Annotation of embedaddon/strongswan/src/libstrongswan/plugins/openssl/openssl_util.h, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2008 Tobias Brunner
! 3: * HSR Hochschule fuer Technik Rapperswil
! 4: *
! 5: * This program is free software; you can redistribute it and/or modify it
! 6: * under the terms of the GNU General Public License as published by the
! 7: * Free Software Foundation; either version 2 of the License, or (at your
! 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 9: *
! 10: * This program is distributed in the hope that it will be useful, but
! 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 13: * for more details.
! 14: */
! 15:
! 16: /**
! 17: * @defgroup openssl_util openssl_util
! 18: * @{ @ingroup openssl_p
! 19: */
! 20:
! 21: #ifndef OPENSSL_UTIL_H_
! 22: #define OPENSSL_UTIL_H_
! 23:
! 24: #include <library.h>
! 25:
! 26: #ifdef X509_NAME
! 27: /* from <wincrypt.h> */
! 28: # undef X509_NAME
! 29: #endif
! 30:
! 31: #include <openssl/bn.h>
! 32: #include <openssl/asn1.h>
! 33:
! 34: /**
! 35: * Returns the length in bytes of a field element
! 36: */
! 37: #define EC_FIELD_ELEMENT_LEN(group) ((EC_GROUP_get_degree(group) + 7) / 8)
! 38:
! 39: /**
! 40: * Creates a hash of a given type of a chunk of data.
! 41: *
! 42: * Note: this function allocates memory for the hash
! 43: *
! 44: * @param hash_type NID of the hash
! 45: * @param data the chunk of data to hash
! 46: * @param hash chunk that contains the hash
! 47: * @return TRUE on success, FALSE otherwise
! 48: */
! 49: bool openssl_hash_chunk(int hash_type, chunk_t data, chunk_t *hash);
! 50:
! 51: /**
! 52: * Concatenates two bignums into a chunk, thereby enforcing the length of
! 53: * a single BIGNUM, if necessary, by pre-pending it with zeros.
! 54: *
! 55: * Note: this function allocates memory for the chunk
! 56: *
! 57: * @param len the length of a single BIGNUM
! 58: * @param a first BIGNUM
! 59: * @param b second BIGNUM
! 60: * @param chunk resulting chunk
! 61: * @return TRUE on success, FALSE otherwise
! 62: */
! 63: bool openssl_bn_cat(const int len, const BIGNUM *a, const BIGNUM *b,
! 64: chunk_t *chunk);
! 65:
! 66: /**
! 67: * Splits a chunk into two bignums of equal binary length.
! 68: *
! 69: * @param chunk a chunk that contains the two BIGNUMs
! 70: * @param a first BIGNUM
! 71: * @param b second BIGNUM
! 72: * @return TRUE on success, FALSE otherwise
! 73: */
! 74: bool openssl_bn_split(chunk_t chunk, BIGNUM *a, BIGNUM *b);
! 75:
! 76: /**
! 77: * Exports the given bignum (assumed to be a positive number) to a chunk in
! 78: * two's complement format (i.e. a zero byte is added if the MSB is set).
! 79: *
! 80: * @param bn the BIGNUM to export
! 81: * @param chunk the chunk (data gets allocated)
! 82: * @return TRUE on success, FALSE otherwise
! 83: */
! 84: bool openssl_bn2chunk(const BIGNUM *bn, chunk_t *chunk);
! 85:
! 86: /**
! 87: * Allocate a chunk using the i2d function of a given object
! 88: *
! 89: * @param type type of the object
! 90: * @param obj object to convert to DER
! 91: * @returns allocated chunk of the object, or chunk_empty
! 92: */
! 93: #define openssl_i2chunk(type, obj) ({ \
! 94: unsigned char *ptr = NULL; \
! 95: int len = i2d_##type(obj, &ptr); \
! 96: len < 0 ? chunk_empty : chunk_create(ptr, len);})
! 97:
! 98: /**
! 99: * Convert an OpenSSL ASN1_OBJECT to a chunk.
! 100: *
! 101: * @param asn1 asn1 object to convert
! 102: * @return chunk, pointing into asn1 object
! 103: */
! 104: chunk_t openssl_asn1_obj2chunk(const ASN1_OBJECT *asn1);
! 105:
! 106: /**
! 107: * Convert an OpenSSL ASN1_STRING to a chunk.
! 108: *
! 109: * @param asn1 asn1 string to convert
! 110: * @return chunk, pointing into asn1 string
! 111: */
! 112: chunk_t openssl_asn1_str2chunk(const ASN1_STRING *asn1);
! 113:
! 114: /**
! 115: * Convert an openssl X509_NAME to a identification_t of type ID_DER_ASN1_DN.
! 116: *
! 117: * @param name name to convert
! 118: * @return identification_t, NULL on error
! 119: */
! 120: identification_t *openssl_x509_name2id(X509_NAME *name);
! 121:
! 122: /**
! 123: * Check if an ASN1 oid is a an OID known by libstrongswan.
! 124: *
! 125: * @param obj openssl ASN1 object
! 126: * @returns OID, as defined in <asn1/oid.h>
! 127: */
! 128: int openssl_asn1_known_oid(const ASN1_OBJECT *obj);
! 129:
! 130: /**
! 131: * Convert an OpenSSL ASN1_TIME to a time_t.
! 132: *
! 133: * @param time openssl ASN1_TIME
! 134: * @returns time_t, 0 on error
! 135: */
! 136: time_t openssl_asn1_to_time(const ASN1_TIME *time);
! 137:
! 138: /**
! 139: * Compatibility macros
! 140: */
! 141: #ifdef OPENSSL_IS_BORINGSSL
! 142: #define EVP_PKEY_base_id(p) EVP_PKEY_type(p->type)
! 143: #endif
! 144:
! 145: /**
! 146: * Macros to define fallback getters/setters to access keys (BIGNUM*) for types
! 147: * that were made opaque with OpenSSL 1.1.0.
! 148: */
! 149: #define OPENSSL_KEY_FALLBACK(...) VA_ARGS_DISPATCH(OPENSSL_KEY_FALLBACK, __VA_ARGS__)(__VA_ARGS__)
! 150: #define OPENSSL_KEY_FALLBACK3(type, k1, k2) \
! 151: __attribute__((unused)) \
! 152: static inline void type##_get0(const type *o, const BIGNUM **k1, const BIGNUM **k2) { \
! 153: if (k1) *k1 = o->k1; \
! 154: if (k2) *k2 = o->k2; } \
! 155: __attribute__((unused)) \
! 156: static inline int type##_set0(type *o, BIGNUM *k1, BIGNUM *k2) { \
! 157: if (k1) { BN_clear_free(o->k1); o->k1 = k1; } \
! 158: if (k2) { BN_clear_free(o->k2); o->k2 = k2; } \
! 159: return 1; }
! 160: #define OPENSSL_KEY_FALLBACK4(type, name, k1, k2) \
! 161: __attribute__((unused)) \
! 162: static inline void type##_get0_##name(const type *o, const BIGNUM **k1, const BIGNUM **k2) { \
! 163: if (k1) *k1 = o->k1; \
! 164: if (k2) *k2 = o->k2; } \
! 165: __attribute__((unused)) \
! 166: static inline int type##_set0_##name(type *o, BIGNUM *k1, BIGNUM *k2) { \
! 167: if (k1) { BN_clear_free(o->k1); o->k1 = k1; } \
! 168: if (k2) { BN_clear_free(o->k2); o->k2 = k2; } \
! 169: return 1; }
! 170: #define OPENSSL_KEY_FALLBACK5(type, name, k1, k2, k3) \
! 171: __attribute__((unused)) \
! 172: static inline void type##_get0_##name(const type *o, const BIGNUM **k1, const BIGNUM **k2, const BIGNUM **k3) { \
! 173: if (k1) *k1 = o->k1; \
! 174: if (k2) *k2 = o->k2; \
! 175: if (k3) *k3 = o->k3; } \
! 176: __attribute__((unused)) \
! 177: static inline int type##_set0_##name(type *o, BIGNUM *k1, BIGNUM *k2, BIGNUM *k3) { \
! 178: if (k1) { BN_clear_free(o->k1); o->k1 = k1; } \
! 179: if (k2) { BN_clear_free(o->k2); o->k2 = k2; } \
! 180: if (k3) { BN_clear_free(o->k3); o->k3 = k3; } \
! 181: return 1; }
! 182:
! 183: #endif /** OPENSSL_UTIL_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>