程序師世界是廣大編程愛好者互助、分享、學習的平台,程序師世界有你更精彩!
首頁
編程語言
C語言|JAVA編程
Python編程
網頁編程
ASP編程|PHP編程
JSP編程
數據庫知識
MYSQL數據庫|SqlServer數據庫
Oracle數據庫|DB2數據庫
 程式師世界 >> 編程語言 >> C語言 >> 關於C語言 >> OpenSSL 結構體,openssl結構體

OpenSSL 結構體,openssl結構體

編輯:關於C語言

OpenSSL 結構體,openssl結構體


 

X509_STORE

頭文件:x509_vfy.h

定義

typedef struct x509_store_st X509_STORE;
struct x509_store_st
{
    /* The following is a cache of trusted certs */
    int cache;     /* if true, stash any hits */
    STACK_OF(X509_OBJECT) *objs;    /* Cache of all objects */

    /* These are external lookup methods */
    STACK_OF(X509_LOOKUP) *get_cert_methods;

    X509_VERIFY_PARAM *param;

    /* Callbacks for various operations */
    int (*verify)(X509_STORE_CTX *ctx);    /* called to verify a certificate */
    int (*verify_cb)(int ok,X509_STORE_CTX *ctx);    /* error callback */
    int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);    /* get issuers cert from ctx */
    int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
    int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
    int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
    int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
    int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
    STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
    STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
    int (*cleanup)(X509_STORE_CTX *ctx);

    CRYPTO_EX_DATA ex_data;
    int references;
} /* X509_STORE */;

 

SSL_METHOD

頭文件:ssl.h

定義

typedef struct ssl_method_st SSL_METHOD;
struct ssl_method_st
{
    int version;
    int (*ssl_new)(SSL *s);
    void (*ssl_clear)(SSL *s);
    void (*ssl_free)(SSL *s);
    int (*ssl_accept)(SSL *s);
    int (*ssl_connect)(SSL *s);
    int (*ssl_read)(SSL *s,void *buf,int len);
    int (*ssl_peek)(SSL *s,void *buf,int len);
    int (*ssl_write)(SSL *s,const void *buf,int len);
    int (*ssl_shutdown)(SSL *s);
    int (*ssl_renegotiate)(SSL *s);
    int (*ssl_renegotiate_check)(SSL *s);
    long (*ssl_get_message)(SSL *s, int st1, int stn, int mt, long
                            max, int *ok);
    int (*ssl_read_bytes)(SSL *s, int type, unsigned char *buf, int len,
                          int peek);
    int (*ssl_write_bytes)(SSL *s, int type, const void *buf_, int len);
    int (*ssl_dispatch_alert)(SSL *s);
    long (*ssl_ctrl)(SSL *s,int cmd,long larg,void *parg);
    long (*ssl_ctx_ctrl)(SSL_CTX *ctx,int cmd,long larg,void *parg);
    const SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
    int (*put_cipher_by_char)(const SSL_CIPHER *cipher,unsigned char *ptr);
    int (*ssl_pending)(const SSL *s);
    int (*num_ciphers)(void);
    const SSL_CIPHER *(*get_cipher)(unsigned ncipher);
    const struct ssl_method_st *(*get_ssl_method)(int version);
    long (*get_timeout)(void);
    struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
    int (*ssl_version)(void);
    long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)(void));
    long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)(void));
};

 

SSL_METHOD

頭文件:ssl.h

定義

typedef struct ssl_method_st SSL_METHOD;
struct ssl_method_st
{
    int version;
    int (*ssl_new)(SSL *s);
    void (*ssl_clear)(SSL *s);
    void (*ssl_free)(SSL *s);
    int (*ssl_accept)(SSL *s);
    int (*ssl_connect)(SSL *s);
    int (*ssl_read)(SSL *s,void *buf,int len);
    int (*ssl_peek)(SSL *s,void *buf,int len);
    int (*ssl_write)(SSL *s,const void *buf,int len);
    int (*ssl_shutdown)(SSL *s);
    int (*ssl_renegotiate)(SSL *s);
    int (*ssl_renegotiate_check)(SSL *s);
    long (*ssl_get_message)(SSL *s, int st1, int stn, int mt, long
                            max, int *ok);
    int (*ssl_read_bytes)(SSL *s, int type, unsigned char *buf, int len,
                          int peek);
    int (*ssl_write_bytes)(SSL *s, int type, const void *buf_, int len);
    int (*ssl_dispatch_alert)(SSL *s);
    long (*ssl_ctrl)(SSL *s,int cmd,long larg,void *parg);
    long (*ssl_ctx_ctrl)(SSL_CTX *ctx,int cmd,long larg,void *parg);
    const SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
    int (*put_cipher_by_char)(const SSL_CIPHER *cipher,unsigned char *ptr);
    int (*ssl_pending)(const SSL *s);
    int (*num_ciphers)(void);
    const SSL_CIPHER *(*get_cipher)(unsigned ncipher);
    const struct ssl_method_st *(*get_ssl_method)(int version);
    long (*get_timeout)(void);
    struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
    int (*ssl_version)(void);
    long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)(void));
    long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)(void));
};

 

SSL_CTX

頭文件:ssl.h

定義

typedef struct ssl_ctx_st SSL_CTX;
struct ssl_ctx_st
{
    const SSL_METHOD *method;

    STACK_OF(SSL_CIPHER) *cipher_list;
    /* same as above but sorted for lookup */
    STACK_OF(SSL_CIPHER) *cipher_list_by_id;

    struct x509_store_st /* X509_STORE */ *cert_store;
    LHASH_OF(SSL_SESSION) *sessions;
    /* Most session-ids that will be cached, default is
     * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */
    unsigned long session_cache_size;
    struct ssl_session_st *session_cache_head;
    struct ssl_session_st *session_cache_tail;

    /* This can have one of 2 values, ored together,
     * SSL_SESS_CACHE_CLIENT,
     * SSL_SESS_CACHE_SERVER,
     * Default is SSL_SESSION_CACHE_SERVER, which means only
     * SSL_accept which cache SSL_SESSIONS. */
    int session_cache_mode;

    /* If timeout is not 0, it is the default timeout value set
     * when SSL_new() is called.  This has been put in to make
     * life easier to set things up */
    long session_timeout;

    /* If this callback is not null, it will be called each
     * time a session id is added to the cache.  If this function
     * returns 1, it means that the callback will do a
     * SSL_SESSION_free() when it has finished using it.  Otherwise,
     * on 0, it means the callback has finished with it.
     * If remove_session_cb is not null, it will be called when
     * a session-id is removed from the cache.  After the call,
     * OpenSSL will SSL_SESSION_free() it. */
    int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess);
    void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess);
    SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
                                   unsigned char *data,int len,int *copy);

    struct
    {
        int sess_connect;    /* SSL new conn - started */
        int sess_connect_renegotiate;/* SSL reneg - requested */
        int sess_connect_good;    /* SSL new conne/reneg - finished */
        int sess_accept;    /* SSL new accept - started */
        int sess_accept_renegotiate;/* SSL reneg - requested */
        int sess_accept_good;    /* SSL accept/reneg - finished */
        int sess_miss;        /* session lookup misses  */
        int sess_timeout;    /* reuse attempt on timeouted session */
        int sess_cache_full;    /* session removed due to full cache */
        int sess_hit;        /* session reuse actually done */
        int sess_cb_hit;    /* session-id that was not
                     * in the cache was
                     * passed back via the callback.  This
                     * indicates that the application is
                     * supplying session-id's from other
                     * processes - spooky :-) */
    } stats;

    int references;

    /* if defined, these override the X509_verify_cert() calls */
    int (*app_verify_callback)(X509_STORE_CTX *, void *);
    void *app_verify_arg;
    /* before OpenSSL 0.9.7, 'app_verify_arg' was ignored
     * ('app_verify_callback' was called with just one argument) */

    /* Default password callback. */
    pem_password_cb *default_passwd_callback;

    /* Default password callback user data. */
    void *default_passwd_callback_userdata;

    /* get client cert callback */
    int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);

    /* cookie generate callback */
    int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie,
                             unsigned int *cookie_len);

    /* verify cookie callback */
    int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie,
                                unsigned int cookie_len);

    CRYPTO_EX_DATA ex_data;

    const EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */
    const EVP_MD *md5;    /* For SSLv3/TLSv1 'ssl3-md5' */
    const EVP_MD *sha1;   /* For SSLv3/TLSv1 'ssl3->sha1' */

    STACK_OF(X509) *extra_certs;
    STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */


    /* Default values used when no per-SSL value is defined follow */

    void (*info_callback)(const SSL *ssl,int type,int val); /* used if SSL's info_callback is NULL */

    /* what we put in client cert requests */
    STACK_OF(X509_NAME) *client_CA;


    /* Default values to use in SSL structures follow (these are copied by SSL_new) */

    unsigned long options;
    unsigned long mode;
    long max_cert_list;

    struct cert_st /* CERT */ *cert;
    int read_ahead;

    /* callback that allows applications to peek at protocol messages */
    void (*msg_callback)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg);
    void *msg_callback_arg;

    int verify_mode;
    unsigned int sid_ctx_length;
    unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
    int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'verify_callback' in the SSL */

    /* Default generate session ID callback. */
    GEN_SESSION_CB generate_session_id;

    X509_VERIFY_PARAM *param;

#if 0
    int purpose;        /* Purpose setting */
    int trust;        /* Trust setting */
#endif

    int quiet_shutdown;

    /* Maximum amount of data to send in one fragment.
     * actual record size can be more than this due to
     * padding and MAC overheads.
     */
    unsigned int max_send_fragment;

#ifndef OPENSSL_ENGINE
    /* Engine to pass requests for client certs to
     */
    ENGINE *client_cert_engine;
#endif

#ifndef OPENSSL_NO_TLSEXT
    /* TLS extensions servername callback */
    int (*tlsext_servername_callback)(SSL*, int *, void *);
    void *tlsext_servername_arg;
    /* RFC 4507 session ticket keys */
    unsigned char tlsext_tick_key_name[16];
    unsigned char tlsext_tick_hmac_key[16];
    unsigned char tlsext_tick_aes_key[16];
    /* Callback to support customisation of ticket key setting */
    int (*tlsext_ticket_key_cb)(SSL *ssl,
                                unsigned char *name, unsigned char *iv,
                                EVP_CIPHER_CTX *ectx,
                                HMAC_CTX *hctx, int enc);

    /* certificate status request info */
    /* Callback for status request */
    int (*tlsext_status_cb)(SSL *ssl, void *arg);
    void *tlsext_status_arg;

    /* draft-rescorla-tls-opaque-prf-input-00.txt information */
    int (*tlsext_opaque_prf_input_callback)(SSL *, void *peerinput, size_t len, void *arg);
    void *tlsext_opaque_prf_input_callback_arg;
#endif

#ifndef OPENSSL_NO_PSK
    char *psk_identity_hint;
    unsigned int (*psk_client_callback)(SSL *ssl, const char *hint, char *identity,
                                        unsigned int max_identity_len, unsigned char *psk,
                                        unsigned int max_psk_len);
    unsigned int (*psk_server_callback)(SSL *ssl, const char *identity,
                                        unsigned char *psk, unsigned int max_psk_len);
#endif

#ifndef OPENSSL_NO_BUF_FREELISTS
#define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32
    unsigned int freelist_max_len;
    struct ssl3_buf_freelist_st *wbuf_freelist;
    struct ssl3_buf_freelist_st *rbuf_freelist;
#endif

#ifndef OPENSSL_NO_TLSEXT

# ifndef OPENSSL_NO_NEXTPROTONEG
    /* Next protocol negotiation information */
    /* (for experimental NPN extension). */

    /* For a server, this contains a callback function by which the set of
     * advertised protocols can be provided. */
    int (*next_protos_advertised_cb)(SSL *s, const unsigned char **buf,
                                     unsigned int *len, void *arg);
    void *next_protos_advertised_cb_arg;
    /* For a client, this contains a callback function that selects the
     * next protocol from the list provided by the server. */
    int (*next_proto_select_cb)(SSL *s, unsigned char **out,
                                unsigned char *outlen,
                                const unsigned char *in,
                                unsigned int inlen,
                                void *arg);
    void *next_proto_select_cb_arg;
# endif
    /* SRTP profiles we are willing to do from RFC 5764 */
    STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
#endif
};

 

X509_VERIFY_PARAM

頭文件:x509_vfy.h

定義

/* This structure hold all parameters associated with a verify operation
 * by including an X509_VERIFY_PARAM structure in related structures the
 * parameters used can be customized
 */

typedef struct X509_VERIFY_PARAM_st
{
    char *name;
    time_t check_time;    /* Time to use */
    unsigned long inh_flags; /* Inheritance flags */
    unsigned long flags;    /* Various verify flags */
    int purpose;        /* purpose to check untrusted certificates */
    int trust;        /* trust setting to check */
    int depth;        /* Verify depth */
    STACK_OF(ASN1_OBJECT) *policies;    /* Permissible policies */
} X509_VERIFY_PARAM;

 

_STACK

頭文件:stack.h

定義

typedef struct stack_st
{
    int num;
    char **data;
    int sorted;

    int num_alloc;
    int (*comp)(const void *, const void *);
} _STACK;  /* Use STACK_OF(...) instead */

 

X509_LOOKUP

頭文件:x509_vfy.h

定義

typedef struct x509_lookup_st X509_LOOKUP;

/* This is the functions plus an instance of the local variables. */
struct x509_lookup_st
{
    int init;            /* have we been started */
    int skip;            /* don't use us. */
    X509_LOOKUP_METHOD *method;    /* the functions */
    char *method_data;        /* method data */

    X509_STORE *store_ctx;    /* who owns us */
} /* X509_LOOKUP */;

 

X509_LOOKUP_METHOD

頭文件:x509_vfy.h

定義

/* This is a static that defines the function interface */
typedef struct x509_lookup_method_st
{
    const char *name;
    int (*new_item)(X509_LOOKUP *ctx);
    void (*free)(X509_LOOKUP *ctx);
    int (*init)(X509_LOOKUP *ctx);
    int (*shutdown)(X509_LOOKUP *ctx);
    int (*ctrl)(X509_LOOKUP *ctx,int cmd,const char *argc,long argl,char **ret);
    int (*get_by_subject)(X509_LOOKUP *ctx,int type,X509_NAME *name,X509_OBJECT *ret);
    int (*get_by_issuer_serial)(X509_LOOKUP *ctx,int type,X509_NAME *name,ASN1_INTEGER *serial,X509_OBJECT *ret);
    int (*get_by_fingerprint)(X509_LOOKUP *ctx,int type,unsigned char *bytes,int len,X509_OBJECT *ret);
    int (*get_by_alias)(X509_LOOKUP *ctx,int type,char *str,int len,X509_OBJECT *ret);
} X509_LOOKUP_METHOD;

 

X509

頭文件:x509.h

定義

typedef struct x509_st X509;
struct x509_st
{
    X509_CINF *cert_info;
    X509_ALGOR *sig_alg;
    ASN1_BIT_STRING *signature;
    int valid;
    int references;
    char *name;
    CRYPTO_EX_DATA ex_data;
    /* These contain copies of various extension values */
    long ex_pathlen;
    long ex_pcpathlen;
    unsigned long ex_flags;
    unsigned long ex_kusage;
    unsigned long ex_xkusage;
    unsigned long ex_nscert;
    ASN1_OCTET_STRING *skid;
    AUTHORITY_KEYID *akid;
    X509_POLICY_CACHE *policy_cache;
    STACK_OF(DIST_POINT) *crldp;
    STACK_OF(GENERAL_NAME) *altname;
    NAME_CONSTRAINTS *nc;
#ifndef OPENSSL_NO_RFC3779
    STACK_OF(IPAddressFamily) *rfc3779_addr;
    struct ASIdentifiers_st *rfc3779_asid;
#endif
#ifndef OPENSSL_NO_SHA
    unsigned char sha1_hash[SHA_DIGEST_LENGTH];
#endif
    X509_CERT_AUX *aux;
} /* X509 */;

 

X509_NAME

頭文件:x509.h

定義

typedef struct X509_name_st X509_NAME;
struct X509_name_st
{
    STACK_OF(X509_NAME_ENTRY) *entries;
    int modified;    /* true if 'bytes' needs to be built */
#ifndef OPENSSL_NO_BUFFER
    BUF_MEM *bytes;
#else
    char *bytes;
#endif
    /*    unsigned long hash; Keep the hash around for lookups */
    unsigned char *canon_enc;
    int canon_enclen;
} /* X509_NAME */;

 

X509_CINF

頭文件:x509.h

定義

typedef struct x509_cinf_st
{
    ASN1_INTEGER *version;        /* [ 0 ] default of v1 */
    ASN1_INTEGER *serialNumber;
    X509_ALGOR *signature;
    X509_NAME *issuer;
    X509_VAL *validity;
    X509_NAME *subject;
    X509_PUBKEY *key;
    ASN1_BIT_STRING *issuerUID;        /* [ 1 ] optional in v2 */
    ASN1_BIT_STRING *subjectUID;        /* [ 2 ] optional in v2 */
    STACK_OF(X509_EXTENSION) *extensions;    /* [ 3 ] optional in v3 */
    ASN1_ENCODING enc;
} X509_CINF;

  1. 上一頁:
  2. 下一頁:
Copyright © 程式師世界 All Rights Reserved