2 * Copyright (C) 2004, 2005, 2006 Free Software Foundation
3 * Copyright (c) 2002 Andrew McDonald <andrew@mcdonald.org.uk>
5 * This file is part of GNUTLS-EXTRA.
7 * GNUTLS-EXTRA is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, either version 3 of the License, or
10 * (at your option) any later version.
12 * GNUTLS-EXTRA is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include <gnutls/gnutls.h>
24 #include <openssl_compat.h>
29 #include <gnutls/openssl.h>
31 /* XXX: See lib/gnutls_int.h. */
32 #define GNUTLS_POINTER_TO_INT(_) ((int) GNUTLS_POINTER_TO_INT_CAST (_))
33 #define GNUTLS_INT_TO_POINTER(_) ((void*) GNUTLS_POINTER_TO_INT_CAST (_))
35 /* WARNING: Error functions aren't currently thread-safe */
37 static int last_error
= 0;
40 /* Library initialisation functions */
43 SSL_library_init (void)
45 gnutls_global_init ();
46 /* NB: we haven't got anywhere to call gnutls_global_deinit() */
51 OpenSSL_add_all_algorithms (void)
56 /* SSL_CTX structure handling */
59 SSL_CTX_new (SSL_METHOD
* method
)
63 ctx
= (SSL_CTX
*) calloc (1, sizeof (SSL_CTX
));
70 SSL_CTX_free (SSL_CTX
* ctx
)
77 SSL_CTX_set_default_verify_paths (SSL_CTX
* ctx
)
83 SSL_CTX_use_certificate_file (SSL_CTX
* ctx
, const char *certfile
, int type
)
85 ctx
->certfile
= (char *) calloc (1, strlen (certfile
) + 1);
88 memcpy (ctx
->certfile
, certfile
, strlen (certfile
));
90 ctx
->certfile_type
= type
;
96 SSL_CTX_use_PrivateKey_file (SSL_CTX
* ctx
, const char *keyfile
, int type
)
98 ctx
->keyfile
= (char *) calloc (1, strlen (keyfile
) + 1);
101 memcpy (ctx
->keyfile
, keyfile
, strlen (keyfile
));
103 ctx
->keyfile_type
= type
;
110 SSL_CTX_set_verify (SSL_CTX
* ctx
, int verify_mode
,
111 int (*verify_callback
) (int, X509_STORE_CTX
*))
113 ctx
->verify_mode
= verify_mode
;
114 ctx
->verify_callback
= verify_callback
;
118 SSL_CTX_set_options (SSL_CTX
* ctx
, unsigned long options
)
120 return (ctx
->options
|= options
);
124 SSL_CTX_set_mode (SSL_CTX
* ctx
, long mode
)
130 SSL_CTX_set_cipher_list (SSL_CTX
* ctx
, const char *list
)
132 /* FIXME: ignore this for the moment */
133 /* We're going to have to parse the "list" string to do this */
134 /* It is a string, which in its simplest form is something like
135 "DES-CBC3-SHA:IDEA-CBC-MD5", but can be rather more complicated
136 (see OpenSSL's ciphers(1) manpage for details) */
142 /* SSL_CTX statistics */
145 SSL_CTX_sess_number (SSL_CTX
* ctx
)
151 SSL_CTX_sess_connect (SSL_CTX
* ctx
)
157 SSL_CTX_sess_connect_good (SSL_CTX
* ctx
)
163 SSL_CTX_sess_connect_renegotiate (SSL_CTX
* ctx
)
169 SSL_CTX_sess_accept (SSL_CTX
* ctx
)
175 SSL_CTX_sess_accept_good (SSL_CTX
* ctx
)
181 SSL_CTX_sess_accept_renegotiate (SSL_CTX
* ctx
)
187 SSL_CTX_sess_hits (SSL_CTX
* ctx
)
193 SSL_CTX_sess_misses (SSL_CTX
* ctx
)
199 SSL_CTX_sess_timeouts (SSL_CTX
* ctx
)
206 /* SSL structure handling */
209 SSL_new (SSL_CTX
* ctx
)
214 ssl
= (SSL
*) calloc (1, sizeof (SSL
));
218 err
= gnutls_certificate_allocate_credentials (&ssl
->gnutls_cred
);
226 gnutls_init (&ssl
->gnutls_state
, ctx
->method
->connend
);
228 gnutls_protocol_set_priority (ssl
->gnutls_state
,
229 ctx
->method
->protocol_priority
);
230 gnutls_cipher_set_priority (ssl
->gnutls_state
,
231 ctx
->method
->cipher_priority
);
232 gnutls_compression_set_priority (ssl
->gnutls_state
,
233 ctx
->method
->comp_priority
);
234 gnutls_kx_set_priority (ssl
->gnutls_state
, ctx
->method
->kx_priority
);
235 gnutls_mac_set_priority (ssl
->gnutls_state
, ctx
->method
->mac_priority
);
237 gnutls_credentials_set (ssl
->gnutls_state
, GNUTLS_CRD_CERTIFICATE
,
240 gnutls_certificate_set_x509_trust_file (ssl
->gnutls_cred
,
244 gnutls_certificate_set_x509_key_file (ssl
->gnutls_cred
,
245 ctx
->certfile
, ctx
->keyfile
,
248 ssl
->verify_mode
= ctx
->verify_mode
;
249 ssl
->verify_callback
= ctx
->verify_callback
;
251 ssl
->options
= ctx
->options
;
253 ssl
->rfd
= (gnutls_transport_ptr_t
) - 1;
254 ssl
->wfd
= (gnutls_transport_ptr_t
) - 1;
262 gnutls_certificate_free_credentials (ssl
->gnutls_cred
);
263 gnutls_deinit (ssl
->gnutls_state
);
268 SSL_load_error_strings (void)
273 SSL_get_error (SSL
* ssl
, int ret
)
276 return SSL_ERROR_NONE
;
278 return SSL_ERROR_ZERO_RETURN
;
282 SSL_set_fd (SSL
* ssl
, int fd
)
284 gnutls_transport_set_ptr (ssl
->gnutls_state
, GNUTLS_INT_TO_POINTER (fd
));
289 SSL_set_rfd (SSL
* ssl
, int fd
)
291 ssl
->rfd
= GNUTLS_INT_TO_POINTER (fd
);
293 if (ssl
->wfd
!= (gnutls_transport_ptr_t
) - 1)
294 gnutls_transport_set_ptr2 (ssl
->gnutls_state
, ssl
->rfd
, ssl
->wfd
);
300 SSL_set_wfd (SSL
* ssl
, int fd
)
302 ssl
->wfd
= GNUTLS_INT_TO_POINTER (fd
);
304 if (ssl
->rfd
!= (gnutls_transport_ptr_t
) - 1)
305 gnutls_transport_set_ptr2 (ssl
->gnutls_state
, ssl
->rfd
, ssl
->wfd
);
311 SSL_set_bio (SSL
* ssl
, BIO
* rbio
, BIO
* wbio
)
313 gnutls_transport_set_ptr2 (ssl
->gnutls_state
, rbio
->fd
, wbio
->fd
);
318 SSL_set_connect_state (SSL
* ssl
)
323 SSL_pending (SSL
* ssl
)
325 return gnutls_record_check_pending (ssl
->gnutls_state
);
329 SSL_set_verify (SSL
* ssl
, int verify_mode
,
330 int (*verify_callback
) (int, X509_STORE_CTX
*))
332 ssl
->verify_mode
= verify_mode
;
333 ssl
->verify_callback
= verify_callback
;
337 SSL_get_peer_certificate (SSL
* ssl
)
339 const gnutls_datum_t
*cert_list
;
340 int cert_list_size
= 0;
342 cert_list
= gnutls_certificate_get_peers (ssl
->gnutls_state
,
348 /* SSL connection open/close/read/write functions */
351 SSL_connect (SSL
* ssl
)
353 X509_STORE_CTX
*store
;
354 int cert_list_size
= 0;
357 int x_priority
[GNUTLS_MAX_ALGORITHM_NUM
];
358 /* take options into account before connecting */
360 memset (x_priority
, 0, sizeof (x_priority
));
361 if (ssl
->options
& SSL_OP_NO_TLSv1
)
364 i
< GNUTLS_MAX_ALGORITHM_NUM
&& x_priority
[i
] != 0; i
++, j
++)
366 if (ssl
->ctx
->method
->protocol_priority
[j
] == GNUTLS_TLS1
)
369 x_priority
[i
] = ssl
->ctx
->method
->protocol_priority
[j
];
371 if (i
< GNUTLS_MAX_ALGORITHM_NUM
)
373 gnutls_protocol_set_priority (ssl
->gnutls_state
,
374 ssl
->ctx
->method
->protocol_priority
);
377 err
= gnutls_handshake (ssl
->gnutls_state
);
378 ssl
->last_error
= err
;
386 store
= (X509_STORE_CTX
*) calloc (1, sizeof (X509_STORE_CTX
));
388 store
->cert_list
= gnutls_certificate_get_peers (ssl
->gnutls_state
,
391 if (ssl
->verify_callback
)
393 ssl
->verify_callback (1 /*FIXME*/, store
);
395 ssl
->state
= SSL_ST_OK
;
400 /* FIXME: deal with error from callback */
406 SSL_accept (SSL
* ssl
)
408 X509_STORE_CTX
*store
;
409 int cert_list_size
= 0;
412 int x_priority
[GNUTLS_MAX_ALGORITHM_NUM
];
413 /* take options into account before accepting */
415 memset (x_priority
, 0, sizeof (x_priority
));
416 if (ssl
->options
& SSL_OP_NO_TLSv1
)
419 i
< GNUTLS_MAX_ALGORITHM_NUM
&& x_priority
[i
] != 0; i
++, j
++)
421 if (ssl
->ctx
->method
->protocol_priority
[j
] == GNUTLS_TLS1
)
424 x_priority
[i
] = ssl
->ctx
->method
->protocol_priority
[j
];
426 if (i
< GNUTLS_MAX_ALGORITHM_NUM
)
428 gnutls_protocol_set_priority (ssl
->gnutls_state
,
429 ssl
->ctx
->method
->protocol_priority
);
432 /* FIXME: dh params, do we want client cert? */
434 err
= gnutls_handshake (ssl
->gnutls_state
);
435 ssl
->last_error
= err
;
443 store
= (X509_STORE_CTX
*) calloc (1, sizeof (X509_STORE_CTX
));
445 store
->cert_list
= gnutls_certificate_get_peers (ssl
->gnutls_state
,
448 if (ssl
->verify_callback
)
450 ssl
->verify_callback (1 /*FIXME*/, store
);
452 ssl
->state
= SSL_ST_OK
;
457 /* FIXME: deal with error from callback */
463 SSL_shutdown (SSL
* ssl
)
467 gnutls_bye (ssl
->gnutls_state
, GNUTLS_SHUT_WR
);
472 gnutls_bye (ssl
->gnutls_state
, GNUTLS_SHUT_RDWR
);
481 SSL_read (SSL
* ssl
, void *buf
, int len
)
485 ret
= gnutls_record_recv (ssl
->gnutls_state
, buf
, len
);
486 ssl
->last_error
= ret
;
498 SSL_write (SSL
* ssl
, const void *buf
, int len
)
502 ret
= gnutls_record_send (ssl
->gnutls_state
, buf
, len
);
503 ssl
->last_error
= ret
;
521 /* SSL_METHOD functions */
524 SSLv23_client_method (void)
527 m
= (SSL_METHOD
*) calloc (1, sizeof (SSL_METHOD
));
531 m
->protocol_priority
[0] = GNUTLS_TLS1
;
532 m
->protocol_priority
[1] = GNUTLS_SSL3
;
533 m
->protocol_priority
[2] = 0;
535 m
->cipher_priority
[0] = GNUTLS_CIPHER_AES_128_CBC
;
536 m
->cipher_priority
[1] = GNUTLS_CIPHER_3DES_CBC
;
537 m
->cipher_priority
[2] = GNUTLS_CIPHER_AES_256_CBC
;
538 #ifdef ENABLE_CAMELLIA
539 m
->cipher_priority
[3] = GNUTLS_CIPHER_CAMELLIA_128_CBC
;
540 m
->cipher_priority
[4] = GNUTLS_CIPHER_CAMELLIA_256_CBC
;
541 m
->cipher_priority
[5] = GNUTLS_CIPHER_ARCFOUR_128
;
542 m
->cipher_priority
[6] = 0;
544 m
->cipher_priority
[3] = GNUTLS_CIPHER_ARCFOUR_128
;
545 m
->cipher_priority
[4] = 0;
548 m
->comp_priority
[0] = GNUTLS_COMP_ZLIB
;
549 m
->comp_priority
[1] = GNUTLS_COMP_NULL
;
550 m
->comp_priority
[2] = 0;
552 m
->kx_priority
[0] = GNUTLS_KX_DHE_RSA
;
553 m
->kx_priority
[1] = GNUTLS_KX_RSA
;
554 m
->kx_priority
[2] = GNUTLS_KX_DHE_DSS
;
555 m
->kx_priority
[3] = 0;
557 m
->mac_priority
[0] = GNUTLS_MAC_SHA1
;
558 m
->mac_priority
[1] = GNUTLS_MAC_MD5
;
559 m
->mac_priority
[2] = 0;
561 m
->connend
= GNUTLS_CLIENT
;
567 SSLv23_server_method (void)
570 m
= (SSL_METHOD
*) calloc (1, sizeof (SSL_METHOD
));
574 m
->protocol_priority
[0] = GNUTLS_TLS1
;
575 m
->protocol_priority
[1] = GNUTLS_SSL3
;
576 m
->protocol_priority
[2] = 0;
578 m
->cipher_priority
[0] = GNUTLS_CIPHER_AES_128_CBC
;
579 m
->cipher_priority
[1] = GNUTLS_CIPHER_3DES_CBC
;
580 m
->cipher_priority
[2] = GNUTLS_CIPHER_AES_256_CBC
;
581 #ifdef ENABLE_CAMELLIA
582 m
->cipher_priority
[3] = GNUTLS_CIPHER_CAMELLIA_128_CBC
;
583 m
->cipher_priority
[4] = GNUTLS_CIPHER_CAMELLIA_256_CBC
;
584 m
->cipher_priority
[5] = GNUTLS_CIPHER_ARCFOUR_128
;
585 m
->cipher_priority
[6] = 0;
587 m
->cipher_priority
[3] = GNUTLS_CIPHER_ARCFOUR_128
;
588 m
->cipher_priority
[4] = 0;
591 m
->comp_priority
[0] = GNUTLS_COMP_ZLIB
;
592 m
->comp_priority
[1] = GNUTLS_COMP_NULL
;
593 m
->comp_priority
[2] = 0;
595 m
->kx_priority
[0] = GNUTLS_KX_DHE_RSA
;
596 m
->kx_priority
[1] = GNUTLS_KX_RSA
;
597 m
->kx_priority
[2] = GNUTLS_KX_DHE_DSS
;
598 m
->kx_priority
[3] = 0;
600 m
->mac_priority
[0] = GNUTLS_MAC_SHA1
;
601 m
->mac_priority
[1] = GNUTLS_MAC_MD5
;
602 m
->mac_priority
[2] = 0;
604 m
->connend
= GNUTLS_SERVER
;
610 SSLv3_client_method (void)
613 m
= (SSL_METHOD
*) calloc (1, sizeof (SSL_METHOD
));
617 m
->protocol_priority
[0] = GNUTLS_SSL3
;
618 m
->protocol_priority
[2] = 0;
620 m
->cipher_priority
[1] = GNUTLS_CIPHER_3DES_CBC
;
621 m
->cipher_priority
[2] = GNUTLS_CIPHER_ARCFOUR_128
;
622 m
->cipher_priority
[3] = 0;
624 m
->comp_priority
[0] = GNUTLS_COMP_ZLIB
;
625 m
->comp_priority
[1] = GNUTLS_COMP_NULL
;
626 m
->comp_priority
[2] = 0;
628 m
->kx_priority
[0] = GNUTLS_KX_DHE_RSA
;
629 m
->kx_priority
[1] = GNUTLS_KX_RSA
;
630 m
->kx_priority
[2] = GNUTLS_KX_DHE_DSS
;
631 m
->kx_priority
[3] = 0;
633 m
->mac_priority
[0] = GNUTLS_MAC_SHA1
;
634 m
->mac_priority
[1] = GNUTLS_MAC_MD5
;
635 m
->mac_priority
[2] = 0;
637 m
->connend
= GNUTLS_CLIENT
;
643 SSLv3_server_method (void)
646 m
= (SSL_METHOD
*) calloc (1, sizeof (SSL_METHOD
));
650 m
->protocol_priority
[0] = GNUTLS_SSL3
;
651 m
->protocol_priority
[2] = 0;
653 m
->cipher_priority
[1] = GNUTLS_CIPHER_3DES_CBC
;
654 m
->cipher_priority
[2] = GNUTLS_CIPHER_ARCFOUR_128
;
655 m
->cipher_priority
[3] = 0;
657 m
->comp_priority
[0] = GNUTLS_COMP_ZLIB
;
658 m
->comp_priority
[1] = GNUTLS_COMP_NULL
;
659 m
->comp_priority
[2] = 0;
661 m
->kx_priority
[0] = GNUTLS_KX_DHE_RSA
;
662 m
->kx_priority
[1] = GNUTLS_KX_RSA
;
663 m
->kx_priority
[2] = GNUTLS_KX_DHE_DSS
;
664 m
->kx_priority
[3] = 0;
666 m
->mac_priority
[0] = GNUTLS_MAC_SHA1
;
667 m
->mac_priority
[1] = GNUTLS_MAC_MD5
;
668 m
->mac_priority
[2] = 0;
670 m
->connend
= GNUTLS_SERVER
;
676 TLSv1_client_method (void)
679 m
= (SSL_METHOD
*) calloc (1, sizeof (SSL_METHOD
));
683 m
->protocol_priority
[0] = GNUTLS_TLS1
;
684 m
->protocol_priority
[1] = 0;
686 m
->cipher_priority
[0] = GNUTLS_CIPHER_AES_128_CBC
;
687 m
->cipher_priority
[1] = GNUTLS_CIPHER_3DES_CBC
;
688 m
->cipher_priority
[2] = GNUTLS_CIPHER_AES_256_CBC
;
689 #ifdef ENABLE_CAMELLIA
690 m
->cipher_priority
[3] = GNUTLS_CIPHER_CAMELLIA_128_CBC
;
691 m
->cipher_priority
[4] = GNUTLS_CIPHER_CAMELLIA_256_CBC
;
692 m
->cipher_priority
[5] = GNUTLS_CIPHER_ARCFOUR_128
;
693 m
->cipher_priority
[6] = 0;
695 m
->cipher_priority
[3] = GNUTLS_CIPHER_ARCFOUR_128
;
696 m
->cipher_priority
[4] = 0;
699 m
->comp_priority
[0] = GNUTLS_COMP_ZLIB
;
700 m
->comp_priority
[1] = GNUTLS_COMP_NULL
;
701 m
->comp_priority
[2] = 0;
703 m
->kx_priority
[0] = GNUTLS_KX_DHE_RSA
;
704 m
->kx_priority
[1] = GNUTLS_KX_RSA
;
705 m
->kx_priority
[2] = GNUTLS_KX_DHE_DSS
;
706 m
->kx_priority
[3] = 0;
708 m
->mac_priority
[0] = GNUTLS_MAC_SHA1
;
709 m
->mac_priority
[1] = GNUTLS_MAC_MD5
;
710 m
->mac_priority
[2] = 0;
712 m
->connend
= GNUTLS_CLIENT
;
718 TLSv1_server_method (void)
721 m
= (SSL_METHOD
*) calloc (1, sizeof (SSL_METHOD
));
725 m
->protocol_priority
[0] = GNUTLS_TLS1
;
726 m
->protocol_priority
[1] = 0;
728 m
->cipher_priority
[0] = GNUTLS_CIPHER_AES_128_CBC
;
729 m
->cipher_priority
[1] = GNUTLS_CIPHER_3DES_CBC
;
730 m
->cipher_priority
[2] = GNUTLS_CIPHER_AES_256_CBC
;
731 #ifdef ENABLE_CAMELLIA
732 m
->cipher_priority
[3] = GNUTLS_CIPHER_CAMELLIA_128_CBC
;
733 m
->cipher_priority
[4] = GNUTLS_CIPHER_CAMELLIA_256_CBC
;
734 m
->cipher_priority
[5] = GNUTLS_CIPHER_ARCFOUR_128
;
735 m
->cipher_priority
[6] = 0;
737 m
->cipher_priority
[3] = GNUTLS_CIPHER_ARCFOUR_128
;
738 m
->cipher_priority
[4] = 0;
741 m
->comp_priority
[0] = GNUTLS_COMP_ZLIB
;
742 m
->comp_priority
[1] = GNUTLS_COMP_NULL
;
743 m
->comp_priority
[2] = 0;
745 m
->kx_priority
[0] = GNUTLS_KX_DHE_RSA
;
746 m
->kx_priority
[1] = GNUTLS_KX_RSA
;
747 m
->kx_priority
[2] = GNUTLS_KX_DHE_DSS
;
748 m
->kx_priority
[3] = 0;
750 m
->mac_priority
[0] = GNUTLS_MAC_SHA1
;
751 m
->mac_priority
[1] = GNUTLS_MAC_MD5
;
752 m
->mac_priority
[2] = 0;
754 m
->connend
= GNUTLS_SERVER
;
760 /* SSL_CIPHER functions */
763 SSL_get_current_cipher (SSL
* ssl
)
768 ssl
->ciphersuite
.version
= gnutls_protocol_get_version (ssl
->gnutls_state
);
769 ssl
->ciphersuite
.cipher
= gnutls_cipher_get (ssl
->gnutls_state
);
770 ssl
->ciphersuite
.kx
= gnutls_kx_get (ssl
->gnutls_state
);
771 ssl
->ciphersuite
.mac
= gnutls_mac_get (ssl
->gnutls_state
);
772 ssl
->ciphersuite
.compression
= gnutls_compression_get (ssl
->gnutls_state
);
773 ssl
->ciphersuite
.cert
= gnutls_certificate_type_get (ssl
->gnutls_state
);
775 return &(ssl
->ciphersuite
);
779 SSL_CIPHER_get_name (SSL_CIPHER
* cipher
)
784 return gnutls_cipher_suite_get_name (cipher
->kx
,
785 cipher
->cipher
, cipher
->mac
);
789 SSL_CIPHER_get_bits (SSL_CIPHER
* cipher
, int *bits
)
796 bit_result
= (8 * gnutls_cipher_get_key_size (cipher
->cipher
));
805 SSL_CIPHER_get_version (SSL_CIPHER
* cipher
)
812 ret
= gnutls_protocol_get_name (cipher
->version
);
820 SSL_CIPHER_description (SSL_CIPHER
* cipher
, char *buf
, int size
)
834 tmpbuf
= (char *) malloc (128);
839 if (snprintf (tmpbuf
, tmpsize
, "%s %s %s %s",
840 gnutls_protocol_get_name (cipher
->version
),
841 gnutls_kx_get_name (cipher
->kx
),
842 gnutls_cipher_get_name (cipher
->cipher
),
843 gnutls_mac_get_name (cipher
->mac
)) == -1)
847 return "Buffer too small";
857 X509_get_subject_name (const X509
* cert
)
860 dn
= (gnutls_x509_dn
*) calloc (1, sizeof (gnutls_x509_dn
));
861 if (gnutls_x509_extract_certificate_dn (&cert
[0], dn
) < 0)
870 X509_get_issuer_name (const X509
* cert
)
873 dn
= (gnutls_x509_dn
*) calloc (1, sizeof (gnutls_x509_dn
));
874 if (gnutls_x509_extract_certificate_dn (&cert
[1], dn
) < 0)
883 X509_NAME_oneline (gnutls_x509_dn
* name
, char *buf
, int len
)
885 memset (buf
, 0, len
);
889 snprintf (buf
, len
- 1,
890 "C=%s, ST=%s, L=%s, O=%s, OU=%s, CN=%s/Email=%s",
891 name
->country
, name
->state_or_province_name
,
892 name
->locality_name
, name
->organization
,
893 name
->organizational_unit_name
, name
->common_name
, name
->email
);
898 X509_free (const X509
* cert
)
900 /* only get certificates as const items */
907 BIO_get_fd (gnutls_session_t gnutls_state
, int *fd
)
909 *fd
= GNUTLS_POINTER_TO_INT (gnutls_transport_get_ptr (gnutls_state
));
913 BIO_new_socket (int sock
, int close_flag
)
917 bio
= (BIO
*) malloc (sizeof (BIO
));
921 bio
->fd
= GNUTLS_INT_TO_POINTER (sock
);
934 ret
= -1 * last_error
;
941 ERR_error_string (unsigned long e
, char *buf
)
943 return gnutls_strerror (-1 * e
);
956 RAND_seed (const void *buf
, int num
)
961 RAND_bytes (unsigned char *buf
, int num
)
963 gc_random (buf
, num
);
968 RAND_file_name (char *buf
, size_t len
)
974 RAND_load_file (const char *name
, long maxbytes
)
980 RAND_write_file (const char *name
)
986 RAND_egd_bytes (const char *path
, int bytes
)
993 /* message digest functions */
996 MD5_Init (MD5_CTX
* ctx
)
998 gc_hash_open (GC_MD5
, 0, &ctx
->handle
);
1002 MD5_Update (MD5_CTX
* ctx
, const void *buf
, int len
)
1004 gc_hash_write (ctx
->handle
, len
, buf
);
1008 MD5_Final (unsigned char *md
, MD5_CTX
* ctx
)
1010 const char *local_md
;
1012 local_md
= gc_hash_read (ctx
->handle
);
1014 memcpy (md
, local_md
, gc_hash_digest_length (GC_MD5
));
1015 gc_hash_close (ctx
->handle
);
1019 MD5 (const unsigned char *buf
, unsigned long len
, unsigned char *md
)
1024 gc_hash_buffer (GC_MD5
, buf
, len
, md
);
1030 RIPEMD160_Init (RIPEMD160_CTX
* ctx
)
1032 gc_hash_open (GC_RMD160
, 0, &ctx
->handle
);
1036 RIPEMD160_Update (RIPEMD160_CTX
* ctx
, const void *buf
, int len
)
1038 gc_hash_write (ctx
->handle
, len
, buf
);
1042 RIPEMD160_Final (unsigned char *md
, RIPEMD160_CTX
* ctx
)
1044 const char *local_md
;
1046 local_md
= gc_hash_read (ctx
->handle
);
1048 memcpy (md
, local_md
, gc_hash_digest_length (GC_RMD160
));
1049 gc_hash_close (ctx
->handle
);
1053 RIPEMD160 (const unsigned char *buf
, unsigned long len
, unsigned char *md
)
1058 gc_hash_buffer (GC_RMD160
, buf
, len
, md
);