This commit was manufactured by cvs2svn to create branch 'OpenSSL-engine-

/******************************************************************************

 *

 *  Copyright 2000

 *  Broadcom Corporation

 *  16215 Alton Parkway

 *  PO Box 57013

 *  Irvine CA 92619-7013

 *

 *****************************************************************************/

/* 

 * Broadcom Corporation uBSec SDK 

 */

/*

 * Character device header file.

 */

/*

 * Revision History:

 *

 * October 2000 JTT Created.

 */

#define MAX_PUBLIC_KEY_BITS (1024)

#define MAX_PUBLIC_KEY_BYTES (1024/8)

#define SHA_BIT_SIZE  (160)

#define MAX_CRYPTO_KEY_LENGTH 24

#define MAX_MAC_KEY_LENGTH 64

#define UBSEC_CRYPTO_DEVICE_NAME ((unsigned char *)"/dev/ubscrypt")

#define UBSEC_KEY_DEVICE_NAME ((unsigned char *)"/dev/ubskey")

/* Math command types. */

#define UBSEC_MATH_MODADD 0x0001

#define UBSEC_MATH_MODSUB 0x0002

#define UBSEC_MATH_MODMUL 0x0004

#define UBSEC_MATH_MODEXP 0x0008

#define UBSEC_MATH_MODREM 0x0010

#define UBSEC_MATH_MODINV 0x0020

typedef long ubsec_MathCommand_t;

typedef long ubsec_RNGCommand_t;

typedef struct ubsec_crypto_context_s {

	unsigned int	flags;

	unsigned char	crypto[MAX_CRYPTO_KEY_LENGTH];

	unsigned char 	auth[MAX_MAC_KEY_LENGTH];

} ubsec_crypto_context_t, *ubsec_crypto_context_p;

/* 

 * Predeclare the function pointer types that we dynamically load from the DSO.

 */

typedef int t_UBSEC_ubsec_bytes_to_bits(unsigned char *n, int bytes);

typedef int t_UBSEC_ubsec_bits_to_bytes(int bits);

typedef int t_UBSEC_ubsec_open(unsigned char *device);

typedef int t_UBSEC_ubsec_close(int fd);

typedef int t_UBSEC_diffie_hellman_generate_ioctl (int fd,

	unsigned char *x, int *x_len, unsigned char *y, int *y_len, 

	unsigned char *g, int g_len, unsigned char *m, int m_len,

	unsigned char *userX, int userX_len, int random_bits);

typedef int t_UBSEC_diffie_hellman_agree_ioctl (int fd,

	unsigned char *x, int x_len, unsigned char *y, int y_len, 

	unsigned char *m, int m_len, unsigned char *k, int *k_len);

typedef int t_UBSEC_rsa_mod_exp_ioctl (int fd,

	unsigned char *x, int x_len, unsigned char *m, int m_len,

	unsigned char *e, int e_len, unsigned char *y, int *y_len);

typedef int t_UBSEC_rsa_mod_exp_crt_ioctl (int fd,

	unsigned char *x, int x_len, unsigned char *qinv, int qinv_len,

	unsigned char *edq, int edq_len, unsigned char *q, int q_len,

	unsigned char *edp, int edp_len, unsigned char *p, int p_len,

	unsigned char *y, int *y_len);

typedef int t_UBSEC_dsa_sign_ioctl (int fd,

	int hash, unsigned char *data, int data_len, 

	unsigned char *rndom, int random_len, 

	unsigned char *p, int p_len, unsigned char *q, int q_len,

	unsigned char *g, int g_len, unsigned char *key, int key_len,

	unsigned char *r, int *r_len, unsigned char *s, int *s_len);

typedef int t_UBSEC_dsa_verify_ioctl (int fd,

	int hash, unsigned char *data, int data_len,

	unsigned char *p, int p_len, unsigned char *q, int q_len,

	unsigned char *g, int g_len, unsigned char *key, int key_len,

	unsigned char *r, int r_len, unsigned char *s, int s_len,

	unsigned char *v, int *v_len);

typedef int t_UBSEC_math_accelerate_ioctl(int fd, ubsec_MathCommand_t command,

	unsigned char *ModN, int *ModN_len, unsigned char *ExpE, int *ExpE_len, 

	unsigned char *ParamA, int *ParamA_len, unsigned char *ParamB, int *ParamB_len,

	unsigned char *Result, int *Result_len);

typedef int t_UBSEC_rng_ioctl(int fd, ubsec_RNGCommand_t command,

	unsigned char *Result, int *Result_len);

=pod

=head1 NAME

SSL_COMP_add_compression_method - handle SSL/TLS integrated compression methods

=head1 SYNOPSIS

 #include <openssl/ssl.h>

 int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);

=head1 DESCRIPTION

SSL_COMP_add_compression_method() adds the compression method B<cm> with

the identifier B<id> to the list of available compression methods. This

list is globally maintained for all SSL operations within this application.

It cannot be set for specific SSL_CTX or SSL objects.

=head1 NOTES

The TLS standard (or SSLv3) allows the integration of compression methods

into the communication. The TLS RFC does however not specify compression

methods or their corresponding identifiers, so there is currently no compatible

way to integrate compression with unknown peers. It is therefore currently not

recommended to integrate compression into applications. Applications for

non-public use may agree on certain compression methods. Using different

compression methods with the same identifier will lead to connection failure.

An OpenSSL client speaking a protocol that allows compression (SSLv3, TLSv1)

will unconditionally send the list of all compression methods enabled with

SSL_COMP_add_compression_method() to the server during the handshake.

Unlike the mechanisms to set a cipher list, there is no method available to

restrict the list of compression method on a per connection basis.

An OpenSSL server will match the identifiers listed by a client against

its own compression methods and will unconditionally activate compression

when a matching identifier is found. There is no way to restrict the list

of compression methods supported on a per connection basis.

The OpenSSL library has the compression methods B<COMP_rle()> and (when

especially enabled during compilation) B<COMP_zlib()> available.

=head1 WARNINGS

Once the identities of the compression methods for the TLS protocol have

been standardized, the compression API will most likely be changed. Using

it in the current state is not recommended.

=head1 RETURN VALUES

SSL_COMP_add_compression_method() may return the following values:

=over 4

=item 1

The operation succeeded.

=item 0

The operation failed. Check the error queue to find out the reason.

=back

=head1 SEE ALSO

L<ssl(3)|ssl(3)>

=cut

=pod

=head1 NAME

SSL_CTX_ctrl, SSL_CTX_callback_ctrl, SSL_ctrl, SSL_callback_ctrl - internal handling functions for SSL_CTX and SSL objects

=head1 SYNOPSIS

 #include <openssl/ssl.h>

 long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);

 long SSL_CTX_callback_ctrl(SSL_CTX *, int cmd, void (*fp)());

 long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);

 long SSL_callback_ctrl(SSL *, int cmd, void (*fp)());

=head1 DESCRIPTION

The SSL_*_ctrl() family of functions is used to manipulate settings of

the SSL_CTX and SSL objects. Depending on the command B<cmd> the arguments

B<larg>, B<parg>, or B<fp> are evaluated. These functions should never

be called directly. All functionalities needed are made available via

other functions or macros.

=head1 RETURN VALUES

The return values of the SSL*_ctrl() functions depend on the command

supplied via the B<cmd> parameter.

=head1 SEE ALSO

L<ssl(3)|ssl(3)>

=cut