From: tb Date: Fri, 14 Jan 2022 08:04:14 +0000 (+0000) Subject: Make structs in evp.h and hmac.h opaque X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=9a297db8163c9f9eed21efcb98112e93196d2928;p=openbsd Make structs in evp.h and hmac.h opaque This moves most structs to evp_locl.h and moves HMAC_CTX to hmac_local.h. ok inoguchi jsing --- diff --git a/lib/libcrypto/evp/evp.h b/lib/libcrypto/evp/evp.h index 012b06befc8..acf0650f9ad 100644 --- a/lib/libcrypto/evp/evp.h +++ b/lib/libcrypto/evp/evp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: evp.h,v 1.97 2022/01/14 07:49:49 tb Exp $ */ +/* $OpenBSD: evp.h,v 1.98 2022/01/14 08:04:14 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -119,72 +119,12 @@ extern "C" { #endif -/* Move to evp_locl.h */ -/* Type needs to be a bit field - * Sub-type needs to be for variations on the method, as in, can it do - * arbitrary encryption.... */ -struct evp_pkey_st { - int type; - int save_type; - int references; - const EVP_PKEY_ASN1_METHOD *ameth; - ENGINE *engine; - union { - char *ptr; -#ifndef OPENSSL_NO_RSA - struct rsa_st *rsa; /* RSA */ -#endif -#ifndef OPENSSL_NO_DSA - struct dsa_st *dsa; /* DSA */ -#endif -#ifndef OPENSSL_NO_DH - struct dh_st *dh; /* DH */ -#endif -#ifndef OPENSSL_NO_EC - struct ec_key_st *ec; /* ECC */ -#endif -#ifndef OPENSSL_NO_GOST - struct gost_key_st *gost; /* GOST */ -#endif - } pkey; - int save_parameters; - STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ -} /* EVP_PKEY */; - #define EVP_PKEY_MO_SIGN 0x0001 #define EVP_PKEY_MO_VERIFY 0x0002 #define EVP_PKEY_MO_ENCRYPT 0x0004 #define EVP_PKEY_MO_DECRYPT 0x0008 -typedef int evp_sign_method(int type, const unsigned char *m, - unsigned int m_length, unsigned char *sigret, unsigned int *siglen, - void *key); -typedef int evp_verify_method(int type, const unsigned char *m, - unsigned int m_length, const unsigned char *sigbuf, unsigned int siglen, - void *key); - #ifndef EVP_MD -/* Move to evp_locl.h */ -struct env_md_st { - int type; - int pkey_type; - int md_size; - unsigned long flags; - int (*init)(EVP_MD_CTX *ctx); - int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count); - int (*final)(EVP_MD_CTX *ctx, unsigned char *md); - int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from); - int (*cleanup)(EVP_MD_CTX *ctx); - - evp_sign_method *sign; - evp_verify_method *verify; - int required_pkey_type[5]; /*EVP_PKEY_xxx */ - int block_size; - int ctx_size; /* how big does the ctx->md_data need to be */ - /* control function */ - int (*md_ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2); -} /* EVP_MD */; - #define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single * block */ @@ -260,18 +200,6 @@ struct env_md_st { #endif /* !EVP_MD */ -/* Move to evp_locl.h. */ -struct env_md_ctx_st { - const EVP_MD *digest; - ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */ - unsigned long flags; - void *md_data; - /* Public key context for sign/verify */ - EVP_PKEY_CTX *pctx; - /* Update function: usually copied from EVP_MD */ - int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count); -} /* EVP_MD_CTX */; - /* values for EVP_MD_CTX flags */ #define EVP_MD_CTX_FLAG_ONESHOT 0x0001 /* digest update will be called @@ -298,25 +226,6 @@ struct env_md_ctx_st { #define EVP_MD_CTX_FLAG_NO_INIT 0x0100 /* Don't initialize md_data */ -/* Move to evp_locl.h */ -struct evp_cipher_st { - int nid; - int block_size; - int key_len; /* Default value for variable length ciphers */ - int iv_len; - unsigned long flags; /* Various flags */ - int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); /* init key */ - int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl);/* encrypt/decrypt data */ - int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */ - int ctx_size; /* how big ctx->cipher_data needs to be */ - int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */ - int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */ - int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */ - void *app_data; /* Application data */ -} /* EVP_CIPHER */; - /* Values for cipher flags */ /* Modes for ciphers */ @@ -417,41 +326,6 @@ typedef struct evp_cipher_info_st { unsigned char iv[EVP_MAX_IV_LENGTH]; } EVP_CIPHER_INFO; -/* Move to evp_locl.h */ -struct evp_cipher_ctx_st { - const EVP_CIPHER *cipher; - ENGINE *engine; /* functional reference if 'cipher' is ENGINE-provided */ - int encrypt; /* encrypt or decrypt */ - int buf_len; /* number we have left */ - - unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */ - unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */ - unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */ - int num; /* used by cfb/ofb/ctr mode */ - - void *app_data; /* application stuff */ - int key_len; /* May change for variable length cipher */ - unsigned long flags; /* Various flags */ - void *cipher_data; /* per EVP data */ - int final_used; - int block_mask; - unsigned char final[EVP_MAX_BLOCK_LENGTH];/* possible final block */ -} /* EVP_CIPHER_CTX */; - -/* Move to evp_locl.h */ -struct evp_Encode_Ctx_st { - - int num; /* number saved in a partial encode/decode */ - int length; /* The length is either the output line length - * (in input bytes) or the shortest input line - * length that is ok. Once decoding begins, - * the length is adjusted up each time a longer - * line is decoded */ - unsigned char enc_data[80]; /* data to encode */ - int line_num; /* number read on current line */ - int expect_nl; -} /* EVP_ENCODE_CTX */; - /* Password based encryption function */ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de); @@ -1317,7 +1191,6 @@ void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth, * message has a unique, per-message nonce and, optionally, additional data * which is authenticated but not included in the output. */ -struct evp_aead_st; typedef struct evp_aead_st EVP_AEAD; #ifndef OPENSSL_NO_AES @@ -1351,11 +1224,7 @@ size_t EVP_AEAD_max_tag_len(const EVP_AEAD *aead); /* An EVP_AEAD_CTX represents an AEAD algorithm configured with a specific key * and message-independent IV. */ -typedef struct evp_aead_ctx_st { - const EVP_AEAD *aead; - /* aead_state is an opaque pointer to the AEAD specific state. */ - void *aead_state; -} EVP_AEAD_CTX; +typedef struct evp_aead_ctx_st EVP_AEAD_CTX; /* EVP_AEAD_MAX_TAG_LENGTH is the maximum tag length used by any AEAD * defined in this header. */ diff --git a/lib/libcrypto/evp/evp_locl.h b/lib/libcrypto/evp/evp_locl.h index 44e2d5cadb2..f0b47a497c8 100644 --- a/lib/libcrypto/evp/evp_locl.h +++ b/lib/libcrypto/evp/evp_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_locl.h,v 1.20 2022/01/10 12:10:26 tb Exp $ */ +/* $OpenBSD: evp_locl.h,v 1.21 2022/01/14 08:04:14 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -67,6 +67,126 @@ __BEGIN_HIDDEN_DECLS */ #define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400 +typedef int evp_sign_method(int type, const unsigned char *m, + unsigned int m_length, unsigned char *sigret, unsigned int *siglen, + void *key); +typedef int evp_verify_method(int type, const unsigned char *m, + unsigned int m_length, const unsigned char *sigbuf, unsigned int siglen, + void *key); + +/* Type needs to be a bit field + * Sub-type needs to be for variations on the method, as in, can it do + * arbitrary encryption.... */ +struct evp_pkey_st { + int type; + int save_type; + int references; + const EVP_PKEY_ASN1_METHOD *ameth; + ENGINE *engine; + union { + char *ptr; +#ifndef OPENSSL_NO_RSA + struct rsa_st *rsa; /* RSA */ +#endif +#ifndef OPENSSL_NO_DSA + struct dsa_st *dsa; /* DSA */ +#endif +#ifndef OPENSSL_NO_DH + struct dh_st *dh; /* DH */ +#endif +#ifndef OPENSSL_NO_EC + struct ec_key_st *ec; /* ECC */ +#endif +#ifndef OPENSSL_NO_GOST + struct gost_key_st *gost; /* GOST */ +#endif + } pkey; + int save_parameters; + STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ +} /* EVP_PKEY */; + +struct env_md_st { + int type; + int pkey_type; + int md_size; + unsigned long flags; + int (*init)(EVP_MD_CTX *ctx); + int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count); + int (*final)(EVP_MD_CTX *ctx, unsigned char *md); + int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from); + int (*cleanup)(EVP_MD_CTX *ctx); + + evp_sign_method *sign; + evp_verify_method *verify; + int required_pkey_type[5]; /*EVP_PKEY_xxx */ + int block_size; + int ctx_size; /* how big does the ctx->md_data need to be */ + /* control function */ + int (*md_ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2); +} /* EVP_MD */; + +struct env_md_ctx_st { + const EVP_MD *digest; + ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */ + unsigned long flags; + void *md_data; + /* Public key context for sign/verify */ + EVP_PKEY_CTX *pctx; + /* Update function: usually copied from EVP_MD */ + int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count); +} /* EVP_MD_CTX */; + +struct evp_cipher_st { + int nid; + int block_size; + int key_len; /* Default value for variable length ciphers */ + int iv_len; + unsigned long flags; /* Various flags */ + int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key, + const unsigned char *iv, int enc); /* init key */ + int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl);/* encrypt/decrypt data */ + int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */ + int ctx_size; /* how big ctx->cipher_data needs to be */ + int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */ + int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */ + int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */ + void *app_data; /* Application data */ +} /* EVP_CIPHER */; + +struct evp_cipher_ctx_st { + const EVP_CIPHER *cipher; + ENGINE *engine; /* functional reference if 'cipher' is ENGINE-provided */ + int encrypt; /* encrypt or decrypt */ + int buf_len; /* number we have left */ + + unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */ + unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */ + unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */ + int num; /* used by cfb/ofb/ctr mode */ + + void *app_data; /* application stuff */ + int key_len; /* May change for variable length cipher */ + unsigned long flags; /* Various flags */ + void *cipher_data; /* per EVP data */ + int final_used; + int block_mask; + unsigned char final[EVP_MAX_BLOCK_LENGTH];/* possible final block */ +} /* EVP_CIPHER_CTX */; + +struct evp_Encode_Ctx_st { + + int num; /* number saved in a partial encode/decode */ + int length; /* The length is either the output line length + * (in input bytes) or the shortest input line + * length that is ok. Once decoding begins, + * the length is adjusted up each time a longer + * line is decoded */ + unsigned char enc_data[80]; /* data to encode */ + int line_num; /* number read on current line */ + int expect_nl; +} /* EVP_ENCODE_CTX */; + /* Macros to code block cipher wrappers */ /* Wrapper functions for each cipher mode */ @@ -380,6 +500,14 @@ struct evp_aead_st { const unsigned char *ad, size_t ad_len); }; +/* An EVP_AEAD_CTX represents an AEAD algorithm configured with a specific key + * and message-independent IV. */ +struct evp_aead_ctx_st { + const EVP_AEAD *aead; + /* aead_state is an opaque pointer to the AEAD specific state. */ + void *aead_state; +}; + int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md_name); __END_HIDDEN_DECLS diff --git a/lib/libcrypto/hmac/hmac.h b/lib/libcrypto/hmac/hmac.h index 2f91f55f9b2..0fe894e7b1a 100644 --- a/lib/libcrypto/hmac/hmac.h +++ b/lib/libcrypto/hmac/hmac.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hmac.h,v 1.14 2021/12/12 21:35:47 tb Exp $ */ +/* $OpenBSD: hmac.h,v 1.15 2022/01/14 08:04:14 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -72,16 +72,6 @@ extern "C" { #endif -/* Move to hmac_local.h */ -struct hmac_ctx_st { - const EVP_MD *md; - EVP_MD_CTX md_ctx; - EVP_MD_CTX i_ctx; - EVP_MD_CTX o_ctx; - unsigned int key_length; - unsigned char key[HMAC_MAX_MD_CBLOCK]; -} /* HMAC_CTX */; - #define HMAC_size(e) (EVP_MD_size(HMAC_CTX_get_md((e)))) HMAC_CTX *HMAC_CTX_new(void); diff --git a/lib/libcrypto/hmac/hmac_local.h b/lib/libcrypto/hmac/hmac_local.h index 46f1a013cb1..8358d9fa8b9 100644 --- a/lib/libcrypto/hmac/hmac_local.h +++ b/lib/libcrypto/hmac/hmac_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hmac_local.h,v 1.1 2021/12/12 21:27:38 tb Exp $ */ +/* $OpenBSD: hmac_local.h,v 1.2 2022/01/14 08:04:14 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -66,6 +66,15 @@ __BEGIN_HIDDEN_DECLS +struct hmac_ctx_st { + const EVP_MD *md; + EVP_MD_CTX md_ctx; + EVP_MD_CTX i_ctx; + EVP_MD_CTX o_ctx; + unsigned int key_length; + unsigned char key[HMAC_MAX_MD_CBLOCK]; +} /* HMAC_CTX */; + __END_HIDDEN_DECLS #endif /* !HEADER_HMAC_LOCAL_H */