1 files changed, 85 insertions, 0 deletions

diff --git a/web/server/h2o/libh2o/deps/picotls/include/picotls/openssl.h b/web/server/h2o/libh2o/deps/picotls/include/picotls/openssl.h
new file mode 100644
index 00000000..459474ad
--- /dev/null
+++ b/web/server/h2o/libh2o/deps/picotls/include/picotls/openssl.h
@@ -0,0 +1,85 @@
+/*
+ * Copyright (c) 2016 DeNA Co., Ltd., Kazuho Oku
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to
+ * deal in the Software without restriction, including without limitation the
+ * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+ * sell copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+ * IN THE SOFTWARE.
+ */
+#ifndef picotls_openssl_h
+#define picotls_openssl_h
+
+#include <openssl/opensslv.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#include <openssl/x509.h>
+#include "../picotls.h"
+
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+#define PTLS_OPENSSL_HAVE_CHACHA20_POLY1305
+#endif
+
+extern ptls_key_exchange_algorithm_t ptls_openssl_secp256r1;
+extern ptls_key_exchange_algorithm_t *ptls_openssl_key_exchanges[];
+extern ptls_cipher_algorithm_t ptls_openssl_aes128ctr;
+extern ptls_aead_algorithm_t ptls_openssl_aes128gcm;
+extern ptls_cipher_algorithm_t ptls_openssl_aes256ctr;
+extern ptls_aead_algorithm_t ptls_openssl_aes256gcm;
+extern ptls_hash_algorithm_t ptls_openssl_sha256;
+extern ptls_hash_algorithm_t ptls_openssl_sha384;
+extern ptls_cipher_suite_t ptls_openssl_aes128gcmsha256;
+extern ptls_cipher_suite_t ptls_openssl_aes256gcmsha384;
+extern ptls_cipher_suite_t *ptls_openssl_cipher_suites[];
+
+#if defined(PTLS_OPENSSL_HAVE_CHACHA20_POLY1305)
+extern ptls_cipher_algorithm_t ptls_openssl_chacha20;
+extern ptls_aead_algorithm_t ptls_openssl_chacha20poly1305;
+extern ptls_cipher_suite_t ptls_openssl_chacha20poly1305sha256;
+#endif
+
+void ptls_openssl_random_bytes(void *buf, size_t len);
+
+struct st_ptls_openssl_signature_scheme_t {
+    uint16_t scheme_id;
+    const EVP_MD *scheme_md;
+};
+
+typedef struct st_ptls_openssl_sign_certificate_t {
+    ptls_sign_certificate_t super;
+    EVP_PKEY *key;
+    struct st_ptls_openssl_signature_scheme_t schemes[4]; /* terminated by .scheme_id == UINT16_MAX */
+} ptls_openssl_sign_certificate_t;
+
+int ptls_openssl_init_sign_certificate(ptls_openssl_sign_certificate_t *self, EVP_PKEY *key);
+void ptls_openssl_dispose_sign_certificate(ptls_openssl_sign_certificate_t *self);
+int ptls_openssl_load_certificates(ptls_context_t *ctx, X509 *cert, STACK_OF(X509) * chain);
+
+typedef struct st_ptls_openssl_verify_certificate_t {
+    ptls_verify_certificate_t super;
+    X509_STORE *cert_store;
+} ptls_openssl_verify_certificate_t;
+
+#define PTLS_OPENSSL_DEFAULT_CERTIFICATE_STORE ((X509_STORE *)1)
+
+int ptls_openssl_init_verify_certificate(ptls_openssl_verify_certificate_t *self, X509_STORE *store);
+void ptls_openssl_dispose_verify_certificate(ptls_openssl_verify_certificate_t *self);
+
+int ptls_openssl_encrypt_ticket(ptls_buffer_t *dst, ptls_iovec_t src,
+                                int (*cb)(unsigned char *, unsigned char *, EVP_CIPHER_CTX *, HMAC_CTX *, int));
+int ptls_openssl_decrypt_ticket(ptls_buffer_t *dst, ptls_iovec_t src,
+                                int (*cb)(unsigned char *, unsigned char *, EVP_CIPHER_CTX *, HMAC_CTX *, int));
+
+#endif