/* crypto/evp/evp.h *//* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. *  * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to.  The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code.  The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). *  * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. *  * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the copyright *    notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright *    notice, this list of conditions and the following disclaimer in the *    documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software *    must display the following acknowledgement: *    "This product includes cryptographic software written by *     Eric Young (eay@cryptsoft.com)" *    The word 'cryptographic' can be left out if the rouines from the library *    being used are not cryptographic related :-). * 4. If you include any Windows specific code (or a derivative thereof) from  *    the apps directory (application code) you must include an acknowledgement: *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" *  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. *  * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed.  i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] */#ifndef HEADER_ENVELOPE_H#define HEADER_ENVELOPE_H#ifdef OPENSSL_ALGORITHM_DEFINES# include <openssl/opensslconf.h>#else# define OPENSSL_ALGORITHM_DEFINES# include <openssl/opensslconf.h># undef OPENSSL_ALGORITHM_DEFINES#endif#ifndef NO_BIO#include <openssl/bio.h>#endif#ifndef NO_MD2#include <openssl/md2.h>#endif#ifndef NO_MD4#include <openssl/md4.h>#endif#ifndef NO_MD5#include <openssl/md5.h>#endif#ifndef NO_SHA#include <openssl/sha.h>#endif#ifndef NO_RIPEMD#include <openssl/ripemd.h>#endif#ifndef NO_DES#include <openssl/des.h>#endif#ifndef NO_RC4#include <openssl/rc4.h>#endif#ifndef NO_RC2#include <openssl/rc2.h>#endif#ifndef NO_RC5#include <openssl/rc5.h>#endif#ifndef NO_BF#include <openssl/blowfish.h>#endif#ifndef NO_CAST#include <openssl/cast.h>#endif#ifndef NO_IDEA#include <openssl/idea.h>#endif#ifndef NO_MDC2#include <openssl/mdc2.h>#endif#define EVP_RC2_KEY_SIZE		16#define EVP_RC4_KEY_SIZE		16#define EVP_BLOWFISH_KEY_SIZE		16#define EVP_CAST5_KEY_SIZE		16#define EVP_RC5_32_12_16_KEY_SIZE	16#define EVP_MAX_MD_SIZE			(16+20) /* The SSLv3 md5+sha1 type */#define EVP_MAX_KEY_LENGTH		24#define EVP_MAX_IV_LENGTH		8#define PKCS5_SALT_LEN			8/* Default PKCS#5 iteration count */#define PKCS5_DEFAULT_ITER		2048#ifndef NO_RSA#include <openssl/rsa.h>#endif#ifndef NO_DSA#include <openssl/dsa.h>#endif#ifndef NO_DH#include <openssl/dh.h>#endif#include <openssl/objects.h>#define EVP_PK_RSA	0x0001#define EVP_PK_DSA	0x0002#define EVP_PK_DH	0x0004#define EVP_PKT_SIGN	0x0010#define EVP_PKT_ENC	0x0020#define EVP_PKT_EXCH	0x0040#define EVP_PKS_RSA	0x0100#define EVP_PKS_DSA	0x0200#define EVP_PKT_EXP	0x1000 /* <= 512 bit key */#define EVP_PKEY_NONE	NID_undef#define EVP_PKEY_RSA	NID_rsaEncryption#define EVP_PKEY_RSA2	NID_rsa#define EVP_PKEY_DSA	NID_dsa#define EVP_PKEY_DSA1	NID_dsa_2#define EVP_PKEY_DSA2	NID_dsaWithSHA#define EVP_PKEY_DSA3	NID_dsaWithSHA1#define EVP_PKEY_DSA4	NID_dsaWithSHA1_2#define EVP_PKEY_DH	NID_dhKeyAgreement#ifdef	__cplusplusextern "C" {#endif/* Type needs to be a bit field * Sub-type needs to be for variations on the method, as in, can it do * arbitrary encryption.... */typedef struct evp_pkey_st	{	int type;	int save_type;	int references;	union	{		char *ptr;#ifndef NO_RSA		struct rsa_st *rsa;	/* RSA */#endif#ifndef NO_DSA		struct dsa_st *dsa;	/* DSA */#endif#ifndef NO_DH		struct dh_st *dh;	/* DH */#endif		} pkey;	int save_parameters;	STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */	} EVP_PKEY;#define EVP_PKEY_MO_SIGN	0x0001#define EVP_PKEY_MO_VERIFY	0x0002#define EVP_PKEY_MO_ENCRYPT	0x0004#define EVP_PKEY_MO_DECRYPT	0x0008#if 0/* This structure is required to tie the message digest and signing together. * The lookup can be done by md/pkey_method, oid, oid/pkey_method, or * oid, md and pkey. * This is required because for various smart-card perform the digest and * signing/verification on-board.  To handle this case, the specific * EVP_MD and EVP_PKEY_METHODs need to be closely associated. * When a PKEY is created, it will have a EVP_PKEY_METHOD associated with it. * This can either be software or a token to provide the required low level * routines. */typedef struct evp_pkey_md_st	{	int oid;	EVP_MD *md;	EVP_PKEY_METHOD *pkey;	} EVP_PKEY_MD;#define EVP_rsa_md2() \		EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\			EVP_rsa_pkcs1(),EVP_md2())#define EVP_rsa_md5() \		EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\			EVP_rsa_pkcs1(),EVP_md5())#define EVP_rsa_sha0() \		EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\			EVP_rsa_pkcs1(),EVP_sha())#define EVP_rsa_sha1() \		EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\			EVP_rsa_pkcs1(),EVP_sha1())#define EVP_rsa_ripemd160() \		EVP_PKEY_MD_add(NID_ripemd160WithRSA,\			EVP_rsa_pkcs1(),EVP_ripemd160())#define EVP_rsa_mdc2() \		EVP_PKEY_MD_add(NID_mdc2WithRSA,\			EVP_rsa_octet_string(),EVP_mdc2())#define EVP_dsa_sha() \		EVP_PKEY_MD_add(NID_dsaWithSHA,\			EVP_dsa(),EVP_sha())#define EVP_dsa_sha1() \		EVP_PKEY_MD_add(NID_dsaWithSHA1,\			EVP_dsa(),EVP_sha1())typedef struct evp_pkey_method_st	{	char *name;	int flags;	int type;		/* RSA, DSA, an SSLeay specific constant */	int oid;		/* For the pub-key type */	int encrypt_oid;	/* pub/priv key encryption */	int (*sign)();	int (*verify)();	struct	{		int		int (*set)();	/* get and/or set the underlying type */		int (*get)();		int (*encrypt)();		int (*decrypt)();		int (*i2d)();		int (*d2i)();		int (*dup)();		} pub,priv;	int (*set_asn1_parameters)();	int (*get_asn1_parameters)();	} EVP_PKEY_METHOD;#endif#ifndef EVP_MDtypedef struct env_md_st	{	int type;	int pkey_type;	int md_size;	void (*init)();	void (*update)();	void (*final)();	int (*sign)();	int (*verify)();	int required_pkey_type[5]; /*EVP_PKEY_xxx */	int block_size;	int ctx_size; /* how big does the ctx need to be */	} EVP_MD;#define EVP_PKEY_NULL_method	NULL,NULL,{0,0,0,0}#ifndef NO_DSA#define EVP_PKEY_DSA_method	DSA_sign,DSA_verify, \				{EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \					EVP_PKEY_DSA4,0}#else#define EVP_PKEY_DSA_method	EVP_PKEY_NULL_method#endif#ifndef NO_RSA#define EVP_PKEY_RSA_method	RSA_sign,RSA_verify, \				{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \				RSA_sign_ASN1_OCTET_STRING, \				RSA_verify_ASN1_OCTET_STRING, \				{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}#else#define EVP_PKEY_RSA_method	EVP_PKEY_NULL_method#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method#endif#endif /* !EVP_MD */typedef struct env_md_ctx_st	{	const EVP_MD *digest;	union	{		unsigned char base[4];#ifndef NO_MD2		MD2_CTX md2;#endif#ifndef NO_MD5		MD5_CTX md5;#endif#ifndef NO_MD4		MD4_CTX md4;#endif#ifndef NO_RIPEMD		RIPEMD160_CTX ripemd160;#endif#ifndef NO_SHA		SHA_CTX sha;#endif#ifndef NO_MDC2		MDC2_CTX mdc2;#endif		} md;	} EVP_MD_CTX;typedef struct evp_cipher_st EVP_CIPHER;typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;struct evp_cipher_st	{	int nid;	int block_size;	int key_len;		/* Default value for variable length ciphers */	int iv_len;	unsigned long flags;	/* Various flags */	int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,		    const unsigned char *iv, int enc);	/* init key */	int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,			 const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */	int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */	int ctx_size;		/* how big the ctx needs to be */	int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */	int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */	int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */	void *app_data;		/* Application data */	};/* Values for cipher flags *//* Modes for ciphers */#define		EVP_CIPH_STREAM_CIPHER		0x0#define		EVP_CIPH_ECB_MODE		0x1#define		EVP_CIPH_CBC_MODE		0x2#define		EVP_CIPH_CFB_MODE		0x3#define		EVP_CIPH_OFB_MODE		0x4#define 	EVP_CIPH_MODE			0x7/* Set if variable length cipher */#define 	EVP_CIPH_VARIABLE_LENGTH	0x8/* Set if the iv handling should be done by the cipher itself */#define 	EVP_CIPH_CUSTOM_IV		0x10/* Set if the cipher's init() function should be called if key is NULL */#define 	EVP_CIPH_ALWAYS_CALL_INIT	0x20/* Call ctrl() to init cipher parameters */#define 	EVP_CIPH_CTRL_INIT		0x40/* Don't use standard key length function */#define 	EVP_CIPH_CUSTOM_KEY_LENGTH	0x80/* ctrl() values */#define		EVP_CTRL_INIT			0x0#define 	EVP_CTRL_SET_KEY_LENGTH		0x1#define 	EVP_CTRL_GET_RC2_KEY_BITS	0x2#define 	EVP_CTRL_SET_RC2_KEY_BITS	0x3#define 	EVP_CTRL_GET_RC5_ROUNDS		0x4#define 	EVP_CTRL_SET_RC5_ROUNDS		0x5typedef struct evp_cipher_info_st	{	const EVP_CIPHER *cipher;	unsigned char iv[EVP_MAX_IV_LENGTH];	} EVP_CIPHER_INFO;struct evp_cipher_ctx_st	{	const EVP_CIPHER *cipher;	int encrypt;		/* encrypt or decrypt */	int buf_len;		/* number we have left */	unsigned char  oiv[EVP_MAX_IV_LENGTH];	/* original iv */	unsigned char  iv[EVP_MAX_IV_LENGTH];	/* working iv */	unsigned char buf[EVP_MAX_IV_LENGTH];	/* saved partial block */	int num;				/* used by cfb/ofb mode */	void *app_data;		/* application stuff */	int key_len;		/* May change for variable length cipher */	union	{#ifndef NO_RC4		struct			{			unsigned char key[EVP_RC4_KEY_SIZE];			RC4_KEY ks;	/* working key */			} rc4;#endif#ifndef NO_DES		des_key_schedule des_ks;/* key schedule */		struct			{			des_key_schedule ks;/* key schedule */			des_cblock inw;			des_cblock outw;			} desx_cbc;		struct			{			des_key_schedule ks1;/* key schedule */			des_key_schedule ks2;/* key schedule (for ede) */			des_key_schedule ks3;/* key schedule (for ede3) */			} des_ede;#endif#ifndef NO_IDEA		IDEA_KEY_SCHEDULE idea_ks;/* key schedule */#endif