include/openssl/crypto.h

*8fb009dcSAndroid Build Coastguard Worker/* Copyright (c) 2014, Google Inc.
*8fb009dcSAndroid Build Coastguard Worker *
*8fb009dcSAndroid Build Coastguard Worker * Permission to use, copy, modify, and/or distribute this software for any
*8fb009dcSAndroid Build Coastguard Worker * purpose with or without fee is hereby granted, provided that the above
*8fb009dcSAndroid Build Coastguard Worker * copyright notice and this permission notice appear in all copies.
*8fb009dcSAndroid Build Coastguard Worker *
*8fb009dcSAndroid Build Coastguard Worker * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
*8fb009dcSAndroid Build Coastguard Worker * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
*8fb009dcSAndroid Build Coastguard Worker * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
*8fb009dcSAndroid Build Coastguard Worker * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
*8fb009dcSAndroid Build Coastguard Worker * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
*8fb009dcSAndroid Build Coastguard Worker * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
*8fb009dcSAndroid Build Coastguard Worker * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker#ifndef OPENSSL_HEADER_CRYPTO_H
*8fb009dcSAndroid Build Coastguard Worker#define OPENSSL_HEADER_CRYPTO_H
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker#include <openssl/base.h>
*8fb009dcSAndroid Build Coastguard Worker#include <openssl/sha.h>
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// Upstream OpenSSL defines |OPENSSL_malloc|, etc., in crypto.h rather than
*8fb009dcSAndroid Build Coastguard Worker// mem.h.
*8fb009dcSAndroid Build Coastguard Worker#include <openssl/mem.h>
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// Upstream OpenSSL defines |CRYPTO_LOCK|, etc., in crypto.h rather than
*8fb009dcSAndroid Build Coastguard Worker// thread.h.
*8fb009dcSAndroid Build Coastguard Worker#include <openssl/thread.h>
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker#if defined(__cplusplus)
*8fb009dcSAndroid Build Coastguard Workerextern "C" {
*8fb009dcSAndroid Build Coastguard Worker#endif
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// crypto.h contains functions for library-wide initialization and properties.
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// CRYPTO_is_confidential_build returns one if the linked version of BoringSSL
*8fb009dcSAndroid Build Coastguard Worker// has been built with the BORINGSSL_CONFIDENTIAL define and zero otherwise.
*8fb009dcSAndroid Build Coastguard Worker//
*8fb009dcSAndroid Build Coastguard Worker// This is used by some consumers to identify whether they are using an
*8fb009dcSAndroid Build Coastguard Worker// internal version of BoringSSL.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT int CRYPTO_is_confidential_build(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// CRYPTO_has_asm returns one unless BoringSSL was built with OPENSSL_NO_ASM,
*8fb009dcSAndroid Build Coastguard Worker// in which case it returns zero.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT int CRYPTO_has_asm(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// BORINGSSL_self_test triggers the FIPS KAT-based self tests. It returns one on
*8fb009dcSAndroid Build Coastguard Worker// success and zero on error.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT int BORINGSSL_self_test(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// BORINGSSL_integrity_test triggers the module's integrity test where the code
*8fb009dcSAndroid Build Coastguard Worker// and data of the module is matched against a hash injected at build time. It
*8fb009dcSAndroid Build Coastguard Worker// returns one on success or zero if there's a mismatch. This function only
*8fb009dcSAndroid Build Coastguard Worker// exists if the module was built in FIPS mode without ASAN.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT int BORINGSSL_integrity_test(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// CRYPTO_pre_sandbox_init initializes the crypto library, pre-acquiring some
*8fb009dcSAndroid Build Coastguard Worker// unusual resources to aid running in sandboxed environments. It is safe to
*8fb009dcSAndroid Build Coastguard Worker// call this function multiple times and concurrently from multiple threads.
*8fb009dcSAndroid Build Coastguard Worker//
*8fb009dcSAndroid Build Coastguard Worker// For more details on using BoringSSL in a sandboxed environment, see
*8fb009dcSAndroid Build Coastguard Worker// SANDBOXING.md in the source tree.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT void CRYPTO_pre_sandbox_init(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker#if defined(OPENSSL_ARM) && defined(OPENSSL_LINUX) && \
*8fb009dcSAndroid Build Coastguard Worker    !defined(OPENSSL_STATIC_ARMCAP)
*8fb009dcSAndroid Build Coastguard Worker// CRYPTO_needs_hwcap2_workaround returns one if the ARMv8 AArch32 AT_HWCAP2
*8fb009dcSAndroid Build Coastguard Worker// workaround was needed. See https://crbug.com/boringssl/46.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT int CRYPTO_needs_hwcap2_workaround(void);
*8fb009dcSAndroid Build Coastguard Worker#endif  // OPENSSL_ARM && OPENSSL_LINUX && !OPENSSL_STATIC_ARMCAP
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// FIPS monitoring
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// FIPS_mode returns zero unless BoringSSL is built with BORINGSSL_FIPS, in
*8fb009dcSAndroid Build Coastguard Worker// which case it returns one.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT int FIPS_mode(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// fips_counter_t denotes specific APIs/algorithms. A counter is maintained for
*8fb009dcSAndroid Build Coastguard Worker// each in FIPS mode so that tests can be written to assert that the expected,
*8fb009dcSAndroid Build Coastguard Worker// FIPS functions are being called by a certain peice of code.
*8fb009dcSAndroid Build Coastguard Workerenum fips_counter_t {
*8fb009dcSAndroid Build Coastguard Worker  fips_counter_evp_aes_128_gcm = 0,
*8fb009dcSAndroid Build Coastguard Worker  fips_counter_evp_aes_256_gcm = 1,
*8fb009dcSAndroid Build Coastguard Worker  fips_counter_evp_aes_128_ctr = 2,
*8fb009dcSAndroid Build Coastguard Worker  fips_counter_evp_aes_256_ctr = 3,
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker  fips_counter_max = 3,
*8fb009dcSAndroid Build Coastguard Worker};
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// FIPS_read_counter returns a counter of the number of times the specific
*8fb009dcSAndroid Build Coastguard Worker// function denoted by |counter| has been used. This always returns zero unless
*8fb009dcSAndroid Build Coastguard Worker// BoringSSL was built with BORINGSSL_FIPS_COUNTERS defined.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT size_t FIPS_read_counter(enum fips_counter_t counter);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// Deprecated functions.
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// OPENSSL_VERSION_TEXT contains a string the identifies the version of
*8fb009dcSAndroid Build Coastguard Worker// “OpenSSL”. node.js requires a version number in this text.
*8fb009dcSAndroid Build Coastguard Worker#define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1 (compatible; BoringSSL)"
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker#define OPENSSL_VERSION 0
*8fb009dcSAndroid Build Coastguard Worker#define OPENSSL_CFLAGS 1
*8fb009dcSAndroid Build Coastguard Worker#define OPENSSL_BUILT_ON 2
*8fb009dcSAndroid Build Coastguard Worker#define OPENSSL_PLATFORM 3
*8fb009dcSAndroid Build Coastguard Worker#define OPENSSL_DIR 4
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// OpenSSL_version is a compatibility function that returns the string
*8fb009dcSAndroid Build Coastguard Worker// "BoringSSL" if |which| is |OPENSSL_VERSION| and placeholder strings
*8fb009dcSAndroid Build Coastguard Worker// otherwise.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT const char *OpenSSL_version(int which);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker#define SSLEAY_VERSION OPENSSL_VERSION
*8fb009dcSAndroid Build Coastguard Worker#define SSLEAY_CFLAGS OPENSSL_CFLAGS
*8fb009dcSAndroid Build Coastguard Worker#define SSLEAY_BUILT_ON OPENSSL_BUILT_ON
*8fb009dcSAndroid Build Coastguard Worker#define SSLEAY_PLATFORM OPENSSL_PLATFORM
*8fb009dcSAndroid Build Coastguard Worker#define SSLEAY_DIR OPENSSL_DIR
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// SSLeay_version calls |OpenSSL_version|.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT const char *SSLeay_version(int which);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// SSLeay is a compatibility function that returns OPENSSL_VERSION_NUMBER from
*8fb009dcSAndroid Build Coastguard Worker// base.h.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT unsigned long SSLeay(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// OpenSSL_version_num is a compatibility function that returns
*8fb009dcSAndroid Build Coastguard Worker// OPENSSL_VERSION_NUMBER from base.h.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT unsigned long OpenSSL_version_num(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// CRYPTO_malloc_init returns one.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT int CRYPTO_malloc_init(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// OPENSSL_malloc_init returns one.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT int OPENSSL_malloc_init(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// ENGINE_load_builtin_engines does nothing.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT void ENGINE_load_builtin_engines(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// ENGINE_register_all_complete returns one.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT int ENGINE_register_all_complete(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// OPENSSL_load_builtin_modules does nothing.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT void OPENSSL_load_builtin_modules(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker#define OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS 0
*8fb009dcSAndroid Build Coastguard Worker#define OPENSSL_INIT_LOAD_CRYPTO_STRINGS 0
*8fb009dcSAndroid Build Coastguard Worker#define OPENSSL_INIT_ADD_ALL_CIPHERS 0
*8fb009dcSAndroid Build Coastguard Worker#define OPENSSL_INIT_ADD_ALL_DIGESTS 0
*8fb009dcSAndroid Build Coastguard Worker#define OPENSSL_INIT_NO_ADD_ALL_CIPHERS 0
*8fb009dcSAndroid Build Coastguard Worker#define OPENSSL_INIT_NO_ADD_ALL_DIGESTS 0
*8fb009dcSAndroid Build Coastguard Worker#define OPENSSL_INIT_LOAD_CONFIG 0
*8fb009dcSAndroid Build Coastguard Worker#define OPENSSL_INIT_NO_LOAD_CONFIG 0
*8fb009dcSAndroid Build Coastguard Worker#define OPENSSL_INIT_NO_ATEXIT 0
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// OPENSSL_init_crypto returns one.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT int OPENSSL_init_crypto(uint64_t opts,
*8fb009dcSAndroid Build Coastguard Worker                                       const OPENSSL_INIT_SETTINGS *settings);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// OPENSSL_cleanup does nothing.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT void OPENSSL_cleanup(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// FIPS_mode_set returns one if |on| matches whether BoringSSL was built with
*8fb009dcSAndroid Build Coastguard Worker// |BORINGSSL_FIPS| and zero otherwise.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT int FIPS_mode_set(int on);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// FIPS_module_name returns the name of the FIPS module.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT const char *FIPS_module_name(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// FIPS_module_hash returns the 32-byte hash of the FIPS module.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT const uint8_t* FIPS_module_hash(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// FIPS_version returns the version of the FIPS module, or zero if the build
*8fb009dcSAndroid Build Coastguard Worker// isn't exactly at a verified version. The version, expressed in base 10, will
*8fb009dcSAndroid Build Coastguard Worker// be a date in the form yyyymmddXX where XX is often "00", but can be
*8fb009dcSAndroid Build Coastguard Worker// incremented if multiple versions are defined on a single day.
*8fb009dcSAndroid Build Coastguard Worker//
*8fb009dcSAndroid Build Coastguard Worker// (This format exceeds a |uint32_t| in the year 4294.)
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT uint32_t FIPS_version(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// FIPS_query_algorithm_status returns one if |algorithm| is FIPS validated in
*8fb009dcSAndroid Build Coastguard Worker// the current BoringSSL and zero otherwise.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT int FIPS_query_algorithm_status(const char *algorithm);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker#if defined(OPENSSL_ARM) && defined(OPENSSL_LINUX) && \
*8fb009dcSAndroid Build Coastguard Worker    !defined(OPENSSL_STATIC_ARMCAP)
*8fb009dcSAndroid Build Coastguard Worker// CRYPTO_has_broken_NEON returns zero.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT int CRYPTO_has_broken_NEON(void);
*8fb009dcSAndroid Build Coastguard Worker#endif
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker// CRYPTO_library_init does nothing. Historically, it was needed in some build
*8fb009dcSAndroid Build Coastguard Worker// configurations to initialization the library. This is no longer necessary.
*8fb009dcSAndroid Build Coastguard WorkerOPENSSL_EXPORT void CRYPTO_library_init(void);
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker#if defined(__cplusplus)
*8fb009dcSAndroid Build Coastguard Worker}  // extern C
*8fb009dcSAndroid Build Coastguard Worker#endif
*8fb009dcSAndroid Build Coastguard Worker
*8fb009dcSAndroid Build Coastguard Worker#endif  // OPENSSL_HEADER_CRYPTO_H