1 /* 2 +----------------------------------------------------------------------+ 3 | PHP Version 7 | 4 +----------------------------------------------------------------------+ 5 | Copyright (c) 1997-2018 The PHP Group | 6 +----------------------------------------------------------------------+ 7 | This source file is subject to version 3.01 of the PHP license, | 8 | that is bundled with this package in the file LICENSE, and is | 9 | available through the world-wide-web at the following url: | 10 | http://www.php.net/license/3_01.txt | 11 | If you did not receive a copy of the PHP license and are unable to | 12 | obtain it through the world-wide-web, please send a note to | 13 | license@php.net so we can mail you a copy immediately. | 14 +----------------------------------------------------------------------+ 15 | Authors: Stig Venaas <venaas@php.net> | 16 | Wez Furlong <wez@thebrainroom.com | 17 +----------------------------------------------------------------------+ 18 */ 19 20 #ifndef PHP_OPENSSL_H 21 #define PHP_OPENSSL_H 22 /* HAVE_OPENSSL would include SSL MySQL stuff */ 23 #ifdef HAVE_OPENSSL_EXT 24 extern zend_module_entry openssl_module_entry; 25 #define phpext_openssl_ptr &openssl_module_entry 26 27 #include "php_version.h" 28 #define PHP_OPENSSL_VERSION PHP_VERSION 29 30 #include <openssl/opensslv.h> 31 #if defined(LIBRESSL_VERSION_NUMBER) 32 /* LibreSSL version check */ 33 #if LIBRESSL_VERSION_NUMBER < 0x20700000L 34 #define PHP_OPENSSL_API_VERSION 0x10001 35 #else 36 #define PHP_OPENSSL_API_VERSION 0x10100 37 #endif 38 #else 39 /* OpenSSL version check */ 40 #if OPENSSL_VERSION_NUMBER < 0x10002000L 41 #define PHP_OPENSSL_API_VERSION 0x10001 42 #elif OPENSSL_VERSION_NUMBER < 0x10100000L 43 #define PHP_OPENSSL_API_VERSION 0x10002 44 #else 45 #define PHP_OPENSSL_API_VERSION 0x10100 46 #endif 47 #endif 48 49 #define OPENSSL_RAW_DATA 1 50 #define OPENSSL_ZERO_PADDING 2 51 #define OPENSSL_DONT_ZERO_PAD_KEY 4 52 53 #define OPENSSL_ERROR_X509_PRIVATE_KEY_VALUES_MISMATCH 0x0B080074 54 55 /* Used for client-initiated handshake renegotiation DoS protection*/ 56 #define OPENSSL_DEFAULT_RENEG_LIMIT 2 57 #define OPENSSL_DEFAULT_RENEG_WINDOW 300 58 #define OPENSSL_DEFAULT_STREAM_VERIFY_DEPTH 9 59 #define OPENSSL_DEFAULT_STREAM_CIPHERS "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:" \ 60 "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:" \ 61 "DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:" \ 62 "ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:" \ 63 "ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:" \ 64 "DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:" \ 65 "AES256-GCM-SHA384:AES128:AES256:HIGH:!SSLv2:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!RC4:!ADH" 66 67 #include <openssl/err.h> 68 69 struct php_openssl_errors { 70 int buffer[ERR_NUM_ERRORS]; 71 int top; 72 int bottom; 73 }; 74 75 ZEND_BEGIN_MODULE_GLOBALS(openssl) 76 struct php_openssl_errors *errors; 77 ZEND_END_MODULE_GLOBALS(openssl) 78 79 #define OPENSSL_G(v) ZEND_MODULE_GLOBALS_ACCESSOR(openssl, v) 80 81 #if defined(ZTS) && defined(COMPILE_DL_OPENSSL) 82 ZEND_TSRMLS_CACHE_EXTERN(); 83 #endif 84 85 php_stream_transport_factory_func php_openssl_ssl_socket_factory; 86 87 void php_openssl_store_errors(); 88 89 PHP_MINIT_FUNCTION(openssl); 90 PHP_MSHUTDOWN_FUNCTION(openssl); 91 PHP_MINFO_FUNCTION(openssl); 92 PHP_GINIT_FUNCTION(openssl); 93 PHP_GSHUTDOWN_FUNCTION(openssl); 94 95 PHP_FUNCTION(openssl_pkey_get_private); 96 PHP_FUNCTION(openssl_pkey_get_public); 97 PHP_FUNCTION(openssl_pkey_free); 98 PHP_FUNCTION(openssl_pkey_new); 99 PHP_FUNCTION(openssl_pkey_export); 100 PHP_FUNCTION(openssl_pkey_export_to_file); 101 PHP_FUNCTION(openssl_pkey_get_details); 102 103 PHP_FUNCTION(openssl_sign); 104 PHP_FUNCTION(openssl_verify); 105 PHP_FUNCTION(openssl_seal); 106 PHP_FUNCTION(openssl_open); 107 PHP_FUNCTION(openssl_private_encrypt); 108 PHP_FUNCTION(openssl_private_decrypt); 109 PHP_FUNCTION(openssl_public_encrypt); 110 PHP_FUNCTION(openssl_public_decrypt); 111 112 PHP_FUNCTION(openssl_pbkdf2); 113 114 PHP_FUNCTION(openssl_pkcs7_verify); 115 PHP_FUNCTION(openssl_pkcs7_decrypt); 116 PHP_FUNCTION(openssl_pkcs7_sign); 117 PHP_FUNCTION(openssl_pkcs7_encrypt); 118 PHP_FUNCTION(openssl_pkcs7_read); 119 120 PHP_FUNCTION(openssl_error_string); 121 122 PHP_FUNCTION(openssl_x509_read); 123 PHP_FUNCTION(openssl_x509_free); 124 PHP_FUNCTION(openssl_x509_parse); 125 PHP_FUNCTION(openssl_x509_checkpurpose); 126 PHP_FUNCTION(openssl_x509_export); 127 PHP_FUNCTION(openssl_x509_fingerprint); 128 PHP_FUNCTION(openssl_x509_export_to_file); 129 PHP_FUNCTION(openssl_x509_check_private_key); 130 131 PHP_FUNCTION(openssl_pkcs12_export); 132 PHP_FUNCTION(openssl_pkcs12_export_to_file); 133 PHP_FUNCTION(openssl_pkcs12_read); 134 135 PHP_FUNCTION(openssl_csr_new); 136 PHP_FUNCTION(openssl_csr_export); 137 PHP_FUNCTION(openssl_csr_export_to_file); 138 PHP_FUNCTION(openssl_csr_sign); 139 PHP_FUNCTION(openssl_csr_get_subject); 140 PHP_FUNCTION(openssl_csr_get_public_key); 141 142 PHP_FUNCTION(openssl_spki_new); 143 PHP_FUNCTION(openssl_spki_verify); 144 PHP_FUNCTION(openssl_spki_export); 145 PHP_FUNCTION(openssl_spki_export_challenge); 146 147 PHP_FUNCTION(openssl_get_cert_locations); 148 149 #ifdef PHP_WIN32 150 #define PHP_OPENSSL_BIO_MODE_R(flags) (((flags) & PKCS7_BINARY) ? "rb" : "r") 151 #define PHP_OPENSSL_BIO_MODE_W(flags) (((flags) & PKCS7_BINARY) ? "wb" : "w") 152 #else 153 #define PHP_OPENSSL_BIO_MODE_R(flags) "r" 154 #define PHP_OPENSSL_BIO_MODE_W(flags) "w" 155 #endif 156 157 #else 158 159 #define phpext_openssl_ptr NULL 160 161 #endif 162 163 164 #endif 165 166 /* 167 * Local variables: 168 * tab-width: 4 169 * c-basic-offset: 4 170 * End: 171 */ 172
