wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

This commit was manufactured by cvs2svn to create branch

Browse source 
'OpenSSL_0_9_7-stable'.
This commit is contained in:
cvs2svn 2002-10-09 13:57:58 +00:00
commit b1d495b2c4
22 changed files with 2502 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1117
crypto/engine/hw_cryptodev.c Normal file
View file

File diff suppressed because it is too large Load diff

4
demos/maurice/.cvsignore Normal file
View file

@ -0,0 +1,4 @@
example1
example2
example3
example4

43
doc/crypto/ASN1_OBJECT_new.pod Normal file
View file

@ -0,0 +1,43 @@
=pod
=head1 NAME
ASN1_OBJECT_new, ASN1_OBJECT_free, - object allocation functions
=head1 SYNOPSIS
ASN1_OBJECT *ASN1_OBJECT_new(void);
void ASN1_OBJECT_free(ASN1_OBJECT *a);
=head1 DESCRIPTION
The ASN1_OBJECT allocation routines, allocate and free an
ASN1_OBJECT structure, which represents an ASN1 OBJECT IDENTIFIER.
ASN1_OBJECT_new() allocates and initializes a ASN1_OBJECT structure.
ASN1_OBJECT_free() frees up the B<ASN1_OBJECT> structure B<a>.
=head1 NOTES
Although ASN1_OBJECT_new() allocates a new ASN1_OBJECT structure it
is almost never used in applications. The ASN1 object utility functions
such as OBJ_nid2obj() are used instead.
=head1 RETURN VALUES
If the allocation fails, ASN1_OBJECT_new() returns B<NULL> and sets an error
code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
Otherwise it returns a pointer to the newly allocated structure.
ASN1_OBJECT_free() returns no value.
=head1 SEE ALSO
L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_ASN1_OBJECT(3)|d2i_ASN1_OBJECT(3)>
=head1 HISTORY
ASN1_OBJECT_new() and ASN1_OBJECT_free() are available in all versions of SSLeay and OpenSSL.
=cut

47
doc/crypto/EVP_PKEY_new.pod Normal file
View file

@ -0,0 +1,47 @@
=pod
=head1 NAME
EVP_PKEY_new, EVP_PKEY_free - private key allocation functions.
=head1 SYNOPSIS
#include <openssl/evp.h>
EVP_PKEY *EVP_PKEY_new(void);
void EVP_PKEY_free(EVP_PKEY *key);
=head1 DESCRIPTION
The EVP_PKEY_new() function allocates an empty B<EVP_PKEY>
structure which is used by OpenSSL to store private keys.
EVP_PKEY_free() frees up the private key B<key>.
=head1 NOTES
The B<EVP_PKEY> structure is used by various OpenSSL functions
which require a general private key without reference to any
particular algorithm.
The structure returned by EVP_PKEY_new() is empty. To add a
private key to this empty structure the functions described in
L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)> should be used.
=head1 RETURN VALUES
EVP_PKEY_new() returns either the newly allocated B<EVP_PKEY>
structure of B<NULL> if an error occurred.
EVP_PKEY_free() does not return a value.
=head1 SEE ALSO
L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)>
=head1 HISTORY
TBA
=cut

80
doc/crypto/EVP_PKEY_set1_RSA.pod Normal file
View file

@ -0,0 +1,80 @@
=pod
=head1 NAME
EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY,
EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY,
EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY,
EVP_PKEY_type - EVP_PKEY assignment functions.
=head1 SYNOPSIS
#include <openssl/evp.h>
int EVP_PKEY_set1_RSA(EVP_PKEY *pkey,RSA *key);
int EVP_PKEY_set1_DSA(EVP_PKEY *pkey,DSA *key);
int EVP_PKEY_set1_DH(EVP_PKEY *pkey,DH *key);
int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey,EC_KEY *key);
RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
int EVP_PKEY_assign_RSA(EVP_PKEY *pkey,RSA *key);
int EVP_PKEY_assign_DSA(EVP_PKEY *pkey,DSA *key);
int EVP_PKEY_assign_DH(EVP_PKEY *pkey,DH *key);
int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey,EC_KEY *key);
int EVP_PKEY_type(int type);
=head1 DESCRIPTION
EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and
EVP_PKEY_set1_EC_KEY() set the key referenced by B<pkey> to B<key>.
EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and
EVP_PKEY_get1_EC_KEY() return the referenced key in B<pkey> or
B<NULL> if the key is not of the correct type.
EVP_PKEY_assign_RSA() EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
and EVP_PKEY_assign_EC_KEY() also set the referenced key to B<key>
however these use the supplied B<key> internally and so B<key>
will be freed when the parent B<pkey> is freed.
EVP_PKEY_type() returns the type of key corresponding to the value
B<type>. The type of a key can be obtained with
EVP_PKEY_type(pkey->type). The return value will be EVP_PKEY_RSA,
EVP_PKEY_DSA, EVP_PKEY_DH or EVP_PKEY_EC for the corresponding
key types or NID_undef if the key type is unassigned.
=head1 NOTES
In accordance with the OpenSSL naming convention the key obtained
from or assigned to the B<pkey> using the B<1> functions must be
freed as well as B<pkey>.
EVP_PKEY_assign_RSA() EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
EVP_PKEY_assign_EC_KEY() are implemented as macros.
=head1 RETURN VALUES
EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and
EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.
EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and
EVP_PKEY_get1_EC_KEY() return the referenced key or B<NULL> if
an error occurred.
EVP_PKEY_assign_RSA() EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
and EVP_PKEY_assign_EC_KEY() return 1 for success and 0 for failure.
=head1 SEE ALSO
L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>
=head1 HISTORY
TBA
=cut

149
doc/crypto/OBJ_nid2obj.pod Normal file
View file

@ -0,0 +1,149 @@
=pod
=head1 NAME
OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid,
OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility
functions
=head1 SYNOPSIS
ASN1_OBJECT * OBJ_nid2obj(int n);
const char * OBJ_nid2ln(int n);
const char * OBJ_nid2sn(int n);
int OBJ_obj2nid(const ASN1_OBJECT *o);
int OBJ_ln2nid(const char *ln);
int OBJ_sn2nid(const char *sn);
int OBJ_txt2nid(const char *s);
ASN1_OBJECT * OBJ_txt2obj(const char *s, int no_name);
int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
int OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b);
ASN1_OBJECT * OBJ_dup(const ASN1_OBJECT *o);
int OBJ_create(const char *oid,const char *sn,const char *ln);
void OBJ_cleanup(void);
=head1 DESCRIPTION
The ASN1 object utility functions process ASN1_OBJECT structures which are
a representation of the ASN1 OBJECT IDENTIFIER (OID) type.
OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B<n> to
an ASN1_OBJECT structure, its long name and its short name respectively,
or B<NULL> is an error occurred.
OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID
for the object B<o>, the long name <ln> or the short name <sn> respectively
or NID_undef if an error occurred.
OBJ_txt2nid() returns NID corresponding to text string <s>. B<s> can be
a long name, a short name or the numerical respresentation of an object.
OBJ_txt2obj() converts the text string B<s> into an ASN1_OBJECT structure.
If B<no_name> is 0 then long names and short names will be interpreted
as well as numerical forms. If B<no_name> is 1 only the numerical form
is acceptable.
OBJ_obj2txt() converts the B<ASN1_OBJECT> B<a> into a textual representation.
The representation is written as a null terminated string to B<buf>
at most B<buf_len> bytes are written, truncating the result if necessary.
The total amount of space required is returned. If B<no_name> is 0 then
if the object has a long or short name then that will be used, otherwise
the numerical form will be used. If B<no_name> is 1 then the numerical
form will always be used.
OBJ_cmp() compares B<a> to B<b>. If the two are identical 0 is returned.
OBJ_dup() returns a copy of B<o>.
OBJ_create() adds a new object to the internal table. B<oid> is the
numerical form of the object, B<sn> the short name and B<ln> the
long name. A new NID is returned for the created object.
OBJ_cleanup() cleans up OpenSSLs internal object table: this should
be called before an application exits if any new objects were added
using OBJ_create().
=head1 NOTES
Objects in OpenSSL can have a short name, a long name and a numerical
identifier (NID) associated with them. A standard set of objects is
represented in an internal table. The appropriate values are defined
in the header file B<objects.h>.
For example the OID for commonName has the following definitions:
#define SN_commonName "CN"
#define LN_commonName "commonName"
#define NID_commonName 13
New objects can be added by calling OBJ_create().
Table objects have certain advantages over other objects: for example
their NIDs can be used in a C language switch statement. They are
also static constant structures which are shared: that is there
is only a single constant structure for each table object.
Objects which are not in the table have the NID value NID_undef.
Objects do not need to be in the internal tables to be processed,
the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical
form of an OID.
=head1 EXAMPLES
Create an object for B<commonName>:
ASN1_OBJECT *o;
o = OBJ_nid2obj(NID_commonName);
Check is an object is B<commonName>
if (OBJ_obj2nid(obj) == NID_commonName)
/* Do something */
Create a new NID and initialize an object from it:
int new_nid;
ASN1_OBJECT *obj;
new_nid = OBJ_create("1.2.3.4", "NewOID", "New Object Identifier");
obj = OBJ_nid2obj(new_nid);
Create a new object directly:
obj = OBJ_txt2obj("1.2.3.4", 1);
=head1 BUGS
OBJ_obj2txt() is awkward and messy to use: it doesn't follow the
convention of other OpenSSL functions where the buffer can be set
to B<NULL> to determine the amount of data that should be written.
Instead B<buf> must point to a valid buffer and B<buf_len> should
be set to a positive value. A buffer length of 80 should be more
than enough to handle any OID encountered in practice.
=head1 RETURN VALUES
OBJ_nid2obj() returns an ASN1_OBJECT structure or B<NULL> is an
error occurred.
OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or B<NULL>
on error.
OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return
a NID or NID_undef on error.
=head1 SEE ALSO
L<ERR_get_error(3)|ERR_get_error(3)>
=head1 HISTORY
TBA
=cut

50
doc/crypto/PKCS12_parse.pod Normal file
View file

@ -0,0 +1,50 @@
=pod
=head1 NAME
PKCS12_parse - parse a PKCS#12 structure
=head1 SYNOPSIS
#include <openssl/pkcs12.h>
int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);
=head1 DESCRIPTION
PKCS12_parse() parses a PKCS12 structure.
B<p12> is the B<PKCS12> structure to parse. B<pass> is the passphrase to use.
If successful the private key will be written to B<*pkey>, the corresponding
certificate to B<*cert> and any additional certificates to B<*ca>.
=head1 NOTES
The parameters B<pkey> and B<cert> cannot be B<NULL>. B<ca> can be <NULL>
in which case additional certificates will be discarded. B<*ca> can also
be a valid STACK in which case additional certificates are appended to
B<*ca>. If B<*ca> is B<NULL> a new STACK will be allocated.
The B<friendlyName> and B<localKeyID> attributes (if present) on each certificate
will be stored in the B<alias> and B<keyid> attributes of the B<X509> structure.
=head1 BUGS
Only a single private key and corresponding certificate is returned by this function.
More complex PKCS#12 files with multiple private keys will only return the first
match.
Only B<friendlyName> and B<localKeyID> attributes are currently stored in certificates.
Other attributes are discarded.
Attributes currently cannot be store in the private key B<EVP_PKEY> structure.
=head1 SEE ALSO
L<d2i_PKCS12(3)|d2i_PKCS12(3)>
=head1 HISTORY
PKCS12_parse was added in OpenSSL 0.9.3
=cut

53
doc/crypto/PKCS7_decrypt.pod Normal file
View file

@ -0,0 +1,53 @@
=pod
=head1 NAME
PKCS7_decrypt - decrypt content from a PKCS#7 envelopedData structure
=head1 SYNOPSIS
int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
=head1 DESCRIPTION
PKCS7_decrypt() extracts and decrypts the content from a PKCS#7 envelopedData
structure. B<pkey> is the private key of the recipient, B<cert> is the
recipients certificate, B<data> is a BIO to write the content to and
B<flags> is an optional set of flags.
=head1 NOTES
OpenSSL_add_all_algorithms() (or equivalent) should be called before using this
function or errors about unknown algorithms will occur.
Although the recipients certificate is not needed to decrypt the data it is needed
to locate the appropriate (of possible several) recipients in the PKCS#7 structure.
The following flags can be passed in the B<flags> parameter.
If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are deleted
from the content. If the content is not of type B<text/plain> then an error is
returned.
=head1 RETURN VALUES
PKCS7_decrypt() returns either 1 for success or 0 for failure.
The error can be obtained from ERR_get_error(3)
=head1 BUGS
PKCS7_decrypt() must be passed the correct recipient key and certificate. It would
be better if it could look up the correct key and certificate from a database.
The lack of single pass processing and need to hold all data in memory as
mentioned in PKCS7_sign() also applies to PKCS7_verify().
=head1 SEE ALSO
L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
=head1 HISTORY
PKCS7_decrypt() was added to OpenSSL 0.9.5
=cut

65
doc/crypto/PKCS7_encrypt.pod Normal file
View file

@ -0,0 +1,65 @@
=pod
=head1 NAME
PKCS7_encrypt - create a PKCS#7 envelopedData structure
=head1 SYNOPSIS
PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags);
=head1 DESCRIPTION
PKCS7_encrypt() creates and returns a PKCS#7 envelopedData structure. B<certs>
is a list of recipient certificates. B<in> is the content to be encrypted.
B<cipher> is the symmetric cipher to use. B<flags> is an optional set of flags.
=head1 NOTES
Only RSA keys are supported in PKCS#7 and envelopedData so the recipient certificates
supplied to this function must all contain RSA public keys, though they do not have to
be signed using the RSA algorithm.
EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use because
most clients will support it.
Some old "export grade" clients may only support weak encryption using 40 or 64 bit
RC2. These can be used by passing EVP_rc2_40_cbc() and EVP_rc2_64_cbc() respectively.
The algorithm passed in the B<cipher> parameter must support ASN1 encoding of its
parameters.
Many browsers implement a "sign and encrypt" option which is simply an S/MIME
envelopedData containing an S/MIME signed message. This can be readily produced
by storing the S/MIME signed message in a memory BIO and passing it to
PKCS7_encrypt().
The following flags can be passed in the B<flags> parameter.
If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended
to the data.
Normally the supplied content is translated into MIME canonical format (as required
by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation occurs. This
option should be used if the supplied data is in binary format otherwise the translation
will corrupt it. If B<PKCS7_BINARY> is set then B<PKCS7_TEXT> is ignored.
=head1 RETURN VALUES
PKCS7_encrypt() returns either a valid PKCS7 structure or NULL if an error occurred.
The error can be obtained from ERR_get_error(3).
=head1 BUGS
The lack of single pass processing and need to hold all data in memory as
mentioned in PKCS7_sign() also applies to PKCS7_verify().
=head1 SEE ALSO
L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
=head1 HISTORY
PKCS7_decrypt() was added to OpenSSL 0.9.5
=cut

85
doc/crypto/PKCS7_sign.pod Normal file
View file

@ -0,0 +1,85 @@
=pod
=head1 NAME
PKCS7_sign - create a PKCS#7 signedData structure
=head1 SYNOPSIS
PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags);
=head1 DESCRIPTION
PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert>
is the certificate to sign with, B<pkey> is the corresponsding private key.
B<certs> is an optional additional set of certificates to include in the
PKCS#7 structure (for example any intermediate CAs in the chain).
The data to be signed is read from BIO B<data>.
B<flags> is an optional set of flags.
=head1 NOTES
Any of the following flags (ored together) can be passed in the B<flags> parameter.
Many S/MIME clients expect the signed content to include valid MIME headers. If
the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended
to the data.
If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
PKCS7 structure, the signer's certificate must still be supplied in the B<signcert>
parameter though. This can reduce the size of the signature if the signers certificate
can be obtained by other means: for example a previously signed message.
The data being signed is included in the PKCS7 structure, unless B<PKCS7_DETACHED>
is set in which case it is omitted. This is used for PKCS7 detached signatures
which are used in S/MIME plaintext signed messages for example.
Normally the supplied content is translated into MIME canonical format (as required
by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation occurs. This
option should be used if the supplied data is in binary format otherwise the translation
will corrupt it.
The signedData structure includes several PKCS#7 autenticatedAttributes including
the signing time, the PKCS#7 content type and the supported list of ciphers in
an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no authenticatedAttributes
will be used. If B<PKCS7_NOSMIMECAP> is set then just the SMIMECapabilities are
omitted.
If present the SMIMECapabilities attribute indicates support for the following
algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any
of these algorithms is disabled then it will not be included.
=head1 BUGS
PKCS7_sign() is somewhat limited. It does not support multiple signers, some
advanced attributes such as counter signatures are not supported.
The SHA1 digest algorithm is currently always used.
When the signed data is not detached it will be stored in memory within the
B<PKCS7> structure. This effectively limits the size of messages which can be
signed due to memory restraints. There should be a way to sign data without
having to hold it all in memory, this would however require fairly major
revisions of the OpenSSL ASN1 code.
Clear text signing does not store the content in memory but the way PKCS7_sign()
operates means that two passes of the data must typically be made: one to compute
the signatures and a second to output the data along with the signature. There
should be a way to process the data with only a single pass.
=head1 RETURN VALUES
PKCS7_sign() returns either a valid PKCS7 structure or NULL if an error occurred.
The error can be obtained from ERR_get_error(3).
=head1 SEE ALSO
L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_verify(3)|PKCS7_verify(3)>
=head1 HISTORY
PKCS7_sign() was added to OpenSSL 0.9.5
=cut

116
doc/crypto/PKCS7_verify.pod Normal file
View file

@ -0,0 +1,116 @@
=pod
=head1 NAME
PKCS7_verify - verify a PKCS#7 signedData structure
=head1 SYNOPSIS
int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags);
int PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
=head1 DESCRIPTION
PKCS7_verify() verifies a PKCS#7 signedData structure. B<p7> is the PKCS7
structure to verify. B<certs> is a set of certificates in which to search for
the signer's certificate. B<store> is a trusted certficate store (used for
chain verification). B<indata> is the signed data if the content is not
present in B<p7> (that is it is detached). The content is written to B<out>
if it is not NULL.
B<flags> is an optional set of flags, which can be used to modify the verify
operation.
PKCS7_get0_signers() retrieves the signer's certificates from B<p7>, it does
B<not> check their validity or whether any signatures are valid. The B<certs>
and B<flags> parameters have the same meanings as in PKCS7_verify().
=head1 VERIFY PROCESS
Normally the verify process proceeds as follows.
Initially some sanity checks are performed on B<p7>. The type of B<p7> must
be signedData. There must be at least one signature on the data and if
the content is detached B<indata> cannot be B<NULL>.
An attempt is made to locate all the signer's certificates, first looking in
the B<certs> parameter (if it is not B<NULL>) and then looking in any certificates
contained in the B<p7> structure itself. If any signer's certificates cannot be
located the operation fails.
Each signer's certificate is chain verified using the B<smimesign> purpose and
the supplied trusted certificate store. Any internal certificates in the message
are used as untrusted CAs. If any chain verify fails an error code is returned.
Finally the signed content is read (and written to B<out> is it is not NULL) and
the signature's checked.
If all signature's verify correctly then the function is successful.
Any of the following flags (ored together) can be passed in the B<flags> parameter
to change the default verify behaviour. Only the flag B<PKCS7_NOINTERN> is
meaningful to PKCS7_get0_signers().
If B<PKCS7_NOINTERN> is set the certificates in the message itself are not
searched when locating the signer's certificate. This means that all the signers
certificates must be in the B<certs> parameter.
If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are deleted
from the content. If the content is not of type B<text/plain> then an error is
returned.
If B<PKCS7_NOVERIFY> is set the signer's certificates are not chain verified.
If B<PKCS7_NOCHAIN> is set then the certificates contained in the message are
not used as untrusted CAs. This means that the whole verify chain (apart from
the signer's certificate) must be contained in the trusted store.
If B<PKCS7_NOSIGS> is set then the signatures on the data are not checked.
=head1 NOTES
One application of B<PKCS7_NOINTERN> is to only accept messages signed by
a small number of certificates. The acceptable certificates would be passed
in the B<certs> parameter. In this case if the signer is not one of the
certificates supplied in B<certs> then the verify will fail because the
signer cannot be found.
Care should be taken when modifying the default verify behaviour, for example
setting B<PKCS7_NOVERIFY|PKCS7_NOSIGS> will totally disable all verification
and any signed message will be considered valid. This combination is however
useful if one merely wishes to write the content to B<out> and its validity
is not considered important.
Chain verification should arguably be performed using the signing time rather
than the current time. However since the signing time is supplied by the
signer it cannot be trusted without additional evidence (such as a trusted
timestamp).
=head1 RETURN VALUES
PKCS7_verify() returns 1 for a successful verification and zero or a negative
value if an error occurs.
PKCS7_get0_signers() returns all signers or B<NULL> if an error occurred.
The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
=head1 BUGS
The trusted certificate store is not searched for the signers certificate,
this is primarily due to the inadequacies of the current B<X509_STORE>
functionality.
The lack of single pass processing and need to hold all data in memory as
mentioned in PKCS7_sign() also applies to PKCS7_verify().
=head1 SEE ALSO
L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>
=head1 HISTORY
PKCS7_verify() was added to OpenSSL 0.9.5
=cut

71
doc/crypto/SMIME_read_PKCS7.pod Normal file
View file

@ -0,0 +1,71 @@
=pod
=head1 NAME
SMIME_read_PKCS7 - parse S/MIME message.
=head1 SYNOPSIS
PKCS7 *SMIME_read_PKCS7(BIO *in, BIO **bcont);
=head1 DESCRIPTION
SMIME_read_PKCS7() parses a message in S/MIME format.
B<in> is a BIO to read the message from.
If cleartext signing is used then the content is saved in
a memory bio which is written to B<*bcont>, otherwise
B<*bcont> is set to B<NULL>.
The parsed PKCS#7 structure is returned or B<NULL> if an
error occurred.
=head1 NOTES
If B<*bcont> is not B<NULL> then the message is clear text
signed. B<*bcont> can then be passed to PKCS7_verify() with
the B<PKCS7_DETACHED> flag set.
Otherwise the type of the returned structure can be determined
using PKCS7_type().
To support future functionality if B<bcont> is not B<NULL>
B<*bcont> should be initialized to B<NULL>. For example:
BIO *cont = NULL;
PKCS7 *p7;
p7 = SMIME_read_PKCS7(in, &cont);
=head1 BUGS
The MIME parser used by SMIME_read_PKCS7() is somewhat primitive.
While it will handle most S/MIME messages more complex compound
formats may not work.
The parser assumes that the PKCS7 structure is always base64
encoded and will not handle the case where it is in binary format
or uses quoted printable format.
The use of a memory BIO to hold the signed content limits the size
of message which can be processed due to memory restraints: a
streaming single pass option should be available.
=head1 RETURN VALUES
SMIME_read_PKCS7() returns a valid B<PKCS7> structure or B<NULL>
is an error occurred. The error can be obtained from ERR_get_error(3).
=head1 SEE ALSO
L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_type(3)|PKCS7_type(3)>
L<SMIME_read_PKCS7(3)|SMIME_read_PKCS7(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
=head1 HISTORY
SMIME_read_PKCS7() was added to OpenSSL 0.9.5
=cut

59
doc/crypto/SMIME_write_PKCS7.pod Normal file
View file

@ -0,0 +1,59 @@
=pod
=head1 NAME
SMIME_write_PKCS7 - convert PKCS#7 structure to S/MIME format.
=head1 SYNOPSIS
int SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags);
=head1 DESCRIPTION
SMIME_write_PKCS7() adds the appropriate MIME headers to a PKCS#7
structure to produce an S/MIME message.
B<out> is the BIO to write the data to. B<p7> is the appropriate
B<PKCS7> structure. If cleartext signing (B<multipart/signed) is
being used then the signed data must be supplied in the B<data>
argument. B<flags> is an optional set of flags.
=head1 NOTES
The following flags can be passed in the B<flags> parameter.
If B<PKCS7_DETACHED> is set then cleartext signing will be used,
this option only makes sense for signedData where B<PKCS7_DETACHED>
is also set when PKCS7_sign() is also called.
If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain>
are added to the content, this only makes sense if B<PKCS7_DETACHED>
is also set.
If cleartext signing is being used then the data must be read twice:
once to compute the signature in PKCS7_sign() and once to output the
S/MIME message.
=head1 BUGS
SMIME_write_PKCS7() always base64 encodes PKCS#7 structures, there
should be an option to disable this.
There should really be a way to produce cleartext signing using only
a single pass of the data.
=head1 RETURN VALUES
SMIME_write_PKCS7() returns 1 for success or 0 for failure.
=head1 SEE ALSO
L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
=head1 HISTORY
SMIME_write_PKCS7() was added to OpenSSL 0.9.5
=cut

37
doc/crypto/X509_new.pod Normal file
View file

@ -0,0 +1,37 @@
=pod
=head1 NAME
X509_new, X509_free, - X509 certificate ASN1 allocation functions
=head1 SYNOPSIS
X509 *X509_new(void);
void X509_free(X509 *a);
=head1 DESCRIPTION
The X509 ASN1 allocation routines, allocate and free an
X509 structure, which represents an X509 certificate.
X509_new() allocates and initializes a X509 structure.
X509_free() frees up the B<X509> structure B<a>.
=head1 RETURN VALUES
If the allocation fails, X509_new() returns B<NULL> and sets an error
code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
Otherwise it returns a pointer to the newly allocated structure.
X509_free() returns no value.
=head1 SEE ALSO
L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509(3)|d2i_X509(3)>
=head1 HISTORY
X509_new() and X509_free() are available in all versions of SSLeay and OpenSSL.
=cut

29
doc/crypto/d2i_ASN1_OBJECT.pod Normal file
View file

@ -0,0 +1,29 @@
=pod
=head1 NAME
d2i_ASN1_OBJECT, i2d_ASN1_OBJECT - ASN1 OBJECT IDENTIFIER functions
=head1 SYNOPSIS
#include <openssl/objects.h>
ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, long length);
int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp);
=head1 DESCRIPTION
These functions decode and encode an ASN1 OBJECT IDENTIFIER.
Othewise these behave in a similar way to d2i_X509() and i2d_X509()
described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
=head1 SEE ALSO
L<d2i_X509(3)|d2i_X509(3)>
=head1 HISTORY
TBA
=cut

82
doc/crypto/d2i_DSAPublicKey.pod Normal file
View file

@ -0,0 +1,82 @@
=pod
=head1 NAME
d2i_DSAPublicKey, i2d_DSAPublicKey, d2i_DSAPrivateKey, i2d_DSAPrivateKey,
d2i_DSA_PUBKEY, i2d_DSA_PUBKEY, d2i_DSA_SIG, i2d_DSA_SIG - DSA key encoding
and parsing functions.
=head1 SYNOPSIS
#include <openssl/dsa.h>
DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
DSA * d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length);
int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp);
DSA * d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
DSA * d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
int i2d_DSAparams(const DSA *a, unsigned char **pp);
DSA * d2i_DSA_SIG(DSA_SIG **a, const unsigned char **pp, long length);
int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
=head1 DESCRIPTION
d2i_DSAPublicKey() and i2d_DSAPublicKey() decode and encode the DSA public key
components structure.
d2i_DSA_PUKEY() and i2d_DSA_PUKEY() decode and encode an DSA public key using a
SubjectPublicKeyInfo (certificate public key) structure.
d2i_DSAPrivateKey(), i2d_DSAPrivateKey() decode and encode the DSA private key
components.
d2i_DSAparams(), i2d_DSAparams() decode and encode the DSA parameters using
a B<Dss-Parms> structure as defined in RFC2459.
d2i_DSA_SIG(), i2d_DSA_SIG() decode and encode a DSA signature using a
B<Dss-Sig-Value> structure as defined in RFC2459.
The usage of all of these functions is similar to the d2i_X509() and
i2d_X509() described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
=head1 NOTES
The B<DSA> structure passed to the private key encoding functions should have
all the private key components present.
The data encoded by the private key functions is unencrypted and therefore
offers no private key security.
The B<DSA_PUBKEY> functions should be used in preference to the B<DSAPublicKey>
functions when encoding public keys because they use a standard format.
The B<DSAPublicKey> functions use an non standard format the actual data encoded
depends on the value of the B<write_params> field of the B<a> key parameter.
If B<write_params> is zero then only the B<pub_key> field is encoded as an
B<INTEGER>. If B<write_params> is 1 then a B<SEQUENCE> consisting of the
B<p>, B<q>, B<g> and B<pub_key> respectively fields are encoded.
The B<DSAPrivateKey> functions also use a non standard structure consiting
consisting of a SEQUENCE containing the B<p>, B<q>, B<g> and B<pub_key> and
B<priv_key> fields respectively.
=head1 SEE ALSO
L<d2i_X509(3)|d2i_X509(3)>
=head1 HISTORY
TBA
=cut

56
doc/crypto/d2i_PKCS8PrivateKey.pod Normal file
View file

@ -0,0 +1,56 @@
=pod
=head1 NAME
d2i_PKCS8PrivateKey_bio, d2i_PKCS8PrivateKey_fp,
i2d_PKCS8PrivateKey_bio, i2d_PKCS8PrivateKey_fp,
i2d_PKCS8PrivateKey_nid_bio, i2d_PKCS8PrivateKey_nid_fp - PKCS#8 format private key functions
=head1 SYNOPSIS
#include <openssl/evp.h>
EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u);
EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u);
int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
char *kstr, int klen,
pem_password_cb *cb, void *u);
int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
char *kstr, int klen,
pem_password_cb *cb, void *u);
int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
char *kstr, int klen,
pem_password_cb *cb, void *u);
int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
char *kstr, int klen,
pem_password_cb *cb, void *u);
=head1 DESCRIPTION
The PKCS#8 functions encode and decode private keys in PKCS#8 format using both
PKCS#5 v1.5 and PKCS#5 v2.0 password based encryption algorithms.
Other than the use of DER as opposed to PEM these functions are identical to the
corresponding B<PEM> function as described in the L<pem(3)|pem(3)> manual page.
=head1 NOTES
Before using these functions L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>
should be called to initialize the internal algorithm lookup tables otherwise errors about
unknown algorithms will occur if an attempt is made to decrypt a private key.
These functions are currently the only way to store encrypted private keys using DER format.
Currently all the functions use BIOs or FILE pointers, there are no functions which
work directly on memory: this can be readily worked around by converting the buffers
to memory BIOs, see L<BIO_s_mem(3)|BIO_s_mem(3)> for details.
=head1 SEE ALSO
L<pem(3)|pem(3)>
=cut

226
doc/crypto/d2i_X509.pod Normal file
View file

@ -0,0 +1,226 @@
=pod
=head1 NAME
d2i_X509, i2d_X509, d2i_X509_bio, d2i_X509_fp, i2d_X509_bio,
i2d_X509_fp - X509 encode and decode functions
=head1 SYNOPSIS
#include <openssl/x509.h>
X509 *d2i_X509(X509 **px, unsigned char **in, int len);
int i2d_X509(X509 *x, unsigned char **out);
X509 *d2i_X509_bio(BIO *bp, X509 **x);
X509 *d2i_X509_fp(FILE *fp, X509 **x);
int i2d_X509_bio(X509 *x, BIO *bp);
int i2d_X509_fp(X509 *x, FILE *fp);
=head1 DESCRIPTION
The X509 encode and decode routines encode and parse an
B<X509> structure, which represents an X509 certificate.
d2i_X509() attempts to decode B<len> bytes at B<*out>. If
successful a pointer to the B<X509> structure is returned. If an error
occurred then B<NULL> is returned. If B<px> is not B<NULL> then the
returned structure is written to B<*px>. If B<*px> is not B<NULL>
then it is assumed that B<*px> contains a valid B<X509>
structure and an attempt is made to reuse it. If the call is
successful B<*out> is incremented to the byte following the
parsed data.
i2d_X509() encodes the structure pointed to by B<x> into DER format.
If B<out> is not B<NULL> is writes the DER encoded data to the buffer
at B<*out>, and increments it to point after the data just written.
If the return value is negative an error occurred, otherwise it
returns the length of the encoded data.
For OpenSSL 0.9.7 and later if B<*out> is B<NULL> memory will be
allocated for a buffer and the encoded data written to it. In this
case B<*out> is not incremented and it points to the start of the
data just written.
d2i_X509_bio() is similar to d2i_X509() except it attempts
to parse data from BIO B<bp>.
d2i_X509_fp() is similar to d2i_X509() except it attempts
to parse data from FILE pointer B<fp>.
i2d_X509_bio() is similar to i2d_X509() except it writes
the encoding of the structure B<x> to BIO B<bp>.
i2d_X509_fp() is similar to i2d_X509() except it writes
the encoding of the structure B<x> to BIO B<bp>.
=head1 NOTES
The letters B<i> and B<d> in for example B<i2d_X509> stand for
"internal" (that is an internal C structure) and "DER". So that
B<i2d_X509> converts from internal to DER.
The functions can also understand B<BER> forms.
The actual X509 structure passed to i2d_X509() must be a valid
populated B<X509> structure it can B<not> simply be fed with an
empty structure such as that returned by X509_new().
The encoded data is in binary form and may contain embedded zeroes.
Therefore any FILE pointers or BIOs should be opened in binary mode.
Functions such as B<strlen()> will B<not> return the correct length
of the encoded structure.
The ways that B<*in> and B<*out> are incremented after the operation
can trap the unwary. See the B<WARNINGS> section for some common
errors.
The reason for the auto increment behaviour is to reflect a typical
usage of ASN1 functions: after one structure is encoded or decoded
another will processed after it.
=head1 EXAMPLES
Allocate and encode the DER encoding of an X509 structure:
int len;
unsigned char *buf, *p;
len = i2d_X509(x, NULL);
buf = OPENSSL_malloc(len);
if (buf == NULL)
/* error */
p = buf;
i2d_X509(x, &p);
If you are using OpenSSL 0.9.7 or later then this can be
simplified to:
int len;
unsigned char *buf;
buf = NULL;
len = i2d_X509(x, &buf);
if (len < 0)
/* error */
Attempt to decode a buffer:
X509 *x;
unsigned char *buf, *p;
int len;
/* Something to setup buf and len */
p = buf;
x = d2i_X509(NULL, &p, len);
if (x == NULL)
/* Some error */
Alternative technique:
X509 *x;
unsigned char *buf, *p;
int len;
/* Something to setup buf and len */
p = buf;
x = NULL;
if(!d2i_X509(&x, &p, len))
/* Some error */
=head1 WARNINGS
The use of temporary variable is mandatory. A common
mistake is to attempt to use a buffer directly as follows:
int len;
unsigned char *buf;
len = i2d_X509(x, NULL);
buf = OPENSSL_malloc(len);
if (buf == NULL)
/* error */
i2d_X509(x, &buf);
/* Other stuff ... */
OPENSSL_free(buf);
This code will result in B<buf> apparently containing garbage because
it was incremented after the call to point after the data just written.
Also B<buf> will no longer contain the pointer allocated by B<OPENSSL_malloc()>
and the subsequent call to B<OPENSSL_free()> may well crash.
The auto allocation feature (setting buf to NULL) only works on OpenSSL
0.9.7 and later. Attempts to use it on earlier versions will typically
cause a segmentation violation.
Another trap to avoid is misuse of the B<xp> argument to B<d2i_X509()>:
X509 *x;
if (!d2i_X509(&x, &p, len))
/* Some error */
This will probably crash somewhere in B<d2i_X509()>. The reason for this
is that the variable B<x> is uninitialized and an attempt will be made to
interpret its (invalid) value as an B<X509> structure, typically causing
a segmentation violation. If B<x> is set to NULL first then this will not
happen.
=head1 BUGS
In some versions of OpenSSL the "reuse" behaviour of d2i_X509() when
B<*px> is valid is broken and some parts of the reused structure may
persist if they are not present in the new one. As a result the use
of this "reuse" behaviour is strongly discouraged.
i2d_X509() will not return an error in many versions of OpenSSL,
if mandatory fields are not initialized due to a programming error
then the encoded structure may contain invalid data or omit the
fields entirely and will not be parsed by d2i_X509(). This may be
fixed in future so code should not assume that i2d_X509() will
always succeed.
=head1 RETURN VALUES
d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B<X509> structure
or B<NULL> if an error occurs. The error code that can be obtained by
L<ERR_get_error(3)|ERR_get_error(3)>.
i2d_X509(), i2d_X509_bio() and i2d_X509_fp() return a the number of bytes
successfully encoded or a negative value if an error occurs. The error code
can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
=head1 SEE ALSO
L<ERR_get_error(3)|ERR_get_error(3)>
=head1 HISTORY
d2i_X509, i2d_X509, d2i_X509_bio, d2i_X509_fp, i2d_X509_bio and i2d_X509_fp
are available in all versions of SSLeay and OpenSSL.
=cut

30
doc/crypto/d2i_X509_ALGOR.pod Normal file
View file

@ -0,0 +1,30 @@
=pod
=head1 NAME
d2i_X509_ALGOR, i2d_X509_ALGOR - AlgorithmIdentifier functions.
=head1 SYNOPSIS
#include <openssl/x509.h>
X509_ALGOR *d2i_X509_ALGOR(X509_ALGOR **a, unsigned char **pp, long length);
int i2d_X509_ALGOR(X509_ALGOR *a, unsigned char **pp);
=head1 DESCRIPTION
These functions decode and encode an B<X509_ALGOR> structure which is
equivalent to the B<AlgorithmIdentifier> structure.
Othewise these behave in a similar way to d2i_X509() and i2d_X509()
described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
=head1 SEE ALSO
L<d2i_X509(3)|d2i_X509(3)>
=head1 HISTORY
TBA
=cut

37
doc/crypto/d2i_X509_CRL.pod Normal file
View file

@ -0,0 +1,37 @@
=pod
=head1 NAME
d2i_X509_CRL, i2d_X509_CRL, d2i_X509_CRL_bio, d2i_509_CRL_fp,
i2d_X509_CRL_bio, i2d_X509_CRL_fp - PKCS#10 certificate request functions.
=head1 SYNOPSIS
#include <openssl/x509.h>
X509_CRL *d2i_X509_CRL(X509_CRL **a, unsigned char **pp, long length);
int i2d_X509_CRL(X509_CRL *a, unsigned char **pp);
X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **x);
X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **x);
int i2d_X509_CRL_bio(X509_CRL *x, BIO *bp);
int i2d_X509_CRL_fp(X509_CRL *x, FILE *fp);
=head1 DESCRIPTION
These functions decode and encode an X509 CRL (certificate revocation
list).
Othewise the functions behave in a similar way to d2i_X509() and i2d_X509()
described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
=head1 SEE ALSO
L<d2i_X509(3)|d2i_X509(3)>
=head1 HISTORY
TBA
=cut

36
doc/crypto/d2i_X509_REQ.pod Normal file
View file

@ -0,0 +1,36 @@
=pod
=head1 NAME
d2i_X509_REQ, i2d_X509_REQ, d2i_X509_REQ_bio, d2i_X509_REQ_fp,
i2d_X509_REQ_bio, i2d_X509_REQ_fp - PKCS#10 certificate request functions.
=head1 SYNOPSIS
#include <openssl/x509.h>
X509_REQ *d2i_X509_REQ(X509_REQ **a, unsigned char **pp, long length);
int i2d_X509_REQ(X509_REQ *a, unsigned char **pp);
X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **x);
X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **x);
int i2d_X509_REQ_bio(X509_REQ *x, BIO *bp);
int i2d_X509_REQ_fp(X509_REQ *x, FILE *fp);
=head1 DESCRIPTION
These functions decode and encode a PKCS#10 certificate request.
Othewise these behave in a similar way to d2i_X509() and i2d_X509()
described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
=head1 SEE ALSO
L<d2i_X509(3)|d2i_X509(3)>
=head1 HISTORY
TBA
=cut

30
doc/crypto/d2i_X509_SIG.pod Normal file
View file

@ -0,0 +1,30 @@
=pod
=head1 NAME
d2i_X509_SIG, i2d_X509_SIG - DigestInfo functions.
=head1 SYNOPSIS
#include <openssl/x509.h>
X509_SIG *d2i_X509_SIG(X509_SIG **a, unsigned char **pp, long length);
int i2d_X509_SIG(X509_SIG *a, unsigned char **pp);
=head1 DESCRIPTION
These functions decode and encode an X509_SIG structure which is
equivalent to the B<DigestInfo> structure defined in PKCS#1 and PKCS#7.
Othewise these behave in a similar way to d2i_X509() and i2d_X509()
described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
=head1 SEE ALSO
L<d2i_X509(3)|d2i_X509(3)>
=head1 HISTORY
TBA
=cut