A local copy of OpenSSL from GitHub
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

238 lines
7.6 KiB

SERIALIZER: New API for serialization of objects through providers Serialization is needed to be able to take a provider object (such as the provider side key data) and output it in PEM form, DER form, text form (for display), and possibly other future forms (XML? JSON? JWK?) The idea is that a serializer should be able to handle objects it has intimate knowledge of, as well as object data in OSSL_PARAM form. The latter will allow libcrypto to serialize some object with a different provider than the one holding the data, if exporting of that data is allowed and there is a serializer that can handle it. We will provide serializers for the types of objects we know about, which should be useful together with any other provider that provides implementations of the same type of object. Serializers are selected by method name and a couple of additional properties: - format used to tell what format the output should be in. Possibilities could include "format=text", "format=pem", "format=der", "format=pem-pkcs1" (traditional), "format=der-pkcs1" (traditional) - type used to tell exactly what type of data should be output, for example "type=public" (the public part of a key), "type=private" (the private part of a key), "type=domainparams" (domain parameters). This also adds a passphrase callback function type, OSSL_PASSPHRASE_CALLBACK, which is a bit like OSSL_CALLBACK, but it takes a few extra arguments to place the result in. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10394)
3 years ago
  1. /*
  2. * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #ifndef OSSL_INTERNAL_CRYPTLIB_H
  10. # define OSSL_INTERNAL_CRYPTLIB_H
  11. # include <stdlib.h>
  12. # include <string.h>
  13. # ifdef OPENSSL_USE_APPLINK
  14. # define BIO_FLAGS_UPLINK_INTERNAL 0x8000
  15. # include "ms/uplink.h"
  16. # else
  17. # define BIO_FLAGS_UPLINK_INTERNAL 0
  18. # endif
  19. # include <openssl/crypto.h>
  20. # include <openssl/buffer.h>
  21. # include <openssl/bio.h>
  22. # include <openssl/err.h>
  23. # include "internal/nelem.h"
  24. #ifdef NDEBUG
  25. # define ossl_assert(x) ((x) != 0)
  26. #else
  27. __owur static ossl_inline int ossl_assert_int(int expr, const char *exprstr,
  28. const char *file, int line)
  29. {
  30. if (!expr)
  31. OPENSSL_die(exprstr, file, line);
  32. return expr;
  33. }
  34. # define ossl_assert(x) ossl_assert_int((x) != 0, "Assertion failed: "#x, \
  35. __FILE__, __LINE__)
  36. #endif
  37. /*
  38. * Use this inside a union with the field that needs to be aligned to a
  39. * reasonable boundary for the platform. The most pessimistic alignment
  40. * of the listed types will be used by the compiler.
  41. */
  42. # define OSSL_UNION_ALIGN \
  43. double align; \
  44. ossl_uintmax_t align_int; \
  45. void *align_ptr
  46. typedef struct ex_callback_st EX_CALLBACK;
  47. DEFINE_STACK_OF(EX_CALLBACK)
  48. typedef struct mem_st MEM;
  49. DEFINE_LHASH_OF(MEM);
  50. # define OPENSSL_CONF "openssl.cnf"
  51. # ifndef OPENSSL_SYS_VMS
  52. # define X509_CERT_AREA OPENSSLDIR
  53. # define X509_CERT_DIR OPENSSLDIR "/certs"
  54. # define X509_CERT_FILE OPENSSLDIR "/cert.pem"
  55. # define X509_PRIVATE_DIR OPENSSLDIR "/private"
  56. # define CTLOG_FILE OPENSSLDIR "/ct_log_list.cnf"
  57. # else
  58. # define X509_CERT_AREA "OSSL$DATAROOT:[000000]"
  59. # define X509_CERT_DIR "OSSL$DATAROOT:[CERTS]"
  60. # define X509_CERT_FILE "OSSL$DATAROOT:[000000]cert.pem"
  61. # define X509_PRIVATE_DIR "OSSL$DATAROOT:[PRIVATE]"
  62. # define CTLOG_FILE "OSSL$DATAROOT:[000000]ct_log_list.cnf"
  63. # endif
  64. # define X509_CERT_DIR_EVP "SSL_CERT_DIR"
  65. # define X509_CERT_FILE_EVP "SSL_CERT_FILE"
  66. # define CTLOG_FILE_EVP "CTLOG_FILE"
  67. /* size of string representations */
  68. # define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1)
  69. # define HEX_SIZE(type) (sizeof(type)*2)
  70. void OPENSSL_cpuid_setup(void);
  71. #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
  72. defined(__x86_64) || defined(__x86_64__) || \
  73. defined(_M_AMD64) || defined(_M_X64)
  74. extern unsigned int OPENSSL_ia32cap_P[];
  75. #endif
  76. void OPENSSL_showfatal(const char *fmta, ...);
  77. int do_ex_data_init(OPENSSL_CTX *ctx);
  78. void crypto_cleanup_all_ex_data_int(OPENSSL_CTX *ctx);
  79. int openssl_init_fork_handlers(void);
  80. int openssl_get_fork_id(void);
  81. char *ossl_safe_getenv(const char *name);
  82. extern CRYPTO_RWLOCK *memdbg_lock;
  83. int openssl_strerror_r(int errnum, char *buf, size_t buflen);
  84. # if !defined(OPENSSL_NO_STDIO)
  85. FILE *openssl_fopen(const char *filename, const char *mode);
  86. # else
  87. void *openssl_fopen(const char *filename, const char *mode);
  88. # endif
  89. uint32_t OPENSSL_rdtsc(void);
  90. size_t OPENSSL_instrument_bus(unsigned int *, size_t);
  91. size_t OPENSSL_instrument_bus2(unsigned int *, size_t, size_t);
  92. /* ex_data structures */
  93. /*
  94. * Each structure type (sometimes called a class), that supports
  95. * exdata has a stack of callbacks for each instance.
  96. */
  97. struct ex_callback_st {
  98. long argl; /* Arbitrary long */
  99. void *argp; /* Arbitrary void * */
  100. CRYPTO_EX_new *new_func;
  101. CRYPTO_EX_free *free_func;
  102. CRYPTO_EX_dup *dup_func;
  103. };
  104. /*
  105. * The state for each class. This could just be a typedef, but
  106. * a structure allows future changes.
  107. */
  108. typedef struct ex_callbacks_st {
  109. STACK_OF(EX_CALLBACK) *meth;
  110. } EX_CALLBACKS;
  111. typedef struct ossl_ex_data_global_st {
  112. CRYPTO_RWLOCK *ex_data_lock;
  113. EX_CALLBACKS ex_data[CRYPTO_EX_INDEX__COUNT];
  114. } OSSL_EX_DATA_GLOBAL;
  115. /* OPENSSL_CTX */
  116. # define OPENSSL_CTX_PROVIDER_STORE_RUN_ONCE_INDEX 0
  117. # define OPENSSL_CTX_DEFAULT_METHOD_STORE_RUN_ONCE_INDEX 1
  118. # define OPENSSL_CTX_METHOD_STORE_RUN_ONCE_INDEX 2
  119. # define OPENSSL_CTX_MAX_RUN_ONCE 3
  120. # define OPENSSL_CTX_EVP_METHOD_STORE_INDEX 0
  121. # define OPENSSL_CTX_PROVIDER_STORE_INDEX 1
  122. # define OPENSSL_CTX_PROPERTY_DEFN_INDEX 2
  123. # define OPENSSL_CTX_PROPERTY_STRING_INDEX 3
  124. # define OPENSSL_CTX_NAMEMAP_INDEX 4
  125. # define OPENSSL_CTX_DRBG_INDEX 5
  126. # define OPENSSL_CTX_DRBG_NONCE_INDEX 6
  127. # define OPENSSL_CTX_RAND_CRNGT_INDEX 7
  128. # define OPENSSL_CTX_THREAD_EVENT_HANDLER_INDEX 8
  129. # define OPENSSL_CTX_FIPS_PROV_INDEX 9
  130. # define OPENSSL_CTX_SERIALIZER_STORE_INDEX 10
  131. # define OPENSSL_CTX_SELF_TEST_CB_INDEX 11
  132. # define OPENSSL_CTX_MAX_INDEXES 12
  133. typedef struct openssl_ctx_method {
  134. void *(*new_func)(OPENSSL_CTX *ctx);
  135. void (*free_func)(void *);
  136. } OPENSSL_CTX_METHOD;
  137. OPENSSL_CTX *openssl_ctx_get_concrete(OPENSSL_CTX *ctx);
  138. /* Functions to retrieve pointers to data by index */
  139. void *openssl_ctx_get_data(OPENSSL_CTX *, int /* index */,
  140. const OPENSSL_CTX_METHOD * ctx);
  141. void openssl_ctx_default_deinit(void);
  142. OSSL_EX_DATA_GLOBAL *openssl_ctx_get_ex_data_global(OPENSSL_CTX *ctx);
  143. typedef int (openssl_ctx_run_once_fn)(OPENSSL_CTX *ctx);
  144. typedef void (openssl_ctx_onfree_fn)(OPENSSL_CTX *ctx);
  145. int openssl_ctx_run_once(OPENSSL_CTX *ctx, unsigned int idx,
  146. openssl_ctx_run_once_fn run_once_fn);
  147. int openssl_ctx_onfree(OPENSSL_CTX *ctx, openssl_ctx_onfree_fn onfreefn);
  148. OPENSSL_CTX *crypto_ex_data_get_openssl_ctx(const CRYPTO_EX_DATA *ad);
  149. int crypto_new_ex_data_ex(OPENSSL_CTX *ctx, int class_index, void *obj,
  150. CRYPTO_EX_DATA *ad);
  151. int crypto_get_ex_new_index_ex(OPENSSL_CTX *ctx, int class_index,
  152. long argl, void *argp,
  153. CRYPTO_EX_new *new_func,
  154. CRYPTO_EX_dup *dup_func,
  155. CRYPTO_EX_free *free_func);
  156. int crypto_free_ex_index_ex(OPENSSL_CTX *ctx, int class_index, int idx);
  157. /* Function for simple binary search */
  158. /* Flags */
  159. # define OSSL_BSEARCH_VALUE_ON_NOMATCH 0x01
  160. # define OSSL_BSEARCH_FIRST_VALUE_ON_MATCH 0x02
  161. const void *ossl_bsearch(const void *key, const void *base, int num,
  162. int size, int (*cmp) (const void *, const void *),
  163. int flags);
  164. /* system-specific variants defining ossl_sleep() */
  165. #ifdef OPENSSL_SYS_UNIX
  166. # include <unistd.h>
  167. static ossl_inline void ossl_sleep(unsigned long millis)
  168. {
  169. # ifdef OPENSSL_SYS_VXWORKS
  170. struct timespec ts;
  171. ts.tv_sec = (long int) (millis / 1000);
  172. ts.tv_nsec = (long int) (millis % 1000) * 1000000ul;
  173. nanosleep(&ts, NULL);
  174. # else
  175. usleep(millis * 1000);
  176. # endif
  177. }
  178. #elif defined(_WIN32)
  179. # include <windows.h>
  180. static ossl_inline void ossl_sleep(unsigned long millis)
  181. {
  182. Sleep(millis);
  183. }
  184. #else
  185. /* Fallback to a busy wait */
  186. static ossl_inline void ossl_sleep(unsigned long millis)
  187. {
  188. struct timeval start, now;
  189. unsigned long elapsedms;
  190. gettimeofday(&start, NULL);
  191. do {
  192. gettimeofday(&now, NULL);
  193. elapsedms = (((now.tv_sec - start.tv_sec) * 1000000)
  194. + now.tv_usec - start.tv_usec) / 1000;
  195. } while (elapsedms < millis);
  196. }
  197. #endif /* defined OPENSSL_SYS_UNIX */
  198. #endif