diff options
| author | Jesusaves <cpntb1@ymail.com> | 2020-12-17 15:44:06 -0300 |
|---|---|---|
| committer | Jesusaves <cpntb1@ymail.com> | 2020-12-17 15:44:06 -0300 |
| commit | 60f85cda41bbae22ae8236d263ddc1fe495f4266 (patch) | |
| tree | 7f298ef7df455246953e94b78ec0393d8c334689 | |
| parent | 95771eccb774946cb4533d454b99cc231599e658 (diff) | |
| download | client-60f85cda41bbae22ae8236d263ddc1fe495f4266.tar.gz client-60f85cda41bbae22ae8236d263ddc1fe495f4266.tar.bz2 client-60f85cda41bbae22ae8236d263ddc1fe495f4266.tar.xz client-60f85cda41bbae22ae8236d263ddc1fe495f4266.zip | |
SSL is no longer a dependency of the main script
It is still used by the core,, though
39 files changed, 0 insertions, 4501 deletions
diff --git a/game/02_init.rpy b/game/02_init.rpy index 147cc91..add888a 100644 --- a/game/02_init.rpy +++ b/game/02_init.rpy @@ -19,20 +19,6 @@ # Definitions: decode, encode, memory ############################################################################ init -1 python: - # Android might have special SSL problems - if renpy.android: - try: - import ssl - except ImportError: - SSL_IS_BROKEN=True - stdout("Android SSL misbehavior detected") - import _openssl as ssl - else: - import ssl - print("Using system-wide SSL implementation...") - - # wsock already imported - stdout("======================= %s %s %s" % (config.name, config.version, persistent.release_name)) print "[STDBY] Loading Basic functions......." diff --git a/game/python-extra/_openssl/__init__.py b/game/python-extra/_openssl/__init__.py deleted file mode 100644 index 4b54088..0000000 --- a/game/python-extra/_openssl/__init__.py +++ /dev/null @@ -1,5 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function diff --git a/game/python-extra/_openssl/aes.py b/game/python-extra/_openssl/aes.py deleted file mode 100644 index 25ef3ec..0000000 --- a/game/python-extra/_openssl/aes.py +++ /dev/null @@ -1,23 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/aes.h> -""" - -TYPES = """ -typedef ... AES_KEY; -""" - -FUNCTIONS = """ -int AES_wrap_key(AES_KEY *, const unsigned char *, unsigned char *, - const unsigned char *, unsigned int); -int AES_unwrap_key(AES_KEY *, const unsigned char *, unsigned char *, - const unsigned char *, unsigned int); -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/asn1.py b/game/python-extra/_openssl/asn1.py deleted file mode 100644 index da55b67..0000000 --- a/game/python-extra/_openssl/asn1.py +++ /dev/null @@ -1,108 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/asn1.h> -""" - -TYPES = """ -typedef int... time_t; - -typedef ... ASN1_INTEGER; - -struct asn1_string_st { - int length; - int type; - unsigned char *data; - long flags; -}; - -typedef struct asn1_string_st ASN1_OCTET_STRING; -typedef struct asn1_string_st ASN1_IA5STRING; -typedef struct asn1_string_st ASN1_BIT_STRING; -typedef struct asn1_string_st ASN1_TIME; -typedef ... ASN1_OBJECT; -typedef struct asn1_string_st ASN1_STRING; -typedef struct asn1_string_st ASN1_UTF8STRING; -typedef struct { - int type; - ...; -} ASN1_TYPE; -typedef ... ASN1_GENERALIZEDTIME; -typedef ... ASN1_ENUMERATED; -typedef ... ASN1_NULL; - -static const int V_ASN1_GENERALIZEDTIME; - -static const int MBSTRING_UTF8; -""" - -FUNCTIONS = """ -void ASN1_OBJECT_free(ASN1_OBJECT *); - -/* ASN1 STRING */ -unsigned char *ASN1_STRING_data(ASN1_STRING *); -int ASN1_STRING_set(ASN1_STRING *, const void *, int); - -/* ASN1 OCTET STRING */ -ASN1_OCTET_STRING *ASN1_OCTET_STRING_new(void); -void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *); -int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *, const unsigned char *, int); - -/* ASN1 IA5STRING */ -ASN1_IA5STRING *ASN1_IA5STRING_new(void); - -/* ASN1 INTEGER */ -void ASN1_INTEGER_free(ASN1_INTEGER *); -int ASN1_INTEGER_set(ASN1_INTEGER *, long); - -/* ASN1 TIME */ -ASN1_TIME *ASN1_TIME_new(void); -void ASN1_TIME_free(ASN1_TIME *); -int ASN1_TIME_set_string(ASN1_TIME *, const char *); - -/* ASN1 GENERALIZEDTIME */ -ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *, time_t); -void ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *); - -/* ASN1 ENUMERATED */ -ASN1_ENUMERATED *ASN1_ENUMERATED_new(void); -void ASN1_ENUMERATED_free(ASN1_ENUMERATED *); -int ASN1_ENUMERATED_set(ASN1_ENUMERATED *, long); - -int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *, int, int); -/* These became const ASN1_* in 1.1.0 */ -int ASN1_STRING_type(ASN1_STRING *); -int ASN1_STRING_to_UTF8(unsigned char **, ASN1_STRING *); -long ASN1_ENUMERATED_get(ASN1_ENUMERATED *); -int i2a_ASN1_INTEGER(BIO *, ASN1_INTEGER *); - -/* This became const ASN1_TIME in 1.1.0f */ -ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *, - ASN1_GENERALIZEDTIME **); - -ASN1_UTF8STRING *ASN1_UTF8STRING_new(void); -void ASN1_UTF8STRING_free(ASN1_UTF8STRING *); - -ASN1_BIT_STRING *ASN1_BIT_STRING_new(void); -void ASN1_BIT_STRING_free(ASN1_BIT_STRING *); -/* This is not a macro, but is const on some versions of OpenSSL */ -int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *, int); - -int ASN1_STRING_length(ASN1_STRING *); -int ASN1_STRING_set_default_mask_asc(char *); - -BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *, BIGNUM *); -ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *, ASN1_INTEGER *); - -int i2d_ASN1_TYPE(ASN1_TYPE *, unsigned char **); -ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **, const unsigned char **, long); - -ASN1_NULL *ASN1_NULL_new(void); -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/bignum.py b/game/python-extra/_openssl/bignum.py deleted file mode 100644 index 7510183..0000000 --- a/game/python-extra/_openssl/bignum.py +++ /dev/null @@ -1,85 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/bn.h> -""" - -TYPES = """ -typedef ... BN_CTX; -typedef ... BN_MONT_CTX; -typedef ... BIGNUM; -typedef int... BN_ULONG; -""" - -FUNCTIONS = """ -#define BN_FLG_CONSTTIME ... - -void BN_set_flags(BIGNUM *, int); - -BIGNUM *BN_new(void); -void BN_free(BIGNUM *); -void BN_clear_free(BIGNUM *); - -int BN_rand_range(BIGNUM *, const BIGNUM *); - -BN_CTX *BN_CTX_new(void); -void BN_CTX_free(BN_CTX *); - -void BN_CTX_start(BN_CTX *); -BIGNUM *BN_CTX_get(BN_CTX *); -void BN_CTX_end(BN_CTX *); - -BN_MONT_CTX *BN_MONT_CTX_new(void); -int BN_MONT_CTX_set(BN_MONT_CTX *, const BIGNUM *, BN_CTX *); -void BN_MONT_CTX_free(BN_MONT_CTX *); - -BIGNUM *BN_dup(const BIGNUM *); - -int BN_set_word(BIGNUM *, BN_ULONG); - -const BIGNUM *BN_value_one(void); - -char *BN_bn2hex(const BIGNUM *); -int BN_hex2bn(BIGNUM **, const char *); - -int BN_bn2bin(const BIGNUM *, unsigned char *); -BIGNUM *BN_bin2bn(const unsigned char *, int, BIGNUM *); - -int BN_num_bits(const BIGNUM *); - -int BN_cmp(const BIGNUM *, const BIGNUM *); -int BN_is_negative(const BIGNUM *); -int BN_add(BIGNUM *, const BIGNUM *, const BIGNUM *); -int BN_sub(BIGNUM *, const BIGNUM *, const BIGNUM *); -int BN_nnmod(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); -int BN_mod_add(BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *, - BN_CTX *); -int BN_mod_sub(BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *, - BN_CTX *); -int BN_mod_mul(BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *, - BN_CTX *); -int BN_mod_exp(BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *, - BN_CTX *); -int BN_mod_exp_mont(BIGNUM *, const BIGNUM *, const BIGNUM *, const BIGNUM *, - BN_CTX *, BN_MONT_CTX *); -int BN_mod_exp_mont_consttime(BIGNUM *, const BIGNUM *, const BIGNUM *, - const BIGNUM *, BN_CTX *, BN_MONT_CTX *); -BIGNUM *BN_mod_inverse(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); - -int BN_num_bytes(const BIGNUM *); - -int BN_mod(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); - -/* The following 3 prime methods are exposed for Tribler. */ -int BN_generate_prime_ex(BIGNUM *, int, int, const BIGNUM *, - const BIGNUM *, BN_GENCB *); -int BN_is_prime_ex(const BIGNUM *, int, BN_CTX *, BN_GENCB *); -const int BN_prime_checks_for_size(int); -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/bio.py b/game/python-extra/_openssl/bio.py deleted file mode 100644 index 52d57c6..0000000 --- a/game/python-extra/_openssl/bio.py +++ /dev/null @@ -1,44 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/bio.h> -""" - -TYPES = """ -typedef ... BIO; -typedef ... BIO_METHOD; -""" - -FUNCTIONS = """ -int BIO_free(BIO *); -void BIO_free_all(BIO *); -BIO *BIO_new_file(const char *, const char *); -BIO *BIO_new_dgram(int, int); -size_t BIO_ctrl_pending(BIO *); -int BIO_read(BIO *, void *, int); -int BIO_gets(BIO *, char *, int); -int BIO_write(BIO *, const void *, int); -/* Added in 1.1.0 */ -int BIO_up_ref(BIO *); - -BIO *BIO_new(BIO_METHOD *); -BIO_METHOD *BIO_s_mem(void); -BIO_METHOD *BIO_s_datagram(void); -BIO *BIO_new_mem_buf(const void *, int); -long BIO_set_mem_eof_return(BIO *, int); -long BIO_get_mem_data(BIO *, char **); -int BIO_should_read(BIO *); -int BIO_should_write(BIO *); -int BIO_should_io_special(BIO *); -int BIO_should_retry(BIO *); -int BIO_reset(BIO *); -void BIO_set_retry_read(BIO *); -void BIO_clear_retry_flags(BIO *); -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/callbacks.py b/game/python-extra/_openssl/callbacks.py deleted file mode 100644 index 19301b9..0000000 --- a/game/python-extra/_openssl/callbacks.py +++ /dev/null @@ -1,52 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <string.h> -""" - -TYPES = """ -typedef struct { - char *password; - int length; - int called; - int error; - int maxsize; -} CRYPTOGRAPHY_PASSWORD_DATA; -""" - -FUNCTIONS = """ -int Cryptography_pem_password_cb(char *, int, int, void *); -""" - -CUSTOMIZATIONS = """ -typedef struct { - char *password; - int length; - int called; - int error; - int maxsize; -} CRYPTOGRAPHY_PASSWORD_DATA; - -int Cryptography_pem_password_cb(char *buf, int size, - int rwflag, void *userdata) { - /* The password cb is only invoked if OpenSSL decides the private - key is encrypted. So this path only occurs if it needs a password */ - CRYPTOGRAPHY_PASSWORD_DATA *st = (CRYPTOGRAPHY_PASSWORD_DATA *)userdata; - st->called += 1; - st->maxsize = size; - if (st->length == 0) { - st->error = -1; - return 0; - } else if (st->length < size) { - memcpy(buf, st->password, st->length); - return st->length; - } else { - st->error = -2; - return 0; - } -} -""" diff --git a/game/python-extra/_openssl/cmac.py b/game/python-extra/_openssl/cmac.py deleted file mode 100644 index 557abd1..0000000 --- a/game/python-extra/_openssl/cmac.py +++ /dev/null @@ -1,27 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#if !defined(OPENSSL_NO_CMAC) -#include <openssl/cmac.h> -#endif -""" - -TYPES = """ -typedef ... CMAC_CTX; -""" - -FUNCTIONS = """ -CMAC_CTX *CMAC_CTX_new(void); -int CMAC_Init(CMAC_CTX *, const void *, size_t, const EVP_CIPHER *, ENGINE *); -int CMAC_Update(CMAC_CTX *, const void *, size_t); -int CMAC_Final(CMAC_CTX *, unsigned char *, size_t *); -int CMAC_CTX_copy(CMAC_CTX *, const CMAC_CTX *); -void CMAC_CTX_free(CMAC_CTX *); -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/conf.py b/game/python-extra/_openssl/conf.py deleted file mode 100644 index 9db0162..0000000 --- a/game/python-extra/_openssl/conf.py +++ /dev/null @@ -1,21 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/conf.h> -""" - -TYPES = """ -""" - -FUNCTIONS = """ -void OPENSSL_config(const char *); -/* This is a macro in 1.1.0 */ -void OPENSSL_no_config(void); -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/crypto.py b/game/python-extra/_openssl/crypto.py deleted file mode 100644 index 6064a4e..0000000 --- a/game/python-extra/_openssl/crypto.py +++ /dev/null @@ -1,117 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/crypto.h> -""" - -TYPES = """ -static const long Cryptography_HAS_MEM_FUNCTIONS; -static const long Cryptography_HAS_OPENSSL_CLEANUP; - -static const int SSLEAY_VERSION; -static const int SSLEAY_CFLAGS; -static const int SSLEAY_PLATFORM; -static const int SSLEAY_DIR; -static const int SSLEAY_BUILT_ON; -static const int OPENSSL_VERSION; -static const int OPENSSL_CFLAGS; -static const int OPENSSL_BUILT_ON; -static const int OPENSSL_PLATFORM; -static const int OPENSSL_DIR; -""" - -FUNCTIONS = """ -void OPENSSL_cleanup(void); - -/* SSLeay was removed in 1.1.0 */ -unsigned long SSLeay(void); -const char *SSLeay_version(int); -/* these functions were added to replace the SSLeay functions in 1.1.0 */ -unsigned long OpenSSL_version_num(void); -const char *OpenSSL_version(int); - -/* this is a macro in 1.1.0 */ -void *OPENSSL_malloc(size_t); -void OPENSSL_free(void *); - - -/* Signature changed significantly in 1.1.0, only expose there for sanity */ -int Cryptography_CRYPTO_set_mem_functions( - void *(*)(size_t, const char *, int), - void *(*)(void *, size_t, const char *, int), - void (*)(void *, const char *, int)); - -void *Cryptography_malloc_wrapper(size_t, const char *, int); -void *Cryptography_realloc_wrapper(void *, size_t, const char *, int); -void Cryptography_free_wrapper(void *, const char *, int); -""" - -CUSTOMIZATIONS = """ -/* In 1.1.0 SSLeay has finally been retired. We bidirectionally define the - values so you can use either one. This is so we can use the new function - names no matter what OpenSSL we're running on, but users on older pyOpenSSL - releases won't see issues if they're running OpenSSL 1.1.0 */ -#if !defined(SSLEAY_VERSION) -# define SSLeay OpenSSL_version_num -# define SSLeay_version OpenSSL_version -# define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER -# define SSLEAY_VERSION OPENSSL_VERSION -# define SSLEAY_CFLAGS OPENSSL_CFLAGS -# define SSLEAY_BUILT_ON OPENSSL_BUILT_ON -# define SSLEAY_PLATFORM OPENSSL_PLATFORM -# define SSLEAY_DIR OPENSSL_DIR -#endif -#if !defined(OPENSSL_VERSION) -# define OpenSSL_version_num SSLeay -# define OpenSSL_version SSLeay_version -# define OPENSSL_VERSION SSLEAY_VERSION -# define OPENSSL_CFLAGS SSLEAY_CFLAGS -# define OPENSSL_BUILT_ON SSLEAY_BUILT_ON -# define OPENSSL_PLATFORM SSLEAY_PLATFORM -# define OPENSSL_DIR SSLEAY_DIR -#endif - -#if CRYPTOGRAPHY_IS_LIBRESSL -static const long Cryptography_HAS_OPENSSL_CLEANUP = 0; - -void (*OPENSSL_cleanup)(void) = NULL; - -/* This function has a significantly different signature pre-1.1.0. since it is - * for testing only, we don't bother to expose it on older OpenSSLs. - */ -static const long Cryptography_HAS_MEM_FUNCTIONS = 0; -int (*Cryptography_CRYPTO_set_mem_functions)( - void *(*)(size_t, const char *, int), - void *(*)(void *, size_t, const char *, int), - void (*)(void *, const char *, int)) = NULL; - -#else -static const long Cryptography_HAS_OPENSSL_CLEANUP = 1; -static const long Cryptography_HAS_MEM_FUNCTIONS = 1; - -int Cryptography_CRYPTO_set_mem_functions( - void *(*m)(size_t, const char *, int), - void *(*r)(void *, size_t, const char *, int), - void (*f)(void *, const char *, int) -) { - return CRYPTO_set_mem_functions(m, r, f); -} -#endif - -void *Cryptography_malloc_wrapper(size_t size, const char *path, int line) { - return malloc(size); -} - -void *Cryptography_realloc_wrapper(void *ptr, size_t size, const char *path, - int line) { - return realloc(ptr, size); -} - -void Cryptography_free_wrapper(void *ptr, const char *path, int line) { - free(ptr); -} -""" diff --git a/game/python-extra/_openssl/cryptography.py b/game/python-extra/_openssl/cryptography.py deleted file mode 100644 index f24bee5..0000000 --- a/game/python-extra/_openssl/cryptography.py +++ /dev/null @@ -1,69 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -/* define our OpenSSL API compatibility level to 1.0.1. Any symbols older than - that will raise an error during compilation. We can raise this number again - after we drop 1.0.2 support in the distant future. */ -#define OPENSSL_API_COMPAT 0x10001000L - -#include <openssl/opensslv.h> - - -#if defined(LIBRESSL_VERSION_NUMBER) -#define CRYPTOGRAPHY_IS_LIBRESSL 1 -#else -#define CRYPTOGRAPHY_IS_LIBRESSL 0 -#endif - -/* - LibreSSL removed e_os2.h from the public headers so we'll only include it - if we're using vanilla OpenSSL. -*/ -#if !CRYPTOGRAPHY_IS_LIBRESSL -#include <openssl/e_os2.h> -#endif -#if defined(_WIN32) -#define WIN32_LEAN_AND_MEAN -#include <windows.h> -#include <Wincrypt.h> -#include <Winsock2.h> -#endif - -#define CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER \ - (OPENSSL_VERSION_NUMBER >= 0x1010006f && !CRYPTOGRAPHY_IS_LIBRESSL) - -#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_110J \ - (OPENSSL_VERSION_NUMBER < 0x101000af || CRYPTOGRAPHY_IS_LIBRESSL) -#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 \ - (OPENSSL_VERSION_NUMBER < 0x10101000 || CRYPTOGRAPHY_IS_LIBRESSL) -#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_111B \ - (OPENSSL_VERSION_NUMBER < 0x10101020 || CRYPTOGRAPHY_IS_LIBRESSL) -#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_111D \ - (OPENSSL_VERSION_NUMBER < 0x10101040 || CRYPTOGRAPHY_IS_LIBRESSL) -#if (CRYPTOGRAPHY_OPENSSL_LESS_THAN_111D && !CRYPTOGRAPHY_IS_LIBRESSL && \ - !defined(OPENSSL_NO_ENGINE)) || defined(USE_OSRANDOM_RNG_FOR_TESTING) -#define CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE 1 -#else -#define CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE 0 -#endif -""" - -TYPES = """ -static const int CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER; - -static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111; -static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111B; -static const int CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE; - -static const int CRYPTOGRAPHY_IS_LIBRESSL; -""" - -FUNCTIONS = """ -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/ct.py b/game/python-extra/_openssl/ct.py deleted file mode 100644 index 5f06706..0000000 --- a/game/python-extra/_openssl/ct.py +++ /dev/null @@ -1,118 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#if CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER && !defined(OPENSSL_NO_CT) -#include <openssl/ct.h> - -typedef STACK_OF(SCT) Cryptography_STACK_OF_SCT; -#endif -""" - -TYPES = """ -static const long Cryptography_HAS_SCT; - -typedef enum { - SCT_VERSION_NOT_SET, - SCT_VERSION_V1 -} sct_version_t; - -typedef enum { - CT_LOG_ENTRY_TYPE_NOT_SET, - CT_LOG_ENTRY_TYPE_X509, - CT_LOG_ENTRY_TYPE_PRECERT -} ct_log_entry_type_t; - -typedef enum { - SCT_SOURCE_UNKNOWN, - SCT_SOURCE_TLS_EXTENSION, - SCT_SOURCE_X509V3_EXTENSION, - SCT_SOURCE_OCSP_STAPLED_RESPONSE -} sct_source_t; - -typedef ... SCT; -typedef ... Cryptography_STACK_OF_SCT; -""" - -FUNCTIONS = """ -sct_version_t SCT_get_version(const SCT *); - -ct_log_entry_type_t SCT_get_log_entry_type(const SCT *); - -size_t SCT_get0_log_id(const SCT *, unsigned char **); - -size_t SCT_get0_signature(const SCT *, unsigned char **); - -uint64_t SCT_get_timestamp(const SCT *); - -int SCT_set_source(SCT *, sct_source_t); - -Cryptography_STACK_OF_SCT *sk_SCT_new_null(void); -void sk_SCT_free(Cryptography_STACK_OF_SCT *); -int sk_SCT_num(const Cryptography_STACK_OF_SCT *); -SCT *sk_SCT_value(const Cryptography_STACK_OF_SCT *, int); -int sk_SCT_push(Cryptography_STACK_OF_SCT *, SCT *); - -void SCT_LIST_free(Cryptography_STACK_OF_SCT *); - -SCT *SCT_new(void); -int SCT_set1_log_id(SCT *, unsigned char *, size_t); -void SCT_set_timestamp(SCT *, uint64_t); -int SCT_set_version(SCT *, sct_version_t); -int SCT_set_log_entry_type(SCT *, ct_log_entry_type_t); -""" - -CUSTOMIZATIONS = """ -#if CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER && !defined(OPENSSL_NO_CT) -static const long Cryptography_HAS_SCT = 1; -#else -static const long Cryptography_HAS_SCT = 0; - -typedef enum { - SCT_VERSION_NOT_SET, - SCT_VERSION_V1 -} sct_version_t; -typedef enum { - CT_LOG_ENTRY_TYPE_NOT_SET, - CT_LOG_ENTRY_TYPE_X509, - CT_LOG_ENTRY_TYPE_PRECERT -} ct_log_entry_type_t; -typedef enum { - SCT_SOURCE_UNKNOWN, - SCT_SOURCE_TLS_EXTENSION, - SCT_SOURCE_X509V3_EXTENSION, - SCT_SOURCE_OCSP_STAPLED_RESPONSE -} sct_source_t; - -/* OpenSSL compiled with `no-ct` still defines the `SCT` struct. */ -#if !defined(OPENSSL_NO_CT) -typedef void SCT; -#endif - -typedef void Cryptography_STACK_OF_SCT; - -sct_version_t (*SCT_get_version)(const SCT *) = NULL; -ct_log_entry_type_t (*SCT_get_log_entry_type)(const SCT *) = NULL; -size_t (*SCT_get0_log_id)(const SCT *, unsigned char **) = NULL; -size_t (*SCT_get0_signature)(const SCT *, unsigned char **) = NULL; -uint64_t (*SCT_get_timestamp)(const SCT *) = NULL; - -int (*SCT_set_source)(SCT *, sct_source_t) = NULL; - -Cryptography_STACK_OF_SCT *(*sk_SCT_new_null)(void) = NULL; -void (*sk_SCT_free)(Cryptography_STACK_OF_SCT *) = NULL; -int (*sk_SCT_num)(const Cryptography_STACK_OF_SCT *) = NULL; -SCT *(*sk_SCT_value)(const Cryptography_STACK_OF_SCT *, int) = NULL; -int (*sk_SCT_push)(Cryptography_STACK_OF_SCT *, SCT *) = NULL; - -void (*SCT_LIST_free)(Cryptography_STACK_OF_SCT *) = NULL; -SCT *(*SCT_new)(void) = NULL; -int (*SCT_set1_log_id)(SCT *, unsigned char *, size_t) = NULL; -void (*SCT_set_timestamp)(SCT *, uint64_t) = NULL; -int (*SCT_set_version)(SCT *, sct_version_t) = NULL; -int (*SCT_set_log_entry_type)(SCT *, ct_log_entry_type_t) = NULL; -#endif -""" diff --git a/game/python-extra/_openssl/dh.py b/game/python-extra/_openssl/dh.py deleted file mode 100644 index 947a5a8..0000000 --- a/game/python-extra/_openssl/dh.py +++ /dev/null @@ -1,166 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/dh.h> -""" - -TYPES = """ -typedef ... DH; - -const long DH_NOT_SUITABLE_GENERATOR; -""" - -FUNCTIONS = """ -DH *DH_new(void); -void DH_free(DH *); -int DH_size(const DH *); -int DH_generate_key(DH *); -int DH_compute_key(unsigned char *, const BIGNUM *, DH *); -DH *DHparams_dup(DH *); - -/* added in 1.1.0 when the DH struct was opaqued */ -void DH_get0_pqg(const DH *, const BIGNUM **, const BIGNUM **, - const BIGNUM **); -int DH_set0_pqg(DH *, BIGNUM *, BIGNUM *, BIGNUM *); -void DH_get0_key(const DH *, const BIGNUM **, const BIGNUM **); -int DH_set0_key(DH *, BIGNUM *, BIGNUM *); - -int Cryptography_DH_check(const DH *, int *); -int DH_generate_parameters_ex(DH *, int, int, BN_GENCB *); -DH *d2i_DHparams_bio(BIO *, DH **); -int i2d_DHparams_bio(BIO *, DH *); -DH *Cryptography_d2i_DHxparams_bio(BIO *bp, DH **x); -int Cryptography_i2d_DHxparams_bio(BIO *bp, DH *x); -""" - -CUSTOMIZATIONS = """ -#if CRYPTOGRAPHY_IS_LIBRESSL -#ifndef DH_CHECK_Q_NOT_PRIME -#define DH_CHECK_Q_NOT_PRIME 0x10 -#endif - -#ifndef DH_CHECK_INVALID_Q_VALUE -#define DH_CHECK_INVALID_Q_VALUE 0x20 -#endif - -#ifndef DH_CHECK_INVALID_J_VALUE -#define DH_CHECK_INVALID_J_VALUE 0x40 -#endif - -/* DH_check implementation taken from OpenSSL 1.1.0pre6 */ - -/*- - * Check that p is a safe prime and - * if g is 2, 3 or 5, check that it is a suitable generator - * where - * for 2, p mod 24 == 11 - * for 3, p mod 12 == 5 - * for 5, p mod 10 == 3 or 7 - * should hold. - */ - -int Cryptography_DH_check(const DH *dh, int *ret) -{ - int ok = 0, r; - BN_CTX *ctx = NULL; - BN_ULONG l; - BIGNUM *t1 = NULL, *t2 = NULL; - - *ret = 0; - ctx = BN_CTX_new(); - if (ctx == NULL) - goto err; - BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - if (t1 == NULL) - goto err; - t2 = BN_CTX_get(ctx); - if (t2 == NULL) - goto err; - - if (dh->q) { - if (BN_cmp(dh->g, BN_value_one()) <= 0) - *ret |= DH_NOT_SUITABLE_GENERATOR; - else if (BN_cmp(dh->g, dh->p) >= 0) - *ret |= DH_NOT_SUITABLE_GENERATOR; - else { - /* Check g^q == 1 mod p */ - if (!BN_mod_exp(t1, dh->g, dh->q, dh->p, ctx)) - goto err; - if (!BN_is_one(t1)) - *ret |= DH_NOT_SUITABLE_GENERATOR; - } - r = BN_is_prime_ex(dh->q, BN_prime_checks, ctx, NULL); - if (r < 0) - goto err; - if (!r) - *ret |= DH_CHECK_Q_NOT_PRIME; - /* Check p == 1 mod q i.e. q divides p - 1 */ - if (!BN_div(t1, t2, dh->p, dh->q, ctx)) - goto err; - if (!BN_is_one(t2)) - *ret |= DH_CHECK_INVALID_Q_VALUE; - if (dh->j && BN_cmp(dh->j, t1)) - *ret |= DH_CHECK_INVALID_J_VALUE; - - } else if (BN_is_word(dh->g, DH_GENERATOR_2)) { - l = BN_mod_word(dh->p, 24); - if (l == (BN_ULONG)-1) - goto err; - if (l != 11) - *ret |= DH_NOT_SUITABLE_GENERATOR; - } else if (BN_is_word(dh->g, DH_GENERATOR_5)) { - l = BN_mod_word(dh->p, 10); - if (l == (BN_ULONG)-1) - goto err; - if ((l != 3) && (l != 7)) - *ret |= DH_NOT_SUITABLE_GENERATOR; - } else - *ret |= DH_UNABLE_TO_CHECK_GENERATOR; - - r = BN_is_prime_ex(dh->p, BN_prime_checks, ctx, NULL); - if (r < 0) - goto err; - if (!r) - *ret |= DH_CHECK_P_NOT_PRIME; - else if (!dh->q) { - if (!BN_rshift1(t1, dh->p)) - goto err; - r = BN_is_prime_ex(t1, BN_prime_checks, ctx, NULL); - if (r < 0) - goto err; - if (!r) - *ret |= DH_CHECK_P_NOT_SAFE_PRIME; - } - ok = 1; - err: - if (ctx != NULL) { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - return (ok); -} -#else -int Cryptography_DH_check(const DH *dh, int *ret) { - return DH_check(dh, ret); -} -#endif - -/* These functions were added in OpenSSL 1.1.0f commit d0c50e80a8 */ -/* Define our own to simplify support across all versions. */ -#if defined(EVP_PKEY_DHX) && EVP_PKEY_DHX != -1 -DH *Cryptography_d2i_DHxparams_bio(BIO *bp, DH **x) { - return ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x); -} -int Cryptography_i2d_DHxparams_bio(BIO *bp, DH *x) { - return ASN1_i2d_bio_of_const(DH, i2d_DHxparams, bp, x); -} -#else -DH *(*Cryptography_d2i_DHxparams_bio)(BIO *bp, DH **x) = NULL; -int (*Cryptography_i2d_DHxparams_bio)(BIO *bp, DH *x) = NULL; -#endif -""" diff --git a/game/python-extra/_openssl/dsa.py b/game/python-extra/_openssl/dsa.py deleted file mode 100644 index 3a29006..0000000 --- a/game/python-extra/_openssl/dsa.py +++ /dev/null @@ -1,37 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/dsa.h> -""" - -TYPES = """ -typedef ... DSA; -""" - -FUNCTIONS = """ -int DSA_generate_key(DSA *); -DSA *DSA_new(void); -void DSA_free(DSA *); -DSA *DSAparams_dup(DSA *); -int DSA_size(const DSA *); -int DSA_sign(int, const unsigned char *, int, unsigned char *, unsigned int *, - DSA *); -int DSA_verify(int, const unsigned char *, int, const unsigned char *, int, - DSA *); - -/* added in 1.1.0 to access the opaque struct */ -void DSA_get0_pqg(const DSA *, const BIGNUM **, const BIGNUM **, - const BIGNUM **); -int DSA_set0_pqg(DSA *, BIGNUM *, BIGNUM *, BIGNUM *); -void DSA_get0_key(const DSA *, const BIGNUM **, const BIGNUM **); -int DSA_set0_key(DSA *, BIGNUM *, BIGNUM *); -int DSA_generate_parameters_ex(DSA *, int, unsigned char *, int, - int *, unsigned long *, BN_GENCB *); -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/ec.py b/game/python-extra/_openssl/ec.py deleted file mode 100644 index 6432fc2..0000000 --- a/game/python-extra/_openssl/ec.py +++ /dev/null @@ -1,126 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/ec.h> -#include <openssl/obj_mac.h> -""" - -TYPES = """ -static const int Cryptography_HAS_EC2M; - -static const int OPENSSL_EC_NAMED_CURVE; - -typedef ... EC_KEY; -typedef ... EC_GROUP; -typedef ... EC_POINT; -typedef ... EC_METHOD; -typedef struct { - int nid; - const char *comment; -} EC_builtin_curve; -typedef enum { - POINT_CONVERSION_COMPRESSED, - POINT_CONVERSION_UNCOMPRESSED, - ... -} point_conversion_form_t; -""" - -FUNCTIONS = """ -void EC_GROUP_free(EC_GROUP *); - -EC_GROUP *EC_GROUP_new_by_curve_name(int); - -int EC_GROUP_get_degree(const EC_GROUP *); - -const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *); -const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *); -int EC_GROUP_get_curve_name(const EC_GROUP *); - -size_t EC_get_builtin_curves(EC_builtin_curve *, size_t); - -EC_KEY *EC_KEY_new(void); -void EC_KEY_free(EC_KEY *); - -EC_KEY *EC_KEY_new_by_curve_name(int); -const EC_GROUP *EC_KEY_get0_group(const EC_KEY *); -int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *, BN_CTX *); -int EC_KEY_set_group(EC_KEY *, const EC_GROUP *); -const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *); -int EC_KEY_set_private_key(EC_KEY *, const BIGNUM *); -const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *); -int EC_KEY_set_public_key(EC_KEY *, const EC_POINT *); -void EC_KEY_set_asn1_flag(EC_KEY *, int); -int EC_KEY_generate_key(EC_KEY *); -int EC_KEY_set_public_key_affine_coordinates(EC_KEY *, BIGNUM *, BIGNUM *); - -EC_POINT *EC_POINT_new(const EC_GROUP *); -void EC_POINT_free(EC_POINT *); -void EC_POINT_clear_free(EC_POINT *); -EC_POINT *EC_POINT_dup(const EC_POINT *, const EC_GROUP *); - -int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *, EC_POINT *, - const BIGNUM *, const BIGNUM *, BN_CTX *); - -int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *, - const EC_POINT *, BIGNUM *, BIGNUM *, BN_CTX *); - -int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *, EC_POINT *, - const BIGNUM *, int, BN_CTX *); - -int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *, EC_POINT *, - const BIGNUM *, const BIGNUM *, BN_CTX *); - -int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *, - const EC_POINT *, BIGNUM *, BIGNUM *, BN_CTX *); - -int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *, EC_POINT *, - const BIGNUM *, int, BN_CTX *); - -size_t EC_POINT_point2oct(const EC_GROUP *, const EC_POINT *, - point_conversion_form_t, - unsigned char *, size_t, BN_CTX *); - -int EC_POINT_oct2point(const EC_GROUP *, EC_POINT *, - const unsigned char *, size_t, BN_CTX *); - -int EC_POINT_add(const EC_GROUP *, EC_POINT *, const EC_POINT *, - const EC_POINT *, BN_CTX *); - -int EC_POINT_dbl(const EC_GROUP *, EC_POINT *, const EC_POINT *, BN_CTX *); -int EC_POINT_invert(const EC_GROUP *, EC_POINT *, BN_CTX *); -int EC_POINT_is_at_infinity(const EC_GROUP *, const EC_POINT *); -int EC_POINT_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *); - -int EC_POINT_cmp( - const EC_GROUP *, const EC_POINT *, const EC_POINT *, BN_CTX *); - -int EC_POINT_mul(const EC_GROUP *, EC_POINT *, const BIGNUM *, - const EC_POINT *, const BIGNUM *, BN_CTX *); - -int EC_METHOD_get_field_type(const EC_METHOD *); - -const char *EC_curve_nid2nist(int); - -int EC_GROUP_get_asn1_flag(const EC_GROUP *); -""" - -CUSTOMIZATIONS = """ -#if defined(OPENSSL_NO_EC2M) -static const long Cryptography_HAS_EC2M = 0; - -int (*EC_POINT_set_affine_coordinates_GF2m)(const EC_GROUP *, EC_POINT *, - const BIGNUM *, const BIGNUM *, BN_CTX *) = NULL; - -int (*EC_POINT_get_affine_coordinates_GF2m)(const EC_GROUP *, - const EC_POINT *, BIGNUM *, BIGNUM *, BN_CTX *) = NULL; - -int (*EC_POINT_set_compressed_coordinates_GF2m)(const EC_GROUP *, EC_POINT *, - const BIGNUM *, int, BN_CTX *) = NULL; -#else -static const long Cryptography_HAS_EC2M = 1; -#endif -""" diff --git a/game/python-extra/_openssl/ecdh.py b/game/python-extra/_openssl/ecdh.py deleted file mode 100644 index c73cc9f..0000000 --- a/game/python-extra/_openssl/ecdh.py +++ /dev/null @@ -1,21 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/ecdh.h> -""" - -TYPES = """ -""" - -FUNCTIONS = """ -int ECDH_compute_key(void *, size_t, const EC_POINT *, EC_KEY *, - void *(*)(const void *, size_t, void *, size_t *)); -long SSL_CTX_set_ecdh_auto(SSL_CTX *, int); -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/ecdsa.py b/game/python-extra/_openssl/ecdsa.py deleted file mode 100644 index 3134e24..0000000 --- a/game/python-extra/_openssl/ecdsa.py +++ /dev/null @@ -1,29 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/ecdsa.h> -""" - -TYPES = """ -typedef ... ECDSA_SIG; - -typedef ... CRYPTO_EX_new; -typedef ... CRYPTO_EX_dup; -typedef ... CRYPTO_EX_free; -""" - -FUNCTIONS = """ -int ECDSA_sign(int, const unsigned char *, int, unsigned char *, - unsigned int *, EC_KEY *); -int ECDSA_verify(int, const unsigned char *, int, const unsigned char *, int, - EC_KEY *); -int ECDSA_size(const EC_KEY *); - -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/engine.py b/game/python-extra/_openssl/engine.py deleted file mode 100644 index 24cdd42..0000000 --- a/game/python-extra/_openssl/engine.py +++ /dev/null @@ -1,65 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/engine.h> -""" - -TYPES = """ -typedef ... ENGINE; -typedef ... UI_METHOD; - -static const long Cryptography_HAS_ENGINE; -""" - -FUNCTIONS = """ -ENGINE *ENGINE_by_id(const char *); -int ENGINE_init(ENGINE *); -int ENGINE_finish(ENGINE *); -ENGINE *ENGINE_get_default_RAND(void); -int ENGINE_set_default_RAND(ENGINE *); -void ENGINE_unregister_RAND(ENGINE *); -int ENGINE_ctrl_cmd(ENGINE *, const char *, long, void *, void (*)(void), int); -int ENGINE_free(ENGINE *); -const char *ENGINE_get_name(const ENGINE *); - -// These bindings are unused by cryptography or pyOpenSSL but are present -// for advanced users who need them. -int ENGINE_ctrl_cmd_string(ENGINE *, const char *, const char *, int); -void ENGINE_load_builtin_engines(void); -EVP_PKEY *ENGINE_load_private_key(ENGINE *, const char *, UI_METHOD *, void *); -EVP_PKEY *ENGINE_load_public_key(ENGINE *, const char *, UI_METHOD *, void *); -""" - -CUSTOMIZATIONS = """ -#ifdef OPENSSL_NO_ENGINE -static const long Cryptography_HAS_ENGINE = 0; - -ENGINE *(*ENGINE_by_id)(const char *) = NULL; -int (*ENGINE_init)(ENGINE *) = NULL; -int (*ENGINE_finish)(ENGINE *) = NULL; -ENGINE *(*ENGINE_get_default_RAND)(void) = NULL; -int (*ENGINE_set_default_RAND)(ENGINE *) = NULL; -void (*ENGINE_unregister_RAND)(ENGINE *) = NULL; -int (*ENGINE_ctrl_cmd)(ENGINE *, const char *, long, void *, - void (*)(void), int) = NULL; - -int (*ENGINE_free)(ENGINE *) = NULL; -const char *(*ENGINE_get_id)(const ENGINE *) = NULL; -const char *(*ENGINE_get_name)(const ENGINE *) = NULL; - -int (*ENGINE_ctrl_cmd_string)(ENGINE *, const char *, const char *, - int) = NULL; -void (*ENGINE_load_builtin_engines)(void) = NULL; -EVP_PKEY *(*ENGINE_load_private_key)(ENGINE *, const char *, UI_METHOD *, - void *) = NULL; -EVP_PKEY *(*ENGINE_load_public_key)(ENGINE *, const char *, - UI_METHOD *, void *) = NULL; - -#else -static const long Cryptography_HAS_ENGINE = 1; -#endif -""" diff --git a/game/python-extra/_openssl/err.py b/game/python-extra/_openssl/err.py deleted file mode 100644 index 0dd7414..0000000 --- a/game/python-extra/_openssl/err.py +++ /dev/null @@ -1,49 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/err.h> -""" - -TYPES = """ -static const int EVP_F_EVP_ENCRYPTFINAL_EX; -static const int EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH; -static const int EVP_R_BAD_DECRYPT; -static const int EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM; -static const int PKCS12_R_PKCS12_CIPHERFINAL_ERROR; -static const int PEM_R_UNSUPPORTED_ENCRYPTION; -static const int EVP_R_UNKNOWN_PBE_ALGORITHM; - -static const int ERR_LIB_EVP; -static const int ERR_LIB_PEM; -static const int ERR_LIB_ASN1; -static const int ERR_LIB_PKCS12; - -static const int SSL_TLSEXT_ERR_OK; -static const int SSL_TLSEXT_ERR_ALERT_FATAL; -static const int SSL_TLSEXT_ERR_NOACK; - -static const int X509_R_CERT_ALREADY_IN_HASH_TABLE; -""" - -FUNCTIONS = """ -void ERR_error_string_n(unsigned long, char *, size_t); -const char *ERR_lib_error_string(unsigned long); -const char *ERR_func_error_string(unsigned long); -const char *ERR_reason_error_string(unsigned long); -unsigned long ERR_get_error(void); -unsigned long ERR_peek_error(void); -void ERR_clear_error(void); -void ERR_put_error(int, int, int, const char *, int); - -int ERR_GET_LIB(unsigned long); -int ERR_GET_FUNC(unsigned long); -int ERR_GET_REASON(unsigned long); - -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/evp.py b/game/python-extra/_openssl/evp.py deleted file mode 100644 index ab7cfeb..0000000 --- a/game/python-extra/_openssl/evp.py +++ /dev/null @@ -1,272 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/evp.h> -""" - -TYPES = """ -typedef ... EVP_CIPHER; -typedef ... EVP_CIPHER_CTX; -typedef ... EVP_MD; -typedef ... EVP_MD_CTX; - -typedef ... EVP_PKEY; -typedef ... EVP_PKEY_CTX; -static const int EVP_PKEY_RSA; -static const int EVP_PKEY_DSA; -static const int EVP_PKEY_DH; -static const int EVP_PKEY_DHX; -static const int EVP_PKEY_EC; -static const int EVP_PKEY_X25519; -static const int EVP_PKEY_ED25519; -static const int EVP_PKEY_X448; -static const int EVP_PKEY_ED448; -static const int EVP_PKEY_POLY1305; -static const int EVP_MAX_MD_SIZE; -static const int EVP_CTRL_AEAD_SET_IVLEN; -static const int EVP_CTRL_AEAD_GET_TAG; -static const int EVP_CTRL_AEAD_SET_TAG; - -static const int Cryptography_HAS_SCRYPT; -static const int Cryptography_HAS_EVP_PKEY_DHX; -static const int Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint; -static const int Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY; -static const long Cryptography_HAS_RAW_KEY; -static const long Cryptography_HAS_EVP_DIGESTFINAL_XOF; -""" - -FUNCTIONS = """ -const EVP_CIPHER *EVP_get_cipherbyname(const char *); -int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *, int); -int EVP_CipherInit_ex(EVP_CIPHER_CTX *, const EVP_CIPHER *, ENGINE *, - const unsigned char *, const unsigned char *, int); -int EVP_CipherUpdate(EVP_CIPHER_CTX *, unsigned char *, int *, - const unsigned char *, int); -int EVP_CipherFinal_ex(EVP_CIPHER_CTX *, unsigned char *, int *); -int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *); -EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void); -void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *); -int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *, int); -const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *); - -int EVP_MD_CTX_copy_ex(EVP_MD_CTX *, const EVP_MD_CTX *); -int EVP_DigestInit_ex(EVP_MD_CTX *, const EVP_MD *, ENGINE *); -int EVP_DigestUpdate(EVP_MD_CTX *, const void *, size_t); -int EVP_DigestFinal_ex(EVP_MD_CTX *, unsigned char *, unsigned int *); -int EVP_DigestFinalXOF(EVP_MD_CTX *, unsigned char *, size_t); -const EVP_MD *EVP_get_digestbyname(const char *); - -EVP_PKEY *EVP_PKEY_new(void); -void EVP_PKEY_free(EVP_PKEY *); -int EVP_PKEY_type(int); -int EVP_PKEY_size(EVP_PKEY *); -RSA *EVP_PKEY_get1_RSA(EVP_PKEY *); -DSA *EVP_PKEY_get1_DSA(EVP_PKEY *); -DH *EVP_PKEY_get1_DH(EVP_PKEY *); - -int EVP_PKEY_encrypt(EVP_PKEY_CTX *, unsigned char *, size_t *, - const unsigned char *, size_t); -int EVP_PKEY_decrypt(EVP_PKEY_CTX *, unsigned char *, size_t *, - const unsigned char *, size_t); - -int EVP_SignInit(EVP_MD_CTX *, const EVP_MD *); -int EVP_SignUpdate(EVP_MD_CTX *, const void *, size_t); -int EVP_SignFinal(EVP_MD_CTX *, unsigned char *, unsigned int *, EVP_PKEY *); - -int EVP_VerifyInit(EVP_MD_CTX *, const EVP_MD *); -int EVP_VerifyUpdate(EVP_MD_CTX *, const void *, size_t); -int EVP_VerifyFinal(EVP_MD_CTX *, const unsigned char *, unsigned int, - EVP_PKEY *); - -int EVP_DigestSignInit(EVP_MD_CTX *, EVP_PKEY_CTX **, const EVP_MD *, - ENGINE *, EVP_PKEY *); -int EVP_DigestSignUpdate(EVP_MD_CTX *, const void *, size_t); -int EVP_DigestSignFinal(EVP_MD_CTX *, unsigned char *, size_t *); -int EVP_DigestVerifyInit(EVP_MD_CTX *, EVP_PKEY_CTX **, const EVP_MD *, - ENGINE *, EVP_PKEY *); - - - -EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *, ENGINE *); -EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int, ENGINE *); -EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *); -void EVP_PKEY_CTX_free(EVP_PKEY_CTX *); -int EVP_PKEY_sign_init(EVP_PKEY_CTX *); -int EVP_PKEY_sign(EVP_PKEY_CTX *, unsigned char *, size_t *, - const unsigned char *, size_t); -int EVP_PKEY_verify_init(EVP_PKEY_CTX *); -int EVP_PKEY_verify(EVP_PKEY_CTX *, const unsigned char *, size_t, - const unsigned char *, size_t); -int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *); -int EVP_PKEY_verify_recover(EVP_PKEY_CTX *, unsigned char *, - size_t *, const unsigned char *, size_t); -int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *); -int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *); - -int EVP_PKEY_set1_RSA(EVP_PKEY *, RSA *); -int EVP_PKEY_set1_DSA(EVP_PKEY *, DSA *); -int EVP_PKEY_set1_DH(EVP_PKEY *, DH *); - -int EVP_PKEY_cmp(const EVP_PKEY *, const EVP_PKEY *); - -int EVP_PKEY_keygen_init(EVP_PKEY_CTX *); -int EVP_PKEY_keygen(EVP_PKEY_CTX *, EVP_PKEY **); -int EVP_PKEY_derive_init(EVP_PKEY_CTX *); -int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *, EVP_PKEY *); -int EVP_PKEY_derive(EVP_PKEY_CTX *, unsigned char *, size_t *); -int EVP_PKEY_set_type(EVP_PKEY *, int); - -int EVP_PKEY_id(const EVP_PKEY *); -int Cryptography_EVP_PKEY_id(const EVP_PKEY *); - -EVP_MD_CTX *EVP_MD_CTX_new(void); -void EVP_MD_CTX_free(EVP_MD_CTX *); -/* Backwards compat aliases for pyOpenSSL */ -EVP_MD_CTX *Cryptography_EVP_MD_CTX_new(void); -void Cryptography_EVP_MD_CTX_free(EVP_MD_CTX *); - -/* Added in 1.1.1 */ -int EVP_DigestSign(EVP_MD_CTX *, unsigned char *, size_t *, - const unsigned char *, size_t); -int EVP_DigestVerify(EVP_MD_CTX *, const unsigned char *, size_t, - const unsigned char *, size_t); -/* Added in 1.1.0 */ -size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *, unsigned char **); -int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *, const unsigned char *, - size_t); - -/* EVP_PKEY * became const in 1.1.0 */ -int EVP_PKEY_bits(EVP_PKEY *); - -void OpenSSL_add_all_algorithms(void); -int EVP_PKEY_assign_RSA(EVP_PKEY *, RSA *); - -EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *); -int EVP_PKEY_set1_EC_KEY(EVP_PKEY *, EC_KEY *); - -int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *, int, int, void *); - -int PKCS5_PBKDF2_HMAC(const char *, int, const unsigned char *, int, int, - const EVP_MD *, int, unsigned char *); - -int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *, const EVP_MD *); - -int EVP_PBE_scrypt(const char *, size_t, const unsigned char *, size_t, - uint64_t, uint64_t, uint64_t, uint64_t, unsigned char *, - size_t); - -EVP_PKEY *EVP_PKEY_new_raw_private_key(int, ENGINE *, const unsigned char *, - size_t); -EVP_PKEY *EVP_PKEY_new_raw_public_key(int, ENGINE *, const unsigned char *, - size_t); -int EVP_PKEY_get_raw_private_key(const EVP_PKEY *, unsigned char *, size_t *); -int EVP_PKEY_get_raw_public_key(const EVP_PKEY *, unsigned char *, size_t *); -""" - -CUSTOMIZATIONS = """ -#ifdef EVP_PKEY_DHX -const long Cryptography_HAS_EVP_PKEY_DHX = 1; -#else -const long Cryptography_HAS_EVP_PKEY_DHX = 0; -const long EVP_PKEY_DHX = -1; -#endif - -int Cryptography_EVP_PKEY_id(const EVP_PKEY *key) { - return EVP_PKEY_id(key); -} -EVP_MD_CTX *Cryptography_EVP_MD_CTX_new(void) { - return EVP_MD_CTX_new(); -} -void Cryptography_EVP_MD_CTX_free(EVP_MD_CTX *md) { - EVP_MD_CTX_free(md); -} - -#if CRYPTOGRAPHY_IS_LIBRESSL || defined(OPENSSL_NO_SCRYPT) -static const long Cryptography_HAS_SCRYPT = 0; -int (*EVP_PBE_scrypt)(const char *, size_t, const unsigned char *, size_t, - uint64_t, uint64_t, uint64_t, uint64_t, unsigned char *, - size_t) = NULL; -#else -static const long Cryptography_HAS_SCRYPT = 1; -#endif - -#if !CRYPTOGRAPHY_IS_LIBRESSL -static const long Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint = 1; -#else -static const long Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint = 0; -size_t (*EVP_PKEY_get1_tls_encodedpoint)(EVP_PKEY *, unsigned char **) = NULL; -int (*EVP_PKEY_set1_tls_encodedpoint)(EVP_PKEY *, const unsigned char *, - size_t) = NULL; -#endif - -#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 -static const long Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY = 0; -static const long Cryptography_HAS_RAW_KEY = 0; -static const long Cryptography_HAS_EVP_DIGESTFINAL_XOF = 0; -int (*EVP_DigestFinalXOF)(EVP_MD_CTX *, unsigned char *, size_t) = NULL; -int (*EVP_DigestSign)(EVP_MD_CTX *, unsigned char *, size_t *, - const unsigned char *tbs, size_t) = NULL; -int (*EVP_DigestVerify)(EVP_MD_CTX *, const unsigned char *, size_t, - const unsigned char *, size_t) = NULL; -EVP_PKEY *(*EVP_PKEY_new_raw_private_key)(int, ENGINE *, const unsigned char *, - size_t) = NULL; -EVP_PKEY *(*EVP_PKEY_new_raw_public_key)(int, ENGINE *, const unsigned char *, - size_t) = NULL; -int (*EVP_PKEY_get_raw_private_key)(const EVP_PKEY *, unsigned char *, - size_t *) = NULL; -int (*EVP_PKEY_get_raw_public_key)(const EVP_PKEY *, unsigned char *, - size_t *) = NULL; -#else -static const long Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY = 1; -static const long Cryptography_HAS_RAW_KEY = 1; -static const long Cryptography_HAS_EVP_DIGESTFINAL_XOF = 1; -#endif - -/* OpenSSL 1.1.0+ does this define for us, but if not present we'll do it */ -#if !defined(EVP_CTRL_AEAD_SET_IVLEN) -# define EVP_CTRL_AEAD_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN -#endif -#if !defined(EVP_CTRL_AEAD_GET_TAG) -# define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG -#endif -#if !defined(EVP_CTRL_AEAD_SET_TAG) -# define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG -#endif - -/* This is tied to X25519 support so we reuse the Cryptography_HAS_X25519 - conditional to remove it. OpenSSL 1.1.0 didn't have this define, but - 1.1.1 will when it is released. We can remove this in the distant - future when we drop 1.1.0 support. */ -#ifndef EVP_PKEY_X25519 -#define EVP_PKEY_X25519 NID_X25519 -#endif - -/* This is tied to X448 support so we reuse the Cryptography_HAS_X448 - conditional to remove it. OpenSSL 1.1.1 adds this define. We can remove - this in the distant future when we drop 1.1.0 support. */ -#ifndef EVP_PKEY_X448 -#define EVP_PKEY_X448 NID_X448 -#endif - -/* This is tied to ED25519 support so we reuse the Cryptography_HAS_ED25519 - conditional to remove it. */ -#ifndef EVP_PKEY_ED25519 -#define EVP_PKEY_ED25519 NID_ED25519 -#endif - -/* This is tied to ED448 support so we reuse the Cryptography_HAS_ED448 - conditional to remove it. */ -#ifndef EVP_PKEY_ED448 -#define EVP_PKEY_ED448 NID_ED448 -#endif - -/* This is tied to poly1305 support so we reuse the Cryptography_HAS_POLY1305 - conditional to remove it. */ -#ifndef EVP_PKEY_POLY1305 -#define EVP_PKEY_POLY1305 NID_poly1305 -#endif -""" diff --git a/game/python-extra/_openssl/fips.py b/game/python-extra/_openssl/fips.py deleted file mode 100644 index c92bca4..0000000 --- a/game/python-extra/_openssl/fips.py +++ /dev/null @@ -1,28 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/crypto.h> -""" - -TYPES = """ -static const long Cryptography_HAS_FIPS; -""" - -FUNCTIONS = """ -int FIPS_mode_set(int); -int FIPS_mode(void); -""" - -CUSTOMIZATIONS = """ -#if CRYPTOGRAPHY_IS_LIBRESSL -static const long Cryptography_HAS_FIPS = 0; -int (*FIPS_mode_set)(int) = NULL; -int (*FIPS_mode)(void) = NULL; -#else -static const long Cryptography_HAS_FIPS = 1; -#endif -""" diff --git a/game/python-extra/_openssl/hmac.py b/game/python-extra/_openssl/hmac.py deleted file mode 100644 index 2e0e33f..0000000 --- a/game/python-extra/_openssl/hmac.py +++ /dev/null @@ -1,26 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/hmac.h> -""" - -TYPES = """ -typedef ... HMAC_CTX; -""" - -FUNCTIONS = """ -int HMAC_Init_ex(HMAC_CTX *, const void *, int, const EVP_MD *, ENGINE *); -int HMAC_Update(HMAC_CTX *, const unsigned char *, size_t); -int HMAC_Final(HMAC_CTX *, unsigned char *, unsigned int *); -int HMAC_CTX_copy(HMAC_CTX *, HMAC_CTX *); - -HMAC_CTX *HMAC_CTX_new(void); -void HMAC_CTX_free(HMAC_CTX *ctx); -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/nid.py b/game/python-extra/_openssl/nid.py deleted file mode 100644 index 9ef88cd..0000000 --- a/game/python-extra/_openssl/nid.py +++ /dev/null @@ -1,52 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/obj_mac.h> -""" - -TYPES = """ -static const int Cryptography_HAS_ED448; -static const int Cryptography_HAS_ED25519; -static const int Cryptography_HAS_POLY1305; - -static const int NID_undef; -static const int NID_pbe_WithSHA1And3_Key_TripleDES_CBC; -static const int NID_X25519; -static const int NID_X448; -static const int NID_ED25519; -static const int NID_ED448; -static const int NID_poly1305; - -static const int NID_subject_alt_name; -static const int NID_crl_reason; - -static const int NID_pkcs7_signed; -""" - -FUNCTIONS = """ -""" - -CUSTOMIZATIONS = """ -#ifndef NID_ED25519 -static const long Cryptography_HAS_ED25519 = 0; -static const int NID_ED25519 = 0; -#else -static const long Cryptography_HAS_ED25519 = 1; -#endif -#ifndef NID_ED448 -static const long Cryptography_HAS_ED448 = 0; -static const int NID_ED448 = 0; -#else -static const long Cryptography_HAS_ED448 = 1; -#endif -#ifndef NID_poly1305 -static const long Cryptography_HAS_POLY1305 = 0; -static const int NID_poly1305 = 0; -#else -static const long Cryptography_HAS_POLY1305 = 1; -#endif -""" diff --git a/game/python-extra/_openssl/objects.py b/game/python-extra/_openssl/objects.py deleted file mode 100644 index 236903d..0000000 --- a/game/python-extra/_openssl/objects.py +++ /dev/null @@ -1,33 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/objects.h> -""" - -TYPES = """ -typedef struct { - int type; - int alias; - const char *name; - const char *data; -} OBJ_NAME; - -static const long OBJ_NAME_TYPE_MD_METH; -""" - -FUNCTIONS = """ -const char *OBJ_nid2ln(int); -const char *OBJ_nid2sn(int); -int OBJ_obj2nid(const ASN1_OBJECT *); -int OBJ_sn2nid(const char *); -int OBJ_txt2nid(const char *); -ASN1_OBJECT *OBJ_txt2obj(const char *, int); -int OBJ_obj2txt(char *, int, const ASN1_OBJECT *, int); -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/ocsp.py b/game/python-extra/_openssl/ocsp.py deleted file mode 100644 index c3d034c..0000000 --- a/game/python-extra/_openssl/ocsp.py +++ /dev/null @@ -1,166 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/ocsp.h> -""" - -TYPES = """ -typedef ... OCSP_REQUEST; -typedef ... OCSP_ONEREQ; -typedef ... OCSP_RESPONSE; -typedef ... OCSP_BASICRESP; -typedef ... OCSP_SINGLERESP; -typedef ... OCSP_CERTID; -typedef ... OCSP_RESPDATA; -static const long OCSP_NOCERTS; -static const long OCSP_RESPID_KEY; -""" - -FUNCTIONS = """ -int OCSP_response_status(OCSP_RESPONSE *); -OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *); -int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *); -const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *); -Cryptography_STACK_OF_X509 *OCSP_resp_get0_certs(const OCSP_BASICRESP *); -const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at( - const OCSP_BASICRESP *); -const OCSP_CERTID *OCSP_SINGLERESP_get0_id(const OCSP_SINGLERESP *); -int OCSP_resp_get0_id(const OCSP_BASICRESP *, const ASN1_OCTET_STRING **, - const X509_NAME **); -const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *); -const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *); -X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *, int); -int OCSP_resp_count(OCSP_BASICRESP *); -OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *, int); -int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *); -X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *, int); - -int OCSP_single_get0_status(OCSP_SINGLERESP *, int *, ASN1_GENERALIZEDTIME **, - ASN1_GENERALIZEDTIME **, ASN1_GENERALIZEDTIME **); - -int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *); -X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *, int); -int OCSP_request_onereq_count(OCSP_REQUEST *); -OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *, int); -OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *); -OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *, OCSP_CERTID *); -OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *, const X509 *, const X509 *); -void OCSP_CERTID_free(OCSP_CERTID *); - - -OCSP_BASICRESP *OCSP_BASICRESP_new(void); -void OCSP_BASICRESP_free(OCSP_BASICRESP *); -OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *, OCSP_CERTID *, int, - int, ASN1_TIME *, ASN1_TIME *, - ASN1_TIME *); -int OCSP_basic_add1_cert(OCSP_BASICRESP *, X509 *); -int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *, X509_EXTENSION *, int); -int OCSP_basic_sign(OCSP_BASICRESP *, X509 *, EVP_PKEY *, const EVP_MD *, - Cryptography_STACK_OF_X509 *, unsigned long); -OCSP_RESPONSE *OCSP_response_create(int, OCSP_BASICRESP *); -void OCSP_RESPONSE_free(OCSP_RESPONSE *); - -OCSP_REQUEST *OCSP_REQUEST_new(void); -void OCSP_REQUEST_free(OCSP_REQUEST *); -int OCSP_REQUEST_add_ext(OCSP_REQUEST *, X509_EXTENSION *, int); -int OCSP_id_get0_info(ASN1_OCTET_STRING **, ASN1_OBJECT **, - ASN1_OCTET_STRING **, ASN1_INTEGER **, OCSP_CERTID *); -OCSP_REQUEST *d2i_OCSP_REQUEST_bio(BIO *, OCSP_REQUEST **); -OCSP_RESPONSE *d2i_OCSP_RESPONSE_bio(BIO *, OCSP_RESPONSE **); -int i2d_OCSP_REQUEST_bio(BIO *, OCSP_REQUEST *); -int i2d_OCSP_RESPONSE_bio(BIO *, OCSP_RESPONSE *); -int i2d_OCSP_RESPDATA(OCSP_RESPDATA *, unsigned char **); -""" - -CUSTOMIZATIONS = """ -#if ( \ - !CRYPTOGRAPHY_IS_LIBRESSL && \ - CRYPTOGRAPHY_OPENSSL_LESS_THAN_110J \ - ) -/* These structs come from ocsp_lcl.h and are needed to de-opaque the struct - for the getters in OpenSSL 1.1.0 through 1.1.0i */ -struct ocsp_responder_id_st { - int type; - union { - X509_NAME *byName; - ASN1_OCTET_STRING *byKey; - } value; -}; -struct ocsp_response_data_st { - ASN1_INTEGER *version; - OCSP_RESPID responderId; - ASN1_GENERALIZEDTIME *producedAt; - STACK_OF(OCSP_SINGLERESP) *responses; - STACK_OF(X509_EXTENSION) *responseExtensions; -}; -struct ocsp_basic_response_st { - OCSP_RESPDATA tbsResponseData; - X509_ALGOR signatureAlgorithm; - ASN1_BIT_STRING *signature; - STACK_OF(X509) *certs; -}; -#endif - -#if CRYPTOGRAPHY_IS_LIBRESSL -/* These functions are all taken from ocsp_cl.c in OpenSSL 1.1.0 */ -const OCSP_CERTID *OCSP_SINGLERESP_get0_id(const OCSP_SINGLERESP *single) -{ - return single->certId; -} -const Cryptography_STACK_OF_X509 *OCSP_resp_get0_certs( - const OCSP_BASICRESP *bs) -{ - return bs->certs; -} -int OCSP_resp_get0_id(const OCSP_BASICRESP *bs, - const ASN1_OCTET_STRING **pid, - const X509_NAME **pname) -{ - const OCSP_RESPID *rid = bs->tbsResponseData->responderId; - - if (rid->type == V_OCSP_RESPID_NAME) { - *pname = rid->value.byName; - *pid = NULL; - } else if (rid->type == V_OCSP_RESPID_KEY) { - *pid = rid->value.byKey; - *pname = NULL; - } else { - return 0; - } - return 1; -} -const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at( - const OCSP_BASICRESP* bs) -{ - return bs->tbsResponseData->producedAt; -} -const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *bs) -{ - return bs->signature; -} -#endif - -#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110J -const X509_ALGOR *OCSP_resp_get0_tbs_sigalg(const OCSP_BASICRESP *bs) -{ -#if CRYPTOGRAPHY_IS_LIBRESSL - return bs->signatureAlgorithm; -#else - return &bs->signatureAlgorithm; -#endif -} - -const OCSP_RESPDATA *OCSP_resp_get0_respdata(const OCSP_BASICRESP *bs) -{ -#if CRYPTOGRAPHY_IS_LIBRESSL - return bs->tbsResponseData; -#else - return &bs->tbsResponseData; -#endif -} -#endif -""" diff --git a/game/python-extra/_openssl/opensslv.py b/game/python-extra/_openssl/opensslv.py deleted file mode 100644 index 9b0c689..0000000 --- a/game/python-extra/_openssl/opensslv.py +++ /dev/null @@ -1,22 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/opensslv.h> -""" - -TYPES = """ -/* Note that these will be resolved when cryptography is compiled and are NOT - guaranteed to be the version that it actually loads. */ -static const int OPENSSL_VERSION_NUMBER; -static const char *const OPENSSL_VERSION_TEXT; -""" - -FUNCTIONS = """ -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/osrandom_engine.py b/game/python-extra/_openssl/osrandom_engine.py deleted file mode 100644 index ed1068e..0000000 --- a/game/python-extra/_openssl/osrandom_engine.py +++ /dev/null @@ -1,24 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -import os - -HERE = os.path.dirname(os.path.abspath(__file__)) - -with open(os.path.join(HERE, "src/osrandom_engine.h")) as f: - INCLUDES = f.read() - -TYPES = """ -static const char *const Cryptography_osrandom_engine_name; -static const char *const Cryptography_osrandom_engine_id; -""" - -FUNCTIONS = """ -int Cryptography_add_osrandom_engine(void); -""" - -with open(os.path.join(HERE, "src/osrandom_engine.c")) as f: - CUSTOMIZATIONS = f.read() diff --git a/game/python-extra/_openssl/pem.py b/game/python-extra/_openssl/pem.py deleted file mode 100644 index 3f279c4..0000000 --- a/game/python-extra/_openssl/pem.py +++ /dev/null @@ -1,75 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/pem.h> -""" - -TYPES = """ -typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata); -""" - -FUNCTIONS = """ -X509 *PEM_read_bio_X509(BIO *, X509 **, pem_password_cb *, void *); -int PEM_write_bio_X509(BIO *, X509 *); - -int PEM_write_bio_PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *, - unsigned char *, int, pem_password_cb *, void *); - -EVP_PKEY *PEM_read_bio_PrivateKey(BIO *, EVP_PKEY **, pem_password_cb *, - void *); - -int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *, - char *, int, pem_password_cb *, void *); - -int i2d_PKCS8PrivateKey_bio(BIO *, EVP_PKEY *, const EVP_CIPHER *, - char *, int, pem_password_cb *, void *); - -int i2d_PKCS7_bio(BIO *, PKCS7 *); -PKCS7 *d2i_PKCS7_bio(BIO *, PKCS7 **); - -EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *, EVP_PKEY **, pem_password_cb *, - void *); - -int PEM_write_bio_X509_REQ(BIO *, X509_REQ *); - -X509_REQ *PEM_read_bio_X509_REQ(BIO *, X509_REQ **, pem_password_cb *, void *); - -X509_CRL *PEM_read_bio_X509_CRL(BIO *, X509_CRL **, pem_password_cb *, void *); - -int PEM_write_bio_X509_CRL(BIO *, X509_CRL *); - -PKCS7 *PEM_read_bio_PKCS7(BIO *, PKCS7 **, pem_password_cb *, void *); -int PEM_write_bio_PKCS7(BIO *, PKCS7 *); - -DH *PEM_read_bio_DHparams(BIO *, DH **, pem_password_cb *, void *); - -int PEM_write_bio_DSAPrivateKey(BIO *, DSA *, const EVP_CIPHER *, - unsigned char *, int, - pem_password_cb *, void *); - -int PEM_write_bio_RSAPrivateKey(BIO *, RSA *, const EVP_CIPHER *, - unsigned char *, int, - pem_password_cb *, void *); - -RSA *PEM_read_bio_RSAPublicKey(BIO *, RSA **, pem_password_cb *, void *); - -int PEM_write_bio_RSAPublicKey(BIO *, const RSA *); - -EVP_PKEY *PEM_read_bio_PUBKEY(BIO *, EVP_PKEY **, pem_password_cb *, void *); -int PEM_write_bio_PUBKEY(BIO *, EVP_PKEY *); -int PEM_write_bio_ECPrivateKey(BIO *, EC_KEY *, const EVP_CIPHER *, - unsigned char *, int, pem_password_cb *, - void *); -int PEM_write_bio_DHparams(BIO *, DH *); -int PEM_write_bio_DHxparams(BIO *, DH *); -""" - -CUSTOMIZATIONS = """ -#if !defined(EVP_PKEY_DHX) || EVP_PKEY_DHX == -1 -int (*PEM_write_bio_DHxparams)(BIO *, DH *) = NULL; -#endif -""" diff --git a/game/python-extra/_openssl/pkcs12.py b/game/python-extra/_openssl/pkcs12.py deleted file mode 100644 index 21a8481..0000000 --- a/game/python-extra/_openssl/pkcs12.py +++ /dev/null @@ -1,27 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/pkcs12.h> -""" - -TYPES = """ -typedef ... PKCS12; -""" - -FUNCTIONS = """ -void PKCS12_free(PKCS12 *); - -PKCS12 *d2i_PKCS12_bio(BIO *, PKCS12 **); -int i2d_PKCS12_bio(BIO *, PKCS12 *); -int PKCS12_parse(PKCS12 *, const char *, EVP_PKEY **, X509 **, - Cryptography_STACK_OF_X509 **); -PKCS12 *PKCS12_create(char *, char *, EVP_PKEY *, X509 *, - Cryptography_STACK_OF_X509 *, int, int, int, int, int); -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/pkcs7.py b/game/python-extra/_openssl/pkcs7.py deleted file mode 100644 index c22263d..0000000 --- a/game/python-extra/_openssl/pkcs7.py +++ /dev/null @@ -1,79 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/pkcs7.h> -""" - -TYPES = """ -typedef struct { - Cryptography_STACK_OF_X509 *cert; - Cryptography_STACK_OF_X509_CRL *crl; - ...; -} PKCS7_SIGNED; - -typedef struct { - Cryptography_STACK_OF_X509 *cert; - Cryptography_STACK_OF_X509_CRL *crl; - ...; -} PKCS7_SIGN_ENVELOPE; - -typedef ... PKCS7_DIGEST; -typedef ... PKCS7_ENCRYPT; -typedef ... PKCS7_ENVELOPE; -typedef ... PKCS7_SIGNER_INFO; - -typedef struct { - ASN1_OBJECT *type; - union { - char *ptr; - ASN1_OCTET_STRING *data; - PKCS7_SIGNED *sign; - PKCS7_ENVELOPE *enveloped; - PKCS7_SIGN_ENVELOPE *signed_and_enveloped; - PKCS7_DIGEST *digest; - PKCS7_ENCRYPT *encrypted; - ASN1_TYPE *other; - } d; - ...; -} PKCS7; - -static const int PKCS7_BINARY; -static const int PKCS7_DETACHED; -static const int PKCS7_NOATTR; -static const int PKCS7_NOCERTS; -static const int PKCS7_NOCHAIN; -static const int PKCS7_NOINTERN; -static const int PKCS7_NOSIGS; -static const int PKCS7_NOSMIMECAP; -static const int PKCS7_NOVERIFY; -static const int PKCS7_STREAM; -static const int PKCS7_TEXT; -static const int PKCS7_PARTIAL; -""" - -FUNCTIONS = """ -void PKCS7_free(PKCS7 *); -PKCS7 *PKCS7_sign(X509 *, EVP_PKEY *, Cryptography_STACK_OF_X509 *, - BIO *, int); -int SMIME_write_PKCS7(BIO *, PKCS7 *, BIO *, int); -int PEM_write_bio_PKCS7_stream(BIO *, PKCS7 *, BIO *, int); -PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *, X509 *, EVP_PKEY *, - const EVP_MD *, int); -int PKCS7_final(PKCS7 *, BIO *, int); -/* Included verify due to external consumer, see - https://github.com/pyca/cryptography/issues/5433 */ -int PKCS7_verify(PKCS7 *, Cryptography_STACK_OF_X509 *, X509_STORE *, BIO *, - BIO *, int); -PKCS7 *SMIME_read_PKCS7(BIO *, BIO **); - -int PKCS7_type_is_signed(PKCS7 *); -int PKCS7_type_is_enveloped(PKCS7 *); -int PKCS7_type_is_signedAndEnveloped(PKCS7 *); -int PKCS7_type_is_data(PKCS7 *); -""" - -CUSTOMIZATIONS = "" diff --git a/game/python-extra/_openssl/rand.py b/game/python-extra/_openssl/rand.py deleted file mode 100644 index 1bc2ec0..0000000 --- a/game/python-extra/_openssl/rand.py +++ /dev/null @@ -1,28 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/rand.h> -""" - -TYPES = """ -typedef ... RAND_METHOD; -""" - -FUNCTIONS = """ -int RAND_set_rand_method(const RAND_METHOD *); -void RAND_add(const void *, int, double); -int RAND_status(void); -int RAND_bytes(unsigned char *, int); -/* ERR_load_RAND_strings started returning an int in 1.1.0. Unfortunately we - can't declare a conditional signature like that. Since it always returns - 1 we'll just lie about the signature to preserve compatibility for - pyOpenSSL (which calls this in its rand.py as of mid-2016) */ -void ERR_load_RAND_strings(void); -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/rsa.py b/game/python-extra/_openssl/rsa.py deleted file mode 100644 index 92b8fa4..0000000 --- a/game/python-extra/_openssl/rsa.py +++ /dev/null @@ -1,61 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/rsa.h> -""" - -TYPES = """ -typedef ... RSA; -typedef ... BN_GENCB; -static const int RSA_PKCS1_PADDING; -static const int RSA_NO_PADDING; -static const int RSA_PKCS1_OAEP_PADDING; -static const int RSA_PKCS1_PSS_PADDING; -static const int RSA_F4; - -static const int Cryptography_HAS_RSA_OAEP_MD; -static const int Cryptography_HAS_RSA_OAEP_LABEL; -""" - -FUNCTIONS = """ -RSA *RSA_new(void); -void RSA_free(RSA *); -int RSA_generate_key_ex(RSA *, int, BIGNUM *, BN_GENCB *); -int RSA_check_key(const RSA *); -RSA *RSAPublicKey_dup(RSA *); -int RSA_blinding_on(RSA *, BN_CTX *); -int RSA_print(BIO *, const RSA *, int); - -/* added in 1.1.0 when the RSA struct was opaqued */ -int RSA_set0_key(RSA *, BIGNUM *, BIGNUM *, BIGNUM *); -int RSA_set0_factors(RSA *, BIGNUM *, BIGNUM *); -int RSA_set0_crt_params(RSA *, BIGNUM *, BIGNUM *, BIGNUM *); -void RSA_get0_key(const RSA *, const BIGNUM **, const BIGNUM **, - const BIGNUM **); -void RSA_get0_factors(const RSA *, const BIGNUM **, const BIGNUM **); -void RSA_get0_crt_params(const RSA *, const BIGNUM **, const BIGNUM **, - const BIGNUM **); -int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *, int); -int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *, int); -int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *, EVP_MD *); -int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *, unsigned char *, int); - -int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *, EVP_MD *); -""" - -CUSTOMIZATIONS = """ -#if !CRYPTOGRAPHY_IS_LIBRESSL -static const long Cryptography_HAS_RSA_OAEP_MD = 1; -static const long Cryptography_HAS_RSA_OAEP_LABEL = 1; -#else -static const long Cryptography_HAS_RSA_OAEP_MD = 0; -static const long Cryptography_HAS_RSA_OAEP_LABEL = 0; -int (*EVP_PKEY_CTX_set_rsa_oaep_md)(EVP_PKEY_CTX *, EVP_MD *) = NULL; -int (*EVP_PKEY_CTX_set0_rsa_oaep_label)(EVP_PKEY_CTX *, unsigned char *, - int) = NULL; -#endif -""" diff --git a/game/python-extra/_openssl/src/osrandom_engine.c b/game/python-extra/_openssl/src/osrandom_engine.c deleted file mode 100644 index a84857b..0000000 --- a/game/python-extra/_openssl/src/osrandom_engine.c +++ /dev/null @@ -1,660 +0,0 @@ -/* osurandom engine - * - * Windows CryptGenRandom() - * macOS >= 10.12 getentropy() - * OpenBSD 5.6+ getentropy() - * other BSD getentropy() if SYS_getentropy is defined - * Linux 3.17+ getrandom() with fallback to /dev/urandom - * other /dev/urandom with cached fd - * - * The /dev/urandom, getrandom and getentropy code is derived from Python's - * Python/random.c, written by Antoine Pitrou and Victor Stinner. - * - * Copyright 2001-2016 Python Software Foundation; All Rights Reserved. - */ - -#ifdef __linux__ -#include <poll.h> -#endif - -#if CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE -/* OpenSSL has ENGINE support and is older than 1.1.1d (the first version that - * properly implements fork safety in its RNG) so build the engine. */ -static const char *Cryptography_osrandom_engine_id = "osrandom"; - -/**************************************************************************** - * Windows - */ -#if CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_CRYPTGENRANDOM -static const char *Cryptography_osrandom_engine_name = "osrandom_engine CryptGenRandom()"; -static HCRYPTPROV hCryptProv = 0; - -static int osrandom_init(ENGINE *e) { - if (hCryptProv != 0) { - return 1; - } - if (CryptAcquireContext(&hCryptProv, NULL, NULL, - PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { - return 1; - } else { - ERR_Cryptography_OSRandom_error( - CRYPTOGRAPHY_OSRANDOM_F_INIT, - CRYPTOGRAPHY_OSRANDOM_R_CRYPTACQUIRECONTEXT, - __FILE__, __LINE__ - ); - return 0; - } -} - -static int osrandom_rand_bytes(unsigned char *buffer, int size) { - if (hCryptProv == 0) { - return 0; - } - - if (!CryptGenRandom(hCryptProv, (DWORD)size, buffer)) { - ERR_Cryptography_OSRandom_error( - CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES, - CRYPTOGRAPHY_OSRANDOM_R_CRYPTGENRANDOM, - __FILE__, __LINE__ - ); - return 0; - } - return 1; -} - -static int osrandom_finish(ENGINE *e) { - if (CryptReleaseContext(hCryptProv, 0)) { - hCryptProv = 0; - return 1; - } else { - ERR_Cryptography_OSRandom_error( - CRYPTOGRAPHY_OSRANDOM_F_FINISH, - CRYPTOGRAPHY_OSRANDOM_R_CRYPTRELEASECONTEXT, - __FILE__, __LINE__ - ); - return 0; - } -} - -static int osrandom_rand_status(void) { - return hCryptProv != 0; -} - -static const char *osurandom_get_implementation(void) { - return "CryptGenRandom"; -} - -#endif /* CRYPTOGRAPHY_OSRANDOM_ENGINE_CRYPTGENRANDOM */ - -/**************************************************************************** - * /dev/urandom helpers for all non-BSD Unix platforms - */ -#ifdef CRYPTOGRAPHY_OSRANDOM_NEEDS_DEV_URANDOM - -static struct { - int fd; - dev_t st_dev; - ino_t st_ino; -} urandom_cache = { -1 }; - -static int open_cloexec(const char *path) { - int open_flags = O_RDONLY; -#ifdef O_CLOEXEC - open_flags |= O_CLOEXEC; -#endif - - int fd = open(path, open_flags); - if (fd == -1) { - return -1; - } - -#ifndef O_CLOEXEC - int flags = fcntl(fd, F_GETFD); - if (flags == -1) { - return -1; - } - if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) == -1) { - return -1; - } -#endif - return fd; -} - -#ifdef __linux__ -/* On Linux, we open("/dev/random") and use poll() to wait until it's readable - * before we read from /dev/urandom, this ensures that we don't read from - * /dev/urandom before the kernel CSPRNG is initialized. This isn't necessary on - * other platforms because they don't have the same _bug_ as Linux does with - * /dev/urandom and early boot. */ -static int wait_on_devrandom(void) { - struct pollfd pfd = {}; - int ret = 0; - int random_fd = open_cloexec("/dev/random"); - if (random_fd < 0) { - return -1; - } - pfd.fd = random_fd; - pfd.events = POLLIN; - pfd.revents = 0; - do { - ret = poll(&pfd, 1, -1); - } while (ret < 0 && (errno == EINTR || errno == EAGAIN)); - close(random_fd); - return ret; -} -#endif - -/* return -1 on error */ -static int dev_urandom_fd(void) { - int fd = -1; - struct stat st; - - /* Check that fd still points to the correct device */ - if (urandom_cache.fd >= 0) { - if (fstat(urandom_cache.fd, &st) - || st.st_dev != urandom_cache.st_dev - || st.st_ino != urandom_cache.st_ino) { - /* Somebody replaced our FD. Invalidate our cache but don't - * close the fd. */ - urandom_cache.fd = -1; - } - } - if (urandom_cache.fd < 0) { -#ifdef __linux__ - if (wait_on_devrandom() < 0) { - goto error; - } -#endif - - fd = open_cloexec("/dev/urandom"); - if (fd < 0) { - goto error; - } - if (fstat(fd, &st)) { - goto error; - } - /* Another thread initialized the fd */ - if (urandom_cache.fd >= 0) { - close(fd); - return urandom_cache.fd; - } - urandom_cache.st_dev = st.st_dev; - urandom_cache.st_ino = st.st_ino; - urandom_cache.fd = fd; - } - return urandom_cache.fd; - - error: - if (fd != -1) { - close(fd); - } - ERR_Cryptography_OSRandom_error( - CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_FD, - CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_OPEN_FAILED, - __FILE__, __LINE__ - ); - return -1; -} - -static int dev_urandom_read(unsigned char *buffer, int size) { - int fd; - int n; - - fd = dev_urandom_fd(); - if (fd < 0) { - return 0; - } - - while (size > 0) { - do { - n = (int)read(fd, buffer, (size_t)size); - } while (n < 0 && errno == EINTR); - - if (n <= 0) { - ERR_Cryptography_OSRandom_error( - CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_READ, - CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_READ_FAILED, - __FILE__, __LINE__ - ); - return 0; - } - buffer += n; - size -= n; - } - return 1; -} - -static void dev_urandom_close(void) { - if (urandom_cache.fd >= 0) { - int fd; - struct stat st; - - if (fstat(urandom_cache.fd, &st) - && st.st_dev == urandom_cache.st_dev - && st.st_ino == urandom_cache.st_ino) { - fd = urandom_cache.fd; - urandom_cache.fd = -1; - close(fd); - } - } -} -#endif /* CRYPTOGRAPHY_OSRANDOM_NEEDS_DEV_URANDOM */ - -/**************************************************************************** - * BSD getentropy - */ -#if CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_GETENTROPY -static const char *Cryptography_osrandom_engine_name = "osrandom_engine getentropy()"; - -static int getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_NOT_INIT; - -static int osrandom_init(ENGINE *e) { -#if !defined(__APPLE__) - getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS; -#else - if (__builtin_available(macOS 10.12, *)) { - getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS; - } else { - getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_FALLBACK; - int fd = dev_urandom_fd(); - if (fd < 0) { - return 0; - } - } -#endif - return 1; -} - -static int osrandom_rand_bytes(unsigned char *buffer, int size) { - int len; - int res; - - switch(getentropy_works) { -#if defined(__APPLE__) - case CRYPTOGRAPHY_OSRANDOM_GETENTROPY_FALLBACK: - return dev_urandom_read(buffer, size); -#endif - case CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS: - while (size > 0) { - /* OpenBSD and macOS restrict maximum buffer size to 256. */ - len = size > 256 ? 256 : size; -/* on mac, availability is already checked using `__builtin_available` above */ -#pragma clang diagnostic push -#pragma clang diagnostic ignored "-Wunguarded-availability" - res = getentropy(buffer, (size_t)len); -#pragma clang diagnostic pop - if (res < 0) { - ERR_Cryptography_OSRandom_error( - CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES, - CRYPTOGRAPHY_OSRANDOM_R_GETENTROPY_FAILED, - __FILE__, __LINE__ - ); - return 0; - } - buffer += len; - size -= len; - } - return 1; - } - __builtin_unreachable(); -} - -static int osrandom_finish(ENGINE *e) { - return 1; -} - -static int osrandom_rand_status(void) { - return 1; -} - -static const char *osurandom_get_implementation(void) { - switch(getentropy_works) { - case CRYPTOGRAPHY_OSRANDOM_GETENTROPY_FALLBACK: - return "/dev/urandom"; - case CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS: - return "getentropy"; - } - __builtin_unreachable(); -} -#endif /* CRYPTOGRAPHY_OSRANDOM_ENGINE_GETENTROPY */ - -/**************************************************************************** - * Linux getrandom engine with fallback to dev_urandom - */ - -#if CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_GETRANDOM -static const char *Cryptography_osrandom_engine_name = "osrandom_engine getrandom()"; - -static int getrandom_works = CRYPTOGRAPHY_OSRANDOM_GETRANDOM_NOT_INIT; - -static int osrandom_init(ENGINE *e) { - /* We try to detect working getrandom until we succeed. */ - if (getrandom_works != CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS) { - long n; - char dest[1]; - /* if the kernel CSPRNG is not initialized this will block */ - n = syscall(SYS_getrandom, dest, sizeof(dest), 0); - if (n == sizeof(dest)) { - getrandom_works = CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS; - } else { - int e = errno; - switch(e) { - case ENOSYS: - /* Fallback: Kernel does not support the syscall. */ - getrandom_works = CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK; - break; - case EPERM: - /* Fallback: seccomp prevents syscall */ - getrandom_works = CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK; - break; - default: - /* EINTR cannot occur for buflen < 256. */ - ERR_Cryptography_OSRandom_error( - CRYPTOGRAPHY_OSRANDOM_F_INIT, - CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED_UNEXPECTED, - "errno", e - ); - getrandom_works = CRYPTOGRAPHY_OSRANDOM_GETRANDOM_INIT_FAILED; - break; - } - } - } - - /* fallback to dev urandom */ - if (getrandom_works == CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK) { - int fd = dev_urandom_fd(); - if (fd < 0) { - return 0; - } - } - return 1; -} - -static int osrandom_rand_bytes(unsigned char *buffer, int size) { - long n; - - switch(getrandom_works) { - case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_INIT_FAILED: - ERR_Cryptography_OSRandom_error( - CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES, - CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED, - __FILE__, __LINE__ - ); - return 0; - case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_NOT_INIT: - ERR_Cryptography_OSRandom_error( - CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES, - CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_NOT_INIT, - __FILE__, __LINE__ - ); - return 0; - case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK: - return dev_urandom_read(buffer, size); - case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS: - while (size > 0) { - do { - n = syscall(SYS_getrandom, buffer, size, 0); - } while (n < 0 && errno == EINTR); - - if (n <= 0) { - ERR_Cryptography_OSRandom_error( - CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES, - CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_FAILED, - __FILE__, __LINE__ - ); - return 0; - } - buffer += n; - size -= (int)n; - } - return 1; - } - __builtin_unreachable(); -} - -static int osrandom_finish(ENGINE *e) { - dev_urandom_close(); - return 1; -} - -static int osrandom_rand_status(void) { - switch(getrandom_works) { - case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_INIT_FAILED: - return 0; - case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_NOT_INIT: - return 0; - case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK: - return urandom_cache.fd >= 0; - case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS: - return 1; - } - __builtin_unreachable(); -} - -static const char *osurandom_get_implementation(void) { - switch(getrandom_works) { - case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_INIT_FAILED: - return "<failed>"; - case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_NOT_INIT: - return "<not initialized>"; - case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK: - return "/dev/urandom"; - case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS: - return "getrandom"; - } - __builtin_unreachable(); -} -#endif /* CRYPTOGRAPHY_OSRANDOM_ENGINE_GETRANDOM */ - -/**************************************************************************** - * dev_urandom engine for all remaining platforms - */ - -#if CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_DEV_URANDOM -static const char *Cryptography_osrandom_engine_name = "osrandom_engine /dev/urandom"; - -static int osrandom_init(ENGINE *e) { - int fd = dev_urandom_fd(); - if (fd < 0) { - return 0; - } - return 1; -} - -static int osrandom_rand_bytes(unsigned char *buffer, int size) { - return dev_urandom_read(buffer, size); -} - -static int osrandom_finish(ENGINE *e) { - dev_urandom_close(); - return 1; -} - -static int osrandom_rand_status(void) { - return urandom_cache.fd >= 0; -} - -static const char *osurandom_get_implementation(void) { - return "/dev/urandom"; -} -#endif /* CRYPTOGRAPHY_OSRANDOM_ENGINE_DEV_URANDOM */ - -/**************************************************************************** - * ENGINE boiler plate - */ - -/* This replicates the behavior of the OpenSSL FIPS RNG, which returns a - -1 in the event that there is an error when calling RAND_pseudo_bytes. */ -static int osrandom_pseudo_rand_bytes(unsigned char *buffer, int size) { - int res = osrandom_rand_bytes(buffer, size); - if (res == 0) { - return -1; - } else { - return res; - } -} - -static RAND_METHOD osrandom_rand = { - NULL, - osrandom_rand_bytes, - NULL, - NULL, - osrandom_pseudo_rand_bytes, - osrandom_rand_status, -}; - -static const ENGINE_CMD_DEFN osrandom_cmd_defns[] = { - {CRYPTOGRAPHY_OSRANDOM_GET_IMPLEMENTATION, - "get_implementation", - "Get CPRNG implementation.", - ENGINE_CMD_FLAG_NO_INPUT}, - {0, NULL, NULL, 0} -}; - -static int osrandom_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) { - const char *name; - size_t len; - - switch (cmd) { - case CRYPTOGRAPHY_OSRANDOM_GET_IMPLEMENTATION: - /* i: buffer size, p: char* buffer */ - name = osurandom_get_implementation(); - len = strlen(name); - if ((p == NULL) && (i == 0)) { - /* return required buffer len */ - return (int)len; - } - if ((p == NULL) || i < 0 || ((size_t)i <= len)) { - /* no buffer or buffer too small */ - ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_INVALID_ARGUMENT); - return 0; - } - strcpy((char *)p, name); - return (int)len; - default: - ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED); - return 0; - } -} - -/* error reporting */ -#define ERR_FUNC(func) ERR_PACK(0, func, 0) -#define ERR_REASON(reason) ERR_PACK(0, 0, reason) - -static ERR_STRING_DATA CRYPTOGRAPHY_OSRANDOM_lib_name[] = { - {0, "osrandom_engine"}, - {0, NULL} -}; - -static ERR_STRING_DATA CRYPTOGRAPHY_OSRANDOM_str_funcs[] = { - {ERR_FUNC(CRYPTOGRAPHY_OSRANDOM_F_INIT), - "osrandom_init"}, - {ERR_FUNC(CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES), - "osrandom_rand_bytes"}, - {ERR_FUNC(CRYPTOGRAPHY_OSRANDOM_F_FINISH), - "osrandom_finish"}, - {ERR_FUNC(CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_FD), - "dev_urandom_fd"}, - {ERR_FUNC(CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_READ), - "dev_urandom_read"}, - {0, NULL} -}; - -static ERR_STRING_DATA CRYPTOGRAPHY_OSRANDOM_str_reasons[] = { - {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_CRYPTACQUIRECONTEXT), - "CryptAcquireContext() failed."}, - {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_CRYPTGENRANDOM), - "CryptGenRandom() failed."}, - {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_CRYPTRELEASECONTEXT), - "CryptReleaseContext() failed."}, - {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_GETENTROPY_FAILED), - "getentropy() failed"}, - {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_OPEN_FAILED), - "open('/dev/urandom') failed."}, - {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_READ_FAILED), - "Reading from /dev/urandom fd failed."}, - {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED), - "getrandom() initialization failed."}, - {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED_UNEXPECTED), - "getrandom() initialization failed with unexpected errno."}, - {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_FAILED), - "getrandom() syscall failed."}, - {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_NOT_INIT), - "getrandom() engine was not properly initialized."}, - {0, NULL} -}; - -static int Cryptography_OSRandom_lib_error_code = 0; - -static void ERR_load_Cryptography_OSRandom_strings(void) -{ - if (Cryptography_OSRandom_lib_error_code == 0) { - Cryptography_OSRandom_lib_error_code = ERR_get_next_error_library(); - ERR_load_strings(Cryptography_OSRandom_lib_error_code, - CRYPTOGRAPHY_OSRANDOM_lib_name); - ERR_load_strings(Cryptography_OSRandom_lib_error_code, - CRYPTOGRAPHY_OSRANDOM_str_funcs); - ERR_load_strings(Cryptography_OSRandom_lib_error_code, - CRYPTOGRAPHY_OSRANDOM_str_reasons); - } -} - -static void ERR_Cryptography_OSRandom_error(int function, int reason, - char *file, int line) -{ - ERR_PUT_error(Cryptography_OSRandom_lib_error_code, function, reason, - file, line); -} - -/* Returns 1 if successfully added, 2 if engine has previously been added, - and 0 for error. */ -int Cryptography_add_osrandom_engine(void) { - ENGINE *e; - - ERR_load_Cryptography_OSRandom_strings(); - - e = ENGINE_by_id(Cryptography_osrandom_engine_id); - if (e != NULL) { - ENGINE_free(e); - return 2; - } else { - ERR_clear_error(); - } - - e = ENGINE_new(); - if (e == NULL) { - return 0; - } - if (!ENGINE_set_id(e, Cryptography_osrandom_engine_id) || - !ENGINE_set_name(e, Cryptography_osrandom_engine_name) || - !ENGINE_set_RAND(e, &osrandom_rand) || - !ENGINE_set_init_function(e, osrandom_init) || - !ENGINE_set_finish_function(e, osrandom_finish) || - !ENGINE_set_cmd_defns(e, osrandom_cmd_defns) || - !ENGINE_set_ctrl_function(e, osrandom_ctrl)) { - ENGINE_free(e); - return 0; - } - if (!ENGINE_add(e)) { - ENGINE_free(e); - return 0; - } - if (!ENGINE_free(e)) { - return 0; - } - - return 1; -} - -#else -/* If OpenSSL has no ENGINE support then we don't want - * to compile the osrandom engine, but we do need some - * placeholders */ -static const char *Cryptography_osrandom_engine_id = "no-engine-support"; -static const char *Cryptography_osrandom_engine_name = "osrandom_engine disabled"; - -int Cryptography_add_osrandom_engine(void) { - return 0; -} - -#endif diff --git a/game/python-extra/_openssl/src/osrandom_engine.h b/game/python-extra/_openssl/src/osrandom_engine.h deleted file mode 100644 index 93d918b..0000000 --- a/game/python-extra/_openssl/src/osrandom_engine.h +++ /dev/null @@ -1,118 +0,0 @@ -#ifndef OPENSSL_NO_ENGINE -/* OpenSSL has ENGINE support so include all of this. */ -#ifdef _WIN32 - #include <Wincrypt.h> -#else - #include <fcntl.h> - #include <unistd.h> - /* for defined(BSD) */ - #ifndef __MVS__ - #include <sys/param.h> - #endif - - #ifdef BSD - /* for SYS_getentropy */ - #include <sys/syscall.h> - #endif - - #ifdef __APPLE__ - #include <sys/random.h> - /* To support weak linking we need to declare this as a weak import even if - * it's not present in sys/random (e.g. macOS < 10.12). */ - extern int getentropy(void *buffer, size_t size) __attribute((weak_import)); - #endif - - #ifdef __linux__ - /* for SYS_getrandom */ - #include <sys/syscall.h> - #ifndef GRND_NONBLOCK - #define GRND_NONBLOCK 0x0001 - #endif /* GRND_NONBLOCK */ - - #ifndef SYS_getrandom - /* We only bother to define the constants for platforms where we ship - * wheels, since that's the predominant way you get a situation where - * you don't have SYS_getrandom at compile time but do have the syscall - * at runtime */ - #if defined(__x86_64__) - #define SYS_getrandom 318 - #elif defined(__i386__) - #define SYS_getrandom 355 - #elif defined(__aarch64__) - #define SYS_getrandom 278 - #endif - #endif - #endif /* __linux__ */ -#endif /* _WIN32 */ - -#define CRYPTOGRAPHY_OSRANDOM_ENGINE_CRYPTGENRANDOM 1 -#define CRYPTOGRAPHY_OSRANDOM_ENGINE_GETENTROPY 2 -#define CRYPTOGRAPHY_OSRANDOM_ENGINE_GETRANDOM 3 -#define CRYPTOGRAPHY_OSRANDOM_ENGINE_DEV_URANDOM 4 - -#ifndef CRYPTOGRAPHY_OSRANDOM_ENGINE - #if defined(_WIN32) - /* Windows */ - #define CRYPTOGRAPHY_OSRANDOM_ENGINE CRYPTOGRAPHY_OSRANDOM_ENGINE_CRYPTGENRANDOM - #elif defined(BSD) && defined(SYS_getentropy) - /* OpenBSD 5.6+ & macOS with SYS_getentropy defined, although < 10.12 will fallback - * to urandom */ - #define CRYPTOGRAPHY_OSRANDOM_ENGINE CRYPTOGRAPHY_OSRANDOM_ENGINE_GETENTROPY - #elif defined(__linux__) && defined(SYS_getrandom) - /* Linux 3.17+ */ - #define CRYPTOGRAPHY_OSRANDOM_ENGINE CRYPTOGRAPHY_OSRANDOM_ENGINE_GETRANDOM - #else - /* Keep this as last entry, fall back to /dev/urandom */ - #define CRYPTOGRAPHY_OSRANDOM_ENGINE CRYPTOGRAPHY_OSRANDOM_ENGINE_DEV_URANDOM - #endif -#endif /* CRYPTOGRAPHY_OSRANDOM_ENGINE */ - -/* Fallbacks need /dev/urandom helper functions. */ -#if CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_GETRANDOM || \ - CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_DEV_URANDOM || \ - (CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_GETENTROPY && \ - defined(__APPLE__)) - #define CRYPTOGRAPHY_OSRANDOM_NEEDS_DEV_URANDOM 1 -#endif - -enum { - CRYPTOGRAPHY_OSRANDOM_GETRANDOM_INIT_FAILED = -2, - CRYPTOGRAPHY_OSRANDOM_GETRANDOM_NOT_INIT, - CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK, - CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS -}; - -enum { - CRYPTOGRAPHY_OSRANDOM_GETENTROPY_NOT_INIT, - CRYPTOGRAPHY_OSRANDOM_GETENTROPY_FALLBACK, - CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS -}; - -/* engine ctrl */ -#define CRYPTOGRAPHY_OSRANDOM_GET_IMPLEMENTATION ENGINE_CMD_BASE - -/* error reporting */ -static void ERR_load_Cryptography_OSRandom_strings(void); -static void ERR_Cryptography_OSRandom_error(int function, int reason, - char *file, int line); - -#define CRYPTOGRAPHY_OSRANDOM_F_INIT 100 -#define CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES 101 -#define CRYPTOGRAPHY_OSRANDOM_F_FINISH 102 -#define CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_FD 300 -#define CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_READ 301 - -#define CRYPTOGRAPHY_OSRANDOM_R_CRYPTACQUIRECONTEXT 100 -#define CRYPTOGRAPHY_OSRANDOM_R_CRYPTGENRANDOM 101 -#define CRYPTOGRAPHY_OSRANDOM_R_CRYPTRELEASECONTEXT 102 - -#define CRYPTOGRAPHY_OSRANDOM_R_GETENTROPY_FAILED 200 - -#define CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_OPEN_FAILED 300 -#define CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_READ_FAILED 301 - -#define CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED 400 -#define CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED_UNEXPECTED 402 -#define CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_FAILED 403 -#define CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_NOT_INIT 404 -#endif diff --git a/game/python-extra/_openssl/ssl.py b/game/python-extra/_openssl/ssl.py deleted file mode 100644 index 9400f11..0000000 --- a/game/python-extra/_openssl/ssl.py +++ /dev/null @@ -1,705 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/ssl.h> - -typedef STACK_OF(SSL_CIPHER) Cryptography_STACK_OF_SSL_CIPHER; -""" - -TYPES = """ -static const long Cryptography_HAS_SSL_ST; -static const long Cryptography_HAS_TLS_ST; -static const long Cryptography_HAS_SSL3_METHOD; -static const long Cryptography_HAS_TLSv1_1; -static const long Cryptography_HAS_TLSv1_2; -static const long Cryptography_HAS_TLSv1_3; -static const long Cryptography_HAS_SECURE_RENEGOTIATION; -static const long Cryptography_HAS_SSL_CTX_CLEAR_OPTIONS; -static const long Cryptography_HAS_DTLS; -static const long Cryptography_HAS_SIGALGS; -static const long Cryptography_HAS_PSK; -static const long Cryptography_HAS_VERIFIED_CHAIN; -static const long Cryptography_HAS_KEYLOG; -static const long Cryptography_HAS_GET_PROTO_VERSION; -static const long Cryptography_HAS_TLSEXT_HOSTNAME; - -/* Internally invented symbol to tell us if SSL_MODE_RELEASE_BUFFERS is - * supported - */ -static const long Cryptography_HAS_RELEASE_BUFFERS; - -/* Internally invented symbol to tell us if SSL_OP_NO_COMPRESSION is - * supported - */ -static const long Cryptography_HAS_OP_NO_COMPRESSION; -static const long Cryptography_HAS_SSL_OP_MSIE_SSLV2_RSA_PADDING; -static const long Cryptography_HAS_SSL_SET_SSL_CTX; -static const long Cryptography_HAS_SSL_OP_NO_TICKET; -static const long Cryptography_HAS_ALPN; -static const long Cryptography_HAS_NEXTPROTONEG; -static const long Cryptography_HAS_SET_CERT_CB; -static const long Cryptography_HAS_CUSTOM_EXT; -static const long Cryptography_HAS_SRTP; - -static const long SSL_FILETYPE_PEM; -static const long SSL_FILETYPE_ASN1; -static const long SSL_ERROR_NONE; -static const long SSL_ERROR_ZERO_RETURN; -static const long SSL_ERROR_WANT_READ; -static const long SSL_ERROR_WANT_WRITE; -static const long SSL_ERROR_WANT_X509_LOOKUP; -static const long SSL_ERROR_WANT_CONNECT; -static const long SSL_ERROR_SYSCALL; -static const long SSL_ERROR_SSL; -static const long SSL_SENT_SHUTDOWN; -static const long SSL_RECEIVED_SHUTDOWN; -static const long SSL_OP_NO_SSLv2; -static const long SSL_OP_NO_SSLv3; -static const long SSL_OP_NO_TLSv1; -static const long SSL_OP_NO_TLSv1_1; -static const long SSL_OP_NO_TLSv1_2; -static const long SSL_OP_NO_TLSv1_3; -static const long SSL_OP_NO_DTLSv1; -static const long SSL_OP_NO_DTLSv1_2; -static const long SSL_OP_NO_COMPRESSION; -static const long SSL_OP_SINGLE_DH_USE; -static const long SSL_OP_EPHEMERAL_RSA; -static const long SSL_OP_MICROSOFT_SESS_ID_BUG; -static const long SSL_OP_NETSCAPE_CHALLENGE_BUG; -static const long SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG; -static const long SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG; -static const long SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER; -static const long SSL_OP_MSIE_SSLV2_RSA_PADDING; -static const long SSL_OP_SSLEAY_080_CLIENT_DH_BUG; -static const long SSL_OP_TLS_D5_BUG; -static const long SSL_OP_TLS_BLOCK_PADDING_BUG; -static const long SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS; -static const long SSL_OP_CIPHER_SERVER_PREFERENCE; -static const long SSL_OP_TLS_ROLLBACK_BUG; -static const long SSL_OP_PKCS1_CHECK_1; -static const long SSL_OP_PKCS1_CHECK_2; -static const long SSL_OP_NETSCAPE_CA_DN_BUG; -static const long SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG; -static const long SSL_OP_NO_QUERY_MTU; -static const long SSL_OP_COOKIE_EXCHANGE; -static const long SSL_OP_NO_TICKET; -static const long SSL_OP_ALL; -static const long SSL_OP_SINGLE_ECDH_USE; -static const long SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; -static const long SSL_OP_LEGACY_SERVER_CONNECT; -static const long SSL_VERIFY_PEER; -static const long SSL_VERIFY_FAIL_IF_NO_PEER_CERT; -static const long SSL_VERIFY_CLIENT_ONCE; -static const long SSL_VERIFY_NONE; -static const long SSL_VERIFY_POST_HANDSHAKE; -static const long SSL_SESS_CACHE_OFF; -static const long SSL_SESS_CACHE_CLIENT; -static const long SSL_SESS_CACHE_SERVER; -static const long SSL_SESS_CACHE_BOTH; -static const long SSL_SESS_CACHE_NO_AUTO_CLEAR; -static const long SSL_SESS_CACHE_NO_INTERNAL_LOOKUP; -static const long SSL_SESS_CACHE_NO_INTERNAL_STORE; -static const long SSL_SESS_CACHE_NO_INTERNAL; -static const long SSL_ST_CONNECT; -static const long SSL_ST_ACCEPT; -static const long SSL_ST_MASK; -static const long SSL_ST_INIT; -static const long SSL_ST_BEFORE; -static const long SSL_ST_OK; -static const long SSL_ST_RENEGOTIATE; -static const long SSL_CB_LOOP; -static const long SSL_CB_EXIT; -static const long SSL_CB_READ; -static const long SSL_CB_WRITE; -static const long SSL_CB_ALERT; -static const long SSL_CB_READ_ALERT; -static const long SSL_CB_WRITE_ALERT; -static const long SSL_CB_ACCEPT_LOOP; -static const long SSL_CB_ACCEPT_EXIT; -static const long SSL_CB_CONNECT_LOOP; -static const long SSL_CB_CONNECT_EXIT; -static const long SSL_CB_HANDSHAKE_START; -static const long SSL_CB_HANDSHAKE_DONE; -static const long SSL_MODE_RELEASE_BUFFERS; -static const long SSL_MODE_ENABLE_PARTIAL_WRITE; -static const long SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER; -static const long SSL_MODE_AUTO_RETRY; -static const long SSL3_RANDOM_SIZE; -static const long TLS_ST_BEFORE; -static const long TLS_ST_OK; - -typedef ... SSL_METHOD; -typedef ... SSL_CTX; - -typedef ... SSL_SESSION; - -typedef ... SSL; - -static const long TLSEXT_NAMETYPE_host_name; -static const long TLSEXT_STATUSTYPE_ocsp; - -typedef ... SSL_CIPHER; -typedef ... Cryptography_STACK_OF_SSL_CIPHER; - -typedef struct { - const char *name; - unsigned long id; -} SRTP_PROTECTION_PROFILE; -""" - -FUNCTIONS = """ -/* SSL */ -const char *SSL_state_string_long(const SSL *); -SSL_SESSION *SSL_get1_session(SSL *); -int SSL_set_session(SSL *, SSL_SESSION *); -SSL *SSL_new(SSL_CTX *); -void SSL_free(SSL *); -int SSL_set_fd(SSL *, int); -SSL_CTX *SSL_set_SSL_CTX(SSL *, SSL_CTX *); -void SSL_set_bio(SSL *, BIO *, BIO *); -void SSL_set_connect_state(SSL *); -void SSL_set_accept_state(SSL *); -void SSL_set_shutdown(SSL *, int); -int SSL_get_shutdown(const SSL *); -int SSL_pending(const SSL *); -int SSL_write(SSL *, const void *, int); -int SSL_read(SSL *, void *, int); -int SSL_peek(SSL *, void *, int); -X509 *SSL_get_certificate(const SSL *); -X509 *SSL_get_peer_certificate(const SSL *); -int SSL_get_ex_data_X509_STORE_CTX_idx(void); - -/* Added in 1.0.2 */ -X509_VERIFY_PARAM *SSL_get0_param(SSL *); -X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *); - -int SSL_get_sigalgs(SSL *, int, int *, int *, int *, unsigned char *, - unsigned char *); - -Cryptography_STACK_OF_X509 *SSL_get_peer_cert_chain(const SSL *); -Cryptography_STACK_OF_X509 *SSL_get0_verified_chain(const SSL *); -Cryptography_STACK_OF_X509_NAME *SSL_get_client_CA_list(const SSL *); - -int SSL_get_error(const SSL *, int); -long SSL_get_verify_result(const SSL *ssl); -int SSL_do_handshake(SSL *); -int SSL_shutdown(SSL *); -int SSL_renegotiate(SSL *); -int SSL_renegotiate_pending(SSL *); -const char *SSL_get_cipher_list(const SSL *, int); - -/* context */ -void SSL_CTX_free(SSL_CTX *); -long SSL_CTX_set_timeout(SSL_CTX *, long); -int SSL_CTX_set_default_verify_paths(SSL_CTX *); -void SSL_CTX_set_verify(SSL_CTX *, int, int (*)(int, X509_STORE_CTX *)); -void SSL_CTX_set_verify_depth(SSL_CTX *, int); -int SSL_CTX_get_verify_mode(const SSL_CTX *); -int SSL_CTX_get_verify_depth(const SSL_CTX *); -int SSL_CTX_set_cipher_list(SSL_CTX *, const char *); -int SSL_CTX_load_verify_locations(SSL_CTX *, const char *, const char *); -void SSL_CTX_set_default_passwd_cb(SSL_CTX *, pem_password_cb *); -void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *, void *); -int SSL_CTX_use_certificate(SSL_CTX *, X509 *); -int SSL_CTX_use_certificate_file(SSL_CTX *, const char *, int); -int SSL_CTX_use_certificate_chain_file(SSL_CTX *, const char *); -int SSL_CTX_use_PrivateKey(SSL_CTX *, EVP_PKEY *); -int SSL_CTX_use_PrivateKey_file(SSL_CTX *, const char *, int); -int SSL_CTX_check_private_key(const SSL_CTX *); -void SSL_CTX_set_cert_verify_callback(SSL_CTX *, - int (*)(X509_STORE_CTX *, void *), - void *); - -void SSL_CTX_set_cookie_generate_cb(SSL_CTX *, - int (*)( - SSL *, - unsigned char *, - unsigned int * - )); -long SSL_CTX_get_read_ahead(SSL_CTX *); -long SSL_CTX_set_read_ahead(SSL_CTX *, long); - -int SSL_CTX_use_psk_identity_hint(SSL_CTX *, const char *); -void SSL_CTX_set_psk_server_callback(SSL_CTX *, - unsigned int (*)( - SSL *, - const char *, - unsigned char *, - unsigned int - )); -void SSL_CTX_set_psk_client_callback(SSL_CTX *, - unsigned int (*)( - SSL *, - const char *, - char *, - unsigned int, - unsigned char *, - unsigned int - )); - -int SSL_CTX_set_session_id_context(SSL_CTX *, const unsigned char *, - unsigned int); - -void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *); -X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *); -int SSL_CTX_add_client_CA(SSL_CTX *, X509 *); - -void SSL_CTX_set_client_CA_list(SSL_CTX *, Cryptography_STACK_OF_X509_NAME *); - -void SSL_CTX_set_info_callback(SSL_CTX *, void (*)(const SSL *, int, int)); -void (*SSL_CTX_get_info_callback(SSL_CTX *))(const SSL *, int, int); - -void SSL_CTX_set_keylog_callback(SSL_CTX *, - void (*)(const SSL *, const char *)); -void (*SSL_CTX_get_keylog_callback(SSL_CTX *))(const SSL *, const char *); - -long SSL_CTX_set1_sigalgs_list(SSL_CTX *, const char *); - -/* SSL_SESSION */ -void SSL_SESSION_free(SSL_SESSION *); - -/* Information about actually used cipher */ -const char *SSL_CIPHER_get_name(const SSL_CIPHER *); -int SSL_CIPHER_get_bits(const SSL_CIPHER *, int *); -/* the modern signature of this is uint32_t, but older openssl declared it - as unsigned long. To make our compiler flags happy we'll declare it as a - 64-bit wide value, which should always be safe */ -uint64_t SSL_CIPHER_get_id(const SSL_CIPHER *); -int SSL_CIPHER_is_aead(const SSL_CIPHER *); -int SSL_CIPHER_get_cipher_nid(const SSL_CIPHER *); -int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *); -int SSL_CIPHER_get_kx_nid(const SSL_CIPHER *); -int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *); - -size_t SSL_get_finished(const SSL *, void *, size_t); -size_t SSL_get_peer_finished(const SSL *, void *, size_t); -Cryptography_STACK_OF_X509_NAME *SSL_load_client_CA_file(const char *); - -const char *SSL_get_servername(const SSL *, const int); -/* Function signature changed to const char * in 1.1.0 */ -const char *SSL_CIPHER_get_version(const SSL_CIPHER *); -/* These became macros in 1.1.0 */ -int SSL_library_init(void); -void SSL_load_error_strings(void); - -/* these CRYPTO_EX_DATA functions became macros in 1.1.0 */ -int SSL_get_ex_new_index(long, void *, CRYPTO_EX_new *, CRYPTO_EX_dup *, - CRYPTO_EX_free *); -int SSL_set_ex_data(SSL *, int, void *); -int SSL_CTX_get_ex_new_index(long, void *, CRYPTO_EX_new *, CRYPTO_EX_dup *, - CRYPTO_EX_free *); -int SSL_CTX_set_ex_data(SSL_CTX *, int, void *); - -SSL_SESSION *SSL_get_session(const SSL *); -const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *, unsigned int *); -long SSL_SESSION_get_time(const SSL_SESSION *); -long SSL_SESSION_get_timeout(const SSL_SESSION *); -int SSL_SESSION_has_ticket(const SSL_SESSION *); -long SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *); - -unsigned long SSL_set_mode(SSL *, unsigned long); -unsigned long SSL_clear_mode(SSL *, unsigned long); -unsigned long SSL_get_mode(SSL *); - -unsigned long SSL_set_options(SSL *, unsigned long); -unsigned long SSL_get_options(SSL *); - -int SSL_want_read(const SSL *); -int SSL_want_write(const SSL *); - -long SSL_total_renegotiations(SSL *); -long SSL_get_secure_renegotiation_support(SSL *); - -long SSL_CTX_set_min_proto_version(SSL_CTX *, int); -long SSL_CTX_set_max_proto_version(SSL_CTX *, int); -long SSL_set_min_proto_version(SSL *, int); -long SSL_set_max_proto_version(SSL *, int); - -long SSL_CTX_get_min_proto_version(SSL_CTX *); -long SSL_CTX_get_max_proto_version(SSL_CTX *); -long SSL_get_min_proto_version(SSL *); -long SSL_get_max_proto_version(SSL *); - -/* Defined as unsigned long because SSL_OP_ALL is greater than signed 32-bit - and Windows defines long as 32-bit. */ -unsigned long SSL_CTX_set_options(SSL_CTX *, unsigned long); -unsigned long SSL_CTX_clear_options(SSL_CTX *, unsigned long); -unsigned long SSL_CTX_get_options(SSL_CTX *); -unsigned long SSL_CTX_set_mode(SSL_CTX *, unsigned long); -unsigned long SSL_CTX_clear_mode(SSL_CTX *, unsigned long); -unsigned long SSL_CTX_get_mode(SSL_CTX *); -unsigned long SSL_CTX_set_session_cache_mode(SSL_CTX *, unsigned long); -unsigned long SSL_CTX_get_session_cache_mode(SSL_CTX *); -unsigned long SSL_CTX_set_tmp_dh(SSL_CTX *, DH *); -unsigned long SSL_CTX_set_tmp_ecdh(SSL_CTX *, EC_KEY *); -unsigned long SSL_CTX_add_extra_chain_cert(SSL_CTX *, X509 *); - -/*- These aren't macros these functions are all const X on openssl > 1.0.x -*/ - -/* methods */ - -const SSL_METHOD *TLSv1_1_method(void); -const SSL_METHOD *TLSv1_1_server_method(void); -const SSL_METHOD *TLSv1_1_client_method(void); - -const SSL_METHOD *TLSv1_2_method(void); -const SSL_METHOD *TLSv1_2_server_method(void); -const SSL_METHOD *TLSv1_2_client_method(void); - -const SSL_METHOD *SSLv3_method(void); -const SSL_METHOD *SSLv3_server_method(void); -const SSL_METHOD *SSLv3_client_method(void); - -const SSL_METHOD *TLSv1_method(void); -const SSL_METHOD *TLSv1_server_method(void); -const SSL_METHOD *TLSv1_client_method(void); - -const SSL_METHOD *DTLSv1_method(void); -const SSL_METHOD *DTLSv1_server_method(void); -const SSL_METHOD *DTLSv1_client_method(void); - -/* Added in 1.0.2 */ -const SSL_METHOD *DTLS_method(void); -const SSL_METHOD *DTLS_server_method(void); -const SSL_METHOD *DTLS_client_method(void); - -const SSL_METHOD *SSLv23_method(void); -const SSL_METHOD *SSLv23_server_method(void); -const SSL_METHOD *SSLv23_client_method(void); - -const SSL_METHOD *TLS_method(void); -const SSL_METHOD *TLS_server_method(void); -const SSL_METHOD *TLS_client_method(void); - -/*- These aren't macros these arguments are all const X on openssl > 1.0.x -*/ -SSL_CTX *SSL_CTX_new(SSL_METHOD *); -long SSL_CTX_get_timeout(const SSL_CTX *); - -const SSL_CIPHER *SSL_get_current_cipher(const SSL *); -const char *SSL_get_version(const SSL *); -int SSL_version(const SSL *); - -void *SSL_CTX_get_ex_data(const SSL_CTX *, int); -void *SSL_get_ex_data(const SSL *, int); - -void SSL_set_tlsext_host_name(SSL *, char *); -void SSL_CTX_set_tlsext_servername_callback( - SSL_CTX *, - int (*)(SSL *, int *, void *)); -void SSL_CTX_set_tlsext_servername_arg( - SSL_CTX *, void *); - -long SSL_set_tlsext_status_ocsp_resp(SSL *, unsigned char *, int); -long SSL_get_tlsext_status_ocsp_resp(SSL *, const unsigned char **); -long SSL_set_tlsext_status_type(SSL *, long); -long SSL_CTX_set_tlsext_status_cb(SSL_CTX *, int(*)(SSL *, void *)); -long SSL_CTX_set_tlsext_status_arg(SSL_CTX *, void *); - -int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *, const char *); -int SSL_set_tlsext_use_srtp(SSL *, const char *); -SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *); - -long SSL_session_reused(SSL *); - -int SSL_select_next_proto(unsigned char **, unsigned char *, - const unsigned char *, unsigned int, - const unsigned char *, unsigned int); - -int sk_SSL_CIPHER_num(Cryptography_STACK_OF_SSL_CIPHER *); -const SSL_CIPHER *sk_SSL_CIPHER_value(Cryptography_STACK_OF_SSL_CIPHER *, int); - -/* ALPN APIs were introduced in OpenSSL 1.0.2. To continue to support earlier - * versions some special handling of these is necessary. - */ -int SSL_CTX_set_alpn_protos(SSL_CTX *, const unsigned char *, unsigned); -int SSL_set_alpn_protos(SSL *, const unsigned char *, unsigned); -void SSL_CTX_set_alpn_select_cb(SSL_CTX *, - int (*) (SSL *, - const unsigned char **, - unsigned char *, - const unsigned char *, - unsigned int, - void *), - void *); -void SSL_get0_alpn_selected(const SSL *, const unsigned char **, unsigned *); - -long SSL_get_server_tmp_key(SSL *, EVP_PKEY **); - -/* SSL_CTX_set_cert_cb is introduced in OpenSSL 1.0.2. To continue to support - * earlier versions some special handling of these is necessary. - */ -void SSL_CTX_set_cert_cb(SSL_CTX *, int (*)(SSL *, void *), void *); -void SSL_set_cert_cb(SSL *, int (*)(SSL *, void *), void *); - -int SSL_SESSION_set1_id_context(SSL_SESSION *, const unsigned char *, - unsigned int); -/* Added in 1.1.0 for the great opaquing of structs */ -size_t SSL_SESSION_get_master_key(const SSL_SESSION *, unsigned char *, - size_t); -size_t SSL_get_client_random(const SSL *, unsigned char *, size_t); -size_t SSL_get_server_random(const SSL *, unsigned char *, size_t); -int SSL_export_keying_material(SSL *, unsigned char *, size_t, const char *, - size_t, const unsigned char *, size_t, int); - -long SSL_CTX_sess_number(SSL_CTX *); -long SSL_CTX_sess_connect(SSL_CTX *); -long SSL_CTX_sess_connect_good(SSL_CTX *); -long SSL_CTX_sess_connect_renegotiate(SSL_CTX *); -long SSL_CTX_sess_accept(SSL_CTX *); -long SSL_CTX_sess_accept_good(SSL_CTX *); -long SSL_CTX_sess_accept_renegotiate(SSL_CTX *); -long SSL_CTX_sess_hits(SSL_CTX *); -long SSL_CTX_sess_cb_hits(SSL_CTX *); -long SSL_CTX_sess_misses(SSL_CTX *); -long SSL_CTX_sess_timeouts(SSL_CTX *); -long SSL_CTX_sess_cache_full(SSL_CTX *); - -/* DTLS support */ -long Cryptography_DTLSv1_get_timeout(SSL *, time_t *, long *); -long DTLSv1_handle_timeout(SSL *); -long DTLS_set_link_mtu(SSL *, long); -long DTLS_get_link_min_mtu(SSL *); - -/* Custom extensions. */ -typedef int (*custom_ext_add_cb)(SSL *, unsigned int, - const unsigned char **, - size_t *, int *, - void *); - -typedef void (*custom_ext_free_cb)(SSL *, unsigned int, - const unsigned char *, - void *); - -typedef int (*custom_ext_parse_cb)(SSL *, unsigned int, - const unsigned char *, - size_t, int *, - void *); - -int SSL_CTX_add_client_custom_ext(SSL_CTX *, unsigned int, - custom_ext_add_cb, - custom_ext_free_cb, void *, - custom_ext_parse_cb, - void *); - -int SSL_CTX_add_server_custom_ext(SSL_CTX *, unsigned int, - custom_ext_add_cb, - custom_ext_free_cb, void *, - custom_ext_parse_cb, - void *); - -int SSL_extension_supported(unsigned int); - -int SSL_CTX_set_ciphersuites(SSL_CTX *, const char *); -int SSL_verify_client_post_handshake(SSL *); -void SSL_CTX_set_post_handshake_auth(SSL_CTX *, int); -void SSL_set_post_handshake_auth(SSL *, int); - -uint32_t SSL_SESSION_get_max_early_data(const SSL_SESSION *); -int SSL_write_early_data(SSL *, const void *, size_t, size_t *); -int SSL_read_early_data(SSL *, void *, size_t, size_t *); -int SSL_CTX_set_max_early_data(SSL_CTX *, uint32_t); -""" - -CUSTOMIZATIONS = """ -// This symbol is being preserved because removing it will break users with -// pyOpenSSL < 19.1 and pip < 20.x. We need to leave this in place until those -// users have upgraded. PersistentlyDeprecated2020 -static const long Cryptography_HAS_TLSEXT_HOSTNAME = 1; - -#if CRYPTOGRAPHY_IS_LIBRESSL -static const long Cryptography_HAS_VERIFIED_CHAIN = 0; -Cryptography_STACK_OF_X509 *(*SSL_get0_verified_chain)(const SSL *) = NULL; -#else -static const long Cryptography_HAS_VERIFIED_CHAIN = 1; -#endif - -#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 -static const long Cryptography_HAS_KEYLOG = 0; -void (*SSL_CTX_set_keylog_callback)(SSL_CTX *, - void (*) (const SSL *, const char *) - ) = NULL; -void (*(*SSL_CTX_get_keylog_callback)(SSL_CTX *))( - const SSL *, - const char * - ) = NULL; -#else -static const long Cryptography_HAS_KEYLOG = 1; -#endif - -static const long Cryptography_HAS_SECURE_RENEGOTIATION = 1; - -#ifdef OPENSSL_NO_SSL3_METHOD -static const long Cryptography_HAS_SSL3_METHOD = 0; -SSL_METHOD* (*SSLv3_method)(void) = NULL; -SSL_METHOD* (*SSLv3_client_method)(void) = NULL; -SSL_METHOD* (*SSLv3_server_method)(void) = NULL; -#else -static const long Cryptography_HAS_SSL3_METHOD = 1; -#endif - -static const long Cryptography_HAS_RELEASE_BUFFERS = 1; -static const long Cryptography_HAS_OP_NO_COMPRESSION = 1; -static const long Cryptography_HAS_TLSv1_1 = 1; -static const long Cryptography_HAS_TLSv1_2 = 1; -static const long Cryptography_HAS_SSL_OP_MSIE_SSLV2_RSA_PADDING = 1; -static const long Cryptography_HAS_SSL_OP_NO_TICKET = 1; -static const long Cryptography_HAS_SSL_SET_SSL_CTX = 1; -static const long Cryptography_HAS_NEXTPROTONEG = 0; -static const long Cryptography_HAS_ALPN = 1; - -#if CRYPTOGRAPHY_IS_LIBRESSL -void (*SSL_CTX_set_cert_cb)(SSL_CTX *, int (*)(SSL *, void *), void *) = NULL; -void (*SSL_set_cert_cb)(SSL *, int (*)(SSL *, void *), void *) = NULL; -static const long Cryptography_HAS_SET_CERT_CB = 0; -#else -static const long Cryptography_HAS_SET_CERT_CB = 1; -#endif - -static const long Cryptography_HAS_SSL_CTX_CLEAR_OPTIONS = 1; - -/* in OpenSSL 1.1.0 the SSL_ST values were renamed to TLS_ST and several were - removed */ -#if CRYPTOGRAPHY_IS_LIBRESSL -static const long Cryptography_HAS_SSL_ST = 1; -#else -static const long Cryptography_HAS_SSL_ST = 0; -static const long SSL_ST_BEFORE = 0; -static const long SSL_ST_OK = 0; -static const long SSL_ST_INIT = 0; -static const long SSL_ST_RENEGOTIATE = 0; -#endif -#if !CRYPTOGRAPHY_IS_LIBRESSL -static const long Cryptography_HAS_TLS_ST = 1; -#else -static const long Cryptography_HAS_TLS_ST = 0; -static const long TLS_ST_BEFORE = 0; -static const long TLS_ST_OK = 0; -#endif - -#if CRYPTOGRAPHY_IS_LIBRESSL -static const long SSL_OP_NO_DTLSv1 = 0; -static const long SSL_OP_NO_DTLSv1_2 = 0; -long (*DTLS_set_link_mtu)(SSL *, long) = NULL; -long (*DTLS_get_link_min_mtu)(SSL *) = NULL; -#endif - -static const long Cryptography_HAS_DTLS = 1; -/* Wrap DTLSv1_get_timeout to avoid cffi to handle a 'struct timeval'. */ -long Cryptography_DTLSv1_get_timeout(SSL *ssl, time_t *ptv_sec, - long *ptv_usec) { - struct timeval tv = { 0 }; - long r = DTLSv1_get_timeout(ssl, &tv); - - if (r == 1) { - if (ptv_sec) { - *ptv_sec = tv.tv_sec; - } - - if (ptv_usec) { - *ptv_usec = tv.tv_usec; - } - } - - return r; -} - -#if CRYPTOGRAPHY_IS_LIBRESSL -static const long Cryptography_HAS_SIGALGS = 0; -const int (*SSL_get_sigalgs)(SSL *, int, int *, int *, int *, unsigned char *, - unsigned char *) = NULL; -const long (*SSL_CTX_set1_sigalgs_list)(SSL_CTX *, const char *) = NULL; -#else -static const long Cryptography_HAS_SIGALGS = 1; -#endif - -#if CRYPTOGRAPHY_IS_LIBRESSL || defined(OPENSSL_NO_PSK) -static const long Cryptography_HAS_PSK = 0; -int (*SSL_CTX_use_psk_identity_hint)(SSL_CTX *, const char *) = NULL; -void (*SSL_CTX_set_psk_server_callback)(SSL_CTX *, - unsigned int (*)( - SSL *, - const char *, - unsigned char *, - unsigned int - )) = NULL; -void (*SSL_CTX_set_psk_client_callback)(SSL_CTX *, - unsigned int (*)( - SSL *, - const char *, - char *, - unsigned int, - unsigned char *, - unsigned int - )) = NULL; -#else -static const long Cryptography_HAS_PSK = 1; -#endif - -#if !CRYPTOGRAPHY_IS_LIBRESSL -static const long Cryptography_HAS_CUSTOM_EXT = 1; -#else -static const long Cryptography_HAS_CUSTOM_EXT = 0; -typedef int (*custom_ext_add_cb)(SSL *, unsigned int, - const unsigned char **, - size_t *, int *, - void *); -typedef void (*custom_ext_free_cb)(SSL *, unsigned int, - const unsigned char *, - void *); -typedef int (*custom_ext_parse_cb)(SSL *, unsigned int, - const unsigned char *, - size_t, int *, - void *); -int (*SSL_CTX_add_client_custom_ext)(SSL_CTX *, unsigned int, - custom_ext_add_cb, - custom_ext_free_cb, void *, - custom_ext_parse_cb, - void *) = NULL; -int (*SSL_CTX_add_server_custom_ext)(SSL_CTX *, unsigned int, - custom_ext_add_cb, - custom_ext_free_cb, void *, - custom_ext_parse_cb, - void *) = NULL; -int (*SSL_extension_supported)(unsigned int) = NULL; -#endif - -#ifndef OPENSSL_NO_SRTP -static const long Cryptography_HAS_SRTP = 1; -#else -static const long Cryptography_HAS_SRTP = 0; -int (*SSL_CTX_set_tlsext_use_srtp)(SSL_CTX *, const char *) = NULL; -int (*SSL_set_tlsext_use_srtp)(SSL *, const char *) = NULL; -SRTP_PROTECTION_PROFILE * (*SSL_get_selected_srtp_profile)(SSL *) = NULL; -#endif - -#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 -static const long Cryptography_HAS_TLSv1_3 = 0; -static const long SSL_OP_NO_TLSv1_3 = 0; -static const long SSL_VERIFY_POST_HANDSHAKE = 0; -int (*SSL_CTX_set_ciphersuites)(SSL_CTX *, const char *) = NULL; -int (*SSL_verify_client_post_handshake)(SSL *) = NULL; -void (*SSL_CTX_set_post_handshake_auth)(SSL_CTX *, int) = NULL; -void (*SSL_set_post_handshake_auth)(SSL *, int) = NULL; -uint32_t (*SSL_SESSION_get_max_early_data)(const SSL_SESSION *) = NULL; -int (*SSL_write_early_data)(SSL *, const void *, size_t, size_t *) = NULL; -int (*SSL_read_early_data)(SSL *, void *, size_t, size_t *) = NULL; -int (*SSL_CTX_set_max_early_data)(SSL_CTX *, uint32_t) = NULL; -#else -static const long Cryptography_HAS_TLSv1_3 = 1; -#endif - -#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 && !CRYPTOGRAPHY_IS_LIBRESSL -static const long Cryptography_HAS_GET_PROTO_VERSION = 0; - -long (*SSL_CTX_get_min_proto_version)(SSL_CTX *) = NULL; -long (*SSL_CTX_get_max_proto_version)(SSL_CTX *) = NULL; -long (*SSL_get_min_proto_version)(SSL *) = NULL; -long (*SSL_get_max_proto_version)(SSL *) = NULL; -#else -static const long Cryptography_HAS_GET_PROTO_VERSION = 1; -#endif -""" diff --git a/game/python-extra/_openssl/x509.py b/game/python-extra/_openssl/x509.py deleted file mode 100644 index 24946ea..0000000 --- a/game/python-extra/_openssl/x509.py +++ /dev/null @@ -1,302 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/ssl.h> - -/* - * This is part of a work-around for the difficulty cffi has in dealing with - * `STACK_OF(foo)` as the name of a type. We invent a new, simpler name that - * will be an alias for this type and use the alias throughout. This works - * together with another opaque typedef for the same name in the TYPES section. - * Note that the result is an opaque type. - */ -typedef STACK_OF(X509) Cryptography_STACK_OF_X509; -typedef STACK_OF(X509_CRL) Cryptography_STACK_OF_X509_CRL; -typedef STACK_OF(X509_REVOKED) Cryptography_STACK_OF_X509_REVOKED; -""" - -TYPES = """ -typedef ... Cryptography_STACK_OF_X509; -typedef ... Cryptography_STACK_OF_X509_CRL; -typedef ... Cryptography_STACK_OF_X509_REVOKED; - -typedef struct { - ASN1_OBJECT *algorithm; - ...; -} X509_ALGOR; - -typedef ... X509_ATTRIBUTE; -typedef ... X509_EXTENSION; -typedef ... X509_EXTENSIONS; -typedef ... X509_REQ; -typedef ... X509_REVOKED; -typedef ... X509_CRL; -typedef ... X509; - -typedef ... NETSCAPE_SPKI; - -typedef ... PKCS8_PRIV_KEY_INFO; - -typedef void (*sk_X509_EXTENSION_freefunc)(X509_EXTENSION *); -""" - -FUNCTIONS = """ -X509 *X509_new(void); -void X509_free(X509 *); -X509 *X509_dup(X509 *); -int X509_cmp(const X509 *, const X509 *); -int X509_up_ref(X509 *); - -int X509_print_ex(BIO *, X509 *, unsigned long, unsigned long); - -int X509_set_version(X509 *, long); - -EVP_PKEY *X509_get_pubkey(X509 *); -int X509_set_pubkey(X509 *, EVP_PKEY *); - -unsigned char *X509_alias_get0(X509 *, int *); -int X509_sign(X509 *, EVP_PKEY *, const EVP_MD *); - -int X509_digest(const X509 *, const EVP_MD *, unsigned char *, unsigned int *); - -ASN1_TIME *X509_gmtime_adj(ASN1_TIME *, long); - -unsigned long X509_subject_name_hash(X509 *); - -int X509_set_subject_name(X509 *, X509_NAME *); - -int X509_set_issuer_name(X509 *, X509_NAME *); - -int X509_add_ext(X509 *, X509_EXTENSION *, int); -X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *); - -ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *); -void X509_EXTENSION_free(X509_EXTENSION *); - -int X509_REQ_set_version(X509_REQ *, long); -X509_REQ *X509_REQ_new(void); -void X509_REQ_free(X509_REQ *); -int X509_REQ_set_pubkey(X509_REQ *, EVP_PKEY *); -int X509_REQ_set_subject_name(X509_REQ *, X509_NAME *); -int X509_REQ_sign(X509_REQ *, EVP_PKEY *, const EVP_MD *); -int X509_REQ_verify(X509_REQ *, EVP_PKEY *); -EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *); -int X509_REQ_print_ex(BIO *, X509_REQ *, unsigned long, unsigned long); -int X509_REQ_add_extensions(X509_REQ *, X509_EXTENSIONS *); -X509_EXTENSIONS *X509_REQ_get_extensions(X509_REQ *); -X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *, int); -int X509_REQ_get_attr_by_OBJ(const X509_REQ *, const ASN1_OBJECT *, int); -void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *, int, int, void *); -ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *, int); -int X509_ATTRIBUTE_count(const X509_ATTRIBUTE *); -int X509_REQ_add1_attr_by_OBJ(X509_REQ *, const ASN1_OBJECT *, - int, const unsigned char *, int); - -int X509V3_EXT_print(BIO *, X509_EXTENSION *, unsigned long, int); -ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *); - -X509_REVOKED *X509_REVOKED_new(void); -void X509_REVOKED_free(X509_REVOKED *); - -int X509_REVOKED_set_serialNumber(X509_REVOKED *, ASN1_INTEGER *); - -int X509_REVOKED_add_ext(X509_REVOKED *, X509_EXTENSION*, int); -int X509_REVOKED_add1_ext_i2d(X509_REVOKED *, int, void *, int, unsigned long); -X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *, int); - -int X509_REVOKED_set_revocationDate(X509_REVOKED *, ASN1_TIME *); - -X509_CRL *X509_CRL_new(void); -X509_CRL *X509_CRL_dup(X509_CRL *); -X509_CRL *d2i_X509_CRL_bio(BIO *, X509_CRL **); -int X509_CRL_add0_revoked(X509_CRL *, X509_REVOKED *); -int X509_CRL_add_ext(X509_CRL *, X509_EXTENSION *, int); -int X509_CRL_cmp(const X509_CRL *, const X509_CRL *); -int X509_CRL_print(BIO *, X509_CRL *); -int X509_CRL_set_issuer_name(X509_CRL *, X509_NAME *); -int X509_CRL_set_version(X509_CRL *, long); -int X509_CRL_sign(X509_CRL *, EVP_PKEY *, const EVP_MD *); -int X509_CRL_sort(X509_CRL *); -int X509_CRL_verify(X509_CRL *, EVP_PKEY *); -int i2d_X509_CRL_bio(BIO *, X509_CRL *); -void X509_CRL_free(X509_CRL *); - -int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *, EVP_PKEY *); -int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *, EVP_PKEY *, const EVP_MD *); -char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *); -NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *, int); -EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *); -int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *, EVP_PKEY *); -NETSCAPE_SPKI *NETSCAPE_SPKI_new(void); -void NETSCAPE_SPKI_free(NETSCAPE_SPKI *); - -/* ASN1 serialization */ -int i2d_X509_bio(BIO *, X509 *); -X509 *d2i_X509_bio(BIO *, X509 **); - -int i2d_X509_REQ_bio(BIO *, X509_REQ *); -X509_REQ *d2i_X509_REQ_bio(BIO *, X509_REQ **); - -int i2d_PrivateKey_bio(BIO *, EVP_PKEY *); -EVP_PKEY *d2i_PrivateKey_bio(BIO *, EVP_PKEY **); -int i2d_PUBKEY_bio(BIO *, EVP_PKEY *); -EVP_PKEY *d2i_PUBKEY_bio(BIO *, EVP_PKEY **); - -ASN1_INTEGER *X509_get_serialNumber(X509 *); -int X509_set_serialNumber(X509 *, ASN1_INTEGER *); - -const char *X509_verify_cert_error_string(long); - -const char *X509_get_default_cert_dir(void); -const char *X509_get_default_cert_file(void); -const char *X509_get_default_cert_dir_env(void); -const char *X509_get_default_cert_file_env(void); - -int i2d_RSAPrivateKey_bio(BIO *, RSA *); -RSA *d2i_RSAPublicKey_bio(BIO *, RSA **); -int i2d_RSAPublicKey_bio(BIO *, RSA *); -int i2d_DSAPrivateKey_bio(BIO *, DSA *); - -/* These became const X509 in 1.1.0 */ -int X509_get_ext_count(X509 *); -X509_EXTENSION *X509_get_ext(X509 *, int); -X509_NAME *X509_get_subject_name(X509 *); -X509_NAME *X509_get_issuer_name(X509 *); - -/* This became const ASN1_OBJECT * in 1.1.0 */ -X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **, - ASN1_OBJECT *, int, - ASN1_OCTET_STRING *); - - -/* This became const X509_EXTENSION * in 1.1.0 */ -int X509_EXTENSION_get_critical(X509_EXTENSION *); - -/* This became const X509_REVOKED * in 1.1.0 */ -int X509_REVOKED_get_ext_count(X509_REVOKED *); -X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *, int); - -/* This became const X509_CRL * in 1.1.0 */ -X509_EXTENSION *X509_CRL_get_ext(X509_CRL *, int); -int X509_CRL_get_ext_count(X509_CRL *); - -int X509_CRL_get0_by_serial(X509_CRL *, X509_REVOKED **, ASN1_INTEGER *); - -X509_REVOKED *X509_REVOKED_dup(X509_REVOKED *); -X509_REVOKED *Cryptography_X509_REVOKED_dup(X509_REVOKED *); - -/* new in 1.0.2 */ -int i2d_re_X509_tbs(X509 *, unsigned char **); -int X509_get_signature_nid(const X509 *); - -const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *); - -void X509_get0_signature(const ASN1_BIT_STRING **, - const X509_ALGOR **, const X509 *); - -long X509_get_version(X509 *); - -ASN1_TIME *X509_get_notBefore(X509 *); -ASN1_TIME *X509_get_notAfter(X509 *); -ASN1_TIME *X509_getm_notBefore(X509 *); -ASN1_TIME *X509_getm_notAfter(X509 *); - -long X509_REQ_get_version(X509_REQ *); -X509_NAME *X509_REQ_get_subject_name(X509_REQ *); - -Cryptography_STACK_OF_X509 *sk_X509_new_null(void); -void sk_X509_free(Cryptography_STACK_OF_X509 *); -int sk_X509_num(Cryptography_STACK_OF_X509 *); -int sk_X509_push(Cryptography_STACK_OF_X509 *, X509 *); -X509 *sk_X509_value(Cryptography_STACK_OF_X509 *, int); - -X509_EXTENSIONS *sk_X509_EXTENSION_new_null(void); -int sk_X509_EXTENSION_num(X509_EXTENSIONS *); -X509_EXTENSION *sk_X509_EXTENSION_value(X509_EXTENSIONS *, int); -int sk_X509_EXTENSION_push(X509_EXTENSIONS *, X509_EXTENSION *); -int sk_X509_EXTENSION_insert(X509_EXTENSIONS *, X509_EXTENSION *, int); -X509_EXTENSION *sk_X509_EXTENSION_delete(X509_EXTENSIONS *, int); -void sk_X509_EXTENSION_free(X509_EXTENSIONS *); -void sk_X509_EXTENSION_pop_free(X509_EXTENSIONS *, sk_X509_EXTENSION_freefunc); - -int sk_X509_REVOKED_num(Cryptography_STACK_OF_X509_REVOKED *); -X509_REVOKED *sk_X509_REVOKED_value(Cryptography_STACK_OF_X509_REVOKED *, int); - -Cryptography_STACK_OF_X509_CRL *sk_X509_CRL_new_null(void); -void sk_X509_CRL_free(Cryptography_STACK_OF_X509_CRL *); -int sk_X509_CRL_num(Cryptography_STACK_OF_X509_CRL *); -int sk_X509_CRL_push(Cryptography_STACK_OF_X509_CRL *, X509_CRL *); -X509_CRL *sk_X509_CRL_value(Cryptography_STACK_OF_X509_CRL *, int); - -long X509_CRL_get_version(X509_CRL *); -ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *); -ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *); -X509_NAME *X509_CRL_get_issuer(X509_CRL *); -Cryptography_STACK_OF_X509_REVOKED *X509_CRL_get_REVOKED(X509_CRL *); - -/* These aren't macros these arguments are all const X on openssl > 1.0.x */ -int X509_CRL_set_lastUpdate(X509_CRL *, ASN1_TIME *); -int X509_CRL_set_nextUpdate(X509_CRL *, ASN1_TIME *); -int X509_set_notBefore(X509 *, ASN1_TIME *); -int X509_set_notAfter(X509 *, ASN1_TIME *); -int X509_set1_notBefore(X509 *, ASN1_TIME *); -int X509_set1_notAfter(X509 *, ASN1_TIME *); - -EC_KEY *d2i_EC_PUBKEY_bio(BIO *, EC_KEY **); -int i2d_EC_PUBKEY_bio(BIO *, EC_KEY *); -EC_KEY *d2i_ECPrivateKey_bio(BIO *, EC_KEY **); -int i2d_ECPrivateKey_bio(BIO *, EC_KEY *); - -// declared in safestack -int sk_ASN1_OBJECT_num(Cryptography_STACK_OF_ASN1_OBJECT *); -ASN1_OBJECT *sk_ASN1_OBJECT_value(Cryptography_STACK_OF_ASN1_OBJECT *, int); -void sk_ASN1_OBJECT_free(Cryptography_STACK_OF_ASN1_OBJECT *); -Cryptography_STACK_OF_ASN1_OBJECT *sk_ASN1_OBJECT_new_null(void); -int sk_ASN1_OBJECT_push(Cryptography_STACK_OF_ASN1_OBJECT *, ASN1_OBJECT *); - -/* these functions were added in 1.1.0 */ -const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(const X509_REVOKED *); -const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *); -void X509_CRL_get0_signature(const X509_CRL *, const ASN1_BIT_STRING **, - const X509_ALGOR **); -int i2d_re_X509_REQ_tbs(X509_REQ *, unsigned char **); -int i2d_re_X509_CRL_tbs(X509_CRL *, unsigned char **); -void X509_REQ_get0_signature(const X509_REQ *, const ASN1_BIT_STRING **, - const X509_ALGOR **); -""" - -CUSTOMIZATIONS = """ -#if CRYPTOGRAPHY_IS_LIBRESSL -int i2d_re_X509_tbs(X509 *x, unsigned char **pp) -{ - /* in 1.0.2+ this function also sets x->cert_info->enc.modified = 1 - but older OpenSSLs don't have the enc ASN1_ENCODING member in the - X509 struct. Setting modified to 1 marks the encoding - (x->cert_info->enc.enc) as invalid, but since the entire struct isn't - present we don't care. */ - return i2d_X509_CINF(x->cert_info, pp); -} -#endif - -/* Being kept around for pyOpenSSL */ -X509_REVOKED *Cryptography_X509_REVOKED_dup(X509_REVOKED *rev) { - return X509_REVOKED_dup(rev); -} -/* Added in 1.1.0 but we need it in all versions now due to the great - opaquing. */ -#if CRYPTOGRAPHY_IS_LIBRESSL -int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp) -{ - req->req_info->enc.modified = 1; - return i2d_X509_REQ_INFO(req->req_info, pp); -} -int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp) { - crl->crl->enc.modified = 1; - return i2d_X509_CRL_INFO(crl->crl, pp); -} -#endif -""" diff --git a/game/python-extra/_openssl/x509_vfy.py b/game/python-extra/_openssl/x509_vfy.py deleted file mode 100644 index ba3d3db..0000000 --- a/game/python-extra/_openssl/x509_vfy.py +++ /dev/null @@ -1,255 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/x509_vfy.h> - -/* - * This is part of a work-around for the difficulty cffi has in dealing with - * `STACK_OF(foo)` as the name of a type. We invent a new, simpler name that - * will be an alias for this type and use the alias throughout. This works - * together with another opaque typedef for the same name in the TYPES section. - * Note that the result is an opaque type. - */ -typedef STACK_OF(ASN1_OBJECT) Cryptography_STACK_OF_ASN1_OBJECT; -typedef STACK_OF(X509_OBJECT) Cryptography_STACK_OF_X509_OBJECT; -""" - -TYPES = """ -static const long Cryptography_HAS_102_VERIFICATION; -static const long Cryptography_HAS_110_VERIFICATION_PARAMS; -static const long Cryptography_HAS_X509_STORE_CTX_GET_ISSUER; - -typedef ... Cryptography_STACK_OF_ASN1_OBJECT; -typedef ... Cryptography_STACK_OF_X509_OBJECT; - -typedef ... X509_OBJECT; -typedef ... X509_STORE; -typedef ... X509_VERIFY_PARAM; -typedef ... X509_STORE_CTX; - -typedef int (*X509_STORE_CTX_get_issuer_fn)(X509 **, X509_STORE_CTX *, X509 *); - -/* While these are defined in the source as ints, they're tagged here - as longs, just in case they ever grow to large, such as what we saw - with OP_ALL. */ - -/* Verification error codes */ -static const int X509_V_OK; -static const int X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT; -static const int X509_V_ERR_UNABLE_TO_GET_CRL; -static const int X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE; -static const int X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE; -static const int X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; -static const int X509_V_ERR_CERT_SIGNATURE_FAILURE; -static const int X509_V_ERR_CRL_SIGNATURE_FAILURE; -static const int X509_V_ERR_CERT_NOT_YET_VALID; -static const int X509_V_ERR_CERT_HAS_EXPIRED; -static const int X509_V_ERR_CRL_NOT_YET_VALID; -static const int X509_V_ERR_CRL_HAS_EXPIRED; -static const int X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD; -static const int X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD; -static const int X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD; -static const int X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD; -static const int X509_V_ERR_OUT_OF_MEM; -static const int X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT; -static const int X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN; -static const int X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY; -static const int X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE; -static const int X509_V_ERR_CERT_CHAIN_TOO_LONG; -static const int X509_V_ERR_CERT_REVOKED; -static const int X509_V_ERR_INVALID_CA; -static const int X509_V_ERR_PATH_LENGTH_EXCEEDED; -static const int X509_V_ERR_INVALID_PURPOSE; -static const int X509_V_ERR_CERT_UNTRUSTED; -static const int X509_V_ERR_CERT_REJECTED; -static const int X509_V_ERR_SUBJECT_ISSUER_MISMATCH; -static const int X509_V_ERR_AKID_SKID_MISMATCH; -static const int X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH; -static const int X509_V_ERR_KEYUSAGE_NO_CERTSIGN; -static const int X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER; -static const int X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION; -static const int X509_V_ERR_KEYUSAGE_NO_CRL_SIGN; -static const int X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION; -static const int X509_V_ERR_INVALID_NON_CA; -static const int X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED; -static const int X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE; -static const int X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED; -static const int X509_V_ERR_INVALID_EXTENSION; -static const int X509_V_ERR_INVALID_POLICY_EXTENSION; -static const int X509_V_ERR_NO_EXPLICIT_POLICY; -static const int X509_V_ERR_DIFFERENT_CRL_SCOPE; -static const int X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE; -static const int X509_V_ERR_UNNESTED_RESOURCE; -static const int X509_V_ERR_PERMITTED_VIOLATION; -static const int X509_V_ERR_EXCLUDED_VIOLATION; -static const int X509_V_ERR_SUBTREE_MINMAX; -static const int X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE; -static const int X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX; -static const int X509_V_ERR_UNSUPPORTED_NAME_SYNTAX; -static const int X509_V_ERR_CRL_PATH_VALIDATION_ERROR; -static const int X509_V_ERR_SUITE_B_INVALID_VERSION; -static const int X509_V_ERR_SUITE_B_INVALID_ALGORITHM; -static const int X509_V_ERR_SUITE_B_INVALID_CURVE; -static const int X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM; -static const int X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED; -static const int X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256; -static const int X509_V_ERR_HOSTNAME_MISMATCH; -static const int X509_V_ERR_EMAIL_MISMATCH; -static const int X509_V_ERR_IP_ADDRESS_MISMATCH; -static const int X509_V_ERR_APPLICATION_VERIFICATION; - -/* Verification parameters */ -static const long X509_V_FLAG_CB_ISSUER_CHECK; -static const long X509_V_FLAG_USE_CHECK_TIME; -static const long X509_V_FLAG_CRL_CHECK; -static const long X509_V_FLAG_CRL_CHECK_ALL; -static const long X509_V_FLAG_IGNORE_CRITICAL; -static const long X509_V_FLAG_X509_STRICT; -static const long X509_V_FLAG_ALLOW_PROXY_CERTS; -static const long X509_V_FLAG_POLICY_CHECK; -static const long X509_V_FLAG_EXPLICIT_POLICY; -static const long X509_V_FLAG_INHIBIT_ANY; -static const long X509_V_FLAG_INHIBIT_MAP; -static const long X509_V_FLAG_NOTIFY_POLICY; -static const long X509_V_FLAG_EXTENDED_CRL_SUPPORT; -static const long X509_V_FLAG_USE_DELTAS; -static const long X509_V_FLAG_CHECK_SS_SIGNATURE; -static const long X509_V_FLAG_TRUSTED_FIRST; -static const long X509_V_FLAG_SUITEB_128_LOS_ONLY; -static const long X509_V_FLAG_SUITEB_192_LOS; -static const long X509_V_FLAG_SUITEB_128_LOS; -static const long X509_V_FLAG_PARTIAL_CHAIN; - -static const long X509_LU_X509; -static const long X509_LU_CRL; - -static const long X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT; -static const long X509_CHECK_FLAG_NO_WILDCARDS; -static const long X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS; -static const long X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS; -static const long X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS; -static const long X509_CHECK_FLAG_NEVER_CHECK_SUBJECT; -""" - -FUNCTIONS = """ -int X509_verify_cert(X509_STORE_CTX *); - -/* X509_STORE */ -X509_STORE *X509_STORE_new(void); -int X509_STORE_add_cert(X509_STORE *, X509 *); -int X509_STORE_add_crl(X509_STORE *, X509_CRL *); -int X509_STORE_load_locations(X509_STORE *, const char *, const char *); -int X509_STORE_set1_param(X509_STORE *, X509_VERIFY_PARAM *); -int X509_STORE_set_default_paths(X509_STORE *); -int X509_STORE_set_flags(X509_STORE *, unsigned long); -void X509_STORE_free(X509_STORE *); - -/* X509_STORE_CTX */ -X509_STORE_CTX *X509_STORE_CTX_new(void); -void X509_STORE_CTX_cleanup(X509_STORE_CTX *); -void X509_STORE_CTX_free(X509_STORE_CTX *); -int X509_STORE_CTX_init(X509_STORE_CTX *, X509_STORE *, X509 *, - Cryptography_STACK_OF_X509 *); -void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *, - Cryptography_STACK_OF_X509 *); -void X509_STORE_CTX_set_cert(X509_STORE_CTX *, X509 *); -void X509_STORE_CTX_set_chain(X509_STORE_CTX *,Cryptography_STACK_OF_X509 *); -X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *); -void X509_STORE_CTX_set0_param(X509_STORE_CTX *, X509_VERIFY_PARAM *); -int X509_STORE_CTX_set_default(X509_STORE_CTX *, const char *); -void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *, - int (*)(int, X509_STORE_CTX *)); -Cryptography_STACK_OF_X509 *X509_STORE_CTX_get_chain(X509_STORE_CTX *); -Cryptography_STACK_OF_X509 *X509_STORE_CTX_get1_chain(X509_STORE_CTX *); -int X509_STORE_CTX_get_error(X509_STORE_CTX *); -void X509_STORE_CTX_set_error(X509_STORE_CTX *, int); -int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *); -X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *); -int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *, int, void *); -void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *, int); -int X509_STORE_CTX_get1_issuer(X509 **, X509_STORE_CTX *, X509 *); - -/* X509_VERIFY_PARAM */ -X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void); -int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *, unsigned long); -int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *, unsigned long); -unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *); -int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *, int); -int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *, int); -void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *, time_t); -int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *, ASN1_OBJECT *); -int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *, - Cryptography_STACK_OF_ASN1_OBJECT *); -void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *, int); -int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *); -void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *); -/* this CRYPTO_EX_DATA function became a macro in 1.1.0 */ -int X509_STORE_CTX_get_ex_new_index(long, void *, CRYPTO_EX_new *, - CRYPTO_EX_dup *, CRYPTO_EX_free *); - -/* X509_STORE_CTX */ -void X509_STORE_CTX_set0_crls(X509_STORE_CTX *, - Cryptography_STACK_OF_X509_CRL *); - -/* X509_VERIFY_PARAM */ -int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *, const char *, - size_t); -void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *, unsigned int); -int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *, const char *, - size_t); -int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *, const unsigned char *, - size_t); -int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *, const char *); - -int sk_X509_OBJECT_num(Cryptography_STACK_OF_X509_OBJECT *); -X509_OBJECT *sk_X509_OBJECT_value(Cryptography_STACK_OF_X509_OBJECT *, int); -X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *); -Cryptography_STACK_OF_X509_OBJECT *X509_STORE_get0_objects(X509_STORE *); -X509 *X509_OBJECT_get0_X509(X509_OBJECT *); -int X509_OBJECT_get_type(const X509_OBJECT *); - -/* added in 1.1.0 */ -X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *); -X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE *); -void X509_STORE_set_get_issuer(X509_STORE *, X509_STORE_CTX_get_issuer_fn); -""" - -CUSTOMIZATIONS = """ -#if !CRYPTOGRAPHY_IS_LIBRESSL -static const long Cryptography_HAS_102_VERIFICATION = 1; -#else -static const long Cryptography_HAS_102_VERIFICATION = 0; -static const long X509_V_ERR_SUITE_B_INVALID_VERSION = 0; -static const long X509_V_ERR_SUITE_B_INVALID_ALGORITHM = 0; -static const long X509_V_ERR_SUITE_B_INVALID_CURVE = 0; -static const long X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM = 0; -static const long X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED = 0; -static const long X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 = 0; -static const long X509_V_FLAG_SUITEB_128_LOS_ONLY = 0; -static const long X509_V_FLAG_SUITEB_192_LOS = 0; -static const long X509_V_FLAG_SUITEB_128_LOS = 0; -#endif - -#if CRYPTOGRAPHY_IS_LIBRESSL -static const long Cryptography_HAS_110_VERIFICATION_PARAMS = 0; -#ifndef X509_CHECK_FLAG_NEVER_CHECK_SUBJECT -static const long X509_CHECK_FLAG_NEVER_CHECK_SUBJECT = 0; -#endif -#else -static const long Cryptography_HAS_110_VERIFICATION_PARAMS = 1; -#endif - -#if CRYPTOGRAPHY_IS_LIBRESSL -static const long Cryptography_HAS_X509_STORE_CTX_GET_ISSUER = 0; -typedef void *X509_STORE_CTX_get_issuer_fn; -X509_STORE_CTX_get_issuer_fn (*X509_STORE_get_get_issuer)(X509_STORE *) = NULL; -void (*X509_STORE_set_get_issuer)(X509_STORE *, - X509_STORE_CTX_get_issuer_fn) = NULL; -#else -static const long Cryptography_HAS_X509_STORE_CTX_GET_ISSUER = 1; -#endif -""" diff --git a/game/python-extra/_openssl/x509name.py b/game/python-extra/_openssl/x509name.py deleted file mode 100644 index 1fbe26a..0000000 --- a/game/python-extra/_openssl/x509name.py +++ /dev/null @@ -1,78 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/x509.h> - -/* - * See the comment above Cryptography_STACK_OF_X509 in x509.py - */ -typedef STACK_OF(X509_NAME) Cryptography_STACK_OF_X509_NAME; -typedef STACK_OF(X509_NAME_ENTRY) Cryptography_STACK_OF_X509_NAME_ENTRY; -""" - -TYPES = """ -typedef ... Cryptography_STACK_OF_X509_NAME_ENTRY; -typedef ... X509_NAME; -typedef ... X509_NAME_ENTRY; -typedef ... Cryptography_STACK_OF_X509_NAME; -""" - -FUNCTIONS = """ -X509_NAME *X509_NAME_new(void); -void X509_NAME_free(X509_NAME *); - -unsigned long X509_NAME_hash(X509_NAME *); - -int i2d_X509_NAME(X509_NAME *, unsigned char **); -int X509_NAME_add_entry_by_txt(X509_NAME *, const char *, int, - const unsigned char *, int, int, int); -X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *, int); -void X509_NAME_ENTRY_free(X509_NAME_ENTRY *); -int X509_NAME_get_index_by_NID(X509_NAME *, int, int); -int X509_NAME_cmp(const X509_NAME *, const X509_NAME *); -X509_NAME *X509_NAME_dup(X509_NAME *); -int X509_NAME_ENTRY_set(X509_NAME_ENTRY *); -/* These became const X509_NAME * in 1.1.0 */ -int X509_NAME_entry_count(X509_NAME *); -X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *, int); -char *X509_NAME_oneline(X509_NAME *, char *, int); -int X509_NAME_print_ex(BIO *, X509_NAME *, int, unsigned long); - -/* These became const X509_NAME_ENTRY * in 1.1.0 */ -ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *); -ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *); -int X509_NAME_add_entry(X509_NAME *, X509_NAME_ENTRY *, int, int); - -/* this became const unsigned char * in 1.1.0 */ -int X509_NAME_add_entry_by_NID(X509_NAME *, int, int, unsigned char *, - int, int, int); - -/* These became const ASN1_OBJECT * in 1.1.0 */ -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **, - ASN1_OBJECT *, int, - const unsigned char *, int); -int X509_NAME_add_entry_by_OBJ(X509_NAME *, ASN1_OBJECT *, int, - unsigned char *, int, int, int); - -Cryptography_STACK_OF_X509_NAME *sk_X509_NAME_new_null(void); -int sk_X509_NAME_num(Cryptography_STACK_OF_X509_NAME *); -int sk_X509_NAME_push(Cryptography_STACK_OF_X509_NAME *, X509_NAME *); -X509_NAME *sk_X509_NAME_value(Cryptography_STACK_OF_X509_NAME *, int); -void sk_X509_NAME_free(Cryptography_STACK_OF_X509_NAME *); -int sk_X509_NAME_ENTRY_num(Cryptography_STACK_OF_X509_NAME_ENTRY *); -Cryptography_STACK_OF_X509_NAME_ENTRY *sk_X509_NAME_ENTRY_new_null(void); -int sk_X509_NAME_ENTRY_push(Cryptography_STACK_OF_X509_NAME_ENTRY *, - X509_NAME_ENTRY *); -X509_NAME_ENTRY *sk_X509_NAME_ENTRY_value( - Cryptography_STACK_OF_X509_NAME_ENTRY *, int); -Cryptography_STACK_OF_X509_NAME_ENTRY *sk_X509_NAME_ENTRY_dup( - Cryptography_STACK_OF_X509_NAME_ENTRY * -); -""" - -CUSTOMIZATIONS = """ -""" diff --git a/game/python-extra/_openssl/x509v3.py b/game/python-extra/_openssl/x509v3.py deleted file mode 100644 index 5968120..0000000 --- a/game/python-extra/_openssl/x509v3.py +++ /dev/null @@ -1,314 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -INCLUDES = """ -#include <openssl/x509v3.h> - -/* - * This is part of a work-around for the difficulty cffi has in dealing with - * `LHASH_OF(foo)` as the name of a type. We invent a new, simpler name that - * will be an alias for this type and use the alias throughout. This works - * together with another opaque typedef for the same name in the TYPES section. - * Note that the result is an opaque type. - */ -typedef LHASH_OF(CONF_VALUE) Cryptography_LHASH_OF_CONF_VALUE; - -typedef STACK_OF(ACCESS_DESCRIPTION) Cryptography_STACK_OF_ACCESS_DESCRIPTION; -typedef STACK_OF(DIST_POINT) Cryptography_STACK_OF_DIST_POINT; -typedef STACK_OF(POLICYQUALINFO) Cryptography_STACK_OF_POLICYQUALINFO; -typedef STACK_OF(POLICYINFO) Cryptography_STACK_OF_POLICYINFO; -typedef STACK_OF(ASN1_INTEGER) Cryptography_STACK_OF_ASN1_INTEGER; -typedef STACK_OF(GENERAL_SUBTREE) Cryptography_STACK_OF_GENERAL_SUBTREE; -""" - -TYPES = """ -typedef ... Cryptography_STACK_OF_ACCESS_DESCRIPTION; -typedef ... Cryptography_STACK_OF_POLICYQUALINFO; -typedef ... Cryptography_STACK_OF_POLICYINFO; -typedef ... Cryptography_STACK_OF_ASN1_INTEGER; -typedef ... Cryptography_STACK_OF_GENERAL_SUBTREE; -typedef ... EXTENDED_KEY_USAGE; -typedef ... CONF; - -typedef struct { - X509 *issuer_cert; - X509 *subject_cert; - ...; -} X509V3_CTX; - -typedef void * (*X509V3_EXT_D2I)(void *, const unsigned char **, long); - -static const int GEN_OTHERNAME; -static const int GEN_EMAIL; -static const int GEN_X400; -static const int GEN_DNS; -static const int GEN_URI; -static const int GEN_DIRNAME; -static const int GEN_EDIPARTY; -static const int GEN_IPADD; -static const int GEN_RID; - -typedef struct { - ASN1_OBJECT *type_id; - ASN1_TYPE *value; -} OTHERNAME; - -typedef struct { - ...; -} EDIPARTYNAME; - -typedef struct { - int ca; - ASN1_INTEGER *pathlen; -} BASIC_CONSTRAINTS; - -typedef struct { - Cryptography_STACK_OF_GENERAL_SUBTREE *permittedSubtrees; - Cryptography_STACK_OF_GENERAL_SUBTREE *excludedSubtrees; -} NAME_CONSTRAINTS; - -typedef struct { - ASN1_INTEGER *requireExplicitPolicy; - ASN1_INTEGER *inhibitPolicyMapping; -} POLICY_CONSTRAINTS; - - -typedef struct { - int type; - union { - char *ptr; - OTHERNAME *otherName; /* otherName */ - ASN1_IA5STRING *rfc822Name; - ASN1_IA5STRING *dNSName; - ASN1_TYPE *x400Address; - X509_NAME *directoryName; - EDIPARTYNAME *ediPartyName; - ASN1_IA5STRING *uniformResourceIdentifier; - ASN1_OCTET_STRING *iPAddress; - ASN1_OBJECT *registeredID; - - /* Old names */ - ASN1_OCTET_STRING *ip; /* iPAddress */ - X509_NAME *dirn; /* dirn */ - ASN1_IA5STRING *ia5; /* rfc822Name, dNSName, */ - /* uniformResourceIdentifier */ - ASN1_OBJECT *rid; /* registeredID */ - ASN1_TYPE *other; /* x400Address */ - } d; - ...; -} GENERAL_NAME; - -typedef struct { - GENERAL_NAME *base; - ASN1_INTEGER *minimum; - ASN1_INTEGER *maximum; -} GENERAL_SUBTREE; - -typedef struct stack_st_GENERAL_NAME GENERAL_NAMES; - -typedef struct { - ASN1_OCTET_STRING *keyid; - GENERAL_NAMES *issuer; - ASN1_INTEGER *serial; -} AUTHORITY_KEYID; - -typedef struct { - ASN1_OBJECT *method; - GENERAL_NAME *location; -} ACCESS_DESCRIPTION; - -typedef ... Cryptography_LHASH_OF_CONF_VALUE; - - -typedef ... Cryptography_STACK_OF_DIST_POINT; - -typedef struct { - int type; - union { - GENERAL_NAMES *fullname; - Cryptography_STACK_OF_X509_NAME_ENTRY *relativename; - } name; - ...; -} DIST_POINT_NAME; - -typedef struct { - DIST_POINT_NAME *distpoint; - ASN1_BIT_STRING *reasons; - GENERAL_NAMES *CRLissuer; - ...; -} DIST_POINT; - -typedef struct { - DIST_POINT_NAME *distpoint; - int onlyuser; - int onlyCA; - ASN1_BIT_STRING *onlysomereasons; - int indirectCRL; - int onlyattr; -} ISSUING_DIST_POINT; - -typedef struct { - ASN1_STRING *organization; - Cryptography_STACK_OF_ASN1_INTEGER *noticenos; -} NOTICEREF; - -typedef struct { - NOTICEREF *noticeref; - ASN1_STRING *exptext; -} USERNOTICE; - -typedef struct { - ASN1_OBJECT *pqualid; - union { - ASN1_IA5STRING *cpsuri; - USERNOTICE *usernotice; - ASN1_TYPE *other; - } d; -} POLICYQUALINFO; - -typedef struct { - ASN1_OBJECT *policyid; - Cryptography_STACK_OF_POLICYQUALINFO *qualifiers; -} POLICYINFO; - -typedef void (*sk_GENERAL_NAME_freefunc)(GENERAL_NAME *); -typedef void (*sk_DIST_POINT_freefunc)(DIST_POINT *); -typedef void (*sk_POLICYINFO_freefunc)(POLICYINFO *); -typedef void (*sk_ACCESS_DESCRIPTION_freefunc)(ACCESS_DESCRIPTION *); -""" - - -FUNCTIONS = """ -int X509V3_EXT_add_alias(int, int); -void X509V3_set_ctx(X509V3_CTX *, X509 *, X509 *, X509_REQ *, X509_CRL *, int); -int GENERAL_NAME_print(BIO *, GENERAL_NAME *); -GENERAL_NAMES *GENERAL_NAMES_new(void); -void GENERAL_NAMES_free(GENERAL_NAMES *); -void *X509V3_EXT_d2i(X509_EXTENSION *); -int X509_check_ca(X509 *); -/* X509 became a const arg in 1.1.0 */ -void *X509_get_ext_d2i(X509 *, int, int *, int *); -/* The last two char * args became const char * in 1.1.0 */ -X509_EXTENSION *X509V3_EXT_nconf(CONF *, X509V3_CTX *, char *, char *); -/* This is a macro defined by a call to DECLARE_ASN1_FUNCTIONS in the - x509v3.h header. */ -BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void); -void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *); -/* This is a macro defined by a call to DECLARE_ASN1_FUNCTIONS in the - x509v3.h header. */ -AUTHORITY_KEYID *AUTHORITY_KEYID_new(void); -void AUTHORITY_KEYID_free(AUTHORITY_KEYID *); - -NAME_CONSTRAINTS *NAME_CONSTRAINTS_new(void); -void NAME_CONSTRAINTS_free(NAME_CONSTRAINTS *); - -OTHERNAME *OTHERNAME_new(void); -void OTHERNAME_free(OTHERNAME *); - -POLICY_CONSTRAINTS *POLICY_CONSTRAINTS_new(void); -void POLICY_CONSTRAINTS_free(POLICY_CONSTRAINTS *); - -void *X509V3_set_ctx_nodb(X509V3_CTX *); - -int i2d_GENERAL_NAMES(GENERAL_NAMES *, unsigned char **); -GENERAL_NAMES *d2i_GENERAL_NAMES(GENERAL_NAMES **, const unsigned char **, - long); - -int sk_GENERAL_NAME_num(struct stack_st_GENERAL_NAME *); -int sk_GENERAL_NAME_push(struct stack_st_GENERAL_NAME *, GENERAL_NAME *); -GENERAL_NAME *sk_GENERAL_NAME_value(struct stack_st_GENERAL_NAME *, int); -void sk_GENERAL_NAME_pop_free(struct stack_st_GENERAL_NAME *, - sk_GENERAL_NAME_freefunc); - -Cryptography_STACK_OF_ACCESS_DESCRIPTION *sk_ACCESS_DESCRIPTION_new_null(void); -int sk_ACCESS_DESCRIPTION_num(Cryptography_STACK_OF_ACCESS_DESCRIPTION *); -ACCESS_DESCRIPTION *sk_ACCESS_DESCRIPTION_value( - Cryptography_STACK_OF_ACCESS_DESCRIPTION *, int -); -void sk_ACCESS_DESCRIPTION_free(Cryptography_STACK_OF_ACCESS_DESCRIPTION *); -void sk_ACCESS_DESCRIPTION_pop_free(Cryptography_STACK_OF_ACCESS_DESCRIPTION *, - sk_ACCESS_DESCRIPTION_freefunc); -int sk_ACCESS_DESCRIPTION_push(Cryptography_STACK_OF_ACCESS_DESCRIPTION *, - ACCESS_DESCRIPTION *); - -ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void); -void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *); - -X509_EXTENSION *X509V3_EXT_conf_nid(Cryptography_LHASH_OF_CONF_VALUE *, - X509V3_CTX *, int, char *); - -Cryptography_STACK_OF_DIST_POINT *sk_DIST_POINT_new_null(void); -void sk_DIST_POINT_free(Cryptography_STACK_OF_DIST_POINT *); -int sk_DIST_POINT_num(Cryptography_STACK_OF_DIST_POINT *); -DIST_POINT *sk_DIST_POINT_value(Cryptography_STACK_OF_DIST_POINT *, int); -int sk_DIST_POINT_push(Cryptography_STACK_OF_DIST_POINT *, DIST_POINT *); -void sk_DIST_POINT_pop_free(Cryptography_STACK_OF_DIST_POINT *, - sk_DIST_POINT_freefunc); -void CRL_DIST_POINTS_free(Cryptography_STACK_OF_DIST_POINT *); - -void sk_POLICYINFO_free(Cryptography_STACK_OF_POLICYINFO *); -int sk_POLICYINFO_num(Cryptography_STACK_OF_POLICYINFO *); -POLICYINFO *sk_POLICYINFO_value(Cryptography_STACK_OF_POLICYINFO *, int); -int sk_POLICYINFO_push(Cryptography_STACK_OF_POLICYINFO *, POLICYINFO *); -Cryptography_STACK_OF_POLICYINFO *sk_POLICYINFO_new_null(void); -void sk_POLICYINFO_pop_free(Cryptography_STACK_OF_POLICYINFO *, - sk_POLICYINFO_freefunc); -void CERTIFICATEPOLICIES_free(Cryptography_STACK_OF_POLICYINFO *); - -POLICYINFO *POLICYINFO_new(void); -void POLICYINFO_free(POLICYINFO *); - -POLICYQUALINFO *POLICYQUALINFO_new(void); -void POLICYQUALINFO_free(POLICYQUALINFO *); - -NOTICEREF *NOTICEREF_new(void); -void NOTICEREF_free(NOTICEREF *); - -USERNOTICE *USERNOTICE_new(void); -void USERNOTICE_free(USERNOTICE *); - -void sk_POLICYQUALINFO_free(Cryptography_STACK_OF_POLICYQUALINFO *); -int sk_POLICYQUALINFO_num(Cryptography_STACK_OF_POLICYQUALINFO *); -POLICYQUALINFO *sk_POLICYQUALINFO_value(Cryptography_STACK_OF_POLICYQUALINFO *, - int); -int sk_POLICYQUALINFO_push(Cryptography_STACK_OF_POLICYQUALINFO *, - POLICYQUALINFO *); -Cryptography_STACK_OF_POLICYQUALINFO *sk_POLICYQUALINFO_new_null(void); - -Cryptography_STACK_OF_GENERAL_SUBTREE *sk_GENERAL_SUBTREE_new_null(void); -void sk_GENERAL_SUBTREE_free(Cryptography_STACK_OF_GENERAL_SUBTREE *); -int sk_GENERAL_SUBTREE_num(Cryptography_STACK_OF_GENERAL_SUBTREE *); -GENERAL_SUBTREE *sk_GENERAL_SUBTREE_value( - Cryptography_STACK_OF_GENERAL_SUBTREE *, int -); -int sk_GENERAL_SUBTREE_push(Cryptography_STACK_OF_GENERAL_SUBTREE *, - GENERAL_SUBTREE *); - -GENERAL_SUBTREE *GENERAL_SUBTREE_new(void); - -void sk_ASN1_INTEGER_free(Cryptography_STACK_OF_ASN1_INTEGER *); -int sk_ASN1_INTEGER_num(Cryptography_STACK_OF_ASN1_INTEGER *); -ASN1_INTEGER *sk_ASN1_INTEGER_value(Cryptography_STACK_OF_ASN1_INTEGER *, int); -int sk_ASN1_INTEGER_push(Cryptography_STACK_OF_ASN1_INTEGER *, ASN1_INTEGER *); -Cryptography_STACK_OF_ASN1_INTEGER *sk_ASN1_INTEGER_new_null(void); - -X509_EXTENSION *X509V3_EXT_i2d(int, int, void *); - -DIST_POINT *DIST_POINT_new(void); -void DIST_POINT_free(DIST_POINT *); - -DIST_POINT_NAME *DIST_POINT_NAME_new(void); -void DIST_POINT_NAME_free(DIST_POINT_NAME *); - -GENERAL_NAME *GENERAL_NAME_new(void); -void GENERAL_NAME_free(GENERAL_NAME *); - -ISSUING_DIST_POINT *ISSUING_DIST_POINT_new(void); -void ISSUING_DIST_POINT_free(ISSUING_DIST_POINT *); -""" - -CUSTOMIZATIONS = """ -""" |