libssh
0.11.0
The SSH library
Loading...
Searching...
No Matches
include
libssh
libcrypto.h
1
/*
2
* This file is part of the SSH Library
3
*
4
* Copyright (c) 2009 by Aris Adamantiadis
5
*
6
* This library is free software; you can redistribute it and/or
7
* modify it under the terms of the GNU Lesser General Public
8
* License as published by the Free Software Foundation; either
9
* version 2.1 of the License, or (at your option) any later version.
10
*
11
* This library is distributed in the hope that it will be useful,
12
* but WITHOUT ANY WARRANTY; without even the implied warranty of
13
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14
* Lesser General Public License for more details.
15
*
16
* You should have received a copy of the GNU Lesser General Public
17
* License along with this library; if not, write to the Free Software
18
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19
*/
20
21
#ifndef LIBCRYPTO_H_
22
#define LIBCRYPTO_H_
23
24
#include "config.h"
25
26
#ifdef HAVE_LIBCRYPTO
27
28
#include "libssh/libssh.h"
29
#include <openssl/rsa.h>
30
#include <openssl/sha.h>
31
#include <openssl/md5.h>
32
#include <openssl/hmac.h>
33
#include <openssl/evp.h>
34
#include <openssl/crypto.h>
35
#include <openssl/ec.h>
36
37
typedef
EVP_MD_CTX* SHACTX;
38
typedef
EVP_MD_CTX* SHA256CTX;
39
typedef
EVP_MD_CTX* SHA384CTX;
40
typedef
EVP_MD_CTX* SHA512CTX;
41
typedef
EVP_MD_CTX* MD5CTX;
42
typedef
EVP_MD_CTX* HMACCTX;
43
44
#define SHA_DIGEST_LEN SHA_DIGEST_LENGTH
45
#define SHA256_DIGEST_LEN SHA256_DIGEST_LENGTH
46
#define SHA384_DIGEST_LEN SHA384_DIGEST_LENGTH
47
#define SHA512_DIGEST_LEN SHA512_DIGEST_LENGTH
48
#ifdef MD5_DIGEST_LEN
49
#undef MD5_DIGEST_LEN
50
#endif
51
#define MD5_DIGEST_LEN MD5_DIGEST_LENGTH
52
53
#ifdef HAVE_OPENSSL_ECC
54
#define EVP_DIGEST_LEN EVP_MAX_MD_SIZE
55
#endif
56
57
/* Use ssh_crypto_free() to release memory allocated by bignum_bn2dec(),
58
bignum_bn2hex() and other functions that use crypto-library functions that
59
are documented to allocate memory that needs to be de-allocate with
60
OPENSSL_free. */
61
#define ssh_crypto_free(x) OPENSSL_free(x)
62
63
#include <openssl/bn.h>
64
#include <openssl/opensslv.h>
65
66
typedef
BIGNUM* bignum;
67
typedef
const
BIGNUM* const_bignum;
68
typedef
BN_CTX* bignum_CTX;
69
70
#define bignum_new() BN_new()
71
#define bignum_safe_free(num) do { \
72
if ((num) != NULL) { \
73
BN_clear_free((num)); \
74
(num)=NULL; \
75
} \
76
} while(0)
77
#define bignum_set_word(bn,n) BN_set_word(bn,n)
78
#define bignum_bin2bn(data, datalen, dest) \
79
do { \
80
(*dest) = BN_new(); \
81
if ((*dest) != NULL) { \
82
BN_bin2bn(data,datalen,(*dest)); \
83
} \
84
} while(0)
85
#define bignum_bn2dec(num) BN_bn2dec(num)
86
#define bignum_dec2bn(data, bn) BN_dec2bn(bn, data)
87
#define bignum_hex2bn(data, bn) BN_hex2bn(bn, data)
88
#define bignum_bn2hex(num, dest) (*dest)=(unsigned char *)BN_bn2hex(num)
89
#define bignum_rand(rnd, bits) BN_rand(rnd, bits, 0, 1)
90
#define bignum_rand_range(rnd, max) BN_rand_range(rnd, max)
91
#define bignum_ctx_new() BN_CTX_new()
92
#define bignum_ctx_free(num) BN_CTX_free(num)
93
#define bignum_ctx_invalid(ctx) ((ctx) == NULL)
94
#define bignum_mod_exp(dest,generator,exp,modulo,ctx) BN_mod_exp(dest,generator,exp,modulo,ctx)
95
#define bignum_add(dest, a, b) BN_add(dest, a, b)
96
#define bignum_sub(dest, a, b) BN_sub(dest, a, b)
97
#define bignum_mod(dest, a, b, ctx) BN_mod(dest, a, b, ctx)
98
#define bignum_num_bytes(num) (size_t)BN_num_bytes(num)
99
#define bignum_num_bits(num) (size_t)BN_num_bits(num)
100
#define bignum_is_bit_set(num,bit) BN_is_bit_set(num, (int)bit)
101
#define bignum_bn2bin(num,len, ptr) BN_bn2bin(num, ptr)
102
#define bignum_cmp(num1,num2) BN_cmp(num1,num2)
103
#define bignum_rshift1(dest, src) BN_rshift1(dest, src)
104
#define bignum_dup(orig, dest) do { \
105
if (*(dest) == NULL) { \
106
*(dest) = BN_dup(orig); \
107
} else { \
108
BN_copy(*(dest), orig); \
109
} \
110
} while(0)
111
112
113
/* Returns true if the OpenSSL is operating in FIPS mode */
114
#ifdef HAVE_OPENSSL_FIPS_MODE
115
#define ssh_fips_mode() (FIPS_mode() != 0)
116
#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
117
#define ssh_fips_mode() EVP_default_properties_is_fips_enabled(NULL)
118
#else
119
#define ssh_fips_mode() false
120
#endif
121
122
ssh_string pki_key_make_ecpoint_string(
const
EC_GROUP *g,
const
EC_POINT *p);
123
int
pki_key_ecgroup_name_to_nid(
const
char
*group);
124
#endif
/* HAVE_LIBCRYPTO */
125
126
#endif
/* LIBCRYPTO_H_ */
Generated by
1.11.0