1use super::*;
2use libc::size_t;
3use std::ffi::{c_int, c_uint, c_ulong, c_void};
4
5pub const EVP_MAX_MD_SIZE: c_uint = 64;
6
7pub const PKCS5_SALT_LEN: c_int = 8;
8pub const PKCS12_DEFAULT_ITER: c_int = 2048;
9
10pub const EVP_PKEY_RSA: c_int = NID_rsaEncryption;
11#[cfg(any(ossl111, libressl, boringssl, awslc))]
12pub const EVP_PKEY_RSA_PSS: c_int = NID_rsassaPss;
13pub const EVP_PKEY_DSA: c_int = NID_dsa;
14pub const EVP_PKEY_DH: c_int = NID_dhKeyAgreement;
15#[cfg(ossl110)]
16pub const EVP_PKEY_DHX: c_int = NID_dhpublicnumber;
17pub const EVP_PKEY_EC: c_int = NID_X9_62_id_ecPublicKey;
18#[cfg(ossl111)]
19pub const EVP_PKEY_SM2: c_int = NID_sm2;
20#[cfg(any(ossl111, libressl370))]
21pub const EVP_PKEY_X25519: c_int = NID_X25519;
22#[cfg(any(ossl111, libressl370))]
23pub const EVP_PKEY_ED25519: c_int = NID_ED25519;
24#[cfg(ossl111)]
25pub const EVP_PKEY_X448: c_int = NID_X448;
26#[cfg(ossl111)]
27pub const EVP_PKEY_ED448: c_int = NID_ED448;
28pub const EVP_PKEY_HMAC: c_int = NID_hmac;
29pub const EVP_PKEY_CMAC: c_int = NID_cmac;
30#[cfg(ossl111)]
31pub const EVP_PKEY_POLY1305: c_int = NID_poly1305;
32#[cfg(any(ossl110, libressl360))]
33pub const EVP_PKEY_HKDF: c_int = NID_hkdf;
34
35#[cfg(ossl110)]
36pub const EVP_CIPHER_CTX_FLAG_WRAP_ALLOW: c_int = 0x1;
37
38pub const EVP_CIPH_MODE: c_ulong = 0xF0007;
39pub const EVP_CIPH_WRAP_MODE: c_ulong = 0x10002;
40
41pub const EVP_CTRL_GCM_SET_IVLEN: c_int = 0x9;
42pub const EVP_CTRL_GCM_GET_TAG: c_int = 0x10;
43pub const EVP_CTRL_GCM_SET_TAG: c_int = 0x11;
44
45cfg_if! {
46 if #[cfg(ossl300)] {
47 pub const EVP_PKEY_KEY_PARAMETERS: c_int = OSSL_KEYMGMT_SELECT_ALL_PARAMETERS;
48 pub const EVP_PKEY_PRIVATE_KEY: c_int = EVP_PKEY_KEY_PARAMETERS | OSSL_KEYMGMT_SELECT_PRIVATE_KEY;
49 pub const EVP_PKEY_PUBLIC_KEY: c_int = EVP_PKEY_KEY_PARAMETERS | OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
50 pub const EVP_PKEY_KEYPAIR: c_int = EVP_PKEY_PUBLIC_KEY | OSSL_KEYMGMT_SELECT_PRIVATE_KEY;
51 pub const EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND: c_int = 0;
52 pub const EVP_KDF_HKDF_MODE_EXTRACT_ONLY: c_int = 1;
53 pub const EVP_KDF_HKDF_MODE_EXPAND_ONLY: c_int = 2;
54 }
55}
56
57pub unsafe fn EVP_get_digestbynid(type_: c_int) -> *const EVP_MD {
58 EVP_get_digestbyname(OBJ_nid2sn(type_))
59}
60
61cfg_if! {
62 if #[cfg(ossl300)] {
63 #[inline]
64 pub unsafe fn EVP_MD_CTX_md(ctx: *const EVP_MD_CTX) -> *const EVP_MD {
65 EVP_MD_CTX_get0_md(ctx)
66 }
67
68 #[inline]
69 pub unsafe fn EVP_MD_CTX_get_size(ctx: *const EVP_MD_CTX) -> c_int {
70 EVP_MD_get_size(EVP_MD_CTX_get0_md(ctx))
71 }
72
73 #[inline]
74 pub unsafe fn EVP_MD_CTX_size(ctx: *const EVP_MD_CTX) -> c_int {
75 EVP_MD_CTX_get_size(ctx)
76 }
77
78 #[inline]
79 pub unsafe fn EVP_MD_block_size(md: *const EVP_MD) -> c_int {
80 EVP_MD_get_block_size(md)
81 }
82
83 #[inline]
84 pub unsafe fn EVP_MD_size(md: *const EVP_MD) -> c_int {
85 EVP_MD_get_size(md)
86 }
87
88 #[inline]
89 pub unsafe fn EVP_MD_type(md: *const EVP_MD) -> c_int {
90 EVP_MD_get_type(md)
91 }
92
93 #[inline]
94 pub unsafe fn EVP_CIPHER_key_length(cipher: *const EVP_CIPHER) -> c_int {
95 EVP_CIPHER_get_key_length(cipher)
96 }
97
98 #[inline]
99 pub unsafe fn EVP_CIPHER_block_size(cipher: *const EVP_CIPHER) -> c_int {
100 EVP_CIPHER_get_block_size(cipher)
101 }
102
103 #[inline]
104 pub unsafe fn EVP_CIPHER_iv_length(cipher: *const EVP_CIPHER) -> c_int {
105 EVP_CIPHER_get_iv_length(cipher)
106 }
107
108 #[inline]
109 pub unsafe fn EVP_CIPHER_nid(cipher: *const EVP_CIPHER) -> c_int {
110 EVP_CIPHER_get_nid(cipher)
111 }
112
113 #[inline]
114 pub unsafe fn EVP_CIPHER_flags(cipher: *const EVP_CIPHER) -> c_ulong {
115 EVP_CIPHER_get_flags(cipher)
116 }
117
118 #[inline]
119 pub unsafe fn EVP_CIPHER_CTX_block_size(ctx: *const EVP_CIPHER_CTX) -> c_int {
120 EVP_CIPHER_CTX_get_block_size(ctx)
121 }
122
123 #[inline]
124 pub unsafe fn EVP_CIPHER_CTX_key_length(ctx: *const EVP_CIPHER_CTX) -> c_int {
125 EVP_CIPHER_CTX_get_key_length(ctx)
126 }
127
128 #[inline]
129 pub unsafe fn EVP_CIPHER_CTX_iv_length(ctx: *const EVP_CIPHER_CTX) -> c_int {
130 EVP_CIPHER_CTX_get_iv_length(ctx)
131 }
132
133 #[inline]
134 pub unsafe fn EVP_CIPHER_CTX_num(ctx: *const EVP_CIPHER_CTX) -> c_int {
135 EVP_CIPHER_CTX_get_num(ctx)
136 }
137 } else {
138 pub unsafe fn EVP_MD_CTX_size(ctx: *const EVP_MD_CTX) -> c_int {
139 EVP_MD_size(EVP_MD_CTX_md(ctx))
140 }
141 }
142}
143#[cfg(not(ossl300))]
144#[inline]
145pub unsafe fn EVP_DigestSignUpdate(
146 ctx: *mut EVP_MD_CTX,
147 data: *const c_void,
148 dsize: size_t,
149) -> c_int {
150 EVP_DigestUpdate(ctx, data, dsize)
151}
152#[cfg(not(ossl300))]
153#[inline]
154pub unsafe fn EVP_DigestVerifyUpdate(
155 ctx: *mut EVP_MD_CTX,
156 data: *const c_void,
157 dsize: size_t,
158) -> c_int {
159 EVP_DigestUpdate(ctx, data, dsize)
160}
161#[cfg(ossl300)]
162#[inline]
163pub unsafe fn EVP_PKEY_size(pkey: *const EVP_PKEY) -> c_int {
164 EVP_PKEY_get_size(pkey)
165}
166
167cfg_if! {
168 if #[cfg(ossl300)] {
169 #[inline]
170 pub unsafe fn EVP_PKEY_id(pkey: *const EVP_PKEY) -> c_int {
171 EVP_PKEY_get_id(pkey)
172 }
173
174 #[inline]
175 pub unsafe fn EVP_PKEY_bits(pkey: *const EVP_PKEY) -> c_int {
176 EVP_PKEY_get_bits(pkey)
177 }
178
179 #[inline]
180 pub unsafe fn EVP_PKEY_security_bits(pkey: *const EVP_PKEY) -> c_int {
181 EVP_PKEY_get_security_bits(pkey)
182 }
183 }
184}
185
186pub const EVP_PKEY_OP_PARAMGEN: c_int = 1 << 1;
187pub const EVP_PKEY_OP_KEYGEN: c_int = 1 << 2;
188cfg_if! {
189 if #[cfg(ossl300)] {
190 pub const EVP_PKEY_OP_SIGN: c_int = 1 << 4;
191 pub const EVP_PKEY_OP_VERIFY: c_int = 1 << 5;
192 pub const EVP_PKEY_OP_VERIFYRECOVER: c_int = 1 << 6;
193 pub const EVP_PKEY_OP_SIGNCTX: c_int = 1 << 7;
194 pub const EVP_PKEY_OP_VERIFYCTX: c_int = 1 << 8;
195 pub const EVP_PKEY_OP_ENCRYPT: c_int = 1 << 9;
196 pub const EVP_PKEY_OP_DECRYPT: c_int = 1 << 10;
197 pub const EVP_PKEY_OP_DERIVE: c_int = 1 << 11;
198 } else {
199 pub const EVP_PKEY_OP_SIGN: c_int = 1 << 3;
200 pub const EVP_PKEY_OP_VERIFY: c_int = 1 << 4;
201 pub const EVP_PKEY_OP_VERIFYRECOVER: c_int = 1 << 5;
202 pub const EVP_PKEY_OP_SIGNCTX: c_int = 1 << 6;
203 pub const EVP_PKEY_OP_VERIFYCTX: c_int = 1 << 7;
204 pub const EVP_PKEY_OP_ENCRYPT: c_int = 1 << 8;
205 pub const EVP_PKEY_OP_DECRYPT: c_int = 1 << 9;
206 pub const EVP_PKEY_OP_DERIVE: c_int = 1 << 10;
207 }
208}
209#[cfg(ossl340)]
210pub const EVP_PKEY_OP_SIGNMSG: c_int = 1 << 14;
211#[cfg(ossl340)]
212pub const EVP_PKEY_OP_VERIFYMSG: c_int = 1 << 15;
213
214cfg_if! {
215 if #[cfg(ossl340)] {
216 pub const EVP_PKEY_OP_TYPE_SIG: c_int = EVP_PKEY_OP_SIGN
217 | EVP_PKEY_OP_SIGNMSG
218 | EVP_PKEY_OP_VERIFY
219 | EVP_PKEY_OP_VERIFYMSG
220 | EVP_PKEY_OP_VERIFYRECOVER
221 | EVP_PKEY_OP_SIGNCTX
222 | EVP_PKEY_OP_VERIFYCTX;
223 } else {
224 pub const EVP_PKEY_OP_TYPE_SIG: c_int = EVP_PKEY_OP_SIGN
225 | EVP_PKEY_OP_VERIFY
226 | EVP_PKEY_OP_VERIFYRECOVER
227 | EVP_PKEY_OP_SIGNCTX
228 | EVP_PKEY_OP_VERIFYCTX;
229 }
230}
231
232pub const EVP_PKEY_OP_TYPE_CRYPT: c_int = EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT;
233
234pub const EVP_PKEY_CTRL_MD: c_int = 1;
235
236pub const EVP_PKEY_CTRL_SET_MAC_KEY: c_int = 6;
237
238pub const EVP_PKEY_CTRL_CIPHER: c_int = 12;
239
240pub const EVP_PKEY_ALG_CTRL: c_int = 0x1000;
241
242#[cfg(any(ossl111, libressl360))]
243pub const EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND: c_int = 0;
244
245#[cfg(any(ossl111, libressl360))]
246pub const EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY: c_int = 1;
247
248#[cfg(any(ossl111, libressl360))]
249pub const EVP_PKEY_HKDEF_MODE_EXPAND_ONLY: c_int = 2;
250
251#[cfg(any(ossl110, libressl360))]
252pub const EVP_PKEY_CTRL_HKDF_MD: c_int = EVP_PKEY_ALG_CTRL + 3;
253
254#[cfg(any(ossl110, libressl360))]
255pub const EVP_PKEY_CTRL_HKDF_SALT: c_int = EVP_PKEY_ALG_CTRL + 4;
256
257#[cfg(any(ossl110, libressl360))]
258pub const EVP_PKEY_CTRL_HKDF_KEY: c_int = EVP_PKEY_ALG_CTRL + 5;
259
260#[cfg(any(ossl110, libressl360))]
261pub const EVP_PKEY_CTRL_HKDF_INFO: c_int = EVP_PKEY_ALG_CTRL + 6;
262
263#[cfg(any(ossl111, libressl360))]
264pub const EVP_PKEY_CTRL_HKDF_MODE: c_int = EVP_PKEY_ALG_CTRL + 7;
265
266#[cfg(any(all(ossl111, not(ossl300)), libressl360))]
267pub unsafe fn EVP_PKEY_CTX_set_hkdf_mode(ctx: *mut EVP_PKEY_CTX, mode: c_int) -> c_int {
268 EVP_PKEY_CTX_ctrl(
269 ctx,
270 -1,
271 EVP_PKEY_OP_DERIVE,
272 EVP_PKEY_CTRL_HKDF_MODE,
273 mode,
274 std::ptr::null_mut(),
275 )
276}
277
278#[cfg(any(all(ossl110, not(ossl300)), libressl360))]
279pub unsafe fn EVP_PKEY_CTX_set_hkdf_md(ctx: *mut EVP_PKEY_CTX, md: *const EVP_MD) -> c_int {
280 EVP_PKEY_CTX_ctrl(
281 ctx,
282 -1,
283 EVP_PKEY_OP_DERIVE,
284 EVP_PKEY_CTRL_HKDF_MD,
285 0,
286 md as *mut c_void,
287 )
288}
289
290#[cfg(any(all(ossl110, not(ossl300)), libressl360))]
291pub unsafe fn EVP_PKEY_CTX_set1_hkdf_salt(
292 ctx: *mut EVP_PKEY_CTX,
293 salt: *const u8,
294 saltlen: c_int,
295) -> c_int {
296 EVP_PKEY_CTX_ctrl(
297 ctx,
298 -1,
299 EVP_PKEY_OP_DERIVE,
300 EVP_PKEY_CTRL_HKDF_SALT,
301 saltlen,
302 salt as *mut c_void,
303 )
304}
305
306#[cfg(any(all(ossl110, not(ossl300)), libressl360))]
307pub unsafe fn EVP_PKEY_CTX_set1_hkdf_key(
308 ctx: *mut EVP_PKEY_CTX,
309 key: *const u8,
310 keylen: c_int,
311) -> c_int {
312 EVP_PKEY_CTX_ctrl(
313 ctx,
314 -1,
315 EVP_PKEY_OP_DERIVE,
316 EVP_PKEY_CTRL_HKDF_KEY,
317 keylen,
318 key as *mut c_void,
319 )
320}
321
322#[cfg(any(all(ossl110, not(ossl300)), libressl360))]
323pub unsafe fn EVP_PKEY_CTX_add1_hkdf_info(
324 ctx: *mut EVP_PKEY_CTX,
325 info: *const u8,
326 infolen: c_int,
327) -> c_int {
328 EVP_PKEY_CTX_ctrl(
329 ctx,
330 -1,
331 EVP_PKEY_OP_DERIVE,
332 EVP_PKEY_CTRL_HKDF_INFO,
333 infolen,
334 info as *mut c_void,
335 )
336}
337
338#[cfg(not(any(ossl300, boringssl, awslc)))]
339pub unsafe fn EVP_PKEY_CTX_set_signature_md(cxt: *mut EVP_PKEY_CTX, md: *mut EVP_MD) -> c_int {
340 EVP_PKEY_CTX_ctrl(
341 cxt,
342 -1,
343 EVP_PKEY_OP_TYPE_SIG,
344 EVP_PKEY_CTRL_MD,
345 0,
346 md as *mut c_void,
347 )
348}
349
350#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))]
351pub unsafe fn EVP_PKEY_assign_RSA(pkey: *mut EVP_PKEY, rsa: *mut RSA) -> c_int {
352 EVP_PKEY_assign(pkey, EVP_PKEY_RSA, rsa as *mut c_void)
353}
354
355#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))]
356pub unsafe fn EVP_PKEY_assign_DSA(pkey: *mut EVP_PKEY, dsa: *mut DSA) -> c_int {
357 EVP_PKEY_assign(pkey, EVP_PKEY_DSA, dsa as *mut c_void)
358}
359
360#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))]
361pub unsafe fn EVP_PKEY_assign_DH(pkey: *mut EVP_PKEY, dh: *mut DH) -> c_int {
362 EVP_PKEY_assign(pkey, EVP_PKEY_DH, dh as *mut c_void)
363}
364
365#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))]
366pub unsafe fn EVP_PKEY_assign_EC_KEY(pkey: *mut EVP_PKEY, ec_key: *mut EC_KEY) -> c_int {
367 EVP_PKEY_assign(pkey, EVP_PKEY_EC, ec_key as *mut c_void)
368}