diff options
author | Nikos Mavrogiannopoulos <nmav@crystal.(none)> | 2008-05-06 18:16:09 +0300 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@crystal.(none)> | 2008-05-06 18:16:09 +0300 |
commit | 4ef94e2de7d2af2900c86097581c470362633618 (patch) | |
tree | db483f212dc6aea6acac78858bc4cf0a174f36fc | |
parent | 14a7c3138cac99b725ff3120b6671f53ab73c6ff (diff) | |
download | gnutls-4ef94e2de7d2af2900c86097581c470362633618.tar.gz |
added versioning support in crypto registration API, to avoid using
structures from previous or later versions.
-rw-r--r-- | NEWS | 17 | ||||
-rw-r--r-- | includes/gnutls/crypto.h | 31 | ||||
-rw-r--r-- | lib/crypto.c | 108 |
3 files changed, 121 insertions, 35 deletions
@@ -3,10 +3,23 @@ Copyright (C) 2004, 2005, 2006, 2007, 2008 Simon Josefsson Copyright (C) 2000, 2001, 2002, 2003, 2004 Nikos Mavrogiannopoulos See the end for copying conditions. -* Version 2.3.8 (unreleased) +* Version 2.5.0 (unreleased) + +** Added wide wildcard hostname matching. Patch by Jean-Philippe Garcia +Ballester. + +** Added API to replace and update the crypto backend. ** API and ABI modifications: -No changes since last version. +gnutls_crypto_single_cipher_register2: Added +gnutls_crypto_single_mac_register2: Added +gnutls_crypto_single_digest_register2: Added +gnutls_crypto_cipher_register2: Added +gnutls_crypto_mac_register2: Added +gnutls_crypto_digest_register2: Added +gnutls_crypto_rnd_register2: Added +gnutls_crypto_pk_register2: Added +gnutls_crypto_bigint_register2: Added * Version 2.3.7 (released 2008-04-21) diff --git a/includes/gnutls/crypto.h b/includes/gnutls/crypto.h index 82e9d39132..d7429cb113 100644 --- a/includes/gnutls/crypto.h +++ b/includes/gnutls/crypto.h @@ -25,6 +25,7 @@ #ifndef GNUTLS_CRYPTO_H # define GNUTLS_CRYPTO_H +#define GNUTLS_CRYPTO_API_VERSION 0x01 typedef struct { int (*init)( void** ctx); int (*setkey)( void* ctx, const void * key, size_t keysize); @@ -189,16 +190,28 @@ typedef struct gnutls_crypto_pk { /* priority: infinity for backend algorithms, 90 for kernel algorithms - lowest wins */ -int gnutls_crypto_single_cipher_register( gnutls_cipher_algorithm_t algorithm, int priority, gnutls_crypto_single_cipher_st* s); -int gnutls_crypto_single_mac_register( gnutls_mac_algorithm_t algorithm, int priority, gnutls_crypto_single_mac_st* s); -int gnutls_crypto_single_digest_register( gnutls_digest_algorithm_t algorithm, int priority, gnutls_crypto_single_digest_st* s); +#define gnutls_crypto_single_cipher_register( algo, prio, st) gnutls_crypto_single_cipher_register2( algo, prio, GNUTLS_CRYPTO_API_VERSION, st) +#define gnutls_crypto_single_mac_register( algo, prio, st) gnutls_crypto_single_mac_register2( algo, prio, GNUTLS_CRYPTO_API_VERSION, st) +#define gnutls_crypto_single_digest_register( algo, prio, st) gnutls_crypto_single_digest_register2( algo, prio, GNUTLS_CRYPTO_API_VERSION, st) -int gnutls_crypto_cipher_register( int priority, gnutls_crypto_cipher_st* s); -int gnutls_crypto_mac_register( int priority, gnutls_crypto_mac_st* s); -int gnutls_crypto_digest_register( int priority, gnutls_crypto_digest_st* s); +int gnutls_crypto_single_cipher_register2( gnutls_cipher_algorithm_t algorithm, int priority, int version, gnutls_crypto_single_cipher_st* s); +int gnutls_crypto_single_mac_register2( gnutls_mac_algorithm_t algorithm, int priority, int version, gnutls_crypto_single_mac_st* s); +int gnutls_crypto_single_digest_register2( gnutls_digest_algorithm_t algorithm, int priority, int version, gnutls_crypto_single_digest_st* s); -int gnutls_crypto_rnd_register( int priority, gnutls_crypto_rnd_st* s); -int gnutls_crypto_pk_register( int priority, gnutls_crypto_pk_st* s); -int gnutls_crypto_bigint_register( int priority, gnutls_crypto_bigint_st* s); +#define gnutls_crypto_cipher_register( prio, st) gnutls_crypto_cipher_register2( prio, GNUTLS_CRYPTO_API_VERSION, st) +#define gnutls_crypto_mac_register( prio, st) gnutls_crypto_mac_register2( prio, GNUTLS_CRYPTO_API_VERSION, st) +#define gnutls_crypto_digest_register( prio, st) gnutls_crypto_digest_register2( prio, GNUTLS_CRYPTO_API_VERSION, st) + +int gnutls_crypto_cipher_register2( int priority, int version, gnutls_crypto_cipher_st* s); +int gnutls_crypto_mac_register2( int priority, int version, gnutls_crypto_mac_st* s); +int gnutls_crypto_digest_register2( int priority, int version, gnutls_crypto_digest_st* s); + +#define gnutls_crypto_rnd_register( prio, st) gnutls_crypto_rnd_register2( prio, GNUTLS_CRYPTO_API_VERSION, st) +#define gnutls_crypto_pk_register( prio, st) gnutls_crypto_pk_register2( prio, GNUTLS_CRYPTO_API_VERSION, st) +#define gnutls_crypto_bigint_register( prio, st) gnutls_crypto_bigint_register2( prio, GNUTLS_CRYPTO_API_VERSION, st) + +int gnutls_crypto_rnd_register2( int priority, int version, gnutls_crypto_rnd_st* s); +int gnutls_crypto_pk_register2( int priority, int version, gnutls_crypto_pk_st* s); +int gnutls_crypto_bigint_register2( int priority, int version, gnutls_crypto_bigint_st* s); #endif diff --git a/lib/crypto.c b/lib/crypto.c index 1a5ca213e0..4e5e7e85e2 100644 --- a/lib/crypto.c +++ b/lib/crypto.c @@ -129,9 +129,10 @@ void _gnutls_crypto_deregister(void) } /** - * gnutls_crypto_single_cipher_register - register a cipher algorithm + * gnutls_crypto_single_cipher_register2 - register a cipher algorithm * @algorithm: is the gnutls algorithm identifier * @priority: is the priority of the algorithm + * @version: should be set to %GNUTLS_CRYPTO_API_VERSION * @s: is a structure holding new cipher's data * * This function will register a cipher algorithm to be used @@ -145,8 +146,13 @@ void _gnutls_crypto_deregister(void) * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_single_cipher_register( gnutls_cipher_algorithm_t algorithm, int priority, gnutls_crypto_single_cipher_st* s) +int gnutls_crypto_single_cipher_register2( gnutls_cipher_algorithm_t algorithm, int priority, int version, gnutls_crypto_single_cipher_st* s) { + if (version != GNUTLS_CRYPTO_API_VERSION) + { + gnutls_assert(); + return GNUTLS_E_UNIMPLEMENTED_FEATURE; + } return _algo_register( &glob_cl, algorithm, priority, s); } @@ -156,8 +162,9 @@ gnutls_crypto_single_cipher_st *_gnutls_get_crypto_cipher( gnutls_cipher_algorit } /** - * gnutls_crypto_rnd_register - register a random generator + * gnutls_crypto_rnd_register2 - register a random generator * @priority: is the priority of the generator + * @version: should be set to %GNUTLS_CRYPTO_API_VERSION * @s: is a structure holding new generator's data * * This function will register a random generator to be used @@ -171,10 +178,16 @@ gnutls_crypto_single_cipher_st *_gnutls_get_crypto_cipher( gnutls_cipher_algorit * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_rnd_register( int priority, gnutls_crypto_rnd_st* s) +int gnutls_crypto_rnd_register2( int priority, int version, gnutls_crypto_rnd_st* s) { + if (version != GNUTLS_CRYPTO_API_VERSION) + { + gnutls_assert(); + return GNUTLS_E_UNIMPLEMENTED_FEATURE; + } + if (crypto_rnd_prio > priority) { - _gnutls_rnd_ops = *s; + memcpy( &_gnutls_rnd_ops, s, sizeof(*s)); crypto_rnd_prio = priority; return 0; } @@ -182,9 +195,10 @@ int gnutls_crypto_rnd_register( int priority, gnutls_crypto_rnd_st* s) } /** - * gnutls_crypto_single_mac_register - register a MAC algorithm + * gnutls_crypto_single_mac_register2 - register a MAC algorithm * @algorithm: is the gnutls algorithm identifier * @priority: is the priority of the algorithm + * @version: should be set to %GNUTLS_CRYPTO_API_VERSION * @s: is a structure holding new algorithms's data * * This function will register a MAC algorithm to be used @@ -198,8 +212,14 @@ int gnutls_crypto_rnd_register( int priority, gnutls_crypto_rnd_st* s) * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_single_mac_register( gnutls_mac_algorithm_t algorithm, int priority, gnutls_crypto_single_mac_st* s) +int gnutls_crypto_single_mac_register2( gnutls_mac_algorithm_t algorithm, int priority, int version, gnutls_crypto_single_mac_st* s) { + if (version != GNUTLS_CRYPTO_API_VERSION) + { + gnutls_assert(); + return GNUTLS_E_UNIMPLEMENTED_FEATURE; + } + return _algo_register( &glob_ml, algorithm, priority, s); } @@ -209,9 +229,10 @@ gnutls_crypto_single_mac_st *_gnutls_get_crypto_mac( gnutls_mac_algorithm_t algo } /** - * gnutls_crypto_single_digest_register - register a digest algorithm + * gnutls_crypto_single_digest_register2 - register a digest algorithm * @algorithm: is the gnutls algorithm identifier * @priority: is the priority of the algorithm + * @version: should be set to %GNUTLS_CRYPTO_API_VERSION * @s: is a structure holding new algorithms's data * * This function will register a digest (hash) algorithm to be used @@ -225,8 +246,13 @@ gnutls_crypto_single_mac_st *_gnutls_get_crypto_mac( gnutls_mac_algorithm_t algo * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_single_digest_register( gnutls_digest_algorithm_t algorithm, int priority, gnutls_crypto_single_digest_st* s) +int gnutls_crypto_single_digest_register2( gnutls_digest_algorithm_t algorithm, int priority, int version, gnutls_crypto_single_digest_st* s) { + if (version != GNUTLS_CRYPTO_API_VERSION) + { + gnutls_assert(); + return GNUTLS_E_UNIMPLEMENTED_FEATURE; + } return _algo_register( &glob_dl, algorithm, priority, s); } @@ -236,8 +262,9 @@ gnutls_crypto_single_digest_st *_gnutls_get_crypto_digest( gnutls_digest_algorit } /** - * gnutls_crypto_bigint_register - register a bigint interface + * gnutls_crypto_bigint_register2 - register a bigint interface * @priority: is the priority of the interface + * @version: should be set to %GNUTLS_CRYPTO_API_VERSION * @s: is a structure holding new interface's data * * This function will register an interface for gnutls to operate @@ -254,10 +281,16 @@ gnutls_crypto_single_digest_st *_gnutls_get_crypto_digest( gnutls_digest_algorit * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_bigint_register( int priority, gnutls_crypto_bigint_st* s) +int gnutls_crypto_bigint_register2( int priority, int version, gnutls_crypto_bigint_st* s) { + if (version != GNUTLS_CRYPTO_API_VERSION) + { + gnutls_assert(); + return GNUTLS_E_UNIMPLEMENTED_FEATURE; + } + if (crypto_bigint_prio > priority) { - _gnutls_mpi_ops = *s; + memcpy( &_gnutls_mpi_ops, s, sizeof(*s)); crypto_bigint_prio = priority; return 0; } @@ -265,8 +298,9 @@ int gnutls_crypto_bigint_register( int priority, gnutls_crypto_bigint_st* s) } /** - * gnutls_crypto_pk_register - register a public key interface + * gnutls_crypto_pk_register2 - register a public key interface * @priority: is the priority of the interface + * @version: should be set to %GNUTLS_CRYPTO_API_VERSION * @s: is a structure holding new interface's data * * This function will register an interface for gnutls to operate @@ -283,10 +317,15 @@ int gnutls_crypto_bigint_register( int priority, gnutls_crypto_bigint_st* s) * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_pk_register( int priority, gnutls_crypto_pk_st* s) +int gnutls_crypto_pk_register2( int priority, int version, gnutls_crypto_pk_st* s) { + if (version != GNUTLS_CRYPTO_API_VERSION) + { + gnutls_assert(); + return GNUTLS_E_UNIMPLEMENTED_FEATURE; + } if (crypto_pk_prio > priority) { - _gnutls_pk_ops = *s; + memcpy( &_gnutls_pk_ops, s, sizeof(*s)); crypto_pk_prio = priority; return 0; } @@ -294,8 +333,9 @@ int gnutls_crypto_pk_register( int priority, gnutls_crypto_pk_st* s) } /** - * gnutls_crypto_cipher_register - register a cipher interface + * gnutls_crypto_cipher_register2 - register a cipher interface * @priority: is the priority of the cipher interface + * @version: should be set to %GNUTLS_CRYPTO_API_VERSION * @s: is a structure holding new interface's data * * This function will register a cipher interface to be used @@ -309,10 +349,16 @@ int gnutls_crypto_pk_register( int priority, gnutls_crypto_pk_st* s) * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_cipher_register( int priority, gnutls_crypto_cipher_st* s) +int gnutls_crypto_cipher_register2( int priority, int version, gnutls_crypto_cipher_st* s) { + if (version != GNUTLS_CRYPTO_API_VERSION) + { + gnutls_assert(); + return GNUTLS_E_UNIMPLEMENTED_FEATURE; + } + if (crypto_cipher_prio > priority) { - _gnutls_cipher_ops = *s; + memcpy( &_gnutls_cipher_ops, s, sizeof(*s)); crypto_cipher_prio = priority; return 0; } @@ -320,8 +366,9 @@ int gnutls_crypto_cipher_register( int priority, gnutls_crypto_cipher_st* s) } /** - * gnutls_crypto_mac_register - register a mac interface + * gnutls_crypto_mac_register2 - register a mac interface * @priority: is the priority of the mac interface + * @version: should be set to %GNUTLS_CRYPTO_API_VERSION * @s: is a structure holding new interface's data * * This function will register a mac interface to be used @@ -335,10 +382,16 @@ int gnutls_crypto_cipher_register( int priority, gnutls_crypto_cipher_st* s) * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_mac_register( int priority, gnutls_crypto_mac_st* s) +int gnutls_crypto_mac_register2( int priority, int version, gnutls_crypto_mac_st* s) { + if (version != GNUTLS_CRYPTO_API_VERSION) + { + gnutls_assert(); + return GNUTLS_E_UNIMPLEMENTED_FEATURE; + } + if (crypto_mac_prio > priority) { - _gnutls_mac_ops = *s; + memcpy( &_gnutls_mac_ops, s, sizeof(*s)); crypto_mac_prio = priority; return 0; } @@ -346,8 +399,9 @@ int gnutls_crypto_mac_register( int priority, gnutls_crypto_mac_st* s) } /** - * gnutls_crypto_digest_register - register a digest interface + * gnutls_crypto_digest_register2 - register a digest interface * @priority: is the priority of the digest interface + * @version: should be set to %GNUTLS_CRYPTO_API_VERSION * @s: is a structure holding new interface's data * * This function will register a digest interface to be used @@ -361,10 +415,16 @@ int gnutls_crypto_mac_register( int priority, gnutls_crypto_mac_st* s) * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_digest_register( int priority, gnutls_crypto_digest_st* s) +int gnutls_crypto_digest_register2( int priority, int version, gnutls_crypto_digest_st* s) { + if (version != GNUTLS_CRYPTO_API_VERSION) + { + gnutls_assert(); + return GNUTLS_E_UNIMPLEMENTED_FEATURE; + } + if (crypto_digest_prio > priority) { - _gnutls_digest_ops = *s; + memcpy( &_gnutls_digest_ops, s, sizeof(*s)); crypto_digest_prio = priority; return 0; } |