29#if defined(ENABLE_CRYPTO_OPENSSL)
30#include <openssl/opensslv.h>
31#if OPENSSL_VERSION_NUMBER >= 0x30000010L && !defined(DISABLE_XKEY_PROVIDER)
32#define HAVE_XKEY_PROVIDER 1
33#include <openssl/provider.h>
34#include <openssl/core_dispatch.h>
35#include <openssl/ecdsa.h>
41OSSL_provider_init_fn xkey_provider_init;
43#define XKEY_PROV_PROPS "provider=ovpn.xkey"
82typedef int(XKEY_EXTERNAL_SIGN_fn)(
void *handle,
unsigned char *sig,
size_t *siglen,
83 const unsigned char *tbs,
size_t tbslen, XKEY_SIGALG sigalg);
89typedef void(XKEY_PRIVKEY_FREE_fn)(
void *handle);
100EVP_PKEY *xkey_load_management_key(
OSSL_LIB_CTX *libctx, EVP_PKEY *pubkey);
118bool encode_pkcs1(
unsigned char *enc,
size_t *enc_len,
const char *mdname,
const unsigned char *tbs,
135int xkey_digest(
const unsigned char *src,
size_t srclen,
unsigned char *buf,
size_t *buflen,
151EVP_PKEY *xkey_load_generic_key(
OSSL_LIB_CTX *libctx,
void *handle, EVP_PKEY *pubkey,
152 XKEY_EXTERNAL_SIGN_fn *sign_op, XKEY_PRIVKEY_FREE_fn *free_op);
164xkey_max_saltlen(
int modBits,
int hLen)
166 int emLen = (modBits - 1 + 7) / 8;
168 return emLen - hLen - 2;
181int ecdsa_bin2der(
unsigned char *buf,
int len,
size_t capacity);
OSSL_LIB_CTX * tls_libctx