3 * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
5 * This file is part of CyaSSL.
7 * CyaSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
12 * CyaSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
23 /* ssl.h defines openssl compatibility layer
29 #ifndef CYASSL_OPENSSL_H_
30 #define CYASSL_OPENSSL_H_
32 #include "os_settings.h" /* for users not using preprocessor flags */
35 #include <stdio.h> /* ERR_print fp */
39 #include "prefix_ssl.h"
42 #define CYASSL_VERSION "1.9.0"
44 #undef X509_NAME /* wincrypt.h clash */
52 typedef struct SSL SSL
;
53 typedef struct SSL_SESSION SSL_SESSION
;
54 typedef struct SSL_METHOD SSL_METHOD
;
55 typedef struct SSL_CTX SSL_CTX
;
57 typedef struct X509 X509
;
58 typedef struct X509_NAME X509_NAME
;
59 typedef struct X509_CHAIN X509_CHAIN
;
63 #define SSL_TYPES_DEFINED
68 typedef struct EVP_PKEY EVP_PKEY
;
69 typedef struct RSA RSA
;
70 typedef struct BIO BIO
;
71 typedef struct BIO_METHOD BIO_METHOD
;
72 typedef struct SSL_CIPHER SSL_CIPHER
;
73 typedef struct X509_LOOKUP X509_LOOKUP
;
74 typedef struct X509_LOOKUP_METHOD X509_LOOKUP_METHOD
;
75 typedef struct X509_CRL X509_CRL
;
76 typedef struct X509_EXTENSION X509_EXTENSION
;
77 typedef struct ASN1_TIME ASN1_TIME
;
78 typedef struct ASN1_INTEGER ASN1_INTEGER
;
79 typedef struct ASN1_OBJECT ASN1_OBJECT
;
80 typedef struct ASN1_STRING ASN1_STRING
;
81 typedef struct CRYPTO_dynlock_value CRYPTO_dynlock_value
;
83 #define ASN1_UTCTIME ASN1_TIME
85 typedef struct MD4_CTX
{
86 int buffer
[32]; /* big enough to hold, check size in Init */
90 typedef struct COMP_METHOD
{
91 int type
; /* stunnel dereference */
95 typedef struct X509_STORE
{
96 int cache
; /* stunnel dereference */
100 typedef struct X509_REVOKED
{
101 ASN1_INTEGER
* serialNumber
; /* stunnel dereference */
105 typedef struct X509_OBJECT
{
108 X509_CRL
* crl
; /* stunnel dereference */
113 /* in cyassl_int.h too, change there !! */
114 typedef struct X509_STORE_CTX
{
117 X509
* current_cert
; /* stunnel dereference */
118 char* domain
; /* subject CN domain name */
119 /* in cyassl_int.h too, change there !! */
123 SSL_METHOD
*SSLv3_server_method(void);
124 SSL_METHOD
*SSLv3_client_method(void);
125 SSL_METHOD
*TLSv1_server_method(void);
126 SSL_METHOD
*TLSv1_client_method(void);
127 SSL_METHOD
*TLSv1_1_server_method(void);
128 SSL_METHOD
*TLSv1_1_client_method(void);
129 SSL_METHOD
*TLSv1_2_server_method(void);
130 SSL_METHOD
*TLSv1_2_client_method(void);
133 SSL_METHOD
*DTLSv1_client_method(void);
134 SSL_METHOD
*DTLSv1_server_method(void);
137 #ifndef NO_FILESYSTEM
139 int SSL_CTX_use_certificate_file(SSL_CTX
*, const char*, int);
140 int SSL_CTX_use_PrivateKey_file(SSL_CTX
*, const char*, int);
141 int SSL_CTX_load_verify_locations(SSL_CTX
*, const char*, const char*);
142 int SSL_CTX_use_certificate_chain_file(SSL_CTX
*ctx
, const char *file
);
143 int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX
*, const char*, int);
145 #ifdef CYASSL_DER_LOAD
146 int CyaSSL_CTX_load_verify_locations(SSL_CTX
*, const char*, int);
150 int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX
*, const char*); /* load NTRU
154 int CyaSSL_PemCertToDer(const char*, unsigned char*, int);
156 #endif /* NO_FILESYSTEM */
158 SSL_CTX
* SSL_CTX_new(SSL_METHOD
*);
159 SSL
* SSL_new(SSL_CTX
*);
160 int SSL_set_fd (SSL
*, int);
161 int SSL_get_fd(const SSL
*);
162 int SSL_connect(SSL
*); /* please see note at top of README
163 if you get an error from connect */
164 int SSL_write(SSL
*, const void*, int);
165 int SSL_read(SSL
*, void*, int);
166 int SSL_accept(SSL
*);
167 void SSL_CTX_free(SSL_CTX
*);
169 int SSL_shutdown(SSL
*);
171 void SSL_CTX_set_quiet_shutdown(SSL_CTX
*, int);
173 int SSL_get_error(SSL
*, int);
175 int SSL_set_session(SSL
*ssl
, SSL_SESSION
*session
);
176 SSL_SESSION
* SSL_get_session(SSL
* ssl
);
177 void SSL_flush_sessions(SSL_CTX
*ctx
, long tm
);
180 typedef int (*VerifyCallback
)(int, X509_STORE_CTX
*);
181 typedef int (*pem_password_cb
)(char*, int, int, void*);
183 void SSL_CTX_set_verify(SSL_CTX
*, int, VerifyCallback verify_callback
);
186 int SSL_pending(SSL
*);
189 void SSL_load_error_strings(void);
190 int SSL_library_init(void);
191 long SSL_CTX_set_session_cache_mode(SSL_CTX
*, long);
193 /* only supports full name from cipher_name[] delimited by : */
194 int SSL_CTX_set_cipher_list(SSL_CTX
*, const char*);
196 char* ERR_error_string(unsigned long,char*);
197 void ERR_error_string_n(unsigned long e
, char *buf
, size_t len
);
202 #define STACK_OF(x) x
204 int SSL_set_ex_data(SSL
*, int, void*);
205 int SSL_get_shutdown(const SSL
*);
206 int SSL_set_rfd(SSL
*, int);
207 int SSL_set_wfd(SSL
*, int);
208 void SSL_set_shutdown(SSL
*, int);
209 int SSL_set_session_id_context(SSL
*, const unsigned char*, unsigned int);
210 void SSL_set_connect_state(SSL
*);
211 void SSL_set_accept_state(SSL
*);
212 int SSL_session_reused(SSL
*);
213 void SSL_SESSION_free(SSL_SESSION
* session
);
215 const char* SSL_get_version(SSL
*);
216 SSL_CIPHER
* SSL_get_current_cipher(SSL
*);
217 char* SSL_CIPHER_description(SSL_CIPHER
*, char*, int);
218 const char* SSL_CIPHER_get_name(const SSL_CIPHER
* cipher
);
219 SSL_SESSION
* SSL_get1_session(SSL
* ssl
); /* what's ref count */
221 void X509_free(X509
*);
222 void OPENSSL_free(void*);
224 int OCSP_parse_url(char* url
, char** host
, char** port
, char** path
, int* ssl
);
226 SSL_METHOD
* SSLv23_client_method(void);
227 SSL_METHOD
* SSLv2_client_method(void);
228 SSL_METHOD
* SSLv2_server_method(void);
230 void MD4_Init(MD4_CTX
*);
231 void MD4_Update(MD4_CTX
*, const void*, size_t);
232 void MD4_Final(unsigned char*, MD4_CTX
*);
234 BIO
* BIO_new(BIO_METHOD
*);
236 int BIO_free_all(BIO
*);
237 int BIO_read(BIO
*, void*, int);
238 int BIO_write(BIO
*, const void*, int);
239 BIO
* BIO_push(BIO
*, BIO
* append
);
242 int BIO_pending(BIO
*);
244 BIO_METHOD
* BIO_f_buffer(void);
245 long BIO_set_write_buffer_size(BIO
*, long size
);
246 BIO_METHOD
* BIO_f_ssl(void);
247 BIO
* BIO_new_socket(int sfd
, int flag
);
248 void SSL_set_bio(SSL
*, BIO
* rd
, BIO
* wr
);
250 long BIO_set_ssl(BIO
*, SSL
*, int flag
);
252 BIO_METHOD
* BIO_s_mem(void);
253 BIO_METHOD
* BIO_f_base64(void);
254 void BIO_set_flags(BIO
*, int);
256 void OpenSSL_add_all_algorithms(void);
257 int SSLeay_add_ssl_algorithms(void);
258 int SSLeay_add_all_algorithms(void);
260 void RAND_screen(void);
261 const char* RAND_file_name(char*, size_t);
262 int RAND_write_file(const char*);
263 int RAND_load_file(const char*, long);
264 int RAND_egd(const char*);
266 COMP_METHOD
* COMP_zlib(void);
267 COMP_METHOD
* COMP_rle(void);
268 int SSL_COMP_add_compression_method(int, void*);
270 int SSL_get_ex_new_index(long, void*, void*, void*, void*);
272 void CRYPTO_set_id_callback(unsigned long (*f
)(void));
273 void CRYPTO_set_locking_callback(void (*f
)(int, int, const char*, int));
274 void CRYPTO_set_dynlock_create_callback(CRYPTO_dynlock_value
* (*f
)(const char*,
276 void CRYPTO_set_dynlock_lock_callback(void (*f
)(int, CRYPTO_dynlock_value
*,
278 void CRYPTO_set_dynlock_destroy_callback(void (*f
)(CRYPTO_dynlock_value
*,
281 X509
* X509_STORE_CTX_get_current_cert(X509_STORE_CTX
*);
282 int X509_STORE_CTX_get_error(X509_STORE_CTX
*);
283 int X509_STORE_CTX_get_error_depth(X509_STORE_CTX
*);
285 char* X509_NAME_oneline(X509_NAME
*, char*, int);
286 X509_NAME
* X509_get_issuer_name(X509
*);
287 X509_NAME
* X509_get_subject_name(X509
*);
288 const char* X509_verify_cert_error_string(long);
290 int X509_LOOKUP_add_dir(X509_LOOKUP
*, const char*, long);
291 int X509_LOOKUP_load_file(X509_LOOKUP
*, const char*, long);
292 X509_LOOKUP_METHOD
* X509_LOOKUP_hash_dir(void);
293 X509_LOOKUP_METHOD
* X509_LOOKUP_file(void);
295 X509_LOOKUP
* X509_STORE_add_lookup(X509_STORE
*, X509_LOOKUP_METHOD
*);
296 X509_STORE
* X509_STORE_new(void);
297 int X509_STORE_get_by_subject(X509_STORE_CTX
*, int, X509_NAME
*,
299 int X509_STORE_CTX_init(X509_STORE_CTX
*, X509_STORE
*, X509
*, STACK_OF(X509
)*);
300 void X509_STORE_CTX_cleanup(X509_STORE_CTX
*);
302 ASN1_TIME
* X509_CRL_get_lastUpdate(X509_CRL
*);
303 ASN1_TIME
* X509_CRL_get_nextUpdate(X509_CRL
*);
305 EVP_PKEY
* X509_get_pubkey(X509
*);
306 int X509_CRL_verify(X509_CRL
*, EVP_PKEY
*);
307 void X509_STORE_CTX_set_error(X509_STORE_CTX
*, int);
308 void X509_OBJECT_free_contents(X509_OBJECT
*);
309 void EVP_PKEY_free(EVP_PKEY
*);
310 int X509_cmp_current_time(const ASN1_TIME
*);
311 int sk_X509_REVOKED_num(X509_REVOKED
*);
313 X509_REVOKED
* X509_CRL_get_REVOKED(X509_CRL
*);
314 X509_REVOKED
* sk_X509_REVOKED_value(X509_REVOKED
*, int);
316 ASN1_INTEGER
* X509_get_serialNumber(X509
*);
318 int ASN1_TIME_print(BIO
*, const ASN1_TIME
*);
320 int ASN1_INTEGER_cmp(const ASN1_INTEGER
*, const ASN1_INTEGER
*);
321 long ASN1_INTEGER_get(const ASN1_INTEGER
*);
323 STACK_OF(X509_NAME
)* SSL_load_client_CA_file(const char*);
325 void SSL_CTX_set_client_CA_list(SSL_CTX
*, STACK_OF(X509_NAME
)*);
326 void* X509_STORE_CTX_get_ex_data(X509_STORE_CTX
*, int);
327 int SSL_get_ex_data_X509_STORE_CTX_idx(void);
328 void* SSL_get_ex_data(const SSL
*, int);
330 void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX
*, void* userdata
);
331 void SSL_CTX_set_default_passwd_cb(SSL_CTX
*, pem_password_cb
);
334 long SSL_CTX_set_timeout(SSL_CTX
*, long);
335 void SSL_CTX_set_info_callback(SSL_CTX
*, void (*)());
337 unsigned long ERR_peek_error(void);
338 int ERR_GET_REASON(int);
340 char* SSL_alert_type_string_long(int);
341 char* SSL_alert_desc_string_long(int);
342 char* SSL_state_string_long(SSL
*);
345 RSA
* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), void*);
346 void SSL_CTX_set_tmp_rsa_callback(SSL_CTX
*, RSA
*(*)(SSL
*, int, int));
348 int PEM_def_callback(char*, int num
, int w
, void* key
);
350 long SSL_CTX_sess_accept(SSL_CTX
*);
351 long SSL_CTX_sess_connect(SSL_CTX
*);
352 long SSL_CTX_sess_accept_good(SSL_CTX
*);
353 long SSL_CTX_sess_connect_good(SSL_CTX
*);
354 long SSL_CTX_sess_accept_renegotiate(SSL_CTX
*);
355 long SSL_CTX_sess_connect_renegotiate(SSL_CTX
*);
356 long SSL_CTX_sess_hits(SSL_CTX
*);
357 long SSL_CTX_sess_cb_hits(SSL_CTX
*);
358 long SSL_CTX_sess_cache_full(SSL_CTX
*);
359 long SSL_CTX_sess_misses(SSL_CTX
*);
360 long SSL_CTX_sess_timeouts(SSL_CTX
*);
361 long SSL_CTX_sess_number(SSL_CTX
*);
362 long SSL_CTX_sess_get_cache_size(SSL_CTX
*);
365 #define SSL_DEFAULT_CIPHER_LIST "" /* default all */
366 #define RSA_F4 0x10001L
374 OCSP_NOEXPLICIT
= 32,
376 OCSP_NODELEGATED
= 128,
378 OCSP_TRUSTOTHER
= 512,
379 OCSP_RESPID_KEY
= 1024,
387 ASN1_GENERALIZEDTIME
= 4,
389 SSL_OP_MICROSOFT_SESS_ID_BUG
= 1,
390 SSL_OP_NETSCAPE_CHALLENGE_BUG
= 2,
391 SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
= 3,
392 SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
= 4,
393 SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
= 5,
394 SSL_OP_MSIE_SSLV2_RSA_PADDING
= 6,
395 SSL_OP_SSLEAY_080_CLIENT_DH_BUG
= 7,
396 SSL_OP_TLS_D5_BUG
= 8,
397 SSL_OP_TLS_BLOCK_PADDING_BUG
= 9,
398 SSL_OP_TLS_ROLLBACK_BUG
= 10,
400 SSL_OP_EPHEMERAL_RSA
= 12,
401 SSL_OP_NO_SSLv3
= 13,
402 SSL_OP_NO_TLSv1
= 14,
403 SSL_OP_PKCS1_CHECK_1
= 15,
404 SSL_OP_PKCS1_CHECK_2
= 16,
405 SSL_OP_NETSCAPE_CA_DN_BUG
= 17,
406 SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
= 18,
407 SSL_OP_SINGLE_DH_USE
= 19,
408 SSL_OP_NO_TICKET
= 20,
409 SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
= 21,
410 SSL_OP_NO_QUERY_MTU
= 22,
411 SSL_OP_COOKIE_EXCHANGE
= 23,
412 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
= 24,
413 SSL_OP_SINGLE_ECDH_USE
= 25,
414 SSL_OP_CIPHER_SERVER_PREFERENCE
= 26,
416 SSL_MAX_SSL_SESSION_ID_LENGTH
= 32,
418 EVP_R_BAD_DECRYPT
= 2,
425 SSL_CB_HANDSHAKE_DONE
= 9,
427 SSL_MODE_ENABLE_PARTIAL_WRITE
= 2,
429 BIO_FLAGS_BASE64_NO_NL
= 1,
435 X509_FILETYPE_PEM
= 8,
439 X509_V_ERR_CRL_SIGNATURE_FAILURE
= 13,
440 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD
= 14,
441 X509_V_ERR_CRL_HAS_EXPIRED
= 15,
442 X509_V_ERR_CERT_REVOKED
= 16,
443 X509_V_ERR_CERT_CHAIN_TOO_LONG
= 17,
444 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT
= 18,
445 X509_V_ERR_CERT_NOT_YET_VALID
= 19,
446 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD
= 20,
447 X509_V_ERR_CERT_HAS_EXPIRED
= 21,
448 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD
= 22,
453 CRYPTO_NUM_LOCKS
= 10,
459 #ifndef NO_FILESYSTEM
460 /* CyaSSL extension, provide last error from SSL_get_error
461 since not using thread storage error queue */
462 void ERR_print_errors_fp(FILE*, int err
);
465 enum { /* ssl Constants */
466 SSL_ERROR_NONE
= 0, /* for most functions */
467 SSL_FAILURE
= 0, /* for some functions */
470 SSL_BAD_CERTTYPE
= -8,
473 SSL_BAD_FILETYPE
= -5,
475 SSL_NOT_IMPLEMENTED
= -3,
477 SSL_FATAL_ERROR
= -1,
479 SSL_FILETYPE_ASN1
= 2,
480 SSL_FILETYPE_PEM
= 1,
481 SSL_FILETYPE_DEFAULT
= 2, /* ASN1 */
482 SSL_FILETYPE_RAW
= 3, /* NTRU raw key blob */
486 SSL_VERIFY_FAIL_IF_NO_PEER_CERT
= 2,
487 SSL_VERIFY_CLIENT_ONCE
= 4,
489 SSL_SESS_CACHE_OFF
= 30,
490 SSL_SESS_CACHE_CLIENT
= 31,
491 SSL_SESS_CACHE_SERVER
= 32,
492 SSL_SESS_CACHE_BOTH
= 33,
493 SSL_SESS_CACHE_NO_AUTO_CLEAR
= 34,
494 SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
= 35,
496 SSL_ERROR_WANT_READ
= 2,
497 SSL_ERROR_WANT_WRITE
= 3,
498 SSL_ERROR_WANT_CONNECT
= 7,
499 SSL_ERROR_WANT_ACCEPT
= 8,
500 SSL_ERROR_SYSCALL
= 5,
501 SSL_ERROR_WANT_X509_LOOKUP
= 83,
502 SSL_ERROR_ZERO_RETURN
= 6,
505 SSL_SENT_SHUTDOWN
= 1,
506 SSL_RECEIVED_SHUTDOWN
= 2,
507 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
= 4,
510 SSL_R_SSL_HANDSHAKE_FAILURE
= 101,
511 SSL_R_TLSV1_ALERT_UNKNOWN_CA
= 102,
512 SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN
= 103,
513 SSL_R_SSLV3_ALERT_BAD_CERTIFICATE
= 104,
520 typedef unsigned int (*psk_client_callback
)(SSL
*, const char*, char*,
521 unsigned int, unsigned char*, unsigned int);
522 void SSL_CTX_set_psk_client_callback(SSL_CTX
*, psk_client_callback
);
523 void SSL_set_psk_client_callback(SSL
*, psk_client_callback
);
525 const char* SSL_get_psk_identity_hint(const SSL
*);
526 const char* SSL_get_psk_identity(const SSL
*);
528 int SSL_CTX_use_psk_identity_hint(SSL_CTX
*, const char*);
529 int SSL_use_psk_identity_hint(SSL
*, const char*);
531 typedef unsigned int (*psk_server_callback
)(SSL
*, const char*,
532 unsigned char*, unsigned int);
533 void SSL_CTX_set_psk_server_callback(SSL_CTX
*, psk_server_callback
);
534 void SSL_set_psk_server_callback(SSL
*, psk_server_callback
);
536 #define PSK_TYPES_DEFINED
542 enum { /* ERR Constants */
546 unsigned long ERR_get_error_line_data(const char**, int*, const char**, int *);
548 unsigned long ERR_get_error(void);
549 void ERR_clear_error(void);
552 int RAND_status(void);
553 int RAND_bytes(unsigned char* buf
, int num
);
554 SSL_METHOD
*SSLv23_server_method(void);
555 long SSL_CTX_set_options(SSL_CTX
*, long);
556 int SSL_CTX_check_private_key(SSL_CTX
*);
559 void ERR_free_strings(void);
560 void ERR_remove_state(unsigned long);
561 void EVP_cleanup(void);
563 void CRYPTO_cleanup_all_ex_data(void);
564 long SSL_CTX_set_mode(SSL_CTX
* ctx
, long mode
);
565 long SSL_CTX_get_mode(SSL_CTX
* ctx
);
566 void SSL_CTX_set_default_read_ahead(SSL_CTX
* ctx
, int m
);
568 long SSL_CTX_sess_set_cache_size(SSL_CTX
*, long);
570 int SSL_CTX_set_default_verify_paths(SSL_CTX
*);
571 int SSL_CTX_set_session_id_context(SSL_CTX
*, const unsigned char*,
574 X509
* SSL_get_peer_certificate(SSL
* ssl
);
576 int SSL_want_read(SSL
*);
577 int SSL_want_write(SSL
*);
579 int BIO_printf(BIO
*, const char*, ...);
580 int ASN1_UTCTIME_print(BIO
*, const ASN1_UTCTIME
*);
582 int sk_num(X509_REVOKED
*);
583 void* sk_value(X509_REVOKED
*, int);
585 /* stunnel 4.28 needs */
586 void* SSL_CTX_get_ex_data(const SSL_CTX
*, int);
587 int SSL_CTX_set_ex_data(SSL_CTX
*, int, void*);
588 void SSL_CTX_sess_set_get_cb(SSL_CTX
*, SSL_SESSION
*(*f
)(SSL
*, unsigned char*,
590 void SSL_CTX_sess_set_new_cb(SSL_CTX
*, int (*f
)(SSL
*, SSL_SESSION
*));
591 void SSL_CTX_sess_set_remove_cb(SSL_CTX
*, void (*f
)(SSL_CTX
*, SSL_SESSION
*));
593 int i2d_SSL_SESSION(SSL_SESSION
*, unsigned char**);
594 SSL_SESSION
* d2i_SSL_SESSION(SSL_SESSION
**,const unsigned char**, long);
596 long SSL_SESSION_get_timeout(const SSL_SESSION
*);
597 long SSL_SESSION_get_time(const SSL_SESSION
*);
598 int SSL_CTX_get_ex_new_index(long, void*, void*, void*, void*);
603 /* CyaSSL extensions */
605 /* call before SSL_connect, if verifying will add name check to
606 date check and signature check */
607 int CyaSSL_check_domain_name(SSL
* ssl
, const char* dn
);
609 int InitCyaSSL(void); /* need to call once to load library (session cache) */
610 int FreeCyaSSL(void); /* call when done to free session cache mutex */
612 int CyaSSL_Debugging_ON(void); /* turn logging on, only if compiled in */
613 void CyaSSL_Debugging_OFF(void); /* turn logging off */
615 int CyaSSL_set_compression(SSL
* ssl
); /* turn on CyaSSL data compression */
617 int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX
*, const char*); /* load NTRU
619 X509_CHAIN
* CyaSSL_get_peer_chain(SSL
* ssl
); /* get CyaSSL peer X509_CHAIN */
620 int CyaSSL_get_chain_count(X509_CHAIN
* chain
); /* peer chain count */
621 int CyaSSL_get_chain_length(X509_CHAIN
*, int idx
); /* index cert length */
622 unsigned char* CyaSSL_get_chain_cert(X509_CHAIN
*, int idx
); /* index cert */
623 int CyaSSL_get_chain_cert_pem(X509_CHAIN
*, int idx
, unsigned char* buffer
,
624 int inLen
, int* outLen
); /* get index cert in PEM */
625 const unsigned char* CyaSSL_get_sessionID(const SSL_SESSION
* session
);
630 /* allow writev style writing */
631 int CyaSSL_writev(SSL
* ssl
, const struct iovec
* iov
, int iovcnt
);
635 #if defined(NO_FILESYSTEM) || defined(MICRIUM)
637 int CyaSSL_CTX_load_verify_buffer(SSL_CTX
*, const unsigned char*, long, int);
638 int CyaSSL_CTX_use_certificate_buffer(SSL_CTX
*, const unsigned char*, long,int);
639 int CyaSSL_CTX_use_PrivateKey_buffer(SSL_CTX
*, const unsigned char*, long, int);
640 int CyaSSL_CTX_use_certificate_chain_buffer(SSL_CTX
*,const unsigned char*,long);
642 #endif /* NO_FILESYSTEM || MICRIUM */
646 typedef int (*CallbackIORecv
)(char *buf
, int sz
, void *ctx
);
647 typedef int (*CallbackIOSend
)(char *buf
, int sz
, void *ctx
);
649 void CyaSSL_SetIORecv(SSL_CTX
*, CallbackIORecv
);
650 void CyaSSL_SetIOSend(SSL_CTX
*, CallbackIOSend
);
652 void CyaSSL_SetIOReadCtx(SSL
* ssl
, void *ctx
);
653 void CyaSSL_SetIOWriteCtx(SSL
* ssl
, void *ctx
);
656 #ifdef CYASSL_CALLBACKS
658 /* used internally by CyaSSL while OpenSSL types aren't */
659 #include "cyassl_callbacks.h"
661 typedef int (*HandShakeCallBack
)(HandShakeInfo
*);
662 typedef int (*TimeoutCallBack
)(TimeoutInfo
*);
664 /* CyaSSL connect extension allowing HandShakeCallBack and/or TimeoutCallBack
666 int CyaSSL_connect_ex(SSL
*, HandShakeCallBack
, TimeoutCallBack
, Timeval
);
667 int CyaSSL_accept_ex(SSL
*, HandShakeCallBack
, TimeoutCallBack
, Timeval
);
669 #endif /* CYASSL_CALLBACKS */
677 #endif /* CyaSSL_openssl_h__ */