2 * Copyright (C) 2004, 2005, 2007, 2008, 2009, 2010 Free Software
4 * Copyright (c) 2002 Andrew McDonald <andrew@mcdonald.org.uk>
6 * This file is part of GnuTLS-EXTRA.
8 * GnuTLS-extra is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License as
10 * published by the Free Software Foundation; either version 3 of the
11 * License, or (at your option) any later version.
13 * GnuTLS-extra is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with GnuTLS-EXTRA; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
25 /* WARNING: Error functions aren't currently thread-safe */
27 /* This file contains prototypes about the OpenSSL compatibility layer
28 * in GnuTLS. GnuTLS is not a complete replacement of OPENSSL so this
29 * compatibility layer only support limited OpenSSL functionality.
31 * New programs should avoid using this compatibility layer, and use
32 * the native GnuTLS API directly.
35 #ifndef GNUTLS_OPENSSL_H
36 #define GNUTLS_OPENSSL_H
43 #include <gnutls/gnutls.h>
45 /* Extra definitions that do not longer exist in gnutls.
47 #define GNUTLS_X509_CN_SIZE 256
48 #define GNUTLS_X509_C_SIZE 3
49 #define GNUTLS_X509_O_SIZE 256
50 #define GNUTLS_X509_OU_SIZE 256
51 #define GNUTLS_X509_L_SIZE 256
52 #define GNUTLS_X509_S_SIZE 256
53 #define GNUTLS_X509_EMAIL_SIZE 256
57 char common_name[GNUTLS_X509_CN_SIZE];
58 char country[GNUTLS_X509_C_SIZE];
59 char organization[GNUTLS_X509_O_SIZE];
60 char organizational_unit_name[GNUTLS_X509_OU_SIZE];
61 char locality_name[GNUTLS_X509_L_SIZE];
62 char state_or_province_name[GNUTLS_X509_S_SIZE];
63 char email[GNUTLS_X509_EMAIL_SIZE];
67 #define OPENSSL_VERSION_NUMBER (0x0090604F)
68 #define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
69 #define OPENSSL_VERSION_TEXT ("GNUTLS " GNUTLS_VERSION " ")
71 #define SSL_ERROR_NONE (0)
72 #define SSL_ERROR_SSL (1)
73 #define SSL_ERROR_WANT_READ (2)
74 #define SSL_ERROR_WANT_WRITE (3)
75 #define SSL_ERROR_SYSCALL (5)
76 #define SSL_ERROR_ZERO_RETURN (6)
78 #define SSL_FILETYPE_PEM (GNUTLS_X509_FMT_PEM)
80 #define SSL_VERIFY_NONE (0)
84 #define X509_V_ERR_CERT_NOT_YET_VALID (1)
85 #define X509_V_ERR_CERT_HAS_EXPIRED (2)
86 #define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT (3)
88 #define SSL_OP_ALL (0x000FFFFF)
89 #define SSL_OP_NO_TLSv1 (0x0400000)
91 #define SSL_MODE_ENABLE_PARTIAL_WRITE (0x1)
92 #define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER (0x2)
93 #define SSL_MODE_AUTO_RETRY (0x4)
95 typedef gnutls_x509_dn X509_NAME;
96 typedef gnutls_datum_t X509;
98 typedef struct _SSL SSL;
102 char priority_string[256];
103 unsigned int connend;
108 gnutls_protocol_t version;
109 gnutls_cipher_algorithm_t cipher;
110 gnutls_kx_algorithm_t kx;
111 gnutls_mac_algorithm_t mac;
112 gnutls_compression_method_t compression;
113 gnutls_certificate_type_t cert;
118 gnutls_transport_ptr_t fd;
125 const gnutls_datum_t *cert_list;
126 #define current_cert cert_list
129 #define X509_STORE_CTX_get_current_cert(ctx) ((ctx)->current_cert)
131 typedef struct _SSL_CTX
138 unsigned long options;
140 int (*verify_callback) (int, X509_STORE_CTX *);
147 gnutls_session_t gnutls_state;
149 gnutls_certificate_client_credentials gnutls_cred;
152 SSL_CIPHER ciphersuite;
157 unsigned long options;
159 int (*verify_callback) (int, X509_STORE_CTX *);
162 gnutls_transport_ptr_t rfd;
163 gnutls_transport_ptr_t wfd;
166 #define rbio gnutls_state
174 typedef struct rsa_st RSA;
176 #define MD5_CTX MD_CTX
177 #define RIPEMD160_CTX MD_CTX
179 #define OpenSSL_add_ssl_algorithms() SSL_library_init()
180 #define SSLeay_add_ssl_algorithms() SSL_library_init()
181 #define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms()
183 #define SSL_get_cipher_name(ssl) SSL_CIPHER_get_name(SSL_get_current_cipher(ssl))
184 #define SSL_get_cipher(ssl) SSL_get_cipher_name(ssl)
185 #define SSL_get_cipher_bits(ssl,bp) SSL_CIPHER_get_bits(SSL_get_current_cipher(ssl),(bp))
186 #define SSL_get_cipher_version(ssl) SSL_CIPHER_get_version(SSL_get_current_cipher(ssl))
189 /* Library initialisation functions */
191 int SSL_library_init (void);
192 void OpenSSL_add_all_algorithms (void);
195 /* SSL_CTX structure handling */
197 SSL_CTX *SSL_CTX_new (SSL_METHOD * method);
198 void SSL_CTX_free (SSL_CTX * ctx);
199 int SSL_CTX_set_default_verify_paths (SSL_CTX * ctx);
200 int SSL_CTX_use_certificate_file (SSL_CTX * ctx, const char *certfile,
202 int SSL_CTX_use_PrivateKey_file (SSL_CTX * ctx, const char *keyfile,
204 void SSL_CTX_set_verify (SSL_CTX * ctx, int verify_mode,
205 int (*verify_callback) (int, X509_STORE_CTX *));
206 unsigned long SSL_CTX_set_options (SSL_CTX * ctx, unsigned long options);
207 long SSL_CTX_set_mode (SSL_CTX * ctx, long mode);
208 int SSL_CTX_set_cipher_list (SSL_CTX * ctx, const char *list);
211 /* SSL_CTX statistics */
213 long SSL_CTX_sess_number (SSL_CTX * ctx);
214 long SSL_CTX_sess_connect (SSL_CTX * ctx);
215 long SSL_CTX_sess_connect_good (SSL_CTX * ctx);
216 long SSL_CTX_sess_connect_renegotiate (SSL_CTX * ctx);
217 long SSL_CTX_sess_accept (SSL_CTX * ctx);
218 long SSL_CTX_sess_accept_good (SSL_CTX * ctx);
219 long SSL_CTX_sess_accept_renegotiate (SSL_CTX * ctx);
220 long SSL_CTX_sess_hits (SSL_CTX * ctx);
221 long SSL_CTX_sess_misses (SSL_CTX * ctx);
222 long SSL_CTX_sess_timeouts (SSL_CTX * ctx);
225 /* SSL structure handling */
227 SSL *SSL_new (SSL_CTX * ctx);
228 void SSL_free (SSL * ssl);
229 void SSL_load_error_strings (void);
230 int SSL_get_error (SSL * ssl, int ret);
231 int SSL_set_fd (SSL * ssl, int fd);
232 int SSL_set_rfd (SSL * ssl, int fd);
233 int SSL_set_wfd (SSL * ssl, int fd);
234 void SSL_set_bio (SSL * ssl, BIO * rbio, BIO * wbio);
235 void SSL_set_connect_state (SSL * ssl);
236 int SSL_pending (SSL * ssl);
237 void SSL_set_verify (SSL * ssl, int verify_mode,
238 int (*verify_callback) (int, X509_STORE_CTX *));
239 const X509 *SSL_get_peer_certificate (SSL * ssl);
241 /* SSL connection open/close/read/write functions */
243 int SSL_connect (SSL * ssl);
244 int SSL_accept (SSL * ssl);
245 int SSL_shutdown (SSL * ssl);
246 int SSL_read (SSL * ssl, void *buf, int len);
247 int SSL_write (SSL * ssl, const void *buf, int len);
249 int SSL_want (SSL * ssl);
251 #define SSL_NOTHING (1)
252 #define SSL_WRITING (2)
253 #define SSL_READING (3)
254 #define SSL_X509_LOOKUP (4)
256 #define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING)
257 #define SSL_want_read(s) (SSL_want(s) == SSL_READING)
258 #define SSL_want_write(s) (SSL_want(s) == SSL_WRITING)
259 #define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
262 /* SSL_METHOD functions */
264 SSL_METHOD *SSLv23_client_method (void);
265 SSL_METHOD *SSLv23_server_method (void);
266 SSL_METHOD *SSLv3_client_method (void);
267 SSL_METHOD *SSLv3_server_method (void);
268 SSL_METHOD *TLSv1_client_method (void);
269 SSL_METHOD *TLSv1_server_method (void);
272 /* SSL_CIPHER functions */
274 SSL_CIPHER *SSL_get_current_cipher (SSL * ssl);
275 const char *SSL_CIPHER_get_name (SSL_CIPHER * cipher);
276 int SSL_CIPHER_get_bits (SSL_CIPHER * cipher, int *bits);
277 const char *SSL_CIPHER_get_version (SSL_CIPHER * cipher);
278 char *SSL_CIPHER_description (SSL_CIPHER * cipher, char *buf, int size);
283 X509_NAME *X509_get_subject_name (const X509 * cert);
284 X509_NAME *X509_get_issuer_name (const X509 * cert);
285 char *X509_NAME_oneline (gnutls_x509_dn * name, char *buf, int len);
286 void X509_free (const X509 * cert);
291 void BIO_get_fd (gnutls_session_t gnutls_state, int *fd);
292 BIO *BIO_new_socket (int sock, int close_flag);
296 unsigned long ERR_get_error (void);
297 const char *ERR_error_string (unsigned long e, char *buf);
302 int RAND_status (void);
303 void RAND_seed (const void *buf, int num);
304 int RAND_bytes (unsigned char *buf, int num);
305 int RAND_pseudo_bytes (unsigned char *buf, int num);
306 const char *RAND_file_name (char *buf, size_t len);
307 int RAND_load_file (const char *name, long maxbytes);
308 int RAND_write_file (const char *name);
310 int RAND_egd_bytes (const char *path, int bytes);
311 #define RAND_egd(p) RAND_egd_bytes((p), 255)
313 /* message digest functions */
315 #define MD5_DIGEST_LENGTH 16
317 void MD5_Init (MD5_CTX * ctx);
318 void MD5_Update (MD5_CTX * ctx, const void *buf, int len);
319 void MD5_Final (unsigned char *md, MD5_CTX * ctx);
320 unsigned char *MD5 (const unsigned char *buf, unsigned long len,
323 void RIPEMD160_Init (RIPEMD160_CTX * ctx);
324 void RIPEMD160_Update (RIPEMD160_CTX * ctx, const void *buf, int len);
325 void RIPEMD160_Final (unsigned char *md, RIPEMD160_CTX * ctx);
326 unsigned char *RIPEMD160 (const unsigned char *buf, unsigned long len,