Drop prebuilt Trusty SDK (ab/10186238)
Trusty Manifest: (1 changes)
80f547d4 trusty: Unpin boringssl
trusty/vendor/google/aosp: (1 changes)
0ce4f04a scripts: Roll to clang-r475365b
trusty/user/base: (14 changes)
6c860270 trusty:apploader_test: Add test for min_version.
f6f9cc6d trusty:apploader: Support min_version.
16d8ed27 trusty: manifest_compiler: Add 'min_version' field
01994957 trusty: secure_fb: Fix potential memory leak on error path.
99e9621b scudo: test: add secondary allocator tests
d2ee44ce make: trusted_app.mk: Support multiple scudo configs
5802b8dd lib: Add dma utility for input/output buffers
fb3d69d1 bssl-sys-raw-rust: Remove vasprintf from bindings
0e5f1705 lib: Sync Rust BoringSSL modules with latest upstream
1d2e5c47 app/device_tree: Use FIND_EXTERNAL macro to find Linux headers
6bd1a7cf lib/scudo: Use FIND_EXTERNAL macro to find scudo
54d312fa Use the FIND_EXTERNAL macro to locate Rust crates
178b6df7 lib/libc-trusty: Fix libc tests for lk libc
08215ef2 lib/hwaes: HWAES has two clients
external/boringssl: (73 changes)
e943a228 -> 7f22e384
external/linux: (3 changes)
ec3670c8 -> 33d66d02
external/open-dice: (3 changes)
4d4173f7 -> 833633c6
frameworks/hardware/interfaces: (4 changes)
44d7647b -> 0994c8c1
frameworks/native: (114 changes)
265e9e28 -> fcf73c08
hardware/libhardware: (13 changes)
c0a81b9d -> c2992c71
external/scudo: (22 changes)
3595cee6 -> 88613ee2
prebuilts/clang/host/linux-x86: (55 changes)
d20e4092 -> 06d59f87
The change is generated with prebuilt drop tool.
Bug: 278117892
Bug: 280493576
Bug: 273563660
Bug: 266828817
Bug: 278976019
Bug: 280514080
Bug: 279106598
Bug: 280348200
Bug: 280947753
Bug: 277886514
Bug: 264303686
Bug: 151953481
Bug: 266741352
Bug: 280001152
Bug: 232439428
Bug: 279270023
Bug: 274786956
Bug: 278337172
Bug: 267575445
Bug: 269503132
Bug: 282961568
Bug: 279301793
Bug: 278316704
Bug: 281596081
Bug: 282816698
Bug: 232423610
Bug: 280483521
Bug: 276708037
Bug: 275482320
Bug: 177080016
Bug: 278620375
Bug: 278038751
Bug: 283282151
Bug: 278414056
Bug: 280012530
Bug: 273862399
Bug: 272164611
Bug: 270690570
Bug: 269521171
Bug: 270109983
Bug: 279198502
Bug: 151177513
Bug: 281077552
Bug: 280478515
Bug: 276729665
Bug: 256827715
Bug: 281601348
Bug: 244341573
Bug: 283010889
Bug: 268128589
Bug: 276536663
Bug: 276801883
Bug: 278975837
Bug: 279514466
Bug: 187088227
Bug: 276813155
Bug: 228349805
Bug: 243933553
Bug: 276963698
Bug: 212509560
Bug: 271994750
Bug: 280164233
Bug: 282239388
Bug: 268592034
Bug: 282448807
Bug: 279646634
Bug: 68860345
Bug: 261733820
Bug: 281699774
Bug: 283750850
Bug: 275407810
Bug: 279024580
Bug: 230135749
Bug: 249723852
Bug: 279898063
Bug: 278648274
Bug: 277289939
Bug: 278655444
Bug: 279834069
Bug: 280428514
Bug: 195310053
Bug: 267447272
Bug: 267002863
Bug: 10164208
Bug: 269014004
Bug: 266637308
Bug: 278946301
Change-Id: I4dce4d40f3f806f10c9a1912d5e72c47645a5c22
diff --git a/.prebuilt_info/trusty-sdk/prebuilt_info_sdk.asciipb b/.prebuilt_info/trusty-sdk/prebuilt_info_sdk.asciipb
index f15d1d1..0766019 100644
--- a/.prebuilt_info/trusty-sdk/prebuilt_info_sdk.asciipb
+++ b/.prebuilt_info/trusty-sdk/prebuilt_info_sdk.asciipb
@@ -1,8 +1,8 @@
drops {
android_build_drop {
- build_id: "9952814"
+ build_id: "10186238"
target: "generic_arm"
- source_file: "trusty_sdk-9952814.zip"
+ source_file: "trusty_sdk-10186238.zip"
}
dest_file: "sdk"
version: "0.1.0"
diff --git a/LICENSE b/LICENSE
index 5807513..1c21514 100644
--- a/LICENSE
+++ b/LICENSE
@@ -229,6 +229,7 @@
27287199
27287880
27287883
+ 263291445
OpenSSL License
---------------
@@ -485,6 +486,7 @@
27287199
27287880
27287883
+ 263291445
OpenSSL License
---------------
diff --git a/Version.txt b/Version.txt
index c7dc832..693d32a 100644
--- a/Version.txt
+++ b/Version.txt
@@ -1 +1 @@
-9952814
\ No newline at end of file
+10186238
\ No newline at end of file
diff --git a/clang/AndroidVersion.txt b/clang/AndroidVersion.txt
index 8dccd2b..b71ba43 100644
--- a/clang/AndroidVersion.txt
+++ b/clang/AndroidVersion.txt
@@ -1,3 +1,3 @@
-14.0.7
-based on r450784e
+16.0.2
+based on r475365b
for additional information on LLVM revision and cherry-picks, see clang_source_info.md
\ No newline at end of file
diff --git a/clang/PrebuiltCommitId.txt b/clang/PrebuiltCommitId.txt
index 6c7bd98..3563c5b 100644
--- a/clang/PrebuiltCommitId.txt
+++ b/clang/PrebuiltCommitId.txt
@@ -1 +1 @@
-4f7e5adc160ab726ac5bafb260de98e612904c50
\ No newline at end of file
+d20e409261d6ad80a0c29ac2055bf5c3bb996ef4
\ No newline at end of file
diff --git a/clang/clang_source_info.md b/clang/clang_source_info.md
index f51f237..365ebde 100644
--- a/clang/clang_source_info.md
+++ b/clang/clang_source_info.md
@@ -1,39 +1,30 @@
-Base revision: [282c83c32384cb2f37030c28650fef4150a8b67c](https://github.com/llvm/llvm-project/commits/282c83c32384cb2f37030c28650fef4150a8b67c)
+Base revision: [df7606a066b75ce55ae4a186c785f996e0985db1](https://github.com/llvm/llvm-project/commits/df7606a066b75ce55ae4a186c785f996e0985db1)
-- [Revert "Add BITINT_MAXWIDTH support"](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/fad7e491a0770ac4336934030ac67d77e7af5520.patch)
-- [[AArch64] Bail out for float operands in SetCC optimization.](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/23091f7d504afde4bba3fc885718a1633746e063.patch)
-- [[hwasan] work around lifetime issue with setjmp.](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/aefb2e134dd715c2c48a7b826d2d56db51ce63ac.patch)
-- [Revert "[DAG] Extend SearchForAndLoads with any_extend](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/c89cfbd4ddfa4e01fea1eb87aba9cdcd0e31d3a8.patch)
-- [Revert "[ASan] Not linking asan_static library for DSO."](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/d7dd7ad827a0a78314f3c9b55f4778a6059840f3.patch)
-- [Revert "DebugInfo: Don't put types in type units if they](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/f69f23396d32c95dacf3765bc63af02b23ccff3e.patch)
-- [Test fixes for prior patch](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/b6e048c6e516df5abc4be323349b5f7d15c08ede.patch)
-- [Revert "[Clang] Propagate guaranteed alignment for malloc and others"](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/9545976ff160e19805a84a06a7e59d446f9994d9_v1.patch)
-- [7b03725097872fbd3369a7213c1d98b372aa2d78.patch](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/7b03725097872fbd3369a7213c1d98b372aa2d78.patch)
-- [[msan] Guard FP_XSTATE_MAGIC1 usage with SANITIZER_GLIBC](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/9d1857f69f4ef00d9fd1b21660c20e00b993d06f.patch)
-- [f457863ae345d2635026501f5383e0e625869639.patch](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/f457863ae345d2635026501f5383e0e625869639.patch)
-- [[ARM] Patterns for vector conversion between half and float](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/a76620143c54e0b40c7538f4ffa38f4c9db8a009.patch)
-- [[CodeView] Avoid integer overflow while parsing long version](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/64037afe014e241e1c642952a703b6031d17d5a5.patch)
-- [[CodeView] Match any backend version in the new test](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/82241148917b5beac5a6c6f47ab73b77eecc4a54.patch)
-- [[tsan] Make __fxstat code path glibc only](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/da2a16f702efe3307d407d5c6db6c8c18ef6bd9b.patch)
-- [[sanitizer] Check if directory exists before trying to create](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/634da7a1c61ee8c173e90a841eb1f4ea03caa20b.patch)
-- [[ELF] Check COMMON symbols for PROVIDE and don't redefine](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/fc0aa8424ca98da29a9c7aa15b4427d47504ba87.patch)
-- [[ELF][X86] Don't create IBT .plt if there is no PLT entry](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/9d7001eba9c4cb311e03cd8cdc231f9e579f2d0f.patch)
-- [[AArch64] Cleanup and extend cast costs. NFC](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/2e7c35ea12c88d0876e453a936ecce0456353621.patch)
-- [[AArch64] Add some tests for the cost of extending an](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/02de9752593d3289804a307dbf628960f417f51e.patch)
-- [[AArch64] Add some fp16 conversion cost tests. NFC](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/97e0366d6711babc3121d2a043c08a7a0c258479.patch)
-- [[AArch64] Update costs for some fp16 converts](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/47f4cd9c3dbfb383dd7706f20ba9eda2dd17c5b8.patch)
-- [0e96d95d13d9f7b2a96bcaa569ce0a0181a6c7f3.patch](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/0e96d95d13d9f7b2a96bcaa569ce0a0181a6c7f3.patch)
-- [Pass through more LIBCXX_* variables to libfuzzer's custom](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/bcc65fb491ca6e83e1ea300f4462a2f56d0b5937.patch)
-- [[CompilerRT] Fix build of compiler-rt with musl](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/e75f1d3c07edaa223ac1a945af534eaec0c7aa66.patch)
-- [[AArch64] Move fp16 cast tests.](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/697f55e36823dbd91ca94a666d99f3c4ba11cacb.patch)
-- [[AArch64] Improve costs for some conversions to fp16.](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/aa590e5823c352358fbeefa8bbd47a4b9c7de93f.patch)
-- [Driver: Make macOS the default target OS for -arch arm64](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/37e7cf7f1c6920d33a4a5dd3f0a415a61dd24731.patch)
-- [1db59dc8e28819b1960dae8e7fe6d79ad4b03340.patch](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/1db59dc8e28819b1960dae8e7fe6d79ad4b03340.patch)
-- [[AArch64] Ensure fixed point fptoi_sat has correct saturation](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/60f57b36587c99175cb380406e2502a592a0c400.patch)
-- [[asan] Always skip first object from dl_iterate_phdr](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/795b07f5498c7e5783237418f34d7ea69e801f87.patch)
-- [[BOLT] Compact legacy profiles](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/7d7771f34d14e0108adf02a6fd0b33943afae3da.patch)
-- [Support the min of module flags when linking, use for AArch64](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/cherry/b0343a38a5910e980bb031e4014655d77cd0c162.patch)
-- [Rename-disable-noundef-analysis-flag-to-no-enable-noundef-analysis.patch](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/Rename-disable-noundef-analysis-flag-to-no-enable-noundef-analysis.patch)
-- [Add-stubs-and-headers-for-nl_types-APIs.patch](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/Add-stubs-and-headers-for-nl_types-APIs.patch)
-- [Ensure-that-we-use-our-toolchain-s-lipo-and-not-the-.patch](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/Ensure-that-we-use-our-toolchain-s-lipo-and-not-the-.patch)
-- [Undef-FS-macro-for-Android-x86_64.patch](https://android.googlesource.com/toolchain/llvm_android/+/207c6bec0197283db14f4ab1b52c4f062aaa050e/patches/Undef-FS-macro-for-Android-x86_64.patch)
\ No newline at end of file
+- [[Clang][AArch64] Support AArch64 target(..) attribute](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/781b491bba9d798e53f7784dced3c2be77c81dd4.patch)
+- [[clang][auto-init] Deprecate -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/aef03c9b3bed5cef5a1940774b80128aefcb4095.patch)
+- [[IVDescriptors] Before moving an instruction in SinkAfter](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/ded26bf6b9175201a0627f019e642bf74d2b48b1.patch)
+- [[Clang] fix -Wvoid-ptr-dereference for gnu89](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/2dbfd06f2a8ba6cd7cc3f587808f1ea2c61ad2c7.patch)
+- [[AArch64][KCFI] Define Size for KCFI_CHECK](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/43f4c215a1a2c12851853b1ed4cc0864387b5a74.patch)
+- [[llvm] [test] Add missing canonicalization of](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/bc4bcbcfc820b324f680e8f260691c38052eedc9.patch)
+- [[CMake] Provide Findzstd module](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/2d4fd0b6d5d5582ebb8b521d807104235d67aee4.patch)
+- [Revert "[DSE] Eliminate noop store even through has](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/ae5733346f0cc86a82c19fcdc50ce8232fa4777a.patch)
+- [[llvm] [cmake] Support finding both static and shared zstd](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/56f94ede2af9a327e59fe84dbf8cbbb7bb1dfa79.patch)
+- [[MC] Also sort on IsBKeyFrame](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/ab25678ca5aec3e106f87351eae20b57df5ee602.patch)
+- [[MC] Consider IsMTETaggedFrame in CIEKey](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/42cdec1134cb85fef867e50bd66dac49338ab20d.patch)
+- [[MC] only run ELF/AArch64 if supported](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/2966acd1217afb26d7eafa92896d01cbd83ed63a.patch)
+- [Fix clang version check in SARIF diagnostics test](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/4e6b071509d6300db024d47c8c2791da71470b11.patch)
+- [[Verifier] Relieve intrinsics parameter alignment size](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/6ade6d25110f9dbe8c7fb2f8ce6af951a3c23bc2.patch)
+- [Fix LazyInitialization in tsan](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/1d31ea68c0cbc24d690a58c296b50b61595b6127.patch)
+- [[RISCV] Rename lowerFTRUNC_FCEIL_FFLOOR_FROUND to ](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/63ed3d0eeb561aa3ede1b6006c0a1a8830b469da.patch)
+- [[RISCV] Move vector cost table lookup out of the switch in](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/d4dc036e70330ac205a65e4cfbc82cc1dfeda3e8.patch)
+- [[RISCV] Inline scalar ceil/floor/trunc/rint/round/roundeven.](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/e94dc58dff1d693912904ba7ff743f67b3348d32.patch)
+- [[Driver] Add -fsample-profile-use-profi](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/13f83365cdb5bb752066ee8f4149ae24dfe46cf1.patch)
+- [[Support] Use thread safe version of getpwuid and getpwnam.](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/cherry/22339e52da4e88af499e232e452f4d8bb358fa05.patch)
+- [Add-stubs-and-headers-for-nl_types-APIs.patch](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/Add-stubs-and-headers-for-nl_types-APIs.patch)
+- [Ensure-that-we-use-our-toolchain-s-lipo-and-not-the-.patch](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/Ensure-that-we-use-our-toolchain-s-lipo-and-not-the-.patch)
+- [BOLT-Increase-max-allocation-size-to-allow-BOLTing-clang-and-rustc.patch](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/BOLT-Increase-max-allocation-size-to-allow-BOLTing-clang-and-rustc.patch)
+- [Revert-clang-Improve-diagnostics-for-expansion-length-mismatch.patch](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/Revert-clang-Improve-diagnostics-for-expansion-length-mismatch.patch)
+- [Revert-clang-fix-missing-initialization-of-original-number-of-expansions.patch](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/Revert-clang-fix-missing-initialization-of-original-number-of-expansions.patch)
+- [Revert-Enable-IAS-In-Backend.patch](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/Revert-Enable-IAS-In-Backend.patch)
+- [Disable-vfork-fork-events.patch](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/Disable-vfork-fork-events.patch)
+- [Enable-targeting-riscv64-linux-android.patch](https://android.googlesource.com/toolchain/llvm_android/+/23af24e1cab46f855c5739a31718ba095b372e56/patches/Enable-targeting-riscv64-linux-android.patch)
\ No newline at end of file
diff --git a/make/trusted_app.mk b/make/trusted_app.mk
index 3d99231..c23ba06 100644
--- a/make/trusted_app.mk
+++ b/make/trusted_app.mk
@@ -53,10 +53,11 @@
TRUSTY_APP_ALLOCATOR_FOR_$(MODULE) ?= dlmalloc
TRUSTY_APP_ALLOCATOR := $(TRUSTY_APP_ALLOCATOR_FOR_$(MODULE))
endif
-MANIFEST_ALLOCATOR := $(subst .json,-$(TRUSTY_APP_ALLOCATOR).json,$(MANIFEST))
-ifneq (,$(wildcard $(MANIFEST_ALLOCATOR)))
- MANIFEST := $(MANIFEST_ALLOCATOR)
-endif
+
+ifneq (,$(findstring /scudo/,$(TRUSTY_APP_ALLOCATOR)))
+MODULE_LIBRARY_DEPS := $(MODULE_LIBRARY_DEPS) $(TRUSTY_APP_ALLOCATOR)
+TRUSTY_APP_ALLOCATOR := scudo
+else
ifeq ($(TRUSTY_APP_ALLOCATOR),$(filter $(TRUSTY_APP_ALLOCATOR),dlmalloc scudo ))
ifeq (scudo,$(TRUSTY_APP_ALLOCATOR))
MODULE_LIBRARY_DEPS += \
@@ -70,6 +71,12 @@
$(error $(TRUSTY_APP_ALLOCATOR) not a supported allocator)
endif
endif
+endif
+
+MANIFEST_ALLOCATOR := $(subst .json,-$(TRUSTY_APP_ALLOCATOR).json,$(MANIFEST))
+ifneq (,$(wildcard $(MANIFEST_ALLOCATOR)))
+ MANIFEST := $(MANIFEST_ALLOCATOR)
+endif
ifeq ($(strip $(TRUSTY_APP_NAME)),)
TRUSTY_APP_NAME := $(notdir $(MODULE))
diff --git a/sysroots/generic-arm32/tools/apploader_package_tool b/sysroots/generic-arm32/tools/apploader_package_tool
index 3c29e6d..b48eda5 100755
--- a/sysroots/generic-arm32/tools/apploader_package_tool
+++ b/sysroots/generic-arm32/tools/apploader_package_tool
Binary files differ
diff --git a/sysroots/generic-arm32/tools/manifest_compiler.py b/sysroots/generic-arm32/tools/manifest_compiler.py
index 0d4efc3..397f542 100755
--- a/sysroots/generic-arm32/tools/manifest_compiler.py
+++ b/sysroots/generic-arm32/tools/manifest_compiler.py
@@ -70,6 +70,7 @@
"pinned_cpu": 3,
"priority" : 10,
"version": 1,
+ "min_version": 1,
"apploader_flags": {
"requires_encryption": false
}
@@ -132,6 +133,7 @@
PINNED_CPU = "pinned_cpu"
PRIORITY = "priority"
VERSION = "version"
+MIN_VERSION = "min_version"
APPLOADER_FLAGS = "apploader_flags"
APPLOADER_FLAGS_REQUIRES_ENCRYPTION = "requires_encryption"
@@ -159,6 +161,7 @@
TRUSTY_APP_CONFIG_KEY_MIN_SHADOW_STACK_SIZE = 8
TRUSTY_APP_CONFIG_KEY_APPLOADER_FLAGS = 9
TRUSTY_APP_CONFIG_KEY_PRIORITY = 10
+TRUSTY_APP_CONFIG_KEY_MIN_VERSION = 11
# MEM_MAP ARCH_MMU_FLAGS
# These values need to be kept in sync with external/lk/include/arch/mmu.h
@@ -253,6 +256,7 @@
pinned_cpu,
priority,
version,
+ min_version,
apploader_flags,
):
self.uuid = uuid
@@ -266,6 +270,7 @@
self.pinned_cpu = pinned_cpu
self.priority = priority
self.version = version
+ self.min_version = min_version
self.apploader_flags = apploader_flags
@@ -713,6 +718,15 @@
# VERSION
version = get_int(manifest_dict, VERSION, constants, log, optional=True)
+ # MIN_VERSION
+ min_version = get_int(manifest_dict, MIN_VERSION, constants, log, optional=True)
+
+ if min_version is not None:
+ if version is None:
+ log.error("'min_version' cannot be specified without 'version'")
+ elif version < min_version:
+ log.error("'version' cannot be less than 'min_version'")
+
# APPLOADER_FLAGS
apploader_flags = parse_apploader_flags(
get_dict(manifest_dict, APPLOADER_FLAGS, log, optional=True,
@@ -728,7 +742,7 @@
return Manifest(uuid, app_name, min_heap, min_stack, min_shadow_stack,
mem_io_maps, mgmt_flags, start_ports, pinned_cpu,
- priority, version, apploader_flags)
+ priority, version, min_version, apploader_flags)
def swap_uuid_bytes(uuid):
@@ -812,6 +826,7 @@
# TRUSTY_APP_CONFIG_KEY_PINNED_CPU, pinned_cpu
# TRUSTY_APP_CONFIG_KEY_PRIORITY, priority
# TRUSTY_APP_CONFIG_KEY_VERSION, version
+ # TRUSTY_APP_CONFIG_KEY_MIN_VERSION, min_version
# TRUSTY_APP_CONFIG_KEY_MIN_SHADOW_STACK_SIZE, min_shadow_stack,
# TRUSTY_APP_CONFIG_KEY_APPLOADER_FLAGS, apploader_flags,
# }
@@ -865,6 +880,11 @@
TRUSTY_APP_CONFIG_KEY_VERSION,
manifest.version))
+ if manifest.min_version is not None:
+ out.write(struct.pack("II",
+ TRUSTY_APP_CONFIG_KEY_MIN_VERSION,
+ manifest.min_version))
+
if manifest.min_shadow_stack is not None:
out.write(struct.pack("II",
TRUSTY_APP_CONFIG_KEY_MIN_SHADOW_STACK_SIZE,
@@ -1019,6 +1039,11 @@
(version,), packed_data = struct.unpack(
"I", packed_data[:4]), packed_data[4:]
manifest[VERSION] = version
+ elif tag == TRUSTY_APP_CONFIG_KEY_MIN_VERSION:
+ assert MIN_VERSION not in manifest
+ (min_version,), packed_data = struct.unpack(
+ "I", packed_data[:4]), packed_data[4:]
+ manifest[MIN_VERSION] = min_version
elif tag == TRUSTY_APP_CONFIG_KEY_APPLOADER_FLAGS:
assert APPLOADER_FLAGS not in manifest
(flag,), packed_data = struct.unpack(
diff --git a/sysroots/generic-arm32/usr/include/openssl/aead.h b/sysroots/generic-arm32/usr/include/openssl/aead.h
index 5486b4b..2633880 100644
--- a/sysroots/generic-arm32/usr/include/openssl/aead.h
+++ b/sysroots/generic-arm32/usr/include/openssl/aead.h
@@ -180,6 +180,10 @@
// v1.0.
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_ccm_bluetooth_8(void);
+// EVP_aead_aes_128_ccm_matter is AES-128-CCM with M=16 and L=2 (16-byte tags
+// and 13-byte nonces), as used in the Matter specification.
+OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_ccm_matter(void);
+
// EVP_has_aes_hardware returns one if we enable hardware support for fast and
// constant-time AES-GCM.
OPENSSL_EXPORT int EVP_has_aes_hardware(void);
@@ -404,8 +408,6 @@
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls(void);
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls_implicit_iv(void);
-OPENSSL_EXPORT const EVP_AEAD *EVP_aead_null_sha1_tls(void);
-
// EVP_aead_aes_128_gcm_tls12 is AES-128 in Galois Counter Mode using the TLS
// 1.2 nonce construction.
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_gcm_tls12(void);
diff --git a/sysroots/generic-arm32/usr/include/openssl/asn1.h b/sysroots/generic-arm32/usr/include/openssl/asn1.h
index 5ae0064..d128c8d 100644
--- a/sysroots/generic-arm32/usr/include/openssl/asn1.h
+++ b/sysroots/generic-arm32/usr/include/openssl/asn1.h
@@ -55,8 +55,8 @@
* [including the GNU Public Licence.]
*/
-#ifndef HEADER_ASN1_H
-#define HEADER_ASN1_H
+#ifndef OPENSSL_HEADER_ASN1_H
+#define OPENSSL_HEADER_ASN1_H
#include <openssl/base.h>
@@ -213,38 +213,10 @@
//
// Note: If |out| and |*out| are both non-NULL, the object at |*out| is not
// updated in-place. Instead, it is freed, and the pointer is updated to the
-// new object. This differs from OpenSSL, which behaves more like
-// |d2i_SAMPLE_with_reuse|. Callers are recommended to set |out| to NULL and
-// instead use the return value.
+// new object. This differs from OpenSSL. Callers are recommended to set |out|
+// to NULL and instead use the return value.
SAMPLE *d2i_SAMPLE(SAMPLE **out, const uint8_t **inp, long len);
-// d2i_SAMPLE_with_reuse parses a structure from up to |len| bytes at |*inp|. On
-// success, it advances |*inp| by the number of bytes read and returns a
-// non-NULL pointer to an object containing the parsed structure. The object is
-// determined from |out| as follows:
-//
-// If |out| is NULL, the function places the result in a newly-allocated
-// |SAMPLE| object and returns it. This mode is recommended.
-//
-// If |out| is non-NULL, but |*out| is NULL, the function also places the result
-// in a newly-allocated |SAMPLE| object. It sets |*out| to this object and also
-// returns it.
-//
-// If |out| and |*out| are both non-NULL, the function updates the object at
-// |*out| in-place with the result and returns |*out|.
-//
-// If any of the above fail, the function returns NULL.
-//
-// This function does not reject trailing data in the input. This allows the
-// caller to parse a sequence of concatenated structures. Callers parsing only
-// one structure should check for trailing data by comparing the updated |*inp|
-// with the end of the input.
-//
-// WARNING: Callers should not rely on the in-place update mode. It often
-// produces the wrong result or breaks the type's internal invariants. Future
-// revisions of BoringSSL may standardize on the |d2i_SAMPLE| behavior.
-SAMPLE *d2i_SAMPLE_with_reuse(SAMPLE **out, const uint8_t **inp, long len);
-
// i2d_SAMPLE marshals |in|. On error, it returns a negative value. On success,
// it returns the length of the result and outputs it via |outp| as follows:
//
@@ -348,8 +320,8 @@
OPENSSL_EXPORT void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
// ASN1_item_d2i parses the ASN.1 type |it| from up to |len| bytes at |*inp|.
-// It behaves like |d2i_SAMPLE_with_reuse|, except that |out| and the return
-// value are cast to |ASN1_VALUE| pointers.
+// It behaves like |d2i_SAMPLE|, except that |out| and the return value are cast
+// to |ASN1_VALUE| pointers.
//
// TODO(https://crbug.com/boringssl/444): C strict aliasing forbids type-punning
// |T*| and |ASN1_VALUE*| the way this function signature does. When that bug is
@@ -447,10 +419,22 @@
// integer type. FALSE is zero, TRUE is 0xff, and an omitted OPTIONAL BOOLEAN is
// -1.
+// ASN1_BOOLEAN_FALSE is FALSE as an |ASN1_BOOLEAN|.
+#define ASN1_BOOLEAN_FALSE 0
+
+// ASN1_BOOLEAN_TRUE is TRUE as an |ASN1_BOOLEAN|. Some code incorrectly uses
+// 1, so prefer |b != ASN1_BOOLEAN_FALSE| over |b == ASN1_BOOLEAN_TRUE|.
+#define ASN1_BOOLEAN_TRUE 0xff
+
+// ASN1_BOOLEAN_NONE, in contexts where the |ASN1_BOOLEAN| represents an
+// OPTIONAL BOOLEAN, is an omitted value. Using this value in other contexts is
+// undefined and may be misinterpreted as TRUE.
+#define ASN1_BOOLEAN_NONE (-1)
+
// d2i_ASN1_BOOLEAN parses a DER-encoded ASN.1 BOOLEAN from up to |len| bytes at
// |*inp|. On success, it advances |*inp| by the number of bytes read and
// returns the result. If |out| is non-NULL, it additionally writes the result
-// to |*out|. On error, it returns -1.
+// to |*out|. On error, it returns |ASN1_BOOLEAN_NONE|.
//
// This function does not reject trailing data in the input. This allows the
// caller to parse a sequence of concatenated structures. Callers parsing only
@@ -459,9 +443,6 @@
//
// WARNING: This function's is slightly different from other |d2i_*| functions
// because |ASN1_BOOLEAN| is not a pointer type.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
OPENSSL_EXPORT ASN1_BOOLEAN d2i_ASN1_BOOLEAN(ASN1_BOOLEAN *out,
const unsigned char **inp,
long len);
@@ -472,7 +453,8 @@
// The following |ASN1_ITEM|s have ASN.1 type BOOLEAN and C type |ASN1_BOOLEAN|.
// |ASN1_TBOOLEAN| and |ASN1_FBOOLEAN| must be marked OPTIONAL. When omitted,
-// they are parsed as TRUE and FALSE, respectively, rather than -1.
+// they are parsed as TRUE and FALSE, respectively, rather than
+// |ASN1_BOOLEAN_NONE|.
DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
@@ -485,31 +467,39 @@
// |ASN1_STRING|, to represent most values.
// An asn1_string_st (aka |ASN1_STRING|) represents a value of a string-like
-// ASN.1 type. It contains a type field, and a byte string data field with a
+// ASN.1 type. It contains a |type| field, and a byte string |data| field with a
// type-specific representation.
//
-// When representing a string value, the type field is one of
-// |V_ASN1_OCTET_STRING|, |V_ASN1_UTF8STRING|, |V_ASN1_NUMERICSTRING|,
-// |V_ASN1_PRINTABLESTRING|, |V_ASN1_T61STRING|, |V_ASN1_VIDEOTEXSTRING|,
-// |V_ASN1_IA5STRING|, |V_ASN1_GRAPHICSTRING|, |V_ASN1_ISO64STRING|,
-// |V_ASN1_VISIBLESTRING|, |V_ASN1_GENERALSTRING|, |V_ASN1_UNIVERSALSTRING|, or
-// |V_ASN1_BMPSTRING|. The data contains the byte representation of of the
+// If |type| is one of |V_ASN1_OCTET_STRING|, |V_ASN1_UTF8STRING|,
+// |V_ASN1_NUMERICSTRING|, |V_ASN1_PRINTABLESTRING|, |V_ASN1_T61STRING|,
+// |V_ASN1_VIDEOTEXSTRING|, |V_ASN1_IA5STRING|, |V_ASN1_GRAPHICSTRING|,
+// |V_ASN1_ISO64STRING|, |V_ASN1_VISIBLESTRING|, |V_ASN1_GENERALSTRING|,
+// |V_ASN1_UNIVERSALSTRING|, or |V_ASN1_BMPSTRING|, the object represents an
+// ASN.1 string type. The data contains the byte representation of the
// string.
//
-// When representing a BIT STRING value, the type field is |V_ASN1_BIT_STRING|.
-// See bit string documentation below for how the data and flags are used.
+// If |type| is |V_ASN1_BIT_STRING|, the object represents a BIT STRING value.
+// See bit string documentation below for the data and flags.
//
-// When representing an INTEGER or ENUMERATED value, the type field is one of
-// |V_ASN1_INTEGER|, |V_ASN1_NEG_INTEGER|, |V_ASN1_ENUMERATED|, or
-// |V_ASN1_NEG_ENUMERATED|. See integer documentation below for details.
+// If |type| is one of |V_ASN1_INTEGER|, |V_ASN1_NEG_INTEGER|,
+// |V_ASN1_ENUMERATED|, or |V_ASN1_NEG_ENUMERATED|, the object represents an
+// INTEGER or ENUMERATED value. See integer documentation below for details.
//
-// When representing a GeneralizedTime or UTCTime value, the type field is
-// |V_ASN1_GENERALIZEDTIME| or |V_ASN1_UTCTIME|, respectively. The data contains
-// the DER encoding of the value. For example, the UNIX epoch would be
+// If |type| is |V_ASN1_GENERALIZEDTIME| or |V_ASN1_UTCTIME|, the object
+// represents a GeneralizedTime or UTCTime value, respectively. The data
+// contains the DER encoding of the value. For example, the UNIX epoch would be
// "19700101000000Z" for a GeneralizedTime and "700101000000Z" for a UTCTime.
//
-// |ASN1_STRING|, when stored in an |ASN1_TYPE|, may also represent an element
-// with tag not directly supported by this library. See |ASN1_TYPE| for details.
+// If |type| is |V_ASN1_SEQUENCE|, |V_ASN1_SET|, or |V_ASN1_OTHER|, the object
+// represents a SEQUENCE, SET, or arbitrary ASN.1 value, respectively. Unlike
+// the above cases, the data contains the DER encoding of the entire structure,
+// including the header. If the value is explicitly or implicitly tagged, this
+// too will be reflected in the data field. As this case handles unknown types,
+// the contents are not checked when parsing or serializing.
+//
+// Other values of |type| do not represent a valid ASN.1 value, though
+// default-constructed objects may set |type| to -1. Such objects cannot be
+// serialized.
//
// |ASN1_STRING| additionally has the following typedefs: |ASN1_BIT_STRING|,
// |ASN1_BMPSTRING|, |ASN1_ENUMERATED|, |ASN1_GENERALIZEDTIME|,
@@ -526,15 +516,14 @@
// |ASN1_STRING_length|.
//
// If a function returns an |ASN1_STRING| where the typedef or ASN.1 structure
-// implies constraints on the type field, callers may assume that the type field
-// is correct. However, if a function takes an |ASN1_STRING| as input, callers
-// must ensure the type field matches. These invariants are not captured by the
-// C type system and may not be checked at runtime. For example, callers may
-// assume the output of |X509_get0_serialNumber| has type |V_ASN1_INTEGER| or
-// |V_ASN1_NEG_INTEGER|. Callers must not pass a string of type
-// |V_ASN1_OCTET_STRING| to |X509_set_serialNumber|. Doing so may break
-// invariants on the |X509| object and break the |X509_get0_serialNumber|
-// invariant.
+// implies constraints on |type|, callers may assume that |type| is correct.
+// However, if a function takes an |ASN1_STRING| as input, callers must ensure
+// |type| matches. These invariants are not captured by the C type system and
+// may not be checked at runtime. For example, callers may assume the output of
+// |X509_get0_serialNumber| has type |V_ASN1_INTEGER| or |V_ASN1_NEG_INTEGER|.
+// Callers must not pass a string of type |V_ASN1_OCTET_STRING| to
+// |X509_set_serialNumber|. Doing so may break invariants on the |X509| object
+// and break the |X509_get0_serialNumber| invariant.
//
// TODO(https://crbug.com/boringssl/445): This is very unfriendly. Getting the
// type field wrong should not cause memory errors, but it may do strange
@@ -608,7 +597,8 @@
// |data|. It returns one on success and zero on error. If |data| is NULL, it
// updates the length and allocates the buffer as needed, but does not
// initialize the contents.
-OPENSSL_EXPORT int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
+OPENSSL_EXPORT int ASN1_STRING_set(ASN1_STRING *str, const void *data,
+ ossl_ssize_t len);
// ASN1_STRING_set0 sets the contents of |str| to |len| bytes from |data|. It
// takes ownership of |data|, which must have been allocated with
@@ -640,10 +630,7 @@
// The following functions parse up to |len| bytes from |*inp| as a
// DER-encoded ASN.1 value of the corresponding type, as described in
-// |d2i_SAMPLE_with_reuse|.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
+// |d2i_SAMPLE|.
OPENSSL_EXPORT ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **out,
const uint8_t **inp,
long len);
@@ -753,15 +740,17 @@
// the result. If |out| is NULL, it returns the selected output type without
// constructing an |ASN1_STRING|. On error, this function returns -1.
OPENSSL_EXPORT int ASN1_mbstring_copy(ASN1_STRING **out, const uint8_t *in,
- int len, int inform, unsigned long mask);
+ ossl_ssize_t len, int inform,
+ unsigned long mask);
// ASN1_mbstring_ncopy behaves like |ASN1_mbstring_copy| but returns an error if
// the input is less than |minsize| or greater than |maxsize| codepoints long. A
// |maxsize| value of zero is ignored. Note the sizes are measured in
// codepoints, not output bytes.
OPENSSL_EXPORT int ASN1_mbstring_ncopy(ASN1_STRING **out, const uint8_t *in,
- int len, int inform, unsigned long mask,
- long minsize, long maxsize);
+ ossl_ssize_t len, int inform,
+ unsigned long mask, ossl_ssize_t minsize,
+ ossl_ssize_t maxsize);
// ASN1_STRING_set_by_NID behaves like |ASN1_mbstring_ncopy|, but determines
// |mask|, |minsize|, and |maxsize| based on |nid|. When |nid| is a recognized
@@ -787,7 +776,7 @@
// to call |ASN1_mbstring_ncopy| directly instead.
OPENSSL_EXPORT ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
const unsigned char *in,
- int len, int inform,
+ ossl_ssize_t len, int inform,
int nid);
// STABLE_NO_MASK causes |ASN1_STRING_TABLE_add| to allow types other than
@@ -832,7 +821,7 @@
OPENSSL_EXPORT void DIRECTORYSTRING_free(ASN1_STRING *str);
// d2i_DIRECTORYSTRING parses up to |len| bytes from |*inp| as a DER-encoded
-// X.509 DirectoryString (RFC 5280), as described in |d2i_SAMPLE_with_reuse|.
+// X.509 DirectoryString (RFC 5280), as described in |d2i_SAMPLE|.
//
// TODO(https://crbug.com/boringssl/354): This function currently also accepts
// BER, but this will be removed in the future.
@@ -865,7 +854,7 @@
OPENSSL_EXPORT void DISPLAYTEXT_free(ASN1_STRING *str);
// d2i_DISPLAYTEXT parses up to |len| bytes from |*inp| as a DER-encoded X.509
-// DisplayText (RFC 5280), as described in |d2i_SAMPLE_with_reuse|.
+// DisplayText (RFC 5280), as described in |d2i_SAMPLE|.
//
// TODO(https://crbug.com/boringssl/354): This function currently also accepts
// BER, but this will be removed in the future.
@@ -926,10 +915,7 @@
OPENSSL_EXPORT void ASN1_BIT_STRING_free(ASN1_BIT_STRING *str);
// d2i_ASN1_BIT_STRING parses up to |len| bytes from |*inp| as a DER-encoded
-// ASN.1 BIT STRING, as described in |d2i_SAMPLE_with_reuse|.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
+// ASN.1 BIT STRING, as described in |d2i_SAMPLE|.
OPENSSL_EXPORT ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **out,
const uint8_t **inp,
long len);
@@ -941,11 +927,7 @@
// c2i_ASN1_BIT_STRING decodes |len| bytes from |*inp| as the contents of a
// DER-encoded BIT STRING, excluding the tag and length. It behaves like
-// |d2i_SAMPLE_with_reuse| except, on success, it always consumes all |len|
-// bytes.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
+// |d2i_SAMPLE| except, on success, it always consumes all |len| bytes.
OPENSSL_EXPORT ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **out,
const uint8_t **inp,
long len);
@@ -985,7 +967,8 @@
// TODO(davidben): Maybe it should? Wrapping a byte string in a bit string is a
// common use case.
OPENSSL_EXPORT int ASN1_BIT_STRING_set(ASN1_BIT_STRING *str,
- const unsigned char *d, int length);
+ const unsigned char *d,
+ ossl_ssize_t length);
// ASN1_BIT_STRING_set_bit sets bit |n| of |str| to one if |value| is non-zero
// and zero if |value| is zero, resizing |str| as needed. It then truncates
@@ -1036,10 +1019,7 @@
OPENSSL_EXPORT ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x);
// d2i_ASN1_INTEGER parses up to |len| bytes from |*inp| as a DER-encoded
-// ASN.1 INTEGER, as described in |d2i_SAMPLE_with_reuse|.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
+// ASN.1 INTEGER, as described in |d2i_SAMPLE|.
OPENSSL_EXPORT ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **out,
const uint8_t **inp, long len);
@@ -1049,11 +1029,7 @@
// c2i_ASN1_INTEGER decodes |len| bytes from |*inp| as the contents of a
// DER-encoded INTEGER, excluding the tag and length. It behaves like
-// |d2i_SAMPLE_with_reuse| except, on success, it always consumes all |len|
-// bytes.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// some invalid inputs, but this will be removed in the future.
+// |d2i_SAMPLE| except, on success, it always consumes all |len| bytes.
OPENSSL_EXPORT ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **in,
const uint8_t **outp, long len);
@@ -1080,9 +1056,9 @@
// on success and zero on error.
OPENSSL_EXPORT int ASN1_INTEGER_set_uint64(ASN1_INTEGER *out, uint64_t v);
-// ASN1_INTEGER_set sets |a| to an INTEGER with value |v|. It returns one on
-// success and zero on error.
-OPENSSL_EXPORT int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
+// ASN1_INTEGER_set_int64 sets |a| to an INTEGER with value |v|. It returns one
+// on success and zero on error.
+OPENSSL_EXPORT int ASN1_INTEGER_set_int64(ASN1_INTEGER *out, int64_t v);
// ASN1_INTEGER_get_uint64 converts |a| to a |uint64_t|. On success, it returns
// one and sets |*out| to the result. If |a| did not fit or has the wrong type,
@@ -1090,12 +1066,10 @@
OPENSSL_EXPORT int ASN1_INTEGER_get_uint64(uint64_t *out,
const ASN1_INTEGER *a);
-// ASN1_INTEGER_get returns the value of |a| as a |long|, or -1 if |a| is out of
-// range or the wrong type.
-//
-// WARNING: This function's return value cannot distinguish errors from -1.
-// Prefer |ASN1_INTEGER_get_uint64|.
-OPENSSL_EXPORT long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+// ASN1_INTEGER_get_int64 converts |a| to a |int64_t|. On success, it returns
+// one and sets |*out| to the result. If |a| did not fit or has the wrong type,
+// it returns zero.
+OPENSSL_EXPORT int ASN1_INTEGER_get_int64(int64_t *out, const ASN1_INTEGER *a);
// BN_to_ASN1_INTEGER sets |ai| to an INTEGER with value |bn| and returns |ai|
// on success or NULL or error. If |ai| is NULL, it returns a newly-allocated
@@ -1123,10 +1097,7 @@
OPENSSL_EXPORT void ASN1_ENUMERATED_free(ASN1_ENUMERATED *str);
// d2i_ASN1_ENUMERATED parses up to |len| bytes from |*inp| as a DER-encoded
-// ASN.1 ENUMERATED, as described in |d2i_SAMPLE_with_reuse|.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
+// ASN.1 ENUMERATED, as described in |d2i_SAMPLE|.
OPENSSL_EXPORT ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **out,
const uint8_t **inp,
long len);
@@ -1144,9 +1115,9 @@
// returns one on success and zero on error.
OPENSSL_EXPORT int ASN1_ENUMERATED_set_uint64(ASN1_ENUMERATED *out, uint64_t v);
-// ASN1_ENUMERATED_set sets |a| to an ENUMERATED with value |v|. It returns one
-// on success and zero on error.
-OPENSSL_EXPORT int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+// ASN1_ENUMERATED_set_int64 sets |a| to an ENUMERATED with value |v|. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int ASN1_ENUMERATED_set_int64(ASN1_ENUMERATED *out, int64_t v);
// ASN1_ENUMERATED_get_uint64 converts |a| to a |uint64_t|. On success, it
// returns one and sets |*out| to the result. If |a| did not fit or has the
@@ -1154,12 +1125,11 @@
OPENSSL_EXPORT int ASN1_ENUMERATED_get_uint64(uint64_t *out,
const ASN1_ENUMERATED *a);
-// ASN1_ENUMERATED_get returns the value of |a| as a |long|, or -1 if |a| is out
-// of range or the wrong type.
-//
-// WARNING: This function's return value cannot distinguish errors from -1.
-// Prefer |ASN1_ENUMERATED_get_uint64|.
-OPENSSL_EXPORT long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+// ASN1_ENUMERATED_get_int64 converts |a| to a |int64_t|. On success, it
+// returns one and sets |*out| to the result. If |a| did not fit or has the
+// wrong type, it returns zero.
+OPENSSL_EXPORT int ASN1_ENUMERATED_get_int64(int64_t *out,
+ const ASN1_ENUMERATED *a);
// BN_to_ASN1_ENUMERATED sets |ai| to an ENUMERATED with value |bn| and returns
// |ai| on success or NULL or error. If |ai| is NULL, it returns a
@@ -1202,7 +1172,7 @@
OPENSSL_EXPORT void ASN1_UTCTIME_free(ASN1_UTCTIME *str);
// d2i_ASN1_UTCTIME parses up to |len| bytes from |*inp| as a DER-encoded
-// ASN.1 UTCTime, as described in |d2i_SAMPLE_with_reuse|.
+// ASN.1 UTCTime, as described in |d2i_SAMPLE|.
//
// TODO(https://crbug.com/boringssl/354): This function currently also accepts
// BER, but this will be removed in the future.
@@ -1220,20 +1190,23 @@
// ASN1_UTCTIME_check returns one if |a| is a valid UTCTime and zero otherwise.
OPENSSL_EXPORT int ASN1_UTCTIME_check(const ASN1_UTCTIME *a);
-// ASN1_UTCTIME_set represents |t| as a UTCTime and writes the result to |s|. It
-// returns |s| on success and NULL on error. If |s| is NULL, it returns a
-// newly-allocated |ASN1_UTCTIME| instead.
+// ASN1_UTCTIME_set represents |posix_time| as a UTCTime and writes the result
+// to |s|. It returns |s| on success and NULL on error. If |s| is NULL, it
+// returns a newly-allocated |ASN1_UTCTIME| instead.
//
// Note this function may fail if the time is out of range for UTCTime.
-OPENSSL_EXPORT ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+OPENSSL_EXPORT ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,
+ int64_t posix_time);
-// ASN1_UTCTIME_adj adds |offset_day| days and |offset_sec| seconds to |t| and
-// writes the result to |s| as a UTCTime. It returns |s| on success and NULL on
-// error. If |s| is NULL, it returns a newly-allocated |ASN1_UTCTIME| instead.
+// ASN1_UTCTIME_adj adds |offset_day| days and |offset_sec| seconds to
+// |posix_time| and writes the result to |s| as a UTCTime. It returns |s| on
+// success and NULL on error. If |s| is NULL, it returns a newly-allocated
+// |ASN1_UTCTIME| instead.
//
// Note this function may fail if the time overflows or is out of range for
// UTCTime.
-OPENSSL_EXPORT ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+OPENSSL_EXPORT ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s,
+ int64_t posix_time,
int offset_day, long offset_sec);
// ASN1_UTCTIME_set_string sets |s| to a UTCTime whose contents are a copy of
@@ -1256,10 +1229,7 @@
OPENSSL_EXPORT void ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *str);
// d2i_ASN1_GENERALIZEDTIME parses up to |len| bytes from |*inp| as a
-// DER-encoded ASN.1 GeneralizedTime, as described in |d2i_SAMPLE_with_reuse|.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
+// DER-encoded ASN.1 GeneralizedTime, as described in |d2i_SAMPLE|.
OPENSSL_EXPORT ASN1_GENERALIZEDTIME *d2i_ASN1_GENERALIZEDTIME(
ASN1_GENERALIZEDTIME **out, const uint8_t **inp, long len);
@@ -1276,23 +1246,24 @@
// zero otherwise.
OPENSSL_EXPORT int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *a);
-// ASN1_GENERALIZEDTIME_set represents |t| as a GeneralizedTime and writes the
-// result to |s|. It returns |s| on success and NULL on error. If |s| is NULL,
-// it returns a newly-allocated |ASN1_GENERALIZEDTIME| instead.
+// ASN1_GENERALIZEDTIME_set represents |posix_time| as a GeneralizedTime and
+// writes the result to |s|. It returns |s| on success and NULL on error. If |s|
+// is NULL, it returns a newly-allocated |ASN1_GENERALIZEDTIME| instead.
//
// Note this function may fail if the time is out of range for GeneralizedTime.
OPENSSL_EXPORT ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(
- ASN1_GENERALIZEDTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *s, int64_t posix_time);
// ASN1_GENERALIZEDTIME_adj adds |offset_day| days and |offset_sec| seconds to
-// |t| and writes the result to |s| as a GeneralizedTime. It returns |s| on
-// success and NULL on error. If |s| is NULL, it returns a newly-allocated
-// |ASN1_GENERALIZEDTIME| instead.
+// |posix_time| and writes the result to |s| as a GeneralizedTime. It returns
+// |s| on success and NULL on error. If |s| is NULL, it returns a
+// newly-allocated |ASN1_GENERALIZEDTIME| instead.
//
// Note this function may fail if the time overflows or is out of range for
// GeneralizedTime.
OPENSSL_EXPORT ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(
- ASN1_GENERALIZEDTIME *s, time_t t, int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *s, int64_t posix_time, int offset_day,
+ long offset_sec);
// ASN1_GENERALIZEDTIME_set_string sets |s| to a GeneralizedTime whose contents
// are a copy of |str|. It returns one on success and zero on error or if |str|
@@ -1314,7 +1285,7 @@
OPENSSL_EXPORT void ASN1_TIME_free(ASN1_TIME *str);
// d2i_ASN1_TIME parses up to |len| bytes from |*inp| as a DER-encoded X.509
-// Time (RFC 5280), as described in |d2i_SAMPLE_with_reuse|.
+// Time (RFC 5280), as described in |d2i_SAMPLE|.
//
// TODO(https://crbug.com/boringssl/354): This function currently also accepts
// BER, but this will be removed in the future.
@@ -1342,24 +1313,29 @@
OPENSSL_EXPORT int ASN1_TIME_diff(int *out_days, int *out_seconds,
const ASN1_TIME *from, const ASN1_TIME *to);
-// ASN1_TIME_set represents |t| as a GeneralizedTime or UTCTime and writes
-// the result to |s|. As in RFC 5280, section 4.1.2.5, it uses UTCTime when the
-// time fits and GeneralizedTime otherwise. It returns |s| on success and NULL
-// on error. If |s| is NULL, it returns a newly-allocated |ASN1_TIME| instead.
-//
-// Note this function may fail if the time is out of range for GeneralizedTime.
-OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
-
-// ASN1_TIME_adj adds |offset_day| days and |offset_sec| seconds to
-// |t| and writes the result to |s|. As in RFC 5280, section 4.1.2.5, it uses
+// ASN1_TIME_set_posix represents |posix_time| as a GeneralizedTime or UTCTime
+// and writes the result to |s|. As in RFC 5280, section 4.1.2.5, it uses
// UTCTime when the time fits and GeneralizedTime otherwise. It returns |s| on
// success and NULL on error. If |s| is NULL, it returns a newly-allocated
-// |ASN1_GENERALIZEDTIME| instead.
+// |ASN1_TIME| instead.
+//
+// Note this function may fail if the time is out of range for GeneralizedTime.
+OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_set_posix(ASN1_TIME *s, int64_t posix_time);
+
+// ASN1_TIME_set is exactly the same as |ASN1_TIME_set_posix| but with a
+// time_t as input for compatibility.
+OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t time);
+
+// ASN1_TIME_adj adds |offset_day| days and |offset_sec| seconds to
+// |posix_time| and writes the result to |s|. As in RFC 5280, section 4.1.2.5,
+// it uses UTCTime when the time fits and GeneralizedTime otherwise. It returns
+// |s| on success and NULL on error. If |s| is NULL, it returns a
+// newly-allocated |ASN1_GENERALIZEDTIME| instead.
//
// Note this function may fail if the time overflows or is out of range for
// GeneralizedTime.
-OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
- long offset_sec);
+OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, int64_t posix_time,
+ int offset_day, long offset_sec);
// ASN1_TIME_check returns one if |t| is a valid UTCTime or GeneralizedTime, and
// zero otherwise. |t|'s type determines which check is performed. This
@@ -1379,6 +1355,15 @@
// GeneralizedTime. If |str| is neither, it returns zero.
OPENSSL_EXPORT int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+// ASN1_TIME_to_time_t converts |t| to a time_t value in |out|. On
+// success, one is returned. On failure zero is returned. This function
+// will fail if the time can not be represented in a time_t.
+OPENSSL_EXPORT int ASN1_TIME_to_time_t(const ASN1_TIME *t, time_t *out);
+
+// ASN1_TIME_to_posix converts |t| to a POSIX time value in |out|. On
+// success, one is returned. On failure zero is returned.
+OPENSSL_EXPORT int ASN1_TIME_to_posix(const ASN1_TIME *t, int64_t *out);
+
// TODO(davidben): Expand and document function prototypes generated in macros.
@@ -1398,9 +1383,6 @@
// d2i_ASN1_NULL parses a DER-encoded ASN.1 NULL value from up to |len| bytes
// at |*inp|, as described in |d2i_SAMPLE|.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
OPENSSL_EXPORT ASN1_NULL *d2i_ASN1_NULL(ASN1_NULL **out, const uint8_t **inp,
long len);
@@ -1435,7 +1417,7 @@
// TODO(davidben): Should we just ignore all those parameters? NIDs and names
// are only relevant for |ASN1_OBJECT|s in the obj.h table.
OPENSSL_EXPORT ASN1_OBJECT *ASN1_OBJECT_create(int nid, const uint8_t *data,
- int len, const char *sn,
+ size_t len, const char *sn,
const char *ln);
// ASN1_OBJECT_free releases memory associated with |a|. If |a| is a static
@@ -1443,21 +1425,17 @@
OPENSSL_EXPORT void ASN1_OBJECT_free(ASN1_OBJECT *a);
// d2i_ASN1_OBJECT parses a DER-encoded ASN.1 OBJECT IDENTIFIER from up to |len|
-// bytes at |*inp|, as described in |d2i_SAMPLE_with_reuse|.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
+// bytes at |*inp|, as described in |d2i_SAMPLE|.
OPENSSL_EXPORT ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **out,
const uint8_t **inp, long len);
// i2d_ASN1_OBJECT marshals |in| as a DER-encoded ASN.1 OBJECT IDENTIFIER, as
// described in |i2d_SAMPLE|.
-OPENSSL_EXPORT int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, uint8_t **outp);
+OPENSSL_EXPORT int i2d_ASN1_OBJECT(const ASN1_OBJECT *in, uint8_t **outp);
// c2i_ASN1_OBJECT decodes |len| bytes from |*inp| as the contents of a
// DER-encoded OBJECT IDENTIFIER, excluding the tag and length. It behaves like
-// |d2i_SAMPLE_with_reuse| except, on success, it always consumes all |len|
-// bytes.
+// |d2i_SAMPLE| except, on success, it always consumes all |len| bytes.
OPENSSL_EXPORT ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **out,
const uint8_t **inp, long len);
@@ -1499,15 +1477,14 @@
// |ASN1_BOOLEAN|.
//
// If |type| is |V_ASN1_SEQUENCE|, |V_ASN1_SET|, or |V_ASN1_OTHER|, the tag is
-// SEQUENCE, SET, or some non-universal tag, respectively. |value| is an
-// |ASN1_STRING| containing the entire element, including the tag and length.
-// The |ASN1_STRING|'s |type| field matches the containing |ASN1_TYPE|'s |type|.
+// SEQUENCE, SET, or some arbitrary tag, respectively. |value| uses the
+// corresponding |ASN1_STRING| representation. Although any type may be
+// represented in |V_ASN1_OTHER|, the parser will always return the more
+// specific encoding when available.
//
-// Other positive values of |type|, up to |V_ASN1_MAX_UNIVERSAL|, correspond to
-// universal primitive tags not directly supported by this library. |value| is
-// an |ASN1_STRING| containing the body of the element, excluding the tag
-// and length. The |ASN1_STRING|'s |type| field matches the containing
-// |ASN1_TYPE|'s |type|.
+// Other values of |type| do not represent a valid ASN.1 value, though
+// default-constructed objects may set |type| to -1. Such objects cannot be
+// serialized.
struct asn1_type_st {
int type;
union {
@@ -1547,10 +1524,10 @@
OPENSSL_EXPORT void ASN1_TYPE_free(ASN1_TYPE *a);
// d2i_ASN1_TYPE parses up to |len| bytes from |*inp| as an ASN.1 value of any
-// type, as described in |d2i_SAMPLE_with_reuse|. Note this function only
-// validates primitive, universal types supported by this library. Values of
-// type |V_ASN1_SEQUENCE|, |V_ASN1_SET|, |V_ASN1_OTHER|, or an unsupported
-// primitive type must be validated by the caller when interpreting.
+// type, as described in |d2i_SAMPLE|. Note this function only validates
+// primitive, universal types supported by this library. Values of type
+// |V_ASN1_SEQUENCE|, |V_ASN1_SET|, |V_ASN1_OTHER|, or an unsupported primitive
+// type must be validated by the caller when interpreting.
//
// TODO(https://crbug.com/boringssl/354): This function currently also accepts
// BER, but this will be removed in the future.
@@ -1594,9 +1571,9 @@
typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
// d2i_ASN1_SEQUENCE_ANY parses up to |len| bytes from |*inp| as a DER-encoded
-// ASN.1 SEQUENCE OF ANY structure, as described in |d2i_SAMPLE_with_reuse|. The
-// resulting |ASN1_SEQUENCE_ANY| owns its contents and thus must be released
-// with |sk_ASN1_TYPE_pop_free| and |ASN1_TYPE_free|, not |sk_ASN1_TYPE_free|.
+// ASN.1 SEQUENCE OF ANY structure, as described in |d2i_SAMPLE|. The resulting
+// |ASN1_SEQUENCE_ANY| owns its contents and thus must be released with
+// |sk_ASN1_TYPE_pop_free| and |ASN1_TYPE_free|, not |sk_ASN1_TYPE_free|.
//
// TODO(https://crbug.com/boringssl/354): This function currently also accepts
// BER, but this will be removed in the future.
@@ -1610,7 +1587,7 @@
uint8_t **outp);
// d2i_ASN1_SET_ANY parses up to |len| bytes from |*inp| as a DER-encoded ASN.1
-// SET OF ANY structure, as described in |d2i_SAMPLE_with_reuse|. The resulting
+// SET OF ANY structure, as described in |d2i_SAMPLE|. The resulting
// |ASN1_SEQUENCE_ANY| owns its contents and thus must be released with
// |sk_ASN1_TYPE_pop_free| and |ASN1_TYPE_free|, not |sk_ASN1_TYPE_free|.
//
@@ -1759,13 +1736,11 @@
// |*out_length|, |*out_tag|, and |*out_class| to the element's length, tag
// number, and tag class, respectively,
//
-// Unlike OpenSSL, this function does not support indefinite-length elements.
+// Unlike OpenSSL, this function only supports DER. Indefinite and non-minimal
+// lengths are rejected.
//
// This function is difficult to use correctly. Use |CBS_get_asn1| and related
// functions from bytestring.h.
-//
-// TODO(https://crbug.com/boringssl/354): Remove support for non-minimal
-// lengths.
OPENSSL_EXPORT int ASN1_get_object(const unsigned char **inp, long *out_length,
int *out_tag, int *out_class, long max_len);
@@ -1841,15 +1816,6 @@
// Deprecated functions.
-// ASN1_PRINTABLE_type interprets |len| bytes from |s| as a Latin-1 string. It
-// returns the first of |V_ASN1_PRINTABLESTRING|, |V_ASN1_IA5STRING|, or
-// |V_ASN1_T61STRING| that can represent every character. If |len| is negative,
-// |strlen(s)| is used instead.
-//
-// TODO(davidben): Remove this once all copies of Conscrypt have been updated
-// past https://github.com/google/conscrypt/pull/1032.
-OPENSSL_EXPORT int ASN1_PRINTABLE_type(const unsigned char *s, int len);
-
// ASN1_STRING_set_default_mask does nothing.
OPENSSL_EXPORT void ASN1_STRING_set_default_mask(unsigned long mask);
@@ -1931,7 +1897,7 @@
// d2i_ASN1_PRINTABLE parses up to |len| bytes from |*inp| as a DER-encoded
// CHOICE of an ad-hoc subset of string-like types, as described in
-// |d2i_SAMPLE_with_reuse|.
+// |d2i_SAMPLE|.
//
// Do not use this. Despite, the name it has no connection to PrintableString or
// printable characters. See https://crbug.com/boringssl/412.
@@ -1954,6 +1920,32 @@
// printable characters. See https://crbug.com/boringssl/412.
DECLARE_ASN1_ITEM(ASN1_PRINTABLE)
+// ASN1_INTEGER_set sets |a| to an INTEGER with value |v|. It returns one on
+// success and zero on error.
+//
+// Use |ASN1_INTEGER_set_uint64| and |ASN1_INTEGER_set_int64| instead.
+OPENSSL_EXPORT int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
+
+// ASN1_ENUMERATED_set sets |a| to an ENUMERATED with value |v|. It returns one
+// on success and zero on error.
+//
+// Use |ASN1_ENUMERATED_set_uint64| and |ASN1_ENUMERATED_set_int64| instead.
+OPENSSL_EXPORT int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+// ASN1_INTEGER_get returns the value of |a| as a |long|, or -1 if |a| is out of
+// range or the wrong type.
+//
+// WARNING: This function's return value cannot distinguish errors from -1.
+// Use |ASN1_INTEGER_get_uint64| and |ASN1_INTEGER_get_int64| instead.
+OPENSSL_EXPORT long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+
+// ASN1_ENUMERATED_get returns the value of |a| as a |long|, or -1 if |a| is out
+// of range or the wrong type.
+//
+// WARNING: This function's return value cannot distinguish errors from -1.
+// Use |ASN1_ENUMERATED_get_uint64| and |ASN1_ENUMERATED_get_int64| instead.
+OPENSSL_EXPORT long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+
#if defined(__cplusplus)
} // extern C
@@ -2070,4 +2062,4 @@
#define ASN1_R_WRONG_INTEGER_TYPE 195
#define ASN1_R_INVALID_INTEGER 196
-#endif
+#endif // OPENSSL_HEADER_ASN1_H
diff --git a/sysroots/generic-arm32/usr/include/openssl/asn1t.h b/sysroots/generic-arm32/usr/include/openssl/asn1t.h
index 75bc6f0..7547b60 100644
--- a/sysroots/generic-arm32/usr/include/openssl/asn1t.h
+++ b/sysroots/generic-arm32/usr/include/openssl/asn1t.h
@@ -54,13 +54,13 @@
* Hudson (tjh@cryptsoft.com).
*
*/
-#ifndef HEADER_ASN1T_H
-#define HEADER_ASN1T_H
+#ifndef OPENSSL_HEADER_ASN1T_H
+#define OPENSSL_HEADER_ASN1T_H
#include <openssl/base.h>
#include <openssl/asn1.h>
-#ifdef __cplusplus
+#if defined(__cplusplus)
extern "C" {
#endif
@@ -244,11 +244,6 @@
(flags), (tag), offsetof(stname, field),\
#field, ASN1_ITEM_ref(type) }
-/* used when the structure is combined with the parent */
-
-#define ASN1_EX_COMBINE(flags, tag, type) { \
- (flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) }
-
/* implicit and explicit helper macros */
#define ASN1_IMP_EX(stname, field, type, tag, ex) \
@@ -348,8 +343,8 @@
*/
struct ASN1_TEMPLATE_st {
-unsigned long flags; /* Various flags */
-long tag; /* tag, not used if no tagging */
+uint32_t flags; /* Various flags */
+int tag; /* tag, not used if no tagging */
unsigned long offset; /* Offset of this field in structure */
const char *field_name; /* Field name */
ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */
@@ -366,7 +361,7 @@
typedef struct asn1_must_be_null_st ASN1_MUST_BE_NULL;
struct ASN1_ADB_st {
- unsigned long flags; /* Various flags */
+ uint32_t flags; /* Various flags */
unsigned long offset; /* Offset of selector field */
ASN1_MUST_BE_NULL *unused;
const ASN1_ADB_TABLE *tbl; /* Table of possible types */
@@ -441,21 +436,11 @@
#define ASN1_TFLG_ADB_OID (0x1<<8)
-/* This flag means a parent structure is passed
- * instead of the field: this is useful is a
- * SEQUENCE is being combined with a CHOICE for
- * example. Since this means the structure and
- * item name will differ we need to use the
- * ASN1_CHOICE_END_name() macro for example.
- */
-
-#define ASN1_TFLG_COMBINE (0x1<<10)
-
/* This is the actual ASN1 item itself */
struct ASN1_ITEM_st {
char itype; /* The item type, primitive, SEQUENCE, CHOICE or extern */
-long utype; /* underlying type */
+int utype; /* underlying type */
const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains the contents */
long tcount; /* Number of templates if SEQUENCE or CHOICE */
const void *funcs; /* functions that handle this type */
@@ -512,35 +497,6 @@
/* Deprecated tag and length cache */
struct ASN1_TLC_st;
-/* Typedefs for ASN1 function pointers */
-
-typedef ASN1_VALUE * ASN1_new_func(void);
-typedef void ASN1_free_func(ASN1_VALUE *a);
-typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, const unsigned char ** in, long length);
-typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in);
-
-typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it,
- int tag, int aclass, char opt, ASN1_TLC *ctx);
-
-typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
-typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
-typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval,
- int indent, const char *fname,
- const ASN1_PCTX *pctx);
-
-typedef struct ASN1_EXTERN_FUNCS_st {
- void *app_data;
- ASN1_ex_new_func *asn1_ex_new;
- ASN1_ex_free_func *asn1_ex_free;
- ASN1_ex_free_func *asn1_ex_clear;
- ASN1_ex_d2i *asn1_ex_d2i;
- ASN1_ex_i2d *asn1_ex_i2d;
- /* asn1_ex_print is unused. */
- ASN1_ex_print_func *asn1_ex_print;
-} ASN1_EXTERN_FUNCS;
-
/* This is the ASN1_AUX structure: it handles various
* miscellaneous requirements. For example the use of
* reference counts and an informational callback.
@@ -563,7 +519,7 @@
typedef struct ASN1_AUX_st {
void *app_data;
- int flags;
+ uint32_t flags;
int ref_offset; /* Offset of reference value */
ASN1_aux_cb *asn1_cb;
int enc_offset; /* Offset of ASN1_ENCODING structure */
@@ -677,13 +633,17 @@
int i2d_##fname(const stname *a, unsigned char **out) \
{ \
return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
- }
+ }
-#define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
- stname * stname##_dup(stname *x) \
- { \
- return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
- }
+#define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
+ stname *stname##_dup(stname *x) { \
+ return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
+ }
+
+#define IMPLEMENT_ASN1_DUP_FUNCTION_const(stname) \
+ stname *stname##_dup(const stname *x) { \
+ return ASN1_item_dup(ASN1_ITEM_rptr(stname), (void *)x); \
+ }
#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
@@ -698,7 +658,9 @@
DEFINE_STACK_OF(ASN1_VALUE)
-#ifdef __cplusplus
-}
+
+#if defined(__cplusplus)
+} // extern "C"
#endif
-#endif
+
+#endif // OPENSSL_HEADER_ASN1T_H
diff --git a/sysroots/generic-arm32/usr/include/openssl/base.h b/sysroots/generic-arm32/usr/include/openssl/base.h
index c2c953b..80d18a7 100644
--- a/sysroots/generic-arm32/usr/include/openssl/base.h
+++ b/sysroots/generic-arm32/usr/include/openssl/base.h
@@ -96,9 +96,6 @@
#elif defined(__ARMEL__) || defined(_M_ARM)
#define OPENSSL_32_BIT
#define OPENSSL_ARM
-#elif (defined(__PPC64__) || defined(__powerpc64__)) && defined(_LITTLE_ENDIAN)
-#define OPENSSL_64_BIT
-#define OPENSSL_PPC64LE
#elif defined(__MIPSEL__) && !defined(__LP64__)
#define OPENSSL_32_BIT
#define OPENSSL_MIPS
@@ -107,6 +104,7 @@
#define OPENSSL_MIPS64
#elif defined(__riscv) && __SIZEOF_POINTER__ == 8
#define OPENSSL_64_BIT
+#define OPENSSL_RISCV64
#elif defined(__riscv) && __SIZEOF_POINTER__ == 4
#define OPENSSL_32_BIT
#elif defined(__pnacl__)
@@ -195,7 +193,7 @@
// A consumer may use this symbol in the preprocessor to temporarily build
// against multiple revisions of BoringSSL at the same time. It is not
// recommended to do so for longer than is necessary.
-#define BORINGSSL_API_VERSION 17
+#define BORINGSSL_API_VERSION 19
#if defined(BORINGSSL_SHARED_LIBRARY)
@@ -223,6 +221,33 @@
#endif // defined(BORINGSSL_SHARED_LIBRARY)
+#if defined(_MSC_VER)
+
+// OPENSSL_DEPRECATED is used to mark a function as deprecated. Use
+// of any functions so marked in caller code will produce a warning.
+// OPENSSL_BEGIN_ALLOW_DEPRECATED and OPENSSL_END_ALLOW_DEPRECATED
+// can be used to suppress the warning in regions of caller code.
+#define OPENSSL_DEPRECATED __declspec(deprecated)
+#define OPENSSL_BEGIN_ALLOW_DEPRECATED \
+ __pragma(warning(push)) __pragma(warning(disable : 4996))
+#define OPENSSL_END_ALLOW_DEPRECATED __pragma(warning(pop))
+
+#elif defined(__GNUC__) || defined(__clang__)
+
+#define OPENSSL_DEPRECATED __attribute__((__deprecated__))
+#define OPENSSL_BEGIN_ALLOW_DEPRECATED \
+ _Pragma("GCC diagnostic push") \
+ _Pragma("GCC diagnostic ignored \"-Wdeprecated-declarations\"")
+#define OPENSSL_END_ALLOW_DEPRECATED _Pragma("GCC diagnostic pop")
+
+#else
+
+#define OPENSSL_DEPRECATED
+#define OPENSSL_BEGIN_ALLOW_DEPRECATED
+#define OPENSSL_END_ALLOW_DEPRECATED
+
+#endif
+
#if defined(__GNUC__) || defined(__clang__)
// MinGW has two different printf implementations. Ensure the format macro
@@ -325,6 +350,19 @@
#define BORINGSSL_ENUM_INT
#endif
+// ossl_ssize_t is a signed type which is large enough to fit the size of any
+// valid memory allocation. We prefer using |size_t|, but sometimes we need a
+// signed type for OpenSSL API compatibility. This type can be used in such
+// cases to avoid overflow.
+//
+// Not all |size_t| values fit in |ossl_ssize_t|, but all |size_t| values that
+// are sizes of or indices into C objects, can be converted without overflow.
+typedef ptrdiff_t ossl_ssize_t;
+
+// CBS_ASN1_TAG is the type used by |CBS| and |CBB| for ASN.1 tags. See that
+// header for details. This type is defined in base.h as a forward declaration.
+typedef uint32_t CBS_ASN1_TAG;
+
// CRYPTO_THREADID is a dummy value.
typedef int CRYPTO_THREADID;
@@ -362,10 +400,6 @@
typedef struct Netscape_spkac_st NETSCAPE_SPKAC;
typedef struct Netscape_spki_st NETSCAPE_SPKI;
typedef struct RIPEMD160state_st RIPEMD160_CTX;
-typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE;
-typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
-typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
-typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
typedef struct X509_VERIFY_PARAM_st X509_VERIFY_PARAM;
typedef struct X509_algor_st X509_ALGOR;
typedef struct X509_crl_st X509_CRL;
@@ -412,9 +446,7 @@
typedef struct evp_hpke_kdf_st EVP_HPKE_KDF;
typedef struct evp_hpke_kem_st EVP_HPKE_KEM;
typedef struct evp_hpke_key_st EVP_HPKE_KEY;
-typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
-typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
typedef struct evp_pkey_st EVP_PKEY;
typedef struct hmac_ctx_st HMAC_CTX;
typedef struct md4_state_st MD4_CTX;
@@ -519,8 +551,8 @@
template <typename T, typename Enable = void>
struct DeleterImpl {};
-template <typename T>
struct Deleter {
+ template <typename T>
void operator()(T *ptr) {
// Rather than specialize Deleter for each type, we specialize
// DeleterImpl. This allows bssl::UniquePtr<T> to be used while only
@@ -604,7 +636,7 @@
// bssl::UniquePtr<RSA> rsa(RSA_new());
// bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_mem()));
template <typename T>
-using UniquePtr = std::unique_ptr<T, internal::Deleter<T>>;
+using UniquePtr = std::unique_ptr<T, internal::Deleter>;
#define BORINGSSL_MAKE_UP_REF(type, up_ref_func) \
inline UniquePtr<type> UpRef(type *v) { \
diff --git a/sysroots/generic-arm32/usr/include/openssl/bio.h b/sysroots/generic-arm32/usr/include/openssl/bio.h
index 1658ff2..707a4b1 100644
--- a/sysroots/generic-arm32/usr/include/openssl/bio.h
+++ b/sysroots/generic-arm32/usr/include/openssl/bio.h
@@ -107,14 +107,14 @@
// bytes read, zero on EOF, or a negative number on error.
OPENSSL_EXPORT int BIO_read(BIO *bio, void *data, int len);
-// BIO_gets "reads a line" from |bio| and puts at most |size| bytes into |buf|.
-// It returns the number of bytes read or a negative number on error. The
-// phrase "reads a line" is in quotes in the previous sentence because the
-// exact operation depends on the BIO's method. For example, a digest BIO will
-// return the digest in response to a |BIO_gets| call.
+// BIO_gets reads a line from |bio| and writes at most |size| bytes into |buf|.
+// It returns the number of bytes read or a negative number on error. This
+// function's output always includes a trailing NUL byte, so it will read at
+// most |size - 1| bytes.
//
-// TODO(fork): audit the set of BIOs that we end up needing. If all actually
-// return a line for this call, remove the warning above.
+// If the function read a complete line, the output will include the newline
+// character, '\n'. If no newline was found before |size - 1| bytes or EOF, it
+// outputs the bytes which were available.
OPENSSL_EXPORT int BIO_gets(BIO *bio, char *buf, int size);
// BIO_write writes |len| bytes from |data| to |bio|. It returns the number of
@@ -328,7 +328,7 @@
OPENSSL_EXPORT int BIO_indent(BIO *bio, unsigned indent, unsigned max_indent);
// BIO_hexdump writes a hex dump of |data| to |bio|. Each line will be indented
-// by |indent| spaces.
+// by |indent| spaces. It returns one on success and zero otherwise.
OPENSSL_EXPORT int BIO_hexdump(BIO *bio, const uint8_t *data, size_t len,
unsigned indent);
@@ -383,7 +383,7 @@
//
// If |len| is negative, then |buf| is treated as a NUL-terminated string, but
// don't depend on this in new code.
-OPENSSL_EXPORT BIO *BIO_new_mem_buf(const void *buf, int len);
+OPENSSL_EXPORT BIO *BIO_new_mem_buf(const void *buf, ossl_ssize_t len);
// BIO_mem_contents sets |*out_contents| to point to the current contents of
// |bio| and |*out_len| to contain the length of that data. It returns one on
@@ -873,7 +873,6 @@
#define BIO_C_GET_FILE_PTR 107
#define BIO_C_SET_FILENAME 108
#define BIO_C_SET_SSL 109
-#define BIO_C_GET_SSL 110
#define BIO_C_SET_MD 111
#define BIO_C_GET_MD 112
#define BIO_C_GET_CIPHER_STATUS 113
@@ -887,9 +886,6 @@
#define BIO_C_GET_PROXY_PARAM 121
#define BIO_C_SET_BUFF_READ_DATA 122 // data to read first
#define BIO_C_GET_ACCEPT 124
-#define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
-#define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
-#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
#define BIO_C_FILE_SEEK 128
#define BIO_C_GET_CIPHER_CTX 129
#define BIO_C_SET_BUF_MEM_EOF_RETURN 130 // return end of input value
diff --git a/sysroots/generic-arm32/usr/include/openssl/bn.h b/sysroots/generic-arm32/usr/include/openssl/bn.h
index d9491a9..a03e41f 100644
--- a/sysroots/generic-arm32/usr/include/openssl/bn.h
+++ b/sysroots/generic-arm32/usr/include/openssl/bn.h
@@ -136,7 +136,16 @@
// BN provides support for working with arbitrary sized integers. For example,
// although the largest integer supported by the compiler might be 64 bits, BN
-// will allow you to work with numbers until you run out of memory.
+// will allow you to work with much larger numbers.
+//
+// This library is developed for use inside BoringSSL, and uses implementation
+// strategies that may not be ideal for other applications. Non-cryptographic
+// uses should use a more general-purpose integer library, especially if
+// performance-sensitive.
+//
+// Many functions in BN scale quadratically or higher in the bit length of their
+// input. Callers at this layer are assumed to have capped input sizes within
+// their performance tolerances.
// BN_ULONG is the native word size when working with big integers.
@@ -205,6 +214,10 @@
// BN_num_bytes returns the minimum number of bytes needed to represent the
// absolute value of |bn|.
+//
+// While |size_t| is the preferred type for byte counts, callers can assume that
+// |BIGNUM|s are bounded such that this value, and its corresponding bit count,
+// will always fit in |int|.
OPENSSL_EXPORT unsigned BN_num_bytes(const BIGNUM *bn);
// BN_zero sets |bn| to zero.
@@ -280,6 +293,10 @@
// BN_bn2dec returns an allocated string that contains a NUL-terminated,
// decimal representation of |bn|. If |bn| is negative, the first char in the
// resulting string will be '-'. Returns NULL on allocation failure.
+//
+// Converting an arbitrarily large integer to decimal is quadratic in the bit
+// length of |a|. This function assumes the caller has capped the input within
+// performance tolerances.
OPENSSL_EXPORT char *BN_bn2dec(const BIGNUM *a);
// BN_dec2bn parses the leading decimal number from |in|, which may be
@@ -288,6 +305,10 @@
// decimal number and stores it in |*outp|. If |*outp| is NULL then it
// allocates a new BIGNUM and updates |*outp|. It returns the number of bytes
// of |in| processed or zero on error.
+//
+// Converting an arbitrarily large integer to decimal is quadratic in the bit
+// length of |a|. This function assumes the caller has capped the input within
+// performance tolerances.
OPENSSL_EXPORT int BN_dec2bn(BIGNUM **outp, const char *in);
// BN_asc2bn acts like |BN_dec2bn| or |BN_hex2bn| depending on whether |in|
@@ -681,6 +702,9 @@
// the callback, or 1 if |callback| is NULL.
OPENSSL_EXPORT int BN_GENCB_call(BN_GENCB *callback, int event, int n);
+// BN_GENCB_get_arg returns |callback->arg|.
+OPENSSL_EXPORT void *BN_GENCB_get_arg(const BN_GENCB *callback);
+
// BN_generate_prime_ex sets |ret| to a prime number of |bits| length. If safe
// is non-zero then the prime will be such that (ret-1)/2 is also a prime.
// (This is needed for Diffie-Hellman groups to ensure that the only subgroups
@@ -810,8 +834,9 @@
// Note this function may incorrectly report |a| has no inverse if the random
// blinding value has no inverse. It should only be used when |n| has few
// non-invertible elements, such as an RSA modulus.
-int BN_mod_inverse_blinded(BIGNUM *out, int *out_no_inverse, const BIGNUM *a,
- const BN_MONT_CTX *mont, BN_CTX *ctx);
+OPENSSL_EXPORT int BN_mod_inverse_blinded(BIGNUM *out, int *out_no_inverse,
+ const BIGNUM *a,
+ const BN_MONT_CTX *mont, BN_CTX *ctx);
// BN_mod_inverse_odd sets |out| equal to |a|^-1, mod |n|. |a| must be
// non-negative and must be less than |n|. |n| must be odd. This function
@@ -849,15 +874,6 @@
OPENSSL_EXPORT BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,
const BN_MONT_CTX *from);
-// BN_MONT_CTX_set_locked takes |lock| and checks whether |*pmont| is NULL. If
-// so, it creates a new |BN_MONT_CTX| and sets the modulus for it to |mod|. It
-// then stores it as |*pmont|. It returns one on success and zero on error. Note
-// this function assumes |mod| is public.
-//
-// If |*pmont| is already non-NULL then it does nothing and returns one.
-int BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, CRYPTO_MUTEX *lock,
- const BIGNUM *mod, BN_CTX *bn_ctx);
-
// BN_to_montgomery sets |ret| equal to |a| in the Montgomery domain. |a| is
// assumed to be in the range [0, n), where |n| is the Montgomery modulus. It
// returns one on success or zero on error.
@@ -964,6 +980,9 @@
// conservative.)
#define BN_prime_checks BN_prime_checks_for_validation
+// BN_secure_new calls |BN_new|.
+OPENSSL_EXPORT BIGNUM *BN_secure_new(void);
+
// Private functions
diff --git a/sysroots/generic-arm32/usr/include/openssl/bytestring.h b/sysroots/generic-arm32/usr/include/openssl/bytestring.h
index 68c1ba4..33e13ef 100644
--- a/sysroots/generic-arm32/usr/include/openssl/bytestring.h
+++ b/sysroots/generic-arm32/usr/include/openssl/bytestring.h
@@ -18,6 +18,7 @@
#include <openssl/base.h>
#include <openssl/span.h>
+#include <time.h>
#if defined(__cplusplus)
extern "C" {
@@ -159,6 +160,13 @@
// one. Otherwise, it returns zero and leaves |cbs| unmodified.
OPENSSL_EXPORT int CBS_get_until_first(CBS *cbs, CBS *out, uint8_t c);
+// CBS_get_u64_decimal reads a decimal integer from |cbs| and writes it to
+// |*out|. It stops reading at the end of the string, or the first non-digit
+// character. It returns one on success and zero on error. This function behaves
+// analogously to |strtoul| except it does not accept empty inputs, leading
+// zeros, or negative values.
+OPENSSL_EXPORT int CBS_get_u64_decimal(CBS *cbs, uint64_t *out);
+
// Parsing ASN.1
//
@@ -168,8 +176,8 @@
// SEQUENCE, branching on CHOICEs or OPTIONAL fields, checking for trailing
// data, and handling explict vs. implicit tagging.
//
-// Tags are represented as |unsigned| values in memory. The upper few bits store
-// the class and constructed bit, and the remaining bits store the tag
+// Tags are represented as |CBS_ASN1_TAG| values in memory. The upper few bits
+// store the class and constructed bit, and the remaining bits store the tag
// number. Note this differs from the DER serialization, to support tag numbers
// beyond 31. Consumers must use the constants defined below to decompose or
// assemble tags.
@@ -230,31 +238,33 @@
// including tag and length bytes) and advances |cbs| over it. The ASN.1
// element must match |tag_value|. It returns one on success and zero
// on error.
-OPENSSL_EXPORT int CBS_get_asn1(CBS *cbs, CBS *out, unsigned tag_value);
+OPENSSL_EXPORT int CBS_get_asn1(CBS *cbs, CBS *out, CBS_ASN1_TAG tag_value);
// CBS_get_asn1_element acts like |CBS_get_asn1| but |out| will include the
// ASN.1 header bytes too.
-OPENSSL_EXPORT int CBS_get_asn1_element(CBS *cbs, CBS *out, unsigned tag_value);
+OPENSSL_EXPORT int CBS_get_asn1_element(CBS *cbs, CBS *out,
+ CBS_ASN1_TAG tag_value);
// CBS_peek_asn1_tag looks ahead at the next ASN.1 tag and returns one
// if the next ASN.1 element on |cbs| would have tag |tag_value|. If
// |cbs| is empty or the tag does not match, it returns zero. Note: if
// it returns one, CBS_get_asn1 may still fail if the rest of the
// element is malformed.
-OPENSSL_EXPORT int CBS_peek_asn1_tag(const CBS *cbs, unsigned tag_value);
+OPENSSL_EXPORT int CBS_peek_asn1_tag(const CBS *cbs, CBS_ASN1_TAG tag_value);
// CBS_get_any_asn1 sets |*out| to contain the next ASN.1 element from |*cbs|
// (not including tag and length bytes), sets |*out_tag| to the tag number, and
// advances |*cbs|. It returns one on success and zero on error. Either of |out|
// and |out_tag| may be NULL to ignore the value.
-OPENSSL_EXPORT int CBS_get_any_asn1(CBS *cbs, CBS *out, unsigned *out_tag);
+OPENSSL_EXPORT int CBS_get_any_asn1(CBS *cbs, CBS *out,
+ CBS_ASN1_TAG *out_tag);
// CBS_get_any_asn1_element sets |*out| to contain the next ASN.1 element from
// |*cbs| (including header bytes) and advances |*cbs|. It sets |*out_tag| to
// the tag number and |*out_header_len| to the length of the ASN.1 header. Each
// of |out|, |out_tag|, and |out_header_len| may be NULL to ignore the value.
OPENSSL_EXPORT int CBS_get_any_asn1_element(CBS *cbs, CBS *out,
- unsigned *out_tag,
+ CBS_ASN1_TAG *out_tag,
size_t *out_header_len);
// CBS_get_any_ber_asn1_element acts the same as |CBS_get_any_asn1_element| but
@@ -270,7 +280,7 @@
// element. Callers parsing indefinite-length encoding must check for EOC
// separately.
OPENSSL_EXPORT int CBS_get_any_ber_asn1_element(CBS *cbs, CBS *out,
- unsigned *out_tag,
+ CBS_ASN1_TAG *out_tag,
size_t *out_header_len,
int *out_ber_found,
int *out_indefinite);
@@ -296,7 +306,7 @@
// one, otherwise zero. It returns one on success, whether or not the element
// was present, and zero on decode failure.
OPENSSL_EXPORT int CBS_get_optional_asn1(CBS *cbs, CBS *out, int *out_present,
- unsigned tag);
+ CBS_ASN1_TAG tag);
// CBS_get_optional_asn1_octet_string gets an optional
// explicitly-tagged OCTET STRING from |cbs|. If present, it sets
@@ -306,7 +316,7 @@
// present, and zero on decode failure.
OPENSSL_EXPORT int CBS_get_optional_asn1_octet_string(CBS *cbs, CBS *out,
int *out_present,
- unsigned tag);
+ CBS_ASN1_TAG tag);
// CBS_get_optional_asn1_uint64 gets an optional explicitly-tagged
// INTEGER from |cbs|. If present, it sets |*out| to the
@@ -314,7 +324,7 @@
// on success, whether or not the element was present, and zero on
// decode failure.
OPENSSL_EXPORT int CBS_get_optional_asn1_uint64(CBS *cbs, uint64_t *out,
- unsigned tag,
+ CBS_ASN1_TAG tag,
uint64_t default_value);
// CBS_get_optional_asn1_bool gets an optional, explicitly-tagged BOOLEAN from
@@ -322,7 +332,8 @@
// boolean. Otherwise, it sets |*out| to |default_value|. It returns one on
// success, whether or not the element was present, and zero on decode
// failure.
-OPENSSL_EXPORT int CBS_get_optional_asn1_bool(CBS *cbs, int *out, unsigned tag,
+OPENSSL_EXPORT int CBS_get_optional_asn1_bool(CBS *cbs, int *out,
+ CBS_ASN1_TAG tag,
int default_value);
// CBS_is_valid_asn1_bitstring returns one if |cbs| is a valid ASN.1 BIT STRING
@@ -345,14 +356,42 @@
// ASN.1 INTEGER body and zero otherwise.
OPENSSL_EXPORT int CBS_is_unsigned_asn1_integer(const CBS *cbs);
+// CBS_is_valid_asn1_oid returns one if |cbs| is a valid DER-encoded ASN.1
+// OBJECT IDENTIFIER contents (not including the element framing) and zero
+// otherwise. This function tolerates arbitrarily large OID components.
+OPENSSL_EXPORT int CBS_is_valid_asn1_oid(const CBS *cbs);
+
// CBS_asn1_oid_to_text interprets |cbs| as DER-encoded ASN.1 OBJECT IDENTIFIER
// contents (not including the element framing) and returns the ASCII
// representation (e.g., "1.2.840.113554.4.1.72585") in a newly-allocated
// string, or NULL on failure. The caller must release the result with
// |OPENSSL_free|.
+//
+// This function may fail if |cbs| is an invalid OBJECT IDENTIFIER, or if any
+// OID components are too large.
OPENSSL_EXPORT char *CBS_asn1_oid_to_text(const CBS *cbs);
+// CBS_parse_generalized_time returns one if |cbs| is a valid DER-encoded, ASN.1
+// GeneralizedTime body within the limitations imposed by RFC 5280, or zero
+// otherwise. If |allow_timezone_offset| is non-zero, four-digit timezone
+// offsets, which would not be allowed by DER, are permitted. On success, if
+// |out_tm| is non-NULL, |*out_tm| will be zeroed, and then set to the
+// corresponding time in UTC. This function does not compute |out_tm->tm_wday|
+// or |out_tm->tm_yday|.
+OPENSSL_EXPORT int CBS_parse_generalized_time(const CBS *cbs, struct tm *out_tm,
+ int allow_timezone_offset);
+
+// CBS_parse_utc_time returns one if |cbs| is a valid DER-encoded, ASN.1
+// UTCTime body within the limitations imposed by RFC 5280, or zero otherwise.
+// If |allow_timezone_offset| is non-zero, four-digit timezone offsets, which
+// would not be allowed by DER, are permitted. On success, if |out_tm| is
+// non-NULL, |*out_tm| will be zeroed, and then set to the corresponding time
+// in UTC. This function does not compute |out_tm->tm_wday| or
+// |out_tm->tm_yday|.
+OPENSSL_EXPORT int CBS_parse_utc_time(const CBS *cbs, struct tm *out_tm,
+ int allow_timezone_offset);
+
// CRYPTO ByteBuilder.
//
// |CBB| objects allow one to build length-prefixed serialisations. A |CBB|
@@ -370,28 +409,40 @@
struct cbb_buffer_st {
uint8_t *buf;
- size_t len; // The number of valid bytes.
- size_t cap; // The size of buf.
- char can_resize; /* One iff |buf| is owned by this object. If not then |buf|
- cannot be resized. */
- char error; /* One iff there was an error writing to this CBB. All future
- operations will fail. */
+ // len is the number of valid bytes in |buf|.
+ size_t len;
+ // cap is the size of |buf|.
+ size_t cap;
+ // can_resize is one iff |buf| is owned by this object. If not then |buf|
+ // cannot be resized.
+ unsigned can_resize : 1;
+ // error is one if there was an error writing to this CBB. All future
+ // operations will fail.
+ unsigned error : 1;
};
-struct cbb_st {
+struct cbb_child_st {
+ // base is a pointer to the buffer this |CBB| writes to.
struct cbb_buffer_st *base;
- // child points to a child CBB if a length-prefix is pending.
- CBB *child;
// offset is the number of bytes from the start of |base->buf| to this |CBB|'s
// pending length prefix.
size_t offset;
// pending_len_len contains the number of bytes in this |CBB|'s pending
// length-prefix, or zero if no length-prefix is pending.
uint8_t pending_len_len;
- char pending_is_asn1;
- // is_child is true iff this is a child |CBB| (as opposed to a top-level
- // |CBB|). Top-level objects are valid arguments for |CBB_finish|.
+ unsigned pending_is_asn1 : 1;
+};
+
+struct cbb_st {
+ // child points to a child CBB if a length-prefix is pending.
+ CBB *child;
+ // is_child is one if this is a child |CBB| and zero if it is a top-level
+ // |CBB|. This determines which arm of the union is valid.
char is_child;
+ union {
+ struct cbb_buffer_st base;
+ struct cbb_child_st child;
+ } u;
};
// CBB_zero sets an uninitialised |cbb| to the zero state. It must be
@@ -407,7 +458,8 @@
// CBB_init_fixed initialises |cbb| to write to |len| bytes at |buf|. Since
// |buf| cannot grow, trying to write more than |len| bytes will cause CBB
-// functions to fail. It returns one on success or zero on error.
+// functions to fail. This function is infallible and always returns one. It is
+// safe, but not necessary, to call |CBB_cleanup| on |cbb|.
OPENSSL_EXPORT int CBB_init_fixed(CBB *cbb, uint8_t *buf, size_t len);
// CBB_cleanup frees all resources owned by |cbb| and other |CBB| objects
@@ -468,7 +520,7 @@
// CBB_add_asn1 sets |*out_contents| to a |CBB| into which the contents of an
// ASN.1 object can be written. The |tag| argument will be used as the tag for
// the object. It returns one on success or zero on error.
-OPENSSL_EXPORT int CBB_add_asn1(CBB *cbb, CBB *out_contents, unsigned tag);
+OPENSSL_EXPORT int CBB_add_asn1(CBB *cbb, CBB *out_contents, CBS_ASN1_TAG tag);
// CBB_add_bytes appends |len| bytes from |data| to |cbb|. It returns one on
// success and zero otherwise.
@@ -536,11 +588,23 @@
// error.
OPENSSL_EXPORT int CBB_add_asn1_uint64(CBB *cbb, uint64_t value);
+// CBB_add_asn1_uint64_with_tag behaves like |CBB_add_asn1_uint64| but uses
+// |tag| as the tag instead of INTEGER. This is useful if the INTEGER type uses
+// implicit tagging.
+OPENSSL_EXPORT int CBB_add_asn1_uint64_with_tag(CBB *cbb, uint64_t value,
+ CBS_ASN1_TAG tag);
+
// CBB_add_asn1_int64 writes an ASN.1 INTEGER into |cbb| using |CBB_add_asn1|
// and writes |value| in its contents. It returns one on success and zero on
// error.
OPENSSL_EXPORT int CBB_add_asn1_int64(CBB *cbb, int64_t value);
+// CBB_add_asn1_int64_with_tag behaves like |CBB_add_asn1_int64| but uses |tag|
+// as the tag instead of INTEGER. This is useful if the INTEGER type uses
+// implicit tagging.
+OPENSSL_EXPORT int CBB_add_asn1_int64_with_tag(CBB *cbb, int64_t value,
+ CBS_ASN1_TAG tag);
+
// CBB_add_asn1_octet_string writes an ASN.1 OCTET STRING into |cbb| with the
// given contents. It returns one on success and zero on error.
OPENSSL_EXPORT int CBB_add_asn1_octet_string(CBB *cbb, const uint8_t *data,
diff --git a/sysroots/generic-arm32/usr/include/openssl/cipher.h b/sysroots/generic-arm32/usr/include/openssl/cipher.h
index 2458847..310d7c2 100644
--- a/sysroots/generic-arm32/usr/include/openssl/cipher.h
+++ b/sysroots/generic-arm32/usr/include/openssl/cipher.h
@@ -174,6 +174,11 @@
// of output bytes may be up to |in_len| plus the block length minus one and
// |out| must have sufficient space. The number of bytes actually output is
// written to |*out_len|. It returns one on success and zero otherwise.
+//
+// If |ctx| is an AEAD cipher, e.g. |EVP_aes_128_gcm|, and |out| is NULL, this
+// function instead adds |in_len| bytes from |in| to the AAD and sets |*out_len|
+// to |in_len|. The AAD must be fully specified in this way before this function
+// is used to encrypt plaintext.
OPENSSL_EXPORT int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, uint8_t *out,
int *out_len, const uint8_t *in,
int in_len);
@@ -191,6 +196,11 @@
// output bytes may be up to |in_len| plus the block length minus one and |out|
// must have sufficient space. The number of bytes actually output is written
// to |*out_len|. It returns one on success and zero otherwise.
+//
+// If |ctx| is an AEAD cipher, e.g. |EVP_aes_128_gcm|, and |out| is NULL, this
+// function instead adds |in_len| bytes from |in| to the AAD and sets |*out_len|
+// to |in_len|. The AAD must be fully specified in this way before this function
+// is used to decrypt ciphertext.
OPENSSL_EXPORT int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, uint8_t *out,
int *out_len, const uint8_t *in,
int in_len);
@@ -204,24 +214,6 @@
OPENSSL_EXPORT int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, uint8_t *out,
int *out_len);
-// EVP_Cipher performs a one-shot encryption/decryption operation. No partial
-// blocks are maintained between calls. However, any internal cipher state is
-// still updated. For CBC-mode ciphers, the IV is updated to the final
-// ciphertext block. For stream ciphers, the stream is advanced past the bytes
-// used. It returns one on success and zero otherwise, unless |EVP_CIPHER_flags|
-// has |EVP_CIPH_FLAG_CUSTOM_CIPHER| set. Then it returns the number of bytes
-// written or -1 on error.
-//
-// WARNING: this differs from the usual return value convention when using
-// |EVP_CIPH_FLAG_CUSTOM_CIPHER|.
-//
-// TODO(davidben): The normal ciphers currently never fail, even if, e.g.,
-// |in_len| is not a multiple of the block size for CBC-mode decryption. The
-// input just gets rounded up while the output gets truncated. This should
-// either be officially documented or fail.
-OPENSSL_EXPORT int EVP_Cipher(EVP_CIPHER_CTX *ctx, uint8_t *out,
- const uint8_t *in, size_t in_len);
-
// EVP_CipherUpdate calls either |EVP_EncryptUpdate| or |EVP_DecryptUpdate|
// depending on how |ctx| has been setup.
OPENSSL_EXPORT int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, uint8_t *out,
@@ -349,6 +341,12 @@
#define EVP_CIPH_GCM_MODE 0x6
#define EVP_CIPH_XTS_MODE 0x7
+// The following values are never returned from |EVP_CIPHER_mode| and are
+// included only to make it easier to compile code with BoringSSL.
+#define EVP_CIPH_CCM_MODE 0x8
+#define EVP_CIPH_OCB_MODE 0x9
+#define EVP_CIPH_WRAP_MODE 0xa
+
// Cipher flags (for |EVP_CIPHER_flags|).
@@ -420,6 +418,30 @@
OPENSSL_EXPORT int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, uint8_t *out,
int *out_len);
+// EVP_Cipher historically exposed an internal implementation detail of |ctx|
+// and should not be used. Use |EVP_CipherUpdate| and |EVP_CipherFinal_ex|
+// instead.
+//
+// If |ctx|'s cipher does not have the |EVP_CIPH_FLAG_CUSTOM_CIPHER| flag, it
+// encrypts or decrypts |in_len| bytes from |in| and writes the resulting
+// |in_len| bytes to |out|. It returns one on success and zero on error.
+// |in_len| must be a multiple of the cipher's block size, or the behavior is
+// undefined.
+//
+// TODO(davidben): Rather than being undefined (it'll often round the length up
+// and likely read past the buffer), just fail the operation.
+//
+// If |ctx|'s cipher has the |EVP_CIPH_FLAG_CUSTOM_CIPHER| flag, it runs in one
+// of two modes: If |in| is non-NULL, it behaves like |EVP_CipherUpdate|. If
+// |in| is NULL, it behaves like |EVP_CipherFinal_ex|. In both cases, it returns
+// |*out_len| on success and -1 on error.
+//
+// WARNING: The two possible calling conventions of this function signal errors
+// incompatibly. In the first, zero indicates an error. In the second, zero
+// indicates success with zero bytes of output.
+OPENSSL_EXPORT int EVP_Cipher(EVP_CIPHER_CTX *ctx, uint8_t *out,
+ const uint8_t *in, size_t in_len);
+
// EVP_add_cipher_alias does nothing and returns one.
OPENSSL_EXPORT int EVP_add_cipher_alias(const char *a, const char *b);
@@ -433,6 +455,12 @@
// These AEADs are deprecated AES-GCM implementations that set
// |EVP_CIPH_FLAG_CUSTOM_CIPHER|. Use |EVP_aead_aes_128_gcm| and
// |EVP_aead_aes_256_gcm| instead.
+//
+// WARNING: Although these APIs allow streaming an individual AES-GCM operation,
+// this is not secure. Until calling |EVP_DecryptFinal_ex|, the tag has not yet
+// been checked and output released by |EVP_DecryptUpdate| is unauthenticated
+// and easily manipulated by attackers. Callers must buffer the output and may
+// not act on it until the entire operation is complete.
OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_128_gcm(void);
OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_gcm(void);
@@ -484,9 +512,6 @@
// The following flags do nothing and are included only to make it easier to
// compile code with BoringSSL.
-#define EVP_CIPH_CCM_MODE (-1)
-#define EVP_CIPH_OCB_MODE (-2)
-#define EVP_CIPH_WRAP_MODE (-3)
#define EVP_CIPHER_CTX_FLAG_WRAP_ALLOW 0
// EVP_CIPHER_CTX_set_flags does nothing.
@@ -575,6 +600,9 @@
int final_used;
uint8_t final[EVP_MAX_BLOCK_LENGTH]; // possible final block
+
+ // Has this structure been rendered unusable by a failure.
+ int poisoned;
} /* EVP_CIPHER_CTX */;
typedef struct evp_cipher_info_st {
@@ -582,45 +610,6 @@
unsigned char iv[EVP_MAX_IV_LENGTH];
} EVP_CIPHER_INFO;
-struct evp_cipher_st {
- // type contains a NID identifing the cipher. (e.g. NID_aes_128_gcm.)
- int nid;
-
- // block_size contains the block size, in bytes, of the cipher, or 1 for a
- // stream cipher.
- unsigned block_size;
-
- // key_len contains the key size, in bytes, for the cipher. If the cipher
- // takes a variable key size then this contains the default size.
- unsigned key_len;
-
- // iv_len contains the IV size, in bytes, or zero if inapplicable.
- unsigned iv_len;
-
- // ctx_size contains the size, in bytes, of the per-key context for this
- // cipher.
- unsigned ctx_size;
-
- // flags contains the OR of a number of flags. See |EVP_CIPH_*|.
- uint32_t flags;
-
- // app_data is a pointer to opaque, user data.
- void *app_data;
-
- int (*init)(EVP_CIPHER_CTX *ctx, const uint8_t *key, const uint8_t *iv,
- int enc);
-
- int (*cipher)(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in,
- size_t inl);
-
- // cleanup, if non-NULL, releases memory associated with the context. It is
- // called if |EVP_CTRL_INIT| succeeds. Note that |init| may not have been
- // called at this point.
- void (*cleanup)(EVP_CIPHER_CTX *);
-
- int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr);
-};
-
#if defined(__cplusplus)
} // extern C
diff --git a/sysroots/generic-arm32/usr/include/openssl/conf.h b/sysroots/generic-arm32/usr/include/openssl/conf.h
index 6890c7d..908c16e 100644
--- a/sysroots/generic-arm32/usr/include/openssl/conf.h
+++ b/sysroots/generic-arm32/usr/include/openssl/conf.h
@@ -110,8 +110,8 @@
// NCONF_get_section returns a stack of values for a given section in |conf|.
// If |section| is NULL, the default section is returned. It returns NULL on
// error.
-OPENSSL_EXPORT STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
- const char *section);
+OPENSSL_EXPORT const STACK_OF(CONF_VALUE) *NCONF_get_section(
+ const CONF *conf, const char *section);
// NCONF_get_string returns the value of the key |name|, in section |section|.
// The |section| argument may be NULL to indicate the default section. It
@@ -121,19 +121,6 @@
const char *name);
-// Utility functions
-
-// CONF_parse_list takes a list separated by 'sep' and calls |list_cb| giving
-// the start and length of each member, optionally stripping leading and
-// trailing whitespace. This can be used to parse comma separated lists for
-// example. If |list_cb| returns <= 0, then the iteration is halted and that
-// value is returned immediately. Otherwise it returns one. Note that |list_cb|
-// may be called on an empty member.
-int CONF_parse_list(const char *list, char sep, int remove_whitespace,
- int (*list_cb)(const char *elem, int len, void *usr),
- void *arg);
-
-
// Deprecated functions
// These defines do nothing but are provided to make old code easier to
diff --git a/sysroots/generic-arm32/usr/include/openssl/crypto.h b/sysroots/generic-arm32/usr/include/openssl/crypto.h
index b1f696f..171ac43 100644
--- a/sysroots/generic-arm32/usr/include/openssl/crypto.h
+++ b/sysroots/generic-arm32/usr/include/openssl/crypto.h
@@ -75,10 +75,6 @@
#if defined(OPENSSL_ARM) && defined(OPENSSL_LINUX) && \
!defined(OPENSSL_STATIC_ARMCAP)
-// CRYPTO_has_broken_NEON returns one if the current CPU is known to have a
-// broken NEON unit. See https://crbug.com/341598.
-OPENSSL_EXPORT int CRYPTO_has_broken_NEON(void);
-
// CRYPTO_needs_hwcap2_workaround returns one if the ARMv8 AArch32 AT_HWCAP2
// workaround was needed. See https://crbug.com/boringssl/46.
OPENSSL_EXPORT int CRYPTO_needs_hwcap2_workaround(void);
@@ -193,6 +189,12 @@
// the current BoringSSL and zero otherwise.
OPENSSL_EXPORT int FIPS_query_algorithm_status(const char *algorithm);
+#if defined(OPENSSL_ARM) && defined(OPENSSL_LINUX) && \
+ !defined(OPENSSL_STATIC_ARMCAP)
+// CRYPTO_has_broken_NEON returns zero.
+OPENSSL_EXPORT int CRYPTO_has_broken_NEON(void);
+#endif
+
#if defined(__cplusplus)
} // extern C
diff --git a/sysroots/generic-arm32/usr/include/openssl/ctrdrbg.h b/sysroots/generic-arm32/usr/include/openssl/ctrdrbg.h
index 62afe0c..5440fb4 100644
--- a/sysroots/generic-arm32/usr/include/openssl/ctrdrbg.h
+++ b/sysroots/generic-arm32/usr/include/openssl/ctrdrbg.h
@@ -71,6 +71,12 @@
#if defined(__cplusplus)
} // extern C
+
+extern "C++" {
+BSSL_NAMESPACE_BEGIN
+BORINGSSL_MAKE_DELETER(CTR_DRBG_STATE, CTR_DRBG_free)
+BSSL_NAMESPACE_END
+} // extern C++
#endif
#endif // OPENSSL_HEADER_CTRDRBG_H
diff --git a/sysroots/generic-arm32/usr/include/openssl/dh.h b/sysroots/generic-arm32/usr/include/openssl/dh.h
index 21c9623..660627d 100644
--- a/sysroots/generic-arm32/usr/include/openssl/dh.h
+++ b/sysroots/generic-arm32/usr/include/openssl/dh.h
@@ -89,6 +89,9 @@
// Properties.
+// DH_bits returns the size of |dh|'s group modulus, in bits.
+OPENSSL_EXPORT unsigned DH_bits(const DH *dh);
+
// DH_get0_pub_key returns |dh|'s public key.
OPENSSL_EXPORT const BIGNUM *DH_get0_pub_key(const DH *dh);
@@ -134,15 +137,40 @@
// Standard parameters.
+// DH_get_rfc7919_2048 returns the group `ffdhe2048` from
+// https://tools.ietf.org/html/rfc7919#appendix-A.1. It returns NULL if out
+// of memory.
+OPENSSL_EXPORT DH *DH_get_rfc7919_2048(void);
+
// BN_get_rfc3526_prime_1536 sets |*ret| to the 1536-bit MODP group from RFC
// 3526 and returns |ret|. If |ret| is NULL then a fresh |BIGNUM| is allocated
// and returned. It returns NULL on allocation failure.
OPENSSL_EXPORT BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *ret);
-// DH_get_rfc7919_2048 returns the group `ffdhe2048` from
-// https://tools.ietf.org/html/rfc7919#appendix-A.1. It returns NULL if out
-// of memory.
-OPENSSL_EXPORT DH *DH_get_rfc7919_2048(void);
+// BN_get_rfc3526_prime_2048 sets |*ret| to the 2048-bit MODP group from RFC
+// 3526 and returns |ret|. If |ret| is NULL then a fresh |BIGNUM| is allocated
+// and returned. It returns NULL on allocation failure.
+OPENSSL_EXPORT BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *ret);
+
+// BN_get_rfc3526_prime_3072 sets |*ret| to the 3072-bit MODP group from RFC
+// 3526 and returns |ret|. If |ret| is NULL then a fresh |BIGNUM| is allocated
+// and returned. It returns NULL on allocation failure.
+OPENSSL_EXPORT BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *ret);
+
+// BN_get_rfc3526_prime_4096 sets |*ret| to the 4096-bit MODP group from RFC
+// 3526 and returns |ret|. If |ret| is NULL then a fresh |BIGNUM| is allocated
+// and returned. It returns NULL on allocation failure.
+OPENSSL_EXPORT BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *ret);
+
+// BN_get_rfc3526_prime_6144 sets |*ret| to the 6144-bit MODP group from RFC
+// 3526 and returns |ret|. If |ret| is NULL then a fresh |BIGNUM| is allocated
+// and returned. It returns NULL on allocation failure.
+OPENSSL_EXPORT BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *ret);
+
+// BN_get_rfc3526_prime_8192 sets |*ret| to the 8192-bit MODP group from RFC
+// 3526 and returns |ret|. If |ret| is NULL then a fresh |BIGNUM| is allocated
+// and returned. It returns NULL on allocation failure.
+OPENSSL_EXPORT BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *ret);
// Parameter generation.
@@ -216,7 +244,6 @@
#define DH_CHECK_NOT_SUITABLE_GENERATOR 0x08
#define DH_CHECK_Q_NOT_PRIME 0x10
#define DH_CHECK_INVALID_Q_VALUE 0x20
-#define DH_CHECK_INVALID_J_VALUE 0x40
// These are compatibility defines.
#define DH_NOT_SUITABLE_GENERATOR DH_CHECK_NOT_SUITABLE_GENERATOR
@@ -302,31 +329,6 @@
DH *dh);
-struct dh_st {
- BIGNUM *p;
- BIGNUM *g;
- BIGNUM *pub_key; // g^x mod p
- BIGNUM *priv_key; // x
-
- // priv_length contains the length, in bits, of the private value. If zero,
- // the private value will be the same length as |p|.
- unsigned priv_length;
-
- CRYPTO_MUTEX method_mont_p_lock;
- BN_MONT_CTX *method_mont_p;
-
- // Place holders if we want to do X9.42 DH
- BIGNUM *q;
- BIGNUM *j;
- unsigned char *seed;
- int seedlen;
- BIGNUM *counter;
-
- int flags;
- CRYPTO_refcount_t references;
-};
-
-
#if defined(__cplusplus)
} // extern C
diff --git a/sysroots/generic-arm32/usr/include/openssl/dsa.h b/sysroots/generic-arm32/usr/include/openssl/dsa.h
index e6ddce6..30afd43 100644
--- a/sysroots/generic-arm32/usr/include/openssl/dsa.h
+++ b/sysroots/generic-arm32/usr/include/openssl/dsa.h
@@ -94,6 +94,9 @@
// Properties.
+// DSA_bits returns the size of |dsa|'s group modulus, in bits.
+OPENSSL_EXPORT unsigned DSA_bits(const DSA *dsa);
+
// DSA_get0_pub_key returns |dsa|'s public key.
OPENSSL_EXPORT const BIGNUM *DSA_get0_pub_key(const DSA *dsa);
@@ -439,5 +442,6 @@
#define DSA_R_DECODE_ERROR 105
#define DSA_R_ENCODE_ERROR 106
#define DSA_R_INVALID_PARAMETERS 107
+#define DSA_R_TOO_MANY_ITERATIONS 108
#endif // OPENSSL_HEADER_DSA_H
diff --git a/sysroots/generic-arm32/usr/include/openssl/ec.h b/sysroots/generic-arm32/usr/include/openssl/ec.h
index 8339bfb..dd5259b 100644
--- a/sysroots/generic-arm32/usr/include/openssl/ec.h
+++ b/sysroots/generic-arm32/usr/include/openssl/ec.h
@@ -253,13 +253,23 @@
BN_CTX *ctx);
// EC_POINT_point2oct serialises |point| into the X9.62 form given by |form|
-// into, at most, |len| bytes at |buf|. It returns the number of bytes written
-// or zero on error if |buf| is non-NULL, else the number of bytes needed. The
-// |ctx| argument may be used if not NULL.
+// into, at most, |max_out| bytes at |buf|. It returns the number of bytes
+// written or zero on error if |buf| is non-NULL, else the number of bytes
+// needed. The |ctx| argument may be used if not NULL.
OPENSSL_EXPORT size_t EC_POINT_point2oct(const EC_GROUP *group,
const EC_POINT *point,
point_conversion_form_t form,
- uint8_t *buf, size_t len, BN_CTX *ctx);
+ uint8_t *buf, size_t max_out,
+ BN_CTX *ctx);
+
+// EC_POINT_point2buf serialises |point| into the X9.62 form given by |form| to
+// a newly-allocated buffer and sets |*out_buf| to point to it. It returns the
+// length of the result on success or zero on error. The caller must release
+// |*out_buf| with |OPENSSL_free| when done.
+OPENSSL_EXPORT size_t EC_POINT_point2buf(const EC_GROUP *group,
+ const EC_POINT *point,
+ point_conversion_form_t form,
+ uint8_t **out_buf, BN_CTX *ctx);
// EC_POINT_point2cbb behaves like |EC_POINT_point2oct| but appends the
// serialised point to |cbb|. It returns one on success and zero on error.
@@ -309,6 +319,31 @@
const BIGNUM *m, BN_CTX *ctx);
+// Hash-to-curve.
+//
+// The following functions implement primitives from
+// draft-irtf-cfrg-hash-to-curve-16. The |dst| parameter in each function is the
+// domain separation tag and must be unique for each protocol and between the
+// |hash_to_curve| and |hash_to_scalar| variants. See section 3.1 of the spec
+// for additional guidance on this parameter.
+
+// EC_hash_to_curve_p256_xmd_sha256_sswu hashes |msg| to a point on |group| and
+// writes the result to |out|, implementing the P256_XMD:SHA-256_SSWU_RO_ suite
+// from draft-irtf-cfrg-hash-to-curve-16. It returns one on success and zero on
+// error.
+OPENSSL_EXPORT int EC_hash_to_curve_p256_xmd_sha256_sswu(
+ const EC_GROUP *group, EC_POINT *out, const uint8_t *dst, size_t dst_len,
+ const uint8_t *msg, size_t msg_len);
+
+// EC_hash_to_curve_p384_xmd_sha384_sswu hashes |msg| to a point on |group| and
+// writes the result to |out|, implementing the P384_XMD:SHA-384_SSWU_RO_ suite
+// from draft-irtf-cfrg-hash-to-curve-16. It returns one on success and zero on
+// error.
+OPENSSL_EXPORT int EC_hash_to_curve_p384_xmd_sha384_sswu(
+ const EC_GROUP *group, EC_POINT *out, const uint8_t *dst, size_t dst_len,
+ const uint8_t *msg, size_t msg_len);
+
+
// Deprecated functions.
// EC_GROUP_new_curve_GFp creates a new, arbitrary elliptic curve group based
diff --git a/sysroots/generic-arm32/usr/include/openssl/ec_key.h b/sysroots/generic-arm32/usr/include/openssl/ec_key.h
index 502bfc2..00986cf 100644
--- a/sysroots/generic-arm32/usr/include/openssl/ec_key.h
+++ b/sysroots/generic-arm32/usr/include/openssl/ec_key.h
@@ -179,12 +179,38 @@
const BIGNUM *x,
const BIGNUM *y);
-// EC_KEY_key2buf encodes the public key in |key| to an allocated octet string
-// and sets |*out_buf| to point to it. It returns the length of the encoded
-// octet string or zero if an error occurred.
+// EC_KEY_oct2key decodes |len| bytes from |in| as an EC public key in X9.62
+// form. |key| must already have a group configured. On success, it sets the
+// public key in |key| to the result and returns one. Otherwise, it returns
+// zero.
+OPENSSL_EXPORT int EC_KEY_oct2key(EC_KEY *key, const uint8_t *in, size_t len,
+ BN_CTX *ctx);
+
+// EC_KEY_key2buf behaves like |EC_POINT_point2buf|, except it encodes the
+// public key in |key|.
OPENSSL_EXPORT size_t EC_KEY_key2buf(const EC_KEY *key,
point_conversion_form_t form,
- unsigned char **out_buf, BN_CTX *ctx);
+ uint8_t **out_buf, BN_CTX *ctx);
+
+// EC_KEY_oct2priv decodes a big-endian, zero-padded integer from |len| bytes
+// from |in| and sets |key|'s private key to the result. It returns one on
+// success and zero on error. The input must be padded to the size of |key|'s
+// group order.
+OPENSSL_EXPORT int EC_KEY_oct2priv(EC_KEY *key, const uint8_t *in, size_t len);
+
+// EC_KEY_priv2oct serializes |key|'s private key as a big-endian integer,
+// zero-padded to the size of |key|'s group order and writes the result to at
+// most |max_out| bytes of |out|. It returns the number of bytes written on
+// success and zero on error. If |out| is NULL, it returns the number of bytes
+// needed without writing anything.
+OPENSSL_EXPORT size_t EC_KEY_priv2oct(const EC_KEY *key, uint8_t *out,
+ size_t max_out);
+
+// EC_KEY_priv2buf behaves like |EC_KEY_priv2oct| but sets |*out_buf| to a
+// newly-allocated buffer containing the result. It returns the size of the
+// result on success and zero on error. The caller must release |*out_buf| with
+// |OPENSSL_free| when done.
+OPENSSL_EXPORT size_t EC_KEY_priv2buf(const EC_KEY *key, uint8_t **out_buf);
// Key generation.
@@ -335,7 +361,7 @@
long len);
// i2o_ECPublicKey marshals an EC point from |key|, as described in
-// |i2d_SAMPLE|.
+// |i2d_SAMPLE|, except it returns zero on error instead of a negative value.
//
// Use |EC_POINT_point2cbb| instead.
OPENSSL_EXPORT int i2o_ECPublicKey(const EC_KEY *key, unsigned char **outp);
diff --git a/sysroots/generic-arm32/usr/include/openssl/ecdsa.h b/sysroots/generic-arm32/usr/include/openssl/ecdsa.h
index bc0dba5..56be154 100644
--- a/sysroots/generic-arm32/usr/include/openssl/ecdsa.h
+++ b/sysroots/generic-arm32/usr/include/openssl/ecdsa.h
@@ -232,5 +232,6 @@
#define ECDSA_R_NOT_IMPLEMENTED 103
#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
#define ECDSA_R_ENCODE_ERROR 105
+#define ECDSA_R_TOO_MANY_ITERATIONS 106
#endif // OPENSSL_HEADER_ECDSA_H
diff --git a/sysroots/generic-arm32/usr/include/openssl/err.h b/sysroots/generic-arm32/usr/include/openssl/err.h
index 28ba250..0ec71b1 100644
--- a/sysroots/generic-arm32/usr/include/openssl/err.h
+++ b/sysroots/generic-arm32/usr/include/openssl/err.h
@@ -163,12 +163,16 @@
// ERR_GET_LIB returns the library code for the error. This is one of
// the |ERR_LIB_*| values.
-#define ERR_GET_LIB(packed_error) ((int)(((packed_error) >> 24) & 0xff))
+OPENSSL_INLINE int ERR_GET_LIB(uint32_t packed_error) {
+ return (int)((packed_error >> 24) & 0xff);
+}
// ERR_GET_REASON returns the reason code for the error. This is one of
// library-specific |LIB_R_*| values where |LIB| is the library (see
// |ERR_GET_LIB|). Note that reason codes are specific to the library.
-#define ERR_GET_REASON(packed_error) ((int)((packed_error) & 0xfff))
+OPENSSL_INLINE int ERR_GET_REASON(uint32_t packed_error) {
+ return (int)(packed_error & 0xfff);
+}
// ERR_get_error gets the packed error code for the least recent error and
// removes that error from the queue. If there are no errors in the queue then
@@ -184,8 +188,12 @@
#define ERR_FLAG_STRING 1
// ERR_FLAG_MALLOCED is passed into |ERR_set_error_data| to indicate that |data|
-// was allocated with |OPENSSL_malloc|. It is never returned from
-// |ERR_get_error_line_data|.
+// was allocated with |OPENSSL_malloc|.
+//
+// It is, separately, returned in |*flags| from |ERR_get_error_line_data| to
+// indicate that |*data| has a non-static lifetime, but this lifetime is still
+// managed by the library. The caller must not call |OPENSSL_free| or |free| on
+// |data|.
#define ERR_FLAG_MALLOCED 2
// ERR_get_error_line_data acts like |ERR_get_error_line|, but also returns the
@@ -411,7 +419,10 @@
#define ERR_ERROR_STRING_BUF_LEN 120
// ERR_GET_FUNC returns zero. BoringSSL errors do not report a function code.
-#define ERR_GET_FUNC(packed_error) 0
+OPENSSL_INLINE int ERR_GET_FUNC(uint32_t packed_error) {
+ (void)packed_error;
+ return 0;
+}
// ERR_TXT_* are provided for compatibility with code that assumes that it's
// using OpenSSL.
diff --git a/sysroots/generic-arm32/usr/include/openssl/evp.h b/sysroots/generic-arm32/usr/include/openssl/evp.h
index e195907..00ae4f5 100644
--- a/sysroots/generic-arm32/usr/include/openssl/evp.h
+++ b/sysroots/generic-arm32/usr/include/openssl/evp.h
@@ -178,6 +178,7 @@
#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
#define EVP_PKEY_ED25519 NID_ED25519
#define EVP_PKEY_X25519 NID_X25519
+#define EVP_PKEY_HKDF NID_hkdf
// EVP_PKEY_assign sets the underlying key of |pkey| to |key|, which must be of
// the given type. It returns one if successful or zero if the |type| argument
@@ -665,11 +666,11 @@
// success and zero on error.
OPENSSL_EXPORT int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
-// EVP_PKEY_derive derives a shared key between the two keys configured in
-// |ctx|. If |key| is non-NULL then, on entry, |out_key_len| must contain the
-// amount of space at |key|. If sufficient then the shared key will be written
-// to |key| and |*out_key_len| will be set to the length. If |key| is NULL then
-// |out_key_len| will be set to the maximum length.
+// EVP_PKEY_derive derives a shared key from |ctx|. If |key| is non-NULL then,
+// on entry, |out_key_len| must contain the amount of space at |key|. If
+// sufficient then the shared key will be written to |key| and |*out_key_len|
+// will be set to the length. If |key| is NULL then |out_key_len| will be set to
+// the maximum length.
//
// WARNING: Setting |out| to NULL only gives the maximum size of the key. The
// actual key may be smaller.
@@ -935,7 +936,10 @@
// EVP_PKEY_set1_tls_encodedpoint replaces |pkey| with a public key encoded by
// |in|. It returns one on success and zero on error.
//
-// This function only works on X25519 keys.
+// If |pkey| is an EC key, the format is an X9.62 point and |pkey| must already
+// have an EC group configured. If it is an X25519 key, it is the 32-byte X25519
+// public key representation. This function is not supported for other key types
+// and will fail.
OPENSSL_EXPORT int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey,
const uint8_t *in,
size_t len);
@@ -945,7 +949,10 @@
// |OPENSSL_free| to release this buffer. The function returns the length of the
// buffer on success and zero on error.
//
-// This function only works on X25519 keys.
+// If |pkey| is an EC key, the format is an X9.62 point with uncompressed
+// coordinates. If it is an X25519 key, it is the 32-byte X25519 public key
+// representation. This function is not supported for other key types and will
+// fail.
OPENSSL_EXPORT size_t EVP_PKEY_get1_tls_encodedpoint(const EVP_PKEY *pkey,
uint8_t **out_ptr);
@@ -1017,6 +1024,14 @@
OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY(EC_KEY **out, const uint8_t **inp,
long len);
+// EVP_PKEY_CTX_set_dsa_paramgen_bits returns zero.
+OPENSSL_EXPORT int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx,
+ int nbits);
+
+// EVP_PKEY_CTX_set_dsa_paramgen_q_bits returns zero.
+OPENSSL_EXPORT int EVP_PKEY_CTX_set_dsa_paramgen_q_bits(EVP_PKEY_CTX *ctx,
+ int qbits);
+
// Preprocessor compatibility section (hidden).
//
@@ -1041,29 +1056,6 @@
ERR_put_error(ERR_LIB_EVP, 0, reason, __FILE__, __LINE__)
-// Private structures.
-
-struct evp_pkey_st {
- CRYPTO_refcount_t references;
-
- // type contains one of the EVP_PKEY_* values or NID_undef and determines
- // which element (if any) of the |pkey| union is valid.
- int type;
-
- union {
- void *ptr;
- RSA *rsa;
- DSA *dsa;
- DH *dh;
- EC_KEY *ec;
- } pkey;
-
- // ameth contains a pointer to a method table that contains many ASN.1
- // methods for the key type.
- const EVP_PKEY_ASN1_METHOD *ameth;
-} /* EVP_PKEY */;
-
-
#if defined(__cplusplus)
} // extern C
diff --git a/sysroots/generic-arm32/usr/include/openssl/ex_data.h b/sysroots/generic-arm32/usr/include/openssl/ex_data.h
index 102f8a8..8f2f98b 100644
--- a/sysroots/generic-arm32/usr/include/openssl/ex_data.h
+++ b/sysroots/generic-arm32/usr/include/openssl/ex_data.h
@@ -145,7 +145,7 @@
CRYPTO_EX_free *free_func);
// TYPE_set_ex_data sets an extra data pointer on |t|. The |index| argument
-// should have been returned from a previous call to |TYPE_get_ex_new_index|.
+// must have been returned from a previous call to |TYPE_get_ex_new_index|.
OPENSSL_EXPORT int TYPE_set_ex_data(TYPE *t, int index, void *arg);
// TYPE_get_ex_data returns an extra data pointer for |t|, or NULL if no such
diff --git a/sysroots/generic-arm32/usr/include/openssl/hmac.h b/sysroots/generic-arm32/usr/include/openssl/hmac.h
index 56b0802..7a4737f 100644
--- a/sysroots/generic-arm32/usr/include/openssl/hmac.h
+++ b/sysroots/generic-arm32/usr/include/openssl/hmac.h
@@ -137,6 +137,9 @@
// |ctx|. On entry, |ctx| must have been setup with |HMAC_Init_ex|.
OPENSSL_EXPORT size_t HMAC_size(const HMAC_CTX *ctx);
+// HMAC_CTX_get_md returns |ctx|'s hash function.
+OPENSSL_EXPORT const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+
// HMAC_CTX_copy_ex sets |dest| equal to |src|. On entry, |dest| must have been
// initialised by calling |HMAC_CTX_init|. It returns one on success and zero
// on error.
diff --git a/sysroots/generic-arm32/usr/include/openssl/hpke.h b/sysroots/generic-arm32/usr/include/openssl/hpke.h
index e2c9855..3ce6946 100644
--- a/sysroots/generic-arm32/usr/include/openssl/hpke.h
+++ b/sysroots/generic-arm32/usr/include/openssl/hpke.h
@@ -51,6 +51,30 @@
// will be one of the |EVP_HPKE_KEM_*| constants.
OPENSSL_EXPORT uint16_t EVP_HPKE_KEM_id(const EVP_HPKE_KEM *kem);
+// EVP_HPKE_MAX_PUBLIC_KEY_LENGTH is the maximum length of an encoded public key
+// for all KEMs currently supported by this library.
+#define EVP_HPKE_MAX_PUBLIC_KEY_LENGTH 32
+
+// EVP_HPKE_KEM_public_key_len returns the length of a public key for |kem|.
+// This value will be at most |EVP_HPKE_MAX_PUBLIC_KEY_LENGTH|.
+OPENSSL_EXPORT size_t EVP_HPKE_KEM_public_key_len(const EVP_HPKE_KEM *kem);
+
+// EVP_HPKE_MAX_PRIVATE_KEY_LENGTH is the maximum length of an encoded private
+// key for all KEMs currently supported by this library.
+#define EVP_HPKE_MAX_PRIVATE_KEY_LENGTH 32
+
+// EVP_HPKE_KEM_private_key_len returns the length of a private key for |kem|.
+// This value will be at most |EVP_HPKE_MAX_PRIVATE_KEY_LENGTH|.
+OPENSSL_EXPORT size_t EVP_HPKE_KEM_private_key_len(const EVP_HPKE_KEM *kem);
+
+// EVP_HPKE_MAX_ENC_LENGTH is the maximum length of "enc", the encapsulated
+// shared secret, for all KEMs currently supported by this library.
+#define EVP_HPKE_MAX_ENC_LENGTH 32
+
+// EVP_HPKE_KEM_enc_len returns the length of the "enc", the encapsulated shared
+// secret, for |kem|. This value will be at most |EVP_HPKE_MAX_ENC_LENGTH|.
+OPENSSL_EXPORT size_t EVP_HPKE_KEM_enc_len(const EVP_HPKE_KEM *kem);
+
// The following constants are KDF identifiers.
#define EVP_HPKE_HKDF_SHA256 0x0001
@@ -60,6 +84,11 @@
// EVP_HPKE_KDF_id returns the HPKE KDF identifier for |kdf|.
OPENSSL_EXPORT uint16_t EVP_HPKE_KDF_id(const EVP_HPKE_KDF *kdf);
+// EVP_HPKE_KDF_hkdf_md returns the HKDF hash function corresponding to |kdf|,
+// or NULL if |kdf| is not an HKDF-based KDF. All currently supported KDFs are
+// HKDF-based.
+OPENSSL_EXPORT const EVP_MD *EVP_HPKE_KDF_hkdf_md(const EVP_HPKE_KDF *kdf);
+
// The following constants are AEAD identifiers.
#define EVP_HPKE_AES_128_GCM 0x0001
#define EVP_HPKE_AES_256_GCM 0x0002
@@ -127,28 +156,22 @@
// EVP_HPKE_KEY_kem returns the HPKE KEM used by |key|.
OPENSSL_EXPORT const EVP_HPKE_KEM *EVP_HPKE_KEY_kem(const EVP_HPKE_KEY *key);
-// EVP_HPKE_MAX_PUBLIC_KEY_LENGTH is the maximum length of a public key for all
-// KEMs supported by this library.
-#define EVP_HPKE_MAX_PUBLIC_KEY_LENGTH 32
-
// EVP_HPKE_KEY_public_key writes |key|'s public key to |out| and sets
// |*out_len| to the number of bytes written. On success, it returns one and
// writes at most |max_out| bytes. If |max_out| is too small, it returns zero.
// Setting |max_out| to |EVP_HPKE_MAX_PUBLIC_KEY_LENGTH| will ensure the public
-// key fits.
+// key fits. An exact size can also be determined by
+// |EVP_HPKE_KEM_public_key_len|.
OPENSSL_EXPORT int EVP_HPKE_KEY_public_key(const EVP_HPKE_KEY *key,
uint8_t *out, size_t *out_len,
size_t max_out);
-// EVP_HPKE_MAX_PRIVATE_KEY_LENGTH is the maximum length of a private key for
-// all KEMs supported by this library.
-#define EVP_HPKE_MAX_PRIVATE_KEY_LENGTH 32
-
// EVP_HPKE_KEY_private_key writes |key|'s private key to |out| and sets
// |*out_len| to the number of bytes written. On success, it returns one and
// writes at most |max_out| bytes. If |max_out| is too small, it returns zero.
// Setting |max_out| to |EVP_HPKE_MAX_PRIVATE_KEY_LENGTH| will ensure the
-// private key fits.
+// private key fits. An exact size can also be determined by
+// |EVP_HPKE_KEM_private_key_len|.
OPENSSL_EXPORT int EVP_HPKE_KEY_private_key(const EVP_HPKE_KEY *key,
uint8_t *out, size_t *out_len,
size_t max_out);
@@ -182,16 +205,13 @@
// created with |EVP_HPKE_CTX_new|.
OPENSSL_EXPORT void EVP_HPKE_CTX_free(EVP_HPKE_CTX *ctx);
-// EVP_HPKE_MAX_ENC_LENGTH is the maximum length of "enc", the encapsulated
-// shared secret, for all supported KEMs in this library.
-#define EVP_HPKE_MAX_ENC_LENGTH 32
-
// EVP_HPKE_CTX_setup_sender implements the SetupBaseS HPKE operation. It
// encapsulates a shared secret for |peer_public_key| and sets up |ctx| as a
// sender context. It writes the encapsulated shared secret to |out_enc| and
// sets |*out_enc_len| to the number of bytes written. It writes at most
// |max_enc| bytes and fails if the buffer is too small. Setting |max_enc| to at
-// least |EVP_HPKE_MAX_ENC_LENGTH| will ensure the buffer is large enough.
+// least |EVP_HPKE_MAX_ENC_LENGTH| will ensure the buffer is large enough. An
+// exact size may also be determined by |EVP_PKEY_KEM_enc_len|.
//
// This function returns one on success and zero on error. Note that
// |peer_public_key| may be invalid, in which case this function will return an
@@ -292,6 +312,10 @@
// up as a sender.
OPENSSL_EXPORT size_t EVP_HPKE_CTX_max_overhead(const EVP_HPKE_CTX *ctx);
+// EVP_HPKE_CTX_kem returns |ctx|'s configured KEM, or NULL if the context has
+// not been set up.
+OPENSSL_EXPORT const EVP_HPKE_KEM *EVP_HPKE_CTX_kem(const EVP_HPKE_CTX *ctx);
+
// EVP_HPKE_CTX_aead returns |ctx|'s configured AEAD, or NULL if the context has
// not been set up.
OPENSSL_EXPORT const EVP_HPKE_AEAD *EVP_HPKE_CTX_aead(const EVP_HPKE_CTX *ctx);
@@ -307,6 +331,7 @@
// but accessing or modifying their fields is forbidden.
struct evp_hpke_ctx_st {
+ const EVP_HPKE_KEM *kem;
const EVP_HPKE_AEAD *aead;
const EVP_HPKE_KDF *kdf;
EVP_AEAD_CTX aead_ctx;
diff --git a/sysroots/generic-arm32/usr/include/openssl/kdf.h b/sysroots/generic-arm32/usr/include/openssl/kdf.h
new file mode 100644
index 0000000..7adad38
--- /dev/null
+++ b/sysroots/generic-arm32/usr/include/openssl/kdf.h
@@ -0,0 +1,91 @@
+/* Copyright (c) 2022, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#ifndef OPENSSL_HEADER_KDF_H
+#define OPENSSL_HEADER_KDF_H
+
+#include <openssl/base.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+
+// KDF support for EVP.
+
+
+// HKDF-specific functions.
+//
+// The following functions are provided for OpenSSL compatibility. Prefer the
+// HKDF functions in <openssl/hkdf.h>. In each, |ctx| must be created with
+// |EVP_PKEY_CTX_new_id| with |EVP_PKEY_HKDF| and then initialized with
+// |EVP_PKEY_derive_init|.
+
+// EVP_PKEY_HKDEF_MODE_* define "modes" for use with |EVP_PKEY_CTX_hkdf_mode|.
+// The mispelling of "HKDF" as "HKDEF" is intentional for OpenSSL compatibility.
+#define EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND 0
+#define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY 1
+#define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY 2
+
+// EVP_PKEY_CTX_hkdf_mode configures which HKDF operation to run. It returns one
+// on success and zero on error. |mode| must be one of |EVP_PKEY_HKDEF_MODE_*|.
+// By default, the mode is |EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND|.
+//
+// If |mode| is |EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND| or
+// |EVP_PKEY_HKDEF_MODE_EXPAND_ONLY|, the output is variable-length.
+// |EVP_PKEY_derive| uses the size of the output buffer as the output length for
+// HKDF-Expand.
+//
+// WARNING: Although this API calls it a "mode", HKDF-Extract and HKDF-Expand
+// are distinct operations with distinct inputs and distinct kinds of keys.
+// Callers should not pass input secrets for one operation into the other.
+OPENSSL_EXPORT int EVP_PKEY_CTX_hkdf_mode(EVP_PKEY_CTX *ctx, int mode);
+
+// EVP_PKEY_CTX_set_hkdf_md sets |md| as the digest to use with HKDF. It returns
+// one on success and zero on error.
+OPENSSL_EXPORT int EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX *ctx,
+ const EVP_MD *md);
+
+// EVP_PKEY_CTX_set1_hkdf_key configures HKDF to use |key_len| bytes from |key|
+// as the "key", described below. It returns one on success and zero on error.
+//
+// Which input is the key depends on the "mode" (see |EVP_PKEY_CTX_hkdf_mode|).
+// If |EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND| or
+// |EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY|, this function specifies the input keying
+// material (IKM) for HKDF-Extract. If |EVP_PKEY_HKDEF_MODE_EXPAND_ONLY|, it
+// instead specifies the pseudorandom key (PRK) for HKDF-Expand.
+OPENSSL_EXPORT int EVP_PKEY_CTX_set1_hkdf_key(EVP_PKEY_CTX *ctx,
+ const uint8_t *key,
+ size_t key_len);
+
+// EVP_PKEY_CTX_set1_hkdf_salt configures HKDF to use |salt_len| bytes from
+// |salt| as the salt parameter to HKDF-Extract. It returns one on success and
+// zero on error. If performing HKDF-Expand only, this parameter is ignored.
+OPENSSL_EXPORT int EVP_PKEY_CTX_set1_hkdf_salt(EVP_PKEY_CTX *ctx,
+ const uint8_t *salt,
+ size_t salt_len);
+
+// EVP_PKEY_CTX_add1_hkdf_info appends |info_len| bytes from |info| to the info
+// parameter used with HKDF-Expand. It returns one on success and zero on error.
+// If performing HKDF-Extract only, this parameter is ignored.
+OPENSSL_EXPORT int EVP_PKEY_CTX_add1_hkdf_info(EVP_PKEY_CTX *ctx,
+ const uint8_t *info,
+ size_t info_len);
+
+
+#if defined(__cplusplus)
+} // extern C
+#endif
+
+#endif // OPENSSL_HEADER_KDF_H
diff --git a/sysroots/generic-arm32/usr/include/openssl/kyber.h b/sysroots/generic-arm32/usr/include/openssl/kyber.h
new file mode 100644
index 0000000..cafae9d
--- /dev/null
+++ b/sysroots/generic-arm32/usr/include/openssl/kyber.h
@@ -0,0 +1,128 @@
+/* Copyright (c) 2023, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#ifndef OPENSSL_HEADER_KYBER_H
+#define OPENSSL_HEADER_KYBER_H
+
+#include <openssl/base.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+
+// Kyber768.
+
+
+// KYBER_public_key contains a Kyber768 public key. The contents of this
+// object should never leave the address space since the format is unstable.
+struct KYBER_public_key {
+ union {
+ uint8_t bytes[512 * (3 + 9) + 32 + 32];
+ uint16_t alignment;
+ } opaque;
+};
+
+// KYBER_private_key contains a Kyber768 private key. The contents of this
+// object should never leave the address space since the format is unstable.
+struct KYBER_private_key {
+ union {
+ uint8_t bytes[512 * (3 + 3 + 9) + 32 + 32 + 32];
+ uint16_t alignment;
+ } opaque;
+};
+
+// KYBER_PUBLIC_KEY_BYTES is the number of bytes in an encoded Kyber768 public
+// key.
+#define KYBER_PUBLIC_KEY_BYTES 1184
+
+// KYBER_generate_key generates a random public/private key pair, writes the
+// encoded public key to |out_encoded_public_key| and sets |out_private_key| to
+// the private key.
+OPENSSL_EXPORT void KYBER_generate_key(
+ uint8_t out_encoded_public_key[KYBER_PUBLIC_KEY_BYTES],
+ struct KYBER_private_key *out_private_key);
+
+// KYBER_public_from_private sets |*out_public_key| to the public key that
+// corresponds to |private_key|. (This is faster than parsing the output of
+// |KYBER_generate_key| if, for some reason, you need to encapsulate to a key
+// that was just generated.)
+OPENSSL_EXPORT void KYBER_public_from_private(
+ struct KYBER_public_key *out_public_key,
+ const struct KYBER_private_key *private_key);
+
+// KYBER_CIPHERTEXT_BYTES is number of bytes in the Kyber768 ciphertext.
+#define KYBER_CIPHERTEXT_BYTES 1088
+
+// KYBER_encap encrypts a random secret key of length |out_shared_secret_len| to
+// |public_key|, writes the ciphertext to |ciphertext|, and writes the random
+// key to |out_shared_secret|. The party calling |KYBER_decap| must already know
+// the correct value of |out_shared_secret_len|.
+OPENSSL_EXPORT void KYBER_encap(uint8_t out_ciphertext[KYBER_CIPHERTEXT_BYTES],
+ uint8_t *out_shared_secret,
+ size_t out_shared_secret_len,
+ const struct KYBER_public_key *public_key);
+
+// KYBER_decap decrypts a key of length |out_shared_secret_len| from
+// |ciphertext| using |private_key| and writes it to |out_shared_secret|. If
+// |ciphertext| is invalid, |out_shared_secret| is filled with a key that
+// will always be the same for the same |ciphertext| and |private_key|, but
+// which appears to be random unless one has access to |private_key|. These
+// alternatives occur in constant time. Any subsequent symmetric encryption
+// using |out_shared_secret| must use an authenticated encryption scheme in
+// order to discover the decapsulation failure.
+OPENSSL_EXPORT void KYBER_decap(
+ uint8_t *out_shared_secret, size_t out_shared_secret_len,
+ const uint8_t ciphertext[KYBER_CIPHERTEXT_BYTES],
+ const struct KYBER_private_key *private_key);
+
+
+// Serialisation of keys.
+
+// KYBER_marshal_public_key serializes |public_key| to |out| in the standard
+// format for Kyber public keys. It returns one on success or zero on allocation
+// error.
+OPENSSL_EXPORT int KYBER_marshal_public_key(
+ CBB *out, const struct KYBER_public_key *public_key);
+
+// KYBER_parse_public_key parses a public key, in the format generated by
+// |KYBER_marshal_public_key|, from |in| and writes the result to
+// |out_public_key|. It returns one on success or zero on parse error or if
+// there are trailing bytes in |in|.
+OPENSSL_EXPORT int KYBER_parse_public_key(
+ struct KYBER_public_key *out_public_key, CBS *in);
+
+// KYBER_marshal_private_key serializes |private_key| to |out| in the standard
+// format for Kyber private keys. It returns one on success or zero on
+// allocation error.
+OPENSSL_EXPORT int KYBER_marshal_private_key(
+ CBB *out, const struct KYBER_private_key *private_key);
+
+// KYBER_PRIVATE_KEY_BYTES is the length of the data produced by
+// |KYBER_marshal_private_key|.
+#define KYBER_PRIVATE_KEY_BYTES 2400
+
+// KYBER_parse_private_key parses a private key, in the format generated by
+// |KYBER_marshal_private_key|, from |in| and writes the result to
+// |out_private_key|. It returns one on success or zero on parse error or if
+// there are trailing bytes in |in|.
+OPENSSL_EXPORT int KYBER_parse_private_key(
+ struct KYBER_private_key *out_private_key, CBS *in);
+
+
+#if defined(__cplusplus)
+} // extern C
+#endif
+
+#endif // OPENSSL_HEADER_KYBER_H
diff --git a/sysroots/generic-arm32/usr/include/openssl/mem.h b/sysroots/generic-arm32/usr/include/openssl/mem.h
index 476299a..8da1dd6 100644
--- a/sysroots/generic-arm32/usr/include/openssl/mem.h
+++ b/sysroots/generic-arm32/usr/include/openssl/mem.h
@@ -75,17 +75,26 @@
// unless stated otherwise.
-// OPENSSL_malloc acts like a regular |malloc|.
+#ifndef _BORINGSSL_PROHIBIT_OPENSSL_MALLOC
+// OPENSSL_malloc is similar to a regular |malloc|, but allocates additional
+// private data. The resulting pointer must be freed with |OPENSSL_free|. In
+// the case of a malloc failure, prior to returning NULL |OPENSSL_malloc| will
+// push |ERR_R_MALLOC_FAILURE| onto the openssl error stack.
OPENSSL_EXPORT void *OPENSSL_malloc(size_t size);
+#endif // !_BORINGSSL_PROHIBIT_OPENSSL_MALLOC
// OPENSSL_free does nothing if |ptr| is NULL. Otherwise it zeros out the
-// memory allocated at |ptr| and frees it.
+// memory allocated at |ptr| and frees it along with the private data.
+// It must only be used on on |ptr| values obtained from |OPENSSL_malloc|
OPENSSL_EXPORT void OPENSSL_free(void *ptr);
+#ifndef _BORINGSSL_PROHIBIT_OPENSSL_MALLOC
// OPENSSL_realloc returns a pointer to a buffer of |new_size| bytes that
// contains the contents of |ptr|. Unlike |realloc|, a new buffer is always
-// allocated and the data at |ptr| is always wiped and freed.
+// allocated and the data at |ptr| is always wiped and freed. Memory is
+// allocated with |OPENSSL_malloc| and must be freed with |OPENSSL_free|.
OPENSSL_EXPORT void *OPENSSL_realloc(void *ptr, size_t new_size);
+#endif // !_BORINGSSL_PROHIBIT_OPENSSL_MALLOC
// OPENSSL_cleanse zeros out |len| bytes of memory at |ptr|. This is similar to
// |memset_s| from C11.
@@ -110,13 +119,42 @@
// OPENSSL_strnlen has the same behaviour as strnlen(3).
OPENSSL_EXPORT size_t OPENSSL_strnlen(const char *s, size_t len);
-// OPENSSL_tolower is a locale-independent version of tolower(3).
+// OPENSSL_isalpha is a locale-independent, ASCII-only version of isalpha(3), It
+// only recognizes 'a' through 'z' and 'A' through 'Z' as alphabetic.
+OPENSSL_EXPORT int OPENSSL_isalpha(int c);
+
+// OPENSSL_isdigit is a locale-independent, ASCII-only version of isdigit(3), It
+// only recognizes '0' through '9' as digits.
+OPENSSL_EXPORT int OPENSSL_isdigit(int c);
+
+// OPENSSL_isxdigit is a locale-independent, ASCII-only version of isxdigit(3),
+// It only recognizes '0' through '9', 'a' through 'f', and 'A through 'F' as
+// digits.
+OPENSSL_EXPORT int OPENSSL_isxdigit(int c);
+
+// OPENSSL_fromxdigit returns one if |c| is a hexadecimal digit as recognized
+// by OPENSSL_isxdigit, and sets |out| to the corresponding value. Otherwise
+// zero is returned.
+OPENSSL_EXPORT int OPENSSL_fromxdigit(uint8_t *out, int c);
+
+// OPENSSL_isalnum is a locale-independent, ASCII-only version of isalnum(3), It
+// only recognizes what |OPENSSL_isalpha| and |OPENSSL_isdigit| recognize.
+OPENSSL_EXPORT int OPENSSL_isalnum(int c);
+
+// OPENSSL_tolower is a locale-independent, ASCII-only version of tolower(3). It
+// only lowercases ASCII values. Other values are returned as-is.
OPENSSL_EXPORT int OPENSSL_tolower(int c);
-// OPENSSL_strcasecmp is a locale-independent version of strcasecmp(3).
+// OPENSSL_isspace is a locale-independent, ASCII-only version of isspace(3). It
+// only recognizes '\t', '\n', '\v', '\f', '\r', and ' '.
+OPENSSL_EXPORT int OPENSSL_isspace(int c);
+
+// OPENSSL_strcasecmp is a locale-independent, ASCII-only version of
+// strcasecmp(3).
OPENSSL_EXPORT int OPENSSL_strcasecmp(const char *a, const char *b);
-// OPENSSL_strncasecmp is a locale-independent version of strncasecmp(3).
+// OPENSSL_strncasecmp is a locale-independent, ASCII-only version of
+// strncasecmp(3).
OPENSSL_EXPORT int OPENSSL_strncasecmp(const char *a, const char *b, size_t n);
// DECIMAL_SIZE returns an upper bound for the length of the decimal
@@ -131,12 +169,25 @@
OPENSSL_EXPORT int BIO_vsnprintf(char *buf, size_t n, const char *format,
va_list args) OPENSSL_PRINTF_FORMAT_FUNC(3, 0);
+// OPENSSL_vasprintf has the same behavior as vasprintf(3), except that
+// memory allocated in a returned string must be freed with |OPENSSL_free|.
+OPENSSL_EXPORT int OPENSSL_vasprintf(char **str, const char *format,
+ va_list args)
+ OPENSSL_PRINTF_FORMAT_FUNC(2, 0);
+
+// OPENSSL_asprintf has the same behavior as asprintf(3), except that
+// memory allocated in a returned string must be freed with |OPENSSL_free|.
+OPENSSL_EXPORT int OPENSSL_asprintf(char **str, const char *format, ...)
+ OPENSSL_PRINTF_FORMAT_FUNC(2, 3);
+
// OPENSSL_strndup returns an allocated, duplicate of |str|, which is, at most,
-// |size| bytes. The result is always NUL terminated.
+// |size| bytes. The result is always NUL terminated. The memory allocated
+// must be freed with |OPENSSL_free|.
OPENSSL_EXPORT char *OPENSSL_strndup(const char *str, size_t size);
// OPENSSL_memdup returns an allocated, duplicate of |size| bytes from |data| or
-// NULL on allocation failure.
+// NULL on allocation failure. The memory allocated must be freed with
+// |OPENSSL_free|.
OPENSSL_EXPORT void *OPENSSL_memdup(const void *data, size_t size);
// OPENSSL_strlcpy acts like strlcpy(3).
@@ -164,6 +215,21 @@
// allocations on free, but we define |OPENSSL_clear_free| for compatibility.
OPENSSL_EXPORT void OPENSSL_clear_free(void *ptr, size_t len);
+// CRYPTO_secure_malloc_init returns zero.
+OPENSSL_EXPORT int CRYPTO_secure_malloc_init(size_t size, size_t min_size);
+
+// CRYPTO_secure_malloc_initialized returns zero.
+OPENSSL_EXPORT int CRYPTO_secure_malloc_initialized(void);
+
+// CRYPTO_secure_used returns zero.
+OPENSSL_EXPORT size_t CRYPTO_secure_used(void);
+
+// OPENSSL_secure_malloc calls |OPENSSL_malloc|.
+OPENSSL_EXPORT void *OPENSSL_secure_malloc(size_t size);
+
+// OPENSSL_secure_clear_free calls |OPENSSL_clear_free|.
+OPENSSL_EXPORT void OPENSSL_secure_clear_free(void *ptr, size_t len);
+
#if defined(__cplusplus)
} // extern C
diff --git a/sysroots/generic-arm32/usr/include/openssl/nid.h b/sysroots/generic-arm32/usr/include/openssl/nid.h
index bf7f3da..64c9c9c 100644
--- a/sysroots/generic-arm32/usr/include/openssl/nid.h
+++ b/sysroots/generic-arm32/usr/include/openssl/nid.h
@@ -4235,9 +4235,6 @@
#define LN_auth_any "auth-any"
#define NID_auth_any 958
-#define SN_CECPQ2 "CECPQ2"
-#define NID_CECPQ2 959
-
#define SN_ED448 "ED448"
#define NID_ED448 960
#define OBJ_ED448 1L, 3L, 101L, 113L
@@ -4251,6 +4248,19 @@
#define NID_sha512_256 962
#define OBJ_sha512_256 2L, 16L, 840L, 1L, 101L, 3L, 4L, 2L, 6L
+#define SN_hkdf "HKDF"
+#define LN_hkdf "hkdf"
+#define NID_hkdf 963
+
+#define SN_X25519Kyber768 "X25519Kyber768"
+#define NID_X25519Kyber768 964
+
+#define SN_P256Kyber768 "P256Kyber768"
+#define NID_P256Kyber768 965
+
+#define SN_P384Kyber768 "P384Kyber768"
+#define NID_P384Kyber768 966
+
#if defined(__cplusplus)
} /* extern C */
diff --git a/sysroots/generic-arm32/usr/include/openssl/obj.h b/sysroots/generic-arm32/usr/include/openssl/obj.h
index ad7271e..3fb8bde 100644
--- a/sysroots/generic-arm32/usr/include/openssl/obj.h
+++ b/sysroots/generic-arm32/usr/include/openssl/obj.h
@@ -183,8 +183,15 @@
// Adding objects at runtime.
-// OBJ_create adds a known object and returns the nid of the new object, or
+// OBJ_create adds a known object and returns the NID of the new object, or
// NID_undef on error.
+//
+// WARNING: This function modifies global state. The table cannot contain
+// duplicate OIDs, short names, or long names. If two callers in the same
+// address space add conflicting values, only one registration will take effect.
+// Avoid this function if possible. Instead, callers can process OIDs unknown to
+// BoringSSL by acting on the byte representation directly. See |OBJ_get0_data|
+// and |OBJ_length|.
OPENSSL_EXPORT int OBJ_create(const char *oid, const char *short_name,
const char *long_name);
diff --git a/sysroots/generic-arm32/usr/include/openssl/opensslconf.h b/sysroots/generic-arm32/usr/include/openssl/opensslconf.h
index 3f1faf3..5165703 100644
--- a/sysroots/generic-arm32/usr/include/openssl/opensslconf.h
+++ b/sysroots/generic-arm32/usr/include/openssl/opensslconf.h
@@ -59,6 +59,7 @@
#define OPENSSL_NO_SM3
#define OPENSSL_NO_SM4
#define OPENSSL_NO_SRP
+#define OPENSSL_NO_SSL_TRACE
#define OPENSSL_NO_SSL2
#define OPENSSL_NO_SSL3
#define OPENSSL_NO_SSL3_METHOD
diff --git a/sysroots/generic-arm32/usr/include/openssl/pem.h b/sysroots/generic-arm32/usr/include/openssl/pem.h
index a94f276..21885ba 100644
--- a/sysroots/generic-arm32/usr/include/openssl/pem.h
+++ b/sysroots/generic-arm32/usr/include/openssl/pem.h
@@ -349,10 +349,6 @@
OPENSSL_EXPORT STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(
BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u);
-OPENSSL_EXPORT int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi,
- EVP_CIPHER *enc, unsigned char *kstr,
- int klen, pem_password_cb *cd,
- void *u);
OPENSSL_EXPORT int PEM_read(FILE *fp, char **name, char **header,
unsigned char **data, long *len);
@@ -376,9 +372,6 @@
// password.
OPENSSL_EXPORT int PEM_def_callback(char *buf, int size, int rwflag,
void *userdata);
-OPENSSL_EXPORT void PEM_proc_type(char *buf, int type);
-OPENSSL_EXPORT void PEM_dek_info(char *buf, const char *type, int len,
- char *str);
DECLARE_PEM_rw(X509, X509)
@@ -421,40 +414,40 @@
DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
-OPENSSL_EXPORT int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x,
+OPENSSL_EXPORT int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, const EVP_PKEY *x,
int nid, char *kstr,
int klen,
pem_password_cb *cb,
void *u);
-OPENSSL_EXPORT int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *,
+OPENSSL_EXPORT int PEM_write_bio_PKCS8PrivateKey(BIO *, const EVP_PKEY *,
const EVP_CIPHER *, char *,
int, pem_password_cb *,
void *);
-OPENSSL_EXPORT int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x,
+OPENSSL_EXPORT int i2d_PKCS8PrivateKey_bio(BIO *bp, const EVP_PKEY *x,
const EVP_CIPHER *enc, char *kstr,
int klen, pem_password_cb *cb,
void *u);
-OPENSSL_EXPORT int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
+OPENSSL_EXPORT int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, const EVP_PKEY *x,
+ int nid, char *kstr, int klen,
pem_password_cb *cb, void *u);
OPENSSL_EXPORT EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x,
pem_password_cb *cb, void *u);
-OPENSSL_EXPORT int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x,
+OPENSSL_EXPORT int i2d_PKCS8PrivateKey_fp(FILE *fp, const EVP_PKEY *x,
const EVP_CIPHER *enc, char *kstr,
int klen, pem_password_cb *cb,
void *u);
-OPENSSL_EXPORT int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
+OPENSSL_EXPORT int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, const EVP_PKEY *x,
+ int nid, char *kstr, int klen,
pem_password_cb *cb, void *u);
-OPENSSL_EXPORT int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
+OPENSSL_EXPORT int PEM_write_PKCS8PrivateKey_nid(FILE *fp, const EVP_PKEY *x,
+ int nid, char *kstr, int klen,
pem_password_cb *cb, void *u);
OPENSSL_EXPORT EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x,
pem_password_cb *cb, void *u);
-OPENSSL_EXPORT int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x,
+OPENSSL_EXPORT int PEM_write_PKCS8PrivateKey(FILE *fp, const EVP_PKEY *x,
const EVP_CIPHER *enc, char *kstr,
int klen, pem_password_cb *cd,
void *u);
diff --git a/sysroots/generic-arm32/usr/include/openssl/rand.h b/sysroots/generic-arm32/usr/include/openssl/rand.h
index bd41f9e..586274d 100644
--- a/sysroots/generic-arm32/usr/include/openssl/rand.h
+++ b/sysroots/generic-arm32/usr/include/openssl/rand.h
@@ -25,9 +25,20 @@
// Random number generation.
-// RAND_bytes writes |len| bytes of random data to |buf| and returns one.
+// RAND_bytes writes |len| bytes of random data to |buf| and returns one. In the
+// event that sufficient random data can not be obtained, |abort| is called.
OPENSSL_EXPORT int RAND_bytes(uint8_t *buf, size_t len);
+// RAND_get_system_entropy_for_custom_prng writes |len| bytes of random data
+// from a system entropy source to |buf|. The maximum length of entropy which
+// may be requested is 256 bytes. If more than 256 bytes of data is requested,
+// or if sufficient random data can not be obtained, |abort| is called.
+// |RAND_bytes| should normally be used instead of this function. This function
+// should only be used for seed values or where |malloc| should not be called
+// from BoringSSL. This function is not FIPS compliant.
+OPENSSL_EXPORT void RAND_get_system_entropy_for_custom_prng(uint8_t *buf,
+ size_t len);
+
// RAND_cleanup frees any resources used by the RNG. This is not safe if other
// threads might still be calling |RAND_bytes|.
OPENSSL_EXPORT void RAND_cleanup(void);
diff --git a/sysroots/generic-arm32/usr/include/openssl/rsa.h b/sysroots/generic-arm32/usr/include/openssl/rsa.h
index 57a2cb2..a1c03cd 100644
--- a/sysroots/generic-arm32/usr/include/openssl/rsa.h
+++ b/sysroots/generic-arm32/usr/include/openssl/rsa.h
@@ -298,8 +298,8 @@
// |hash_nid|. Passing unhashed inputs will not result in a secure signature
// scheme.
OPENSSL_EXPORT int RSA_sign(int hash_nid, const uint8_t *digest,
- unsigned digest_len, uint8_t *out,
- unsigned *out_len, RSA *rsa);
+ size_t digest_len, uint8_t *out, unsigned *out_len,
+ RSA *rsa);
// RSA_sign_pss_mgf1 signs |digest_len| bytes from |digest| with the public key
// from |rsa| using RSASSA-PSS with MGF1 as the mask generation function. It
@@ -625,7 +625,7 @@
// should use instead. It returns NULL on error, or a newly-allocated |RSA| on
// success. This function is provided for compatibility only. The |callback|
// and |cb_arg| parameters must be NULL.
-OPENSSL_EXPORT RSA *RSA_generate_key(int bits, unsigned long e, void *callback,
+OPENSSL_EXPORT RSA *RSA_generate_key(int bits, uint64_t e, void *callback,
void *cb_arg);
// d2i_RSAPublicKey parses a DER-encoded RSAPublicKey structure (RFC 8017) from
@@ -775,7 +775,7 @@
// num_blindings contains the size of the |blindings| and |blindings_inuse|
// arrays. This member and the |blindings_inuse| array are protected by
// |lock|.
- unsigned num_blindings;
+ size_t num_blindings;
// blindings is an array of BN_BLINDING structures that can be reserved by a
// thread by locking |lock| and changing the corresponding element in
// |blindings_inuse| from 0 to 1.
diff --git a/sysroots/generic-arm32/usr/include/openssl/ssl.h b/sysroots/generic-arm32/usr/include/openssl/ssl.h
index f0ca7f7..5b5e3fe 100644
--- a/sysroots/generic-arm32/usr/include/openssl/ssl.h
+++ b/sysroots/generic-arm32/usr/include/openssl/ssl.h
@@ -157,11 +157,6 @@
#include <sys/time.h>
#endif
-// NGINX needs this #include. Consider revisiting this after NGINX 1.14.0 has
-// been out for a year or so (assuming that they fix it in that release.) See
-// https://boringssl-review.googlesource.com/c/boringssl/+/21664.
-#include <openssl/hmac.h>
-
// Forward-declare struct timeval. On Windows, it is defined in winsock2.h and
// Windows headers define too many macros to be included in public headers.
// However, only a forward declaration is needed.
@@ -1454,9 +1449,6 @@
//
// |SHA1|, and its alias |SHA|, match legacy cipher suites using HMAC-SHA1.
//
-// Although implemented, authentication-only ciphers match no rules and must be
-// explicitly selected by name.
-//
// Deprecated cipher rules:
//
// |kEDH|, |EDH|, |kEECDH|, and |EECDH| are legacy aliases for |kDHE|, |DHE|,
@@ -2288,6 +2280,10 @@
// By default, BoringSSL sends two tickets.
OPENSSL_EXPORT int SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets);
+// SSL_CTX_get_num_tickets returns the number of tickets |ctx| will send
+// immediately after a successful TLS 1.3 handshake as a server.
+OPENSSL_EXPORT size_t SSL_CTX_get_num_tickets(const SSL_CTX *ctx);
+
// Elliptic curve Diffie-Hellman.
//
@@ -2335,7 +2331,8 @@
#define SSL_CURVE_SECP384R1 24
#define SSL_CURVE_SECP521R1 25
#define SSL_CURVE_X25519 29
-#define SSL_CURVE_CECPQ2 16696
+#define SSL_CURVE_X25519KYBER768 0x6399
+#define SSL_CURVE_P256KYBER768 0xfe32
// SSL_get_curve_id returns the ID of the curve used by |ssl|'s most recently
// completed handshake or 0 if not applicable.
@@ -2348,6 +2345,20 @@
// the given TLS curve id, or NULL if the curve is unknown.
OPENSSL_EXPORT const char *SSL_get_curve_name(uint16_t curve_id);
+// SSL_CTX_set1_groups calls |SSL_CTX_set1_curves|.
+OPENSSL_EXPORT int SSL_CTX_set1_groups(SSL_CTX *ctx, const int *groups,
+ size_t groups_len);
+
+// SSL_set1_groups calls |SSL_set1_curves|.
+OPENSSL_EXPORT int SSL_set1_groups(SSL *ssl, const int *groups,
+ size_t groups_len);
+
+// SSL_CTX_set1_groups_list calls |SSL_CTX_set1_curves_list|.
+OPENSSL_EXPORT int SSL_CTX_set1_groups_list(SSL_CTX *ctx, const char *groups);
+
+// SSL_set1_groups_list calls |SSL_set1_curves_list|.
+OPENSSL_EXPORT int SSL_set1_groups_list(SSL *ssl, const char *groups);
+
// Certificate verification.
//
@@ -2396,21 +2407,51 @@
// SSL_CTX_set_verify configures certificate verification behavior. |mode| is
// one of the |SSL_VERIFY_*| values defined above. |callback|, if not NULL, is
-// used to customize certificate verification. See the behavior of
-// |X509_STORE_CTX_set_verify_cb|.
+// used to customize certificate verification, but is deprecated. See
+// |X509_STORE_CTX_set_verify_cb| for details.
//
// The callback may use |SSL_get_ex_data_X509_STORE_CTX_idx| with
// |X509_STORE_CTX_get_ex_data| to look up the |SSL| from |store_ctx|.
+//
+// WARNING: |callback| should be NULL. This callback does not replace the
+// default certificate verification process and is, instead, called multiple
+// times in the course of that process. It is very difficult to implement this
+// callback safely, without inadvertently relying on implementation details or
+// making incorrect assumptions about when the callback is called.
+//
+// Instead, use |SSL_CTX_set_custom_verify| or
+// |SSL_CTX_set_cert_verify_callback| to customize certificate verification.
+// Those callbacks can inspect the peer-sent chain, call |X509_verify_cert| and
+// inspect the result, or perform other operations more straightforwardly.
+//
+// TODO(crbug.com/boringssl/426): We cite |X509_STORE_CTX_set_verify_cb| but
+// haven't documented it yet. Later that will have a more detailed warning about
+// why one should not use this callback.
OPENSSL_EXPORT void SSL_CTX_set_verify(
SSL_CTX *ctx, int mode, int (*callback)(int ok, X509_STORE_CTX *store_ctx));
// SSL_set_verify configures certificate verification behavior. |mode| is one of
// the |SSL_VERIFY_*| values defined above. |callback|, if not NULL, is used to
-// customize certificate verification. See the behavior of
+// customize certificate verification, but is deprecated. See the behavior of
// |X509_STORE_CTX_set_verify_cb|.
//
// The callback may use |SSL_get_ex_data_X509_STORE_CTX_idx| with
// |X509_STORE_CTX_get_ex_data| to look up the |SSL| from |store_ctx|.
+//
+// WARNING: |callback| should be NULL. This callback does not replace the
+// default certificate verification process and is, instead, called multiple
+// times in the course of that process. It is very difficult to implement this
+// callback safely, without inadvertently relying on implementation details or
+// making incorrect assumptions about when the callback is called.
+//
+// Instead, use |SSL_set_custom_verify| or |SSL_CTX_set_cert_verify_callback| to
+// customize certificate verification. Those callbacks can inspect the peer-sent
+// chain, call |X509_verify_cert| and inspect the result, or perform other
+// operations more straightforwardly.
+//
+// TODO(crbug.com/boringssl/426): We cite |X509_STORE_CTX_set_verify_cb| but
+// haven't documented it yet. Later that will have a more detailed warning about
+// why one should not use this callback.
OPENSSL_EXPORT void SSL_set_verify(SSL *ssl, int mode,
int (*callback)(int ok,
X509_STORE_CTX *store_ctx));
@@ -2718,7 +2759,7 @@
// SSL_load_client_CA_file opens |file| and reads PEM-encoded certificates from
// it. It returns a newly-allocated stack of the certificate subjects or NULL
-// on error.
+// on error. Duplicates in |file| are ignored.
OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
// SSL_dup_CA_list makes a deep copy of |list|. It returns the new list on
@@ -2731,6 +2772,11 @@
OPENSSL_EXPORT int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *out,
const char *file);
+// SSL_add_bio_cert_subjects_to_stack behaves like
+// |SSL_add_file_cert_subjects_to_stack| but reads from |bio|.
+OPENSSL_EXPORT int SSL_add_bio_cert_subjects_to_stack(STACK_OF(X509_NAME) *out,
+ BIO *bio);
+
// Server name indication.
//
@@ -2809,7 +2855,7 @@
// WARNING: this function is dangerous because it breaks the usual return value
// convention.
OPENSSL_EXPORT int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const uint8_t *protos,
- unsigned protos_len);
+ size_t protos_len);
// SSL_set_alpn_protos sets the client ALPN protocol list on |ssl| to |protos|.
// |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
@@ -2820,7 +2866,7 @@
// WARNING: this function is dangerous because it breaks the usual return value
// convention.
OPENSSL_EXPORT int SSL_set_alpn_protos(SSL *ssl, const uint8_t *protos,
- unsigned protos_len);
+ size_t protos_len);
// SSL_CTX_set_alpn_select_cb sets a callback function on |ctx| that is called
// during ClientHello processing in order to select an ALPN protocol from the
@@ -3908,13 +3954,14 @@
const uint8_t **out_write_iv,
size_t *out_iv_len);
-// SSL_get_key_block_len returns the length of |ssl|'s key block. It is an error
-// to call this function during a handshake.
+// SSL_get_key_block_len returns the length of |ssl|'s key block, for TLS 1.2
+// and below. It is an error to call this function during a handshake, or if
+// |ssl| negotiated TLS 1.3.
OPENSSL_EXPORT size_t SSL_get_key_block_len(const SSL *ssl);
// SSL_generate_key_block generates |out_len| bytes of key material for |ssl|'s
-// current connection state. It is an error to call this function during a
-// handshake.
+// current connection state, for TLS 1.2 and below. It is an error to call this
+// function during a handshake, or if |ssl| negotiated TLS 1.3.
OPENSSL_EXPORT int SSL_generate_key_block(const SSL *ssl, uint8_t *out,
size_t out_len);
@@ -3968,8 +4015,9 @@
// those cases, BoringSSL will not predict a signature as there is no benefit.
// Callers must allow for handshakes to complete without a predicted signature.
//
-// For now, only TLS 1.3 is hinted. TLS 1.2 will work, but the hints will be
-// empty.
+// Handshake hints are supported for TLS 1.3 and partially supported for
+// TLS 1.2. TLS 1.2 resumption handshakes are not yet fully hinted. They will
+// still work, but may not be as efficient.
// SSL_serialize_capabilities writes an opaque byte string to |out| describing
// some of |ssl|'s capabilities. It returns one on success and zero on error.
@@ -4125,6 +4173,13 @@
// renegotiation attempts by a server. If |ssl| is a server, peer-initiated
// renegotiations are *always* rejected and this function does nothing.
//
+// WARNING: Renegotiation is error-prone, complicates TLS's security properties,
+// and increases its attack surface. When enabled, many common assumptions about
+// BoringSSL's behavior no longer hold, and the calling application must handle
+// more cases. Renegotiation is also incompatible with many application
+// protocols, e.g. section 9.2.1 of RFC 7540. Many functions behave in ambiguous
+// or undefined ways during a renegotiation.
+//
// The renegotiation mode defaults to |ssl_renegotiate_never|, but may be set
// at any point in a connection's lifetime. Set it to |ssl_renegotiate_once| to
// allow one renegotiation, |ssl_renegotiate_freely| to allow all
@@ -4146,6 +4201,20 @@
// e.g., ALPN must enable renegotiation before the handshake and conditionally
// disable it afterwards.
//
+// When enabled, renegotiation can cause properties of |ssl|, such as the cipher
+// suite, to change during the lifetime of the connection. More over, during a
+// renegotiation, not all properties of the new handshake are available or fully
+// established. In BoringSSL, most functions, such as |SSL_get_current_cipher|,
+// report information from the most recently completed handshake, not the
+// pending one. However, renegotiation may rerun handshake callbacks, such as
+// |SSL_CTX_set_cert_cb|. Such callbacks must ensure they are acting on the
+// desired versions of each property.
+//
+// BoringSSL does not reverify peer certificates on renegotiation and instead
+// requires they match between handshakes, so certificate verification callbacks
+// (see |SSL_CTX_set_custom_verify|) may assume |ssl| is in the initial
+// handshake and use |SSL_get0_peer_certificates|, etc.
+//
// There is no support in BoringSSL for initiating renegotiations as a client
// or server.
OPENSSL_EXPORT void SSL_set_renegotiate_mode(SSL *ssl,
@@ -4281,12 +4350,24 @@
// respected on clients.
OPENSSL_EXPORT void SSL_CTX_set_reverify_on_resume(SSL_CTX *ctx, int enabled);
-// SSL_set_enforce_rsa_key_usage configures whether the keyUsage extension of
-// RSA leaf certificates will be checked for consistency with the TLS
-// usage. This parameter may be set late; it will not be read until after the
+// SSL_set_enforce_rsa_key_usage configures whether, when |ssl| is a client
+// negotiating TLS 1.2 or below, the keyUsage extension of RSA leaf server
+// certificates will be checked for consistency with the TLS usage. In all other
+// cases, this check is always enabled.
+//
+// This parameter may be set late; it will not be read until after the
// certificate verification callback.
OPENSSL_EXPORT void SSL_set_enforce_rsa_key_usage(SSL *ssl, int enabled);
+// SSL_was_key_usage_invalid returns one if |ssl|'s handshake succeeded despite
+// using TLS parameters which were incompatible with the leaf certificate's
+// keyUsage extension. Otherwise, it returns zero.
+//
+// If |SSL_set_enforce_rsa_key_usage| is enabled or not applicable, this
+// function will always return zero because key usages will be consistently
+// checked.
+OPENSSL_EXPORT int SSL_was_key_usage_invalid(const SSL *ssl);
+
// SSL_ST_* are possible values for |SSL_state|, the bitmasks that make them up,
// and some historical values for compatibility. Only |SSL_ST_INIT| and
// |SSL_ST_OK| are ever returned.
@@ -4473,13 +4554,6 @@
// SSL_CIPHER_get_version returns the string "TLSv1/SSLv3".
OPENSSL_EXPORT const char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
-// SSL_CIPHER_get_rfc_name returns a newly-allocated string containing the
-// result of |SSL_CIPHER_standard_name| or NULL on error. The caller is
-// responsible for calling |OPENSSL_free| on the result.
-//
-// Use |SSL_CIPHER_standard_name| instead.
-OPENSSL_EXPORT char *SSL_CIPHER_get_rfc_name(const SSL_CIPHER *cipher);
-
typedef void COMP_METHOD;
typedef struct ssl_comp_st SSL_COMP;
@@ -5104,6 +5178,68 @@
OPENSSL_EXPORT uint16_t SSL_CIPHER_get_value(const SSL_CIPHER *cipher);
+// Compliance policy configurations
+//
+// A TLS connection has a large number of different parameters. Some are well
+// known, like cipher suites, but many are obscure and configuration functions
+// for them may not exist. These policy controls allow broad configuration
+// goals to be specified so that they can flow down to all the different
+// parameters of a TLS connection.
+
+enum ssl_compliance_policy_t BORINGSSL_ENUM_INT {
+ // ssl_compliance_policy_none does nothing. However, since setting this
+ // doesn't undo other policies it's an error to try and set it.
+ ssl_compliance_policy_none,
+
+ // ssl_policy_fips_202205 configures a TLS connection to use:
+ // * TLS 1.2 or 1.3
+ // * For TLS 1.2, only ECDHE_[RSA|ECDSA]_WITH_AES_*_GCM_SHA*.
+ // * For TLS 1.3, only AES-GCM
+ // * P-256 or P-384 for key agreement.
+ // * For server signatures, only PKCS#1/PSS with SHA256/384/512, or ECDSA
+ // with P-256 or P-384.
+ //
+ // Note: this policy can be configured even if BoringSSL has not been built in
+ // FIPS mode. Call |FIPS_mode| to check that.
+ //
+ // Note: this setting aids with compliance with NIST requirements but does not
+ // guarantee it. Careful reading of SP 800-52r2 is recommended.
+ ssl_compliance_policy_fips_202205,
+
+ // ssl_compliance_policy_wpa3_192_202304 configures a TLS connection to use:
+ // * TLS 1.2 or 1.3.
+ // * For TLS 1.2, only TLS_ECDHE_[ECDSA|RSA]_WITH_AES_256_GCM_SHA384.
+ // * For TLS 1.3, only AES-256-GCM.
+ // * P-384 for key agreement.
+ // * For handshake signatures, only ECDSA with P-384 and SHA-384, or RSA
+ // with SHA-384 or SHA-512.
+ //
+ // No limitations on the certificate chain nor leaf public key are imposed,
+ // other than by the supported signature algorithms. But WPA3's "192-bit"
+ // mode requires at least P-384 or 3072-bit along the chain. The caller must
+ // enforce this themselves on the verified chain using functions such as
+ // `X509_STORE_CTX_get0_chain`.
+ //
+ // Note that this setting is less secure than the default. The
+ // implementation risks of using a more obscure primitive like P-384
+ // dominate other considerations.
+ ssl_compliance_policy_wpa3_192_202304,
+};
+
+// SSL_CTX_set_compliance_policy configures various aspects of |ctx| based on
+// the given policy requirements. Subsequently calling other functions that
+// configure |ctx| may override |policy|, or may not. This should be the final
+// configuration function called in order to have defined behaviour. It's a
+// fatal error if |policy| is |ssl_compliance_policy_none|.
+OPENSSL_EXPORT int SSL_CTX_set_compliance_policy(
+ SSL_CTX *ctx, enum ssl_compliance_policy_t policy);
+
+// SSL_set_compliance_policy acts the same as |SSL_CTX_set_compliance_policy|,
+// but only configures a single |SSL*|.
+OPENSSL_EXPORT int SSL_set_compliance_policy(
+ SSL *ssl, enum ssl_compliance_policy_t policy);
+
+
// Nodejs compatibility section (hidden).
//
// These defines exist for node.js, with the hope that we can eliminate the
@@ -5270,62 +5406,6 @@
BORINGSSL_MAKE_DELETER(SSL_SESSION, SSL_SESSION_free)
BORINGSSL_MAKE_UP_REF(SSL_SESSION, SSL_SESSION_up_ref)
-enum class OpenRecordResult {
- kOK,
- kDiscard,
- kIncompleteRecord,
- kAlertCloseNotify,
- kError,
-};
-
-// *** EXPERIMENTAL -- DO NOT USE ***
-//
-// OpenRecord decrypts the first complete SSL record from |in| in-place, sets
-// |out| to the decrypted application data, and |out_record_len| to the length
-// of the encrypted record. Returns:
-// - kOK if an application-data record was successfully decrypted and verified.
-// - kDiscard if a record was sucessfully processed, but should be discarded.
-// - kIncompleteRecord if |in| did not contain a complete record.
-// - kAlertCloseNotify if a record was successfully processed but is a
-// close_notify alert.
-// - kError if an error occurred or the record is invalid. |*out_alert| will be
-// set to an alert to emit, or zero if no alert should be emitted.
-OPENSSL_EXPORT OpenRecordResult OpenRecord(SSL *ssl, Span<uint8_t> *out,
- size_t *out_record_len,
- uint8_t *out_alert,
- Span<uint8_t> in);
-
-OPENSSL_EXPORT size_t SealRecordPrefixLen(const SSL *ssl, size_t plaintext_len);
-
-// SealRecordSuffixLen returns the length of the suffix written by |SealRecord|.
-//
-// |plaintext_len| must be equal to the size of the plaintext passed to
-// |SealRecord|.
-//
-// |plaintext_len| must not exceed |SSL3_RT_MAX_PLAINTEXT_LENGTH|. The returned
-// suffix length will not exceed |SSL3_RT_MAX_ENCRYPTED_OVERHEAD|.
-OPENSSL_EXPORT size_t SealRecordSuffixLen(const SSL *ssl, size_t plaintext_len);
-
-// *** EXPERIMENTAL -- DO NOT USE ***
-//
-// SealRecord encrypts the cleartext of |in| and scatters the resulting TLS
-// application data record between |out_prefix|, |out|, and |out_suffix|. It
-// returns true on success or false if an error occurred.
-//
-// The length of |out_prefix| must equal |SealRecordPrefixLen|. The length of
-// |out| must equal the length of |in|, which must not exceed
-// |SSL3_RT_MAX_PLAINTEXT_LENGTH|. The length of |out_suffix| must equal
-// |SealRecordSuffixLen|.
-//
-// If enabled, |SealRecord| may perform TLS 1.0 CBC 1/n-1 record splitting.
-// |SealRecordPrefixLen| accounts for the required overhead if that is the case.
-//
-// |out| may equal |in| to encrypt in-place but may not otherwise alias.
-// |out_prefix| and |out_suffix| may not alias anything.
-OPENSSL_EXPORT bool SealRecord(SSL *ssl, Span<uint8_t> out_prefix,
- Span<uint8_t> out, Span<uint8_t> out_suffix,
- Span<const uint8_t> in);
-
// *** EXPERIMENTAL — DO NOT USE WITHOUT CHECKING ***
//
@@ -5383,6 +5463,18 @@
const SSL *ssl, Span<const uint8_t> *out_read_traffic_secret,
Span<const uint8_t> *out_write_traffic_secret);
+// SSL_CTX_set_aes_hw_override_for_testing sets |override_value| to
+// override checking for aes hardware support for testing. If |override_value|
+// is set to true, the library will behave as if aes hardware support is
+// present. If it is set to false, the library will behave as if aes hardware
+// support is not present.
+OPENSSL_EXPORT void SSL_CTX_set_aes_hw_override_for_testing(
+ SSL_CTX *ctx, bool override_value);
+
+// SSL_set_aes_hw_override_for_testing acts the same as
+// |SSL_CTX_set_aes_override_for_testing| but only configures a single |SSL*|.
+OPENSSL_EXPORT void SSL_set_aes_hw_override_for_testing(SSL *ssl,
+ bool override_value);
BSSL_NAMESPACE_END
diff --git a/sysroots/generic-arm32/usr/include/openssl/ssl3.h b/sysroots/generic-arm32/usr/include/openssl/ssl3.h
index 533142c..221adf0 100644
--- a/sysroots/generic-arm32/usr/include/openssl/ssl3.h
+++ b/sysroots/generic-arm32/usr/include/openssl/ssl3.h
@@ -1,4 +1,3 @@
-/* ssl/ssl3.h */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -118,7 +117,6 @@
#define OPENSSL_HEADER_SSL3_H
#include <openssl/aead.h>
-#include <openssl/type_check.h>
#ifdef __cplusplus
extern "C" {
@@ -251,10 +249,6 @@
#define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
(EVP_AEAD_MAX_OVERHEAD + EVP_AEAD_MAX_NONCE_LENGTH)
-OPENSSL_STATIC_ASSERT(SSL3_RT_MAX_ENCRYPTED_OVERHEAD >=
- SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD,
- "max overheads are inconsistent");
-
// SSL3_RT_MAX_COMPRESSED_LENGTH is an alias for
// |SSL3_RT_MAX_PLAIN_LENGTH|. Compression is gone, so don't include the
// compression overhead.
diff --git a/sysroots/generic-arm32/usr/include/openssl/stack.h b/sysroots/generic-arm32/usr/include/openssl/stack.h
index df54713..59b1c5e 100644
--- a/sysroots/generic-arm32/usr/include/openssl/stack.h
+++ b/sysroots/generic-arm32/usr/include/openssl/stack.h
@@ -59,8 +59,6 @@
#include <openssl/base.h>
-#include <openssl/type_check.h>
-
#if defined(__cplusplus)
extern "C" {
#endif
@@ -69,41 +67,219 @@
// A stack, in OpenSSL, is an array of pointers. They are the most commonly
// used collection object.
//
-// This file defines macros for type safe use of the stack functions. A stack
-// of a specific type of object has type |STACK_OF(type)|. This can be defined
-// (once) with |DEFINE_STACK_OF(type)| and declared where needed with
-// |DECLARE_STACK_OF(type)|. For example:
+// This file defines macros for type-safe use of the stack functions. A stack
+// type is named like |STACK_OF(FOO)| and is accessed with functions named
+// like |sk_FOO_*|. Note the stack will typically contain /pointers/ to |FOO|.
//
-// typedef struct foo_st {
-// int bar;
-// } FOO;
-//
-// DEFINE_STACK_OF(FOO)
-//
-// Although note that the stack will contain /pointers/ to |FOO|.
-//
-// A macro will be defined for each of the sk_* functions below. For
-// STACK_OF(FOO), the macros would be sk_FOO_new, sk_FOO_pop etc.
+// The |DECLARE_STACK_OF| macro makes |STACK_OF(FOO)| available, and
+// |DEFINE_STACK_OF| makes the corresponding functions available.
-// stack_free_func is a function that frees an element in a stack. Note its
+// Defining stacks.
+
+// STACK_OF expands to the stack type for |type|.
+#define STACK_OF(type) struct stack_st_##type
+
+// DECLARE_STACK_OF declares the |STACK_OF(type)| type. It does not make the
+// corresponding |sk_type_*| functions available. This macro should be used in
+// files which only need the type.
+#define DECLARE_STACK_OF(type) STACK_OF(type);
+
+// DEFINE_NAMED_STACK_OF defines |STACK_OF(name)| to be a stack whose elements
+// are |type| *. This macro makes the |sk_name_*| functions available.
+//
+// It is not necessary to use |DECLARE_STACK_OF| in files which use this macro.
+#define DEFINE_NAMED_STACK_OF(name, type) \
+ BORINGSSL_DEFINE_STACK_OF_IMPL(name, type *, const type *) \
+ BORINGSSL_DEFINE_STACK_TRAITS(name, type, false)
+
+// DEFINE_STACK_OF defines |STACK_OF(type)| to be a stack whose elements are
+// |type| *. This macro makes the |sk_type_*| functions available.
+//
+// It is not necessary to use |DECLARE_STACK_OF| in files which use this macro.
+#define DEFINE_STACK_OF(type) DEFINE_NAMED_STACK_OF(type, type)
+
+// DEFINE_CONST_STACK_OF defines |STACK_OF(type)| to be a stack whose elements
+// are const |type| *. This macro makes the |sk_type_*| functions available.
+//
+// It is not necessary to use |DECLARE_STACK_OF| in files which use this macro.
+#define DEFINE_CONST_STACK_OF(type) \
+ BORINGSSL_DEFINE_STACK_OF_IMPL(type, const type *, const type *) \
+ BORINGSSL_DEFINE_STACK_TRAITS(type, const type, true)
+
+
+// Using stacks.
+//
+// After the |DEFINE_STACK_OF| macro is used, the following functions are
+// available.
+
+#if 0 // Sample
+
+// sk_SAMPLE_free_func is a callback to free an element in a stack.
+typedef void (*sk_SAMPLE_free_func)(SAMPLE *);
+
+// sk_SAMPLE_copy_func is a callback to copy an element in a stack. It should
+// return the copy or NULL on error.
+typedef SAMPLE *(*sk_SAMPLE_copy_func)(const SAMPLE *);
+
+// sk_SAMPLE_cmp_func is a callback to compare |*a| to |*b|. It should return a
+// value < 0, 0, or > 0 if |*a| is less than, equal to, or greater than |*b|,
+// respectively. Note the extra indirection - the function is given a pointer
+// to a pointer to the element. This is the |qsort|/|bsearch| comparison
+// function applied to an array of |SAMPLE*|.
+typedef int (*sk_SAMPLE_cmp_func)(const SAMPLE *const *a,
+ const SAMPLE *const *b);
+
+// sk_SAMPLE_new creates a new, empty stack with the given comparison function,
+// which may be NULL. It returns the new stack or NULL on allocation failure.
+STACK_OF(SAMPLE) *sk_SAMPLE_new(sk_SAMPLE_cmp_func comp);
+
+// sk_SAMPLE_new_null creates a new, empty stack. It returns the new stack or
+// NULL on allocation failure.
+STACK_OF(SAMPLE) *sk_SAMPLE_new_null(void);
+
+// sk_SAMPLE_num returns the number of elements in |sk|.
+size_t sk_SAMPLE_num(const STACK_OF(SAMPLE) *sk);
+
+// sk_SAMPLE_zero resets |sk| to the empty state but does nothing to free the
+// individual elements themselves.
+void sk_SAMPLE_zero(STACK_OF(SAMPLE) *sk);
+
+// sk_SAMPLE_value returns the |i|th pointer in |sk|, or NULL if |i| is out of
+// range.
+SAMPLE *sk_SAMPLE_value(const STACK_OF(SAMPLE) *sk, size_t i);
+
+// sk_SAMPLE_set sets the |i|th pointer in |sk| to |p| and returns |p|. If |i|
+// is out of range, it returns NULL.
+SAMPLE *sk_SAMPLE_set(STACK_OF(SAMPLE) *sk, size_t i, SAMPLE *p);
+
+// sk_SAMPLE_free frees |sk|, but does nothing to free the individual elements.
+// Use |sk_SAMPLE_pop_free| to also free the elements.
+void sk_SAMPLE_free(STACK_OF(SAMPLE) *sk);
+
+// sk_SAMPLE_pop_free calls |free_func| on each element in |sk| and then
+// frees the stack itself.
+void sk_SAMPLE_pop_free(STACK_OF(SAMPLE) *sk, sk_SAMPLE_free_func free_func);
+
+// sk_SAMPLE_insert inserts |p| into the stack at index |where|, moving existing
+// elements if needed. It returns the length of the new stack, or zero on
+// error.
+size_t sk_SAMPLE_insert(STACK_OF(SAMPLE) *sk, SAMPLE *p, size_t where);
+
+// sk_SAMPLE_delete removes the pointer at index |where|, moving other elements
+// down if needed. It returns the removed pointer, or NULL if |where| is out of
+// range.
+SAMPLE *sk_SAMPLE_delete(STACK_OF(SAMPLE) *sk, size_t where);
+
+// sk_SAMPLE_delete_ptr removes, at most, one instance of |p| from |sk| based on
+// pointer equality. If an instance of |p| is found then |p| is returned,
+// otherwise it returns NULL.
+SAMPLE *sk_SAMPLE_delete_ptr(STACK_OF(SAMPLE) *sk, const SAMPLE *p);
+
+// sk_SAMPLE_delete_if_func is the callback function for |sk_SAMPLE_delete_if|.
+// It should return one to remove |p| and zero to keep it.
+typedef int (*sk_SAMPLE_delete_if_func)(SAMPLE *p, void *data);
+
+// sk_SAMPLE_delete_if calls |func| with each element of |sk| and removes the
+// entries where |func| returned one. This function does not free or return
+// removed pointers so, if |sk| owns its contents, |func| should release the
+// pointers prior to returning one.
+void sk_SAMPLE_delete_if(STACK_OF(SAMPLE) *sk, sk_SAMPLE_delete_if_func func,
+ void *data);
+
+// sk_SAMPLE_find find the first value in |sk| equal to |p|. |sk|'s comparison
+// function determines equality, or pointer equality if |sk| has no comparison
+// function.
+//
+// If the stack is sorted (see |sk_SAMPLE_sort|), this function uses a binary
+// search. Otherwise it performs a linear search. If it finds a matching
+// element, it writes the index to |*out_index| (if |out_index| is not NULL) and
+// returns one. Otherwise, it returns zero.
+//
+// Note this differs from OpenSSL. The type signature is slightly different, and
+// OpenSSL's version will implicitly sort |sk| if it has a comparison function
+// defined.
+int sk_SAMPLE_find(const STACK_OF(SAMPLE) *sk, size_t *out_index,
+ const SAMPLE *p);
+
+// sk_SAMPLE_shift removes and returns the first element in |sk|, or NULL if
+// |sk| is empty.
+SAMPLE *sk_SAMPLE_shift(STACK_OF(SAMPLE) *sk);
+
+// sk_SAMPLE_push appends |p| to |sk| and returns the length of the new stack,
+// or 0 on allocation failure.
+size_t sk_SAMPLE_push(STACK_OF(SAMPLE) *sk, SAMPLE *p);
+
+// sk_SAMPLE_pop removes and returns the last element of |sk|, or NULL if |sk|
+// is empty.
+SAMPLE *sk_SAMPLE_pop(STACK_OF(SAMPLE) *sk);
+
+// sk_SAMPLE_dup performs a shallow copy of a stack and returns the new stack,
+// or NULL on error. Use |sk_SAMPLE_deep_copy| to also copy the elements.
+STACK_OF(SAMPLE) *sk_SAMPLE_dup(const STACK_OF(SAMPLE) *sk);
+
+// sk_SAMPLE_sort sorts the elements of |sk| into ascending order based on the
+// comparison function. The stack maintains a "sorted" flag and sorting an
+// already sorted stack is a no-op.
+void sk_SAMPLE_sort(STACK_OF(SAMPLE) *sk);
+
+// sk_SAMPLE_is_sorted returns one if |sk| is known to be sorted and zero
+// otherwise.
+int sk_SAMPLE_is_sorted(const STACK_OF(SAMPLE) *sk);
+
+// sk_SAMPLE_set_cmp_func sets the comparison function to be used by |sk| and
+// returns the previous one.
+sk_SAMPLE_cmp_func sk_SAMPLE_set_cmp_func(STACK_OF(SAMPLE) *sk,
+ sk_SAMPLE_cmp_func comp);
+
+// sk_SAMPLE_deep_copy performs a copy of |sk| and of each of the non-NULL
+// elements in |sk| by using |copy_func|. If an error occurs, it calls
+// |free_func| to free any copies already made and returns NULL.
+STACK_OF(SAMPLE) *sk_SAMPLE_deep_copy(const STACK_OF(SAMPLE) *sk,
+ sk_SAMPLE_copy_func copy_func,
+ sk_SAMPLE_free_func free_func);
+
+#endif // Sample
+
+
+// Private functions.
+//
+// TODO(https://crbug.com/boringssl/499): Rename to |OPENSSL_sk_foo|, after
+// external code that calls them is fixed.
+
+// OPENSSL_sk_free_func is a function that frees an element in a stack. Note its
// actual type is void (*)(T *) for some T. Low-level |sk_*| functions will be
// passed a type-specific wrapper to call it correctly.
-typedef void (*stack_free_func)(void *ptr);
+typedef void (*OPENSSL_sk_free_func)(void *ptr);
-// stack_copy_func is a function that copies an element in a stack. Note its
-// actual type is T *(*)(T *) for some T. Low-level |sk_*| functions will be
-// passed a type-specific wrapper to call it correctly.
-typedef void *(*stack_copy_func)(void *ptr);
+// OPENSSL_sk_copy_func is a function that copies an element in a stack. Note
+// its actual type is T *(*)(const T *) for some T. Low-level |sk_*| functions
+// will be passed a type-specific wrapper to call it correctly.
+typedef void *(*OPENSSL_sk_copy_func)(const void *ptr);
-// stack_cmp_func is a comparison function that returns a value < 0, 0 or > 0
-// if |*a| is less than, equal to or greater than |*b|, respectively. Note the
-// extra indirection - the function is given a pointer to a pointer to the
+// OPENSSL_sk_cmp_func is a comparison function that returns a value < 0, 0 or >
+// 0 if |*a| is less than, equal to or greater than |*b|, respectively. Note
+// the extra indirection - the function is given a pointer to a pointer to the
// element. This differs from the usual qsort/bsearch comparison function.
//
-// Note its actual type is int (*)(const T **, const T **). Low-level |sk_*|
-// functions will be passed a type-specific wrapper to call it correctly.
-typedef int (*stack_cmp_func)(const void **a, const void **b);
+// Note its actual type is |int (*)(const T *const *a, const T *const *b)|.
+// Low-level |sk_*| functions will be passed a type-specific wrapper to call it
+// correctly.
+typedef int (*OPENSSL_sk_cmp_func)(const void *const *a, const void *const *b);
+
+// OPENSSL_sk_delete_if_func is the generic version of
+// |sk_SAMPLE_delete_if_func|.
+typedef int (*OPENSSL_sk_delete_if_func)(void *obj, void *data);
+
+// The following function types call the above type-erased signatures with the
+// true types.
+typedef void (*OPENSSL_sk_call_free_func)(OPENSSL_sk_free_func, void *);
+typedef void *(*OPENSSL_sk_call_copy_func)(OPENSSL_sk_copy_func, const void *);
+typedef int (*OPENSSL_sk_call_cmp_func)(OPENSSL_sk_cmp_func,
+ const void *const *,
+ const void *const *);
+typedef int (*OPENSSL_sk_call_delete_if_func)(OPENSSL_sk_delete_if_func, void *,
+ void *);
// stack_st contains an array of pointers. It is not designed to be used
// directly, rather the wrapper macros should be used.
@@ -118,135 +294,50 @@
// to by |data|, which may be larger than |num|.
size_t num_alloc;
// comp is an optional comparison function.
- stack_cmp_func comp;
+ OPENSSL_sk_cmp_func comp;
} _STACK;
-
-#define STACK_OF(type) struct stack_st_##type
-
-#define DECLARE_STACK_OF(type) STACK_OF(type);
-
-// These are the raw stack functions, you shouldn't be using them. Rather you
-// should be using the type stack macros implemented above.
-
-// sk_new creates a new, empty stack with the given comparison function, which
-// may be zero. It returns the new stack or NULL on allocation failure.
-OPENSSL_EXPORT _STACK *sk_new(stack_cmp_func comp);
-
-// sk_new_null creates a new, empty stack. It returns the new stack or NULL on
-// allocation failure.
+// The following are raw stack functions. They implement the corresponding typed
+// |sk_SAMPLE_*| functions generated by |DEFINE_STACK_OF|. Callers shouldn't be
+// using them. Rather, callers should use the typed functions.
+OPENSSL_EXPORT _STACK *sk_new(OPENSSL_sk_cmp_func comp);
OPENSSL_EXPORT _STACK *sk_new_null(void);
-
-// sk_num returns the number of elements in |s|.
OPENSSL_EXPORT size_t sk_num(const _STACK *sk);
-
-// sk_zero resets |sk| to the empty state but does nothing to free the
-// individual elements themselves.
OPENSSL_EXPORT void sk_zero(_STACK *sk);
-
-// sk_value returns the |i|th pointer in |sk|, or NULL if |i| is out of
-// range.
OPENSSL_EXPORT void *sk_value(const _STACK *sk, size_t i);
-
-// sk_set sets the |i|th pointer in |sk| to |p| and returns |p|. If |i| is out
-// of range, it returns NULL.
OPENSSL_EXPORT void *sk_set(_STACK *sk, size_t i, void *p);
-
-// sk_free frees the given stack and array of pointers, but does nothing to
-// free the individual elements. Also see |sk_pop_free_ex|.
OPENSSL_EXPORT void sk_free(_STACK *sk);
-
-// sk_pop_free_ex calls |free_func| on each element in the stack and then frees
-// the stack itself. Note this corresponds to |sk_FOO_pop_free|. It is named
-// |sk_pop_free_ex| as a workaround for existing code calling an older version
-// of |sk_pop_free|.
OPENSSL_EXPORT void sk_pop_free_ex(_STACK *sk,
- void (*call_free_func)(stack_free_func,
- void *),
- stack_free_func free_func);
-
-// sk_insert inserts |p| into the stack at index |where|, moving existing
-// elements if needed. It returns the length of the new stack, or zero on
-// error.
+ OPENSSL_sk_call_free_func call_free_func,
+ OPENSSL_sk_free_func free_func);
OPENSSL_EXPORT size_t sk_insert(_STACK *sk, void *p, size_t where);
-
-// sk_delete removes the pointer at index |where|, moving other elements down
-// if needed. It returns the removed pointer, or NULL if |where| is out of
-// range.
OPENSSL_EXPORT void *sk_delete(_STACK *sk, size_t where);
-
-// sk_delete_ptr removes, at most, one instance of |p| from the stack based on
-// pointer equality. If an instance of |p| is found then |p| is returned,
-// otherwise it returns NULL.
OPENSSL_EXPORT void *sk_delete_ptr(_STACK *sk, const void *p);
-
-// sk_find returns the first value in the stack equal to |p|. If a comparison
-// function has been set on the stack, equality is defined by it, otherwise
-// pointer equality is used. If the stack is sorted, then a binary search is
-// used, otherwise a linear search is performed. If a matching element is found,
-// its index is written to
-// |*out_index| (if |out_index| is not NULL) and one is returned. Otherwise zero
-// is returned.
-//
-// Note this differs from OpenSSL. The type signature is slightly different, and
-// OpenSSL's sk_find will implicitly sort |sk| if it has a comparison function
-// defined.
+OPENSSL_EXPORT void sk_delete_if(_STACK *sk,
+ OPENSSL_sk_call_delete_if_func call_func,
+ OPENSSL_sk_delete_if_func func, void *data);
OPENSSL_EXPORT int sk_find(const _STACK *sk, size_t *out_index, const void *p,
- int (*call_cmp_func)(stack_cmp_func, const void **,
- const void **));
-
-// sk_shift removes and returns the first element in the stack, or returns NULL
-// if the stack is empty.
+ OPENSSL_sk_call_cmp_func call_cmp_func);
OPENSSL_EXPORT void *sk_shift(_STACK *sk);
-
-// sk_push appends |p| to the stack and returns the length of the new stack, or
-// 0 on allocation failure.
OPENSSL_EXPORT size_t sk_push(_STACK *sk, void *p);
-
-// sk_pop returns and removes the last element on the stack, or NULL if the
-// stack is empty.
OPENSSL_EXPORT void *sk_pop(_STACK *sk);
-
-// sk_dup performs a shallow copy of a stack and returns the new stack, or NULL
-// on error.
OPENSSL_EXPORT _STACK *sk_dup(const _STACK *sk);
-
-// sk_sort sorts the elements of |sk| into ascending order based on the
-// comparison function. The stack maintains a |sorted| flag and sorting an
-// already sorted stack is a no-op.
-OPENSSL_EXPORT void sk_sort(_STACK *sk);
-
-// sk_is_sorted returns one if |sk| is known to be sorted and zero
-// otherwise.
+OPENSSL_EXPORT void sk_sort(_STACK *sk, OPENSSL_sk_call_cmp_func call_cmp_func);
OPENSSL_EXPORT int sk_is_sorted(const _STACK *sk);
-
-// sk_set_cmp_func sets the comparison function to be used by |sk| and returns
-// the previous one.
-OPENSSL_EXPORT stack_cmp_func sk_set_cmp_func(_STACK *sk, stack_cmp_func comp);
-
-// sk_deep_copy performs a copy of |sk| and of each of the non-NULL elements in
-// |sk| by using |copy_func|. If an error occurs, |free_func| is used to free
-// any copies already made and NULL is returned.
-OPENSSL_EXPORT _STACK *sk_deep_copy(
- const _STACK *sk, void *(*call_copy_func)(stack_copy_func, void *),
- stack_copy_func copy_func, void (*call_free_func)(stack_free_func, void *),
- stack_free_func free_func);
-
-
-// Deprecated functions.
+OPENSSL_EXPORT OPENSSL_sk_cmp_func sk_set_cmp_func(_STACK *sk,
+ OPENSSL_sk_cmp_func comp);
+OPENSSL_EXPORT _STACK *sk_deep_copy(const _STACK *sk,
+ OPENSSL_sk_call_copy_func call_copy_func,
+ OPENSSL_sk_copy_func copy_func,
+ OPENSSL_sk_call_free_func call_free_func,
+ OPENSSL_sk_free_func free_func);
// sk_pop_free behaves like |sk_pop_free_ex| but performs an invalid function
// pointer cast. It exists because some existing callers called |sk_pop_free|
// directly.
//
// TODO(davidben): Migrate callers to bssl::UniquePtr and remove this.
-OPENSSL_EXPORT void sk_pop_free(_STACK *sk, stack_free_func free_func);
-
-
-// Defining stack types.
-//
-// This set of macros is used to emit the typed functions that act on a
-// |STACK_OF(T)|.
+OPENSSL_EXPORT void sk_pop_free(_STACK *sk, OPENSSL_sk_free_func free_func);
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
@@ -276,156 +367,162 @@
#define BORINGSSL_DEFINE_STACK_TRAITS(name, type, is_const)
#endif
-#define BORINGSSL_DEFINE_STACK_OF_IMPL(name, ptrtype, constptrtype) \
- DECLARE_STACK_OF(name) \
- \
- typedef void (*stack_##name##_free_func)(ptrtype); \
- typedef ptrtype (*stack_##name##_copy_func)(ptrtype); \
- typedef int (*stack_##name##_cmp_func)(constptrtype *a, constptrtype *b); \
- \
- OPENSSL_INLINE void sk_##name##_call_free_func(stack_free_func free_func, \
- void *ptr) { \
- ((stack_##name##_free_func)free_func)((ptrtype)ptr); \
- } \
- \
- OPENSSL_INLINE void *sk_##name##_call_copy_func(stack_copy_func copy_func, \
- void *ptr) { \
- return (void *)((stack_##name##_copy_func)copy_func)((ptrtype)ptr); \
- } \
- \
- OPENSSL_INLINE int sk_##name##_call_cmp_func( \
- stack_cmp_func cmp_func, const void **a, const void **b) { \
- constptrtype a_ptr = (constptrtype)*a; \
- constptrtype b_ptr = (constptrtype)*b; \
- return ((stack_##name##_cmp_func)cmp_func)(&a_ptr, &b_ptr); \
- } \
- \
- OPENSSL_INLINE STACK_OF(name) * \
- sk_##name##_new(stack_##name##_cmp_func comp) { \
- return (STACK_OF(name) *)sk_new((stack_cmp_func)comp); \
- } \
- \
- OPENSSL_INLINE STACK_OF(name) *sk_##name##_new_null(void) { \
- return (STACK_OF(name) *)sk_new_null(); \
- } \
- \
- OPENSSL_INLINE size_t sk_##name##_num(const STACK_OF(name) *sk) { \
- return sk_num((const _STACK *)sk); \
- } \
- \
- OPENSSL_INLINE void sk_##name##_zero(STACK_OF(name) *sk) { \
- sk_zero((_STACK *)sk); \
- } \
- \
- OPENSSL_INLINE ptrtype sk_##name##_value(const STACK_OF(name) *sk, \
- size_t i) { \
- return (ptrtype)sk_value((const _STACK *)sk, i); \
- } \
- \
- OPENSSL_INLINE ptrtype sk_##name##_set(STACK_OF(name) *sk, size_t i, \
- ptrtype p) { \
- return (ptrtype)sk_set((_STACK *)sk, i, (void *)p); \
- } \
- \
- OPENSSL_INLINE void sk_##name##_free(STACK_OF(name) * sk) { \
- sk_free((_STACK *)sk); \
- } \
- \
- OPENSSL_INLINE void sk_##name##_pop_free( \
- STACK_OF(name) * sk, stack_##name##_free_func free_func) { \
- sk_pop_free_ex((_STACK *)sk, sk_##name##_call_free_func, \
- (stack_free_func)free_func); \
- } \
- \
- OPENSSL_INLINE size_t sk_##name##_insert(STACK_OF(name) *sk, ptrtype p, \
- size_t where) { \
- return sk_insert((_STACK *)sk, (void *)p, where); \
- } \
- \
- OPENSSL_INLINE ptrtype sk_##name##_delete(STACK_OF(name) *sk, \
- size_t where) { \
- return (ptrtype)sk_delete((_STACK *)sk, where); \
- } \
- \
- OPENSSL_INLINE ptrtype sk_##name##_delete_ptr(STACK_OF(name) *sk, \
- constptrtype p) { \
- return (ptrtype)sk_delete_ptr((_STACK *)sk, (const void *)p); \
- } \
- \
- OPENSSL_INLINE int sk_##name##_find(const STACK_OF(name) *sk, \
- size_t * out_index, constptrtype p) { \
- return sk_find((const _STACK *)sk, out_index, (const void *)p, \
- sk_##name##_call_cmp_func); \
- } \
- \
- OPENSSL_INLINE ptrtype sk_##name##_shift(STACK_OF(name) *sk) { \
- return (ptrtype)sk_shift((_STACK *)sk); \
- } \
- \
- OPENSSL_INLINE size_t sk_##name##_push(STACK_OF(name) *sk, ptrtype p) { \
- return sk_push((_STACK *)sk, (void *)p); \
- } \
- \
- OPENSSL_INLINE ptrtype sk_##name##_pop(STACK_OF(name) *sk) { \
- return (ptrtype)sk_pop((_STACK *)sk); \
- } \
- \
- OPENSSL_INLINE STACK_OF(name) * sk_##name##_dup(const STACK_OF(name) *sk) { \
- return (STACK_OF(name) *)sk_dup((const _STACK *)sk); \
- } \
- \
- OPENSSL_INLINE void sk_##name##_sort(STACK_OF(name) *sk) { \
- sk_sort((_STACK *)sk); \
- } \
- \
- OPENSSL_INLINE int sk_##name##_is_sorted(const STACK_OF(name) *sk) { \
- return sk_is_sorted((const _STACK *)sk); \
- } \
- \
- OPENSSL_INLINE stack_##name##_cmp_func sk_##name##_set_cmp_func( \
- STACK_OF(name) *sk, stack_##name##_cmp_func comp) { \
- return (stack_##name##_cmp_func)sk_set_cmp_func((_STACK *)sk, \
- (stack_cmp_func)comp); \
- } \
- \
- OPENSSL_INLINE STACK_OF(name) * \
- sk_##name##_deep_copy(const STACK_OF(name) *sk, \
- ptrtype(*copy_func)(ptrtype), \
- void (*free_func)(ptrtype)) { \
- return (STACK_OF(name) *)sk_deep_copy( \
- (const _STACK *)sk, sk_##name##_call_copy_func, \
- (stack_copy_func)copy_func, sk_##name##_call_free_func, \
- (stack_free_func)free_func); \
- }
+#define BORINGSSL_DEFINE_STACK_OF_IMPL(name, ptrtype, constptrtype) \
+ /* We disable MSVC C4191 in this macro, which warns when pointers are cast \
+ * to the wrong type. While the cast itself is valid, it is often a bug \
+ * because calling it through the cast is UB. However, we never actually \
+ * call functions as |OPENSSL_sk_cmp_func|. The type is just a type-erased \
+ * function pointer. (C does not guarantee function pointers fit in \
+ * |void*|, and GCC will warn on this.) Thus we just disable the false \
+ * positive warning. */ \
+ OPENSSL_MSVC_PRAGMA(warning(push)) \
+ OPENSSL_MSVC_PRAGMA(warning(disable : 4191)) \
+ \
+ DECLARE_STACK_OF(name) \
+ \
+ typedef void (*sk_##name##_free_func)(ptrtype); \
+ typedef ptrtype (*sk_##name##_copy_func)(constptrtype); \
+ typedef int (*sk_##name##_cmp_func)(constptrtype const *, \
+ constptrtype const *); \
+ typedef int (*sk_##name##_delete_if_func)(ptrtype, void *); \
+ \
+ OPENSSL_INLINE void sk_##name##_call_free_func( \
+ OPENSSL_sk_free_func free_func, void *ptr) { \
+ ((sk_##name##_free_func)free_func)((ptrtype)ptr); \
+ } \
+ \
+ OPENSSL_INLINE void *sk_##name##_call_copy_func( \
+ OPENSSL_sk_copy_func copy_func, const void *ptr) { \
+ return (void *)((sk_##name##_copy_func)copy_func)((constptrtype)ptr); \
+ } \
+ \
+ OPENSSL_INLINE int sk_##name##_call_cmp_func(OPENSSL_sk_cmp_func cmp_func, \
+ const void *const *a, \
+ const void *const *b) { \
+ /* The data is actually stored as |void*| pointers, so read the pointer \
+ * as |void*| and then pass the corrected type into the caller-supplied \
+ * function, which expects |constptrtype*|. */ \
+ constptrtype a_ptr = (constptrtype)*a; \
+ constptrtype b_ptr = (constptrtype)*b; \
+ return ((sk_##name##_cmp_func)cmp_func)(&a_ptr, &b_ptr); \
+ } \
+ \
+ OPENSSL_INLINE int sk_##name##_call_delete_if_func( \
+ OPENSSL_sk_delete_if_func func, void *obj, void *data) { \
+ return ((sk_##name##_delete_if_func)func)((ptrtype)obj, data); \
+ } \
+ \
+ OPENSSL_INLINE STACK_OF(name) *sk_##name##_new(sk_##name##_cmp_func comp) { \
+ return (STACK_OF(name) *)sk_new((OPENSSL_sk_cmp_func)comp); \
+ } \
+ \
+ OPENSSL_INLINE STACK_OF(name) *sk_##name##_new_null(void) { \
+ return (STACK_OF(name) *)sk_new_null(); \
+ } \
+ \
+ OPENSSL_INLINE size_t sk_##name##_num(const STACK_OF(name) *sk) { \
+ return sk_num((const _STACK *)sk); \
+ } \
+ \
+ OPENSSL_INLINE void sk_##name##_zero(STACK_OF(name) *sk) { \
+ sk_zero((_STACK *)sk); \
+ } \
+ \
+ OPENSSL_INLINE ptrtype sk_##name##_value(const STACK_OF(name) *sk, \
+ size_t i) { \
+ return (ptrtype)sk_value((const _STACK *)sk, i); \
+ } \
+ \
+ OPENSSL_INLINE ptrtype sk_##name##_set(STACK_OF(name) *sk, size_t i, \
+ ptrtype p) { \
+ return (ptrtype)sk_set((_STACK *)sk, i, (void *)p); \
+ } \
+ \
+ OPENSSL_INLINE void sk_##name##_free(STACK_OF(name) *sk) { \
+ sk_free((_STACK *)sk); \
+ } \
+ \
+ OPENSSL_INLINE void sk_##name##_pop_free(STACK_OF(name) *sk, \
+ sk_##name##_free_func free_func) { \
+ sk_pop_free_ex((_STACK *)sk, sk_##name##_call_free_func, \
+ (OPENSSL_sk_free_func)free_func); \
+ } \
+ \
+ OPENSSL_INLINE size_t sk_##name##_insert(STACK_OF(name) *sk, ptrtype p, \
+ size_t where) { \
+ return sk_insert((_STACK *)sk, (void *)p, where); \
+ } \
+ \
+ OPENSSL_INLINE ptrtype sk_##name##_delete(STACK_OF(name) *sk, \
+ size_t where) { \
+ return (ptrtype)sk_delete((_STACK *)sk, where); \
+ } \
+ \
+ OPENSSL_INLINE ptrtype sk_##name##_delete_ptr(STACK_OF(name) *sk, \
+ constptrtype p) { \
+ return (ptrtype)sk_delete_ptr((_STACK *)sk, (const void *)p); \
+ } \
+ \
+ OPENSSL_INLINE void sk_##name##_delete_if( \
+ STACK_OF(name) *sk, sk_##name##_delete_if_func func, void *data) { \
+ sk_delete_if((_STACK *)sk, sk_##name##_call_delete_if_func, \
+ (OPENSSL_sk_delete_if_func)func, data); \
+ } \
+ \
+ OPENSSL_INLINE int sk_##name##_find(const STACK_OF(name) *sk, \
+ size_t *out_index, constptrtype p) { \
+ return sk_find((const _STACK *)sk, out_index, (const void *)p, \
+ sk_##name##_call_cmp_func); \
+ } \
+ \
+ OPENSSL_INLINE ptrtype sk_##name##_shift(STACK_OF(name) *sk) { \
+ return (ptrtype)sk_shift((_STACK *)sk); \
+ } \
+ \
+ OPENSSL_INLINE size_t sk_##name##_push(STACK_OF(name) *sk, ptrtype p) { \
+ return sk_push((_STACK *)sk, (void *)p); \
+ } \
+ \
+ OPENSSL_INLINE ptrtype sk_##name##_pop(STACK_OF(name) *sk) { \
+ return (ptrtype)sk_pop((_STACK *)sk); \
+ } \
+ \
+ OPENSSL_INLINE STACK_OF(name) *sk_##name##_dup(const STACK_OF(name) *sk) { \
+ return (STACK_OF(name) *)sk_dup((const _STACK *)sk); \
+ } \
+ \
+ OPENSSL_INLINE void sk_##name##_sort(STACK_OF(name) *sk) { \
+ sk_sort((_STACK *)sk, sk_##name##_call_cmp_func); \
+ } \
+ \
+ OPENSSL_INLINE int sk_##name##_is_sorted(const STACK_OF(name) *sk) { \
+ return sk_is_sorted((const _STACK *)sk); \
+ } \
+ \
+ OPENSSL_INLINE sk_##name##_cmp_func sk_##name##_set_cmp_func( \
+ STACK_OF(name) *sk, sk_##name##_cmp_func comp) { \
+ return (sk_##name##_cmp_func)sk_set_cmp_func((_STACK *)sk, \
+ (OPENSSL_sk_cmp_func)comp); \
+ } \
+ \
+ OPENSSL_INLINE STACK_OF(name) *sk_##name##_deep_copy( \
+ const STACK_OF(name) *sk, sk_##name##_copy_func copy_func, \
+ sk_##name##_free_func free_func) { \
+ return (STACK_OF(name) *)sk_deep_copy( \
+ (const _STACK *)sk, sk_##name##_call_copy_func, \
+ (OPENSSL_sk_copy_func)copy_func, sk_##name##_call_free_func, \
+ (OPENSSL_sk_free_func)free_func); \
+ } \
+ \
+ OPENSSL_MSVC_PRAGMA(warning(pop))
-// DEFINE_NAMED_STACK_OF defines |STACK_OF(name)| to be a stack whose elements
-// are |type| *.
-#define DEFINE_NAMED_STACK_OF(name, type) \
- BORINGSSL_DEFINE_STACK_OF_IMPL(name, type *, const type *) \
- BORINGSSL_DEFINE_STACK_TRAITS(name, type, false)
-// DEFINE_STACK_OF defines |STACK_OF(type)| to be a stack whose elements are
-// |type| *.
-#define DEFINE_STACK_OF(type) DEFINE_NAMED_STACK_OF(type, type)
-
-// DEFINE_CONST_STACK_OF defines |STACK_OF(type)| to be a stack whose elements
-// are const |type| *.
-#define DEFINE_CONST_STACK_OF(type) \
- BORINGSSL_DEFINE_STACK_OF_IMPL(type, const type *, const type *) \
- BORINGSSL_DEFINE_STACK_TRAITS(type, const type, true)
-
-// DEFINE_SPECIAL_STACK_OF defines |STACK_OF(type)| to be a stack whose elements
-// are |type|, where |type| must be a typedef for a pointer.
-#define DEFINE_SPECIAL_STACK_OF(type) \
- OPENSSL_STATIC_ASSERT(sizeof(type) == sizeof(void *), \
- #type " is not a pointer"); \
- BORINGSSL_DEFINE_STACK_OF_IMPL(type, type, const type)
-
+// Built-in stacks.
typedef char *OPENSSL_STRING;
DEFINE_STACK_OF(void)
-DEFINE_SPECIAL_STACK_OF(OPENSSL_STRING)
+DEFINE_NAMED_STACK_OF(OPENSSL_STRING, char)
#if defined(__cplusplus)
@@ -456,7 +553,7 @@
// access it from C++ here.
using Type = typename StackTraits<Stack>::Type;
sk_pop_free_ex(reinterpret_cast<_STACK *>(sk),
- [](stack_free_func /* unused */, void *ptr) {
+ [](OPENSSL_sk_free_func /* unused */, void *ptr) {
DeleterImpl<Type>::Free(reinterpret_cast<Type *>(ptr));
},
nullptr);
diff --git a/sysroots/generic-arm32/usr/include/openssl/time.h b/sysroots/generic-arm32/usr/include/openssl/time.h
new file mode 100644
index 0000000..723ce10
--- /dev/null
+++ b/sysroots/generic-arm32/usr/include/openssl/time.h
@@ -0,0 +1,41 @@
+/* Copyright (c) 2022, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#ifndef OPENSSL_HEADER_TIME_H
+#define OPENSSL_HEADER_TIME_H
+
+#include <openssl/base.h>
+
+#include <time.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+// OPENSSL_posix_to_tm converts a int64_t POSIX time value in |time|, which must
+// be in the range of year 0000 to 9999, to a broken out time value in |tm|. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int OPENSSL_posix_to_tm(int64_t time, struct tm *out_tm);
+
+// OPENSSL_tm_to_posix converts a time value between the years 0 and 9999 in
+// |tm| to a POSIX time value in |out|. One is returned on success, zero is
+// returned on failure. It is a failure if |tm| contains out of range values.
+OPENSSL_EXPORT int OPENSSL_tm_to_posix(const struct tm *tm, int64_t *out);
+
+
+#if defined(__cplusplus)
+} // extern C
+#endif
+
+#endif // OPENSSL_HEADER_TIME_H
diff --git a/sysroots/generic-arm32/usr/include/openssl/tls1.h b/sysroots/generic-arm32/usr/include/openssl/tls1.h
index a3136c0..724d580 100644
--- a/sysroots/generic-arm32/usr/include/openssl/tls1.h
+++ b/sysroots/generic-arm32/usr/include/openssl/tls1.h
@@ -452,9 +452,15 @@
#define TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0x0300CCAC
// TLS 1.3 ciphersuites from RFC 8446.
-#define TLS1_CK_AES_128_GCM_SHA256 0x03001301
-#define TLS1_CK_AES_256_GCM_SHA384 0x03001302
-#define TLS1_CK_CHACHA20_POLY1305_SHA256 0x03001303
+#define TLS1_3_CK_AES_128_GCM_SHA256 0x03001301
+#define TLS1_3_CK_AES_256_GCM_SHA384 0x03001302
+#define TLS1_3_CK_CHACHA20_POLY1305_SHA256 0x03001303
+
+// The following constants are legacy aliases of |TLS1_3_CK_*|.
+// TODO(davidben): Migrate callers to the new name and remove these.
+#define TLS1_CK_AES_128_GCM_SHA256 TLS1_3_CK_AES_128_GCM_SHA256
+#define TLS1_CK_AES_256_GCM_SHA384 TLS1_3_CK_AES_256_GCM_SHA384
+#define TLS1_CK_CHACHA20_POLY1305_SHA256 TLS1_3_CK_CHACHA20_POLY1305_SHA256
// XXX
// Inconsistency alert:
@@ -624,10 +630,15 @@
"ECDHE-PSK-CHACHA20-POLY1305"
// TLS 1.3 ciphersuites from RFC 8446.
-#define TLS1_TXT_AES_128_GCM_SHA256 "TLS_AES_128_GCM_SHA256"
-#define TLS1_TXT_AES_256_GCM_SHA384 "TLS_AES_256_GCM_SHA384"
-#define TLS1_TXT_CHACHA20_POLY1305_SHA256 "TLS_CHACHA20_POLY1305_SHA256"
+#define TLS1_3_RFC_AES_128_GCM_SHA256 "TLS_AES_128_GCM_SHA256"
+#define TLS1_3_RFC_AES_256_GCM_SHA384 "TLS_AES_256_GCM_SHA384"
+#define TLS1_3_RFC_CHACHA20_POLY1305_SHA256 "TLS_CHACHA20_POLY1305_SHA256"
+// The following constants are legacy aliases of |TLS1_3_CK_*|.
+// TODO(bbe): Migrate callers to the new name and remove these.
+#define TLS1_TXT_AES_128_GCM_SHA256 TLS1_3_RFC_AES_128_GCM_SHA256
+#define TLS1_TXT_AES_256_GCM_SHA384 TLS1_3_RFC_AES_256_GCM_SHA384
+#define TLS1_TXT_CHACHA20_POLY1305_SHA256 TLS1_3_RFC_CHACHA20_POLY1305_SHA256
#define TLS_CT_RSA_SIGN 1
#define TLS_CT_DSS_SIGN 2
diff --git a/sysroots/generic-arm32/usr/include/openssl/trust_token.h b/sysroots/generic-arm32/usr/include/openssl/trust_token.h
index d9247f7..b6aa6b3 100644
--- a/sysroots/generic-arm32/usr/include/openssl/trust_token.h
+++ b/sysroots/generic-arm32/usr/include/openssl/trust_token.h
@@ -48,6 +48,14 @@
// PMBTokens and P-384 with up to 3 keys, without RR verification.
OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v2_pmb(void);
+// TRUST_TOKEN_pst_v1_voprf is an experimental Trust Tokens protocol
+// using VOPRFs and P-384 with up to 6 keys, without RR verification.
+OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_pst_v1_voprf(void);
+
+// TRUST_TOKEN_pst_v1_pmb is an experimental Trust Tokens protocol using
+// PMBTokens and P-384 with up to 3 keys, without RR verification.
+OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_pst_v1_pmb(void);
+
// trust_token_st represents a single-use token for the Trust Token protocol.
// For the client, this is the token and its corresponding signature. For the
// issuer, this is the token itself.
@@ -78,15 +86,30 @@
// to ensure success, these should be at least
// |TRUST_TOKEN_MAX_PRIVATE_KEY_SIZE| and |TRUST_TOKEN_MAX_PUBLIC_KEY_SIZE|.
//
-// WARNING: This API is unstable and the serializations of these keys are
-// subject to change. Keys generated with this function may not be persisted.
-//
// This function returns one on success or zero on error.
OPENSSL_EXPORT int TRUST_TOKEN_generate_key(
const TRUST_TOKEN_METHOD *method, uint8_t *out_priv_key,
size_t *out_priv_key_len, size_t max_priv_key_len, uint8_t *out_pub_key,
size_t *out_pub_key_len, size_t max_pub_key_len, uint32_t id);
+// TRUST_TOKEN_derive_key_from_secret deterministically derives a new Trust
+// Token keypair labeled with |id| from an input |secret| and serializes the
+// private and public keys, writing the private key to |out_priv_key| and
+// setting |*out_priv_key_len| to the number of bytes written, and writing the
+// public key to |out_pub_key| and setting |*out_pub_key_len| to the number of
+// bytes written.
+//
+// At most |max_priv_key_len| and |max_pub_key_len| bytes are written. In order
+// to ensure success, these should be at least
+// |TRUST_TOKEN_MAX_PRIVATE_KEY_SIZE| and |TRUST_TOKEN_MAX_PUBLIC_KEY_SIZE|.
+//
+// This function returns one on success or zero on error.
+OPENSSL_EXPORT int TRUST_TOKEN_derive_key_from_secret(
+ const TRUST_TOKEN_METHOD *method, uint8_t *out_priv_key,
+ size_t *out_priv_key_len, size_t max_priv_key_len, uint8_t *out_pub_key,
+ size_t *out_pub_key_len, size_t max_pub_key_len, uint32_t id,
+ const uint8_t *secret, size_t secret_len);
+
// Trust Token client implementation.
//
@@ -128,6 +151,15 @@
size_t *out_len,
size_t count);
+// TRUST_TOKEN_CLIENT_begin_issuance_over_message produces a request for a trust
+// token derived from |msg| and serializes the request into a newly-allocated
+// buffer, setting |*out| to that buffer and |*out_len| to its length. The
+// caller takes ownership of the buffer and must call |OPENSSL_free| when done.
+// It returns one on success and zero on error.
+OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_begin_issuance_over_message(
+ TRUST_TOKEN_CLIENT *ctx, uint8_t **out, size_t *out_len, size_t count,
+ const uint8_t *msg, size_t msg_len);
+
// TRUST_TOKEN_CLIENT_finish_issuance consumes |response| from the issuer and
// extracts the tokens, returning a list of tokens and the index of the key used
// to sign the tokens in |*out_key_index|. The caller can use this to determine
@@ -224,28 +256,6 @@
uint32_t public_metadata, uint8_t private_metadata, size_t max_issuance);
// TRUST_TOKEN_ISSUER_redeem ingests a |request| for token redemption and
-// verifies the token. If the token is valid, a RR is produced with a lifetime
-// of |lifetime| (in seconds), signing over the requested data from the request
-// and the value of the token, storing the result into a newly-allocated buffer
-// and setting |*out| to that buffer and |*out_len| to its length. The extracted
-// |TRUST_TOKEN| is stored into a newly-allocated buffer and stored in
-// |*out_token|. The extracted client data is stored into a newly-allocated
-// buffer and stored in |*out_client_data|. In TrustTokenV1, the extracted
-// redemption time is stored in |*out_redemption_time|. The caller takes
-// ownership of each output buffer and must call |OPENSSL_free| when done. It
-// returns one on success or zero on error.
-//
-// The caller must keep track of all values of |*out_token| seen globally before
-// returning the SRR to the client. If the value has been reused, the caller
-// must discard the SRR and report an error to the caller. Returning an SRR with
-// replayed values allows an attacker to double-spend tokens.
-OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_redeem(
- const TRUST_TOKEN_ISSUER *ctx, uint8_t **out, size_t *out_len,
- TRUST_TOKEN **out_token, uint8_t **out_client_data,
- size_t *out_client_data_len, uint64_t *out_redemption_time,
- const uint8_t *request, size_t request_len, uint64_t lifetime);
-
-// TRUST_TOKEN_ISSUER_redeem_raw ingests a |request| for token redemption and
// verifies the token. The public metadata is stored in |*out_public|. The
// private metadata (if any) is stored in |*out_private|. The extracted
// |TRUST_TOKEN| is stored into a newly-allocated buffer and stored in
@@ -258,11 +268,35 @@
// returning a response to the client. If the value has been reused, the caller
// must report an error to the client. Returning a response with replayed values
// allows an attacker to double-spend tokens.
-OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_redeem_raw(
+OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_redeem(
const TRUST_TOKEN_ISSUER *ctx, uint32_t *out_public, uint8_t *out_private,
TRUST_TOKEN **out_token, uint8_t **out_client_data,
size_t *out_client_data_len, const uint8_t *request, size_t request_len);
+// TRUST_TOKEN_ISSUER_redeem_raw is a legacy alias for
+// |TRUST_TOKEN_ISSUER_redeem|.
+#define TRUST_TOKEN_ISSUER_redeem_raw TRUST_TOKEN_ISSUER_redeem
+
+// TRUST_TOKEN_ISSUER_redeem_over_message ingests a |request| for token
+// redemption and a message and verifies the token and that it is derived from
+// the provided |msg|. The public metadata is stored in
+// |*out_public|. The private metadata (if any) is stored in |*out_private|. The
+// extracted |TRUST_TOKEN| is stored into a newly-allocated buffer and stored in
+// |*out_token|. The extracted client data is stored into a newly-allocated
+// buffer and stored in |*out_client_data|. The caller takes ownership of each
+// output buffer and must call |OPENSSL_free| when done. It returns one on
+// success or zero on error.
+//
+// The caller must keep track of all values of |*out_token| seen globally before
+// returning a response to the client. If the value has been reused, the caller
+// must report an error to the client. Returning a response with replayed values
+// allows an attacker to double-spend tokens.
+OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_redeem_over_message(
+ const TRUST_TOKEN_ISSUER *ctx, uint32_t *out_public, uint8_t *out_private,
+ TRUST_TOKEN **out_token, uint8_t **out_client_data,
+ size_t *out_client_data_len, const uint8_t *request, size_t request_len,
+ const uint8_t *msg, size_t msg_len);
+
// TRUST_TOKEN_decode_private_metadata decodes |encrypted_bit| using the
// private metadata key specified by a |key| buffer of length |key_len| and the
// nonce by a |nonce| buffer of length |nonce_len|. The nonce in
diff --git a/sysroots/generic-arm32/usr/include/openssl/type_check.h b/sysroots/generic-arm32/usr/include/openssl/type_check.h
index 41de895..6460ab1 100644
--- a/sysroots/generic-arm32/usr/include/openssl/type_check.h
+++ b/sysroots/generic-arm32/usr/include/openssl/type_check.h
@@ -64,22 +64,6 @@
#endif
-#if defined(__cplusplus) || (defined(_MSC_VER) && !defined(__clang__))
-// In C++ and non-clang MSVC, |static_assert| is a keyword.
-#define OPENSSL_STATIC_ASSERT(cond, msg) static_assert(cond, msg)
-#else
-// C11 defines the |_Static_assert| keyword and the |static_assert| macro in
-// assert.h. While the former is available at all versions in Clang and GCC, the
-// later depends on libc and, in glibc, depends on being built in C11 mode. We
-// require C11 mode to build the library but, for now, do not require it in
-// public headers. Use |_Static_assert| directly.
-//
-// TODO(davidben): In July 2022, if the C11 change has not been reverted, switch
-// all uses of this macro within the library to C11 |static_assert|. This macro
-// will only be necessary in public headers.
-#define OPENSSL_STATIC_ASSERT(cond, msg) _Static_assert(cond, msg)
-#endif
-
// CHECKED_CAST casts |p| from type |from| to type |to|.
//
// TODO(davidben): Although this macro is not public API and is unused in
diff --git a/sysroots/generic-arm32/usr/include/openssl/x509.h b/sysroots/generic-arm32/usr/include/openssl/x509.h
index 608c670..8deb767 100644
--- a/sysroots/generic-arm32/usr/include/openssl/x509.h
+++ b/sysroots/generic-arm32/usr/include/openssl/x509.h
@@ -60,8 +60,8 @@
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
-#ifndef HEADER_X509_H
-#define HEADER_X509_H
+#ifndef OPENSSL_HEADER_X509_H
+#define OPENSSL_HEADER_X509_H
#include <openssl/asn1.h>
#include <openssl/base.h>
@@ -90,221 +90,78 @@
// Legacy X.509 library.
//
// This header is part of OpenSSL's X.509 implementation. It is retained for
-// compatibility but otherwise underdocumented and not actively maintained. In
-// the future, a replacement library will be available. Meanwhile, minimize
+// compatibility but should not be used by new code. The functions are difficult
+// to use correctly, and have buggy or non-standard behaviors. They are thus
+// particularly prone to behavior changes and API removals, as BoringSSL
+// iterates on these issues.
+//
+// In the future, a replacement library will be available. Meanwhile, minimize
// dependencies on this header where possible.
+//
+// TODO(https://crbug.com/boringssl/426): Documentation for this library is
+// still in progress. Some functions have not yet been documented, and some
+// functions have not yet been grouped into sections.
-#define X509_FILETYPE_PEM 1
-#define X509_FILETYPE_ASN1 2
-#define X509_FILETYPE_DEFAULT 3
-
-#define X509v3_KU_DIGITAL_SIGNATURE 0x0080
-#define X509v3_KU_NON_REPUDIATION 0x0040
-#define X509v3_KU_KEY_ENCIPHERMENT 0x0020
-#define X509v3_KU_DATA_ENCIPHERMENT 0x0010
-#define X509v3_KU_KEY_AGREEMENT 0x0008
-#define X509v3_KU_KEY_CERT_SIGN 0x0004
-#define X509v3_KU_CRL_SIGN 0x0002
-#define X509v3_KU_ENCIPHER_ONLY 0x0001
-#define X509v3_KU_DECIPHER_ONLY 0x8000
-#define X509v3_KU_UNDEF 0xffff
-
-struct X509_algor_st {
- ASN1_OBJECT *algorithm;
- ASN1_TYPE *parameter;
-} /* X509_ALGOR */;
-
-DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
-
-DEFINE_STACK_OF(X509_ALGOR)
-
-typedef STACK_OF(X509_ALGOR) X509_ALGORS;
-
-DEFINE_STACK_OF(X509_NAME_ENTRY)
-
-DEFINE_STACK_OF(X509_NAME)
-
-typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
-
-DEFINE_STACK_OF(X509_EXTENSION)
-
-DEFINE_STACK_OF(X509_ATTRIBUTE)
-
-// This stuff is certificate "auxiliary info"
-// it contains details which are useful in certificate
-// stores and databases. When used this is tagged onto
-// the end of the certificate itself
-
-DECLARE_STACK_OF(DIST_POINT)
-DECLARE_STACK_OF(GENERAL_NAME)
+// Certificates.
+//
+// An |X509| object represents an X.509 certificate, defined in RFC 5280.
+//
+// Although an |X509| is a mutable object, mutating an |X509| can give incorrect
+// results. Callers typically obtain |X509|s by parsing some input with
+// |d2i_X509|, etc. Such objects carry information such as the serialized
+// TBSCertificate and decoded extensions, which will become inconsistent when
+// mutated.
+//
+// Instead, mutation functions should only be used when issuing new
+// certificates, as described in a later section.
DEFINE_STACK_OF(X509)
-// This is used for a table of trust checking functions
+// X509 is an |ASN1_ITEM| whose ASN.1 type is X.509 Certificate (RFC 5280) and C
+// type is |X509*|.
+DECLARE_ASN1_ITEM(X509)
-struct x509_trust_st {
- int trust;
- int flags;
- int (*check_trust)(struct x509_trust_st *, X509 *, int);
- char *name;
- int arg1;
- void *arg2;
-} /* X509_TRUST */;
+// X509_up_ref adds one to the reference count of |x509| and returns one.
+OPENSSL_EXPORT int X509_up_ref(X509 *x509);
-DEFINE_STACK_OF(X509_TRUST)
+// X509_chain_up_ref returns a newly-allocated |STACK_OF(X509)| containing a
+// shallow copy of |chain|, or NULL on error. That is, the return value has the
+// same contents as |chain|, and each |X509|'s reference count is incremented by
+// one.
+OPENSSL_EXPORT STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
-// standard trust ids
+// X509_dup returns a newly-allocated copy of |x509|, or NULL on error. This
+// function works by serializing the structure, so auxiliary properties (see
+// |i2d_X509_AUX|) are not preserved. Additionally, if |x509| is incomplete,
+// this function may fail.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |crl| was
+// mutated.
+OPENSSL_EXPORT X509 *X509_dup(X509 *x509);
-#define X509_TRUST_DEFAULT (-1) // Only valid in purpose settings
+// X509_free decrements |x509|'s reference count and, if zero, releases memory
+// associated with |x509|.
+OPENSSL_EXPORT void X509_free(X509 *x509);
-#define X509_TRUST_COMPAT 1
-#define X509_TRUST_SSL_CLIENT 2
-#define X509_TRUST_SSL_SERVER 3
-#define X509_TRUST_EMAIL 4
-#define X509_TRUST_OBJECT_SIGN 5
-#define X509_TRUST_OCSP_SIGN 6
-#define X509_TRUST_OCSP_REQUEST 7
-#define X509_TRUST_TSA 8
+// d2i_X509 parses up to |len| bytes from |*inp| as a DER-encoded X.509
+// Certificate (RFC 5280), as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509 *d2i_X509(X509 **out, const uint8_t **inp, long len);
-// Keep these up to date!
-#define X509_TRUST_MIN 1
-#define X509_TRUST_MAX 8
+// X509_parse_from_buffer parses an X.509 structure from |buf| and returns a
+// fresh X509 or NULL on error. There must not be any trailing data in |buf|.
+// The returned structure (if any) holds a reference to |buf| rather than
+// copying parts of it as a normal |d2i_X509| call would do.
+OPENSSL_EXPORT X509 *X509_parse_from_buffer(CRYPTO_BUFFER *buf);
-
-// trust_flags values
-#define X509_TRUST_DYNAMIC 1
-#define X509_TRUST_DYNAMIC_NAME 2
-
-// check_trust return codes
-
-#define X509_TRUST_TRUSTED 1
-#define X509_TRUST_REJECTED 2
-#define X509_TRUST_UNTRUSTED 3
-
-// Flags for X509_print_ex()
-
-#define X509_FLAG_COMPAT 0
-#define X509_FLAG_NO_HEADER 1L
-#define X509_FLAG_NO_VERSION (1L << 1)
-#define X509_FLAG_NO_SERIAL (1L << 2)
-#define X509_FLAG_NO_SIGNAME (1L << 3)
-#define X509_FLAG_NO_ISSUER (1L << 4)
-#define X509_FLAG_NO_VALIDITY (1L << 5)
-#define X509_FLAG_NO_SUBJECT (1L << 6)
-#define X509_FLAG_NO_PUBKEY (1L << 7)
-#define X509_FLAG_NO_EXTENSIONS (1L << 8)
-#define X509_FLAG_NO_SIGDUMP (1L << 9)
-#define X509_FLAG_NO_AUX (1L << 10)
-#define X509_FLAG_NO_ATTRIBUTES (1L << 11)
-#define X509_FLAG_NO_IDS (1L << 12)
-
-// Flags specific to X509_NAME_print_ex(). These flags must not collide with
-// |ASN1_STRFLGS_*|.
-
-// The field separator information
-
-#define XN_FLAG_SEP_MASK (0xf << 16)
-
-#define XN_FLAG_COMPAT 0 // Traditional SSLeay: use old X509_NAME_print
-#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) // RFC 2253 ,+
-#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) // ,+ spaced: more readable
-#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) // ;+ spaced
-#define XN_FLAG_SEP_MULTILINE (4 << 16) // One line per field
-
-#define XN_FLAG_DN_REV (1 << 20) // Reverse DN order
-
-// How the field name is shown
-
-#define XN_FLAG_FN_MASK (0x3 << 21)
-
-#define XN_FLAG_FN_SN 0 // Object short name
-#define XN_FLAG_FN_LN (1 << 21) // Object long name
-#define XN_FLAG_FN_OID (2 << 21) // Always use OIDs
-#define XN_FLAG_FN_NONE (3 << 21) // No field names
-
-#define XN_FLAG_SPC_EQ (1 << 23) // Put spaces round '='
-
-// This determines if we dump fields we don't recognise:
-// RFC 2253 requires this.
-
-#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
-
-#define XN_FLAG_FN_ALIGN (1 << 25) // Align field names to 20 characters
-
-// Complete set of RFC 2253 flags
-
-#define XN_FLAG_RFC2253 \
- (ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | \
- XN_FLAG_FN_SN | XN_FLAG_DUMP_UNKNOWN_FIELDS)
-
-// readable oneline form
-
-#define XN_FLAG_ONELINE \
- (ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | \
- XN_FLAG_SPC_EQ | XN_FLAG_FN_SN)
-
-// readable multiline form
-
-#define XN_FLAG_MULTILINE \
- (ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | \
- XN_FLAG_SPC_EQ | XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN)
-
-DEFINE_STACK_OF(X509_REVOKED)
-
-DECLARE_STACK_OF(GENERAL_NAMES)
-
-DEFINE_STACK_OF(X509_CRL)
-
-struct private_key_st {
- int version;
- // The PKCS#8 data types
- X509_ALGOR *enc_algor;
- ASN1_OCTET_STRING *enc_pkey; // encrypted pub key
-
- // When decrypted, the following will not be NULL
- EVP_PKEY *dec_pkey;
-
- // used to encrypt and decrypt
- int key_length;
- char *key_data;
- int key_free; // true if we should auto free key_data
-
- // expanded version of 'enc_algor'
- EVP_CIPHER_INFO cipher;
-} /* X509_PKEY */;
-
-struct X509_info_st {
- X509 *x509;
- X509_CRL *crl;
- X509_PKEY *x_pkey;
-
- EVP_CIPHER_INFO enc_cipher;
- int enc_len;
- char *enc_data;
-
-} /* X509_INFO */;
-
-DEFINE_STACK_OF(X509_INFO)
-
-// The next 2 structures and their 8 routines were sent to me by
-// Pat Richard <patr@x509.com> and are used to manipulate
-// Netscapes spki structures - useful if you are writing a CA web page
-struct Netscape_spkac_st {
- X509_PUBKEY *pubkey;
- ASN1_IA5STRING *challenge; // challenge sent in atlas >= PR2
-} /* NETSCAPE_SPKAC */;
-
-struct Netscape_spki_st {
- NETSCAPE_SPKAC *spkac; // signed public key and challenge
- X509_ALGOR *sig_algor;
- ASN1_BIT_STRING *signature;
-} /* NETSCAPE_SPKI */;
-
-// TODO(davidben): Document remaining functions, reorganize them, and define
-// supported patterns for using |X509| objects in general. In particular, when
-// it is safe to call mutating functions is a little tricky due to various
-// internal caches.
+// i2d_X509 marshals |x509| as a DER-encoded X.509 Certificate (RFC 5280), as
+// described in |i2d_SAMPLE|.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |x509| was
+// mutated.
+OPENSSL_EXPORT int i2d_X509(X509 *x509, uint8_t **outp);
// X509_VERSION_* are X.509 version numbers. Note the numerical values of all
// defined X.509 versions are one less than the named version.
@@ -316,26 +173,139 @@
// be one of the |X509_VERSION_*| constants.
OPENSSL_EXPORT long X509_get_version(const X509 *x509);
-// X509_set_version sets |x509|'s version to |version|, which should be one of
-// the |X509V_VERSION_*| constants. It returns one on success and zero on error.
-//
-// If unsure, use |X509_VERSION_3|.
-OPENSSL_EXPORT int X509_set_version(X509 *x509, long version);
-
// X509_get0_serialNumber returns |x509|'s serial number.
OPENSSL_EXPORT const ASN1_INTEGER *X509_get0_serialNumber(const X509 *x509);
-// X509_set_serialNumber sets |x509|'s serial number to |serial|. It returns one
-// on success and zero on error.
-OPENSSL_EXPORT int X509_set_serialNumber(X509 *x509,
- const ASN1_INTEGER *serial);
-
// X509_get0_notBefore returns |x509|'s notBefore time.
OPENSSL_EXPORT const ASN1_TIME *X509_get0_notBefore(const X509 *x509);
// X509_get0_notAfter returns |x509|'s notAfter time.
OPENSSL_EXPORT const ASN1_TIME *X509_get0_notAfter(const X509 *x509);
+// X509_get_issuer_name returns |x509|'s issuer.
+OPENSSL_EXPORT X509_NAME *X509_get_issuer_name(const X509 *x509);
+
+// X509_get_subject_name returns |x509|'s subject.
+OPENSSL_EXPORT X509_NAME *X509_get_subject_name(const X509 *x509);
+
+// X509_get_X509_PUBKEY returns the public key of |x509|. Note this function is
+// not const-correct for legacy reasons. Callers should not modify the returned
+// object.
+OPENSSL_EXPORT X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x509);
+
+// X509_get_pubkey returns |x509|'s public key as an |EVP_PKEY|, or NULL if the
+// public key was unsupported or could not be decoded. This function returns a
+// reference to the |EVP_PKEY|. The caller must release the result with
+// |EVP_PKEY_free| when done.
+OPENSSL_EXPORT EVP_PKEY *X509_get_pubkey(X509 *x509);
+
+// X509_get0_pubkey_bitstr returns the BIT STRING portion of |x509|'s public
+// key. Note this does not contain the AlgorithmIdentifier portion.
+//
+// WARNING: This function returns a non-const pointer for OpenSSL compatibility,
+// but the caller must not modify the resulting object. Doing so will break
+// internal invariants in |x509|.
+OPENSSL_EXPORT ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x509);
+
+// X509_get0_uids sets |*out_issuer_uid| to a non-owning pointer to the
+// issuerUID field of |x509|, or NULL if |x509| has no issuerUID. It similarly
+// outputs |x509|'s subjectUID field to |*out_subject_uid|.
+//
+// Callers may pass NULL to either |out_issuer_uid| or |out_subject_uid| to
+// ignore the corresponding field.
+OPENSSL_EXPORT void X509_get0_uids(const X509 *x509,
+ const ASN1_BIT_STRING **out_issuer_uid,
+ const ASN1_BIT_STRING **out_subject_uid);
+
+// X509_get0_extensions returns |x509|'s extension list, or NULL if |x509| omits
+// it.
+OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_get0_extensions(
+ const X509 *x509);
+
+// X509_get_ext_count returns the number of extensions in |x|.
+OPENSSL_EXPORT int X509_get_ext_count(const X509 *x);
+
+// X509_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches for
+// extensions in |x|.
+OPENSSL_EXPORT int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+
+// X509_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches for
+// extensions in |x|.
+OPENSSL_EXPORT int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj,
+ int lastpos);
+
+// X509_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| but
+// searches for extensions in |x|.
+OPENSSL_EXPORT int X509_get_ext_by_critical(const X509 *x, int crit,
+ int lastpos);
+
+// X509_get_ext returns the extension in |x| at index |loc|, or NULL if |loc| is
+// out of bounds. This function returns a non-const pointer for OpenSSL
+// compatibility, but callers should not mutate the result.
+OPENSSL_EXPORT X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+
+// X509_get0_tbs_sigalg returns the signature algorithm in |x509|'s
+// TBSCertificate. For the outer signature algorithm, see |X509_get0_signature|.
+//
+// Certificates with mismatched signature algorithms will successfully parse,
+// but they will be rejected when verifying.
+OPENSSL_EXPORT const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x509);
+
+// X509_get0_signature sets |*out_sig| and |*out_alg| to the signature and
+// signature algorithm of |x509|, respectively. Either output pointer may be
+// NULL to ignore the value.
+//
+// This function outputs the outer signature algorithm. For the one in the
+// TBSCertificate, see |X509_get0_tbs_sigalg|. Certificates with mismatched
+// signature algorithms will successfully parse, but they will be rejected when
+// verifying.
+OPENSSL_EXPORT void X509_get0_signature(const ASN1_BIT_STRING **out_sig,
+ const X509_ALGOR **out_alg,
+ const X509 *x509);
+
+// X509_get_signature_nid returns the NID corresponding to |x509|'s signature
+// algorithm, or |NID_undef| if the signature algorithm does not correspond to
+// a known NID.
+OPENSSL_EXPORT int X509_get_signature_nid(const X509 *x509);
+
+// i2d_X509_tbs serializes the TBSCertificate portion of |x509|, as described in
+// |i2d_SAMPLE|.
+//
+// This function preserves the original encoding of the TBSCertificate and may
+// not reflect modifications made to |x509|. It may be used to manually verify
+// the signature of an existing certificate. To generate certificates, use
+// |i2d_re_X509_tbs| instead.
+OPENSSL_EXPORT int i2d_X509_tbs(X509 *x509, unsigned char **outp);
+
+// X509_verify checks that |x509| has a valid signature by |pkey|. It returns
+// one if the signature is valid and zero otherwise. Note this function only
+// checks the signature itself and does not perform a full certificate
+// validation.
+OPENSSL_EXPORT int X509_verify(X509 *x509, EVP_PKEY *pkey);
+
+
+// Issuing certificates.
+//
+// An |X509| object may also represent an incomplete certificate. Callers may
+// construct empty |X509| objects, fill in fields individually, and finally sign
+// the result. The following functions may be used for this purpose.
+
+// X509_new returns a newly-allocated, empty |X509| object, or NULL on error.
+// This produces an incomplete certificate which may be filled in to issue a new
+// certificate.
+OPENSSL_EXPORT X509 *X509_new(void);
+
+// X509_set_version sets |x509|'s version to |version|, which should be one of
+// the |X509V_VERSION_*| constants. It returns one on success and zero on error.
+//
+// If unsure, use |X509_VERSION_3|.
+OPENSSL_EXPORT int X509_set_version(X509 *x509, long version);
+
+// X509_set_serialNumber sets |x509|'s serial number to |serial|. It returns one
+// on success and zero on error.
+OPENSSL_EXPORT int X509_set_serialNumber(X509 *x509,
+ const ASN1_INTEGER *serial);
+
// X509_set1_notBefore sets |x509|'s notBefore time to |tm|. It returns one on
// success and zero on error.
OPENSSL_EXPORT int X509_set1_notBefore(X509 *x509, const ASN1_TIME *tm);
@@ -350,64 +320,188 @@
// X509_getm_notAfter returns a mutable pointer to |x509|'s notAfter time.
OPENSSL_EXPORT ASN1_TIME *X509_getm_notAfter(X509 *x);
-// X509_get_notBefore returns |x509|'s notBefore time. Note this function is not
-// const-correct for legacy reasons. Use |X509_get0_notBefore| or
-// |X509_getm_notBefore| instead.
-OPENSSL_EXPORT ASN1_TIME *X509_get_notBefore(const X509 *x509);
+// X509_set_issuer_name sets |x509|'s issuer to a copy of |name|. It returns one
+// on success and zero on error.
+OPENSSL_EXPORT int X509_set_issuer_name(X509 *x509, X509_NAME *name);
-// X509_get_notAfter returns |x509|'s notAfter time. Note this function is not
-// const-correct for legacy reasons. Use |X509_get0_notAfter| or
-// |X509_getm_notAfter| instead.
-OPENSSL_EXPORT ASN1_TIME *X509_get_notAfter(const X509 *x509);
+// X509_set_subject_name sets |x509|'s subject to a copy of |name|. It returns
+// one on success and zero on error.
+OPENSSL_EXPORT int X509_set_subject_name(X509 *x509, X509_NAME *name);
-// X509_set_notBefore calls |X509_set1_notBefore|. Use |X509_set1_notBefore|
-// instead.
-OPENSSL_EXPORT int X509_set_notBefore(X509 *x509, const ASN1_TIME *tm);
+// X509_set_pubkey sets |x509|'s public key to |pkey|. It returns one on success
+// and zero on error. This function does not take ownership of |pkey| and
+// internally copies and updates reference counts as needed.
+OPENSSL_EXPORT int X509_set_pubkey(X509 *x509, EVP_PKEY *pkey);
-// X509_set_notAfter calls |X509_set1_notAfter|. Use |X509_set1_notAfter|
-// instead.
-OPENSSL_EXPORT int X509_set_notAfter(X509 *x509, const ASN1_TIME *tm);
+// X509_delete_ext removes the extension in |x| at index |loc| and returns the
+// removed extension, or NULL if |loc| was out of bounds. If non-NULL, the
+// caller must release the result with |X509_EXTENSION_free|.
+OPENSSL_EXPORT X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
-// X509_get0_uids sets |*out_issuer_uid| to a non-owning pointer to the
-// issuerUID field of |x509|, or NULL if |x509| has no issuerUID. It similarly
-// outputs |x509|'s subjectUID field to |*out_subject_uid|.
+// X509_add_ext adds a copy of |ex| to |x|. It returns one on success and zero
+// on failure. The caller retains ownership of |ex| and can release it
+// independently of |x|.
//
-// Callers may pass NULL to either |out_issuer_uid| or |out_subject_uid| to
-// ignore the corresponding field.
-OPENSSL_EXPORT void X509_get0_uids(const X509 *x509,
- const ASN1_BIT_STRING **out_issuer_uid,
- const ASN1_BIT_STRING **out_subject_uid);
+// The new extension is inserted at index |loc|, shifting extensions to the
+// right. If |loc| is -1 or out of bounds, the new extension is appended to the
+// list.
+OPENSSL_EXPORT int X509_add_ext(X509 *x, const X509_EXTENSION *ex, int loc);
-// X509_extract_key is a legacy alias to |X509_get_pubkey|. Use
-// |X509_get_pubkey| instead.
-#define X509_extract_key(x) X509_get_pubkey(x)
+// X509_sign signs |x509| with |pkey| and replaces the signature algorithm and
+// signature fields. It returns the length of the signature on success and zero
+// on error. This function uses digest algorithm |md|, or |pkey|'s default if
+// NULL. Other signing parameters use |pkey|'s defaults. To customize them, use
+// |X509_sign_ctx|.
+OPENSSL_EXPORT int X509_sign(X509 *x509, EVP_PKEY *pkey, const EVP_MD *md);
-// X509_get_pathlen returns path length constraint from the basic constraints
-// extension in |x509|. (See RFC 5280, section 4.2.1.9.) It returns -1 if the
-// constraint is not present, or if some extension in |x509| was invalid.
+// X509_sign_ctx signs |x509| with |ctx| and replaces the signature algorithm
+// and signature fields. It returns the length of the signature on success and
+// zero on error. The signature algorithm and parameters come from |ctx|, which
+// must have been initialized with |EVP_DigestSignInit|. The caller should
+// configure the corresponding |EVP_PKEY_CTX| before calling this function.
+OPENSSL_EXPORT int X509_sign_ctx(X509 *x509, EVP_MD_CTX *ctx);
+
+// i2d_re_X509_tbs serializes the TBSCertificate portion of |x509|, as described
+// in |i2d_SAMPLE|.
//
-// Note that decoding an |X509| object will not check for invalid extensions. To
-// detect the error case, call |X509_get_extensions_flags| and check the
-// |EXFLAG_INVALID| bit.
-OPENSSL_EXPORT long X509_get_pathlen(X509 *x509);
+// This function re-encodes the TBSCertificate and may not reflect |x509|'s
+// original encoding. It may be used to manually generate a signature for a new
+// certificate. To verify certificates, use |i2d_X509_tbs| instead.
+OPENSSL_EXPORT int i2d_re_X509_tbs(X509 *x509, unsigned char **outp);
-// X509_REQ_VERSION_1 is the version constant for |X509_REQ| objects. No other
-// versions are defined.
-#define X509_REQ_VERSION_1 0
+// X509_set1_signature_algo sets |x509|'s signature algorithm to |algo| and
+// returns one on success or zero on error. It updates both the signature field
+// of the TBSCertificate structure, and the signatureAlgorithm field of the
+// Certificate.
+OPENSSL_EXPORT int X509_set1_signature_algo(X509 *x509, const X509_ALGOR *algo);
-// X509_REQ_get_version returns the numerical value of |req|'s version. This
-// will always be |X509_REQ_VERSION_1|.
-OPENSSL_EXPORT long X509_REQ_get_version(const X509_REQ *req);
+// X509_set1_signature_value sets |x509|'s signature to a copy of the |sig_len|
+// bytes pointed by |sig|. It returns one on success and zero on error.
+//
+// Due to a specification error, X.509 certificates store signatures in ASN.1
+// BIT STRINGs, but signature algorithms return byte strings rather than bit
+// strings. This function creates a BIT STRING containing a whole number of
+// bytes, with the bit order matching the DER encoding. This matches the
+// encoding used by all X.509 signature algorithms.
+OPENSSL_EXPORT int X509_set1_signature_value(X509 *x509, const uint8_t *sig,
+ size_t sig_len);
-// X509_REQ_get_subject_name returns |req|'s subject name. Note this function is
-// not const-correct for legacy reasons.
-OPENSSL_EXPORT X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
-// X509_REQ_extract_key is a legacy alias for |X509_REQ_get_pubkey|.
-#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
+// Auxiliary certificate properties.
+//
+// |X509| objects optionally maintain auxiliary properties. These are not part
+// of the certificates themselves, and thus are not covered by signatures or
+// preserved by the standard serialization. They are used as inputs or outputs
+// to other functions in this library.
-// X509_name_cmp is a legacy alias for |X509_NAME_cmp|.
-#define X509_name_cmp(a, b) X509_NAME_cmp((a), (b))
+// i2d_X509_AUX marshals |x509| as a DER-encoded X.509 Certificate (RFC 5280),
+// followed optionally by a separate, OpenSSL-specific structure with auxiliary
+// properties. It behaves as described in |i2d_SAMPLE|.
+//
+// Unlike similarly-named functions, this function does not output a single
+// ASN.1 element. Directly embedding the output in a larger ASN.1 structure will
+// not behave correctly.
+OPENSSL_EXPORT int i2d_X509_AUX(X509 *x509, unsigned char **outp);
+
+// d2i_X509_AUX parses up to |length| bytes from |*inp| as a DER-encoded X.509
+// Certificate (RFC 5280), followed optionally by a separate, OpenSSL-specific
+// structure with auxiliary properties. It behaves as described in |d2i_SAMPLE|.
+//
+// Some auxiliary properties affect trust decisions, so this function should not
+// be used with untrusted input.
+//
+// Unlike similarly-named functions, this function does not parse a single
+// ASN.1 element. Trying to parse data directly embedded in a larger ASN.1
+// structure will not behave correctly.
+OPENSSL_EXPORT X509 *d2i_X509_AUX(X509 **x509, const unsigned char **inp,
+ long length);
+
+// X509_alias_set1 sets |x509|'s alias to |len| bytes from |name|. If |name| is
+// NULL, the alias is cleared instead. Aliases are not part of the certificate
+// itself and will not be serialized by |i2d_X509|.
+OPENSSL_EXPORT int X509_alias_set1(X509 *x509, const unsigned char *name,
+ ossl_ssize_t len);
+
+// X509_keyid_set1 sets |x509|'s key ID to |len| bytes from |id|. If |id| is
+// NULL, the key ID is cleared instead. Key IDs are not part of the certificate
+// itself and will not be serialized by |i2d_X509|.
+OPENSSL_EXPORT int X509_keyid_set1(X509 *x509, const unsigned char *id,
+ ossl_ssize_t len);
+
+// X509_alias_get0 looks up |x509|'s alias. If found, it sets |*out_len| to the
+// alias's length and returns a pointer to a buffer containing the contents. If
+// not found, it outputs the empty string by returning NULL and setting
+// |*out_len| to zero.
+//
+// If |x509| was parsed from a PKCS#12 structure (see
+// |PKCS12_get_key_and_certs|), the alias will reflect the friendlyName
+// attribute (RFC 2985).
+//
+// WARNING: In OpenSSL, this function did not set |*out_len| when the alias was
+// missing. Callers that target both OpenSSL and BoringSSL should set the value
+// to zero before calling this function.
+OPENSSL_EXPORT unsigned char *X509_alias_get0(X509 *x509, int *out_len);
+
+// X509_keyid_get0 looks up |x509|'s key ID. If found, it sets |*out_len| to the
+// key ID's length and returns a pointer to a buffer containing the contents. If
+// not found, it outputs the empty string by returning NULL and setting
+// |*out_len| to zero.
+//
+// WARNING: In OpenSSL, this function did not set |*out_len| when the alias was
+// missing. Callers that target both OpenSSL and BoringSSL should set the value
+// to zero before calling this function.
+OPENSSL_EXPORT unsigned char *X509_keyid_get0(X509 *x509, int *out_len);
+
+
+// Certificate revocation lists.
+//
+// An |X509_CRL| object represents an X.509 certificate revocation list (CRL),
+// defined in RFC 5280. A CRL is a signed list of certificates which are no
+// longer considered valid.
+//
+// Although an |X509_CRL| is a mutable object, mutating an |X509_CRL| can give
+// incorrect results. Callers typically obtain |X509_CRL|s by parsing some input
+// with |d2i_X509_CRL|, etc. Such objects carry information such as the
+// serialized TBSCertList and decoded extensions, which will become inconsistent
+// when mutated.
+//
+// Instead, mutation functions should only be used when issuing new CRLs, as
+// described in a later section.
+
+DEFINE_STACK_OF(X509_CRL)
+
+// X509_CRL is an |ASN1_ITEM| whose ASN.1 type is X.509 CertificateList (RFC
+// 5280) and C type is |X509_CRL*|.
+DECLARE_ASN1_ITEM(X509_CRL)
+
+// X509_CRL_up_ref adds one to the reference count of |crl| and returns one.
+OPENSSL_EXPORT int X509_CRL_up_ref(X509_CRL *crl);
+
+// X509_CRL_dup returns a newly-allocated copy of |crl|, or NULL on error. This
+// function works by serializing the structure, so if |crl| is incomplete, it
+// may fail.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |crl| was
+// mutated.
+OPENSSL_EXPORT X509_CRL *X509_CRL_dup(X509_CRL *crl);
+
+// X509_CRL_free decrements |crl|'s reference count and, if zero, releases
+// memory associated with |crl|.
+OPENSSL_EXPORT void X509_CRL_free(X509_CRL *crl);
+
+// d2i_X509_CRL parses up to |len| bytes from |*inp| as a DER-encoded X.509
+// CertificateList (RFC 5280), as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509_CRL *d2i_X509_CRL(X509_CRL **out, const uint8_t **inp,
+ long len);
+
+// i2d_X509_CRL marshals |crl| as a X.509 CertificateList (RFC 5280), as
+// described in |i2d_SAMPLE|.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |crl| was
+// mutated.
+OPENSSL_EXPORT int i2d_X509_CRL(X509_CRL *crl, uint8_t **outp);
#define X509_CRL_VERSION_1 0
#define X509_CRL_VERSION_2 1
@@ -416,34 +510,14 @@
// will be one of the |X509_CRL_VERSION_*| constants.
OPENSSL_EXPORT long X509_CRL_get_version(const X509_CRL *crl);
-// X509_CRL_get0_lastUpdate returns |crl|'s lastUpdate time.
+// X509_CRL_get0_lastUpdate returns |crl|'s thisUpdate time. The OpenSSL API
+// refers to this field as lastUpdate.
OPENSSL_EXPORT const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
// X509_CRL_get0_nextUpdate returns |crl|'s nextUpdate time, or NULL if |crl|
// has none.
OPENSSL_EXPORT const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
-// X509_CRL_set1_lastUpdate sets |crl|'s lastUpdate time to |tm|. It returns one
-// on success and zero on error.
-OPENSSL_EXPORT int X509_CRL_set1_lastUpdate(X509_CRL *crl, const ASN1_TIME *tm);
-
-// X509_CRL_set1_nextUpdate sets |crl|'s nextUpdate time to |tm|. It returns one
-// on success and zero on error.
-OPENSSL_EXPORT int X509_CRL_set1_nextUpdate(X509_CRL *crl, const ASN1_TIME *tm);
-
-// The following symbols are deprecated aliases to |X509_CRL_set1_*|.
-#define X509_CRL_set_lastUpdate X509_CRL_set1_lastUpdate
-#define X509_CRL_set_nextUpdate X509_CRL_set1_nextUpdate
-
-// X509_CRL_get_lastUpdate returns a mutable pointer to |crl|'s lastUpdate time.
-// Use |X509_CRL_get0_lastUpdate| or |X509_CRL_set1_lastUpdate| instead.
-OPENSSL_EXPORT ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl);
-
-// X509_CRL_get_nextUpdate returns a mutable pointer to |crl|'s nextUpdate time,
-// or NULL if |crl| has none. Use |X509_CRL_get0_nextUpdate| or
-// |X509_CRL_set1_nextUpdate| instead.
-OPENSSL_EXPORT ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl);
-
// X509_CRL_get_issuer returns |crl|'s issuer name. Note this function is not
// const-correct for legacy reasons.
OPENSSL_EXPORT X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
@@ -461,253 +535,819 @@
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(
const X509_CRL *crl);
-// X509_SIG_get0 sets |*out_alg| and |*out_digest| to non-owning pointers to
-// |sig|'s algorithm and digest fields, respectively. Either |out_alg| and
-// |out_digest| may be NULL to skip those fields.
-OPENSSL_EXPORT void X509_SIG_get0(const X509_SIG *sig,
- const X509_ALGOR **out_alg,
- const ASN1_OCTET_STRING **out_digest);
+// X509_CRL_get_ext_count returns the number of extensions in |x|.
+OPENSSL_EXPORT int X509_CRL_get_ext_count(const X509_CRL *x);
-// X509_SIG_getm behaves like |X509_SIG_get0| but returns mutable pointers.
-OPENSSL_EXPORT void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **out_alg,
- ASN1_OCTET_STRING **out_digest);
+// X509_CRL_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches for
+// extensions in |x|.
+OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid,
+ int lastpos);
-// X509_get_X509_PUBKEY returns the public key of |x509|. Note this function is
-// not const-correct for legacy reasons. Callers should not modify the returned
-// object.
-OPENSSL_EXPORT X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x509);
+// X509_CRL_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches for
+// extensions in |x|.
+OPENSSL_EXPORT int X509_CRL_get_ext_by_OBJ(const X509_CRL *x,
+ const ASN1_OBJECT *obj, int lastpos);
-// X509_verify_cert_error_string returns |err| as a human-readable string, where
-// |err| should be one of the |X509_V_*| values. If |err| is unknown, it returns
-// a default description.
-OPENSSL_EXPORT const char *X509_verify_cert_error_string(long err);
+// X509_CRL_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| but
+// searches for extensions in |x|.
+OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit,
+ int lastpos);
-// X509_verify checks that |x509| has a valid signature by |pkey|. It returns
-// one if the signature is valid and zero otherwise. Note this function only
-// checks the signature itself and does not perform a full certificate
-// validation.
-OPENSSL_EXPORT int X509_verify(X509 *x509, EVP_PKEY *pkey);
+// X509_CRL_get_ext returns the extension in |x| at index |loc|, or NULL if
+// |loc| is out of bounds. This function returns a non-const pointer for OpenSSL
+// compatibility, but callers should not mutate the result.
+OPENSSL_EXPORT X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
-// X509_REQ_verify checks that |req| has a valid signature by |pkey|. It returns
-// one if the signature is valid and zero otherwise.
-OPENSSL_EXPORT int X509_REQ_verify(X509_REQ *req, EVP_PKEY *pkey);
+// X509_CRL_get0_signature sets |*out_sig| and |*out_alg| to the signature and
+// signature algorithm of |crl|, respectively. Either output pointer may be NULL
+// to ignore the value.
+//
+// This function outputs the outer signature algorithm, not the one in the
+// TBSCertList. CRLs with mismatched signature algorithms will successfully
+// parse, but they will be rejected when verifying.
+OPENSSL_EXPORT void X509_CRL_get0_signature(const X509_CRL *crl,
+ const ASN1_BIT_STRING **out_sig,
+ const X509_ALGOR **out_alg);
+
+// X509_CRL_get_signature_nid returns the NID corresponding to |crl|'s signature
+// algorithm, or |NID_undef| if the signature algorithm does not correspond to
+// a known NID.
+OPENSSL_EXPORT int X509_CRL_get_signature_nid(const X509_CRL *crl);
+
+// i2d_X509_CRL_tbs serializes the TBSCertList portion of |crl|, as described in
+// |i2d_SAMPLE|.
+//
+// This function preserves the original encoding of the TBSCertList and may not
+// reflect modifications made to |crl|. It may be used to manually verify the
+// signature of an existing CRL. To generate CRLs, use |i2d_re_X509_CRL_tbs|
+// instead.
+OPENSSL_EXPORT int i2d_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp);
// X509_CRL_verify checks that |crl| has a valid signature by |pkey|. It returns
// one if the signature is valid and zero otherwise.
OPENSSL_EXPORT int X509_CRL_verify(X509_CRL *crl, EVP_PKEY *pkey);
-// NETSCAPE_SPKI_verify checks that |spki| has a valid signature by |pkey|. It
-// returns one if the signature is valid and zero otherwise.
-OPENSSL_EXPORT int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *spki, EVP_PKEY *pkey);
-// NETSCAPE_SPKI_b64_decode decodes |len| bytes from |str| as a base64-encoded
-// Netscape signed public key and challenge (SPKAC) structure. It returns a
-// newly-allocated |NETSCAPE_SPKI| structure with the result, or NULL on error.
-// If |len| is 0 or negative, the length is calculated with |strlen| and |str|
-// must be a NUL-terminated C string.
-OPENSSL_EXPORT NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str,
- int len);
+// Issuing certificate revocation lists.
+//
+// An |X509_CRL| object may also represent an incomplete CRL. Callers may
+// construct empty |X509_CRL| objects, fill in fields individually, and finally
+// sign the result. The following functions may be used for this purpose.
-// NETSCAPE_SPKI_b64_encode encodes |spki| as a base64-encoded Netscape signed
-// public key and challenge (SPKAC) structure. It returns a newly-allocated
-// NUL-terminated C string with the result, or NULL on error. The caller must
-// release the memory with |OPENSSL_free| when done.
-OPENSSL_EXPORT char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki);
+// X509_CRL_new returns a newly-allocated, empty |X509_CRL| object, or NULL on
+// error. This object may be filled in and then signed to construct a CRL.
+OPENSSL_EXPORT X509_CRL *X509_CRL_new(void);
-// NETSCAPE_SPKI_get_pubkey decodes and returns the public key in |spki| as an
-// |EVP_PKEY|, or NULL on error. The caller takes ownership of the resulting
-// pointer and must call |EVP_PKEY_free| when done.
-OPENSSL_EXPORT EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *spki);
+// X509_CRL_set_version sets |crl|'s version to |version|, which should be one
+// of the |X509_CRL_VERSION_*| constants. It returns one on success and zero on
+// error.
+//
+// If unsure, use |X509_CRL_VERSION_2|. Note that, unlike certificates, CRL
+// versions are only defined up to v2. Callers should not use |X509_VERSION_3|.
+OPENSSL_EXPORT int X509_CRL_set_version(X509_CRL *crl, long version);
-// NETSCAPE_SPKI_set_pubkey sets |spki|'s public key to |pkey|. It returns one
-// on success or zero on error. This function does not take ownership of |pkey|,
-// so the caller may continue to manage its lifetime independently of |spki|.
-OPENSSL_EXPORT int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *spki,
- EVP_PKEY *pkey);
+// X509_CRL_set_issuer_name sets |crl|'s issuer to a copy of |name|. It returns
+// one on success and zero on error.
+OPENSSL_EXPORT int X509_CRL_set_issuer_name(X509_CRL *crl, X509_NAME *name);
-// X509_signature_dump writes a human-readable representation of |sig| to |bio|,
-// indented with |indent| spaces. It returns one on success and zero on error.
-OPENSSL_EXPORT int X509_signature_dump(BIO *bio, const ASN1_STRING *sig,
- int indent);
+// X509_CRL_set1_lastUpdate sets |crl|'s thisUpdate time to |tm|. It returns one
+// on success and zero on error. The OpenSSL API refers to this field as
+// lastUpdate.
+OPENSSL_EXPORT int X509_CRL_set1_lastUpdate(X509_CRL *crl, const ASN1_TIME *tm);
-// X509_signature_print writes a human-readable representation of |alg| and
-// |sig| to |bio|. It returns one on success and zero on error.
-OPENSSL_EXPORT int X509_signature_print(BIO *bio, const X509_ALGOR *alg,
- const ASN1_STRING *sig);
+// X509_CRL_set1_nextUpdate sets |crl|'s nextUpdate time to |tm|. It returns one
+// on success and zero on error.
+OPENSSL_EXPORT int X509_CRL_set1_nextUpdate(X509_CRL *crl, const ASN1_TIME *tm);
-// X509_sign signs |x509| with |pkey| and replaces the signature algorithm and
-// signature fields. It returns one on success and zero on error. This function
-// uses digest algorithm |md|, or |pkey|'s default if NULL. Other signing
-// parameters use |pkey|'s defaults. To customize them, use |X509_sign_ctx|.
-OPENSSL_EXPORT int X509_sign(X509 *x509, EVP_PKEY *pkey, const EVP_MD *md);
+// X509_CRL_delete_ext removes the extension in |x| at index |loc| and returns
+// the removed extension, or NULL if |loc| was out of bounds. If non-NULL, the
+// caller must release the result with |X509_EXTENSION_free|.
+OPENSSL_EXPORT X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
-// X509_sign_ctx signs |x509| with |ctx| and replaces the signature algorithm
-// and signature fields. It returns one on success and zero on error. The
-// signature algorithm and parameters come from |ctx|, which must have been
-// initialized with |EVP_DigestSignInit|. The caller should configure the
-// corresponding |EVP_PKEY_CTX| before calling this function.
-OPENSSL_EXPORT int X509_sign_ctx(X509 *x509, EVP_MD_CTX *ctx);
-
-// X509_REQ_sign signs |req| with |pkey| and replaces the signature algorithm
-// and signature fields. It returns one on success and zero on error. This
-// function uses digest algorithm |md|, or |pkey|'s default if NULL. Other
-// signing parameters use |pkey|'s defaults. To customize them, use
-// |X509_REQ_sign_ctx|.
-OPENSSL_EXPORT int X509_REQ_sign(X509_REQ *req, EVP_PKEY *pkey,
- const EVP_MD *md);
-
-// X509_REQ_sign_ctx signs |req| with |ctx| and replaces the signature algorithm
-// and signature fields. It returns one on success and zero on error. The
-// signature algorithm and parameters come from |ctx|, which must have been
-// initialized with |EVP_DigestSignInit|. The caller should configure the
-// corresponding |EVP_PKEY_CTX| before calling this function.
-OPENSSL_EXPORT int X509_REQ_sign_ctx(X509_REQ *req, EVP_MD_CTX *ctx);
+// X509_CRL_add_ext adds a copy of |ex| to |x|. It returns one on success and
+// zero on failure. The caller retains ownership of |ex| and can release it
+// independently of |x|.
+//
+// The new extension is inserted at index |loc|, shifting extensions to the
+// right. If |loc| is -1 or out of bounds, the new extension is appended to the
+// list.
+OPENSSL_EXPORT int X509_CRL_add_ext(X509_CRL *x, const X509_EXTENSION *ex,
+ int loc);
// X509_CRL_sign signs |crl| with |pkey| and replaces the signature algorithm
-// and signature fields. It returns one on success and zero on error. This
-// function uses digest algorithm |md|, or |pkey|'s default if NULL. Other
-// signing parameters use |pkey|'s defaults. To customize them, use
-// |X509_CRL_sign_ctx|.
+// and signature fields. It returns the length of the signature on success and
+// zero on error. This function uses digest algorithm |md|, or |pkey|'s default
+// if NULL. Other signing parameters use |pkey|'s defaults. To customize them,
+// use |X509_CRL_sign_ctx|.
OPENSSL_EXPORT int X509_CRL_sign(X509_CRL *crl, EVP_PKEY *pkey,
const EVP_MD *md);
// X509_CRL_sign_ctx signs |crl| with |ctx| and replaces the signature algorithm
-// and signature fields. It returns one on success and zero on error. The
-// signature algorithm and parameters come from |ctx|, which must have been
-// initialized with |EVP_DigestSignInit|. The caller should configure the
-// corresponding |EVP_PKEY_CTX| before calling this function.
+// and signature fields. It returns the length of the signature on success and
+// zero on error. The signature algorithm and parameters come from |ctx|, which
+// must have been initialized with |EVP_DigestSignInit|. The caller should
+// configure the corresponding |EVP_PKEY_CTX| before calling this function.
OPENSSL_EXPORT int X509_CRL_sign_ctx(X509_CRL *crl, EVP_MD_CTX *ctx);
-// NETSCAPE_SPKI_sign signs |spki| with |pkey| and replaces the signature
-// algorithm and signature fields. It returns one on success and zero on error.
-// This function uses digest algorithm |md|, or |pkey|'s default if NULL. Other
-// signing parameters use |pkey|'s defaults.
-OPENSSL_EXPORT int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *spki, EVP_PKEY *pkey,
- const EVP_MD *md);
+// i2d_re_X509_CRL_tbs serializes the TBSCertList portion of |crl|, as described
+// in |i2d_SAMPLE|.
+//
+// This function re-encodes the TBSCertList and may not reflect |crl|'s original
+// encoding. It may be used to manually generate a signature for a new CRL. To
+// verify CRLs, use |i2d_X509_CRL_tbs| instead.
+OPENSSL_EXPORT int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp);
-// X509_pubkey_digest hashes the DER encoding of |x509|'s subjectPublicKeyInfo
-// field with |md| and writes the result to |out|. |EVP_MD_CTX_size| bytes are
-// written, which is at most |EVP_MAX_MD_SIZE|. If |out_len| is not NULL,
-// |*out_len| is set to the number of bytes written. This function returns one
-// on success and zero on error.
-OPENSSL_EXPORT int X509_pubkey_digest(const X509 *x509, const EVP_MD *md,
- uint8_t *out, unsigned *out_len);
+// X509_CRL_set1_signature_algo sets |crl|'s signature algorithm to |algo| and
+// returns one on success or zero on error. It updates both the signature field
+// of the TBSCertList structure, and the signatureAlgorithm field of the CRL.
+OPENSSL_EXPORT int X509_CRL_set1_signature_algo(X509_CRL *crl,
+ const X509_ALGOR *algo);
-// X509_digest hashes |x509|'s DER encoding with |md| and writes the result to
-// |out|. |EVP_MD_CTX_size| bytes are written, which is at most
-// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
-// of bytes written. This function returns one on success and zero on error.
-// Note this digest covers the entire certificate, not just the signed portion.
-OPENSSL_EXPORT int X509_digest(const X509 *x509, const EVP_MD *md, uint8_t *out,
- unsigned *out_len);
+// X509_CRL_set1_signature_value sets |crl|'s signature to a copy of the
+// |sig_len| bytes pointed by |sig|. It returns one on success and zero on
+// error.
+//
+// Due to a specification error, X.509 CRLs store signatures in ASN.1 BIT
+// STRINGs, but signature algorithms return byte strings rather than bit
+// strings. This function creates a BIT STRING containing a whole number of
+// bytes, with the bit order matching the DER encoding. This matches the
+// encoding used by all X.509 signature algorithms.
+OPENSSL_EXPORT int X509_CRL_set1_signature_value(X509_CRL *crl,
+ const uint8_t *sig,
+ size_t sig_len);
-// X509_CRL_digest hashes |crl|'s DER encoding with |md| and writes the result
-// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
-// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
-// of bytes written. This function returns one on success and zero on error.
-// Note this digest covers the entire CRL, not just the signed portion.
-OPENSSL_EXPORT int X509_CRL_digest(const X509_CRL *crl, const EVP_MD *md,
- uint8_t *out, unsigned *out_len);
-// X509_REQ_digest hashes |req|'s DER encoding with |md| and writes the result
-// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
-// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
-// of bytes written. This function returns one on success and zero on error.
-// Note this digest covers the entire certificate request, not just the signed
-// portion.
-OPENSSL_EXPORT int X509_REQ_digest(const X509_REQ *req, const EVP_MD *md,
- uint8_t *out, unsigned *out_len);
+// Certificate requests.
+//
+// An |X509_REQ| represents a PKCS #10 certificate request (RFC 2986). These are
+// also referred to as certificate signing requests or CSRs. CSRs are a common
+// format used to request a certificate from a CA.
+//
+// Although an |X509_REQ| is a mutable object, mutating an |X509_REQ| can give
+// incorrect results. Callers typically obtain |X509_REQ|s by parsing some input
+// with |d2i_X509_REQ|, etc. Such objects carry information such as the
+// serialized CertificationRequestInfo, which will become inconsistent when
+// mutated.
+//
+// Instead, mutation functions should only be used when issuing new CRLs, as
+// described in a later section.
-// X509_NAME_digest hashes |name|'s DER encoding with |md| and writes the result
-// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
-// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
-// of bytes written. This function returns one on success and zero on error.
-OPENSSL_EXPORT int X509_NAME_digest(const X509_NAME *name, const EVP_MD *md,
- uint8_t *out, unsigned *out_len);
+// X509_REQ is an |ASN1_ITEM| whose ASN.1 type is CertificateRequest (RFC 2986)
+// and C type is |X509_REQ*|.
+DECLARE_ASN1_ITEM(X509_REQ)
-// X509_parse_from_buffer parses an X.509 structure from |buf| and returns a
-// fresh X509 or NULL on error. There must not be any trailing data in |buf|.
-// The returned structure (if any) holds a reference to |buf| rather than
-// copying parts of it as a normal |d2i_X509| call would do.
-OPENSSL_EXPORT X509 *X509_parse_from_buffer(CRYPTO_BUFFER *buf);
-
-OPENSSL_EXPORT X509 *d2i_X509_fp(FILE *fp, X509 **x509);
-OPENSSL_EXPORT int i2d_X509_fp(FILE *fp, X509 *x509);
-OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
-OPENSSL_EXPORT int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl);
-OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
-OPENSSL_EXPORT int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req);
-OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
-OPENSSL_EXPORT int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa);
-OPENSSL_EXPORT RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
-OPENSSL_EXPORT int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa);
-OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
-OPENSSL_EXPORT int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa);
-#ifndef OPENSSL_NO_DSA
-OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
-OPENSSL_EXPORT int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
-OPENSSL_EXPORT DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
-OPENSSL_EXPORT int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
-#endif
-OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
-OPENSSL_EXPORT int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
-OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
-OPENSSL_EXPORT int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
-OPENSSL_EXPORT X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
-OPENSSL_EXPORT int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8);
-OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(
- FILE *fp, PKCS8_PRIV_KEY_INFO **p8inf);
-OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
- PKCS8_PRIV_KEY_INFO *p8inf);
-OPENSSL_EXPORT int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
-OPENSSL_EXPORT int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
-OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
-OPENSSL_EXPORT int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
-OPENSSL_EXPORT EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
-
-OPENSSL_EXPORT X509 *d2i_X509_bio(BIO *bp, X509 **x509);
-OPENSSL_EXPORT int i2d_X509_bio(BIO *bp, X509 *x509);
-OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl);
-OPENSSL_EXPORT int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl);
-OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req);
-OPENSSL_EXPORT int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req);
-OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa);
-OPENSSL_EXPORT int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa);
-OPENSSL_EXPORT RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa);
-OPENSSL_EXPORT int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa);
-OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa);
-OPENSSL_EXPORT int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa);
-#ifndef OPENSSL_NO_DSA
-OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
-OPENSSL_EXPORT int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
-OPENSSL_EXPORT DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
-OPENSSL_EXPORT int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
-#endif
-OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
-OPENSSL_EXPORT int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey);
-OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
-OPENSSL_EXPORT int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey);
-OPENSSL_EXPORT X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8);
-OPENSSL_EXPORT int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8);
-OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(
- BIO *bp, PKCS8_PRIV_KEY_INFO **p8inf);
-OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
- PKCS8_PRIV_KEY_INFO *p8inf);
-OPENSSL_EXPORT int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key);
-OPENSSL_EXPORT int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey);
-OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
-OPENSSL_EXPORT int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
-OPENSSL_EXPORT EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
-OPENSSL_EXPORT DH *d2i_DHparams_bio(BIO *bp, DH **dh);
-OPENSSL_EXPORT int i2d_DHparams_bio(BIO *bp, const DH *dh);
-
-OPENSSL_EXPORT X509 *X509_dup(X509 *x509);
-OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa);
-OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
-OPENSSL_EXPORT X509_CRL *X509_CRL_dup(X509_CRL *crl);
-OPENSSL_EXPORT X509_REVOKED *X509_REVOKED_dup(X509_REVOKED *rev);
+// X509_REQ_dup returns a newly-allocated copy of |req|, or NULL on error. This
+// function works by serializing the structure, so if |req| is incomplete, it
+// may fail.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |req| was
+// mutated.
OPENSSL_EXPORT X509_REQ *X509_REQ_dup(X509_REQ *req);
-OPENSSL_EXPORT X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
+
+// X509_REQ_free releases memory associated with |req|.
+OPENSSL_EXPORT void X509_REQ_free(X509_REQ *req);
+
+// d2i_X509_REQ parses up to |len| bytes from |*inp| as a DER-encoded
+// CertificateRequest (RFC 2986), as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509_REQ *d2i_X509_REQ(X509_REQ **out, const uint8_t **inp,
+ long len);
+
+// i2d_X509_REQ marshals |req| as a CertificateRequest (RFC 2986), as described
+// in |i2d_SAMPLE|.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |req| was
+// mutated.
+OPENSSL_EXPORT int i2d_X509_REQ(X509_REQ *req, uint8_t **outp);
+
+// X509_REQ_VERSION_1 is the version constant for |X509_REQ| objects. No other
+// versions are defined.
+#define X509_REQ_VERSION_1 0
+
+// X509_REQ_get_version returns the numerical value of |req|'s version. This
+// will always be |X509_REQ_VERSION_1| for valid CSRs. For compatibility,
+// |d2i_X509_REQ| also accepts some invalid version numbers, in which case this
+// function may return other values.
+OPENSSL_EXPORT long X509_REQ_get_version(const X509_REQ *req);
+
+// X509_REQ_get_subject_name returns |req|'s subject name. Note this function is
+// not const-correct for legacy reasons.
+OPENSSL_EXPORT X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
+
+// X509_REQ_get_pubkey returns |req|'s public key as an |EVP_PKEY|, or NULL if
+// the public key was unsupported or could not be decoded. This function returns
+// a reference to the |EVP_PKEY|. The caller must release the result with
+// |EVP_PKEY_free| when done.
+OPENSSL_EXPORT EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
+
+// X509_REQ_get_attr_count returns the number of attributes in |req|.
+OPENSSL_EXPORT int X509_REQ_get_attr_count(const X509_REQ *req);
+
+// X509_REQ_get_attr returns the attribute at index |loc| in |req|, or NULL if
+// out of bounds.
+OPENSSL_EXPORT X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
+
+// X509_REQ_get_attr_by_NID returns the index of the attribute in |req| of type
+// |nid|, or a negative number if not found. If found, callers can use
+// |X509_REQ_get_attr| to look up the attribute by index.
+//
+// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
+// can thus loop over all matching attributes by first passing -1 and then
+// passing the previously-returned value until no match is returned.
+OPENSSL_EXPORT int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
+ int lastpos);
+
+// X509_REQ_get_attr_by_OBJ behaves like |X509_REQ_get_attr_by_NID| but looks
+// for attributes of type |obj|.
+OPENSSL_EXPORT int X509_REQ_get_attr_by_OBJ(const X509_REQ *req,
+ const ASN1_OBJECT *obj,
+ int lastpos);
+
+// X509_REQ_extension_nid returns one if |nid| is a supported CSR attribute type
+// for carrying extensions and zero otherwise. The supported types are
+// |NID_ext_req| (pkcs-9-at-extensionRequest from RFC 2985) and |NID_ms_ext_req|
+// (a Microsoft szOID_CERT_EXTENSIONS variant).
+OPENSSL_EXPORT int X509_REQ_extension_nid(int nid);
+
+// X509_REQ_get_extensions decodes the list of requested extensions in |req| and
+// returns a newly-allocated |STACK_OF(X509_EXTENSION)| containing the result.
+// It returns NULL on error, or if |req| did not request extensions.
+//
+// CSRs do not store extensions directly. Instead there are attribute types
+// which are defined to hold extensions. See |X509_REQ_extension_nid|. This
+// function supports both pkcs-9-at-extensionRequest from RFC 2985 and the
+// Microsoft szOID_CERT_EXTENSIONS variant. If both are present,
+// pkcs-9-at-extensionRequest is preferred.
+OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
+
+// X509_REQ_get0_signature sets |*out_sig| and |*out_alg| to the signature and
+// signature algorithm of |req|, respectively. Either output pointer may be NULL
+// to ignore the value.
+OPENSSL_EXPORT void X509_REQ_get0_signature(const X509_REQ *req,
+ const ASN1_BIT_STRING **out_sig,
+ const X509_ALGOR **out_alg);
+
+// X509_REQ_get_signature_nid returns the NID corresponding to |req|'s signature
+// algorithm, or |NID_undef| if the signature algorithm does not correspond to
+// a known NID.
+OPENSSL_EXPORT int X509_REQ_get_signature_nid(const X509_REQ *req);
+
+// X509_REQ_verify checks that |req| has a valid signature by |pkey|. It returns
+// one if the signature is valid and zero otherwise.
+OPENSSL_EXPORT int X509_REQ_verify(X509_REQ *req, EVP_PKEY *pkey);
+
+
+// Issuing certificate requests.
+//
+// An |X509_REQ| object may also represent an incomplete CSR. Callers may
+// construct empty |X509_REQ| objects, fill in fields individually, and finally
+// sign the result. The following functions may be used for this purpose.
+
+// X509_REQ_new returns a newly-allocated, empty |X509_REQ| object, or NULL on
+// error. This object may be filled in and then signed to construct a CSR.
+OPENSSL_EXPORT X509_REQ *X509_REQ_new(void);
+
+// X509_REQ_set_version sets |req|'s version to |version|, which should be
+// |X509_REQ_VERSION_1|. It returns one on success and zero on error.
+//
+// The only defined CSR version is |X509_REQ_VERSION_1|, so there is no need to
+// call this function.
+OPENSSL_EXPORT int X509_REQ_set_version(X509_REQ *req, long version);
+
+// X509_REQ_set_subject_name sets |req|'s subject to a copy of |name|. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
+
+// X509_REQ_set_pubkey sets |req|'s public key to |pkey|. It returns one on
+// success and zero on error. This function does not take ownership of |pkey|
+// and internally copies and updates reference counts as needed.
+OPENSSL_EXPORT int X509_REQ_set_pubkey(X509_REQ *req, EVP_PKEY *pkey);
+
+// X509_REQ_delete_attr removes the attribute at index |loc| in |req|. It
+// returns the removed attribute to the caller, or NULL if |loc| was out of
+// bounds. If non-NULL, the caller must release the result with
+// |X509_ATTRIBUTE_free| when done. It is also safe, but not necessary, to call
+// |X509_ATTRIBUTE_free| if the result is NULL.
+OPENSSL_EXPORT X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
+
+// X509_REQ_add1_attr appends a copy of |attr| to |req|'s list of attributes. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int X509_REQ_add1_attr(X509_REQ *req,
+ const X509_ATTRIBUTE *attr);
+
+// X509_REQ_add1_attr_by_OBJ appends a new attribute to |req| with type |obj|.
+// It returns one on success and zero on error. The value is determined by
+// |X509_ATTRIBUTE_set1_data|.
+//
+// WARNING: The interpretation of |attrtype|, |data|, and |len| is complex and
+// error-prone. See |X509_ATTRIBUTE_set1_data| for details.
+OPENSSL_EXPORT int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
+ const ASN1_OBJECT *obj,
+ int attrtype,
+ const unsigned char *data,
+ int len);
+
+// X509_REQ_add1_attr_by_NID behaves like |X509_REQ_add1_attr_by_OBJ| except the
+// attribute type is determined by |nid|.
+OPENSSL_EXPORT int X509_REQ_add1_attr_by_NID(X509_REQ *req, int nid,
+ int attrtype,
+ const unsigned char *data,
+ int len);
+
+// X509_REQ_add1_attr_by_txt behaves like |X509_REQ_add1_attr_by_OBJ| except the
+// attribute type is determined by calling |OBJ_txt2obj| with |attrname|.
+OPENSSL_EXPORT int X509_REQ_add1_attr_by_txt(X509_REQ *req,
+ const char *attrname, int attrtype,
+ const unsigned char *data,
+ int len);
+
+// X509_REQ_add_extensions_nid adds an attribute to |req| of type |nid|, to
+// request the certificate extensions in |exts|. It returns one on success and
+// zero on error. |nid| should be |NID_ext_req| or |NID_ms_ext_req|.
+OPENSSL_EXPORT int X509_REQ_add_extensions_nid(
+ X509_REQ *req, const STACK_OF(X509_EXTENSION) *exts, int nid);
+
+// X509_REQ_add_extensions behaves like |X509_REQ_add_extensions_nid|, using the
+// standard |NID_ext_req| for the attribute type.
+OPENSSL_EXPORT int X509_REQ_add_extensions(
+ X509_REQ *req, const STACK_OF(X509_EXTENSION) *exts);
+
+// X509_REQ_sign signs |req| with |pkey| and replaces the signature algorithm
+// and signature fields. It returns the length of the signature on success and
+// zero on error. This function uses digest algorithm |md|, or |pkey|'s default
+// if NULL. Other signing parameters use |pkey|'s defaults. To customize them,
+// use |X509_REQ_sign_ctx|.
+OPENSSL_EXPORT int X509_REQ_sign(X509_REQ *req, EVP_PKEY *pkey,
+ const EVP_MD *md);
+
+// X509_REQ_sign_ctx signs |req| with |ctx| and replaces the signature algorithm
+// and signature fields. It returns the length of the signature on success and
+// zero on error. The signature algorithm and parameters come from |ctx|, which
+// must have been initialized with |EVP_DigestSignInit|. The caller should
+// configure the corresponding |EVP_PKEY_CTX| before calling this function.
+OPENSSL_EXPORT int X509_REQ_sign_ctx(X509_REQ *req, EVP_MD_CTX *ctx);
+
+// i2d_re_X509_REQ_tbs serializes the CertificationRequestInfo (see RFC 2986)
+// portion of |req|, as described in |i2d_SAMPLE|.
+//
+// This function re-encodes the CertificationRequestInfo and may not reflect
+// |req|'s original encoding. It may be used to manually generate a signature
+// for a new certificate request.
+OPENSSL_EXPORT int i2d_re_X509_REQ_tbs(X509_REQ *req, uint8_t **outp);
+
+// X509_REQ_set1_signature_algo sets |req|'s signature algorithm to |algo| and
+// returns one on success or zero on error.
+OPENSSL_EXPORT int X509_REQ_set1_signature_algo(X509_REQ *req,
+ const X509_ALGOR *algo);
+
+// X509_REQ_set1_signature_value sets |req|'s signature to a copy of the
+// |sig_len| bytes pointed by |sig|. It returns one on success and zero on
+// error.
+//
+// Due to a specification error, PKCS#10 certificate requests store signatures
+// in ASN.1 BIT STRINGs, but signature algorithms return byte strings rather
+// than bit strings. This function creates a BIT STRING containing a whole
+// number of bytes, with the bit order matching the DER encoding. This matches
+// the encoding used by all X.509 signature algorithms.
+OPENSSL_EXPORT int X509_REQ_set1_signature_value(X509_REQ *req,
+ const uint8_t *sig,
+ size_t sig_len);
+
+
+// Names.
+//
+// An |X509_NAME| represents an X.509 Name structure (RFC 5280). X.509 names are
+// a complex, hierarchical structure over a collection of attributes. Each name
+// is sequence of relative distinguished names (RDNs), decreasing in
+// specificity. For example, the first RDN may specify the country, while the
+// next RDN may specify a locality. Each RDN is, itself, a set of attributes.
+// Having more than one attribute in an RDN is uncommon, but possible. Within an
+// RDN, attributes have the same level in specificity. Attribute types are
+// OBJECT IDENTIFIERs. This determines the ASN.1 type of the value, which is
+// commonly a string but may be other types.
+//
+// The |X509_NAME| representation flattens this two-level structure into a
+// single list of attributes. Each attribute is stored in an |X509_NAME_ENTRY|,
+// with also maintains the index of the RDN it is part of, accessible via
+// |X509_NAME_ENTRY_set|. This can be used to recover the two-level structure.
+//
+// X.509 names are largely vestigial. Historically, DNS names were parsed out of
+// the subject's common name attribute, but this is deprecated and has since
+// moved to the subject alternative name extension. In modern usage, X.509 names
+// are primarily opaque identifiers to link a certificate with its issuer.
+
+DEFINE_STACK_OF(X509_NAME_ENTRY)
+DEFINE_STACK_OF(X509_NAME)
+
+// X509_NAME is an |ASN1_ITEM| whose ASN.1 type is X.509 Name (RFC 5280) and C
+// type is |X509_NAME*|.
+DECLARE_ASN1_ITEM(X509_NAME)
+
+// X509_NAME_new returns a new, empty |X509_NAME_new|, or NULL on
+// error.
+OPENSSL_EXPORT X509_NAME *X509_NAME_new(void);
+
+// X509_NAME_free releases memory associated with |name|.
+OPENSSL_EXPORT void X509_NAME_free(X509_NAME *name);
+
+// d2i_X509_NAME parses up to |len| bytes from |*inp| as a DER-encoded X.509
+// Name (RFC 5280), as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509_NAME *d2i_X509_NAME(X509_NAME **out, const uint8_t **inp,
+ long len);
+
+// i2d_X509_NAME marshals |in| as a DER-encoded X.509 Name (RFC 5280), as
+// described in |i2d_SAMPLE|.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |in| was
+// mutated.
+OPENSSL_EXPORT int i2d_X509_NAME(X509_NAME *in, uint8_t **outp);
+
+// X509_NAME_dup returns a newly-allocated copy of |name|, or NULL on error.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |name| was
+// mutated.
+OPENSSL_EXPORT X509_NAME *X509_NAME_dup(X509_NAME *name);
+
+// X509_NAME_get0_der sets |*out_der| and |*out_der_len|
+//
+// Avoid this function and prefer |i2d_X509_NAME|. It is one of the reasons
+// these functions are not consistently thread-safe or const-correct. Depending
+// on the resolution of https://crbug.com/boringssl/407, this function may be
+// removed or cause poor performance.
+OPENSSL_EXPORT int X509_NAME_get0_der(X509_NAME *name, const uint8_t **out_der,
+ size_t *out_der_len);
+
+// X509_NAME_set makes a copy of |name|. On success, it frees |*xn|, sets |*xn|
+// to the copy, and returns one. Otherwise, it returns zero.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |name| was
+// mutated.
+OPENSSL_EXPORT int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
+
+// X509_NAME_entry_count returns the number of entries in |name|.
+OPENSSL_EXPORT int X509_NAME_entry_count(const X509_NAME *name);
+
+// X509_NAME_get_index_by_NID returns the zero-based index of the first
+// attribute in |name| with type |nid|, or -1 if there is none. |nid| should be
+// one of the |NID_*| constants. If |lastpos| is non-negative, it begins
+// searching at |lastpos+1|. To search all attributes, pass in -1, not zero.
+//
+// Indices from this function refer to |X509_NAME|'s flattened representation.
+OPENSSL_EXPORT int X509_NAME_get_index_by_NID(const X509_NAME *name, int nid,
+ int lastpos);
+
+// X509_NAME_get_index_by_OBJ behaves like |X509_NAME_get_index_by_NID| but
+// looks for attributes with type |obj|.
+OPENSSL_EXPORT int X509_NAME_get_index_by_OBJ(const X509_NAME *name,
+ const ASN1_OBJECT *obj,
+ int lastpos);
+
+// X509_NAME_get_entry returns the attribute in |name| at index |loc|, or NULL
+// if |loc| is out of range. |loc| is interpreted using |X509_NAME|'s flattened
+// representation. This function returns a non-const pointer for OpenSSL
+// compatibility, but callers should not mutate the result. Doing so will break
+// internal invariants in the library.
+OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name,
+ int loc);
+
+// X509_NAME_delete_entry removes and returns the attribute in |name| at index
+// |loc|, or NULL if |loc| is out of range. |loc| is interpreted using
+// |X509_NAME|'s flattened representation. If the attribute is found, the caller
+// is responsible for releasing the result with |X509_NAME_ENTRY_free|.
+//
+// This function will internally update RDN indices (see |X509_NAME_ENTRY_set|)
+// so they continue to be consecutive.
+OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name,
+ int loc);
+
+// X509_NAME_add_entry adds a copy of |entry| to |name| and returns one on
+// success or zero on error. If |loc| is -1, the entry is appended to |name|.
+// Otherwise, it is inserted at index |loc|. If |set| is -1, the entry is added
+// to the previous entry's RDN. If it is 0, the entry becomes a singleton RDN.
+// If 1, it is added to next entry's RDN.
+//
+// This function will internally update RDN indices (see |X509_NAME_ENTRY_set|)
+// so they continue to be consecutive.
+OPENSSL_EXPORT int X509_NAME_add_entry(X509_NAME *name,
+ const X509_NAME_ENTRY *entry, int loc,
+ int set);
+
+// X509_NAME_add_entry_by_OBJ adds a new entry to |name| and returns one on
+// success or zero on error. The entry's attribute type is |obj|. The entry's
+// attribute value is determined by |type|, |bytes|, and |len|, as in
+// |X509_NAME_ENTRY_set_data|. The entry's position is determined by |loc| and
+// |set| as in |X509_NAME_add_entry|.
+OPENSSL_EXPORT int X509_NAME_add_entry_by_OBJ(X509_NAME *name,
+ const ASN1_OBJECT *obj, int type,
+ const uint8_t *bytes,
+ ossl_ssize_t len, int loc,
+ int set);
+
+// X509_NAME_add_entry_by_NID behaves like |X509_NAME_add_entry_by_OBJ| but sets
+// the entry's attribute type to |nid|, which should be one of the |NID_*|
+// constants.
+OPENSSL_EXPORT int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid,
+ int type, const uint8_t *bytes,
+ ossl_ssize_t len, int loc,
+ int set);
+
+// X509_NAME_add_entry_by_txt behaves like |X509_NAME_add_entry_by_OBJ| but sets
+// the entry's attribute type to |field|, which is passed to |OBJ_txt2obj|.
+OPENSSL_EXPORT int X509_NAME_add_entry_by_txt(X509_NAME *name,
+ const char *field, int type,
+ const uint8_t *bytes,
+ ossl_ssize_t len, int loc,
+ int set);
+
+// X509_NAME_ENTRY is an |ASN1_ITEM| whose ASN.1 type is AttributeTypeAndValue
+// (RFC 5280) and C type is |X509_NAME_ENTRY*|.
+DECLARE_ASN1_ITEM(X509_NAME_ENTRY)
+
+// X509_NAME_ENTRY_new returns a new, empty |X509_NAME_ENTRY_new|, or NULL on
+// error.
+OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_new(void);
+
+// X509_NAME_ENTRY_free releases memory associated with |entry|.
+OPENSSL_EXPORT void X509_NAME_ENTRY_free(X509_NAME_ENTRY *entry);
+
+// d2i_X509_NAME_ENTRY parses up to |len| bytes from |*inp| as a DER-encoded
+// AttributeTypeAndValue (RFC 5280), as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **out,
+ const uint8_t **inp,
+ long len);
+
+// i2d_X509_NAME_ENTRY marshals |in| as a DER-encoded AttributeTypeAndValue (RFC
+// 5280), as described in |i2d_SAMPLE|.
+OPENSSL_EXPORT int i2d_X509_NAME_ENTRY(const X509_NAME_ENTRY *in,
+ uint8_t **outp);
+
+// X509_NAME_ENTRY_dup returns a newly-allocated copy of |entry|, or NULL on
+// error.
+OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_dup(
+ const X509_NAME_ENTRY *entry);
+
+// X509_NAME_ENTRY_get_object returns |entry|'s attribute type. This function
+// returns a non-const pointer for OpenSSL compatibility, but callers should not
+// mutate the result. Doing so will break internal invariants in the library.
+OPENSSL_EXPORT ASN1_OBJECT *X509_NAME_ENTRY_get_object(
+ const X509_NAME_ENTRY *entry);
+
+// X509_NAME_ENTRY_set_object sets |entry|'s attribute type to |obj|. It returns
+// one on success and zero on error.
+OPENSSL_EXPORT int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *entry,
+ const ASN1_OBJECT *obj);
+
+// X509_NAME_ENTRY_get_data returns |entry|'s attribute value, represented as an
+// |ASN1_STRING|. This value may have any ASN.1 type, so callers must check the
+// type before interpreting the contents. This function returns a non-const
+// pointer for OpenSSL compatibility, but callers should not mutate the result.
+// Doing so will break internal invariants in the library.
+//
+// TODO(https://crbug.com/boringssl/412): Although the spec says any ASN.1 type
+// is allowed, we currently only allow an ad-hoc set of types. Additionally, it
+// is unclear if some types can even be represented by this function.
+OPENSSL_EXPORT ASN1_STRING *X509_NAME_ENTRY_get_data(
+ const X509_NAME_ENTRY *entry);
+
+// X509_NAME_ENTRY_set_data sets |entry|'s value to |len| bytes from |bytes|. It
+// returns one on success and zero on error. If |len| is -1, |bytes| must be a
+// NUL-terminated C string and the length is determined by |strlen|. |bytes| is
+// converted to an ASN.1 type as follows:
+//
+// If |type| is a |MBSTRING_*| constant, the value is an ASN.1 string. The
+// string is determined by decoding |bytes| in the encoding specified by |type|,
+// and then re-encoding it in a form appropriate for |entry|'s attribute type.
+// See |ASN1_STRING_set_by_NID| for details.
+//
+// Otherwise, the value is an |ASN1_STRING| with type |type| and value |bytes|.
+// See |ASN1_STRING| for how to format ASN.1 types as an |ASN1_STRING|. If
+// |type| is |V_ASN1_UNDEF| the previous |ASN1_STRING| type is reused.
+OPENSSL_EXPORT int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *entry, int type,
+ const uint8_t *bytes,
+ ossl_ssize_t len);
+
+// X509_NAME_ENTRY_set returns the zero-based index of the RDN which contains
+// |entry|. Consecutive entries with the same index are part of the same RDN.
+OPENSSL_EXPORT int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *entry);
+
+// X509_NAME_ENTRY_create_by_OBJ creates a new |X509_NAME_ENTRY| with attribute
+// type |obj|. The attribute value is determined from |type|, |bytes|, and |len|
+// as in |X509_NAME_ENTRY_set_data|. It returns the |X509_NAME_ENTRY| on success
+// and NULL on error.
+//
+// If |out| is non-NULL and |*out| is NULL, it additionally sets |*out| to the
+// result on success. If both |out| and |*out| are non-NULL, it updates the
+// object at |*out| instead of allocating a new one.
+OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(
+ X509_NAME_ENTRY **out, const ASN1_OBJECT *obj, int type,
+ const uint8_t *bytes, ossl_ssize_t len);
+
+// X509_NAME_ENTRY_create_by_NID behaves like |X509_NAME_ENTRY_create_by_OBJ|
+// except the attribute type is |nid|, which should be one of the |NID_*|
+// constants.
+OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(
+ X509_NAME_ENTRY **out, int nid, int type, const uint8_t *bytes,
+ ossl_ssize_t len);
+
+// X509_NAME_ENTRY_create_by_txt behaves like |X509_NAME_ENTRY_create_by_OBJ|
+// except the attribute type is |field|, which is passed to |OBJ_txt2obj|.
+OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(
+ X509_NAME_ENTRY **out, const char *field, int type, const uint8_t *bytes,
+ ossl_ssize_t len);
+
+
+// Extensions.
+//
+// X.509 certificates and CRLs may contain a list of extensions (RFC 5280).
+// Extensions have a type, specified by an object identifier (|ASN1_OBJECT|) and
+// a byte string value, which should a DER-encoded structure whose type is
+// determined by the extension type. This library represents extensions with the
+// |X509_EXTENSION| type.
+
+// X509_EXTENSION is an |ASN1_ITEM| whose ASN.1 type is X.509 Extension (RFC
+// 5280) and C type is |X509_EXTENSION*|.
+DECLARE_ASN1_ITEM(X509_EXTENSION)
+
+// X509_EXTENSION_new returns a newly-allocated, empty |X509_EXTENSION| object
+// or NULL on error.
+OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_new(void);
+
+// X509_EXTENSION_free releases memory associated with |ex|.
+OPENSSL_EXPORT void X509_EXTENSION_free(X509_EXTENSION *ex);
+
+// d2i_X509_EXTENSION parses up to |len| bytes from |*inp| as a DER-encoded
+// X.509 Extension (RFC 5280), as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **out,
+ const uint8_t **inp,
+ long len);
+
+// i2d_X509_EXTENSION marshals |ex| as a DER-encoded X.509 Extension (RFC
+// 5280), as described in |i2d_SAMPLE|.
+OPENSSL_EXPORT int i2d_X509_EXTENSION(const X509_EXTENSION *ex, uint8_t **outp);
+
+// X509_EXTENSION_dup returns a newly-allocated copy of |ex|, or NULL on error.
+// This function works by serializing the structure, so if |ex| is incomplete,
+// it may fail.
+OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_dup(const X509_EXTENSION *ex);
+
+// X509_EXTENSION_create_by_NID creates a new |X509_EXTENSION| with type |nid|,
+// value |data|, and critical bit |crit|. It returns an |X509_EXTENSION| on
+// success, and NULL on error. |nid| should be a |NID_*| constant.
+//
+// If |ex| and |*ex| are both non-NULL, |*ex| is used to hold the result,
+// otherwise a new object is allocated. If |ex| is non-NULL and |*ex| is NULL,
+// the function sets |*ex| to point to the newly allocated result, in addition
+// to returning the result.
+OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_NID(
+ X509_EXTENSION **ex, int nid, int crit, const ASN1_OCTET_STRING *data);
+
+// X509_EXTENSION_create_by_OBJ behaves like |X509_EXTENSION_create_by_NID|, but
+// the extension type is determined by an |ASN1_OBJECT|.
+OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_OBJ(
+ X509_EXTENSION **ex, const ASN1_OBJECT *obj, int crit,
+ const ASN1_OCTET_STRING *data);
+
+// X509_EXTENSION_get_object returns |ex|'s extension type. This function
+// returns a non-const pointer for OpenSSL compatibility, but callers should not
+// mutate the result.
+OPENSSL_EXPORT ASN1_OBJECT *X509_EXTENSION_get_object(const X509_EXTENSION *ex);
+
+// X509_EXTENSION_get_data returns |ne|'s extension value. This function returns
+// a non-const pointer for OpenSSL compatibility, but callers should not mutate
+// the result.
+OPENSSL_EXPORT ASN1_OCTET_STRING *X509_EXTENSION_get_data(
+ const X509_EXTENSION *ne);
+
+// X509_EXTENSION_get_critical returns one if |ex| is critical and zero
+// otherwise.
+OPENSSL_EXPORT int X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
+
+// X509_EXTENSION_set_object sets |ex|'s extension type to |obj|. It returns one
+// on success and zero on error.
+OPENSSL_EXPORT int X509_EXTENSION_set_object(X509_EXTENSION *ex,
+ const ASN1_OBJECT *obj);
+
+// X509_EXTENSION_set_critical sets |ex| to critical if |crit| is non-zero and
+// to non-critical if |crit| is zero.
+OPENSSL_EXPORT int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+
+// X509_EXTENSION_set_data set's |ex|'s extension value to a copy of |data|. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int X509_EXTENSION_set_data(X509_EXTENSION *ex,
+ const ASN1_OCTET_STRING *data);
+
+
+// Extension lists.
+//
+// The following functions manipulate lists of extensions. Most of them have
+// corresponding functions on the containing |X509|, |X509_CRL|, or
+// |X509_REVOKED|.
+
+DEFINE_STACK_OF(X509_EXTENSION)
+typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
+
+// X509_EXTENSIONS is an |ASN1_ITEM| whose ASN.1 type is SEQUENCE of Extension
+// (RFC 5280) and C type is |STACK_OF(X509_EXTENSION)*|.
+DECLARE_ASN1_ITEM(X509_EXTENSIONS)
+
+// d2i_X509_EXTENSIONS parses up to |len| bytes from |*inp| as a DER-encoded
+// SEQUENCE OF Extension (RFC 5280), as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509_EXTENSIONS *d2i_X509_EXTENSIONS(X509_EXTENSIONS **out,
+ const uint8_t **inp,
+ long len);
+
+// i2d_X509_EXTENSIONS marshals |alg| as a DER-encoded SEQUENCE OF Extension
+// (RFC 5280), as described in |i2d_SAMPLE|.
+OPENSSL_EXPORT int i2d_X509_EXTENSIONS(const X509_EXTENSIONS *alg,
+ uint8_t **outp);
+
+// X509v3_get_ext_count returns the number of extensions in |x|.
+OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+
+// X509v3_get_ext_by_NID returns the index of the first extension in |x| with
+// type |nid|, or a negative number if not found. If found, callers can use
+// |X509v3_get_ext| to look up the extension by index.
+//
+// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
+// can thus loop over all matching extensions by first passing -1 and then
+// passing the previously-returned value until no match is returned.
+OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+ int nid, int lastpos);
+
+// X509v3_get_ext_by_OBJ behaves like |X509v3_get_ext_by_NID| but looks for
+// extensions matching |obj|.
+OPENSSL_EXPORT int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+ const ASN1_OBJECT *obj, int lastpos);
+
+// X509v3_get_ext_by_critical returns the index of the first extension in |x|
+// whose critical bit matches |crit|, or a negative number if no such extension
+// was found.
+//
+// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
+// can thus loop over all matching extensions by first passing -1 and then
+// passing the previously-returned value until no match is returned.
+OPENSSL_EXPORT int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+ int crit, int lastpos);
+
+// X509v3_get_ext returns the extension in |x| at index |loc|, or NULL if |loc|
+// is out of bounds. This function returns a non-const pointer for OpenSSL
+// compatibility, but callers should not mutate the result.
+OPENSSL_EXPORT X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x,
+ int loc);
+
+// X509v3_delete_ext removes the extension in |x| at index |loc| and returns the
+// removed extension, or NULL if |loc| was out of bounds. If an extension was
+// returned, the caller must release it with |X509_EXTENSION_free|.
+OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x,
+ int loc);
+
+// X509v3_add_ext adds a copy of |ex| to the extension list in |*x|. If |*x| is
+// NULL, it allocates a new |STACK_OF(X509_EXTENSION)| to hold the copy and sets
+// |*x| to the new list. It returns |*x| on success and NULL on error. The
+// caller retains ownership of |ex| and can release it independently of |*x|.
+//
+// The new extension is inserted at index |loc|, shifting extensions to the
+// right. If |loc| is -1 or out of bounds, the new extension is appended to the
+// list.
+OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509v3_add_ext(
+ STACK_OF(X509_EXTENSION) **x, const X509_EXTENSION *ex, int loc);
+
+
+// Algorithm identifiers.
+//
+// An |X509_ALGOR| represents an AlgorithmIdentifier structure, used in X.509
+// to represent signature algorithms and public key algorithms.
+
+DEFINE_STACK_OF(X509_ALGOR)
+
+// X509_ALGOR is an |ASN1_ITEM| whose ASN.1 type is AlgorithmIdentifier and C
+// type is |X509_ALGOR*|.
+DECLARE_ASN1_ITEM(X509_ALGOR)
+
+// X509_ALGOR_new returns a newly-allocated, empty |X509_ALGOR| object, or NULL
+// on error.
+OPENSSL_EXPORT X509_ALGOR *X509_ALGOR_new(void);
+
+// X509_ALGOR_dup returns a newly-allocated copy of |alg|, or NULL on error.
+// This function works by serializing the structure, so if |alg| is incomplete,
+// it may fail.
+OPENSSL_EXPORT X509_ALGOR *X509_ALGOR_dup(const X509_ALGOR *alg);
+
+// X509_ALGOR_free releases memory associated with |alg|.
+OPENSSL_EXPORT void X509_ALGOR_free(X509_ALGOR *alg);
+
+// d2i_X509_ALGOR parses up to |len| bytes from |*inp| as a DER-encoded
+// AlgorithmIdentifier, as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509_ALGOR *d2i_X509_ALGOR(X509_ALGOR **out, const uint8_t **inp,
+ long len);
+
+// i2d_X509_ALGOR marshals |alg| as a DER-encoded AlgorithmIdentifier, as
+// described in |i2d_SAMPLE|.
+OPENSSL_EXPORT int i2d_X509_ALGOR(const X509_ALGOR *alg, uint8_t **outp);
// X509_ALGOR_set0 sets |alg| to an AlgorithmIdentifier with algorithm |obj| and
// parameter determined by |param_type| and |param_value|. It returns one on
@@ -758,64 +1398,42 @@
// ordering.
OPENSSL_EXPORT int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
-OPENSSL_EXPORT X509_NAME *X509_NAME_dup(X509_NAME *xn);
-OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
-OPENSSL_EXPORT int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne);
-OPENSSL_EXPORT int X509_NAME_get0_der(X509_NAME *nm, const unsigned char **pder,
- size_t *pderlen);
-
-// X509_cmp_time compares |s| against |*t|. On success, it returns a negative
-// number if |s| <= |*t| and a positive number if |s| > |*t|. On error, it
-// returns zero. If |t| is NULL, it uses the current time instead of |*t|.
+// Attributes.
//
-// WARNING: Unlike most comparison functions, this function returns zero on
-// error, not equality.
-OPENSSL_EXPORT int X509_cmp_time(const ASN1_TIME *s, time_t *t);
+// Unlike certificates and CRLs, CSRs use a separate Attribute structure (RFC
+// 2985, RFC 2986) for extensibility. This is represented by the library as
+// |X509_ATTRIBUTE|.
-// X509_cmp_current_time behaves like |X509_cmp_time| but compares |s| against
-// the current time.
-OPENSSL_EXPORT int X509_cmp_current_time(const ASN1_TIME *s);
+DEFINE_STACK_OF(X509_ATTRIBUTE)
-// X509_time_adj calls |X509_time_adj_ex| with |offset_day| equal to zero.
-OPENSSL_EXPORT ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec,
- time_t *t);
+// X509_ATTRIBUTE is an |ASN1_ITEM| whose ASN.1 type is Attribute (RFC 2986) and
+// C type is |X509_ATTRIBUTE*|.
+DECLARE_ASN1_ITEM(X509_ATTRIBUTE)
-// X509_time_adj_ex behaves like |ASN1_TIME_adj|, but adds an offset to |*t|. If
-// |t| is NULL, it uses the current time instead of |*t|.
-OPENSSL_EXPORT ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s, int offset_day,
- long offset_sec, time_t *t);
+// X509_ATTRIBUTE_new returns a newly-allocated, empty |X509_ATTRIBUTE| object,
+// or NULL on error. |X509_ATTRIBUTE_set1_*| may be used to finish initializing
+// it.
+OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_new(void);
-// X509_gmtime_adj behaves like |X509_time_adj_ex| but adds |offset_sec| to the
-// current time.
-OPENSSL_EXPORT ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long offset_sec);
+// X509_ATTRIBUTE_dup returns a newly-allocated copy of |attr|, or NULL on
+// error. This function works by serializing the structure, so if |attr| is
+// incomplete, it may fail.
+OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_dup(const X509_ATTRIBUTE *attr);
-OPENSSL_EXPORT const char *X509_get_default_cert_area(void);
-OPENSSL_EXPORT const char *X509_get_default_cert_dir(void);
-OPENSSL_EXPORT const char *X509_get_default_cert_file(void);
-OPENSSL_EXPORT const char *X509_get_default_cert_dir_env(void);
-OPENSSL_EXPORT const char *X509_get_default_cert_file_env(void);
-OPENSSL_EXPORT const char *X509_get_default_private_dir(void);
+// X509_ATTRIBUTE_free releases memory associated with |attr|.
+OPENSSL_EXPORT void X509_ATTRIBUTE_free(X509_ATTRIBUTE *attr);
-DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
+// d2i_X509_ATTRIBUTE parses up to |len| bytes from |*inp| as a DER-encoded
+// Attribute (RFC 2986), as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **out,
+ const uint8_t **inp,
+ long len);
-DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
-
-// X509_PUBKEY_set serializes |pkey| into a newly-allocated |X509_PUBKEY|
-// structure. On success, it frees |*x|, sets |*x| to the new object, and
-// returns one. Otherwise, it returns zero.
-OPENSSL_EXPORT int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
-
-// X509_PUBKEY_get decodes the public key in |key| and returns an |EVP_PKEY| on
-// success, or NULL on error. The caller must release the result with
-// |EVP_PKEY_free| when done. The |EVP_PKEY| is cached in |key|, so callers must
-// not mutate the result.
-OPENSSL_EXPORT EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
-
-DECLARE_ASN1_FUNCTIONS(X509_SIG)
-DECLARE_ASN1_FUNCTIONS(X509_REQ)
-
-DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
+// i2d_X509_ATTRIBUTE marshals |alg| as a DER-encoded Attribute (RFC 2986), as
+// described in |i2d_SAMPLE|.
+OPENSSL_EXPORT int i2d_X509_ATTRIBUTE(const X509_ATTRIBUTE *alg,
+ uint8_t **outp);
// X509_ATTRIBUTE_create returns a newly-allocated |X509_ATTRIBUTE|, or NULL on
// error. The attribute has type |nid| and contains a single value determined by
@@ -824,890 +1442,6 @@
OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int attrtype,
void *value);
-DECLARE_ASN1_FUNCTIONS(X509_EXTENSION)
-DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
-
-DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
-
-DECLARE_ASN1_FUNCTIONS(X509_NAME)
-
-// X509_NAME_set makes a copy of |name|. On success, it frees |*xn|, sets |*xn|
-// to the copy, and returns one. Otherwise, it returns zero.
-OPENSSL_EXPORT int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
-
-DECLARE_ASN1_FUNCTIONS(X509)
-
-// X509_up_ref adds one to the reference count of |x509| and returns one.
-OPENSSL_EXPORT int X509_up_ref(X509 *x509);
-
-OPENSSL_EXPORT int X509_get_ex_new_index(long argl, void *argp,
- CRYPTO_EX_unused *unused,
- CRYPTO_EX_dup *dup_unused,
- CRYPTO_EX_free *free_func);
-OPENSSL_EXPORT int X509_set_ex_data(X509 *r, int idx, void *arg);
-OPENSSL_EXPORT void *X509_get_ex_data(X509 *r, int idx);
-
-// i2d_re_X509_tbs serializes the TBSCertificate portion of |x509|, as described
-// in |i2d_SAMPLE|.
-//
-// This function re-encodes the TBSCertificate and may not reflect |x509|'s
-// original encoding. It may be used to manually generate a signature for a new
-// certificate. To verify certificates, use |i2d_X509_tbs| instead.
-OPENSSL_EXPORT int i2d_re_X509_tbs(X509 *x509, unsigned char **outp);
-
-// i2d_X509_tbs serializes the TBSCertificate portion of |x509|, as described in
-// |i2d_SAMPLE|.
-//
-// This function preserves the original encoding of the TBSCertificate and may
-// not reflect modifications made to |x509|. It may be used to manually verify
-// the signature of an existing certificate. To generate certificates, use
-// |i2d_re_X509_tbs| instead.
-OPENSSL_EXPORT int i2d_X509_tbs(X509 *x509, unsigned char **outp);
-
-// X509_set1_signature_algo sets |x509|'s signature algorithm to |algo| and
-// returns one on success or zero on error. It updates both the signature field
-// of the TBSCertificate structure, and the signatureAlgorithm field of the
-// Certificate.
-OPENSSL_EXPORT int X509_set1_signature_algo(X509 *x509, const X509_ALGOR *algo);
-
-// X509_set1_signature_value sets |x509|'s signature to a copy of the |sig_len|
-// bytes pointed by |sig|. It returns one on success and zero on error.
-//
-// Due to a specification error, X.509 certificates store signatures in ASN.1
-// BIT STRINGs, but signature algorithms return byte strings rather than bit
-// strings. This function creates a BIT STRING containing a whole number of
-// bytes, with the bit order matching the DER encoding. This matches the
-// encoding used by all X.509 signature algorithms.
-OPENSSL_EXPORT int X509_set1_signature_value(X509 *x509, const uint8_t *sig,
- size_t sig_len);
-
-// X509_get0_signature sets |*out_sig| and |*out_alg| to the signature and
-// signature algorithm of |x509|, respectively. Either output pointer may be
-// NULL to ignore the value.
-//
-// This function outputs the outer signature algorithm. For the one in the
-// TBSCertificate, see |X509_get0_tbs_sigalg|. Certificates with mismatched
-// signature algorithms will successfully parse, but they will be rejected when
-// verifying.
-OPENSSL_EXPORT void X509_get0_signature(const ASN1_BIT_STRING **out_sig,
- const X509_ALGOR **out_alg,
- const X509 *x509);
-
-// X509_get_signature_nid returns the NID corresponding to |x509|'s signature
-// algorithm, or |NID_undef| if the signature algorithm does not correspond to
-// a known NID.
-OPENSSL_EXPORT int X509_get_signature_nid(const X509 *x509);
-
-
-// Auxiliary properties.
-//
-// |X509| objects optionally maintain auxiliary properties. These are not part
-// of the certificates themselves, and thus are not covered by signatures or
-// preserved by the standard serialization. They are used as inputs or outputs
-// to other functions in this library.
-
-// i2d_X509_AUX marshals |x509| as a DER-encoded X.509 Certificate (RFC 5280),
-// followed optionally by a separate, OpenSSL-specific structure with auxiliary
-// properties. It behaves as described in |i2d_SAMPLE|.
-//
-// Unlike similarly-named functions, this function does not output a single
-// ASN.1 element. Directly embedding the output in a larger ASN.1 structure will
-// not behave correctly.
-OPENSSL_EXPORT int i2d_X509_AUX(X509 *x509, unsigned char **outp);
-
-// d2i_X509_AUX parses up to |length| bytes from |*inp| as a DER-encoded X.509
-// Certificate (RFC 5280), followed optionally by a separate, OpenSSL-specific
-// structure with auxiliary properties. It behaves as described in
-// |d2i_SAMPLE_with_reuse|.
-//
-// Some auxiliary properties affect trust decisions, so this function should not
-// be used with untrusted input.
-//
-// Unlike similarly-named functions, this function does not parse a single
-// ASN.1 element. Trying to parse data directly embedded in a larger ASN.1
-// structure will not behave correctly.
-OPENSSL_EXPORT X509 *d2i_X509_AUX(X509 **x509, const unsigned char **inp,
- long length);
-
-// X509_alias_set1 sets |x509|'s alias to |len| bytes from |name|. If |name| is
-// NULL, the alias is cleared instead. Aliases are not part of the certificate
-// itself and will not be serialized by |i2d_X509|.
-OPENSSL_EXPORT int X509_alias_set1(X509 *x509, const unsigned char *name,
- int len);
-
-// X509_keyid_set1 sets |x509|'s key ID to |len| bytes from |id|. If |id| is
-// NULL, the key ID is cleared instead. Key IDs are not part of the certificate
-// itself and will not be serialized by |i2d_X509|.
-OPENSSL_EXPORT int X509_keyid_set1(X509 *x509, const unsigned char *id,
- int len);
-
-// X509_alias_get0 looks up |x509|'s alias. If found, it sets |*out_len| to the
-// alias's length and returns a pointer to a buffer containing the contents. If
-// not found, it outputs the empty string by returning NULL and setting
-// |*out_len| to zero.
-//
-// If |x509| was parsed from a PKCS#12 structure (see
-// |PKCS12_get_key_and_certs|), the alias will reflect the friendlyName
-// attribute (RFC 2985).
-//
-// WARNING: In OpenSSL, this function did not set |*out_len| when the alias was
-// missing. Callers that target both OpenSSL and BoringSSL should set the value
-// to zero before calling this function.
-OPENSSL_EXPORT unsigned char *X509_alias_get0(X509 *x509, int *out_len);
-
-// X509_keyid_get0 looks up |x509|'s key ID. If found, it sets |*out_len| to the
-// key ID's length and returns a pointer to a buffer containing the contents. If
-// not found, it outputs the empty string by returning NULL and setting
-// |*out_len| to zero.
-//
-// WARNING: In OpenSSL, this function did not set |*out_len| when the alias was
-// missing. Callers that target both OpenSSL and BoringSSL should set the value
-// to zero before calling this function.
-OPENSSL_EXPORT unsigned char *X509_keyid_get0(X509 *x509, int *out_len);
-
-OPENSSL_EXPORT int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
-OPENSSL_EXPORT int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
-OPENSSL_EXPORT void X509_trust_clear(X509 *x);
-OPENSSL_EXPORT void X509_reject_clear(X509 *x);
-
-
-OPENSSL_EXPORT int X509_TRUST_set(int *t, int trust);
-
-DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
-DECLARE_ASN1_FUNCTIONS(X509_CRL)
-
-OPENSSL_EXPORT int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
-OPENSSL_EXPORT int X509_CRL_get0_by_serial(X509_CRL *crl, X509_REVOKED **ret,
- ASN1_INTEGER *serial);
-OPENSSL_EXPORT int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret,
- X509 *x);
-
-OPENSSL_EXPORT X509_PKEY *X509_PKEY_new(void);
-OPENSSL_EXPORT void X509_PKEY_free(X509_PKEY *a);
-
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
-
-OPENSSL_EXPORT X509_INFO *X509_INFO_new(void);
-OPENSSL_EXPORT void X509_INFO_free(X509_INFO *a);
-OPENSSL_EXPORT char *X509_NAME_oneline(const X509_NAME *a, char *buf, int size);
-
-OPENSSL_EXPORT int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
- unsigned char *md, unsigned int *len);
-
-OPENSSL_EXPORT int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type,
- void *data, unsigned char *md,
- unsigned int *len);
-
-OPENSSL_EXPORT int ASN1_item_verify(const ASN1_ITEM *it,
- const X509_ALGOR *algor1,
- const ASN1_BIT_STRING *signature,
- void *data, EVP_PKEY *pkey);
-
-OPENSSL_EXPORT int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
- X509_ALGOR *algor2,
- ASN1_BIT_STRING *signature, void *data,
- EVP_PKEY *pkey, const EVP_MD *type);
-OPENSSL_EXPORT int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
- X509_ALGOR *algor2,
- ASN1_BIT_STRING *signature, void *asn,
- EVP_MD_CTX *ctx);
-
-// X509_get_serialNumber returns a mutable pointer to |x509|'s serial number.
-// Prefer |X509_get0_serialNumber|.
-OPENSSL_EXPORT ASN1_INTEGER *X509_get_serialNumber(X509 *x509);
-
-// X509_set_issuer_name sets |x509|'s issuer to a copy of |name|. It returns one
-// on success and zero on error.
-OPENSSL_EXPORT int X509_set_issuer_name(X509 *x509, X509_NAME *name);
-
-// X509_get_issuer_name returns |x509|'s issuer.
-OPENSSL_EXPORT X509_NAME *X509_get_issuer_name(const X509 *x509);
-
-// X509_set_subject_name sets |x509|'s subject to a copy of |name|. It returns
-// one on success and zero on error.
-OPENSSL_EXPORT int X509_set_subject_name(X509 *x509, X509_NAME *name);
-
-// X509_get_issuer_name returns |x509|'s subject.
-OPENSSL_EXPORT X509_NAME *X509_get_subject_name(const X509 *x509);
-
-// X509_set_pubkey sets |x509|'s public key to |pkey|. It returns one on success
-// and zero on error. This function does not take ownership of |pkey| and
-// internally copies and updates reference counts as needed.
-OPENSSL_EXPORT int X509_set_pubkey(X509 *x509, EVP_PKEY *pkey);
-
-// X509_get_pubkey returns |x509|'s public key as an |EVP_PKEY|, or NULL if the
-// public key was unsupported or could not be decoded. This function returns a
-// reference to the |EVP_PKEY|. The caller must release the result with
-// |EVP_PKEY_free| when done.
-OPENSSL_EXPORT EVP_PKEY *X509_get_pubkey(X509 *x509);
-
-// X509_get0_pubkey_bitstr returns the BIT STRING portion of |x509|'s public
-// key. Note this does not contain the AlgorithmIdentifier portion.
-//
-// WARNING: This function returns a non-const pointer for OpenSSL compatibility,
-// but the caller must not modify the resulting object. Doing so will break
-// internal invariants in |x509|.
-OPENSSL_EXPORT ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x509);
-
-// X509_get0_extensions returns |x509|'s extension list, or NULL if |x509| omits
-// it.
-OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_get0_extensions(
- const X509 *x509);
-
-// X509_get0_tbs_sigalg returns the signature algorithm in |x509|'s
-// TBSCertificate. For the outer signature algorithm, see |X509_get0_signature|.
-//
-// Certificates with mismatched signature algorithms will successfully parse,
-// but they will be rejected when verifying.
-OPENSSL_EXPORT const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x509);
-
-// X509_REQ_set_version sets |req|'s version to |version|, which should be
-// |X509_REQ_VERSION_1|. It returns one on success and zero on error.
-//
-// The only defined CSR version is |X509_REQ_VERSION_1|, so there is no need to
-// call this function.
-OPENSSL_EXPORT int X509_REQ_set_version(X509_REQ *req, long version);
-
-// X509_REQ_set_subject_name sets |req|'s subject to a copy of |name|. It
-// returns one on success and zero on error.
-OPENSSL_EXPORT int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
-
-// X509_REQ_get0_signature sets |*out_sig| and |*out_alg| to the signature and
-// signature algorithm of |req|, respectively. Either output pointer may be NULL
-// to ignore the value.
-OPENSSL_EXPORT void X509_REQ_get0_signature(const X509_REQ *req,
- const ASN1_BIT_STRING **out_sig,
- const X509_ALGOR **out_alg);
-
-// X509_REQ_get_signature_nid returns the NID corresponding to |req|'s signature
-// algorithm, or |NID_undef| if the signature algorithm does not correspond to
-// a known NID.
-OPENSSL_EXPORT int X509_REQ_get_signature_nid(const X509_REQ *req);
-
-// i2d_re_X509_REQ_tbs serializes the CertificationRequestInfo (see RFC 2986)
-// portion of |req|, as described in |i2d_SAMPLE|.
-//
-// This function re-encodes the CertificationRequestInfo and may not reflect
-// |req|'s original encoding. It may be used to manually generate a signature
-// for a new certificate request.
-OPENSSL_EXPORT int i2d_re_X509_REQ_tbs(X509_REQ *req, uint8_t **outp);
-
-// X509_REQ_set_pubkey sets |req|'s public key to |pkey|. It returns one on
-// success and zero on error. This function does not take ownership of |pkey|
-// and internally copies and updates reference counts as needed.
-OPENSSL_EXPORT int X509_REQ_set_pubkey(X509_REQ *req, EVP_PKEY *pkey);
-
-// X509_REQ_get_pubkey returns |req|'s public key as an |EVP_PKEY|, or NULL if
-// the public key was unsupported or could not be decoded. This function returns
-// a reference to the |EVP_PKEY|. The caller must release the result with
-// |EVP_PKEY_free| when done.
-OPENSSL_EXPORT EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
-
-// X509_REQ_extension_nid returns one if |nid| is a supported CSR attribute type
-// for carrying extensions and zero otherwise. The supported types are
-// |NID_ext_req| (pkcs-9-at-extensionRequest from RFC 2985) and |NID_ms_ext_req|
-// (a Microsoft szOID_CERT_EXTENSIONS variant).
-OPENSSL_EXPORT int X509_REQ_extension_nid(int nid);
-
-// X509_REQ_get_extensions decodes the list of requested extensions in |req| and
-// returns a newly-allocated |STACK_OF(X509_EXTENSION)| containing the result.
-// It returns NULL on error, or if |req| did not request extensions.
-//
-// This function supports both pkcs-9-at-extensionRequest from RFC 2985 and the
-// Microsoft szOID_CERT_EXTENSIONS variant.
-OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
-
-// X509_REQ_add_extensions_nid adds an attribute to |req| of type |nid|, to
-// request the certificate extensions in |exts|. It returns one on success and
-// zero on error. |nid| should be |NID_ext_req| or |NID_ms_ext_req|.
-OPENSSL_EXPORT int X509_REQ_add_extensions_nid(
- X509_REQ *req, const STACK_OF(X509_EXTENSION) *exts, int nid);
-
-// X509_REQ_add_extensions behaves like |X509_REQ_add_extensions_nid|, using the
-// standard |NID_ext_req| for the attribute type.
-OPENSSL_EXPORT int X509_REQ_add_extensions(
- X509_REQ *req, const STACK_OF(X509_EXTENSION) *exts);
-
-// X509_REQ_get_attr_count returns the number of attributes in |req|.
-OPENSSL_EXPORT int X509_REQ_get_attr_count(const X509_REQ *req);
-
-// X509_REQ_get_attr_by_NID returns the index of the attribute in |req| of type
-// |nid|, or a negative number if not found. If found, callers can use
-// |X509_REQ_get_attr| to look up the attribute by index.
-//
-// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
-// can thus loop over all matching attributes by first passing -1 and then
-// passing the previously-returned value until no match is returned.
-OPENSSL_EXPORT int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
- int lastpos);
-
-// X509_REQ_get_attr_by_OBJ behaves like |X509_REQ_get_attr_by_NID| but looks
-// for attributes of type |obj|.
-OPENSSL_EXPORT int X509_REQ_get_attr_by_OBJ(const X509_REQ *req,
- const ASN1_OBJECT *obj,
- int lastpos);
-
-// X509_REQ_get_attr returns the attribute at index |loc| in |req|, or NULL if
-// out of bounds.
-OPENSSL_EXPORT X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
-
-// X509_REQ_delete_attr removes the attribute at index |loc| in |req|. It
-// returns the removed attribute to the caller, or NULL if |loc| was out of
-// bounds. If non-NULL, the caller must release the result with
-// |X509_ATTRIBUTE_free| when done. It is also safe, but not necessary, to call
-// |X509_ATTRIBUTE_free| if the result is NULL.
-OPENSSL_EXPORT X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
-
-// X509_REQ_add1_attr appends a copy of |attr| to |req|'s list of attributes. It
-// returns one on success and zero on error.
-//
-// TODO(https://crbug.com/boringssl/407): |attr| should be const.
-OPENSSL_EXPORT int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
-
-// X509_REQ_add1_attr_by_OBJ appends a new attribute to |req| with type |obj|.
-// It returns one on success and zero on error. The value is determined by
-// |X509_ATTRIBUTE_set1_data|.
-//
-// WARNING: The interpretation of |attrtype|, |data|, and |len| is complex and
-// error-prone. See |X509_ATTRIBUTE_set1_data| for details.
-OPENSSL_EXPORT int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
- const ASN1_OBJECT *obj,
- int attrtype,
- const unsigned char *data,
- int len);
-
-// X509_REQ_add1_attr_by_NID behaves like |X509_REQ_add1_attr_by_OBJ| except the
-// attribute type is determined by |nid|.
-OPENSSL_EXPORT int X509_REQ_add1_attr_by_NID(X509_REQ *req, int nid,
- int attrtype,
- const unsigned char *data,
- int len);
-
-// X509_REQ_add1_attr_by_txt behaves like |X509_REQ_add1_attr_by_OBJ| except the
-// attribute type is determined by calling |OBJ_txt2obj| with |attrname|.
-OPENSSL_EXPORT int X509_REQ_add1_attr_by_txt(X509_REQ *req,
- const char *attrname, int attrtype,
- const unsigned char *data,
- int len);
-
-// X509_CRL_set_version sets |crl|'s version to |version|, which should be one
-// of the |X509_CRL_VERSION_*| constants. It returns one on success and zero on
-// error.
-//
-// If unsure, use |X509_CRL_VERSION_2|. Note that, unlike certificates, CRL
-// versions are only defined up to v2. Callers should not use |X509_VERSION_3|.
-OPENSSL_EXPORT int X509_CRL_set_version(X509_CRL *crl, long version);
-
-// X509_CRL_set_issuer_name sets |crl|'s issuer to a copy of |name|. It returns
-// one on success and zero on error.
-OPENSSL_EXPORT int X509_CRL_set_issuer_name(X509_CRL *crl, X509_NAME *name);
-
-OPENSSL_EXPORT int X509_CRL_sort(X509_CRL *crl);
-
-// X509_CRL_up_ref adds one to the reference count of |crl| and returns one.
-OPENSSL_EXPORT int X509_CRL_up_ref(X509_CRL *crl);
-
-// X509_CRL_get0_signature sets |*out_sig| and |*out_alg| to the signature and
-// signature algorithm of |crl|, respectively. Either output pointer may be NULL
-// to ignore the value.
-//
-// This function outputs the outer signature algorithm, not the one in the
-// TBSCertList. CRLs with mismatched signature algorithms will successfully
-// parse, but they will be rejected when verifying.
-OPENSSL_EXPORT void X509_CRL_get0_signature(const X509_CRL *crl,
- const ASN1_BIT_STRING **out_sig,
- const X509_ALGOR **out_alg);
-
-// X509_CRL_get_signature_nid returns the NID corresponding to |crl|'s signature
-// algorithm, or |NID_undef| if the signature algorithm does not correspond to
-// a known NID.
-OPENSSL_EXPORT int X509_CRL_get_signature_nid(const X509_CRL *crl);
-
-// i2d_re_X509_CRL_tbs serializes the TBSCertList portion of |crl|, as described
-// in |i2d_SAMPLE|.
-//
-// This function re-encodes the TBSCertList and may not reflect |crl|'s original
-// encoding. It may be used to manually generate a signature for a new CRL. To
-// verify CRLs, use |i2d_X509_CRL_tbs| instead.
-OPENSSL_EXPORT int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp);
-
-// i2d_X509_CRL_tbs serializes the TBSCertList portion of |crl|, as described in
-// |i2d_SAMPLE|.
-//
-// This function preserves the original encoding of the TBSCertList and may not
-// reflect modifications made to |crl|. It may be used to manually verify the
-// signature of an existing CRL. To generate CRLs, use |i2d_re_X509_CRL_tbs|
-// instead.
-OPENSSL_EXPORT int i2d_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp);
-
-// X509_CRL_set1_signature_algo sets |crl|'s signature algorithm to |algo| and
-// returns one on success or zero on error. It updates both the signature field
-// of the TBSCertList structure, and the signatureAlgorithm field of the CRL.
-OPENSSL_EXPORT int X509_CRL_set1_signature_algo(X509_CRL *crl,
- const X509_ALGOR *algo);
-
-// X509_CRL_set1_signature_value sets |crl|'s signature to a copy of the
-// |sig_len| bytes pointed by |sig|. It returns one on success and zero on
-// error.
-//
-// Due to a specification error, X.509 CRLs store signatures in ASN.1 BIT
-// STRINGs, but signature algorithms return byte strings rather than bit
-// strings. This function creates a BIT STRING containing a whole number of
-// bytes, with the bit order matching the DER encoding. This matches the
-// encoding used by all X.509 signature algorithms.
-OPENSSL_EXPORT int X509_CRL_set1_signature_value(X509_CRL *crl,
- const uint8_t *sig,
- size_t sig_len);
-
-// X509_REVOKED_get0_serialNumber returns the serial number of the certificate
-// revoked by |revoked|.
-OPENSSL_EXPORT const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(
- const X509_REVOKED *revoked);
-
-// X509_REVOKED_set_serialNumber sets |revoked|'s serial number to |serial|. It
-// returns one on success or zero on error.
-OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *revoked,
- const ASN1_INTEGER *serial);
-
-// X509_REVOKED_get0_revocationDate returns the revocation time of the
-// certificate revoked by |revoked|.
-OPENSSL_EXPORT const ASN1_TIME *X509_REVOKED_get0_revocationDate(
- const X509_REVOKED *revoked);
-
-// X509_REVOKED_set_revocationDate sets |revoked|'s revocation time to |tm|. It
-// returns one on success or zero on error.
-OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *revoked,
- const ASN1_TIME *tm);
-
-// X509_REVOKED_get0_extensions returns |r|'s extensions list, or NULL if |r|
-// omits it.
-OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(
- const X509_REVOKED *r);
-
-OPENSSL_EXPORT X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
- EVP_PKEY *skey, const EVP_MD *md,
- unsigned int flags);
-
-OPENSSL_EXPORT int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey);
-
-OPENSSL_EXPORT int X509_check_private_key(X509 *x509, const EVP_PKEY *pkey);
-OPENSSL_EXPORT int X509_chain_check_suiteb(int *perror_depth, X509 *x,
- STACK_OF(X509) *chain,
- unsigned long flags);
-OPENSSL_EXPORT int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk,
- unsigned long flags);
-
-// X509_chain_up_ref returns a newly-allocated |STACK_OF(X509)| containing a
-// shallow copy of |chain|, or NULL on error. That is, the return value has the
-// same contents as |chain|, and each |X509|'s reference count is incremented by
-// one.
-OPENSSL_EXPORT STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
-
-OPENSSL_EXPORT int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
-
-OPENSSL_EXPORT int X509_issuer_name_cmp(const X509 *a, const X509 *b);
-OPENSSL_EXPORT unsigned long X509_issuer_name_hash(X509 *a);
-
-OPENSSL_EXPORT int X509_subject_name_cmp(const X509 *a, const X509 *b);
-OPENSSL_EXPORT unsigned long X509_subject_name_hash(X509 *x);
-
-OPENSSL_EXPORT unsigned long X509_issuer_name_hash_old(X509 *a);
-OPENSSL_EXPORT unsigned long X509_subject_name_hash_old(X509 *x);
-
-OPENSSL_EXPORT int X509_cmp(const X509 *a, const X509 *b);
-OPENSSL_EXPORT int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
-OPENSSL_EXPORT unsigned long X509_NAME_hash(X509_NAME *x);
-OPENSSL_EXPORT unsigned long X509_NAME_hash_old(X509_NAME *x);
-
-OPENSSL_EXPORT int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
-OPENSSL_EXPORT int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
-OPENSSL_EXPORT int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag,
- unsigned long cflag);
-OPENSSL_EXPORT int X509_print_fp(FILE *bp, X509 *x);
-OPENSSL_EXPORT int X509_CRL_print_fp(FILE *bp, X509_CRL *x);
-OPENSSL_EXPORT int X509_REQ_print_fp(FILE *bp, X509_REQ *req);
-OPENSSL_EXPORT int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm,
- int indent, unsigned long flags);
-
-OPENSSL_EXPORT int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase);
-OPENSSL_EXPORT int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent,
- unsigned long flags);
-OPENSSL_EXPORT int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag,
- unsigned long cflag);
-OPENSSL_EXPORT int X509_print(BIO *bp, X509 *x);
-OPENSSL_EXPORT int X509_ocspid_print(BIO *bp, X509 *x);
-OPENSSL_EXPORT int X509_CRL_print(BIO *bp, X509_CRL *x);
-OPENSSL_EXPORT int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag,
- unsigned long cflag);
-OPENSSL_EXPORT int X509_REQ_print(BIO *bp, X509_REQ *req);
-
-OPENSSL_EXPORT int X509_NAME_entry_count(const X509_NAME *name);
-OPENSSL_EXPORT int X509_NAME_get_text_by_NID(const X509_NAME *name, int nid,
- char *buf, int len);
-OPENSSL_EXPORT int X509_NAME_get_text_by_OBJ(const X509_NAME *name,
- const ASN1_OBJECT *obj, char *buf,
- int len);
-
-// NOTE: you should be passsing -1, not 0 as lastpos. The functions that use
-// lastpos, search after that position on.
-OPENSSL_EXPORT int X509_NAME_get_index_by_NID(const X509_NAME *name, int nid,
- int lastpos);
-OPENSSL_EXPORT int X509_NAME_get_index_by_OBJ(const X509_NAME *name,
- const ASN1_OBJECT *obj,
- int lastpos);
-OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name,
- int loc);
-OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name,
- int loc);
-OPENSSL_EXPORT int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne,
- int loc, int set);
-OPENSSL_EXPORT int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
- int type,
- const unsigned char *bytes,
- int len, int loc, int set);
-OPENSSL_EXPORT int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid,
- int type,
- const unsigned char *bytes,
- int len, int loc, int set);
-OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(
- X509_NAME_ENTRY **ne, const char *field, int type,
- const unsigned char *bytes, int len);
-OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(
- X509_NAME_ENTRY **ne, int nid, int type, const unsigned char *bytes,
- int len);
-OPENSSL_EXPORT int X509_NAME_add_entry_by_txt(X509_NAME *name,
- const char *field, int type,
- const unsigned char *bytes,
- int len, int loc, int set);
-OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(
- X509_NAME_ENTRY **ne, const ASN1_OBJECT *obj, int type,
- const unsigned char *bytes, int len);
-OPENSSL_EXPORT int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne,
- const ASN1_OBJECT *obj);
-OPENSSL_EXPORT int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
- const unsigned char *bytes,
- int len);
-OPENSSL_EXPORT ASN1_OBJECT *X509_NAME_ENTRY_get_object(
- const X509_NAME_ENTRY *ne);
-OPENSSL_EXPORT ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
-
-// X509v3_get_ext_count returns the number of extensions in |x|.
-OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
-
-// X509v3_get_ext_by_NID returns the index of the first extension in |x| with
-// type |nid|, or a negative number if not found. If found, callers can use
-// |X509v3_get_ext| to look up the extension by index.
-//
-// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
-// can thus loop over all matching extensions by first passing -1 and then
-// passing the previously-returned value until no match is returned.
-OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
- int nid, int lastpos);
-
-// X509v3_get_ext_by_OBJ behaves like |X509v3_get_ext_by_NID| but looks for
-// extensions matching |obj|.
-OPENSSL_EXPORT int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
- const ASN1_OBJECT *obj, int lastpos);
-
-// X509v3_get_ext_by_critical returns the index of the first extension in |x|
-// whose critical bit matches |crit|, or a negative number if no such extension
-// was found.
-//
-// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
-// can thus loop over all matching extensions by first passing -1 and then
-// passing the previously-returned value until no match is returned.
-OPENSSL_EXPORT int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
- int crit, int lastpos);
-
-// X509v3_get_ext returns the extension in |x| at index |loc|, or NULL if |loc|
-// is out of bounds.
-OPENSSL_EXPORT X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x,
- int loc);
-
-// X509v3_delete_ext removes the extension in |x| at index |loc| and returns the
-// removed extension, or NULL if |loc| was out of bounds. If an extension was
-// returned, the caller must release it with |X509_EXTENSION_free|.
-OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x,
- int loc);
-
-// X509v3_add_ext adds a copy of |ex| to the extension list in |*x|. If |*x| is
-// NULL, it allocates a new |STACK_OF(X509_EXTENSION)| to hold the copy and sets
-// |*x| to the new list. It returns |*x| on success and NULL on error. The
-// caller retains ownership of |ex| and can release it independently of |*x|.
-//
-// The new extension is inserted at index |loc|, shifting extensions to the
-// right. If |loc| is -1 or out of bounds, the new extension is appended to the
-// list.
-OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509v3_add_ext(
- STACK_OF(X509_EXTENSION) **x, X509_EXTENSION *ex, int loc);
-
-// X509_get_ext_count returns the number of extensions in |x|.
-OPENSSL_EXPORT int X509_get_ext_count(const X509 *x);
-
-// X509_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches for
-// extensions in |x|.
-OPENSSL_EXPORT int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
-
-// X509_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches for
-// extensions in |x|.
-OPENSSL_EXPORT int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj,
- int lastpos);
-
-// X509_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| but
-// searches for extensions in |x|.
-OPENSSL_EXPORT int X509_get_ext_by_critical(const X509 *x, int crit,
- int lastpos);
-
-// X509_get_ext returns the extension in |x| at index |loc|, or NULL if |loc| is
-// out of bounds.
-OPENSSL_EXPORT X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
-
-// X509_delete_ext removes the extension in |x| at index |loc| and returns the
-// removed extension, or NULL if |loc| was out of bounds. If non-NULL, the
-// caller must release the result with |X509_EXTENSION_free|. It is also safe,
-// but not necessary, to call |X509_EXTENSION_free| if the result is NULL.
-OPENSSL_EXPORT X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
-
-// X509_add_ext adds a copy of |ex| to |x|. It returns one on success and zero
-// on failure. The caller retains ownership of |ex| and can release it
-// independently of |x|.
-//
-// The new extension is inserted at index |loc|, shifting extensions to the
-// right. If |loc| is -1 or out of bounds, the new extension is appended to the
-// list.
-OPENSSL_EXPORT int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
-
-// X509_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the extension in
-// |x509|'s extension list.
-//
-// WARNING: This function is difficult to use correctly. See the documentation
-// for |X509V3_get_d2i| for details.
-OPENSSL_EXPORT void *X509_get_ext_d2i(const X509 *x509, int nid,
- int *out_critical, int *out_idx);
-
-// X509_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the extension to
-// |x|'s extension list.
-//
-// WARNING: This function may return zero or -1 on error. The caller must also
-// ensure |value|'s type matches |nid|. See the documentation for
-// |X509V3_add1_i2d| for details.
-OPENSSL_EXPORT int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
- unsigned long flags);
-
-// X509_CRL_get_ext_count returns the number of extensions in |x|.
-OPENSSL_EXPORT int X509_CRL_get_ext_count(const X509_CRL *x);
-
-// X509_CRL_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches for
-// extensions in |x|.
-OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid,
- int lastpos);
-
-// X509_CRL_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches for
-// extensions in |x|.
-OPENSSL_EXPORT int X509_CRL_get_ext_by_OBJ(const X509_CRL *x,
- const ASN1_OBJECT *obj, int lastpos);
-
-// X509_CRL_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| but
-// searches for extensions in |x|.
-OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit,
- int lastpos);
-
-// X509_CRL_get_ext returns the extension in |x| at index |loc|, or NULL if
-// |loc| is out of bounds.
-OPENSSL_EXPORT X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
-
-// X509_CRL_delete_ext removes the extension in |x| at index |loc| and returns
-// the removed extension, or NULL if |loc| was out of bounds. If non-NULL, the
-// caller must release the result with |X509_EXTENSION_free|. It is also safe,
-// but not necessary, to call |X509_EXTENSION_free| if the result is NULL.
-OPENSSL_EXPORT X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
-
-// X509_CRL_add_ext adds a copy of |ex| to |x|. It returns one on success and
-// zero on failure. The caller retains ownership of |ex| and can release it
-// independently of |x|.
-//
-// The new extension is inserted at index |loc|, shifting extensions to the
-// right. If |loc| is -1 or out of bounds, the new extension is appended to the
-// list.
-OPENSSL_EXPORT int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
-
-// X509_CRL_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the
-// extension in |crl|'s extension list.
-//
-// WARNING: This function is difficult to use correctly. See the documentation
-// for |X509V3_get_d2i| for details.
-OPENSSL_EXPORT void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid,
- int *out_critical, int *out_idx);
-
-// X509_CRL_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the extension
-// to |x|'s extension list.
-//
-// WARNING: This function may return zero or -1 on error. The caller must also
-// ensure |value|'s type matches |nid|. See the documentation for
-// |X509V3_add1_i2d| for details.
-OPENSSL_EXPORT int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value,
- int crit, unsigned long flags);
-
-// X509_REVOKED_get_ext_count returns the number of extensions in |x|.
-OPENSSL_EXPORT int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
-
-// X509_REVOKED_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches
-// for extensions in |x|.
-OPENSSL_EXPORT int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid,
- int lastpos);
-
-// X509_REVOKED_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches
-// for extensions in |x|.
-OPENSSL_EXPORT int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x,
- const ASN1_OBJECT *obj,
- int lastpos);
-
-// X509_REVOKED_get_ext_by_critical behaves like |X509v3_get_ext_by_critical|
-// but searches for extensions in |x|.
-OPENSSL_EXPORT int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x,
- int crit, int lastpos);
-
-// X509_REVOKED_get_ext returns the extension in |x| at index |loc|, or NULL if
-// |loc| is out of bounds.
-OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x,
- int loc);
-
-// X509_REVOKED_delete_ext removes the extension in |x| at index |loc| and
-// returns the removed extension, or NULL if |loc| was out of bounds. If
-// non-NULL, the caller must release the result with |X509_EXTENSION_free|. It
-// is also safe, but not necessary, to call |X509_EXTENSION_free| if the result
-// is NULL.
-OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x,
- int loc);
-
-// X509_REVOKED_add_ext adds a copy of |ex| to |x|. It returns one on success
-// and zero on failure. The caller retains ownership of |ex| and can release it
-// independently of |x|.
-//
-// The new extension is inserted at index |loc|, shifting extensions to the
-// right. If |loc| is -1 or out of bounds, the new extension is appended to the
-// list.
-OPENSSL_EXPORT int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex,
- int loc);
-
-// X509_REVOKED_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the
-// extension in |revoked|'s extension list.
-//
-// WARNING: This function is difficult to use correctly. See the documentation
-// for |X509V3_get_d2i| for details.
-OPENSSL_EXPORT void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *revoked,
- int nid, int *out_critical,
- int *out_idx);
-
-// X509_REVOKED_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the
-// extension to |x|'s extension list.
-//
-// WARNING: This function may return zero or -1 on error. The caller must also
-// ensure |value|'s type matches |nid|. See the documentation for
-// |X509V3_add1_i2d| for details.
-OPENSSL_EXPORT int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid,
- void *value, int crit,
- unsigned long flags);
-
-// X509_EXTENSION_create_by_NID creates a new |X509_EXTENSION| with type |nid|,
-// value |data|, and critical bit |crit|. It returns the newly-allocated
-// |X509_EXTENSION| on success, and false on error. |nid| should be a |NID_*|
-// constant.
-//
-// If |ex| and |*ex| are both non-NULL, it modifies and returns |*ex| instead of
-// creating a new object. If |ex| is non-NULL, but |*ex| is NULL, it sets |*ex|
-// to the new |X509_EXTENSION|, in addition to returning the result.
-OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_NID(
- X509_EXTENSION **ex, int nid, int crit, const ASN1_OCTET_STRING *data);
-
-// X509_EXTENSION_create_by_OBJ behaves like |X509_EXTENSION_create_by_NID|, but
-// the extension type is determined by an |ASN1_OBJECT|.
-OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_OBJ(
- X509_EXTENSION **ex, const ASN1_OBJECT *obj, int crit,
- const ASN1_OCTET_STRING *data);
-
-// X509_EXTENSION_set_object sets |ex|'s extension type to |obj|. It returns one
-// on success and zero on error.
-OPENSSL_EXPORT int X509_EXTENSION_set_object(X509_EXTENSION *ex,
- const ASN1_OBJECT *obj);
-
-// X509_EXTENSION_set_critical sets |ex| to critical if |crit| is non-zero and
-// to non-critical if |crit| is zero.
-OPENSSL_EXPORT int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
-
-// X509_EXTENSION_set_data set's |ex|'s extension value to a copy of |data|. It
-// returns one on success and zero on error.
-OPENSSL_EXPORT int X509_EXTENSION_set_data(X509_EXTENSION *ex,
- const ASN1_OCTET_STRING *data);
-
-// X509_EXTENSION_get_object returns |ex|'s extension type.
-OPENSSL_EXPORT ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
-
-// X509_EXTENSION_get_data returns |ne|'s extension value.
-OPENSSL_EXPORT ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
-
-// X509_EXTENSION_get_critical returns one if |ex| is critical and zero
-// otherwise.
-OPENSSL_EXPORT int X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
-
-// X509at_get_attr_count returns the number of attributes in |x|.
-OPENSSL_EXPORT int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
-
-// X509at_get_attr_by_NID returns the index of the attribute in |x| of type
-// |nid|, or a negative number if not found. If found, callers can use
-// |X509at_get_attr| to look up the attribute by index.
-//
-// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
-// can thus loop over all matching attributes by first passing -1 and then
-// passing the previously-returned value until no match is returned.
-OPENSSL_EXPORT int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x,
- int nid, int lastpos);
-
-// X509at_get_attr_by_OBJ behaves like |X509at_get_attr_by_NID| but looks for
-// attributes of type |obj|.
-OPENSSL_EXPORT int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
- const ASN1_OBJECT *obj, int lastpos);
-
-// X509at_get_attr returns the attribute at index |loc| in |x|, or NULL if
-// out of bounds.
-OPENSSL_EXPORT X509_ATTRIBUTE *X509at_get_attr(
- const STACK_OF(X509_ATTRIBUTE) *x, int loc);
-
-// X509at_delete_attr removes the attribute at index |loc| in |x|. It returns
-// the removed attribute to the caller, or NULL if |loc| was out of bounds. If
-// non-NULL, the caller must release the result with |X509_ATTRIBUTE_free| when
-// done. It is also safe, but not necessary, to call |X509_ATTRIBUTE_free| if
-// the result is NULL.
-OPENSSL_EXPORT X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x,
- int loc);
-
-// X509at_add1_attr appends a copy of |attr| to the attribute list in |*x|. If
-// |*x| is NULL, it allocates a new |STACK_OF(X509_ATTRIBUTE)| to hold the copy
-// and sets |*x| to the new list. It returns |*x| on success and NULL on error.
-// The caller retains ownership of |attr| and can release it independently of
-// |*x|.
-OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(
- STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *attr);
-
-// X509at_add1_attr_by_OBJ behaves like |X509at_add1_attr|, but adds an
-// attribute created by |X509_ATTRIBUTE_create_by_OBJ|.
-OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(
- STACK_OF(X509_ATTRIBUTE) **x, const ASN1_OBJECT *obj, int type,
- const unsigned char *bytes, int len);
-
-// X509at_add1_attr_by_NID behaves like |X509at_add1_attr|, but adds an
-// attribute created by |X509_ATTRIBUTE_create_by_NID|.
-OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(
- STACK_OF(X509_ATTRIBUTE) **x, int nid, int type, const unsigned char *bytes,
- int len);
-
-// X509at_add1_attr_by_txt behaves like |X509at_add1_attr|, but adds an
-// attribute created by |X509_ATTRIBUTE_create_by_txt|.
-OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(
- STACK_OF(X509_ATTRIBUTE) **x, const char *attrname, int type,
- const unsigned char *bytes, int len);
-
// X509_ATTRIBUTE_create_by_NID returns a newly-allocated |X509_ATTRIBUTE| of
// type |nid|, or NULL on error. The value is determined as in
// |X509_ATTRIBUTE_set1_data|.
@@ -1752,8 +1486,6 @@
// |attr|'s type. If |len| is -1, |strlen(data)| is used instead. See
// |ASN1_STRING_set_by_NID| for details.
//
-// TODO(davidben): Document |ASN1_STRING_set_by_NID| so the reference is useful.
-//
// Otherwise, if |len| is not -1, the value is an ASN.1 string. |attrtype| is an
// |ASN1_STRING| type value and the |len| bytes from |data| are copied as the
// type-specific representation of |ASN1_STRING|. See |ASN1_STRING| for details.
@@ -1800,27 +1532,965 @@
OPENSSL_EXPORT ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr,
int idx);
-OPENSSL_EXPORT int X509_verify_cert(X509_STORE_CTX *ctx);
-// lookup a cert from a X509 STACK
-OPENSSL_EXPORT X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,
+// SignedPublicKeyAndChallenge structures.
+//
+// The SignedPublicKeyAndChallenge (SPKAC) is a legacy structure to request
+// certificates, primarily in the legacy <keygen> HTML tag. An SPKAC structure
+// is represented by a |NETSCAPE_SPKI| structure.
+//
+// The structure is described in
+// https://developer.mozilla.org/en-US/docs/Web/HTML/Element/keygen
+
+// A Netscape_spki_st, or |NETSCAPE_SPKI|, represents a
+// SignedPublicKeyAndChallenge structure. Although this structure contains a
+// |spkac| field of type |NETSCAPE_SPKAC|, these are misnamed. The SPKAC is the
+// entire structure, not the signed portion.
+struct Netscape_spki_st {
+ NETSCAPE_SPKAC *spkac;
+ X509_ALGOR *sig_algor;
+ ASN1_BIT_STRING *signature;
+} /* NETSCAPE_SPKI */;
+
+// NETSCAPE_SPKI is an |ASN1_ITEM| whose ASN.1 type is
+// SignedPublicKeyAndChallenge and C type is |NETSCAPE_SPKI*|.
+DECLARE_ASN1_ITEM(NETSCAPE_SPKI)
+
+// NETSCAPE_SPKI_new returns a newly-allocated, empty |NETSCAPE_SPKI| object, or
+// NULL on error.
+OPENSSL_EXPORT NETSCAPE_SPKI *NETSCAPE_SPKI_new(void);
+
+// NETSCAPE_SPKI_free releases memory associated with |spki|.
+OPENSSL_EXPORT void NETSCAPE_SPKI_free(NETSCAPE_SPKI *spki);
+
+// d2i_NETSCAPE_SPKI parses up to |len| bytes from |*inp| as a DER-encoded
+// SignedPublicKeyAndChallenge structure, as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT NETSCAPE_SPKI *d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **out,
+ const uint8_t **inp, long len);
+
+// i2d_NETSCAPE_SPKI marshals |spki| as a DER-encoded
+// SignedPublicKeyAndChallenge structure, as described in |i2d_SAMPLE|.
+OPENSSL_EXPORT int i2d_NETSCAPE_SPKI(const NETSCAPE_SPKI *spki, uint8_t **outp);
+
+// NETSCAPE_SPKI_verify checks that |spki| has a valid signature by |pkey|. It
+// returns one if the signature is valid and zero otherwise.
+OPENSSL_EXPORT int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *spki, EVP_PKEY *pkey);
+
+// NETSCAPE_SPKI_b64_decode decodes |len| bytes from |str| as a base64-encoded
+// SignedPublicKeyAndChallenge structure. It returns a newly-allocated
+// |NETSCAPE_SPKI| structure with the result, or NULL on error. If |len| is 0 or
+// negative, the length is calculated with |strlen| and |str| must be a
+// NUL-terminated C string.
+OPENSSL_EXPORT NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str,
+ ossl_ssize_t len);
+
+// NETSCAPE_SPKI_b64_encode encodes |spki| as a base64-encoded
+// SignedPublicKeyAndChallenge structure. It returns a newly-allocated
+// NUL-terminated C string with the result, or NULL on error. The caller must
+// release the memory with |OPENSSL_free| when done.
+OPENSSL_EXPORT char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki);
+
+// NETSCAPE_SPKI_get_pubkey decodes and returns the public key in |spki| as an
+// |EVP_PKEY|, or NULL on error. The caller takes ownership of the resulting
+// pointer and must call |EVP_PKEY_free| when done.
+OPENSSL_EXPORT EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *spki);
+
+// NETSCAPE_SPKI_set_pubkey sets |spki|'s public key to |pkey|. It returns one
+// on success or zero on error. This function does not take ownership of |pkey|,
+// so the caller may continue to manage its lifetime independently of |spki|.
+OPENSSL_EXPORT int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *spki,
+ EVP_PKEY *pkey);
+
+// NETSCAPE_SPKI_sign signs |spki| with |pkey| and replaces the signature
+// algorithm and signature fields. It returns the length of the signature on
+// success and zero on error. This function uses digest algorithm |md|, or
+// |pkey|'s default if NULL. Other signing parameters use |pkey|'s defaults.
+OPENSSL_EXPORT int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *spki, EVP_PKEY *pkey,
+ const EVP_MD *md);
+
+// A Netscape_spkac_st, or |NETSCAPE_SPKAC|, represents a PublicKeyAndChallenge
+// structure. This type is misnamed. The full SPKAC includes the signature,
+// which is represented with the |NETSCAPE_SPKI| type.
+struct Netscape_spkac_st {
+ X509_PUBKEY *pubkey;
+ ASN1_IA5STRING *challenge;
+} /* NETSCAPE_SPKAC */;
+
+// NETSCAPE_SPKAC is an |ASN1_ITEM| whose ASN.1 type is PublicKeyAndChallenge
+// and C type is |NETSCAPE_SPKAC*|.
+DECLARE_ASN1_ITEM(NETSCAPE_SPKAC)
+
+// NETSCAPE_SPKAC_new returns a newly-allocated, empty |NETSCAPE_SPKAC| object,
+// or NULL on error.
+OPENSSL_EXPORT NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void);
+
+// NETSCAPE_SPKAC_free releases memory associated with |spkac|.
+OPENSSL_EXPORT void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *spkac);
+
+// d2i_NETSCAPE_SPKAC parses up to |len| bytes from |*inp| as a DER-encoded
+// PublicKeyAndChallenge structure, as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **out,
+ const uint8_t **inp,
+ long len);
+
+// i2d_NETSCAPE_SPKAC marshals |spkac| as a DER-encoded PublicKeyAndChallenge
+// structure, as described in |i2d_SAMPLE|.
+OPENSSL_EXPORT int i2d_NETSCAPE_SPKAC(const NETSCAPE_SPKAC *spkac,
+ uint8_t **outp);
+
+
+// Printing functions.
+//
+// The following functions output human-readable representations of
+// X.509-related structures. They should only be used for debugging or logging
+// and not parsed programmatically. In many cases, the outputs are ambiguous, so
+// attempting to parse them can lead to string injection vulnerabilities.
+
+// The following flags control |X509_print_ex| and |X509_REQ_print_ex|.
+
+// X509_FLAG_COMPAT disables all flags. It additionally causes names to be
+// printed with a 16-byte indent.
+#define X509_FLAG_COMPAT 0
+
+// X509_FLAG_NO_HEADER skips a header identifying the type of object printed.
+#define X509_FLAG_NO_HEADER 1L
+
+// X509_FLAG_NO_VERSION skips printing the X.509 version number.
+#define X509_FLAG_NO_VERSION (1L << 1)
+
+// X509_FLAG_NO_SERIAL skips printing the serial number. It is ignored in
+// |X509_REQ_print_fp|.
+#define X509_FLAG_NO_SERIAL (1L << 2)
+
+// X509_FLAG_NO_SIGNAME skips printing the signature algorithm in the
+// TBSCertificate. It is ignored in |X509_REQ_print_fp|.
+#define X509_FLAG_NO_SIGNAME (1L << 3)
+
+// X509_FLAG_NO_ISSUER skips printing the issuer.
+#define X509_FLAG_NO_ISSUER (1L << 4)
+
+// X509_FLAG_NO_VALIDITY skips printing the notBefore and notAfter times. It is
+// ignored in |X509_REQ_print_fp|.
+#define X509_FLAG_NO_VALIDITY (1L << 5)
+
+// X509_FLAG_NO_SUBJECT skips printing the subject.
+#define X509_FLAG_NO_SUBJECT (1L << 6)
+
+// X509_FLAG_NO_PUBKEY skips printing the public key.
+#define X509_FLAG_NO_PUBKEY (1L << 7)
+
+// X509_FLAG_NO_EXTENSIONS skips printing the extension list. It is ignored in
+// |X509_REQ_print_fp|. CSRs instead have attributes, which is controlled by
+// |X509_FLAG_NO_ATTRIBUTES|.
+#define X509_FLAG_NO_EXTENSIONS (1L << 8)
+
+// X509_FLAG_NO_SIGDUMP skips printing the signature and outer signature
+// algorithm.
+#define X509_FLAG_NO_SIGDUMP (1L << 9)
+
+// X509_FLAG_NO_AUX skips printing auxiliary properties. (See |d2i_X509_AUX| and
+// related functions.)
+#define X509_FLAG_NO_AUX (1L << 10)
+
+// X509_FLAG_NO_ATTRIBUTES skips printing CSR attributes. It does nothing for
+// certificates and CRLs.
+#define X509_FLAG_NO_ATTRIBUTES (1L << 11)
+
+// X509_FLAG_NO_IDS skips printing the issuerUniqueID and subjectUniqueID in a
+// certificate. It is ignored in |X509_REQ_print_fp|.
+#define X509_FLAG_NO_IDS (1L << 12)
+
+// X509_print_ex writes a human-readable representation of |x| to |bp|. It
+// returns one on success and zero on error. |nmflags| is the flags parameter
+// for |X509_NAME_print_ex| when printing the subject and issuer. |cflag| should
+// be some combination of the |X509_FLAG_*| constants.
+OPENSSL_EXPORT int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag,
+ unsigned long cflag);
+
+// X509_print_ex_fp behaves like |X509_print_ex| but writes to |fp|.
+OPENSSL_EXPORT int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag,
+ unsigned long cflag);
+
+// X509_print calls |X509_print_ex| with |XN_FLAG_COMPAT| and |X509_FLAG_COMPAT|
+// flags.
+OPENSSL_EXPORT int X509_print(BIO *bp, X509 *x);
+
+// X509_print_fp behaves like |X509_print| but writes to |fp|.
+OPENSSL_EXPORT int X509_print_fp(FILE *fp, X509 *x);
+
+// X509_CRL_print writes a human-readable representation of |x| to |bp|. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int X509_CRL_print(BIO *bp, X509_CRL *x);
+
+// X509_CRL_print_fp behaves like |X509_CRL_print| but writes to |fp|.
+OPENSSL_EXPORT int X509_CRL_print_fp(FILE *fp, X509_CRL *x);
+
+// X509_REQ_print_ex writes a human-readable representation of |x| to |bp|. It
+// returns one on success and zero on error. |nmflags| is the flags parameter
+// for |X509_NAME_print_ex|, when printing the subject. |cflag| should be some
+// combination of the |X509_FLAG_*| constants.
+OPENSSL_EXPORT int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag,
+ unsigned long cflag);
+
+// X509_REQ_print calls |X509_REQ_print_ex| with |XN_FLAG_COMPAT| and
+// |X509_FLAG_COMPAT| flags.
+OPENSSL_EXPORT int X509_REQ_print(BIO *bp, X509_REQ *req);
+
+// X509_REQ_print_fp behaves like |X509_REQ_print| but writes to |fp|.
+OPENSSL_EXPORT int X509_REQ_print_fp(FILE *fp, X509_REQ *req);
+
+// The following flags are control |X509_NAME_print_ex|. They must not collide
+// with |ASN1_STRFLGS_*|.
+//
+// TODO(davidben): This is far, far too many options and most of them are
+// useless. Trim this down.
+
+// XN_FLAG_COMPAT prints with |X509_NAME_print|'s format and return value
+// convention.
+#define XN_FLAG_COMPAT 0
+
+// XN_FLAG_SEP_MASK determines the separators to use between attributes.
+#define XN_FLAG_SEP_MASK (0xf << 16)
+
+// XN_FLAG_SEP_COMMA_PLUS separates RDNs with "," and attributes within an RDN
+// with "+", as in RFC 2253.
+#define XN_FLAG_SEP_COMMA_PLUS (1 << 16)
+
+// XN_FLAG_SEP_CPLUS_SPC behaves like |XN_FLAG_SEP_COMMA_PLUS| but adds spaces
+// between the separators.
+#define XN_FLAG_SEP_CPLUS_SPC (2 << 16)
+
+// XN_FLAG_SEP_SPLUS_SPC separates RDNs with "; " and attributes within an RDN
+// with " + ".
+#define XN_FLAG_SEP_SPLUS_SPC (3 << 16)
+
+// XN_FLAG_SEP_MULTILINE prints each attribute on one line.
+#define XN_FLAG_SEP_MULTILINE (4 << 16)
+
+// XN_FLAG_DN_REV prints RDNs in reverse, from least significant to most
+// significant, as RFC 2253.
+#define XN_FLAG_DN_REV (1 << 20)
+
+// XN_FLAG_FN_MASK determines how attribute types are displayed.
+#define XN_FLAG_FN_MASK (0x3 << 21)
+
+// XN_FLAG_FN_SN uses the attribute type's short name, when available.
+#define XN_FLAG_FN_SN 0
+
+// XN_FLAG_SPC_EQ wraps the "=" operator with spaces when printing attributes.
+#define XN_FLAG_SPC_EQ (1 << 23)
+
+// XN_FLAG_DUMP_UNKNOWN_FIELDS causes unknown attribute types to be printed in
+// hex, as in RFC 2253.
+#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
+
+// XN_FLAG_RFC2253 prints like RFC 2253.
+#define XN_FLAG_RFC2253 \
+ (ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | \
+ XN_FLAG_FN_SN | XN_FLAG_DUMP_UNKNOWN_FIELDS)
+
+// XN_FLAG_ONELINE prints a one-line representation of the name.
+#define XN_FLAG_ONELINE \
+ (ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | \
+ XN_FLAG_SPC_EQ | XN_FLAG_FN_SN)
+
+// X509_NAME_print_ex writes a human-readable representation of |nm| to |out|.
+// Each line of output is indented by |indent| spaces. It returns the number of
+// bytes written on success, and -1 on error. If |out| is NULL, it returns the
+// number of bytes it would have written but does not write anything. |flags|
+// should be some combination of |XN_FLAG_*| and |ASN1_STRFLGS_*| values and
+// determines the output. If unsure, use |XN_FLAG_RFC2253|.
+//
+// If |flags| is |XN_FLAG_COMPAT|, or zero, this function calls
+// |X509_NAME_print| instead. In that case, it returns one on success, rather
+// than the output length.
+OPENSSL_EXPORT int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent,
+ unsigned long flags);
+
+// X509_NAME_print prints a human-readable representation of |name| to |bp|. It
+// returns one on success and zero on error. |obase| is ignored.
+//
+// This function outputs a legacy format that does not correctly handle string
+// encodings and other cases. Prefer |X509_NAME_print_ex| if printing a name for
+// debugging purposes.
+OPENSSL_EXPORT int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase);
+
+// X509_NAME_oneline writes a human-readable representation to |name| to a
+// buffer as a NUL-terminated C string.
+//
+// If |buf| is NULL, returns a newly-allocated buffer containing the result on
+// success, or NULL on error. The buffer must be released with |OPENSSL_free|
+// when done.
+//
+// If |buf| is non-NULL, at most |size| bytes of output are written to |buf|
+// instead. |size| includes the trailing NUL. The function then returns |buf| on
+// success or NULL on error. If the output does not fit in |size| bytes, the
+// output is silently truncated at an attribute boundary.
+//
+// This function outputs a legacy format that does not correctly handle string
+// encodings and other cases. Prefer |X509_NAME_print_ex| if printing a name for
+// debugging purposes.
+OPENSSL_EXPORT char *X509_NAME_oneline(const X509_NAME *name, char *buf, int size);
+
+// X509_NAME_print_ex_fp behaves like |X509_NAME_print_ex| but writes to |fp|.
+OPENSSL_EXPORT int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm,
+ int indent, unsigned long flags);
+
+// X509_signature_dump writes a human-readable representation of |sig| to |bio|,
+// indented with |indent| spaces. It returns one on success and zero on error.
+OPENSSL_EXPORT int X509_signature_dump(BIO *bio, const ASN1_STRING *sig,
+ int indent);
+
+// X509_signature_print writes a human-readable representation of |alg| and
+// |sig| to |bio|. It returns one on success and zero on error.
+OPENSSL_EXPORT int X509_signature_print(BIO *bio, const X509_ALGOR *alg,
+ const ASN1_STRING *sig);
+
+
+// Convenience functions.
+
+// X509_pubkey_digest hashes the contents of the BIT STRING in |x509|'s
+// subjectPublicKeyInfo field with |md| and writes the result to |out|.
+// |EVP_MD_CTX_size| bytes are written, which is at most |EVP_MAX_MD_SIZE|. If
+// |out_len| is not NULL, |*out_len| is set to the number of bytes written. This
+// function returns one on success and zero on error.
+//
+// This hash omits the BIT STRING tag, length, and number of unused bits. It
+// also omits the AlgorithmIdentifier which describes the key type. It
+// corresponds to the OCSP KeyHash definition and is not suitable for other
+// purposes.
+OPENSSL_EXPORT int X509_pubkey_digest(const X509 *x509, const EVP_MD *md,
+ uint8_t *out, unsigned *out_len);
+
+// X509_digest hashes |x509|'s DER encoding with |md| and writes the result to
+// |out|. |EVP_MD_CTX_size| bytes are written, which is at most
+// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
+// of bytes written. This function returns one on success and zero on error.
+// Note this digest covers the entire certificate, not just the signed portion.
+OPENSSL_EXPORT int X509_digest(const X509 *x509, const EVP_MD *md, uint8_t *out,
+ unsigned *out_len);
+
+// X509_CRL_digest hashes |crl|'s DER encoding with |md| and writes the result
+// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
+// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
+// of bytes written. This function returns one on success and zero on error.
+// Note this digest covers the entire CRL, not just the signed portion.
+OPENSSL_EXPORT int X509_CRL_digest(const X509_CRL *crl, const EVP_MD *md,
+ uint8_t *out, unsigned *out_len);
+
+// X509_REQ_digest hashes |req|'s DER encoding with |md| and writes the result
+// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
+// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
+// of bytes written. This function returns one on success and zero on error.
+// Note this digest covers the entire certificate request, not just the signed
+// portion.
+OPENSSL_EXPORT int X509_REQ_digest(const X509_REQ *req, const EVP_MD *md,
+ uint8_t *out, unsigned *out_len);
+
+// X509_NAME_digest hashes |name|'s DER encoding with |md| and writes the result
+// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
+// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
+// of bytes written. This function returns one on success and zero on error.
+OPENSSL_EXPORT int X509_NAME_digest(const X509_NAME *name, const EVP_MD *md,
+ uint8_t *out, unsigned *out_len);
+
+// The following functions behave like the corresponding unsuffixed |d2i_*|
+// functions, but read the result from |bp| instead. Callers using these
+// functions with memory |BIO|s to parse structures already in memory should use
+// |d2i_*| instead.
+OPENSSL_EXPORT X509 *d2i_X509_bio(BIO *bp, X509 **x509);
+OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl);
+OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req);
+OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa);
+OPENSSL_EXPORT RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa);
+OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa);
+OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
+OPENSSL_EXPORT DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
+OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
+OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
+OPENSSL_EXPORT X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8);
+OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(
+ BIO *bp, PKCS8_PRIV_KEY_INFO **p8inf);
+OPENSSL_EXPORT EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+OPENSSL_EXPORT DH *d2i_DHparams_bio(BIO *bp, DH **dh);
+
+// d2i_PrivateKey_bio behaves like |d2i_AutoPrivateKey|, but reads from |bp|
+// instead.
+OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
+
+// The following functions behave like the corresponding unsuffixed |i2d_*|
+// functions, but write the result to |bp|. They return one on success and zero
+// on error. Callers using them with memory |BIO|s to encode structures to
+// memory should use |i2d_*| directly instead.
+OPENSSL_EXPORT int i2d_X509_bio(BIO *bp, X509 *x509);
+OPENSSL_EXPORT int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl);
+OPENSSL_EXPORT int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req);
+OPENSSL_EXPORT int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa);
+OPENSSL_EXPORT int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa);
+OPENSSL_EXPORT int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa);
+OPENSSL_EXPORT int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
+OPENSSL_EXPORT int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
+OPENSSL_EXPORT int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey);
+OPENSSL_EXPORT int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey);
+OPENSSL_EXPORT int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8);
+OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
+ PKCS8_PRIV_KEY_INFO *p8inf);
+OPENSSL_EXPORT int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey);
+OPENSSL_EXPORT int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+OPENSSL_EXPORT int i2d_DHparams_bio(BIO *bp, const DH *dh);
+
+// i2d_PKCS8PrivateKeyInfo_bio encodes |key| as a PKCS#8 PrivateKeyInfo
+// structure (see |EVP_marshal_private_key|) and writes the result to |bp|. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key);
+
+// The following functions behave like the corresponding |d2i_*_bio| functions,
+// but read from |fp| instead.
+OPENSSL_EXPORT X509 *d2i_X509_fp(FILE *fp, X509 **x509);
+OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
+OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
+OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
+OPENSSL_EXPORT RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
+OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
+OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
+OPENSSL_EXPORT DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
+OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
+OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
+OPENSSL_EXPORT X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
+OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(
+ FILE *fp, PKCS8_PRIV_KEY_INFO **p8inf);
+OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
+OPENSSL_EXPORT EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+
+// The following functions behave like the corresponding |i2d_*_bio| functions,
+// but write to |fp| instead.
+OPENSSL_EXPORT int i2d_X509_fp(FILE *fp, X509 *x509);
+OPENSSL_EXPORT int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl);
+OPENSSL_EXPORT int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req);
+OPENSSL_EXPORT int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa);
+OPENSSL_EXPORT int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa);
+OPENSSL_EXPORT int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa);
+OPENSSL_EXPORT int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
+OPENSSL_EXPORT int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
+OPENSSL_EXPORT int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
+OPENSSL_EXPORT int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
+OPENSSL_EXPORT int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8);
+OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
+ PKCS8_PRIV_KEY_INFO *p8inf);
+OPENSSL_EXPORT int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
+OPENSSL_EXPORT int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
+OPENSSL_EXPORT int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+
+// X509_find_by_issuer_and_serial returns the first |X509| in |sk| whose issuer
+// and serial are |name| and |serial|, respectively. If no match is found, it
+// returns NULL.
+OPENSSL_EXPORT X509 *X509_find_by_issuer_and_serial(const STACK_OF(X509) *sk,
X509_NAME *name,
- ASN1_INTEGER *serial);
-OPENSSL_EXPORT X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name);
+ const ASN1_INTEGER *serial);
+
+// X509_find_by_subject returns the first |X509| in |sk| whose subject is
+// |name|. If no match is found, it returns NULL.
+OPENSSL_EXPORT X509 *X509_find_by_subject(const STACK_OF(X509) *sk,
+ X509_NAME *name);
+
+// X509_cmp_time compares |s| against |*t|. On success, it returns a negative
+// number if |s| <= |*t| and a positive number if |s| > |*t|. On error, it
+// returns zero. If |t| is NULL, it uses the current time instead of |*t|.
+//
+// WARNING: Unlike most comparison functions, this function returns zero on
+// error, not equality.
+OPENSSL_EXPORT int X509_cmp_time(const ASN1_TIME *s, time_t *t);
+
+// X509_cmp_time_posix compares |s| against |t|. On success, it returns a
+// negative number if |s| <= |t| and a positive number if |s| > |t|. On error,
+// it returns zero.
+//
+// WARNING: Unlike most comparison functions, this function returns zero on
+// error, not equality.
+OPENSSL_EXPORT int X509_cmp_time_posix(const ASN1_TIME *s, int64_t t);
+
+// X509_cmp_current_time behaves like |X509_cmp_time| but compares |s| against
+// the current time.
+OPENSSL_EXPORT int X509_cmp_current_time(const ASN1_TIME *s);
+
+// X509_time_adj calls |X509_time_adj_ex| with |offset_day| equal to zero.
+OPENSSL_EXPORT ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec,
+ time_t *t);
+
+// X509_time_adj_ex behaves like |ASN1_TIME_adj|, but adds an offset to |*t|. If
+// |t| is NULL, it uses the current time instead of |*t|.
+OPENSSL_EXPORT ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s, int offset_day,
+ long offset_sec, time_t *t);
+
+// X509_gmtime_adj behaves like |X509_time_adj_ex| but adds |offset_sec| to the
+// current time.
+OPENSSL_EXPORT ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long offset_sec);
+
+
+// ex_data functions.
+//
+// See |ex_data.h| for details.
+
+OPENSSL_EXPORT int X509_get_ex_new_index(long argl, void *argp,
+ CRYPTO_EX_unused *unused,
+ CRYPTO_EX_dup *dup_unused,
+ CRYPTO_EX_free *free_func);
+OPENSSL_EXPORT int X509_set_ex_data(X509 *r, int idx, void *arg);
+OPENSSL_EXPORT void *X509_get_ex_data(X509 *r, int idx);
+
+OPENSSL_EXPORT int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
+ CRYPTO_EX_unused *unused,
+ CRYPTO_EX_dup *dup_unused,
+ CRYPTO_EX_free *free_func);
+OPENSSL_EXPORT int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx,
+ void *data);
+OPENSSL_EXPORT void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
+
+
+// Deprecated functions.
+
+// X509_get_notBefore returns |x509|'s notBefore time. Note this function is not
+// const-correct for legacy reasons. Use |X509_get0_notBefore| or
+// |X509_getm_notBefore| instead.
+OPENSSL_EXPORT ASN1_TIME *X509_get_notBefore(const X509 *x509);
+
+// X509_get_notAfter returns |x509|'s notAfter time. Note this function is not
+// const-correct for legacy reasons. Use |X509_get0_notAfter| or
+// |X509_getm_notAfter| instead.
+OPENSSL_EXPORT ASN1_TIME *X509_get_notAfter(const X509 *x509);
+
+// X509_set_notBefore calls |X509_set1_notBefore|. Use |X509_set1_notBefore|
+// instead.
+OPENSSL_EXPORT int X509_set_notBefore(X509 *x509, const ASN1_TIME *tm);
+
+// X509_set_notAfter calls |X509_set1_notAfter|. Use |X509_set1_notAfter|
+// instead.
+OPENSSL_EXPORT int X509_set_notAfter(X509 *x509, const ASN1_TIME *tm);
+
+// X509_CRL_get_lastUpdate returns a mutable pointer to |crl|'s thisUpdate time.
+// The OpenSSL API refers to this field as lastUpdate.
+//
+// Use |X509_CRL_get0_lastUpdate| or |X509_CRL_set1_lastUpdate| instead.
+OPENSSL_EXPORT ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl);
+
+// X509_CRL_get_nextUpdate returns a mutable pointer to |crl|'s nextUpdate time,
+// or NULL if |crl| has none. Use |X509_CRL_get0_nextUpdate| or
+// |X509_CRL_set1_nextUpdate| instead.
+OPENSSL_EXPORT ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl);
+
+// X509_extract_key is a legacy alias to |X509_get_pubkey|. Use
+// |X509_get_pubkey| instead.
+#define X509_extract_key(x) X509_get_pubkey(x)
+
+// X509_REQ_extract_key is a legacy alias for |X509_REQ_get_pubkey|.
+#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
+
+// X509_name_cmp is a legacy alias for |X509_NAME_cmp|.
+#define X509_name_cmp(a, b) X509_NAME_cmp((a), (b))
+
+// The following symbols are deprecated aliases to |X509_CRL_set1_*|.
+#define X509_CRL_set_lastUpdate X509_CRL_set1_lastUpdate
+#define X509_CRL_set_nextUpdate X509_CRL_set1_nextUpdate
+
+// X509_get_serialNumber returns a mutable pointer to |x509|'s serial number.
+// Prefer |X509_get0_serialNumber|.
+OPENSSL_EXPORT ASN1_INTEGER *X509_get_serialNumber(X509 *x509);
+
+// X509_NAME_get_text_by_OBJ finds the first attribute with type |obj| in
+// |name|. If found, it ignores the value's ASN.1 type, writes the raw
+// |ASN1_STRING| representation to |buf|, followed by a NUL byte, and
+// returns the number of bytes in output, excluding the NUL byte.
+//
+// This function writes at most |len| bytes, including the NUL byte. If |len| is
+// not large enough, it silently truncates the output to fit. If |buf| is NULL,
+// it instead writes enough and returns the number of bytes in the output,
+// excluding the NUL byte.
+//
+// WARNING: Do not use this function. It does not return enough information for
+// the caller to correctly interpret its output. The attribute value may be of
+// any type, including one of several ASN.1 string encodings, but this function
+// only outputs the raw |ASN1_STRING| representation. See
+// https://crbug.com/boringssl/436.
+OPENSSL_EXPORT int X509_NAME_get_text_by_OBJ(const X509_NAME *name,
+ const ASN1_OBJECT *obj, char *buf,
+ int len);
+
+// X509_NAME_get_text_by_NID behaves like |X509_NAME_get_text_by_OBJ| except it
+// finds an attribute of type |nid|, which should be one of the |NID_*|
+// constants.
+OPENSSL_EXPORT int X509_NAME_get_text_by_NID(const X509_NAME *name, int nid,
+ char *buf, int len);
+
+
+// Private structures.
+
+struct X509_algor_st {
+ ASN1_OBJECT *algorithm;
+ ASN1_TYPE *parameter;
+} /* X509_ALGOR */;
+
+
+// Functions below this point have not yet been organized into sections.
+
+#define X509_FILETYPE_PEM 1
+#define X509_FILETYPE_ASN1 2
+#define X509_FILETYPE_DEFAULT 3
+
+#define X509v3_KU_DIGITAL_SIGNATURE 0x0080
+#define X509v3_KU_NON_REPUDIATION 0x0040
+#define X509v3_KU_KEY_ENCIPHERMENT 0x0020
+#define X509v3_KU_DATA_ENCIPHERMENT 0x0010
+#define X509v3_KU_KEY_AGREEMENT 0x0008
+#define X509v3_KU_KEY_CERT_SIGN 0x0004
+#define X509v3_KU_CRL_SIGN 0x0002
+#define X509v3_KU_ENCIPHER_ONLY 0x0001
+#define X509v3_KU_DECIPHER_ONLY 0x8000
+#define X509v3_KU_UNDEF 0xffff
+
+// This stuff is certificate "auxiliary info"
+// it contains details which are useful in certificate
+// stores and databases. When used this is tagged onto
+// the end of the certificate itself
+
+DECLARE_STACK_OF(DIST_POINT)
+DECLARE_STACK_OF(GENERAL_NAME)
+
+// This is used for a table of trust checking functions
+
+struct x509_trust_st {
+ int trust;
+ int flags;
+ int (*check_trust)(struct x509_trust_st *, X509 *, int);
+ char *name;
+ int arg1;
+ void *arg2;
+} /* X509_TRUST */;
+
+DEFINE_STACK_OF(X509_TRUST)
+
+// standard trust ids
+
+#define X509_TRUST_DEFAULT (-1) // Only valid in purpose settings
+
+#define X509_TRUST_COMPAT 1
+#define X509_TRUST_SSL_CLIENT 2
+#define X509_TRUST_SSL_SERVER 3
+#define X509_TRUST_EMAIL 4
+#define X509_TRUST_OBJECT_SIGN 5
+#define X509_TRUST_OCSP_SIGN 6
+#define X509_TRUST_OCSP_REQUEST 7
+#define X509_TRUST_TSA 8
+
+// Keep these up to date!
+#define X509_TRUST_MIN 1
+#define X509_TRUST_MAX 8
+
+
+// trust_flags values
+#define X509_TRUST_DYNAMIC 1
+#define X509_TRUST_DYNAMIC_NAME 2
+
+// check_trust return codes
+
+#define X509_TRUST_TRUSTED 1
+#define X509_TRUST_REJECTED 2
+#define X509_TRUST_UNTRUSTED 3
+
+DEFINE_STACK_OF(X509_REVOKED)
+
+DECLARE_STACK_OF(GENERAL_NAMES)
+
+struct private_key_st {
+ int version;
+ // The PKCS#8 data types
+ X509_ALGOR *enc_algor;
+ ASN1_OCTET_STRING *enc_pkey; // encrypted pub key
+
+ // When decrypted, the following will not be NULL
+ EVP_PKEY *dec_pkey;
+
+ // used to encrypt and decrypt
+ int key_length;
+ char *key_data;
+ int key_free; // true if we should auto free key_data
+
+ // expanded version of 'enc_algor'
+ EVP_CIPHER_INFO cipher;
+} /* X509_PKEY */;
+
+struct X509_info_st {
+ X509 *x509;
+ X509_CRL *crl;
+ X509_PKEY *x_pkey;
+
+ EVP_CIPHER_INFO enc_cipher;
+ int enc_len;
+ char *enc_data;
+
+} /* X509_INFO */;
+
+DEFINE_STACK_OF(X509_INFO)
+
+// X509_get_pathlen returns path length constraint from the basic constraints
+// extension in |x509|. (See RFC 5280, section 4.2.1.9.) It returns -1 if the
+// constraint is not present, or if some extension in |x509| was invalid.
+//
+// Note that decoding an |X509| object will not check for invalid extensions. To
+// detect the error case, call |X509_get_extensions_flags| and check the
+// |EXFLAG_INVALID| bit.
+OPENSSL_EXPORT long X509_get_pathlen(X509 *x509);
+
+// X509_SIG_get0 sets |*out_alg| and |*out_digest| to non-owning pointers to
+// |sig|'s algorithm and digest fields, respectively. Either |out_alg| and
+// |out_digest| may be NULL to skip those fields.
+OPENSSL_EXPORT void X509_SIG_get0(const X509_SIG *sig,
+ const X509_ALGOR **out_alg,
+ const ASN1_OCTET_STRING **out_digest);
+
+// X509_SIG_getm behaves like |X509_SIG_get0| but returns mutable pointers.
+OPENSSL_EXPORT void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **out_alg,
+ ASN1_OCTET_STRING **out_digest);
+
+// X509_verify_cert_error_string returns |err| as a human-readable string, where
+// |err| should be one of the |X509_V_*| values. If |err| is unknown, it returns
+// a default description.
+OPENSSL_EXPORT const char *X509_verify_cert_error_string(long err);
+
+// X509_REVOKED_dup returns a newly-allocated copy of |rev|, or NULL on error.
+// This function works by serializing the structure, so if |rev| is incomplete,
+// it may fail.
+OPENSSL_EXPORT X509_REVOKED *X509_REVOKED_dup(const X509_REVOKED *rev);
+
+OPENSSL_EXPORT const char *X509_get_default_cert_area(void);
+OPENSSL_EXPORT const char *X509_get_default_cert_dir(void);
+OPENSSL_EXPORT const char *X509_get_default_cert_file(void);
+OPENSSL_EXPORT const char *X509_get_default_cert_dir_env(void);
+OPENSSL_EXPORT const char *X509_get_default_cert_file_env(void);
+OPENSSL_EXPORT const char *X509_get_default_private_dir(void);
+
+DECLARE_ASN1_FUNCTIONS_const(X509_PUBKEY)
+
+// X509_PUBKEY_set serializes |pkey| into a newly-allocated |X509_PUBKEY|
+// structure. On success, it frees |*x|, sets |*x| to the new object, and
+// returns one. Otherwise, it returns zero.
+OPENSSL_EXPORT int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+
+// X509_PUBKEY_get decodes the public key in |key| and returns an |EVP_PKEY| on
+// success, or NULL on error. The caller must release the result with
+// |EVP_PKEY_free| when done. The |EVP_PKEY| is cached in |key|, so callers must
+// not mutate the result.
+OPENSSL_EXPORT EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+
+DECLARE_ASN1_FUNCTIONS_const(X509_SIG)
+
+OPENSSL_EXPORT int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
+OPENSSL_EXPORT int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
+OPENSSL_EXPORT void X509_trust_clear(X509 *x);
+OPENSSL_EXPORT void X509_reject_clear(X509 *x);
+
+
+OPENSSL_EXPORT int X509_TRUST_set(int *t, int trust);
+
+DECLARE_ASN1_FUNCTIONS_const(X509_REVOKED)
+
+OPENSSL_EXPORT int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+OPENSSL_EXPORT int X509_CRL_get0_by_serial(X509_CRL *crl, X509_REVOKED **ret,
+ ASN1_INTEGER *serial);
+OPENSSL_EXPORT int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret,
+ X509 *x);
+
+OPENSSL_EXPORT X509_PKEY *X509_PKEY_new(void);
+OPENSSL_EXPORT void X509_PKEY_free(X509_PKEY *a);
+
+OPENSSL_EXPORT X509_INFO *X509_INFO_new(void);
+OPENSSL_EXPORT void X509_INFO_free(X509_INFO *a);
+
+OPENSSL_EXPORT int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
+ unsigned char *md, unsigned int *len);
+
+OPENSSL_EXPORT int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type,
+ void *data, unsigned char *md,
+ unsigned int *len);
+
+OPENSSL_EXPORT int ASN1_item_verify(const ASN1_ITEM *it,
+ const X509_ALGOR *algor1,
+ const ASN1_BIT_STRING *signature,
+ void *data, EVP_PKEY *pkey);
+
+OPENSSL_EXPORT int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ X509_ALGOR *algor2,
+ ASN1_BIT_STRING *signature, void *data,
+ EVP_PKEY *pkey, const EVP_MD *type);
+OPENSSL_EXPORT int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ X509_ALGOR *algor2,
+ ASN1_BIT_STRING *signature, void *asn,
+ EVP_MD_CTX *ctx);
+
+OPENSSL_EXPORT int X509_CRL_sort(X509_CRL *crl);
+
+// X509_REVOKED_get0_serialNumber returns the serial number of the certificate
+// revoked by |revoked|.
+OPENSSL_EXPORT const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(
+ const X509_REVOKED *revoked);
+
+// X509_REVOKED_set_serialNumber sets |revoked|'s serial number to |serial|. It
+// returns one on success or zero on error.
+OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *revoked,
+ const ASN1_INTEGER *serial);
+
+// X509_REVOKED_get0_revocationDate returns the revocation time of the
+// certificate revoked by |revoked|.
+OPENSSL_EXPORT const ASN1_TIME *X509_REVOKED_get0_revocationDate(
+ const X509_REVOKED *revoked);
+
+// X509_REVOKED_set_revocationDate sets |revoked|'s revocation time to |tm|. It
+// returns one on success or zero on error.
+OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *revoked,
+ const ASN1_TIME *tm);
+
+// X509_REVOKED_get0_extensions returns |r|'s extensions list, or NULL if |r|
+// omits it.
+OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(
+ const X509_REVOKED *r);
+
+OPENSSL_EXPORT X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
+ EVP_PKEY *skey, const EVP_MD *md,
+ unsigned int flags);
+
+OPENSSL_EXPORT int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey);
+
+OPENSSL_EXPORT int X509_check_private_key(X509 *x509, const EVP_PKEY *pkey);
+
+OPENSSL_EXPORT int X509_issuer_name_cmp(const X509 *a, const X509 *b);
+OPENSSL_EXPORT unsigned long X509_issuer_name_hash(X509 *a);
+
+OPENSSL_EXPORT int X509_subject_name_cmp(const X509 *a, const X509 *b);
+OPENSSL_EXPORT unsigned long X509_subject_name_hash(X509 *x);
+
+OPENSSL_EXPORT unsigned long X509_issuer_name_hash_old(X509 *a);
+OPENSSL_EXPORT unsigned long X509_subject_name_hash_old(X509 *x);
+
+OPENSSL_EXPORT int X509_cmp(const X509 *a, const X509 *b);
+OPENSSL_EXPORT int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
+OPENSSL_EXPORT unsigned long X509_NAME_hash(X509_NAME *x);
+OPENSSL_EXPORT unsigned long X509_NAME_hash_old(X509_NAME *x);
+
+OPENSSL_EXPORT int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
+OPENSSL_EXPORT int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
+
+// X509_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the extension in
+// |x509|'s extension list.
+//
+// WARNING: This function is difficult to use correctly. See the documentation
+// for |X509V3_get_d2i| for details.
+OPENSSL_EXPORT void *X509_get_ext_d2i(const X509 *x509, int nid,
+ int *out_critical, int *out_idx);
+
+// X509_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the extension to
+// |x|'s extension list.
+//
+// WARNING: This function may return zero or -1 on error. The caller must also
+// ensure |value|'s type matches |nid|. See the documentation for
+// |X509V3_add1_i2d| for details.
+OPENSSL_EXPORT int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+ unsigned long flags);
+
+// X509_CRL_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the
+// extension in |crl|'s extension list.
+//
+// WARNING: This function is difficult to use correctly. See the documentation
+// for |X509V3_get_d2i| for details.
+OPENSSL_EXPORT void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid,
+ int *out_critical, int *out_idx);
+
+// X509_CRL_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the extension
+// to |x|'s extension list.
+//
+// WARNING: This function may return zero or -1 on error. The caller must also
+// ensure |value|'s type matches |nid|. See the documentation for
+// |X509V3_add1_i2d| for details.
+OPENSSL_EXPORT int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value,
+ int crit, unsigned long flags);
+
+// X509_REVOKED_get_ext_count returns the number of extensions in |x|.
+OPENSSL_EXPORT int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+
+// X509_REVOKED_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches
+// for extensions in |x|.
+OPENSSL_EXPORT int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid,
+ int lastpos);
+
+// X509_REVOKED_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches
+// for extensions in |x|.
+OPENSSL_EXPORT int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x,
+ const ASN1_OBJECT *obj,
+ int lastpos);
+
+// X509_REVOKED_get_ext_by_critical behaves like |X509v3_get_ext_by_critical|
+// but searches for extensions in |x|.
+OPENSSL_EXPORT int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x,
+ int crit, int lastpos);
+
+// X509_REVOKED_get_ext returns the extension in |x| at index |loc|, or NULL if
+// |loc| is out of bounds. This function returns a non-const pointer for OpenSSL
+// compatibility, but callers should not mutate the result.
+OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x,
+ int loc);
+
+// X509_REVOKED_delete_ext removes the extension in |x| at index |loc| and
+// returns the removed extension, or NULL if |loc| was out of bounds. If
+// non-NULL, the caller must release the result with |X509_EXTENSION_free|.
+OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x,
+ int loc);
+
+// X509_REVOKED_add_ext adds a copy of |ex| to |x|. It returns one on success
+// and zero on failure. The caller retains ownership of |ex| and can release it
+// independently of |x|.
+//
+// The new extension is inserted at index |loc|, shifting extensions to the
+// right. If |loc| is -1 or out of bounds, the new extension is appended to the
+// list.
+OPENSSL_EXPORT int X509_REVOKED_add_ext(X509_REVOKED *x,
+ const X509_EXTENSION *ex, int loc);
+
+// X509_REVOKED_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the
+// extension in |revoked|'s extension list.
+//
+// WARNING: This function is difficult to use correctly. See the documentation
+// for |X509V3_get_d2i| for details.
+OPENSSL_EXPORT void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *revoked,
+ int nid, int *out_critical,
+ int *out_idx);
+
+// X509_REVOKED_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the
+// extension to |x|'s extension list.
+//
+// WARNING: This function may return zero or -1 on error. The caller must also
+// ensure |value|'s type matches |nid|. See the documentation for
+// |X509V3_add1_i2d| for details.
+OPENSSL_EXPORT int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid,
+ void *value, int crit,
+ unsigned long flags);
+
+OPENSSL_EXPORT int X509_verify_cert(X509_STORE_CTX *ctx);
// PKCS#8 utilities
-DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
+DECLARE_ASN1_FUNCTIONS_const(PKCS8_PRIV_KEY_INFO)
-OPENSSL_EXPORT EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
-OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
+// EVP_PKCS82PKEY returns |p8| as a newly-allocated |EVP_PKEY|, or NULL if the
+// key was unsupported or could not be decoded. If non-NULL, the caller must
+// release the result with |EVP_PKEY_free| when done.
+//
+// Use |EVP_parse_private_key| instead.
+OPENSSL_EXPORT EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8);
-OPENSSL_EXPORT int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
- int version, int ptype, void *pval,
- unsigned char *penc, int penclen);
-OPENSSL_EXPORT int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
- const unsigned char **pk, int *ppklen,
- X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8);
+// EVP_PKEY2PKCS8 encodes |pkey| as a PKCS#8 PrivateKeyInfo (RFC 5208),
+// represented as a newly-allocated |PKCS8_PRIV_KEY_INFO|, or NULL on error. The
+// caller must release the result with |PKCS8_PRIV_KEY_INFO_free| when done.
+//
+// Use |EVP_marshal_private_key| instead.
+OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey);
// X509_PUBKEY_set0_param sets |pub| to a key with AlgorithmIdentifier
// determined by |obj|, |param_type|, and |param_value|, and an encoded
@@ -1877,7 +2547,7 @@
X509_ALGOR *maskHash;
} /* RSA_PSS_PARAMS */;
-DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
+DECLARE_ASN1_FUNCTIONS_const(RSA_PSS_PARAMS)
/*
SSL_CTX -> X509_STORE
@@ -2002,14 +2672,6 @@
#define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
#define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
-// Suite B mode algorithm violation
-#define X509_V_ERR_SUITE_B_INVALID_VERSION 56
-#define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57
-#define X509_V_ERR_SUITE_B_INVALID_CURVE 58
-#define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59
-#define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60
-#define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
-
// Host, email and IP check errors
#define X509_V_ERR_HOSTNAME_MISMATCH 62
#define X509_V_ERR_EMAIL_MISMATCH 63
@@ -2036,9 +2698,9 @@
#define X509_V_FLAG_IGNORE_CRITICAL 0x10
// Does nothing as its functionality has been enabled by default.
#define X509_V_FLAG_X509_STRICT 0x00
-// Enable proxy certificate validation
+// This flag does nothing as proxy certificate support has been removed.
#define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40
-// Enable policy checking
+// Does nothing as its functionality has been enabled by default.
#define X509_V_FLAG_POLICY_CHECK 0x80
// Policy variable require-explicit-policy
#define X509_V_FLAG_EXPLICIT_POLICY 0x100
@@ -2056,12 +2718,6 @@
#define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
// Use trusted store first
#define X509_V_FLAG_TRUSTED_FIRST 0x8000
-// Suite B 128 bit only mode: not normally used
-#define X509_V_FLAG_SUITEB_128_LOS_ONLY 0x10000
-// Suite B 192 bit only mode
-#define X509_V_FLAG_SUITEB_192_LOS 0x20000
-// Suite B 128 bit mode allowing 192 bit algorithms
-#define X509_V_FLAG_SUITEB_128_LOS 0x30000
// Allow partial chains if at least one certificate is in trusted store
#define X509_V_FLAG_PARTIAL_CHAIN 0x80000
@@ -2081,11 +2737,6 @@
#define X509_VP_FLAG_LOCKED 0x8
#define X509_VP_FLAG_ONCE 0x10
-// Internal use: mask of policy related options
-#define X509_V_FLAG_POLICY_MASK \
- (X509_V_FLAG_POLICY_CHECK | X509_V_FLAG_EXPLICIT_POLICY | \
- X509_V_FLAG_INHIBIT_ANY | X509_V_FLAG_INHIBIT_MAP)
-
OPENSSL_EXPORT int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h,
int type, X509_NAME *name);
OPENSSL_EXPORT X509_OBJECT *X509_OBJECT_retrieve_by_subject(
@@ -2173,8 +2824,21 @@
OPENSSL_EXPORT void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
OPENSSL_EXPORT int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
X509 *x509, STACK_OF(X509) *chain);
+
+// X509_STORE_CTX_set0_trusted_stack configures |ctx| to trust the certificates
+// in |sk|. |sk| must remain valid for the duration of |ctx|.
+//
+// WARNING: This function differs from most |set0| functions in that it does not
+// take ownership of its input. The caller is required to ensure the lifetimes
+// are consistent.
+OPENSSL_EXPORT void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx,
+ STACK_OF(X509) *sk);
+
+// X509_STORE_CTX_trusted_stack is a deprecated alias for
+// |X509_STORE_CTX_set0_trusted_stack|.
OPENSSL_EXPORT void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx,
STACK_OF(X509) *sk);
+
OPENSSL_EXPORT void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
OPENSSL_EXPORT X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx);
@@ -2209,15 +2873,6 @@
OPENSSL_EXPORT int X509_LOOKUP_init(X509_LOOKUP *ctx);
OPENSSL_EXPORT int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type,
X509_NAME *name, X509_OBJECT *ret);
-OPENSSL_EXPORT int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type,
- X509_NAME *name,
- ASN1_INTEGER *serial,
- X509_OBJECT *ret);
-OPENSSL_EXPORT int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
- unsigned char *bytes, int len,
- X509_OBJECT *ret);
-OPENSSL_EXPORT int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str,
- int len, X509_OBJECT *ret);
OPENSSL_EXPORT int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
#ifndef OPENSSL_NO_STDIO
@@ -2225,14 +2880,6 @@
const char *dir);
OPENSSL_EXPORT int X509_STORE_set_default_paths(X509_STORE *ctx);
#endif
-
-OPENSSL_EXPORT int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
- CRYPTO_EX_unused *unused,
- CRYPTO_EX_dup *dup_unused,
- CRYPTO_EX_free *free_func);
-OPENSSL_EXPORT int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx,
- void *data);
-OPENSSL_EXPORT void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
OPENSSL_EXPORT int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
OPENSSL_EXPORT void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
OPENSSL_EXPORT int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
@@ -2260,13 +2907,12 @@
unsigned long flags);
OPENSSL_EXPORT void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx,
unsigned long flags, time_t t);
+OPENSSL_EXPORT void X509_STORE_CTX_set_time_posix(X509_STORE_CTX *ctx,
+ unsigned long flags,
+ int64_t t);
OPENSSL_EXPORT void X509_STORE_CTX_set_verify_cb(
X509_STORE_CTX *ctx, int (*verify_cb)(int, X509_STORE_CTX *));
-OPENSSL_EXPORT X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(
- X509_STORE_CTX *ctx);
-OPENSSL_EXPORT int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
-
OPENSSL_EXPORT X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(
X509_STORE_CTX *ctx);
OPENSSL_EXPORT void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx,
@@ -2298,10 +2944,12 @@
int depth);
OPENSSL_EXPORT void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param,
time_t t);
+OPENSSL_EXPORT void X509_VERIFY_PARAM_set_time_posix(X509_VERIFY_PARAM *param,
+ int64_t t);
OPENSSL_EXPORT int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
ASN1_OBJECT *policy);
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_policies(
- X509_VERIFY_PARAM *param, STACK_OF(ASN1_OBJECT) *policies);
+ X509_VERIFY_PARAM *param, const STACK_OF(ASN1_OBJECT) *policies);
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
const char *name,
@@ -2325,43 +2973,8 @@
OPENSSL_EXPORT const char *X509_VERIFY_PARAM_get0_name(
const X509_VERIFY_PARAM *param);
-OPENSSL_EXPORT int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
-OPENSSL_EXPORT int X509_VERIFY_PARAM_get_count(void);
-OPENSSL_EXPORT const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id);
OPENSSL_EXPORT const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(
const char *name);
-OPENSSL_EXPORT void X509_VERIFY_PARAM_table_cleanup(void);
-
-OPENSSL_EXPORT int X509_policy_check(X509_POLICY_TREE **ptree,
- int *pexplicit_policy,
- STACK_OF(X509) *certs,
- STACK_OF(ASN1_OBJECT) *policy_oids,
- unsigned int flags);
-
-OPENSSL_EXPORT void X509_policy_tree_free(X509_POLICY_TREE *tree);
-
-OPENSSL_EXPORT int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
-OPENSSL_EXPORT X509_POLICY_LEVEL *X509_policy_tree_get0_level(
- const X509_POLICY_TREE *tree, int i);
-
-OPENSSL_EXPORT STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(
- const X509_POLICY_TREE *tree);
-
-OPENSSL_EXPORT STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(
- const X509_POLICY_TREE *tree);
-
-OPENSSL_EXPORT int X509_policy_level_node_count(X509_POLICY_LEVEL *level);
-
-OPENSSL_EXPORT X509_POLICY_NODE *X509_policy_level_get0_node(
- X509_POLICY_LEVEL *level, int i);
-
-OPENSSL_EXPORT const ASN1_OBJECT *X509_policy_node_get0_policy(
- const X509_POLICY_NODE *node);
-
-OPENSSL_EXPORT STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(
- const X509_POLICY_NODE *node);
-OPENSSL_EXPORT const X509_POLICY_NODE *X509_policy_node_get0_parent(
- const X509_POLICY_NODE *node);
#if defined(__cplusplus)
@@ -2387,7 +3000,6 @@
BORINGSSL_MAKE_DELETER(X509_NAME, X509_NAME_free)
BORINGSSL_MAKE_DELETER(X509_NAME_ENTRY, X509_NAME_ENTRY_free)
BORINGSSL_MAKE_DELETER(X509_PKEY, X509_PKEY_free)
-BORINGSSL_MAKE_DELETER(X509_POLICY_TREE, X509_policy_tree_free)
BORINGSSL_MAKE_DELETER(X509_PUBKEY, X509_PUBKEY_free)
BORINGSSL_MAKE_DELETER(X509_REQ, X509_REQ_free)
BORINGSSL_MAKE_DELETER(X509_REVOKED, X509_REVOKED_free)
@@ -2446,5 +3058,6 @@
#define X509_R_NO_CERTIFICATE_FOUND 141
#define X509_R_NO_CERTIFICATE_OR_CRL_FOUND 142
#define X509_R_NO_CRL_FOUND 143
+#define X509_R_INVALID_POLICY_EXTENSION 144
-#endif
+#endif // OPENSSL_HEADER_X509_H
diff --git a/sysroots/generic-arm32/usr/include/openssl/x509v3.h b/sysroots/generic-arm32/usr/include/openssl/x509v3.h
index c67dde6..d9c862d 100644
--- a/sysroots/generic-arm32/usr/include/openssl/x509v3.h
+++ b/sysroots/generic-arm32/usr/include/openssl/x509v3.h
@@ -52,8 +52,8 @@
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com). */
-#ifndef HEADER_X509V3_H
-#define HEADER_X509V3_H
+#ifndef OPENSSL_HEADER_X509V3_H
+#define OPENSSL_HEADER_X509V3_H
#include <openssl/bio.h>
#include <openssl/conf.h>
@@ -79,32 +79,38 @@
// Useful typedefs
+typedef struct v3_ext_method X509V3_EXT_METHOD;
+
typedef void *(*X509V3_EXT_NEW)(void);
typedef void (*X509V3_EXT_FREE)(void *);
typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long);
typedef int (*X509V3_EXT_I2D)(void *, unsigned char **);
-typedef STACK_OF(CONF_VALUE) *(*X509V3_EXT_I2V)(
- const struct v3_ext_method *method, void *ext,
- STACK_OF(CONF_VALUE) *extlist);
-typedef void *(*X509V3_EXT_V2I)(const struct v3_ext_method *method,
- struct v3_ext_ctx *ctx,
- STACK_OF(CONF_VALUE) *values);
-typedef char *(*X509V3_EXT_I2S)(const struct v3_ext_method *method, void *ext);
-typedef void *(*X509V3_EXT_S2I)(const struct v3_ext_method *method,
- struct v3_ext_ctx *ctx, const char *str);
-typedef int (*X509V3_EXT_I2R)(const struct v3_ext_method *method, void *ext,
+typedef STACK_OF(CONF_VALUE) *(*X509V3_EXT_I2V)(const X509V3_EXT_METHOD *method,
+ void *ext,
+ STACK_OF(CONF_VALUE) *extlist);
+typedef void *(*X509V3_EXT_V2I)(const X509V3_EXT_METHOD *method,
+ const X509V3_CTX *ctx,
+ const STACK_OF(CONF_VALUE) *values);
+typedef char *(*X509V3_EXT_I2S)(const X509V3_EXT_METHOD *method, void *ext);
+typedef void *(*X509V3_EXT_S2I)(const X509V3_EXT_METHOD *method,
+ const X509V3_CTX *ctx, const char *str);
+typedef int (*X509V3_EXT_I2R)(const X509V3_EXT_METHOD *method, void *ext,
BIO *out, int indent);
-typedef void *(*X509V3_EXT_R2I)(const struct v3_ext_method *method,
- struct v3_ext_ctx *ctx, const char *str);
+typedef void *(*X509V3_EXT_R2I)(const X509V3_EXT_METHOD *method,
+ const X509V3_CTX *ctx, const char *str);
// V3 extension structure
struct v3_ext_method {
int ext_nid;
int ext_flags;
- // If this is set the following four fields are ignored
+
+ // it determines how values of this extension are allocated, released, parsed,
+ // and marshalled. This must be non-NULL.
ASN1_ITEM_EXP *it;
- // Old style ASN1 calls
+
+ // The following functions are ignored in favor of |it|. They are retained in
+ // the struct only for source compatibility with existing struct definitions.
X509V3_EXT_NEW ext_new;
X509V3_EXT_FREE ext_free;
X509V3_EXT_D2I d2i;
@@ -125,32 +131,9 @@
void *usr_data; // Any extension specific data
};
-typedef struct X509V3_CONF_METHOD_st {
- char *(*get_string)(void *db, const char *section, const char *value);
- STACK_OF(CONF_VALUE) *(*get_section)(void *db, const char *section);
- void (*free_string)(void *db, char *string);
- void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
-} X509V3_CONF_METHOD;
-
-// Context specific info
-struct v3_ext_ctx {
-#define CTX_TEST 0x1
- int flags;
- X509 *issuer_cert;
- X509 *subject_cert;
- X509_REQ *subject_req;
- X509_CRL *crl;
- const X509V3_CONF_METHOD *db_meth;
- void *db;
- // Maybe more here
-};
-
-typedef struct v3_ext_method X509V3_EXT_METHOD;
-
DEFINE_STACK_OF(X509V3_EXT_METHOD)
// ext_flags values
-#define X509V3_EXT_DYNAMIC 0x1
#define X509V3_EXT_CTX_DEP 0x2
#define X509V3_EXT_MULTILINE 0x4
@@ -187,7 +170,7 @@
OTHERNAME *otherName; // otherName
ASN1_IA5STRING *rfc822Name;
ASN1_IA5STRING *dNSName;
- ASN1_TYPE *x400Address;
+ ASN1_STRING *x400Address;
X509_NAME *directoryName;
EDIPARTYNAME *ediPartyName;
ASN1_IA5STRING *uniformResourceIdentifier;
@@ -199,7 +182,6 @@
X509_NAME *dirn; // dirn
ASN1_IA5STRING *ia5; // rfc822Name, dNSName, uniformResourceIdentifier
ASN1_OBJECT *rid; // registeredID
- ASN1_TYPE *other; // x400Address
} d;
} GENERAL_NAME;
@@ -318,20 +300,6 @@
ASN1_INTEGER *inhibitPolicyMapping;
} POLICY_CONSTRAINTS;
-// Proxy certificate structures, see RFC 3820
-typedef struct PROXY_POLICY_st {
- ASN1_OBJECT *policyLanguage;
- ASN1_OCTET_STRING *policy;
-} PROXY_POLICY;
-
-typedef struct PROXY_CERT_INFO_EXTENSION_st {
- ASN1_INTEGER *pcPathLengthConstraint;
- PROXY_POLICY *proxyPolicy;
-} PROXY_CERT_INFO_EXTENSION;
-
-DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
-DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
-
struct ISSUING_DIST_POINT_st {
DIST_POINT_NAME *distpoint;
int onlyuser;
@@ -357,30 +325,6 @@
// onlysomereasons present
#define IDP_REASONS 0x40
-#define X509V3_conf_err(val) \
- ERR_add_error_data(6, "section:", (val)->section, ",name:", (val)->name, \
- ",value:", (val)->value);
-
-#define X509V3_set_ctx_test(ctx) \
- X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
-#define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL;
-
-#define EXT_BITSTRING(nid, table) \
- { \
- nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), 0, 0, 0, 0, 0, 0, \
- (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
- (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, NULL, NULL, (void *)(table) \
- }
-
-#define EXT_IA5STRING(nid) \
- { \
- nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), 0, 0, 0, 0, \
- (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
- (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, 0, 0, 0, 0, NULL \
- }
-
-#define EXT_END \
- { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }
// X509_PURPOSE stuff
@@ -397,9 +341,7 @@
#define EXFLAG_INVALID 0x80
#define EXFLAG_SET 0x100
#define EXFLAG_CRITICAL 0x200
-#define EXFLAG_PROXY 0x400
-#define EXFLAG_INVALID_POLICY 0x800
#define EXFLAG_FRESHEST 0x1000
// Self signed
#define EXFLAG_SS 0x2000
@@ -461,28 +403,17 @@
DEFINE_STACK_OF(X509_PURPOSE)
-DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
+DECLARE_ASN1_FUNCTIONS_const(BASIC_CONSTRAINTS)
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
OPENSSL_EXPORT GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a);
-// GENERAL_NAME_cmp returns zero if |a| and |b| are equal and a non-zero
-// value otherwise. Note this function does not provide a comparison suitable
-// for sorting.
-OPENSSL_EXPORT int GENERAL_NAME_cmp(const GENERAL_NAME *a,
- const GENERAL_NAME *b);
-
-
-
-OPENSSL_EXPORT ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *nval);
-OPENSSL_EXPORT STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(
- X509V3_EXT_METHOD *method, ASN1_BIT_STRING *bits,
- STACK_OF(CONF_VALUE) *extlist);
-
// i2v_GENERAL_NAME serializes |gen| as a |CONF_VALUE|. If |ret| is non-NULL, it
// appends the value to |ret| and returns |ret| on success or NULL on error. If
// it returns NULL, the caller is still responsible for freeing |ret|. If |ret|
@@ -493,9 +424,18 @@
// human-readable print functions. If extracting a SAN list from a certificate,
// look at |gen| directly.
OPENSSL_EXPORT STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(
- X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret);
-OPENSSL_EXPORT int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen);
+ const X509V3_EXT_METHOD *method, const GENERAL_NAME *gen,
+ STACK_OF(CONF_VALUE) *ret);
+// GENERAL_NAME_print prints a human-readable representation of |gen| to |out|.
+// It returns one on success and zero on error.
+//
+// TODO(davidben): Actually, it just returns one and doesn't check for I/O or
+// allocation errors. But it should return zero on error.
+OPENSSL_EXPORT int GENERAL_NAME_print(BIO *out, const GENERAL_NAME *gen);
+
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
// i2v_GENERAL_NAMES serializes |gen| as a list of |CONF_VALUE|s. If |ret| is
@@ -508,15 +448,14 @@
// human-readable print functions. If extracting a SAN list from a certificate,
// look at |gen| directly.
OPENSSL_EXPORT STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(
- X509V3_EXT_METHOD *method, GENERAL_NAMES *gen,
+ const X509V3_EXT_METHOD *method, const GENERAL_NAMES *gen,
STACK_OF(CONF_VALUE) *extlist);
-OPENSSL_EXPORT GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *nval);
+OPENSSL_EXPORT GENERAL_NAMES *v2i_GENERAL_NAMES(
+ const X509V3_EXT_METHOD *method, const X509V3_CTX *ctx,
+ const STACK_OF(CONF_VALUE) *nval);
-DECLARE_ASN1_FUNCTIONS(OTHERNAME)
-DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
-OPENSSL_EXPORT int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b);
+DECLARE_ASN1_FUNCTIONS_const(OTHERNAME)
+DECLARE_ASN1_FUNCTIONS_const(EDIPARTYNAME)
OPENSSL_EXPORT void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type,
void *value);
OPENSSL_EXPORT void *GENERAL_NAME_get0_value(const GENERAL_NAME *a, int *ptype);
@@ -527,23 +466,35 @@
ASN1_OBJECT **poid,
ASN1_TYPE **pvalue);
-OPENSSL_EXPORT char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
- const ASN1_OCTET_STRING *ia5);
-OPENSSL_EXPORT ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(
- X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str);
+// i2s_ASN1_OCTET_STRING returns a human-readable representation of |oct| as a
+// newly-allocated, NUL-terminated string, or NULL on error. |method| is
+// ignored. The caller must release the result with |OPENSSL_free| when done.
+OPENSSL_EXPORT char *i2s_ASN1_OCTET_STRING(const X509V3_EXT_METHOD *method,
+ const ASN1_OCTET_STRING *oct);
-DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
+OPENSSL_EXPORT ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(
+ const X509V3_EXT_METHOD *method, const X509V3_CTX *ctx, const char *str);
+
+DECLARE_ASN1_FUNCTIONS_const(EXTENDED_KEY_USAGE)
OPENSSL_EXPORT int i2a_ACCESS_DESCRIPTION(BIO *bp, const ACCESS_DESCRIPTION *a);
-DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
-DECLARE_ASN1_FUNCTIONS(POLICYINFO)
-DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO)
-DECLARE_ASN1_FUNCTIONS(USERNOTICE)
-DECLARE_ASN1_FUNCTIONS(NOTICEREF)
+DECLARE_ASN1_FUNCTIONS_const(CERTIFICATEPOLICIES)
+DECLARE_ASN1_FUNCTIONS_const(POLICYINFO)
+DECLARE_ASN1_FUNCTIONS_const(POLICYQUALINFO)
+DECLARE_ASN1_FUNCTIONS_const(USERNOTICE)
+DECLARE_ASN1_FUNCTIONS_const(NOTICEREF)
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(DIST_POINT)
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
OPENSSL_EXPORT int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn,
@@ -551,7 +502,11 @@
OPENSSL_EXPORT int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc);
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
DECLARE_ASN1_ITEM(POLICY_MAPPING)
@@ -569,104 +524,184 @@
OPENSSL_EXPORT GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
const X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, int gen_type,
+ const X509V3_CTX *ctx, int gen_type,
const char *value, int is_nc);
OPENSSL_EXPORT GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, CONF_VALUE *cnf);
+ const X509V3_CTX *ctx,
+ const CONF_VALUE *cnf);
OPENSSL_EXPORT GENERAL_NAME *v2i_GENERAL_NAME_ex(
- GENERAL_NAME *out, const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
- CONF_VALUE *cnf, int is_nc);
+ GENERAL_NAME *out, const X509V3_EXT_METHOD *method, const X509V3_CTX *ctx,
+ const CONF_VALUE *cnf, int is_nc);
OPENSSL_EXPORT void X509V3_conf_free(CONF_VALUE *val);
-// X509V3_EXT_conf_nid contains the only exposed instance of an LHASH in our
-// public headers. The |conf| pointer must be NULL but cryptography.io wraps
-// this function so we cannot, yet, replace the type with a dummy struct.
-OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
- X509V3_CTX *ctx, int ext_nid,
- const char *value);
-OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx,
- int ext_nid,
- const char *value);
-OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx,
+// Deprecated config-based extension creation.
+//
+// The following functions allow specifying X.509 extensions using OpenSSL's
+// config file syntax, from the OpenSSL command-line tool. They are retained,
+// for now, for compatibility with legacy software but may be removed in the
+// future. Construct the extensions using the typed C APIs instead.
+//
+// Callers should especially avoid these functions if passing in non-constant
+// values. They use ad-hoc, string-based formats which are prone to injection
+// vulnerabilities. For a CA, this means using them risks misissuance.
+//
+// These functions are not safe to use with untrusted inputs. The string formats
+// may implicitly reference context information and, in OpenSSL (though not
+// BoringSSL), one even allows reading arbitrary files. They additionally see
+// much less testing and review than most of the library and may have bugs
+// including memory leaks or crashes.
+
+// v3_ext_ctx, aka |X509V3_CTX|, contains additional context information for
+// constructing extensions. Some string formats reference additional values in
+// these objects. It must be initialized with |X509V3_set_ctx| or
+// |X509V3_set_ctx_test| before use.
+struct v3_ext_ctx {
+ int flags;
+ const X509 *issuer_cert;
+ const X509 *subject_cert;
+ const X509_REQ *subject_req;
+ const X509_CRL *crl;
+ const CONF *db;
+};
+
+#define X509V3_CTX_TEST 0x1
+
+// X509V3_set_ctx initializes |ctx| with the specified objects. Some string
+// formats will reference fields in these objects. Each object may be NULL to
+// omit it, in which case those formats cannot be used. |flags| should be zero,
+// unless called via |X509V3_set_ctx_test|.
+//
+// |issuer|, |subject|, |req|, and |crl|, if non-NULL, must outlive |ctx|.
+OPENSSL_EXPORT void X509V3_set_ctx(X509V3_CTX *ctx, const X509 *issuer,
+ const X509 *subject, const X509_REQ *req,
+ const X509_CRL *crl, int flags);
+
+// X509V3_set_ctx_test calls |X509V3_set_ctx| without any reference objects and
+// mocks out some features that use them. The resulting extensions may be
+// incomplete and should be discarded. This can be used to partially validate
+// syntax.
+//
+// TODO(davidben): Can we remove this?
+#define X509V3_set_ctx_test(ctx) \
+ X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, X509V3_CTX_TEST)
+
+// X509V3_set_nconf sets |ctx| to use |conf| as the config database. |ctx| must
+// have previously been initialized by |X509V3_set_ctx| or
+// |X509V3_set_ctx_test|. Some string formats will reference sections in |conf|.
+// |conf| may be NULL, in which case these formats cannot be used. If non-NULL,
+// |conf| must outlive |ctx|.
+OPENSSL_EXPORT void X509V3_set_nconf(X509V3_CTX *ctx, const CONF *conf);
+
+// X509V3_set_ctx_nodb calls |X509V3_set_nconf| with no config database.
+#define X509V3_set_ctx_nodb(ctx) X509V3_set_nconf(ctx, NULL)
+
+// X509V3_EXT_nconf constructs an extension of type specified by |name|, and
+// value specified by |value|. It returns a newly-allocated |X509_EXTENSION|
+// object on success, or NULL on error. |conf| and |ctx| specify additional
+// information referenced by some formats. Either |conf| or |ctx| may be NULL,
+// in which case features which use it will be disabled.
+//
+// If non-NULL, |ctx| must be initialized with |X509V3_set_ctx| or
+// |X509V3_set_ctx_test|.
+//
+// Both |conf| and |ctx| provide a |CONF| object. When |ctx| is non-NULL, most
+// features use the |ctx| copy, configured with |X509V3_set_ctx|, but some use
+// |conf|. Callers should ensure the two match to avoid surprisingly behavior.
+OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_nconf(const CONF *conf,
+ const X509V3_CTX *ctx,
const char *name,
const char *value);
-OPENSSL_EXPORT int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx,
+
+// X509V3_EXT_nconf_nid behaves like |X509V3_EXT_nconf|, except the extension
+// type is specified as a NID.
+OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_nconf_nid(const CONF *conf,
+ const X509V3_CTX *ctx,
+ int ext_nid,
+ const char *value);
+
+// X509V3_EXT_conf_nid calls |X509V3_EXT_nconf_nid|. |conf| must be NULL.
+//
+// TODO(davidben): This is the only exposed instance of an LHASH in our public
+// headers. cryptography.io wraps this function so we cannot, yet, replace the
+// type with a dummy struct.
+OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
+ const X509V3_CTX *ctx,
+ int ext_nid,
+ const char *value);
+
+// X509V3_EXT_add_nconf_sk looks up the section named |section| in |conf|. For
+// each |CONF_VALUE| in the section, it constructs an extension as in
+// |X509V3_EXT_nconf|, taking |name| and |value| from the |CONF_VALUE|. Each new
+// extension is appended to |*sk|. If |*sk| is non-NULL, and at least one
+// extension is added, it sets |*sk| to a newly-allocated
+// |STACK_OF(X509_EXTENSION)|. It returns one on success and zero on error.
+OPENSSL_EXPORT int X509V3_EXT_add_nconf_sk(const CONF *conf,
+ const X509V3_CTX *ctx,
const char *section,
STACK_OF(X509_EXTENSION) **sk);
-OPENSSL_EXPORT int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx,
+
+// X509V3_EXT_add_nconf adds extensions to |cert| as in
+// |X509V3_EXT_add_nconf_sk|. It returns one on success and zero on error.
+OPENSSL_EXPORT int X509V3_EXT_add_nconf(const CONF *conf, const X509V3_CTX *ctx,
const char *section, X509 *cert);
-OPENSSL_EXPORT int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx,
+
+// X509V3_EXT_REQ_add_nconf adds extensions to |req| as in
+// |X509V3_EXT_add_nconf_sk|. It returns one on success and zero on error.
+OPENSSL_EXPORT int X509V3_EXT_REQ_add_nconf(const CONF *conf,
+ const X509V3_CTX *ctx,
const char *section, X509_REQ *req);
-OPENSSL_EXPORT int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx,
+
+// X509V3_EXT_CRL_add_nconf adds extensions to |crl| as in
+// |X509V3_EXT_add_nconf_sk|. It returns one on success and zero on error.
+OPENSSL_EXPORT int X509V3_EXT_CRL_add_nconf(const CONF *conf,
+ const X509V3_CTX *ctx,
const char *section, X509_CRL *crl);
-OPENSSL_EXPORT int X509V3_add_value_bool_nf(const char *name, int asn1_bool,
- STACK_OF(CONF_VALUE) **extlist);
-OPENSSL_EXPORT int X509V3_get_value_bool(const CONF_VALUE *value,
- int *asn1_bool);
-OPENSSL_EXPORT int X509V3_get_value_int(const CONF_VALUE *value,
- ASN1_INTEGER **aint);
-OPENSSL_EXPORT void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
-OPENSSL_EXPORT char *X509V3_get_string(X509V3_CTX *ctx, const char *name,
- const char *section);
-OPENSSL_EXPORT STACK_OF(CONF_VALUE) *X509V3_get_section(X509V3_CTX *ctx,
- const char *section);
-OPENSSL_EXPORT void X509V3_string_free(X509V3_CTX *ctx, char *str);
-OPENSSL_EXPORT void X509V3_section_free(X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *section);
-OPENSSL_EXPORT void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
- X509_REQ *req, X509_CRL *crl, int flags);
-
-// X509V3_add_value appends a |CONF_VALUE| containing |name| and |value| to
-// |*extlist|. It returns one on success and zero on error. If |*extlist| is
-// NULL, it sets |*extlist| to a newly-allocated |STACK_OF(CONF_VALUE)|
-// containing the result. Either |name| or |value| may be NULL to omit the
-// field.
-//
-// On failure, if |*extlist| was NULL, |*extlist| will remain NULL when the
-// function returns.
-OPENSSL_EXPORT int X509V3_add_value(const char *name, const char *value,
- STACK_OF(CONF_VALUE) **extlist);
-
-// X509V3_add_value_uchar behaves like |X509V3_add_value| but takes an
-// |unsigned char| pointer.
-OPENSSL_EXPORT int X509V3_add_value_uchar(const char *name,
- const unsigned char *value,
- STACK_OF(CONF_VALUE) **extlist);
-
-// X509V3_add_value_bool behaves like |X509V3_add_value| but stores the value
-// "TRUE" if |asn1_bool| is non-zero and "FALSE" otherwise.
-OPENSSL_EXPORT int X509V3_add_value_bool(const char *name, int asn1_bool,
- STACK_OF(CONF_VALUE) **extlist);
-
-// X509V3_add_value_bool behaves like |X509V3_add_value| but stores a string
-// representation of |aint|. Note this string representation may be decimal or
-// hexadecimal, depending on the size of |aint|.
-OPENSSL_EXPORT int X509V3_add_value_int(const char *name,
- const ASN1_INTEGER *aint,
- STACK_OF(CONF_VALUE) **extlist);
-
-OPENSSL_EXPORT char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth,
+OPENSSL_EXPORT char *i2s_ASN1_INTEGER(const X509V3_EXT_METHOD *meth,
const ASN1_INTEGER *aint);
-OPENSSL_EXPORT ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth,
+OPENSSL_EXPORT ASN1_INTEGER *s2i_ASN1_INTEGER(const X509V3_EXT_METHOD *meth,
const char *value);
-OPENSSL_EXPORT char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth,
+OPENSSL_EXPORT char *i2s_ASN1_ENUMERATED(const X509V3_EXT_METHOD *meth,
const ASN1_ENUMERATED *aint);
-OPENSSL_EXPORT char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth,
- const ASN1_ENUMERATED *aint);
-OPENSSL_EXPORT int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
-OPENSSL_EXPORT int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
-OPENSSL_EXPORT int X509V3_EXT_add_alias(int nid_to, int nid_from);
-OPENSSL_EXPORT void X509V3_EXT_cleanup(void);
+
+// X509V3_EXT_add registers |ext| as a custom extension for the extension type
+// |ext->ext_nid|. |ext| must be valid for the remainder of the address space's
+// lifetime. It returns one on success and zero on error.
+//
+// WARNING: This function modifies global state. If other code in the same
+// address space also registers an extension with type |ext->ext_nid|, the two
+// registrations will conflict. Which registration takes effect is undefined. If
+// the two registrations use incompatible in-memory representations, code
+// expecting the other registration will then cast a type to the wrong type,
+// resulting in a potentially exploitable memory error. This conflict can also
+// occur if BoringSSL later adds support for |ext->ext_nid|, with a different
+// in-memory representation than the one expected by |ext|.
+//
+// This function, additionally, is not thread-safe and cannot be called
+// concurrently with any other BoringSSL function.
+//
+// As a result, it is impossible to safely use this function. Registering a
+// custom extension has no impact on certificate verification so, instead,
+// callers should simply handle the custom extension with the byte-based
+// |X509_EXTENSION| APIs directly. Registering |ext| with the library has little
+// practical value.
+OPENSSL_EXPORT OPENSSL_DEPRECATED int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
+
+// X509V3_EXT_add_alias registers a custom extension with NID |nid_to|. The
+// corresponding ASN.1 type is copied from |nid_from|. It returns one on success
+// and zero on error.
+//
+// WARNING: Do not use this function. See |X509V3_EXT_add|.
+OPENSSL_EXPORT OPENSSL_DEPRECATED int X509V3_EXT_add_alias(int nid_to,
+ int nid_from);
OPENSSL_EXPORT const X509V3_EXT_METHOD *X509V3_EXT_get(
const X509_EXTENSION *ext);
OPENSSL_EXPORT const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
OPENSSL_EXPORT int X509V3_add_standard_extensions(void);
-OPENSSL_EXPORT STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
// X509V3_EXT_d2i decodes |ext| and returns a pointer to a newly-allocated
// structure, with type dependent on the type of the extension. It returns NULL
@@ -797,12 +832,13 @@
// hexdump.
#define X509V3_EXT_DUMP_UNKNOWN (3L << 16)
-OPENSSL_EXPORT void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val,
+OPENSSL_EXPORT void X509V3_EXT_val_prn(BIO *out,
+ const STACK_OF(CONF_VALUE) *val,
int indent, int ml);
-OPENSSL_EXPORT int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext,
+OPENSSL_EXPORT int X509V3_EXT_print(BIO *out, const X509_EXTENSION *ext,
unsigned long flag, int indent);
-OPENSSL_EXPORT int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag,
- int indent);
+OPENSSL_EXPORT int X509V3_EXT_print_fp(FILE *out, const X509_EXTENSION *ext,
+ int flag, int indent);
// X509V3_extensions_print prints |title|, followed by a human-readable
// representation of |exts| to |out|. It returns one on success and zero on
@@ -815,7 +851,7 @@
OPENSSL_EXPORT int X509_check_ca(X509 *x);
OPENSSL_EXPORT int X509_check_purpose(X509 *x, int id, int ca);
-OPENSSL_EXPORT int X509_supported_extension(X509_EXTENSION *ex);
+OPENSSL_EXPORT int X509_supported_extension(const X509_EXTENSION *ex);
OPENSSL_EXPORT int X509_PURPOSE_set(int *p, int purpose);
OPENSSL_EXPORT int X509_check_issued(X509 *issuer, X509 *subject);
OPENSSL_EXPORT int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
@@ -912,13 +948,6 @@
OPENSSL_EXPORT ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
OPENSSL_EXPORT ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc);
-OPENSSL_EXPORT int X509V3_NAME_from_section(X509_NAME *nm,
- STACK_OF(CONF_VALUE) *dn_sk,
- unsigned long chtype);
-
-OPENSSL_EXPORT void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node,
- int indent);
-DEFINE_STACK_OF(X509_POLICY_NODE)
// BEGIN ERROR CODES
// The following lines are auto generated by the script mkerr.pl. Any changes
@@ -1015,4 +1044,4 @@
#define X509V3_R_INVALID_VALUE 163
#define X509V3_R_TRAILING_DATA_IN_EXTENSION 164
-#endif
+#endif // OPENSSL_HEADER_X509V3_H
diff --git a/sysroots/generic-arm32/usr/include/trusty/sys/mman.h b/sysroots/generic-arm32/usr/include/trusty/sys/mman.h
index 1c84dd5..00612cc 100644
--- a/sysroots/generic-arm32/usr/include/trusty/sys/mman.h
+++ b/sysroots/generic-arm32/usr/include/trusty/sys/mman.h
@@ -33,6 +33,49 @@
struct dma_pmem* pmem);
int finish_dma(void* uaddr, uint32_t size, uint32_t flags);
+/* Utility Functions */
+
+/**
+ * prepare_input_output_dma() - helper utility for using the prepare_dma
+ * syscall. prepare_dma can only be called once with an address. If the same
+ * buffer is being used for input and output, we should only call prepare_dma
+ * once. This utility will handle address checking, making the prepare_dma
+ * sycall, and filling in the appropriate dma_pmem.
+ *
+ * @input pointer to input buffer
+ * @input_len length of input buffer
+ * @output pointer to output buffer
+ * @output_len length of output buffer
+ * @input_pmem pointer to input dma descriptor
+ * @output_pmem pointer to output dma descriptor
+ *
+ * Returns : LK error code
+ */
+int prepare_input_output_dma(void* input,
+ uint32_t input_len,
+ void* output,
+ uint32_t output_len,
+ struct dma_pmem* input_pmem,
+ struct dma_pmem* output_pmem);
+
+/**
+ * finish_input_output_dma() - helper utility for using the finish_dma
+ * syscalls. Depending on the input/output address, only one prepare_dma might
+ * have been called. This utility handles calling finish_dma with the correct
+ * flags and number of times.
+ *
+ * @input pointer to input buffer
+ * @input_len length of input buffer
+ * @output pointer to output buffer
+ * @output_len length of output buffer
+ *
+ * Returns : LK error code
+ */
+int finish_input_output_dma(void* input,
+ uint32_t input_len,
+ void* output,
+ uint32_t output_len);
+
#ifdef __cplusplus
}
#endif
diff --git a/sysroots/generic-arm32/usr/lib/crt1.o b/sysroots/generic-arm32/usr/lib/crt1.o
index 1fb0ab9..154dae7 100644
--- a/sysroots/generic-arm32/usr/lib/crt1.o
+++ b/sysroots/generic-arm32/usr/lib/crt1.o
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libboringssl.a b/sysroots/generic-arm32/usr/lib/libboringssl.a
index cd3eb4a..e92726d 100644
--- a/sysroots/generic-arm32/usr/lib/libboringssl.a
+++ b/sysroots/generic-arm32/usr/lib/libboringssl.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libc-ext.a b/sysroots/generic-arm32/usr/lib/libc-ext.a
index 16b5930..1ed2bde 100644
--- a/sysroots/generic-arm32/usr/lib/libc-ext.a
+++ b/sysroots/generic-arm32/usr/lib/libc-ext.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libc-trusty.a b/sysroots/generic-arm32/usr/lib/libc-trusty.a
index fcb9bda..5483c7c 100644
--- a/sysroots/generic-arm32/usr/lib/libc-trusty.a
+++ b/sysroots/generic-arm32/usr/lib/libc-trusty.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libclang_rt.builtins-arm-android.a b/sysroots/generic-arm32/usr/lib/libclang_rt.builtins-arm-android.a
index 2f4e83d..7482461 100644
--- a/sysroots/generic-arm32/usr/lib/libclang_rt.builtins-arm-android.a
+++ b/sysroots/generic-arm32/usr/lib/libclang_rt.builtins-arm-android.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libcxxabi-trusty.a b/sysroots/generic-arm32/usr/lib/libcxxabi-trusty.a
index 1b19d76..2f04dbd 100644
--- a/sysroots/generic-arm32/usr/lib/libcxxabi-trusty.a
+++ b/sysroots/generic-arm32/usr/lib/libcxxabi-trusty.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libdlmalloc.a b/sysroots/generic-arm32/usr/lib/libdlmalloc.a
index 07bd897..b6800c3 100644
--- a/sysroots/generic-arm32/usr/lib/libdlmalloc.a
+++ b/sysroots/generic-arm32/usr/lib/libdlmalloc.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libgoogletest.a b/sysroots/generic-arm32/usr/lib/libgoogletest.a
index 6d60736..fb84294 100644
--- a/sysroots/generic-arm32/usr/lib/libgoogletest.a
+++ b/sysroots/generic-arm32/usr/lib/libgoogletest.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libhwaes.a b/sysroots/generic-arm32/usr/lib/libhwaes.a
index 7f5798e..5995d39 100644
--- a/sysroots/generic-arm32/usr/lib/libhwaes.a
+++ b/sysroots/generic-arm32/usr/lib/libhwaes.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libhwkey.a b/sysroots/generic-arm32/usr/lib/libhwkey.a
index 2b3f013..cc80130 100644
--- a/sysroots/generic-arm32/usr/lib/libhwkey.a
+++ b/sysroots/generic-arm32/usr/lib/libhwkey.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libkeymaster.a b/sysroots/generic-arm32/usr/lib/libkeymaster.a
index 1d6847e..74e1e13 100644
--- a/sysroots/generic-arm32/usr/lib/libkeymaster.a
+++ b/sysroots/generic-arm32/usr/lib/libkeymaster.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/librng.a b/sysroots/generic-arm32/usr/lib/librng.a
index e7068bb..f7a7d1e 100644
--- a/sysroots/generic-arm32/usr/lib/librng.a
+++ b/sysroots/generic-arm32/usr/lib/librng.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libspi_client.a b/sysroots/generic-arm32/usr/lib/libspi_client.a
index a429a90..f80886a 100644
--- a/sysroots/generic-arm32/usr/lib/libspi_client.a
+++ b/sysroots/generic-arm32/usr/lib/libspi_client.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libspi_common.a b/sysroots/generic-arm32/usr/lib/libspi_common.a
index a957310..f0030ce 100644
--- a/sysroots/generic-arm32/usr/lib/libspi_common.a
+++ b/sysroots/generic-arm32/usr/lib/libspi_common.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libstdc++-trusty.a b/sysroots/generic-arm32/usr/lib/libstdc++-trusty.a
index 4a94066..4198bb0 100644
--- a/sysroots/generic-arm32/usr/lib/libstdc++-trusty.a
+++ b/sysroots/generic-arm32/usr/lib/libstdc++-trusty.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libstorage.a b/sysroots/generic-arm32/usr/lib/libstorage.a
index 504d31e..9155c7c 100644
--- a/sysroots/generic-arm32/usr/lib/libstorage.a
+++ b/sysroots/generic-arm32/usr/lib/libstorage.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libsyscall-stubs.a b/sysroots/generic-arm32/usr/lib/libsyscall-stubs.a
index 2270261..d405716 100644
--- a/sysroots/generic-arm32/usr/lib/libsyscall-stubs.a
+++ b/sysroots/generic-arm32/usr/lib/libsyscall-stubs.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libsystem_state.a b/sysroots/generic-arm32/usr/lib/libsystem_state.a
index 37ad6ea..6dd5eba 100644
--- a/sysroots/generic-arm32/usr/lib/libsystem_state.a
+++ b/sysroots/generic-arm32/usr/lib/libsystem_state.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libtipc.a b/sysroots/generic-arm32/usr/lib/libtipc.a
index ec6bab7..ab70fb2 100644
--- a/sysroots/generic-arm32/usr/lib/libtipc.a
+++ b/sysroots/generic-arm32/usr/lib/libtipc.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libubsan.a b/sysroots/generic-arm32/usr/lib/libubsan.a
index e484979..f8f3cf1 100644
--- a/sysroots/generic-arm32/usr/lib/libubsan.a
+++ b/sysroots/generic-arm32/usr/lib/libubsan.a
Binary files differ
diff --git a/sysroots/generic-arm32/usr/lib/libunittest.a b/sysroots/generic-arm32/usr/lib/libunittest.a
index 19b2e76..0de3031 100644
--- a/sysroots/generic-arm32/usr/lib/libunittest.a
+++ b/sysroots/generic-arm32/usr/lib/libunittest.a
Binary files differ
diff --git a/sysroots/generic-arm64/tools/apploader_package_tool b/sysroots/generic-arm64/tools/apploader_package_tool
index 3c29e6d..b48eda5 100755
--- a/sysroots/generic-arm64/tools/apploader_package_tool
+++ b/sysroots/generic-arm64/tools/apploader_package_tool
Binary files differ
diff --git a/sysroots/generic-arm64/tools/manifest_compiler.py b/sysroots/generic-arm64/tools/manifest_compiler.py
index 0d4efc3..397f542 100755
--- a/sysroots/generic-arm64/tools/manifest_compiler.py
+++ b/sysroots/generic-arm64/tools/manifest_compiler.py
@@ -70,6 +70,7 @@
"pinned_cpu": 3,
"priority" : 10,
"version": 1,
+ "min_version": 1,
"apploader_flags": {
"requires_encryption": false
}
@@ -132,6 +133,7 @@
PINNED_CPU = "pinned_cpu"
PRIORITY = "priority"
VERSION = "version"
+MIN_VERSION = "min_version"
APPLOADER_FLAGS = "apploader_flags"
APPLOADER_FLAGS_REQUIRES_ENCRYPTION = "requires_encryption"
@@ -159,6 +161,7 @@
TRUSTY_APP_CONFIG_KEY_MIN_SHADOW_STACK_SIZE = 8
TRUSTY_APP_CONFIG_KEY_APPLOADER_FLAGS = 9
TRUSTY_APP_CONFIG_KEY_PRIORITY = 10
+TRUSTY_APP_CONFIG_KEY_MIN_VERSION = 11
# MEM_MAP ARCH_MMU_FLAGS
# These values need to be kept in sync with external/lk/include/arch/mmu.h
@@ -253,6 +256,7 @@
pinned_cpu,
priority,
version,
+ min_version,
apploader_flags,
):
self.uuid = uuid
@@ -266,6 +270,7 @@
self.pinned_cpu = pinned_cpu
self.priority = priority
self.version = version
+ self.min_version = min_version
self.apploader_flags = apploader_flags
@@ -713,6 +718,15 @@
# VERSION
version = get_int(manifest_dict, VERSION, constants, log, optional=True)
+ # MIN_VERSION
+ min_version = get_int(manifest_dict, MIN_VERSION, constants, log, optional=True)
+
+ if min_version is not None:
+ if version is None:
+ log.error("'min_version' cannot be specified without 'version'")
+ elif version < min_version:
+ log.error("'version' cannot be less than 'min_version'")
+
# APPLOADER_FLAGS
apploader_flags = parse_apploader_flags(
get_dict(manifest_dict, APPLOADER_FLAGS, log, optional=True,
@@ -728,7 +742,7 @@
return Manifest(uuid, app_name, min_heap, min_stack, min_shadow_stack,
mem_io_maps, mgmt_flags, start_ports, pinned_cpu,
- priority, version, apploader_flags)
+ priority, version, min_version, apploader_flags)
def swap_uuid_bytes(uuid):
@@ -812,6 +826,7 @@
# TRUSTY_APP_CONFIG_KEY_PINNED_CPU, pinned_cpu
# TRUSTY_APP_CONFIG_KEY_PRIORITY, priority
# TRUSTY_APP_CONFIG_KEY_VERSION, version
+ # TRUSTY_APP_CONFIG_KEY_MIN_VERSION, min_version
# TRUSTY_APP_CONFIG_KEY_MIN_SHADOW_STACK_SIZE, min_shadow_stack,
# TRUSTY_APP_CONFIG_KEY_APPLOADER_FLAGS, apploader_flags,
# }
@@ -865,6 +880,11 @@
TRUSTY_APP_CONFIG_KEY_VERSION,
manifest.version))
+ if manifest.min_version is not None:
+ out.write(struct.pack("II",
+ TRUSTY_APP_CONFIG_KEY_MIN_VERSION,
+ manifest.min_version))
+
if manifest.min_shadow_stack is not None:
out.write(struct.pack("II",
TRUSTY_APP_CONFIG_KEY_MIN_SHADOW_STACK_SIZE,
@@ -1019,6 +1039,11 @@
(version,), packed_data = struct.unpack(
"I", packed_data[:4]), packed_data[4:]
manifest[VERSION] = version
+ elif tag == TRUSTY_APP_CONFIG_KEY_MIN_VERSION:
+ assert MIN_VERSION not in manifest
+ (min_version,), packed_data = struct.unpack(
+ "I", packed_data[:4]), packed_data[4:]
+ manifest[MIN_VERSION] = min_version
elif tag == TRUSTY_APP_CONFIG_KEY_APPLOADER_FLAGS:
assert APPLOADER_FLAGS not in manifest
(flag,), packed_data = struct.unpack(
diff --git a/sysroots/generic-arm64/usr/include/openssl/aead.h b/sysroots/generic-arm64/usr/include/openssl/aead.h
index 5486b4b..2633880 100644
--- a/sysroots/generic-arm64/usr/include/openssl/aead.h
+++ b/sysroots/generic-arm64/usr/include/openssl/aead.h
@@ -180,6 +180,10 @@
// v1.0.
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_ccm_bluetooth_8(void);
+// EVP_aead_aes_128_ccm_matter is AES-128-CCM with M=16 and L=2 (16-byte tags
+// and 13-byte nonces), as used in the Matter specification.
+OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_ccm_matter(void);
+
// EVP_has_aes_hardware returns one if we enable hardware support for fast and
// constant-time AES-GCM.
OPENSSL_EXPORT int EVP_has_aes_hardware(void);
@@ -404,8 +408,6 @@
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls(void);
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_des_ede3_cbc_sha1_tls_implicit_iv(void);
-OPENSSL_EXPORT const EVP_AEAD *EVP_aead_null_sha1_tls(void);
-
// EVP_aead_aes_128_gcm_tls12 is AES-128 in Galois Counter Mode using the TLS
// 1.2 nonce construction.
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_gcm_tls12(void);
diff --git a/sysroots/generic-arm64/usr/include/openssl/asn1.h b/sysroots/generic-arm64/usr/include/openssl/asn1.h
index 5ae0064..d128c8d 100644
--- a/sysroots/generic-arm64/usr/include/openssl/asn1.h
+++ b/sysroots/generic-arm64/usr/include/openssl/asn1.h
@@ -55,8 +55,8 @@
* [including the GNU Public Licence.]
*/
-#ifndef HEADER_ASN1_H
-#define HEADER_ASN1_H
+#ifndef OPENSSL_HEADER_ASN1_H
+#define OPENSSL_HEADER_ASN1_H
#include <openssl/base.h>
@@ -213,38 +213,10 @@
//
// Note: If |out| and |*out| are both non-NULL, the object at |*out| is not
// updated in-place. Instead, it is freed, and the pointer is updated to the
-// new object. This differs from OpenSSL, which behaves more like
-// |d2i_SAMPLE_with_reuse|. Callers are recommended to set |out| to NULL and
-// instead use the return value.
+// new object. This differs from OpenSSL. Callers are recommended to set |out|
+// to NULL and instead use the return value.
SAMPLE *d2i_SAMPLE(SAMPLE **out, const uint8_t **inp, long len);
-// d2i_SAMPLE_with_reuse parses a structure from up to |len| bytes at |*inp|. On
-// success, it advances |*inp| by the number of bytes read and returns a
-// non-NULL pointer to an object containing the parsed structure. The object is
-// determined from |out| as follows:
-//
-// If |out| is NULL, the function places the result in a newly-allocated
-// |SAMPLE| object and returns it. This mode is recommended.
-//
-// If |out| is non-NULL, but |*out| is NULL, the function also places the result
-// in a newly-allocated |SAMPLE| object. It sets |*out| to this object and also
-// returns it.
-//
-// If |out| and |*out| are both non-NULL, the function updates the object at
-// |*out| in-place with the result and returns |*out|.
-//
-// If any of the above fail, the function returns NULL.
-//
-// This function does not reject trailing data in the input. This allows the
-// caller to parse a sequence of concatenated structures. Callers parsing only
-// one structure should check for trailing data by comparing the updated |*inp|
-// with the end of the input.
-//
-// WARNING: Callers should not rely on the in-place update mode. It often
-// produces the wrong result or breaks the type's internal invariants. Future
-// revisions of BoringSSL may standardize on the |d2i_SAMPLE| behavior.
-SAMPLE *d2i_SAMPLE_with_reuse(SAMPLE **out, const uint8_t **inp, long len);
-
// i2d_SAMPLE marshals |in|. On error, it returns a negative value. On success,
// it returns the length of the result and outputs it via |outp| as follows:
//
@@ -348,8 +320,8 @@
OPENSSL_EXPORT void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
// ASN1_item_d2i parses the ASN.1 type |it| from up to |len| bytes at |*inp|.
-// It behaves like |d2i_SAMPLE_with_reuse|, except that |out| and the return
-// value are cast to |ASN1_VALUE| pointers.
+// It behaves like |d2i_SAMPLE|, except that |out| and the return value are cast
+// to |ASN1_VALUE| pointers.
//
// TODO(https://crbug.com/boringssl/444): C strict aliasing forbids type-punning
// |T*| and |ASN1_VALUE*| the way this function signature does. When that bug is
@@ -447,10 +419,22 @@
// integer type. FALSE is zero, TRUE is 0xff, and an omitted OPTIONAL BOOLEAN is
// -1.
+// ASN1_BOOLEAN_FALSE is FALSE as an |ASN1_BOOLEAN|.
+#define ASN1_BOOLEAN_FALSE 0
+
+// ASN1_BOOLEAN_TRUE is TRUE as an |ASN1_BOOLEAN|. Some code incorrectly uses
+// 1, so prefer |b != ASN1_BOOLEAN_FALSE| over |b == ASN1_BOOLEAN_TRUE|.
+#define ASN1_BOOLEAN_TRUE 0xff
+
+// ASN1_BOOLEAN_NONE, in contexts where the |ASN1_BOOLEAN| represents an
+// OPTIONAL BOOLEAN, is an omitted value. Using this value in other contexts is
+// undefined and may be misinterpreted as TRUE.
+#define ASN1_BOOLEAN_NONE (-1)
+
// d2i_ASN1_BOOLEAN parses a DER-encoded ASN.1 BOOLEAN from up to |len| bytes at
// |*inp|. On success, it advances |*inp| by the number of bytes read and
// returns the result. If |out| is non-NULL, it additionally writes the result
-// to |*out|. On error, it returns -1.
+// to |*out|. On error, it returns |ASN1_BOOLEAN_NONE|.
//
// This function does not reject trailing data in the input. This allows the
// caller to parse a sequence of concatenated structures. Callers parsing only
@@ -459,9 +443,6 @@
//
// WARNING: This function's is slightly different from other |d2i_*| functions
// because |ASN1_BOOLEAN| is not a pointer type.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
OPENSSL_EXPORT ASN1_BOOLEAN d2i_ASN1_BOOLEAN(ASN1_BOOLEAN *out,
const unsigned char **inp,
long len);
@@ -472,7 +453,8 @@
// The following |ASN1_ITEM|s have ASN.1 type BOOLEAN and C type |ASN1_BOOLEAN|.
// |ASN1_TBOOLEAN| and |ASN1_FBOOLEAN| must be marked OPTIONAL. When omitted,
-// they are parsed as TRUE and FALSE, respectively, rather than -1.
+// they are parsed as TRUE and FALSE, respectively, rather than
+// |ASN1_BOOLEAN_NONE|.
DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
@@ -485,31 +467,39 @@
// |ASN1_STRING|, to represent most values.
// An asn1_string_st (aka |ASN1_STRING|) represents a value of a string-like
-// ASN.1 type. It contains a type field, and a byte string data field with a
+// ASN.1 type. It contains a |type| field, and a byte string |data| field with a
// type-specific representation.
//
-// When representing a string value, the type field is one of
-// |V_ASN1_OCTET_STRING|, |V_ASN1_UTF8STRING|, |V_ASN1_NUMERICSTRING|,
-// |V_ASN1_PRINTABLESTRING|, |V_ASN1_T61STRING|, |V_ASN1_VIDEOTEXSTRING|,
-// |V_ASN1_IA5STRING|, |V_ASN1_GRAPHICSTRING|, |V_ASN1_ISO64STRING|,
-// |V_ASN1_VISIBLESTRING|, |V_ASN1_GENERALSTRING|, |V_ASN1_UNIVERSALSTRING|, or
-// |V_ASN1_BMPSTRING|. The data contains the byte representation of of the
+// If |type| is one of |V_ASN1_OCTET_STRING|, |V_ASN1_UTF8STRING|,
+// |V_ASN1_NUMERICSTRING|, |V_ASN1_PRINTABLESTRING|, |V_ASN1_T61STRING|,
+// |V_ASN1_VIDEOTEXSTRING|, |V_ASN1_IA5STRING|, |V_ASN1_GRAPHICSTRING|,
+// |V_ASN1_ISO64STRING|, |V_ASN1_VISIBLESTRING|, |V_ASN1_GENERALSTRING|,
+// |V_ASN1_UNIVERSALSTRING|, or |V_ASN1_BMPSTRING|, the object represents an
+// ASN.1 string type. The data contains the byte representation of the
// string.
//
-// When representing a BIT STRING value, the type field is |V_ASN1_BIT_STRING|.
-// See bit string documentation below for how the data and flags are used.
+// If |type| is |V_ASN1_BIT_STRING|, the object represents a BIT STRING value.
+// See bit string documentation below for the data and flags.
//
-// When representing an INTEGER or ENUMERATED value, the type field is one of
-// |V_ASN1_INTEGER|, |V_ASN1_NEG_INTEGER|, |V_ASN1_ENUMERATED|, or
-// |V_ASN1_NEG_ENUMERATED|. See integer documentation below for details.
+// If |type| is one of |V_ASN1_INTEGER|, |V_ASN1_NEG_INTEGER|,
+// |V_ASN1_ENUMERATED|, or |V_ASN1_NEG_ENUMERATED|, the object represents an
+// INTEGER or ENUMERATED value. See integer documentation below for details.
//
-// When representing a GeneralizedTime or UTCTime value, the type field is
-// |V_ASN1_GENERALIZEDTIME| or |V_ASN1_UTCTIME|, respectively. The data contains
-// the DER encoding of the value. For example, the UNIX epoch would be
+// If |type| is |V_ASN1_GENERALIZEDTIME| or |V_ASN1_UTCTIME|, the object
+// represents a GeneralizedTime or UTCTime value, respectively. The data
+// contains the DER encoding of the value. For example, the UNIX epoch would be
// "19700101000000Z" for a GeneralizedTime and "700101000000Z" for a UTCTime.
//
-// |ASN1_STRING|, when stored in an |ASN1_TYPE|, may also represent an element
-// with tag not directly supported by this library. See |ASN1_TYPE| for details.
+// If |type| is |V_ASN1_SEQUENCE|, |V_ASN1_SET|, or |V_ASN1_OTHER|, the object
+// represents a SEQUENCE, SET, or arbitrary ASN.1 value, respectively. Unlike
+// the above cases, the data contains the DER encoding of the entire structure,
+// including the header. If the value is explicitly or implicitly tagged, this
+// too will be reflected in the data field. As this case handles unknown types,
+// the contents are not checked when parsing or serializing.
+//
+// Other values of |type| do not represent a valid ASN.1 value, though
+// default-constructed objects may set |type| to -1. Such objects cannot be
+// serialized.
//
// |ASN1_STRING| additionally has the following typedefs: |ASN1_BIT_STRING|,
// |ASN1_BMPSTRING|, |ASN1_ENUMERATED|, |ASN1_GENERALIZEDTIME|,
@@ -526,15 +516,14 @@
// |ASN1_STRING_length|.
//
// If a function returns an |ASN1_STRING| where the typedef or ASN.1 structure
-// implies constraints on the type field, callers may assume that the type field
-// is correct. However, if a function takes an |ASN1_STRING| as input, callers
-// must ensure the type field matches. These invariants are not captured by the
-// C type system and may not be checked at runtime. For example, callers may
-// assume the output of |X509_get0_serialNumber| has type |V_ASN1_INTEGER| or
-// |V_ASN1_NEG_INTEGER|. Callers must not pass a string of type
-// |V_ASN1_OCTET_STRING| to |X509_set_serialNumber|. Doing so may break
-// invariants on the |X509| object and break the |X509_get0_serialNumber|
-// invariant.
+// implies constraints on |type|, callers may assume that |type| is correct.
+// However, if a function takes an |ASN1_STRING| as input, callers must ensure
+// |type| matches. These invariants are not captured by the C type system and
+// may not be checked at runtime. For example, callers may assume the output of
+// |X509_get0_serialNumber| has type |V_ASN1_INTEGER| or |V_ASN1_NEG_INTEGER|.
+// Callers must not pass a string of type |V_ASN1_OCTET_STRING| to
+// |X509_set_serialNumber|. Doing so may break invariants on the |X509| object
+// and break the |X509_get0_serialNumber| invariant.
//
// TODO(https://crbug.com/boringssl/445): This is very unfriendly. Getting the
// type field wrong should not cause memory errors, but it may do strange
@@ -608,7 +597,8 @@
// |data|. It returns one on success and zero on error. If |data| is NULL, it
// updates the length and allocates the buffer as needed, but does not
// initialize the contents.
-OPENSSL_EXPORT int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
+OPENSSL_EXPORT int ASN1_STRING_set(ASN1_STRING *str, const void *data,
+ ossl_ssize_t len);
// ASN1_STRING_set0 sets the contents of |str| to |len| bytes from |data|. It
// takes ownership of |data|, which must have been allocated with
@@ -640,10 +630,7 @@
// The following functions parse up to |len| bytes from |*inp| as a
// DER-encoded ASN.1 value of the corresponding type, as described in
-// |d2i_SAMPLE_with_reuse|.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
+// |d2i_SAMPLE|.
OPENSSL_EXPORT ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **out,
const uint8_t **inp,
long len);
@@ -753,15 +740,17 @@
// the result. If |out| is NULL, it returns the selected output type without
// constructing an |ASN1_STRING|. On error, this function returns -1.
OPENSSL_EXPORT int ASN1_mbstring_copy(ASN1_STRING **out, const uint8_t *in,
- int len, int inform, unsigned long mask);
+ ossl_ssize_t len, int inform,
+ unsigned long mask);
// ASN1_mbstring_ncopy behaves like |ASN1_mbstring_copy| but returns an error if
// the input is less than |minsize| or greater than |maxsize| codepoints long. A
// |maxsize| value of zero is ignored. Note the sizes are measured in
// codepoints, not output bytes.
OPENSSL_EXPORT int ASN1_mbstring_ncopy(ASN1_STRING **out, const uint8_t *in,
- int len, int inform, unsigned long mask,
- long minsize, long maxsize);
+ ossl_ssize_t len, int inform,
+ unsigned long mask, ossl_ssize_t minsize,
+ ossl_ssize_t maxsize);
// ASN1_STRING_set_by_NID behaves like |ASN1_mbstring_ncopy|, but determines
// |mask|, |minsize|, and |maxsize| based on |nid|. When |nid| is a recognized
@@ -787,7 +776,7 @@
// to call |ASN1_mbstring_ncopy| directly instead.
OPENSSL_EXPORT ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
const unsigned char *in,
- int len, int inform,
+ ossl_ssize_t len, int inform,
int nid);
// STABLE_NO_MASK causes |ASN1_STRING_TABLE_add| to allow types other than
@@ -832,7 +821,7 @@
OPENSSL_EXPORT void DIRECTORYSTRING_free(ASN1_STRING *str);
// d2i_DIRECTORYSTRING parses up to |len| bytes from |*inp| as a DER-encoded
-// X.509 DirectoryString (RFC 5280), as described in |d2i_SAMPLE_with_reuse|.
+// X.509 DirectoryString (RFC 5280), as described in |d2i_SAMPLE|.
//
// TODO(https://crbug.com/boringssl/354): This function currently also accepts
// BER, but this will be removed in the future.
@@ -865,7 +854,7 @@
OPENSSL_EXPORT void DISPLAYTEXT_free(ASN1_STRING *str);
// d2i_DISPLAYTEXT parses up to |len| bytes from |*inp| as a DER-encoded X.509
-// DisplayText (RFC 5280), as described in |d2i_SAMPLE_with_reuse|.
+// DisplayText (RFC 5280), as described in |d2i_SAMPLE|.
//
// TODO(https://crbug.com/boringssl/354): This function currently also accepts
// BER, but this will be removed in the future.
@@ -926,10 +915,7 @@
OPENSSL_EXPORT void ASN1_BIT_STRING_free(ASN1_BIT_STRING *str);
// d2i_ASN1_BIT_STRING parses up to |len| bytes from |*inp| as a DER-encoded
-// ASN.1 BIT STRING, as described in |d2i_SAMPLE_with_reuse|.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
+// ASN.1 BIT STRING, as described in |d2i_SAMPLE|.
OPENSSL_EXPORT ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **out,
const uint8_t **inp,
long len);
@@ -941,11 +927,7 @@
// c2i_ASN1_BIT_STRING decodes |len| bytes from |*inp| as the contents of a
// DER-encoded BIT STRING, excluding the tag and length. It behaves like
-// |d2i_SAMPLE_with_reuse| except, on success, it always consumes all |len|
-// bytes.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
+// |d2i_SAMPLE| except, on success, it always consumes all |len| bytes.
OPENSSL_EXPORT ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **out,
const uint8_t **inp,
long len);
@@ -985,7 +967,8 @@
// TODO(davidben): Maybe it should? Wrapping a byte string in a bit string is a
// common use case.
OPENSSL_EXPORT int ASN1_BIT_STRING_set(ASN1_BIT_STRING *str,
- const unsigned char *d, int length);
+ const unsigned char *d,
+ ossl_ssize_t length);
// ASN1_BIT_STRING_set_bit sets bit |n| of |str| to one if |value| is non-zero
// and zero if |value| is zero, resizing |str| as needed. It then truncates
@@ -1036,10 +1019,7 @@
OPENSSL_EXPORT ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x);
// d2i_ASN1_INTEGER parses up to |len| bytes from |*inp| as a DER-encoded
-// ASN.1 INTEGER, as described in |d2i_SAMPLE_with_reuse|.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
+// ASN.1 INTEGER, as described in |d2i_SAMPLE|.
OPENSSL_EXPORT ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **out,
const uint8_t **inp, long len);
@@ -1049,11 +1029,7 @@
// c2i_ASN1_INTEGER decodes |len| bytes from |*inp| as the contents of a
// DER-encoded INTEGER, excluding the tag and length. It behaves like
-// |d2i_SAMPLE_with_reuse| except, on success, it always consumes all |len|
-// bytes.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// some invalid inputs, but this will be removed in the future.
+// |d2i_SAMPLE| except, on success, it always consumes all |len| bytes.
OPENSSL_EXPORT ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **in,
const uint8_t **outp, long len);
@@ -1080,9 +1056,9 @@
// on success and zero on error.
OPENSSL_EXPORT int ASN1_INTEGER_set_uint64(ASN1_INTEGER *out, uint64_t v);
-// ASN1_INTEGER_set sets |a| to an INTEGER with value |v|. It returns one on
-// success and zero on error.
-OPENSSL_EXPORT int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
+// ASN1_INTEGER_set_int64 sets |a| to an INTEGER with value |v|. It returns one
+// on success and zero on error.
+OPENSSL_EXPORT int ASN1_INTEGER_set_int64(ASN1_INTEGER *out, int64_t v);
// ASN1_INTEGER_get_uint64 converts |a| to a |uint64_t|. On success, it returns
// one and sets |*out| to the result. If |a| did not fit or has the wrong type,
@@ -1090,12 +1066,10 @@
OPENSSL_EXPORT int ASN1_INTEGER_get_uint64(uint64_t *out,
const ASN1_INTEGER *a);
-// ASN1_INTEGER_get returns the value of |a| as a |long|, or -1 if |a| is out of
-// range or the wrong type.
-//
-// WARNING: This function's return value cannot distinguish errors from -1.
-// Prefer |ASN1_INTEGER_get_uint64|.
-OPENSSL_EXPORT long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+// ASN1_INTEGER_get_int64 converts |a| to a |int64_t|. On success, it returns
+// one and sets |*out| to the result. If |a| did not fit or has the wrong type,
+// it returns zero.
+OPENSSL_EXPORT int ASN1_INTEGER_get_int64(int64_t *out, const ASN1_INTEGER *a);
// BN_to_ASN1_INTEGER sets |ai| to an INTEGER with value |bn| and returns |ai|
// on success or NULL or error. If |ai| is NULL, it returns a newly-allocated
@@ -1123,10 +1097,7 @@
OPENSSL_EXPORT void ASN1_ENUMERATED_free(ASN1_ENUMERATED *str);
// d2i_ASN1_ENUMERATED parses up to |len| bytes from |*inp| as a DER-encoded
-// ASN.1 ENUMERATED, as described in |d2i_SAMPLE_with_reuse|.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
+// ASN.1 ENUMERATED, as described in |d2i_SAMPLE|.
OPENSSL_EXPORT ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **out,
const uint8_t **inp,
long len);
@@ -1144,9 +1115,9 @@
// returns one on success and zero on error.
OPENSSL_EXPORT int ASN1_ENUMERATED_set_uint64(ASN1_ENUMERATED *out, uint64_t v);
-// ASN1_ENUMERATED_set sets |a| to an ENUMERATED with value |v|. It returns one
-// on success and zero on error.
-OPENSSL_EXPORT int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+// ASN1_ENUMERATED_set_int64 sets |a| to an ENUMERATED with value |v|. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int ASN1_ENUMERATED_set_int64(ASN1_ENUMERATED *out, int64_t v);
// ASN1_ENUMERATED_get_uint64 converts |a| to a |uint64_t|. On success, it
// returns one and sets |*out| to the result. If |a| did not fit or has the
@@ -1154,12 +1125,11 @@
OPENSSL_EXPORT int ASN1_ENUMERATED_get_uint64(uint64_t *out,
const ASN1_ENUMERATED *a);
-// ASN1_ENUMERATED_get returns the value of |a| as a |long|, or -1 if |a| is out
-// of range or the wrong type.
-//
-// WARNING: This function's return value cannot distinguish errors from -1.
-// Prefer |ASN1_ENUMERATED_get_uint64|.
-OPENSSL_EXPORT long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+// ASN1_ENUMERATED_get_int64 converts |a| to a |int64_t|. On success, it
+// returns one and sets |*out| to the result. If |a| did not fit or has the
+// wrong type, it returns zero.
+OPENSSL_EXPORT int ASN1_ENUMERATED_get_int64(int64_t *out,
+ const ASN1_ENUMERATED *a);
// BN_to_ASN1_ENUMERATED sets |ai| to an ENUMERATED with value |bn| and returns
// |ai| on success or NULL or error. If |ai| is NULL, it returns a
@@ -1202,7 +1172,7 @@
OPENSSL_EXPORT void ASN1_UTCTIME_free(ASN1_UTCTIME *str);
// d2i_ASN1_UTCTIME parses up to |len| bytes from |*inp| as a DER-encoded
-// ASN.1 UTCTime, as described in |d2i_SAMPLE_with_reuse|.
+// ASN.1 UTCTime, as described in |d2i_SAMPLE|.
//
// TODO(https://crbug.com/boringssl/354): This function currently also accepts
// BER, but this will be removed in the future.
@@ -1220,20 +1190,23 @@
// ASN1_UTCTIME_check returns one if |a| is a valid UTCTime and zero otherwise.
OPENSSL_EXPORT int ASN1_UTCTIME_check(const ASN1_UTCTIME *a);
-// ASN1_UTCTIME_set represents |t| as a UTCTime and writes the result to |s|. It
-// returns |s| on success and NULL on error. If |s| is NULL, it returns a
-// newly-allocated |ASN1_UTCTIME| instead.
+// ASN1_UTCTIME_set represents |posix_time| as a UTCTime and writes the result
+// to |s|. It returns |s| on success and NULL on error. If |s| is NULL, it
+// returns a newly-allocated |ASN1_UTCTIME| instead.
//
// Note this function may fail if the time is out of range for UTCTime.
-OPENSSL_EXPORT ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+OPENSSL_EXPORT ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,
+ int64_t posix_time);
-// ASN1_UTCTIME_adj adds |offset_day| days and |offset_sec| seconds to |t| and
-// writes the result to |s| as a UTCTime. It returns |s| on success and NULL on
-// error. If |s| is NULL, it returns a newly-allocated |ASN1_UTCTIME| instead.
+// ASN1_UTCTIME_adj adds |offset_day| days and |offset_sec| seconds to
+// |posix_time| and writes the result to |s| as a UTCTime. It returns |s| on
+// success and NULL on error. If |s| is NULL, it returns a newly-allocated
+// |ASN1_UTCTIME| instead.
//
// Note this function may fail if the time overflows or is out of range for
// UTCTime.
-OPENSSL_EXPORT ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+OPENSSL_EXPORT ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s,
+ int64_t posix_time,
int offset_day, long offset_sec);
// ASN1_UTCTIME_set_string sets |s| to a UTCTime whose contents are a copy of
@@ -1256,10 +1229,7 @@
OPENSSL_EXPORT void ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *str);
// d2i_ASN1_GENERALIZEDTIME parses up to |len| bytes from |*inp| as a
-// DER-encoded ASN.1 GeneralizedTime, as described in |d2i_SAMPLE_with_reuse|.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
+// DER-encoded ASN.1 GeneralizedTime, as described in |d2i_SAMPLE|.
OPENSSL_EXPORT ASN1_GENERALIZEDTIME *d2i_ASN1_GENERALIZEDTIME(
ASN1_GENERALIZEDTIME **out, const uint8_t **inp, long len);
@@ -1276,23 +1246,24 @@
// zero otherwise.
OPENSSL_EXPORT int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *a);
-// ASN1_GENERALIZEDTIME_set represents |t| as a GeneralizedTime and writes the
-// result to |s|. It returns |s| on success and NULL on error. If |s| is NULL,
-// it returns a newly-allocated |ASN1_GENERALIZEDTIME| instead.
+// ASN1_GENERALIZEDTIME_set represents |posix_time| as a GeneralizedTime and
+// writes the result to |s|. It returns |s| on success and NULL on error. If |s|
+// is NULL, it returns a newly-allocated |ASN1_GENERALIZEDTIME| instead.
//
// Note this function may fail if the time is out of range for GeneralizedTime.
OPENSSL_EXPORT ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(
- ASN1_GENERALIZEDTIME *s, time_t t);
+ ASN1_GENERALIZEDTIME *s, int64_t posix_time);
// ASN1_GENERALIZEDTIME_adj adds |offset_day| days and |offset_sec| seconds to
-// |t| and writes the result to |s| as a GeneralizedTime. It returns |s| on
-// success and NULL on error. If |s| is NULL, it returns a newly-allocated
-// |ASN1_GENERALIZEDTIME| instead.
+// |posix_time| and writes the result to |s| as a GeneralizedTime. It returns
+// |s| on success and NULL on error. If |s| is NULL, it returns a
+// newly-allocated |ASN1_GENERALIZEDTIME| instead.
//
// Note this function may fail if the time overflows or is out of range for
// GeneralizedTime.
OPENSSL_EXPORT ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(
- ASN1_GENERALIZEDTIME *s, time_t t, int offset_day, long offset_sec);
+ ASN1_GENERALIZEDTIME *s, int64_t posix_time, int offset_day,
+ long offset_sec);
// ASN1_GENERALIZEDTIME_set_string sets |s| to a GeneralizedTime whose contents
// are a copy of |str|. It returns one on success and zero on error or if |str|
@@ -1314,7 +1285,7 @@
OPENSSL_EXPORT void ASN1_TIME_free(ASN1_TIME *str);
// d2i_ASN1_TIME parses up to |len| bytes from |*inp| as a DER-encoded X.509
-// Time (RFC 5280), as described in |d2i_SAMPLE_with_reuse|.
+// Time (RFC 5280), as described in |d2i_SAMPLE|.
//
// TODO(https://crbug.com/boringssl/354): This function currently also accepts
// BER, but this will be removed in the future.
@@ -1342,24 +1313,29 @@
OPENSSL_EXPORT int ASN1_TIME_diff(int *out_days, int *out_seconds,
const ASN1_TIME *from, const ASN1_TIME *to);
-// ASN1_TIME_set represents |t| as a GeneralizedTime or UTCTime and writes
-// the result to |s|. As in RFC 5280, section 4.1.2.5, it uses UTCTime when the
-// time fits and GeneralizedTime otherwise. It returns |s| on success and NULL
-// on error. If |s| is NULL, it returns a newly-allocated |ASN1_TIME| instead.
-//
-// Note this function may fail if the time is out of range for GeneralizedTime.
-OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
-
-// ASN1_TIME_adj adds |offset_day| days and |offset_sec| seconds to
-// |t| and writes the result to |s|. As in RFC 5280, section 4.1.2.5, it uses
+// ASN1_TIME_set_posix represents |posix_time| as a GeneralizedTime or UTCTime
+// and writes the result to |s|. As in RFC 5280, section 4.1.2.5, it uses
// UTCTime when the time fits and GeneralizedTime otherwise. It returns |s| on
// success and NULL on error. If |s| is NULL, it returns a newly-allocated
-// |ASN1_GENERALIZEDTIME| instead.
+// |ASN1_TIME| instead.
+//
+// Note this function may fail if the time is out of range for GeneralizedTime.
+OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_set_posix(ASN1_TIME *s, int64_t posix_time);
+
+// ASN1_TIME_set is exactly the same as |ASN1_TIME_set_posix| but with a
+// time_t as input for compatibility.
+OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t time);
+
+// ASN1_TIME_adj adds |offset_day| days and |offset_sec| seconds to
+// |posix_time| and writes the result to |s|. As in RFC 5280, section 4.1.2.5,
+// it uses UTCTime when the time fits and GeneralizedTime otherwise. It returns
+// |s| on success and NULL on error. If |s| is NULL, it returns a
+// newly-allocated |ASN1_GENERALIZEDTIME| instead.
//
// Note this function may fail if the time overflows or is out of range for
// GeneralizedTime.
-OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
- long offset_sec);
+OPENSSL_EXPORT ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, int64_t posix_time,
+ int offset_day, long offset_sec);
// ASN1_TIME_check returns one if |t| is a valid UTCTime or GeneralizedTime, and
// zero otherwise. |t|'s type determines which check is performed. This
@@ -1379,6 +1355,15 @@
// GeneralizedTime. If |str| is neither, it returns zero.
OPENSSL_EXPORT int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+// ASN1_TIME_to_time_t converts |t| to a time_t value in |out|. On
+// success, one is returned. On failure zero is returned. This function
+// will fail if the time can not be represented in a time_t.
+OPENSSL_EXPORT int ASN1_TIME_to_time_t(const ASN1_TIME *t, time_t *out);
+
+// ASN1_TIME_to_posix converts |t| to a POSIX time value in |out|. On
+// success, one is returned. On failure zero is returned.
+OPENSSL_EXPORT int ASN1_TIME_to_posix(const ASN1_TIME *t, int64_t *out);
+
// TODO(davidben): Expand and document function prototypes generated in macros.
@@ -1398,9 +1383,6 @@
// d2i_ASN1_NULL parses a DER-encoded ASN.1 NULL value from up to |len| bytes
// at |*inp|, as described in |d2i_SAMPLE|.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
OPENSSL_EXPORT ASN1_NULL *d2i_ASN1_NULL(ASN1_NULL **out, const uint8_t **inp,
long len);
@@ -1435,7 +1417,7 @@
// TODO(davidben): Should we just ignore all those parameters? NIDs and names
// are only relevant for |ASN1_OBJECT|s in the obj.h table.
OPENSSL_EXPORT ASN1_OBJECT *ASN1_OBJECT_create(int nid, const uint8_t *data,
- int len, const char *sn,
+ size_t len, const char *sn,
const char *ln);
// ASN1_OBJECT_free releases memory associated with |a|. If |a| is a static
@@ -1443,21 +1425,17 @@
OPENSSL_EXPORT void ASN1_OBJECT_free(ASN1_OBJECT *a);
// d2i_ASN1_OBJECT parses a DER-encoded ASN.1 OBJECT IDENTIFIER from up to |len|
-// bytes at |*inp|, as described in |d2i_SAMPLE_with_reuse|.
-//
-// TODO(https://crbug.com/boringssl/354): This function currently also accepts
-// BER, but this will be removed in the future.
+// bytes at |*inp|, as described in |d2i_SAMPLE|.
OPENSSL_EXPORT ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **out,
const uint8_t **inp, long len);
// i2d_ASN1_OBJECT marshals |in| as a DER-encoded ASN.1 OBJECT IDENTIFIER, as
// described in |i2d_SAMPLE|.
-OPENSSL_EXPORT int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, uint8_t **outp);
+OPENSSL_EXPORT int i2d_ASN1_OBJECT(const ASN1_OBJECT *in, uint8_t **outp);
// c2i_ASN1_OBJECT decodes |len| bytes from |*inp| as the contents of a
// DER-encoded OBJECT IDENTIFIER, excluding the tag and length. It behaves like
-// |d2i_SAMPLE_with_reuse| except, on success, it always consumes all |len|
-// bytes.
+// |d2i_SAMPLE| except, on success, it always consumes all |len| bytes.
OPENSSL_EXPORT ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **out,
const uint8_t **inp, long len);
@@ -1499,15 +1477,14 @@
// |ASN1_BOOLEAN|.
//
// If |type| is |V_ASN1_SEQUENCE|, |V_ASN1_SET|, or |V_ASN1_OTHER|, the tag is
-// SEQUENCE, SET, or some non-universal tag, respectively. |value| is an
-// |ASN1_STRING| containing the entire element, including the tag and length.
-// The |ASN1_STRING|'s |type| field matches the containing |ASN1_TYPE|'s |type|.
+// SEQUENCE, SET, or some arbitrary tag, respectively. |value| uses the
+// corresponding |ASN1_STRING| representation. Although any type may be
+// represented in |V_ASN1_OTHER|, the parser will always return the more
+// specific encoding when available.
//
-// Other positive values of |type|, up to |V_ASN1_MAX_UNIVERSAL|, correspond to
-// universal primitive tags not directly supported by this library. |value| is
-// an |ASN1_STRING| containing the body of the element, excluding the tag
-// and length. The |ASN1_STRING|'s |type| field matches the containing
-// |ASN1_TYPE|'s |type|.
+// Other values of |type| do not represent a valid ASN.1 value, though
+// default-constructed objects may set |type| to -1. Such objects cannot be
+// serialized.
struct asn1_type_st {
int type;
union {
@@ -1547,10 +1524,10 @@
OPENSSL_EXPORT void ASN1_TYPE_free(ASN1_TYPE *a);
// d2i_ASN1_TYPE parses up to |len| bytes from |*inp| as an ASN.1 value of any
-// type, as described in |d2i_SAMPLE_with_reuse|. Note this function only
-// validates primitive, universal types supported by this library. Values of
-// type |V_ASN1_SEQUENCE|, |V_ASN1_SET|, |V_ASN1_OTHER|, or an unsupported
-// primitive type must be validated by the caller when interpreting.
+// type, as described in |d2i_SAMPLE|. Note this function only validates
+// primitive, universal types supported by this library. Values of type
+// |V_ASN1_SEQUENCE|, |V_ASN1_SET|, |V_ASN1_OTHER|, or an unsupported primitive
+// type must be validated by the caller when interpreting.
//
// TODO(https://crbug.com/boringssl/354): This function currently also accepts
// BER, but this will be removed in the future.
@@ -1594,9 +1571,9 @@
typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
// d2i_ASN1_SEQUENCE_ANY parses up to |len| bytes from |*inp| as a DER-encoded
-// ASN.1 SEQUENCE OF ANY structure, as described in |d2i_SAMPLE_with_reuse|. The
-// resulting |ASN1_SEQUENCE_ANY| owns its contents and thus must be released
-// with |sk_ASN1_TYPE_pop_free| and |ASN1_TYPE_free|, not |sk_ASN1_TYPE_free|.
+// ASN.1 SEQUENCE OF ANY structure, as described in |d2i_SAMPLE|. The resulting
+// |ASN1_SEQUENCE_ANY| owns its contents and thus must be released with
+// |sk_ASN1_TYPE_pop_free| and |ASN1_TYPE_free|, not |sk_ASN1_TYPE_free|.
//
// TODO(https://crbug.com/boringssl/354): This function currently also accepts
// BER, but this will be removed in the future.
@@ -1610,7 +1587,7 @@
uint8_t **outp);
// d2i_ASN1_SET_ANY parses up to |len| bytes from |*inp| as a DER-encoded ASN.1
-// SET OF ANY structure, as described in |d2i_SAMPLE_with_reuse|. The resulting
+// SET OF ANY structure, as described in |d2i_SAMPLE|. The resulting
// |ASN1_SEQUENCE_ANY| owns its contents and thus must be released with
// |sk_ASN1_TYPE_pop_free| and |ASN1_TYPE_free|, not |sk_ASN1_TYPE_free|.
//
@@ -1759,13 +1736,11 @@
// |*out_length|, |*out_tag|, and |*out_class| to the element's length, tag
// number, and tag class, respectively,
//
-// Unlike OpenSSL, this function does not support indefinite-length elements.
+// Unlike OpenSSL, this function only supports DER. Indefinite and non-minimal
+// lengths are rejected.
//
// This function is difficult to use correctly. Use |CBS_get_asn1| and related
// functions from bytestring.h.
-//
-// TODO(https://crbug.com/boringssl/354): Remove support for non-minimal
-// lengths.
OPENSSL_EXPORT int ASN1_get_object(const unsigned char **inp, long *out_length,
int *out_tag, int *out_class, long max_len);
@@ -1841,15 +1816,6 @@
// Deprecated functions.
-// ASN1_PRINTABLE_type interprets |len| bytes from |s| as a Latin-1 string. It
-// returns the first of |V_ASN1_PRINTABLESTRING|, |V_ASN1_IA5STRING|, or
-// |V_ASN1_T61STRING| that can represent every character. If |len| is negative,
-// |strlen(s)| is used instead.
-//
-// TODO(davidben): Remove this once all copies of Conscrypt have been updated
-// past https://github.com/google/conscrypt/pull/1032.
-OPENSSL_EXPORT int ASN1_PRINTABLE_type(const unsigned char *s, int len);
-
// ASN1_STRING_set_default_mask does nothing.
OPENSSL_EXPORT void ASN1_STRING_set_default_mask(unsigned long mask);
@@ -1931,7 +1897,7 @@
// d2i_ASN1_PRINTABLE parses up to |len| bytes from |*inp| as a DER-encoded
// CHOICE of an ad-hoc subset of string-like types, as described in
-// |d2i_SAMPLE_with_reuse|.
+// |d2i_SAMPLE|.
//
// Do not use this. Despite, the name it has no connection to PrintableString or
// printable characters. See https://crbug.com/boringssl/412.
@@ -1954,6 +1920,32 @@
// printable characters. See https://crbug.com/boringssl/412.
DECLARE_ASN1_ITEM(ASN1_PRINTABLE)
+// ASN1_INTEGER_set sets |a| to an INTEGER with value |v|. It returns one on
+// success and zero on error.
+//
+// Use |ASN1_INTEGER_set_uint64| and |ASN1_INTEGER_set_int64| instead.
+OPENSSL_EXPORT int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
+
+// ASN1_ENUMERATED_set sets |a| to an ENUMERATED with value |v|. It returns one
+// on success and zero on error.
+//
+// Use |ASN1_ENUMERATED_set_uint64| and |ASN1_ENUMERATED_set_int64| instead.
+OPENSSL_EXPORT int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+
+// ASN1_INTEGER_get returns the value of |a| as a |long|, or -1 if |a| is out of
+// range or the wrong type.
+//
+// WARNING: This function's return value cannot distinguish errors from -1.
+// Use |ASN1_INTEGER_get_uint64| and |ASN1_INTEGER_get_int64| instead.
+OPENSSL_EXPORT long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+
+// ASN1_ENUMERATED_get returns the value of |a| as a |long|, or -1 if |a| is out
+// of range or the wrong type.
+//
+// WARNING: This function's return value cannot distinguish errors from -1.
+// Use |ASN1_ENUMERATED_get_uint64| and |ASN1_ENUMERATED_get_int64| instead.
+OPENSSL_EXPORT long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a);
+
#if defined(__cplusplus)
} // extern C
@@ -2070,4 +2062,4 @@
#define ASN1_R_WRONG_INTEGER_TYPE 195
#define ASN1_R_INVALID_INTEGER 196
-#endif
+#endif // OPENSSL_HEADER_ASN1_H
diff --git a/sysroots/generic-arm64/usr/include/openssl/asn1t.h b/sysroots/generic-arm64/usr/include/openssl/asn1t.h
index 75bc6f0..7547b60 100644
--- a/sysroots/generic-arm64/usr/include/openssl/asn1t.h
+++ b/sysroots/generic-arm64/usr/include/openssl/asn1t.h
@@ -54,13 +54,13 @@
* Hudson (tjh@cryptsoft.com).
*
*/
-#ifndef HEADER_ASN1T_H
-#define HEADER_ASN1T_H
+#ifndef OPENSSL_HEADER_ASN1T_H
+#define OPENSSL_HEADER_ASN1T_H
#include <openssl/base.h>
#include <openssl/asn1.h>
-#ifdef __cplusplus
+#if defined(__cplusplus)
extern "C" {
#endif
@@ -244,11 +244,6 @@
(flags), (tag), offsetof(stname, field),\
#field, ASN1_ITEM_ref(type) }
-/* used when the structure is combined with the parent */
-
-#define ASN1_EX_COMBINE(flags, tag, type) { \
- (flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) }
-
/* implicit and explicit helper macros */
#define ASN1_IMP_EX(stname, field, type, tag, ex) \
@@ -348,8 +343,8 @@
*/
struct ASN1_TEMPLATE_st {
-unsigned long flags; /* Various flags */
-long tag; /* tag, not used if no tagging */
+uint32_t flags; /* Various flags */
+int tag; /* tag, not used if no tagging */
unsigned long offset; /* Offset of this field in structure */
const char *field_name; /* Field name */
ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */
@@ -366,7 +361,7 @@
typedef struct asn1_must_be_null_st ASN1_MUST_BE_NULL;
struct ASN1_ADB_st {
- unsigned long flags; /* Various flags */
+ uint32_t flags; /* Various flags */
unsigned long offset; /* Offset of selector field */
ASN1_MUST_BE_NULL *unused;
const ASN1_ADB_TABLE *tbl; /* Table of possible types */
@@ -441,21 +436,11 @@
#define ASN1_TFLG_ADB_OID (0x1<<8)
-/* This flag means a parent structure is passed
- * instead of the field: this is useful is a
- * SEQUENCE is being combined with a CHOICE for
- * example. Since this means the structure and
- * item name will differ we need to use the
- * ASN1_CHOICE_END_name() macro for example.
- */
-
-#define ASN1_TFLG_COMBINE (0x1<<10)
-
/* This is the actual ASN1 item itself */
struct ASN1_ITEM_st {
char itype; /* The item type, primitive, SEQUENCE, CHOICE or extern */
-long utype; /* underlying type */
+int utype; /* underlying type */
const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains the contents */
long tcount; /* Number of templates if SEQUENCE or CHOICE */
const void *funcs; /* functions that handle this type */
@@ -512,35 +497,6 @@
/* Deprecated tag and length cache */
struct ASN1_TLC_st;
-/* Typedefs for ASN1 function pointers */
-
-typedef ASN1_VALUE * ASN1_new_func(void);
-typedef void ASN1_free_func(ASN1_VALUE *a);
-typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, const unsigned char ** in, long length);
-typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in);
-
-typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it,
- int tag, int aclass, char opt, ASN1_TLC *ctx);
-
-typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
-typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
-typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval,
- int indent, const char *fname,
- const ASN1_PCTX *pctx);
-
-typedef struct ASN1_EXTERN_FUNCS_st {
- void *app_data;
- ASN1_ex_new_func *asn1_ex_new;
- ASN1_ex_free_func *asn1_ex_free;
- ASN1_ex_free_func *asn1_ex_clear;
- ASN1_ex_d2i *asn1_ex_d2i;
- ASN1_ex_i2d *asn1_ex_i2d;
- /* asn1_ex_print is unused. */
- ASN1_ex_print_func *asn1_ex_print;
-} ASN1_EXTERN_FUNCS;
-
/* This is the ASN1_AUX structure: it handles various
* miscellaneous requirements. For example the use of
* reference counts and an informational callback.
@@ -563,7 +519,7 @@
typedef struct ASN1_AUX_st {
void *app_data;
- int flags;
+ uint32_t flags;
int ref_offset; /* Offset of reference value */
ASN1_aux_cb *asn1_cb;
int enc_offset; /* Offset of ASN1_ENCODING structure */
@@ -677,13 +633,17 @@
int i2d_##fname(const stname *a, unsigned char **out) \
{ \
return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
- }
+ }
-#define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
- stname * stname##_dup(stname *x) \
- { \
- return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
- }
+#define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
+ stname *stname##_dup(stname *x) { \
+ return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
+ }
+
+#define IMPLEMENT_ASN1_DUP_FUNCTION_const(stname) \
+ stname *stname##_dup(const stname *x) { \
+ return ASN1_item_dup(ASN1_ITEM_rptr(stname), (void *)x); \
+ }
#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
@@ -698,7 +658,9 @@
DEFINE_STACK_OF(ASN1_VALUE)
-#ifdef __cplusplus
-}
+
+#if defined(__cplusplus)
+} // extern "C"
#endif
-#endif
+
+#endif // OPENSSL_HEADER_ASN1T_H
diff --git a/sysroots/generic-arm64/usr/include/openssl/base.h b/sysroots/generic-arm64/usr/include/openssl/base.h
index c2c953b..80d18a7 100644
--- a/sysroots/generic-arm64/usr/include/openssl/base.h
+++ b/sysroots/generic-arm64/usr/include/openssl/base.h
@@ -96,9 +96,6 @@
#elif defined(__ARMEL__) || defined(_M_ARM)
#define OPENSSL_32_BIT
#define OPENSSL_ARM
-#elif (defined(__PPC64__) || defined(__powerpc64__)) && defined(_LITTLE_ENDIAN)
-#define OPENSSL_64_BIT
-#define OPENSSL_PPC64LE
#elif defined(__MIPSEL__) && !defined(__LP64__)
#define OPENSSL_32_BIT
#define OPENSSL_MIPS
@@ -107,6 +104,7 @@
#define OPENSSL_MIPS64
#elif defined(__riscv) && __SIZEOF_POINTER__ == 8
#define OPENSSL_64_BIT
+#define OPENSSL_RISCV64
#elif defined(__riscv) && __SIZEOF_POINTER__ == 4
#define OPENSSL_32_BIT
#elif defined(__pnacl__)
@@ -195,7 +193,7 @@
// A consumer may use this symbol in the preprocessor to temporarily build
// against multiple revisions of BoringSSL at the same time. It is not
// recommended to do so for longer than is necessary.
-#define BORINGSSL_API_VERSION 17
+#define BORINGSSL_API_VERSION 19
#if defined(BORINGSSL_SHARED_LIBRARY)
@@ -223,6 +221,33 @@
#endif // defined(BORINGSSL_SHARED_LIBRARY)
+#if defined(_MSC_VER)
+
+// OPENSSL_DEPRECATED is used to mark a function as deprecated. Use
+// of any functions so marked in caller code will produce a warning.
+// OPENSSL_BEGIN_ALLOW_DEPRECATED and OPENSSL_END_ALLOW_DEPRECATED
+// can be used to suppress the warning in regions of caller code.
+#define OPENSSL_DEPRECATED __declspec(deprecated)
+#define OPENSSL_BEGIN_ALLOW_DEPRECATED \
+ __pragma(warning(push)) __pragma(warning(disable : 4996))
+#define OPENSSL_END_ALLOW_DEPRECATED __pragma(warning(pop))
+
+#elif defined(__GNUC__) || defined(__clang__)
+
+#define OPENSSL_DEPRECATED __attribute__((__deprecated__))
+#define OPENSSL_BEGIN_ALLOW_DEPRECATED \
+ _Pragma("GCC diagnostic push") \
+ _Pragma("GCC diagnostic ignored \"-Wdeprecated-declarations\"")
+#define OPENSSL_END_ALLOW_DEPRECATED _Pragma("GCC diagnostic pop")
+
+#else
+
+#define OPENSSL_DEPRECATED
+#define OPENSSL_BEGIN_ALLOW_DEPRECATED
+#define OPENSSL_END_ALLOW_DEPRECATED
+
+#endif
+
#if defined(__GNUC__) || defined(__clang__)
// MinGW has two different printf implementations. Ensure the format macro
@@ -325,6 +350,19 @@
#define BORINGSSL_ENUM_INT
#endif
+// ossl_ssize_t is a signed type which is large enough to fit the size of any
+// valid memory allocation. We prefer using |size_t|, but sometimes we need a
+// signed type for OpenSSL API compatibility. This type can be used in such
+// cases to avoid overflow.
+//
+// Not all |size_t| values fit in |ossl_ssize_t|, but all |size_t| values that
+// are sizes of or indices into C objects, can be converted without overflow.
+typedef ptrdiff_t ossl_ssize_t;
+
+// CBS_ASN1_TAG is the type used by |CBS| and |CBB| for ASN.1 tags. See that
+// header for details. This type is defined in base.h as a forward declaration.
+typedef uint32_t CBS_ASN1_TAG;
+
// CRYPTO_THREADID is a dummy value.
typedef int CRYPTO_THREADID;
@@ -362,10 +400,6 @@
typedef struct Netscape_spkac_st NETSCAPE_SPKAC;
typedef struct Netscape_spki_st NETSCAPE_SPKI;
typedef struct RIPEMD160state_st RIPEMD160_CTX;
-typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE;
-typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
-typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
-typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
typedef struct X509_VERIFY_PARAM_st X509_VERIFY_PARAM;
typedef struct X509_algor_st X509_ALGOR;
typedef struct X509_crl_st X509_CRL;
@@ -412,9 +446,7 @@
typedef struct evp_hpke_kdf_st EVP_HPKE_KDF;
typedef struct evp_hpke_kem_st EVP_HPKE_KEM;
typedef struct evp_hpke_key_st EVP_HPKE_KEY;
-typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
-typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
typedef struct evp_pkey_st EVP_PKEY;
typedef struct hmac_ctx_st HMAC_CTX;
typedef struct md4_state_st MD4_CTX;
@@ -519,8 +551,8 @@
template <typename T, typename Enable = void>
struct DeleterImpl {};
-template <typename T>
struct Deleter {
+ template <typename T>
void operator()(T *ptr) {
// Rather than specialize Deleter for each type, we specialize
// DeleterImpl. This allows bssl::UniquePtr<T> to be used while only
@@ -604,7 +636,7 @@
// bssl::UniquePtr<RSA> rsa(RSA_new());
// bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_mem()));
template <typename T>
-using UniquePtr = std::unique_ptr<T, internal::Deleter<T>>;
+using UniquePtr = std::unique_ptr<T, internal::Deleter>;
#define BORINGSSL_MAKE_UP_REF(type, up_ref_func) \
inline UniquePtr<type> UpRef(type *v) { \
diff --git a/sysroots/generic-arm64/usr/include/openssl/bio.h b/sysroots/generic-arm64/usr/include/openssl/bio.h
index 1658ff2..707a4b1 100644
--- a/sysroots/generic-arm64/usr/include/openssl/bio.h
+++ b/sysroots/generic-arm64/usr/include/openssl/bio.h
@@ -107,14 +107,14 @@
// bytes read, zero on EOF, or a negative number on error.
OPENSSL_EXPORT int BIO_read(BIO *bio, void *data, int len);
-// BIO_gets "reads a line" from |bio| and puts at most |size| bytes into |buf|.
-// It returns the number of bytes read or a negative number on error. The
-// phrase "reads a line" is in quotes in the previous sentence because the
-// exact operation depends on the BIO's method. For example, a digest BIO will
-// return the digest in response to a |BIO_gets| call.
+// BIO_gets reads a line from |bio| and writes at most |size| bytes into |buf|.
+// It returns the number of bytes read or a negative number on error. This
+// function's output always includes a trailing NUL byte, so it will read at
+// most |size - 1| bytes.
//
-// TODO(fork): audit the set of BIOs that we end up needing. If all actually
-// return a line for this call, remove the warning above.
+// If the function read a complete line, the output will include the newline
+// character, '\n'. If no newline was found before |size - 1| bytes or EOF, it
+// outputs the bytes which were available.
OPENSSL_EXPORT int BIO_gets(BIO *bio, char *buf, int size);
// BIO_write writes |len| bytes from |data| to |bio|. It returns the number of
@@ -328,7 +328,7 @@
OPENSSL_EXPORT int BIO_indent(BIO *bio, unsigned indent, unsigned max_indent);
// BIO_hexdump writes a hex dump of |data| to |bio|. Each line will be indented
-// by |indent| spaces.
+// by |indent| spaces. It returns one on success and zero otherwise.
OPENSSL_EXPORT int BIO_hexdump(BIO *bio, const uint8_t *data, size_t len,
unsigned indent);
@@ -383,7 +383,7 @@
//
// If |len| is negative, then |buf| is treated as a NUL-terminated string, but
// don't depend on this in new code.
-OPENSSL_EXPORT BIO *BIO_new_mem_buf(const void *buf, int len);
+OPENSSL_EXPORT BIO *BIO_new_mem_buf(const void *buf, ossl_ssize_t len);
// BIO_mem_contents sets |*out_contents| to point to the current contents of
// |bio| and |*out_len| to contain the length of that data. It returns one on
@@ -873,7 +873,6 @@
#define BIO_C_GET_FILE_PTR 107
#define BIO_C_SET_FILENAME 108
#define BIO_C_SET_SSL 109
-#define BIO_C_GET_SSL 110
#define BIO_C_SET_MD 111
#define BIO_C_GET_MD 112
#define BIO_C_GET_CIPHER_STATUS 113
@@ -887,9 +886,6 @@
#define BIO_C_GET_PROXY_PARAM 121
#define BIO_C_SET_BUFF_READ_DATA 122 // data to read first
#define BIO_C_GET_ACCEPT 124
-#define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
-#define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
-#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
#define BIO_C_FILE_SEEK 128
#define BIO_C_GET_CIPHER_CTX 129
#define BIO_C_SET_BUF_MEM_EOF_RETURN 130 // return end of input value
diff --git a/sysroots/generic-arm64/usr/include/openssl/bn.h b/sysroots/generic-arm64/usr/include/openssl/bn.h
index d9491a9..a03e41f 100644
--- a/sysroots/generic-arm64/usr/include/openssl/bn.h
+++ b/sysroots/generic-arm64/usr/include/openssl/bn.h
@@ -136,7 +136,16 @@
// BN provides support for working with arbitrary sized integers. For example,
// although the largest integer supported by the compiler might be 64 bits, BN
-// will allow you to work with numbers until you run out of memory.
+// will allow you to work with much larger numbers.
+//
+// This library is developed for use inside BoringSSL, and uses implementation
+// strategies that may not be ideal for other applications. Non-cryptographic
+// uses should use a more general-purpose integer library, especially if
+// performance-sensitive.
+//
+// Many functions in BN scale quadratically or higher in the bit length of their
+// input. Callers at this layer are assumed to have capped input sizes within
+// their performance tolerances.
// BN_ULONG is the native word size when working with big integers.
@@ -205,6 +214,10 @@
// BN_num_bytes returns the minimum number of bytes needed to represent the
// absolute value of |bn|.
+//
+// While |size_t| is the preferred type for byte counts, callers can assume that
+// |BIGNUM|s are bounded such that this value, and its corresponding bit count,
+// will always fit in |int|.
OPENSSL_EXPORT unsigned BN_num_bytes(const BIGNUM *bn);
// BN_zero sets |bn| to zero.
@@ -280,6 +293,10 @@
// BN_bn2dec returns an allocated string that contains a NUL-terminated,
// decimal representation of |bn|. If |bn| is negative, the first char in the
// resulting string will be '-'. Returns NULL on allocation failure.
+//
+// Converting an arbitrarily large integer to decimal is quadratic in the bit
+// length of |a|. This function assumes the caller has capped the input within
+// performance tolerances.
OPENSSL_EXPORT char *BN_bn2dec(const BIGNUM *a);
// BN_dec2bn parses the leading decimal number from |in|, which may be
@@ -288,6 +305,10 @@
// decimal number and stores it in |*outp|. If |*outp| is NULL then it
// allocates a new BIGNUM and updates |*outp|. It returns the number of bytes
// of |in| processed or zero on error.
+//
+// Converting an arbitrarily large integer to decimal is quadratic in the bit
+// length of |a|. This function assumes the caller has capped the input within
+// performance tolerances.
OPENSSL_EXPORT int BN_dec2bn(BIGNUM **outp, const char *in);
// BN_asc2bn acts like |BN_dec2bn| or |BN_hex2bn| depending on whether |in|
@@ -681,6 +702,9 @@
// the callback, or 1 if |callback| is NULL.
OPENSSL_EXPORT int BN_GENCB_call(BN_GENCB *callback, int event, int n);
+// BN_GENCB_get_arg returns |callback->arg|.
+OPENSSL_EXPORT void *BN_GENCB_get_arg(const BN_GENCB *callback);
+
// BN_generate_prime_ex sets |ret| to a prime number of |bits| length. If safe
// is non-zero then the prime will be such that (ret-1)/2 is also a prime.
// (This is needed for Diffie-Hellman groups to ensure that the only subgroups
@@ -810,8 +834,9 @@
// Note this function may incorrectly report |a| has no inverse if the random
// blinding value has no inverse. It should only be used when |n| has few
// non-invertible elements, such as an RSA modulus.
-int BN_mod_inverse_blinded(BIGNUM *out, int *out_no_inverse, const BIGNUM *a,
- const BN_MONT_CTX *mont, BN_CTX *ctx);
+OPENSSL_EXPORT int BN_mod_inverse_blinded(BIGNUM *out, int *out_no_inverse,
+ const BIGNUM *a,
+ const BN_MONT_CTX *mont, BN_CTX *ctx);
// BN_mod_inverse_odd sets |out| equal to |a|^-1, mod |n|. |a| must be
// non-negative and must be less than |n|. |n| must be odd. This function
@@ -849,15 +874,6 @@
OPENSSL_EXPORT BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,
const BN_MONT_CTX *from);
-// BN_MONT_CTX_set_locked takes |lock| and checks whether |*pmont| is NULL. If
-// so, it creates a new |BN_MONT_CTX| and sets the modulus for it to |mod|. It
-// then stores it as |*pmont|. It returns one on success and zero on error. Note
-// this function assumes |mod| is public.
-//
-// If |*pmont| is already non-NULL then it does nothing and returns one.
-int BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, CRYPTO_MUTEX *lock,
- const BIGNUM *mod, BN_CTX *bn_ctx);
-
// BN_to_montgomery sets |ret| equal to |a| in the Montgomery domain. |a| is
// assumed to be in the range [0, n), where |n| is the Montgomery modulus. It
// returns one on success or zero on error.
@@ -964,6 +980,9 @@
// conservative.)
#define BN_prime_checks BN_prime_checks_for_validation
+// BN_secure_new calls |BN_new|.
+OPENSSL_EXPORT BIGNUM *BN_secure_new(void);
+
// Private functions
diff --git a/sysroots/generic-arm64/usr/include/openssl/bytestring.h b/sysroots/generic-arm64/usr/include/openssl/bytestring.h
index 68c1ba4..33e13ef 100644
--- a/sysroots/generic-arm64/usr/include/openssl/bytestring.h
+++ b/sysroots/generic-arm64/usr/include/openssl/bytestring.h
@@ -18,6 +18,7 @@
#include <openssl/base.h>
#include <openssl/span.h>
+#include <time.h>
#if defined(__cplusplus)
extern "C" {
@@ -159,6 +160,13 @@
// one. Otherwise, it returns zero and leaves |cbs| unmodified.
OPENSSL_EXPORT int CBS_get_until_first(CBS *cbs, CBS *out, uint8_t c);
+// CBS_get_u64_decimal reads a decimal integer from |cbs| and writes it to
+// |*out|. It stops reading at the end of the string, or the first non-digit
+// character. It returns one on success and zero on error. This function behaves
+// analogously to |strtoul| except it does not accept empty inputs, leading
+// zeros, or negative values.
+OPENSSL_EXPORT int CBS_get_u64_decimal(CBS *cbs, uint64_t *out);
+
// Parsing ASN.1
//
@@ -168,8 +176,8 @@
// SEQUENCE, branching on CHOICEs or OPTIONAL fields, checking for trailing
// data, and handling explict vs. implicit tagging.
//
-// Tags are represented as |unsigned| values in memory. The upper few bits store
-// the class and constructed bit, and the remaining bits store the tag
+// Tags are represented as |CBS_ASN1_TAG| values in memory. The upper few bits
+// store the class and constructed bit, and the remaining bits store the tag
// number. Note this differs from the DER serialization, to support tag numbers
// beyond 31. Consumers must use the constants defined below to decompose or
// assemble tags.
@@ -230,31 +238,33 @@
// including tag and length bytes) and advances |cbs| over it. The ASN.1
// element must match |tag_value|. It returns one on success and zero
// on error.
-OPENSSL_EXPORT int CBS_get_asn1(CBS *cbs, CBS *out, unsigned tag_value);
+OPENSSL_EXPORT int CBS_get_asn1(CBS *cbs, CBS *out, CBS_ASN1_TAG tag_value);
// CBS_get_asn1_element acts like |CBS_get_asn1| but |out| will include the
// ASN.1 header bytes too.
-OPENSSL_EXPORT int CBS_get_asn1_element(CBS *cbs, CBS *out, unsigned tag_value);
+OPENSSL_EXPORT int CBS_get_asn1_element(CBS *cbs, CBS *out,
+ CBS_ASN1_TAG tag_value);
// CBS_peek_asn1_tag looks ahead at the next ASN.1 tag and returns one
// if the next ASN.1 element on |cbs| would have tag |tag_value|. If
// |cbs| is empty or the tag does not match, it returns zero. Note: if
// it returns one, CBS_get_asn1 may still fail if the rest of the
// element is malformed.
-OPENSSL_EXPORT int CBS_peek_asn1_tag(const CBS *cbs, unsigned tag_value);
+OPENSSL_EXPORT int CBS_peek_asn1_tag(const CBS *cbs, CBS_ASN1_TAG tag_value);
// CBS_get_any_asn1 sets |*out| to contain the next ASN.1 element from |*cbs|
// (not including tag and length bytes), sets |*out_tag| to the tag number, and
// advances |*cbs|. It returns one on success and zero on error. Either of |out|
// and |out_tag| may be NULL to ignore the value.
-OPENSSL_EXPORT int CBS_get_any_asn1(CBS *cbs, CBS *out, unsigned *out_tag);
+OPENSSL_EXPORT int CBS_get_any_asn1(CBS *cbs, CBS *out,
+ CBS_ASN1_TAG *out_tag);
// CBS_get_any_asn1_element sets |*out| to contain the next ASN.1 element from
// |*cbs| (including header bytes) and advances |*cbs|. It sets |*out_tag| to
// the tag number and |*out_header_len| to the length of the ASN.1 header. Each
// of |out|, |out_tag|, and |out_header_len| may be NULL to ignore the value.
OPENSSL_EXPORT int CBS_get_any_asn1_element(CBS *cbs, CBS *out,
- unsigned *out_tag,
+ CBS_ASN1_TAG *out_tag,
size_t *out_header_len);
// CBS_get_any_ber_asn1_element acts the same as |CBS_get_any_asn1_element| but
@@ -270,7 +280,7 @@
// element. Callers parsing indefinite-length encoding must check for EOC
// separately.
OPENSSL_EXPORT int CBS_get_any_ber_asn1_element(CBS *cbs, CBS *out,
- unsigned *out_tag,
+ CBS_ASN1_TAG *out_tag,
size_t *out_header_len,
int *out_ber_found,
int *out_indefinite);
@@ -296,7 +306,7 @@
// one, otherwise zero. It returns one on success, whether or not the element
// was present, and zero on decode failure.
OPENSSL_EXPORT int CBS_get_optional_asn1(CBS *cbs, CBS *out, int *out_present,
- unsigned tag);
+ CBS_ASN1_TAG tag);
// CBS_get_optional_asn1_octet_string gets an optional
// explicitly-tagged OCTET STRING from |cbs|. If present, it sets
@@ -306,7 +316,7 @@
// present, and zero on decode failure.
OPENSSL_EXPORT int CBS_get_optional_asn1_octet_string(CBS *cbs, CBS *out,
int *out_present,
- unsigned tag);
+ CBS_ASN1_TAG tag);
// CBS_get_optional_asn1_uint64 gets an optional explicitly-tagged
// INTEGER from |cbs|. If present, it sets |*out| to the
@@ -314,7 +324,7 @@
// on success, whether or not the element was present, and zero on
// decode failure.
OPENSSL_EXPORT int CBS_get_optional_asn1_uint64(CBS *cbs, uint64_t *out,
- unsigned tag,
+ CBS_ASN1_TAG tag,
uint64_t default_value);
// CBS_get_optional_asn1_bool gets an optional, explicitly-tagged BOOLEAN from
@@ -322,7 +332,8 @@
// boolean. Otherwise, it sets |*out| to |default_value|. It returns one on
// success, whether or not the element was present, and zero on decode
// failure.
-OPENSSL_EXPORT int CBS_get_optional_asn1_bool(CBS *cbs, int *out, unsigned tag,
+OPENSSL_EXPORT int CBS_get_optional_asn1_bool(CBS *cbs, int *out,
+ CBS_ASN1_TAG tag,
int default_value);
// CBS_is_valid_asn1_bitstring returns one if |cbs| is a valid ASN.1 BIT STRING
@@ -345,14 +356,42 @@
// ASN.1 INTEGER body and zero otherwise.
OPENSSL_EXPORT int CBS_is_unsigned_asn1_integer(const CBS *cbs);
+// CBS_is_valid_asn1_oid returns one if |cbs| is a valid DER-encoded ASN.1
+// OBJECT IDENTIFIER contents (not including the element framing) and zero
+// otherwise. This function tolerates arbitrarily large OID components.
+OPENSSL_EXPORT int CBS_is_valid_asn1_oid(const CBS *cbs);
+
// CBS_asn1_oid_to_text interprets |cbs| as DER-encoded ASN.1 OBJECT IDENTIFIER
// contents (not including the element framing) and returns the ASCII
// representation (e.g., "1.2.840.113554.4.1.72585") in a newly-allocated
// string, or NULL on failure. The caller must release the result with
// |OPENSSL_free|.
+//
+// This function may fail if |cbs| is an invalid OBJECT IDENTIFIER, or if any
+// OID components are too large.
OPENSSL_EXPORT char *CBS_asn1_oid_to_text(const CBS *cbs);
+// CBS_parse_generalized_time returns one if |cbs| is a valid DER-encoded, ASN.1
+// GeneralizedTime body within the limitations imposed by RFC 5280, or zero
+// otherwise. If |allow_timezone_offset| is non-zero, four-digit timezone
+// offsets, which would not be allowed by DER, are permitted. On success, if
+// |out_tm| is non-NULL, |*out_tm| will be zeroed, and then set to the
+// corresponding time in UTC. This function does not compute |out_tm->tm_wday|
+// or |out_tm->tm_yday|.
+OPENSSL_EXPORT int CBS_parse_generalized_time(const CBS *cbs, struct tm *out_tm,
+ int allow_timezone_offset);
+
+// CBS_parse_utc_time returns one if |cbs| is a valid DER-encoded, ASN.1
+// UTCTime body within the limitations imposed by RFC 5280, or zero otherwise.
+// If |allow_timezone_offset| is non-zero, four-digit timezone offsets, which
+// would not be allowed by DER, are permitted. On success, if |out_tm| is
+// non-NULL, |*out_tm| will be zeroed, and then set to the corresponding time
+// in UTC. This function does not compute |out_tm->tm_wday| or
+// |out_tm->tm_yday|.
+OPENSSL_EXPORT int CBS_parse_utc_time(const CBS *cbs, struct tm *out_tm,
+ int allow_timezone_offset);
+
// CRYPTO ByteBuilder.
//
// |CBB| objects allow one to build length-prefixed serialisations. A |CBB|
@@ -370,28 +409,40 @@
struct cbb_buffer_st {
uint8_t *buf;
- size_t len; // The number of valid bytes.
- size_t cap; // The size of buf.
- char can_resize; /* One iff |buf| is owned by this object. If not then |buf|
- cannot be resized. */
- char error; /* One iff there was an error writing to this CBB. All future
- operations will fail. */
+ // len is the number of valid bytes in |buf|.
+ size_t len;
+ // cap is the size of |buf|.
+ size_t cap;
+ // can_resize is one iff |buf| is owned by this object. If not then |buf|
+ // cannot be resized.
+ unsigned can_resize : 1;
+ // error is one if there was an error writing to this CBB. All future
+ // operations will fail.
+ unsigned error : 1;
};
-struct cbb_st {
+struct cbb_child_st {
+ // base is a pointer to the buffer this |CBB| writes to.
struct cbb_buffer_st *base;
- // child points to a child CBB if a length-prefix is pending.
- CBB *child;
// offset is the number of bytes from the start of |base->buf| to this |CBB|'s
// pending length prefix.
size_t offset;
// pending_len_len contains the number of bytes in this |CBB|'s pending
// length-prefix, or zero if no length-prefix is pending.
uint8_t pending_len_len;
- char pending_is_asn1;
- // is_child is true iff this is a child |CBB| (as opposed to a top-level
- // |CBB|). Top-level objects are valid arguments for |CBB_finish|.
+ unsigned pending_is_asn1 : 1;
+};
+
+struct cbb_st {
+ // child points to a child CBB if a length-prefix is pending.
+ CBB *child;
+ // is_child is one if this is a child |CBB| and zero if it is a top-level
+ // |CBB|. This determines which arm of the union is valid.
char is_child;
+ union {
+ struct cbb_buffer_st base;
+ struct cbb_child_st child;
+ } u;
};
// CBB_zero sets an uninitialised |cbb| to the zero state. It must be
@@ -407,7 +458,8 @@
// CBB_init_fixed initialises |cbb| to write to |len| bytes at |buf|. Since
// |buf| cannot grow, trying to write more than |len| bytes will cause CBB
-// functions to fail. It returns one on success or zero on error.
+// functions to fail. This function is infallible and always returns one. It is
+// safe, but not necessary, to call |CBB_cleanup| on |cbb|.
OPENSSL_EXPORT int CBB_init_fixed(CBB *cbb, uint8_t *buf, size_t len);
// CBB_cleanup frees all resources owned by |cbb| and other |CBB| objects
@@ -468,7 +520,7 @@
// CBB_add_asn1 sets |*out_contents| to a |CBB| into which the contents of an
// ASN.1 object can be written. The |tag| argument will be used as the tag for
// the object. It returns one on success or zero on error.
-OPENSSL_EXPORT int CBB_add_asn1(CBB *cbb, CBB *out_contents, unsigned tag);
+OPENSSL_EXPORT int CBB_add_asn1(CBB *cbb, CBB *out_contents, CBS_ASN1_TAG tag);
// CBB_add_bytes appends |len| bytes from |data| to |cbb|. It returns one on
// success and zero otherwise.
@@ -536,11 +588,23 @@
// error.
OPENSSL_EXPORT int CBB_add_asn1_uint64(CBB *cbb, uint64_t value);
+// CBB_add_asn1_uint64_with_tag behaves like |CBB_add_asn1_uint64| but uses
+// |tag| as the tag instead of INTEGER. This is useful if the INTEGER type uses
+// implicit tagging.
+OPENSSL_EXPORT int CBB_add_asn1_uint64_with_tag(CBB *cbb, uint64_t value,
+ CBS_ASN1_TAG tag);
+
// CBB_add_asn1_int64 writes an ASN.1 INTEGER into |cbb| using |CBB_add_asn1|
// and writes |value| in its contents. It returns one on success and zero on
// error.
OPENSSL_EXPORT int CBB_add_asn1_int64(CBB *cbb, int64_t value);
+// CBB_add_asn1_int64_with_tag behaves like |CBB_add_asn1_int64| but uses |tag|
+// as the tag instead of INTEGER. This is useful if the INTEGER type uses
+// implicit tagging.
+OPENSSL_EXPORT int CBB_add_asn1_int64_with_tag(CBB *cbb, int64_t value,
+ CBS_ASN1_TAG tag);
+
// CBB_add_asn1_octet_string writes an ASN.1 OCTET STRING into |cbb| with the
// given contents. It returns one on success and zero on error.
OPENSSL_EXPORT int CBB_add_asn1_octet_string(CBB *cbb, const uint8_t *data,
diff --git a/sysroots/generic-arm64/usr/include/openssl/cipher.h b/sysroots/generic-arm64/usr/include/openssl/cipher.h
index 2458847..310d7c2 100644
--- a/sysroots/generic-arm64/usr/include/openssl/cipher.h
+++ b/sysroots/generic-arm64/usr/include/openssl/cipher.h
@@ -174,6 +174,11 @@
// of output bytes may be up to |in_len| plus the block length minus one and
// |out| must have sufficient space. The number of bytes actually output is
// written to |*out_len|. It returns one on success and zero otherwise.
+//
+// If |ctx| is an AEAD cipher, e.g. |EVP_aes_128_gcm|, and |out| is NULL, this
+// function instead adds |in_len| bytes from |in| to the AAD and sets |*out_len|
+// to |in_len|. The AAD must be fully specified in this way before this function
+// is used to encrypt plaintext.
OPENSSL_EXPORT int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, uint8_t *out,
int *out_len, const uint8_t *in,
int in_len);
@@ -191,6 +196,11 @@
// output bytes may be up to |in_len| plus the block length minus one and |out|
// must have sufficient space. The number of bytes actually output is written
// to |*out_len|. It returns one on success and zero otherwise.
+//
+// If |ctx| is an AEAD cipher, e.g. |EVP_aes_128_gcm|, and |out| is NULL, this
+// function instead adds |in_len| bytes from |in| to the AAD and sets |*out_len|
+// to |in_len|. The AAD must be fully specified in this way before this function
+// is used to decrypt ciphertext.
OPENSSL_EXPORT int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, uint8_t *out,
int *out_len, const uint8_t *in,
int in_len);
@@ -204,24 +214,6 @@
OPENSSL_EXPORT int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, uint8_t *out,
int *out_len);
-// EVP_Cipher performs a one-shot encryption/decryption operation. No partial
-// blocks are maintained between calls. However, any internal cipher state is
-// still updated. For CBC-mode ciphers, the IV is updated to the final
-// ciphertext block. For stream ciphers, the stream is advanced past the bytes
-// used. It returns one on success and zero otherwise, unless |EVP_CIPHER_flags|
-// has |EVP_CIPH_FLAG_CUSTOM_CIPHER| set. Then it returns the number of bytes
-// written or -1 on error.
-//
-// WARNING: this differs from the usual return value convention when using
-// |EVP_CIPH_FLAG_CUSTOM_CIPHER|.
-//
-// TODO(davidben): The normal ciphers currently never fail, even if, e.g.,
-// |in_len| is not a multiple of the block size for CBC-mode decryption. The
-// input just gets rounded up while the output gets truncated. This should
-// either be officially documented or fail.
-OPENSSL_EXPORT int EVP_Cipher(EVP_CIPHER_CTX *ctx, uint8_t *out,
- const uint8_t *in, size_t in_len);
-
// EVP_CipherUpdate calls either |EVP_EncryptUpdate| or |EVP_DecryptUpdate|
// depending on how |ctx| has been setup.
OPENSSL_EXPORT int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, uint8_t *out,
@@ -349,6 +341,12 @@
#define EVP_CIPH_GCM_MODE 0x6
#define EVP_CIPH_XTS_MODE 0x7
+// The following values are never returned from |EVP_CIPHER_mode| and are
+// included only to make it easier to compile code with BoringSSL.
+#define EVP_CIPH_CCM_MODE 0x8
+#define EVP_CIPH_OCB_MODE 0x9
+#define EVP_CIPH_WRAP_MODE 0xa
+
// Cipher flags (for |EVP_CIPHER_flags|).
@@ -420,6 +418,30 @@
OPENSSL_EXPORT int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, uint8_t *out,
int *out_len);
+// EVP_Cipher historically exposed an internal implementation detail of |ctx|
+// and should not be used. Use |EVP_CipherUpdate| and |EVP_CipherFinal_ex|
+// instead.
+//
+// If |ctx|'s cipher does not have the |EVP_CIPH_FLAG_CUSTOM_CIPHER| flag, it
+// encrypts or decrypts |in_len| bytes from |in| and writes the resulting
+// |in_len| bytes to |out|. It returns one on success and zero on error.
+// |in_len| must be a multiple of the cipher's block size, or the behavior is
+// undefined.
+//
+// TODO(davidben): Rather than being undefined (it'll often round the length up
+// and likely read past the buffer), just fail the operation.
+//
+// If |ctx|'s cipher has the |EVP_CIPH_FLAG_CUSTOM_CIPHER| flag, it runs in one
+// of two modes: If |in| is non-NULL, it behaves like |EVP_CipherUpdate|. If
+// |in| is NULL, it behaves like |EVP_CipherFinal_ex|. In both cases, it returns
+// |*out_len| on success and -1 on error.
+//
+// WARNING: The two possible calling conventions of this function signal errors
+// incompatibly. In the first, zero indicates an error. In the second, zero
+// indicates success with zero bytes of output.
+OPENSSL_EXPORT int EVP_Cipher(EVP_CIPHER_CTX *ctx, uint8_t *out,
+ const uint8_t *in, size_t in_len);
+
// EVP_add_cipher_alias does nothing and returns one.
OPENSSL_EXPORT int EVP_add_cipher_alias(const char *a, const char *b);
@@ -433,6 +455,12 @@
// These AEADs are deprecated AES-GCM implementations that set
// |EVP_CIPH_FLAG_CUSTOM_CIPHER|. Use |EVP_aead_aes_128_gcm| and
// |EVP_aead_aes_256_gcm| instead.
+//
+// WARNING: Although these APIs allow streaming an individual AES-GCM operation,
+// this is not secure. Until calling |EVP_DecryptFinal_ex|, the tag has not yet
+// been checked and output released by |EVP_DecryptUpdate| is unauthenticated
+// and easily manipulated by attackers. Callers must buffer the output and may
+// not act on it until the entire operation is complete.
OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_128_gcm(void);
OPENSSL_EXPORT const EVP_CIPHER *EVP_aes_256_gcm(void);
@@ -484,9 +512,6 @@
// The following flags do nothing and are included only to make it easier to
// compile code with BoringSSL.
-#define EVP_CIPH_CCM_MODE (-1)
-#define EVP_CIPH_OCB_MODE (-2)
-#define EVP_CIPH_WRAP_MODE (-3)
#define EVP_CIPHER_CTX_FLAG_WRAP_ALLOW 0
// EVP_CIPHER_CTX_set_flags does nothing.
@@ -575,6 +600,9 @@
int final_used;
uint8_t final[EVP_MAX_BLOCK_LENGTH]; // possible final block
+
+ // Has this structure been rendered unusable by a failure.
+ int poisoned;
} /* EVP_CIPHER_CTX */;
typedef struct evp_cipher_info_st {
@@ -582,45 +610,6 @@
unsigned char iv[EVP_MAX_IV_LENGTH];
} EVP_CIPHER_INFO;
-struct evp_cipher_st {
- // type contains a NID identifing the cipher. (e.g. NID_aes_128_gcm.)
- int nid;
-
- // block_size contains the block size, in bytes, of the cipher, or 1 for a
- // stream cipher.
- unsigned block_size;
-
- // key_len contains the key size, in bytes, for the cipher. If the cipher
- // takes a variable key size then this contains the default size.
- unsigned key_len;
-
- // iv_len contains the IV size, in bytes, or zero if inapplicable.
- unsigned iv_len;
-
- // ctx_size contains the size, in bytes, of the per-key context for this
- // cipher.
- unsigned ctx_size;
-
- // flags contains the OR of a number of flags. See |EVP_CIPH_*|.
- uint32_t flags;
-
- // app_data is a pointer to opaque, user data.
- void *app_data;
-
- int (*init)(EVP_CIPHER_CTX *ctx, const uint8_t *key, const uint8_t *iv,
- int enc);
-
- int (*cipher)(EVP_CIPHER_CTX *ctx, uint8_t *out, const uint8_t *in,
- size_t inl);
-
- // cleanup, if non-NULL, releases memory associated with the context. It is
- // called if |EVP_CTRL_INIT| succeeds. Note that |init| may not have been
- // called at this point.
- void (*cleanup)(EVP_CIPHER_CTX *);
-
- int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr);
-};
-
#if defined(__cplusplus)
} // extern C
diff --git a/sysroots/generic-arm64/usr/include/openssl/conf.h b/sysroots/generic-arm64/usr/include/openssl/conf.h
index 6890c7d..908c16e 100644
--- a/sysroots/generic-arm64/usr/include/openssl/conf.h
+++ b/sysroots/generic-arm64/usr/include/openssl/conf.h
@@ -110,8 +110,8 @@
// NCONF_get_section returns a stack of values for a given section in |conf|.
// If |section| is NULL, the default section is returned. It returns NULL on
// error.
-OPENSSL_EXPORT STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
- const char *section);
+OPENSSL_EXPORT const STACK_OF(CONF_VALUE) *NCONF_get_section(
+ const CONF *conf, const char *section);
// NCONF_get_string returns the value of the key |name|, in section |section|.
// The |section| argument may be NULL to indicate the default section. It
@@ -121,19 +121,6 @@
const char *name);
-// Utility functions
-
-// CONF_parse_list takes a list separated by 'sep' and calls |list_cb| giving
-// the start and length of each member, optionally stripping leading and
-// trailing whitespace. This can be used to parse comma separated lists for
-// example. If |list_cb| returns <= 0, then the iteration is halted and that
-// value is returned immediately. Otherwise it returns one. Note that |list_cb|
-// may be called on an empty member.
-int CONF_parse_list(const char *list, char sep, int remove_whitespace,
- int (*list_cb)(const char *elem, int len, void *usr),
- void *arg);
-
-
// Deprecated functions
// These defines do nothing but are provided to make old code easier to
diff --git a/sysroots/generic-arm64/usr/include/openssl/crypto.h b/sysroots/generic-arm64/usr/include/openssl/crypto.h
index b1f696f..171ac43 100644
--- a/sysroots/generic-arm64/usr/include/openssl/crypto.h
+++ b/sysroots/generic-arm64/usr/include/openssl/crypto.h
@@ -75,10 +75,6 @@
#if defined(OPENSSL_ARM) && defined(OPENSSL_LINUX) && \
!defined(OPENSSL_STATIC_ARMCAP)
-// CRYPTO_has_broken_NEON returns one if the current CPU is known to have a
-// broken NEON unit. See https://crbug.com/341598.
-OPENSSL_EXPORT int CRYPTO_has_broken_NEON(void);
-
// CRYPTO_needs_hwcap2_workaround returns one if the ARMv8 AArch32 AT_HWCAP2
// workaround was needed. See https://crbug.com/boringssl/46.
OPENSSL_EXPORT int CRYPTO_needs_hwcap2_workaround(void);
@@ -193,6 +189,12 @@
// the current BoringSSL and zero otherwise.
OPENSSL_EXPORT int FIPS_query_algorithm_status(const char *algorithm);
+#if defined(OPENSSL_ARM) && defined(OPENSSL_LINUX) && \
+ !defined(OPENSSL_STATIC_ARMCAP)
+// CRYPTO_has_broken_NEON returns zero.
+OPENSSL_EXPORT int CRYPTO_has_broken_NEON(void);
+#endif
+
#if defined(__cplusplus)
} // extern C
diff --git a/sysroots/generic-arm64/usr/include/openssl/ctrdrbg.h b/sysroots/generic-arm64/usr/include/openssl/ctrdrbg.h
index 62afe0c..5440fb4 100644
--- a/sysroots/generic-arm64/usr/include/openssl/ctrdrbg.h
+++ b/sysroots/generic-arm64/usr/include/openssl/ctrdrbg.h
@@ -71,6 +71,12 @@
#if defined(__cplusplus)
} // extern C
+
+extern "C++" {
+BSSL_NAMESPACE_BEGIN
+BORINGSSL_MAKE_DELETER(CTR_DRBG_STATE, CTR_DRBG_free)
+BSSL_NAMESPACE_END
+} // extern C++
#endif
#endif // OPENSSL_HEADER_CTRDRBG_H
diff --git a/sysroots/generic-arm64/usr/include/openssl/dh.h b/sysroots/generic-arm64/usr/include/openssl/dh.h
index 21c9623..660627d 100644
--- a/sysroots/generic-arm64/usr/include/openssl/dh.h
+++ b/sysroots/generic-arm64/usr/include/openssl/dh.h
@@ -89,6 +89,9 @@
// Properties.
+// DH_bits returns the size of |dh|'s group modulus, in bits.
+OPENSSL_EXPORT unsigned DH_bits(const DH *dh);
+
// DH_get0_pub_key returns |dh|'s public key.
OPENSSL_EXPORT const BIGNUM *DH_get0_pub_key(const DH *dh);
@@ -134,15 +137,40 @@
// Standard parameters.
+// DH_get_rfc7919_2048 returns the group `ffdhe2048` from
+// https://tools.ietf.org/html/rfc7919#appendix-A.1. It returns NULL if out
+// of memory.
+OPENSSL_EXPORT DH *DH_get_rfc7919_2048(void);
+
// BN_get_rfc3526_prime_1536 sets |*ret| to the 1536-bit MODP group from RFC
// 3526 and returns |ret|. If |ret| is NULL then a fresh |BIGNUM| is allocated
// and returned. It returns NULL on allocation failure.
OPENSSL_EXPORT BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *ret);
-// DH_get_rfc7919_2048 returns the group `ffdhe2048` from
-// https://tools.ietf.org/html/rfc7919#appendix-A.1. It returns NULL if out
-// of memory.
-OPENSSL_EXPORT DH *DH_get_rfc7919_2048(void);
+// BN_get_rfc3526_prime_2048 sets |*ret| to the 2048-bit MODP group from RFC
+// 3526 and returns |ret|. If |ret| is NULL then a fresh |BIGNUM| is allocated
+// and returned. It returns NULL on allocation failure.
+OPENSSL_EXPORT BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *ret);
+
+// BN_get_rfc3526_prime_3072 sets |*ret| to the 3072-bit MODP group from RFC
+// 3526 and returns |ret|. If |ret| is NULL then a fresh |BIGNUM| is allocated
+// and returned. It returns NULL on allocation failure.
+OPENSSL_EXPORT BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *ret);
+
+// BN_get_rfc3526_prime_4096 sets |*ret| to the 4096-bit MODP group from RFC
+// 3526 and returns |ret|. If |ret| is NULL then a fresh |BIGNUM| is allocated
+// and returned. It returns NULL on allocation failure.
+OPENSSL_EXPORT BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *ret);
+
+// BN_get_rfc3526_prime_6144 sets |*ret| to the 6144-bit MODP group from RFC
+// 3526 and returns |ret|. If |ret| is NULL then a fresh |BIGNUM| is allocated
+// and returned. It returns NULL on allocation failure.
+OPENSSL_EXPORT BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *ret);
+
+// BN_get_rfc3526_prime_8192 sets |*ret| to the 8192-bit MODP group from RFC
+// 3526 and returns |ret|. If |ret| is NULL then a fresh |BIGNUM| is allocated
+// and returned. It returns NULL on allocation failure.
+OPENSSL_EXPORT BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *ret);
// Parameter generation.
@@ -216,7 +244,6 @@
#define DH_CHECK_NOT_SUITABLE_GENERATOR 0x08
#define DH_CHECK_Q_NOT_PRIME 0x10
#define DH_CHECK_INVALID_Q_VALUE 0x20
-#define DH_CHECK_INVALID_J_VALUE 0x40
// These are compatibility defines.
#define DH_NOT_SUITABLE_GENERATOR DH_CHECK_NOT_SUITABLE_GENERATOR
@@ -302,31 +329,6 @@
DH *dh);
-struct dh_st {
- BIGNUM *p;
- BIGNUM *g;
- BIGNUM *pub_key; // g^x mod p
- BIGNUM *priv_key; // x
-
- // priv_length contains the length, in bits, of the private value. If zero,
- // the private value will be the same length as |p|.
- unsigned priv_length;
-
- CRYPTO_MUTEX method_mont_p_lock;
- BN_MONT_CTX *method_mont_p;
-
- // Place holders if we want to do X9.42 DH
- BIGNUM *q;
- BIGNUM *j;
- unsigned char *seed;
- int seedlen;
- BIGNUM *counter;
-
- int flags;
- CRYPTO_refcount_t references;
-};
-
-
#if defined(__cplusplus)
} // extern C
diff --git a/sysroots/generic-arm64/usr/include/openssl/dsa.h b/sysroots/generic-arm64/usr/include/openssl/dsa.h
index e6ddce6..30afd43 100644
--- a/sysroots/generic-arm64/usr/include/openssl/dsa.h
+++ b/sysroots/generic-arm64/usr/include/openssl/dsa.h
@@ -94,6 +94,9 @@
// Properties.
+// DSA_bits returns the size of |dsa|'s group modulus, in bits.
+OPENSSL_EXPORT unsigned DSA_bits(const DSA *dsa);
+
// DSA_get0_pub_key returns |dsa|'s public key.
OPENSSL_EXPORT const BIGNUM *DSA_get0_pub_key(const DSA *dsa);
@@ -439,5 +442,6 @@
#define DSA_R_DECODE_ERROR 105
#define DSA_R_ENCODE_ERROR 106
#define DSA_R_INVALID_PARAMETERS 107
+#define DSA_R_TOO_MANY_ITERATIONS 108
#endif // OPENSSL_HEADER_DSA_H
diff --git a/sysroots/generic-arm64/usr/include/openssl/ec.h b/sysroots/generic-arm64/usr/include/openssl/ec.h
index 8339bfb..dd5259b 100644
--- a/sysroots/generic-arm64/usr/include/openssl/ec.h
+++ b/sysroots/generic-arm64/usr/include/openssl/ec.h
@@ -253,13 +253,23 @@
BN_CTX *ctx);
// EC_POINT_point2oct serialises |point| into the X9.62 form given by |form|
-// into, at most, |len| bytes at |buf|. It returns the number of bytes written
-// or zero on error if |buf| is non-NULL, else the number of bytes needed. The
-// |ctx| argument may be used if not NULL.
+// into, at most, |max_out| bytes at |buf|. It returns the number of bytes
+// written or zero on error if |buf| is non-NULL, else the number of bytes
+// needed. The |ctx| argument may be used if not NULL.
OPENSSL_EXPORT size_t EC_POINT_point2oct(const EC_GROUP *group,
const EC_POINT *point,
point_conversion_form_t form,
- uint8_t *buf, size_t len, BN_CTX *ctx);
+ uint8_t *buf, size_t max_out,
+ BN_CTX *ctx);
+
+// EC_POINT_point2buf serialises |point| into the X9.62 form given by |form| to
+// a newly-allocated buffer and sets |*out_buf| to point to it. It returns the
+// length of the result on success or zero on error. The caller must release
+// |*out_buf| with |OPENSSL_free| when done.
+OPENSSL_EXPORT size_t EC_POINT_point2buf(const EC_GROUP *group,
+ const EC_POINT *point,
+ point_conversion_form_t form,
+ uint8_t **out_buf, BN_CTX *ctx);
// EC_POINT_point2cbb behaves like |EC_POINT_point2oct| but appends the
// serialised point to |cbb|. It returns one on success and zero on error.
@@ -309,6 +319,31 @@
const BIGNUM *m, BN_CTX *ctx);
+// Hash-to-curve.
+//
+// The following functions implement primitives from
+// draft-irtf-cfrg-hash-to-curve-16. The |dst| parameter in each function is the
+// domain separation tag and must be unique for each protocol and between the
+// |hash_to_curve| and |hash_to_scalar| variants. See section 3.1 of the spec
+// for additional guidance on this parameter.
+
+// EC_hash_to_curve_p256_xmd_sha256_sswu hashes |msg| to a point on |group| and
+// writes the result to |out|, implementing the P256_XMD:SHA-256_SSWU_RO_ suite
+// from draft-irtf-cfrg-hash-to-curve-16. It returns one on success and zero on
+// error.
+OPENSSL_EXPORT int EC_hash_to_curve_p256_xmd_sha256_sswu(
+ const EC_GROUP *group, EC_POINT *out, const uint8_t *dst, size_t dst_len,
+ const uint8_t *msg, size_t msg_len);
+
+// EC_hash_to_curve_p384_xmd_sha384_sswu hashes |msg| to a point on |group| and
+// writes the result to |out|, implementing the P384_XMD:SHA-384_SSWU_RO_ suite
+// from draft-irtf-cfrg-hash-to-curve-16. It returns one on success and zero on
+// error.
+OPENSSL_EXPORT int EC_hash_to_curve_p384_xmd_sha384_sswu(
+ const EC_GROUP *group, EC_POINT *out, const uint8_t *dst, size_t dst_len,
+ const uint8_t *msg, size_t msg_len);
+
+
// Deprecated functions.
// EC_GROUP_new_curve_GFp creates a new, arbitrary elliptic curve group based
diff --git a/sysroots/generic-arm64/usr/include/openssl/ec_key.h b/sysroots/generic-arm64/usr/include/openssl/ec_key.h
index 502bfc2..00986cf 100644
--- a/sysroots/generic-arm64/usr/include/openssl/ec_key.h
+++ b/sysroots/generic-arm64/usr/include/openssl/ec_key.h
@@ -179,12 +179,38 @@
const BIGNUM *x,
const BIGNUM *y);
-// EC_KEY_key2buf encodes the public key in |key| to an allocated octet string
-// and sets |*out_buf| to point to it. It returns the length of the encoded
-// octet string or zero if an error occurred.
+// EC_KEY_oct2key decodes |len| bytes from |in| as an EC public key in X9.62
+// form. |key| must already have a group configured. On success, it sets the
+// public key in |key| to the result and returns one. Otherwise, it returns
+// zero.
+OPENSSL_EXPORT int EC_KEY_oct2key(EC_KEY *key, const uint8_t *in, size_t len,
+ BN_CTX *ctx);
+
+// EC_KEY_key2buf behaves like |EC_POINT_point2buf|, except it encodes the
+// public key in |key|.
OPENSSL_EXPORT size_t EC_KEY_key2buf(const EC_KEY *key,
point_conversion_form_t form,
- unsigned char **out_buf, BN_CTX *ctx);
+ uint8_t **out_buf, BN_CTX *ctx);
+
+// EC_KEY_oct2priv decodes a big-endian, zero-padded integer from |len| bytes
+// from |in| and sets |key|'s private key to the result. It returns one on
+// success and zero on error. The input must be padded to the size of |key|'s
+// group order.
+OPENSSL_EXPORT int EC_KEY_oct2priv(EC_KEY *key, const uint8_t *in, size_t len);
+
+// EC_KEY_priv2oct serializes |key|'s private key as a big-endian integer,
+// zero-padded to the size of |key|'s group order and writes the result to at
+// most |max_out| bytes of |out|. It returns the number of bytes written on
+// success and zero on error. If |out| is NULL, it returns the number of bytes
+// needed without writing anything.
+OPENSSL_EXPORT size_t EC_KEY_priv2oct(const EC_KEY *key, uint8_t *out,
+ size_t max_out);
+
+// EC_KEY_priv2buf behaves like |EC_KEY_priv2oct| but sets |*out_buf| to a
+// newly-allocated buffer containing the result. It returns the size of the
+// result on success and zero on error. The caller must release |*out_buf| with
+// |OPENSSL_free| when done.
+OPENSSL_EXPORT size_t EC_KEY_priv2buf(const EC_KEY *key, uint8_t **out_buf);
// Key generation.
@@ -335,7 +361,7 @@
long len);
// i2o_ECPublicKey marshals an EC point from |key|, as described in
-// |i2d_SAMPLE|.
+// |i2d_SAMPLE|, except it returns zero on error instead of a negative value.
//
// Use |EC_POINT_point2cbb| instead.
OPENSSL_EXPORT int i2o_ECPublicKey(const EC_KEY *key, unsigned char **outp);
diff --git a/sysroots/generic-arm64/usr/include/openssl/ecdsa.h b/sysroots/generic-arm64/usr/include/openssl/ecdsa.h
index bc0dba5..56be154 100644
--- a/sysroots/generic-arm64/usr/include/openssl/ecdsa.h
+++ b/sysroots/generic-arm64/usr/include/openssl/ecdsa.h
@@ -232,5 +232,6 @@
#define ECDSA_R_NOT_IMPLEMENTED 103
#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
#define ECDSA_R_ENCODE_ERROR 105
+#define ECDSA_R_TOO_MANY_ITERATIONS 106
#endif // OPENSSL_HEADER_ECDSA_H
diff --git a/sysroots/generic-arm64/usr/include/openssl/err.h b/sysroots/generic-arm64/usr/include/openssl/err.h
index 28ba250..0ec71b1 100644
--- a/sysroots/generic-arm64/usr/include/openssl/err.h
+++ b/sysroots/generic-arm64/usr/include/openssl/err.h
@@ -163,12 +163,16 @@
// ERR_GET_LIB returns the library code for the error. This is one of
// the |ERR_LIB_*| values.
-#define ERR_GET_LIB(packed_error) ((int)(((packed_error) >> 24) & 0xff))
+OPENSSL_INLINE int ERR_GET_LIB(uint32_t packed_error) {
+ return (int)((packed_error >> 24) & 0xff);
+}
// ERR_GET_REASON returns the reason code for the error. This is one of
// library-specific |LIB_R_*| values where |LIB| is the library (see
// |ERR_GET_LIB|). Note that reason codes are specific to the library.
-#define ERR_GET_REASON(packed_error) ((int)((packed_error) & 0xfff))
+OPENSSL_INLINE int ERR_GET_REASON(uint32_t packed_error) {
+ return (int)(packed_error & 0xfff);
+}
// ERR_get_error gets the packed error code for the least recent error and
// removes that error from the queue. If there are no errors in the queue then
@@ -184,8 +188,12 @@
#define ERR_FLAG_STRING 1
// ERR_FLAG_MALLOCED is passed into |ERR_set_error_data| to indicate that |data|
-// was allocated with |OPENSSL_malloc|. It is never returned from
-// |ERR_get_error_line_data|.
+// was allocated with |OPENSSL_malloc|.
+//
+// It is, separately, returned in |*flags| from |ERR_get_error_line_data| to
+// indicate that |*data| has a non-static lifetime, but this lifetime is still
+// managed by the library. The caller must not call |OPENSSL_free| or |free| on
+// |data|.
#define ERR_FLAG_MALLOCED 2
// ERR_get_error_line_data acts like |ERR_get_error_line|, but also returns the
@@ -411,7 +419,10 @@
#define ERR_ERROR_STRING_BUF_LEN 120
// ERR_GET_FUNC returns zero. BoringSSL errors do not report a function code.
-#define ERR_GET_FUNC(packed_error) 0
+OPENSSL_INLINE int ERR_GET_FUNC(uint32_t packed_error) {
+ (void)packed_error;
+ return 0;
+}
// ERR_TXT_* are provided for compatibility with code that assumes that it's
// using OpenSSL.
diff --git a/sysroots/generic-arm64/usr/include/openssl/evp.h b/sysroots/generic-arm64/usr/include/openssl/evp.h
index e195907..00ae4f5 100644
--- a/sysroots/generic-arm64/usr/include/openssl/evp.h
+++ b/sysroots/generic-arm64/usr/include/openssl/evp.h
@@ -178,6 +178,7 @@
#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
#define EVP_PKEY_ED25519 NID_ED25519
#define EVP_PKEY_X25519 NID_X25519
+#define EVP_PKEY_HKDF NID_hkdf
// EVP_PKEY_assign sets the underlying key of |pkey| to |key|, which must be of
// the given type. It returns one if successful or zero if the |type| argument
@@ -665,11 +666,11 @@
// success and zero on error.
OPENSSL_EXPORT int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
-// EVP_PKEY_derive derives a shared key between the two keys configured in
-// |ctx|. If |key| is non-NULL then, on entry, |out_key_len| must contain the
-// amount of space at |key|. If sufficient then the shared key will be written
-// to |key| and |*out_key_len| will be set to the length. If |key| is NULL then
-// |out_key_len| will be set to the maximum length.
+// EVP_PKEY_derive derives a shared key from |ctx|. If |key| is non-NULL then,
+// on entry, |out_key_len| must contain the amount of space at |key|. If
+// sufficient then the shared key will be written to |key| and |*out_key_len|
+// will be set to the length. If |key| is NULL then |out_key_len| will be set to
+// the maximum length.
//
// WARNING: Setting |out| to NULL only gives the maximum size of the key. The
// actual key may be smaller.
@@ -935,7 +936,10 @@
// EVP_PKEY_set1_tls_encodedpoint replaces |pkey| with a public key encoded by
// |in|. It returns one on success and zero on error.
//
-// This function only works on X25519 keys.
+// If |pkey| is an EC key, the format is an X9.62 point and |pkey| must already
+// have an EC group configured. If it is an X25519 key, it is the 32-byte X25519
+// public key representation. This function is not supported for other key types
+// and will fail.
OPENSSL_EXPORT int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey,
const uint8_t *in,
size_t len);
@@ -945,7 +949,10 @@
// |OPENSSL_free| to release this buffer. The function returns the length of the
// buffer on success and zero on error.
//
-// This function only works on X25519 keys.
+// If |pkey| is an EC key, the format is an X9.62 point with uncompressed
+// coordinates. If it is an X25519 key, it is the 32-byte X25519 public key
+// representation. This function is not supported for other key types and will
+// fail.
OPENSSL_EXPORT size_t EVP_PKEY_get1_tls_encodedpoint(const EVP_PKEY *pkey,
uint8_t **out_ptr);
@@ -1017,6 +1024,14 @@
OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY(EC_KEY **out, const uint8_t **inp,
long len);
+// EVP_PKEY_CTX_set_dsa_paramgen_bits returns zero.
+OPENSSL_EXPORT int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx,
+ int nbits);
+
+// EVP_PKEY_CTX_set_dsa_paramgen_q_bits returns zero.
+OPENSSL_EXPORT int EVP_PKEY_CTX_set_dsa_paramgen_q_bits(EVP_PKEY_CTX *ctx,
+ int qbits);
+
// Preprocessor compatibility section (hidden).
//
@@ -1041,29 +1056,6 @@
ERR_put_error(ERR_LIB_EVP, 0, reason, __FILE__, __LINE__)
-// Private structures.
-
-struct evp_pkey_st {
- CRYPTO_refcount_t references;
-
- // type contains one of the EVP_PKEY_* values or NID_undef and determines
- // which element (if any) of the |pkey| union is valid.
- int type;
-
- union {
- void *ptr;
- RSA *rsa;
- DSA *dsa;
- DH *dh;
- EC_KEY *ec;
- } pkey;
-
- // ameth contains a pointer to a method table that contains many ASN.1
- // methods for the key type.
- const EVP_PKEY_ASN1_METHOD *ameth;
-} /* EVP_PKEY */;
-
-
#if defined(__cplusplus)
} // extern C
diff --git a/sysroots/generic-arm64/usr/include/openssl/ex_data.h b/sysroots/generic-arm64/usr/include/openssl/ex_data.h
index 102f8a8..8f2f98b 100644
--- a/sysroots/generic-arm64/usr/include/openssl/ex_data.h
+++ b/sysroots/generic-arm64/usr/include/openssl/ex_data.h
@@ -145,7 +145,7 @@
CRYPTO_EX_free *free_func);
// TYPE_set_ex_data sets an extra data pointer on |t|. The |index| argument
-// should have been returned from a previous call to |TYPE_get_ex_new_index|.
+// must have been returned from a previous call to |TYPE_get_ex_new_index|.
OPENSSL_EXPORT int TYPE_set_ex_data(TYPE *t, int index, void *arg);
// TYPE_get_ex_data returns an extra data pointer for |t|, or NULL if no such
diff --git a/sysroots/generic-arm64/usr/include/openssl/hmac.h b/sysroots/generic-arm64/usr/include/openssl/hmac.h
index 56b0802..7a4737f 100644
--- a/sysroots/generic-arm64/usr/include/openssl/hmac.h
+++ b/sysroots/generic-arm64/usr/include/openssl/hmac.h
@@ -137,6 +137,9 @@
// |ctx|. On entry, |ctx| must have been setup with |HMAC_Init_ex|.
OPENSSL_EXPORT size_t HMAC_size(const HMAC_CTX *ctx);
+// HMAC_CTX_get_md returns |ctx|'s hash function.
+OPENSSL_EXPORT const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
+
// HMAC_CTX_copy_ex sets |dest| equal to |src|. On entry, |dest| must have been
// initialised by calling |HMAC_CTX_init|. It returns one on success and zero
// on error.
diff --git a/sysroots/generic-arm64/usr/include/openssl/hpke.h b/sysroots/generic-arm64/usr/include/openssl/hpke.h
index e2c9855..3ce6946 100644
--- a/sysroots/generic-arm64/usr/include/openssl/hpke.h
+++ b/sysroots/generic-arm64/usr/include/openssl/hpke.h
@@ -51,6 +51,30 @@
// will be one of the |EVP_HPKE_KEM_*| constants.
OPENSSL_EXPORT uint16_t EVP_HPKE_KEM_id(const EVP_HPKE_KEM *kem);
+// EVP_HPKE_MAX_PUBLIC_KEY_LENGTH is the maximum length of an encoded public key
+// for all KEMs currently supported by this library.
+#define EVP_HPKE_MAX_PUBLIC_KEY_LENGTH 32
+
+// EVP_HPKE_KEM_public_key_len returns the length of a public key for |kem|.
+// This value will be at most |EVP_HPKE_MAX_PUBLIC_KEY_LENGTH|.
+OPENSSL_EXPORT size_t EVP_HPKE_KEM_public_key_len(const EVP_HPKE_KEM *kem);
+
+// EVP_HPKE_MAX_PRIVATE_KEY_LENGTH is the maximum length of an encoded private
+// key for all KEMs currently supported by this library.
+#define EVP_HPKE_MAX_PRIVATE_KEY_LENGTH 32
+
+// EVP_HPKE_KEM_private_key_len returns the length of a private key for |kem|.
+// This value will be at most |EVP_HPKE_MAX_PRIVATE_KEY_LENGTH|.
+OPENSSL_EXPORT size_t EVP_HPKE_KEM_private_key_len(const EVP_HPKE_KEM *kem);
+
+// EVP_HPKE_MAX_ENC_LENGTH is the maximum length of "enc", the encapsulated
+// shared secret, for all KEMs currently supported by this library.
+#define EVP_HPKE_MAX_ENC_LENGTH 32
+
+// EVP_HPKE_KEM_enc_len returns the length of the "enc", the encapsulated shared
+// secret, for |kem|. This value will be at most |EVP_HPKE_MAX_ENC_LENGTH|.
+OPENSSL_EXPORT size_t EVP_HPKE_KEM_enc_len(const EVP_HPKE_KEM *kem);
+
// The following constants are KDF identifiers.
#define EVP_HPKE_HKDF_SHA256 0x0001
@@ -60,6 +84,11 @@
// EVP_HPKE_KDF_id returns the HPKE KDF identifier for |kdf|.
OPENSSL_EXPORT uint16_t EVP_HPKE_KDF_id(const EVP_HPKE_KDF *kdf);
+// EVP_HPKE_KDF_hkdf_md returns the HKDF hash function corresponding to |kdf|,
+// or NULL if |kdf| is not an HKDF-based KDF. All currently supported KDFs are
+// HKDF-based.
+OPENSSL_EXPORT const EVP_MD *EVP_HPKE_KDF_hkdf_md(const EVP_HPKE_KDF *kdf);
+
// The following constants are AEAD identifiers.
#define EVP_HPKE_AES_128_GCM 0x0001
#define EVP_HPKE_AES_256_GCM 0x0002
@@ -127,28 +156,22 @@
// EVP_HPKE_KEY_kem returns the HPKE KEM used by |key|.
OPENSSL_EXPORT const EVP_HPKE_KEM *EVP_HPKE_KEY_kem(const EVP_HPKE_KEY *key);
-// EVP_HPKE_MAX_PUBLIC_KEY_LENGTH is the maximum length of a public key for all
-// KEMs supported by this library.
-#define EVP_HPKE_MAX_PUBLIC_KEY_LENGTH 32
-
// EVP_HPKE_KEY_public_key writes |key|'s public key to |out| and sets
// |*out_len| to the number of bytes written. On success, it returns one and
// writes at most |max_out| bytes. If |max_out| is too small, it returns zero.
// Setting |max_out| to |EVP_HPKE_MAX_PUBLIC_KEY_LENGTH| will ensure the public
-// key fits.
+// key fits. An exact size can also be determined by
+// |EVP_HPKE_KEM_public_key_len|.
OPENSSL_EXPORT int EVP_HPKE_KEY_public_key(const EVP_HPKE_KEY *key,
uint8_t *out, size_t *out_len,
size_t max_out);
-// EVP_HPKE_MAX_PRIVATE_KEY_LENGTH is the maximum length of a private key for
-// all KEMs supported by this library.
-#define EVP_HPKE_MAX_PRIVATE_KEY_LENGTH 32
-
// EVP_HPKE_KEY_private_key writes |key|'s private key to |out| and sets
// |*out_len| to the number of bytes written. On success, it returns one and
// writes at most |max_out| bytes. If |max_out| is too small, it returns zero.
// Setting |max_out| to |EVP_HPKE_MAX_PRIVATE_KEY_LENGTH| will ensure the
-// private key fits.
+// private key fits. An exact size can also be determined by
+// |EVP_HPKE_KEM_private_key_len|.
OPENSSL_EXPORT int EVP_HPKE_KEY_private_key(const EVP_HPKE_KEY *key,
uint8_t *out, size_t *out_len,
size_t max_out);
@@ -182,16 +205,13 @@
// created with |EVP_HPKE_CTX_new|.
OPENSSL_EXPORT void EVP_HPKE_CTX_free(EVP_HPKE_CTX *ctx);
-// EVP_HPKE_MAX_ENC_LENGTH is the maximum length of "enc", the encapsulated
-// shared secret, for all supported KEMs in this library.
-#define EVP_HPKE_MAX_ENC_LENGTH 32
-
// EVP_HPKE_CTX_setup_sender implements the SetupBaseS HPKE operation. It
// encapsulates a shared secret for |peer_public_key| and sets up |ctx| as a
// sender context. It writes the encapsulated shared secret to |out_enc| and
// sets |*out_enc_len| to the number of bytes written. It writes at most
// |max_enc| bytes and fails if the buffer is too small. Setting |max_enc| to at
-// least |EVP_HPKE_MAX_ENC_LENGTH| will ensure the buffer is large enough.
+// least |EVP_HPKE_MAX_ENC_LENGTH| will ensure the buffer is large enough. An
+// exact size may also be determined by |EVP_PKEY_KEM_enc_len|.
//
// This function returns one on success and zero on error. Note that
// |peer_public_key| may be invalid, in which case this function will return an
@@ -292,6 +312,10 @@
// up as a sender.
OPENSSL_EXPORT size_t EVP_HPKE_CTX_max_overhead(const EVP_HPKE_CTX *ctx);
+// EVP_HPKE_CTX_kem returns |ctx|'s configured KEM, or NULL if the context has
+// not been set up.
+OPENSSL_EXPORT const EVP_HPKE_KEM *EVP_HPKE_CTX_kem(const EVP_HPKE_CTX *ctx);
+
// EVP_HPKE_CTX_aead returns |ctx|'s configured AEAD, or NULL if the context has
// not been set up.
OPENSSL_EXPORT const EVP_HPKE_AEAD *EVP_HPKE_CTX_aead(const EVP_HPKE_CTX *ctx);
@@ -307,6 +331,7 @@
// but accessing or modifying their fields is forbidden.
struct evp_hpke_ctx_st {
+ const EVP_HPKE_KEM *kem;
const EVP_HPKE_AEAD *aead;
const EVP_HPKE_KDF *kdf;
EVP_AEAD_CTX aead_ctx;
diff --git a/sysroots/generic-arm64/usr/include/openssl/kdf.h b/sysroots/generic-arm64/usr/include/openssl/kdf.h
new file mode 100644
index 0000000..7adad38
--- /dev/null
+++ b/sysroots/generic-arm64/usr/include/openssl/kdf.h
@@ -0,0 +1,91 @@
+/* Copyright (c) 2022, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#ifndef OPENSSL_HEADER_KDF_H
+#define OPENSSL_HEADER_KDF_H
+
+#include <openssl/base.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+
+// KDF support for EVP.
+
+
+// HKDF-specific functions.
+//
+// The following functions are provided for OpenSSL compatibility. Prefer the
+// HKDF functions in <openssl/hkdf.h>. In each, |ctx| must be created with
+// |EVP_PKEY_CTX_new_id| with |EVP_PKEY_HKDF| and then initialized with
+// |EVP_PKEY_derive_init|.
+
+// EVP_PKEY_HKDEF_MODE_* define "modes" for use with |EVP_PKEY_CTX_hkdf_mode|.
+// The mispelling of "HKDF" as "HKDEF" is intentional for OpenSSL compatibility.
+#define EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND 0
+#define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY 1
+#define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY 2
+
+// EVP_PKEY_CTX_hkdf_mode configures which HKDF operation to run. It returns one
+// on success and zero on error. |mode| must be one of |EVP_PKEY_HKDEF_MODE_*|.
+// By default, the mode is |EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND|.
+//
+// If |mode| is |EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND| or
+// |EVP_PKEY_HKDEF_MODE_EXPAND_ONLY|, the output is variable-length.
+// |EVP_PKEY_derive| uses the size of the output buffer as the output length for
+// HKDF-Expand.
+//
+// WARNING: Although this API calls it a "mode", HKDF-Extract and HKDF-Expand
+// are distinct operations with distinct inputs and distinct kinds of keys.
+// Callers should not pass input secrets for one operation into the other.
+OPENSSL_EXPORT int EVP_PKEY_CTX_hkdf_mode(EVP_PKEY_CTX *ctx, int mode);
+
+// EVP_PKEY_CTX_set_hkdf_md sets |md| as the digest to use with HKDF. It returns
+// one on success and zero on error.
+OPENSSL_EXPORT int EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX *ctx,
+ const EVP_MD *md);
+
+// EVP_PKEY_CTX_set1_hkdf_key configures HKDF to use |key_len| bytes from |key|
+// as the "key", described below. It returns one on success and zero on error.
+//
+// Which input is the key depends on the "mode" (see |EVP_PKEY_CTX_hkdf_mode|).
+// If |EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND| or
+// |EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY|, this function specifies the input keying
+// material (IKM) for HKDF-Extract. If |EVP_PKEY_HKDEF_MODE_EXPAND_ONLY|, it
+// instead specifies the pseudorandom key (PRK) for HKDF-Expand.
+OPENSSL_EXPORT int EVP_PKEY_CTX_set1_hkdf_key(EVP_PKEY_CTX *ctx,
+ const uint8_t *key,
+ size_t key_len);
+
+// EVP_PKEY_CTX_set1_hkdf_salt configures HKDF to use |salt_len| bytes from
+// |salt| as the salt parameter to HKDF-Extract. It returns one on success and
+// zero on error. If performing HKDF-Expand only, this parameter is ignored.
+OPENSSL_EXPORT int EVP_PKEY_CTX_set1_hkdf_salt(EVP_PKEY_CTX *ctx,
+ const uint8_t *salt,
+ size_t salt_len);
+
+// EVP_PKEY_CTX_add1_hkdf_info appends |info_len| bytes from |info| to the info
+// parameter used with HKDF-Expand. It returns one on success and zero on error.
+// If performing HKDF-Extract only, this parameter is ignored.
+OPENSSL_EXPORT int EVP_PKEY_CTX_add1_hkdf_info(EVP_PKEY_CTX *ctx,
+ const uint8_t *info,
+ size_t info_len);
+
+
+#if defined(__cplusplus)
+} // extern C
+#endif
+
+#endif // OPENSSL_HEADER_KDF_H
diff --git a/sysroots/generic-arm64/usr/include/openssl/kyber.h b/sysroots/generic-arm64/usr/include/openssl/kyber.h
new file mode 100644
index 0000000..cafae9d
--- /dev/null
+++ b/sysroots/generic-arm64/usr/include/openssl/kyber.h
@@ -0,0 +1,128 @@
+/* Copyright (c) 2023, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#ifndef OPENSSL_HEADER_KYBER_H
+#define OPENSSL_HEADER_KYBER_H
+
+#include <openssl/base.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+
+// Kyber768.
+
+
+// KYBER_public_key contains a Kyber768 public key. The contents of this
+// object should never leave the address space since the format is unstable.
+struct KYBER_public_key {
+ union {
+ uint8_t bytes[512 * (3 + 9) + 32 + 32];
+ uint16_t alignment;
+ } opaque;
+};
+
+// KYBER_private_key contains a Kyber768 private key. The contents of this
+// object should never leave the address space since the format is unstable.
+struct KYBER_private_key {
+ union {
+ uint8_t bytes[512 * (3 + 3 + 9) + 32 + 32 + 32];
+ uint16_t alignment;
+ } opaque;
+};
+
+// KYBER_PUBLIC_KEY_BYTES is the number of bytes in an encoded Kyber768 public
+// key.
+#define KYBER_PUBLIC_KEY_BYTES 1184
+
+// KYBER_generate_key generates a random public/private key pair, writes the
+// encoded public key to |out_encoded_public_key| and sets |out_private_key| to
+// the private key.
+OPENSSL_EXPORT void KYBER_generate_key(
+ uint8_t out_encoded_public_key[KYBER_PUBLIC_KEY_BYTES],
+ struct KYBER_private_key *out_private_key);
+
+// KYBER_public_from_private sets |*out_public_key| to the public key that
+// corresponds to |private_key|. (This is faster than parsing the output of
+// |KYBER_generate_key| if, for some reason, you need to encapsulate to a key
+// that was just generated.)
+OPENSSL_EXPORT void KYBER_public_from_private(
+ struct KYBER_public_key *out_public_key,
+ const struct KYBER_private_key *private_key);
+
+// KYBER_CIPHERTEXT_BYTES is number of bytes in the Kyber768 ciphertext.
+#define KYBER_CIPHERTEXT_BYTES 1088
+
+// KYBER_encap encrypts a random secret key of length |out_shared_secret_len| to
+// |public_key|, writes the ciphertext to |ciphertext|, and writes the random
+// key to |out_shared_secret|. The party calling |KYBER_decap| must already know
+// the correct value of |out_shared_secret_len|.
+OPENSSL_EXPORT void KYBER_encap(uint8_t out_ciphertext[KYBER_CIPHERTEXT_BYTES],
+ uint8_t *out_shared_secret,
+ size_t out_shared_secret_len,
+ const struct KYBER_public_key *public_key);
+
+// KYBER_decap decrypts a key of length |out_shared_secret_len| from
+// |ciphertext| using |private_key| and writes it to |out_shared_secret|. If
+// |ciphertext| is invalid, |out_shared_secret| is filled with a key that
+// will always be the same for the same |ciphertext| and |private_key|, but
+// which appears to be random unless one has access to |private_key|. These
+// alternatives occur in constant time. Any subsequent symmetric encryption
+// using |out_shared_secret| must use an authenticated encryption scheme in
+// order to discover the decapsulation failure.
+OPENSSL_EXPORT void KYBER_decap(
+ uint8_t *out_shared_secret, size_t out_shared_secret_len,
+ const uint8_t ciphertext[KYBER_CIPHERTEXT_BYTES],
+ const struct KYBER_private_key *private_key);
+
+
+// Serialisation of keys.
+
+// KYBER_marshal_public_key serializes |public_key| to |out| in the standard
+// format for Kyber public keys. It returns one on success or zero on allocation
+// error.
+OPENSSL_EXPORT int KYBER_marshal_public_key(
+ CBB *out, const struct KYBER_public_key *public_key);
+
+// KYBER_parse_public_key parses a public key, in the format generated by
+// |KYBER_marshal_public_key|, from |in| and writes the result to
+// |out_public_key|. It returns one on success or zero on parse error or if
+// there are trailing bytes in |in|.
+OPENSSL_EXPORT int KYBER_parse_public_key(
+ struct KYBER_public_key *out_public_key, CBS *in);
+
+// KYBER_marshal_private_key serializes |private_key| to |out| in the standard
+// format for Kyber private keys. It returns one on success or zero on
+// allocation error.
+OPENSSL_EXPORT int KYBER_marshal_private_key(
+ CBB *out, const struct KYBER_private_key *private_key);
+
+// KYBER_PRIVATE_KEY_BYTES is the length of the data produced by
+// |KYBER_marshal_private_key|.
+#define KYBER_PRIVATE_KEY_BYTES 2400
+
+// KYBER_parse_private_key parses a private key, in the format generated by
+// |KYBER_marshal_private_key|, from |in| and writes the result to
+// |out_private_key|. It returns one on success or zero on parse error or if
+// there are trailing bytes in |in|.
+OPENSSL_EXPORT int KYBER_parse_private_key(
+ struct KYBER_private_key *out_private_key, CBS *in);
+
+
+#if defined(__cplusplus)
+} // extern C
+#endif
+
+#endif // OPENSSL_HEADER_KYBER_H
diff --git a/sysroots/generic-arm64/usr/include/openssl/mem.h b/sysroots/generic-arm64/usr/include/openssl/mem.h
index 476299a..8da1dd6 100644
--- a/sysroots/generic-arm64/usr/include/openssl/mem.h
+++ b/sysroots/generic-arm64/usr/include/openssl/mem.h
@@ -75,17 +75,26 @@
// unless stated otherwise.
-// OPENSSL_malloc acts like a regular |malloc|.
+#ifndef _BORINGSSL_PROHIBIT_OPENSSL_MALLOC
+// OPENSSL_malloc is similar to a regular |malloc|, but allocates additional
+// private data. The resulting pointer must be freed with |OPENSSL_free|. In
+// the case of a malloc failure, prior to returning NULL |OPENSSL_malloc| will
+// push |ERR_R_MALLOC_FAILURE| onto the openssl error stack.
OPENSSL_EXPORT void *OPENSSL_malloc(size_t size);
+#endif // !_BORINGSSL_PROHIBIT_OPENSSL_MALLOC
// OPENSSL_free does nothing if |ptr| is NULL. Otherwise it zeros out the
-// memory allocated at |ptr| and frees it.
+// memory allocated at |ptr| and frees it along with the private data.
+// It must only be used on on |ptr| values obtained from |OPENSSL_malloc|
OPENSSL_EXPORT void OPENSSL_free(void *ptr);
+#ifndef _BORINGSSL_PROHIBIT_OPENSSL_MALLOC
// OPENSSL_realloc returns a pointer to a buffer of |new_size| bytes that
// contains the contents of |ptr|. Unlike |realloc|, a new buffer is always
-// allocated and the data at |ptr| is always wiped and freed.
+// allocated and the data at |ptr| is always wiped and freed. Memory is
+// allocated with |OPENSSL_malloc| and must be freed with |OPENSSL_free|.
OPENSSL_EXPORT void *OPENSSL_realloc(void *ptr, size_t new_size);
+#endif // !_BORINGSSL_PROHIBIT_OPENSSL_MALLOC
// OPENSSL_cleanse zeros out |len| bytes of memory at |ptr|. This is similar to
// |memset_s| from C11.
@@ -110,13 +119,42 @@
// OPENSSL_strnlen has the same behaviour as strnlen(3).
OPENSSL_EXPORT size_t OPENSSL_strnlen(const char *s, size_t len);
-// OPENSSL_tolower is a locale-independent version of tolower(3).
+// OPENSSL_isalpha is a locale-independent, ASCII-only version of isalpha(3), It
+// only recognizes 'a' through 'z' and 'A' through 'Z' as alphabetic.
+OPENSSL_EXPORT int OPENSSL_isalpha(int c);
+
+// OPENSSL_isdigit is a locale-independent, ASCII-only version of isdigit(3), It
+// only recognizes '0' through '9' as digits.
+OPENSSL_EXPORT int OPENSSL_isdigit(int c);
+
+// OPENSSL_isxdigit is a locale-independent, ASCII-only version of isxdigit(3),
+// It only recognizes '0' through '9', 'a' through 'f', and 'A through 'F' as
+// digits.
+OPENSSL_EXPORT int OPENSSL_isxdigit(int c);
+
+// OPENSSL_fromxdigit returns one if |c| is a hexadecimal digit as recognized
+// by OPENSSL_isxdigit, and sets |out| to the corresponding value. Otherwise
+// zero is returned.
+OPENSSL_EXPORT int OPENSSL_fromxdigit(uint8_t *out, int c);
+
+// OPENSSL_isalnum is a locale-independent, ASCII-only version of isalnum(3), It
+// only recognizes what |OPENSSL_isalpha| and |OPENSSL_isdigit| recognize.
+OPENSSL_EXPORT int OPENSSL_isalnum(int c);
+
+// OPENSSL_tolower is a locale-independent, ASCII-only version of tolower(3). It
+// only lowercases ASCII values. Other values are returned as-is.
OPENSSL_EXPORT int OPENSSL_tolower(int c);
-// OPENSSL_strcasecmp is a locale-independent version of strcasecmp(3).
+// OPENSSL_isspace is a locale-independent, ASCII-only version of isspace(3). It
+// only recognizes '\t', '\n', '\v', '\f', '\r', and ' '.
+OPENSSL_EXPORT int OPENSSL_isspace(int c);
+
+// OPENSSL_strcasecmp is a locale-independent, ASCII-only version of
+// strcasecmp(3).
OPENSSL_EXPORT int OPENSSL_strcasecmp(const char *a, const char *b);
-// OPENSSL_strncasecmp is a locale-independent version of strncasecmp(3).
+// OPENSSL_strncasecmp is a locale-independent, ASCII-only version of
+// strncasecmp(3).
OPENSSL_EXPORT int OPENSSL_strncasecmp(const char *a, const char *b, size_t n);
// DECIMAL_SIZE returns an upper bound for the length of the decimal
@@ -131,12 +169,25 @@
OPENSSL_EXPORT int BIO_vsnprintf(char *buf, size_t n, const char *format,
va_list args) OPENSSL_PRINTF_FORMAT_FUNC(3, 0);
+// OPENSSL_vasprintf has the same behavior as vasprintf(3), except that
+// memory allocated in a returned string must be freed with |OPENSSL_free|.
+OPENSSL_EXPORT int OPENSSL_vasprintf(char **str, const char *format,
+ va_list args)
+ OPENSSL_PRINTF_FORMAT_FUNC(2, 0);
+
+// OPENSSL_asprintf has the same behavior as asprintf(3), except that
+// memory allocated in a returned string must be freed with |OPENSSL_free|.
+OPENSSL_EXPORT int OPENSSL_asprintf(char **str, const char *format, ...)
+ OPENSSL_PRINTF_FORMAT_FUNC(2, 3);
+
// OPENSSL_strndup returns an allocated, duplicate of |str|, which is, at most,
-// |size| bytes. The result is always NUL terminated.
+// |size| bytes. The result is always NUL terminated. The memory allocated
+// must be freed with |OPENSSL_free|.
OPENSSL_EXPORT char *OPENSSL_strndup(const char *str, size_t size);
// OPENSSL_memdup returns an allocated, duplicate of |size| bytes from |data| or
-// NULL on allocation failure.
+// NULL on allocation failure. The memory allocated must be freed with
+// |OPENSSL_free|.
OPENSSL_EXPORT void *OPENSSL_memdup(const void *data, size_t size);
// OPENSSL_strlcpy acts like strlcpy(3).
@@ -164,6 +215,21 @@
// allocations on free, but we define |OPENSSL_clear_free| for compatibility.
OPENSSL_EXPORT void OPENSSL_clear_free(void *ptr, size_t len);
+// CRYPTO_secure_malloc_init returns zero.
+OPENSSL_EXPORT int CRYPTO_secure_malloc_init(size_t size, size_t min_size);
+
+// CRYPTO_secure_malloc_initialized returns zero.
+OPENSSL_EXPORT int CRYPTO_secure_malloc_initialized(void);
+
+// CRYPTO_secure_used returns zero.
+OPENSSL_EXPORT size_t CRYPTO_secure_used(void);
+
+// OPENSSL_secure_malloc calls |OPENSSL_malloc|.
+OPENSSL_EXPORT void *OPENSSL_secure_malloc(size_t size);
+
+// OPENSSL_secure_clear_free calls |OPENSSL_clear_free|.
+OPENSSL_EXPORT void OPENSSL_secure_clear_free(void *ptr, size_t len);
+
#if defined(__cplusplus)
} // extern C
diff --git a/sysroots/generic-arm64/usr/include/openssl/nid.h b/sysroots/generic-arm64/usr/include/openssl/nid.h
index bf7f3da..64c9c9c 100644
--- a/sysroots/generic-arm64/usr/include/openssl/nid.h
+++ b/sysroots/generic-arm64/usr/include/openssl/nid.h
@@ -4235,9 +4235,6 @@
#define LN_auth_any "auth-any"
#define NID_auth_any 958
-#define SN_CECPQ2 "CECPQ2"
-#define NID_CECPQ2 959
-
#define SN_ED448 "ED448"
#define NID_ED448 960
#define OBJ_ED448 1L, 3L, 101L, 113L
@@ -4251,6 +4248,19 @@
#define NID_sha512_256 962
#define OBJ_sha512_256 2L, 16L, 840L, 1L, 101L, 3L, 4L, 2L, 6L
+#define SN_hkdf "HKDF"
+#define LN_hkdf "hkdf"
+#define NID_hkdf 963
+
+#define SN_X25519Kyber768 "X25519Kyber768"
+#define NID_X25519Kyber768 964
+
+#define SN_P256Kyber768 "P256Kyber768"
+#define NID_P256Kyber768 965
+
+#define SN_P384Kyber768 "P384Kyber768"
+#define NID_P384Kyber768 966
+
#if defined(__cplusplus)
} /* extern C */
diff --git a/sysroots/generic-arm64/usr/include/openssl/obj.h b/sysroots/generic-arm64/usr/include/openssl/obj.h
index ad7271e..3fb8bde 100644
--- a/sysroots/generic-arm64/usr/include/openssl/obj.h
+++ b/sysroots/generic-arm64/usr/include/openssl/obj.h
@@ -183,8 +183,15 @@
// Adding objects at runtime.
-// OBJ_create adds a known object and returns the nid of the new object, or
+// OBJ_create adds a known object and returns the NID of the new object, or
// NID_undef on error.
+//
+// WARNING: This function modifies global state. The table cannot contain
+// duplicate OIDs, short names, or long names. If two callers in the same
+// address space add conflicting values, only one registration will take effect.
+// Avoid this function if possible. Instead, callers can process OIDs unknown to
+// BoringSSL by acting on the byte representation directly. See |OBJ_get0_data|
+// and |OBJ_length|.
OPENSSL_EXPORT int OBJ_create(const char *oid, const char *short_name,
const char *long_name);
diff --git a/sysroots/generic-arm64/usr/include/openssl/opensslconf.h b/sysroots/generic-arm64/usr/include/openssl/opensslconf.h
index 3f1faf3..5165703 100644
--- a/sysroots/generic-arm64/usr/include/openssl/opensslconf.h
+++ b/sysroots/generic-arm64/usr/include/openssl/opensslconf.h
@@ -59,6 +59,7 @@
#define OPENSSL_NO_SM3
#define OPENSSL_NO_SM4
#define OPENSSL_NO_SRP
+#define OPENSSL_NO_SSL_TRACE
#define OPENSSL_NO_SSL2
#define OPENSSL_NO_SSL3
#define OPENSSL_NO_SSL3_METHOD
diff --git a/sysroots/generic-arm64/usr/include/openssl/pem.h b/sysroots/generic-arm64/usr/include/openssl/pem.h
index a94f276..21885ba 100644
--- a/sysroots/generic-arm64/usr/include/openssl/pem.h
+++ b/sysroots/generic-arm64/usr/include/openssl/pem.h
@@ -349,10 +349,6 @@
OPENSSL_EXPORT STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(
BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u);
-OPENSSL_EXPORT int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi,
- EVP_CIPHER *enc, unsigned char *kstr,
- int klen, pem_password_cb *cd,
- void *u);
OPENSSL_EXPORT int PEM_read(FILE *fp, char **name, char **header,
unsigned char **data, long *len);
@@ -376,9 +372,6 @@
// password.
OPENSSL_EXPORT int PEM_def_callback(char *buf, int size, int rwflag,
void *userdata);
-OPENSSL_EXPORT void PEM_proc_type(char *buf, int type);
-OPENSSL_EXPORT void PEM_dek_info(char *buf, const char *type, int len,
- char *str);
DECLARE_PEM_rw(X509, X509)
@@ -421,40 +414,40 @@
DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
-OPENSSL_EXPORT int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x,
+OPENSSL_EXPORT int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, const EVP_PKEY *x,
int nid, char *kstr,
int klen,
pem_password_cb *cb,
void *u);
-OPENSSL_EXPORT int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *,
+OPENSSL_EXPORT int PEM_write_bio_PKCS8PrivateKey(BIO *, const EVP_PKEY *,
const EVP_CIPHER *, char *,
int, pem_password_cb *,
void *);
-OPENSSL_EXPORT int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x,
+OPENSSL_EXPORT int i2d_PKCS8PrivateKey_bio(BIO *bp, const EVP_PKEY *x,
const EVP_CIPHER *enc, char *kstr,
int klen, pem_password_cb *cb,
void *u);
-OPENSSL_EXPORT int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
+OPENSSL_EXPORT int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, const EVP_PKEY *x,
+ int nid, char *kstr, int klen,
pem_password_cb *cb, void *u);
OPENSSL_EXPORT EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x,
pem_password_cb *cb, void *u);
-OPENSSL_EXPORT int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x,
+OPENSSL_EXPORT int i2d_PKCS8PrivateKey_fp(FILE *fp, const EVP_PKEY *x,
const EVP_CIPHER *enc, char *kstr,
int klen, pem_password_cb *cb,
void *u);
-OPENSSL_EXPORT int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
+OPENSSL_EXPORT int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, const EVP_PKEY *x,
+ int nid, char *kstr, int klen,
pem_password_cb *cb, void *u);
-OPENSSL_EXPORT int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
- char *kstr, int klen,
+OPENSSL_EXPORT int PEM_write_PKCS8PrivateKey_nid(FILE *fp, const EVP_PKEY *x,
+ int nid, char *kstr, int klen,
pem_password_cb *cb, void *u);
OPENSSL_EXPORT EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x,
pem_password_cb *cb, void *u);
-OPENSSL_EXPORT int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x,
+OPENSSL_EXPORT int PEM_write_PKCS8PrivateKey(FILE *fp, const EVP_PKEY *x,
const EVP_CIPHER *enc, char *kstr,
int klen, pem_password_cb *cd,
void *u);
diff --git a/sysroots/generic-arm64/usr/include/openssl/rand.h b/sysroots/generic-arm64/usr/include/openssl/rand.h
index bd41f9e..586274d 100644
--- a/sysroots/generic-arm64/usr/include/openssl/rand.h
+++ b/sysroots/generic-arm64/usr/include/openssl/rand.h
@@ -25,9 +25,20 @@
// Random number generation.
-// RAND_bytes writes |len| bytes of random data to |buf| and returns one.
+// RAND_bytes writes |len| bytes of random data to |buf| and returns one. In the
+// event that sufficient random data can not be obtained, |abort| is called.
OPENSSL_EXPORT int RAND_bytes(uint8_t *buf, size_t len);
+// RAND_get_system_entropy_for_custom_prng writes |len| bytes of random data
+// from a system entropy source to |buf|. The maximum length of entropy which
+// may be requested is 256 bytes. If more than 256 bytes of data is requested,
+// or if sufficient random data can not be obtained, |abort| is called.
+// |RAND_bytes| should normally be used instead of this function. This function
+// should only be used for seed values or where |malloc| should not be called
+// from BoringSSL. This function is not FIPS compliant.
+OPENSSL_EXPORT void RAND_get_system_entropy_for_custom_prng(uint8_t *buf,
+ size_t len);
+
// RAND_cleanup frees any resources used by the RNG. This is not safe if other
// threads might still be calling |RAND_bytes|.
OPENSSL_EXPORT void RAND_cleanup(void);
diff --git a/sysroots/generic-arm64/usr/include/openssl/rsa.h b/sysroots/generic-arm64/usr/include/openssl/rsa.h
index 57a2cb2..a1c03cd 100644
--- a/sysroots/generic-arm64/usr/include/openssl/rsa.h
+++ b/sysroots/generic-arm64/usr/include/openssl/rsa.h
@@ -298,8 +298,8 @@
// |hash_nid|. Passing unhashed inputs will not result in a secure signature
// scheme.
OPENSSL_EXPORT int RSA_sign(int hash_nid, const uint8_t *digest,
- unsigned digest_len, uint8_t *out,
- unsigned *out_len, RSA *rsa);
+ size_t digest_len, uint8_t *out, unsigned *out_len,
+ RSA *rsa);
// RSA_sign_pss_mgf1 signs |digest_len| bytes from |digest| with the public key
// from |rsa| using RSASSA-PSS with MGF1 as the mask generation function. It
@@ -625,7 +625,7 @@
// should use instead. It returns NULL on error, or a newly-allocated |RSA| on
// success. This function is provided for compatibility only. The |callback|
// and |cb_arg| parameters must be NULL.
-OPENSSL_EXPORT RSA *RSA_generate_key(int bits, unsigned long e, void *callback,
+OPENSSL_EXPORT RSA *RSA_generate_key(int bits, uint64_t e, void *callback,
void *cb_arg);
// d2i_RSAPublicKey parses a DER-encoded RSAPublicKey structure (RFC 8017) from
@@ -775,7 +775,7 @@
// num_blindings contains the size of the |blindings| and |blindings_inuse|
// arrays. This member and the |blindings_inuse| array are protected by
// |lock|.
- unsigned num_blindings;
+ size_t num_blindings;
// blindings is an array of BN_BLINDING structures that can be reserved by a
// thread by locking |lock| and changing the corresponding element in
// |blindings_inuse| from 0 to 1.
diff --git a/sysroots/generic-arm64/usr/include/openssl/ssl.h b/sysroots/generic-arm64/usr/include/openssl/ssl.h
index f0ca7f7..5b5e3fe 100644
--- a/sysroots/generic-arm64/usr/include/openssl/ssl.h
+++ b/sysroots/generic-arm64/usr/include/openssl/ssl.h
@@ -157,11 +157,6 @@
#include <sys/time.h>
#endif
-// NGINX needs this #include. Consider revisiting this after NGINX 1.14.0 has
-// been out for a year or so (assuming that they fix it in that release.) See
-// https://boringssl-review.googlesource.com/c/boringssl/+/21664.
-#include <openssl/hmac.h>
-
// Forward-declare struct timeval. On Windows, it is defined in winsock2.h and
// Windows headers define too many macros to be included in public headers.
// However, only a forward declaration is needed.
@@ -1454,9 +1449,6 @@
//
// |SHA1|, and its alias |SHA|, match legacy cipher suites using HMAC-SHA1.
//
-// Although implemented, authentication-only ciphers match no rules and must be
-// explicitly selected by name.
-//
// Deprecated cipher rules:
//
// |kEDH|, |EDH|, |kEECDH|, and |EECDH| are legacy aliases for |kDHE|, |DHE|,
@@ -2288,6 +2280,10 @@
// By default, BoringSSL sends two tickets.
OPENSSL_EXPORT int SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets);
+// SSL_CTX_get_num_tickets returns the number of tickets |ctx| will send
+// immediately after a successful TLS 1.3 handshake as a server.
+OPENSSL_EXPORT size_t SSL_CTX_get_num_tickets(const SSL_CTX *ctx);
+
// Elliptic curve Diffie-Hellman.
//
@@ -2335,7 +2331,8 @@
#define SSL_CURVE_SECP384R1 24
#define SSL_CURVE_SECP521R1 25
#define SSL_CURVE_X25519 29
-#define SSL_CURVE_CECPQ2 16696
+#define SSL_CURVE_X25519KYBER768 0x6399
+#define SSL_CURVE_P256KYBER768 0xfe32
// SSL_get_curve_id returns the ID of the curve used by |ssl|'s most recently
// completed handshake or 0 if not applicable.
@@ -2348,6 +2345,20 @@
// the given TLS curve id, or NULL if the curve is unknown.
OPENSSL_EXPORT const char *SSL_get_curve_name(uint16_t curve_id);
+// SSL_CTX_set1_groups calls |SSL_CTX_set1_curves|.
+OPENSSL_EXPORT int SSL_CTX_set1_groups(SSL_CTX *ctx, const int *groups,
+ size_t groups_len);
+
+// SSL_set1_groups calls |SSL_set1_curves|.
+OPENSSL_EXPORT int SSL_set1_groups(SSL *ssl, const int *groups,
+ size_t groups_len);
+
+// SSL_CTX_set1_groups_list calls |SSL_CTX_set1_curves_list|.
+OPENSSL_EXPORT int SSL_CTX_set1_groups_list(SSL_CTX *ctx, const char *groups);
+
+// SSL_set1_groups_list calls |SSL_set1_curves_list|.
+OPENSSL_EXPORT int SSL_set1_groups_list(SSL *ssl, const char *groups);
+
// Certificate verification.
//
@@ -2396,21 +2407,51 @@
// SSL_CTX_set_verify configures certificate verification behavior. |mode| is
// one of the |SSL_VERIFY_*| values defined above. |callback|, if not NULL, is
-// used to customize certificate verification. See the behavior of
-// |X509_STORE_CTX_set_verify_cb|.
+// used to customize certificate verification, but is deprecated. See
+// |X509_STORE_CTX_set_verify_cb| for details.
//
// The callback may use |SSL_get_ex_data_X509_STORE_CTX_idx| with
// |X509_STORE_CTX_get_ex_data| to look up the |SSL| from |store_ctx|.
+//
+// WARNING: |callback| should be NULL. This callback does not replace the
+// default certificate verification process and is, instead, called multiple
+// times in the course of that process. It is very difficult to implement this
+// callback safely, without inadvertently relying on implementation details or
+// making incorrect assumptions about when the callback is called.
+//
+// Instead, use |SSL_CTX_set_custom_verify| or
+// |SSL_CTX_set_cert_verify_callback| to customize certificate verification.
+// Those callbacks can inspect the peer-sent chain, call |X509_verify_cert| and
+// inspect the result, or perform other operations more straightforwardly.
+//
+// TODO(crbug.com/boringssl/426): We cite |X509_STORE_CTX_set_verify_cb| but
+// haven't documented it yet. Later that will have a more detailed warning about
+// why one should not use this callback.
OPENSSL_EXPORT void SSL_CTX_set_verify(
SSL_CTX *ctx, int mode, int (*callback)(int ok, X509_STORE_CTX *store_ctx));
// SSL_set_verify configures certificate verification behavior. |mode| is one of
// the |SSL_VERIFY_*| values defined above. |callback|, if not NULL, is used to
-// customize certificate verification. See the behavior of
+// customize certificate verification, but is deprecated. See the behavior of
// |X509_STORE_CTX_set_verify_cb|.
//
// The callback may use |SSL_get_ex_data_X509_STORE_CTX_idx| with
// |X509_STORE_CTX_get_ex_data| to look up the |SSL| from |store_ctx|.
+//
+// WARNING: |callback| should be NULL. This callback does not replace the
+// default certificate verification process and is, instead, called multiple
+// times in the course of that process. It is very difficult to implement this
+// callback safely, without inadvertently relying on implementation details or
+// making incorrect assumptions about when the callback is called.
+//
+// Instead, use |SSL_set_custom_verify| or |SSL_CTX_set_cert_verify_callback| to
+// customize certificate verification. Those callbacks can inspect the peer-sent
+// chain, call |X509_verify_cert| and inspect the result, or perform other
+// operations more straightforwardly.
+//
+// TODO(crbug.com/boringssl/426): We cite |X509_STORE_CTX_set_verify_cb| but
+// haven't documented it yet. Later that will have a more detailed warning about
+// why one should not use this callback.
OPENSSL_EXPORT void SSL_set_verify(SSL *ssl, int mode,
int (*callback)(int ok,
X509_STORE_CTX *store_ctx));
@@ -2718,7 +2759,7 @@
// SSL_load_client_CA_file opens |file| and reads PEM-encoded certificates from
// it. It returns a newly-allocated stack of the certificate subjects or NULL
-// on error.
+// on error. Duplicates in |file| are ignored.
OPENSSL_EXPORT STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
// SSL_dup_CA_list makes a deep copy of |list|. It returns the new list on
@@ -2731,6 +2772,11 @@
OPENSSL_EXPORT int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *out,
const char *file);
+// SSL_add_bio_cert_subjects_to_stack behaves like
+// |SSL_add_file_cert_subjects_to_stack| but reads from |bio|.
+OPENSSL_EXPORT int SSL_add_bio_cert_subjects_to_stack(STACK_OF(X509_NAME) *out,
+ BIO *bio);
+
// Server name indication.
//
@@ -2809,7 +2855,7 @@
// WARNING: this function is dangerous because it breaks the usual return value
// convention.
OPENSSL_EXPORT int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const uint8_t *protos,
- unsigned protos_len);
+ size_t protos_len);
// SSL_set_alpn_protos sets the client ALPN protocol list on |ssl| to |protos|.
// |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
@@ -2820,7 +2866,7 @@
// WARNING: this function is dangerous because it breaks the usual return value
// convention.
OPENSSL_EXPORT int SSL_set_alpn_protos(SSL *ssl, const uint8_t *protos,
- unsigned protos_len);
+ size_t protos_len);
// SSL_CTX_set_alpn_select_cb sets a callback function on |ctx| that is called
// during ClientHello processing in order to select an ALPN protocol from the
@@ -3908,13 +3954,14 @@
const uint8_t **out_write_iv,
size_t *out_iv_len);
-// SSL_get_key_block_len returns the length of |ssl|'s key block. It is an error
-// to call this function during a handshake.
+// SSL_get_key_block_len returns the length of |ssl|'s key block, for TLS 1.2
+// and below. It is an error to call this function during a handshake, or if
+// |ssl| negotiated TLS 1.3.
OPENSSL_EXPORT size_t SSL_get_key_block_len(const SSL *ssl);
// SSL_generate_key_block generates |out_len| bytes of key material for |ssl|'s
-// current connection state. It is an error to call this function during a
-// handshake.
+// current connection state, for TLS 1.2 and below. It is an error to call this
+// function during a handshake, or if |ssl| negotiated TLS 1.3.
OPENSSL_EXPORT int SSL_generate_key_block(const SSL *ssl, uint8_t *out,
size_t out_len);
@@ -3968,8 +4015,9 @@
// those cases, BoringSSL will not predict a signature as there is no benefit.
// Callers must allow for handshakes to complete without a predicted signature.
//
-// For now, only TLS 1.3 is hinted. TLS 1.2 will work, but the hints will be
-// empty.
+// Handshake hints are supported for TLS 1.3 and partially supported for
+// TLS 1.2. TLS 1.2 resumption handshakes are not yet fully hinted. They will
+// still work, but may not be as efficient.
// SSL_serialize_capabilities writes an opaque byte string to |out| describing
// some of |ssl|'s capabilities. It returns one on success and zero on error.
@@ -4125,6 +4173,13 @@
// renegotiation attempts by a server. If |ssl| is a server, peer-initiated
// renegotiations are *always* rejected and this function does nothing.
//
+// WARNING: Renegotiation is error-prone, complicates TLS's security properties,
+// and increases its attack surface. When enabled, many common assumptions about
+// BoringSSL's behavior no longer hold, and the calling application must handle
+// more cases. Renegotiation is also incompatible with many application
+// protocols, e.g. section 9.2.1 of RFC 7540. Many functions behave in ambiguous
+// or undefined ways during a renegotiation.
+//
// The renegotiation mode defaults to |ssl_renegotiate_never|, but may be set
// at any point in a connection's lifetime. Set it to |ssl_renegotiate_once| to
// allow one renegotiation, |ssl_renegotiate_freely| to allow all
@@ -4146,6 +4201,20 @@
// e.g., ALPN must enable renegotiation before the handshake and conditionally
// disable it afterwards.
//
+// When enabled, renegotiation can cause properties of |ssl|, such as the cipher
+// suite, to change during the lifetime of the connection. More over, during a
+// renegotiation, not all properties of the new handshake are available or fully
+// established. In BoringSSL, most functions, such as |SSL_get_current_cipher|,
+// report information from the most recently completed handshake, not the
+// pending one. However, renegotiation may rerun handshake callbacks, such as
+// |SSL_CTX_set_cert_cb|. Such callbacks must ensure they are acting on the
+// desired versions of each property.
+//
+// BoringSSL does not reverify peer certificates on renegotiation and instead
+// requires they match between handshakes, so certificate verification callbacks
+// (see |SSL_CTX_set_custom_verify|) may assume |ssl| is in the initial
+// handshake and use |SSL_get0_peer_certificates|, etc.
+//
// There is no support in BoringSSL for initiating renegotiations as a client
// or server.
OPENSSL_EXPORT void SSL_set_renegotiate_mode(SSL *ssl,
@@ -4281,12 +4350,24 @@
// respected on clients.
OPENSSL_EXPORT void SSL_CTX_set_reverify_on_resume(SSL_CTX *ctx, int enabled);
-// SSL_set_enforce_rsa_key_usage configures whether the keyUsage extension of
-// RSA leaf certificates will be checked for consistency with the TLS
-// usage. This parameter may be set late; it will not be read until after the
+// SSL_set_enforce_rsa_key_usage configures whether, when |ssl| is a client
+// negotiating TLS 1.2 or below, the keyUsage extension of RSA leaf server
+// certificates will be checked for consistency with the TLS usage. In all other
+// cases, this check is always enabled.
+//
+// This parameter may be set late; it will not be read until after the
// certificate verification callback.
OPENSSL_EXPORT void SSL_set_enforce_rsa_key_usage(SSL *ssl, int enabled);
+// SSL_was_key_usage_invalid returns one if |ssl|'s handshake succeeded despite
+// using TLS parameters which were incompatible with the leaf certificate's
+// keyUsage extension. Otherwise, it returns zero.
+//
+// If |SSL_set_enforce_rsa_key_usage| is enabled or not applicable, this
+// function will always return zero because key usages will be consistently
+// checked.
+OPENSSL_EXPORT int SSL_was_key_usage_invalid(const SSL *ssl);
+
// SSL_ST_* are possible values for |SSL_state|, the bitmasks that make them up,
// and some historical values for compatibility. Only |SSL_ST_INIT| and
// |SSL_ST_OK| are ever returned.
@@ -4473,13 +4554,6 @@
// SSL_CIPHER_get_version returns the string "TLSv1/SSLv3".
OPENSSL_EXPORT const char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
-// SSL_CIPHER_get_rfc_name returns a newly-allocated string containing the
-// result of |SSL_CIPHER_standard_name| or NULL on error. The caller is
-// responsible for calling |OPENSSL_free| on the result.
-//
-// Use |SSL_CIPHER_standard_name| instead.
-OPENSSL_EXPORT char *SSL_CIPHER_get_rfc_name(const SSL_CIPHER *cipher);
-
typedef void COMP_METHOD;
typedef struct ssl_comp_st SSL_COMP;
@@ -5104,6 +5178,68 @@
OPENSSL_EXPORT uint16_t SSL_CIPHER_get_value(const SSL_CIPHER *cipher);
+// Compliance policy configurations
+//
+// A TLS connection has a large number of different parameters. Some are well
+// known, like cipher suites, but many are obscure and configuration functions
+// for them may not exist. These policy controls allow broad configuration
+// goals to be specified so that they can flow down to all the different
+// parameters of a TLS connection.
+
+enum ssl_compliance_policy_t BORINGSSL_ENUM_INT {
+ // ssl_compliance_policy_none does nothing. However, since setting this
+ // doesn't undo other policies it's an error to try and set it.
+ ssl_compliance_policy_none,
+
+ // ssl_policy_fips_202205 configures a TLS connection to use:
+ // * TLS 1.2 or 1.3
+ // * For TLS 1.2, only ECDHE_[RSA|ECDSA]_WITH_AES_*_GCM_SHA*.
+ // * For TLS 1.3, only AES-GCM
+ // * P-256 or P-384 for key agreement.
+ // * For server signatures, only PKCS#1/PSS with SHA256/384/512, or ECDSA
+ // with P-256 or P-384.
+ //
+ // Note: this policy can be configured even if BoringSSL has not been built in
+ // FIPS mode. Call |FIPS_mode| to check that.
+ //
+ // Note: this setting aids with compliance with NIST requirements but does not
+ // guarantee it. Careful reading of SP 800-52r2 is recommended.
+ ssl_compliance_policy_fips_202205,
+
+ // ssl_compliance_policy_wpa3_192_202304 configures a TLS connection to use:
+ // * TLS 1.2 or 1.3.
+ // * For TLS 1.2, only TLS_ECDHE_[ECDSA|RSA]_WITH_AES_256_GCM_SHA384.
+ // * For TLS 1.3, only AES-256-GCM.
+ // * P-384 for key agreement.
+ // * For handshake signatures, only ECDSA with P-384 and SHA-384, or RSA
+ // with SHA-384 or SHA-512.
+ //
+ // No limitations on the certificate chain nor leaf public key are imposed,
+ // other than by the supported signature algorithms. But WPA3's "192-bit"
+ // mode requires at least P-384 or 3072-bit along the chain. The caller must
+ // enforce this themselves on the verified chain using functions such as
+ // `X509_STORE_CTX_get0_chain`.
+ //
+ // Note that this setting is less secure than the default. The
+ // implementation risks of using a more obscure primitive like P-384
+ // dominate other considerations.
+ ssl_compliance_policy_wpa3_192_202304,
+};
+
+// SSL_CTX_set_compliance_policy configures various aspects of |ctx| based on
+// the given policy requirements. Subsequently calling other functions that
+// configure |ctx| may override |policy|, or may not. This should be the final
+// configuration function called in order to have defined behaviour. It's a
+// fatal error if |policy| is |ssl_compliance_policy_none|.
+OPENSSL_EXPORT int SSL_CTX_set_compliance_policy(
+ SSL_CTX *ctx, enum ssl_compliance_policy_t policy);
+
+// SSL_set_compliance_policy acts the same as |SSL_CTX_set_compliance_policy|,
+// but only configures a single |SSL*|.
+OPENSSL_EXPORT int SSL_set_compliance_policy(
+ SSL *ssl, enum ssl_compliance_policy_t policy);
+
+
// Nodejs compatibility section (hidden).
//
// These defines exist for node.js, with the hope that we can eliminate the
@@ -5270,62 +5406,6 @@
BORINGSSL_MAKE_DELETER(SSL_SESSION, SSL_SESSION_free)
BORINGSSL_MAKE_UP_REF(SSL_SESSION, SSL_SESSION_up_ref)
-enum class OpenRecordResult {
- kOK,
- kDiscard,
- kIncompleteRecord,
- kAlertCloseNotify,
- kError,
-};
-
-// *** EXPERIMENTAL -- DO NOT USE ***
-//
-// OpenRecord decrypts the first complete SSL record from |in| in-place, sets
-// |out| to the decrypted application data, and |out_record_len| to the length
-// of the encrypted record. Returns:
-// - kOK if an application-data record was successfully decrypted and verified.
-// - kDiscard if a record was sucessfully processed, but should be discarded.
-// - kIncompleteRecord if |in| did not contain a complete record.
-// - kAlertCloseNotify if a record was successfully processed but is a
-// close_notify alert.
-// - kError if an error occurred or the record is invalid. |*out_alert| will be
-// set to an alert to emit, or zero if no alert should be emitted.
-OPENSSL_EXPORT OpenRecordResult OpenRecord(SSL *ssl, Span<uint8_t> *out,
- size_t *out_record_len,
- uint8_t *out_alert,
- Span<uint8_t> in);
-
-OPENSSL_EXPORT size_t SealRecordPrefixLen(const SSL *ssl, size_t plaintext_len);
-
-// SealRecordSuffixLen returns the length of the suffix written by |SealRecord|.
-//
-// |plaintext_len| must be equal to the size of the plaintext passed to
-// |SealRecord|.
-//
-// |plaintext_len| must not exceed |SSL3_RT_MAX_PLAINTEXT_LENGTH|. The returned
-// suffix length will not exceed |SSL3_RT_MAX_ENCRYPTED_OVERHEAD|.
-OPENSSL_EXPORT size_t SealRecordSuffixLen(const SSL *ssl, size_t plaintext_len);
-
-// *** EXPERIMENTAL -- DO NOT USE ***
-//
-// SealRecord encrypts the cleartext of |in| and scatters the resulting TLS
-// application data record between |out_prefix|, |out|, and |out_suffix|. It
-// returns true on success or false if an error occurred.
-//
-// The length of |out_prefix| must equal |SealRecordPrefixLen|. The length of
-// |out| must equal the length of |in|, which must not exceed
-// |SSL3_RT_MAX_PLAINTEXT_LENGTH|. The length of |out_suffix| must equal
-// |SealRecordSuffixLen|.
-//
-// If enabled, |SealRecord| may perform TLS 1.0 CBC 1/n-1 record splitting.
-// |SealRecordPrefixLen| accounts for the required overhead if that is the case.
-//
-// |out| may equal |in| to encrypt in-place but may not otherwise alias.
-// |out_prefix| and |out_suffix| may not alias anything.
-OPENSSL_EXPORT bool SealRecord(SSL *ssl, Span<uint8_t> out_prefix,
- Span<uint8_t> out, Span<uint8_t> out_suffix,
- Span<const uint8_t> in);
-
// *** EXPERIMENTAL — DO NOT USE WITHOUT CHECKING ***
//
@@ -5383,6 +5463,18 @@
const SSL *ssl, Span<const uint8_t> *out_read_traffic_secret,
Span<const uint8_t> *out_write_traffic_secret);
+// SSL_CTX_set_aes_hw_override_for_testing sets |override_value| to
+// override checking for aes hardware support for testing. If |override_value|
+// is set to true, the library will behave as if aes hardware support is
+// present. If it is set to false, the library will behave as if aes hardware
+// support is not present.
+OPENSSL_EXPORT void SSL_CTX_set_aes_hw_override_for_testing(
+ SSL_CTX *ctx, bool override_value);
+
+// SSL_set_aes_hw_override_for_testing acts the same as
+// |SSL_CTX_set_aes_override_for_testing| but only configures a single |SSL*|.
+OPENSSL_EXPORT void SSL_set_aes_hw_override_for_testing(SSL *ssl,
+ bool override_value);
BSSL_NAMESPACE_END
diff --git a/sysroots/generic-arm64/usr/include/openssl/ssl3.h b/sysroots/generic-arm64/usr/include/openssl/ssl3.h
index 533142c..221adf0 100644
--- a/sysroots/generic-arm64/usr/include/openssl/ssl3.h
+++ b/sysroots/generic-arm64/usr/include/openssl/ssl3.h
@@ -1,4 +1,3 @@
-/* ssl/ssl3.h */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -118,7 +117,6 @@
#define OPENSSL_HEADER_SSL3_H
#include <openssl/aead.h>
-#include <openssl/type_check.h>
#ifdef __cplusplus
extern "C" {
@@ -251,10 +249,6 @@
#define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
(EVP_AEAD_MAX_OVERHEAD + EVP_AEAD_MAX_NONCE_LENGTH)
-OPENSSL_STATIC_ASSERT(SSL3_RT_MAX_ENCRYPTED_OVERHEAD >=
- SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD,
- "max overheads are inconsistent");
-
// SSL3_RT_MAX_COMPRESSED_LENGTH is an alias for
// |SSL3_RT_MAX_PLAIN_LENGTH|. Compression is gone, so don't include the
// compression overhead.
diff --git a/sysroots/generic-arm64/usr/include/openssl/stack.h b/sysroots/generic-arm64/usr/include/openssl/stack.h
index df54713..59b1c5e 100644
--- a/sysroots/generic-arm64/usr/include/openssl/stack.h
+++ b/sysroots/generic-arm64/usr/include/openssl/stack.h
@@ -59,8 +59,6 @@
#include <openssl/base.h>
-#include <openssl/type_check.h>
-
#if defined(__cplusplus)
extern "C" {
#endif
@@ -69,41 +67,219 @@
// A stack, in OpenSSL, is an array of pointers. They are the most commonly
// used collection object.
//
-// This file defines macros for type safe use of the stack functions. A stack
-// of a specific type of object has type |STACK_OF(type)|. This can be defined
-// (once) with |DEFINE_STACK_OF(type)| and declared where needed with
-// |DECLARE_STACK_OF(type)|. For example:
+// This file defines macros for type-safe use of the stack functions. A stack
+// type is named like |STACK_OF(FOO)| and is accessed with functions named
+// like |sk_FOO_*|. Note the stack will typically contain /pointers/ to |FOO|.
//
-// typedef struct foo_st {
-// int bar;
-// } FOO;
-//
-// DEFINE_STACK_OF(FOO)
-//
-// Although note that the stack will contain /pointers/ to |FOO|.
-//
-// A macro will be defined for each of the sk_* functions below. For
-// STACK_OF(FOO), the macros would be sk_FOO_new, sk_FOO_pop etc.
+// The |DECLARE_STACK_OF| macro makes |STACK_OF(FOO)| available, and
+// |DEFINE_STACK_OF| makes the corresponding functions available.
-// stack_free_func is a function that frees an element in a stack. Note its
+// Defining stacks.
+
+// STACK_OF expands to the stack type for |type|.
+#define STACK_OF(type) struct stack_st_##type
+
+// DECLARE_STACK_OF declares the |STACK_OF(type)| type. It does not make the
+// corresponding |sk_type_*| functions available. This macro should be used in
+// files which only need the type.
+#define DECLARE_STACK_OF(type) STACK_OF(type);
+
+// DEFINE_NAMED_STACK_OF defines |STACK_OF(name)| to be a stack whose elements
+// are |type| *. This macro makes the |sk_name_*| functions available.
+//
+// It is not necessary to use |DECLARE_STACK_OF| in files which use this macro.
+#define DEFINE_NAMED_STACK_OF(name, type) \
+ BORINGSSL_DEFINE_STACK_OF_IMPL(name, type *, const type *) \
+ BORINGSSL_DEFINE_STACK_TRAITS(name, type, false)
+
+// DEFINE_STACK_OF defines |STACK_OF(type)| to be a stack whose elements are
+// |type| *. This macro makes the |sk_type_*| functions available.
+//
+// It is not necessary to use |DECLARE_STACK_OF| in files which use this macro.
+#define DEFINE_STACK_OF(type) DEFINE_NAMED_STACK_OF(type, type)
+
+// DEFINE_CONST_STACK_OF defines |STACK_OF(type)| to be a stack whose elements
+// are const |type| *. This macro makes the |sk_type_*| functions available.
+//
+// It is not necessary to use |DECLARE_STACK_OF| in files which use this macro.
+#define DEFINE_CONST_STACK_OF(type) \
+ BORINGSSL_DEFINE_STACK_OF_IMPL(type, const type *, const type *) \
+ BORINGSSL_DEFINE_STACK_TRAITS(type, const type, true)
+
+
+// Using stacks.
+//
+// After the |DEFINE_STACK_OF| macro is used, the following functions are
+// available.
+
+#if 0 // Sample
+
+// sk_SAMPLE_free_func is a callback to free an element in a stack.
+typedef void (*sk_SAMPLE_free_func)(SAMPLE *);
+
+// sk_SAMPLE_copy_func is a callback to copy an element in a stack. It should
+// return the copy or NULL on error.
+typedef SAMPLE *(*sk_SAMPLE_copy_func)(const SAMPLE *);
+
+// sk_SAMPLE_cmp_func is a callback to compare |*a| to |*b|. It should return a
+// value < 0, 0, or > 0 if |*a| is less than, equal to, or greater than |*b|,
+// respectively. Note the extra indirection - the function is given a pointer
+// to a pointer to the element. This is the |qsort|/|bsearch| comparison
+// function applied to an array of |SAMPLE*|.
+typedef int (*sk_SAMPLE_cmp_func)(const SAMPLE *const *a,
+ const SAMPLE *const *b);
+
+// sk_SAMPLE_new creates a new, empty stack with the given comparison function,
+// which may be NULL. It returns the new stack or NULL on allocation failure.
+STACK_OF(SAMPLE) *sk_SAMPLE_new(sk_SAMPLE_cmp_func comp);
+
+// sk_SAMPLE_new_null creates a new, empty stack. It returns the new stack or
+// NULL on allocation failure.
+STACK_OF(SAMPLE) *sk_SAMPLE_new_null(void);
+
+// sk_SAMPLE_num returns the number of elements in |sk|.
+size_t sk_SAMPLE_num(const STACK_OF(SAMPLE) *sk);
+
+// sk_SAMPLE_zero resets |sk| to the empty state but does nothing to free the
+// individual elements themselves.
+void sk_SAMPLE_zero(STACK_OF(SAMPLE) *sk);
+
+// sk_SAMPLE_value returns the |i|th pointer in |sk|, or NULL if |i| is out of
+// range.
+SAMPLE *sk_SAMPLE_value(const STACK_OF(SAMPLE) *sk, size_t i);
+
+// sk_SAMPLE_set sets the |i|th pointer in |sk| to |p| and returns |p|. If |i|
+// is out of range, it returns NULL.
+SAMPLE *sk_SAMPLE_set(STACK_OF(SAMPLE) *sk, size_t i, SAMPLE *p);
+
+// sk_SAMPLE_free frees |sk|, but does nothing to free the individual elements.
+// Use |sk_SAMPLE_pop_free| to also free the elements.
+void sk_SAMPLE_free(STACK_OF(SAMPLE) *sk);
+
+// sk_SAMPLE_pop_free calls |free_func| on each element in |sk| and then
+// frees the stack itself.
+void sk_SAMPLE_pop_free(STACK_OF(SAMPLE) *sk, sk_SAMPLE_free_func free_func);
+
+// sk_SAMPLE_insert inserts |p| into the stack at index |where|, moving existing
+// elements if needed. It returns the length of the new stack, or zero on
+// error.
+size_t sk_SAMPLE_insert(STACK_OF(SAMPLE) *sk, SAMPLE *p, size_t where);
+
+// sk_SAMPLE_delete removes the pointer at index |where|, moving other elements
+// down if needed. It returns the removed pointer, or NULL if |where| is out of
+// range.
+SAMPLE *sk_SAMPLE_delete(STACK_OF(SAMPLE) *sk, size_t where);
+
+// sk_SAMPLE_delete_ptr removes, at most, one instance of |p| from |sk| based on
+// pointer equality. If an instance of |p| is found then |p| is returned,
+// otherwise it returns NULL.
+SAMPLE *sk_SAMPLE_delete_ptr(STACK_OF(SAMPLE) *sk, const SAMPLE *p);
+
+// sk_SAMPLE_delete_if_func is the callback function for |sk_SAMPLE_delete_if|.
+// It should return one to remove |p| and zero to keep it.
+typedef int (*sk_SAMPLE_delete_if_func)(SAMPLE *p, void *data);
+
+// sk_SAMPLE_delete_if calls |func| with each element of |sk| and removes the
+// entries where |func| returned one. This function does not free or return
+// removed pointers so, if |sk| owns its contents, |func| should release the
+// pointers prior to returning one.
+void sk_SAMPLE_delete_if(STACK_OF(SAMPLE) *sk, sk_SAMPLE_delete_if_func func,
+ void *data);
+
+// sk_SAMPLE_find find the first value in |sk| equal to |p|. |sk|'s comparison
+// function determines equality, or pointer equality if |sk| has no comparison
+// function.
+//
+// If the stack is sorted (see |sk_SAMPLE_sort|), this function uses a binary
+// search. Otherwise it performs a linear search. If it finds a matching
+// element, it writes the index to |*out_index| (if |out_index| is not NULL) and
+// returns one. Otherwise, it returns zero.
+//
+// Note this differs from OpenSSL. The type signature is slightly different, and
+// OpenSSL's version will implicitly sort |sk| if it has a comparison function
+// defined.
+int sk_SAMPLE_find(const STACK_OF(SAMPLE) *sk, size_t *out_index,
+ const SAMPLE *p);
+
+// sk_SAMPLE_shift removes and returns the first element in |sk|, or NULL if
+// |sk| is empty.
+SAMPLE *sk_SAMPLE_shift(STACK_OF(SAMPLE) *sk);
+
+// sk_SAMPLE_push appends |p| to |sk| and returns the length of the new stack,
+// or 0 on allocation failure.
+size_t sk_SAMPLE_push(STACK_OF(SAMPLE) *sk, SAMPLE *p);
+
+// sk_SAMPLE_pop removes and returns the last element of |sk|, or NULL if |sk|
+// is empty.
+SAMPLE *sk_SAMPLE_pop(STACK_OF(SAMPLE) *sk);
+
+// sk_SAMPLE_dup performs a shallow copy of a stack and returns the new stack,
+// or NULL on error. Use |sk_SAMPLE_deep_copy| to also copy the elements.
+STACK_OF(SAMPLE) *sk_SAMPLE_dup(const STACK_OF(SAMPLE) *sk);
+
+// sk_SAMPLE_sort sorts the elements of |sk| into ascending order based on the
+// comparison function. The stack maintains a "sorted" flag and sorting an
+// already sorted stack is a no-op.
+void sk_SAMPLE_sort(STACK_OF(SAMPLE) *sk);
+
+// sk_SAMPLE_is_sorted returns one if |sk| is known to be sorted and zero
+// otherwise.
+int sk_SAMPLE_is_sorted(const STACK_OF(SAMPLE) *sk);
+
+// sk_SAMPLE_set_cmp_func sets the comparison function to be used by |sk| and
+// returns the previous one.
+sk_SAMPLE_cmp_func sk_SAMPLE_set_cmp_func(STACK_OF(SAMPLE) *sk,
+ sk_SAMPLE_cmp_func comp);
+
+// sk_SAMPLE_deep_copy performs a copy of |sk| and of each of the non-NULL
+// elements in |sk| by using |copy_func|. If an error occurs, it calls
+// |free_func| to free any copies already made and returns NULL.
+STACK_OF(SAMPLE) *sk_SAMPLE_deep_copy(const STACK_OF(SAMPLE) *sk,
+ sk_SAMPLE_copy_func copy_func,
+ sk_SAMPLE_free_func free_func);
+
+#endif // Sample
+
+
+// Private functions.
+//
+// TODO(https://crbug.com/boringssl/499): Rename to |OPENSSL_sk_foo|, after
+// external code that calls them is fixed.
+
+// OPENSSL_sk_free_func is a function that frees an element in a stack. Note its
// actual type is void (*)(T *) for some T. Low-level |sk_*| functions will be
// passed a type-specific wrapper to call it correctly.
-typedef void (*stack_free_func)(void *ptr);
+typedef void (*OPENSSL_sk_free_func)(void *ptr);
-// stack_copy_func is a function that copies an element in a stack. Note its
-// actual type is T *(*)(T *) for some T. Low-level |sk_*| functions will be
-// passed a type-specific wrapper to call it correctly.
-typedef void *(*stack_copy_func)(void *ptr);
+// OPENSSL_sk_copy_func is a function that copies an element in a stack. Note
+// its actual type is T *(*)(const T *) for some T. Low-level |sk_*| functions
+// will be passed a type-specific wrapper to call it correctly.
+typedef void *(*OPENSSL_sk_copy_func)(const void *ptr);
-// stack_cmp_func is a comparison function that returns a value < 0, 0 or > 0
-// if |*a| is less than, equal to or greater than |*b|, respectively. Note the
-// extra indirection - the function is given a pointer to a pointer to the
+// OPENSSL_sk_cmp_func is a comparison function that returns a value < 0, 0 or >
+// 0 if |*a| is less than, equal to or greater than |*b|, respectively. Note
+// the extra indirection - the function is given a pointer to a pointer to the
// element. This differs from the usual qsort/bsearch comparison function.
//
-// Note its actual type is int (*)(const T **, const T **). Low-level |sk_*|
-// functions will be passed a type-specific wrapper to call it correctly.
-typedef int (*stack_cmp_func)(const void **a, const void **b);
+// Note its actual type is |int (*)(const T *const *a, const T *const *b)|.
+// Low-level |sk_*| functions will be passed a type-specific wrapper to call it
+// correctly.
+typedef int (*OPENSSL_sk_cmp_func)(const void *const *a, const void *const *b);
+
+// OPENSSL_sk_delete_if_func is the generic version of
+// |sk_SAMPLE_delete_if_func|.
+typedef int (*OPENSSL_sk_delete_if_func)(void *obj, void *data);
+
+// The following function types call the above type-erased signatures with the
+// true types.
+typedef void (*OPENSSL_sk_call_free_func)(OPENSSL_sk_free_func, void *);
+typedef void *(*OPENSSL_sk_call_copy_func)(OPENSSL_sk_copy_func, const void *);
+typedef int (*OPENSSL_sk_call_cmp_func)(OPENSSL_sk_cmp_func,
+ const void *const *,
+ const void *const *);
+typedef int (*OPENSSL_sk_call_delete_if_func)(OPENSSL_sk_delete_if_func, void *,
+ void *);
// stack_st contains an array of pointers. It is not designed to be used
// directly, rather the wrapper macros should be used.
@@ -118,135 +294,50 @@
// to by |data|, which may be larger than |num|.
size_t num_alloc;
// comp is an optional comparison function.
- stack_cmp_func comp;
+ OPENSSL_sk_cmp_func comp;
} _STACK;
-
-#define STACK_OF(type) struct stack_st_##type
-
-#define DECLARE_STACK_OF(type) STACK_OF(type);
-
-// These are the raw stack functions, you shouldn't be using them. Rather you
-// should be using the type stack macros implemented above.
-
-// sk_new creates a new, empty stack with the given comparison function, which
-// may be zero. It returns the new stack or NULL on allocation failure.
-OPENSSL_EXPORT _STACK *sk_new(stack_cmp_func comp);
-
-// sk_new_null creates a new, empty stack. It returns the new stack or NULL on
-// allocation failure.
+// The following are raw stack functions. They implement the corresponding typed
+// |sk_SAMPLE_*| functions generated by |DEFINE_STACK_OF|. Callers shouldn't be
+// using them. Rather, callers should use the typed functions.
+OPENSSL_EXPORT _STACK *sk_new(OPENSSL_sk_cmp_func comp);
OPENSSL_EXPORT _STACK *sk_new_null(void);
-
-// sk_num returns the number of elements in |s|.
OPENSSL_EXPORT size_t sk_num(const _STACK *sk);
-
-// sk_zero resets |sk| to the empty state but does nothing to free the
-// individual elements themselves.
OPENSSL_EXPORT void sk_zero(_STACK *sk);
-
-// sk_value returns the |i|th pointer in |sk|, or NULL if |i| is out of
-// range.
OPENSSL_EXPORT void *sk_value(const _STACK *sk, size_t i);
-
-// sk_set sets the |i|th pointer in |sk| to |p| and returns |p|. If |i| is out
-// of range, it returns NULL.
OPENSSL_EXPORT void *sk_set(_STACK *sk, size_t i, void *p);
-
-// sk_free frees the given stack and array of pointers, but does nothing to
-// free the individual elements. Also see |sk_pop_free_ex|.
OPENSSL_EXPORT void sk_free(_STACK *sk);
-
-// sk_pop_free_ex calls |free_func| on each element in the stack and then frees
-// the stack itself. Note this corresponds to |sk_FOO_pop_free|. It is named
-// |sk_pop_free_ex| as a workaround for existing code calling an older version
-// of |sk_pop_free|.
OPENSSL_EXPORT void sk_pop_free_ex(_STACK *sk,
- void (*call_free_func)(stack_free_func,
- void *),
- stack_free_func free_func);
-
-// sk_insert inserts |p| into the stack at index |where|, moving existing
-// elements if needed. It returns the length of the new stack, or zero on
-// error.
+ OPENSSL_sk_call_free_func call_free_func,
+ OPENSSL_sk_free_func free_func);
OPENSSL_EXPORT size_t sk_insert(_STACK *sk, void *p, size_t where);
-
-// sk_delete removes the pointer at index |where|, moving other elements down
-// if needed. It returns the removed pointer, or NULL if |where| is out of
-// range.
OPENSSL_EXPORT void *sk_delete(_STACK *sk, size_t where);
-
-// sk_delete_ptr removes, at most, one instance of |p| from the stack based on
-// pointer equality. If an instance of |p| is found then |p| is returned,
-// otherwise it returns NULL.
OPENSSL_EXPORT void *sk_delete_ptr(_STACK *sk, const void *p);
-
-// sk_find returns the first value in the stack equal to |p|. If a comparison
-// function has been set on the stack, equality is defined by it, otherwise
-// pointer equality is used. If the stack is sorted, then a binary search is
-// used, otherwise a linear search is performed. If a matching element is found,
-// its index is written to
-// |*out_index| (if |out_index| is not NULL) and one is returned. Otherwise zero
-// is returned.
-//
-// Note this differs from OpenSSL. The type signature is slightly different, and
-// OpenSSL's sk_find will implicitly sort |sk| if it has a comparison function
-// defined.
+OPENSSL_EXPORT void sk_delete_if(_STACK *sk,
+ OPENSSL_sk_call_delete_if_func call_func,
+ OPENSSL_sk_delete_if_func func, void *data);
OPENSSL_EXPORT int sk_find(const _STACK *sk, size_t *out_index, const void *p,
- int (*call_cmp_func)(stack_cmp_func, const void **,
- const void **));
-
-// sk_shift removes and returns the first element in the stack, or returns NULL
-// if the stack is empty.
+ OPENSSL_sk_call_cmp_func call_cmp_func);
OPENSSL_EXPORT void *sk_shift(_STACK *sk);
-
-// sk_push appends |p| to the stack and returns the length of the new stack, or
-// 0 on allocation failure.
OPENSSL_EXPORT size_t sk_push(_STACK *sk, void *p);
-
-// sk_pop returns and removes the last element on the stack, or NULL if the
-// stack is empty.
OPENSSL_EXPORT void *sk_pop(_STACK *sk);
-
-// sk_dup performs a shallow copy of a stack and returns the new stack, or NULL
-// on error.
OPENSSL_EXPORT _STACK *sk_dup(const _STACK *sk);
-
-// sk_sort sorts the elements of |sk| into ascending order based on the
-// comparison function. The stack maintains a |sorted| flag and sorting an
-// already sorted stack is a no-op.
-OPENSSL_EXPORT void sk_sort(_STACK *sk);
-
-// sk_is_sorted returns one if |sk| is known to be sorted and zero
-// otherwise.
+OPENSSL_EXPORT void sk_sort(_STACK *sk, OPENSSL_sk_call_cmp_func call_cmp_func);
OPENSSL_EXPORT int sk_is_sorted(const _STACK *sk);
-
-// sk_set_cmp_func sets the comparison function to be used by |sk| and returns
-// the previous one.
-OPENSSL_EXPORT stack_cmp_func sk_set_cmp_func(_STACK *sk, stack_cmp_func comp);
-
-// sk_deep_copy performs a copy of |sk| and of each of the non-NULL elements in
-// |sk| by using |copy_func|. If an error occurs, |free_func| is used to free
-// any copies already made and NULL is returned.
-OPENSSL_EXPORT _STACK *sk_deep_copy(
- const _STACK *sk, void *(*call_copy_func)(stack_copy_func, void *),
- stack_copy_func copy_func, void (*call_free_func)(stack_free_func, void *),
- stack_free_func free_func);
-
-
-// Deprecated functions.
+OPENSSL_EXPORT OPENSSL_sk_cmp_func sk_set_cmp_func(_STACK *sk,
+ OPENSSL_sk_cmp_func comp);
+OPENSSL_EXPORT _STACK *sk_deep_copy(const _STACK *sk,
+ OPENSSL_sk_call_copy_func call_copy_func,
+ OPENSSL_sk_copy_func copy_func,
+ OPENSSL_sk_call_free_func call_free_func,
+ OPENSSL_sk_free_func free_func);
// sk_pop_free behaves like |sk_pop_free_ex| but performs an invalid function
// pointer cast. It exists because some existing callers called |sk_pop_free|
// directly.
//
// TODO(davidben): Migrate callers to bssl::UniquePtr and remove this.
-OPENSSL_EXPORT void sk_pop_free(_STACK *sk, stack_free_func free_func);
-
-
-// Defining stack types.
-//
-// This set of macros is used to emit the typed functions that act on a
-// |STACK_OF(T)|.
+OPENSSL_EXPORT void sk_pop_free(_STACK *sk, OPENSSL_sk_free_func free_func);
#if !defined(BORINGSSL_NO_CXX)
extern "C++" {
@@ -276,156 +367,162 @@
#define BORINGSSL_DEFINE_STACK_TRAITS(name, type, is_const)
#endif
-#define BORINGSSL_DEFINE_STACK_OF_IMPL(name, ptrtype, constptrtype) \
- DECLARE_STACK_OF(name) \
- \
- typedef void (*stack_##name##_free_func)(ptrtype); \
- typedef ptrtype (*stack_##name##_copy_func)(ptrtype); \
- typedef int (*stack_##name##_cmp_func)(constptrtype *a, constptrtype *b); \
- \
- OPENSSL_INLINE void sk_##name##_call_free_func(stack_free_func free_func, \
- void *ptr) { \
- ((stack_##name##_free_func)free_func)((ptrtype)ptr); \
- } \
- \
- OPENSSL_INLINE void *sk_##name##_call_copy_func(stack_copy_func copy_func, \
- void *ptr) { \
- return (void *)((stack_##name##_copy_func)copy_func)((ptrtype)ptr); \
- } \
- \
- OPENSSL_INLINE int sk_##name##_call_cmp_func( \
- stack_cmp_func cmp_func, const void **a, const void **b) { \
- constptrtype a_ptr = (constptrtype)*a; \
- constptrtype b_ptr = (constptrtype)*b; \
- return ((stack_##name##_cmp_func)cmp_func)(&a_ptr, &b_ptr); \
- } \
- \
- OPENSSL_INLINE STACK_OF(name) * \
- sk_##name##_new(stack_##name##_cmp_func comp) { \
- return (STACK_OF(name) *)sk_new((stack_cmp_func)comp); \
- } \
- \
- OPENSSL_INLINE STACK_OF(name) *sk_##name##_new_null(void) { \
- return (STACK_OF(name) *)sk_new_null(); \
- } \
- \
- OPENSSL_INLINE size_t sk_##name##_num(const STACK_OF(name) *sk) { \
- return sk_num((const _STACK *)sk); \
- } \
- \
- OPENSSL_INLINE void sk_##name##_zero(STACK_OF(name) *sk) { \
- sk_zero((_STACK *)sk); \
- } \
- \
- OPENSSL_INLINE ptrtype sk_##name##_value(const STACK_OF(name) *sk, \
- size_t i) { \
- return (ptrtype)sk_value((const _STACK *)sk, i); \
- } \
- \
- OPENSSL_INLINE ptrtype sk_##name##_set(STACK_OF(name) *sk, size_t i, \
- ptrtype p) { \
- return (ptrtype)sk_set((_STACK *)sk, i, (void *)p); \
- } \
- \
- OPENSSL_INLINE void sk_##name##_free(STACK_OF(name) * sk) { \
- sk_free((_STACK *)sk); \
- } \
- \
- OPENSSL_INLINE void sk_##name##_pop_free( \
- STACK_OF(name) * sk, stack_##name##_free_func free_func) { \
- sk_pop_free_ex((_STACK *)sk, sk_##name##_call_free_func, \
- (stack_free_func)free_func); \
- } \
- \
- OPENSSL_INLINE size_t sk_##name##_insert(STACK_OF(name) *sk, ptrtype p, \
- size_t where) { \
- return sk_insert((_STACK *)sk, (void *)p, where); \
- } \
- \
- OPENSSL_INLINE ptrtype sk_##name##_delete(STACK_OF(name) *sk, \
- size_t where) { \
- return (ptrtype)sk_delete((_STACK *)sk, where); \
- } \
- \
- OPENSSL_INLINE ptrtype sk_##name##_delete_ptr(STACK_OF(name) *sk, \
- constptrtype p) { \
- return (ptrtype)sk_delete_ptr((_STACK *)sk, (const void *)p); \
- } \
- \
- OPENSSL_INLINE int sk_##name##_find(const STACK_OF(name) *sk, \
- size_t * out_index, constptrtype p) { \
- return sk_find((const _STACK *)sk, out_index, (const void *)p, \
- sk_##name##_call_cmp_func); \
- } \
- \
- OPENSSL_INLINE ptrtype sk_##name##_shift(STACK_OF(name) *sk) { \
- return (ptrtype)sk_shift((_STACK *)sk); \
- } \
- \
- OPENSSL_INLINE size_t sk_##name##_push(STACK_OF(name) *sk, ptrtype p) { \
- return sk_push((_STACK *)sk, (void *)p); \
- } \
- \
- OPENSSL_INLINE ptrtype sk_##name##_pop(STACK_OF(name) *sk) { \
- return (ptrtype)sk_pop((_STACK *)sk); \
- } \
- \
- OPENSSL_INLINE STACK_OF(name) * sk_##name##_dup(const STACK_OF(name) *sk) { \
- return (STACK_OF(name) *)sk_dup((const _STACK *)sk); \
- } \
- \
- OPENSSL_INLINE void sk_##name##_sort(STACK_OF(name) *sk) { \
- sk_sort((_STACK *)sk); \
- } \
- \
- OPENSSL_INLINE int sk_##name##_is_sorted(const STACK_OF(name) *sk) { \
- return sk_is_sorted((const _STACK *)sk); \
- } \
- \
- OPENSSL_INLINE stack_##name##_cmp_func sk_##name##_set_cmp_func( \
- STACK_OF(name) *sk, stack_##name##_cmp_func comp) { \
- return (stack_##name##_cmp_func)sk_set_cmp_func((_STACK *)sk, \
- (stack_cmp_func)comp); \
- } \
- \
- OPENSSL_INLINE STACK_OF(name) * \
- sk_##name##_deep_copy(const STACK_OF(name) *sk, \
- ptrtype(*copy_func)(ptrtype), \
- void (*free_func)(ptrtype)) { \
- return (STACK_OF(name) *)sk_deep_copy( \
- (const _STACK *)sk, sk_##name##_call_copy_func, \
- (stack_copy_func)copy_func, sk_##name##_call_free_func, \
- (stack_free_func)free_func); \
- }
+#define BORINGSSL_DEFINE_STACK_OF_IMPL(name, ptrtype, constptrtype) \
+ /* We disable MSVC C4191 in this macro, which warns when pointers are cast \
+ * to the wrong type. While the cast itself is valid, it is often a bug \
+ * because calling it through the cast is UB. However, we never actually \
+ * call functions as |OPENSSL_sk_cmp_func|. The type is just a type-erased \
+ * function pointer. (C does not guarantee function pointers fit in \
+ * |void*|, and GCC will warn on this.) Thus we just disable the false \
+ * positive warning. */ \
+ OPENSSL_MSVC_PRAGMA(warning(push)) \
+ OPENSSL_MSVC_PRAGMA(warning(disable : 4191)) \
+ \
+ DECLARE_STACK_OF(name) \
+ \
+ typedef void (*sk_##name##_free_func)(ptrtype); \
+ typedef ptrtype (*sk_##name##_copy_func)(constptrtype); \
+ typedef int (*sk_##name##_cmp_func)(constptrtype const *, \
+ constptrtype const *); \
+ typedef int (*sk_##name##_delete_if_func)(ptrtype, void *); \
+ \
+ OPENSSL_INLINE void sk_##name##_call_free_func( \
+ OPENSSL_sk_free_func free_func, void *ptr) { \
+ ((sk_##name##_free_func)free_func)((ptrtype)ptr); \
+ } \
+ \
+ OPENSSL_INLINE void *sk_##name##_call_copy_func( \
+ OPENSSL_sk_copy_func copy_func, const void *ptr) { \
+ return (void *)((sk_##name##_copy_func)copy_func)((constptrtype)ptr); \
+ } \
+ \
+ OPENSSL_INLINE int sk_##name##_call_cmp_func(OPENSSL_sk_cmp_func cmp_func, \
+ const void *const *a, \
+ const void *const *b) { \
+ /* The data is actually stored as |void*| pointers, so read the pointer \
+ * as |void*| and then pass the corrected type into the caller-supplied \
+ * function, which expects |constptrtype*|. */ \
+ constptrtype a_ptr = (constptrtype)*a; \
+ constptrtype b_ptr = (constptrtype)*b; \
+ return ((sk_##name##_cmp_func)cmp_func)(&a_ptr, &b_ptr); \
+ } \
+ \
+ OPENSSL_INLINE int sk_##name##_call_delete_if_func( \
+ OPENSSL_sk_delete_if_func func, void *obj, void *data) { \
+ return ((sk_##name##_delete_if_func)func)((ptrtype)obj, data); \
+ } \
+ \
+ OPENSSL_INLINE STACK_OF(name) *sk_##name##_new(sk_##name##_cmp_func comp) { \
+ return (STACK_OF(name) *)sk_new((OPENSSL_sk_cmp_func)comp); \
+ } \
+ \
+ OPENSSL_INLINE STACK_OF(name) *sk_##name##_new_null(void) { \
+ return (STACK_OF(name) *)sk_new_null(); \
+ } \
+ \
+ OPENSSL_INLINE size_t sk_##name##_num(const STACK_OF(name) *sk) { \
+ return sk_num((const _STACK *)sk); \
+ } \
+ \
+ OPENSSL_INLINE void sk_##name##_zero(STACK_OF(name) *sk) { \
+ sk_zero((_STACK *)sk); \
+ } \
+ \
+ OPENSSL_INLINE ptrtype sk_##name##_value(const STACK_OF(name) *sk, \
+ size_t i) { \
+ return (ptrtype)sk_value((const _STACK *)sk, i); \
+ } \
+ \
+ OPENSSL_INLINE ptrtype sk_##name##_set(STACK_OF(name) *sk, size_t i, \
+ ptrtype p) { \
+ return (ptrtype)sk_set((_STACK *)sk, i, (void *)p); \
+ } \
+ \
+ OPENSSL_INLINE void sk_##name##_free(STACK_OF(name) *sk) { \
+ sk_free((_STACK *)sk); \
+ } \
+ \
+ OPENSSL_INLINE void sk_##name##_pop_free(STACK_OF(name) *sk, \
+ sk_##name##_free_func free_func) { \
+ sk_pop_free_ex((_STACK *)sk, sk_##name##_call_free_func, \
+ (OPENSSL_sk_free_func)free_func); \
+ } \
+ \
+ OPENSSL_INLINE size_t sk_##name##_insert(STACK_OF(name) *sk, ptrtype p, \
+ size_t where) { \
+ return sk_insert((_STACK *)sk, (void *)p, where); \
+ } \
+ \
+ OPENSSL_INLINE ptrtype sk_##name##_delete(STACK_OF(name) *sk, \
+ size_t where) { \
+ return (ptrtype)sk_delete((_STACK *)sk, where); \
+ } \
+ \
+ OPENSSL_INLINE ptrtype sk_##name##_delete_ptr(STACK_OF(name) *sk, \
+ constptrtype p) { \
+ return (ptrtype)sk_delete_ptr((_STACK *)sk, (const void *)p); \
+ } \
+ \
+ OPENSSL_INLINE void sk_##name##_delete_if( \
+ STACK_OF(name) *sk, sk_##name##_delete_if_func func, void *data) { \
+ sk_delete_if((_STACK *)sk, sk_##name##_call_delete_if_func, \
+ (OPENSSL_sk_delete_if_func)func, data); \
+ } \
+ \
+ OPENSSL_INLINE int sk_##name##_find(const STACK_OF(name) *sk, \
+ size_t *out_index, constptrtype p) { \
+ return sk_find((const _STACK *)sk, out_index, (const void *)p, \
+ sk_##name##_call_cmp_func); \
+ } \
+ \
+ OPENSSL_INLINE ptrtype sk_##name##_shift(STACK_OF(name) *sk) { \
+ return (ptrtype)sk_shift((_STACK *)sk); \
+ } \
+ \
+ OPENSSL_INLINE size_t sk_##name##_push(STACK_OF(name) *sk, ptrtype p) { \
+ return sk_push((_STACK *)sk, (void *)p); \
+ } \
+ \
+ OPENSSL_INLINE ptrtype sk_##name##_pop(STACK_OF(name) *sk) { \
+ return (ptrtype)sk_pop((_STACK *)sk); \
+ } \
+ \
+ OPENSSL_INLINE STACK_OF(name) *sk_##name##_dup(const STACK_OF(name) *sk) { \
+ return (STACK_OF(name) *)sk_dup((const _STACK *)sk); \
+ } \
+ \
+ OPENSSL_INLINE void sk_##name##_sort(STACK_OF(name) *sk) { \
+ sk_sort((_STACK *)sk, sk_##name##_call_cmp_func); \
+ } \
+ \
+ OPENSSL_INLINE int sk_##name##_is_sorted(const STACK_OF(name) *sk) { \
+ return sk_is_sorted((const _STACK *)sk); \
+ } \
+ \
+ OPENSSL_INLINE sk_##name##_cmp_func sk_##name##_set_cmp_func( \
+ STACK_OF(name) *sk, sk_##name##_cmp_func comp) { \
+ return (sk_##name##_cmp_func)sk_set_cmp_func((_STACK *)sk, \
+ (OPENSSL_sk_cmp_func)comp); \
+ } \
+ \
+ OPENSSL_INLINE STACK_OF(name) *sk_##name##_deep_copy( \
+ const STACK_OF(name) *sk, sk_##name##_copy_func copy_func, \
+ sk_##name##_free_func free_func) { \
+ return (STACK_OF(name) *)sk_deep_copy( \
+ (const _STACK *)sk, sk_##name##_call_copy_func, \
+ (OPENSSL_sk_copy_func)copy_func, sk_##name##_call_free_func, \
+ (OPENSSL_sk_free_func)free_func); \
+ } \
+ \
+ OPENSSL_MSVC_PRAGMA(warning(pop))
-// DEFINE_NAMED_STACK_OF defines |STACK_OF(name)| to be a stack whose elements
-// are |type| *.
-#define DEFINE_NAMED_STACK_OF(name, type) \
- BORINGSSL_DEFINE_STACK_OF_IMPL(name, type *, const type *) \
- BORINGSSL_DEFINE_STACK_TRAITS(name, type, false)
-// DEFINE_STACK_OF defines |STACK_OF(type)| to be a stack whose elements are
-// |type| *.
-#define DEFINE_STACK_OF(type) DEFINE_NAMED_STACK_OF(type, type)
-
-// DEFINE_CONST_STACK_OF defines |STACK_OF(type)| to be a stack whose elements
-// are const |type| *.
-#define DEFINE_CONST_STACK_OF(type) \
- BORINGSSL_DEFINE_STACK_OF_IMPL(type, const type *, const type *) \
- BORINGSSL_DEFINE_STACK_TRAITS(type, const type, true)
-
-// DEFINE_SPECIAL_STACK_OF defines |STACK_OF(type)| to be a stack whose elements
-// are |type|, where |type| must be a typedef for a pointer.
-#define DEFINE_SPECIAL_STACK_OF(type) \
- OPENSSL_STATIC_ASSERT(sizeof(type) == sizeof(void *), \
- #type " is not a pointer"); \
- BORINGSSL_DEFINE_STACK_OF_IMPL(type, type, const type)
-
+// Built-in stacks.
typedef char *OPENSSL_STRING;
DEFINE_STACK_OF(void)
-DEFINE_SPECIAL_STACK_OF(OPENSSL_STRING)
+DEFINE_NAMED_STACK_OF(OPENSSL_STRING, char)
#if defined(__cplusplus)
@@ -456,7 +553,7 @@
// access it from C++ here.
using Type = typename StackTraits<Stack>::Type;
sk_pop_free_ex(reinterpret_cast<_STACK *>(sk),
- [](stack_free_func /* unused */, void *ptr) {
+ [](OPENSSL_sk_free_func /* unused */, void *ptr) {
DeleterImpl<Type>::Free(reinterpret_cast<Type *>(ptr));
},
nullptr);
diff --git a/sysroots/generic-arm64/usr/include/openssl/time.h b/sysroots/generic-arm64/usr/include/openssl/time.h
new file mode 100644
index 0000000..723ce10
--- /dev/null
+++ b/sysroots/generic-arm64/usr/include/openssl/time.h
@@ -0,0 +1,41 @@
+/* Copyright (c) 2022, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#ifndef OPENSSL_HEADER_TIME_H
+#define OPENSSL_HEADER_TIME_H
+
+#include <openssl/base.h>
+
+#include <time.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+// OPENSSL_posix_to_tm converts a int64_t POSIX time value in |time|, which must
+// be in the range of year 0000 to 9999, to a broken out time value in |tm|. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int OPENSSL_posix_to_tm(int64_t time, struct tm *out_tm);
+
+// OPENSSL_tm_to_posix converts a time value between the years 0 and 9999 in
+// |tm| to a POSIX time value in |out|. One is returned on success, zero is
+// returned on failure. It is a failure if |tm| contains out of range values.
+OPENSSL_EXPORT int OPENSSL_tm_to_posix(const struct tm *tm, int64_t *out);
+
+
+#if defined(__cplusplus)
+} // extern C
+#endif
+
+#endif // OPENSSL_HEADER_TIME_H
diff --git a/sysroots/generic-arm64/usr/include/openssl/tls1.h b/sysroots/generic-arm64/usr/include/openssl/tls1.h
index a3136c0..724d580 100644
--- a/sysroots/generic-arm64/usr/include/openssl/tls1.h
+++ b/sysroots/generic-arm64/usr/include/openssl/tls1.h
@@ -452,9 +452,15 @@
#define TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 0x0300CCAC
// TLS 1.3 ciphersuites from RFC 8446.
-#define TLS1_CK_AES_128_GCM_SHA256 0x03001301
-#define TLS1_CK_AES_256_GCM_SHA384 0x03001302
-#define TLS1_CK_CHACHA20_POLY1305_SHA256 0x03001303
+#define TLS1_3_CK_AES_128_GCM_SHA256 0x03001301
+#define TLS1_3_CK_AES_256_GCM_SHA384 0x03001302
+#define TLS1_3_CK_CHACHA20_POLY1305_SHA256 0x03001303
+
+// The following constants are legacy aliases of |TLS1_3_CK_*|.
+// TODO(davidben): Migrate callers to the new name and remove these.
+#define TLS1_CK_AES_128_GCM_SHA256 TLS1_3_CK_AES_128_GCM_SHA256
+#define TLS1_CK_AES_256_GCM_SHA384 TLS1_3_CK_AES_256_GCM_SHA384
+#define TLS1_CK_CHACHA20_POLY1305_SHA256 TLS1_3_CK_CHACHA20_POLY1305_SHA256
// XXX
// Inconsistency alert:
@@ -624,10 +630,15 @@
"ECDHE-PSK-CHACHA20-POLY1305"
// TLS 1.3 ciphersuites from RFC 8446.
-#define TLS1_TXT_AES_128_GCM_SHA256 "TLS_AES_128_GCM_SHA256"
-#define TLS1_TXT_AES_256_GCM_SHA384 "TLS_AES_256_GCM_SHA384"
-#define TLS1_TXT_CHACHA20_POLY1305_SHA256 "TLS_CHACHA20_POLY1305_SHA256"
+#define TLS1_3_RFC_AES_128_GCM_SHA256 "TLS_AES_128_GCM_SHA256"
+#define TLS1_3_RFC_AES_256_GCM_SHA384 "TLS_AES_256_GCM_SHA384"
+#define TLS1_3_RFC_CHACHA20_POLY1305_SHA256 "TLS_CHACHA20_POLY1305_SHA256"
+// The following constants are legacy aliases of |TLS1_3_CK_*|.
+// TODO(bbe): Migrate callers to the new name and remove these.
+#define TLS1_TXT_AES_128_GCM_SHA256 TLS1_3_RFC_AES_128_GCM_SHA256
+#define TLS1_TXT_AES_256_GCM_SHA384 TLS1_3_RFC_AES_256_GCM_SHA384
+#define TLS1_TXT_CHACHA20_POLY1305_SHA256 TLS1_3_RFC_CHACHA20_POLY1305_SHA256
#define TLS_CT_RSA_SIGN 1
#define TLS_CT_DSS_SIGN 2
diff --git a/sysroots/generic-arm64/usr/include/openssl/trust_token.h b/sysroots/generic-arm64/usr/include/openssl/trust_token.h
index d9247f7..b6aa6b3 100644
--- a/sysroots/generic-arm64/usr/include/openssl/trust_token.h
+++ b/sysroots/generic-arm64/usr/include/openssl/trust_token.h
@@ -48,6 +48,14 @@
// PMBTokens and P-384 with up to 3 keys, without RR verification.
OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_experiment_v2_pmb(void);
+// TRUST_TOKEN_pst_v1_voprf is an experimental Trust Tokens protocol
+// using VOPRFs and P-384 with up to 6 keys, without RR verification.
+OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_pst_v1_voprf(void);
+
+// TRUST_TOKEN_pst_v1_pmb is an experimental Trust Tokens protocol using
+// PMBTokens and P-384 with up to 3 keys, without RR verification.
+OPENSSL_EXPORT const TRUST_TOKEN_METHOD *TRUST_TOKEN_pst_v1_pmb(void);
+
// trust_token_st represents a single-use token for the Trust Token protocol.
// For the client, this is the token and its corresponding signature. For the
// issuer, this is the token itself.
@@ -78,15 +86,30 @@
// to ensure success, these should be at least
// |TRUST_TOKEN_MAX_PRIVATE_KEY_SIZE| and |TRUST_TOKEN_MAX_PUBLIC_KEY_SIZE|.
//
-// WARNING: This API is unstable and the serializations of these keys are
-// subject to change. Keys generated with this function may not be persisted.
-//
// This function returns one on success or zero on error.
OPENSSL_EXPORT int TRUST_TOKEN_generate_key(
const TRUST_TOKEN_METHOD *method, uint8_t *out_priv_key,
size_t *out_priv_key_len, size_t max_priv_key_len, uint8_t *out_pub_key,
size_t *out_pub_key_len, size_t max_pub_key_len, uint32_t id);
+// TRUST_TOKEN_derive_key_from_secret deterministically derives a new Trust
+// Token keypair labeled with |id| from an input |secret| and serializes the
+// private and public keys, writing the private key to |out_priv_key| and
+// setting |*out_priv_key_len| to the number of bytes written, and writing the
+// public key to |out_pub_key| and setting |*out_pub_key_len| to the number of
+// bytes written.
+//
+// At most |max_priv_key_len| and |max_pub_key_len| bytes are written. In order
+// to ensure success, these should be at least
+// |TRUST_TOKEN_MAX_PRIVATE_KEY_SIZE| and |TRUST_TOKEN_MAX_PUBLIC_KEY_SIZE|.
+//
+// This function returns one on success or zero on error.
+OPENSSL_EXPORT int TRUST_TOKEN_derive_key_from_secret(
+ const TRUST_TOKEN_METHOD *method, uint8_t *out_priv_key,
+ size_t *out_priv_key_len, size_t max_priv_key_len, uint8_t *out_pub_key,
+ size_t *out_pub_key_len, size_t max_pub_key_len, uint32_t id,
+ const uint8_t *secret, size_t secret_len);
+
// Trust Token client implementation.
//
@@ -128,6 +151,15 @@
size_t *out_len,
size_t count);
+// TRUST_TOKEN_CLIENT_begin_issuance_over_message produces a request for a trust
+// token derived from |msg| and serializes the request into a newly-allocated
+// buffer, setting |*out| to that buffer and |*out_len| to its length. The
+// caller takes ownership of the buffer and must call |OPENSSL_free| when done.
+// It returns one on success and zero on error.
+OPENSSL_EXPORT int TRUST_TOKEN_CLIENT_begin_issuance_over_message(
+ TRUST_TOKEN_CLIENT *ctx, uint8_t **out, size_t *out_len, size_t count,
+ const uint8_t *msg, size_t msg_len);
+
// TRUST_TOKEN_CLIENT_finish_issuance consumes |response| from the issuer and
// extracts the tokens, returning a list of tokens and the index of the key used
// to sign the tokens in |*out_key_index|. The caller can use this to determine
@@ -224,28 +256,6 @@
uint32_t public_metadata, uint8_t private_metadata, size_t max_issuance);
// TRUST_TOKEN_ISSUER_redeem ingests a |request| for token redemption and
-// verifies the token. If the token is valid, a RR is produced with a lifetime
-// of |lifetime| (in seconds), signing over the requested data from the request
-// and the value of the token, storing the result into a newly-allocated buffer
-// and setting |*out| to that buffer and |*out_len| to its length. The extracted
-// |TRUST_TOKEN| is stored into a newly-allocated buffer and stored in
-// |*out_token|. The extracted client data is stored into a newly-allocated
-// buffer and stored in |*out_client_data|. In TrustTokenV1, the extracted
-// redemption time is stored in |*out_redemption_time|. The caller takes
-// ownership of each output buffer and must call |OPENSSL_free| when done. It
-// returns one on success or zero on error.
-//
-// The caller must keep track of all values of |*out_token| seen globally before
-// returning the SRR to the client. If the value has been reused, the caller
-// must discard the SRR and report an error to the caller. Returning an SRR with
-// replayed values allows an attacker to double-spend tokens.
-OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_redeem(
- const TRUST_TOKEN_ISSUER *ctx, uint8_t **out, size_t *out_len,
- TRUST_TOKEN **out_token, uint8_t **out_client_data,
- size_t *out_client_data_len, uint64_t *out_redemption_time,
- const uint8_t *request, size_t request_len, uint64_t lifetime);
-
-// TRUST_TOKEN_ISSUER_redeem_raw ingests a |request| for token redemption and
// verifies the token. The public metadata is stored in |*out_public|. The
// private metadata (if any) is stored in |*out_private|. The extracted
// |TRUST_TOKEN| is stored into a newly-allocated buffer and stored in
@@ -258,11 +268,35 @@
// returning a response to the client. If the value has been reused, the caller
// must report an error to the client. Returning a response with replayed values
// allows an attacker to double-spend tokens.
-OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_redeem_raw(
+OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_redeem(
const TRUST_TOKEN_ISSUER *ctx, uint32_t *out_public, uint8_t *out_private,
TRUST_TOKEN **out_token, uint8_t **out_client_data,
size_t *out_client_data_len, const uint8_t *request, size_t request_len);
+// TRUST_TOKEN_ISSUER_redeem_raw is a legacy alias for
+// |TRUST_TOKEN_ISSUER_redeem|.
+#define TRUST_TOKEN_ISSUER_redeem_raw TRUST_TOKEN_ISSUER_redeem
+
+// TRUST_TOKEN_ISSUER_redeem_over_message ingests a |request| for token
+// redemption and a message and verifies the token and that it is derived from
+// the provided |msg|. The public metadata is stored in
+// |*out_public|. The private metadata (if any) is stored in |*out_private|. The
+// extracted |TRUST_TOKEN| is stored into a newly-allocated buffer and stored in
+// |*out_token|. The extracted client data is stored into a newly-allocated
+// buffer and stored in |*out_client_data|. The caller takes ownership of each
+// output buffer and must call |OPENSSL_free| when done. It returns one on
+// success or zero on error.
+//
+// The caller must keep track of all values of |*out_token| seen globally before
+// returning a response to the client. If the value has been reused, the caller
+// must report an error to the client. Returning a response with replayed values
+// allows an attacker to double-spend tokens.
+OPENSSL_EXPORT int TRUST_TOKEN_ISSUER_redeem_over_message(
+ const TRUST_TOKEN_ISSUER *ctx, uint32_t *out_public, uint8_t *out_private,
+ TRUST_TOKEN **out_token, uint8_t **out_client_data,
+ size_t *out_client_data_len, const uint8_t *request, size_t request_len,
+ const uint8_t *msg, size_t msg_len);
+
// TRUST_TOKEN_decode_private_metadata decodes |encrypted_bit| using the
// private metadata key specified by a |key| buffer of length |key_len| and the
// nonce by a |nonce| buffer of length |nonce_len|. The nonce in
diff --git a/sysroots/generic-arm64/usr/include/openssl/type_check.h b/sysroots/generic-arm64/usr/include/openssl/type_check.h
index 41de895..6460ab1 100644
--- a/sysroots/generic-arm64/usr/include/openssl/type_check.h
+++ b/sysroots/generic-arm64/usr/include/openssl/type_check.h
@@ -64,22 +64,6 @@
#endif
-#if defined(__cplusplus) || (defined(_MSC_VER) && !defined(__clang__))
-// In C++ and non-clang MSVC, |static_assert| is a keyword.
-#define OPENSSL_STATIC_ASSERT(cond, msg) static_assert(cond, msg)
-#else
-// C11 defines the |_Static_assert| keyword and the |static_assert| macro in
-// assert.h. While the former is available at all versions in Clang and GCC, the
-// later depends on libc and, in glibc, depends on being built in C11 mode. We
-// require C11 mode to build the library but, for now, do not require it in
-// public headers. Use |_Static_assert| directly.
-//
-// TODO(davidben): In July 2022, if the C11 change has not been reverted, switch
-// all uses of this macro within the library to C11 |static_assert|. This macro
-// will only be necessary in public headers.
-#define OPENSSL_STATIC_ASSERT(cond, msg) _Static_assert(cond, msg)
-#endif
-
// CHECKED_CAST casts |p| from type |from| to type |to|.
//
// TODO(davidben): Although this macro is not public API and is unused in
diff --git a/sysroots/generic-arm64/usr/include/openssl/x509.h b/sysroots/generic-arm64/usr/include/openssl/x509.h
index 608c670..8deb767 100644
--- a/sysroots/generic-arm64/usr/include/openssl/x509.h
+++ b/sysroots/generic-arm64/usr/include/openssl/x509.h
@@ -60,8 +60,8 @@
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
-#ifndef HEADER_X509_H
-#define HEADER_X509_H
+#ifndef OPENSSL_HEADER_X509_H
+#define OPENSSL_HEADER_X509_H
#include <openssl/asn1.h>
#include <openssl/base.h>
@@ -90,221 +90,78 @@
// Legacy X.509 library.
//
// This header is part of OpenSSL's X.509 implementation. It is retained for
-// compatibility but otherwise underdocumented and not actively maintained. In
-// the future, a replacement library will be available. Meanwhile, minimize
+// compatibility but should not be used by new code. The functions are difficult
+// to use correctly, and have buggy or non-standard behaviors. They are thus
+// particularly prone to behavior changes and API removals, as BoringSSL
+// iterates on these issues.
+//
+// In the future, a replacement library will be available. Meanwhile, minimize
// dependencies on this header where possible.
+//
+// TODO(https://crbug.com/boringssl/426): Documentation for this library is
+// still in progress. Some functions have not yet been documented, and some
+// functions have not yet been grouped into sections.
-#define X509_FILETYPE_PEM 1
-#define X509_FILETYPE_ASN1 2
-#define X509_FILETYPE_DEFAULT 3
-
-#define X509v3_KU_DIGITAL_SIGNATURE 0x0080
-#define X509v3_KU_NON_REPUDIATION 0x0040
-#define X509v3_KU_KEY_ENCIPHERMENT 0x0020
-#define X509v3_KU_DATA_ENCIPHERMENT 0x0010
-#define X509v3_KU_KEY_AGREEMENT 0x0008
-#define X509v3_KU_KEY_CERT_SIGN 0x0004
-#define X509v3_KU_CRL_SIGN 0x0002
-#define X509v3_KU_ENCIPHER_ONLY 0x0001
-#define X509v3_KU_DECIPHER_ONLY 0x8000
-#define X509v3_KU_UNDEF 0xffff
-
-struct X509_algor_st {
- ASN1_OBJECT *algorithm;
- ASN1_TYPE *parameter;
-} /* X509_ALGOR */;
-
-DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
-
-DEFINE_STACK_OF(X509_ALGOR)
-
-typedef STACK_OF(X509_ALGOR) X509_ALGORS;
-
-DEFINE_STACK_OF(X509_NAME_ENTRY)
-
-DEFINE_STACK_OF(X509_NAME)
-
-typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
-
-DEFINE_STACK_OF(X509_EXTENSION)
-
-DEFINE_STACK_OF(X509_ATTRIBUTE)
-
-// This stuff is certificate "auxiliary info"
-// it contains details which are useful in certificate
-// stores and databases. When used this is tagged onto
-// the end of the certificate itself
-
-DECLARE_STACK_OF(DIST_POINT)
-DECLARE_STACK_OF(GENERAL_NAME)
+// Certificates.
+//
+// An |X509| object represents an X.509 certificate, defined in RFC 5280.
+//
+// Although an |X509| is a mutable object, mutating an |X509| can give incorrect
+// results. Callers typically obtain |X509|s by parsing some input with
+// |d2i_X509|, etc. Such objects carry information such as the serialized
+// TBSCertificate and decoded extensions, which will become inconsistent when
+// mutated.
+//
+// Instead, mutation functions should only be used when issuing new
+// certificates, as described in a later section.
DEFINE_STACK_OF(X509)
-// This is used for a table of trust checking functions
+// X509 is an |ASN1_ITEM| whose ASN.1 type is X.509 Certificate (RFC 5280) and C
+// type is |X509*|.
+DECLARE_ASN1_ITEM(X509)
-struct x509_trust_st {
- int trust;
- int flags;
- int (*check_trust)(struct x509_trust_st *, X509 *, int);
- char *name;
- int arg1;
- void *arg2;
-} /* X509_TRUST */;
+// X509_up_ref adds one to the reference count of |x509| and returns one.
+OPENSSL_EXPORT int X509_up_ref(X509 *x509);
-DEFINE_STACK_OF(X509_TRUST)
+// X509_chain_up_ref returns a newly-allocated |STACK_OF(X509)| containing a
+// shallow copy of |chain|, or NULL on error. That is, the return value has the
+// same contents as |chain|, and each |X509|'s reference count is incremented by
+// one.
+OPENSSL_EXPORT STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
-// standard trust ids
+// X509_dup returns a newly-allocated copy of |x509|, or NULL on error. This
+// function works by serializing the structure, so auxiliary properties (see
+// |i2d_X509_AUX|) are not preserved. Additionally, if |x509| is incomplete,
+// this function may fail.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |crl| was
+// mutated.
+OPENSSL_EXPORT X509 *X509_dup(X509 *x509);
-#define X509_TRUST_DEFAULT (-1) // Only valid in purpose settings
+// X509_free decrements |x509|'s reference count and, if zero, releases memory
+// associated with |x509|.
+OPENSSL_EXPORT void X509_free(X509 *x509);
-#define X509_TRUST_COMPAT 1
-#define X509_TRUST_SSL_CLIENT 2
-#define X509_TRUST_SSL_SERVER 3
-#define X509_TRUST_EMAIL 4
-#define X509_TRUST_OBJECT_SIGN 5
-#define X509_TRUST_OCSP_SIGN 6
-#define X509_TRUST_OCSP_REQUEST 7
-#define X509_TRUST_TSA 8
+// d2i_X509 parses up to |len| bytes from |*inp| as a DER-encoded X.509
+// Certificate (RFC 5280), as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509 *d2i_X509(X509 **out, const uint8_t **inp, long len);
-// Keep these up to date!
-#define X509_TRUST_MIN 1
-#define X509_TRUST_MAX 8
+// X509_parse_from_buffer parses an X.509 structure from |buf| and returns a
+// fresh X509 or NULL on error. There must not be any trailing data in |buf|.
+// The returned structure (if any) holds a reference to |buf| rather than
+// copying parts of it as a normal |d2i_X509| call would do.
+OPENSSL_EXPORT X509 *X509_parse_from_buffer(CRYPTO_BUFFER *buf);
-
-// trust_flags values
-#define X509_TRUST_DYNAMIC 1
-#define X509_TRUST_DYNAMIC_NAME 2
-
-// check_trust return codes
-
-#define X509_TRUST_TRUSTED 1
-#define X509_TRUST_REJECTED 2
-#define X509_TRUST_UNTRUSTED 3
-
-// Flags for X509_print_ex()
-
-#define X509_FLAG_COMPAT 0
-#define X509_FLAG_NO_HEADER 1L
-#define X509_FLAG_NO_VERSION (1L << 1)
-#define X509_FLAG_NO_SERIAL (1L << 2)
-#define X509_FLAG_NO_SIGNAME (1L << 3)
-#define X509_FLAG_NO_ISSUER (1L << 4)
-#define X509_FLAG_NO_VALIDITY (1L << 5)
-#define X509_FLAG_NO_SUBJECT (1L << 6)
-#define X509_FLAG_NO_PUBKEY (1L << 7)
-#define X509_FLAG_NO_EXTENSIONS (1L << 8)
-#define X509_FLAG_NO_SIGDUMP (1L << 9)
-#define X509_FLAG_NO_AUX (1L << 10)
-#define X509_FLAG_NO_ATTRIBUTES (1L << 11)
-#define X509_FLAG_NO_IDS (1L << 12)
-
-// Flags specific to X509_NAME_print_ex(). These flags must not collide with
-// |ASN1_STRFLGS_*|.
-
-// The field separator information
-
-#define XN_FLAG_SEP_MASK (0xf << 16)
-
-#define XN_FLAG_COMPAT 0 // Traditional SSLeay: use old X509_NAME_print
-#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) // RFC 2253 ,+
-#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) // ,+ spaced: more readable
-#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) // ;+ spaced
-#define XN_FLAG_SEP_MULTILINE (4 << 16) // One line per field
-
-#define XN_FLAG_DN_REV (1 << 20) // Reverse DN order
-
-// How the field name is shown
-
-#define XN_FLAG_FN_MASK (0x3 << 21)
-
-#define XN_FLAG_FN_SN 0 // Object short name
-#define XN_FLAG_FN_LN (1 << 21) // Object long name
-#define XN_FLAG_FN_OID (2 << 21) // Always use OIDs
-#define XN_FLAG_FN_NONE (3 << 21) // No field names
-
-#define XN_FLAG_SPC_EQ (1 << 23) // Put spaces round '='
-
-// This determines if we dump fields we don't recognise:
-// RFC 2253 requires this.
-
-#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
-
-#define XN_FLAG_FN_ALIGN (1 << 25) // Align field names to 20 characters
-
-// Complete set of RFC 2253 flags
-
-#define XN_FLAG_RFC2253 \
- (ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | \
- XN_FLAG_FN_SN | XN_FLAG_DUMP_UNKNOWN_FIELDS)
-
-// readable oneline form
-
-#define XN_FLAG_ONELINE \
- (ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | \
- XN_FLAG_SPC_EQ | XN_FLAG_FN_SN)
-
-// readable multiline form
-
-#define XN_FLAG_MULTILINE \
- (ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | \
- XN_FLAG_SPC_EQ | XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN)
-
-DEFINE_STACK_OF(X509_REVOKED)
-
-DECLARE_STACK_OF(GENERAL_NAMES)
-
-DEFINE_STACK_OF(X509_CRL)
-
-struct private_key_st {
- int version;
- // The PKCS#8 data types
- X509_ALGOR *enc_algor;
- ASN1_OCTET_STRING *enc_pkey; // encrypted pub key
-
- // When decrypted, the following will not be NULL
- EVP_PKEY *dec_pkey;
-
- // used to encrypt and decrypt
- int key_length;
- char *key_data;
- int key_free; // true if we should auto free key_data
-
- // expanded version of 'enc_algor'
- EVP_CIPHER_INFO cipher;
-} /* X509_PKEY */;
-
-struct X509_info_st {
- X509 *x509;
- X509_CRL *crl;
- X509_PKEY *x_pkey;
-
- EVP_CIPHER_INFO enc_cipher;
- int enc_len;
- char *enc_data;
-
-} /* X509_INFO */;
-
-DEFINE_STACK_OF(X509_INFO)
-
-// The next 2 structures and their 8 routines were sent to me by
-// Pat Richard <patr@x509.com> and are used to manipulate
-// Netscapes spki structures - useful if you are writing a CA web page
-struct Netscape_spkac_st {
- X509_PUBKEY *pubkey;
- ASN1_IA5STRING *challenge; // challenge sent in atlas >= PR2
-} /* NETSCAPE_SPKAC */;
-
-struct Netscape_spki_st {
- NETSCAPE_SPKAC *spkac; // signed public key and challenge
- X509_ALGOR *sig_algor;
- ASN1_BIT_STRING *signature;
-} /* NETSCAPE_SPKI */;
-
-// TODO(davidben): Document remaining functions, reorganize them, and define
-// supported patterns for using |X509| objects in general. In particular, when
-// it is safe to call mutating functions is a little tricky due to various
-// internal caches.
+// i2d_X509 marshals |x509| as a DER-encoded X.509 Certificate (RFC 5280), as
+// described in |i2d_SAMPLE|.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |x509| was
+// mutated.
+OPENSSL_EXPORT int i2d_X509(X509 *x509, uint8_t **outp);
// X509_VERSION_* are X.509 version numbers. Note the numerical values of all
// defined X.509 versions are one less than the named version.
@@ -316,26 +173,139 @@
// be one of the |X509_VERSION_*| constants.
OPENSSL_EXPORT long X509_get_version(const X509 *x509);
-// X509_set_version sets |x509|'s version to |version|, which should be one of
-// the |X509V_VERSION_*| constants. It returns one on success and zero on error.
-//
-// If unsure, use |X509_VERSION_3|.
-OPENSSL_EXPORT int X509_set_version(X509 *x509, long version);
-
// X509_get0_serialNumber returns |x509|'s serial number.
OPENSSL_EXPORT const ASN1_INTEGER *X509_get0_serialNumber(const X509 *x509);
-// X509_set_serialNumber sets |x509|'s serial number to |serial|. It returns one
-// on success and zero on error.
-OPENSSL_EXPORT int X509_set_serialNumber(X509 *x509,
- const ASN1_INTEGER *serial);
-
// X509_get0_notBefore returns |x509|'s notBefore time.
OPENSSL_EXPORT const ASN1_TIME *X509_get0_notBefore(const X509 *x509);
// X509_get0_notAfter returns |x509|'s notAfter time.
OPENSSL_EXPORT const ASN1_TIME *X509_get0_notAfter(const X509 *x509);
+// X509_get_issuer_name returns |x509|'s issuer.
+OPENSSL_EXPORT X509_NAME *X509_get_issuer_name(const X509 *x509);
+
+// X509_get_subject_name returns |x509|'s subject.
+OPENSSL_EXPORT X509_NAME *X509_get_subject_name(const X509 *x509);
+
+// X509_get_X509_PUBKEY returns the public key of |x509|. Note this function is
+// not const-correct for legacy reasons. Callers should not modify the returned
+// object.
+OPENSSL_EXPORT X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x509);
+
+// X509_get_pubkey returns |x509|'s public key as an |EVP_PKEY|, or NULL if the
+// public key was unsupported or could not be decoded. This function returns a
+// reference to the |EVP_PKEY|. The caller must release the result with
+// |EVP_PKEY_free| when done.
+OPENSSL_EXPORT EVP_PKEY *X509_get_pubkey(X509 *x509);
+
+// X509_get0_pubkey_bitstr returns the BIT STRING portion of |x509|'s public
+// key. Note this does not contain the AlgorithmIdentifier portion.
+//
+// WARNING: This function returns a non-const pointer for OpenSSL compatibility,
+// but the caller must not modify the resulting object. Doing so will break
+// internal invariants in |x509|.
+OPENSSL_EXPORT ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x509);
+
+// X509_get0_uids sets |*out_issuer_uid| to a non-owning pointer to the
+// issuerUID field of |x509|, or NULL if |x509| has no issuerUID. It similarly
+// outputs |x509|'s subjectUID field to |*out_subject_uid|.
+//
+// Callers may pass NULL to either |out_issuer_uid| or |out_subject_uid| to
+// ignore the corresponding field.
+OPENSSL_EXPORT void X509_get0_uids(const X509 *x509,
+ const ASN1_BIT_STRING **out_issuer_uid,
+ const ASN1_BIT_STRING **out_subject_uid);
+
+// X509_get0_extensions returns |x509|'s extension list, or NULL if |x509| omits
+// it.
+OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_get0_extensions(
+ const X509 *x509);
+
+// X509_get_ext_count returns the number of extensions in |x|.
+OPENSSL_EXPORT int X509_get_ext_count(const X509 *x);
+
+// X509_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches for
+// extensions in |x|.
+OPENSSL_EXPORT int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
+
+// X509_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches for
+// extensions in |x|.
+OPENSSL_EXPORT int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj,
+ int lastpos);
+
+// X509_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| but
+// searches for extensions in |x|.
+OPENSSL_EXPORT int X509_get_ext_by_critical(const X509 *x, int crit,
+ int lastpos);
+
+// X509_get_ext returns the extension in |x| at index |loc|, or NULL if |loc| is
+// out of bounds. This function returns a non-const pointer for OpenSSL
+// compatibility, but callers should not mutate the result.
+OPENSSL_EXPORT X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
+
+// X509_get0_tbs_sigalg returns the signature algorithm in |x509|'s
+// TBSCertificate. For the outer signature algorithm, see |X509_get0_signature|.
+//
+// Certificates with mismatched signature algorithms will successfully parse,
+// but they will be rejected when verifying.
+OPENSSL_EXPORT const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x509);
+
+// X509_get0_signature sets |*out_sig| and |*out_alg| to the signature and
+// signature algorithm of |x509|, respectively. Either output pointer may be
+// NULL to ignore the value.
+//
+// This function outputs the outer signature algorithm. For the one in the
+// TBSCertificate, see |X509_get0_tbs_sigalg|. Certificates with mismatched
+// signature algorithms will successfully parse, but they will be rejected when
+// verifying.
+OPENSSL_EXPORT void X509_get0_signature(const ASN1_BIT_STRING **out_sig,
+ const X509_ALGOR **out_alg,
+ const X509 *x509);
+
+// X509_get_signature_nid returns the NID corresponding to |x509|'s signature
+// algorithm, or |NID_undef| if the signature algorithm does not correspond to
+// a known NID.
+OPENSSL_EXPORT int X509_get_signature_nid(const X509 *x509);
+
+// i2d_X509_tbs serializes the TBSCertificate portion of |x509|, as described in
+// |i2d_SAMPLE|.
+//
+// This function preserves the original encoding of the TBSCertificate and may
+// not reflect modifications made to |x509|. It may be used to manually verify
+// the signature of an existing certificate. To generate certificates, use
+// |i2d_re_X509_tbs| instead.
+OPENSSL_EXPORT int i2d_X509_tbs(X509 *x509, unsigned char **outp);
+
+// X509_verify checks that |x509| has a valid signature by |pkey|. It returns
+// one if the signature is valid and zero otherwise. Note this function only
+// checks the signature itself and does not perform a full certificate
+// validation.
+OPENSSL_EXPORT int X509_verify(X509 *x509, EVP_PKEY *pkey);
+
+
+// Issuing certificates.
+//
+// An |X509| object may also represent an incomplete certificate. Callers may
+// construct empty |X509| objects, fill in fields individually, and finally sign
+// the result. The following functions may be used for this purpose.
+
+// X509_new returns a newly-allocated, empty |X509| object, or NULL on error.
+// This produces an incomplete certificate which may be filled in to issue a new
+// certificate.
+OPENSSL_EXPORT X509 *X509_new(void);
+
+// X509_set_version sets |x509|'s version to |version|, which should be one of
+// the |X509V_VERSION_*| constants. It returns one on success and zero on error.
+//
+// If unsure, use |X509_VERSION_3|.
+OPENSSL_EXPORT int X509_set_version(X509 *x509, long version);
+
+// X509_set_serialNumber sets |x509|'s serial number to |serial|. It returns one
+// on success and zero on error.
+OPENSSL_EXPORT int X509_set_serialNumber(X509 *x509,
+ const ASN1_INTEGER *serial);
+
// X509_set1_notBefore sets |x509|'s notBefore time to |tm|. It returns one on
// success and zero on error.
OPENSSL_EXPORT int X509_set1_notBefore(X509 *x509, const ASN1_TIME *tm);
@@ -350,64 +320,188 @@
// X509_getm_notAfter returns a mutable pointer to |x509|'s notAfter time.
OPENSSL_EXPORT ASN1_TIME *X509_getm_notAfter(X509 *x);
-// X509_get_notBefore returns |x509|'s notBefore time. Note this function is not
-// const-correct for legacy reasons. Use |X509_get0_notBefore| or
-// |X509_getm_notBefore| instead.
-OPENSSL_EXPORT ASN1_TIME *X509_get_notBefore(const X509 *x509);
+// X509_set_issuer_name sets |x509|'s issuer to a copy of |name|. It returns one
+// on success and zero on error.
+OPENSSL_EXPORT int X509_set_issuer_name(X509 *x509, X509_NAME *name);
-// X509_get_notAfter returns |x509|'s notAfter time. Note this function is not
-// const-correct for legacy reasons. Use |X509_get0_notAfter| or
-// |X509_getm_notAfter| instead.
-OPENSSL_EXPORT ASN1_TIME *X509_get_notAfter(const X509 *x509);
+// X509_set_subject_name sets |x509|'s subject to a copy of |name|. It returns
+// one on success and zero on error.
+OPENSSL_EXPORT int X509_set_subject_name(X509 *x509, X509_NAME *name);
-// X509_set_notBefore calls |X509_set1_notBefore|. Use |X509_set1_notBefore|
-// instead.
-OPENSSL_EXPORT int X509_set_notBefore(X509 *x509, const ASN1_TIME *tm);
+// X509_set_pubkey sets |x509|'s public key to |pkey|. It returns one on success
+// and zero on error. This function does not take ownership of |pkey| and
+// internally copies and updates reference counts as needed.
+OPENSSL_EXPORT int X509_set_pubkey(X509 *x509, EVP_PKEY *pkey);
-// X509_set_notAfter calls |X509_set1_notAfter|. Use |X509_set1_notAfter|
-// instead.
-OPENSSL_EXPORT int X509_set_notAfter(X509 *x509, const ASN1_TIME *tm);
+// X509_delete_ext removes the extension in |x| at index |loc| and returns the
+// removed extension, or NULL if |loc| was out of bounds. If non-NULL, the
+// caller must release the result with |X509_EXTENSION_free|.
+OPENSSL_EXPORT X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
-// X509_get0_uids sets |*out_issuer_uid| to a non-owning pointer to the
-// issuerUID field of |x509|, or NULL if |x509| has no issuerUID. It similarly
-// outputs |x509|'s subjectUID field to |*out_subject_uid|.
+// X509_add_ext adds a copy of |ex| to |x|. It returns one on success and zero
+// on failure. The caller retains ownership of |ex| and can release it
+// independently of |x|.
//
-// Callers may pass NULL to either |out_issuer_uid| or |out_subject_uid| to
-// ignore the corresponding field.
-OPENSSL_EXPORT void X509_get0_uids(const X509 *x509,
- const ASN1_BIT_STRING **out_issuer_uid,
- const ASN1_BIT_STRING **out_subject_uid);
+// The new extension is inserted at index |loc|, shifting extensions to the
+// right. If |loc| is -1 or out of bounds, the new extension is appended to the
+// list.
+OPENSSL_EXPORT int X509_add_ext(X509 *x, const X509_EXTENSION *ex, int loc);
-// X509_extract_key is a legacy alias to |X509_get_pubkey|. Use
-// |X509_get_pubkey| instead.
-#define X509_extract_key(x) X509_get_pubkey(x)
+// X509_sign signs |x509| with |pkey| and replaces the signature algorithm and
+// signature fields. It returns the length of the signature on success and zero
+// on error. This function uses digest algorithm |md|, or |pkey|'s default if
+// NULL. Other signing parameters use |pkey|'s defaults. To customize them, use
+// |X509_sign_ctx|.
+OPENSSL_EXPORT int X509_sign(X509 *x509, EVP_PKEY *pkey, const EVP_MD *md);
-// X509_get_pathlen returns path length constraint from the basic constraints
-// extension in |x509|. (See RFC 5280, section 4.2.1.9.) It returns -1 if the
-// constraint is not present, or if some extension in |x509| was invalid.
+// X509_sign_ctx signs |x509| with |ctx| and replaces the signature algorithm
+// and signature fields. It returns the length of the signature on success and
+// zero on error. The signature algorithm and parameters come from |ctx|, which
+// must have been initialized with |EVP_DigestSignInit|. The caller should
+// configure the corresponding |EVP_PKEY_CTX| before calling this function.
+OPENSSL_EXPORT int X509_sign_ctx(X509 *x509, EVP_MD_CTX *ctx);
+
+// i2d_re_X509_tbs serializes the TBSCertificate portion of |x509|, as described
+// in |i2d_SAMPLE|.
//
-// Note that decoding an |X509| object will not check for invalid extensions. To
-// detect the error case, call |X509_get_extensions_flags| and check the
-// |EXFLAG_INVALID| bit.
-OPENSSL_EXPORT long X509_get_pathlen(X509 *x509);
+// This function re-encodes the TBSCertificate and may not reflect |x509|'s
+// original encoding. It may be used to manually generate a signature for a new
+// certificate. To verify certificates, use |i2d_X509_tbs| instead.
+OPENSSL_EXPORT int i2d_re_X509_tbs(X509 *x509, unsigned char **outp);
-// X509_REQ_VERSION_1 is the version constant for |X509_REQ| objects. No other
-// versions are defined.
-#define X509_REQ_VERSION_1 0
+// X509_set1_signature_algo sets |x509|'s signature algorithm to |algo| and
+// returns one on success or zero on error. It updates both the signature field
+// of the TBSCertificate structure, and the signatureAlgorithm field of the
+// Certificate.
+OPENSSL_EXPORT int X509_set1_signature_algo(X509 *x509, const X509_ALGOR *algo);
-// X509_REQ_get_version returns the numerical value of |req|'s version. This
-// will always be |X509_REQ_VERSION_1|.
-OPENSSL_EXPORT long X509_REQ_get_version(const X509_REQ *req);
+// X509_set1_signature_value sets |x509|'s signature to a copy of the |sig_len|
+// bytes pointed by |sig|. It returns one on success and zero on error.
+//
+// Due to a specification error, X.509 certificates store signatures in ASN.1
+// BIT STRINGs, but signature algorithms return byte strings rather than bit
+// strings. This function creates a BIT STRING containing a whole number of
+// bytes, with the bit order matching the DER encoding. This matches the
+// encoding used by all X.509 signature algorithms.
+OPENSSL_EXPORT int X509_set1_signature_value(X509 *x509, const uint8_t *sig,
+ size_t sig_len);
-// X509_REQ_get_subject_name returns |req|'s subject name. Note this function is
-// not const-correct for legacy reasons.
-OPENSSL_EXPORT X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
-// X509_REQ_extract_key is a legacy alias for |X509_REQ_get_pubkey|.
-#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
+// Auxiliary certificate properties.
+//
+// |X509| objects optionally maintain auxiliary properties. These are not part
+// of the certificates themselves, and thus are not covered by signatures or
+// preserved by the standard serialization. They are used as inputs or outputs
+// to other functions in this library.
-// X509_name_cmp is a legacy alias for |X509_NAME_cmp|.
-#define X509_name_cmp(a, b) X509_NAME_cmp((a), (b))
+// i2d_X509_AUX marshals |x509| as a DER-encoded X.509 Certificate (RFC 5280),
+// followed optionally by a separate, OpenSSL-specific structure with auxiliary
+// properties. It behaves as described in |i2d_SAMPLE|.
+//
+// Unlike similarly-named functions, this function does not output a single
+// ASN.1 element. Directly embedding the output in a larger ASN.1 structure will
+// not behave correctly.
+OPENSSL_EXPORT int i2d_X509_AUX(X509 *x509, unsigned char **outp);
+
+// d2i_X509_AUX parses up to |length| bytes from |*inp| as a DER-encoded X.509
+// Certificate (RFC 5280), followed optionally by a separate, OpenSSL-specific
+// structure with auxiliary properties. It behaves as described in |d2i_SAMPLE|.
+//
+// Some auxiliary properties affect trust decisions, so this function should not
+// be used with untrusted input.
+//
+// Unlike similarly-named functions, this function does not parse a single
+// ASN.1 element. Trying to parse data directly embedded in a larger ASN.1
+// structure will not behave correctly.
+OPENSSL_EXPORT X509 *d2i_X509_AUX(X509 **x509, const unsigned char **inp,
+ long length);
+
+// X509_alias_set1 sets |x509|'s alias to |len| bytes from |name|. If |name| is
+// NULL, the alias is cleared instead. Aliases are not part of the certificate
+// itself and will not be serialized by |i2d_X509|.
+OPENSSL_EXPORT int X509_alias_set1(X509 *x509, const unsigned char *name,
+ ossl_ssize_t len);
+
+// X509_keyid_set1 sets |x509|'s key ID to |len| bytes from |id|. If |id| is
+// NULL, the key ID is cleared instead. Key IDs are not part of the certificate
+// itself and will not be serialized by |i2d_X509|.
+OPENSSL_EXPORT int X509_keyid_set1(X509 *x509, const unsigned char *id,
+ ossl_ssize_t len);
+
+// X509_alias_get0 looks up |x509|'s alias. If found, it sets |*out_len| to the
+// alias's length and returns a pointer to a buffer containing the contents. If
+// not found, it outputs the empty string by returning NULL and setting
+// |*out_len| to zero.
+//
+// If |x509| was parsed from a PKCS#12 structure (see
+// |PKCS12_get_key_and_certs|), the alias will reflect the friendlyName
+// attribute (RFC 2985).
+//
+// WARNING: In OpenSSL, this function did not set |*out_len| when the alias was
+// missing. Callers that target both OpenSSL and BoringSSL should set the value
+// to zero before calling this function.
+OPENSSL_EXPORT unsigned char *X509_alias_get0(X509 *x509, int *out_len);
+
+// X509_keyid_get0 looks up |x509|'s key ID. If found, it sets |*out_len| to the
+// key ID's length and returns a pointer to a buffer containing the contents. If
+// not found, it outputs the empty string by returning NULL and setting
+// |*out_len| to zero.
+//
+// WARNING: In OpenSSL, this function did not set |*out_len| when the alias was
+// missing. Callers that target both OpenSSL and BoringSSL should set the value
+// to zero before calling this function.
+OPENSSL_EXPORT unsigned char *X509_keyid_get0(X509 *x509, int *out_len);
+
+
+// Certificate revocation lists.
+//
+// An |X509_CRL| object represents an X.509 certificate revocation list (CRL),
+// defined in RFC 5280. A CRL is a signed list of certificates which are no
+// longer considered valid.
+//
+// Although an |X509_CRL| is a mutable object, mutating an |X509_CRL| can give
+// incorrect results. Callers typically obtain |X509_CRL|s by parsing some input
+// with |d2i_X509_CRL|, etc. Such objects carry information such as the
+// serialized TBSCertList and decoded extensions, which will become inconsistent
+// when mutated.
+//
+// Instead, mutation functions should only be used when issuing new CRLs, as
+// described in a later section.
+
+DEFINE_STACK_OF(X509_CRL)
+
+// X509_CRL is an |ASN1_ITEM| whose ASN.1 type is X.509 CertificateList (RFC
+// 5280) and C type is |X509_CRL*|.
+DECLARE_ASN1_ITEM(X509_CRL)
+
+// X509_CRL_up_ref adds one to the reference count of |crl| and returns one.
+OPENSSL_EXPORT int X509_CRL_up_ref(X509_CRL *crl);
+
+// X509_CRL_dup returns a newly-allocated copy of |crl|, or NULL on error. This
+// function works by serializing the structure, so if |crl| is incomplete, it
+// may fail.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |crl| was
+// mutated.
+OPENSSL_EXPORT X509_CRL *X509_CRL_dup(X509_CRL *crl);
+
+// X509_CRL_free decrements |crl|'s reference count and, if zero, releases
+// memory associated with |crl|.
+OPENSSL_EXPORT void X509_CRL_free(X509_CRL *crl);
+
+// d2i_X509_CRL parses up to |len| bytes from |*inp| as a DER-encoded X.509
+// CertificateList (RFC 5280), as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509_CRL *d2i_X509_CRL(X509_CRL **out, const uint8_t **inp,
+ long len);
+
+// i2d_X509_CRL marshals |crl| as a X.509 CertificateList (RFC 5280), as
+// described in |i2d_SAMPLE|.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |crl| was
+// mutated.
+OPENSSL_EXPORT int i2d_X509_CRL(X509_CRL *crl, uint8_t **outp);
#define X509_CRL_VERSION_1 0
#define X509_CRL_VERSION_2 1
@@ -416,34 +510,14 @@
// will be one of the |X509_CRL_VERSION_*| constants.
OPENSSL_EXPORT long X509_CRL_get_version(const X509_CRL *crl);
-// X509_CRL_get0_lastUpdate returns |crl|'s lastUpdate time.
+// X509_CRL_get0_lastUpdate returns |crl|'s thisUpdate time. The OpenSSL API
+// refers to this field as lastUpdate.
OPENSSL_EXPORT const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
// X509_CRL_get0_nextUpdate returns |crl|'s nextUpdate time, or NULL if |crl|
// has none.
OPENSSL_EXPORT const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
-// X509_CRL_set1_lastUpdate sets |crl|'s lastUpdate time to |tm|. It returns one
-// on success and zero on error.
-OPENSSL_EXPORT int X509_CRL_set1_lastUpdate(X509_CRL *crl, const ASN1_TIME *tm);
-
-// X509_CRL_set1_nextUpdate sets |crl|'s nextUpdate time to |tm|. It returns one
-// on success and zero on error.
-OPENSSL_EXPORT int X509_CRL_set1_nextUpdate(X509_CRL *crl, const ASN1_TIME *tm);
-
-// The following symbols are deprecated aliases to |X509_CRL_set1_*|.
-#define X509_CRL_set_lastUpdate X509_CRL_set1_lastUpdate
-#define X509_CRL_set_nextUpdate X509_CRL_set1_nextUpdate
-
-// X509_CRL_get_lastUpdate returns a mutable pointer to |crl|'s lastUpdate time.
-// Use |X509_CRL_get0_lastUpdate| or |X509_CRL_set1_lastUpdate| instead.
-OPENSSL_EXPORT ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl);
-
-// X509_CRL_get_nextUpdate returns a mutable pointer to |crl|'s nextUpdate time,
-// or NULL if |crl| has none. Use |X509_CRL_get0_nextUpdate| or
-// |X509_CRL_set1_nextUpdate| instead.
-OPENSSL_EXPORT ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl);
-
// X509_CRL_get_issuer returns |crl|'s issuer name. Note this function is not
// const-correct for legacy reasons.
OPENSSL_EXPORT X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
@@ -461,253 +535,819 @@
OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(
const X509_CRL *crl);
-// X509_SIG_get0 sets |*out_alg| and |*out_digest| to non-owning pointers to
-// |sig|'s algorithm and digest fields, respectively. Either |out_alg| and
-// |out_digest| may be NULL to skip those fields.
-OPENSSL_EXPORT void X509_SIG_get0(const X509_SIG *sig,
- const X509_ALGOR **out_alg,
- const ASN1_OCTET_STRING **out_digest);
+// X509_CRL_get_ext_count returns the number of extensions in |x|.
+OPENSSL_EXPORT int X509_CRL_get_ext_count(const X509_CRL *x);
-// X509_SIG_getm behaves like |X509_SIG_get0| but returns mutable pointers.
-OPENSSL_EXPORT void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **out_alg,
- ASN1_OCTET_STRING **out_digest);
+// X509_CRL_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches for
+// extensions in |x|.
+OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid,
+ int lastpos);
-// X509_get_X509_PUBKEY returns the public key of |x509|. Note this function is
-// not const-correct for legacy reasons. Callers should not modify the returned
-// object.
-OPENSSL_EXPORT X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x509);
+// X509_CRL_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches for
+// extensions in |x|.
+OPENSSL_EXPORT int X509_CRL_get_ext_by_OBJ(const X509_CRL *x,
+ const ASN1_OBJECT *obj, int lastpos);
-// X509_verify_cert_error_string returns |err| as a human-readable string, where
-// |err| should be one of the |X509_V_*| values. If |err| is unknown, it returns
-// a default description.
-OPENSSL_EXPORT const char *X509_verify_cert_error_string(long err);
+// X509_CRL_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| but
+// searches for extensions in |x|.
+OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit,
+ int lastpos);
-// X509_verify checks that |x509| has a valid signature by |pkey|. It returns
-// one if the signature is valid and zero otherwise. Note this function only
-// checks the signature itself and does not perform a full certificate
-// validation.
-OPENSSL_EXPORT int X509_verify(X509 *x509, EVP_PKEY *pkey);
+// X509_CRL_get_ext returns the extension in |x| at index |loc|, or NULL if
+// |loc| is out of bounds. This function returns a non-const pointer for OpenSSL
+// compatibility, but callers should not mutate the result.
+OPENSSL_EXPORT X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
-// X509_REQ_verify checks that |req| has a valid signature by |pkey|. It returns
-// one if the signature is valid and zero otherwise.
-OPENSSL_EXPORT int X509_REQ_verify(X509_REQ *req, EVP_PKEY *pkey);
+// X509_CRL_get0_signature sets |*out_sig| and |*out_alg| to the signature and
+// signature algorithm of |crl|, respectively. Either output pointer may be NULL
+// to ignore the value.
+//
+// This function outputs the outer signature algorithm, not the one in the
+// TBSCertList. CRLs with mismatched signature algorithms will successfully
+// parse, but they will be rejected when verifying.
+OPENSSL_EXPORT void X509_CRL_get0_signature(const X509_CRL *crl,
+ const ASN1_BIT_STRING **out_sig,
+ const X509_ALGOR **out_alg);
+
+// X509_CRL_get_signature_nid returns the NID corresponding to |crl|'s signature
+// algorithm, or |NID_undef| if the signature algorithm does not correspond to
+// a known NID.
+OPENSSL_EXPORT int X509_CRL_get_signature_nid(const X509_CRL *crl);
+
+// i2d_X509_CRL_tbs serializes the TBSCertList portion of |crl|, as described in
+// |i2d_SAMPLE|.
+//
+// This function preserves the original encoding of the TBSCertList and may not
+// reflect modifications made to |crl|. It may be used to manually verify the
+// signature of an existing CRL. To generate CRLs, use |i2d_re_X509_CRL_tbs|
+// instead.
+OPENSSL_EXPORT int i2d_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp);
// X509_CRL_verify checks that |crl| has a valid signature by |pkey|. It returns
// one if the signature is valid and zero otherwise.
OPENSSL_EXPORT int X509_CRL_verify(X509_CRL *crl, EVP_PKEY *pkey);
-// NETSCAPE_SPKI_verify checks that |spki| has a valid signature by |pkey|. It
-// returns one if the signature is valid and zero otherwise.
-OPENSSL_EXPORT int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *spki, EVP_PKEY *pkey);
-// NETSCAPE_SPKI_b64_decode decodes |len| bytes from |str| as a base64-encoded
-// Netscape signed public key and challenge (SPKAC) structure. It returns a
-// newly-allocated |NETSCAPE_SPKI| structure with the result, or NULL on error.
-// If |len| is 0 or negative, the length is calculated with |strlen| and |str|
-// must be a NUL-terminated C string.
-OPENSSL_EXPORT NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str,
- int len);
+// Issuing certificate revocation lists.
+//
+// An |X509_CRL| object may also represent an incomplete CRL. Callers may
+// construct empty |X509_CRL| objects, fill in fields individually, and finally
+// sign the result. The following functions may be used for this purpose.
-// NETSCAPE_SPKI_b64_encode encodes |spki| as a base64-encoded Netscape signed
-// public key and challenge (SPKAC) structure. It returns a newly-allocated
-// NUL-terminated C string with the result, or NULL on error. The caller must
-// release the memory with |OPENSSL_free| when done.
-OPENSSL_EXPORT char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki);
+// X509_CRL_new returns a newly-allocated, empty |X509_CRL| object, or NULL on
+// error. This object may be filled in and then signed to construct a CRL.
+OPENSSL_EXPORT X509_CRL *X509_CRL_new(void);
-// NETSCAPE_SPKI_get_pubkey decodes and returns the public key in |spki| as an
-// |EVP_PKEY|, or NULL on error. The caller takes ownership of the resulting
-// pointer and must call |EVP_PKEY_free| when done.
-OPENSSL_EXPORT EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *spki);
+// X509_CRL_set_version sets |crl|'s version to |version|, which should be one
+// of the |X509_CRL_VERSION_*| constants. It returns one on success and zero on
+// error.
+//
+// If unsure, use |X509_CRL_VERSION_2|. Note that, unlike certificates, CRL
+// versions are only defined up to v2. Callers should not use |X509_VERSION_3|.
+OPENSSL_EXPORT int X509_CRL_set_version(X509_CRL *crl, long version);
-// NETSCAPE_SPKI_set_pubkey sets |spki|'s public key to |pkey|. It returns one
-// on success or zero on error. This function does not take ownership of |pkey|,
-// so the caller may continue to manage its lifetime independently of |spki|.
-OPENSSL_EXPORT int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *spki,
- EVP_PKEY *pkey);
+// X509_CRL_set_issuer_name sets |crl|'s issuer to a copy of |name|. It returns
+// one on success and zero on error.
+OPENSSL_EXPORT int X509_CRL_set_issuer_name(X509_CRL *crl, X509_NAME *name);
-// X509_signature_dump writes a human-readable representation of |sig| to |bio|,
-// indented with |indent| spaces. It returns one on success and zero on error.
-OPENSSL_EXPORT int X509_signature_dump(BIO *bio, const ASN1_STRING *sig,
- int indent);
+// X509_CRL_set1_lastUpdate sets |crl|'s thisUpdate time to |tm|. It returns one
+// on success and zero on error. The OpenSSL API refers to this field as
+// lastUpdate.
+OPENSSL_EXPORT int X509_CRL_set1_lastUpdate(X509_CRL *crl, const ASN1_TIME *tm);
-// X509_signature_print writes a human-readable representation of |alg| and
-// |sig| to |bio|. It returns one on success and zero on error.
-OPENSSL_EXPORT int X509_signature_print(BIO *bio, const X509_ALGOR *alg,
- const ASN1_STRING *sig);
+// X509_CRL_set1_nextUpdate sets |crl|'s nextUpdate time to |tm|. It returns one
+// on success and zero on error.
+OPENSSL_EXPORT int X509_CRL_set1_nextUpdate(X509_CRL *crl, const ASN1_TIME *tm);
-// X509_sign signs |x509| with |pkey| and replaces the signature algorithm and
-// signature fields. It returns one on success and zero on error. This function
-// uses digest algorithm |md|, or |pkey|'s default if NULL. Other signing
-// parameters use |pkey|'s defaults. To customize them, use |X509_sign_ctx|.
-OPENSSL_EXPORT int X509_sign(X509 *x509, EVP_PKEY *pkey, const EVP_MD *md);
+// X509_CRL_delete_ext removes the extension in |x| at index |loc| and returns
+// the removed extension, or NULL if |loc| was out of bounds. If non-NULL, the
+// caller must release the result with |X509_EXTENSION_free|.
+OPENSSL_EXPORT X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
-// X509_sign_ctx signs |x509| with |ctx| and replaces the signature algorithm
-// and signature fields. It returns one on success and zero on error. The
-// signature algorithm and parameters come from |ctx|, which must have been
-// initialized with |EVP_DigestSignInit|. The caller should configure the
-// corresponding |EVP_PKEY_CTX| before calling this function.
-OPENSSL_EXPORT int X509_sign_ctx(X509 *x509, EVP_MD_CTX *ctx);
-
-// X509_REQ_sign signs |req| with |pkey| and replaces the signature algorithm
-// and signature fields. It returns one on success and zero on error. This
-// function uses digest algorithm |md|, or |pkey|'s default if NULL. Other
-// signing parameters use |pkey|'s defaults. To customize them, use
-// |X509_REQ_sign_ctx|.
-OPENSSL_EXPORT int X509_REQ_sign(X509_REQ *req, EVP_PKEY *pkey,
- const EVP_MD *md);
-
-// X509_REQ_sign_ctx signs |req| with |ctx| and replaces the signature algorithm
-// and signature fields. It returns one on success and zero on error. The
-// signature algorithm and parameters come from |ctx|, which must have been
-// initialized with |EVP_DigestSignInit|. The caller should configure the
-// corresponding |EVP_PKEY_CTX| before calling this function.
-OPENSSL_EXPORT int X509_REQ_sign_ctx(X509_REQ *req, EVP_MD_CTX *ctx);
+// X509_CRL_add_ext adds a copy of |ex| to |x|. It returns one on success and
+// zero on failure. The caller retains ownership of |ex| and can release it
+// independently of |x|.
+//
+// The new extension is inserted at index |loc|, shifting extensions to the
+// right. If |loc| is -1 or out of bounds, the new extension is appended to the
+// list.
+OPENSSL_EXPORT int X509_CRL_add_ext(X509_CRL *x, const X509_EXTENSION *ex,
+ int loc);
// X509_CRL_sign signs |crl| with |pkey| and replaces the signature algorithm
-// and signature fields. It returns one on success and zero on error. This
-// function uses digest algorithm |md|, or |pkey|'s default if NULL. Other
-// signing parameters use |pkey|'s defaults. To customize them, use
-// |X509_CRL_sign_ctx|.
+// and signature fields. It returns the length of the signature on success and
+// zero on error. This function uses digest algorithm |md|, or |pkey|'s default
+// if NULL. Other signing parameters use |pkey|'s defaults. To customize them,
+// use |X509_CRL_sign_ctx|.
OPENSSL_EXPORT int X509_CRL_sign(X509_CRL *crl, EVP_PKEY *pkey,
const EVP_MD *md);
// X509_CRL_sign_ctx signs |crl| with |ctx| and replaces the signature algorithm
-// and signature fields. It returns one on success and zero on error. The
-// signature algorithm and parameters come from |ctx|, which must have been
-// initialized with |EVP_DigestSignInit|. The caller should configure the
-// corresponding |EVP_PKEY_CTX| before calling this function.
+// and signature fields. It returns the length of the signature on success and
+// zero on error. The signature algorithm and parameters come from |ctx|, which
+// must have been initialized with |EVP_DigestSignInit|. The caller should
+// configure the corresponding |EVP_PKEY_CTX| before calling this function.
OPENSSL_EXPORT int X509_CRL_sign_ctx(X509_CRL *crl, EVP_MD_CTX *ctx);
-// NETSCAPE_SPKI_sign signs |spki| with |pkey| and replaces the signature
-// algorithm and signature fields. It returns one on success and zero on error.
-// This function uses digest algorithm |md|, or |pkey|'s default if NULL. Other
-// signing parameters use |pkey|'s defaults.
-OPENSSL_EXPORT int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *spki, EVP_PKEY *pkey,
- const EVP_MD *md);
+// i2d_re_X509_CRL_tbs serializes the TBSCertList portion of |crl|, as described
+// in |i2d_SAMPLE|.
+//
+// This function re-encodes the TBSCertList and may not reflect |crl|'s original
+// encoding. It may be used to manually generate a signature for a new CRL. To
+// verify CRLs, use |i2d_X509_CRL_tbs| instead.
+OPENSSL_EXPORT int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp);
-// X509_pubkey_digest hashes the DER encoding of |x509|'s subjectPublicKeyInfo
-// field with |md| and writes the result to |out|. |EVP_MD_CTX_size| bytes are
-// written, which is at most |EVP_MAX_MD_SIZE|. If |out_len| is not NULL,
-// |*out_len| is set to the number of bytes written. This function returns one
-// on success and zero on error.
-OPENSSL_EXPORT int X509_pubkey_digest(const X509 *x509, const EVP_MD *md,
- uint8_t *out, unsigned *out_len);
+// X509_CRL_set1_signature_algo sets |crl|'s signature algorithm to |algo| and
+// returns one on success or zero on error. It updates both the signature field
+// of the TBSCertList structure, and the signatureAlgorithm field of the CRL.
+OPENSSL_EXPORT int X509_CRL_set1_signature_algo(X509_CRL *crl,
+ const X509_ALGOR *algo);
-// X509_digest hashes |x509|'s DER encoding with |md| and writes the result to
-// |out|. |EVP_MD_CTX_size| bytes are written, which is at most
-// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
-// of bytes written. This function returns one on success and zero on error.
-// Note this digest covers the entire certificate, not just the signed portion.
-OPENSSL_EXPORT int X509_digest(const X509 *x509, const EVP_MD *md, uint8_t *out,
- unsigned *out_len);
+// X509_CRL_set1_signature_value sets |crl|'s signature to a copy of the
+// |sig_len| bytes pointed by |sig|. It returns one on success and zero on
+// error.
+//
+// Due to a specification error, X.509 CRLs store signatures in ASN.1 BIT
+// STRINGs, but signature algorithms return byte strings rather than bit
+// strings. This function creates a BIT STRING containing a whole number of
+// bytes, with the bit order matching the DER encoding. This matches the
+// encoding used by all X.509 signature algorithms.
+OPENSSL_EXPORT int X509_CRL_set1_signature_value(X509_CRL *crl,
+ const uint8_t *sig,
+ size_t sig_len);
-// X509_CRL_digest hashes |crl|'s DER encoding with |md| and writes the result
-// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
-// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
-// of bytes written. This function returns one on success and zero on error.
-// Note this digest covers the entire CRL, not just the signed portion.
-OPENSSL_EXPORT int X509_CRL_digest(const X509_CRL *crl, const EVP_MD *md,
- uint8_t *out, unsigned *out_len);
-// X509_REQ_digest hashes |req|'s DER encoding with |md| and writes the result
-// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
-// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
-// of bytes written. This function returns one on success and zero on error.
-// Note this digest covers the entire certificate request, not just the signed
-// portion.
-OPENSSL_EXPORT int X509_REQ_digest(const X509_REQ *req, const EVP_MD *md,
- uint8_t *out, unsigned *out_len);
+// Certificate requests.
+//
+// An |X509_REQ| represents a PKCS #10 certificate request (RFC 2986). These are
+// also referred to as certificate signing requests or CSRs. CSRs are a common
+// format used to request a certificate from a CA.
+//
+// Although an |X509_REQ| is a mutable object, mutating an |X509_REQ| can give
+// incorrect results. Callers typically obtain |X509_REQ|s by parsing some input
+// with |d2i_X509_REQ|, etc. Such objects carry information such as the
+// serialized CertificationRequestInfo, which will become inconsistent when
+// mutated.
+//
+// Instead, mutation functions should only be used when issuing new CRLs, as
+// described in a later section.
-// X509_NAME_digest hashes |name|'s DER encoding with |md| and writes the result
-// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
-// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
-// of bytes written. This function returns one on success and zero on error.
-OPENSSL_EXPORT int X509_NAME_digest(const X509_NAME *name, const EVP_MD *md,
- uint8_t *out, unsigned *out_len);
+// X509_REQ is an |ASN1_ITEM| whose ASN.1 type is CertificateRequest (RFC 2986)
+// and C type is |X509_REQ*|.
+DECLARE_ASN1_ITEM(X509_REQ)
-// X509_parse_from_buffer parses an X.509 structure from |buf| and returns a
-// fresh X509 or NULL on error. There must not be any trailing data in |buf|.
-// The returned structure (if any) holds a reference to |buf| rather than
-// copying parts of it as a normal |d2i_X509| call would do.
-OPENSSL_EXPORT X509 *X509_parse_from_buffer(CRYPTO_BUFFER *buf);
-
-OPENSSL_EXPORT X509 *d2i_X509_fp(FILE *fp, X509 **x509);
-OPENSSL_EXPORT int i2d_X509_fp(FILE *fp, X509 *x509);
-OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
-OPENSSL_EXPORT int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl);
-OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
-OPENSSL_EXPORT int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req);
-OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
-OPENSSL_EXPORT int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa);
-OPENSSL_EXPORT RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
-OPENSSL_EXPORT int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa);
-OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
-OPENSSL_EXPORT int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa);
-#ifndef OPENSSL_NO_DSA
-OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
-OPENSSL_EXPORT int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
-OPENSSL_EXPORT DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
-OPENSSL_EXPORT int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
-#endif
-OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
-OPENSSL_EXPORT int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
-OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
-OPENSSL_EXPORT int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
-OPENSSL_EXPORT X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
-OPENSSL_EXPORT int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8);
-OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(
- FILE *fp, PKCS8_PRIV_KEY_INFO **p8inf);
-OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
- PKCS8_PRIV_KEY_INFO *p8inf);
-OPENSSL_EXPORT int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
-OPENSSL_EXPORT int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
-OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
-OPENSSL_EXPORT int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
-OPENSSL_EXPORT EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
-
-OPENSSL_EXPORT X509 *d2i_X509_bio(BIO *bp, X509 **x509);
-OPENSSL_EXPORT int i2d_X509_bio(BIO *bp, X509 *x509);
-OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl);
-OPENSSL_EXPORT int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl);
-OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req);
-OPENSSL_EXPORT int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req);
-OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa);
-OPENSSL_EXPORT int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa);
-OPENSSL_EXPORT RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa);
-OPENSSL_EXPORT int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa);
-OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa);
-OPENSSL_EXPORT int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa);
-#ifndef OPENSSL_NO_DSA
-OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
-OPENSSL_EXPORT int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
-OPENSSL_EXPORT DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
-OPENSSL_EXPORT int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
-#endif
-OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
-OPENSSL_EXPORT int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey);
-OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
-OPENSSL_EXPORT int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey);
-OPENSSL_EXPORT X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8);
-OPENSSL_EXPORT int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8);
-OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(
- BIO *bp, PKCS8_PRIV_KEY_INFO **p8inf);
-OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
- PKCS8_PRIV_KEY_INFO *p8inf);
-OPENSSL_EXPORT int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key);
-OPENSSL_EXPORT int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey);
-OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
-OPENSSL_EXPORT int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
-OPENSSL_EXPORT EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
-OPENSSL_EXPORT DH *d2i_DHparams_bio(BIO *bp, DH **dh);
-OPENSSL_EXPORT int i2d_DHparams_bio(BIO *bp, const DH *dh);
-
-OPENSSL_EXPORT X509 *X509_dup(X509 *x509);
-OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa);
-OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
-OPENSSL_EXPORT X509_CRL *X509_CRL_dup(X509_CRL *crl);
-OPENSSL_EXPORT X509_REVOKED *X509_REVOKED_dup(X509_REVOKED *rev);
+// X509_REQ_dup returns a newly-allocated copy of |req|, or NULL on error. This
+// function works by serializing the structure, so if |req| is incomplete, it
+// may fail.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |req| was
+// mutated.
OPENSSL_EXPORT X509_REQ *X509_REQ_dup(X509_REQ *req);
-OPENSSL_EXPORT X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
+
+// X509_REQ_free releases memory associated with |req|.
+OPENSSL_EXPORT void X509_REQ_free(X509_REQ *req);
+
+// d2i_X509_REQ parses up to |len| bytes from |*inp| as a DER-encoded
+// CertificateRequest (RFC 2986), as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509_REQ *d2i_X509_REQ(X509_REQ **out, const uint8_t **inp,
+ long len);
+
+// i2d_X509_REQ marshals |req| as a CertificateRequest (RFC 2986), as described
+// in |i2d_SAMPLE|.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |req| was
+// mutated.
+OPENSSL_EXPORT int i2d_X509_REQ(X509_REQ *req, uint8_t **outp);
+
+// X509_REQ_VERSION_1 is the version constant for |X509_REQ| objects. No other
+// versions are defined.
+#define X509_REQ_VERSION_1 0
+
+// X509_REQ_get_version returns the numerical value of |req|'s version. This
+// will always be |X509_REQ_VERSION_1| for valid CSRs. For compatibility,
+// |d2i_X509_REQ| also accepts some invalid version numbers, in which case this
+// function may return other values.
+OPENSSL_EXPORT long X509_REQ_get_version(const X509_REQ *req);
+
+// X509_REQ_get_subject_name returns |req|'s subject name. Note this function is
+// not const-correct for legacy reasons.
+OPENSSL_EXPORT X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
+
+// X509_REQ_get_pubkey returns |req|'s public key as an |EVP_PKEY|, or NULL if
+// the public key was unsupported or could not be decoded. This function returns
+// a reference to the |EVP_PKEY|. The caller must release the result with
+// |EVP_PKEY_free| when done.
+OPENSSL_EXPORT EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
+
+// X509_REQ_get_attr_count returns the number of attributes in |req|.
+OPENSSL_EXPORT int X509_REQ_get_attr_count(const X509_REQ *req);
+
+// X509_REQ_get_attr returns the attribute at index |loc| in |req|, or NULL if
+// out of bounds.
+OPENSSL_EXPORT X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
+
+// X509_REQ_get_attr_by_NID returns the index of the attribute in |req| of type
+// |nid|, or a negative number if not found. If found, callers can use
+// |X509_REQ_get_attr| to look up the attribute by index.
+//
+// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
+// can thus loop over all matching attributes by first passing -1 and then
+// passing the previously-returned value until no match is returned.
+OPENSSL_EXPORT int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
+ int lastpos);
+
+// X509_REQ_get_attr_by_OBJ behaves like |X509_REQ_get_attr_by_NID| but looks
+// for attributes of type |obj|.
+OPENSSL_EXPORT int X509_REQ_get_attr_by_OBJ(const X509_REQ *req,
+ const ASN1_OBJECT *obj,
+ int lastpos);
+
+// X509_REQ_extension_nid returns one if |nid| is a supported CSR attribute type
+// for carrying extensions and zero otherwise. The supported types are
+// |NID_ext_req| (pkcs-9-at-extensionRequest from RFC 2985) and |NID_ms_ext_req|
+// (a Microsoft szOID_CERT_EXTENSIONS variant).
+OPENSSL_EXPORT int X509_REQ_extension_nid(int nid);
+
+// X509_REQ_get_extensions decodes the list of requested extensions in |req| and
+// returns a newly-allocated |STACK_OF(X509_EXTENSION)| containing the result.
+// It returns NULL on error, or if |req| did not request extensions.
+//
+// CSRs do not store extensions directly. Instead there are attribute types
+// which are defined to hold extensions. See |X509_REQ_extension_nid|. This
+// function supports both pkcs-9-at-extensionRequest from RFC 2985 and the
+// Microsoft szOID_CERT_EXTENSIONS variant. If both are present,
+// pkcs-9-at-extensionRequest is preferred.
+OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
+
+// X509_REQ_get0_signature sets |*out_sig| and |*out_alg| to the signature and
+// signature algorithm of |req|, respectively. Either output pointer may be NULL
+// to ignore the value.
+OPENSSL_EXPORT void X509_REQ_get0_signature(const X509_REQ *req,
+ const ASN1_BIT_STRING **out_sig,
+ const X509_ALGOR **out_alg);
+
+// X509_REQ_get_signature_nid returns the NID corresponding to |req|'s signature
+// algorithm, or |NID_undef| if the signature algorithm does not correspond to
+// a known NID.
+OPENSSL_EXPORT int X509_REQ_get_signature_nid(const X509_REQ *req);
+
+// X509_REQ_verify checks that |req| has a valid signature by |pkey|. It returns
+// one if the signature is valid and zero otherwise.
+OPENSSL_EXPORT int X509_REQ_verify(X509_REQ *req, EVP_PKEY *pkey);
+
+
+// Issuing certificate requests.
+//
+// An |X509_REQ| object may also represent an incomplete CSR. Callers may
+// construct empty |X509_REQ| objects, fill in fields individually, and finally
+// sign the result. The following functions may be used for this purpose.
+
+// X509_REQ_new returns a newly-allocated, empty |X509_REQ| object, or NULL on
+// error. This object may be filled in and then signed to construct a CSR.
+OPENSSL_EXPORT X509_REQ *X509_REQ_new(void);
+
+// X509_REQ_set_version sets |req|'s version to |version|, which should be
+// |X509_REQ_VERSION_1|. It returns one on success and zero on error.
+//
+// The only defined CSR version is |X509_REQ_VERSION_1|, so there is no need to
+// call this function.
+OPENSSL_EXPORT int X509_REQ_set_version(X509_REQ *req, long version);
+
+// X509_REQ_set_subject_name sets |req|'s subject to a copy of |name|. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
+
+// X509_REQ_set_pubkey sets |req|'s public key to |pkey|. It returns one on
+// success and zero on error. This function does not take ownership of |pkey|
+// and internally copies and updates reference counts as needed.
+OPENSSL_EXPORT int X509_REQ_set_pubkey(X509_REQ *req, EVP_PKEY *pkey);
+
+// X509_REQ_delete_attr removes the attribute at index |loc| in |req|. It
+// returns the removed attribute to the caller, or NULL if |loc| was out of
+// bounds. If non-NULL, the caller must release the result with
+// |X509_ATTRIBUTE_free| when done. It is also safe, but not necessary, to call
+// |X509_ATTRIBUTE_free| if the result is NULL.
+OPENSSL_EXPORT X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
+
+// X509_REQ_add1_attr appends a copy of |attr| to |req|'s list of attributes. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int X509_REQ_add1_attr(X509_REQ *req,
+ const X509_ATTRIBUTE *attr);
+
+// X509_REQ_add1_attr_by_OBJ appends a new attribute to |req| with type |obj|.
+// It returns one on success and zero on error. The value is determined by
+// |X509_ATTRIBUTE_set1_data|.
+//
+// WARNING: The interpretation of |attrtype|, |data|, and |len| is complex and
+// error-prone. See |X509_ATTRIBUTE_set1_data| for details.
+OPENSSL_EXPORT int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
+ const ASN1_OBJECT *obj,
+ int attrtype,
+ const unsigned char *data,
+ int len);
+
+// X509_REQ_add1_attr_by_NID behaves like |X509_REQ_add1_attr_by_OBJ| except the
+// attribute type is determined by |nid|.
+OPENSSL_EXPORT int X509_REQ_add1_attr_by_NID(X509_REQ *req, int nid,
+ int attrtype,
+ const unsigned char *data,
+ int len);
+
+// X509_REQ_add1_attr_by_txt behaves like |X509_REQ_add1_attr_by_OBJ| except the
+// attribute type is determined by calling |OBJ_txt2obj| with |attrname|.
+OPENSSL_EXPORT int X509_REQ_add1_attr_by_txt(X509_REQ *req,
+ const char *attrname, int attrtype,
+ const unsigned char *data,
+ int len);
+
+// X509_REQ_add_extensions_nid adds an attribute to |req| of type |nid|, to
+// request the certificate extensions in |exts|. It returns one on success and
+// zero on error. |nid| should be |NID_ext_req| or |NID_ms_ext_req|.
+OPENSSL_EXPORT int X509_REQ_add_extensions_nid(
+ X509_REQ *req, const STACK_OF(X509_EXTENSION) *exts, int nid);
+
+// X509_REQ_add_extensions behaves like |X509_REQ_add_extensions_nid|, using the
+// standard |NID_ext_req| for the attribute type.
+OPENSSL_EXPORT int X509_REQ_add_extensions(
+ X509_REQ *req, const STACK_OF(X509_EXTENSION) *exts);
+
+// X509_REQ_sign signs |req| with |pkey| and replaces the signature algorithm
+// and signature fields. It returns the length of the signature on success and
+// zero on error. This function uses digest algorithm |md|, or |pkey|'s default
+// if NULL. Other signing parameters use |pkey|'s defaults. To customize them,
+// use |X509_REQ_sign_ctx|.
+OPENSSL_EXPORT int X509_REQ_sign(X509_REQ *req, EVP_PKEY *pkey,
+ const EVP_MD *md);
+
+// X509_REQ_sign_ctx signs |req| with |ctx| and replaces the signature algorithm
+// and signature fields. It returns the length of the signature on success and
+// zero on error. The signature algorithm and parameters come from |ctx|, which
+// must have been initialized with |EVP_DigestSignInit|. The caller should
+// configure the corresponding |EVP_PKEY_CTX| before calling this function.
+OPENSSL_EXPORT int X509_REQ_sign_ctx(X509_REQ *req, EVP_MD_CTX *ctx);
+
+// i2d_re_X509_REQ_tbs serializes the CertificationRequestInfo (see RFC 2986)
+// portion of |req|, as described in |i2d_SAMPLE|.
+//
+// This function re-encodes the CertificationRequestInfo and may not reflect
+// |req|'s original encoding. It may be used to manually generate a signature
+// for a new certificate request.
+OPENSSL_EXPORT int i2d_re_X509_REQ_tbs(X509_REQ *req, uint8_t **outp);
+
+// X509_REQ_set1_signature_algo sets |req|'s signature algorithm to |algo| and
+// returns one on success or zero on error.
+OPENSSL_EXPORT int X509_REQ_set1_signature_algo(X509_REQ *req,
+ const X509_ALGOR *algo);
+
+// X509_REQ_set1_signature_value sets |req|'s signature to a copy of the
+// |sig_len| bytes pointed by |sig|. It returns one on success and zero on
+// error.
+//
+// Due to a specification error, PKCS#10 certificate requests store signatures
+// in ASN.1 BIT STRINGs, but signature algorithms return byte strings rather
+// than bit strings. This function creates a BIT STRING containing a whole
+// number of bytes, with the bit order matching the DER encoding. This matches
+// the encoding used by all X.509 signature algorithms.
+OPENSSL_EXPORT int X509_REQ_set1_signature_value(X509_REQ *req,
+ const uint8_t *sig,
+ size_t sig_len);
+
+
+// Names.
+//
+// An |X509_NAME| represents an X.509 Name structure (RFC 5280). X.509 names are
+// a complex, hierarchical structure over a collection of attributes. Each name
+// is sequence of relative distinguished names (RDNs), decreasing in
+// specificity. For example, the first RDN may specify the country, while the
+// next RDN may specify a locality. Each RDN is, itself, a set of attributes.
+// Having more than one attribute in an RDN is uncommon, but possible. Within an
+// RDN, attributes have the same level in specificity. Attribute types are
+// OBJECT IDENTIFIERs. This determines the ASN.1 type of the value, which is
+// commonly a string but may be other types.
+//
+// The |X509_NAME| representation flattens this two-level structure into a
+// single list of attributes. Each attribute is stored in an |X509_NAME_ENTRY|,
+// with also maintains the index of the RDN it is part of, accessible via
+// |X509_NAME_ENTRY_set|. This can be used to recover the two-level structure.
+//
+// X.509 names are largely vestigial. Historically, DNS names were parsed out of
+// the subject's common name attribute, but this is deprecated and has since
+// moved to the subject alternative name extension. In modern usage, X.509 names
+// are primarily opaque identifiers to link a certificate with its issuer.
+
+DEFINE_STACK_OF(X509_NAME_ENTRY)
+DEFINE_STACK_OF(X509_NAME)
+
+// X509_NAME is an |ASN1_ITEM| whose ASN.1 type is X.509 Name (RFC 5280) and C
+// type is |X509_NAME*|.
+DECLARE_ASN1_ITEM(X509_NAME)
+
+// X509_NAME_new returns a new, empty |X509_NAME_new|, or NULL on
+// error.
+OPENSSL_EXPORT X509_NAME *X509_NAME_new(void);
+
+// X509_NAME_free releases memory associated with |name|.
+OPENSSL_EXPORT void X509_NAME_free(X509_NAME *name);
+
+// d2i_X509_NAME parses up to |len| bytes from |*inp| as a DER-encoded X.509
+// Name (RFC 5280), as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509_NAME *d2i_X509_NAME(X509_NAME **out, const uint8_t **inp,
+ long len);
+
+// i2d_X509_NAME marshals |in| as a DER-encoded X.509 Name (RFC 5280), as
+// described in |i2d_SAMPLE|.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |in| was
+// mutated.
+OPENSSL_EXPORT int i2d_X509_NAME(X509_NAME *in, uint8_t **outp);
+
+// X509_NAME_dup returns a newly-allocated copy of |name|, or NULL on error.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |name| was
+// mutated.
+OPENSSL_EXPORT X509_NAME *X509_NAME_dup(X509_NAME *name);
+
+// X509_NAME_get0_der sets |*out_der| and |*out_der_len|
+//
+// Avoid this function and prefer |i2d_X509_NAME|. It is one of the reasons
+// these functions are not consistently thread-safe or const-correct. Depending
+// on the resolution of https://crbug.com/boringssl/407, this function may be
+// removed or cause poor performance.
+OPENSSL_EXPORT int X509_NAME_get0_der(X509_NAME *name, const uint8_t **out_der,
+ size_t *out_der_len);
+
+// X509_NAME_set makes a copy of |name|. On success, it frees |*xn|, sets |*xn|
+// to the copy, and returns one. Otherwise, it returns zero.
+//
+// TODO(https://crbug.com/boringssl/407): This function should be const and
+// thread-safe but is currently neither in some cases, notably if |name| was
+// mutated.
+OPENSSL_EXPORT int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
+
+// X509_NAME_entry_count returns the number of entries in |name|.
+OPENSSL_EXPORT int X509_NAME_entry_count(const X509_NAME *name);
+
+// X509_NAME_get_index_by_NID returns the zero-based index of the first
+// attribute in |name| with type |nid|, or -1 if there is none. |nid| should be
+// one of the |NID_*| constants. If |lastpos| is non-negative, it begins
+// searching at |lastpos+1|. To search all attributes, pass in -1, not zero.
+//
+// Indices from this function refer to |X509_NAME|'s flattened representation.
+OPENSSL_EXPORT int X509_NAME_get_index_by_NID(const X509_NAME *name, int nid,
+ int lastpos);
+
+// X509_NAME_get_index_by_OBJ behaves like |X509_NAME_get_index_by_NID| but
+// looks for attributes with type |obj|.
+OPENSSL_EXPORT int X509_NAME_get_index_by_OBJ(const X509_NAME *name,
+ const ASN1_OBJECT *obj,
+ int lastpos);
+
+// X509_NAME_get_entry returns the attribute in |name| at index |loc|, or NULL
+// if |loc| is out of range. |loc| is interpreted using |X509_NAME|'s flattened
+// representation. This function returns a non-const pointer for OpenSSL
+// compatibility, but callers should not mutate the result. Doing so will break
+// internal invariants in the library.
+OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name,
+ int loc);
+
+// X509_NAME_delete_entry removes and returns the attribute in |name| at index
+// |loc|, or NULL if |loc| is out of range. |loc| is interpreted using
+// |X509_NAME|'s flattened representation. If the attribute is found, the caller
+// is responsible for releasing the result with |X509_NAME_ENTRY_free|.
+//
+// This function will internally update RDN indices (see |X509_NAME_ENTRY_set|)
+// so they continue to be consecutive.
+OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name,
+ int loc);
+
+// X509_NAME_add_entry adds a copy of |entry| to |name| and returns one on
+// success or zero on error. If |loc| is -1, the entry is appended to |name|.
+// Otherwise, it is inserted at index |loc|. If |set| is -1, the entry is added
+// to the previous entry's RDN. If it is 0, the entry becomes a singleton RDN.
+// If 1, it is added to next entry's RDN.
+//
+// This function will internally update RDN indices (see |X509_NAME_ENTRY_set|)
+// so they continue to be consecutive.
+OPENSSL_EXPORT int X509_NAME_add_entry(X509_NAME *name,
+ const X509_NAME_ENTRY *entry, int loc,
+ int set);
+
+// X509_NAME_add_entry_by_OBJ adds a new entry to |name| and returns one on
+// success or zero on error. The entry's attribute type is |obj|. The entry's
+// attribute value is determined by |type|, |bytes|, and |len|, as in
+// |X509_NAME_ENTRY_set_data|. The entry's position is determined by |loc| and
+// |set| as in |X509_NAME_add_entry|.
+OPENSSL_EXPORT int X509_NAME_add_entry_by_OBJ(X509_NAME *name,
+ const ASN1_OBJECT *obj, int type,
+ const uint8_t *bytes,
+ ossl_ssize_t len, int loc,
+ int set);
+
+// X509_NAME_add_entry_by_NID behaves like |X509_NAME_add_entry_by_OBJ| but sets
+// the entry's attribute type to |nid|, which should be one of the |NID_*|
+// constants.
+OPENSSL_EXPORT int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid,
+ int type, const uint8_t *bytes,
+ ossl_ssize_t len, int loc,
+ int set);
+
+// X509_NAME_add_entry_by_txt behaves like |X509_NAME_add_entry_by_OBJ| but sets
+// the entry's attribute type to |field|, which is passed to |OBJ_txt2obj|.
+OPENSSL_EXPORT int X509_NAME_add_entry_by_txt(X509_NAME *name,
+ const char *field, int type,
+ const uint8_t *bytes,
+ ossl_ssize_t len, int loc,
+ int set);
+
+// X509_NAME_ENTRY is an |ASN1_ITEM| whose ASN.1 type is AttributeTypeAndValue
+// (RFC 5280) and C type is |X509_NAME_ENTRY*|.
+DECLARE_ASN1_ITEM(X509_NAME_ENTRY)
+
+// X509_NAME_ENTRY_new returns a new, empty |X509_NAME_ENTRY_new|, or NULL on
+// error.
+OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_new(void);
+
+// X509_NAME_ENTRY_free releases memory associated with |entry|.
+OPENSSL_EXPORT void X509_NAME_ENTRY_free(X509_NAME_ENTRY *entry);
+
+// d2i_X509_NAME_ENTRY parses up to |len| bytes from |*inp| as a DER-encoded
+// AttributeTypeAndValue (RFC 5280), as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **out,
+ const uint8_t **inp,
+ long len);
+
+// i2d_X509_NAME_ENTRY marshals |in| as a DER-encoded AttributeTypeAndValue (RFC
+// 5280), as described in |i2d_SAMPLE|.
+OPENSSL_EXPORT int i2d_X509_NAME_ENTRY(const X509_NAME_ENTRY *in,
+ uint8_t **outp);
+
+// X509_NAME_ENTRY_dup returns a newly-allocated copy of |entry|, or NULL on
+// error.
+OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_dup(
+ const X509_NAME_ENTRY *entry);
+
+// X509_NAME_ENTRY_get_object returns |entry|'s attribute type. This function
+// returns a non-const pointer for OpenSSL compatibility, but callers should not
+// mutate the result. Doing so will break internal invariants in the library.
+OPENSSL_EXPORT ASN1_OBJECT *X509_NAME_ENTRY_get_object(
+ const X509_NAME_ENTRY *entry);
+
+// X509_NAME_ENTRY_set_object sets |entry|'s attribute type to |obj|. It returns
+// one on success and zero on error.
+OPENSSL_EXPORT int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *entry,
+ const ASN1_OBJECT *obj);
+
+// X509_NAME_ENTRY_get_data returns |entry|'s attribute value, represented as an
+// |ASN1_STRING|. This value may have any ASN.1 type, so callers must check the
+// type before interpreting the contents. This function returns a non-const
+// pointer for OpenSSL compatibility, but callers should not mutate the result.
+// Doing so will break internal invariants in the library.
+//
+// TODO(https://crbug.com/boringssl/412): Although the spec says any ASN.1 type
+// is allowed, we currently only allow an ad-hoc set of types. Additionally, it
+// is unclear if some types can even be represented by this function.
+OPENSSL_EXPORT ASN1_STRING *X509_NAME_ENTRY_get_data(
+ const X509_NAME_ENTRY *entry);
+
+// X509_NAME_ENTRY_set_data sets |entry|'s value to |len| bytes from |bytes|. It
+// returns one on success and zero on error. If |len| is -1, |bytes| must be a
+// NUL-terminated C string and the length is determined by |strlen|. |bytes| is
+// converted to an ASN.1 type as follows:
+//
+// If |type| is a |MBSTRING_*| constant, the value is an ASN.1 string. The
+// string is determined by decoding |bytes| in the encoding specified by |type|,
+// and then re-encoding it in a form appropriate for |entry|'s attribute type.
+// See |ASN1_STRING_set_by_NID| for details.
+//
+// Otherwise, the value is an |ASN1_STRING| with type |type| and value |bytes|.
+// See |ASN1_STRING| for how to format ASN.1 types as an |ASN1_STRING|. If
+// |type| is |V_ASN1_UNDEF| the previous |ASN1_STRING| type is reused.
+OPENSSL_EXPORT int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *entry, int type,
+ const uint8_t *bytes,
+ ossl_ssize_t len);
+
+// X509_NAME_ENTRY_set returns the zero-based index of the RDN which contains
+// |entry|. Consecutive entries with the same index are part of the same RDN.
+OPENSSL_EXPORT int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *entry);
+
+// X509_NAME_ENTRY_create_by_OBJ creates a new |X509_NAME_ENTRY| with attribute
+// type |obj|. The attribute value is determined from |type|, |bytes|, and |len|
+// as in |X509_NAME_ENTRY_set_data|. It returns the |X509_NAME_ENTRY| on success
+// and NULL on error.
+//
+// If |out| is non-NULL and |*out| is NULL, it additionally sets |*out| to the
+// result on success. If both |out| and |*out| are non-NULL, it updates the
+// object at |*out| instead of allocating a new one.
+OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(
+ X509_NAME_ENTRY **out, const ASN1_OBJECT *obj, int type,
+ const uint8_t *bytes, ossl_ssize_t len);
+
+// X509_NAME_ENTRY_create_by_NID behaves like |X509_NAME_ENTRY_create_by_OBJ|
+// except the attribute type is |nid|, which should be one of the |NID_*|
+// constants.
+OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(
+ X509_NAME_ENTRY **out, int nid, int type, const uint8_t *bytes,
+ ossl_ssize_t len);
+
+// X509_NAME_ENTRY_create_by_txt behaves like |X509_NAME_ENTRY_create_by_OBJ|
+// except the attribute type is |field|, which is passed to |OBJ_txt2obj|.
+OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(
+ X509_NAME_ENTRY **out, const char *field, int type, const uint8_t *bytes,
+ ossl_ssize_t len);
+
+
+// Extensions.
+//
+// X.509 certificates and CRLs may contain a list of extensions (RFC 5280).
+// Extensions have a type, specified by an object identifier (|ASN1_OBJECT|) and
+// a byte string value, which should a DER-encoded structure whose type is
+// determined by the extension type. This library represents extensions with the
+// |X509_EXTENSION| type.
+
+// X509_EXTENSION is an |ASN1_ITEM| whose ASN.1 type is X.509 Extension (RFC
+// 5280) and C type is |X509_EXTENSION*|.
+DECLARE_ASN1_ITEM(X509_EXTENSION)
+
+// X509_EXTENSION_new returns a newly-allocated, empty |X509_EXTENSION| object
+// or NULL on error.
+OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_new(void);
+
+// X509_EXTENSION_free releases memory associated with |ex|.
+OPENSSL_EXPORT void X509_EXTENSION_free(X509_EXTENSION *ex);
+
+// d2i_X509_EXTENSION parses up to |len| bytes from |*inp| as a DER-encoded
+// X.509 Extension (RFC 5280), as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **out,
+ const uint8_t **inp,
+ long len);
+
+// i2d_X509_EXTENSION marshals |ex| as a DER-encoded X.509 Extension (RFC
+// 5280), as described in |i2d_SAMPLE|.
+OPENSSL_EXPORT int i2d_X509_EXTENSION(const X509_EXTENSION *ex, uint8_t **outp);
+
+// X509_EXTENSION_dup returns a newly-allocated copy of |ex|, or NULL on error.
+// This function works by serializing the structure, so if |ex| is incomplete,
+// it may fail.
+OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_dup(const X509_EXTENSION *ex);
+
+// X509_EXTENSION_create_by_NID creates a new |X509_EXTENSION| with type |nid|,
+// value |data|, and critical bit |crit|. It returns an |X509_EXTENSION| on
+// success, and NULL on error. |nid| should be a |NID_*| constant.
+//
+// If |ex| and |*ex| are both non-NULL, |*ex| is used to hold the result,
+// otherwise a new object is allocated. If |ex| is non-NULL and |*ex| is NULL,
+// the function sets |*ex| to point to the newly allocated result, in addition
+// to returning the result.
+OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_NID(
+ X509_EXTENSION **ex, int nid, int crit, const ASN1_OCTET_STRING *data);
+
+// X509_EXTENSION_create_by_OBJ behaves like |X509_EXTENSION_create_by_NID|, but
+// the extension type is determined by an |ASN1_OBJECT|.
+OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_OBJ(
+ X509_EXTENSION **ex, const ASN1_OBJECT *obj, int crit,
+ const ASN1_OCTET_STRING *data);
+
+// X509_EXTENSION_get_object returns |ex|'s extension type. This function
+// returns a non-const pointer for OpenSSL compatibility, but callers should not
+// mutate the result.
+OPENSSL_EXPORT ASN1_OBJECT *X509_EXTENSION_get_object(const X509_EXTENSION *ex);
+
+// X509_EXTENSION_get_data returns |ne|'s extension value. This function returns
+// a non-const pointer for OpenSSL compatibility, but callers should not mutate
+// the result.
+OPENSSL_EXPORT ASN1_OCTET_STRING *X509_EXTENSION_get_data(
+ const X509_EXTENSION *ne);
+
+// X509_EXTENSION_get_critical returns one if |ex| is critical and zero
+// otherwise.
+OPENSSL_EXPORT int X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
+
+// X509_EXTENSION_set_object sets |ex|'s extension type to |obj|. It returns one
+// on success and zero on error.
+OPENSSL_EXPORT int X509_EXTENSION_set_object(X509_EXTENSION *ex,
+ const ASN1_OBJECT *obj);
+
+// X509_EXTENSION_set_critical sets |ex| to critical if |crit| is non-zero and
+// to non-critical if |crit| is zero.
+OPENSSL_EXPORT int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+
+// X509_EXTENSION_set_data set's |ex|'s extension value to a copy of |data|. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int X509_EXTENSION_set_data(X509_EXTENSION *ex,
+ const ASN1_OCTET_STRING *data);
+
+
+// Extension lists.
+//
+// The following functions manipulate lists of extensions. Most of them have
+// corresponding functions on the containing |X509|, |X509_CRL|, or
+// |X509_REVOKED|.
+
+DEFINE_STACK_OF(X509_EXTENSION)
+typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
+
+// X509_EXTENSIONS is an |ASN1_ITEM| whose ASN.1 type is SEQUENCE of Extension
+// (RFC 5280) and C type is |STACK_OF(X509_EXTENSION)*|.
+DECLARE_ASN1_ITEM(X509_EXTENSIONS)
+
+// d2i_X509_EXTENSIONS parses up to |len| bytes from |*inp| as a DER-encoded
+// SEQUENCE OF Extension (RFC 5280), as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509_EXTENSIONS *d2i_X509_EXTENSIONS(X509_EXTENSIONS **out,
+ const uint8_t **inp,
+ long len);
+
+// i2d_X509_EXTENSIONS marshals |alg| as a DER-encoded SEQUENCE OF Extension
+// (RFC 5280), as described in |i2d_SAMPLE|.
+OPENSSL_EXPORT int i2d_X509_EXTENSIONS(const X509_EXTENSIONS *alg,
+ uint8_t **outp);
+
+// X509v3_get_ext_count returns the number of extensions in |x|.
+OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+
+// X509v3_get_ext_by_NID returns the index of the first extension in |x| with
+// type |nid|, or a negative number if not found. If found, callers can use
+// |X509v3_get_ext| to look up the extension by index.
+//
+// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
+// can thus loop over all matching extensions by first passing -1 and then
+// passing the previously-returned value until no match is returned.
+OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+ int nid, int lastpos);
+
+// X509v3_get_ext_by_OBJ behaves like |X509v3_get_ext_by_NID| but looks for
+// extensions matching |obj|.
+OPENSSL_EXPORT int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+ const ASN1_OBJECT *obj, int lastpos);
+
+// X509v3_get_ext_by_critical returns the index of the first extension in |x|
+// whose critical bit matches |crit|, or a negative number if no such extension
+// was found.
+//
+// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
+// can thus loop over all matching extensions by first passing -1 and then
+// passing the previously-returned value until no match is returned.
+OPENSSL_EXPORT int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+ int crit, int lastpos);
+
+// X509v3_get_ext returns the extension in |x| at index |loc|, or NULL if |loc|
+// is out of bounds. This function returns a non-const pointer for OpenSSL
+// compatibility, but callers should not mutate the result.
+OPENSSL_EXPORT X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x,
+ int loc);
+
+// X509v3_delete_ext removes the extension in |x| at index |loc| and returns the
+// removed extension, or NULL if |loc| was out of bounds. If an extension was
+// returned, the caller must release it with |X509_EXTENSION_free|.
+OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x,
+ int loc);
+
+// X509v3_add_ext adds a copy of |ex| to the extension list in |*x|. If |*x| is
+// NULL, it allocates a new |STACK_OF(X509_EXTENSION)| to hold the copy and sets
+// |*x| to the new list. It returns |*x| on success and NULL on error. The
+// caller retains ownership of |ex| and can release it independently of |*x|.
+//
+// The new extension is inserted at index |loc|, shifting extensions to the
+// right. If |loc| is -1 or out of bounds, the new extension is appended to the
+// list.
+OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509v3_add_ext(
+ STACK_OF(X509_EXTENSION) **x, const X509_EXTENSION *ex, int loc);
+
+
+// Algorithm identifiers.
+//
+// An |X509_ALGOR| represents an AlgorithmIdentifier structure, used in X.509
+// to represent signature algorithms and public key algorithms.
+
+DEFINE_STACK_OF(X509_ALGOR)
+
+// X509_ALGOR is an |ASN1_ITEM| whose ASN.1 type is AlgorithmIdentifier and C
+// type is |X509_ALGOR*|.
+DECLARE_ASN1_ITEM(X509_ALGOR)
+
+// X509_ALGOR_new returns a newly-allocated, empty |X509_ALGOR| object, or NULL
+// on error.
+OPENSSL_EXPORT X509_ALGOR *X509_ALGOR_new(void);
+
+// X509_ALGOR_dup returns a newly-allocated copy of |alg|, or NULL on error.
+// This function works by serializing the structure, so if |alg| is incomplete,
+// it may fail.
+OPENSSL_EXPORT X509_ALGOR *X509_ALGOR_dup(const X509_ALGOR *alg);
+
+// X509_ALGOR_free releases memory associated with |alg|.
+OPENSSL_EXPORT void X509_ALGOR_free(X509_ALGOR *alg);
+
+// d2i_X509_ALGOR parses up to |len| bytes from |*inp| as a DER-encoded
+// AlgorithmIdentifier, as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509_ALGOR *d2i_X509_ALGOR(X509_ALGOR **out, const uint8_t **inp,
+ long len);
+
+// i2d_X509_ALGOR marshals |alg| as a DER-encoded AlgorithmIdentifier, as
+// described in |i2d_SAMPLE|.
+OPENSSL_EXPORT int i2d_X509_ALGOR(const X509_ALGOR *alg, uint8_t **outp);
// X509_ALGOR_set0 sets |alg| to an AlgorithmIdentifier with algorithm |obj| and
// parameter determined by |param_type| and |param_value|. It returns one on
@@ -758,64 +1398,42 @@
// ordering.
OPENSSL_EXPORT int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
-OPENSSL_EXPORT X509_NAME *X509_NAME_dup(X509_NAME *xn);
-OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
-OPENSSL_EXPORT int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne);
-OPENSSL_EXPORT int X509_NAME_get0_der(X509_NAME *nm, const unsigned char **pder,
- size_t *pderlen);
-
-// X509_cmp_time compares |s| against |*t|. On success, it returns a negative
-// number if |s| <= |*t| and a positive number if |s| > |*t|. On error, it
-// returns zero. If |t| is NULL, it uses the current time instead of |*t|.
+// Attributes.
//
-// WARNING: Unlike most comparison functions, this function returns zero on
-// error, not equality.
-OPENSSL_EXPORT int X509_cmp_time(const ASN1_TIME *s, time_t *t);
+// Unlike certificates and CRLs, CSRs use a separate Attribute structure (RFC
+// 2985, RFC 2986) for extensibility. This is represented by the library as
+// |X509_ATTRIBUTE|.
-// X509_cmp_current_time behaves like |X509_cmp_time| but compares |s| against
-// the current time.
-OPENSSL_EXPORT int X509_cmp_current_time(const ASN1_TIME *s);
+DEFINE_STACK_OF(X509_ATTRIBUTE)
-// X509_time_adj calls |X509_time_adj_ex| with |offset_day| equal to zero.
-OPENSSL_EXPORT ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec,
- time_t *t);
+// X509_ATTRIBUTE is an |ASN1_ITEM| whose ASN.1 type is Attribute (RFC 2986) and
+// C type is |X509_ATTRIBUTE*|.
+DECLARE_ASN1_ITEM(X509_ATTRIBUTE)
-// X509_time_adj_ex behaves like |ASN1_TIME_adj|, but adds an offset to |*t|. If
-// |t| is NULL, it uses the current time instead of |*t|.
-OPENSSL_EXPORT ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s, int offset_day,
- long offset_sec, time_t *t);
+// X509_ATTRIBUTE_new returns a newly-allocated, empty |X509_ATTRIBUTE| object,
+// or NULL on error. |X509_ATTRIBUTE_set1_*| may be used to finish initializing
+// it.
+OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_new(void);
-// X509_gmtime_adj behaves like |X509_time_adj_ex| but adds |offset_sec| to the
-// current time.
-OPENSSL_EXPORT ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long offset_sec);
+// X509_ATTRIBUTE_dup returns a newly-allocated copy of |attr|, or NULL on
+// error. This function works by serializing the structure, so if |attr| is
+// incomplete, it may fail.
+OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_dup(const X509_ATTRIBUTE *attr);
-OPENSSL_EXPORT const char *X509_get_default_cert_area(void);
-OPENSSL_EXPORT const char *X509_get_default_cert_dir(void);
-OPENSSL_EXPORT const char *X509_get_default_cert_file(void);
-OPENSSL_EXPORT const char *X509_get_default_cert_dir_env(void);
-OPENSSL_EXPORT const char *X509_get_default_cert_file_env(void);
-OPENSSL_EXPORT const char *X509_get_default_private_dir(void);
+// X509_ATTRIBUTE_free releases memory associated with |attr|.
+OPENSSL_EXPORT void X509_ATTRIBUTE_free(X509_ATTRIBUTE *attr);
-DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
+// d2i_X509_ATTRIBUTE parses up to |len| bytes from |*inp| as a DER-encoded
+// Attribute (RFC 2986), as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **out,
+ const uint8_t **inp,
+ long len);
-DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
-
-// X509_PUBKEY_set serializes |pkey| into a newly-allocated |X509_PUBKEY|
-// structure. On success, it frees |*x|, sets |*x| to the new object, and
-// returns one. Otherwise, it returns zero.
-OPENSSL_EXPORT int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
-
-// X509_PUBKEY_get decodes the public key in |key| and returns an |EVP_PKEY| on
-// success, or NULL on error. The caller must release the result with
-// |EVP_PKEY_free| when done. The |EVP_PKEY| is cached in |key|, so callers must
-// not mutate the result.
-OPENSSL_EXPORT EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
-
-DECLARE_ASN1_FUNCTIONS(X509_SIG)
-DECLARE_ASN1_FUNCTIONS(X509_REQ)
-
-DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
+// i2d_X509_ATTRIBUTE marshals |alg| as a DER-encoded Attribute (RFC 2986), as
+// described in |i2d_SAMPLE|.
+OPENSSL_EXPORT int i2d_X509_ATTRIBUTE(const X509_ATTRIBUTE *alg,
+ uint8_t **outp);
// X509_ATTRIBUTE_create returns a newly-allocated |X509_ATTRIBUTE|, or NULL on
// error. The attribute has type |nid| and contains a single value determined by
@@ -824,890 +1442,6 @@
OPENSSL_EXPORT X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int attrtype,
void *value);
-DECLARE_ASN1_FUNCTIONS(X509_EXTENSION)
-DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
-
-DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
-
-DECLARE_ASN1_FUNCTIONS(X509_NAME)
-
-// X509_NAME_set makes a copy of |name|. On success, it frees |*xn|, sets |*xn|
-// to the copy, and returns one. Otherwise, it returns zero.
-OPENSSL_EXPORT int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
-
-DECLARE_ASN1_FUNCTIONS(X509)
-
-// X509_up_ref adds one to the reference count of |x509| and returns one.
-OPENSSL_EXPORT int X509_up_ref(X509 *x509);
-
-OPENSSL_EXPORT int X509_get_ex_new_index(long argl, void *argp,
- CRYPTO_EX_unused *unused,
- CRYPTO_EX_dup *dup_unused,
- CRYPTO_EX_free *free_func);
-OPENSSL_EXPORT int X509_set_ex_data(X509 *r, int idx, void *arg);
-OPENSSL_EXPORT void *X509_get_ex_data(X509 *r, int idx);
-
-// i2d_re_X509_tbs serializes the TBSCertificate portion of |x509|, as described
-// in |i2d_SAMPLE|.
-//
-// This function re-encodes the TBSCertificate and may not reflect |x509|'s
-// original encoding. It may be used to manually generate a signature for a new
-// certificate. To verify certificates, use |i2d_X509_tbs| instead.
-OPENSSL_EXPORT int i2d_re_X509_tbs(X509 *x509, unsigned char **outp);
-
-// i2d_X509_tbs serializes the TBSCertificate portion of |x509|, as described in
-// |i2d_SAMPLE|.
-//
-// This function preserves the original encoding of the TBSCertificate and may
-// not reflect modifications made to |x509|. It may be used to manually verify
-// the signature of an existing certificate. To generate certificates, use
-// |i2d_re_X509_tbs| instead.
-OPENSSL_EXPORT int i2d_X509_tbs(X509 *x509, unsigned char **outp);
-
-// X509_set1_signature_algo sets |x509|'s signature algorithm to |algo| and
-// returns one on success or zero on error. It updates both the signature field
-// of the TBSCertificate structure, and the signatureAlgorithm field of the
-// Certificate.
-OPENSSL_EXPORT int X509_set1_signature_algo(X509 *x509, const X509_ALGOR *algo);
-
-// X509_set1_signature_value sets |x509|'s signature to a copy of the |sig_len|
-// bytes pointed by |sig|. It returns one on success and zero on error.
-//
-// Due to a specification error, X.509 certificates store signatures in ASN.1
-// BIT STRINGs, but signature algorithms return byte strings rather than bit
-// strings. This function creates a BIT STRING containing a whole number of
-// bytes, with the bit order matching the DER encoding. This matches the
-// encoding used by all X.509 signature algorithms.
-OPENSSL_EXPORT int X509_set1_signature_value(X509 *x509, const uint8_t *sig,
- size_t sig_len);
-
-// X509_get0_signature sets |*out_sig| and |*out_alg| to the signature and
-// signature algorithm of |x509|, respectively. Either output pointer may be
-// NULL to ignore the value.
-//
-// This function outputs the outer signature algorithm. For the one in the
-// TBSCertificate, see |X509_get0_tbs_sigalg|. Certificates with mismatched
-// signature algorithms will successfully parse, but they will be rejected when
-// verifying.
-OPENSSL_EXPORT void X509_get0_signature(const ASN1_BIT_STRING **out_sig,
- const X509_ALGOR **out_alg,
- const X509 *x509);
-
-// X509_get_signature_nid returns the NID corresponding to |x509|'s signature
-// algorithm, or |NID_undef| if the signature algorithm does not correspond to
-// a known NID.
-OPENSSL_EXPORT int X509_get_signature_nid(const X509 *x509);
-
-
-// Auxiliary properties.
-//
-// |X509| objects optionally maintain auxiliary properties. These are not part
-// of the certificates themselves, and thus are not covered by signatures or
-// preserved by the standard serialization. They are used as inputs or outputs
-// to other functions in this library.
-
-// i2d_X509_AUX marshals |x509| as a DER-encoded X.509 Certificate (RFC 5280),
-// followed optionally by a separate, OpenSSL-specific structure with auxiliary
-// properties. It behaves as described in |i2d_SAMPLE|.
-//
-// Unlike similarly-named functions, this function does not output a single
-// ASN.1 element. Directly embedding the output in a larger ASN.1 structure will
-// not behave correctly.
-OPENSSL_EXPORT int i2d_X509_AUX(X509 *x509, unsigned char **outp);
-
-// d2i_X509_AUX parses up to |length| bytes from |*inp| as a DER-encoded X.509
-// Certificate (RFC 5280), followed optionally by a separate, OpenSSL-specific
-// structure with auxiliary properties. It behaves as described in
-// |d2i_SAMPLE_with_reuse|.
-//
-// Some auxiliary properties affect trust decisions, so this function should not
-// be used with untrusted input.
-//
-// Unlike similarly-named functions, this function does not parse a single
-// ASN.1 element. Trying to parse data directly embedded in a larger ASN.1
-// structure will not behave correctly.
-OPENSSL_EXPORT X509 *d2i_X509_AUX(X509 **x509, const unsigned char **inp,
- long length);
-
-// X509_alias_set1 sets |x509|'s alias to |len| bytes from |name|. If |name| is
-// NULL, the alias is cleared instead. Aliases are not part of the certificate
-// itself and will not be serialized by |i2d_X509|.
-OPENSSL_EXPORT int X509_alias_set1(X509 *x509, const unsigned char *name,
- int len);
-
-// X509_keyid_set1 sets |x509|'s key ID to |len| bytes from |id|. If |id| is
-// NULL, the key ID is cleared instead. Key IDs are not part of the certificate
-// itself and will not be serialized by |i2d_X509|.
-OPENSSL_EXPORT int X509_keyid_set1(X509 *x509, const unsigned char *id,
- int len);
-
-// X509_alias_get0 looks up |x509|'s alias. If found, it sets |*out_len| to the
-// alias's length and returns a pointer to a buffer containing the contents. If
-// not found, it outputs the empty string by returning NULL and setting
-// |*out_len| to zero.
-//
-// If |x509| was parsed from a PKCS#12 structure (see
-// |PKCS12_get_key_and_certs|), the alias will reflect the friendlyName
-// attribute (RFC 2985).
-//
-// WARNING: In OpenSSL, this function did not set |*out_len| when the alias was
-// missing. Callers that target both OpenSSL and BoringSSL should set the value
-// to zero before calling this function.
-OPENSSL_EXPORT unsigned char *X509_alias_get0(X509 *x509, int *out_len);
-
-// X509_keyid_get0 looks up |x509|'s key ID. If found, it sets |*out_len| to the
-// key ID's length and returns a pointer to a buffer containing the contents. If
-// not found, it outputs the empty string by returning NULL and setting
-// |*out_len| to zero.
-//
-// WARNING: In OpenSSL, this function did not set |*out_len| when the alias was
-// missing. Callers that target both OpenSSL and BoringSSL should set the value
-// to zero before calling this function.
-OPENSSL_EXPORT unsigned char *X509_keyid_get0(X509 *x509, int *out_len);
-
-OPENSSL_EXPORT int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
-OPENSSL_EXPORT int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
-OPENSSL_EXPORT void X509_trust_clear(X509 *x);
-OPENSSL_EXPORT void X509_reject_clear(X509 *x);
-
-
-OPENSSL_EXPORT int X509_TRUST_set(int *t, int trust);
-
-DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
-DECLARE_ASN1_FUNCTIONS(X509_CRL)
-
-OPENSSL_EXPORT int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
-OPENSSL_EXPORT int X509_CRL_get0_by_serial(X509_CRL *crl, X509_REVOKED **ret,
- ASN1_INTEGER *serial);
-OPENSSL_EXPORT int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret,
- X509 *x);
-
-OPENSSL_EXPORT X509_PKEY *X509_PKEY_new(void);
-OPENSSL_EXPORT void X509_PKEY_free(X509_PKEY *a);
-
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
-
-OPENSSL_EXPORT X509_INFO *X509_INFO_new(void);
-OPENSSL_EXPORT void X509_INFO_free(X509_INFO *a);
-OPENSSL_EXPORT char *X509_NAME_oneline(const X509_NAME *a, char *buf, int size);
-
-OPENSSL_EXPORT int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
- unsigned char *md, unsigned int *len);
-
-OPENSSL_EXPORT int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type,
- void *data, unsigned char *md,
- unsigned int *len);
-
-OPENSSL_EXPORT int ASN1_item_verify(const ASN1_ITEM *it,
- const X509_ALGOR *algor1,
- const ASN1_BIT_STRING *signature,
- void *data, EVP_PKEY *pkey);
-
-OPENSSL_EXPORT int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
- X509_ALGOR *algor2,
- ASN1_BIT_STRING *signature, void *data,
- EVP_PKEY *pkey, const EVP_MD *type);
-OPENSSL_EXPORT int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
- X509_ALGOR *algor2,
- ASN1_BIT_STRING *signature, void *asn,
- EVP_MD_CTX *ctx);
-
-// X509_get_serialNumber returns a mutable pointer to |x509|'s serial number.
-// Prefer |X509_get0_serialNumber|.
-OPENSSL_EXPORT ASN1_INTEGER *X509_get_serialNumber(X509 *x509);
-
-// X509_set_issuer_name sets |x509|'s issuer to a copy of |name|. It returns one
-// on success and zero on error.
-OPENSSL_EXPORT int X509_set_issuer_name(X509 *x509, X509_NAME *name);
-
-// X509_get_issuer_name returns |x509|'s issuer.
-OPENSSL_EXPORT X509_NAME *X509_get_issuer_name(const X509 *x509);
-
-// X509_set_subject_name sets |x509|'s subject to a copy of |name|. It returns
-// one on success and zero on error.
-OPENSSL_EXPORT int X509_set_subject_name(X509 *x509, X509_NAME *name);
-
-// X509_get_issuer_name returns |x509|'s subject.
-OPENSSL_EXPORT X509_NAME *X509_get_subject_name(const X509 *x509);
-
-// X509_set_pubkey sets |x509|'s public key to |pkey|. It returns one on success
-// and zero on error. This function does not take ownership of |pkey| and
-// internally copies and updates reference counts as needed.
-OPENSSL_EXPORT int X509_set_pubkey(X509 *x509, EVP_PKEY *pkey);
-
-// X509_get_pubkey returns |x509|'s public key as an |EVP_PKEY|, or NULL if the
-// public key was unsupported or could not be decoded. This function returns a
-// reference to the |EVP_PKEY|. The caller must release the result with
-// |EVP_PKEY_free| when done.
-OPENSSL_EXPORT EVP_PKEY *X509_get_pubkey(X509 *x509);
-
-// X509_get0_pubkey_bitstr returns the BIT STRING portion of |x509|'s public
-// key. Note this does not contain the AlgorithmIdentifier portion.
-//
-// WARNING: This function returns a non-const pointer for OpenSSL compatibility,
-// but the caller must not modify the resulting object. Doing so will break
-// internal invariants in |x509|.
-OPENSSL_EXPORT ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x509);
-
-// X509_get0_extensions returns |x509|'s extension list, or NULL if |x509| omits
-// it.
-OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_get0_extensions(
- const X509 *x509);
-
-// X509_get0_tbs_sigalg returns the signature algorithm in |x509|'s
-// TBSCertificate. For the outer signature algorithm, see |X509_get0_signature|.
-//
-// Certificates with mismatched signature algorithms will successfully parse,
-// but they will be rejected when verifying.
-OPENSSL_EXPORT const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x509);
-
-// X509_REQ_set_version sets |req|'s version to |version|, which should be
-// |X509_REQ_VERSION_1|. It returns one on success and zero on error.
-//
-// The only defined CSR version is |X509_REQ_VERSION_1|, so there is no need to
-// call this function.
-OPENSSL_EXPORT int X509_REQ_set_version(X509_REQ *req, long version);
-
-// X509_REQ_set_subject_name sets |req|'s subject to a copy of |name|. It
-// returns one on success and zero on error.
-OPENSSL_EXPORT int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
-
-// X509_REQ_get0_signature sets |*out_sig| and |*out_alg| to the signature and
-// signature algorithm of |req|, respectively. Either output pointer may be NULL
-// to ignore the value.
-OPENSSL_EXPORT void X509_REQ_get0_signature(const X509_REQ *req,
- const ASN1_BIT_STRING **out_sig,
- const X509_ALGOR **out_alg);
-
-// X509_REQ_get_signature_nid returns the NID corresponding to |req|'s signature
-// algorithm, or |NID_undef| if the signature algorithm does not correspond to
-// a known NID.
-OPENSSL_EXPORT int X509_REQ_get_signature_nid(const X509_REQ *req);
-
-// i2d_re_X509_REQ_tbs serializes the CertificationRequestInfo (see RFC 2986)
-// portion of |req|, as described in |i2d_SAMPLE|.
-//
-// This function re-encodes the CertificationRequestInfo and may not reflect
-// |req|'s original encoding. It may be used to manually generate a signature
-// for a new certificate request.
-OPENSSL_EXPORT int i2d_re_X509_REQ_tbs(X509_REQ *req, uint8_t **outp);
-
-// X509_REQ_set_pubkey sets |req|'s public key to |pkey|. It returns one on
-// success and zero on error. This function does not take ownership of |pkey|
-// and internally copies and updates reference counts as needed.
-OPENSSL_EXPORT int X509_REQ_set_pubkey(X509_REQ *req, EVP_PKEY *pkey);
-
-// X509_REQ_get_pubkey returns |req|'s public key as an |EVP_PKEY|, or NULL if
-// the public key was unsupported or could not be decoded. This function returns
-// a reference to the |EVP_PKEY|. The caller must release the result with
-// |EVP_PKEY_free| when done.
-OPENSSL_EXPORT EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
-
-// X509_REQ_extension_nid returns one if |nid| is a supported CSR attribute type
-// for carrying extensions and zero otherwise. The supported types are
-// |NID_ext_req| (pkcs-9-at-extensionRequest from RFC 2985) and |NID_ms_ext_req|
-// (a Microsoft szOID_CERT_EXTENSIONS variant).
-OPENSSL_EXPORT int X509_REQ_extension_nid(int nid);
-
-// X509_REQ_get_extensions decodes the list of requested extensions in |req| and
-// returns a newly-allocated |STACK_OF(X509_EXTENSION)| containing the result.
-// It returns NULL on error, or if |req| did not request extensions.
-//
-// This function supports both pkcs-9-at-extensionRequest from RFC 2985 and the
-// Microsoft szOID_CERT_EXTENSIONS variant.
-OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
-
-// X509_REQ_add_extensions_nid adds an attribute to |req| of type |nid|, to
-// request the certificate extensions in |exts|. It returns one on success and
-// zero on error. |nid| should be |NID_ext_req| or |NID_ms_ext_req|.
-OPENSSL_EXPORT int X509_REQ_add_extensions_nid(
- X509_REQ *req, const STACK_OF(X509_EXTENSION) *exts, int nid);
-
-// X509_REQ_add_extensions behaves like |X509_REQ_add_extensions_nid|, using the
-// standard |NID_ext_req| for the attribute type.
-OPENSSL_EXPORT int X509_REQ_add_extensions(
- X509_REQ *req, const STACK_OF(X509_EXTENSION) *exts);
-
-// X509_REQ_get_attr_count returns the number of attributes in |req|.
-OPENSSL_EXPORT int X509_REQ_get_attr_count(const X509_REQ *req);
-
-// X509_REQ_get_attr_by_NID returns the index of the attribute in |req| of type
-// |nid|, or a negative number if not found. If found, callers can use
-// |X509_REQ_get_attr| to look up the attribute by index.
-//
-// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
-// can thus loop over all matching attributes by first passing -1 and then
-// passing the previously-returned value until no match is returned.
-OPENSSL_EXPORT int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
- int lastpos);
-
-// X509_REQ_get_attr_by_OBJ behaves like |X509_REQ_get_attr_by_NID| but looks
-// for attributes of type |obj|.
-OPENSSL_EXPORT int X509_REQ_get_attr_by_OBJ(const X509_REQ *req,
- const ASN1_OBJECT *obj,
- int lastpos);
-
-// X509_REQ_get_attr returns the attribute at index |loc| in |req|, or NULL if
-// out of bounds.
-OPENSSL_EXPORT X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
-
-// X509_REQ_delete_attr removes the attribute at index |loc| in |req|. It
-// returns the removed attribute to the caller, or NULL if |loc| was out of
-// bounds. If non-NULL, the caller must release the result with
-// |X509_ATTRIBUTE_free| when done. It is also safe, but not necessary, to call
-// |X509_ATTRIBUTE_free| if the result is NULL.
-OPENSSL_EXPORT X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
-
-// X509_REQ_add1_attr appends a copy of |attr| to |req|'s list of attributes. It
-// returns one on success and zero on error.
-//
-// TODO(https://crbug.com/boringssl/407): |attr| should be const.
-OPENSSL_EXPORT int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
-
-// X509_REQ_add1_attr_by_OBJ appends a new attribute to |req| with type |obj|.
-// It returns one on success and zero on error. The value is determined by
-// |X509_ATTRIBUTE_set1_data|.
-//
-// WARNING: The interpretation of |attrtype|, |data|, and |len| is complex and
-// error-prone. See |X509_ATTRIBUTE_set1_data| for details.
-OPENSSL_EXPORT int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
- const ASN1_OBJECT *obj,
- int attrtype,
- const unsigned char *data,
- int len);
-
-// X509_REQ_add1_attr_by_NID behaves like |X509_REQ_add1_attr_by_OBJ| except the
-// attribute type is determined by |nid|.
-OPENSSL_EXPORT int X509_REQ_add1_attr_by_NID(X509_REQ *req, int nid,
- int attrtype,
- const unsigned char *data,
- int len);
-
-// X509_REQ_add1_attr_by_txt behaves like |X509_REQ_add1_attr_by_OBJ| except the
-// attribute type is determined by calling |OBJ_txt2obj| with |attrname|.
-OPENSSL_EXPORT int X509_REQ_add1_attr_by_txt(X509_REQ *req,
- const char *attrname, int attrtype,
- const unsigned char *data,
- int len);
-
-// X509_CRL_set_version sets |crl|'s version to |version|, which should be one
-// of the |X509_CRL_VERSION_*| constants. It returns one on success and zero on
-// error.
-//
-// If unsure, use |X509_CRL_VERSION_2|. Note that, unlike certificates, CRL
-// versions are only defined up to v2. Callers should not use |X509_VERSION_3|.
-OPENSSL_EXPORT int X509_CRL_set_version(X509_CRL *crl, long version);
-
-// X509_CRL_set_issuer_name sets |crl|'s issuer to a copy of |name|. It returns
-// one on success and zero on error.
-OPENSSL_EXPORT int X509_CRL_set_issuer_name(X509_CRL *crl, X509_NAME *name);
-
-OPENSSL_EXPORT int X509_CRL_sort(X509_CRL *crl);
-
-// X509_CRL_up_ref adds one to the reference count of |crl| and returns one.
-OPENSSL_EXPORT int X509_CRL_up_ref(X509_CRL *crl);
-
-// X509_CRL_get0_signature sets |*out_sig| and |*out_alg| to the signature and
-// signature algorithm of |crl|, respectively. Either output pointer may be NULL
-// to ignore the value.
-//
-// This function outputs the outer signature algorithm, not the one in the
-// TBSCertList. CRLs with mismatched signature algorithms will successfully
-// parse, but they will be rejected when verifying.
-OPENSSL_EXPORT void X509_CRL_get0_signature(const X509_CRL *crl,
- const ASN1_BIT_STRING **out_sig,
- const X509_ALGOR **out_alg);
-
-// X509_CRL_get_signature_nid returns the NID corresponding to |crl|'s signature
-// algorithm, or |NID_undef| if the signature algorithm does not correspond to
-// a known NID.
-OPENSSL_EXPORT int X509_CRL_get_signature_nid(const X509_CRL *crl);
-
-// i2d_re_X509_CRL_tbs serializes the TBSCertList portion of |crl|, as described
-// in |i2d_SAMPLE|.
-//
-// This function re-encodes the TBSCertList and may not reflect |crl|'s original
-// encoding. It may be used to manually generate a signature for a new CRL. To
-// verify CRLs, use |i2d_X509_CRL_tbs| instead.
-OPENSSL_EXPORT int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp);
-
-// i2d_X509_CRL_tbs serializes the TBSCertList portion of |crl|, as described in
-// |i2d_SAMPLE|.
-//
-// This function preserves the original encoding of the TBSCertList and may not
-// reflect modifications made to |crl|. It may be used to manually verify the
-// signature of an existing CRL. To generate CRLs, use |i2d_re_X509_CRL_tbs|
-// instead.
-OPENSSL_EXPORT int i2d_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp);
-
-// X509_CRL_set1_signature_algo sets |crl|'s signature algorithm to |algo| and
-// returns one on success or zero on error. It updates both the signature field
-// of the TBSCertList structure, and the signatureAlgorithm field of the CRL.
-OPENSSL_EXPORT int X509_CRL_set1_signature_algo(X509_CRL *crl,
- const X509_ALGOR *algo);
-
-// X509_CRL_set1_signature_value sets |crl|'s signature to a copy of the
-// |sig_len| bytes pointed by |sig|. It returns one on success and zero on
-// error.
-//
-// Due to a specification error, X.509 CRLs store signatures in ASN.1 BIT
-// STRINGs, but signature algorithms return byte strings rather than bit
-// strings. This function creates a BIT STRING containing a whole number of
-// bytes, with the bit order matching the DER encoding. This matches the
-// encoding used by all X.509 signature algorithms.
-OPENSSL_EXPORT int X509_CRL_set1_signature_value(X509_CRL *crl,
- const uint8_t *sig,
- size_t sig_len);
-
-// X509_REVOKED_get0_serialNumber returns the serial number of the certificate
-// revoked by |revoked|.
-OPENSSL_EXPORT const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(
- const X509_REVOKED *revoked);
-
-// X509_REVOKED_set_serialNumber sets |revoked|'s serial number to |serial|. It
-// returns one on success or zero on error.
-OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *revoked,
- const ASN1_INTEGER *serial);
-
-// X509_REVOKED_get0_revocationDate returns the revocation time of the
-// certificate revoked by |revoked|.
-OPENSSL_EXPORT const ASN1_TIME *X509_REVOKED_get0_revocationDate(
- const X509_REVOKED *revoked);
-
-// X509_REVOKED_set_revocationDate sets |revoked|'s revocation time to |tm|. It
-// returns one on success or zero on error.
-OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *revoked,
- const ASN1_TIME *tm);
-
-// X509_REVOKED_get0_extensions returns |r|'s extensions list, or NULL if |r|
-// omits it.
-OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(
- const X509_REVOKED *r);
-
-OPENSSL_EXPORT X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
- EVP_PKEY *skey, const EVP_MD *md,
- unsigned int flags);
-
-OPENSSL_EXPORT int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey);
-
-OPENSSL_EXPORT int X509_check_private_key(X509 *x509, const EVP_PKEY *pkey);
-OPENSSL_EXPORT int X509_chain_check_suiteb(int *perror_depth, X509 *x,
- STACK_OF(X509) *chain,
- unsigned long flags);
-OPENSSL_EXPORT int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk,
- unsigned long flags);
-
-// X509_chain_up_ref returns a newly-allocated |STACK_OF(X509)| containing a
-// shallow copy of |chain|, or NULL on error. That is, the return value has the
-// same contents as |chain|, and each |X509|'s reference count is incremented by
-// one.
-OPENSSL_EXPORT STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
-
-OPENSSL_EXPORT int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
-
-OPENSSL_EXPORT int X509_issuer_name_cmp(const X509 *a, const X509 *b);
-OPENSSL_EXPORT unsigned long X509_issuer_name_hash(X509 *a);
-
-OPENSSL_EXPORT int X509_subject_name_cmp(const X509 *a, const X509 *b);
-OPENSSL_EXPORT unsigned long X509_subject_name_hash(X509 *x);
-
-OPENSSL_EXPORT unsigned long X509_issuer_name_hash_old(X509 *a);
-OPENSSL_EXPORT unsigned long X509_subject_name_hash_old(X509 *x);
-
-OPENSSL_EXPORT int X509_cmp(const X509 *a, const X509 *b);
-OPENSSL_EXPORT int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
-OPENSSL_EXPORT unsigned long X509_NAME_hash(X509_NAME *x);
-OPENSSL_EXPORT unsigned long X509_NAME_hash_old(X509_NAME *x);
-
-OPENSSL_EXPORT int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
-OPENSSL_EXPORT int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
-OPENSSL_EXPORT int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag,
- unsigned long cflag);
-OPENSSL_EXPORT int X509_print_fp(FILE *bp, X509 *x);
-OPENSSL_EXPORT int X509_CRL_print_fp(FILE *bp, X509_CRL *x);
-OPENSSL_EXPORT int X509_REQ_print_fp(FILE *bp, X509_REQ *req);
-OPENSSL_EXPORT int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm,
- int indent, unsigned long flags);
-
-OPENSSL_EXPORT int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase);
-OPENSSL_EXPORT int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent,
- unsigned long flags);
-OPENSSL_EXPORT int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag,
- unsigned long cflag);
-OPENSSL_EXPORT int X509_print(BIO *bp, X509 *x);
-OPENSSL_EXPORT int X509_ocspid_print(BIO *bp, X509 *x);
-OPENSSL_EXPORT int X509_CRL_print(BIO *bp, X509_CRL *x);
-OPENSSL_EXPORT int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag,
- unsigned long cflag);
-OPENSSL_EXPORT int X509_REQ_print(BIO *bp, X509_REQ *req);
-
-OPENSSL_EXPORT int X509_NAME_entry_count(const X509_NAME *name);
-OPENSSL_EXPORT int X509_NAME_get_text_by_NID(const X509_NAME *name, int nid,
- char *buf, int len);
-OPENSSL_EXPORT int X509_NAME_get_text_by_OBJ(const X509_NAME *name,
- const ASN1_OBJECT *obj, char *buf,
- int len);
-
-// NOTE: you should be passsing -1, not 0 as lastpos. The functions that use
-// lastpos, search after that position on.
-OPENSSL_EXPORT int X509_NAME_get_index_by_NID(const X509_NAME *name, int nid,
- int lastpos);
-OPENSSL_EXPORT int X509_NAME_get_index_by_OBJ(const X509_NAME *name,
- const ASN1_OBJECT *obj,
- int lastpos);
-OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name,
- int loc);
-OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name,
- int loc);
-OPENSSL_EXPORT int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne,
- int loc, int set);
-OPENSSL_EXPORT int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
- int type,
- const unsigned char *bytes,
- int len, int loc, int set);
-OPENSSL_EXPORT int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid,
- int type,
- const unsigned char *bytes,
- int len, int loc, int set);
-OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(
- X509_NAME_ENTRY **ne, const char *field, int type,
- const unsigned char *bytes, int len);
-OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(
- X509_NAME_ENTRY **ne, int nid, int type, const unsigned char *bytes,
- int len);
-OPENSSL_EXPORT int X509_NAME_add_entry_by_txt(X509_NAME *name,
- const char *field, int type,
- const unsigned char *bytes,
- int len, int loc, int set);
-OPENSSL_EXPORT X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(
- X509_NAME_ENTRY **ne, const ASN1_OBJECT *obj, int type,
- const unsigned char *bytes, int len);
-OPENSSL_EXPORT int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne,
- const ASN1_OBJECT *obj);
-OPENSSL_EXPORT int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
- const unsigned char *bytes,
- int len);
-OPENSSL_EXPORT ASN1_OBJECT *X509_NAME_ENTRY_get_object(
- const X509_NAME_ENTRY *ne);
-OPENSSL_EXPORT ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
-
-// X509v3_get_ext_count returns the number of extensions in |x|.
-OPENSSL_EXPORT int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
-
-// X509v3_get_ext_by_NID returns the index of the first extension in |x| with
-// type |nid|, or a negative number if not found. If found, callers can use
-// |X509v3_get_ext| to look up the extension by index.
-//
-// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
-// can thus loop over all matching extensions by first passing -1 and then
-// passing the previously-returned value until no match is returned.
-OPENSSL_EXPORT int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
- int nid, int lastpos);
-
-// X509v3_get_ext_by_OBJ behaves like |X509v3_get_ext_by_NID| but looks for
-// extensions matching |obj|.
-OPENSSL_EXPORT int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
- const ASN1_OBJECT *obj, int lastpos);
-
-// X509v3_get_ext_by_critical returns the index of the first extension in |x|
-// whose critical bit matches |crit|, or a negative number if no such extension
-// was found.
-//
-// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
-// can thus loop over all matching extensions by first passing -1 and then
-// passing the previously-returned value until no match is returned.
-OPENSSL_EXPORT int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
- int crit, int lastpos);
-
-// X509v3_get_ext returns the extension in |x| at index |loc|, or NULL if |loc|
-// is out of bounds.
-OPENSSL_EXPORT X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x,
- int loc);
-
-// X509v3_delete_ext removes the extension in |x| at index |loc| and returns the
-// removed extension, or NULL if |loc| was out of bounds. If an extension was
-// returned, the caller must release it with |X509_EXTENSION_free|.
-OPENSSL_EXPORT X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x,
- int loc);
-
-// X509v3_add_ext adds a copy of |ex| to the extension list in |*x|. If |*x| is
-// NULL, it allocates a new |STACK_OF(X509_EXTENSION)| to hold the copy and sets
-// |*x| to the new list. It returns |*x| on success and NULL on error. The
-// caller retains ownership of |ex| and can release it independently of |*x|.
-//
-// The new extension is inserted at index |loc|, shifting extensions to the
-// right. If |loc| is -1 or out of bounds, the new extension is appended to the
-// list.
-OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509v3_add_ext(
- STACK_OF(X509_EXTENSION) **x, X509_EXTENSION *ex, int loc);
-
-// X509_get_ext_count returns the number of extensions in |x|.
-OPENSSL_EXPORT int X509_get_ext_count(const X509 *x);
-
-// X509_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches for
-// extensions in |x|.
-OPENSSL_EXPORT int X509_get_ext_by_NID(const X509 *x, int nid, int lastpos);
-
-// X509_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches for
-// extensions in |x|.
-OPENSSL_EXPORT int X509_get_ext_by_OBJ(const X509 *x, const ASN1_OBJECT *obj,
- int lastpos);
-
-// X509_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| but
-// searches for extensions in |x|.
-OPENSSL_EXPORT int X509_get_ext_by_critical(const X509 *x, int crit,
- int lastpos);
-
-// X509_get_ext returns the extension in |x| at index |loc|, or NULL if |loc| is
-// out of bounds.
-OPENSSL_EXPORT X509_EXTENSION *X509_get_ext(const X509 *x, int loc);
-
-// X509_delete_ext removes the extension in |x| at index |loc| and returns the
-// removed extension, or NULL if |loc| was out of bounds. If non-NULL, the
-// caller must release the result with |X509_EXTENSION_free|. It is also safe,
-// but not necessary, to call |X509_EXTENSION_free| if the result is NULL.
-OPENSSL_EXPORT X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
-
-// X509_add_ext adds a copy of |ex| to |x|. It returns one on success and zero
-// on failure. The caller retains ownership of |ex| and can release it
-// independently of |x|.
-//
-// The new extension is inserted at index |loc|, shifting extensions to the
-// right. If |loc| is -1 or out of bounds, the new extension is appended to the
-// list.
-OPENSSL_EXPORT int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
-
-// X509_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the extension in
-// |x509|'s extension list.
-//
-// WARNING: This function is difficult to use correctly. See the documentation
-// for |X509V3_get_d2i| for details.
-OPENSSL_EXPORT void *X509_get_ext_d2i(const X509 *x509, int nid,
- int *out_critical, int *out_idx);
-
-// X509_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the extension to
-// |x|'s extension list.
-//
-// WARNING: This function may return zero or -1 on error. The caller must also
-// ensure |value|'s type matches |nid|. See the documentation for
-// |X509V3_add1_i2d| for details.
-OPENSSL_EXPORT int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
- unsigned long flags);
-
-// X509_CRL_get_ext_count returns the number of extensions in |x|.
-OPENSSL_EXPORT int X509_CRL_get_ext_count(const X509_CRL *x);
-
-// X509_CRL_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches for
-// extensions in |x|.
-OPENSSL_EXPORT int X509_CRL_get_ext_by_NID(const X509_CRL *x, int nid,
- int lastpos);
-
-// X509_CRL_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches for
-// extensions in |x|.
-OPENSSL_EXPORT int X509_CRL_get_ext_by_OBJ(const X509_CRL *x,
- const ASN1_OBJECT *obj, int lastpos);
-
-// X509_CRL_get_ext_by_critical behaves like |X509v3_get_ext_by_critical| but
-// searches for extensions in |x|.
-OPENSSL_EXPORT int X509_CRL_get_ext_by_critical(const X509_CRL *x, int crit,
- int lastpos);
-
-// X509_CRL_get_ext returns the extension in |x| at index |loc|, or NULL if
-// |loc| is out of bounds.
-OPENSSL_EXPORT X509_EXTENSION *X509_CRL_get_ext(const X509_CRL *x, int loc);
-
-// X509_CRL_delete_ext removes the extension in |x| at index |loc| and returns
-// the removed extension, or NULL if |loc| was out of bounds. If non-NULL, the
-// caller must release the result with |X509_EXTENSION_free|. It is also safe,
-// but not necessary, to call |X509_EXTENSION_free| if the result is NULL.
-OPENSSL_EXPORT X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
-
-// X509_CRL_add_ext adds a copy of |ex| to |x|. It returns one on success and
-// zero on failure. The caller retains ownership of |ex| and can release it
-// independently of |x|.
-//
-// The new extension is inserted at index |loc|, shifting extensions to the
-// right. If |loc| is -1 or out of bounds, the new extension is appended to the
-// list.
-OPENSSL_EXPORT int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
-
-// X509_CRL_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the
-// extension in |crl|'s extension list.
-//
-// WARNING: This function is difficult to use correctly. See the documentation
-// for |X509V3_get_d2i| for details.
-OPENSSL_EXPORT void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid,
- int *out_critical, int *out_idx);
-
-// X509_CRL_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the extension
-// to |x|'s extension list.
-//
-// WARNING: This function may return zero or -1 on error. The caller must also
-// ensure |value|'s type matches |nid|. See the documentation for
-// |X509V3_add1_i2d| for details.
-OPENSSL_EXPORT int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value,
- int crit, unsigned long flags);
-
-// X509_REVOKED_get_ext_count returns the number of extensions in |x|.
-OPENSSL_EXPORT int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
-
-// X509_REVOKED_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches
-// for extensions in |x|.
-OPENSSL_EXPORT int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid,
- int lastpos);
-
-// X509_REVOKED_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches
-// for extensions in |x|.
-OPENSSL_EXPORT int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x,
- const ASN1_OBJECT *obj,
- int lastpos);
-
-// X509_REVOKED_get_ext_by_critical behaves like |X509v3_get_ext_by_critical|
-// but searches for extensions in |x|.
-OPENSSL_EXPORT int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x,
- int crit, int lastpos);
-
-// X509_REVOKED_get_ext returns the extension in |x| at index |loc|, or NULL if
-// |loc| is out of bounds.
-OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x,
- int loc);
-
-// X509_REVOKED_delete_ext removes the extension in |x| at index |loc| and
-// returns the removed extension, or NULL if |loc| was out of bounds. If
-// non-NULL, the caller must release the result with |X509_EXTENSION_free|. It
-// is also safe, but not necessary, to call |X509_EXTENSION_free| if the result
-// is NULL.
-OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x,
- int loc);
-
-// X509_REVOKED_add_ext adds a copy of |ex| to |x|. It returns one on success
-// and zero on failure. The caller retains ownership of |ex| and can release it
-// independently of |x|.
-//
-// The new extension is inserted at index |loc|, shifting extensions to the
-// right. If |loc| is -1 or out of bounds, the new extension is appended to the
-// list.
-OPENSSL_EXPORT int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex,
- int loc);
-
-// X509_REVOKED_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the
-// extension in |revoked|'s extension list.
-//
-// WARNING: This function is difficult to use correctly. See the documentation
-// for |X509V3_get_d2i| for details.
-OPENSSL_EXPORT void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *revoked,
- int nid, int *out_critical,
- int *out_idx);
-
-// X509_REVOKED_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the
-// extension to |x|'s extension list.
-//
-// WARNING: This function may return zero or -1 on error. The caller must also
-// ensure |value|'s type matches |nid|. See the documentation for
-// |X509V3_add1_i2d| for details.
-OPENSSL_EXPORT int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid,
- void *value, int crit,
- unsigned long flags);
-
-// X509_EXTENSION_create_by_NID creates a new |X509_EXTENSION| with type |nid|,
-// value |data|, and critical bit |crit|. It returns the newly-allocated
-// |X509_EXTENSION| on success, and false on error. |nid| should be a |NID_*|
-// constant.
-//
-// If |ex| and |*ex| are both non-NULL, it modifies and returns |*ex| instead of
-// creating a new object. If |ex| is non-NULL, but |*ex| is NULL, it sets |*ex|
-// to the new |X509_EXTENSION|, in addition to returning the result.
-OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_NID(
- X509_EXTENSION **ex, int nid, int crit, const ASN1_OCTET_STRING *data);
-
-// X509_EXTENSION_create_by_OBJ behaves like |X509_EXTENSION_create_by_NID|, but
-// the extension type is determined by an |ASN1_OBJECT|.
-OPENSSL_EXPORT X509_EXTENSION *X509_EXTENSION_create_by_OBJ(
- X509_EXTENSION **ex, const ASN1_OBJECT *obj, int crit,
- const ASN1_OCTET_STRING *data);
-
-// X509_EXTENSION_set_object sets |ex|'s extension type to |obj|. It returns one
-// on success and zero on error.
-OPENSSL_EXPORT int X509_EXTENSION_set_object(X509_EXTENSION *ex,
- const ASN1_OBJECT *obj);
-
-// X509_EXTENSION_set_critical sets |ex| to critical if |crit| is non-zero and
-// to non-critical if |crit| is zero.
-OPENSSL_EXPORT int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
-
-// X509_EXTENSION_set_data set's |ex|'s extension value to a copy of |data|. It
-// returns one on success and zero on error.
-OPENSSL_EXPORT int X509_EXTENSION_set_data(X509_EXTENSION *ex,
- const ASN1_OCTET_STRING *data);
-
-// X509_EXTENSION_get_object returns |ex|'s extension type.
-OPENSSL_EXPORT ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
-
-// X509_EXTENSION_get_data returns |ne|'s extension value.
-OPENSSL_EXPORT ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
-
-// X509_EXTENSION_get_critical returns one if |ex| is critical and zero
-// otherwise.
-OPENSSL_EXPORT int X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
-
-// X509at_get_attr_count returns the number of attributes in |x|.
-OPENSSL_EXPORT int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
-
-// X509at_get_attr_by_NID returns the index of the attribute in |x| of type
-// |nid|, or a negative number if not found. If found, callers can use
-// |X509at_get_attr| to look up the attribute by index.
-//
-// If |lastpos| is non-negative, it begins searching at |lastpos| + 1. Callers
-// can thus loop over all matching attributes by first passing -1 and then
-// passing the previously-returned value until no match is returned.
-OPENSSL_EXPORT int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x,
- int nid, int lastpos);
-
-// X509at_get_attr_by_OBJ behaves like |X509at_get_attr_by_NID| but looks for
-// attributes of type |obj|.
-OPENSSL_EXPORT int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
- const ASN1_OBJECT *obj, int lastpos);
-
-// X509at_get_attr returns the attribute at index |loc| in |x|, or NULL if
-// out of bounds.
-OPENSSL_EXPORT X509_ATTRIBUTE *X509at_get_attr(
- const STACK_OF(X509_ATTRIBUTE) *x, int loc);
-
-// X509at_delete_attr removes the attribute at index |loc| in |x|. It returns
-// the removed attribute to the caller, or NULL if |loc| was out of bounds. If
-// non-NULL, the caller must release the result with |X509_ATTRIBUTE_free| when
-// done. It is also safe, but not necessary, to call |X509_ATTRIBUTE_free| if
-// the result is NULL.
-OPENSSL_EXPORT X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x,
- int loc);
-
-// X509at_add1_attr appends a copy of |attr| to the attribute list in |*x|. If
-// |*x| is NULL, it allocates a new |STACK_OF(X509_ATTRIBUTE)| to hold the copy
-// and sets |*x| to the new list. It returns |*x| on success and NULL on error.
-// The caller retains ownership of |attr| and can release it independently of
-// |*x|.
-OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(
- STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *attr);
-
-// X509at_add1_attr_by_OBJ behaves like |X509at_add1_attr|, but adds an
-// attribute created by |X509_ATTRIBUTE_create_by_OBJ|.
-OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(
- STACK_OF(X509_ATTRIBUTE) **x, const ASN1_OBJECT *obj, int type,
- const unsigned char *bytes, int len);
-
-// X509at_add1_attr_by_NID behaves like |X509at_add1_attr|, but adds an
-// attribute created by |X509_ATTRIBUTE_create_by_NID|.
-OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(
- STACK_OF(X509_ATTRIBUTE) **x, int nid, int type, const unsigned char *bytes,
- int len);
-
-// X509at_add1_attr_by_txt behaves like |X509at_add1_attr|, but adds an
-// attribute created by |X509_ATTRIBUTE_create_by_txt|.
-OPENSSL_EXPORT STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(
- STACK_OF(X509_ATTRIBUTE) **x, const char *attrname, int type,
- const unsigned char *bytes, int len);
-
// X509_ATTRIBUTE_create_by_NID returns a newly-allocated |X509_ATTRIBUTE| of
// type |nid|, or NULL on error. The value is determined as in
// |X509_ATTRIBUTE_set1_data|.
@@ -1752,8 +1486,6 @@
// |attr|'s type. If |len| is -1, |strlen(data)| is used instead. See
// |ASN1_STRING_set_by_NID| for details.
//
-// TODO(davidben): Document |ASN1_STRING_set_by_NID| so the reference is useful.
-//
// Otherwise, if |len| is not -1, the value is an ASN.1 string. |attrtype| is an
// |ASN1_STRING| type value and the |len| bytes from |data| are copied as the
// type-specific representation of |ASN1_STRING|. See |ASN1_STRING| for details.
@@ -1800,27 +1532,965 @@
OPENSSL_EXPORT ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr,
int idx);
-OPENSSL_EXPORT int X509_verify_cert(X509_STORE_CTX *ctx);
-// lookup a cert from a X509 STACK
-OPENSSL_EXPORT X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,
+// SignedPublicKeyAndChallenge structures.
+//
+// The SignedPublicKeyAndChallenge (SPKAC) is a legacy structure to request
+// certificates, primarily in the legacy <keygen> HTML tag. An SPKAC structure
+// is represented by a |NETSCAPE_SPKI| structure.
+//
+// The structure is described in
+// https://developer.mozilla.org/en-US/docs/Web/HTML/Element/keygen
+
+// A Netscape_spki_st, or |NETSCAPE_SPKI|, represents a
+// SignedPublicKeyAndChallenge structure. Although this structure contains a
+// |spkac| field of type |NETSCAPE_SPKAC|, these are misnamed. The SPKAC is the
+// entire structure, not the signed portion.
+struct Netscape_spki_st {
+ NETSCAPE_SPKAC *spkac;
+ X509_ALGOR *sig_algor;
+ ASN1_BIT_STRING *signature;
+} /* NETSCAPE_SPKI */;
+
+// NETSCAPE_SPKI is an |ASN1_ITEM| whose ASN.1 type is
+// SignedPublicKeyAndChallenge and C type is |NETSCAPE_SPKI*|.
+DECLARE_ASN1_ITEM(NETSCAPE_SPKI)
+
+// NETSCAPE_SPKI_new returns a newly-allocated, empty |NETSCAPE_SPKI| object, or
+// NULL on error.
+OPENSSL_EXPORT NETSCAPE_SPKI *NETSCAPE_SPKI_new(void);
+
+// NETSCAPE_SPKI_free releases memory associated with |spki|.
+OPENSSL_EXPORT void NETSCAPE_SPKI_free(NETSCAPE_SPKI *spki);
+
+// d2i_NETSCAPE_SPKI parses up to |len| bytes from |*inp| as a DER-encoded
+// SignedPublicKeyAndChallenge structure, as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT NETSCAPE_SPKI *d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **out,
+ const uint8_t **inp, long len);
+
+// i2d_NETSCAPE_SPKI marshals |spki| as a DER-encoded
+// SignedPublicKeyAndChallenge structure, as described in |i2d_SAMPLE|.
+OPENSSL_EXPORT int i2d_NETSCAPE_SPKI(const NETSCAPE_SPKI *spki, uint8_t **outp);
+
+// NETSCAPE_SPKI_verify checks that |spki| has a valid signature by |pkey|. It
+// returns one if the signature is valid and zero otherwise.
+OPENSSL_EXPORT int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *spki, EVP_PKEY *pkey);
+
+// NETSCAPE_SPKI_b64_decode decodes |len| bytes from |str| as a base64-encoded
+// SignedPublicKeyAndChallenge structure. It returns a newly-allocated
+// |NETSCAPE_SPKI| structure with the result, or NULL on error. If |len| is 0 or
+// negative, the length is calculated with |strlen| and |str| must be a
+// NUL-terminated C string.
+OPENSSL_EXPORT NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str,
+ ossl_ssize_t len);
+
+// NETSCAPE_SPKI_b64_encode encodes |spki| as a base64-encoded
+// SignedPublicKeyAndChallenge structure. It returns a newly-allocated
+// NUL-terminated C string with the result, or NULL on error. The caller must
+// release the memory with |OPENSSL_free| when done.
+OPENSSL_EXPORT char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki);
+
+// NETSCAPE_SPKI_get_pubkey decodes and returns the public key in |spki| as an
+// |EVP_PKEY|, or NULL on error. The caller takes ownership of the resulting
+// pointer and must call |EVP_PKEY_free| when done.
+OPENSSL_EXPORT EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *spki);
+
+// NETSCAPE_SPKI_set_pubkey sets |spki|'s public key to |pkey|. It returns one
+// on success or zero on error. This function does not take ownership of |pkey|,
+// so the caller may continue to manage its lifetime independently of |spki|.
+OPENSSL_EXPORT int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *spki,
+ EVP_PKEY *pkey);
+
+// NETSCAPE_SPKI_sign signs |spki| with |pkey| and replaces the signature
+// algorithm and signature fields. It returns the length of the signature on
+// success and zero on error. This function uses digest algorithm |md|, or
+// |pkey|'s default if NULL. Other signing parameters use |pkey|'s defaults.
+OPENSSL_EXPORT int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *spki, EVP_PKEY *pkey,
+ const EVP_MD *md);
+
+// A Netscape_spkac_st, or |NETSCAPE_SPKAC|, represents a PublicKeyAndChallenge
+// structure. This type is misnamed. The full SPKAC includes the signature,
+// which is represented with the |NETSCAPE_SPKI| type.
+struct Netscape_spkac_st {
+ X509_PUBKEY *pubkey;
+ ASN1_IA5STRING *challenge;
+} /* NETSCAPE_SPKAC */;
+
+// NETSCAPE_SPKAC is an |ASN1_ITEM| whose ASN.1 type is PublicKeyAndChallenge
+// and C type is |NETSCAPE_SPKAC*|.
+DECLARE_ASN1_ITEM(NETSCAPE_SPKAC)
+
+// NETSCAPE_SPKAC_new returns a newly-allocated, empty |NETSCAPE_SPKAC| object,
+// or NULL on error.
+OPENSSL_EXPORT NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void);
+
+// NETSCAPE_SPKAC_free releases memory associated with |spkac|.
+OPENSSL_EXPORT void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *spkac);
+
+// d2i_NETSCAPE_SPKAC parses up to |len| bytes from |*inp| as a DER-encoded
+// PublicKeyAndChallenge structure, as described in |d2i_SAMPLE|.
+OPENSSL_EXPORT NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **out,
+ const uint8_t **inp,
+ long len);
+
+// i2d_NETSCAPE_SPKAC marshals |spkac| as a DER-encoded PublicKeyAndChallenge
+// structure, as described in |i2d_SAMPLE|.
+OPENSSL_EXPORT int i2d_NETSCAPE_SPKAC(const NETSCAPE_SPKAC *spkac,
+ uint8_t **outp);
+
+
+// Printing functions.
+//
+// The following functions output human-readable representations of
+// X.509-related structures. They should only be used for debugging or logging
+// and not parsed programmatically. In many cases, the outputs are ambiguous, so
+// attempting to parse them can lead to string injection vulnerabilities.
+
+// The following flags control |X509_print_ex| and |X509_REQ_print_ex|.
+
+// X509_FLAG_COMPAT disables all flags. It additionally causes names to be
+// printed with a 16-byte indent.
+#define X509_FLAG_COMPAT 0
+
+// X509_FLAG_NO_HEADER skips a header identifying the type of object printed.
+#define X509_FLAG_NO_HEADER 1L
+
+// X509_FLAG_NO_VERSION skips printing the X.509 version number.
+#define X509_FLAG_NO_VERSION (1L << 1)
+
+// X509_FLAG_NO_SERIAL skips printing the serial number. It is ignored in
+// |X509_REQ_print_fp|.
+#define X509_FLAG_NO_SERIAL (1L << 2)
+
+// X509_FLAG_NO_SIGNAME skips printing the signature algorithm in the
+// TBSCertificate. It is ignored in |X509_REQ_print_fp|.
+#define X509_FLAG_NO_SIGNAME (1L << 3)
+
+// X509_FLAG_NO_ISSUER skips printing the issuer.
+#define X509_FLAG_NO_ISSUER (1L << 4)
+
+// X509_FLAG_NO_VALIDITY skips printing the notBefore and notAfter times. It is
+// ignored in |X509_REQ_print_fp|.
+#define X509_FLAG_NO_VALIDITY (1L << 5)
+
+// X509_FLAG_NO_SUBJECT skips printing the subject.
+#define X509_FLAG_NO_SUBJECT (1L << 6)
+
+// X509_FLAG_NO_PUBKEY skips printing the public key.
+#define X509_FLAG_NO_PUBKEY (1L << 7)
+
+// X509_FLAG_NO_EXTENSIONS skips printing the extension list. It is ignored in
+// |X509_REQ_print_fp|. CSRs instead have attributes, which is controlled by
+// |X509_FLAG_NO_ATTRIBUTES|.
+#define X509_FLAG_NO_EXTENSIONS (1L << 8)
+
+// X509_FLAG_NO_SIGDUMP skips printing the signature and outer signature
+// algorithm.
+#define X509_FLAG_NO_SIGDUMP (1L << 9)
+
+// X509_FLAG_NO_AUX skips printing auxiliary properties. (See |d2i_X509_AUX| and
+// related functions.)
+#define X509_FLAG_NO_AUX (1L << 10)
+
+// X509_FLAG_NO_ATTRIBUTES skips printing CSR attributes. It does nothing for
+// certificates and CRLs.
+#define X509_FLAG_NO_ATTRIBUTES (1L << 11)
+
+// X509_FLAG_NO_IDS skips printing the issuerUniqueID and subjectUniqueID in a
+// certificate. It is ignored in |X509_REQ_print_fp|.
+#define X509_FLAG_NO_IDS (1L << 12)
+
+// X509_print_ex writes a human-readable representation of |x| to |bp|. It
+// returns one on success and zero on error. |nmflags| is the flags parameter
+// for |X509_NAME_print_ex| when printing the subject and issuer. |cflag| should
+// be some combination of the |X509_FLAG_*| constants.
+OPENSSL_EXPORT int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag,
+ unsigned long cflag);
+
+// X509_print_ex_fp behaves like |X509_print_ex| but writes to |fp|.
+OPENSSL_EXPORT int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag,
+ unsigned long cflag);
+
+// X509_print calls |X509_print_ex| with |XN_FLAG_COMPAT| and |X509_FLAG_COMPAT|
+// flags.
+OPENSSL_EXPORT int X509_print(BIO *bp, X509 *x);
+
+// X509_print_fp behaves like |X509_print| but writes to |fp|.
+OPENSSL_EXPORT int X509_print_fp(FILE *fp, X509 *x);
+
+// X509_CRL_print writes a human-readable representation of |x| to |bp|. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int X509_CRL_print(BIO *bp, X509_CRL *x);
+
+// X509_CRL_print_fp behaves like |X509_CRL_print| but writes to |fp|.
+OPENSSL_EXPORT int X509_CRL_print_fp(FILE *fp, X509_CRL *x);
+
+// X509_REQ_print_ex writes a human-readable representation of |x| to |bp|. It
+// returns one on success and zero on error. |nmflags| is the flags parameter
+// for |X509_NAME_print_ex|, when printing the subject. |cflag| should be some
+// combination of the |X509_FLAG_*| constants.
+OPENSSL_EXPORT int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag,
+ unsigned long cflag);
+
+// X509_REQ_print calls |X509_REQ_print_ex| with |XN_FLAG_COMPAT| and
+// |X509_FLAG_COMPAT| flags.
+OPENSSL_EXPORT int X509_REQ_print(BIO *bp, X509_REQ *req);
+
+// X509_REQ_print_fp behaves like |X509_REQ_print| but writes to |fp|.
+OPENSSL_EXPORT int X509_REQ_print_fp(FILE *fp, X509_REQ *req);
+
+// The following flags are control |X509_NAME_print_ex|. They must not collide
+// with |ASN1_STRFLGS_*|.
+//
+// TODO(davidben): This is far, far too many options and most of them are
+// useless. Trim this down.
+
+// XN_FLAG_COMPAT prints with |X509_NAME_print|'s format and return value
+// convention.
+#define XN_FLAG_COMPAT 0
+
+// XN_FLAG_SEP_MASK determines the separators to use between attributes.
+#define XN_FLAG_SEP_MASK (0xf << 16)
+
+// XN_FLAG_SEP_COMMA_PLUS separates RDNs with "," and attributes within an RDN
+// with "+", as in RFC 2253.
+#define XN_FLAG_SEP_COMMA_PLUS (1 << 16)
+
+// XN_FLAG_SEP_CPLUS_SPC behaves like |XN_FLAG_SEP_COMMA_PLUS| but adds spaces
+// between the separators.
+#define XN_FLAG_SEP_CPLUS_SPC (2 << 16)
+
+// XN_FLAG_SEP_SPLUS_SPC separates RDNs with "; " and attributes within an RDN
+// with " + ".
+#define XN_FLAG_SEP_SPLUS_SPC (3 << 16)
+
+// XN_FLAG_SEP_MULTILINE prints each attribute on one line.
+#define XN_FLAG_SEP_MULTILINE (4 << 16)
+
+// XN_FLAG_DN_REV prints RDNs in reverse, from least significant to most
+// significant, as RFC 2253.
+#define XN_FLAG_DN_REV (1 << 20)
+
+// XN_FLAG_FN_MASK determines how attribute types are displayed.
+#define XN_FLAG_FN_MASK (0x3 << 21)
+
+// XN_FLAG_FN_SN uses the attribute type's short name, when available.
+#define XN_FLAG_FN_SN 0
+
+// XN_FLAG_SPC_EQ wraps the "=" operator with spaces when printing attributes.
+#define XN_FLAG_SPC_EQ (1 << 23)
+
+// XN_FLAG_DUMP_UNKNOWN_FIELDS causes unknown attribute types to be printed in
+// hex, as in RFC 2253.
+#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
+
+// XN_FLAG_RFC2253 prints like RFC 2253.
+#define XN_FLAG_RFC2253 \
+ (ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | \
+ XN_FLAG_FN_SN | XN_FLAG_DUMP_UNKNOWN_FIELDS)
+
+// XN_FLAG_ONELINE prints a one-line representation of the name.
+#define XN_FLAG_ONELINE \
+ (ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | \
+ XN_FLAG_SPC_EQ | XN_FLAG_FN_SN)
+
+// X509_NAME_print_ex writes a human-readable representation of |nm| to |out|.
+// Each line of output is indented by |indent| spaces. It returns the number of
+// bytes written on success, and -1 on error. If |out| is NULL, it returns the
+// number of bytes it would have written but does not write anything. |flags|
+// should be some combination of |XN_FLAG_*| and |ASN1_STRFLGS_*| values and
+// determines the output. If unsure, use |XN_FLAG_RFC2253|.
+//
+// If |flags| is |XN_FLAG_COMPAT|, or zero, this function calls
+// |X509_NAME_print| instead. In that case, it returns one on success, rather
+// than the output length.
+OPENSSL_EXPORT int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent,
+ unsigned long flags);
+
+// X509_NAME_print prints a human-readable representation of |name| to |bp|. It
+// returns one on success and zero on error. |obase| is ignored.
+//
+// This function outputs a legacy format that does not correctly handle string
+// encodings and other cases. Prefer |X509_NAME_print_ex| if printing a name for
+// debugging purposes.
+OPENSSL_EXPORT int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase);
+
+// X509_NAME_oneline writes a human-readable representation to |name| to a
+// buffer as a NUL-terminated C string.
+//
+// If |buf| is NULL, returns a newly-allocated buffer containing the result on
+// success, or NULL on error. The buffer must be released with |OPENSSL_free|
+// when done.
+//
+// If |buf| is non-NULL, at most |size| bytes of output are written to |buf|
+// instead. |size| includes the trailing NUL. The function then returns |buf| on
+// success or NULL on error. If the output does not fit in |size| bytes, the
+// output is silently truncated at an attribute boundary.
+//
+// This function outputs a legacy format that does not correctly handle string
+// encodings and other cases. Prefer |X509_NAME_print_ex| if printing a name for
+// debugging purposes.
+OPENSSL_EXPORT char *X509_NAME_oneline(const X509_NAME *name, char *buf, int size);
+
+// X509_NAME_print_ex_fp behaves like |X509_NAME_print_ex| but writes to |fp|.
+OPENSSL_EXPORT int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm,
+ int indent, unsigned long flags);
+
+// X509_signature_dump writes a human-readable representation of |sig| to |bio|,
+// indented with |indent| spaces. It returns one on success and zero on error.
+OPENSSL_EXPORT int X509_signature_dump(BIO *bio, const ASN1_STRING *sig,
+ int indent);
+
+// X509_signature_print writes a human-readable representation of |alg| and
+// |sig| to |bio|. It returns one on success and zero on error.
+OPENSSL_EXPORT int X509_signature_print(BIO *bio, const X509_ALGOR *alg,
+ const ASN1_STRING *sig);
+
+
+// Convenience functions.
+
+// X509_pubkey_digest hashes the contents of the BIT STRING in |x509|'s
+// subjectPublicKeyInfo field with |md| and writes the result to |out|.
+// |EVP_MD_CTX_size| bytes are written, which is at most |EVP_MAX_MD_SIZE|. If
+// |out_len| is not NULL, |*out_len| is set to the number of bytes written. This
+// function returns one on success and zero on error.
+//
+// This hash omits the BIT STRING tag, length, and number of unused bits. It
+// also omits the AlgorithmIdentifier which describes the key type. It
+// corresponds to the OCSP KeyHash definition and is not suitable for other
+// purposes.
+OPENSSL_EXPORT int X509_pubkey_digest(const X509 *x509, const EVP_MD *md,
+ uint8_t *out, unsigned *out_len);
+
+// X509_digest hashes |x509|'s DER encoding with |md| and writes the result to
+// |out|. |EVP_MD_CTX_size| bytes are written, which is at most
+// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
+// of bytes written. This function returns one on success and zero on error.
+// Note this digest covers the entire certificate, not just the signed portion.
+OPENSSL_EXPORT int X509_digest(const X509 *x509, const EVP_MD *md, uint8_t *out,
+ unsigned *out_len);
+
+// X509_CRL_digest hashes |crl|'s DER encoding with |md| and writes the result
+// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
+// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
+// of bytes written. This function returns one on success and zero on error.
+// Note this digest covers the entire CRL, not just the signed portion.
+OPENSSL_EXPORT int X509_CRL_digest(const X509_CRL *crl, const EVP_MD *md,
+ uint8_t *out, unsigned *out_len);
+
+// X509_REQ_digest hashes |req|'s DER encoding with |md| and writes the result
+// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
+// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
+// of bytes written. This function returns one on success and zero on error.
+// Note this digest covers the entire certificate request, not just the signed
+// portion.
+OPENSSL_EXPORT int X509_REQ_digest(const X509_REQ *req, const EVP_MD *md,
+ uint8_t *out, unsigned *out_len);
+
+// X509_NAME_digest hashes |name|'s DER encoding with |md| and writes the result
+// to |out|. |EVP_MD_CTX_size| bytes are written, which is at most
+// |EVP_MAX_MD_SIZE|. If |out_len| is not NULL, |*out_len| is set to the number
+// of bytes written. This function returns one on success and zero on error.
+OPENSSL_EXPORT int X509_NAME_digest(const X509_NAME *name, const EVP_MD *md,
+ uint8_t *out, unsigned *out_len);
+
+// The following functions behave like the corresponding unsuffixed |d2i_*|
+// functions, but read the result from |bp| instead. Callers using these
+// functions with memory |BIO|s to parse structures already in memory should use
+// |d2i_*| instead.
+OPENSSL_EXPORT X509 *d2i_X509_bio(BIO *bp, X509 **x509);
+OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl);
+OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req);
+OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa);
+OPENSSL_EXPORT RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa);
+OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa);
+OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
+OPENSSL_EXPORT DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
+OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
+OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
+OPENSSL_EXPORT X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8);
+OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(
+ BIO *bp, PKCS8_PRIV_KEY_INFO **p8inf);
+OPENSSL_EXPORT EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+OPENSSL_EXPORT DH *d2i_DHparams_bio(BIO *bp, DH **dh);
+
+// d2i_PrivateKey_bio behaves like |d2i_AutoPrivateKey|, but reads from |bp|
+// instead.
+OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
+
+// The following functions behave like the corresponding unsuffixed |i2d_*|
+// functions, but write the result to |bp|. They return one on success and zero
+// on error. Callers using them with memory |BIO|s to encode structures to
+// memory should use |i2d_*| directly instead.
+OPENSSL_EXPORT int i2d_X509_bio(BIO *bp, X509 *x509);
+OPENSSL_EXPORT int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl);
+OPENSSL_EXPORT int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req);
+OPENSSL_EXPORT int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa);
+OPENSSL_EXPORT int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa);
+OPENSSL_EXPORT int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa);
+OPENSSL_EXPORT int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
+OPENSSL_EXPORT int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
+OPENSSL_EXPORT int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey);
+OPENSSL_EXPORT int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey);
+OPENSSL_EXPORT int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8);
+OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
+ PKCS8_PRIV_KEY_INFO *p8inf);
+OPENSSL_EXPORT int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey);
+OPENSSL_EXPORT int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+OPENSSL_EXPORT int i2d_DHparams_bio(BIO *bp, const DH *dh);
+
+// i2d_PKCS8PrivateKeyInfo_bio encodes |key| as a PKCS#8 PrivateKeyInfo
+// structure (see |EVP_marshal_private_key|) and writes the result to |bp|. It
+// returns one on success and zero on error.
+OPENSSL_EXPORT int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key);
+
+// The following functions behave like the corresponding |d2i_*_bio| functions,
+// but read from |fp| instead.
+OPENSSL_EXPORT X509 *d2i_X509_fp(FILE *fp, X509 **x509);
+OPENSSL_EXPORT X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
+OPENSSL_EXPORT X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
+OPENSSL_EXPORT RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
+OPENSSL_EXPORT RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
+OPENSSL_EXPORT RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
+OPENSSL_EXPORT DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
+OPENSSL_EXPORT DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
+OPENSSL_EXPORT EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
+OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
+OPENSSL_EXPORT X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
+OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(
+ FILE *fp, PKCS8_PRIV_KEY_INFO **p8inf);
+OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
+OPENSSL_EXPORT EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+
+// The following functions behave like the corresponding |i2d_*_bio| functions,
+// but write to |fp| instead.
+OPENSSL_EXPORT int i2d_X509_fp(FILE *fp, X509 *x509);
+OPENSSL_EXPORT int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl);
+OPENSSL_EXPORT int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req);
+OPENSSL_EXPORT int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa);
+OPENSSL_EXPORT int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa);
+OPENSSL_EXPORT int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa);
+OPENSSL_EXPORT int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
+OPENSSL_EXPORT int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
+OPENSSL_EXPORT int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
+OPENSSL_EXPORT int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
+OPENSSL_EXPORT int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8);
+OPENSSL_EXPORT int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
+ PKCS8_PRIV_KEY_INFO *p8inf);
+OPENSSL_EXPORT int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
+OPENSSL_EXPORT int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
+OPENSSL_EXPORT int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+
+// X509_find_by_issuer_and_serial returns the first |X509| in |sk| whose issuer
+// and serial are |name| and |serial|, respectively. If no match is found, it
+// returns NULL.
+OPENSSL_EXPORT X509 *X509_find_by_issuer_and_serial(const STACK_OF(X509) *sk,
X509_NAME *name,
- ASN1_INTEGER *serial);
-OPENSSL_EXPORT X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name);
+ const ASN1_INTEGER *serial);
+
+// X509_find_by_subject returns the first |X509| in |sk| whose subject is
+// |name|. If no match is found, it returns NULL.
+OPENSSL_EXPORT X509 *X509_find_by_subject(const STACK_OF(X509) *sk,
+ X509_NAME *name);
+
+// X509_cmp_time compares |s| against |*t|. On success, it returns a negative
+// number if |s| <= |*t| and a positive number if |s| > |*t|. On error, it
+// returns zero. If |t| is NULL, it uses the current time instead of |*t|.
+//
+// WARNING: Unlike most comparison functions, this function returns zero on
+// error, not equality.
+OPENSSL_EXPORT int X509_cmp_time(const ASN1_TIME *s, time_t *t);
+
+// X509_cmp_time_posix compares |s| against |t|. On success, it returns a
+// negative number if |s| <= |t| and a positive number if |s| > |t|. On error,
+// it returns zero.
+//
+// WARNING: Unlike most comparison functions, this function returns zero on
+// error, not equality.
+OPENSSL_EXPORT int X509_cmp_time_posix(const ASN1_TIME *s, int64_t t);
+
+// X509_cmp_current_time behaves like |X509_cmp_time| but compares |s| against
+// the current time.
+OPENSSL_EXPORT int X509_cmp_current_time(const ASN1_TIME *s);
+
+// X509_time_adj calls |X509_time_adj_ex| with |offset_day| equal to zero.
+OPENSSL_EXPORT ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec,
+ time_t *t);
+
+// X509_time_adj_ex behaves like |ASN1_TIME_adj|, but adds an offset to |*t|. If
+// |t| is NULL, it uses the current time instead of |*t|.
+OPENSSL_EXPORT ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s, int offset_day,
+ long offset_sec, time_t *t);
+
+// X509_gmtime_adj behaves like |X509_time_adj_ex| but adds |offset_sec| to the
+// current time.
+OPENSSL_EXPORT ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long offset_sec);
+
+
+// ex_data functions.
+//
+// See |ex_data.h| for details.
+
+OPENSSL_EXPORT int X509_get_ex_new_index(long argl, void *argp,
+ CRYPTO_EX_unused *unused,
+ CRYPTO_EX_dup *dup_unused,
+ CRYPTO_EX_free *free_func);
+OPENSSL_EXPORT int X509_set_ex_data(X509 *r, int idx, void *arg);
+OPENSSL_EXPORT void *X509_get_ex_data(X509 *r, int idx);
+
+OPENSSL_EXPORT int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
+ CRYPTO_EX_unused *unused,
+ CRYPTO_EX_dup *dup_unused,
+ CRYPTO_EX_free *free_func);
+OPENSSL_EXPORT int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx,
+ void *data);
+OPENSSL_EXPORT void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
+
+
+// Deprecated functions.
+
+// X509_get_notBefore returns |x509|'s notBefore time. Note this function is not
+// const-correct for legacy reasons. Use |X509_get0_notBefore| or
+// |X509_getm_notBefore| instead.
+OPENSSL_EXPORT ASN1_TIME *X509_get_notBefore(const X509 *x509);
+
+// X509_get_notAfter returns |x509|'s notAfter time. Note this function is not
+// const-correct for legacy reasons. Use |X509_get0_notAfter| or
+// |X509_getm_notAfter| instead.
+OPENSSL_EXPORT ASN1_TIME *X509_get_notAfter(const X509 *x509);
+
+// X509_set_notBefore calls |X509_set1_notBefore|. Use |X509_set1_notBefore|
+// instead.
+OPENSSL_EXPORT int X509_set_notBefore(X509 *x509, const ASN1_TIME *tm);
+
+// X509_set_notAfter calls |X509_set1_notAfter|. Use |X509_set1_notAfter|
+// instead.
+OPENSSL_EXPORT int X509_set_notAfter(X509 *x509, const ASN1_TIME *tm);
+
+// X509_CRL_get_lastUpdate returns a mutable pointer to |crl|'s thisUpdate time.
+// The OpenSSL API refers to this field as lastUpdate.
+//
+// Use |X509_CRL_get0_lastUpdate| or |X509_CRL_set1_lastUpdate| instead.
+OPENSSL_EXPORT ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl);
+
+// X509_CRL_get_nextUpdate returns a mutable pointer to |crl|'s nextUpdate time,
+// or NULL if |crl| has none. Use |X509_CRL_get0_nextUpdate| or
+// |X509_CRL_set1_nextUpdate| instead.
+OPENSSL_EXPORT ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl);
+
+// X509_extract_key is a legacy alias to |X509_get_pubkey|. Use
+// |X509_get_pubkey| instead.
+#define X509_extract_key(x) X509_get_pubkey(x)
+
+// X509_REQ_extract_key is a legacy alias for |X509_REQ_get_pubkey|.
+#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
+
+// X509_name_cmp is a legacy alias for |X509_NAME_cmp|.
+#define X509_name_cmp(a, b) X509_NAME_cmp((a), (b))
+
+// The following symbols are deprecated aliases to |X509_CRL_set1_*|.
+#define X509_CRL_set_lastUpdate X509_CRL_set1_lastUpdate
+#define X509_CRL_set_nextUpdate X509_CRL_set1_nextUpdate
+
+// X509_get_serialNumber returns a mutable pointer to |x509|'s serial number.
+// Prefer |X509_get0_serialNumber|.
+OPENSSL_EXPORT ASN1_INTEGER *X509_get_serialNumber(X509 *x509);
+
+// X509_NAME_get_text_by_OBJ finds the first attribute with type |obj| in
+// |name|. If found, it ignores the value's ASN.1 type, writes the raw
+// |ASN1_STRING| representation to |buf|, followed by a NUL byte, and
+// returns the number of bytes in output, excluding the NUL byte.
+//
+// This function writes at most |len| bytes, including the NUL byte. If |len| is
+// not large enough, it silently truncates the output to fit. If |buf| is NULL,
+// it instead writes enough and returns the number of bytes in the output,
+// excluding the NUL byte.
+//
+// WARNING: Do not use this function. It does not return enough information for
+// the caller to correctly interpret its output. The attribute value may be of
+// any type, including one of several ASN.1 string encodings, but this function
+// only outputs the raw |ASN1_STRING| representation. See
+// https://crbug.com/boringssl/436.
+OPENSSL_EXPORT int X509_NAME_get_text_by_OBJ(const X509_NAME *name,
+ const ASN1_OBJECT *obj, char *buf,
+ int len);
+
+// X509_NAME_get_text_by_NID behaves like |X509_NAME_get_text_by_OBJ| except it
+// finds an attribute of type |nid|, which should be one of the |NID_*|
+// constants.
+OPENSSL_EXPORT int X509_NAME_get_text_by_NID(const X509_NAME *name, int nid,
+ char *buf, int len);
+
+
+// Private structures.
+
+struct X509_algor_st {
+ ASN1_OBJECT *algorithm;
+ ASN1_TYPE *parameter;
+} /* X509_ALGOR */;
+
+
+// Functions below this point have not yet been organized into sections.
+
+#define X509_FILETYPE_PEM 1
+#define X509_FILETYPE_ASN1 2
+#define X509_FILETYPE_DEFAULT 3
+
+#define X509v3_KU_DIGITAL_SIGNATURE 0x0080
+#define X509v3_KU_NON_REPUDIATION 0x0040
+#define X509v3_KU_KEY_ENCIPHERMENT 0x0020
+#define X509v3_KU_DATA_ENCIPHERMENT 0x0010
+#define X509v3_KU_KEY_AGREEMENT 0x0008
+#define X509v3_KU_KEY_CERT_SIGN 0x0004
+#define X509v3_KU_CRL_SIGN 0x0002
+#define X509v3_KU_ENCIPHER_ONLY 0x0001
+#define X509v3_KU_DECIPHER_ONLY 0x8000
+#define X509v3_KU_UNDEF 0xffff
+
+// This stuff is certificate "auxiliary info"
+// it contains details which are useful in certificate
+// stores and databases. When used this is tagged onto
+// the end of the certificate itself
+
+DECLARE_STACK_OF(DIST_POINT)
+DECLARE_STACK_OF(GENERAL_NAME)
+
+// This is used for a table of trust checking functions
+
+struct x509_trust_st {
+ int trust;
+ int flags;
+ int (*check_trust)(struct x509_trust_st *, X509 *, int);
+ char *name;
+ int arg1;
+ void *arg2;
+} /* X509_TRUST */;
+
+DEFINE_STACK_OF(X509_TRUST)
+
+// standard trust ids
+
+#define X509_TRUST_DEFAULT (-1) // Only valid in purpose settings
+
+#define X509_TRUST_COMPAT 1
+#define X509_TRUST_SSL_CLIENT 2
+#define X509_TRUST_SSL_SERVER 3
+#define X509_TRUST_EMAIL 4
+#define X509_TRUST_OBJECT_SIGN 5
+#define X509_TRUST_OCSP_SIGN 6
+#define X509_TRUST_OCSP_REQUEST 7
+#define X509_TRUST_TSA 8
+
+// Keep these up to date!
+#define X509_TRUST_MIN 1
+#define X509_TRUST_MAX 8
+
+
+// trust_flags values
+#define X509_TRUST_DYNAMIC 1
+#define X509_TRUST_DYNAMIC_NAME 2
+
+// check_trust return codes
+
+#define X509_TRUST_TRUSTED 1
+#define X509_TRUST_REJECTED 2
+#define X509_TRUST_UNTRUSTED 3
+
+DEFINE_STACK_OF(X509_REVOKED)
+
+DECLARE_STACK_OF(GENERAL_NAMES)
+
+struct private_key_st {
+ int version;
+ // The PKCS#8 data types
+ X509_ALGOR *enc_algor;
+ ASN1_OCTET_STRING *enc_pkey; // encrypted pub key
+
+ // When decrypted, the following will not be NULL
+ EVP_PKEY *dec_pkey;
+
+ // used to encrypt and decrypt
+ int key_length;
+ char *key_data;
+ int key_free; // true if we should auto free key_data
+
+ // expanded version of 'enc_algor'
+ EVP_CIPHER_INFO cipher;
+} /* X509_PKEY */;
+
+struct X509_info_st {
+ X509 *x509;
+ X509_CRL *crl;
+ X509_PKEY *x_pkey;
+
+ EVP_CIPHER_INFO enc_cipher;
+ int enc_len;
+ char *enc_data;
+
+} /* X509_INFO */;
+
+DEFINE_STACK_OF(X509_INFO)
+
+// X509_get_pathlen returns path length constraint from the basic constraints
+// extension in |x509|. (See RFC 5280, section 4.2.1.9.) It returns -1 if the
+// constraint is not present, or if some extension in |x509| was invalid.
+//
+// Note that decoding an |X509| object will not check for invalid extensions. To
+// detect the error case, call |X509_get_extensions_flags| and check the
+// |EXFLAG_INVALID| bit.
+OPENSSL_EXPORT long X509_get_pathlen(X509 *x509);
+
+// X509_SIG_get0 sets |*out_alg| and |*out_digest| to non-owning pointers to
+// |sig|'s algorithm and digest fields, respectively. Either |out_alg| and
+// |out_digest| may be NULL to skip those fields.
+OPENSSL_EXPORT void X509_SIG_get0(const X509_SIG *sig,
+ const X509_ALGOR **out_alg,
+ const ASN1_OCTET_STRING **out_digest);
+
+// X509_SIG_getm behaves like |X509_SIG_get0| but returns mutable pointers.
+OPENSSL_EXPORT void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **out_alg,
+ ASN1_OCTET_STRING **out_digest);
+
+// X509_verify_cert_error_string returns |err| as a human-readable string, where
+// |err| should be one of the |X509_V_*| values. If |err| is unknown, it returns
+// a default description.
+OPENSSL_EXPORT const char *X509_verify_cert_error_string(long err);
+
+// X509_REVOKED_dup returns a newly-allocated copy of |rev|, or NULL on error.
+// This function works by serializing the structure, so if |rev| is incomplete,
+// it may fail.
+OPENSSL_EXPORT X509_REVOKED *X509_REVOKED_dup(const X509_REVOKED *rev);
+
+OPENSSL_EXPORT const char *X509_get_default_cert_area(void);
+OPENSSL_EXPORT const char *X509_get_default_cert_dir(void);
+OPENSSL_EXPORT const char *X509_get_default_cert_file(void);
+OPENSSL_EXPORT const char *X509_get_default_cert_dir_env(void);
+OPENSSL_EXPORT const char *X509_get_default_cert_file_env(void);
+OPENSSL_EXPORT const char *X509_get_default_private_dir(void);
+
+DECLARE_ASN1_FUNCTIONS_const(X509_PUBKEY)
+
+// X509_PUBKEY_set serializes |pkey| into a newly-allocated |X509_PUBKEY|
+// structure. On success, it frees |*x|, sets |*x| to the new object, and
+// returns one. Otherwise, it returns zero.
+OPENSSL_EXPORT int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+
+// X509_PUBKEY_get decodes the public key in |key| and returns an |EVP_PKEY| on
+// success, or NULL on error. The caller must release the result with
+// |EVP_PKEY_free| when done. The |EVP_PKEY| is cached in |key|, so callers must
+// not mutate the result.
+OPENSSL_EXPORT EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+
+DECLARE_ASN1_FUNCTIONS_const(X509_SIG)
+
+OPENSSL_EXPORT int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
+OPENSSL_EXPORT int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
+OPENSSL_EXPORT void X509_trust_clear(X509 *x);
+OPENSSL_EXPORT void X509_reject_clear(X509 *x);
+
+
+OPENSSL_EXPORT int X509_TRUST_set(int *t, int trust);
+
+DECLARE_ASN1_FUNCTIONS_const(X509_REVOKED)
+
+OPENSSL_EXPORT int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+OPENSSL_EXPORT int X509_CRL_get0_by_serial(X509_CRL *crl, X509_REVOKED **ret,
+ ASN1_INTEGER *serial);
+OPENSSL_EXPORT int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret,
+ X509 *x);
+
+OPENSSL_EXPORT X509_PKEY *X509_PKEY_new(void);
+OPENSSL_EXPORT void X509_PKEY_free(X509_PKEY *a);
+
+OPENSSL_EXPORT X509_INFO *X509_INFO_new(void);
+OPENSSL_EXPORT void X509_INFO_free(X509_INFO *a);
+
+OPENSSL_EXPORT int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
+ unsigned char *md, unsigned int *len);
+
+OPENSSL_EXPORT int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type,
+ void *data, unsigned char *md,
+ unsigned int *len);
+
+OPENSSL_EXPORT int ASN1_item_verify(const ASN1_ITEM *it,
+ const X509_ALGOR *algor1,
+ const ASN1_BIT_STRING *signature,
+ void *data, EVP_PKEY *pkey);
+
+OPENSSL_EXPORT int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ X509_ALGOR *algor2,
+ ASN1_BIT_STRING *signature, void *data,
+ EVP_PKEY *pkey, const EVP_MD *type);
+OPENSSL_EXPORT int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ X509_ALGOR *algor2,
+ ASN1_BIT_STRING *signature, void *asn,
+ EVP_MD_CTX *ctx);
+
+OPENSSL_EXPORT int X509_CRL_sort(X509_CRL *crl);
+
+// X509_REVOKED_get0_serialNumber returns the serial number of the certificate
+// revoked by |revoked|.
+OPENSSL_EXPORT const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(
+ const X509_REVOKED *revoked);
+
+// X509_REVOKED_set_serialNumber sets |revoked|'s serial number to |serial|. It
+// returns one on success or zero on error.
+OPENSSL_EXPORT int X509_REVOKED_set_serialNumber(X509_REVOKED *revoked,
+ const ASN1_INTEGER *serial);
+
+// X509_REVOKED_get0_revocationDate returns the revocation time of the
+// certificate revoked by |revoked|.
+OPENSSL_EXPORT const ASN1_TIME *X509_REVOKED_get0_revocationDate(
+ const X509_REVOKED *revoked);
+
+// X509_REVOKED_set_revocationDate sets |revoked|'s revocation time to |tm|. It
+// returns one on success or zero on error.
+OPENSSL_EXPORT int X509_REVOKED_set_revocationDate(X509_REVOKED *revoked,
+ const ASN1_TIME *tm);
+
+// X509_REVOKED_get0_extensions returns |r|'s extensions list, or NULL if |r|
+// omits it.
+OPENSSL_EXPORT const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(
+ const X509_REVOKED *r);
+
+OPENSSL_EXPORT X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
+ EVP_PKEY *skey, const EVP_MD *md,
+ unsigned int flags);
+
+OPENSSL_EXPORT int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey);
+
+OPENSSL_EXPORT int X509_check_private_key(X509 *x509, const EVP_PKEY *pkey);
+
+OPENSSL_EXPORT int X509_issuer_name_cmp(const X509 *a, const X509 *b);
+OPENSSL_EXPORT unsigned long X509_issuer_name_hash(X509 *a);
+
+OPENSSL_EXPORT int X509_subject_name_cmp(const X509 *a, const X509 *b);
+OPENSSL_EXPORT unsigned long X509_subject_name_hash(X509 *x);
+
+OPENSSL_EXPORT unsigned long X509_issuer_name_hash_old(X509 *a);
+OPENSSL_EXPORT unsigned long X509_subject_name_hash_old(X509 *x);
+
+OPENSSL_EXPORT int X509_cmp(const X509 *a, const X509 *b);
+OPENSSL_EXPORT int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
+OPENSSL_EXPORT unsigned long X509_NAME_hash(X509_NAME *x);
+OPENSSL_EXPORT unsigned long X509_NAME_hash_old(X509_NAME *x);
+
+OPENSSL_EXPORT int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
+OPENSSL_EXPORT int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
+
+// X509_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the extension in
+// |x509|'s extension list.
+//
+// WARNING: This function is difficult to use correctly. See the documentation
+// for |X509V3_get_d2i| for details.
+OPENSSL_EXPORT void *X509_get_ext_d2i(const X509 *x509, int nid,
+ int *out_critical, int *out_idx);
+
+// X509_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the extension to
+// |x|'s extension list.
+//
+// WARNING: This function may return zero or -1 on error. The caller must also
+// ensure |value|'s type matches |nid|. See the documentation for
+// |X509V3_add1_i2d| for details.
+OPENSSL_EXPORT int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+ unsigned long flags);
+
+// X509_CRL_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the
+// extension in |crl|'s extension list.
+//
+// WARNING: This function is difficult to use correctly. See the documentation
+// for |X509V3_get_d2i| for details.
+OPENSSL_EXPORT void *X509_CRL_get_ext_d2i(const X509_CRL *crl, int nid,
+ int *out_critical, int *out_idx);
+
+// X509_CRL_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the extension
+// to |x|'s extension list.
+//
+// WARNING: This function may return zero or -1 on error. The caller must also
+// ensure |value|'s type matches |nid|. See the documentation for
+// |X509V3_add1_i2d| for details.
+OPENSSL_EXPORT int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value,
+ int crit, unsigned long flags);
+
+// X509_REVOKED_get_ext_count returns the number of extensions in |x|.
+OPENSSL_EXPORT int X509_REVOKED_get_ext_count(const X509_REVOKED *x);
+
+// X509_REVOKED_get_ext_by_NID behaves like |X509v3_get_ext_by_NID| but searches
+// for extensions in |x|.
+OPENSSL_EXPORT int X509_REVOKED_get_ext_by_NID(const X509_REVOKED *x, int nid,
+ int lastpos);
+
+// X509_REVOKED_get_ext_by_OBJ behaves like |X509v3_get_ext_by_OBJ| but searches
+// for extensions in |x|.
+OPENSSL_EXPORT int X509_REVOKED_get_ext_by_OBJ(const X509_REVOKED *x,
+ const ASN1_OBJECT *obj,
+ int lastpos);
+
+// X509_REVOKED_get_ext_by_critical behaves like |X509v3_get_ext_by_critical|
+// but searches for extensions in |x|.
+OPENSSL_EXPORT int X509_REVOKED_get_ext_by_critical(const X509_REVOKED *x,
+ int crit, int lastpos);
+
+// X509_REVOKED_get_ext returns the extension in |x| at index |loc|, or NULL if
+// |loc| is out of bounds. This function returns a non-const pointer for OpenSSL
+// compatibility, but callers should not mutate the result.
+OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_get_ext(const X509_REVOKED *x,
+ int loc);
+
+// X509_REVOKED_delete_ext removes the extension in |x| at index |loc| and
+// returns the removed extension, or NULL if |loc| was out of bounds. If
+// non-NULL, the caller must release the result with |X509_EXTENSION_free|.
+OPENSSL_EXPORT X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x,
+ int loc);
+
+// X509_REVOKED_add_ext adds a copy of |ex| to |x|. It returns one on success
+// and zero on failure. The caller retains ownership of |ex| and can release it
+// independently of |x|.
+//
+// The new extension is inserted at index |loc|, shifting extensions to the
+// right. If |loc| is -1 or out of bounds, the new extension is appended to the
+// list.
+OPENSSL_EXPORT int X509_REVOKED_add_ext(X509_REVOKED *x,
+ const X509_EXTENSION *ex, int loc);
+
+// X509_REVOKED_get_ext_d2i behaves like |X509V3_get_d2i| but looks for the
+// extension in |revoked|'s extension list.
+//
+// WARNING: This function is difficult to use correctly. See the documentation
+// for |X509V3_get_d2i| for details.
+OPENSSL_EXPORT void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *revoked,
+ int nid, int *out_critical,
+ int *out_idx);
+
+// X509_REVOKED_add1_ext_i2d behaves like |X509V3_add1_i2d| but adds the
+// extension to |x|'s extension list.
+//
+// WARNING: This function may return zero or -1 on error. The caller must also
+// ensure |value|'s type matches |nid|. See the documentation for
+// |X509V3_add1_i2d| for details.
+OPENSSL_EXPORT int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid,
+ void *value, int crit,
+ unsigned long flags);
+
+OPENSSL_EXPORT int X509_verify_cert(X509_STORE_CTX *ctx);
// PKCS#8 utilities
-DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
+DECLARE_ASN1_FUNCTIONS_const(PKCS8_PRIV_KEY_INFO)
-OPENSSL_EXPORT EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
-OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
+// EVP_PKCS82PKEY returns |p8| as a newly-allocated |EVP_PKEY|, or NULL if the
+// key was unsupported or could not be decoded. If non-NULL, the caller must
+// release the result with |EVP_PKEY_free| when done.
+//
+// Use |EVP_parse_private_key| instead.
+OPENSSL_EXPORT EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8);
-OPENSSL_EXPORT int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
- int version, int ptype, void *pval,
- unsigned char *penc, int penclen);
-OPENSSL_EXPORT int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
- const unsigned char **pk, int *ppklen,
- X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8);
+// EVP_PKEY2PKCS8 encodes |pkey| as a PKCS#8 PrivateKeyInfo (RFC 5208),
+// represented as a newly-allocated |PKCS8_PRIV_KEY_INFO|, or NULL on error. The
+// caller must release the result with |PKCS8_PRIV_KEY_INFO_free| when done.
+//
+// Use |EVP_marshal_private_key| instead.
+OPENSSL_EXPORT PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey);
// X509_PUBKEY_set0_param sets |pub| to a key with AlgorithmIdentifier
// determined by |obj|, |param_type|, and |param_value|, and an encoded
@@ -1877,7 +2547,7 @@
X509_ALGOR *maskHash;
} /* RSA_PSS_PARAMS */;
-DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
+DECLARE_ASN1_FUNCTIONS_const(RSA_PSS_PARAMS)
/*
SSL_CTX -> X509_STORE
@@ -2002,14 +2672,6 @@
#define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
#define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
-// Suite B mode algorithm violation
-#define X509_V_ERR_SUITE_B_INVALID_VERSION 56
-#define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57
-#define X509_V_ERR_SUITE_B_INVALID_CURVE 58
-#define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59
-#define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60
-#define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
-
// Host, email and IP check errors
#define X509_V_ERR_HOSTNAME_MISMATCH 62
#define X509_V_ERR_EMAIL_MISMATCH 63
@@ -2036,9 +2698,9 @@
#define X509_V_FLAG_IGNORE_CRITICAL 0x10
// Does nothing as its functionality has been enabled by default.
#define X509_V_FLAG_X509_STRICT 0x00
-// Enable proxy certificate validation
+// This flag does nothing as proxy certificate support has been removed.
#define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40
-// Enable policy checking
+// Does nothing as its functionality has been enabled by default.
#define X509_V_FLAG_POLICY_CHECK 0x80
// Policy variable require-explicit-policy
#define X509_V_FLAG_EXPLICIT_POLICY 0x100
@@ -2056,12 +2718,6 @@
#define X509_V_FLAG_CHECK_SS_SIGNATURE 0x4000
// Use trusted store first
#define X509_V_FLAG_TRUSTED_FIRST 0x8000
-// Suite B 128 bit only mode: not normally used
-#define X509_V_FLAG_SUITEB_128_LOS_ONLY 0x10000
-// Suite B 192 bit only mode
-#define X509_V_FLAG_SUITEB_192_LOS 0x20000
-// Suite B 128 bit mode allowing 192 bit algorithms
-#define X509_V_FLAG_SUITEB_128_LOS 0x30000
// Allow partial chains if at least one certificate is in trusted store
#define X509_V_FLAG_PARTIAL_CHAIN 0x80000
@@ -2081,11 +2737,6 @@
#define X509_VP_FLAG_LOCKED 0x8
#define X509_VP_FLAG_ONCE 0x10
-// Internal use: mask of policy related options
-#define X509_V_FLAG_POLICY_MASK \
- (X509_V_FLAG_POLICY_CHECK | X509_V_FLAG_EXPLICIT_POLICY | \
- X509_V_FLAG_INHIBIT_ANY | X509_V_FLAG_INHIBIT_MAP)
-
OPENSSL_EXPORT int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h,
int type, X509_NAME *name);
OPENSSL_EXPORT X509_OBJECT *X509_OBJECT_retrieve_by_subject(
@@ -2173,8 +2824,21 @@
OPENSSL_EXPORT void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
OPENSSL_EXPORT int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
X509 *x509, STACK_OF(X509) *chain);
+
+// X509_STORE_CTX_set0_trusted_stack configures |ctx| to trust the certificates
+// in |sk|. |sk| must remain valid for the duration of |ctx|.
+//
+// WARNING: This function differs from most |set0| functions in that it does not
+// take ownership of its input. The caller is required to ensure the lifetimes
+// are consistent.
+OPENSSL_EXPORT void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx,
+ STACK_OF(X509) *sk);
+
+// X509_STORE_CTX_trusted_stack is a deprecated alias for
+// |X509_STORE_CTX_set0_trusted_stack|.
OPENSSL_EXPORT void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx,
STACK_OF(X509) *sk);
+
OPENSSL_EXPORT void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
OPENSSL_EXPORT X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx);
@@ -2209,15 +2873,6 @@
OPENSSL_EXPORT int X509_LOOKUP_init(X509_LOOKUP *ctx);
OPENSSL_EXPORT int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type,
X509_NAME *name, X509_OBJECT *ret);
-OPENSSL_EXPORT int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type,
- X509_NAME *name,
- ASN1_INTEGER *serial,
- X509_OBJECT *ret);
-OPENSSL_EXPORT int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
- unsigned char *bytes, int len,
- X509_OBJECT *ret);
-OPENSSL_EXPORT int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str,
- int len, X509_OBJECT *ret);
OPENSSL_EXPORT int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
#ifndef OPENSSL_NO_STDIO
@@ -2225,14 +2880,6 @@
const char *dir);
OPENSSL_EXPORT int X509_STORE_set_default_paths(X509_STORE *ctx);
#endif
-
-OPENSSL_EXPORT int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
- CRYPTO_EX_unused *unused,
- CRYPTO_EX_dup *dup_unused,
- CRYPTO_EX_free *free_func);
-OPENSSL_EXPORT int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx,
- void *data);
-OPENSSL_EXPORT void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
OPENSSL_EXPORT int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
OPENSSL_EXPORT void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
OPENSSL_EXPORT int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
@@ -2260,13 +2907,12 @@
unsigned long flags);
OPENSSL_EXPORT void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx,
unsigned long flags, time_t t);
+OPENSSL_EXPORT void X509_STORE_CTX_set_time_posix(X509_STORE_CTX *ctx,
+ unsigned long flags,
+ int64_t t);
OPENSSL_EXPORT void X509_STORE_CTX_set_verify_cb(
X509_STORE_CTX *ctx, int (*verify_cb)(int, X509_STORE_CTX *));
-OPENSSL_EXPORT X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(
- X509_STORE_CTX *ctx);
-OPENSSL_EXPORT int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
-
OPENSSL_EXPORT X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(
X509_STORE_CTX *ctx);
OPENSSL_EXPORT void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx,
@@ -2298,10 +2944,12 @@
int depth);
OPENSSL_EXPORT void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param,
time_t t);
+OPENSSL_EXPORT void X509_VERIFY_PARAM_set_time_posix(X509_VERIFY_PARAM *param,
+ int64_t t);
OPENSSL_EXPORT int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
ASN1_OBJECT *policy);
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_policies(
- X509_VERIFY_PARAM *param, STACK_OF(ASN1_OBJECT) *policies);
+ X509_VERIFY_PARAM *param, const STACK_OF(ASN1_OBJECT) *policies);
OPENSSL_EXPORT int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
const char *name,
@@ -2325,43 +2973,8 @@
OPENSSL_EXPORT const char *X509_VERIFY_PARAM_get0_name(
const X509_VERIFY_PARAM *param);
-OPENSSL_EXPORT int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
-OPENSSL_EXPORT int X509_VERIFY_PARAM_get_count(void);
-OPENSSL_EXPORT const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id);
OPENSSL_EXPORT const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(
const char *name);
-OPENSSL_EXPORT void X509_VERIFY_PARAM_table_cleanup(void);
-
-OPENSSL_EXPORT int X509_policy_check(X509_POLICY_TREE **ptree,
- int *pexplicit_policy,
- STACK_OF(X509) *certs,
- STACK_OF(ASN1_OBJECT) *policy_oids,
- unsigned int flags);
-
-OPENSSL_EXPORT void X509_policy_tree_free(X509_POLICY_TREE *tree);
-
-OPENSSL_EXPORT int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
-OPENSSL_EXPORT X509_POLICY_LEVEL *X509_policy_tree_get0_level(
- const X509_POLICY_TREE *tree, int i);
-
-OPENSSL_EXPORT STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(
- const X509_POLICY_TREE *tree);
-
-OPENSSL_EXPORT STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(
- const X509_POLICY_TREE *tree);
-
-OPENSSL_EXPORT int X509_policy_level_node_count(X509_POLICY_LEVEL *level);
-
-OPENSSL_EXPORT X509_POLICY_NODE *X509_policy_level_get0_node(
- X509_POLICY_LEVEL *level, int i);
-
-OPENSSL_EXPORT const ASN1_OBJECT *X509_policy_node_get0_policy(
- const X509_POLICY_NODE *node);
-
-OPENSSL_EXPORT STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(
- const X509_POLICY_NODE *node);
-OPENSSL_EXPORT const X509_POLICY_NODE *X509_policy_node_get0_parent(
- const X509_POLICY_NODE *node);
#if defined(__cplusplus)
@@ -2387,7 +3000,6 @@
BORINGSSL_MAKE_DELETER(X509_NAME, X509_NAME_free)
BORINGSSL_MAKE_DELETER(X509_NAME_ENTRY, X509_NAME_ENTRY_free)
BORINGSSL_MAKE_DELETER(X509_PKEY, X509_PKEY_free)
-BORINGSSL_MAKE_DELETER(X509_POLICY_TREE, X509_policy_tree_free)
BORINGSSL_MAKE_DELETER(X509_PUBKEY, X509_PUBKEY_free)
BORINGSSL_MAKE_DELETER(X509_REQ, X509_REQ_free)
BORINGSSL_MAKE_DELETER(X509_REVOKED, X509_REVOKED_free)
@@ -2446,5 +3058,6 @@
#define X509_R_NO_CERTIFICATE_FOUND 141
#define X509_R_NO_CERTIFICATE_OR_CRL_FOUND 142
#define X509_R_NO_CRL_FOUND 143
+#define X509_R_INVALID_POLICY_EXTENSION 144
-#endif
+#endif // OPENSSL_HEADER_X509_H
diff --git a/sysroots/generic-arm64/usr/include/openssl/x509v3.h b/sysroots/generic-arm64/usr/include/openssl/x509v3.h
index c67dde6..d9c862d 100644
--- a/sysroots/generic-arm64/usr/include/openssl/x509v3.h
+++ b/sysroots/generic-arm64/usr/include/openssl/x509v3.h
@@ -52,8 +52,8 @@
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com). */
-#ifndef HEADER_X509V3_H
-#define HEADER_X509V3_H
+#ifndef OPENSSL_HEADER_X509V3_H
+#define OPENSSL_HEADER_X509V3_H
#include <openssl/bio.h>
#include <openssl/conf.h>
@@ -79,32 +79,38 @@
// Useful typedefs
+typedef struct v3_ext_method X509V3_EXT_METHOD;
+
typedef void *(*X509V3_EXT_NEW)(void);
typedef void (*X509V3_EXT_FREE)(void *);
typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long);
typedef int (*X509V3_EXT_I2D)(void *, unsigned char **);
-typedef STACK_OF(CONF_VALUE) *(*X509V3_EXT_I2V)(
- const struct v3_ext_method *method, void *ext,
- STACK_OF(CONF_VALUE) *extlist);
-typedef void *(*X509V3_EXT_V2I)(const struct v3_ext_method *method,
- struct v3_ext_ctx *ctx,
- STACK_OF(CONF_VALUE) *values);
-typedef char *(*X509V3_EXT_I2S)(const struct v3_ext_method *method, void *ext);
-typedef void *(*X509V3_EXT_S2I)(const struct v3_ext_method *method,
- struct v3_ext_ctx *ctx, const char *str);
-typedef int (*X509V3_EXT_I2R)(const struct v3_ext_method *method, void *ext,
+typedef STACK_OF(CONF_VALUE) *(*X509V3_EXT_I2V)(const X509V3_EXT_METHOD *method,
+ void *ext,
+ STACK_OF(CONF_VALUE) *extlist);
+typedef void *(*X509V3_EXT_V2I)(const X509V3_EXT_METHOD *method,
+ const X509V3_CTX *ctx,
+ const STACK_OF(CONF_VALUE) *values);
+typedef char *(*X509V3_EXT_I2S)(const X509V3_EXT_METHOD *method, void *ext);
+typedef void *(*X509V3_EXT_S2I)(const X509V3_EXT_METHOD *method,
+ const X509V3_CTX *ctx, const char *str);
+typedef int (*X509V3_EXT_I2R)(const X509V3_EXT_METHOD *method, void *ext,
BIO *out, int indent);
-typedef void *(*X509V3_EXT_R2I)(const struct v3_ext_method *method,
- struct v3_ext_ctx *ctx, const char *str);
+typedef void *(*X509V3_EXT_R2I)(const X509V3_EXT_METHOD *method,
+ const X509V3_CTX *ctx, const char *str);
// V3 extension structure
struct v3_ext_method {
int ext_nid;
int ext_flags;
- // If this is set the following four fields are ignored
+
+ // it determines how values of this extension are allocated, released, parsed,
+ // and marshalled. This must be non-NULL.
ASN1_ITEM_EXP *it;
- // Old style ASN1 calls
+
+ // The following functions are ignored in favor of |it|. They are retained in
+ // the struct only for source compatibility with existing struct definitions.
X509V3_EXT_NEW ext_new;
X509V3_EXT_FREE ext_free;
X509V3_EXT_D2I d2i;
@@ -125,32 +131,9 @@
void *usr_data; // Any extension specific data
};
-typedef struct X509V3_CONF_METHOD_st {
- char *(*get_string)(void *db, const char *section, const char *value);
- STACK_OF(CONF_VALUE) *(*get_section)(void *db, const char *section);
- void (*free_string)(void *db, char *string);
- void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
-} X509V3_CONF_METHOD;
-
-// Context specific info
-struct v3_ext_ctx {
-#define CTX_TEST 0x1
- int flags;
- X509 *issuer_cert;
- X509 *subject_cert;
- X509_REQ *subject_req;
- X509_CRL *crl;
- const X509V3_CONF_METHOD *db_meth;
- void *db;
- // Maybe more here
-};
-
-typedef struct v3_ext_method X509V3_EXT_METHOD;
-
DEFINE_STACK_OF(X509V3_EXT_METHOD)
// ext_flags values
-#define X509V3_EXT_DYNAMIC 0x1
#define X509V3_EXT_CTX_DEP 0x2
#define X509V3_EXT_MULTILINE 0x4
@@ -187,7 +170,7 @@
OTHERNAME *otherName; // otherName
ASN1_IA5STRING *rfc822Name;
ASN1_IA5STRING *dNSName;
- ASN1_TYPE *x400Address;
+ ASN1_STRING *x400Address;
X509_NAME *directoryName;
EDIPARTYNAME *ediPartyName;
ASN1_IA5STRING *uniformResourceIdentifier;
@@ -199,7 +182,6 @@
X509_NAME *dirn; // dirn
ASN1_IA5STRING *ia5; // rfc822Name, dNSName, uniformResourceIdentifier
ASN1_OBJECT *rid; // registeredID
- ASN1_TYPE *other; // x400Address
} d;
} GENERAL_NAME;
@@ -318,20 +300,6 @@
ASN1_INTEGER *inhibitPolicyMapping;
} POLICY_CONSTRAINTS;
-// Proxy certificate structures, see RFC 3820
-typedef struct PROXY_POLICY_st {
- ASN1_OBJECT *policyLanguage;
- ASN1_OCTET_STRING *policy;
-} PROXY_POLICY;
-
-typedef struct PROXY_CERT_INFO_EXTENSION_st {
- ASN1_INTEGER *pcPathLengthConstraint;
- PROXY_POLICY *proxyPolicy;
-} PROXY_CERT_INFO_EXTENSION;
-
-DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
-DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
-
struct ISSUING_DIST_POINT_st {
DIST_POINT_NAME *distpoint;
int onlyuser;
@@ -357,30 +325,6 @@
// onlysomereasons present
#define IDP_REASONS 0x40
-#define X509V3_conf_err(val) \
- ERR_add_error_data(6, "section:", (val)->section, ",name:", (val)->name, \
- ",value:", (val)->value);
-
-#define X509V3_set_ctx_test(ctx) \
- X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
-#define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL;
-
-#define EXT_BITSTRING(nid, table) \
- { \
- nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), 0, 0, 0, 0, 0, 0, \
- (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
- (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, NULL, NULL, (void *)(table) \
- }
-
-#define EXT_IA5STRING(nid) \
- { \
- nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), 0, 0, 0, 0, \
- (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
- (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, 0, 0, 0, 0, NULL \
- }
-
-#define EXT_END \
- { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }
// X509_PURPOSE stuff
@@ -397,9 +341,7 @@
#define EXFLAG_INVALID 0x80
#define EXFLAG_SET 0x100
#define EXFLAG_CRITICAL 0x200
-#define EXFLAG_PROXY 0x400
-#define EXFLAG_INVALID_POLICY 0x800
#define EXFLAG_FRESHEST 0x1000
// Self signed
#define EXFLAG_SS 0x2000
@@ -461,28 +403,17 @@
DEFINE_STACK_OF(X509_PURPOSE)
-DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
+DECLARE_ASN1_FUNCTIONS_const(BASIC_CONSTRAINTS)
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
OPENSSL_EXPORT GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a);
-// GENERAL_NAME_cmp returns zero if |a| and |b| are equal and a non-zero
-// value otherwise. Note this function does not provide a comparison suitable
-// for sorting.
-OPENSSL_EXPORT int GENERAL_NAME_cmp(const GENERAL_NAME *a,
- const GENERAL_NAME *b);
-
-
-
-OPENSSL_EXPORT ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *nval);
-OPENSSL_EXPORT STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(
- X509V3_EXT_METHOD *method, ASN1_BIT_STRING *bits,
- STACK_OF(CONF_VALUE) *extlist);
-
// i2v_GENERAL_NAME serializes |gen| as a |CONF_VALUE|. If |ret| is non-NULL, it
// appends the value to |ret| and returns |ret| on success or NULL on error. If
// it returns NULL, the caller is still responsible for freeing |ret|. If |ret|
@@ -493,9 +424,18 @@
// human-readable print functions. If extracting a SAN list from a certificate,
// look at |gen| directly.
OPENSSL_EXPORT STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(
- X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret);
-OPENSSL_EXPORT int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen);
+ const X509V3_EXT_METHOD *method, const GENERAL_NAME *gen,
+ STACK_OF(CONF_VALUE) *ret);
+// GENERAL_NAME_print prints a human-readable representation of |gen| to |out|.
+// It returns one on success and zero on error.
+//
+// TODO(davidben): Actually, it just returns one and doesn't check for I/O or
+// allocation errors. But it should return zero on error.
+OPENSSL_EXPORT int GENERAL_NAME_print(BIO *out, const GENERAL_NAME *gen);
+
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
// i2v_GENERAL_NAMES serializes |gen| as a list of |CONF_VALUE|s. If |ret| is
@@ -508,15 +448,14 @@
// human-readable print functions. If extracting a SAN list from a certificate,
// look at |gen| directly.
OPENSSL_EXPORT STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(
- X509V3_EXT_METHOD *method, GENERAL_NAMES *gen,
+ const X509V3_EXT_METHOD *method, const GENERAL_NAMES *gen,
STACK_OF(CONF_VALUE) *extlist);
-OPENSSL_EXPORT GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *nval);
+OPENSSL_EXPORT GENERAL_NAMES *v2i_GENERAL_NAMES(
+ const X509V3_EXT_METHOD *method, const X509V3_CTX *ctx,
+ const STACK_OF(CONF_VALUE) *nval);
-DECLARE_ASN1_FUNCTIONS(OTHERNAME)
-DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
-OPENSSL_EXPORT int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b);
+DECLARE_ASN1_FUNCTIONS_const(OTHERNAME)
+DECLARE_ASN1_FUNCTIONS_const(EDIPARTYNAME)
OPENSSL_EXPORT void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type,
void *value);
OPENSSL_EXPORT void *GENERAL_NAME_get0_value(const GENERAL_NAME *a, int *ptype);
@@ -527,23 +466,35 @@
ASN1_OBJECT **poid,
ASN1_TYPE **pvalue);
-OPENSSL_EXPORT char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
- const ASN1_OCTET_STRING *ia5);
-OPENSSL_EXPORT ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(
- X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str);
+// i2s_ASN1_OCTET_STRING returns a human-readable representation of |oct| as a
+// newly-allocated, NUL-terminated string, or NULL on error. |method| is
+// ignored. The caller must release the result with |OPENSSL_free| when done.
+OPENSSL_EXPORT char *i2s_ASN1_OCTET_STRING(const X509V3_EXT_METHOD *method,
+ const ASN1_OCTET_STRING *oct);
-DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
+OPENSSL_EXPORT ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(
+ const X509V3_EXT_METHOD *method, const X509V3_CTX *ctx, const char *str);
+
+DECLARE_ASN1_FUNCTIONS_const(EXTENDED_KEY_USAGE)
OPENSSL_EXPORT int i2a_ACCESS_DESCRIPTION(BIO *bp, const ACCESS_DESCRIPTION *a);
-DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
-DECLARE_ASN1_FUNCTIONS(POLICYINFO)
-DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO)
-DECLARE_ASN1_FUNCTIONS(USERNOTICE)
-DECLARE_ASN1_FUNCTIONS(NOTICEREF)
+DECLARE_ASN1_FUNCTIONS_const(CERTIFICATEPOLICIES)
+DECLARE_ASN1_FUNCTIONS_const(POLICYINFO)
+DECLARE_ASN1_FUNCTIONS_const(POLICYQUALINFO)
+DECLARE_ASN1_FUNCTIONS_const(USERNOTICE)
+DECLARE_ASN1_FUNCTIONS_const(NOTICEREF)
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(DIST_POINT)
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
OPENSSL_EXPORT int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn,
@@ -551,7 +502,11 @@
OPENSSL_EXPORT int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc);
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
+// TODO(https://crbug.com/boringssl/407): This is not const because it contains
+// an |X509_NAME|.
DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
DECLARE_ASN1_ITEM(POLICY_MAPPING)
@@ -569,104 +524,184 @@
OPENSSL_EXPORT GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
const X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, int gen_type,
+ const X509V3_CTX *ctx, int gen_type,
const char *value, int is_nc);
OPENSSL_EXPORT GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, CONF_VALUE *cnf);
+ const X509V3_CTX *ctx,
+ const CONF_VALUE *cnf);
OPENSSL_EXPORT GENERAL_NAME *v2i_GENERAL_NAME_ex(
- GENERAL_NAME *out, const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
- CONF_VALUE *cnf, int is_nc);
+ GENERAL_NAME *out, const X509V3_EXT_METHOD *method, const X509V3_CTX *ctx,
+ const CONF_VALUE *cnf, int is_nc);
OPENSSL_EXPORT void X509V3_conf_free(CONF_VALUE *val);
-// X509V3_EXT_conf_nid contains the only exposed instance of an LHASH in our
-// public headers. The |conf| pointer must be NULL but cryptography.io wraps
-// this function so we cannot, yet, replace the type with a dummy struct.
-OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
- X509V3_CTX *ctx, int ext_nid,
- const char *value);
-OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx,
- int ext_nid,
- const char *value);
-OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx,
+// Deprecated config-based extension creation.
+//
+// The following functions allow specifying X.509 extensions using OpenSSL's
+// config file syntax, from the OpenSSL command-line tool. They are retained,
+// for now, for compatibility with legacy software but may be removed in the
+// future. Construct the extensions using the typed C APIs instead.
+//
+// Callers should especially avoid these functions if passing in non-constant
+// values. They use ad-hoc, string-based formats which are prone to injection
+// vulnerabilities. For a CA, this means using them risks misissuance.
+//
+// These functions are not safe to use with untrusted inputs. The string formats
+// may implicitly reference context information and, in OpenSSL (though not
+// BoringSSL), one even allows reading arbitrary files. They additionally see
+// much less testing and review than most of the library and may have bugs
+// including memory leaks or crashes.
+
+// v3_ext_ctx, aka |X509V3_CTX|, contains additional context information for
+// constructing extensions. Some string formats reference additional values in
+// these objects. It must be initialized with |X509V3_set_ctx| or
+// |X509V3_set_ctx_test| before use.
+struct v3_ext_ctx {
+ int flags;
+ const X509 *issuer_cert;
+ const X509 *subject_cert;
+ const X509_REQ *subject_req;
+ const X509_CRL *crl;
+ const CONF *db;
+};
+
+#define X509V3_CTX_TEST 0x1
+
+// X509V3_set_ctx initializes |ctx| with the specified objects. Some string
+// formats will reference fields in these objects. Each object may be NULL to
+// omit it, in which case those formats cannot be used. |flags| should be zero,
+// unless called via |X509V3_set_ctx_test|.
+//
+// |issuer|, |subject|, |req|, and |crl|, if non-NULL, must outlive |ctx|.
+OPENSSL_EXPORT void X509V3_set_ctx(X509V3_CTX *ctx, const X509 *issuer,
+ const X509 *subject, const X509_REQ *req,
+ const X509_CRL *crl, int flags);
+
+// X509V3_set_ctx_test calls |X509V3_set_ctx| without any reference objects and
+// mocks out some features that use them. The resulting extensions may be
+// incomplete and should be discarded. This can be used to partially validate
+// syntax.
+//
+// TODO(davidben): Can we remove this?
+#define X509V3_set_ctx_test(ctx) \
+ X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, X509V3_CTX_TEST)
+
+// X509V3_set_nconf sets |ctx| to use |conf| as the config database. |ctx| must
+// have previously been initialized by |X509V3_set_ctx| or
+// |X509V3_set_ctx_test|. Some string formats will reference sections in |conf|.
+// |conf| may be NULL, in which case these formats cannot be used. If non-NULL,
+// |conf| must outlive |ctx|.
+OPENSSL_EXPORT void X509V3_set_nconf(X509V3_CTX *ctx, const CONF *conf);
+
+// X509V3_set_ctx_nodb calls |X509V3_set_nconf| with no config database.
+#define X509V3_set_ctx_nodb(ctx) X509V3_set_nconf(ctx, NULL)
+
+// X509V3_EXT_nconf constructs an extension of type specified by |name|, and
+// value specified by |value|. It returns a newly-allocated |X509_EXTENSION|
+// object on success, or NULL on error. |conf| and |ctx| specify additional
+// information referenced by some formats. Either |conf| or |ctx| may be NULL,
+// in which case features which use it will be disabled.
+//
+// If non-NULL, |ctx| must be initialized with |X509V3_set_ctx| or
+// |X509V3_set_ctx_test|.
+//
+// Both |conf| and |ctx| provide a |CONF| object. When |ctx| is non-NULL, most
+// features use the |ctx| copy, configured with |X509V3_set_ctx|, but some use
+// |conf|. Callers should ensure the two match to avoid surprisingly behavior.
+OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_nconf(const CONF *conf,
+ const X509V3_CTX *ctx,
const char *name,
const char *value);
-OPENSSL_EXPORT int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx,
+
+// X509V3_EXT_nconf_nid behaves like |X509V3_EXT_nconf|, except the extension
+// type is specified as a NID.
+OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_nconf_nid(const CONF *conf,
+ const X509V3_CTX *ctx,
+ int ext_nid,
+ const char *value);
+
+// X509V3_EXT_conf_nid calls |X509V3_EXT_nconf_nid|. |conf| must be NULL.
+//
+// TODO(davidben): This is the only exposed instance of an LHASH in our public
+// headers. cryptography.io wraps this function so we cannot, yet, replace the
+// type with a dummy struct.
+OPENSSL_EXPORT X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
+ const X509V3_CTX *ctx,
+ int ext_nid,
+ const char *value);
+
+// X509V3_EXT_add_nconf_sk looks up the section named |section| in |conf|. For
+// each |CONF_VALUE| in the section, it constructs an extension as in
+// |X509V3_EXT_nconf|, taking |name| and |value| from the |CONF_VALUE|. Each new
+// extension is appended to |*sk|. If |*sk| is non-NULL, and at least one
+// extension is added, it sets |*sk| to a newly-allocated
+// |STACK_OF(X509_EXTENSION)|. It returns one on success and zero on error.
+OPENSSL_EXPORT int X509V3_EXT_add_nconf_sk(const CONF *conf,
+ const X509V3_CTX *ctx,
const char *section,
STACK_OF(X509_EXTENSION) **sk);
-OPENSSL_EXPORT int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx,
+
+// X509V3_EXT_add_nconf adds extensions to |cert| as in
+// |X509V3_EXT_add_nconf_sk|. It returns one on success and zero on error.
+OPENSSL_EXPORT int X509V3_EXT_add_nconf(const CONF *conf, const X509V3_CTX *ctx,
const char *section, X509 *cert);
-OPENSSL_EXPORT int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx,
+
+// X509V3_EXT_REQ_add_nconf adds extensions to |req| as in
+// |X509V3_EXT_add_nconf_sk|. It returns one on success and zero on error.
+OPENSSL_EXPORT int X509V3_EXT_REQ_add_nconf(const CONF *conf,
+ const X509V3_CTX *ctx,
const char *section, X509_REQ *req);
-OPENSSL_EXPORT int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx,
+
+// X509V3_EXT_CRL_add_nconf adds extensions to |crl| as in
+// |X509V3_EXT_add_nconf_sk|. It returns one on success and zero on error.
+OPENSSL_EXPORT int X509V3_EXT_CRL_add_nconf(const CONF *conf,
+ const X509V3_CTX *ctx,
const char *section, X509_CRL *crl);
-OPENSSL_EXPORT int X509V3_add_value_bool_nf(const char *name, int asn1_bool,
- STACK_OF(CONF_VALUE) **extlist);
-OPENSSL_EXPORT int X509V3_get_value_bool(const CONF_VALUE *value,
- int *asn1_bool);
-OPENSSL_EXPORT int X509V3_get_value_int(const CONF_VALUE *value,
- ASN1_INTEGER **aint);
-OPENSSL_EXPORT void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
-OPENSSL_EXPORT char *X509V3_get_string(X509V3_CTX *ctx, const char *name,
- const char *section);
-OPENSSL_EXPORT STACK_OF(CONF_VALUE) *X509V3_get_section(X509V3_CTX *ctx,
- const char *section);
-OPENSSL_EXPORT void X509V3_string_free(X509V3_CTX *ctx, char *str);
-OPENSSL_EXPORT void X509V3_section_free(X509V3_CTX *ctx,
- STACK_OF(CONF_VALUE) *section);
-OPENSSL_EXPORT void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
- X509_REQ *req, X509_CRL *crl, int flags);
-
-// X509V3_add_value appends a |CONF_VALUE| containing |name| and |value| to
-// |*extlist|. It returns one on success and zero on error. If |*extlist| is
-// NULL, it sets |*extlist| to a newly-allocated |STACK_OF(CONF_VALUE)|
-// containing the result. Either |name| or |value| may be NULL to omit the
-// field.
-//
-// On failure, if |*extlist| was NULL, |*extlist| will remain NULL when the
-// function returns.
-OPENSSL_EXPORT int X509V3_add_value(const char *name, const char *value,
- STACK_OF(CONF_VALUE) **extlist);
-
-// X509V3_add_value_uchar behaves like |X509V3_add_value| but takes an
-// |unsigned char| pointer.
-OPENSSL_EXPORT int X509V3_add_value_uchar(const char *name,
- const unsigned char *value,
- STACK_OF(CONF_VALUE) **extlist);
-
-// X509V3_add_value_bool behaves like |X509V3_add_value| but stores the value
-// "TRUE" if |asn1_bool| is non-zero and "FALSE" otherwise.
-OPENSSL_EXPORT int X509V3_add_value_bool(const char *name, int asn1_bool,
- STACK_OF(CONF_VALUE) **extlist);
-
-// X509V3_add_value_bool behaves like |X509V3_add_value| but stores a string
-// representation of |aint|. Note this string representation may be decimal or
-// hexadecimal, depending on the size of |aint|.
-OPENSSL_EXPORT int X509V3_add_value_int(const char *name,
- const ASN1_INTEGER *aint,
- STACK_OF(CONF_VALUE) **extlist);
-
-OPENSSL_EXPORT char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth,
+OPENSSL_EXPORT char *i2s_ASN1_INTEGER(const X509V3_EXT_METHOD *meth,
const ASN1_INTEGER *aint);
-OPENSSL_EXPORT ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth,
+OPENSSL_EXPORT ASN1_INTEGER *s2i_ASN1_INTEGER(const X509V3_EXT_METHOD *meth,
const char *value);
-OPENSSL_EXPORT char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth,
+OPENSSL_EXPORT char *i2s_ASN1_ENUMERATED(const X509V3_EXT_METHOD *meth,
const ASN1_ENUMERATED *aint);
-OPENSSL_EXPORT char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth,
- const ASN1_ENUMERATED *aint);
-OPENSSL_EXPORT int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
-OPENSSL_EXPORT int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
-OPENSSL_EXPORT int X509V3_EXT_add_alias(int nid_to, int nid_from);
-OPENSSL_EXPORT void X509V3_EXT_cleanup(void);
+
+// X509V3_EXT_add registers |ext| as a custom extension for the extension type
+// |ext->ext_nid|. |ext| must be valid for the remainder of the address space's
+// lifetime. It returns one on success and zero on error.
+//
+// WARNING: This function modifies global state. If other code in the same
+// address space also registers an extension with type |ext->ext_nid|, the two
+// registrations will conflict. Which registration takes effect is undefined. If
+// the two registrations use incompatible in-memory representations, code
+// expecting the other registration will then cast a type to the wrong type,
+// resulting in a potentially exploitable memory error. This conflict can also
+// occur if BoringSSL later adds support for |ext->ext_nid|, with a different
+// in-memory representation than the one expected by |ext|.
+//
+// This function, additionally, is not thread-safe and cannot be called
+// concurrently with any other BoringSSL function.
+//
+// As a result, it is impossible to safely use this function. Registering a
+// custom extension has no impact on certificate verification so, instead,
+// callers should simply handle the custom extension with the byte-based
+// |X509_EXTENSION| APIs directly. Registering |ext| with the library has little
+// practical value.
+OPENSSL_EXPORT OPENSSL_DEPRECATED int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
+
+// X509V3_EXT_add_alias registers a custom extension with NID |nid_to|. The
+// corresponding ASN.1 type is copied from |nid_from|. It returns one on success
+// and zero on error.
+//
+// WARNING: Do not use this function. See |X509V3_EXT_add|.
+OPENSSL_EXPORT OPENSSL_DEPRECATED int X509V3_EXT_add_alias(int nid_to,
+ int nid_from);
OPENSSL_EXPORT const X509V3_EXT_METHOD *X509V3_EXT_get(
const X509_EXTENSION *ext);
OPENSSL_EXPORT const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
OPENSSL_EXPORT int X509V3_add_standard_extensions(void);
-OPENSSL_EXPORT STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
// X509V3_EXT_d2i decodes |ext| and returns a pointer to a newly-allocated
// structure, with type dependent on the type of the extension. It returns NULL
@@ -797,12 +832,13 @@
// hexdump.
#define X509V3_EXT_DUMP_UNKNOWN (3L << 16)
-OPENSSL_EXPORT void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val,
+OPENSSL_EXPORT void X509V3_EXT_val_prn(BIO *out,
+ const STACK_OF(CONF_VALUE) *val,
int indent, int ml);
-OPENSSL_EXPORT int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext,
+OPENSSL_EXPORT int X509V3_EXT_print(BIO *out, const X509_EXTENSION *ext,
unsigned long flag, int indent);
-OPENSSL_EXPORT int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag,
- int indent);
+OPENSSL_EXPORT int X509V3_EXT_print_fp(FILE *out, const X509_EXTENSION *ext,
+ int flag, int indent);
// X509V3_extensions_print prints |title|, followed by a human-readable
// representation of |exts| to |out|. It returns one on success and zero on
@@ -815,7 +851,7 @@
OPENSSL_EXPORT int X509_check_ca(X509 *x);
OPENSSL_EXPORT int X509_check_purpose(X509 *x, int id, int ca);
-OPENSSL_EXPORT int X509_supported_extension(X509_EXTENSION *ex);
+OPENSSL_EXPORT int X509_supported_extension(const X509_EXTENSION *ex);
OPENSSL_EXPORT int X509_PURPOSE_set(int *p, int purpose);
OPENSSL_EXPORT int X509_check_issued(X509 *issuer, X509 *subject);
OPENSSL_EXPORT int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
@@ -912,13 +948,6 @@
OPENSSL_EXPORT ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
OPENSSL_EXPORT ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc);
-OPENSSL_EXPORT int X509V3_NAME_from_section(X509_NAME *nm,
- STACK_OF(CONF_VALUE) *dn_sk,
- unsigned long chtype);
-
-OPENSSL_EXPORT void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node,
- int indent);
-DEFINE_STACK_OF(X509_POLICY_NODE)
// BEGIN ERROR CODES
// The following lines are auto generated by the script mkerr.pl. Any changes
@@ -1015,4 +1044,4 @@
#define X509V3_R_INVALID_VALUE 163
#define X509V3_R_TRAILING_DATA_IN_EXTENSION 164
-#endif
+#endif // OPENSSL_HEADER_X509V3_H
diff --git a/sysroots/generic-arm64/usr/include/trusty/sys/mman.h b/sysroots/generic-arm64/usr/include/trusty/sys/mman.h
index 1c84dd5..00612cc 100644
--- a/sysroots/generic-arm64/usr/include/trusty/sys/mman.h
+++ b/sysroots/generic-arm64/usr/include/trusty/sys/mman.h
@@ -33,6 +33,49 @@
struct dma_pmem* pmem);
int finish_dma(void* uaddr, uint32_t size, uint32_t flags);
+/* Utility Functions */
+
+/**
+ * prepare_input_output_dma() - helper utility for using the prepare_dma
+ * syscall. prepare_dma can only be called once with an address. If the same
+ * buffer is being used for input and output, we should only call prepare_dma
+ * once. This utility will handle address checking, making the prepare_dma
+ * sycall, and filling in the appropriate dma_pmem.
+ *
+ * @input pointer to input buffer
+ * @input_len length of input buffer
+ * @output pointer to output buffer
+ * @output_len length of output buffer
+ * @input_pmem pointer to input dma descriptor
+ * @output_pmem pointer to output dma descriptor
+ *
+ * Returns : LK error code
+ */
+int prepare_input_output_dma(void* input,
+ uint32_t input_len,
+ void* output,
+ uint32_t output_len,
+ struct dma_pmem* input_pmem,
+ struct dma_pmem* output_pmem);
+
+/**
+ * finish_input_output_dma() - helper utility for using the finish_dma
+ * syscalls. Depending on the input/output address, only one prepare_dma might
+ * have been called. This utility handles calling finish_dma with the correct
+ * flags and number of times.
+ *
+ * @input pointer to input buffer
+ * @input_len length of input buffer
+ * @output pointer to output buffer
+ * @output_len length of output buffer
+ *
+ * Returns : LK error code
+ */
+int finish_input_output_dma(void* input,
+ uint32_t input_len,
+ void* output,
+ uint32_t output_len);
+
#ifdef __cplusplus
}
#endif
diff --git a/sysroots/generic-arm64/usr/lib/libboringssl.a b/sysroots/generic-arm64/usr/lib/libboringssl.a
index f1959ee..de011e4 100644
--- a/sysroots/generic-arm64/usr/lib/libboringssl.a
+++ b/sysroots/generic-arm64/usr/lib/libboringssl.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libc-ext.a b/sysroots/generic-arm64/usr/lib/libc-ext.a
index 0ff7530..2b6746c 100644
--- a/sysroots/generic-arm64/usr/lib/libc-ext.a
+++ b/sysroots/generic-arm64/usr/lib/libc-ext.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libc-trusty.a b/sysroots/generic-arm64/usr/lib/libc-trusty.a
index 092aed0..3d93585 100644
--- a/sysroots/generic-arm64/usr/lib/libc-trusty.a
+++ b/sysroots/generic-arm64/usr/lib/libc-trusty.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libclang_rt.builtins-aarch64-android.a b/sysroots/generic-arm64/usr/lib/libclang_rt.builtins-aarch64-android.a
index ccee493..7f97f28 100644
--- a/sysroots/generic-arm64/usr/lib/libclang_rt.builtins-aarch64-android.a
+++ b/sysroots/generic-arm64/usr/lib/libclang_rt.builtins-aarch64-android.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libcxxabi-trusty.a b/sysroots/generic-arm64/usr/lib/libcxxabi-trusty.a
index 9e3841b..84521a6 100644
--- a/sysroots/generic-arm64/usr/lib/libcxxabi-trusty.a
+++ b/sysroots/generic-arm64/usr/lib/libcxxabi-trusty.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libdlmalloc.a b/sysroots/generic-arm64/usr/lib/libdlmalloc.a
index 4db37aa..b42c8ce 100644
--- a/sysroots/generic-arm64/usr/lib/libdlmalloc.a
+++ b/sysroots/generic-arm64/usr/lib/libdlmalloc.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libgoogletest.a b/sysroots/generic-arm64/usr/lib/libgoogletest.a
index 461d7c4..22a3a05 100644
--- a/sysroots/generic-arm64/usr/lib/libgoogletest.a
+++ b/sysroots/generic-arm64/usr/lib/libgoogletest.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libhwaes.a b/sysroots/generic-arm64/usr/lib/libhwaes.a
index aedf271..ff1fdef 100644
--- a/sysroots/generic-arm64/usr/lib/libhwaes.a
+++ b/sysroots/generic-arm64/usr/lib/libhwaes.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libhwkey.a b/sysroots/generic-arm64/usr/lib/libhwkey.a
index 3ff803a..cac3161 100644
--- a/sysroots/generic-arm64/usr/lib/libhwkey.a
+++ b/sysroots/generic-arm64/usr/lib/libhwkey.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libkeymaster.a b/sysroots/generic-arm64/usr/lib/libkeymaster.a
index 3b1950e..ba87f5b 100644
--- a/sysroots/generic-arm64/usr/lib/libkeymaster.a
+++ b/sysroots/generic-arm64/usr/lib/libkeymaster.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/librng.a b/sysroots/generic-arm64/usr/lib/librng.a
index a87c525..8d4c4c6 100644
--- a/sysroots/generic-arm64/usr/lib/librng.a
+++ b/sysroots/generic-arm64/usr/lib/librng.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libscudo.a b/sysroots/generic-arm64/usr/lib/libscudo.a
index 71f2fea..881869e 100644
--- a/sysroots/generic-arm64/usr/lib/libscudo.a
+++ b/sysroots/generic-arm64/usr/lib/libscudo.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libspi_client.a b/sysroots/generic-arm64/usr/lib/libspi_client.a
index e0c6dfa..a68e141 100644
--- a/sysroots/generic-arm64/usr/lib/libspi_client.a
+++ b/sysroots/generic-arm64/usr/lib/libspi_client.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libspi_common.a b/sysroots/generic-arm64/usr/lib/libspi_common.a
index be60bef..b34b924 100644
--- a/sysroots/generic-arm64/usr/lib/libspi_common.a
+++ b/sysroots/generic-arm64/usr/lib/libspi_common.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libstdc++-trusty.a b/sysroots/generic-arm64/usr/lib/libstdc++-trusty.a
index d7292a5..b2d721b 100644
--- a/sysroots/generic-arm64/usr/lib/libstdc++-trusty.a
+++ b/sysroots/generic-arm64/usr/lib/libstdc++-trusty.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libstorage.a b/sysroots/generic-arm64/usr/lib/libstorage.a
index 3fee620..7f7bec5 100644
--- a/sysroots/generic-arm64/usr/lib/libstorage.a
+++ b/sysroots/generic-arm64/usr/lib/libstorage.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libsyscall-stubs.a b/sysroots/generic-arm64/usr/lib/libsyscall-stubs.a
index f70aa3c..8d23b56 100644
--- a/sysroots/generic-arm64/usr/lib/libsyscall-stubs.a
+++ b/sysroots/generic-arm64/usr/lib/libsyscall-stubs.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libsystem_state.a b/sysroots/generic-arm64/usr/lib/libsystem_state.a
index 3777d83..6e93216 100644
--- a/sysroots/generic-arm64/usr/lib/libsystem_state.a
+++ b/sysroots/generic-arm64/usr/lib/libsystem_state.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libtipc.a b/sysroots/generic-arm64/usr/lib/libtipc.a
index 8ae8a6e..8ca61a6 100644
--- a/sysroots/generic-arm64/usr/lib/libtipc.a
+++ b/sysroots/generic-arm64/usr/lib/libtipc.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libubsan.a b/sysroots/generic-arm64/usr/lib/libubsan.a
index 16145e8..8e1a887 100644
--- a/sysroots/generic-arm64/usr/lib/libubsan.a
+++ b/sysroots/generic-arm64/usr/lib/libubsan.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/libunittest.a b/sysroots/generic-arm64/usr/lib/libunittest.a
index 8a70d2b..4cd0c3c 100644
--- a/sysroots/generic-arm64/usr/lib/libunittest.a
+++ b/sysroots/generic-arm64/usr/lib/libunittest.a
Binary files differ
diff --git a/sysroots/generic-arm64/usr/lib/rcrt1.o b/sysroots/generic-arm64/usr/lib/rcrt1.o
index 6400e84..eda38ea 100644
--- a/sysroots/generic-arm64/usr/lib/rcrt1.o
+++ b/sysroots/generic-arm64/usr/lib/rcrt1.o
Binary files differ