more corresponds

use cfg_if::cfg_if;

use foreign_types::{ForeignType, ForeignTypeRef};

use libc::{c_int, c_long};

use openssl_macros::corresponds;

use std::convert::TryFrom;

use std::ffi::CString;

use std::fmt;

impl<T> PKeyRef<T> {

    /// Returns a copy of the internal RSA key.

    ///

    /// This corresponds to [`EVP_PKEY_get1_RSA`].

    ///

    /// [`EVP_PKEY_get1_RSA`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_get1_RSA.html

    #[corresponds(EVP_PKEY_get1_RSA)]

    pub fn rsa(&self) -> Result<Rsa<T>, ErrorStack> {

        unsafe {

            let rsa = cvt_p(ffi::EVP_PKEY_get1_RSA(self.as_ptr()))?;

    }

    /// Returns a copy of the internal DSA key.

    ///

    /// This corresponds to [`EVP_PKEY_get1_DSA`].

    ///

    /// [`EVP_PKEY_get1_DSA`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_get1_DSA.html

    #[corresponds(EVP_PKEY_get1_DSA)]

    pub fn dsa(&self) -> Result<Dsa<T>, ErrorStack> {

        unsafe {

            let dsa = cvt_p(ffi::EVP_PKEY_get1_DSA(self.as_ptr()))?;

    }

    /// Returns a copy of the internal DH key.

    ///

    /// This corresponds to [`EVP_PKEY_get1_DH`].

    ///

    /// [`EVP_PKEY_get1_DH`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_get1_DH.html

    #[corresponds(EVP_PKEY_get1_DH)]

    pub fn dh(&self) -> Result<Dh<T>, ErrorStack> {

        unsafe {

            let dh = cvt_p(ffi::EVP_PKEY_get1_DH(self.as_ptr()))?;

    }

    /// Returns a copy of the internal elliptic curve key.

    ///

    /// This corresponds to [`EVP_PKEY_get1_EC_KEY`].

    ///

    /// [`EVP_PKEY_get1_EC_KEY`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_get1_EC_KEY.html

    #[corresponds(EVP_PKEY_get1_EC_KEY)]

    pub fn ec_key(&self) -> Result<EcKey<T>, ErrorStack> {

        unsafe {

            let ec_key = cvt_p(ffi::EVP_PKEY_get1_EC_KEY(self.as_ptr()))?;

    }

    /// Returns the `Id` that represents the type of this key.

    ///

    /// This corresponds to [`EVP_PKEY_id`].

    ///

    /// [`EVP_PKEY_id`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_id.html

    #[corresponds(EVP_PKEY_id)]

    pub fn id(&self) -> Id {

        unsafe { Id::from_raw(ffi::EVP_PKEY_id(self.as_ptr())) }

    }

    /// Returns the maximum size of a signature in bytes.

    ///

    /// This corresponds to [`EVP_PKEY_size`].

    ///

    /// [`EVP_PKEY_size`]: https://www.openssl.org/docs/man1.1.1/man3/EVP_PKEY_size.html

    #[corresponds(EVP_PKEY_size)]

    pub fn size(&self) -> usize {

        unsafe { ffi::EVP_PKEY_size(self.as_ptr()) as usize }

    }

        /// Serializes the public key into a PEM-encoded SubjectPublicKeyInfo structure.

        ///

        /// The output will have a header of `-----BEGIN PUBLIC KEY-----`.

        ///

        /// This corresponds to [`PEM_write_bio_PUBKEY`].

        ///

        /// [`PEM_write_bio_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_write_bio_PUBKEY.html

        #[corresponds(PEM_write_bio_PUBKEY)]

        public_key_to_pem,

        ffi::PEM_write_bio_PUBKEY

    }

    to_der! {

        /// Serializes the public key into a DER-encoded SubjectPublicKeyInfo structure.

        ///

        /// This corresponds to [`i2d_PUBKEY`].

        ///

        /// [`i2d_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/i2d_PUBKEY.html

        #[corresponds(i2d_PUBKEY)]

        public_key_to_der,

        ffi::i2d_PUBKEY

    }

    ///

    /// This corresponds to the bit length of the modulus of an RSA key, and the bit length of the

    /// group order for an elliptic curve key, for example.

    #[corresponds(EVP_PKEY_bits)]

    pub fn bits(&self) -> u32 {

        unsafe { ffi::EVP_PKEY_bits(self.as_ptr()) as u32 }

    }

    /// Compares the public component of this key with another.

    #[corresponds(EVP_PKEY_cmp)]

    pub fn public_eq<U>(&self, other: &PKeyRef<U>) -> bool

    where

        U: HasPublic,

    ///

    /// This function only works for algorithms that support raw public keys.

    /// Currently this is: X25519, ED25519, X448 or ED448

    ///

    /// This corresponds to [`EVP_PKEY_get_raw_public_key`].

    ///

    /// [`EVP_PKEY_get_raw_public_key`]: https://www.openssl.org/docs/man1.1.1/man3/EVP_PKEY_get_raw_public_key.html

    #[corresponds(EVP_PKEY_get_raw_public_key)]

    #[cfg(ossl111)]

    pub fn raw_public_key(&self) -> Result<Vec<u8>, ErrorStack> {

        unsafe {

        /// Serializes the private key to a PEM-encoded PKCS#8 PrivateKeyInfo structure.

        ///

        /// The output will have a header of `-----BEGIN PRIVATE KEY-----`.

        ///

        /// This corresponds to [`PEM_write_bio_PKCS8PrivateKey`].

        ///

        /// [`PEM_write_bio_PKCS8PrivateKey`]: https://www.openssl.org/docs/man1.0.2/crypto/PEM_write_bio_PKCS8PrivateKey.html

        #[corresponds(PEM_write_bio_PKCS8PrivateKey)]

        private_key_to_pem_pkcs8,

        /// Serializes the private key to a PEM-encoded PKCS#8 EncryptedPrivateKeyInfo structure.

        ///

        /// The output will have a header of `-----BEGIN ENCRYPTED PRIVATE KEY-----`.

        ///

        /// This corresponds to [`PEM_write_bio_PKCS8PrivateKey`].

        ///

        /// [`PEM_write_bio_PKCS8PrivateKey`]: https://www.openssl.org/docs/man1.0.2/crypto/PEM_write_bio_PKCS8PrivateKey.html

        #[corresponds(PEM_write_bio_PKCS8PrivateKey)]

        private_key_to_pem_pkcs8_passphrase,

        ffi::PEM_write_bio_PKCS8PrivateKey

    }

    to_der! {

        /// Serializes the private key to a DER-encoded key type specific format.

        ///

        /// This corresponds to [`i2d_PrivateKey`].

        ///

        /// [`i2d_PrivateKey`]: https://www.openssl.org/docs/man1.0.2/crypto/i2d_PrivateKey.html

        #[corresponds(i2d_PrivateKey)]

        private_key_to_der,

        ffi::i2d_PrivateKey

    }

    ///

    /// This function only works for algorithms that support raw private keys.

    /// Currently this is: HMAC, X25519, ED25519, X448 or ED448

    ///

    /// This corresponds to [`EVP_PKEY_get_raw_private_key`].

    ///

    /// [`EVP_PKEY_get_raw_private_key`]: https://www.openssl.org/docs/man1.1.1/man3/EVP_PKEY_get_raw_private_key.html

    #[corresponds(EVP_PKEY_get_raw_private_key)]

    #[cfg(ossl111)]

    pub fn raw_private_key(&self) -> Result<Vec<u8>, ErrorStack> {

        unsafe {

    /// # Panics

    ///

    /// Panics if `passphrase` contains an embedded null.

    #[corresponds(i2d_PKCS8PrivateKey_bio)]

    pub fn private_key_to_pkcs8_passphrase(

        &self,

        cipher: Cipher,

impl<T> PKey<T> {

    /// Creates a new `PKey` containing an RSA key.

    ///

    /// This corresponds to [`EVP_PKEY_assign_RSA`].

    ///

    /// [`EVP_PKEY_assign_RSA`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_assign_RSA.html

    #[corresponds(EVP_PKEY_assign_RSA)]

    pub fn from_rsa(rsa: Rsa<T>) -> Result<PKey<T>, ErrorStack> {

        unsafe {

            let evp = cvt_p(ffi::EVP_PKEY_new())?;

    }

    /// Creates a new `PKey` containing a DSA key.

    ///

    /// This corresponds to [`EVP_PKEY_assign_DSA`].

    ///

    /// [`EVP_PKEY_assign_DSA`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_assign_DSA.html

    #[corresponds(EVP_PKEY_assign_DSA)]

    pub fn from_dsa(dsa: Dsa<T>) -> Result<PKey<T>, ErrorStack> {

        unsafe {

            let evp = cvt_p(ffi::EVP_PKEY_new())?;

    }

    /// Creates a new `PKey` containing a Diffie-Hellman key.

    ///

    /// This corresponds to [`EVP_PKEY_assign_DH`].

    ///

    /// [`EVP_PKEY_assign_DH`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_assign_DH.html

    #[corresponds(EVP_PKEY_assign_DH)]

    pub fn from_dh(dh: Dh<T>) -> Result<PKey<T>, ErrorStack> {

        unsafe {

            let evp = cvt_p(ffi::EVP_PKEY_new())?;

    }

    /// Creates a new `PKey` containing an elliptic curve key.

    ///

    /// This corresponds to [`EVP_PKEY_assign_EC_KEY`].

    ///

    /// [`EVP_PKEY_assign_EC_KEY`]: https://www.openssl.org/docs/man1.1.0/crypto/EVP_PKEY_assign_EC_KEY.html

    #[corresponds(EVP_PKEY_assign_EC_KEY)]

    pub fn from_ec_key(ec_key: EcKey<T>) -> Result<PKey<T>, ErrorStack> {

        unsafe {

            let evp = cvt_p(ffi::EVP_PKEY_new())?;

    /// # Note

    ///

    /// To compute HMAC values, use the `sign` module.

    #[corresponds(EVP_PKEY_new_mac_key)]

    pub fn hmac(key: &[u8]) -> Result<PKey<Private>, ErrorStack> {

        unsafe {

            assert!(key.len() <= c_int::max_value() as usize);

    /// Generates a new EC key using the provided curve.

    ///

    /// This corresponds to [`EVP_EC_gen`].

    ///

    /// Requires OpenSSL 3.0.0 or newer.

    ///

    /// [`EVP_EC_gen`]: https://www.openssl.org/docs/manmaster/man3/EVP_EC_gen.html

    #[corresponds(EVP_EC_gen)]

    #[cfg(ossl300)]

    pub fn ec_gen(curve: &str) -> Result<PKey<Private>, ErrorStack> {

        let curve = CString::new(curve).unwrap();

    private_key_from_pem! {

        /// Deserializes a private key from a PEM-encoded key type specific format.

        ///

        /// This corresponds to [`PEM_read_bio_PrivateKey`].

        ///

        /// [`PEM_read_bio_PrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_read_bio_PrivateKey.html

        #[corresponds(PEM_read_bio_PrivateKey)]

        private_key_from_pem,

        /// Deserializes a private key from a PEM-encoded encrypted key type specific format.

        ///

        /// This corresponds to [`PEM_read_bio_PrivateKey`].

        ///

        /// [`PEM_read_bio_PrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_read_bio_PrivateKey.html

        #[corresponds(PEM_read_bio_PrivateKey)]

        private_key_from_pem_passphrase,

        /// Deserializes a private key from a PEM-encoded encrypted key type specific format.

        ///

        /// The callback should fill the password into the provided buffer and return its length.

        ///

        /// This corresponds to [`PEM_read_bio_PrivateKey`].

        ///

        /// [`PEM_read_bio_PrivateKey`]: https://www.openssl.org/docs/man1.1.0/crypto/PEM_read_bio_PrivateKey.html

        #[corresponds(PEM_read_bio_PrivateKey)]

        private_key_from_pem_callback,

        PKey<Private>,

        ffi::PEM_read_bio_PrivateKey

    from_der! {

        /// Decodes a DER-encoded private key.

        ///

        /// This function will automatically attempt to detect the underlying key format, and

        /// This function will attempt to automatically detect the underlying key format, and

        /// supports the unencrypted PKCS#8 PrivateKeyInfo structures as well as key type specific

        /// formats.

        ///

        /// This corresponds to [`d2i_AutoPrivateKey`].

        ///

        /// [`d2i_AutoPrivateKey`]: https://www.openssl.org/docs/man1.0.2/crypto/d2i_AutoPrivateKey.html

        #[corresponds(d2i_AutoPrivateKey)]

        private_key_from_der,

        PKey<Private>,

        ffi::d2i_AutoPrivateKey

    ///

    /// The callback should copy the password into the provided buffer and return the number of

    /// bytes written.

    #[corresponds(d2i_PKCS8PrivateKey_bio)]

    pub fn private_key_from_pkcs8_callback<F>(

        der: &[u8],

        callback: F,

    /// # Panics

    ///

    /// Panics if `passphrase` contains an embedded null.

    #[corresponds(d2i_PKCS8PrivateKey_bio)]

    pub fn private_key_from_pkcs8_passphrase(

        der: &[u8],

        passphrase: &[u8],

    /// Creates a private key from its raw byte representation

    ///

    /// Algorithm types that support raw private keys are HMAC, X25519, ED25519, X448 or ED448

    ///

    /// This corresponds to [`EVP_PKEY_new_raw_private_key`].

    ///

    /// [`EVP_PKEY_new_raw_private_key`]: https://www.openssl.org/docs/man1.1.1/man3/EVP_PKEY_new_raw_private_key.html

    #[corresponds(EVP_PKEY_new_raw_private_key)]

    #[cfg(ossl111)]

    pub fn private_key_from_raw_bytes(

        bytes: &[u8],

        /// Decodes a PEM-encoded SubjectPublicKeyInfo structure.

        ///

        /// The input should have a header of `-----BEGIN PUBLIC KEY-----`.

        ///

        /// This corresponds to [`PEM_read_bio_PUBKEY`].

        ///

        /// [`PEM_read_bio_PUBKEY`]: https://www.openssl.org/docs/man1.0.2/crypto/PEM_read_bio_PUBKEY.html

        #[corresponds(PEM_read_bio_PUBKEY)]

        public_key_from_pem,

        PKey<Public>,

        ffi::PEM_read_bio_PUBKEY

    from_der! {

        /// Decodes a DER-encoded SubjectPublicKeyInfo structure.

        ///

        /// This corresponds to [`d2i_PUBKEY`].

        ///

        /// [`d2i_PUBKEY`]: https://www.openssl.org/docs/man1.1.0/crypto/d2i_PUBKEY.html

        #[corresponds(d2i_PUBKEY)]

        public_key_from_der,

        PKey<Public>,

        ffi::d2i_PUBKEY

    /// Creates a public key from its raw byte representation

    ///

    /// Algorithm types that support raw public keys are X25519, ED25519, X448 or ED448

    ///

    /// This corresponds to [`EVP_PKEY_new_raw_public_key`].

    ///

    /// [`EVP_PKEY_new_raw_public_key`]: https://www.openssl.org/docs/man1.1.1/man3/EVP_PKEY_new_raw_public_key.html

    #[corresponds(EVP_PKEY_new_raw_public_key)]

    #[cfg(ossl111)]

    pub fn public_key_from_raw_bytes(

        bytes: &[u8],

use crate::cvt;

use crate::error::ErrorStack;

use openssl_macros::corresponds;

/// Fill buffer with cryptographically strong pseudo-random bytes.

///

/// This corresponds to [`RAND_bytes`].

///

/// # Examples

///

/// To generate a buffer with cryptographically strong bytes:

/// To generate a buffer with cryptographically strong random bytes:

///

/// ```

/// use openssl::rand::rand_bytes;

/// let mut buf = [0; 256];

/// rand_bytes(&mut buf).unwrap();

/// ```

///

/// [`RAND_bytes`]: https://www.openssl.org/docs/man1.1.0/crypto/RAND_bytes.html

#[corresponds(RAND_bytes)]

pub fn rand_bytes(buf: &mut [u8]) -> Result<(), ErrorStack> {

    unsafe {

        ffi::init();

/// Controls random device file descriptor behavior.

///

/// Requires OpenSSL 1.1.1 or newer.

///

/// This corresponds to [`RAND_keep_random_devices_open`].

///

/// [`RAND_keep_random_devices_open`]: https://www.openssl.org/docs/manmaster/man3/RAND_keep_random_devices_open.html

#[corresponds(RAND_keep_random_devices_open)]

#[cfg(ossl111)]

pub fn keep_random_devices_open(keep: bool) {

    unsafe {

//! ```

use cfg_if::cfg_if;

use libc::c_void;

use openssl_macros::corresponds;

use std::mem::MaybeUninit;

/// Computes the SHA1 hash of some data.

///

/// SHA1 is known to be insecure - it should not be used unless required for

/// compatibility with existing systems.

#[corresponds(SHA1)]

#[inline]

pub fn sha1(data: &[u8]) -> [u8; 20] {

    unsafe {

}

/// Computes the SHA224 hash of some data.

#[corresponds(SH224)]

#[inline]

pub fn sha224(data: &[u8]) -> [u8; 28] {

    unsafe {

}

/// Computes the SHA256 hash of some data.

#[corresponds(SHA256)]

#[inline]

pub fn sha256(data: &[u8]) -> [u8; 32] {

    unsafe {

}

/// Computes the SHA384 hash of some data.

#[corresponds(SHA384)]

#[inline]

pub fn sha384(data: &[u8]) -> [u8; 48] {

    unsafe {

}

/// Computes the SHA512 hash of some data.

#[corresponds(SHA512)]

#[inline]

pub fn sha512(data: &[u8]) -> [u8; 64] {

    unsafe {

        impl Sha1 {

            /// Creates a new hasher.

            #[corresponds(SHA1_Init)]

            #[inline]

            pub fn new() -> Sha1 {

                unsafe {

            /// Feeds some data into the hasher.

            ///

            /// This can be called multiple times.

            #[corresponds(SHA1_Update)]

            #[inline]

            pub fn update(&mut self, buf: &[u8]) {

                unsafe {

            }

            /// Returns the hash of the data.

            #[corresponds(SHA1_Final)]

            #[inline]

            pub fn finish(mut self) -> [u8; 20] {

                unsafe {

        impl Sha224 {

            /// Creates a new hasher.

            #[corresponds(SHA224_Init)]

            #[inline]

            pub fn new() -> Sha224 {

                unsafe {

            /// Feeds some data into the hasher.

            ///

            /// This can be called multiple times.

            #[corresponds(SHA224_Update)]

            #[inline]

            pub fn update(&mut self, buf: &[u8]) {

                unsafe {

            }

            /// Returns the hash of the data.

            #[corresponds(SHA224_Final)]

            #[inline]

            pub fn finish(mut self) -> [u8; 28] {

                unsafe {

        impl Sha256 {

            /// Creates a new hasher.

            #[corresponds(SHA256_Init)]

            #[inline]

            pub fn new() -> Sha256 {

                unsafe {

            /// Feeds some data into the hasher.

            ///

            /// This can be called multiple times.

            #[corresponds(SHA256_Update)]

            #[inline]

            pub fn update(&mut self, buf: &[u8]) {

                unsafe {

            }

            /// Returns the hash of the data.

            #[corresponds(SHA256_Final)]

            #[inline]

            pub fn finish(mut self) -> [u8; 32] {

                unsafe {

        impl Sha384 {

            /// Creates a new hasher.

            #[corresponds(SHA384_Init)]

            #[inline]

            pub fn new() -> Sha384 {

                unsafe {

            /// Feeds some data into the hasher.

            ///

            /// This can be called multiple times.

            #[corresponds(SHA384_Update)]

            #[inline]

            pub fn update(&mut self, buf: &[u8]) {

                unsafe {

            }

            /// Returns the hash of the data.

            #[corresponds(SHA384_Final)]

            #[inline]

            pub fn finish(mut self) -> [u8; 48] {

                unsafe {

        impl Sha512 {

            /// Creates a new hasher.

            #[corresponds(SHA512_Init)]

            #[inline]

            pub fn new() -> Sha512 {

                unsafe {

            /// Feeds some data into the hasher.

            ///

            /// This can be called multiple times.

            #[corresponds(SHA512_Update)]

            #[inline]

            pub fn update(&mut self, buf: &[u8]) {

                unsafe {

            }

            /// Returns the hash of the data.

            #[corresponds(SHA512_Final)]

            #[inline]

            pub fn finish(mut self) -> [u8; 64] {

                unsafe {

//

use cfg_if::cfg_if;

use openssl_macros::corresponds;

use std::ffi::CStr;

cfg_if! {

/// `0x000906000 == 0.9.6 dev`

/// `0x000906023 == 0.9.6b beta 3`

/// `0x00090605f == 0.9.6e release`

///

/// Versions prior to 0.9.3 have identifiers < 0x0930. Versions between 0.9.3 and 0.9.5 had a version identifier with this interpretation:

///

/// `MMNNFFRBB major minor fix final beta/patch`

///

/// for example

///

/// `0x000904100 == 0.9.4 release`

/// `0x000905000 == 0.9.5 dev`

///

/// Version 0.9.5a had an interim interpretation that is like the current one, except the patch level got the highest bit set, to keep continuity. The number was therefore 0x0090581f

///

/// The return value of this function can be compared to the macro to make sure that the correct version of the library has been loaded, especially when using DLLs on Windows systems.

#[corresponds(OpenSSL_version_num)]

pub fn number() -> i64 {

    unsafe { OpenSSL_version_num() as i64 }

}

/// The text variant of the version number and the release date. For example, "OpenSSL 0.9.5a 1 Apr 2000".

#[corresponds(OpenSSL_version)]

pub fn version() -> &'static str {

    unsafe {

        CStr::from_ptr(OpenSSL_version(OPENSSL_VERSION))

/// The compiler flags set for the compilation process in the form "compiler: ..." if available or

/// "compiler: information not available" otherwise.

#[corresponds(OpenSSL_version)]

pub fn c_flags() -> &'static str {

    unsafe {

        CStr::from_ptr(OpenSSL_version(OPENSSL_CFLAGS))

}

/// The date of the build process in the form "built on: ..." if available or "built on: date not available" otherwise.

#[corresponds(OpenSSL_version)]

pub fn built_on() -> &'static str {

    unsafe {

        CStr::from_ptr(OpenSSL_version(OPENSSL_BUILT_ON))

}

/// The "Configure" target of the library build in the form "platform: ..." if available or "platform: information not available" otherwise.

#[corresponds(OpenSSL_version)]

pub fn platform() -> &'static str {

    unsafe {

        CStr::from_ptr(OpenSSL_version(OPENSSL_PLATFORM))

}

/// The "OPENSSLDIR" setting of the library build in the form "OPENSSLDIR: "..."" if available or "OPENSSLDIR: N/A" otherwise.

#[corresponds(OpenSSL_version)]

pub fn dir() -> &'static str {

    unsafe {

        CStr::from_ptr(OpenSSL_version(OPENSSL_DIR))