Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
OWEALs
/
openssl
zrkadlo git://git.openssl.org/openssl.git
2
0
Fork 0
Súbory Issues 1 Wiki
Strom: 450f96e965
Branche Tagy
openssl
/
include
/
internal
/
passphrase.h

passphrase.h 4.2 KB
História Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122 
  1. /*
    2. 

  2.  * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
    3. 

  3.  *
    4. 

  4.  * Licensed under the Apache License 2.0 (the "License").  You may not use
    5. 

  5.  * this file except in compliance with the License.  You can obtain a copy
    6. 

  6.  * in the file LICENSE in the source distribution or at
    7. 

  7.  * https://www.openssl.org/source/license.html
    8. 

  8.  */
    9. 

  9. 

  10. #ifndef OSSL_INTERNAL_PASSPHRASE_H
    11. 

  11. # define OSSL_INTERNAL_PASSPHRASE_H
    12. 

  12. # pragma once
    13. 

  13. 

  14. /*
    15. 

  15.  * This is a passphrase reader bridge with bells and whistles.
    16. 

  16.  *
    17. 

  17.  * On one hand, an API may wish to offer all sorts of passphrase callback
    18. 

  18.  * possibilities to users, or may have to do so for historical reasons.
    19. 

  19.  * On the other hand, that same API may have demands from other interfaces,
    20. 

  20.  * notably from the libcrypto <-> provider interface, which uses
    21. 

  21.  * OSSL_PASSPHRASE_CALLBACK consistently.
    22. 

  22.  *
    23. 

  23.  * The structure and functions below are the fundaments for bridging one
    24. 

  24.  * passphrase callback form to another.
    25. 

  25.  *
    26. 

  26.  * In addition, extra features are included (this may be a growing list):
    27. 

  27.  *
    28. 

  28.  * -   password caching.  This is to be used by APIs where it's likely
    29. 

  29.  *     that the same passphrase may be asked for more than once, but the
    30. 

  30.  *     user shouldn't get prompted more than once.  For example, this is
    31. 

  31.  *     useful for OSSL_DECODER, which may have to use a passphrase while
    32. 

  32.  *     trying to find out what input it has.
    33. 

  33.  */
    34. 

  34. 

  35. /*
    36. 

  36.  * Structure to hold whatever the calling user may specify.  This structure
    37. 

  37.  * is intended to be integrated into API specific structures or to be used
    38. 

  38.  * as a local on-stack variable type.  Therefore, no functions to allocate
    39. 

  39.  * or freed it on the heap is offered.
    40. 

  40.  */
    41. 

  41. struct ossl_passphrase_data_st {
    42. 

  42.     enum {
    43. 

  43.         is_expl_passphrase = 1, /* Explicit passphrase given by user */
    44. 

  44.         is_pem_password,        /* pem_password_cb given by user */
    45. 

  45.         is_ossl_passphrase,     /* OSSL_PASSPHRASE_CALLBACK given by user */
    46. 

  46.         is_ui_method            /* UI_METHOD given by user */
    47. 

  47.     } type;
    48. 

  48.     union {
    49. 

  49.         struct {
    50. 

  50.             char *passphrase_copy;
    51. 

  51.             size_t passphrase_len;
    52. 

  52.         } expl_passphrase;
    53. 

  53. 

  54.         struct {
    55. 

  55.             pem_password_cb *password_cb;
    56. 

  56.             void *password_cbarg;
    57. 

  57.         } pem_password;
    58. 

  58. 

  59.         struct {
    60. 

  60.             OSSL_PASSPHRASE_CALLBACK *passphrase_cb;
    61. 

  61.             void *passphrase_cbarg;
    62. 

  62.         } ossl_passphrase;
    63. 

  63. 

  64.         struct {
    65. 

  65.             const UI_METHOD *ui_method;
    66. 

  66.             void *ui_method_data;
    67. 

  67.         } ui_method;
    68. 

  68.     } _;
    69. 

  69. 

  70.     /*-
    71. 

  71.      * Flags section
    72. 

  72.      */
    73. 

  73. 

  74.     /* Set to indicate that caching should be done */
    75. 

  75.     unsigned int flag_cache_passphrase:1;
    76. 

  76. 

  77.     /*-
    78. 

  78.      * Misc section: caches and other
    79. 

  79.      */
    80. 

  80. 

  81.     char *cached_passphrase;
    82. 

  82.     size_t cached_passphrase_len;
    83. 

  83. };
    84. 

  84. 

  85. /* Structure manipulation */
    86. 

  86. 

  87. void ossl_pw_clear_passphrase_data(struct ossl_passphrase_data_st *data);
    88. 

  88. void ossl_pw_clear_passphrase_cache(struct ossl_passphrase_data_st *data);
    89. 

  89. 

  90. int ossl_pw_set_passphrase(struct ossl_passphrase_data_st *data,
    91. 

  91.                            const unsigned char *passphrase,
    92. 

  92.                            size_t passphrase_len);
    93. 

  93. int ossl_pw_set_pem_password_cb(struct ossl_passphrase_data_st *data,
    94. 

  94.                                 pem_password_cb *cb, void *cbarg);
    95. 

  95. int ossl_pw_set_ossl_passphrase_cb(struct ossl_passphrase_data_st *data,
    96. 

  96.                                    OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg);
    97. 

  97. int ossl_pw_set_ui_method(struct ossl_passphrase_data_st *data,
    98. 

  98.                           const UI_METHOD *ui_method, void *ui_data);
    99. 

  99. 

  100. int ossl_pw_enable_passphrase_caching(struct ossl_passphrase_data_st *data);
    101. 

  101. int ossl_pw_disable_passphrase_caching(struct ossl_passphrase_data_st *data);
    102. 

  102. 

  103. /* Central function for direct calls */
    104. 

  104. 

  105. int ossl_pw_get_passphrase(char *pass, size_t pass_size, size_t *pass_len,
    106. 

  106.                            const OSSL_PARAM params[], int verify,
    107. 

  107.                            struct ossl_passphrase_data_st *data);
    108. 

  108. 

  109. /* Callback functions */
    110. 

  110. 

  111. /*
    112. 

  112.  * All of these callback expect that the callback argument is a
    113. 

  113.  * struct ossl_passphrase_data_st
    114. 

  114.  */
    115. 

  115. 

  116. pem_password_cb ossl_pw_pem_password;
    117. 

  117. pem_password_cb ossl_pw_pvk_password;
    118. 

  118. /* One callback for encoding (verification prompt) and one for decoding */
    119. 

  119. OSSL_PASSPHRASE_CALLBACK ossl_pw_passphrase_callback_enc;
    120. 

  120. OSSL_PASSPHRASE_CALLBACK ossl_pw_passphrase_callback_dec;
    121. 

  121. 

  122. #endif
    123.