1 ! Copyright (C) 2007 Elie CHAFTARI
2 ! Portions copyright (C) 2008 Slava Pestov
3 ! See https://factorcode.org/license.txt for BSD license.
4 USING: alien alien.c-types alien.destructors alien.libraries
5 alien.libraries.finder alien.parser alien.syntax classes.struct
6 combinators kernel literals namespaces openssl.libcrypto system
11 { [ os windows? ] [ "libssl-38.dll" ] }
12 { [ os macosx? ] [ "libssl.35.dylib" ] }
13 { [ os unix? ] [ "libssl.so" ] }
14 } cond cdecl add-library >>
16 CONSTANT: X509_FILETYPE_PEM 1
17 CONSTANT: X509_FILETYPE_ASN1 2
18 CONSTANT: X509_FILETYPE_DEFAULT 3
20 ALIAS: SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
21 ALIAS: SSL_FILETYPE_PEM X509_FILETYPE_PEM
23 CONSTANT: SSL_SENT_SHUTDOWN 1
24 CONSTANT: SSL_RECEIVED_SHUTDOWN 2
26 CONSTANT: SSL_NOTHING 1
27 CONSTANT: SSL_WRITING 2
28 CONSTANT: SSL_READING 3
29 CONSTANT: SSL_X509_LOOKUP 4
31 CONSTANT: SSL_CTRL_NEED_TMP_RSA 1
32 CONSTANT: SSL_CTRL_SET_TMP_RSA 2
33 CONSTANT: SSL_CTRL_SET_TMP_DH 3
34 CONSTANT: SSL_CTRL_SET_TMP_RSA_CB 4
35 CONSTANT: SSL_CTRL_SET_TMP_DH_CB 5
37 CONSTANT: SSL_CTRL_GET_SESSION_REUSED 6
38 CONSTANT: SSL_CTRL_GET_CLIENT_CERT_REQUEST 7
39 CONSTANT: SSL_CTRL_GET_NUM_RENEGOTIATIONS 8
40 CONSTANT: SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 9
41 CONSTANT: SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 10
42 CONSTANT: SSL_CTRL_GET_FLAGS 11
43 CONSTANT: SSL_CTRL_EXTRA_CHAIN_CERT 12
45 CONSTANT: SSL_CTRL_SET_MSG_CALLBACK 13
46 CONSTANT: SSL_CTRL_SET_MSG_CALLBACK_ARG 14
48 CONSTANT: SSL_CTRL_SESS_NUMBER 20
49 CONSTANT: SSL_CTRL_SESS_CONNECT 21
50 CONSTANT: SSL_CTRL_SESS_CONNECT_GOOD 22
51 CONSTANT: SSL_CTRL_SESS_CONNECT_RENEGOTIATE 23
52 CONSTANT: SSL_CTRL_SESS_ACCEPT 24
53 CONSTANT: SSL_CTRL_SESS_ACCEPT_GOOD 25
54 CONSTANT: SSL_CTRL_SESS_ACCEPT_RENEGOTIATE 26
55 CONSTANT: SSL_CTRL_SESS_HIT 27
56 CONSTANT: SSL_CTRL_SESS_CB_HIT 28
57 CONSTANT: SSL_CTRL_SESS_MISSES 29
58 CONSTANT: SSL_CTRL_SESS_TIMEOUTS 30
59 CONSTANT: SSL_CTRL_SESS_CACHE_FULL 31
60 CONSTANT: SSL_CTRL_OPTIONS 32
61 CONSTANT: SSL_CTRL_MODE 33
63 CONSTANT: SSL_CTRL_GET_READ_AHEAD 40
64 CONSTANT: SSL_CTRL_SET_READ_AHEAD 41
65 CONSTANT: SSL_CTRL_SET_SESS_CACHE_SIZE 42
66 CONSTANT: SSL_CTRL_GET_SESS_CACHE_SIZE 43
67 CONSTANT: SSL_CTRL_SET_SESS_CACHE_MODE 44
68 CONSTANT: SSL_CTRL_GET_SESS_CACHE_MODE 45
70 CONSTANT: SSL_CTRL_GET_MAX_CERT_LIST 50
71 CONSTANT: SSL_CTRL_SET_MAX_CERT_LIST 51
72 CONSTANT: SSL_CTRL_SET_MAX_SEND_FRAGMENT 52
73 CONSTANT: SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53
74 CONSTANT: SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54
75 CONSTANT: SSL_CTRL_SET_TLSEXT_HOSTNAME 55
76 CONSTANT: SSL_CTRL_SET_TLSEXT_DEBUG_CB 56
77 CONSTANT: SSL_CTRL_SET_TLSEXT_DEBUG_ARG 57
78 CONSTANT: SSL_CTRL_GET_TLSEXT_TICKET_KEYS 58
79 CONSTANT: SSL_CTRL_SET_TLSEXT_TICKET_KEYS 59
80 CONSTANT: SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61
81 CONSTANT: SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62
82 CONSTANT: SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB 63
83 CONSTANT: SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG 64
84 CONSTANT: SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE 65
85 CONSTANT: SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS 66
86 CONSTANT: SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS 67
87 CONSTANT: SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS 68
88 CONSTANT: SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69
89 CONSTANT: SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70
90 CONSTANT: SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71
91 CONSTANT: SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
92 CONSTANT: SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75
93 CONSTANT: SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76
94 CONSTANT: SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77
95 CONSTANT: SSL_CTRL_SET_SRP_ARG 78
96 CONSTANT: SSL_CTRL_SET_TLS_EXT_SRP_USERNAME 79
97 CONSTANT: SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH 80
98 CONSTANT: SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD 81
99 CONSTANT: SSL_CTRL_TLS_EXT_SEND_HEARTBEAT 85
100 CONSTANT: SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING 86
101 CONSTANT: SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS 87
102 CONSTANT: SSL_CTRL_CHAIN 88
103 CONSTANT: SSL_CTRL_CHAIN_CERT 89
104 CONSTANT: SSL_CTRL_GET_CURVES 90
105 CONSTANT: SSL_CTRL_SET_CURVES 91
106 CONSTANT: SSL_CTRL_SET_CURVES_LIST 92
107 CONSTANT: SSL_CTRL_GET_SHARED_CURVE 93
108 CONSTANT: SSL_CTRL_SET_ECDH_AUTO 94
109 CONSTANT: SSL_CTRL_SET_SIGALGS 97
110 CONSTANT: SSL_CTRL_SET_SIGALGS_LIST 98
111 CONSTANT: SSL_CTRL_CERT_FLAGS 99
112 CONSTANT: SSL_CTRL_CLEAR_CERT_FLAGS 100
113 CONSTANT: SSL_CTRL_SET_CLIENT_SIGALGS 101
114 CONSTANT: SSL_CTRL_SET_CLIENT_SIGALGS_LIST 102
115 CONSTANT: SSL_CTRL_GET_CLIENT_CERT_TYPES 103
116 CONSTANT: SSL_CTRL_SET_CLIENT_CERT_TYPES 104
117 CONSTANT: SSL_CTRL_BUILD_CERT_CHAIN 105
118 CONSTANT: SSL_CTRL_SET_VERIFY_CERT_STORE 106
119 CONSTANT: SSL_CTRL_SET_CHAIN_CERT_STORE 107
120 CONSTANT: SSL_CTRL_GET_PEER_SIGNATURE_NID 108
121 CONSTANT: SSL_CTRL_GET_SERVER_TMP_KEY 109
122 CONSTANT: SSL_CTRL_GET_RAW_CIPHERLIST 110
123 CONSTANT: SSL_CTRL_GET_EC_POINT_FORMATS 111
124 CONSTANT: SSL_CTRL_GET_CHAIN_CERTS 115
125 CONSTANT: SSL_CTRL_SELECT_CURRENT_CERT 116
126 CONSTANT: SSL_CTRL_SET_CURRENT_CERT 117
127 CONSTANT: SSL_CTRL_CHECK_PROTO_VERSION 119
128 CONSTANT: DTLS_CTRL_SET_LINK_MTU 120
129 CONSTANT: DTLS_CTRL_GET_LINK_MIN_MTU 121
131 CONSTANT: TLSEXT_NAMETYPE_host_name 0
132 CONSTANT: TLSEXT_STATUSTYPE_ocsp 1
134 CONSTANT: TLSEXT_ECPOINTFORMAT_first 0
135 CONSTANT: TLSEXT_ECPOINTFORMAT_uncompressed 0
136 CONSTANT: TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime 1
137 CONSTANT: TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2 2
138 CONSTANT: TLSEXT_ECPOINTFORMAT_last 2
140 CONSTANT: TLSEXT_signature_anonymous 0
141 CONSTANT: TLSEXT_signature_rsa 1
142 CONSTANT: TLSEXT_signature_dsa 2
143 CONSTANT: TLSEXT_signature_ecdsa 3
144 CONSTANT: TLSEXT_signature_num 4
146 CONSTANT: TLSEXT_hash_none 0
147 CONSTANT: TLSEXT_hash_md5 1
148 CONSTANT: TLSEXT_hash_sha1 2
149 CONSTANT: TLSEXT_hash_sha224 3
150 CONSTANT: TLSEXT_hash_sha256 4
151 CONSTANT: TLSEXT_hash_sha384 5
152 CONSTANT: TLSEXT_hash_sha512 6
153 CONSTANT: TLSEXT_hash_num 7
155 CONSTANT: TLSEXT_nid_unknown 0x1000000
157 CONSTANT: SSL_OP_NO_SSLv2 0x01000000
158 CONSTANT: SSL_OP_NO_SSLv3 0x02000000
159 CONSTANT: SSL_OP_NO_TLSv1 0x04000000
160 CONSTANT: SSL_OP_NO_TLSv1_2 0x08000000
161 CONSTANT: SSL_OP_NO_TLSv1_1 0x10000000
163 CONSTANT: SSL_VERIFY_NONE 0
164 CONSTANT: SSL_VERIFY_PEER 1
165 CONSTANT: SSL_VERIFY_FAIL_IF_NO_PEER_CERT 2
166 CONSTANT: SSL_VERIFY_CLIENT_ONCE 4
168 CONSTANT: SSL_SESS_CACHE_OFF 0x0000
169 CONSTANT: SSL_SESS_CACHE_CLIENT 0x0001
170 CONSTANT: SSL_SESS_CACHE_SERVER 0x0002
172 CONSTANT: SSL_SESS_CACHE_BOTH flags{ SSL_SESS_CACHE_CLIENT SSL_SESS_CACHE_SERVER }
174 CONSTANT: SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080
175 CONSTANT: SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
176 CONSTANT: SSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200
178 CONSTANT: SSL_SESS_CACHE_NO_INTERNAL
179 flags{ SSL_SESS_CACHE_NO_INTERNAL_LOOKUP SSL_SESS_CACHE_NO_INTERNAL_STORE }
181 CONSTANT: SSL_ERROR_NONE 0
182 CONSTANT: SSL_ERROR_SSL 1
183 CONSTANT: SSL_ERROR_WANT_READ 2
184 CONSTANT: SSL_ERROR_WANT_WRITE 3
185 CONSTANT: SSL_ERROR_WANT_X509_LOOKUP 4
186 CONSTANT: SSL_ERROR_SYSCALL 5 ! consult errno for details
187 CONSTANT: SSL_ERROR_ZERO_RETURN 6
188 CONSTANT: SSL_ERROR_WANT_CONNECT 7
189 CONSTANT: SSL_ERROR_WANT_ACCEPT 8
191 ! Error messages table
192 : error-messages ( -- hash )
194 { 0 "SSL_ERROR_NONE" }
195 { 1 "SSL_ERROR_SSL" }
196 { 2 "SSL_ERROR_WANT_READ" }
197 { 3 "SSL_ERROR_WANT_WRITE" }
198 { 4 "SSL_ERROR_WANT_X509_LOOKUP" }
199 { 5 "SSL_ERROR_SYSCALL" }
200 { 6 "SSL_ERROR_ZERO_RETURN" }
201 { 7 "SSL_ERROR_WANT_CONNECT" }
202 { 8 "SSL_ERROR_WANT_ACCEPT" }
210 ! ===============================================
212 ! ===============================================
219 TYPEDEF: stack_st _STACK
221 ! ===============================================
223 ! ===============================================
226 ! ===============================================
228 ! ===============================================
230 TYPEDEF: ASN1_ITEM ASN1_ITEM_EXP
238 FUNCTION: int ASN1_STRING_cmp ( ASN1_STRING* a, ASN1_STRING* b )
239 FUNCTION: ASN1_VALUE* ASN1_item_d2i ( ASN1_VALUE** val, uchar** in, long len, ASN1_ITEM* it )
241 ! ===============================================
243 ! ===============================================
244 TYPEDEF: ASN1_STRING ASN1_OCTET_STRING
246 ! ===============================================
248 ! ===============================================
249 STRUCT: X509_EXTENSION
252 { value ASN1_OCTET_STRING* } ;
257 ! ===============================================
259 ! ===============================================
260 STRUCT: X509V3_EXT_METHOD
265 FUNCTION: X509V3_EXT_METHOD* X509V3_EXT_get ( X509_EXTENSION* ext )
267 UNION-STRUCT: GENERAL_NAME_st_d
271 { dNSName ASN1_STRING* } ;
273 STRUCT: GENERAL_NAME_st
275 { d GENERAL_NAME_st_d } ;
277 CONSTANT: GEN_OTHERNAME 0
278 CONSTANT: GEN_EMAIL 1
281 CONSTANT: GEN_DIRNAME 4
282 CONSTANT: GEN_EDIPARTY 5
284 CONSTANT: GEN_IPADD 7
287 ! ===============================================
289 ! ===============================================
290 STRUCT: ssl_method_st
296 { ssl_connect void* }
300 { ssl_shutdown void* }
301 { ssl_renegotiate void* }
302 { ssl_renegotiate_check void* }
303 { ssl_get_message void* }
304 { ssl_read_bytes void* }
305 { ssl_write_bytes void* }
306 { ssl_dispatch_alert void* }
308 { ssl_ctx_ctrl void* }
309 { get_cipher_by_char void* }
310 { put_cipher_by_char void* }
311 { ssl_pending void* }
312 { num_ciphers void* }
314 { get_ssl_method void* }
315 { get_timeout void* }
317 { ssl_version void* }
318 { ssl_callback_ctrl void* }
319 { ssl_ctx_callback_ctrl void* } ;
320 TYPEDEF: ssl_method_st* ssl-method
325 { method ssl_method_st* }
331 { handshake_func void* }
334 { quiet_shutdown int }
343 { packet_length int }
348 { msg_callback void* }
349 { msg_callback_arg void* }
352 { cipher_list void* }
353 { cipher_list_by_id void* }
355 { enc_read_ctx void* }
358 { enc_write_ctx void* }
362 { sid_ctx_length uint }
364 { session SSL_SESSION* }
365 { generate_session_id void* }
367 { verify_callback void* }
368 { info_callback void* }
372 { psk_client_callback void* }
373 { psk_server_callback void* }
376 ! ------------------------------------------------------------------------------
378 ! ------------------------------------------------------------------------------
379 CONSTANT: OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS 0x00000001
380 CONSTANT: OPENSSL_INIT_LOAD_CRYPTO_STRINGS 0x00000002
381 CONSTANT: OPENSSL_INIT_NO_LOAD_SSL_STRINGS 0x00100000
382 CONSTANT: OPENSSL_INIT_LOAD_SSL_STRINGS 0x00200000
383 CONSTANT: OPENSSL_INIT_ADD_ALL_CIPHERS 0x00000004
384 CONSTANT: OPENSSL_INIT_ADD_ALL_DIGESTS 0x00000008
385 CONSTANT: OPENSSL_INIT_NO_ADD_ALL_CIPHERS 0x00000010
386 CONSTANT: OPENSSL_INIT_NO_ADD_ALL_DIGESTS 0x00000020
389 FUNCTION: int OPENSSL_init_ssl ( uint64_t opts, void* settings )
390 ! ------------------------------------------------------------------------------
391 ! API < 1.1.0, removed in new versions
392 ! ------------------------------------------------------------------------------
393 ! Initialization functions
394 FUNCTION: int SSL_library_init ( )
396 ! Maps OpenSSL errors to strings
397 FUNCTION: void SSL_load_error_strings ( )
398 ! ------------------------------------------------------------------------------
400 ! Sets the default SSL version
401 FUNCTION: ssl-method SSLv2_client_method ( )
402 FUNCTION: ssl-method SSLv23_client_method ( )
403 FUNCTION: ssl-method SSLv23_server_method ( )
404 FUNCTION: ssl-method SSLv23_method ( ) ! SSLv3 but can rollback to v2
405 FUNCTION: ssl-method SSLv3_client_method ( )
406 FUNCTION: ssl-method SSLv3_server_method ( )
407 FUNCTION: ssl-method SSLv3_method ( )
408 FUNCTION: ssl-method TLSv1_client_method ( )
409 FUNCTION: ssl-method TLSv1_server_method ( )
410 FUNCTION: ssl-method TLSv1_method ( )
411 FUNCTION: ssl-method TLSv1_1_method ( )
412 FUNCTION: ssl-method TLSv1_2_method ( )
414 CONSTANT: DTLS1_VERSION_MAJOR 0xfe
415 CONSTANT: SSL3_VERSION_MAJOR 0x03
416 CONSTANT: SSL3_VERSION 0x0300
417 CONSTANT: TLS1_VERSION 0x0301
418 CONSTANT: TLS1_1_VERSION 0x0302
419 CONSTANT: TLS1_2_VERSION 0x0303
420 CONSTANT: TLS1_3_VERSION 0x0304
421 CONSTANT: DTLS1_VERSION 0xfeff
422 CONSTANT: DTLS1_2_VERSION 0xfefd
424 FUNCTION: int SSL_CTX_set_min_proto_version ( SSL_CTX* ctx, uint16_t version )
425 FUNCTION: int SSL_CTX_set_max_proto_version ( SSL_CTX* ctx, uint16_t version )
426 FUNCTION: uint16_t SSL_CTX_get_min_proto_version ( SSL_CTX* ctx )
427 FUNCTION: uint16_t SSL_CTX_get_max_proto_version ( SSL_CTX* ctx )
429 FUNCTION: int SSL_set_min_proto_version ( SSL* ssl, uint16_t version )
430 FUNCTION: int SSL_set_max_proto_version ( SSL* ssl, uint16_t version )
431 FUNCTION: uint16_t SSL_get_min_proto_version ( SSL* ssl )
432 FUNCTION: uint16_t SSL_get_max_proto_version ( SSL* ssl )
434 FUNCTION: int SSL_version ( SSL *ssl )
436 FUNCTION: void SSL_SESSION_free ( SSL_SESSION* ses )
437 FUNCTION: void RAND_seed ( void* buf, int num )
438 FUNCTION: void* BIO_f_ssl ( )
440 ! ------------------------------------------------------------------------------
442 ! ------------------------------------------------------------------------------
443 FUNCTION: c-string SSL_get_version ( SSL* ssl )
445 FUNCTION: c-string SSL_state_string ( SSL* ssl )
446 FUNCTION: c-string SSL_rstate_string ( SSL* ssl )
447 FUNCTION: c-string SSL_state_string_long ( SSL* ssl )
448 FUNCTION: c-string SSL_rstate_string_long ( SSL* ssl )
450 FUNCTION: int SSL_set_fd ( SSL* ssl, int fd )
452 FUNCTION: void SSL_set_bio ( SSL* ssl, void* rbio, void* wbio )
454 FUNCTION: int SSL_set_session ( SSL* to, SSL_SESSION* session )
455 FUNCTION: SSL_SESSION* SSL_get_session ( SSL* to )
456 FUNCTION: SSL_SESSION* SSL_get1_session ( SSL* ssl )
458 FUNCTION: int SSL_get_error ( SSL* ssl, int ret )
460 FUNCTION: void SSL_set_connect_state ( SSL* ssl )
462 FUNCTION: void SSL_set_accept_state ( SSL* ssl )
463 FUNCTION: void SSL_free ( SSL* ssl )
466 FUNCTION: int SSL_accept ( SSL* ssl )
467 FUNCTION: int SSL_connect ( SSL* ssl )
468 FUNCTION: int SSL_read ( SSL* ssl, void* buf, int num )
469 FUNCTION: int SSL_write ( SSL* ssl, void* buf, int num )
470 FUNCTION: int SSL_write_ex ( SSL* ssl, void* buf, size_t num, size_t* written )
471 FUNCTION: long SSL_ctrl ( SSL* ssl, int cmd, long larg, void* parg )
473 FUNCTION: int SSL_shutdown ( SSL* ssl )
474 FUNCTION: int SSL_get_shutdown ( SSL* ssl )
476 FUNCTION: int SSL_want ( SSL* ssl )
477 FUNCTION: long SSL_get_verify_result ( SSL* ssl )
478 FUNCTION: X509* SSL_get_peer_certificate ( SSL* ssl )
479 FUNCTION: X509* SSL_get0_peer_certificate ( SSL* ssl )
480 FUNCTION: X509* SSL_get1_peer_certificate ( SSL* ssl )
482 : get-ssl-peer-certificate ( ssl -- x509 )
483 "SSL_get1_peer_certificate" "libssl" library-dll dlsym-raw
484 [ SSL_get1_peer_certificate ] [ SSL_get_peer_certificate ] if ; inline
486 FUNCTION: int SSL_set_cipher_list ( SSL* ssl, c-string str )
487 FUNCTION: int SSL_use_RSAPrivateKey_file ( SSL* ssl, c-string str )
488 FUNCTION: int SSL_use_certificate_file ( SSL* ssl, c-string str, int type )
490 FUNCTION: SSL* SSL_load_client_CA_file ( c-string file )
492 ! ------------------------------------------------------------------------------
494 ! ------------------------------------------------------------------------------
495 FUNCTION: SSL_CTX* SSL_CTX_new ( ssl-method method )
496 FUNCTION: void SSL_CTX_free ( SSL_CTX* ctx )
497 DESTRUCTOR: SSL_CTX_free
499 ! Load the certificates and private keys into the SSL_CTX
500 FUNCTION: int SSL_CTX_use_certificate_chain_file ( SSL_CTX* ctx,
501 c-string file ) ! PEM type
502 FUNCTION: int SSL_CTX_use_certificate ( SSL_CTX* ctx, X509* x )
504 FUNCTION: SSL* SSL_new ( SSL_CTX* ctx )
507 FUNCTION: int SSL_CTX_set_default_verify_paths ( SSL_CTX* ctx )
508 FUNCTION: int SSL_CTX_set_session_id_context ( SSL_CTX* ctx,
511 FUNCTION: int SSL_CTX_use_RSAPrivateKey_file ( SSL_CTX* ctx, int type )
512 FUNCTION: int SSL_CTX_load_verify_locations ( SSL_CTX* ctx,
515 FUNCTION: void SSL_CTX_set_verify ( SSL_CTX* ctx, int mode, void* callback )
516 FUNCTION: void SSL_CTX_set_client_CA_list ( SSL_CTX* ctx, SSL* list )
518 ! Used to manipulate settings of the SSL_CTX and SSL objects.
519 ! This function should never be called directly
520 FUNCTION: long SSL_CTX_ctrl ( SSL_CTX* ctx, int cmd, long larg, void* parg )
522 FUNCTION: void SSL_CTX_set_default_passwd_cb ( SSL_CTX* ctx, void* cb )
524 FUNCTION: void SSL_CTX_set_default_passwd_cb_userdata ( SSL_CTX* ctx,
527 FUNCTION: int SSL_CTX_use_PrivateKey_file ( SSL_CTX* ctx, c-string file,
530 ! Sets the maximum depth for the allowed ctx certificate chain verification
531 FUNCTION: void SSL_CTX_set_verify_depth ( SSL_CTX* ctx, int depth )
533 ! Sets DH parameters to be used to be dh.
534 ! The key is inherited by all ssl objects created from ctx
535 FUNCTION: void SSL_CTX_set_tmp_dh_callback ( SSL_CTX* ctx, void* dh )
537 FUNCTION: void SSL_CTX_set_tmp_rsa_callback ( SSL_CTX* ctx, void* rsa )
539 FUNCTION: ulong SSL_CTX_set_options ( SSL_CTX* ctx, ulong options )
540 FUNCTION: ulong SSL_set_options ( SSL* ssl, ulong options )
542 FUNCTION: ulong SSL_CTX_clear_options ( SSL_CTX* ctx, ulong options )
543 FUNCTION: ulong SSL_clear_options ( SSL* ssl, ulong options )
545 FUNCTION: ulong SSL_CTX_get_options ( SSL_CTX* ctx )
546 FUNCTION: ulong SSL_get_options ( SSL* ssl )
548 FUNCTION: ulong SSL_get_secure_renegotiation_support ( SSL* ssl )
550 ! -----------------------------
552 ! -----------------------------
554 ! values from https://github.com/openssl/openssl/blob/master/include/openssl/tls1.h
555 CONSTANT: SSL_TLSEXT_ERR_OK 0
556 CONSTANT: SSL_TLSEXT_ERR_ALERT_FATAL 2
557 CONSTANT: SSL_TLSEXT_ERR_NOACK 3
558 ! values from https://github.com/openssl/openssl/blob/master/include/openssl/ssl.h.in
559 CONSTANT: OPENSSL_NPN_UNSUPPORTED 0
560 CONSTANT: OPENSSL_NPN_NEGOTIATED 1
561 CONSTANT: OPENSSL_NPN_NO_OVERLAP 2
564 ! CALLBACK: int SSL_CTX_alpn_select_cb_func ( SSL* ssl, const
565 ! unsigned c-string* out, uchar* outlen, const unsigned c-string
566 ! in, uint inlen, void* arg )
567 CALLBACK: int SSL_CTX_alpn_select_cb_func ( SSL* ssl,
568 c-string* out, uchar* outlen, c-string in, uint inlen, void* arg )
569 FUNCTION: void SSL_CTX_set_alpn_select_cb ( SSL_CTX* ctx,
570 SSL_CTX_alpn_select_cb_func cb, void* arg )
571 FUNCTION: int SSL_select_next_proto ( c-string* out, uchar*
572 outlen, c-string server, uint server_len, c-string client, uint
575 FUNCTION: void SSL_get0_alpn_selected ( SSL* s,
576 c-string* data, uint* len )
578 ! ------------------------------------------------------------------------------
580 ! ------------------------------------------------------------------------------
581 : SSL_set_tlsext_host_name ( ctx hostname -- n )
582 [ SSL_CTRL_SET_TLSEXT_HOSTNAME TLSEXT_NAMETYPE_host_name ] dip
585 : SSL_CTX_need_tmp_rsa ( ctx -- n )
586 SSL_CTRL_NEED_TMP_RSA 0 f SSL_CTX_ctrl ;
588 : SSL_CTX_set_tmp_rsa ( ctx rsa -- n )
589 [ SSL_CTRL_SET_TMP_RSA 0 ] dip SSL_CTX_ctrl ;
591 : SSL_CTX_set_tmp_dh ( ctx dh -- n )
592 [ SSL_CTRL_SET_TMP_DH 0 ] dip SSL_CTX_ctrl ;
594 : SSL_CTX_set_session_cache_mode ( ctx mode -- n )
595 [ SSL_CTRL_SET_SESS_CACHE_MODE ] dip f SSL_CTX_ctrl ;
597 ! ===============================================
599 ! ===============================================
602 { X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2 }
603 X509_V_ERR_UNABLE_TO_GET_CRL
604 X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE
605 X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE
606 X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY
607 X509_V_ERR_CERT_SIGNATURE_FAILURE
608 X509_V_ERR_CRL_SIGNATURE_FAILURE
609 X509_V_ERR_CERT_NOT_YET_VALID
610 X509_V_ERR_CERT_HAS_EXPIRED
611 X509_V_ERR_CRL_NOT_YET_VALID
612 X509_V_ERR_CRL_HAS_EXPIRED
613 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD
614 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD
615 X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD
616 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD
617 X509_V_ERR_OUT_OF_MEM
618 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT
619 X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN
620 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
621 X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE
622 X509_V_ERR_CERT_CHAIN_TOO_LONG
623 X509_V_ERR_CERT_REVOKED
624 X509_V_ERR_INVALID_CA
625 X509_V_ERR_PATH_LENGTH_EXCEEDED
626 X509_V_ERR_INVALID_PURPOSE
627 X509_V_ERR_CERT_UNTRUSTED
628 X509_V_ERR_CERT_REJECTED
629 X509_V_ERR_SUBJECT_ISSUER_MISMATCH
630 X509_V_ERR_AKID_SKID_MISMATCH
631 X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH
632 X509_V_ERR_KEYUSAGE_NO_CERTSIGN
633 X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER
634 X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION
635 X509_V_ERR_KEYUSAGE_NO_CRL_SIGN
636 X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION
637 X509_V_ERR_INVALID_NON_CA
638 X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED
639 X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE
640 X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED
641 { X509_V_ERR_APPLICATION_VERIFICATION 50 } ;
643 ! ===============================================
645 ! ===============================================
646 CONSTANT: NID_commonName 13
647 CONSTANT: NID_subject_alt_name 85
648 CONSTANT: NID_issuer_alt_name 86
650 ! ===============================================
651 ! On Windows, some of the functions making up libressl
652 ! are placed in libcrypto-37.dll
653 ! ===============================================
656 [ "libcrypto-37.dll" cdecl add-library ] [ current-library set ] bi
659 ! ===============================================
661 ! ===============================================
662 CONSTANT: X509_R_CERT_ALREADY_IN_HASH_TABLE 101
664 FUNCTION: int X509_NAME_get_text_by_NID ( X509_NAME* name, int nid, void* buf, int len )
665 ! X509_NAME_oneline could return c-string but needs to be freed with OPENSSL_free
666 FUNCTION: char* X509_NAME_oneline ( X509_NAME* a, char* buf, int size )
668 FUNCTION: int X509_get_ext_by_NID ( X509* a, int nid, int lastpos )
669 FUNCTION: void* X509_get_ext_d2i ( X509* a, int nid, int* crit, int* idx )
670 FUNCTION: X509_NAME* X509_get_issuer_name ( X509* a )
671 FUNCTION: X509_NAME* X509_get_subject_name ( X509* a )
672 FUNCTION: int X509_check_trust ( X509* a, int id, int flags )
673 FUNCTION: X509_EXTENSION* X509_get_ext ( X509* a, int loc )
674 FUNCTION: void X509_free ( X509* a )
675 DESTRUCTOR: X509_free
676 FUNCTION: X509* d2i_X509 ( X509** px, uchar** in, int len )
677 FUNCTION: int i2d_X509 ( X509* x, uchar** out )
678 FUNCTION: int i2d_re_X509_tbs ( X509* x, uchar** out )
681 FUNCTION: X509_STORE* X509_STORE_new ( )
682 FUNCTION: int X509_STORE_add_cert ( X509_STORE* ctx, X509* x )
684 ! ------------------------------------------------------------------------------
686 ! ------------------------------------------------------------------------------
687 FUNCTION: int OPENSSL_sk_num ( _STACK* s )
688 FUNCTION: void* OPENSSL_sk_value ( _STACK* s, int v )
690 ! ------------------------------------------------------------------------------
691 ! API < 1.1.0, removed in new versions
692 ! ------------------------------------------------------------------------------
693 FUNCTION: int sk_num ( _STACK* s )
694 FUNCTION: void* sk_value ( _STACK* s, int v )
696 ! ------------------------------------------------------------------------------
projects / factor.git / blob