1 /* 2 +----------------------------------------------------------------------+ 3 | PHP Version 7 | 4 +----------------------------------------------------------------------+ 5 | Copyright (c) The PHP Group | 6 +----------------------------------------------------------------------+ 7 | This source file is subject to version 3.01 of the PHP license, | 8 | that is bundled with this package in the file LICENSE, and is | 9 | available through the world-wide-web at the following url: | 10 | http://www.php.net/license/3_01.txt | 11 | If you did not receive a copy of the PHP license and are unable to | 12 | obtain it through the world-wide-web, please send a note to | 13 | license@php.net so we can mail you a copy immediately. | 14 +----------------------------------------------------------------------+ 15 | Authors: Stig Venaas <venaas@php.net> | 16 | Wez Furlong <wez@thebrainroom.com | 17 +----------------------------------------------------------------------+ 18 */ 19 20 #ifndef PHP_OPENSSL_H 21 #define PHP_OPENSSL_H 22 /* HAVE_OPENSSL would include SSL MySQL stuff */ 23 #ifdef HAVE_OPENSSL_EXT 24 extern zend_module_entry openssl_module_entry; 25 #define phpext_openssl_ptr &openssl_module_entry 26 27 #include "php_version.h" 28 #define PHP_OPENSSL_VERSION PHP_VERSION 29 30 #include <openssl/opensslv.h> 31 #if defined(LIBRESSL_VERSION_NUMBER) 32 /* LibreSSL version check */ 33 #if LIBRESSL_VERSION_NUMBER < 0x20700000L 34 #define PHP_OPENSSL_API_VERSION 0x10001 35 #else 36 #define PHP_OPENSSL_API_VERSION 0x10100 37 #endif 38 #else 39 /* OpenSSL version check */ 40 #if OPENSSL_VERSION_NUMBER < 0x10002000L 41 #define PHP_OPENSSL_API_VERSION 0x10001 42 #elif OPENSSL_VERSION_NUMBER < 0x10100000L 43 #define PHP_OPENSSL_API_VERSION 0x10002 44 #else 45 #define PHP_OPENSSL_API_VERSION 0x10100 46 #endif 47 #endif 48 49 #define OPENSSL_RAW_DATA 1 50 #define OPENSSL_ZERO_PADDING 2 51 #define OPENSSL_DONT_ZERO_PAD_KEY 4 52 53 #define OPENSSL_ERROR_X509_PRIVATE_KEY_VALUES_MISMATCH 0x0B080074 54 55 /* Used for client-initiated handshake renegotiation DoS protection*/ 56 #define OPENSSL_DEFAULT_RENEG_LIMIT 2 57 #define OPENSSL_DEFAULT_RENEG_WINDOW 300 58 #define OPENSSL_DEFAULT_STREAM_VERIFY_DEPTH 9 59 #define OPENSSL_DEFAULT_STREAM_CIPHERS "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:" \ 60 "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:" \ 61 "DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:" \ 62 "ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:" \ 63 "ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:" \ 64 "DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:" \ 65 "AES256-GCM-SHA384:AES128:AES256:HIGH:!SSLv2:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!RC4:!ADH" 66 67 #include <openssl/err.h> 68 69 #ifdef PHP_WIN32 70 # define PHP_OPENSSL_API __declspec(dllexport) 71 #elif defined(__GNUC__) && __GNUC__ >= 4 72 # define PHP_OPENSSL_API __attribute__((visibility("default"))) 73 #else 74 # define PHP_OPENSSL_API 75 #endif 76 77 struct php_openssl_errors { 78 int buffer[ERR_NUM_ERRORS]; 79 int top; 80 int bottom; 81 }; 82 83 ZEND_BEGIN_MODULE_GLOBALS(openssl) 84 struct php_openssl_errors *errors; 85 ZEND_END_MODULE_GLOBALS(openssl) 86 87 #define OPENSSL_G(v) ZEND_MODULE_GLOBALS_ACCESSOR(openssl, v) 88 89 #if defined(ZTS) && defined(COMPILE_DL_OPENSSL) 90 ZEND_TSRMLS_CACHE_EXTERN(); 91 #endif 92 93 php_stream_transport_factory_func php_openssl_ssl_socket_factory; 94 95 void php_openssl_store_errors(); 96 97 PHP_OPENSSL_API zend_long php_openssl_cipher_iv_length(char *method); 98 PHP_OPENSSL_API zend_string* php_openssl_random_pseudo_bytes(zend_long length); 99 PHP_OPENSSL_API zend_string* php_openssl_encrypt(char *data, size_t data_len, 100 char *method, size_t method_len, char *password, 101 size_t password_len, zend_long options, char *iv, size_t iv_len, 102 zval *tag, zend_long tag_len, char *aad, size_t add_len); 103 PHP_OPENSSL_API zend_string* php_openssl_decrypt(char *data, size_t data_len, 104 char *method, size_t method_len, char *password, 105 size_t password_len, zend_long options, char *iv, size_t iv_len, 106 char *tag, zend_long tag_len, char *aad, size_t add_len); 107 108 PHP_MINIT_FUNCTION(openssl); 109 PHP_MSHUTDOWN_FUNCTION(openssl); 110 PHP_MINFO_FUNCTION(openssl); 111 PHP_GINIT_FUNCTION(openssl); 112 PHP_GSHUTDOWN_FUNCTION(openssl); 113 114 PHP_FUNCTION(openssl_pkey_get_private); 115 PHP_FUNCTION(openssl_pkey_get_public); 116 PHP_FUNCTION(openssl_pkey_free); 117 PHP_FUNCTION(openssl_pkey_new); 118 PHP_FUNCTION(openssl_pkey_export); 119 PHP_FUNCTION(openssl_pkey_export_to_file); 120 PHP_FUNCTION(openssl_pkey_get_details); 121 122 PHP_FUNCTION(openssl_sign); 123 PHP_FUNCTION(openssl_verify); 124 PHP_FUNCTION(openssl_seal); 125 PHP_FUNCTION(openssl_open); 126 PHP_FUNCTION(openssl_private_encrypt); 127 PHP_FUNCTION(openssl_private_decrypt); 128 PHP_FUNCTION(openssl_public_encrypt); 129 PHP_FUNCTION(openssl_public_decrypt); 130 131 PHP_FUNCTION(openssl_pbkdf2); 132 133 PHP_FUNCTION(openssl_pkcs7_verify); 134 PHP_FUNCTION(openssl_pkcs7_decrypt); 135 PHP_FUNCTION(openssl_pkcs7_sign); 136 PHP_FUNCTION(openssl_pkcs7_encrypt); 137 PHP_FUNCTION(openssl_pkcs7_read); 138 139 PHP_FUNCTION(openssl_error_string); 140 141 PHP_FUNCTION(openssl_x509_read); 142 PHP_FUNCTION(openssl_x509_free); 143 PHP_FUNCTION(openssl_x509_parse); 144 PHP_FUNCTION(openssl_x509_checkpurpose); 145 PHP_FUNCTION(openssl_x509_export); 146 PHP_FUNCTION(openssl_x509_fingerprint); 147 PHP_FUNCTION(openssl_x509_export_to_file); 148 PHP_FUNCTION(openssl_x509_check_private_key); 149 PHP_FUNCTION(openssl_x509_verify); 150 151 PHP_FUNCTION(openssl_pkcs12_export); 152 PHP_FUNCTION(openssl_pkcs12_export_to_file); 153 PHP_FUNCTION(openssl_pkcs12_read); 154 155 PHP_FUNCTION(openssl_csr_new); 156 PHP_FUNCTION(openssl_csr_export); 157 PHP_FUNCTION(openssl_csr_export_to_file); 158 PHP_FUNCTION(openssl_csr_sign); 159 PHP_FUNCTION(openssl_csr_get_subject); 160 PHP_FUNCTION(openssl_csr_get_public_key); 161 162 PHP_FUNCTION(openssl_spki_new); 163 PHP_FUNCTION(openssl_spki_verify); 164 PHP_FUNCTION(openssl_spki_export); 165 PHP_FUNCTION(openssl_spki_export_challenge); 166 167 PHP_FUNCTION(openssl_get_cert_locations); 168 169 #ifdef PHP_WIN32 170 #define PHP_OPENSSL_BIO_MODE_R(flags) (((flags) & PKCS7_BINARY) ? "rb" : "r") 171 #define PHP_OPENSSL_BIO_MODE_W(flags) (((flags) & PKCS7_BINARY) ? "wb" : "w") 172 #else 173 #define PHP_OPENSSL_BIO_MODE_R(flags) "r" 174 #define PHP_OPENSSL_BIO_MODE_W(flags) "w" 175 #endif 176 177 #else 178 179 #define phpext_openssl_ptr NULL 180 181 #endif 182 183 184 #endif 185