST5-CFB"; +enum LN_cast5_cfb64 = "cast5-cfb"; +enum NID_cast5_cfb64 = 110; + +enum SN_cast5_ofb64 = "CAST5-OFB"; +enum LN_cast5_ofb64 = "cast5-ofb"; +enum NID_cast5_ofb64 = 111; + +enum LN_pbeWithMD5AndCast5_CBC = "pbeWithMD5AndCast5CBC"; +enum NID_pbeWithMD5AndCast5_CBC = 112; +enum OBJ_pbeWithMD5AndCast5_CBC = "OBJ_ISO_US,113533L,7L,66L,12L"; + +enum SN_id_PasswordBasedMAC = "id-PasswordBasedMAC"; +enum LN_id_PasswordBasedMAC = "password based MAC"; +enum NID_id_PasswordBasedMAC = 782; +enum OBJ_id_PasswordBasedMAC = "OBJ_ISO_US,113533L,7L,66L,13L"; + +enum SN_id_DHBasedMac = "id-DHBasedMac"; +enum LN_id_DHBasedMac = "Diffie-Hellman based MAC"; +enum NID_id_DHBasedMac = 783; +enum OBJ_id_DHBasedMac = "OBJ_ISO_US,113533L,7L,66L,30L"; + +enum SN_rsadsi = "rsadsi"; +enum LN_rsadsi = "RSA Data Security, Inc."; +enum NID_rsadsi = 1; +enum OBJ_rsadsi = "OBJ_ISO_US,113549L"; + +enum SN_pkcs = "pkcs"; +enum LN_pkcs = "RSA Data Security, Inc. PKCS"; +enum NID_pkcs = 2; +enum OBJ_pkcs = "OBJ_rsadsi,1L"; + +enum SN_pkcs1 = "pkcs1"; +enum NID_pkcs1 = 186; +enum OBJ_pkcs1 = "OBJ_pkcs,1L"; + +enum LN_rsaEncryption = "rsaEncryption"; +enum NID_rsaEncryption = 6; +enum OBJ_rsaEncryption = "OBJ_pkcs1,1L"; + +enum SN_md2WithRSAEncryption = "RSA-MD2"; +enum LN_md2WithRSAEncryption = "md2WithRSAEncryption"; +enum NID_md2WithRSAEncryption = 7; +enum OBJ_md2WithRSAEncryption = "OBJ_pkcs1,2L"; + +enum SN_md4WithRSAEncryption = "RSA-MD4"; +enum LN_md4WithRSAEncryption = "md4WithRSAEncryption"; +enum NID_md4WithRSAEncryption = 396; +enum OBJ_md4WithRSAEncryption = "OBJ_pkcs1,3L"; + +enum SN_md5WithRSAEncryption = "RSA-MD5"; +enum LN_md5WithRSAEncryption = "md5WithRSAEncryption"; +enum NID_md5WithRSAEncryption = 8; +enum OBJ_md5WithRSAEncryption = "OBJ_pkcs1,4L"; + +enum SN_sha1WithRSAEncryption = "RSA-SHA1"; +enum LN_sha1WithRSAEncryption = "sha1WithRSAEncryption"; +enum NID_sha1WithRSAEncryption = 65; +enum OBJ_sha1WithRSAEncryption = "OBJ_pkcs1,5L"; + +enum SN_rsaesOaep = "RSAES-OAEP"; +enum LN_rsaesOaep = "rsaesOaep"; +enum NID_rsaesOaep = 919; +enum OBJ_rsaesOaep = "OBJ_pkcs1,7L"; + +enum SN_mgf1 = "MGF1"; +enum LN_mgf1 = "mgf1"; +enum NID_mgf1 = 911; +enum OBJ_mgf1 = "OBJ_pkcs1,8L"; + +enum SN_rsassaPss = "RSASSA-PSS"; +enum LN_rsassaPss = "rsassaPss"; +enum NID_rsassaPss = 912; +enum OBJ_rsassaPss = "OBJ_pkcs1,10L"; + +enum SN_sha256WithRSAEncryption = "RSA-SHA256"; +enum LN_sha256WithRSAEncryption = "sha256WithRSAEncryption"; +enum NID_sha256WithRSAEncryption = 668; +enum OBJ_sha256WithRSAEncryption = "OBJ_pkcs1,11L"; + +enum SN_sha384WithRSAEncryption = "RSA-SHA384"; +enum LN_sha384WithRSAEncryption = "sha384WithRSAEncryption"; +enum NID_sha384WithRSAEncryption = 669; +enum OBJ_sha384WithRSAEncryption = "OBJ_pkcs1,12L"; + +enum SN_sha512WithRSAEncryption = "RSA-SHA512"; +enum LN_sha512WithRSAEncryption = "sha512WithRSAEncryption"; +enum NID_sha512WithRSAEncryption = 670; +enum OBJ_sha512WithRSAEncryption = "OBJ_pkcs1,13L"; + +enum SN_sha224WithRSAEncryption = "RSA-SHA224"; +enum LN_sha224WithRSAEncryption = "sha224WithRSAEncryption"; +enum NID_sha224WithRSAEncryption = 671; +enum OBJ_sha224WithRSAEncryption = "OBJ_pkcs1,14L"; + +enum SN_pkcs3 = "pkcs3"; +enum NID_pkcs3 = 27; +enum OBJ_pkcs3 = "OBJ_pkcs,3L"; + +enum LN_dhKeyAgreement = "dhKeyAgreement"; +enum NID_dhKeyAgreement = 28; +enum OBJ_dhKeyAgreement = "OBJ_pkcs3,1L"; + +enum SN_pkcs5 = "pkcs5"; +enum NID_pkcs5 = 187; +enum OBJ_pkcs5 = "OBJ_pkcs,5L"; + +enum SN_pbeWithMD2AndDES_CBC = "PBE-MD2-DES"; +enum LN_pbeWithMD2AndDES_CBC = "pbeWithMD2AndDES-CBC"; +enum NID_pbeWithMD2AndDES_CBC = 9; +enum OBJ_pbeWithMD2AndDES_CBC = "OBJ_pkcs5,1L"; + +enum SN_pbeWithMD5AndDES_CBC = "PBE-MD5-DES"; +enum LN_pbeWithMD5AndDES_CBC = "pbeWithMD5AndDES-CBC"; +enum NID_pbeWithMD5AndDES_CBC = 10; +enum OBJ_pbeWithMD5AndDES_CBC = "OBJ_pkcs5,3L"; + +enum SN_pbeWithMD2AndRC2_CBC = "PBE-MD2-RC2-64"; +enum LN_pbeWithMD2AndRC2_CBC = "pbeWithMD2AndRC2-CBC"; +enum NID_pbeWithMD2AndRC2_CBC = 168; +enum OBJ_pbeWithMD2AndRC2_CBC = "OBJ_pkcs5,4L"; + +enum SN_pbeWithMD5AndRC2_CBC = "PBE-MD5-RC2-64"; +enum LN_pbeWithMD5AndRC2_CBC = "pbeWithMD5AndRC2-CBC"; +enum NID_pbeWithMD5AndRC2_CBC = 169; +enum OBJ_pbeWithMD5AndRC2_CBC = "OBJ_pkcs5,6L"; + +enum SN_pbeWithSHA1AndDES_CBC = "PBE-SHA1-DES"; +enum LN_pbeWithSHA1AndDES_CBC = "pbeWithSHA1AndDES-CBC"; +enum NID_pbeWithSHA1AndDES_CBC = 170; +enum OBJ_pbeWithSHA1AndDES_CBC = "OBJ_pkcs5,10L"; + +enum SN_pbeWithSHA1AndRC2_CBC = "PBE-SHA1-RC2-64"; +enum LN_pbeWithSHA1AndRC2_CBC = "pbeWithSHA1AndRC2-CBC"; +enum NID_pbeWithSHA1AndRC2_CBC = 68; +enum OBJ_pbeWithSHA1AndRC2_CBC = "OBJ_pkcs5,11L"; + +enum LN_id_pbkdf2 = "PBKDF2"; +enum NID_id_pbkdf2 = 69; +enum OBJ_id_pbkdf2 = "OBJ_pkcs5,12L"; + +enum LN_pbes2 = "PBES2"; +enum NID_pbes2 = 161; +enum OBJ_pbes2 = "OBJ_pkcs5,13L"; + +enum LN_pbmac1 = "PBMAC1"; +enum NID_pbmac1 = 162; +enum OBJ_pbmac1 = "OBJ_pkcs5,14L"; + +enum SN_pkcs7 = "pkcs7"; +enum NID_pkcs7 = 20; +enum OBJ_pkcs7 = "OBJ_pkcs,7L"; + +enum LN_pkcs7_data = "pkcs7-data"; +enum NID_pkcs7_data = 21; +enum OBJ_pkcs7_data = "OBJ_pkcs7,1L"; + +enum LN_pkcs7_signed = "pkcs7-signedData"; +enum NID_pkcs7_signed = 22; +enum OBJ_pkcs7_signed = "OBJ_pkcs7,2L"; + +enum LN_pkcs7_enveloped = "pkcs7-envelopedData"; +enum NID_pkcs7_enveloped = 23; +enum OBJ_pkcs7_enveloped = "OBJ_pkcs7,3L"; + +enum LN_pkcs7_signedAndEnveloped = "pkcs7-signedAndEnvelopedData"; +enum NID_pkcs7_signedAndEnveloped = 24; +enum OBJ_pkcs7_signedAndEnveloped = "OBJ_pkcs7,4L"; + +enum LN_pkcs7_digest = "pkcs7-digestData"; +enum NID_pkcs7_digest = 25; +enum OBJ_pkcs7_digest = "OBJ_pkcs7,5L"; + +enum LN_pkcs7_encrypted = "pkcs7-encryptedData"; +enum NID_pkcs7_encrypted = 26; +enum OBJ_pkcs7_encrypted = "OBJ_pkcs7,6L"; + +enum SN_pkcs9 = "pkcs9"; +enum NID_pkcs9 = 47; +enum OBJ_pkcs9 = "OBJ_pkcs,9L"; + +enum LN_pkcs9_emailAddress = "emailAddress"; +enum NID_pkcs9_emailAddress = 48; +enum OBJ_pkcs9_emailAddress = "OBJ_pkcs9,1L"; + +enum LN_pkcs9_unstructuredName = "unstructuredName"; +enum NID_pkcs9_unstructuredName = 49; +enum OBJ_pkcs9_unstructuredName = "OBJ_pkcs9,2L"; + +enum LN_pkcs9_contentType = "contentType"; +enum NID_pkcs9_contentType = 50; +enum OBJ_pkcs9_contentType = "OBJ_pkcs9,3L"; + +enum LN_pkcs9_messageDigest = "messageDigest"; +enum NID_pkcs9_messageDigest = 51; +enum OBJ_pkcs9_messageDigest = "OBJ_pkcs9,4L"; + +enum LN_pkcs9_signingTime = "signingTime"; +enum NID_pkcs9_signingTime = 52; +enum OBJ_pkcs9_signingTime = "OBJ_pkcs9,5L"; + +enum LN_pkcs9_countersignature = "countersignature"; +enum NID_pkcs9_countersignature = 53; +enum OBJ_pkcs9_countersignature = "OBJ_pkcs9,6L"; + +enum LN_pkcs9_challengePassword = "challengePassword"; +enum NID_pkcs9_challengePassword = 54; +enum OBJ_pkcs9_challengePassword = "OBJ_pkcs9,7L"; + +enum LN_pkcs9_unstructuredAddress = "unstructuredAddress"; +enum NID_pkcs9_unstructuredAddress = 55; +enum OBJ_pkcs9_unstructuredAddress = "OBJ_pkcs9,8L"; + +enum LN_pkcs9_extCertAttributes = "extendedCertificateAttributes"; +enum NID_pkcs9_extCertAttributes = 56; +enum OBJ_pkcs9_extCertAttributes = "OBJ_pkcs9,9L"; + +enum SN_ext_req = "extReq"; +enum LN_ext_req = "Extension Request"; +enum NID_ext_req = 172; +enum OBJ_ext_req = "OBJ_pkcs9,14L"; + +enum SN_SMIMECapabilities = "SMIME-CAPS"; +enum LN_SMIMECapabilities = "S/MIME Capabilities"; +enum NID_SMIMECapabilities = 167; +enum OBJ_SMIMECapabilities = "OBJ_pkcs9,15L"; + +enum SN_SMIME = "SMIME"; +enum LN_SMIME = "S/MIME"; +enum NID_SMIME = 188; +enum OBJ_SMIME = "OBJ_pkcs9,16L"; + +enum SN_id_smime_mod = "id-smime-mod"; +enum NID_id_smime_mod = 189; +enum OBJ_id_smime_mod = "OBJ_SMIME,0L"; + +enum SN_id_smime_ct = "id-smime-ct"; +enum NID_id_smime_ct = 190; +enum OBJ_id_smime_ct = "OBJ_SMIME,1L"; + +enum SN_id_smime_aa = "id-smime-aa"; +enum NID_id_smime_aa = 191; +enum OBJ_id_smime_aa = "OBJ_SMIME,2L"; + +enum SN_id_smime_alg = "id-smime-alg"; +enum NID_id_smime_alg = 192; +enum OBJ_id_smime_alg = "OBJ_SMIME,3L"; + +enum SN_id_smime_cd = "id-smime-cd"; +enum NID_id_smime_cd = 193; +enum OBJ_id_smime_cd = "OBJ_SMIME,4L"; + +enum SN_id_smime_spq = "id-smime-spq"; +enum NID_id_smime_spq = 194; +enum OBJ_id_smime_spq = "OBJ_SMIME,5L"; + +enum SN_id_smime_cti = "id-smime-cti"; +enum NID_id_smime_cti = 195; +enum OBJ_id_smime_cti = "OBJ_SMIME,6L"; + +enum SN_id_smime_mod_cms = "id-smime-mod-cms"; +enum NID_id_smime_mod_cms = 196; +enum OBJ_id_smime_mod_cms = "OBJ_id_smime_mod,1L"; + +enum SN_id_smime_mod_ess = "id-smime-mod-ess"; +enum NID_id_smime_mod_ess = 197; +enum OBJ_id_smime_mod_ess = "OBJ_id_smime_mod,2L"; + +enum SN_id_smime_mod_oid = "id-smime-mod-oid"; +enum NID_id_smime_mod_oid = 198; +enum OBJ_id_smime_mod_oid = "OBJ_id_smime_mod,3L"; + +enum SN_id_smime_mod_msg_v3 = "id-smime-mod-msg-v3"; +enum NID_id_smime_mod_msg_v3 = 199; +enum OBJ_id_smime_mod_msg_v3 = "OBJ_id_smime_mod,4L"; + +enum SN_id_smime_mod_ets_eSignature_88 = "id-smime-mod-ets-eSignature-88"; +enum NID_id_smime_mod_ets_eSignature_88 = 200; +enum OBJ_id_smime_mod_ets_eSignature_88 = "OBJ_id_smime_mod,5L"; + +enum SN_id_smime_mod_ets_eSignature_97 = "id-smime-mod-ets-eSignature-97"; +enum NID_id_smime_mod_ets_eSignature_97 = 201; +enum OBJ_id_smime_mod_ets_eSignature_97 = "OBJ_id_smime_mod,6L"; + +enum SN_id_smime_mod_ets_eSigPolicy_88 = "id-smime-mod-ets-eSigPolicy-88"; +enum NID_id_smime_mod_ets_eSigPolicy_88 = 202; +enum OBJ_id_smime_mod_ets_eSigPolicy_88 = "OBJ_id_smime_mod,7L"; + +enum SN_id_smime_mod_ets_eSigPolicy_97 = "id-smime-mod-ets-eSigPolicy-97"; +enum NID_id_smime_mod_ets_eSigPolicy_97 = 203; +enum OBJ_id_smime_mod_ets_eSigPolicy_97 = "OBJ_id_smime_mod,8L"; + +enum SN_id_smime_ct_receipt = "id-smime-ct-receipt"; +enum NID_id_smime_ct_receipt = 204; +enum OBJ_id_smime_ct_receipt = "OBJ_id_smime_ct,1L"; + +enum SN_id_smime_ct_authData = "id-smime-ct-authData"; +enum NID_id_smime_ct_authData = 205; +enum OBJ_id_smime_ct_authData = "OBJ_id_smime_ct,2L"; + +enum SN_id_smime_ct_publishCert = "id-smime-ct-publishCert"; +enum NID_id_smime_ct_publishCert = 206; +enum OBJ_id_smime_ct_publishCert = "OBJ_id_smime_ct,3L"; + +enum SN_id_smime_ct_TSTInfo = "id-smime-ct-TSTInfo"; +enum NID_id_smime_ct_TSTInfo = 207; +enum OBJ_id_smime_ct_TSTInfo = "OBJ_id_smime_ct,4L"; + +enum SN_id_smime_ct_TDTInfo = "id-smime-ct-TDTInfo"; +enum NID_id_smime_ct_TDTInfo = 208; +enum OBJ_id_smime_ct_TDTInfo = "OBJ_id_smime_ct,5L"; + +enum SN_id_smime_ct_contentInfo = "id-smime-ct-contentInfo"; +enum NID_id_smime_ct_contentInfo = 209; +enum OBJ_id_smime_ct_contentInfo = "OBJ_id_smime_ct,6L"; + +enum SN_id_smime_ct_DVCSRequestData = "id-smime-ct-DVCSRequestData"; +enum NID_id_smime_ct_DVCSRequestData = 210; +enum OBJ_id_smime_ct_DVCSRequestData = "OBJ_id_smime_ct,7L"; + +enum SN_id_smime_ct_DVCSResponseData = "id-smime-ct-DVCSResponseData"; +enum NID_id_smime_ct_DVCSResponseData = 211; +enum OBJ_id_smime_ct_DVCSResponseData = "OBJ_id_smime_ct,8L"; + +enum SN_id_smime_ct_compressedData = "id-smime-ct-compressedData"; +enum NID_id_smime_ct_compressedData = 786; +enum OBJ_id_smime_ct_compressedData = "OBJ_id_smime_ct,9L"; + +enum SN_id_ct_asciiTextWithCRLF = "id-ct-asciiTextWithCRLF"; +enum NID_id_ct_asciiTextWithCRLF = 787; +enum OBJ_id_ct_asciiTextWithCRLF = "OBJ_id_smime_ct,27L"; + +enum SN_id_smime_aa_receiptRequest = "id-smime-aa-receiptRequest"; +enum NID_id_smime_aa_receiptRequest = 212; +enum OBJ_id_smime_aa_receiptRequest = "OBJ_id_smime_aa,1L"; + +enum SN_id_smime_aa_securityLabel = "id-smime-aa-securityLabel"; +enum NID_id_smime_aa_securityLabel = 213; +enum OBJ_id_smime_aa_securityLabel = "OBJ_id_smime_aa,2L"; + +enum SN_id_smime_aa_mlExpandHistory = "id-smime-aa-mlExpandHistory"; +enum NID_id_smime_aa_mlExpandHistory = 214; +enum OBJ_id_smime_aa_mlExpandHistory = "OBJ_id_smime_aa,3L"; + +enum SN_id_smime_aa_contentHint = "id-smime-aa-contentHint"; +enum NID_id_smime_aa_contentHint = 215; +enum OBJ_id_smime_aa_contentHint = "OBJ_id_smime_aa,4L"; + +enum SN_id_smime_aa_msgSigDigest = "id-smime-aa-msgSigDigest"; +enum NID_id_smime_aa_msgSigDigest = 216; +enum OBJ_id_smime_aa_msgSigDigest = "OBJ_id_smime_aa,5L"; + +enum SN_id_smime_aa_encapContentType = "id-smime-aa-encapContentType"; +enum NID_id_smime_aa_encapContentType = 217; +enum OBJ_id_smime_aa_encapContentType = "OBJ_id_smime_aa,6L"; + +enum SN_id_smime_aa_contentIdentifier = "id-smime-aa-contentIdentifier"; +enum NID_id_smime_aa_contentIdentifier = 218; +enum OBJ_id_smime_aa_contentIdentifier = "OBJ_id_smime_aa,7L"; + +enum SN_id_smime_aa_macValue = "id-smime-aa-macValue"; +enum NID_id_smime_aa_macValue = 219; +enum OBJ_id_smime_aa_macValue = "OBJ_id_smime_aa,8L"; + +enum SN_id_smime_aa_equivalentLabels = "id-smime-aa-equivalentLabels"; +enum NID_id_smime_aa_equivalentLabels = 220; +enum OBJ_id_smime_aa_equivalentLabels = "OBJ_id_smime_aa,9L"; + +enum SN_id_smime_aa_contentReference = "id-smime-aa-contentReference"; +enum NID_id_smime_aa_contentReference = 221; +enum OBJ_id_smime_aa_contentReference = "OBJ_id_smime_aa,10L"; + +enum SN_id_smime_aa_encrypKeyPref = "id-smime-aa-encrypKeyPref"; +enum NID_id_smime_aa_encrypKeyPref = 222; +enum OBJ_id_smime_aa_encrypKeyPref = "OBJ_id_smime_aa,11L"; + +enum SN_id_smime_aa_signingCertificate = "id-smime-aa-signingCertificate"; +enum NID_id_smime_aa_signingCertificate = 223; +enum OBJ_id_smime_aa_signingCertificate = "OBJ_id_smime_aa,12L"; + +enum SN_id_smime_aa_smimeEncryptCerts = "id-smime-aa-smimeEncryptCerts"; +enum NID_id_smime_aa_smimeEncryptCerts = 224; +enum OBJ_id_smime_aa_smimeEncryptCerts = "OBJ_id_smime_aa,13L"; + +enum SN_id_smime_aa_timeStampToken = "id-smime-aa-timeStampToken"; +enum NID_id_smime_aa_timeStampToken = 225; +enum OBJ_id_smime_aa_timeStampToken = "OBJ_id_smime_aa,14L"; + +enum SN_id_smime_aa_ets_sigPolicyId = "id-smime-aa-ets-sigPolicyId"; +enum NID_id_smime_aa_ets_sigPolicyId = 226; +enum OBJ_id_smime_aa_ets_sigPolicyId = "OBJ_id_smime_aa,15L"; + +enum SN_id_smime_aa_ets_commitmentType = "id-smime-aa-ets-commitmentType"; +enum NID_id_smime_aa_ets_commitmentType = 227; +enum OBJ_id_smime_aa_ets_commitmentType = "OBJ_id_smime_aa,16L"; + +enum SN_id_smime_aa_ets_signerLocation = "id-smime-aa-ets-signerLocation"; +enum NID_id_smime_aa_ets_signerLocation = 228; +enum OBJ_id_smime_aa_ets_signerLocation = "OBJ_id_smime_aa,17L"; + +enum SN_id_smime_aa_ets_signerAttr = "id-smime-aa-ets-signerAttr"; +enum NID_id_smime_aa_ets_signerAttr = 229; +enum OBJ_id_smime_aa_ets_signerAttr = "OBJ_id_smime_aa,18L"; + +enum SN_id_smime_aa_ets_otherSigCert = "id-smime-aa-ets-otherSigCert"; +enum NID_id_smime_aa_ets_otherSigCert = 230; +enum OBJ_id_smime_aa_ets_otherSigCert = "OBJ_id_smime_aa,19L"; + +enum SN_id_smime_aa_ets_contentTimestamp = "id-smime-aa-ets-contentTimestamp"; +enum NID_id_smime_aa_ets_contentTimestamp = 231; +enum OBJ_id_smime_aa_ets_contentTimestamp = "OBJ_id_smime_aa,20L"; + +enum SN_id_smime_aa_ets_CertificateRefs = "id-smime-aa-ets-CertificateRefs"; +enum NID_id_smime_aa_ets_CertificateRefs = 232; +enum OBJ_id_smime_aa_ets_CertificateRefs = "OBJ_id_smime_aa,21L"; + +enum SN_id_smime_aa_ets_RevocationRefs = "id-smime-aa-ets-RevocationRefs"; +enum NID_id_smime_aa_ets_RevocationRefs = 233; +enum OBJ_id_smime_aa_ets_RevocationRefs = "OBJ_id_smime_aa,22L"; + +enum SN_id_smime_aa_ets_certValues = "id-smime-aa-ets-certValues"; +enum NID_id_smime_aa_ets_certValues = 234; +enum OBJ_id_smime_aa_ets_certValues = "OBJ_id_smime_aa,23L"; + +enum SN_id_smime_aa_ets_revocationValues = "id-smime-aa-ets-revocationValues"; +enum NID_id_smime_aa_ets_revocationValues = 235; +enum OBJ_id_smime_aa_ets_revocationValues = "OBJ_id_smime_aa,24L"; + +enum SN_id_smime_aa_ets_escTimeStamp = "id-smime-aa-ets-escTimeStamp"; +enum NID_id_smime_aa_ets_escTimeStamp = 236; +enum OBJ_id_smime_aa_ets_escTimeStamp = "OBJ_id_smime_aa,25L"; + +enum SN_id_smime_aa_ets_certCRLTimestamp = "id-smime-aa-ets-certCRLTimestamp"; +enum NID_id_smime_aa_ets_certCRLTimestamp = 237; +enum OBJ_id_smime_aa_ets_certCRLTimestamp = "OBJ_id_smime_aa,26L"; + +enum SN_id_smime_aa_ets_archiveTimeStamp = "id-smime-aa-ets-archiveTimeStamp"; +enum NID_id_smime_aa_ets_archiveTimeStamp = 238; +enum OBJ_id_smime_aa_ets_archiveTimeStamp = "OBJ_id_smime_aa,27L"; + +enum SN_id_smime_aa_signatureType = "id-smime-aa-signatureType"; +enum NID_id_smime_aa_signatureType = 239; +enum OBJ_id_smime_aa_signatureType = "OBJ_id_smime_aa,28L"; + +enum SN_id_smime_aa_dvcs_dvc = "id-smime-aa-dvcs-dvc"; +enum NID_id_smime_aa_dvcs_dvc = 240; +enum OBJ_id_smime_aa_dvcs_dvc = "OBJ_id_smime_aa,29L"; + +enum SN_id_smime_alg_ESDHwith3DES = "id-smime-alg-ESDHwith3DES"; +enum NID_id_smime_alg_ESDHwith3DES = 241; +enum OBJ_id_smime_alg_ESDHwith3DES = "OBJ_id_smime_alg,1L"; + +enum SN_id_smime_alg_ESDHwithRC2 = "id-smime-alg-ESDHwithRC2"; +enum NID_id_smime_alg_ESDHwithRC2 = 242; +enum OBJ_id_smime_alg_ESDHwithRC2 = "OBJ_id_smime_alg,2L"; + +enum SN_id_smime_alg_3DESwrap = "id-smime-alg-3DESwrap"; +enum NID_id_smime_alg_3DESwrap = 243; +enum OBJ_id_smime_alg_3DESwrap = "OBJ_id_smime_alg,3L"; + +enum SN_id_smime_alg_RC2wrap = "id-smime-alg-RC2wrap"; +enum NID_id_smime_alg_RC2wrap = 244; +enum OBJ_id_smime_alg_RC2wrap = "OBJ_id_smime_alg,4L"; + +enum SN_id_smime_alg_ESDH = "id-smime-alg-ESDH"; +enum NID_id_smime_alg_ESDH = 245; +enum OBJ_id_smime_alg_ESDH = "OBJ_id_smime_alg,5L"; + +enum SN_id_smime_alg_CMS3DESwrap = "id-smime-alg-CMS3DESwrap"; +enum NID_id_smime_alg_CMS3DESwrap = 246; +enum OBJ_id_smime_alg_CMS3DESwrap = "OBJ_id_smime_alg,6L"; + +enum SN_id_smime_alg_CMSRC2wrap = "id-smime-alg-CMSRC2wrap"; +enum NID_id_smime_alg_CMSRC2wrap = 247; +enum OBJ_id_smime_alg_CMSRC2wrap = "OBJ_id_smime_alg,7L"; + +enum SN_id_alg_PWRI_KEK = "id-alg-PWRI-KEK"; +enum NID_id_alg_PWRI_KEK = 893; +enum OBJ_id_alg_PWRI_KEK = "OBJ_id_smime_alg,9L"; + +enum SN_id_smime_cd_ldap = "id-smime-cd-ldap"; +enum NID_id_smime_cd_ldap = 248; +enum OBJ_id_smime_cd_ldap = "OBJ_id_smime_cd,1L"; + +enum SN_id_smime_spq_ets_sqt_uri = "id-smime-spq-ets-sqt-uri"; +enum NID_id_smime_spq_ets_sqt_uri = 249; +enum OBJ_id_smime_spq_ets_sqt_uri = "OBJ_id_smime_spq,1L"; + +enum SN_id_smime_spq_ets_sqt_unotice = "id-smime-spq-ets-sqt-unotice"; +enum NID_id_smime_spq_ets_sqt_unotice = 250; +enum OBJ_id_smime_spq_ets_sqt_unotice = "OBJ_id_smime_spq,2L"; + +enum SN_id_smime_cti_ets_proofOfOrigin = "id-smime-cti-ets-proofOfOrigin"; +enum NID_id_smime_cti_ets_proofOfOrigin = 251; +enum OBJ_id_smime_cti_ets_proofOfOrigin = "OBJ_id_smime_cti,1L"; + +enum SN_id_smime_cti_ets_proofOfReceipt = "id-smime-cti-ets-proofOfReceipt"; +enum NID_id_smime_cti_ets_proofOfReceipt = 252; +enum OBJ_id_smime_cti_ets_proofOfReceipt = "OBJ_id_smime_cti,2L"; + +enum SN_id_smime_cti_ets_proofOfDelivery = "id-smime-cti-ets-proofOfDelivery"; +enum NID_id_smime_cti_ets_proofOfDelivery = 253; +enum OBJ_id_smime_cti_ets_proofOfDelivery = "OBJ_id_smime_cti,3L"; + +enum SN_id_smime_cti_ets_proofOfSender = "id-smime-cti-ets-proofOfSender"; +enum NID_id_smime_cti_ets_proofOfSender = 254; +enum OBJ_id_smime_cti_ets_proofOfSender = "OBJ_id_smime_cti,4L"; + +enum SN_id_smime_cti_ets_proofOfApproval = "id-smime-cti-ets-proofOfApproval"; +enum NID_id_smime_cti_ets_proofOfApproval = 255; +enum OBJ_id_smime_cti_ets_proofOfApproval = "OBJ_id_smime_cti,5L"; + +enum SN_id_smime_cti_ets_proofOfCreation = "id-smime-cti-ets-proofOfCreation"; +enum NID_id_smime_cti_ets_proofOfCreation = 256; +enum OBJ_id_smime_cti_ets_proofOfCreation = "OBJ_id_smime_cti,6L"; + +enum LN_friendlyName = "friendlyName"; +enum NID_friendlyName = 156; +enum OBJ_friendlyName = "OBJ_pkcs9,20L"; + +enum LN_localKeyID = "localKeyID"; +enum NID_localKeyID = 157; +enum OBJ_localKeyID = "OBJ_pkcs9,21L"; + +enum SN_ms_csp_name = "CSPName"; +enum LN_ms_csp_name = "Microsoft CSP Name"; +enum NID_ms_csp_name = 417; +enum OBJ_ms_csp_name = "1L,3L,6L,1L,4L,1L,311L,17L,1L"; + +enum SN_LocalKeySet = "LocalKeySet"; +enum LN_LocalKeySet = "Microsoft Local Key set"; +enum NID_LocalKeySet = 856; +enum OBJ_LocalKeySet = "1L,3L,6L,1L,4L,1L,311L,17L,2L"; + +enum OBJ_certTypes = "OBJ_pkcs9,22L"; + +enum LN_x509Certificate = "x509Certificate"; +enum NID_x509Certificate = 158; +enum OBJ_x509Certificate = "OBJ_certTypes,1L"; + +enum LN_sdsiCertificate = "sdsiCertificate"; +enum NID_sdsiCertificate = 159; +enum OBJ_sdsiCertificate = "OBJ_certTypes,2L"; + +enum OBJ_crlTypes = "OBJ_pkcs9,23L"; + +enum LN_x509Crl = "x509Crl"; +enum NID_x509Crl = 160; +enum OBJ_x509Crl = "OBJ_crlTypes,1L"; + +enum OBJ_pkcs12 = "OBJ_pkcs,12L"; + +enum OBJ_pkcs12_pbeids = "OBJ_pkcs12,1L"; + +enum SN_pbe_WithSHA1And128BitRC4 = "PBE-SHA1-RC4-128"; +enum LN_pbe_WithSHA1And128BitRC4 = "pbeWithSHA1And128BitRC4"; +enum NID_pbe_WithSHA1And128BitRC4 = 144; +enum OBJ_pbe_WithSHA1And128BitRC4 = "OBJ_pkcs12_pbeids,1L"; + +enum SN_pbe_WithSHA1And40BitRC4 = "PBE-SHA1-RC4-40"; +enum LN_pbe_WithSHA1And40BitRC4 = "pbeWithSHA1And40BitRC4"; +enum NID_pbe_WithSHA1And40BitRC4 = 145; +enum OBJ_pbe_WithSHA1And40BitRC4 = "OBJ_pkcs12_pbeids,2L"; + +enum SN_pbe_WithSHA1And3_Key_TripleDES_CBC = "PBE-SHA1-3DES"; +enum LN_pbe_WithSHA1And3_Key_TripleDES_CBC = "pbeWithSHA1And3-KeyTripleDES-CBC"; +enum NID_pbe_WithSHA1And3_Key_TripleDES_CBC = 146; +enum OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC = "OBJ_pkcs12_pbeids,3L"; + +enum SN_pbe_WithSHA1And2_Key_TripleDES_CBC = "PBE-SHA1-2DES"; +enum LN_pbe_WithSHA1And2_Key_TripleDES_CBC = "pbeWithSHA1And2-KeyTripleDES-CBC"; +enum NID_pbe_WithSHA1And2_Key_TripleDES_CBC = 147; +enum OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC = "OBJ_pkcs12_pbeids,4L"; + +enum SN_pbe_WithSHA1And128BitRC2_CBC = "PBE-SHA1-RC2-128"; +enum LN_pbe_WithSHA1And128BitRC2_CBC = "pbeWithSHA1And128BitRC2-CBC"; +enum NID_pbe_WithSHA1And128BitRC2_CBC = 148; +enum OBJ_pbe_WithSHA1And128BitRC2_CBC = "OBJ_pkcs12_pbeids,5L"; + +enum SN_pbe_WithSHA1And40BitRC2_CBC = "PBE-SHA1-RC2-40"; +enum LN_pbe_WithSHA1And40BitRC2_CBC = "pbeWithSHA1And40BitRC2-CBC"; +enum NID_pbe_WithSHA1And40BitRC2_CBC = 149; +enum OBJ_pbe_WithSHA1And40BitRC2_CBC = "OBJ_pkcs12_pbeids,6L"; + +enum OBJ_pkcs12_Version1 = "OBJ_pkcs12,10L"; + +enum OBJ_pkcs12_BagIds = "OBJ_pkcs12_Version1,1L"; + +enum LN_keyBag = "keyBag"; +enum NID_keyBag = 150; +enum OBJ_keyBag = "OBJ_pkcs12_BagIds,1L"; + +enum LN_pkcs8ShroudedKeyBag = "pkcs8ShroudedKeyBag"; +enum NID_pkcs8ShroudedKeyBag = 151; +enum OBJ_pkcs8ShroudedKeyBag = "OBJ_pkcs12_BagIds,2L"; + +enum LN_certBag = "certBag"; +enum NID_certBag = 152; +enum OBJ_certBag = "OBJ_pkcs12_BagIds,3L"; + +enum LN_crlBag = "crlBag"; +enum NID_crlBag = 153; +enum OBJ_crlBag = "OBJ_pkcs12_BagIds,4L"; + +enum LN_secretBag = "secretBag"; +enum NID_secretBag = 154; +enum OBJ_secretBag = "OBJ_pkcs12_BagIds,5L"; + +enum LN_safeContentsBag = "safeContentsBag"; +enum NID_safeContentsBag = 155; +enum OBJ_safeContentsBag = "OBJ_pkcs12_BagIds,6L"; + +enum SN_md2 = "MD2"; +enum LN_md2 = "md2"; +enum NID_md2 = 3; +enum OBJ_md2 = "OBJ_rsadsi,2L,2L"; + +enum SN_md4 = "MD4"; +enum LN_md4 = "md4"; +enum NID_md4 = 257; +enum OBJ_md4 = "OBJ_rsadsi,2L,4L"; + +enum SN_md5 = "MD5"; +enum LN_md5 = "md5"; +enum NID_md5 = 4; +enum OBJ_md5 = "OBJ_rsadsi,2L,5L"; + +enum SN_md5_sha1 = "MD5-SHA1"; +enum LN_md5_sha1 = "md5-sha1"; +enum NID_md5_sha1 = 114; + +enum LN_hmacWithMD5 = "hmacWithMD5"; +enum NID_hmacWithMD5 = 797; +enum OBJ_hmacWithMD5 = "OBJ_rsadsi,2L,6L"; + +enum LN_hmacWithSHA1 = "hmacWithSHA1"; +enum NID_hmacWithSHA1 = 163; +enum OBJ_hmacWithSHA1 = "OBJ_rsadsi,2L,7L"; + +enum LN_hmacWithSHA224 = "hmacWithSHA224"; +enum NID_hmacWithSHA224 = 798; +enum OBJ_hmacWithSHA224 = "OBJ_rsadsi,2L,8L"; + +enum LN_hmacWithSHA256 = "hmacWithSHA256"; +enum NID_hmacWithSHA256 = 799; +enum OBJ_hmacWithSHA256 = "OBJ_rsadsi,2L,9L"; + +enum LN_hmacWithSHA384 = "hmacWithSHA384"; +enum NID_hmacWithSHA384 = 800; +enum OBJ_hmacWithSHA384 = "OBJ_rsadsi,2L,10L"; + +enum LN_hmacWithSHA512 = "hmacWithSHA512"; +enum NID_hmacWithSHA512 = 801; +enum OBJ_hmacWithSHA512 = "OBJ_rsadsi,2L,11L"; + +enum SN_rc2_cbc = "RC2-CBC"; +enum LN_rc2_cbc = "rc2-cbc"; +enum NID_rc2_cbc = 37; +enum OBJ_rc2_cbc = "OBJ_rsadsi,3L,2L"; + +enum SN_rc2_ecb = "RC2-ECB"; +enum LN_rc2_ecb = "rc2-ecb"; +enum NID_rc2_ecb = 38; + +enum SN_rc2_cfb64 = "RC2-CFB"; +enum LN_rc2_cfb64 = "rc2-cfb"; +enum NID_rc2_cfb64 = 39; + +enum SN_rc2_ofb64 = "RC2-OFB"; +enum LN_rc2_ofb64 = "rc2-ofb"; +enum NID_rc2_ofb64 = 40; + +enum SN_rc2_40_cbc = "RC2-40-CBC"; +enum LN_rc2_40_cbc = "rc2-40-cbc"; +enum NID_rc2_40_cbc = 98; + +enum SN_rc2_64_cbc = "RC2-64-CBC"; +enum LN_rc2_64_cbc = "rc2-64-cbc"; +enum NID_rc2_64_cbc = 166; + +enum SN_rc4 = "RC4"; +enum LN_rc4 = "rc4"; +enum NID_rc4 = 5; +enum OBJ_rc4 = "OBJ_rsadsi,3L,4L"; + +enum SN_rc4_40 = "RC4-40"; +enum LN_rc4_40 = "rc4-40"; +enum NID_rc4_40 = 97; + +enum SN_des_ede3_cbc = "DES-EDE3-CBC"; +enum LN_des_ede3_cbc = "des-ede3-cbc"; +enum NID_des_ede3_cbc = 44; +enum OBJ_des_ede3_cbc = "OBJ_rsadsi,3L,7L"; + +enum SN_rc5_cbc = "RC5-CBC"; +enum LN_rc5_cbc = "rc5-cbc"; +enum NID_rc5_cbc = 120; +enum OBJ_rc5_cbc = "OBJ_rsadsi,3L,8L"; + +enum SN_rc5_ecb = "RC5-ECB"; +enum LN_rc5_ecb = "rc5-ecb"; +enum NID_rc5_ecb = 121; + +enum SN_rc5_cfb64 = "RC5-CFB"; +enum LN_rc5_cfb64 = "rc5-cfb"; +enum NID_rc5_cfb64 = 122; + +enum SN_rc5_ofb64 = "RC5-OFB"; +enum LN_rc5_ofb64 = "rc5-ofb"; +enum NID_rc5_ofb64 = 123; + +enum SN_ms_ext_req = "msExtReq"; +enum LN_ms_ext_req = "Microsoft Extension Request"; +enum NID_ms_ext_req = 171; +enum OBJ_ms_ext_req = "1L,3L,6L,1L,4L,1L,311L,2L,1L,14L"; + +enum SN_ms_code_ind = "msCodeInd"; +enum LN_ms_code_ind = "Microsoft Individual Code Signing"; +enum NID_ms_code_ind = 134; +enum OBJ_ms_code_ind = "1L,3L,6L,1L,4L,1L,311L,2L,1L,21L"; + +enum SN_ms_code_com = "msCodeCom"; +enum LN_ms_code_com = "Microsoft Commercial Code Signing"; +enum NID_ms_code_com = 135; +enum OBJ_ms_code_com = "1L,3L,6L,1L,4L,1L,311L,2L,1L,22L"; + +enum SN_ms_ctl_sign = "msCTLSign"; +enum LN_ms_ctl_sign = "Microsoft Trust List Signing"; +enum NID_ms_ctl_sign = 136; +enum OBJ_ms_ctl_sign = "1L,3L,6L,1L,4L,1L,311L,10L,3L,1L"; + +enum SN_ms_sgc = "msSGC"; +enum LN_ms_sgc = "Microsoft Server Gated Crypto"; +enum NID_ms_sgc = 137; +enum OBJ_ms_sgc = "1L,3L,6L,1L,4L,1L,311L,10L,3L,3L"; + +enum SN_ms_efs = "msEFS"; +enum LN_ms_efs = "Microsoft Encrypted File System"; +enum NID_ms_efs = 138; +enum OBJ_ms_efs = "1L,3L,6L,1L,4L,1L,311L,10L,3L,4L"; + +enum SN_ms_smartcard_login = "msSmartcardLogin"; +enum LN_ms_smartcard_login = "Microsoft Smartcardlogin"; +enum NID_ms_smartcard_login = 648; +enum OBJ_ms_smartcard_login = "1L,3L,6L,1L,4L,1L,311L,20L,2L,2L"; + +enum SN_ms_upn = "msUPN"; +enum LN_ms_upn = "Microsoft Universal Principal Name"; +enum NID_ms_upn = 649; +enum OBJ_ms_upn = "1L,3L,6L,1L,4L,1L,311L,20L,2L,3L"; + +enum SN_idea_cbc = "IDEA-CBC"; +enum LN_idea_cbc = "idea-cbc"; +enum NID_idea_cbc = 34; +enum OBJ_idea_cbc = "1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L"; + +enum SN_idea_ecb = "IDEA-ECB"; +enum LN_idea_ecb = "idea-ecb"; +enum NID_idea_ecb = 36; + +enum SN_idea_cfb64 = "IDEA-CFB"; +enum LN_idea_cfb64 = "idea-cfb"; +enum NID_idea_cfb64 = 35; + +enum SN_idea_ofb64 = "IDEA-OFB"; +enum LN_idea_ofb64 = "idea-ofb"; +enum NID_idea_ofb64 = 46; + +enum SN_bf_cbc = "BF-CBC"; +enum LN_bf_cbc = "bf-cbc"; +enum NID_bf_cbc = 91; +enum OBJ_bf_cbc = "1L,3L,6L,1L,4L,1L,3029L,1L,2L"; + +enum SN_bf_ecb = "BF-ECB"; +enum LN_bf_ecb = "bf-ecb"; +enum NID_bf_ecb = 92; + +enum SN_bf_cfb64 = "BF-CFB"; +enum LN_bf_cfb64 = "bf-cfb"; +enum NID_bf_cfb64 = 93; + +enum SN_bf_ofb64 = "BF-OFB"; +enum LN_bf_ofb64 = "bf-ofb"; +enum NID_bf_ofb64 = 94; + +enum SN_id_pkix = "PKIX"; +enum NID_id_pkix = 127; +enum OBJ_id_pkix = "1L,3L,6L,1L,5L,5L,7L"; + +enum SN_id_pkix_mod = "id-pkix-mod"; +enum NID_id_pkix_mod = 258; +enum OBJ_id_pkix_mod = "OBJ_id_pkix,0L"; + +enum SN_id_pe = "id-pe"; +enum NID_id_pe = 175; +enum OBJ_id_pe = "OBJ_id_pkix,1L"; + +enum SN_id_qt = "id-qt"; +enum NID_id_qt = 259; +enum OBJ_id_qt = "OBJ_id_pkix,2L"; + +enum SN_id_kp = "id-kp"; +enum NID_id_kp = 128; +enum OBJ_id_kp = "OBJ_id_pkix,3L"; + +enum SN_id_it = "id-it"; +enum NID_id_it = 260; +enum OBJ_id_it = "OBJ_id_pkix,4L"; + +enum SN_id_pkip = "id-pkip"; +enum NID_id_pkip = 261; +enum OBJ_id_pkip = "OBJ_id_pkix,5L"; + +enum SN_id_alg = "id-alg"; +enum NID_id_alg = 262; +enum OBJ_id_alg = "OBJ_id_pkix,6L"; + +enum SN_id_cmc = "id-cmc"; +enum NID_id_cmc = 263; +enum OBJ_id_cmc = "OBJ_id_pkix,7L"; + +enum SN_id_on = "id-on"; +enum NID_id_on = 264; +enum OBJ_id_on = "OBJ_id_pkix,8L"; + +enum SN_id_pda = "id-pda"; +enum NID_id_pda = 265; +enum OBJ_id_pda = "OBJ_id_pkix,9L"; + +enum SN_id_aca = "id-aca"; +enum NID_id_aca = 266; +enum OBJ_id_aca = "OBJ_id_pkix,10L"; + +enum SN_id_qcs = "id-qcs"; +enum NID_id_qcs = 267; +enum OBJ_id_qcs = "OBJ_id_pkix,11L"; + +enum SN_id_cct = "id-cct"; +enum NID_id_cct = 268; +enum OBJ_id_cct = "OBJ_id_pkix,12L"; + +enum SN_id_ppl = "id-ppl"; +enum NID_id_ppl = 662; +enum OBJ_id_ppl = "OBJ_id_pkix,21L"; + +enum SN_id_ad = "id-ad"; +enum NID_id_ad = 176; +enum OBJ_id_ad = "OBJ_id_pkix,48L"; + +enum SN_id_pkix1_explicit_88 = "id-pkix1-explicit-88"; +enum NID_id_pkix1_explicit_88 = 269; +enum OBJ_id_pkix1_explicit_88 = "OBJ_id_pkix_mod,1L"; + +enum SN_id_pkix1_implicit_88 = "id-pkix1-implicit-88"; +enum NID_id_pkix1_implicit_88 = 270; +enum OBJ_id_pkix1_implicit_88 = "OBJ_id_pkix_mod,2L"; + +enum SN_id_pkix1_explicit_93 = "id-pkix1-explicit-93"; +enum NID_id_pkix1_explicit_93 = 271; +enum OBJ_id_pkix1_explicit_93 = "OBJ_id_pkix_mod,3L"; + +enum SN_id_pkix1_implicit_93 = "id-pkix1-implicit-93"; +enum NID_id_pkix1_implicit_93 = 272; +enum OBJ_id_pkix1_implicit_93 = "OBJ_id_pkix_mod,4L"; + +enum SN_id_mod_crmf = "id-mod-crmf"; +enum NID_id_mod_crmf = 273; +enum OBJ_id_mod_crmf = "OBJ_id_pkix_mod,5L"; + +enum SN_id_mod_cmc = "id-mod-cmc"; +enum NID_id_mod_cmc = 274; +enum OBJ_id_mod_cmc = "OBJ_id_pkix_mod,6L"; + +enum SN_id_mod_kea_profile_88 = "id-mod-kea-profile-88"; +enum NID_id_mod_kea_profile_88 = 275; +enum OBJ_id_mod_kea_profile_88 = "OBJ_id_pkix_mod,7L"; + +enum SN_id_mod_kea_profile_93 = "id-mod-kea-profile-93"; +enum NID_id_mod_kea_profile_93 = 276; +enum OBJ_id_mod_kea_profile_93 = "OBJ_id_pkix_mod,8L"; + +enum SN_id_mod_cmp = "id-mod-cmp"; +enum NID_id_mod_cmp = 277; +enum OBJ_id_mod_cmp = "OBJ_id_pkix_mod,9L"; + +enum SN_id_mod_qualified_cert_88 = "id-mod-qualified-cert-88"; +enum NID_id_mod_qualified_cert_88 = 278; +enum OBJ_id_mod_qualified_cert_88 = "OBJ_id_pkix_mod,10L"; + +enum SN_id_mod_qualified_cert_93 = "id-mod-qualified-cert-93"; +enum NID_id_mod_qualified_cert_93 = 279; +enum OBJ_id_mod_qualified_cert_93 = "OBJ_id_pkix_mod,11L"; + +enum SN_id_mod_attribute_cert = "id-mod-attribute-cert"; +enum NID_id_mod_attribute_cert = 280; +enum OBJ_id_mod_attribute_cert = "OBJ_id_pkix_mod,12L"; + +enum SN_id_mod_timestamp_protocol = "id-mod-timestamp-protocol"; +enum NID_id_mod_timestamp_protocol = 281; +enum OBJ_id_mod_timestamp_protocol = "OBJ_id_pkix_mod,13L"; + +enum SN_id_mod_ocsp = "id-mod-ocsp"; +enum NID_id_mod_ocsp = 282; +enum OBJ_id_mod_ocsp = "OBJ_id_pkix_mod,14L"; + +enum SN_id_mod_dvcs = "id-mod-dvcs"; +enum NID_id_mod_dvcs = 283; +enum OBJ_id_mod_dvcs = "OBJ_id_pkix_mod,15L"; + +enum SN_id_mod_cmp2000 = "id-mod-cmp2000"; +enum NID_id_mod_cmp2000 = 284; +enum OBJ_id_mod_cmp2000 = "OBJ_id_pkix_mod,16L"; + +enum SN_info_access = "authorityInfoAccess"; +enum LN_info_access = "Authority Information Access"; +enum NID_info_access = 177; +enum OBJ_info_access = "OBJ_id_pe,1L"; + +enum SN_biometricInfo = "biometricInfo"; +enum LN_biometricInfo = "Biometric Info"; +enum NID_biometricInfo = 285; +enum OBJ_biometricInfo = "OBJ_id_pe,2L"; + +enum SN_qcStatements = "qcStatements"; +enum NID_qcStatements = 286; +enum OBJ_qcStatements = "OBJ_id_pe,3L"; + +enum SN_ac_auditEntity = "ac-auditEntity"; +enum NID_ac_auditEntity = 287; +enum OBJ_ac_auditEntity = "OBJ_id_pe,4L"; + +enum SN_ac_targeting = "ac-targeting"; +enum NID_ac_targeting = 288; +enum OBJ_ac_targeting = "OBJ_id_pe,5L"; + +enum SN_aaControls = "aaControls"; +enum NID_aaControls = 289; +enum OBJ_aaControls = "OBJ_id_pe,6L"; + +enum SN_sbgp_ipAddrBlock = "sbgp-ipAddrBlock"; +enum NID_sbgp_ipAddrBlock = 290; +enum OBJ_sbgp_ipAddrBlock = "OBJ_id_pe,7L"; + +enum SN_sbgp_autonomousSysNum = "sbgp-autonomousSysNum"; +enum NID_sbgp_autonomousSysNum = 291; +enum OBJ_sbgp_autonomousSysNum = "OBJ_id_pe,8L"; + +enum SN_sbgp_routerIdentifier = "sbgp-routerIdentifier"; +enum NID_sbgp_routerIdentifier = 292; +enum OBJ_sbgp_routerIdentifier = "OBJ_id_pe,9L"; + +enum SN_ac_proxying = "ac-proxying"; +enum NID_ac_proxying = 397; +enum OBJ_ac_proxying = "OBJ_id_pe,10L"; + +enum SN_sinfo_access = "subjectInfoAccess"; +enum LN_sinfo_access = "Subject Information Access"; +enum NID_sinfo_access = 398; +enum OBJ_sinfo_access = "OBJ_id_pe,11L"; + +enum SN_proxyCertInfo = "proxyCertInfo"; +enum LN_proxyCertInfo = "Proxy Certificate Information"; +enum NID_proxyCertInfo = 663; +enum OBJ_proxyCertInfo = "OBJ_id_pe,14L"; + +enum SN_id_qt_cps = "id-qt-cps"; +enum LN_id_qt_cps = "Policy Qualifier CPS"; +enum NID_id_qt_cps = 164; +enum OBJ_id_qt_cps = "OBJ_id_qt,1L"; + +enum SN_id_qt_unotice = "id-qt-unotice"; +enum LN_id_qt_unotice = "Policy Qualifier User Notice"; +enum NID_id_qt_unotice = 165; +enum OBJ_id_qt_unotice = "OBJ_id_qt,2L"; + +enum SN_textNotice = "textNotice"; +enum NID_textNotice = 293; +enum OBJ_textNotice = "OBJ_id_qt,3L"; + +enum SN_server_auth = "serverAuth"; +enum LN_server_auth = "TLS Web Server Authentication"; +enum NID_server_auth = 129; +enum OBJ_server_auth = "OBJ_id_kp,1L"; + +enum SN_client_auth = "clientAuth"; +enum LN_client_auth = "TLS Web Client Authentication"; +enum NID_client_auth = 130; +enum OBJ_client_auth = "OBJ_id_kp,2L"; + +enum SN_code_sign = "codeSigning"; +enum LN_code_sign = "Code Signing"; +enum NID_code_sign = 131; +enum OBJ_code_sign = "OBJ_id_kp,3L"; + +enum SN_email_protect = "emailProtection"; +enum LN_email_protect = "E-mail Protection"; +enum NID_email_protect = 132; +enum OBJ_email_protect = "OBJ_id_kp,4L"; + +enum SN_ipsecEndSystem = "ipsecEndSystem"; +enum LN_ipsecEndSystem = "IPSec End System"; +enum NID_ipsecEndSystem = 294; +enum OBJ_ipsecEndSystem = "OBJ_id_kp,5L"; + +enum SN_ipsecTunnel = "ipsecTunnel"; +enum LN_ipsecTunnel = "IPSec Tunnel"; +enum NID_ipsecTunnel = 295; +enum OBJ_ipsecTunnel = "OBJ_id_kp,6L"; + +enum SN_ipsecUser = "ipsecUser"; +enum LN_ipsecUser = "IPSec User"; +enum NID_ipsecUser = 296; +enum OBJ_ipsecUser = "OBJ_id_kp,7L"; + +enum SN_time_stamp = "timeStamping"; +enum LN_time_stamp = "Time Stamping"; +enum NID_time_stamp = 133; +enum OBJ_time_stamp = "OBJ_id_kp,8L"; + +enum SN_OCSP_sign = "OCSPSigning"; +enum LN_OCSP_sign = "OCSP Signing"; +enum NID_OCSP_sign = 180; +enum OBJ_OCSP_sign = "OBJ_id_kp,9L"; + +enum SN_dvcs = "DVCS"; +enum LN_dvcs = "dvcs"; +enum NID_dvcs = 297; +enum OBJ_dvcs = "OBJ_id_kp,10L"; + +enum SN_id_it_caProtEncCert = "id-it-caProtEncCert"; +enum NID_id_it_caProtEncCert = 298; +enum OBJ_id_it_caProtEncCert = "OBJ_id_it,1L"; + +enum SN_id_it_signKeyPairTypes = "id-it-signKeyPairTypes"; +enum NID_id_it_signKeyPairTypes = 299; +enum OBJ_id_it_signKeyPairTypes = "OBJ_id_it,2L"; + +enum SN_id_it_encKeyPairTypes = "id-it-encKeyPairTypes"; +enum NID_id_it_encKeyPairTypes = 300; +enum OBJ_id_it_encKeyPairTypes = "OBJ_id_it,3L"; + +enum SN_id_it_preferredSymmAlg = "id-it-preferredSymmAlg"; +enum NID_id_it_preferredSymmAlg = 301; +enum OBJ_id_it_preferredSymmAlg = "OBJ_id_it,4L"; + +enum SN_id_it_caKeyUpdateInfo = "id-it-caKeyUpdateInfo"; +enum NID_id_it_caKeyUpdateInfo = 302; +enum OBJ_id_it_caKeyUpdateInfo = "OBJ_id_it,5L"; + +enum SN_id_it_currentCRL = "id-it-currentCRL"; +enum NID_id_it_currentCRL = 303; +enum OBJ_id_it_currentCRL = "OBJ_id_it,6L"; + +enum SN_id_it_unsupportedOIDs = "id-it-unsupportedOIDs"; +enum NID_id_it_unsupportedOIDs = 304; +enum OBJ_id_it_unsupportedOIDs = "OBJ_id_it,7L"; + +enum SN_id_it_subscriptionRequest = "id-it-subscriptionRequest"; +enum NID_id_it_subscriptionRequest = 305; +enum OBJ_id_it_subscriptionRequest = "OBJ_id_it,8L"; + +enum SN_id_it_subscriptionResponse = "id-it-subscriptionResponse"; +enum NID_id_it_subscriptionResponse = 306; +enum OBJ_id_it_subscriptionResponse = "OBJ_id_it,9L"; + +enum SN_id_it_keyPairParamReq = "id-it-keyPairParamReq"; +enum NID_id_it_keyPairParamReq = 307; +enum OBJ_id_it_keyPairParamReq = "OBJ_id_it,10L"; + +enum SN_id_it_keyPairParamRep = "id-it-keyPairParamRep"; +enum NID_id_it_keyPairParamRep = 308; +enum OBJ_id_it_keyPairParamRep = "OBJ_id_it,11L"; + +enum SN_id_it_revPassphrase = "id-it-revPassphrase"; +enum NID_id_it_revPassphrase = 309; +enum OBJ_id_it_revPassphrase = "OBJ_id_it,12L"; + +enum SN_id_it_implicitConfirm = "id-it-implicitConfirm"; +enum NID_id_it_implicitConfirm = 310; +enum OBJ_id_it_implicitConfirm = "OBJ_id_it,13L"; + +enum SN_id_it_confirmWaitTime = "id-it-confirmWaitTime"; +enum NID_id_it_confirmWaitTime = 311; +enum OBJ_id_it_confirmWaitTime = "OBJ_id_it,14L"; + +enum SN_id_it_origPKIMessage = "id-it-origPKIMessage"; +enum NID_id_it_origPKIMessage = 312; +enum OBJ_id_it_origPKIMessage = "OBJ_id_it,15L"; + +enum SN_id_it_suppLangTags = "id-it-suppLangTags"; +enum NID_id_it_suppLangTags = 784; +enum OBJ_id_it_suppLangTags = "OBJ_id_it,16L"; + +enum SN_id_regCtrl = "id-regCtrl"; +enum NID_id_regCtrl = 313; +enum OBJ_id_regCtrl = "OBJ_id_pkip,1L"; + +enum SN_id_regInfo = "id-regInfo"; +enum NID_id_regInfo = 314; +enum OBJ_id_regInfo = "OBJ_id_pkip,2L"; + +enum SN_id_regCtrl_regToken = "id-regCtrl-regToken"; +enum NID_id_regCtrl_regToken = 315; +enum OBJ_id_regCtrl_regToken = "OBJ_id_regCtrl,1L"; + +enum SN_id_regCtrl_authenticator = "id-regCtrl-authenticator"; +enum NID_id_regCtrl_authenticator = 316; +enum OBJ_id_regCtrl_authenticator = "OBJ_id_regCtrl,2L"; + +enum SN_id_regCtrl_pkiPublicationInfo = "id-regCtrl-pkiPublicationInfo"; +enum NID_id_regCtrl_pkiPublicationInfo = 317; +enum OBJ_id_regCtrl_pkiPublicationInfo = "OBJ_id_regCtrl,3L"; + +enum SN_id_regCtrl_pkiArchiveOptions = "id-regCtrl-pkiArchiveOptions"; +enum NID_id_regCtrl_pkiArchiveOptions = 318; +enum OBJ_id_regCtrl_pkiArchiveOptions = "OBJ_id_regCtrl,4L"; + +enum SN_id_regCtrl_oldCertID = "id-regCtrl-oldCertID"; +enum NID_id_regCtrl_oldCertID = 319; +enum OBJ_id_regCtrl_oldCertID = "OBJ_id_regCtrl,5L"; + +enum SN_id_regCtrl_protocolEncrKey = "id-regCtrl-protocolEncrKey"; +enum NID_id_regCtrl_protocolEncrKey = 320; +enum OBJ_id_regCtrl_protocolEncrKey = "OBJ_id_regCtrl,6L"; + +enum SN_id_regInfo_utf8Pairs = "id-regInfo-utf8Pairs"; +enum NID_id_regInfo_utf8Pairs = 321; +enum OBJ_id_regInfo_utf8Pairs = "OBJ_id_regInfo,1L"; + +enum SN_id_regInfo_certReq = "id-regInfo-certReq"; +enum NID_id_regInfo_certReq = 322; +enum OBJ_id_regInfo_certReq = "OBJ_id_regInfo,2L"; + +enum SN_id_alg_des40 = "id-alg-des40"; +enum NID_id_alg_des40 = 323; +enum OBJ_id_alg_des40 = "OBJ_id_alg,1L"; + +enum SN_id_alg_noSignature = "id-alg-noSignature"; +enum NID_id_alg_noSignature = 324; +enum OBJ_id_alg_noSignature = "OBJ_id_alg,2L"; + +enum SN_id_alg_dh_sig_hmac_sha1 = "id-alg-dh-sig-hmac-sha1"; +enum NID_id_alg_dh_sig_hmac_sha1 = 325; +enum OBJ_id_alg_dh_sig_hmac_sha1 = "OBJ_id_alg,3L"; + +enum SN_id_alg_dh_pop = "id-alg-dh-pop"; +enum NID_id_alg_dh_pop = 326; +enum OBJ_id_alg_dh_pop = "OBJ_id_alg,4L"; + +enum SN_id_cmc_statusInfo = "id-cmc-statusInfo"; +enum NID_id_cmc_statusInfo = 327; +enum OBJ_id_cmc_statusInfo = "OBJ_id_cmc,1L"; + +enum SN_id_cmc_identification = "id-cmc-identification"; +enum NID_id_cmc_identification = 328; +enum OBJ_id_cmc_identification = "OBJ_id_cmc,2L"; + +enum SN_id_cmc_identityProof = "id-cmc-identityProof"; +enum NID_id_cmc_identityProof = 329; +enum OBJ_id_cmc_identityProof = "OBJ_id_cmc,3L"; + +enum SN_id_cmc_dataReturn = "id-cmc-dataReturn"; +enum NID_id_cmc_dataReturn = 330; +enum OBJ_id_cmc_dataReturn = "OBJ_id_cmc,4L"; + +enum SN_id_cmc_transactionId = "id-cmc-transactionId"; +enum NID_id_cmc_transactionId = 331; +enum OBJ_id_cmc_transactionId = "OBJ_id_cmc,5L"; + +enum SN_id_cmc_senderNonce = "id-cmc-senderNonce"; +enum NID_id_cmc_senderNonce = 332; +enum OBJ_id_cmc_senderNonce = "OBJ_id_cmc,6L"; + +enum SN_id_cmc_recipientNonce = "id-cmc-recipientNonce"; +enum NID_id_cmc_recipientNonce = 333; +enum OBJ_id_cmc_recipientNonce = "OBJ_id_cmc,7L"; + +enum SN_id_cmc_addExtensions = "id-cmc-addExtensions"; +enum NID_id_cmc_addExtensions = 334; +enum OBJ_id_cmc_addExtensions = "OBJ_id_cmc,8L"; + +enum SN_id_cmc_encryptedPOP = "id-cmc-encryptedPOP"; +enum NID_id_cmc_encryptedPOP = 335; +enum OBJ_id_cmc_encryptedPOP = "OBJ_id_cmc,9L"; + +enum SN_id_cmc_decryptedPOP = "id-cmc-decryptedPOP"; +enum NID_id_cmc_decryptedPOP = 336; +enum OBJ_id_cmc_decryptedPOP = "OBJ_id_cmc,10L"; + +enum SN_id_cmc_lraPOPWitness = "id-cmc-lraPOPWitness"; +enum NID_id_cmc_lraPOPWitness = 337; +enum OBJ_id_cmc_lraPOPWitness = "OBJ_id_cmc,11L"; + +enum SN_id_cmc_getCert = "id-cmc-getCert"; +enum NID_id_cmc_getCert = 338; +enum OBJ_id_cmc_getCert = "OBJ_id_cmc,15L"; + +enum SN_id_cmc_getCRL = "id-cmc-getCRL"; +enum NID_id_cmc_getCRL = 339; +enum OBJ_id_cmc_getCRL = "OBJ_id_cmc,16L"; + +enum SN_id_cmc_revokeRequest = "id-cmc-revokeRequest"; +enum NID_id_cmc_revokeRequest = 340; +enum OBJ_id_cmc_revokeRequest = "OBJ_id_cmc,17L"; + +enum SN_id_cmc_regInfo = "id-cmc-regInfo"; +enum NID_id_cmc_regInfo = 341; +enum OBJ_id_cmc_regInfo = "OBJ_id_cmc,18L"; + +enum SN_id_cmc_responseInfo = "id-cmc-responseInfo"; +enum NID_id_cmc_responseInfo = 342; +enum OBJ_id_cmc_responseInfo = "OBJ_id_cmc,19L"; + +enum SN_id_cmc_queryPending = "id-cmc-queryPending"; +enum NID_id_cmc_queryPending = 343; +enum OBJ_id_cmc_queryPending = "OBJ_id_cmc,21L"; + +enum SN_id_cmc_popLinkRandom = "id-cmc-popLinkRandom"; +enum NID_id_cmc_popLinkRandom = 344; +enum OBJ_id_cmc_popLinkRandom = "OBJ_id_cmc,22L"; + +enum SN_id_cmc_popLinkWitness = "id-cmc-popLinkWitness"; +enum NID_id_cmc_popLinkWitness = 345; +enum OBJ_id_cmc_popLinkWitness = "OBJ_id_cmc,23L"; + +enum SN_id_cmc_confirmCertAcceptance = "id-cmc-confirmCertAcceptance"; +enum NID_id_cmc_confirmCertAcceptance = 346; +enum OBJ_id_cmc_confirmCertAcceptance = "OBJ_id_cmc,24L"; + +enum SN_id_on_personalData = "id-on-personalData"; +enum NID_id_on_personalData = 347; +enum OBJ_id_on_personalData = "OBJ_id_on,1L"; + +enum SN_id_on_permanentIdentifier = "id-on-permanentIdentifier"; +enum LN_id_on_permanentIdentifier = "Permanent Identifier"; +enum NID_id_on_permanentIdentifier = 858; +enum OBJ_id_on_permanentIdentifier = "OBJ_id_on,3L"; + +enum SN_id_pda_dateOfBirth = "id-pda-dateOfBirth"; +enum NID_id_pda_dateOfBirth = 348; +enum OBJ_id_pda_dateOfBirth = "OBJ_id_pda,1L"; + +enum SN_id_pda_placeOfBirth = "id-pda-placeOfBirth"; +enum NID_id_pda_placeOfBirth = 349; +enum OBJ_id_pda_placeOfBirth = "OBJ_id_pda,2L"; + +enum SN_id_pda_gender = "id-pda-gender"; +enum NID_id_pda_gender = 351; +enum OBJ_id_pda_gender = "OBJ_id_pda,3L"; + +enum SN_id_pda_countryOfCitizenship = "id-pda-countryOfCitizenship"; +enum NID_id_pda_countryOfCitizenship = 352; +enum OBJ_id_pda_countryOfCitizenship = "OBJ_id_pda,4L"; + +enum SN_id_pda_countryOfResidence = "id-pda-countryOfResidence"; +enum NID_id_pda_countryOfResidence = 353; +enum OBJ_id_pda_countryOfResidence = "OBJ_id_pda,5L"; + +enum SN_id_aca_authenticationInfo = "id-aca-authenticationInfo"; +enum NID_id_aca_authenticationInfo = 354; +enum OBJ_id_aca_authenticationInfo = "OBJ_id_aca,1L"; + +enum SN_id_aca_accessIdentity = "id-aca-accessIdentity"; +enum NID_id_aca_accessIdentity = 355; +enum OBJ_id_aca_accessIdentity = "OBJ_id_aca,2L"; + +enum SN_id_aca_chargingIdentity = "id-aca-chargingIdentity"; +enum NID_id_aca_chargingIdentity = 356; +enum OBJ_id_aca_chargingIdentity = "OBJ_id_aca,3L"; + +enum SN_id_aca_group = "id-aca-group"; +enum NID_id_aca_group = 357; +enum OBJ_id_aca_group = "OBJ_id_aca,4L"; + +enum SN_id_aca_role = "id-aca-role"; +enum NID_id_aca_role = 358; +enum OBJ_id_aca_role = "OBJ_id_aca,5L"; + +enum SN_id_aca_encAttrs = "id-aca-encAttrs"; +enum NID_id_aca_encAttrs = 399; +enum OBJ_id_aca_encAttrs = "OBJ_id_aca,6L"; + +enum SN_id_qcs_pkixQCSyntax_v1 = "id-qcs-pkixQCSyntax-v1"; +enum NID_id_qcs_pkixQCSyntax_v1 = 359; +enum OBJ_id_qcs_pkixQCSyntax_v1 = "OBJ_id_qcs,1L"; + +enum SN_id_cct_crs = "id-cct-crs"; +enum NID_id_cct_crs = 360; +enum OBJ_id_cct_crs = "OBJ_id_cct,1L"; + +enum SN_id_cct_PKIData = "id-cct-PKIData"; +enum NID_id_cct_PKIData = 361; +enum OBJ_id_cct_PKIData = "OBJ_id_cct,2L"; + +enum SN_id_cct_PKIResponse = "id-cct-PKIResponse"; +enum NID_id_cct_PKIResponse = 362; +enum OBJ_id_cct_PKIResponse = "OBJ_id_cct,3L"; + +enum SN_id_ppl_anyLanguage = "id-ppl-anyLanguage"; +enum LN_id_ppl_anyLanguage = "Any language"; +enum NID_id_ppl_anyLanguage = 664; +enum OBJ_id_ppl_anyLanguage = "OBJ_id_ppl,0L"; + +enum SN_id_ppl_inheritAll = "id-ppl-inheritAll"; +enum LN_id_ppl_inheritAll = "Inherit all"; +enum NID_id_ppl_inheritAll = 665; +enum OBJ_id_ppl_inheritAll = "OBJ_id_ppl,1L"; + +enum SN_Independent = "id-ppl-independent"; +enum LN_Independent = "Independent"; +enum NID_Independent = 667; +enum OBJ_Independent = "OBJ_id_ppl,2L"; + +enum SN_ad_OCSP = "OCSP"; +enum LN_ad_OCSP = "OCSP"; +enum NID_ad_OCSP = 178; +enum OBJ_ad_OCSP = "OBJ_id_ad,1L"; + +enum SN_ad_ca_issuers = "caIssuers"; +enum LN_ad_ca_issuers = "CA Issuers"; +enum NID_ad_ca_issuers = 179; +enum OBJ_ad_ca_issuers = "OBJ_id_ad,2L"; + +enum SN_ad_timeStamping = "ad_timestamping"; +enum LN_ad_timeStamping = "AD Time Stamping"; +enum NID_ad_timeStamping = 363; +enum OBJ_ad_timeStamping = "OBJ_id_ad,3L"; + +enum SN_ad_dvcs = "AD_DVCS"; +enum LN_ad_dvcs = "ad dvcs"; +enum NID_ad_dvcs = 364; +enum OBJ_ad_dvcs = "OBJ_id_ad,4L"; + +enum SN_caRepository = "caRepository"; +enum LN_caRepository = "CA Repository"; +enum NID_caRepository = 785; +enum OBJ_caRepository = "OBJ_id_ad,5L"; + +enum OBJ_id_pkix_OCSP = "OBJ_ad_OCSP"; + +enum SN_id_pkix_OCSP_basic = "basicOCSPResponse"; +enum LN_id_pkix_OCSP_basic = "Basic OCSP Response"; +enum NID_id_pkix_OCSP_basic = 365; +enum OBJ_id_pkix_OCSP_basic = "OBJ_id_pkix_OCSP,1L"; + +enum SN_id_pkix_OCSP_Nonce = "Nonce"; +enum LN_id_pkix_OCSP_Nonce = "OCSP Nonce"; +enum NID_id_pkix_OCSP_Nonce = 366; +enum OBJ_id_pkix_OCSP_Nonce = "OBJ_id_pkix_OCSP,2L"; + +enum SN_id_pkix_OCSP_CrlID = "CrlID"; +enum LN_id_pkix_OCSP_CrlID = "OCSP CRL ID"; +enum NID_id_pkix_OCSP_CrlID = 367; +enum OBJ_id_pkix_OCSP_CrlID = "OBJ_id_pkix_OCSP,3L"; + +enum SN_id_pkix_OCSP_acceptableResponses = "acceptableResponses"; +enum LN_id_pkix_OCSP_acceptableResponses = "Acceptable OCSP Responses"; +enum NID_id_pkix_OCSP_acceptableResponses = 368; +enum OBJ_id_pkix_OCSP_acceptableResponses = "OBJ_id_pkix_OCSP,4L"; + +enum SN_id_pkix_OCSP_noCheck = "noCheck"; +enum LN_id_pkix_OCSP_noCheck = "OCSP No Check"; +enum NID_id_pkix_OCSP_noCheck = 369; +enum OBJ_id_pkix_OCSP_noCheck = "OBJ_id_pkix_OCSP,5L"; + +enum SN_id_pkix_OCSP_archiveCutoff = "archiveCutoff"; +enum LN_id_pkix_OCSP_archiveCutoff = "OCSP Archive Cutoff"; +enum NID_id_pkix_OCSP_archiveCutoff = 370; +enum OBJ_id_pkix_OCSP_archiveCutoff = "OBJ_id_pkix_OCSP,6L"; + +enum SN_id_pkix_OCSP_serviceLocator = "serviceLocator"; +enum LN_id_pkix_OCSP_serviceLocator = "OCSP Service Locator"; +enum NID_id_pkix_OCSP_serviceLocator = 371; +enum OBJ_id_pkix_OCSP_serviceLocator = "OBJ_id_pkix_OCSP,7L"; + +enum SN_id_pkix_OCSP_extendedStatus = "extendedStatus"; +enum LN_id_pkix_OCSP_extendedStatus = "Extended OCSP Status"; +enum NID_id_pkix_OCSP_extendedStatus = 372; +enum OBJ_id_pkix_OCSP_extendedStatus = "OBJ_id_pkix_OCSP,8L"; + +enum SN_id_pkix_OCSP_valid = "valid"; +enum NID_id_pkix_OCSP_valid = 373; +enum OBJ_id_pkix_OCSP_valid = "OBJ_id_pkix_OCSP,9L"; + +enum SN_id_pkix_OCSP_path = "path"; +enum NID_id_pkix_OCSP_path = 374; +enum OBJ_id_pkix_OCSP_path = "OBJ_id_pkix_OCSP,10L"; + +enum SN_id_pkix_OCSP_trustRoot = "trustRoot"; +enum LN_id_pkix_OCSP_trustRoot = "Trust Root"; +enum NID_id_pkix_OCSP_trustRoot = 375; +enum OBJ_id_pkix_OCSP_trustRoot = "OBJ_id_pkix_OCSP,11L"; + +enum SN_algorithm = "algorithm"; +enum LN_algorithm = "algorithm"; +enum NID_algorithm = 376; +enum OBJ_algorithm = "1L,3L,14L,3L,2L"; + +enum SN_md5WithRSA = "RSA-NP-MD5"; +enum LN_md5WithRSA = "md5WithRSA"; +enum NID_md5WithRSA = 104; +enum OBJ_md5WithRSA = "OBJ_algorithm,3L"; + +enum SN_des_ecb = "DES-ECB"; +enum LN_des_ecb = "des-ecb"; +enum NID_des_ecb = 29; +enum OBJ_des_ecb = "OBJ_algorithm,6L"; + +enum SN_des_cbc = "DES-CBC"; +enum LN_des_cbc = "des-cbc"; +enum NID_des_cbc = 31; +enum OBJ_des_cbc = "OBJ_algorithm,7L"; + +enum SN_des_ofb64 = "DES-OFB"; +enum LN_des_ofb64 = "des-ofb"; +enum NID_des_ofb64 = 45; +enum OBJ_des_ofb64 = "OBJ_algorithm,8L"; + +enum SN_des_cfb64 = "DES-CFB"; +enum LN_des_cfb64 = "des-cfb"; +enum NID_des_cfb64 = 30; +enum OBJ_des_cfb64 = "OBJ_algorithm,9L"; + +enum SN_rsaSignature = "rsaSignature"; +enum NID_rsaSignature = 377; +enum OBJ_rsaSignature = "OBJ_algorithm,11L"; + +enum SN_dsa_2 = "DSA-old"; +enum LN_dsa_2 = "dsaEncryption-old"; +enum NID_dsa_2 = 67; +enum OBJ_dsa_2 = "OBJ_algorithm,12L"; + +enum SN_dsaWithSHA = "DSA-SHA"; +enum LN_dsaWithSHA = "dsaWithSHA"; +enum NID_dsaWithSHA = 66; +enum OBJ_dsaWithSHA = "OBJ_algorithm,13L"; + +enum SN_shaWithRSAEncryption = "RSA-SHA"; +enum LN_shaWithRSAEncryption = "shaWithRSAEncryption"; +enum NID_shaWithRSAEncryption = 42; +enum OBJ_shaWithRSAEncryption = "OBJ_algorithm,15L"; + +enum SN_des_ede_ecb = "DES-EDE"; +enum LN_des_ede_ecb = "des-ede"; +enum NID_des_ede_ecb = 32; +enum OBJ_des_ede_ecb = "OBJ_algorithm,17L"; + +enum SN_des_ede3_ecb = "DES-EDE3"; +enum LN_des_ede3_ecb = "des-ede3"; +enum NID_des_ede3_ecb = 33; + +enum SN_des_ede_cbc = "DES-EDE-CBC"; +enum LN_des_ede_cbc = "des-ede-cbc"; +enum NID_des_ede_cbc = 43; + +enum SN_des_ede_cfb64 = "DES-EDE-CFB"; +enum LN_des_ede_cfb64 = "des-ede-cfb"; +enum NID_des_ede_cfb64 = 60; + +enum SN_des_ede3_cfb64 = "DES-EDE3-CFB"; +enum LN_des_ede3_cfb64 = "des-ede3-cfb"; +enum NID_des_ede3_cfb64 = 61; + +enum SN_des_ede_ofb64 = "DES-EDE-OFB"; +enum LN_des_ede_ofb64 = "des-ede-ofb"; +enum NID_des_ede_ofb64 = 62; + +enum SN_des_ede3_ofb64 = "DES-EDE3-OFB"; +enum LN_des_ede3_ofb64 = "des-ede3-ofb"; +enum NID_des_ede3_ofb64 = 63; + +enum SN_desx_cbc = "DESX-CBC"; +enum LN_desx_cbc = "desx-cbc"; +enum NID_desx_cbc = 80; + +enum SN_sha = "SHA"; +enum LN_sha = "sha"; +enum NID_sha = 41; +enum OBJ_sha = "OBJ_algorithm,18L"; + +enum SN_sha1 = "SHA1"; +enum LN_sha1 = "sha1"; +enum NID_sha1 = 64; +enum OBJ_sha1 = "OBJ_algorithm,26L"; + +enum SN_dsaWithSHA1_2 = "DSA-SHA1-old"; +enum LN_dsaWithSHA1_2 = "dsaWithSHA1-old"; +enum NID_dsaWithSHA1_2 = 70; +enum OBJ_dsaWithSHA1_2 = "OBJ_algorithm,27L"; + +enum SN_sha1WithRSA = "RSA-SHA1-2"; +enum LN_sha1WithRSA = "sha1WithRSA"; +enum NID_sha1WithRSA = 115; +enum OBJ_sha1WithRSA = "OBJ_algorithm,29L"; + +enum SN_ripemd160 = "RIPEMD160"; +enum LN_ripemd160 = "ripemd160"; +enum NID_ripemd160 = 117; +enum OBJ_ripemd160 = "1L,3L,36L,3L,2L,1L"; + +enum SN_ripemd160WithRSA = "RSA-RIPEMD160"; +enum LN_ripemd160WithRSA = "ripemd160WithRSA"; +enum NID_ripemd160WithRSA = 119; +enum OBJ_ripemd160WithRSA = "1L,3L,36L,3L,3L,1L,2L"; + +enum SN_sxnet = "SXNetID"; +enum LN_sxnet = "Strong Extranet ID"; +enum NID_sxnet = 143; +enum OBJ_sxnet = "1L,3L,101L,1L,4L,1L"; + +enum SN_X500 = "X500"; +enum LN_X500 = "directory services (X.500)"; +enum NID_X500 = 11; +enum OBJ_X500 = "2L,5L"; + +enum SN_X509 = "X509"; +enum NID_X509 = 12; +enum OBJ_X509 = "OBJ_X500,4L"; + +enum SN_commonName = "CN"; +enum LN_commonName = "commonName"; +enum NID_commonName = 13; +enum OBJ_commonName = "OBJ_X509,3L"; + +enum SN_surname = "SN"; +enum LN_surname = "surname"; +enum NID_surname = 100; +enum OBJ_surname = "OBJ_X509,4L"; + +enum LN_serialNumber = "serialNumber"; +enum NID_serialNumber = 105; +enum OBJ_serialNumber = "OBJ_X509,5L"; + +enum SN_countryName = "C"; +enum LN_countryName = "countryName"; +enum NID_countryName = 14; +enum OBJ_countryName = "OBJ_X509,6L"; + +enum SN_localityName = "L"; +enum LN_localityName = "localityName"; +enum NID_localityName = 15; +enum OBJ_localityName = "OBJ_X509,7L"; + +enum SN_stateOrProvinceName = "ST"; +enum LN_stateOrProvinceName = "stateOrProvinceName"; +enum NID_stateOrProvinceName = 16; +enum OBJ_stateOrProvinceName = "OBJ_X509,8L"; + +enum SN_streetAddress = "street"; +enum LN_streetAddress = "streetAddress"; +enum NID_streetAddress = 660; +enum OBJ_streetAddress = "OBJ_X509,9L"; + +enum SN_organizationName = "O"; +enum LN_organizationName = "organizationName"; +enum NID_organizationName = 17; +enum OBJ_organizationName = "OBJ_X509,10L"; + +enum SN_organizationalUnitName = "OU"; +enum LN_organizationalUnitName = "organizationalUnitName"; +enum NID_organizationalUnitName = 18; +enum OBJ_organizationalUnitName = "OBJ_X509,11L"; + +enum SN_title = "title"; +enum LN_title = "title"; +enum NID_title = 106; +enum OBJ_title = "OBJ_X509,12L"; + +enum LN_description = "description"; +enum NID_description = 107; +enum OBJ_description = "OBJ_X509,13L"; + +enum LN_searchGuide = "searchGuide"; +enum NID_searchGuide = 859; +enum OBJ_searchGuide = "OBJ_X509,14L"; + +enum LN_businessCategory = "businessCategory"; +enum NID_businessCategory = 860; +enum OBJ_businessCategory = "OBJ_X509,15L"; + +enum LN_postalAddress = "postalAddress"; +enum NID_postalAddress = 861; +enum OBJ_postalAddress = "OBJ_X509,16L"; + +enum LN_postalCode = "postalCode"; +enum NID_postalCode = 661; +enum OBJ_postalCode = "OBJ_X509,17L"; + +enum LN_postOfficeBox = "postOfficeBox"; +enum NID_postOfficeBox = 862; +enum OBJ_postOfficeBox = "OBJ_X509,18L"; + +enum LN_physicalDeliveryOfficeName = "physicalDeliveryOfficeName"; +enum NID_physicalDeliveryOfficeName = 863; +enum OBJ_physicalDeliveryOfficeName = "OBJ_X509,19L"; + +enum LN_telephoneNumber = "telephoneNumber"; +enum NID_telephoneNumber = 864; +enum OBJ_telephoneNumber = "OBJ_X509,20L"; + +enum LN_telexNumber = "telexNumber"; +enum NID_telexNumber = 865; +enum OBJ_telexNumber = "OBJ_X509,21L"; + +enum LN_teletexTerminalIdentifier = "teletexTerminalIdentifier"; +enum NID_teletexTerminalIdentifier = 866; +enum OBJ_teletexTerminalIdentifier = "OBJ_X509,22L"; + +enum LN_facsimileTelephoneNumber = "facsimileTelephoneNumber"; +enum NID_facsimileTelephoneNumber = 867; +enum OBJ_facsimileTelephoneNumber = "OBJ_X509,23L"; + +enum LN_x121Address = "x121Address"; +enum NID_x121Address = 868; +enum OBJ_x121Address = "OBJ_X509,24L"; + +enum LN_internationaliSDNNumber = "internationaliSDNNumber"; +enum NID_internationaliSDNNumber = 869; +enum OBJ_internationaliSDNNumber = "OBJ_X509,25L"; + +enum LN_registeredAddress = "registeredAddress"; +enum NID_registeredAddress = 870; +enum OBJ_registeredAddress = "OBJ_X509,26L"; + +enum LN_destinationIndicator = "destinationIndicator"; +enum NID_destinationIndicator = 871; +enum OBJ_destinationIndicator = "OBJ_X509,27L"; + +enum LN_preferredDeliveryMethod = "preferredDeliveryMethod"; +enum NID_preferredDeliveryMethod = 872; +enum OBJ_preferredDeliveryMethod = "OBJ_X509,28L"; + +enum LN_presentationAddress = "presentationAddress"; +enum NID_presentationAddress = 873; +enum OBJ_presentationAddress = "OBJ_X509,29L"; + +enum LN_supportedApplicationContext = "supportedApplicationContext"; +enum NID_supportedApplicationContext = 874; +enum OBJ_supportedApplicationContext = "OBJ_X509,30L"; + +enum SN_member = "member"; +enum NID_member = 875; +enum OBJ_member = "OBJ_X509,31L"; + +enum SN_owner = "owner"; +enum NID_owner = 876; +enum OBJ_owner = "OBJ_X509,32L"; + +enum LN_roleOccupant = "roleOccupant"; +enum NID_roleOccupant = 877; +enum OBJ_roleOccupant = "OBJ_X509,33L"; + +enum SN_seeAlso = "seeAlso"; +enum NID_seeAlso = 878; +enum OBJ_seeAlso = "OBJ_X509,34L"; + +enum LN_userPassword = "userPassword"; +enum NID_userPassword = 879; +enum OBJ_userPassword = "OBJ_X509,35L"; + +enum LN_userCertificate = "userCertificate"; +enum NID_userCertificate = 880; +enum OBJ_userCertificate = "OBJ_X509,36L"; + +enum LN_cACertificate = "cACertificate"; +enum NID_cACertificate = 881; +enum OBJ_cACertificate = "OBJ_X509,37L"; + +enum LN_authorityRevocationList = "authorityRevocationList"; +enum NID_authorityRevocationList = 882; +enum OBJ_authorityRevocationList = "OBJ_X509,38L"; + +enum LN_certificateRevocationList = "certificateRevocationList"; +enum NID_certificateRevocationList = 883; +enum OBJ_certificateRevocationList = "OBJ_X509,39L"; + +enum LN_crossCertificatePair = "crossCertificatePair"; +enum NID_crossCertificatePair = 884; +enum OBJ_crossCertificatePair = "OBJ_X509,40L"; + +enum SN_name = "name"; +enum LN_name = "name"; +enum NID_name = 173; +enum OBJ_name = "OBJ_X509,41L"; + +enum SN_givenName = "GN"; +enum LN_givenName = "givenName"; +enum NID_givenName = 99; +enum OBJ_givenName = "OBJ_X509,42L"; + +enum SN_initials = "initials"; +enum LN_initials = "initials"; +enum NID_initials = 101; +enum OBJ_initials = "OBJ_X509,43L"; + +enum LN_generationQualifier = "generationQualifier"; +enum NID_generationQualifier = 509; +enum OBJ_generationQualifier = "OBJ_X509,44L"; + +enum LN_x500UniqueIdentifier = "x500UniqueIdentifier"; +enum NID_x500UniqueIdentifier = 503; +enum OBJ_x500UniqueIdentifier = "OBJ_X509,45L"; + +enum SN_dnQualifier = "dnQualifier"; +enum LN_dnQualifier = "dnQualifier"; +enum NID_dnQualifier = 174; +enum OBJ_dnQualifier = "OBJ_X509,46L"; + +enum LN_enhancedSearchGuide = "enhancedSearchGuide"; +enum NID_enhancedSearchGuide = 885; +enum OBJ_enhancedSearchGuide = "OBJ_X509,47L"; + +enum LN_protocolInformation = "protocolInformation"; +enum NID_protocolInformation = 886; +enum OBJ_protocolInformation = "OBJ_X509,48L"; + +enum LN_distinguishedName = "distinguishedName"; +enum NID_distinguishedName = 887; +enum OBJ_distinguishedName = "OBJ_X509,49L"; + +enum LN_uniqueMember = "uniqueMember"; +enum NID_uniqueMember = 888; +enum OBJ_uniqueMember = "OBJ_X509,50L"; + +enum LN_houseIdentifier = "houseIdentifier"; +enum NID_houseIdentifier = 889; +enum OBJ_houseIdentifier = "OBJ_X509,51L"; + +enum LN_supportedAlgorithms = "supportedAlgorithms"; +enum NID_supportedAlgorithms = 890; +enum OBJ_supportedAlgorithms = "OBJ_X509,52L"; + +enum LN_deltaRevocationList = "deltaRevocationList"; +enum NID_deltaRevocationList = 891; +enum OBJ_deltaRevocationList = "OBJ_X509,53L"; + +enum SN_dmdName = "dmdName"; +enum NID_dmdName = 892; +enum OBJ_dmdName = "OBJ_X509,54L"; + +enum LN_pseudonym = "pseudonym"; +enum NID_pseudonym = 510; +enum OBJ_pseudonym = "OBJ_X509,65L"; + +enum SN_role = "role"; +enum LN_role = "role"; +enum NID_role = 400; +enum OBJ_role = "OBJ_X509,72L"; + +enum SN_X500algorithms = "X500algorithms"; +enum LN_X500algorithms = "directory services - algorithms"; +enum NID_X500algorithms = 378; +enum OBJ_X500algorithms = "OBJ_X500,8L"; + +enum SN_rsa = "RSA"; +enum LN_rsa = "rsa"; +enum NID_rsa = 19; +enum OBJ_rsa = "OBJ_X500algorithms,1L,1L"; + +enum SN_mdc2WithRSA = "RSA-MDC2"; +enum LN_mdc2WithRSA = "mdc2WithRSA"; +enum NID_mdc2WithRSA = 96; +enum OBJ_mdc2WithRSA = "OBJ_X500algorithms,3L,100L"; + +enum SN_mdc2 = "MDC2"; +enum LN_mdc2 = "mdc2"; +enum NID_mdc2 = 95; +enum OBJ_mdc2 = "OBJ_X500algorithms,3L,101L"; + +enum SN_id_ce = "id-ce"; +enum NID_id_ce = 81; +enum OBJ_id_ce = "OBJ_X500,29L"; + +enum SN_subject_directory_attributes = "subjectDirectoryAttributes"; +enum LN_subject_directory_attributes = "X509v3 Subject Directory Attributes"; +enum NID_subject_directory_attributes = 769; +enum OBJ_subject_directory_attributes = "OBJ_id_ce,9L"; + +enum SN_subject_key_identifier = "subjectKeyIdentifier"; +enum LN_subject_key_identifier = "X509v3 Subject Key Identifier"; +enum NID_subject_key_identifier = 82; +enum OBJ_subject_key_identifier = "OBJ_id_ce,14L"; + +enum SN_key_usage = "keyUsage"; +enum LN_key_usage = "X509v3 Key Usage"; +enum NID_key_usage = 83; +enum OBJ_key_usage = "OBJ_id_ce,15L"; + +enum SN_private_key_usage_period = "privateKeyUsagePeriod"; +enum LN_private_key_usage_period = "X509v3 Private Key Usage Period"; +enum NID_private_key_usage_period = 84; +enum OBJ_private_key_usage_period = "OBJ_id_ce,16L"; + +enum SN_subject_alt_name = "subjectAltName"; +enum LN_subject_alt_name = "X509v3 Subject Alternative Name"; +enum NID_subject_alt_name = 85; +enum OBJ_subject_alt_name = "OBJ_id_ce,17L"; + +enum SN_issuer_alt_name = "issuerAltName"; +enum LN_issuer_alt_name = "X509v3 Issuer Alternative Name"; +enum NID_issuer_alt_name = 86; +enum OBJ_issuer_alt_name = "OBJ_id_ce,18L"; + +enum SN_basic_constraints = "basicConstraints"; +enum LN_basic_constraints = "X509v3 Basic Constraints"; +enum NID_basic_constraints = 87; +enum OBJ_basic_constraints = "OBJ_id_ce,19L"; + +enum SN_crl_number = "crlNumber"; +enum LN_crl_number = "X509v3 CRL Number"; +enum NID_crl_number = 88; +enum OBJ_crl_number = "OBJ_id_ce,20L"; + +enum SN_crl_reason = "CRLReason"; +enum LN_crl_reason = "X509v3 CRL Reason Code"; +enum NID_crl_reason = 141; +enum OBJ_crl_reason = "OBJ_id_ce,21L"; + +enum SN_invalidity_date = "invalidityDate"; +enum LN_invalidity_date = "Invalidity Date"; +enum NID_invalidity_date = 142; +enum OBJ_invalidity_date = "OBJ_id_ce,24L"; + +enum SN_delta_crl = "deltaCRL"; +enum LN_delta_crl = "X509v3 Delta CRL Indicator"; +enum NID_delta_crl = 140; +enum OBJ_delta_crl = "OBJ_id_ce,27L"; + +enum SN_issuing_distribution_point = "issuingDistributionPoint"; +enum LN_issuing_distribution_point = "X509v3 Issuing Distrubution Point"; +enum NID_issuing_distribution_point = 770; +enum OBJ_issuing_distribution_point = "OBJ_id_ce,28L"; + +enum SN_certificate_issuer = "certificateIssuer"; +enum LN_certificate_issuer = "X509v3 Certificate Issuer"; +enum NID_certificate_issuer = 771; +enum OBJ_certificate_issuer = "OBJ_id_ce,29L"; + +enum SN_name_constraints = "nameConstraints"; +enum LN_name_constraints = "X509v3 Name Constraints"; +enum NID_name_constraints = 666; +enum OBJ_name_constraints = "OBJ_id_ce,30L"; + +enum SN_crl_distribution_points = "crlDistributionPoints"; +enum LN_crl_distribution_points = "X509v3 CRL Distribution Points"; +enum NID_crl_distribution_points = 103; +enum OBJ_crl_distribution_points = "OBJ_id_ce,31L"; + +enum SN_certificate_policies = "certificatePolicies"; +enum LN_certificate_policies = "X509v3 Certificate Policies"; +enum NID_certificate_policies = 89; +enum OBJ_certificate_policies = "OBJ_id_ce,32L"; + +enum SN_any_policy = "anyPolicy"; +enum LN_any_policy = "X509v3 Any Policy"; +enum NID_any_policy = 746; +enum OBJ_any_policy = "OBJ_certificate_policies,0L"; + +enum SN_policy_mappings = "policyMappings"; +enum LN_policy_mappings = "X509v3 Policy Mappings"; +enum NID_policy_mappings = 747; +enum OBJ_policy_mappings = "OBJ_id_ce,33L"; + +enum SN_authority_key_identifier = "authorityKeyIdentifier"; +enum LN_authority_key_identifier = "X509v3 Authority Key Identifier"; +enum NID_authority_key_identifier = 90; +enum OBJ_authority_key_identifier = "OBJ_id_ce,35L"; + +enum SN_policy_constraints = "policyConstraints"; +enum LN_policy_constraints = "X509v3 Policy Constraints"; +enum NID_policy_constraints = 401; +enum OBJ_policy_constraints = "OBJ_id_ce,36L"; + +enum SN_ext_key_usage = "extendedKeyUsage"; +enum LN_ext_key_usage = "X509v3 Extended Key Usage"; +enum NID_ext_key_usage = 126; +enum OBJ_ext_key_usage = "OBJ_id_ce,37L"; + +enum SN_freshest_crl = "freshestCRL"; +enum LN_freshest_crl = "X509v3 Freshest CRL"; +enum NID_freshest_crl = 857; +enum OBJ_freshest_crl = "OBJ_id_ce,46L"; + +enum SN_inhibit_any_policy = "inhibitAnyPolicy"; +enum LN_inhibit_any_policy = "X509v3 Inhibit Any Policy"; +enum NID_inhibit_any_policy = 748; +enum OBJ_inhibit_any_policy = "OBJ_id_ce,54L"; + +enum SN_target_information = "targetInformation"; +enum LN_target_information = "X509v3 AC Targeting"; +enum NID_target_information = 402; +enum OBJ_target_information = "OBJ_id_ce,55L"; + +enum SN_no_rev_avail = "noRevAvail"; +enum LN_no_rev_avail = "X509v3 No Revocation Available"; +enum NID_no_rev_avail = 403; +enum OBJ_no_rev_avail = "OBJ_id_ce,56L"; + +enum SN_anyExtendedKeyUsage = "anyExtendedKeyUsage"; +enum LN_anyExtendedKeyUsage = "Any Extended Key Usage"; +enum NID_anyExtendedKeyUsage = 910; +enum OBJ_anyExtendedKeyUsage = "OBJ_ext_key_usage,0L"; + +enum SN_netscape = "Netscape"; +enum LN_netscape = "Netscape Communications Corp."; +enum NID_netscape = 57; +enum OBJ_netscape = "2L,16L,840L,1L,113730L"; + +enum SN_netscape_cert_extension = "nsCertExt"; +enum LN_netscape_cert_extension = "Netscape Certificate Extension"; +enum NID_netscape_cert_extension = 58; +enum OBJ_netscape_cert_extension = "OBJ_netscape,1L"; + +enum SN_netscape_data_type = "nsDataType"; +enum LN_netscape_data_type = "Netscape Data Type"; +enum NID_netscape_data_type = 59; +enum OBJ_netscape_data_type = "OBJ_netscape,2L"; + +enum SN_netscape_cert_type = "nsCertType"; +enum LN_netscape_cert_type = "Netscape Cert Type"; +enum NID_netscape_cert_type = 71; +enum OBJ_netscape_cert_type = "OBJ_netscape_cert_extension,1L"; + +enum SN_netscape_base_url = "nsBaseUrl"; +enum LN_netscape_base_url = "Netscape Base Url"; +enum NID_netscape_base_url = 72; +enum OBJ_netscape_base_url = "OBJ_netscape_cert_extension,2L"; + +enum SN_netscape_revocation_url = "nsRevocationUrl"; +enum LN_netscape_revocation_url = "Netscape Revocation Url"; +enum NID_netscape_revocation_url = 73; +enum OBJ_netscape_revocation_url = "OBJ_netscape_cert_extension,3L"; + +enum SN_netscape_ca_revocation_url = "nsCaRevocationUrl"; +enum LN_netscape_ca_revocation_url = "Netscape CA Revocation Url"; +enum NID_netscape_ca_revocation_url = 74; +enum OBJ_netscape_ca_revocation_url = "OBJ_netscape_cert_extension,4L"; + +enum SN_netscape_renewal_url = "nsRenewalUrl"; +enum LN_netscape_renewal_url = "Netscape Renewal Url"; +enum NID_netscape_renewal_url = 75; +enum OBJ_netscape_renewal_url = "OBJ_netscape_cert_extension,7L"; + +enum SN_netscape_ca_policy_url = "nsCaPolicyUrl"; +enum LN_netscape_ca_policy_url = "Netscape CA Policy Url"; +enum NID_netscape_ca_policy_url = 76; +enum OBJ_netscape_ca_policy_url = "OBJ_netscape_cert_extension,8L"; + +enum SN_netscape_ssl_server_name = "nsSslServerName"; +enum LN_netscape_ssl_server_name = "Netscape SSL Server Name"; +enum NID_netscape_ssl_server_name = 77; +enum OBJ_netscape_ssl_server_name = "OBJ_netscape_cert_extension,12L"; + +enum SN_netscape_comment = "nsComment"; +enum LN_netscape_comment = "Netscape Comment"; +enum NID_netscape_comment = 78; +enum OBJ_netscape_comment = "OBJ_netscape_cert_extension,13L"; + +enum SN_netscape_cert_sequence = "nsCertSequence"; +enum LN_netscape_cert_sequence = "Netscape Certificate Sequence"; +enum NID_netscape_cert_sequence = 79; +enum OBJ_netscape_cert_sequence = "OBJ_netscape_data_type,5L"; + +enum SN_ns_sgc = "nsSGC"; +enum LN_ns_sgc = "Netscape Server Gated Crypto"; +enum NID_ns_sgc = 139; +enum OBJ_ns_sgc = "OBJ_netscape,4L,1L"; + +enum SN_org = "ORG"; +enum LN_org = "org"; +enum NID_org = 379; +enum OBJ_org = "OBJ_iso,3L"; + +enum SN_dod = "DOD"; +enum LN_dod = "dod"; +enum NID_dod = 380; +enum OBJ_dod = "OBJ_org,6L"; + +enum SN_iana = "IANA"; +enum LN_iana = "iana"; +enum NID_iana = 381; +enum OBJ_iana = "OBJ_dod,1L"; + +enum OBJ_internet = "OBJ_iana"; + +enum SN_Directory = "directory"; +enum LN_Directory = "Directory"; +enum NID_Directory = 382; +enum OBJ_Directory = "OBJ_internet,1L"; + +enum SN_Management = "mgmt"; +enum LN_Management = "Management"; +enum NID_Management = 383; +enum OBJ_Management = "OBJ_internet,2L"; + +enum SN_Experimental = "experimental"; +enum LN_Experimental = "Experimental"; +enum NID_Experimental = 384; +enum OBJ_Experimental = "OBJ_internet,3L"; + +enum SN_Private = "private"; +enum LN_Private = "Private"; +enum NID_Private = 385; +enum OBJ_Private = "OBJ_internet,4L"; + +enum SN_Security = "security"; +enum LN_Security = "Security"; +enum NID_Security = 386; +enum OBJ_Security = "OBJ_internet,5L"; + +enum SN_SNMPv2 = "snmpv2"; +enum LN_SNMPv2 = "SNMPv2"; +enum NID_SNMPv2 = 387; +enum OBJ_SNMPv2 = "OBJ_internet,6L"; + +enum LN_Mail = "Mail"; +enum NID_Mail = 388; +enum OBJ_Mail = "OBJ_internet,7L"; + +enum SN_Enterprises = "enterprises"; +enum LN_Enterprises = "Enterprises"; +enum NID_Enterprises = 389; +enum OBJ_Enterprises = "OBJ_Private,1L"; + +enum SN_dcObject = "dcobject"; +enum LN_dcObject = "dcObject"; +enum NID_dcObject = 390; +enum OBJ_dcObject = "OBJ_Enterprises,1466L,344L"; + +enum SN_mime_mhs = "mime-mhs"; +enum LN_mime_mhs = "MIME MHS"; +enum NID_mime_mhs = 504; +enum OBJ_mime_mhs = "OBJ_Mail,1L"; + +enum SN_mime_mhs_headings = "mime-mhs-headings"; +enum LN_mime_mhs_headings = "mime-mhs-headings"; +enum NID_mime_mhs_headings = 505; +enum OBJ_mime_mhs_headings = "OBJ_mime_mhs,1L"; + +enum SN_mime_mhs_bodies = "mime-mhs-bodies"; +enum LN_mime_mhs_bodies = "mime-mhs-bodies"; +enum NID_mime_mhs_bodies = 506; +enum OBJ_mime_mhs_bodies = "OBJ_mime_mhs,2L"; + +enum SN_id_hex_partial_message = "id-hex-partial-message"; +enum LN_id_hex_partial_message = "id-hex-partial-message"; +enum NID_id_hex_partial_message = 507; +enum OBJ_id_hex_partial_message = "OBJ_mime_mhs_headings,1L"; + +enum SN_id_hex_multipart_message = "id-hex-multipart-message"; +enum LN_id_hex_multipart_message = "id-hex-multipart-message"; +enum NID_id_hex_multipart_message = 508; +enum OBJ_id_hex_multipart_message = "OBJ_mime_mhs_headings,2L"; + +enum SN_rle_compression = "RLE"; +enum LN_rle_compression = "run length compression"; +enum NID_rle_compression = 124; +enum OBJ_rle_compression = "1L,1L,1L,1L,666L,1L"; + +enum SN_zlib_compression = "ZLIB"; +enum LN_zlib_compression = "zlib compression"; +enum NID_zlib_compression = 125; +enum OBJ_zlib_compression = "OBJ_id_smime_alg,8L"; + +enum OBJ_csor = "2L,16L,840L,1L,101L,3L"; + +enum OBJ_nistAlgorithms = "OBJ_csor,4L"; + +enum OBJ_aes = "OBJ_nistAlgorithms,1L"; + +enum SN_aes_128_ecb = "AES-128-ECB"; +enum LN_aes_128_ecb = "aes-128-ecb"; +enum NID_aes_128_ecb = 418; +enum OBJ_aes_128_ecb = "OBJ_aes,1L"; + +enum SN_aes_128_cbc = "AES-128-CBC"; +enum LN_aes_128_cbc = "aes-128-cbc"; +enum NID_aes_128_cbc = 419; +enum OBJ_aes_128_cbc = "OBJ_aes,2L"; + +enum SN_aes_128_ofb128 = "AES-128-OFB"; +enum LN_aes_128_ofb128 = "aes-128-ofb"; +enum NID_aes_128_ofb128 = 420; +enum OBJ_aes_128_ofb128 = "OBJ_aes,3L"; + +enum SN_aes_128_cfb128 = "AES-128-CFB"; +enum LN_aes_128_cfb128 = "aes-128-cfb"; +enum NID_aes_128_cfb128 = 421; +enum OBJ_aes_128_cfb128 = "OBJ_aes,4L"; + +enum SN_id_aes128_wrap = "id-aes128-wrap"; +enum NID_id_aes128_wrap = 788; +enum OBJ_id_aes128_wrap = "OBJ_aes,5L"; + +enum SN_aes_128_gcm = "id-aes128-GCM"; +enum LN_aes_128_gcm = "aes-128-gcm"; +enum NID_aes_128_gcm = 895; +enum OBJ_aes_128_gcm = "OBJ_aes,6L"; + +enum SN_aes_128_ccm = "id-aes128-CCM"; +enum LN_aes_128_ccm = "aes-128-ccm"; +enum NID_aes_128_ccm = 896; +enum OBJ_aes_128_ccm = "OBJ_aes,7L"; + +enum SN_id_aes128_wrap_pad = "id-aes128-wrap-pad"; +enum NID_id_aes128_wrap_pad = 897; +enum OBJ_id_aes128_wrap_pad = "OBJ_aes,8L"; + +enum SN_aes_192_ecb = "AES-192-ECB"; +enum LN_aes_192_ecb = "aes-192-ecb"; +enum NID_aes_192_ecb = 422; +enum OBJ_aes_192_ecb = "OBJ_aes,21L"; + +enum SN_aes_192_cbc = "AES-192-CBC"; +enum LN_aes_192_cbc = "aes-192-cbc"; +enum NID_aes_192_cbc = 423; +enum OBJ_aes_192_cbc = "OBJ_aes,22L"; + +enum SN_aes_192_ofb128 = "AES-192-OFB"; +enum LN_aes_192_ofb128 = "aes-192-ofb"; +enum NID_aes_192_ofb128 = 424; +enum OBJ_aes_192_ofb128 = "OBJ_aes,23L"; + +enum SN_aes_192_cfb128 = "AES-192-CFB"; +enum LN_aes_192_cfb128 = "aes-192-cfb"; +enum NID_aes_192_cfb128 = 425; +enum OBJ_aes_192_cfb128 = "OBJ_aes,24L"; + +enum SN_id_aes192_wrap = "id-aes192-wrap"; +enum NID_id_aes192_wrap = 789; +enum OBJ_id_aes192_wrap = "OBJ_aes,25L"; + +enum SN_aes_192_gcm = "id-aes192-GCM"; +enum LN_aes_192_gcm = "aes-192-gcm"; +enum NID_aes_192_gcm = 898; +enum OBJ_aes_192_gcm = "OBJ_aes,26L"; + +enum SN_aes_192_ccm = "id-aes192-CCM"; +enum LN_aes_192_ccm = "aes-192-ccm"; +enum NID_aes_192_ccm = 899; +enum OBJ_aes_192_ccm = "OBJ_aes,27L"; + +enum SN_id_aes192_wrap_pad = "id-aes192-wrap-pad"; +enum NID_id_aes192_wrap_pad = 900; +enum OBJ_id_aes192_wrap_pad = "OBJ_aes,28L"; + +enum SN_aes_256_ecb = "AES-256-ECB"; +enum LN_aes_256_ecb = "aes-256-ecb"; +enum NID_aes_256_ecb = 426; +enum OBJ_aes_256_ecb = "OBJ_aes,41L"; + +enum SN_aes_256_cbc = "AES-256-CBC"; +enum LN_aes_256_cbc = "aes-256-cbc"; +enum NID_aes_256_cbc = 427; +enum OBJ_aes_256_cbc = "OBJ_aes,42L"; + +enum SN_aes_256_ofb128 = "AES-256-OFB"; +enum LN_aes_256_ofb128 = "aes-256-ofb"; +enum NID_aes_256_ofb128 = 428; +enum OBJ_aes_256_ofb128 = "OBJ_aes,43L"; + +enum SN_aes_256_cfb128 = "AES-256-CFB"; +enum LN_aes_256_cfb128 = "aes-256-cfb"; +enum NID_aes_256_cfb128 = 429; +enum OBJ_aes_256_cfb128 = "OBJ_aes,44L"; + +enum SN_id_aes256_wrap = "id-aes256-wrap"; +enum NID_id_aes256_wrap = 790; +enum OBJ_id_aes256_wrap = "OBJ_aes,45L"; + +enum SN_aes_256_gcm = "id-aes256-GCM"; +enum LN_aes_256_gcm = "aes-256-gcm"; +enum NID_aes_256_gcm = 901; +enum OBJ_aes_256_gcm = "OBJ_aes,46L"; + +enum SN_aes_256_ccm = "id-aes256-CCM"; +enum LN_aes_256_ccm = "aes-256-ccm"; +enum NID_aes_256_ccm = 902; +enum OBJ_aes_256_ccm = "OBJ_aes,47L"; + +enum SN_id_aes256_wrap_pad = "id-aes256-wrap-pad"; +enum NID_id_aes256_wrap_pad = 903; +enum OBJ_id_aes256_wrap_pad = "OBJ_aes,48L"; + +enum SN_aes_128_cfb1 = "AES-128-CFB1"; +enum LN_aes_128_cfb1 = "aes-128-cfb1"; +enum NID_aes_128_cfb1 = 650; + +enum SN_aes_192_cfb1 = "AES-192-CFB1"; +enum LN_aes_192_cfb1 = "aes-192-cfb1"; +enum NID_aes_192_cfb1 = 651; + +enum SN_aes_256_cfb1 = "AES-256-CFB1"; +enum LN_aes_256_cfb1 = "aes-256-cfb1"; +enum NID_aes_256_cfb1 = 652; + +enum SN_aes_128_cfb8 = "AES-128-CFB8"; +enum LN_aes_128_cfb8 = "aes-128-cfb8"; +enum NID_aes_128_cfb8 = 653; + +enum SN_aes_192_cfb8 = "AES-192-CFB8"; +enum LN_aes_192_cfb8 = "aes-192-cfb8"; +enum NID_aes_192_cfb8 = 654; + +enum SN_aes_256_cfb8 = "AES-256-CFB8"; +enum LN_aes_256_cfb8 = "aes-256-cfb8"; +enum NID_aes_256_cfb8 = 655; + +enum SN_aes_128_ctr = "AES-128-CTR"; +enum LN_aes_128_ctr = "aes-128-ctr"; +enum NID_aes_128_ctr = 904; + +enum SN_aes_192_ctr = "AES-192-CTR"; +enum LN_aes_192_ctr = "aes-192-ctr"; +enum NID_aes_192_ctr = 905; + +enum SN_aes_256_ctr = "AES-256-CTR"; +enum LN_aes_256_ctr = "aes-256-ctr"; +enum NID_aes_256_ctr = 906; + +enum SN_aes_128_xts = "AES-128-XTS"; +enum LN_aes_128_xts = "aes-128-xts"; +enum NID_aes_128_xts = 913; + +enum SN_aes_256_xts = "AES-256-XTS"; +enum LN_aes_256_xts = "aes-256-xts"; +enum NID_aes_256_xts = 914; + +enum SN_des_cfb1 = "DES-CFB1"; +enum LN_des_cfb1 = "des-cfb1"; +enum NID_des_cfb1 = 656; + +enum SN_des_cfb8 = "DES-CFB8"; +enum LN_des_cfb8 = "des-cfb8"; +enum NID_des_cfb8 = 657; + +enum SN_des_ede3_cfb1 = "DES-EDE3-CFB1"; +enum LN_des_ede3_cfb1 = "des-ede3-cfb1"; +enum NID_des_ede3_cfb1 = 658; + +enum SN_des_ede3_cfb8 = "DES-EDE3-CFB8"; +enum LN_des_ede3_cfb8 = "des-ede3-cfb8"; +enum NID_des_ede3_cfb8 = 659; + +enum OBJ_nist_hashalgs = "OBJ_nistAlgorithms,2L"; + +enum SN_sha256 = "SHA256"; +enum LN_sha256 = "sha256"; +enum NID_sha256 = 672; +enum OBJ_sha256 = "OBJ_nist_hashalgs,1L"; + +enum SN_sha384 = "SHA384"; +enum LN_sha384 = "sha384"; +enum NID_sha384 = 673; +enum OBJ_sha384 = "OBJ_nist_hashalgs,2L"; + +enum SN_sha512 = "SHA512"; +enum LN_sha512 = "sha512"; +enum NID_sha512 = 674; +enum OBJ_sha512 = "OBJ_nist_hashalgs,3L"; + +enum SN_sha224 = "SHA224"; +enum LN_sha224 = "sha224"; +enum NID_sha224 = 675; +enum OBJ_sha224 = "OBJ_nist_hashalgs,4L"; + +enum OBJ_dsa_with_sha2 = "OBJ_nistAlgorithms,3L"; + +enum SN_dsa_with_SHA224 = "dsa_with_SHA224"; +enum NID_dsa_with_SHA224 = 802; +enum OBJ_dsa_with_SHA224 = "OBJ_dsa_with_sha2,1L"; + +enum SN_dsa_with_SHA256 = "dsa_with_SHA256"; +enum NID_dsa_with_SHA256 = 803; +enum OBJ_dsa_with_SHA256 = "OBJ_dsa_with_sha2,2L"; + +enum SN_hold_instruction_code = "holdInstructionCode"; +enum LN_hold_instruction_code = "Hold Instruction Code"; +enum NID_hold_instruction_code = 430; +enum OBJ_hold_instruction_code = "OBJ_id_ce,23L"; + +enum OBJ_holdInstruction = "OBJ_X9_57,2L"; + +enum SN_hold_instruction_none = "holdInstructionNone"; +enum LN_hold_instruction_none = "Hold Instruction None"; +enum NID_hold_instruction_none = 431; +enum OBJ_hold_instruction_none = "OBJ_holdInstruction,1L"; + +enum SN_hold_instruction_call_issuer = "holdInstructionCallIssuer"; +enum LN_hold_instruction_call_issuer = "Hold Instruction Call Issuer"; +enum NID_hold_instruction_call_issuer = 432; +enum OBJ_hold_instruction_call_issuer = "OBJ_holdInstruction,2L"; + +enum SN_hold_instruction_reject = "holdInstructionReject"; +enum LN_hold_instruction_reject = "Hold Instruction Reject"; +enum NID_hold_instruction_reject = 433; +enum OBJ_hold_instruction_reject = "OBJ_holdInstruction,3L"; + +enum SN_data = "data"; +enum NID_data = 434; +enum OBJ_data = "OBJ_itu_t,9L"; + +enum SN_pss = "pss"; +enum NID_pss = 435; +enum OBJ_pss = "OBJ_data,2342L"; + +enum SN_ucl = "ucl"; +enum NID_ucl = 436; +enum OBJ_ucl = "OBJ_pss,19200300L"; + +enum SN_pilot = "pilot"; +enum NID_pilot = 437; +enum OBJ_pilot = "OBJ_ucl,100L"; + +enum LN_pilotAttributeType = "pilotAttributeType"; +enum NID_pilotAttributeType = 438; +enum OBJ_pilotAttributeType = "OBJ_pilot,1L"; + +enum LN_pilotAttributeSyntax = "pilotAttributeSyntax"; +enum NID_pilotAttributeSyntax = 439; +enum OBJ_pilotAttributeSyntax = "OBJ_pilot,3L"; + +enum LN_pilotObjectClass = "pilotObjectClass"; +enum NID_pilotObjectClass = 440; +enum OBJ_pilotObjectClass = "OBJ_pilot,4L"; + +enum LN_pilotGroups = "pilotGroups"; +enum NID_pilotGroups = 441; +enum OBJ_pilotGroups = "OBJ_pilot,10L"; + +enum LN_iA5StringSyntax = "iA5StringSyntax"; +enum NID_iA5StringSyntax = 442; +enum OBJ_iA5StringSyntax = "OBJ_pilotAttributeSyntax,4L"; + +enum LN_caseIgnoreIA5StringSyntax = "caseIgnoreIA5StringSyntax"; +enum NID_caseIgnoreIA5StringSyntax = 443; +enum OBJ_caseIgnoreIA5StringSyntax = "OBJ_pilotAttributeSyntax,5L"; + +enum LN_pilotObject = "pilotObject"; +enum NID_pilotObject = 444; +enum OBJ_pilotObject = "OBJ_pilotObjectClass,3L"; + +enum LN_pilotPerson = "pilotPerson"; +enum NID_pilotPerson = 445; +enum OBJ_pilotPerson = "OBJ_pilotObjectClass,4L"; + +enum SN_account = "account"; +enum NID_account = 446; +enum OBJ_account = "OBJ_pilotObjectClass,5L"; + +enum SN_document = "document"; +enum NID_document = 447; +enum OBJ_document = "OBJ_pilotObjectClass,6L"; + +enum SN_room = "room"; +enum NID_room = 448; +enum OBJ_room = "OBJ_pilotObjectClass,7L"; + +enum LN_documentSeries = "documentSeries"; +enum NID_documentSeries = 449; +enum OBJ_documentSeries = "OBJ_pilotObjectClass,9L"; + +enum SN_Domain = "domain"; +enum LN_Domain = "Domain"; +enum NID_Domain = 392; +enum OBJ_Domain = "OBJ_pilotObjectClass,13L"; + +enum LN_rFC822localPart = "rFC822localPart"; +enum NID_rFC822localPart = 450; +enum OBJ_rFC822localPart = "OBJ_pilotObjectClass,14L"; + +enum LN_dNSDomain = "dNSDomain"; +enum NID_dNSDomain = 451; +enum OBJ_dNSDomain = "OBJ_pilotObjectClass,15L"; + +enum LN_domainRelatedObject = "domainRelatedObject"; +enum NID_domainRelatedObject = 452; +enum OBJ_domainRelatedObject = "OBJ_pilotObjectClass,17L"; + +enum LN_friendlyCountry = "friendlyCountry"; +enum NID_friendlyCountry = 453; +enum OBJ_friendlyCountry = "OBJ_pilotObjectClass,18L"; + +enum LN_simpleSecurityObject = "simpleSecurityObject"; +enum NID_simpleSecurityObject = 454; +enum OBJ_simpleSecurityObject = "OBJ_pilotObjectClass,19L"; + +enum LN_pilotOrganization = "pilotOrganization"; +enum NID_pilotOrganization = 455; +enum OBJ_pilotOrganization = "OBJ_pilotObjectClass,20L"; + +enum LN_pilotDSA = "pilotDSA"; +enum NID_pilotDSA = 456; +enum OBJ_pilotDSA = "OBJ_pilotObjectClass,21L"; + +enum LN_qualityLabelledData = "qualityLabelledData"; +enum NID_qualityLabelledData = 457; +enum OBJ_qualityLabelledData = "OBJ_pilotObjectClass,22L"; + +enum SN_userId = "UID"; +enum LN_userId = "userId"; +enum NID_userId = 458; +enum OBJ_userId = "OBJ_pilotAttributeType,1L"; + +enum LN_textEncodedORAddress = "textEncodedORAddress"; +enum NID_textEncodedORAddress = 459; +enum OBJ_textEncodedORAddress = "OBJ_pilotAttributeType,2L"; + +enum SN_rfc822Mailbox = "mail"; +enum LN_rfc822Mailbox = "rfc822Mailbox"; +enum NID_rfc822Mailbox = 460; +enum OBJ_rfc822Mailbox = "OBJ_pilotAttributeType,3L"; + +enum SN_info = "info"; +enum NID_info = 461; +enum OBJ_info = "OBJ_pilotAttributeType,4L"; + +enum LN_favouriteDrink = "favouriteDrink"; +enum NID_favouriteDrink = 462; +enum OBJ_favouriteDrink = "OBJ_pilotAttributeType,5L"; + +enum LN_roomNumber = "roomNumber"; +enum NID_roomNumber = 463; +enum OBJ_roomNumber = "OBJ_pilotAttributeType,6L"; + +enum SN_photo = "photo"; +enum NID_photo = 464; +enum OBJ_photo = "OBJ_pilotAttributeType,7L"; + +enum LN_userClass = "userClass"; +enum NID_userClass = 465; +enum OBJ_userClass = "OBJ_pilotAttributeType,8L"; + +enum SN_host = "host"; +enum NID_host = 466; +enum OBJ_host = "OBJ_pilotAttributeType,9L"; + +enum SN_manager = "manager"; +enum NID_manager = 467; +enum OBJ_manager = "OBJ_pilotAttributeType,10L"; + +enum LN_documentIdentifier = "documentIdentifier"; +enum NID_documentIdentifier = 468; +enum OBJ_documentIdentifier = "OBJ_pilotAttributeType,11L"; + +enum LN_documentTitle = "documentTitle"; +enum NID_documentTitle = 469; +enum OBJ_documentTitle = "OBJ_pilotAttributeType,12L"; + +enum LN_documentVersion = "documentVersion"; +enum NID_documentVersion = 470; +enum OBJ_documentVersion = "OBJ_pilotAttributeType,13L"; + +enum LN_documentAuthor = "documentAuthor"; +enum NID_documentAuthor = 471; +enum OBJ_documentAuthor = "OBJ_pilotAttributeType,14L"; + +enum LN_documentLocation = "documentLocation"; +enum NID_documentLocation = 472; +enum OBJ_documentLocation = "OBJ_pilotAttributeType,15L"; + +enum LN_homeTelephoneNumber = "homeTelephoneNumber"; +enum NID_homeTelephoneNumber = 473; +enum OBJ_homeTelephoneNumber = "OBJ_pilotAttributeType,20L"; + +enum SN_secretary = "secretary"; +enum NID_secretary = 474; +enum OBJ_secretary = "OBJ_pilotAttributeType,21L"; + +enum LN_otherMailbox = "otherMailbox"; +enum NID_otherMailbox = 475; +enum OBJ_otherMailbox = "OBJ_pilotAttributeType,22L"; + +enum LN_lastModifiedTime = "lastModifiedTime"; +enum NID_lastModifiedTime = 476; +enum OBJ_lastModifiedTime = "OBJ_pilotAttributeType,23L"; + +enum LN_lastModifiedBy = "lastModifiedBy"; +enum NID_lastModifiedBy = 477; +enum OBJ_lastModifiedBy = "OBJ_pilotAttributeType,24L"; + +enum SN_domainComponent = "DC"; +enum LN_domainComponent = "domainComponent"; +enum NID_domainComponent = 391; +enum OBJ_domainComponent = "OBJ_pilotAttributeType,25L"; + +enum LN_aRecord = "aRecord"; +enum NID_aRecord = 478; +enum OBJ_aRecord = "OBJ_pilotAttributeType,26L"; + +enum LN_pilotAttributeType27 = "pilotAttributeType27"; +enum NID_pilotAttributeType27 = 479; +enum OBJ_pilotAttributeType27 = "OBJ_pilotAttributeType,27L"; + +enum LN_mXRecord = "mXRecord"; +enum NID_mXRecord = 480; +enum OBJ_mXRecord = "OBJ_pilotAttributeType,28L"; + +enum LN_nSRecord = "nSRecord"; +enum NID_nSRecord = 481; +enum OBJ_nSRecord = "OBJ_pilotAttributeType,29L"; + +enum LN_sOARecord = "sOARecord"; +enum NID_sOARecord = 482; +enum OBJ_sOARecord = "OBJ_pilotAttributeType,30L"; + +enum LN_cNAMERecord = "cNAMERecord"; +enum NID_cNAMERecord = 483; +enum OBJ_cNAMERecord = "OBJ_pilotAttributeType,31L"; + +enum LN_associatedDomain = "associatedDomain"; +enum NID_associatedDomain = 484; +enum OBJ_associatedDomain = "OBJ_pilotAttributeType,37L"; + +enum LN_associatedName = "associatedName"; +enum NID_associatedName = 485; +enum OBJ_associatedName = "OBJ_pilotAttributeType,38L"; + +enum LN_homePostalAddress = "homePostalAddress"; +enum NID_homePostalAddress = 486; +enum OBJ_homePostalAddress = "OBJ_pilotAttributeType,39L"; + +enum LN_personalTitle = "personalTitle"; +enum NID_personalTitle = 487; +enum OBJ_personalTitle = "OBJ_pilotAttributeType,40L"; + +enum LN_mobileTelephoneNumber = "mobileTelephoneNumber"; +enum NID_mobileTelephoneNumber = 488; +enum OBJ_mobileTelephoneNumber = "OBJ_pilotAttributeType,41L"; + +enum LN_pagerTelephoneNumber = "pagerTelephoneNumber"; +enum NID_pagerTelephoneNumber = 489; +enum OBJ_pagerTelephoneNumber = "OBJ_pilotAttributeType,42L"; + +enum LN_friendlyCountryName = "friendlyCountryName"; +enum NID_friendlyCountryName = 490; +enum OBJ_friendlyCountryName = "OBJ_pilotAttributeType,43L"; + +enum LN_organizationalStatus = "organizationalStatus"; +enum NID_organizationalStatus = 491; +enum OBJ_organizationalStatus = "OBJ_pilotAttributeType,45L"; + +enum LN_janetMailbox = "janetMailbox"; +enum NID_janetMailbox = 492; +enum OBJ_janetMailbox = "OBJ_pilotAttributeType,46L"; + +enum LN_mailPreferenceOption = "mailPreferenceOption"; +enum NID_mailPreferenceOption = 493; +enum OBJ_mailPreferenceOption = "OBJ_pilotAttributeType,47L"; + +enum LN_buildingName = "buildingName"; +enum NID_buildingName = 494; +enum OBJ_buildingName = "OBJ_pilotAttributeType,48L"; + +enum LN_dSAQuality = "dSAQuality"; +enum NID_dSAQuality = 495; +enum OBJ_dSAQuality = "OBJ_pilotAttributeType,49L"; + +enum LN_singleLevelQuality = "singleLevelQuality"; +enum NID_singleLevelQuality = 496; +enum OBJ_singleLevelQuality = "OBJ_pilotAttributeType,50L"; + +enum LN_subtreeMinimumQuality = "subtreeMinimumQuality"; +enum NID_subtreeMinimumQuality = 497; +enum OBJ_subtreeMinimumQuality = "OBJ_pilotAttributeType,51L"; + +enum LN_subtreeMaximumQuality = "subtreeMaximumQuality"; +enum NID_subtreeMaximumQuality = 498; +enum OBJ_subtreeMaximumQuality = "OBJ_pilotAttributeType,52L"; + +enum LN_personalSignature = "personalSignature"; +enum NID_personalSignature = 499; +enum OBJ_personalSignature = "OBJ_pilotAttributeType,53L"; + +enum LN_dITRedirect = "dITRedirect"; +enum NID_dITRedirect = 500; +enum OBJ_dITRedirect = "OBJ_pilotAttributeType,54L"; + +enum SN_audio = "audio"; +enum NID_audio = 501; +enum OBJ_audio = "OBJ_pilotAttributeType,55L"; + +enum LN_documentPublisher = "documentPublisher"; +enum NID_documentPublisher = 502; +enum OBJ_documentPublisher = "OBJ_pilotAttributeType,56L"; + +enum SN_id_set = "id-set"; +enum LN_id_set = "Secure Electronic Transactions"; +enum NID_id_set = 512; +enum OBJ_id_set = "OBJ_international_organizations,42L"; + +enum SN_set_ctype = "set-ctype"; +enum LN_set_ctype = "content types"; +enum NID_set_ctype = 513; +enum OBJ_set_ctype = "OBJ_id_set,0L"; + +enum SN_set_msgExt = "set-msgExt"; +enum LN_set_msgExt = "message extensions"; +enum NID_set_msgExt = 514; +enum OBJ_set_msgExt = "OBJ_id_set,1L"; + +enum SN_set_attr = "set-attr"; +enum NID_set_attr = 515; +enum OBJ_set_attr = "OBJ_id_set,3L"; + +enum SN_set_policy = "set-policy"; +enum NID_set_policy = 516; +enum OBJ_set_policy = "OBJ_id_set,5L"; + +enum SN_set_certExt = "set-certExt"; +enum LN_set_certExt = "certificate extensions"; +enum NID_set_certExt = 517; +enum OBJ_set_certExt = "OBJ_id_set,7L"; + +enum SN_set_brand = "set-brand"; +enum NID_set_brand = 518; +enum OBJ_set_brand = "OBJ_id_set,8L"; + +enum SN_setct_PANData = "setct-PANData"; +enum NID_setct_PANData = 519; +enum OBJ_setct_PANData = "OBJ_set_ctype,0L"; + +enum SN_setct_PANToken = "setct-PANToken"; +enum NID_setct_PANToken = 520; +enum OBJ_setct_PANToken = "OBJ_set_ctype,1L"; + +enum SN_setct_PANOnly = "setct-PANOnly"; +enum NID_setct_PANOnly = 521; +enum OBJ_setct_PANOnly = "OBJ_set_ctype,2L"; + +enum SN_setct_OIData = "setct-OIData"; +enum NID_setct_OIData = 522; +enum OBJ_setct_OIData = "OBJ_set_ctype,3L"; + +enum SN_setct_PI = "setct-PI"; +enum NID_setct_PI = 523; +enum OBJ_setct_PI = "OBJ_set_ctype,4L"; + +enum SN_setct_PIData = "setct-PIData"; +enum NID_setct_PIData = 524; +enum OBJ_setct_PIData = "OBJ_set_ctype,5L"; + +enum SN_setct_PIDataUnsigned = "setct-PIDataUnsigned"; +enum NID_setct_PIDataUnsigned = 525; +enum OBJ_setct_PIDataUnsigned = "OBJ_set_ctype,6L"; + +enum SN_setct_HODInput = "setct-HODInput"; +enum NID_setct_HODInput = 526; +enum OBJ_setct_HODInput = "OBJ_set_ctype,7L"; + +enum SN_setct_AuthResBaggage = "setct-AuthResBaggage"; +enum NID_setct_AuthResBaggage = 527; +enum OBJ_setct_AuthResBaggage = "OBJ_set_ctype,8L"; + +enum SN_setct_AuthRevReqBaggage = "setct-AuthRevReqBaggage"; +enum NID_setct_AuthRevReqBaggage = 528; +enum OBJ_setct_AuthRevReqBaggage = "OBJ_set_ctype,9L"; + +enum SN_setct_AuthRevResBaggage = "setct-AuthRevResBaggage"; +enum NID_setct_AuthRevResBaggage = 529; +enum OBJ_setct_AuthRevResBaggage = "OBJ_set_ctype,10L"; + +enum SN_setct_CapTokenSeq = "setct-CapTokenSeq"; +enum NID_setct_CapTokenSeq = 530; +enum OBJ_setct_CapTokenSeq = "OBJ_set_ctype,11L"; + +enum SN_setct_PInitResData = "setct-PInitResData"; +enum NID_setct_PInitResData = 531; +enum OBJ_setct_PInitResData = "OBJ_set_ctype,12L"; + +enum SN_setct_PI_TBS = "setct-PI-TBS"; +enum NID_setct_PI_TBS = 532; +enum OBJ_setct_PI_TBS = "OBJ_set_ctype,13L"; + +enum SN_setct_PResData = "setct-PResData"; +enum NID_setct_PResData = 533; +enum OBJ_setct_PResData = "OBJ_set_ctype,14L"; + +enum SN_setct_AuthReqTBS = "setct-AuthReqTBS"; +enum NID_setct_AuthReqTBS = 534; +enum OBJ_setct_AuthReqTBS = "OBJ_set_ctype,16L"; + +enum SN_setct_AuthResTBS = "setct-AuthResTBS"; +enum NID_setct_AuthResTBS = 535; +enum OBJ_setct_AuthResTBS = "OBJ_set_ctype,17L"; + +enum SN_setct_AuthResTBSX = "setct-AuthResTBSX"; +enum NID_setct_AuthResTBSX = 536; +enum OBJ_setct_AuthResTBSX = "OBJ_set_ctype,18L"; + +enum SN_setct_AuthTokenTBS = "setct-AuthTokenTBS"; +enum NID_setct_AuthTokenTBS = 537; +enum OBJ_setct_AuthTokenTBS = "OBJ_set_ctype,19L"; + +enum SN_setct_CapTokenData = "setct-CapTokenData"; +enum NID_setct_CapTokenData = 538; +enum OBJ_setct_CapTokenData = "OBJ_set_ctype,20L"; + +enum SN_setct_CapTokenTBS = "setct-CapTokenTBS"; +enum NID_setct_CapTokenTBS = 539; +enum OBJ_setct_CapTokenTBS = "OBJ_set_ctype,21L"; + +enum SN_setct_AcqCardCodeMsg = "setct-AcqCardCodeMsg"; +enum NID_setct_AcqCardCodeMsg = 540; +enum OBJ_setct_AcqCardCodeMsg = "OBJ_set_ctype,22L"; + +enum SN_setct_AuthRevReqTBS = "setct-AuthRevReqTBS"; +enum NID_setct_AuthRevReqTBS = 541; +enum OBJ_setct_AuthRevReqTBS = "OBJ_set_ctype,23L"; + +enum SN_setct_AuthRevResData = "setct-AuthRevResData"; +enum NID_setct_AuthRevResData = 542; +enum OBJ_setct_AuthRevResData = "OBJ_set_ctype,24L"; + +enum SN_setct_AuthRevResTBS = "setct-AuthRevResTBS"; +enum NID_setct_AuthRevResTBS = 543; +enum OBJ_setct_AuthRevResTBS = "OBJ_set_ctype,25L"; + +enum SN_setct_CapReqTBS = "setct-CapReqTBS"; +enum NID_setct_CapReqTBS = 544; +enum OBJ_setct_CapReqTBS = "OBJ_set_ctype,26L"; + +enum SN_setct_CapReqTBSX = "setct-CapReqTBSX"; +enum NID_setct_CapReqTBSX = 545; +enum OBJ_setct_CapReqTBSX = "OBJ_set_ctype,27L"; + +enum SN_setct_CapResData = "setct-CapResData"; +enum NID_setct_CapResData = 546; +enum OBJ_setct_CapResData = "OBJ_set_ctype,28L"; + +enum SN_setct_CapRevReqTBS = "setct-CapRevReqTBS"; +enum NID_setct_CapRevReqTBS = 547; +enum OBJ_setct_CapRevReqTBS = "OBJ_set_ctype,29L"; + +enum SN_setct_CapRevReqTBSX = "setct-CapRevReqTBSX"; +enum NID_setct_CapRevReqTBSX = 548; +enum OBJ_setct_CapRevReqTBSX = "OBJ_set_ctype,30L"; + +enum SN_setct_CapRevResData = "setct-CapRevResData"; +enum NID_setct_CapRevResData = 549; +enum OBJ_setct_CapRevResData = "OBJ_set_ctype,31L"; + +enum SN_setct_CredReqTBS = "setct-CredReqTBS"; +enum NID_setct_CredReqTBS = 550; +enum OBJ_setct_CredReqTBS = "OBJ_set_ctype,32L"; + +enum SN_setct_CredReqTBSX = "setct-CredReqTBSX"; +enum NID_setct_CredReqTBSX = 551; +enum OBJ_setct_CredReqTBSX = "OBJ_set_ctype,33L"; + +enum SN_setct_CredResData = "setct-CredResData"; +enum NID_setct_CredResData = 552; +enum OBJ_setct_CredResData = "OBJ_set_ctype,34L"; + +enum SN_setct_CredRevReqTBS = "setct-CredRevReqTBS"; +enum NID_setct_CredRevReqTBS = 553; +enum OBJ_setct_CredRevReqTBS = "OBJ_set_ctype,35L"; + +enum SN_setct_CredRevReqTBSX = "setct-CredRevReqTBSX"; +enum NID_setct_CredRevReqTBSX = 554; +enum OBJ_setct_CredRevReqTBSX = "OBJ_set_ctype,36L"; + +enum SN_setct_CredRevResData = "setct-CredRevResData"; +enum NID_setct_CredRevResData = 555; +enum OBJ_setct_CredRevResData = "OBJ_set_ctype,37L"; + +enum SN_setct_PCertReqData = "setct-PCertReqData"; +enum NID_setct_PCertReqData = 556; +enum OBJ_setct_PCertReqData = "OBJ_set_ctype,38L"; + +enum SN_setct_PCertResTBS = "setct-PCertResTBS"; +enum NID_setct_PCertResTBS = 557; +enum OBJ_setct_PCertResTBS = "OBJ_set_ctype,39L"; + +enum SN_setct_BatchAdminReqData = "setct-BatchAdminReqData"; +enum NID_setct_BatchAdminReqData = 558; +enum OBJ_setct_BatchAdminReqData = "OBJ_set_ctype,40L"; + +enum SN_setct_BatchAdminResData = "setct-BatchAdminResData"; +enum NID_setct_BatchAdminResData = 559; +enum OBJ_setct_BatchAdminResData = "OBJ_set_ctype,41L"; + +enum SN_setct_CardCInitResTBS = "setct-CardCInitResTBS"; +enum NID_setct_CardCInitResTBS = 560; +enum OBJ_setct_CardCInitResTBS = "OBJ_set_ctype,42L"; + +enum SN_setct_MeAqCInitResTBS = "setct-MeAqCInitResTBS"; +enum NID_setct_MeAqCInitResTBS = 561; +enum OBJ_setct_MeAqCInitResTBS = "OBJ_set_ctype,43L"; + +enum SN_setct_RegFormResTBS = "setct-RegFormResTBS"; +enum NID_setct_RegFormResTBS = 562; +enum OBJ_setct_RegFormResTBS = "OBJ_set_ctype,44L"; + +enum SN_setct_CertReqData = "setct-CertReqData"; +enum NID_setct_CertReqData = 563; +enum OBJ_setct_CertReqData = "OBJ_set_ctype,45L"; + +enum SN_setct_CertReqTBS = "setct-CertReqTBS"; +enum NID_setct_CertReqTBS = 564; +enum OBJ_setct_CertReqTBS = "OBJ_set_ctype,46L"; + +enum SN_setct_CertResData = "setct-CertResData"; +enum NID_setct_CertResData = 565; +enum OBJ_setct_CertResData = "OBJ_set_ctype,47L"; + +enum SN_setct_CertInqReqTBS = "setct-CertInqReqTBS"; +enum NID_setct_CertInqReqTBS = 566; +enum OBJ_setct_CertInqReqTBS = "OBJ_set_ctype,48L"; + +enum SN_setct_ErrorTBS = "setct-ErrorTBS"; +enum NID_setct_ErrorTBS = 567; +enum OBJ_setct_ErrorTBS = "OBJ_set_ctype,49L"; + +enum SN_setct_PIDualSignedTBE = "setct-PIDualSignedTBE"; +enum NID_setct_PIDualSignedTBE = 568; +enum OBJ_setct_PIDualSignedTBE = "OBJ_set_ctype,50L"; + +enum SN_setct_PIUnsignedTBE = "setct-PIUnsignedTBE"; +enum NID_setct_PIUnsignedTBE = 569; +enum OBJ_setct_PIUnsignedTBE = "OBJ_set_ctype,51L"; + +enum SN_setct_AuthReqTBE = "setct-AuthReqTBE"; +enum NID_setct_AuthReqTBE = 570; +enum OBJ_setct_AuthReqTBE = "OBJ_set_ctype,52L"; + +enum SN_setct_AuthResTBE = "setct-AuthResTBE"; +enum NID_setct_AuthResTBE = 571; +enum OBJ_setct_AuthResTBE = "OBJ_set_ctype,53L"; + +enum SN_setct_AuthResTBEX = "setct-AuthResTBEX"; +enum NID_setct_AuthResTBEX = 572; +enum OBJ_setct_AuthResTBEX = "OBJ_set_ctype,54L"; + +enum SN_setct_AuthTokenTBE = "setct-AuthTokenTBE"; +enum NID_setct_AuthTokenTBE = 573; +enum OBJ_setct_AuthTokenTBE = "OBJ_set_ctype,55L"; + +enum SN_setct_CapTokenTBE = "setct-CapTokenTBE"; +enum NID_setct_CapTokenTBE = 574; +enum OBJ_setct_CapTokenTBE = "OBJ_set_ctype,56L"; + +enum SN_setct_CapTokenTBEX = "setct-CapTokenTBEX"; +enum NID_setct_CapTokenTBEX = 575; +enum OBJ_setct_CapTokenTBEX = "OBJ_set_ctype,57L"; + +enum SN_setct_AcqCardCodeMsgTBE = "setct-AcqCardCodeMsgTBE"; +enum NID_setct_AcqCardCodeMsgTBE = 576; +enum OBJ_setct_AcqCardCodeMsgTBE = "OBJ_set_ctype,58L"; + +enum SN_setct_AuthRevReqTBE = "setct-AuthRevReqTBE"; +enum NID_setct_AuthRevReqTBE = 577; +enum OBJ_setct_AuthRevReqTBE = "OBJ_set_ctype,59L"; + +enum SN_setct_AuthRevResTBE = "setct-AuthRevResTBE"; +enum NID_setct_AuthRevResTBE = 578; +enum OBJ_setct_AuthRevResTBE = "OBJ_set_ctype,60L"; + +enum SN_setct_AuthRevResTBEB = "setct-AuthRevResTBEB"; +enum NID_setct_AuthRevResTBEB = 579; +enum OBJ_setct_AuthRevResTBEB = "OBJ_set_ctype,61L"; + +enum SN_setct_CapReqTBE = "setct-CapReqTBE"; +enum NID_setct_CapReqTBE = 580; +enum OBJ_setct_CapReqTBE = "OBJ_set_ctype,62L"; + +enum SN_setct_CapReqTBEX = "setct-CapReqTBEX"; +enum NID_setct_CapReqTBEX = 581; +enum OBJ_setct_CapReqTBEX = "OBJ_set_ctype,63L"; + +enum SN_setct_CapResTBE = "setct-CapResTBE"; +enum NID_setct_CapResTBE = 582; +enum OBJ_setct_CapResTBE = "OBJ_set_ctype,64L"; + +enum SN_setct_CapRevReqTBE = "setct-CapRevReqTBE"; +enum NID_setct_CapRevReqTBE = 583; +enum OBJ_setct_CapRevReqTBE = "OBJ_set_ctype,65L"; + +enum SN_setct_CapRevReqTBEX = "setct-CapRevReqTBEX"; +enum NID_setct_CapRevReqTBEX = 584; +enum OBJ_setct_CapRevReqTBEX = "OBJ_set_ctype,66L"; + +enum SN_setct_CapRevResTBE = "setct-CapRevResTBE"; +enum NID_setct_CapRevResTBE = 585; +enum OBJ_setct_CapRevResTBE = "OBJ_set_ctype,67L"; + +enum SN_setct_CredReqTBE = "setct-CredReqTBE"; +enum NID_setct_CredReqTBE = 586; +enum OBJ_setct_CredReqTBE = "OBJ_set_ctype,68L"; + +enum SN_setct_CredReqTBEX = "setct-CredReqTBEX"; +enum NID_setct_CredReqTBEX = 587; +enum OBJ_setct_CredReqTBEX = "OBJ_set_ctype,69L"; + +enum SN_setct_CredResTBE = "setct-CredResTBE"; +enum NID_setct_CredResTBE = 588; +enum OBJ_setct_CredResTBE = "OBJ_set_ctype,70L"; + +enum SN_setct_CredRevReqTBE = "setct-CredRevReqTBE"; +enum NID_setct_CredRevReqTBE = 589; +enum OBJ_setct_CredRevReqTBE = "OBJ_set_ctype,71L"; + +enum SN_setct_CredRevReqTBEX = "setct-CredRevReqTBEX"; +enum NID_setct_CredRevReqTBEX = 590; +enum OBJ_setct_CredRevReqTBEX = "OBJ_set_ctype,72L"; + +enum SN_setct_CredRevResTBE = "setct-CredRevResTBE"; +enum NID_setct_CredRevResTBE = 591; +enum OBJ_setct_CredRevResTBE = "OBJ_set_ctype,73L"; + +enum SN_setct_BatchAdminReqTBE = "setct-BatchAdminReqTBE"; +enum NID_setct_BatchAdminReqTBE = 592; +enum OBJ_setct_BatchAdminReqTBE = "OBJ_set_ctype,74L"; + +enum SN_setct_BatchAdminResTBE = "setct-BatchAdminResTBE"; +enum NID_setct_BatchAdminResTBE = 593; +enum OBJ_setct_BatchAdminResTBE = "OBJ_set_ctype,75L"; + +enum SN_setct_RegFormReqTBE = "setct-RegFormReqTBE"; +enum NID_setct_RegFormReqTBE = 594; +enum OBJ_setct_RegFormReqTBE = "OBJ_set_ctype,76L"; + +enum SN_setct_CertReqTBE = "setct-CertReqTBE"; +enum NID_setct_CertReqTBE = 595; +enum OBJ_setct_CertReqTBE = "OBJ_set_ctype,77L"; + +enum SN_setct_CertReqTBEX = "setct-CertReqTBEX"; +enum NID_setct_CertReqTBEX = 596; +enum OBJ_setct_CertReqTBEX = "OBJ_set_ctype,78L"; + +enum SN_setct_CertResTBE = "setct-CertResTBE"; +enum NID_setct_CertResTBE = 597; +enum OBJ_setct_CertResTBE = "OBJ_set_ctype,79L"; + +enum SN_setct_CRLNotificationTBS = "setct-CRLNotificationTBS"; +enum NID_setct_CRLNotificationTBS = 598; +enum OBJ_setct_CRLNotificationTBS = "OBJ_set_ctype,80L"; + +enum SN_setct_CRLNotificationResTBS = "setct-CRLNotificationResTBS"; +enum NID_setct_CRLNotificationResTBS = 599; +enum OBJ_setct_CRLNotificationResTBS = "OBJ_set_ctype,81L"; + +enum SN_setct_BCIDistributionTBS = "setct-BCIDistributionTBS"; +enum NID_setct_BCIDistributionTBS = 600; +enum OBJ_setct_BCIDistributionTBS = "OBJ_set_ctype,82L"; + +enum SN_setext_genCrypt = "setext-genCrypt"; +enum LN_setext_genCrypt = "generic cryptogram"; +enum NID_setext_genCrypt = 601; +enum OBJ_setext_genCrypt = "OBJ_set_msgExt,1L"; + +enum SN_setext_miAuth = "setext-miAuth"; +enum LN_setext_miAuth = "merchant initiated auth"; +enum NID_setext_miAuth = 602; +enum OBJ_setext_miAuth = "OBJ_set_msgExt,3L"; + +enum SN_setext_pinSecure = "setext-pinSecure"; +enum NID_setext_pinSecure = 603; +enum OBJ_setext_pinSecure = "OBJ_set_msgExt,4L"; + +enum SN_setext_pinAny = "setext-pinAny"; +enum NID_setext_pinAny = 604; +enum OBJ_setext_pinAny = "OBJ_set_msgExt,5L"; + +enum SN_setext_track2 = "setext-track2"; +enum NID_setext_track2 = 605; +enum OBJ_setext_track2 = "OBJ_set_msgExt,7L"; + +enum SN_setext_cv = "setext-cv"; +enum LN_setext_cv = "additional verification"; +enum NID_setext_cv = 606; +enum OBJ_setext_cv = "OBJ_set_msgExt,8L"; + +enum SN_set_policy_root = "set-policy-root"; +enum NID_set_policy_root = 607; +enum OBJ_set_policy_root = "OBJ_set_policy,0L"; + +enum SN_setCext_hashedRoot = "setCext-hashedRoot"; +enum NID_setCext_hashedRoot = 608; +enum OBJ_setCext_hashedRoot = "OBJ_set_certExt,0L"; + +enum SN_setCext_certType = "setCext-certType"; +enum NID_setCext_certType = 609; +enum OBJ_setCext_certType = "OBJ_set_certExt,1L"; + +enum SN_setCext_merchData = "setCext-merchData"; +enum NID_setCext_merchData = 610; +enum OBJ_setCext_merchData = "OBJ_set_certExt,2L"; + +enum SN_setCext_cCertRequired = "setCext-cCertRequired"; +enum NID_setCext_cCertRequired = 611; +enum OBJ_setCext_cCertRequired = "OBJ_set_certExt,3L"; + +enum SN_setCext_tunneling = "setCext-tunneling"; +enum NID_setCext_tunneling = 612; +enum OBJ_setCext_tunneling = "OBJ_set_certExt,4L"; + +enum SN_setCext_setExt = "setCext-setExt"; +enum NID_setCext_setExt = 613; +enum OBJ_setCext_setExt = "OBJ_set_certExt,5L"; + +enum SN_setCext_setQualf = "setCext-setQualf"; +enum NID_setCext_setQualf = 614; +enum OBJ_setCext_setQualf = "OBJ_set_certExt,6L"; + +enum SN_setCext_PGWYcapabilities = "setCext-PGWYcapabilities"; +enum NID_setCext_PGWYcapabilities = 615; +enum OBJ_setCext_PGWYcapabilities = "OBJ_set_certExt,7L"; + +enum SN_setCext_TokenIdentifier = "setCext-TokenIdentifier"; +enum NID_setCext_TokenIdentifier = 616; +enum OBJ_setCext_TokenIdentifier = "OBJ_set_certExt,8L"; + +enum SN_setCext_Track2Data = "setCext-Track2Data"; +enum NID_setCext_Track2Data = 617; +enum OBJ_setCext_Track2Data = "OBJ_set_certExt,9L"; + +enum SN_setCext_TokenType = "setCext-TokenType"; +enum NID_setCext_TokenType = 618; +enum OBJ_setCext_TokenType = "OBJ_set_certExt,10L"; + +enum SN_setCext_IssuerCapabilities = "setCext-IssuerCapabilities"; +enum NID_setCext_IssuerCapabilities = 619; +enum OBJ_setCext_IssuerCapabilities = "OBJ_set_certExt,11L"; + +enum SN_setAttr_Cert = "setAttr-Cert"; +enum NID_setAttr_Cert = 620; +enum OBJ_setAttr_Cert = "OBJ_set_attr,0L"; + +enum SN_setAttr_PGWYcap = "setAttr-PGWYcap"; +enum LN_setAttr_PGWYcap = "payment gateway capabilities"; +enum NID_setAttr_PGWYcap = 621; +enum OBJ_setAttr_PGWYcap = "OBJ_set_attr,1L"; + +enum SN_setAttr_TokenType = "setAttr-TokenType"; +enum NID_setAttr_TokenType = 622; +enum OBJ_setAttr_TokenType = "OBJ_set_attr,2L"; + +enum SN_setAttr_IssCap = "setAttr-IssCap"; +enum LN_setAttr_IssCap = "issuer capabilities"; +enum NID_setAttr_IssCap = 623; +enum OBJ_setAttr_IssCap = "OBJ_set_attr,3L"; + +enum SN_set_rootKeyThumb = "set-rootKeyThumb"; +enum NID_set_rootKeyThumb = 624; +enum OBJ_set_rootKeyThumb = "OBJ_setAttr_Cert,0L"; + +enum SN_set_addPolicy = "set-addPolicy"; +enum NID_set_addPolicy = 625; +enum OBJ_set_addPolicy = "OBJ_setAttr_Cert,1L"; + +enum SN_setAttr_Token_EMV = "setAttr-Token-EMV"; +enum NID_setAttr_Token_EMV = 626; +enum OBJ_setAttr_Token_EMV = "OBJ_setAttr_TokenType,1L"; + +enum SN_setAttr_Token_B0Prime = "setAttr-Token-B0Prime"; +enum NID_setAttr_Token_B0Prime = 627; +enum OBJ_setAttr_Token_B0Prime = "OBJ_setAttr_TokenType,2L"; + +enum SN_setAttr_IssCap_CVM = "setAttr-IssCap-CVM"; +enum NID_setAttr_IssCap_CVM = 628; +enum OBJ_setAttr_IssCap_CVM = "OBJ_setAttr_IssCap,3L"; + +enum SN_setAttr_IssCap_T2 = "setAttr-IssCap-T2"; +enum NID_setAttr_IssCap_T2 = 629; +enum OBJ_setAttr_IssCap_T2 = "OBJ_setAttr_IssCap,4L"; + +enum SN_setAttr_IssCap_Sig = "setAttr-IssCap-Sig"; +enum NID_setAttr_IssCap_Sig = 630; +enum OBJ_setAttr_IssCap_Sig = "OBJ_setAttr_IssCap,5L"; + +enum SN_setAttr_GenCryptgrm = "setAttr-GenCryptgrm"; +enum LN_setAttr_GenCryptgrm = "generate cryptogram"; +enum NID_setAttr_GenCryptgrm = 631; +enum OBJ_setAttr_GenCryptgrm = "OBJ_setAttr_IssCap_CVM,1L"; + +enum SN_setAttr_T2Enc = "setAttr-T2Enc"; +enum LN_setAttr_T2Enc = "encrypted track 2"; +enum NID_setAttr_T2Enc = 632; +enum OBJ_setAttr_T2Enc = "OBJ_setAttr_IssCap_T2,1L"; + +enum SN_setAttr_T2cleartxt = "setAttr-T2cleartxt"; +enum LN_setAttr_T2cleartxt = "cleartext track 2"; +enum NID_setAttr_T2cleartxt = 633; +enum OBJ_setAttr_T2cleartxt = "OBJ_setAttr_IssCap_T2,2L"; + +enum SN_setAttr_TokICCsig = "setAttr-TokICCsig"; +enum LN_setAttr_TokICCsig = "ICC or token signature"; +enum NID_setAttr_TokICCsig = 634; +enum OBJ_setAttr_TokICCsig = "OBJ_setAttr_IssCap_Sig,1L"; + +enum SN_setAttr_SecDevSig = "setAttr-SecDevSig"; +enum LN_setAttr_SecDevSig = "secure device signature"; +enum NID_setAttr_SecDevSig = 635; +enum OBJ_setAttr_SecDevSig = "OBJ_setAttr_IssCap_Sig,2L"; + +enum SN_set_brand_IATA_ATA = "set-brand-IATA-ATA"; +enum NID_set_brand_IATA_ATA = 636; +enum OBJ_set_brand_IATA_ATA = "OBJ_set_brand,1L"; + +enum SN_set_brand_Diners = "set-brand-Diners"; +enum NID_set_brand_Diners = 637; +enum OBJ_set_brand_Diners = "OBJ_set_brand,30L"; + +enum SN_set_brand_AmericanExpress = "set-brand-AmericanExpress"; +enum NID_set_brand_AmericanExpress = 638; +enum OBJ_set_brand_AmericanExpress = "OBJ_set_brand,34L"; + +enum SN_set_brand_JCB = "set-brand-JCB"; +enum NID_set_brand_JCB = 639; +enum OBJ_set_brand_JCB = "OBJ_set_brand,35L"; + +enum SN_set_brand_Visa = "set-brand-Visa"; +enum NID_set_brand_Visa = 640; +enum OBJ_set_brand_Visa = "OBJ_set_brand,4L"; + +enum SN_set_brand_MasterCard = "set-brand-MasterCard"; +enum NID_set_brand_MasterCard = 641; +enum OBJ_set_brand_MasterCard = "OBJ_set_brand,5L"; + +enum SN_set_brand_Novus = "set-brand-Novus"; +enum NID_set_brand_Novus = 642; +enum OBJ_set_brand_Novus = "OBJ_set_brand,6011L"; + +enum SN_des_cdmf = "DES-CDMF"; +enum LN_des_cdmf = "des-cdmf"; +enum NID_des_cdmf = 643; +enum OBJ_des_cdmf = "OBJ_rsadsi,3L,10L"; + +enum SN_rsaOAEPEncryptionSET = "rsaOAEPEncryptionSET"; +enum NID_rsaOAEPEncryptionSET = 644; +enum OBJ_rsaOAEPEncryptionSET = "OBJ_rsadsi,1L,1L,6L"; + +enum SN_ipsec3 = "Oakley-EC2N-3"; +enum LN_ipsec3 = "ipsec3"; +enum NID_ipsec3 = 749; + +enum SN_ipsec4 = "Oakley-EC2N-4"; +enum LN_ipsec4 = "ipsec4"; +enum NID_ipsec4 = 750; + +enum SN_whirlpool = "whirlpool"; +enum NID_whirlpool = 804; +enum OBJ_whirlpool = "OBJ_iso,0L,10118L,3L,0L,55L"; + +enum SN_cryptopro = "cryptopro"; +enum NID_cryptopro = 805; +enum OBJ_cryptopro = "OBJ_member_body,643L,2L,2L"; + +enum SN_cryptocom = "cryptocom"; +enum NID_cryptocom = 806; +enum OBJ_cryptocom = "OBJ_member_body,643L,2L,9L"; + +enum SN_id_GostR3411_94_with_GostR3410_2001 = "id-GostR3411-94-with-GostR3410-2001"; +enum LN_id_GostR3411_94_with_GostR3410_2001 = "GOST R 34.11-94 with GOST R 34.10-2001"; +enum NID_id_GostR3411_94_with_GostR3410_2001 = 807; +enum OBJ_id_GostR3411_94_with_GostR3410_2001 = "OBJ_cryptopro,3L"; + +enum SN_id_GostR3411_94_with_GostR3410_94 = "id-GostR3411-94-with-GostR3410-94"; +enum LN_id_GostR3411_94_with_GostR3410_94 = "GOST R 34.11-94 with GOST R 34.10-94"; +enum NID_id_GostR3411_94_with_GostR3410_94 = 808; +enum OBJ_id_GostR3411_94_with_GostR3410_94 = "OBJ_cryptopro,4L"; + +enum SN_id_GostR3411_94 = "md_gost94"; +enum LN_id_GostR3411_94 = "GOST R 34.11-94"; +enum NID_id_GostR3411_94 = 809; +enum OBJ_id_GostR3411_94 = "OBJ_cryptopro,9L"; + +enum SN_id_HMACGostR3411_94 = "id-HMACGostR3411-94"; +enum LN_id_HMACGostR3411_94 = "HMAC GOST 34.11-94"; +enum NID_id_HMACGostR3411_94 = 810; +enum OBJ_id_HMACGostR3411_94 = "OBJ_cryptopro,10L"; + +enum SN_id_GostR3410_2001 = "gost2001"; +enum LN_id_GostR3410_2001 = "GOST R 34.10-2001"; +enum NID_id_GostR3410_2001 = 811; +enum OBJ_id_GostR3410_2001 = "OBJ_cryptopro,19L"; + +enum SN_id_GostR3410_94 = "gost94"; +enum LN_id_GostR3410_94 = "GOST R 34.10-94"; +enum NID_id_GostR3410_94 = 812; +enum OBJ_id_GostR3410_94 = "OBJ_cryptopro,20L"; + +enum SN_id_Gost28147_89 = "gost89"; +enum LN_id_Gost28147_89 = "GOST 28147-89"; +enum NID_id_Gost28147_89 = 813; +enum OBJ_id_Gost28147_89 = "OBJ_cryptopro,21L"; + +enum SN_gost89_cnt = "gost89-cnt"; +enum NID_gost89_cnt = 814; + +enum SN_id_Gost28147_89_MAC = "gost-mac"; +enum LN_id_Gost28147_89_MAC = "GOST 28147-89 MAC"; +enum NID_id_Gost28147_89_MAC = 815; +enum OBJ_id_Gost28147_89_MAC = "OBJ_cryptopro,22L"; + +enum SN_id_GostR3411_94_prf = "prf-gostr3411-94"; +enum LN_id_GostR3411_94_prf = "GOST R 34.11-94 PRF"; +enum NID_id_GostR3411_94_prf = 816; +enum OBJ_id_GostR3411_94_prf = "OBJ_cryptopro,23L"; + +enum SN_id_GostR3410_2001DH = "id-GostR3410-2001DH"; +enum LN_id_GostR3410_2001DH = "GOST R 34.10-2001 DH"; +enum NID_id_GostR3410_2001DH = 817; +enum OBJ_id_GostR3410_2001DH = "OBJ_cryptopro,98L"; + +enum SN_id_GostR3410_94DH = "id-GostR3410-94DH"; +enum LN_id_GostR3410_94DH = "GOST R 34.10-94 DH"; +enum NID_id_GostR3410_94DH = 818; +enum OBJ_id_GostR3410_94DH = "OBJ_cryptopro,99L"; + +enum SN_id_Gost28147_89_CryptoPro_KeyMeshing = "id-Gost28147-89-CryptoPro-KeyMeshing"; +enum NID_id_Gost28147_89_CryptoPro_KeyMeshing = 819; +enum OBJ_id_Gost28147_89_CryptoPro_KeyMeshing = "OBJ_cryptopro,14L,1L"; + +enum SN_id_Gost28147_89_None_KeyMeshing = "id-Gost28147-89-None-KeyMeshing"; +enum NID_id_Gost28147_89_None_KeyMeshing = 820; +enum OBJ_id_Gost28147_89_None_KeyMeshing = "OBJ_cryptopro,14L,0L"; + +enum SN_id_GostR3411_94_TestParamSet = "id-GostR3411-94-TestParamSet"; +enum NID_id_GostR3411_94_TestParamSet = 821; +enum OBJ_id_GostR3411_94_TestParamSet = "OBJ_cryptopro,30L,0L"; + +enum SN_id_GostR3411_94_CryptoProParamSet = "id-GostR3411-94-CryptoProParamSet"; +enum NID_id_GostR3411_94_CryptoProParamSet = 822; +enum OBJ_id_GostR3411_94_CryptoProParamSet = "OBJ_cryptopro,30L,1L"; + +enum SN_id_Gost28147_89_TestParamSet = "id-Gost28147-89-TestParamSet"; +enum NID_id_Gost28147_89_TestParamSet = 823; +enum OBJ_id_Gost28147_89_TestParamSet = "OBJ_cryptopro,31L,0L"; + +enum SN_id_Gost28147_89_CryptoPro_A_ParamSet = "id-Gost28147-89-CryptoPro-A-ParamSet"; +enum NID_id_Gost28147_89_CryptoPro_A_ParamSet = 824; +enum OBJ_id_Gost28147_89_CryptoPro_A_ParamSet = "OBJ_cryptopro,31L,1L"; + +enum SN_id_Gost28147_89_CryptoPro_B_ParamSet = "id-Gost28147-89-CryptoPro-B-ParamSet"; +enum NID_id_Gost28147_89_CryptoPro_B_ParamSet = 825; +enum OBJ_id_Gost28147_89_CryptoPro_B_ParamSet = "OBJ_cryptopro,31L,2L"; + +enum SN_id_Gost28147_89_CryptoPro_C_ParamSet = "id-Gost28147-89-CryptoPro-C-ParamSet"; +enum NID_id_Gost28147_89_CryptoPro_C_ParamSet = 826; +enum OBJ_id_Gost28147_89_CryptoPro_C_ParamSet = "OBJ_cryptopro,31L,3L"; + +enum SN_id_Gost28147_89_CryptoPro_D_ParamSet = "id-Gost28147-89-CryptoPro-D-ParamSet"; +enum NID_id_Gost28147_89_CryptoPro_D_ParamSet = 827; +enum OBJ_id_Gost28147_89_CryptoPro_D_ParamSet = "OBJ_cryptopro,31L,4L"; + +enum SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet = "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet"; +enum NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet = 828; +enum OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet = "OBJ_cryptopro,31L,5L"; + +enum SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet = "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet"; +enum NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet = 829; +enum OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet = "OBJ_cryptopro,31L,6L"; + +enum SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet = "id-Gost28147-89-CryptoPro-RIC-1-ParamSet"; +enum NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet = 830; +enum OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet = "OBJ_cryptopro,31L,7L"; + +enum SN_id_GostR3410_94_TestParamSet = "id-GostR3410-94-TestParamSet"; +enum NID_id_GostR3410_94_TestParamSet = 831; +enum OBJ_id_GostR3410_94_TestParamSet = "OBJ_cryptopro,32L,0L"; + +enum SN_id_GostR3410_94_CryptoPro_A_ParamSet = "id-GostR3410-94-CryptoPro-A-ParamSet"; +enum NID_id_GostR3410_94_CryptoPro_A_ParamSet = 832; +enum OBJ_id_GostR3410_94_CryptoPro_A_ParamSet = "OBJ_cryptopro,32L,2L"; + +enum SN_id_GostR3410_94_CryptoPro_B_ParamSet = "id-GostR3410-94-CryptoPro-B-ParamSet"; +enum NID_id_GostR3410_94_CryptoPro_B_ParamSet = 833; +enum OBJ_id_GostR3410_94_CryptoPro_B_ParamSet = "OBJ_cryptopro,32L,3L"; + +enum SN_id_GostR3410_94_CryptoPro_C_ParamSet = "id-GostR3410-94-CryptoPro-C-ParamSet"; +enum NID_id_GostR3410_94_CryptoPro_C_ParamSet = 834; +enum OBJ_id_GostR3410_94_CryptoPro_C_ParamSet = "OBJ_cryptopro,32L,4L"; + +enum SN_id_GostR3410_94_CryptoPro_D_ParamSet = "id-GostR3410-94-CryptoPro-D-ParamSet"; +enum NID_id_GostR3410_94_CryptoPro_D_ParamSet = 835; +enum OBJ_id_GostR3410_94_CryptoPro_D_ParamSet = "OBJ_cryptopro,32L,5L"; + +enum SN_id_GostR3410_94_CryptoPro_XchA_ParamSet = "id-GostR3410-94-CryptoPro-XchA-ParamSet"; +enum NID_id_GostR3410_94_CryptoPro_XchA_ParamSet = 836; +enum OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet = "OBJ_cryptopro,33L,1L"; + +enum SN_id_GostR3410_94_CryptoPro_XchB_ParamSet = "id-GostR3410-94-CryptoPro-XchB-ParamSet"; +enum NID_id_GostR3410_94_CryptoPro_XchB_ParamSet = 837; +enum OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet = "OBJ_cryptopro,33L,2L"; + +enum SN_id_GostR3410_94_CryptoPro_XchC_ParamSet = "id-GostR3410-94-CryptoPro-XchC-ParamSet"; +enum NID_id_GostR3410_94_CryptoPro_XchC_ParamSet = 838; +enum OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet = "OBJ_cryptopro,33L,3L"; + +enum SN_id_GostR3410_2001_TestParamSet = "id-GostR3410-2001-TestParamSet"; +enum NID_id_GostR3410_2001_TestParamSet = 839; +enum OBJ_id_GostR3410_2001_TestParamSet = "OBJ_cryptopro,35L,0L"; + +enum SN_id_GostR3410_2001_CryptoPro_A_ParamSet = "id-GostR3410-2001-CryptoPro-A-ParamSet"; +enum NID_id_GostR3410_2001_CryptoPro_A_ParamSet = 840; +enum OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet = "OBJ_cryptopro,35L,1L"; + +enum SN_id_GostR3410_2001_CryptoPro_B_ParamSet = "id-GostR3410-2001-CryptoPro-B-ParamSet"; +enum NID_id_GostR3410_2001_CryptoPro_B_ParamSet = 841; +enum OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet = "OBJ_cryptopro,35L,2L"; + +enum SN_id_GostR3410_2001_CryptoPro_C_ParamSet = "id-GostR3410-2001-CryptoPro-C-ParamSet"; +enum NID_id_GostR3410_2001_CryptoPro_C_ParamSet = 842; +enum OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet = "OBJ_cryptopro,35L,3L"; + +enum SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet = "id-GostR3410-2001-CryptoPro-XchA-ParamSet"; +enum NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet = 843; +enum OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet = "OBJ_cryptopro,36L,0L"; + +enum SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet = "id-GostR3410-2001-CryptoPro-XchB-ParamSet"; +enum NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet = 844; +enum OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet = "OBJ_cryptopro,36L,1L"; + +enum SN_id_GostR3410_94_a = "id-GostR3410-94-a"; +enum NID_id_GostR3410_94_a = 845; +enum OBJ_id_GostR3410_94_a = "OBJ_id_GostR3410_94,1L"; + +enum SN_id_GostR3410_94_aBis = "id-GostR3410-94-aBis"; +enum NID_id_GostR3410_94_aBis = 846; +enum OBJ_id_GostR3410_94_aBis = "OBJ_id_GostR3410_94,2L"; + +enum SN_id_GostR3410_94_b = "id-GostR3410-94-b"; +enum NID_id_GostR3410_94_b = 847; +enum OBJ_id_GostR3410_94_b = "OBJ_id_GostR3410_94,3L"; + +enum SN_id_GostR3410_94_bBis = "id-GostR3410-94-bBis"; +enum NID_id_GostR3410_94_bBis = 848; +enum OBJ_id_GostR3410_94_bBis = "OBJ_id_GostR3410_94,4L"; + +enum SN_id_Gost28147_89_cc = "id-Gost28147-89-cc"; +enum LN_id_Gost28147_89_cc = "GOST 28147-89 Cryptocom ParamSet"; +enum NID_id_Gost28147_89_cc = 849; +enum OBJ_id_Gost28147_89_cc = "OBJ_cryptocom,1L,6L,1L"; + +enum SN_id_GostR3410_94_cc = "gost94cc"; +enum LN_id_GostR3410_94_cc = "GOST 34.10-94 Cryptocom"; +enum NID_id_GostR3410_94_cc = 850; +enum OBJ_id_GostR3410_94_cc = "OBJ_cryptocom,1L,5L,3L"; + +enum SN_id_GostR3410_2001_cc = "gost2001cc"; +enum LN_id_GostR3410_2001_cc = "GOST 34.10-2001 Cryptocom"; +enum NID_id_GostR3410_2001_cc = 851; +enum OBJ_id_GostR3410_2001_cc = "OBJ_cryptocom,1L,5L,4L"; + +enum SN_id_GostR3411_94_with_GostR3410_94_cc = "id-GostR3411-94-with-GostR3410-94-cc"; +enum LN_id_GostR3411_94_with_GostR3410_94_cc = "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom"; +enum NID_id_GostR3411_94_with_GostR3410_94_cc = 852; +enum OBJ_id_GostR3411_94_with_GostR3410_94_cc = "OBJ_cryptocom,1L,3L,3L"; + +enum SN_id_GostR3411_94_with_GostR3410_2001_cc = "id-GostR3411-94-with-GostR3410-2001-cc"; +enum LN_id_GostR3411_94_with_GostR3410_2001_cc = "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom"; +enum NID_id_GostR3411_94_with_GostR3410_2001_cc = 853; +enum OBJ_id_GostR3411_94_with_GostR3410_2001_cc = "OBJ_cryptocom,1L,3L,4L"; + +enum SN_id_GostR3410_2001_ParamSet_cc = "id-GostR3410-2001-ParamSet-cc"; +enum LN_id_GostR3410_2001_ParamSet_cc = "GOST R 3410-2001 Parameter Set Cryptocom"; +enum NID_id_GostR3410_2001_ParamSet_cc = 854; +enum OBJ_id_GostR3410_2001_ParamSet_cc = "OBJ_cryptocom,1L,8L,1L"; + +enum SN_camellia_128_cbc = "CAMELLIA-128-CBC"; +enum LN_camellia_128_cbc = "camellia-128-cbc"; +enum NID_camellia_128_cbc = 751; +enum OBJ_camellia_128_cbc = "1L,2L,392L,200011L,61L,1L,1L,1L,2L"; + +enum SN_camellia_192_cbc = "CAMELLIA-192-CBC"; +enum LN_camellia_192_cbc = "camellia-192-cbc"; +enum NID_camellia_192_cbc = 752; +enum OBJ_camellia_192_cbc = "1L,2L,392L,200011L,61L,1L,1L,1L,3L"; + +enum SN_camellia_256_cbc = "CAMELLIA-256-CBC"; +enum LN_camellia_256_cbc = "camellia-256-cbc"; +enum NID_camellia_256_cbc = 753; +enum OBJ_camellia_256_cbc = "1L,2L,392L,200011L,61L,1L,1L,1L,4L"; + +enum SN_id_camellia128_wrap = "id-camellia128-wrap"; +enum NID_id_camellia128_wrap = 907; +enum OBJ_id_camellia128_wrap = "1L,2L,392L,200011L,61L,1L,1L,3L,2L"; + +enum SN_id_camellia192_wrap = "id-camellia192-wrap"; +enum NID_id_camellia192_wrap = 908; +enum OBJ_id_camellia192_wrap = "1L,2L,392L,200011L,61L,1L,1L,3L,3L"; + +enum SN_id_camellia256_wrap = "id-camellia256-wrap"; +enum NID_id_camellia256_wrap = 909; +enum OBJ_id_camellia256_wrap = "1L,2L,392L,200011L,61L,1L,1L,3L,4L"; + +enum OBJ_ntt_ds = "0L,3L,4401L,5L"; + +enum OBJ_camellia = "OBJ_ntt_ds,3L,1L,9L"; + +enum SN_camellia_128_ecb = "CAMELLIA-128-ECB"; +enum LN_camellia_128_ecb = "camellia-128-ecb"; +enum NID_camellia_128_ecb = 754; +enum OBJ_camellia_128_ecb = "OBJ_camellia,1L"; + +enum SN_camellia_128_ofb128 = "CAMELLIA-128-OFB"; +enum LN_camellia_128_ofb128 = "camellia-128-ofb"; +enum NID_camellia_128_ofb128 = 766; +enum OBJ_camellia_128_ofb128 = "OBJ_camellia,3L"; + +enum SN_camellia_128_cfb128 = "CAMELLIA-128-CFB"; +enum LN_camellia_128_cfb128 = "camellia-128-cfb"; +enum NID_camellia_128_cfb128 = 757; +enum OBJ_camellia_128_cfb128 = "OBJ_camellia,4L"; + +enum SN_camellia_192_ecb = "CAMELLIA-192-ECB"; +enum LN_camellia_192_ecb = "camellia-192-ecb"; +enum NID_camellia_192_ecb = 755; +enum OBJ_camellia_192_ecb = "OBJ_camellia,21L"; + +enum SN_camellia_192_ofb128 = "CAMELLIA-192-OFB"; +enum LN_camellia_192_ofb128 = "camellia-192-ofb"; +enum NID_camellia_192_ofb128 = 767; +enum OBJ_camellia_192_ofb128 = "OBJ_camellia,23L"; + +enum SN_camellia_192_cfb128 = "CAMELLIA-192-CFB"; +enum LN_camellia_192_cfb128 = "camellia-192-cfb"; +enum NID_camellia_192_cfb128 = 758; +enum OBJ_camellia_192_cfb128 = "OBJ_camellia,24L"; + +enum SN_camellia_256_ecb = "CAMELLIA-256-ECB"; +enum LN_camellia_256_ecb = "camellia-256-ecb"; +enum NID_camellia_256_ecb = 756; +enum OBJ_camellia_256_ecb = "OBJ_camellia,41L"; + +enum SN_camellia_256_ofb128 = "CAMELLIA-256-OFB"; +enum LN_camellia_256_ofb128 = "camellia-256-ofb"; +enum NID_camellia_256_ofb128 = 768; +enum OBJ_camellia_256_ofb128 = "OBJ_camellia,43L"; + +enum SN_camellia_256_cfb128 = "CAMELLIA-256-CFB"; +enum LN_camellia_256_cfb128 = "camellia-256-cfb"; +enum NID_camellia_256_cfb128 = 759; +enum OBJ_camellia_256_cfb128 = "OBJ_camellia,44L"; + +enum SN_camellia_128_cfb1 = "CAMELLIA-128-CFB1"; +enum LN_camellia_128_cfb1 = "camellia-128-cfb1"; +enum NID_camellia_128_cfb1 = 760; + +enum SN_camellia_192_cfb1 = "CAMELLIA-192-CFB1"; +enum LN_camellia_192_cfb1 = "camellia-192-cfb1"; +enum NID_camellia_192_cfb1 = 761; + +enum SN_camellia_256_cfb1 = "CAMELLIA-256-CFB1"; +enum LN_camellia_256_cfb1 = "camellia-256-cfb1"; +enum NID_camellia_256_cfb1 = 762; + +enum SN_camellia_128_cfb8 = "CAMELLIA-128-CFB8"; +enum LN_camellia_128_cfb8 = "camellia-128-cfb8"; +enum NID_camellia_128_cfb8 = 763; + +enum SN_camellia_192_cfb8 = "CAMELLIA-192-CFB8"; +enum LN_camellia_192_cfb8 = "camellia-192-cfb8"; +enum NID_camellia_192_cfb8 = 764; + +enum SN_camellia_256_cfb8 = "CAMELLIA-256-CFB8"; +enum LN_camellia_256_cfb8 = "camellia-256-cfb8"; +enum NID_camellia_256_cfb8 = 765; + +enum SN_kisa = "KISA"; +enum LN_kisa = "kisa"; +enum NID_kisa = 773; +enum OBJ_kisa = "OBJ_member_body,410L,200004L"; + +enum SN_seed_ecb = "SEED-ECB"; +enum LN_seed_ecb = "seed-ecb"; +enum NID_seed_ecb = 776; +enum OBJ_seed_ecb = "OBJ_kisa,1L,3L"; + +enum SN_seed_cbc = "SEED-CBC"; +enum LN_seed_cbc = "seed-cbc"; +enum NID_seed_cbc = 777; +enum OBJ_seed_cbc = "OBJ_kisa,1L,4L"; + +enum SN_seed_cfb128 = "SEED-CFB"; +enum LN_seed_cfb128 = "seed-cfb"; +enum NID_seed_cfb128 = 779; +enum OBJ_seed_cfb128 = "OBJ_kisa,1L,5L"; + +enum SN_seed_ofb128 = "SEED-OFB"; +enum LN_seed_ofb128 = "seed-ofb"; +enum NID_seed_ofb128 = 778; +enum OBJ_seed_ofb128 = "OBJ_kisa,1L,6L"; + +enum SN_hmac = "HMAC"; +enum LN_hmac = "hmac"; +enum NID_hmac = 855; + +enum SN_cmac = "CMAC"; +enum LN_cmac = "cmac"; +enum NID_cmac = 894; + +enum SN_rc4_hmac_md5 = "RC4-HMAC-MD5"; +enum LN_rc4_hmac_md5 = "rc4-hmac-md5"; +enum NID_rc4_hmac_md5 = 915; + +enum SN_aes_128_cbc_hmac_sha1 = "AES-128-CBC-HMAC-SHA1"; +enum LN_aes_128_cbc_hmac_sha1 = "aes-128-cbc-hmac-sha1"; +enum NID_aes_128_cbc_hmac_sha1 = 916; + +enum SN_aes_192_cbc_hmac_sha1 = "AES-192-CBC-HMAC-SHA1"; +enum LN_aes_192_cbc_hmac_sha1 = "aes-192-cbc-hmac-sha1"; +enum NID_aes_192_cbc_hmac_sha1 = 917; + +enum SN_aes_256_cbc_hmac_sha1 = "AES-256-CBC-HMAC-SHA1"; +enum LN_aes_256_cbc_hmac_sha1 = "aes-256-cbc-hmac-sha1"; +enum NID_aes_256_cbc_hmac_sha1 = 918; + diff --git a/deimos/openssl/objects.d b/deimos/openssl/objects.d new file mode 100644 index 0000000..3f9de18 --- /dev/null +++ b/deimos/openssl/objects.d @@ -0,0 +1,1149 @@ +/* crypto/objects/objects.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.objects; + +import deimos.openssl._d_util; + +version = USE_OBJ_MAC; + +version (USE_OBJ_MAC) { +public import deimos.openssl.obj_mac; +} else { +/+ +enum SN_undef = "UNDEF"; +enum LN_undef = "undefined"; +enum NID_undef = 0; +enum OBJ_undef = "0L"; + +enum SN_Algorithm = "Algorithm"; +enum LN_algorithm = "algorithm"; +enum NID_algorithm = 38; +enum OBJ_algorithm = "1L,3L,14L,3L,2L"; + +enum LN_rsadsi = "rsadsi"; +enum NID_rsadsi = 1; +enum OBJ_rsadsi = "1L,2L,840L,113549L"; + +enum LN_pkcs = "pkcs"; +enum NID_pkcs = 2; +enum OBJ_pkcs = "OBJ_rsadsi,1L"; + +enum SN_md2 = "MD2"; +enum LN_md2 = "md2"; +enum NID_md2 = 3; +enum OBJ_md2 = "OBJ_rsadsi,2L,2L"; + +enum SN_md5 = "MD5"; +enum LN_md5 = "md5"; +enum NID_md5 = 4; +enum OBJ_md5 = "OBJ_rsadsi,2L,5L"; + +enum SN_rc4 = "RC4"; +enum LN_rc4 = "rc4"; +enum NID_rc4 = 5; +enum OBJ_rc4 = "OBJ_rsadsi,3L,4L"; + +enum LN_rsaEncryption = "rsaEncryption"; +enum NID_rsaEncryption = 6; +enum OBJ_rsaEncryption = "OBJ_pkcs,1L,1L"; + +enum SN_md2WithRSAEncryption = "RSA-MD2"; +enum LN_md2WithRSAEncryption = "md2WithRSAEncryption"; +enum NID_md2WithRSAEncryption = 7; +enum OBJ_md2WithRSAEncryption = "OBJ_pkcs,1L,2L"; + +enum SN_md5WithRSAEncryption = "RSA-MD5"; +enum LN_md5WithRSAEncryption = "md5WithRSAEncryption"; +enum NID_md5WithRSAEncryption = 8; +enum OBJ_md5WithRSAEncryption = "OBJ_pkcs,1L,4L"; + +enum SN_pbeWithMD2AndDES_CBC = "PBE-MD2-DES"; +enum LN_pbeWithMD2AndDES_CBC = "pbeWithMD2AndDES-CBC"; +enum NID_pbeWithMD2AndDES_CBC = 9; +enum OBJ_pbeWithMD2AndDES_CBC = "OBJ_pkcs,5L,1L"; + +enum SN_pbeWithMD5AndDES_CBC = "PBE-MD5-DES"; +enum LN_pbeWithMD5AndDES_CBC = "pbeWithMD5AndDES-CBC"; +enum NID_pbeWithMD5AndDES_CBC = 10; +enum OBJ_pbeWithMD5AndDES_CBC = "OBJ_pkcs,5L,3L"; + +enum LN_X500 = "X500"; +enum NID_X500 = 11; +enum OBJ_X500 = "2L,5L"; + +enum LN_X509 = "X509"; +enum NID_X509 = 12; +enum OBJ_X509 = "OBJ_X500,4L"; + +enum SN_commonName = "CN"; +enum LN_commonName = "commonName"; +enum NID_commonName = 13; +enum OBJ_commonName = "OBJ_X509,3L"; + +enum SN_countryName = "C"; +enum LN_countryName = "countryName"; +enum NID_countryName = 14; +enum OBJ_countryName = "OBJ_X509,6L"; + +enum SN_localityName = "L"; +enum LN_localityName = "localityName"; +enum NID_localityName = 15; +enum OBJ_localityName = "OBJ_X509,7L"; + +/* Postal Address? PA */ + +/* should be "ST" (rfc1327) but MS uses 'S' */ +enum SN_stateOrProvinceName = "ST"; +enum LN_stateOrProvinceName = "stateOrProvinceName"; +enum NID_stateOrProvinceName = 16; +enum OBJ_stateOrProvinceName = "OBJ_X509,8L"; + +enum SN_organizationName = "O"; +enum LN_organizationName = "organizationName"; +enum NID_organizationName = 17; +enum OBJ_organizationName = "OBJ_X509,10L"; + +enum SN_organizationalUnitName = "OU"; +enum LN_organizationalUnitName = "organizationalUnitName"; +enum NID_organizationalUnitName = 18; +enum OBJ_organizationalUnitName = "OBJ_X509,11L"; + +enum SN_rsa = "RSA"; +enum LN_rsa = "rsa"; +enum NID_rsa = 19; +enum OBJ_rsa = "OBJ_X500,8L,1L,1L"; + +enum LN_pkcs7 = "pkcs7"; +enum NID_pkcs7 = 20; +enum OBJ_pkcs7 = "OBJ_pkcs,7L"; + +enum LN_pkcs7_data = "pkcs7-data"; +enum NID_pkcs7_data = 21; +enum OBJ_pkcs7_data = "OBJ_pkcs7,1L"; + +enum LN_pkcs7_signed = "pkcs7-signedData"; +enum NID_pkcs7_signed = 22; +enum OBJ_pkcs7_signed = "OBJ_pkcs7,2L"; + +enum LN_pkcs7_enveloped = "pkcs7-envelopedData"; +enum NID_pkcs7_enveloped = 23; +enum OBJ_pkcs7_enveloped = "OBJ_pkcs7,3L"; + +enum LN_pkcs7_signedAndEnveloped = "pkcs7-signedAndEnvelopedData"; +enum NID_pkcs7_signedAndEnveloped = 24; +enum OBJ_pkcs7_signedAndEnveloped = "OBJ_pkcs7,4L"; + +enum LN_pkcs7_digest = "pkcs7-digestData"; +enum NID_pkcs7_digest = 25; +enum OBJ_pkcs7_digest = "OBJ_pkcs7,5L"; + +enum LN_pkcs7_encrypted = "pkcs7-encryptedData"; +enum NID_pkcs7_encrypted = 26; +enum OBJ_pkcs7_encrypted = "OBJ_pkcs7,6L"; + +enum LN_pkcs3 = "pkcs3"; +enum NID_pkcs3 = 27; +enum OBJ_pkcs3 = "OBJ_pkcs,3L"; + +enum LN_dhKeyAgreement = "dhKeyAgreement"; +enum NID_dhKeyAgreement = 28; +enum OBJ_dhKeyAgreement = "OBJ_pkcs3,1L"; + +enum SN_des_ecb = "DES-ECB"; +enum LN_des_ecb = "des-ecb"; +enum NID_des_ecb = 29; +enum OBJ_des_ecb = "OBJ_algorithm,6L"; + +enum SN_des_cfb64 = "DES-CFB"; +enum LN_des_cfb64 = "des-cfb"; +enum NID_des_cfb64 = 30; +/* IV + num */ +enum OBJ_des_cfb64 = "OBJ_algorithm,9L"; + +enum SN_des_cbc = "DES-CBC"; +enum LN_des_cbc = "des-cbc"; +enum NID_des_cbc = 31; +/* IV */ +enum OBJ_des_cbc = "OBJ_algorithm,7L"; + +enum SN_des_ede = "DES-EDE"; +enum LN_des_ede = "des-ede"; +enum NID_des_ede = 32; +/* ?? */ +enum OBJ_des_ede = "OBJ_algorithm,17L"; + +enum SN_des_ede3 = "DES-EDE3"; +enum LN_des_ede3 = "des-ede3"; +enum NID_des_ede3 = 33; + +enum SN_idea_cbc = "IDEA-CBC"; +enum LN_idea_cbc = "idea-cbc"; +enum NID_idea_cbc = 34; +enum OBJ_idea_cbc = "1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L"; + +enum SN_idea_cfb64 = "IDEA-CFB"; +enum LN_idea_cfb64 = "idea-cfb"; +enum NID_idea_cfb64 = 35; + +enum SN_idea_ecb = "IDEA-ECB"; +enum LN_idea_ecb = "idea-ecb"; +enum NID_idea_ecb = 36; + +enum SN_rc2_cbc = "RC2-CBC"; +enum LN_rc2_cbc = "rc2-cbc"; +enum NID_rc2_cbc = 37; +enum OBJ_rc2_cbc = "OBJ_rsadsi,3L,2L"; + +enum SN_rc2_ecb = "RC2-ECB"; +enum LN_rc2_ecb = "rc2-ecb"; +enum NID_rc2_ecb = 38; + +enum SN_rc2_cfb64 = "RC2-CFB"; +enum LN_rc2_cfb64 = "rc2-cfb"; +enum NID_rc2_cfb64 = 39; + +enum SN_rc2_ofb64 = "RC2-OFB"; +enum LN_rc2_ofb64 = "rc2-ofb"; +enum NID_rc2_ofb64 = 40; + +enum SN_sha = "SHA"; +enum LN_sha = "sha"; +enum NID_sha = 41; +enum OBJ_sha = "OBJ_algorithm,18L"; + +enum SN_shaWithRSAEncryption = "RSA-SHA"; +enum LN_shaWithRSAEncryption = "shaWithRSAEncryption"; +enum NID_shaWithRSAEncryption = 42; +enum OBJ_shaWithRSAEncryption = "OBJ_algorithm,15L"; + +enum SN_des_ede_cbc = "DES-EDE-CBC"; +enum LN_des_ede_cbc = "des-ede-cbc"; +enum NID_des_ede_cbc = 43; + +enum SN_des_ede3_cbc = "DES-EDE3-CBC"; +enum LN_des_ede3_cbc = "des-ede3-cbc"; +enum NID_des_ede3_cbc = 44; +enum OBJ_des_ede3_cbc = "OBJ_rsadsi,3L,7L"; + +enum SN_des_ofb64 = "DES-OFB"; +enum LN_des_ofb64 = "des-ofb"; +enum NID_des_ofb64 = 45; +enum OBJ_des_ofb64 = "OBJ_algorithm,8L"; + +enum SN_idea_ofb64 = "IDEA-OFB"; +enum LN_idea_ofb64 = "idea-ofb"; +enum NID_idea_ofb64 = 46; + +enum LN_pkcs9 = "pkcs9"; +enum NID_pkcs9 = 47; +enum OBJ_pkcs9 = "OBJ_pkcs,9L"; + +enum SN_pkcs9_emailAddress = "Email"; +enum LN_pkcs9_emailAddress = "emailAddress"; +enum NID_pkcs9_emailAddress = 48; +enum OBJ_pkcs9_emailAddress = "OBJ_pkcs9,1L"; + +enum LN_pkcs9_unstructuredName = "unstructuredName"; +enum NID_pkcs9_unstructuredName = 49; +enum OBJ_pkcs9_unstructuredName = "OBJ_pkcs9,2L"; + +enum LN_pkcs9_contentType = "contentType"; +enum NID_pkcs9_contentType = 50; +enum OBJ_pkcs9_contentType = "OBJ_pkcs9,3L"; + +enum LN_pkcs9_messageDigest = "messageDigest"; +enum NID_pkcs9_messageDigest = 51; +enum OBJ_pkcs9_messageDigest = "OBJ_pkcs9,4L"; + +enum LN_pkcs9_signingTime = "signingTime"; +enum NID_pkcs9_signingTime = 52; +enum OBJ_pkcs9_signingTime = "OBJ_pkcs9,5L"; + +enum LN_pkcs9_countersignature = "countersignature"; +enum NID_pkcs9_countersignature = 53; +enum OBJ_pkcs9_countersignature = "OBJ_pkcs9,6L"; + +enum LN_pkcs9_challengePassword = "challengePassword"; +enum NID_pkcs9_challengePassword = 54; +enum OBJ_pkcs9_challengePassword = "OBJ_pkcs9,7L"; + +enum LN_pkcs9_unstructuredAddress = "unstructuredAddress"; +enum NID_pkcs9_unstructuredAddress = 55; +enum OBJ_pkcs9_unstructuredAddress = "OBJ_pkcs9,8L"; + +enum LN_pkcs9_extCertAttributes = "extendedCertificateAttributes"; +enum NID_pkcs9_extCertAttributes = 56; +enum OBJ_pkcs9_extCertAttributes = "OBJ_pkcs9,9L"; + +enum SN_netscape = "Netscape"; +enum LN_netscape = "Netscape Communications Corp."; +enum NID_netscape = 57; +enum OBJ_netscape = "2L,16L,840L,1L,113730L"; + +enum SN_netscape_cert_extension = "nsCertExt"; +enum LN_netscape_cert_extension = "Netscape Certificate Extension"; +enum NID_netscape_cert_extension = 58; +enum OBJ_netscape_cert_extension = "OBJ_netscape,1L"; + +enum SN_netscape_data_type = "nsDataType"; +enum LN_netscape_data_type = "Netscape Data Type"; +enum NID_netscape_data_type = 59; +enum OBJ_netscape_data_type = "OBJ_netscape,2L"; + +enum SN_des_ede_cfb64 = "DES-EDE-CFB"; +enum LN_des_ede_cfb64 = "des-ede-cfb"; +enum NID_des_ede_cfb64 = 60; + +enum SN_des_ede3_cfb64 = "DES-EDE3-CFB"; +enum LN_des_ede3_cfb64 = "des-ede3-cfb"; +enum NID_des_ede3_cfb64 = 61; + +enum SN_des_ede_ofb64 = "DES-EDE-OFB"; +enum LN_des_ede_ofb64 = "des-ede-ofb"; +enum NID_des_ede_ofb64 = 62; + +enum SN_des_ede3_ofb64 = "DES-EDE3-OFB"; +enum LN_des_ede3_ofb64 = "des-ede3-ofb"; +enum NID_des_ede3_ofb64 = 63; + +/* I'm not sure about the object ID */ +enum SN_sha1 = "SHA1"; +enum LN_sha1 = "sha1"; +enum NID_sha1 = 64; +enum OBJ_sha1 = "OBJ_algorithm,26L"; +/* 28 Jun 1996 - eay */ +/* alias 1L OBJ_sha1;,3L,14L,2L,26L,05L <- wrong */ + +enum SN_sha1WithRSAEncryption = "RSA-SHA1"; +enum LN_sha1WithRSAEncryption = "sha1WithRSAEncryption"; +enum NID_sha1WithRSAEncryption = 65; +enum OBJ_sha1WithRSAEncryption = "OBJ_pkcs,1L,5L"; + +enum SN_dsaWithSHA = "DSA-SHA"; +enum LN_dsaWithSHA = "dsaWithSHA"; +enum NID_dsaWithSHA = 66; +enum OBJ_dsaWithSHA = "OBJ_algorithm,13L"; + +enum SN_dsa_2 = "DSA-old"; +enum LN_dsa_2 = "dsaEncryption-old"; +enum NID_dsa_2 = 67; +enum OBJ_dsa_2 = "OBJ_algorithm,12L"; + +/* proposed by microsoft to RSA */ +enum SN_pbeWithSHA1AndRC2_CBC = "PBE-SHA1-RC2-64"; +enum LN_pbeWithSHA1AndRC2_CBC = "pbeWithSHA1AndRC2-CBC"; +enum NID_pbeWithSHA1AndRC2_CBC = 68; +enum OBJ_pbeWithSHA1AndRC2_CBC = "OBJ_pkcs,5L,11L"; + +/* proposed by microsoft to RSA as pbeWithSHA1AndRC4: it is now + * defined explicitly in PKCS#5 v2.0 as id-PBKDF2 which is something + * completely different. + */ +enum LN_id_pbkdf2 = "PBKDF2"; +enum NID_id_pbkdf2 = 69; +enum OBJ_id_pbkdf2 = "OBJ_pkcs,5L,12L"; + +enum SN_dsaWithSHA1_2 = "DSA-SHA1-old"; +enum LN_dsaWithSHA1_2 = "dsaWithSHA1-old"; +enum NID_dsaWithSHA1_2 = 70; +/* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */ +enum OBJ_dsaWithSHA1_2 = "OBJ_algorithm,27L"; + +enum SN_netscape_cert_type = "nsCertType"; +enum LN_netscape_cert_type = "Netscape Cert Type"; +enum NID_netscape_cert_type = 71; +enum OBJ_netscape_cert_type = "OBJ_netscape_cert_extension,1L"; + +enum SN_netscape_base_url = "nsBaseUrl"; +enum LN_netscape_base_url = "Netscape Base Url"; +enum NID_netscape_base_url = 72; +enum OBJ_netscape_base_url = "OBJ_netscape_cert_extension,2L"; + +enum SN_netscape_revocation_url = "nsRevocationUrl"; +enum LN_netscape_revocation_url = "Netscape Revocation Url"; +enum NID_netscape_revocation_url = 73; +enum OBJ_netscape_revocation_url = "OBJ_netscape_cert_extension,3L"; + +enum SN_netscape_ca_revocation_url = "nsCaRevocationUrl"; +enum LN_netscape_ca_revocation_url = "Netscape CA Revocation Url"; +enum NID_netscape_ca_revocation_url = 74; +enum OBJ_netscape_ca_revocation_url = "OBJ_netscape_cert_extension,4L"; + +enum SN_netscape_renewal_url = "nsRenewalUrl"; +enum LN_netscape_renewal_url = "Netscape Renewal Url"; +enum NID_netscape_renewal_url = 75; +enum OBJ_netscape_renewal_url = "OBJ_netscape_cert_extension,7L"; + +enum SN_netscape_ca_policy_url = "nsCaPolicyUrl"; +enum LN_netscape_ca_policy_url = "Netscape CA Policy Url"; +enum NID_netscape_ca_policy_url = 76; +enum OBJ_netscape_ca_policy_url = "OBJ_netscape_cert_extension,8L"; + +enum SN_netscape_ssl_server_name = "nsSslServerName"; +enum LN_netscape_ssl_server_name = "Netscape SSL Server Name"; +enum NID_netscape_ssl_server_name = 77; +enum OBJ_netscape_ssl_server_name = "OBJ_netscape_cert_extension,12L"; + +enum SN_netscape_comment = "nsComment"; +enum LN_netscape_comment = "Netscape Comment"; +enum NID_netscape_comment = 78; +enum OBJ_netscape_comment = "OBJ_netscape_cert_extension,13L"; + +enum SN_netscape_cert_sequence = "nsCertSequence"; +enum LN_netscape_cert_sequence = "Netscape Certificate Sequence"; +enum NID_netscape_cert_sequence = 79; +enum OBJ_netscape_cert_sequence = "OBJ_netscape_data_type,5L"; + +enum SN_desx_cbc = "DESX-CBC"; +enum LN_desx_cbc = "desx-cbc"; +enum NID_desx_cbc = 80; + +enum SN_id_ce = "id-ce"; +enum NID_id_ce = 81; +enum OBJ_id_ce = "2L,5L,29L"; + +enum SN_subject_key_identifier = "subjectKeyIdentifier"; +enum LN_subject_key_identifier = "X509v3 Subject Key Identifier"; +enum NID_subject_key_identifier = 82; +enum OBJ_subject_key_identifier = "OBJ_id_ce,14L"; + +enum SN_key_usage = "keyUsage"; +enum LN_key_usage = "X509v3 Key Usage"; +enum NID_key_usage = 83; +enum OBJ_key_usage = "OBJ_id_ce,15L"; + +enum SN_private_key_usage_period = "privateKeyUsagePeriod"; +enum LN_private_key_usage_period = "X509v3 Private Key Usage Period"; +enum NID_private_key_usage_period = 84; +enum OBJ_private_key_usage_period = "OBJ_id_ce,16L"; + +enum SN_subject_alt_name = "subjectAltName"; +enum LN_subject_alt_name = "X509v3 Subject Alternative Name"; +enum NID_subject_alt_name = 85; +enum OBJ_subject_alt_name = "OBJ_id_ce,17L"; + +enum SN_issuer_alt_name = "issuerAltName"; +enum LN_issuer_alt_name = "X509v3 Issuer Alternative Name"; +enum NID_issuer_alt_name = 86; +enum OBJ_issuer_alt_name = "OBJ_id_ce,18L"; + +enum SN_basic_constraints = "basicConstraints"; +enum LN_basic_constraints = "X509v3 Basic Constraints"; +enum NID_basic_constraints = 87; +enum OBJ_basic_constraints = "OBJ_id_ce,19L"; + +enum SN_crl_number = "crlNumber"; +enum LN_crl_number = "X509v3 CRL Number"; +enum NID_crl_number = 88; +enum OBJ_crl_number = "OBJ_id_ce,20L"; + +enum SN_certificate_policies = "certificatePolicies"; +enum LN_certificate_policies = "X509v3 Certificate Policies"; +enum NID_certificate_policies = 89; +enum OBJ_certificate_policies = "OBJ_id_ce,32L"; + +enum SN_authority_key_identifier = "authorityKeyIdentifier"; +enum LN_authority_key_identifier = "X509v3 Authority Key Identifier"; +enum NID_authority_key_identifier = 90; +enum OBJ_authority_key_identifier = "OBJ_id_ce,35L"; + +enum SN_bf_cbc = "BF-CBC"; +enum LN_bf_cbc = "bf-cbc"; +enum NID_bf_cbc = 91; +enum OBJ_bf_cbc = "1L,3L,6L,1L,4L,1L,3029L,1L,2L"; + +enum SN_bf_ecb = "BF-ECB"; +enum LN_bf_ecb = "bf-ecb"; +enum NID_bf_ecb = 92; + +enum SN_bf_cfb64 = "BF-CFB"; +enum LN_bf_cfb64 = "bf-cfb"; +enum NID_bf_cfb64 = 93; + +enum SN_bf_ofb64 = "BF-OFB"; +enum LN_bf_ofb64 = "bf-ofb"; +enum NID_bf_ofb64 = 94; + +enum SN_mdc2 = "MDC2"; +enum LN_mdc2 = "mdc2"; +enum NID_mdc2 = 95; +enum OBJ_mdc2 = "2L,5L,8L,3L,101L"; +/* An alternative? 1L,3L,14L,3L,2L,19L */ + +enum SN_mdc2WithRSA = "RSA-MDC2"; +enum LN_mdc2WithRSA = "mdc2withRSA"; +enum NID_mdc2WithRSA = 96; +enum OBJ_mdc2WithRSA = "2L,5L,8L,3L,100L"; + +enum SN_rc4_40 = "RC4-40"; +enum LN_rc4_40 = "rc4-40"; +enum NID_rc4_40 = 97; + +enum SN_rc2_40_cbc = "RC2-40-CBC"; +enum LN_rc2_40_cbc = "rc2-40-cbc"; +enum NID_rc2_40_cbc = 98; + +enum SN_givenName = "G"; +enum LN_givenName = "givenName"; +enum NID_givenName = 99; +enum OBJ_givenName = "OBJ_X509,42L"; + +enum SN_surname = "S"; +enum LN_surname = "surname"; +enum NID_surname = 100; +enum OBJ_surname = "OBJ_X509,4L"; + +enum SN_initials = "I"; +enum LN_initials = "initials"; +enum NID_initials = 101; +enum OBJ_initials = "OBJ_X509,43L"; + +enum SN_uniqueIdentifier = "UID"; +enum LN_uniqueIdentifier = "uniqueIdentifier"; +enum NID_uniqueIdentifier = 102; +enum OBJ_uniqueIdentifier = "OBJ_X509,45L"; + +enum SN_crl_distribution_points = "crlDistributionPoints"; +enum LN_crl_distribution_points = "X509v3 CRL Distribution Points"; +enum NID_crl_distribution_points = 103; +enum OBJ_crl_distribution_points = "OBJ_id_ce,31L"; + +enum SN_md5WithRSA = "RSA-NP-MD5"; +enum LN_md5WithRSA = "md5WithRSA"; +enum NID_md5WithRSA = 104; +enum OBJ_md5WithRSA = "OBJ_algorithm,3L"; + +enum SN_serialNumber = "SN"; +enum LN_serialNumber = "serialNumber"; +enum NID_serialNumber = 105; +enum OBJ_serialNumber = "OBJ_X509,5L"; + +enum SN_title = "T"; +enum LN_title = "title"; +enum NID_title = 106; +enum OBJ_title = "OBJ_X509,12L"; + +enum SN_description = "D"; +enum LN_description = "description"; +enum NID_description = 107; +enum OBJ_description = "OBJ_X509,13L"; + +/* CAST5 is CAST-128, I'm just sticking with the documentation */ +enum SN_cast5_cbc = "CAST5-CBC"; +enum LN_cast5_cbc = "cast5-cbc"; +enum NID_cast5_cbc = 108; +enum OBJ_cast5_cbc = "1L,2L,840L,113533L,7L,66L,10L"; + +enum SN_cast5_ecb = "CAST5-ECB"; +enum LN_cast5_ecb = "cast5-ecb"; +enum NID_cast5_ecb = 109; + +enum SN_cast5_cfb64 = "CAST5-CFB"; +enum LN_cast5_cfb64 = "cast5-cfb"; +enum NID_cast5_cfb64 = 110; + +enum SN_cast5_ofb64 = "CAST5-OFB"; +enum LN_cast5_ofb64 = "cast5-ofb"; +enum NID_cast5_ofb64 = 111; + +enum LN_pbeWithMD5AndCast5_CBC = "pbeWithMD5AndCast5CBC"; +enum NID_pbeWithMD5AndCast5_CBC = 112; +enum OBJ_pbeWithMD5AndCast5_CBC = "1L,2L,840L,113533L,7L,66L,12L"; + +/* This is one sun will soon be using :-( + * id-dsa-with-sha1 ID ::= { + * iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 } + */ +enum SN_dsaWithSHA1 = "DSA-SHA1"; +enum LN_dsaWithSHA1 = "dsaWithSHA1"; +enum NID_dsaWithSHA1 = 113; +enum OBJ_dsaWithSHA1 = "1L,2L,840L,10040L,4L,3L"; + +enum NID_md5_sha1 = 114; +enum SN_md5_sha1 = "MD5-SHA1"; +enum LN_md5_sha1 = "md5-sha1"; + +enum SN_sha1WithRSA = "RSA-SHA1-2"; +enum LN_sha1WithRSA = "sha1WithRSA"; +enum NID_sha1WithRSA = 115; +enum OBJ_sha1WithRSA = "OBJ_algorithm,29L"; + +enum SN_dsa = "DSA"; +enum LN_dsa = "dsaEncryption"; +enum NID_dsa = 116; +enum OBJ_dsa = "1L,2L,840L,10040L,4L,1L"; + +enum SN_ripemd160 = "RIPEMD160"; +enum LN_ripemd160 = "ripemd160"; +enum NID_ripemd160 = 117; +enum OBJ_ripemd160 = "1L,3L,36L,3L,2L,1L"; + +/* The name should actually be rsaSignatureWithripemd160, but I'm going + * to continue using the convention I'm using with the other ciphers */ +enum SN_ripemd160WithRSA = "RSA-RIPEMD160"; +enum LN_ripemd160WithRSA = "ripemd160WithRSA"; +enum NID_ripemd160WithRSA = 119; +enum OBJ_ripemd160WithRSA = "1L,3L,36L,3L,3L,1L,2L"; + +/* Taken from rfc2040 + * RC5_CBC_Parameters ::= SEQUENCE { + * version INTEGER (v1_0(16)), + * rounds INTEGER (8..127), + * blockSizeInBits INTEGER (64, 128), + * iv OCTET STRING OPTIONAL + * } + */ +enum SN_rc5_cbc = "RC5-CBC"; +enum LN_rc5_cbc = "rc5-cbc"; +enum NID_rc5_cbc = 120; +enum OBJ_rc5_cbc = "OBJ_rsadsi,3L,8L"; + +enum SN_rc5_ecb = "RC5-ECB"; +enum LN_rc5_ecb = "rc5-ecb"; +enum NID_rc5_ecb = 121; + +enum SN_rc5_cfb64 = "RC5-CFB"; +enum LN_rc5_cfb64 = "rc5-cfb"; +enum NID_rc5_cfb64 = 122; + +enum SN_rc5_ofb64 = "RC5-OFB"; +enum LN_rc5_ofb64 = "rc5-ofb"; +enum NID_rc5_ofb64 = 123; + +enum SN_rle_compression = "RLE"; +enum LN_rle_compression = "run length compression"; +enum NID_rle_compression = 124; +enum OBJ_rle_compression = "1L,1L,1L,1L,666L,1L"; + +enum SN_zlib_compression = "ZLIB"; +enum LN_zlib_compression = "zlib compression"; +enum NID_zlib_compression = 125; +enum OBJ_zlib_compression = "1L,1L,1L,1L,666L,2L"; + +enum SN_ext_key_usage = "extendedKeyUsage"; +enum LN_ext_key_usage = "X509v3 Extended Key Usage"; +enum NID_ext_key_usage = 126; +enum OBJ_ext_key_usage = "OBJ_id_ce,37"; + +enum SN_id_pkix = "PKIX"; +enum NID_id_pkix = 127; +enum OBJ_id_pkix = "1L,3L,6L,1L,5L,5L,7L"; + +enum SN_id_kp = "id-kp"; +enum NID_id_kp = 128; +enum OBJ_id_kp = "OBJ_id_pkix,3L"; + +/* PKIX extended key usage OIDs */ + +enum SN_server_auth = "serverAuth"; +enum LN_server_auth = "TLS Web Server Authentication"; +enum NID_server_auth = 129; +enum OBJ_server_auth = "OBJ_id_kp,1L"; + +enum SN_client_auth = "clientAuth"; +enum LN_client_auth = "TLS Web Client Authentication"; +enum NID_client_auth = 130; +enum OBJ_client_auth = "OBJ_id_kp,2L"; + +enum SN_code_sign = "codeSigning"; +enum LN_code_sign = "Code Signing"; +enum NID_code_sign = 131; +enum OBJ_code_sign = "OBJ_id_kp,3L"; + +enum SN_email_protect = "emailProtection"; +enum LN_email_protect = "E-mail Protection"; +enum NID_email_protect = 132; +enum OBJ_email_protect = "OBJ_id_kp,4L"; + +enum SN_time_stamp = "timeStamping"; +enum LN_time_stamp = "Time Stamping"; +enum NID_time_stamp = 133; +enum OBJ_time_stamp = "OBJ_id_kp,8L"; + +/* Additional extended key usage OIDs: Microsoft */ + +enum SN_ms_code_ind = "msCodeInd"; +enum LN_ms_code_ind = "Microsoft Individual Code Signing"; +enum NID_ms_code_ind = 134; +enum OBJ_ms_code_ind = "1L,3L,6L,1L,4L,1L,311L,2L,1L,21L"; + +enum SN_ms_code_com = "msCodeCom"; +enum LN_ms_code_com = "Microsoft Commercial Code Signing"; +enum NID_ms_code_com = 135; +enum OBJ_ms_code_com = "1L,3L,6L,1L,4L,1L,311L,2L,1L,22L"; + +enum SN_ms_ctl_sign = "msCTLSign"; +enum LN_ms_ctl_sign = "Microsoft Trust List Signing"; +enum NID_ms_ctl_sign = 136; +enum OBJ_ms_ctl_sign = "1L,3L,6L,1L,4L,1L,311L,10L,3L,1L"; + +enum SN_ms_sgc = "msSGC"; +enum LN_ms_sgc = "Microsoft Server Gated Crypto"; +enum NID_ms_sgc = 137; +enum OBJ_ms_sgc = "1L,3L,6L,1L,4L,1L,311L,10L,3L,3L"; + +enum SN_ms_efs = "msEFS"; +enum LN_ms_efs = "Microsoft Encrypted File System"; +enum NID_ms_efs = 138; +enum OBJ_ms_efs = "1L,3L,6L,1L,4L,1L,311L,10L,3L,4L"; + +/* Additional usage: Netscape */ + +enum SN_ns_sgc = "nsSGC"; +enum LN_ns_sgc = "Netscape Server Gated Crypto"; +enum NID_ns_sgc = 139; +enum OBJ_ns_sgc = "OBJ_netscape,4L,1L"; + +enum SN_delta_crl = "deltaCRL"; +enum LN_delta_crl = "X509v3 Delta CRL Indicator"; +enum NID_delta_crl = 140; +enum OBJ_delta_crl = "OBJ_id_ce,27L"; + +enum SN_crl_reason = "CRLReason"; +enum LN_crl_reason = "CRL Reason Code"; +enum NID_crl_reason = 141; +enum OBJ_crl_reason = "OBJ_id_ce,21L"; + +enum SN_invalidity_date = "invalidityDate"; +enum LN_invalidity_date = "Invalidity Date"; +enum NID_invalidity_date = 142; +enum OBJ_invalidity_date = "OBJ_id_ce,24L"; + +enum SN_sxnet = "SXNetID"; +enum LN_sxnet = "Strong Extranet ID"; +enum NID_sxnet = 143; +enum OBJ_sxnet = "1L,3L,101L,1L,4L,1L"; + +/* PKCS12 and related OBJECT IDENTIFIERS */ + +enum OBJ_pkcs12 = "OBJ_pkcs,12L"; +alias OBJ_pkcs12 OBJ_pkcs12_pbeids;, 1 + +enum SN_pbe_WithSHA1And128BitRC4 = "PBE-SHA1-RC4-128"; +enum LN_pbe_WithSHA1And128BitRC4 = "pbeWithSHA1And128BitRC4"; +enum NID_pbe_WithSHA1And128BitRC4 = 144; +alias OBJ_pkcs12_pbeids OBJ_pbe_WithSHA1And128BitRC4;, 1L + +enum SN_pbe_WithSHA1And40BitRC4 = "PBE-SHA1-RC4-40"; +enum LN_pbe_WithSHA1And40BitRC4 = "pbeWithSHA1And40BitRC4"; +enum NID_pbe_WithSHA1And40BitRC4 = 145; +alias OBJ_pkcs12_pbeids OBJ_pbe_WithSHA1And40BitRC4;, 2L + +enum SN_pbe_WithSHA1And3_Key_TripleDES_CBC = "PBE-SHA1-3DES"; +enum LN_pbe_WithSHA1And3_Key_TripleDES_CBC = "pbeWithSHA1And3-KeyTripleDES-CBC"; +enum NID_pbe_WithSHA1And3_Key_TripleDES_CBC = 146; +alias OBJ_pkcs12_pbeids OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC;, 3L + +enum SN_pbe_WithSHA1And2_Key_TripleDES_CBC = "PBE-SHA1-2DES"; +enum LN_pbe_WithSHA1And2_Key_TripleDES_CBC = "pbeWithSHA1And2-KeyTripleDES-CBC"; +enum NID_pbe_WithSHA1And2_Key_TripleDES_CBC = 147; +alias OBJ_pkcs12_pbeids OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC;, 4L + +enum SN_pbe_WithSHA1And128BitRC2_CBC = "PBE-SHA1-RC2-128"; +enum LN_pbe_WithSHA1And128BitRC2_CBC = "pbeWithSHA1And128BitRC2-CBC"; +enum NID_pbe_WithSHA1And128BitRC2_CBC = 148; +alias OBJ_pkcs12_pbeids OBJ_pbe_WithSHA1And128BitRC2_CBC;, 5L + +enum SN_pbe_WithSHA1And40BitRC2_CBC = "PBE-SHA1-RC2-40"; +enum LN_pbe_WithSHA1And40BitRC2_CBC = "pbeWithSHA1And40BitRC2-CBC"; +enum NID_pbe_WithSHA1And40BitRC2_CBC = 149; +alias OBJ_pkcs12_pbeids OBJ_pbe_WithSHA1And40BitRC2_CBC;, 6L + +alias OBJ_pkcs12 OBJ_pkcs12_Version1;, 10L + +alias OBJ_pkcs12_Version1 OBJ_pkcs12_BagIds;, 1L + +enum LN_keyBag = "keyBag"; +enum NID_keyBag = 150; +alias OBJ_pkcs12_BagIds OBJ_keyBag;, 1L + +enum LN_pkcs8ShroudedKeyBag = "pkcs8ShroudedKeyBag"; +enum NID_pkcs8ShroudedKeyBag = 151; +alias OBJ_pkcs12_BagIds OBJ_pkcs8ShroudedKeyBag;, 2L + +enum LN_certBag = "certBag"; +enum NID_certBag = 152; +alias OBJ_pkcs12_BagIds OBJ_certBag;, 3L + +enum LN_crlBag = "crlBag"; +enum NID_crlBag = 153; +alias OBJ_pkcs12_BagIds OBJ_crlBag;, 4L + +enum LN_secretBag = "secretBag"; +enum NID_secretBag = 154; +alias OBJ_pkcs12_BagIds OBJ_secretBag;, 5L + +enum LN_safeContentsBag = "safeContentsBag"; +enum NID_safeContentsBag = 155; +alias OBJ_pkcs12_BagIds OBJ_safeContentsBag;, 6L + +enum LN_friendlyName = "friendlyName"; +enum NID_friendlyName = 156; +alias OBJ_pkcs9 OBJ_friendlyName;, 20L + +enum LN_localKeyID = "localKeyID"; +enum NID_localKeyID = 157; +alias OBJ_pkcs9 OBJ_localKeyID;, 21L + +alias OBJ_pkcs9 OBJ_certTypes;, 22L + +enum LN_x509Certificate = "x509Certificate"; +enum NID_x509Certificate = 158; +alias OBJ_certTypes OBJ_x509Certificate;, 1L + +enum LN_sdsiCertificate = "sdsiCertificate"; +enum NID_sdsiCertificate = 159; +alias OBJ_certTypes OBJ_sdsiCertificate;, 2L + +alias OBJ_pkcs9 OBJ_crlTypes;, 23L + +enum LN_x509Crl = "x509Crl"; +enum NID_x509Crl = 160; +alias OBJ_crlTypes OBJ_x509Crl;, 1L + +/* PKCS#5 v2 OIDs */ + +enum LN_pbes2 = "PBES2"; +enum NID_pbes2 = 161; +enum OBJ_pbes2 = "OBJ_pkcs,5L,13L"; + +enum LN_pbmac1 = "PBMAC1"; +enum NID_pbmac1 = 162; +enum OBJ_pbmac1 = "OBJ_pkcs,5L,14L"; + +enum LN_hmacWithSHA1 = "hmacWithSHA1"; +enum NID_hmacWithSHA1 = 163; +enum OBJ_hmacWithSHA1 = "OBJ_rsadsi,2L,7L"; + +/* Policy Qualifier Ids */ + +enum LN_id_qt_cps = "Policy Qualifier CPS"; +enum SN_id_qt_cps = "id-qt-cps"; +enum NID_id_qt_cps = 164; +enum OBJ_id_qt_cps = "OBJ_id_pkix,2L,1L"; + +enum LN_id_qt_unotice = "Policy Qualifier User Notice"; +enum SN_id_qt_unotice = "id-qt-unotice"; +enum NID_id_qt_unotice = 165; +enum OBJ_id_qt_unotice = "OBJ_id_pkix,2L,2L"; + +enum SN_rc2_64_cbc = "RC2-64-CBC"; +enum LN_rc2_64_cbc = "rc2-64-cbc"; +enum NID_rc2_64_cbc = 166; + +enum SN_SMIMECapabilities = "SMIME-CAPS"; +enum LN_SMIMECapabilities = "S/MIME Capabilities"; +enum NID_SMIMECapabilities = 167; +enum OBJ_SMIMECapabilities = "OBJ_pkcs9,15L"; + +enum SN_pbeWithMD2AndRC2_CBC = "PBE-MD2-RC2-64"; +enum LN_pbeWithMD2AndRC2_CBC = "pbeWithMD2AndRC2-CBC"; +enum NID_pbeWithMD2AndRC2_CBC = 168; +enum OBJ_pbeWithMD2AndRC2_CBC = "OBJ_pkcs,5L,4L"; + +enum SN_pbeWithMD5AndRC2_CBC = "PBE-MD5-RC2-64"; +enum LN_pbeWithMD5AndRC2_CBC = "pbeWithMD5AndRC2-CBC"; +enum NID_pbeWithMD5AndRC2_CBC = 169; +enum OBJ_pbeWithMD5AndRC2_CBC = "OBJ_pkcs,5L,6L"; + +enum SN_pbeWithSHA1AndDES_CBC = "PBE-SHA1-DES"; +enum LN_pbeWithSHA1AndDES_CBC = "pbeWithSHA1AndDES-CBC"; +enum NID_pbeWithSHA1AndDES_CBC = 170; +enum OBJ_pbeWithSHA1AndDES_CBC = "OBJ_pkcs,5L,10L"; + +/* Extension request OIDs */ + +enum LN_ms_ext_req = "Microsoft Extension Request"; +enum SN_ms_ext_req = "msExtReq"; +enum NID_ms_ext_req = 171; +enum OBJ_ms_ext_req = "1L,3L,6L,1L,4L,1L,311L,2L,1L,14L"; + +enum LN_ext_req = "Extension Request"; +enum SN_ext_req = "extReq"; +enum NID_ext_req = 172; +enum OBJ_ext_req = "OBJ_pkcs9,14L"; + +enum SN_name = "name"; +enum LN_name = "name"; +enum NID_name = 173; +enum OBJ_name = "OBJ_X509,41L"; + +enum SN_dnQualifier = "dnQualifier"; +enum LN_dnQualifier = "dnQualifier"; +enum NID_dnQualifier = 174; +enum OBJ_dnQualifier = "OBJ_X509,46L"; + +enum SN_id_pe = "id-pe"; +enum NID_id_pe = 175; +enum OBJ_id_pe = "OBJ_id_pkix,1L"; + +enum SN_id_ad = "id-ad"; +enum NID_id_ad = 176; +enum OBJ_id_ad = "OBJ_id_pkix,48L"; + +enum SN_info_access = "authorityInfoAccess"; +enum LN_info_access = "Authority Information Access"; +enum NID_info_access = 177; +enum OBJ_info_access = "OBJ_id_pe,1L"; + +enum SN_ad_OCSP = "OCSP"; +enum LN_ad_OCSP = "OCSP"; +enum NID_ad_OCSP = 178; +enum OBJ_ad_OCSP = "OBJ_id_ad,1L"; + +enum SN_ad_ca_issuers = "caIssuers"; +enum LN_ad_ca_issuers = "CA Issuers"; +enum NID_ad_ca_issuers = 179; +enum OBJ_ad_ca_issuers = "OBJ_id_ad,2L"; + +enum SN_OCSP_sign = "OCSPSigning"; +enum LN_OCSP_sign = "OCSP Signing"; +enum NID_OCSP_sign = 180; +enum OBJ_OCSP_sign = "OBJ_id_kp,9L"; ++/ +} /* USE_OBJ_MAC */ + +public import deimos.openssl.bio; +public import deimos.openssl.asn1; + +enum OBJ_NAME_TYPE_UNDEF = "0x00"; +enum OBJ_NAME_TYPE_MD_METH = "0x01"; +enum OBJ_NAME_TYPE_CIPHER_METH = "0x02"; +enum OBJ_NAME_TYPE_PKEY_METH = "0x03"; +enum OBJ_NAME_TYPE_COMP_METH = "0x04"; +enum OBJ_NAME_TYPE_NUM = "0x05"; + +enum OBJ_NAME_ALIAS = "0x8000"; + +enum OBJ_BSEARCH_VALUE_ON_NOMATCH = "0x01"; +enum OBJ_BSEARCH_FIRST_VALUE_ON_MATCH = "0x02"; + + +extern (C): +nothrow: + +struct obj_name_st { + int type; + int alias_; + const(char)* name; + const(char)* data; + } +alias obj_name_st OBJ_NAME; + +alias OBJ_create OBJ_create_and_add_object; + + +int OBJ_NAME_init(); +int OBJ_NAME_new_index(ExternC!(c_ulong function(const(char)*)) hash_func, + ExternC!(int function(const(char)*, const(char)*)) cmp_func, + ExternC!(void function(const(char)*, int, const(char)*)) free_func); +const(char)* OBJ_NAME_get(const(char)* name,int type); +int OBJ_NAME_add(const(char)* name,int type,const(char)* data); +int OBJ_NAME_remove(const(char)* name,int type); +void OBJ_NAME_cleanup(int type); /* -1 for everything */ +void OBJ_NAME_do_all(int type,ExternC!(void function(const(OBJ_NAME)*,void* arg)) fn, + void* arg); +void OBJ_NAME_do_all_sorted(int type,ExternC!(void function(const(OBJ_NAME)*,void* arg)) fn, + void* arg); + +ASN1_OBJECT* OBJ_dup(const(ASN1_OBJECT)* o); +ASN1_OBJECT* OBJ_nid2obj(int n); +const(char)* OBJ_nid2ln(int n); +const(char)* OBJ_nid2sn(int n); +int OBJ_obj2nid(const(ASN1_OBJECT)* o); +ASN1_OBJECT* OBJ_txt2obj(const(char)* s, int no_name); +int OBJ_obj2txt(char* buf, int buf_len, const(ASN1_OBJECT)* a, int no_name); +int OBJ_txt2nid(const(char)* s); +int OBJ_ln2nid(const(char)* s); +int OBJ_sn2nid(const(char)* s); +int OBJ_cmp(const(ASN1_OBJECT)* a,const(ASN1_OBJECT)* b); +const(void)* OBJ_bsearch_(const(void)* key,const(void)* base,int num,int size, + ExternC!(int function(const(void)*, const(void)*)) cmp); +const(void)* OBJ_bsearch_ex_(const(void)* key,const(void)* base,int num, + int size, + ExternC!(int function(const(void)*, const(void)*)) cmp, + int flags); + +mixin template _DECLARE_OBJ_BSEARCH_CMP_FN(string scope_, type1, type2, string nm) { + mixin(" + int " ~ nm ~ "_cmp_BSEARCH_CMP_FN(const()*, const()*); + int " ~ nm ~ "_cmp(const(" ~ type2 ~ ")*, const(" ~ type2 ~ ")*); + " ~ scope_ ~ " " ~ type2 ~ "* OBJ_bsearch_" ~ nm ~ "(" ~ type1 ~ "* key, const(" ~ type2 ~ ")* base, int num); + "); +} + +mixin template DECLARE_OBJ_BSEARCH_CMP_FN(type1, type2, string cmp) { + mixin _DECLARE_OBJ_BSEARCH_CMP_FN!("static", type1, type2, cmp); +} + +mixin template DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, string nm) { + mixin("type2* OBJ_bsearch_" ~ nm ~ "(type1* key, const(type2)* base, int num);"); +} + + +/* + * Unsolved problem: if a type is actually a pointer type, like + * nid_triple is, then its impossible to get a const where you need + * it. Consider: + * + * typedef int nid_triple[3]; + * const(void)* a_; + * const nid_triple const* a = a_; + * + * The assignement discards a const because what you really want is: + * + * const int const* const* a = a_; + * + * But if you do that, you lose the fact that a is an array of 3 ints, + * which breaks comparison functions. + * + * Thus we end up having to cast, sadly, or unpack the + * declarations. Or, as I finally did in this case, delcare nid_triple + * to be a struct, which it should have been in the first place. + * + * Ben, August 2008. + * + * Also, strictly speaking not all types need be const, but handling + * the non-constness means a lot of complication, and in practice + * comparison routines do always not touch their arguments. + */ + +mixin template IMPLEMENT_OBJ_BSEARCH_CMP_FN(type1, type2, string nm) { + mixin(" + static int " ~ nm ~ "_cmp_BSEARCH_CMP_FN(const()* a_, const()* b_) + { + auto a = cast(const(type1)*) a_; + auto b = cast(const(type2)*) b_; + return " ~ nm ~ "_cmp(a,b); + } + static type2* OBJ_bsearch_" ~ nm ~ "(type1* key, const(type2)* base, int num) + { + return cast(type2*) OBJ_bsearch_(key, base, num, type2.sizeof, + " ~ nm ~ "_cmp_BSEARCH_CMP_FN); + } + extern void dummy_prototype(); + "); +} + + +mixin template IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, string nm) { + mixin(" + static int " ~ nm ~ "_cmp_BSEARCH_CMP_FN(const()* a_, const()* b_) + { + auto a = cast(const(type1)*) a_; + auto b = cast(const(type2)*) b_; + return " ~ nm ~ "_cmp(a,b); + } + type2* OBJ_bsearch_" ~ nm ~ "(type1* key, const(type2)* base, int num) + { + return cast(type2*) OBJ_bsearch_(key, base, num, type2.sizeof, + " ~ nm ~ "_cmp_BSEARCH_CMP_FN); + } + extern void dummy_prototype(); + "); +} + +template OBJ_bsearch(string type1, string key, string type2, string base, string num, string cmp) { + enum OBJ_bsearch = "(cast(" ~ type2 ~ "*)OBJ_bsearch_(CHECKED_PTR_OF!(" ~ type1 ~ ")(key),CHECKED_PTR_OF!(" ~ type2 ~ ")(base), + num, " ~ type2 ~ ".sizeof, + " ~ cmp ~ "_BSEARCH_CMP_FN))"; +} + +// FIXME: Not translated due to confusing original code ("type_2=CHECKED_PTR_OF"?) +// #define OBJ_bsearch_ex(type1,key,type2,base,num,cmp,flags) \ +// ((type2*)OBJ_bsearch_ex_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \ +// num,sizeof(type2), \ +// (()CHECKED_PTR_OF(type1,cmp##_type_1), \ +// ()type_2=CHECKED_PTR_OF(type2,cmp##_type_2), \ +// cmp##_BSEARCH_CMP_FN)),flags) + +int OBJ_new_nid(int num); +int OBJ_add_object(const(ASN1_OBJECT)* obj); +int OBJ_create(const(char)* oid,const(char)* sn,const(char)* ln); +void OBJ_cleanup(); +int OBJ_create_objects(BIO* in_); + +int OBJ_find_sigid_algs(int signid, int* pdig_nid, int* ppkey_nid); +int OBJ_find_sigid_by_algs(int* psignid, int dig_nid, int pkey_nid); +int OBJ_add_sigid(int signid, int dig_id, int pkey_id); +void OBJ_sigid_free(); + +extern int obj_cleanup_defer; +void check_defer(int nid); + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_OBJ_strings(); + +/* Error codes for the OBJ functions. */ + +/* Function codes. */ +enum OBJ_F_OBJ_ADD_OBJECT = "105"; +enum OBJ_F_OBJ_CREATE = "100"; +enum OBJ_F_OBJ_DUP = "101"; +enum OBJ_F_OBJ_NAME_NEW_INDEX = "106"; +enum OBJ_F_OBJ_NID2LN = "102"; +enum OBJ_F_OBJ_NID2OBJ = "103"; +enum OBJ_F_OBJ_NID2SN = "104"; + +/* Reason codes. */ +enum OBJ_R_MALLOC_FAILURE = "100"; +enum OBJ_R_UNKNOWN_NID = "101"; diff --git a/deimos/openssl/ocsp.d b/deimos/openssl/ocsp.d new file mode 100644 index 0000000..7dee88e --- /dev/null +++ b/deimos/openssl/ocsp.d @@ -0,0 +1,624 @@ +/* ocsp.h */ +/* Written by Tom Titchener for the OpenSSL + * project. */ + +/* History: + This file was transfered to Richard Levitte from CertCo by Kathy + Weinhold in mid-spring 2000 to be included in OpenSSL or released + as a patch kit. */ + +/* ==================================================================== + * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +module deimos.openssl.ocsp; + +import deimos.openssl._d_util; + +public import deimos.openssl.ossl_typ; +public import deimos.openssl.x509; +public import deimos.openssl.x509v3; +public import deimos.openssl.safestack; + +extern (C): +nothrow: + +/* Various flags and values */ + +enum OCSP_DEFAULT_NONCE_LENGTH = 16; + +enum OCSP_NOCERTS = 0x1; +enum OCSP_NOINTERN = 0x2; +enum OCSP_NOSIGS = 0x4; +enum OCSP_NOCHAIN = 0x8; +enum OCSP_NOVERIFY = 0x10; +enum OCSP_NOEXPLICIT = 0x20; +enum OCSP_NOCASIGN = 0x40; +enum OCSP_NODELEGATED = 0x80; +enum OCSP_NOCHECKS = 0x100; +enum OCSP_TRUSTOTHER = 0x200; +enum OCSP_RESPID_KEY = 0x400; +enum OCSP_NOTIME = 0x800; + +/* CertID ::= SEQUENCE { + * hashAlgorithm AlgorithmIdentifier, + * issuerNameHash OCTET STRING, -- Hash of Issuer's DN + * issuerKeyHash OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields) + * serialNumber CertificateSerialNumber } + */ +struct ocsp_cert_id_st { + X509_ALGOR* hashAlgorithm; + ASN1_OCTET_STRING* issuerNameHash; + ASN1_OCTET_STRING* issuerKeyHash; + ASN1_INTEGER* serialNumber; + } +alias ocsp_cert_id_st OCSP_CERTID; + +/+mixin DECLARE_STACK_OF!(OCSP_CERTID);+/ + +/* Request ::= SEQUENCE { + * reqCert CertID, + * singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL } + */ +struct ocsp_one_request_st { + OCSP_CERTID* reqCert; + STACK_OF!(X509_EXTENSION) *singleRequestExtensions; + } +alias ocsp_one_request_st OCSP_ONEREQ; + +/+mixin DECLARE_STACK_OF!(OCSP_ONEREQ);+/ +mixin DECLARE_ASN1_SET_OF!(OCSP_ONEREQ); + + +/* TBSRequest ::= SEQUENCE { + * version [0] EXPLICIT Version DEFAULT v1, + * requestorName [1] EXPLICIT GeneralName OPTIONAL, + * requestList SEQUENCE OF Request, + * requestExtensions [2] EXPLICIT Extensions OPTIONAL } + */ +struct ocsp_req_info_st { + ASN1_INTEGER* version_; + GENERAL_NAME* requestorName; + STACK_OF!(OCSP_ONEREQ) *requestList; + STACK_OF!(X509_EXTENSION) *requestExtensions; + } +alias ocsp_req_info_st OCSP_REQINFO; + +/* Signature ::= SEQUENCE { + * signatureAlgorithm AlgorithmIdentifier, + * signature BIT STRING, + * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } + */ +struct ocsp_signature_st { + X509_ALGOR* signatureAlgorithm; + ASN1_BIT_STRING* signature; + STACK_OF!(X509) *certs; + } +alias ocsp_signature_st OCSP_SIGNATURE; + +/* OCSPRequest ::= SEQUENCE { + * tbsRequest TBSRequest, + * optionalSignature [0] EXPLICIT Signature OPTIONAL } + */ +struct ocsp_request_st { + OCSP_REQINFO* tbsRequest; + OCSP_SIGNATURE* optionalSignature; /* OPTIONAL */ + } +alias ocsp_request_st OCSP_REQUEST; + +/* OCSPResponseStatus ::= ENUMERATED { + * successful (0), --Response has valid confirmations + * malformedRequest (1), --Illegal confirmation request + * internalError (2), --Internal error in issuer + * tryLater (3), --Try again later + * --(4) is not used + * sigRequired (5), --Must sign the request + * unauthorized (6) --Request unauthorized + * } + */ +enum OCSP_RESPONSE_STATUS_SUCCESSFUL = 0; +enum OCSP_RESPONSE_STATUS_MALFORMEDREQUEST = 1; +enum OCSP_RESPONSE_STATUS_INTERNALERROR = 2; +enum OCSP_RESPONSE_STATUS_TRYLATER = 3; +enum OCSP_RESPONSE_STATUS_SIGREQUIRED = 5; +enum OCSP_RESPONSE_STATUS_UNAUTHORIZED = 6; + +/* ResponseBytes ::= SEQUENCE { + * responseType OBJECT IDENTIFIER, + * response OCTET STRING } + */ +struct ocsp_resp_bytes_st { + ASN1_OBJECT* responseType; + ASN1_OCTET_STRING* response; + } +alias ocsp_resp_bytes_st OCSP_RESPBYTES; + +/* OCSPResponse ::= SEQUENCE { + * responseStatus OCSPResponseStatus, + * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL } + */ +struct ocsp_response_st + { + ASN1_ENUMERATED* responseStatus; + OCSP_RESPBYTES* responseBytes; + }; + +/* ResponderID ::= CHOICE { + * byName [1] Name, + * byKey [2] KeyHash } + */ +enum V_OCSP_RESPID_NAME = 0; +enum V_OCSP_RESPID_KEY = 1; +struct ocsp_responder_id_st + { + int type; + union value_ { + X509_NAME* byName; + ASN1_OCTET_STRING* byKey; + } + value_ value; + }; + +/+mixin DECLARE_STACK_OF!(OCSP_RESPID);+/ +// Already declared above +// mixin(DECLARE_ASN1_FUNCTIONS!"OCSP_RESPID"); + +/* KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key + * --(excluding the tag and length fields) + */ + +/* RevokedInfo ::= SEQUENCE { + * revocationTime GeneralizedTime, + * revocationReason [0] EXPLICIT CRLReason OPTIONAL } + */ +struct ocsp_revoked_info_st { + ASN1_GENERALIZEDTIME* revocationTime; + ASN1_ENUMERATED* revocationReason; + } +alias ocsp_revoked_info_st OCSP_REVOKEDINFO; + +/* CertStatus ::= CHOICE { + * good [0] IMPLICIT NULL, + * revoked [1] IMPLICIT RevokedInfo, + * unknown [2] IMPLICIT UnknownInfo } + */ +enum V_OCSP_CERTSTATUS_GOOD = 0; +enum V_OCSP_CERTSTATUS_REVOKED = 1; +enum V_OCSP_CERTSTATUS_UNKNOWN = 2; +struct ocsp_cert_status_st + { + int type; + union value_ { + ASN1_NULL* good; + OCSP_REVOKEDINFO* revoked; + ASN1_NULL* unknown; + } + value_ value; + } +alias ocsp_cert_status_st OCSP_CERTSTATUS; + +/* SingleResponse ::= SEQUENCE { + * certID CertID, + * certStatus CertStatus, + * thisUpdate GeneralizedTime, + * nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL, + * singleExtensions [1] EXPLICIT Extensions OPTIONAL } + */ +struct ocsp_single_response_st { + OCSP_CERTID* certId; + OCSP_CERTSTATUS* certStatus; + ASN1_GENERALIZEDTIME* thisUpdate; + ASN1_GENERALIZEDTIME* nextUpdate; + STACK_OF!(X509_EXTENSION) *singleExtensions; + } +alias ocsp_single_response_st OCSP_SINGLERESP; + +/+mixin DECLARE_STACK_OF!(OCSP_SINGLERESP);+/ +mixin DECLARE_ASN1_SET_OF!(OCSP_SINGLERESP); + +/* ResponseData ::= SEQUENCE { + * version [0] EXPLICIT Version DEFAULT v1, + * responderID ResponderID, + * producedAt GeneralizedTime, + * responses SEQUENCE OF SingleResponse, + * responseExtensions [1] EXPLICIT Extensions OPTIONAL } + */ +struct ocsp_response_data_st { + ASN1_INTEGER* version_; + OCSP_RESPID* responderId; + ASN1_GENERALIZEDTIME* producedAt; + STACK_OF!(OCSP_SINGLERESP) *responses; + STACK_OF!(X509_EXTENSION) *responseExtensions; + } +alias ocsp_response_data_st OCSP_RESPDATA; + +/* BasicOCSPResponse ::= SEQUENCE { + * tbsResponseData ResponseData, + * signatureAlgorithm AlgorithmIdentifier, + * signature BIT STRING, + * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } + */ + /* Note 1: + The value for "signature" is specified in the OCSP rfc2560 as follows: + "The value for the signature SHALL be computed on the hash of the DER + encoding ResponseData." This means that you must hash the DER-encoded + tbsResponseData, and then run it through a crypto-signing function, which + will (at least w/RSA) do a hash-'n'-private-encrypt operation. This seems + a bit odd, but that's the spec. Also note that the data structures do not + leave anywhere to independently specify the algorithm used for the initial + hash. So, we look at the signature-specification algorithm, and try to do + something intelligent. -- Kathy Weinhold, CertCo */ + /* Note 2: + It seems that the mentioned passage from RFC 2560 (section 4.2.1) is open + for interpretation. I've done tests against another responder, and found + that it doesn't do the double hashing that the RFC seems to say one + should. Therefore, all relevant functions take a flag saying which + variant should be used. -- Richard Levitte, OpenSSL team and CeloCom */ +struct ocsp_basic_response_st { + OCSP_RESPDATA* tbsResponseData; + X509_ALGOR* signatureAlgorithm; + ASN1_BIT_STRING* signature; + STACK_OF!(X509) *certs; + } +alias ocsp_basic_response_st OCSP_BASICRESP; + +/* + * CRLReason ::= ENUMERATED { + * unspecified (0), + * keyCompromise (1), + * cACompromise (2), + * affiliationChanged (3), + * superseded (4), + * cessationOfOperation (5), + * certificateHold (6), + * removeFromCRL (8) } + */ +enum OCSP_REVOKED_STATUS_NOSTATUS = -1; +enum OCSP_REVOKED_STATUS_UNSPECIFIED = 0; +enum OCSP_REVOKED_STATUS_KEYCOMPROMISE = 1; +enum OCSP_REVOKED_STATUS_CACOMPROMISE = 2; +enum OCSP_REVOKED_STATUS_AFFILIATIONCHANGED = 3; +enum OCSP_REVOKED_STATUS_SUPERSEDED = 4; +enum OCSP_REVOKED_STATUS_CESSATIONOFOPERATION = 5; +enum OCSP_REVOKED_STATUS_CERTIFICATEHOLD = 6; +enum OCSP_REVOKED_STATUS_REMOVEFROMCRL = 8; + +/* CrlID ::= SEQUENCE { + * crlUrl [0] EXPLICIT IA5String OPTIONAL, + * crlNum [1] EXPLICIT INTEGER OPTIONAL, + * crlTime [2] EXPLICIT GeneralizedTime OPTIONAL } + */ +struct ocsp_crl_id_st { + ASN1_IA5STRING* crlUrl; + ASN1_INTEGER* crlNum; + ASN1_GENERALIZEDTIME* crlTime; + } +alias ocsp_crl_id_st OCSP_CRLID; + +/* ServiceLocator ::= SEQUENCE { + * issuer Name, + * locator AuthorityInfoAccessSyntax OPTIONAL } + */ +struct ocsp_service_locator_st { + X509_NAME* issuer; + STACK_OF!(ACCESS_DESCRIPTION) *locator; + } +alias ocsp_service_locator_st OCSP_SERVICELOC; + +enum PEM_STRING_OCSP_REQUEST = "OCSP REQUEST"; +enum PEM_STRING_OCSP_RESPONSE = "OCSP RESPONSE"; + +/+ FIXME: Not yet ported. +#define d2i_OCSP_REQUEST_bio(bp,p) ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p) + +#define d2i_OCSP_RESPONSE_bio(bp,p) ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p) + +#define PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST*)PEM_ASN1_read_bio( \ + (ExternC!(char* function()) )d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,bp,(char**)x,cb,NULL) + +#define PEM_read_bio_OCSP_RESPONSE(bp,x,cb)(OCSP_RESPONSE*)PEM_ASN1_read_bio(\ + (ExternC!(char* function()) )d2i_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,bp,(char**)x,cb,NULL) + +#define PEM_write_bio_OCSP_REQUEST(bp,o) \ + PEM_ASN1_write_bio((ExternC!(int function()) )i2d_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,\ + bp,(char*)o, NULL,NULL,0,NULL,NULL) + +#define PEM_write_bio_OCSP_RESPONSE(bp,o) \ + PEM_ASN1_write_bio((ExternC!(int function()) )i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\ + bp,(char*)o, NULL,NULL,0,NULL,NULL) + +#define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o) + +#define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o) + +#define OCSP_REQUEST_sign(o,pkey,md) \ + ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\ + o->optionalSignature->signatureAlgorithm,NULL,\ + o->optionalSignature->signature,o->tbsRequest,pkey,md) + +#define OCSP_BASICRESP_sign(o,pkey,md,d) \ + ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),o->signatureAlgorithm,NULL,\ + o->signature,o->tbsResponseData,pkey,md) + +#define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\ + a->optionalSignature->signatureAlgorithm,\ + a->optionalSignature->signature,a->tbsRequest,r) + +#define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\ + a->signatureAlgorithm,a->signature,a->tbsResponseData,r) + +#define ASN1_BIT_STRING_digest(data,type,md,len) \ + ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len) + +#define OCSP_CERTSTATUS_dup(cs)\ + (OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\ + (ExternC!(char* function()) )d2i_OCSP_CERTSTATUS,(char*)(cs)) ++/ + +OCSP_CERTID* OCSP_CERTID_dup(OCSP_CERTID* id); + +OCSP_RESPONSE* OCSP_sendreq_bio(BIO* b, char* path, OCSP_REQUEST* req); +OCSP_REQ_CTX* OCSP_sendreq_new(BIO* io, char* path, OCSP_REQUEST* req, + int maxline); +int OCSP_sendreq_nbio(OCSP_RESPONSE** presp, OCSP_REQ_CTX* rctx); +void OCSP_REQ_CTX_free(OCSP_REQ_CTX* rctx); +int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX* rctx, OCSP_REQUEST* req); +int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX* rctx, + const(char)* name, const(char)* value); + +OCSP_CERTID* OCSP_cert_to_id(const(EVP_MD)* dgst, X509* subject, X509* issuer); + +OCSP_CERTID* OCSP_cert_id_new(const(EVP_MD)* dgst, + X509_NAME* issuerName, + ASN1_BIT_STRING* issuerKey, + ASN1_INTEGER* serialNumber); + +OCSP_ONEREQ* OCSP_request_add0_id(OCSP_REQUEST* req, OCSP_CERTID* cid); + +int OCSP_request_add1_nonce(OCSP_REQUEST* req, ubyte* val, int len); +int OCSP_basic_add1_nonce(OCSP_BASICRESP* resp, ubyte* val, int len); +int OCSP_check_nonce(OCSP_REQUEST* req, OCSP_BASICRESP* bs); +int OCSP_copy_nonce(OCSP_BASICRESP* resp, OCSP_REQUEST* req); + +int OCSP_request_set1_name(OCSP_REQUEST* req, X509_NAME* nm); +int OCSP_request_add1_cert(OCSP_REQUEST* req, X509* cert); + +int OCSP_request_sign(OCSP_REQUEST* req, + X509* signer, + EVP_PKEY* key, + const(EVP_MD)* dgst, + STACK_OF!(X509) *certs, + c_ulong flags); + +int OCSP_response_status(OCSP_RESPONSE* resp); +OCSP_BASICRESP* OCSP_response_get1_basic(OCSP_RESPONSE* resp); + +int OCSP_resp_count(OCSP_BASICRESP* bs); +OCSP_SINGLERESP* OCSP_resp_get0(OCSP_BASICRESP* bs, int idx); +int OCSP_resp_find(OCSP_BASICRESP* bs, OCSP_CERTID* id, int last); +int OCSP_single_get0_status(OCSP_SINGLERESP* single, int* reason, + ASN1_GENERALIZEDTIME** revtime, + ASN1_GENERALIZEDTIME** thisupd, + ASN1_GENERALIZEDTIME** nextupd); +int OCSP_resp_find_status(OCSP_BASICRESP* bs, OCSP_CERTID* id, int* status, + int* reason, + ASN1_GENERALIZEDTIME** revtime, + ASN1_GENERALIZEDTIME** thisupd, + ASN1_GENERALIZEDTIME** nextupd); +int OCSP_check_validity(ASN1_GENERALIZEDTIME* thisupd, + ASN1_GENERALIZEDTIME* nextupd, + c_long sec, c_long maxsec); + +int OCSP_request_verify(OCSP_REQUEST* req, STACK_OF!(X509) *certs, X509_STORE* store, c_ulong flags); + +int OCSP_parse_url(char* url, char** phost, char** pport, char** ppath, int* pssl); + +int OCSP_id_issuer_cmp(OCSP_CERTID* a, OCSP_CERTID* b); +int OCSP_id_cmp(OCSP_CERTID* a, OCSP_CERTID* b); + +int OCSP_request_onereq_count(OCSP_REQUEST* req); +OCSP_ONEREQ* OCSP_request_onereq_get0(OCSP_REQUEST* req, int i); +OCSP_CERTID* OCSP_onereq_get0_id(OCSP_ONEREQ* one); +int OCSP_id_get0_info(ASN1_OCTET_STRING** piNameHash, ASN1_OBJECT** pmd, + ASN1_OCTET_STRING** pikeyHash, + ASN1_INTEGER** pserial, OCSP_CERTID* cid); +int OCSP_request_is_signed(OCSP_REQUEST* req); +OCSP_RESPONSE* OCSP_response_create(int status, OCSP_BASICRESP* bs); +OCSP_SINGLERESP* OCSP_basic_add1_status(OCSP_BASICRESP* rsp, + OCSP_CERTID* cid, + int status, int reason, + ASN1_TIME* revtime, + ASN1_TIME* thisupd, ASN1_TIME* nextupd); +int OCSP_basic_add1_cert(OCSP_BASICRESP* resp, X509* cert); +int OCSP_basic_sign(OCSP_BASICRESP* brsp, + X509* signer, EVP_PKEY* key, const(EVP_MD)* dgst, + STACK_OF!(X509) *certs, c_ulong flags); + +X509_EXTENSION* OCSP_crlID_new(char* url, c_long* n, char* tim); + +X509_EXTENSION* OCSP_accept_responses_new(char** oids); + +X509_EXTENSION* OCSP_archive_cutoff_new(char* tim); + +X509_EXTENSION* OCSP_url_svcloc_new(X509_NAME* issuer, char** urls); + +int OCSP_REQUEST_get_ext_count(OCSP_REQUEST* x); +int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST* x, int nid, int lastpos); +int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST* x, ASN1_OBJECT* obj, int lastpos); +int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST* x, int crit, int lastpos); +X509_EXTENSION* OCSP_REQUEST_get_ext(OCSP_REQUEST* x, int loc); +X509_EXTENSION* OCSP_REQUEST_delete_ext(OCSP_REQUEST* x, int loc); +void* OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST* x, int nid, int* crit, int* idx); +int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST* x, int nid, void* value, int crit, + c_ulong flags); +int OCSP_REQUEST_add_ext(OCSP_REQUEST* x, X509_EXTENSION* ex, int loc); + +int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ* x); +int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ* x, int nid, int lastpos); +int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ* x, ASN1_OBJECT* obj, int lastpos); +int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ* x, int crit, int lastpos); +X509_EXTENSION* OCSP_ONEREQ_get_ext(OCSP_ONEREQ* x, int loc); +X509_EXTENSION* OCSP_ONEREQ_delete_ext(OCSP_ONEREQ* x, int loc); +void* OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ* x, int nid, int* crit, int* idx); +int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ* x, int nid, void* value, int crit, + c_ulong flags); +int OCSP_ONEREQ_add_ext(OCSP_ONEREQ* x, X509_EXTENSION* ex, int loc); + +int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP* x); +int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP* x, int nid, int lastpos); +int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP* x, ASN1_OBJECT* obj, int lastpos); +int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP* x, int crit, int lastpos); +X509_EXTENSION* OCSP_BASICRESP_get_ext(OCSP_BASICRESP* x, int loc); +X509_EXTENSION* OCSP_BASICRESP_delete_ext(OCSP_BASICRESP* x, int loc); +void* OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP* x, int nid, int* crit, int* idx); +int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP* x, int nid, void* value, int crit, + c_ulong flags); +int OCSP_BASICRESP_add_ext(OCSP_BASICRESP* x, X509_EXTENSION* ex, int loc); + +int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP* x); +int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP* x, int nid, int lastpos); +int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP* x, ASN1_OBJECT* obj, int lastpos); +int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP* x, int crit, int lastpos); +X509_EXTENSION* OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP* x, int loc); +X509_EXTENSION* OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP* x, int loc); +void* OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP* x, int nid, int* crit, int* idx); +int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP* x, int nid, void* value, int crit, + c_ulong flags); +int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP* x, X509_EXTENSION* ex, int loc); + +mixin(DECLARE_ASN1_FUNCTIONS!"OCSP_SINGLERESP"); +mixin(DECLARE_ASN1_FUNCTIONS!"OCSP_CERTSTATUS"); +mixin(DECLARE_ASN1_FUNCTIONS!"OCSP_REVOKEDINFO"); +mixin(DECLARE_ASN1_FUNCTIONS!"OCSP_BASICRESP"); +mixin(DECLARE_ASN1_FUNCTIONS!"OCSP_RESPDATA"); +mixin(DECLARE_ASN1_FUNCTIONS!"OCSP_RESPID"); +mixin(DECLARE_ASN1_FUNCTIONS!"OCSP_RESPONSE"); +mixin(DECLARE_ASN1_FUNCTIONS!"OCSP_RESPBYTES"); +mixin(DECLARE_ASN1_FUNCTIONS!"OCSP_ONEREQ"); +mixin(DECLARE_ASN1_FUNCTIONS!"OCSP_CERTID"); +mixin(DECLARE_ASN1_FUNCTIONS!"OCSP_REQUEST"); +mixin(DECLARE_ASN1_FUNCTIONS!"OCSP_SIGNATURE"); +mixin(DECLARE_ASN1_FUNCTIONS!"OCSP_REQINFO"); +mixin(DECLARE_ASN1_FUNCTIONS!"OCSP_CRLID"); +mixin(DECLARE_ASN1_FUNCTIONS!"OCSP_SERVICELOC"); + +const(char)* OCSP_response_status_str(c_long s); +const(char)* OCSP_cert_status_str(c_long s); +const(char)* OCSP_crl_reason_str(c_long s); + +int OCSP_REQUEST_print(BIO* bp, OCSP_REQUEST* a, c_ulong flags); +int OCSP_RESPONSE_print(BIO* bp, OCSP_RESPONSE* o, c_ulong flags); + +int OCSP_basic_verify(OCSP_BASICRESP* bs, STACK_OF!(X509) *certs, + X509_STORE* st, c_ulong flags); + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_OCSP_strings(); + +/* Error codes for the OCSP functions. */ + +/* Function codes. */ +enum OCSP_F_ASN1_STRING_ENCODE = 100; +enum OCSP_F_D2I_OCSP_NONCE = 102; +enum OCSP_F_OCSP_BASIC_ADD1_STATUS = 103; +enum OCSP_F_OCSP_BASIC_SIGN = 104; +enum OCSP_F_OCSP_BASIC_VERIFY = 105; +enum OCSP_F_OCSP_CERT_ID_NEW = 101; +enum OCSP_F_OCSP_CHECK_DELEGATED = 106; +enum OCSP_F_OCSP_CHECK_IDS = 107; +enum OCSP_F_OCSP_CHECK_ISSUER = 108; +enum OCSP_F_OCSP_CHECK_VALIDITY = 115; +enum OCSP_F_OCSP_MATCH_ISSUERID = 109; +enum OCSP_F_OCSP_PARSE_URL = 114; +enum OCSP_F_OCSP_REQUEST_SIGN = 110; +enum OCSP_F_OCSP_REQUEST_VERIFY = 116; +enum OCSP_F_OCSP_RESPONSE_GET1_BASIC = 111; +enum OCSP_F_OCSP_SENDREQ_BIO = 112; +enum OCSP_F_OCSP_SENDREQ_NBIO = 117; +enum OCSP_F_PARSE_HTTP_LINE1 = 118; +enum OCSP_F_REQUEST_VERIFY = 113; + +/* Reason codes. */ +enum OCSP_R_BAD_DATA = 100; +enum OCSP_R_CERTIFICATE_VERIFY_ERROR = 101; +enum OCSP_R_DIGEST_ERR = 102; +enum OCSP_R_ERROR_IN_NEXTUPDATE_FIELD = 122; +enum OCSP_R_ERROR_IN_THISUPDATE_FIELD = 123; +enum OCSP_R_ERROR_PARSING_URL = 121; +enum OCSP_R_MISSING_OCSPSIGNING_USAGE = 103; +enum OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE = 124; +enum OCSP_R_NOT_BASIC_RESPONSE = 104; +enum OCSP_R_NO_CERTIFICATES_IN_CHAIN = 105; +enum OCSP_R_NO_CONTENT = 106; +enum OCSP_R_NO_PUBLIC_KEY = 107; +enum OCSP_R_NO_RESPONSE_DATA = 108; +enum OCSP_R_NO_REVOKED_TIME = 109; +enum OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE = 110; +enum OCSP_R_REQUEST_NOT_SIGNED = 128; +enum OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA = 111; +enum OCSP_R_ROOT_CA_NOT_TRUSTED = 112; +enum OCSP_R_SERVER_READ_ERROR = 113; +enum OCSP_R_SERVER_RESPONSE_ERROR = 114; +enum OCSP_R_SERVER_RESPONSE_PARSE_ERROR = 115; +enum OCSP_R_SERVER_WRITE_ERROR = 116; +enum OCSP_R_SIGNATURE_FAILURE = 117; +enum OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND = 118; +enum OCSP_R_STATUS_EXPIRED = 125; +enum OCSP_R_STATUS_NOT_YET_VALID = 126; +enum OCSP_R_STATUS_TOO_OLD = 127; +enum OCSP_R_UNKNOWN_MESSAGE_DIGEST = 119; +enum OCSP_R_UNKNOWN_NID = 120; +enum OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE = 129; diff --git a/deimos/openssl/opensslconf.d b/deimos/openssl/opensslconf.d new file mode 100644 index 0000000..51644a8 --- /dev/null +++ b/deimos/openssl/opensslconf.d @@ -0,0 +1,233 @@ +/* opensslconf.h */ +/* WARNING: Generated automatically from opensslconf.h.in by Configure. */ +module deimos.openssl.opensslconf; + +import deimos.openssl._d_util; + +/* OpenSSL was configured with the following options: */ +// FIXME: How should these be handled? +/+#ifndef OPENSSL_DOING_MAKEDEPEND + +#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 +# define OPENSSL_NO_EC_NISTP_64_GCC_128 +#endif +#ifndef OPENSSL_NO_GMP +# define OPENSSL_NO_GMP +#endif +#ifndef OPENSSL_NO_JPAKE +# define OPENSSL_NO_JPAKE +#endif +#ifndef OPENSSL_NO_KRB5 +# define OPENSSL_NO_KRB5 +#endif +#ifndef OPENSSL_NO_MD2 +# define OPENSSL_NO_MD2 +#endif +#ifndef OPENSSL_NO_RC5 +# define OPENSSL_NO_RC5 +#endif +#ifndef OPENSSL_NO_RFC3779 +# define OPENSSL_NO_RFC3779 +#endif +#ifndef OPENSSL_NO_SCTP +# define OPENSSL_NO_SCTP +#endif +#ifndef OPENSSL_NO_STORE +# define OPENSSL_NO_STORE +#endif + +#endif /* OPENSSL_DOING_MAKEDEPEND */ + +#ifndef OPENSSL_NO_DYNAMIC_ENGINE +# define OPENSSL_NO_DYNAMIC_ENGINE +#endif + +/* The OPENSSL_NO_* macros are also defined as NO_* if the application + asks for it. This is a transient feature that is provided for those + who haven't had the time to do the appropriate changes in their + applications. */ +#ifdef OPENSSL_ALGORITHM_DEFINES +# if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128) +# define NO_EC_NISTP_64_GCC_128 +# endif +# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP) +# define NO_GMP +# endif +# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE) +# define NO_JPAKE +# endif +# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5) +# define NO_KRB5 +# endif +# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2) +# define NO_MD2 +# endif +# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5) +# define NO_RC5 +# endif +# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779) +# define NO_RFC3779 +# endif +# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP) +# define NO_SCTP +# endif +# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE) +# define NO_STORE +# endif +#endif ++/ +/* crypto/opensslconf.h.in */ + +/* Generate 80386 code? */ +/+#undef I386_ONLY + +#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ +#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) +enum ENGINESDIR = "/usr/local/ssl/lib/engines"; +enum OPENSSLDIR = "/usr/local/ssl"; +#endif +#endif + +#undef OPENSSL_UNISTD +#define OPENSSL_UNISTD + +#undef OPENSSL_EXPORT_VAR_AS_FUNCTION ++/ +// #if defined(HEADER_IDEA_H) && !defined(IDEA_INT) +alias uint IDEA_INT; +// #endif + +// #if defined(HEADER_MD2_H) && !defined(MD2_INT) +alias uint MD2_INT; +// #endif + +// #if defined(HEADER_RC2_H) && !defined(RC2_INT) +/* I need to put in a mod for the alpha - eay */ +alias uint RC2_INT; +// #endif + +// #if defined(HEADER_RC4_H) +// #if !defined(RC4_INT) +/* using int types make the structure larger but make the code faster + * on most boxes I have tested - up to %20 faster. */ +/* + * I don't know what does "most" mean, but declaring "int" is a must on: + * - Intel P6 because partial register stalls are very expensive; + * - elder Alpha because it lacks byte load/store instructions; + */ +alias uint RC4_INT; +// #endif +/+#if !defined(RC4_CHUNK) +/* + * This enables code handling data aligned at natural CPU word + * boundary. See crypto/rc4/rc4_enc.c for further details. + */ +#undef RC4_CHUNK +#endif+/ +// #endif + +// #if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG) +/* If this is set to 'uint' on a DEC Alpha, this gives about a + * %20 speed up (longs are 8 bytes, int's are 4). */ +// #ifndef DES_LONG +alias c_ulong DES_LONG; +// #endif +// #endif + +/+ +#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) +#define CONFIG_HEADER_BN_H +#undef BN_LLONG + +/* Should we define BN_DIV2W here? */ + +/* Only one for the following should be defined */ +#undef SIXTY_FOUR_BIT_LONG +#undef SIXTY_FOUR_BIT +#define THIRTY_TWO_BIT +#endif + +#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H) +#define CONFIG_HEADER_RC4_LOCL_H +/* if this is defined data[i] is used instead of* data, this is a %20 + * speedup on x86 */ +#undef RC4_INDEX +#endif + +#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) +#define CONFIG_HEADER_BF_LOCL_H +#undef BF_PTR +#endif /* HEADER_BF_LOCL_H */ + +#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H) +#define CONFIG_HEADER_DES_LOCL_H +#ifndef DES_DEFAULT_OPTIONS +/* the following is tweaked from a config script, that is why it is a + * protected undef/define */ +#ifndef DES_PTR +#undef DES_PTR +#endif + +/* This helps C compiler generate the correct code for multiple functional + * units. It reduces register dependancies at the expense of 2 more + * registers */ +#ifndef DES_RISC1 +#undef DES_RISC1 +#endif + +#ifndef DES_RISC2 +#undef DES_RISC2 +#endif + +#if defined(DES_RISC1) && defined(DES_RISC2) +YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!! +#endif + +/* Unroll the inner loop, this sometimes helps, sometimes hinders. + * Very mucy CPU dependant */ +#ifndef DES_UNROLL +#undef DES_UNROLL +#endif + +/* These default values were supplied by + * Peter Gutman + * They are only used if nothing else has been defined */ +#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL) +/* Special defines which change the way the code is built depending on the + CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find + even newer MIPS CPU's, but at the moment one size fits all for + optimization options. Older Sparc's work better with only UNROLL, but + there's no way to tell at compile time what it is you're running on */ + +#if defined( sun ) /* Newer Sparc's */ +# define DES_PTR +# define DES_RISC1 +# define DES_UNROLL +#elif defined( __ultrix ) /* Older MIPS */ +# define DES_PTR +# define DES_RISC2 +# define DES_UNROLL +#elif defined( __osf1__ ) /* Alpha */ +# define DES_PTR +# define DES_RISC2 +#elif defined ( _AIX ) /* RS6000 */ + /* Unknown */ +#elif defined( __hpux ) /* HP-PA */ + /* Unknown */ +#elif defined( __aux ) /* 68K */ + /* Unknown */ +#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */ +# define DES_UNROLL +#elif defined( __sgi ) /* Newer MIPS */ +# define DES_PTR +# define DES_RISC2 +# define DES_UNROLL +#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */ +# define DES_PTR +# define DES_RISC1 +# define DES_UNROLL +#endif /* Systems-specific speed defines */ +#endif + +#endif /* DES_DEFAULT_OPTIONS */ ++/ diff --git a/deimos/openssl/opensslv.d b/deimos/openssl/opensslv.d new file mode 100644 index 0000000..5891c62 --- /dev/null +++ b/deimos/openssl/opensslv.d @@ -0,0 +1,113 @@ +module deimos.openssl.opensslv; + +import deimos.openssl._d_util; + +/* Numeric release version identifier: + * MNNFFPPS: major minor fix patch status + * The status nibble has one of the values 0 for development, 1 to e for betas + * 1 to 14, and f for release. The patch level is exactly that. + * For example: + * 0.9.3-dev 0x00903000 + * 0.9.3-beta1 0x00903001 + * 0.9.3-beta2-dev 0x00903002 + * 0.9.3-beta2 0x00903002 (same as ...beta2-dev) + * 0.9.3 0x0090300f + * 0.9.3a 0x0090301f + * 0.9.4 0x0090400f + * 1.2.3z 0x102031af + * + * For continuity reasons (because 0.9.5 is already out, and is coded + * 0x00905100), between 0.9.5 and 0.9.6 the coding of the patch level + * part is slightly different, by setting the highest bit. This means + * that 0.9.5a looks like this: 0x0090581f. At 0.9.6, we can start + * with 0x0090600S... + * + * (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.) + * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for + * major minor fix final patch/beta) + */ + +/* Version macros for compile-time API version detection */ +enum +{ + OPENSSL_VERSION_MAJOR = 1, + OPENSSL_VERSION_MINOR = 1, + OPENSSL_VERSION_PATCH = 0, + OPENSSL_VERSION_BUILD = 'h' - '`' +} + +int OPENSSL_MAKE_VERSION(int major, int minor, int patch, int build) +{ + return (major << 28) | (minor << 20) | (patch << 12) | (build << 4) | 0xf; +} + +enum OPENSSL_VERSION_NUMBER = + OPENSSL_MAKE_VERSION(OPENSSL_VERSION_MAJOR, OPENSSL_VERSION_MINOR, OPENSSL_VERSION_PATCH, OPENSSL_VERSION_BUILD); + +bool OPENSSL_VERSION_AT_LEAST(int major, int minor, int patch = 0, int build = 0) +{ + return OPENSSL_VERSION_NUMBER >= OPENSSL_MAKE_VERSION(major, minor, patch, build); +} + +bool OPENSSL_VERSION_BEFORE(int major, int minor, int patch = 0, int build = 0) +{ + return OPENSSL_VERSION_NUMBER < OPENSSL_MAKE_VERSION(major, minor, patch, build); +} + +version (OPENSSL_FIPS) { +enum OPENSSL_VERSION_TEXT = "OpenSSL 1.1.0h-fips 27 Mar 2018"; +} else { +enum OPENSSL_VERSION_TEXT = "OpenSSL 1.1.0h 27 Mar 2018"; +} +enum OPENSSL_VERSION_PTEXT = " part of " ~ OPENSSL_VERSION_TEXT; + +/* The macros below are to be used for shared library (.so, .dll, ...) + * versioning. That kind of versioning works a bit differently between + * operating systems. The most usual scheme is to set a major and a minor + * number, and have the runtime loader check that the major number is equal + * to what it was at application link time, while the minor number has to + * be greater or equal to what it was at application link time. With this + * scheme, the version number is usually part of the file name, like this: + * + * libcrypto.so.0.9 + * + * Some unixen also make a softlink with the major version number only: + * + * libcrypto.so.0 + * + * On Tru64 and IRIX 6.x it works a little bit differently. There, the + * shared library version is stored in the file, and is actually a series + * of versions, separated by colons. The rightmost version present in the + * library when linking an application is stored in the application to be + * matched at run time. When the application is run, a check is done to + * see if the library version stored in the application matches any of the + * versions in the version string of the library itself. + * This version string can be constructed in any way, depending on what + * kind of matching is desired. However, to implement the same scheme as + * the one used in the other unixen, all compatible versions, from lowest + * to highest, should be part of the string. Consecutive builds would + * give the following versions strings: + * + * 3.0 + * 3.0:3.1 + * 3.0:3.1:3.2 + * 4.0 + * 4.0:4.1 + * + * Notice how version 4 is completely incompatible with version, and + * therefore give the breach you can see. + * + * There may be other schemes as well that I haven't yet discovered. + * + * So, here's the way it works here: first of all, the library version + * number doesn't need at all to match the overall OpenSSL version. + * However, it's nice and more understandable if it actually does. + * The current library version is stored in the macro SHLIB_VERSION_NUMBER, + * which is just a piece of text in the format "M.m.e" (Major, minor, edit). + * For the sake of Tru64, IRIX, and any other OS that behaves in similar ways, + * we need to keep a history of version numbers, which is done in the + * macro SHLIB_VERSION_HISTORY. The numbers are separated by colons and + * should only keep the versions that are binary compatible with the current. + */ +enum SHLIB_VERSION_HISTORY = ""; +enum SHLIB_VERSION_NUMBER = "1.0.0"; diff --git a/deimos/openssl/ossl_typ.d b/deimos/openssl/ossl_typ.d new file mode 100644 index 0000000..3030f36 --- /dev/null +++ b/deimos/openssl/ossl_typ.d @@ -0,0 +1,242 @@ +/* ==================================================================== + * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +module deimos.openssl.ossl_typ; + +import deimos.openssl._d_util; + +public import deimos.openssl.e_os2; + +version (NO_ASN1_TYPEDEFS) { +alias ASN1_STRING ASN1_INTEGER; +alias ASN1_STRING ASN1_ENUMERATED; +alias ASN1_STRING ASN1_BIT_STRING; +alias ASN1_STRING ASN1_OCTET_STRING; +alias ASN1_STRING ASN1_PRINTABLESTRING; +alias ASN1_STRING ASN1_T61STRING; +alias ASN1_STRING ASN1_IA5STRING; +alias ASN1_STRING ASN1_UTCTIME; +alias ASN1_STRING ASN1_GENERALIZEDTIME; +alias ASN1_STRING ASN1_TIME; +alias ASN1_STRING ASN1_GENERALSTRING; +alias ASN1_STRING ASN1_UNIVERSALSTRING; +alias ASN1_STRING ASN1_BMPSTRING; +alias ASN1_STRING ASN1_VISIBLESTRING; +alias ASN1_STRING ASN1_UTF8STRING; +alias int ASN1_BOOLEAN; +alias int ASN1_NULL; +} else { +import deimos.openssl.asn1; +alias asn1_string_st ASN1_INTEGER; +alias asn1_string_st ASN1_ENUMERATED; +alias asn1_string_st ASN1_BIT_STRING; +alias asn1_string_st ASN1_OCTET_STRING; +alias asn1_string_st ASN1_PRINTABLESTRING; +alias asn1_string_st ASN1_T61STRING; +alias asn1_string_st ASN1_IA5STRING; +alias asn1_string_st ASN1_GENERALSTRING; +alias asn1_string_st ASN1_UNIVERSALSTRING; +alias asn1_string_st ASN1_BMPSTRING; +alias asn1_string_st ASN1_UTCTIME; +alias asn1_string_st ASN1_TIME; +alias asn1_string_st ASN1_GENERALIZEDTIME; +alias asn1_string_st ASN1_VISIBLESTRING; +alias asn1_string_st ASN1_UTF8STRING; +alias asn1_string_st ASN1_STRING; +alias int ASN1_BOOLEAN; +alias int ASN1_NULL; +} + +import deimos.openssl.asn1t; +alias ASN1_ITEM_st ASN1_ITEM; + +struct asn1_pctx_st; +alias asn1_pctx_st ASN1_PCTX; + +//#ifdef OPENSSL_SYS_WIN32 +//#undef X509_NAME +//#undef X509_EXTENSIONS +//#undef X509_CERT_PAIR +//#undef PKCS7_ISSUER_AND_SERIAL +//#undef OCSP_REQUEST +//#undef OCSP_RESPONSE +//#endif + +//#ifdef BIGNUM +//#undef BIGNUM +//#endif +import deimos.openssl.bn; +alias bignum_st BIGNUM; +struct bignum_ctx; +alias bignum_ctx BN_CTX; +struct bn_blinding_st; +alias bn_blinding_st BN_BLINDING; +alias bn_mont_ctx_st BN_MONT_CTX; +alias bn_recp_ctx_st BN_RECP_CTX; +alias bn_gencb_st BN_GENCB; + +import deimos.openssl.buffer; +alias buf_mem_st BUF_MEM; + +import deimos.openssl.evp; +alias evp_cipher_st EVP_CIPHER; +alias evp_cipher_ctx_st EVP_CIPHER_CTX; +alias env_md_st EVP_MD; +alias env_md_ctx_st EVP_MD_CTX; +alias evp_pkey_st EVP_PKEY; + +struct evp_pkey_asn1_method_st; +alias evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD; +struct evp_pkey_method_st; +alias evp_pkey_method_st EVP_PKEY_METHOD; +struct evp_pkey_ctx_st; +alias evp_pkey_ctx_st EVP_PKEY_CTX; + +import deimos.openssl.dh; +/*struct dh_st;*/ +alias dh_st DH; +/*struct dh_method;*/ +alias dh_method DH_METHOD; + +import deimos.openssl.dsa; +/*struct dsa_st;*/ +alias dsa_st DSA; +/*struct dsa_method;*/ +alias dsa_method DSA_METHOD; + +import deimos.openssl.rsa; +/*struct rsa_st;*/ +alias rsa_st RSA; +/*struct rsa_meth_st;*/ +alias rsa_meth_st RSA_METHOD; + +import deimos.openssl.rand; +alias rand_meth_st RAND_METHOD; + +struct ecdh_method; +alias ecdh_method ECDH_METHOD; +struct ecdsa_method; +alias ecdsa_method ECDSA_METHOD; + +import deimos.openssl.x509; +import deimos.openssl.x509_vfy; +alias x509_st X509; +alias X509_algor_st X509_ALGOR; +alias X509_crl_st X509_CRL; +struct x509_crl_method_st; +alias x509_crl_method_st X509_CRL_METHOD; +alias x509_revoked_st X509_REVOKED; +alias X509_name_st X509_NAME; +alias X509_pubkey_st X509_PUBKEY; +alias x509_store_st X509_STORE; +/*struct x509_store_ctx_st;*/ +alias x509_store_ctx_st X509_STORE_CTX; +alias pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO; + +import deimos.openssl.x509v3; +alias v3_ext_ctx X509V3_CTX; +import deimos.openssl.conf; +alias conf_st CONF; + +struct store_st; +alias store_st STORE; +struct store_method_st; +alias store_method_st STORE_METHOD; + +struct ui_st; +alias ui_st UI; +struct ui_method_st; +alias ui_method_st UI_METHOD; + +struct st_ERR_FNS; +alias st_ERR_FNS ERR_FNS; + +struct engine_st; +alias engine_st ENGINE; + +struct X509_POLICY_NODE_st; +alias X509_POLICY_NODE_st X509_POLICY_NODE; +struct X509_POLICY_LEVEL_st; +alias X509_POLICY_LEVEL_st X509_POLICY_LEVEL; +struct X509_POLICY_TREE_st; +alias X509_POLICY_TREE_st X509_POLICY_TREE; +struct X509_POLICY_CACHE_st; +alias X509_POLICY_CACHE_st X509_POLICY_CACHE; + +alias AUTHORITY_KEYID_st AUTHORITY_KEYID; +alias DIST_POINT_st DIST_POINT; +alias ISSUING_DIST_POINT_st ISSUING_DIST_POINT; +alias NAME_CONSTRAINTS_st NAME_CONSTRAINTS; + + /* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */ +mixin template DECLARE_PKCS12_STACK_OF (type) { /* Nothing */ } +//#define IMPLEMENT_PKCS12_STACK_OF!(type) /* Nothing */ + +import deimos.openssl.crypto; +alias crypto_ex_data_st CRYPTO_EX_DATA; +/* Callback types for crypto.h */ +alias typeof(*(ExternC!(int function(void* parent, void* ptr, CRYPTO_EX_DATA* ad, + int idx, c_long argl, void* argp))).init) CRYPTO_EX_new; +alias typeof(*(ExternC!(void function(void* parent, void* ptr, CRYPTO_EX_DATA* ad, + int idx, c_long argl, void* argp))).init) CRYPTO_EX_free; +alias typeof(*(ExternC!(int function(CRYPTO_EX_DATA* to, CRYPTO_EX_DATA* from, void* from_d, + int idx, c_long argl, void* argp))).init) CRYPTO_EX_dup; + +import deimos.openssl.ocsp; +struct ocsp_req_ctx_st; +alias ocsp_req_ctx_st OCSP_REQ_CTX; +/*struct ocsp_response_st;*/ +alias ocsp_response_st OCSP_RESPONSE; +/*struct ocsp_responder_id_st;*/ +alias ocsp_responder_id_st OCSP_RESPID; diff --git a/deimos/openssl/pem.d b/deimos/openssl/pem.d new file mode 100644 index 0000000..8065996 --- /dev/null +++ b/deimos/openssl/pem.d @@ -0,0 +1,650 @@ +/* crypto/pem/pem.h */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.pem; + +import deimos.openssl._d_util; + +import deimos.openssl.pkcs7; // Needed for PKCS7. + +public import deimos.openssl.e_os2; +version(OPENSSL_NO_BIO) {} else { +public import deimos.openssl.bio; +} +version(OPENSSL_NO_STACK) {} else { +public import deimos.openssl.stack; +} +public import deimos.openssl.evp; +public import deimos.openssl.x509; +public import deimos.openssl.pem2; + +extern (C): +nothrow: + +enum PEM_BUFSIZE = 1024; + +enum PEM_OBJ_UNDEF = 0; +enum PEM_OBJ_X509 = 1; +enum PEM_OBJ_X509_REQ = 2; +enum PEM_OBJ_CRL = 3; +enum PEM_OBJ_SSL_SESSION = 4; +enum PEM_OBJ_PRIV_KEY = 10; +enum PEM_OBJ_PRIV_RSA = 11; +enum PEM_OBJ_PRIV_DSA = 12; +enum PEM_OBJ_PRIV_DH = 13; +enum PEM_OBJ_PUB_RSA = 14; +enum PEM_OBJ_PUB_DSA = 15; +enum PEM_OBJ_PUB_DH = 16; +enum PEM_OBJ_DHPARAMS = 17; +enum PEM_OBJ_DSAPARAMS = 18; +enum PEM_OBJ_PRIV_RSA_PUBLIC = 19; +enum PEM_OBJ_PRIV_ECDSA = 20; +enum PEM_OBJ_PUB_ECDSA = 21; +enum PEM_OBJ_ECPARAMETERS = 22; + +enum PEM_ERROR = 30; +enum PEM_DEK_DES_CBC = 40; +enum PEM_DEK_IDEA_CBC = 45; +enum PEM_DEK_DES_EDE = 50; +enum PEM_DEK_DES_ECB = 60; +enum PEM_DEK_RSA = 70; +enum PEM_DEK_RSA_MD2 = 80; +enum PEM_DEK_RSA_MD5 = 90; + +alias NID_md2 PEM_MD_MD2; +alias NID_md5 PEM_MD_MD5; +alias NID_sha PEM_MD_SHA; +alias NID_md2WithRSAEncryption PEM_MD_MD2_RSA; +alias NID_md5WithRSAEncryption PEM_MD_MD5_RSA; +alias NID_sha1WithRSAEncryption PEM_MD_SHA_RSA; + +enum PEM_STRING_X509_OLD = "X509 CERTIFICATE"; +enum PEM_STRING_X509 = "CERTIFICATE"; +enum PEM_STRING_X509_PAIR = "CERTIFICATE PAIR"; +enum PEM_STRING_X509_TRUSTED = "TRUSTED CERTIFICATE"; +enum PEM_STRING_X509_REQ_OLD = "NEW CERTIFICATE REQUEST"; +enum PEM_STRING_X509_REQ = "CERTIFICATE REQUEST"; +enum PEM_STRING_X509_CRL = "X509 CRL"; +enum PEM_STRING_EVP_PKEY = "ANY PRIVATE KEY"; +enum PEM_STRING_PUBLIC = "PUBLIC KEY"; +enum PEM_STRING_RSA = "RSA PRIVATE KEY"; +enum PEM_STRING_RSA_PUBLIC = "RSA PUBLIC KEY"; +enum PEM_STRING_DSA = "DSA PRIVATE KEY"; +enum PEM_STRING_DSA_PUBLIC = "DSA PUBLIC KEY"; +enum PEM_STRING_PKCS7 = "PKCS7"; +enum PEM_STRING_PKCS7_SIGNED = "PKCS #7 SIGNED DATA"; +enum PEM_STRING_PKCS8 = "ENCRYPTED PRIVATE KEY"; +enum PEM_STRING_PKCS8INF = "PRIVATE KEY"; +enum PEM_STRING_DHPARAMS = "DH PARAMETERS"; +enum PEM_STRING_SSL_SESSION = "SSL SESSION PARAMETERS"; +enum PEM_STRING_DSAPARAMS = "DSA PARAMETERS"; +enum PEM_STRING_ECDSA_PUBLIC = "ECDSA PUBLIC KEY"; +enum PEM_STRING_ECPARAMETERS = "EC PARAMETERS"; +enum PEM_STRING_ECPRIVATEKEY = "EC PRIVATE KEY"; +enum PEM_STRING_PARAMETERS = "PARAMETERS"; +enum PEM_STRING_CMS = "CMS"; + + /* Note that this structure is initialised by PEM_SealInit and cleaned up + by PEM_SealFinal (at least for now) */ +struct PEM_Encode_Seal_st { + EVP_ENCODE_CTX encode; + EVP_MD_CTX md; + EVP_CIPHER_CTX cipher; + } +alias PEM_Encode_Seal_st PEM_ENCODE_SEAL_CTX; + +/* enc_type is one off */ +enum PEM_TYPE_ENCRYPTED = 10; +enum PEM_TYPE_MIC_ONLY = 20; +enum PEM_TYPE_MIC_CLEAR = 30; +enum PEM_TYPE_CLEAR = 40; + +struct pem_recip_st { + char* name; + X509_NAME* dn; + + int cipher; + int key_enc; + /* char iv[8]; unused and wrong size */ + } +alias pem_recip_st PEM_USER; + +struct pem_ctx_st + { + int type; /* what type of object */ + + struct proc_type_ { + int version_; + int mode; + } + proc_type_ proc_type; + + char* domain; + + struct DEK_info_{ + int cipher; + /* unused, and wrong size + ubyte[8] iv; */ + } + DEK_info_ DEK_info; + + PEM_USER* originator; + + int num_recipient; + PEM_USER** recipient; + + /* XXX(ben): don#t think this is used! + STACK* x509_chain; / * certificate chain */ + EVP_MD* md; /* signature type */ + + int md_enc; /* is the md encrypted or not? */ + int md_len; /* length of md_data */ + char* md_data; /* message digest, could be pkey encrypted */ + + EVP_CIPHER* dec; /* date encryption cipher */ + int key_len; /* key length */ + ubyte* key; /* key */ + /* unused, and wrong size + ubyte[8] iv; */ + + + int data_enc; /* is the data encrypted */ + int data_len; + ubyte* data; + } +alias pem_ctx_st PEM_CTX; + +/* These macros make the PEM_read/PEM_write functions easier to maintain and + * write. Now they are all implemented with either: + * IMPLEMENT_PEM_rw(...) or IMPLEMENT_PEM_rw_cb(...) + */ + +/+#ifdef OPENSSL_NO_FP_API + +#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/ +#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/ +#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) /**/ +#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/ +#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) /**/ + +#else + +#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \ +type* PEM_read_##name(FILE* fp, type** x, pem_password_cb* cb, void* u)\ +{ \ +return PEM_ASN1_read((d2i_of_void*)d2i_##asn1, str,fp,(void**)x,cb,u); \ +} + +#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \ +int PEM_write_##name(FILE* fp, type* x) \ +{ \ +return PEM_ASN1_write((i2d_of_void*)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \ +} + +#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \ +int PEM_write_##name(FILE* fp, const(type)* x) \ +{ \ +return PEM_ASN1_write((i2d_of_void*)i2d_##asn1,str,fp,(void*)x,NULL,NULL,0,NULL,NULL); \ +} + +#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \ +int PEM_write_##name(FILE* fp, type* x, const(EVP_CIPHER)* enc, \ + ubyte* kstr, int klen, pem_password_cb* cb, \ + void* u) \ + { \ + return PEM_ASN1_write((i2d_of_void*)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \ + } + +#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \ +int PEM_write_##name(FILE* fp, type* x, const(EVP_CIPHER)* enc, \ + ubyte* kstr, int klen, pem_password_cb* cb, \ + void* u) \ + { \ + return PEM_ASN1_write((i2d_of_void*)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \ + } + +#endif + +#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ +type* PEM_read_bio_##name(BIO* bp, type** x, pem_password_cb* cb, void* u)\ +{ \ +return PEM_ASN1_read_bio((d2i_of_void*)d2i_##asn1, str,bp,(void**)x,cb,u); \ +} + +#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ +int PEM_write_bio_##name(BIO* bp, type* x) \ +{ \ +return PEM_ASN1_write_bio((i2d_of_void*)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \ +} + +#define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ +int PEM_write_bio_##name(BIO* bp, const(type)* x) \ +{ \ +return PEM_ASN1_write_bio((i2d_of_void*)i2d_##asn1,str,bp,(void*)x,NULL,NULL,0,NULL,NULL); \ +} + +#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ +int PEM_write_bio_##name(BIO* bp, type* x, const(EVP_CIPHER)* enc, \ + ubyte* kstr, int klen, pem_password_cb* cb, void* u) \ + { \ + return PEM_ASN1_write_bio((i2d_of_void*)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \ + } + +#define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ +int PEM_write_bio_##name(BIO* bp, type* x, const(EVP_CIPHER)* enc, \ + ubyte* kstr, int klen, pem_password_cb* cb, void* u) \ + { \ + return PEM_ASN1_write_bio((i2d_of_void*)i2d_##asn1,str,bp,(void*)x,enc,kstr,klen,cb,u); \ + } + +#define IMPLEMENT_PEM_write(name, type, str, asn1) \ + IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ + IMPLEMENT_PEM_write_fp(name, type, str, asn1) + +#define IMPLEMENT_PEM_write_const(name, type, str, asn1) \ + IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \ + IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) + +#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \ + IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ + IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) + +#define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \ + IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \ + IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) + +#define IMPLEMENT_PEM_read(name, type, str, asn1) \ + IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ + IMPLEMENT_PEM_read_fp(name, type, str, asn1) + +#define IMPLEMENT_PEM_rw(name, type, str, asn1) \ + IMPLEMENT_PEM_read(name, type, str, asn1) \ + IMPLEMENT_PEM_write(name, type, str, asn1) + +#define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \ + IMPLEMENT_PEM_read(name, type, str, asn1) \ + IMPLEMENT_PEM_write_const(name, type, str, asn1) + +#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \ + IMPLEMENT_PEM_read(name, type, str, asn1) \ + IMPLEMENT_PEM_write_cb(name, type, str, asn1) ++/ + +/* These are the same except they are for the declarations */ + +version (OPENSSL_NO_FP_API) { + string DECLARE_PEM_read_fp(string name, string type)() { return ""; } + string DECLARE_PEM_read_fp(string name, string type)() { return ""; } + string DECLARE_PEM_write_fp(string name, string type)() { return ""; } + string DECLARE_PEM_write_fp_const(string name, string type)() { return ""; } + string DECLARE_PEM_write_cb_fp(string name, string type)() { return ""; } +} else { + string DECLARE_PEM_read_fp(string name, string type)() { + return type ~ "* PEM_read_" ~ name ~ "(FILE* fp, " ~ type ~ "** x, pem_password_cb* cb, void* u);"; + } + + string DECLARE_PEM_write_fp(string name, string type)() { + return "int PEM_write_" ~ name ~ "(FILE* fp, " ~ type ~ "* x);"; + } + + string DECLARE_PEM_write_fp_const(string name, string type)() { + return "int PEM_write_" ~ name ~ "(FILE* fp, const(" ~ type ~ ")* x);"; + } + + string DECLARE_PEM_write_cb_fp(string name, string type)() { + return "int PEM_write_" ~ name ~ "(FILE* fp, " ~ type ~ "* x, const(EVP_CIPHER)* enc, + ubyte* kstr, int klen, pem_password_cb* cb, void* u);"; + } + +} + +version (OPENSSL_NO_BIO) { + string DECLARE_PEM_read_bio(string name, string type)() { return ""; } + string DECLARE_PEM_write_bio(string name, string type)() { return ""; } + string DECLARE_PEM_write_bio_const(string name, string type)() { return ""; } + string DECLARE_PEM_write_cb_bio(string name, string type)() { return ""; } +} else { + string DECLARE_PEM_read_bio(string name, string type)() { + return type ~ "* PEM_read_bio_" ~ name ~ "(BIO* bp, " ~ type ~ "** x, pem_password_cb* cb, void* u);"; + } + + string DECLARE_PEM_write_bio(string name, string type)() { + return "int PEM_write_bio_" ~ name ~ "(BIO* bp, " ~ type ~ "* x);"; + } + + string DECLARE_PEM_write_bio_const(string name, string type)() { + return "int PEM_write_bio_" ~ name ~ "(BIO* bp, const(" ~ type ~ ")* x);"; + } + + string DECLARE_PEM_write_cb_bio(string name, string type)() { + return "int PEM_write_bio_" ~ name ~ "(BIO* bp, " ~ type ~ "* x, const(EVP_CIPHER)* enc, + ubyte* kstr, int klen, pem_password_cb* cb, void* u);"; + } +} + +string DECLARE_PEM_write(string name, string type)() { + return DECLARE_PEM_write_bio!(name, type)() ~ "\n" ~ + DECLARE_PEM_write_fp!(name, type)(); +} + +string DECLARE_PEM_write_const(string name, string type)() { + return DECLARE_PEM_write_bio_const!(name, type)() ~ "\n" ~ + DECLARE_PEM_write_fp_const!(name, type)(); +} + +string DECLARE_PEM_write_cb(string name, string type)() { + return DECLARE_PEM_write_cb_bio!(name, type)() ~ "\n" ~ + DECLARE_PEM_write_cb_fp!(name, type)(); +} + +string DECLARE_PEM_read(string name, string type)() { + return DECLARE_PEM_read_bio!(name, type)() ~ "\n" ~ + DECLARE_PEM_read_fp!(name, type)(); +} + +string DECLARE_PEM_rw(string name, string type)() { + return DECLARE_PEM_read!(name, type)() ~ "\n" ~ + DECLARE_PEM_write!(name, type)(); +} + +string DECLARE_PEM_rw_const(string name, string type)() { + return DECLARE_PEM_read!(name, type)() ~ "\n" ~ + DECLARE_PEM_write_const!(name, type)(); +} + +string DECLARE_PEM_rw_cb(string name, string type)() { + return DECLARE_PEM_read!(name, type)() ~ "\n" ~ + DECLARE_PEM_write_cb!(name, type)(); +} + +version (all) { +/* "userdata": new with OpenSSL 0.9.4 */ +alias typeof(*(ExternC!(int function(char* buf, int size, int rwflag, void* userdata))).init) pem_password_cb; +} else { +/* OpenSSL 0.9.3, 0.9.3a */ +alias typeof(*(ExternC!(int function(char* buf, int size, int rwflag))).init) pem_password_cb; +} + +int PEM_get_EVP_CIPHER_INFO(char* header, EVP_CIPHER_INFO* cipher); +int PEM_do_header (EVP_CIPHER_INFO* cipher, ubyte* data,c_long* len, + pem_password_cb* callback,void* u); + +version(OPENSSL_NO_BIO) {} else { +int PEM_read_bio(BIO* bp, char** name, char** header, + ubyte** data,c_long* len); +int PEM_write_bio(BIO* bp,const(char)* name,char* hdr,ubyte* data, + c_long len); +int PEM_bytes_read_bio(ubyte** pdata, c_long* plen, char** pnm, const(char)* name, BIO* bp, + pem_password_cb* cb, void* u); +void* PEM_ASN1_read_bio(d2i_of_void* d2i, const(char)* name, BIO* bp, + void** x, pem_password_cb* cb, void* u); +int PEM_ASN1_write_bio(i2d_of_void* i2d, const(char)* name,BIO* bp, void* x, + const(EVP_CIPHER)* enc,ubyte* kstr,int klen, + pem_password_cb* cb, void* u); + +STACK_OF!(X509_INFO) * PEM_X509_INFO_read_bio(BIO* bp, STACK_OF!(X509_INFO) *sk, pem_password_cb* cb, void* u); +int PEM_X509_INFO_write_bio(BIO* bp,X509_INFO* xi, EVP_CIPHER* enc, + ubyte* kstr, int klen, pem_password_cb* cd, void* u); +} + +int PEM_read(FILE* fp, char** name, char** header, + ubyte** data,c_long* len); +int PEM_write(FILE* fp,char* name,char* hdr,ubyte* data,c_long len); +void* PEM_ASN1_read(d2i_of_void* d2i, const(char)* name, FILE* fp, void** x, + pem_password_cb* cb, void* u); +int PEM_ASN1_write(i2d_of_void* i2d,const(char)* name,FILE* fp, + void* x,const(EVP_CIPHER)* enc,ubyte* kstr, + int klen,pem_password_cb* callback, void* u); +STACK_OF!(X509_INFO) * PEM_X509_INFO_read(FILE* fp, STACK_OF!(X509_INFO) *sk, + pem_password_cb* cb, void* u); + +int PEM_SealInit(PEM_ENCODE_SEAL_CTX* ctx, EVP_CIPHER* type, + EVP_MD* md_type, ubyte** ek, int* ekl, + ubyte* iv, EVP_PKEY** pubk, int npubk); +void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX* ctx, ubyte* out_, int* outl, + ubyte* in_, int inl); +int PEM_SealFinal(PEM_ENCODE_SEAL_CTX* ctx, ubyte* sig,int* sigl, + ubyte* out_, int* outl, EVP_PKEY* priv); + +void PEM_SignInit(EVP_MD_CTX* ctx, EVP_MD* type); +void PEM_SignUpdate(EVP_MD_CTX* ctx,ubyte* d,uint cnt); +int PEM_SignFinal(EVP_MD_CTX* ctx, ubyte* sigret, + uint* siglen, EVP_PKEY* pkey); + +int PEM_def_callback(char* buf, int num, int w, void* key); +void PEM_proc_type(char* buf, int type); +void PEM_dek_info(char* buf, const(char)* type, int len, char* str); + + +public import deimos.openssl.symhacks; + +mixin(DECLARE_PEM_rw!("X509", "X509")()); + +mixin(DECLARE_PEM_rw!("X509_AUX", "X509")()); + +mixin(DECLARE_PEM_rw!("X509_CERT_PAIR", "X509_CERT_PAIR")()); + +mixin(DECLARE_PEM_rw!("X509_REQ", "X509_REQ")()); +mixin(DECLARE_PEM_write!("X509_REQ_NEW", "X509_REQ")()); + +mixin(DECLARE_PEM_rw!("X509_CRL", "X509_CRL")()); + +mixin(DECLARE_PEM_rw!("PKCS7", "PKCS7")()); + +mixin(DECLARE_PEM_rw!("NETSCAPE_CERT_SEQUENCE", "NETSCAPE_CERT_SEQUENCE")()); + +mixin(DECLARE_PEM_rw!("PKCS8", "X509_SIG")()); + +mixin(DECLARE_PEM_rw!("PKCS8_PRIV_KEY_INFO", "PKCS8_PRIV_KEY_INFO")()); + +version(OPENSSL_NO_RSA) {} else { +mixin(DECLARE_PEM_rw_cb!("RSAPrivateKey", "RSA")()); + +mixin(DECLARE_PEM_rw_const!("RSAPublicKey", "RSA")()); +mixin(DECLARE_PEM_rw!("RSA_PUBKEY", "RSA")()); + +} + +version(OPENSSL_NO_DSA) {} else { +mixin(DECLARE_PEM_rw_cb!("DSAPrivateKey", "DSA")()); + +mixin(DECLARE_PEM_rw!("DSA_PUBKEY", "DSA")()); + +mixin(DECLARE_PEM_rw_const!("DSAparams", "DSA")()); + +} + +version(OPENSSL_NO_EC) {} else { +mixin(DECLARE_PEM_rw_const!("ECPKParameters", "EC_GROUP")()); +mixin(DECLARE_PEM_rw_cb!("ECPrivateKey", "EC_KEY")()); +mixin(DECLARE_PEM_rw!("EC_PUBKEY", "EC_KEY")()); +} + +version(OPENSSL_NO_DH) {} else { +mixin(DECLARE_PEM_rw_const!("DHparams", "DH")()); + +} + +mixin(DECLARE_PEM_rw_cb!("PrivateKey", "EVP_PKEY")()); + +mixin(DECLARE_PEM_rw!("PUBKEY", "EVP_PKEY")()); + +int PEM_write_bio_PKCS8PrivateKey_nid(BIO* bp, EVP_PKEY* x, int nid, + char* kstr, int klen, + pem_password_cb* cb, void* u); +int PEM_write_bio_PKCS8PrivateKey(BIO*, EVP_PKEY*, const(EVP_CIPHER)*, + char*, int, pem_password_cb*, void*); +int i2d_PKCS8PrivateKey_bio(BIO* bp, EVP_PKEY* x, const(EVP_CIPHER)* enc, + char* kstr, int klen, + pem_password_cb* cb, void* u); +int i2d_PKCS8PrivateKey_nid_bio(BIO* bp, EVP_PKEY* x, int nid, + char* kstr, int klen, + pem_password_cb* cb, void* u); +EVP_PKEY* d2i_PKCS8PrivateKey_bio(BIO* bp, EVP_PKEY** x, pem_password_cb* cb, void* u); + +int i2d_PKCS8PrivateKey_fp(FILE* fp, EVP_PKEY* x, const(EVP_CIPHER)* enc, + char* kstr, int klen, + pem_password_cb* cb, void* u); +int i2d_PKCS8PrivateKey_nid_fp(FILE* fp, EVP_PKEY* x, int nid, + char* kstr, int klen, + pem_password_cb* cb, void* u); +int PEM_write_PKCS8PrivateKey_nid(FILE* fp, EVP_PKEY* x, int nid, + char* kstr, int klen, + pem_password_cb* cb, void* u); + +EVP_PKEY* d2i_PKCS8PrivateKey_fp(FILE* fp, EVP_PKEY** x, pem_password_cb* cb, void* u); + +int PEM_write_PKCS8PrivateKey(FILE* fp,EVP_PKEY* x,const(EVP_CIPHER)* enc, + char* kstr,int klen, pem_password_cb* cd, void* u); + +EVP_PKEY* PEM_read_bio_Parameters(BIO* bp, EVP_PKEY** x); +int PEM_write_bio_Parameters(BIO* bp, EVP_PKEY* x); + + +EVP_PKEY* b2i_PrivateKey(const(ubyte)** in_, c_long length); +EVP_PKEY* b2i_PublicKey(const(ubyte)** in_, c_long length); +EVP_PKEY* b2i_PrivateKey_bio(BIO* in_); +EVP_PKEY* b2i_PublicKey_bio(BIO* in_); +int i2b_PrivateKey_bio(BIO* out_, EVP_PKEY* pk); +int i2b_PublicKey_bio(BIO* out_, EVP_PKEY* pk); +version(OPENSSL_NO_RC4) {} else { +EVP_PKEY* b2i_PVK_bio(BIO* in_, pem_password_cb* cb, void* u); +int i2b_PVK_bio(BIO* out_, EVP_PKEY* pk, int enclevel, + pem_password_cb* cb, void* u); +} + + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_PEM_strings(); + +/* Error codes for the PEM functions. */ + +/* Function codes. */ +enum PEM_F_B2I_DSS = 127; +enum PEM_F_B2I_PVK_BIO = 128; +enum PEM_F_B2I_RSA = 129; +enum PEM_F_CHECK_BITLEN_DSA = 130; +enum PEM_F_CHECK_BITLEN_RSA = 131; +enum PEM_F_D2I_PKCS8PRIVATEKEY_BIO = 120; +enum PEM_F_D2I_PKCS8PRIVATEKEY_FP = 121; +enum PEM_F_DO_B2I = 132; +enum PEM_F_DO_B2I_BIO = 133; +enum PEM_F_DO_BLOB_HEADER = 134; +enum PEM_F_DO_PK8PKEY = 126; +enum PEM_F_DO_PK8PKEY_FP = 125; +enum PEM_F_DO_PVK_BODY = 135; +enum PEM_F_DO_PVK_HEADER = 136; +enum PEM_F_I2B_PVK = 137; +enum PEM_F_I2B_PVK_BIO = 138; +enum PEM_F_LOAD_IV = 101; +enum PEM_F_PEM_ASN1_READ = 102; +enum PEM_F_PEM_ASN1_READ_BIO = 103; +enum PEM_F_PEM_ASN1_WRITE = 104; +enum PEM_F_PEM_ASN1_WRITE_BIO = 105; +enum PEM_F_PEM_DEF_CALLBACK = 100; +enum PEM_F_PEM_DO_HEADER = 106; +enum PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY = 118; +enum PEM_F_PEM_GET_EVP_CIPHER_INFO = 107; +enum PEM_F_PEM_PK8PKEY = 119; +enum PEM_F_PEM_READ = 108; +enum PEM_F_PEM_READ_BIO = 109; +enum PEM_F_PEM_READ_BIO_PARAMETERS = 140; +enum PEM_F_PEM_READ_BIO_PRIVATEKEY = 123; +enum PEM_F_PEM_READ_PRIVATEKEY = 124; +enum PEM_F_PEM_SEALFINAL = 110; +enum PEM_F_PEM_SEALINIT = 111; +enum PEM_F_PEM_SIGNFINAL = 112; +enum PEM_F_PEM_WRITE = 113; +enum PEM_F_PEM_WRITE_BIO = 114; +enum PEM_F_PEM_WRITE_PRIVATEKEY = 139; +enum PEM_F_PEM_X509_INFO_READ = 115; +enum PEM_F_PEM_X509_INFO_READ_BIO = 116; +enum PEM_F_PEM_X509_INFO_WRITE_BIO = 117; + +/* Reason codes. */ +enum PEM_R_BAD_BASE64_DECODE = 100; +enum PEM_R_BAD_DECRYPT = 101; +enum PEM_R_BAD_END_LINE = 102; +enum PEM_R_BAD_IV_CHARS = 103; +enum PEM_R_BAD_MAGIC_NUMBER = 116; +enum PEM_R_BAD_PASSWORD_READ = 104; +enum PEM_R_BAD_VERSION_NUMBER = 117; +enum PEM_R_BIO_WRITE_FAILURE = 118; +enum PEM_R_CIPHER_IS_NULL = 127; +enum PEM_R_ERROR_CONVERTING_PRIVATE_KEY = 115; +enum PEM_R_EXPECTING_PRIVATE_KEY_BLOB = 119; +enum PEM_R_EXPECTING_PUBLIC_KEY_BLOB = 120; +enum PEM_R_INCONSISTENT_HEADER = 121; +enum PEM_R_KEYBLOB_HEADER_PARSE_ERROR = 122; +enum PEM_R_KEYBLOB_TOO_SHORT = 123; +enum PEM_R_NOT_DEK_INFO = 105; +enum PEM_R_NOT_ENCRYPTED = 106; +enum PEM_R_NOT_PROC_TYPE = 107; +enum PEM_R_NO_START_LINE = 108; +enum PEM_R_PROBLEMS_GETTING_PASSWORD = 109; +enum PEM_R_PUBLIC_KEY_NO_RSA = 110; +enum PEM_R_PVK_DATA_TOO_SHORT = 124; +enum PEM_R_PVK_TOO_SHORT = 125; +enum PEM_R_READ_KEY = 111; +enum PEM_R_SHORT_HEADER = 112; +enum PEM_R_UNSUPPORTED_CIPHER = 113; +enum PEM_R_UNSUPPORTED_ENCRYPTION = 114; +enum PEM_R_UNSUPPORTED_KEY_COMPONENTS = 126; diff --git a/deimos/openssl/pem2.d b/deimos/openssl/pem2.d new file mode 100644 index 0000000..f9e7084 --- /dev/null +++ b/deimos/openssl/pem2.d @@ -0,0 +1,65 @@ +/* ==================================================================== + * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +/* + * This header only exists to break a circular dependency between pem and err + * Ben 30 Jan 1999. + */ + +module deimos.openssl.pem2; + +extern (C): +nothrow: + +void ERR_load_PEM_strings(); diff --git a/deimos/openssl/pkcs12.d b/deimos/openssl/pkcs12.d new file mode 100644 index 0000000..66af819 --- /dev/null +++ b/deimos/openssl/pkcs12.d @@ -0,0 +1,330 @@ +/* pkcs12.h */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project 1999. + */ +/* ==================================================================== + * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +module deimos.openssl.pkcs12; + +import deimos.openssl._d_util; + +public import deimos.openssl.bio; +public import deimos.openssl.x509; +public import deimos.openssl.pkcs7; + +extern (C): +nothrow: + +enum PKCS12_KEY_ID = 1; +enum PKCS12_IV_ID = 2; +enum PKCS12_MAC_ID = 3; + +/* Default iteration count */ +// #ifndef PKCS12_DEFAULT_ITER +alias PKCS5_DEFAULT_ITER PKCS12_DEFAULT_ITER; +// #endif + +enum PKCS12_MAC_KEY_LENGTH = 20; + +enum PKCS12_SALT_LEN = 8; + +/* Uncomment out next line for unicode password and names, otherwise ASCII */ + +/*#define PBE_UNICODE*/ + +version (PBE_UNICODE) { +alias PKCS12_key_gen_uni PKCS12_key_gen; +alias PKCS12_add_friendlyname_uni PKCS12_add_friendlyname; +} else { +alias PKCS12_key_gen_asc PKCS12_key_gen; +alias PKCS12_add_friendlyname_asc PKCS12_add_friendlyname; +} + +/* MS key usage constants */ + +enum KEY_EX = 0x10; +enum KEY_SIG = 0x80; + +struct PKCS12_MAC_DATA { +X509_SIG* dinfo; +ASN1_OCTET_STRING* salt; +ASN1_INTEGER* iter; /* defaults to 1 */ +} + +struct PKCS12 { +ASN1_INTEGER* version_; +PKCS12_MAC_DATA* mac; +PKCS7* authsafes; +} + +struct PKCS12_SAFEBAG { +ASN1_OBJECT* type; +union value_ { + pkcs12_bag_st* bag; /* secret, crl and certbag */ + pkcs8_priv_key_info_st* keybag; /* keybag */ + X509_SIG* shkeybag; /* shrouded key bag */ + STACK_OF!(PKCS12_SAFEBAG) *safes; + ASN1_TYPE* other; +} +value_ value; +STACK_OF!(X509_ATTRIBUTE) *attrib; +} + +/+mixin DECLARE_STACK_OF!(PKCS12_SAFEBAG);+/ +mixin DECLARE_ASN1_SET_OF!(PKCS12_SAFEBAG); +mixin DECLARE_PKCS12_STACK_OF!(PKCS12_SAFEBAG); + +struct pkcs12_bag_st { +ASN1_OBJECT* type; +union value_ { + ASN1_OCTET_STRING* x509cert; + ASN1_OCTET_STRING* x509crl; + ASN1_OCTET_STRING* octet; + ASN1_IA5STRING* sdsicert; + ASN1_TYPE* other; /* Secret or other bag */ +} +value_ value; +} +alias pkcs12_bag_st PKCS12_BAGS; + +enum PKCS12_ERROR = 0; +enum PKCS12_OK = 1; + +/* Compatibility macros */ + +alias PKCS12_x5092certbag M_PKCS12_x5092certbag; +alias PKCS12_x509crl2certbag M_PKCS12_x509crl2certbag; + +alias PKCS12_certbag2x509 M_PKCS12_certbag2x509; +alias PKCS12_certbag2x509crl M_PKCS12_certbag2x509crl; + +alias PKCS12_unpack_p7data M_PKCS12_unpack_p7data; +alias PKCS12_pack_authsafes M_PKCS12_pack_authsafes; +alias PKCS12_unpack_authsafes M_PKCS12_unpack_authsafes; +alias PKCS12_unpack_p7encdata M_PKCS12_unpack_p7encdata; + +alias PKCS12_decrypt_skey M_PKCS12_decrypt_skey; +alias PKCS8_decrypt M_PKCS8_decrypt; + +auto M_PKCS12_bag_type(B)(B bg) {return OBJ_obj2nid(bg.type); } +auto M_PKCS12_cert_bag_type(B)(B bg) {return OBJ_obj2nid(bg.value.bag.type); } +alias M_PKCS12_cert_bag_type M_PKCS12_crl_bag_type; + +auto PKCS12_get_attr()(PKCS12_SAFEBAG* bag, int attr_nid) { + return PKCS12_get_attr_gen(bag.attrib, attr_nid); } + +auto PKCS8_get_attr(P)(P p8, int attr_nid) { + return PKCS12_get_attr_gen(p8.attributes, attr_nid);} + +auto PKCS12_mac_present()(PKCS12* p12) { return p12.mac ? 1 : 0; } + + +PKCS12_SAFEBAG* PKCS12_x5092certbag(X509* x509); +PKCS12_SAFEBAG* PKCS12_x509crl2certbag(X509_CRL* crl); +X509* PKCS12_certbag2x509(PKCS12_SAFEBAG* bag); +X509_CRL* PKCS12_certbag2x509crl(PKCS12_SAFEBAG* bag); + +PKCS12_SAFEBAG* PKCS12_item_pack_safebag(void* obj, const(ASN1_ITEM)* it, int nid1, + int nid2); +PKCS12_SAFEBAG* PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO* p8); +PKCS8_PRIV_KEY_INFO* PKCS8_decrypt(X509_SIG* p8, const(char)* pass, int passlen); +PKCS8_PRIV_KEY_INFO* PKCS12_decrypt_skey(PKCS12_SAFEBAG* bag, const(char)* pass, + int passlen); +X509_SIG* PKCS8_encrypt(int pbe_nid, const(EVP_CIPHER)* cipher, + const(char)* pass, int passlen, + ubyte* salt, int saltlen, int iter, + PKCS8_PRIV_KEY_INFO* p8); +PKCS12_SAFEBAG* PKCS12_MAKE_SHKEYBAG(int pbe_nid, const(char)* pass, + int passlen, ubyte* salt, + int saltlen, int iter, + PKCS8_PRIV_KEY_INFO* p8); +PKCS7* PKCS12_pack_p7data(STACK_OF!(PKCS12_SAFEBAG) *sk); +STACK_OF!(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7* p7); +PKCS7* PKCS12_pack_p7encdata(int pbe_nid, const(char)* pass, int passlen, + ubyte* salt, int saltlen, int iter, + STACK_OF!(PKCS12_SAFEBAG) *bags); +STACK_OF!(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7* p7, const(char)* pass, int passlen); + +int PKCS12_pack_authsafes(PKCS12* p12, STACK_OF!(PKCS7) *safes); +STACK_OF!(PKCS7) *PKCS12_unpack_authsafes(PKCS12* p12); + +int PKCS12_add_localkeyid(PKCS12_SAFEBAG* bag, ubyte* name, int namelen); +int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG* bag, const(char)* name, + int namelen); +int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG* bag, const(char)* name, + int namelen); +int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG* bag, const(ubyte)* name, + int namelen); +int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO* p8, int usage); +ASN1_TYPE* PKCS12_get_attr_gen(STACK_OF!(X509_ATTRIBUTE) *attrs, int attr_nid); +char* PKCS12_get_friendlyname(PKCS12_SAFEBAG* bag); +ubyte* PKCS12_pbe_crypt(X509_ALGOR* algor, const(char)* pass, + int passlen, ubyte* in_, int inlen, + ubyte** data, int* datalen, int en_de); +void* PKCS12_item_decrypt_d2i(X509_ALGOR* algor, const(ASN1_ITEM)* it, + const(char)* pass, int passlen, ASN1_OCTET_STRING* oct, int zbuf); +ASN1_OCTET_STRING* PKCS12_item_i2d_encrypt(X509_ALGOR* algor, const(ASN1_ITEM)* it, + const(char)* pass, int passlen, + void* obj, int zbuf); +PKCS12* PKCS12_init(int mode); +int PKCS12_key_gen_asc(const(char)* pass, int passlen, ubyte* salt, + int saltlen, int id, int iter, int n, + ubyte* out_, const(EVP_MD)* md_type); +int PKCS12_key_gen_uni(ubyte* pass, int passlen, ubyte* salt, int saltlen, int id, int iter, int n, ubyte* out_, const(EVP_MD)* md_type); +int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX* ctx, const(char)* pass, int passlen, + ASN1_TYPE* param, const(EVP_CIPHER)* cipher, const(EVP_MD)* md_type, + int en_de); +int PKCS12_gen_mac(PKCS12* p12, const(char)* pass, int passlen, + ubyte* mac, uint* maclen); +int PKCS12_verify_mac(PKCS12* p12, const(char)* pass, int passlen); +int PKCS12_set_mac(PKCS12* p12, const(char)* pass, int passlen, + ubyte* salt, int saltlen, int iter, + const(EVP_MD)* md_type); +int PKCS12_setup_mac(PKCS12* p12, int iter, ubyte* salt, + int saltlen, const(EVP_MD)* md_type); +ubyte* OPENSSL_asc2uni(const(char)* asc, int asclen, ubyte** uni, int* unilen); +char* OPENSSL_uni2asc(ubyte* uni, int unilen); + +mixin(DECLARE_ASN1_FUNCTIONS!"PKCS12"); +mixin(DECLARE_ASN1_FUNCTIONS!"PKCS12_MAC_DATA"); +mixin(DECLARE_ASN1_FUNCTIONS!"PKCS12_SAFEBAG"); +mixin(DECLARE_ASN1_FUNCTIONS!"PKCS12_BAGS"); + +mixin(DECLARE_ASN1_ITEM!"PKCS12_SAFEBAGS"); +mixin(DECLARE_ASN1_ITEM!"PKCS12_AUTHSAFES"); + +void PKCS12_PBE_add(); +int PKCS12_parse(PKCS12* p12, const(char)* pass, EVP_PKEY** pkey, X509** cert, + STACK_OF!(X509) **ca); +PKCS12* PKCS12_create(char* pass, char* name, EVP_PKEY* pkey, X509* cert, + STACK_OF!(X509) *ca, int nid_key, int nid_cert, int iter, + int mac_iter, int keytype); + +PKCS12_SAFEBAG* PKCS12_add_cert(STACK_OF!(PKCS12_SAFEBAG) **pbags, X509* cert); +PKCS12_SAFEBAG* PKCS12_add_key(STACK_OF!(PKCS12_SAFEBAG) **pbags, EVP_PKEY* key, + int key_usage, int iter, + int key_nid, char* pass); +int PKCS12_add_safe(STACK_OF!(PKCS7) **psafes, STACK_OF!(PKCS12_SAFEBAG) *bags, + int safe_nid, int iter, char* pass); +PKCS12* PKCS12_add_safes(STACK_OF!(PKCS7) *safes, int p7_nid); + +int i2d_PKCS12_bio(BIO* bp, PKCS12* p12); +int i2d_PKCS12_fp(FILE* fp, PKCS12* p12); +PKCS12* d2i_PKCS12_bio(BIO* bp, PKCS12** p12); +PKCS12* d2i_PKCS12_fp(FILE* fp, PKCS12** p12); +int PKCS12_newpass(PKCS12* p12, char* oldpass, char* newpass); + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_PKCS12_strings(); + +/* Error codes for the PKCS12 functions. */ + +/* Function codes. */ +enum PKCS12_F_PARSE_BAG = 129; +enum PKCS12_F_PARSE_BAGS = 103; +enum PKCS12_F_PKCS12_ADD_FRIENDLYNAME = 100; +enum PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC = 127; +enum PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI = 102; +enum PKCS12_F_PKCS12_ADD_LOCALKEYID = 104; +enum PKCS12_F_PKCS12_CREATE = 105; +enum PKCS12_F_PKCS12_GEN_MAC = 107; +enum PKCS12_F_PKCS12_INIT = 109; +enum PKCS12_F_PKCS12_ITEM_DECRYPT_D2I = 106; +enum PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT = 108; +enum PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG = 117; +enum PKCS12_F_PKCS12_KEY_GEN_ASC = 110; +enum PKCS12_F_PKCS12_KEY_GEN_UNI = 111; +enum PKCS12_F_PKCS12_MAKE_KEYBAG = 112; +enum PKCS12_F_PKCS12_MAKE_SHKEYBAG = 113; +enum PKCS12_F_PKCS12_NEWPASS = 128; +enum PKCS12_F_PKCS12_PACK_P7DATA = 114; +enum PKCS12_F_PKCS12_PACK_P7ENCDATA = 115; +enum PKCS12_F_PKCS12_PARSE = 118; +enum PKCS12_F_PKCS12_PBE_CRYPT = 119; +enum PKCS12_F_PKCS12_PBE_KEYIVGEN = 120; +enum PKCS12_F_PKCS12_SETUP_MAC = 122; +enum PKCS12_F_PKCS12_SET_MAC = 123; +enum PKCS12_F_PKCS12_UNPACK_AUTHSAFES = 130; +enum PKCS12_F_PKCS12_UNPACK_P7DATA = 131; +enum PKCS12_F_PKCS12_VERIFY_MAC = 126; +enum PKCS12_F_PKCS8_ADD_KEYUSAGE = 124; +enum PKCS12_F_PKCS8_ENCRYPT = 125; + +/* Reason codes. */ +enum PKCS12_R_CANT_PACK_STRUCTURE = 100; +enum PKCS12_R_CONTENT_TYPE_NOT_DATA = 121; +enum PKCS12_R_DECODE_ERROR = 101; +enum PKCS12_R_ENCODE_ERROR = 102; +enum PKCS12_R_ENCRYPT_ERROR = 103; +enum PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE = 120; +enum PKCS12_R_INVALID_NULL_ARGUMENT = 104; +enum PKCS12_R_INVALID_NULL_PKCS12_POINTER = 105; +enum PKCS12_R_IV_GEN_ERROR = 106; +enum PKCS12_R_KEY_GEN_ERROR = 107; +enum PKCS12_R_MAC_ABSENT = 108; +enum PKCS12_R_MAC_GENERATION_ERROR = 109; +enum PKCS12_R_MAC_SETUP_ERROR = 110; +enum PKCS12_R_MAC_STRING_SET_ERROR = 111; +enum PKCS12_R_MAC_VERIFY_ERROR = 112; +enum PKCS12_R_MAC_VERIFY_FAILURE = 113; +enum PKCS12_R_PARSE_ERROR = 114; +enum PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR = 115; +enum PKCS12_R_PKCS12_CIPHERFINAL_ERROR = 116; +enum PKCS12_R_PKCS12_PBE_CRYPT_ERROR = 117; +enum PKCS12_R_UNKNOWN_DIGEST_ALGORITHM = 118; +enum PKCS12_R_UNSUPPORTED_PKCS12_MODE = 119; diff --git a/deimos/openssl/pkcs7.d b/deimos/openssl/pkcs7.d new file mode 100644 index 0000000..46b0964 --- /dev/null +++ b/deimos/openssl/pkcs7.d @@ -0,0 +1,500 @@ +/* crypto/pkcs7/pkcs7.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.pkcs7; + +import deimos.openssl._d_util; + +import deimos.openssl.x509; // Needed for X509_ATTRIBUTE. + +public import deimos.openssl.asn1; +public import deimos.openssl.bio; +public import deimos.openssl.e_os2; + +public import deimos.openssl.symhacks; +public import deimos.openssl.ossl_typ; + +extern (C): +nothrow: + +// #ifdef OPENSSL_SYS_WIN32 +// /* Under Win32 thes are defined in wincrypt.h */ +// #undef PKCS7_ISSUER_AND_SERIAL +// #undef PKCS7_SIGNER_INFO +// #endif + +/* +Encryption_ID DES-CBC +Digest_ID MD5 +Digest_Encryption_ID rsaEncryption +Key_Encryption_ID rsaEncryption +*/ + +struct pkcs7_issuer_and_serial_st { + X509_NAME* issuer; + ASN1_INTEGER* serial; + } +alias pkcs7_issuer_and_serial_st PKCS7_ISSUER_AND_SERIAL; + +struct pkcs7_signer_info_st { + ASN1_INTEGER* version_; /* version 1 */ + PKCS7_ISSUER_AND_SERIAL* issuer_and_serial; + X509_ALGOR* digest_alg; + STACK_OF!(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */ + X509_ALGOR* digest_enc_alg; + ASN1_OCTET_STRING* enc_digest; + STACK_OF!(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */ + + /* The private key to sign with */ + EVP_PKEY* pkey; + } +alias pkcs7_signer_info_st PKCS7_SIGNER_INFO; + +/+mixin DECLARE_STACK_OF!(PKCS7_SIGNER_INFO);+/ +mixin DECLARE_ASN1_SET_OF!(PKCS7_SIGNER_INFO); + +struct pkcs7_recip_info_st { + ASN1_INTEGER* version_; /* version 0 */ + PKCS7_ISSUER_AND_SERIAL* issuer_and_serial; + X509_ALGOR* key_enc_algor; + ASN1_OCTET_STRING* enc_key; + X509* cert; /* get the pub-key from this */ + } +alias pkcs7_recip_info_st PKCS7_RECIP_INFO; + +/+mixin DECLARE_STACK_OF!(PKCS7_RECIP_INFO);+/ +mixin DECLARE_ASN1_SET_OF!(PKCS7_RECIP_INFO); + +struct pkcs7_signed_st { + ASN1_INTEGER* version_; /* version 1 */ + STACK_OF!(X509_ALGOR) *md_algs; /* md used */ + STACK_OF!(X509) *cert; /* [ 0 ] */ + STACK_OF!(X509_CRL) *crl; /* [ 1 ] */ + STACK_OF!(PKCS7_SIGNER_INFO) *signer_info; + + pkcs7_st* contents; + } +alias pkcs7_signed_st PKCS7_SIGNED; +/* The above structure is very very similar to PKCS7_SIGN_ENVELOPE. + * How about merging the two */ + +struct pkcs7_enc_content_st { + ASN1_OBJECT* content_type; + X509_ALGOR* algorithm; + ASN1_OCTET_STRING* enc_data; /* [ 0 ] */ + const(EVP_CIPHER)* cipher; + } +alias pkcs7_enc_content_st PKCS7_ENC_CONTENT; + +struct pkcs7_enveloped_st { + ASN1_INTEGER* version_; /* version 0 */ + STACK_OF!(PKCS7_RECIP_INFO) *recipientinfo; + PKCS7_ENC_CONTENT* enc_data; + } +alias pkcs7_enveloped_st PKCS7_ENVELOPE; + +struct pkcs7_signedandenveloped_st { + ASN1_INTEGER* version_; /* version 1 */ + STACK_OF!(X509_ALGOR) *md_algs; /* md used */ + STACK_OF!(X509) *cert; /* [ 0 ] */ + STACK_OF!(X509_CRL) *crl; /* [ 1 ] */ + STACK_OF!(PKCS7_SIGNER_INFO) *signer_info; + + PKCS7_ENC_CONTENT* enc_data; + STACK_OF!(PKCS7_RECIP_INFO) *recipientinfo; + } +alias pkcs7_signedandenveloped_st PKCS7_SIGN_ENVELOPE; + +struct pkcs7_digest_st { + ASN1_INTEGER* version_; /* version 0 */ + X509_ALGOR* md; /* md used */ + pkcs7_st* contents; + ASN1_OCTET_STRING* digest; + } +alias pkcs7_digest_st PKCS7_DIGEST; + +struct pkcs7_encrypted_st { + ASN1_INTEGER* version_; /* version 0 */ + PKCS7_ENC_CONTENT* enc_data; + } +alias pkcs7_encrypted_st PKCS7_ENCRYPT; + +struct pkcs7_st + { + /* The following is non NULL if it contains ASN1 encoding of + * this structure */ + ubyte* asn1; + c_long length; + +enum PKCS7_S_HEADER = 0; +enum PKCS7_S_BODY = 1; +enum PKCS7_S_TAIL = 2; + int state; /* used during processing */ + + int detached; + + ASN1_OBJECT* type; + /* content as defined by the type */ + /* all encryption/message digests are applied to the 'contents', + * leaving out the 'type' field. */ + union d_ { + char* ptr; + + /* NID_pkcs7_data */ + ASN1_OCTET_STRING* data; + + /* NID_pkcs7_signed */ + PKCS7_SIGNED* sign; + + /* NID_pkcs7_enveloped */ + PKCS7_ENVELOPE* enveloped; + + /* NID_pkcs7_signedAndEnveloped */ + PKCS7_SIGN_ENVELOPE* signed_and_enveloped; + + /* NID_pkcs7_digest */ + PKCS7_DIGEST* digest; + + /* NID_pkcs7_encrypted */ + PKCS7_ENCRYPT* encrypted; + + /* Anything else */ + ASN1_TYPE* other; + } + d_ d; + } +alias pkcs7_st PKCS7; + +/+mixin DECLARE_STACK_OF!(PKCS7);+/ +mixin DECLARE_ASN1_SET_OF!(PKCS7); +mixin DECLARE_PKCS12_STACK_OF!(PKCS7); + +enum PKCS7_OP_SET_DETACHED_SIGNATURE = 1; +enum PKCS7_OP_GET_DETACHED_SIGNATURE = 2; + +auto PKCS7_get_signed_attributes()(PKCS7_SIGNER_INFO* si) { return si.auth_attr; } +auto PKCS7_get_attributes()(PKCS7_SIGNER_INFO* si) { return si.unauth_attr; } + +auto PKCS7_type_is_signed()(const(ASN1_OBJECT)* a) { return (OBJ_obj2nid(a.type) == NID_pkcs7_signed); } +auto PKCS7_type_is_encrypted()(const(ASN1_OBJECT)* a) { return (OBJ_obj2nid(a.type) == NID_pkcs7_encrypted); } +auto PKCS7_type_is_enveloped()(const(ASN1_OBJECT)* a) { return (OBJ_obj2nid(a.type) == NID_pkcs7_enveloped); } +auto PKCS7_type_is_signedAndEnveloped()(const(ASN1_OBJECT)* a) { return + (OBJ_obj2nid(a.type) == NID_pkcs7_signedAndEnveloped); } +auto PKCS7_type_is_data()(const(ASN1_OBJECT)* a) { return (OBJ_obj2nid(a.type) == NID_pkcs7_data); } +auto PKCS7_type_is_digest()(const(ASN1_OBJECT)* a) { return (OBJ_obj2nid(a.type) == NID_pkcs7_digest); } +auto PKCS7_type_is_encrypted()(const(ASN1_OBJECT)* a) { return + (OBJ_obj2nid(a.type) == NID_pkcs7_encrypted); } + +auto PKCS7_type_is_digest()(const(ASN1_OBJECT)* a) { return (OBJ_obj2nid(a.type) == NID_pkcs7_digest); } + +auto PKCS7_set_detached()(PKCS7* p, c_long v) { + return PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,null); +} +auto PKCS7_get_detached()(PKCS7* p) { + return PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,null); +} + +auto PKCS7_is_detached()(PKCS7* p7) { return (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7)); } + +/* S/MIME related flags */ + +enum PKCS7_TEXT = 0x1; +enum PKCS7_NOCERTS = 0x2; +enum PKCS7_NOSIGS = 0x4; +enum PKCS7_NOCHAIN = 0x8; +enum PKCS7_NOINTERN = 0x10; +enum PKCS7_NOVERIFY = 0x20; +enum PKCS7_DETACHED = 0x40; +enum PKCS7_BINARY = 0x80; +enum PKCS7_NOATTR = 0x100; +enum PKCS7_NOSMIMECAP = 0x200; +enum PKCS7_NOOLDMIMETYPE = 0x400; +enum PKCS7_CRLFEOL = 0x800; +enum PKCS7_STREAM = 0x1000; +enum PKCS7_NOCRL = 0x2000; +enum PKCS7_PARTIAL = 0x4000; +enum PKCS7_REUSE_DIGEST = 0x8000; + +/* Flags: for compatibility with older code */ + +alias PKCS7_TEXT SMIME_TEXT; +alias PKCS7_NOCERTS SMIME_NOCERTS; +alias PKCS7_NOSIGS SMIME_NOSIGS; +alias PKCS7_NOCHAIN SMIME_NOCHAIN; +alias PKCS7_NOINTERN SMIME_NOINTERN; +alias PKCS7_NOVERIFY SMIME_NOVERIFY; +alias PKCS7_DETACHED SMIME_DETACHED; +alias PKCS7_BINARY SMIME_BINARY; +alias PKCS7_NOATTR SMIME_NOATTR; + +mixin(DECLARE_ASN1_FUNCTIONS!"PKCS7_ISSUER_AND_SERIAL"); + +int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL* data,const(EVP_MD)* type, + ubyte* md,uint* len); +version(OPENSSL_NO_FP_API) {} else { +PKCS7* d2i_PKCS7_fp(FILE* fp,PKCS7** p7); +int i2d_PKCS7_fp(FILE* fp,PKCS7* p7); +} +PKCS7* PKCS7_dup(PKCS7* p7); +PKCS7* d2i_PKCS7_bio(BIO* bp,PKCS7** p7); +int i2d_PKCS7_bio(BIO* bp,PKCS7* p7); +int i2d_PKCS7_bio_stream(BIO* out_, PKCS7* p7, BIO* in_, int flags); +int PEM_write_bio_PKCS7_stream(BIO* out_, PKCS7* p7, BIO* in_, int flags); + +mixin(DECLARE_ASN1_FUNCTIONS!"PKCS7_SIGNER_INFO"); +mixin(DECLARE_ASN1_FUNCTIONS!"PKCS7_RECIP_INFO"); +mixin(DECLARE_ASN1_FUNCTIONS!"PKCS7_SIGNED"); +mixin(DECLARE_ASN1_FUNCTIONS!"PKCS7_ENC_CONTENT"); +mixin(DECLARE_ASN1_FUNCTIONS!"PKCS7_ENVELOPE"); +mixin(DECLARE_ASN1_FUNCTIONS!"PKCS7_SIGN_ENVELOPE"); +mixin(DECLARE_ASN1_FUNCTIONS!"PKCS7_DIGEST"); +mixin(DECLARE_ASN1_FUNCTIONS!"PKCS7_ENCRYPT"); +mixin(DECLARE_ASN1_FUNCTIONS!"PKCS7"); + +mixin(DECLARE_ASN1_ITEM!"PKCS7_ATTR_SIGN"); +mixin(DECLARE_ASN1_ITEM!"PKCS7_ATTR_VERIFY"); + +mixin(DECLARE_ASN1_NDEF_FUNCTION!"PKCS7"); +mixin(DECLARE_ASN1_PRINT_FUNCTION!"PKCS7"); + +c_long PKCS7_ctrl(PKCS7* p7, int cmd, c_long larg, char* parg); + +int PKCS7_set_type(PKCS7* p7, int type); +int PKCS7_set0_type_other(PKCS7* p7, int type, ASN1_TYPE* other); +int PKCS7_set_content(PKCS7* p7, PKCS7* p7_data); +int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO* p7i, X509* x509, EVP_PKEY* pkey, + const(EVP_MD)* dgst); +int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO* si); +int PKCS7_add_signer(PKCS7* p7, PKCS7_SIGNER_INFO* p7i); +int PKCS7_add_certificate(PKCS7* p7, X509* x509); +int PKCS7_add_crl(PKCS7* p7, X509_CRL* x509); +int PKCS7_content_new(PKCS7* p7, int nid); +int PKCS7_dataVerify(X509_STORE* cert_store, X509_STORE_CTX* ctx, + BIO* bio, PKCS7* p7, PKCS7_SIGNER_INFO* si); +int PKCS7_signatureVerify(BIO* bio, PKCS7* p7, PKCS7_SIGNER_INFO* si, + X509* x509); + +BIO* PKCS7_dataInit(PKCS7* p7, BIO* bio); +int PKCS7_dataFinal(PKCS7* p7, BIO* bio); +BIO* PKCS7_dataDecode(PKCS7* p7, EVP_PKEY* pkey, BIO* in_bio, X509* pcert); + + +PKCS7_SIGNER_INFO* PKCS7_add_signature(PKCS7* p7, X509* x509, + EVP_PKEY* pkey, const(EVP_MD)* dgst); +X509* PKCS7_cert_from_signer_info(PKCS7* p7, PKCS7_SIGNER_INFO* si); +int PKCS7_set_digest(PKCS7* p7, const(EVP_MD)* md); +STACK_OF!(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7* p7); + +PKCS7_RECIP_INFO* PKCS7_add_recipient(PKCS7* p7, X509* x509); +void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO* si, EVP_PKEY** pk, + X509_ALGOR** pdig, X509_ALGOR** psig); +void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO* ri, X509_ALGOR** penc); +int PKCS7_add_recipient_info(PKCS7* p7, PKCS7_RECIP_INFO* ri); +int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO* p7i, X509* x509); +int PKCS7_set_cipher(PKCS7* p7, const(EVP_CIPHER)* cipher); +int PKCS7_stream(ubyte*** boundary, PKCS7* p7); + +PKCS7_ISSUER_AND_SERIAL* PKCS7_get_issuer_and_serial(PKCS7* p7, int idx); +ASN1_OCTET_STRING* PKCS7_digest_from_attributes(STACK_OF!(X509_ATTRIBUTE) *sk); +int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO* p7si,int nid,int type, + void* data); +int PKCS7_add_attribute (PKCS7_SIGNER_INFO* p7si, int nid, int atrtype, + void* value); +ASN1_TYPE* PKCS7_get_attribute(PKCS7_SIGNER_INFO* si, int nid); +ASN1_TYPE* PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO* si, int nid); +int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO* p7si, + STACK_OF!(X509_ATTRIBUTE) *sk); +int PKCS7_set_attributes(PKCS7_SIGNER_INFO* p7si,STACK_OF!(X509_ATTRIBUTE) *sk); + + +PKCS7* PKCS7_sign(X509* signcert, EVP_PKEY* pkey, STACK_OF!(X509) *certs, + BIO* data, int flags); + +PKCS7_SIGNER_INFO* PKCS7_sign_add_signer(PKCS7* p7, + X509* signcert, EVP_PKEY* pkey, const(EVP_MD)* md, + int flags); + +int PKCS7_final(PKCS7* p7, BIO* data, int flags); +int PKCS7_verify(PKCS7* p7, STACK_OF!(X509) *certs, X509_STORE* store, + BIO* indata, BIO* out_, int flags); +STACK_OF!(X509) *PKCS7_get0_signers(PKCS7* p7, STACK_OF!(X509) *certs, int flags); +PKCS7* PKCS7_encrypt(STACK_OF!(X509) *certs, BIO* in_, const(EVP_CIPHER)* cipher, + int flags); +int PKCS7_decrypt(PKCS7* p7, EVP_PKEY* pkey, X509* cert, BIO* data, int flags); + +int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO* si, + STACK_OF!(X509_ALGOR) *cap); +STACK_OF!(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO* si); +int PKCS7_simple_smimecap(STACK_OF!(X509_ALGOR) *sk, int nid, int arg); + +int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO* si, ASN1_OBJECT* coid); +int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO* si, ASN1_TIME* t); +int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO* si, + const(ubyte)* md, int mdlen); + +int SMIME_write_PKCS7(BIO* bio, PKCS7* p7, BIO* data, int flags); +PKCS7* SMIME_read_PKCS7(BIO* bio, BIO** bcont); + +BIO* BIO_new_PKCS7(BIO* out_, PKCS7* p7); + + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_PKCS7_strings(); + +/* Error codes for the PKCS7 functions. */ + +/* Function codes. */ +enum PKCS7_F_B64_READ_PKCS7 = 120; +enum PKCS7_F_B64_WRITE_PKCS7 = 121; +enum PKCS7_F_DO_PKCS7_SIGNED_ATTRIB = 136; +enum PKCS7_F_I2D_PKCS7_BIO_STREAM = 140; +enum PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME = 135; +enum PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP = 118; +enum PKCS7_F_PKCS7_ADD_CERTIFICATE = 100; +enum PKCS7_F_PKCS7_ADD_CRL = 101; +enum PKCS7_F_PKCS7_ADD_RECIPIENT_INFO = 102; +enum PKCS7_F_PKCS7_ADD_SIGNATURE = 131; +enum PKCS7_F_PKCS7_ADD_SIGNER = 103; +enum PKCS7_F_PKCS7_BIO_ADD_DIGEST = 125; +enum PKCS7_F_PKCS7_COPY_EXISTING_DIGEST = 138; +enum PKCS7_F_PKCS7_CTRL = 104; +enum PKCS7_F_PKCS7_DATADECODE = 112; +enum PKCS7_F_PKCS7_DATAFINAL = 128; +enum PKCS7_F_PKCS7_DATAINIT = 105; +enum PKCS7_F_PKCS7_DATASIGN = 106; +enum PKCS7_F_PKCS7_DATAVERIFY = 107; +enum PKCS7_F_PKCS7_DECRYPT = 114; +enum PKCS7_F_PKCS7_DECRYPT_RINFO = 133; +enum PKCS7_F_PKCS7_ENCODE_RINFO = 132; +enum PKCS7_F_PKCS7_ENCRYPT = 115; +enum PKCS7_F_PKCS7_FINAL = 134; +enum PKCS7_F_PKCS7_FIND_DIGEST = 127; +enum PKCS7_F_PKCS7_GET0_SIGNERS = 124; +enum PKCS7_F_PKCS7_RECIP_INFO_SET = 130; +enum PKCS7_F_PKCS7_SET_CIPHER = 108; +enum PKCS7_F_PKCS7_SET_CONTENT = 109; +enum PKCS7_F_PKCS7_SET_DIGEST = 126; +enum PKCS7_F_PKCS7_SET_TYPE = 110; +enum PKCS7_F_PKCS7_SIGN = 116; +enum PKCS7_F_PKCS7_SIGNATUREVERIFY = 113; +enum PKCS7_F_PKCS7_SIGNER_INFO_SET = 129; +enum PKCS7_F_PKCS7_SIGNER_INFO_SIGN = 139; +enum PKCS7_F_PKCS7_SIGN_ADD_SIGNER = 137; +enum PKCS7_F_PKCS7_SIMPLE_SMIMECAP = 119; +enum PKCS7_F_PKCS7_VERIFY = 117; +enum PKCS7_F_SMIME_READ_PKCS7 = 122; +enum PKCS7_F_SMIME_TEXT = 123; + +/* Reason codes. */ +enum PKCS7_R_CERTIFICATE_VERIFY_ERROR = 117; +enum PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER = 144; +enum PKCS7_R_CIPHER_NOT_INITIALIZED = 116; +enum PKCS7_R_CONTENT_AND_DATA_PRESENT = 118; +enum PKCS7_R_CTRL_ERROR = 152; +enum PKCS7_R_DECODE_ERROR = 130; +enum PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH = 100; +enum PKCS7_R_DECRYPT_ERROR = 119; +enum PKCS7_R_DIGEST_FAILURE = 101; +enum PKCS7_R_ENCRYPTION_CTRL_FAILURE = 149; +enum PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE = 150; +enum PKCS7_R_ERROR_ADDING_RECIPIENT = 120; +enum PKCS7_R_ERROR_SETTING_CIPHER = 121; +enum PKCS7_R_INVALID_MIME_TYPE = 131; +enum PKCS7_R_INVALID_NULL_POINTER = 143; +enum PKCS7_R_MIME_NO_CONTENT_TYPE = 132; +enum PKCS7_R_MIME_PARSE_ERROR = 133; +enum PKCS7_R_MIME_SIG_PARSE_ERROR = 134; +enum PKCS7_R_MISSING_CERIPEND_INFO = 103; +enum PKCS7_R_NO_CONTENT = 122; +enum PKCS7_R_NO_CONTENT_TYPE = 135; +enum PKCS7_R_NO_DEFAULT_DIGEST = 151; +enum PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND = 154; +enum PKCS7_R_NO_MULTIPART_BODY_FAILURE = 136; +enum PKCS7_R_NO_MULTIPART_BOUNDARY = 137; +enum PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE = 115; +enum PKCS7_R_NO_RECIPIENT_MATCHES_KEY = 146; +enum PKCS7_R_NO_SIGNATURES_ON_DATA = 123; +enum PKCS7_R_NO_SIGNERS = 142; +enum PKCS7_R_NO_SIG_CONTENT_TYPE = 138; +enum PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE = 104; +enum PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR = 124; +enum PKCS7_R_PKCS7_ADD_SIGNER_ERROR = 153; +enum PKCS7_R_PKCS7_DATAFINAL = 126; +enum PKCS7_R_PKCS7_DATAFINAL_ERROR = 125; +enum PKCS7_R_PKCS7_DATASIGN = 145; +enum PKCS7_R_PKCS7_PARSE_ERROR = 139; +enum PKCS7_R_PKCS7_SIG_PARSE_ERROR = 140; +enum PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE = 127; +enum PKCS7_R_SIGNATURE_FAILURE = 105; +enum PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND = 128; +enum PKCS7_R_SIGNING_CTRL_FAILURE = 147; +enum PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE = 148; +enum PKCS7_R_SIG_INVALID_MIME_TYPE = 141; +enum PKCS7_R_SMIME_TEXT_ERROR = 129; +enum PKCS7_R_UNABLE_TO_FIND_CERTIFICATE = 106; +enum PKCS7_R_UNABLE_TO_FIND_MEM_BIO = 107; +enum PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST = 108; +enum PKCS7_R_UNKNOWN_DIGEST_TYPE = 109; +enum PKCS7_R_UNKNOWN_OPERATION = 110; +enum PKCS7_R_UNSUPPORTED_CIPHER_TYPE = 111; +enum PKCS7_R_UNSUPPORTED_CONTENT_TYPE = 112; +enum PKCS7_R_WRONG_CONTENT_TYPE = 113; +enum PKCS7_R_WRONG_PKCS7_TYPE = 114; diff --git a/deimos/openssl/pqueue.d b/deimos/openssl/pqueue.d new file mode 100644 index 0000000..a3ac187 --- /dev/null +++ b/deimos/openssl/pqueue.d @@ -0,0 +1,94 @@ +/* crypto/pqueue/pqueue.h */ +/* + * DTLS implementation written by Nagendra Modadugu + * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. + */ +/* ==================================================================== + * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +module deimos.openssl.pqueue; + +import deimos.openssl._d_util; + +import core.stdc.stdio; +import core.stdc.stdlib; +// #include + +struct _pqueue; +alias _pqueue* pqueue; + +struct _pitem { + ubyte[8] priority; /* 64-bit value in big-endian encoding */ + void* data; + _pitem* next; + } +alias _pitem pitem; + +alias _pitem* piterator; + +pitem* pitem_new(ubyte* prio64be, void* data); +void pitem_free(pitem* item); + +pqueue pqueue_new(); +void pqueue_free(pqueue pq); + +pitem* pqueue_insert(pqueue pq, pitem* item); +pitem* pqueue_peek(pqueue pq); +pitem* pqueue_pop(pqueue pq); +pitem* pqueue_find(pqueue pq, ubyte* prio64be); +pitem* pqueue_iterator(pqueue pq); +pitem* pqueue_next(piterator* iter); + +void pqueue_print(pqueue pq); +int pqueue_size(pqueue pq); diff --git a/deimos/openssl/rand.d b/deimos/openssl/rand.d new file mode 100644 index 0000000..46caa67 --- /dev/null +++ b/deimos/openssl/rand.d @@ -0,0 +1,148 @@ +/* crypto/rand/rand.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.rand; + +import deimos.openssl._d_util; + +import core.stdc.stdlib; +public import deimos.openssl.ossl_typ; +public import deimos.openssl.e_os2; + +version (Win32) { + import core.sys.windows.windows; +} else version (Win64) { + import core.sys.windows.windows; +} + +extern (C): +nothrow: + +version (OPENSSL_FIPS) { +alias size_t FIPS_RAND_SIZE_T; +} + +/* Already defined in ossl_typ.h */ +/* typedef rand_meth_st RAND_METHOD; */ + +struct rand_meth_st + { + ExternC!(void function(const(void)* buf, int num)) seed; + ExternC!(int function(ubyte* buf, int num)) bytes; + ExternC!(void function()) cleanup; + ExternC!(void function(const(void)* buf, int num, double entropy)) add; + ExternC!(int function(ubyte* buf, int num)) pseudorand; + ExternC!(int function()) status; + }; + +version (BN_DEBUG) { +extern int rand_predictable; +} + +int RAND_set_rand_method(const(RAND_METHOD)* meth); +const(RAND_METHOD)* RAND_get_rand_method(); +version(OPENSSL_NO_ENGINE) {} else { +int RAND_set_rand_engine(ENGINE* engine); +} +RAND_METHOD* RAND_SSLeay(); +void RAND_cleanup(); +int RAND_bytes(ubyte* buf,int num); +int RAND_pseudo_bytes(ubyte* buf,int num); +void RAND_seed(const(void)* buf,int num); +void RAND_add(const(void)* buf,int num,double entropy); +int RAND_load_file(const(char)* file,c_long max_bytes); +int RAND_write_file(const(char)* file); +const(char)* RAND_file_name(char* file,size_t num); +int RAND_status(); +int RAND_query_egd_bytes(const(char)* path, ubyte* buf, int bytes); +int RAND_egd(const(char)* path); +int RAND_egd_bytes(const(char)* path,int bytes); +int RAND_poll(); + +version (Win32) { +void RAND_screen(); +int RAND_event(UINT, WPARAM, LPARAM); +} else version (Win64) { +void RAND_screen(); +int RAND_event(UINT, WPARAM, LPARAM); +} + +version(OPENSSL_FIPS) { +void RAND_set_fips_drbg_type(int type, int flags); +int RAND_init_fips(void); +} + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_RAND_strings(); + +/* Error codes for the RAND functions. */ + +/* Function codes. */ +enum RAND_F_RAND_GET_RAND_METHOD = 101; +enum RAND_F_RAND_INIT_FIPS = 102; +enum RAND_F_SSLEAY_RAND_BYTES = 100; + +/* Reason codes. */ +enum RAND_R_DUAL_EC_DRBG_DISABLED = 104; +enum RAND_R_ERROR_INITIALISING_DRBG = 102; +enum RAND_R_ERROR_INSTANTIATING_DRBG = 103; +enum RAND_R_NO_FIPS_RANDOM_METHOD_SET = 101; +enum RAND_R_PRNG_NOT_SEEDED = 100; diff --git a/deimos/openssl/rc2.d b/deimos/openssl/rc2.d new file mode 100644 index 0000000..dd5ec58 --- /dev/null +++ b/deimos/openssl/rc2.d @@ -0,0 +1,97 @@ +/* crypto/rc2/rc2.h */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.rc2; + +import deimos.openssl._d_util; + +public import deimos.openssl.opensslconf; /* OPENSSL_NO_RC2, RC2_INT */ +version (OPENSSL_NO_RC2) { + static assert(false, "RC2 is disabled."); +} + +enum RC2_ENCRYPT = 1; +enum RC2_DECRYPT = 0; + +enum RC2_BLOCK = 8; +enum RC2_KEY_LENGTH = 16; + +extern (C): +nothrow: + +struct rc2_key_st { + RC2_INT[64] data; + } +alias rc2_key_st RC2_KEY; + +version(OPENSSL_FIPS) { + void private_RC2_set_key(RC2_KEY* key, int len, const(ubyte)* data,int bits); +} +void RC2_set_key(RC2_KEY* key, int len, const(ubyte)* data,int bits); +void RC2_ecb_encrypt(const(ubyte)* in_,ubyte* out_,RC2_KEY* key, + int enc); +void RC2_encrypt(c_ulong* data,RC2_KEY* key); +void RC2_decrypt(c_ulong* data,RC2_KEY* key); +void RC2_cbc_encrypt(const(ubyte)* in_, ubyte* out_, c_long length, + RC2_KEY* ks, ubyte* iv, int enc); +void RC2_cfb64_encrypt(const(ubyte)* in_, ubyte* out_, + c_long length, RC2_KEY* schedule, ubyte* ivec, + int* num, int enc); +void RC2_ofb64_encrypt(const(ubyte)* in_, ubyte* out_, + c_long length, RC2_KEY* schedule, ubyte* ivec, + int* num); diff --git a/deimos/openssl/rc4.d b/deimos/openssl/rc4.d new file mode 100644 index 0000000..be86543 --- /dev/null +++ b/deimos/openssl/rc4.d @@ -0,0 +1,84 @@ +/* crypto/rc4/rc4.h */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.rc4; + +import deimos.openssl._d_util; + +public import deimos.openssl.opensslconf; /* OPENSSL_NO_RC4, RC4_INT */ +version (OPENSSL_NO_RC4) { + static assert(false, "RC4 is disabled."); +} + +import core.stdc.config; + +extern (C): +nothrow: + +struct rc4_key_st { + RC4_INT x,y; + RC4_INT[256] data; + } +alias rc4_key_st RC4_KEY; + + +const(char)* RC4_options(); +void RC4_set_key(RC4_KEY* key, int len, const(ubyte)* data); +void private_RC4_set_key(RC4_KEY* key, int len, const(ubyte)* data); +void RC4(RC4_KEY* key, size_t len, const(ubyte)* indata, + ubyte* outdata); diff --git a/deimos/openssl/ripemd.d b/deimos/openssl/ripemd.d new file mode 100644 index 0000000..d8e625d --- /dev/null +++ b/deimos/openssl/ripemd.d @@ -0,0 +1,103 @@ +/* crypto/ripemd/ripemd.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.ripemd; + +import deimos.openssl._d_util; + +public import deimos.openssl.e_os2; +import core.stdc.config; + +extern (C): +nothrow: + +version (OPENSSL_NO_RIPEMD) { + static assert(false, "RIPEMD is disabled."); +} + +// #if defined(__LP32__) +// alias c_ulong RIPEMD160_LONG; +// #elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__) +// alias c_ulong RIPEMD160_LONG; +// enum RIPEMD160_LONG_LOG2 = 3; +// #else +// alias uint RIPEMD160_LONG; +// #endif +alias uint RIPEMD160_LONG; + +enum RIPEMD160_CBLOCK = 64; +enum RIPEMD160_LBLOCK = (RIPEMD160_CBLOCK/4); +enum RIPEMD160_DIGEST_LENGTH = 20; + +struct RIPEMD160state_st { + RIPEMD160_LONG A,B,C,D,E; + RIPEMD160_LONG Nl,Nh; + RIPEMD160_LONG[RIPEMD160_LBLOCK] data; + uint num; + } +alias RIPEMD160state_st RIPEMD160_CTX; + +version(OPENSSL_FIPS) { + int private_RIPEMD160_Init(RIPEMD160_CTX* c); +} +int RIPEMD160_Init(RIPEMD160_CTX* c); +int RIPEMD160_Update(RIPEMD160_CTX* c, const(void)* data, size_t len); +int RIPEMD160_Final(ubyte* md, RIPEMD160_CTX* c); +ubyte* RIPEMD160(const(ubyte)* d, size_t n, + ubyte* md); +void RIPEMD160_Transform(RIPEMD160_CTX* c, const(ubyte)* b); diff --git a/deimos/openssl/rsa.d b/deimos/openssl/rsa.d new file mode 100644 index 0000000..68ea0e6 --- /dev/null +++ b/deimos/openssl/rsa.d @@ -0,0 +1,588 @@ +/* crypto/rsa/rsa.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.rsa; + +import deimos.openssl._d_util; + +import deimos.openssl.evp; // Needed for EVP_PKEY_ALG_CTRL. + +public import deimos.openssl.asn1; + +version(OPENSSL_NO_BIO) {} else { +public import deimos.openssl.bio; +} +public import deimos.openssl.crypto; +public import deimos.openssl.ossl_typ; +version(OPENSSL_NO_DEPRECATED) {} else { +public import deimos.openssl.bn; +} + +version (OPENSSL_NO_RSA) { + static assert(false, "RSA is disabled."); +} + +extern (C): +nothrow: + +/* Declared already in ossl_typ.h */ +/* typedef rsa_st RSA; */ +/* typedef rsa_meth_st RSA_METHOD; */ + +struct rsa_meth_st + { + const(char)* name; + ExternC!(int function(int flen,const(ubyte)* from, + ubyte* to, + RSA* rsa,int padding)) rsa_pub_enc; + ExternC!(int function(int flen,const(ubyte)* from, + ubyte* to, + RSA* rsa,int padding)) rsa_pub_dec; + ExternC!(int function(int flen,const(ubyte)* from, + ubyte* to, + RSA* rsa,int padding)) rsa_priv_enc; + ExternC!(int function(int flen,const(ubyte)* from, + ubyte* to, + RSA* rsa,int padding)) rsa_priv_dec; + ExternC!(int function(BIGNUM* r0,const(BIGNUM)* I,RSA* rsa,BN_CTX* ctx)) rsa_mod_exp; /* Can be null */ + ExternC!(int function(BIGNUM* r, const(BIGNUM)* a, const(BIGNUM)* p, + const(BIGNUM)* m, BN_CTX* ctx, + BN_MONT_CTX* m_ctx)) bn_mod_exp; /* Can be null */ + ExternC!(int function(RSA* rsa)) init_; /* called at new */ + ExternC!(int function(RSA* rsa)) finish; /* called at free */ + int flags; /* RSA_METHOD_FLAG_* things */ + char* app_data; /* may be needed! */ +/* New sign and verify functions: some libraries don't allow arbitrary data + * to be signed/verified: this allows them to be used. Note: for this to work + * the RSA_public_decrypt() and RSA_private_encrypt() should* NOT* be used + * RSA_sign(), RSA_verify() should be used instead. Note: for backwards + * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER + * option is set in 'flags'. + */ + ExternC!(int function(int type, + const(ubyte)* m, uint m_length, + ubyte* sigret, uint* siglen, const(RSA)* rsa)) rsa_sign; + ExternC!(int function(int dtype, + const(ubyte)* m, uint m_length, + const(ubyte)* sigbuf, uint siglen, + const(RSA)* rsa)) rsa_verify; +/* If this callback is NULL, the builtin software RSA key-gen will be used. This + * is for behavioural compatibility whilst the code gets rewired, but one day + * it would be nice to assume there are no such things as "builtin software" + * implementations. */ + ExternC!(int function(RSA* rsa, int bits, BIGNUM* e, BN_GENCB* cb)) rsa_keygen; + }; + +struct rsa_st + { + /* The first parameter is used to pickup errors where + * this is passed instead of aEVP_PKEY, it is set to 0 */ + int pad; + c_long version_; + const(RSA_METHOD)* meth; + /* functional reference if 'meth' is ENGINE-provided */ + ENGINE* engine; + BIGNUM* n; + BIGNUM* e; + BIGNUM* d; + BIGNUM* p; + BIGNUM* q; + BIGNUM* dmp1; + BIGNUM* dmq1; + BIGNUM* iqmp; + /* be careful using this if the RSA structure is shared */ + CRYPTO_EX_DATA ex_data; + int references; + int flags; + + /* Used to cache montgomery values */ + BN_MONT_CTX* _method_mod_n; + BN_MONT_CTX* _method_mod_p; + BN_MONT_CTX* _method_mod_q; + + /* all BIGNUM values are actually in the following data, if it is not + * NULL */ + char* bignum_data; + BN_BLINDING* blinding; + BN_BLINDING* mt_blinding; + }; + +// #ifndef OPENSSL_RSA_MAX_MODULUS_BITS +enum OPENSSL_RSA_MAX_MODULUS_BITS = 16384; +// #endif + +// #ifndef OPENSSL_RSA_SMALL_MODULUS_BITS +enum OPENSSL_RSA_SMALL_MODULUS_BITS = 3072; +// #endif +// #ifndef OPENSSL_RSA_MAX_PUBEXP_BITS +enum OPENSSL_RSA_MAX_PUBEXP_BITS = 64; /* exponent limit enforced for "large" modulus only */ +// #endif + +enum RSA_3 = 0x3; +enum RSA_F4 = 0x10001; + +enum RSA_METHOD_FLAG_NO_CHECK = 0x0001; /* don't check pub/private match */ + +enum RSA_FLAG_CACHE_PUBLIC = 0x0002; +enum RSA_FLAG_CACHE_PRIVATE = 0x0004; +enum RSA_FLAG_BLINDING = 0x0008; +enum RSA_FLAG_THREAD_SAFE = 0x0010; +/* This flag means the private key operations will be handled by rsa_mod_exp + * and that they do not depend on the private key components being present: + * for example a key stored in external hardware. Without this flag bn_mod_exp + * gets called when private key components are absent. + */ +enum RSA_FLAG_EXT_PKEY = 0x0020; + +/* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions. + */ +enum RSA_FLAG_SIGN_VER = 0x0040; + +enum RSA_FLAG_NO_BLINDING = 0x0080; /* new with 0.9.6j and 0.9.7b; the built-in + * RSA implementation now uses blinding by + * default (ignoring RSA_FLAG_BLINDING), + * but other engines might not need it + */ +enum RSA_FLAG_NO_CONSTTIME = 0x0100; /* new with 0.9.8f; the built-in RSA + * implementation now uses constant time + * operations by default in private key operations, + * e.g., constant time modular exponentiation, + * modular inverse without leaking branches, + * division without leaking branches. This + * flag disables these constant time + * operations and results in faster RSA + * private key operations. + */ +version(OPENSSL_NO_DEPRECATED) {} else { +alias RSA_FLAG_NO_CONSTTIME RSA_FLAG_NO_EXP_CONSTTIME; /* deprecated name for the flag*/ + /* new with 0.9.7h; the built-in RSA + * implementation now uses constant time + * modular exponentiation for secret exponents + * by default. This flag causes the + * faster variable sliding window method to + * be used for all exponents. + */ +} + + +auto EVP_PKEY_CTX_set_rsa_padding()(EVP_PKEY_CTX* ctx, int pad) { + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, + pad, null); +} + +auto EVP_PKEY_CTX_get_rsa_padding()(EVP_PKEY_CTX* ctx, int *ppad) { + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, + EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad); +} + +auto EVP_PKEY_CTX_set_rsa_pss_saltlen()(EVP_PKEY_CTX* ctx, int len) { + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, + (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), + EVP_PKEY_CTRL_RSA_PSS_SALTLEN, + len, null); +} + +auto EVP_PKEY_CTX_get_rsa_pss_saltlen()(EVP_PKEY_CTX* ctx, int *plen) { + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, + (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), + EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, + 0, plen); +} + +auto EVP_PKEY_CTX_set_rsa_keygen_bits()(EVP_PKEY_CTX* ctx, int bits) { + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, + EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, null); +} + +auto EVP_PKEY_CTX_set_rsa_keygen_pubexp()(EVP_PKEY_CTX* ctx, void* pubexp) { + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, + EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp); +} + +auto EVP_PKEY_CTX_set_rsa_mgf1_md()(EVP_PKEY_CTX* ctx, EVP_MD* md) { + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, + EVP_PKEY_CTRL_RSA_MGF1_MD, 0, cast(void*)md); +} + +auto EVP_PKEY_CTX_get_rsa_mgf1_md()(EVP_PKEY_CTX* ctx, EVP_MD** pmd) { + return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG, + EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, cast(void*)pmd); +} + +enum EVP_PKEY_CTRL_RSA_PADDING = (EVP_PKEY_ALG_CTRL + 1); +enum EVP_PKEY_CTRL_RSA_PSS_SALTLEN = (EVP_PKEY_ALG_CTRL + 2); + +enum EVP_PKEY_CTRL_RSA_KEYGEN_BITS = (EVP_PKEY_ALG_CTRL + 3); +enum EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP = (EVP_PKEY_ALG_CTRL + 4); +enum EVP_PKEY_CTRL_RSA_MGF1_MD = (EVP_PKEY_ALG_CTRL + 5); + +enum EVP_PKEY_CTRL_GET_RSA_PADDING = (EVP_PKEY_ALG_CTRL + 6); +enum EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN = (EVP_PKEY_ALG_CTRL + 7); +enum EVP_PKEY_CTRL_GET_RSA_MGF1_MD = (EVP_PKEY_ALG_CTRL + 8); + +enum RSA_PKCS1_PADDING = 1; +enum RSA_SSLV23_PADDING = 2; +enum RSA_NO_PADDING = 3; +enum RSA_PKCS1_OAEP_PADDING = 4; +enum RSA_X931_PADDING = 5; +/* EVP_PKEY_ only */ +enum RSA_PKCS1_PSS_PADDING = 6; + +enum RSA_PKCS1_PADDING_SIZE = 11; + +int RSA_set_app_data()(RSA* s, void* arg) { return RSA_set_ex_data(s,0,arg); } +void* RSA_get_app_data()(const(RSA)* s) { return RSA_get_ex_data(s,0); } + +RSA* RSA_new(); +RSA* RSA_new_method(ENGINE* engine); +int RSA_size(const(RSA)* rsa); + +/* Deprecated version */ +version(OPENSSL_NO_DEPRECATED) {} else { +RSA* RSA_generate_key(int bits, c_ulong e,ExternC!(void + function(int,int,void*)) callback,void* cb_arg); +} /* !defined(OPENSSL_NO_DEPRECATED) */ + +/* New version */ +int RSA_generate_key_ex(RSA* rsa, int bits, BIGNUM* e, BN_GENCB* cb); + +int RSA_check_key(const(RSA)*); + /* next 4 return -1 on error */ +int RSA_public_encrypt(int flen, const(ubyte)* from, + ubyte* to, RSA* rsa,int padding); +int RSA_private_encrypt(int flen, const(ubyte)* from, + ubyte* to, RSA* rsa,int padding); +int RSA_public_decrypt(int flen, const(ubyte)* from, + ubyte* to, RSA* rsa,int padding); +int RSA_private_decrypt(int flen, const(ubyte)* from, + ubyte* to, RSA* rsa,int padding); +void RSA_free (RSA* r); +/* "up" the RSA object's reference count */ +int RSA_up_ref(RSA* r); + +int RSA_flags(const(RSA)* r); + +void RSA_set_default_method(const(RSA_METHOD)* meth); +const(RSA_METHOD)* RSA_get_default_method(); +const(RSA_METHOD)* RSA_get_method(const(RSA)* rsa); +int RSA_set_method(RSA* rsa, const(RSA_METHOD)* meth); + +/* This function needs the memory locking malloc callbacks to be installed */ +int RSA_memory_lock(RSA* r); + +/* these are the actual SSLeay RSA functions */ +const(RSA_METHOD)* RSA_PKCS1_SSLeay(); + +const(RSA_METHOD)* RSA_null_method(); + +mixin(DECLARE_ASN1_ENCODE_FUNCTIONS_const!("RSA", "RSAPublicKey")); +mixin(DECLARE_ASN1_ENCODE_FUNCTIONS_const!("RSA", "RSAPrivateKey")); + +struct rsa_pss_params_st + { + X509_ALGOR *hashAlgorithm; + X509_ALGOR *maskGenAlgorithm; + ASN1_INTEGER *saltLength; + ASN1_INTEGER *trailerField; + } +alias rsa_pss_params_st RSA_PSS_PARAMS; + +mixin(DECLARE_ASN1_FUNCTIONS!"RSA_PSS_PARAMS"); + +version(OPENSSL_NO_FP_API) {} else { +int RSA_print_fp(FILE* fp, const(RSA)* r,int offset); +} + +version(OPENSSL_NO_BIO) {} else { +int RSA_print(BIO* bp, const(RSA)* r,int offset); +} + +version(OPENSSL_NO_RC4) {} else { +int i2d_RSA_NET(const(RSA)* a, ubyte** pp, + ExternC!(int function(char* buf, int len, const(char)* prompt, int verify)) cb, + int sgckey); +RSA* d2i_RSA_NET(RSA** a, const(ubyte)** pp, c_long length, + ExternC!(int function(char* buf, int len, const(char)* prompt, int verify)) cb, + int sgckey); + +int i2d_Netscape_RSA(const(RSA)* a, ubyte** pp, + ExternC!(int function(char* buf, int len, const(char)* prompt, + int verify)) cb); +RSA* d2i_Netscape_RSA(RSA** a, const(ubyte)** pp, c_long length, + ExternC!(int function(char* buf, int len, const(char)* prompt, + int verify)) cb); +} + +/* The following 2 functions sign and verify a X509_SIG ASN1 object + * inside PKCS#1 padded RSA encryption */ +int RSA_sign(int type, const(ubyte)* m, uint m_length, + ubyte* sigret, uint* siglen, RSA* rsa); +int RSA_verify(int type, const(ubyte)* m, uint m_length, + const(ubyte)* sigbuf, uint siglen, RSA* rsa); + +/* The following 2 function sign and verify a ASN1_OCTET_STRING + * object inside PKCS#1 padded RSA encryption */ +int RSA_sign_ASN1_OCTET_STRING(int type, + const(ubyte)* m, uint m_length, + ubyte* sigret, uint* siglen, RSA* rsa); +int RSA_verify_ASN1_OCTET_STRING(int type, + const(ubyte)* m, uint m_length, + ubyte* sigbuf, uint siglen, RSA* rsa); + +int RSA_blinding_on(RSA* rsa, BN_CTX* ctx); +void RSA_blinding_off(RSA* rsa); +BN_BLINDING* RSA_setup_blinding(RSA* rsa, BN_CTX* ctx); + +int RSA_padding_add_PKCS1_type_1(ubyte* to,int tlen, + const(ubyte)* f,int fl); +int RSA_padding_check_PKCS1_type_1(ubyte* to,int tlen, + const(ubyte)* f,int fl,int rsa_len); +int RSA_padding_add_PKCS1_type_2(ubyte* to,int tlen, + const(ubyte)* f,int fl); +int RSA_padding_check_PKCS1_type_2(ubyte* to,int tlen, + const(ubyte)* f,int fl,int rsa_len); +int PKCS1_MGF1(ubyte* mask, c_long len, + const(ubyte)* seed, c_long seedlen, const(EVP_MD)* dgst); +int RSA_padding_add_PKCS1_OAEP(ubyte* to,int tlen, + const(ubyte)* f,int fl, + const(ubyte)* p,int pl); +int RSA_padding_check_PKCS1_OAEP(ubyte* to,int tlen, + const(ubyte)* f,int fl,int rsa_len, + const(ubyte)* p,int pl); +int RSA_padding_add_SSLv23(ubyte* to,int tlen, + const(ubyte)* f,int fl); +int RSA_padding_check_SSLv23(ubyte* to,int tlen, + const(ubyte)* f,int fl,int rsa_len); +int RSA_padding_add_none(ubyte* to,int tlen, + const(ubyte)* f,int fl); +int RSA_padding_check_none(ubyte* to,int tlen, + const(ubyte)* f,int fl,int rsa_len); +int RSA_padding_add_X931(ubyte* to,int tlen, + const(ubyte)* f,int fl); +int RSA_padding_check_X931(ubyte* to,int tlen, + const(ubyte)* f,int fl,int rsa_len); +int RSA_X931_hash_id(int nid); + +int RSA_verify_PKCS1_PSS(RSA* rsa, const(ubyte)* mHash, + const(EVP_MD)* Hash, const(ubyte)* EM, int sLen); +int RSA_padding_add_PKCS1_PSS(RSA* rsa, ubyte* EM, + const(ubyte)* mHash, + const(EVP_MD)* Hash, int sLen); + +int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const(ubyte)* mHash, + const(EVP_MD)* Hash, const(EVP_MD)* mgf1Hash, + const(ubyte)* EM, int sLen); + +int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, ubyte* EM, + const(ubyte)* mHash, + const(EVP_MD)* Hash, const(EVP_MD)* mgf1Hash, int sLen); + +int RSA_get_ex_new_index(c_long argl, void* argp, CRYPTO_EX_new* new_func, + CRYPTO_EX_dup* dup_func, CRYPTO_EX_free* free_func); +int RSA_set_ex_data(RSA* r,int idx,void* arg); +void* RSA_get_ex_data(const(RSA)* r, int idx); + +RSA* RSAPublicKey_dup(RSA* rsa); +RSA* RSAPrivateKey_dup(RSA* rsa); + +/* If this flag is set the RSA method is FIPS compliant and can be used + * in FIPS mode. This is set in the validated module method. If an + * application sets this flag in its own methods it is its responsibility + * to ensure the result is compliant. + */ + +enum RSA_FLAG_FIPS_METHOD = 0x0400; + +/* If this flag is set the operations normally disabled in FIPS mode are + * permitted it is then the applications responsibility to ensure that the + * usage is compliant. + */ + +enum RSA_FLAG_NON_FIPS_ALLOW = 0x0400; +/* Application has decided PRNG is good enough to generate a key: don't + * check. + */ +enum RSA_FLAG_CHECKED = 0x0800; + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_RSA_strings(); + +/* Error codes for the RSA functions. */ + +/* Function codes. */ +enum RSA_F_CHECK_PADDING_MD = 140; +enum RSA_F_DO_RSA_PRINT = 146; +enum RSA_F_INT_RSA_VERIFY = 145; +enum RSA_F_MEMORY_LOCK = 100; +enum RSA_F_OLD_RSA_PRIV_DECODE = 147; +enum RSA_F_PKEY_RSA_CTRL = 143; +enum RSA_F_PKEY_RSA_CTRL_STR = 144; +enum RSA_F_PKEY_RSA_SIGN = 142; +enum RSA_F_PKEY_RSA_VERIFY = 154; +enum RSA_F_PKEY_RSA_VERIFYRECOVER = 141; +enum RSA_F_RSA_BUILTIN_KEYGEN = 129; +enum RSA_F_RSA_CHECK_KEY = 123; +enum RSA_F_RSA_EAY_PRIVATE_DECRYPT = 101; +enum RSA_F_RSA_EAY_PRIVATE_ENCRYPT = 102; +enum RSA_F_RSA_EAY_PUBLIC_DECRYPT = 103; +enum RSA_F_RSA_EAY_PUBLIC_ENCRYPT = 104; +enum RSA_F_RSA_GENERATE_KEY = 105; +enum RSA_F_RSA_GENERATE_KEY_EX = 155; +enum RSA_F_RSA_ITEM_VERIFY = 156; +enum RSA_F_RSA_MEMORY_LOCK = 130; +enum RSA_F_RSA_NEW_METHOD = 106; +enum RSA_F_RSA_NULL = 124; +enum RSA_F_RSA_NULL_MOD_EXP = 131; +enum RSA_F_RSA_NULL_PRIVATE_DECRYPT = 132; +enum RSA_F_RSA_NULL_PRIVATE_ENCRYPT = 133; +enum RSA_F_RSA_NULL_PUBLIC_DECRYPT = 134; +enum RSA_F_RSA_NULL_PUBLIC_ENCRYPT = 135; +enum RSA_F_RSA_PADDING_ADD_NONE = 107; +enum RSA_F_RSA_PADDING_ADD_PKCS1_OAEP = 121; +enum RSA_F_RSA_PADDING_ADD_PKCS1_PSS = 125; +enum RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 = 148; +enum RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 = 108; +enum RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 = 109; +enum RSA_F_RSA_PADDING_ADD_SSLV23 = 110; +enum RSA_F_RSA_PADDING_ADD_X931 = 127; +enum RSA_F_RSA_PADDING_CHECK_NONE = 111; +enum RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP = 122; +enum RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 = 112; +enum RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 = 113; +enum RSA_F_RSA_PADDING_CHECK_SSLV23 = 114; +enum RSA_F_RSA_PADDING_CHECK_X931 = 128; +enum RSA_F_RSA_PRINT = 115; +enum RSA_F_RSA_PRINT_FP = 116; +enum RSA_F_RSA_PRIVATE_DECRYPT = 150; +enum RSA_F_RSA_PRIVATE_ENCRYPT = 151; +enum RSA_F_RSA_PRIV_DECODE = 137; +enum RSA_F_RSA_PRIV_ENCODE = 138; +enum RSA_F_RSA_PUBLIC_DECRYPT = 152; +enum RSA_F_RSA_PUBLIC_ENCRYPT = 153; +enum RSA_F_RSA_PUB_DECODE = 139; +enum RSA_F_RSA_SETUP_BLINDING = 136; +enum RSA_F_RSA_SIGN = 117; +enum RSA_F_RSA_SIGN_ASN1_OCTET_STRING = 118; +enum RSA_F_RSA_VERIFY = 119; +enum RSA_F_RSA_VERIFY_ASN1_OCTET_STRING = 120; +enum RSA_F_RSA_VERIFY_PKCS1_PSS = 126; +enum RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 = 149 +; +/* Reason codes. */ +enum RSA_R_ALGORITHM_MISMATCH = 100; +enum RSA_R_BAD_E_VALUE = 101; +enum RSA_R_BAD_FIXED_HEADER_DECRYPT = 102; +enum RSA_R_BAD_PAD_BYTE_COUNT = 103; +enum RSA_R_BAD_SIGNATURE = 104; +enum RSA_R_BLOCK_TYPE_IS_NOT_01 = 106; +enum RSA_R_BLOCK_TYPE_IS_NOT_02 = 107; +enum RSA_R_DATA_GREATER_THAN_MOD_LEN = 108; +enum RSA_R_DATA_TOO_LARGE = 109; +enum RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE = 110; +enum RSA_R_DATA_TOO_LARGE_FOR_MODULUS = 132; +enum RSA_R_DATA_TOO_SMALL = 111; +enum RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE = 122; +enum RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY = 112; +enum RSA_R_DMP1_NOT_CONGRUENT_TO_D = 124; +enum RSA_R_DMQ1_NOT_CONGRUENT_TO_D = 125; +enum RSA_R_D_E_NOT_CONGRUENT_TO_1 = 123; +enum RSA_R_FIRST_OCTET_INVALID = 133; +enum RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE = 144; +enum RSA_R_INVALID_DIGEST_LENGTH = 143; +enum RSA_R_INVALID_HEADER = 137; +enum RSA_R_INVALID_KEYBITS = 145; +enum RSA_R_INVALID_MESSAGE_LENGTH = 131; +enum RSA_R_INVALID_MGF1_MD = 156; +enum RSA_R_INVALID_PADDING = 138; +enum RSA_R_INVALID_PADDING_MODE = 141; +enum RSA_R_INVALID_PSS_PARAMETERS = 149; +enum RSA_R_INVALID_PSS_SALTLEN = 146; +enum RSA_R_INVALID_SALT_LENGTH = 150; +enum RSA_R_INVALID_TRAILER = 139; +enum RSA_R_INVALID_X931_DIGEST = 142; +enum RSA_R_IQMP_NOT_INVERSE_OF_Q = 126; +enum RSA_R_KEY_SIZE_TOO_SMALL = 120; +enum RSA_R_LAST_OCTET_INVALID = 134; +enum RSA_R_MODULUS_TOO_LARGE = 105; +enum RSA_R_NON_FIPS_RSA_METHOD = 157; +enum RSA_R_NO_PUBLIC_EXPONENT = 140; +enum RSA_R_NULL_BEFORE_BLOCK_MISSING = 113; +enum RSA_R_N_DOES_NOT_EQUAL_P_Q = 127; +enum RSA_R_OAEP_DECODING_ERROR = 121; +enum RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE = 158; +enum RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE = 148; +enum RSA_R_PADDING_CHECK_FAILED = 114; +enum RSA_R_P_NOT_PRIME = 128; +enum RSA_R_Q_NOT_PRIME = 129; +enum RSA_R_RSA_OPERATIONS_NOT_SUPPORTED = 130; +enum RSA_R_SLEN_CHECK_FAILED = 136; +enum RSA_R_SLEN_RECOVERY_FAILED = 135; +enum RSA_R_SSLV3_ROLLBACK_ATTACK = 115; +enum RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD = 116; +enum RSA_R_UNKNOWN_ALGORITHM_TYPE = 117; +enum RSA_R_UNKNOWN_MASK_DIGEST = 151; +enum RSA_R_UNKNOWN_PADDING_TYPE = 118; +enum RSA_R_UNKNOWN_PSS_DIGEST = 152; +enum RSA_R_UNSUPPORTED_MASK_ALGORITHM = 153; +enum RSA_R_UNSUPPORTED_MASK_PARAMETER = 154; +enum RSA_R_UNSUPPORTED_SIGNATURE_TYPE = 155; +enum RSA_R_VALUE_MISSING = 147; +enum RSA_R_WRONG_SIGNATURE_LENGTH = 119; diff --git a/deimos/openssl/safestack.d b/deimos/openssl/safestack.d new file mode 100644 index 0000000..5ed0056 --- /dev/null +++ b/deimos/openssl/safestack.d @@ -0,0 +1,2599 @@ +/* ==================================================================== + * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +module deimos.openssl.safestack; + +import deimos.openssl._d_util; + +// Needed for types stacks are defined for. +import deimos.openssl.cms; +import deimos.openssl.srp; +import deimos.openssl.x509v3; + +public import deimos.openssl.stack; + +void* CHECKED_PTR_OF(type)(type* p) { return cast(void*) (1 ? p : null); } + +/* In C++ we get problems because an explicit cast is needed from (void*) + * we use CHECKED_STACK_OF to ensure the correct type is passed in the macros + * below. + */ + +_STACK* CHECKED_STACK_OF (type)(STACK_OF!type* p) { return cast(_STACK*) (1 ? p : null); } + +ExternC!(void function(void*)) CHECKED_SK_FREE_FUNC(type)(ExternC!(void function(type*)) p) { + return cast(typeof(return))(1 ? p : null); +} + +ExternC!(void function(void*)) CHECKED_SK_FREE_FUNC2(type)(ExternC!(void function(type)) p) { + return cast(typeof(return))(1 ? p : null); +} + +ExternC!(void function(const(void)*, const(void)*)) CHECKED_SK_CMP_FUNC(type)(ExternC!(int function(const(type*)*, const(type*)*)) p) { + return cast(typeof(return))(1 ? p : null); +} + +struct STACK_OF(type = void) { // void is an arbitrary default value for STACK_OF!() + _STACK stack; +} + +// Empty because we use STACK_OF directly as a struct. +mixin template PREDECLARE_STACK_OF(string type) {} +mixin template DECLARE_STACK_OF(T = void) {} +mixin template DECLARE_SPECIAL_STACK_OF(T, U) {} + +mixin template IMPLEMENT_STACK_OF(string type) {} /* nada (obsolete in new safestack approach)*/ + + +/* Strings are special: normally an lhash entry will point to a single + * (somewhat) mutable object. In the case of strings: + * + * a) Instead of a single char, there is an array of chars, NUL-terminated. + * b) The string may have be immutable. + * + * So, they need their own declarations. Especially important for + * type-checking tools, such as Deputy. + * + * In practice, however, it appears to be hard to have a const + * string. For now, I'm settling for dealing with the fact it is a + * string at all. + */ +alias char* OPENSSL_STRING; + +alias const(char)* OPENSSL_CSTRING; + +/* Confusingly, LHASH_OF!(STRING) deals with char** throughout, but + * STACK_OF!(STRING) is really more like STACK_OF!(char), only, as + * mentioned above, instead of a single char each entry is a + * NUL-terminated array of chars. So, we have to implement STRING + * specially for STACK_OF. This is dealt with in the autogenerated + * macros below. + */ + +mixin DECLARE_SPECIAL_STACK_OF!(OPENSSL_STRING, char); +/* Similarly, we sometimes use a block of characters, NOT + * nul-terminated. These should also be distinguished from "normal" + * stacks. */ + +alias void* OPENSSL_BLOCK; +mixin DECLARE_SPECIAL_STACK_OF!(OPENSSL_BLOCK, void); +/* SKM_sk_... stack macros are internal to safestack.h: + * never use them directly, use sk__... instead */ +template SKM_sk_new(type) { STACK_OF!type* SKM_sk_new()(ExternC!(int function(const(type*)*, const(type*)*)) cmp) + { return cast(STACK_OF!type*)sk_new(CHECKED_SK_CMP_FUNC(cmp)); }} +template SKM_sk_new_null(type) { STACK_OF!type* SKM_sk_new_null()() + { return cast(STACK_OF!type*)sk_new_null(); }} +template SKM_sk_free(type) { void SKM_sk_free()(STACK_OF!type* st) + { sk_free(CHECKED_STACK_OF!type(st)); }} +template SKM_sk_num(type) { int SKM_sk_num()(STACK_OF!type* st) + { return sk_num(CHECKED_STACK_OF!type(st)); }} +template SKM_sk_value(type) { type* SKM_sk_value()(STACK_OF!type* st, int i) + { return cast(type*)sk_value(CHECKED_STACK_OF!type(st), i); }} +template SKM_sk_set(type) { type* SKM_sk_set()(STACK_OF!type* st, int i, type* val) + { return cast(type*)sk_set(CHECKED_STACK_OF!type(st), i, CHECKED_PTR_OF(val)); }} +template SKM_sk_zero(type) { void SKM_sk_zero()(STACK_OF!type* st) + { sk_zero(CHECKED_STACK_OF!type(st)); }} +template SKM_sk_push(type) { int SKM_sk_push()(STACK_OF!type* st, type* val) + { return sk_push(CHECKED_STACK_OF!type(st), CHECKED_PTR_OF(val)); }} +template SKM_sk_unshift(type) { int SKM_sk_unshift()(STACK_OF!type* st, type* val) + { return sk_unshift(CHECKED_STACK_OF!type(st), CHECKED_PTR_OF(val)); }} +template SKM_sk_find(type) { int SKM_sk_find()(STACK_OF!type* st, type* val) + { return sk_find(CHECKED_STACK_OF!type(st), CHECKED_PTR_OF!type(val)); }} +template SKM_sk_find_ex(type) { int SKM_sk_find_ex()(STACK_OF!type* st, type* val) + { return sk_find_ex(CHECKED_STACK_OF!type(st), CHECKED_PTR_OF!type(val)); }} +template SKM_sk_delete(type) { type* SKM_sk_delete()(STACK_OF!type* st, int i) + { return cast(type*)sk_delete(CHECKED_STACK_OF!type(st), i); }} +template SKM_sk_delete_ptr(type) { type* SKM_sk_delete_ptr()(STACK_OF!type* st, type* ptr) + { return cast(type*)sk_delete_ptr(CHECKED_STACK_OF!type(st), CHECKED_PTR_OF!type(ptr)); }} +template SKM_sk_insert(type) { int SKM_sk_insert()(STACK_OF!type* st,type* val, int i) + { return sk_insert(CHECKED_STACK_OF!type(st), CHECKED_PTR_OF!type(val), i); }} +template SKM_sk_set_cmp_func(type) { ExternC!(int function(const(type*)*, const(type*)*)) SKM_sk_set_cmp_func(type)(STACK_OF!type* st, int function(const(type*)*, const(type*)*) cmp) + { return cast(typeof(return))sk_set_cmp_func(CHECKED_STACK_OF!type(st), CHECKED_SK_CMP_FUNC(cmp)); }} +template SKM_sk_dup(type) { STACK_OF!type* SKM_sk_dup()(STACK_OF!type* st) + { return cast(STACK_OF!type*)sk_dup(CHECKED_STACK_OF!type(st)); }} +template SKM_sk_pop_free(type) { void SKM_sk_pop_free()(STACK_OF!type* st, ExternC!(void function(type*)) free_func) + { return sk_pop_free(CHECKED_STACK_OF!type(st), CHECKED_SK_FREE_FUNC!type(free_func)); }} +template SKM_sk_shift(type) { type* SKM_sk_shift()(STACK_OF!type* st) + { return cast(type*)sk_shift(CHECKED_STACK_OF!type(st)); }} +template SKM_sk_pop(type) { type* SKM_sk_pop()(STACK_OF!type* st) + { return cast(type*)sk_pop(CHECKED_STACK_OF!type(st)); }} +template SKM_sk_sort(type) { void SKM_sk_sort()(STACK_OF!type* st) + { sk_sort(CHECKED_STACK_OF!type(st)); }} +template SKM_sk_is_sorted(type) { int SKM_sk_is_sorted()(STACK_OF!type* st) + { return sk_is_sorted(CHECKED_STACK_OF!type(st)); }} + +template SKM_ASN1_SET_OF_d2i(type) { + STACK_OF!type* SKM_ASN1_SET_OF_d2i()(STACK_OF!type** st, + const(ubyte)** pp, c_long length, D2I_OF!type d2i_func, + ExternC!(void function(type*)) free_func, int ex_tag, int ex_class + ) { + return cast(STACK_OF!type*)d2i_ASN1_SET( + cast(STACK_OF!OPENSSL_BLOCK**)CHECKED_PTR_OF!(STACK_OF!type*)(st), + pp, length, + CHECKED_D2I_OF!type(d2i_func), + CHECKED_SK_FREE_FUNC!type(free_func), + ex_tag, ex_class + ); + } +} +template SKM_ASN1_SET_OF_i2d(type) { + auto SKM_ASN1_SET_OF_i2d()(STACK_OF!(type)* st, ubyte** pp, + I2D_OF!type i2d_func, int ex_tag, int ex_class, int is_set + ) { + return i2d_ASN1_SET(cast(STACK_OF!OPENSSL_BLOCK*)CHECKED_STACK_OF!type(st), + pp, CHECKED_I2D_OF!type(i2d_func), ex_tag, ex_class, is_set); + } +} +template SKM_ASN1_seq_pack(type) { + ubyte* SKM_ASN1_seq_pack()(STACK_OF!type* st, I2D_OF!type i2d_func, + ubyte** buf, int* len + ) { + return ASN1_seq_pack(cast(STACK_OF!OPENSSL_BLOCK*)CHECKED_STACK_OF!type(st), + CHECKED_I2D_OF!type(i2d_func), buf, len); + } +} +template SKM_ASN1_seq_unpack(type) { + STACK_OF!(type)* SKM_ASN1_seq_unpack()(const(ubyte)* buf, int len, + D2I_OF!type d2i, ExternC!(void function(type*)) free_func + ) { + return cast(STACK_OF!(type)*)ASN1_seq_unpack(buf, len, + CHECKED_D2I_OF!type(d2i), CHECKED_SK_FREE_FUNC!type(free_func)); + } +} + +// FIXME: This looks like a bug in the original headers, PKCS12_decrypt_d2i +// does not exist. +// #define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \ +// (STACK_OF!(type) *)PKCS12_decrypt_d2i(algor, \ +// CHECKED_D2I_OF(type, d2i_func), \ +// CHECKED_SK_FREE_FUNC(type, free_func), \ +// pass, passlen, oct, seq) + +/* This block of defines is updated by util/mkstack.pl, please do not touch! */ +alias SKM_sk_new!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_new; +alias SKM_sk_new_null!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_new_null; +alias SKM_sk_free!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_free; +alias SKM_sk_num!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_num; +alias SKM_sk_value!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_value; +alias SKM_sk_set!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_set; +alias SKM_sk_zero!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_zero; +alias SKM_sk_push!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_push; +alias SKM_sk_unshift!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_unshift; +alias SKM_sk_find!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_find; +alias SKM_sk_find_ex!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_find_ex; +alias SKM_sk_delete!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_delete; +alias SKM_sk_delete_ptr!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_delete_ptr; +alias SKM_sk_insert!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_insert; +alias SKM_sk_set_cmp_func!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_set_cmp_func; +alias SKM_sk_dup!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_dup; +alias SKM_sk_pop_free!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_pop_free; +alias SKM_sk_shift!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_shift; +alias SKM_sk_pop!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_pop; +alias SKM_sk_sort!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_sort; +alias SKM_sk_is_sorted!ACCESS_DESCRIPTION sk_ACCESS_DESCRIPTION_is_sorted; + +alias SKM_sk_new!ASIdOrRange sk_ASIdOrRange_new; +alias SKM_sk_new_null!ASIdOrRange sk_ASIdOrRange_new_null; +alias SKM_sk_free!ASIdOrRange sk_ASIdOrRange_free; +alias SKM_sk_num!ASIdOrRange sk_ASIdOrRange_num; +alias SKM_sk_value!ASIdOrRange sk_ASIdOrRange_value; +alias SKM_sk_set!ASIdOrRange sk_ASIdOrRange_set; +alias SKM_sk_zero!ASIdOrRange sk_ASIdOrRange_zero; +alias SKM_sk_push!ASIdOrRange sk_ASIdOrRange_push; +alias SKM_sk_unshift!ASIdOrRange sk_ASIdOrRange_unshift; +alias SKM_sk_find!ASIdOrRange sk_ASIdOrRange_find; +alias SKM_sk_find_ex!ASIdOrRange sk_ASIdOrRange_find_ex; +alias SKM_sk_delete!ASIdOrRange sk_ASIdOrRange_delete; +alias SKM_sk_delete_ptr!ASIdOrRange sk_ASIdOrRange_delete_ptr; +alias SKM_sk_insert!ASIdOrRange sk_ASIdOrRange_insert; +alias SKM_sk_set_cmp_func!ASIdOrRange sk_ASIdOrRange_set_cmp_func; +alias SKM_sk_dup!ASIdOrRange sk_ASIdOrRange_dup; +alias SKM_sk_pop_free!ASIdOrRange sk_ASIdOrRange_pop_free; +alias SKM_sk_shift!ASIdOrRange sk_ASIdOrRange_shift; +alias SKM_sk_pop!ASIdOrRange sk_ASIdOrRange_pop; +alias SKM_sk_sort!ASIdOrRange sk_ASIdOrRange_sort; +alias SKM_sk_is_sorted!ASIdOrRange sk_ASIdOrRange_is_sorted; + +alias SKM_sk_new!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_new; +alias SKM_sk_new_null!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_new_null; +alias SKM_sk_free!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_free; +alias SKM_sk_num!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_num; +alias SKM_sk_value!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_value; +alias SKM_sk_set!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_set; +alias SKM_sk_zero!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_zero; +alias SKM_sk_push!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_push; +alias SKM_sk_unshift!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_unshift; +alias SKM_sk_find!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_find; +alias SKM_sk_find_ex!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_find_ex; +alias SKM_sk_delete!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_delete; +alias SKM_sk_delete_ptr!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_delete_ptr; +alias SKM_sk_insert!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_insert; +alias SKM_sk_set_cmp_func!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_set_cmp_func; +alias SKM_sk_dup!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_dup; +alias SKM_sk_pop_free!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_pop_free; +alias SKM_sk_shift!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_shift; +alias SKM_sk_pop!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_pop; +alias SKM_sk_sort!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_sort; +alias SKM_sk_is_sorted!ASN1_GENERALSTRING sk_ASN1_GENERALSTRING_is_sorted; + +alias SKM_sk_new!ASN1_INTEGER sk_ASN1_INTEGER_new; +alias SKM_sk_new_null!ASN1_INTEGER sk_ASN1_INTEGER_new_null; +alias SKM_sk_free!ASN1_INTEGER sk_ASN1_INTEGER_free; +alias SKM_sk_num!ASN1_INTEGER sk_ASN1_INTEGER_num; +alias SKM_sk_value!ASN1_INTEGER sk_ASN1_INTEGER_value; +alias SKM_sk_set!ASN1_INTEGER sk_ASN1_INTEGER_set; +alias SKM_sk_zero!ASN1_INTEGER sk_ASN1_INTEGER_zero; +alias SKM_sk_push!ASN1_INTEGER sk_ASN1_INTEGER_push; +alias SKM_sk_unshift!ASN1_INTEGER sk_ASN1_INTEGER_unshift; +alias SKM_sk_find!ASN1_INTEGER sk_ASN1_INTEGER_find; +alias SKM_sk_find_ex!ASN1_INTEGER sk_ASN1_INTEGER_find_ex; +alias SKM_sk_delete!ASN1_INTEGER sk_ASN1_INTEGER_delete; +alias SKM_sk_delete_ptr!ASN1_INTEGER sk_ASN1_INTEGER_delete_ptr; +alias SKM_sk_insert!ASN1_INTEGER sk_ASN1_INTEGER_insert; +alias SKM_sk_set_cmp_func!ASN1_INTEGER sk_ASN1_INTEGER_set_cmp_func; +alias SKM_sk_dup!ASN1_INTEGER sk_ASN1_INTEGER_dup; +alias SKM_sk_pop_free!ASN1_INTEGER sk_ASN1_INTEGER_pop_free; +alias SKM_sk_shift!ASN1_INTEGER sk_ASN1_INTEGER_shift; +alias SKM_sk_pop!ASN1_INTEGER sk_ASN1_INTEGER_pop; +alias SKM_sk_sort!ASN1_INTEGER sk_ASN1_INTEGER_sort; +alias SKM_sk_is_sorted!ASN1_INTEGER sk_ASN1_INTEGER_is_sorted; + +alias SKM_sk_new!ASN1_OBJECT sk_ASN1_OBJECT_new; +alias SKM_sk_new_null!ASN1_OBJECT sk_ASN1_OBJECT_new_null; +alias SKM_sk_free!ASN1_OBJECT sk_ASN1_OBJECT_free; +alias SKM_sk_num!ASN1_OBJECT sk_ASN1_OBJECT_num; +alias SKM_sk_value!ASN1_OBJECT sk_ASN1_OBJECT_value; +alias SKM_sk_set!ASN1_OBJECT sk_ASN1_OBJECT_set; +alias SKM_sk_zero!ASN1_OBJECT sk_ASN1_OBJECT_zero; +alias SKM_sk_push!ASN1_OBJECT sk_ASN1_OBJECT_push; +alias SKM_sk_unshift!ASN1_OBJECT sk_ASN1_OBJECT_unshift; +alias SKM_sk_find!ASN1_OBJECT sk_ASN1_OBJECT_find; +alias SKM_sk_find_ex!ASN1_OBJECT sk_ASN1_OBJECT_find_ex; +alias SKM_sk_delete!ASN1_OBJECT sk_ASN1_OBJECT_delete; +alias SKM_sk_delete_ptr!ASN1_OBJECT sk_ASN1_OBJECT_delete_ptr; +alias SKM_sk_insert!ASN1_OBJECT sk_ASN1_OBJECT_insert; +alias SKM_sk_set_cmp_func!ASN1_OBJECT sk_ASN1_OBJECT_set_cmp_func; +alias SKM_sk_dup!ASN1_OBJECT sk_ASN1_OBJECT_dup; +alias SKM_sk_pop_free!ASN1_OBJECT sk_ASN1_OBJECT_pop_free; +alias SKM_sk_shift!ASN1_OBJECT sk_ASN1_OBJECT_shift; +alias SKM_sk_pop!ASN1_OBJECT sk_ASN1_OBJECT_pop; +alias SKM_sk_sort!ASN1_OBJECT sk_ASN1_OBJECT_sort; +alias SKM_sk_is_sorted!ASN1_OBJECT sk_ASN1_OBJECT_is_sorted; + +alias SKM_sk_new!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_new; +alias SKM_sk_new_null!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_new_null; +alias SKM_sk_free!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_free; +alias SKM_sk_num!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_num; +alias SKM_sk_value!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_value; +alias SKM_sk_set!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_set; +alias SKM_sk_zero!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_zero; +alias SKM_sk_push!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_push; +alias SKM_sk_unshift!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_unshift; +alias SKM_sk_find!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_find; +alias SKM_sk_find_ex!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_find_ex; +alias SKM_sk_delete!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_delete; +alias SKM_sk_delete_ptr!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_delete_ptr; +alias SKM_sk_insert!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_insert; +alias SKM_sk_set_cmp_func!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_set_cmp_func; +alias SKM_sk_dup!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_dup; +alias SKM_sk_pop_free!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_pop_free; +alias SKM_sk_shift!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_shift; +alias SKM_sk_pop!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_pop; +alias SKM_sk_sort!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_sort; +alias SKM_sk_is_sorted!ASN1_STRING_TABLE sk_ASN1_STRING_TABLE_is_sorted; + +alias SKM_sk_new!ASN1_TYPE sk_ASN1_TYPE_new; +alias SKM_sk_new_null!ASN1_TYPE sk_ASN1_TYPE_new_null; +alias SKM_sk_free!ASN1_TYPE sk_ASN1_TYPE_free; +alias SKM_sk_num!ASN1_TYPE sk_ASN1_TYPE_num; +alias SKM_sk_value!ASN1_TYPE sk_ASN1_TYPE_value; +alias SKM_sk_set!ASN1_TYPE sk_ASN1_TYPE_set; +alias SKM_sk_zero!ASN1_TYPE sk_ASN1_TYPE_zero; +alias SKM_sk_push!ASN1_TYPE sk_ASN1_TYPE_push; +alias SKM_sk_unshift!ASN1_TYPE sk_ASN1_TYPE_unshift; +alias SKM_sk_find!ASN1_TYPE sk_ASN1_TYPE_find; +alias SKM_sk_find_ex!ASN1_TYPE sk_ASN1_TYPE_find_ex; +alias SKM_sk_delete!ASN1_TYPE sk_ASN1_TYPE_delete; +alias SKM_sk_delete_ptr!ASN1_TYPE sk_ASN1_TYPE_delete_ptr; +alias SKM_sk_insert!ASN1_TYPE sk_ASN1_TYPE_insert; +alias SKM_sk_set_cmp_func!ASN1_TYPE sk_ASN1_TYPE_set_cmp_func; +alias SKM_sk_dup!ASN1_TYPE sk_ASN1_TYPE_dup; +alias SKM_sk_pop_free!ASN1_TYPE sk_ASN1_TYPE_pop_free; +alias SKM_sk_shift!ASN1_TYPE sk_ASN1_TYPE_shift; +alias SKM_sk_pop!ASN1_TYPE sk_ASN1_TYPE_pop; +alias SKM_sk_sort!ASN1_TYPE sk_ASN1_TYPE_sort; +alias SKM_sk_is_sorted!ASN1_TYPE sk_ASN1_TYPE_is_sorted; + +alias SKM_sk_new!ASN1_UTF8STRING sk_ASN1_UTF8STRING_new; +alias SKM_sk_new_null!ASN1_UTF8STRING sk_ASN1_UTF8STRING_new_null; +alias SKM_sk_free!ASN1_UTF8STRING sk_ASN1_UTF8STRING_free; +alias SKM_sk_num!ASN1_UTF8STRING sk_ASN1_UTF8STRING_num; +alias SKM_sk_value!ASN1_UTF8STRING sk_ASN1_UTF8STRING_value; +alias SKM_sk_set!ASN1_UTF8STRING sk_ASN1_UTF8STRING_set; +alias SKM_sk_zero!ASN1_UTF8STRING sk_ASN1_UTF8STRING_zero; +alias SKM_sk_push!ASN1_UTF8STRING sk_ASN1_UTF8STRING_push; +alias SKM_sk_unshift!ASN1_UTF8STRING sk_ASN1_UTF8STRING_unshift; +alias SKM_sk_find!ASN1_UTF8STRING sk_ASN1_UTF8STRING_find; +alias SKM_sk_find_ex!ASN1_UTF8STRING sk_ASN1_UTF8STRING_find_ex; +alias SKM_sk_delete!ASN1_UTF8STRING sk_ASN1_UTF8STRING_delete; +alias SKM_sk_delete_ptr!ASN1_UTF8STRING sk_ASN1_UTF8STRING_delete_ptr; +alias SKM_sk_insert!ASN1_UTF8STRING sk_ASN1_UTF8STRING_insert; +alias SKM_sk_set_cmp_func!ASN1_UTF8STRING sk_ASN1_UTF8STRING_set_cmp_func; +alias SKM_sk_dup!ASN1_UTF8STRING sk_ASN1_UTF8STRING_dup; +alias SKM_sk_pop_free!ASN1_UTF8STRING sk_ASN1_UTF8STRING_pop_free; +alias SKM_sk_shift!ASN1_UTF8STRING sk_ASN1_UTF8STRING_shift; +alias SKM_sk_pop!ASN1_UTF8STRING sk_ASN1_UTF8STRING_pop; +alias SKM_sk_sort!ASN1_UTF8STRING sk_ASN1_UTF8STRING_sort; +alias SKM_sk_is_sorted!ASN1_UTF8STRING sk_ASN1_UTF8STRING_is_sorted; + +alias SKM_sk_new!ASN1_VALUE sk_ASN1_VALUE_new; +alias SKM_sk_new_null!ASN1_VALUE sk_ASN1_VALUE_new_null; +alias SKM_sk_free!ASN1_VALUE sk_ASN1_VALUE_free; +alias SKM_sk_num!ASN1_VALUE sk_ASN1_VALUE_num; +alias SKM_sk_value!ASN1_VALUE sk_ASN1_VALUE_value; +alias SKM_sk_set!ASN1_VALUE sk_ASN1_VALUE_set; +alias SKM_sk_zero!ASN1_VALUE sk_ASN1_VALUE_zero; +alias SKM_sk_push!ASN1_VALUE sk_ASN1_VALUE_push; +alias SKM_sk_unshift!ASN1_VALUE sk_ASN1_VALUE_unshift; +alias SKM_sk_find!ASN1_VALUE sk_ASN1_VALUE_find; +alias SKM_sk_find_ex!ASN1_VALUE sk_ASN1_VALUE_find_ex; +alias SKM_sk_delete!ASN1_VALUE sk_ASN1_VALUE_delete; +alias SKM_sk_delete_ptr!ASN1_VALUE sk_ASN1_VALUE_delete_ptr; +alias SKM_sk_insert!ASN1_VALUE sk_ASN1_VALUE_insert; +alias SKM_sk_set_cmp_func!ASN1_VALUE sk_ASN1_VALUE_set_cmp_func; +alias SKM_sk_dup!ASN1_VALUE sk_ASN1_VALUE_dup; +alias SKM_sk_pop_free!ASN1_VALUE sk_ASN1_VALUE_pop_free; +alias SKM_sk_shift!ASN1_VALUE sk_ASN1_VALUE_shift; +alias SKM_sk_pop!ASN1_VALUE sk_ASN1_VALUE_pop; +alias SKM_sk_sort!ASN1_VALUE sk_ASN1_VALUE_sort; +alias SKM_sk_is_sorted!ASN1_VALUE sk_ASN1_VALUE_is_sorted; + +alias SKM_sk_new!BIO sk_BIO_new; +alias SKM_sk_new_null!BIO sk_BIO_new_null; +alias SKM_sk_free!BIO sk_BIO_free; +alias SKM_sk_num!BIO sk_BIO_num; +alias SKM_sk_value!BIO sk_BIO_value; +alias SKM_sk_set!BIO sk_BIO_set; +alias SKM_sk_zero!BIO sk_BIO_zero; +alias SKM_sk_push!BIO sk_BIO_push; +alias SKM_sk_unshift!BIO sk_BIO_unshift; +alias SKM_sk_find!BIO sk_BIO_find; +alias SKM_sk_find_ex!BIO sk_BIO_find_ex; +alias SKM_sk_delete!BIO sk_BIO_delete; +alias SKM_sk_delete_ptr!BIO sk_BIO_delete_ptr; +alias SKM_sk_insert!BIO sk_BIO_insert; +alias SKM_sk_set_cmp_func!BIO sk_BIO_set_cmp_func; +alias SKM_sk_dup!BIO sk_BIO_dup; +alias SKM_sk_pop_free!BIO sk_BIO_pop_free; +alias SKM_sk_shift!BIO sk_BIO_shift; +alias SKM_sk_pop!BIO sk_BIO_pop; +alias SKM_sk_sort!BIO sk_BIO_sort; +alias SKM_sk_is_sorted!BIO sk_BIO_is_sorted; + +/+ Internal crypto types, not exposed. +alias SKM_sk_new!BY_DIR_ENTRY sk_BY_DIR_ENTRY_new; +alias SKM_sk_new_null!BY_DIR_ENTRY sk_BY_DIR_ENTRY_new_null; +alias SKM_sk_free!BY_DIR_ENTRY sk_BY_DIR_ENTRY_free; +alias SKM_sk_num!BY_DIR_ENTRY sk_BY_DIR_ENTRY_num; +alias SKM_sk_value!BY_DIR_ENTRY sk_BY_DIR_ENTRY_value; +alias SKM_sk_set!BY_DIR_ENTRY sk_BY_DIR_ENTRY_set; +alias SKM_sk_zero!BY_DIR_ENTRY sk_BY_DIR_ENTRY_zero; +alias SKM_sk_push!BY_DIR_ENTRY sk_BY_DIR_ENTRY_push; +alias SKM_sk_unshift!BY_DIR_ENTRY sk_BY_DIR_ENTRY_unshift; +alias SKM_sk_find!BY_DIR_ENTRY sk_BY_DIR_ENTRY_find; +alias SKM_sk_find_ex!BY_DIR_ENTRY sk_BY_DIR_ENTRY_find_ex; +alias SKM_sk_delete!BY_DIR_ENTRY sk_BY_DIR_ENTRY_delete; +alias SKM_sk_delete_ptr!BY_DIR_ENTRY sk_BY_DIR_ENTRY_delete_ptr; +alias SKM_sk_insert!BY_DIR_ENTRY sk_BY_DIR_ENTRY_insert; +alias SKM_sk_set_cmp_func!BY_DIR_ENTRY sk_BY_DIR_ENTRY_set_cmp_func; +alias SKM_sk_dup!BY_DIR_ENTRY sk_BY_DIR_ENTRY_dup; +alias SKM_sk_pop_free!BY_DIR_ENTRY sk_BY_DIR_ENTRY_pop_free; +alias SKM_sk_shift!BY_DIR_ENTRY sk_BY_DIR_ENTRY_shift; +alias SKM_sk_pop!BY_DIR_ENTRY sk_BY_DIR_ENTRY_pop; +alias SKM_sk_sort!BY_DIR_ENTRY sk_BY_DIR_ENTRY_sort; +alias SKM_sk_is_sorted!BY_DIR_ENTRY sk_BY_DIR_ENTRY_is_sorted; + +alias SKM_sk_new!BY_DIR_HASH sk_BY_DIR_HASH_new; +alias SKM_sk_new_null!BY_DIR_HASH sk_BY_DIR_HASH_new_null; +alias SKM_sk_free!BY_DIR_HASH sk_BY_DIR_HASH_free; +alias SKM_sk_num!BY_DIR_HASH sk_BY_DIR_HASH_num; +alias SKM_sk_value!BY_DIR_HASH sk_BY_DIR_HASH_value; +alias SKM_sk_set!BY_DIR_HASH sk_BY_DIR_HASH_set; +alias SKM_sk_zero!BY_DIR_HASH sk_BY_DIR_HASH_zero; +alias SKM_sk_push!BY_DIR_HASH sk_BY_DIR_HASH_push; +alias SKM_sk_unshift!BY_DIR_HASH sk_BY_DIR_HASH_unshift; +alias SKM_sk_find!BY_DIR_HASH sk_BY_DIR_HASH_find; +alias SKM_sk_find_ex!BY_DIR_HASH sk_BY_DIR_HASH_find_ex; +alias SKM_sk_delete!BY_DIR_HASH sk_BY_DIR_HASH_delete; +alias SKM_sk_delete_ptr!BY_DIR_HASH sk_BY_DIR_HASH_delete_ptr; +alias SKM_sk_insert!BY_DIR_HASH sk_BY_DIR_HASH_insert; +alias SKM_sk_set_cmp_func!BY_DIR_HASH sk_BY_DIR_HASH_set_cmp_func; +alias SKM_sk_dup!BY_DIR_HASH sk_BY_DIR_HASH_dup; +alias SKM_sk_pop_free!BY_DIR_HASH sk_BY_DIR_HASH_pop_free; +alias SKM_sk_shift!BY_DIR_HASH sk_BY_DIR_HASH_shift; +alias SKM_sk_pop!BY_DIR_HASH sk_BY_DIR_HASH_pop; +alias SKM_sk_sort!BY_DIR_HASH sk_BY_DIR_HASH_sort; +alias SKM_sk_is_sorted!BY_DIR_HASH sk_BY_DIR_HASH_is_sorted; ++/ + +alias SKM_sk_new!CMS_CertificateChoices sk_CMS_CertificateChoices_new; +alias SKM_sk_new_null!CMS_CertificateChoices sk_CMS_CertificateChoices_new_null; +alias SKM_sk_free!CMS_CertificateChoices sk_CMS_CertificateChoices_free; +alias SKM_sk_num!CMS_CertificateChoices sk_CMS_CertificateChoices_num; +alias SKM_sk_value!CMS_CertificateChoices sk_CMS_CertificateChoices_value; +alias SKM_sk_set!CMS_CertificateChoices sk_CMS_CertificateChoices_set; +alias SKM_sk_zero!CMS_CertificateChoices sk_CMS_CertificateChoices_zero; +alias SKM_sk_push!CMS_CertificateChoices sk_CMS_CertificateChoices_push; +alias SKM_sk_unshift!CMS_CertificateChoices sk_CMS_CertificateChoices_unshift; +alias SKM_sk_find!CMS_CertificateChoices sk_CMS_CertificateChoices_find; +alias SKM_sk_find_ex!CMS_CertificateChoices sk_CMS_CertificateChoices_find_ex; +alias SKM_sk_delete!CMS_CertificateChoices sk_CMS_CertificateChoices_delete; +alias SKM_sk_delete_ptr!CMS_CertificateChoices sk_CMS_CertificateChoices_delete_ptr; +alias SKM_sk_insert!CMS_CertificateChoices sk_CMS_CertificateChoices_insert; +alias SKM_sk_set_cmp_func!CMS_CertificateChoices sk_CMS_CertificateChoices_set_cmp_func; +alias SKM_sk_dup!CMS_CertificateChoices sk_CMS_CertificateChoices_dup; +alias SKM_sk_pop_free!CMS_CertificateChoices sk_CMS_CertificateChoices_pop_free; +alias SKM_sk_shift!CMS_CertificateChoices sk_CMS_CertificateChoices_shift; +alias SKM_sk_pop!CMS_CertificateChoices sk_CMS_CertificateChoices_pop; +alias SKM_sk_sort!CMS_CertificateChoices sk_CMS_CertificateChoices_sort; +alias SKM_sk_is_sorted!CMS_CertificateChoices sk_CMS_CertificateChoices_is_sorted; + +alias SKM_sk_new!CMS_RecipientInfo sk_CMS_RecipientInfo_new; +alias SKM_sk_new_null!CMS_RecipientInfo sk_CMS_RecipientInfo_new_null; +alias SKM_sk_free!CMS_RecipientInfo sk_CMS_RecipientInfo_free; +alias SKM_sk_num!CMS_RecipientInfo sk_CMS_RecipientInfo_num; +alias SKM_sk_value!CMS_RecipientInfo sk_CMS_RecipientInfo_value; +alias SKM_sk_set!CMS_RecipientInfo sk_CMS_RecipientInfo_set; +alias SKM_sk_zero!CMS_RecipientInfo sk_CMS_RecipientInfo_zero; +alias SKM_sk_push!CMS_RecipientInfo sk_CMS_RecipientInfo_push; +alias SKM_sk_unshift!CMS_RecipientInfo sk_CMS_RecipientInfo_unshift; +alias SKM_sk_find!CMS_RecipientInfo sk_CMS_RecipientInfo_find; +alias SKM_sk_find_ex!CMS_RecipientInfo sk_CMS_RecipientInfo_find_ex; +alias SKM_sk_delete!CMS_RecipientInfo sk_CMS_RecipientInfo_delete; +alias SKM_sk_delete_ptr!CMS_RecipientInfo sk_CMS_RecipientInfo_delete_ptr; +alias SKM_sk_insert!CMS_RecipientInfo sk_CMS_RecipientInfo_insert; +alias SKM_sk_set_cmp_func!CMS_RecipientInfo sk_CMS_RecipientInfo_set_cmp_func; +alias SKM_sk_dup!CMS_RecipientInfo sk_CMS_RecipientInfo_dup; +alias SKM_sk_pop_free!CMS_RecipientInfo sk_CMS_RecipientInfo_pop_free; +alias SKM_sk_shift!CMS_RecipientInfo sk_CMS_RecipientInfo_shift; +alias SKM_sk_pop!CMS_RecipientInfo sk_CMS_RecipientInfo_pop; +alias SKM_sk_sort!CMS_RecipientInfo sk_CMS_RecipientInfo_sort; +alias SKM_sk_is_sorted!CMS_RecipientInfo sk_CMS_RecipientInfo_is_sorted; + +alias SKM_sk_new!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_new; +alias SKM_sk_new_null!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_new_null; +alias SKM_sk_free!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_free; +alias SKM_sk_num!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_num; +alias SKM_sk_value!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_value; +alias SKM_sk_set!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_set; +alias SKM_sk_zero!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_zero; +alias SKM_sk_push!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_push; +alias SKM_sk_unshift!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_unshift; +alias SKM_sk_find!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_find; +alias SKM_sk_find_ex!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_find_ex; +alias SKM_sk_delete!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_delete; +alias SKM_sk_delete_ptr!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_delete_ptr; +alias SKM_sk_insert!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_insert; +alias SKM_sk_set_cmp_func!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_set_cmp_func; +alias SKM_sk_dup!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_dup; +alias SKM_sk_pop_free!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_pop_free; +alias SKM_sk_shift!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_shift; +alias SKM_sk_pop!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_pop; +alias SKM_sk_sort!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_sort; +alias SKM_sk_is_sorted!CMS_RevocationInfoChoice sk_CMS_RevocationInfoChoice_is_sorted; + +alias SKM_sk_new!CMS_SignerInfo sk_CMS_SignerInfo_new; +alias SKM_sk_new_null!CMS_SignerInfo sk_CMS_SignerInfo_new_null; +alias SKM_sk_free!CMS_SignerInfo sk_CMS_SignerInfo_free; +alias SKM_sk_num!CMS_SignerInfo sk_CMS_SignerInfo_num; +alias SKM_sk_value!CMS_SignerInfo sk_CMS_SignerInfo_value; +alias SKM_sk_set!CMS_SignerInfo sk_CMS_SignerInfo_set; +alias SKM_sk_zero!CMS_SignerInfo sk_CMS_SignerInfo_zero; +alias SKM_sk_push!CMS_SignerInfo sk_CMS_SignerInfo_push; +alias SKM_sk_unshift!CMS_SignerInfo sk_CMS_SignerInfo_unshift; +alias SKM_sk_find!CMS_SignerInfo sk_CMS_SignerInfo_find; +alias SKM_sk_find_ex!CMS_SignerInfo sk_CMS_SignerInfo_find_ex; +alias SKM_sk_delete!CMS_SignerInfo sk_CMS_SignerInfo_delete; +alias SKM_sk_delete_ptr!CMS_SignerInfo sk_CMS_SignerInfo_delete_ptr; +alias SKM_sk_insert!CMS_SignerInfo sk_CMS_SignerInfo_insert; +alias SKM_sk_set_cmp_func!CMS_SignerInfo sk_CMS_SignerInfo_set_cmp_func; +alias SKM_sk_dup!CMS_SignerInfo sk_CMS_SignerInfo_dup; +alias SKM_sk_pop_free!CMS_SignerInfo sk_CMS_SignerInfo_pop_free; +alias SKM_sk_shift!CMS_SignerInfo sk_CMS_SignerInfo_shift; +alias SKM_sk_pop!CMS_SignerInfo sk_CMS_SignerInfo_pop; +alias SKM_sk_sort!CMS_SignerInfo sk_CMS_SignerInfo_sort; +alias SKM_sk_is_sorted!CMS_SignerInfo sk_CMS_SignerInfo_is_sorted; + +alias SKM_sk_new!CONF_IMODULE sk_CONF_IMODULE_new; +alias SKM_sk_new_null!CONF_IMODULE sk_CONF_IMODULE_new_null; +alias SKM_sk_free!CONF_IMODULE sk_CONF_IMODULE_free; +alias SKM_sk_num!CONF_IMODULE sk_CONF_IMODULE_num; +alias SKM_sk_value!CONF_IMODULE sk_CONF_IMODULE_value; +alias SKM_sk_set!CONF_IMODULE sk_CONF_IMODULE_set; +alias SKM_sk_zero!CONF_IMODULE sk_CONF_IMODULE_zero; +alias SKM_sk_push!CONF_IMODULE sk_CONF_IMODULE_push; +alias SKM_sk_unshift!CONF_IMODULE sk_CONF_IMODULE_unshift; +alias SKM_sk_find!CONF_IMODULE sk_CONF_IMODULE_find; +alias SKM_sk_find_ex!CONF_IMODULE sk_CONF_IMODULE_find_ex; +alias SKM_sk_delete!CONF_IMODULE sk_CONF_IMODULE_delete; +alias SKM_sk_delete_ptr!CONF_IMODULE sk_CONF_IMODULE_delete_ptr; +alias SKM_sk_insert!CONF_IMODULE sk_CONF_IMODULE_insert; +alias SKM_sk_set_cmp_func!CONF_IMODULE sk_CONF_IMODULE_set_cmp_func; +alias SKM_sk_dup!CONF_IMODULE sk_CONF_IMODULE_dup; +alias SKM_sk_pop_free!CONF_IMODULE sk_CONF_IMODULE_pop_free; +alias SKM_sk_shift!CONF_IMODULE sk_CONF_IMODULE_shift; +alias SKM_sk_pop!CONF_IMODULE sk_CONF_IMODULE_pop; +alias SKM_sk_sort!CONF_IMODULE sk_CONF_IMODULE_sort; +alias SKM_sk_is_sorted!CONF_IMODULE sk_CONF_IMODULE_is_sorted; + +alias SKM_sk_new!CONF_MODULE sk_CONF_MODULE_new; +alias SKM_sk_new_null!CONF_MODULE sk_CONF_MODULE_new_null; +alias SKM_sk_free!CONF_MODULE sk_CONF_MODULE_free; +alias SKM_sk_num!CONF_MODULE sk_CONF_MODULE_num; +alias SKM_sk_value!CONF_MODULE sk_CONF_MODULE_value; +alias SKM_sk_set!CONF_MODULE sk_CONF_MODULE_set; +alias SKM_sk_zero!CONF_MODULE sk_CONF_MODULE_zero; +alias SKM_sk_push!CONF_MODULE sk_CONF_MODULE_push; +alias SKM_sk_unshift!CONF_MODULE sk_CONF_MODULE_unshift; +alias SKM_sk_find!CONF_MODULE sk_CONF_MODULE_find; +alias SKM_sk_find_ex!CONF_MODULE sk_CONF_MODULE_find_ex; +alias SKM_sk_delete!CONF_MODULE sk_CONF_MODULE_delete; +alias SKM_sk_delete_ptr!CONF_MODULE sk_CONF_MODULE_delete_ptr; +alias SKM_sk_insert!CONF_MODULE sk_CONF_MODULE_insert; +alias SKM_sk_set_cmp_func!CONF_MODULE sk_CONF_MODULE_set_cmp_func; +alias SKM_sk_dup!CONF_MODULE sk_CONF_MODULE_dup; +alias SKM_sk_pop_free!CONF_MODULE sk_CONF_MODULE_pop_free; +alias SKM_sk_shift!CONF_MODULE sk_CONF_MODULE_shift; +alias SKM_sk_pop!CONF_MODULE sk_CONF_MODULE_pop; +alias SKM_sk_sort!CONF_MODULE sk_CONF_MODULE_sort; +alias SKM_sk_is_sorted!CONF_MODULE sk_CONF_MODULE_is_sorted; + +alias SKM_sk_new!CONF_VALUE sk_CONF_VALUE_new; +alias SKM_sk_new_null!CONF_VALUE sk_CONF_VALUE_new_null; +alias SKM_sk_free!CONF_VALUE sk_CONF_VALUE_free; +alias SKM_sk_num!CONF_VALUE sk_CONF_VALUE_num; +alias SKM_sk_value!CONF_VALUE sk_CONF_VALUE_value; +alias SKM_sk_set!CONF_VALUE sk_CONF_VALUE_set; +alias SKM_sk_zero!CONF_VALUE sk_CONF_VALUE_zero; +alias SKM_sk_push!CONF_VALUE sk_CONF_VALUE_push; +alias SKM_sk_unshift!CONF_VALUE sk_CONF_VALUE_unshift; +alias SKM_sk_find!CONF_VALUE sk_CONF_VALUE_find; +alias SKM_sk_find_ex!CONF_VALUE sk_CONF_VALUE_find_ex; +alias SKM_sk_delete!CONF_VALUE sk_CONF_VALUE_delete; +alias SKM_sk_delete_ptr!CONF_VALUE sk_CONF_VALUE_delete_ptr; +alias SKM_sk_insert!CONF_VALUE sk_CONF_VALUE_insert; +alias SKM_sk_set_cmp_func!CONF_VALUE sk_CONF_VALUE_set_cmp_func; +alias SKM_sk_dup!CONF_VALUE sk_CONF_VALUE_dup; +alias SKM_sk_pop_free!CONF_VALUE sk_CONF_VALUE_pop_free; +alias SKM_sk_shift!CONF_VALUE sk_CONF_VALUE_shift; +alias SKM_sk_pop!CONF_VALUE sk_CONF_VALUE_pop; +alias SKM_sk_sort!CONF_VALUE sk_CONF_VALUE_sort; +alias SKM_sk_is_sorted!CONF_VALUE sk_CONF_VALUE_is_sorted; + +alias SKM_sk_new!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_new; +alias SKM_sk_new_null!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_new_null; +alias SKM_sk_free!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_free; +alias SKM_sk_num!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_num; +alias SKM_sk_value!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_value; +alias SKM_sk_set!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_set; +alias SKM_sk_zero!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_zero; +alias SKM_sk_push!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_push; +alias SKM_sk_unshift!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_unshift; +alias SKM_sk_find!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_find; +alias SKM_sk_find_ex!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_find_ex; +alias SKM_sk_delete!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_delete; +alias SKM_sk_delete_ptr!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_delete_ptr; +alias SKM_sk_insert!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_insert; +alias SKM_sk_set_cmp_func!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func; +alias SKM_sk_dup!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_dup; +alias SKM_sk_pop_free!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_pop_free; +alias SKM_sk_shift!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_shift; +alias SKM_sk_pop!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_pop; +alias SKM_sk_sort!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_sort; +alias SKM_sk_is_sorted!CRYPTO_EX_DATA_FUNCS sk_CRYPTO_EX_DATA_FUNCS_is_sorted; + +alias SKM_sk_new!CRYPTO_dynlock sk_CRYPTO_dynlock_new; +alias SKM_sk_new_null!CRYPTO_dynlock sk_CRYPTO_dynlock_new_null; +alias SKM_sk_free!CRYPTO_dynlock sk_CRYPTO_dynlock_free; +alias SKM_sk_num!CRYPTO_dynlock sk_CRYPTO_dynlock_num; +alias SKM_sk_value!CRYPTO_dynlock sk_CRYPTO_dynlock_value; +alias SKM_sk_set!CRYPTO_dynlock sk_CRYPTO_dynlock_set; +alias SKM_sk_zero!CRYPTO_dynlock sk_CRYPTO_dynlock_zero; +alias SKM_sk_push!CRYPTO_dynlock sk_CRYPTO_dynlock_push; +alias SKM_sk_unshift!CRYPTO_dynlock sk_CRYPTO_dynlock_unshift; +alias SKM_sk_find!CRYPTO_dynlock sk_CRYPTO_dynlock_find; +alias SKM_sk_find_ex!CRYPTO_dynlock sk_CRYPTO_dynlock_find_ex; +alias SKM_sk_delete!CRYPTO_dynlock sk_CRYPTO_dynlock_delete; +alias SKM_sk_delete_ptr!CRYPTO_dynlock sk_CRYPTO_dynlock_delete_ptr; +alias SKM_sk_insert!CRYPTO_dynlock sk_CRYPTO_dynlock_insert; +alias SKM_sk_set_cmp_func!CRYPTO_dynlock sk_CRYPTO_dynlock_set_cmp_func; +alias SKM_sk_dup!CRYPTO_dynlock sk_CRYPTO_dynlock_dup; +alias SKM_sk_pop_free!CRYPTO_dynlock sk_CRYPTO_dynlock_pop_free; +alias SKM_sk_shift!CRYPTO_dynlock sk_CRYPTO_dynlock_shift; +alias SKM_sk_pop!CRYPTO_dynlock sk_CRYPTO_dynlock_pop; +alias SKM_sk_sort!CRYPTO_dynlock sk_CRYPTO_dynlock_sort; +alias SKM_sk_is_sorted!CRYPTO_dynlock sk_CRYPTO_dynlock_is_sorted; + +alias SKM_sk_new!DIST_POINT sk_DIST_POINT_new; +alias SKM_sk_new_null!DIST_POINT sk_DIST_POINT_new_null; +alias SKM_sk_free!DIST_POINT sk_DIST_POINT_free; +alias SKM_sk_num!DIST_POINT sk_DIST_POINT_num; +alias SKM_sk_value!DIST_POINT sk_DIST_POINT_value; +alias SKM_sk_set!DIST_POINT sk_DIST_POINT_set; +alias SKM_sk_zero!DIST_POINT sk_DIST_POINT_zero; +alias SKM_sk_push!DIST_POINT sk_DIST_POINT_push; +alias SKM_sk_unshift!DIST_POINT sk_DIST_POINT_unshift; +alias SKM_sk_find!DIST_POINT sk_DIST_POINT_find; +alias SKM_sk_find_ex!DIST_POINT sk_DIST_POINT_find_ex; +alias SKM_sk_delete!DIST_POINT sk_DIST_POINT_delete; +alias SKM_sk_delete_ptr!DIST_POINT sk_DIST_POINT_delete_ptr; +alias SKM_sk_insert!DIST_POINT sk_DIST_POINT_insert; +alias SKM_sk_set_cmp_func!DIST_POINT sk_DIST_POINT_set_cmp_func; +alias SKM_sk_dup!DIST_POINT sk_DIST_POINT_dup; +alias SKM_sk_pop_free!DIST_POINT sk_DIST_POINT_pop_free; +alias SKM_sk_shift!DIST_POINT sk_DIST_POINT_shift; +alias SKM_sk_pop!DIST_POINT sk_DIST_POINT_pop; +alias SKM_sk_sort!DIST_POINT sk_DIST_POINT_sort; +alias SKM_sk_is_sorted!DIST_POINT sk_DIST_POINT_is_sorted; + +alias SKM_sk_new!ENGINE sk_ENGINE_new; +alias SKM_sk_new_null!ENGINE sk_ENGINE_new_null; +alias SKM_sk_free!ENGINE sk_ENGINE_free; +alias SKM_sk_num!ENGINE sk_ENGINE_num; +alias SKM_sk_value!ENGINE sk_ENGINE_value; +alias SKM_sk_set!ENGINE sk_ENGINE_set; +alias SKM_sk_zero!ENGINE sk_ENGINE_zero; +alias SKM_sk_push!ENGINE sk_ENGINE_push; +alias SKM_sk_unshift!ENGINE sk_ENGINE_unshift; +alias SKM_sk_find!ENGINE sk_ENGINE_find; +alias SKM_sk_find_ex!ENGINE sk_ENGINE_find_ex; +alias SKM_sk_delete!ENGINE sk_ENGINE_delete; +alias SKM_sk_delete_ptr!ENGINE sk_ENGINE_delete_ptr; +alias SKM_sk_insert!ENGINE sk_ENGINE_insert; +alias SKM_sk_set_cmp_func!ENGINE sk_ENGINE_set_cmp_func; +alias SKM_sk_dup!ENGINE sk_ENGINE_dup; +alias SKM_sk_pop_free!ENGINE sk_ENGINE_pop_free; +alias SKM_sk_shift!ENGINE sk_ENGINE_shift; +alias SKM_sk_pop!ENGINE sk_ENGINE_pop; +alias SKM_sk_sort!ENGINE sk_ENGINE_sort; +alias SKM_sk_is_sorted!ENGINE sk_ENGINE_is_sorted; + +/+ Internal crypto type. +alias SKM_sk_new!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_new; +alias SKM_sk_new_null!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_new_null; +alias SKM_sk_free!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_free; +alias SKM_sk_num!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_num; +alias SKM_sk_value!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_value; +alias SKM_sk_set!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_set; +alias SKM_sk_zero!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_zero; +alias SKM_sk_push!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_push; +alias SKM_sk_unshift!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_unshift; +alias SKM_sk_find!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_find; +alias SKM_sk_find_ex!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_find_ex; +alias SKM_sk_delete!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_delete; +alias SKM_sk_delete_ptr!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_delete_ptr; +alias SKM_sk_insert!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_insert; +alias SKM_sk_set_cmp_func!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_set_cmp_func; +alias SKM_sk_dup!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_dup; +alias SKM_sk_pop_free!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_pop_free; +alias SKM_sk_shift!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_shift; +alias SKM_sk_pop!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_pop; +alias SKM_sk_sort!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_sort; +alias SKM_sk_is_sorted!ENGINE_CLEANUP_ITEM sk_ENGINE_CLEANUP_ITEM_is_sorted; ++/ + +import deimos.openssl.ts; +alias SKM_sk_new!ESS_CERT_ID sk_ESS_CERT_ID_new; +alias SKM_sk_new_null!ESS_CERT_ID sk_ESS_CERT_ID_new_null; +alias SKM_sk_free!ESS_CERT_ID sk_ESS_CERT_ID_free; +alias SKM_sk_num!ESS_CERT_ID sk_ESS_CERT_ID_num; +alias SKM_sk_value!ESS_CERT_ID sk_ESS_CERT_ID_value; +alias SKM_sk_set!ESS_CERT_ID sk_ESS_CERT_ID_set; +alias SKM_sk_zero!ESS_CERT_ID sk_ESS_CERT_ID_zero; +alias SKM_sk_push!ESS_CERT_ID sk_ESS_CERT_ID_push; +alias SKM_sk_unshift!ESS_CERT_ID sk_ESS_CERT_ID_unshift; +alias SKM_sk_find!ESS_CERT_ID sk_ESS_CERT_ID_find; +alias SKM_sk_find_ex!ESS_CERT_ID sk_ESS_CERT_ID_find_ex; +alias SKM_sk_delete!ESS_CERT_ID sk_ESS_CERT_ID_delete; +alias SKM_sk_delete_ptr!ESS_CERT_ID sk_ESS_CERT_ID_delete_ptr; +alias SKM_sk_insert!ESS_CERT_ID sk_ESS_CERT_ID_insert; +alias SKM_sk_set_cmp_func!ESS_CERT_ID sk_ESS_CERT_ID_set_cmp_func; +alias SKM_sk_dup!ESS_CERT_ID sk_ESS_CERT_ID_dup; +alias SKM_sk_pop_free!ESS_CERT_ID sk_ESS_CERT_ID_pop_free; +alias SKM_sk_shift!ESS_CERT_ID sk_ESS_CERT_ID_shift; +alias SKM_sk_pop!ESS_CERT_ID sk_ESS_CERT_ID_pop; +alias SKM_sk_sort!ESS_CERT_ID sk_ESS_CERT_ID_sort; +alias SKM_sk_is_sorted!ESS_CERT_ID sk_ESS_CERT_ID_is_sorted; + +alias SKM_sk_new!EVP_MD sk_EVP_MD_new; +alias SKM_sk_new_null!EVP_MD sk_EVP_MD_new_null; +alias SKM_sk_free!EVP_MD sk_EVP_MD_free; +alias SKM_sk_num!EVP_MD sk_EVP_MD_num; +alias SKM_sk_value!EVP_MD sk_EVP_MD_value; +alias SKM_sk_set!EVP_MD sk_EVP_MD_set; +alias SKM_sk_zero!EVP_MD sk_EVP_MD_zero; +alias SKM_sk_push!EVP_MD sk_EVP_MD_push; +alias SKM_sk_unshift!EVP_MD sk_EVP_MD_unshift; +alias SKM_sk_find!EVP_MD sk_EVP_MD_find; +alias SKM_sk_find_ex!EVP_MD sk_EVP_MD_find_ex; +alias SKM_sk_delete!EVP_MD sk_EVP_MD_delete; +alias SKM_sk_delete_ptr!EVP_MD sk_EVP_MD_delete_ptr; +alias SKM_sk_insert!EVP_MD sk_EVP_MD_insert; +alias SKM_sk_set_cmp_func!EVP_MD sk_EVP_MD_set_cmp_func; +alias SKM_sk_dup!EVP_MD sk_EVP_MD_dup; +alias SKM_sk_pop_free!EVP_MD sk_EVP_MD_pop_free; +alias SKM_sk_shift!EVP_MD sk_EVP_MD_shift; +alias SKM_sk_pop!EVP_MD sk_EVP_MD_pop; +alias SKM_sk_sort!EVP_MD sk_EVP_MD_sort; +alias SKM_sk_is_sorted!EVP_MD sk_EVP_MD_is_sorted; + +/+ Internal crypto type. +alias SKM_sk_new!EVP_PBE_CTL sk_EVP_PBE_CTL_new; +alias SKM_sk_new_null!EVP_PBE_CTL sk_EVP_PBE_CTL_new_null; +alias SKM_sk_free!EVP_PBE_CTL sk_EVP_PBE_CTL_free; +alias SKM_sk_num!EVP_PBE_CTL sk_EVP_PBE_CTL_num; +alias SKM_sk_value!EVP_PBE_CTL sk_EVP_PBE_CTL_value; +alias SKM_sk_set!EVP_PBE_CTL sk_EVP_PBE_CTL_set; +alias SKM_sk_zero!EVP_PBE_CTL sk_EVP_PBE_CTL_zero; +alias SKM_sk_push!EVP_PBE_CTL sk_EVP_PBE_CTL_push; +alias SKM_sk_unshift!EVP_PBE_CTL sk_EVP_PBE_CTL_unshift; +alias SKM_sk_find!EVP_PBE_CTL sk_EVP_PBE_CTL_find; +alias SKM_sk_find_ex!EVP_PBE_CTL sk_EVP_PBE_CTL_find_ex; +alias SKM_sk_delete!EVP_PBE_CTL sk_EVP_PBE_CTL_delete; +alias SKM_sk_delete_ptr!EVP_PBE_CTL sk_EVP_PBE_CTL_delete_ptr; +alias SKM_sk_insert!EVP_PBE_CTL sk_EVP_PBE_CTL_insert; +alias SKM_sk_set_cmp_func!EVP_PBE_CTL sk_EVP_PBE_CTL_set_cmp_func; +alias SKM_sk_dup!EVP_PBE_CTL sk_EVP_PBE_CTL_dup; +alias SKM_sk_pop_free!EVP_PBE_CTL sk_EVP_PBE_CTL_pop_free; +alias SKM_sk_shift!EVP_PBE_CTL sk_EVP_PBE_CTL_shift; +alias SKM_sk_pop!EVP_PBE_CTL sk_EVP_PBE_CTL_pop; +alias SKM_sk_sort!EVP_PBE_CTL sk_EVP_PBE_CTL_sort; +alias SKM_sk_is_sorted!EVP_PBE_CTL sk_EVP_PBE_CTL_is_sorted; ++/ + +alias SKM_sk_new!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_new; +alias SKM_sk_new_null!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_new_null; +alias SKM_sk_free!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_free; +alias SKM_sk_num!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_num; +alias SKM_sk_value!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_value; +alias SKM_sk_set!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_set; +alias SKM_sk_zero!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_zero; +alias SKM_sk_push!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_push; +alias SKM_sk_unshift!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_unshift; +alias SKM_sk_find!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_find; +alias SKM_sk_find_ex!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_find_ex; +alias SKM_sk_delete!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_delete; +alias SKM_sk_delete_ptr!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_delete_ptr; +alias SKM_sk_insert!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_insert; +alias SKM_sk_set_cmp_func!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_set_cmp_func; +alias SKM_sk_dup!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_dup; +alias SKM_sk_pop_free!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_pop_free; +alias SKM_sk_shift!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_shift; +alias SKM_sk_pop!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_pop; +alias SKM_sk_sort!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_sort; +alias SKM_sk_is_sorted!EVP_PKEY_ASN1_METHOD sk_EVP_PKEY_ASN1_METHOD_is_sorted; + +alias SKM_sk_new!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_new; +alias SKM_sk_new_null!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_new_null; +alias SKM_sk_free!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_free; +alias SKM_sk_num!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_num; +alias SKM_sk_value!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_value; +alias SKM_sk_set!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_set; +alias SKM_sk_zero!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_zero; +alias SKM_sk_push!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_push; +alias SKM_sk_unshift!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_unshift; +alias SKM_sk_find!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_find; +alias SKM_sk_find_ex!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_find_ex; +alias SKM_sk_delete!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_delete; +alias SKM_sk_delete_ptr!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_delete_ptr; +alias SKM_sk_insert!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_insert; +alias SKM_sk_set_cmp_func!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_set_cmp_func; +alias SKM_sk_dup!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_dup; +alias SKM_sk_pop_free!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_pop_free; +alias SKM_sk_shift!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_shift; +alias SKM_sk_pop!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_pop; +alias SKM_sk_sort!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_sort; +alias SKM_sk_is_sorted!EVP_PKEY_METHOD sk_EVP_PKEY_METHOD_is_sorted; + +alias SKM_sk_new!GENERAL_NAME sk_GENERAL_NAME_new; +alias SKM_sk_new_null!GENERAL_NAME sk_GENERAL_NAME_new_null; +alias SKM_sk_free!GENERAL_NAME sk_GENERAL_NAME_free; +alias SKM_sk_num!GENERAL_NAME sk_GENERAL_NAME_num; +alias SKM_sk_value!GENERAL_NAME sk_GENERAL_NAME_value; +alias SKM_sk_set!GENERAL_NAME sk_GENERAL_NAME_set; +alias SKM_sk_zero!GENERAL_NAME sk_GENERAL_NAME_zero; +alias SKM_sk_push!GENERAL_NAME sk_GENERAL_NAME_push; +alias SKM_sk_unshift!GENERAL_NAME sk_GENERAL_NAME_unshift; +alias SKM_sk_find!GENERAL_NAME sk_GENERAL_NAME_find; +alias SKM_sk_find_ex!GENERAL_NAME sk_GENERAL_NAME_find_ex; +alias SKM_sk_delete!GENERAL_NAME sk_GENERAL_NAME_delete; +alias SKM_sk_delete_ptr!GENERAL_NAME sk_GENERAL_NAME_delete_ptr; +alias SKM_sk_insert!GENERAL_NAME sk_GENERAL_NAME_insert; +alias SKM_sk_set_cmp_func!GENERAL_NAME sk_GENERAL_NAME_set_cmp_func; +alias SKM_sk_dup!GENERAL_NAME sk_GENERAL_NAME_dup; +alias SKM_sk_pop_free!GENERAL_NAME sk_GENERAL_NAME_pop_free; +alias SKM_sk_shift!GENERAL_NAME sk_GENERAL_NAME_shift; +alias SKM_sk_pop!GENERAL_NAME sk_GENERAL_NAME_pop; +alias SKM_sk_sort!GENERAL_NAME sk_GENERAL_NAME_sort; +alias SKM_sk_is_sorted!GENERAL_NAME sk_GENERAL_NAME_is_sorted; + +alias SKM_sk_new!GENERAL_NAMES sk_GENERAL_NAMES_new; +alias SKM_sk_new_null!GENERAL_NAMES sk_GENERAL_NAMES_new_null; +alias SKM_sk_free!GENERAL_NAMES sk_GENERAL_NAMES_free; +alias SKM_sk_num!GENERAL_NAMES sk_GENERAL_NAMES_num; +alias SKM_sk_value!GENERAL_NAMES sk_GENERAL_NAMES_value; +alias SKM_sk_set!GENERAL_NAMES sk_GENERAL_NAMES_set; +alias SKM_sk_zero!GENERAL_NAMES sk_GENERAL_NAMES_zero; +alias SKM_sk_push!GENERAL_NAMES sk_GENERAL_NAMES_push; +alias SKM_sk_unshift!GENERAL_NAMES sk_GENERAL_NAMES_unshift; +alias SKM_sk_find!GENERAL_NAMES sk_GENERAL_NAMES_find; +alias SKM_sk_find_ex!GENERAL_NAMES sk_GENERAL_NAMES_find_ex; +alias SKM_sk_delete!GENERAL_NAMES sk_GENERAL_NAMES_delete; +alias SKM_sk_delete_ptr!GENERAL_NAMES sk_GENERAL_NAMES_delete_ptr; +alias SKM_sk_insert!GENERAL_NAMES sk_GENERAL_NAMES_insert; +alias SKM_sk_set_cmp_func!GENERAL_NAMES sk_GENERAL_NAMES_set_cmp_func; +alias SKM_sk_dup!GENERAL_NAMES sk_GENERAL_NAMES_dup; +alias SKM_sk_pop_free!GENERAL_NAMES sk_GENERAL_NAMES_pop_free; +alias SKM_sk_shift!GENERAL_NAMES sk_GENERAL_NAMES_shift; +alias SKM_sk_pop!GENERAL_NAMES sk_GENERAL_NAMES_pop; +alias SKM_sk_sort!GENERAL_NAMES sk_GENERAL_NAMES_sort; +alias SKM_sk_is_sorted!GENERAL_NAMES sk_GENERAL_NAMES_is_sorted; + +alias SKM_sk_new!GENERAL_SUBTREE sk_GENERAL_SUBTREE_new; +alias SKM_sk_new_null!GENERAL_SUBTREE sk_GENERAL_SUBTREE_new_null; +alias SKM_sk_free!GENERAL_SUBTREE sk_GENERAL_SUBTREE_free; +alias SKM_sk_num!GENERAL_SUBTREE sk_GENERAL_SUBTREE_num; +alias SKM_sk_value!GENERAL_SUBTREE sk_GENERAL_SUBTREE_value; +alias SKM_sk_set!GENERAL_SUBTREE sk_GENERAL_SUBTREE_set; +alias SKM_sk_zero!GENERAL_SUBTREE sk_GENERAL_SUBTREE_zero; +alias SKM_sk_push!GENERAL_SUBTREE sk_GENERAL_SUBTREE_push; +alias SKM_sk_unshift!GENERAL_SUBTREE sk_GENERAL_SUBTREE_unshift; +alias SKM_sk_find!GENERAL_SUBTREE sk_GENERAL_SUBTREE_find; +alias SKM_sk_find_ex!GENERAL_SUBTREE sk_GENERAL_SUBTREE_find_ex; +alias SKM_sk_delete!GENERAL_SUBTREE sk_GENERAL_SUBTREE_delete; +alias SKM_sk_delete_ptr!GENERAL_SUBTREE sk_GENERAL_SUBTREE_delete_ptr; +alias SKM_sk_insert!GENERAL_SUBTREE sk_GENERAL_SUBTREE_insert; +alias SKM_sk_set_cmp_func!GENERAL_SUBTREE sk_GENERAL_SUBTREE_set_cmp_func; +alias SKM_sk_dup!GENERAL_SUBTREE sk_GENERAL_SUBTREE_dup; +alias SKM_sk_pop_free!GENERAL_SUBTREE sk_GENERAL_SUBTREE_pop_free; +alias SKM_sk_shift!GENERAL_SUBTREE sk_GENERAL_SUBTREE_shift; +alias SKM_sk_pop!GENERAL_SUBTREE sk_GENERAL_SUBTREE_pop; +alias SKM_sk_sort!GENERAL_SUBTREE sk_GENERAL_SUBTREE_sort; +alias SKM_sk_is_sorted!GENERAL_SUBTREE sk_GENERAL_SUBTREE_is_sorted; + +alias SKM_sk_new!IPAddressFamily sk_IPAddressFamily_new; +alias SKM_sk_new_null!IPAddressFamily sk_IPAddressFamily_new_null; +alias SKM_sk_free!IPAddressFamily sk_IPAddressFamily_free; +alias SKM_sk_num!IPAddressFamily sk_IPAddressFamily_num; +alias SKM_sk_value!IPAddressFamily sk_IPAddressFamily_value; +alias SKM_sk_set!IPAddressFamily sk_IPAddressFamily_set; +alias SKM_sk_zero!IPAddressFamily sk_IPAddressFamily_zero; +alias SKM_sk_push!IPAddressFamily sk_IPAddressFamily_push; +alias SKM_sk_unshift!IPAddressFamily sk_IPAddressFamily_unshift; +alias SKM_sk_find!IPAddressFamily sk_IPAddressFamily_find; +alias SKM_sk_find_ex!IPAddressFamily sk_IPAddressFamily_find_ex; +alias SKM_sk_delete!IPAddressFamily sk_IPAddressFamily_delete; +alias SKM_sk_delete_ptr!IPAddressFamily sk_IPAddressFamily_delete_ptr; +alias SKM_sk_insert!IPAddressFamily sk_IPAddressFamily_insert; +alias SKM_sk_set_cmp_func!IPAddressFamily sk_IPAddressFamily_set_cmp_func; +alias SKM_sk_dup!IPAddressFamily sk_IPAddressFamily_dup; +alias SKM_sk_pop_free!IPAddressFamily sk_IPAddressFamily_pop_free; +alias SKM_sk_shift!IPAddressFamily sk_IPAddressFamily_shift; +alias SKM_sk_pop!IPAddressFamily sk_IPAddressFamily_pop; +alias SKM_sk_sort!IPAddressFamily sk_IPAddressFamily_sort; +alias SKM_sk_is_sorted!IPAddressFamily sk_IPAddressFamily_is_sorted; + +alias SKM_sk_new!IPAddressOrRange sk_IPAddressOrRange_new; +alias SKM_sk_new_null!IPAddressOrRange sk_IPAddressOrRange_new_null; +alias SKM_sk_free!IPAddressOrRange sk_IPAddressOrRange_free; +alias SKM_sk_num!IPAddressOrRange sk_IPAddressOrRange_num; +alias SKM_sk_value!IPAddressOrRange sk_IPAddressOrRange_value; +alias SKM_sk_set!IPAddressOrRange sk_IPAddressOrRange_set; +alias SKM_sk_zero!IPAddressOrRange sk_IPAddressOrRange_zero; +alias SKM_sk_push!IPAddressOrRange sk_IPAddressOrRange_push; +alias SKM_sk_unshift!IPAddressOrRange sk_IPAddressOrRange_unshift; +alias SKM_sk_find!IPAddressOrRange sk_IPAddressOrRange_find; +alias SKM_sk_find_ex!IPAddressOrRange sk_IPAddressOrRange_find_ex; +alias SKM_sk_delete!IPAddressOrRange sk_IPAddressOrRange_delete; +alias SKM_sk_delete_ptr!IPAddressOrRange sk_IPAddressOrRange_delete_ptr; +alias SKM_sk_insert!IPAddressOrRange sk_IPAddressOrRange_insert; +alias SKM_sk_set_cmp_func!IPAddressOrRange sk_IPAddressOrRange_set_cmp_func; +alias SKM_sk_dup!IPAddressOrRange sk_IPAddressOrRange_dup; +alias SKM_sk_pop_free!IPAddressOrRange sk_IPAddressOrRange_pop_free; +alias SKM_sk_shift!IPAddressOrRange sk_IPAddressOrRange_shift; +alias SKM_sk_pop!IPAddressOrRange sk_IPAddressOrRange_pop; +alias SKM_sk_sort!IPAddressOrRange sk_IPAddressOrRange_sort; +alias SKM_sk_is_sorted!IPAddressOrRange sk_IPAddressOrRange_is_sorted; + +import deimos.openssl.krb5_asn; +alias SKM_sk_new!KRB5_APREQBODY sk_KRB5_APREQBODY_new; +alias SKM_sk_new_null!KRB5_APREQBODY sk_KRB5_APREQBODY_new_null; +alias SKM_sk_free!KRB5_APREQBODY sk_KRB5_APREQBODY_free; +alias SKM_sk_num!KRB5_APREQBODY sk_KRB5_APREQBODY_num; +alias SKM_sk_value!KRB5_APREQBODY sk_KRB5_APREQBODY_value; +alias SKM_sk_set!KRB5_APREQBODY sk_KRB5_APREQBODY_set; +alias SKM_sk_zero!KRB5_APREQBODY sk_KRB5_APREQBODY_zero; +alias SKM_sk_push!KRB5_APREQBODY sk_KRB5_APREQBODY_push; +alias SKM_sk_unshift!KRB5_APREQBODY sk_KRB5_APREQBODY_unshift; +alias SKM_sk_find!KRB5_APREQBODY sk_KRB5_APREQBODY_find; +alias SKM_sk_find_ex!KRB5_APREQBODY sk_KRB5_APREQBODY_find_ex; +alias SKM_sk_delete!KRB5_APREQBODY sk_KRB5_APREQBODY_delete; +alias SKM_sk_delete_ptr!KRB5_APREQBODY sk_KRB5_APREQBODY_delete_ptr; +alias SKM_sk_insert!KRB5_APREQBODY sk_KRB5_APREQBODY_insert; +alias SKM_sk_set_cmp_func!KRB5_APREQBODY sk_KRB5_APREQBODY_set_cmp_func; +alias SKM_sk_dup!KRB5_APREQBODY sk_KRB5_APREQBODY_dup; +alias SKM_sk_pop_free!KRB5_APREQBODY sk_KRB5_APREQBODY_pop_free; +alias SKM_sk_shift!KRB5_APREQBODY sk_KRB5_APREQBODY_shift; +alias SKM_sk_pop!KRB5_APREQBODY sk_KRB5_APREQBODY_pop; +alias SKM_sk_sort!KRB5_APREQBODY sk_KRB5_APREQBODY_sort; +alias SKM_sk_is_sorted!KRB5_APREQBODY sk_KRB5_APREQBODY_is_sorted; + +alias SKM_sk_new!KRB5_AUTHDATA sk_KRB5_AUTHDATA_new; +alias SKM_sk_new_null!KRB5_AUTHDATA sk_KRB5_AUTHDATA_new_null; +alias SKM_sk_free!KRB5_AUTHDATA sk_KRB5_AUTHDATA_free; +alias SKM_sk_num!KRB5_AUTHDATA sk_KRB5_AUTHDATA_num; +alias SKM_sk_value!KRB5_AUTHDATA sk_KRB5_AUTHDATA_value; +alias SKM_sk_set!KRB5_AUTHDATA sk_KRB5_AUTHDATA_set; +alias SKM_sk_zero!KRB5_AUTHDATA sk_KRB5_AUTHDATA_zero; +alias SKM_sk_push!KRB5_AUTHDATA sk_KRB5_AUTHDATA_push; +alias SKM_sk_unshift!KRB5_AUTHDATA sk_KRB5_AUTHDATA_unshift; +alias SKM_sk_find!KRB5_AUTHDATA sk_KRB5_AUTHDATA_find; +alias SKM_sk_find_ex!KRB5_AUTHDATA sk_KRB5_AUTHDATA_find_ex; +alias SKM_sk_delete!KRB5_AUTHDATA sk_KRB5_AUTHDATA_delete; +alias SKM_sk_delete_ptr!KRB5_AUTHDATA sk_KRB5_AUTHDATA_delete_ptr; +alias SKM_sk_insert!KRB5_AUTHDATA sk_KRB5_AUTHDATA_insert; +alias SKM_sk_set_cmp_func!KRB5_AUTHDATA sk_KRB5_AUTHDATA_set_cmp_func; +alias SKM_sk_dup!KRB5_AUTHDATA sk_KRB5_AUTHDATA_dup; +alias SKM_sk_pop_free!KRB5_AUTHDATA sk_KRB5_AUTHDATA_pop_free; +alias SKM_sk_shift!KRB5_AUTHDATA sk_KRB5_AUTHDATA_shift; +alias SKM_sk_pop!KRB5_AUTHDATA sk_KRB5_AUTHDATA_pop; +alias SKM_sk_sort!KRB5_AUTHDATA sk_KRB5_AUTHDATA_sort; +alias SKM_sk_is_sorted!KRB5_AUTHDATA sk_KRB5_AUTHDATA_is_sorted; + +alias SKM_sk_new!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_new; +alias SKM_sk_new_null!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_new_null; +alias SKM_sk_free!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_free; +alias SKM_sk_num!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_num; +alias SKM_sk_value!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_value; +alias SKM_sk_set!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_set; +alias SKM_sk_zero!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_zero; +alias SKM_sk_push!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_push; +alias SKM_sk_unshift!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_unshift; +alias SKM_sk_find!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_find; +alias SKM_sk_find_ex!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_find_ex; +alias SKM_sk_delete!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_delete; +alias SKM_sk_delete_ptr!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_delete_ptr; +alias SKM_sk_insert!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_insert; +alias SKM_sk_set_cmp_func!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_set_cmp_func; +alias SKM_sk_dup!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_dup; +alias SKM_sk_pop_free!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_pop_free; +alias SKM_sk_shift!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_shift; +alias SKM_sk_pop!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_pop; +alias SKM_sk_sort!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_sort; +alias SKM_sk_is_sorted!KRB5_AUTHENTBODY sk_KRB5_AUTHENTBODY_is_sorted; + +alias SKM_sk_new!KRB5_CHECKSUM sk_KRB5_CHECKSUM_new; +alias SKM_sk_new_null!KRB5_CHECKSUM sk_KRB5_CHECKSUM_new_null; +alias SKM_sk_free!KRB5_CHECKSUM sk_KRB5_CHECKSUM_free; +alias SKM_sk_num!KRB5_CHECKSUM sk_KRB5_CHECKSUM_num; +alias SKM_sk_value!KRB5_CHECKSUM sk_KRB5_CHECKSUM_value; +alias SKM_sk_set!KRB5_CHECKSUM sk_KRB5_CHECKSUM_set; +alias SKM_sk_zero!KRB5_CHECKSUM sk_KRB5_CHECKSUM_zero; +alias SKM_sk_push!KRB5_CHECKSUM sk_KRB5_CHECKSUM_push; +alias SKM_sk_unshift!KRB5_CHECKSUM sk_KRB5_CHECKSUM_unshift; +alias SKM_sk_find!KRB5_CHECKSUM sk_KRB5_CHECKSUM_find; +alias SKM_sk_find_ex!KRB5_CHECKSUM sk_KRB5_CHECKSUM_find_ex; +alias SKM_sk_delete!KRB5_CHECKSUM sk_KRB5_CHECKSUM_delete; +alias SKM_sk_delete_ptr!KRB5_CHECKSUM sk_KRB5_CHECKSUM_delete_ptr; +alias SKM_sk_insert!KRB5_CHECKSUM sk_KRB5_CHECKSUM_insert; +alias SKM_sk_set_cmp_func!KRB5_CHECKSUM sk_KRB5_CHECKSUM_set_cmp_func; +alias SKM_sk_dup!KRB5_CHECKSUM sk_KRB5_CHECKSUM_dup; +alias SKM_sk_pop_free!KRB5_CHECKSUM sk_KRB5_CHECKSUM_pop_free; +alias SKM_sk_shift!KRB5_CHECKSUM sk_KRB5_CHECKSUM_shift; +alias SKM_sk_pop!KRB5_CHECKSUM sk_KRB5_CHECKSUM_pop; +alias SKM_sk_sort!KRB5_CHECKSUM sk_KRB5_CHECKSUM_sort; +alias SKM_sk_is_sorted!KRB5_CHECKSUM sk_KRB5_CHECKSUM_is_sorted; + +alias SKM_sk_new!KRB5_ENCDATA sk_KRB5_ENCDATA_new; +alias SKM_sk_new_null!KRB5_ENCDATA sk_KRB5_ENCDATA_new_null; +alias SKM_sk_free!KRB5_ENCDATA sk_KRB5_ENCDATA_free; +alias SKM_sk_num!KRB5_ENCDATA sk_KRB5_ENCDATA_num; +alias SKM_sk_value!KRB5_ENCDATA sk_KRB5_ENCDATA_value; +alias SKM_sk_set!KRB5_ENCDATA sk_KRB5_ENCDATA_set; +alias SKM_sk_zero!KRB5_ENCDATA sk_KRB5_ENCDATA_zero; +alias SKM_sk_push!KRB5_ENCDATA sk_KRB5_ENCDATA_push; +alias SKM_sk_unshift!KRB5_ENCDATA sk_KRB5_ENCDATA_unshift; +alias SKM_sk_find!KRB5_ENCDATA sk_KRB5_ENCDATA_find; +alias SKM_sk_find_ex!KRB5_ENCDATA sk_KRB5_ENCDATA_find_ex; +alias SKM_sk_delete!KRB5_ENCDATA sk_KRB5_ENCDATA_delete; +alias SKM_sk_delete_ptr!KRB5_ENCDATA sk_KRB5_ENCDATA_delete_ptr; +alias SKM_sk_insert!KRB5_ENCDATA sk_KRB5_ENCDATA_insert; +alias SKM_sk_set_cmp_func!KRB5_ENCDATA sk_KRB5_ENCDATA_set_cmp_func; +alias SKM_sk_dup!KRB5_ENCDATA sk_KRB5_ENCDATA_dup; +alias SKM_sk_pop_free!KRB5_ENCDATA sk_KRB5_ENCDATA_pop_free; +alias SKM_sk_shift!KRB5_ENCDATA sk_KRB5_ENCDATA_shift; +alias SKM_sk_pop!KRB5_ENCDATA sk_KRB5_ENCDATA_pop; +alias SKM_sk_sort!KRB5_ENCDATA sk_KRB5_ENCDATA_sort; +alias SKM_sk_is_sorted!KRB5_ENCDATA sk_KRB5_ENCDATA_is_sorted; + +alias SKM_sk_new!KRB5_ENCKEY sk_KRB5_ENCKEY_new; +alias SKM_sk_new_null!KRB5_ENCKEY sk_KRB5_ENCKEY_new_null; +alias SKM_sk_free!KRB5_ENCKEY sk_KRB5_ENCKEY_free; +alias SKM_sk_num!KRB5_ENCKEY sk_KRB5_ENCKEY_num; +alias SKM_sk_value!KRB5_ENCKEY sk_KRB5_ENCKEY_value; +alias SKM_sk_set!KRB5_ENCKEY sk_KRB5_ENCKEY_set; +alias SKM_sk_zero!KRB5_ENCKEY sk_KRB5_ENCKEY_zero; +alias SKM_sk_push!KRB5_ENCKEY sk_KRB5_ENCKEY_push; +alias SKM_sk_unshift!KRB5_ENCKEY sk_KRB5_ENCKEY_unshift; +alias SKM_sk_find!KRB5_ENCKEY sk_KRB5_ENCKEY_find; +alias SKM_sk_find_ex!KRB5_ENCKEY sk_KRB5_ENCKEY_find_ex; +alias SKM_sk_delete!KRB5_ENCKEY sk_KRB5_ENCKEY_delete; +alias SKM_sk_delete_ptr!KRB5_ENCKEY sk_KRB5_ENCKEY_delete_ptr; +alias SKM_sk_insert!KRB5_ENCKEY sk_KRB5_ENCKEY_insert; +alias SKM_sk_set_cmp_func!KRB5_ENCKEY sk_KRB5_ENCKEY_set_cmp_func; +alias SKM_sk_dup!KRB5_ENCKEY sk_KRB5_ENCKEY_dup; +alias SKM_sk_pop_free!KRB5_ENCKEY sk_KRB5_ENCKEY_pop_free; +alias SKM_sk_shift!KRB5_ENCKEY sk_KRB5_ENCKEY_shift; +alias SKM_sk_pop!KRB5_ENCKEY sk_KRB5_ENCKEY_pop; +alias SKM_sk_sort!KRB5_ENCKEY sk_KRB5_ENCKEY_sort; +alias SKM_sk_is_sorted!KRB5_ENCKEY sk_KRB5_ENCKEY_is_sorted; + +alias SKM_sk_new!KRB5_PRINCNAME sk_KRB5_PRINCNAME_new; +alias SKM_sk_new_null!KRB5_PRINCNAME sk_KRB5_PRINCNAME_new_null; +alias SKM_sk_free!KRB5_PRINCNAME sk_KRB5_PRINCNAME_free; +alias SKM_sk_num!KRB5_PRINCNAME sk_KRB5_PRINCNAME_num; +alias SKM_sk_value!KRB5_PRINCNAME sk_KRB5_PRINCNAME_value; +alias SKM_sk_set!KRB5_PRINCNAME sk_KRB5_PRINCNAME_set; +alias SKM_sk_zero!KRB5_PRINCNAME sk_KRB5_PRINCNAME_zero; +alias SKM_sk_push!KRB5_PRINCNAME sk_KRB5_PRINCNAME_push; +alias SKM_sk_unshift!KRB5_PRINCNAME sk_KRB5_PRINCNAME_unshift; +alias SKM_sk_find!KRB5_PRINCNAME sk_KRB5_PRINCNAME_find; +alias SKM_sk_find_ex!KRB5_PRINCNAME sk_KRB5_PRINCNAME_find_ex; +alias SKM_sk_delete!KRB5_PRINCNAME sk_KRB5_PRINCNAME_delete; +alias SKM_sk_delete_ptr!KRB5_PRINCNAME sk_KRB5_PRINCNAME_delete_ptr; +alias SKM_sk_insert!KRB5_PRINCNAME sk_KRB5_PRINCNAME_insert; +alias SKM_sk_set_cmp_func!KRB5_PRINCNAME sk_KRB5_PRINCNAME_set_cmp_func; +alias SKM_sk_dup!KRB5_PRINCNAME sk_KRB5_PRINCNAME_dup; +alias SKM_sk_pop_free!KRB5_PRINCNAME sk_KRB5_PRINCNAME_pop_free; +alias SKM_sk_shift!KRB5_PRINCNAME sk_KRB5_PRINCNAME_shift; +alias SKM_sk_pop!KRB5_PRINCNAME sk_KRB5_PRINCNAME_pop; +alias SKM_sk_sort!KRB5_PRINCNAME sk_KRB5_PRINCNAME_sort; +alias SKM_sk_is_sorted!KRB5_PRINCNAME sk_KRB5_PRINCNAME_is_sorted; + +alias SKM_sk_new!KRB5_TKTBODY sk_KRB5_TKTBODY_new; +alias SKM_sk_new_null!KRB5_TKTBODY sk_KRB5_TKTBODY_new_null; +alias SKM_sk_free!KRB5_TKTBODY sk_KRB5_TKTBODY_free; +alias SKM_sk_num!KRB5_TKTBODY sk_KRB5_TKTBODY_num; +alias SKM_sk_value!KRB5_TKTBODY sk_KRB5_TKTBODY_value; +alias SKM_sk_set!KRB5_TKTBODY sk_KRB5_TKTBODY_set; +alias SKM_sk_zero!KRB5_TKTBODY sk_KRB5_TKTBODY_zero; +alias SKM_sk_push!KRB5_TKTBODY sk_KRB5_TKTBODY_push; +alias SKM_sk_unshift!KRB5_TKTBODY sk_KRB5_TKTBODY_unshift; +alias SKM_sk_find!KRB5_TKTBODY sk_KRB5_TKTBODY_find; +alias SKM_sk_find_ex!KRB5_TKTBODY sk_KRB5_TKTBODY_find_ex; +alias SKM_sk_delete!KRB5_TKTBODY sk_KRB5_TKTBODY_delete; +alias SKM_sk_delete_ptr!KRB5_TKTBODY sk_KRB5_TKTBODY_delete_ptr; +alias SKM_sk_insert!KRB5_TKTBODY sk_KRB5_TKTBODY_insert; +alias SKM_sk_set_cmp_func!KRB5_TKTBODY sk_KRB5_TKTBODY_set_cmp_func; +alias SKM_sk_dup!KRB5_TKTBODY sk_KRB5_TKTBODY_dup; +alias SKM_sk_pop_free!KRB5_TKTBODY sk_KRB5_TKTBODY_pop_free; +alias SKM_sk_shift!KRB5_TKTBODY sk_KRB5_TKTBODY_shift; +alias SKM_sk_pop!KRB5_TKTBODY sk_KRB5_TKTBODY_pop; +alias SKM_sk_sort!KRB5_TKTBODY sk_KRB5_TKTBODY_sort; +alias SKM_sk_is_sorted!KRB5_TKTBODY sk_KRB5_TKTBODY_is_sorted; + +/+ Internal crypto types. +alias SKM_sk_new!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_new; +alias SKM_sk_new_null!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_new_null; +alias SKM_sk_free!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_free; +alias SKM_sk_num!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_num; +alias SKM_sk_value!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_value; +alias SKM_sk_set!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_set; +alias SKM_sk_zero!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_zero; +alias SKM_sk_push!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_push; +alias SKM_sk_unshift!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_unshift; +alias SKM_sk_find!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_find; +alias SKM_sk_find_ex!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_find_ex; +alias SKM_sk_delete!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_delete; +alias SKM_sk_delete_ptr!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_delete_ptr; +alias SKM_sk_insert!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_insert; +alias SKM_sk_set_cmp_func!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_set_cmp_func; +alias SKM_sk_dup!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_dup; +alias SKM_sk_pop_free!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_pop_free; +alias SKM_sk_shift!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_shift; +alias SKM_sk_pop!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_pop; +alias SKM_sk_sort!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_sort; +alias SKM_sk_is_sorted!MEM_OBJECT_DATA sk_MEM_OBJECT_DATA_is_sorted; + +alias SKM_sk_new!MIME_HEADER sk_MIME_HEADER_new; +alias SKM_sk_new_null!MIME_HEADER sk_MIME_HEADER_new_null; +alias SKM_sk_free!MIME_HEADER sk_MIME_HEADER_free; +alias SKM_sk_num!MIME_HEADER sk_MIME_HEADER_num; +alias SKM_sk_value!MIME_HEADER sk_MIME_HEADER_value; +alias SKM_sk_set!MIME_HEADER sk_MIME_HEADER_set; +alias SKM_sk_zero!MIME_HEADER sk_MIME_HEADER_zero; +alias SKM_sk_push!MIME_HEADER sk_MIME_HEADER_push; +alias SKM_sk_unshift!MIME_HEADER sk_MIME_HEADER_unshift; +alias SKM_sk_find!MIME_HEADER sk_MIME_HEADER_find; +alias SKM_sk_find_ex!MIME_HEADER sk_MIME_HEADER_find_ex; +alias SKM_sk_delete!MIME_HEADER sk_MIME_HEADER_delete; +alias SKM_sk_delete_ptr!MIME_HEADER sk_MIME_HEADER_delete_ptr; +alias SKM_sk_insert!MIME_HEADER sk_MIME_HEADER_insert; +alias SKM_sk_set_cmp_func!MIME_HEADER sk_MIME_HEADER_set_cmp_func; +alias SKM_sk_dup!MIME_HEADER sk_MIME_HEADER_dup; +alias SKM_sk_pop_free!MIME_HEADER sk_MIME_HEADER_pop_free; +alias SKM_sk_shift!MIME_HEADER sk_MIME_HEADER_shift; +alias SKM_sk_pop!MIME_HEADER sk_MIME_HEADER_pop; +alias SKM_sk_sort!MIME_HEADER sk_MIME_HEADER_sort; +alias SKM_sk_is_sorted!MIME_HEADER sk_MIME_HEADER_is_sorted; + +alias SKM_sk_new!MIME_PARAM sk_MIME_PARAM_new; +alias SKM_sk_new_null!MIME_PARAM sk_MIME_PARAM_new_null; +alias SKM_sk_free!MIME_PARAM sk_MIME_PARAM_free; +alias SKM_sk_num!MIME_PARAM sk_MIME_PARAM_num; +alias SKM_sk_value!MIME_PARAM sk_MIME_PARAM_value; +alias SKM_sk_set!MIME_PARAM sk_MIME_PARAM_set; +alias SKM_sk_zero!MIME_PARAM sk_MIME_PARAM_zero; +alias SKM_sk_push!MIME_PARAM sk_MIME_PARAM_push; +alias SKM_sk_unshift!MIME_PARAM sk_MIME_PARAM_unshift; +alias SKM_sk_find!MIME_PARAM sk_MIME_PARAM_find; +alias SKM_sk_find_ex!MIME_PARAM sk_MIME_PARAM_find_ex; +alias SKM_sk_delete!MIME_PARAM sk_MIME_PARAM_delete; +alias SKM_sk_delete_ptr!MIME_PARAM sk_MIME_PARAM_delete_ptr; +alias SKM_sk_insert!MIME_PARAM sk_MIME_PARAM_insert; +alias SKM_sk_set_cmp_func!MIME_PARAM sk_MIME_PARAM_set_cmp_func; +alias SKM_sk_dup!MIME_PARAM sk_MIME_PARAM_dup; +alias SKM_sk_pop_free!MIME_PARAM sk_MIME_PARAM_pop_free; +alias SKM_sk_shift!MIME_PARAM sk_MIME_PARAM_shift; +alias SKM_sk_pop!MIME_PARAM sk_MIME_PARAM_pop; +alias SKM_sk_sort!MIME_PARAM sk_MIME_PARAM_sort; +alias SKM_sk_is_sorted!MIME_PARAM sk_MIME_PARAM_is_sorted; + +alias SKM_sk_new!NAME_FUNCS sk_NAME_FUNCS_new; +alias SKM_sk_new_null!NAME_FUNCS sk_NAME_FUNCS_new_null; +alias SKM_sk_free!NAME_FUNCS sk_NAME_FUNCS_free; +alias SKM_sk_num!NAME_FUNCS sk_NAME_FUNCS_num; +alias SKM_sk_value!NAME_FUNCS sk_NAME_FUNCS_value; +alias SKM_sk_set!NAME_FUNCS sk_NAME_FUNCS_set; +alias SKM_sk_zero!NAME_FUNCS sk_NAME_FUNCS_zero; +alias SKM_sk_push!NAME_FUNCS sk_NAME_FUNCS_push; +alias SKM_sk_unshift!NAME_FUNCS sk_NAME_FUNCS_unshift; +alias SKM_sk_find!NAME_FUNCS sk_NAME_FUNCS_find; +alias SKM_sk_find_ex!NAME_FUNCS sk_NAME_FUNCS_find_ex; +alias SKM_sk_delete!NAME_FUNCS sk_NAME_FUNCS_delete; +alias SKM_sk_delete_ptr!NAME_FUNCS sk_NAME_FUNCS_delete_ptr; +alias SKM_sk_insert!NAME_FUNCS sk_NAME_FUNCS_insert; +alias SKM_sk_set_cmp_func!NAME_FUNCS sk_NAME_FUNCS_set_cmp_func; +alias SKM_sk_dup!NAME_FUNCS sk_NAME_FUNCS_dup; +alias SKM_sk_pop_free!NAME_FUNCS sk_NAME_FUNCS_pop_free; +alias SKM_sk_shift!NAME_FUNCS sk_NAME_FUNCS_shift; +alias SKM_sk_pop!NAME_FUNCS sk_NAME_FUNCS_pop; +alias SKM_sk_sort!NAME_FUNCS sk_NAME_FUNCS_sort; +alias SKM_sk_is_sorted!NAME_FUNCS sk_NAME_FUNCS_is_sorted; ++/ + +import deimos.openssl.ocsp; +alias SKM_sk_new!OCSP_CERTID sk_OCSP_CERTID_new; +alias SKM_sk_new_null!OCSP_CERTID sk_OCSP_CERTID_new_null; +alias SKM_sk_free!OCSP_CERTID sk_OCSP_CERTID_free; +alias SKM_sk_num!OCSP_CERTID sk_OCSP_CERTID_num; +alias SKM_sk_value!OCSP_CERTID sk_OCSP_CERTID_value; +alias SKM_sk_set!OCSP_CERTID sk_OCSP_CERTID_set; +alias SKM_sk_zero!OCSP_CERTID sk_OCSP_CERTID_zero; +alias SKM_sk_push!OCSP_CERTID sk_OCSP_CERTID_push; +alias SKM_sk_unshift!OCSP_CERTID sk_OCSP_CERTID_unshift; +alias SKM_sk_find!OCSP_CERTID sk_OCSP_CERTID_find; +alias SKM_sk_find_ex!OCSP_CERTID sk_OCSP_CERTID_find_ex; +alias SKM_sk_delete!OCSP_CERTID sk_OCSP_CERTID_delete; +alias SKM_sk_delete_ptr!OCSP_CERTID sk_OCSP_CERTID_delete_ptr; +alias SKM_sk_insert!OCSP_CERTID sk_OCSP_CERTID_insert; +alias SKM_sk_set_cmp_func!OCSP_CERTID sk_OCSP_CERTID_set_cmp_func; +alias SKM_sk_dup!OCSP_CERTID sk_OCSP_CERTID_dup; +alias SKM_sk_pop_free!OCSP_CERTID sk_OCSP_CERTID_pop_free; +alias SKM_sk_shift!OCSP_CERTID sk_OCSP_CERTID_shift; +alias SKM_sk_pop!OCSP_CERTID sk_OCSP_CERTID_pop; +alias SKM_sk_sort!OCSP_CERTID sk_OCSP_CERTID_sort; +alias SKM_sk_is_sorted!OCSP_CERTID sk_OCSP_CERTID_is_sorted; + +alias SKM_sk_new!OCSP_ONEREQ sk_OCSP_ONEREQ_new; +alias SKM_sk_new_null!OCSP_ONEREQ sk_OCSP_ONEREQ_new_null; +alias SKM_sk_free!OCSP_ONEREQ sk_OCSP_ONEREQ_free; +alias SKM_sk_num!OCSP_ONEREQ sk_OCSP_ONEREQ_num; +alias SKM_sk_value!OCSP_ONEREQ sk_OCSP_ONEREQ_value; +alias SKM_sk_set!OCSP_ONEREQ sk_OCSP_ONEREQ_set; +alias SKM_sk_zero!OCSP_ONEREQ sk_OCSP_ONEREQ_zero; +alias SKM_sk_push!OCSP_ONEREQ sk_OCSP_ONEREQ_push; +alias SKM_sk_unshift!OCSP_ONEREQ sk_OCSP_ONEREQ_unshift; +alias SKM_sk_find!OCSP_ONEREQ sk_OCSP_ONEREQ_find; +alias SKM_sk_find_ex!OCSP_ONEREQ sk_OCSP_ONEREQ_find_ex; +alias SKM_sk_delete!OCSP_ONEREQ sk_OCSP_ONEREQ_delete; +alias SKM_sk_delete_ptr!OCSP_ONEREQ sk_OCSP_ONEREQ_delete_ptr; +alias SKM_sk_insert!OCSP_ONEREQ sk_OCSP_ONEREQ_insert; +alias SKM_sk_set_cmp_func!OCSP_ONEREQ sk_OCSP_ONEREQ_set_cmp_func; +alias SKM_sk_dup!OCSP_ONEREQ sk_OCSP_ONEREQ_dup; +alias SKM_sk_pop_free!OCSP_ONEREQ sk_OCSP_ONEREQ_pop_free; +alias SKM_sk_shift!OCSP_ONEREQ sk_OCSP_ONEREQ_shift; +alias SKM_sk_pop!OCSP_ONEREQ sk_OCSP_ONEREQ_pop; +alias SKM_sk_sort!OCSP_ONEREQ sk_OCSP_ONEREQ_sort; +alias SKM_sk_is_sorted!OCSP_ONEREQ sk_OCSP_ONEREQ_is_sorted; + +alias SKM_sk_new!OCSP_RESPID sk_OCSP_RESPID_new; +alias SKM_sk_new_null!OCSP_RESPID sk_OCSP_RESPID_new_null; +alias SKM_sk_free!OCSP_RESPID sk_OCSP_RESPID_free; +alias SKM_sk_num!OCSP_RESPID sk_OCSP_RESPID_num; +alias SKM_sk_value!OCSP_RESPID sk_OCSP_RESPID_value; +alias SKM_sk_set!OCSP_RESPID sk_OCSP_RESPID_set; +alias SKM_sk_zero!OCSP_RESPID sk_OCSP_RESPID_zero; +alias SKM_sk_push!OCSP_RESPID sk_OCSP_RESPID_push; +alias SKM_sk_unshift!OCSP_RESPID sk_OCSP_RESPID_unshift; +alias SKM_sk_find!OCSP_RESPID sk_OCSP_RESPID_find; +alias SKM_sk_find_ex!OCSP_RESPID sk_OCSP_RESPID_find_ex; +alias SKM_sk_delete!OCSP_RESPID sk_OCSP_RESPID_delete; +alias SKM_sk_delete_ptr!OCSP_RESPID sk_OCSP_RESPID_delete_ptr; +alias SKM_sk_insert!OCSP_RESPID sk_OCSP_RESPID_insert; +alias SKM_sk_set_cmp_func!OCSP_RESPID sk_OCSP_RESPID_set_cmp_func; +alias SKM_sk_dup!OCSP_RESPID sk_OCSP_RESPID_dup; +alias SKM_sk_pop_free!OCSP_RESPID sk_OCSP_RESPID_pop_free; +alias SKM_sk_shift!OCSP_RESPID sk_OCSP_RESPID_shift; +alias SKM_sk_pop!OCSP_RESPID sk_OCSP_RESPID_pop; +alias SKM_sk_sort!OCSP_RESPID sk_OCSP_RESPID_sort; +alias SKM_sk_is_sorted!OCSP_RESPID sk_OCSP_RESPID_is_sorted; + +alias SKM_sk_new!OCSP_SINGLERESP sk_OCSP_SINGLERESP_new; +alias SKM_sk_new_null!OCSP_SINGLERESP sk_OCSP_SINGLERESP_new_null; +alias SKM_sk_free!OCSP_SINGLERESP sk_OCSP_SINGLERESP_free; +alias SKM_sk_num!OCSP_SINGLERESP sk_OCSP_SINGLERESP_num; +alias SKM_sk_value!OCSP_SINGLERESP sk_OCSP_SINGLERESP_value; +alias SKM_sk_set!OCSP_SINGLERESP sk_OCSP_SINGLERESP_set; +alias SKM_sk_zero!OCSP_SINGLERESP sk_OCSP_SINGLERESP_zero; +alias SKM_sk_push!OCSP_SINGLERESP sk_OCSP_SINGLERESP_push; +alias SKM_sk_unshift!OCSP_SINGLERESP sk_OCSP_SINGLERESP_unshift; +alias SKM_sk_find!OCSP_SINGLERESP sk_OCSP_SINGLERESP_find; +alias SKM_sk_find_ex!OCSP_SINGLERESP sk_OCSP_SINGLERESP_find_ex; +alias SKM_sk_delete!OCSP_SINGLERESP sk_OCSP_SINGLERESP_delete; +alias SKM_sk_delete_ptr!OCSP_SINGLERESP sk_OCSP_SINGLERESP_delete_ptr; +alias SKM_sk_insert!OCSP_SINGLERESP sk_OCSP_SINGLERESP_insert; +alias SKM_sk_set_cmp_func!OCSP_SINGLERESP sk_OCSP_SINGLERESP_set_cmp_func; +alias SKM_sk_dup!OCSP_SINGLERESP sk_OCSP_SINGLERESP_dup; +alias SKM_sk_pop_free!OCSP_SINGLERESP sk_OCSP_SINGLERESP_pop_free; +alias SKM_sk_shift!OCSP_SINGLERESP sk_OCSP_SINGLERESP_shift; +alias SKM_sk_pop!OCSP_SINGLERESP sk_OCSP_SINGLERESP_pop; +alias SKM_sk_sort!OCSP_SINGLERESP sk_OCSP_SINGLERESP_sort; +alias SKM_sk_is_sorted!OCSP_SINGLERESP sk_OCSP_SINGLERESP_is_sorted; + +import deimos.openssl.pkcs12; +alias SKM_sk_new!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_new; +alias SKM_sk_new_null!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_new_null; +alias SKM_sk_free!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_free; +alias SKM_sk_num!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_num; +alias SKM_sk_value!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_value; +alias SKM_sk_set!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_set; +alias SKM_sk_zero!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_zero; +alias SKM_sk_push!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_push; +alias SKM_sk_unshift!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_unshift; +alias SKM_sk_find!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_find; +alias SKM_sk_find_ex!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_find_ex; +alias SKM_sk_delete!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_delete; +alias SKM_sk_delete_ptr!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_delete_ptr; +alias SKM_sk_insert!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_insert; +alias SKM_sk_set_cmp_func!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_set_cmp_func; +alias SKM_sk_dup!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_dup; +alias SKM_sk_pop_free!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_pop_free; +alias SKM_sk_shift!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_shift; +alias SKM_sk_pop!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_pop; +alias SKM_sk_sort!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_sort; +alias SKM_sk_is_sorted!PKCS12_SAFEBAG sk_PKCS12_SAFEBAG_is_sorted; + +import deimos.openssl.pkcs7; +alias SKM_sk_new!PKCS7 sk_PKCS7_new; +alias SKM_sk_new_null!PKCS7 sk_PKCS7_new_null; +alias SKM_sk_free!PKCS7 sk_PKCS7_free; +alias SKM_sk_num!PKCS7 sk_PKCS7_num; +alias SKM_sk_value!PKCS7 sk_PKCS7_value; +alias SKM_sk_set!PKCS7 sk_PKCS7_set; +alias SKM_sk_zero!PKCS7 sk_PKCS7_zero; +alias SKM_sk_push!PKCS7 sk_PKCS7_push; +alias SKM_sk_unshift!PKCS7 sk_PKCS7_unshift; +alias SKM_sk_find!PKCS7 sk_PKCS7_find; +alias SKM_sk_find_ex!PKCS7 sk_PKCS7_find_ex; +alias SKM_sk_delete!PKCS7 sk_PKCS7_delete; +alias SKM_sk_delete_ptr!PKCS7 sk_PKCS7_delete_ptr; +alias SKM_sk_insert!PKCS7 sk_PKCS7_insert; +alias SKM_sk_set_cmp_func!PKCS7 sk_PKCS7_set_cmp_func; +alias SKM_sk_dup!PKCS7 sk_PKCS7_dup; +alias SKM_sk_pop_free!PKCS7 sk_PKCS7_pop_free; +alias SKM_sk_shift!PKCS7 sk_PKCS7_shift; +alias SKM_sk_pop!PKCS7 sk_PKCS7_pop; +alias SKM_sk_sort!PKCS7 sk_PKCS7_sort; +alias SKM_sk_is_sorted!PKCS7 sk_PKCS7_is_sorted; + +alias SKM_sk_new!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_new; +alias SKM_sk_new_null!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_new_null; +alias SKM_sk_free!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_free; +alias SKM_sk_num!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_num; +alias SKM_sk_value!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_value; +alias SKM_sk_set!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_set; +alias SKM_sk_zero!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_zero; +alias SKM_sk_push!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_push; +alias SKM_sk_unshift!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_unshift; +alias SKM_sk_find!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_find; +alias SKM_sk_find_ex!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_find_ex; +alias SKM_sk_delete!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_delete; +alias SKM_sk_delete_ptr!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_delete_ptr; +alias SKM_sk_insert!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_insert; +alias SKM_sk_set_cmp_func!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_set_cmp_func; +alias SKM_sk_dup!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_dup; +alias SKM_sk_pop_free!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_pop_free; +alias SKM_sk_shift!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_shift; +alias SKM_sk_pop!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_pop; +alias SKM_sk_sort!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_sort; +alias SKM_sk_is_sorted!PKCS7_RECIP_INFO sk_PKCS7_RECIP_INFO_is_sorted; + +alias SKM_sk_new!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_new; +alias SKM_sk_new_null!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_new_null; +alias SKM_sk_free!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_free; +alias SKM_sk_num!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_num; +alias SKM_sk_value!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_value; +alias SKM_sk_set!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_set; +alias SKM_sk_zero!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_zero; +alias SKM_sk_push!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_push; +alias SKM_sk_unshift!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_unshift; +alias SKM_sk_find!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_find; +alias SKM_sk_find_ex!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_find_ex; +alias SKM_sk_delete!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_delete; +alias SKM_sk_delete_ptr!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_delete_ptr; +alias SKM_sk_insert!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_insert; +alias SKM_sk_set_cmp_func!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_set_cmp_func; +alias SKM_sk_dup!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_dup; +alias SKM_sk_pop_free!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_pop_free; +alias SKM_sk_shift!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_shift; +alias SKM_sk_pop!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_pop; +alias SKM_sk_sort!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_sort; +alias SKM_sk_is_sorted!PKCS7_SIGNER_INFO sk_PKCS7_SIGNER_INFO_is_sorted; + +alias SKM_sk_new!POLICYINFO sk_POLICYINFO_new; +alias SKM_sk_new_null!POLICYINFO sk_POLICYINFO_new_null; +alias SKM_sk_free!POLICYINFO sk_POLICYINFO_free; +alias SKM_sk_num!POLICYINFO sk_POLICYINFO_num; +alias SKM_sk_value!POLICYINFO sk_POLICYINFO_value; +alias SKM_sk_set!POLICYINFO sk_POLICYINFO_set; +alias SKM_sk_zero!POLICYINFO sk_POLICYINFO_zero; +alias SKM_sk_push!POLICYINFO sk_POLICYINFO_push; +alias SKM_sk_unshift!POLICYINFO sk_POLICYINFO_unshift; +alias SKM_sk_find!POLICYINFO sk_POLICYINFO_find; +alias SKM_sk_find_ex!POLICYINFO sk_POLICYINFO_find_ex; +alias SKM_sk_delete!POLICYINFO sk_POLICYINFO_delete; +alias SKM_sk_delete_ptr!POLICYINFO sk_POLICYINFO_delete_ptr; +alias SKM_sk_insert!POLICYINFO sk_POLICYINFO_insert; +alias SKM_sk_set_cmp_func!POLICYINFO sk_POLICYINFO_set_cmp_func; +alias SKM_sk_dup!POLICYINFO sk_POLICYINFO_dup; +alias SKM_sk_pop_free!POLICYINFO sk_POLICYINFO_pop_free; +alias SKM_sk_shift!POLICYINFO sk_POLICYINFO_shift; +alias SKM_sk_pop!POLICYINFO sk_POLICYINFO_pop; +alias SKM_sk_sort!POLICYINFO sk_POLICYINFO_sort; +alias SKM_sk_is_sorted!POLICYINFO sk_POLICYINFO_is_sorted; + +alias SKM_sk_new!POLICYQUALINFO sk_POLICYQUALINFO_new; +alias SKM_sk_new_null!POLICYQUALINFO sk_POLICYQUALINFO_new_null; +alias SKM_sk_free!POLICYQUALINFO sk_POLICYQUALINFO_free; +alias SKM_sk_num!POLICYQUALINFO sk_POLICYQUALINFO_num; +alias SKM_sk_value!POLICYQUALINFO sk_POLICYQUALINFO_value; +alias SKM_sk_set!POLICYQUALINFO sk_POLICYQUALINFO_set; +alias SKM_sk_zero!POLICYQUALINFO sk_POLICYQUALINFO_zero; +alias SKM_sk_push!POLICYQUALINFO sk_POLICYQUALINFO_push; +alias SKM_sk_unshift!POLICYQUALINFO sk_POLICYQUALINFO_unshift; +alias SKM_sk_find!POLICYQUALINFO sk_POLICYQUALINFO_find; +alias SKM_sk_find_ex!POLICYQUALINFO sk_POLICYQUALINFO_find_ex; +alias SKM_sk_delete!POLICYQUALINFO sk_POLICYQUALINFO_delete; +alias SKM_sk_delete_ptr!POLICYQUALINFO sk_POLICYQUALINFO_delete_ptr; +alias SKM_sk_insert!POLICYQUALINFO sk_POLICYQUALINFO_insert; +alias SKM_sk_set_cmp_func!POLICYQUALINFO sk_POLICYQUALINFO_set_cmp_func; +alias SKM_sk_dup!POLICYQUALINFO sk_POLICYQUALINFO_dup; +alias SKM_sk_pop_free!POLICYQUALINFO sk_POLICYQUALINFO_pop_free; +alias SKM_sk_shift!POLICYQUALINFO sk_POLICYQUALINFO_shift; +alias SKM_sk_pop!POLICYQUALINFO sk_POLICYQUALINFO_pop; +alias SKM_sk_sort!POLICYQUALINFO sk_POLICYQUALINFO_sort; +alias SKM_sk_is_sorted!POLICYQUALINFO sk_POLICYQUALINFO_is_sorted; + +alias SKM_sk_new!POLICY_MAPPING sk_POLICY_MAPPING_new; +alias SKM_sk_new_null!POLICY_MAPPING sk_POLICY_MAPPING_new_null; +alias SKM_sk_free!POLICY_MAPPING sk_POLICY_MAPPING_free; +alias SKM_sk_num!POLICY_MAPPING sk_POLICY_MAPPING_num; +alias SKM_sk_value!POLICY_MAPPING sk_POLICY_MAPPING_value; +alias SKM_sk_set!POLICY_MAPPING sk_POLICY_MAPPING_set; +alias SKM_sk_zero!POLICY_MAPPING sk_POLICY_MAPPING_zero; +alias SKM_sk_push!POLICY_MAPPING sk_POLICY_MAPPING_push; +alias SKM_sk_unshift!POLICY_MAPPING sk_POLICY_MAPPING_unshift; +alias SKM_sk_find!POLICY_MAPPING sk_POLICY_MAPPING_find; +alias SKM_sk_find_ex!POLICY_MAPPING sk_POLICY_MAPPING_find_ex; +alias SKM_sk_delete!POLICY_MAPPING sk_POLICY_MAPPING_delete; +alias SKM_sk_delete_ptr!POLICY_MAPPING sk_POLICY_MAPPING_delete_ptr; +alias SKM_sk_insert!POLICY_MAPPING sk_POLICY_MAPPING_insert; +alias SKM_sk_set_cmp_func!POLICY_MAPPING sk_POLICY_MAPPING_set_cmp_func; +alias SKM_sk_dup!POLICY_MAPPING sk_POLICY_MAPPING_dup; +alias SKM_sk_pop_free!POLICY_MAPPING sk_POLICY_MAPPING_pop_free; +alias SKM_sk_shift!POLICY_MAPPING sk_POLICY_MAPPING_shift; +alias SKM_sk_pop!POLICY_MAPPING sk_POLICY_MAPPING_pop; +alias SKM_sk_sort!POLICY_MAPPING sk_POLICY_MAPPING_sort; +alias SKM_sk_is_sorted!POLICY_MAPPING sk_POLICY_MAPPING_is_sorted; + +alias sk_SRP_gN_new = SKM_sk_new!SRP_gN; +alias sk_SRP_gN_new_null = SKM_sk_new_null!SRP_gN; +alias sk_SRP_gN_free = SKM_sk_free!SRP_gN; +alias sk_SRP_gN_num = SKM_sk_num!SRP_gN; +alias sk_SRP_gN_value = SKM_sk_value!SRP_gN; +alias sk_SRP_gN_set = SKM_sk_set!SRP_gN; +alias sk_SRP_gN_zero = SKM_sk_zero!SRP_gN; +alias sk_SRP_gN_push = SKM_sk_push!SRP_gN; +alias sk_SRP_gN_unshift = SKM_sk_unshift!SRP_gN; +alias sk_SRP_gN_find = SKM_sk_find!SRP_gN; +alias sk_SRP_gN_find_ex = SKM_sk_find_ex!SRP_gN; +alias sk_SRP_gN_delete = SKM_sk_delete!SRP_gN; +alias sk_SRP_gN_delete_ptr = SKM_sk_delete_ptr!SRP_gN; +alias sk_SRP_gN_insert = SKM_sk_insert!SRP_gN; +alias sk_SRP_gN_set_cmp_func = SKM_sk_set_cmp_func!SRP_gN; +alias sk_SRP_gN_dup = SKM_sk_dup!SRP_gN; +alias sk_SRP_gN_pop_free = SKM_sk_pop_free!SRP_gN; +alias sk_SRP_gN_shift = SKM_sk_shift!SRP_gN; +alias sk_SRP_gN_pop = SKM_sk_pop!SRP_gN; +alias sk_SRP_gN_sort = SKM_sk_sort!SRP_gN; +alias sk_SRP_gN_is_sorted = SKM_sk_is_sorted!SRP_gN; + +alias sk_SRP_gN_cache_new = SKM_sk_new!SRP_gN_cache; +alias sk_SRP_gN_cache_new_null = SKM_sk_new_null!SRP_gN_cache; +alias sk_SRP_gN_cache_free = SKM_sk_free!SRP_gN_cache; +alias sk_SRP_gN_cache_num = SKM_sk_num!SRP_gN_cache; +alias sk_SRP_gN_cache_value = SKM_sk_value!SRP_gN_cache; +alias sk_SRP_gN_cache_set = SKM_sk_set!SRP_gN_cache; +alias sk_SRP_gN_cache_zero = SKM_sk_zero!SRP_gN_cache; +alias sk_SRP_gN_cache_push = SKM_sk_push!SRP_gN_cache; +alias sk_SRP_gN_cache_unshift = SKM_sk_unshift!SRP_gN_cache; +alias sk_SRP_gN_cache_find = SKM_sk_find!SRP_gN_cache; +alias sk_SRP_gN_cache_find_ex = SKM_sk_find_ex!SRP_gN_cache; +alias sk_SRP_gN_cache_delete = SKM_sk_delete!SRP_gN_cache; +alias sk_SRP_gN_cache_delete_ptr = SKM_sk_delete_ptr!SRP_gN_cache; +alias sk_SRP_gN_cache_insert = SKM_sk_insert!SRP_gN_cache; +alias sk_SRP_gN_cache_set_cmp_func = SKM_sk_set_cmp_func!SRP_gN_cache; +alias sk_SRP_gN_cache_dup = SKM_sk_dup!SRP_gN_cache; +alias sk_SRP_gN_cache_pop_free = SKM_sk_pop_free!SRP_gN_cache; +alias sk_SRP_gN_cache_shift = SKM_sk_shift!SRP_gN_cache; +alias sk_SRP_gN_cache_pop = SKM_sk_pop!SRP_gN_cache; +alias sk_SRP_gN_cache_sort = SKM_sk_sort!SRP_gN_cache; +alias sk_SRP_gN_cache_is_sorted = SKM_sk_is_sorted!SRP_gN_cache; + +alias sk_SRP_user_pwd_new = SKM_sk_new!SRP_user_pwd; +alias sk_SRP_user_pwd_new_null = SKM_sk_new_null!SRP_user_pwd; +alias sk_SRP_user_pwd_free = SKM_sk_free!SRP_user_pwd; +alias sk_SRP_user_pwd_num = SKM_sk_num!SRP_user_pwd; +alias sk_SRP_user_pwd_value = SKM_sk_value!SRP_user_pwd; +alias sk_SRP_user_pwd_set = SKM_sk_set!SRP_user_pwd; +alias sk_SRP_user_pwd_zero = SKM_sk_zero!SRP_user_pwd; +alias sk_SRP_user_pwd_push = SKM_sk_push!SRP_user_pwd; +alias sk_SRP_user_pwd_unshift = SKM_sk_unshift!SRP_user_pwd; +alias sk_SRP_user_pwd_find = SKM_sk_find!SRP_user_pwd; +alias sk_SRP_user_pwd_find_ex = SKM_sk_find_ex!SRP_user_pwd; +alias sk_SRP_user_pwd_delete = SKM_sk_delete!SRP_user_pwd; +alias sk_SRP_user_pwd_delete_ptr = SKM_sk_delete_ptr!SRP_user_pwd; +alias sk_SRP_user_pwd_insert = SKM_sk_insert!SRP_user_pwd; +alias sk_SRP_user_pwd_set_cmp_func = SKM_sk_set_cmp_func!SRP_user_pwd; +alias sk_SRP_user_pwd_dup = SKM_sk_dup!SRP_user_pwd; +alias sk_SRP_user_pwd_pop_free = SKM_sk_pop_free!SRP_user_pwd; +alias sk_SRP_user_pwd_shift = SKM_sk_shift!SRP_user_pwd; +alias sk_SRP_user_pwd_pop = SKM_sk_pop!SRP_user_pwd; +alias sk_SRP_user_pwd_sort = SKM_sk_sort!SRP_user_pwd; +alias sk_SRP_user_pwd_is_sorted = SKM_sk_is_sorted!SRP_user_pwd; + +alias sk_SRTP_PROTECTION_PROFILE_new = SKM_sk_new!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_new_null = SKM_sk_new_null!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_free = SKM_sk_free!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_num = SKM_sk_num!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_value = SKM_sk_value!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_set = SKM_sk_set!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_zero = SKM_sk_zero!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_push = SKM_sk_push!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_unshift = SKM_sk_unshift!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_find = SKM_sk_find!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_find_ex = SKM_sk_find_ex!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_delete = SKM_sk_delete!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_delete_ptr = SKM_sk_delete_ptr!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_insert = SKM_sk_insert!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_set_cmp_func = SKM_sk_set_cmp_func!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_dup = SKM_sk_dup!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_pop_free = SKM_sk_pop_free!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_shift = SKM_sk_shift!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_pop = SKM_sk_pop!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_sort = SKM_sk_sort!SRTP_PROTECTION_PROFILE; +alias sk_SRTP_PROTECTION_PROFILE_is_sorted = SKM_sk_is_sorted!SRTP_PROTECTION_PROFILE; + +import deimos.openssl.ssl; +alias SKM_sk_new!SSL_CIPHER sk_SSL_CIPHER_new; +alias SKM_sk_new_null!SSL_CIPHER sk_SSL_CIPHER_new_null; +alias SKM_sk_free!SSL_CIPHER sk_SSL_CIPHER_free; +alias SKM_sk_num!SSL_CIPHER sk_SSL_CIPHER_num; +alias SKM_sk_value!SSL_CIPHER sk_SSL_CIPHER_value; +alias SKM_sk_set!SSL_CIPHER sk_SSL_CIPHER_set; +alias SKM_sk_zero!SSL_CIPHER sk_SSL_CIPHER_zero; +alias SKM_sk_push!SSL_CIPHER sk_SSL_CIPHER_push; +alias SKM_sk_unshift!SSL_CIPHER sk_SSL_CIPHER_unshift; +alias SKM_sk_find!SSL_CIPHER sk_SSL_CIPHER_find; +alias SKM_sk_find_ex!SSL_CIPHER sk_SSL_CIPHER_find_ex; +alias SKM_sk_delete!SSL_CIPHER sk_SSL_CIPHER_delete; +alias SKM_sk_delete_ptr!SSL_CIPHER sk_SSL_CIPHER_delete_ptr; +alias SKM_sk_insert!SSL_CIPHER sk_SSL_CIPHER_insert; +alias SKM_sk_set_cmp_func!SSL_CIPHER sk_SSL_CIPHER_set_cmp_func; +alias SKM_sk_dup!SSL_CIPHER sk_SSL_CIPHER_dup; +alias SKM_sk_pop_free!SSL_CIPHER sk_SSL_CIPHER_pop_free; +alias SKM_sk_shift!SSL_CIPHER sk_SSL_CIPHER_shift; +alias SKM_sk_pop!SSL_CIPHER sk_SSL_CIPHER_pop; +alias SKM_sk_sort!SSL_CIPHER sk_SSL_CIPHER_sort; +alias SKM_sk_is_sorted!SSL_CIPHER sk_SSL_CIPHER_is_sorted; + +alias SKM_sk_new!SSL_COMP sk_SSL_COMP_new; +alias SKM_sk_new_null!SSL_COMP sk_SSL_COMP_new_null; +alias SKM_sk_free!SSL_COMP sk_SSL_COMP_free; +alias SKM_sk_num!SSL_COMP sk_SSL_COMP_num; +alias SKM_sk_value!SSL_COMP sk_SSL_COMP_value; +alias SKM_sk_set!SSL_COMP sk_SSL_COMP_set; +alias SKM_sk_zero!SSL_COMP sk_SSL_COMP_zero; +alias SKM_sk_push!SSL_COMP sk_SSL_COMP_push; +alias SKM_sk_unshift!SSL_COMP sk_SSL_COMP_unshift; +alias SKM_sk_find!SSL_COMP sk_SSL_COMP_find; +alias SKM_sk_find_ex!SSL_COMP sk_SSL_COMP_find_ex; +alias SKM_sk_delete!SSL_COMP sk_SSL_COMP_delete; +alias SKM_sk_delete_ptr!SSL_COMP sk_SSL_COMP_delete_ptr; +alias SKM_sk_insert!SSL_COMP sk_SSL_COMP_insert; +alias SKM_sk_set_cmp_func!SSL_COMP sk_SSL_COMP_set_cmp_func; +alias SKM_sk_dup!SSL_COMP sk_SSL_COMP_dup; +alias SKM_sk_pop_free!SSL_COMP sk_SSL_COMP_pop_free; +alias SKM_sk_shift!SSL_COMP sk_SSL_COMP_shift; +alias SKM_sk_pop!SSL_COMP sk_SSL_COMP_pop; +alias SKM_sk_sort!SSL_COMP sk_SSL_COMP_sort; +alias SKM_sk_is_sorted!SSL_COMP sk_SSL_COMP_is_sorted; + +/+ Oversight (?) in the original headers: STACK_OF_X509_NAME_ENTRY does not exist. +alias SKM_sk_new!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_new; +alias SKM_sk_new_null!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_new_null; +alias SKM_sk_free!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_free; +alias SKM_sk_num!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_num; +alias SKM_sk_value!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_value; +alias SKM_sk_set!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_set; +alias SKM_sk_zero!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_zero; +alias SKM_sk_push!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_push; +alias SKM_sk_unshift!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_unshift; +alias SKM_sk_find!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_find; +alias SKM_sk_find_ex!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_find_ex; +alias SKM_sk_delete!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_delete; +alias SKM_sk_delete_ptr!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_delete_ptr; +alias SKM_sk_insert!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_insert; +alias SKM_sk_set_cmp_func!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_set_cmp_func; +alias SKM_sk_dup!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_dup; +alias SKM_sk_pop_free!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_pop_free; +alias SKM_sk_shift!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_shift; +alias SKM_sk_pop!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_pop; +alias SKM_sk_sort!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_sort; +alias SKM_sk_is_sorted!STACK_OF_X509_NAME_ENTRY sk_STACK_OF_X509_NAME_ENTRY_is_sorted; ++/ + +/+ Internal store types. +alias SKM_sk_new!STORE_ATTR_INFO sk_STORE_ATTR_INFO_new; +alias SKM_sk_new_null!STORE_ATTR_INFO sk_STORE_ATTR_INFO_new_null; +alias SKM_sk_free!STORE_ATTR_INFO sk_STORE_ATTR_INFO_free; +alias SKM_sk_num!STORE_ATTR_INFO sk_STORE_ATTR_INFO_num; +alias SKM_sk_value!STORE_ATTR_INFO sk_STORE_ATTR_INFO_value; +alias SKM_sk_set!STORE_ATTR_INFO sk_STORE_ATTR_INFO_set; +alias SKM_sk_zero!STORE_ATTR_INFO sk_STORE_ATTR_INFO_zero; +alias SKM_sk_push!STORE_ATTR_INFO sk_STORE_ATTR_INFO_push; +alias SKM_sk_unshift!STORE_ATTR_INFO sk_STORE_ATTR_INFO_unshift; +alias SKM_sk_find!STORE_ATTR_INFO sk_STORE_ATTR_INFO_find; +alias SKM_sk_find_ex!STORE_ATTR_INFO sk_STORE_ATTR_INFO_find_ex; +alias SKM_sk_delete!STORE_ATTR_INFO sk_STORE_ATTR_INFO_delete; +alias SKM_sk_delete_ptr!STORE_ATTR_INFO sk_STORE_ATTR_INFO_delete_ptr; +alias SKM_sk_insert!STORE_ATTR_INFO sk_STORE_ATTR_INFO_insert; +alias SKM_sk_set_cmp_func!STORE_ATTR_INFO sk_STORE_ATTR_INFO_set_cmp_func; +alias SKM_sk_dup!STORE_ATTR_INFO sk_STORE_ATTR_INFO_dup; +alias SKM_sk_pop_free!STORE_ATTR_INFO sk_STORE_ATTR_INFO_pop_free; +alias SKM_sk_shift!STORE_ATTR_INFO sk_STORE_ATTR_INFO_shift; +alias SKM_sk_pop!STORE_ATTR_INFO sk_STORE_ATTR_INFO_pop; +alias SKM_sk_sort!STORE_ATTR_INFO sk_STORE_ATTR_INFO_sort; +alias SKM_sk_is_sorted!STORE_ATTR_INFO sk_STORE_ATTR_INFO_is_sorted; + +alias SKM_sk_new!STORE_OBJECT sk_STORE_OBJECT_new; +alias SKM_sk_new_null!STORE_OBJECT sk_STORE_OBJECT_new_null; +alias SKM_sk_free!STORE_OBJECT sk_STORE_OBJECT_free; +alias SKM_sk_num!STORE_OBJECT sk_STORE_OBJECT_num; +alias SKM_sk_value!STORE_OBJECT sk_STORE_OBJECT_value; +alias SKM_sk_set!STORE_OBJECT sk_STORE_OBJECT_set; +alias SKM_sk_zero!STORE_OBJECT sk_STORE_OBJECT_zero; +alias SKM_sk_push!STORE_OBJECT sk_STORE_OBJECT_push; +alias SKM_sk_unshift!STORE_OBJECT sk_STORE_OBJECT_unshift; +alias SKM_sk_find!STORE_OBJECT sk_STORE_OBJECT_find; +alias SKM_sk_find_ex!STORE_OBJECT sk_STORE_OBJECT_find_ex; +alias SKM_sk_delete!STORE_OBJECT sk_STORE_OBJECT_delete; +alias SKM_sk_delete_ptr!STORE_OBJECT sk_STORE_OBJECT_delete_ptr; +alias SKM_sk_insert!STORE_OBJECT sk_STORE_OBJECT_insert; +alias SKM_sk_set_cmp_func!STORE_OBJECT sk_STORE_OBJECT_set_cmp_func; +alias SKM_sk_dup!STORE_OBJECT sk_STORE_OBJECT_dup; +alias SKM_sk_pop_free!STORE_OBJECT sk_STORE_OBJECT_pop_free; +alias SKM_sk_shift!STORE_OBJECT sk_STORE_OBJECT_shift; +alias SKM_sk_pop!STORE_OBJECT sk_STORE_OBJECT_pop; +alias SKM_sk_sort!STORE_OBJECT sk_STORE_OBJECT_sort; +alias SKM_sk_is_sorted!STORE_OBJECT sk_STORE_OBJECT_is_sorted; ++/ + +alias SKM_sk_new!SXNETID sk_SXNETID_new; +alias SKM_sk_new_null!SXNETID sk_SXNETID_new_null; +alias SKM_sk_free!SXNETID sk_SXNETID_free; +alias SKM_sk_num!SXNETID sk_SXNETID_num; +alias SKM_sk_value!SXNETID sk_SXNETID_value; +alias SKM_sk_set!SXNETID sk_SXNETID_set; +alias SKM_sk_zero!SXNETID sk_SXNETID_zero; +alias SKM_sk_push!SXNETID sk_SXNETID_push; +alias SKM_sk_unshift!SXNETID sk_SXNETID_unshift; +alias SKM_sk_find!SXNETID sk_SXNETID_find; +alias SKM_sk_find_ex!SXNETID sk_SXNETID_find_ex; +alias SKM_sk_delete!SXNETID sk_SXNETID_delete; +alias SKM_sk_delete_ptr!SXNETID sk_SXNETID_delete_ptr; +alias SKM_sk_insert!SXNETID sk_SXNETID_insert; +alias SKM_sk_set_cmp_func!SXNETID sk_SXNETID_set_cmp_func; +alias SKM_sk_dup!SXNETID sk_SXNETID_dup; +alias SKM_sk_pop_free!SXNETID sk_SXNETID_pop_free; +alias SKM_sk_shift!SXNETID sk_SXNETID_shift; +alias SKM_sk_pop!SXNETID sk_SXNETID_pop; +alias SKM_sk_sort!SXNETID sk_SXNETID_sort; +alias SKM_sk_is_sorted!SXNETID sk_SXNETID_is_sorted; + +import deimos.openssl.ui; +alias SKM_sk_new!UI_STRING sk_UI_STRING_new; +alias SKM_sk_new_null!UI_STRING sk_UI_STRING_new_null; +alias SKM_sk_free!UI_STRING sk_UI_STRING_free; +alias SKM_sk_num!UI_STRING sk_UI_STRING_num; +alias SKM_sk_value!UI_STRING sk_UI_STRING_value; +alias SKM_sk_set!UI_STRING sk_UI_STRING_set; +alias SKM_sk_zero!UI_STRING sk_UI_STRING_zero; +alias SKM_sk_push!UI_STRING sk_UI_STRING_push; +alias SKM_sk_unshift!UI_STRING sk_UI_STRING_unshift; +alias SKM_sk_find!UI_STRING sk_UI_STRING_find; +alias SKM_sk_find_ex!UI_STRING sk_UI_STRING_find_ex; +alias SKM_sk_delete!UI_STRING sk_UI_STRING_delete; +alias SKM_sk_delete_ptr!UI_STRING sk_UI_STRING_delete_ptr; +alias SKM_sk_insert!UI_STRING sk_UI_STRING_insert; +alias SKM_sk_set_cmp_func!UI_STRING sk_UI_STRING_set_cmp_func; +alias SKM_sk_dup!UI_STRING sk_UI_STRING_dup; +alias SKM_sk_pop_free!UI_STRING sk_UI_STRING_pop_free; +alias SKM_sk_shift!UI_STRING sk_UI_STRING_shift; +alias SKM_sk_pop!UI_STRING sk_UI_STRING_pop; +alias SKM_sk_sort!UI_STRING sk_UI_STRING_sort; +alias SKM_sk_is_sorted!UI_STRING sk_UI_STRING_is_sorted; + +alias SKM_sk_new!X509 sk_X509_new; +alias SKM_sk_new_null!X509 sk_X509_new_null; +alias SKM_sk_free!X509 sk_X509_free; +alias SKM_sk_num!X509 sk_X509_num; +alias SKM_sk_value!X509 sk_X509_value; +alias SKM_sk_set!X509 sk_X509_set; +alias SKM_sk_zero!X509 sk_X509_zero; +alias SKM_sk_push!X509 sk_X509_push; +alias SKM_sk_unshift!X509 sk_X509_unshift; +alias SKM_sk_find!X509 sk_X509_find; +alias SKM_sk_find_ex!X509 sk_X509_find_ex; +alias SKM_sk_delete!X509 sk_X509_delete; +alias SKM_sk_delete_ptr!X509 sk_X509_delete_ptr; +alias SKM_sk_insert!X509 sk_X509_insert; +alias SKM_sk_set_cmp_func!X509 sk_X509_set_cmp_func; +alias SKM_sk_dup!X509 sk_X509_dup; +alias SKM_sk_pop_free!X509 sk_X509_pop_free; +alias SKM_sk_shift!X509 sk_X509_shift; +alias SKM_sk_pop!X509 sk_X509_pop; +alias SKM_sk_sort!X509 sk_X509_sort; +alias SKM_sk_is_sorted!X509 sk_X509_is_sorted; + +alias SKM_sk_new!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_new; +alias SKM_sk_new_null!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_new_null; +alias SKM_sk_free!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_free; +alias SKM_sk_num!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_num; +alias SKM_sk_value!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_value; +alias SKM_sk_set!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_set; +alias SKM_sk_zero!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_zero; +alias SKM_sk_push!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_push; +alias SKM_sk_unshift!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_unshift; +alias SKM_sk_find!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_find; +alias SKM_sk_find_ex!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_find_ex; +alias SKM_sk_delete!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_delete; +alias SKM_sk_delete_ptr!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_delete_ptr; +alias SKM_sk_insert!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_insert; +alias SKM_sk_set_cmp_func!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_set_cmp_func; +alias SKM_sk_dup!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_dup; +alias SKM_sk_pop_free!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_pop_free; +alias SKM_sk_shift!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_shift; +alias SKM_sk_pop!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_pop; +alias SKM_sk_sort!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_sort; +alias SKM_sk_is_sorted!X509V3_EXT_METHOD sk_X509V3_EXT_METHOD_is_sorted; + +alias SKM_sk_new!X509_ALGOR sk_X509_ALGOR_new; +alias SKM_sk_new_null!X509_ALGOR sk_X509_ALGOR_new_null; +alias SKM_sk_free!X509_ALGOR sk_X509_ALGOR_free; +alias SKM_sk_num!X509_ALGOR sk_X509_ALGOR_num; +alias SKM_sk_value!X509_ALGOR sk_X509_ALGOR_value; +alias SKM_sk_set!X509_ALGOR sk_X509_ALGOR_set; +alias SKM_sk_zero!X509_ALGOR sk_X509_ALGOR_zero; +alias SKM_sk_push!X509_ALGOR sk_X509_ALGOR_push; +alias SKM_sk_unshift!X509_ALGOR sk_X509_ALGOR_unshift; +alias SKM_sk_find!X509_ALGOR sk_X509_ALGOR_find; +alias SKM_sk_find_ex!X509_ALGOR sk_X509_ALGOR_find_ex; +alias SKM_sk_delete!X509_ALGOR sk_X509_ALGOR_delete; +alias SKM_sk_delete_ptr!X509_ALGOR sk_X509_ALGOR_delete_ptr; +alias SKM_sk_insert!X509_ALGOR sk_X509_ALGOR_insert; +alias SKM_sk_set_cmp_func!X509_ALGOR sk_X509_ALGOR_set_cmp_func; +alias SKM_sk_dup!X509_ALGOR sk_X509_ALGOR_dup; +alias SKM_sk_pop_free!X509_ALGOR sk_X509_ALGOR_pop_free; +alias SKM_sk_shift!X509_ALGOR sk_X509_ALGOR_shift; +alias SKM_sk_pop!X509_ALGOR sk_X509_ALGOR_pop; +alias SKM_sk_sort!X509_ALGOR sk_X509_ALGOR_sort; +alias SKM_sk_is_sorted!X509_ALGOR sk_X509_ALGOR_is_sorted; + +alias SKM_sk_new!X509_ATTRIBUTE sk_X509_ATTRIBUTE_new; +alias SKM_sk_new_null!X509_ATTRIBUTE sk_X509_ATTRIBUTE_new_null; +alias SKM_sk_free!X509_ATTRIBUTE sk_X509_ATTRIBUTE_free; +alias SKM_sk_num!X509_ATTRIBUTE sk_X509_ATTRIBUTE_num; +alias SKM_sk_value!X509_ATTRIBUTE sk_X509_ATTRIBUTE_value; +alias SKM_sk_set!X509_ATTRIBUTE sk_X509_ATTRIBUTE_set; +alias SKM_sk_zero!X509_ATTRIBUTE sk_X509_ATTRIBUTE_zero; +alias SKM_sk_push!X509_ATTRIBUTE sk_X509_ATTRIBUTE_push; +alias SKM_sk_unshift!X509_ATTRIBUTE sk_X509_ATTRIBUTE_unshift; +alias SKM_sk_find!X509_ATTRIBUTE sk_X509_ATTRIBUTE_find; +alias SKM_sk_find_ex!X509_ATTRIBUTE sk_X509_ATTRIBUTE_find_ex; +alias SKM_sk_delete!X509_ATTRIBUTE sk_X509_ATTRIBUTE_delete; +alias SKM_sk_delete_ptr!X509_ATTRIBUTE sk_X509_ATTRIBUTE_delete_ptr; +alias SKM_sk_insert!X509_ATTRIBUTE sk_X509_ATTRIBUTE_insert; +alias SKM_sk_set_cmp_func!X509_ATTRIBUTE sk_X509_ATTRIBUTE_set_cmp_func; +alias SKM_sk_dup!X509_ATTRIBUTE sk_X509_ATTRIBUTE_dup; +alias SKM_sk_pop_free!X509_ATTRIBUTE sk_X509_ATTRIBUTE_pop_free; +alias SKM_sk_shift!X509_ATTRIBUTE sk_X509_ATTRIBUTE_shift; +alias SKM_sk_pop!X509_ATTRIBUTE sk_X509_ATTRIBUTE_pop; +alias SKM_sk_sort!X509_ATTRIBUTE sk_X509_ATTRIBUTE_sort; +alias SKM_sk_is_sorted!X509_ATTRIBUTE sk_X509_ATTRIBUTE_is_sorted; + +alias SKM_sk_new!X509_CRL sk_X509_CRL_new; +alias SKM_sk_new_null!X509_CRL sk_X509_CRL_new_null; +alias SKM_sk_free!X509_CRL sk_X509_CRL_free; +alias SKM_sk_num!X509_CRL sk_X509_CRL_num; +alias SKM_sk_value!X509_CRL sk_X509_CRL_value; +alias SKM_sk_set!X509_CRL sk_X509_CRL_set; +alias SKM_sk_zero!X509_CRL sk_X509_CRL_zero; +alias SKM_sk_push!X509_CRL sk_X509_CRL_push; +alias SKM_sk_unshift!X509_CRL sk_X509_CRL_unshift; +alias SKM_sk_find!X509_CRL sk_X509_CRL_find; +alias SKM_sk_find_ex!X509_CRL sk_X509_CRL_find_ex; +alias SKM_sk_delete!X509_CRL sk_X509_CRL_delete; +alias SKM_sk_delete_ptr!X509_CRL sk_X509_CRL_delete_ptr; +alias SKM_sk_insert!X509_CRL sk_X509_CRL_insert; +alias SKM_sk_set_cmp_func!X509_CRL sk_X509_CRL_set_cmp_func; +alias SKM_sk_dup!X509_CRL sk_X509_CRL_dup; +alias SKM_sk_pop_free!X509_CRL sk_X509_CRL_pop_free; +alias SKM_sk_shift!X509_CRL sk_X509_CRL_shift; +alias SKM_sk_pop!X509_CRL sk_X509_CRL_pop; +alias SKM_sk_sort!X509_CRL sk_X509_CRL_sort; +alias SKM_sk_is_sorted!X509_CRL sk_X509_CRL_is_sorted; + +alias SKM_sk_new!X509_EXTENSION sk_X509_EXTENSION_new; +alias SKM_sk_new_null!X509_EXTENSION sk_X509_EXTENSION_new_null; +alias SKM_sk_free!X509_EXTENSION sk_X509_EXTENSION_free; +alias SKM_sk_num!X509_EXTENSION sk_X509_EXTENSION_num; +alias SKM_sk_value!X509_EXTENSION sk_X509_EXTENSION_value; +alias SKM_sk_set!X509_EXTENSION sk_X509_EXTENSION_set; +alias SKM_sk_zero!X509_EXTENSION sk_X509_EXTENSION_zero; +alias SKM_sk_push!X509_EXTENSION sk_X509_EXTENSION_push; +alias SKM_sk_unshift!X509_EXTENSION sk_X509_EXTENSION_unshift; +alias SKM_sk_find!X509_EXTENSION sk_X509_EXTENSION_find; +alias SKM_sk_find_ex!X509_EXTENSION sk_X509_EXTENSION_find_ex; +alias SKM_sk_delete!X509_EXTENSION sk_X509_EXTENSION_delete; +alias SKM_sk_delete_ptr!X509_EXTENSION sk_X509_EXTENSION_delete_ptr; +alias SKM_sk_insert!X509_EXTENSION sk_X509_EXTENSION_insert; +alias SKM_sk_set_cmp_func!X509_EXTENSION sk_X509_EXTENSION_set_cmp_func; +alias SKM_sk_dup!X509_EXTENSION sk_X509_EXTENSION_dup; +alias SKM_sk_pop_free!X509_EXTENSION sk_X509_EXTENSION_pop_free; +alias SKM_sk_shift!X509_EXTENSION sk_X509_EXTENSION_shift; +alias SKM_sk_pop!X509_EXTENSION sk_X509_EXTENSION_pop; +alias SKM_sk_sort!X509_EXTENSION sk_X509_EXTENSION_sort; +alias SKM_sk_is_sorted!X509_EXTENSION sk_X509_EXTENSION_is_sorted; + +alias SKM_sk_new!X509_INFO sk_X509_INFO_new; +alias SKM_sk_new_null!X509_INFO sk_X509_INFO_new_null; +alias SKM_sk_free!X509_INFO sk_X509_INFO_free; +alias SKM_sk_num!X509_INFO sk_X509_INFO_num; +alias SKM_sk_value!X509_INFO sk_X509_INFO_value; +alias SKM_sk_set!X509_INFO sk_X509_INFO_set; +alias SKM_sk_zero!X509_INFO sk_X509_INFO_zero; +alias SKM_sk_push!X509_INFO sk_X509_INFO_push; +alias SKM_sk_unshift!X509_INFO sk_X509_INFO_unshift; +alias SKM_sk_find!X509_INFO sk_X509_INFO_find; +alias SKM_sk_find_ex!X509_INFO sk_X509_INFO_find_ex; +alias SKM_sk_delete!X509_INFO sk_X509_INFO_delete; +alias SKM_sk_delete_ptr!X509_INFO sk_X509_INFO_delete_ptr; +alias SKM_sk_insert!X509_INFO sk_X509_INFO_insert; +alias SKM_sk_set_cmp_func!X509_INFO sk_X509_INFO_set_cmp_func; +alias SKM_sk_dup!X509_INFO sk_X509_INFO_dup; +alias SKM_sk_pop_free!X509_INFO sk_X509_INFO_pop_free; +alias SKM_sk_shift!X509_INFO sk_X509_INFO_shift; +alias SKM_sk_pop!X509_INFO sk_X509_INFO_pop; +alias SKM_sk_sort!X509_INFO sk_X509_INFO_sort; +alias SKM_sk_is_sorted!X509_INFO sk_X509_INFO_is_sorted; + +import deimos.openssl.x509_vfy; +alias SKM_sk_new!X509_LOOKUP sk_X509_LOOKUP_new; +alias SKM_sk_new_null!X509_LOOKUP sk_X509_LOOKUP_new_null; +alias SKM_sk_free!X509_LOOKUP sk_X509_LOOKUP_free; +alias SKM_sk_num!X509_LOOKUP sk_X509_LOOKUP_num; +alias SKM_sk_value!X509_LOOKUP sk_X509_LOOKUP_value; +alias SKM_sk_set!X509_LOOKUP sk_X509_LOOKUP_set; +alias SKM_sk_zero!X509_LOOKUP sk_X509_LOOKUP_zero; +alias SKM_sk_push!X509_LOOKUP sk_X509_LOOKUP_push; +alias SKM_sk_unshift!X509_LOOKUP sk_X509_LOOKUP_unshift; +alias SKM_sk_find!X509_LOOKUP sk_X509_LOOKUP_find; +alias SKM_sk_find_ex!X509_LOOKUP sk_X509_LOOKUP_find_ex; +alias SKM_sk_delete!X509_LOOKUP sk_X509_LOOKUP_delete; +alias SKM_sk_delete_ptr!X509_LOOKUP sk_X509_LOOKUP_delete_ptr; +alias SKM_sk_insert!X509_LOOKUP sk_X509_LOOKUP_insert; +alias SKM_sk_set_cmp_func!X509_LOOKUP sk_X509_LOOKUP_set_cmp_func; +alias SKM_sk_dup!X509_LOOKUP sk_X509_LOOKUP_dup; +alias SKM_sk_pop_free!X509_LOOKUP sk_X509_LOOKUP_pop_free; +alias SKM_sk_shift!X509_LOOKUP sk_X509_LOOKUP_shift; +alias SKM_sk_pop!X509_LOOKUP sk_X509_LOOKUP_pop; +alias SKM_sk_sort!X509_LOOKUP sk_X509_LOOKUP_sort; +alias SKM_sk_is_sorted!X509_LOOKUP sk_X509_LOOKUP_is_sorted; + +alias SKM_sk_new!X509_NAME sk_X509_NAME_new; +alias SKM_sk_new_null!X509_NAME sk_X509_NAME_new_null; +alias SKM_sk_free!X509_NAME sk_X509_NAME_free; +alias SKM_sk_num!X509_NAME sk_X509_NAME_num; +alias SKM_sk_value!X509_NAME sk_X509_NAME_value; +alias SKM_sk_set!X509_NAME sk_X509_NAME_set; +alias SKM_sk_zero!X509_NAME sk_X509_NAME_zero; +alias SKM_sk_push!X509_NAME sk_X509_NAME_push; +alias SKM_sk_unshift!X509_NAME sk_X509_NAME_unshift; +alias SKM_sk_find!X509_NAME sk_X509_NAME_find; +alias SKM_sk_find_ex!X509_NAME sk_X509_NAME_find_ex; +alias SKM_sk_delete!X509_NAME sk_X509_NAME_delete; +alias SKM_sk_delete_ptr!X509_NAME sk_X509_NAME_delete_ptr; +alias SKM_sk_insert!X509_NAME sk_X509_NAME_insert; +alias SKM_sk_set_cmp_func!X509_NAME sk_X509_NAME_set_cmp_func; +alias SKM_sk_dup!X509_NAME sk_X509_NAME_dup; +alias SKM_sk_pop_free!X509_NAME sk_X509_NAME_pop_free; +alias SKM_sk_shift!X509_NAME sk_X509_NAME_shift; +alias SKM_sk_pop!X509_NAME sk_X509_NAME_pop; +alias SKM_sk_sort!X509_NAME sk_X509_NAME_sort; +alias SKM_sk_is_sorted!X509_NAME sk_X509_NAME_is_sorted; + +alias SKM_sk_new!X509_NAME_ENTRY sk_X509_NAME_ENTRY_new; +alias SKM_sk_new_null!X509_NAME_ENTRY sk_X509_NAME_ENTRY_new_null; +alias SKM_sk_free!X509_NAME_ENTRY sk_X509_NAME_ENTRY_free; +alias SKM_sk_num!X509_NAME_ENTRY sk_X509_NAME_ENTRY_num; +alias SKM_sk_value!X509_NAME_ENTRY sk_X509_NAME_ENTRY_value; +alias SKM_sk_set!X509_NAME_ENTRY sk_X509_NAME_ENTRY_set; +alias SKM_sk_zero!X509_NAME_ENTRY sk_X509_NAME_ENTRY_zero; +alias SKM_sk_push!X509_NAME_ENTRY sk_X509_NAME_ENTRY_push; +alias SKM_sk_unshift!X509_NAME_ENTRY sk_X509_NAME_ENTRY_unshift; +alias SKM_sk_find!X509_NAME_ENTRY sk_X509_NAME_ENTRY_find; +alias SKM_sk_find_ex!X509_NAME_ENTRY sk_X509_NAME_ENTRY_find_ex; +alias SKM_sk_delete!X509_NAME_ENTRY sk_X509_NAME_ENTRY_delete; +alias SKM_sk_delete_ptr!X509_NAME_ENTRY sk_X509_NAME_ENTRY_delete_ptr; +alias SKM_sk_insert!X509_NAME_ENTRY sk_X509_NAME_ENTRY_insert; +alias SKM_sk_set_cmp_func!X509_NAME_ENTRY sk_X509_NAME_ENTRY_set_cmp_func; +alias SKM_sk_dup!X509_NAME_ENTRY sk_X509_NAME_ENTRY_dup; +alias SKM_sk_pop_free!X509_NAME_ENTRY sk_X509_NAME_ENTRY_pop_free; +alias SKM_sk_shift!X509_NAME_ENTRY sk_X509_NAME_ENTRY_shift; +alias SKM_sk_pop!X509_NAME_ENTRY sk_X509_NAME_ENTRY_pop; +alias SKM_sk_sort!X509_NAME_ENTRY sk_X509_NAME_ENTRY_sort; +alias SKM_sk_is_sorted!X509_NAME_ENTRY sk_X509_NAME_ENTRY_is_sorted; + +alias SKM_sk_new!X509_OBJECT sk_X509_OBJECT_new; +alias SKM_sk_new_null!X509_OBJECT sk_X509_OBJECT_new_null; +alias SKM_sk_free!X509_OBJECT sk_X509_OBJECT_free; +alias SKM_sk_num!X509_OBJECT sk_X509_OBJECT_num; +alias SKM_sk_value!X509_OBJECT sk_X509_OBJECT_value; +alias SKM_sk_set!X509_OBJECT sk_X509_OBJECT_set; +alias SKM_sk_zero!X509_OBJECT sk_X509_OBJECT_zero; +alias SKM_sk_push!X509_OBJECT sk_X509_OBJECT_push; +alias SKM_sk_unshift!X509_OBJECT sk_X509_OBJECT_unshift; +alias SKM_sk_find!X509_OBJECT sk_X509_OBJECT_find; +alias SKM_sk_find_ex!X509_OBJECT sk_X509_OBJECT_find_ex; +alias SKM_sk_delete!X509_OBJECT sk_X509_OBJECT_delete; +alias SKM_sk_delete_ptr!X509_OBJECT sk_X509_OBJECT_delete_ptr; +alias SKM_sk_insert!X509_OBJECT sk_X509_OBJECT_insert; +alias SKM_sk_set_cmp_func!X509_OBJECT sk_X509_OBJECT_set_cmp_func; +alias SKM_sk_dup!X509_OBJECT sk_X509_OBJECT_dup; +alias SKM_sk_pop_free!X509_OBJECT sk_X509_OBJECT_pop_free; +alias SKM_sk_shift!X509_OBJECT sk_X509_OBJECT_shift; +alias SKM_sk_pop!X509_OBJECT sk_X509_OBJECT_pop; +alias SKM_sk_sort!X509_OBJECT sk_X509_OBJECT_sort; +alias SKM_sk_is_sorted!X509_OBJECT sk_X509_OBJECT_is_sorted; + +/+ Internal crypto types. +alias SKM_sk_new!X509_POLICY_DATA sk_X509_POLICY_DATA_new; +alias SKM_sk_new_null!X509_POLICY_DATA sk_X509_POLICY_DATA_new_null; +alias SKM_sk_free!X509_POLICY_DATA sk_X509_POLICY_DATA_free; +alias SKM_sk_num!X509_POLICY_DATA sk_X509_POLICY_DATA_num; +alias SKM_sk_value!X509_POLICY_DATA sk_X509_POLICY_DATA_value; +alias SKM_sk_set!X509_POLICY_DATA sk_X509_POLICY_DATA_set; +alias SKM_sk_zero!X509_POLICY_DATA sk_X509_POLICY_DATA_zero; +alias SKM_sk_push!X509_POLICY_DATA sk_X509_POLICY_DATA_push; +alias SKM_sk_unshift!X509_POLICY_DATA sk_X509_POLICY_DATA_unshift; +alias SKM_sk_find!X509_POLICY_DATA sk_X509_POLICY_DATA_find; +alias SKM_sk_find_ex!X509_POLICY_DATA sk_X509_POLICY_DATA_find_ex; +alias SKM_sk_delete!X509_POLICY_DATA sk_X509_POLICY_DATA_delete; +alias SKM_sk_delete_ptr!X509_POLICY_DATA sk_X509_POLICY_DATA_delete_ptr; +alias SKM_sk_insert!X509_POLICY_DATA sk_X509_POLICY_DATA_insert; +alias SKM_sk_set_cmp_func!X509_POLICY_DATA sk_X509_POLICY_DATA_set_cmp_func; +alias SKM_sk_dup!X509_POLICY_DATA sk_X509_POLICY_DATA_dup; +alias SKM_sk_pop_free!X509_POLICY_DATA sk_X509_POLICY_DATA_pop_free; +alias SKM_sk_shift!X509_POLICY_DATA sk_X509_POLICY_DATA_shift; +alias SKM_sk_pop!X509_POLICY_DATA sk_X509_POLICY_DATA_pop; +alias SKM_sk_sort!X509_POLICY_DATA sk_X509_POLICY_DATA_sort; +alias SKM_sk_is_sorted!X509_POLICY_DATA sk_X509_POLICY_DATA_is_sorted; ++/ + +alias SKM_sk_new!X509_POLICY_NODE sk_X509_POLICY_NODE_new; +alias SKM_sk_new_null!X509_POLICY_NODE sk_X509_POLICY_NODE_new_null; +alias SKM_sk_free!X509_POLICY_NODE sk_X509_POLICY_NODE_free; +alias SKM_sk_num!X509_POLICY_NODE sk_X509_POLICY_NODE_num; +alias SKM_sk_value!X509_POLICY_NODE sk_X509_POLICY_NODE_value; +alias SKM_sk_set!X509_POLICY_NODE sk_X509_POLICY_NODE_set; +alias SKM_sk_zero!X509_POLICY_NODE sk_X509_POLICY_NODE_zero; +alias SKM_sk_push!X509_POLICY_NODE sk_X509_POLICY_NODE_push; +alias SKM_sk_unshift!X509_POLICY_NODE sk_X509_POLICY_NODE_unshift; +alias SKM_sk_find!X509_POLICY_NODE sk_X509_POLICY_NODE_find; +alias SKM_sk_find_ex!X509_POLICY_NODE sk_X509_POLICY_NODE_find_ex; +alias SKM_sk_delete!X509_POLICY_NODE sk_X509_POLICY_NODE_delete; +alias SKM_sk_delete_ptr!X509_POLICY_NODE sk_X509_POLICY_NODE_delete_ptr; +alias SKM_sk_insert!X509_POLICY_NODE sk_X509_POLICY_NODE_insert; +alias SKM_sk_set_cmp_func!X509_POLICY_NODE sk_X509_POLICY_NODE_set_cmp_func; +alias SKM_sk_dup!X509_POLICY_NODE sk_X509_POLICY_NODE_dup; +alias SKM_sk_pop_free!X509_POLICY_NODE sk_X509_POLICY_NODE_pop_free; +alias SKM_sk_shift!X509_POLICY_NODE sk_X509_POLICY_NODE_shift; +alias SKM_sk_pop!X509_POLICY_NODE sk_X509_POLICY_NODE_pop; +alias SKM_sk_sort!X509_POLICY_NODE sk_X509_POLICY_NODE_sort; +alias SKM_sk_is_sorted!X509_POLICY_NODE sk_X509_POLICY_NODE_is_sorted; + +alias SKM_sk_new!X509_PURPOSE sk_X509_PURPOSE_new; +alias SKM_sk_new_null!X509_PURPOSE sk_X509_PURPOSE_new_null; +alias SKM_sk_free!X509_PURPOSE sk_X509_PURPOSE_free; +alias SKM_sk_num!X509_PURPOSE sk_X509_PURPOSE_num; +alias SKM_sk_value!X509_PURPOSE sk_X509_PURPOSE_value; +alias SKM_sk_set!X509_PURPOSE sk_X509_PURPOSE_set; +alias SKM_sk_zero!X509_PURPOSE sk_X509_PURPOSE_zero; +alias SKM_sk_push!X509_PURPOSE sk_X509_PURPOSE_push; +alias SKM_sk_unshift!X509_PURPOSE sk_X509_PURPOSE_unshift; +alias SKM_sk_find!X509_PURPOSE sk_X509_PURPOSE_find; +alias SKM_sk_find_ex!X509_PURPOSE sk_X509_PURPOSE_find_ex; +alias SKM_sk_delete!X509_PURPOSE sk_X509_PURPOSE_delete; +alias SKM_sk_delete_ptr!X509_PURPOSE sk_X509_PURPOSE_delete_ptr; +alias SKM_sk_insert!X509_PURPOSE sk_X509_PURPOSE_insert; +alias SKM_sk_set_cmp_func!X509_PURPOSE sk_X509_PURPOSE_set_cmp_func; +alias SKM_sk_dup!X509_PURPOSE sk_X509_PURPOSE_dup; +alias SKM_sk_pop_free!X509_PURPOSE sk_X509_PURPOSE_pop_free; +alias SKM_sk_shift!X509_PURPOSE sk_X509_PURPOSE_shift; +alias SKM_sk_pop!X509_PURPOSE sk_X509_PURPOSE_pop; +alias SKM_sk_sort!X509_PURPOSE sk_X509_PURPOSE_sort; +alias SKM_sk_is_sorted!X509_PURPOSE sk_X509_PURPOSE_is_sorted; + +alias SKM_sk_new!X509_REVOKED sk_X509_REVOKED_new; +alias SKM_sk_new_null!X509_REVOKED sk_X509_REVOKED_new_null; +alias SKM_sk_free!X509_REVOKED sk_X509_REVOKED_free; +alias SKM_sk_num!X509_REVOKED sk_X509_REVOKED_num; +alias SKM_sk_value!X509_REVOKED sk_X509_REVOKED_value; +alias SKM_sk_set!X509_REVOKED sk_X509_REVOKED_set; +alias SKM_sk_zero!X509_REVOKED sk_X509_REVOKED_zero; +alias SKM_sk_push!X509_REVOKED sk_X509_REVOKED_push; +alias SKM_sk_unshift!X509_REVOKED sk_X509_REVOKED_unshift; +alias SKM_sk_find!X509_REVOKED sk_X509_REVOKED_find; +alias SKM_sk_find_ex!X509_REVOKED sk_X509_REVOKED_find_ex; +alias SKM_sk_delete!X509_REVOKED sk_X509_REVOKED_delete; +alias SKM_sk_delete_ptr!X509_REVOKED sk_X509_REVOKED_delete_ptr; +alias SKM_sk_insert!X509_REVOKED sk_X509_REVOKED_insert; +alias SKM_sk_set_cmp_func!X509_REVOKED sk_X509_REVOKED_set_cmp_func; +alias SKM_sk_dup!X509_REVOKED sk_X509_REVOKED_dup; +alias SKM_sk_pop_free!X509_REVOKED sk_X509_REVOKED_pop_free; +alias SKM_sk_shift!X509_REVOKED sk_X509_REVOKED_shift; +alias SKM_sk_pop!X509_REVOKED sk_X509_REVOKED_pop; +alias SKM_sk_sort!X509_REVOKED sk_X509_REVOKED_sort; +alias SKM_sk_is_sorted!X509_REVOKED sk_X509_REVOKED_is_sorted; + +alias SKM_sk_new!X509_TRUST sk_X509_TRUST_new; +alias SKM_sk_new_null!X509_TRUST sk_X509_TRUST_new_null; +alias SKM_sk_free!X509_TRUST sk_X509_TRUST_free; +alias SKM_sk_num!X509_TRUST sk_X509_TRUST_num; +alias SKM_sk_value!X509_TRUST sk_X509_TRUST_value; +alias SKM_sk_set!X509_TRUST sk_X509_TRUST_set; +alias SKM_sk_zero!X509_TRUST sk_X509_TRUST_zero; +alias SKM_sk_push!X509_TRUST sk_X509_TRUST_push; +alias SKM_sk_unshift!X509_TRUST sk_X509_TRUST_unshift; +alias SKM_sk_find!X509_TRUST sk_X509_TRUST_find; +alias SKM_sk_find_ex!X509_TRUST sk_X509_TRUST_find_ex; +alias SKM_sk_delete!X509_TRUST sk_X509_TRUST_delete; +alias SKM_sk_delete_ptr!X509_TRUST sk_X509_TRUST_delete_ptr; +alias SKM_sk_insert!X509_TRUST sk_X509_TRUST_insert; +alias SKM_sk_set_cmp_func!X509_TRUST sk_X509_TRUST_set_cmp_func; +alias SKM_sk_dup!X509_TRUST sk_X509_TRUST_dup; +alias SKM_sk_pop_free!X509_TRUST sk_X509_TRUST_pop_free; +alias SKM_sk_shift!X509_TRUST sk_X509_TRUST_shift; +alias SKM_sk_pop!X509_TRUST sk_X509_TRUST_pop; +alias SKM_sk_sort!X509_TRUST sk_X509_TRUST_sort; +alias SKM_sk_is_sorted!X509_TRUST sk_X509_TRUST_is_sorted; + +alias SKM_sk_new!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_new; +alias SKM_sk_new_null!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_new_null; +alias SKM_sk_free!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_free; +alias SKM_sk_num!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_num; +alias SKM_sk_value!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_value; +alias SKM_sk_set!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_set; +alias SKM_sk_zero!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_zero; +alias SKM_sk_push!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_push; +alias SKM_sk_unshift!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_unshift; +alias SKM_sk_find!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_find; +alias SKM_sk_find_ex!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_find_ex; +alias SKM_sk_delete!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_delete; +alias SKM_sk_delete_ptr!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_delete_ptr; +alias SKM_sk_insert!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_insert; +alias SKM_sk_set_cmp_func!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_set_cmp_func; +alias SKM_sk_dup!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_dup; +alias SKM_sk_pop_free!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_pop_free; +alias SKM_sk_shift!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_shift; +alias SKM_sk_pop!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_pop; +alias SKM_sk_sort!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_sort; +alias SKM_sk_is_sorted!X509_VERIFY_PARAM sk_X509_VERIFY_PARAM_is_sorted; + +/+ Internal type. +alias SKM_sk_new!nid_triple sk_nid_triple_new; +alias SKM_sk_new_null!nid_triple sk_nid_triple_new_null; +alias SKM_sk_free!nid_triple sk_nid_triple_free; +alias SKM_sk_num!nid_triple sk_nid_triple_num; +alias SKM_sk_value!nid_triple sk_nid_triple_value; +alias SKM_sk_set!nid_triple sk_nid_triple_set; +alias SKM_sk_zero!nid_triple sk_nid_triple_zero; +alias SKM_sk_push!nid_triple sk_nid_triple_push; +alias SKM_sk_unshift!nid_triple sk_nid_triple_unshift; +alias SKM_sk_find!nid_triple sk_nid_triple_find; +alias SKM_sk_find_ex!nid_triple sk_nid_triple_find_ex; +alias SKM_sk_delete!nid_triple sk_nid_triple_delete; +alias SKM_sk_delete_ptr!nid_triple sk_nid_triple_delete_ptr; +alias SKM_sk_insert!nid_triple sk_nid_triple_insert; +alias SKM_sk_set_cmp_func!nid_triple sk_nid_triple_set_cmp_func; +alias SKM_sk_dup!nid_triple sk_nid_triple_dup; +alias SKM_sk_pop_free!nid_triple sk_nid_triple_pop_free; +alias SKM_sk_shift!nid_triple sk_nid_triple_shift; +alias SKM_sk_pop!nid_triple sk_nid_triple_pop; +alias SKM_sk_sort!nid_triple sk_nid_triple_sort; +alias SKM_sk_is_sorted!nid_triple sk_nid_triple_is_sorted; ++/ + +alias SKM_sk_new!void sk_void_new; +alias SKM_sk_new_null!void sk_void_new_null; +alias SKM_sk_free!void sk_void_free; +alias SKM_sk_num!void sk_void_num; +alias SKM_sk_value!void sk_void_value; +alias SKM_sk_set!void sk_void_set; +alias SKM_sk_zero!void sk_void_zero; +alias SKM_sk_push!void sk_void_push; +alias SKM_sk_unshift!void sk_void_unshift; +alias SKM_sk_find!void sk_void_find; +alias SKM_sk_find_ex!void sk_void_find_ex; +alias SKM_sk_delete!void sk_void_delete; +alias SKM_sk_delete_ptr!void sk_void_delete_ptr; +alias SKM_sk_insert!void sk_void_insert; +alias SKM_sk_set_cmp_func!void sk_void_set_cmp_func; +alias SKM_sk_dup!void sk_void_dup; +alias SKM_sk_pop_free!void sk_void_pop_free; +alias SKM_sk_shift!void sk_void_shift; +alias SKM_sk_pop!void sk_void_pop; +alias SKM_sk_sort!void sk_void_sort; +alias SKM_sk_is_sorted!void sk_void_is_sorted; + +alias SKM_sk_new!OPENSSL_STRING sk_OPENSSL_STRING_new; +alias SKM_sk_new_null!OPENSSL_STRING sk_OPENSSL_STRING_new_null; +alias SKM_sk_push!OPENSSL_STRING sk_OPENSSL_STRING_push; +alias SKM_sk_find!OPENSSL_STRING sk_OPENSSL_STRING_find; +alias SKM_sk_value!OPENSSL_STRING sk_OPENSSL_STRING_value; +alias SKM_sk_num!OPENSSL_STRING sk_OPENSSL_STRING_num; +alias SKM_sk_pop_free!OPENSSL_STRING sk_OPENSSL_STRING_pop_free; +alias SKM_sk_insert!OPENSSL_STRING sk_OPENSSL_STRING_insert; +alias SKM_sk_free!OPENSSL_STRING sk_OPENSSL_STRING_free; +alias SKM_sk_set!OPENSSL_STRING sk_OPENSSL_STRING_set; +alias SKM_sk_zero!OPENSSL_STRING sk_OPENSSL_STRING_zero; +alias SKM_sk_unshift!OPENSSL_STRING sk_OPENSSL_STRING_unshift; +alias SKM_sk_find_ex!OPENSSL_STRING sk_OPENSSL_STRING_find_ex; +alias SKM_sk_delete!OPENSSL_STRING sk_OPENSSL_STRING_delete; +alias SKM_sk_delete_ptr!OPENSSL_STRING sk_OPENSSL_STRING_delete_ptr; +alias SKM_sk_set_cmp_func!OPENSSL_STRING sk_OPENSSL_STRING_set_cmp_func; +alias SKM_sk_dup!OPENSSL_STRING sk_OPENSSL_STRING_dup; +alias SKM_sk_shift!OPENSSL_STRING sk_OPENSSL_STRING_shift; +alias SKM_sk_pop!OPENSSL_STRING sk_OPENSSL_STRING_pop; +alias SKM_sk_sort!OPENSSL_STRING sk_OPENSSL_STRING_sort; +alias SKM_sk_is_sorted!OPENSSL_STRING sk_OPENSSL_STRING_is_sorted; + +alias SKM_sk_new!OPENSSL_BLOCK sk_OPENSSL_BLOCK_new; +alias SKM_sk_new_null!OPENSSL_BLOCK sk_OPENSSL_BLOCK_new_null; +alias SKM_sk_push!OPENSSL_BLOCK sk_OPENSSL_BLOCK_push; +alias SKM_sk_find!OPENSSL_BLOCK sk_OPENSSL_BLOCK_find; +alias SKM_sk_value!OPENSSL_BLOCK sk_OPENSSL_BLOCK_value; +alias SKM_sk_num!OPENSSL_BLOCK sk_OPENSSL_BLOCK_num; +alias SKM_sk_pop_free!OPENSSL_BLOCK sk_OPENSSL_BLOCK_pop_free; +alias SKM_sk_insert!OPENSSL_BLOCK sk_OPENSSL_BLOCK_insert; +alias SKM_sk_free!OPENSSL_BLOCK sk_OPENSSL_BLOCK_free; +alias SKM_sk_set!OPENSSL_BLOCK sk_OPENSSL_BLOCK_set; +alias SKM_sk_zero!OPENSSL_BLOCK sk_OPENSSL_BLOCK_zero; +alias SKM_sk_unshift!OPENSSL_BLOCK sk_OPENSSL_BLOCK_unshift; +alias SKM_sk_find_ex!OPENSSL_BLOCK sk_OPENSSL_BLOCK_find_ex; +alias SKM_sk_delete!OPENSSL_BLOCK sk_OPENSSL_BLOCK_delete; +alias SKM_sk_delete_ptr!OPENSSL_BLOCK sk_OPENSSL_BLOCK_delete_ptr; +alias SKM_sk_set_cmp_func!OPENSSL_BLOCK sk_OPENSSL_BLOCK_set_cmp_func; +alias SKM_sk_dup!OPENSSL_BLOCK sk_OPENSSL_BLOCK_dup; +alias SKM_sk_shift!OPENSSL_BLOCK sk_OPENSSL_BLOCK_shift; +alias SKM_sk_pop!OPENSSL_BLOCK sk_OPENSSL_BLOCK_pop; +alias SKM_sk_sort!OPENSSL_BLOCK sk_OPENSSL_BLOCK_sort; +alias SKM_sk_is_sorted!OPENSSL_BLOCK sk_OPENSSL_BLOCK_is_sorted; + +/+ TODO +#define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp))) +#define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null()) +#define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val)) +#define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val)) +#define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i)) +#define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st) +#define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC2(OPENSSL_PSTRING, free_func)) +#define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i) +#define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st) +#define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val)) +#define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st)) +#define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val)) +#define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val)) +#define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i)) +#define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr)) +#define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp) \ + ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \ + sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp))) +#define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st) +#define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st)) +#define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st)) +#define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st)) +#define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st)) ++/ + +alias SKM_ASN1_SET_OF_d2i!ACCESS_DESCRIPTION d2i_ASN1_SET_OF_ACCESS_DESCRIPTION; +alias SKM_ASN1_SET_OF_i2d!ACCESS_DESCRIPTION i2d_ASN1_SET_OF_ACCESS_DESCRIPTION; +alias SKM_ASN1_seq_pack!ACCESS_DESCRIPTION ASN1_seq_pack_ACCESS_DESCRIPTION; +alias SKM_ASN1_seq_unpack!ACCESS_DESCRIPTION ASN1_seq_unpack_ACCESS_DESCRIPTION; + +alias SKM_ASN1_SET_OF_d2i!ASN1_INTEGER d2i_ASN1_SET_OF_ASN1_INTEGER; +alias SKM_ASN1_SET_OF_i2d!ASN1_INTEGER i2d_ASN1_SET_OF_ASN1_INTEGER; +alias SKM_ASN1_seq_pack!ASN1_INTEGER ASN1_seq_pack_ASN1_INTEGER; +alias SKM_ASN1_seq_unpack!ASN1_INTEGER ASN1_seq_unpack_ASN1_INTEGER; + +alias SKM_ASN1_SET_OF_d2i!ASN1_OBJECT d2i_ASN1_SET_OF_ASN1_OBJECT; +alias SKM_ASN1_SET_OF_i2d!ASN1_OBJECT i2d_ASN1_SET_OF_ASN1_OBJECT; +alias SKM_ASN1_seq_pack!ASN1_OBJECT ASN1_seq_pack_ASN1_OBJECT; +alias SKM_ASN1_seq_unpack!ASN1_OBJECT ASN1_seq_unpack_ASN1_OBJECT; + +alias SKM_ASN1_SET_OF_d2i!ASN1_TYPE d2i_ASN1_SET_OF_ASN1_TYPE; +alias SKM_ASN1_SET_OF_i2d!ASN1_TYPE i2d_ASN1_SET_OF_ASN1_TYPE; +alias SKM_ASN1_seq_pack!ASN1_TYPE ASN1_seq_pack_ASN1_TYPE; +alias SKM_ASN1_seq_unpack!ASN1_TYPE ASN1_seq_unpack_ASN1_TYPE; + +alias SKM_ASN1_SET_OF_d2i!ASN1_UTF8STRING d2i_ASN1_SET_OF_ASN1_UTF8STRING; +alias SKM_ASN1_SET_OF_i2d!ASN1_UTF8STRING i2d_ASN1_SET_OF_ASN1_UTF8STRING; +alias SKM_ASN1_seq_pack!ASN1_UTF8STRING ASN1_seq_pack_ASN1_UTF8STRING; +alias SKM_ASN1_seq_unpack!ASN1_UTF8STRING ASN1_seq_unpack_ASN1_UTF8STRING; + +alias SKM_ASN1_SET_OF_d2i!DIST_POINT d2i_ASN1_SET_OF_DIST_POINT; +alias SKM_ASN1_SET_OF_i2d!DIST_POINT i2d_ASN1_SET_OF_DIST_POINT; +alias SKM_ASN1_seq_pack!DIST_POINT ASN1_seq_pack_DIST_POINT; +alias SKM_ASN1_seq_unpack!DIST_POINT ASN1_seq_unpack_DIST_POINT; + +alias SKM_ASN1_SET_OF_d2i!ESS_CERT_ID d2i_ASN1_SET_OF_ESS_CERT_ID; +alias SKM_ASN1_SET_OF_i2d!ESS_CERT_ID i2d_ASN1_SET_OF_ESS_CERT_ID; +alias SKM_ASN1_seq_pack!ESS_CERT_ID ASN1_seq_pack_ESS_CERT_ID; +alias SKM_ASN1_seq_unpack!ESS_CERT_ID ASN1_seq_unpack_ESS_CERT_ID; + +alias SKM_ASN1_SET_OF_d2i!EVP_MD d2i_ASN1_SET_OF_EVP_MD; +alias SKM_ASN1_SET_OF_i2d!EVP_MD i2d_ASN1_SET_OF_EVP_MD; +alias SKM_ASN1_seq_pack!EVP_MD ASN1_seq_pack_EVP_MD; +alias SKM_ASN1_seq_unpack!EVP_MD ASN1_seq_unpack_EVP_MD; + +alias SKM_ASN1_SET_OF_d2i!GENERAL_NAME d2i_ASN1_SET_OF_GENERAL_NAME; +alias SKM_ASN1_SET_OF_i2d!GENERAL_NAME i2d_ASN1_SET_OF_GENERAL_NAME; +alias SKM_ASN1_seq_pack!GENERAL_NAME ASN1_seq_pack_GENERAL_NAME; +alias SKM_ASN1_seq_unpack!GENERAL_NAME ASN1_seq_unpack_GENERAL_NAME; + +alias SKM_ASN1_SET_OF_d2i!OCSP_ONEREQ d2i_ASN1_SET_OF_OCSP_ONEREQ; +alias SKM_ASN1_SET_OF_i2d!OCSP_ONEREQ i2d_ASN1_SET_OF_OCSP_ONEREQ; +alias SKM_ASN1_seq_pack!OCSP_ONEREQ ASN1_seq_pack_OCSP_ONEREQ; +alias SKM_ASN1_seq_unpack!OCSP_ONEREQ ASN1_seq_unpack_OCSP_ONEREQ; + +alias SKM_ASN1_SET_OF_d2i!OCSP_SINGLERESP d2i_ASN1_SET_OF_OCSP_SINGLERESP; +alias SKM_ASN1_SET_OF_i2d!OCSP_SINGLERESP i2d_ASN1_SET_OF_OCSP_SINGLERESP; +alias SKM_ASN1_seq_pack!OCSP_SINGLERESP ASN1_seq_pack_OCSP_SINGLERESP; +alias SKM_ASN1_seq_unpack!OCSP_SINGLERESP ASN1_seq_unpack_OCSP_SINGLERESP; + +alias SKM_ASN1_SET_OF_d2i!PKCS12_SAFEBAG d2i_ASN1_SET_OF_PKCS12_SAFEBAG; +alias SKM_ASN1_SET_OF_i2d!PKCS12_SAFEBAG i2d_ASN1_SET_OF_PKCS12_SAFEBAG; +alias SKM_ASN1_seq_pack!PKCS12_SAFEBAG ASN1_seq_pack_PKCS12_SAFEBAG; +alias SKM_ASN1_seq_unpack!PKCS12_SAFEBAG ASN1_seq_unpack_PKCS12_SAFEBAG; + +alias SKM_ASN1_SET_OF_d2i!PKCS7 d2i_ASN1_SET_OF_PKCS7; +alias SKM_ASN1_SET_OF_i2d!PKCS7 i2d_ASN1_SET_OF_PKCS7; +alias SKM_ASN1_seq_pack!PKCS7 ASN1_seq_pack_PKCS7; +alias SKM_ASN1_seq_unpack!PKCS7 ASN1_seq_unpack_PKCS7; + +alias SKM_ASN1_SET_OF_d2i!PKCS7_RECIP_INFO d2i_ASN1_SET_OF_PKCS7_RECIP_INFO; +alias SKM_ASN1_SET_OF_i2d!PKCS7_RECIP_INFO i2d_ASN1_SET_OF_PKCS7_RECIP_INFO; +alias SKM_ASN1_seq_pack!PKCS7_RECIP_INFO ASN1_seq_pack_PKCS7_RECIP_INFO; +alias SKM_ASN1_seq_unpack!PKCS7_RECIP_INFO ASN1_seq_unpack_PKCS7_RECIP_INFO; + +alias SKM_ASN1_SET_OF_d2i!PKCS7_SIGNER_INFO d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO; +alias SKM_ASN1_SET_OF_i2d!PKCS7_SIGNER_INFO i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO; +alias SKM_ASN1_seq_pack!PKCS7_SIGNER_INFO ASN1_seq_pack_PKCS7_SIGNER_INFO; +alias SKM_ASN1_seq_unpack!PKCS7_SIGNER_INFO ASN1_seq_unpack_PKCS7_SIGNER_INFO; + +alias SKM_ASN1_SET_OF_d2i!POLICYINFO d2i_ASN1_SET_OF_POLICYINFO; +alias SKM_ASN1_SET_OF_i2d!POLICYINFO i2d_ASN1_SET_OF_POLICYINFO; +alias SKM_ASN1_seq_pack!POLICYINFO ASN1_seq_pack_POLICYINFO; +alias SKM_ASN1_seq_unpack!POLICYINFO ASN1_seq_unpack_POLICYINFO; + +alias SKM_ASN1_SET_OF_d2i!POLICYQUALINFO d2i_ASN1_SET_OF_POLICYQUALINFO; +alias SKM_ASN1_SET_OF_i2d!POLICYQUALINFO i2d_ASN1_SET_OF_POLICYQUALINFO; +alias SKM_ASN1_seq_pack!POLICYQUALINFO ASN1_seq_pack_POLICYQUALINFO; +alias SKM_ASN1_seq_unpack!POLICYQUALINFO ASN1_seq_unpack_POLICYQUALINFO; + +alias SKM_ASN1_SET_OF_d2i!SXNETID d2i_ASN1_SET_OF_SXNETID; +alias SKM_ASN1_SET_OF_i2d!SXNETID i2d_ASN1_SET_OF_SXNETID; +alias SKM_ASN1_seq_pack!SXNETID ASN1_seq_pack_SXNETID; +alias SKM_ASN1_seq_unpack!SXNETID ASN1_seq_unpack_SXNETID; + +alias SKM_ASN1_SET_OF_d2i!X509 d2i_ASN1_SET_OF_X509; +alias SKM_ASN1_SET_OF_i2d!X509 i2d_ASN1_SET_OF_X509; +alias SKM_ASN1_seq_pack!X509 ASN1_seq_pack_X509; +alias SKM_ASN1_seq_unpack!X509 ASN1_seq_unpack_X509; + +alias SKM_ASN1_SET_OF_d2i!X509_ALGOR d2i_ASN1_SET_OF_X509_ALGOR; +alias SKM_ASN1_SET_OF_i2d!X509_ALGOR i2d_ASN1_SET_OF_X509_ALGOR; +alias SKM_ASN1_seq_pack!X509_ALGOR ASN1_seq_pack_X509_ALGOR; +alias SKM_ASN1_seq_unpack!X509_ALGOR ASN1_seq_unpack_X509_ALGOR; + +alias SKM_ASN1_SET_OF_d2i!X509_ATTRIBUTE d2i_ASN1_SET_OF_X509_ATTRIBUTE; +alias SKM_ASN1_SET_OF_i2d!X509_ATTRIBUTE i2d_ASN1_SET_OF_X509_ATTRIBUTE; +alias SKM_ASN1_seq_pack!X509_ATTRIBUTE ASN1_seq_pack_X509_ATTRIBUTE; +alias SKM_ASN1_seq_unpack!X509_ATTRIBUTE ASN1_seq_unpack_X509_ATTRIBUTE; + +alias SKM_ASN1_SET_OF_d2i!X509_CRL d2i_ASN1_SET_OF_X509_CRL; +alias SKM_ASN1_SET_OF_i2d!X509_CRL i2d_ASN1_SET_OF_X509_CRL; +alias SKM_ASN1_seq_pack!X509_CRL ASN1_seq_pack_X509_CRL; +alias SKM_ASN1_seq_unpack!X509_CRL ASN1_seq_unpack_X509_CRL; + +alias SKM_ASN1_SET_OF_d2i!X509_EXTENSION d2i_ASN1_SET_OF_X509_EXTENSION; +alias SKM_ASN1_SET_OF_i2d!X509_EXTENSION i2d_ASN1_SET_OF_X509_EXTENSION; +alias SKM_ASN1_seq_pack!X509_EXTENSION ASN1_seq_pack_X509_EXTENSION; +alias SKM_ASN1_seq_unpack!X509_EXTENSION ASN1_seq_unpack_X509_EXTENSION; + +alias SKM_ASN1_SET_OF_d2i!X509_NAME_ENTRY d2i_ASN1_SET_OF_X509_NAME_ENTRY; +alias SKM_ASN1_SET_OF_i2d!X509_NAME_ENTRY i2d_ASN1_SET_OF_X509_NAME_ENTRY; +alias SKM_ASN1_seq_pack!X509_NAME_ENTRY ASN1_seq_pack_X509_NAME_ENTRY; +alias SKM_ASN1_seq_unpack!X509_NAME_ENTRY ASN1_seq_unpack_X509_NAME_ENTRY; + +alias SKM_ASN1_SET_OF_d2i!X509_REVOKED d2i_ASN1_SET_OF_X509_REVOKED; +alias SKM_ASN1_SET_OF_i2d!X509_REVOKED i2d_ASN1_SET_OF_X509_REVOKED; +alias SKM_ASN1_seq_pack!X509_REVOKED ASN1_seq_pack_X509_REVOKED; +alias SKM_ASN1_seq_unpack!X509_REVOKED ASN1_seq_unpack_X509_REVOKED; + +// FIXME: See definition of SKM_PKCS12_decrypt_d2i. +//#define PKCS12_decrypt_d2i_PKCS12_SAFEBAG(algor, d2i_func, free_func, pass, passlen, oct, seq) \ +// SKM_PKCS12_decrypt_d2i(PKCS12_SAFEBAG, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq)) +// +//#define PKCS12_decrypt_d2i_PKCS7(algor, d2i_func, free_func, pass, passlen, oct, seq) \ +// SKM_PKCS12_decrypt_d2i(PKCS7, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq)) + +/+ FIXME: Not yet ported. +#define lh_ADDED_OBJ_new() LHM_lh_new(ADDED_OBJ,added_obj) +#define lh_ADDED_OBJ_insert(lh,inst) LHM_lh_insert(ADDED_OBJ,lh,inst) +#define lh_ADDED_OBJ_retrieve(lh,inst) LHM_lh_retrieve(ADDED_OBJ,lh,inst) +#define lh_ADDED_OBJ_delete(lh,inst) LHM_lh_delete(ADDED_OBJ,lh,inst) +#define lh_ADDED_OBJ_doall(lh,fn) LHM_lh_doall(ADDED_OBJ,lh,fn) +#define lh_ADDED_OBJ_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(ADDED_OBJ,lh,fn,arg_type,arg) +#define lh_ADDED_OBJ_error(lh) LHM_lh_error(ADDED_OBJ,lh) +#define lh_ADDED_OBJ_num_items(lh) LHM_lh_num_items(ADDED_OBJ,lh) +#define lh_ADDED_OBJ_down_load(lh) LHM_lh_down_load(ADDED_OBJ,lh) +#define lh_ADDED_OBJ_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(ADDED_OBJ,lh,out) +#define lh_ADDED_OBJ_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(ADDED_OBJ,lh,out) +#define lh_ADDED_OBJ_stats_bio(lh,out) \ + LHM_lh_stats_bio(ADDED_OBJ,lh,out) +#define lh_ADDED_OBJ_free(lh) LHM_lh_free(ADDED_OBJ,lh) + +#define lh_APP_INFO_new() LHM_lh_new(APP_INFO,app_info) +#define lh_APP_INFO_insert(lh,inst) LHM_lh_insert(APP_INFO,lh,inst) +#define lh_APP_INFO_retrieve(lh,inst) LHM_lh_retrieve(APP_INFO,lh,inst) +#define lh_APP_INFO_delete(lh,inst) LHM_lh_delete(APP_INFO,lh,inst) +#define lh_APP_INFO_doall(lh,fn) LHM_lh_doall(APP_INFO,lh,fn) +#define lh_APP_INFO_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(APP_INFO,lh,fn,arg_type,arg) +#define lh_APP_INFO_error(lh) LHM_lh_error(APP_INFO,lh) +#define lh_APP_INFO_num_items(lh) LHM_lh_num_items(APP_INFO,lh) +#define lh_APP_INFO_down_load(lh) LHM_lh_down_load(APP_INFO,lh) +#define lh_APP_INFO_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(APP_INFO,lh,out) +#define lh_APP_INFO_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(APP_INFO,lh,out) +#define lh_APP_INFO_stats_bio(lh,out) \ + LHM_lh_stats_bio(APP_INFO,lh,out) +#define lh_APP_INFO_free(lh) LHM_lh_free(APP_INFO,lh) + +#define lh_CONF_VALUE_new() LHM_lh_new(CONF_VALUE,conf_value) +#define lh_CONF_VALUE_insert(lh,inst) LHM_lh_insert(CONF_VALUE,lh,inst) +#define lh_CONF_VALUE_retrieve(lh,inst) LHM_lh_retrieve(CONF_VALUE,lh,inst) +#define lh_CONF_VALUE_delete(lh,inst) LHM_lh_delete(CONF_VALUE,lh,inst) +#define lh_CONF_VALUE_doall(lh,fn) LHM_lh_doall(CONF_VALUE,lh,fn) +#define lh_CONF_VALUE_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(CONF_VALUE,lh,fn,arg_type,arg) +#define lh_CONF_VALUE_error(lh) LHM_lh_error(CONF_VALUE,lh) +#define lh_CONF_VALUE_num_items(lh) LHM_lh_num_items(CONF_VALUE,lh) +#define lh_CONF_VALUE_down_load(lh) LHM_lh_down_load(CONF_VALUE,lh) +#define lh_CONF_VALUE_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(CONF_VALUE,lh,out) +#define lh_CONF_VALUE_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(CONF_VALUE,lh,out) +#define lh_CONF_VALUE_stats_bio(lh,out) \ + LHM_lh_stats_bio(CONF_VALUE,lh,out) +#define lh_CONF_VALUE_free(lh) LHM_lh_free(CONF_VALUE,lh) + +#define lh_ENGINE_PILE_new() LHM_lh_new(ENGINE_PILE,engine_pile) +#define lh_ENGINE_PILE_insert(lh,inst) LHM_lh_insert(ENGINE_PILE,lh,inst) +#define lh_ENGINE_PILE_retrieve(lh,inst) LHM_lh_retrieve(ENGINE_PILE,lh,inst) +#define lh_ENGINE_PILE_delete(lh,inst) LHM_lh_delete(ENGINE_PILE,lh,inst) +#define lh_ENGINE_PILE_doall(lh,fn) LHM_lh_doall(ENGINE_PILE,lh,fn) +#define lh_ENGINE_PILE_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(ENGINE_PILE,lh,fn,arg_type,arg) +#define lh_ENGINE_PILE_error(lh) LHM_lh_error(ENGINE_PILE,lh) +#define lh_ENGINE_PILE_num_items(lh) LHM_lh_num_items(ENGINE_PILE,lh) +#define lh_ENGINE_PILE_down_load(lh) LHM_lh_down_load(ENGINE_PILE,lh) +#define lh_ENGINE_PILE_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(ENGINE_PILE,lh,out) +#define lh_ENGINE_PILE_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(ENGINE_PILE,lh,out) +#define lh_ENGINE_PILE_stats_bio(lh,out) \ + LHM_lh_stats_bio(ENGINE_PILE,lh,out) +#define lh_ENGINE_PILE_free(lh) LHM_lh_free(ENGINE_PILE,lh) + +#define lh_ERR_STATE_new() LHM_lh_new(ERR_STATE,err_state) +#define lh_ERR_STATE_insert(lh,inst) LHM_lh_insert(ERR_STATE,lh,inst) +#define lh_ERR_STATE_retrieve(lh,inst) LHM_lh_retrieve(ERR_STATE,lh,inst) +#define lh_ERR_STATE_delete(lh,inst) LHM_lh_delete(ERR_STATE,lh,inst) +#define lh_ERR_STATE_doall(lh,fn) LHM_lh_doall(ERR_STATE,lh,fn) +#define lh_ERR_STATE_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(ERR_STATE,lh,fn,arg_type,arg) +#define lh_ERR_STATE_error(lh) LHM_lh_error(ERR_STATE,lh) +#define lh_ERR_STATE_num_items(lh) LHM_lh_num_items(ERR_STATE,lh) +#define lh_ERR_STATE_down_load(lh) LHM_lh_down_load(ERR_STATE,lh) +#define lh_ERR_STATE_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(ERR_STATE,lh,out) +#define lh_ERR_STATE_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(ERR_STATE,lh,out) +#define lh_ERR_STATE_stats_bio(lh,out) \ + LHM_lh_stats_bio(ERR_STATE,lh,out) +#define lh_ERR_STATE_free(lh) LHM_lh_free(ERR_STATE,lh) + +#define lh_ERR_STRING_DATA_new() LHM_lh_new(ERR_STRING_DATA,err_string_data) +#define lh_ERR_STRING_DATA_insert(lh,inst) LHM_lh_insert(ERR_STRING_DATA,lh,inst) +#define lh_ERR_STRING_DATA_retrieve(lh,inst) LHM_lh_retrieve(ERR_STRING_DATA,lh,inst) +#define lh_ERR_STRING_DATA_delete(lh,inst) LHM_lh_delete(ERR_STRING_DATA,lh,inst) +#define lh_ERR_STRING_DATA_doall(lh,fn) LHM_lh_doall(ERR_STRING_DATA,lh,fn) +#define lh_ERR_STRING_DATA_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(ERR_STRING_DATA,lh,fn,arg_type,arg) +#define lh_ERR_STRING_DATA_error(lh) LHM_lh_error(ERR_STRING_DATA,lh) +#define lh_ERR_STRING_DATA_num_items(lh) LHM_lh_num_items(ERR_STRING_DATA,lh) +#define lh_ERR_STRING_DATA_down_load(lh) LHM_lh_down_load(ERR_STRING_DATA,lh) +#define lh_ERR_STRING_DATA_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(ERR_STRING_DATA,lh,out) +#define lh_ERR_STRING_DATA_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(ERR_STRING_DATA,lh,out) +#define lh_ERR_STRING_DATA_stats_bio(lh,out) \ + LHM_lh_stats_bio(ERR_STRING_DATA,lh,out) +#define lh_ERR_STRING_DATA_free(lh) LHM_lh_free(ERR_STRING_DATA,lh) + +#define lh_EX_CLASS_ITEM_new() LHM_lh_new(EX_CLASS_ITEM,ex_class_item) +#define lh_EX_CLASS_ITEM_insert(lh,inst) LHM_lh_insert(EX_CLASS_ITEM,lh,inst) +#define lh_EX_CLASS_ITEM_retrieve(lh,inst) LHM_lh_retrieve(EX_CLASS_ITEM,lh,inst) +#define lh_EX_CLASS_ITEM_delete(lh,inst) LHM_lh_delete(EX_CLASS_ITEM,lh,inst) +#define lh_EX_CLASS_ITEM_doall(lh,fn) LHM_lh_doall(EX_CLASS_ITEM,lh,fn) +#define lh_EX_CLASS_ITEM_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(EX_CLASS_ITEM,lh,fn,arg_type,arg) +#define lh_EX_CLASS_ITEM_error(lh) LHM_lh_error(EX_CLASS_ITEM,lh) +#define lh_EX_CLASS_ITEM_num_items(lh) LHM_lh_num_items(EX_CLASS_ITEM,lh) +#define lh_EX_CLASS_ITEM_down_load(lh) LHM_lh_down_load(EX_CLASS_ITEM,lh) +#define lh_EX_CLASS_ITEM_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(EX_CLASS_ITEM,lh,out) +#define lh_EX_CLASS_ITEM_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(EX_CLASS_ITEM,lh,out) +#define lh_EX_CLASS_ITEM_stats_bio(lh,out) \ + LHM_lh_stats_bio(EX_CLASS_ITEM,lh,out) +#define lh_EX_CLASS_ITEM_free(lh) LHM_lh_free(EX_CLASS_ITEM,lh) + +#define lh_FUNCTION_new() LHM_lh_new(FUNCTION,function) +#define lh_FUNCTION_insert(lh,inst) LHM_lh_insert(FUNCTION,lh,inst) +#define lh_FUNCTION_retrieve(lh,inst) LHM_lh_retrieve(FUNCTION,lh,inst) +#define lh_FUNCTION_delete(lh,inst) LHM_lh_delete(FUNCTION,lh,inst) +#define lh_FUNCTION_doall(lh,fn) LHM_lh_doall(FUNCTION,lh,fn) +#define lh_FUNCTION_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(FUNCTION,lh,fn,arg_type,arg) +#define lh_FUNCTION_error(lh) LHM_lh_error(FUNCTION,lh) +#define lh_FUNCTION_num_items(lh) LHM_lh_num_items(FUNCTION,lh) +#define lh_FUNCTION_down_load(lh) LHM_lh_down_load(FUNCTION,lh) +#define lh_FUNCTION_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(FUNCTION,lh,out) +#define lh_FUNCTION_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(FUNCTION,lh,out) +#define lh_FUNCTION_stats_bio(lh,out) \ + LHM_lh_stats_bio(FUNCTION,lh,out) +#define lh_FUNCTION_free(lh) LHM_lh_free(FUNCTION,lh) + +#define lh_MEM_new() LHM_lh_new(MEM,mem) +#define lh_MEM_insert(lh,inst) LHM_lh_insert(MEM,lh,inst) +#define lh_MEM_retrieve(lh,inst) LHM_lh_retrieve(MEM,lh,inst) +#define lh_MEM_delete(lh,inst) LHM_lh_delete(MEM,lh,inst) +#define lh_MEM_doall(lh,fn) LHM_lh_doall(MEM,lh,fn) +#define lh_MEM_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(MEM,lh,fn,arg_type,arg) +#define lh_MEM_error(lh) LHM_lh_error(MEM,lh) +#define lh_MEM_num_items(lh) LHM_lh_num_items(MEM,lh) +#define lh_MEM_down_load(lh) LHM_lh_down_load(MEM,lh) +#define lh_MEM_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(MEM,lh,out) +#define lh_MEM_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(MEM,lh,out) +#define lh_MEM_stats_bio(lh,out) \ + LHM_lh_stats_bio(MEM,lh,out) +#define lh_MEM_free(lh) LHM_lh_free(MEM,lh) + +#define lh_OBJ_NAME_new() LHM_lh_new(OBJ_NAME,obj_name) +#define lh_OBJ_NAME_insert(lh,inst) LHM_lh_insert(OBJ_NAME,lh,inst) +#define lh_OBJ_NAME_retrieve(lh,inst) LHM_lh_retrieve(OBJ_NAME,lh,inst) +#define lh_OBJ_NAME_delete(lh,inst) LHM_lh_delete(OBJ_NAME,lh,inst) +#define lh_OBJ_NAME_doall(lh,fn) LHM_lh_doall(OBJ_NAME,lh,fn) +#define lh_OBJ_NAME_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(OBJ_NAME,lh,fn,arg_type,arg) +#define lh_OBJ_NAME_error(lh) LHM_lh_error(OBJ_NAME,lh) +#define lh_OBJ_NAME_num_items(lh) LHM_lh_num_items(OBJ_NAME,lh) +#define lh_OBJ_NAME_down_load(lh) LHM_lh_down_load(OBJ_NAME,lh) +#define lh_OBJ_NAME_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(OBJ_NAME,lh,out) +#define lh_OBJ_NAME_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(OBJ_NAME,lh,out) +#define lh_OBJ_NAME_stats_bio(lh,out) \ + LHM_lh_stats_bio(OBJ_NAME,lh,out) +#define lh_OBJ_NAME_free(lh) LHM_lh_free(OBJ_NAME,lh) + +#define lh_OPENSSL_CSTRING_new() LHM_lh_new(OPENSSL_CSTRING,openssl_cstring) +#define lh_OPENSSL_CSTRING_insert(lh,inst) LHM_lh_insert(OPENSSL_CSTRING,lh,inst) +#define lh_OPENSSL_CSTRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_CSTRING,lh,inst) +#define lh_OPENSSL_CSTRING_delete(lh,inst) LHM_lh_delete(OPENSSL_CSTRING,lh,inst) +#define lh_OPENSSL_CSTRING_doall(lh,fn) LHM_lh_doall(OPENSSL_CSTRING,lh,fn) +#define lh_OPENSSL_CSTRING_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(OPENSSL_CSTRING,lh,fn,arg_type,arg) +#define lh_OPENSSL_CSTRING_error(lh) LHM_lh_error(OPENSSL_CSTRING,lh) +#define lh_OPENSSL_CSTRING_num_items(lh) LHM_lh_num_items(OPENSSL_CSTRING,lh) +#define lh_OPENSSL_CSTRING_down_load(lh) LHM_lh_down_load(OPENSSL_CSTRING,lh) +#define lh_OPENSSL_CSTRING_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(OPENSSL_CSTRING,lh,out) +#define lh_OPENSSL_CSTRING_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(OPENSSL_CSTRING,lh,out) +#define lh_OPENSSL_CSTRING_stats_bio(lh,out) \ + LHM_lh_stats_bio(OPENSSL_CSTRING,lh,out) +#define lh_OPENSSL_CSTRING_free(lh) LHM_lh_free(OPENSSL_CSTRING,lh) + +#define lh_OPENSSL_STRING_new() LHM_lh_new(OPENSSL_STRING,openssl_string) +#define lh_OPENSSL_STRING_insert(lh,inst) LHM_lh_insert(OPENSSL_STRING,lh,inst) +#define lh_OPENSSL_STRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_STRING,lh,inst) +#define lh_OPENSSL_STRING_delete(lh,inst) LHM_lh_delete(OPENSSL_STRING,lh,inst) +#define lh_OPENSSL_STRING_doall(lh,fn) LHM_lh_doall(OPENSSL_STRING,lh,fn) +#define lh_OPENSSL_STRING_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(OPENSSL_STRING,lh,fn,arg_type,arg) +#define lh_OPENSSL_STRING_error(lh) LHM_lh_error(OPENSSL_STRING,lh) +#define lh_OPENSSL_STRING_num_items(lh) LHM_lh_num_items(OPENSSL_STRING,lh) +#define lh_OPENSSL_STRING_down_load(lh) LHM_lh_down_load(OPENSSL_STRING,lh) +#define lh_OPENSSL_STRING_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(OPENSSL_STRING,lh,out) +#define lh_OPENSSL_STRING_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(OPENSSL_STRING,lh,out) +#define lh_OPENSSL_STRING_stats_bio(lh,out) \ + LHM_lh_stats_bio(OPENSSL_STRING,lh,out) +#define lh_OPENSSL_STRING_free(lh) LHM_lh_free(OPENSSL_STRING,lh) + +#define lh_SSL_SESSION_new() LHM_lh_new(SSL_SESSION,ssl_session) +#define lh_SSL_SESSION_insert(lh,inst) LHM_lh_insert(SSL_SESSION,lh,inst) +#define lh_SSL_SESSION_retrieve(lh,inst) LHM_lh_retrieve(SSL_SESSION,lh,inst) +#define lh_SSL_SESSION_delete(lh,inst) LHM_lh_delete(SSL_SESSION,lh,inst) +#define lh_SSL_SESSION_doall(lh,fn) LHM_lh_doall(SSL_SESSION,lh,fn) +#define lh_SSL_SESSION_doall_arg(lh,fn,arg_type,arg) \ + LHM_lh_doall_arg(SSL_SESSION,lh,fn,arg_type,arg) +#define lh_SSL_SESSION_error(lh) LHM_lh_error(SSL_SESSION,lh) +#define lh_SSL_SESSION_num_items(lh) LHM_lh_num_items(SSL_SESSION,lh) +#define lh_SSL_SESSION_down_load(lh) LHM_lh_down_load(SSL_SESSION,lh) +#define lh_SSL_SESSION_node_stats_bio(lh,out) \ + LHM_lh_node_stats_bio(SSL_SESSION,lh,out) +#define lh_SSL_SESSION_node_usage_stats_bio(lh,out) \ + LHM_lh_node_usage_stats_bio(SSL_SESSION,lh,out) +#define lh_SSL_SESSION_stats_bio(lh,out) \ + LHM_lh_stats_bio(SSL_SESSION,lh,out) +#define lh_SSL_SESSION_free(lh) LHM_lh_free(SSL_SESSION,lh) ++/ +/* End of util/mkstack.pl block, you may now edit :-) */ diff --git a/deimos/openssl/seed.d b/deimos/openssl/seed.d new file mode 100644 index 0000000..fd879cd --- /dev/null +++ b/deimos/openssl/seed.d @@ -0,0 +1,134 @@ +/* + * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Neither the name of author nor the names of its contributors may + * be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + */ +/* ==================================================================== + * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + +module deimos.openssl.seed; + +import deimos.openssl._d_util; + +public import deimos.openssl.opensslconf; +public import deimos.openssl.e_os2; +public import deimos.openssl.crypto; + +version (OPENSSL_NO_SEED) { + static assert(false, "SEED is disabled."); +} + +// #ifdef AES_LONG /* look whether we need 'long' to get 32 bits */ +// # ifndef SEED_LONG +// # define SEED_LONG 1 +// # endif +// #endif + +// #if !defined(NO_SYS_TYPES_H) +// # include +// #endif + +enum SEED_BLOCK_SIZE = 16; +enum SEED_KEY_LENGTH = 16; + + +extern (C): +nothrow: + + +struct seed_key_st { +// #ifdef SEED_LONG +// c_ulong data[32]; +// #else + uint[32] data; +// #endif +} +alias seed_key_st SEED_KEY_SCHEDULE; + +version(OPENSSL_FIPS) { + void private_SEED_set_key(const(ubyte[SEED_KEY_LENGTH])* rawkey, SEED_KEY_SCHEDULE* ks); +} +void SEED_set_key(const(ubyte[SEED_KEY_LENGTH])* rawkey, SEED_KEY_SCHEDULE* ks); + +void SEED_encrypt(const(ubyte[SEED_BLOCK_SIZE])* s, ubyte[SEED_BLOCK_SIZE]* d, const(SEED_KEY_SCHEDULE)* ks); +void SEED_decrypt(const(ubyte[SEED_BLOCK_SIZE])* s, ubyte[SEED_BLOCK_SIZE]* d, const(SEED_KEY_SCHEDULE)* ks); + +void SEED_ecb_encrypt(const(ubyte)* in_, ubyte* out_, const(SEED_KEY_SCHEDULE)* ks, int enc); +void SEED_cbc_encrypt(const(ubyte)* in_, ubyte* out_, + size_t len, const(SEED_KEY_SCHEDULE)* ks, ubyte[SEED_BLOCK_SIZE]* ivec, int enc); +void SEED_cfb128_encrypt(const(ubyte)* in_, ubyte* out_, + size_t len, const(SEED_KEY_SCHEDULE)* ks, ubyte[SEED_BLOCK_SIZE]* ivec, int* num, int enc); +void SEED_ofb128_encrypt(const(ubyte)* in_, ubyte* out_, + size_t len, const(SEED_KEY_SCHEDULE)* ks, ubyte[SEED_BLOCK_SIZE]* ivec, int* num); diff --git a/deimos/openssl/sha.d b/deimos/openssl/sha.d new file mode 100644 index 0000000..5966a1d --- /dev/null +++ b/deimos/openssl/sha.d @@ -0,0 +1,219 @@ +/* crypto/sha/sha.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.sha; + +import deimos.openssl._d_util; + +public import deimos.openssl.e_os2; +import core.stdc.config; + +extern (C): +nothrow: + +version (OPENSSL_NO_SHA) { + static assert(false, "SHA is disabled."); +} + +version (OPENSSL_NO_SHA0) { + version (OPENSSL_NO_SHA1) { + static assert(false, "SHA is disabled."); + } +} + +version (OPENSSL_FIPS) { + alias size_t FIPS_SHA_SIZE_T; +} + +/* + * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + * ! SHA_LONG has to be at least 32 bits wide. If it's wider, then ! + * ! SHA_LONG_LOG2 has to be defined along. ! + * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + */ + +//#if defined(__LP32__) +//alias c_ulong SHA_LONG; +//#elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__) +//alias c_ulong SHA_LONG; +//enum SHA_LONG_LOG2 = 3; +//#else +//alias uint SHA_LONG; +//#endif +alias uint SHA_LONG; + +enum SHA_LBLOCK = 16; +enum SHA_CBLOCK = (SHA_LBLOCK*4); /* SHA treats input data as a + * contiguous array of 32 bit + * wide big-endian values. */ +enum SHA_LAST_BLOCK = (SHA_CBLOCK-8); +enum SHA_DIGEST_LENGTH = 20; + +struct SHAstate_st + { + SHA_LONG h0,h1,h2,h3,h4; + SHA_LONG Nl,Nh; + SHA_LONG[SHA_LBLOCK] data; + uint num; + } +alias SHAstate_st SHA_CTX; + +version(OPENSSL_NO_SHA0) {} else { +version(OPENSSL_FIPS) { + int private_SHA_Init(SHA_CTX* c); +} +int SHA_Init(SHA_CTX* c); +int SHA_Update(SHA_CTX* c, const(void)* data, size_t len); +int SHA_Final(ubyte* md, SHA_CTX* c); +ubyte* SHA(const(ubyte)* d, size_t n, ubyte* md); +void SHA_Transform(SHA_CTX* c, const(ubyte)* data); +} +version(OPENSSL_NO_SHA1) {} else { +version(OPENSSL_FIPS) { + int private_SHA1_Init(SHA_CTX* c); +} +int SHA1_Init(SHA_CTX* c); +int SHA1_Update(SHA_CTX* c, const(void)* data, size_t len); +int SHA1_Final(ubyte* md, SHA_CTX* c); +ubyte* SHA1(const(ubyte)* d, size_t n, ubyte* md); +void SHA1_Transform(SHA_CTX* c, const(ubyte)* data); +} + +enum SHA256_CBLOCK = (SHA_LBLOCK*4); /* SHA-256 treats input data as a + * contiguous array of 32 bit + * wide big-endian values. */ +enum SHA224_DIGEST_LENGTH = 28; +enum SHA256_DIGEST_LENGTH = 32; + +struct SHA256state_st { + SHA_LONG[8] h; + SHA_LONG Nl,Nh; + SHA_LONG[SHA_LBLOCK] data; + uint num,md_len; + } +alias SHA256state_st SHA256_CTX; + +version(OPENSSL_NO_SHA256) {} else { +version(OPENSSL_FIPS) { + int private_SHA224_Init(SHA256_CTX *c); + int private_SHA256_Init(SHA256_CTX *c); +} +int SHA224_Init(SHA256_CTX* c); +int SHA224_Update(SHA256_CTX* c, const(void)* data, size_t len); +int SHA224_Final(ubyte* md, SHA256_CTX* c); +ubyte* SHA224(const(ubyte)* d, size_t n,ubyte* md); +int SHA256_Init(SHA256_CTX* c); +int SHA256_Update(SHA256_CTX* c, const(void)* data, size_t len); +int SHA256_Final(ubyte* md, SHA256_CTX* c); +ubyte* SHA256(const(ubyte)* d, size_t n,ubyte* md); +void SHA256_Transform(SHA256_CTX* c, const(ubyte)* data); +} + +enum SHA384_DIGEST_LENGTH = 48; +enum SHA512_DIGEST_LENGTH = 64; + +version (OPENSSL_NO_SHA512) {} else { +/* + * Unlike 32-bit digest algorithms, SHA-512* relies* on SHA_LONG64 + * being exactly 64-bit wide. See Implementation Notes in sha512.c + * for further details. + */ +enum SHA512_CBLOCK = (SHA_LBLOCK*8); /* SHA-512 treats input data as a + * contiguous array of 64 bit + * wide big-endian values. */ +//#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) +//alias unsigned SHA_LONG64; __int64 +//#define U64(C) C##UI64 +//#elif defined(__arch64__) +//alias c_ulong SHA_LONG64; +//#define U64(C) C##UL +//#else +//alias c_ulong SHA_LONG64; c_long +//#define U64(C) C##ULL +//#endif +alias ulong SHA_LONG64; + +struct SHA512state_st + { + SHA_LONG64[8] h; + SHA_LONG64 Nl,Nh; + union u_ { + SHA_LONG64[SHA_LBLOCK] d; + ubyte[SHA512_CBLOCK] p; + } + u_ u; + uint num,md_len; + } +alias SHA512state_st SHA512_CTX; +} + +version(OPENSSL_NO_SHA512) {} else { +version(OPENSSL_FIPS) { + int private_SHA384_Init(SHA512_CTX* c); + int private_SHA512_Init(SHA512_CTX* c); +} +int SHA384_Init(SHA512_CTX* c); +int SHA384_Update(SHA512_CTX* c, const(void)* data, size_t len); +int SHA384_Final(ubyte* md, SHA512_CTX* c); +ubyte* SHA384(const(ubyte)* d, size_t n,ubyte* md); +int SHA512_Init(SHA512_CTX* c); +int SHA512_Update(SHA512_CTX* c, const(void)* data, size_t len); +int SHA512_Final(ubyte* md, SHA512_CTX* c); +ubyte* SHA512(const(ubyte)* d, size_t n,ubyte* md); +void SHA512_Transform(SHA512_CTX* c, const(ubyte)* data); +} diff --git a/deimos/openssl/srp.d b/deimos/openssl/srp.d new file mode 100644 index 0000000..2b3ca11 --- /dev/null +++ b/deimos/openssl/srp.d @@ -0,0 +1,167 @@ +/* crypto/srp/srp.h */ +/* Written by Christophe Renou (christophe.renou@edelweb.fr) with + * the precious help of Peter Sylvester (peter.sylvester@edelweb.fr) + * for the EdelKey project and contributed to the OpenSSL project 2004. + */ +/* ==================================================================== + * Copyright (c) 2004 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +module deimos.openssl.srp; + +import deimos.openssl._d_util; + +extern(C): +nothrow: + +version(OPENSSL_NO_SRP) {} else { + +import core.stdc.stdio; +import core.stdc.string; + +public import deimos.openssl.safestack; +public import deimos.openssl.bn; +public import deimos.openssl.crypto; + +struct SRP_gN_cache_st + { + char *b64_bn; + BIGNUM *bn; + } +alias SRP_gN_cache = SRP_gN_cache_st; + +/+mixin DECLARE_STACK_OF!(SRP_gN_cache);+/ + +struct SRP_user_pwd_st + { + char *id; + BIGNUM *s; + BIGNUM *v; + const BIGNUM *g; + const BIGNUM *N; + char *info; + } +alias SRP_user_pwd = SRP_user_pwd_st; + +/+mixin DECLARE_STACK_OF!(SRP_user_pwd);+/ + +struct SRP_VBASE_st + { + STACK_OF!SRP_user_pwd *users_pwd; + STACK_OF!SRP_gN_cache *gN_cache; +/* to simulate a user */ + char *seed_key; + BIGNUM *default_g; + BIGNUM *default_N; + } +alias SRP_VBASE = SRP_VBASE_st; + +/*Structure interne pour retenir les couples N et g*/ +struct SRP_gN_st + { + char *id; + BIGNUM *g; + BIGNUM *N; + } +alias SRP_gN = SRP_gN_st; + +/+mixin DECLARE_STACK_OF!(SRP_gN);+/ + +SRP_VBASE *SRP_VBASE_new(char *seed_key); +int SRP_VBASE_free(SRP_VBASE *vb); +int SRP_VBASE_init(SRP_VBASE *vb, char * verifier_file); +SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username); +char *SRP_create_verifier(const char *user, const char *pass, char **salt, + char **verifier, const char *N, const char *g); +int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt, BIGNUM **verifier, BIGNUM *N, BIGNUM *g); + + +enum SRP_NO_ERROR = 0; +enum SRP_ERR_VBASE_INCOMPLETE_FILE = 1; +enum SRP_ERR_VBASE_BN_LIB = 2; +enum SRP_ERR_OPEN_FILE = 3; +enum SRP_ERR_MEMORY = 4; + +enum DB_srptype = 0; +enum DB_srpverifier = 1; +enum DB_srpsalt = 2; +enum DB_srpid = 3; +enum DB_srpgN = 4; +enum DB_srpinfo = 5; +// #undef DB_NUMBER +enum DB_NUMBER = 6; + +enum DB_SRP_INDEX = 'I'; +enum DB_SRP_VALID = 'V'; +enum DB_SRP_REVOKED = 'R'; +enum DB_SRP_MODIF = 'v'; + +/* see srp.c */ +char * SRP_check_known_gN_param(BIGNUM* g, BIGNUM* N); +SRP_gN *SRP_get_default_gN(const char * id) ; + +/* server side .... */ +BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b, BIGNUM *N); +BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v); +int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N); +BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) ; + + + +/* client side .... */ +BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass); +BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g); +BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x, BIGNUM *a, BIGNUM *u); +int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N); + +enum SRP_MINIMAL_N = 1024; +} diff --git a/deimos/openssl/srtp.d b/deimos/openssl/srtp.d new file mode 100644 index 0000000..b59ddb1 --- /dev/null +++ b/deimos/openssl/srtp.d @@ -0,0 +1,139 @@ +/* ssl/tls1.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +/* ==================================================================== + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +/* + DTLS code by Eric Rescorla + + Copyright (C) 2006, Network Resonance, Inc. + Copyright (C) 2011, RTFM, Inc. +*/ +module deimos.openssl.srtp; + +import deimos.openssl._d_util; +import deimos.openssl.ssl : SSL, SSL_CTX, SRTP_PROTECTION_PROFILE; +import deimos.openssl.safestack : STACK_OF; + +extern(C): +nothrow: + +enum SRTP_AES128_CM_SHA1_80 = 0x0001; +enum SRTP_AES128_CM_SHA1_32 = 0x0002; +enum SRTP_AES128_F8_SHA1_80 = 0x0003; +enum SRTP_AES128_F8_SHA1_32 = 0x0004; +enum SRTP_NULL_SHA1_80 = 0x0005; +enum SRTP_NULL_SHA1_32 = 0x0006; + +int SSL_CTX_set_tlsext_use_srtp(SSL_CTX* ctx, const(char)* profiles); +int SSL_set_tlsext_use_srtp(SSL* ctx, const(char)* profiles); +SRTP_PROTECTION_PROFILE* SSL_get_selected_srtp_profile(SSL* s); + +STACK_OF!SRTP_PROTECTION_PROFILE* SSL_get_srtp_profiles(SSL* ssl); +SRTP_PROTECTION_PROFILE* SSL_get_selected_srtp_profile(SSL* s); + diff --git a/deimos/openssl/ssl.d b/deimos/openssl/ssl.d new file mode 100644 index 0000000..006d45a --- /dev/null +++ b/deimos/openssl/ssl.d @@ -0,0 +1,2652 @@ +/* ssl/ssl.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +/* ==================================================================== + * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECC cipher suite support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ +/* ==================================================================== + * Copyright 2005 Nokia. All rights reserved. + * + * The portions of the attached software ("Contribution") is developed by + * Nokia Corporation and is licensed pursuant to the OpenSSL open source + * license. + * + * The Contribution, originally written by Mika Kousa and Pasi Eronen of + * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites + * support (see RFC 4279) to OpenSSL. + * + * No patent licenses or other rights except those expressly stated in + * the OpenSSL open source license shall be deemed granted or received + * expressly, by implication, estoppel, or otherwise. + * + * No assurances are provided by Nokia that the Contribution does not + * infringe the patent or other intellectual property rights of any third + * party or that the license provides you with all the necessary rights + * to make use of the Contribution. + * + * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN + * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA + * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY + * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR + * OTHERWISE. + */ + +module deimos.openssl.ssl; + +import deimos.openssl._d_util; + +import deimos.openssl.x509_vfy; // Needed for x509_store_st. +import deimos.openssl.ssl2; // Needed for SSL2_TXT_NULL_WITH_MD5, etc. +import deimos.openssl.ssl3; // Needed for SSL3_TXT_KRB5_DES_64_CBC_SHA, etc. +version (OPENSSL_NO_KRB5) {} else { + import deimos.openssl.kssl; // Needed for KSSL_CTX. +} + +// Declare cert_st used multiple times below. +struct cert_st; + +public import deimos.openssl.e_os2; + +version(OPENSSL_NO_COMP) {} else { +public import deimos.openssl.comp; +} +version(OPENSSL_NO_BIO) {} else { +public import deimos.openssl.bio; +} +version (OPENSSL_NO_DEPRECATED) {} else { +version(OPENSSL_NO_X509) {} else { +public import deimos.openssl.x509; +} +public import deimos.openssl.crypto; +public import deimos.openssl.buffer; +} +public import deimos.openssl.lhash; // Needed for DECLARE_LHASH_OF. +public import deimos.openssl.pem; +public import deimos.openssl.hmac; + +public import deimos.openssl.kssl; +public import deimos.openssl.safestack; +public import deimos.openssl.symhacks; + +extern (C): +nothrow: + +/* SSLeay version number for ASN.1 encoding of the session information */ +/* Version 0 - initial version + * Version 1 - added the optional peer certificate + */ +enum SSL_SESSION_ASN1_VERSION = 0x0001; + +/* text strings for the ciphers */ +alias SSL2_TXT_NULL_WITH_MD5 SSL_TXT_NULL_WITH_MD5; +alias SSL2_TXT_RC4_128_WITH_MD5 SSL_TXT_RC4_128_WITH_MD5; +alias SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 SSL_TXT_RC4_128_EXPORT40_WITH_MD5; +alias SSL2_TXT_RC2_128_CBC_WITH_MD5 SSL_TXT_RC2_128_CBC_WITH_MD5; +alias SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5; +alias SSL2_TXT_IDEA_128_CBC_WITH_MD5 SSL_TXT_IDEA_128_CBC_WITH_MD5; +alias SSL2_TXT_DES_64_CBC_WITH_MD5 SSL_TXT_DES_64_CBC_WITH_MD5; +alias SSL2_TXT_DES_64_CBC_WITH_SHA SSL_TXT_DES_64_CBC_WITH_SHA; +alias SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL_TXT_DES_192_EDE3_CBC_WITH_MD5; +alias SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA SSL_TXT_DES_192_EDE3_CBC_WITH_SHA; + +/* VRS Additional Kerberos5 entries + */ +alias SSL3_TXT_KRB5_DES_64_CBC_SHA SSL_TXT_KRB5_DES_64_CBC_SHA; +alias SSL3_TXT_KRB5_DES_192_CBC3_SHA SSL_TXT_KRB5_DES_192_CBC3_SHA; +alias SSL3_TXT_KRB5_RC4_128_SHA SSL_TXT_KRB5_RC4_128_SHA; +alias SSL3_TXT_KRB5_IDEA_128_CBC_SHA SSL_TXT_KRB5_IDEA_128_CBC_SHA; +alias SSL3_TXT_KRB5_DES_64_CBC_MD5 SSL_TXT_KRB5_DES_64_CBC_MD5; +alias SSL3_TXT_KRB5_DES_192_CBC3_MD5 SSL_TXT_KRB5_DES_192_CBC3_MD5; +alias SSL3_TXT_KRB5_RC4_128_MD5 SSL_TXT_KRB5_RC4_128_MD5; +alias SSL3_TXT_KRB5_IDEA_128_CBC_MD5 SSL_TXT_KRB5_IDEA_128_CBC_MD5; + +alias SSL3_TXT_KRB5_DES_40_CBC_SHA SSL_TXT_KRB5_DES_40_CBC_SHA; +alias SSL3_TXT_KRB5_RC2_40_CBC_SHA SSL_TXT_KRB5_RC2_40_CBC_SHA; +alias SSL3_TXT_KRB5_RC4_40_SHA SSL_TXT_KRB5_RC4_40_SHA; +alias SSL3_TXT_KRB5_DES_40_CBC_MD5 SSL_TXT_KRB5_DES_40_CBC_MD5; +alias SSL3_TXT_KRB5_RC2_40_CBC_MD5 SSL_TXT_KRB5_RC2_40_CBC_MD5; +alias SSL3_TXT_KRB5_RC4_40_MD5 SSL_TXT_KRB5_RC4_40_MD5; + +// Oversight in the original headers: Already defined above. +// alias SSL3_TXT_KRB5_DES_40_CBC_SHA SSL_TXT_KRB5_DES_40_CBC_SHA; +// alias SSL3_TXT_KRB5_DES_40_CBC_MD5 SSL_TXT_KRB5_DES_40_CBC_MD5; +// alias SSL3_TXT_KRB5_DES_64_CBC_SHA SSL_TXT_KRB5_DES_64_CBC_SHA; +// alias SSL3_TXT_KRB5_DES_64_CBC_MD5 SSL_TXT_KRB5_DES_64_CBC_MD5; +// alias SSL3_TXT_KRB5_DES_192_CBC3_SHA SSL_TXT_KRB5_DES_192_CBC3_SHA; +// alias SSL3_TXT_KRB5_DES_192_CBC3_MD5 SSL_TXT_KRB5_DES_192_CBC3_MD5; +enum SSL_MAX_KRB5_PRINCIPAL_LENGTH = 256; + +enum SSL_MAX_SSL_SESSION_ID_LENGTH = 32; +enum SSL_MAX_SID_CTX_LENGTH = 32; + +enum SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES = (512/8); +enum SSL_MAX_KEY_ARG_LENGTH = 8; +enum SSL_MAX_MASTER_KEY_LENGTH = 48; + + +/* These are used to specify which ciphers to use and not to use */ + +enum SSL_TXT_EXP40 = "EXPORT40"; +enum SSL_TXT_EXP56 = "EXPORT56"; +enum SSL_TXT_LOW = "LOW"; +enum SSL_TXT_MEDIUM = "MEDIUM"; +enum SSL_TXT_HIGH = "HIGH"; +enum SSL_TXT_FIPS = "FIPS"; + +enum SSL_TXT_kFZA = "kFZA"; /* unused! */ +enum SSL_TXT_aFZA = "aFZA"; /* unused! */ +enum SSL_TXT_eFZA = "eFZA"; /* unused! */ +enum SSL_TXT_FZA = "FZA"; /* unused! */ + +enum SSL_TXT_aNULL = "aNULL"; +enum SSL_TXT_eNULL = "eNULL"; +enum SSL_TXT_NULL = "NULL"; + +enum SSL_TXT_kRSA = "kRSA"; +enum SSL_TXT_kDHr = "kDHr"; /* no such ciphersuites supported! */ +enum SSL_TXT_kDHd = "kDHd"; /* no such ciphersuites supported! */ +enum SSL_TXT_kDH = "kDH"; /* no such ciphersuites supported! */ +enum SSL_TXT_kEDH = "kEDH"; +enum SSL_TXT_kKRB5 = "kKRB5"; +enum SSL_TXT_kECDHr = "kECDHr"; +enum SSL_TXT_kECDHe = "kECDHe"; +enum SSL_TXT_kECDH = "kECDH"; +enum SSL_TXT_kEECDH = "kEECDH"; +enum SSL_TXT_kPSK = "kPSK"; +enum SSL_TXT_kGOST = "kGOST"; +enum SSL_TXT_kSRP = "kSRP"; + +enum SSL_TXT_aRSA = "aRSA"; +enum SSL_TXT_aDSS = "aDSS"; +enum SSL_TXT_aDH = "aDH"; /* no such ciphersuites supported! */ +enum SSL_TXT_aECDH = "aECDH"; +enum SSL_TXT_aKRB5 = "aKRB5"; +enum SSL_TXT_aECDSA = "aECDSA"; +enum SSL_TXT_aPSK = "aPSK"; +enum SSL_TXT_aGOST94 = "aGOST94"; +enum SSL_TXT_aGOST01 = "aGOST01"; +enum SSL_TXT_aGOST = "aGOST"; + +enum SSL_TXT_DSS = "DSS"; +enum SSL_TXT_DH = "DH"; +enum SSL_TXT_EDH = "EDH"; /* same as "kEDH:-ADH" */ +enum SSL_TXT_ADH = "ADH"; +enum SSL_TXT_RSA = "RSA"; +enum SSL_TXT_ECDH = "ECDH"; +enum SSL_TXT_EECDH = "EECDH"; /* same as "kEECDH:-AECDH" */ +enum SSL_TXT_AECDH = "AECDH"; +enum SSL_TXT_ECDSA = "ECDSA"; +enum SSL_TXT_KRB5 = "KRB5"; +enum SSL_TXT_PSK = "PSK"; +enum SSL_TXT_SRP = "SRP"; + +enum SSL_TXT_DES = "DES"; +enum SSL_TXT_3DES = "3DES"; +enum SSL_TXT_RC4 = "RC4"; +enum SSL_TXT_RC2 = "RC2"; +enum SSL_TXT_IDEA = "IDEA"; +enum SSL_TXT_SEED = "SEED"; +enum SSL_TXT_AES128 = "AES128"; +enum SSL_TXT_AES256 = "AES256"; +enum SSL_TXT_AES = "AES"; +enum SSL_TXT_AES_GCM = "AESGCM"; +enum SSL_TXT_CAMELLIA128 = "CAMELLIA128"; +enum SSL_TXT_CAMELLIA256 = "CAMELLIA256"; +enum SSL_TXT_CAMELLIA = "CAMELLIA"; + +enum SSL_TXT_MD5 = "MD5"; +enum SSL_TXT_SHA1 = "SHA1"; +enum SSL_TXT_SHA = "SHA"; /* same as "SHA1" */ +enum SSL_TXT_GOST94 = "GOST94"; +enum SSL_TXT_GOST89MAC = "GOST89MAC"; +enum SSL_TXT_SHA256 = "SHA256"; +enum SSL_TXT_SHA384 = "SHA384"; + +enum SSL_TXT_SSLV2 = "SSLv2"; +enum SSL_TXT_SSLV3 = "SSLv3"; +enum SSL_TXT_TLSV1 = "TLSv1"; +enum SSL_TXT_TLSV1_1 = "TLSv1.1"; +enum SSL_TXT_TLSV1_2 = "TLSv1.2"; + +enum SSL_TXT_EXP = "EXP"; +enum SSL_TXT_EXPORT = "EXPORT"; + +enum SSL_TXT_ALL = "ALL"; + +/* + * COMPLEMENTOF* definitions. These identifiers are used to (de-select) + * ciphers normally not being used. + * Example: "RC4" will activate all ciphers using RC4 including ciphers + * without authentication, which would normally disabled by DEFAULT (due + * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT" + * will make sure that it is also disabled in the specific selection. + * COMPLEMENTOF* identifiers are portable between version_, as adjustments + * to the default cipher setup will also be included here. + * + * COMPLEMENTOFDEFAULT does not experience the same special treatment that + * DEFAULT gets, as only selection is being done and no sorting as needed + * for DEFAULT. + */ +enum SSL_TXT_CMPALL = "COMPLEMENTOFALL"; +enum SSL_TXT_CMPDEF = "COMPLEMENTOFDEFAULT"; + +/* The following cipher list is used by default. + * It also is substituted when an application-defined cipher list string + * starts with 'DEFAULT'. */ +enum SSL_DEFAULT_CIPHER_LIST = "ALL:!aNULL:!eNULL:!SSLv2"; +/* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always + * starts with a reasonable order, and all we have to do for DEFAULT is + * throwing out anonymous and unencrypted ciphersuites! + * (The latter are not actually enabled by ALL, but "ALL:RSA" would enable + * some of them.) + */ + +/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ +enum SSL_SENT_SHUTDOWN = 1; +enum SSL_RECEIVED_SHUTDOWN = 2; + +extern (C): +nothrow: + +version (OPENSSL_NO_RSA) { version = OPENSSL_NO_SSL2; } +version (OPENSSL_NO_MD5) { version = OPENSSL_NO_SSL2; } + +alias X509_FILETYPE_ASN1 SSL_FILETYPE_ASN1; +alias X509_FILETYPE_PEM SSL_FILETYPE_PEM; + +/* This is needed to stop compilers complaining about the + * 'ssl_st* ' function parameters used to prototype callbacks + * in SSL_CTX. */ +alias ssl_st* ssl_crock_st; +import deimos.openssl.tls1; +alias tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT; +alias ssl_method_st SSL_METHOD; +alias ssl_cipher_st SSL_CIPHER; +alias ssl_session_st SSL_SESSION; + +/+mixin DECLARE_STACK_OF(SSL_CIPHER);+/ + +/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/ +struct srtp_protection_profile_st + { + const(char)* name; + c_ulong id; + } +alias srtp_protection_profile_st SRTP_PROTECTION_PROFILE; + +/+mixin DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE);+/ + +alias ExternC!(int function(SSL* s, const(ubyte)* data, int len, void* arg)) tls_session_ticket_ext_cb_fn; +alias ExternC!(int function(SSL* s, void* secret, int* secret_len, STACK_OF!(SSL_CIPHER) *peer_ciphers, SSL_CIPHER** cipher, void* arg)) tls_session_secret_cb_fn; + + +version(OPENSSL_NO_SSL_INTERN) {} else { + +/* used to hold info on the particular ciphers used */ +struct ssl_cipher_st { + int valid; + const(char)* name; /* text name */ + c_ulong id; /* id, 4 bytes, first is version */ + + /* changed in 0.9.9: these four used to be portions of a single value 'algorithms' */ + c_ulong algorithm_mkey; /* key exchange algorithm */ + c_ulong algorithm_auth; /* server authentication */ + c_ulong algorithm_enc; /* symmetric encryption */ + c_ulong algorithm_mac; /* symmetric authentication */ + c_ulong algorithm_ssl; /* (major) protocol version */ + + c_ulong algo_strength; /* strength and export flags */ + c_ulong algorithm2; /* Extra flags */ + int strength_bits; /* Number of bits really used */ + int alg_bits; /* Number of bits for algorithm */ + } + + +/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ +struct ssl_method_st { + int version_; + ExternC!(int function(SSL* s)) ssl_new; + ExternC!(void function(SSL* s)) ssl_clear; + ExternC!(void function(SSL* s)) ssl_free; + ExternC!(int function(SSL* s)) ssl_accept; + ExternC!(int function(SSL* s)) ssl_connect; + ExternC!(int function(SSL* s,void* buf,int len)) ssl_read; + ExternC!(int function(SSL* s,void* buf,int len)) ssl_peek; + ExternC!(int function(SSL* s,const(void)* buf,int len)) ssl_write; + ExternC!(int function(SSL* s)) ssl_shutdown; + ExternC!(int function(SSL* s)) ssl_renegotiate; + ExternC!(int function(SSL* s)) ssl_renegotiate_check; + ExternC!(c_long function(SSL* s, int st1, int stn, int mt, c_long + max, int* ok)) ssl_get_message; + ExternC!(int function(SSL* s, int type, ubyte* buf, int len, + int peek)) ssl_read_bytes; + ExternC!(int function(SSL* s, int type, const(void)* buf_, int len)) ssl_write_bytes; + ExternC!(int function(SSL* s)) ssl_dispatch_alert; + ExternC!(c_long function(SSL* s,int cmd,c_long larg,void* parg)) ssl_ctrl; + ExternC!(c_long function(SSL_CTX* ctx,int cmd,c_long larg,void* parg)) ssl_ctx_ctrl; + const ExternC!(SSL_CIPHER* function(const(ubyte)* ptr)) get_cipher_by_char; + ExternC!(int function(const(SSL_CIPHER)* cipher,ubyte* ptr)) put_cipher_by_char; + ExternC!(int function(const(SSL)* s)) ssl_pending; + ExternC!(int function()) num_ciphers; + const ExternC!(SSL_CIPHER* function(uint ncipher)) get_cipher; + const ExternC!(ssl_method_st* function(int version_)) get_ssl_method; + ExternC!(c_long function()) get_timeout; + struct ssl3_enc_method; + ssl3_enc_method* ssl3_enc; /* Extra SSLv3/TLS stuff */ + ExternC!(int function()) ssl_version; + ExternC!(c_long function(SSL* s, int cb_id, ExternC!(void function()) fp)) ssl_callback_ctrl; + ExternC!(c_long function(SSL_CTX* s, int cb_id, ExternC!(void function()) fp)) ssl_ctx_callback_ctrl; + } + +/* Lets make this into an ASN.1 type structure as follows + * SSL_SESSION_ID ::= SEQUENCE { + * version INTEGER, -- structure version number + * SSLversion INTEGER, -- SSL version number + * Cipher OCTET STRING, -- the 3 byte cipher ID + * Session_ID OCTET STRING, -- the Session ID + * Master_key OCTET STRING, -- the master key + * KRB5_principal OCTET STRING -- optional Kerberos principal + * Key_Arg [ 0 ] IMPLICIT OCTET STRING, -- the optional Key argument + * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time + * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds + * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate + * Session_ID_context [ 4 ] EXPLICIT OCTET STRING, -- the Session ID context + * Verify_result [ 5 ] EXPLICIT INTEGER, -- X509_V_... code for `Peer' + * HostName [ 6 ] EXPLICIT OCTET STRING, -- optional HostName from servername TLS extension + * PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint + * PSK_identity [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity + * Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket + * Ticket [10] EXPLICIT OCTET STRING, -- session ticket (clients only) + * Compression_meth [11] EXPLICIT OCTET STRING, -- optional compression method + * SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username + * } + * Look in ssl/ssl_asn1.c for more details + * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-). + */ +struct ssl_session_st + { + int ssl_version; /* what ssl version session info is + * being kept in here? */ + + /* only really used in SSLv2 */ + uint key_arg_length; + ubyte[SSL_MAX_KEY_ARG_LENGTH] key_arg; + int master_key_length; + ubyte[SSL_MAX_MASTER_KEY_LENGTH] master_key; + /* session_id - valid? */ + uint session_id_length; + ubyte[SSL_MAX_SSL_SESSION_ID_LENGTH] session_id; + /* this is used to determine whether the session is being reused in + * the appropriate context. It is up to the application to set this, + * via SSL_new */ + uint sid_ctx_length; + ubyte[SSL_MAX_SID_CTX_LENGTH] sid_ctx; + +version(OPENSSL_NO_KRB5) {} else { + uint krb5_client_princ_len; + ubyte[SSL_MAX_KRB5_PRINCIPAL_LENGTH] krb5_client_princ; +} /* OPENSSL_NO_KRB5 */ +version(OPENSSL_NO_PSK) {} else { + char* psk_identity_hint; + char* psk_identity; +} + /* Used to indicate that session resumption is not allowed. + * Applications can also set this bit for a new session via + * not_resumable_session_cb to disable session caching and tickets. */ + int not_resumable; + + /* The cert is the certificate used to establish this connection */ + struct sess_cert_st; + sess_cert_st /* SESS_CERT */ *sess_cert; + + /* This is the cert for the other end. + * On clients, it will be the same as sess_cert->peer_key->x509 + * (the latter is not enough as sess_cert is not retained + * in the external representation of sessions, see ssl_asn1.c). */ + X509* peer; + /* when app_verify_callback accepts a session where the peer's certificate + * is not ok, we must remember the error for session reuse: */ + c_long verify_result; /* only for servers */ + + int references; + c_long timeout; + c_long time; + + uint compress_meth; /* Need to lookup the method */ + + const(SSL_CIPHER)* cipher; + c_ulong cipher_id; /* when ASN.1 loaded, this + * needs to be used to load + * the 'cipher' structure */ + + STACK_OF!(SSL_CIPHER) *ciphers; /* shared ciphers? */ + + CRYPTO_EX_DATA ex_data; /* application specific data */ + + /* These are used to make removal of session-ids more + * efficient and to implement a maximum cache size. */ + ssl_session_st* prev,next; +version (OPENSSL_NO_TLSEXT) {} else { + char* tlsext_hostname; +version(OPENSSL_NO_EC) {} else { + size_t tlsext_ecpointformatlist_length; + ubyte* tlsext_ecpointformatlist; /* peer's list */ + size_t tlsext_ellipticcurvelist_length; + ubyte* tlsext_ellipticcurvelist; /* peer's list */ +} /* OPENSSL_NO_EC */ + /* RFC4507 info */ + ubyte* tlsext_tick; /* Session ticket */ + size_t tlsext_ticklen; /* Session ticket length */ + c_long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */ +} +version(OPENSSL_NO_SRP) {} else { + char *srp_username; +} + } + +} // OPENSSL_NO_SSL_INTERN + +enum SSL_OP_MICROSOFT_SESS_ID_BUG = 0x00000001; +enum SSL_OP_NETSCAPE_CHALLENGE_BUG = 0x00000002; +/* Allow initial connection to servers that don't support RI */ +enum SSL_OP_LEGACY_SERVER_CONNECT = 0x00000004; +enum SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 0x00000008; +enum SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 0x00000010; +enum SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 0x00000020; +enum SSL_OP_SAFARI_ECDHE_ECDSA_BUG = 0x00000040; +enum SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 0x00000080; +enum SSL_OP_TLS_D5_BUG = 0x00000100; +enum SSL_OP_TLS_BLOCK_PADDING_BUG = 0x00000200; + +/* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */ +enum SSL_OP_MSIE_SSLV2_RSA_PADDING = 0x0; + +/* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added + * in OpenSSL 0.9.6d. Usually (depending on the application protocol) + * the workaround is not needed. Unfortunately some broken SSL/TLS + * implementations cannot handle it at all, which is why we include + * it in SSL_OP_ALL. */ +enum SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 0x00000800; /* added in 0.9.6e */ + +/* SSL_OP_ALL: various bug workarounds that should be rather harmless. + * This used to be 0x000FFFFFL before 0.9.7. */ +enum SSL_OP_ALL = 0x80000BFFL; + +/* DTLS options */ +enum SSL_OP_NO_QUERY_MTU = 0x00001000; +/* Turn on Cookie Exchange (on relevant for servers) */ +enum SSL_OP_COOKIE_EXCHANGE = 0x00002000; +/* Don't use RFC4507 ticket extension */ +enum SSL_OP_NO_TICKET = 0x00004000; +/* Use Cisco's "speshul" version of DTLS_BAD_VER (as client) */ +enum SSL_OP_CISCO_ANYCONNECT = 0x00008000; + +/* As server, disallow session resumption on renegotiation */ +enum SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 0x00010000; +/* Don't use compression even if supported */ +enum SSL_OP_NO_COMPRESSION = 0x00020000; +/* Permit unsafe legacy renegotiation */ +enum SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION = 0x00040000; +/* If set, always create a new key when using tmp_ecdh parameters */ +enum SSL_OP_SINGLE_ECDH_USE = 0x00080000; +/* If set, always create a new key when using tmp_dh parameters */ +enum SSL_OP_SINGLE_DH_USE = 0x00100000; +/* Set to always use the tmp_rsa key when doing RSA operations, + * even when this violates protocol specs */ +enum SSL_OP_EPHEMERAL_RSA = 0x00200000; +/* Set on servers to choose the cipher according to the server's + * preferences */ +enum SSL_OP_CIPHER_SERVER_PREFERENCE = 0x00400000; +/* If set, a server will allow a client to issue a SSLv3.0 version number + * as latest version supported in the premaster secret, even when TLSv1.0 + * (version 3.1) was announced in the client hello. Normally this is + * forbidden to prevent version rollback attacks. */ +enum SSL_OP_TLS_ROLLBACK_BUG = 0x00800000; + +enum SSL_OP_NO_SSLv2 = 0x01000000; +enum SSL_OP_NO_SSLv3 = 0x02000000; +enum SSL_OP_NO_TLSv1 = 0x04000000; +enum SSL_OP_NO_TLSv1_2 = 0x08000000L; +enum SSL_OP_NO_TLSv1_1 = 0x10000000L; + +/* These next two were never actually used for anything since SSLeay + * zap so we have some more flags. + */ +/* The next flag deliberately changes the ciphertest, this is a check + * for the PKCS#1 attack */ +enum SSL_OP_PKCS1_CHECK_1 = 0x0; +enum SSL_OP_PKCS1_CHECK_2 = 0x0; + +enum SSL_OP_NETSCAPE_CA_DN_BUG = 0x20000000; +enum SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 0x40000000; +/* Make server add server-hello extension from early version of + * cryptopro draft, when GOST ciphersuite is negotiated. + * Required for interoperability with CryptoPro CSP 3.x + */ +enum SSL_OP_CRYPTOPRO_TLSEXT_BUG = 0x80000000; + +/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success + * when just a single record has been written): */ +enum SSL_MODE_ENABLE_PARTIAL_WRITE = 0x00000001; +/* Make it possible to retry SSL_write() with changed buffer location + * (buffer contents must stay the same!); this is not the default to avoid + * the misconception that non-blocking SSL_write() behaves like + * non-blocking write(): */ +enum SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = 0x00000002; +/* Never bother the application with retries if the transport + * is blocking: */ +enum SSL_MODE_AUTO_RETRY = 0x00000004; +/* Don't attempt to automatically build certificate chain */ +enum SSL_MODE_NO_AUTO_CHAIN = 0x00000008; +/* Save RAM by releasing read and write buffers when they're empty. (SSL3 and + * TLS only.) "Released" buffers are put onto a free-list in the context + * or just freed (depending on the context's setting for freelist_max_len). */ +enum SSL_MODE_RELEASE_BUFFERS = 0x00000010; +/* Send the current time in the Random fields of the ClientHello and + * ServerHello records for compatibility with hypothetical implementations + * that require it. + */ +enum SSL_MODE_SEND_CLIENTHELLO_TIME = 0x00000020L; +enum SSL_MODE_SEND_SERVERHELLO_TIME = 0x00000040L; + +/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, + * they cannot be used to clear bits. */ + +auto SSL_CTX_set_options()(SSL_CTX* ctx, c_long op) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_OPTIONS,op,null); +} +auto SSL_CTX_clear_options()(SSL_CTX* ctx, c_long op) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_OPTIONS,op,null); +} +auto SSL_CTX_get_options()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_OPTIONS,0,null); +} +auto SSL_set_options()(SSL* ssl, c_long op) { + return SSL_ctrl(ssl,SSL_CTRL_OPTIONS,op,null); +} +auto SSL_clear_options()(SSL* ssl, c_long op) { + return SSL_ctrl(ssl,SSL_CTRL_CLEAR_OPTIONS,op,null); +} +auto SSL_get_options()(SSL* ssl) { + return SSL_ctrl(ssl,SSL_CTRL_OPTIONS,0,null); +} + +auto SSL_CTX_set_mode()(SSL_CTX* ctx, c_long op) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_MODE,op,null); +} +auto SSL_CTX_clear_mode()(SSL_CTX* ctx, c_long op) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_MODE,op,null); +} +auto SSL_CTX_get_mode()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_MODE,0,null); +} +auto SSL_clear_mode()(SSL* ssl, c_long op) { + return SSL_ctrl(ssl,SSL_CTRL_CLEAR_MODE,op,null); +} +auto SSL_set_mode()(SSL* ssl, c_long op) { + return SSL_ctrl(ssl,SSL_CTRL_MODE,op,null); +} +auto SSL_get_mode()(SSL* ssl) { + return SSL_ctrl(ssl,SSL_CTRL_MODE,0,null); +} +auto SSL_set_mtu()(SSL* ssl, c_long mtu) { + return SSL_ctrl(ssl,SSL_CTRL_MTU,mtu,null); +} + +auto SSL_get_secure_renegotiation_support()(SSL* ssl) { + return SSL_ctrl(ssl,SSL_CTRL_GET_RI_SUPPORT,0,null); +} + +version(OPENSSL_NO_HEARTBEATS) {} else { + auto SSL_get_secure_renegotiation_support()(SSL* ssl) { + return SSL_ctrl(ssl,SSL_CTRL_TLS_EXT_SEND_HEARTBEAT,0,null); + } +} + +void SSL_CTX_set_msg_callback(SSL_CTX* ctx, ExternC!(void function(int write_p, int version_, int content_type, const(void)* buf, size_t len, SSL* ssl, void* arg)) cb); +void SSL_set_msg_callback(SSL* ssl, ExternC!(void function(int write_p, int version_, int content_type, const(void)* buf, size_t len, SSL* ssl, void* arg)) cb); +auto SSL_CTX_set_msg_callback_arg()(SSL_CTX* ctx, void* arg) { + return SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, arg); +} +auto SSL_CTX_set_msg_callback_arg()(SSL* ssl, void* arg) { + return SSL_CTX_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, arg); +} + +version(OPENSSL_NO_SRP) {} else { + +version(OPENSSL_NO_SSL_INTERN) {} else { + +struct srp_ctx_st + { + /* param for all the callbacks */ + void *SRP_cb_arg; + /* set client Hello login callback */ + ExternC!(int function(SSL *, int *, void *)) TLS_ext_srp_username_callback; + /* set SRP N/g param callback for verification */ + ExternC!(int function(SSL *, void *)) SRP_verify_param_callback; + /* set SRP client passwd callback */ + ExternC!(char* function(SSL *, void *)) SRP_give_srp_client_pwd_callback; + + char *login; + BIGNUM* N, g, s, B, A; + BIGNUM* a, b, v; + char* info; + int strength; + + c_ulong srp_Mask; + } +alias srp_ctx_st SRP_CTX; +} + +/* see tls_srp.c */ +int SSL_SRP_CTX_init(SSL *s); +int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx); +int SSL_SRP_CTX_free(SSL *ctx); +int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx); +int SSL_srp_server_param_with_username(SSL *s, int *ad); +int SRP_generate_server_master_secret(SSL *s,ubyte *master_key); +int SRP_Calc_A_param(SSL *s); +int SRP_generate_client_master_secret(SSL *s,ubyte *master_key); + +} + +version (Win32) { +enum SSL_MAX_CERT_LIST_DEFAULT = 1024*30; /* 30k max cert list :-) */ +} else { +enum SSL_MAX_CERT_LIST_DEFAULT = 1024*100; /* 100k max cert list :-) */ +} + +enum SSL_SESSION_CACHE_MAX_SIZE_DEFAULT = (1024*20); + +/* This callback type is used inside SSL_CTX, SSL, and in the functions that set + * them. It is used to override the generation of SSL/TLS session IDs in a + * server. Return value should be zero on an error, non-zero to proceed. Also, + * callbacks should themselves check if the id they generate is unique otherwise + * the SSL handshake will fail with an error - callbacks can do this using the + * 'ssl' value they're passed by; + * SSL_has_matching_session_id(ssl, id, *id_len) + * The length value passed in is set at the maximum size the session ID can be. + * In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback + * can alter this length to be less if desired, but under SSLv2 session IDs are + * supposed to be fixed at 16 bytes so the id will be padded after the callback + * returns in this case. It is also an error for the callback to set the size to + * zero. */ +alias ExternC!(int function(/+ FIXME: @@BUG7127@@ const+/ SSL* ssl, ubyte* id, +uint* id_len)) GEN_SESSION_CB; + +alias ssl_comp_st SSL_COMP; + +version(OPENSSL_NO_SSL_INTERN) { + struct ssl_comp_st; +} else { + struct ssl_comp_st + { + int id; + const(char)* name; +version(OPENSSL_NO_COMP) { + char* method; +} else { + COMP_METHOD* method; +} + } + +/+mixin DECLARE_STACK_OF!(SSL_COMP);+/ +mixin DECLARE_LHASH_OF!(SSL_SESSION); + +struct ssl_ctx_st + { + const(SSL_METHOD)* method; + + STACK_OF!(SSL_CIPHER) *cipher_list; + /* same as above but sorted for lookup */ + STACK_OF!(SSL_CIPHER) *cipher_list_by_id; + + x509_store_st /* X509_STORE */ *cert_store; + LHASH_OF!(SSL_SESSION) *sessions; + /* Most session-ids that will be cached, default is + * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */ + c_ulong session_cache_size; + ssl_session_st* session_cache_head; + ssl_session_st* session_cache_tail; + + /* This can have one of 2 values, ored together, + * SSL_SESS_CACHE_CLIENT, + * SSL_SESS_CACHE_SERVER, + * Default is SSL_SESSION_CACHE_SERVER, which means only + * SSL_accept which cache SSL_SESSIONS. */ + int session_cache_mode; + + /* If timeout is not 0, it is the default timeout value set + * when SSL_new() is called. This has been put in to make + * life easier to set things up */ + c_long session_timeout; + + /* If this callback is not null, it will be called each + * time a session id is added to the cache. If this function + * returns 1, it means that the callback will do a + * SSL_SESSION_free() when it has finished using it. Otherwise, + * on 0, it means the callback has finished with it. + * If remove_session_cb is not null, it will be called when + * a session-id is removed from the cache. After the call, + * OpenSSL will SSL_SESSION_free() it. */ + ExternC!(int function(ssl_st* ssl,SSL_SESSION* sess)) new_session_cb; + ExternC!(void function(ssl_ctx_st* ctx,SSL_SESSION* sess)) remove_session_cb; + ExternC!(SSL_SESSION* function(ssl_st* ssl, + ubyte* data,int len,int* copy)) get_session_cb; + + struct stats_ + { + int sess_connect; /* SSL new conn - started */ + int sess_connect_renegotiate;/* SSL reneg - requested */ + int sess_connect_good; /* SSL new conne/reneg - finished */ + int sess_accept; /* SSL new accept - started */ + int sess_accept_renegotiate;/* SSL reneg - requested */ + int sess_accept_good; /* SSL accept/reneg - finished */ + int sess_miss; /* session lookup misses */ + int sess_timeout; /* reuse attempt on timeouted session */ + int sess_cache_full; /* session removed due to full cache */ + int sess_hit; /* session reuse actually done */ + int sess_cb_hit; /* session-id that was not + * in the cache was + * passed back via the callback. This + * indicates that the application is + * supplying session-id's from other + * processes - spooky :-) */ + } + stats_ stats; + + int references; + + /* if defined, these override the X509_verify_cert() calls */ + ExternC!(int function(X509_STORE_CTX*, void*)) app_verify_callback; + void* app_verify_arg; + /* before OpenSSL 0.9.7, 'app_verify_arg' was ignored + * ('app_verify_callback' was called with just one argument) */ + + /* Default password callback. */ + pem_password_cb* default_passwd_callback; + + /* Default password callback user data. */ + void* default_passwd_callback_userdata; + + /* get client cert callback */ + ExternC!(int function(SSL* ssl, X509** x509, EVP_PKEY** pkey)) client_cert_cb; + + /* cookie generate callback */ + ExternC!(int function(SSL* ssl, ubyte* cookie, + uint* cookie_len)) app_gen_cookie_cb; + + /* verify cookie callback */ + ExternC!(int function(SSL* ssl, ubyte* cookie, + uint cookie_len)) app_verify_cookie_cb; + + CRYPTO_EX_DATA ex_data; + + const(EVP_MD)* rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */ + const(EVP_MD)* md5; /* For SSLv3/TLSv1 'ssl3-md5' */ + const(EVP_MD)* sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */ + + STACK_OF!(X509) *extra_certs; + STACK_OF!(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */ + + + /* Default values used when no per-SSL value is defined follow */ + + ExternC!(void function(const(SSL)* ssl,int type,int val)) info_callback; /* used if SSL's info_callback is NULL */ + + /* what we put in client cert requests */ + STACK_OF!(X509_NAME) *client_CA; + + + /* Default values to use in SSL structures follow (these are copied by SSL_new) */ + + c_ulong options; + c_ulong mode; + c_long max_cert_list; + + cert_st /* CERT */ *cert; + int read_ahead; + + /* callback that allows applications to peek at protocol messages */ + ExternC!(void function(int write_p, int version_, int content_type, const(void)* buf, size_t len, SSL* ssl, void* arg)) msg_callback; + void* msg_callback_arg; + + int verify_mode; + uint sid_ctx_length; + ubyte[SSL_MAX_SID_CTX_LENGTH] sid_ctx; + ExternC!(int function(int ok,X509_STORE_CTX* ctx)) default_verify_callback; /* called 'verify_callback' in the SSL */ + + /* Default generate session ID callback. */ + GEN_SESSION_CB generate_session_id; + + X509_VERIFY_PARAM* param; + +version (none) { + int purpose; /* Purpose setting */ + int trust; /* Trust setting */ +} + + int quiet_shutdown; + + /* Maximum amount of data to send in one fragment. + * actual record size can be more than this due to + * padding and MAC overheads. + */ + uint max_send_fragment; + +version(OPENSSL_NO_ENGINE) {} else { + /* Engine to pass requests for client certs to + */ + ENGINE* client_cert_engine; +} + +version(OPENSSL_NO_TLSEXT) {} else { + /* TLS extensions servername callback */ + ExternC!(int function(SSL*, int*, void*)) tlsext_servername_callback; + void* tlsext_servername_arg; + /* RFC 4507 session ticket keys */ + ubyte[16] tlsext_tick_key_name; + ubyte[16] tlsext_tick_hmac_key; + ubyte[16] tlsext_tick_aes_key; + /* Callback to support customisation of ticket key setting */ + ExternC!(int function(SSL* ssl, + ubyte* name, ubyte* iv, + EVP_CIPHER_CTX* ectx, + HMAC_CTX* hctx, int enc)) tlsext_ticket_key_cb; + + /* certificate status request info */ + /* Callback for status request */ + ExternC!(int function(SSL* ssl, void* arg)) tlsext_status_cb; + void* tlsext_status_arg; + + /* draft-rescorla-tls-opaque-prf-input-00.txt information */ + ExternC!(int function(SSL*, void* peerinput, size_t len, void* arg)) tlsext_opaque_prf_input_callback; + void* tlsext_opaque_prf_input_callback_arg; +} + +version(OPENSSL_NO_PSK) {} else { + char* psk_identity_hint; + ExternC!(uint function(SSL* ssl, const(char)* hint, char* identity, + uint max_identity_len, ubyte* psk, + uint max_psk_len)) psk_client_callback; + ExternC!(uint function(SSL* ssl, const(char)* identity, + ubyte* psk, uint max_psk_len)) psk_server_callback; +} + +version(OPENSSL_NO_BUF_FREELISTS) {} else { +enum SSL_MAX_BUF_FREELIST_LEN_DEFAULT = 32; + uint freelist_max_len; + struct ssl3_buf_freelist_st; + ssl3_buf_freelist_st* wbuf_freelist; + ssl3_buf_freelist_st* rbuf_freelist; +} +version(OPENSSL_NO_SRP) {} else { + SRP_CTX srp_ctx; /* ctx for SRP authentication */ +} + +version(OPENSSL_NO_TLSEXT) {} else { + +version(OPENSSL_NO_NEXTPROTONEG) {} else { + /* Next protocol negotiation information */ + /* (for experimental NPN extension). */ + + /* For a server, this contains a callback function by which the set of + * advertised protocols can be provided. */ + ExternC!(int function(SSL *s, const(ubyte)** buf, + uint *len, void *arg)) next_protos_advertised_cb; + void *next_protos_advertised_cb_arg; + /* For a client, this contains a callback function that selects the + * next protocol from the list provided by the server. */ + ExternC!(int function(SSL *s, ubyte** out_, + ubyte* outlen, + const(ubyte)* in_, + uint inlen, + void *arg)) next_proto_select_cb; + void *next_proto_select_cb_arg; +} + /* SRTP profiles we are willing to do from RFC 5764 */ + STACK_OF!(SRTP_PROTECTION_PROFILE) *srtp_profiles; +} + } +alias SSL_CTX = ssl_ctx_st; +} + +enum SSL_SESS_CACHE_OFF = 0x0000; +enum SSL_SESS_CACHE_CLIENT = 0x0001; +enum SSL_SESS_CACHE_SERVER = 0x0002; +enum SSL_SESS_CACHE_BOTH = (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER); +enum SSL_SESS_CACHE_NO_AUTO_CLEAR = 0x0080; +/* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */ +enum SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 0x0100; +enum SSL_SESS_CACHE_NO_INTERNAL_STORE = 0x0200; +enum SSL_SESS_CACHE_NO_INTERNAL = (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE); + +LHASH_OF!(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX* ctx); +auto SSL_CTX_sess_number()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,null); +} +auto SSL_CTX_sess_connect()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,null); +} +auto SSL_CTX_sess_connect_good()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,null); +} +auto SSL_CTX_sess_connect_renegotiate()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,null); +} +auto SSL_CTX_sess_accept()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,null); +} +auto SSL_CTX_sess_accept_renegotiate()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,null); +} +auto SSL_CTX_sess_accept_good()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,null); +} +auto SSL_CTX_sess_hits()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,null); +} +auto SSL_CTX_sess_cb_hits()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,null); +} +auto SSL_CTX_sess_misses()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,null); +} +auto SSL_CTX_sess_timeouts()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,null); +} +auto SSL_CTX_sess_cache_full()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,null); +} + +void SSL_CTX_sess_set_new_cb(SSL_CTX* ctx, ExternC!(int function(ssl_st* ssl,SSL_SESSION* sess)) new_session_cb); +ExternC!(int function(ssl_st* ssl, SSL_SESSION* sess)) SSL_CTX_sess_get_new_cb(SSL_CTX* ctx); +void SSL_CTX_sess_set_remove_cb(SSL_CTX* ctx, ExternC!(void function(ssl_ctx_st* ctx,SSL_SESSION* sess)) remove_session_cb); +ExternC!(void function(ssl_st* ssl, SSL_SESSION* sess)) SSL_CTX_sess_get_remove_cb(SSL_CTX* ctx); +void SSL_CTX_sess_set_get_cb(SSL_CTX* ctx, ExternC!(SSL_SESSION* function(ssl_st* ssl, ubyte* data,int len,int* copy)) get_session_cb); +ExternC!(SSL_SESSION* function(ssl_st* ssl, ubyte* Data, int len, int* copy)) SSL_CTX_sess_get_get_cb(SSL_CTX* ctx); +void SSL_CTX_set_info_callback(SSL_CTX* ctx, ExternC!(void function(const(SSL)* ssl,int type,int val)) cb); +ExternC!(void function(const(SSL)* ssl,int type,int val)) SSL_CTX_get_info_callback(SSL_CTX* ctx); +void SSL_CTX_set_client_cert_cb(SSL_CTX* ctx, ExternC!(int function(SSL* ssl, X509** x509, EVP_PKEY** pkey)) client_cert_cb); +ExternC!(int function(SSL* ssl, X509** x509, EVP_PKEY** pkey)) SSL_CTX_get_client_cert_cb(SSL_CTX* ctx); +version(OPENSSL_NO_ENGINE) {} else { +int SSL_CTX_set_client_cert_engine(SSL_CTX* ctx, ENGINE* e); +} +void SSL_CTX_set_cookie_generate_cb(SSL_CTX* ctx, ExternC!(int function(SSL* ssl, ubyte* cookie, uint* cookie_len)) app_gen_cookie_cb); +void SSL_CTX_set_cookie_verify_cb(SSL_CTX* ctx, ExternC!(int function(SSL* ssl, ubyte* cookie, uint cookie_len)) app_verify_cookie_cb); +version(OPENSSL_NO_NEXTPROTONEG) {} else { +void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, + ExternC!(int function(SSL *ssl, + const(ubyte)** out_, + uint* outlen, + void* arg)), + void* arg); +void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s, + ExternC!(int function(SSL *ssl, + ubyte** out_, + ubyte* outlen, + const(ubyte)* in_, + uint inlen, + void *arg)), + void *arg); + +int SSL_select_next_proto(ubyte** out_, ubyte* outlen, + const(ubyte)* in_, uint inlen, + const(ubyte)* client, uint client_len); +void SSL_get0_next_proto_negotiated(const SSL *s, + const(ubyte)** data, uint *len); + +enum OPENSSL_NPN_UNSUPPORTED = 0; +enum OPENSSL_NPN_NEGOTIATED = 1; +enum OPENSSL_NPN_NO_OVERLAP = 2; +} + +version(OPENSSL_NO_PSK) {} else { +/* the maximum length of the buffer given to callbacks containing the + * resulting identity/psk */ +enum PSK_MAX_IDENTITY_LEN = 128; +enum PSK_MAX_PSK_LEN = 256; +void SSL_CTX_set_psk_client_callback(SSL_CTX* ctx, + ExternC!(uint function(SSL* ssl, const(char)* hint, + char* identity, uint max_identity_len, ubyte* psk, + uint max_psk_len)) psk_client_callback); +void SSL_set_psk_client_callback(SSL* ssl, + ExternC!(uint function(SSL* ssl, const(char)* hint, + char* identity, uint max_identity_len, ubyte* psk, + uint max_psk_len)) psk_client_callback); +void SSL_CTX_set_psk_server_callback(SSL_CTX* ctx, + ExternC!(uint function(SSL* ssl, const(char)* identity, + ubyte* psk, uint max_psk_len)) psk_server_callback); +void SSL_set_psk_server_callback(SSL* ssl, + ExternC!(uint function(SSL* ssl, const(char)* identity, + ubyte* psk, uint max_psk_len)) psk_server_callback); +int SSL_CTX_use_psk_identity_hint(SSL_CTX* ctx, const(char)* identity_hint); +int SSL_use_psk_identity_hint(SSL* s, const(char)* identity_hint); +const(char)* SSL_get_psk_identity_hint(const(SSL)* s); +const(char)* SSL_get_psk_identity(const(SSL)* s); +} + +enum SSL_NOTHING = 1; +enum SSL_WRITING = 2; +enum SSL_READING = 3; +enum SSL_X509_LOOKUP = 4; + +/* These will only be used when doing non-blocking IO */ +auto SSL_want_nothing()(const(SSL)* s) { return (SSL_want(s) == SSL_NOTHING); } +auto SSL_want_read()(const(SSL)* s) { return (SSL_want(s) == SSL_READING); } +auto SSL_want_write()(const(SSL)* s) { return (SSL_want(s) == SSL_WRITING); } +auto SSL_want_x509_lookup()(const(SSL)* s) { return (SSL_want(s) == SSL_X509_LOOKUP); } + +enum SSL_MAC_FLAG_READ_MAC_STREAM = 1; +enum SSL_MAC_FLAG_WRITE_MAC_STREAM = 2; + +version(OPENSSL_NO_SSL_INTERN) {} else { + +struct ssl_st + { + /* protocol version + * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION, DTLS1_VERSION) + */ + int version_; + int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */ + + const(SSL_METHOD)* method; /* SSLv3 */ + + /* There are 2 BIO's even though they are normally both the + * same. This is so data can be read and written to different + * handlers */ + +version(OPENSSL_NO_BIO) { + char* rbio; /* used by SSL_read */ + char* wbio; /* used by SSL_write */ + char* bbio; +} else { + BIO* rbio; /* used by SSL_read */ + BIO* wbio; /* used by SSL_write */ + BIO* bbio; /* used during session-id reuse to concatenate + * messages */ +} + /* This holds a variable that indicates what we were doing + * when a 0 or -1 is returned. This is needed for + * non-blocking IO so we know what request needs re-doing when + * in SSL_accept or SSL_connect */ + int rwstate; + + /* true when we are actually in SSL_accept() or SSL_connect() */ + int in_handshake; + ExternC!(int function(SSL*)) handshake_func; + + /* Imagine that here's a boolean member "init" that is + * switched as soon as SSL_set_{accept/connect}_state + * is called for the first time, so that "state" and + * "handshake_func" are properly initialized. But as + * handshake_func is == 0 until then, we use this + * test instead of an "init" member. + */ + + int server; /* are we the server side? - mostly used by SSL_clear*/ + + int new_session;/* Generate a new session or reuse an old one. + * NB: For servers, the 'new' session may actually be a previously + * cached session or even the previous session unless + * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */ + int quiet_shutdown;/* don't send shutdown packets */ + int shutdown; /* we have shut things down, 0x01 sent, 0x02 + * for received */ + int state; /* where we are */ + int rstate; /* where we are when reading */ + + BUF_MEM* init_buf; /* buffer used during init */ + void* init_msg; /* pointer to handshake message body, set by ssl3_get_message() */ + int init_num; /* amount read/written */ + int init_off; /* amount read/written */ + + /* used internally to point at a raw packet */ + ubyte* packet; + uint packet_length; + + ssl2_state_st* s2; /* SSLv2 variables */ + ssl3_state_st* s3; /* SSLv3 variables */ + import deimos.openssl.dtls1; + dtls1_state_st* d1; /* DTLSv1 variables */ + + int read_ahead; /* Read as many input bytes as possible + * (for non-blocking reads) */ + + /* callback that allows applications to peek at protocol messages */ + ExternC!(void function(int write_p, int version_, int content_type, const(void)* buf, size_t len, SSL* ssl, void* arg)) msg_callback; + void* msg_callback_arg; + + int hit; /* reusing a previous session */ + + X509_VERIFY_PARAM* param; + +version (none) { + int purpose; /* Purpose setting */ + int trust; /* Trust setting */ +} + + /* crypto */ + STACK_OF!(SSL_CIPHER) *cipher_list; + STACK_OF!(SSL_CIPHER) *cipher_list_by_id; + + /* These are the ones being used, the ones in SSL_SESSION are + * the ones to be 'copied' into these ones */ + int mac_flags; + EVP_CIPHER_CTX* enc_read_ctx; /* cryptographic state */ + EVP_MD_CTX* read_hash; /* used for mac generation */ +version(OPENSSL_NO_COMP) { + char* expand; +} else { + COMP_CTX* expand; /* uncompress */ +} + + EVP_CIPHER_CTX* enc_write_ctx; /* cryptographic state */ + EVP_MD_CTX* write_hash; /* used for mac generation */ +version(OPENSSL_NO_COMP) { + char* compress; +} else { + COMP_CTX* compress; /* compression */ +} + + /* session info */ + + /* client cert? */ + /* This is used to hold the server certificate used */ + cert_st /* CERT */ *cert; + + /* the session_id_context is used to ensure sessions are only reused + * in the appropriate context */ + uint sid_ctx_length; + ubyte[SSL_MAX_SID_CTX_LENGTH] sid_ctx; + + /* This can also be in the session once a session is established */ + SSL_SESSION* session; + + /* Default generate session ID callback. */ + GEN_SESSION_CB generate_session_id; + + /* Used in SSL2 and SSL3 */ + int verify_mode; /* 0 don't care about verify failure. + * 1 fail if verify fails */ + ExternC!(int function(int ok,X509_STORE_CTX* ctx)) verify_callback; /* fail if callback returns 0 */ + + ExternC!(void function(/+ FIXME: @@BUG7127@@ const+/ SSL* ssl,int type,int val)) info_callback; /* optional informational callback */ + + int error; /* error bytes to be written */ + int error_code; /* actual code */ + +version(OPENSSL_NO_KRB5) {} else { + KSSL_CTX* kssl_ctx; /* Kerberos 5 context */ +} /* OPENSSL_NO_KRB5 */ + +version(OPENSSL_NO_PSK) {} else { + ExternC!(uint function(SSL* ssl, const(char)* hint, char* identity, + uint max_identity_len, ubyte* psk, + uint max_psk_len)) psk_client_callback; + ExternC!(uint function(SSL* ssl, const(char)* identity, + ubyte* psk, uint max_psk_len)) psk_server_callback; +} + + SSL_CTX* ctx; + /* set this flag to 1 and a sleep(1) is put into all SSL_read() + * and SSL_write() calls, good for nbio debuging :-) */ + int debug_; + + /* extra application data */ + c_long verify_result; + CRYPTO_EX_DATA ex_data; + + /* for server side, keep the list of CA_dn we can use */ + STACK_OF!(X509_NAME) *client_CA; + + int references; + c_ulong options; /* protocol behaviour */ + c_ulong mode; /* API behaviour */ + c_long max_cert_list; + int first_packet; + int client_version; /* what was passed, used for + * SSLv3/TLS rollback check */ + uint max_send_fragment; +version(OPENSSL_NO_TLSEXT) { +alias ctx session_ctx; +} else { + /* TLS extension debug callback */ + ExternC!(void function(SSL* s, int client_server, int type, + ubyte* data, int len, + void* arg)) tlsext_debug_cb; + void* tlsext_debug_arg; + char* tlsext_hostname; + int servername_done; /* no further mod of servername + 0 : call the servername extension callback. + 1 : prepare 2, allow last ack just after in server callback. + 2 : don't call servername callback, no ack in server hello + */ + /* certificate status request info */ + /* Status type or -1 if no status type */ + int tlsext_status_type; + /* Expect OCSP CertificateStatus message */ + int tlsext_status_expected; + /* OCSP status request only */ + STACK_OF!(OCSP_RESPID) *tlsext_ocsp_ids; + X509_EXTENSIONS* tlsext_ocsp_exts; + /* OCSP response received or to be sent */ + ubyte* tlsext_ocsp_resp; + int tlsext_ocsp_resplen; + + /* RFC4507 session ticket expected to be received or sent */ + int tlsext_ticket_expected; +version(OPENSSL_NO_EC) {} else { + size_t tlsext_ecpointformatlist_length; + ubyte* tlsext_ecpointformatlist; /* our list */ + size_t tlsext_ellipticcurvelist_length; + ubyte* tlsext_ellipticcurvelist; /* our list */ +} /* OPENSSL_NO_EC */ + + /* draft-rescorla-tls-opaque-prf-input-00.txt information to be used for handshakes */ + void* tlsext_opaque_prf_input; + size_t tlsext_opaque_prf_input_len; + + /* TLS Session Ticket extension override */ + TLS_SESSION_TICKET_EXT* tlsext_session_ticket; + + /* TLS Session Ticket extension callback */ + tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb; + void* tls_session_ticket_ext_cb_arg; + + /* TLS pre-shared secret session resumption */ + tls_session_secret_cb_fn tls_session_secret_cb; + void* tls_session_secret_cb_arg; + + SSL_CTX* initial_ctx; /* initial ctx, used to store sessions */ + +version(OPENSSL_NO_NEXTPROTONEG) {} else { + /* Next protocol negotiation. For the client, this is the protocol that + * we sent in NextProtocol and is set when handling ServerHello + * extensions. + * + * For a server, this is the client's selected_protocol from + * NextProtocol and is set when handling the NextProtocol message, + * before the Finished message. */ + ubyte* next_proto_negotiated; + ubyte next_proto_negotiated_len; +} + +alias initial_ctx session_ctx; + + STACK_OF!(SRTP_PROTECTION_PROFILE)* srtp_profiles; /* What we'll do */ + SRTP_PROTECTION_PROFILE* srtp_profile; /* What's been chosen */ + + uint tlsext_heartbeat; /* Is use of the Heartbeat extension negotiated? + 0: disabled + 1: enabled + 2: enabled, but not allowed to send Requests + */ + uint tlsext_hb_pending; /* Indicates if a HeartbeatRequest is in flight */ + uint tlsext_hb_seq; /* HeartbeatRequest sequence number */ +} /* OPENSSL_NO_TLSEXT */ + + int renegotiate;/* 1 if we are renegotiating. + * 2 if we are a server and are inside a handshake + * (i.e. not just sending a HelloRequest) */ + +version(OPENSSL_NO_SRP) {} else { + SRP_CTX srp_ctx; /* ctx for SRP authentication */ +} + } +alias SSL = ssl_st; +} + +public import deimos.openssl.ssl2; +public import deimos.openssl.ssl3; +public import deimos.openssl.tls1; /* This is mostly sslv3 with a few tweaks */ +public import deimos.openssl.dtls1; /* Datagram TLS */ +public import deimos.openssl.ssl23; +public import deimos.openssl.srtp; /* Support for the use_srtp extension */ + +extern (C): +nothrow: + +/* compatibility */ +auto SSL_set_app_data()(SSL* s, char* arg) { return (SSL_set_ex_data()(SSL* s,0,arg)); } +auto SSL_get_app_data()(const(SSL)* s) { return (SSL_get_ex_data()(SSL* s,0)); } +auto SSL_SESSION_set_app_data()(SSL_SESSION* s, char* a) { return (SSL_SESSION_set_ex_data()(SSL* s,0,a)); } +auto SSL_SESSION_get_app_data()(const(SSL_SESSION)* s) { return (SSL_SESSION_get_ex_data()(SSL* s,0)); } +auto SSL_CTX_get_app_data()(const(SSL_CTX)* ctx) { return (SSL_CTX_get_ex_data(ctx,0)); } +auto SSL_CTX_set_app_data()(SSL_CTX* ctx, char* arg) { return (SSL_CTX_set_ex_data(ctx,0,arg)); } + +/* The following are the possible values for ssl->state are are + * used to indicate where we are up to in the SSL connection establishment. + * The macros that follow are about the only things you should need to use + * and even then, only when using non-blocking IO. + * It can also be useful to work out where you were when the connection + * failed */ + +enum SSL_ST_CONNECT = 0x1000; +enum SSL_ST_ACCEPT = 0x2000; +enum SSL_ST_MASK = 0x0FFF; +enum SSL_ST_INIT = (SSL_ST_CONNECT|SSL_ST_ACCEPT); +enum SSL_ST_BEFORE = 0x4000; +enum SSL_ST_OK = 0x03; +enum SSL_ST_RENEGOTIATE = (0x04|SSL_ST_INIT); + +enum SSL_CB_LOOP = 0x01; +enum SSL_CB_EXIT = 0x02; +enum SSL_CB_READ = 0x04; +enum SSL_CB_WRITE = 0x08; +enum SSL_CB_ALERT = 0x4000; /* used in callback */ +enum SSL_CB_READ_ALERT = (SSL_CB_ALERT|SSL_CB_READ); +enum SSL_CB_WRITE_ALERT = (SSL_CB_ALERT|SSL_CB_WRITE); +enum SSL_CB_ACCEPT_LOOP = (SSL_ST_ACCEPT|SSL_CB_LOOP); +enum SSL_CB_ACCEPT_EXIT = (SSL_ST_ACCEPT|SSL_CB_EXIT); +enum SSL_CB_CONNECT_LOOP = (SSL_ST_CONNECT|SSL_CB_LOOP); +enum SSL_CB_CONNECT_EXIT = (SSL_ST_CONNECT|SSL_CB_EXIT); +enum SSL_CB_HANDSHAKE_START = 0x10; +enum SSL_CB_HANDSHAKE_DONE = 0x20; + +/* Is the SSL_connection established? */ +auto SSL_get_state()(const(SSL)* a) { return SSL_state(a); } +auto SSL_is_init_finished()(const(SSL)* a) { return (SSL_state(a) == SSL_ST_OK); } +auto SSL_in_init()(const(SSL)* a) { return (SSL_state(a)&SSL_ST_INIT); } +auto SSL_in_before()(const(SSL)* a) { return (SSL_state(a)&SSL_ST_BEFORE); } +auto SSL_in_connect_init()(const(SSL)* a) { return (SSL_state(a)&SSL_ST_CONNECT); } +auto SSL_in_accept_init()(const(SSL)* a) { return (SSL_state(a)&SSL_ST_ACCEPT); } + +/* The following 2 states are kept in ssl->rstate when reads fail, + * you should not need these */ +enum SSL_ST_READ_HEADER = 0xF0; +enum SSL_ST_READ_BODY = 0xF1; +enum SSL_ST_READ_DONE = 0xF2; + +/* Obtain latest Finished message + * -- that we sent (SSL_get_finished) + * -- that we expected from peer (SSL_get_peer_finished). + * Returns length (0 == no Finished so far), copies up to 'count' bytes. */ +size_t SSL_get_finished(const(SSL)* s, void* buf, size_t count); +size_t SSL_get_peer_finished(const(SSL)* s, void* buf, size_t count); + +/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options + * are 'ored' with SSL_VERIFY_PEER if they are desired */ +enum SSL_VERIFY_NONE = 0x00; +enum SSL_VERIFY_PEER = 0x01; +enum SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 0x02; +enum SSL_VERIFY_CLIENT_ONCE = 0x04; + +alias SSL_library_init OpenSSL_add_ssl_algorithms; +alias SSL_library_init SSLeay_add_ssl_algorithms; + +/* this is for backward compatibility */ +//#if 0 /* NEW_SSLEAY */ +//#define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c) +//#define SSL_set_pref_cipher(c,n) SSL_set_cipher_list(c,n) +//#define SSL_add_session(a,b) SSL_CTX_add_session((a),(b)) +//#define SSL_remove_session(a,b) SSL_CTX_remove_session((a),(b)) +//#define SSL_flush_sessions(a,b) SSL_CTX_flush_sessions((a),(b)) +//#endif +/* More backward compatibility */ +auto SSL_get_cipher()(const(SSL)* s) { + return SSL_CIPHER_get_name(SSL_get_current_cipher(s)); +} +auto SSL_get_cipher_bits()(const(SSL)* s, int np) { + return SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np); +} +auto SSL_get_cipher_version()(const(SSL)* s) { + return SSL_CIPHER_get_version(SSL_get_current_cipher(s)); +} +auto SSL_get_cipher_name()(const(SSL)* s) { + return SSL_CIPHER_get_name(SSL_get_current_cipher(s)); +} +alias SSL_SESSION_get_time SSL_get_time; +alias SSL_SESSION_set_time SSL_set_time; +alias SSL_SESSION_get_timeout SSL_get_timeout; +alias SSL_SESSION_set_timeout SSL_set_timeout; + +auto d2i_SSL_SESSION_bio()(BIO* bp,SSL_SESSION** s_id) { + return ASN1_d2i_bio_of!SSL_SESSION(&SSL_SESSION_new,&d2i_SSL_SESSION,bp,s_id); +} +auto i2d_SSL_SESSION_bio()(BIO* bp,SSL_SESSION** s_id) { + return ASN1_i2d_bio_of!SSL_SESSION(&i2d_SSL_SESSION,bp,s_id); +} + +mixin(DECLARE_PEM_rw!("SSL_SESSION", "SSL_SESSION")()); + +enum SSL_AD_REASON_OFFSET = 1000; /* offset to get SSL_R_... value from SSL_AD_... */ + +/* These alert types are for SSLv3 and TLSv1 */ +alias SSL3_AD_CLOSE_NOTIFY SSL_AD_CLOSE_NOTIFY; +alias SSL3_AD_UNEXPECTED_MESSAGE SSL_AD_UNEXPECTED_MESSAGE; /* fatal */ +alias SSL3_AD_BAD_RECORD_MAC SSL_AD_BAD_RECORD_MAC; /* fatal */ +alias TLS1_AD_DECRYPTION_FAILED SSL_AD_DECRYPTION_FAILED; +alias TLS1_AD_RECORD_OVERFLOW SSL_AD_RECORD_OVERFLOW; +alias SSL3_AD_DECOMPRESSION_FAILURE SSL_AD_DECOMPRESSION_FAILURE;/* fatal */ +alias SSL3_AD_HANDSHAKE_FAILURE SSL_AD_HANDSHAKE_FAILURE;/* fatal */ +alias SSL3_AD_NO_CERTIFICATE SSL_AD_NO_CERTIFICATE; /* Not for TLS */ +alias SSL3_AD_BAD_CERTIFICATE SSL_AD_BAD_CERTIFICATE; +alias SSL3_AD_UNSUPPORTED_CERTIFICATE SSL_AD_UNSUPPORTED_CERTIFICATE; +alias SSL3_AD_CERTIFICATE_REVOKED SSL_AD_CERTIFICATE_REVOKED; +alias SSL3_AD_CERTIFICATE_EXPIRED SSL_AD_CERTIFICATE_EXPIRED; +alias SSL3_AD_CERTIFICATE_UNKNOWN SSL_AD_CERTIFICATE_UNKNOWN; +alias SSL3_AD_ILLEGAL_PARAMETER SSL_AD_ILLEGAL_PARAMETER; /* fatal */ +alias TLS1_AD_UNKNOWN_CA SSL_AD_UNKNOWN_CA; /* fatal */ +alias TLS1_AD_ACCESS_DENIED SSL_AD_ACCESS_DENIED; /* fatal */ +alias TLS1_AD_DECODE_ERROR SSL_AD_DECODE_ERROR; /* fatal */ +alias TLS1_AD_DECRYPT_ERROR SSL_AD_DECRYPT_ERROR; +alias TLS1_AD_EXPORT_RESTRICTION SSL_AD_EXPORT_RESTRICTION;/* fatal */ +alias TLS1_AD_PROTOCOL_VERSION SSL_AD_PROTOCOL_VERSION; /* fatal */ +alias TLS1_AD_INSUFFICIENT_SECURITY SSL_AD_INSUFFICIENT_SECURITY;/* fatal */ +alias TLS1_AD_INTERNAL_ERROR SSL_AD_INTERNAL_ERROR; /* fatal */ +alias TLS1_AD_USER_CANCELLED SSL_AD_USER_CANCELLED; +alias TLS1_AD_NO_RENEGOTIATION SSL_AD_NO_RENEGOTIATION; +alias TLS1_AD_UNSUPPORTED_EXTENSION SSL_AD_UNSUPPORTED_EXTENSION; +alias TLS1_AD_CERTIFICATE_UNOBTAINABLE SSL_AD_CERTIFICATE_UNOBTAINABLE; +alias TLS1_AD_UNRECOGNIZED_NAME SSL_AD_UNRECOGNIZED_NAME; +alias TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE; +alias TLS1_AD_BAD_CERTIFICATE_HASH_VALUE SSL_AD_BAD_CERTIFICATE_HASH_VALUE; +alias TLS1_AD_UNKNOWN_PSK_IDENTITY SSL_AD_UNKNOWN_PSK_IDENTITY; /* fatal */ + +enum SSL_ERROR_NONE = 0; +enum SSL_ERROR_SSL = 1; +enum SSL_ERROR_WANT_READ = 2; +enum SSL_ERROR_WANT_WRITE = 3; +enum SSL_ERROR_WANT_X509_LOOKUP = 4; +enum SSL_ERROR_SYSCALL = 5; /* look at error stack/return value/errno */ +enum SSL_ERROR_ZERO_RETURN = 6; +enum SSL_ERROR_WANT_CONNECT = 7; +enum SSL_ERROR_WANT_ACCEPT = 8; + +enum SSL_CTRL_NEED_TMP_RSA = 1; +enum SSL_CTRL_SET_TMP_RSA = 2; +enum SSL_CTRL_SET_TMP_DH = 3; +enum SSL_CTRL_SET_TMP_ECDH = 4; +enum SSL_CTRL_SET_TMP_RSA_CB = 5; +enum SSL_CTRL_SET_TMP_DH_CB = 6; +enum SSL_CTRL_SET_TMP_ECDH_CB = 7; + +enum SSL_CTRL_GET_SESSION_REUSED = 8; +enum SSL_CTRL_GET_CLIENT_CERT_REQUEST = 9; +enum SSL_CTRL_GET_NUM_RENEGOTIATIONS = 10; +enum SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS = 11; +enum SSL_CTRL_GET_TOTAL_RENEGOTIATIONS = 12; +enum SSL_CTRL_GET_FLAGS = 13; +enum SSL_CTRL_EXTRA_CHAIN_CERT = 14; + +enum SSL_CTRL_SET_MSG_CALLBACK = 15; +enum SSL_CTRL_SET_MSG_CALLBACK_ARG = 16; + +/* only applies to datagram connections */ +enum SSL_CTRL_SET_MTU = 17; +/* Stats */ +enum SSL_CTRL_SESS_NUMBER = 20; +enum SSL_CTRL_SESS_CONNECT = 21; +enum SSL_CTRL_SESS_CONNECT_GOOD = 22; +enum SSL_CTRL_SESS_CONNECT_RENEGOTIATE = 23; +enum SSL_CTRL_SESS_ACCEPT = 24; +enum SSL_CTRL_SESS_ACCEPT_GOOD = 25; +enum SSL_CTRL_SESS_ACCEPT_RENEGOTIATE = 26; +enum SSL_CTRL_SESS_HIT = 27; +enum SSL_CTRL_SESS_CB_HIT = 28; +enum SSL_CTRL_SESS_MISSES = 29; +enum SSL_CTRL_SESS_TIMEOUTS = 30; +enum SSL_CTRL_SESS_CACHE_FULL = 31; +enum SSL_CTRL_OPTIONS = 32; +enum SSL_CTRL_MODE = 33; + +enum SSL_CTRL_GET_READ_AHEAD = 40; +enum SSL_CTRL_SET_READ_AHEAD = 41; +enum SSL_CTRL_SET_SESS_CACHE_SIZE = 42; +enum SSL_CTRL_GET_SESS_CACHE_SIZE = 43; +enum SSL_CTRL_SET_SESS_CACHE_MODE = 44; +enum SSL_CTRL_GET_SESS_CACHE_MODE = 45; + +enum SSL_CTRL_GET_MAX_CERT_LIST = 50; +enum SSL_CTRL_SET_MAX_CERT_LIST = 51; + +enum SSL_CTRL_SET_MAX_SEND_FRAGMENT = 52; + +/* see tls1.h for macros based on these */ +version(OPENSSL_NO_TLSEXT) {} else { +enum SSL_CTRL_SET_TLSEXT_SERVERNAME_CB = 53; +enum SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG = 54; +enum SSL_CTRL_SET_TLSEXT_HOSTNAME = 55; +enum SSL_CTRL_SET_TLSEXT_DEBUG_CB = 56; +enum SSL_CTRL_SET_TLSEXT_DEBUG_ARG = 57; +enum SSL_CTRL_GET_TLSEXT_TICKET_KEYS = 58; +enum SSL_CTRL_SET_TLSEXT_TICKET_KEYS = 59; +enum SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT = 60; +enum SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB = 61; +enum SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG = 62; +enum SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB = 63; +enum SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG = 64; +enum SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE = 65; +enum SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS = 66; +enum SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS = 67; +enum SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS = 68; +enum SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS = 69; +enum SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP = 70; +enum SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP = 71; + +enum SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB = 72; + +enum SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB = 75; +enum SSL_CTRL_SET_SRP_VERIFY_PARAM_CB = 76; +enum SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB = 77; + +enum SSL_CTRL_SET_SRP_ARG = 78; +enum SSL_CTRL_SET_TLS_EXT_SRP_USERNAME = 79; +enum SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH = 80; +enum SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD = 81; +version(OPENSSL_NO_HEARTBEATS) {} else { + enum SSL_CTRL_TLS_EXT_SEND_HEARTBEAT = 85; + enum SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING = 86; + enum SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS = 87; +} +} + +enum DTLS_CTRL_GET_TIMEOUT = 73; +enum DTLS_CTRL_HANDLE_TIMEOUT = 74; +enum DTLS_CTRL_LISTEN = 75; + +enum SSL_CTRL_GET_RI_SUPPORT = 76; +enum SSL_CTRL_CLEAR_OPTIONS = 77; +enum SSL_CTRL_CLEAR_MODE = 78; + +enum SSL_CTRL_GET_EXTRA_CHAIN_CERTS = 82; +enum SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS = 83; + +auto DTLSv1_get_timeout()(SSL* ssl, void* arg) { + return SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0,arg); +} +auto DTLSv1_handle_timeout()(SSL* ssl) { + return SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0,null); +} +auto DTLSv1_listen()(SSL* ssl, void* peer) { + return SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0,peer); +} + +auto SSL_session_reused()(SSL* ssl) { + return SSL_ctrl(ssl,SSL_CTRL_GET_SESSION_REUSED,0,null); +} +auto SSL_session_reused()(SSL* ssl) { + return SSL_ctrl(ssl,SSL_CTRL_GET_SESSION_REUSED,0,null); +} +auto SSL_num_renegotiations()(SSL* ssl) { + return SSL_ctrl(ssl,SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,null); +} +auto SSL_clear_num_renegotiations()(SSL* ssl) { + return SSL_ctrl(ssl,SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,null); +} +auto SSL_total_renegotiations()(SSL* ssl) { + return SSL_ctrl(ssl,SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,null); +} + +auto SSL_CTX_need_tmp_RSA()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,null); +} +auto SSL_CTX_set_tmp_rsa()(SSL_CTX* ctx, void* rsa) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,rsa); +} +auto SSL_CTX_set_tmp_dh()(SSL_CTX* ctx, void* dh) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,dh); +} +auto SSL_CTX_set_tmp_ecdh()(SSL_CTX* ctx, void* ecdh) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,ecdh); +} + +auto SSL_need_tmp_RSA()(SSL* ssl) { + return SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,null); +} +auto SSL_set_tmp_rsa()(SSL* ssl, void* rsa) { + return SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,rsa); +} +auto SSL_set_tmp_dh()(SSL* ssl, void* dh) { + return SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,dh); +} +auto SSL_set_tmp_ecdh()(SSL* ssl, void* ecdh) { + return SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,ecdh); +} + +auto SSL_CTX_add_extra_chain_cert()(SSL_CTX* ctx, void* x509) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,x509); +} +auto SSL_CTX_get_extra_chain_certs()(SSL_CTX* ctx, void* x509) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509); +} +auto SSL_CTX_clear_extra_chain_certs()(SSL_CTX* ctx, void* x509) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,null); +} + +version(OPENSSL_NO_BIO) {} else { +BIO_METHOD* BIO_f_ssl(); +BIO* BIO_new_ssl(SSL_CTX* ctx,int client); +BIO* BIO_new_ssl_connect(SSL_CTX* ctx); +BIO* BIO_new_buffer_ssl_connect(SSL_CTX* ctx); +int BIO_ssl_copy_session_id(BIO* to,BIO* from); +void BIO_ssl_shutdown(BIO* ssl_bio); + +} + +int SSL_CTX_set_cipher_list(SSL_CTX*,const(char)* str); +SSL_CTX* SSL_CTX_new(const(SSL_METHOD)* meth); +void SSL_CTX_free(SSL_CTX*); +c_long SSL_CTX_set_timeout(SSL_CTX* ctx,c_long t); +c_long SSL_CTX_get_timeout(const(SSL_CTX)* ctx); +X509_STORE* SSL_CTX_get_cert_store(const(SSL_CTX)*); +void SSL_CTX_set_cert_store(SSL_CTX*,X509_STORE*); +int SSL_want(const(SSL)* s); +int SSL_clear(SSL* s); + +void SSL_CTX_flush_sessions(SSL_CTX* ctx,c_long tm); + +const(SSL_CIPHER)* SSL_get_current_cipher(const(SSL)* s); +int SSL_CIPHER_get_bits(const(SSL_CIPHER)* c,int* alg_bits); +char* SSL_CIPHER_get_version(const(SSL_CIPHER)* c); +const(char)* SSL_CIPHER_get_name(const(SSL_CIPHER)* c); +c_ulong SSL_CIPHER_get_id(const SSL_CIPHER *c); + +int SSL_get_fd(const(SSL)* s); +int SSL_get_rfd(const(SSL)* s); +int SSL_get_wfd(const(SSL)* s); +const(char)* SSL_get_cipher_list(const(SSL)* s,int n); +char* SSL_get_shared_ciphers(const(SSL)* s, char* buf, int len); +int SSL_get_read_ahead(const(SSL)* s); +int SSL_pending(const(SSL)* s); +version(OPENSSL_NO_SOCK) {} else { +int SSL_set_fd(SSL* s, int fd); +int SSL_set_rfd(SSL* s, int fd); +int SSL_set_wfd(SSL* s, int fd); +} +version(OPENSSL_NO_BIO) {} else { +void SSL_set_bio(SSL* s, BIO* rbio,BIO* wbio); +BIO* SSL_get_rbio(const(SSL)* s); +BIO* SSL_get_wbio(const(SSL)* s); +} +int SSL_set_cipher_list(SSL* s, const(char)* str); +void SSL_set_read_ahead(SSL* s, int yes); +int SSL_get_verify_mode(const(SSL)* s); +int SSL_get_verify_depth(const(SSL)* s); +int function(int,X509_STORE_CTX*) SSL_get_verify_callback(const(SSL)* s); +void SSL_set_verify(SSL* s, int mode, + ExternC!(int function(int ok,X509_STORE_CTX* ctx)) callback); +void SSL_set_verify_depth(SSL* s, int depth); +version(OPENSSL_NO_RSA) {} else { +int SSL_use_RSAPrivateKey(SSL* ssl, RSA* rsa); +} +int SSL_use_RSAPrivateKey_ASN1(SSL* ssl, ubyte* d, c_long len); +int SSL_use_PrivateKey(SSL* ssl, EVP_PKEY* pkey); +int SSL_use_PrivateKey_ASN1(int pk,SSL* ssl, const(ubyte)* d, c_long len); +int SSL_use_certificate(SSL* ssl, X509* x); +int SSL_use_certificate_ASN1(SSL* ssl, const(ubyte)* d, int len); + +version (OPENSSL_NO_STDIO) {} else { +int SSL_use_RSAPrivateKey_file(SSL* ssl, const(char)* file, int type); +int SSL_use_PrivateKey_file(SSL* ssl, const(char)* file, int type); +int SSL_use_certificate_file(SSL* ssl, const(char)* file, int type); +int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX* ctx, const(char)* file, int type); +int SSL_CTX_use_PrivateKey_file(SSL_CTX* ctx, const(char)* file, int type); +int SSL_CTX_use_certificate_file(SSL_CTX* ctx, const(char)* file, int type); +int SSL_CTX_use_certificate_chain_file(SSL_CTX* ctx, const(char)* file); /* PEM type */ +STACK_OF!(X509_NAME) *SSL_load_client_CA_file(const(char)* file); +int SSL_add_file_cert_subjects_to_stack(STACK_OF!(X509_NAME) *stackCAs, + const(char)* file); +//#ifndef OPENSSL_SYS_VMS +//#ifndef OPENSSL_SYS_MACINTOSH_CLASSIC /* XXXXX: Better scheme needed! [was: #ifndef MAC_OS_pre_X] */ +int SSL_add_dir_cert_subjects_to_stack(STACK_OF!(X509_NAME) *stackCAs, + const(char)* dir); +//#endif +//#endif +} + +void SSL_load_error_strings(); +const(char)* SSL_state_string(const(SSL)* s); +const(char)* SSL_rstate_string(const(SSL)* s); +const(char)* SSL_state_string_long(const(SSL)* s); +const(char)* SSL_rstate_string_long(const(SSL)* s); +c_long SSL_SESSION_get_time(const(SSL_SESSION)* s); +c_long SSL_SESSION_set_time(SSL_SESSION* s, c_long t); +c_long SSL_SESSION_get_timeout(const(SSL_SESSION)* s); +c_long SSL_SESSION_set_timeout(SSL_SESSION* s, c_long t); +void SSL_copy_session_id(SSL* to,const(SSL)* from); +X509 *SSL_SESSION_get0_peer(SSL_SESSION *s); +int SSL_SESSION_set1_id_context(SSL_SESSION *s,const(ubyte)* sid_ctx, + uint sid_ctx_len); + +SSL_SESSION* SSL_SESSION_new(); +const(ubyte)* SSL_SESSION_get_id(const(SSL_SESSION)* s, + uint* len); +uint SSL_SESSION_get_compress_id(const SSL_SESSION *s); +version(OPENSSL_NO_FP_API) {} else { +int SSL_SESSION_print_fp(FILE* fp,const(SSL_SESSION)* ses); +} +version(OPENSSL_NO_BIO) {} else { +int SSL_SESSION_print(BIO* fp,const(SSL_SESSION)* ses); +} +void SSL_SESSION_free(SSL_SESSION* ses); +int i2d_SSL_SESSION(SSL_SESSION* in_,ubyte** pp); +int SSL_set_session(SSL* to, SSL_SESSION* session); +int SSL_CTX_add_session(SSL_CTX* s, SSL_SESSION* c); +int SSL_CTX_remove_session(SSL_CTX*,SSL_SESSION* c); +int SSL_CTX_set_generate_session_id(SSL_CTX*, GEN_SESSION_CB); +int SSL_set_generate_session_id(SSL*, GEN_SESSION_CB); +int SSL_has_matching_session_id(const(SSL)* ssl, const(ubyte)* id, + uint id_len); +SSL_SESSION* d2i_SSL_SESSION(SSL_SESSION** a,const(ubyte)** pp, + c_long length); + +//#ifdef HEADER_X509_H +X509* SSL_get_peer_certificate(const(SSL)* s); +//#endif + +STACK_OF!(X509) *SSL_get_peer_cert_chain(const(SSL)* s); + +int SSL_CTX_get_verify_mode(const(SSL_CTX)* ctx); +int SSL_CTX_get_verify_depth(const(SSL_CTX)* ctx); +ExternC!(int function(int,X509_STORE_CTX*)) SSL_CTX_get_verify_callback(const(SSL_CTX)* ctx); +void SSL_CTX_set_verify(SSL_CTX* ctx,int mode, + ExternC!(int function(int, X509_STORE_CTX*)) callback); +void SSL_CTX_set_verify_depth(SSL_CTX* ctx,int depth); +void SSL_CTX_set_cert_verify_callback(SSL_CTX* ctx, ExternC!(int function(X509_STORE_CTX*,void*)) cb, void* arg); +version(OPENSSL_NO_RSA) {} else { +int SSL_CTX_use_RSAPrivateKey(SSL_CTX* ctx, RSA* rsa); +} +int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX* ctx, const(ubyte)* d, c_long len); +int SSL_CTX_use_PrivateKey(SSL_CTX* ctx, EVP_PKEY* pkey); +int SSL_CTX_use_PrivateKey_ASN1(int pk,SSL_CTX* ctx, + const(ubyte)* d, c_long len); +int SSL_CTX_use_certificate(SSL_CTX* ctx, X509* x); +int SSL_CTX_use_certificate_ASN1(SSL_CTX* ctx, int len, const(ubyte)* d); + +void SSL_CTX_set_default_passwd_cb(SSL_CTX* ctx, pem_password_cb* cb); +void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX* ctx, void* u); + +int SSL_CTX_check_private_key(const(SSL_CTX)* ctx); +int SSL_check_private_key(const(SSL)* ctx); + +int SSL_CTX_set_session_id_context(SSL_CTX* ctx,const(ubyte)* sid_ctx, + uint sid_ctx_len); + +SSL* SSL_new(SSL_CTX* ctx); +int SSL_set_session_id_context(SSL* ssl,const(ubyte)* sid_ctx, + uint sid_ctx_len); + +int SSL_CTX_set_purpose(SSL_CTX* s, int purpose); +int SSL_set_purpose(SSL* s, int purpose); +int SSL_CTX_set_trust(SSL_CTX* s, int trust); +int SSL_set_trust(SSL* s, int trust); + +int SSL_CTX_set1_param(SSL_CTX* ctx, X509_VERIFY_PARAM* vpm); +int SSL_set1_param(SSL* ssl, X509_VERIFY_PARAM* vpm); + +version(OPENSSL_NO_SRP) {} else { +int SSL_CTX_set_srp_username(SSL_CTX *ctx,char *name); +int SSL_CTX_set_srp_password(SSL_CTX *ctx,char *password); +int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength); +int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx, + ExternC!(char function(SSL *,void *)) cb); +int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx, + ExternC!(char function(SSL *,void *)) cb); +int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx, + ExternC!(char function(SSL *,int *,void *)) cb); +int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg); + +int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g, + BIGNUM *sa, BIGNUM *v, char *info); +int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass, + const char *grp); + +BIGNUM *SSL_get_srp_g(SSL *s); +BIGNUM *SSL_get_srp_N(SSL *s); + +char *SSL_get_srp_username(SSL *s); +char *SSL_get_srp_userinfo(SSL *s); +} + +void SSL_free(SSL* ssl); +int SSL_accept(SSL* ssl); +int SSL_connect(SSL* ssl); +int SSL_read(SSL* ssl,void* buf,int num); +int SSL_peek(SSL* ssl,void* buf,int num); +int SSL_write(SSL* ssl,const(void)* buf,int num); +c_long SSL_ctrl(SSL* ssl,int cmd, c_long larg, void* parg); +c_long SSL_callback_ctrl(SSL*, int, ExternC!(void function()) ); +c_long SSL_CTX_ctrl(SSL_CTX* ctx,int cmd, c_long larg, void* parg); +c_long SSL_CTX_callback_ctrl(SSL_CTX*, int, ExternC!(void function()) ); + +int SSL_get_error(const(SSL)* s,int ret_code); +const(char)* SSL_get_version(const(SSL)* s); + +/* This sets the 'default' SSL version that SSL_new() will create */ +int SSL_CTX_set_ssl_version(SSL_CTX* ctx, const(SSL_METHOD)* meth); + +const(SSL_METHOD)* SSLv3_method(); /* SSLv3 */ +const(SSL_METHOD)* SSLv3_server_method(); /* SSLv3 */ +const(SSL_METHOD)* SSLv3_client_method(); /* SSLv3 */ + +const(SSL_METHOD)* TLS_method(); /* handshake SSLv3 or later, negotiate to highest possible security */ +const(SSL_METHOD)* TLS_server_method(); /* see above */ +const(SSL_METHOD)* TLS_client_method(); /* see above */ + +const(SSL_METHOD)* TLSv1_method(); /* TLSv1.0 */ +const(SSL_METHOD)* TLSv1_server_method(); /* TLSv1.0 */ +const(SSL_METHOD)* TLSv1_client_method(); /* TLSv1.0 */ + +const(SSL_METHOD)* TLSv1_1_method(); /* TLSv1.1 */ +const(SSL_METHOD)* TLSv1_1_server_method(); /* TLSv1.1 */ +const(SSL_METHOD)* TLSv1_1_client_method(); /* TLSv1.1 */ + +const(SSL_METHOD)* TLSv1_2_method(); /* TLSv1.2 */ +const(SSL_METHOD)* TLSv1_2_server_method(); /* TLSv1.2 */ +const(SSL_METHOD)* TLSv1_2_client_method(); /* TLSv1.2 */ + +const(SSL_METHOD)* DTLSv1_method(); /* DTLSv1.0 */ +const(SSL_METHOD)* DTLSv1_server_method(); /* DTLSv1.0 */ +const(SSL_METHOD)* DTLSv1_client_method(); /* DTLSv1.0 */ + +STACK_OF!(SSL_CIPHER) *SSL_get_ciphers(const(SSL)* s); + +int SSL_do_handshake(SSL* s); +int SSL_renegotiate(SSL* s); +int SSL_renegotiate_abbreviated(SSL *s); +int SSL_renegotiate_pending(SSL* s); +int SSL_shutdown(SSL* s); + +const(SSL_METHOD)* SSL_get_ssl_method(SSL* s); +int SSL_set_ssl_method(SSL* s, const(SSL_METHOD)* method); +const(char)* SSL_alert_type_string_long(int value); +const(char)* SSL_alert_type_string(int value); +const(char)* SSL_alert_desc_string_long(int value); +const(char)* SSL_alert_desc_string(int value); + +void SSL_set_client_CA_list(SSL* s, STACK_OF!(X509_NAME) *name_list); +void SSL_CTX_set_client_CA_list(SSL_CTX* ctx, STACK_OF!(X509_NAME) *name_list); +STACK_OF!(X509_NAME) *SSL_get_client_CA_list(const(SSL)* s); +STACK_OF!(X509_NAME) *SSL_CTX_get_client_CA_list(const(SSL_CTX)* s); +int SSL_add_client_CA(SSL* ssl,X509* x); +int SSL_CTX_add_client_CA(SSL_CTX* ctx,X509* x); + +void SSL_set_connect_state(SSL* s); +void SSL_set_accept_state(SSL* s); + +c_long SSL_get_default_timeout(const(SSL)* s); + +int SSL_library_init(); + +char* SSL_CIPHER_description(const(SSL_CIPHER)*,char* buf,int size); +STACK_OF!(X509_NAME) *SSL_dup_CA_list(STACK_OF!(X509_NAME) *sk); + +SSL* SSL_dup(SSL* ssl); + +X509* SSL_get_certificate(const(SSL)* ssl); +/* EVP_PKEY */ evp_pkey_st* SSL_get_privatekey(SSL* ssl); + +void SSL_CTX_set_quiet_shutdown(SSL_CTX* ctx,int mode); +int SSL_CTX_get_quiet_shutdown(const(SSL_CTX)* ctx); +void SSL_set_quiet_shutdown(SSL* ssl,int mode); +int SSL_get_quiet_shutdown(const(SSL)* ssl); +void SSL_set_shutdown(SSL* ssl,int mode); +int SSL_get_shutdown(const(SSL)* ssl); +int SSL_version(const(SSL)* ssl); +int SSL_CTX_set_default_verify_paths(SSL_CTX* ctx); +int SSL_CTX_load_verify_locations(SSL_CTX* ctx, const(char)* CAfile, + const(char)* CApath); +alias SSL_get_session SSL_get0_session; /* just peek at pointer */ +SSL_SESSION* SSL_get_session(const(SSL)* ssl); +SSL_SESSION* SSL_get1_session(SSL* ssl); /* obtain a reference count */ +SSL_CTX* SSL_get_SSL_CTX(const(SSL)* ssl); +SSL_CTX* SSL_set_SSL_CTX(SSL* ssl, SSL_CTX* ctx); +void SSL_set_info_callback(SSL* ssl, + ExternC!(void function(const(SSL)* ssl,int type,int val)) cb); +ExternC!(void function(const(SSL)* ssl,int type,int val)) SSL_get_info_callback(const(SSL)* ssl); +int SSL_state(const(SSL)* ssl); +void SSL_set_state(SSL *ssl, int state); + +void SSL_set_verify_result(SSL* ssl,c_long v); +c_long SSL_get_verify_result(const(SSL)* ssl); + +int SSL_set_ex_data(SSL* ssl,int idx,void* data); +void* SSL_get_ex_data(const(SSL)* ssl,int idx); +int SSL_get_ex_new_index(c_long argl, void* argp, CRYPTO_EX_new* new_func, + CRYPTO_EX_dup* dup_func, CRYPTO_EX_free* free_func); + +int SSL_SESSION_set_ex_data(SSL_SESSION* ss,int idx,void* data); +void* SSL_SESSION_get_ex_data(const(SSL_SESSION)* ss,int idx); +int SSL_SESSION_get_ex_new_index(c_long argl, void* argp, CRYPTO_EX_new* new_func, + CRYPTO_EX_dup* dup_func, CRYPTO_EX_free* free_func); + +int SSL_CTX_set_ex_data(SSL_CTX* ssl,int idx,void* data); +void* SSL_CTX_get_ex_data(const(SSL_CTX)* ssl,int idx); +int SSL_CTX_get_ex_new_index(c_long argl, void* argp, CRYPTO_EX_new* new_func, + CRYPTO_EX_dup* dup_func, CRYPTO_EX_free* free_func); + +int SSL_get_ex_data_X509_STORE_CTX_idx(); + +auto SSL_CTX_sess_set_cache_size()(SSL_CTX* ctx, c_long t) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,null); +} +auto SSL_CTX_sess_get_cache_size()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,null); +} +auto SSL_CTX_set_session_cache_mode()(SSL_CTX* ctx, c_long m) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,null); +} +auto SSL_CTX_get_session_cache_mode()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,null); +} + +alias SSL_CTX_get_read_ahead SSL_CTX_get_default_read_ahead; +alias SSL_CTX_set_read_ahead SSL_CTX_set_default_read_ahead; +auto SSL_CTX_get_read_ahead()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,null); +} +auto SSL_CTX_set_read_ahead()(SSL_CTX* ctx, c_long m) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,null); +} +auto SSL_CTX_get_max_cert_list()(SSL_CTX* ctx) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,null); +} +auto SSL_CTX_set_max_cert_list()(SSL_CTX* ctx, c_long m) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,null); +} +auto SSL_get_max_cert_list()(SSL* ssl) { + SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,null); +} +auto SSL_set_max_cert_list()(SSL* ssl,c_long m) { + SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,null); +} + +auto SSL_CTX_set_max_send_fragment()(SSL_CTX* ctx, c_long m) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,null); +} +auto SSL_set_max_send_fragment()(SSL* ssl,m) { + SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,null); +} + + /* NB: the keylength is only applicable when is_export is true */ +version(OPENSSL_NO_RSA) {} else { +void SSL_CTX_set_tmp_rsa_callback(SSL_CTX* ctx, + ExternC!(RSA* function(SSL* ssl,int is_export, + int keylength)) cb); + +void SSL_set_tmp_rsa_callback(SSL* ssl, + ExternC!(RSA* function(SSL* ssl,int is_export, + int keylength)) cb); +} +version(OPENSSL_NO_DH) {} else { +void SSL_CTX_set_tmp_dh_callback(SSL_CTX* ctx, + ExternC!(DH* function(SSL* ssl,int is_export, + int keylength)) dh); +void SSL_set_tmp_dh_callback(SSL* ssl, + ExternC!(DH* function(SSL* ssl,int is_export, + int keylength)) dh); +} +version(OPENSSL_NO_ECDH) {} else { +void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX* ctx, + ExternC!(EC_KEY* function(SSL* ssl,int is_export, + int keylength)) ecdh); +void SSL_set_tmp_ecdh_callback(SSL* ssl, + ExternC!(EC_KEY* function(SSL* ssl,int is_export, + int keylength)) ecdh); +} + +version(OPENSSL_NO_COMP) { +const(void)* SSL_get_current_compression(SSL* s); +const(void)* SSL_get_current_expansion(SSL* s); +const(char)* SSL_COMP_get_name(const(void)* comp); +void* SSL_COMP_get_compression_methods(); +int SSL_COMP_add_compression_method(int id,void* cm); +} else { +const(COMP_METHOD)* SSL_get_current_compression(SSL* s); +const(COMP_METHOD)* SSL_get_current_expansion(SSL* s); +const(char)* SSL_COMP_get_name(const(COMP_METHOD)* comp); +STACK_OF!(SSL_COMP) *SSL_COMP_get_compression_methods(); +int SSL_COMP_add_compression_method(int id,COMP_METHOD* cm); +} + +/* TLS extensions functions */ +int SSL_set_session_ticket_ext(SSL* s, void* ext_data, int ext_len); + +int SSL_set_session_ticket_ext_cb(SSL* s, tls_session_ticket_ext_cb_fn cb, + void* arg); + +/* Pre-shared secret session resumption functions */ +int SSL_set_session_secret_cb(SSL* s, tls_session_secret_cb_fn tls_session_secret_cb, void* arg); + +void SSL_set_debug(SSL *s, int debug_); +int SSL_cache_hit(SSL *s); + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_SSL_strings(); + +/* Error codes for the SSL functions. */ + +/* Function codes. */ +enum SSL_F_CLIENT_CERTIFICATE = 100; +enum SSL_F_CLIENT_FINISHED = 167; +enum SSL_F_CLIENT_HELLO = 101; +enum SSL_F_CLIENT_MASTER_KEY = 102; +enum SSL_F_D2I_SSL_SESSION = 103; +enum SSL_F_DO_DTLS1_WRITE = 245; +enum SSL_F_DO_SSL3_WRITE = 104; +enum SSL_F_DTLS1_ACCEPT = 246; +enum SSL_F_DTLS1_ADD_CERT_TO_BUF = 295; +enum SSL_F_DTLS1_BUFFER_RECORD = 247; +enum SSL_F_DTLS1_CHECK_TIMEOUT_NUM = 316; +enum SSL_F_DTLS1_CLIENT_HELLO = 248; +enum SSL_F_DTLS1_CONNECT = 249; +enum SSL_F_DTLS1_ENC = 250; +enum SSL_F_DTLS1_GET_HELLO_VERIFY = 251; +enum SSL_F_DTLS1_GET_MESSAGE = 252; +enum SSL_F_DTLS1_GET_MESSAGE_FRAGMENT = 253; +enum SSL_F_DTLS1_GET_RECORD = 254; +enum SSL_F_DTLS1_HANDLE_TIMEOUT = 297; +enum SSL_F_DTLS1_HEARTBEAT = 305; +enum SSL_F_DTLS1_OUTPUT_CERT_CHAIN = 255; +enum SSL_F_DTLS1_PREPROCESS_FRAGMENT = 288; +enum SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE = 256; +enum SSL_F_DTLS1_PROCESS_RECORD = 257; +enum SSL_F_DTLS1_READ_BYTES = 258; +enum SSL_F_DTLS1_READ_FAILED = 259; +enum SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST = 260; +enum SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE = 261; +enum SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE = 262; +enum SSL_F_DTLS1_SEND_CLIENT_VERIFY = 263; +enum SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST = 264; +enum SSL_F_DTLS1_SEND_SERVER_CERTIFICATE = 265; +enum SSL_F_DTLS1_SEND_SERVER_HELLO = 266; +enum SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE = 267; +enum SSL_F_DTLS1_WRITE_APP_DATA_BYTES = 268; +enum SSL_F_GET_CLIENT_FINISHED = 105; +enum SSL_F_GET_CLIENT_HELLO = 106; +enum SSL_F_GET_CLIENT_MASTER_KEY = 107; +enum SSL_F_GET_SERVER_FINISHED = 108; +enum SSL_F_GET_SERVER_HELLO = 109; +enum SSL_F_GET_SERVER_VERIFY = 110; +enum SSL_F_I2D_SSL_SESSION = 111; +enum SSL_F_READ_N = 112; +enum SSL_F_REQUEST_CERTIFICATE = 113; +enum SSL_F_SERVER_FINISH = 239; +enum SSL_F_SERVER_HELLO = 114; +enum SSL_F_SERVER_VERIFY = 240; +enum SSL_F_SSL23_ACCEPT = 115; +enum SSL_F_SSL23_CLIENT_HELLO = 116; +enum SSL_F_SSL23_CONNECT = 117; +enum SSL_F_SSL23_GET_CLIENT_HELLO = 118; +enum SSL_F_SSL23_GET_SERVER_HELLO = 119; +enum SSL_F_SSL23_PEEK = 237; +enum SSL_F_SSL23_READ = 120; +enum SSL_F_SSL23_WRITE = 121; +enum SSL_F_SSL2_ACCEPT = 122; +enum SSL_F_SSL2_CONNECT = 123; +enum SSL_F_SSL2_ENC_INIT = 124; +enum SSL_F_SSL2_GENERATE_KEY_MATERIAL = 241; +enum SSL_F_SSL2_PEEK = 234; +enum SSL_F_SSL2_READ = 125; +enum SSL_F_SSL2_READ_INTERNAL = 236; +enum SSL_F_SSL2_SET_CERTIFICATE = 126; +enum SSL_F_SSL2_WRITE = 127; +enum SSL_F_SSL3_ACCEPT = 128; +enum SSL_F_SSL3_ADD_CERT_TO_BUF = 296; +enum SSL_F_SSL3_CALLBACK_CTRL = 233; +enum SSL_F_SSL3_CHANGE_CIPHER_STATE = 129; +enum SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM = 130; +enum SSL_F_SSL3_CHECK_CLIENT_HELLO = 304; +enum SSL_F_SSL3_CLIENT_HELLO = 131; +enum SSL_F_SSL3_CONNECT = 132; +enum SSL_F_SSL3_CTRL = 213; +enum SSL_F_SSL3_CTX_CTRL = 133; +enum SSL_F_SSL3_DIGEST_CACHED_RECORDS = 293; +enum SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC = 292; +enum SSL_F_SSL3_ENC = 134; +enum SSL_F_SSL3_GENERATE_KEY_BLOCK = 238; +enum SSL_F_SSL3_GET_CERTIFICATE_REQUEST = 135; +enum SSL_F_SSL3_GET_CERT_STATUS = 289; +enum SSL_F_SSL3_GET_CERT_VERIFY = 136; +enum SSL_F_SSL3_GET_CLIENT_CERTIFICATE = 137; +enum SSL_F_SSL3_GET_CLIENT_HELLO = 138; +enum SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE = 139; +enum SSL_F_SSL3_GET_FINISHED = 140; +enum SSL_F_SSL3_GET_KEY_EXCHANGE = 141; +enum SSL_F_SSL3_GET_MESSAGE = 142; +enum SSL_F_SSL3_GET_NEW_SESSION_TICKET = 283; +enum SSL_F_SSL3_GET_NEXT_PROTO = 306; +enum SSL_F_SSL3_GET_RECORD = 143; +enum SSL_F_SSL3_GET_SERVER_CERTIFICATE = 144; +enum SSL_F_SSL3_GET_SERVER_DONE = 145; +enum SSL_F_SSL3_GET_SERVER_HELLO = 146; +enum SSL_F_SSL3_HANDSHAKE_MAC = 285; +enum SSL_F_SSL3_NEW_SESSION_TICKET = 287; +enum SSL_F_SSL3_OUTPUT_CERT_CHAIN = 147; +enum SSL_F_SSL3_PEEK = 235; +enum SSL_F_SSL3_READ_BYTES = 148; +enum SSL_F_SSL3_READ_N = 149; +enum SSL_F_SSL3_SEND_CERTIFICATE_REQUEST = 150; +enum SSL_F_SSL3_SEND_CLIENT_CERTIFICATE = 151; +enum SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE = 152; +enum SSL_F_SSL3_SEND_CLIENT_VERIFY = 153; +enum SSL_F_SSL3_SEND_SERVER_CERTIFICATE = 154; +enum SSL_F_SSL3_SEND_SERVER_HELLO = 242; +enum SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE = 155; +enum SSL_F_SSL3_SETUP_KEY_BLOCK = 157; +enum SSL_F_SSL3_SETUP_READ_BUFFER = 156; +enum SSL_F_SSL3_SETUP_WRITE_BUFFER = 291; +enum SSL_F_SSL3_WRITE_BYTES = 158; +enum SSL_F_SSL3_WRITE_PENDING = 159; +enum SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT = 298; +enum SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT = 277; +enum SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT = 307; +enum SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK = 215; +enum SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK = 216; +enum SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT = 299; +enum SSL_F_SSL_ADD_SERVERHELLO_TLSEXT = 278; +enum SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT = 308; +enum SSL_F_SSL_BAD_METHOD = 160; +enum SSL_F_SSL_BYTES_TO_CIPHER_LIST = 161; +enum SSL_F_SSL_CERT_DUP = 221; +enum SSL_F_SSL_CERT_INST = 222; +enum SSL_F_SSL_CERT_INSTANTIATE = 214; +enum SSL_F_SSL_CERT_NEW = 162; +enum SSL_F_SSL_CHECK_PRIVATE_KEY = 163; +enum SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT = 280; +enum SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG = 279; +enum SSL_F_SSL_CIPHER_PROCESS_RULESTR = 230; +enum SSL_F_SSL_CIPHER_STRENGTH_SORT = 231; +enum SSL_F_SSL_CLEAR = 164; +enum SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD = 165; +enum SSL_F_SSL_CREATE_CIPHER_LIST = 166; +enum SSL_F_SSL_CTRL = 232; +enum SSL_F_SSL_CTX_CHECK_PRIVATE_KEY = 168; +enum SSL_F_SSL_CTX_MAKE_PROFILES = 309; +enum SSL_F_SSL_CTX_NEW = 169; +enum SSL_F_SSL_CTX_SET_CIPHER_LIST = 269; +enum SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE = 290; +enum SSL_F_SSL_CTX_SET_PURPOSE = 226; +enum SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT = 219; +enum SSL_F_SSL_CTX_SET_SSL_VERSION = 170; +enum SSL_F_SSL_CTX_SET_TRUST = 229; +enum SSL_F_SSL_CTX_USE_CERTIFICATE = 171; +enum SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 = 172; +enum SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE = 220; +enum SSL_F_SSL_CTX_USE_CERTIFICATE_FILE = 173; +enum SSL_F_SSL_CTX_USE_PRIVATEKEY = 174; +enum SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 = 175; +enum SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE = 176; +enum SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT = 272; +enum SSL_F_SSL_CTX_USE_RSAPRIVATEKEY = 177; +enum SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 = 178; +enum SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE = 179; +enum SSL_F_SSL_DO_HANDSHAKE = 180; +enum SSL_F_SSL_GET_NEW_SESSION = 181; +enum SSL_F_SSL_GET_PREV_SESSION = 217; +enum SSL_F_SSL_GET_SERVER_SEND_CERT = 182; +enum SSL_F_SSL_GET_SERVER_SEND_PKEY = 317; +enum SSL_F_SSL_GET_SIGN_PKEY = 183; +enum SSL_F_SSL_INIT_WBIO_BUFFER = 184; +enum SSL_F_SSL_LOAD_CLIENT_CA_FILE = 185; +enum SSL_F_SSL_NEW = 186; +enum SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT = 300; +enum SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT = 302; +enum SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT = 310; +enum SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT = 301; +enum SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT = 303; +enum SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT = 311; +enum SSL_F_SSL_PEEK = 270; +enum SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT = 281; +enum SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT = 282; +enum SSL_F_SSL_READ = 223; +enum SSL_F_SSL_RSA_PRIVATE_DECRYPT = 187; +enum SSL_F_SSL_RSA_PUBLIC_ENCRYPT = 188; +enum SSL_F_SSL_SESSION_NEW = 189; +enum SSL_F_SSL_SESSION_PRINT_FP = 190; +enum SSL_F_SSL_SESSION_SET1_ID_CONTEXT = 312; +enum SSL_F_SSL_SESS_CERT_NEW = 225; +enum SSL_F_SSL_SET_CERT = 191; +enum SSL_F_SSL_SET_CIPHER_LIST = 271; +enum SSL_F_SSL_SET_FD = 192; +enum SSL_F_SSL_SET_PKEY = 193; +enum SSL_F_SSL_SET_PURPOSE = 227; +enum SSL_F_SSL_SET_RFD = 194; +enum SSL_F_SSL_SET_SESSION = 195; +enum SSL_F_SSL_SET_SESSION_ID_CONTEXT = 218; +enum SSL_F_SSL_SET_SESSION_TICKET_EXT = 294; +enum SSL_F_SSL_SET_TRUST = 228; +enum SSL_F_SSL_SET_WFD = 196; +enum SSL_F_SSL_SHUTDOWN = 224; +enum SSL_F_SSL_SRP_CTX_INIT = 313; +enum SSL_F_SSL_UNDEFINED_CONST_FUNCTION = 243; +enum SSL_F_SSL_UNDEFINED_FUNCTION = 197; +enum SSL_F_SSL_UNDEFINED_VOID_FUNCTION = 244; +enum SSL_F_SSL_USE_CERTIFICATE = 198; +enum SSL_F_SSL_USE_CERTIFICATE_ASN1 = 199; +enum SSL_F_SSL_USE_CERTIFICATE_FILE = 200; +enum SSL_F_SSL_USE_PRIVATEKEY = 201; +enum SSL_F_SSL_USE_PRIVATEKEY_ASN1 = 202; +enum SSL_F_SSL_USE_PRIVATEKEY_FILE = 203; +enum SSL_F_SSL_USE_PSK_IDENTITY_HINT = 273; +enum SSL_F_SSL_USE_RSAPRIVATEKEY = 204; +enum SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 = 205; +enum SSL_F_SSL_USE_RSAPRIVATEKEY_FILE = 206; +enum SSL_F_SSL_VERIFY_CERT_CHAIN = 207; +enum SSL_F_SSL_WRITE = 208; +enum SSL_F_TLS1_CERT_VERIFY_MAC = 286; +enum SSL_F_TLS1_CHANGE_CIPHER_STATE = 209; +enum SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT = 274; +enum SSL_F_TLS1_ENC = 210; +enum SSL_F_TLS1_EXPORT_KEYING_MATERIAL = 314; +enum SSL_F_TLS1_HEARTBEAT = 315; +enum SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT = 275; +enum SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT = 276; +enum SSL_F_TLS1_PRF = 284; +enum SSL_F_TLS1_SETUP_KEY_BLOCK = 211; +enum SSL_F_WRITE_PENDING = 212; + +/* Reason codes. */ +enum SSL_R_APP_DATA_IN_HANDSHAKE = 100; +enum SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT = 272; +enum SSL_R_BAD_ALERT_RECORD = 101; +enum SSL_R_BAD_AUTHENTICATION_TYPE = 102; +enum SSL_R_BAD_CHANGE_CIPHER_SPEC = 103; +enum SSL_R_BAD_CHECKSUM = 104; +enum SSL_R_BAD_DATA_RETURNED_BY_CALLBACK = 106; +enum SSL_R_BAD_DECOMPRESSION = 107; +enum SSL_R_BAD_DH_G_LENGTH = 108; +enum SSL_R_BAD_DH_PUB_KEY_LENGTH = 109; +enum SSL_R_BAD_DH_P_LENGTH = 110; +enum SSL_R_BAD_DIGEST_LENGTH = 111; +enum SSL_R_BAD_DSA_SIGNATURE = 112; +enum SSL_R_BAD_ECC_CERT = 304; +enum SSL_R_BAD_ECDSA_SIGNATURE = 305; +enum SSL_R_BAD_ECPOINT = 306; +enum SSL_R_BAD_HANDSHAKE_LENGTH = 332; +enum SSL_R_BAD_HELLO_REQUEST = 105; +enum SSL_R_BAD_LENGTH = 271; +enum SSL_R_BAD_MAC_DECODE = 113; +enum SSL_R_BAD_MAC_LENGTH = 333; +enum SSL_R_BAD_MESSAGE_TYPE = 114; +enum SSL_R_BAD_PACKET_LENGTH = 115; +enum SSL_R_BAD_PROTOCOL_VERSION_NUMBER = 116; +enum SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH = 316; +enum SSL_R_BAD_RESPONSE_ARGUMENT = 117; +enum SSL_R_BAD_RSA_DECRYPT = 118; +enum SSL_R_BAD_RSA_ENCRYPT = 119; +enum SSL_R_BAD_RSA_E_LENGTH = 120; +enum SSL_R_BAD_RSA_MODULUS_LENGTH = 121; +enum SSL_R_BAD_RSA_SIGNATURE = 122; +enum SSL_R_BAD_SIGNATURE = 123; +enum SSL_R_BAD_SRP_A_LENGTH = 347; +enum SSL_R_BAD_SRP_B_LENGTH = 348; +enum SSL_R_BAD_SRP_G_LENGTH = 349; +enum SSL_R_BAD_SRP_N_LENGTH = 350; +enum SSL_R_BAD_SRP_S_LENGTH = 351; +enum SSL_R_BAD_SRTP_MKI_VALUE = 352; +enum SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST = 353; +enum SSL_R_BAD_SSL_FILETYPE = 124; +enum SSL_R_BAD_SSL_SESSION_ID_LENGTH = 125; +enum SSL_R_BAD_STATE = 126; +enum SSL_R_BAD_WRITE_RETRY = 127; +enum SSL_R_BIO_NOT_SET = 128; +enum SSL_R_BLOCK_CIPHER_PAD_IS_WRONG = 129; +enum SSL_R_BN_LIB = 130; +enum SSL_R_CA_DN_LENGTH_MISMATCH = 131; +enum SSL_R_CA_DN_TOO_LONG = 132; +enum SSL_R_CCS_RECEIVED_EARLY = 133; +enum SSL_R_CERTIFICATE_VERIFY_FAILED = 134; +enum SSL_R_CERT_LENGTH_MISMATCH = 135; +enum SSL_R_CHALLENGE_IS_DIFFERENT = 136; +enum SSL_R_CIPHER_CODE_WRONG_LENGTH = 137; +enum SSL_R_CIPHER_OR_HASH_UNAVAILABLE = 138; +enum SSL_R_CIPHER_TABLE_SRC_ERROR = 139; +enum SSL_R_CLIENTHELLO_TLSEXT = 226; +enum SSL_R_COMPRESSED_LENGTH_TOO_LONG = 140; +enum SSL_R_COMPRESSION_DISABLED = 343; +enum SSL_R_COMPRESSION_FAILURE = 141; +enum SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE = 307; +enum SSL_R_COMPRESSION_LIBRARY_ERROR = 142; +enum SSL_R_CONNECTION_ID_IS_DIFFERENT = 143; +enum SSL_R_CONNECTION_TYPE_NOT_SET = 144; +enum SSL_R_COOKIE_MISMATCH = 308; +enum SSL_R_DATA_BETWEEN_CCS_AND_FINISHED = 145; +enum SSL_R_DATA_LENGTH_TOO_LONG = 146; +enum SSL_R_DECRYPTION_FAILED = 147; +enum SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC = 281; +enum SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG = 148; +enum SSL_R_DIGEST_CHECK_FAILED = 149; +enum SSL_R_DTLS_MESSAGE_TOO_BIG = 334; +enum SSL_R_DUPLICATE_COMPRESSION_ID = 309; +enum SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT = 317; +enum SSL_R_ECC_CERT_NOT_FOR_SIGNING = 318; +enum SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE = 322; +enum SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE = 323; +enum SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER = 310; +enum SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST = 354; +enum SSL_R_ENCRYPTED_LENGTH_TOO_LONG = 150; +enum SSL_R_ERROR_GENERATING_TMP_RSA_KEY = 282; +enum SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST = 151; +enum SSL_R_EXCESSIVE_MESSAGE_SIZE = 152; +enum SSL_R_EXTRA_DATA_IN_MESSAGE = 153; +enum SSL_R_GOT_A_FIN_BEFORE_A_CCS = 154; +enum SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS = 355; +enum SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION = 356; +enum SSL_R_HTTPS_PROXY_REQUEST = 155; +enum SSL_R_HTTP_REQUEST = 156; +enum SSL_R_ILLEGAL_PADDING = 283; +enum SSL_R_INCONSISTENT_COMPRESSION = 340; +enum SSL_R_INVALID_CHALLENGE_LENGTH = 158; +enum SSL_R_INVALID_COMMAND = 280; +enum SSL_R_INVALID_COMPRESSION_ALGORITHM = 341; +enum SSL_R_INVALID_PURPOSE = 278; +enum SSL_R_INVALID_SRP_USERNAME = 357; +enum SSL_R_INVALID_STATUS_RESPONSE = 328; +enum SSL_R_INVALID_TICKET_KEYS_LENGTH = 325; +enum SSL_R_INVALID_TRUST = 279; +enum SSL_R_KEY_ARG_TOO_LONG = 284; +enum SSL_R_KRB5 = 285; +enum SSL_R_KRB5_C_CC_PRINC = 286; +enum SSL_R_KRB5_C_GET_CRED = 287; +enum SSL_R_KRB5_C_INIT = 288; +enum SSL_R_KRB5_C_MK_REQ = 289; +enum SSL_R_KRB5_S_BAD_TICKET = 290; +enum SSL_R_KRB5_S_INIT = 291; +enum SSL_R_KRB5_S_RD_REQ = 292; +enum SSL_R_KRB5_S_TKT_EXPIRED = 293; +enum SSL_R_KRB5_S_TKT_NYV = 294; +enum SSL_R_KRB5_S_TKT_SKEW = 295; +enum SSL_R_LENGTH_MISMATCH = 159; +enum SSL_R_LENGTH_TOO_SHORT = 160; +enum SSL_R_LIBRARY_BUG = 274; +enum SSL_R_LIBRARY_HAS_NO_CIPHERS = 161; +enum SSL_R_MESSAGE_TOO_LONG = 296; +enum SSL_R_MISSING_DH_DSA_CERT = 162; +enum SSL_R_MISSING_DH_KEY = 163; +enum SSL_R_MISSING_DH_RSA_CERT = 164; +enum SSL_R_MISSING_DSA_SIGNING_CERT = 165; +enum SSL_R_MISSING_EXPORT_TMP_DH_KEY = 166; +enum SSL_R_MISSING_EXPORT_TMP_RSA_KEY = 167; +enum SSL_R_MISSING_RSA_CERTIFICATE = 168; +enum SSL_R_MISSING_RSA_ENCRYPTING_CERT = 169; +enum SSL_R_MISSING_RSA_SIGNING_CERT = 170; +enum SSL_R_MISSING_SRP_PARAM = 358; +enum SSL_R_MISSING_TMP_DH_KEY = 171; +enum SSL_R_MISSING_TMP_ECDH_KEY = 311; +enum SSL_R_MISSING_TMP_RSA_KEY = 172; +enum SSL_R_MISSING_TMP_RSA_PKEY = 173; +enum SSL_R_MISSING_VERIFY_MESSAGE = 174; +enum SSL_R_MULTIPLE_SGC_RESTARTS = 346; +enum SSL_R_NON_SSLV2_INITIAL_PACKET = 175; +enum SSL_R_NO_CERTIFICATES_RETURNED = 176; +enum SSL_R_NO_CERTIFICATE_ASSIGNED = 177; +enum SSL_R_NO_CERTIFICATE_RETURNED = 178; +enum SSL_R_NO_CERTIFICATE_SET = 179; +enum SSL_R_NO_CERTIFICATE_SPECIFIED = 180; +enum SSL_R_NO_CIPHERS_AVAILABLE = 181; +enum SSL_R_NO_CIPHERS_PASSED = 182; +enum SSL_R_NO_CIPHERS_SPECIFIED = 183; +enum SSL_R_NO_CIPHER_LIST = 184; +enum SSL_R_NO_CIPHER_MATCH = 185; +enum SSL_R_NO_CLIENT_CERT_METHOD = 331; +enum SSL_R_NO_CLIENT_CERT_RECEIVED = 186; +enum SSL_R_NO_COMPRESSION_SPECIFIED = 187; +enum SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER = 330; +enum SSL_R_NO_METHOD_SPECIFIED = 188; +enum SSL_R_NO_PRIVATEKEY = 189; +enum SSL_R_NO_PRIVATE_KEY_ASSIGNED = 190; +enum SSL_R_NO_PROTOCOLS_AVAILABLE = 191; +enum SSL_R_NO_PUBLICKEY = 192; +enum SSL_R_NO_RENEGOTIATION = 339; +enum SSL_R_NO_REQUIRED_DIGEST = 324; +enum SSL_R_NO_SHARED_CIPHER = 193; +enum SSL_R_NO_SRTP_PROFILES = 359; +enum SSL_R_NO_VERIFY_CALLBACK = 194; +enum SSL_R_NULL_SSL_CTX = 195; +enum SSL_R_NULL_SSL_METHOD_PASSED = 196; +enum SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED = 197; +enum SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED = 344; +enum SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE = 297; +enum SSL_R_OPAQUE_PRF_INPUT_TOO_LONG = 327; +enum SSL_R_PACKET_LENGTH_TOO_LONG = 198; +enum SSL_R_PARSE_TLSEXT = 227; +enum SSL_R_PATH_TOO_LONG = 270; +enum SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE = 199; +enum SSL_R_PEER_ERROR = 200; +enum SSL_R_PEER_ERROR_CERTIFICATE = 201; +enum SSL_R_PEER_ERROR_NO_CERTIFICATE = 202; +enum SSL_R_PEER_ERROR_NO_CIPHER = 203; +enum SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE = 204; +enum SSL_R_PRE_MAC_LENGTH_TOO_LONG = 205; +enum SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS = 206; +enum SSL_R_PROTOCOL_IS_SHUTDOWN = 207; +enum SSL_R_PSK_IDENTITY_NOT_FOUND = 223; +enum SSL_R_PSK_NO_CLIENT_CB = 224; +enum SSL_R_PSK_NO_SERVER_CB = 225; +enum SSL_R_PUBLIC_KEY_ENCRYPT_ERROR = 208; +enum SSL_R_PUBLIC_KEY_IS_NOT_RSA = 209; +enum SSL_R_PUBLIC_KEY_NOT_RSA = 210; +enum SSL_R_READ_BIO_NOT_SET = 211; +enum SSL_R_READ_TIMEOUT_EXPIRED = 312; +enum SSL_R_READ_WRONG_PACKET_TYPE = 212; +enum SSL_R_RECORD_LENGTH_MISMATCH = 213; +enum SSL_R_RECORD_TOO_LARGE = 214; +enum SSL_R_RECORD_TOO_SMALL = 298; +enum SSL_R_RENEGOTIATE_EXT_TOO_LONG = 335; +enum SSL_R_RENEGOTIATION_ENCODING_ERR = 336; +enum SSL_R_RENEGOTIATION_MISMATCH = 337; +enum SSL_R_REQUIRED_CIPHER_MISSING = 215; +enum SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING = 342; +enum SSL_R_REUSE_CERT_LENGTH_NOT_ZERO = 216; +enum SSL_R_REUSE_CERT_TYPE_NOT_ZERO = 217; +enum SSL_R_REUSE_CIPHER_LIST_NOT_ZERO = 218; +enum SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING = 345; +enum SSL_R_SERVERHELLO_TLSEXT = 275; +enum SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED = 277; +enum SSL_R_SHORT_READ = 219; +enum SSL_R_SIGNATURE_ALGORITHMS_ERROR = 360; +enum SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE = 220; +enum SSL_R_SRP_A_CALC = 361; +enum SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES = 362; +enum SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG = 363; +enum SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE = 364; +enum SSL_R_SSL23_DOING_SESSION_ID_REUSE = 221; +enum SSL_R_SSL2_CONNECTION_ID_TOO_LONG = 299; +enum SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT = 321; +enum SSL_R_SSL3_EXT_INVALID_SERVERNAME = 319; +enum SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE = 320; +enum SSL_R_SSL3_SESSION_ID_TOO_LONG = 300; +enum SSL_R_SSL3_SESSION_ID_TOO_SHORT = 222; +enum SSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 1042; +enum SSL_R_SSLV3_ALERT_BAD_RECORD_MAC = 1020; +enum SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED = 1045; +enum SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED = 1044; +enum SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 1046; +enum SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE = 1030; +enum SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE = 1040; +enum SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER = 1047; +enum SSL_R_SSLV3_ALERT_NO_CERTIFICATE = 1041; +enum SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE = 1010; +enum SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE = 1043; +enum SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION = 228; +enum SSL_R_SSL_HANDSHAKE_FAILURE = 229; +enum SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS = 230; +enum SSL_R_SSL_SESSION_ID_CALLBACK_FAILED = 301; +enum SSL_R_SSL_SESSION_ID_CONFLICT = 302; +enum SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG = 273; +enum SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH = 303; +enum SSL_R_SSL_SESSION_ID_IS_DIFFERENT = 231; +enum SSL_R_TLSV1_ALERT_ACCESS_DENIED = 1049; +enum SSL_R_TLSV1_ALERT_DECODE_ERROR = 1050; +enum SSL_R_TLSV1_ALERT_DECRYPTION_FAILED = 1021; +enum SSL_R_TLSV1_ALERT_DECRYPT_ERROR = 1051; +enum SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION = 1060; +enum SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY = 1071; +enum SSL_R_TLSV1_ALERT_INTERNAL_ERROR = 1080; +enum SSL_R_TLSV1_ALERT_NO_RENEGOTIATION = 1100; +enum SSL_R_TLSV1_ALERT_PROTOCOL_VERSION = 1070; +enum SSL_R_TLSV1_ALERT_RECORD_OVERFLOW = 1022; +enum SSL_R_TLSV1_ALERT_UNKNOWN_CA = 1048; +enum SSL_R_TLSV1_ALERT_USER_CANCELLED = 1090; +enum SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE = 1114; +enum SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE = 1113; +enum SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE = 1111; +enum SSL_R_TLSV1_UNRECOGNIZED_NAME = 1112; +enum SSL_R_TLSV1_UNSUPPORTED_EXTENSION = 1110; +enum SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER = 232; +enum SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT = 365; +enum SSL_R_TLS_HEARTBEAT_PENDING = 366; +enum SSL_R_TLS_ILLEGAL_EXPORTER_LABEL = 367; +enum SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST = 157; +enum SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST = 233; +enum SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG = 234; +enum SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER = 235; +enum SSL_R_UNABLE_TO_DECODE_DH_CERTS = 236; +enum SSL_R_UNABLE_TO_DECODE_ECDH_CERTS = 313; +enum SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY = 237; +enum SSL_R_UNABLE_TO_FIND_DH_PARAMETERS = 238; +enum SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS = 314; +enum SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS = 239; +enum SSL_R_UNABLE_TO_FIND_SSL_METHOD = 240; +enum SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES = 241; +enum SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES = 242; +enum SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES = 243; +enum SSL_R_UNEXPECTED_MESSAGE = 244; +enum SSL_R_UNEXPECTED_RECORD = 245; +enum SSL_R_UNINITIALIZED = 276; +enum SSL_R_UNKNOWN_ALERT_TYPE = 246; +enum SSL_R_UNKNOWN_CERTIFICATE_TYPE = 247; +enum SSL_R_UNKNOWN_CIPHER_RETURNED = 248; +enum SSL_R_UNKNOWN_CIPHER_TYPE = 249; +enum SSL_R_UNKNOWN_DIGEST = 368; +enum SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE = 250; +enum SSL_R_UNKNOWN_PKEY_TYPE = 251; +enum SSL_R_UNKNOWN_PROTOCOL = 252; +enum SSL_R_UNKNOWN_REMOTE_ERROR_TYPE = 253; +enum SSL_R_UNKNOWN_SSL_VERSION = 254; +enum SSL_R_UNKNOWN_STATE = 255; +enum SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED = 338; +enum SSL_R_UNSUPPORTED_CIPHER = 256; +enum SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM = 257; +enum SSL_R_UNSUPPORTED_DIGEST_TYPE = 326; +enum SSL_R_UNSUPPORTED_ELLIPTIC_CURVE = 315; +enum SSL_R_UNSUPPORTED_PROTOCOL = 258; +enum SSL_R_UNSUPPORTED_SSL_VERSION = 259; +enum SSL_R_UNSUPPORTED_STATUS_TYPE = 329; +enum SSL_R_USE_SRTP_NOT_NEGOTIATED = 369; +enum SSL_R_WRITE_BIO_NOT_SET = 260; +enum SSL_R_WRONG_CIPHER_RETURNED = 261; +enum SSL_R_WRONG_MESSAGE_TYPE = 262; +enum SSL_R_WRONG_NUMBER_OF_KEY_BITS = 263; +enum SSL_R_WRONG_SIGNATURE_LENGTH = 264; +enum SSL_R_WRONG_SIGNATURE_SIZE = 265; +enum SSL_R_WRONG_SIGNATURE_TYPE = 370; +enum SSL_R_WRONG_SSL_VERSION = 266; +enum SSL_R_WRONG_VERSION_NUMBER = 267; +enum SSL_R_X509_LIB = 268; +enum SSL_R_X509_VERIFICATION_SETUP_PROBLEMS = 269; diff --git a/deimos/openssl/ssl2.d b/deimos/openssl/ssl2.d new file mode 100644 index 0000000..ee3cb3a --- /dev/null +++ b/deimos/openssl/ssl2.d @@ -0,0 +1,270 @@ +/* ssl/ssl2.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.ssl2; + +import deimos.openssl._d_util; + +import deimos.openssl.ssl; // Needed for SSL_ST_CONNECT, etc. + +extern (C): +nothrow: + +/* Protocol Version Codes */ +enum SSL2_VERSION = 0x0002; +enum SSL2_VERSION_MAJOR = 0x00; +enum SSL2_VERSION_MINOR = 0x02; +/* enum SSL2_CLIENT_VERSION = 0x0002; */ +/* enum SSL2_SERVER_VERSION = 0x0002; */ + +/* Protocol Message Codes */ +enum SSL2_MT_ERROR = 0; +enum SSL2_MT_CLIENT_HELLO = 1; +enum SSL2_MT_CLIENT_MASTER_KEY = 2; +enum SSL2_MT_CLIENT_FINISHED = 3; +enum SSL2_MT_SERVER_HELLO = 4; +enum SSL2_MT_SERVER_VERIFY = 5; +enum SSL2_MT_SERVER_FINISHED = 6; +enum SSL2_MT_REQUEST_CERTIFICATE = 7; +enum SSL2_MT_CLIENT_CERTIFICATE = 8; + +/* Error Message Codes */ +enum SSL2_PE_UNDEFINED_ERROR = 0x0000; +enum SSL2_PE_NO_CIPHER = 0x0001; +enum SSL2_PE_NO_CERTIFICATE = 0x0002; +enum SSL2_PE_BAD_CERTIFICATE = 0x0004; +enum SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE = 0x0006; + +/* Cipher Kind Values */ +enum SSL2_CK_NULL_WITH_MD5 = 0x02000000; /* v3 */ +enum SSL2_CK_RC4_128_WITH_MD5 = 0x02010080; +enum SSL2_CK_RC4_128_EXPORT40_WITH_MD5 = 0x02020080; +enum SSL2_CK_RC2_128_CBC_WITH_MD5 = 0x02030080; +enum SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 = 0x02040080; +enum SSL2_CK_IDEA_128_CBC_WITH_MD5 = 0x02050080; +enum SSL2_CK_DES_64_CBC_WITH_MD5 = 0x02060040; +enum SSL2_CK_DES_64_CBC_WITH_SHA = 0x02060140; /* v3 */ +enum SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 = 0x020700c0; +enum SSL2_CK_DES_192_EDE3_CBC_WITH_SHA = 0x020701c0; /* v3 */ +enum SSL2_CK_RC4_64_WITH_MD5 = 0x02080080; /* MS hack */ + +enum SSL2_CK_DES_64_CFB64_WITH_MD5_1 = 0x02ff0800; /* SSLeay */ +enum SSL2_CK_NULL = 0x02ff0810; /* SSLeay */ + +enum SSL2_TXT_DES_64_CFB64_WITH_MD5_1 = "DES-CFB-M1"; +enum SSL2_TXT_NULL_WITH_MD5 = "NULL-MD5"; +enum SSL2_TXT_RC4_128_WITH_MD5 = "RC4-MD5"; +enum SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 = "EXP-RC4-MD5"; +enum SSL2_TXT_RC2_128_CBC_WITH_MD5 = "RC2-CBC-MD5"; +enum SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 = "EXP-RC2-CBC-MD5"; +enum SSL2_TXT_IDEA_128_CBC_WITH_MD5 = "IDEA-CBC-MD5"; +enum SSL2_TXT_DES_64_CBC_WITH_MD5 = "DES-CBC-MD5"; +enum SSL2_TXT_DES_64_CBC_WITH_SHA = "DES-CBC-SHA"; +enum SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 = "DES-CBC3-MD5"; +enum SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA = "DES-CBC3-SHA"; +enum SSL2_TXT_RC4_64_WITH_MD5 = "RC4-64-MD5"; + +enum SSL2_TXT_NULL = "NULL"; + +/* Flags for the SSL_CIPHER.algorithm2 field */ +enum SSL2_CF_5_BYTE_ENC = 0x01; +enum SSL2_CF_8_BYTE_ENC = 0x02; + +/* Certificate Type Codes */ +enum SSL2_CT_X509_CERTIFICATE = 0x01; + +/* Authentication Type Code */ +enum SSL2_AT_MD5_WITH_RSA_ENCRYPTION = 0x01; + +enum SSL2_MAX_SSL_SESSION_ID_LENGTH = 32; + +/* Upper/Lower Bounds */ +enum SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS = 256; +version (OPENSSL_SYS_MPE) { +enum SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER = 29998u; +} else { +enum SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER = 32767u; /* 2^15-1 */ +} +enum SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER = 16383; /* 2^14-1 */ + +enum SSL2_CHALLENGE_LENGTH = 16; +/*enum SSL2_CHALLENGE_LENGTH = 32; */ +enum SSL2_MIN_CHALLENGE_LENGTH = 16; +enum SSL2_MAX_CHALLENGE_LENGTH = 32; +enum SSL2_CONNECTION_ID_LENGTH = 16; +enum SSL2_MAX_CONNECTION_ID_LENGTH = 16; +enum SSL2_SSL_SESSION_ID_LENGTH = 16; +enum SSL2_MAX_CERT_CHALLENGE_LENGTH = 32; +enum SSL2_MIN_CERT_CHALLENGE_LENGTH = 16; +enum SSL2_MAX_KEY_MATERIAL_LENGTH = 24; + +// #ifndef HEADER_SSL_LOCL_H +alias char CERT; +// #endif + +version(OPENSSL_NO_SSL_INTERN) {} else { + +struct ssl2_state_st + { + int three_byte_header; + int clear_text; /* clear text */ + int escape; /* not used in SSLv2 */ + int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */ + + /* non-blocking io info, used to make sure the same + * args were passwd */ + uint wnum; /* number of bytes sent so far */ + int wpend_tot; + const(ubyte)* wpend_buf; + + int wpend_off; /* offset to data to write */ + int wpend_len; /* number of bytes passwd to write */ + int wpend_ret; /* number of bytes to return to caller */ + + /* buffer raw data */ + int rbuf_left; + int rbuf_offs; + ubyte* rbuf; + ubyte* wbuf; + + ubyte* write_ptr;/* used to point to the start due to + * 2/3 byte header. */ + + uint padding; + uint rlength; /* passed to ssl2_enc */ + int ract_data_length; /* Set when things are encrypted. */ + uint wlength; /* passed to ssl2_enc */ + int wact_data_length; /* Set when things are decrypted. */ + ubyte* ract_data; + ubyte* wact_data; + ubyte* mac_data; + + ubyte* read_key; + ubyte* write_key; + + /* Stuff specifically to do with this SSL session */ + uint challenge_length; + ubyte[SSL2_MAX_CHALLENGE_LENGTH] challenge; + uint conn_id_length; + ubyte[SSL2_MAX_CONNECTION_ID_LENGTH] conn_id; + uint key_material_length; + ubyte[SSL2_MAX_KEY_MATERIAL_LENGTH*2] key_material; + + c_ulong read_sequence; + c_ulong write_sequence; + + struct tmp_{ + uint conn_id_length; + uint cert_type; + uint cert_length; + uint csl; + uint clear; + uint enc; + ubyte[SSL2_MAX_CERT_CHALLENGE_LENGTH] ccl; + uint cipher_spec_length; + uint session_id_length; + uint clen; + uint rlen; + } + tmp_ tmp; + } +alias ssl2_state_st SSL2_STATE; + +} + +/* SSLv2 */ +/* client */ +enum SSL2_ST_SEND_CLIENT_HELLO_A = (0x10|SSL_ST_CONNECT); +enum SSL2_ST_SEND_CLIENT_HELLO_B = (0x11|SSL_ST_CONNECT); +enum SSL2_ST_GET_SERVER_HELLO_A = (0x20|SSL_ST_CONNECT); +enum SSL2_ST_GET_SERVER_HELLO_B = (0x21|SSL_ST_CONNECT); +enum SSL2_ST_SEND_CLIENT_MASTER_KEY_A = (0x30|SSL_ST_CONNECT); +enum SSL2_ST_SEND_CLIENT_MASTER_KEY_B = (0x31|SSL_ST_CONNECT); +enum SSL2_ST_SEND_CLIENT_FINISHED_A = (0x40|SSL_ST_CONNECT); +enum SSL2_ST_SEND_CLIENT_FINISHED_B = (0x41|SSL_ST_CONNECT); +enum SSL2_ST_SEND_CLIENT_CERTIFICATE_A = (0x50|SSL_ST_CONNECT); +enum SSL2_ST_SEND_CLIENT_CERTIFICATE_B = (0x51|SSL_ST_CONNECT); +enum SSL2_ST_SEND_CLIENT_CERTIFICATE_C = (0x52|SSL_ST_CONNECT); +enum SSL2_ST_SEND_CLIENT_CERTIFICATE_D = (0x53|SSL_ST_CONNECT); +enum SSL2_ST_GET_SERVER_VERIFY_A = (0x60|SSL_ST_CONNECT); +enum SSL2_ST_GET_SERVER_VERIFY_B = (0x61|SSL_ST_CONNECT); +enum SSL2_ST_GET_SERVER_FINISHED_A = (0x70|SSL_ST_CONNECT); +enum SSL2_ST_GET_SERVER_FINISHED_B = (0x71|SSL_ST_CONNECT); +enum SSL2_ST_CLIENT_START_ENCRYPTION = (0x80|SSL_ST_CONNECT); +enum SSL2_ST_X509_GET_CLIENT_CERTIFICATE = (0x90|SSL_ST_CONNECT); +/* server */ +enum SSL2_ST_GET_CLIENT_HELLO_A = (0x10|SSL_ST_ACCEPT); +enum SSL2_ST_GET_CLIENT_HELLO_B = (0x11|SSL_ST_ACCEPT); +enum SSL2_ST_GET_CLIENT_HELLO_C = (0x12|SSL_ST_ACCEPT); +enum SSL2_ST_SEND_SERVER_HELLO_A = (0x20|SSL_ST_ACCEPT); +enum SSL2_ST_SEND_SERVER_HELLO_B = (0x21|SSL_ST_ACCEPT); +enum SSL2_ST_GET_CLIENT_MASTER_KEY_A = (0x30|SSL_ST_ACCEPT); +enum SSL2_ST_GET_CLIENT_MASTER_KEY_B = (0x31|SSL_ST_ACCEPT); +enum SSL2_ST_SEND_SERVER_VERIFY_A = (0x40|SSL_ST_ACCEPT); +enum SSL2_ST_SEND_SERVER_VERIFY_B = (0x41|SSL_ST_ACCEPT); +enum SSL2_ST_SEND_SERVER_VERIFY_C = (0x42|SSL_ST_ACCEPT); +enum SSL2_ST_GET_CLIENT_FINISHED_A = (0x50|SSL_ST_ACCEPT); +enum SSL2_ST_GET_CLIENT_FINISHED_B = (0x51|SSL_ST_ACCEPT); +enum SSL2_ST_SEND_SERVER_FINISHED_A = (0x60|SSL_ST_ACCEPT); +enum SSL2_ST_SEND_SERVER_FINISHED_B = (0x61|SSL_ST_ACCEPT); +enum SSL2_ST_SEND_REQUEST_CERTIFICATE_A = (0x70|SSL_ST_ACCEPT); +enum SSL2_ST_SEND_REQUEST_CERTIFICATE_B = (0x71|SSL_ST_ACCEPT); +enum SSL2_ST_SEND_REQUEST_CERTIFICATE_C = (0x72|SSL_ST_ACCEPT); +enum SSL2_ST_SEND_REQUEST_CERTIFICATE_D = (0x73|SSL_ST_ACCEPT); +enum SSL2_ST_SERVER_START_ENCRYPTION = (0x80|SSL_ST_ACCEPT); +enum SSL2_ST_X509_GET_SERVER_CERTIFICATE = (0x90|SSL_ST_ACCEPT); diff --git a/deimos/openssl/ssl23.d b/deimos/openssl/ssl23.d new file mode 100644 index 0000000..e182571 --- /dev/null +++ b/deimos/openssl/ssl23.d @@ -0,0 +1,79 @@ +/* ssl/ssl23.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.ssl23; + +import deimos.openssl._d_util; + +import deimos.openssl.ssl; + +extern (C): +nothrow: + +/*client */ +/* write to server */ +enum SSL23_ST_CW_CLNT_HELLO_A = (0x210|SSL_ST_CONNECT); +enum SSL23_ST_CW_CLNT_HELLO_B = (0x211|SSL_ST_CONNECT); +/* read from server */ +enum SSL23_ST_CR_SRVR_HELLO_A = (0x220|SSL_ST_CONNECT); +enum SSL23_ST_CR_SRVR_HELLO_B = (0x221|SSL_ST_CONNECT); + +/* server */ +/* read from client */ +enum SSL23_ST_SR_CLNT_HELLO_A = (0x210|SSL_ST_ACCEPT); +enum SSL23_ST_SR_CLNT_HELLO_B = (0x211|SSL_ST_ACCEPT); diff --git a/deimos/openssl/ssl3.d b/deimos/openssl/ssl3.d new file mode 100644 index 0000000..e44fc79 --- /dev/null +++ b/deimos/openssl/ssl3.d @@ -0,0 +1,690 @@ +/* ssl/ssl3.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +/* ==================================================================== + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECC cipher suite support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ + +module deimos.openssl.ssl3; + +import deimos.openssl._d_util; + +version(OPENSSL_NO_COMP) {} else { +public import deimos.openssl.comp; +} +public import deimos.openssl.buffer; +public import deimos.openssl.evp; +public import deimos.openssl.ssl; + +extern (C): +nothrow: + +/* Signalling cipher suite value: from draft-ietf-tls-renegotiation-03.txt */ +enum SSL3_CK_SCSV = 0x030000FF; + +enum SSL3_CK_RSA_NULL_MD5 = 0x03000001; +enum SSL3_CK_RSA_NULL_SHA = 0x03000002; +enum SSL3_CK_RSA_RC4_40_MD5 = 0x03000003; +enum SSL3_CK_RSA_RC4_128_MD5 = 0x03000004; +enum SSL3_CK_RSA_RC4_128_SHA = 0x03000005; +enum SSL3_CK_RSA_RC2_40_MD5 = 0x03000006; +enum SSL3_CK_RSA_IDEA_128_SHA = 0x03000007; +enum SSL3_CK_RSA_DES_40_CBC_SHA = 0x03000008; +enum SSL3_CK_RSA_DES_64_CBC_SHA = 0x03000009; +enum SSL3_CK_RSA_DES_192_CBC3_SHA = 0x0300000A; + +enum SSL3_CK_DH_DSS_DES_40_CBC_SHA = 0x0300000B; +enum SSL3_CK_DH_DSS_DES_64_CBC_SHA = 0x0300000C; +enum SSL3_CK_DH_DSS_DES_192_CBC3_SHA = 0x0300000D; +enum SSL3_CK_DH_RSA_DES_40_CBC_SHA = 0x0300000E; +enum SSL3_CK_DH_RSA_DES_64_CBC_SHA = 0x0300000F; +enum SSL3_CK_DH_RSA_DES_192_CBC3_SHA = 0x03000010; + +enum SSL3_CK_EDH_DSS_DES_40_CBC_SHA = 0x03000011; +enum SSL3_CK_EDH_DSS_DES_64_CBC_SHA = 0x03000012; +enum SSL3_CK_EDH_DSS_DES_192_CBC3_SHA = 0x03000013; +enum SSL3_CK_EDH_RSA_DES_40_CBC_SHA = 0x03000014; +enum SSL3_CK_EDH_RSA_DES_64_CBC_SHA = 0x03000015; +enum SSL3_CK_EDH_RSA_DES_192_CBC3_SHA = 0x03000016; + +enum SSL3_CK_ADH_RC4_40_MD5 = 0x03000017; +enum SSL3_CK_ADH_RC4_128_MD5 = 0x03000018; +enum SSL3_CK_ADH_DES_40_CBC_SHA = 0x03000019; +enum SSL3_CK_ADH_DES_64_CBC_SHA = 0x0300001A; +enum SSL3_CK_ADH_DES_192_CBC_SHA = 0x0300001B; + +version (none) { + enum SSL3_CK_FZA_DMS_NULL_SHA = 0x0300001C; + enum SSL3_CK_FZA_DMS_FZA_SHA = 0x0300001D; + version (none) { /* Because it clashes with KRB5, is never used any more, and is safe + to remove according to David Hopwood + of the ietf-tls list */ + enum SSL3_CK_FZA_DMS_RC4_SHA = 0x0300001E; + } +} + +/* VRS Additional Kerberos5 entries + */ +enum SSL3_CK_KRB5_DES_64_CBC_SHA = 0x0300001E; +enum SSL3_CK_KRB5_DES_192_CBC3_SHA = 0x0300001F; +enum SSL3_CK_KRB5_RC4_128_SHA = 0x03000020; +enum SSL3_CK_KRB5_IDEA_128_CBC_SHA = 0x03000021; +enum SSL3_CK_KRB5_DES_64_CBC_MD5 = 0x03000022; +enum SSL3_CK_KRB5_DES_192_CBC3_MD5 = 0x03000023; +enum SSL3_CK_KRB5_RC4_128_MD5 = 0x03000024; +enum SSL3_CK_KRB5_IDEA_128_CBC_MD5 = 0x03000025; + +enum SSL3_CK_KRB5_DES_40_CBC_SHA = 0x03000026; +enum SSL3_CK_KRB5_RC2_40_CBC_SHA = 0x03000027; +enum SSL3_CK_KRB5_RC4_40_SHA = 0x03000028; +enum SSL3_CK_KRB5_DES_40_CBC_MD5 = 0x03000029; +enum SSL3_CK_KRB5_RC2_40_CBC_MD5 = 0x0300002A; +enum SSL3_CK_KRB5_RC4_40_MD5 = 0x0300002B; + +enum SSL3_TXT_RSA_NULL_MD5 = "NULL-MD5"; +enum SSL3_TXT_RSA_NULL_SHA = "NULL-SHA"; +enum SSL3_TXT_RSA_RC4_40_MD5 = "EXP-RC4-MD5"; +enum SSL3_TXT_RSA_RC4_128_MD5 = "RC4-MD5"; +enum SSL3_TXT_RSA_RC4_128_SHA = "RC4-SHA"; +enum SSL3_TXT_RSA_RC2_40_MD5 = "EXP-RC2-CBC-MD5"; +enum SSL3_TXT_RSA_IDEA_128_SHA = "IDEA-CBC-SHA"; +enum SSL3_TXT_RSA_DES_40_CBC_SHA = "EXP-DES-CBC-SHA"; +enum SSL3_TXT_RSA_DES_64_CBC_SHA = "DES-CBC-SHA"; +enum SSL3_TXT_RSA_DES_192_CBC3_SHA = "DES-CBC3-SHA"; + +enum SSL3_TXT_DH_DSS_DES_40_CBC_SHA = "EXP-DH-DSS-DES-CBC-SHA"; +enum SSL3_TXT_DH_DSS_DES_64_CBC_SHA = "DH-DSS-DES-CBC-SHA"; +enum SSL3_TXT_DH_DSS_DES_192_CBC3_SHA = "DH-DSS-DES-CBC3-SHA"; +enum SSL3_TXT_DH_RSA_DES_40_CBC_SHA = "EXP-DH-RSA-DES-CBC-SHA"; +enum SSL3_TXT_DH_RSA_DES_64_CBC_SHA = "DH-RSA-DES-CBC-SHA"; +enum SSL3_TXT_DH_RSA_DES_192_CBC3_SHA = "DH-RSA-DES-CBC3-SHA"; + +enum SSL3_TXT_EDH_DSS_DES_40_CBC_SHA = "EXP-EDH-DSS-DES-CBC-SHA"; +enum SSL3_TXT_EDH_DSS_DES_64_CBC_SHA = "EDH-DSS-DES-CBC-SHA"; +enum SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA = "EDH-DSS-DES-CBC3-SHA"; +enum SSL3_TXT_EDH_RSA_DES_40_CBC_SHA = "EXP-EDH-RSA-DES-CBC-SHA"; +enum SSL3_TXT_EDH_RSA_DES_64_CBC_SHA = "EDH-RSA-DES-CBC-SHA"; +enum SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA = "EDH-RSA-DES-CBC3-SHA"; + +enum SSL3_TXT_ADH_RC4_40_MD5 = "EXP-ADH-RC4-MD5"; +enum SSL3_TXT_ADH_RC4_128_MD5 = "ADH-RC4-MD5"; +enum SSL3_TXT_ADH_DES_40_CBC_SHA = "EXP-ADH-DES-CBC-SHA"; +enum SSL3_TXT_ADH_DES_64_CBC_SHA = "ADH-DES-CBC-SHA"; +enum SSL3_TXT_ADH_DES_192_CBC_SHA = "ADH-DES-CBC3-SHA"; + +version (none) { + enum SSL3_TXT_FZA_DMS_NULL_SHA = "FZA-NULL-SHA"; + enum SSL3_TXT_FZA_DMS_FZA_SHA = "FZA-FZA-CBC-SHA"; + enum SSL3_TXT_FZA_DMS_RC4_SHA = "FZA-RC4-SHA"; +} + +enum SSL3_TXT_KRB5_DES_64_CBC_SHA = "KRB5-DES-CBC-SHA"; +enum SSL3_TXT_KRB5_DES_192_CBC3_SHA = "KRB5-DES-CBC3-SHA"; +enum SSL3_TXT_KRB5_RC4_128_SHA = "KRB5-RC4-SHA"; +enum SSL3_TXT_KRB5_IDEA_128_CBC_SHA = "KRB5-IDEA-CBC-SHA"; +enum SSL3_TXT_KRB5_DES_64_CBC_MD5 = "KRB5-DES-CBC-MD5"; +enum SSL3_TXT_KRB5_DES_192_CBC3_MD5 = "KRB5-DES-CBC3-MD5"; +enum SSL3_TXT_KRB5_RC4_128_MD5 = "KRB5-RC4-MD5"; +enum SSL3_TXT_KRB5_IDEA_128_CBC_MD5 = "KRB5-IDEA-CBC-MD5"; + +enum SSL3_TXT_KRB5_DES_40_CBC_SHA = "EXP-KRB5-DES-CBC-SHA"; +enum SSL3_TXT_KRB5_RC2_40_CBC_SHA = "EXP-KRB5-RC2-CBC-SHA"; +enum SSL3_TXT_KRB5_RC4_40_SHA = "EXP-KRB5-RC4-SHA"; +enum SSL3_TXT_KRB5_DES_40_CBC_MD5 = "EXP-KRB5-DES-CBC-MD5"; +enum SSL3_TXT_KRB5_RC2_40_CBC_MD5 = "EXP-KRB5-RC2-CBC-MD5"; +enum SSL3_TXT_KRB5_RC4_40_MD5 = "EXP-KRB5-RC4-MD5"; + +enum SSL3_SSL_SESSION_ID_LENGTH = 32; +enum SSL3_MAX_SSL_SESSION_ID_LENGTH = 32; + +enum SSL3_MASTER_SECRET_SIZE = 48; +enum SSL3_RANDOM_SIZE = 32; +enum SSL3_SESSION_ID_SIZE = 32; +enum SSL3_RT_HEADER_LENGTH = 5; + +/+ +version(SSL3_ALIGN_PAYLOAD) {} else { + /* Some will argue that this increases memory footprint, but it's + * not actually true. Point is that malloc has to return at least + * 64-bit aligned pointers, meaning that allocating 5 bytes wastes + * 3 bytes in either case. Suggested pre-gaping simply moves these + * wasted bytes from the end of allocated region to its front, + * but makes data payload aligned, which improves performance:-) */ +# define SSL3_ALIGN_PAYLOAD 8 +#else +# if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0 +# error "insane SSL3_ALIGN_PAYLOAD" +# undef SSL3_ALIGN_PAYLOAD +# endif +#endif+/ + +/* This is the maximum MAC (digest) size used by the SSL library. + * Currently maximum of 20 is used by SHA1, but we reserve for + * future extension for 512-bit hashes. + */ + +enum SSL3_RT_MAX_MD_SIZE = 64; + +/* Maximum block size used in all ciphersuites. Currently 16 for AES. + */ + +enum SSL_RT_MAX_CIPHER_BLOCK_SIZE = 16; + +enum SSL3_RT_MAX_EXTRA = (16384); + +/* Maximum plaintext length: defined by SSL/TLS standards */ +enum SSL3_RT_MAX_PLAIN_LENGTH = 16384; +/* Maximum compression overhead: defined by SSL/TLS standards */ +enum SSL3_RT_MAX_COMPRESSED_OVERHEAD = 1024; + +/* The standards give a maximum encryption overhead of 1024 bytes. + * In practice the value is lower than this. The overhead is the maximum + * number of padding bytes (256) plus the mac size. + */ +enum SSL3_RT_MAX_ENCRYPTED_OVERHEAD = (256 + SSL3_RT_MAX_MD_SIZE); + +/* OpenSSL currently only uses a padding length of at most one block so + * the send overhead is smaller. + */ + +enum SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD = + (SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE); + +/* If compression isn't used don't include the compression overhead */ + +version (OPENSSL_NO_COMP) { + enum SSL3_RT_MAX_COMPRESSED_LENGTH = SSL3_RT_MAX_PLAIN_LENGTH; +} else { + enum SSL3_RT_MAX_COMPRESSED_LENGTH = + (SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD); +} +enum SSL3_RT_MAX_ENCRYPTED_LENGTH = + (SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH); +enum SSL3_RT_MAX_PACKET_SIZE = + (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH); + +enum SSL3_MD_CLIENT_FINISHED_CONST = "\x43\x4C\x4E\x54"; +enum SSL3_MD_SERVER_FINISHED_CONST = "\x53\x52\x56\x52"; + +enum SSL3_VERSION = 0x0300; +enum SSL3_VERSION_MAJOR = 0x03; +enum SSL3_VERSION_MINOR = 0x00; + +enum SSL3_RT_CHANGE_CIPHER_SPEC = 20; +enum SSL3_RT_ALERT = 21; +enum SSL3_RT_HANDSHAKE = 22; +enum SSL3_RT_APPLICATION_DATA = 23; +enum TLS1_RT_HEARTBEAT = 24; + +enum SSL3_AL_WARNING = 1; +enum SSL3_AL_FATAL = 2; + +enum SSL3_AD_CLOSE_NOTIFY = 0; +enum SSL3_AD_UNEXPECTED_MESSAGE = 10; /* fatal */ +enum SSL3_AD_BAD_RECORD_MAC = 20; /* fatal */ +enum SSL3_AD_DECOMPRESSION_FAILURE = 30; /* fatal */ +enum SSL3_AD_HANDSHAKE_FAILURE = 40; /* fatal */ +enum SSL3_AD_NO_CERTIFICATE = 41; +enum SSL3_AD_BAD_CERTIFICATE = 42; +enum SSL3_AD_UNSUPPORTED_CERTIFICATE = 43; +enum SSL3_AD_CERTIFICATE_REVOKED = 44; +enum SSL3_AD_CERTIFICATE_EXPIRED = 45; +enum SSL3_AD_CERTIFICATE_UNKNOWN = 46; +enum SSL3_AD_ILLEGAL_PARAMETER = 47; /* fatal */ + +enum TLS1_HB_REQUEST = 1; +enum TLS1_HB_RESPONSE = 2; + +version(OPENSSL_NO_SSL_INTERN) {} else { + +struct ssl3_record_st { +/*r */ int type; /* type of record */ +/*rw*/ uint length; /* How many bytes available */ +/*r */ uint off; /* read/write offset into 'buf' */ +/*rw*/ ubyte* data; /* pointer to the record data */ +/*rw*/ ubyte* input; /* where the decode bytes are */ +/*r */ ubyte* comp; /* only used with decompression - malloc()ed */ +/*r */ c_ulong epoch; /* epoch number, needed by DTLS1 */ +/*r */ ubyte[8] seq_num; /* sequence number, needed by DTLS1 */ + } +alias ssl3_record_st SSL3_RECORD; + +struct ssl3_buffer_st { + ubyte* buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes, + * see ssl3_setup_buffers() */ + size_t len; /* buffer size */ + int offset; /* where to 'copy from' */ + int left; /* how many bytes left */ + } +alias ssl3_buffer_st SSL3_BUFFER; + +} + +enum SSL3_CT_RSA_SIGN = 1; +enum SSL3_CT_DSS_SIGN = 2; +enum SSL3_CT_RSA_FIXED_DH = 3; +enum SSL3_CT_DSS_FIXED_DH = 4; +enum SSL3_CT_RSA_EPHEMERAL_DH = 5; +enum SSL3_CT_DSS_EPHEMERAL_DH = 6; +enum SSL3_CT_FORTEZZA_DMS = 20; +/* SSL3_CT_NUMBER is used to size arrays and it must be large + * enough to contain all of the cert types defined either for + * SSLv3 and TLSv1. + */ +enum SSL3_CT_NUMBER = 9; + + +enum SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS = 0x0001; +enum SSL3_FLAGS_DELAY_CLIENT_FINISHED = 0x0002; +enum SSL3_FLAGS_POP_BUFFER = 0x0004; +enum TLS1_FLAGS_TLS_PADDING_BUG = 0x0008; +enum TLS1_FLAGS_SKIP_CERT_VERIFY = 0x0010; +enum TLS1_FLAGS_KEEP_HANDSHAKE = 0x0020; + +/* SSL3_FLAGS_SGC_RESTART_DONE is set when we + * restart a handshake because of MS SGC and so prevents us + * from restarting the handshake in a loop. It's reset on a + * renegotiation, so effectively limits the client to one restart + * per negotiation. This limits the possibility of a DDoS + * attack where the client handshakes in a loop using SGC to + * restart. Servers which permit renegotiation can still be + * effected, but we can't prevent that. + */ +enum SSL3_FLAGS_SGC_RESTART_DONE = 0x0040; + +version(OPENSSL_NO_SSL_INTERN) {} else { + +struct ssl3_state_st + { + c_long flags; + int delay_buf_pop_ret; + + ubyte[8] read_sequence; + int read_mac_secret_size; + ubyte[EVP_MAX_MD_SIZE] read_mac_secret; + ubyte[8] write_sequence; + int write_mac_secret_size; + ubyte[EVP_MAX_MD_SIZE] write_mac_secret; + + ubyte[SSL3_RANDOM_SIZE] server_random; + ubyte[SSL3_RANDOM_SIZE] client_random; + + /* flags for countermeasure against known-IV weakness */ + int need_empty_fragments; + int empty_fragment_done; + + /* The value of 'extra' when the buffers were initialized */ + int init_extra; + + SSL3_BUFFER rbuf; /* read IO goes into here */ + SSL3_BUFFER wbuf; /* write IO goes into here */ + + SSL3_RECORD rrec; /* each decoded record goes in here */ + SSL3_RECORD wrec; /* goes out from here */ + + /* storage for Alert/Handshake protocol data received but not + * yet processed by ssl3_read_bytes: */ + ubyte[2] alert_fragment; + uint alert_fragment_len; + ubyte[4] handshake_fragment; + uint handshake_fragment_len; + + /* partial write - check the numbers match */ + uint wnum; /* number of bytes sent so far */ + int wpend_tot; /* number bytes written */ + int wpend_type; + int wpend_ret; /* number of bytes submitted */ + const(ubyte)* wpend_buf; + + /* used during startup, digest all incoming/outgoing packets */ + BIO* handshake_buffer; + /* When set of handshake digests is determined, buffer is hashed + * and freed and MD_CTX-es for all required digests are stored in + * this array */ + EVP_MD_CTX** handshake_dgst; + /* this is set whenerver we see a change_cipher_spec message + * come in when we are not looking for one */ + int change_cipher_spec; + + int warn_alert; + int fatal_alert; + /* we allow one fatal and one warning alert to be outstanding, + * send close alert via the warning alert */ + int alert_dispatch; + ubyte[2] send_alert; + + /* This flag is set when we should renegotiate ASAP, basically when + * there is no more data in the read or write buffers */ + int renegotiate; + int total_renegotiations; + int num_renegotiations; + + int in_read_app_data; + + /* Opaque PRF input as used for the current handshake. + * These fields are used only if TLSEXT_TYPE_opaque_prf_input is defined + * (otherwise, they are merely present to improve binary compatibility) */ + void* client_opaque_prf_input; + size_t client_opaque_prf_input_len; + void* server_opaque_prf_input; + size_t server_opaque_prf_input_len; + + struct tmp_ { + /* actually only needs to be 16+20 */ + ubyte[EVP_MAX_MD_SIZE*2] cert_verify_md; + + /* actually only need to be 16+20 for SSLv3 and 12 for TLS */ + ubyte[EVP_MAX_MD_SIZE*2] finish_md; + int finish_md_len; + ubyte[EVP_MAX_MD_SIZE*2] peer_finish_md; + int peer_finish_md_len; + + c_ulong message_size; + int message_type; + + /* used to hold the new cipher we are going to use */ + const(SSL_CIPHER)* new_cipher; +version(OPENSSL_NO_DH) {} else { + DH* dh; +} + +version(OPENSSL_NO_ECDH) {} else { + EC_KEY* ecdh; /* holds short lived ECDH key */ +} + + /* used when SSL_ST_FLUSH_DATA is entered */ + int next_state; + + int reuse_message; + + /* used for certificate requests */ + int cert_req; + int ctype_num; + char[SSL3_CT_NUMBER] ctype; + STACK_OF!(X509_NAME) *ca_names; + + int use_rsa_tmp; + + int key_block_length; + ubyte* key_block; + + const(EVP_CIPHER)* new_sym_enc; + const(EVP_MD)* new_hash; + int new_mac_pkey_type; + int new_mac_secret_size; +version(OPENSSL_NO_COMP) { + char* new_compression; +} else { + const(SSL_COMP)* new_compression; +} + int cert_request; + } + tmp_ tmp; + + /* Connection binding to prevent renegotiation attacks */ + ubyte[EVP_MAX_MD_SIZE] previous_client_finished; + ubyte previous_client_finished_len; + ubyte[EVP_MAX_MD_SIZE] previous_server_finished; + ubyte previous_server_finished_len; + int send_connection_binding; /* TODOEKR */ + +version(OPENSSL_NO_NEXTPROTONEG) {} else { + /* Set if we saw the Next Protocol Negotiation extension from our peer. */ + int next_proto_neg_seen; +} + +version(OPENSSL_NO_TLSEXT) {} else { +version(OPENSSL_NO_EC) {} else { + /* This is set to true if we believe that this is a version of Safari + * running on OS X 10.6 or newer. We wish to know this because Safari + * on 10.8 .. 10.8.3 has broken ECDHE-ECDSA support. */ + char is_probably_safari; +} /* !OPENSSL_NO_EC */ +} /* !OPENSSL_NO_TLSEXT */ + } +alias ssl3_state_st SSL3_STATE; + +} + +/* SSLv3 */ +/*client */ +/* extra state */ +enum SSL3_ST_CW_FLUSH = (0x100|SSL_ST_CONNECT); +version(OPENSSL_NO_SCTP) {} else { +enum DTLS1_SCTP_ST_CW_WRITE_SOCK = (0x310|SSL_ST_CONNECT); +enum DTLS1_SCTP_ST_CR_READ_SOCK = (0x320|SSL_ST_CONNECT); +} +/* write to server */ +enum SSL3_ST_CW_CLNT_HELLO_A = (0x110|SSL_ST_CONNECT); +enum SSL3_ST_CW_CLNT_HELLO_B = (0x111|SSL_ST_CONNECT); +/* read from server */ +enum SSL3_ST_CR_SRVR_HELLO_A = (0x120|SSL_ST_CONNECT); +enum SSL3_ST_CR_SRVR_HELLO_B = (0x121|SSL_ST_CONNECT); +enum DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A = (0x126|SSL_ST_CONNECT); +enum DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B = (0x127|SSL_ST_CONNECT); +enum SSL3_ST_CR_CERT_A = (0x130|SSL_ST_CONNECT); +enum SSL3_ST_CR_CERT_B = (0x131|SSL_ST_CONNECT); +enum SSL3_ST_CR_KEY_EXCH_A = (0x140|SSL_ST_CONNECT); +enum SSL3_ST_CR_KEY_EXCH_B = (0x141|SSL_ST_CONNECT); +enum SSL3_ST_CR_CERT_REQ_A = (0x150|SSL_ST_CONNECT); +enum SSL3_ST_CR_CERT_REQ_B = (0x151|SSL_ST_CONNECT); +enum SSL3_ST_CR_SRVR_DONE_A = (0x160|SSL_ST_CONNECT); +enum SSL3_ST_CR_SRVR_DONE_B = (0x161|SSL_ST_CONNECT); +/* write to server */ +enum SSL3_ST_CW_CERT_A = (0x170|SSL_ST_CONNECT); +enum SSL3_ST_CW_CERT_B = (0x171|SSL_ST_CONNECT); +enum SSL3_ST_CW_CERT_C = (0x172|SSL_ST_CONNECT); +enum SSL3_ST_CW_CERT_D = (0x173|SSL_ST_CONNECT); +enum SSL3_ST_CW_KEY_EXCH_A = (0x180|SSL_ST_CONNECT); +enum SSL3_ST_CW_KEY_EXCH_B = (0x181|SSL_ST_CONNECT); +enum SSL3_ST_CW_CERT_VRFY_A = (0x190|SSL_ST_CONNECT); +enum SSL3_ST_CW_CERT_VRFY_B = (0x191|SSL_ST_CONNECT); +enum SSL3_ST_CW_CHANGE_A = (0x1A0|SSL_ST_CONNECT); +enum SSL3_ST_CW_CHANGE_B = (0x1A1|SSL_ST_CONNECT); +version(OPENSSL_NO_NEXTPROTONEG) {} else { +enum SSL3_ST_CW_NEXT_PROTO_A = (0x200|SSL_ST_CONNECT); +enum SSL3_ST_CW_NEXT_PROTO_B = (0x201|SSL_ST_CONNECT); +} +enum SSL3_ST_CW_FINISHED_A = (0x1B0|SSL_ST_CONNECT); +enum SSL3_ST_CW_FINISHED_B = (0x1B1|SSL_ST_CONNECT); +/* read from server */ +enum SSL3_ST_CR_CHANGE_A = (0x1C0|SSL_ST_CONNECT); +enum SSL3_ST_CR_CHANGE_B = (0x1C1|SSL_ST_CONNECT); +enum SSL3_ST_CR_FINISHED_A = (0x1D0|SSL_ST_CONNECT); +enum SSL3_ST_CR_FINISHED_B = (0x1D1|SSL_ST_CONNECT); +enum SSL3_ST_CR_SESSION_TICKET_A = (0x1E0|SSL_ST_CONNECT); +enum SSL3_ST_CR_SESSION_TICKET_B = (0x1E1|SSL_ST_CONNECT); +enum SSL3_ST_CR_CERT_STATUS_A = (0x1F0|SSL_ST_CONNECT); +enum SSL3_ST_CR_CERT_STATUS_B = (0x1F1|SSL_ST_CONNECT); + +/* server */ +/* extra state */ +enum SSL3_ST_SW_FLUSH = (0x100|SSL_ST_ACCEPT); +version(OPENSSL_NO_SCTP) {} else { +enum DTLS1_SCTP_ST_SW_WRITE_SOCK = (0x310|SSL_ST_ACCEPT); +enum DTLS1_SCTP_ST_SR_READ_SOCK = (0x320|SSL_ST_ACCEPT); +} +/* read from client */ +/* Do not change the number values, they do matter */ +enum SSL3_ST_SR_CLNT_HELLO_A = (0x110|SSL_ST_ACCEPT); +enum SSL3_ST_SR_CLNT_HELLO_B = (0x111|SSL_ST_ACCEPT); +enum SSL3_ST_SR_CLNT_HELLO_C = (0x112|SSL_ST_ACCEPT); +/* write to client */ +enum DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A = (0x113|SSL_ST_ACCEPT); +enum DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B = (0x114|SSL_ST_ACCEPT); +enum SSL3_ST_SW_HELLO_REQ_A = (0x120|SSL_ST_ACCEPT); +enum SSL3_ST_SW_HELLO_REQ_B = (0x121|SSL_ST_ACCEPT); +enum SSL3_ST_SW_HELLO_REQ_C = (0x122|SSL_ST_ACCEPT); +enum SSL3_ST_SW_SRVR_HELLO_A = (0x130|SSL_ST_ACCEPT); +enum SSL3_ST_SW_SRVR_HELLO_B = (0x131|SSL_ST_ACCEPT); +enum SSL3_ST_SW_CERT_A = (0x140|SSL_ST_ACCEPT); +enum SSL3_ST_SW_CERT_B = (0x141|SSL_ST_ACCEPT); +enum SSL3_ST_SW_KEY_EXCH_A = (0x150|SSL_ST_ACCEPT); +enum SSL3_ST_SW_KEY_EXCH_B = (0x151|SSL_ST_ACCEPT); +enum SSL3_ST_SW_CERT_REQ_A = (0x160|SSL_ST_ACCEPT); +enum SSL3_ST_SW_CERT_REQ_B = (0x161|SSL_ST_ACCEPT); +enum SSL3_ST_SW_SRVR_DONE_A = (0x170|SSL_ST_ACCEPT); +enum SSL3_ST_SW_SRVR_DONE_B = (0x171|SSL_ST_ACCEPT); +/* read from client */ +enum SSL3_ST_SR_CERT_A = (0x180|SSL_ST_ACCEPT); +enum SSL3_ST_SR_CERT_B = (0x181|SSL_ST_ACCEPT); +enum SSL3_ST_SR_KEY_EXCH_A = (0x190|SSL_ST_ACCEPT); +enum SSL3_ST_SR_KEY_EXCH_B = (0x191|SSL_ST_ACCEPT); +enum SSL3_ST_SR_CERT_VRFY_A = (0x1A0|SSL_ST_ACCEPT); +enum SSL3_ST_SR_CERT_VRFY_B = (0x1A1|SSL_ST_ACCEPT); +enum SSL3_ST_SR_CHANGE_A = (0x1B0|SSL_ST_ACCEPT); +enum SSL3_ST_SR_CHANGE_B = (0x1B1|SSL_ST_ACCEPT); +version(OPENSSL_NO_NEXTPROTONEG) {} else { +enum SSL3_ST_SR_NEXT_PROTO_A = (0x210|SSL_ST_ACCEPT); +enum SSL3_ST_SR_NEXT_PROTO_B = (0x211|SSL_ST_ACCEPT); +} +enum SSL3_ST_SR_FINISHED_A = (0x1C0|SSL_ST_ACCEPT); +enum SSL3_ST_SR_FINISHED_B = (0x1C1|SSL_ST_ACCEPT); +/* write to client */ +enum SSL3_ST_SW_CHANGE_A = (0x1D0|SSL_ST_ACCEPT); +enum SSL3_ST_SW_CHANGE_B = (0x1D1|SSL_ST_ACCEPT); +enum SSL3_ST_SW_FINISHED_A = (0x1E0|SSL_ST_ACCEPT); +enum SSL3_ST_SW_FINISHED_B = (0x1E1|SSL_ST_ACCEPT); +enum SSL3_ST_SW_SESSION_TICKET_A = (0x1F0|SSL_ST_ACCEPT); +enum SSL3_ST_SW_SESSION_TICKET_B = (0x1F1|SSL_ST_ACCEPT); +enum SSL3_ST_SW_CERT_STATUS_A = (0x200|SSL_ST_ACCEPT); +enum SSL3_ST_SW_CERT_STATUS_B = (0x201|SSL_ST_ACCEPT); + +enum SSL3_MT_HELLO_REQUEST = 0; +enum SSL3_MT_CLIENT_HELLO = 1; +enum SSL3_MT_SERVER_HELLO = 2; +enum SSL3_MT_NEWSESSION_TICKET = 4; +enum SSL3_MT_CERTIFICATE = 11; +enum SSL3_MT_SERVER_KEY_EXCHANGE = 12; +enum SSL3_MT_CERTIFICATE_REQUEST = 13; +enum SSL3_MT_SERVER_DONE = 14; +enum SSL3_MT_CERTIFICATE_VERIFY = 15; +enum SSL3_MT_CLIENT_KEY_EXCHANGE = 16; +enum SSL3_MT_FINISHED = 20; +enum SSL3_MT_CERTIFICATE_STATUS = 22; +version(OPENSSL_NO_NEXTPROTONEG) {} else { +enum SSL3_MT_NEXT_PROTO = 67; +} +enum DTLS1_MT_HELLO_VERIFY_REQUEST = 3; + + +enum SSL3_MT_CCS = 1; + +/* These are used when changing over to a new cipher */ +enum SSL3_CC_READ = 0x01; +enum SSL3_CC_WRITE = 0x02; +enum SSL3_CC_CLIENT = 0x10; +enum SSL3_CC_SERVER = 0x20; +enum SSL3_CHANGE_CIPHER_CLIENT_WRITE = (SSL3_CC_CLIENT|SSL3_CC_WRITE); +enum SSL3_CHANGE_CIPHER_SERVER_READ = (SSL3_CC_SERVER|SSL3_CC_READ); +enum SSL3_CHANGE_CIPHER_CLIENT_READ = (SSL3_CC_CLIENT|SSL3_CC_READ); +enum SSL3_CHANGE_CIPHER_SERVER_WRITE = (SSL3_CC_SERVER|SSL3_CC_WRITE); diff --git a/deimos/openssl/stack.d b/deimos/openssl/stack.d new file mode 100644 index 0000000..c240993 --- /dev/null +++ b/deimos/openssl/stack.d @@ -0,0 +1,168 @@ +/* crypto/stack/stack.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.stack; + +import deimos.openssl._d_util; +import deimos.openssl.opensslv; + +extern (C): +nothrow: + +struct stack_st { + int num; + char** data; + int sorted; + + int num_alloc; + ExternC!(int function(const(void)*, const(void)*)) comp; + } +alias stack_st _STACK; /* Use STACK_OF(...) instead */ + +int M_sk_num()(_STACK* sk) { return (sk ? sk.num : -1); } +char* M_sk_value()(_STACK* sk, size_t n) { return (sk ? sk.data[n] : null); } + +/******************************************************************************* + + Starting from OpenSSL v1.1.0, the `sk_*` functions are prefixed with + `OPENSSL_`, so e.g. `sk_num` becomes `OPENSSL_sk_num`. + + To cope with that and provide downstream with an easier interface to deal + with, we always provide the `OPENSSL_` methods, as they are just `extern(C)` + anyway, and we either provide `sk_*` as `alias`es or `extern (C)`. + + The need for aliases comes from users of those binding, e.g. `safestack`. + +*******************************************************************************/ + +static if (OPENSSL_VERSION_AT_LEAST(1, 1)) +{ + int OPENSSL_sk_num(const(_STACK)*); + void* OPENSSL_sk_value(const(_STACK)*, int); + + void* OPENSSL_sk_set(_STACK*, int, void*); + + _STACK* OPENSSL_sk_new(ExternC!(int function(const(void)*, const(void)*)) cmp); + _STACK* OPENSSL_sk_new_null(); + void OPENSSL_sk_free(_STACK*); + void OPENSSL_sk_pop_free(_STACK* st, ExternC!(void function(void*)) func); + int OPENSSL_sk_insert(_STACK* sk, void* data, int where); + void* OPENSSL_sk_delete(_STACK* st, int loc); + void* OPENSSL_sk_delete_ptr(_STACK* st, void* p); + int OPENSSL_sk_find(_STACK* st, void* data); + int OPENSSL_sk_find_ex(_STACK* st, void* data); + int OPENSSL_sk_push(_STACK* st, void* data); + int OPENSSL_sk_unshift(_STACK* st, void* data); + void* OPENSSL_sk_shift(_STACK* st); + void* OPENSSL_sk_pop(_STACK* st); + void OPENSSL_sk_zero(_STACK* st); + int function(const(void)*, const(void)*) OPENSSL_sk_set_cmp_func(_STACK* sk, ExternC!(int function(const(void)*, const(void)*)) c); + _STACK* OPENSSL_sk_dup(_STACK* st); + void OPENSSL_sk_sort(_STACK* st); + int OPENSSL_sk_is_sorted(const(_STACK)* st); + + alias sk_num = OPENSSL_sk_num; + alias sk_value = OPENSSL_sk_value; + alias sk_set = OPENSSL_sk_set; + + alias sk_new = OPENSSL_sk_new; + alias sk_new_null = OPENSSL_sk_new_null; + alias sk_free = OPENSSL_sk_free; + alias sk_pop_free = OPENSSL_sk_pop_free; + alias sk_insert = OPENSSL_sk_insert; + alias sk_delete = OPENSSL_sk_delete; + alias sk_delete_ptr = OPENSSL_sk_delete_ptr; + alias sk_find = OPENSSL_sk_find; + alias sk_find_ex = OPENSSL_sk_find_ex; + + alias sk_push = OPENSSL_sk_push; + alias sk_unshift = OPENSSL_sk_unshift; + alias sk_shift = OPENSSL_sk_shift; + alias sk_pop = OPENSSL_sk_pop; + alias sk_zero = OPENSSL_sk_zero; + alias sk_set_cmp_func = OPENSSL_sk_set_cmp_func; + alias sk_dup = OPENSSL_sk_dup; + alias sk_sort = OPENSSL_sk_sort; + alias sk_is_sorted = OPENSSL_sk_is_sorted; +} +else +{ + int sk_num(const(_STACK)*); + void* sk_value(const(_STACK)*, int); + + void* sk_set(_STACK*, int, void*); + + _STACK* sk_new(ExternC!(int function(const(void)*, const(void)*)) cmp); + _STACK* sk_new_null(); + void sk_free(_STACK*); + void sk_pop_free(_STACK* st, ExternC!(void function(void*)) func); + int sk_insert(_STACK* sk, void* data, int where); + void* sk_delete(_STACK* st, int loc); + void* sk_delete_ptr(_STACK* st, void* p); + int sk_find(_STACK* st, void* data); + int sk_find_ex(_STACK* st, void* data); + int sk_push(_STACK* st, void* data); + int sk_unshift(_STACK* st, void* data); + void* sk_shift(_STACK* st); + void* sk_pop(_STACK* st); + void sk_zero(_STACK* st); + int function(const(void)*, const(void)*) sk_set_cmp_func(_STACK* sk, ExternC!(int function(const(void)*, const(void)*)) c); + _STACK* sk_dup(_STACK* st); + void sk_sort(_STACK* st); + int sk_is_sorted(const(_STACK)* st); +} diff --git a/deimos/openssl/symhacks.d b/deimos/openssl/symhacks.d new file mode 100644 index 0000000..97b15ca --- /dev/null +++ b/deimos/openssl/symhacks.d @@ -0,0 +1,64 @@ +/* ==================================================================== + * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +module deimos.openssl.symhacks; + +import deimos.openssl._d_util; + +public import deimos.openssl.e_os2; + +/* + * The hacks for certain linkers being incapable of dealing with longer + * symbol names do not apply to D, as it doesn't run on Win16, VMS, or OS/2. + */ diff --git a/deimos/openssl/tls1.d b/deimos/openssl/tls1.d new file mode 100644 index 0000000..8ea85a6 --- /dev/null +++ b/deimos/openssl/tls1.d @@ -0,0 +1,763 @@ +/* ssl/tls1.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +/* ==================================================================== + * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * Portions of the attached software ("Contribution") are developed by + * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. + * + * The Contribution is licensed pursuant to the OpenSSL open source + * license provided above. + * + * ECC cipher suite support in OpenSSL originally written by + * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories. + * + */ +/* ==================================================================== + * Copyright 2005 Nokia. All rights reserved. + * + * The portions of the attached software ("Contribution") is developed by + * Nokia Corporation and is licensed pursuant to the OpenSSL open source + * license. + * + * The Contribution, originally written by Mika Kousa and Pasi Eronen of + * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites + * support (see RFC 4279) to OpenSSL. + * + * No patent licenses or other rights except those expressly stated in + * the OpenSSL open source license shall be deemed granted or received + * expressly, by implication, estoppel, or otherwise. + * + * No assurances are provided by Nokia that the Contribution does not + * infringe the patent or other intellectual property rights of any third + * party or that the license provides you with all the necessary rights + * to make use of the Contribution. + * + * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN + * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA + * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY + * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR + * OTHERWISE. + */ + +module deimos.openssl.tls1; + +import deimos.openssl._d_util; + +import deimos.openssl.ssl; // Needed for SSL_CTX_*. +public import deimos.openssl.buffer; + +extern (C): +nothrow: + +enum TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES = 0; + +enum TLS1_2_VERSION = 0x0303; +enum TLS1_2_VERSION_MAJOR = 0x03; +enum TLS1_2_VERSION_MINOR = 0x03; + +enum TLS1_1_VERSION = 0x0302; +enum TLS1_1_VERSION_MAJOR = 0x03; +enum TLS1_1_VERSION_MINOR = 0x02; + +enum TLS1_VERSION = 0x0301; +enum TLS1_VERSION_MAJOR = 0x03; +enum TLS1_VERSION_MINOR = 0x01; + +auto TLS1_get_version()(const(SSL)* s) { + return (s.version_ >> 8) == TLS1_VERSION_MAJOR ? s.version_ : 0; +} + +auto TLS1_get_client_version()(const(SSL)* s) { + return (s.version_ >> 8) == TLS1_VERSION_MAJOR ? s.client_version : 0; +} + +enum TLS1_AD_DECRYPTION_FAILED = 21; +enum TLS1_AD_RECORD_OVERFLOW = 22; +enum TLS1_AD_UNKNOWN_CA = 48; /* fatal */ +enum TLS1_AD_ACCESS_DENIED = 49; /* fatal */ +enum TLS1_AD_DECODE_ERROR = 50; /* fatal */ +enum TLS1_AD_DECRYPT_ERROR = 51; +enum TLS1_AD_EXPORT_RESTRICTION = 60; /* fatal */ +enum TLS1_AD_PROTOCOL_VERSION = 70; /* fatal */ +enum TLS1_AD_INSUFFICIENT_SECURITY = 71; /* fatal */ +enum TLS1_AD_INTERNAL_ERROR = 80; /* fatal */ +enum TLS1_AD_USER_CANCELLED = 90; +enum TLS1_AD_NO_RENEGOTIATION = 100; +/* codes 110-114 are from RFC3546 */ +enum TLS1_AD_UNSUPPORTED_EXTENSION = 110; +enum TLS1_AD_CERTIFICATE_UNOBTAINABLE = 111; +enum TLS1_AD_UNRECOGNIZED_NAME = 112; +enum TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE = 113; +enum TLS1_AD_BAD_CERTIFICATE_HASH_VALUE = 114; +enum TLS1_AD_UNKNOWN_PSK_IDENTITY = 115; /* fatal */ + +/* ExtensionType values from RFC3546 / RFC4366 / RFC6066 */ +enum TLSEXT_TYPE_server_name = 0; +enum TLSEXT_TYPE_max_fragment_length = 1; +enum TLSEXT_TYPE_client_certificate_url = 2; +enum TLSEXT_TYPE_trusted_ca_keys = 3; +enum TLSEXT_TYPE_truncated_hmac = 4; +enum TLSEXT_TYPE_status_request = 5; +/* ExtensionType values from RFC4681 */ +enum TLSEXT_TYPE_user_mapping = 6; + +/* ExtensionType values from RFC5878 */ +enum TLSEXT_TYPE_client_authz = 7; +enum TLSEXT_TYPE_server_authz = 8; + +/* ExtensionType values from RFC6091 */ +enum TLSEXT_TYPE_cert_type = 9; + +/* ExtensionType values from RFC4492 */ +enum TLSEXT_TYPE_elliptic_curves = 10; +enum TLSEXT_TYPE_ec_point_formats = 11; + +/* ExtensionType value from RFC5054 */ +enum TLSEXT_TYPE_srp = 12; + +/* ExtensionType values from RFC5246 */ +enum TLSEXT_TYPE_signature_algorithms = 13; + +/* ExtensionType value from RFC5764 */ +enum TLSEXT_TYPE_use_srtp = 14; + +/* ExtensionType value from RFC5620 */ +enum TLSEXT_TYPE_heartbeat = 15; + +/* ExtensionType value for TLS padding extension. + * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml + * http://tools.ietf.org/html/draft-agl-tls-padding-03 + */ +enum TLSEXT_TYPE_padding = 21; + +/* ExtensionType value from RFC4507 */ +enum TLSEXT_TYPE_session_ticket = 35; +/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */ +/+#if 0 /* will have to be provided externally for now , + * i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183 + * using whatever extension number you'd like to try */ +# define TLSEXT_TYPE_opaque_prf_input ?? */ +#endif+/ + +/* Temporary extension type */ +enum TLSEXT_TYPE_renegotiate = 0xff01; + +version(OPENSSL_NO_NEXTPROTONEG) {} else { +/* This is not an IANA defined extension number */ +enum TLSEXT_TYPE_next_proto_neg = 13172; +} + +/* NameType value from RFC 3546 */ +enum TLSEXT_NAMETYPE_host_name = 0; +/* status request value from RFC 3546 */ +enum TLSEXT_STATUSTYPE_ocsp = 1; + +/* ECPointFormat values from draft-ietf-tls-ecc-12 */ +enum TLSEXT_ECPOINTFORMAT_first = 0; +enum TLSEXT_ECPOINTFORMAT_uncompressed = 0; +enum TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime = 1; +enum TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 = 2; +enum TLSEXT_ECPOINTFORMAT_last = 2; + +/* Signature and hash algorithms from RFC 5246 */ + +enum TLSEXT_signature_anonymous = 0; +enum TLSEXT_signature_rsa = 1; +enum TLSEXT_signature_dsa = 2; +enum TLSEXT_signature_ecdsa = 3; + +enum TLSEXT_hash_none = 0; +enum TLSEXT_hash_md5 = 1; +enum TLSEXT_hash_sha1 = 2; +enum TLSEXT_hash_sha224 = 3; +enum TLSEXT_hash_sha256 = 4; +enum TLSEXT_hash_sha384 = 5; +enum TLSEXT_hash_sha512 = 6; + +version (OPENSSL_NO_TLSEXT) {} else { + +enum TLSEXT_MAXLEN_host_name = 255; + +const(char)* SSL_get_servername(const(SSL)* s, const int type); +int SSL_get_servername_type(const(SSL)* s); +/* SSL_export_keying_material exports a value derived from the master secret, + * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and + * optional context. (Since a zero length context is allowed, the |use_context| + * flag controls whether a context is included.) + * + * It returns 1 on success and zero otherwise. + */ +int SSL_export_keying_material(SSL *s, ubyte* out_, size_t olen, + const char *label, size_t llen, const(ubyte)* p, size_t plen, + int use_context); + +auto SSL_set_tlsext_host_name()(SSL* s,char* name) { + return SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,name); +} + +auto SSL_set_tlsext_debug_callback()(SSL* ssl, ExternC!(void function()) cb) { + return SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,cb); +} + +auto SSL_set_tlsext_debug_arg()(SSL* ssl, void* arg) { + return SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, arg); +} + +auto SSL_set_tlsext_status_type()(SSL* ssl, type) { + return SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type, null); +} + +auto SSL_get_tlsext_status_exts()(SSL* ssl, void* arg) { + return SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0, arg); +} + +auto SSL_set_tlsext_status_exts()(SSL* ssl, void* arg) { + return SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0, arg); +} + +auto SSL_get_tlsext_status_ids()(SSL* ssl, void* arg) { + return SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0, arg); +} + +auto SSL_set_tlsext_status_ids()(SSL* ssl, void* arg) { + return SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0, arg); +} + +auto SSL_get_tlsext_status_ocsp_resp()(SSL* ssl, void* arg) { + return SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0, arg); +} + +auto SSL_set_tlsext_status_ocsp_resp()(SSL* ssl, void* arg, void* arglen) { + return SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen, arg); +} + +auto SSL_CTX_set_tlsext_servername_callback(SSL_CTX* ctx, ExternC!(void function()) cb) { + return SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,cb); +} + +enum SSL_TLSEXT_ERR_OK = 0; +enum SSL_TLSEXT_ERR_ALERT_WARNING = 1; +enum SSL_TLSEXT_ERR_ALERT_FATAL = 2; +enum SSL_TLSEXT_ERR_NOACK = 3; + +auto SSL_CTX_set_tlsext_servername_arg(SSL_CTX* ctx, void* arg) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0,arg); +} + +auto SSL_CTX_get_tlsext_ticket_keys(SSL_CTX* ctx, c_long keylen, void* keys) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_GET_TLSEXT_TICKET_KEYS,keylen,keys); +} +auto SSL_CTX_set_tlsext_ticket_keys(SSL_CTX* ctx, c_long keylen, void* keys) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_TICKET_KEYS,keylen,keys); +} + +auto SSL_CTX_set_tlsext_status_cb(SSL_CTX* ctx, ExternC!(void function()) cb) { + return SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,cb); +} + +auto SSL_CTX_set_tlsext_status_arg(SSL_CTX* ctx, void* arg) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0,arg); +} + +auto SSL_set_tlsext_opaque_prf_input(SSL* s, void* src, c_long len) { + return SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT, len, src); +} + +auto SSL_CTX_set_tlsext_opaque_prf_input_callback(SSL_CTX* ctx, ExternC!(void function()) cb) { + return SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB, cb); +} +auto SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(SSL_CTX* ctx, void* arg) { + return SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG, 0, arg); +} + +version(OPENSSL_NO_HEARTBEATS) {} else { +enum SSL_TLSEXT_HB_ENABLED = 0x01; +enum SSL_TLSEXT_HB_DONT_SEND_REQUESTS = 0x02; +enum SSL_TLSEXT_HB_DONT_RECV_REQUESTS = 0x04; + +auto SSL_get_tlsext_heartbeat_pending()(SSL* ssl) { + return SSL_ctrl(ssl,SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING,0,null); +} +auto SSL_set_tlsext_heartbeat_no_requests()(SSL* ssl, c_long arg) { + return SSL_ctrl(ssl,SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS,arg,null); +} +} + +auto SSL_CTX_set_tlsext_ticket_key_cb()(ssl, ExternC!(void function()) cb) { + return SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,cb); +} + +} + +/* PSK ciphersuites from 4279 */ +enum TLS1_CK_PSK_WITH_RC4_128_SHA = 0x0300008A; +enum TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA = 0x0300008B; +enum TLS1_CK_PSK_WITH_AES_128_CBC_SHA = 0x0300008C; +enum TLS1_CK_PSK_WITH_AES_256_CBC_SHA = 0x0300008D; + +/* Additional TLS ciphersuites from expired Internet Draft + * draft-ietf-tls-56-bit-ciphersuites-01.txt + * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see + * s3_lib.c). We actually treat them like SSL 3.0 ciphers, which we probably + * shouldn't. Note that the first two are actually not in the IDs. */ +enum TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 = 0x03000060; /* not in ID */ +enum TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = 0x03000061; /* not in ID */ +enum TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA = 0x03000062; +enum TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA = 0x03000063; +enum TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA = 0x03000064; +enum TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA = 0x03000065; +enum TLS1_CK_DHE_DSS_WITH_RC4_128_SHA = 0x03000066; + +/* AES ciphersuites from RFC3268 */ + +enum TLS1_CK_RSA_WITH_AES_128_SHA = 0x0300002F; +enum TLS1_CK_DH_DSS_WITH_AES_128_SHA = 0x03000030; +enum TLS1_CK_DH_RSA_WITH_AES_128_SHA = 0x03000031; +enum TLS1_CK_DHE_DSS_WITH_AES_128_SHA = 0x03000032; +enum TLS1_CK_DHE_RSA_WITH_AES_128_SHA = 0x03000033; +enum TLS1_CK_ADH_WITH_AES_128_SHA = 0x03000034; + +enum TLS1_CK_RSA_WITH_AES_256_SHA = 0x03000035; +enum TLS1_CK_DH_DSS_WITH_AES_256_SHA = 0x03000036; +enum TLS1_CK_DH_RSA_WITH_AES_256_SHA = 0x03000037; +enum TLS1_CK_DHE_DSS_WITH_AES_256_SHA = 0x03000038; +enum TLS1_CK_DHE_RSA_WITH_AES_256_SHA = 0x03000039; +enum TLS1_CK_ADH_WITH_AES_256_SHA = 0x0300003A; + +/* TLS v1.2 ciphersuites */ +enum TLS1_CK_RSA_WITH_NULL_SHA256 = 0x0300003B; +enum TLS1_CK_RSA_WITH_AES_128_SHA256 = 0x0300003C; +enum TLS1_CK_RSA_WITH_AES_256_SHA256 = 0x0300003D; +enum TLS1_CK_DH_DSS_WITH_AES_128_SHA256 = 0x0300003E; +enum TLS1_CK_DH_RSA_WITH_AES_128_SHA256 = 0x0300003F; +enum TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 = 0x03000040; + +/* Camellia ciphersuites from RFC4132 */ +enum TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x03000041; +enum TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x03000042; +enum TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x03000043; +enum TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x03000044; +enum TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x03000045; +enum TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA = 0x03000046; + +/* TLS v1.2 ciphersuites */ +enum TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 = 0x03000067; +enum TLS1_CK_DH_DSS_WITH_AES_256_SHA256 = 0x03000068; +enum TLS1_CK_DH_RSA_WITH_AES_256_SHA256 = 0x03000069; +enum TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 = 0x0300006A; +enum TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 = 0x0300006B; +enum TLS1_CK_ADH_WITH_AES_128_SHA256 = 0x0300006C; +enum TLS1_CK_ADH_WITH_AES_256_SHA256 = 0x0300006D; + +/* Camellia ciphersuites from RFC4132 */ +enum TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x03000084; +enum TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x03000085; +enum TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x03000086; +enum TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x03000087; +enum TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x03000088; +enum TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA = 0x03000089; + +/* SEED ciphersuites from RFC4162 */ +enum TLS1_CK_RSA_WITH_SEED_SHA = 0x03000096; +enum TLS1_CK_DH_DSS_WITH_SEED_SHA = 0x03000097; +enum TLS1_CK_DH_RSA_WITH_SEED_SHA = 0x03000098; +enum TLS1_CK_DHE_DSS_WITH_SEED_SHA = 0x03000099; +enum TLS1_CK_DHE_RSA_WITH_SEED_SHA = 0x0300009A; +enum TLS1_CK_ADH_WITH_SEED_SHA = 0x0300009B; + +/* TLS v1.2 GCM ciphersuites from RFC5288 */ +enum TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 = 0x0300009C; +enum TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 = 0x0300009D; +enum TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x0300009E; +enum TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x0300009F; +enum TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 = 0x030000A0; +enum TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 = 0x030000A1; +enum TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x030000A2; +enum TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x030000A3; +enum TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 = 0x030000A4; +enum TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 = 0x030000A5; +enum TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 = 0x030000A6; +enum TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 = 0x030000A7; + +/* ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in draft 13 */ +enum TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA = 0x0300C001; +enum TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA = 0x0300C002; +enum TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = 0x0300C003; +enum TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0x0300C004; +enum TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0x0300C005; + +enum TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA = 0x0300C006; +enum TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA = 0x0300C007; +enum TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = 0x0300C008; +enum TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0x0300C009; +enum TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0x0300C00A; + +enum TLS1_CK_ECDH_RSA_WITH_NULL_SHA = 0x0300C00B; +enum TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA = 0x0300C00C; +enum TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA = 0x0300C00D; +enum TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA = 0x0300C00E; +enum TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA = 0x0300C00F; + +enum TLS1_CK_ECDHE_RSA_WITH_NULL_SHA = 0x0300C010; +enum TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA = 0x0300C011; +enum TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA = 0x0300C012; +enum TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0x0300C013; +enum TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0x0300C014; + +enum TLS1_CK_ECDH_anon_WITH_NULL_SHA = 0x0300C015; +enum TLS1_CK_ECDH_anon_WITH_RC4_128_SHA = 0x0300C016; +enum TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA = 0x0300C017; +enum TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA = 0x0300C018; +enum TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA = 0x0300C019; + +/* SRP ciphersuites from RFC 5054 */ +enum TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0x0300C01A; +enum TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0x0300C01B; +enum TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 0x0300C01C; +enum TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA = 0x0300C01D; +enum TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0x0300C01E; +enum TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 0x0300C01F; +enum TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA = 0x0300C020; +enum TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0x0300C021; +enum TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 0x0300C022; + +/* ECDH HMAC based ciphersuites from RFC5289 */ + +enum TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 = 0x0300C023; +enum TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 = 0x0300C024; +enum TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 = 0x0300C025; +enum TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 = 0x0300C026; +enum TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 = 0x0300C027; +enum TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 = 0x0300C028; +enum TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 = 0x0300C029; +enum TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 = 0x0300C02A; + +/* ECDH GCM based ciphersuites from RFC5289 */ +enum TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0x0300C02B; +enum TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0x0300C02C; +enum TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0x0300C02D; +enum TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0x0300C02E; +enum TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0x0300C02F; +enum TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0x0300C030; +enum TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0x0300C031; +enum TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0x0300C032; + +/* XXX + * Inconsistency alert: + * The OpenSSL names of ciphers with ephemeral DH here include the string + * "DHE", while elsewhere it has always been "EDH". + * (The alias for the list of all such ciphers also is "EDH".) + * The specifications speak of "EDH"; maybe we should allow both forms + * for everything. */ +enum TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5 = "EXP1024-RC4-MD5"; +enum TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = "EXP1024-RC2-CBC-MD5"; +enum TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA = "EXP1024-DES-CBC-SHA"; +enum TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA = "EXP1024-DHE-DSS-DES-CBC-SHA"; +enum TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA = "EXP1024-RC4-SHA"; +enum TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA = "EXP1024-DHE-DSS-RC4-SHA"; +enum TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA = "DHE-DSS-RC4-SHA"; + +/* AES ciphersuites from RFC3268 */ +enum TLS1_TXT_RSA_WITH_AES_128_SHA = "AES128-SHA"; +enum TLS1_TXT_DH_DSS_WITH_AES_128_SHA = "DH-DSS-AES128-SHA"; +enum TLS1_TXT_DH_RSA_WITH_AES_128_SHA = "DH-RSA-AES128-SHA"; +enum TLS1_TXT_DHE_DSS_WITH_AES_128_SHA = "DHE-DSS-AES128-SHA"; +enum TLS1_TXT_DHE_RSA_WITH_AES_128_SHA = "DHE-RSA-AES128-SHA"; +enum TLS1_TXT_ADH_WITH_AES_128_SHA = "ADH-AES128-SHA"; + +enum TLS1_TXT_RSA_WITH_AES_256_SHA = "AES256-SHA"; +enum TLS1_TXT_DH_DSS_WITH_AES_256_SHA = "DH-DSS-AES256-SHA"; +enum TLS1_TXT_DH_RSA_WITH_AES_256_SHA = "DH-RSA-AES256-SHA"; +enum TLS1_TXT_DHE_DSS_WITH_AES_256_SHA = "DHE-DSS-AES256-SHA"; +enum TLS1_TXT_DHE_RSA_WITH_AES_256_SHA = "DHE-RSA-AES256-SHA"; +enum TLS1_TXT_ADH_WITH_AES_256_SHA = "ADH-AES256-SHA"; + +/* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) */ +enum TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA = "ECDH-ECDSA-NULL-SHA"; +enum TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA = "ECDH-ECDSA-RC4-SHA"; +enum TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = "ECDH-ECDSA-DES-CBC3-SHA"; +enum TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA = "ECDH-ECDSA-AES128-SHA"; +enum TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA = "ECDH-ECDSA-AES256-SHA"; + +enum TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA = "ECDHE-ECDSA-NULL-SHA"; +enum TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA = "ECDHE-ECDSA-RC4-SHA"; +enum TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = "ECDHE-ECDSA-DES-CBC3-SHA"; +enum TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = "ECDHE-ECDSA-AES128-SHA"; +enum TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = "ECDHE-ECDSA-AES256-SHA"; + +enum TLS1_TXT_ECDH_RSA_WITH_NULL_SHA = "ECDH-RSA-NULL-SHA"; +enum TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA = "ECDH-RSA-RC4-SHA"; +enum TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA = "ECDH-RSA-DES-CBC3-SHA"; +enum TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA = "ECDH-RSA-AES128-SHA"; +enum TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA = "ECDH-RSA-AES256-SHA"; + +enum TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA = "ECDHE-RSA-NULL-SHA"; +enum TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA = "ECDHE-RSA-RC4-SHA"; +enum TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA = "ECDHE-RSA-DES-CBC3-SHA"; +enum TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA = "ECDHE-RSA-AES128-SHA"; +enum TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA = "ECDHE-RSA-AES256-SHA"; + +enum TLS1_TXT_ECDH_anon_WITH_NULL_SHA = "AECDH-NULL-SHA"; +enum TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA = "AECDH-RC4-SHA"; +enum TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA = "AECDH-DES-CBC3-SHA"; +enum TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA = "AECDH-AES128-SHA"; +enum TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA = "AECDH-AES256-SHA"; + +/* PSK ciphersuites from RFC 4279 */ +enum TLS1_TXT_PSK_WITH_RC4_128_SHA = "PSK-RC4-SHA"; +enum TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA = "PSK-3DES-EDE-CBC-SHA"; +enum TLS1_TXT_PSK_WITH_AES_128_CBC_SHA = "PSK-AES128-CBC-SHA"; +enum TLS1_TXT_PSK_WITH_AES_256_CBC_SHA = "PSK-AES256-CBC-SHA"; + +/* SRP ciphersuite from RFC 5054 */ +enum TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA = "SRP-3DES-EDE-CBC-SHA"; +enum TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = "SRP-RSA-3DES-EDE-CBC-SHA"; +enum TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = "SRP-DSS-3DES-EDE-CBC-SHA"; +enum TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA = "SRP-AES-128-CBC-SHA"; +enum TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = "SRP-RSA-AES-128-CBC-SHA"; +enum TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = "SRP-DSS-AES-128-CBC-SHA"; +enum TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA = "SRP-AES-256-CBC-SHA"; +enum TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = "SRP-RSA-AES-256-CBC-SHA"; +enum TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = "SRP-DSS-AES-256-CBC-SHA"; + +/* Camellia ciphersuites from RFC4132 */ +enum TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA = "CAMELLIA128-SHA"; +enum TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = "DH-DSS-CAMELLIA128-SHA"; +enum TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = "DH-RSA-CAMELLIA128-SHA"; +enum TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = "DHE-DSS-CAMELLIA128-SHA"; +enum TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = "DHE-RSA-CAMELLIA128-SHA"; +enum TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA = "ADH-CAMELLIA128-SHA"; + +enum TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA = "CAMELLIA256-SHA"; +enum TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = "DH-DSS-CAMELLIA256-SHA"; +enum TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = "DH-RSA-CAMELLIA256-SHA"; +enum TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = "DHE-DSS-CAMELLIA256-SHA"; +enum TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = "DHE-RSA-CAMELLIA256-SHA"; +enum TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA = "ADH-CAMELLIA256-SHA"; + +/* SEED ciphersuites from RFC4162 */ +enum TLS1_TXT_RSA_WITH_SEED_SHA = "SEED-SHA"; +enum TLS1_TXT_DH_DSS_WITH_SEED_SHA = "DH-DSS-SEED-SHA"; +enum TLS1_TXT_DH_RSA_WITH_SEED_SHA = "DH-RSA-SEED-SHA"; +enum TLS1_TXT_DHE_DSS_WITH_SEED_SHA = "DHE-DSS-SEED-SHA"; +enum TLS1_TXT_DHE_RSA_WITH_SEED_SHA = "DHE-RSA-SEED-SHA"; +enum TLS1_TXT_ADH_WITH_SEED_SHA = "ADH-SEED-SHA"; + +/* TLS v1.2 ciphersuites */ +enum TLS1_TXT_RSA_WITH_NULL_SHA256 = "NULL-SHA256"; +enum TLS1_TXT_RSA_WITH_AES_128_SHA256 = "AES128-SHA256"; +enum TLS1_TXT_RSA_WITH_AES_256_SHA256 = "AES256-SHA256"; +enum TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 = "DH-DSS-AES128-SHA256"; +enum TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 = "DH-RSA-AES128-SHA256"; +enum TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 = "DHE-DSS-AES128-SHA256"; +enum TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 = "DHE-RSA-AES128-SHA256"; +enum TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 = "DH-DSS-AES256-SHA256"; +enum TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 = "DH-RSA-AES256-SHA256"; +enum TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 = "DHE-DSS-AES256-SHA256"; +enum TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 = "DHE-RSA-AES256-SHA256"; +enum TLS1_TXT_ADH_WITH_AES_128_SHA256 = "ADH-AES128-SHA256"; +enum TLS1_TXT_ADH_WITH_AES_256_SHA256 = "ADH-AES256-SHA256"; + +/* TLS v1.2 GCM ciphersuites from RFC5288 */ +enum TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 = "AES128-GCM-SHA256"; +enum TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 = "AES256-GCM-SHA384"; +enum TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 = "DHE-RSA-AES128-GCM-SHA256"; +enum TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 = "DHE-RSA-AES256-GCM-SHA384"; +enum TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 = "DH-RSA-AES128-GCM-SHA256"; +enum TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 = "DH-RSA-AES256-GCM-SHA384"; +enum TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 = "DHE-DSS-AES128-GCM-SHA256"; +enum TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 = "DHE-DSS-AES256-GCM-SHA384"; +enum TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 = "DH-DSS-AES128-GCM-SHA256"; +enum TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 = "DH-DSS-AES256-GCM-SHA384"; +enum TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 = "ADH-AES128-GCM-SHA256"; +enum TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 = "ADH-AES256-GCM-SHA384"; + +/* ECDH HMAC based ciphersuites from RFC5289 */ + +enum TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 = "ECDHE-ECDSA-AES128-SHA256"; +enum TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 = "ECDHE-ECDSA-AES256-SHA384"; +enum TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 = "ECDH-ECDSA-AES128-SHA256"; +enum TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 = "ECDH-ECDSA-AES256-SHA384"; +enum TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 = "ECDHE-RSA-AES128-SHA256"; +enum TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 = "ECDHE-RSA-AES256-SHA384"; +enum TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 = "ECDH-RSA-AES128-SHA256"; +enum TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 = "ECDH-RSA-AES256-SHA384"; + +/* ECDH GCM based ciphersuites from RFC5289 */ +enum TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = "ECDHE-ECDSA-AES128-GCM-SHA256"; +enum TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = "ECDHE-ECDSA-AES256-GCM-SHA384"; +enum TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = "ECDH-ECDSA-AES128-GCM-SHA256"; +enum TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = "ECDH-ECDSA-AES256-GCM-SHA384"; +enum TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = "ECDHE-RSA-AES128-GCM-SHA256"; +enum TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = "ECDHE-RSA-AES256-GCM-SHA384"; +enum TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 = "ECDH-RSA-AES128-GCM-SHA256"; +enum TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 = "ECDH-RSA-AES256-GCM-SHA384"; + +enum TLS_CT_RSA_SIGN = 1; +enum TLS_CT_DSS_SIGN = 2; +enum TLS_CT_RSA_FIXED_DH = 3; +enum TLS_CT_DSS_FIXED_DH = 4; +enum TLS_CT_ECDSA_SIGN = 64; +enum TLS_CT_RSA_FIXED_ECDH = 65; +enum TLS_CT_ECDSA_FIXED_ECDH = 66; +enum TLS_CT_GOST94_SIGN = 21; +enum TLS_CT_GOST01_SIGN = 22; +/* when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see + * comment there) */ +enum TLS_CT_NUMBER = 9; + +enum TLS1_FINISH_MAC_LENGTH = 12; + +enum TLS_MD_MAX_CONST_SIZE = 20; +enum TLS_MD_CLIENT_FINISH_CONST = "client finished"; +enum TLS_MD_CLIENT_FINISH_CONST_SIZE = 15; +enum TLS_MD_SERVER_FINISH_CONST = "server finished"; +enum TLS_MD_SERVER_FINISH_CONST_SIZE = 15; +enum TLS_MD_SERVER_WRITE_KEY_CONST = "server write key"; +enum TLS_MD_SERVER_WRITE_KEY_CONST_SIZE = 16; +enum TLS_MD_KEY_EXPANSION_CONST = "key expansion"; +enum TLS_MD_KEY_EXPANSION_CONST_SIZE = 13; +enum TLS_MD_CLIENT_WRITE_KEY_CONST = "client write key"; +enum TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE = 16; +// Oversight in original headers: Already defined above. +// enum TLS_MD_SERVER_WRITE_KEY_CONST = "server write key"; +// enum TLS_MD_SERVER_WRITE_KEY_CONST_SIZE = 16; +enum TLS_MD_IV_BLOCK_CONST = "IV block"; +enum TLS_MD_IV_BLOCK_CONST_SIZE = 8; +enum TLS_MD_MASTER_SECRET_CONST = "master secret"; +enum TLS_MD_MASTER_SECRET_CONST_SIZE = 13; + +/+#ifdef CHARSET_EBCDIC +#undef TLS_MD_CLIENT_FINISH_CONST +enum TLS_MD_CLIENT_FINISH_CONST = "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"; /*client finished*/ +#undef TLS_MD_SERVER_FINISH_CONST +enum TLS_MD_SERVER_FINISH_CONST = "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"; /*server finished*/ +#undef TLS_MD_SERVER_WRITE_KEY_CONST +enum TLS_MD_SERVER_WRITE_KEY_CONST = "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"; /*server write key*/ +#undef TLS_MD_KEY_EXPANSION_CONST +enum TLS_MD_KEY_EXPANSION_CONST = "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"; /*key expansion*/ +#undef TLS_MD_CLIENT_WRITE_KEY_CONST +enum TLS_MD_CLIENT_WRITE_KEY_CONST = "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"; /*client write key*/ +#undef TLS_MD_SERVER_WRITE_KEY_CONST +enum TLS_MD_SERVER_WRITE_KEY_CONST = "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"; /*server write key*/ +#undef TLS_MD_IV_BLOCK_CONST +enum TLS_MD_IV_BLOCK_CONST = "\x49\x56\x20\x62\x6c\x6f\x63\x6b"; /*IV block*/ +#undef TLS_MD_MASTER_SECRET_CONST +enum TLS_MD_MASTER_SECRET_CONST = "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"; /*master secret*/ +#endif+/ + +/* TLS Session Ticket extension struct */ +struct tls_session_ticket_ext_st + { + ushort length; + void* data; + }; diff --git a/deimos/openssl/ts.d b/deimos/openssl/ts.d new file mode 100644 index 0000000..a0d4521 --- /dev/null +++ b/deimos/openssl/ts.d @@ -0,0 +1,854 @@ +/* crypto/ts/ts.h */ +/* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL + * project 2002, 2003, 2004. + */ +/* ==================================================================== + * Copyright (c) 2006 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +module deimos.openssl.ts; + +import deimos.openssl._d_util; + +public import deimos.openssl.opensslconf; +public import deimos.openssl.symhacks; +version(OPENSSL_NO_BUFFER) {} else { +public import deimos.openssl.buffer; +} +version(OPENSSL_NO_EVP) {} else { +public import deimos.openssl.evp; +} +version(OPENSSL_NO_BIO) {} else { +public import deimos.openssl.bio; +} +public import deimos.openssl.stack; +public import deimos.openssl.asn1; +public import deimos.openssl.safestack; +public import deimos.openssl.pkcs7; + +version(OPENSSL_NO_RSA) {} else { +public import deimos.openssl.rsa; +} + +version(OPENSSL_NO_DSA) {} else { +public import deimos.openssl.dsa; +} + +version(OPENSSL_NO_DH) {} else { +public import deimos.openssl.dh; +} + +extern (C): +nothrow: + +// #ifdef WIN32 +// /* Under Win32 this is defined in wincrypt.h */ +// #undef X509_NAME +// #endif + +public import deimos.openssl.x509; +public import deimos.openssl.x509v3; + +/* +MessageImprint ::= SEQUENCE { + hashAlgorithm AlgorithmIdentifier, + hashedMessage OCTET STRING } +*/ + +struct TS_msg_imprint_st { + X509_ALGOR* hash_algo; + ASN1_OCTET_STRING* hashed_msg; + } +alias TS_msg_imprint_st TS_MSG_IMPRINT; + +/* +TimeStampReq ::= SEQUENCE { + version INTEGER { v1(1) }, + messageImprint MessageImprint, + --a hash algorithm OID and the hash value of the data to be + --time-stamped + reqPolicy TSAPolicyId OPTIONAL, + nonce INTEGER OPTIONAL, + certReq BOOLEAN DEFAULT FALSE, + extensions [0] IMPLICIT Extensions OPTIONAL } +*/ + +struct TS_req_st { + ASN1_INTEGER* version_; + TS_MSG_IMPRINT* msg_imprint; + ASN1_OBJECT* policy_id; /* OPTIONAL */ + ASN1_INTEGER* nonce; /* OPTIONAL */ + ASN1_BOOLEAN cert_req; /* DEFAULT FALSE */ + STACK_OF!(X509_EXTENSION) *extensions; /* [0] OPTIONAL */ + } +alias TS_req_st TS_REQ; + +/* +Accuracy ::= SEQUENCE { + seconds INTEGER OPTIONAL, + millis [0] INTEGER (1..999) OPTIONAL, + micros [1] INTEGER (1..999) OPTIONAL } +*/ + +struct TS_accuracy_st { + ASN1_INTEGER* seconds; + ASN1_INTEGER* millis; + ASN1_INTEGER* micros; + } +alias TS_accuracy_st TS_ACCURACY; + +/* +TSTInfo ::= SEQUENCE { + version INTEGER { v1(1) }, + policy TSAPolicyId, + messageImprint MessageImprint, + -- MUST have the same value as the similar field in + -- TimeStampReq + serialNumber INTEGER, + -- Time-Stamping users MUST be ready to accommodate integers + -- up to 160 bits. + genTime GeneralizedTime, + accuracy Accuracy OPTIONAL, + ordering BOOLEAN DEFAULT FALSE, + nonce INTEGER OPTIONAL, + -- MUST be present if the similar field was present + -- in TimeStampReq. In that case it MUST have the same value. + tsa [0] GeneralName OPTIONAL, + extensions [1] IMPLICIT Extensions OPTIONAL } +*/ + +struct TS_tst_info_st { + ASN1_INTEGER* version_; + ASN1_OBJECT* policy_id; + TS_MSG_IMPRINT* msg_imprint; + ASN1_INTEGER* serial; + ASN1_GENERALIZEDTIME* time; + TS_ACCURACY* accuracy; + ASN1_BOOLEAN ordering; + ASN1_INTEGER* nonce; + GENERAL_NAME* tsa; + STACK_OF!(X509_EXTENSION) *extensions; + } +alias TS_tst_info_st TS_TST_INFO; + +/* +PKIStatusInfo ::= SEQUENCE { + status PKIStatus, + statusString PKIFreeText OPTIONAL, + failInfo PKIFailureInfo OPTIONAL } + +From RFC 1510 - section 3.1.1: +PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String + -- text encoded as UTF-8 String (note: each UTF8String SHOULD + -- include an RFC 1766 language tag to indicate the language + -- of the contained text) +*/ + +/* Possible values for status. See ts_resp_print.c && ts_resp_verify.c. */ + +enum TS_STATUS_GRANTED = 0; +enum TS_STATUS_GRANTED_WITH_MODS = 1; +enum TS_STATUS_REJECTION = 2; +enum TS_STATUS_WAITING = 3; +enum TS_STATUS_REVOCATION_WARNING = 4; +enum TS_STATUS_REVOCATION_NOTIFICATION = 5; + +/* Possible values for failure_info. See ts_resp_print.c && ts_resp_verify.c */ + +enum TS_INFO_BAD_ALG = 0; +enum TS_INFO_BAD_REQUEST = 2; +enum TS_INFO_BAD_DATA_FORMAT = 5; +enum TS_INFO_TIME_NOT_AVAILABLE = 14; +enum TS_INFO_UNACCEPTED_POLICY = 15; +enum TS_INFO_UNACCEPTED_EXTENSION = 16; +enum TS_INFO_ADD_INFO_NOT_AVAILABLE = 17; +enum TS_INFO_SYSTEM_FAILURE = 25; + +struct TS_status_info_st { + ASN1_INTEGER* status; + STACK_OF!(ASN1_UTF8STRING) *text; + ASN1_BIT_STRING* failure_info; + } +alias TS_status_info_st TS_STATUS_INFO; + +/+mixin DECLARE_STACK_OF!(ASN1_UTF8STRING);+/ +mixin DECLARE_ASN1_SET_OF!(ASN1_UTF8STRING); + +/* +TimeStampResp ::= SEQUENCE { + status PKIStatusInfo, + timeStampToken TimeStampToken OPTIONAL } +*/ + +struct TS_resp_st { + TS_STATUS_INFO* status_info; + PKCS7* token; + TS_TST_INFO* tst_info; + } +alias TS_resp_st TS_RESP; + +/* The structure below would belong to the ESS component. */ + +/* +IssuerSerial ::= SEQUENCE { + issuer GeneralNames, + serialNumber CertificateSerialNumber + } +*/ + +struct ESS_issuer_serial { + STACK_OF!(GENERAL_NAME) *issuer; + ASN1_INTEGER* serial; + } +alias ESS_issuer_serial ESS_ISSUER_SERIAL; + +/* +ESSCertID ::= SEQUENCE { + certHash Hash, + issuerSerial IssuerSerial OPTIONAL +} +*/ + +struct ESS_cert_id { + ASN1_OCTET_STRING* hash; /* Always SHA-1 digest. */ + ESS_ISSUER_SERIAL* issuer_serial; + } +alias ESS_cert_id ESS_CERT_ID; + +/+mixin DECLARE_STACK_OF!(ESS_CERT_ID);+/ +mixin DECLARE_ASN1_SET_OF!(ESS_CERT_ID); + +/* +SigningCertificate ::= SEQUENCE { + certs SEQUENCE OF ESSCertID, + policies SEQUENCE OF PolicyInformation OPTIONAL +} +*/ + +struct ESS_signing_cert { + STACK_OF!(ESS_CERT_ID) *cert_ids; + STACK_OF!(POLICYINFO) *policy_info; + } +alias ESS_signing_cert ESS_SIGNING_CERT; + + +TS_REQ* TS_REQ_new(); +void TS_REQ_free(TS_REQ* a); +int i2d_TS_REQ(const(TS_REQ)* a, ubyte** pp); +TS_REQ* d2i_TS_REQ(TS_REQ** a, const(ubyte)** pp, c_long length); + +TS_REQ* TS_REQ_dup(TS_REQ* a); + +TS_REQ* d2i_TS_REQ_fp(FILE* fp, TS_REQ** a); +int i2d_TS_REQ_fp(FILE* fp, TS_REQ* a); +TS_REQ* d2i_TS_REQ_bio(BIO* fp, TS_REQ** a); +int i2d_TS_REQ_bio(BIO* fp, TS_REQ* a); + +TS_MSG_IMPRINT* TS_MSG_IMPRINT_new(); +void TS_MSG_IMPRINT_free(TS_MSG_IMPRINT* a); +int i2d_TS_MSG_IMPRINT(const(TS_MSG_IMPRINT)* a, ubyte** pp); +TS_MSG_IMPRINT* d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT** a, + const(ubyte)** pp, c_long length); + +TS_MSG_IMPRINT* TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT* a); + +TS_MSG_IMPRINT* d2i_TS_MSG_IMPRINT_fp(FILE* fp, TS_MSG_IMPRINT** a); +int i2d_TS_MSG_IMPRINT_fp(FILE* fp, TS_MSG_IMPRINT* a); +TS_MSG_IMPRINT* d2i_TS_MSG_IMPRINT_bio(BIO* fp, TS_MSG_IMPRINT** a); +int i2d_TS_MSG_IMPRINT_bio(BIO* fp, TS_MSG_IMPRINT* a); + +TS_RESP* TS_RESP_new(); +void TS_RESP_free(TS_RESP* a); +int i2d_TS_RESP(const(TS_RESP)* a, ubyte** pp); +TS_RESP* d2i_TS_RESP(TS_RESP** a, const(ubyte)** pp, c_long length); +TS_TST_INFO* PKCS7_to_TS_TST_INFO(PKCS7* token); +TS_RESP* TS_RESP_dup(TS_RESP* a); + +TS_RESP* d2i_TS_RESP_fp(FILE* fp, TS_RESP** a); +int i2d_TS_RESP_fp(FILE* fp, TS_RESP* a); +TS_RESP* d2i_TS_RESP_bio(BIO* fp, TS_RESP** a); +int i2d_TS_RESP_bio(BIO* fp, TS_RESP* a); + +TS_STATUS_INFO* TS_STATUS_INFO_new(); +void TS_STATUS_INFO_free(TS_STATUS_INFO* a); +int i2d_TS_STATUS_INFO(const(TS_STATUS_INFO)* a, ubyte** pp); +TS_STATUS_INFO* d2i_TS_STATUS_INFO(TS_STATUS_INFO** a, + const(ubyte)** pp, c_long length); +TS_STATUS_INFO* TS_STATUS_INFO_dup(TS_STATUS_INFO* a); + +TS_TST_INFO* TS_TST_INFO_new(); +void TS_TST_INFO_free(TS_TST_INFO* a); +int i2d_TS_TST_INFO(const(TS_TST_INFO)* a, ubyte** pp); +TS_TST_INFO* d2i_TS_TST_INFO(TS_TST_INFO** a, const(ubyte)** pp, + c_long length); +TS_TST_INFO* TS_TST_INFO_dup(TS_TST_INFO* a); + +TS_TST_INFO* d2i_TS_TST_INFO_fp(FILE* fp, TS_TST_INFO** a); +int i2d_TS_TST_INFO_fp(FILE* fp, TS_TST_INFO* a); +TS_TST_INFO* d2i_TS_TST_INFO_bio(BIO* fp, TS_TST_INFO** a); +int i2d_TS_TST_INFO_bio(BIO* fp, TS_TST_INFO* a); + +TS_ACCURACY* TS_ACCURACY_new(); +void TS_ACCURACY_free(TS_ACCURACY* a); +int i2d_TS_ACCURACY(const(TS_ACCURACY)* a, ubyte** pp); +TS_ACCURACY* d2i_TS_ACCURACY(TS_ACCURACY** a, const(ubyte)** pp, + c_long length); +TS_ACCURACY* TS_ACCURACY_dup(TS_ACCURACY* a); + +ESS_ISSUER_SERIAL* ESS_ISSUER_SERIAL_new(); +void ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL* a); +int i2d_ESS_ISSUER_SERIAL(const(ESS_ISSUER_SERIAL)* a, + ubyte** pp); +ESS_ISSUER_SERIAL* d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL** a, + const(ubyte)** pp, c_long length); +ESS_ISSUER_SERIAL* ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL* a); + +ESS_CERT_ID* ESS_CERT_ID_new(); +void ESS_CERT_ID_free(ESS_CERT_ID* a); +int i2d_ESS_CERT_ID(const(ESS_CERT_ID)* a, ubyte** pp); +ESS_CERT_ID* d2i_ESS_CERT_ID(ESS_CERT_ID** a, const(ubyte)** pp, + c_long length); +ESS_CERT_ID* ESS_CERT_ID_dup(ESS_CERT_ID* a); + +ESS_SIGNING_CERT* ESS_SIGNING_CERT_new(); +void ESS_SIGNING_CERT_free(ESS_SIGNING_CERT* a); +int i2d_ESS_SIGNING_CERT(const(ESS_SIGNING_CERT)* a, + ubyte** pp); +ESS_SIGNING_CERT* d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT** a, + const(ubyte)** pp, c_long length); +ESS_SIGNING_CERT* ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT* a); + +void ERR_load_TS_strings(); + +int TS_REQ_set_version(TS_REQ* a, c_long version_); +c_long TS_REQ_get_version(const(TS_REQ)* a); + +int TS_REQ_set_msg_imprint(TS_REQ* a, TS_MSG_IMPRINT* msg_imprint); +TS_MSG_IMPRINT* TS_REQ_get_msg_imprint(TS_REQ* a); + +int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT* a, X509_ALGOR* alg); +X509_ALGOR* TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT* a); + +int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT* a, ubyte* d, int len); +ASN1_OCTET_STRING* TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT* a); + +int TS_REQ_set_policy_id(TS_REQ* a, ASN1_OBJECT* policy); +ASN1_OBJECT* TS_REQ_get_policy_id(TS_REQ* a); + +int TS_REQ_set_nonce(TS_REQ* a, const(ASN1_INTEGER)* nonce); +const(ASN1_INTEGER)* TS_REQ_get_nonce(const(TS_REQ)* a); + +int TS_REQ_set_cert_req(TS_REQ* a, int cert_req); +int TS_REQ_get_cert_req(const(TS_REQ)* a); + +STACK_OF!(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ* a); +void TS_REQ_ext_free(TS_REQ* a); +int TS_REQ_get_ext_count(TS_REQ* a); +int TS_REQ_get_ext_by_NID(TS_REQ* a, int nid, int lastpos); +int TS_REQ_get_ext_by_OBJ(TS_REQ* a, ASN1_OBJECT* obj, int lastpos); +int TS_REQ_get_ext_by_critical(TS_REQ* a, int crit, int lastpos); +X509_EXTENSION* TS_REQ_get_ext(TS_REQ* a, int loc); +X509_EXTENSION* TS_REQ_delete_ext(TS_REQ* a, int loc); +int TS_REQ_add_ext(TS_REQ* a, X509_EXTENSION* ex, int loc); +void* TS_REQ_get_ext_d2i(TS_REQ* a, int nid, int* crit, int* idx); + +/* Function declarations for TS_REQ defined in ts/ts_req_print.c */ + +int TS_REQ_print_bio(BIO* bio, TS_REQ* a); + +/* Function declarations for TS_RESP defined in ts/ts_resp_utils.c */ + +int TS_RESP_set_status_info(TS_RESP* a, TS_STATUS_INFO* info); +TS_STATUS_INFO* TS_RESP_get_status_info(TS_RESP* a); + +/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */ +void TS_RESP_set_tst_info(TS_RESP* a, PKCS7* p7, TS_TST_INFO* tst_info); +PKCS7* TS_RESP_get_token(TS_RESP* a); +TS_TST_INFO* TS_RESP_get_tst_info(TS_RESP* a); + +int TS_TST_INFO_set_version(TS_TST_INFO* a, c_long version_); +c_long TS_TST_INFO_get_version(const(TS_TST_INFO)* a); + +int TS_TST_INFO_set_policy_id(TS_TST_INFO* a, ASN1_OBJECT* policy_id); +ASN1_OBJECT* TS_TST_INFO_get_policy_id(TS_TST_INFO* a); + +int TS_TST_INFO_set_msg_imprint(TS_TST_INFO* a, TS_MSG_IMPRINT* msg_imprint); +TS_MSG_IMPRINT* TS_TST_INFO_get_msg_imprint(TS_TST_INFO* a); + +int TS_TST_INFO_set_serial(TS_TST_INFO* a, const(ASN1_INTEGER)* serial); +const(ASN1_INTEGER)* TS_TST_INFO_get_serial(const(TS_TST_INFO)* a); + +int TS_TST_INFO_set_time(TS_TST_INFO* a, const(ASN1_GENERALIZEDTIME)* gtime); +const(ASN1_GENERALIZEDTIME)* TS_TST_INFO_get_time(const(TS_TST_INFO)* a); + +int TS_TST_INFO_set_accuracy(TS_TST_INFO* a, TS_ACCURACY* accuracy); +TS_ACCURACY* TS_TST_INFO_get_accuracy(TS_TST_INFO* a); + +int TS_ACCURACY_set_seconds(TS_ACCURACY* a, const(ASN1_INTEGER)* seconds); +const(ASN1_INTEGER)* TS_ACCURACY_get_seconds(const(TS_ACCURACY)* a); + +int TS_ACCURACY_set_millis(TS_ACCURACY* a, const(ASN1_INTEGER)* millis); +const(ASN1_INTEGER)* TS_ACCURACY_get_millis(const(TS_ACCURACY)* a); + +int TS_ACCURACY_set_micros(TS_ACCURACY* a, const(ASN1_INTEGER)* micros); +const(ASN1_INTEGER)* TS_ACCURACY_get_micros(const(TS_ACCURACY)* a); + +int TS_TST_INFO_set_ordering(TS_TST_INFO* a, int ordering); +int TS_TST_INFO_get_ordering(const(TS_TST_INFO)* a); + +int TS_TST_INFO_set_nonce(TS_TST_INFO* a, const(ASN1_INTEGER)* nonce); +const(ASN1_INTEGER)* TS_TST_INFO_get_nonce(const(TS_TST_INFO)* a); + +int TS_TST_INFO_set_tsa(TS_TST_INFO* a, GENERAL_NAME* tsa); +GENERAL_NAME* TS_TST_INFO_get_tsa(TS_TST_INFO* a); + +STACK_OF!(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO* a); +void TS_TST_INFO_ext_free(TS_TST_INFO* a); +int TS_TST_INFO_get_ext_count(TS_TST_INFO* a); +int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO* a, int nid, int lastpos); +int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO* a, ASN1_OBJECT* obj, int lastpos); +int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO* a, int crit, int lastpos); +X509_EXTENSION* TS_TST_INFO_get_ext(TS_TST_INFO* a, int loc); +X509_EXTENSION* TS_TST_INFO_delete_ext(TS_TST_INFO* a, int loc); +int TS_TST_INFO_add_ext(TS_TST_INFO* a, X509_EXTENSION* ex, int loc); +void* TS_TST_INFO_get_ext_d2i(TS_TST_INFO* a, int nid, int* crit, int* idx); + +/* Declarations related to response generation, defined in ts/ts_resp_sign.c. */ + +/* Optional flags for response generation. */ + +/* Don't include the TSA name in response. */ +enum TS_TSA_NAME = 0x01; + +/* Set ordering to true in response. */ +enum TS_ORDERING = 0x02; + +/* + * Include the signer certificate and the other specified certificates in + * the ESS signing certificate attribute beside the PKCS7 signed data. + * Only the signer certificates is included by default. + */ +enum TS_ESS_CERT_ID_CHAIN = 0x04; + +// /* Forward declaration. */ +// struct TS_resp_ctx; + +/* This must return a unique number less than 160 bits long. */ +alias ExternC!(ASN1_INTEGER* function(TS_resp_ctx*, void*)) TS_serial_cb; + +/* This must return the seconds and microseconds since Jan 1, 1970 in + the sec and usec variables allocated by the caller. + Return non-zero for success and zero for failure. */ +alias ExternC!(int function(TS_resp_ctx*, void*, c_long* sec, c_long* usec)) TS_time_cb; + +/* This must process the given extension. + * It can modify the TS_TST_INFO object of the context. + * Return values: !0 (processed), 0 (error, it must set the + * status info/failure info of the response). + */ +alias ExternC!(int function(TS_resp_ctx*, X509_EXTENSION*, void*)) TS_extension_cb; + +struct TS_resp_ctx { + X509* signer_cert; + EVP_PKEY* signer_key; + STACK_OF!(X509) *certs; /* Certs to include in signed data. */ + STACK_OF!(ASN1_OBJECT) *policies; /* Acceptable policies. */ + ASN1_OBJECT* default_policy; /* It may appear in policies, too. */ + STACK_OF!(EVP_MD) *mds; /* Acceptable message digests. */ + ASN1_INTEGER* seconds; /* accuracy, 0 means not specified. */ + ASN1_INTEGER* millis; /* accuracy, 0 means not specified. */ + ASN1_INTEGER* micros; /* accuracy, 0 means not specified. */ + uint clock_precision_digits; /* fraction of seconds in + time stamp token. */ + uint flags; /* Optional info, see values above. */ + + /* Callback functions. */ + TS_serial_cb serial_cb; + void* serial_cb_data; /* User data for serial_cb. */ + + TS_time_cb time_cb; + void* time_cb_data; /* User data for time_cb. */ + + TS_extension_cb extension_cb; + void* extension_cb_data; /* User data for extension_cb. */ + + /* These members are used only while creating the response. */ + TS_REQ* request; + TS_RESP* response; + TS_TST_INFO* tst_info; + } +alias TS_resp_ctx TS_RESP_CTX; + +/+mixin DECLARE_STACK_OF!(EVP_MD);+/ +mixin DECLARE_ASN1_SET_OF!(EVP_MD); + +/* Creates a response context that can be used for generating responses. */ +TS_RESP_CTX* TS_RESP_CTX_new(); +void TS_RESP_CTX_free(TS_RESP_CTX* ctx); + +/* This parameter must be set. */ +int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX* ctx, X509* signer); + +/* This parameter must be set. */ +int TS_RESP_CTX_set_signer_key(TS_RESP_CTX* ctx, EVP_PKEY* key); + +/* This parameter must be set. */ +int TS_RESP_CTX_set_def_policy(TS_RESP_CTX* ctx, ASN1_OBJECT* def_policy); + +/* No additional certs are included in the response by default. */ +int TS_RESP_CTX_set_certs(TS_RESP_CTX* ctx, STACK_OF!(X509) *certs); + +/* Adds a new acceptable policy, only the default policy + is accepted by default. */ +int TS_RESP_CTX_add_policy(TS_RESP_CTX* ctx, ASN1_OBJECT* policy); + +/* Adds a new acceptable message digest. Note that no message digests + are accepted by default. The md argument is shared with the caller. */ +int TS_RESP_CTX_add_md(TS_RESP_CTX* ctx, const(EVP_MD)* md); + +/* Accuracy is not included by default. */ +int TS_RESP_CTX_set_accuracy(TS_RESP_CTX* ctx, + int secs, int millis, int micros); + +/* Clock precision digits, i.e. the number of decimal digits: + '0' means sec, '3' msec, '6' usec, and so on. Default is 0. */ +int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX* ctx, + uint clock_precision_digits); +/* At most we accept usec precision. */ +enum TS_MAX_CLOCK_PRECISION_DIGITS = 6; + +/* No flags are set by default. */ +void TS_RESP_CTX_add_flags(TS_RESP_CTX* ctx, int flags); + +/* Default callback always returns a constant. */ +void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX* ctx, TS_serial_cb cb, void* data); + +/* Default callback uses the gettimeofday() and gmtime() system calls. */ +void TS_RESP_CTX_set_time_cb(TS_RESP_CTX* ctx, TS_time_cb cb, void* data); + +/* Default callback rejects all extensions. The extension callback is called + * when the TS_TST_INFO object is already set up and not signed yet. */ +/* FIXME: extension handling is not tested yet. */ +void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX* ctx, + TS_extension_cb cb, void* data); + +/* The following methods can be used in the callbacks. */ +int TS_RESP_CTX_set_status_info(TS_RESP_CTX* ctx, + int status, const(char)* text); + +/* Sets the status info only if it is still TS_STATUS_GRANTED. */ +int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX* ctx, + int status, const(char)* text); + +int TS_RESP_CTX_add_failure_info(TS_RESP_CTX* ctx, int failure); + +/* The get methods below can be used in the extension callback. */ +TS_REQ* TS_RESP_CTX_get_request(TS_RESP_CTX* ctx); + +TS_TST_INFO* TS_RESP_CTX_get_tst_info(TS_RESP_CTX* ctx); + +/* + * Creates the signed TS_TST_INFO and puts it in TS_RESP. + * In case of errors it sets the status info properly. + * Returns NULL only in case of memory allocation/fatal error. + */ +TS_RESP* TS_RESP_create_response(TS_RESP_CTX* ctx, BIO* req_bio); + +/* + * Declarations related to response verification, + * they are defined in ts/ts_resp_verify.c. + */ + +int TS_RESP_verify_signature(PKCS7* token, STACK_OF!(X509) *certs, + X509_STORE* store, X509** signer_out); + +/* Context structure for the generic verify method. */ + +/* Verify the signer's certificate and the signature of the response. */ +enum TS_VFY_SIGNATURE = (1u << 0); +/* Verify the version number of the response. */ +enum TS_VFY_VERSION = (1u << 1); +/* Verify if the policy supplied by the user matches the policy of the TSA. */ +enum TS_VFY_POLICY = (1u << 2); +/* Verify the message imprint provided by the user. This flag should not be + specified with TS_VFY_DATA. */ +enum TS_VFY_IMPRINT = (1u << 3); +/* Verify the message imprint computed by the verify method from the user + provided data and the MD algorithm of the response. This flag should not be + specified with TS_VFY_IMPRINT. */ +enum TS_VFY_DATA = (1u << 4); +/* Verify the nonce value. */ +enum TS_VFY_NONCE = (1u << 5); +/* Verify if the TSA name field matches the signer certificate. */ +enum TS_VFY_SIGNER = (1u << 6); +/* Verify if the TSA name field equals to the user provided name. */ +enum TS_VFY_TSA_NAME = (1u << 7); + +/* You can use the following convenience constants. */ +enum TS_VFY_ALL_IMPRINT = (TS_VFY_SIGNATURE + | TS_VFY_VERSION + | TS_VFY_POLICY + | TS_VFY_IMPRINT + | TS_VFY_NONCE + | TS_VFY_SIGNER + | TS_VFY_TSA_NAME); +enum TS_VFY_ALL_DATA = (TS_VFY_SIGNATURE + | TS_VFY_VERSION + | TS_VFY_POLICY + | TS_VFY_DATA + | TS_VFY_NONCE + | TS_VFY_SIGNER + | TS_VFY_TSA_NAME); + +struct TS_verify_ctx { + /* Set this to the union of TS_VFY_... flags you want to carry out. */ + uint flags; + + /* Must be set only with TS_VFY_SIGNATURE. certs is optional. */ + X509_STORE* store; + STACK_OF!(X509) *certs; + + /* Must be set only with TS_VFY_POLICY. */ + ASN1_OBJECT* policy; + + /* Must be set only with TS_VFY_IMPRINT. If md_alg is NULL, + the algorithm from the response is used. */ + X509_ALGOR* md_alg; + ubyte* imprint; + uint imprint_len; + + /* Must be set only with TS_VFY_DATA. */ + BIO* data; + + /* Must be set only with TS_VFY_TSA_NAME. */ + ASN1_INTEGER* nonce; + + /* Must be set only with TS_VFY_TSA_NAME. */ + GENERAL_NAME* tsa_name; + } +alias TS_verify_ctx TS_VERIFY_CTX; + +int TS_RESP_verify_response(TS_VERIFY_CTX* ctx, TS_RESP* response); +int TS_RESP_verify_token(TS_VERIFY_CTX* ctx, PKCS7* token); + +/* + * Declarations related to response verification context, + * they are defined in ts/ts_verify_ctx.c. + */ + +/* Set all fields to zero. */ +TS_VERIFY_CTX* TS_VERIFY_CTX_new(); +void TS_VERIFY_CTX_init(TS_VERIFY_CTX* ctx); +void TS_VERIFY_CTX_free(TS_VERIFY_CTX* ctx); +void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX* ctx); + +/* + * If ctx is NULL, it allocates and returns a new object, otherwise + * it returns ctx. It initialises all the members as follows: + * flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE) + * certs = NULL + * store = NULL + * policy = policy from the request or NULL if absent (in this case + * TS_VFY_POLICY is cleared from flags as well) + * md_alg = MD algorithm from request + * imprint, imprint_len = imprint from request + * data = NULL + * nonce, nonce_len = nonce from the request or NULL if absent (in this case + * TS_VFY_NONCE is cleared from flags as well) + * tsa_name = NULL + * Important: after calling this method TS_VFY_SIGNATURE should be added! + */ +TS_VERIFY_CTX* TS_REQ_to_TS_VERIFY_CTX(TS_REQ* req, TS_VERIFY_CTX* ctx); + +/* Function declarations for TS_RESP defined in ts/ts_resp_print.c */ + +int TS_RESP_print_bio(BIO* bio, TS_RESP* a); +int TS_STATUS_INFO_print_bio(BIO* bio, TS_STATUS_INFO* a); +int TS_TST_INFO_print_bio(BIO* bio, TS_TST_INFO* a); + +/* Common utility functions defined in ts/ts_lib.c */ + +int TS_ASN1_INTEGER_print_bio(BIO* bio, const(ASN1_INTEGER)* num); +int TS_OBJ_print_bio(BIO* bio, const(ASN1_OBJECT)* obj); +int TS_ext_print_bio(BIO* bio, const STACK_OF!(X509_EXTENSION) *extensions); +int TS_X509_ALGOR_print_bio(BIO* bio, const(X509_ALGOR)* alg); +int TS_MSG_IMPRINT_print_bio(BIO* bio, TS_MSG_IMPRINT* msg); + +/* Function declarations for handling configuration options, + defined in ts/ts_conf.c */ + +X509* TS_CONF_load_cert(const(char)* file); +STACK_OF!(X509) *TS_CONF_load_certs(const(char)* file); +EVP_PKEY* TS_CONF_load_key(const(char)* file, const(char)* pass); +const(char)* TS_CONF_get_tsa_section(CONF* conf, const(char)* section); +int TS_CONF_set_serial(CONF* conf, const(char)* section, TS_serial_cb cb, + TS_RESP_CTX* ctx); +int TS_CONF_set_crypto_device(CONF* conf, const(char)* section, + const(char)* device); +int TS_CONF_set_default_engine(const(char)* name); +int TS_CONF_set_signer_cert(CONF* conf, const(char)* section, + const(char)* cert, TS_RESP_CTX* ctx); +int TS_CONF_set_certs(CONF* conf, const(char)* section, const(char)* certs, + TS_RESP_CTX* ctx); +int TS_CONF_set_signer_key(CONF* conf, const(char)* section, + const(char)* key, const(char)* pass, TS_RESP_CTX* ctx); +int TS_CONF_set_def_policy(CONF* conf, const(char)* section, + const(char)* policy, TS_RESP_CTX* ctx); +int TS_CONF_set_policies(CONF* conf, const(char)* section, TS_RESP_CTX* ctx); +int TS_CONF_set_digests(CONF* conf, const(char)* section, TS_RESP_CTX* ctx); +int TS_CONF_set_accuracy(CONF* conf, const(char)* section, TS_RESP_CTX* ctx); +int TS_CONF_set_clock_precision_digits(CONF* conf, const(char)* section, + TS_RESP_CTX* ctx); +int TS_CONF_set_ordering(CONF* conf, const(char)* section, TS_RESP_CTX* ctx); +int TS_CONF_set_tsa_name(CONF* conf, const(char)* section, TS_RESP_CTX* ctx); +int TS_CONF_set_ess_cert_id_chain(CONF* conf, const(char)* section, + TS_RESP_CTX* ctx); + +/* -------------------------------------------------- */ +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_TS_strings(); + +/* Error codes for the TS functions. */ + +/* Function codes. */ +enum TS_F_D2I_TS_RESP = 147; +enum TS_F_DEF_SERIAL_CB = 110; +enum TS_F_DEF_TIME_CB = 111; +enum TS_F_ESS_ADD_SIGNING_CERT = 112; +enum TS_F_ESS_CERT_ID_NEW_INIT = 113; +enum TS_F_ESS_SIGNING_CERT_NEW_INIT = 114; +enum TS_F_INT_TS_RESP_VERIFY_TOKEN = 149; +enum TS_F_PKCS7_TO_TS_TST_INFO = 148; +enum TS_F_TS_ACCURACY_SET_MICROS = 115; +enum TS_F_TS_ACCURACY_SET_MILLIS = 116; +enum TS_F_TS_ACCURACY_SET_SECONDS = 117; +enum TS_F_TS_CHECK_IMPRINTS = 100; +enum TS_F_TS_CHECK_NONCES = 101; +enum TS_F_TS_CHECK_POLICY = 102; +enum TS_F_TS_CHECK_SIGNING_CERTS = 103; +enum TS_F_TS_CHECK_STATUS_INFO = 104; +enum TS_F_TS_COMPUTE_IMPRINT = 145; +enum TS_F_TS_CONF_SET_DEFAULT_ENGINE = 146; +enum TS_F_TS_GET_STATUS_TEXT = 105; +enum TS_F_TS_MSG_IMPRINT_SET_ALGO = 118; +enum TS_F_TS_REQ_SET_MSG_IMPRINT = 119; +enum TS_F_TS_REQ_SET_NONCE = 120; +enum TS_F_TS_REQ_SET_POLICY_ID = 121; +enum TS_F_TS_RESP_CREATE_RESPONSE = 122; +enum TS_F_TS_RESP_CREATE_TST_INFO = 123; +enum TS_F_TS_RESP_CTX_ADD_FAILURE_INFO = 124; +enum TS_F_TS_RESP_CTX_ADD_MD = 125; +enum TS_F_TS_RESP_CTX_ADD_POLICY = 126; +enum TS_F_TS_RESP_CTX_NEW = 127; +enum TS_F_TS_RESP_CTX_SET_ACCURACY = 128; +enum TS_F_TS_RESP_CTX_SET_CERTS = 129; +enum TS_F_TS_RESP_CTX_SET_DEF_POLICY = 130; +enum TS_F_TS_RESP_CTX_SET_SIGNER_CERT = 131; +enum TS_F_TS_RESP_CTX_SET_STATUS_INFO = 132; +enum TS_F_TS_RESP_GET_POLICY = 133; +enum TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION = 134; +enum TS_F_TS_RESP_SET_STATUS_INFO = 135; +enum TS_F_TS_RESP_SET_TST_INFO = 150; +enum TS_F_TS_RESP_SIGN = 136; +enum TS_F_TS_RESP_VERIFY_SIGNATURE = 106; +enum TS_F_TS_RESP_VERIFY_TOKEN = 107; +enum TS_F_TS_TST_INFO_SET_ACCURACY = 137; +enum TS_F_TS_TST_INFO_SET_MSG_IMPRINT = 138; +enum TS_F_TS_TST_INFO_SET_NONCE = 139; +enum TS_F_TS_TST_INFO_SET_POLICY_ID = 140; +enum TS_F_TS_TST_INFO_SET_SERIAL = 141; +enum TS_F_TS_TST_INFO_SET_TIME = 142; +enum TS_F_TS_TST_INFO_SET_TSA = 143; +enum TS_F_TS_VERIFY = 108; +enum TS_F_TS_VERIFY_CERT = 109; +enum TS_F_TS_VERIFY_CTX_NEW = 144; + +/* Reason codes. */ +enum TS_R_BAD_PKCS7_TYPE = 132; +enum TS_R_BAD_TYPE = 133; +enum TS_R_CERTIFICATE_VERIFY_ERROR = 100; +enum TS_R_COULD_NOT_SET_ENGINE = 127; +enum TS_R_COULD_NOT_SET_TIME = 115; +enum TS_R_D2I_TS_RESP_INT_FAILED = 128; +enum TS_R_DETACHED_CONTENT = 134; +enum TS_R_ESS_ADD_SIGNING_CERT_ERROR = 116; +enum TS_R_ESS_SIGNING_CERTIFICATE_ERROR = 101; +enum TS_R_INVALID_NULL_POINTER = 102; +enum TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE = 117; +enum TS_R_MESSAGE_IMPRINT_MISMATCH = 103; +enum TS_R_NONCE_MISMATCH = 104; +enum TS_R_NONCE_NOT_RETURNED = 105; +enum TS_R_NO_CONTENT = 106; +enum TS_R_NO_TIME_STAMP_TOKEN = 107; +enum TS_R_PKCS7_ADD_SIGNATURE_ERROR = 118; +enum TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR = 119; +enum TS_R_PKCS7_TO_TS_TST_INFO_FAILED = 129; +enum TS_R_POLICY_MISMATCH = 108; +enum TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE = 120; +enum TS_R_RESPONSE_SETUP_ERROR = 121; +enum TS_R_SIGNATURE_FAILURE = 109; +enum TS_R_THERE_MUST_BE_ONE_SIGNER = 110; +enum TS_R_TIME_SYSCALL_ERROR = 122; +enum TS_R_TOKEN_NOT_PRESENT = 130; +enum TS_R_TOKEN_PRESENT = 131; +enum TS_R_TSA_NAME_MISMATCH = 111; +enum TS_R_TSA_UNTRUSTED = 112; +enum TS_R_TST_INFO_SETUP_ERROR = 123; +enum TS_R_TS_DATASIGN = 124; +enum TS_R_UNACCEPTABLE_POLICY = 125; +enum TS_R_UNSUPPORTED_MD_ALGORITHM = 126; +enum TS_R_UNSUPPORTED_VERSION = 113; +enum TS_R_WRONG_CONTENT_TYPE = 114; diff --git a/deimos/openssl/txt_db.d b/deimos/openssl/txt_db.d new file mode 100644 index 0000000..467705e --- /dev/null +++ b/deimos/openssl/txt_db.d @@ -0,0 +1,105 @@ +/* crypto/txt_db/txt_db.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +module deimos.openssl.txt_db; + +import deimos.openssl._d_util; + +public import deimos.openssl.opensslconf; +version(OPENSSL_NO_BIO) {} else { +public import deimos.openssl.bio; +} +public import deimos.openssl.stack; +public import deimos.openssl.lhash; + +enum DB_ERROR_OK = 0; +enum DB_ERROR_MALLOC = 1; +enum DB_ERROR_INDEX_CLASH = 2; +enum DB_ERROR_INDEX_OUT_OF_RANGE = 3; +enum DB_ERROR_NO_INDEX = 4; +enum DB_ERROR_INSERT_INDEX_CLASH = 5; + +extern (C): +nothrow: + +alias OPENSSL_STRING* OPENSSL_PSTRING; +mixin DECLARE_SPECIAL_STACK_OF!(OPENSSL_PSTRING, OPENSSL_STRING); +struct txt_db_st { + int num_fields; + STACK_OF!(OPENSSL_PSTRING) *data; + LHASH_OF!(OPENSSL_STRING) **index; + ExternC!(int function(OPENSSL_STRING*))* qual; + c_long error; + c_long arg1; + c_long arg2; + OPENSSL_STRING* arg_row; + } +alias txt_db_st TXT_DB; + +version(OPENSSL_NO_BIO) { +TXT_DB* TXT_DB_read(char* in_, int num); +c_long TXT_DB_write(char* out_, TXT_DB* db); +} else { +TXT_DB* TXT_DB_read(BIO* in_, int num); +c_long TXT_DB_write(BIO* out_, TXT_DB* db); +} +int TXT_DB_create_index(TXT_DB* db,int field,ExternC!(int function(OPENSSL_STRING*)) qual, + LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp); +void TXT_DB_free(TXT_DB* db); +OPENSSL_STRING* TXT_DB_get_by_index(TXT_DB* db, int idx, OPENSSL_STRING* value); +int TXT_DB_insert(TXT_DB* db, OPENSSL_STRING* value); diff --git a/deimos/openssl/ui.d b/deimos/openssl/ui.d new file mode 100644 index 0000000..2199d8b --- /dev/null +++ b/deimos/openssl/ui.d @@ -0,0 +1,379 @@ +/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */ +/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL + * project 2001. + */ +/* ==================================================================== + * Copyright (c) 2001 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +module deimos.openssl.ui; + +import deimos.openssl._d_util; + +version(OPENSSL_NO_DEPRECATED) {} else { +public import deimos.openssl.crypto; +} +public import deimos.openssl.safestack; +public import deimos.openssl.ossl_typ; + +extern (C): +nothrow: + +/* Declared already in ossl_typ.h */ +/* typedef ui_st UI; */ +/* typedef ui_method_st UI_METHOD; */ + + +/* All the following functions return -1 or NULL on error and in some cases + (UI_process()) -2 if interrupted or in some other way cancelled. + When everything is fine, they return 0, a positive value or a non-NULL + pointer, all depending on their purpose. */ + +/* Creators and destructor. */ +UI* UI_new(); +UI* UI_new_method(const(UI_METHOD)* method); +void UI_free(UI* ui); + +/* The following functions are used to add strings to be printed and prompt + strings to prompt for data. The names are UI_{add,dup}__string + and UI_{add,dup}_input_boolean. + + UI_{add,dup}__string have the following meanings: + add add a text or prompt string. The pointers given to these + functions are used verbatim, no copying is done. + dup make a copy of the text or prompt string, then add the copy + to the collection of strings in the user interface. + + The function is a name for the functionality that the given + string shall be used for. It can be one of: + input use the string as data prompt. + verify use the string as verification prompt. This + is used to verify a previous input. + info use the string for informational output. + error use the string for error output. + Honestly, there's currently no difference between info and error for the + moment. + + UI_{add,dup}_input_boolean have the same semantics for "add" and "dup", + and are typically used when one wants to prompt for a yes/no response. + + + All of the functions in this group take a UI and a prompt string. + The string input and verify addition functions also take a flag argument, + a buffer for the result to end up with, a minimum input size and a maximum + input size (the result buffer MUST be large enough to be able to contain + the maximum number of characters). Additionally, the verify addition + functions takes another buffer to compare the result against. + The boolean input functions take an action description string (which should + be safe to ignore if the expected user action is obvious, for example with + a dialog box with an OK button and a Cancel button), a string of acceptable + characters to mean OK and to mean Cancel. The two last strings are checked + to make sure they don't have common characters. Additionally, the same + flag argument as for the string input is taken, as well as a result buffer. + The result buffer is required to be at least one byte long. Depending on + the answer, the first character from the OK or the Cancel character strings + will be stored in the first byte of the result buffer. No NUL will be + added, so the result is* not* a string. + + On success, the all return an index of the added information. That index + is usefull when retrieving results with UI_get0_result(). */ +int UI_add_input_string(UI* ui, const(char)* prompt, int flags, + char* result_buf, int minsize, int maxsize); +int UI_dup_input_string(UI* ui, const(char)* prompt, int flags, + char* result_buf, int minsize, int maxsize); +int UI_add_verify_string(UI* ui, const(char)* prompt, int flags, + char* result_buf, int minsize, int maxsize, const(char)* test_buf); +int UI_dup_verify_string(UI* ui, const(char)* prompt, int flags, + char* result_buf, int minsize, int maxsize, const(char)* test_buf); +int UI_add_input_boolean(UI* ui, const(char)* prompt, const(char)* action_desc, + const(char)* ok_chars, const(char)* cancel_chars, + int flags, char* result_buf); +int UI_dup_input_boolean(UI* ui, const(char)* prompt, const(char)* action_desc, + const(char)* ok_chars, const(char)* cancel_chars, + int flags, char* result_buf); +int UI_add_info_string(UI* ui, const(char)* text); +int UI_dup_info_string(UI* ui, const(char)* text); +int UI_add_error_string(UI* ui, const(char)* text); +int UI_dup_error_string(UI* ui, const(char)* text); + +/* These are the possible flags. They can be or'ed together. */ +/* Use to have echoing of input */ +enum UI_INPUT_FLAG_ECHO = 0x01; +/* Use a default password. Where that password is found is completely + up to the application, it might for example be in the user data set + with UI_add_user_data(). It is not recommended to have more than + one input in each UI being marked with this flag, or the application + might get confused. */ +enum UI_INPUT_FLAG_DEFAULT_PWD = 0x02; + +/* The user of these routines may want to define flags of their own. The core + UI won't look at those, but will pass them on to the method routines. They + must use higher bits so they don't get confused with the UI bits above. + UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use. A good + example of use is this: + + enum MY_UI_FLAG1 = (0x01 << UI_INPUT_FLAG_USER_BASE); + +*/ +enum UI_INPUT_FLAG_USER_BASE = 16; + + +/* The following function helps cona prompt. object_desc is a + textual short description of the object, for example "pass phrase", + and object_name is the name of the object (might be a card name or + a file name. + The returned string shall always be allocated on the heap with + OPENSSL_malloc(), and need to be free'd with OPENSSL_free(). + + If the ui_method doesn't contain a pointer to a user-defined prompt + constructor, a default string is built, looking like this: + + "Enter {object_desc} for {object_name}:" + + So, if object_desc has the value "pass phrase" and object_name has + the value "foo.key", the resulting string is: + + "Enter pass phrase for foo.key:" +*/ +char* UI_construct_prompt(UI* ui_method, + const(char)* object_desc, const(char)* object_name); + + +/* The following function is used to store a pointer to user-specific data. + Any previous such pointer will be returned and replaced. + + For callback purposes, this function makes a lot more sense than using + ex_data, since the latter requires that different parts of OpenSSL or + applications share the same ex_data index. + + Note that the UI_OpenSSL() method completely ignores the user data. + Other methods may not, however. */ +void* UI_add_user_data(UI* ui, void* user_data); +/* We need a user data retrieving function as well. */ +void* UI_get0_user_data(UI* ui); + +/* Return the result associated with a prompt given with the index i. */ +const(char)* UI_get0_result(UI* ui, int i); + +/* When all strings have been added, process the whole thing. */ +int UI_process(UI* ui); + +/* Give a user interface parametrised control commands. This can be used to + send down an integer, a data pointer or a function pointer, as well as + be used to get information from a UI. */ +int UI_ctrl(UI* ui, int cmd, c_long i, void* p, ExternC!(void function()) f); + +/* The commands */ +/* Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the + OpenSSL error stack before printing any info or added error messages and + before any prompting. */ +enum UI_CTRL_PRINT_ERRORS = 1; +/* Check if a UI_process() is possible to do again with the same instance of + a user interface. This makes UI_ctrl() return 1 if it is redoable, and 0 + if not. */ +enum UI_CTRL_IS_REDOABLE = 2; + + +/* Some methods may use extra data */ +auto UI_set_app_data()(UI* s,void* arg) { return UI_set_ex_data(s,0,arg); } +auto UI_get_app_data()(UI* s) { return UI_get_ex_data(s,0); } +int UI_get_ex_new_index(c_long argl, void* argp, CRYPTO_EX_new* new_func, + CRYPTO_EX_dup* dup_func, CRYPTO_EX_free* free_func); +int UI_set_ex_data(UI* r,int idx,void* arg); +void* UI_get_ex_data(UI* r, int idx); + +/* Use specific methods instead of the built-in one */ +void UI_set_default_method(const(UI_METHOD)* meth); +const(UI_METHOD)* UI_get_default_method(); +const(UI_METHOD)* UI_get_method(UI* ui); +const(UI_METHOD)* UI_set_method(UI* ui, const(UI_METHOD)* meth); + +/* The method with all the built-in thingies */ +UI_METHOD* UI_OpenSSL(); + + +/* ---------- For method writers ---------- */ +/* A method contains a number of functions that implement the low level + of the User Interface. The functions are: + + an opener This function starts a session, maybe by opening + a channel to a tty, or by opening a window. + a writer This function is called to write a given string, + maybe to the tty, maybe as a field label in a + window. + a flusher This function is called to flush everything that + has been output so far. It can be used to actually + display a dialog box after it has been built. + a reader This function is called to read a given prompt, + maybe from the tty, maybe from a field in a + window. Note that it's called wth all string + structures, not only the prompt ones, so it must + check such things itself. + a closer This function closes the session, maybe by closing + the channel to the tty, or closing the window. + + All these functions are expected to return: + + 0 on error. + 1 on success. + -1 on out-of-band events, for example if some prompting has + been canceled (by pressing Ctrl-C, for example). This is + only checked when returned by the flusher or the reader. + + The way this is used, the opener is first called, then the writer for all + strings, then the flusher, then the reader for all strings and finally the + closer. Note that if you want to prompt from a terminal or other command + line interface, the best is to have the reader also write the prompts + instead of having the writer do it. If you want to prompt from a dialog + box, the writer can be used to build up the contents of the box, and the + flusher to actually display the box and run the event loop until all data + has been given, after which the reader only grabs the given data and puts + them back into the UI strings. + + All method functions take a UI as argument. Additionally, the writer and + the reader take a UI_STRING. +*/ + +/* The UI_STRING type is the data structure that contains all the needed info + about a string or a prompt, including test data for a verification prompt. +*/ +struct ui_string_st; +alias ui_string_st UI_STRING; +/+mixin DECLARE_STACK_OF!(UI_STRING);+/ + +/* The different types of strings that are currently supported. + This is only needed by method authors. */ +enum UI_string_types + { + UIT_NONE=0, + UIT_PROMPT, /* Prompt for a string */ + UIT_VERIFY, /* Prompt for a string and verify */ + UIT_BOOLEAN, /* Prompt for a yes/no response */ + UIT_INFO, /* Send info to the user */ + UIT_ERROR /* Send an error message to the user */ + }; + +/* Create and manipulate methods */ +UI_METHOD* UI_create_method(char* name); +void UI_destroy_method(UI_METHOD* ui_method); +int UI_method_set_opener(UI_METHOD* method, ExternC!(int function(UI* ui)) opener); +int UI_method_set_writer(UI_METHOD* method, ExternC!(int function(UI* ui, UI_STRING* uis)) writer); +int UI_method_set_flusher(UI_METHOD* method, ExternC!(int function(UI* ui)) flusher); +int UI_method_set_reader(UI_METHOD* method, ExternC!(int function(UI* ui, UI_STRING* uis)) reader); +int UI_method_set_closer(UI_METHOD* method, ExternC!(int function(UI* ui)) closer); +int UI_method_set_prompt_constructor(UI_METHOD* method, ExternC!(char* function(UI* ui, const(char)* object_desc, const(char)* object_name)) prompt_constructor); +ExternC!(int function(UI*)) UI_method_get_opener(UI_METHOD* method); +ExternC!(int function(UI*,UI_STRING*)) UI_method_get_writer(UI_METHOD* method); +ExternC!(int function(UI*)) UI_method_get_flusher(UI_METHOD* method); +ExternC!(int function(UI*,UI_STRING*)) UI_method_get_reader(UI_METHOD* method); +ExternC!(int function(UI*)) UI_method_get_closer(UI_METHOD* method); +ExternC!(char* function(UI*, const(char)*, const(char)*)) UI_method_get_prompt_constructor(UI_METHOD* method); + +/* The following functions are helpers for method writers to access relevant + data from a UI_STRING. */ + +/* Return type of the UI_STRING */ +UI_string_types UI_get_string_type(UI_STRING* uis); +/* Return input flags of the UI_STRING */ +int UI_get_input_flags(UI_STRING* uis); +/* Return the actual string to output (the prompt, info or error) */ +const(char)* UI_get0_output_string(UI_STRING* uis); +/* Return the optional action string to output (the boolean promtp instruction) */ +const(char)* UI_get0_action_string(UI_STRING* uis); +/* Return the result of a prompt */ +const(char)* UI_get0_result_string(UI_STRING* uis); +/* Return the string to test the result against. Only useful with verifies. */ +const(char)* UI_get0_test_string(UI_STRING* uis); +/* Return the required minimum size of the result */ +int UI_get_result_minsize(UI_STRING* uis); +/* Return the required maximum size of the result */ +int UI_get_result_maxsize(UI_STRING* uis); +/* Set the result of a UI_STRING. */ +int UI_set_result(UI* ui, UI_STRING* uis, const(char)* result); + + +/* A couple of popular utility functions */ +int UI_UTIL_read_pw_string(char* buf,int length,const(char)* prompt,int verify); +int UI_UTIL_read_pw(char* buf,char* buff,int size,const(char)* prompt,int verify); + + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_UI_strings(); + +/* Error codes for the UI functions. */ + +/* Function codes. */ +enum UI_F_GENERAL_ALLOCATE_BOOLEAN = 108; +enum UI_F_GENERAL_ALLOCATE_PROMPT = 109; +enum UI_F_GENERAL_ALLOCATE_STRING = 100; +enum UI_F_UI_CTRL = 111; +enum UI_F_UI_DUP_ERROR_STRING = 101; +enum UI_F_UI_DUP_INFO_STRING = 102; +enum UI_F_UI_DUP_INPUT_BOOLEAN = 110; +enum UI_F_UI_DUP_INPUT_STRING = 103; +enum UI_F_UI_DUP_VERIFY_STRING = 106; +enum UI_F_UI_GET0_RESULT = 107; +enum UI_F_UI_NEW_METHOD = 104; +enum UI_F_UI_SET_RESULT = 105; + +/* Reason codes. */ +enum UI_R_COMMON_OK_AND_CANCEL_CHARACTERS = 104; +enum UI_R_INDEX_TOO_LARGE = 102; +enum UI_R_INDEX_TOO_SMALL = 103; +enum UI_R_NO_RESULT_BUFFER = 105; +enum UI_R_RESULT_TOO_LARGE = 100; +enum UI_R_RESULT_TOO_SMALL = 101; +enum UI_R_UNKNOWN_CONTROL_COMMAND = 106; diff --git a/deimos/openssl/ui_compat.d b/deimos/openssl/ui_compat.d new file mode 100644 index 0000000..36e300c --- /dev/null +++ b/deimos/openssl/ui_compat.d @@ -0,0 +1,76 @@ +/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */ +/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL + * project 2001. + */ +/* ==================================================================== + * Copyright (c) 2001 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +module deimos.openssl.ui_compat; + +import deimos.openssl._d_util; + +public import deimos.openssl.opensslconf; +public import deimos.openssl.ui; + +extern (C): +nothrow: + +/* The following functions were previously part of the DES section, + and are provided here for backward compatibility reasons. */ + +alias _ossl_old_des_read_pw_string des_read_pw_string; +alias _ossl_old_des_read_pw des_read_pw; + +int _ossl_old_des_read_pw_string(char* buf,int length,const(char)* prompt,int verify); +int _ossl_old_des_read_pw(char* buf,char* buff,int size,const(char)* prompt,int verify); diff --git a/deimos/openssl/whrlpool.d b/deimos/openssl/whrlpool.d new file mode 100644 index 0000000..7d56867 --- /dev/null +++ b/deimos/openssl/whrlpool.d @@ -0,0 +1,36 @@ +module deimos.openssl.whrlpool; + +import deimos.openssl._d_util; + +public import deimos.openssl.e_os2; +import core.stdc.config; + +extern (C): +nothrow: + +enum WHIRLPOOL_DIGEST_LENGTH = (512/8); +enum WHIRLPOOL_BBLOCK = 512; +enum WHIRLPOOL_COUNTER = (256/8); + +struct WHIRLPOOL_CTX { + union H_ { + ubyte[WHIRLPOOL_DIGEST_LENGTH] c; + /* double q is here to ensure 64-bit alignment */ + double[WHIRLPOOL_DIGEST_LENGTH/double.sizeof] q; + } + H_ H; + ubyte[WHIRLPOOL_BBLOCK/8] data; + uint bitoff; + size_t[WHIRLPOOL_COUNTER/size_t.sizeof] bitlen; + }; + +version(OPENSSL_NO_WHIRLPOOL) {} else { +version(OPENSSL_FIPS) { + int private_WHIRLPOOL_Init(WHIRLPOOL_CTX* c); +} +int WHIRLPOOL_Init (WHIRLPOOL_CTX* c); +int WHIRLPOOL_Update (WHIRLPOOL_CTX* c,const(void)* inp,size_t bytes); +void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX* c,const(void)* inp,size_t bits); +int WHIRLPOOL_Final (ubyte* md,WHIRLPOOL_CTX* c); +ubyte* WHIRLPOOL(const(void)* inp,size_t bytes,ubyte* md); +} diff --git a/deimos/openssl/x509.d b/deimos/openssl/x509.d new file mode 100644 index 0000000..05b101a --- /dev/null +++ b/deimos/openssl/x509.d @@ -0,0 +1,1297 @@ +/* crypto/x509/x509.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * ECDH support in OpenSSL originally developed by + * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. + */ + +module deimos.openssl.x509; + +import deimos.openssl._d_util; + +import core.stdc.time; +import deimos.openssl.x509v3; // Needed for GENERAL_NAME. + +public import deimos.openssl.e_os2; +public import deimos.openssl.symhacks; +version(OPENSSL_NO_BUFFER) {} else { +public import deimos.openssl.buffer; +} +version(OPENSSL_NO_EVP) {} else { +public import deimos.openssl.evp; +} +version(OPENSSL_NO_BIO) {} else { +public import deimos.openssl.bio; +} +public import deimos.openssl.stack; +public import deimos.openssl.asn1; +public import deimos.openssl.safestack; + +version(OPENSSL_NO_EC) {} else { +public import deimos.openssl.ec; +} + +version(OPENSSL_NO_ECDSA) {} else { +public import deimos.openssl.ecdsa; +} + +version(OPENSSL_NO_ECDH) {} else { +public import deimos.openssl.ecdh; +} + +version(OPENSSL_NO_DEPRECATED) {} else { +version(OPENSSL_NO_RSA) {} else { +public import deimos.openssl.rsa; +} +version(OPENSSL_NO_DSA) {} else { +public import deimos.openssl.dsa; +} +version(OPENSSL_NO_DH) {} else { +public import deimos.openssl.dh; +} +} + +version(OPENSSL_NO_SHA) {} else { +public import deimos.openssl.sha; +} +public import deimos.openssl.ossl_typ; + +extern (C): +nothrow: + +//#ifdef OPENSSL_SYS_WIN32 +///* Under Win32 these are defined in wincrypt.h */ +//#undef X509_NAME +//#undef X509_CERT_PAIR +//#undef X509_EXTENSIONS +//#endif + +enum X509_FILETYPE_PEM = 1; +enum X509_FILETYPE_ASN1 = 2; +enum X509_FILETYPE_DEFAULT = 3; + +enum X509v3_KU_DIGITAL_SIGNATURE = 0x0080; +enum X509v3_KU_NON_REPUDIATION = 0x0040; +enum X509v3_KU_KEY_ENCIPHERMENT = 0x0020; +enum X509v3_KU_DATA_ENCIPHERMENT = 0x0010; +enum X509v3_KU_KEY_AGREEMENT = 0x0008; +enum X509v3_KU_KEY_CERT_SIGN = 0x0004; +enum X509v3_KU_CRL_SIGN = 0x0002; +enum X509v3_KU_ENCIPHER_ONLY = 0x0001; +enum X509v3_KU_DECIPHER_ONLY = 0x8000; +enum X509v3_KU_UNDEF = 0xffff; + +struct X509_objects_st { + int nid; + ExternC!(int function()) a2i; + ExternC!(int function()) i2a; + } +alias X509_objects_st X509_OBJECTS; + +struct X509_algor_st + { + ASN1_OBJECT* algorithm; + ASN1_TYPE* parameter; + } /* X509_ALGOR */; + +mixin DECLARE_ASN1_SET_OF!(X509_ALGOR); + +alias STACK_OF!(X509_ALGOR) X509_ALGORS; + +struct X509_val_st { + ASN1_TIME* notBefore; + ASN1_TIME* notAfter; + } +alias X509_val_st X509_VAL; + +struct X509_pubkey_st + { + X509_ALGOR* algor; + ASN1_BIT_STRING* public_key; + EVP_PKEY* pkey; + }; + +struct X509_sig_st { + X509_ALGOR* algor; + ASN1_OCTET_STRING* digest; + } +alias X509_sig_st X509_SIG; + +struct X509_name_entry_st { + ASN1_OBJECT* object; + ASN1_STRING* value; + int set; + int size; /* temp variable */ + } +alias X509_name_entry_st X509_NAME_ENTRY; + +/+mixin DECLARE_STACK_OF!(X509_NAME_ENTRY);+/ +mixin DECLARE_ASN1_SET_OF!(X509_NAME_ENTRY); + +/* we always keep X509_NAMEs in 2 forms. */ +struct X509_name_st + { + STACK_OF!(X509_NAME_ENTRY) *entries; + int modified; /* true if 'bytes' needs to be built */ +version(OPENSSL_NO_BUFFER) { + char* bytes; +} else { + BUF_MEM* bytes; +} +/* c_ulong hash; Keep the hash around for lookups */ + ubyte* canon_enc; + int canon_enclen; + } /* X509_NAME */; + +/+mixin DECLARE_STACK_OF!(X509_NAME);+/ + +enum X509_EX_V_NETSCAPE_HACK = 0x8000; +enum X509_EX_V_INIT = 0x0001; +struct X509_extension_st { + ASN1_OBJECT* object; + ASN1_BOOLEAN critical; + ASN1_OCTET_STRING* value; + } +alias X509_extension_st X509_EXTENSION; + +alias STACK_OF!(X509_EXTENSION) X509_EXTENSIONS; + +/+mixin DECLARE_STACK_OF!(X509_EXTENSION);+/ +mixin DECLARE_ASN1_SET_OF!(X509_EXTENSION); + +/* a sequence of these are used */ +struct x509_attributes_st + { + ASN1_OBJECT* object; + int single; /* 0 for a set, 1 for a single item (which is wrong) */ + union value_ { + char* ptr; +/* 0 */ STACK_OF!(ASN1_TYPE) *set; +/* 1 */ ASN1_TYPE* single; + } + value_ value; + } +alias x509_attributes_st X509_ATTRIBUTE; + +/+mixin DECLARE_STACK_OF!(X509_ATTRIBUTE);+/ +mixin DECLARE_ASN1_SET_OF!(X509_ATTRIBUTE); + + +struct X509_req_info_st { + ASN1_ENCODING enc; + ASN1_INTEGER* version_; + X509_NAME* subject; + X509_PUBKEY* pubkey; + /* d=2 hl=2 l= 0 cons: cont: 00 */ + STACK_OF!(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ + } +alias X509_req_info_st X509_REQ_INFO; + +struct X509_req_st { + X509_REQ_INFO* req_info; + X509_ALGOR* sig_alg; + ASN1_BIT_STRING* signature; + int references; + } +alias X509_req_st X509_REQ; + +struct x509_cinf_st { + ASN1_INTEGER* version_; /* [ 0 ] default of v1 */ + ASN1_INTEGER* serialNumber; + X509_ALGOR* signature; + X509_NAME* issuer; + X509_VAL* validity; + X509_NAME* subject; + X509_PUBKEY* key; + ASN1_BIT_STRING* issuerUID; /* [ 1 ] optional in v2 */ + ASN1_BIT_STRING* subjectUID; /* [ 2 ] optional in v2 */ + STACK_OF!(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ + ASN1_ENCODING enc; + } +alias x509_cinf_st X509_CINF; + +/* This stuff is certificate "auxiliary info" + * it contains details which are useful in certificate + * stores and databases. When used this is tagged onto + * the end of the certificate itself + */ + +struct x509_cert_aux_st { + STACK_OF!(ASN1_OBJECT) *trust; /* trusted uses */ + STACK_OF!(ASN1_OBJECT) *reject; /* rejected uses */ + ASN1_UTF8STRING* alias_; /* "friendly name" */ + ASN1_OCTET_STRING* keyid; /* key id of private key */ + STACK_OF!(X509_ALGOR) *other; /* other unspecified info */ + } +alias x509_cert_aux_st X509_CERT_AUX; + +struct x509_st + { + X509_CINF* cert_info; + X509_ALGOR* sig_alg; + ASN1_BIT_STRING* signature; + int valid; + int references; + char* name; + CRYPTO_EX_DATA ex_data; + /* These contain copies of various extension values */ + c_long ex_pathlen; + c_long ex_pcpathlen; + c_ulong ex_flags; + c_ulong ex_kusage; + c_ulong ex_xkusage; + c_ulong ex_nscert; + ASN1_OCTET_STRING* skid; + AUTHORITY_KEYID* akid; + X509_POLICY_CACHE* policy_cache; + STACK_OF!(DIST_POINT) *crldp; + STACK_OF!(GENERAL_NAME) *altname; + NAME_CONSTRAINTS* nc; +version(OPENSSL_NO_RFC3779) {} else { + STACK_OF!(IPAddressFamily) *rfc3779_addr; + ASIdentifiers_st* rfc3779_asid; +} +version(OPENSSL_NO_SHA) {} else { + ubyte[SHA_DIGEST_LENGTH] sha1_hash; +} + X509_CERT_AUX* aux; + } /* X509 */; + +/+mixin DECLARE_STACK_OF!(X509);+/ +mixin DECLARE_ASN1_SET_OF!(X509); + +/* This is used for a table of trust checking functions */ + +struct x509_trust_st { + int trust; + int flags; + ExternC!(int function(x509_trust_st*, X509*, int)) check_trust; + char* name; + int arg1; + void* arg2; +} +alias x509_trust_st X509_TRUST; + +/+mixin DECLARE_STACK_OF!(X509_TRUST);+/ + +struct x509_cert_pair_st { + X509* forward; + X509* reverse; +} +alias x509_cert_pair_st X509_CERT_PAIR; + +/* standard trust ids */ + +enum X509_TRUST_DEFAULT = -1; /* Only valid in purpose settings */ + +enum X509_TRUST_COMPAT = 1; +enum X509_TRUST_SSL_CLIENT = 2; +enum X509_TRUST_SSL_SERVER = 3; +enum X509_TRUST_EMAIL = 4; +enum X509_TRUST_OBJECT_SIGN = 5; +enum X509_TRUST_OCSP_SIGN = 6; +enum X509_TRUST_OCSP_REQUEST = 7; +enum X509_TRUST_TSA = 8; + +/* Keep these up to date! */ +enum X509_TRUST_MIN = 1; +enum X509_TRUST_MAX = 8; + + +/* trust_flags values */ +enum X509_TRUST_DYNAMIC = 1; +enum X509_TRUST_DYNAMIC_NAME = 2; + +/* check_trust return codes */ + +enum X509_TRUST_TRUSTED = 1; +enum X509_TRUST_REJECTED = 2; +enum X509_TRUST_UNTRUSTED = 3; + +/* Flags for X509_print_ex() */ + +enum X509_FLAG_COMPAT = 0; +enum X509_FLAG_NO_HEADER = 1; +enum X509_FLAG_NO_VERSION = (1L << 1); +enum X509_FLAG_NO_SERIAL = (1L << 2); +enum X509_FLAG_NO_SIGNAME = (1L << 3); +enum X509_FLAG_NO_ISSUER = (1L << 4); +enum X509_FLAG_NO_VALIDITY = (1L << 5); +enum X509_FLAG_NO_SUBJECT = (1L << 6); +enum X509_FLAG_NO_PUBKEY = (1L << 7); +enum X509_FLAG_NO_EXTENSIONS = (1L << 8); +enum X509_FLAG_NO_SIGDUMP = (1L << 9); +enum X509_FLAG_NO_AUX = (1L << 10); +enum X509_FLAG_NO_ATTRIBUTES = (1L << 11); + +/* Flags specific to X509_NAME_print_ex() */ + +/* The field separator information */ + +enum XN_FLAG_SEP_MASK = (0xf << 16); + +enum XN_FLAG_COMPAT = 0; /* Traditional SSLeay: use old X509_NAME_print */ +enum XN_FLAG_SEP_COMMA_PLUS = (1 << 16); /* RFC2253 ,+ */ +enum XN_FLAG_SEP_CPLUS_SPC = (2 << 16); /*,+ spaced: more readable */ +enum XN_FLAG_SEP_SPLUS_SPC = (3 << 16); /* ;+ spaced */ +enum XN_FLAG_SEP_MULTILINE = (4 << 16); /* One line per field */ + +enum XN_FLAG_DN_REV = (1 << 20); /* Reverse DN order */ + +/* How the field name is shown */ + +enum XN_FLAG_FN_MASK = (0x3 << 21); + +enum XN_FLAG_FN_SN = 0; /* Object short name */ +enum XN_FLAG_FN_LN = (1 << 21); /* Object long name */ +enum XN_FLAG_FN_OID = (2 << 21); /* Always use OIDs */ +enum XN_FLAG_FN_NONE = (3 << 21); /* No field names */ + +enum XN_FLAG_SPC_EQ = (1 << 23); /* Put spaces round '=' */ + +/* This determines if we dump fields we don't recognise: + * RFC2253 requires this. + */ + +enum XN_FLAG_DUMP_UNKNOWN_FIELDS = (1 << 24); + +enum XN_FLAG_FN_ALIGN = (1 << 25); /* Align field names to 20 characters */ + +/* Complete set of RFC2253 flags */ + +enum XN_FLAG_RFC2253 = (ASN1_STRFLGS_RFC2253 | + XN_FLAG_SEP_COMMA_PLUS | + XN_FLAG_DN_REV | + XN_FLAG_FN_SN | + XN_FLAG_DUMP_UNKNOWN_FIELDS); + +/* readable oneline form */ + +enum XN_FLAG_ONELINE = (ASN1_STRFLGS_RFC2253 | + ASN1_STRFLGS_ESC_QUOTE | + XN_FLAG_SEP_CPLUS_SPC | + XN_FLAG_SPC_EQ | + XN_FLAG_FN_SN); + +/* readable multiline form */ + +enum XN_FLAG_MULTILINE = (ASN1_STRFLGS_ESC_CTRL | + ASN1_STRFLGS_ESC_MSB | + XN_FLAG_SEP_MULTILINE | + XN_FLAG_SPC_EQ | + XN_FLAG_FN_LN | + XN_FLAG_FN_ALIGN); + +struct x509_revoked_st + { + ASN1_INTEGER* serialNumber; + ASN1_TIME* revocationDate; + STACK_OF!(X509_EXTENSION) /* optional */ *extensions; + /* Set up if indirect CRL */ + STACK_OF!(GENERAL_NAME) *issuer; + /* Revocation reason */ + int reason; + int sequence; /* load sequence */ + }; + +/+mixin DECLARE_STACK_OF!(X509_REVOKED);+/ +mixin DECLARE_ASN1_SET_OF!(X509_REVOKED); + +struct X509_crl_info_st { + ASN1_INTEGER* version_; + X509_ALGOR* sig_alg; + X509_NAME* issuer; + ASN1_TIME* lastUpdate; + ASN1_TIME* nextUpdate; + STACK_OF!(X509_REVOKED) *revoked; + STACK_OF!(X509_EXTENSION) /* [0] */ *extensions; + ASN1_ENCODING enc; + } +alias X509_crl_info_st X509_CRL_INFO; + +struct X509_crl_st + { + /* actual signature */ + X509_CRL_INFO* crl; + X509_ALGOR* sig_alg; + ASN1_BIT_STRING* signature; + int references; + int flags; + /* Copies of various extensions */ + AUTHORITY_KEYID* akid; + ISSUING_DIST_POINT* idp; + /* Convenient breakdown of IDP */ + int idp_flags; + int idp_reasons; + /* CRL and base CRL numbers for delta processing */ + ASN1_INTEGER* crl_number; + ASN1_INTEGER* base_crl_number; +version(OPENSSL_NO_SHA) {} else { + ubyte[SHA_DIGEST_LENGTH] sha1_hash; +} + STACK_OF!(GENERAL_NAMES) *issuers; + const(X509_CRL_METHOD)* meth; + void* meth_data; + } /* X509_CRL */; + +/+mixin DECLARE_STACK_OF!(X509_CRL);+/ +mixin DECLARE_ASN1_SET_OF!(X509_CRL); + +struct private_key_st { + int version_; + /* The PKCS#8 data types */ + X509_ALGOR* enc_algor; + ASN1_OCTET_STRING* enc_pkey; /* encrypted pub key */ + + /* When decrypted, the following will not be NULL */ + EVP_PKEY* dec_pkey; + + /* used to encrypt and decrypt */ + int key_length; + char* key_data; + int key_free; /* true if we should auto free key_data */ + + /* expanded version of 'enc_algor' */ + EVP_CIPHER_INFO cipher; + + int references; + } +alias private_key_st X509_PKEY; + +version(OPENSSL_NO_EVP) {} else { +struct X509_info_st { + X509* x509; + X509_CRL* crl; + X509_PKEY* x_pkey; + + EVP_CIPHER_INFO enc_cipher; + int enc_len; + char* enc_data; + + int references; + } +alias X509_info_st X509_INFO; + +/+mixin DECLARE_STACK_OF!(X509_INFO);+/ +} + +/* The next 2 structures and their 8 routines were sent to me by + * Pat Richard and are used to manipulate + * Netscapes spki structures - useful if you are writing a CA web page + */ +struct Netscape_spkac_st { + X509_PUBKEY* pubkey; + ASN1_IA5STRING* challenge; /* challenge sent in atlas >= PR2 */ + } +alias Netscape_spkac_st NETSCAPE_SPKAC; + +struct Netscape_spki_st { + NETSCAPE_SPKAC* spkac; /* signed public key and challenge */ + X509_ALGOR* sig_algor; + ASN1_BIT_STRING* signature; + } +alias Netscape_spki_st NETSCAPE_SPKI; + +/* Netscape certificate sequence structure */ +struct Netscape_certificate_sequence { + ASN1_OBJECT* type; + STACK_OF!(X509) *certs; + } +alias Netscape_certificate_sequence NETSCAPE_CERT_SEQUENCE; + +/* Unused (and iv length is wrong) +struct CBCParameter_st { + ubyte[8] iv; + } +alias CBCParameter_st CBC_PARAM; +*/ + +/* Password based encryption structure */ + +struct PBEPARAM_st { +ASN1_OCTET_STRING* salt; +ASN1_INTEGER* iter; +} +alias PBEPARAM_st PBEPARAM; + +/* Password based encryption V2 structures */ + +struct PBE2PARAM_st { +X509_ALGOR* keyfunc; +X509_ALGOR* encryption; +} +alias PBE2PARAM_st PBE2PARAM; + +struct PBKDF2PARAM_st { +ASN1_TYPE* salt; /* Usually OCTET STRING but could be anything */ +ASN1_INTEGER* iter; +ASN1_INTEGER* keylength; +X509_ALGOR* prf; +} +alias PBKDF2PARAM_st PBKDF2PARAM; + + +/* PKCS#8 private key info structure */ + +struct pkcs8_priv_key_info_st + { + int broken; /* Flag for various broken formats */ +enum PKCS8_OK = 0; +enum PKCS8_NO_OCTET = 1; +enum PKCS8_EMBEDDED_PARAM = 2; +enum PKCS8_NS_DB = 3; +enum PKCS8_NEG_PRIVKEY = 4; + ASN1_INTEGER* version_; + X509_ALGOR* pkeyalg; + ASN1_TYPE* pkey; /* Should be OCTET STRING but some are broken */ + STACK_OF!(X509_ATTRIBUTE) *attributes; + }; + +public import deimos.openssl.x509_vfy; +public import deimos.openssl.pkcs7; + +extern (C): +nothrow: + +enum X509_EXT_PACK_UNKNOWN = 1; +enum X509_EXT_PACK_STRING = 2; + +auto X509_get_version()(x509_st* x) { return ASN1_INTEGER_get(x.cert_info.version_); } +/* auto X509_get_serialNumber()(x509_st* x) { return (x.cert_info.serialNumber); } */ +auto X509_get_notBefore()(x509_st* x) { return (x.cert_info.validity.notBefore); } +auto X509_get_notAfter()(x509_st* x) { return (x.cert_info.validity.notAfter); } +alias X509_get_pubkey X509_extract_key; +auto X509_REQ_get_version()(x509_st* x) { return ASN1_INTEGER_get(x.req_info.version_); } +auto X509_REQ_get_subject_name()(x509_st* x) { return (x.req_info.subject); } +alias X509_REQ_get_pubkey X509_REQ_extract_key; +alias X509_NAME_cmp X509_name_cmp; +auto X509_get_signature_type()(x509_st* x) { return EVP_PKEY_type(OBJ_obj2nid(x.sig_alg.algorithm)); } + +auto X509_CRL_get_version()(x509_st* x) { return ASN1_INTEGER_get(x.crl.version_); } +auto X509_CRL_get_lastUpdate()(x509_st* x) { return (x.crl.lastUpdate); } +auto X509_CRL_get_nextUpdate()(x509_st* x) { return (x.crl.nextUpdate); } +auto X509_CRL_get_issuer()(x509_st* x) { return (x.crl.issuer); } +auto X509_CRL_get_REVOKED()(x509_st* x) { return (x.crl.revoked); } + +void X509_CRL_set_default_method(const(X509_CRL_METHOD)* meth); +X509_CRL_METHOD* X509_CRL_METHOD_new( + ExternC!(int function(X509_CRL* crl)) crl_init, + ExternC!(int function(X509_CRL* crl)) crl_free, + ExternC!(int function(X509_CRL* crl, X509_REVOKED** ret, + ASN1_INTEGER* ser, X509_NAME* issuer)) crl_lookup, + ExternC!(int function(X509_CRL* crl, EVP_PKEY* pk)) crl_verify); +void X509_CRL_METHOD_free(X509_CRL_METHOD* m); + +void X509_CRL_set_meth_data(X509_CRL* crl, void* dat); +void* X509_CRL_get_meth_data(X509_CRL* crl); + +/* This one is only used so that a binary form can output, as in + * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */ +auto X509_get_X509_PUBKEY()(x509_st* x) { return x.cert_info.key; } + + +const(char)* X509_verify_cert_error_string(c_long n); + +version(OPENSSL_NO_EVP) {} else { +int X509_verify(X509* a, EVP_PKEY* r); + +int X509_REQ_verify(X509_REQ* a, EVP_PKEY* r); +int X509_CRL_verify(X509_CRL* a, EVP_PKEY* r); +int NETSCAPE_SPKI_verify(NETSCAPE_SPKI* a, EVP_PKEY* r); + +NETSCAPE_SPKI* NETSCAPE_SPKI_b64_decode(const(char)* str, int len); +char* NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI* x); +EVP_PKEY* NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI* x); +int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI* x, EVP_PKEY* pkey); + +int NETSCAPE_SPKI_print(BIO* out_, NETSCAPE_SPKI* spki); + +int X509_signature_dump(BIO *bp,const ASN1_STRING *sig, int indent); +int X509_signature_print(BIO* bp,X509_ALGOR* alg, ASN1_STRING* sig); + +int X509_sign(X509* x, EVP_PKEY* pkey, const(EVP_MD)* md); +int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx); +int X509_REQ_sign(X509_REQ* x, EVP_PKEY* pkey, const(EVP_MD)* md); +int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx); +int X509_CRL_sign(X509_CRL* x, EVP_PKEY* pkey, const(EVP_MD)* md); +int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx); +int NETSCAPE_SPKI_sign(NETSCAPE_SPKI* x, EVP_PKEY* pkey, const(EVP_MD)* md); + +int X509_pubkey_digest(const(X509)* data,const(EVP_MD)* type, + ubyte* md, uint* len); +int X509_digest(const(X509)* data,const(EVP_MD)* type, + ubyte* md, uint* len); +int X509_CRL_digest(const(X509_CRL)* data,const(EVP_MD)* type, + ubyte* md, uint* len); +int X509_REQ_digest(const(X509_REQ)* data,const(EVP_MD)* type, + ubyte* md, uint* len); +int X509_NAME_digest(const(X509_NAME)* data,const(EVP_MD)* type, + ubyte* md, uint* len); +} + +version(OPENSSL_NO_FP_API) {} else { +X509* d2i_X509_fp(FILE* fp, X509** x509); +int i2d_X509_fp(FILE* fp,X509* x509); +X509_CRL* d2i_X509_CRL_fp(FILE* fp,X509_CRL** crl); +int i2d_X509_CRL_fp(FILE* fp,X509_CRL* crl); +X509_REQ* d2i_X509_REQ_fp(FILE* fp,X509_REQ** req); +int i2d_X509_REQ_fp(FILE* fp,X509_REQ* req); +version(OPENSSL_NO_RSA) {} else { +RSA* d2i_RSAPrivateKey_fp(FILE* fp,RSA** rsa); +int i2d_RSAPrivateKey_fp(FILE* fp,RSA* rsa); +RSA* d2i_RSAPublicKey_fp(FILE* fp,RSA** rsa); +int i2d_RSAPublicKey_fp(FILE* fp,RSA* rsa); +RSA* d2i_RSA_PUBKEY_fp(FILE* fp,RSA** rsa); +int i2d_RSA_PUBKEY_fp(FILE* fp,RSA* rsa); +} +version(OPENSSL_NO_DSA) {} else { +DSA* d2i_DSA_PUBKEY_fp(FILE* fp, DSA** dsa); +int i2d_DSA_PUBKEY_fp(FILE* fp, DSA* dsa); +DSA* d2i_DSAPrivateKey_fp(FILE* fp, DSA** dsa); +int i2d_DSAPrivateKey_fp(FILE* fp, DSA* dsa); +} +version(OPENSSL_NO_EC) {} else { +EC_KEY* d2i_EC_PUBKEY_fp(FILE* fp, EC_KEY** eckey); +int i2d_EC_PUBKEY_fp(FILE* fp, EC_KEY* eckey); +EC_KEY* d2i_ECPrivateKey_fp(FILE* fp, EC_KEY** eckey); +int i2d_ECPrivateKey_fp(FILE* fp, EC_KEY* eckey); +} +X509_SIG* d2i_PKCS8_fp(FILE* fp,X509_SIG** p8); +int i2d_PKCS8_fp(FILE* fp,X509_SIG* p8); +PKCS8_PRIV_KEY_INFO* d2i_PKCS8_PRIV_KEY_INFO_fp(FILE* fp, + PKCS8_PRIV_KEY_INFO** p8inf); +int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE* fp,PKCS8_PRIV_KEY_INFO* p8inf); +int i2d_PKCS8PrivateKeyInfo_fp(FILE* fp, EVP_PKEY* key); +int i2d_PrivateKey_fp(FILE* fp, EVP_PKEY* pkey); +EVP_PKEY* d2i_PrivateKey_fp(FILE* fp, EVP_PKEY** a); +int i2d_PUBKEY_fp(FILE* fp, EVP_PKEY* pkey); +EVP_PKEY* d2i_PUBKEY_fp(FILE* fp, EVP_PKEY** a); +} + +version(OPENSSL_NO_BIO) {} else { +X509* d2i_X509_bio(BIO* bp,X509** x509); +int i2d_X509_bio(BIO* bp,X509* x509); +X509_CRL* d2i_X509_CRL_bio(BIO* bp,X509_CRL** crl); +int i2d_X509_CRL_bio(BIO* bp,X509_CRL* crl); +X509_REQ* d2i_X509_REQ_bio(BIO* bp,X509_REQ** req); +int i2d_X509_REQ_bio(BIO* bp,X509_REQ* req); +version(OPENSSL_NO_RSA) {} else { +RSA* d2i_RSAPrivateKey_bio(BIO* bp,RSA** rsa); +int i2d_RSAPrivateKey_bio(BIO* bp,RSA* rsa); +RSA* d2i_RSAPublicKey_bio(BIO* bp,RSA** rsa); +int i2d_RSAPublicKey_bio(BIO* bp,RSA* rsa); +RSA* d2i_RSA_PUBKEY_bio(BIO* bp,RSA** rsa); +int i2d_RSA_PUBKEY_bio(BIO* bp,RSA* rsa); +} +version(OPENSSL_NO_DSA) {} else { +DSA* d2i_DSA_PUBKEY_bio(BIO* bp, DSA** dsa); +int i2d_DSA_PUBKEY_bio(BIO* bp, DSA* dsa); +DSA* d2i_DSAPrivateKey_bio(BIO* bp, DSA** dsa); +int i2d_DSAPrivateKey_bio(BIO* bp, DSA* dsa); +} +version(OPENSSL_NO_EC) {} else { +EC_KEY* d2i_EC_PUBKEY_bio(BIO* bp, EC_KEY** eckey); +int i2d_EC_PUBKEY_bio(BIO* bp, EC_KEY* eckey); +EC_KEY* d2i_ECPrivateKey_bio(BIO* bp, EC_KEY** eckey); +int i2d_ECPrivateKey_bio(BIO* bp, EC_KEY* eckey); +} +X509_SIG* d2i_PKCS8_bio(BIO* bp,X509_SIG** p8); +int i2d_PKCS8_bio(BIO* bp,X509_SIG* p8); +PKCS8_PRIV_KEY_INFO* d2i_PKCS8_PRIV_KEY_INFO_bio(BIO* bp, + PKCS8_PRIV_KEY_INFO** p8inf); +int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO* bp,PKCS8_PRIV_KEY_INFO* p8inf); +int i2d_PKCS8PrivateKeyInfo_bio(BIO* bp, EVP_PKEY* key); +int i2d_PrivateKey_bio(BIO* bp, EVP_PKEY* pkey); +EVP_PKEY* d2i_PrivateKey_bio(BIO* bp, EVP_PKEY** a); +int i2d_PUBKEY_bio(BIO* bp, EVP_PKEY* pkey); +EVP_PKEY* d2i_PUBKEY_bio(BIO* bp, EVP_PKEY** a); +} + +X509* X509_dup(X509* x509); +X509_ATTRIBUTE* X509_ATTRIBUTE_dup(X509_ATTRIBUTE* xa); +X509_EXTENSION* X509_EXTENSION_dup(X509_EXTENSION* ex); +X509_CRL* X509_CRL_dup(X509_CRL* crl); +X509_REQ* X509_REQ_dup(X509_REQ* req); +X509_ALGOR* X509_ALGOR_dup(X509_ALGOR* xn); +int X509_ALGOR_set0(X509_ALGOR* alg, ASN1_OBJECT* aobj, int ptype, void* pval); +void X509_ALGOR_get0(ASN1_OBJECT** paobj, int* pptype, void** ppval, + X509_ALGOR* algor); +void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md); + +X509_NAME* X509_NAME_dup(X509_NAME* xn); +X509_NAME_ENTRY* X509_NAME_ENTRY_dup(X509_NAME_ENTRY* ne); + +int X509_cmp_time(const(ASN1_TIME)* s, time_t* t); +int X509_cmp_current_time(const(ASN1_TIME)* s); +ASN1_TIME* X509_time_adj(ASN1_TIME* s, c_long adj, time_t* t); +ASN1_TIME* X509_time_adj_ex(ASN1_TIME* s, + int offset_day, c_long offset_sec, time_t* t); +ASN1_TIME* X509_gmtime_adj(ASN1_TIME* s, c_long adj); + +const(char)* X509_get_default_cert_area(); +const(char)* X509_get_default_cert_dir(); +const(char)* X509_get_default_cert_file(); +const(char)* X509_get_default_cert_dir_env(); +const(char)* X509_get_default_cert_file_env(); +const(char)* X509_get_default_private_dir(); + +X509_REQ* X509_to_X509_REQ(X509* x, EVP_PKEY* pkey, const(EVP_MD)* md); +X509* X509_REQ_to_X509(X509_REQ* r, int days,EVP_PKEY* pkey); + +mixin(DECLARE_ASN1_FUNCTIONS!"X509_ALGOR"); +mixin(DECLARE_ASN1_ENCODE_FUNCTIONS!("X509_ALGORS", "X509_ALGORS", "X509_ALGORS")); +mixin(DECLARE_ASN1_FUNCTIONS!"X509_VAL"); + +mixin(DECLARE_ASN1_FUNCTIONS!"X509_PUBKEY"); + +int X509_PUBKEY_set(X509_PUBKEY** x, EVP_PKEY* pkey); +EVP_PKEY* X509_PUBKEY_get(X509_PUBKEY* key); +int X509_get_pubkey_parameters(EVP_PKEY* pkey, + STACK_OF!(X509) *chain); +int i2d_PUBKEY(EVP_PKEY* a,ubyte** pp); +EVP_PKEY* d2i_PUBKEY(EVP_PKEY** a,const(ubyte)** pp, + c_long length); +version(OPENSSL_NO_RSA) {} else { +int i2d_RSA_PUBKEY(RSA* a,ubyte** pp); +RSA* d2i_RSA_PUBKEY(RSA** a,const(ubyte)** pp, + c_long length); +} +version(OPENSSL_NO_DSA) {} else { +int i2d_DSA_PUBKEY(DSA* a,ubyte** pp); +DSA* d2i_DSA_PUBKEY(DSA** a,const(ubyte)** pp, + c_long length); +} +version(OPENSSL_NO_EC) {} else { +int i2d_EC_PUBKEY(EC_KEY* a, ubyte** pp); +EC_KEY* d2i_EC_PUBKEY(EC_KEY** a, const(ubyte)** pp, + c_long length); +} + +mixin(DECLARE_ASN1_FUNCTIONS!"X509_SIG"); +mixin(DECLARE_ASN1_FUNCTIONS!"X509_REQ_INFO"); +mixin(DECLARE_ASN1_FUNCTIONS!"X509_REQ"); + +mixin(DECLARE_ASN1_FUNCTIONS!"X509_ATTRIBUTE"); +X509_ATTRIBUTE* X509_ATTRIBUTE_create(int nid, int atrtype, void* value); + +mixin(DECLARE_ASN1_FUNCTIONS!"X509_EXTENSION"); +mixin(DECLARE_ASN1_ENCODE_FUNCTIONS!("X509_EXTENSIONS", "X509_EXTENSIONS", "X509_EXTENSIONS")); + +mixin(DECLARE_ASN1_FUNCTIONS!"X509_NAME_ENTRY"); + +mixin(DECLARE_ASN1_FUNCTIONS!"X509_NAME"); + +int X509_NAME_set(X509_NAME** xn, X509_NAME* name); + +mixin(DECLARE_ASN1_FUNCTIONS!"X509_CINF"); + +mixin(DECLARE_ASN1_FUNCTIONS!"X509"); +mixin(DECLARE_ASN1_FUNCTIONS!"X509_CERT_AUX"); + +mixin(DECLARE_ASN1_FUNCTIONS!"X509_CERT_PAIR"); + +int X509_get_ex_new_index(c_long argl, void* argp, CRYPTO_EX_new* new_func, + CRYPTO_EX_dup* dup_func, CRYPTO_EX_free* free_func); +int X509_set_ex_data(X509* r, int idx, void* arg); +void* X509_get_ex_data(X509* r, int idx); +int i2d_X509_AUX(X509* a,ubyte** pp); +X509* d2i_X509_AUX(X509** a,const(ubyte)** pp,c_long length); + +int X509_alias_set1(X509* x, ubyte* name, int len); +int X509_keyid_set1(X509* x, ubyte* id, int len); +ubyte* X509_alias_get0(X509* x, int* len); +ubyte* X509_keyid_get0(X509* x, int* len); +int function(int, X509*, int) X509_TRUST_set_default(ExternC!(int function(int , X509*, int)) trust); +int X509_TRUST_set(int* t, int trust); +int X509_add1_trust_object(X509* x, ASN1_OBJECT* obj); +int X509_add1_reject_object(X509* x, ASN1_OBJECT* obj); +void X509_trust_clear(X509* x); +void X509_reject_clear(X509* x); + +mixin(DECLARE_ASN1_FUNCTIONS!"X509_REVOKED"); +mixin(DECLARE_ASN1_FUNCTIONS!"X509_CRL_INFO"); +mixin(DECLARE_ASN1_FUNCTIONS!"X509_CRL"); + +int X509_CRL_add0_revoked(X509_CRL* crl, X509_REVOKED* rev); +int X509_CRL_get0_by_serial(X509_CRL* crl, + X509_REVOKED** ret, ASN1_INTEGER* serial); +int X509_CRL_get0_by_cert(X509_CRL* crl, X509_REVOKED** ret, X509* x); + +X509_PKEY* X509_PKEY_new(); +void X509_PKEY_free(X509_PKEY* a); +int i2d_X509_PKEY(X509_PKEY* a,ubyte** pp); +X509_PKEY* d2i_X509_PKEY(X509_PKEY** a,const(ubyte)** pp,c_long length); + +mixin(DECLARE_ASN1_FUNCTIONS!"NETSCAPE_SPKI"); +mixin(DECLARE_ASN1_FUNCTIONS!"NETSCAPE_SPKAC"); +mixin(DECLARE_ASN1_FUNCTIONS!"NETSCAPE_CERT_SEQUENCE"); + +version(OPENSSL_NO_EVP) {} else { +X509_INFO* X509_INFO_new(); +void X509_INFO_free(X509_INFO* a); +char* X509_NAME_oneline(X509_NAME* a,char* buf,int size); + +int ASN1_verify(i2d_of_void* i2d, X509_ALGOR* algor1, + ASN1_BIT_STRING* signature,char* data,EVP_PKEY* pkey); + +int ASN1_digest(i2d_of_void* i2d,const(EVP_MD)* type,char* data, + ubyte* md,uint* len); + +int ASN1_sign(i2d_of_void* i2d, X509_ALGOR* algor1, + X509_ALGOR* algor2, ASN1_BIT_STRING* signature, + char* data,EVP_PKEY* pkey, const(EVP_MD)* type); + +int ASN1_item_digest(const(ASN1_ITEM)* it,const(EVP_MD)* type,void* data, + ubyte* md,uint* len); + +int ASN1_item_verify(const(ASN1_ITEM)* it, X509_ALGOR* algor1, + ASN1_BIT_STRING* signature,void* data,EVP_PKEY* pkey); + +int ASN1_item_sign(const(ASN1_ITEM)* it, X509_ALGOR* algor1, X509_ALGOR* algor2, + ASN1_BIT_STRING* signature, + void* data, EVP_PKEY* pkey, const(EVP_MD)* type); +int ASN1_item_sign_ctx(const ASN1_ITEM *it, + X509_ALGOR *algor1, X509_ALGOR *algor2, + ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx); +} + +int X509_set_version(X509* x,c_long version_); +int X509_set_serialNumber(X509* x, ASN1_INTEGER* serial); +ASN1_INTEGER* X509_get_serialNumber(X509* x); +int X509_set_issuer_name(X509* x, X509_NAME* name); +X509_NAME* X509_get_issuer_name(X509* a); +int X509_set_subject_name(X509* x, X509_NAME* name); +X509_NAME* X509_get_subject_name(X509* a); +int X509_set_notBefore(X509* x, const(ASN1_TIME)* tm); +int X509_set_notAfter(X509* x, const(ASN1_TIME)* tm); +int X509_set_pubkey(X509* x, EVP_PKEY* pkey); +EVP_PKEY* X509_get_pubkey(X509* x); +ASN1_BIT_STRING* X509_get0_pubkey_bitstr(const(X509)* x); +int X509_certificate_type(X509* x,EVP_PKEY* pubkey /* optional */); + +int X509_REQ_set_version(X509_REQ* x,c_long version_); +int X509_REQ_set_subject_name(X509_REQ* req,X509_NAME* name); +int X509_REQ_set_pubkey(X509_REQ* x, EVP_PKEY* pkey); +EVP_PKEY* X509_REQ_get_pubkey(X509_REQ* req); +int X509_REQ_extension_nid(int nid); +int* X509_REQ_get_extension_nids(); +void X509_REQ_set_extension_nids(int* nids); +STACK_OF!(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ* req); +int X509_REQ_add_extensions_nid(X509_REQ* req, STACK_OF!(X509_EXTENSION) *exts, + int nid); +int X509_REQ_add_extensions(X509_REQ* req, STACK_OF!(X509_EXTENSION) *exts); +int X509_REQ_get_attr_count(const(X509_REQ)* req); +int X509_REQ_get_attr_by_NID(const(X509_REQ)* req, int nid, + int lastpos); +int X509_REQ_get_attr_by_OBJ(const(X509_REQ)* req, ASN1_OBJECT* obj, + int lastpos); +X509_ATTRIBUTE* X509_REQ_get_attr(const(X509_REQ)* req, int loc); +X509_ATTRIBUTE* X509_REQ_delete_attr(X509_REQ* req, int loc); +int X509_REQ_add1_attr(X509_REQ* req, X509_ATTRIBUTE* attr); +int X509_REQ_add1_attr_by_OBJ(X509_REQ* req, + const(ASN1_OBJECT)* obj, int type, + const(ubyte)* bytes, int len); +int X509_REQ_add1_attr_by_NID(X509_REQ* req, + int nid, int type, + const(ubyte)* bytes, int len); +int X509_REQ_add1_attr_by_txt(X509_REQ* req, + const(char)* attrname, int type, + const(ubyte)* bytes, int len); + +int X509_CRL_set_version(X509_CRL* x, c_long version_); +int X509_CRL_set_issuer_name(X509_CRL* x, X509_NAME* name); +int X509_CRL_set_lastUpdate(X509_CRL* x, const(ASN1_TIME)* tm); +int X509_CRL_set_nextUpdate(X509_CRL* x, const(ASN1_TIME)* tm); +int X509_CRL_sort(X509_CRL* crl); + +int X509_REVOKED_set_serialNumber(X509_REVOKED* x, ASN1_INTEGER* serial); +int X509_REVOKED_set_revocationDate(X509_REVOKED* r, ASN1_TIME* tm); + +int X509_REQ_check_private_key(X509_REQ* x509,EVP_PKEY* pkey); + +int X509_check_private_key(X509* x509,EVP_PKEY* pkey); + +int X509_issuer_and_serial_cmp(const(X509)* a, const(X509)* b); +c_ulong X509_issuer_and_serial_hash(X509* a); + +int X509_issuer_name_cmp(const(X509)* a, const(X509)* b); +c_ulong X509_issuer_name_hash(X509* a); + +int X509_subject_name_cmp(const(X509)* a, const(X509)* b); +c_ulong X509_subject_name_hash(X509* x); + +version(OPENSSL_NO_MD5) {} else { +c_ulong X509_issuer_name_hash_old(X509* a); +c_ulong X509_subject_name_hash_old(X509* x); +} + +int X509_cmp(const(X509)* a, const(X509)* b); +int X509_NAME_cmp(const(X509_NAME)* a, const(X509_NAME)* b); +c_ulong X509_NAME_hash(X509_NAME* x); +c_ulong X509_NAME_hash_old(X509_NAME* x); + +int X509_CRL_cmp(const(X509_CRL)* a, const(X509_CRL)* b); +int X509_CRL_match(const(X509_CRL)* a, const(X509_CRL)* b); +version(OPENSSL_NO_FP_API) {} else { +int X509_print_ex_fp(FILE* bp,X509* x, c_ulong nmflag, c_ulong cflag); +int X509_print_fp(FILE* bp,X509* x); +int X509_CRL_print_fp(FILE* bp,X509_CRL* x); +int X509_REQ_print_fp(FILE* bp,X509_REQ* req); +int X509_NAME_print_ex_fp(FILE* fp, X509_NAME* nm, int indent, c_ulong flags); +} + +version(OPENSSL_NO_BIO) {} else { +int X509_NAME_print(BIO* bp, X509_NAME* name, int obase); +int X509_NAME_print_ex(BIO* out_, X509_NAME* nm, int indent, c_ulong flags); +int X509_print_ex(BIO* bp,X509* x, c_ulong nmflag, c_ulong cflag); +int X509_print(BIO* bp,X509* x); +int X509_ocspid_print(BIO* bp,X509* x); +int X509_CERT_AUX_print(BIO* bp,X509_CERT_AUX* x, int indent); +int X509_CRL_print(BIO* bp,X509_CRL* x); +int X509_REQ_print_ex(BIO* bp, X509_REQ* x, c_ulong nmflag, c_ulong cflag); +int X509_REQ_print(BIO* bp,X509_REQ* req); +} + +int X509_NAME_entry_count(X509_NAME* name); +int X509_NAME_get_text_by_NID(X509_NAME* name, int nid, + char* buf,int len); +int X509_NAME_get_text_by_OBJ(X509_NAME* name, ASN1_OBJECT* obj, + char* buf,int len); + +/* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use + * lastpos, search after that position on. */ +int X509_NAME_get_index_by_NID(X509_NAME* name,int nid,int lastpos); +int X509_NAME_get_index_by_OBJ(X509_NAME* name,ASN1_OBJECT* obj, + int lastpos); +X509_NAME_ENTRY* X509_NAME_get_entry(X509_NAME* name, int loc); +X509_NAME_ENTRY* X509_NAME_delete_entry(X509_NAME* name, int loc); +int X509_NAME_add_entry(X509_NAME* name,X509_NAME_ENTRY* ne, + int loc, int set); +int X509_NAME_add_entry_by_OBJ(X509_NAME* name, ASN1_OBJECT* obj, int type, + ubyte* bytes, int len, int loc, int set); +int X509_NAME_add_entry_by_NID(X509_NAME* name, int nid, int type, + ubyte* bytes, int len, int loc, int set); +X509_NAME_ENTRY* X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY** ne, + const(char)* field, int type, const(ubyte)* bytes, int len); +X509_NAME_ENTRY* X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY** ne, int nid, + int type,ubyte* bytes, int len); +int X509_NAME_add_entry_by_txt(X509_NAME* name, const(char)* field, int type, + const(ubyte)* bytes, int len, int loc, int set); +X509_NAME_ENTRY* X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY** ne, + ASN1_OBJECT* obj, int type,const(ubyte)* bytes, + int len); +int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY* ne, + ASN1_OBJECT* obj); +int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY* ne, int type, + const(ubyte)* bytes, int len); +ASN1_OBJECT* X509_NAME_ENTRY_get_object(X509_NAME_ENTRY* ne); +ASN1_STRING* X509_NAME_ENTRY_get_data(X509_NAME_ENTRY* ne); + +int X509v3_get_ext_count(const STACK_OF!(X509_EXTENSION) *x); +int X509v3_get_ext_by_NID(const STACK_OF!(X509_EXTENSION) *x, + int nid, int lastpos); +int X509v3_get_ext_by_OBJ(const STACK_OF!(X509_EXTENSION) *x, + ASN1_OBJECT* obj,int lastpos); +int X509v3_get_ext_by_critical(const STACK_OF!(X509_EXTENSION) *x, + int crit, int lastpos); +X509_EXTENSION* X509v3_get_ext(const STACK_OF!(X509_EXTENSION) *x, int loc); +X509_EXTENSION* X509v3_delete_ext(STACK_OF!(X509_EXTENSION) *x, int loc); +STACK_OF!(X509_EXTENSION) *X509v3_add_ext(STACK_OF!(X509_EXTENSION) **x, + X509_EXTENSION* ex, int loc); + +int X509_get_ext_count(X509* x); +int X509_get_ext_by_NID(X509* x, int nid, int lastpos); +int X509_get_ext_by_OBJ(X509* x,ASN1_OBJECT* obj,int lastpos); +int X509_get_ext_by_critical(X509* x, int crit, int lastpos); +X509_EXTENSION* X509_get_ext(X509* x, int loc); +X509_EXTENSION* X509_delete_ext(X509* x, int loc); +int X509_add_ext(X509* x, X509_EXTENSION* ex, int loc); +void* X509_get_ext_d2i(X509* x, int nid, int* crit, int* idx); +int X509_add1_ext_i2d(X509* x, int nid, void* value, int crit, + c_ulong flags); + +int X509_CRL_get_ext_count(X509_CRL* x); +int X509_CRL_get_ext_by_NID(X509_CRL* x, int nid, int lastpos); +int X509_CRL_get_ext_by_OBJ(X509_CRL* x,ASN1_OBJECT* obj,int lastpos); +int X509_CRL_get_ext_by_critical(X509_CRL* x, int crit, int lastpos); +X509_EXTENSION* X509_CRL_get_ext(X509_CRL* x, int loc); +X509_EXTENSION* X509_CRL_delete_ext(X509_CRL* x, int loc); +int X509_CRL_add_ext(X509_CRL* x, X509_EXTENSION* ex, int loc); +void* X509_CRL_get_ext_d2i(X509_CRL* x, int nid, int* crit, int* idx); +int X509_CRL_add1_ext_i2d(X509_CRL* x, int nid, void* value, int crit, + c_ulong flags); + +int X509_REVOKED_get_ext_count(X509_REVOKED* x); +int X509_REVOKED_get_ext_by_NID(X509_REVOKED* x, int nid, int lastpos); +int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED* x,ASN1_OBJECT* obj,int lastpos); +int X509_REVOKED_get_ext_by_critical(X509_REVOKED* x, int crit, int lastpos); +X509_EXTENSION* X509_REVOKED_get_ext(X509_REVOKED* x, int loc); +X509_EXTENSION* X509_REVOKED_delete_ext(X509_REVOKED* x, int loc); +int X509_REVOKED_add_ext(X509_REVOKED* x, X509_EXTENSION* ex, int loc); +void* X509_REVOKED_get_ext_d2i(X509_REVOKED* x, int nid, int* crit, int* idx); +int X509_REVOKED_add1_ext_i2d(X509_REVOKED* x, int nid, void* value, int crit, + c_ulong flags); + +X509_EXTENSION* X509_EXTENSION_create_by_NID(X509_EXTENSION** ex, + int nid, int crit, ASN1_OCTET_STRING* data); +X509_EXTENSION* X509_EXTENSION_create_by_OBJ(X509_EXTENSION** ex, + ASN1_OBJECT* obj,int crit,ASN1_OCTET_STRING* data); +int X509_EXTENSION_set_object(X509_EXTENSION* ex,ASN1_OBJECT* obj); +int X509_EXTENSION_set_critical(X509_EXTENSION* ex, int crit); +int X509_EXTENSION_set_data(X509_EXTENSION* ex, + ASN1_OCTET_STRING* data); +ASN1_OBJECT* X509_EXTENSION_get_object(X509_EXTENSION* ex); +ASN1_OCTET_STRING* X509_EXTENSION_get_data(X509_EXTENSION* ne); +int X509_EXTENSION_get_critical(X509_EXTENSION* ex); + +int X509at_get_attr_count(const STACK_OF!(X509_ATTRIBUTE) *x); +int X509at_get_attr_by_NID(const STACK_OF!(X509_ATTRIBUTE) *x, int nid, + int lastpos); +int X509at_get_attr_by_OBJ(const STACK_OF!(X509_ATTRIBUTE) *sk, ASN1_OBJECT* obj, + int lastpos); +X509_ATTRIBUTE* X509at_get_attr(const STACK_OF!(X509_ATTRIBUTE) *x, int loc); +X509_ATTRIBUTE* X509at_delete_attr(STACK_OF!(X509_ATTRIBUTE) *x, int loc); +STACK_OF!(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF!(X509_ATTRIBUTE) **x, + X509_ATTRIBUTE* attr); +STACK_OF!(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF!(X509_ATTRIBUTE) **x, + const(ASN1_OBJECT)* obj, int type, + const(ubyte)* bytes, int len); +STACK_OF!(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF!(X509_ATTRIBUTE) **x, + int nid, int type, + const(ubyte)* bytes, int len); +STACK_OF!(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF!(X509_ATTRIBUTE) **x, + const(char)* attrname, int type, + const(ubyte)* bytes, int len); +void* X509at_get0_data_by_OBJ(STACK_OF!(X509_ATTRIBUTE) *x, + ASN1_OBJECT* obj, int lastpos, int type); +X509_ATTRIBUTE* X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE** attr, int nid, + int atrtype, const(void)* data, int len); +X509_ATTRIBUTE* X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE** attr, + const(ASN1_OBJECT)* obj, int atrtype, const(void)* data, int len); +X509_ATTRIBUTE* X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE** attr, + const(char)* atrname, int type, const(ubyte)* bytes, int len); +int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE* attr, const(ASN1_OBJECT)* obj); +int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE* attr, int attrtype, const(void)* data, int len); +void* X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE* attr, int idx, + int atrtype, void* data); +int X509_ATTRIBUTE_count(X509_ATTRIBUTE* attr); +ASN1_OBJECT* X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE* attr); +ASN1_TYPE* X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE* attr, int idx); + +int EVP_PKEY_get_attr_count(const(EVP_PKEY)* key); +int EVP_PKEY_get_attr_by_NID(const(EVP_PKEY)* key, int nid, + int lastpos); +int EVP_PKEY_get_attr_by_OBJ(const(EVP_PKEY)* key, ASN1_OBJECT* obj, + int lastpos); +X509_ATTRIBUTE* EVP_PKEY_get_attr(const(EVP_PKEY)* key, int loc); +X509_ATTRIBUTE* EVP_PKEY_delete_attr(EVP_PKEY* key, int loc); +int EVP_PKEY_add1_attr(EVP_PKEY* key, X509_ATTRIBUTE* attr); +int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY* key, + const(ASN1_OBJECT)* obj, int type, + const(ubyte)* bytes, int len); +int EVP_PKEY_add1_attr_by_NID(EVP_PKEY* key, + int nid, int type, + const(ubyte)* bytes, int len); +int EVP_PKEY_add1_attr_by_txt(EVP_PKEY* key, + const(char)* attrname, int type, + const(ubyte)* bytes, int len); + +int X509_verify_cert(X509_STORE_CTX* ctx); + +/* lookup a cert from a X509 STACK */ +X509* X509_find_by_issuer_and_serial(STACK_OF!(X509) *sk,X509_NAME* name, + ASN1_INTEGER* serial); +X509* X509_find_by_subject(STACK_OF!(X509) *sk,X509_NAME* name); + +mixin(DECLARE_ASN1_FUNCTIONS!"PBEPARAM"); +mixin(DECLARE_ASN1_FUNCTIONS!"PBE2PARAM"); +mixin(DECLARE_ASN1_FUNCTIONS!"PBKDF2PARAM"); + +int PKCS5_pbe_set0_algor(X509_ALGOR* algor, int alg, int iter, + const(ubyte)* salt, int saltlen); + +X509_ALGOR* PKCS5_pbe_set(int alg, int iter, + const(ubyte)* salt, int saltlen); +X509_ALGOR* PKCS5_pbe2_set(const(EVP_CIPHER)* cipher, int iter, + ubyte* salt, int saltlen); +X509_ALGOR* PKCS5_pbe2_set_iv(const(EVP_CIPHER)* cipher, int iter, + ubyte* salt, int saltlen, + ubyte* aiv, int prf_nid); + +X509_ALGOR *PKCS5_pbkdf2_set(int iter, ubyte* salt, int saltlen, + int prf_nid, int keylen); + +/* PKCS#8 utilities */ + +mixin(DECLARE_ASN1_FUNCTIONS!"PKCS8_PRIV_KEY_INFO"); + +EVP_PKEY* EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO* p8); +PKCS8_PRIV_KEY_INFO* EVP_PKEY2PKCS8(EVP_PKEY* pkey); +PKCS8_PRIV_KEY_INFO* EVP_PKEY2PKCS8_broken(EVP_PKEY* pkey, int broken); +PKCS8_PRIV_KEY_INFO* PKCS8_set_broken(PKCS8_PRIV_KEY_INFO* p8, int broken); + +int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO* priv, ASN1_OBJECT* aobj, + int version_, int ptype, void* pval, + ubyte* penc, int penclen); +int PKCS8_pkey_get0(ASN1_OBJECT** ppkalg, + const(ubyte)** pk, int* ppklen, + X509_ALGOR** pa, + PKCS8_PRIV_KEY_INFO* p8); + +int X509_PUBKEY_set0_param(X509_PUBKEY* pub, ASN1_OBJECT* aobj, + int ptype, void* pval, + ubyte* penc, int penclen); +int X509_PUBKEY_get0_param(ASN1_OBJECT** ppkalg, + const(ubyte)** pk, int* ppklen, + X509_ALGOR** pa, + X509_PUBKEY* pub); + +int X509_check_trust(X509* x, int id, int flags); +int X509_TRUST_get_count(); +X509_TRUST* X509_TRUST_get0(int idx); +int X509_TRUST_get_by_id(int id); +int X509_TRUST_add(int id, int flags, ExternC!(int function(X509_TRUST*, X509*, int)) ck, + char* name, int arg1, void* arg2); +void X509_TRUST_cleanup(); +int X509_TRUST_get_flags(X509_TRUST* xp); +char* X509_TRUST_get0_name(X509_TRUST* xp); +int X509_TRUST_get_trust(X509_TRUST* xp); + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_X509_strings(); + +/* Error codes for the X509 functions. */ + +/* Function codes. */ +enum X509_F_ADD_CERT_DIR = 100; +enum X509_F_BY_FILE_CTRL = 101; +enum X509_F_CHECK_POLICY = 145; +enum X509_F_DIR_CTRL = 102; +enum X509_F_GET_CERT_BY_SUBJECT = 103; +enum X509_F_NETSCAPE_SPKI_B64_DECODE = 129; +enum X509_F_NETSCAPE_SPKI_B64_ENCODE = 130; +enum X509_F_X509AT_ADD1_ATTR = 135; +enum X509_F_X509V3_ADD_EXT = 104; +enum X509_F_X509_ATTRIBUTE_CREATE_BY_NID = 136; +enum X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ = 137; +enum X509_F_X509_ATTRIBUTE_CREATE_BY_TXT = 140; +enum X509_F_X509_ATTRIBUTE_GET0_DATA = 139; +enum X509_F_X509_ATTRIBUTE_SET1_DATA = 138; +enum X509_F_X509_CHECK_PRIVATE_KEY = 128; +enum X509_F_X509_CRL_PRINT_FP = 147; +enum X509_F_X509_EXTENSION_CREATE_BY_NID = 108; +enum X509_F_X509_EXTENSION_CREATE_BY_OBJ = 109; +enum X509_F_X509_GET_PUBKEY_PARAMETERS = 110; +enum X509_F_X509_LOAD_CERT_CRL_FILE = 132; +enum X509_F_X509_LOAD_CERT_FILE = 111; +enum X509_F_X509_LOAD_CRL_FILE = 112; +enum X509_F_X509_NAME_ADD_ENTRY = 113; +enum X509_F_X509_NAME_ENTRY_CREATE_BY_NID = 114; +enum X509_F_X509_NAME_ENTRY_CREATE_BY_TXT = 131; +enum X509_F_X509_NAME_ENTRY_SET_OBJECT = 115; +enum X509_F_X509_NAME_ONELINE = 116; +enum X509_F_X509_NAME_PRINT = 117; +enum X509_F_X509_PRINT_EX_FP = 118; +enum X509_F_X509_PUBKEY_GET = 119; +enum X509_F_X509_PUBKEY_SET = 120; +enum X509_F_X509_REQ_CHECK_PRIVATE_KEY = 144; +enum X509_F_X509_REQ_PRINT_EX = 121; +enum X509_F_X509_REQ_PRINT_FP = 122; +enum X509_F_X509_REQ_TO_X509 = 123; +enum X509_F_X509_STORE_ADD_CERT = 124; +enum X509_F_X509_STORE_ADD_CRL = 125; +enum X509_F_X509_STORE_CTX_GET1_ISSUER = 146; +enum X509_F_X509_STORE_CTX_INIT = 143; +enum X509_F_X509_STORE_CTX_NEW = 142; +enum X509_F_X509_STORE_CTX_PURPOSE_INHERIT = 134; +enum X509_F_X509_TO_X509_REQ = 126; +enum X509_F_X509_TRUST_ADD = 133; +enum X509_F_X509_TRUST_SET = 141; +enum X509_F_X509_VERIFY_CERT = 127; + +/* Reason codes. */ +enum X509_R_BAD_X509_FILETYPE = 100; +enum X509_R_BASE64_DECODE_ERROR = 118; +enum X509_R_CANT_CHECK_DH_KEY = 114; +enum X509_R_CERT_ALREADY_IN_HASH_TABLE = 101; +enum X509_R_ERR_ASN1_LIB = 102; +enum X509_R_INVALID_DIRECTORY = 113; +enum X509_R_INVALID_FIELD_NAME = 119; +enum X509_R_INVALID_TRUST = 123; +enum X509_R_KEY_TYPE_MISMATCH = 115; +enum X509_R_KEY_VALUES_MISMATCH = 116; +enum X509_R_LOADING_CERT_DIR = 103; +enum X509_R_LOADING_DEFAULTS = 104; +enum X509_R_METHOD_NOT_SUPPORTED = 124; +enum X509_R_NO_CERT_SET_FOR_US_TO_VERIFY = 105; +enum X509_R_PUBLIC_KEY_DECODE_ERROR = 125; +enum X509_R_PUBLIC_KEY_ENCODE_ERROR = 126; +enum X509_R_SHOULD_RETRY = 106; +enum X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN = 107; +enum X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY = 108; +enum X509_R_UNKNOWN_KEY_TYPE = 117; +enum X509_R_UNKNOWN_NID = 109; +enum X509_R_UNKNOWN_PURPOSE_ID = 121; +enum X509_R_UNKNOWN_TRUST_ID = 120; +enum X509_R_UNSUPPORTED_ALGORITHM = 111; +enum X509_R_WRONG_LOOKUP_TYPE = 112; +enum X509_R_WRONG_TYPE = 122; diff --git a/deimos/openssl/x509_vfy.d b/deimos/openssl/x509_vfy.d new file mode 100644 index 0000000..99d64bc --- /dev/null +++ b/deimos/openssl/x509_vfy.d @@ -0,0 +1,573 @@ +/* crypto/x509/x509_vfy.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +// #ifndef HEADER_X509_H +// public import deimos.openssl.x509; +// /* openssl/x509.h ends up #include-ing this file at about the only +// * appropriate moment. */ +// #endif + +module deimos.openssl.x509_vfy; + +import deimos.openssl._d_util; + +import core.stdc.time; +import deimos.openssl.asn1; // Needed for ASN1_OBJECT. +import deimos.openssl.x509v3; // Needed for POLICYQUALINFO. + +public import deimos.openssl.opensslconf; +version(OPENSSL_NO_LHASH) {} else { +public import deimos.openssl.lhash; +} +public import deimos.openssl.bio; +public import deimos.openssl.crypto; +public import deimos.openssl.symhacks; + +extern (C): +nothrow: + +version (none) { +/* Outer object */ +struct x509_hash_dir_st { + int num_dirs; + char** dirs; + int* dirs_type; + int num_dirs_alloced; + } +alias x509_hash_dir_st X509_HASH_DIR_CTX; +} + +struct x509_file_st { + int num_paths; /* number of paths to files or directories */ + int num_alloced; + char** paths; /* the list of paths or directories */ + int* path_type; + } +alias x509_file_st X509_CERT_FILE_CTX; + +/*******************************/ +/* +SSL_CTX -> X509_STORE + -> X509_LOOKUP + ->X509_LOOKUP_METHOD + -> X509_LOOKUP + ->X509_LOOKUP_METHOD + +SSL -> X509_STORE_CTX + ->X509_STORE + +The X509_STORE holds the tables etc for verification stuff. +A X509_STORE_CTX is used while validating a single certificate. +The X509_STORE has X509_LOOKUPs for looking up certs. +The X509_STORE then calls a function to actually verify the +certificate chain. +*/ + +enum X509_LU_RETRY = -1; +enum X509_LU_FAIL = 0; +enum X509_LU_X509 = 1; +enum X509_LU_CRL = 2; +enum X509_LU_PKEY = 3; + +struct x509_object_st + { + /* one of the above types */ + int type; + union data_ { + char* ptr; + X509* x509; + X509_CRL* crl; + EVP_PKEY* pkey; + } + data_ data; + } +alias x509_object_st X509_OBJECT; + +alias x509_lookup_st X509_LOOKUP; + +/+mixin DECLARE_STACK_OF!(X509_LOOKUP);+/ +/+mixin DECLARE_STACK_OF!(X509_OBJECT);+/ + +/* This is a static that defines the function interface */ +struct x509_lookup_method_st { + const(char)* name; + ExternC!(int function(X509_LOOKUP* ctx)) new_item; + ExternC!(void function(X509_LOOKUP* ctx)) free; + ExternC!(int function(X509_LOOKUP* ctx)) init_; + ExternC!(int function(X509_LOOKUP* ctx)) shutdown; + ExternC!(int function(X509_LOOKUP* ctx,int cmd,const(char)* argc,c_long argl, + char** ret)) ctrl; + ExternC!(int function(X509_LOOKUP* ctx,int type,X509_NAME* name, + X509_OBJECT* ret)) get_by_subject; + ExternC!(int function(X509_LOOKUP* ctx,int type,X509_NAME* name, + ASN1_INTEGER* serial,X509_OBJECT* ret)) get_by_issuer_serial; + ExternC!(int function(X509_LOOKUP* ctx,int type, + ubyte* bytes,int len, + X509_OBJECT* ret)) get_by_fingerprint; + ExternC!(int function(X509_LOOKUP* ctx,int type,char* str,int len, + X509_OBJECT* ret)) get_by_alias; + } +alias x509_lookup_method_st X509_LOOKUP_METHOD; + +/* This structure hold all parameters associated with a verify operation + * by including an X509_VERIFY_PARAM structure in related structures the + * parameters used can be customized + */ + +struct X509_VERIFY_PARAM_st { + char* name; + time_t check_time; /* Time to use */ + c_ulong inh_flags; /* Inheritance flags */ + c_ulong flags; /* Various verify flags */ + int purpose; /* purpose to check untrusted certificates */ + int trust; /* trust setting to check */ + int depth; /* Verify depth */ + STACK_OF!(ASN1_OBJECT) *policies; /* Permissible policies */ + } +alias X509_VERIFY_PARAM_st X509_VERIFY_PARAM; + +/+mixin DECLARE_STACK_OF!(X509_VERIFY_PARAM);+/ + +/* This is used to hold everything. It is used for all certificate + * validation. Once we have a certificate chain, the 'verify' + * function is then called to actually check the cert chain. */ +struct x509_store_st + { + /* The following is a cache of trusted certs */ + int cache; /* if true, stash any hits */ + STACK_OF!(X509_OBJECT) *objs; /* Cache of all objects */ + + /* These are external lookup methods */ + STACK_OF!(X509_LOOKUP) *get_cert_methods; + + X509_VERIFY_PARAM* param; + + /* Callbacks for various operations */ + ExternC!(int function(X509_STORE_CTX* ctx)) verify; /* called to verify a certificate */ + ExternC!(int function(int ok,X509_STORE_CTX* ctx)) verify_cb; /* error callback */ + ExternC!(int function(X509** issuer, X509_STORE_CTX* ctx, X509* x)) get_issuer; /* get issuers cert from ctx */ + ExternC!(int function(X509_STORE_CTX* ctx, X509* x, X509* issuer)) check_issued; /* check issued */ + ExternC!(int function(X509_STORE_CTX* ctx)) check_revocation; /* Check revocation status of chain */ + ExternC!(int function(X509_STORE_CTX* ctx, X509_CRL** crl, X509* x)) get_crl; /* retrieve CRL */ + ExternC!(int function(X509_STORE_CTX* ctx, X509_CRL* crl)) check_crl; /* Check CRL validity */ + ExternC!(int function(X509_STORE_CTX* ctx, X509_CRL* crl, X509* x)) cert_crl; /* Check certificate against CRL */ + ExternC!(STACK_OF!(X509)* function(X509_STORE_CTX* ctx, X509_NAME* nm)) lookup_certs; + ExternC!(STACK_OF!(X509_CRL)* function(X509_STORE_CTX* ctx, X509_NAME* nm)) lookup_crls; + ExternC!(int function(X509_STORE_CTX* ctx)) cleanup; + + CRYPTO_EX_DATA ex_data; + int references; + } /* X509_STORE */; + +int X509_STORE_set_depth(X509_STORE* store, int depth); + +auto X509_STORE_set_verify_cb_func()(X509_STORE_CTX* ctx, typeof(X509_STORE_CTX.init.verify_cb) func) { ctx.verify_cb = func; } +auto X509_STORE_set_verify_func()(X509_STORE_CTX* ctx, typeof(X509_STORE_CTX.init.verify) func) { ctx.verify = func; } + +/* This is the functions plus an instance of the local variables. */ +struct x509_lookup_st + { + int init_; /* have we been started */ + int skip; /* don't use us. */ + X509_LOOKUP_METHOD* method; /* the functions */ + char* method_data; /* method data */ + + X509_STORE* store_ctx; /* who owns us */ + } /* X509_LOOKUP */; + +/* This is a used when verifying cert chains. Since the + * gathering of the cert chain can take some time (and have to be + * 'retried', this needs to be kept and passed around. */ +struct x509_store_ctx_st + { + X509_STORE* ctx; + int current_method; /* used when looking up certs */ + + /* The following are set by the caller */ + X509* cert; /* The cert to check */ + STACK_OF!(X509) *untrusted; /* chain of X509s - untrusted - passed in */ + STACK_OF!(X509_CRL) *crls; /* set of CRLs passed in */ + + X509_VERIFY_PARAM* param; + void* other_ctx; /* Other info for use with get_issuer() */ + + /* Callbacks for various operations */ + ExternC!(int function(X509_STORE_CTX* ctx)) verify; /* called to verify a certificate */ + ExternC!(int function(int ok,X509_STORE_CTX* ctx)) verify_cb; /* error callback */ + ExternC!(int function(X509** issuer, X509_STORE_CTX* ctx, X509* x)) get_issuer; /* get issuers cert from ctx */ + ExternC!(int function(X509_STORE_CTX* ctx, X509* x, X509* issuer)) check_issued; /* check issued */ + ExternC!(int function(X509_STORE_CTX* ctx)) check_revocation; /* Check revocation status of chain */ + ExternC!(int function(X509_STORE_CTX* ctx, X509_CRL** crl, X509* x)) get_crl; /* retrieve CRL */ + ExternC!(int function(X509_STORE_CTX* ctx, X509_CRL* crl)) check_crl; /* Check CRL validity */ + ExternC!(int function(X509_STORE_CTX* ctx, X509_CRL* crl, X509* x)) cert_crl; /* Check certificate against CRL */ + ExternC!(int function(X509_STORE_CTX* ctx)) check_policy; + ExternC!(STACK_OF!(X509)* function(X509_STORE_CTX* ctx, X509_NAME* nm)) lookup_certs; + ExternC!(STACK_OF!(X509_CRL)* function(X509_STORE_CTX* ctx, X509_NAME* nm)) lookup_crls; + ExternC!(int function(X509_STORE_CTX* ctx)) cleanup; + + /* The following is built up */ + int valid; /* if 0, rebuild chain */ + int last_untrusted; /* index of last untrusted cert */ + STACK_OF!(X509) *chain; /* chain of X509s - built up and trusted */ + X509_POLICY_TREE* tree; /* Valid policy tree */ + + int explicit_policy; /* Require explicit policy value */ + + /* When something goes wrong, this is why */ + int error_depth; + int error; + X509* current_cert; + X509* current_issuer; /* cert currently being tested as valid issuer */ + X509_CRL* current_crl; /* current CRL */ + + int current_crl_score; /* score of current CRL */ + uint current_reasons; /* Reason mask */ + + X509_STORE_CTX* parent; /* For CRL path validation: parent context */ + + CRYPTO_EX_DATA ex_data; + } /* X509_STORE_CTX */; + +void X509_STORE_CTX_set_depth(X509_STORE_CTX* ctx, int depth); + +auto X509_STORE_CTX_set_app_data()(X509_STORE_CTX* ctx, void* data) { + return X509_STORE_CTX_set_ex_data(ctx,0,data); +} + +auto X509_STORE_CTX_get_app_data()(X509_STORE_CTX* ctx) { + return X509_STORE_CTX_get_ex_data(ctx,0); +} + +enum X509_L_FILE_LOAD = 1; +enum X509_L_ADD_DIR = 2; + +auto X509_LOOKUP_load_file()(X509_LOOKUP* x,const(char)* name, c_long type) { + return X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(type),null); +} + + +auto X509_LOOKUP_add_dir()(X509_LOOKUP* x,const(char)* name, c_long type) { + return X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(type),null); +} + +enum X509_V_OK = 0; +/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */ + +enum X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 2; +enum X509_V_ERR_UNABLE_TO_GET_CRL = 3; +enum X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE = 4; +enum X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE = 5; +enum X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY = 6; +enum X509_V_ERR_CERT_SIGNATURE_FAILURE = 7; +enum X509_V_ERR_CRL_SIGNATURE_FAILURE = 8; +enum X509_V_ERR_CERT_NOT_YET_VALID = 9; +enum X509_V_ERR_CERT_HAS_EXPIRED = 10; +enum X509_V_ERR_CRL_NOT_YET_VALID = 11; +enum X509_V_ERR_CRL_HAS_EXPIRED = 12; +enum X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 13; +enum X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 14; +enum X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD = 15; +enum X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 16; +enum X509_V_ERR_OUT_OF_MEM = 17; +enum X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT = 18; +enum X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN = 19; +enum X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY = 20; +enum X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE = 21; +enum X509_V_ERR_CERT_CHAIN_TOO_LONG = 22; +enum X509_V_ERR_CERT_REVOKED = 23; +enum X509_V_ERR_INVALID_CA = 24; +enum X509_V_ERR_PATH_LENGTH_EXCEEDED = 25; +enum X509_V_ERR_INVALID_PURPOSE = 26; +enum X509_V_ERR_CERT_UNTRUSTED = 27; +enum X509_V_ERR_CERT_REJECTED = 28; +/* These are 'informational' when looking for issuer cert */ +enum X509_V_ERR_SUBJECT_ISSUER_MISMATCH = 29; +enum X509_V_ERR_AKID_SKID_MISMATCH = 30; +enum X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH = 31; +enum X509_V_ERR_KEYUSAGE_NO_CERTSIGN = 32; + +enum X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER = 33; +enum X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION = 34; +enum X509_V_ERR_KEYUSAGE_NO_CRL_SIGN = 35; +enum X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION = 36; +enum X509_V_ERR_INVALID_NON_CA = 37; +enum X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED = 38; +enum X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE = 39; +enum X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED = 40; + +enum X509_V_ERR_INVALID_EXTENSION = 41; +enum X509_V_ERR_INVALID_POLICY_EXTENSION = 42; +enum X509_V_ERR_NO_EXPLICIT_POLICY = 43; +enum X509_V_ERR_DIFFERENT_CRL_SCOPE = 44; +enum X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE = 45; + +enum X509_V_ERR_UNNESTED_RESOURCE = 46; + +enum X509_V_ERR_PERMITTED_VIOLATION = 47; +enum X509_V_ERR_EXCLUDED_VIOLATION = 48; +enum X509_V_ERR_SUBTREE_MINMAX = 49; +enum X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE = 51; +enum X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX = 52; +enum X509_V_ERR_UNSUPPORTED_NAME_SYNTAX = 53; +enum X509_V_ERR_CRL_PATH_VALIDATION_ERROR = 54; + +/* The application is not happy */ +enum X509_V_ERR_APPLICATION_VERIFICATION = 50; + +/* Certificate verify flags */ + +/* Send issuer+subject checks to verify_cb */ +enum X509_V_FLAG_CB_ISSUER_CHECK = 0x1; +/* Use check time instead of current time */ +enum X509_V_FLAG_USE_CHECK_TIME = 0x2; +/* Lookup CRLs */ +enum X509_V_FLAG_CRL_CHECK = 0x4; +/* Lookup CRLs for whole chain */ +enum X509_V_FLAG_CRL_CHECK_ALL = 0x8; +/* Ignore unhandled critical extensions */ +enum X509_V_FLAG_IGNORE_CRITICAL = 0x10; +/* Disable workarounds for broken certificates */ +enum X509_V_FLAG_X509_STRICT = 0x20; +/* Enable proxy certificate validation */ +enum X509_V_FLAG_ALLOW_PROXY_CERTS = 0x40; +/* Enable policy checking */ +enum X509_V_FLAG_POLICY_CHECK = 0x80; +/* Policy variable require-explicit-policy */ +enum X509_V_FLAG_EXPLICIT_POLICY = 0x100; +/* Policy variable inhibit-any-policy */ +enum X509_V_FLAG_INHIBIT_ANY = 0x200; +/* Policy variable inhibit-policy-mapping */ +enum X509_V_FLAG_INHIBIT_MAP = 0x400; +/* Notify callback that policy is OK */ +enum X509_V_FLAG_NOTIFY_POLICY = 0x800; +/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */ +enum X509_V_FLAG_EXTENDED_CRL_SUPPORT = 0x1000; +/* Delta CRL support */ +enum X509_V_FLAG_USE_DELTAS = 0x2000; +/* Check selfsigned CA signature */ +enum X509_V_FLAG_CHECK_SS_SIGNATURE = 0x4000; + + +enum X509_VP_FLAG_DEFAULT = 0x1; +enum X509_VP_FLAG_OVERWRITE = 0x2; +enum X509_VP_FLAG_RESET_FLAGS = 0x4; +enum X509_VP_FLAG_LOCKED = 0x8; +enum X509_VP_FLAG_ONCE = 0x10; + +/* Internal use: mask of policy related options */ +enum X509_V_FLAG_POLICY_MASK = (X509_V_FLAG_POLICY_CHECK + | X509_V_FLAG_EXPLICIT_POLICY + | X509_V_FLAG_INHIBIT_ANY + | X509_V_FLAG_INHIBIT_MAP); + +int X509_OBJECT_idx_by_subject(STACK_OF!(X509_OBJECT) *h, int type, + X509_NAME* name); +X509_OBJECT* X509_OBJECT_retrieve_by_subject(STACK_OF!(X509_OBJECT) *h,int type,X509_NAME* name); +X509_OBJECT* X509_OBJECT_retrieve_match(STACK_OF!(X509_OBJECT) *h, X509_OBJECT* x); +void X509_OBJECT_up_ref_count(X509_OBJECT* a); +void X509_OBJECT_free_contents(X509_OBJECT* a); +X509_STORE* X509_STORE_new(); +void X509_STORE_free(X509_STORE* v); + +STACK_OF!(X509)* X509_STORE_get1_certs(X509_STORE_CTX* st, X509_NAME* nm); +STACK_OF!(X509_CRL)* X509_STORE_get1_crls(X509_STORE_CTX* st, X509_NAME* nm); +int X509_STORE_set_flags(X509_STORE* ctx, c_ulong flags); +int X509_STORE_set_purpose(X509_STORE* ctx, int purpose); +int X509_STORE_set_trust(X509_STORE* ctx, int trust); +int X509_STORE_set1_param(X509_STORE* ctx, X509_VERIFY_PARAM* pm); + +void X509_STORE_set_verify_cb(X509_STORE* ctx, + ExternC!(int function(int, X509_STORE_CTX*)) verify_cb); + +X509_STORE_CTX* X509_STORE_CTX_new(); + +int X509_STORE_CTX_get1_issuer(X509** issuer, X509_STORE_CTX* ctx, X509* x); + +void X509_STORE_CTX_free(X509_STORE_CTX* ctx); +int X509_STORE_CTX_init(X509_STORE_CTX* ctx, X509_STORE* store, + X509* x509, STACK_OF!(X509) *chain); +void X509_STORE_CTX_trusted_stack(X509_STORE_CTX* ctx, STACK_OF!(X509) *sk); +void X509_STORE_CTX_cleanup(X509_STORE_CTX* ctx); + +X509_LOOKUP* X509_STORE_add_lookup(X509_STORE* v, X509_LOOKUP_METHOD* m); + +X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(); +X509_LOOKUP_METHOD* X509_LOOKUP_file(); + +int X509_STORE_add_cert(X509_STORE* ctx, X509* x); +int X509_STORE_add_crl(X509_STORE* ctx, X509_CRL* x); + +int X509_STORE_get_by_subject(X509_STORE_CTX* vs,int type,X509_NAME* name, + X509_OBJECT* ret); + +int X509_LOOKUP_ctrl(X509_LOOKUP* ctx, int cmd, const(char)* argc, + c_long argl, char** ret); + +version(OPENSSL_NO_STDIO) {} else { +int X509_load_cert_file(X509_LOOKUP* ctx, const(char)* file, int type); +int X509_load_crl_file(X509_LOOKUP* ctx, const(char)* file, int type); +int X509_load_cert_crl_file(X509_LOOKUP* ctx, const(char)* file, int type); +} + + +X509_LOOKUP* X509_LOOKUP_new(X509_LOOKUP_METHOD* method); +void X509_LOOKUP_free(X509_LOOKUP* ctx); +int X509_LOOKUP_init(X509_LOOKUP* ctx); +int X509_LOOKUP_by_subject(X509_LOOKUP* ctx, int type, X509_NAME* name, + X509_OBJECT* ret); +int X509_LOOKUP_by_issuer_serial(X509_LOOKUP* ctx, int type, X509_NAME* name, + ASN1_INTEGER* serial, X509_OBJECT* ret); +int X509_LOOKUP_by_fingerprint(X509_LOOKUP* ctx, int type, + ubyte* bytes, int len, X509_OBJECT* ret); +int X509_LOOKUP_by_alias(X509_LOOKUP* ctx, int type, char* str, + int len, X509_OBJECT* ret); +int X509_LOOKUP_shutdown(X509_LOOKUP* ctx); + +version(OPENSSL_NO_STDIO) {} else { +int X509_STORE_load_locations (X509_STORE* ctx, + const(char)* file, const(char)* dir); +int X509_STORE_set_default_paths(X509_STORE* ctx); +} + +int X509_STORE_CTX_get_ex_new_index(c_long argl, void* argp, CRYPTO_EX_new* new_func, + CRYPTO_EX_dup* dup_func, CRYPTO_EX_free* free_func); +int X509_STORE_CTX_set_ex_data(X509_STORE_CTX* ctx,int idx,void* data); +void* X509_STORE_CTX_get_ex_data(X509_STORE_CTX* ctx,int idx); +int X509_STORE_CTX_get_error(X509_STORE_CTX* ctx); +void X509_STORE_CTX_set_error(X509_STORE_CTX* ctx,int s); +int X509_STORE_CTX_get_error_depth(X509_STORE_CTX* ctx); +X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX* ctx); +X509* X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX* ctx); +X509_CRL* X509_STORE_CTX_get0_current_crl(X509_STORE_CTX* ctx); +X509_STORE_CTX* X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX* ctx); +STACK_OF!(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX* ctx); +STACK_OF!(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX* ctx); +void X509_STORE_CTX_set_cert(X509_STORE_CTX* c,X509* x); +void X509_STORE_CTX_set_chain(X509_STORE_CTX* c,STACK_OF!(X509) *sk); +void X509_STORE_CTX_set0_crls(X509_STORE_CTX* c,STACK_OF!(X509_CRL) *sk); +int X509_STORE_CTX_set_purpose(X509_STORE_CTX* ctx, int purpose); +int X509_STORE_CTX_set_trust(X509_STORE_CTX* ctx, int trust); +int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX* ctx, int def_purpose, + int purpose, int trust); +void X509_STORE_CTX_set_flags(X509_STORE_CTX* ctx, c_ulong flags); +void X509_STORE_CTX_set_time(X509_STORE_CTX* ctx, c_ulong flags, + time_t t); +void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX* ctx, + ExternC!(int function(int, X509_STORE_CTX*)) verify_cb); + +X509_POLICY_TREE* X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX* ctx); +int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX* ctx); + +X509_VERIFY_PARAM* X509_STORE_CTX_get0_param(X509_STORE_CTX* ctx); +void X509_STORE_CTX_set0_param(X509_STORE_CTX* ctx, X509_VERIFY_PARAM* param); +int X509_STORE_CTX_set_default(X509_STORE_CTX* ctx, const(char)* name); + +/* X509_VERIFY_PARAM functions */ + +X509_VERIFY_PARAM* X509_VERIFY_PARAM_new(); +void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM* param); +int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM* to, + const(X509_VERIFY_PARAM)* from); +int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM* to, + const(X509_VERIFY_PARAM)* from); +int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM* param, const(char)* name); +int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM* param, c_ulong flags); +int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM* param, + c_ulong flags); +c_ulong X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM* param); +int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM* param, int purpose); +int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM* param, int trust); +void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM* param, int depth); +void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM* param, time_t t); +int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM* param, + ASN1_OBJECT* policy); +int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM* param, + STACK_OF!(ASN1_OBJECT) *policies); +int X509_VERIFY_PARAM_get_depth(const(X509_VERIFY_PARAM)* param); + +int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM* param); +const(X509_VERIFY_PARAM)* X509_VERIFY_PARAM_lookup(const(char)* name); +void X509_VERIFY_PARAM_table_cleanup(); + +int X509_policy_check(X509_POLICY_TREE** ptree, int* pexplicit_policy, + STACK_OF!(X509) *certs, + STACK_OF!(ASN1_OBJECT) *policy_oids, + uint flags); + +void X509_policy_tree_free(X509_POLICY_TREE* tree); + +int X509_policy_tree_level_count(const(X509_POLICY_TREE)* tree); +X509_POLICY_LEVEL* + X509_policy_tree_get0_level(const(X509_POLICY_TREE)* tree, int i); + +STACK_OF!(X509_POLICY_NODE) * + X509_policy_tree_get0_policies(const(X509_POLICY_TREE)* tree); + +STACK_OF!(X509_POLICY_NODE) * + X509_policy_tree_get0_user_policies(const(X509_POLICY_TREE)* tree); + +int X509_policy_level_node_count(X509_POLICY_LEVEL* level); + +X509_POLICY_NODE* X509_policy_level_get0_node(X509_POLICY_LEVEL* level, int i); + +const(ASN1_OBJECT)* X509_policy_node_get0_policy(const(X509_POLICY_NODE)* node); + +STACK_OF!(POLICYQUALINFO) * + X509_policy_node_get0_qualifiers(const(X509_POLICY_NODE)* node); +const(X509_POLICY_NODE)* + X509_policy_node_get0_parent(const(X509_POLICY_NODE)* node); diff --git a/deimos/openssl/x509v3.d b/deimos/openssl/x509v3.d new file mode 100644 index 0000000..2bbe652 --- /dev/null +++ b/deimos/openssl/x509v3.d @@ -0,0 +1,1039 @@ +/* x509v3.h */ +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project 1999. + */ +/* ==================================================================== + * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +module deimos.openssl.x509v3; + +import deimos.openssl._d_util; + +public import deimos.openssl.bio; +public import deimos.openssl.x509; +public import deimos.openssl.conf; + +extern (C): +nothrow: + +/* Forward reference */ +// struct v3_ext_method; +// struct v3_ext_ctx; + +/* Useful typedefs */ + +alias ExternC!(void*function()) X509V3_EXT_NEW; +alias ExternC!(void function(void*)) X509V3_EXT_FREE; +alias ExternC!(void*function(void*, const(ubyte)** , c_long)) X509V3_EXT_D2I; +alias ExternC!(int function(void*, ubyte**)) X509V3_EXT_I2D; +alias ExternC!(STACK_OF!(CONF_VALUE)* function(const(v3_ext_method)* method, void* ext, + STACK_OF!(CONF_VALUE) *extlist)) X509V3_EXT_I2V; +alias ExternC!(void*function(const(v3_ext_method)* method, + v3_ext_ctx* ctx, + STACK_OF!(CONF_VALUE) *values)) X509V3_EXT_V2I; +alias ExternC!(char*function(const(v3_ext_method)* method, void* ext)) X509V3_EXT_I2S; +alias ExternC!(void*function(const(v3_ext_method)* method, + v3_ext_ctx* ctx, const(char)* str)) X509V3_EXT_S2I; +alias ExternC!(int function(const(v3_ext_method)* method, void* ext, + BIO* out_, int indent)) X509V3_EXT_I2R; +alias ExternC!(void*function(const(v3_ext_method)* method, + v3_ext_ctx* ctx, const(char)* str)) X509V3_EXT_R2I; + +/* V3 extension structure */ + +struct v3_ext_method { +int ext_nid; +int ext_flags; +/* If this is set the following four fields are ignored */ +ASN1_ITEM_EXP* it; +/* Old style ASN1 calls */ +X509V3_EXT_NEW ext_new; +X509V3_EXT_FREE ext_free; +X509V3_EXT_D2I d2i; +X509V3_EXT_I2D i2d; + +/* The following pair is used for string extensions */ +X509V3_EXT_I2S i2s; +X509V3_EXT_S2I s2i; + +/* The following pair is used for multi-valued extensions */ +X509V3_EXT_I2V i2v; +X509V3_EXT_V2I v2i; + +/* The following are used for raw extensions */ +X509V3_EXT_I2R i2r; +X509V3_EXT_R2I r2i; + +void* usr_data; /* Any extension specific data */ +}; + +struct X509V3_CONF_METHOD_st { +ExternC!(char* function(void* db, char* section, char* value)) get_string; +ExternC!(STACK_OF!(CONF_VALUE)* function(void* db, char* section)) get_section; +ExternC!(void function(void* db, char* string)) free_string; +ExternC!(void function(void* db, STACK_OF!(CONF_VALUE) *section)) free_section; +} +alias X509V3_CONF_METHOD_st X509V3_CONF_METHOD; + +/* Context specific info */ +struct v3_ext_ctx { +enum CTX_TEST = 0x1; +int flags; +X509* issuer_cert; +X509* subject_cert; +X509_REQ* subject_req; +X509_CRL* crl; +X509V3_CONF_METHOD* db_meth; +void* db; +/* Maybe more here */ +}; + +alias v3_ext_method X509V3_EXT_METHOD; + +/+mixin DECLARE_STACK_OF!(X509V3_EXT_METHOD);+/ + +/* ext_flags values */ +enum X509V3_EXT_DYNAMIC = 0x1; +enum X509V3_EXT_CTX_DEP = 0x2; +enum X509V3_EXT_MULTILINE = 0x4; + +alias BIT_STRING_BITNAME ENUMERATED_NAMES; + +struct BASIC_CONSTRAINTS_st { +int ca; +ASN1_INTEGER* pathlen; +} +alias BASIC_CONSTRAINTS_st BASIC_CONSTRAINTS; + + +struct PKEY_USAGE_PERIOD_st { +ASN1_GENERALIZEDTIME* notBefore; +ASN1_GENERALIZEDTIME* notAfter; +} +alias PKEY_USAGE_PERIOD_st PKEY_USAGE_PERIOD; + +struct otherName_st { +ASN1_OBJECT* type_id; +ASN1_TYPE* value; +} +alias otherName_st OTHERNAME; + +struct EDIPartyName_st { + ASN1_STRING* nameAssigner; + ASN1_STRING* partyName; +} +alias EDIPartyName_st EDIPARTYNAME; + +struct GENERAL_NAME_st { + +enum GEN_OTHERNAME = 0; +enum GEN_EMAIL = 1; +enum GEN_DNS = 2; +enum GEN_X400 = 3; +enum GEN_DIRNAME = 4; +enum GEN_EDIPARTY = 5; +enum GEN_URI = 6; +enum GEN_IPADD = 7; +enum GEN_RID = 8; + +int type; +union d_ { + char* ptr; + OTHERNAME* otherName; /* otherName */ + ASN1_IA5STRING* rfc822Name; + ASN1_IA5STRING* dNSName; + ASN1_TYPE* x400Address; + X509_NAME* directoryName; + EDIPARTYNAME* ediPartyName; + ASN1_IA5STRING* uniformResourceIdentifier; + ASN1_OCTET_STRING* iPAddress; + ASN1_OBJECT* registeredID; + + /* Old names */ + ASN1_OCTET_STRING* ip; /* iPAddress */ + X509_NAME* dirn; /* dirn */ + ASN1_IA5STRING* ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */ + ASN1_OBJECT* rid; /* registeredID */ + ASN1_TYPE* other; /* x400Address */ +} +d_ d; +} +alias GENERAL_NAME_st GENERAL_NAME; + +alias STACK_OF!(GENERAL_NAME) GENERAL_NAMES; + +struct ACCESS_DESCRIPTION_st { + ASN1_OBJECT* method; + GENERAL_NAME* location; +} +alias ACCESS_DESCRIPTION_st ACCESS_DESCRIPTION; + +alias STACK_OF!(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; + +alias STACK_OF!(ASN1_OBJECT) EXTENDED_KEY_USAGE; + +/+mixin DECLARE_STACK_OF!(GENERAL_NAME);+/ +mixin DECLARE_ASN1_SET_OF!(GENERAL_NAME); + +/+mixin DECLARE_STACK_OF!(ACCESS_DESCRIPTION);+/ +mixin DECLARE_ASN1_SET_OF!(ACCESS_DESCRIPTION); + +struct DIST_POINT_NAME_st { +int type; +union name_ { + GENERAL_NAMES* fullname; + STACK_OF!(X509_NAME_ENTRY) *relativename; +} +name_ name; +/* If relativename then this contains the full distribution point name */ +X509_NAME* dpname; +} +alias DIST_POINT_NAME_st DIST_POINT_NAME; +/* All existing reasons */ +enum CRLDP_ALL_REASONS = 0x807f; + +enum CRL_REASON_NONE = -1; +enum CRL_REASON_UNSPECIFIED = 0; +enum CRL_REASON_KEY_COMPROMISE = 1; +enum CRL_REASON_CA_COMPROMISE = 2; +enum CRL_REASON_AFFILIATION_CHANGED = 3; +enum CRL_REASON_SUPERSEDED = 4; +enum CRL_REASON_CESSATION_OF_OPERATION = 5; +enum CRL_REASON_CERTIFICATE_HOLD = 6; +enum CRL_REASON_REMOVE_FROM_CRL = 8; +enum CRL_REASON_PRIVILEGE_WITHDRAWN = 9; +enum CRL_REASON_AA_COMPROMISE = 10; + +struct DIST_POINT_st { +DIST_POINT_NAME* distpoint; +ASN1_BIT_STRING* reasons; +GENERAL_NAMES* CRLissuer; +int dp_reasons; +}; + +alias STACK_OF!(DIST_POINT) CRL_DIST_POINTS; + +/+mixin DECLARE_STACK_OF!(DIST_POINT);+/ +mixin DECLARE_ASN1_SET_OF!(DIST_POINT); + +struct AUTHORITY_KEYID_st { +ASN1_OCTET_STRING* keyid; +GENERAL_NAMES* issuer; +ASN1_INTEGER* serial; +}; + +/* Strong extranet structures */ + +struct SXNET_ID_st { + ASN1_INTEGER* zone; + ASN1_OCTET_STRING* user; +} +alias SXNET_ID_st SXNETID; + +/+mixin DECLARE_STACK_OF!(SXNETID);+/ +mixin DECLARE_ASN1_SET_OF!(SXNETID); + +struct SXNET_st { + ASN1_INTEGER* version_; + STACK_OF!(SXNETID) *ids; +} +alias SXNET_st SXNET; + +struct NOTICEREF_st { + ASN1_STRING* organization; + STACK_OF!(ASN1_INTEGER) *noticenos; +} +alias NOTICEREF_st NOTICEREF; + +struct USERNOTICE_st { + NOTICEREF* noticeref; + ASN1_STRING* exptext; +} +alias USERNOTICE_st USERNOTICE; + +struct POLICYQUALINFO_st { + ASN1_OBJECT* pqualid; + union d_ { + ASN1_IA5STRING* cpsuri; + USERNOTICE* usernotice; + ASN1_TYPE* other; + } + d_ d; +} +alias POLICYQUALINFO_st POLICYQUALINFO; + +/+mixin DECLARE_STACK_OF!(POLICYQUALINFO);+/ +mixin DECLARE_ASN1_SET_OF!(POLICYQUALINFO); + +struct POLICYINFO_st { + ASN1_OBJECT* policyid; + STACK_OF!(POLICYQUALINFO) *qualifiers; +} +alias POLICYINFO_st POLICYINFO; + +alias STACK_OF!(POLICYINFO) CERTIFICATEPOLICIES; + +/+mixin DECLARE_STACK_OF!(POLICYINFO);+/ +mixin DECLARE_ASN1_SET_OF!(POLICYINFO); + +struct POLICY_MAPPING_st { + ASN1_OBJECT* issuerDomainPolicy; + ASN1_OBJECT* subjectDomainPolicy; +} +alias POLICY_MAPPING_st POLICY_MAPPING; + +/+mixin DECLARE_STACK_OF!(POLICY_MAPPING);+/ + +alias STACK_OF!(POLICY_MAPPING) POLICY_MAPPINGS; + +struct GENERAL_SUBTREE_st { + GENERAL_NAME* base; + ASN1_INTEGER* minimum; + ASN1_INTEGER* maximum; +} +alias GENERAL_SUBTREE_st GENERAL_SUBTREE; + +/+mixin DECLARE_STACK_OF!(GENERAL_SUBTREE);+/ + +struct NAME_CONSTRAINTS_st { + STACK_OF!(GENERAL_SUBTREE) *permittedSubtrees; + STACK_OF!(GENERAL_SUBTREE) *excludedSubtrees; +}; + +struct POLICY_CONSTRAINTS_st { + ASN1_INTEGER* requireExplicitPolicy; + ASN1_INTEGER* inhibitPolicyMapping; +} +alias POLICY_CONSTRAINTS_st POLICY_CONSTRAINTS; + +/* Proxy certificate structures, see RFC 3820 */ +struct PROXY_POLICY_st { + ASN1_OBJECT* policyLanguage; + ASN1_OCTET_STRING* policy; + } +alias PROXY_POLICY_st PROXY_POLICY; + +struct PROXY_CERT_INFO_EXTENSION_st { + ASN1_INTEGER* pcPathLengthConstraint; + PROXY_POLICY* proxyPolicy; + } +alias PROXY_CERT_INFO_EXTENSION_st PROXY_CERT_INFO_EXTENSION; + +mixin(DECLARE_ASN1_FUNCTIONS!"PROXY_POLICY"); +mixin(DECLARE_ASN1_FUNCTIONS!"PROXY_CERT_INFO_EXTENSION"); + +struct ISSUING_DIST_POINT_st + { + DIST_POINT_NAME* distpoint; + int onlyuser; + int onlyCA; + ASN1_BIT_STRING* onlysomereasons; + int indirectCRL; + int onlyattr; + }; + +/* Values in idp_flags field */ +/* IDP present */ +enum IDP_PRESENT = 0x1; +/* IDP values inconsistent */ +enum IDP_INVALID = 0x2; +/* onlyuser true */ +enum IDP_ONLYUSER = 0x4; +/* onlyCA true */ +enum IDP_ONLYCA = 0x8; +/* onlyattr true */ +enum IDP_ONLYATTR = 0x10; +/* indirectCRL true */ +enum IDP_INDIRECT = 0x20; +/* onlysomereasons present */ +enum IDP_REASONS = 0x40; + +auto X509V3_conf_err()(CONF_VALUE* val) { + return ERR_add_error_data(6, "section:", val.section, + ",name:", val.name, ",value:", val.value); +} + +auto X509V3_set_ctx_test()(X509V3_CTX* ctx) { + return X509V3_set_ctx(ctx, null, null, null, null, CTX_TEST); +} + +void X509V3_set_ctx_nodb()(X509V3_CTX* ctx) { ctx.db = null; } + +/+ FIXME: Not yet ported. +#define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \ + 0,0,0,0, \ + 0,0, \ + (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \ + (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \ + NULL, NULL, \ + table} + +#define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \ + 0,0,0,0, \ + (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \ + (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \ + 0,0,0,0, \ + NULL} + +#define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} ++/ + + +/* X509_PURPOSE stuff */ + +enum EXFLAG_BCONS = 0x1; +enum EXFLAG_KUSAGE = 0x2; +enum EXFLAG_XKUSAGE = 0x4; +enum EXFLAG_NSCERT = 0x8; + +enum EXFLAG_CA = 0x10; +/* Really self issued not necessarily self signed */ +enum EXFLAG_SI = 0x20; +enum EXFLAG_SS = 0x20; +enum EXFLAG_V1 = 0x40; +enum EXFLAG_INVALID = 0x80; +enum EXFLAG_SET = 0x100; +enum EXFLAG_CRITICAL = 0x200; +enum EXFLAG_PROXY = 0x400; + +enum EXFLAG_INVALID_POLICY = 0x800; +enum EXFLAG_FRESHEST = 0x1000; + +enum KU_DIGITAL_SIGNATURE = 0x0080; +enum KU_NON_REPUDIATION = 0x0040; +enum KU_KEY_ENCIPHERMENT = 0x0020; +enum KU_DATA_ENCIPHERMENT = 0x0010; +enum KU_KEY_AGREEMENT = 0x0008; +enum KU_KEY_CERT_SIGN = 0x0004; +enum KU_CRL_SIGN = 0x0002; +enum KU_ENCIPHER_ONLY = 0x0001; +enum KU_DECIPHER_ONLY = 0x8000; + +enum NS_SSL_CLIENT = 0x80; +enum NS_SSL_SERVER = 0x40; +enum NS_SMIME = 0x20; +enum NS_OBJSIGN = 0x10; +enum NS_SSL_CA = 0x04; +enum NS_SMIME_CA = 0x02; +enum NS_OBJSIGN_CA = 0x01; +enum NS_ANY_CA = (NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA); + +enum XKU_SSL_SERVER = 0x1; +enum XKU_SSL_CLIENT = 0x2; +enum XKU_SMIME = 0x4; +enum XKU_CODE_SIGN = 0x8; +enum XKU_SGC = 0x10; +enum XKU_OCSP_SIGN = 0x20; +enum XKU_TIMESTAMP = 0x40; +enum XKU_DVCS = 0x80; + +enum X509_PURPOSE_DYNAMIC = 0x1; +enum X509_PURPOSE_DYNAMIC_NAME = 0x2; + +struct x509_purpose_st { + int purpose; + int trust; /* Default trust ID */ + int flags; + ExternC!(int function(const(x509_purpose_st)*, + const(X509)*, int)) check_purpose; + char* name; + char* sname; + void* usr_data; +} +alias x509_purpose_st X509_PURPOSE; + +enum X509_PURPOSE_SSL_CLIENT = 1; +enum X509_PURPOSE_SSL_SERVER = 2; +enum X509_PURPOSE_NS_SSL_SERVER = 3; +enum X509_PURPOSE_SMIME_SIGN = 4; +enum X509_PURPOSE_SMIME_ENCRYPT = 5; +enum X509_PURPOSE_CRL_SIGN = 6; +enum X509_PURPOSE_ANY = 7; +enum X509_PURPOSE_OCSP_HELPER = 8; +enum X509_PURPOSE_TIMESTAMP_SIGN = 9; + +enum X509_PURPOSE_MIN = 1; +enum X509_PURPOSE_MAX = 9; + +/* Flags for X509V3_EXT_print() */ + +enum X509V3_EXT_UNKNOWN_MASK = (0xfL << 16); +/* Return error for unknown extensions */ +enum X509V3_EXT_DEFAULT = 0; +/* Print error for unknown extensions */ +enum X509V3_EXT_ERROR_UNKNOWN = (1L << 16); +/* ASN1 parse unknown extensions */ +enum X509V3_EXT_PARSE_UNKNOWN = (2L << 16); +/* BIO_dump unknown extensions */ +enum X509V3_EXT_DUMP_UNKNOWN = (3L << 16); + +/* Flags for X509V3_add1_i2d */ + +enum X509V3_ADD_OP_MASK = 0xf; +enum X509V3_ADD_DEFAULT = 0; +enum X509V3_ADD_APPEND = 1; +enum X509V3_ADD_REPLACE = 2; +enum X509V3_ADD_REPLACE_EXISTING = 3; +enum X509V3_ADD_KEEP_EXISTING = 4; +enum X509V3_ADD_DELETE = 5; +enum X509V3_ADD_SILENT = 0x10; + +/+mixin DECLARE_STACK_OF!(X509_PURPOSE);+/ + +mixin(DECLARE_ASN1_FUNCTIONS!"BASIC_CONSTRAINTS"); + +mixin(DECLARE_ASN1_FUNCTIONS!"SXNET"); +mixin(DECLARE_ASN1_FUNCTIONS!"SXNETID"); + +int SXNET_add_id_asc(SXNET** psx, char* zone, char* user, int userlen); +int SXNET_add_id_ulong(SXNET** psx, c_ulong lzone, char* user, int userlen); +int SXNET_add_id_INTEGER(SXNET** psx, ASN1_INTEGER* izone, char* user, int userlen); + +ASN1_OCTET_STRING* SXNET_get_id_asc(SXNET* sx, char* zone); +ASN1_OCTET_STRING* SXNET_get_id_ulong(SXNET* sx, c_ulong lzone); +ASN1_OCTET_STRING* SXNET_get_id_INTEGER(SXNET* sx, ASN1_INTEGER* zone); + +mixin(DECLARE_ASN1_FUNCTIONS!"AUTHORITY_KEYID"); + +mixin(DECLARE_ASN1_FUNCTIONS!"PKEY_USAGE_PERIOD"); + +mixin(DECLARE_ASN1_FUNCTIONS!"GENERAL_NAME"); +GENERAL_NAME* GENERAL_NAME_dup(GENERAL_NAME* a); +int GENERAL_NAME_cmp(GENERAL_NAME* a, GENERAL_NAME* b); + + + +ASN1_BIT_STRING* v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD* method, + X509V3_CTX* ctx, STACK_OF!(CONF_VALUE) *nval); +STACK_OF!(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD* method, + ASN1_BIT_STRING* bits, + STACK_OF!(CONF_VALUE) *extlist); + +STACK_OF!(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD* method, GENERAL_NAME* gen, STACK_OF!(CONF_VALUE) *ret); +int GENERAL_NAME_print(BIO* out_, GENERAL_NAME* gen); + +mixin(DECLARE_ASN1_FUNCTIONS!"GENERAL_NAMES"); + +STACK_OF!(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD* method, + GENERAL_NAMES* gen, STACK_OF!(CONF_VALUE) *extlist); +GENERAL_NAMES* v2i_GENERAL_NAMES(const(X509V3_EXT_METHOD)* method, + X509V3_CTX* ctx, STACK_OF!(CONF_VALUE) *nval); + +mixin(DECLARE_ASN1_FUNCTIONS!"OTHERNAME"); +mixin(DECLARE_ASN1_FUNCTIONS!"EDIPARTYNAME"); +int OTHERNAME_cmp(OTHERNAME* a, OTHERNAME* b); +void GENERAL_NAME_set0_value(GENERAL_NAME* a, int type, void* value); +void* GENERAL_NAME_get0_value(GENERAL_NAME* a, int* ptype); +int GENERAL_NAME_set0_othername(GENERAL_NAME* gen, + ASN1_OBJECT* oid, ASN1_TYPE* value); +int GENERAL_NAME_get0_otherName(GENERAL_NAME* gen, + ASN1_OBJECT** poid, ASN1_TYPE** pvalue); + +char* i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD* method, ASN1_OCTET_STRING* ia5); +ASN1_OCTET_STRING* s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD* method, X509V3_CTX* ctx, char* str); + +mixin(DECLARE_ASN1_FUNCTIONS!"EXTENDED_KEY_USAGE"); +int i2a_ACCESS_DESCRIPTION(BIO* bp, ACCESS_DESCRIPTION* a); + +mixin(DECLARE_ASN1_FUNCTIONS!"CERTIFICATEPOLICIES"); +mixin(DECLARE_ASN1_FUNCTIONS!"POLICYINFO"); +mixin(DECLARE_ASN1_FUNCTIONS!"POLICYQUALINFO"); +mixin(DECLARE_ASN1_FUNCTIONS!"USERNOTICE"); +mixin(DECLARE_ASN1_FUNCTIONS!"NOTICEREF"); + +mixin(DECLARE_ASN1_FUNCTIONS!"CRL_DIST_POINTS"); +mixin(DECLARE_ASN1_FUNCTIONS!"DIST_POINT"); +mixin(DECLARE_ASN1_FUNCTIONS!"DIST_POINT_NAME"); +mixin(DECLARE_ASN1_FUNCTIONS!"ISSUING_DIST_POINT"); + +int DIST_POINT_set_dpname(DIST_POINT_NAME* dpn, X509_NAME* iname); + +int NAME_CONSTRAINTS_check(X509* x, NAME_CONSTRAINTS* nc); + +mixin(DECLARE_ASN1_FUNCTIONS!"ACCESS_DESCRIPTION"); +mixin(DECLARE_ASN1_FUNCTIONS!"AUTHORITY_INFO_ACCESS"); + +mixin(DECLARE_ASN1_ITEM!"POLICY_MAPPING"); +mixin(DECLARE_ASN1_ALLOC_FUNCTIONS_name!("POLICY_MAPPING", "POLICY_MAPPING")); +mixin(DECLARE_ASN1_ITEM!"POLICY_MAPPINGS"); + +mixin(DECLARE_ASN1_ITEM!"GENERAL_SUBTREE"); +mixin(DECLARE_ASN1_ALLOC_FUNCTIONS_name!("GENERAL_SUBTREE", "GENERAL_SUBTREE")); + +mixin(DECLARE_ASN1_ITEM!"NAME_CONSTRAINTS"); +mixin(DECLARE_ASN1_ALLOC_FUNCTIONS_name!("NAME_CONSTRAINTS", "NAME_CONSTRAINTS")); + +mixin(DECLARE_ASN1_ALLOC_FUNCTIONS_name!("POLICY_CONSTRAINTS", "POLICY_CONSTRAINTS")); +mixin(DECLARE_ASN1_ITEM!"POLICY_CONSTRAINTS"); + +GENERAL_NAME* a2i_GENERAL_NAME(GENERAL_NAME* out_, + const(X509V3_EXT_METHOD)* method, X509V3_CTX* ctx, + int gen_type, char* value, int is_nc); + +// #ifdef HEADER_CONF_H +GENERAL_NAME* v2i_GENERAL_NAME(const(X509V3_EXT_METHOD)* method, X509V3_CTX* ctx, + CONF_VALUE* cnf); +GENERAL_NAME* v2i_GENERAL_NAME_ex(GENERAL_NAME* out_, + const(X509V3_EXT_METHOD)* method, + X509V3_CTX* ctx, CONF_VALUE* cnf, int is_nc); +void X509V3_conf_free(CONF_VALUE* val); + +X509_EXTENSION* X509V3_EXT_nconf_nid(CONF* conf, X509V3_CTX* ctx, int ext_nid, char* value); +X509_EXTENSION* X509V3_EXT_nconf(CONF* conf, X509V3_CTX* ctx, char* name, char* value); +int X509V3_EXT_add_nconf_sk(CONF* conf, X509V3_CTX* ctx, char* section, STACK_OF!(X509_EXTENSION) **sk); +int X509V3_EXT_add_nconf(CONF* conf, X509V3_CTX* ctx, char* section, X509* cert); +int X509V3_EXT_REQ_add_nconf(CONF* conf, X509V3_CTX* ctx, char* section, X509_REQ* req); +int X509V3_EXT_CRL_add_nconf(CONF* conf, X509V3_CTX* ctx, char* section, X509_CRL* crl); + +X509_EXTENSION* X509V3_EXT_conf_nid(LHASH_OF!(CONF_VALUE) *conf, X509V3_CTX* ctx, + int ext_nid, char* value); +X509_EXTENSION* X509V3_EXT_conf(LHASH_OF!(CONF_VALUE) *conf, X509V3_CTX* ctx, + char* name, char* value); +int X509V3_EXT_add_conf(LHASH_OF!(CONF_VALUE) *conf, X509V3_CTX* ctx, + char* section, X509* cert); +int X509V3_EXT_REQ_add_conf(LHASH_OF!(CONF_VALUE) *conf, X509V3_CTX* ctx, + char* section, X509_REQ* req); +int X509V3_EXT_CRL_add_conf(LHASH_OF!(CONF_VALUE) *conf, X509V3_CTX* ctx, + char* section, X509_CRL* crl); + +int X509V3_add_value_bool_nf(char* name, int asn1_bool, + STACK_OF!(CONF_VALUE) **extlist); +int X509V3_get_value_bool(CONF_VALUE* value, int* asn1_bool); +int X509V3_get_value_int(CONF_VALUE* value, ASN1_INTEGER** aint); +void X509V3_set_nconf(X509V3_CTX* ctx, CONF* conf); +void X509V3_set_conf_lhash(X509V3_CTX* ctx, LHASH_OF!(CONF_VALUE) *lhash); +// #endif + +char* X509V3_get_string(X509V3_CTX* ctx, char* name, char* section); +STACK_OF!(CONF_VALUE) * X509V3_get_section(X509V3_CTX* ctx, char* section); +void X509V3_string_free(X509V3_CTX* ctx, char* str); +void X509V3_section_free( X509V3_CTX* ctx, STACK_OF!(CONF_VALUE) *section); +void X509V3_set_ctx(X509V3_CTX* ctx, X509* issuer, X509* subject, + X509_REQ* req, X509_CRL* crl, int flags); + +int X509V3_add_value(const(char)* name, const(char)* value, + STACK_OF!(CONF_VALUE) **extlist); +int X509V3_add_value_uchar(const(char)* name, const(ubyte)* value, + STACK_OF!(CONF_VALUE) **extlist); +int X509V3_add_value_bool(const(char)* name, int asn1_bool, + STACK_OF!(CONF_VALUE) **extlist); +int X509V3_add_value_int(const(char)* name, ASN1_INTEGER* aint, + STACK_OF!(CONF_VALUE) **extlist); +char* i2s_ASN1_INTEGER(X509V3_EXT_METHOD* meth, ASN1_INTEGER* aint); +ASN1_INTEGER* s2i_ASN1_INTEGER(X509V3_EXT_METHOD* meth, char* value); +char* i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD* meth, ASN1_ENUMERATED* aint); +char* i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD* meth, ASN1_ENUMERATED* aint); +int X509V3_EXT_add(X509V3_EXT_METHOD* ext); +int X509V3_EXT_add_list(X509V3_EXT_METHOD* extlist); +int X509V3_EXT_add_alias(int nid_to, int nid_from); +void X509V3_EXT_cleanup(); + +const(X509V3_EXT_METHOD)* X509V3_EXT_get(X509_EXTENSION* ext); +const(X509V3_EXT_METHOD)* X509V3_EXT_get_nid(int nid); +int X509V3_add_standard_extensions(); +STACK_OF!(CONF_VALUE) *X509V3_parse_list(const(char)* line); +void* X509V3_EXT_d2i(X509_EXTENSION* ext); +void* X509V3_get_d2i(STACK_OF!(X509_EXTENSION) *x, int nid, int* crit, int* idx); + + +X509_EXTENSION* X509V3_EXT_i2d(int ext_nid, int crit, void* ext_struc); +int X509V3_add1_i2d(STACK_OF!(X509_EXTENSION) **x, int nid, void* value, int crit, c_ulong flags); + +char* hex_to_string(const(ubyte)* buffer, c_long len); +ubyte* string_to_hex(const(char)* str, c_long* len); +int name_cmp(const(char)* name, const(char)* cmp); + +void X509V3_EXT_val_prn(BIO* out_, STACK_OF!(CONF_VALUE) *val, int indent, + int ml); +int X509V3_EXT_print(BIO* out_, X509_EXTENSION* ext, c_ulong flag, int indent); +int X509V3_EXT_print_fp(FILE* out_, X509_EXTENSION* ext, int flag, int indent); + +int X509V3_extensions_print(BIO* out_, char* title, STACK_OF!(X509_EXTENSION) *exts, c_ulong flag, int indent); + +int X509_check_ca(X509* x); +int X509_check_purpose(X509* x, int id, int ca); +int X509_supported_extension(X509_EXTENSION* ex); +int X509_PURPOSE_set(int* p, int purpose); +int X509_check_issued(X509* issuer, X509* subject); +int X509_check_akid(X509* issuer, AUTHORITY_KEYID* akid); +int X509_PURPOSE_get_count(); +X509_PURPOSE* X509_PURPOSE_get0(int idx); +int X509_PURPOSE_get_by_sname(char* sname); +int X509_PURPOSE_get_by_id(int id); +int X509_PURPOSE_add(int id, int trust, int flags, + ExternC!(int function(const(X509_PURPOSE)*, const(X509)*, int)) ck, + char* name, char* sname, void* arg); +char* X509_PURPOSE_get0_name(X509_PURPOSE* xp); +char* X509_PURPOSE_get0_sname(X509_PURPOSE* xp); +int X509_PURPOSE_get_trust(X509_PURPOSE* xp); +void X509_PURPOSE_cleanup(); +int X509_PURPOSE_get_id(X509_PURPOSE*); + +STACK_OF!(OPENSSL_STRING) *X509_get1_email(X509* x); +STACK_OF!(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ* x); +void X509_email_free(STACK_OF!(OPENSSL_STRING) *sk); +STACK_OF!(OPENSSL_STRING) *X509_get1_ocsp(X509* x); + +ASN1_OCTET_STRING* a2i_IPADDRESS(const(char)* ipasc); +ASN1_OCTET_STRING* a2i_IPADDRESS_NC(const(char)* ipasc); +int a2i_ipadd(ubyte* ipout, const(char)* ipasc); +int X509V3_NAME_from_section(X509_NAME* nm, STACK_OF!(CONF_VALUE)*dn_sk, + c_ulong chtype); + +void X509_POLICY_NODE_print(BIO* out_, X509_POLICY_NODE* node, int indent); +/+mixin DECLARE_STACK_OF!(X509_POLICY_NODE);+/ + +version(OPENSSL_NO_RFC3779) {} else { +struct ASRange_st { + ASN1_INTEGER* min, max; +} +alias ASRange_st ASRange; + +enum ASIdOrRange_id = 0; +enum ASIdOrRange_range = 1; + +struct ASIdOrRange_st { + int type; + union u_ { + ASN1_INTEGER* id; + ASRange* range; + } + u_ u; +} +alias ASIdOrRange_st ASIdOrRange; + +alias STACK_OF!(ASIdOrRange) ASIdOrRanges; +/+mixin DECLARE_STACK_OF!(ASIdOrRange);+/ + +enum ASIdentifierChoice_inherit = 0; +enum ASIdentifierChoice_asIdsOrRanges = 1; + +struct ASIdentifierChoice_st { + int type; + union u_ { + ASN1_NULL* inherit; + ASIdOrRanges* asIdsOrRanges; + } + u_ u; +} +alias ASIdOrRange_st ASIdentifierChoice; + +struct ASIdentifiers_st { + ASIdentifierChoice* asnum, rdi; +} +alias ASIdentifiers_st ASIdentifiers; + +mixin(DECLARE_ASN1_FUNCTIONS!"ASRange"); +mixin(DECLARE_ASN1_FUNCTIONS!"ASIdOrRange"); +mixin(DECLARE_ASN1_FUNCTIONS!"ASIdentifierChoice"); +mixin(DECLARE_ASN1_FUNCTIONS!"ASIdentifiers"); + + +struct IPAddressRange_st { + ASN1_BIT_STRING* min, max; +} +alias IPAddressRange_st IPAddressRange; + +enum IPAddressOrRange_addressPrefix = 0; +enum IPAddressOrRange_addressRange = 1; + +struct IPAddressOrRange_st { + int type; + union u_ { + ASN1_BIT_STRING* addressPrefix; + IPAddressRange* addressRange; + } + u_ u; +} +alias IPAddressOrRange_st IPAddressOrRange; + +alias STACK_OF!(IPAddressOrRange) IPAddressOrRanges; +/+mixin DECLARE_STACK_OF!(IPAddressOrRange);+/ + +enum IPAddressChoice_inherit = 0; +enum IPAddressChoice_addressesOrRanges = 1; + +struct IPAddressChoice_st { + int type; + union u_ { + ASN1_NULL* inherit; + IPAddressOrRanges* addressesOrRanges; + } + u_ u; +} +alias IPAddressChoice_st IPAddressChoice; + +struct IPAddressFamily_st { + ASN1_OCTET_STRING* addressFamily; + IPAddressChoice* ipAddressChoice; +} +alias IPAddressFamily_st IPAddressFamily; + +alias STACK_OF!(IPAddressFamily) IPAddrBlocks; +/+mixin DECLARE_STACK_OF!(IPAddressFamily);+/ + +mixin(DECLARE_ASN1_FUNCTIONS!"IPAddressRange"); +mixin(DECLARE_ASN1_FUNCTIONS!"IPAddressOrRange"); +mixin(DECLARE_ASN1_FUNCTIONS!"IPAddressChoice"); +mixin(DECLARE_ASN1_FUNCTIONS!"IPAddressFamily"); + +/* + * API tag for elements of the ASIdentifer SEQUENCE. + */ +enum V3_ASID_ASNUM = 0; +enum V3_ASID_RDI = 1; + +/* + * AFI values, assigned by IANA. It'd be nice to make the AFI + * handling code totally generic, but there are too many little things + * that would need to be defined for other address families for it to + * be worth the trouble. + */ +enum IANA_AFI_IPV4 = 1; +enum IANA_AFI_IPV6 = 2; + +/* + * Utilities to conand extract values from RFC3779 extensions, + * since some of the encodings (particularly for IP address prefixes + * and ranges) are a bit tedious to work with directly. + */ +int v3_asid_add_inherit(ASIdentifiers* asid, int which); +int v3_asid_add_id_or_range(ASIdentifiers* asid, int which, + ASN1_INTEGER* min, ASN1_INTEGER* max); +int v3_addr_add_inherit(IPAddrBlocks* addr, + const uint afi, const(uint)* safi); +int v3_addr_add_prefix(IPAddrBlocks* addr, + const uint afi, const(uint)* safi, + ubyte* a, const int prefixlen); +int v3_addr_add_range(IPAddrBlocks* addr, + const uint afi, const(uint)* safi, + ubyte* min, ubyte* max); +uint v3_addr_get_afi(const(IPAddressFamily)* f); +int v3_addr_get_range(IPAddressOrRange* aor, const uint afi, + ubyte* min, ubyte* max, + const int length); + +/* + * Canonical forms. + */ +int v3_asid_is_canonical(ASIdentifiers* asid); +int v3_addr_is_canonical(IPAddrBlocks* addr); +int v3_asid_canonize(ASIdentifiers* asid); +int v3_addr_canonize(IPAddrBlocks* addr); + +/* + * Tests for inheritance and containment. + */ +int v3_asid_inherits(ASIdentifiers* asid); +int v3_addr_inherits(IPAddrBlocks* addr); +int v3_asid_subset(ASIdentifiers* a, ASIdentifiers* b); +int v3_addr_subset(IPAddrBlocks* a, IPAddrBlocks* b); + +/* + * Check whether RFC 3779 extensions nest properly in chains. + */ +int v3_asid_validate_path(X509_STORE_CTX*); +int v3_addr_validate_path(X509_STORE_CTX*); +int v3_asid_validate_resource_set(STACK_OF!(X509) *chain, + ASIdentifiers* ext, + int allow_inheritance); +int v3_addr_validate_resource_set(STACK_OF!(X509) *chain, + IPAddrBlocks* ext, + int allow_inheritance); + +} /* OPENSSL_NO_RFC3779 */ + +/* BEGIN ERROR CODES */ +/* The following lines are auto generated by the script mkerr.pl. Any changes + * made after this point may be overwritten when the script is next run. + */ +void ERR_load_X509V3_strings(); + +/* Error codes for the X509V3 functions. */ + +/* Function codes. */ +enum X509V3_F_A2I_GENERAL_NAME = 164; +enum X509V3_F_ASIDENTIFIERCHOICE_CANONIZE = 161; +enum X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL = 162; +enum X509V3_F_COPY_EMAIL = 122; +enum X509V3_F_COPY_ISSUER = 123; +enum X509V3_F_DO_DIRNAME = 144; +enum X509V3_F_DO_EXT_CONF = 124; +enum X509V3_F_DO_EXT_I2D = 135; +enum X509V3_F_DO_EXT_NCONF = 151; +enum X509V3_F_DO_I2V_NAME_CONSTRAINTS = 148; +enum X509V3_F_GNAMES_FROM_SECTNAME = 156; +enum X509V3_F_HEX_TO_STRING = 111; +enum X509V3_F_I2S_ASN1_ENUMERATED = 121; +enum X509V3_F_I2S_ASN1_IA5STRING = 149; +enum X509V3_F_I2S_ASN1_INTEGER = 120; +enum X509V3_F_I2V_AUTHORITY_INFO_ACCESS = 138; +enum X509V3_F_NOTICE_SECTION = 132; +enum X509V3_F_NREF_NOS = 133; +enum X509V3_F_POLICY_SECTION = 131; +enum X509V3_F_PROCESS_PCI_VALUE = 150; +enum X509V3_F_R2I_CERTPOL = 130; +enum X509V3_F_R2I_PCI = 155; +enum X509V3_F_S2I_ASN1_IA5STRING = 100; +enum X509V3_F_S2I_ASN1_INTEGER = 108; +enum X509V3_F_S2I_ASN1_OCTET_STRING = 112; +enum X509V3_F_S2I_ASN1_SKEY_ID = 114; +enum X509V3_F_S2I_SKEY_ID = 115; +enum X509V3_F_SET_DIST_POINT_NAME = 158; +enum X509V3_F_STRING_TO_HEX = 113; +enum X509V3_F_SXNET_ADD_ID_ASC = 125; +enum X509V3_F_SXNET_ADD_ID_INTEGER = 126; +enum X509V3_F_SXNET_ADD_ID_ULONG = 127; +enum X509V3_F_SXNET_GET_ID_ASC = 128; +enum X509V3_F_SXNET_GET_ID_ULONG = 129; +enum X509V3_F_V2I_ASIDENTIFIERS = 163; +enum X509V3_F_V2I_ASN1_BIT_STRING = 101; +enum X509V3_F_V2I_AUTHORITY_INFO_ACCESS = 139; +enum X509V3_F_V2I_AUTHORITY_KEYID = 119; +enum X509V3_F_V2I_BASIC_CONSTRAINTS = 102; +enum X509V3_F_V2I_CRLD = 134; +enum X509V3_F_V2I_EXTENDED_KEY_USAGE = 103; +enum X509V3_F_V2I_GENERAL_NAMES = 118; +enum X509V3_F_V2I_GENERAL_NAME_EX = 117; +enum X509V3_F_V2I_IDP = 157; +enum X509V3_F_V2I_IPADDRBLOCKS = 159; +enum X509V3_F_V2I_ISSUER_ALT = 153; +enum X509V3_F_V2I_NAME_CONSTRAINTS = 147; +enum X509V3_F_V2I_POLICY_CONSTRAINTS = 146; +enum X509V3_F_V2I_POLICY_MAPPINGS = 145; +enum X509V3_F_V2I_SUBJECT_ALT = 154; +enum X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL = 160; +enum X509V3_F_V3_GENERIC_EXTENSION = 116; +enum X509V3_F_X509V3_ADD1_I2D = 140; +enum X509V3_F_X509V3_ADD_VALUE = 105; +enum X509V3_F_X509V3_EXT_ADD = 104; +enum X509V3_F_X509V3_EXT_ADD_ALIAS = 106; +enum X509V3_F_X509V3_EXT_CONF = 107; +enum X509V3_F_X509V3_EXT_I2D = 136; +enum X509V3_F_X509V3_EXT_NCONF = 152; +enum X509V3_F_X509V3_GET_SECTION = 142; +enum X509V3_F_X509V3_GET_STRING = 143; +enum X509V3_F_X509V3_GET_VALUE_BOOL = 110; +enum X509V3_F_X509V3_PARSE_LIST = 109; +enum X509V3_F_X509_PURPOSE_ADD = 137; +enum X509V3_F_X509_PURPOSE_SET = 141; + +/* Reason codes. */ +enum X509V3_R_BAD_IP_ADDRESS = 118; +enum X509V3_R_BAD_OBJECT = 119; +enum X509V3_R_BN_DEC2BN_ERROR = 100; +enum X509V3_R_BN_TO_ASN1_INTEGER_ERROR = 101; +enum X509V3_R_DIRNAME_ERROR = 149; +enum X509V3_R_DISTPOINT_ALREADY_SET = 160; +enum X509V3_R_DUPLICATE_ZONE_ID = 133; +enum X509V3_R_ERROR_CONVERTING_ZONE = 131; +enum X509V3_R_ERROR_CREATING_EXTENSION = 144; +enum X509V3_R_ERROR_IN_EXTENSION = 128; +enum X509V3_R_EXPECTED_A_SECTION_NAME = 137; +enum X509V3_R_EXTENSION_EXISTS = 145; +enum X509V3_R_EXTENSION_NAME_ERROR = 115; +enum X509V3_R_EXTENSION_NOT_FOUND = 102; +enum X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED = 103; +enum X509V3_R_EXTENSION_VALUE_ERROR = 116; +enum X509V3_R_ILLEGAL_EMPTY_EXTENSION = 151; +enum X509V3_R_ILLEGAL_HEX_DIGIT = 113; +enum X509V3_R_INCORRECT_POLICY_SYNTAX_TAG = 152; +enum X509V3_R_INVALID_MULTIPLE_RDNS = 161; +enum X509V3_R_INVALID_ASNUMBER = 162; +enum X509V3_R_INVALID_ASRANGE = 163; +enum X509V3_R_INVALID_BOOLEAN_STRING = 104; +enum X509V3_R_INVALID_EXTENSION_STRING = 105; +enum X509V3_R_INVALID_INHERITANCE = 165; +enum X509V3_R_INVALID_IPADDRESS = 166; +enum X509V3_R_INVALID_NAME = 106; +enum X509V3_R_INVALID_NULL_ARGUMENT = 107; +enum X509V3_R_INVALID_NULL_NAME = 108; +enum X509V3_R_INVALID_NULL_VALUE = 109; +enum X509V3_R_INVALID_NUMBER = 140; +enum X509V3_R_INVALID_NUMBERS = 141; +enum X509V3_R_INVALID_OBJECT_IDENTIFIER = 110; +enum X509V3_R_INVALID_OPTION = 138; +enum X509V3_R_INVALID_POLICY_IDENTIFIER = 134; +enum X509V3_R_INVALID_PROXY_POLICY_SETTING = 153; +enum X509V3_R_INVALID_PURPOSE = 146; +enum X509V3_R_INVALID_SAFI = 164; +enum X509V3_R_INVALID_SECTION = 135; +enum X509V3_R_INVALID_SYNTAX = 143; +enum X509V3_R_ISSUER_DECODE_ERROR = 126; +enum X509V3_R_MISSING_VALUE = 124; +enum X509V3_R_NEED_ORGANIZATION_AND_NUMBERS = 142; +enum X509V3_R_NO_CONFIG_DATABASE = 136; +enum X509V3_R_NO_ISSUER_CERTIFICATE = 121; +enum X509V3_R_NO_ISSUER_DETAILS = 127; +enum X509V3_R_NO_POLICY_IDENTIFIER = 139; +enum X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED = 154; +enum X509V3_R_NO_PUBLIC_KEY = 114; +enum X509V3_R_NO_SUBJECT_DETAILS = 125; +enum X509V3_R_ODD_NUMBER_OF_DIGITS = 112; +enum X509V3_R_OPERATION_NOT_DEFINED = 148; +enum X509V3_R_OTHERNAME_ERROR = 147; +enum X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED = 155; +enum X509V3_R_POLICY_PATH_LENGTH = 156; +enum X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED = 157; +enum X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED = 158; +enum X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY = 159; +enum X509V3_R_SECTION_NOT_FOUND = 150; +enum X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS = 122; +enum X509V3_R_UNABLE_TO_GET_ISSUER_KEYID = 123; +enum X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT = 111; +enum X509V3_R_UNKNOWN_EXTENSION = 129; +enum X509V3_R_UNKNOWN_EXTENSION_NAME = 130; +enum X509V3_R_UNKNOWN_OPTION = 120; +enum X509V3_R_UNSUPPORTED_OPTION = 117; +enum X509V3_R_UNSUPPORTED_TYPE = 167; +enum X509V3_R_USER_TOO_LONG = 132; diff --git a/dub.sdl b/dub.sdl deleted file mode 100644 index 972af0b..0000000 --- a/dub.sdl +++ /dev/null @@ -1,6 +0,0 @@ -name "ircbot" -description "meme irc bot" -authors "lesderid" -copyright "No rights reserved." -license "CC0" -dependency "openssl" version="~>2.0.0" diff --git a/dub.selections.json b/dub.selections.json deleted file mode 100644 index 7d061d1..0000000 --- a/dub.selections.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "fileVersion": 1, - "versions": { - "openssl": "2.0.0+1.1.0h" - } -} diff --git a/source/app.d b/ircbot.d old mode 100644 new mode 100755 similarity index 99% rename from source/app.d rename to ircbot.d index 6326dd1..1fd4e09 --- a/source/app.d +++ b/ircbot.d @@ -1,3 +1,5 @@ +#!/usr/bin/env rdmd + /+ Written in 2019 by Les De Ridder @@ -23,7 +25,7 @@ import core.sys.posix.poll; import std.socket; import deimos.openssl.ssl; -extern(C): int SSL_has_pending(const(SSL)* s); +pragma(lib, "ssl"); enum Server = "irc.soupwhale.com"; enum Port = 6697;