diff options
Diffstat (limited to 'include/xmlsec/openssl/crypto.h')
| -rw-r--r-- | include/xmlsec/openssl/crypto.h | 171 |
1 files changed, 136 insertions, 35 deletions
diff --git a/include/xmlsec/openssl/crypto.h b/include/xmlsec/openssl/crypto.h index c734c144..1eada05f 100644 --- a/include/xmlsec/openssl/crypto.h +++ b/include/xmlsec/openssl/crypto.h @@ -1,5 +1,5 @@ -/** - * XMLSec library +/* + * XML Security Library (http://www.aleksey.com/xmlsec). * * This is free software; see Copyright file in the source * distribution for preciese wording. @@ -9,16 +9,34 @@ #ifndef __XMLSEC_OPENSSL_CRYPTO_H__ #define __XMLSEC_OPENSSL_CRYPTO_H__ -#ifdef __cplusplus -extern "C" { -#endif /* __cplusplus */ - #include <xmlsec/xmlsec.h> #include <xmlsec/keys.h> #include <xmlsec/transforms.h> #include <xmlsec/dl.h> #include <openssl/err.h> +#ifndef OPENSSL_IS_BORINGSSL +#include <openssl/opensslconf.h> +#endif /* OPENSSL_IS_BORINGSSL */ + +#ifndef XMLSEC_NO_DSA +#include <openssl/dsa.h> +#include <openssl/evp.h> +#endif /* XMLSEC_NO_DSA */ + +#ifndef XMLSEC_NO_ECDSA +#include <openssl/ecdsa.h> +#include <openssl/evp.h> +#endif /* XMLSEC_NO_ECDSA */ + +#ifndef XMLSEC_NO_RSA +#include <openssl/rsa.h> +#include <openssl/evp.h> +#endif /* XMLSEC_NO_RSA */ + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ XMLSEC_CRYPTO_EXPORT xmlSecCryptoDLFunctionsPtr xmlSecCryptoGetFunctions_openssl(void); @@ -39,6 +57,86 @@ XMLSEC_CRYPTO_EXPORT const xmlChar* xmlSecOpenSSLGetDefaultTrustedCertsFolde /******************************************************************** * + * What version of the openssl API do we have? (also see configure.ac) + * + *******************************************************************/ +#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L +/* LibreSSL decided to take over OpenSSL version 2.0.0, likely will create + * issues down the road... */ +#define XMLSEC_OPENSSL_API_100 1 +#elif defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x20700000L +/* LibreSSL 2.7 implements (most of) OpenSSL 1.1 API */ +#define XMLSEC_OPENSSL_API_110 1 +#elif OPENSSL_VERSION_NUMBER >= 0x10100000L +#define XMLSEC_OPENSSL_API_110 1 +#elif OPENSSL_VERSION_NUMBER >= 0x10000000L +#define XMLSEC_OPENSSL_API_100 1 +#else /* OPENSSL_VERSION_NUMBER */ +#error "This version of OpenSSL library is not supported" +#endif /* OPENSSL_VERSION_NUMBER */ + +/******************************************************************** + * + * What is supported by the openssl? + * + *******************************************************************/ +#ifdef OPENSSL_NO_AES +#define XMLSEC_NO_AES 1 +#endif /* OPENSSL_NO_AES */ + +#ifdef OPENSSL_NO_DES +#define XMLSEC_NO_DES 1 +#endif /* OPENSSL_NO_DES */ + +#ifdef OPENSSL_NO_DSA +#define XMLSEC_NO_DSA 1 +#endif /* OPENSSL_NO_DSA */ + +#ifdef OPENSSL_NO_ECDSA +#define XMLSEC_NO_ECDSA 1 +#endif /* OPENSSL_NO_ECDSA */ + +#ifdef OPENSSL_NO_GOST +#define XMLSEC_NO_GOST 1 +#define XMLSEC_NO_GOST2012 1 +#endif /* OPENSSL_NO_GOST */ + +#ifdef OPENSSL_NO_HMAC +#define XMLSEC_NO_HMAC 1 +#endif /* OPENSSL_NO_HMAC */ + +#ifdef OPENSSL_NO_MD5 +#define XMLSEC_NO_MD5 1 +#endif /* OPENSSL_NO_MD5 */ + +#ifdef OPENSSL_NO_RIPEMD160 +#define XMLSEC_NO_RIPEMD160 1 +#endif /* OPENSSL_NO_RIPEMD160 */ + +#ifdef OPENSSL_NO_RSA +#define XMLSEC_NO_RSA 1 +#endif /* OPENSSL_NO_RSA */ + +#ifdef OPENSSL_NO_SHA1 +#define XMLSEC_NO_SHA1 1 +#endif /* OPENSSL_NO_SHA1 */ + +#ifdef OPENSSL_NO_SHA256 +#define XMLSEC_NO_SHA256 1 +#define XMLSEC_NO_SHA224 1 +#endif /* OPENSSL_NO_SHA256 */ + +#ifdef OPENSSL_NO_SHA512 +#define XMLSEC_NO_SHA384 1 +#define XMLSEC_NO_SHA512 1 +#endif /* OPENSSL_NO_SHA512 */ + +#if defined(OPENSSL_NO_X509) || defined(OPENSSL_NO_X509_VERIFY) +#define XMLSEC_NO_X509 1 +#endif /* defined(OPENSSL_NO_X509) || defined(OPENSSL_NO_X509_VERIFY) */ + +/******************************************************************** + * * AES transforms * *******************************************************************/ @@ -82,6 +180,34 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformAes192CbcGetKlass( XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformAes256CbcGetKlass(void); /** +* xmlSecOpenSSLTransformAes128GcmId: +* +* The AES128 GCM cipher transform klass. +*/ +#define xmlSecOpenSSLTransformAes128GcmId \ + xmlSecOpenSSLTransformAes128GcmGetKlass() +XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformAes128GcmGetKlass(void); + +/** +* xmlSecOpenSSLTransformAes192GcmId: +* +* The AES192 GCM cipher transform klass. +*/ +#define xmlSecOpenSSLTransformAes192GcmId \ + xmlSecOpenSSLTransformAes192GcmGetKlass() +XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformAes192GcmGetKlass(void); + +/** +* xmlSecOpenSSLTransformAes256GcmId: +* +* The AES256 GCM cipher transform klass. +*/ +#define xmlSecOpenSSLTransformAes256GcmId \ + xmlSecOpenSSLTransformAes256GcmGetKlass() +XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformAes256GcmGetKlass(void); + + +/** * xmlSecOpenSSLTransformKWAes128Id: * * The AES 128 key wrap transform klass. @@ -153,8 +279,6 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformKWDes3GetKlass(void * *******************************************************************/ #ifndef XMLSEC_NO_DSA -#include <openssl/dsa.h> -#include <openssl/evp.h> /** * xmlSecOpenSSLKeyDataDsaId: @@ -201,8 +325,6 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformDsaSha256GetKlass(v * *******************************************************************/ #ifndef XMLSEC_NO_ECDSA -#include <openssl/ecdsa.h> -#include <openssl/evp.h> /** * xmlSecOpenSSLKeyDataEcdsaId: @@ -309,7 +431,7 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGost2001GostR3411_9 * The GOSTR3411_94 signature transform klass. */ #define xmlSecOpenSSLTransformGostR3411_94Id \ - xmlSecOpenSSLTransformGostR3411_94GetKlass() + xmlSecOpenSSLTransformGostR3411_94GetKlass() XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3411_94GetKlass(void); #endif /* XMLSEC_NO_GOST */ @@ -367,7 +489,7 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3410_2012GostR * The GOST R 34.11-2012 256 bit hash transform klass. */ #define xmlSecOpenSSLTransformGostR3411_2012_256Id \ - xmlSecOpenSSLTransformGostR3411_2012_256GetKlass() + xmlSecOpenSSLTransformGostR3411_2012_256GetKlass() XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3411_2012_256GetKlass(void); @@ -377,7 +499,7 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3411_2012_256G * The GOST R 34.11-2012 512 bit hash transform klass. */ #define xmlSecOpenSSLTransformGostR3411_2012_512Id \ - xmlSecOpenSSLTransformGostR3411_2012_512GetKlass() + xmlSecOpenSSLTransformGostR3411_2012_512GetKlass() XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3411_2012_512GetKlass(void); #endif /* XMLSEC_NO_GOST2012 */ @@ -522,8 +644,6 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformRipemd160GetKlass(v * *******************************************************************/ #ifndef XMLSEC_NO_RSA -#include <openssl/rsa.h> -#include <openssl/evp.h> /** * xmlSecOpenSSLKeyDataRsaId: @@ -721,26 +841,6 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformSha512GetKlass(void #endif /* XMLSEC_NO_SHA512 */ - -/************************************************************** - * - * Error constants for OpenSSL - * - *************************************************************/ -/** - * XMLSEC_OPENSSL_ERRORS_LIB: - * - * Macro. The XMLSec library klass for OpenSSL errors reporting functions. - */ -#define XMLSEC_OPENSSL_ERRORS_LIB (ERR_LIB_USER + 57) - -/** - * XMLSEC_OPENSSL_ERRORS_FUNCTION: - * - * Macro. The XMLSec library functions OpenSSL errors reporting functions. - */ -#define XMLSEC_OPENSSL_ERRORS_FUNCTION 0 - XMLSEC_CRYPTO_EXPORT void xmlSecOpenSSLErrorsDefaultCallback (const char* file, int line, const char* func, @@ -749,6 +849,7 @@ XMLSEC_CRYPTO_EXPORT void xmlSecOpenSSLErrorsDefaultCallback (const c int reason, const char* msg); + #ifdef __cplusplus } #endif /* __cplusplus */ |