1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
|
/* ssl.h
*
* Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
*
* This file is part of CyaSSL.
*
* CyaSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* CyaSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* ssl.h defines openssl compatibility layer
*
*/
#ifndef CYASSL_OPENSSL_H_
#define CYASSL_OPENSSL_H_
#include "os_settings.h" /* for users not using preprocessor flags */
#ifndef NO_FILESYSTEM
#include <stdio.h> /* ERR_print fp */
#endif
#ifdef YASSL_PREFIX
#include "prefix_ssl.h"
#endif
#define CYASSL_VERSION "1.9.0"
#undef X509_NAME /* wincrypt.h clash */
#ifdef __cplusplus
extern "C" {
#endif
typedef struct SSL SSL;
typedef struct SSL_SESSION SSL_SESSION;
typedef struct SSL_METHOD SSL_METHOD;
typedef struct SSL_CTX SSL_CTX;
typedef struct X509 X509;
typedef struct X509_NAME X509_NAME;
typedef struct X509_CHAIN X509_CHAIN;
/* redeclare guard */
#define SSL_TYPES_DEFINED
typedef struct EVP_PKEY EVP_PKEY;
typedef struct RSA RSA;
typedef struct BIO BIO;
typedef struct BIO_METHOD BIO_METHOD;
typedef struct SSL_CIPHER SSL_CIPHER;
typedef struct X509_LOOKUP X509_LOOKUP;
typedef struct X509_LOOKUP_METHOD X509_LOOKUP_METHOD;
typedef struct X509_CRL X509_CRL;
typedef struct X509_EXTENSION X509_EXTENSION;
typedef struct ASN1_TIME ASN1_TIME;
typedef struct ASN1_INTEGER ASN1_INTEGER;
typedef struct ASN1_OBJECT ASN1_OBJECT;
typedef struct ASN1_STRING ASN1_STRING;
typedef struct CRYPTO_dynlock_value CRYPTO_dynlock_value;
#define ASN1_UTCTIME ASN1_TIME
typedef struct MD4_CTX {
int buffer[32]; /* big enough to hold, check size in Init */
} MD4_CTX;
typedef struct COMP_METHOD {
int type; /* stunnel dereference */
} COMP_METHOD;
typedef struct X509_STORE {
int cache; /* stunnel dereference */
} X509_STORE;
typedef struct X509_REVOKED {
ASN1_INTEGER* serialNumber; /* stunnel dereference */
} X509_REVOKED;
typedef struct X509_OBJECT {
union {
char* ptr;
X509_CRL* crl; /* stunnel dereference */
} data;
} X509_OBJECT;
/* in cyassl_int.h too, change there !! */
typedef struct X509_STORE_CTX {
int error;
int error_depth;
X509* current_cert; /* stunnel dereference */
char* domain; /* subject CN domain name */
/* in cyassl_int.h too, change there !! */
} X509_STORE_CTX;
SSL_METHOD *SSLv3_server_method(void);
SSL_METHOD *SSLv3_client_method(void);
SSL_METHOD *TLSv1_server_method(void);
SSL_METHOD *TLSv1_client_method(void);
SSL_METHOD *TLSv1_1_server_method(void);
SSL_METHOD *TLSv1_1_client_method(void);
SSL_METHOD *TLSv1_2_server_method(void);
SSL_METHOD *TLSv1_2_client_method(void);
#ifdef CYASSL_DTLS
SSL_METHOD *DTLSv1_client_method(void);
SSL_METHOD *DTLSv1_server_method(void);
#endif
#ifndef NO_FILESYSTEM
int SSL_CTX_use_certificate_file(SSL_CTX*, const char*, int);
int SSL_CTX_use_PrivateKey_file(SSL_CTX*, const char*, int);
int SSL_CTX_load_verify_locations(SSL_CTX*, const char*, const char*);
int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX*, const char*, int);
#ifdef CYASSL_DER_LOAD
int CyaSSL_CTX_load_verify_locations(SSL_CTX*, const char*, int);
#endif
#ifdef HAVE_NTRU
int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); /* load NTRU
private key blob */
#endif
int CyaSSL_PemCertToDer(const char*, unsigned char*, int);
#endif /* NO_FILESYSTEM */
SSL_CTX* SSL_CTX_new(SSL_METHOD*);
SSL* SSL_new(SSL_CTX*);
int SSL_set_fd (SSL*, int);
int SSL_get_fd(const SSL*);
int SSL_connect(SSL*); /* please see note at top of README
if you get an error from connect */
int SSL_write(SSL*, const void*, int);
int SSL_read(SSL*, void*, int);
int SSL_accept(SSL*);
void SSL_CTX_free(SSL_CTX*);
void SSL_free(SSL*);
int SSL_shutdown(SSL*);
void SSL_CTX_set_quiet_shutdown(SSL_CTX*, int);
int SSL_get_error(SSL*, int);
int SSL_set_session(SSL *ssl, SSL_SESSION *session);
SSL_SESSION* SSL_get_session(SSL* ssl);
void SSL_flush_sessions(SSL_CTX *ctx, long tm);
typedef int (*VerifyCallback)(int, X509_STORE_CTX*);
typedef int (*pem_password_cb)(char*, int, int, void*);
void SSL_CTX_set_verify(SSL_CTX*, int, VerifyCallback verify_callback);
int SSL_pending(SSL*);
void SSL_load_error_strings(void);
int SSL_library_init(void);
long SSL_CTX_set_session_cache_mode(SSL_CTX*, long);
/* only supports full name from cipher_name[] delimited by : */
int SSL_CTX_set_cipher_list(SSL_CTX*, const char*);
char* ERR_error_string(unsigned long,char*);
void ERR_error_string_n(unsigned long e, char *buf, size_t len);
/* extras */
#define STACK_OF(x) x
int SSL_set_ex_data(SSL*, int, void*);
int SSL_get_shutdown(const SSL*);
int SSL_set_rfd(SSL*, int);
int SSL_set_wfd(SSL*, int);
void SSL_set_shutdown(SSL*, int);
int SSL_set_session_id_context(SSL*, const unsigned char*, unsigned int);
void SSL_set_connect_state(SSL*);
void SSL_set_accept_state(SSL*);
int SSL_session_reused(SSL*);
void SSL_SESSION_free(SSL_SESSION* session);
const char* SSL_get_version(SSL*);
SSL_CIPHER* SSL_get_current_cipher(SSL*);
char* SSL_CIPHER_description(SSL_CIPHER*, char*, int);
const char* SSL_CIPHER_get_name(const SSL_CIPHER* cipher);
SSL_SESSION* SSL_get1_session(SSL* ssl); /* what's ref count */
void X509_free(X509*);
void OPENSSL_free(void*);
int OCSP_parse_url(char* url, char** host, char** port, char** path, int* ssl);
SSL_METHOD* SSLv23_client_method(void);
SSL_METHOD* SSLv2_client_method(void);
SSL_METHOD* SSLv2_server_method(void);
void MD4_Init(MD4_CTX*);
void MD4_Update(MD4_CTX*, const void*, size_t);
void MD4_Final(unsigned char*, MD4_CTX*);
BIO* BIO_new(BIO_METHOD*);
int BIO_free(BIO*);
int BIO_free_all(BIO*);
int BIO_read(BIO*, void*, int);
int BIO_write(BIO*, const void*, int);
BIO* BIO_push(BIO*, BIO* append);
BIO* BIO_pop(BIO*);
int BIO_flush(BIO*);
int BIO_pending(BIO*);
BIO_METHOD* BIO_f_buffer(void);
long BIO_set_write_buffer_size(BIO*, long size);
BIO_METHOD* BIO_f_ssl(void);
BIO* BIO_new_socket(int sfd, int flag);
void SSL_set_bio(SSL*, BIO* rd, BIO* wr);
int BIO_eof(BIO*);
long BIO_set_ssl(BIO*, SSL*, int flag);
BIO_METHOD* BIO_s_mem(void);
BIO_METHOD* BIO_f_base64(void);
void BIO_set_flags(BIO*, int);
void OpenSSL_add_all_algorithms(void);
int SSLeay_add_ssl_algorithms(void);
int SSLeay_add_all_algorithms(void);
void RAND_screen(void);
const char* RAND_file_name(char*, size_t);
int RAND_write_file(const char*);
int RAND_load_file(const char*, long);
int RAND_egd(const char*);
COMP_METHOD* COMP_zlib(void);
COMP_METHOD* COMP_rle(void);
int SSL_COMP_add_compression_method(int, void*);
int SSL_get_ex_new_index(long, void*, void*, void*, void*);
void CRYPTO_set_id_callback(unsigned long (*f)(void));
void CRYPTO_set_locking_callback(void (*f)(int, int, const char*, int));
void CRYPTO_set_dynlock_create_callback(CRYPTO_dynlock_value* (*f)(const char*,
int));
void CRYPTO_set_dynlock_lock_callback(void (*f)(int, CRYPTO_dynlock_value*,
const char*, int));
void CRYPTO_set_dynlock_destroy_callback(void (*f)(CRYPTO_dynlock_value*,
const char*, int));
X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX*);
int X509_STORE_CTX_get_error(X509_STORE_CTX*);
int X509_STORE_CTX_get_error_depth(X509_STORE_CTX*);
char* X509_NAME_oneline(X509_NAME*, char*, int);
X509_NAME* X509_get_issuer_name(X509*);
X509_NAME* X509_get_subject_name(X509*);
const char* X509_verify_cert_error_string(long);
int X509_LOOKUP_add_dir(X509_LOOKUP*, const char*, long);
int X509_LOOKUP_load_file(X509_LOOKUP*, const char*, long);
X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void);
X509_LOOKUP_METHOD* X509_LOOKUP_file(void);
X509_LOOKUP* X509_STORE_add_lookup(X509_STORE*, X509_LOOKUP_METHOD*);
X509_STORE* X509_STORE_new(void);
int X509_STORE_get_by_subject(X509_STORE_CTX*, int, X509_NAME*,
X509_OBJECT*);
int X509_STORE_CTX_init(X509_STORE_CTX*, X509_STORE*, X509*, STACK_OF(X509)*);
void X509_STORE_CTX_cleanup(X509_STORE_CTX*);
ASN1_TIME* X509_CRL_get_lastUpdate(X509_CRL*);
ASN1_TIME* X509_CRL_get_nextUpdate(X509_CRL*);
EVP_PKEY* X509_get_pubkey(X509*);
int X509_CRL_verify(X509_CRL*, EVP_PKEY*);
void X509_STORE_CTX_set_error(X509_STORE_CTX*, int);
void X509_OBJECT_free_contents(X509_OBJECT*);
void EVP_PKEY_free(EVP_PKEY*);
int X509_cmp_current_time(const ASN1_TIME*);
int sk_X509_REVOKED_num(X509_REVOKED*);
X509_REVOKED* X509_CRL_get_REVOKED(X509_CRL*);
X509_REVOKED* sk_X509_REVOKED_value(X509_REVOKED*, int);
ASN1_INTEGER* X509_get_serialNumber(X509*);
int ASN1_TIME_print(BIO*, const ASN1_TIME*);
int ASN1_INTEGER_cmp(const ASN1_INTEGER*, const ASN1_INTEGER*);
long ASN1_INTEGER_get(const ASN1_INTEGER*);
STACK_OF(X509_NAME)* SSL_load_client_CA_file(const char*);
void SSL_CTX_set_client_CA_list(SSL_CTX*, STACK_OF(X509_NAME)*);
void* X509_STORE_CTX_get_ex_data(X509_STORE_CTX*, int);
int SSL_get_ex_data_X509_STORE_CTX_idx(void);
void* SSL_get_ex_data(const SSL*, int);
void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*, void* userdata);
void SSL_CTX_set_default_passwd_cb(SSL_CTX*, pem_password_cb);
long SSL_CTX_set_timeout(SSL_CTX*, long);
void SSL_CTX_set_info_callback(SSL_CTX*, void (*)());
unsigned long ERR_peek_error(void);
int ERR_GET_REASON(int);
char* SSL_alert_type_string_long(int);
char* SSL_alert_desc_string_long(int);
char* SSL_state_string_long(SSL*);
void RSA_free(RSA*);
RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), void*);
void SSL_CTX_set_tmp_rsa_callback(SSL_CTX*, RSA*(*)(SSL*, int, int));
int PEM_def_callback(char*, int num, int w, void* key);
long SSL_CTX_sess_accept(SSL_CTX*);
long SSL_CTX_sess_connect(SSL_CTX*);
long SSL_CTX_sess_accept_good(SSL_CTX*);
long SSL_CTX_sess_connect_good(SSL_CTX*);
long SSL_CTX_sess_accept_renegotiate(SSL_CTX*);
long SSL_CTX_sess_connect_renegotiate(SSL_CTX*);
long SSL_CTX_sess_hits(SSL_CTX*);
long SSL_CTX_sess_cb_hits(SSL_CTX*);
long SSL_CTX_sess_cache_full(SSL_CTX*);
long SSL_CTX_sess_misses(SSL_CTX*);
long SSL_CTX_sess_timeouts(SSL_CTX*);
long SSL_CTX_sess_number(SSL_CTX*);
long SSL_CTX_sess_get_cache_size(SSL_CTX*);
#define SSL_DEFAULT_CIPHER_LIST "" /* default all */
#define RSA_F4 0x10001L
enum {
OCSP_NOCERTS = 1,
OCSP_NOINTERN = 2,
OCSP_NOSIGS = 4,
OCSP_NOCHAIN = 8,
OCSP_NOVERIFY = 16,
OCSP_NOEXPLICIT = 32,
OCSP_NOCASIGN = 64,
OCSP_NODELEGATED = 128,
OCSP_NOCHECKS = 256,
OCSP_TRUSTOTHER = 512,
OCSP_RESPID_KEY = 1024,
OCSP_NOTIME = 2048,
OCSP_CERTID = 2,
OCSP_REQUEST = 4,
OCSP_RESPONSE = 8,
OCSP_BASICRESP = 16,
ASN1_GENERALIZEDTIME = 4,
SSL_OP_MICROSOFT_SESS_ID_BUG = 1,
SSL_OP_NETSCAPE_CHALLENGE_BUG = 2,
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 3,
SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 4,
SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 5,
SSL_OP_MSIE_SSLV2_RSA_PADDING = 6,
SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 7,
SSL_OP_TLS_D5_BUG = 8,
SSL_OP_TLS_BLOCK_PADDING_BUG = 9,
SSL_OP_TLS_ROLLBACK_BUG = 10,
SSL_OP_ALL = 11,
SSL_OP_EPHEMERAL_RSA = 12,
SSL_OP_NO_SSLv3 = 13,
SSL_OP_NO_TLSv1 = 14,
SSL_OP_PKCS1_CHECK_1 = 15,
SSL_OP_PKCS1_CHECK_2 = 16,
SSL_OP_NETSCAPE_CA_DN_BUG = 17,
SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 18,
SSL_OP_SINGLE_DH_USE = 19,
SSL_OP_NO_TICKET = 20,
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 21,
SSL_OP_NO_QUERY_MTU = 22,
SSL_OP_COOKIE_EXCHANGE = 23,
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 24,
SSL_OP_SINGLE_ECDH_USE = 25,
SSL_OP_CIPHER_SERVER_PREFERENCE = 26,
SSL_MAX_SSL_SESSION_ID_LENGTH = 32,
EVP_R_BAD_DECRYPT = 2,
SSL_CB_LOOP = 4,
SSL_ST_CONNECT = 5,
SSL_ST_ACCEPT = 6,
SSL_CB_ALERT = 7,
SSL_CB_READ = 8,
SSL_CB_HANDSHAKE_DONE = 9,
SSL_MODE_ENABLE_PARTIAL_WRITE = 2,
BIO_FLAGS_BASE64_NO_NL = 1,
BIO_CLOSE = 1,
BIO_NOCLOSE = 0,
NID_undef = 0,
X509_FILETYPE_PEM = 8,
X509_LU_X509 = 9,
X509_LU_CRL = 12,
X509_V_ERR_CRL_SIGNATURE_FAILURE = 13,
X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 14,
X509_V_ERR_CRL_HAS_EXPIRED = 15,
X509_V_ERR_CERT_REVOKED = 16,
X509_V_ERR_CERT_CHAIN_TOO_LONG = 17,
X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 18,
X509_V_ERR_CERT_NOT_YET_VALID = 19,
X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 20,
X509_V_ERR_CERT_HAS_EXPIRED = 21,
X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 22,
X509_V_OK = 0,
CRYPTO_LOCK = 1,
CRYPTO_NUM_LOCKS = 10,
};
/* extras end */
#ifndef NO_FILESYSTEM
/* CyaSSL extension, provide last error from SSL_get_error
since not using thread storage error queue */
void ERR_print_errors_fp(FILE*, int err);
#endif
enum { /* ssl Constants */
SSL_ERROR_NONE = 0, /* for most functions */
SSL_FAILURE = 0, /* for some functions */
SSL_SUCCESS = 1,
SSL_BAD_CERTTYPE = -8,
SSL_BAD_STAT = -7,
SSL_BAD_PATH = -6,
SSL_BAD_FILETYPE = -5,
SSL_BAD_FILE = -4,
SSL_NOT_IMPLEMENTED = -3,
SSL_UNKNOWN = -2,
SSL_FATAL_ERROR = -1,
SSL_FILETYPE_ASN1 = 2,
SSL_FILETYPE_PEM = 1,
SSL_FILETYPE_DEFAULT = 2, /* ASN1 */
SSL_FILETYPE_RAW = 3, /* NTRU raw key blob */
SSL_VERIFY_NONE = 0,
SSL_VERIFY_PEER = 1,
SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2,
SSL_VERIFY_CLIENT_ONCE = 4,
SSL_SESS_CACHE_OFF = 30,
SSL_SESS_CACHE_CLIENT = 31,
SSL_SESS_CACHE_SERVER = 32,
SSL_SESS_CACHE_BOTH = 33,
SSL_SESS_CACHE_NO_AUTO_CLEAR = 34,
SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 35,
SSL_ERROR_WANT_READ = 2,
SSL_ERROR_WANT_WRITE = 3,
SSL_ERROR_WANT_CONNECT = 7,
SSL_ERROR_WANT_ACCEPT = 8,
SSL_ERROR_SYSCALL = 5,
SSL_ERROR_WANT_X509_LOOKUP = 83,
SSL_ERROR_ZERO_RETURN = 6,
SSL_ERROR_SSL = 85,
SSL_SENT_SHUTDOWN = 1,
SSL_RECEIVED_SHUTDOWN = 2,
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = 4,
SSL_OP_NO_SSLv2 = 8,
SSL_R_SSL_HANDSHAKE_FAILURE = 101,
SSL_R_TLSV1_ALERT_UNKNOWN_CA = 102,
SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 103,
SSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 104,
PEM_BUFSIZE = 1024,
};
#ifndef NO_PSK
typedef unsigned int (*psk_client_callback)(SSL*, const char*, char*,
unsigned int, unsigned char*, unsigned int);
void SSL_CTX_set_psk_client_callback(SSL_CTX*, psk_client_callback);
void SSL_set_psk_client_callback(SSL*, psk_client_callback);
const char* SSL_get_psk_identity_hint(const SSL*);
const char* SSL_get_psk_identity(const SSL*);
int SSL_CTX_use_psk_identity_hint(SSL_CTX*, const char*);
int SSL_use_psk_identity_hint(SSL*, const char*);
typedef unsigned int (*psk_server_callback)(SSL*, const char*,
unsigned char*, unsigned int);
void SSL_CTX_set_psk_server_callback(SSL_CTX*, psk_server_callback);
void SSL_set_psk_server_callback(SSL*, psk_server_callback);
#define PSK_TYPES_DEFINED
#endif /* NO_PSK */
/* extra begins */
enum { /* ERR Constants */
ERR_TXT_STRING = 1,
};
unsigned long ERR_get_error_line_data(const char**, int*, const char**, int *);
unsigned long ERR_get_error(void);
void ERR_clear_error(void);
int RAND_status(void);
int RAND_bytes(unsigned char* buf, int num);
SSL_METHOD *SSLv23_server_method(void);
long SSL_CTX_set_options(SSL_CTX*, long);
int SSL_CTX_check_private_key(SSL_CTX*);
void ERR_free_strings(void);
void ERR_remove_state(unsigned long);
void EVP_cleanup(void);
void CRYPTO_cleanup_all_ex_data(void);
long SSL_CTX_set_mode(SSL_CTX* ctx, long mode);
long SSL_CTX_get_mode(SSL_CTX* ctx);
void SSL_CTX_set_default_read_ahead(SSL_CTX* ctx, int m);
long SSL_CTX_sess_set_cache_size(SSL_CTX*, long);
int SSL_CTX_set_default_verify_paths(SSL_CTX*);
int SSL_CTX_set_session_id_context(SSL_CTX*, const unsigned char*,
unsigned int);
X509* SSL_get_peer_certificate(SSL* ssl);
int SSL_want_read(SSL*);
int SSL_want_write(SSL*);
int BIO_printf(BIO*, const char*, ...);
int ASN1_UTCTIME_print(BIO*, const ASN1_UTCTIME*);
int sk_num(X509_REVOKED*);
void* sk_value(X509_REVOKED*, int);
/* stunnel 4.28 needs */
void* SSL_CTX_get_ex_data(const SSL_CTX*, int);
int SSL_CTX_set_ex_data(SSL_CTX*, int, void*);
void SSL_CTX_sess_set_get_cb(SSL_CTX*, SSL_SESSION*(*f)(SSL*, unsigned char*,
int, int*));
void SSL_CTX_sess_set_new_cb(SSL_CTX*, int (*f)(SSL*, SSL_SESSION*));
void SSL_CTX_sess_set_remove_cb(SSL_CTX*, void (*f)(SSL_CTX*, SSL_SESSION*));
int i2d_SSL_SESSION(SSL_SESSION*, unsigned char**);
SSL_SESSION* d2i_SSL_SESSION(SSL_SESSION**,const unsigned char**, long);
long SSL_SESSION_get_timeout(const SSL_SESSION*);
long SSL_SESSION_get_time(const SSL_SESSION*);
int SSL_CTX_get_ex_new_index(long, void*, void*, void*, void*);
/* extra ends */
/* CyaSSL extensions */
/* call before SSL_connect, if verifying will add name check to
date check and signature check */
int CyaSSL_check_domain_name(SSL* ssl, const char* dn);
int InitCyaSSL(void); /* need to call once to load library (session cache) */
int FreeCyaSSL(void); /* call when done to free session cache mutex */
int CyaSSL_Debugging_ON(void); /* turn logging on, only if compiled in */
void CyaSSL_Debugging_OFF(void); /* turn logging off */
int CyaSSL_set_compression(SSL* ssl); /* turn on CyaSSL data compression */
int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); /* load NTRU
private key blob */
X509_CHAIN* CyaSSL_get_peer_chain(SSL* ssl); /* get CyaSSL peer X509_CHAIN */
int CyaSSL_get_chain_count(X509_CHAIN* chain); /* peer chain count */
int CyaSSL_get_chain_length(X509_CHAIN*, int idx); /* index cert length */
unsigned char* CyaSSL_get_chain_cert(X509_CHAIN*, int idx); /* index cert */
int CyaSSL_get_chain_cert_pem(X509_CHAIN*, int idx, unsigned char* buffer,
int inLen, int* outLen); /* get index cert in PEM */
const unsigned char* CyaSSL_get_sessionID(const SSL_SESSION* session);
#ifndef _WIN32
#ifndef NO_WRITEV
#include <sys/uio.h>
/* allow writev style writing */
int CyaSSL_writev(SSL* ssl, const struct iovec* iov, int iovcnt);
#endif
#endif
#if defined(NO_FILESYSTEM) || defined(MICRIUM)
int CyaSSL_CTX_load_verify_buffer(SSL_CTX*, const unsigned char*, long, int);
int CyaSSL_CTX_use_certificate_buffer(SSL_CTX*, const unsigned char*, long,int);
int CyaSSL_CTX_use_PrivateKey_buffer(SSL_CTX*, const unsigned char*, long, int);
int CyaSSL_CTX_use_certificate_chain_buffer(SSL_CTX*,const unsigned char*,long);
#endif /* NO_FILESYSTEM || MICRIUM */
/* I/O callbacks */
typedef int (*CallbackIORecv)(char *buf, int sz, void *ctx);
typedef int (*CallbackIOSend)(char *buf, int sz, void *ctx);
void CyaSSL_SetIORecv(SSL_CTX*, CallbackIORecv);
void CyaSSL_SetIOSend(SSL_CTX*, CallbackIOSend);
void CyaSSL_SetIOReadCtx(SSL* ssl, void *ctx);
void CyaSSL_SetIOWriteCtx(SSL* ssl, void *ctx);
#ifdef CYASSL_CALLBACKS
/* used internally by CyaSSL while OpenSSL types aren't */
#include "cyassl_callbacks.h"
typedef int (*HandShakeCallBack)(HandShakeInfo*);
typedef int (*TimeoutCallBack)(TimeoutInfo*);
/* CyaSSL connect extension allowing HandShakeCallBack and/or TimeoutCallBack
for diagnostics */
int CyaSSL_connect_ex(SSL*, HandShakeCallBack, TimeoutCallBack, Timeval);
int CyaSSL_accept_ex(SSL*, HandShakeCallBack, TimeoutCallBack, Timeval);
#endif /* CYASSL_CALLBACKS */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* CyaSSL_openssl_h__ */
|
