diff --git a/crypto/Cargo.toml b/crypto/Cargo.toml index ea02c61c8..dbe98e97b 100644 --- a/crypto/Cargo.toml +++ b/crypto/Cargo.toml @@ -1,35 +1,29 @@ [package] -authors = ["ZeroTier, Inc. ", "Adam Ierymenko "] -edition = "2021" -license = "MPL-2.0" name = "zerotier-crypto" +authors = ["Steven Fackler "] +license = "Apache-2.0" +description = "OpenSSL bindings" +readme = "README.md" +keywords = ["crypto", "tls", "ssl", "dtls"] +categories = ["cryptography", "api-bindings"] +edition = "2021" version = "0.1.0" + [dependencies] -zerotier-utils = { path = "../utils" } ed25519-dalek = { version = "1.0.1", features = ["std", "u64_backend"], default-features = false } -foreign-types = "0.3.1" -lazy_static = "^1" poly1305 = { version = "0.8.0", features = [], default-features = false } -rand_core = "0.5.1" -rand_core_062 = { package = "rand_core", version = "0.6.2" } -subtle = "2.4.1" x25519-dalek = { version = "1.2.0", features = ["std", "u64_backend"], default-features = false } +cfg-if = "1.0" +foreign-types = "0.5.0" +libc = "0.2" +lazy_static = "^1" +rand_core = "0.6.4" +#ed25519-dalek still uses rand_core 0.5.1, and that version is incompatible with 0.6.4, so we need to import and implement both. +rand_core_051 = { package = "rand_core", version = "0.5.1" } -[target."cfg(windows)".dependencies] -openssl = { version = "^0", features = ["vendored"], default-features = false } -winapi = { version = "^0", features = ["handleapi", "ws2ipdef", "ws2tcpip"] } - -[target."cfg(not(windows))".dependencies] -openssl = { version = "^0", features = [], default-features = false } -libc = "^0" -signal-hook = "^0" +ffi = { package = "openssl-sys", version = "0.9.80", path = "../openssl-sys" } [dev-dependencies] -criterion = "0.3" -sha2 = "^0" -hex-literal = "^0" - -[[bench]] -harness = false -name = "benchmark_crypto" +hex = "0.4.3" +hex-literal = "0.3.4" diff --git a/crypto/LICENSE b/crypto/LICENSE new file mode 100644 index 000000000..f259067e9 --- /dev/null +++ b/crypto/LICENSE @@ -0,0 +1,15 @@ +Copyright 2011-2017 Google Inc. + 2013 Jack Lloyd + 2013-2014 Steven Fackler + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/crypto/README.md b/crypto/README.md index bcad4ae38..3006f04f7 100644 --- a/crypto/README.md +++ b/crypto/README.md @@ -3,3 +3,5 @@ ------ Most of this library is just glue to provide a simple safe API around things like OpenSSL or OS-specific crypto APIs. + +It is very important that this library is only linked to OpenSSL versions greater than 1.1.0. 1.1.0 introduced no-hassle threadsafety which we take advantage of. If we want a version prior to 1.1.0 we will have to add conditional threadsafety code. diff --git a/crypto/benches/benchmark_crypto.rs b/crypto/benches/benchmark_crypto.rs deleted file mode 100644 index 2157322aa..000000000 --- a/crypto/benches/benchmark_crypto.rs +++ /dev/null @@ -1,41 +0,0 @@ -use criterion::{criterion_group, criterion_main, Criterion}; -use std::time::Duration; - -use zerotier_crypto::mimcvdf; -use zerotier_crypto::p384::*; -use zerotier_crypto::x25519::*; - -pub fn criterion_benchmark(c: &mut Criterion) { - let mut group = c.benchmark_group("cryptography"); - - let mut input = 1; - let mut proof = 0; - group.bench_function("mimcvdf::delay(1000)", |b| { - b.iter(|| { - input += 1; - proof = mimcvdf::delay(input, 1000); - }) - }); - group.bench_function("mimcvdf::verify(1000)", |b| { - b.iter(|| { - assert!(mimcvdf::verify(proof, input, 1000)); - }) - }); - - let p384_a = P384KeyPair::generate(); - let p384_b = P384KeyPair::generate(); - - let x25519_a = X25519KeyPair::generate(); - let x25519_b = X25519KeyPair::generate(); - let x25519_b_pub = x25519_b.public_bytes(); - - group.measurement_time(Duration::new(10, 0)); - - group.bench_function("ecdhp384", |b| b.iter(|| p384_a.agree(p384_b.public_key()).expect("ecdhp384 failed"))); - group.bench_function("ecdhx25519", |b| b.iter(|| x25519_a.agree(&x25519_b_pub))); - - group.finish(); -} - -criterion_group!(benches, criterion_benchmark); -criterion_main!(benches); diff --git a/crypto/build.rs b/crypto/build.rs new file mode 100644 index 000000000..7651429f3 --- /dev/null +++ b/crypto/build.rs @@ -0,0 +1,110 @@ +#![allow( + clippy::inconsistent_digit_grouping, + clippy::uninlined_format_args, + clippy::unusual_byte_groupings +)] + +use std::env; + +fn main() { + if env::var("DEP_OPENSSL_LIBRESSL").is_ok() { + println!("cargo:rustc-cfg=libressl"); + } + + if env::var("CARGO_FEATURE_UNSTABLE_BORINGSSL").is_ok() { + println!("cargo:rustc-cfg=boringssl"); + return; + } + + if let Ok(v) = env::var("DEP_OPENSSL_LIBRESSL_VERSION") { + println!("cargo:rustc-cfg=libressl{}", v); + } + + if let Ok(vars) = env::var("DEP_OPENSSL_CONF") { + for var in vars.split(',') { + println!("cargo:rustc-cfg=osslconf=\"{}\"", var); + } + } + + if let Ok(version) = env::var("DEP_OPENSSL_VERSION_NUMBER") { + let version = u64::from_str_radix(&version, 16).unwrap(); + + if version >= 0x1_00_01_00_0 { + println!("cargo:rustc-cfg=ossl101"); + } + if version >= 0x1_00_02_00_0 { + println!("cargo:rustc-cfg=ossl102"); + } + if version >= 0x1_01_00_00_0 { + println!("cargo:rustc-cfg=ossl110"); + } + if version >= 0x1_01_00_07_0 { + println!("cargo:rustc-cfg=ossl110g"); + } + if version >= 0x1_01_00_08_0 { + println!("cargo:rustc-cfg=ossl110h"); + } + if version >= 0x1_01_01_00_0 { + println!("cargo:rustc-cfg=ossl111"); + } + if version >= 0x3_00_00_00_0 { + println!("cargo:rustc-cfg=ossl300"); + } + } + + if let Ok(version) = env::var("DEP_OPENSSL_LIBRESSL_VERSION_NUMBER") { + let version = u64::from_str_radix(&version, 16).unwrap(); + + if version >= 0x2_05_01_00_0 { + println!("cargo:rustc-cfg=libressl251"); + } + + if version >= 0x2_06_01_00_0 { + println!("cargo:rustc-cfg=libressl261"); + } + + if version >= 0x2_07_00_00_0 { + println!("cargo:rustc-cfg=libressl270"); + } + + if version >= 0x2_07_01_00_0 { + println!("cargo:rustc-cfg=libressl271"); + } + + if version >= 0x2_07_03_00_0 { + println!("cargo:rustc-cfg=libressl273"); + } + + if version >= 0x2_08_00_00_0 { + println!("cargo:rustc-cfg=libressl280"); + } + + if version >= 0x2_09_01_00_0 { + println!("cargo:rustc-cfg=libressl291"); + } + + if version >= 0x3_02_01_00_0 { + println!("cargo:rustc-cfg=libressl321"); + } + + if version >= 0x3_03_02_00_0 { + println!("cargo:rustc-cfg=libressl332"); + } + + if version >= 0x3_04_00_00_0 { + println!("cargo:rustc-cfg=libressl340"); + } + + if version >= 0x3_05_00_00_0 { + println!("cargo:rustc-cfg=libressl350"); + } + + if version >= 0x3_06_00_00_0 { + println!("cargo:rustc-cfg=libressl360"); + } + + if version >= 0x3_06_01_00_0 { + println!("cargo:rustc-cfg=libressl361"); + } + } +} diff --git a/crypto/rustfmt.toml b/crypto/rustfmt.toml deleted file mode 120000 index 39f97b043..000000000 --- a/crypto/rustfmt.toml +++ /dev/null @@ -1 +0,0 @@ -../rustfmt.toml \ No newline at end of file diff --git a/crypto/src/aes.rs b/crypto/src/aes.rs deleted file mode 100644 index 54be9e016..000000000 --- a/crypto/src/aes.rs +++ /dev/null @@ -1,3703 +0,0 @@ -// (c) 2020-2022 ZeroTier, Inc. -- currently proprietary pending actual release and licensing. See LICENSE.md. - -// MacOS implementation of AES primitives since CommonCrypto seems to be faster than OpenSSL, especially on ARM64. -#[cfg(target_os = "macos")] -mod fruit_flavored { - use std::os::raw::{c_int, c_void}; - use std::ptr::{null, null_mut}; - - use crate::secure_eq; - - #[allow(non_upper_case_globals, unused)] - const kCCModeECB: i32 = 1; - #[allow(non_upper_case_globals, unused)] - const kCCModeCTR: i32 = 4; - #[allow(non_upper_case_globals, unused)] - const kCCModeGCM: i32 = 11; - #[allow(non_upper_case_globals, unused)] - const kCCEncrypt: i32 = 0; - #[allow(non_upper_case_globals, unused)] - const kCCDecrypt: i32 = 1; - #[allow(non_upper_case_globals, unused)] - const kCCAlgorithmAES: i32 = 0; - #[allow(non_upper_case_globals, unused)] - const kCCOptionECBMode: i32 = 2; - - extern "C" { - fn CCCryptorCreateWithMode( - op: i32, - mode: i32, - alg: i32, - padding: i32, - iv: *const c_void, - key: *const c_void, - key_len: usize, - tweak: *const c_void, - tweak_len: usize, - num_rounds: c_int, - options: i32, - cryyptor_ref: *mut *mut c_void, - ) -> i32; - fn CCCryptorUpdate( - cryptor_ref: *mut c_void, - data_in: *const c_void, - data_in_len: usize, - data_out: *mut c_void, - data_out_len: usize, - data_out_written: *mut usize, - ) -> i32; - fn CCCryptorReset(cryptor_ref: *mut c_void, iv: *const c_void) -> i32; - fn CCCryptorRelease(cryptor_ref: *mut c_void) -> i32; - fn CCCryptorGCMSetIV(cryptor_ref: *mut c_void, iv: *const c_void, iv_len: usize) -> i32; - fn CCCryptorGCMAddAAD(cryptor_ref: *mut c_void, aad: *const c_void, len: usize) -> i32; - fn CCCryptorGCMEncrypt(cryptor_ref: *mut c_void, data_in: *const c_void, data_in_len: usize, data_out: *mut c_void) -> i32; - fn CCCryptorGCMDecrypt(cryptor_ref: *mut c_void, data_in: *const c_void, data_in_len: usize, data_out: *mut c_void) -> i32; - fn CCCryptorGCMFinal(cryptor_ref: *mut c_void, tag: *mut c_void, tag_len: *mut usize) -> i32; - fn CCCryptorGCMReset(cryptor_ref: *mut c_void) -> i32; - } - - pub struct Aes(*mut c_void, *mut c_void); - - impl Drop for Aes { - #[inline(always)] - fn drop(&mut self) { - unsafe { - CCCryptorRelease(self.0); - CCCryptorRelease(self.1); - } - } - } - - impl Aes { - pub fn new(k: &[u8]) -> Self { - unsafe { - if k.len() != 32 && k.len() != 24 && k.len() != 16 { - panic!("AES supports 128, 192, or 256 bits keys"); - } - let mut aes: Self = std::mem::zeroed(); - assert_eq!( - CCCryptorCreateWithMode( - kCCEncrypt, - kCCModeECB, - kCCAlgorithmAES, - 0, - null(), - k.as_ptr().cast(), - k.len(), - null(), - 0, - 0, - kCCOptionECBMode, - &mut aes.0 - ), - 0 - ); - assert_eq!( - CCCryptorCreateWithMode( - kCCDecrypt, - kCCModeECB, - kCCAlgorithmAES, - 0, - null(), - k.as_ptr().cast(), - k.len(), - null(), - 0, - 0, - kCCOptionECBMode, - &mut aes.1 - ), - 0 - ); - aes - } - } - - #[inline(always)] - pub fn encrypt_block(&self, plaintext: &[u8], ciphertext: &mut [u8]) { - assert_eq!(plaintext.len(), 16); - assert_eq!(ciphertext.len(), 16); - unsafe { - let mut data_out_written = 0; - CCCryptorUpdate( - self.0, - plaintext.as_ptr().cast(), - 16, - ciphertext.as_mut_ptr().cast(), - 16, - &mut data_out_written, - ); - } - } - - #[inline(always)] - pub fn encrypt_block_in_place(&self, data: &mut [u8]) { - assert_eq!(data.len(), 16); - unsafe { - let mut data_out_written = 0; - CCCryptorUpdate(self.0, data.as_ptr().cast(), 16, data.as_mut_ptr().cast(), 16, &mut data_out_written); - } - } - - #[inline(always)] - pub fn decrypt_block(&self, ciphertext: &[u8], plaintext: &mut [u8]) { - assert_eq!(plaintext.len(), 16); - assert_eq!(ciphertext.len(), 16); - unsafe { - let mut data_out_written = 0; - CCCryptorUpdate( - self.1, - ciphertext.as_ptr().cast(), - 16, - plaintext.as_mut_ptr().cast(), - 16, - &mut data_out_written, - ); - } - } - - #[inline(always)] - pub fn decrypt_block_in_place(&self, data: &mut [u8]) { - assert_eq!(data.len(), 16); - unsafe { - let mut data_out_written = 0; - CCCryptorUpdate(self.1, data.as_ptr().cast(), 16, data.as_mut_ptr().cast(), 16, &mut data_out_written); - } - } - } - - unsafe impl Send for Aes {} - unsafe impl Sync for Aes {} - - pub struct AesCtr(*mut c_void); - - impl Drop for AesCtr { - #[inline(always)] - fn drop(&mut self) { - unsafe { CCCryptorRelease(self.0) }; - } - } - - impl AesCtr { - /// Construct a new AES-CTR cipher. - /// Key must be 16, 24, or 32 bytes in length or a panic will occur. - pub fn new(k: &[u8]) -> Self { - if k.len() != 32 && k.len() != 24 && k.len() != 16 { - panic!("AES supports 128, 192, or 256 bits keys"); - } - unsafe { - let mut ptr: *mut c_void = null_mut(); - let result = CCCryptorCreateWithMode( - kCCEncrypt, - kCCModeCTR, - kCCAlgorithmAES, - 0, - [0_u64; 2].as_ptr().cast(), - k.as_ptr().cast(), - k.len(), - null(), - 0, - 0, - 0, - &mut ptr, - ); - if result != 0 { - panic!("CCCryptorCreateWithMode for CTR mode returned {}", result); - } - AesCtr(ptr) - } - } - - /// Initialize AES-CTR for encryption or decryption with the given IV. - /// If it's already been used, this also resets the cipher. There is no separate reset. - pub fn reset_set_iv(&mut self, iv: &[u8]) { - unsafe { - if iv.len() == 16 { - if CCCryptorReset(self.0, iv.as_ptr().cast()) != 0 { - panic!("CCCryptorReset for CTR mode failed (old MacOS bug)"); - } - } else if iv.len() < 16 { - let mut iv2 = [0_u8; 16]; - iv2[0..iv.len()].copy_from_slice(iv); - if CCCryptorReset(self.0, iv2.as_ptr().cast()) != 0 { - panic!("CCCryptorReset for CTR mode failed (old MacOS bug)"); - } - } else { - panic!("CTR IV must be less than or equal to 16 bytes in length"); - } - } - } - - /// Encrypt or decrypt (same operation with CTR mode) - #[inline(always)] - pub fn crypt(&mut self, input: &[u8], output: &mut [u8]) { - unsafe { - assert!(output.len() >= input.len()); - let mut data_out_written: usize = 0; - CCCryptorUpdate( - self.0, - input.as_ptr().cast(), - input.len(), - output.as_mut_ptr().cast(), - output.len(), - &mut data_out_written, - ); - } - } - - /// Encrypt or decrypt in place (same operation with CTR mode) - #[inline(always)] - pub fn crypt_in_place(&mut self, data: &mut [u8]) { - unsafe { - let mut data_out_written: usize = 0; - CCCryptorUpdate( - self.0, - data.as_ptr().cast(), - data.len(), - data.as_mut_ptr().cast(), - data.len(), - &mut data_out_written, - ); - } - } - } - - unsafe impl Send for AesCtr {} - - pub struct AesGcm(*mut c_void, bool); - - impl Drop for AesGcm { - #[inline(always)] - fn drop(&mut self) { - unsafe { CCCryptorRelease(self.0) }; - } - } - - impl AesGcm { - pub fn new(k: &[u8], encrypt: bool) -> Self { - if k.len() != 32 && k.len() != 24 && k.len() != 16 { - panic!("AES supports 128, 192, or 256 bits keys"); - } - unsafe { - let mut ptr: *mut c_void = null_mut(); - assert_eq!( - CCCryptorCreateWithMode( - if encrypt { - kCCEncrypt - } else { - kCCDecrypt - }, - kCCModeGCM, - kCCAlgorithmAES, - 0, - null(), - k.as_ptr().cast(), - k.len(), - null(), - 0, - 0, - 0, - &mut ptr, - ), - 0 - ); - AesGcm(ptr, encrypt) - } - } - - #[inline(always)] - pub fn reset_init_gcm(&mut self, iv: &[u8]) { - assert_eq!(iv.len(), 12); - unsafe { - assert_eq!(CCCryptorGCMReset(self.0), 0); - assert_eq!(CCCryptorGCMSetIV(self.0, iv.as_ptr().cast(), 12), 0); - } - } - - #[inline(always)] - pub fn aad(&mut self, aad: &[u8]) { - unsafe { - assert_eq!(CCCryptorGCMAddAAD(self.0, aad.as_ptr().cast(), aad.len()), 0); - } - } - - #[inline(always)] - pub fn crypt(&mut self, input: &[u8], output: &mut [u8]) { - unsafe { - assert_eq!(input.len(), output.len()); - if self.1 { - assert_eq!( - CCCryptorGCMEncrypt(self.0, input.as_ptr().cast(), input.len(), output.as_mut_ptr().cast()), - 0 - ); - } else { - assert_eq!( - CCCryptorGCMDecrypt(self.0, input.as_ptr().cast(), input.len(), output.as_mut_ptr().cast()), - 0 - ); - } - } - } - - #[inline(always)] - pub fn crypt_in_place(&mut self, data: &mut [u8]) { - unsafe { - if self.1 { - assert_eq!(CCCryptorGCMEncrypt(self.0, data.as_ptr().cast(), data.len(), data.as_mut_ptr().cast()), 0); - } else { - assert_eq!(CCCryptorGCMDecrypt(self.0, data.as_ptr().cast(), data.len(), data.as_mut_ptr().cast()), 0); - } - } - } - - #[inline(always)] - pub fn finish_encrypt(&mut self) -> [u8; 16] { - let mut tag = 0_u128.to_ne_bytes(); - unsafe { - let mut tag_len = 16; - if CCCryptorGCMFinal(self.0, tag.as_mut_ptr().cast(), &mut tag_len) != 0 { - debug_assert!(false); - tag.fill(0); - } - } - tag - } - - #[inline(always)] - pub fn finish_decrypt(&mut self, expected_tag: &[u8]) -> bool { - secure_eq(&self.finish_encrypt(), expected_tag) - } - } - - unsafe impl Send for AesGcm {} -} - -#[cfg(not(target_os = "macos"))] -mod openssl_aes { - use crate::secret::Secret; - use foreign_types::ForeignTypeRef; - use openssl::cipher::CipherRef; - use openssl::cipher_ctx::{CipherCtx, CipherCtxRef}; - use openssl::symm::{Cipher, Crypter, Mode}; - use std::cell::UnsafeCell; - use std::mem::MaybeUninit; - - fn aes_ctr_by_key_size(ks: usize) -> Cipher { - match ks { - 16 => Cipher::aes_128_ctr(), - 24 => Cipher::aes_192_ctr(), - 32 => Cipher::aes_256_ctr(), - _ => { - panic!("AES supports 128, 192, or 256 bits keys"); - } - } - } - - fn aes_gcm_by_key_size(ks: usize) -> Cipher { - match ks { - 16 => Cipher::aes_128_gcm(), - 24 => Cipher::aes_192_gcm(), - 32 => Cipher::aes_256_gcm(), - _ => { - panic!("AES supports 128, 192, or 256 bits keys"); - } - } - } - - fn aes_ecb_by_key_size(ks: usize) -> Cipher { - match ks { - 16 => Cipher::aes_128_ecb(), - 24 => Cipher::aes_192_ecb(), - 32 => Cipher::aes_256_ecb(), - _ => { - panic!("AES supports 128, 192, or 256 bits keys"); - } - } - } - - pub struct Aes(UnsafeCell, UnsafeCell); - - impl Aes { - pub fn new(k: &[u8]) -> Self { - let (mut c, mut d) = ( - Crypter::new(aes_ecb_by_key_size(k.len()), Mode::Encrypt, k, None).unwrap(), - Crypter::new(aes_ecb_by_key_size(k.len()), Mode::Decrypt, k, None).unwrap(), - ); - c.pad(false); - d.pad(false); - Self(UnsafeCell::new(c), UnsafeCell::new(d)) - } - - #[inline(always)] - pub fn encrypt_block(&self, plaintext: &[u8], ciphertext: &mut [u8]) { - #[allow(invalid_value)] - let mut tmp: [u8; 32] = unsafe { MaybeUninit::uninit().assume_init() }; - let c: &mut Crypter = unsafe { &mut *self.0.get() }; - if c.update(plaintext, &mut tmp).unwrap() != 16 { - assert_eq!(c.finalize(&mut tmp).unwrap(), 16); - } - ciphertext[..16].copy_from_slice(&tmp[..16]); - } - - #[inline(always)] - pub fn encrypt_block_in_place(&self, data: &mut [u8]) { - #[allow(invalid_value)] - let mut tmp: [u8; 32] = unsafe { MaybeUninit::uninit().assume_init() }; - let c: &mut Crypter = unsafe { &mut *self.0.get() }; - if c.update(data, &mut tmp).unwrap() != 16 { - assert_eq!(c.finalize(&mut tmp).unwrap(), 16); - } - data[..16].copy_from_slice(&tmp[..16]); - } - - #[inline(always)] - pub fn decrypt_block(&self, ciphertext: &[u8], plaintext: &mut [u8]) { - #[allow(invalid_value)] - let mut tmp: [u8; 32] = unsafe { MaybeUninit::uninit().assume_init() }; - let c: &mut Crypter = unsafe { &mut *self.1.get() }; - if c.update(ciphertext, &mut tmp).unwrap() != 16 { - assert_eq!(c.finalize(&mut tmp).unwrap(), 16); - } - plaintext[..16].copy_from_slice(&tmp[..16]); - } - - #[inline(always)] - pub fn decrypt_block_in_place(&self, data: &mut [u8]) { - #[allow(invalid_value)] - let mut tmp: [u8; 32] = unsafe { MaybeUninit::uninit().assume_init() }; - let c: &mut Crypter = unsafe { &mut *self.1.get() }; - if c.update(data, &mut tmp).unwrap() != 16 { - assert_eq!(c.finalize(&mut tmp).unwrap(), 16); - } - data[..16].copy_from_slice(&tmp[..16]); - } - } - - unsafe impl Send for Aes {} - unsafe impl Sync for Aes {} - - pub struct AesCtr(Secret<32>, usize, Option); - - impl AesCtr { - /// Construct a new AES-CTR cipher. - /// Key must be 16, 24, or 32 bytes in length or a panic will occur. - #[inline(always)] - pub fn new(k: &[u8]) -> Self { - let mut s: Secret<32> = Secret::default(); - match k.len() { - 16 | 24 | 32 => { - s.0[..k.len()].copy_from_slice(k); - Self(s, k.len(), None) - } - _ => { - panic!("AES supports 128, 192, or 256 bits keys"); - } - } - } - - /// Initialize AES-CTR for encryption or decryption with the given IV. - /// If it's already been used, this also resets the cipher. There is no separate reset. - #[inline(always)] - pub fn reset_set_iv(&mut self, iv: &[u8]) { - let mut c = Crypter::new(aes_ctr_by_key_size(self.1), Mode::Encrypt, &self.0 .0[..self.1], Some(iv)).unwrap(); - c.pad(false); - let _ = self.2.replace(c); - } - - /// Encrypt or decrypt (same operation with CTR mode) - #[inline(always)] - pub fn crypt(&mut self, input: &[u8], output: &mut [u8]) { - let _ = self.2.as_mut().unwrap().update(input, output); - } - - /// Encrypt or decrypt in place (same operation with CTR mode) - #[inline(always)] - pub fn crypt_in_place(&mut self, data: &mut [u8]) { - let _ = self - .2 - .as_mut() - .unwrap() - .update(unsafe { &*std::slice::from_raw_parts(data.as_ptr(), data.len()) }, data); - } - } - - unsafe impl Send for AesCtr {} - - pub struct AesGcm(Secret<32>, usize, CipherCtx, bool); - - impl AesGcm { - /// Construct a new AES-GCM cipher. - /// Key must be 16, 24, or 32 bytes in length or a panic will occur. - pub fn new(k: &[u8], encrypt: bool) -> Self { - let mut s: Secret<32> = Secret::default(); - match k.len() { - 16 | 24 | 32 => { - s.0[..k.len()].copy_from_slice(k); - Self(s, k.len(), CipherCtx::new().unwrap(), encrypt) - } - _ => { - panic!("AES supports 128, 192, or 256 bits keys"); - } - } - } - - /// Initialize AES-CTR for encryption or decryption with the given IV. - /// If it's already been used, this also resets the cipher. There is no separate reset. - #[inline] - pub fn reset_init_gcm(&mut self, iv: &[u8]) { - assert_eq!(iv.len(), 12); - let t = aes_gcm_by_key_size(self.1); - let key = &self.0 .0[..self.1]; - { - let f = match self.3 { - true => CipherCtxRef::encrypt_init, - false => CipherCtxRef::decrypt_init, - }; - - f(&mut self.2, Some(unsafe { CipherRef::from_ptr(t.as_ptr() as *mut _) }), None, None).unwrap(); - - self.2.set_key_length(key.len()).unwrap(); - - if let Some(iv_len) = t.iv_len() { - if iv.len() != iv_len { - self.2.set_iv_length(iv.len()).unwrap(); - } - } - - f(&mut self.2, None, Some(key), Some(iv)).unwrap(); - } - - self.2.set_padding(false); - } - - #[inline(always)] - pub fn aad(&mut self, aad: &[u8]) { - self.2.cipher_update(aad, None).unwrap(); - } - - /// Encrypt or decrypt (same operation with CTR mode) - #[inline(always)] - pub fn crypt(&mut self, input: &[u8], output: &mut [u8]) { - self.2.cipher_update(input, Some(output)).unwrap(); - } - - /// Encrypt or decrypt in place (same operation with CTR mode) - #[inline(always)] - pub fn crypt_in_place(&mut self, data: &mut [u8]) { - self.2 - .cipher_update(unsafe { &*std::slice::from_raw_parts(data.as_ptr(), data.len()) }, Some(data)) - .unwrap(); - } - - #[inline(always)] - pub fn finish_encrypt(&mut self) -> [u8; 16] { - let mut tag = [0_u8; 16]; - self.2.cipher_final(&mut tag).unwrap(); - self.2.tag(&mut tag).unwrap(); - tag - } - - #[inline(always)] - pub fn finish_decrypt(&mut self, expected_tag: &[u8]) -> bool { - if self.2.set_tag(expected_tag).is_ok() { - let result = self.2.cipher_final(&mut []).is_ok(); - result - } else { - false - } - } - } - - unsafe impl Send for AesGcm {} -} - -#[cfg(target_os = "macos")] -pub use fruit_flavored::{Aes, AesCtr, AesGcm}; - -#[cfg(not(target_os = "macos"))] -pub use openssl_aes::{Aes, AesCtr, AesGcm}; - -#[cfg(test)] -mod tests { - use super::AesGcm; - use hex_literal::hex; - use std::time::SystemTime; - - #[test] - fn quick_benchmark() { - let mut buf = [0_u8; 12345]; - for i in 1..12345 { - buf[i] = i as u8; - } - let iv = [1_u8; 12]; - - let mut c = AesGcm::new(&[1_u8; 32], true); - - let benchmark_iterations: usize = 80000; - let start = SystemTime::now(); - for _ in 0..benchmark_iterations { - c.reset_init_gcm(&iv); - c.crypt_in_place(&mut buf); - } - let duration = SystemTime::now().duration_since(start).unwrap(); - println!( - "AES-256-GCM encrypt benchmark: {} MiB/sec", - (((benchmark_iterations * buf.len()) as f64) / 1048576.0) / duration.as_secs_f64() - ); - - let mut c = AesGcm::new(&[1_u8; 32], false); - - let start = SystemTime::now(); - for _ in 0..benchmark_iterations { - c.reset_init_gcm(&iv); - c.crypt_in_place(&mut buf); - } - let duration = SystemTime::now().duration_since(start).unwrap(); - println!( - "AES-256-GCM decrypt benchmark: {} MiB/sec", - (((benchmark_iterations * buf.len()) as f64) / 1048576.0) / duration.as_secs_f64() - ); - } - - #[test] - fn aes_gcm_test_vectors() { - // Even though we are just wrapping other implementations, it's still good to test thoroughly! - for tv in NIST_AES_GCM_TEST_VECTORS.iter() { - let mut gcm = AesGcm::new(tv.key, true); - gcm.reset_init_gcm(tv.nonce); - gcm.aad(tv.aad); - let mut ciphertext = Vec::new(); - ciphertext.resize(tv.plaintext.len(), 0); - gcm.crypt(tv.plaintext, ciphertext.as_mut()); - let mut tag = gcm.finish_encrypt(); - assert!(tag.eq(tv.tag)); - assert!(ciphertext.as_slice().eq(tv.ciphertext)); - - let mut gcm = AesGcm::new(tv.key, false); - gcm.reset_init_gcm(tv.nonce); - gcm.aad(tv.aad); - let mut ct_copy = ciphertext.clone(); - gcm.crypt_in_place(ct_copy.as_mut()); - assert!(gcm.finish_decrypt(&tag)); - - gcm.reset_init_gcm(tv.nonce); - gcm.aad(tv.aad); - gcm.crypt_in_place(ciphertext.as_mut()); - tag[0] ^= 1; - assert!(!gcm.finish_decrypt(&tag)); - } - } - - struct GcmTV { - pub key: &'static K, - pub nonce: &'static [u8; 12], - pub aad: &'static [u8], - pub plaintext: &'static [u8], - pub ciphertext: &'static [u8], - pub tag: &'static [u8; 16], - } - - /// - const NIST_AES_GCM_TEST_VECTORS: &[GcmTV<[u8; 32]>] = &[ - GcmTV { - key: &hex!("b52c505a37d78eda5dd34f20c22540ea1b58963cf8e5bf8ffa85f9f2492505b4"), - nonce: &hex!("516c33929df5a3284ff463d7"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("bdc1ac884d332457a1d2664f168c76f0"), - }, - GcmTV { - key: &hex!("5fe0861cdc2690ce69b3658c7f26f8458eec1c9243c5ba0845305d897e96ca0f"), - nonce: &hex!("770ac1a5a3d476d5d96944a1"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("196d691e1047093ca4b3d2ef4baba216"), - }, - GcmTV { - key: &hex!("7620b79b17b21b06d97019aa70e1ca105e1c03d2a0cf8b20b5a0ce5c3903e548"), - nonce: &hex!("60f56eb7a4b38d4f03395511"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("f570c38202d94564bab39f75617bc87a"), - }, - GcmTV { - key: &hex!("7e2db00321189476d144c5f27e787087302a48b5f7786cd91e93641628c2328b"), - nonce: &hex!("ea9d525bf01de7b2234b606a"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("db9df5f14f6c9f2ae81fd421412ddbbb"), - }, - GcmTV { - key: &hex!("a23dfb84b5976b46b1830d93bcf61941cae5e409e4f5551dc684bdcef9876480"), - nonce: &hex!("5aa345908048de10a2bd3d32"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("f28217649230bd7a40a9a4ddabc67c43"), - }, - GcmTV { - key: &hex!("dfe928f86430b78add7bb7696023e6153d76977e56103b180253490affb9431c"), - nonce: &hex!("1dd0785af9f58979a10bd62d"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("a55eb09e9edef58d9f671d72207f8b3c"), - }, - GcmTV { - key: &hex!("34048db81591ee68224956bd6989e1630fcf068d7ff726ae81e5b29f548cfcfb"), - nonce: &hex!("1621d34cff2a5b250c7b76fc"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("4992ec3d57cccfa58fd8916c59b70b11"), - }, - GcmTV { - key: &hex!("a1114f8749c72b8cef62e7503f1ad921d33eeede32b0b5b8e0d6807aa233d0ad"), - nonce: &hex!("a190ed3ff2e238be56f90bd6"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("c8464d95d540fb191156fbbc1608842a"), - }, - GcmTV { - key: &hex!("ddbb99dc3102d31102c0e14b238518605766c5b23d9bea52c7c5a771042c85a0"), - nonce: &hex!("95d15ed75c6a109aac1b1d86"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("813d1da3775cacd78e96d86f036cff96"), - }, - GcmTV { - key: &hex!("1faa506b8f13a2e6660af78d92915adf333658f748f4e48fa20135a29e9abe5f"), - nonce: &hex!("e50f278d3662c99d750f60d3"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("aec7ece66b7344afd6f6cc7419cf6027"), - }, - GcmTV { - key: &hex!("f30b5942faf57d4c13e7a82495aedf1b4e603539b2e1599317cc6e53225a2493"), - nonce: &hex!("336c388e18e6abf92bb739a9"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("ddaf8ef4cb2f8a6d401f3be5ff0baf6a"), - }, - GcmTV { - key: &hex!("daf4d9c12c5d29fc3fa936532c96196e56ae842e47063a4b29bfff2a35ed9280"), - nonce: &hex!("5381f21197e093b96cdac4fa"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("7f1832c7f7cd7812a004b79c3d399473"), - }, - GcmTV { - key: &hex!("6b524754149c81401d29a4b8a6f4a47833372806b2d4083ff17f2db3bfc17bca"), - nonce: &hex!("ac7d3d618ab690555ec24408"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("db07a885e2bd39da74116d06c316a5c9"), - }, - GcmTV { - key: &hex!("cff083303ff40a1f66c4aed1ac7f50628fe7e9311f5d037ebf49f4a4b9f0223f"), - nonce: &hex!("45d46e1baadcfbc8f0e922ff"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("1687c6d459ea481bf88e4b2263227906"), - }, - GcmTV { - key: &hex!("3954f60cddbb39d2d8b058adf545d5b82490c8ae9283afa5278689041d415a3a"), - nonce: &hex!("8fb3d98ef24fba03746ac84f"), - plaintext: b"", - aad: b"", - ciphertext: b"", - tag: &hex!("7fb130855dfe7a373313361f33f55237"), - }, - GcmTV { - key: &hex!("78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"), - nonce: &hex!("d79cf22d504cc793c3fb6c8a"), - plaintext: b"", - aad: &hex!("b96baa8c1c75a671bfb2d08d06be5f36"), - ciphertext: b"", - tag: &hex!("3e5d486aa2e30b22e040b85723a06e76"), - }, - GcmTV { - key: &hex!("4457ff33683cca6ca493878bdc00373893a9763412eef8cddb54f91318e0da88"), - nonce: &hex!("699d1f29d7b8c55300bb1fd2"), - plaintext: b"", - aad: &hex!("6749daeea367d0e9809e2dc2f309e6e3"), - ciphertext: b"", - tag: &hex!("d60c74d2517fde4a74e0cd4709ed43a9"), - }, - GcmTV { - key: &hex!("4d01c96ef9d98d4fb4e9b61be5efa772c9788545b3eac39eb1cacb997a5f0792"), - nonce: &hex!("32124a4d9e576aea2589f238"), - plaintext: b"", - aad: &hex!("d72bad0c38495eda50d55811945ee205"), - ciphertext: b"", - tag: &hex!("6d6397c9e2030f5b8053bfe510f3f2cf"), - }, - GcmTV { - key: &hex!("8378193a4ce64180814bd60591d1054a04dbc4da02afde453799cd6888ee0c6c"), - nonce: &hex!("bd8b4e352c7f69878a475435"), - plaintext: b"", - aad: &hex!("1c6b343c4d045cbba562bae3e5ff1b18"), - ciphertext: b"", - tag: &hex!("0833967a6a53ba24e75c0372a6a17bda"), - }, - GcmTV { - key: &hex!("22fc82db5b606998ad45099b7978b5b4f9dd4ea6017e57370ac56141caaabd12"), - nonce: &hex!("880d05c5ee599e5f151e302f"), - plaintext: b"", - aad: &hex!("3e3eb5747e390f7bc80e748233484ffc"), - ciphertext: b"", - tag: &hex!("2e122a478e64463286f8b489dcdd09c8"), - }, - GcmTV { - key: &hex!("fc00960ddd698d35728c5ac607596b51b3f89741d14c25b8badac91976120d99"), - nonce: &hex!("a424a32a237f0df530f05e30"), - plaintext: b"", - aad: &hex!("cfb7e05e3157f0c90549d5c786506311"), - ciphertext: b"", - tag: &hex!("dcdcb9e4004b852a0da12bdf255b4ddd"), - }, - GcmTV { - key: &hex!("69749943092f5605bf971e185c191c618261b2c7cc1693cda1080ca2fd8d5111"), - nonce: &hex!("bd0d62c02ee682069bd1e128"), - plaintext: b"", - aad: &hex!("6967dce878f03b643bf5cdba596a7af3"), - ciphertext: b"", - tag: &hex!("378f796ae543e1b29115cc18acd193f4"), - }, - GcmTV { - key: &hex!("fc4875db84819834b1cb43828d2f0ae3473aa380111c2737e82a9ab11fea1f19"), - nonce: &hex!("da6a684d3ff63a2d109decd6"), - plaintext: b"", - aad: &hex!("91b6fa2ab4de44282ffc86c8cde6e7f5"), - ciphertext: b"", - tag: &hex!("504e81d2e7877e4dad6f31cdeb07bdbd"), - }, - GcmTV { - key: &hex!("9f9fe7d2a26dcf59d684f1c0945b5ffafe0a4746845ed317d35f3ed76c93044d"), - nonce: &hex!("13b59971cd4dd36b19ac7104"), - plaintext: b"", - aad: &hex!("190a6934f45f89c90067c2f62e04c53b"), - ciphertext: b"", - tag: &hex!("4f636a294bfbf51fc0e131d694d5c222"), - }, - GcmTV { - key: &hex!("ab9155d7d81ba6f33193695cf4566a9b6e97a3e409f57159ae6ca49655cca071"), - nonce: &hex!("26a9f8d665d163ddb92d035d"), - plaintext: b"", - aad: &hex!("4a203ac26b951a1f673c6605653ec02d"), - ciphertext: b"", - tag: &hex!("437ea77a3879f010691e288d6269a996"), - }, - GcmTV { - key: &hex!("0f1c62dd80b4a6d09ee9d787b1b04327aa361529ffa3407560414ac47b7ef7bc"), - nonce: &hex!("c87613a3b70d2a048f32cb9a"), - plaintext: b"", - aad: &hex!("8f23d404be2d9e888d219f1b40aa29e8"), - ciphertext: b"", - tag: &hex!("36d8a309acbb8716c9c08c7f5de4911e"), - }, - GcmTV { - key: &hex!("f3e954a38956df890255f01709e457b33f4bfe7ecb36d0ee50f2500471eebcde"), - nonce: &hex!("9799abd3c52110c704b0f36a"), - plaintext: b"", - aad: &hex!("ddb70173f44157755b6c9b7058f40cb7"), - ciphertext: b"", - tag: &hex!("b323ae3abcb415c7f420876c980f4858"), - }, - GcmTV { - key: &hex!("0625316534fbd82fe8fdea50fa573c462022c42f79e8b21360e5a6dce66dde28"), - nonce: &hex!("da64a674907cd6cf248f5fbb"), - plaintext: b"", - aad: &hex!("f24d48e04f5a0d987ba7c745b73b0364"), - ciphertext: b"", - tag: &hex!("df360b810f27e794673a8bb2dc0d68b0"), - }, - GcmTV { - key: &hex!("28f045ac7c4fe5d4b01a9dcd5f1ad3efff1c4f170fc8ab8758d97292868d5828"), - nonce: &hex!("5d85de95b0bdc44514143919"), - plaintext: b"", - aad: &hex!("601d2158f17ab3c7b4dcb6950fbdcdde"), - ciphertext: b"", - tag: &hex!("42c3f527418cf2c3f5d5010ccba8f271"), - }, - GcmTV { - key: &hex!("19310eed5f5f44eb47075c105eb31e36bbfd1310f741b9baa66a81138d357242"), - nonce: &hex!("a1247120138fa4f0e96c992c"), - plaintext: b"", - aad: &hex!("29d746414333e0f72b4c3f44ec6bfe42"), - ciphertext: b"", - tag: &hex!("d5997e2f956df3fa2c2388e20f30c480"), - }, - GcmTV { - key: &hex!("886cff5f3e6b8d0e1ad0a38fcdb26de97e8acbe79f6bed66959a598fa5047d65"), - nonce: &hex!("3a8efa1cd74bbab5448f9945"), - plaintext: b"", - aad: &hex!("519fee519d25c7a304d6c6aa1897ee1eb8c59655"), - ciphertext: b"", - tag: &hex!("f6d47505ec96c98a42dc3ae719877b87"), - }, - GcmTV { - key: &hex!("6937a57d35fe6dc3fc420b123bccdce874bd4c18f2e7c01ce2faf33d3944fd9d"), - nonce: &hex!("a87247797b758467b96310f3"), - plaintext: b"", - aad: &hex!("ead961939a33dd578f8e93db8b28a1c85362905f"), - ciphertext: b"", - tag: &hex!("599de3ecf22cb867f03f7f6d9fd7428a"), - }, - GcmTV { - key: &hex!("e65a331776c9dcdf5eba6c59e05ec079d97473bcdce84daf836be323456263a0"), - nonce: &hex!("ca731f768da01d02eb8e727e"), - plaintext: b"", - aad: &hex!("d7274586517bf1d8da866f4a47ad0bcf2948a862"), - ciphertext: b"", - tag: &hex!("a8abe7a8085f25130a7206d37a8aaf6d"), - }, - GcmTV { - key: &hex!("77bb1b6ef898683c981b2fc899319ffbb6000edca22566b634db3a3c804059e5"), - nonce: &hex!("354a19283769b3b991b05a4c"), - plaintext: b"", - aad: &hex!("b5566251a8a8bec212dc08113229ff8590168800"), - ciphertext: b"", - tag: &hex!("e5c2dccf8fc7f296cac95d7071cb8d7d"), - }, - GcmTV { - key: &hex!("2a43308d520a59ed51e47a3a915e1dbf20a91f0886506e481ad3de65d50975b4"), - nonce: &hex!("bcbf99733d8ec90cb23e6ce6"), - plaintext: b"", - aad: &hex!("eb88288729289d26fe0e757a99ad8eec96106053"), - ciphertext: b"", - tag: &hex!("01b0196933aa49123eab4e1571250383"), - }, - GcmTV { - key: &hex!("2379b35f85102db4e7aecc52b705bc695d4768d412e2d7bebe999236783972ff"), - nonce: &hex!("918998c4801037b1cd102faa"), - plaintext: b"", - aad: &hex!("b3722309e0f066225e8d1659084ebb07a93b435d"), - ciphertext: b"", - tag: &hex!("dfb18aee99d1f67f5748d4b4843cb649"), - }, - GcmTV { - key: &hex!("98b3cb7537167e6d14a2a8b2310fe94b715c729fdf85216568150b556d0797ba"), - nonce: &hex!("bca5e2e5a6b30f18d263c6b2"), - plaintext: b"", - aad: &hex!("260d3d72db70d677a4e3e1f3e11431217a2e4713"), - ciphertext: b"", - tag: &hex!("d6b7560f8ac2f0a90bad42a6a07204bc"), - }, - GcmTV { - key: &hex!("30341ae0f199b10a15175d00913d5029526ab7f761c0b936a7dd5f1b1583429d"), - nonce: &hex!("dbe109a8ce5f7b241e99f7af"), - plaintext: b"", - aad: &hex!("fe4bdee5ca9c4806fa024715fbf66ab845285fa7"), - ciphertext: b"", - tag: &hex!("ae91daed658e26c0d126575147af9899"), - }, - GcmTV { - key: &hex!("8232b6a1d2e367e9ce1ea8d42fcfc83a4bc8bdec465c6ba326e353ad9255f207"), - nonce: &hex!("cd2fb5ff9cf0f39868ad8685"), - plaintext: b"", - aad: &hex!("02418b3dde54924a9628de06004c0882ae4ec3bb"), - ciphertext: b"", - tag: &hex!("d5308f63708675ced19b2710afd2db49"), - }, - GcmTV { - key: &hex!("f9a132a50a508145ffd8294e68944ea436ce0f9a97e181f5e0d6c5d272311fc1"), - nonce: &hex!("892991b54e94b9d57442ccaf"), - plaintext: b"", - aad: &hex!("4e0fbd3799da250fa27911b7e68d7623bfe60a53"), - ciphertext: b"", - tag: &hex!("89881d5f786e6d53e0d19c3b4e6887d8"), - }, - GcmTV { - key: &hex!("0e3746e5064633ea9311b2b8427c536af92717de20eeb6260db1333c3d8a8114"), - nonce: &hex!("f84c3a1c94533f7f25cec0ac"), - plaintext: b"", - aad: &hex!("8c0d41e6135338c8d3e63e2a5fa0a9667ec9a580"), - ciphertext: b"", - tag: &hex!("479ccfe9241de2c474f2edebbb385c09"), - }, - GcmTV { - key: &hex!("b997e9b0746abaaed6e64b63bdf64882526ad92e24a2f5649df055c9ec0f1daa"), - nonce: &hex!("f141d8d71b033755022f0a7d"), - plaintext: b"", - aad: &hex!("681d6583f527b1a92f66caae9b1d4d028e2e631e"), - ciphertext: b"", - tag: &hex!("b30442a6395ec13246c48b21ffc65509"), - }, - GcmTV { - key: &hex!("87660ec1700d4e9f88a323a49f0b871e6aaf434a2d8448d04d4a22f6561028e0"), - nonce: &hex!("2a07b42593cd24f0a6fe406c"), - plaintext: b"", - aad: &hex!("1dd239b57185b7e457ced73ebba043057f049edd"), - ciphertext: b"", - tag: &hex!("df7a501049b37a534098cb45cb9c21b7"), - }, - GcmTV { - key: &hex!("ea4792e1f1717b77a00de4d109e627549b165c82af35f33ca7e1a6b8ed62f14f"), - nonce: &hex!("7453cc8b46fe4b93bcc48381"), - plaintext: b"", - aad: &hex!("46d98970a636e7cd7b76fc362ae88298436f834f"), - ciphertext: b"", - tag: &hex!("518dbacd36be6fba5c12871678a55516"), - }, - GcmTV { - key: &hex!("34892cdd1d48ca166f7ba73182cb97336c2c754ac160a3e37183d6fb5078cec3"), - nonce: &hex!("ed3198c5861b78c71a6a4eec"), - plaintext: b"", - aad: &hex!("a6fa6d0dd1e0b95b4609951bbbe714de0ae0ccfa"), - ciphertext: b"", - tag: &hex!("c6387795096b348ecf1d1f6caaa3c813"), - }, - GcmTV { - key: &hex!("f4069bb739d07d0cafdcbc609ca01597f985c43db63bbaaa0debbb04d384e49c"), - nonce: &hex!("d25ff30fdc3d464fe173e805"), - plaintext: b"", - aad: &hex!("3e1449c4837f0892f9d55127c75c4b25d69be334baf5f19394d2d8bb460cbf2120e14736d0f634aa792feca20e455f11"), - ciphertext: b"", - tag: &hex!("805ec2931c2181e5bfb74fa0a975f0cf"), - }, - GcmTV { - key: &hex!("62189dcc4beb97462d6c0927d8a270d39a1b07d72d0ad28840badd4f68cf9c8b"), - nonce: &hex!("859fda5247c888823a4b8032"), - plaintext: b"", - aad: &hex!("b28d1621ee110f4c9d709fad764bba2dd6d291bc003748faac6d901937120d41c1b7ce67633763e99e05c71363fceca8"), - ciphertext: b"", - tag: &hex!("27330907d0002880bbb4c1a1d23c0be2"), - }, - GcmTV { - key: &hex!("59012d85a1b90aeb0359e6384c9991e7be219319f5b891c92c384ade2f371816"), - nonce: &hex!("3c9cde00c23912cff9689c7c"), - plaintext: b"", - aad: &hex!("e5daf473a470860b55210a483c0d1a978d8add843c2c097f73a3cda49ac4a614c8e887d94e6692309d2ed97ebe1eaf5d"), - ciphertext: b"", - tag: &hex!("048239e4e5c2c8b33890a7c950cda852"), - }, - GcmTV { - key: &hex!("4be09b408ad68b890f94be5efa7fe9c917362712a3480c57cd3844935f35acb7"), - nonce: &hex!("8f350bd3b8eea173fc7370bc"), - plaintext: b"", - aad: &hex!("2819d65aec942198ca97d4435efd9dd4d4393b96cf5ba44f09bce4ba135fc8636e8275dcb515414b8befd32f91fc4822"), - ciphertext: b"", - tag: &hex!("a133cb7a7d0471dbac61fb41589a2efe"), - }, - GcmTV { - key: &hex!("13cb965a4d9d1a36efad9f6ca1ba76386a5bb160d80b0917277102357ac7afc8"), - nonce: &hex!("f313adec42a66d13c3958180"), - plaintext: b"", - aad: &hex!("717b48358898e5ccfea4289049adcc1bb0db3b3ebd1767ac24fb2b7d37dc80ea2316c17f14fb51b5e18cd5bb09afe414"), - ciphertext: b"", - tag: &hex!("81b4ef7a84dc4a0b1fddbefe37f53852"), - }, - GcmTV { - key: &hex!("d27f1bebbbdef0edca393a6261b0338abbc491262eab0737f55246458f6668cc"), - nonce: &hex!("fc062f857886e278f3a567d2"), - plaintext: b"", - aad: &hex!("2bae92dea64aa99189de8ea4c046745306002e02cfb46a41444ce8bfcc329bd4205963d9ab5357b026a4a34b1a861771"), - ciphertext: b"", - tag: &hex!("5c5a6c4613f1e522596330d45f243fdd"), - }, - GcmTV { - key: &hex!("7b4d19cd3569f74c7b5df61ab78379ee6bfa15105d21b10bf6096699539006d0"), - nonce: &hex!("fbed5695c4a739eded97b1e3"), - plaintext: b"", - aad: &hex!("c6f2e5d663bfaf668d014550ef2e66bf89978799a785f1f2c79a2cb3eb3f2fd4076207d5f7e1c284b4af5cffc4e46198"), - ciphertext: b"", - tag: &hex!("7101b434fb90c7f95b9b7a0deeeb5c81"), - }, - GcmTV { - key: &hex!("d3431488d8f048590bd76ec66e71421ef09f655d7cf8043bf32f75b4b2e7efcc"), - nonce: &hex!("cc766e98b40a81519fa46392"), - plaintext: b"", - aad: &hex!("93320179fdb40cbc1ccf00b872a3b4a5f6c70b56e43a84fcac5eb454a0a19a747d452042611bf3bbaafd925e806ffe8e"), - ciphertext: b"", - tag: &hex!("3afcc336ce8b7191eab04ad679163c2a"), - }, - GcmTV { - key: &hex!("a440948c0378561c3956813c031f81573208c7ffa815114ef2eee1eb642e74c6"), - nonce: &hex!("c1f4ffe54b8680832eed8819"), - plaintext: b"", - aad: &hex!("253438f132b18e8483074561898c5652b43a82cc941e8b4ae37e792a8ed6ec5ce2bcec9f1ffcf4216e46696307bb774a"), - ciphertext: b"", - tag: &hex!("129445f0a3c979a112a3afb10a24e245"), - }, - GcmTV { - key: &hex!("798706b651033d9e9bf2ce064fb12be7df7308cf45df44776588cd391c49ff85"), - nonce: &hex!("5a43368a39e7ffb775edfaf4"), - plaintext: b"", - aad: &hex!("926b74fe6381ebd35757e42e8e557601f2287bfc133a13fd86d61c01aa84f39713bf99a8dc07b812f0274c9d3280a138"), - ciphertext: b"", - tag: &hex!("89fe481a3d95c03a0a9d4ee3e3f0ed4a"), - }, - GcmTV { - key: &hex!("c3aa2a39a9fef4a466618d1288bb62f8da7b1cb760ccc8f1be3e99e076f08eff"), - nonce: &hex!("9965ba5e23d9453d7267ca5b"), - plaintext: b"", - aad: &hex!("93efb6a2affc304cb25dfd49aa3e3ccdb25ceac3d3cea90dd99e38976978217ad5f2b990d10b91725c7fd2035ecc6a30"), - ciphertext: b"", - tag: &hex!("00a94c18a4572dcf4f9e2226a03d4c07"), - }, - GcmTV { - key: &hex!("14e06858008f7e77186a2b3a7928a0c7fcee22136bc36f53553f20fa5c37edcd"), - nonce: &hex!("32ebe0dc9ada849b5eda7b48"), - plaintext: b"", - aad: &hex!("6c0152abfa485b8cd67c154a5f0411f22121379774d745f40ee577b028fd0e188297581561ae972223d75a24b488aed7"), - ciphertext: b"", - tag: &hex!("2625b0ba6ee02b58bc529e43e2eb471b"), - }, - GcmTV { - key: &hex!("fbb56b11c51a093ce169a6990399c4d741f62b3cc61f9e8a609a1b6ae8e7e965"), - nonce: &hex!("9c5a953247e91aceceb9defb"), - plaintext: b"", - aad: &hex!("46cb5c4f617916a9b1b2e03272cb0590ce716498533047d73c81e4cbe9278a3686116f5632753ea2df52efb3551aea2d"), - ciphertext: b"", - tag: &hex!("4f3b82e6be4f08756071f2c46c31fedf"), - }, - GcmTV { - key: &hex!("b303bf02f6a8dbb5bc4baccab0800db5ee06de648e2fae299b95f135c9b107cc"), - nonce: &hex!("906495b67ef4ce00b44422fa"), - plaintext: b"", - aad: &hex!("872c6c370926535c3fa1baec031e31e7c6c82808c8a060742dbef114961c314f1986b2131a9d91f30f53067ec012c6b7"), - ciphertext: b"", - tag: &hex!("64dde37169082d181a69107f60c5c6bb"), - }, - GcmTV { - key: &hex!("29f5f8075903063cb6d7050669b1f74e08a3f79ef566292dfdef1c06a408e1ab"), - nonce: &hex!("35f25c48b4b5355e78b9fb3a"), - plaintext: b"", - aad: &hex!("107e2e23159fc5c0748ca7a077e5cc053fa5c682ff5269d350ee817f8b5de4d3972041d107b1e2f2e54ca93b72cd0408"), - ciphertext: b"", - tag: &hex!("fee5a9baebb5be0165deaa867e967a9e"), - }, - GcmTV { - key: &hex!("03ccb7dbc7b8425465c2c3fc39ed0593929ffd02a45ff583bd89b79c6f646fe9"), - nonce: &hex!("fd119985533bd5520b301d12"), - plaintext: b"", - aad: &hex!("98e68c10bf4b5ae62d434928fc6405147c6301417303ef3a703dcfd2c0c339a4d0a89bd29fe61fecf1066ab06d7a5c31a48ffbfed22f749b17e9bd0dc1c6f8fbd6fd4587184db964d5456132106d782338c3f117ec05229b0899"), - ciphertext: b"", - tag: &hex!("cf54e7141349b66f248154427810c87a"), - }, - GcmTV { - key: &hex!("57e112cd45f2c57ddb819ea651c206763163ef016ceead5c4eae40f2bbe0e4b4"), - nonce: &hex!("188022c2125d2b1fcf9e4769"), - plaintext: b"", - aad: &hex!("09c8f445ce5b71465695f838c4bb2b00624a1c9185a3d552546d9d2ee4870007aaf3007008f8ae9affb7588b88d09a90e58b457f88f1e3752e3fb949ce378670b67a95f8cf7f5c7ceb650efd735dbc652cae06e546a5dbd861bd"), - ciphertext: b"", - tag: &hex!("9efcddfa0be21582a05749f4050d29fe"), - }, - GcmTV { - key: &hex!("a4ddf3cab7453aaefad616fd65d63d13005e9459c17d3173cd6ed7f2a86c921f"), - nonce: &hex!("06177b24c58f3be4f3dd4920"), - plaintext: b"", - aad: &hex!("f95b046d80485e411c56b834209d3abd5a8a9ddf72b1b916679adfdde893044315a5f4967fd0405ec297aa332f676ff0fa5bd795eb609b2e4f088db1cdf37ccff0735a5e53c4c12173a0026aea42388a7d7153a8830b8a901cf9"), - ciphertext: b"", - tag: &hex!("9d1bd8ecb3276906138d0b03fcb8c1bb"), - }, - GcmTV { - key: &hex!("24a92b24e85903cd4aaabfe07c310df5a4f8f459e03a63cbd1b47855b09c0be8"), - nonce: &hex!("22e756dc898d4cf122080612"), - plaintext: b"", - aad: &hex!("2e01b2536dbe376be144296f5c38fb099e008f962b9f0e896334b6408393bff1020a0e442477abfdb1727213b6ccc577f5e16cb057c8945a07e307264b65979aed96b5995f40250ffbaaa1a1f0eccf394015f6290f5e64dfe5ca"), - ciphertext: b"", - tag: &hex!("0d7f1aed4708a03b0c80b2a18785c96d"), - }, - GcmTV { - key: &hex!("15276fc64438578e0ec53366b90a0e23d93910fec10dc3003d9b3f3fa72db702"), - nonce: &hex!("c5e931946d5caebc227656d2"), - plaintext: b"", - aad: &hex!("3f967c83ba02e77c14e9d41185eb87f172250e93edb0f82b6742c124298ab69418358eddefa39fedc3cade9d80f036d864a59ead37c87727c56c701a8cd9634469ff31c704f5ee39354157e6558467b92824da36b1c071bedfe9"), - ciphertext: b"", - tag: &hex!("a0ffa19adcf31d061cd0dd46d24015ef"), - }, - GcmTV { - key: &hex!("ec09804a048bb854c71618b5a3a1c590910fc8a68455139b719486d2280ea59a"), - nonce: &hex!("d0b1247e7121a9276ac18ca3"), - plaintext: b"", - aad: &hex!("66b1d39d414596308e866b04476e053b71acd1cd07ce80939577ebbeace0430f7e4c0c185fe1d97ac7569950c83db40bbed0f1d173e1aa0dc28b4773705032d97551f7fcef7f55e4b69f88df650032dfc5232c156641104b5397"), - ciphertext: b"", - tag: &hex!("8440e6d864ab778f9be478f203162d86"), - }, - GcmTV { - key: &hex!("4adf86bfa547725e4b80365a5a327c107040facfff007dc35102066bd6a995c4"), - nonce: &hex!("b1018cc331911255a55a0795"), - plaintext: b"", - aad: &hex!("053ca4428c990b4456d3c1895d5d52deff675896de9faa53d8cf241255f4a31dc3399f15d83be380256616e5af043abfb37552655adf4f2e68dda24bc3736951134f359d9c0e288bb798b6c3ea46239231a3cb280066db9862e7"), - ciphertext: b"", - tag: &hex!("c7424f38084930bfc5edc1fcf1e7608d"), - }, - GcmTV { - key: &hex!("3c92e0d1e39a3c766573c4646c768c402ccff48a56682a93433512abf0456e00"), - nonce: &hex!("d57f319e590191841d2b98bd"), - plaintext: b"", - aad: &hex!("840d9394aa240e52ba152151c12acd1cd44881e8549dc832b71a45da7efcc74fb7e844d9fec25e5d497b8fb8f47f328c8d99045a19e366e6ce5e19dc26f67a81a94fa6c97c314d886e7b56eff144c09f6fa519db6308bc73422e"), - ciphertext: b"", - tag: &hex!("cb4ef72dbda4914d7434f9686f823e2f"), - }, - GcmTV { - key: &hex!("b66ba39733888a9e0a2e30452844161dc33cb383c02ce16c4efad5452509b5b5"), - nonce: &hex!("937cb665e37059b2e40359f2"), - plaintext: b"", - aad: &hex!("dbcd9694a8834860034e8ede3a5bd419fcf91c005ad99f488aa623f581622093f9d41e6a68e20fd202f302bcfc4417ca89090bfcd4d5224e8ff4eb5bbae4ecb27baa239f59c2f99cd47c0a269c497906b41a8f320a3dd2dc2de2"), - ciphertext: b"", - tag: &hex!("bdc8249302d9d666cf7168317c118743"), - }, - GcmTV { - key: &hex!("2f9fcd1043455695638c991a1b1d35ad57c18ef0727322747b7991abc3d787f3"), - nonce: &hex!("d06cf548f62869f4bed7a318"), - plaintext: b"", - aad: &hex!("432023c12cf1f614e1005112a17dbe6c5d54022a95cf6335a5bc55004c75f09a5699739ecf928e1c78d03dad5096a17a084afe1cc22041bbdfb5985bd08b0dcc59d2b08cd86b7aad597c4cd7b4ba6d6a7370b83995a6511a1f9e"), - ciphertext: b"", - tag: &hex!("322eb84fb6884f10cfb766c2e3ec779e"), - }, - GcmTV { - key: &hex!("21c5839a63e1230c06b086341c96ab74585e69bced94332caeb1fa77d510c24f"), - nonce: &hex!("5ab6e5ed6ee733be7250858c"), - plaintext: b"", - aad: &hex!("c92f08e30f67d42516133c48e97b65cc9e124365e110aba5e7b2cbe83debcc99edf4eb0007af052bda22d85900271b1897af4fd9ace6a2d09d984ac3de79d05de0b105a81b12542b2c48e27d409fd6992dd062d6055d6fc66842"), - ciphertext: b"", - tag: &hex!("53b0e450309d146459f2a1e46c9d9e23"), - }, - GcmTV { - key: &hex!("25a144f0fdba184125d81a87e7ed82fad33c701a094a67a81fe4692dc69afa31"), - nonce: &hex!("8bf575c5c2b45b4efc6746e4"), - plaintext: b"", - aad: &hex!("2a367cb0d3b7c5b8320b3cf95e82b6ba0bba1d09a2055885dedd9ef5641623682212103238b8f775cce42ddfd4f66382f2c3a5e8d6dff9163ced83580a75705574026b55db90f75f8abb3014c9a707021dedc075da38bebbf0a0"), - ciphertext: b"", - tag: &hex!("0e2ce9cac8dfcedb0572ec6cab621efd"), - }, - GcmTV { - key: &hex!("42bc841b3b03a807cd366a35ecec8a6aebef7c4cba0ec8cb8da0da41df8ccef1"), - nonce: &hex!("1bd46f85df5f4b3a126ee315"), - plaintext: b"", - aad: &hex!("ede3dcddbdc7d8e5d034c01661332ec349cb4e7a9fbaaf7abe2c647587db86cd427ce66908e070bc49ef838747e06b45ac486dfbea6f8698b4625e21e69db8327ec05cfd74accbe67ab644948cdb554af179a1e264e08fe16641"), - ciphertext: b"", - tag: &hex!("633ab6aaf5b32b53a794f6be6262fc5f"), - }, - GcmTV { - key: &hex!("c25b8500be73210596fc4a9fb4d84d1a3379a91e3f0a6cc4177d996046627679"), - nonce: &hex!("b56c48c0c4cd318b20437002"), - plaintext: b"", - aad: &hex!("bcd14dd043fdc8c327957e1c1428698543ec8602521a7c74788d296d37d4828f10f90656883d2531c702ebda2dc0a68dab00154577454455fad986ff8e0973098dbf370ff703ed98222b945726ed9be7909210ddbc672e99fdd9"), - ciphertext: b"", - tag: &hex!("8171d4ff60fe7ef6de0288326aa73223"), - }, - GcmTV { - key: &hex!("dd95259bc8eefa3e493cb1a6ba1d8ee2b341d5230d50363094a2cc3433b3d9b9"), - nonce: &hex!("a1a6ced084f4f13990750a9e"), - plaintext: b"", - aad: &hex!("d46db90e13684b26149cb3b7f776e228a0538fa1892c418aaad07aa08d3076f4a52bee8f130ff560db2b8d1009e9260fa6233fc22733e050c9e4f7cc699062765e261dffff1159e9060b26c8065dfab04055b58c82c340d987c9"), - ciphertext: b"", - tag: &hex!("9e120b01899fe2cb3e3a0b0c05045940"), - }, - GcmTV { - key: &hex!("31bdadd96698c204aa9ce1448ea94ae1fb4a9a0b3c9d773b51bb1822666b8f22"), - nonce: &hex!("0d18e06c7c725ac9e362e1ce"), - plaintext: &hex!("2db5168e932556f8089a0622981d017d"), - aad: b"", - ciphertext: &hex!("fa4362189661d163fcd6a56d8bf0405a"), - tag: &hex!("d636ac1bbedd5cc3ee727dc2ab4a9489"), - }, - GcmTV { - key: &hex!("460fc864972261c2560e1eb88761ff1c992b982497bd2ac36c04071cbb8e5d99"), - nonce: &hex!("8a4a16b9e210eb68bcb6f58d"), - plaintext: &hex!("99e4e926ffe927f691893fb79a96b067"), - aad: b"", - ciphertext: &hex!("133fc15751621b5f325c7ff71ce08324"), - tag: &hex!("ec4e87e0cf74a13618d0b68636ba9fa7"), - }, - GcmTV { - key: &hex!("f78a2ba3c5bd164de134a030ca09e99463ea7e967b92c4b0a0870796480297e5"), - nonce: &hex!("2bb92fcb726c278a2fa35a88"), - plaintext: &hex!("f562509ed139a6bbe7ab545ac616250c"), - aad: b"", - ciphertext: &hex!("e2f787996e37d3b47294bf7ebba5ee25"), - tag: &hex!("00f613eee9bdad6c9ee7765db1cb45c0"), - }, - GcmTV { - key: &hex!("48e6af212da1386500454c94a201640c2151b28079240e40d72d2a5fd7d54234"), - nonce: &hex!("ef0ff062220eb817dc2ece94"), - plaintext: &hex!("c7afeecec1408ad155b177c2dc7138b0"), - aad: b"", - ciphertext: &hex!("9432a620e6a22307e06a321d66846fd4"), - tag: &hex!("e3ea499192f2cd8d3ab3edfc55897415"), - }, - GcmTV { - key: &hex!("79cd8d750fc8ea62a2714edcd9b32867c7c4da906c56e23a644552f5b812e75a"), - nonce: &hex!("9bbfdb81015d2b57dead2de5"), - plaintext: &hex!("f980ad8c55ebd31ee6f98f44e92bff55"), - aad: b"", - ciphertext: &hex!("41a34d1e759c859e91b8cf5d3ded1970"), - tag: &hex!("68cd98406d5b322571e750c30aa49834"), - }, - GcmTV { - key: &hex!("130ae450c18efb851057aaa79575a0a090194be8b2c95469a0e8e380a8f48f42"), - nonce: &hex!("b269115396f81b39e0c38f47"), - plaintext: &hex!("036cf36280dee8355c82abc4c1fdb778"), - aad: b"", - ciphertext: &hex!("09f7568fd8181652e556f0dda5a49ed5"), - tag: &hex!("d10b61947cae275b7034f5259ba6fc28"), - }, - GcmTV { - key: &hex!("9c7121289aefc67090cabed53ad11658be72a5372761b9d735e81d2bfc0e3267"), - nonce: &hex!("ade1702d2051b8dd203b5419"), - plaintext: &hex!("b95bcaa2b31403d76859a4c301c50b56"), - aad: b"", - ciphertext: &hex!("628285e6489090dde1b9a60674785003"), - tag: &hex!("9f516af3f3b93d610edbc5ba6e2d115f"), - }, - GcmTV { - key: &hex!("0400b42897011fc20fd2280a52ef905d6ebf1b055b48c97067bd786d678ec4ea"), - nonce: &hex!("0abfb0a41496b453358409d9"), - plaintext: &hex!("20c8230191e35f4e9b269d59cf5521f6"), - aad: b"", - ciphertext: &hex!("dd8c38087daffbbb3ebb57ebf5ee5f78"), - tag: &hex!("bfb07aa5049ee350ec6fb1397f37087b"), - }, - GcmTV { - key: &hex!("56690798978c154ff250ba78e463765f2f0ce69709a4551bd8cb3addeda087b6"), - nonce: &hex!("cf37c286c18ad4ea3d0ba6a0"), - plaintext: &hex!("2d328124a8d58d56d0775eed93de1a88"), - aad: b"", - ciphertext: &hex!("3b0a0267f6ecde3a78b30903ebd4ca6e"), - tag: &hex!("1fd2006409fc636379f3d4067eca0988"), - }, - GcmTV { - key: &hex!("8a02a33bdf87e7845d7a8ae3c8727e704f4fd08c1f2083282d8cb3a5d3cedee9"), - nonce: &hex!("599f5896851c968ed808323b"), - plaintext: &hex!("4ade8b32d56723fb8f65ce40825e27c9"), - aad: b"", - ciphertext: &hex!("cb9133796b9075657840421a46022b63"), - tag: &hex!("a79e453c6fad8a5a4c2a8e87821c7f88"), - }, - GcmTV { - key: &hex!("23aaa78a5915b14f00cf285f38ee275a2db97cb4ab14d1aac8b9a73ff1e66467"), - nonce: &hex!("4a675ec9be1aab9632dd9f59"), - plaintext: &hex!("56659c06a00a2e8ed1ac60572eee3ef7"), - aad: b"", - ciphertext: &hex!("e6c01723bfbfa398d9c9aac8c683bb12"), - tag: &hex!("4a2f78a9975d4a1b5f503a4a2cb71553"), - }, - GcmTV { - key: &hex!("fe647f72e95c469027f4d7778429a2e8e90d090268d4fa7df44f65c0af84190a"), - nonce: &hex!("4f40ae2a83a9b480e4686c90"), - plaintext: &hex!("31fd6cce3f0d2b0d18e0af01c4b5609e"), - aad: b"", - ciphertext: &hex!("54c769fd542f0d3022f1335a7c410b61"), - tag: &hex!("106cb7cbcd967da6cad646039c753474"), - }, - GcmTV { - key: &hex!("fce205515f0551b1797128a2132d8e002ea5ab1beb99c5e7e8329398cf478e10"), - nonce: &hex!("20209a0d4a3b9bfddeef39a0"), - plaintext: &hex!("7d663e31a2f6ffef17e536684dae2e87"), - aad: b"", - ciphertext: &hex!("6529712030fb659dc11ab719f6a4c402"), - tag: &hex!("58699464d062aba505508c576c4e07dd"), - }, - GcmTV { - key: &hex!("cd33003ff18f6f3369dd9a35381261ba660ce0a769864475152e677066540337"), - nonce: &hex!("20bffe9064ce76d275204138"), - plaintext: &hex!("acaf53d4dd2fe12cd44450b0d9adcc92"), - aad: b"", - ciphertext: &hex!("a669fda0444b180165f90815dc992b33"), - tag: &hex!("6e31f5a56c4790cedcc2368c51d0639b"), - }, - GcmTV { - key: &hex!("381873b5f9579d8241f0c61f0d9e327bb9f678691714aaa48ea7d92678d43fe7"), - nonce: &hex!("3fc8bec23603158e012d65e5"), - plaintext: &hex!("7b622e9b408fe91f6fa800ecef838d36"), - aad: b"", - ciphertext: &hex!("8ca4de5b4e2ab22431a009f3ddd01bae"), - tag: &hex!("b3a7f80e3edf322622731550164cd747"), - }, - GcmTV { - key: &hex!("92e11dcdaa866f5ce790fd24501f92509aacf4cb8b1339d50c9c1240935dd08b"), - nonce: &hex!("ac93a1a6145299bde902f21a"), - plaintext: &hex!("2d71bcfa914e4ac045b2aa60955fad24"), - aad: &hex!("1e0889016f67601c8ebea4943bc23ad6"), - ciphertext: &hex!("8995ae2e6df3dbf96fac7b7137bae67f"), - tag: &hex!("eca5aa77d51d4a0a14d9c51e1da474ab"), - }, - GcmTV { - key: &hex!("7da3bccaffb3464178ca7c722379836db50ce0bfb47640b9572163865332e486"), - nonce: &hex!("c04fd2e701c3dc62b68738b3"), - plaintext: &hex!("fd671cab1ee21f0df6bb610bf94f0e69"), - aad: &hex!("fec0311013202e4ffdc4204926ae0ddf"), - ciphertext: &hex!("6be61b17b7f7d494a7cdf270562f37ba"), - tag: &hex!("5e702a38323fe1160b780d17adad3e96"), - }, - GcmTV { - key: &hex!("a359b9584beec189527f8842dda6b6d4c6a5db2f889635715fa3bcd7967c0a71"), - nonce: &hex!("8616c4cde11b34a944caba32"), - plaintext: &hex!("33a46b7539d64c6e1bdb91ba221e3007"), - aad: &hex!("e1796fca20cb3d3ab0ade69b2a18891e"), - ciphertext: &hex!("b0d316e95f3f3390ba10d0274965c62b"), - tag: &hex!("aeaedcf8a012cc32ef25a62790e9334c"), - }, - GcmTV { - key: &hex!("8c83238e7b3b58278200b54940d779d0a0750673aab0bf2f5808dd15dc1a8c49"), - nonce: &hex!("70f8f4ebe408f61a35077956"), - plaintext: &hex!("6e57f8572dd5b2247410f0d4c7424186"), - aad: &hex!("e1cbf83924f1b8d1014b97db56c25a15"), - ciphertext: &hex!("4a11acb9611251df01f79f16f8201ffb"), - tag: &hex!("9732be4ad0569586753d90fabb06f62c"), - }, - GcmTV { - key: &hex!("fe21919bb320af8744c9e862b5b7cf8b81ad3ad1fb0e7d7d710a688d3eed154b"), - nonce: &hex!("38bc3917aa1925f40850c082"), - plaintext: &hex!("aea53b1ea79a71c3a4b83c92a0c979f1"), - aad: &hex!("f24102fa7e6b819bb3ff47f90844db9c"), - ciphertext: &hex!("2fb8b697bf8f7a2eea25fe702a3ae0a9"), - tag: &hex!("5be77e827737ad7c4f79e0e343fe010d"), - }, - GcmTV { - key: &hex!("499e8a3f39ac4abc62dd4e1a6133042e74785972b6b501bfaffefc8bb29fd312"), - nonce: &hex!("5c728dbbef9dcc0ff483e891"), - plaintext: &hex!("b44014c7fc6b3f15d126a881fbe2bd2b"), - aad: &hex!("82300dab592f840ae991efa3623a6203"), - ciphertext: &hex!("578fe5e1aef7619f392c027c838a239e"), - tag: &hex!("49fdc724f05eb56ea9e3fd14b61ad567"), - }, - GcmTV { - key: &hex!("2775d3e7a8fc665bb9a59edc22eb136add194824ed8f2adb449177404c739716"), - nonce: &hex!("73f16c054e166696df679a2e"), - plaintext: &hex!("c9f3bce40310b6c0a3fd62742e4f3617"), - aad: &hex!("23199a1c9b7244913952ca4f7e7444f4"), - ciphertext: &hex!("72c85c10756266d00a9a4340b2cb3137"), - tag: &hex!("5881e4565b42394e62d5daf0d1ebc593"), - }, - GcmTV { - key: &hex!("425a341c67e6d873870f54e2cc5a2984c734e81729c0dbaaeee050309f1ce674"), - nonce: &hex!("0c09b7b4e9e097317b791433"), - plaintext: &hex!("76dda644b3faca509b37def0319f30cc"), - aad: &hex!("4300a721547846761e4bf8df2b6ec1d6"), - ciphertext: &hex!("1dd80daa0fc9e47e43897c64a6663f5e"), - tag: &hex!("5d69b34d8c3b12f783faaea7e93685db"), - }, - GcmTV { - key: &hex!("dd5c48988a6e9f9f60be801ba5c090f224a1b53d6601ec5858eab7b7784a8d5e"), - nonce: &hex!("43562d48cd4110a66d9ca64e"), - plaintext: &hex!("2cda2761fd0be2b03f9714fce8d0e303"), - aad: &hex!("55e568309fc6cb0fb0e0e7d2511d4116"), - ciphertext: &hex!("f2cfb6f5446e7aa172adfcd66b92a98d"), - tag: &hex!("e099c64d2966e780ce7d2eaae97f47d8"), - }, - GcmTV { - key: &hex!("2bdad9c3e5de6e4e101b7f16e727c690db95eacf4b0ccbdec7aab6fb9fc80486"), - nonce: &hex!("a5cf3967d244074d2153c576"), - plaintext: &hex!("84c867ec36cc6fe3487f5192fdfd390b"), - aad: &hex!("6bdae72b5ed0e4d1f10064ebd02cf85c"), - ciphertext: &hex!("53c8fa437c1b5fa91abbd6508b3878ce"), - tag: &hex!("7859593d127324be8b9cf1d43ead4d82"), - }, - GcmTV { - key: &hex!("01e92afdb5d956be12d38b09252966c5728d26f3c72e54bb62bbc55ae590e716"), - nonce: &hex!("886e55364eeb90e87ac79bbe"), - plaintext: &hex!("6c6570385f3d6d937e54a3a2e95bc9eb"), - aad: &hex!("c76aabb7f44b942a81feb50249d2131a"), - ciphertext: &hex!("423b749a507f437b431114962180d352"), - tag: &hex!("54d859320a49281368297da7d4e37326"), - }, - GcmTV { - key: &hex!("46921319217598cb64256fe49abca1f18a9d1dbca360f8630afb5c6137cb42b5"), - nonce: &hex!("290827cf981415760ec3b37a"), - plaintext: &hex!("480d32b191c2e201aed03680f93ea2da"), - aad: &hex!("535ee80b12f581baaf8027e6e3900e31"), - ciphertext: &hex!("89ace4f73583fb1ac260dea99b54055e"), - tag: &hex!("7b8b8358363c175a66e6fb48d1bc2222"), - }, - GcmTV { - key: &hex!("e18cd9b01b59bc0de1502efb74c3642997fe7dfb8d80c8a73caffe7726807d33"), - nonce: &hex!("bd087b384c40841b3839ba02"), - plaintext: &hex!("62f7f3a12b8c5f6747fcfe192d850b19"), - aad: &hex!("fe69f837961b1d83f27fbf68e6791a1c"), - ciphertext: &hex!("bacfccf6397424e96caf761e71dd3e3a"), - tag: &hex!("9c9a5b65420f83e766c7c051680e8e58"), - }, - GcmTV { - key: &hex!("68ee463b3153d9a042e5e3685def6f90f7659a203441de337fb94831cbeae9b2"), - nonce: &hex!("9c4a9254c485236cf838de7e"), - plaintext: &hex!("73731054514f3fb0102c7a1df809f212"), - aad: &hex!("d55820e7acbb27d23c7df32938cf7d42"), - ciphertext: &hex!("13b7823cac37f40eb811e3c966d16a67"), - tag: &hex!("76288c33a66ff6451e2cec6c4ba4935e"), - }, - GcmTV { - key: &hex!("64bd594daf279e3172f9aa713b35b7fce8f43083792bc7d1f10919131f400a7b"), - nonce: &hex!("339a2c40e9d9507c34228649"), - plaintext: &hex!("2b794cb4c98450463a3e225ab33f3f30"), - aad: &hex!("2b9544807b362ebfd88146e2b02c9270"), - ciphertext: &hex!("434d703b8d1069ad8036288b7c2d1ae6"), - tag: &hex!("7d31e397c0c943cbb16cfb9539a6a17d"), - }, - GcmTV { - key: &hex!("83688deb4af8007f9b713b47cfa6c73e35ea7a3aa4ecdb414dded03bf7a0fd3a"), - nonce: &hex!("0b459724904e010a46901cf3"), - plaintext: &hex!("33d893a2114ce06fc15d55e454cf90c3"), - aad: &hex!("794a14ccd178c8ebfd1379dc704c5e208f9d8424"), - ciphertext: &hex!("cc66bee423e3fcd4c0865715e9586696"), - tag: &hex!("0fb291bd3dba94a1dfd8b286cfb97ac5"), - }, - GcmTV { - key: &hex!("013f549af9ecc2ee0259d5fc2311059cb6f10f6cd6ced3b543babe7438a88251"), - nonce: &hex!("e45e759a3bfe4b652dc66d5b"), - plaintext: &hex!("79490d4d233ba594ece1142e310a9857"), - aad: &hex!("b5fe530a5bafce7ae79b3c15471fa68334ab378e"), - ciphertext: &hex!("619443034e4437b893a45a4c89fad851"), - tag: &hex!("6da8a991b690ff6a442087a356f8e9e3"), - }, - GcmTV { - key: &hex!("4b2815c531d2fceab303ec8bca739a97abca9373b7d415ad9d6c6fa9782518cc"), - nonce: &hex!("47d647a72b3b5fe19f5d80f7"), - plaintext: &hex!("d3f6a645779e07517bd0688872e0a49b"), - aad: &hex!("20fd79bd0ee538f42b7264a5d098af9a30959bf5"), - ciphertext: &hex!("00be3b295899c455110a0ae833140c4d"), - tag: &hex!("d054e3997c0085e87055b79829ec3629"), - }, - GcmTV { - key: &hex!("2503b909a569f618f7eb186e4c4b81dbfe974c553e2a16a29aea6846293e1a51"), - nonce: &hex!("e4fa3dc131a910c75f61a38b"), - plaintext: &hex!("188d542f8a815695c48c3a882158958c"), - aad: &hex!("f80edf9b51f8fd66f57ce9af5967ec028245eb6e"), - ciphertext: &hex!("4d39b5494ca12b770099a8eb0c178aca"), - tag: &hex!("adda54ad0c7f848c1c72758406b49355"), - }, - GcmTV { - key: &hex!("6c8f34f14569f625aad7b232f59fa8b187ab24fadcdbaf7d8eb45da8f914e673"), - nonce: &hex!("6e2f886dd97be0e4c5bd488b"), - plaintext: &hex!("ac8aa71cfbf1e968ef5515531576e314"), - aad: &hex!("772ec23e49dbe1d923b1018fc2bef4b579e46241"), - ciphertext: &hex!("cb0ce70345e950b429e710c47d9c8d9b"), - tag: &hex!("9dceea98c438b1d9c154e5386180966d"), - }, - GcmTV { - key: &hex!("182fe560614e1c6adfd1566ac44856df723dcb7e171a7c5796b6d3f83ef3d233"), - nonce: &hex!("8484abca6877a8622bfd2e3c"), - plaintext: &hex!("92ca46b40f2c75755a28943a68a8d81c"), - aad: &hex!("2618c0f7fe97772a0c97638cca238a967987c5e5"), - ciphertext: &hex!("ed1941b330f4275d05899f8677d73637"), - tag: &hex!("3fe93f1f5ffa4844963de1dc964d1996"), - }, - GcmTV { - key: &hex!("65a290b2fabe7cd5fb2f6d627e9f1f79c2c714bffb4fb86e9df3e5eab28320ed"), - nonce: &hex!("5a5ed4d5592a189f0737cf47"), - plaintext: &hex!("662dda0f9c8f92bc906e90288100501c"), - aad: &hex!("ad1c7f7a7fb7f8fef4819c1dd1a67e007c99a87b"), - ciphertext: &hex!("8eb7cb5f0418da43f7e051c588776186"), - tag: &hex!("2b15399ee23690bbf5252fb26a01ae34"), - }, - GcmTV { - key: &hex!("7b720d31cd62966dd4d002c9ea41bcfc419e6d285dfab0023ba21b34e754cb2f"), - nonce: &hex!("e1fb1f9229b451b72f89c333"), - plaintext: &hex!("1aa2948ed804f24e5d783b1bc959e086"), - aad: &hex!("7fdae42d0cf6a13873d3092c41dd3a19a9ea90f9"), - ciphertext: &hex!("8631d3c6b6647866b868421b6a3a548a"), - tag: &hex!("a31febbe169d8d6f391a5e60ef6243a0"), - }, - GcmTV { - key: &hex!("a2aec8f3438ab4d6d9ae566a2cf9101ad3a3cc20f83674c2e208e8ca5abac2bb"), - nonce: &hex!("815c020686c52ae5ddc81680"), - plaintext: &hex!("a5ccf8b4eac22f0e1aac10b8d62cdc69"), - aad: &hex!("86120ce3aa81445a86d971fdb7b3b33c07b25bd6"), - ciphertext: &hex!("364c9ade7097e75f99187e5571ec2e52"), - tag: &hex!("64c322ae7a8dbf3d2407b12601e50942"), - }, - GcmTV { - key: &hex!("e5104cfcbfa30e56915d9cf79efcf064a1d4ce1919b8c20de47eab0c106d67c1"), - nonce: &hex!("d1a5ec793597745c7a31b605"), - plaintext: &hex!("7b6b303381441f3fdf9a0cf79ee2e9e0"), - aad: &hex!("9931678430ff3aa765b871b703dfcc43fb1b8594"), - ciphertext: &hex!("425d48a76001bed9da270636be1f770b"), - tag: &hex!("76ff43a157a6748250a3fdee7446ed22"), - }, - GcmTV { - key: &hex!("f461d1b75a72d942aa096384dc20cf8514a9ad9a9720660add3f318284ca3014"), - nonce: &hex!("d0495f25874e5714a1149e94"), - plaintext: &hex!("d9e4b967fdca8c8bae838a5da95d7cce"), - aad: &hex!("1133f372e3db22456e7ea92f29dff7f1d92864d3"), - ciphertext: &hex!("1df711e6fbcba22b0564c6e36051a3f7"), - tag: &hex!("f0563b7494d5159289b644afc4e8e397"), - }, - GcmTV { - key: &hex!("a9a98ef5076ceb45c4b60a93aeba102507f977bc9b70ded1ad7d422108cdaa65"), - nonce: &hex!("54a1bc67e3a8a3e44deec232"), - plaintext: &hex!("ede93dd1eaa7c9859a0f709f86a48776"), - aad: &hex!("10cfef05e2cd1edd30db5c028bd936a03df03bdc"), - ciphertext: &hex!("3d3b61f553ab59a9f093cac45afa5ac0"), - tag: &hex!("7814cfc873b3398d997d8bb38ead58ef"), - }, - GcmTV { - key: &hex!("d9e17c9882600dd4d2edbeae9a224d8588ff5aa210bd902d1080a6911010c5c5"), - nonce: &hex!("817f3501e977a45a9e110fd4"), - plaintext: &hex!("d74d968ea80121aea0d7a2a45cd5388c"), - aad: &hex!("d216284811321b7591528f0af5a3f2768429e4e8"), - ciphertext: &hex!("1587c8b00e2c197f32a21019feeee99a"), - tag: &hex!("63ea43c03d00f8ae5724589cb6f64480"), - }, - GcmTV { - key: &hex!("ec251b45cb70259846db530aff11b63be00a951827020e9d746659bef2b1fd6f"), - nonce: &hex!("e41652e57b624abd84fe173a"), - plaintext: &hex!("75023f51ba81b680b44ea352c43f700c"), - aad: &hex!("92dd2b00b9dc6c613011e5dee477e10a6e52389c"), - ciphertext: &hex!("29274599a95d63f054ae0c9b9df3e68d"), - tag: &hex!("eb19983b9f90a0e9f556213d7c4df0f9"), - }, - GcmTV { - key: &hex!("61f71fdbe29f56bb0fdf8a9da80cef695c969a2776a88e62cb3d39fca47b18e3"), - nonce: &hex!("77f1d75ab0e3a0ed9bf2b981"), - plaintext: &hex!("110a5c09703482ef1343396d0c3852d3"), - aad: &hex!("c882691811d3de6c927d1c9f2a0f15f782d55c21"), - ciphertext: &hex!("7e9daa4983283facd29a93037eb70bb0"), - tag: &hex!("244930965913ebe0fa7a0eb547b159fb"), - }, - GcmTV { - key: &hex!("e4fed339c7b0cd267305d11ab0d5c3273632e8872d35bdc367a1363438239a35"), - nonce: &hex!("0365882cf75432cfd23cbd42"), - plaintext: &hex!("fff39a087de39a03919fbd2f2fa5f513"), - aad: &hex!("8a97d2af5d41160ac2ff7dd8ba098e7aa4d618f0f455957d6a6d0801796747ba57c32dfbaaaf15176528fe3a0e4550c9"), - ciphertext: &hex!("8d9e68f03f7e5f4a0ffaa7650d026d08"), - tag: &hex!("3554542c478c0635285a61d1b51f6afa"), - }, - GcmTV { - key: &hex!("bd93c7bfc850b33c86484e04859ed374beaee9d613bdca6f072d1d182aeebd04"), - nonce: &hex!("6414c7749effb9af7e5c4762"), - plaintext: &hex!("b6de1699931f2252efc98d491d22ee12"), - aad: &hex!("76f43d5664c7ac1b4de43f2e2c4bc71f6918e0762f40e5dd5597ef4ff215855a4fd26d3ea6ccbd4e10789948fa692433"), - ciphertext: &hex!("a6c7e52f2018b823506e48064ffe6ee4"), - tag: &hex!("175e653c9036f66835f10cf1c82d1741"), - }, - GcmTV { - key: &hex!("df0125a826c7fe49243d89cbdd7562aafd2103fa2783cf901976b5f5d481cdcb"), - nonce: &hex!("f63c1461b2964929d035d9bf"), - plaintext: &hex!("cc27ff68f981e4d6fb1918427c3d6b9e"), - aad: &hex!("0bf602ec47593e44ac1b88244455fa04359e338057b0a0ba057cb506d546d4d6d8538640fe7dd3d5864bd33b5a33d768"), - ciphertext: &hex!("b8fa150af93078574ac7c4615f88647d"), - tag: &hex!("4584553ac3ccdf8b0efae517652d3a18"), - }, - GcmTV { - key: &hex!("d33ea320cec0e43dfc1e3d1d8ccca2dd7e30ad3ea18ad7141cc83645d18771ae"), - nonce: &hex!("540009f321f41d00202e473b"), - plaintext: &hex!("e56cdd522d526d8d0cd18131a19ee4fd"), - aad: &hex!("a41162e1fe875a81fbb5667f73c5d4cbbb9c3956002f7867047edec15bdcac1206e519ee9c238c371a38a485c710da60"), - ciphertext: &hex!("8b624b6f5483f42f36c85dc7cf3e9609"), - tag: &hex!("2651e978d9eaa6c5f4db52391ac9bc7c"), - }, - GcmTV { - key: &hex!("7f35f5979b23321e6449f0f5ef99f2e7b796d52d560cc77aabfb621dbf3a6530"), - nonce: &hex!("cf0f6f3eed4cf374da714c77"), - plaintext: &hex!("4e9f53affdb5b1e91bf423d29c54401a"), - aad: &hex!("a676d35d93e12bfe0603f6aef2c3dd892a9b1ad22d476c3509d313256d4e98e4dda4e46e93b54cf59c2b90608a8fb3ad"), - ciphertext: &hex!("1714d55ef83df2927ee95ff22f1d90e6"), - tag: &hex!("4962a91d1071dd2c05934968d21eb43c"), - }, - GcmTV { - key: &hex!("06ecc134993506cf539b1e797a519fe1d9f34321fe6a0b05f1936285c35c93a4"), - nonce: &hex!("f2190861d1140bd080d79906"), - plaintext: &hex!("519c1fc45a628ec16c515427796711f7"), - aad: &hex!("a04f2723c2521181437ad63f7910481d5de98f3e2561cec3a177bdbcb5048619738852e0fb212a3caa741a353e4e89a8"), - ciphertext: &hex!("b36c793224ce3bb1b54144398fbdedb6"), - tag: &hex!("0030e6e84f6f8eb474ce8e071c2953dd"), - }, - GcmTV { - key: &hex!("734fa8b423b91e0ecccc7f554480eef57a82423a9f92b28d464320fba405a71c"), - nonce: &hex!("a6b5c78bb5791f4d121390ce"), - plaintext: &hex!("b496a99b39e0e94bb5829cfc3d7b3856"), - aad: &hex!("9ce25ff9b55dfa04e4271999a47cba8af8e83a390b090d1c4306b40ce8882624b662ff5867896396789295c19ec80d07"), - ciphertext: &hex!("904081a40484bb6454fc52cb6674e737"), - tag: &hex!("6a0787cf3921a71c35b5054954527823"), - }, - GcmTV { - key: &hex!("d106280b84f25b294f71c261f66a65c2efd9680e19f50316d237975052796392"), - nonce: &hex!("cfc6aa2aeba468c66bf4553f"), - plaintext: &hex!("57e937f8b9b814e965bb569fcf63aaac"), - aad: &hex!("012a43f9903a3808bf34fd6f77d831d9154205ded589964cae60d2e49c856b7a4100a55c8cd02f5e476f62e988dcbd2b"), - ciphertext: &hex!("c835f5d4fd30fe9b2edb4aff24803c60"), - tag: &hex!("e88426bb4619807f18a9cc9839754777"), - }, - GcmTV { - key: &hex!("81eb63bc47aba313d964a5335cfb039051520b3112fa54cab368e5243947d450"), - nonce: &hex!("18cc5dd875753ff51cc6f441"), - plaintext: &hex!("45f51399dff6a0dcd43f35256616d6be"), - aad: &hex!("24f766c56777312494245a4e6c7dbebbae4026e0907eadbc20a488982678161de7b924473c0a81ee59a0fa6905952b33"), - ciphertext: &hex!("a2fc7b0784ec4233142f9cde12ab9e98"), - tag: &hex!("4e60b8561cacfe7133740cd2bddefaa0"), - }, - GcmTV { - key: &hex!("0a997863786a4e97332224ed484ffca508b166f0603687200d99fd6accd45d83"), - nonce: &hex!("7a9acabd4b8d3e1036293a07"), - plaintext: &hex!("9d2c9ff39f57c96ecce287c68c5cd6eb"), - aad: &hex!("525fc5ac7fe93c183a3ef7c75e3fbd52dce956855aff385966f4d79966bdb3ec2019c466584d21bfee74511a77d82adb"), - ciphertext: &hex!("238441c65b2a1c41b302da0f52d40770"), - tag: &hex!("c351d93ab9491cdfb7fa15e7a251de22"), - }, - GcmTV { - key: &hex!("acbfeb7c595b704960c1097e93d3906534c23444c8acc1f8e969ce6c3fe8a46b"), - nonce: &hex!("28922ecac3013806c11660e6"), - plaintext: &hex!("e0d8c52d60c6ed6980abd4348f3f96f1"), - aad: &hex!("b1fe886107013ebdeb19315a9d096ed81803951a508f56f68202a7df00bebae0742dd1128c200952a049ef0cd7cfe4e6"), - ciphertext: &hex!("56fe1cf2c1d193b9b33badbf846f52cc"), - tag: &hex!("1cb4c14f50a54a64813ffc810f31f9f8"), - }, - GcmTV { - key: &hex!("f6e768475c33269596da1f5a5a38547a885006bebb9134e21274d8456e9f5529"), - nonce: &hex!("3579e5ac51d1f1b82ea352ca"), - plaintext: &hex!("0aa481f856f8b96547672e5ae5370f9e"), - aad: &hex!("6929b6053ba148304366164f79b1b9f592c9cb9bce65094cec5cb8b0fc63e20d86b17c8bf5a7b089a63c5eac1824ee93"), - ciphertext: &hex!("b2f4edf5f0b0bfc590fead6239b0f2fb"), - tag: &hex!("2540ceb5ef247c95d63df84c46468533"), - }, - GcmTV { - key: &hex!("2ca76112300bed65b87ba6ec887cd514f4633c1c96565fec8e3e69ae2ba88401"), - nonce: &hex!("964864510a8c957dcfb97d2f"), - plaintext: &hex!("0aff24b4c5aa45b81ce08ec2439be446"), - aad: &hex!("5aebdfd153a18763f36ecc9e8e9a01cb7b3f21e435b35b0da937c67e87c9ec058d08060a95e1eda0a5ab6546cca45094"), - ciphertext: &hex!("03da1f5a1403dbdd9f75a26113608ec0"), - tag: &hex!("a1c215d0c552a6061aa2b60afc3667a6"), - }, - GcmTV { - key: &hex!("c0ff018b6c337dde685c8279cf6de59d7ce4b288032b819e074b671e72abbc91"), - nonce: &hex!("f12e6b1e85f87ef4c9ccbb7b"), - plaintext: &hex!("f7512bbfa2d40d14be71b70f70701c99"), - aad: &hex!("0577e8d28c0e9e5cde3c8b2a1a2aa8e2fc3ec8e96768405fcfbd623be7fc4e2e395c59b5b3a8ea117ef211320bc1f857"), - ciphertext: &hex!("0187b4c2d52486b4417e5a013d553e5e"), - tag: &hex!("dba451e7339be8ebed3ea9683d1b4552"), - }, - GcmTV { - key: &hex!("d90c6948ac2353867e943069196a2c4d0c4d51e34e2505661b1d76f3e5f17ac5"), - nonce: &hex!("07e5623f474e2f0fe9f4c7d2"), - plaintext: &hex!("8a9fb1b384c0d1728099a4f7cb002f07"), - aad: &hex!("0de97574ae1bc6d3ef06c6ce03513ca47dff4728803e0aacc50564ee32b775fd535f5c8c30186550d99bff6f384af2dd"), - ciphertext: &hex!("4234a3a9fb199c3b293357983e8ac30b"), - tag: &hex!("d51e6f071dbab126f5fc9732967108ef"), - }, - GcmTV { - key: &hex!("80d755e24d129e68a5259ec2cf618e39317074a83c8961d3768ceb2ed8d5c3d7"), - nonce: &hex!("7598c07ba7b16cd12cf50813"), - plaintext: &hex!("5e7fd1298c4f15aa0f1c1e47217aa7a9"), - aad: &hex!("0e94f4c48fd0c9690c853ad2a5e197c5de262137b69ed0cdfa28d8d12413e4ffff15374e1cccb0423e8ed829a954a335ed705a272ad7f9abd1057c849bb0d54b768e9d79879ec552461cc04adb6ca0040c5dd5bc733d21a93702"), - ciphertext: &hex!("5762a38cf3f2fdf3645d2f6696a7eead"), - tag: &hex!("8a6708e69468915c5367573924fe1ae3"), - }, - GcmTV { - key: &hex!("dda7977efa1be95a0e41ed8bcd2aa648621945c95a9e28b63919e1d92d269fc3"), - nonce: &hex!("053f6e1be42af8894a6e86a0"), - plaintext: &hex!("6fa9b08176e9963927afba1e5f969a42"), - aad: &hex!("cb5114a001989339657427eb88329d6ce9c69694dc91a69b7557d62184e57832ec76d162fc9c47490bb3d78e5899445cecf85d36cb1f07fed5a3d82aaf7e9590f3ed74ad13b13c8adbfc7f29d7b151448d6f29d11d0bd3d03b76"), - ciphertext: &hex!("d4adbff3ec8edade29b9a1b748c31b54"), - tag: &hex!("3b331733c753858c22d309ceb0f9488c"), - }, - GcmTV { - key: &hex!("d7da934ad057dc06bd1ec234fcc4efdc5119037a440b5827de25915f22dd47e5"), - nonce: &hex!("1b54c4ea37d2395ef70dcc72"), - plaintext: &hex!("86d5567658361198348207ede7a46da6"), - aad: &hex!("735de4596a80e64e38a12ab24ef73881d6ed3b533cb2c101025c3615acd2114150feeca84ade4e563bc4a300eb4a0cd97a184a293f0ac063e4f3c61e7fcdb331bcc6459fafaf0e2dda881f34eb717f4ee8c4b6890d3ef59721f3"), - ciphertext: &hex!("70a1c1d7c200ba5ae1b6f29917bb19f2"), - tag: &hex!("a25d51cccb198bed33de0b98df249c2d"), - }, - GcmTV { - key: &hex!("930ebb4b9b9c35094be374cc0b700c437b3c46b45d489a716c30f93cd5f986c9"), - nonce: &hex!("7a21e5febd82ec9b97bfbe83"), - plaintext: &hex!("980086665d08a365f6bbe20ae51116f7"), - aad: &hex!("9f2ed5f6cf9e2d6505d3c99a8f81a7dfc5658dd085eba966c8b3206230973a086ec36fe948573baee108fca941bce53dad73180877cd497976209c1adf8a9861f0215560df064caf0ef2f99445c11816f5b8deeafedd682b5fb2"), - ciphertext: &hex!("05baaefdeb0c33674a8064a2e9951aaf"), - tag: &hex!("2ec7efd2564d4e09a6ab852f3af49939"), - }, - GcmTV { - key: &hex!("70213d8949a65f463d13206071fab1b4c6b614fd3cee0d340d2d806de6714a93"), - nonce: &hex!("f8529d3e4f155cbb1ffb3d0a"), - plaintext: &hex!("47d47a5fd32a2a416f921cc7f00c0f81"), - aad: &hex!("112360db39b867dabaaa1d777bd881df2104b69fba15a4f37a832f5da38ad8a8c7c46db93e5b4eadf8b9a5a75508ad1457994c133c5ac85509eedfb13b90a2cf6c56a3c778582939362008608b08f9c4866a0e38744572114598"), - ciphertext: &hex!("b220b69bd851a17fbc5b725fb912f11e"), - tag: &hex!("4c3436943d58501c0826ae5827bc063e"), - }, - GcmTV { - key: &hex!("7a5834230ebbbf616630f2edb3ad4320182433c0546ac1e34bc9fd046e4a0ed9"), - nonce: &hex!("d27dd6212b6defdcbbc701bb"), - plaintext: &hex!("b4def1251427ade064a9614e353dda3f"), - aad: &hex!("3bc12f3bb88ea4f8a2184959bb9cd68911a78458b27e9b528ccecafe7f13f303dc714722875f26b136d18a3acfe82b53ad5e13c71f3f6db4b0fd59fffd9cd4422c73f2c31ac97010e5edf5950dc908e8df3d7e1cbf7c34a8521e"), - ciphertext: &hex!("88f94965b4350750e11a2dc139ccaef1"), - tag: &hex!("8a61f0166e70c9bfdd198403e53a68a5"), - }, - GcmTV { - key: &hex!("c3f10586f246aacadcce3701441770c03cfec940afe1908c4c537df4e01c50a0"), - nonce: &hex!("4f52faa1fa67a0e5f4196452"), - plaintext: &hex!("79d97ea3a2edd65045821ea745a44742"), - aad: &hex!("46f9a22b4e52e1526513a952dbee3b91f69595501e0177d50ff364638588c08d92fab8c58a969bdcc84c468d8498c4f06392b99ed5e0c484507fc48dc18d87c40e2ed848b43150be9d36f14cf2cef1310ba4a745adcc7bdc41f6"), - ciphertext: &hex!("560cf716e56190e9397c2f103629eb1f"), - tag: &hex!("ff7c9124879644e80555687d273c55d8"), - }, - GcmTV { - key: &hex!("ad70ebcf889e88b867ded0e4838ca66d6991499046a5671d99e91ed463ae78b1"), - nonce: &hex!("561e13b335718fcbee364100"), - plaintext: &hex!("82d5568872a4cef12238c0feb14f0fb4"), - aad: &hex!("e037bd7306eec185b9cb4e3bf295232da19005957086d62e6fb342284f05feaa0e81d6c95071e7e4d7b6aad7b00f7e7863dd0fc16303a8304bb8855305f28067f4be71eed95ff90e046382116229f0fd3d2c3ef2e87e0d0e7950"), - ciphertext: &hex!("771c6d091f8190ddbdb8886d9ce2ebd5"), - tag: &hex!("5009abd1ebeb26dab852346ea6d8aee3"), - }, - GcmTV { - key: &hex!("a452fa24b381e7165ee90f3371c2b0db2176f848a0354c78e92f2f1f89bbc511"), - nonce: &hex!("4bd904dfe18241eb5455d912"), - plaintext: &hex!("3f43df23ea940f3680a4b679b56db579"), - aad: &hex!("64f1a9d21deb183cff84f1aef5be83dbfc72e275f229eb5d59ace143605e8901dfa8f4724be24c86b5429bc84b629971fe1f9663b7537427b45dfb67d5f04506df4ee2c33d7f15af9f6e86058b131b7e6042b43a55bf6915f048"), - ciphertext: &hex!("c054974c4562f8536aef2734f10e09fc"), - tag: &hex!("2c5cafaf7b1f7581c5ec13080994e33c"), - }, - GcmTV { - key: &hex!("209ea3c4dd0420a4d63dbb72099a0202c9b0709f3b1221565f890511eef8005b"), - nonce: &hex!("43775083e4008816129f5d40"), - plaintext: &hex!("b4967f8c4fb1b34b6ff43a22d34fae5c"), - aad: &hex!("9abc653a2347fc6e5a8cb9bdc251dff7c56109797c387494c0ed55570330961eb5b11087603e08ad293d0dd55571008e62d1163f67cf829e28d27beba65553bd11d8838f8a7a5f1fe05500befbaf97839801e99ecf998882c707"), - ciphertext: &hex!("a8d22a6e25232938d3f8600a66be80da"), - tag: &hex!("2ef93cc03c17bbfb6626144697fd2422"), - }, - GcmTV { - key: &hex!("dabd63ac5274b26842c2695c9850d7accc1693ee2aeee1e2e1338bbbc5b80f87"), - nonce: &hex!("fd6790d620f12870b1d99b31"), - plaintext: &hex!("4a28048f5683679a557630a661f030e2"), - aad: &hex!("e4a06b9b205a7faadb21dc7fea8a0de0e013d717b61b24ec42f81afc8cdbc055573e971375da2fa5103a091317eab13b6a110ea211af257feabf52abafec23fd5b114b013d5c052199020573f8b7b7ae6958f733e87efa0426c2"), - ciphertext: &hex!("196d0345df259b47665bc233b798ebba"), - tag: &hex!("b0729d8b427ad048a7396cedf2257338"), - }, - GcmTV { - key: &hex!("b238df5e52e649d4b0a05e53020ac59e7d5bf49b8d04f8c30c356ed62dba9ed1"), - nonce: &hex!("f153f093c9a3479f999eda04"), - plaintext: &hex!("d48e779766afa73d7e04fc6fc3fa825e"), - aad: &hex!("45b5df0c15140e5ce7a19f4e02834e6027971e3e0e719626c29081a6301e95c71214345afac1908bb75ff2d3281261e6c5f41dc4e4796f054174a64f8e177f3f33321edfbd263e204135699428a09f34eb344211bfb9fac9afba"), - ciphertext: &hex!("b1989eb510843d8f35205dc3f949522f"), - tag: &hex!("616089990729228f673099514824d9b4"), - }, - GcmTV { - key: &hex!("f3dc2456d3b8947591a2d82b7319226b0f346cd4361bcc13b56da43e072a2774"), - nonce: &hex!("7a8acb5a84d7d01e3c00499e"), - plaintext: &hex!("ad075da908231ff9aae30daa6b847143"), - aad: &hex!("5e6be069effee27d34a8087c0d193f9f13e6440dc9fabfe24f6c867f831d06789d0dce92b2e3ff3ab9fe14202a8b42f384c25e3f3753dd503ec907a9b877f1707d64e4ac42909a7dee00c87c4a09d04de331515460ed101f5187"), - ciphertext: &hex!("9f224f2a1a1fbaade8b87b748971c0ac"), - tag: &hex!("cb5089d9dfaebf98e4b36ebc5f9a1a50"), - }, - GcmTV { - key: &hex!("f5a56b69a1562c77e8edebc327a20295c2eba7d406d899a622c53539626c9d72"), - nonce: &hex!("a395b8aca4508a6a5f3cb4d8"), - plaintext: &hex!("7de4638701bd2b600d7f8d26da7a75bc"), - aad: &hex!("2e4fca2b163e4403971716015386cd81bdd1e57f00f2936da408098341011f2644a38ddad799f70eaa54f6e430d4853ff2b9c44a35123670879a83120bd555c76b95b70de0c8054f9d08539a5795e70a2446d7b9fab3f7887c6b"), - ciphertext: &hex!("6508be2698ba9889b4e445b99190a5c5"), - tag: &hex!("3394106f257c2e15c815430f60bc24ba"), - }, - GcmTV { - key: &hex!("376371a780947256c52f07d80bb25a4d7e919ca8bd693b1a0ccbca748d2ce620"), - nonce: &hex!("27d7170f6f70f2fc40dfca78"), - plaintext: &hex!("7a279f9f8568b7c307490549b259226c"), - aad: &hex!("272c3559398ad774fa4b6895afc92870b2b92d310fa0debf0b7960e1fe38bfda64acd2fef26d6b177d8ab11d8afceee77374c6c18ad405d5ae323ad65fb6b04f0c809319133712f47636c5e042f15ed02f37ee7a10c643d7b178"), - ciphertext: &hex!("32284379d8c40ec18ee5774085d7d870"), - tag: &hex!("dcdee1a757f9758c944d296b1dabe7b2"), - }, - GcmTV { - key: &hex!("82c4f12eeec3b2d3d157b0f992d292b237478d2cecc1d5f161389b97f999057a"), - nonce: &hex!("7b40b20f5f397177990ef2d1"), - plaintext: &hex!("982a296ee1cd7086afad976945"), - aad: b"", - ciphertext: &hex!("ec8e05a0471d6b43a59ca5335f"), - tag: &hex!("113ddeafc62373cac2f5951bb9165249"), - }, - GcmTV { - key: &hex!("db4340af2f835a6c6d7ea0ca9d83ca81ba02c29b7410f221cb6071114e393240"), - nonce: &hex!("40e438357dd80a85cac3349e"), - plaintext: &hex!("8ddb3397bd42853193cb0f80c9"), - aad: b"", - ciphertext: &hex!("b694118c85c41abf69e229cb0f"), - tag: &hex!("c07f1b8aafbd152f697eb67f2a85fe45"), - }, - GcmTV { - key: &hex!("acad4a3588a7c5ec67832baee242b007c8f42ed7425d5a7e57b1070b7be2677e"), - nonce: &hex!("b11704ba368abadf8b0c2b98"), - plaintext: &hex!("2656b5fbec8a3666cad5f460b7"), - aad: b"", - ciphertext: &hex!("35c7114cabe39203df19413a99"), - tag: &hex!("16f4c7e5becf00db1223476a14c43ebc"), - }, - GcmTV { - key: &hex!("e5a0eb92cc2b064e1bc80891faf1fab5e9a17a9c3a984e25416720e30e6c2b21"), - nonce: &hex!("4742357c335913153ff0eb0f"), - plaintext: &hex!("8499893e16b0ba8b007d54665a"), - aad: b"", - ciphertext: &hex!("eb8e6175f1fe38eb1acf95fd51"), - tag: &hex!("88a8b74bb74fda553e91020a23deed45"), - }, - GcmTV { - key: &hex!("e78c477053f5dae5c02941061d397bc38dda5de3c9c8660a19de66c56c57fd22"), - nonce: &hex!("4f52c67c2bb748d192a5a4e2"), - plaintext: &hex!("91593e21e1f883af5c32d9be07"), - aad: b"", - ciphertext: &hex!("e37fbc56b0af200a7aa1bbe34e"), - tag: &hex!("29fe54eaaccf5e382601a15603c9f28c"), - }, - GcmTV { - key: &hex!("d0b13482037639aa797471a52b60f353b42e0ed271daa4f38a9293191cb78b72"), - nonce: &hex!("40fb7cae46adf3771bf3756a"), - plaintext: &hex!("938f40ac8e0e3b956aac5e9184"), - aad: b"", - ciphertext: &hex!("7dca05a1abe81928ccfb2164dd"), - tag: &hex!("5ea53ee170d9ab5f6cc047854e47cf60"), - }, - GcmTV { - key: &hex!("46da5ec688feead76a1ddcd60befb45074a2ef2254d7be26abdfd84629dbbc32"), - nonce: &hex!("9fb3b2b03925f476fc9a35f3"), - plaintext: &hex!("a41adc9fb4e25a8adef1180ec8"), - aad: b"", - ciphertext: &hex!("f55d4cbe9b14cea051fe7a2477"), - tag: &hex!("824753da0113d21186699dbb366c0589"), - }, - GcmTV { - key: &hex!("de3adf89f2fe246c07b0ce035f4af73cf2f65e5034dcfecfe9d7690ae1bdbd96"), - nonce: &hex!("a94aa4df0d8451644a5056c0"), - plaintext: &hex!("96825f6d6301db14a8d78fc2f4"), - aad: b"", - ciphertext: &hex!("784c6c3c24a022637cbc907c48"), - tag: &hex!("1eeaeddcdb4c72c4e8966950a319a4ef"), - }, - GcmTV { - key: &hex!("03c362288883327f6289bc1824e1c329ce485e0ce0e8d3405245283cf0f2eae2"), - nonce: &hex!("5de9f882c915c72729b2245c"), - plaintext: &hex!("f5c1c8d41de01d9c08d9f47ece"), - aad: b"", - ciphertext: &hex!("61af621953a126a2d1de559e92"), - tag: &hex!("fbdeb761238f2b70c5fb3dde0a7978f3"), - }, - GcmTV { - key: &hex!("e9ead7c59100b768aa6367d80c04a49bcd19fa8cc2e158dc8edeec3ea39b657d"), - nonce: &hex!("e81854665d2e0a97150fbab3"), - plaintext: &hex!("f8ccf69c52a873695367a42940"), - aad: b"", - ciphertext: &hex!("af2a7199602ee9ed2020c7b4cd"), - tag: &hex!("29715945ab1c034ecfcd91a466fc822e"), - }, - GcmTV { - key: &hex!("bc3e5b0fe423205904c32f870b9adec9d736a1616624043e819533fa97ed9b79"), - nonce: &hex!("335fe5180135673ce1a75144"), - plaintext: &hex!("295df9665eef999204f92acf24"), - aad: b"", - ciphertext: &hex!("3ac2a8a1b505a84677adfdb396"), - tag: &hex!("21f20aa0bb77d46d7290bc9c97a7a7bd"), - }, - GcmTV { - key: &hex!("ce889c73e0d64e272aba4bf9777afc7ee6457ddc9626ad931708ed7530d71b99"), - nonce: &hex!("fe61a6cda62fecd4e3b0c562"), - plaintext: &hex!("e2ae40ba5b4103b1a3066c1b57"), - aad: b"", - ciphertext: &hex!("185aa3508a37e6712b28191ec2"), - tag: &hex!("9ec1d567585aa467730cce92e536728e"), - }, - GcmTV { - key: &hex!("41e0cb1aed2fe53e0b688acb042a0c710a3c3ae3205b07c0af5191073abdfba9"), - nonce: &hex!("2f56e35216d88d34d08f6872"), - plaintext: &hex!("6482df0e4150e73dac51dc3220"), - aad: b"", - ciphertext: &hex!("9cb09b9927dfbe0f228e0a4307"), - tag: &hex!("fe7e87a596d63e2ab2aae46b64d466e8"), - }, - GcmTV { - key: &hex!("52a7662954d525cb00602b1ff5e937d41065ac4b921e284ffac73c04cfd462a0"), - nonce: &hex!("baffe73856ab1a47fb1feebf"), - plaintext: &hex!("9d0b5ca712f97caa1875d3ad87"), - aad: b"", - ciphertext: &hex!("fd01165380aedd6be226a66af3"), - tag: &hex!("35a492e39952c26456850b0172d723d1"), - }, - GcmTV { - key: &hex!("c4badb9766986faeb888b1db33060a9cd1f02e1afe7aaaea072d905750cb7352"), - nonce: &hex!("cc6966e9d81a298a561416d4"), - plaintext: &hex!("de68fb51731b45e7c2c5063923"), - aad: b"", - ciphertext: &hex!("f5be41f2c8c32e01098d433057"), - tag: &hex!("c82b1b012916ab6ed851d59829dad8ab"), - }, - GcmTV { - key: &hex!("dad89d9be9bba138cdcf8752c45b579d7e27c3dbb40f53e771dd8cfd500aa2d5"), - nonce: &hex!("cfb2aec82cfa6c7d89ee72ff"), - plaintext: &hex!("b526ba1050177d05b0f72f8d67"), - aad: &hex!("6e43784a91851a77667a02198e28dc32"), - ciphertext: &hex!("8b29e66e924ecae84f6d8f7d68"), - tag: &hex!("1e365805c8f28b2ed8a5cadfd9079158"), - }, - GcmTV { - key: &hex!("0d35d3dbd99cd5e088caf686b1cead9defe0c6001463e92e6d9fcdc2b0dcbaf6"), - nonce: &hex!("f9139eb9368d69ac48479d1f"), - plaintext: &hex!("5e2103eb3e739298c9f5c6ba0e"), - aad: &hex!("825cc713bb41c789c1ace0f2d0dd3377"), - ciphertext: &hex!("8ff3870eec0176d9f0c6c1b1a2"), - tag: &hex!("344234475538dc78c01f249f673e0862"), - }, - GcmTV { - key: &hex!("d35d64f1872bdcb422228f0d63f8e48977ed68d143f648ae2cd852f944b0e6dd"), - nonce: &hex!("0b2184aadbe8b515924dda5e"), - plaintext: &hex!("c8f999aa1a08871d74db490cf3"), - aad: &hex!("888f328d9e9eebbb9cb2704b5b880d66"), - ciphertext: &hex!("ad0d5e7c1065a34b27a256d144"), - tag: &hex!("8c8e7076950f7f2aeba62e1e761650d5"), - }, - GcmTV { - key: &hex!("9484b7ce3c118a8a2d556c2f7ba41fca34f60c9ea1070171459c9e7487c9537e"), - nonce: &hex!("87bc033522ae84d2abe863c5"), - plaintext: &hex!("14d8004793190563825e273dda"), - aad: &hex!("07ee18737b9bf8223979a01c59a90eb4"), - ciphertext: &hex!("43034a2c57ccacc367796d766a"), - tag: &hex!("4c981ca8b6e9e52092f5435e7ef55fbb"), - }, - GcmTV { - key: &hex!("4f4539e4a80ec01a14d6bb1bae0010f8a8b3f2cd0ac01adf239a9b2b755f0614"), - nonce: &hex!("2b6f00ce1570432bf52fdcac"), - plaintext: &hex!("820cc9389e7e74ca1cbb5a5fe6"), - aad: &hex!("0d72a13effe40544c57cc18005b998cb"), - ciphertext: &hex!("99553fdf3e777e2a4b3b6a5538"), - tag: &hex!("3cbf51640a3a93c3662c738e98fb36a2"), - }, - GcmTV { - key: &hex!("2f5e93ee24a8cd2fc6d3765f12d2179ddb8397783e136af9e0ac75f16fca451e"), - nonce: &hex!("0dc3c70a191f3722641fd701"), - plaintext: &hex!("4e96463793cdeda403668c4aee"), - aad: &hex!("ebab30cbcc99905354e4ee6f07c7db87"), - ciphertext: &hex!("ab03f8ca7b1b150bdc26d4e691"), - tag: &hex!("020546afff4290c4c8ef7fc38035ebfd"), - }, - GcmTV { - key: &hex!("a902e15d06ef5ad334d0ec6502e936ee53ef3f3608f7708848b11cefa92983d1"), - nonce: &hex!("b9f3e966efa43ab4aca1f2d8"), - plaintext: &hex!("393ff3dfe51cd43543e4e29fcc"), - aad: &hex!("2eaa35c00bf1cf8a81919bd04b43fd97"), - ciphertext: &hex!("7e8928b450c622ac8efe29d5a0"), - tag: &hex!("5a285de95990aef171629350bbcaf46e"), - }, - GcmTV { - key: &hex!("96657976da7692004e271b594e8304f77db9c9e77859246bb30a16239ba76a53"), - nonce: &hex!("79226100afea30644876e79a"), - plaintext: &hex!("2b0833a065c3853ee27c8968d0"), - aad: &hex!("ede7a9072a0086b9a1e55d900747cf76"), - ciphertext: &hex!("19373168f1a4052a57c6b8146f"), - tag: &hex!("debbf044325384b90a0c442d95455fb9"), - }, - GcmTV { - key: &hex!("630ea13eb5f52378b976ba2662f824dc622920759a15d2e341c446b03ea7bd5c"), - nonce: &hex!("0f9ebe47682f93d44c4db314"), - plaintext: &hex!("5c734964878a4250a3bf61fdd6"), - aad: &hex!("5ad8e9cffe622e9f35bdb185473868e5"), - ciphertext: &hex!("67cb6d943340d002d3323fcc4e"), - tag: &hex!("f5dc0f88f236560c4e2a6d6c15d3c0de"), - }, - GcmTV { - key: &hex!("c64f8a3ac230dce61b53d7b584f2309384274d4b32d404bc0c491f129781e52d"), - nonce: &hex!("7f4b3bcf763f9e2d08516a6d"), - plaintext: &hex!("fe581128ae9832d27ec58bd7ac"), - aad: &hex!("89ed6945547ee5998de1bb2d2f0bef1e"), - ciphertext: &hex!("81d7a8fdaf42b5716b892199c9"), - tag: &hex!("8183aaff4c0973fe56c02c2e0c7e4457"), - }, - GcmTV { - key: &hex!("dd73670fb221f7ee185f5818065e22dda3780fc900fc02ef00232c661d7bffce"), - nonce: &hex!("c33de65344cfbf228e1652bd"), - plaintext: &hex!("ada4d98147b30e5a901229952a"), - aad: &hex!("e1a5e52427f1c5b887575a6f2c445429"), - ciphertext: &hex!("6ed4e4bd1f953d47c5288c48f4"), - tag: &hex!("404e3a9b9f5ddab9ee169a7c7c2cf7af"), - }, - GcmTV { - key: &hex!("f6c5d9562b7dbdd0bf628ddc9d660c27841b06a638f56601f408f23aa2f66f4e"), - nonce: &hex!("67280bcb945ba6eda1c6c80a"), - plaintext: &hex!("f4caead242d180fbd2e6d32d0c"), - aad: &hex!("5b33716567b6c67b78ea5cd9349bcaaf"), - ciphertext: &hex!("fdfa39517d89ea47e6ccb0f831"), - tag: &hex!("91f9b540ca90e310a1f5c12c03d8c25e"), - }, - GcmTV { - key: &hex!("ce1d242f13de7638b870e0aa85843ea43a9255a4fa4d32057347f38e0267daeb"), - nonce: &hex!("86562be4621b4d5eb1983075"), - plaintext: &hex!("d20e59a8ef1a7de9096c3e6746"), - aad: &hex!("d48a9490a0b7deb023460608b7db79ce"), - ciphertext: &hex!("35ce69fb15d01159c52266537c"), - tag: &hex!("dc48f7b8d3feeeb26fcf63c0d2a889ec"), - }, - GcmTV { - key: &hex!("512753cea7c8a6165f2ebbd3768cc7b951029bd527b126233cf0841aff7568c7"), - nonce: &hex!("b79221802d8d97978041fe84"), - plaintext: &hex!("c63d6c1006b615275c085730b1"), - aad: &hex!("22fa0605b955a33468f3e60160b907f2"), - ciphertext: &hex!("bdb5d7f24732bdba1d2a429108"), - tag: &hex!("fca923d2941a6fd9d596b86c3afb0ad9"), - }, - GcmTV { - key: &hex!("e7b18429e3edded2d992ca27afab99e438b8aff25fc8460201fabe08e7d48ec2"), - nonce: &hex!("9db9b7320aaac68538e37bf7"), - plaintext: &hex!("c4713bc67a59928eee50039901"), - aad: &hex!("283e12a26e1646087b5b9d8c123dde1f"), - ciphertext: &hex!("a5932f92bda107d28f2a8aaa74"), - tag: &hex!("9a1357fd8ed21fe14d1ca2e597c3ef17"), - }, - GcmTV { - key: &hex!("69b458f2644af9020463b40ee503cdf083d693815e2659051ae0d039e606a970"), - nonce: &hex!("8d1da8ab5f91ccd09205944b"), - plaintext: &hex!("f3e0e09224256bf21a83a5de8d"), - aad: &hex!("036ad5e5494ef817a8af2f5828784a4bfedd1653"), - ciphertext: &hex!("c0a62d77e6031bfdc6b13ae217"), - tag: &hex!("a794a9aaee48cd92e47761bf1baff0af"), - }, - GcmTV { - key: &hex!("97431e565e8370a4879de962746a2fd67eca868b1c8e51eece2c1f94f74af407"), - nonce: &hex!("17fb63066e2726d282ecc610"), - plaintext: &hex!("e21629cc973fbe40176e621d9d"), - aad: &hex!("78e7374da7c77be5938de8dd76cf0308618306a9"), - ciphertext: &hex!("80dbd469de480389ba6c2fca52"), - tag: &hex!("4e284abb8b4f9f13c7497ae56df05fa5"), - }, - GcmTV { - key: &hex!("2b14ad68f442f7f92a72c7ba909bcf995c827b439d39a02f77c9bf8f84ab04dc"), - nonce: &hex!("4c847ea59f83d82b0ac0bc37"), - plaintext: &hex!("b3c4b26ebbfc717f51e874587d"), - aad: &hex!("8eb650f662be23191e88f1cd0422e57453090e21"), - ciphertext: &hex!("3e288478688e60178920090814"), - tag: &hex!("a928dc026986823062f37ec825c67b95"), - }, - GcmTV { - key: &hex!("11f41bf7d4b9ac7b0035ce54481ed1502ff05cfae02ffba9e502f61bfe785351"), - nonce: &hex!("06f5cf8c12c236e094c32014"), - plaintext: &hex!("bee374a32293cad5e1b28419b3"), - aad: &hex!("d15cbde6290b7723625c99ffa82a9c4c03ed214d"), - ciphertext: &hex!("3f8122deb6dbe0ff596441203d"), - tag: &hex!("60ef7f3723710b9ab744f8eea00267f7"), - }, - GcmTV { - key: &hex!("18ca572da055a2ebb479be6d6d7164e78f592b159cdea76e9fe208062d7b3fa1"), - nonce: &hex!("1b041e534ae20748262f3929"), - plaintext: &hex!("cda2fa0015361ecf684c6ba7d1"), - aad: &hex!("e8a925d7ce18dd456b071cb4c46655940efbe991"), - ciphertext: &hex!("740d8d578e2e7522c31019f471"), - tag: &hex!("f2eeb5af1bfedd10570a137fe2566c3f"), - }, - GcmTV { - key: &hex!("0de2ac5bfec9e8a859c3b6b86dde0537029cdca2d0844bf3e1d98f370e199be1"), - nonce: &hex!("1778e308e0221288f1eb4c5a"), - plaintext: &hex!("575d93a3416763cbd371b5a671"), - aad: &hex!("1362264f5655f71986aa788efd48f6fc13bb6ab4"), - ciphertext: &hex!("8f8df7ca83bf876b63c78e2c9a"), - tag: &hex!("16c74e315aab97efafbe95c9dcaa2d0c"), - }, - GcmTV { - key: &hex!("b381535a085bc4808fa7a139c7204e8a87c7145dfc8f3900df1fa9a9844fab35"), - nonce: &hex!("21ddc54d3c633f4a344a0e42"), - plaintext: &hex!("e4d958cee583010bbfd3a53021"), - aad: &hex!("7ac3ba600e08363ddb57c45a8670bb4abb869db0"), - ciphertext: &hex!("c42c81a312759cdb032aafe852"), - tag: &hex!("0c472591db3df8a7c67164591542dcc9"), - }, - GcmTV { - key: &hex!("29f21e5029ea4964b96dc6f4c34b2df4cce02f2fcf0f168ffd470e7858e0a0ad"), - nonce: &hex!("63a1c1ccc328280a90ff96fe"), - plaintext: &hex!("dc12113764c13c21432ca1ba33"), - aad: &hex!("454f447433f0948581956c4be1b19d932e89b492"), - ciphertext: &hex!("1cb45aac5def93daef806b781e"), - tag: &hex!("f4b0723c89607b66c392049ba042db63"), - }, - GcmTV { - key: &hex!("2733d3aa52a9d70a9fbd6ce2364bb5f9004902aa5eeb17446e08f2bdcc41db15"), - nonce: &hex!("196c4addb84a58beb3674a7a"), - plaintext: &hex!("cbc50cafda2544bcd291e8a025"), - aad: &hex!("c9826fe31f29b55b9d0f9da9795869a1a98befe5"), - ciphertext: &hex!("7a89cc58ccb97ad3e54ca4a9c8"), - tag: &hex!("3990d9aba210182996fdbd91c2ae4801"), - }, - GcmTV { - key: &hex!("0c4b9005b407415c19672bcd0ebe169f66fe404f22529baf55568e0901e94922"), - nonce: &hex!("e51381e959a1f5688c938576"), - plaintext: &hex!("c6179bd3451d9299b727e8bd0a"), - aad: &hex!("0b512faeb4da740dcc1e30d3c7ea61035e8570b7"), - ciphertext: &hex!("4d3fe086c990f16020b4c5eed6"), - tag: &hex!("9ff2297845814719f851ab0943117efb"), - }, - GcmTV { - key: &hex!("fee442ba37c351ec094a48794216a51d208c6a5ba0e5bdb8f3c0f0dfc1e4ed63"), - nonce: &hex!("a666f2f0d42214dbaa6a2658"), - plaintext: &hex!("a2cf3ea0e43e435261cb663a3b"), - aad: &hex!("7198c12810345403862c5374092cc79b669baecc"), - ciphertext: &hex!("713d4050f8c7fd63c0c1bf2ad9"), - tag: &hex!("250a35e2b45ba6b0fe24512f8213d8cb"), - }, - GcmTV { - key: &hex!("77f754d0cf7dbdaf75cfe965ab131e8cd39087ee6d986dec4ad2ff08ebd7f14b"), - nonce: &hex!("e28a14f3107ca190d824ed5f"), - plaintext: &hex!("54a97a74889e55d8043451c796"), - aad: &hex!("1decf0cbc50a9da6dad4a785a941e4b95ce5aaa8"), - ciphertext: &hex!("eedbf8dd81eb19184589dcb157"), - tag: &hex!("7749edd752fab7e50dbc3b0b47678bf6"), - }, - GcmTV { - key: &hex!("0523f232001e68bd65a79837bbaf70ec2e20851301d8e12fddb5926acb2100cb"), - nonce: &hex!("2bb8d5cb3ceb15107582e1fa"), - plaintext: &hex!("6b4cdc9f9c5082d86a1d2e68fe"), - aad: &hex!("1f55bba71cb63df431ef8832c77499ee3c502067"), - ciphertext: &hex!("079fe90ef517ed2f614a3cd8ce"), - tag: &hex!("539c30590a2527f1d52dfae92920794c"), - }, - GcmTV { - key: &hex!("54c56ee869ebb112a408717eb40af6937fe51eb061b42277a10537e7db346b6a"), - nonce: &hex!("5bfb63e2f3e5b2e1b4343480"), - plaintext: &hex!("75f9496b8d0ca96ed3af02dcab"), - aad: &hex!("740ab07b9c5de2afa37f0788ae5230535c18203d"), - ciphertext: &hex!("827902e58c4c8b7af976f61842"), - tag: &hex!("036ee6473c2138f2a2c2841438cb0edc"), - }, - GcmTV { - key: &hex!("d968ffdbed6ffc259b4310e2e97e42d877ef5d86d2169928c51031983779a485"), - nonce: &hex!("633d0d8d3613c83b40df99dd"), - plaintext: &hex!("08cfc65fea9b07f0c01d29dfdf"), - aad: &hex!("9aadc8d8975ec0a3f5c960ce72aaec8ef0b42034"), - ciphertext: &hex!("7b450f162bdedc301b96a3ac36"), - tag: &hex!("970d97344b1451f3f969aeb972d352e6"), - }, - GcmTV { - key: &hex!("5f671466378f470ba5f5160e2209f3d95a48b7e560625d5a08654414de23aee2"), - nonce: &hex!("6b3c08a663d04132243dd96c"), - plaintext: &hex!("c428592d9f8a7f107ec4d0df05"), - aad: &hex!("12965559c31d538f937bda6eee9c93b0387318dc5d9496fb1c3a0b9b978dbfebff2a5823974ee9d679834dbe59f7ec51"), - ciphertext: &hex!("1d8d7fe4357080c817303ce19c"), - tag: &hex!("e88d6b566fdc7b4fd62106bd2eb806ec"), - }, - GcmTV { - key: &hex!("fbcc2e7faa4295080e40b141bef829ba9d34e0691231ad6c62b5109009d74b5e"), - nonce: &hex!("7f35d9ec651c5b0966573e2f"), - plaintext: &hex!("cdd251d449551fec080425d565"), - aad: &hex!("6330d16002a8fd51762043f2df06ecc9c535c96ebe33526d8faf767c2c2af3cd01f4e02fa102f15ce0236d9c9cef26de"), - ciphertext: &hex!("514c5523024dd4c7d59bd73b15"), - tag: &hex!("d3a399843e5776aa348e3e5e56482fff"), - }, - GcmTV { - key: &hex!("04ef660ec041f5c0c24209f959ccf1a2a7cdb0dba22b134ea9f75e6f1efdae4a"), - nonce: &hex!("0f5f6fbca29358217c8a6b67"), - plaintext: &hex!("0835b312191f30f931e65aa05f"), - aad: &hex!("505e205d13ec945391c7d6516af86255e82f38433f40404d4f1e42d23b33eb9e6dea5820dad60622d3a825fc8f01a5d2"), - ciphertext: &hex!("5ddc0f5963f0290c1a0fb65be7"), - tag: &hex!("106d1f8d26abe4b4b1e590cd5d85e737"), - }, - GcmTV { - key: &hex!("42d3ff74284395fb9db9b8c7a444fa400f7fc6b985a7fec2478667c7f17cf3ba"), - nonce: &hex!("89230fbed59d1226a093ad28"), - plaintext: &hex!("d8339e3618ba57a243a27c85d6"), - aad: &hex!("60342f97310446266b2e47b18e008979d07fc181151ac0939b495e7f31de1d0e74042532840ab91686efd7a402d27a94"), - ciphertext: &hex!("9bb6fa36fa167016109d521ac0"), - tag: &hex!("600909ef32ca62951ecbdc811caa7778"), - }, - GcmTV { - key: &hex!("e115c6468606a5f9b8e9a7c220d7d7684d686c9210a669770b6e4bf24447cd17"), - nonce: &hex!("029c7c9ee2d3ab26843e8b41"), - plaintext: &hex!("7abf84842f9867cfc5eabc7032"), - aad: &hex!("1befd9f97f99fc096deafde5e158ac86716c0ba32454988fe48ba4737684361849a221c03fc0948cb25b5f29d6a0cb2a"), - ciphertext: &hex!("851c7047fb09646fbddb824531"), - tag: &hex!("d0ac4110c8d768f0a804ecda387cfa30"), - }, - GcmTV { - key: &hex!("56552f0cef34673a4c958ff55ad0b32c6ababa06cb3ae90178ab1c9a1f29c0e5"), - nonce: &hex!("b34d24935407e8592247ffff"), - plaintext: &hex!("dbd6cc358b28ab66a69f5238d4"), - aad: &hex!("b199437da189486a8fd1c2fa1fe3ebbb116f0ef41415bb7c8065272fb0b2fe8edca9cd0d4255d467e77f2834be557474"), - ciphertext: &hex!("76dc8d035e5ca4001e4e3fcb18"), - tag: &hex!("49c01f735da1131cd42b01b746fd38de"), - }, - GcmTV { - key: &hex!("d4f405ba556e6fe74b7e6dbdd7a8eae36376d1ca7a98d567d108729aeae5c326"), - nonce: &hex!("df6637c98a6592843e0b81ef"), - plaintext: &hex!("abe87641e9a5169f90179d3099"), - aad: &hex!("a5328cbabdfe6c3c1d4f5152189072dade71e2bacd857d3ce37ee9e3161eb0f20de5a29b7999fd9c7c60cdc03751bd1b"), - ciphertext: &hex!("06f9cf9677745e78c6c02bf06b"), - tag: &hex!("5a3a76da0703c24a9588afb2ac1a9e13"), - }, - GcmTV { - key: &hex!("4f667f65ea4569264456e25de498579036d6a604c18baf770bb626d8a1c68e4f"), - nonce: &hex!("43e27d275abefdd45137c8ff"), - plaintext: &hex!("eaa2498ce27e5658489381b6ec"), - aad: &hex!("264b807b4631d7c87ee9f1507082f5af9218f531b4630141f3c94939aa7cf81c71ea540783995560bf7e6e02d196227f"), - ciphertext: &hex!("bac018bf2e7090e7f217ab3365"), - tag: &hex!("13e5a16a9ce7a88cda640de2c4fdc07e"), - }, - GcmTV { - key: &hex!("f5624a166759ef0b8168af6565649f7797fa92476e008c407458101e75831312"), - nonce: &hex!("521ca79ffc8930349abfc052"), - plaintext: &hex!("1fab3def2ea13e815f8746093b"), - aad: &hex!("6e2771ecd637361cb6b947148910f7d9206d6af176c510bb5dd5bc9b97ac015fb05537affbc1756625715374172fb456"), - ciphertext: &hex!("ca72ff15a7eb62a2839bcf0c43"), - tag: &hex!("475fff6d9e2382583c9614020844b92a"), - }, - GcmTV { - key: &hex!("ac1383a3c783d3d0667e944cbe1a6159647b96afa922557eb1cb6407546b98ca"), - nonce: &hex!("70366112dbe1bd905b900e3a"), - plaintext: &hex!("b8dd871f9d866867efbe551c3b"), - aad: &hex!("b7c1865927737bee802415277cf1a25b7380774a9d27b6a3253f077d36e9c4142df2bbbf3c03414ac09161626ce9367c"), - ciphertext: &hex!("ba181874380841791f64881534"), - tag: &hex!("c5641edf42c446873372bbbde1146642"), - }, - GcmTV { - key: &hex!("f37499d9b6ad2e7618e30a23082673008f3ae1938b9397c02a4da2453fb7e403"), - nonce: &hex!("18e112ea6a998d6f9705f7e0"), - plaintext: &hex!("31560b2114a248ffe0696fa130"), - aad: &hex!("736f1a71fb259f46c6519bb87451f238f47d80c74a016604499b02568f1c7bedf70f9597d7b62c1698c4f2631f4e9706"), - ciphertext: &hex!("0163f558be0142ebabde29a7bc"), - tag: &hex!("45579ce07ee64cdac3a7a42109ff44e7"), - }, - GcmTV { - key: &hex!("50b7f5118ef7ee22b107d93ceab9881ef9658931e80385d1ae92501b95e47d62"), - nonce: &hex!("d5113665039169978b7dc4db"), - plaintext: &hex!("9ba4cd5e600277f4c786ce827e"), - aad: &hex!("68ff6c63e94cb7dd2b8413662a56c88dc130b79b8b2e2388c1089b61fa51ea37819109b5ef64da1250f5d6b5d74cc392"), - ciphertext: &hex!("67842199482b28be56f7570d11"), - tag: &hex!("79e03841843fe32337b7c7409a2153bc"), - }, - GcmTV { - key: &hex!("d396941c9c59e6a7bc7d71bd56daf6eabe4bfb943151cdb9895103384b8f38b4"), - nonce: &hex!("f408f8c21f3825d7a87643ed"), - plaintext: &hex!("dc8ad6a50812b25f1b0af70bee"), - aad: &hex!("947bd9a904e03fdd2c91d038d26d48ac6e32afcad908eacd42a25f6240964656d5a493242d3f8a19119a4cd9957d9c42"), - ciphertext: &hex!("57e6d821079bb8a79027f30e25"), - tag: &hex!("de8c26d5a3da6be24b3f6ea1e2a0f0c6"), - }, - GcmTV { - key: &hex!("eca22b3a29761fd40031b5c27d60adbcfac3a8e87feb9380c429cfbcda27bd06"), - nonce: &hex!("4e6fe3d1f989d2efb8293168"), - plaintext: &hex!("44d6a6af7d90be17aac02049a4"), - aad: &hex!("29beb1f0bb6b568268b9c7383991a09fd03da7e1639488169e4f58ec6451cad6d4c62086eee59df64e52a36527733d8c"), - ciphertext: &hex!("9aaa295bb3db7f6335a4c8cf2f"), - tag: &hex!("55f7577163a130c0dbcde243ef216885"), - }, - GcmTV { - key: &hex!("fa3ce8b099f3a392624bc433b5265235b65c0952cfc54817be2a8003d057903c"), - nonce: &hex!("3168b4e50efe96b3d3aed600"), - plaintext: &hex!("84ed3ccd428d3783ecea180b3b"), - aad: &hex!("d451fa64d73b7d7eee8f8143c40bab8e3f7a58ee018acda23224974f64ac7e1e389f5058ec08664bf56492b932d15f42"), - ciphertext: &hex!("ee2bd527568a4e7537c8f939b6"), - tag: &hex!("f4615f7dfdffec8a2d52c992456210ad"), - }, - GcmTV { - key: &hex!("ff9506b4d46ba54128876fadfcc673a4c927c618ea7d95cfcaa508cbc8f7fc66"), - nonce: &hex!("3742ad2208a0484345eee1be"), - plaintext: &hex!("7fd0d6cadc92cad27bb2d7d8c8"), - aad: &hex!("f1360a27fdc244be8739d85af6491c762a693aafe668c449515fdeeedb6a90aeee3891bbc8b69adc6a6426cb12fcdebc32c9f58c5259d128b91efa28620a3a9a0168b0ff5e76951cb41647ba4aa1f87fac0d97ac580e42cffc7e"), - ciphertext: &hex!("bdb8346b28eb4d7226493611a6"), - tag: &hex!("7484d827b767647f44c7f94a39f8175c"), - }, - GcmTV { - key: &hex!("b65b7e27d552395f5f444f031d5118fb4fb226deb0ac4e82784b901accd43c51"), - nonce: &hex!("2493026855dd1c1da3af7b7e"), - plaintext: &hex!("8adb36d2c2358e505b5d214ad0"), - aad: &hex!("b78e31b1793c2b758494e9c8ae7d3cee6e3697d40ffba04d3c6cbe25e12eeea365d5a2e7b46c4245771b7b2eb2062a640e6090d9f81caf63207865bb4f2c4cf6af81898560e3aeaa521dcd2c336e0ec57faffef58683a72710b9"), - ciphertext: &hex!("e9f19548d66ef3c16b711b89e2"), - tag: &hex!("e7efc91bbf2026c3519010d65628e85f"), - }, - GcmTV { - key: &hex!("8e4f8859bc838f6a2e7deb1849c27b78878285e00caad67507d5e79105669674"), - nonce: &hex!("e71d0ebb691a4c31fdd9879c"), - plaintext: &hex!("bd1713d8d276df4367bf3cbb81"), - aad: &hex!("47ca6cef3ca77997ef1b04e3721469be440ad6812aa3674ae92ca016b391d202e29932edfa83029eccae90bd8dbe4b434e7304b28fe249b380b2c3c49324fd5b3e469e3e135abc1c9fd77828b409c7482e6a63461c0597b14e5c"), - ciphertext: &hex!("eecbfb74e314628b0e3f827881"), - tag: &hex!("c9ea890294d7e10f38b88e7c7493c5f8"), - }, - GcmTV { - key: &hex!("2530cdcb2a789000822588a31bdc87c09234838da2d6ae1259c7049186525f11"), - nonce: &hex!("0c509faa257dbb0e743a53ac"), - plaintext: &hex!("a8edc524930ce4c20897c66f75"), - aad: &hex!("92a92cb8c1984ede806028cc45ac95574167ee83f03a707cc4b0fb8ad70907e0016e38b650f4a75bc83a625e3c670701d43bfb0326d1c4fe7c68410733c0c874c920389d164bf67a9032e2e837f5e9e324b97932d1f917ba7dca"), - ciphertext: &hex!("1f658c7a1f41152b22999ed1b7"), - tag: &hex!("cf3e4fef775d9c6ff3695be2602a90d8"), - }, - GcmTV { - key: &hex!("54c31fb2fb4aab6a82ce188e6afa71a3354811099d1203fe1f991746f7342f90"), - nonce: &hex!("f0fe974bdbe1694dc3b06cc6"), - plaintext: &hex!("fbb7b3730f0cd7b1052a5298ee"), - aad: &hex!("2879e05e0f8dd4402425eabb0dc184dcd07d46d54d775d7c2b76b0f76b3eed5f7ca93c6ae71bf509c270490269ea869ed6603fdf7113aa625648ab8ed88210f8b30ec9c94bca5757ca3d77491f64109101165636b068e3095cb4"), - ciphertext: &hex!("3a5a2a8aa93c462cfb80f1f728"), - tag: &hex!("59ef9d54ee01fb6cd54bd0e08f74096f"), - }, - GcmTV { - key: &hex!("8084061d0f7858a65c3a3557215ed46f1590278ca97a45dcb095d2a0979f2e3f"), - nonce: &hex!("6973898b1a8f72856415675b"), - plaintext: &hex!("200d0445cb09eb52f54d2f74c6"), - aad: &hex!("8b543e294546848c3308ccea302f0238b7dffc1706d03657c190ea745cc75bcd5a437993e787828ea7fe42fea1d5c6f7229a72ea65f0d0c190989a590ab49c54726633282c689eef8cf852af263b5edf63e449fd5440730003ca"), - ciphertext: &hex!("ec242c358193ca6187c89aa7a5"), - tag: &hex!("967428ac6956525ba81d5901ed259407"), - }, - GcmTV { - key: &hex!("2aad7db82df4a0d2ec85218da9d61ade98f65feeb8532d8eb728ef8aac220da6"), - nonce: &hex!("029ac2e9f5dc3d76b0d1f9df"), - plaintext: &hex!("ba363912f6207c54aecd26b627"), - aad: &hex!("d6f4b6232d17b1bc307912a15f39ccd185a465ee860279e98eb9551498d7b078271ebabdda7211e6b4ab187043171bc5e4bf9ffcf89a778430e735df29410a45ca354b0003433c6bc8593ee82e7c096a32eac76d11daa7d64150"), - ciphertext: &hex!("bfcad32611da275a0f0821517c"), - tag: &hex!("9ea37bdcaafad69caf06d67fb18dd001"), - }, - GcmTV { - key: &hex!("f70bb950ab56f12f1efc2376d32a59d16ef3ef5969e0106ab40cc314c9b0c7e8"), - nonce: &hex!("3b3b29ba422c2bacafeeb8b3"), - plaintext: &hex!("029929277043dc0379f152a484"), - aad: &hex!("464ac0c84b9ff17a0e7c39a65f89682a89b8787553a6275f0d55effaabef2114072c739f9831a5d5a5133ae4de14eb51346b318b255a1bff57e50c433e1e69a00fe1a8b6f6b621d515d670d89e148f6b65d6eb4c54878cb819ce"), - ciphertext: &hex!("c0b97d6d1a95d708d6dc7d2b95"), - tag: &hex!("322eb4395bf4d4dd070b8f9f6195f8ee"), - }, - GcmTV { - key: &hex!("f4950f01cb11fdd9afb297f7aa852facfac354ff96557befa5f657678de6cefb"), - nonce: &hex!("aba7d864f29cbc449cd93e33"), - plaintext: &hex!("e6daf59ef54ac7405984fc4c4e"), - aad: &hex!("852f624cea7a8c20e189e0c79f578c0d770c4bf7c4e691649eba992f6de89d7bf2078aff94803a3dc62628e02a80a01957722e2a931fc56283d84ab68ce11ae867835c2d9700df130048ea8eaaca41f1a9059be2acaea6e0f7f2"), - ciphertext: &hex!("d01d36ff8009b4082279abb906"), - tag: &hex!("d9a36c8008493bd95c09049299cbd075"), - }, - GcmTV { - key: &hex!("714261ef4f02fb4efb0e6b5aed96d7b3ceac6551a57cf679da179c01aac5ee0e"), - nonce: &hex!("3b7d15c7fd877461a789255a"), - plaintext: &hex!("815de8b0382fe60cb0d3782ee9"), - aad: &hex!("7621e58152336ee415f037f2e11581fe4da545c18d6e80177d5ab5dda89a25e8057d6fccec3757759a6e86e631080c0b17baa8be0b8fe579d3bfa97937ee242b6faacfc09425853df4dc26bc263ed1083a73ffc978c9265f8069"), - ciphertext: &hex!("29c566ea47752a31a380fd0e7c"), - tag: &hex!("b279340a384dbbae721c54e9183b3966"), - }, - GcmTV { - key: &hex!("53459ba5a2e49d1a7c2fb6ad9e6961b4dbe5158cb9266eff425d6dcccaaf8073"), - nonce: &hex!("3c97dc635a75fbe2c33c9a41"), - plaintext: &hex!("03fbfe5842ed781990ca8be728"), - aad: &hex!("7fe308afe58a927680bee3368301f4dc7c47811fc09f1b9922a092a497b9c6b67c857fdcc32da1011acb110b3c1475bef303f1a609479485cc400ee8f38381c45d078708ad49f226f95dd9c81478d1ee2b53c3b906d96f8ddd76"), - ciphertext: &hex!("5865e5a1ec711732a4ee871bff"), - tag: &hex!("856a653ec214178096bed423e30a36e9"), - }, - GcmTV { - key: &hex!("f0501583c226d2519ed23fcc6f2cffd2f013eb91aa07b3a5a2073d6e2bd10cef"), - nonce: &hex!("29a922ad9bdeddc2e298b99f"), - plaintext: &hex!("035eb6922345c02a81435d9e77"), - aad: &hex!("d84f54bac09ea92afe0a7335cb0bb5f68425490fd2fb6c3b99218f49856ed427ec902e510b899d54951fe84cdbfd112608d1e999f64ecc9cd4be3a0114c1c34875dbf35a1b0be421659f99d69b32e968cebfca6f95837e3edeb4"), - ciphertext: &hex!("095971f99af467805a62bfb882"), - tag: &hex!("d5ff2b7beac260e517ea3eca13ff1e77"), - }, - GcmTV { - key: &hex!("78e6789b596c71cb3becc833cf823d2ebb18ca2e26c27e26a55ef95df7353971"), - nonce: &hex!("65da9c7a9f17b11246bcf8db"), - plaintext: &hex!("003e82a147df3c953400f87ab5"), - aad: &hex!("d49aee7ffd31e7c8d831d97ae894a00473adbc5071f6099d567caaef85c295d5143a1316ff82753cc35d3efc60f7e5101ddd811336b404d598f6c439cce6b47fcbebb15d1c342e4151b355025a03b4397260b4a7e6444fa57b5b"), - ciphertext: &hex!("abcceced40209fc30a5590fee8"), - tag: &hex!("0a203973b81375949ebd932597efd495"), - }, - GcmTV { - key: &hex!("816b3e6ca31d59688c20bcd1fa4285197735d8734289ca19a4730e56f1631ccf"), - nonce: &hex!("4c191ac994f86985c180ccd4"), - plaintext: &hex!("b2060dd86bc307133b7d365830"), - aad: &hex!("b3dcd643c68ccce186570c63288c8722b8a13dfaf9e71f44f1eeb454a44dddf5f955540cd46c9f3b6f820588f71936d7a8c54c7b7bc43f58bb48e6416149feae7a3f8d8198a970811627489266a871e8cb87878cdb3a48be65f5"), - ciphertext: &hex!("53e65880ad0012a75f1188996f"), - tag: &hex!("9ca8a71a45eb4402a6b03106bae330d1"), - }, - GcmTV { - key: &hex!("a07ba57478061bd7abddd762971cf2e47141891f76c3d1c150b53eee5704557d"), - nonce: &hex!("5adfb85b2d9e239c5146501d"), - plaintext: &hex!("67c8824c1837cfdec6edcd719c"), - aad: &hex!("937b3ed73e67ca0b02f9eb736a668362d4d0447c15f6083099a7f90c7c49318dd72f6baa74da22ff53b56c24fb9a1b1d6c4e29f4ac4d917220ebe3c8d760999da7be9e1e8f6a171133640c9196f9ee3cdb76a5a342a95a05c8c4"), - ciphertext: &hex!("1eb85c6682850e849eb37927e5"), - tag: &hex!("8079f705cf551a5484132cd0f0c5297c"), - }, - GcmTV { - key: &hex!("268ed1b5d7c9c7304f9cae5fc437b4cd3aebe2ec65f0d85c3918d3d3b5bba89b"), - nonce: &hex!("9ed9d8180564e0e945f5e5d4"), - plaintext: &hex!("fe29a40d8ebf57262bdb87191d01843f4ca4b2de97d88273154a0b7d9e2fdb80"), - aad: b"", - ciphertext: &hex!("791a4a026f16f3a5ea06274bf02baab469860abde5e645f3dd473a5acddeecfc"), - tag: &hex!("05b2b74db0662550435ef1900e136b15"), - }, - GcmTV { - key: &hex!("c772a8d5e9f3384f16be2c34bf9afd9ebf86b69e6f610cd195a9db169e9be17e"), - nonce: &hex!("9b8e079f9971d7352e6810a3"), - plaintext: &hex!("7f13fcaf0db79d792823a9271b1213a98d116eff7e8e3c86ddeb6a0a03f13afa"), - aad: b"", - ciphertext: &hex!("d29e2bf3518668a14f17a3e4e76e1b43685734b801118d33a23238f34d18aa40"), - tag: &hex!("8e02b0b7d172cf5e2578f5b30fac2e7a"), - }, - GcmTV { - key: &hex!("d5924b31676e2354fe7dafffaf529749598ea1bf5e4c44f5b60240e09d8036aa"), - nonce: &hex!("5d847784f0bcd79cb84fcf1d"), - plaintext: &hex!("6fd80c8f0d4de081a93c16b84dec697a1e4f9d80a6af497c561572645eac0d63"), - aad: b"", - ciphertext: &hex!("282cc9d2308a443019cfdc4d79854accc7731ee36902bafe3ffaca6484327b82"), - tag: &hex!("4dc5e0f2ab91bdfd31f2bdcf06af9667"), - }, - GcmTV { - key: &hex!("b328c6d7946221a08c4f0509b52992a139890cdd8eae1956851f110c49602cb5"), - nonce: &hex!("1a433c33ca12ce26cf3dffff"), - plaintext: &hex!("217bdc314a4d335c72b5267b424fc8e31f4bb118e6cfaeacf5548f4ba8f51980"), - aad: b"", - ciphertext: &hex!("a322944e07bf84ab424ffa75fd0309e8691c9036b08f344ba76ce0774f43b351"), - tag: &hex!("14dd6b1c2b224533ccc9fee8d2881358"), - }, - GcmTV { - key: &hex!("c2080965d21d229c0d0d6c56cbce83880120c21a48172a64560b90dc4ce1ffbe"), - nonce: &hex!("928d6c0195f5f0974f38730b"), - plaintext: &hex!("864397271e1b242aa1dff38e78aa89353e1554ba907318a0aaad44f26fcd567d"), - aad: b"", - ciphertext: &hex!("7de4f941f44bd0f268b2a47b9c4927cc10537bbed739d52ab099fde4033041d1"), - tag: &hex!("b51a59931817257619e7be1091128c49"), - }, - GcmTV { - key: &hex!("dd6b7e2584edf1f1e6c2c0dd1f72161a92d2cba99856554f820de1256d48c099"), - nonce: &hex!("fe9d553c75067e8dbae1ab67"), - plaintext: &hex!("f9f86f7762859f11d6e7ef56178657ddcded532843446f86a23eac35aa2dd3c0"), - aad: b"", - ciphertext: &hex!("f7aaa1711c8092783b05b4e5e6c9c6944e991bd59c94b9d0356df00a66e2db5b"), - tag: &hex!("c61edd176c8322a01d8c5f3df09252e9"), - }, - GcmTV { - key: &hex!("37f39137416bafde6f75022a7a527cc593b6000a83ff51ec04871a0ff5360e4e"), - nonce: &hex!("a291484c3de8bec6b47f525f"), - plaintext: &hex!("fafd94cede8b5a0730394bec68a8e77dba288d6ccaa8e1563a81d6e7ccc7fc97"), - aad: b"", - ciphertext: &hex!("44dc868006b21d49284016565ffb3979cc4271d967628bf7cdaf86db888e92e5"), - tag: &hex!("01a2b578aa2f41ec6379a44a31cc019c"), - }, - GcmTV { - key: &hex!("a2ef619054164073c06a191b6431c4c0bc2690508dcb6e88a8396a1391291483"), - nonce: &hex!("16c6d20224b556a8ad7e6007"), - plaintext: &hex!("949a9f85966f4a317cf592e70c5fb59c4cacbd08140c8169ba10b2e8791ae57b"), - aad: b"", - ciphertext: &hex!("b5054a392e5f0672e7922ac243b93b432e8c58274ff4a6d3aa8cb654e494e2f2"), - tag: &hex!("cf2bbdb740369c140e93e251e6f5c875"), - }, - GcmTV { - key: &hex!("76f386bc8b93831903901b5eda1f7795af8adcecffa8aef004b754a353c62d8e"), - nonce: &hex!("96618b357c41f41a2c48343b"), - plaintext: &hex!("36108edad5de3bfb0258df7709fbbb1a157c36321f8de72eb8320e9aa1794933"), - aad: b"", - ciphertext: &hex!("b2093a4fc8ff0daefc1c786b6b04324a80d77941a88e0a7a6ef0a62beb8ed283"), - tag: &hex!("e55ea0456af9cdff2cad4eebbf00da1b"), - }, - GcmTV { - key: &hex!("6fb2d130bbad1924cab37d071553b12169e978a805bf74cb4c23d5ccd393d7bb"), - nonce: &hex!("76826741225a391fdce4d3b6"), - plaintext: &hex!("c49b80080e2efeb5724b9e5b53ba0c302e97bd16f1a6bbec01e1ca6c35a42a3c"), - aad: b"", - ciphertext: &hex!("62fbe5466a7ff83ff719f4927e00e9319e1bb7e835c5d6b4e9d4bc5a8d6e2beb"), - tag: &hex!("df72da7a66cb5257836f3c19ecadcd55"), - }, - GcmTV { - key: &hex!("402e8113970257d9437807620098370243536a105cca4fbc81a1ff2d48874f48"), - nonce: &hex!("c924c19c4d14905a2bdf63bf"), - plaintext: &hex!("917b9585f65e59bf4d242bb0802966045dd29fbc66911277baecdfcc818c3c35"), - aad: b"", - ciphertext: &hex!("5b6594edcddbb338f4e813687f4f23a75a64c21e3cf5d2e7c9af0f7e3ee3e616"), - tag: &hex!("f1cccd93a4411247c8b6830addd72c6f"), - }, - GcmTV { - key: &hex!("2aac499cb0eb72b4598acff4330df6cd764978997d5ace51da88e0c18671bde9"), - nonce: &hex!("fd16cdc39d7f0b92e1f95c97"), - plaintext: &hex!("e7b75bfa35c9a004d0b68265623a9b06b6d4493ea0ad4f6c777ba5add8c7bbbb"), - aad: b"", - ciphertext: &hex!("c3d0a0f7ce9720c95aac86151aad634884ddfa62df58f18394537f6504d9a8aa"), - tag: &hex!("76749a1ec70236b267fc340d5fbb6da3"), - }, - GcmTV { - key: &hex!("a2a502d6bb19089351e228d5cbff203e54fc31f2772253df08557875d964c231"), - nonce: &hex!("0ebb5af4a462a1e6ded7164a"), - plaintext: &hex!("bbecc89450c07b8de631155e5d7cc7a9d26376bb57d7458d49b4c36e140490f3"), - aad: b"", - ciphertext: &hex!("fd09c950890441fcaaa8809a8998079abb88741c6672abae12383ffd724f8299"), - tag: &hex!("22fac246058bf142c5f26812a635b480"), - }, - GcmTV { - key: &hex!("ce2d289e20c76f75c135c8118d5cbf5f2828026f0b639588a3eb4ad752cea548"), - nonce: &hex!("bb08526dd8bd1c3bb58d0999"), - plaintext: &hex!("56f5db1e796a0c4633a8d570182c39e3c8451e7ba485b98d38a2c926a1b92a46"), - aad: b"", - ciphertext: &hex!("a41005df18734d4f3f99f19ef8fc43b16ef431207cb0466341bf164b58e23533"), - tag: &hex!("a45c2a1ef6aec75cc22d71807dab3c27"), - }, - GcmTV { - key: &hex!("66e418d0ec97b420b1b5365d1b6d5cd7c5ac1a5653739120d4aec3c94c93c287"), - nonce: &hex!("989f94480266e3652488184e"), - plaintext: &hex!("e5052b19d7f827fd60f45c8925809fd2217ec4d16aa89bbf95c86a1c1e42bd36"), - aad: b"", - ciphertext: &hex!("f341630574ee92942cf4c5ecd3721ae74b32c557379dfe8351bd1c6661a240da"), - tag: &hex!("e85fb655ef432e19580e0426dd405a3e"), - }, - GcmTV { - key: &hex!("37ccdba1d929d6436c16bba5b5ff34deec88ed7df3d15d0f4ddf80c0c731ee1f"), - nonce: &hex!("5c1b21c8998ed6299006d3f9"), - plaintext: &hex!("ad4260e3cdc76bcc10c7b2c06b80b3be948258e5ef20c508a81f51e96a518388"), - aad: &hex!("22ed235946235a85a45bc5fad7140bfa"), - ciphertext: &hex!("3b335f8b08d33ccdcad228a74700f1007542a4d1e7fc1ebe3f447fe71af29816"), - tag: &hex!("1fbf49cc46f458bf6e88f6370975e6d4"), - }, - GcmTV { - key: &hex!("2c11470e6f136bec73351619288f819fb2bbba451857aadfb78384074612778a"), - nonce: &hex!("4e6cc2bcc15a46d51e88958d"), - plaintext: &hex!("3b3186a02475f536d80d8bd326ecc8b33dd04f66f8ba1d20917952410b05c2ed"), - aad: &hex!("05d29369922fdac1a7b37f07953fe175"), - ciphertext: &hex!("6380945a08977e87b294b9e412a26aebeeb8960c512439bac36636763cd91c0c"), - tag: &hex!("1029a3c4be1d90123c1b404513efde53"), - }, - GcmTV { - key: &hex!("df25ea377c784d743846555a10cfaa044936535649e94da21811bad9cea957b5"), - nonce: &hex!("35f5f8e950c1f57ad3dfb1fa"), - plaintext: &hex!("98941a807ac8f16eef0b3d3c7bbdfd55d01736c5b3360d92b4358a5a8919380b"), - aad: &hex!("28eb4677110ccb6edc8d2013dc8f46ec"), - ciphertext: &hex!("24a07532e981aaf3106eab8dfbb2d2078342e2eaee027e148f06aca68f6a1c50"), - tag: &hex!("131373ed4a0e3f584ae978d42daa6f3a"), - }, - GcmTV { - key: &hex!("106168ea651f22c54196a06f1a10bcf4e620d93e4dc0824d798f44f9219c6177"), - nonce: &hex!("4064dcbd631cf20b05ae22de"), - plaintext: &hex!("b0d3da2b96b8889c92e445abbea4c6d0d5d44d7fbcc7dade4c92f6bcddbf06e1"), - aad: &hex!("a36e2fb9cd96a8ca9ae2b193aa498efd"), - ciphertext: &hex!("f55a6d8a6965ea451637bec7548cfb1ffe59fc0ce6ea6a937cb5dd32b3d45d5f"), - tag: &hex!("8d1bf2715041f817f11631fc9910c629"), - }, - GcmTV { - key: &hex!("272d1649a3dd804de0962d3e07064a7054c00a6234ab1b0cdcf685ab394837e5"), - nonce: &hex!("955b5897f6b9806bbec5c33e"), - plaintext: &hex!("36e57c29c08c51ad7fa91c0416f976cfd011780eb44cc5abd34c7b431b093b8d"), - aad: &hex!("33e618ecbbe5eb0566df21c3c34b7e25"), - ciphertext: &hex!("cd6aeb345081dc0bb2c8b4d19b280658fb87c0f2bd0f4c9da694dc1feeb32f4e"), - tag: &hex!("dd37eac6bd6a4d3618241738779735d7"), - }, - GcmTV { - key: &hex!("3dab6a51bb7af334dd4b79a7d139550c88f0778d43c21fc4ad33f983a13515cb"), - nonce: &hex!("362eaa67cab3d1ed48e9f388"), - plaintext: &hex!("3eb7f5f0a4ca9aa7000497602c6124433a60a8fcd91b20175b4ee87e6b10a2d7"), - aad: &hex!("52852150786e6547a2618e15c77110b6"), - ciphertext: &hex!("cc3316041b88733839249b756ffa00bbec6211942f604f26c4a35ed32e6eeaff"), - tag: &hex!("5936c5500240d50c0da0fcdc248f176e"), - }, - GcmTV { - key: &hex!("0ea606521b935d5b4b66df89fb372d35c4d6d2c03767367e38de0d4c27761d56"), - nonce: &hex!("0d3168318a4f76392699640b"), - plaintext: &hex!("f450b36d6c49411897bce39001d73ff01b5e8566179e36dacac7064cab5c6270"), - aad: &hex!("3bd8849070cf034c4298f40f33b0b839"), - ciphertext: &hex!("3b15fad18726c4eaa70502b3f3b32c5092d1d92835e6460665fc50dda953a191"), - tag: &hex!("11fd3fddf61e010c17fbedd4bd5fb012"), - }, - GcmTV { - key: &hex!("c8c4f9e0bd289ef1bd16104a8074fb073dd9035ab937ab076fb5801e2295aa2f"), - nonce: &hex!("be699d9d98ec1f724da8bd0f"), - plaintext: &hex!("49fe9407a719d41e658587809cfed7a5b49941c2d6378f3c0afe612f54f058a1"), - aad: &hex!("a985c7489732038c3190cb52be23737c"), - ciphertext: &hex!("17a9aaa6a3c68ba1f6cb26fdd6536c207e3c9ce58f43e4ecfd38d3387a798a0f"), - tag: &hex!("d832cb4814142562fedfe45b36126cb8"), - }, - GcmTV { - key: &hex!("52d0f20b0ca7a6f9e5c5b8549d5910f1b5b344fc6852392f983558e3c593be24"), - nonce: &hex!("d5c618a940a5a5d9cc813f27"), - plaintext: &hex!("a9fed8a29355685321f978e59c40135309306cd41b25349fe671dc7990951c68"), - aad: &hex!("61823f7e39ed76143ca7249d149bdf57"), - ciphertext: &hex!("509c540e558d0bf0a3b776cddfbfddc15486748a7f9952b17c1cbd6869c263f4"), - tag: &hex!("42e35ee3f7119f87fb52b5d75b8ab8ec"), - }, - GcmTV { - key: &hex!("5d291a8f1a6433a41076702d9d8a8c196e464550ed900ce8c2a36f4d10483954"), - nonce: &hex!("c4ba743ee692e5d00b5ae2c6"), - plaintext: &hex!("605d519b26182458fea68dddd86033390fc545f843ae817850a2a4574add015d"), - aad: &hex!("878fa6720ab30e0287f6903acd2dca19"), - ciphertext: &hex!("1c2f153f2374d3945cca9757dc18d9a15a93276526285a6e316ee32a72092c34"), - tag: &hex!("e7905e856c88c6ece4bb47781becf923"), - }, - GcmTV { - key: &hex!("09e2724d4017cd57e967000e4da2cd5c5c18ccfb06c33b7ce62a7641e4bb0b73"), - nonce: &hex!("9ea18b420a10177289ab370b"), - plaintext: &hex!("6f5dfa86d5df4febd752265c56390049e7cda60c2644c84ab413932faad15b15"), - aad: &hex!("a8e77939423d5894d307fd60278d162a"), - ciphertext: &hex!("35e37a9b913eb58b72262e92d7584d44bf9a8442f1b2f3da3a5d05ec6a2a31e2"), - tag: &hex!("1a95023b1a4a3e885520ec79e1a3aef9"), - }, - GcmTV { - key: &hex!("8544a9f4f6c0efdff3da90cfa3ee53fbe1f8de159d29537c803e1651da153718"), - nonce: &hex!("be406029a1d0c25d09af94cf"), - plaintext: &hex!("7e88a65646ed138b7c749366d16e41dbafd9987ad2373bb9d0b6ce0c1a4d6661"), - aad: &hex!("599dbb73897d045a1bd87385e60323a2"), - ciphertext: &hex!("38ffbf9ffff8d6a92090584e6dace1c6a47d3d5709a25e470557d5c8f5dd1851"), - tag: &hex!("d5b2e83c47df404de9a7cd95d3cbe7ab"), - }, - GcmTV { - key: &hex!("35b9d2a5db3b06e7720cec794dae615029a491c417f235498e0496cd8183d1bf"), - nonce: &hex!("b382987916e19752dd9ecc0c"), - plaintext: &hex!("76b290496901c5824ad167433dbb6d6b5856d41913ee97ec81e70cf6a170e35c"), - aad: &hex!("e0aa3a1f1df601366c59a390f4f06c3b"), - ciphertext: &hex!("78347400d6799e77e11e76c0ecfd311becf31f74f14b3a71e6d526ce57015c8b"), - tag: &hex!("bf8dec2feac7cfe9f330bdfc92737b33"), - }, - GcmTV { - key: &hex!("d707eab3c167b73efeb08c50e12b1569a275487ea136f52736c0f3ce66b69fa3"), - nonce: &hex!("11116f34182e52428642e747"), - plaintext: &hex!("a0c4818362035b16b50de445d558ea5cf8844bf5c84b96232999a2279806cc45"), - aad: &hex!("ae9f90331800c358716c92667f79f748"), - ciphertext: &hex!("91c77404b20028ef0fd4dd7f8b65b6594af94a1e7fc79cfbdb108265354fc71b"), - tag: &hex!("6c3410d4b915dbad745715202c04e9a4"), - }, - GcmTV { - key: &hex!("405d13ee48d3b9fc26bcfca776b2af6c745d8fc34171622f8c6c4be5a54b8b65"), - nonce: &hex!("add1524abb1b846f0f6577da"), - plaintext: &hex!("e06475990d6e3990266de1bd025c3b1910c0736c81050885f2bfc13ec78e9d96"), - aad: &hex!("0b1c4c3ba877bca5846b2c1f2b0e2105"), - ciphertext: &hex!("6399f7e6d6c680fc41bac8bee3836b9a4241403d5a19e4919f396ce37b238d38"), - tag: &hex!("e754f400d76c76e03c63ea88cf64ccba"), - }, - GcmTV { - key: &hex!("5853c020946b35f2c58ec427152b840420c40029636adcbb027471378cfdde0f"), - nonce: &hex!("eec313dd07cc1b3e6b068a47"), - plaintext: &hex!("ce7458e56aef9061cb0c42ec2315565e6168f5a6249ffd31610b6d17ab64935e"), - aad: &hex!("1389b522c24a774181700553f0246bbabdd38d6f"), - ciphertext: &hex!("eadc3b8766a77ded1a58cb727eca2a9790496c298654cda78febf0da16b6903b"), - tag: &hex!("3d49a5b32fde7eafcce90079217ffb57"), - }, - GcmTV { - key: &hex!("5019ac0617fea10517a2a2714e6cd369c681be340c2a24611306edcd9d5c3928"), - nonce: &hex!("fd1fa6b5cab9aa8d56418abb"), - plaintext: &hex!("4349221f6647a906a47e64b5a7a1deb2f7caf5c3fef16f0b968d625bca363dca"), - aad: &hex!("953bcbd731a139c5de3a2b75e9ffa4f48018266a"), - ciphertext: &hex!("dbce650508dab5f499767651ee734692f7b157341977692d2ca879799e8f54aa"), - tag: &hex!("20239e97e2db4985f07e271ba545bbbf"), - }, - GcmTV { - key: &hex!("c8cee90a8b9ad6094d469e5d1edc30d667608e89b26200cac77efd7e52af36fd"), - nonce: &hex!("5a1aa9c8e635281ee1fb9df7"), - plaintext: &hex!("728d9221891bd75c8e60b7dd6f53edcfd1ab1cebc63a6ce54be220b5b362233b"), - aad: &hex!("0538b3b64da72aac591bc59991a140eff206b3f7"), - ciphertext: &hex!("b753eb6b87f0c8778c3ea3a74fba3b31ced6d2da94d43d482ab0431806a80d75"), - tag: &hex!("b21d29cf6fd04571ffcaf317d384df11"), - }, - GcmTV { - key: &hex!("b4b77710f86ffd463fc14bb9eaa4424b2b3a581778e5511a094a08fb204cab59"), - nonce: &hex!("3e4b12bf55633bf48d104620"), - plaintext: &hex!("6f44a8df11dce27df075ea10ddeb7566ca6c988a334cf56e8540f71166d7c0d1"), - aad: &hex!("3e3b4c9369266266098326217b5677a40297cb87"), - ciphertext: &hex!("31f82f5cb1cd5c4b4819b61aa9377abebe8fca76978b1199178462c7c1c4e2b2"), - tag: &hex!("1b3a535768e8480d75ec91b2e7b55efd"), - }, - GcmTV { - key: &hex!("0a8fb75498a139223c763d52bbe3d42f813de370fa36b81edc4553d4219d2d5d"), - nonce: &hex!("7d6cb675fded3efef908a11a"), - plaintext: &hex!("81b69ca354de3b04d76ee62334cb981e55f0210f1174d391655d0f6712921a0e"), - aad: &hex!("2314ad86b248f1ed2878e7c562b533bf2dda5a29"), - ciphertext: &hex!("6a23d30737f4a72b1e07ba23d17fde43a4498e2e60d3e1b0c8e6ea26a2bb331a"), - tag: &hex!("7fcac442fb657910c62a74b1d0638902"), - }, - GcmTV { - key: &hex!("a84315058849690c2b88062aef81134d338526baa7090e865fcaad94bbf51ca5"), - nonce: &hex!("a487cfa701447b495aab41e0"), - plaintext: &hex!("18074e14dc0a14d4439f1d710927ed8c200154c8492f77f10f653e0bf6070ca6"), - aad: &hex!("7c4416b0cf13ac76bec6687a6840dc703e91bb86"), - ciphertext: &hex!("80f40b7e335d40fc5859e87f385e14798a253818e8ad73b1799c1419638246a4"), - tag: &hex!("b4c7c76d8863e784eb6029cd160ef6de"), - }, - GcmTV { - key: &hex!("82833bcaaec56f6abbb3378f7d65daf6e6f6f2a0d1e858c7219f53a7840f4e00"), - nonce: &hex!("4bc9b028a00be8feb5232978"), - plaintext: &hex!("d9b2383123a27a93bce85add8392b938093b40e82f182e484bf4f84fa3bfb3f0"), - aad: &hex!("76fc8ed57154cd8a9b3d02c87061edd2a8157811"), - ciphertext: &hex!("383efe971438cd2b2cbb399d74a3fb3eedd394f1862addc58e9fdd4c421402d2"), - tag: &hex!("fd803c4fa917f7ff649a6aac013a96b1"), - }, - GcmTV { - key: &hex!("ee4634c49c5672c660968a42862698f6c1b2c7b79efd1605c24af8ff9ff8366c"), - nonce: &hex!("877912b2f35888d2810612cc"), - plaintext: &hex!("9512a5268a0cb3fbd916ddb820dce77f1e0dbb52c8ffc7a74be077119e9245e4"), - aad: &hex!("93bd669db4f1354ef6c8addb0cf729e46d5c3846"), - ciphertext: &hex!("69af0ac954e0d69043851d89f1538ebcb42769857eba27dbe4ad4fd60fd75537"), - tag: &hex!("3ee443873e2f7f7ea601fe3d7e5211e2"), - }, - GcmTV { - key: &hex!("442f4bbc468433411e49486a15c5eed577f5007380ff126d9974f3bd3fe4e3c4"), - nonce: &hex!("1e7133aaa8af826dc646ec62"), - plaintext: &hex!("7f8069e5c356ece135d98bb563c8b411ea90ea3b673dfd92e1ba9c459efae61f"), - aad: &hex!("577662f611446b5b31814930029edb949a30dcb9"), - ciphertext: &hex!("b962952750eb2bce313e1a85a72e3c9cc2ea7e58c353ea37df2c9f0723995ca7"), - tag: &hex!("e633fe9f10cedf0f0d02aa2ddcf47d86"), - }, - GcmTV { - key: &hex!("3a29aec009f44fdd2b1bc07cb7836f29d8589774bd0d74089a68d9e67827d6d8"), - nonce: &hex!("a42c5fb61573c72688ac31d8"), - plaintext: &hex!("d36eb81506c0a0e4ebcac9b4b1acebb38b94b8f2ce3d6f85a8f705fa40cb987a"), - aad: &hex!("2ee2582d544e1663f1d7a0b5033bcb0fce13b3e5"), - ciphertext: &hex!("179ef449daaacb961f88c39b4457d6638f304762bd695924ca9ebd01a3e99b9f"), - tag: &hex!("1fee176c7a5d214748e1d47b77f4bcc8"), - }, - GcmTV { - key: &hex!("ed47660054294f3c913c97b869317cbddc395d757bef7d29b8ccbdd2c54e99d3"), - nonce: &hex!("770a00642c67eff93c9f1f56"), - plaintext: &hex!("034193397cbd0eb414459273a88808db2d0711e46f80d7883212c443d9e31b54"), - aad: &hex!("06210fca2018d2357256c09197730e9777caea96"), - ciphertext: &hex!("6a250ebd3390229d46b691142743dba1c432c0feaa0f0dd19d0ce4e6a8918d80"), - tag: &hex!("a5f6e975592b472907c34b93bfc69dde"), - }, - GcmTV { - key: &hex!("9539844493362dc3f913308f7e12a2a0e02afdbd8869877b30ce0397fb0349dc"), - nonce: &hex!("eadda3132079195a54fde2c1"), - plaintext: &hex!("62349a0b1e40a9f31eadf27073682da15f0a05cf4566ee718b28325f7d8eaba0"), - aad: &hex!("0ae4a90cb292c4e519b525755af6c720b3145a1e"), - ciphertext: &hex!("ad6c9521bf78d1d95673edd150f2b8dd28f10625d67fa25f1fb42d132ba7fcfa"), - tag: &hex!("916242a9cb80dffcb6d3ae05c278819a"), - }, - GcmTV { - key: &hex!("3b4eb08d27ae0b77605ae628a1b54a5402026550679fab0a20752bee510d3d92"), - nonce: &hex!("28a20c40f49a00493da3488a"), - plaintext: &hex!("c8a47edcf84872f53f96ef41ce05ca37cbc3854b556d6e606f0a8a32d0861907"), - aad: &hex!("0591390e2d14ebe62aeb1741c26448ce55b28cab"), - ciphertext: &hex!("a3e8cbf84df8529838f79315c7f1a0b7bb3ad4c4d036ec317b1810b274ee3080"), - tag: &hex!("0a8f66daeb7f0a88756909c4e93fcd36"), - }, - GcmTV { - key: &hex!("0cccea8f1f6ce141690e246cf4cb9f35b66baf6e6986b8e0b4cfdd13fcdbc8c3"), - nonce: &hex!("929f07be5aa7bae7607bae3c"), - plaintext: &hex!("9fa5214c599523c695d37937b02f78837f6406960b2a03bf9a6db34bd35e3dc7"), - aad: &hex!("b851e610be70a994808b34ca73f45f1ea973de65"), - ciphertext: &hex!("917ecc8b00b53f7fb0732d66848a106e91f60acf2dcf180832a74d5993c658da"), - tag: &hex!("2959e20746bbb6ab66dfd29b9477799a"), - }, - GcmTV { - key: &hex!("ecbfaef2345b34f31fbf6d68efb385e5833df8b6e6ae621ede02baf9735d2dba"), - nonce: &hex!("50c3527b1a35ccb318b446de"), - plaintext: &hex!("634f6dd60783d1f952353fd1d359b9ee4f4afa53cc13e81c5adfe24b46baf08f"), - aad: &hex!("f8981548bde6ee6c1745f947de191bf29997fadf"), - ciphertext: &hex!("705e5f67ab889ba238118e3fd9b90b68be801995ae307378d93b50977cf90588"), - tag: &hex!("12d14468ac18cc9936bd565f8ad42d0d"), - }, - GcmTV { - key: &hex!("dc776f0156c15d032623854b625c61868e5db84b7b6f9fbd3672f12f0025e0f6"), - nonce: &hex!("67130951c4a57f6ae7f13241"), - plaintext: &hex!("9378a727a5119595ad631b12a5a6bc8a91756ef09c8d6eaa2b718fe86876da20"), - aad: &hex!("fd0920faeb7b212932280a009bac969145e5c316cf3922622c3705c3457c4e9f124b2076994323fbcfb523f8ed16d241"), - ciphertext: &hex!("6d958c20870d401a3c1f7a0ac092c97774d451c09f7aae992a8841ff0ab9d60d"), - tag: &hex!("b876831b4ecd7242963b040aa45c4114"), - }, - GcmTV { - key: &hex!("07b3b8735d67a05632c557076ac41293f52540bac0521573e8c0414ec36f7220"), - nonce: &hex!("0046420eee8d56de35e2f7d5"), - plaintext: &hex!("4835d489828325a0cb38a59fc29cfeedccae25f2e9c399281d9b7641fb609765"), - aad: &hex!("d51cedf9a30e476de37c90b2f60882193630c7497a921ab01590a26bce8cb247e3b5590e7b07b955956ca89c7a041988"), - ciphertext: &hex!("46eb31cd98b6cc3ecafe1cd1fc2d45fa693667cbd3a7d2c5f8c10296827ea83c"), - tag: &hex!("36cd4e76dd0679887477bfb96cf1c5f6"), - }, - GcmTV { - key: &hex!("0219f14b9ca6506c1388177c4ae6ee64ad2ac0256ebbf8c219b40df6e8571d70"), - nonce: &hex!("3420a87c4b9b23ba81eb221e"), - plaintext: &hex!("348f7a4ca944f252e4562c66dacf01fb10d70a3c8f5b280a2829567a2a94e47e"), - aad: &hex!("54dc2277b8d1aae660ffcc326e2c5d9e16b8ca17288601aacd02b3eea8bc5cc60718639aa189506b7b333b87da86e940"), - ciphertext: &hex!("58c92119bfb6ad53e387cac6728ce73b82e18f6e5bfbfca5f5acc370cd8c76a4"), - tag: &hex!("e7f9e3e3dae6d0a3470d8f597291180c"), - }, - GcmTV { - key: &hex!("87440ee7f6febf3e14ef0a917a87c5d61260fefc979eeaeac0a64662c98cb4f7"), - nonce: &hex!("7c48bc75e58f21cc9989d691"), - plaintext: &hex!("f8e40a6a985f424898a7996307a077c487406c5312eefe055ea5b17a4b22087b"), - aad: &hex!("e0c66e5db1c7665a015ba7e21e08ff3de5b4a5fcd5d35e41db7e97ccd0c3df657ae803c3529d375420ad75ac9621cea0"), - ciphertext: &hex!("5a118fc3dbdaf6bc9490d372b7623af76da7841bf9820a9c6624a15eff6a69c2"), - tag: &hex!("0ddc2ae087d9b8ca2249ea5aa3dbd4c7"), - }, - GcmTV { - key: &hex!("b12425796f63bf5435740f9039fa66367fc7702d675c61b2dec4435feeea07f8"), - nonce: &hex!("f26727053e6d67c2d2bf1e69"), - plaintext: &hex!("9df079d98a6e4dbe277a8545f4f6c19fe130f4a84bdd6b760a049fba21d4e99a"), - aad: &hex!("e50fca2e5a81ae56ca07f34c4b5da140d368cceab08494f5e28f746cbfefdc285b79b33cf4969fe618b77ab7baafe271"), - ciphertext: &hex!("845f00202e2e894516d8f4a4021430e531967098c9a94024c7113c9a1b91c8cd"), - tag: &hex!("3566c75967ae00198e39ebe9f0ac697f"), - }, - GcmTV { - key: &hex!("674dfb625b8b0ce1dadbbbcbf7e151c5b2cecf0a1bc4e07f4734f3a6792350cd"), - nonce: &hex!("99e7b76e6686449616ad36c7"), - plaintext: &hex!("0a744a72e536a0484db47091609228d803bcfa9a8daf579e3039e3645f7688e2"), - aad: &hex!("2ab1573e5a94ca2997590840bd9c62e6add55e4d3eac12c895d2ec637791caa41d46ed91e6064db627e1fbef71d31d01"), - ciphertext: &hex!("e550ee77069709f5199be3c618f2a4178e4d719ab73df41cbfe32c52777138ff"), - tag: &hex!("134ac3fa8bd4af7ee836f4a3421d9e99"), - }, - GcmTV { - key: &hex!("10c1de5f741560dae5be23e15649f0114db52949560bb6cdf2d4883247392ee1"), - nonce: &hex!("7cf73c1472cd60d8d35fde51"), - plaintext: &hex!("05becd366aebaa2e609f507dd2dd4433b2aba0634b0eb9a5bf7ded4cc8fbed72"), - aad: &hex!("d3fa8b6f607a20a18dd7eac85eabef69d4fb5a074d8e7d1bf15d07732ed80e020163b475f209c4b0cbfa00d65d1e82ef"), - ciphertext: &hex!("280f0c306e1a3aab8ff9ab3e4a9adc2e9ae4e4e1a06f190d11b3b4dc4280e4f3"), - tag: &hex!("3bc8be845bf5ff844c07337c2cfd5f80"), - }, - GcmTV { - key: &hex!("e8d6ab5e514645dd7e051b028f5bfe624c72f44f30279577365aea65d4a8a819"), - nonce: &hex!("30b0d654ee5b79c2cfb24100"), - plaintext: &hex!("19be7e0feedd402bf4b05995a38e5f423c033de016e3ae83ea8c3c1cba658e1e"), - aad: &hex!("082e534bf860d0061ec2dad34d6b0db8cba1c651f2c705356ff271e47365b0b18f8ddb3a3c2269b437fb0703c9ad367a"), - ciphertext: &hex!("8573800c737d2480b2885ce714ac6a15f23287b1d12949a3d76effbe82b593bd"), - tag: &hex!("50110884292151f51213ccb2fe934d88"), - }, - GcmTV { - key: &hex!("2d1eaf5e62ca80fd1515a811c0e4c045aba8c769df03d57f7493eb623ed8b941"), - nonce: &hex!("abf190b05df2e6556cb34b47"), - plaintext: &hex!("9c7cd522ed5c0af3e57da08d2653ef77eb973734f360572bbcb15a2a6cbd60b9"), - aad: &hex!("75ab9bd39c24e498a54d85a8b76a4126dc1879f2a30270a42609763e045a4021785b6134f283fd81c195c3188e78752d"), - ciphertext: &hex!("5fdfdaccb105e5408c375af8ca63a67afaba7ccbcd591acca9a86d92f92fd0f7"), - tag: &hex!("49940b7610618b3a5cb3912339e06b3c"), - }, - GcmTV { - key: &hex!("b6020677e098c59e19eacf26732473d843aafd6bf999c707bb08ab896406918d"), - nonce: &hex!("807167ef2b84b32d1df4a94c"), - plaintext: &hex!("3199d6b95d133ba5b7eadc420080a0b249c84f4960bd369d6bf9e313627cf670"), - aad: &hex!("06225d410ada3e04157da7e5481d7d9f2285845824aac0c0e033244ed4c1b19615354c224ba8b7093c5651d10ef952fe"), - ciphertext: &hex!("4618adbfa5ea4ee260e310140b385232b7c3ad46887aa2107f7dafffd85cda22"), - tag: &hex!("2d76307bf55826dfeb58a171b6fa80e4"), - }, - GcmTV { - key: &hex!("f75456c4918d0bea72f546a9a1e2db0b6ab9bcd9782b5eb1c2700e729921d666"), - nonce: &hex!("c75b83134e7b9188e5800ffe"), - plaintext: &hex!("f9a23abbd0f2b367ce16c2a0613cd293ac7e66cbe020eaeb5deb09d5031fd992"), - aad: &hex!("5ef46c9eb5865cab2c8a35f9c4c434614a6c9f1b5c479739f7434d3326cff1e70b0d2877c084a71c7a9d33d258d304bb"), - ciphertext: &hex!("56e4efe6c0944153b65ed4909845219842b9b88f54d8d8394051132afb95d391"), - tag: &hex!("255e2c8c43f8979c440c3581bff6cf65"), - }, - GcmTV { - key: &hex!("9831c5c12e53e8a961642e93ddb2e13a38506acd0cf422e6ad9fbaeabce7b3f2"), - nonce: &hex!("bff29de3d6869e5fa75b96f9"), - plaintext: &hex!("b1edbed58ed34e99f718db0608e54dd31883baec1c8a0799c4ff8a5dad468de4"), - aad: &hex!("67ebeecb74cc81fdfee8065f8b1c1f5012bf788953bec9525e896611b827084a8e6baa0ce40ee70bc699b152bc6ed903"), - ciphertext: &hex!("13845db7e33bab1f5766a7fadfb942748e779753d97f143e645ccfcbd7c23b23"), - tag: &hex!("10dbe8a3e1901c8b88b0ab1441664d32"), - }, - GcmTV { - key: &hex!("a02c2d4a43f0f7f1db57c07f13f07f588edfe069a9d83c9b76e9511946c4fc48"), - nonce: &hex!("84677438592dcaf683d08a67"), - plaintext: &hex!("ad5a884dad20ffa88794c4fca39f2ca01c6f67657ab38e5cf86ac5597318ef07"), - aad: &hex!("d5dea0cd6080af49a1c6b4d69ace674a622f84f9f190b2db8a22e084a66500b52ff20a8d04f62a7aeaedb67e2258598c"), - ciphertext: &hex!("83da16ae07ee0e885484c1330a6255a6e7ac22915c63cbefaabc6f9f059dd69d"), - tag: &hex!("42c4a270705493d85ad7bbcfda86dffb"), - }, - GcmTV { - key: &hex!("feba412b641bc762bfa79ef17c3ea16e5630605470db096e36ffd33813641ace"), - nonce: &hex!("e3633f21e7c63a459d5d1670"), - plaintext: &hex!("9326572bd33551322ca42fcfb7cef8be41d78725f392c34907ecd1fe5572bff1"), - aad: &hex!("b7ee0233863b0e185b2f46181eb5fc0718832e1e76e7d4115a4c1f7e998c41319ccef44f5db89e8c5f077bd553d7bf42"), - ciphertext: &hex!("5019ea98cc9dc9368432c6d58f9e144f55446e763c0a8b4d8a6ce26f3dd95260"), - tag: &hex!("1010beb9cd6e9b611280a5395f08bca9"), - }, - GcmTV { - key: &hex!("21bd5691f7af1ce765f099e3c5c09786936982834efd81dd5527c7c322f90e83"), - nonce: &hex!("36a59e523df04bc7feb74944"), - plaintext: &hex!("77e539dfdab4cfb9309a75c2ee9f9e9aa1b4651568b05390d73da19f12ccbe78"), - aad: &hex!("48aef5872f67f524b54598781c3b28f9cbcf353066c3670370fca44e132761203100b5e6c7352a930f7e9cbf28a8e1ce"), - ciphertext: &hex!("c21483731f7fe1b8a17d6e133eda16db7d73ddd7e34b47eec2f99b3bbc9669aa"), - tag: &hex!("15f9265bc523298cefb20337f878b283"), - }, - GcmTV { - key: &hex!("26bf255bee60ef0f653769e7034db95b8c791752754e575c761059e9ee8dcf78"), - nonce: &hex!("cecd97ab07ce57c1612744f5"), - plaintext: &hex!("96983917a036650763aca2b4e927d95ffc74339519ed40c4336dba91edfbf9ad"), - aad: &hex!("afebbe9f260f8c118e52b84d8880a34622675faef334cdb41be9385b7d059b79c0f8a432d25f8b71e781b177fce4d4c57ac5734543e85d7513f96382ff4b2d4b95b2f1fdbaf9e78bbd1db13a7dd26e8a4ac83a3e8ab42d1d545f"), - ciphertext: &hex!("e34b1540a769f7913331d66796e00bdc3ee0f258cf244eb7663375cc5ad6c658"), - tag: &hex!("3841f02beb7a7fca7e578922d0a2f80c"), - }, - GcmTV { - key: &hex!("74ce3121c18bbff4756ad10d0f293bb1ea3f93490daad0249cd3b05e223c9747"), - nonce: &hex!("81107afb4c264f65ae0002b1"), - plaintext: &hex!("7a133385ead593c3907806bec12240943f00a8c3c1b0ac73b8b81af2d3192c6f"), - aad: &hex!("f00847f848d758494afd90b6c49375e0e76e26dcba284e9a608eae33b87ad2deac28ccf40d2db154bbe10dc0fd69b09c9b8920f0f74ea62dd68df275074e288e76a290336b3bf6b485c0159525c362092408f51167c8e59e218f"), - ciphertext: &hex!("64bd17f3e8f71a4844b970d4ebc119961812efb9015b818e8d88b906d5efbd76"), - tag: &hex!("46d0e42aa046237efee17eab6d9cfb75"), - }, - GcmTV { - key: &hex!("4c669a1969c97d56da30a46236c15407e06aada686205eed3bd7796b02c97a4b"), - nonce: &hex!("0a07758d5ad44766e051da6c"), - plaintext: &hex!("cd59bb307be76f11304f69ac8b151e1628ac61dec81086e7f24fd5bd83df8856"), - aad: &hex!("0b8277114cbf7ee16c9bbda1ab40419a02e469ebb295883f0a833c3cb755ded44a3c410034a201f7d91b43519fbabb55b974834be5d5afc7aea7c84b44a14e8e16dd68a3e8cc79ad2bf76d0ceb33d58ddb6378b45681ceaa0f2f"), - ciphertext: &hex!("bc62ce0b23cf4aa8e16b4450c8ab8c629a53949f01e68b875ecc5c45ff6d3ab0"), - tag: &hex!("5ffeda728914031006f271c3d9986f2d"), - }, - GcmTV { - key: &hex!("a23296632913051e438114deb782fb955b75acc35e86e7e9fdaf4e9025b87f12"), - nonce: &hex!("ad50db40f80f15214e43ffd7"), - plaintext: &hex!("b71116cc27b5a5844d9b51a4a720cb3f06d55d6aaeaeaf921236424db8617204"), - aad: &hex!("a6f96f5a89bfd8c8f34cd07045270d80e58ea62f1f0b10f2506a954f272af0bc71df96ad3fa8eed52c45e0b868091dc4f75d9e0eaf15a0a858a71bf7036c5607110cbfe47ad9b6d02e942fcfae88d4c792a1f824e60e3cf98a37"), - ciphertext: &hex!("8e9e4b0ac93ab8e73688d6b4723d8c5ef399ead72246c7aa7a0783a8bfe29936"), - tag: &hex!("b7dea91e4b357ce805edeea3f91392d2"), - }, - GcmTV { - key: &hex!("4036a07bdd4e10eb545f3d9124c9f766d2d0c8c59fc0d5835ac55dcfaebfc3a1"), - nonce: &hex!("815828fbb964497cdadccaad"), - plaintext: &hex!("717f22faff8066182e46d32dbac7831ec24272871c45c7c12ca779f868e7739a"), - aad: &hex!("0bc0e3931388bcb091463bae2989a93bde103bc14fc5d39f9448ca90367e86336b188f73218b2b0ab72a9a564ad5ff32544c5afeacecadfa55d2fb66925a88299dbf58f425cf49e31f42ac4edace743fdf9680d20ec845afc278"), - ciphertext: &hex!("e8c3b0342964c7a71f084d44ba2f93742bccd9821b30087d11b53bbe8b085808"), - tag: &hex!("86ddd9c469849cb6b100c339ca62717d"), - }, - GcmTV { - key: &hex!("714bc3ba3839ac6707863a40aa3db5a2eebcb38dc6ec6d22b083cef244fb09f7"), - nonce: &hex!("2cfe1c51d894e5ef2f5a2c3c"), - plaintext: &hex!("0cc4a18bbfea87de0ac3446c777be38ca843d16f93be2c12c790fda4de94c9bf"), - aad: &hex!("84e3d46af2ecb717a39024d62bbc24d119f5aff57569dfef94e7db71ad5aff864abacdc5f8554e18ed5129cfb3366d349c52b3d1a111b867e8772140749e7f33e2e64259968486e32f047d21120da73c77757c4595ccac1b5713"), - ciphertext: &hex!("0857c8fb93412fde69bad287b43deea36506d7ee061d6844d00a7e77418f702f"), - tag: &hex!("24a9e5290957074807d55ad705adaa89"), - }, - GcmTV { - key: &hex!("2f93b5a37be1a43853bf1fd578061d0744e6bd89337cde20177d1e95a2b642c4"), - nonce: &hex!("52b6d91557ae15aa792ce4b7"), - plaintext: &hex!("0fcaa316a135d81052509dd85f688aed2e5fd4261e174f435cf1c4115aa6f354"), - aad: &hex!("992ba9efa287a5c3e5177bd4931af498982a1728b56b3d7c4b28476905e29f83326c4f3223a28844fc9b9d84d4f6cd859074aff647a35dde28e1ee889faab3bb9c09a4c3fbf2a16460d48a40dc53378d4673f4325e6aa3992a71"), - ciphertext: &hex!("f99774cef3c15af33cda3cb449cd335ffe4f27435edf83aff4a4f4c2d2df6647"), - tag: &hex!("c5e09b83b1c2cc81e48a1f7c62b7bb35"), - }, - GcmTV { - key: &hex!("531ca845af7bf731c49c3136407322b1c0f6b32b8eaebf03744b2edc1202d096"), - nonce: &hex!("baf13b85202bbfc899fc73f7"), - plaintext: &hex!("d4e9783f537c738200e7ba7526605f359a98c9f10cafaa2f433c40f3e5081a36"), - aad: &hex!("e2ba9cf548b4f6fb206f224250d85af327fde8d08916686ae770203dc29c694f8902b02222fd287f28ce6091006368c3949bea2937ff0bdedb7dbbd013ccf0a15ee0af8c56fe211b7c311e182f27707f59e09492b3604e80c6c5"), - ciphertext: &hex!("642f544929202128a783b985d36f60964c7d78e1d41f5d1bfe27de3ae0180df3"), - tag: &hex!("e333528c59ee1909750ed72fd1309ee1"), - }, - GcmTV { - key: &hex!("3add17568daa9d441aa7a89bf88fa4e6998a921d57e494a254080445bc9b6f35"), - nonce: &hex!("b290f4a52496380218c3dcf5"), - plaintext: &hex!("2c6908cb34215f89a3f3a3c892e8887f2efa496a15ab913fc7d34cc70c0dff79"), - aad: &hex!("0bc9cc13eb2890aa60515c2297a99f092f6e516236c0dec9f986ea98b8a180680f2c6c20bd4354c33433a4c6f6a25e632f90ebef3a383c3592268b483eebf5f5db006929e7987edbcac4755d3afd1cdf9b02954ebd4fef53d5f6"), - ciphertext: &hex!("2cf3beae94fd5e6a4126a8ec8a7166b0aacb8b8bbce45d6106b78d3456d05149"), - tag: &hex!("ce1509b1bd5c47a593702618b0d79f6c"), - }, - GcmTV { - key: &hex!("1c1dcfd4c4cc4beb71d6e368f739d8e681dfe48fbae39728386c9dfc08825743"), - nonce: &hex!("0deceb69ce0dc776a3a71b4c"), - plaintext: &hex!("b12700258ace7b16e40f4e86886892837168b256a170937a3b89063a9a0d68f7"), - aad: &hex!("a3af2db672292431fa8ee1fa5b197593b13e58a68c4129401d0942474d5f4cbe62093aaa5453f6d355d2f4b6dc8abde58ce863d1be5f9ecf39730a49565b3b6882a0a641c0b5d156a4107309dd150fd1f1634ea4e5100b3d4f88"), - ciphertext: &hex!("3ea7f1c0d613323e095558ddde53247420fa0eef17997a1e9c5ba93d5f24c46f"), - tag: &hex!("70534a87c258905d35806f4439f6906e"), - }, - GcmTV { - key: &hex!("f2724153aac9d50f350878d3c498bc3dd782d90cce5cce4ae14126c0e1fbb3cf"), - nonce: &hex!("1c07b61c5316659bad65cca9"), - plaintext: &hex!("067ccbd0206f1f05d2872210dc5717a0585e8195d72afd0c77da11b9b3710e44"), - aad: &hex!("e69db7fcd3b590a6d32052612034036d5c8bffa5e5e9b742ffe75a9fbba89dd576dec08154cf4e6d36f0fdd4419bdf50adc1974a80ea313421c926dffa87565b4bd0c1e84f2ff305af91877f830f145bb13dfa7efa5e3aa682e6"), - ciphertext: &hex!("9aba433eef383466a1291bd486c3ce5e0ed126010e0a77bf037c5eaed2c72460"), - tag: &hex!("f30a155e35400bb0540883e8e09b4afd"), - }, - GcmTV { - key: &hex!("a2544eb2047c97cfcaf0ec1427c5df395472285233a93ffccda8fee660aced56"), - nonce: &hex!("a751bea3c769bb5db25ab109"), - plaintext: &hex!("b9514cc01a357605918f9cc19123dcc8db328c605ca0eb9d69d871afeea1dcfb"), - aad: &hex!("eb9e09884de1454d6aeb0d6c82375f2428992031ea6cabf6a29aa6a4de49a353e4ffae043dad18ae651b20b7bca13f5c327ca9f132014bfa86e716d4724e05a1ef675521a6607a536756e6a8c16bb885b64815f1eb5ec282ce8e"), - ciphertext: &hex!("cb442b17088f6ac5f24c7a04f0050559386f3a57131b92a54142c7a556fdb935"), - tag: &hex!("5f80c5c0cdf0c7890bfd1fbd58c33081"), - }, - GcmTV { - key: &hex!("ceb057782efb1e85d805448af946a9b4d4128bf09a12473cce1e8ef8bfd2869d"), - nonce: &hex!("406f9730e9b1e421e428439b"), - plaintext: &hex!("0815723d5367b1328cac632fa26e23f2b814a1d59a2971d94d02ebd7ecf5c14a"), - aad: &hex!("0772ae00e1ca05d096cf533fd3de2818ac783edfca0eee7686a6290f3357481e883fb2f895b9a4f4004c56b8a1265242cfdf1fb4af7edc41ed78c5f4ffe9c4080d4a17318f9c56ecdb3a06f3c748535387d56a096943a76d46f6"), - ciphertext: &hex!("9d82355d8e460896201be15fd95fed48a8524666d987ab078550883034d0253c"), - tag: &hex!("a0bee8ac0e636d64d3b1eb33fd6f21d4"), - }, - GcmTV { - key: &hex!("7dbdbdfe36d4936940ad6d6f76c67c2851a0477f0aa7d6797bfdf2b7878ef7e0"), - nonce: &hex!("bc672b224b4b6b91fc3fd697"), - plaintext: &hex!("dfea463d35f0fa20487b606d6ccfd422a5b707f16527b422bf1d68a77db67e9c"), - aad: &hex!("faacb84ec7cfadd731de2f7c0892d7e38cbfb782b48412331af0b3eab602a722cad1069dea0052beb5ca70e2ee476c340c6193bcc60f939aabe446bf3ce958fe11a2ffc90241f0a7e4e274f0c1441def795893895bd848bf0f0e"), - ciphertext: &hex!("0ddc2281b1fcb904864a43657bc72357cf73fc1f16520caad7cddde10f846bd9"), - tag: &hex!("9d96699450aa9707695e5de56597101b"), - }, - GcmTV { - key: &hex!("187214df6e2d80ee8e9aae1fc569acd41589e952ddcbe8da018550d103767122"), - nonce: &hex!("56db334422b6c5e93460d013"), - plaintext: &hex!("53355283186719a9146c7305e3d1959a11ccf197570b855a43cbc7563a053c73"), - aad: &hex!("cbedb7ccfbf56dfd72e530bfe16b4f5aac48a90204bcb7a8cae1046010882cfc8b526e7562a7880914e61b60cbd605165242737d85eeed583c98cab3443874e5989ec9cde001adf7de9c9967de5178f75b8412b0c4d6fec5af72"), - ciphertext: &hex!("c2262585966bc9c23dc7cc1059d060211e86f3b3161d38b153635fbea4a28c05"), - tag: &hex!("a94297c584dfcd10ee5df19a2ee5c3d2"), - }, - GcmTV { - key: &hex!("1fded32d5999de4a76e0f8082108823aef60417e1896cf4218a2fa90f632ec8a"), - nonce: &hex!("1f3afa4711e9474f32e70462"), - plaintext: &hex!("06b2c75853df9aeb17befd33cea81c630b0fc53667ff45199c629c8e15dce41e530aa792f796b8138eeab2e86c7b7bee1d40b0"), - aad: b"", - ciphertext: &hex!("91fbd061ddc5a7fcc9513fcdfdc9c3a7c5d4d64cedf6a9c24ab8a77c36eefbf1c5dc00bc50121b96456c8cd8b6ff1f8b3e480f"), - tag: &hex!("30096d340f3d5c42d82a6f475def23eb"), - }, - GcmTV { - key: &hex!("b405ac89724f8b555bfee1eaa369cd854003e9fae415f28c5a199d4d6efc83d6"), - nonce: &hex!("cec71a13b14c4d9bd024ef29"), - plaintext: &hex!("ab4fd35bef66addfd2856b3881ff2c74fdc09c82abe339f49736d69b2bd0a71a6b4fe8fc53f50f8b7d6d6d6138ab442c7f653f"), - aad: b"", - ciphertext: &hex!("69a079bca9a6a26707bbfa7fd83d5d091edc88a7f7ff08bd8656d8f2c92144ff23400fcb5c370b596ad6711f386e18f2629e76"), - tag: &hex!("6d2b7861a3c59ba5a3e3a11c92bb2b14"), - }, - GcmTV { - key: &hex!("fad40c82264dc9b8d9a42c10a234138344b0133a708d8899da934bfee2bdd6b8"), - nonce: &hex!("0dade2c95a9b85a8d2bc13ef"), - plaintext: &hex!("664ea95d511b2cfdb9e5fb87efdd41cbfb88f3ff47a7d2b8830967e39071a89b948754ffb0ed34c357ed6d4b4b2f8a76615c03"), - aad: b"", - ciphertext: &hex!("ea94dcbf52b22226dda91d9bfc96fb382730b213b66e30960b0d20d2417036cbaa9e359984eea947232526e175f49739095e69"), - tag: &hex!("5ca8905d469fffec6fba7435ebdffdaf"), - }, - GcmTV { - key: &hex!("aa5fca688cc83283ecf39454679948f4d30aa8cb43db7cc4da4eff1669d6c52f"), - nonce: &hex!("4b2d7b699a5259f9b541fa49"), - plaintext: &hex!("c691f3b8f3917efb76825108c0e37dc33e7a8342764ce68a62a2dc1a5c940594961fcd5c0df05394a5c0fff66c254c6b26a549"), - aad: b"", - ciphertext: &hex!("2cd380ebd6b2cf1b80831cff3d6dc2b6770778ad0d0a91d03eb8553696800f84311d337302519d1036feaab8c8eb845882c5f0"), - tag: &hex!("5de4ef67bf8896fbe82c01dca041d590"), - }, - GcmTV { - key: &hex!("1c7690d5d845fceabba227b11ca221f4d6d302233641016d9cd3a158c3e36017"), - nonce: &hex!("93bca8de6b11a4830c5f5f64"), - plaintext: &hex!("3c79a39878a605f3ac63a256f68c8a66369cc3cd7af680d19692b485a7ba58ce1d536707c55eda5b256c8b29bbf0b4cbeb4fc4"), - aad: b"", - ciphertext: &hex!("c9e48684df13afccdb1d9ceaa483759022e59c3111188c1eceb02eaf308035b0428db826de862d925a3c55af0b61fd8f09a74d"), - tag: &hex!("8f577e8730c19858cad8e0124f311dd9"), - }, - GcmTV { - key: &hex!("dbdb5132f126e62ce5b74bf85a2ac33b276588a3fc91d1bb5c7405a1bf68418b"), - nonce: &hex!("64f9e16489995e1a99568118"), - plaintext: &hex!("b2740a3d5647aa5aaeb98a2e7bbf31edaea1ebacd63ad96b4e2688f1ff08af8ee4071bf26941c517d74523668ca1f9dfdbcaab"), - aad: b"", - ciphertext: &hex!("e5fec362d26a1286b7fd2ec0fa876017437c7bce242293ff03d72c2f321d9e39316a6aa7404a65ccd84890c2f527c1232b58d5"), - tag: &hex!("dfa591ee2372699758d2cc43bfcbd2ba"), - }, - GcmTV { - key: &hex!("8433a85f16c7c921476c83d042cb713eb11a83fc0cffe31dde97907f060b4ee9"), - nonce: &hex!("55ffc85ffd1cdea8b8c48382"), - plaintext: &hex!("23bc3983ba5b3be91c8a6aa148a99995241ee9e82ce44e1184beb742affbe48f545c9a980480cf1fab758a46e4711ea9267466"), - aad: b"", - ciphertext: &hex!("2f4bdc7b8b8cec1863e3145871554778c43963b527f8413bb9779935c138a34d86d7c76a9e6af689902f316191e12f34126a42"), - tag: &hex!("7dc63156b12c9868e6b9a5843df2d79e"), - }, - GcmTV { - key: &hex!("5d7bf55457929c65e4f2a97cbdcc9b432405b1352451ccc958bceebce557491d"), - nonce: &hex!("f45ae70c264ed6e1cc132978"), - plaintext: &hex!("ba5ac2a16d84b0df5a6e40f097d9d44bf21de1fcec06e4c7857463963e5c65c936d37d78867f253ce25690811bf39463e5702a"), - aad: b"", - ciphertext: &hex!("47c16f87ebf00ba3e50416b44b99976c2db579423c3a3420479c477cd5ef57621c9c0cee7520acb55e739cc5435bc8665a2a0c"), - tag: &hex!("456054ecb55cf7e75f9543def2c6e98c"), - }, - GcmTV { - key: &hex!("595f259c55abe00ae07535ca5d9b09d6efb9f7e9abb64605c337acbd6b14fc7e"), - nonce: &hex!("92f258071d79af3e63672285"), - plaintext: &hex!("a6fee33eb110a2d769bbc52b0f36969c287874f665681477a25fc4c48015c541fbe2394133ba490a34ee2dd67b898177849a91"), - aad: b"", - ciphertext: &hex!("bbca4a9e09ae9690c0f6f8d405e53dccd666aa9c5fa13c8758bc30abe1ddd1bcce0d36a1eaaaaffef20cd3c5970b9673f8a65c"), - tag: &hex!("26ccecb9976fd6ac9c2c0f372c52c821"), - }, - GcmTV { - key: &hex!("251227f72c481a7e064cbbaa5489bc85d740c1e6edea2282154507877ed56819"), - nonce: &hex!("db7193d9cd7aeced99062a1c"), - plaintext: &hex!("cccffd58fded7e589481da18beec51562481f4b28c2944819c37f7125d56dceca0ef0bb6f7d7eeb5b7a2bd6b551254e9edff3a"), - aad: b"", - ciphertext: &hex!("1cc08d75a03d32ee9a7ae88e0071406dbee1c306383cf41731f3c547f3377b92f7cc28b3c1066601f54753fbd689af5dbc5448"), - tag: &hex!("a0c7b7444229a8cfef24a31ee2de9961"), - }, - GcmTV { - key: &hex!("f256504fc78fff7139c42ed1510edf9ac5de27da706401aa9c67fd982d435911"), - nonce: &hex!("8adcf2d678abcef9dd45e8f9"), - plaintext: &hex!("d1b6db2b2c81751170d9e1a39997539e3e926ca4a43298cdd3eb6fe8678b508cdb90a8a94171abe2673894405eda5977694d7a"), - aad: b"", - ciphertext: &hex!("76205d63b9c5144e5daa8ac7e51f19fa96e71a3106ab779b67a8358ab5d60ef77197706266e2c214138334a3ed66ceccb5a6cd"), - tag: &hex!("c1fe53cf85fbcbff932c6e1d026ea1d5"), - }, - GcmTV { - key: &hex!("21d296335f58515a90537a6ca3a38536eba1f899a2927447a3be3f0add70bea5"), - nonce: &hex!("2be3ad164fcbcf8ee6708535"), - plaintext: &hex!("ad278650092883d348be63e991231ef857641e5efc0cab9bb28f360becc3c103d2794785024f187beaf9665b986380c92946a7"), - aad: b"", - ciphertext: &hex!("b852aeba704e9d89448ba180a0bfde9e975a21cc073d0c02701215872ed7469f00fe349294ba2d72bf3c7780b72c76101ba148"), - tag: &hex!("bdd6d708b45ae54cd8482e4c5480a3c1"), - }, - GcmTV { - key: &hex!("d42380580e3491ddfbc0ec32424e3a281cbe71aa7505ff5ab8d24e64fbe47518"), - nonce: &hex!("fbed88de61d605a7137ffeb2"), - plaintext: &hex!("4887a6ef947888bf80e4c40d9769650506eb4f4a5fd241b42c9046e3a2cf119db002f89a9eba1d11b7a378be6b27d6f8fc86c9"), - aad: b"", - ciphertext: &hex!("87aa27f96187ce27e26caf71ba5ba4e37705fd86ca9291ea68d6c6f9030291cdbff58bff1e6741590b268367e1f1b8c4b94cd4"), - tag: &hex!("d1690a6fe403c4754fd3773d89395ecd"), - }, - GcmTV { - key: &hex!("5511727ecd92acec510d5d8c0c49b3caacd2140431cf51e09437ebd8ca82e2ce"), - nonce: &hex!("ae80d03696e23464c881ccff"), - plaintext: &hex!("184b086646ef95111ccb3d319f3124f4d4d241f9d731ce26662ea39e43457e30b0bd739b5d5dbceb353ce0c3647a3a4c87e3b0"), - aad: b"", - ciphertext: &hex!("aa28cb257698963dfc3e3fe86368d881ac066eb8ee215a7c0ed72e4d081db0b940071e2e64ff6204960da8e3464daf4cb7f37b"), - tag: &hex!("c1578aa6e3325ee4b5e9fb9ee62a7028"), - }, - GcmTV { - key: &hex!("d48f3072bbd535a2df0a2864feb33b488596cd523ad1623b1cefe7b8cbefcf4a"), - nonce: &hex!("bbf2a537d285444d94f5e944"), - plaintext: &hex!("060c585bd51539afdd8ff871440db36bfdce33b7f039321b0a63273a318bd25375a2d9615b236cfe63d627c6c561535ddfb6bd"), - aad: b"", - ciphertext: &hex!("993d5d692c218570d294ab90d5f7aa683dc0e470efac279a776040f3b49386813f68b0db6a7aef59025cc38520fb318a1eac55"), - tag: &hex!("8cd808438a8f5b6a69ff3ae255bf2cb2"), - }, - GcmTV { - key: &hex!("5fe01c4baf01cbe07796d5aaef6ec1f45193a98a223594ae4f0ef4952e82e330"), - nonce: &hex!("bd587321566c7f1a5dd8652d"), - plaintext: &hex!("881dc6c7a5d4509f3c4bd2daab08f165ddc204489aa8134562a4eac3d0bcad7965847b102733bb63d1e5c598ece0c3e5dadddd"), - aad: &hex!("9013617817dda947e135ee6dd3653382"), - ciphertext: &hex!("16e375b4973b339d3f746c1c5a568bc7526e909ddff1e19c95c94a6ccff210c9a4a40679de5760c396ac0e2ceb1234f9f5fe26"), - tag: &hex!("abd3d26d65a6275f7a4f56b422acab49"), - }, - GcmTV { - key: &hex!("885a9b124137e40bd0f697771317e401ce36327e61a8f9d0b80f4798f30a731d"), - nonce: &hex!("beebc2f5a26fd2cab1e9c395"), - plaintext: &hex!("427ec568ad8367c202f5d9999240f9994cc113500154f7f49e9ca27cc8154143b855238bca5c7bd6d9852b4eebd41e4eb98f16"), - aad: &hex!("2e8bdde32258a5fcd8cd21037d0545eb"), - ciphertext: &hex!("a1d83aab6864db463d9d7c22419462bde0740355c1147c62b4c4f23ceeaf65b16b873b1cc7e698dff6e3d19cf9da33e8cbcba7"), - tag: &hex!("4fdbfd5210afa3556ec0fdc48b98e1eb"), - }, - GcmTV { - key: &hex!("21c190e2b52e27b107f7a24b913a34bd5b7022060c5a4dec9ab289ff8ae67e2d"), - nonce: &hex!("b28a61e6c1dfa7f76d086063"), - plaintext: &hex!("4e1b9528cf46b1dd889858d3904d41d3174dcb225923f923d80adbfe6eec144b1d4eb3690d0b8519c99beaee25bb50fd2d148f"), - aad: &hex!("d80657377ddbbed1f9b8d824b3c4d876"), - ciphertext: &hex!("7126fa807aa6b61a60958fe4cc8682bb256e5bbdc499d04a6caa81b23f9e67d3da4cf1994b5a8ecc7bce641864d0519a6509cd"), - tag: &hex!("d3e96568f2cd1a48771ee4f67ad042c1"), - }, - GcmTV { - key: &hex!("11c33ae37680130c51ed11bfaf0fcb6ed4fc7d903ff432b811763d2c7ef83a33"), - nonce: &hex!("0f224d26dbf632cebdce3b8b"), - plaintext: &hex!("f8a2affe5a7e67f2c62622e4a56804b48e529d1faf9096f94409224129921ce46aed898dd5391746e8170e05f91e0524166625"), - aad: &hex!("dee803732ff662cba9f861227f8b67cf"), - ciphertext: &hex!("3856558375c363b25e8f9e9e2eb63cf0e76a1c6e228893c7b22da4a69b682528b4a4ca2b99e7a537390e2d1e05a68f3e39c4e9"), - tag: &hex!("9b12691b2002ca9227035c68ea941ef3"), - }, - GcmTV { - key: &hex!("3b291794fbb9152c3e4f4de4608a9137d277bd651f97e738afaa548d97b4ec60"), - nonce: &hex!("4d1c69c6da96c085d31422ba"), - plaintext: &hex!("21b3ca1f47a0c7f6ebd097eda69d9e5b5fbf5c24d781658003cfd443ae7096be19e1cd3c14fe9738efb00847697fccb466ae1b"), - aad: &hex!("f3a5fa61a4e987413a8fab4aa51d895d"), - ciphertext: &hex!("6c1439cd2cb564e7944fd52f316e84aeffc3fd8024df5a7d95a87c4d31a0f8ea17f21442c709a83b326d067d5f8e3005ebe22a"), - tag: &hex!("e58048f2c1f806e09552c2e5cdf1b9d9"), - }, - GcmTV { - key: &hex!("8e7a8e7b129326e5410c8ae67fbd318de1909caba1d2b79210793c6b2c6e61c7"), - nonce: &hex!("8e48513fdd971861ef7b5dc3"), - plaintext: &hex!("ef6b4145910139293631db87a0d7782a1d95db568e857598128582e8914b4fa7c03c1b83e5624a2eb4c340c8ad7e6736a3e700"), - aad: &hex!("80bb66a4727095b6c201fb3d82b0fcf5"), - ciphertext: &hex!("e302687c0548973897a27c31911fc87ee93d8758c4ded68d6bd6415eaaf86bcc45fa6a1ef8a6ae068820549b170405b3fc0925"), - tag: &hex!("ff5c193952558e5a120e672f566be411"), - }, - GcmTV { - key: &hex!("d687e0262f7af2768570df90b698094e03b668ce6183b6c6b6ca385dcd622729"), - nonce: &hex!("50f6904f2d8466daa33c2461"), - plaintext: &hex!("79e3067d94464e019a7c8af10b53adf5b09426d35f2257c3cbaffe1ff720565c07e77aeef06f9d03a2353053992073a4ed1fc8"), - aad: &hex!("e8fa99432929d66f10205ad3e9592151"), - ciphertext: &hex!("18f6e6aeecc8dc5a3d0b63a2a8b7bfaf695bd9c49a7392dbfa8ed44771eebe27f94589d8a430da4cf03a8693bc7525e1fcac82"), - tag: &hex!("3c864eaa1b0ae44a7f0ad9ba287ba800"), - }, - GcmTV { - key: &hex!("26dc5ce74b4d64d1dc2221cdd6a63d7a9226134708299cd719a68f636b6b5ebd"), - nonce: &hex!("0294c54ff4ed30782222c834"), - plaintext: &hex!("ae4c7f040d3a5ff108e29381e7a0830221d5378b13b87ef0703c327686d30af004902d4ddb59d5787fecea4731eaa8042443d5"), - aad: &hex!("2a9fb326f98bbe2d2cf57bae9ecbeff7"), - ciphertext: &hex!("9601aec6bc6e8a09d054a01e500a4e4cdcc7c2cf83122656be7c26fc7dc1a773a40be7e8a049a6cdf059e93a23ca441ef1ca96"), - tag: &hex!("b620a8a0c8fe6117f22735c0ca29434c"), - }, - GcmTV { - key: &hex!("7fa0644efc7f2e8df4b311f54ba8b8c975b2c2aa97962f8ca8a322541bedaa9d"), - nonce: &hex!("5e774e45a07eeb9721734412"), - plaintext: &hex!("84d1c75455e4c57419a9d78a90efc232c179517fe94aff53a4b8f7575db5af627f3d008006f216ecfc49ab8da8927ff5dc3959"), - aad: &hex!("6ad673daa8c412bf280ea39ba0d9b6d4"), - ciphertext: &hex!("e2f00b5a86b3dec2b77e54db328c8d954d4b716f9735e5798b05d65c512674d56e88bda0d486685a45d5c249719884329e3297"), - tag: &hex!("0ce8eb54d5ad35dd2cb3fa75e7b70e33"), - }, - GcmTV { - key: &hex!("91d0429f2c45cf8ab01d50b9f04daaaccbe0503c9f115f9457c83a043dc83b23"), - nonce: &hex!("34401d8d922eebac1829f22e"), - plaintext: &hex!("d600d82a3c20c94792362959de440c93119a718ac749fa88aa606fc99cb02b4ca9ba958d28dc85f0523c99d82f43f58c5f979b"), - aad: &hex!("1b29de9321aebc3ff9d1c2507aee80e9"), - ciphertext: &hex!("84cbc9936eb7270080bb7024780113d064eccb63d3da0bd6bce4f8737d28304bfb6102f3ae9c394cc6452633fc551582bbfe1d"), - tag: &hex!("e132dc8a31d21f24ea0e69dfb6b26557"), - }, - GcmTV { - key: &hex!("44e6411b9fbfcef387d0ca07b719181c7567e27dba59e8e1c3cc1763cfeaca04"), - nonce: &hex!("25a1cfd97bd8e63de5d65974"), - plaintext: &hex!("db28a592b1f3603c287991a69cc64eacdd62046445a8ba4067575f12553de155d06a9b40ddf58fec56c8171687b9cb54b1f346"), - aad: &hex!("4b1751b074ab649d27fd3f2c4d7ee33a"), - ciphertext: &hex!("36bf6bb761b2248fe71a620e34e9d18e12a74ca42c9a9a21d30345995a83eb44bcae3c67c020730cd8d5e51a741694cc396469"), - tag: &hex!("e69ebf80a88d6eca41ae87cdcab4e1f2"), - }, - GcmTV { - key: &hex!("a94bfcefae90f9078860db80ccc50819eadf7cce29df3279f94f5eea97009ef2"), - nonce: &hex!("f481bcb7f5da296e9454ff78"), - plaintext: &hex!("97d0c7dfcab32a386f51d92e89333ec84eecd552e68d14cf48b75067bf0e1946ad03a5d063b852ca053c929088af45d0884a88"), - aad: &hex!("9f80d845577818df9ba984ee552ae203"), - ciphertext: &hex!("18a1c9bfe1b1dfdd06e465df347c1e942b37b3e48cb0c905841a593b5b0d0330feb3b8970dbc9429252a897f0f8e12860ea39a"), - tag: &hex!("10cf4d335b8d8e7e8bbaf49222a1cd66"), - }, - GcmTV { - key: &hex!("a50a60e568ff35a610ef9479c08bbc7bb64c373fc853f37fa6b350250a26f232"), - nonce: &hex!("5ada1d4aca883d7bd6fa869f"), - plaintext: &hex!("9ea44e72a1d21395cd81d20db05816441010efd8f811b75bb143ab47f55eefce4eec5f606fa5d98b260d7e5df4a7474cbd8599"), - aad: &hex!("cc7a7a541be7a6d1b846354cb6a571e6"), - ciphertext: &hex!("4165b135187faeb395d4531c062738e0d47df8bed91982eb32e391a6b3711f117b6fae0afde791de3e72fcf96d2b53ff1a621a"), - tag: &hex!("e2cbfea2100585b2cbe5107da17ff77a"), - }, - GcmTV { - key: &hex!("5ff3311461d247ceb1eaf591292fcba54308dd3484fd1851e09a12b8f6663fc1"), - nonce: &hex!("61af2e6aec183129cf053c2b"), - plaintext: &hex!("920df8b2888a74022ede6919ed0bf48ccf51e395fe5bfa69a6209ff9a46674024eaa4f43ae2c933730b9fdc8ad216130447cc8"), - aad: &hex!("5eafed6674f2ae83397df923e059db49"), - ciphertext: &hex!("0e35e1208168b639e012df398bc8bf2b19b08d46af0353cd78f6d1b7ae14e6224c1da6fdc9433b171f1cd2b512d5f1acd84f03"), - tag: &hex!("5bc77eb02e4d51e2019446b468498d0e"), - }, - GcmTV { - key: &hex!("42e93547eee7e18ec9620dd3dc0e2b1cf3e5d448198a902ded3f935da9d35b33"), - nonce: &hex!("e02e12ba92a6046af11adf0e"), - plaintext: &hex!("6c3704b32527ace3d5236687c4a98a1ad5a4f83c04af2f62c9e87e7f3d0469327919d810bb6c44fd3c9b146852583a44ed2f3c"), - aad: &hex!("ac3d536981e3cabc81211646e14f2f92"), - ciphertext: &hex!("8b6506af703ae3158eb61e2f9c2b63de403b2ebc6b1e6759ceb99c08aa66cb07d1d913ac4acd7af9b9e03b3af602bcaf2bb65e"), - tag: &hex!("a6ce2ccb236fc99e87b76cc412a79031"), - }, - GcmTV { - key: &hex!("24501ad384e473963d476edcfe08205237acfd49b5b8f33857f8114e863fec7f"), - nonce: &hex!("9ff18563b978ec281b3f2794"), - plaintext: &hex!("27f348f9cdc0c5bd5e66b1ccb63ad920ff2219d14e8d631b3872265cf117ee86757accb158bd9abb3868fdc0d0b074b5f01b2c"), - aad: &hex!("adb5ec720ccf9898500028bf34afccbcaca126ef"), - ciphertext: &hex!("eb7cb754c824e8d96f7c6d9b76c7d26fb874ffbf1d65c6f64a698d839b0b06145dae82057ad55994cf59ad7f67c0fa5e85fab8"), - tag: &hex!("bc95c532fecc594c36d1550286a7a3f0"), - }, - GcmTV { - key: &hex!("fb43f5ab4a1738a30c1e053d484a94254125d55dccee1ad67c368bc1a985d235"), - nonce: &hex!("9fbb5f8252db0bca21f1c230"), - plaintext: &hex!("34b797bb82250e23c5e796db2c37e488b3b99d1b981cea5e5b0c61a0b39adb6bd6ef1f50722e2e4f81115cfcf53f842e2a6c08"), - aad: &hex!("98f8ae1735c39f732e2cbee1156dabeb854ec7a2"), - ciphertext: &hex!("871cd53d95a8b806bd4821e6c4456204d27fd704ba3d07ce25872dc604ea5c5ea13322186b7489db4fa060c1fd4159692612c8"), - tag: &hex!("07b48e4a32fac47e115d7ac7445d8330"), - }, - GcmTV { - key: &hex!("9f953b9f2f3bb4103a4b34d8ca2ec3720df7fedf8c69cac900bd75338beababe"), - nonce: &hex!("eb731ae04e39f3eb88cc77fa"), - plaintext: &hex!("3b80d5ac12ba9dad9d9ff30a73732674e11c9edf9bb057fd1c6adc97cf6c5fa3ee8690ad4c51b10b3bd5da9a28e6275cbe28cb"), - aad: &hex!("d44a07d869ac0d89b15262a1e8e1aa74f09bcb82"), - ciphertext: &hex!("1533ce8e2fc6ab485aef6fcfb08ded83ae549a7111fce2a1d8a3f691f35182ce46fce6204d7dafb8d3206c4e4b645bc3f5afd1"), - tag: &hex!("f09265c21f90ef79b309a93db73d9290"), - }, - GcmTV { - key: &hex!("2426e2d1cd9545ec2fb7ab9137ad852734333925bfc5674763d6ee906e81c091"), - nonce: &hex!("49a094a71d393b36daa4a591"), - plaintext: &hex!("7cbe7982d365a55d147c954583f9760a09948ab73ebbe1b2c1d69ed58e092a347392192cfe8bce18ca43ee19af7652331bd92c"), - aad: &hex!("177309cfc913e3f5c093e8b1319ba81826d43ce5"), - ciphertext: &hex!("cab992e17cf6ec69fd3c67ea0424bcd67475a7f1f16e6733c4419d1b5a755f78d6eda8e368360d403800a08f0d52b4bc0aa0ab"), - tag: &hex!("b125f8caee9e54b9f9414b1c09021ed8"), - }, - GcmTV { - key: &hex!("8dc1b24bcbbee3cb8e14b344166d461d00c7490041edc9fa07e19cc82a3ed9c4"), - nonce: &hex!("31768ad18c971b188d947019"), - plaintext: &hex!("84e4f79dbb7209cbaf70e4fefe137c494786c899602783e9c034296978d7f0c571f7ea9d80ed0cc4723124872d7326890300c1"), - aad: &hex!("eb3673b64560cca7bda76a1de7ae1014ee1acaee"), - ciphertext: &hex!("2402acd865d4b731bc9395eae0e57d38fdf5ce847ac7aef75791a52c7573ea9b3a296e62cb1ed97c4bd34be50ee7f3d75747cf"), - tag: &hex!("665abb725498ede2b0df655fc1765a2b"), - }, - GcmTV { - key: &hex!("bc898f643a5f2cd864c10b507b4b803b4ff4ace61fadcc7bcd98af394731b791"), - nonce: &hex!("cc447d83c0a6734a79778c64"), - plaintext: &hex!("124eb963cdb56fa49c70a9b1aa682445c55065f26859f1d16eef7cfe491587533eedd7e23deabddfc5550c2fa6a08b17822699"), - aad: &hex!("e932bd2e0e6c550d136f725e14c53d27ffb20f6a"), - ciphertext: &hex!("45d8908ef9eef369e78b7ea0b7d023a92c63648271927efe9b0220eb09ed96f3b635c6ec8bfc68b4c228b712494bb37f4c7f1a"), - tag: &hex!("47899857494bac28d2176a9c923026b2"), - }, - GcmTV { - key: &hex!("8e82a85466ee024eb1ae10c4982d6a95e6dbe5582299ab37fe89a9db80ab51a6"), - nonce: &hex!("04cfd489e18eeb7a4a8ab36b"), - plaintext: &hex!("3aa2e4eaed18c4602715ae77379e9083708af9f9b49031324d41abca61440319c8c8e6dbcc20006a825b12ced00b2286848a94"), - aad: &hex!("7bb54b1a6ed0ca387268a146430c0bfa2602a8fd"), - ciphertext: &hex!("674b1391937074642408eeae9b748ca629da9fd00281824f5a108f6078ee78f98749392bb6e29b53e53e4b11739ac53a8e653b"), - tag: &hex!("e320a873a9c2e8ef455698c37ea59a6d"), - }, - GcmTV { - key: &hex!("f1f2c5503ebf35ac1373c29e2305e963f89f6ed015a181b70fb549429805d5d9"), - nonce: &hex!("2fb5c6a24f406872755db05c"), - plaintext: &hex!("b4a2809198035c277637bb1c2927fb5c60b49ef9087c800012d8663d997983fcb78d51a054114a24e1e1b5214b58e7dee47195"), - aad: &hex!("92c1f3489aed90aedafb55562a34b3f4be29e101"), - ciphertext: &hex!("f051a3a968278a46630b2894a0d386c18fa034960d8ddd14e88e1071afbbca5baf02967c2270117b4fb2bd4cfd032174505f99"), - tag: &hex!("6f1db5293660b6904f7f008e409bdc06"), - }, - GcmTV { - key: &hex!("f0338d26d74bd1768da5bb79c59fab2b4abe1966324048790c44bc98a6b34b6c"), - nonce: &hex!("c8269e4406fa0be1cf057b2f"), - plaintext: &hex!("323c373e4d85a1fd21f387fdd8c7e6aeebd5aae893d7af286cb214600cba8b9eb06df085a2dc5aed870259f7f3cc81d3eb53bd"), - aad: &hex!("13fb0edcba095cef9c4343a0629fd5020f03729d"), - ciphertext: &hex!("08572b9cf9bcfd21d4403a1218d94476b9ee8c3b94c56625c21ccaf4c0efa34cf22a532389210793699c9de1ab14f8c4c52928"), - tag: &hex!("29968c9fb610940cee9fd5b2f7c8ba21"), - }, - GcmTV { - key: &hex!("a67648285b65b9196060aaa02af279170164353e38fb77c3968c403cfa9acdc8"), - nonce: &hex!("0822d6b3e91eccb7e14245fd"), - plaintext: &hex!("b5d271768c12ccabf89eb2d58cbde840c26d1c9b3692581f90c8b0d7b2cff31ae9192d284f5448de7d924a7b08f115edae75aa"), - aad: &hex!("0d9a5af7ac27438d92534d97ff4378274790e59f"), - ciphertext: &hex!("b59041eed7abc2ff507d1932b5c55ac52728e5ac6648dcc74b38870db6181b1989f95a0144f0db368ec50414cfda0b977141e3"), - tag: &hex!("1d12ce89e1261d73470f3ae36ab87288"), - }, - GcmTV { - key: &hex!("51162b2435f3cf43471f4cc0ffac98b438501ee9b887843a66e9951ca35b8767"), - nonce: &hex!("dcb902eaa837ed22bf5fa636"), - plaintext: &hex!("3edf43358f5109a4dfb4a02987170a67cdd170f6028f7708bdd7726f476b882b9640270f2270f7babfa384181c8e58c15d04c4"), - aad: &hex!("4d459905ff89aed07dcda43a3d191a3da9309faa"), - ciphertext: &hex!("046a2313d36cbc43b6d0787e5ef37d153090a31d0f6656004034be72b9b07ace3a8abe8614362282d87da40c29c60a1a9f5c40"), - tag: &hex!("c7410b5cb94d2877c189983791cee82e"), - }, - GcmTV { - key: &hex!("2fa2beb1cde2226f28fb42a5fb0af3fc58fbb76bf14aa436e6535d466456a0f4"), - nonce: &hex!("50190514a3740b3c0b1df576"), - plaintext: &hex!("a5e0b4837dfca263ba286abf7940b6e70fabb55d8dee5028617c1190fbd327f79b79d2f34db6076ab07cecff7114b15ca02a33"), - aad: &hex!("25142928c1ae9c7b850309e07df359389db539fc"), - ciphertext: &hex!("850fd22bd0897b98ce40bc6c1345a9d59abf796b1b8c34ee8b377e54ee7d59dec05c022ecae96ffdfa1311bdd4e7a9d35aac47"), - tag: &hex!("4b5ab89b4f627ca32d12a1791c286870"), - }, - GcmTV { - key: &hex!("a92a797ce2b2f382030b77a1abe94c8076eee88de2dc4929350b244dbdaddd30"), - nonce: &hex!("716f577401a7893c42c91710"), - plaintext: &hex!("9d26ff79a89720fab6e4cda85887e3c0c3f86a4670d065c8ea68042b6f9f16dd2c5b31acb36331f5b1e50f08c492dc12eebd9e"), - aad: &hex!("8642681f1839b88990c2a939f00c9b90766dadac"), - ciphertext: &hex!("3080bcf3604cf81f5f2c6edc80dfe5d877168a9903598a700a0bbae188fadc7a8b76a04b40400f9252d7f9437fa8f024a3bdeb"), - tag: &hex!("8fc56f6bf48efb00476886b2a03ecb89"), - }, - GcmTV { - key: &hex!("89d0723e5a087456b7b709b8b21be380b463ba3dc9b79170e9947526798fe91c"), - nonce: &hex!("68e2f307b7d49d4d9c041755"), - plaintext: &hex!("7fe2afb710e8fd49cca1c2ba8fd0814594fba4d667017630e170a8a379fa5837bf370ca1cd4c98bd8c4f13eb7068ffa71ab07c"), - aad: &hex!("b34805b30703a62b6d37c93f2443e1a33154b5fb"), - ciphertext: &hex!("b841012752bbf1dfa7b59366dbf353bf98b61ff2e6e7a13d64d9dcb58b771003c8842ac002aac1fa8ca00a21eaf101ab44f380"), - tag: &hex!("73a93e2722db63c2bbf470d5193b2230"), - }, - GcmTV { - key: &hex!("329a6e94b1cce693e445694650d62b8c2c9ab03a09e6d4eca05c48291e576b89"), - nonce: &hex!("78f471bc32f8637a213e87ac"), - plaintext: &hex!("65264d75e1a176a7e966e59109cd074ac5d54740eb0c58084af023e5599eb611846199579d95ba94b6d25ee4d9074b9714f231"), - aad: &hex!("c00c465524e2e2f8a55c0793ed9af851be45a70e"), - ciphertext: &hex!("964d665d1e3c1018dfd883e217cfe4c856cc844f7644b53bb68fbe66f8541fa43ac54e92a2b194d6d8929fe031e94b3e70eca0"), - tag: &hex!("fd511385711236f2e99e6da5042007b7"), - }, - GcmTV { - key: &hex!("463b412911767d57a0b33969e674ffe7845d313b88c6fe312f3d724be68e1fca"), - nonce: &hex!("611ce6f9a6880750de7da6cb"), - plaintext: &hex!("e7d1dcf668e2876861940e012fe52a98dacbd78ab63c08842cc9801ea581682ad54af0c34d0d7f6f59e8ee0bf4900e0fd85042"), - aad: &hex!("0a682fbc6192e1b47a5e0868787ffdafe5a50cead3575849990cdd2ea9b3597749403efb4a56684f0c6bde352d4aeec5"), - ciphertext: &hex!("8886e196010cb3849d9c1a182abe1eeab0a5f3ca423c3669a4a8703c0f146e8e956fb122e0d721b869d2b6fcd4216d7d4d3758"), - tag: &hex!("2469cecd70fd98fec9264f71df1aee9a"), - }, - GcmTV { - key: &hex!("55f9171a03c21e09e3a5fd771e56bffb775ebb190319f3dc214c4b19f72e5482"), - nonce: &hex!("14f3bf95a08e8f52eb46fbf9"), - plaintext: &hex!("af6b17fd67bc1173b063fc6f0941483cee9cbbbbed3a4dcff55a74b0c9535b977efa640e5b1a30faa859fd3daa8dd780cc94a0"), - aad: &hex!("bac1ddefd111d471e75f0efb0f8127b4da923ecc788a5c91e3e2f65e2943e4caf42f54896604af19ed0b4d8697d45ab9"), - ciphertext: &hex!("3ae8678089522371fe4bd4da99ffd83a32988e0728aa3a4970ded1fe73bc30c2eb1fe24c0ff5ab549ac7e567d7036628fd718d"), - tag: &hex!("cf59603e05f4ed1d2da04e19399b8512"), - }, - GcmTV { - key: &hex!("54601d1538e5f04dc3fe95e483e40dec0aaa58375dc868da167c9a599ed345d9"), - nonce: &hex!("c5150872e45c341c2b99c69a"), - plaintext: &hex!("ae87c08c7610a125e7aa6f93fac0f80472530b2ce4d7194f5f4cb8ac025323c6c43a806788ef50c5028764ec32f2839005c813"), - aad: &hex!("93cd7ee8648a64c59d54cdac455b05ffdfc2effe8b19b50babd8c1a8c21f5dc8dc6050e2347f4cd28701594b9f8d4de5"), - ciphertext: &hex!("d5f005dc67bdc9738407ce2401977f59c9c83520e262d0c8db7fe47ae0eada30d674694f008e222f9733a6e63d81499e247567"), - tag: &hex!("3470155144c74929980134db6995dd88"), - }, - GcmTV { - key: &hex!("e966c470cbecc819260640d5404c84382e6e649da96d29cad2d4412e671ed802"), - nonce: &hex!("b3a92d6f49fe2cb9c144d339"), - plaintext: &hex!("7adf6fcb41d59b8d2b663010c3d4cf5f5f0b95cf754f76f8626c4428467e5c6684e77e7857b1cc755762e9ea9117e3bb077040"), - aad: &hex!("dfa62a3a4b5b3af6770cfd3cef3bbb4cce3f64925782a9a8a6e15fe3744d8f9310400dd04e8d7966c03850539e440aa5"), - ciphertext: &hex!("5f5b09486e6cd2a854e5622b4988e2408fddaca42c21d946c5cd789fe5a1306ef33c8cd44467ad7aa4c8152bce656a20367284"), - tag: &hex!("2b388109afdada6473435230d747b4eb"), - }, - GcmTV { - key: &hex!("4a8a12c0575ec65ae1c5784d2829bc7b04818eb00bd4c90a0d032ea281076e27"), - nonce: &hex!("959f113b705397fb738018b0"), - plaintext: &hex!("0c5571195586e4fc7096fb86cfcd6684081446f3d7adc33a897f03ac4ff6c3cc2019b67bd3184c86070764f6deaa8a10d0d81f"), - aad: &hex!("adb8bc96142a1025122dc22f826957197af33dcdcf6b7ab56bc1a5e17e8534e48b8daf685faf9543bb343614bdf6737f"), - ciphertext: &hex!("84212d5991231d35c4e8621163e5b370a0105a05856866e74df72c0808c062981570d32d274ea732fa4d29f9cfa7839cadbe6a"), - tag: &hex!("39cee3b8fa0bf92605666ccd9eb19840"), - }, - GcmTV { - key: &hex!("6197a4fa7cfcedeff223f69ea68b4ddf54b683350c20875be353077e9bbce346"), - nonce: &hex!("1a69ecabd42c53c0ec64fcd0"), - plaintext: &hex!("40a487b4daf866c20f3c4911a0586709c3344aa988dc9c464bcf36cc4e3d92701e611e60cf69f3edbf76cd27ff6ba935026d7f"), - aad: &hex!("b20a7ca5b5b603f661587e01f7ef171823ef463c187ded77a3d616400cc1d2b0b688ac9e927498341560cbc8eb9a4198"), - ciphertext: &hex!("06420fa038ee62db30cc05bfe34c8d2c39a9d439653907c512ed606511921fe76110913a5bfb6b6c7b23d7f8883f5ab65f4b14"), - tag: &hex!("4d3097c9919002cd1da83f29820312ed"), - }, - GcmTV { - key: &hex!("c9dbe185023ecaa78be9bfac1b91b9da6bd7c11349feb69e6b0be83a838e77b2"), - nonce: &hex!("8940fa7c6afd3f7a09ec93b6"), - plaintext: &hex!("075be0d61273e6975978d0b88b3fa38fc398d4d0f22a342a8afa5562af0e7c8fa548f0d8faec898a20c97e851754992c1ed4a3"), - aad: &hex!("f17bd357608365e66b98e49191cdc2a3813bba5a1b7988aa8aaaaad4b86d0ef4e2698cad799d63fcd2a5e87c0e3e929a"), - ciphertext: &hex!("615c1097d577363a77bfc7dd57179acb68166e78021b3397d7029ce33cbc848f036b9c07989eeb9f42aeaeebe8542f103b1d32"), - tag: &hex!("a22ab25fd8a6127469e8ce9ff686d575"), - }, - GcmTV { - key: &hex!("e6cdcf497a6e119009bf43ac183d2dd4d4e967964ef92811f69eb18d92923305"), - nonce: &hex!("3e88459a76e1dcc890788297"), - plaintext: &hex!("72a3dfb555ba0029fc3d1c85b836f76135bd1858189efdde2db29045f2c26e6a65627d81a0b85ca42e8269d432a41154e929ac"), - aad: &hex!("a359f86ec918537d80a84da7b66bca700c1ff9ec7f8695a30808d484da218d15ae89c5f943e71778445130191f779001"), - ciphertext: &hex!("9ae3f8ccae0bb5789b1105118760c406e41175a76612435cb0c8be225ea6b368c9d08c9d9a24b512d1458e94af79e3060ab69e"), - tag: &hex!("ac3bbc8fd6a7097df6f298411c23e385"), - }, - GcmTV { - key: &hex!("de5531b50888b61d63af2210ee23f46d91a5e60312bd578584af586bf22ea756"), - nonce: &hex!("0fde8689b0348bbcfaa89fec"), - plaintext: &hex!("80621e54eef1c92afb1f64ed860e39311eea7e2cca6f5624008c1d2e581d7112b7ee0b559fc3db575b7b7c42ee4f2a20442dc0"), - aad: &hex!("22db97cd5f359f12aec66c51c7da79ba629db4c8c7e5501be2ec1e4cc3f3944b6e3057d093bc68b735b5156950f91804"), - ciphertext: &hex!("933018419a32b7bf65f9777c44889a44b32d61ceddbb46839366ce2ca2ffeb1833f46559e59c93bb07f622d9633f13932cf7f1"), - tag: &hex!("25023a4ee9bdbf525cfef888e2480f86"), - }, - GcmTV { - key: &hex!("bc0c6368a9bb2622f6d5ba12de581f003336c298adac34499bf26b11e630f891"), - nonce: &hex!("2aa8f30b567cf1edd818e42d"), - plaintext: &hex!("1dcc1a3167fba55c00d3383e26d386eaa0449154599992da7f7f6598f41b3eb8e4d0a9143dfcab963f5c390a6ae2010fbcf6ec"), - aad: &hex!("0e28ebf87eb757e83031fb836f7b049a46bd740b0a39c9b798d2407e1150da86dfe84121c7c98449559453ad7558e779"), - ciphertext: &hex!("78d00a6e3302369817b9cf1f24ea13c41751382e3fea74403d094737e32fb507184cfebce48d10b4ce8db12ef961e4df2c8e95"), - tag: &hex!("c0aff3594f86b58e229c7ad05c2b84f0"), - }, - GcmTV { - key: &hex!("5d98a0c7ad6f9c0b116613ca5082250356a6a9bca55fe1a4a2962b733214dac4"), - nonce: &hex!("8b2d8e8d83bdd6a3125dd997"), - plaintext: &hex!("4f3685c2cfbc856379d1fd00f9611fe4c0a4b9c4013fe1bee144449709a6a7e31ff6fb0da74ed464b066b03b50f19cd7f5f9bc"), - aad: &hex!("2f20636d46ce37e9bb0ca0c41d819e3eabcedacbd1ca3ced112d3ad620bbd3b2effe80d3ec8760706e8f14db83139a70"), - ciphertext: &hex!("8e178c0e3e5d22b3be897e0b8879b0d53fef2efb9946ccff6d717b001e3033f2cc22d01d9551e9c0749de704fbe3189328cbb0"), - tag: &hex!("541b7db823e37b5ed323626b9c6748f6"), - }, - GcmTV { - key: &hex!("d80a2703e982de1a2fe706ffe6e389f351ab356ccf056df045e2941b42ef21a4"), - nonce: &hex!("1521ab8f7242cba05427f429"), - plaintext: &hex!("6f9fde28e85776a49cfbad1459d94611757a3cd996aa6e2d702d0483a4d88d532131ebd405b351226b16d19d30d32807a1d511"), - aad: &hex!("5395de90d6bec7c159ab9d6cfa663bdc6295d025e1fcc8b760b9ba42d785eda218dabc6fa7c0f733ad77f61682bff2db"), - ciphertext: &hex!("1e72a8495ceadaf0d31b28ba7cb7c37ccb117761d38fe7dd98eb230ff4ea0b400401e9b5311a7be9b2a533523ad469e2fdb233"), - tag: &hex!("bb174b7624c935ff75b3b77ff7068a98"), - }, - GcmTV { - key: &hex!("6d5c69d7135c0b5b7fef512c127fa788092f1a908358ab658b8f23e463409aa5"), - nonce: &hex!("b36cccad38cd6148a384a026"), - plaintext: &hex!("b4e74f5c56f2ea056d9ff931525944dfad207e063ba226c354e0320a50449967e964580d9b57028c14005aba6865f8bc6a3ef8"), - aad: &hex!("b19f4616bb1452251a2a7dbf78f920194f139e0424d27683621d1ee1e865737c2466e058439c8e122e582a7b63607ce9"), - ciphertext: &hex!("1ce12cd5502efa9ea259584ae9b3c7dbd9444380d4b77a2c787f9b2257019b23ee183dffebb3106a26b18d8a23445626a578e2"), - tag: &hex!("62945e31bae3181855b69c37898ac5bf"), - }, - GcmTV { - key: &hex!("e6afe3c4db2c1d13edb1c5931b2b4b515ec0fd6201139ee1ea55cec92263830e"), - nonce: &hex!("358bd9ea64177d1e23a41726"), - plaintext: &hex!("710bb3394b094ee7d053bc6599b26dafd337e8a61c580d0446c3bf195e77ca5132c8ec3a47a61579dce38360bba7c65e4d5634"), - aad: &hex!("7e0f841cddd7eeebd1ec7b7b8d0e2f71656e5e9ff3cfa739c0b9d0ec4941a0b3f3b396690dbe5f5082d6fb6dd701c68d"), - ciphertext: &hex!("4574a8db515b41c14c2a962dff34e2161a7195c491b11b79889aff93c5b79a6455df9fe8ef5c5b9edb5da1aa9fe66058b9065f"), - tag: &hex!("7c928d7f5cbac9bb4b5928fe727899eb"), - }, - GcmTV { - key: &hex!("5cb962278d79417b7795499e8b92befe4228f3ba5f31992201aa356a6d139a67"), - nonce: &hex!("76f7e7608f09a05f336994cf"), - plaintext: &hex!("2e12cbd468086aa70e2ecd1ddef561e85c225dd083e5956f5c67503344b0ea982bb5044dafbcc02a5b9be1e9b988902d80172b"), - aad: &hex!("032de3fdec273fc8446c2bf767e201f2c7c190acf9d6d321a24a0462cbc3356e798fe23d6c1b4fe83be9c95d71c05504"), - ciphertext: &hex!("c959344a46aa5216d2b37c832436eb72a4a363a6df5642cfbbfd640dea1d64c80bd97eabc1aab192969ee0b799e592a13d2351"), - tag: &hex!("51b227eaf7228a4419f2f3b79b53463a"), - }, - GcmTV { - key: &hex!("148579a3cbca86d5520d66c0ec71ca5f7e41ba78e56dc6eebd566fed547fe691"), - nonce: &hex!("b08a5ea1927499c6ecbfd4e0"), - plaintext: &hex!("9d0b15fdf1bd595f91f8b3abc0f7dec927dfd4799935a1795d9ce00c9b879434420fe42c275a7cd7b39d638fb81ca52b49dc41"), - aad: &hex!("e4f963f015ffbb99ee3349bbaf7e8e8e6c2a71c230a48f9d59860a29091d2747e01a5ca572347e247d25f56ba7ae8e05cde2be3c97931292c02370208ecd097ef692687fecf2f419d3200162a6480a57dad408a0dfeb492e2c5d"), - ciphertext: &hex!("2097e372950a5e9383c675e89eea1c314f999159f5611344b298cda45e62843716f215f82ee663919c64002a5c198d7878fd3f"), - tag: &hex!("adbecdb0d5c2224d804d2886ff9a5760"), - }, - GcmTV { - key: &hex!("e49af19182faef0ebeeba9f2d3be044e77b1212358366e4ef59e008aebcd9788"), - nonce: &hex!("e7f37d79a6a487a5a703edbb"), - plaintext: &hex!("461cd0caf7427a3d44408d825ed719237272ecd503b9094d1f62c97d63ed83a0b50bdc804ffdd7991da7a5b6dcf48d4bcd2cbc"), - aad: &hex!("19a9a1cfc647346781bef51ed9070d05f99a0e0192a223c5cd2522dbdf97d9739dd39fb178ade3339e68774b058aa03e9a20a9a205bc05f32381df4d63396ef691fefd5a71b49a2ad82d5ea428778ca47ee1398792762413cff4"), - ciphertext: &hex!("32ca3588e3e56eb4c8301b009d8b84b8a900b2b88ca3c21944205e9dd7311757b51394ae90d8bb3807b471677614f4198af909"), - tag: &hex!("3e403d035c71d88f1be1a256c89ba6ad"), - }, - GcmTV { - key: &hex!("c277df045d0a1a3956958f271055c229d2634427b1d73e99d54920da69f72e01"), - nonce: &hex!("79e24f84bc77a21a6cb14ee2"), - plaintext: &hex!("5ca68d858cc30b1cb0514c4e9de98e1a1a835df401f69e9ec6f1bcb1158f09114dff551683b3827457f77e17a7097b1ea69eac"), - aad: &hex!("ca09282238d492029afbd30ea9b4aa9d448d77b4b41a791c35ebe3f8e5034ac71210117a843fae647cea020712c27e5c8f85acf933d5e28430c7770862d8dbb197cbbcfe49dd63f6aa05fbd13e32c459342698dfee5935c7c321"), - ciphertext: &hex!("5c5223c8eda59a8dc28b08e6c21482a46e5d84d32c7050bf144fc57f4e8094de133198da7b4b8398b167204aff837da15d9ab2"), - tag: &hex!("378885950a4491bee3cd681d3c957b9a"), - }, - GcmTV { - key: &hex!("4d07f78d19e6d8bb32bf209f138307890f0f1ae39362779ff2bf1f9b734fe653"), - nonce: &hex!("d983a5d5af78a3b1cd5fbd58"), - plaintext: &hex!("94f0bbc4340d97d854e25cc7ce85ea1e781e68bf6f639e0a981bb03e3c209cbf5127171cb0fff65bc3ecac92774d10146d1ac5"), - aad: &hex!("a3dc9ff9210bc4b3276909883db2c2aa0762cd22b46901a248c0372d073e7778b9c1d8469b26bb42406e484ef7747f71dea785fc0020a2eac17e0ac3fbe0453629efd68d5678fbecc10af8ffbe7828f826defb638763f4ecfe82"), - ciphertext: &hex!("6543b4d97fccd273b36436fef719ac31bf0e5c4c058ea71aea2a0e5b60e329be6ea81ce386e6e9fe4480e58363c3b2036865ac"), - tag: &hex!("924cf7c0770f228a4b92e9b2a11fc70b"), - }, - GcmTV { - key: &hex!("9572b9c57abdf1caae3bebc0e4bbf9e556b5cbacca2c4756050fefd10a666155"), - nonce: &hex!("de292a9858caaccdcab6a433"), - plaintext: &hex!("6f420a32708ccd4df0d3149e8c1d88dceba66ee4546f38db07046ebf30f47627f7fdda1dd79783adabe5f6b6853857b99b864c"), - aad: &hex!("a042d97a9b8f6caf51c5f24522d7ed83e2c5d8ec6b37ef2598134a30e57319300c3fdf92fb1d9797f5ef00971f662aae768f69f9ca0455bd6d1059d5f85b8ecb977006b833f90ac2d5bbf4498c83f4d1a42584c0dfc4a2e2453c"), - ciphertext: &hex!("a9af961d61ab578cc1348eb6f729603f481c5d9bf9bee3a13eda022bd09c03a4f207c21c45c0232a9742ae8f0c54b4278a3a63"), - tag: &hex!("eff9bb26156ec76f0060cd93a959e055"), - }, - GcmTV { - key: &hex!("3cc8671c4d25c3cbc887f4dcbd64e531e91cf6252f6ee9c29d9988d20ab6747f"), - nonce: &hex!("f960a09c0b5067280926a9c3"), - plaintext: &hex!("5b58717b0b32076566b58bf37c6133e61468b2be67715fb0007fe390c4b5578decf55502a4e3c12e7bdf0ba98784d126e4753a"), - aad: &hex!("79d73a7ff86698e6114a0f465373fbee029e042424c439b22e3ad37b36b9e02bab82e16844114e99e39c169f462fe61b87c4627c394384acc9531680706e4e56491a304c6075cca37c64db24468c1fb9519605c83f0ee3e0316a"), - ciphertext: &hex!("1d0be097470c1ac30619f63c3961152ab27db88ce694b7bba4db185cb31803cc7bab890e931c90766621bfe5d887eb0cd6995d"), - tag: &hex!("dbd57ea091ff16fc7dbc5435030cc74e"), - }, - GcmTV { - key: &hex!("882068be4552d7ad224fc8fa2af00d6abf76ccf1a7689d75f6f0e9bd82c1215e"), - nonce: &hex!("890a5315992f12674d1c8018"), - plaintext: &hex!("8464c03e0280cb1f63c054a24a050e980f60cc7313f09f2092c45d77bbe9ad2a8c1f6cdca2acd8c57c87e887edadb66bcb66c4"), - aad: &hex!("916721df816b1cad531dee8e4a8e634d43ed87db99609bcc986d16bfac2cff577d536d749a5c3625de53c5351825c228911f0a64be1fc9738a26394efe5332c0762bf59b65d3f1c5aafa9ca2e63eccd59568e6c0269950911a71"), - ciphertext: &hex!("020e297d907177dba12dde4bfe1b0ff9b6a9d9db0695193e4181449e157137b59b488616ba151b06d889f8498ce373d2396ab9"), - tag: &hex!("e48537ecb27460b477a6e7c3463dbcb0"), - }, - GcmTV { - key: &hex!("4deadcf0f7e19231f8afcb6fb902b105bef23f2fa9323a51833ff8368ccb4f91"), - nonce: &hex!("6d4d01abd587ed110e512ed2"), - plaintext: &hex!("75686e0fdd3fd96f3e6dfafd7a2a907f9f375d93943cb2229bd72b032bf624af4fc72071289386e3dccc45959e47ab42b261a2"), - aad: &hex!("31a2797318104b2dc9977e599435b041c56bafe5e7d901a58614c2d3fb9d220e3fd3e2828cef69e0604ed73340cb1e21967294dcd874893942442200b2a5b860ee8cf91e1d8eb3d364d0e43e84f6379f434a1ae17c236b216842"), - ciphertext: &hex!("8feaf9a089599812117a67aed2f4bf3431ff1f6cfd64ea5ff475287abb4ff1ab6b3e4f8a55d1c6b3f08594f403e771ec7e9956"), - tag: &hex!("5040407621712e053591179e1689698e"), - }, - GcmTV { - key: &hex!("80f1c515f10d79cdbee275213aa9ac0845e2cf42874f7e695081cb103abf1a27"), - nonce: &hex!("399d5f9b218b62ff60c267bd"), - plaintext: &hex!("9e95221873f65282dd1ec75494d2500e62a2b6edda5a6f33b3d4dd7516ef25cf4154472e61c6aed2749c5a7d86637052b00f54"), - aad: &hex!("d2a8fff8ae24a6a5efc75764549a765222df317e323a798cbb8a23d1af8fdf8a3b767f55703b1c0feba3912d4234441978191262f1999c69caa4e9a3e0454c143af0022cd6e44cec14149f9e9964a1f2c5e5a6e3e768bd870060"), - ciphertext: &hex!("4f996562e23ebbfd4fe26523aee9525b13d6e134e72d21bdc7f195c6403501fd8300b6e597b668f199f93591ba742a91b54454"), - tag: &hex!("2da1c7325f58575d275abf96c7fa9e51"), - }, - GcmTV { - key: &hex!("c2c6e9be5a480a4a56bfcd0e268faa2276093bd1f7e8ce61e746d003decc761e"), - nonce: &hex!("c1541eb25721d4856df8f928"), - plaintext: &hex!("87d22e0318fbbb420b86b0585bd12c14645ff2c742e5639b3a114cc96c5f738edfbe2055116f259e3d6c14cb6d8fca45708289"), - aad: &hex!("f34e79e5fe437eda03ccfef2f1d6319df51a71c9891863e4b98a7298bd64490460354db5a28b0fadcb815024ea17f3b84810e27954afb1fdf44f0defb930b1793684a781310b9af95b4bcf0a727a2cb0ac529b805811b3721d98"), - ciphertext: &hex!("b5d6e57c7aa0240e0b6e332d3b3323b525a3d8a553ad041ba599e909188da537c3293d1687fb967882d16a5615b84e95f9dd77"), - tag: &hex!("1cce334cec4b51216cac0fc620cdadf9"), - }, - GcmTV { - key: &hex!("ea0d6184a71456e27f9ac82dfc7f6694c898f7c0d19d1cb0db4e575dd0094bb6"), - nonce: &hex!("5018fb816d515511bfb939d5"), - plaintext: &hex!("083147d0c80f134f7393855c8a95bf6e6abd6f9a7b1fca584e8bfc6b5dc13a8edbfd473e232c041d9be9ee7709dc86b3aa320a"), - aad: &hex!("8bc6bd0a263212bd7281fd1a45e512fca104f859358eae9293a297c529a0abaffd8a77507b9069040f2b3141a7620691e110a8b593b956d8e3e71694506b89018a03861c1ba6082687adce15a874c73477430cef075eba077a93"), - ciphertext: &hex!("f0a5c4941782e2f2941dd05acee29b65341773f2e8d51935a3f4fa6f268ff030c880976cf1ee858f6571abd8411b695a2fadf0"), - tag: &hex!("067d8cc2d38c30697272daa00c7f70cf"), - }, - GcmTV { - key: &hex!("c624feb6cb0d78d634b627134c692f0bf5debf84d8639e22ff27ce2ace49d438"), - nonce: &hex!("a54f4f1204255f6b312222cd"), - plaintext: &hex!("ec34f45c1b70fd56518cc5c404cc13330ab7d51c10f4d2cfeb26b097ae76897191ec1b3953b0086e425c7da221d29f65d5ccf3"), - aad: &hex!("d9099ba6be50dca77e0b9803766ad993132479fbab43b8f4126a7f9ef673ac0caf2de235e1e84ad9fe505c43d1ac779f5072c025c14ea0d930ce39db8c5930baada23b3e4654470e559fcb6eb1c133a77318b87cc7913e12d404"), - ciphertext: &hex!("713d28a5123d65e82cca6e7fd919e1e5e3bdaab12ae715cf8b7c974eb5f62be8c3b42637074c6b891f6c6033eb4b7e61db9f0b"), - tag: &hex!("01ededff6e4d1dce4ac790218e208ebe"), - }, - GcmTV { - key: &hex!("1afc68b32596198ae0f3a8612751c2413322e8054ff2ac6bede3d4a1ee20ee62"), - nonce: &hex!("356860e76e794492de6a68f3"), - plaintext: &hex!("293041038f9e8edee23d2f18bce87b522380f1fa18b3021830a54ab891da8548095228ed9860176152e27945d66254f0db8590"), - aad: &hex!("205e44009e0ef963838aff615b35c9f1271d487cf719677d956718bce8ab676cceb636ad381432c5c790c26b07051b661a2fec4e607f9644f84993c8335db21ae36b6008bab2883ad7541809bf5f49272295c1c1f1cf8c678553"), - ciphertext: &hex!("e06109680d5fefd345665ec9a5b2e7bf3ece3af1b62841a95c453e7753b5a1d6d8a10b3c6c42df1f23832b74e74871821f1c0b"), - tag: &hex!("953d8d04f70e2af055ac902a455235b2"), - }, - GcmTV { - key: &hex!("f61b723359e798fefecc26b10b168dc331c639079598f1f651166cc58c671ee1"), - nonce: &hex!("b07e9407b592d4fd95509343"), - plaintext: &hex!("2724f1ad6b5b409a59c7f2ff649eb24b4a33a03d7a0426e29a6ea3aa91b4f00699fbed75bb7189964303e2e9fe3a7e5f74b7a1"), - aad: &hex!("1429c6f27828cb94ad5e62451da10fd574660cec2b8f279a19bbb8a167a630d3ac60db04e8faa02204792e49aed4501844a419d3ecdff0d03799866fee81a91187b08a44d5bb617ff3b2cef79cd48750ea20903e1d3627a17730"), - ciphertext: &hex!("362bad8de943dce8f53edf682d02e1d893c23c5272b13fd35b492f8477083a8c34027db32b6131931f03555ac5fbc6dbb13801"), - tag: &hex!("a51775606343755691f125019b44fdfc"), - }, - GcmTV { - key: &hex!("6be7f4d18ff0fbdd9b3b3cacaba4629a0c617387079add62f6ce1584b33faad1"), - nonce: &hex!("fda568c9cb13d9c176bcef03"), - plaintext: &hex!("4df668e99d5068604a48bcca5baa8245435928558a83d68d7b0b081861224e9bd39ea8f2d55a635949e66c6f6a7ff5cc34dd94"), - aad: &hex!("11ebeb97dd4a9925c1fbe2b9af77392058d2d971e42db15da39f090d7bc132573c34bf7d92a2d72dc66ee6840c3ff07985b8976ee8d8f36bf47ae330b899fdc60652dd5a23c45f3680f11951f019e0697c8acfcaa95f01b9c7dd"), - ciphertext: &hex!("488b40ad594e1845ccdd9e9467fc5e1afbbfde34e57d45bfcd30b61cc326d57fe8e3f31a39cdebf00f60bbd2c3cdf69f756eff"), - tag: &hex!("3bf3fbab9b48486fd08a5552604df639"), - }, - ]; -} diff --git a/crypto/src/aes_fruity.rs b/crypto/src/aes_fruity.rs new file mode 100644 index 000000000..9179005ad --- /dev/null +++ b/crypto/src/aes_fruity.rs @@ -0,0 +1,249 @@ +// (c) 2020-2022 ZeroTier, Inc. -- currently proprietary pending actual release and licensing. See LICENSE.md. + +// MacOS implementation of AES primitives since CommonCrypto seems to be faster than OpenSSL, especially on ARM64. +use std::os::raw::{c_int, c_void}; +use std::ptr::{null, null_mut}; +use std::sync::Mutex; + +use crate::secret::Secret; +use crate::secure_eq; + +#[allow(non_upper_case_globals, unused)] +const kCCModeECB: i32 = 1; +#[allow(non_upper_case_globals, unused)] +const kCCModeCTR: i32 = 4; +#[allow(non_upper_case_globals, unused)] +const kCCModeGCM: i32 = 11; +#[allow(non_upper_case_globals, unused)] +const kCCEncrypt: i32 = 0; +#[allow(non_upper_case_globals, unused)] +const kCCDecrypt: i32 = 1; +#[allow(non_upper_case_globals, unused)] +const kCCAlgorithmAES: i32 = 0; +#[allow(non_upper_case_globals, unused)] +const kCCOptionECBMode: i32 = 2; + +extern "C" { + fn CCCryptorCreateWithMode( + op: i32, + mode: i32, + alg: i32, + padding: i32, + iv: *const c_void, + key: *const c_void, + key_len: usize, + tweak: *const c_void, + tweak_len: usize, + num_rounds: c_int, + options: i32, + cryyptor_ref: *mut *mut c_void, + ) -> i32; + fn CCCryptorUpdate( + cryptor_ref: *mut c_void, + data_in: *const c_void, + data_in_len: usize, + data_out: *mut c_void, + data_out_len: usize, + data_out_written: *mut usize, + ) -> i32; + //fn CCCryptorReset(cryptor_ref: *mut c_void, iv: *const c_void) -> i32; + fn CCCryptorRelease(cryptor_ref: *mut c_void) -> i32; + fn CCCryptorGCMSetIV(cryptor_ref: *mut c_void, iv: *const c_void, iv_len: usize) -> i32; + fn CCCryptorGCMAddAAD(cryptor_ref: *mut c_void, aad: *const c_void, len: usize) -> i32; + fn CCCryptorGCMEncrypt(cryptor_ref: *mut c_void, data_in: *const c_void, data_in_len: usize, data_out: *mut c_void) -> i32; + fn CCCryptorGCMDecrypt(cryptor_ref: *mut c_void, data_in: *const c_void, data_in_len: usize, data_out: *mut c_void) -> i32; + fn CCCryptorGCMFinal(cryptor_ref: *mut c_void, tag: *mut c_void, tag_len: *mut usize) -> i32; + fn CCCryptorGCMReset(cryptor_ref: *mut c_void) -> i32; +} + + + +pub struct AesGcm (*mut c_void); + +impl Drop for AesGcm { + #[inline(always)] + fn drop(&mut self) { + unsafe { CCCryptorRelease(self.0) }; + } +} + +impl AesGcm { + pub fn new(k: &Secret) -> Self { + debug_assert!(KEY_SIZE == 32 || KEY_SIZE == 24 || KEY_SIZE == 16, "AES supports 128, 192, or 256 bits keys"); + unsafe { + let mut ptr: *mut c_void = null_mut(); + assert_eq!( + CCCryptorCreateWithMode( + if ENCRYPT { + kCCEncrypt + } else { + kCCDecrypt + }, + kCCModeGCM, + kCCAlgorithmAES, + 0, + null(), + k.as_ptr().cast(), + KEY_SIZE, + null(), + 0, + 0, + 0, + &mut ptr, + ), + 0 + ); + AesGcm(ptr) + } + } + + #[inline(always)] + pub fn reset_init_gcm(&mut self, iv: &[u8]) { + assert_eq!(iv.len(), 12); + unsafe { + assert_eq!(CCCryptorGCMReset(self.0), 0); + assert_eq!(CCCryptorGCMSetIV(self.0, iv.as_ptr().cast(), 12), 0); + } + } + + #[inline(always)] + pub fn aad(&mut self, aad: &[u8]) { + unsafe { + assert_eq!(CCCryptorGCMAddAAD(self.0, aad.as_ptr().cast(), aad.len()), 0); + } + } + + #[inline(always)] + pub fn crypt(&mut self, input: &[u8], output: &mut [u8]) { + unsafe { + assert_eq!(input.len(), output.len()); + if ENCRYPT { + assert_eq!( + CCCryptorGCMEncrypt(self.0, input.as_ptr().cast(), input.len(), output.as_mut_ptr().cast()), + 0 + ); + } else { + assert_eq!( + CCCryptorGCMDecrypt(self.0, input.as_ptr().cast(), input.len(), output.as_mut_ptr().cast()), + 0 + ); + } + } + } + + #[inline(always)] + pub fn crypt_in_place(&mut self, data: &mut [u8]) { + unsafe { + if ENCRYPT { + assert_eq!(CCCryptorGCMEncrypt(self.0, data.as_ptr().cast(), data.len(), data.as_mut_ptr().cast()), 0); + } else { + assert_eq!(CCCryptorGCMDecrypt(self.0, data.as_ptr().cast(), data.len(), data.as_mut_ptr().cast()), 0); + } + } + } + + #[inline(always)] + fn finish(&mut self) -> [u8; 16] { + let mut tag = 0_u128.to_ne_bytes(); + unsafe { + let mut tag_len = 16; + if CCCryptorGCMFinal(self.0, tag.as_mut_ptr().cast(), &mut tag_len) != 0 { + debug_assert!(false); + tag.fill(0); + } + } + tag + } + +} + +impl AesGcm { + /// Produce the gcm authentication tag. + #[inline(always)] + pub fn finish_encrypt(&mut self) -> [u8; 16] { + self.finish() + } +} +impl AesGcm { + /// Check the gcm authentication tag. Outputs true if it matches the just decrypted message, outputs false otherwise. + #[inline(always)] + pub fn finish_decrypt(&mut self, expected_tag: &[u8]) -> bool { + secure_eq(&self.finish(), expected_tag) + } +} + + + +pub struct Aes(Mutex<*mut c_void>, Mutex<*mut c_void>); + +impl Drop for Aes { + #[inline(always)] + fn drop(&mut self) { + unsafe { + CCCryptorRelease(*self.0.lock().unwrap()); + CCCryptorRelease(*self.1.lock().unwrap()); + } + } +} + +impl Aes { + pub fn new(k: &Secret) -> Self { + unsafe { + debug_assert!(KEY_SIZE == 32 || KEY_SIZE == 24 || KEY_SIZE == 16, "AES supports 128, 192, or 256 bits keys"); + let aes: Self = std::mem::zeroed(); + assert_eq!( + CCCryptorCreateWithMode( + kCCEncrypt, + kCCModeECB, + kCCAlgorithmAES, + 0, + null(), + k.as_ptr().cast(), + KEY_SIZE, + null(), + 0, + 0, + kCCOptionECBMode, + &mut *aes.0.lock().unwrap() + ), + 0 + ); + assert_eq!( + CCCryptorCreateWithMode( + kCCDecrypt, + kCCModeECB, + kCCAlgorithmAES, + 0, + null(), + k.as_ptr().cast(), + KEY_SIZE, + null(), + 0, + 0, + kCCOptionECBMode, + &mut *aes.1.lock().unwrap() + ), + 0 + ); + aes + } + } + + #[inline(always)] + pub fn encrypt_block_in_place(&self, data: &mut [u8]) { + assert_eq!(data.len(), 16); + unsafe { + let mut data_out_written = 0; + CCCryptorUpdate(*self.0.lock().unwrap(), data.as_ptr().cast(), 16, data.as_mut_ptr().cast(), 16, &mut data_out_written); + } + } + + #[inline(always)] + pub fn decrypt_block_in_place(&self, data: &mut [u8]) { + assert_eq!(data.len(), 16); + unsafe { + let mut data_out_written = 0; + CCCryptorUpdate(*self.1.lock().unwrap(), data.as_ptr().cast(), 16, data.as_mut_ptr().cast(), 16, &mut data_out_written); + } + } +} diff --git a/crypto/src/aes_gmac_siv/AES-GMAC-SIV.png b/crypto/src/aes_gmac_siv/AES-GMAC-SIV.png deleted file mode 100755 index c545b20b1..000000000 Binary files a/crypto/src/aes_gmac_siv/AES-GMAC-SIV.png and /dev/null differ diff --git a/crypto/src/aes_gmac_siv/README.md b/crypto/src/aes_gmac_siv/README.md deleted file mode 100644 index 18ea7066e..000000000 --- a/crypto/src/aes_gmac_siv/README.md +++ /dev/null @@ -1,102 +0,0 @@ -AES-GMAC-SIV -====== - -**DEPRECATION NOTICE: this mode has been deprecated in ZeroTier V2 via its secure session protocol. It is still included for use with older nodes but the V2 session protocol removes the advantage of a SIV mode and allows us to use more standard and faster simple AEAD modes like GCM.** - -This is a Rust implementation of AES-GMAC-SIV, a FIPS-compliant SIV AEAD construction for AES-256. An interface to simple AES-CTR mode is also included. - -It's implemented in terms of OpenSSL (libcrypto), macOS/iOS CryptoCore, or (soon) WinCrypt, with the latter two automatically selected at compile time on those platforms. - -## Introduction - -AES-GMAC-SIV is a "synthetic IV" (SIV) cipher construction implemented using only FIPS and NIST approved cryptographic building blocks: AES and GMAC (the MAC component of GCM). It can for FIPS purposes be described as "AES-CTR authenticated with GMAC" both of which are permitted algorithms. It was created because while similar to [AES-GCM-SIV](https://en.wikipedia.org/wiki/AES-GCM-SIV) that mode uses a non-standard MAC called POLYVAL in place of GMAC. POLYVAL is just GMAC in little-endian, but the fact that it is not standard GMAC means it's not found in most cryptographic libraries and is not approved by FIPS and most other cryptographic standards. - -## About SIV Modes - -Stream ciphers like AES-CTR, ChaCha20, and others require a number called an initialization vector (IV) for each use. These and most other stream ciphers work by XORing a key stream with plaintext, so if an IV is used more than once security is compromised. Since XOR is commutative, if two different messages are encrypted with the same key stream a simple XOR can reveal that key stream and decrypt both messages. This is a common pitfall with any XOR based symmetric cipher construction. - -Repeating the IV is dangerous with many MAC (message authentication) functions as well. [It's particularly dangerous in AES-GCM](https://crypto.stackexchange.com/questions/26790/how-bad-it-is-using-the-same-iv-twice-with-aes-gcm), where one nonce reuse with GMAC (the MAC function in AES-GCM) could allow an attacker to forge messages. - -SIV stands for *synthetic IV*. SIV modes work by applying a MAC function to the plaintext first, then using the resulting authentication code plus an IV to initialize a stream cipher. This provides much stronger protection against IV reuse by making the actual IV dependent on the plaintext. Changes to the plaintext will therefore change the IV even if the one supplied to the function is duplicated. - -SIV modes might seem like paranoia, but accidental IV reuse is easier than you might think. Here's a few scenarios where it might happen: - - * Backing up and restoring counter or random seed files. - * Live cloning of virtual machines or application state, resulting in two clones with identical counters or random number generator states. - * Forgetting to use atomics or a mutex to synchronize an IV counter or a non-thread-safe random number generator. - * Hardware differences in concurrent memory access behavior causing synchronization issues when code is ported to new architectures. - * Embedded devices that lack a good source of randomness or have poorly implemented random initialization. - * Memory errors that corrupt an IV counter variable, especially if they can be triggered remotely. - * Time changes or attacks against NTP if a clock is used as an input in initializing a counter or random source. - * Rapid restarts of a service where clock is used as an input in IV initialization. - -... and so on. "Sudden death" on IV re-use is a foot-gun that's worth removing. - -## AES-GMAC-SIV - -![AES-GMAC-SIV block diagram](AES-GMAC-SIV.png) - -*Inputs are green, outputs are blue. Grey indicates simple non-cryptographic operations. Red indicates cryptographic steps.* - -Two initialization keys, which can be derived from a single key using a key derivation function or hashing with a 512-bit hash function and using the first and second 256 bits: - - 1. K0, a 256-bit AES key used to initialize AES-GMAC. - 2. K1, a second (and different) 256-bit AES key used to initialize AES-ECB and AES-CTR. - -Per-message parameters: - - 1. A per-message unique 64-bit IV (can be a counter or random, though a non-overlapping counter is preferred). - 2. Optional additional associated data (AAD) to authenticate but not encrypt. - 3. A plaintext message to encrypt. - -Encryption steps: - - 1. Pad 64-bit IV to 96 bits with zeroes and use it to initialize GMAC. - 2. Feed AAD (if any) into GMAC prior to plaintext. - 3. Pad AAD length to a multiple of 16 by feeding zeroes into GMAC to ensure unique encoding. - 4. Feed plaintext into GMAC to compute final MAC. - 5. XOR lower 64 bits and higher 64 bits of 128-bit GMAC tag to yield a 64-bit tag. - 6. Concatenate original 64-bit input IV and 64-bit shortened tag to form a 128-bit block. - 7. AES-ECB encrypt this IV+tag, yielding an opaque 128-bit message tag and AES-CTR IV. (ECB is secure if only one block is encrypted.) - 8. Clear bit 31 (from the right) in the tag and use this to initialize AES-CTR with the first 96 bits being the AES-CTR IV and the remaining 31 bits being the AES-CTR "index" or counter. This provides what amounts to a 127-bit AES-CTR IV. The most significant bit of the counter is cleared so that poor quality AES-CTR implementations that only use a 32-bit wrapping counter will not wrap at message sizes up to 2^31 bytes. Wrapping technically wouldn't hurt anything unless the implementation generates a fault on wrap, but avoid this in case some cryptographic accelerator somewhere does so. - 9. Encrypt plaintext with AES-CTR and send this along with the encrypted IV+tag from step 7 (without CTR counter bit 31 cleared). The per-message unique 64-bit IV supplied by the caller at encryption **should not** be sent as it is recovered during decryption by decrypting the IV+tag blob. Sending it wastes space and reveals slightly more state information to an attacker, since without the input IV an attacker doesn't know if it has in fact been duplicated. - -Decryption steps: - -*Decryption reverses encryption steps 8, 9, 7, 1, 2, 3, 4, and 5, then authenticates.* - - 1. Initialize AES-CTR IV with the tag after clearning bit 31 as in step 8 above. - 2. Decrypt ciphertext with AES-CTR. - 3. AES-ECB *decrypt* 128-bit tag to yield original IV and 64-bit shortened GMAC tag. - 4. Initialize GMAC using first 64 bits of the *decrypted* message tag and zero pad to 96 bits (as in encryption step 1). - 5. Feed AAD into GMAC (if any) (as in encryption step 2). - 6. Zero-pad AAD to a multiple of 16 (as in encryption step 3). - 7. Feed *decrypted plaintext* into GMAC. - 8. Generate GMAC tag, XOR least and most significant 64 bits, and check MAC. Discard packet if these do not match. - -## Performance - -Performance is very close to AES-GCM on a given platform. It's very slightly slower because encryption requires two passes, but for short messages the second pass will operate on data already in the CPU's L0 cache which minimizes the actual overhead. - -You can run tests with `cargo test --release -- --nocapture` and see encrypt and decrypt performance. Here's some single core benchmarks: - - * AMD Threadripper 2990WX: **2055.60 MiB/sec**, decrypt **2050.09 MiB/sec** (per core). - * Apple M1 Mac Mini (2021): encrypt **4868.89 MiB/sec**, decrypt **5059.39 MiB/sec** (per performance core). - -In general this construction performs better than ChaChaPoly or other ARX ciphers on processors that have AES hardware acceleration and considerably worse on processors that lack it. Performance on systems without hardware acceleration is generally still good enough for most applications. - -## Security - -[Trail of Bits](https://www.trailofbits.com) analyzed AES-GMAC-SIV as part of their [design analysis of ZeroTier 2.0](https://github.com/trailofbits/publications/blob/master/reviews/ZeroTierProtocol.pdf) and concluded that its security is equivalent to the original AES-SIV and AES-GCM-SIV constructions. - -The algorithms on which this is built, namely AES, AES-CTR, and GMAC, are well known and standard. - -## FIPS Compliance - -AES-CTR, AES-ECB, and GMAC are all algorithms allowed by FIPS-140. For FIPS purposes AES-GMAC-SIV would be described as AES-CTR with GMAC authentication. Since this is built out of entirely standard building blocks, a FIPS certified cryptographic library can be used to implement it. - -## License - -This Rust implementation of AES-GMAC-SIV is released under the BSD 2-clause license. - -(c) 2021-2022 ZeroTier, Inc. diff --git a/crypto/src/aes_gmac_siv/mod.rs b/crypto/src/aes_gmac_siv/mod.rs deleted file mode 100644 index 06d48a802..000000000 --- a/crypto/src/aes_gmac_siv/mod.rs +++ /dev/null @@ -1,572 +0,0 @@ -// (c) 2020-2022 ZeroTier, Inc. -- currently propritery pending actual release and licensing. See LICENSE.md. - -#[cfg(any(target_os = "macos", target_os = "ios"))] -#[allow(unused)] -mod impl_macos; - -#[cfg(not(any(target_os = "macos", target_os = "ios")))] -#[allow(unused)] -mod impl_openssl; - -#[cfg(any(target_os = "macos", target_os = "ios"))] -pub use crate::aes_gmac_siv::impl_macos::AesGmacSiv; - -#[cfg(not(any(target_os = "macos", target_os = "ios")))] -pub use crate::aes_gmac_siv::impl_openssl::AesGmacSiv; - -#[cfg(test)] -mod tests { - use crate::aes_gmac_siv::AesGmacSiv; - use sha2::Digest; - use std::time::SystemTime; - - const TV0_KEYS: [&'static [u8]; 2] = [ - "00000000000000000000000000000000".as_bytes(), - "11111111111111111111111111111111".as_bytes(), - ]; - - /// Test vectors consist of a series of input sizes, a SHA384 hash of a resulting ciphertext, and an expected tag. - /// Input is a standard byte array consisting of bytes 0, 1, 2, 3, ..., 255 and then cycling back to 0 over and over - /// and is provided both as ciphertext and associated data (AAD). - #[allow(unused)] - const TEST_VECTORS: [(usize, &'static str, &'static str); 85] = [ - ( - 0, - "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b", - "43847e644239134deccf5538162c861e", - ), - ( - 777, - "aabf892f18a620b9c3bae91bb03a74c84193e4a7b64916c6bc88b885b9ebed4134495e5f22f12e3046fbb3f26fa111a7", - "b8c318b5dcc1d672114a6f7be54ef289", - ), - ( - 1554, - "648f551df29217f0e634b72ba6973c0eb95c7d4be8b135e550d8bcdf65b75980881bc0e03cf22589e04bedc7da1804cd", - "535b8ddd51ec82a1e850906fe321b21a", - ), - ( - 2331, - "bfbfdffea40062e23bbdf0835e1d38d1623bebca7407908bbc6d5b3f2bfd062a2d237f091affda7348094fafda0bd1a7", - "4f521876fbb2c563051196b33c20c822", - ), - ( - 3108, - "cc6035cab70f3a3298a5c4956ff07f179acf3771bb915c590a8a19fe5133d6d8a81c118148394dfb364af5c2fbdaadeb", - "d3adfa578c8bcd738c55ffc527358cef", - ), - ( - 3885, - "15ec2760a21c25f9870a84ee757f3da2c261a950c2f692d75ff9e99b2d50c826c21e27e49c4cd3450fedc7e60371589f", - "a4c22d6c3d773634c2dc057e1f7c6738", - ), - ( - 4662, - "c2afad6f034704300c34f143dcdcb86c9b954cec1ebf22e7071f288c58a2ae430d3e3748d214d1021472793d3f337dc6", - "c0601cb6cd4883102f70570c2cdc0ab6", - ), - ( - 5439, - "8fee067f5a7a475a630f9db8b2eb80c1edc40eb4246a0f1c078e535df7d06451c6a9bde1a23ba70285690dd7100a8626", - "7352239f2302b08844309d28b13fa867", - ), - ( - 6216, - "60095b4172438aee61e65f5379f4ef276c3632d4ac74eea7723a2201823432614aba7b4670d9bf7a5b9126ca38f3b88a", - "c0f0b0aa651965f8514b473c5406285e", - ), - ( - 6993, - "10e754dd08b4d2a6c109fb01fce2b57d54743947e14a7e67d7efd0608baf91f7fc42a53328fe8c18d234abad8ebcdff0", - "58444988a62a99060728a7637c8499eb", - ), - ( - 7770, - "1abc4a5dcd2696336bd0e8af20fe7fc261aa424b52cfb5ad80ee7c7c793ac44f11db3506cdbbbaed0f80000925d08d52", - "e8065c563bc6018cdcbf9aaafef767e6", - ), - ( - 8547, - "26aaf74ae8bfc6aaf45ceee0476ea0a484304f5c36050d3e2265cb194a2f7c308213314232270608b6d3f1c11b834e33", - "ec50e4b3f6e4b3de24b3476623d08157", - ), - ( - 9324, - "863206305d466aa9c0d0ec674572069f61fe5009767f99ec8832912725c28c49d6a106ad3f55372c922e4e169fc382ce", - "0cfac64f49e0f128d0a18d293878f222", - ), - ( - 10101, - "bd0c0950b947a6c34f1fa6e877433b42c039a8ea7b37634c40fb47efae4958ba74ef0991cfedf3c82a0b87ef59635071", - "e0220a02b74259eeebbebede847d50f9", - ), - ( - 10878, - "d7b9901af1dacf6a8c369b993ba1c607f9b7f073d02311c72d8449d3494d477ffc8344a1d8b488020ccfc7c80fbd27e1", - "ebe3933146734a6ade2b434f2bcd78ae", - ), - ( - 11655, - "0ba265e3ef0bebf01a4f3490da462c7730aad6aa6c70bb9ce64a36d26d24fe213660e60e4d3301329170471f11ff8ca2", - "ec3dd4bf4cb7d527a86dd559c773a87b", - ), - ( - 12432, - "c3b6755a1be922ec71c1e187ead36c4e6fc307c72969c64ca1e9b7339d61e1a93a74a315fd73bed8fa5797b78b19dbe5", - "5b58dcf392749bcef91056ba9475d0ef", - ), - ( - 13209, - "2fb1a67151183daa2f0d7f0064534497357f173161349dd008499a8c1a123cc942662ecc426e2ad7743fe0ab9f5d7be1", - "c011260d328d310e2ab606aa1ef8afd4", - ), - ( - 13986, - "6afae2a07ce9bfe30fbbfb7dcf32d755bcf357334dc5c309e58cab38ebe559f25b313a0b3ca32ff1dc41f7b99718f653", - "011bf43cfbbb7ae5986f8e0fc87771a9", - ), - ( - 14763, - "cc6215c115eb6411f4712c2289f5bf0ccb5151635f9f9ceac7c1b62d8d2f4d26498079d0289f83aeb26e97b5b924ffc4", - "a015034a8d5bc83cc76c6983a5ba19ab", - ), - ( - 15540, - "3cebce794e947341c4ceec444ca43c6ac57c6f58de462bfec7566cbd59a1b6f2eae774120e29521e76120a604d1a12d9", - "d373cd2bd9000655141ac632880eca40", - ), - ( - 16317, - "899147b98d78bb5d137dc7c4f03be7eca82bcca19cc3a701261332923707aed2e6719d35d2f2bf067cd1d193a53529cf", - "ed223b64529299c787f49d631ce181c1", - ), - ( - 17094, - "aecd1830958b994b2c331b90e7d8ff79f27c83a71f5797a65ade3a30b4fa5928e79140bcd03f375591d53df96fea1a4d", - "948a7c253d54bb6b65d78530c0eb7aab", - ), - ( - 17871, - "e677ffd4ecaba5899659fefe5fe8e643004392be3be6dc5a801409870ac1e3398f47cc1d83f7a4c41925b6337e01f7fd", - "156a600c336f3ac034ca90034aa22635", - ), - ( - 18648, - "4ee50f4a98d0bbd160add6acf76765ccdac0c1cd0bb2adbbcb22dd012a1121620b739a120df7dc4091e684ddf28eb726", - "75873467b416a7b025f9f1b015bf653a", - ), - ( - 19425, - "aa025f32c0575af7209828fc7fc4591b41fa7cfb485e26c5401e63ca1fa05776f8b8af1769a15e81f2c663bca9b02ab3", - "5679efa7a4404e1e5c9b372782a41bf2", - ), - ( - 20202, - "6e77ab62d2affeb27f4ef326191b3df3863c338a629f64a785505f4a5968ff59bc011c7a27951cb00e2e7d9b9bd32fec", - "36a9c4515d34f9bb962d8876ab3b5c86", - ), - ( - 20979, - "1625b4f0e65fc66f11ba3ee6b3e20c732535654c447df6b517ced113107a1057a64477faa2af4a5ede4034bf3cff98ea", - "9058044e0f71c28d4f8d3281a3aec024", - ), - ( - 21756, - "94efe6aa55bd77bfa58c185dec313a41003f9bef02568e72c337be4de1b46c6e5bb9a9329b4f108686489b8bc9d5f4f0", - "8d6d2c90590268a26f5e7d76351f48c1", - ), - ( - 22533, - "7327a05fdb0ac92433dfc2c85c5e96e6ddcbdb01e079f8dafbee79c14cb4d5fd46047acd6bb0e09a98f6dd03dced2a0a", - "4e0f0a394f85bca35c68ef667aa9c244", - ), - ( - 23310, - "93da9e356efbc8b5ae366256f4c6fc11c11fc347aaa879d591b7c1262d90adf98925f571914696054f1d09c74783561e", - "8c83c157be439280afc790ee3fd667eb", - ), - ( - 24087, - "99b91be5ffca51b1cbc7410798b1540b5b1a3356f801ed4dc54812919c08ca5a9adc218bc51e594d97b46445a1515506", - "9436ff05729a77f673e815e464aeaa75", - ), - ( - 24864, - "074253ad5d5a5d2b072e7aeaffa04a06119ec812a88ca43481fe5e2dce02cf6736952095cd342ec70b833c12fc1777f4", - "69d8951b96866a08efbb65f2bc31cfbc", - ), - ( - 25641, - "c0a301f90597c05cf19e60c35378676764086b7156e455f4800347f8a6e733d644e4cc709fb9d95a9211f3e1e10c762a", - "3561c9802143c306ecc5e07e3b976d9e", - ), - ( - 26418, - "3c839e59d945b841acb604e1b9ae3df36a291444ce0bcae336ee875beaf208bf10af7342b375429ecb92ec54d11a5907", - "3032ffdb8daee11b2e739132c6175615", - ), - ( - 27195, - "3dc59b16603950dfc26a90bf036712eb088412e8de4d1b27c3fa6be6502ac12d89d194764fb53c3dc7d90fa696ba5a16", - "49436717edff7cd67c9a1be16d524f07", - ), - ( - 27972, - "4fbc0d40ff13376b8ed5382890cdea337b4a0c9c31b477c4008d2ef8299bd5ab771ba70b1b4b743f8f7caa1f0164d1a1", - "64a9856a3bb81dc81ff1bc1025192dc9", - ), - ( - 28749, - "6ab191aa6327f229cc94e8c7b1b7ee30bc723e6aeaf3050eb7d14cb491c3513254e9b19894c2b4f071d298401fd31945", - "101f2ffea60f246a3b57c4a530d67cf1", - ), - ( - 29526, - "d06dece58e6c7345986aae4b7f15b3317653f5387d6262f389b5cbbe804568124a876eabb89204e96b3c0f7b552df3c4", - "5c0e873adba65a9f4cb24cce4f194b18", - ), - ( - 30303, - "7a33c1268eafdc1f89ad460fa4ded8d3df9a3cabe4339706877878c64a2c8080cf3fa5ea7f2f24744e3341476b1eb5a5", - "b7dc708fc46ce5cde24a31ad549fec83", - ), - ( - 31080, - "37bf1f9fca6d705b989b2d63259ca924dc860fc6027e07d9aad79b94841227739774f5d324590df45d8f41249ef742ea", - "8ead50308c281e699b79b69dad7ecb91", - ), - ( - 31857, - "91b120c73be86f9d53326fa707cfa1411e5ac76ab998a2d7ebd73a75e3b1a04c9f0855d102184b8a3fd5d99818b0b134", - "6056d09595bd16bfa317c6f87ce64bb7", - ), - ( - 32634, - "42cc255c06184ead57b27efd0cefb0f2c788c8962a6fd15db3f25533a7f49700bca85af916f9e985f1941a6e66943b38", - "3b15e332d2f53bb97e1a9d03e6113b97", - ), - ( - 33411, - "737f8bb8f3fd03a9d13e50abba3a42f4491c36eda3eb215085abda733227ec490cb863ffbd68f915c8fb2926a899fbc3", - "b2c647d25c46aab4d4a5ede4a3b4576d", - ), - ( - 34188, - "e9caa36505e19628175d1ce8b933267380099753a41e503fa2f894cea17b7692f0b27079ed33cdd1293db9a35722d561", - "a2882adfd00f22823250215b12b3a1fd", - ), - ( - 34965, - "81ddc348ebbdfb963daa5d0c1b51bbb73cacd883d4fc4316db6bd3388779beff7be0655bbac73951f89dc53832199c11", - "f33106eb8104f3780350c6d4f82333ad", - ), - ( - 35742, - "308ce31daf40dab707e2cb4c4a5307bc403e24c971ae1e30e998449f804a167fe5f2cf617d585851b6fe9f2b4209f09c", - "44070ac90cbf350ab92289cc063e978c", - ), - ( - 36519, - "71f51b4bddbe8a52f18be75f9bdb3fca0773901b794de845450fb308c34775ede1a6da9a82b61e9682a29a3ef71274e2", - "0e387704298c444bf3afba0edc0c1c1c", - ), - ( - 37296, - "478ac94eee8c5f96210003fcb478392b91f2ef6fc3a729774e5fe82a2d8d0abc54ae1d25b3eaefb061e2bd43b70ca4ea", - "fb65ebeda52cd5848d303c0677cecb7f", - ), - ( - 38073, - "bc3a9390618da7d644be932627353e2c92024df939d2d8497fba61fae3dd822cdd3e130c1707f4a9d5d4a0cbb4b3e0b3", - "d790d529a837ec79f7cc3f66ed9a399f", - ), - ( - 38850, - "ef0e63a53a10e56477c47e13320b8a7d330aee3a4363c850edc56c0707a2686478e5a5193f54ceb33467ab7e8a22aa21", - "6f2c18742f106f16fc290767342fb62b", - ), - ( - 39627, - "c16f63533c099d872d9a01c326db7756e7eb488c756b9a6ebf575993d8ea2eb45c572b2e162f061e145710e0e21e8e18", - "a57afde7938b223ae5e109a03db4ee4c", - ), - ( - 40404, - "ade484ae8c13465a73589ef14789bb6891c933453e198df84edd34b4ac5c83aa90f2cf61fa072fa4d8f5b5c4cd68fa9e", - "a01d13009db86ac442f7afd39d83309f", - ), - ( - 41181, - "6c5c7eed0e043a0bd60bcac9b5b546e150028d70c1efefc9ff69037ef4dc1a36878b171b9f2a639df822d11054a0e405", - "6321c8622ca5866c875d340206d06a28", - ), - ( - 41958, - "dd311c54222fb0d92858719cf5b1c51bb5e3ca2539ffd68f1dd6c7e38969495be935804855ccdcc4b4cf221fcdbda886", - "cf401eb819b5dc5cd8c909aae9b3b34b", - ), - ( - 42735, - "31cda9d663199b32eff042dd16c0b909ba999641e77ba751c91752bfc4d595e17ec6467119e74a600b72da72ba287d0a", - "12fd6298ab5d744eb6ade3106565afad", - ), - ( - 43512, - "11b014057d51a8384d549d5d083c4406b575df6a9295853dd8f2f84f078cc241bb90495a119126b10b9510efcb68c0d3", - "a48a49eea5dc90359ef21f32132f8604", - ), - ( - 44289, - "b44f5dbeecd76ee7efe3fb4dfe10ba8135d7a5e4d104149f4a91c5c6ee9446d9be19fb4c9ba668b074466d3892e22228", - "07e1cbb7a19174d9b1e4d5a2c741cc14", - ), - ( - 45066, - "d87bbba3a3c739cab622386c89aeb685a70009fab1a606bd34622adfa3a75a05b58d56ee6b9874d414db38a6a32927b3", - "a27cd252712cd2a1a2d95dea39f888d4", - ), - ( - 45843, - "abb90e60ea13c6cb3b401b8e271637416b87fbede165dde7be1d34abe4427dae4b39b499352cacac909bc43fb94028c8", - "df3ae762b9257936feda435a61a9c3a1", - ), - ( - 46620, - "56d1132ee6e0f85543950d2d9667244b66b0ce6414eacd1859b128ed0b9026b31a25bfdcce3d1a0ce7c39d99f609c89c", - "cfe7c3c3f1cb615e2d210cc8136443e6", - ), - ( - 47397, - "ecb023ec4c23cf95d1848a38b359f1f590f172dee9d8fb1be6bc9c4fb2ce96f612d60d7b111de539ab8313a87b821176", - "501d24752bf55cb12239863981898a07", - ), - ( - 48174, - "34236ab60f05bb510aa0880fec358fb2002903efa14c912cab8a399e09418f97223ca2f7b8d6798c11d39e79032eaaa8", - "4ecaba4eae886aa429927188abab9623", - ), - ( - 48951, - "55e8b40fad90a3d8c85a0f4d5bcf5975b8a6e2fb78377109f5b607a5e367187fbbc9a1e978aab3228fbf43ad23d0ad13", - "84c43bc30eb4a67230b6c634fe3c7782", - ), - ( - 49728, - "14b1f896d0d01ecff4e456c3c392b1ca2bad9f1ef07713f84cdd89e663aa27ca77d80213ed57a89431eb992b11d98749", - "7f58c2f9a249f70fe1c6f9b4f65e5a1d", - ), - ( - 50505, - "1335b1fb56196e0b371fa53ab7445845fdefcea3eb2833478deb3526e2ec888945e95ee8239b52caae5b9920ba4f43bb", - "5fd729126b236ce3e0686fc706dce20f", - ), - ( - 51282, - "0d1983a6cab870c5e78f89a11dd30e7d2c71a3882f8bba3e71dc1b96a2d9fc6cc6d91d683b74456b886de34df792cfda", - "7731ae6e6c54dfde12f6116357e812ea", - ), - ( - 52059, - "9d619fb4aa8441baaefed7b778693c291f2c1441b206ec135930fac3529d26587ac36f4472949e0b198b51c0c5a9d0f8", - "39db2c996aea28996e03d576c118630f", - ), - ( - 52836, - "31dca4fa285878ba3efc3b66a248a078b69a11c3c73f81077377c4ffcb7002627aad5faa955e3141c1d8508aad68c8f6", - "32ac1e5a09e7e629ff95f30aa9b69c00", - ), - ( - 53613, - "931a9969cf2bb02302c32b1eecd4933805e2da403d85aaf98c82c68129fb95f089eb85c65a6fcbc7d81bedb39de0cabb", - "1a6f54b87c12868da530eac94d99eb31", - ), - ( - 54390, - "2f0742565801a37810ecb3f50a6f782e73a369a790d1a6a85135e7ffa12fc063db8909ab9eca7cf7308832887a6149d1", - "1b18ed6a8f901b7947626216839f0643", - ), - ( - 55167, - "901defbd308b54deef89acd0d94e4387b370f9d2e6f870d72da2e447ed3ebe69c5f9f144488bd6207a732102160bff47", - "1e0e6a05fcc0794121f617e28cfac1a0", - ), - ( - 55944, - "df984a5f7475250155dc4733a746e98446dc93a56a3f3bff691ddfef7deefb32b1da1b0e7e15cce443831ebfb3e30ada", - "876121af882d0ebeae38f111f3d4b6e8", - ), - ( - 56721, - "acb693ed837b33561408cb1eed636e0082ac404f3fd72d277fa146ae5cd81a1fde3645f4cdc7babd8ba044b78075cb67", - "5b90ed6c7943fc6da623c536e2ff1352", - ), - ( - 57498, - "dffb54bf5938e812076cfbf15cd524d72a189566c7980363a49dd89fb49e230d9742ef0b0e1ac543dca14366d735d152", - "22aee072457306e32747fbbbc3ae127c", - ), - ( - 58275, - "92dbc245a980fc78974f7a27e62c22b12a00be9d3ef8d3718ff85f6d5fbcbf1d9d1e0f0a3daeb8c2628d090550a0ff6b", - "5fa348117faba4ac8c9d9317ff44cd2d", - ), - ( - 59052, - "57721475cb719691850696d9a8ad4c28ca8ef9a7d45874ca21df4df250cb87ea60c464f4e3252e2d6161ed36c4b56d75", - "24d92ae7cac56d9c0276b06f7428d5df", - ), - ( - 59829, - "d0936026440b5276747cb9fb7dc96de5d4e7846c233ca5f6f9354b2b39f760333483cbe99ffa905facb347242f58a7ef", - "05c57068e183f9d835e7f461202f923c", - ), - ( - 60606, - "7b3bb3527b73a8692f076f6a503b2e09b427119543c7812db73c7c7fb2d43af9ecbd2a8a1452ac8ada96ad0bad7bb185", - "f958635a193fec0bfb958e97961381df", - ), - ( - 61383, - "ff0d00255a36747eced86acfccd0cf9ef09faa9f44c8cf382efec462e7ead66e562a971060c3f32798ba142d9e1640a2", - "838159b222e56aadde8229ed56a14095", - ), - ( - 62160, - "15806e088ed1428cd73ede3fecf5b60e2a616f1925004dadd2cab8e847059f795659659e82a4554f270baf88bf60af63", - "fed2aa0c9c0a73d499cc970aef21c52f", - ), - ( - 62937, - "cfad71b23b6da51256bd1ddbd1ac77977fe10b2ad0a830a23a794cef914bf71a9519d78a5f83fc411e8d8db996a45d4e", - "e1ea412fd3e1bd91c24b6b6445e8ff43", - ), - ( - 63714, - "7d03a3698a79b1af1663e3e485c2efdc306ecd87b2644f2e01d83a35999d6cdf12241b6114d60d107c10c0d0c9cc0d23", - "e6a3c3f3fd2d9cfcdc06cca2f59e9a83", - ), - ( - 64491, - "e12b168cce0e82ed1db88df549f39b3ff40b5884a09fceae69c4c3db13c1c37ea79531c47b2700d1c27774a1ab7e8b35", - "4cbb14d789f5cd8eca49ce9e1d442ea1", - ), - ( - 65268, - "056c9d1172cfa76ce7f19c605e5969c284b82dca155dc9c1ed58062ab4d5a7704e27fe69f3aa745b73f45f1cd0ee57df", - "8195187f092d52c2a8695b680568b934", - ), - ]; - - fn to_hex(b: &[u8]) -> String { - let mut s = String::new(); - for c in b.iter() { - s = format!("{}{:0>2x}", s, *c); - } - s - } - - /// Run a bunch of test vectors. - #[test] - fn test_vectors() { - let mut test_pt = [0_u8; 65536]; - let mut test_ct = [0_u8; 65536]; - let mut test_aad = [0_u8; 65536]; - for i in 0..65536 { - test_pt[i] = i as u8; - test_aad[i] = i as u8; - } - let mut c = AesGmacSiv::new(TV0_KEYS[0], TV0_KEYS[1]); - for (test_length, expected_ct_sha384, expected_tag) in TEST_VECTORS.iter() { - test_ct.fill(0); - c.reset(); - c.encrypt_init(&(*test_length as u64).to_le_bytes()); - c.encrypt_set_aad(&test_aad[0..*test_length]); - c.encrypt_first_pass(&test_pt[0..*test_length]); - c.encrypt_first_pass_finish(); - c.encrypt_second_pass(&test_pt[0..*test_length], &mut test_ct[0..*test_length]); - let tag = c.encrypt_second_pass_finish(); - let ct_hash = sha2::Sha384::digest(&test_ct[0..*test_length]).to_vec(); - //println!("{} {} {}", *test_length, to_hex(ct_hash.as_slice()), to_hex(tag)); - if !to_hex(ct_hash.as_slice()).eq(*expected_ct_sha384) { - panic!("test vector failed (ciphertest)"); - } - if !to_hex(tag).eq(*expected_tag) { - panic!("test vector failed (tag)"); - } - } - } - - /// Test repeated encrypt/decrypt and run a benchmark. Run with --nocapture to see it. - #[test] - fn encrypt_decrypt() { - let aes_key_0: [u8; 32] = [ - 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, - ]; - let aes_key_1: [u8; 32] = [ - 2, 3, 4, 5, 6, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, - ]; - let iv: [u8; 8] = [0, 1, 2, 3, 4, 5, 6, 7]; - - let mut buf = [0_u8; 12345]; - for i in 1..12345 { - buf[i] = i as u8; - } - - let mut c = AesGmacSiv::new(&aes_key_0, &aes_key_1); - - for _ in 0..256 { - c.reset(); - c.encrypt_init(&iv); - c.encrypt_first_pass(&buf); - c.encrypt_first_pass_finish(); - c.encrypt_second_pass_in_place(&mut buf); - let tag = c.encrypt_second_pass_finish().clone(); - let sha = sha2::Sha384::digest(&buf).to_vec(); - let sha = to_hex(sha.as_slice()); - if sha != "4dc97c10abb6112a3907e5eb588ea5123719442b715da994d9756b003677719824326973960268823d924f66491a16e6" { - panic!("encrypt result hash check failed! {}", sha); - } - //println!("Encrypt OK, tag: {}, hash: {}", to_hex(&tag), sha); - - c.reset(); - c.decrypt_init(&tag); - c.decrypt_in_place(&mut buf); - let _ = c.decrypt_finish().expect("decrypt_finish() failed!"); - for i in 1..12345 { - if buf[i] != (i & 0xff) as u8 { - panic!("decrypt data check failed!"); - } - } - //println!("Decrypt OK"); - } - println!("Encrypt/decrypt test OK"); - - let benchmark_iterations: usize = 80000; - let start = SystemTime::now(); - for _ in 0..benchmark_iterations { - c.reset(); - c.encrypt_init(&iv); - c.encrypt_first_pass(&buf); - c.encrypt_first_pass_finish(); - c.encrypt_second_pass_in_place(&mut buf); - let _ = c.encrypt_second_pass_finish(); - } - let duration = SystemTime::now().duration_since(start).unwrap(); - println!( - "AES-GMAC-SIV (legacy) encrypt benchmark: {} MiB/sec", - (((benchmark_iterations * buf.len()) as f64) / 1048576.0) / duration.as_secs_f64() - ); - let start = SystemTime::now(); - for _ in 0..benchmark_iterations { - c.reset(); - c.decrypt_init(&buf[0..16]); // we don't care if decryption is successful to benchmark, so anything will do - c.decrypt_in_place(&mut buf); - c.decrypt_finish(); - } - let duration = SystemTime::now().duration_since(start).unwrap(); - println!( - "AES-GMAC-SIV (legacy) decrypt benchmark: {} MiB/sec", - (((benchmark_iterations * buf.len()) as f64) / 1048576.0) / duration.as_secs_f64() - ); - } -} diff --git a/crypto/src/aes_gmac_siv/impl_macos.rs b/crypto/src/aes_gmac_siv_fruity.rs similarity index 100% rename from crypto/src/aes_gmac_siv/impl_macos.rs rename to crypto/src/aes_gmac_siv_fruity.rs diff --git a/crypto/src/aes_gmac_siv/impl_openssl.rs b/crypto/src/aes_gmac_siv_openssl.rs similarity index 52% rename from crypto/src/aes_gmac_siv/impl_openssl.rs rename to crypto/src/aes_gmac_siv_openssl.rs index 7615aafd7..6ced1b8fa 100644 --- a/crypto/src/aes_gmac_siv/impl_openssl.rs +++ b/crypto/src/aes_gmac_siv_openssl.rs @@ -1,84 +1,10 @@ -// (c) 2020-2022 ZeroTier, Inc. -- currently propritery pending actual release and licensing. See LICENSE.md. +// (c) 2020-2022 ZeroTier, Inc. -- currently proprietary pending actual release and licensing. See LICENSE.md. +use std::ptr; -// AES-GMAC-SIV implemented using OpenSSL. +use foreign_types::ForeignType; -use openssl::symm::{Cipher, Crypter, Mode}; +use crate::{cipher_ctx::CipherCtx, ZEROES}; -#[inline(always)] -fn aes_ctr_by_key_size(ks: usize) -> Cipher { - match ks { - 16 => Cipher::aes_128_ctr(), - 24 => Cipher::aes_192_ctr(), - 32 => Cipher::aes_256_ctr(), - _ => { - panic!("AES supports 128, 192, or 256 bits keys"); - } - } -} - -#[inline(always)] -fn aes_gcm_by_key_size(ks: usize) -> Cipher { - match ks { - 16 => Cipher::aes_128_gcm(), - 24 => Cipher::aes_192_gcm(), - 32 => Cipher::aes_256_gcm(), - _ => { - panic!("AES supports 128, 192, or 256 bits keys"); - } - } -} - -#[inline(always)] -fn aes_ecb_by_key_size(ks: usize) -> Cipher { - match ks { - 16 => Cipher::aes_128_ecb(), - 24 => Cipher::aes_192_ecb(), - 32 => Cipher::aes_256_ecb(), - _ => { - panic!("AES supports 128, 192, or 256 bits keys"); - } - } -} - -pub struct AesCtr(Vec, Option); - -impl AesCtr { - /// Construct a new AES-CTR cipher. - /// Key must be 16, 24, or 32 bytes in length or a panic will occur. - pub fn new(k: &[u8]) -> Self { - if k.len() != 32 && k.len() != 24 && k.len() != 16 { - panic!("AES supports 128, 192, or 256 bits keys"); - } - AesCtr(k.to_vec(), None) - } - - /// Initialize AES-CTR for encryption or decryption with the given IV. - /// If it's already been used, this also resets the cipher. There is no separate reset. - #[inline(always)] - pub fn init(&mut self, iv: &[u8]) { - let _ = self - .1 - .replace(Crypter::new(aes_ctr_by_key_size(self.0.len()), Mode::Encrypt, self.0.as_slice(), Some(iv)).unwrap()); - } - - /// Encrypt or decrypt (same operation with CTR mode) - #[inline(always)] - pub fn crypt(&mut self, input: &[u8], output: &mut [u8]) { - let _ = self.1.as_mut().unwrap().update(input, output); - } - - /// Encrypt or decrypt in place (same operation with CTR mode) - #[inline(always)] - pub fn crypt_in_place(&mut self, data: &mut [u8]) { - let _ = self - .1 - .as_mut() - .unwrap() - .update(unsafe { &*std::slice::from_raw_parts(data.as_ptr(), data.len()) }, data); - } -} - -unsafe impl Send for AesCtr {} /// AES-GMAC-SIV encryptor/decryptor. pub struct AesGmacSiv { @@ -86,8 +12,8 @@ pub struct AesGmacSiv { tmp: [u8; 16], k0: Vec, k1: Vec, - ctr: Option, - gmac: Option, + ctr: Option, + gmac: Option, } impl AesGmacSiv { @@ -122,15 +48,18 @@ impl AesGmacSiv { pub fn encrypt_init(&mut self, iv: &[u8]) { self.tag[0..8].copy_from_slice(iv); self.tag[8..12].fill(0); - let _ = self.gmac.replace( - Crypter::new( - aes_gcm_by_key_size(self.k0.len()), - Mode::Encrypt, - self.k0.as_slice(), - Some(&self.tag[0..12]), - ) - .unwrap(), - ); + + let ctx = CipherCtx::new().unwrap(); + unsafe { + let t = match self.k0.len() { + 16 => ffi::EVP_aes_128_gcm(), + 24 => ffi::EVP_aes_192_gcm(), + 32 => ffi::EVP_aes_256_gcm(), + _ => panic!("Aes KEY_SIZE must be 16, 24 or 32") + }; + ctx.cipher_init::(t, self.k0.as_mut_ptr(), self.tag[0..12].as_ptr()).unwrap(); + } + let _ = self.gmac.replace(ctx); } /// Set additional authenticated data (data to be authenticated but not encrypted). @@ -138,11 +67,13 @@ impl AesGmacSiv { #[inline(always)] pub fn encrypt_set_aad(&mut self, data: &[u8]) { let gmac = self.gmac.as_mut().unwrap(); - let _ = gmac.aad_update(data); - let mut pad = data.len() & 0xf; - if pad != 0 { - pad = 16 - pad; - let _ = gmac.aad_update(&crate::ZEROES[0..pad]); + unsafe { + gmac.update::(data, ptr::null_mut()).unwrap(); + let mut pad = data.len() & 0xf; + if pad != 0 { + pad = 16 - pad; + gmac.update::(&ZEROES[0..pad], ptr::null_mut()).unwrap(); + } } } @@ -150,15 +81,20 @@ impl AesGmacSiv { /// This may be called more than once. #[inline(always)] pub fn encrypt_first_pass(&mut self, plaintext: &[u8]) { - let _ = self.gmac.as_mut().unwrap().aad_update(plaintext); + unsafe { + self.gmac.as_mut().unwrap().update::(plaintext, ptr::null_mut()).unwrap(); + } } /// Finish first pass and begin second pass. #[inline(always)] pub fn encrypt_first_pass_finish(&mut self) { let gmac = self.gmac.as_mut().unwrap(); - let _ = gmac.finalize(&mut self.tmp); - let _ = gmac.get_tag(&mut self.tmp); + unsafe { + gmac.finalize::(self.tmp.as_mut_ptr()).unwrap(); + gmac.tag(&mut self.tmp).unwrap(); + } + self.tag[8] = self.tmp[0] ^ self.tmp[8]; self.tag[9] = self.tmp[1] ^ self.tmp[9]; self.tag[10] = self.tmp[2] ^ self.tmp[10]; @@ -169,35 +105,54 @@ impl AesGmacSiv { self.tag[15] = self.tmp[7] ^ self.tmp[15]; let mut tag_tmp = [0_u8; 32]; - let mut ecb = Crypter::new(aes_ecb_by_key_size(self.k1.len()), Mode::Encrypt, self.k1.as_slice(), None).unwrap(); - ecb.pad(false); - if ecb.update(&self.tag, &mut tag_tmp).unwrap() != 16 { - assert_eq!(ecb.finalize(&mut tag_tmp).unwrap(), 16); + + let ctx = CipherCtx::new().unwrap(); + unsafe { + let t = match self.k1.len() { + 16 => ffi::EVP_aes_128_ecb(), + 24 => ffi::EVP_aes_192_ecb(), + 32 => ffi::EVP_aes_256_ecb(), + _ => panic!("Aes KEY_SIZE must be 16, 24 or 32") + }; + ctx.cipher_init::(t, self.k1.as_mut_ptr(), ptr::null_mut()).unwrap(); + ffi::EVP_CIPHER_CTX_set_padding(ctx.as_ptr(), 0); + ctx.update::(&self.tag, tag_tmp.as_mut_ptr()).unwrap(); } self.tag.copy_from_slice(&tag_tmp[0..16]); self.tmp.copy_from_slice(&tag_tmp[0..16]); self.tmp[12] &= 0x7f; - let _ = self - .ctr - .replace(Crypter::new(aes_ctr_by_key_size(self.k1.len()), Mode::Encrypt, self.k1.as_slice(), Some(&self.tmp)).unwrap()); + + let ctx = CipherCtx::new().unwrap(); + unsafe { + let t = match self.k1.len() { + 16 => ffi::EVP_aes_128_ctr(), + 24 => ffi::EVP_aes_192_ctr(), + 32 => ffi::EVP_aes_256_ctr(), + _ => panic!("Aes KEY_SIZE must be 16, 24 or 32") + }; + ctx.cipher_init::(t, self.k1.as_mut_ptr(), self.tmp.as_ptr()).unwrap(); + } + let _ = self.ctr.replace(ctx); } /// Feed plaintext for second pass and write ciphertext to supplied buffer. /// This may be called more than once. #[inline(always)] pub fn encrypt_second_pass(&mut self, plaintext: &[u8], ciphertext: &mut [u8]) { - let _ = self.ctr.as_mut().unwrap().update(plaintext, ciphertext); + unsafe { + self.ctr.as_mut().unwrap().update::(plaintext, ciphertext.as_mut_ptr()).unwrap(); + } } /// Encrypt plaintext in place. /// This may be called more than once. #[inline(always)] pub fn encrypt_second_pass_in_place(&mut self, plaintext_to_ciphertext: &mut [u8]) { - let _ = self.ctr.as_mut().unwrap().update( - unsafe { std::slice::from_raw_parts(plaintext_to_ciphertext.as_ptr(), plaintext_to_ciphertext.len()) }, - plaintext_to_ciphertext, - ); + unsafe { + let out = plaintext_to_ciphertext.as_mut_ptr(); + self.ctr.as_mut().unwrap().update::(plaintext_to_ciphertext, out).unwrap(); + } } /// Finish second pass and return a reference to the tag for this message. @@ -213,27 +168,47 @@ impl AesGmacSiv { pub fn decrypt_init(&mut self, tag: &[u8]) { self.tmp.copy_from_slice(tag); self.tmp[12] &= 0x7f; - let _ = self - .ctr - .replace(Crypter::new(aes_ctr_by_key_size(self.k1.len()), Mode::Decrypt, self.k1.as_slice(), Some(&self.tmp)).unwrap()); + + let ctx = CipherCtx::new().unwrap(); + unsafe { + let t = match self.k1.len() { + 16 => ffi::EVP_aes_128_ctr(), + 24 => ffi::EVP_aes_192_ctr(), + 32 => ffi::EVP_aes_256_ctr(), + _ => panic!("Aes KEY_SIZE must be 16, 24 or 32") + }; + ctx.cipher_init::(t, self.k1.as_mut_ptr(), self.tmp.as_ptr()).unwrap(); + } + let _ = self.ctr.replace(ctx); let mut tag_tmp = [0_u8; 32]; - let mut ecb = Crypter::new(aes_ecb_by_key_size(self.k1.len()), Mode::Decrypt, self.k1.as_slice(), None).unwrap(); - ecb.pad(false); - if ecb.update(tag, &mut tag_tmp).unwrap() != 16 { - assert_eq!(ecb.finalize(&mut tag_tmp).unwrap(), 16); + + let ctx = CipherCtx::new().unwrap(); + unsafe { + let t = match self.k1.len() { + 16 => ffi::EVP_aes_128_ecb(), + 24 => ffi::EVP_aes_192_ecb(), + 32 => ffi::EVP_aes_256_ecb(), + _ => panic!("Aes KEY_SIZE must be 16, 24 or 32") + }; + ctx.cipher_init::(t, self.k1.as_mut_ptr(), ptr::null_mut()).unwrap(); + ffi::EVP_CIPHER_CTX_set_padding(ctx.as_ptr(), 0); + ctx.update::(&self.tag, tag_tmp.as_mut_ptr()).unwrap(); } self.tag.copy_from_slice(&tag_tmp[0..16]); tag_tmp[8..12].fill(0); - let _ = self.gmac.replace( - Crypter::new( - aes_gcm_by_key_size(self.k0.len()), - Mode::Encrypt, - self.k0.as_slice(), - Some(&tag_tmp[0..12]), - ) - .unwrap(), - ); + + let ctx = CipherCtx::new().unwrap(); + unsafe { + let t = match self.k0.len() { + 16 => ffi::EVP_aes_128_gcm(), + 24 => ffi::EVP_aes_192_gcm(), + 32 => ffi::EVP_aes_256_gcm(), + _ => panic!("Aes KEY_SIZE must be 16, 24 or 32") + }; + ctx.cipher_init::(t, self.k0.as_mut_ptr(), self.tag[0..12].as_ptr()).unwrap(); + } + let _ = self.gmac.replace(ctx); } /// Set additional authenticated data to be checked. @@ -246,8 +221,10 @@ impl AesGmacSiv { /// This may be called more than once. #[inline(always)] pub fn decrypt(&mut self, ciphertext: &[u8], plaintext: &mut [u8]) { - let _ = self.ctr.as_mut().unwrap().update(ciphertext, plaintext); - let _ = self.gmac.as_mut().unwrap().aad_update(plaintext); + unsafe { + self.ctr.as_mut().unwrap().update::(ciphertext, plaintext.as_mut_ptr()).unwrap(); + self.gmac.as_mut().unwrap().update::(plaintext, ptr::null_mut()).unwrap(); + } } /// Decrypt ciphertext in place. @@ -265,8 +242,10 @@ impl AesGmacSiv { #[inline(always)] pub fn decrypt_finish(&mut self) -> Option<&[u8; 16]> { let gmac = self.gmac.as_mut().unwrap(); - let _ = gmac.finalize(&mut self.tmp); - let _ = gmac.get_tag(&mut self.tmp); + unsafe { + gmac.finalize::(self.tmp.as_mut_ptr()).unwrap(); + gmac.tag(&mut self.tmp).unwrap(); + } if (self.tag[8] == self.tmp[0] ^ self.tmp[8]) && (self.tag[9] == self.tmp[1] ^ self.tmp[9]) && (self.tag[10] == self.tmp[2] ^ self.tmp[10]) diff --git a/crypto/src/aes_openssl.rs b/crypto/src/aes_openssl.rs new file mode 100644 index 000000000..98cb433e2 --- /dev/null +++ b/crypto/src/aes_openssl.rs @@ -0,0 +1,131 @@ +// (c) 2020-2022 ZeroTier, Inc. -- currently proprietary pending actual release and licensing. See LICENSE.md. + +use std::{ptr, mem::MaybeUninit}; + +use foreign_types::ForeignType; + +use crate::{secret::Secret, cipher_ctx::CipherCtx}; + +/// An OpenSSL AES_GCM context. Automatically frees itself on drop. +/// The current interface is custom made for ZeroTier, but could easily be adapted for other uses. +/// Whether `ENCRYPT` is true or false decides respectively whether this context encrypts or decrypts. +/// Even though OpenSSL lets you set this dynamically almost no operations work when you do this without resetting the context. +pub struct AesGcm (CipherCtx); + +impl AesGcm { + /// Create an AesGcm context with the given key, key must be 16, 24 or 32 bytes long. + /// OpenSSL internally processes and caches this key, so it is recommended to reuse this context whenever encrypting under the same key. Call `reset_init_gcm` to change the IV for each reuse. + pub fn new(key: &Secret) -> Self { + let ctx = CipherCtx::new().unwrap(); + unsafe { + let t = match KEY_SIZE { + 16 => ffi::EVP_aes_128_gcm(), + 24 => ffi::EVP_aes_192_gcm(), + 32 => ffi::EVP_aes_256_gcm(), + _ => panic!("Aes KEY_SIZE must be 16, 24 or 32") + }; + ctx.cipher_init::(t, key.as_ptr(), ptr::null()).unwrap(); + ffi::EVP_CIPHER_CTX_set_padding(ctx.as_ptr(), 0); + } + let ret = AesGcm(ctx); + ret + } + + /// Set the IV of this AesGcm context. This call resets the IV but leaves the key and encryption algorithm alone. + /// This method must be called before any other method on AesGcm. + /// `iv` must be exactly 12 bytes in length, because that is what Aes supports. + pub fn reset_init_gcm(&mut self, iv: &[u8]) { + debug_assert_eq!(iv.len(), 12, "Aes IV must be 12 bytes long"); + unsafe { + self.0.cipher_init::(ptr::null(), ptr::null(), iv.as_ptr()).unwrap(); + } + } + + /// Add additional authentication data to AesGcm (same operation with CTR mode). + #[inline(always)] + pub fn aad(&mut self, aad: &[u8]) { + unsafe { self.0.update::(aad, ptr::null_mut()).unwrap() }; + } + + /// Encrypt or decrypt (same operation with CTR mode) + #[inline(always)] + pub fn crypt(&mut self, input: &[u8], output: &mut [u8]) { + debug_assert!(output.len() >= input.len(), "output buffer must fit the size of the input buffer"); + unsafe { self.0.update::(input, output.as_mut_ptr()).unwrap() }; + } + + /// Encrypt or decrypt in place (same operation with CTR mode). + #[inline(always)] + pub fn crypt_in_place(&mut self, data: &mut [u8]) { + let ptr = data.as_mut_ptr(); + unsafe { self.0.update::(data, ptr).unwrap() } + } +} +impl AesGcm { + /// Produce the gcm authentication tag. + #[inline(always)] + pub fn finish_encrypt(&mut self) -> [u8; 16] { + unsafe { + let mut tag = MaybeUninit::<[u8; 16]>::uninit(); + self.0.finalize::(tag.as_mut_ptr().cast()).unwrap(); + self.0.tag(&mut *tag.as_mut_ptr()).unwrap(); + tag.assume_init() + } + } +} +impl AesGcm { + /// Check the gcm authentication tag. Outputs true if it matches the just decrypted message, outputs false otherwise. + #[inline(always)] + pub fn finish_decrypt(&mut self, expected_tag: &[u8]) -> bool { + debug_assert_eq!(expected_tag.len(), 16); + if self.0.set_tag(expected_tag).is_ok() { + unsafe { self.0.finalize::(ptr::null_mut()).is_ok() } + } else { + false + } + } +} + +const AES_BLOCK_SIZE: usize = 16; + +/// An OpenSSL AES_ECB context. Automatically frees itself on drop. +/// AES_ECB is very insecure if used incorrectly so its public interface supports only exactly what ZeroTier uses it for. +pub struct Aes(CipherCtx, CipherCtx); + +impl Aes { + /// Create an AesEcb context with the given key, key must be 16, 24 or 32 bytes long. + /// OpenSSL internally processes and caches this key, so it is recommended to reuse this context whenever encrypting under the same key. + pub fn new(key: &Secret) -> Self { + let ctx0 = CipherCtx::new().unwrap(); + let ctx1 = CipherCtx::new().unwrap(); + unsafe { + let t = match KEY_SIZE { + 16 => ffi::EVP_aes_128_ecb(), + 24 => ffi::EVP_aes_192_ecb(), + 32 => ffi::EVP_aes_256_ecb(), + _ => panic!("Aes KEY_SIZE must be 16, 24 or 32") + }; + ctx0.cipher_init::(t, key.as_ptr(), ptr::null()).unwrap(); + ffi::EVP_CIPHER_CTX_set_padding(ctx0.as_ptr(), 0); + ctx1.cipher_init::(t, key.as_ptr(), ptr::null()).unwrap(); + ffi::EVP_CIPHER_CTX_set_padding(ctx1.as_ptr(), 0); + } + let ret = Aes(ctx0, ctx1); + ret + } + + /// Do not ever encrypt the same plaintext twice. Make sure data is always different between calls. + #[inline(always)] + pub fn encrypt_block_in_place(&self, data: &mut [u8]) { + debug_assert_eq!(data.len(), AES_BLOCK_SIZE, "AesEcb should not be used to encrypt more than one block at a time unless you really know what you are doing."); + let ptr = data.as_mut_ptr(); + unsafe { self.0.update::(data, ptr).unwrap() } + } + /// Do not ever encrypt the same plaintext twice. Make sure data is always different between calls. + #[inline(always)] + pub fn decrypt_block_in_place(&self, data: &mut [u8]) { + debug_assert_eq!(data.len(), AES_BLOCK_SIZE, "AesEcb should not be used to encrypt more than one block at a time unless you really know what you are doing."); + let ptr = data.as_mut_ptr(); + unsafe { self.1.update::(data, ptr).unwrap() } + } +} diff --git a/crypto/src/aes_tests.rs b/crypto/src/aes_tests.rs new file mode 100644 index 000000000..868093d0b --- /dev/null +++ b/crypto/src/aes_tests.rs @@ -0,0 +1,3131 @@ + + +#[cfg(test)] +mod test { + use crate::aes::AesGcm; + use crate::init; + use crate::secret::Secret; + use hex_literal::hex; + use std::time::SystemTime; + + #[test] + fn aes_256_gcm() { + init(); + let key = Secret::move_bytes([1u8; 32]); + let mut enc = AesGcm::::new(&key); + let mut dec = AesGcm::::new(&key); + + let plain = [2u8; 127]; + let iv0 = [3u8; 12]; + let iv1 = [4u8; 12]; + let mut tag_out; + let mut cipher_out = [0u8; 127]; + let mut plain_out = [0u8; 127]; + + enc.reset_init_gcm(&iv0); + enc.crypt(&plain, &mut cipher_out); + tag_out = enc.finish_encrypt(); + + dec.reset_init_gcm(&iv0); + dec.crypt(&cipher_out, &mut plain_out); + assert!(dec.finish_decrypt(&tag_out)); + + assert_eq!(plain, plain_out); + + enc.reset_init_gcm(&iv1); + enc.crypt(&plain, &mut cipher_out); + tag_out = enc.finish_encrypt(); + + dec.reset_init_gcm(&iv1); + dec.crypt(&cipher_out, &mut plain_out); + assert!(dec.finish_decrypt(&tag_out)); + + assert_eq!(plain, plain_out); + + enc.reset_init_gcm(&iv0); + enc.crypt(&plain, &mut cipher_out); + tag_out = enc.finish_encrypt(); + + dec.reset_init_gcm(&iv1); + dec.crypt(&cipher_out, &mut plain_out); + assert!(!dec.finish_decrypt(&tag_out)); + } + + #[test] + fn quick_benchmark() { + let mut buf = [0_u8; 12345]; + for i in 1..12345 { + buf[i] = i as u8; + } + let iv = [1_u8; 12]; + + let mut c = AesGcm::::new(&Secret::move_bytes([1_u8; 32])); + + let benchmark_iterations: usize = 80000; + let start = SystemTime::now(); + for _ in 0..benchmark_iterations { + c.reset_init_gcm(&iv); + c.crypt_in_place(&mut buf); + } + let duration = SystemTime::now().duration_since(start).unwrap(); + println!( + "AES-256-GCM encrypt benchmark: {} MiB/sec", + (((benchmark_iterations * buf.len()) as f64) / 1048576.0) / duration.as_secs_f64() + ); + + let mut c = AesGcm::::new(&Secret::move_bytes([1_u8; 32])); + + let start = SystemTime::now(); + for _ in 0..benchmark_iterations { + c.reset_init_gcm(&iv); + c.crypt_in_place(&mut buf); + } + let duration = SystemTime::now().duration_since(start).unwrap(); + println!( + "AES-256-GCM decrypt benchmark: {} MiB/sec", + (((benchmark_iterations * buf.len()) as f64) / 1048576.0) / duration.as_secs_f64() + ); + } + + #[test] + fn aes_gcm_test_vectors() { + // Even though we are just wrapping other implementations, it's still good to test thoroughly! + for tv in NIST_AES_GCM_TEST_VECTORS.iter() { + let mut gcm = AesGcm::new(unsafe { &Secret::<32>::from_bytes(tv.key) }); + gcm.reset_init_gcm(tv.nonce); + gcm.aad(tv.aad); + let mut ciphertext = Vec::new(); + ciphertext.resize(tv.plaintext.len(), 0); + gcm.crypt(tv.plaintext, ciphertext.as_mut()); + let mut tag = gcm.finish_encrypt(); + assert!(tag.eq(tv.tag)); + assert!(ciphertext.as_slice().eq(tv.ciphertext)); + + let mut gcm = AesGcm::new(unsafe { &Secret::<32>::from_bytes(tv.key) }); + gcm.reset_init_gcm(tv.nonce); + gcm.aad(tv.aad); + let mut ct_copy = ciphertext.clone(); + gcm.crypt_in_place(ct_copy.as_mut()); + assert!(gcm.finish_decrypt(&tag)); + + gcm.reset_init_gcm(tv.nonce); + gcm.aad(tv.aad); + gcm.crypt_in_place(ciphertext.as_mut()); + tag[0] ^= 1; + assert!(!gcm.finish_decrypt(&tag)); + } + } + + struct GcmTV { + pub key: &'static K, + pub nonce: &'static [u8; 12], + pub aad: &'static [u8], + pub plaintext: &'static [u8], + pub ciphertext: &'static [u8], + pub tag: &'static [u8; 16], + } + + /// + const NIST_AES_GCM_TEST_VECTORS: &[GcmTV<[u8; 32]>] = &[ + GcmTV { + key: &hex!("b52c505a37d78eda5dd34f20c22540ea1b58963cf8e5bf8ffa85f9f2492505b4"), + nonce: &hex!("516c33929df5a3284ff463d7"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("bdc1ac884d332457a1d2664f168c76f0"), + }, + GcmTV { + key: &hex!("5fe0861cdc2690ce69b3658c7f26f8458eec1c9243c5ba0845305d897e96ca0f"), + nonce: &hex!("770ac1a5a3d476d5d96944a1"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("196d691e1047093ca4b3d2ef4baba216"), + }, + GcmTV { + key: &hex!("7620b79b17b21b06d97019aa70e1ca105e1c03d2a0cf8b20b5a0ce5c3903e548"), + nonce: &hex!("60f56eb7a4b38d4f03395511"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("f570c38202d94564bab39f75617bc87a"), + }, + GcmTV { + key: &hex!("7e2db00321189476d144c5f27e787087302a48b5f7786cd91e93641628c2328b"), + nonce: &hex!("ea9d525bf01de7b2234b606a"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("db9df5f14f6c9f2ae81fd421412ddbbb"), + }, + GcmTV { + key: &hex!("a23dfb84b5976b46b1830d93bcf61941cae5e409e4f5551dc684bdcef9876480"), + nonce: &hex!("5aa345908048de10a2bd3d32"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("f28217649230bd7a40a9a4ddabc67c43"), + }, + GcmTV { + key: &hex!("dfe928f86430b78add7bb7696023e6153d76977e56103b180253490affb9431c"), + nonce: &hex!("1dd0785af9f58979a10bd62d"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("a55eb09e9edef58d9f671d72207f8b3c"), + }, + GcmTV { + key: &hex!("34048db81591ee68224956bd6989e1630fcf068d7ff726ae81e5b29f548cfcfb"), + nonce: &hex!("1621d34cff2a5b250c7b76fc"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("4992ec3d57cccfa58fd8916c59b70b11"), + }, + GcmTV { + key: &hex!("a1114f8749c72b8cef62e7503f1ad921d33eeede32b0b5b8e0d6807aa233d0ad"), + nonce: &hex!("a190ed3ff2e238be56f90bd6"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("c8464d95d540fb191156fbbc1608842a"), + }, + GcmTV { + key: &hex!("ddbb99dc3102d31102c0e14b238518605766c5b23d9bea52c7c5a771042c85a0"), + nonce: &hex!("95d15ed75c6a109aac1b1d86"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("813d1da3775cacd78e96d86f036cff96"), + }, + GcmTV { + key: &hex!("1faa506b8f13a2e6660af78d92915adf333658f748f4e48fa20135a29e9abe5f"), + nonce: &hex!("e50f278d3662c99d750f60d3"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("aec7ece66b7344afd6f6cc7419cf6027"), + }, + GcmTV { + key: &hex!("f30b5942faf57d4c13e7a82495aedf1b4e603539b2e1599317cc6e53225a2493"), + nonce: &hex!("336c388e18e6abf92bb739a9"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("ddaf8ef4cb2f8a6d401f3be5ff0baf6a"), + }, + GcmTV { + key: &hex!("daf4d9c12c5d29fc3fa936532c96196e56ae842e47063a4b29bfff2a35ed9280"), + nonce: &hex!("5381f21197e093b96cdac4fa"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("7f1832c7f7cd7812a004b79c3d399473"), + }, + GcmTV { + key: &hex!("6b524754149c81401d29a4b8a6f4a47833372806b2d4083ff17f2db3bfc17bca"), + nonce: &hex!("ac7d3d618ab690555ec24408"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("db07a885e2bd39da74116d06c316a5c9"), + }, + GcmTV { + key: &hex!("cff083303ff40a1f66c4aed1ac7f50628fe7e9311f5d037ebf49f4a4b9f0223f"), + nonce: &hex!("45d46e1baadcfbc8f0e922ff"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("1687c6d459ea481bf88e4b2263227906"), + }, + GcmTV { + key: &hex!("3954f60cddbb39d2d8b058adf545d5b82490c8ae9283afa5278689041d415a3a"), + nonce: &hex!("8fb3d98ef24fba03746ac84f"), + plaintext: b"", + aad: b"", + ciphertext: b"", + tag: &hex!("7fb130855dfe7a373313361f33f55237"), + }, + GcmTV { + key: &hex!("78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"), + nonce: &hex!("d79cf22d504cc793c3fb6c8a"), + plaintext: b"", + aad: &hex!("b96baa8c1c75a671bfb2d08d06be5f36"), + ciphertext: b"", + tag: &hex!("3e5d486aa2e30b22e040b85723a06e76"), + }, + GcmTV { + key: &hex!("4457ff33683cca6ca493878bdc00373893a9763412eef8cddb54f91318e0da88"), + nonce: &hex!("699d1f29d7b8c55300bb1fd2"), + plaintext: b"", + aad: &hex!("6749daeea367d0e9809e2dc2f309e6e3"), + ciphertext: b"", + tag: &hex!("d60c74d2517fde4a74e0cd4709ed43a9"), + }, + GcmTV { + key: &hex!("4d01c96ef9d98d4fb4e9b61be5efa772c9788545b3eac39eb1cacb997a5f0792"), + nonce: &hex!("32124a4d9e576aea2589f238"), + plaintext: b"", + aad: &hex!("d72bad0c38495eda50d55811945ee205"), + ciphertext: b"", + tag: &hex!("6d6397c9e2030f5b8053bfe510f3f2cf"), + }, + GcmTV { + key: &hex!("8378193a4ce64180814bd60591d1054a04dbc4da02afde453799cd6888ee0c6c"), + nonce: &hex!("bd8b4e352c7f69878a475435"), + plaintext: b"", + aad: &hex!("1c6b343c4d045cbba562bae3e5ff1b18"), + ciphertext: b"", + tag: &hex!("0833967a6a53ba24e75c0372a6a17bda"), + }, + GcmTV { + key: &hex!("22fc82db5b606998ad45099b7978b5b4f9dd4ea6017e57370ac56141caaabd12"), + nonce: &hex!("880d05c5ee599e5f151e302f"), + plaintext: b"", + aad: &hex!("3e3eb5747e390f7bc80e748233484ffc"), + ciphertext: b"", + tag: &hex!("2e122a478e64463286f8b489dcdd09c8"), + }, + GcmTV { + key: &hex!("fc00960ddd698d35728c5ac607596b51b3f89741d14c25b8badac91976120d99"), + nonce: &hex!("a424a32a237f0df530f05e30"), + plaintext: b"", + aad: &hex!("cfb7e05e3157f0c90549d5c786506311"), + ciphertext: b"", + tag: &hex!("dcdcb9e4004b852a0da12bdf255b4ddd"), + }, + GcmTV { + key: &hex!("69749943092f5605bf971e185c191c618261b2c7cc1693cda1080ca2fd8d5111"), + nonce: &hex!("bd0d62c02ee682069bd1e128"), + plaintext: b"", + aad: &hex!("6967dce878f03b643bf5cdba596a7af3"), + ciphertext: b"", + tag: &hex!("378f796ae543e1b29115cc18acd193f4"), + }, + GcmTV { + key: &hex!("fc4875db84819834b1cb43828d2f0ae3473aa380111c2737e82a9ab11fea1f19"), + nonce: &hex!("da6a684d3ff63a2d109decd6"), + plaintext: b"", + aad: &hex!("91b6fa2ab4de44282ffc86c8cde6e7f5"), + ciphertext: b"", + tag: &hex!("504e81d2e7877e4dad6f31cdeb07bdbd"), + }, + GcmTV { + key: &hex!("9f9fe7d2a26dcf59d684f1c0945b5ffafe0a4746845ed317d35f3ed76c93044d"), + nonce: &hex!("13b59971cd4dd36b19ac7104"), + plaintext: b"", + aad: &hex!("190a6934f45f89c90067c2f62e04c53b"), + ciphertext: b"", + tag: &hex!("4f636a294bfbf51fc0e131d694d5c222"), + }, + GcmTV { + key: &hex!("ab9155d7d81ba6f33193695cf4566a9b6e97a3e409f57159ae6ca49655cca071"), + nonce: &hex!("26a9f8d665d163ddb92d035d"), + plaintext: b"", + aad: &hex!("4a203ac26b951a1f673c6605653ec02d"), + ciphertext: b"", + tag: &hex!("437ea77a3879f010691e288d6269a996"), + }, + GcmTV { + key: &hex!("0f1c62dd80b4a6d09ee9d787b1b04327aa361529ffa3407560414ac47b7ef7bc"), + nonce: &hex!("c87613a3b70d2a048f32cb9a"), + plaintext: b"", + aad: &hex!("8f23d404be2d9e888d219f1b40aa29e8"), + ciphertext: b"", + tag: &hex!("36d8a309acbb8716c9c08c7f5de4911e"), + }, + GcmTV { + key: &hex!("f3e954a38956df890255f01709e457b33f4bfe7ecb36d0ee50f2500471eebcde"), + nonce: &hex!("9799abd3c52110c704b0f36a"), + plaintext: b"", + aad: &hex!("ddb70173f44157755b6c9b7058f40cb7"), + ciphertext: b"", + tag: &hex!("b323ae3abcb415c7f420876c980f4858"), + }, + GcmTV { + key: &hex!("0625316534fbd82fe8fdea50fa573c462022c42f79e8b21360e5a6dce66dde28"), + nonce: &hex!("da64a674907cd6cf248f5fbb"), + plaintext: b"", + aad: &hex!("f24d48e04f5a0d987ba7c745b73b0364"), + ciphertext: b"", + tag: &hex!("df360b810f27e794673a8bb2dc0d68b0"), + }, + GcmTV { + key: &hex!("28f045ac7c4fe5d4b01a9dcd5f1ad3efff1c4f170fc8ab8758d97292868d5828"), + nonce: &hex!("5d85de95b0bdc44514143919"), + plaintext: b"", + aad: &hex!("601d2158f17ab3c7b4dcb6950fbdcdde"), + ciphertext: b"", + tag: &hex!("42c3f527418cf2c3f5d5010ccba8f271"), + }, + GcmTV { + key: &hex!("19310eed5f5f44eb47075c105eb31e36bbfd1310f741b9baa66a81138d357242"), + nonce: &hex!("a1247120138fa4f0e96c992c"), + plaintext: b"", + aad: &hex!("29d746414333e0f72b4c3f44ec6bfe42"), + ciphertext: b"", + tag: &hex!("d5997e2f956df3fa2c2388e20f30c480"), + }, + GcmTV { + key: &hex!("886cff5f3e6b8d0e1ad0a38fcdb26de97e8acbe79f6bed66959a598fa5047d65"), + nonce: &hex!("3a8efa1cd74bbab5448f9945"), + plaintext: b"", + aad: &hex!("519fee519d25c7a304d6c6aa1897ee1eb8c59655"), + ciphertext: b"", + tag: &hex!("f6d47505ec96c98a42dc3ae719877b87"), + }, + GcmTV { + key: &hex!("6937a57d35fe6dc3fc420b123bccdce874bd4c18f2e7c01ce2faf33d3944fd9d"), + nonce: &hex!("a87247797b758467b96310f3"), + plaintext: b"", + aad: &hex!("ead961939a33dd578f8e93db8b28a1c85362905f"), + ciphertext: b"", + tag: &hex!("599de3ecf22cb867f03f7f6d9fd7428a"), + }, + GcmTV { + key: &hex!("e65a331776c9dcdf5eba6c59e05ec079d97473bcdce84daf836be323456263a0"), + nonce: &hex!("ca731f768da01d02eb8e727e"), + plaintext: b"", + aad: &hex!("d7274586517bf1d8da866f4a47ad0bcf2948a862"), + ciphertext: b"", + tag: &hex!("a8abe7a8085f25130a7206d37a8aaf6d"), + }, + GcmTV { + key: &hex!("77bb1b6ef898683c981b2fc899319ffbb6000edca22566b634db3a3c804059e5"), + nonce: &hex!("354a19283769b3b991b05a4c"), + plaintext: b"", + aad: &hex!("b5566251a8a8bec212dc08113229ff8590168800"), + ciphertext: b"", + tag: &hex!("e5c2dccf8fc7f296cac95d7071cb8d7d"), + }, + GcmTV { + key: &hex!("2a43308d520a59ed51e47a3a915e1dbf20a91f0886506e481ad3de65d50975b4"), + nonce: &hex!("bcbf99733d8ec90cb23e6ce6"), + plaintext: b"", + aad: &hex!("eb88288729289d26fe0e757a99ad8eec96106053"), + ciphertext: b"", + tag: &hex!("01b0196933aa49123eab4e1571250383"), + }, + GcmTV { + key: &hex!("2379b35f85102db4e7aecc52b705bc695d4768d412e2d7bebe999236783972ff"), + nonce: &hex!("918998c4801037b1cd102faa"), + plaintext: b"", + aad: &hex!("b3722309e0f066225e8d1659084ebb07a93b435d"), + ciphertext: b"", + tag: &hex!("dfb18aee99d1f67f5748d4b4843cb649"), + }, + GcmTV { + key: &hex!("98b3cb7537167e6d14a2a8b2310fe94b715c729fdf85216568150b556d0797ba"), + nonce: &hex!("bca5e2e5a6b30f18d263c6b2"), + plaintext: b"", + aad: &hex!("260d3d72db70d677a4e3e1f3e11431217a2e4713"), + ciphertext: b"", + tag: &hex!("d6b7560f8ac2f0a90bad42a6a07204bc"), + }, + GcmTV { + key: &hex!("30341ae0f199b10a15175d00913d5029526ab7f761c0b936a7dd5f1b1583429d"), + nonce: &hex!("dbe109a8ce5f7b241e99f7af"), + plaintext: b"", + aad: &hex!("fe4bdee5ca9c4806fa024715fbf66ab845285fa7"), + ciphertext: b"", + tag: &hex!("ae91daed658e26c0d126575147af9899"), + }, + GcmTV { + key: &hex!("8232b6a1d2e367e9ce1ea8d42fcfc83a4bc8bdec465c6ba326e353ad9255f207"), + nonce: &hex!("cd2fb5ff9cf0f39868ad8685"), + plaintext: b"", + aad: &hex!("02418b3dde54924a9628de06004c0882ae4ec3bb"), + ciphertext: b"", + tag: &hex!("d5308f63708675ced19b2710afd2db49"), + }, + GcmTV { + key: &hex!("f9a132a50a508145ffd8294e68944ea436ce0f9a97e181f5e0d6c5d272311fc1"), + nonce: &hex!("892991b54e94b9d57442ccaf"), + plaintext: b"", + aad: &hex!("4e0fbd3799da250fa27911b7e68d7623bfe60a53"), + ciphertext: b"", + tag: &hex!("89881d5f786e6d53e0d19c3b4e6887d8"), + }, + GcmTV { + key: &hex!("0e3746e5064633ea9311b2b8427c536af92717de20eeb6260db1333c3d8a8114"), + nonce: &hex!("f84c3a1c94533f7f25cec0ac"), + plaintext: b"", + aad: &hex!("8c0d41e6135338c8d3e63e2a5fa0a9667ec9a580"), + ciphertext: b"", + tag: &hex!("479ccfe9241de2c474f2edebbb385c09"), + }, + GcmTV { + key: &hex!("b997e9b0746abaaed6e64b63bdf64882526ad92e24a2f5649df055c9ec0f1daa"), + nonce: &hex!("f141d8d71b033755022f0a7d"), + plaintext: b"", + aad: &hex!("681d6583f527b1a92f66caae9b1d4d028e2e631e"), + ciphertext: b"", + tag: &hex!("b30442a6395ec13246c48b21ffc65509"), + }, + GcmTV { + key: &hex!("87660ec1700d4e9f88a323a49f0b871e6aaf434a2d8448d04d4a22f6561028e0"), + nonce: &hex!("2a07b42593cd24f0a6fe406c"), + plaintext: b"", + aad: &hex!("1dd239b57185b7e457ced73ebba043057f049edd"), + ciphertext: b"", + tag: &hex!("df7a501049b37a534098cb45cb9c21b7"), + }, + GcmTV { + key: &hex!("ea4792e1f1717b77a00de4d109e627549b165c82af35f33ca7e1a6b8ed62f14f"), + nonce: &hex!("7453cc8b46fe4b93bcc48381"), + plaintext: b"", + aad: &hex!("46d98970a636e7cd7b76fc362ae88298436f834f"), + ciphertext: b"", + tag: &hex!("518dbacd36be6fba5c12871678a55516"), + }, + GcmTV { + key: &hex!("34892cdd1d48ca166f7ba73182cb97336c2c754ac160a3e37183d6fb5078cec3"), + nonce: &hex!("ed3198c5861b78c71a6a4eec"), + plaintext: b"", + aad: &hex!("a6fa6d0dd1e0b95b4609951bbbe714de0ae0ccfa"), + ciphertext: b"", + tag: &hex!("c6387795096b348ecf1d1f6caaa3c813"), + }, + GcmTV { + key: &hex!("f4069bb739d07d0cafdcbc609ca01597f985c43db63bbaaa0debbb04d384e49c"), + nonce: &hex!("d25ff30fdc3d464fe173e805"), + plaintext: b"", + aad: &hex!("3e1449c4837f0892f9d55127c75c4b25d69be334baf5f19394d2d8bb460cbf2120e14736d0f634aa792feca20e455f11"), + ciphertext: b"", + tag: &hex!("805ec2931c2181e5bfb74fa0a975f0cf"), + }, + GcmTV { + key: &hex!("62189dcc4beb97462d6c0927d8a270d39a1b07d72d0ad28840badd4f68cf9c8b"), + nonce: &hex!("859fda5247c888823a4b8032"), + plaintext: b"", + aad: &hex!("b28d1621ee110f4c9d709fad764bba2dd6d291bc003748faac6d901937120d41c1b7ce67633763e99e05c71363fceca8"), + ciphertext: b"", + tag: &hex!("27330907d0002880bbb4c1a1d23c0be2"), + }, + GcmTV { + key: &hex!("59012d85a1b90aeb0359e6384c9991e7be219319f5b891c92c384ade2f371816"), + nonce: &hex!("3c9cde00c23912cff9689c7c"), + plaintext: b"", + aad: &hex!("e5daf473a470860b55210a483c0d1a978d8add843c2c097f73a3cda49ac4a614c8e887d94e6692309d2ed97ebe1eaf5d"), + ciphertext: b"", + tag: &hex!("048239e4e5c2c8b33890a7c950cda852"), + }, + GcmTV { + key: &hex!("4be09b408ad68b890f94be5efa7fe9c917362712a3480c57cd3844935f35acb7"), + nonce: &hex!("8f350bd3b8eea173fc7370bc"), + plaintext: b"", + aad: &hex!("2819d65aec942198ca97d4435efd9dd4d4393b96cf5ba44f09bce4ba135fc8636e8275dcb515414b8befd32f91fc4822"), + ciphertext: b"", + tag: &hex!("a133cb7a7d0471dbac61fb41589a2efe"), + }, + GcmTV { + key: &hex!("13cb965a4d9d1a36efad9f6ca1ba76386a5bb160d80b0917277102357ac7afc8"), + nonce: &hex!("f313adec42a66d13c3958180"), + plaintext: b"", + aad: &hex!("717b48358898e5ccfea4289049adcc1bb0db3b3ebd1767ac24fb2b7d37dc80ea2316c17f14fb51b5e18cd5bb09afe414"), + ciphertext: b"", + tag: &hex!("81b4ef7a84dc4a0b1fddbefe37f53852"), + }, + GcmTV { + key: &hex!("d27f1bebbbdef0edca393a6261b0338abbc491262eab0737f55246458f6668cc"), + nonce: &hex!("fc062f857886e278f3a567d2"), + plaintext: b"", + aad: &hex!("2bae92dea64aa99189de8ea4c046745306002e02cfb46a41444ce8bfcc329bd4205963d9ab5357b026a4a34b1a861771"), + ciphertext: b"", + tag: &hex!("5c5a6c4613f1e522596330d45f243fdd"), + }, + GcmTV { + key: &hex!("7b4d19cd3569f74c7b5df61ab78379ee6bfa15105d21b10bf6096699539006d0"), + nonce: &hex!("fbed5695c4a739eded97b1e3"), + plaintext: b"", + aad: &hex!("c6f2e5d663bfaf668d014550ef2e66bf89978799a785f1f2c79a2cb3eb3f2fd4076207d5f7e1c284b4af5cffc4e46198"), + ciphertext: b"", + tag: &hex!("7101b434fb90c7f95b9b7a0deeeb5c81"), + }, + GcmTV { + key: &hex!("d3431488d8f048590bd76ec66e71421ef09f655d7cf8043bf32f75b4b2e7efcc"), + nonce: &hex!("cc766e98b40a81519fa46392"), + plaintext: b"", + aad: &hex!("93320179fdb40cbc1ccf00b872a3b4a5f6c70b56e43a84fcac5eb454a0a19a747d452042611bf3bbaafd925e806ffe8e"), + ciphertext: b"", + tag: &hex!("3afcc336ce8b7191eab04ad679163c2a"), + }, + GcmTV { + key: &hex!("a440948c0378561c3956813c031f81573208c7ffa815114ef2eee1eb642e74c6"), + nonce: &hex!("c1f4ffe54b8680832eed8819"), + plaintext: b"", + aad: &hex!("253438f132b18e8483074561898c5652b43a82cc941e8b4ae37e792a8ed6ec5ce2bcec9f1ffcf4216e46696307bb774a"), + ciphertext: b"", + tag: &hex!("129445f0a3c979a112a3afb10a24e245"), + }, + GcmTV { + key: &hex!("798706b651033d9e9bf2ce064fb12be7df7308cf45df44776588cd391c49ff85"), + nonce: &hex!("5a43368a39e7ffb775edfaf4"), + plaintext: b"", + aad: &hex!("926b74fe6381ebd35757e42e8e557601f2287bfc133a13fd86d61c01aa84f39713bf99a8dc07b812f0274c9d3280a138"), + ciphertext: b"", + tag: &hex!("89fe481a3d95c03a0a9d4ee3e3f0ed4a"), + }, + GcmTV { + key: &hex!("c3aa2a39a9fef4a466618d1288bb62f8da7b1cb760ccc8f1be3e99e076f08eff"), + nonce: &hex!("9965ba5e23d9453d7267ca5b"), + plaintext: b"", + aad: &hex!("93efb6a2affc304cb25dfd49aa3e3ccdb25ceac3d3cea90dd99e38976978217ad5f2b990d10b91725c7fd2035ecc6a30"), + ciphertext: b"", + tag: &hex!("00a94c18a4572dcf4f9e2226a03d4c07"), + }, + GcmTV { + key: &hex!("14e06858008f7e77186a2b3a7928a0c7fcee22136bc36f53553f20fa5c37edcd"), + nonce: &hex!("32ebe0dc9ada849b5eda7b48"), + plaintext: b"", + aad: &hex!("6c0152abfa485b8cd67c154a5f0411f22121379774d745f40ee577b028fd0e188297581561ae972223d75a24b488aed7"), + ciphertext: b"", + tag: &hex!("2625b0ba6ee02b58bc529e43e2eb471b"), + }, + GcmTV { + key: &hex!("fbb56b11c51a093ce169a6990399c4d741f62b3cc61f9e8a609a1b6ae8e7e965"), + nonce: &hex!("9c5a953247e91aceceb9defb"), + plaintext: b"", + aad: &hex!("46cb5c4f617916a9b1b2e03272cb0590ce716498533047d73c81e4cbe9278a3686116f5632753ea2df52efb3551aea2d"), + ciphertext: b"", + tag: &hex!("4f3b82e6be4f08756071f2c46c31fedf"), + }, + GcmTV { + key: &hex!("b303bf02f6a8dbb5bc4baccab0800db5ee06de648e2fae299b95f135c9b107cc"), + nonce: &hex!("906495b67ef4ce00b44422fa"), + plaintext: b"", + aad: &hex!("872c6c370926535c3fa1baec031e31e7c6c82808c8a060742dbef114961c314f1986b2131a9d91f30f53067ec012c6b7"), + ciphertext: b"", + tag: &hex!("64dde37169082d181a69107f60c5c6bb"), + }, + GcmTV { + key: &hex!("29f5f8075903063cb6d7050669b1f74e08a3f79ef566292dfdef1c06a408e1ab"), + nonce: &hex!("35f25c48b4b5355e78b9fb3a"), + plaintext: b"", + aad: &hex!("107e2e23159fc5c0748ca7a077e5cc053fa5c682ff5269d350ee817f8b5de4d3972041d107b1e2f2e54ca93b72cd0408"), + ciphertext: b"", + tag: &hex!("fee5a9baebb5be0165deaa867e967a9e"), + }, + GcmTV { + key: &hex!("03ccb7dbc7b8425465c2c3fc39ed0593929ffd02a45ff583bd89b79c6f646fe9"), + nonce: &hex!("fd119985533bd5520b301d12"), + plaintext: b"", + aad: &hex!("98e68c10bf4b5ae62d434928fc6405147c6301417303ef3a703dcfd2c0c339a4d0a89bd29fe61fecf1066ab06d7a5c31a48ffbfed22f749b17e9bd0dc1c6f8fbd6fd4587184db964d5456132106d782338c3f117ec05229b0899"), + ciphertext: b"", + tag: &hex!("cf54e7141349b66f248154427810c87a"), + }, + GcmTV { + key: &hex!("57e112cd45f2c57ddb819ea651c206763163ef016ceead5c4eae40f2bbe0e4b4"), + nonce: &hex!("188022c2125d2b1fcf9e4769"), + plaintext: b"", + aad: &hex!("09c8f445ce5b71465695f838c4bb2b00624a1c9185a3d552546d9d2ee4870007aaf3007008f8ae9affb7588b88d09a90e58b457f88f1e3752e3fb949ce378670b67a95f8cf7f5c7ceb650efd735dbc652cae06e546a5dbd861bd"), + ciphertext: b"", + tag: &hex!("9efcddfa0be21582a05749f4050d29fe"), + }, + GcmTV { + key: &hex!("a4ddf3cab7453aaefad616fd65d63d13005e9459c17d3173cd6ed7f2a86c921f"), + nonce: &hex!("06177b24c58f3be4f3dd4920"), + plaintext: b"", + aad: &hex!("f95b046d80485e411c56b834209d3abd5a8a9ddf72b1b916679adfdde893044315a5f4967fd0405ec297aa332f676ff0fa5bd795eb609b2e4f088db1cdf37ccff0735a5e53c4c12173a0026aea42388a7d7153a8830b8a901cf9"), + ciphertext: b"", + tag: &hex!("9d1bd8ecb3276906138d0b03fcb8c1bb"), + }, + GcmTV { + key: &hex!("24a92b24e85903cd4aaabfe07c310df5a4f8f459e03a63cbd1b47855b09c0be8"), + nonce: &hex!("22e756dc898d4cf122080612"), + plaintext: b"", + aad: &hex!("2e01b2536dbe376be144296f5c38fb099e008f962b9f0e896334b6408393bff1020a0e442477abfdb1727213b6ccc577f5e16cb057c8945a07e307264b65979aed96b5995f40250ffbaaa1a1f0eccf394015f6290f5e64dfe5ca"), + ciphertext: b"", + tag: &hex!("0d7f1aed4708a03b0c80b2a18785c96d"), + }, + GcmTV { + key: &hex!("15276fc64438578e0ec53366b90a0e23d93910fec10dc3003d9b3f3fa72db702"), + nonce: &hex!("c5e931946d5caebc227656d2"), + plaintext: b"", + aad: &hex!("3f967c83ba02e77c14e9d41185eb87f172250e93edb0f82b6742c124298ab69418358eddefa39fedc3cade9d80f036d864a59ead37c87727c56c701a8cd9634469ff31c704f5ee39354157e6558467b92824da36b1c071bedfe9"), + ciphertext: b"", + tag: &hex!("a0ffa19adcf31d061cd0dd46d24015ef"), + }, + GcmTV { + key: &hex!("ec09804a048bb854c71618b5a3a1c590910fc8a68455139b719486d2280ea59a"), + nonce: &hex!("d0b1247e7121a9276ac18ca3"), + plaintext: b"", + aad: &hex!("66b1d39d414596308e866b04476e053b71acd1cd07ce80939577ebbeace0430f7e4c0c185fe1d97ac7569950c83db40bbed0f1d173e1aa0dc28b4773705032d97551f7fcef7f55e4b69f88df650032dfc5232c156641104b5397"), + ciphertext: b"", + tag: &hex!("8440e6d864ab778f9be478f203162d86"), + }, + GcmTV { + key: &hex!("4adf86bfa547725e4b80365a5a327c107040facfff007dc35102066bd6a995c4"), + nonce: &hex!("b1018cc331911255a55a0795"), + plaintext: b"", + aad: &hex!("053ca4428c990b4456d3c1895d5d52deff675896de9faa53d8cf241255f4a31dc3399f15d83be380256616e5af043abfb37552655adf4f2e68dda24bc3736951134f359d9c0e288bb798b6c3ea46239231a3cb280066db9862e7"), + ciphertext: b"", + tag: &hex!("c7424f38084930bfc5edc1fcf1e7608d"), + }, + GcmTV { + key: &hex!("3c92e0d1e39a3c766573c4646c768c402ccff48a56682a93433512abf0456e00"), + nonce: &hex!("d57f319e590191841d2b98bd"), + plaintext: b"", + aad: &hex!("840d9394aa240e52ba152151c12acd1cd44881e8549dc832b71a45da7efcc74fb7e844d9fec25e5d497b8fb8f47f328c8d99045a19e366e6ce5e19dc26f67a81a94fa6c97c314d886e7b56eff144c09f6fa519db6308bc73422e"), + ciphertext: b"", + tag: &hex!("cb4ef72dbda4914d7434f9686f823e2f"), + }, + GcmTV { + key: &hex!("b66ba39733888a9e0a2e30452844161dc33cb383c02ce16c4efad5452509b5b5"), + nonce: &hex!("937cb665e37059b2e40359f2"), + plaintext: b"", + aad: &hex!("dbcd9694a8834860034e8ede3a5bd419fcf91c005ad99f488aa623f581622093f9d41e6a68e20fd202f302bcfc4417ca89090bfcd4d5224e8ff4eb5bbae4ecb27baa239f59c2f99cd47c0a269c497906b41a8f320a3dd2dc2de2"), + ciphertext: b"", + tag: &hex!("bdc8249302d9d666cf7168317c118743"), + }, + GcmTV { + key: &hex!("2f9fcd1043455695638c991a1b1d35ad57c18ef0727322747b7991abc3d787f3"), + nonce: &hex!("d06cf548f62869f4bed7a318"), + plaintext: b"", + aad: &hex!("432023c12cf1f614e1005112a17dbe6c5d54022a95cf6335a5bc55004c75f09a5699739ecf928e1c78d03dad5096a17a084afe1cc22041bbdfb5985bd08b0dcc59d2b08cd86b7aad597c4cd7b4ba6d6a7370b83995a6511a1f9e"), + ciphertext: b"", + tag: &hex!("322eb84fb6884f10cfb766c2e3ec779e"), + }, + GcmTV { + key: &hex!("21c5839a63e1230c06b086341c96ab74585e69bced94332caeb1fa77d510c24f"), + nonce: &hex!("5ab6e5ed6ee733be7250858c"), + plaintext: b"", + aad: &hex!("c92f08e30f67d42516133c48e97b65cc9e124365e110aba5e7b2cbe83debcc99edf4eb0007af052bda22d85900271b1897af4fd9ace6a2d09d984ac3de79d05de0b105a81b12542b2c48e27d409fd6992dd062d6055d6fc66842"), + ciphertext: b"", + tag: &hex!("53b0e450309d146459f2a1e46c9d9e23"), + }, + GcmTV { + key: &hex!("25a144f0fdba184125d81a87e7ed82fad33c701a094a67a81fe4692dc69afa31"), + nonce: &hex!("8bf575c5c2b45b4efc6746e4"), + plaintext: b"", + aad: &hex!("2a367cb0d3b7c5b8320b3cf95e82b6ba0bba1d09a2055885dedd9ef5641623682212103238b8f775cce42ddfd4f66382f2c3a5e8d6dff9163ced83580a75705574026b55db90f75f8abb3014c9a707021dedc075da38bebbf0a0"), + ciphertext: b"", + tag: &hex!("0e2ce9cac8dfcedb0572ec6cab621efd"), + }, + GcmTV { + key: &hex!("42bc841b3b03a807cd366a35ecec8a6aebef7c4cba0ec8cb8da0da41df8ccef1"), + nonce: &hex!("1bd46f85df5f4b3a126ee315"), + plaintext: b"", + aad: &hex!("ede3dcddbdc7d8e5d034c01661332ec349cb4e7a9fbaaf7abe2c647587db86cd427ce66908e070bc49ef838747e06b45ac486dfbea6f8698b4625e21e69db8327ec05cfd74accbe67ab644948cdb554af179a1e264e08fe16641"), + ciphertext: b"", + tag: &hex!("633ab6aaf5b32b53a794f6be6262fc5f"), + }, + GcmTV { + key: &hex!("c25b8500be73210596fc4a9fb4d84d1a3379a91e3f0a6cc4177d996046627679"), + nonce: &hex!("b56c48c0c4cd318b20437002"), + plaintext: b"", + aad: &hex!("bcd14dd043fdc8c327957e1c1428698543ec8602521a7c74788d296d37d4828f10f90656883d2531c702ebda2dc0a68dab00154577454455fad986ff8e0973098dbf370ff703ed98222b945726ed9be7909210ddbc672e99fdd9"), + ciphertext: b"", + tag: &hex!("8171d4ff60fe7ef6de0288326aa73223"), + }, + GcmTV { + key: &hex!("dd95259bc8eefa3e493cb1a6ba1d8ee2b341d5230d50363094a2cc3433b3d9b9"), + nonce: &hex!("a1a6ced084f4f13990750a9e"), + plaintext: b"", + aad: &hex!("d46db90e13684b26149cb3b7f776e228a0538fa1892c418aaad07aa08d3076f4a52bee8f130ff560db2b8d1009e9260fa6233fc22733e050c9e4f7cc699062765e261dffff1159e9060b26c8065dfab04055b58c82c340d987c9"), + ciphertext: b"", + tag: &hex!("9e120b01899fe2cb3e3a0b0c05045940"), + }, + GcmTV { + key: &hex!("31bdadd96698c204aa9ce1448ea94ae1fb4a9a0b3c9d773b51bb1822666b8f22"), + nonce: &hex!("0d18e06c7c725ac9e362e1ce"), + plaintext: &hex!("2db5168e932556f8089a0622981d017d"), + aad: b"", + ciphertext: &hex!("fa4362189661d163fcd6a56d8bf0405a"), + tag: &hex!("d636ac1bbedd5cc3ee727dc2ab4a9489"), + }, + GcmTV { + key: &hex!("460fc864972261c2560e1eb88761ff1c992b982497bd2ac36c04071cbb8e5d99"), + nonce: &hex!("8a4a16b9e210eb68bcb6f58d"), + plaintext: &hex!("99e4e926ffe927f691893fb79a96b067"), + aad: b"", + ciphertext: &hex!("133fc15751621b5f325c7ff71ce08324"), + tag: &hex!("ec4e87e0cf74a13618d0b68636ba9fa7"), + }, + GcmTV { + key: &hex!("f78a2ba3c5bd164de134a030ca09e99463ea7e967b92c4b0a0870796480297e5"), + nonce: &hex!("2bb92fcb726c278a2fa35a88"), + plaintext: &hex!("f562509ed139a6bbe7ab545ac616250c"), + aad: b"", + ciphertext: &hex!("e2f787996e37d3b47294bf7ebba5ee25"), + tag: &hex!("00f613eee9bdad6c9ee7765db1cb45c0"), + }, + GcmTV { + key: &hex!("48e6af212da1386500454c94a201640c2151b28079240e40d72d2a5fd7d54234"), + nonce: &hex!("ef0ff062220eb817dc2ece94"), + plaintext: &hex!("c7afeecec1408ad155b177c2dc7138b0"), + aad: b"", + ciphertext: &hex!("9432a620e6a22307e06a321d66846fd4"), + tag: &hex!("e3ea499192f2cd8d3ab3edfc55897415"), + }, + GcmTV { + key: &hex!("79cd8d750fc8ea62a2714edcd9b32867c7c4da906c56e23a644552f5b812e75a"), + nonce: &hex!("9bbfdb81015d2b57dead2de5"), + plaintext: &hex!("f980ad8c55ebd31ee6f98f44e92bff55"), + aad: b"", + ciphertext: &hex!("41a34d1e759c859e91b8cf5d3ded1970"), + tag: &hex!("68cd98406d5b322571e750c30aa49834"), + }, + GcmTV { + key: &hex!("130ae450c18efb851057aaa79575a0a090194be8b2c95469a0e8e380a8f48f42"), + nonce: &hex!("b269115396f81b39e0c38f47"), + plaintext: &hex!("036cf36280dee8355c82abc4c1fdb778"), + aad: b"", + ciphertext: &hex!("09f7568fd8181652e556f0dda5a49ed5"), + tag: &hex!("d10b61947cae275b7034f5259ba6fc28"), + }, + GcmTV { + key: &hex!("9c7121289aefc67090cabed53ad11658be72a5372761b9d735e81d2bfc0e3267"), + nonce: &hex!("ade1702d2051b8dd203b5419"), + plaintext: &hex!("b95bcaa2b31403d76859a4c301c50b56"), + aad: b"", + ciphertext: &hex!("628285e6489090dde1b9a60674785003"), + tag: &hex!("9f516af3f3b93d610edbc5ba6e2d115f"), + }, + GcmTV { + key: &hex!("0400b42897011fc20fd2280a52ef905d6ebf1b055b48c97067bd786d678ec4ea"), + nonce: &hex!("0abfb0a41496b453358409d9"), + plaintext: &hex!("20c8230191e35f4e9b269d59cf5521f6"), + aad: b"", + ciphertext: &hex!("dd8c38087daffbbb3ebb57ebf5ee5f78"), + tag: &hex!("bfb07aa5049ee350ec6fb1397f37087b"), + }, + GcmTV { + key: &hex!("56690798978c154ff250ba78e463765f2f0ce69709a4551bd8cb3addeda087b6"), + nonce: &hex!("cf37c286c18ad4ea3d0ba6a0"), + plaintext: &hex!("2d328124a8d58d56d0775eed93de1a88"), + aad: b"", + ciphertext: &hex!("3b0a0267f6ecde3a78b30903ebd4ca6e"), + tag: &hex!("1fd2006409fc636379f3d4067eca0988"), + }, + GcmTV { + key: &hex!("8a02a33bdf87e7845d7a8ae3c8727e704f4fd08c1f2083282d8cb3a5d3cedee9"), + nonce: &hex!("599f5896851c968ed808323b"), + plaintext: &hex!("4ade8b32d56723fb8f65ce40825e27c9"), + aad: b"", + ciphertext: &hex!("cb9133796b9075657840421a46022b63"), + tag: &hex!("a79e453c6fad8a5a4c2a8e87821c7f88"), + }, + GcmTV { + key: &hex!("23aaa78a5915b14f00cf285f38ee275a2db97cb4ab14d1aac8b9a73ff1e66467"), + nonce: &hex!("4a675ec9be1aab9632dd9f59"), + plaintext: &hex!("56659c06a00a2e8ed1ac60572eee3ef7"), + aad: b"", + ciphertext: &hex!("e6c01723bfbfa398d9c9aac8c683bb12"), + tag: &hex!("4a2f78a9975d4a1b5f503a4a2cb71553"), + }, + GcmTV { + key: &hex!("fe647f72e95c469027f4d7778429a2e8e90d090268d4fa7df44f65c0af84190a"), + nonce: &hex!("4f40ae2a83a9b480e4686c90"), + plaintext: &hex!("31fd6cce3f0d2b0d18e0af01c4b5609e"), + aad: b"", + ciphertext: &hex!("54c769fd542f0d3022f1335a7c410b61"), + tag: &hex!("106cb7cbcd967da6cad646039c753474"), + }, + GcmTV { + key: &hex!("fce205515f0551b1797128a2132d8e002ea5ab1beb99c5e7e8329398cf478e10"), + nonce: &hex!("20209a0d4a3b9bfddeef39a0"), + plaintext: &hex!("7d663e31a2f6ffef17e536684dae2e87"), + aad: b"", + ciphertext: &hex!("6529712030fb659dc11ab719f6a4c402"), + tag: &hex!("58699464d062aba505508c576c4e07dd"), + }, + GcmTV { + key: &hex!("cd33003ff18f6f3369dd9a35381261ba660ce0a769864475152e677066540337"), + nonce: &hex!("20bffe9064ce76d275204138"), + plaintext: &hex!("acaf53d4dd2fe12cd44450b0d9adcc92"), + aad: b"", + ciphertext: &hex!("a669fda0444b180165f90815dc992b33"), + tag: &hex!("6e31f5a56c4790cedcc2368c51d0639b"), + }, + GcmTV { + key: &hex!("381873b5f9579d8241f0c61f0d9e327bb9f678691714aaa48ea7d92678d43fe7"), + nonce: &hex!("3fc8bec23603158e012d65e5"), + plaintext: &hex!("7b622e9b408fe91f6fa800ecef838d36"), + aad: b"", + ciphertext: &hex!("8ca4de5b4e2ab22431a009f3ddd01bae"), + tag: &hex!("b3a7f80e3edf322622731550164cd747"), + }, + GcmTV { + key: &hex!("92e11dcdaa866f5ce790fd24501f92509aacf4cb8b1339d50c9c1240935dd08b"), + nonce: &hex!("ac93a1a6145299bde902f21a"), + plaintext: &hex!("2d71bcfa914e4ac045b2aa60955fad24"), + aad: &hex!("1e0889016f67601c8ebea4943bc23ad6"), + ciphertext: &hex!("8995ae2e6df3dbf96fac7b7137bae67f"), + tag: &hex!("eca5aa77d51d4a0a14d9c51e1da474ab"), + }, + GcmTV { + key: &hex!("7da3bccaffb3464178ca7c722379836db50ce0bfb47640b9572163865332e486"), + nonce: &hex!("c04fd2e701c3dc62b68738b3"), + plaintext: &hex!("fd671cab1ee21f0df6bb610bf94f0e69"), + aad: &hex!("fec0311013202e4ffdc4204926ae0ddf"), + ciphertext: &hex!("6be61b17b7f7d494a7cdf270562f37ba"), + tag: &hex!("5e702a38323fe1160b780d17adad3e96"), + }, + GcmTV { + key: &hex!("a359b9584beec189527f8842dda6b6d4c6a5db2f889635715fa3bcd7967c0a71"), + nonce: &hex!("8616c4cde11b34a944caba32"), + plaintext: &hex!("33a46b7539d64c6e1bdb91ba221e3007"), + aad: &hex!("e1796fca20cb3d3ab0ade69b2a18891e"), + ciphertext: &hex!("b0d316e95f3f3390ba10d0274965c62b"), + tag: &hex!("aeaedcf8a012cc32ef25a62790e9334c"), + }, + GcmTV { + key: &hex!("8c83238e7b3b58278200b54940d779d0a0750673aab0bf2f5808dd15dc1a8c49"), + nonce: &hex!("70f8f4ebe408f61a35077956"), + plaintext: &hex!("6e57f8572dd5b2247410f0d4c7424186"), + aad: &hex!("e1cbf83924f1b8d1014b97db56c25a15"), + ciphertext: &hex!("4a11acb9611251df01f79f16f8201ffb"), + tag: &hex!("9732be4ad0569586753d90fabb06f62c"), + }, + GcmTV { + key: &hex!("fe21919bb320af8744c9e862b5b7cf8b81ad3ad1fb0e7d7d710a688d3eed154b"), + nonce: &hex!("38bc3917aa1925f40850c082"), + plaintext: &hex!("aea53b1ea79a71c3a4b83c92a0c979f1"), + aad: &hex!("f24102fa7e6b819bb3ff47f90844db9c"), + ciphertext: &hex!("2fb8b697bf8f7a2eea25fe702a3ae0a9"), + tag: &hex!("5be77e827737ad7c4f79e0e343fe010d"), + }, + GcmTV { + key: &hex!("499e8a3f39ac4abc62dd4e1a6133042e74785972b6b501bfaffefc8bb29fd312"), + nonce: &hex!("5c728dbbef9dcc0ff483e891"), + plaintext: &hex!("b44014c7fc6b3f15d126a881fbe2bd2b"), + aad: &hex!("82300dab592f840ae991efa3623a6203"), + ciphertext: &hex!("578fe5e1aef7619f392c027c838a239e"), + tag: &hex!("49fdc724f05eb56ea9e3fd14b61ad567"), + }, + GcmTV { + key: &hex!("2775d3e7a8fc665bb9a59edc22eb136add194824ed8f2adb449177404c739716"), + nonce: &hex!("73f16c054e166696df679a2e"), + plaintext: &hex!("c9f3bce40310b6c0a3fd62742e4f3617"), + aad: &hex!("23199a1c9b7244913952ca4f7e7444f4"), + ciphertext: &hex!("72c85c10756266d00a9a4340b2cb3137"), + tag: &hex!("5881e4565b42394e62d5daf0d1ebc593"), + }, + GcmTV { + key: &hex!("425a341c67e6d873870f54e2cc5a2984c734e81729c0dbaaeee050309f1ce674"), + nonce: &hex!("0c09b7b4e9e097317b791433"), + plaintext: &hex!("76dda644b3faca509b37def0319f30cc"), + aad: &hex!("4300a721547846761e4bf8df2b6ec1d6"), + ciphertext: &hex!("1dd80daa0fc9e47e43897c64a6663f5e"), + tag: &hex!("5d69b34d8c3b12f783faaea7e93685db"), + }, + GcmTV { + key: &hex!("dd5c48988a6e9f9f60be801ba5c090f224a1b53d6601ec5858eab7b7784a8d5e"), + nonce: &hex!("43562d48cd4110a66d9ca64e"), + plaintext: &hex!("2cda2761fd0be2b03f9714fce8d0e303"), + aad: &hex!("55e568309fc6cb0fb0e0e7d2511d4116"), + ciphertext: &hex!("f2cfb6f5446e7aa172adfcd66b92a98d"), + tag: &hex!("e099c64d2966e780ce7d2eaae97f47d8"), + }, + GcmTV { + key: &hex!("2bdad9c3e5de6e4e101b7f16e727c690db95eacf4b0ccbdec7aab6fb9fc80486"), + nonce: &hex!("a5cf3967d244074d2153c576"), + plaintext: &hex!("84c867ec36cc6fe3487f5192fdfd390b"), + aad: &hex!("6bdae72b5ed0e4d1f10064ebd02cf85c"), + ciphertext: &hex!("53c8fa437c1b5fa91abbd6508b3878ce"), + tag: &hex!("7859593d127324be8b9cf1d43ead4d82"), + }, + GcmTV { + key: &hex!("01e92afdb5d956be12d38b09252966c5728d26f3c72e54bb62bbc55ae590e716"), + nonce: &hex!("886e55364eeb90e87ac79bbe"), + plaintext: &hex!("6c6570385f3d6d937e54a3a2e95bc9eb"), + aad: &hex!("c76aabb7f44b942a81feb50249d2131a"), + ciphertext: &hex!("423b749a507f437b431114962180d352"), + tag: &hex!("54d859320a49281368297da7d4e37326"), + }, + GcmTV { + key: &hex!("46921319217598cb64256fe49abca1f18a9d1dbca360f8630afb5c6137cb42b5"), + nonce: &hex!("290827cf981415760ec3b37a"), + plaintext: &hex!("480d32b191c2e201aed03680f93ea2da"), + aad: &hex!("535ee80b12f581baaf8027e6e3900e31"), + ciphertext: &hex!("89ace4f73583fb1ac260dea99b54055e"), + tag: &hex!("7b8b8358363c175a66e6fb48d1bc2222"), + }, + GcmTV { + key: &hex!("e18cd9b01b59bc0de1502efb74c3642997fe7dfb8d80c8a73caffe7726807d33"), + nonce: &hex!("bd087b384c40841b3839ba02"), + plaintext: &hex!("62f7f3a12b8c5f6747fcfe192d850b19"), + aad: &hex!("fe69f837961b1d83f27fbf68e6791a1c"), + ciphertext: &hex!("bacfccf6397424e96caf761e71dd3e3a"), + tag: &hex!("9c9a5b65420f83e766c7c051680e8e58"), + }, + GcmTV { + key: &hex!("68ee463b3153d9a042e5e3685def6f90f7659a203441de337fb94831cbeae9b2"), + nonce: &hex!("9c4a9254c485236cf838de7e"), + plaintext: &hex!("73731054514f3fb0102c7a1df809f212"), + aad: &hex!("d55820e7acbb27d23c7df32938cf7d42"), + ciphertext: &hex!("13b7823cac37f40eb811e3c966d16a67"), + tag: &hex!("76288c33a66ff6451e2cec6c4ba4935e"), + }, + GcmTV { + key: &hex!("64bd594daf279e3172f9aa713b35b7fce8f43083792bc7d1f10919131f400a7b"), + nonce: &hex!("339a2c40e9d9507c34228649"), + plaintext: &hex!("2b794cb4c98450463a3e225ab33f3f30"), + aad: &hex!("2b9544807b362ebfd88146e2b02c9270"), + ciphertext: &hex!("434d703b8d1069ad8036288b7c2d1ae6"), + tag: &hex!("7d31e397c0c943cbb16cfb9539a6a17d"), + }, + GcmTV { + key: &hex!("83688deb4af8007f9b713b47cfa6c73e35ea7a3aa4ecdb414dded03bf7a0fd3a"), + nonce: &hex!("0b459724904e010a46901cf3"), + plaintext: &hex!("33d893a2114ce06fc15d55e454cf90c3"), + aad: &hex!("794a14ccd178c8ebfd1379dc704c5e208f9d8424"), + ciphertext: &hex!("cc66bee423e3fcd4c0865715e9586696"), + tag: &hex!("0fb291bd3dba94a1dfd8b286cfb97ac5"), + }, + GcmTV { + key: &hex!("013f549af9ecc2ee0259d5fc2311059cb6f10f6cd6ced3b543babe7438a88251"), + nonce: &hex!("e45e759a3bfe4b652dc66d5b"), + plaintext: &hex!("79490d4d233ba594ece1142e310a9857"), + aad: &hex!("b5fe530a5bafce7ae79b3c15471fa68334ab378e"), + ciphertext: &hex!("619443034e4437b893a45a4c89fad851"), + tag: &hex!("6da8a991b690ff6a442087a356f8e9e3"), + }, + GcmTV { + key: &hex!("4b2815c531d2fceab303ec8bca739a97abca9373b7d415ad9d6c6fa9782518cc"), + nonce: &hex!("47d647a72b3b5fe19f5d80f7"), + plaintext: &hex!("d3f6a645779e07517bd0688872e0a49b"), + aad: &hex!("20fd79bd0ee538f42b7264a5d098af9a30959bf5"), + ciphertext: &hex!("00be3b295899c455110a0ae833140c4d"), + tag: &hex!("d054e3997c0085e87055b79829ec3629"), + }, + GcmTV { + key: &hex!("2503b909a569f618f7eb186e4c4b81dbfe974c553e2a16a29aea6846293e1a51"), + nonce: &hex!("e4fa3dc131a910c75f61a38b"), + plaintext: &hex!("188d542f8a815695c48c3a882158958c"), + aad: &hex!("f80edf9b51f8fd66f57ce9af5967ec028245eb6e"), + ciphertext: &hex!("4d39b5494ca12b770099a8eb0c178aca"), + tag: &hex!("adda54ad0c7f848c1c72758406b49355"), + }, + GcmTV { + key: &hex!("6c8f34f14569f625aad7b232f59fa8b187ab24fadcdbaf7d8eb45da8f914e673"), + nonce: &hex!("6e2f886dd97be0e4c5bd488b"), + plaintext: &hex!("ac8aa71cfbf1e968ef5515531576e314"), + aad: &hex!("772ec23e49dbe1d923b1018fc2bef4b579e46241"), + ciphertext: &hex!("cb0ce70345e950b429e710c47d9c8d9b"), + tag: &hex!("9dceea98c438b1d9c154e5386180966d"), + }, + GcmTV { + key: &hex!("182fe560614e1c6adfd1566ac44856df723dcb7e171a7c5796b6d3f83ef3d233"), + nonce: &hex!("8484abca6877a8622bfd2e3c"), + plaintext: &hex!("92ca46b40f2c75755a28943a68a8d81c"), + aad: &hex!("2618c0f7fe97772a0c97638cca238a967987c5e5"), + ciphertext: &hex!("ed1941b330f4275d05899f8677d73637"), + tag: &hex!("3fe93f1f5ffa4844963de1dc964d1996"), + }, + GcmTV { + key: &hex!("65a290b2fabe7cd5fb2f6d627e9f1f79c2c714bffb4fb86e9df3e5eab28320ed"), + nonce: &hex!("5a5ed4d5592a189f0737cf47"), + plaintext: &hex!("662dda0f9c8f92bc906e90288100501c"), + aad: &hex!("ad1c7f7a7fb7f8fef4819c1dd1a67e007c99a87b"), + ciphertext: &hex!("8eb7cb5f0418da43f7e051c588776186"), + tag: &hex!("2b15399ee23690bbf5252fb26a01ae34"), + }, + GcmTV { + key: &hex!("7b720d31cd62966dd4d002c9ea41bcfc419e6d285dfab0023ba21b34e754cb2f"), + nonce: &hex!("e1fb1f9229b451b72f89c333"), + plaintext: &hex!("1aa2948ed804f24e5d783b1bc959e086"), + aad: &hex!("7fdae42d0cf6a13873d3092c41dd3a19a9ea90f9"), + ciphertext: &hex!("8631d3c6b6647866b868421b6a3a548a"), + tag: &hex!("a31febbe169d8d6f391a5e60ef6243a0"), + }, + GcmTV { + key: &hex!("a2aec8f3438ab4d6d9ae566a2cf9101ad3a3cc20f83674c2e208e8ca5abac2bb"), + nonce: &hex!("815c020686c52ae5ddc81680"), + plaintext: &hex!("a5ccf8b4eac22f0e1aac10b8d62cdc69"), + aad: &hex!("86120ce3aa81445a86d971fdb7b3b33c07b25bd6"), + ciphertext: &hex!("364c9ade7097e75f99187e5571ec2e52"), + tag: &hex!("64c322ae7a8dbf3d2407b12601e50942"), + }, + GcmTV { + key: &hex!("e5104cfcbfa30e56915d9cf79efcf064a1d4ce1919b8c20de47eab0c106d67c1"), + nonce: &hex!("d1a5ec793597745c7a31b605"), + plaintext: &hex!("7b6b303381441f3fdf9a0cf79ee2e9e0"), + aad: &hex!("9931678430ff3aa765b871b703dfcc43fb1b8594"), + ciphertext: &hex!("425d48a76001bed9da270636be1f770b"), + tag: &hex!("76ff43a157a6748250a3fdee7446ed22"), + }, + GcmTV { + key: &hex!("f461d1b75a72d942aa096384dc20cf8514a9ad9a9720660add3f318284ca3014"), + nonce: &hex!("d0495f25874e5714a1149e94"), + plaintext: &hex!("d9e4b967fdca8c8bae838a5da95d7cce"), + aad: &hex!("1133f372e3db22456e7ea92f29dff7f1d92864d3"), + ciphertext: &hex!("1df711e6fbcba22b0564c6e36051a3f7"), + tag: &hex!("f0563b7494d5159289b644afc4e8e397"), + }, + GcmTV { + key: &hex!("a9a98ef5076ceb45c4b60a93aeba102507f977bc9b70ded1ad7d422108cdaa65"), + nonce: &hex!("54a1bc67e3a8a3e44deec232"), + plaintext: &hex!("ede93dd1eaa7c9859a0f709f86a48776"), + aad: &hex!("10cfef05e2cd1edd30db5c028bd936a03df03bdc"), + ciphertext: &hex!("3d3b61f553ab59a9f093cac45afa5ac0"), + tag: &hex!("7814cfc873b3398d997d8bb38ead58ef"), + }, + GcmTV { + key: &hex!("d9e17c9882600dd4d2edbeae9a224d8588ff5aa210bd902d1080a6911010c5c5"), + nonce: &hex!("817f3501e977a45a9e110fd4"), + plaintext: &hex!("d74d968ea80121aea0d7a2a45cd5388c"), + aad: &hex!("d216284811321b7591528f0af5a3f2768429e4e8"), + ciphertext: &hex!("1587c8b00e2c197f32a21019feeee99a"), + tag: &hex!("63ea43c03d00f8ae5724589cb6f64480"), + }, + GcmTV { + key: &hex!("ec251b45cb70259846db530aff11b63be00a951827020e9d746659bef2b1fd6f"), + nonce: &hex!("e41652e57b624abd84fe173a"), + plaintext: &hex!("75023f51ba81b680b44ea352c43f700c"), + aad: &hex!("92dd2b00b9dc6c613011e5dee477e10a6e52389c"), + ciphertext: &hex!("29274599a95d63f054ae0c9b9df3e68d"), + tag: &hex!("eb19983b9f90a0e9f556213d7c4df0f9"), + }, + GcmTV { + key: &hex!("61f71fdbe29f56bb0fdf8a9da80cef695c969a2776a88e62cb3d39fca47b18e3"), + nonce: &hex!("77f1d75ab0e3a0ed9bf2b981"), + plaintext: &hex!("110a5c09703482ef1343396d0c3852d3"), + aad: &hex!("c882691811d3de6c927d1c9f2a0f15f782d55c21"), + ciphertext: &hex!("7e9daa4983283facd29a93037eb70bb0"), + tag: &hex!("244930965913ebe0fa7a0eb547b159fb"), + }, + GcmTV { + key: &hex!("e4fed339c7b0cd267305d11ab0d5c3273632e8872d35bdc367a1363438239a35"), + nonce: &hex!("0365882cf75432cfd23cbd42"), + plaintext: &hex!("fff39a087de39a03919fbd2f2fa5f513"), + aad: &hex!("8a97d2af5d41160ac2ff7dd8ba098e7aa4d618f0f455957d6a6d0801796747ba57c32dfbaaaf15176528fe3a0e4550c9"), + ciphertext: &hex!("8d9e68f03f7e5f4a0ffaa7650d026d08"), + tag: &hex!("3554542c478c0635285a61d1b51f6afa"), + }, + GcmTV { + key: &hex!("bd93c7bfc850b33c86484e04859ed374beaee9d613bdca6f072d1d182aeebd04"), + nonce: &hex!("6414c7749effb9af7e5c4762"), + plaintext: &hex!("b6de1699931f2252efc98d491d22ee12"), + aad: &hex!("76f43d5664c7ac1b4de43f2e2c4bc71f6918e0762f40e5dd5597ef4ff215855a4fd26d3ea6ccbd4e10789948fa692433"), + ciphertext: &hex!("a6c7e52f2018b823506e48064ffe6ee4"), + tag: &hex!("175e653c9036f66835f10cf1c82d1741"), + }, + GcmTV { + key: &hex!("df0125a826c7fe49243d89cbdd7562aafd2103fa2783cf901976b5f5d481cdcb"), + nonce: &hex!("f63c1461b2964929d035d9bf"), + plaintext: &hex!("cc27ff68f981e4d6fb1918427c3d6b9e"), + aad: &hex!("0bf602ec47593e44ac1b88244455fa04359e338057b0a0ba057cb506d546d4d6d8538640fe7dd3d5864bd33b5a33d768"), + ciphertext: &hex!("b8fa150af93078574ac7c4615f88647d"), + tag: &hex!("4584553ac3ccdf8b0efae517652d3a18"), + }, + GcmTV { + key: &hex!("d33ea320cec0e43dfc1e3d1d8ccca2dd7e30ad3ea18ad7141cc83645d18771ae"), + nonce: &hex!("540009f321f41d00202e473b"), + plaintext: &hex!("e56cdd522d526d8d0cd18131a19ee4fd"), + aad: &hex!("a41162e1fe875a81fbb5667f73c5d4cbbb9c3956002f7867047edec15bdcac1206e519ee9c238c371a38a485c710da60"), + ciphertext: &hex!("8b624b6f5483f42f36c85dc7cf3e9609"), + tag: &hex!("2651e978d9eaa6c5f4db52391ac9bc7c"), + }, + GcmTV { + key: &hex!("7f35f5979b23321e6449f0f5ef99f2e7b796d52d560cc77aabfb621dbf3a6530"), + nonce: &hex!("cf0f6f3eed4cf374da714c77"), + plaintext: &hex!("4e9f53affdb5b1e91bf423d29c54401a"), + aad: &hex!("a676d35d93e12bfe0603f6aef2c3dd892a9b1ad22d476c3509d313256d4e98e4dda4e46e93b54cf59c2b90608a8fb3ad"), + ciphertext: &hex!("1714d55ef83df2927ee95ff22f1d90e6"), + tag: &hex!("4962a91d1071dd2c05934968d21eb43c"), + }, + GcmTV { + key: &hex!("06ecc134993506cf539b1e797a519fe1d9f34321fe6a0b05f1936285c35c93a4"), + nonce: &hex!("f2190861d1140bd080d79906"), + plaintext: &hex!("519c1fc45a628ec16c515427796711f7"), + aad: &hex!("a04f2723c2521181437ad63f7910481d5de98f3e2561cec3a177bdbcb5048619738852e0fb212a3caa741a353e4e89a8"), + ciphertext: &hex!("b36c793224ce3bb1b54144398fbdedb6"), + tag: &hex!("0030e6e84f6f8eb474ce8e071c2953dd"), + }, + GcmTV { + key: &hex!("734fa8b423b91e0ecccc7f554480eef57a82423a9f92b28d464320fba405a71c"), + nonce: &hex!("a6b5c78bb5791f4d121390ce"), + plaintext: &hex!("b496a99b39e0e94bb5829cfc3d7b3856"), + aad: &hex!("9ce25ff9b55dfa04e4271999a47cba8af8e83a390b090d1c4306b40ce8882624b662ff5867896396789295c19ec80d07"), + ciphertext: &hex!("904081a40484bb6454fc52cb6674e737"), + tag: &hex!("6a0787cf3921a71c35b5054954527823"), + }, + GcmTV { + key: &hex!("d106280b84f25b294f71c261f66a65c2efd9680e19f50316d237975052796392"), + nonce: &hex!("cfc6aa2aeba468c66bf4553f"), + plaintext: &hex!("57e937f8b9b814e965bb569fcf63aaac"), + aad: &hex!("012a43f9903a3808bf34fd6f77d831d9154205ded589964cae60d2e49c856b7a4100a55c8cd02f5e476f62e988dcbd2b"), + ciphertext: &hex!("c835f5d4fd30fe9b2edb4aff24803c60"), + tag: &hex!("e88426bb4619807f18a9cc9839754777"), + }, + GcmTV { + key: &hex!("81eb63bc47aba313d964a5335cfb039051520b3112fa54cab368e5243947d450"), + nonce: &hex!("18cc5dd875753ff51cc6f441"), + plaintext: &hex!("45f51399dff6a0dcd43f35256616d6be"), + aad: &hex!("24f766c56777312494245a4e6c7dbebbae4026e0907eadbc20a488982678161de7b924473c0a81ee59a0fa6905952b33"), + ciphertext: &hex!("a2fc7b0784ec4233142f9cde12ab9e98"), + tag: &hex!("4e60b8561cacfe7133740cd2bddefaa0"), + }, + GcmTV { + key: &hex!("0a997863786a4e97332224ed484ffca508b166f0603687200d99fd6accd45d83"), + nonce: &hex!("7a9acabd4b8d3e1036293a07"), + plaintext: &hex!("9d2c9ff39f57c96ecce287c68c5cd6eb"), + aad: &hex!("525fc5ac7fe93c183a3ef7c75e3fbd52dce956855aff385966f4d79966bdb3ec2019c466584d21bfee74511a77d82adb"), + ciphertext: &hex!("238441c65b2a1c41b302da0f52d40770"), + tag: &hex!("c351d93ab9491cdfb7fa15e7a251de22"), + }, + GcmTV { + key: &hex!("acbfeb7c595b704960c1097e93d3906534c23444c8acc1f8e969ce6c3fe8a46b"), + nonce: &hex!("28922ecac3013806c11660e6"), + plaintext: &hex!("e0d8c52d60c6ed6980abd4348f3f96f1"), + aad: &hex!("b1fe886107013ebdeb19315a9d096ed81803951a508f56f68202a7df00bebae0742dd1128c200952a049ef0cd7cfe4e6"), + ciphertext: &hex!("56fe1cf2c1d193b9b33badbf846f52cc"), + tag: &hex!("1cb4c14f50a54a64813ffc810f31f9f8"), + }, + GcmTV { + key: &hex!("f6e768475c33269596da1f5a5a38547a885006bebb9134e21274d8456e9f5529"), + nonce: &hex!("3579e5ac51d1f1b82ea352ca"), + plaintext: &hex!("0aa481f856f8b96547672e5ae5370f9e"), + aad: &hex!("6929b6053ba148304366164f79b1b9f592c9cb9bce65094cec5cb8b0fc63e20d86b17c8bf5a7b089a63c5eac1824ee93"), + ciphertext: &hex!("b2f4edf5f0b0bfc590fead6239b0f2fb"), + tag: &hex!("2540ceb5ef247c95d63df84c46468533"), + }, + GcmTV { + key: &hex!("2ca76112300bed65b87ba6ec887cd514f4633c1c96565fec8e3e69ae2ba88401"), + nonce: &hex!("964864510a8c957dcfb97d2f"), + plaintext: &hex!("0aff24b4c5aa45b81ce08ec2439be446"), + aad: &hex!("5aebdfd153a18763f36ecc9e8e9a01cb7b3f21e435b35b0da937c67e87c9ec058d08060a95e1eda0a5ab6546cca45094"), + ciphertext: &hex!("03da1f5a1403dbdd9f75a26113608ec0"), + tag: &hex!("a1c215d0c552a6061aa2b60afc3667a6"), + }, + GcmTV { + key: &hex!("c0ff018b6c337dde685c8279cf6de59d7ce4b288032b819e074b671e72abbc91"), + nonce: &hex!("f12e6b1e85f87ef4c9ccbb7b"), + plaintext: &hex!("f7512bbfa2d40d14be71b70f70701c99"), + aad: &hex!("0577e8d28c0e9e5cde3c8b2a1a2aa8e2fc3ec8e96768405fcfbd623be7fc4e2e395c59b5b3a8ea117ef211320bc1f857"), + ciphertext: &hex!("0187b4c2d52486b4417e5a013d553e5e"), + tag: &hex!("dba451e7339be8ebed3ea9683d1b4552"), + }, + GcmTV { + key: &hex!("d90c6948ac2353867e943069196a2c4d0c4d51e34e2505661b1d76f3e5f17ac5"), + nonce: &hex!("07e5623f474e2f0fe9f4c7d2"), + plaintext: &hex!("8a9fb1b384c0d1728099a4f7cb002f07"), + aad: &hex!("0de97574ae1bc6d3ef06c6ce03513ca47dff4728803e0aacc50564ee32b775fd535f5c8c30186550d99bff6f384af2dd"), + ciphertext: &hex!("4234a3a9fb199c3b293357983e8ac30b"), + tag: &hex!("d51e6f071dbab126f5fc9732967108ef"), + }, + GcmTV { + key: &hex!("80d755e24d129e68a5259ec2cf618e39317074a83c8961d3768ceb2ed8d5c3d7"), + nonce: &hex!("7598c07ba7b16cd12cf50813"), + plaintext: &hex!("5e7fd1298c4f15aa0f1c1e47217aa7a9"), + aad: &hex!("0e94f4c48fd0c9690c853ad2a5e197c5de262137b69ed0cdfa28d8d12413e4ffff15374e1cccb0423e8ed829a954a335ed705a272ad7f9abd1057c849bb0d54b768e9d79879ec552461cc04adb6ca0040c5dd5bc733d21a93702"), + ciphertext: &hex!("5762a38cf3f2fdf3645d2f6696a7eead"), + tag: &hex!("8a6708e69468915c5367573924fe1ae3"), + }, + GcmTV { + key: &hex!("dda7977efa1be95a0e41ed8bcd2aa648621945c95a9e28b63919e1d92d269fc3"), + nonce: &hex!("053f6e1be42af8894a6e86a0"), + plaintext: &hex!("6fa9b08176e9963927afba1e5f969a42"), + aad: &hex!("cb5114a001989339657427eb88329d6ce9c69694dc91a69b7557d62184e57832ec76d162fc9c47490bb3d78e5899445cecf85d36cb1f07fed5a3d82aaf7e9590f3ed74ad13b13c8adbfc7f29d7b151448d6f29d11d0bd3d03b76"), + ciphertext: &hex!("d4adbff3ec8edade29b9a1b748c31b54"), + tag: &hex!("3b331733c753858c22d309ceb0f9488c"), + }, + GcmTV { + key: &hex!("d7da934ad057dc06bd1ec234fcc4efdc5119037a440b5827de25915f22dd47e5"), + nonce: &hex!("1b54c4ea37d2395ef70dcc72"), + plaintext: &hex!("86d5567658361198348207ede7a46da6"), + aad: &hex!("735de4596a80e64e38a12ab24ef73881d6ed3b533cb2c101025c3615acd2114150feeca84ade4e563bc4a300eb4a0cd97a184a293f0ac063e4f3c61e7fcdb331bcc6459fafaf0e2dda881f34eb717f4ee8c4b6890d3ef59721f3"), + ciphertext: &hex!("70a1c1d7c200ba5ae1b6f29917bb19f2"), + tag: &hex!("a25d51cccb198bed33de0b98df249c2d"), + }, + GcmTV { + key: &hex!("930ebb4b9b9c35094be374cc0b700c437b3c46b45d489a716c30f93cd5f986c9"), + nonce: &hex!("7a21e5febd82ec9b97bfbe83"), + plaintext: &hex!("980086665d08a365f6bbe20ae51116f7"), + aad: &hex!("9f2ed5f6cf9e2d6505d3c99a8f81a7dfc5658dd085eba966c8b3206230973a086ec36fe948573baee108fca941bce53dad73180877cd497976209c1adf8a9861f0215560df064caf0ef2f99445c11816f5b8deeafedd682b5fb2"), + ciphertext: &hex!("05baaefdeb0c33674a8064a2e9951aaf"), + tag: &hex!("2ec7efd2564d4e09a6ab852f3af49939"), + }, + GcmTV { + key: &hex!("70213d8949a65f463d13206071fab1b4c6b614fd3cee0d340d2d806de6714a93"), + nonce: &hex!("f8529d3e4f155cbb1ffb3d0a"), + plaintext: &hex!("47d47a5fd32a2a416f921cc7f00c0f81"), + aad: &hex!("112360db39b867dabaaa1d777bd881df2104b69fba15a4f37a832f5da38ad8a8c7c46db93e5b4eadf8b9a5a75508ad1457994c133c5ac85509eedfb13b90a2cf6c56a3c778582939362008608b08f9c4866a0e38744572114598"), + ciphertext: &hex!("b220b69bd851a17fbc5b725fb912f11e"), + tag: &hex!("4c3436943d58501c0826ae5827bc063e"), + }, + GcmTV { + key: &hex!("7a5834230ebbbf616630f2edb3ad4320182433c0546ac1e34bc9fd046e4a0ed9"), + nonce: &hex!("d27dd6212b6defdcbbc701bb"), + plaintext: &hex!("b4def1251427ade064a9614e353dda3f"), + aad: &hex!("3bc12f3bb88ea4f8a2184959bb9cd68911a78458b27e9b528ccecafe7f13f303dc714722875f26b136d18a3acfe82b53ad5e13c71f3f6db4b0fd59fffd9cd4422c73f2c31ac97010e5edf5950dc908e8df3d7e1cbf7c34a8521e"), + ciphertext: &hex!("88f94965b4350750e11a2dc139ccaef1"), + tag: &hex!("8a61f0166e70c9bfdd198403e53a68a5"), + }, + GcmTV { + key: &hex!("c3f10586f246aacadcce3701441770c03cfec940afe1908c4c537df4e01c50a0"), + nonce: &hex!("4f52faa1fa67a0e5f4196452"), + plaintext: &hex!("79d97ea3a2edd65045821ea745a44742"), + aad: &hex!("46f9a22b4e52e1526513a952dbee3b91f69595501e0177d50ff364638588c08d92fab8c58a969bdcc84c468d8498c4f06392b99ed5e0c484507fc48dc18d87c40e2ed848b43150be9d36f14cf2cef1310ba4a745adcc7bdc41f6"), + ciphertext: &hex!("560cf716e56190e9397c2f103629eb1f"), + tag: &hex!("ff7c9124879644e80555687d273c55d8"), + }, + GcmTV { + key: &hex!("ad70ebcf889e88b867ded0e4838ca66d6991499046a5671d99e91ed463ae78b1"), + nonce: &hex!("561e13b335718fcbee364100"), + plaintext: &hex!("82d5568872a4cef12238c0feb14f0fb4"), + aad: &hex!("e037bd7306eec185b9cb4e3bf295232da19005957086d62e6fb342284f05feaa0e81d6c95071e7e4d7b6aad7b00f7e7863dd0fc16303a8304bb8855305f28067f4be71eed95ff90e046382116229f0fd3d2c3ef2e87e0d0e7950"), + ciphertext: &hex!("771c6d091f8190ddbdb8886d9ce2ebd5"), + tag: &hex!("5009abd1ebeb26dab852346ea6d8aee3"), + }, + GcmTV { + key: &hex!("a452fa24b381e7165ee90f3371c2b0db2176f848a0354c78e92f2f1f89bbc511"), + nonce: &hex!("4bd904dfe18241eb5455d912"), + plaintext: &hex!("3f43df23ea940f3680a4b679b56db579"), + aad: &hex!("64f1a9d21deb183cff84f1aef5be83dbfc72e275f229eb5d59ace143605e8901dfa8f4724be24c86b5429bc84b629971fe1f9663b7537427b45dfb67d5f04506df4ee2c33d7f15af9f6e86058b131b7e6042b43a55bf6915f048"), + ciphertext: &hex!("c054974c4562f8536aef2734f10e09fc"), + tag: &hex!("2c5cafaf7b1f7581c5ec13080994e33c"), + }, + GcmTV { + key: &hex!("209ea3c4dd0420a4d63dbb72099a0202c9b0709f3b1221565f890511eef8005b"), + nonce: &hex!("43775083e4008816129f5d40"), + plaintext: &hex!("b4967f8c4fb1b34b6ff43a22d34fae5c"), + aad: &hex!("9abc653a2347fc6e5a8cb9bdc251dff7c56109797c387494c0ed55570330961eb5b11087603e08ad293d0dd55571008e62d1163f67cf829e28d27beba65553bd11d8838f8a7a5f1fe05500befbaf97839801e99ecf998882c707"), + ciphertext: &hex!("a8d22a6e25232938d3f8600a66be80da"), + tag: &hex!("2ef93cc03c17bbfb6626144697fd2422"), + }, + GcmTV { + key: &hex!("dabd63ac5274b26842c2695c9850d7accc1693ee2aeee1e2e1338bbbc5b80f87"), + nonce: &hex!("fd6790d620f12870b1d99b31"), + plaintext: &hex!("4a28048f5683679a557630a661f030e2"), + aad: &hex!("e4a06b9b205a7faadb21dc7fea8a0de0e013d717b61b24ec42f81afc8cdbc055573e971375da2fa5103a091317eab13b6a110ea211af257feabf52abafec23fd5b114b013d5c052199020573f8b7b7ae6958f733e87efa0426c2"), + ciphertext: &hex!("196d0345df259b47665bc233b798ebba"), + tag: &hex!("b0729d8b427ad048a7396cedf2257338"), + }, + GcmTV { + key: &hex!("b238df5e52e649d4b0a05e53020ac59e7d5bf49b8d04f8c30c356ed62dba9ed1"), + nonce: &hex!("f153f093c9a3479f999eda04"), + plaintext: &hex!("d48e779766afa73d7e04fc6fc3fa825e"), + aad: &hex!("45b5df0c15140e5ce7a19f4e02834e6027971e3e0e719626c29081a6301e95c71214345afac1908bb75ff2d3281261e6c5f41dc4e4796f054174a64f8e177f3f33321edfbd263e204135699428a09f34eb344211bfb9fac9afba"), + ciphertext: &hex!("b1989eb510843d8f35205dc3f949522f"), + tag: &hex!("616089990729228f673099514824d9b4"), + }, + GcmTV { + key: &hex!("f3dc2456d3b8947591a2d82b7319226b0f346cd4361bcc13b56da43e072a2774"), + nonce: &hex!("7a8acb5a84d7d01e3c00499e"), + plaintext: &hex!("ad075da908231ff9aae30daa6b847143"), + aad: &hex!("5e6be069effee27d34a8087c0d193f9f13e6440dc9fabfe24f6c867f831d06789d0dce92b2e3ff3ab9fe14202a8b42f384c25e3f3753dd503ec907a9b877f1707d64e4ac42909a7dee00c87c4a09d04de331515460ed101f5187"), + ciphertext: &hex!("9f224f2a1a1fbaade8b87b748971c0ac"), + tag: &hex!("cb5089d9dfaebf98e4b36ebc5f9a1a50"), + }, + GcmTV { + key: &hex!("f5a56b69a1562c77e8edebc327a20295c2eba7d406d899a622c53539626c9d72"), + nonce: &hex!("a395b8aca4508a6a5f3cb4d8"), + plaintext: &hex!("7de4638701bd2b600d7f8d26da7a75bc"), + aad: &hex!("2e4fca2b163e4403971716015386cd81bdd1e57f00f2936da408098341011f2644a38ddad799f70eaa54f6e430d4853ff2b9c44a35123670879a83120bd555c76b95b70de0c8054f9d08539a5795e70a2446d7b9fab3f7887c6b"), + ciphertext: &hex!("6508be2698ba9889b4e445b99190a5c5"), + tag: &hex!("3394106f257c2e15c815430f60bc24ba"), + }, + GcmTV { + key: &hex!("376371a780947256c52f07d80bb25a4d7e919ca8bd693b1a0ccbca748d2ce620"), + nonce: &hex!("27d7170f6f70f2fc40dfca78"), + plaintext: &hex!("7a279f9f8568b7c307490549b259226c"), + aad: &hex!("272c3559398ad774fa4b6895afc92870b2b92d310fa0debf0b7960e1fe38bfda64acd2fef26d6b177d8ab11d8afceee77374c6c18ad405d5ae323ad65fb6b04f0c809319133712f47636c5e042f15ed02f37ee7a10c643d7b178"), + ciphertext: &hex!("32284379d8c40ec18ee5774085d7d870"), + tag: &hex!("dcdee1a757f9758c944d296b1dabe7b2"), + }, + GcmTV { + key: &hex!("82c4f12eeec3b2d3d157b0f992d292b237478d2cecc1d5f161389b97f999057a"), + nonce: &hex!("7b40b20f5f397177990ef2d1"), + plaintext: &hex!("982a296ee1cd7086afad976945"), + aad: b"", + ciphertext: &hex!("ec8e05a0471d6b43a59ca5335f"), + tag: &hex!("113ddeafc62373cac2f5951bb9165249"), + }, + GcmTV { + key: &hex!("db4340af2f835a6c6d7ea0ca9d83ca81ba02c29b7410f221cb6071114e393240"), + nonce: &hex!("40e438357dd80a85cac3349e"), + plaintext: &hex!("8ddb3397bd42853193cb0f80c9"), + aad: b"", + ciphertext: &hex!("b694118c85c41abf69e229cb0f"), + tag: &hex!("c07f1b8aafbd152f697eb67f2a85fe45"), + }, + GcmTV { + key: &hex!("acad4a3588a7c5ec67832baee242b007c8f42ed7425d5a7e57b1070b7be2677e"), + nonce: &hex!("b11704ba368abadf8b0c2b98"), + plaintext: &hex!("2656b5fbec8a3666cad5f460b7"), + aad: b"", + ciphertext: &hex!("35c7114cabe39203df19413a99"), + tag: &hex!("16f4c7e5becf00db1223476a14c43ebc"), + }, + GcmTV { + key: &hex!("e5a0eb92cc2b064e1bc80891faf1fab5e9a17a9c3a984e25416720e30e6c2b21"), + nonce: &hex!("4742357c335913153ff0eb0f"), + plaintext: &hex!("8499893e16b0ba8b007d54665a"), + aad: b"", + ciphertext: &hex!("eb8e6175f1fe38eb1acf95fd51"), + tag: &hex!("88a8b74bb74fda553e91020a23deed45"), + }, + GcmTV { + key: &hex!("e78c477053f5dae5c02941061d397bc38dda5de3c9c8660a19de66c56c57fd22"), + nonce: &hex!("4f52c67c2bb748d192a5a4e2"), + plaintext: &hex!("91593e21e1f883af5c32d9be07"), + aad: b"", + ciphertext: &hex!("e37fbc56b0af200a7aa1bbe34e"), + tag: &hex!("29fe54eaaccf5e382601a15603c9f28c"), + }, + GcmTV { + key: &hex!("d0b13482037639aa797471a52b60f353b42e0ed271daa4f38a9293191cb78b72"), + nonce: &hex!("40fb7cae46adf3771bf3756a"), + plaintext: &hex!("938f40ac8e0e3b956aac5e9184"), + aad: b"", + ciphertext: &hex!("7dca05a1abe81928ccfb2164dd"), + tag: &hex!("5ea53ee170d9ab5f6cc047854e47cf60"), + }, + GcmTV { + key: &hex!("46da5ec688feead76a1ddcd60befb45074a2ef2254d7be26abdfd84629dbbc32"), + nonce: &hex!("9fb3b2b03925f476fc9a35f3"), + plaintext: &hex!("a41adc9fb4e25a8adef1180ec8"), + aad: b"", + ciphertext: &hex!("f55d4cbe9b14cea051fe7a2477"), + tag: &hex!("824753da0113d21186699dbb366c0589"), + }, + GcmTV { + key: &hex!("de3adf89f2fe246c07b0ce035f4af73cf2f65e5034dcfecfe9d7690ae1bdbd96"), + nonce: &hex!("a94aa4df0d8451644a5056c0"), + plaintext: &hex!("96825f6d6301db14a8d78fc2f4"), + aad: b"", + ciphertext: &hex!("784c6c3c24a022637cbc907c48"), + tag: &hex!("1eeaeddcdb4c72c4e8966950a319a4ef"), + }, + GcmTV { + key: &hex!("03c362288883327f6289bc1824e1c329ce485e0ce0e8d3405245283cf0f2eae2"), + nonce: &hex!("5de9f882c915c72729b2245c"), + plaintext: &hex!("f5c1c8d41de01d9c08d9f47ece"), + aad: b"", + ciphertext: &hex!("61af621953a126a2d1de559e92"), + tag: &hex!("fbdeb761238f2b70c5fb3dde0a7978f3"), + }, + GcmTV { + key: &hex!("e9ead7c59100b768aa6367d80c04a49bcd19fa8cc2e158dc8edeec3ea39b657d"), + nonce: &hex!("e81854665d2e0a97150fbab3"), + plaintext: &hex!("f8ccf69c52a873695367a42940"), + aad: b"", + ciphertext: &hex!("af2a7199602ee9ed2020c7b4cd"), + tag: &hex!("29715945ab1c034ecfcd91a466fc822e"), + }, + GcmTV { + key: &hex!("bc3e5b0fe423205904c32f870b9adec9d736a1616624043e819533fa97ed9b79"), + nonce: &hex!("335fe5180135673ce1a75144"), + plaintext: &hex!("295df9665eef999204f92acf24"), + aad: b"", + ciphertext: &hex!("3ac2a8a1b505a84677adfdb396"), + tag: &hex!("21f20aa0bb77d46d7290bc9c97a7a7bd"), + }, + GcmTV { + key: &hex!("ce889c73e0d64e272aba4bf9777afc7ee6457ddc9626ad931708ed7530d71b99"), + nonce: &hex!("fe61a6cda62fecd4e3b0c562"), + plaintext: &hex!("e2ae40ba5b4103b1a3066c1b57"), + aad: b"", + ciphertext: &hex!("185aa3508a37e6712b28191ec2"), + tag: &hex!("9ec1d567585aa467730cce92e536728e"), + }, + GcmTV { + key: &hex!("41e0cb1aed2fe53e0b688acb042a0c710a3c3ae3205b07c0af5191073abdfba9"), + nonce: &hex!("2f56e35216d88d34d08f6872"), + plaintext: &hex!("6482df0e4150e73dac51dc3220"), + aad: b"", + ciphertext: &hex!("9cb09b9927dfbe0f228e0a4307"), + tag: &hex!("fe7e87a596d63e2ab2aae46b64d466e8"), + }, + GcmTV { + key: &hex!("52a7662954d525cb00602b1ff5e937d41065ac4b921e284ffac73c04cfd462a0"), + nonce: &hex!("baffe73856ab1a47fb1feebf"), + plaintext: &hex!("9d0b5ca712f97caa1875d3ad87"), + aad: b"", + ciphertext: &hex!("fd01165380aedd6be226a66af3"), + tag: &hex!("35a492e39952c26456850b0172d723d1"), + }, + GcmTV { + key: &hex!("c4badb9766986faeb888b1db33060a9cd1f02e1afe7aaaea072d905750cb7352"), + nonce: &hex!("cc6966e9d81a298a561416d4"), + plaintext: &hex!("de68fb51731b45e7c2c5063923"), + aad: b"", + ciphertext: &hex!("f5be41f2c8c32e01098d433057"), + tag: &hex!("c82b1b012916ab6ed851d59829dad8ab"), + }, + GcmTV { + key: &hex!("dad89d9be9bba138cdcf8752c45b579d7e27c3dbb40f53e771dd8cfd500aa2d5"), + nonce: &hex!("cfb2aec82cfa6c7d89ee72ff"), + plaintext: &hex!("b526ba1050177d05b0f72f8d67"), + aad: &hex!("6e43784a91851a77667a02198e28dc32"), + ciphertext: &hex!("8b29e66e924ecae84f6d8f7d68"), + tag: &hex!("1e365805c8f28b2ed8a5cadfd9079158"), + }, + GcmTV { + key: &hex!("0d35d3dbd99cd5e088caf686b1cead9defe0c6001463e92e6d9fcdc2b0dcbaf6"), + nonce: &hex!("f9139eb9368d69ac48479d1f"), + plaintext: &hex!("5e2103eb3e739298c9f5c6ba0e"), + aad: &hex!("825cc713bb41c789c1ace0f2d0dd3377"), + ciphertext: &hex!("8ff3870eec0176d9f0c6c1b1a2"), + tag: &hex!("344234475538dc78c01f249f673e0862"), + }, + GcmTV { + key: &hex!("d35d64f1872bdcb422228f0d63f8e48977ed68d143f648ae2cd852f944b0e6dd"), + nonce: &hex!("0b2184aadbe8b515924dda5e"), + plaintext: &hex!("c8f999aa1a08871d74db490cf3"), + aad: &hex!("888f328d9e9eebbb9cb2704b5b880d66"), + ciphertext: &hex!("ad0d5e7c1065a34b27a256d144"), + tag: &hex!("8c8e7076950f7f2aeba62e1e761650d5"), + }, + GcmTV { + key: &hex!("9484b7ce3c118a8a2d556c2f7ba41fca34f60c9ea1070171459c9e7487c9537e"), + nonce: &hex!("87bc033522ae84d2abe863c5"), + plaintext: &hex!("14d8004793190563825e273dda"), + aad: &hex!("07ee18737b9bf8223979a01c59a90eb4"), + ciphertext: &hex!("43034a2c57ccacc367796d766a"), + tag: &hex!("4c981ca8b6e9e52092f5435e7ef55fbb"), + }, + GcmTV { + key: &hex!("4f4539e4a80ec01a14d6bb1bae0010f8a8b3f2cd0ac01adf239a9b2b755f0614"), + nonce: &hex!("2b6f00ce1570432bf52fdcac"), + plaintext: &hex!("820cc9389e7e74ca1cbb5a5fe6"), + aad: &hex!("0d72a13effe40544c57cc18005b998cb"), + ciphertext: &hex!("99553fdf3e777e2a4b3b6a5538"), + tag: &hex!("3cbf51640a3a93c3662c738e98fb36a2"), + }, + GcmTV { + key: &hex!("2f5e93ee24a8cd2fc6d3765f12d2179ddb8397783e136af9e0ac75f16fca451e"), + nonce: &hex!("0dc3c70a191f3722641fd701"), + plaintext: &hex!("4e96463793cdeda403668c4aee"), + aad: &hex!("ebab30cbcc99905354e4ee6f07c7db87"), + ciphertext: &hex!("ab03f8ca7b1b150bdc26d4e691"), + tag: &hex!("020546afff4290c4c8ef7fc38035ebfd"), + }, + GcmTV { + key: &hex!("a902e15d06ef5ad334d0ec6502e936ee53ef3f3608f7708848b11cefa92983d1"), + nonce: &hex!("b9f3e966efa43ab4aca1f2d8"), + plaintext: &hex!("393ff3dfe51cd43543e4e29fcc"), + aad: &hex!("2eaa35c00bf1cf8a81919bd04b43fd97"), + ciphertext: &hex!("7e8928b450c622ac8efe29d5a0"), + tag: &hex!("5a285de95990aef171629350bbcaf46e"), + }, + GcmTV { + key: &hex!("96657976da7692004e271b594e8304f77db9c9e77859246bb30a16239ba76a53"), + nonce: &hex!("79226100afea30644876e79a"), + plaintext: &hex!("2b0833a065c3853ee27c8968d0"), + aad: &hex!("ede7a9072a0086b9a1e55d900747cf76"), + ciphertext: &hex!("19373168f1a4052a57c6b8146f"), + tag: &hex!("debbf044325384b90a0c442d95455fb9"), + }, + GcmTV { + key: &hex!("630ea13eb5f52378b976ba2662f824dc622920759a15d2e341c446b03ea7bd5c"), + nonce: &hex!("0f9ebe47682f93d44c4db314"), + plaintext: &hex!("5c734964878a4250a3bf61fdd6"), + aad: &hex!("5ad8e9cffe622e9f35bdb185473868e5"), + ciphertext: &hex!("67cb6d943340d002d3323fcc4e"), + tag: &hex!("f5dc0f88f236560c4e2a6d6c15d3c0de"), + }, + GcmTV { + key: &hex!("c64f8a3ac230dce61b53d7b584f2309384274d4b32d404bc0c491f129781e52d"), + nonce: &hex!("7f4b3bcf763f9e2d08516a6d"), + plaintext: &hex!("fe581128ae9832d27ec58bd7ac"), + aad: &hex!("89ed6945547ee5998de1bb2d2f0bef1e"), + ciphertext: &hex!("81d7a8fdaf42b5716b892199c9"), + tag: &hex!("8183aaff4c0973fe56c02c2e0c7e4457"), + }, + GcmTV { + key: &hex!("dd73670fb221f7ee185f5818065e22dda3780fc900fc02ef00232c661d7bffce"), + nonce: &hex!("c33de65344cfbf228e1652bd"), + plaintext: &hex!("ada4d98147b30e5a901229952a"), + aad: &hex!("e1a5e52427f1c5b887575a6f2c445429"), + ciphertext: &hex!("6ed4e4bd1f953d47c5288c48f4"), + tag: &hex!("404e3a9b9f5ddab9ee169a7c7c2cf7af"), + }, + GcmTV { + key: &hex!("f6c5d9562b7dbdd0bf628ddc9d660c27841b06a638f56601f408f23aa2f66f4e"), + nonce: &hex!("67280bcb945ba6eda1c6c80a"), + plaintext: &hex!("f4caead242d180fbd2e6d32d0c"), + aad: &hex!("5b33716567b6c67b78ea5cd9349bcaaf"), + ciphertext: &hex!("fdfa39517d89ea47e6ccb0f831"), + tag: &hex!("91f9b540ca90e310a1f5c12c03d8c25e"), + }, + GcmTV { + key: &hex!("ce1d242f13de7638b870e0aa85843ea43a9255a4fa4d32057347f38e0267daeb"), + nonce: &hex!("86562be4621b4d5eb1983075"), + plaintext: &hex!("d20e59a8ef1a7de9096c3e6746"), + aad: &hex!("d48a9490a0b7deb023460608b7db79ce"), + ciphertext: &hex!("35ce69fb15d01159c52266537c"), + tag: &hex!("dc48f7b8d3feeeb26fcf63c0d2a889ec"), + }, + GcmTV { + key: &hex!("512753cea7c8a6165f2ebbd3768cc7b951029bd527b126233cf0841aff7568c7"), + nonce: &hex!("b79221802d8d97978041fe84"), + plaintext: &hex!("c63d6c1006b615275c085730b1"), + aad: &hex!("22fa0605b955a33468f3e60160b907f2"), + ciphertext: &hex!("bdb5d7f24732bdba1d2a429108"), + tag: &hex!("fca923d2941a6fd9d596b86c3afb0ad9"), + }, + GcmTV { + key: &hex!("e7b18429e3edded2d992ca27afab99e438b8aff25fc8460201fabe08e7d48ec2"), + nonce: &hex!("9db9b7320aaac68538e37bf7"), + plaintext: &hex!("c4713bc67a59928eee50039901"), + aad: &hex!("283e12a26e1646087b5b9d8c123dde1f"), + ciphertext: &hex!("a5932f92bda107d28f2a8aaa74"), + tag: &hex!("9a1357fd8ed21fe14d1ca2e597c3ef17"), + }, + GcmTV { + key: &hex!("69b458f2644af9020463b40ee503cdf083d693815e2659051ae0d039e606a970"), + nonce: &hex!("8d1da8ab5f91ccd09205944b"), + plaintext: &hex!("f3e0e09224256bf21a83a5de8d"), + aad: &hex!("036ad5e5494ef817a8af2f5828784a4bfedd1653"), + ciphertext: &hex!("c0a62d77e6031bfdc6b13ae217"), + tag: &hex!("a794a9aaee48cd92e47761bf1baff0af"), + }, + GcmTV { + key: &hex!("97431e565e8370a4879de962746a2fd67eca868b1c8e51eece2c1f94f74af407"), + nonce: &hex!("17fb63066e2726d282ecc610"), + plaintext: &hex!("e21629cc973fbe40176e621d9d"), + aad: &hex!("78e7374da7c77be5938de8dd76cf0308618306a9"), + ciphertext: &hex!("80dbd469de480389ba6c2fca52"), + tag: &hex!("4e284abb8b4f9f13c7497ae56df05fa5"), + }, + GcmTV { + key: &hex!("2b14ad68f442f7f92a72c7ba909bcf995c827b439d39a02f77c9bf8f84ab04dc"), + nonce: &hex!("4c847ea59f83d82b0ac0bc37"), + plaintext: &hex!("b3c4b26ebbfc717f51e874587d"), + aad: &hex!("8eb650f662be23191e88f1cd0422e57453090e21"), + ciphertext: &hex!("3e288478688e60178920090814"), + tag: &hex!("a928dc026986823062f37ec825c67b95"), + }, + GcmTV { + key: &hex!("11f41bf7d4b9ac7b0035ce54481ed1502ff05cfae02ffba9e502f61bfe785351"), + nonce: &hex!("06f5cf8c12c236e094c32014"), + plaintext: &hex!("bee374a32293cad5e1b28419b3"), + aad: &hex!("d15cbde6290b7723625c99ffa82a9c4c03ed214d"), + ciphertext: &hex!("3f8122deb6dbe0ff596441203d"), + tag: &hex!("60ef7f3723710b9ab744f8eea00267f7"), + }, + GcmTV { + key: &hex!("18ca572da055a2ebb479be6d6d7164e78f592b159cdea76e9fe208062d7b3fa1"), + nonce: &hex!("1b041e534ae20748262f3929"), + plaintext: &hex!("cda2fa0015361ecf684c6ba7d1"), + aad: &hex!("e8a925d7ce18dd456b071cb4c46655940efbe991"), + ciphertext: &hex!("740d8d578e2e7522c31019f471"), + tag: &hex!("f2eeb5af1bfedd10570a137fe2566c3f"), + }, + GcmTV { + key: &hex!("0de2ac5bfec9e8a859c3b6b86dde0537029cdca2d0844bf3e1d98f370e199be1"), + nonce: &hex!("1778e308e0221288f1eb4c5a"), + plaintext: &hex!("575d93a3416763cbd371b5a671"), + aad: &hex!("1362264f5655f71986aa788efd48f6fc13bb6ab4"), + ciphertext: &hex!("8f8df7ca83bf876b63c78e2c9a"), + tag: &hex!("16c74e315aab97efafbe95c9dcaa2d0c"), + }, + GcmTV { + key: &hex!("b381535a085bc4808fa7a139c7204e8a87c7145dfc8f3900df1fa9a9844fab35"), + nonce: &hex!("21ddc54d3c633f4a344a0e42"), + plaintext: &hex!("e4d958cee583010bbfd3a53021"), + aad: &hex!("7ac3ba600e08363ddb57c45a8670bb4abb869db0"), + ciphertext: &hex!("c42c81a312759cdb032aafe852"), + tag: &hex!("0c472591db3df8a7c67164591542dcc9"), + }, + GcmTV { + key: &hex!("29f21e5029ea4964b96dc6f4c34b2df4cce02f2fcf0f168ffd470e7858e0a0ad"), + nonce: &hex!("63a1c1ccc328280a90ff96fe"), + plaintext: &hex!("dc12113764c13c21432ca1ba33"), + aad: &hex!("454f447433f0948581956c4be1b19d932e89b492"), + ciphertext: &hex!("1cb45aac5def93daef806b781e"), + tag: &hex!("f4b0723c89607b66c392049ba042db63"), + }, + GcmTV { + key: &hex!("2733d3aa52a9d70a9fbd6ce2364bb5f9004902aa5eeb17446e08f2bdcc41db15"), + nonce: &hex!("196c4addb84a58beb3674a7a"), + plaintext: &hex!("cbc50cafda2544bcd291e8a025"), + aad: &hex!("c9826fe31f29b55b9d0f9da9795869a1a98befe5"), + ciphertext: &hex!("7a89cc58ccb97ad3e54ca4a9c8"), + tag: &hex!("3990d9aba210182996fdbd91c2ae4801"), + }, + GcmTV { + key: &hex!("0c4b9005b407415c19672bcd0ebe169f66fe404f22529baf55568e0901e94922"), + nonce: &hex!("e51381e959a1f5688c938576"), + plaintext: &hex!("c6179bd3451d9299b727e8bd0a"), + aad: &hex!("0b512faeb4da740dcc1e30d3c7ea61035e8570b7"), + ciphertext: &hex!("4d3fe086c990f16020b4c5eed6"), + tag: &hex!("9ff2297845814719f851ab0943117efb"), + }, + GcmTV { + key: &hex!("fee442ba37c351ec094a48794216a51d208c6a5ba0e5bdb8f3c0f0dfc1e4ed63"), + nonce: &hex!("a666f2f0d42214dbaa6a2658"), + plaintext: &hex!("a2cf3ea0e43e435261cb663a3b"), + aad: &hex!("7198c12810345403862c5374092cc79b669baecc"), + ciphertext: &hex!("713d4050f8c7fd63c0c1bf2ad9"), + tag: &hex!("250a35e2b45ba6b0fe24512f8213d8cb"), + }, + GcmTV { + key: &hex!("77f754d0cf7dbdaf75cfe965ab131e8cd39087ee6d986dec4ad2ff08ebd7f14b"), + nonce: &hex!("e28a14f3107ca190d824ed5f"), + plaintext: &hex!("54a97a74889e55d8043451c796"), + aad: &hex!("1decf0cbc50a9da6dad4a785a941e4b95ce5aaa8"), + ciphertext: &hex!("eedbf8dd81eb19184589dcb157"), + tag: &hex!("7749edd752fab7e50dbc3b0b47678bf6"), + }, + GcmTV { + key: &hex!("0523f232001e68bd65a79837bbaf70ec2e20851301d8e12fddb5926acb2100cb"), + nonce: &hex!("2bb8d5cb3ceb15107582e1fa"), + plaintext: &hex!("6b4cdc9f9c5082d86a1d2e68fe"), + aad: &hex!("1f55bba71cb63df431ef8832c77499ee3c502067"), + ciphertext: &hex!("079fe90ef517ed2f614a3cd8ce"), + tag: &hex!("539c30590a2527f1d52dfae92920794c"), + }, + GcmTV { + key: &hex!("54c56ee869ebb112a408717eb40af6937fe51eb061b42277a10537e7db346b6a"), + nonce: &hex!("5bfb63e2f3e5b2e1b4343480"), + plaintext: &hex!("75f9496b8d0ca96ed3af02dcab"), + aad: &hex!("740ab07b9c5de2afa37f0788ae5230535c18203d"), + ciphertext: &hex!("827902e58c4c8b7af976f61842"), + tag: &hex!("036ee6473c2138f2a2c2841438cb0edc"), + }, + GcmTV { + key: &hex!("d968ffdbed6ffc259b4310e2e97e42d877ef5d86d2169928c51031983779a485"), + nonce: &hex!("633d0d8d3613c83b40df99dd"), + plaintext: &hex!("08cfc65fea9b07f0c01d29dfdf"), + aad: &hex!("9aadc8d8975ec0a3f5c960ce72aaec8ef0b42034"), + ciphertext: &hex!("7b450f162bdedc301b96a3ac36"), + tag: &hex!("970d97344b1451f3f969aeb972d352e6"), + }, + GcmTV { + key: &hex!("5f671466378f470ba5f5160e2209f3d95a48b7e560625d5a08654414de23aee2"), + nonce: &hex!("6b3c08a663d04132243dd96c"), + plaintext: &hex!("c428592d9f8a7f107ec4d0df05"), + aad: &hex!("12965559c31d538f937bda6eee9c93b0387318dc5d9496fb1c3a0b9b978dbfebff2a5823974ee9d679834dbe59f7ec51"), + ciphertext: &hex!("1d8d7fe4357080c817303ce19c"), + tag: &hex!("e88d6b566fdc7b4fd62106bd2eb806ec"), + }, + GcmTV { + key: &hex!("fbcc2e7faa4295080e40b141bef829ba9d34e0691231ad6c62b5109009d74b5e"), + nonce: &hex!("7f35d9ec651c5b0966573e2f"), + plaintext: &hex!("cdd251d449551fec080425d565"), + aad: &hex!("6330d16002a8fd51762043f2df06ecc9c535c96ebe33526d8faf767c2c2af3cd01f4e02fa102f15ce0236d9c9cef26de"), + ciphertext: &hex!("514c5523024dd4c7d59bd73b15"), + tag: &hex!("d3a399843e5776aa348e3e5e56482fff"), + }, + GcmTV { + key: &hex!("04ef660ec041f5c0c24209f959ccf1a2a7cdb0dba22b134ea9f75e6f1efdae4a"), + nonce: &hex!("0f5f6fbca29358217c8a6b67"), + plaintext: &hex!("0835b312191f30f931e65aa05f"), + aad: &hex!("505e205d13ec945391c7d6516af86255e82f38433f40404d4f1e42d23b33eb9e6dea5820dad60622d3a825fc8f01a5d2"), + ciphertext: &hex!("5ddc0f5963f0290c1a0fb65be7"), + tag: &hex!("106d1f8d26abe4b4b1e590cd5d85e737"), + }, + GcmTV { + key: &hex!("42d3ff74284395fb9db9b8c7a444fa400f7fc6b985a7fec2478667c7f17cf3ba"), + nonce: &hex!("89230fbed59d1226a093ad28"), + plaintext: &hex!("d8339e3618ba57a243a27c85d6"), + aad: &hex!("60342f97310446266b2e47b18e008979d07fc181151ac0939b495e7f31de1d0e74042532840ab91686efd7a402d27a94"), + ciphertext: &hex!("9bb6fa36fa167016109d521ac0"), + tag: &hex!("600909ef32ca62951ecbdc811caa7778"), + }, + GcmTV { + key: &hex!("e115c6468606a5f9b8e9a7c220d7d7684d686c9210a669770b6e4bf24447cd17"), + nonce: &hex!("029c7c9ee2d3ab26843e8b41"), + plaintext: &hex!("7abf84842f9867cfc5eabc7032"), + aad: &hex!("1befd9f97f99fc096deafde5e158ac86716c0ba32454988fe48ba4737684361849a221c03fc0948cb25b5f29d6a0cb2a"), + ciphertext: &hex!("851c7047fb09646fbddb824531"), + tag: &hex!("d0ac4110c8d768f0a804ecda387cfa30"), + }, + GcmTV { + key: &hex!("56552f0cef34673a4c958ff55ad0b32c6ababa06cb3ae90178ab1c9a1f29c0e5"), + nonce: &hex!("b34d24935407e8592247ffff"), + plaintext: &hex!("dbd6cc358b28ab66a69f5238d4"), + aad: &hex!("b199437da189486a8fd1c2fa1fe3ebbb116f0ef41415bb7c8065272fb0b2fe8edca9cd0d4255d467e77f2834be557474"), + ciphertext: &hex!("76dc8d035e5ca4001e4e3fcb18"), + tag: &hex!("49c01f735da1131cd42b01b746fd38de"), + }, + GcmTV { + key: &hex!("d4f405ba556e6fe74b7e6dbdd7a8eae36376d1ca7a98d567d108729aeae5c326"), + nonce: &hex!("df6637c98a6592843e0b81ef"), + plaintext: &hex!("abe87641e9a5169f90179d3099"), + aad: &hex!("a5328cbabdfe6c3c1d4f5152189072dade71e2bacd857d3ce37ee9e3161eb0f20de5a29b7999fd9c7c60cdc03751bd1b"), + ciphertext: &hex!("06f9cf9677745e78c6c02bf06b"), + tag: &hex!("5a3a76da0703c24a9588afb2ac1a9e13"), + }, + GcmTV { + key: &hex!("4f667f65ea4569264456e25de498579036d6a604c18baf770bb626d8a1c68e4f"), + nonce: &hex!("43e27d275abefdd45137c8ff"), + plaintext: &hex!("eaa2498ce27e5658489381b6ec"), + aad: &hex!("264b807b4631d7c87ee9f1507082f5af9218f531b4630141f3c94939aa7cf81c71ea540783995560bf7e6e02d196227f"), + ciphertext: &hex!("bac018bf2e7090e7f217ab3365"), + tag: &hex!("13e5a16a9ce7a88cda640de2c4fdc07e"), + }, + GcmTV { + key: &hex!("f5624a166759ef0b8168af6565649f7797fa92476e008c407458101e75831312"), + nonce: &hex!("521ca79ffc8930349abfc052"), + plaintext: &hex!("1fab3def2ea13e815f8746093b"), + aad: &hex!("6e2771ecd637361cb6b947148910f7d9206d6af176c510bb5dd5bc9b97ac015fb05537affbc1756625715374172fb456"), + ciphertext: &hex!("ca72ff15a7eb62a2839bcf0c43"), + tag: &hex!("475fff6d9e2382583c9614020844b92a"), + }, + GcmTV { + key: &hex!("ac1383a3c783d3d0667e944cbe1a6159647b96afa922557eb1cb6407546b98ca"), + nonce: &hex!("70366112dbe1bd905b900e3a"), + plaintext: &hex!("b8dd871f9d866867efbe551c3b"), + aad: &hex!("b7c1865927737bee802415277cf1a25b7380774a9d27b6a3253f077d36e9c4142df2bbbf3c03414ac09161626ce9367c"), + ciphertext: &hex!("ba181874380841791f64881534"), + tag: &hex!("c5641edf42c446873372bbbde1146642"), + }, + GcmTV { + key: &hex!("f37499d9b6ad2e7618e30a23082673008f3ae1938b9397c02a4da2453fb7e403"), + nonce: &hex!("18e112ea6a998d6f9705f7e0"), + plaintext: &hex!("31560b2114a248ffe0696fa130"), + aad: &hex!("736f1a71fb259f46c6519bb87451f238f47d80c74a016604499b02568f1c7bedf70f9597d7b62c1698c4f2631f4e9706"), + ciphertext: &hex!("0163f558be0142ebabde29a7bc"), + tag: &hex!("45579ce07ee64cdac3a7a42109ff44e7"), + }, + GcmTV { + key: &hex!("50b7f5118ef7ee22b107d93ceab9881ef9658931e80385d1ae92501b95e47d62"), + nonce: &hex!("d5113665039169978b7dc4db"), + plaintext: &hex!("9ba4cd5e600277f4c786ce827e"), + aad: &hex!("68ff6c63e94cb7dd2b8413662a56c88dc130b79b8b2e2388c1089b61fa51ea37819109b5ef64da1250f5d6b5d74cc392"), + ciphertext: &hex!("67842199482b28be56f7570d11"), + tag: &hex!("79e03841843fe32337b7c7409a2153bc"), + }, + GcmTV { + key: &hex!("d396941c9c59e6a7bc7d71bd56daf6eabe4bfb943151cdb9895103384b8f38b4"), + nonce: &hex!("f408f8c21f3825d7a87643ed"), + plaintext: &hex!("dc8ad6a50812b25f1b0af70bee"), + aad: &hex!("947bd9a904e03fdd2c91d038d26d48ac6e32afcad908eacd42a25f6240964656d5a493242d3f8a19119a4cd9957d9c42"), + ciphertext: &hex!("57e6d821079bb8a79027f30e25"), + tag: &hex!("de8c26d5a3da6be24b3f6ea1e2a0f0c6"), + }, + GcmTV { + key: &hex!("eca22b3a29761fd40031b5c27d60adbcfac3a8e87feb9380c429cfbcda27bd06"), + nonce: &hex!("4e6fe3d1f989d2efb8293168"), + plaintext: &hex!("44d6a6af7d90be17aac02049a4"), + aad: &hex!("29beb1f0bb6b568268b9c7383991a09fd03da7e1639488169e4f58ec6451cad6d4c62086eee59df64e52a36527733d8c"), + ciphertext: &hex!("9aaa295bb3db7f6335a4c8cf2f"), + tag: &hex!("55f7577163a130c0dbcde243ef216885"), + }, + GcmTV { + key: &hex!("fa3ce8b099f3a392624bc433b5265235b65c0952cfc54817be2a8003d057903c"), + nonce: &hex!("3168b4e50efe96b3d3aed600"), + plaintext: &hex!("84ed3ccd428d3783ecea180b3b"), + aad: &hex!("d451fa64d73b7d7eee8f8143c40bab8e3f7a58ee018acda23224974f64ac7e1e389f5058ec08664bf56492b932d15f42"), + ciphertext: &hex!("ee2bd527568a4e7537c8f939b6"), + tag: &hex!("f4615f7dfdffec8a2d52c992456210ad"), + }, + GcmTV { + key: &hex!("ff9506b4d46ba54128876fadfcc673a4c927c618ea7d95cfcaa508cbc8f7fc66"), + nonce: &hex!("3742ad2208a0484345eee1be"), + plaintext: &hex!("7fd0d6cadc92cad27bb2d7d8c8"), + aad: &hex!("f1360a27fdc244be8739d85af6491c762a693aafe668c449515fdeeedb6a90aeee3891bbc8b69adc6a6426cb12fcdebc32c9f58c5259d128b91efa28620a3a9a0168b0ff5e76951cb41647ba4aa1f87fac0d97ac580e42cffc7e"), + ciphertext: &hex!("bdb8346b28eb4d7226493611a6"), + tag: &hex!("7484d827b767647f44c7f94a39f8175c"), + }, + GcmTV { + key: &hex!("b65b7e27d552395f5f444f031d5118fb4fb226deb0ac4e82784b901accd43c51"), + nonce: &hex!("2493026855dd1c1da3af7b7e"), + plaintext: &hex!("8adb36d2c2358e505b5d214ad0"), + aad: &hex!("b78e31b1793c2b758494e9c8ae7d3cee6e3697d40ffba04d3c6cbe25e12eeea365d5a2e7b46c4245771b7b2eb2062a640e6090d9f81caf63207865bb4f2c4cf6af81898560e3aeaa521dcd2c336e0ec57faffef58683a72710b9"), + ciphertext: &hex!("e9f19548d66ef3c16b711b89e2"), + tag: &hex!("e7efc91bbf2026c3519010d65628e85f"), + }, + GcmTV { + key: &hex!("8e4f8859bc838f6a2e7deb1849c27b78878285e00caad67507d5e79105669674"), + nonce: &hex!("e71d0ebb691a4c31fdd9879c"), + plaintext: &hex!("bd1713d8d276df4367bf3cbb81"), + aad: &hex!("47ca6cef3ca77997ef1b04e3721469be440ad6812aa3674ae92ca016b391d202e29932edfa83029eccae90bd8dbe4b434e7304b28fe249b380b2c3c49324fd5b3e469e3e135abc1c9fd77828b409c7482e6a63461c0597b14e5c"), + ciphertext: &hex!("eecbfb74e314628b0e3f827881"), + tag: &hex!("c9ea890294d7e10f38b88e7c7493c5f8"), + }, + GcmTV { + key: &hex!("2530cdcb2a789000822588a31bdc87c09234838da2d6ae1259c7049186525f11"), + nonce: &hex!("0c509faa257dbb0e743a53ac"), + plaintext: &hex!("a8edc524930ce4c20897c66f75"), + aad: &hex!("92a92cb8c1984ede806028cc45ac95574167ee83f03a707cc4b0fb8ad70907e0016e38b650f4a75bc83a625e3c670701d43bfb0326d1c4fe7c68410733c0c874c920389d164bf67a9032e2e837f5e9e324b97932d1f917ba7dca"), + ciphertext: &hex!("1f658c7a1f41152b22999ed1b7"), + tag: &hex!("cf3e4fef775d9c6ff3695be2602a90d8"), + }, + GcmTV { + key: &hex!("54c31fb2fb4aab6a82ce188e6afa71a3354811099d1203fe1f991746f7342f90"), + nonce: &hex!("f0fe974bdbe1694dc3b06cc6"), + plaintext: &hex!("fbb7b3730f0cd7b1052a5298ee"), + aad: &hex!("2879e05e0f8dd4402425eabb0dc184dcd07d46d54d775d7c2b76b0f76b3eed5f7ca93c6ae71bf509c270490269ea869ed6603fdf7113aa625648ab8ed88210f8b30ec9c94bca5757ca3d77491f64109101165636b068e3095cb4"), + ciphertext: &hex!("3a5a2a8aa93c462cfb80f1f728"), + tag: &hex!("59ef9d54ee01fb6cd54bd0e08f74096f"), + }, + GcmTV { + key: &hex!("8084061d0f7858a65c3a3557215ed46f1590278ca97a45dcb095d2a0979f2e3f"), + nonce: &hex!("6973898b1a8f72856415675b"), + plaintext: &hex!("200d0445cb09eb52f54d2f74c6"), + aad: &hex!("8b543e294546848c3308ccea302f0238b7dffc1706d03657c190ea745cc75bcd5a437993e787828ea7fe42fea1d5c6f7229a72ea65f0d0c190989a590ab49c54726633282c689eef8cf852af263b5edf63e449fd5440730003ca"), + ciphertext: &hex!("ec242c358193ca6187c89aa7a5"), + tag: &hex!("967428ac6956525ba81d5901ed259407"), + }, + GcmTV { + key: &hex!("2aad7db82df4a0d2ec85218da9d61ade98f65feeb8532d8eb728ef8aac220da6"), + nonce: &hex!("029ac2e9f5dc3d76b0d1f9df"), + plaintext: &hex!("ba363912f6207c54aecd26b627"), + aad: &hex!("d6f4b6232d17b1bc307912a15f39ccd185a465ee860279e98eb9551498d7b078271ebabdda7211e6b4ab187043171bc5e4bf9ffcf89a778430e735df29410a45ca354b0003433c6bc8593ee82e7c096a32eac76d11daa7d64150"), + ciphertext: &hex!("bfcad32611da275a0f0821517c"), + tag: &hex!("9ea37bdcaafad69caf06d67fb18dd001"), + }, + GcmTV { + key: &hex!("f70bb950ab56f12f1efc2376d32a59d16ef3ef5969e0106ab40cc314c9b0c7e8"), + nonce: &hex!("3b3b29ba422c2bacafeeb8b3"), + plaintext: &hex!("029929277043dc0379f152a484"), + aad: &hex!("464ac0c84b9ff17a0e7c39a65f89682a89b8787553a6275f0d55effaabef2114072c739f9831a5d5a5133ae4de14eb51346b318b255a1bff57e50c433e1e69a00fe1a8b6f6b621d515d670d89e148f6b65d6eb4c54878cb819ce"), + ciphertext: &hex!("c0b97d6d1a95d708d6dc7d2b95"), + tag: &hex!("322eb4395bf4d4dd070b8f9f6195f8ee"), + }, + GcmTV { + key: &hex!("f4950f01cb11fdd9afb297f7aa852facfac354ff96557befa5f657678de6cefb"), + nonce: &hex!("aba7d864f29cbc449cd93e33"), + plaintext: &hex!("e6daf59ef54ac7405984fc4c4e"), + aad: &hex!("852f624cea7a8c20e189e0c79f578c0d770c4bf7c4e691649eba992f6de89d7bf2078aff94803a3dc62628e02a80a01957722e2a931fc56283d84ab68ce11ae867835c2d9700df130048ea8eaaca41f1a9059be2acaea6e0f7f2"), + ciphertext: &hex!("d01d36ff8009b4082279abb906"), + tag: &hex!("d9a36c8008493bd95c09049299cbd075"), + }, + GcmTV { + key: &hex!("714261ef4f02fb4efb0e6b5aed96d7b3ceac6551a57cf679da179c01aac5ee0e"), + nonce: &hex!("3b7d15c7fd877461a789255a"), + plaintext: &hex!("815de8b0382fe60cb0d3782ee9"), + aad: &hex!("7621e58152336ee415f037f2e11581fe4da545c18d6e80177d5ab5dda89a25e8057d6fccec3757759a6e86e631080c0b17baa8be0b8fe579d3bfa97937ee242b6faacfc09425853df4dc26bc263ed1083a73ffc978c9265f8069"), + ciphertext: &hex!("29c566ea47752a31a380fd0e7c"), + tag: &hex!("b279340a384dbbae721c54e9183b3966"), + }, + GcmTV { + key: &hex!("53459ba5a2e49d1a7c2fb6ad9e6961b4dbe5158cb9266eff425d6dcccaaf8073"), + nonce: &hex!("3c97dc635a75fbe2c33c9a41"), + plaintext: &hex!("03fbfe5842ed781990ca8be728"), + aad: &hex!("7fe308afe58a927680bee3368301f4dc7c47811fc09f1b9922a092a497b9c6b67c857fdcc32da1011acb110b3c1475bef303f1a609479485cc400ee8f38381c45d078708ad49f226f95dd9c81478d1ee2b53c3b906d96f8ddd76"), + ciphertext: &hex!("5865e5a1ec711732a4ee871bff"), + tag: &hex!("856a653ec214178096bed423e30a36e9"), + }, + GcmTV { + key: &hex!("f0501583c226d2519ed23fcc6f2cffd2f013eb91aa07b3a5a2073d6e2bd10cef"), + nonce: &hex!("29a922ad9bdeddc2e298b99f"), + plaintext: &hex!("035eb6922345c02a81435d9e77"), + aad: &hex!("d84f54bac09ea92afe0a7335cb0bb5f68425490fd2fb6c3b99218f49856ed427ec902e510b899d54951fe84cdbfd112608d1e999f64ecc9cd4be3a0114c1c34875dbf35a1b0be421659f99d69b32e968cebfca6f95837e3edeb4"), + ciphertext: &hex!("095971f99af467805a62bfb882"), + tag: &hex!("d5ff2b7beac260e517ea3eca13ff1e77"), + }, + GcmTV { + key: &hex!("78e6789b596c71cb3becc833cf823d2ebb18ca2e26c27e26a55ef95df7353971"), + nonce: &hex!("65da9c7a9f17b11246bcf8db"), + plaintext: &hex!("003e82a147df3c953400f87ab5"), + aad: &hex!("d49aee7ffd31e7c8d831d97ae894a00473adbc5071f6099d567caaef85c295d5143a1316ff82753cc35d3efc60f7e5101ddd811336b404d598f6c439cce6b47fcbebb15d1c342e4151b355025a03b4397260b4a7e6444fa57b5b"), + ciphertext: &hex!("abcceced40209fc30a5590fee8"), + tag: &hex!("0a203973b81375949ebd932597efd495"), + }, + GcmTV { + key: &hex!("816b3e6ca31d59688c20bcd1fa4285197735d8734289ca19a4730e56f1631ccf"), + nonce: &hex!("4c191ac994f86985c180ccd4"), + plaintext: &hex!("b2060dd86bc307133b7d365830"), + aad: &hex!("b3dcd643c68ccce186570c63288c8722b8a13dfaf9e71f44f1eeb454a44dddf5f955540cd46c9f3b6f820588f71936d7a8c54c7b7bc43f58bb48e6416149feae7a3f8d8198a970811627489266a871e8cb87878cdb3a48be65f5"), + ciphertext: &hex!("53e65880ad0012a75f1188996f"), + tag: &hex!("9ca8a71a45eb4402a6b03106bae330d1"), + }, + GcmTV { + key: &hex!("a07ba57478061bd7abddd762971cf2e47141891f76c3d1c150b53eee5704557d"), + nonce: &hex!("5adfb85b2d9e239c5146501d"), + plaintext: &hex!("67c8824c1837cfdec6edcd719c"), + aad: &hex!("937b3ed73e67ca0b02f9eb736a668362d4d0447c15f6083099a7f90c7c49318dd72f6baa74da22ff53b56c24fb9a1b1d6c4e29f4ac4d917220ebe3c8d760999da7be9e1e8f6a171133640c9196f9ee3cdb76a5a342a95a05c8c4"), + ciphertext: &hex!("1eb85c6682850e849eb37927e5"), + tag: &hex!("8079f705cf551a5484132cd0f0c5297c"), + }, + GcmTV { + key: &hex!("268ed1b5d7c9c7304f9cae5fc437b4cd3aebe2ec65f0d85c3918d3d3b5bba89b"), + nonce: &hex!("9ed9d8180564e0e945f5e5d4"), + plaintext: &hex!("fe29a40d8ebf57262bdb87191d01843f4ca4b2de97d88273154a0b7d9e2fdb80"), + aad: b"", + ciphertext: &hex!("791a4a026f16f3a5ea06274bf02baab469860abde5e645f3dd473a5acddeecfc"), + tag: &hex!("05b2b74db0662550435ef1900e136b15"), + }, + GcmTV { + key: &hex!("c772a8d5e9f3384f16be2c34bf9afd9ebf86b69e6f610cd195a9db169e9be17e"), + nonce: &hex!("9b8e079f9971d7352e6810a3"), + plaintext: &hex!("7f13fcaf0db79d792823a9271b1213a98d116eff7e8e3c86ddeb6a0a03f13afa"), + aad: b"", + ciphertext: &hex!("d29e2bf3518668a14f17a3e4e76e1b43685734b801118d33a23238f34d18aa40"), + tag: &hex!("8e02b0b7d172cf5e2578f5b30fac2e7a"), + }, + GcmTV { + key: &hex!("d5924b31676e2354fe7dafffaf529749598ea1bf5e4c44f5b60240e09d8036aa"), + nonce: &hex!("5d847784f0bcd79cb84fcf1d"), + plaintext: &hex!("6fd80c8f0d4de081a93c16b84dec697a1e4f9d80a6af497c561572645eac0d63"), + aad: b"", + ciphertext: &hex!("282cc9d2308a443019cfdc4d79854accc7731ee36902bafe3ffaca6484327b82"), + tag: &hex!("4dc5e0f2ab91bdfd31f2bdcf06af9667"), + }, + GcmTV { + key: &hex!("b328c6d7946221a08c4f0509b52992a139890cdd8eae1956851f110c49602cb5"), + nonce: &hex!("1a433c33ca12ce26cf3dffff"), + plaintext: &hex!("217bdc314a4d335c72b5267b424fc8e31f4bb118e6cfaeacf5548f4ba8f51980"), + aad: b"", + ciphertext: &hex!("a322944e07bf84ab424ffa75fd0309e8691c9036b08f344ba76ce0774f43b351"), + tag: &hex!("14dd6b1c2b224533ccc9fee8d2881358"), + }, + GcmTV { + key: &hex!("c2080965d21d229c0d0d6c56cbce83880120c21a48172a64560b90dc4ce1ffbe"), + nonce: &hex!("928d6c0195f5f0974f38730b"), + plaintext: &hex!("864397271e1b242aa1dff38e78aa89353e1554ba907318a0aaad44f26fcd567d"), + aad: b"", + ciphertext: &hex!("7de4f941f44bd0f268b2a47b9c4927cc10537bbed739d52ab099fde4033041d1"), + tag: &hex!("b51a59931817257619e7be1091128c49"), + }, + GcmTV { + key: &hex!("dd6b7e2584edf1f1e6c2c0dd1f72161a92d2cba99856554f820de1256d48c099"), + nonce: &hex!("fe9d553c75067e8dbae1ab67"), + plaintext: &hex!("f9f86f7762859f11d6e7ef56178657ddcded532843446f86a23eac35aa2dd3c0"), + aad: b"", + ciphertext: &hex!("f7aaa1711c8092783b05b4e5e6c9c6944e991bd59c94b9d0356df00a66e2db5b"), + tag: &hex!("c61edd176c8322a01d8c5f3df09252e9"), + }, + GcmTV { + key: &hex!("37f39137416bafde6f75022a7a527cc593b6000a83ff51ec04871a0ff5360e4e"), + nonce: &hex!("a291484c3de8bec6b47f525f"), + plaintext: &hex!("fafd94cede8b5a0730394bec68a8e77dba288d6ccaa8e1563a81d6e7ccc7fc97"), + aad: b"", + ciphertext: &hex!("44dc868006b21d49284016565ffb3979cc4271d967628bf7cdaf86db888e92e5"), + tag: &hex!("01a2b578aa2f41ec6379a44a31cc019c"), + }, + GcmTV { + key: &hex!("a2ef619054164073c06a191b6431c4c0bc2690508dcb6e88a8396a1391291483"), + nonce: &hex!("16c6d20224b556a8ad7e6007"), + plaintext: &hex!("949a9f85966f4a317cf592e70c5fb59c4cacbd08140c8169ba10b2e8791ae57b"), + aad: b"", + ciphertext: &hex!("b5054a392e5f0672e7922ac243b93b432e8c58274ff4a6d3aa8cb654e494e2f2"), + tag: &hex!("cf2bbdb740369c140e93e251e6f5c875"), + }, + GcmTV { + key: &hex!("76f386bc8b93831903901b5eda1f7795af8adcecffa8aef004b754a353c62d8e"), + nonce: &hex!("96618b357c41f41a2c48343b"), + plaintext: &hex!("36108edad5de3bfb0258df7709fbbb1a157c36321f8de72eb8320e9aa1794933"), + aad: b"", + ciphertext: &hex!("b2093a4fc8ff0daefc1c786b6b04324a80d77941a88e0a7a6ef0a62beb8ed283"), + tag: &hex!("e55ea0456af9cdff2cad4eebbf00da1b"), + }, + GcmTV { + key: &hex!("6fb2d130bbad1924cab37d071553b12169e978a805bf74cb4c23d5ccd393d7bb"), + nonce: &hex!("76826741225a391fdce4d3b6"), + plaintext: &hex!("c49b80080e2efeb5724b9e5b53ba0c302e97bd16f1a6bbec01e1ca6c35a42a3c"), + aad: b"", + ciphertext: &hex!("62fbe5466a7ff83ff719f4927e00e9319e1bb7e835c5d6b4e9d4bc5a8d6e2beb"), + tag: &hex!("df72da7a66cb5257836f3c19ecadcd55"), + }, + GcmTV { + key: &hex!("402e8113970257d9437807620098370243536a105cca4fbc81a1ff2d48874f48"), + nonce: &hex!("c924c19c4d14905a2bdf63bf"), + plaintext: &hex!("917b9585f65e59bf4d242bb0802966045dd29fbc66911277baecdfcc818c3c35"), + aad: b"", + ciphertext: &hex!("5b6594edcddbb338f4e813687f4f23a75a64c21e3cf5d2e7c9af0f7e3ee3e616"), + tag: &hex!("f1cccd93a4411247c8b6830addd72c6f"), + }, + GcmTV { + key: &hex!("2aac499cb0eb72b4598acff4330df6cd764978997d5ace51da88e0c18671bde9"), + nonce: &hex!("fd16cdc39d7f0b92e1f95c97"), + plaintext: &hex!("e7b75bfa35c9a004d0b68265623a9b06b6d4493ea0ad4f6c777ba5add8c7bbbb"), + aad: b"", + ciphertext: &hex!("c3d0a0f7ce9720c95aac86151aad634884ddfa62df58f18394537f6504d9a8aa"), + tag: &hex!("76749a1ec70236b267fc340d5fbb6da3"), + }, + GcmTV { + key: &hex!("a2a502d6bb19089351e228d5cbff203e54fc31f2772253df08557875d964c231"), + nonce: &hex!("0ebb5af4a462a1e6ded7164a"), + plaintext: &hex!("bbecc89450c07b8de631155e5d7cc7a9d26376bb57d7458d49b4c36e140490f3"), + aad: b"", + ciphertext: &hex!("fd09c950890441fcaaa8809a8998079abb88741c6672abae12383ffd724f8299"), + tag: &hex!("22fac246058bf142c5f26812a635b480"), + }, + GcmTV { + key: &hex!("ce2d289e20c76f75c135c8118d5cbf5f2828026f0b639588a3eb4ad752cea548"), + nonce: &hex!("bb08526dd8bd1c3bb58d0999"), + plaintext: &hex!("56f5db1e796a0c4633a8d570182c39e3c8451e7ba485b98d38a2c926a1b92a46"), + aad: b"", + ciphertext: &hex!("a41005df18734d4f3f99f19ef8fc43b16ef431207cb0466341bf164b58e23533"), + tag: &hex!("a45c2a1ef6aec75cc22d71807dab3c27"), + }, + GcmTV { + key: &hex!("66e418d0ec97b420b1b5365d1b6d5cd7c5ac1a5653739120d4aec3c94c93c287"), + nonce: &hex!("989f94480266e3652488184e"), + plaintext: &hex!("e5052b19d7f827fd60f45c8925809fd2217ec4d16aa89bbf95c86a1c1e42bd36"), + aad: b"", + ciphertext: &hex!("f341630574ee92942cf4c5ecd3721ae74b32c557379dfe8351bd1c6661a240da"), + tag: &hex!("e85fb655ef432e19580e0426dd405a3e"), + }, + GcmTV { + key: &hex!("37ccdba1d929d6436c16bba5b5ff34deec88ed7df3d15d0f4ddf80c0c731ee1f"), + nonce: &hex!("5c1b21c8998ed6299006d3f9"), + plaintext: &hex!("ad4260e3cdc76bcc10c7b2c06b80b3be948258e5ef20c508a81f51e96a518388"), + aad: &hex!("22ed235946235a85a45bc5fad7140bfa"), + ciphertext: &hex!("3b335f8b08d33ccdcad228a74700f1007542a4d1e7fc1ebe3f447fe71af29816"), + tag: &hex!("1fbf49cc46f458bf6e88f6370975e6d4"), + }, + GcmTV { + key: &hex!("2c11470e6f136bec73351619288f819fb2bbba451857aadfb78384074612778a"), + nonce: &hex!("4e6cc2bcc15a46d51e88958d"), + plaintext: &hex!("3b3186a02475f536d80d8bd326ecc8b33dd04f66f8ba1d20917952410b05c2ed"), + aad: &hex!("05d29369922fdac1a7b37f07953fe175"), + ciphertext: &hex!("6380945a08977e87b294b9e412a26aebeeb8960c512439bac36636763cd91c0c"), + tag: &hex!("1029a3c4be1d90123c1b404513efde53"), + }, + GcmTV { + key: &hex!("df25ea377c784d743846555a10cfaa044936535649e94da21811bad9cea957b5"), + nonce: &hex!("35f5f8e950c1f57ad3dfb1fa"), + plaintext: &hex!("98941a807ac8f16eef0b3d3c7bbdfd55d01736c5b3360d92b4358a5a8919380b"), + aad: &hex!("28eb4677110ccb6edc8d2013dc8f46ec"), + ciphertext: &hex!("24a07532e981aaf3106eab8dfbb2d2078342e2eaee027e148f06aca68f6a1c50"), + tag: &hex!("131373ed4a0e3f584ae978d42daa6f3a"), + }, + GcmTV { + key: &hex!("106168ea651f22c54196a06f1a10bcf4e620d93e4dc0824d798f44f9219c6177"), + nonce: &hex!("4064dcbd631cf20b05ae22de"), + plaintext: &hex!("b0d3da2b96b8889c92e445abbea4c6d0d5d44d7fbcc7dade4c92f6bcddbf06e1"), + aad: &hex!("a36e2fb9cd96a8ca9ae2b193aa498efd"), + ciphertext: &hex!("f55a6d8a6965ea451637bec7548cfb1ffe59fc0ce6ea6a937cb5dd32b3d45d5f"), + tag: &hex!("8d1bf2715041f817f11631fc9910c629"), + }, + GcmTV { + key: &hex!("272d1649a3dd804de0962d3e07064a7054c00a6234ab1b0cdcf685ab394837e5"), + nonce: &hex!("955b5897f6b9806bbec5c33e"), + plaintext: &hex!("36e57c29c08c51ad7fa91c0416f976cfd011780eb44cc5abd34c7b431b093b8d"), + aad: &hex!("33e618ecbbe5eb0566df21c3c34b7e25"), + ciphertext: &hex!("cd6aeb345081dc0bb2c8b4d19b280658fb87c0f2bd0f4c9da694dc1feeb32f4e"), + tag: &hex!("dd37eac6bd6a4d3618241738779735d7"), + }, + GcmTV { + key: &hex!("3dab6a51bb7af334dd4b79a7d139550c88f0778d43c21fc4ad33f983a13515cb"), + nonce: &hex!("362eaa67cab3d1ed48e9f388"), + plaintext: &hex!("3eb7f5f0a4ca9aa7000497602c6124433a60a8fcd91b20175b4ee87e6b10a2d7"), + aad: &hex!("52852150786e6547a2618e15c77110b6"), + ciphertext: &hex!("cc3316041b88733839249b756ffa00bbec6211942f604f26c4a35ed32e6eeaff"), + tag: &hex!("5936c5500240d50c0da0fcdc248f176e"), + }, + GcmTV { + key: &hex!("0ea606521b935d5b4b66df89fb372d35c4d6d2c03767367e38de0d4c27761d56"), + nonce: &hex!("0d3168318a4f76392699640b"), + plaintext: &hex!("f450b36d6c49411897bce39001d73ff01b5e8566179e36dacac7064cab5c6270"), + aad: &hex!("3bd8849070cf034c4298f40f33b0b839"), + ciphertext: &hex!("3b15fad18726c4eaa70502b3f3b32c5092d1d92835e6460665fc50dda953a191"), + tag: &hex!("11fd3fddf61e010c17fbedd4bd5fb012"), + }, + GcmTV { + key: &hex!("c8c4f9e0bd289ef1bd16104a8074fb073dd9035ab937ab076fb5801e2295aa2f"), + nonce: &hex!("be699d9d98ec1f724da8bd0f"), + plaintext: &hex!("49fe9407a719d41e658587809cfed7a5b49941c2d6378f3c0afe612f54f058a1"), + aad: &hex!("a985c7489732038c3190cb52be23737c"), + ciphertext: &hex!("17a9aaa6a3c68ba1f6cb26fdd6536c207e3c9ce58f43e4ecfd38d3387a798a0f"), + tag: &hex!("d832cb4814142562fedfe45b36126cb8"), + }, + GcmTV { + key: &hex!("52d0f20b0ca7a6f9e5c5b8549d5910f1b5b344fc6852392f983558e3c593be24"), + nonce: &hex!("d5c618a940a5a5d9cc813f27"), + plaintext: &hex!("a9fed8a29355685321f978e59c40135309306cd41b25349fe671dc7990951c68"), + aad: &hex!("61823f7e39ed76143ca7249d149bdf57"), + ciphertext: &hex!("509c540e558d0bf0a3b776cddfbfddc15486748a7f9952b17c1cbd6869c263f4"), + tag: &hex!("42e35ee3f7119f87fb52b5d75b8ab8ec"), + }, + GcmTV { + key: &hex!("5d291a8f1a6433a41076702d9d8a8c196e464550ed900ce8c2a36f4d10483954"), + nonce: &hex!("c4ba743ee692e5d00b5ae2c6"), + plaintext: &hex!("605d519b26182458fea68dddd86033390fc545f843ae817850a2a4574add015d"), + aad: &hex!("878fa6720ab30e0287f6903acd2dca19"), + ciphertext: &hex!("1c2f153f2374d3945cca9757dc18d9a15a93276526285a6e316ee32a72092c34"), + tag: &hex!("e7905e856c88c6ece4bb47781becf923"), + }, + GcmTV { + key: &hex!("09e2724d4017cd57e967000e4da2cd5c5c18ccfb06c33b7ce62a7641e4bb0b73"), + nonce: &hex!("9ea18b420a10177289ab370b"), + plaintext: &hex!("6f5dfa86d5df4febd752265c56390049e7cda60c2644c84ab413932faad15b15"), + aad: &hex!("a8e77939423d5894d307fd60278d162a"), + ciphertext: &hex!("35e37a9b913eb58b72262e92d7584d44bf9a8442f1b2f3da3a5d05ec6a2a31e2"), + tag: &hex!("1a95023b1a4a3e885520ec79e1a3aef9"), + }, + GcmTV { + key: &hex!("8544a9f4f6c0efdff3da90cfa3ee53fbe1f8de159d29537c803e1651da153718"), + nonce: &hex!("be406029a1d0c25d09af94cf"), + plaintext: &hex!("7e88a65646ed138b7c749366d16e41dbafd9987ad2373bb9d0b6ce0c1a4d6661"), + aad: &hex!("599dbb73897d045a1bd87385e60323a2"), + ciphertext: &hex!("38ffbf9ffff8d6a92090584e6dace1c6a47d3d5709a25e470557d5c8f5dd1851"), + tag: &hex!("d5b2e83c47df404de9a7cd95d3cbe7ab"), + }, + GcmTV { + key: &hex!("35b9d2a5db3b06e7720cec794dae615029a491c417f235498e0496cd8183d1bf"), + nonce: &hex!("b382987916e19752dd9ecc0c"), + plaintext: &hex!("76b290496901c5824ad167433dbb6d6b5856d41913ee97ec81e70cf6a170e35c"), + aad: &hex!("e0aa3a1f1df601366c59a390f4f06c3b"), + ciphertext: &hex!("78347400d6799e77e11e76c0ecfd311becf31f74f14b3a71e6d526ce57015c8b"), + tag: &hex!("bf8dec2feac7cfe9f330bdfc92737b33"), + }, + GcmTV { + key: &hex!("d707eab3c167b73efeb08c50e12b1569a275487ea136f52736c0f3ce66b69fa3"), + nonce: &hex!("11116f34182e52428642e747"), + plaintext: &hex!("a0c4818362035b16b50de445d558ea5cf8844bf5c84b96232999a2279806cc45"), + aad: &hex!("ae9f90331800c358716c92667f79f748"), + ciphertext: &hex!("91c77404b20028ef0fd4dd7f8b65b6594af94a1e7fc79cfbdb108265354fc71b"), + tag: &hex!("6c3410d4b915dbad745715202c04e9a4"), + }, + GcmTV { + key: &hex!("405d13ee48d3b9fc26bcfca776b2af6c745d8fc34171622f8c6c4be5a54b8b65"), + nonce: &hex!("add1524abb1b846f0f6577da"), + plaintext: &hex!("e06475990d6e3990266de1bd025c3b1910c0736c81050885f2bfc13ec78e9d96"), + aad: &hex!("0b1c4c3ba877bca5846b2c1f2b0e2105"), + ciphertext: &hex!("6399f7e6d6c680fc41bac8bee3836b9a4241403d5a19e4919f396ce37b238d38"), + tag: &hex!("e754f400d76c76e03c63ea88cf64ccba"), + }, + GcmTV { + key: &hex!("5853c020946b35f2c58ec427152b840420c40029636adcbb027471378cfdde0f"), + nonce: &hex!("eec313dd07cc1b3e6b068a47"), + plaintext: &hex!("ce7458e56aef9061cb0c42ec2315565e6168f5a6249ffd31610b6d17ab64935e"), + aad: &hex!("1389b522c24a774181700553f0246bbabdd38d6f"), + ciphertext: &hex!("eadc3b8766a77ded1a58cb727eca2a9790496c298654cda78febf0da16b6903b"), + tag: &hex!("3d49a5b32fde7eafcce90079217ffb57"), + }, + GcmTV { + key: &hex!("5019ac0617fea10517a2a2714e6cd369c681be340c2a24611306edcd9d5c3928"), + nonce: &hex!("fd1fa6b5cab9aa8d56418abb"), + plaintext: &hex!("4349221f6647a906a47e64b5a7a1deb2f7caf5c3fef16f0b968d625bca363dca"), + aad: &hex!("953bcbd731a139c5de3a2b75e9ffa4f48018266a"), + ciphertext: &hex!("dbce650508dab5f499767651ee734692f7b157341977692d2ca879799e8f54aa"), + tag: &hex!("20239e97e2db4985f07e271ba545bbbf"), + }, + GcmTV { + key: &hex!("c8cee90a8b9ad6094d469e5d1edc30d667608e89b26200cac77efd7e52af36fd"), + nonce: &hex!("5a1aa9c8e635281ee1fb9df7"), + plaintext: &hex!("728d9221891bd75c8e60b7dd6f53edcfd1ab1cebc63a6ce54be220b5b362233b"), + aad: &hex!("0538b3b64da72aac591bc59991a140eff206b3f7"), + ciphertext: &hex!("b753eb6b87f0c8778c3ea3a74fba3b31ced6d2da94d43d482ab0431806a80d75"), + tag: &hex!("b21d29cf6fd04571ffcaf317d384df11"), + }, + GcmTV { + key: &hex!("b4b77710f86ffd463fc14bb9eaa4424b2b3a581778e5511a094a08fb204cab59"), + nonce: &hex!("3e4b12bf55633bf48d104620"), + plaintext: &hex!("6f44a8df11dce27df075ea10ddeb7566ca6c988a334cf56e8540f71166d7c0d1"), + aad: &hex!("3e3b4c9369266266098326217b5677a40297cb87"), + ciphertext: &hex!("31f82f5cb1cd5c4b4819b61aa9377abebe8fca76978b1199178462c7c1c4e2b2"), + tag: &hex!("1b3a535768e8480d75ec91b2e7b55efd"), + }, + GcmTV { + key: &hex!("0a8fb75498a139223c763d52bbe3d42f813de370fa36b81edc4553d4219d2d5d"), + nonce: &hex!("7d6cb675fded3efef908a11a"), + plaintext: &hex!("81b69ca354de3b04d76ee62334cb981e55f0210f1174d391655d0f6712921a0e"), + aad: &hex!("2314ad86b248f1ed2878e7c562b533bf2dda5a29"), + ciphertext: &hex!("6a23d30737f4a72b1e07ba23d17fde43a4498e2e60d3e1b0c8e6ea26a2bb331a"), + tag: &hex!("7fcac442fb657910c62a74b1d0638902"), + }, + GcmTV { + key: &hex!("a84315058849690c2b88062aef81134d338526baa7090e865fcaad94bbf51ca5"), + nonce: &hex!("a487cfa701447b495aab41e0"), + plaintext: &hex!("18074e14dc0a14d4439f1d710927ed8c200154c8492f77f10f653e0bf6070ca6"), + aad: &hex!("7c4416b0cf13ac76bec6687a6840dc703e91bb86"), + ciphertext: &hex!("80f40b7e335d40fc5859e87f385e14798a253818e8ad73b1799c1419638246a4"), + tag: &hex!("b4c7c76d8863e784eb6029cd160ef6de"), + }, + GcmTV { + key: &hex!("82833bcaaec56f6abbb3378f7d65daf6e6f6f2a0d1e858c7219f53a7840f4e00"), + nonce: &hex!("4bc9b028a00be8feb5232978"), + plaintext: &hex!("d9b2383123a27a93bce85add8392b938093b40e82f182e484bf4f84fa3bfb3f0"), + aad: &hex!("76fc8ed57154cd8a9b3d02c87061edd2a8157811"), + ciphertext: &hex!("383efe971438cd2b2cbb399d74a3fb3eedd394f1862addc58e9fdd4c421402d2"), + tag: &hex!("fd803c4fa917f7ff649a6aac013a96b1"), + }, + GcmTV { + key: &hex!("ee4634c49c5672c660968a42862698f6c1b2c7b79efd1605c24af8ff9ff8366c"), + nonce: &hex!("877912b2f35888d2810612cc"), + plaintext: &hex!("9512a5268a0cb3fbd916ddb820dce77f1e0dbb52c8ffc7a74be077119e9245e4"), + aad: &hex!("93bd669db4f1354ef6c8addb0cf729e46d5c3846"), + ciphertext: &hex!("69af0ac954e0d69043851d89f1538ebcb42769857eba27dbe4ad4fd60fd75537"), + tag: &hex!("3ee443873e2f7f7ea601fe3d7e5211e2"), + }, + GcmTV { + key: &hex!("442f4bbc468433411e49486a15c5eed577f5007380ff126d9974f3bd3fe4e3c4"), + nonce: &hex!("1e7133aaa8af826dc646ec62"), + plaintext: &hex!("7f8069e5c356ece135d98bb563c8b411ea90ea3b673dfd92e1ba9c459efae61f"), + aad: &hex!("577662f611446b5b31814930029edb949a30dcb9"), + ciphertext: &hex!("b962952750eb2bce313e1a85a72e3c9cc2ea7e58c353ea37df2c9f0723995ca7"), + tag: &hex!("e633fe9f10cedf0f0d02aa2ddcf47d86"), + }, + GcmTV { + key: &hex!("3a29aec009f44fdd2b1bc07cb7836f29d8589774bd0d74089a68d9e67827d6d8"), + nonce: &hex!("a42c5fb61573c72688ac31d8"), + plaintext: &hex!("d36eb81506c0a0e4ebcac9b4b1acebb38b94b8f2ce3d6f85a8f705fa40cb987a"), + aad: &hex!("2ee2582d544e1663f1d7a0b5033bcb0fce13b3e5"), + ciphertext: &hex!("179ef449daaacb961f88c39b4457d6638f304762bd695924ca9ebd01a3e99b9f"), + tag: &hex!("1fee176c7a5d214748e1d47b77f4bcc8"), + }, + GcmTV { + key: &hex!("ed47660054294f3c913c97b869317cbddc395d757bef7d29b8ccbdd2c54e99d3"), + nonce: &hex!("770a00642c67eff93c9f1f56"), + plaintext: &hex!("034193397cbd0eb414459273a88808db2d0711e46f80d7883212c443d9e31b54"), + aad: &hex!("06210fca2018d2357256c09197730e9777caea96"), + ciphertext: &hex!("6a250ebd3390229d46b691142743dba1c432c0feaa0f0dd19d0ce4e6a8918d80"), + tag: &hex!("a5f6e975592b472907c34b93bfc69dde"), + }, + GcmTV { + key: &hex!("9539844493362dc3f913308f7e12a2a0e02afdbd8869877b30ce0397fb0349dc"), + nonce: &hex!("eadda3132079195a54fde2c1"), + plaintext: &hex!("62349a0b1e40a9f31eadf27073682da15f0a05cf4566ee718b28325f7d8eaba0"), + aad: &hex!("0ae4a90cb292c4e519b525755af6c720b3145a1e"), + ciphertext: &hex!("ad6c9521bf78d1d95673edd150f2b8dd28f10625d67fa25f1fb42d132ba7fcfa"), + tag: &hex!("916242a9cb80dffcb6d3ae05c278819a"), + }, + GcmTV { + key: &hex!("3b4eb08d27ae0b77605ae628a1b54a5402026550679fab0a20752bee510d3d92"), + nonce: &hex!("28a20c40f49a00493da3488a"), + plaintext: &hex!("c8a47edcf84872f53f96ef41ce05ca37cbc3854b556d6e606f0a8a32d0861907"), + aad: &hex!("0591390e2d14ebe62aeb1741c26448ce55b28cab"), + ciphertext: &hex!("a3e8cbf84df8529838f79315c7f1a0b7bb3ad4c4d036ec317b1810b274ee3080"), + tag: &hex!("0a8f66daeb7f0a88756909c4e93fcd36"), + }, + GcmTV { + key: &hex!("0cccea8f1f6ce141690e246cf4cb9f35b66baf6e6986b8e0b4cfdd13fcdbc8c3"), + nonce: &hex!("929f07be5aa7bae7607bae3c"), + plaintext: &hex!("9fa5214c599523c695d37937b02f78837f6406960b2a03bf9a6db34bd35e3dc7"), + aad: &hex!("b851e610be70a994808b34ca73f45f1ea973de65"), + ciphertext: &hex!("917ecc8b00b53f7fb0732d66848a106e91f60acf2dcf180832a74d5993c658da"), + tag: &hex!("2959e20746bbb6ab66dfd29b9477799a"), + }, + GcmTV { + key: &hex!("ecbfaef2345b34f31fbf6d68efb385e5833df8b6e6ae621ede02baf9735d2dba"), + nonce: &hex!("50c3527b1a35ccb318b446de"), + plaintext: &hex!("634f6dd60783d1f952353fd1d359b9ee4f4afa53cc13e81c5adfe24b46baf08f"), + aad: &hex!("f8981548bde6ee6c1745f947de191bf29997fadf"), + ciphertext: &hex!("705e5f67ab889ba238118e3fd9b90b68be801995ae307378d93b50977cf90588"), + tag: &hex!("12d14468ac18cc9936bd565f8ad42d0d"), + }, + GcmTV { + key: &hex!("dc776f0156c15d032623854b625c61868e5db84b7b6f9fbd3672f12f0025e0f6"), + nonce: &hex!("67130951c4a57f6ae7f13241"), + plaintext: &hex!("9378a727a5119595ad631b12a5a6bc8a91756ef09c8d6eaa2b718fe86876da20"), + aad: &hex!("fd0920faeb7b212932280a009bac969145e5c316cf3922622c3705c3457c4e9f124b2076994323fbcfb523f8ed16d241"), + ciphertext: &hex!("6d958c20870d401a3c1f7a0ac092c97774d451c09f7aae992a8841ff0ab9d60d"), + tag: &hex!("b876831b4ecd7242963b040aa45c4114"), + }, + GcmTV { + key: &hex!("07b3b8735d67a05632c557076ac41293f52540bac0521573e8c0414ec36f7220"), + nonce: &hex!("0046420eee8d56de35e2f7d5"), + plaintext: &hex!("4835d489828325a0cb38a59fc29cfeedccae25f2e9c399281d9b7641fb609765"), + aad: &hex!("d51cedf9a30e476de37c90b2f60882193630c7497a921ab01590a26bce8cb247e3b5590e7b07b955956ca89c7a041988"), + ciphertext: &hex!("46eb31cd98b6cc3ecafe1cd1fc2d45fa693667cbd3a7d2c5f8c10296827ea83c"), + tag: &hex!("36cd4e76dd0679887477bfb96cf1c5f6"), + }, + GcmTV { + key: &hex!("0219f14b9ca6506c1388177c4ae6ee64ad2ac0256ebbf8c219b40df6e8571d70"), + nonce: &hex!("3420a87c4b9b23ba81eb221e"), + plaintext: &hex!("348f7a4ca944f252e4562c66dacf01fb10d70a3c8f5b280a2829567a2a94e47e"), + aad: &hex!("54dc2277b8d1aae660ffcc326e2c5d9e16b8ca17288601aacd02b3eea8bc5cc60718639aa189506b7b333b87da86e940"), + ciphertext: &hex!("58c92119bfb6ad53e387cac6728ce73b82e18f6e5bfbfca5f5acc370cd8c76a4"), + tag: &hex!("e7f9e3e3dae6d0a3470d8f597291180c"), + }, + GcmTV { + key: &hex!("87440ee7f6febf3e14ef0a917a87c5d61260fefc979eeaeac0a64662c98cb4f7"), + nonce: &hex!("7c48bc75e58f21cc9989d691"), + plaintext: &hex!("f8e40a6a985f424898a7996307a077c487406c5312eefe055ea5b17a4b22087b"), + aad: &hex!("e0c66e5db1c7665a015ba7e21e08ff3de5b4a5fcd5d35e41db7e97ccd0c3df657ae803c3529d375420ad75ac9621cea0"), + ciphertext: &hex!("5a118fc3dbdaf6bc9490d372b7623af76da7841bf9820a9c6624a15eff6a69c2"), + tag: &hex!("0ddc2ae087d9b8ca2249ea5aa3dbd4c7"), + }, + GcmTV { + key: &hex!("b12425796f63bf5435740f9039fa66367fc7702d675c61b2dec4435feeea07f8"), + nonce: &hex!("f26727053e6d67c2d2bf1e69"), + plaintext: &hex!("9df079d98a6e4dbe277a8545f4f6c19fe130f4a84bdd6b760a049fba21d4e99a"), + aad: &hex!("e50fca2e5a81ae56ca07f34c4b5da140d368cceab08494f5e28f746cbfefdc285b79b33cf4969fe618b77ab7baafe271"), + ciphertext: &hex!("845f00202e2e894516d8f4a4021430e531967098c9a94024c7113c9a1b91c8cd"), + tag: &hex!("3566c75967ae00198e39ebe9f0ac697f"), + }, + GcmTV { + key: &hex!("674dfb625b8b0ce1dadbbbcbf7e151c5b2cecf0a1bc4e07f4734f3a6792350cd"), + nonce: &hex!("99e7b76e6686449616ad36c7"), + plaintext: &hex!("0a744a72e536a0484db47091609228d803bcfa9a8daf579e3039e3645f7688e2"), + aad: &hex!("2ab1573e5a94ca2997590840bd9c62e6add55e4d3eac12c895d2ec637791caa41d46ed91e6064db627e1fbef71d31d01"), + ciphertext: &hex!("e550ee77069709f5199be3c618f2a4178e4d719ab73df41cbfe32c52777138ff"), + tag: &hex!("134ac3fa8bd4af7ee836f4a3421d9e99"), + }, + GcmTV { + key: &hex!("10c1de5f741560dae5be23e15649f0114db52949560bb6cdf2d4883247392ee1"), + nonce: &hex!("7cf73c1472cd60d8d35fde51"), + plaintext: &hex!("05becd366aebaa2e609f507dd2dd4433b2aba0634b0eb9a5bf7ded4cc8fbed72"), + aad: &hex!("d3fa8b6f607a20a18dd7eac85eabef69d4fb5a074d8e7d1bf15d07732ed80e020163b475f209c4b0cbfa00d65d1e82ef"), + ciphertext: &hex!("280f0c306e1a3aab8ff9ab3e4a9adc2e9ae4e4e1a06f190d11b3b4dc4280e4f3"), + tag: &hex!("3bc8be845bf5ff844c07337c2cfd5f80"), + }, + GcmTV { + key: &hex!("e8d6ab5e514645dd7e051b028f5bfe624c72f44f30279577365aea65d4a8a819"), + nonce: &hex!("30b0d654ee5b79c2cfb24100"), + plaintext: &hex!("19be7e0feedd402bf4b05995a38e5f423c033de016e3ae83ea8c3c1cba658e1e"), + aad: &hex!("082e534bf860d0061ec2dad34d6b0db8cba1c651f2c705356ff271e47365b0b18f8ddb3a3c2269b437fb0703c9ad367a"), + ciphertext: &hex!("8573800c737d2480b2885ce714ac6a15f23287b1d12949a3d76effbe82b593bd"), + tag: &hex!("50110884292151f51213ccb2fe934d88"), + }, + GcmTV { + key: &hex!("2d1eaf5e62ca80fd1515a811c0e4c045aba8c769df03d57f7493eb623ed8b941"), + nonce: &hex!("abf190b05df2e6556cb34b47"), + plaintext: &hex!("9c7cd522ed5c0af3e57da08d2653ef77eb973734f360572bbcb15a2a6cbd60b9"), + aad: &hex!("75ab9bd39c24e498a54d85a8b76a4126dc1879f2a30270a42609763e045a4021785b6134f283fd81c195c3188e78752d"), + ciphertext: &hex!("5fdfdaccb105e5408c375af8ca63a67afaba7ccbcd591acca9a86d92f92fd0f7"), + tag: &hex!("49940b7610618b3a5cb3912339e06b3c"), + }, + GcmTV { + key: &hex!("b6020677e098c59e19eacf26732473d843aafd6bf999c707bb08ab896406918d"), + nonce: &hex!("807167ef2b84b32d1df4a94c"), + plaintext: &hex!("3199d6b95d133ba5b7eadc420080a0b249c84f4960bd369d6bf9e313627cf670"), + aad: &hex!("06225d410ada3e04157da7e5481d7d9f2285845824aac0c0e033244ed4c1b19615354c224ba8b7093c5651d10ef952fe"), + ciphertext: &hex!("4618adbfa5ea4ee260e310140b385232b7c3ad46887aa2107f7dafffd85cda22"), + tag: &hex!("2d76307bf55826dfeb58a171b6fa80e4"), + }, + GcmTV { + key: &hex!("f75456c4918d0bea72f546a9a1e2db0b6ab9bcd9782b5eb1c2700e729921d666"), + nonce: &hex!("c75b83134e7b9188e5800ffe"), + plaintext: &hex!("f9a23abbd0f2b367ce16c2a0613cd293ac7e66cbe020eaeb5deb09d5031fd992"), + aad: &hex!("5ef46c9eb5865cab2c8a35f9c4c434614a6c9f1b5c479739f7434d3326cff1e70b0d2877c084a71c7a9d33d258d304bb"), + ciphertext: &hex!("56e4efe6c0944153b65ed4909845219842b9b88f54d8d8394051132afb95d391"), + tag: &hex!("255e2c8c43f8979c440c3581bff6cf65"), + }, + GcmTV { + key: &hex!("9831c5c12e53e8a961642e93ddb2e13a38506acd0cf422e6ad9fbaeabce7b3f2"), + nonce: &hex!("bff29de3d6869e5fa75b96f9"), + plaintext: &hex!("b1edbed58ed34e99f718db0608e54dd31883baec1c8a0799c4ff8a5dad468de4"), + aad: &hex!("67ebeecb74cc81fdfee8065f8b1c1f5012bf788953bec9525e896611b827084a8e6baa0ce40ee70bc699b152bc6ed903"), + ciphertext: &hex!("13845db7e33bab1f5766a7fadfb942748e779753d97f143e645ccfcbd7c23b23"), + tag: &hex!("10dbe8a3e1901c8b88b0ab1441664d32"), + }, + GcmTV { + key: &hex!("a02c2d4a43f0f7f1db57c07f13f07f588edfe069a9d83c9b76e9511946c4fc48"), + nonce: &hex!("84677438592dcaf683d08a67"), + plaintext: &hex!("ad5a884dad20ffa88794c4fca39f2ca01c6f67657ab38e5cf86ac5597318ef07"), + aad: &hex!("d5dea0cd6080af49a1c6b4d69ace674a622f84f9f190b2db8a22e084a66500b52ff20a8d04f62a7aeaedb67e2258598c"), + ciphertext: &hex!("83da16ae07ee0e885484c1330a6255a6e7ac22915c63cbefaabc6f9f059dd69d"), + tag: &hex!("42c4a270705493d85ad7bbcfda86dffb"), + }, + GcmTV { + key: &hex!("feba412b641bc762bfa79ef17c3ea16e5630605470db096e36ffd33813641ace"), + nonce: &hex!("e3633f21e7c63a459d5d1670"), + plaintext: &hex!("9326572bd33551322ca42fcfb7cef8be41d78725f392c34907ecd1fe5572bff1"), + aad: &hex!("b7ee0233863b0e185b2f46181eb5fc0718832e1e76e7d4115a4c1f7e998c41319ccef44f5db89e8c5f077bd553d7bf42"), + ciphertext: &hex!("5019ea98cc9dc9368432c6d58f9e144f55446e763c0a8b4d8a6ce26f3dd95260"), + tag: &hex!("1010beb9cd6e9b611280a5395f08bca9"), + }, + GcmTV { + key: &hex!("21bd5691f7af1ce765f099e3c5c09786936982834efd81dd5527c7c322f90e83"), + nonce: &hex!("36a59e523df04bc7feb74944"), + plaintext: &hex!("77e539dfdab4cfb9309a75c2ee9f9e9aa1b4651568b05390d73da19f12ccbe78"), + aad: &hex!("48aef5872f67f524b54598781c3b28f9cbcf353066c3670370fca44e132761203100b5e6c7352a930f7e9cbf28a8e1ce"), + ciphertext: &hex!("c21483731f7fe1b8a17d6e133eda16db7d73ddd7e34b47eec2f99b3bbc9669aa"), + tag: &hex!("15f9265bc523298cefb20337f878b283"), + }, + GcmTV { + key: &hex!("26bf255bee60ef0f653769e7034db95b8c791752754e575c761059e9ee8dcf78"), + nonce: &hex!("cecd97ab07ce57c1612744f5"), + plaintext: &hex!("96983917a036650763aca2b4e927d95ffc74339519ed40c4336dba91edfbf9ad"), + aad: &hex!("afebbe9f260f8c118e52b84d8880a34622675faef334cdb41be9385b7d059b79c0f8a432d25f8b71e781b177fce4d4c57ac5734543e85d7513f96382ff4b2d4b95b2f1fdbaf9e78bbd1db13a7dd26e8a4ac83a3e8ab42d1d545f"), + ciphertext: &hex!("e34b1540a769f7913331d66796e00bdc3ee0f258cf244eb7663375cc5ad6c658"), + tag: &hex!("3841f02beb7a7fca7e578922d0a2f80c"), + }, + GcmTV { + key: &hex!("74ce3121c18bbff4756ad10d0f293bb1ea3f93490daad0249cd3b05e223c9747"), + nonce: &hex!("81107afb4c264f65ae0002b1"), + plaintext: &hex!("7a133385ead593c3907806bec12240943f00a8c3c1b0ac73b8b81af2d3192c6f"), + aad: &hex!("f00847f848d758494afd90b6c49375e0e76e26dcba284e9a608eae33b87ad2deac28ccf40d2db154bbe10dc0fd69b09c9b8920f0f74ea62dd68df275074e288e76a290336b3bf6b485c0159525c362092408f51167c8e59e218f"), + ciphertext: &hex!("64bd17f3e8f71a4844b970d4ebc119961812efb9015b818e8d88b906d5efbd76"), + tag: &hex!("46d0e42aa046237efee17eab6d9cfb75"), + }, + GcmTV { + key: &hex!("4c669a1969c97d56da30a46236c15407e06aada686205eed3bd7796b02c97a4b"), + nonce: &hex!("0a07758d5ad44766e051da6c"), + plaintext: &hex!("cd59bb307be76f11304f69ac8b151e1628ac61dec81086e7f24fd5bd83df8856"), + aad: &hex!("0b8277114cbf7ee16c9bbda1ab40419a02e469ebb295883f0a833c3cb755ded44a3c410034a201f7d91b43519fbabb55b974834be5d5afc7aea7c84b44a14e8e16dd68a3e8cc79ad2bf76d0ceb33d58ddb6378b45681ceaa0f2f"), + ciphertext: &hex!("bc62ce0b23cf4aa8e16b4450c8ab8c629a53949f01e68b875ecc5c45ff6d3ab0"), + tag: &hex!("5ffeda728914031006f271c3d9986f2d"), + }, + GcmTV { + key: &hex!("a23296632913051e438114deb782fb955b75acc35e86e7e9fdaf4e9025b87f12"), + nonce: &hex!("ad50db40f80f15214e43ffd7"), + plaintext: &hex!("b71116cc27b5a5844d9b51a4a720cb3f06d55d6aaeaeaf921236424db8617204"), + aad: &hex!("a6f96f5a89bfd8c8f34cd07045270d80e58ea62f1f0b10f2506a954f272af0bc71df96ad3fa8eed52c45e0b868091dc4f75d9e0eaf15a0a858a71bf7036c5607110cbfe47ad9b6d02e942fcfae88d4c792a1f824e60e3cf98a37"), + ciphertext: &hex!("8e9e4b0ac93ab8e73688d6b4723d8c5ef399ead72246c7aa7a0783a8bfe29936"), + tag: &hex!("b7dea91e4b357ce805edeea3f91392d2"), + }, + GcmTV { + key: &hex!("4036a07bdd4e10eb545f3d9124c9f766d2d0c8c59fc0d5835ac55dcfaebfc3a1"), + nonce: &hex!("815828fbb964497cdadccaad"), + plaintext: &hex!("717f22faff8066182e46d32dbac7831ec24272871c45c7c12ca779f868e7739a"), + aad: &hex!("0bc0e3931388bcb091463bae2989a93bde103bc14fc5d39f9448ca90367e86336b188f73218b2b0ab72a9a564ad5ff32544c5afeacecadfa55d2fb66925a88299dbf58f425cf49e31f42ac4edace743fdf9680d20ec845afc278"), + ciphertext: &hex!("e8c3b0342964c7a71f084d44ba2f93742bccd9821b30087d11b53bbe8b085808"), + tag: &hex!("86ddd9c469849cb6b100c339ca62717d"), + }, + GcmTV { + key: &hex!("714bc3ba3839ac6707863a40aa3db5a2eebcb38dc6ec6d22b083cef244fb09f7"), + nonce: &hex!("2cfe1c51d894e5ef2f5a2c3c"), + plaintext: &hex!("0cc4a18bbfea87de0ac3446c777be38ca843d16f93be2c12c790fda4de94c9bf"), + aad: &hex!("84e3d46af2ecb717a39024d62bbc24d119f5aff57569dfef94e7db71ad5aff864abacdc5f8554e18ed5129cfb3366d349c52b3d1a111b867e8772140749e7f33e2e64259968486e32f047d21120da73c77757c4595ccac1b5713"), + ciphertext: &hex!("0857c8fb93412fde69bad287b43deea36506d7ee061d6844d00a7e77418f702f"), + tag: &hex!("24a9e5290957074807d55ad705adaa89"), + }, + GcmTV { + key: &hex!("2f93b5a37be1a43853bf1fd578061d0744e6bd89337cde20177d1e95a2b642c4"), + nonce: &hex!("52b6d91557ae15aa792ce4b7"), + plaintext: &hex!("0fcaa316a135d81052509dd85f688aed2e5fd4261e174f435cf1c4115aa6f354"), + aad: &hex!("992ba9efa287a5c3e5177bd4931af498982a1728b56b3d7c4b28476905e29f83326c4f3223a28844fc9b9d84d4f6cd859074aff647a35dde28e1ee889faab3bb9c09a4c3fbf2a16460d48a40dc53378d4673f4325e6aa3992a71"), + ciphertext: &hex!("f99774cef3c15af33cda3cb449cd335ffe4f27435edf83aff4a4f4c2d2df6647"), + tag: &hex!("c5e09b83b1c2cc81e48a1f7c62b7bb35"), + }, + GcmTV { + key: &hex!("531ca845af7bf731c49c3136407322b1c0f6b32b8eaebf03744b2edc1202d096"), + nonce: &hex!("baf13b85202bbfc899fc73f7"), + plaintext: &hex!("d4e9783f537c738200e7ba7526605f359a98c9f10cafaa2f433c40f3e5081a36"), + aad: &hex!("e2ba9cf548b4f6fb206f224250d85af327fde8d08916686ae770203dc29c694f8902b02222fd287f28ce6091006368c3949bea2937ff0bdedb7dbbd013ccf0a15ee0af8c56fe211b7c311e182f27707f59e09492b3604e80c6c5"), + ciphertext: &hex!("642f544929202128a783b985d36f60964c7d78e1d41f5d1bfe27de3ae0180df3"), + tag: &hex!("e333528c59ee1909750ed72fd1309ee1"), + }, + GcmTV { + key: &hex!("3add17568daa9d441aa7a89bf88fa4e6998a921d57e494a254080445bc9b6f35"), + nonce: &hex!("b290f4a52496380218c3dcf5"), + plaintext: &hex!("2c6908cb34215f89a3f3a3c892e8887f2efa496a15ab913fc7d34cc70c0dff79"), + aad: &hex!("0bc9cc13eb2890aa60515c2297a99f092f6e516236c0dec9f986ea98b8a180680f2c6c20bd4354c33433a4c6f6a25e632f90ebef3a383c3592268b483eebf5f5db006929e7987edbcac4755d3afd1cdf9b02954ebd4fef53d5f6"), + ciphertext: &hex!("2cf3beae94fd5e6a4126a8ec8a7166b0aacb8b8bbce45d6106b78d3456d05149"), + tag: &hex!("ce1509b1bd5c47a593702618b0d79f6c"), + }, + GcmTV { + key: &hex!("1c1dcfd4c4cc4beb71d6e368f739d8e681dfe48fbae39728386c9dfc08825743"), + nonce: &hex!("0deceb69ce0dc776a3a71b4c"), + plaintext: &hex!("b12700258ace7b16e40f4e86886892837168b256a170937a3b89063a9a0d68f7"), + aad: &hex!("a3af2db672292431fa8ee1fa5b197593b13e58a68c4129401d0942474d5f4cbe62093aaa5453f6d355d2f4b6dc8abde58ce863d1be5f9ecf39730a49565b3b6882a0a641c0b5d156a4107309dd150fd1f1634ea4e5100b3d4f88"), + ciphertext: &hex!("3ea7f1c0d613323e095558ddde53247420fa0eef17997a1e9c5ba93d5f24c46f"), + tag: &hex!("70534a87c258905d35806f4439f6906e"), + }, + GcmTV { + key: &hex!("f2724153aac9d50f350878d3c498bc3dd782d90cce5cce4ae14126c0e1fbb3cf"), + nonce: &hex!("1c07b61c5316659bad65cca9"), + plaintext: &hex!("067ccbd0206f1f05d2872210dc5717a0585e8195d72afd0c77da11b9b3710e44"), + aad: &hex!("e69db7fcd3b590a6d32052612034036d5c8bffa5e5e9b742ffe75a9fbba89dd576dec08154cf4e6d36f0fdd4419bdf50adc1974a80ea313421c926dffa87565b4bd0c1e84f2ff305af91877f830f145bb13dfa7efa5e3aa682e6"), + ciphertext: &hex!("9aba433eef383466a1291bd486c3ce5e0ed126010e0a77bf037c5eaed2c72460"), + tag: &hex!("f30a155e35400bb0540883e8e09b4afd"), + }, + GcmTV { + key: &hex!("a2544eb2047c97cfcaf0ec1427c5df395472285233a93ffccda8fee660aced56"), + nonce: &hex!("a751bea3c769bb5db25ab109"), + plaintext: &hex!("b9514cc01a357605918f9cc19123dcc8db328c605ca0eb9d69d871afeea1dcfb"), + aad: &hex!("eb9e09884de1454d6aeb0d6c82375f2428992031ea6cabf6a29aa6a4de49a353e4ffae043dad18ae651b20b7bca13f5c327ca9f132014bfa86e716d4724e05a1ef675521a6607a536756e6a8c16bb885b64815f1eb5ec282ce8e"), + ciphertext: &hex!("cb442b17088f6ac5f24c7a04f0050559386f3a57131b92a54142c7a556fdb935"), + tag: &hex!("5f80c5c0cdf0c7890bfd1fbd58c33081"), + }, + GcmTV { + key: &hex!("ceb057782efb1e85d805448af946a9b4d4128bf09a12473cce1e8ef8bfd2869d"), + nonce: &hex!("406f9730e9b1e421e428439b"), + plaintext: &hex!("0815723d5367b1328cac632fa26e23f2b814a1d59a2971d94d02ebd7ecf5c14a"), + aad: &hex!("0772ae00e1ca05d096cf533fd3de2818ac783edfca0eee7686a6290f3357481e883fb2f895b9a4f4004c56b8a1265242cfdf1fb4af7edc41ed78c5f4ffe9c4080d4a17318f9c56ecdb3a06f3c748535387d56a096943a76d46f6"), + ciphertext: &hex!("9d82355d8e460896201be15fd95fed48a8524666d987ab078550883034d0253c"), + tag: &hex!("a0bee8ac0e636d64d3b1eb33fd6f21d4"), + }, + GcmTV { + key: &hex!("7dbdbdfe36d4936940ad6d6f76c67c2851a0477f0aa7d6797bfdf2b7878ef7e0"), + nonce: &hex!("bc672b224b4b6b91fc3fd697"), + plaintext: &hex!("dfea463d35f0fa20487b606d6ccfd422a5b707f16527b422bf1d68a77db67e9c"), + aad: &hex!("faacb84ec7cfadd731de2f7c0892d7e38cbfb782b48412331af0b3eab602a722cad1069dea0052beb5ca70e2ee476c340c6193bcc60f939aabe446bf3ce958fe11a2ffc90241f0a7e4e274f0c1441def795893895bd848bf0f0e"), + ciphertext: &hex!("0ddc2281b1fcb904864a43657bc72357cf73fc1f16520caad7cddde10f846bd9"), + tag: &hex!("9d96699450aa9707695e5de56597101b"), + }, + GcmTV { + key: &hex!("187214df6e2d80ee8e9aae1fc569acd41589e952ddcbe8da018550d103767122"), + nonce: &hex!("56db334422b6c5e93460d013"), + plaintext: &hex!("53355283186719a9146c7305e3d1959a11ccf197570b855a43cbc7563a053c73"), + aad: &hex!("cbedb7ccfbf56dfd72e530bfe16b4f5aac48a90204bcb7a8cae1046010882cfc8b526e7562a7880914e61b60cbd605165242737d85eeed583c98cab3443874e5989ec9cde001adf7de9c9967de5178f75b8412b0c4d6fec5af72"), + ciphertext: &hex!("c2262585966bc9c23dc7cc1059d060211e86f3b3161d38b153635fbea4a28c05"), + tag: &hex!("a94297c584dfcd10ee5df19a2ee5c3d2"), + }, + GcmTV { + key: &hex!("1fded32d5999de4a76e0f8082108823aef60417e1896cf4218a2fa90f632ec8a"), + nonce: &hex!("1f3afa4711e9474f32e70462"), + plaintext: &hex!("06b2c75853df9aeb17befd33cea81c630b0fc53667ff45199c629c8e15dce41e530aa792f796b8138eeab2e86c7b7bee1d40b0"), + aad: b"", + ciphertext: &hex!("91fbd061ddc5a7fcc9513fcdfdc9c3a7c5d4d64cedf6a9c24ab8a77c36eefbf1c5dc00bc50121b96456c8cd8b6ff1f8b3e480f"), + tag: &hex!("30096d340f3d5c42d82a6f475def23eb"), + }, + GcmTV { + key: &hex!("b405ac89724f8b555bfee1eaa369cd854003e9fae415f28c5a199d4d6efc83d6"), + nonce: &hex!("cec71a13b14c4d9bd024ef29"), + plaintext: &hex!("ab4fd35bef66addfd2856b3881ff2c74fdc09c82abe339f49736d69b2bd0a71a6b4fe8fc53f50f8b7d6d6d6138ab442c7f653f"), + aad: b"", + ciphertext: &hex!("69a079bca9a6a26707bbfa7fd83d5d091edc88a7f7ff08bd8656d8f2c92144ff23400fcb5c370b596ad6711f386e18f2629e76"), + tag: &hex!("6d2b7861a3c59ba5a3e3a11c92bb2b14"), + }, + GcmTV { + key: &hex!("fad40c82264dc9b8d9a42c10a234138344b0133a708d8899da934bfee2bdd6b8"), + nonce: &hex!("0dade2c95a9b85a8d2bc13ef"), + plaintext: &hex!("664ea95d511b2cfdb9e5fb87efdd41cbfb88f3ff47a7d2b8830967e39071a89b948754ffb0ed34c357ed6d4b4b2f8a76615c03"), + aad: b"", + ciphertext: &hex!("ea94dcbf52b22226dda91d9bfc96fb382730b213b66e30960b0d20d2417036cbaa9e359984eea947232526e175f49739095e69"), + tag: &hex!("5ca8905d469fffec6fba7435ebdffdaf"), + }, + GcmTV { + key: &hex!("aa5fca688cc83283ecf39454679948f4d30aa8cb43db7cc4da4eff1669d6c52f"), + nonce: &hex!("4b2d7b699a5259f9b541fa49"), + plaintext: &hex!("c691f3b8f3917efb76825108c0e37dc33e7a8342764ce68a62a2dc1a5c940594961fcd5c0df05394a5c0fff66c254c6b26a549"), + aad: b"", + ciphertext: &hex!("2cd380ebd6b2cf1b80831cff3d6dc2b6770778ad0d0a91d03eb8553696800f84311d337302519d1036feaab8c8eb845882c5f0"), + tag: &hex!("5de4ef67bf8896fbe82c01dca041d590"), + }, + GcmTV { + key: &hex!("1c7690d5d845fceabba227b11ca221f4d6d302233641016d9cd3a158c3e36017"), + nonce: &hex!("93bca8de6b11a4830c5f5f64"), + plaintext: &hex!("3c79a39878a605f3ac63a256f68c8a66369cc3cd7af680d19692b485a7ba58ce1d536707c55eda5b256c8b29bbf0b4cbeb4fc4"), + aad: b"", + ciphertext: &hex!("c9e48684df13afccdb1d9ceaa483759022e59c3111188c1eceb02eaf308035b0428db826de862d925a3c55af0b61fd8f09a74d"), + tag: &hex!("8f577e8730c19858cad8e0124f311dd9"), + }, + GcmTV { + key: &hex!("dbdb5132f126e62ce5b74bf85a2ac33b276588a3fc91d1bb5c7405a1bf68418b"), + nonce: &hex!("64f9e16489995e1a99568118"), + plaintext: &hex!("b2740a3d5647aa5aaeb98a2e7bbf31edaea1ebacd63ad96b4e2688f1ff08af8ee4071bf26941c517d74523668ca1f9dfdbcaab"), + aad: b"", + ciphertext: &hex!("e5fec362d26a1286b7fd2ec0fa876017437c7bce242293ff03d72c2f321d9e39316a6aa7404a65ccd84890c2f527c1232b58d5"), + tag: &hex!("dfa591ee2372699758d2cc43bfcbd2ba"), + }, + GcmTV { + key: &hex!("8433a85f16c7c921476c83d042cb713eb11a83fc0cffe31dde97907f060b4ee9"), + nonce: &hex!("55ffc85ffd1cdea8b8c48382"), + plaintext: &hex!("23bc3983ba5b3be91c8a6aa148a99995241ee9e82ce44e1184beb742affbe48f545c9a980480cf1fab758a46e4711ea9267466"), + aad: b"", + ciphertext: &hex!("2f4bdc7b8b8cec1863e3145871554778c43963b527f8413bb9779935c138a34d86d7c76a9e6af689902f316191e12f34126a42"), + tag: &hex!("7dc63156b12c9868e6b9a5843df2d79e"), + }, + GcmTV { + key: &hex!("5d7bf55457929c65e4f2a97cbdcc9b432405b1352451ccc958bceebce557491d"), + nonce: &hex!("f45ae70c264ed6e1cc132978"), + plaintext: &hex!("ba5ac2a16d84b0df5a6e40f097d9d44bf21de1fcec06e4c7857463963e5c65c936d37d78867f253ce25690811bf39463e5702a"), + aad: b"", + ciphertext: &hex!("47c16f87ebf00ba3e50416b44b99976c2db579423c3a3420479c477cd5ef57621c9c0cee7520acb55e739cc5435bc8665a2a0c"), + tag: &hex!("456054ecb55cf7e75f9543def2c6e98c"), + }, + GcmTV { + key: &hex!("595f259c55abe00ae07535ca5d9b09d6efb9f7e9abb64605c337acbd6b14fc7e"), + nonce: &hex!("92f258071d79af3e63672285"), + plaintext: &hex!("a6fee33eb110a2d769bbc52b0f36969c287874f665681477a25fc4c48015c541fbe2394133ba490a34ee2dd67b898177849a91"), + aad: b"", + ciphertext: &hex!("bbca4a9e09ae9690c0f6f8d405e53dccd666aa9c5fa13c8758bc30abe1ddd1bcce0d36a1eaaaaffef20cd3c5970b9673f8a65c"), + tag: &hex!("26ccecb9976fd6ac9c2c0f372c52c821"), + }, + GcmTV { + key: &hex!("251227f72c481a7e064cbbaa5489bc85d740c1e6edea2282154507877ed56819"), + nonce: &hex!("db7193d9cd7aeced99062a1c"), + plaintext: &hex!("cccffd58fded7e589481da18beec51562481f4b28c2944819c37f7125d56dceca0ef0bb6f7d7eeb5b7a2bd6b551254e9edff3a"), + aad: b"", + ciphertext: &hex!("1cc08d75a03d32ee9a7ae88e0071406dbee1c306383cf41731f3c547f3377b92f7cc28b3c1066601f54753fbd689af5dbc5448"), + tag: &hex!("a0c7b7444229a8cfef24a31ee2de9961"), + }, + GcmTV { + key: &hex!("f256504fc78fff7139c42ed1510edf9ac5de27da706401aa9c67fd982d435911"), + nonce: &hex!("8adcf2d678abcef9dd45e8f9"), + plaintext: &hex!("d1b6db2b2c81751170d9e1a39997539e3e926ca4a43298cdd3eb6fe8678b508cdb90a8a94171abe2673894405eda5977694d7a"), + aad: b"", + ciphertext: &hex!("76205d63b9c5144e5daa8ac7e51f19fa96e71a3106ab779b67a8358ab5d60ef77197706266e2c214138334a3ed66ceccb5a6cd"), + tag: &hex!("c1fe53cf85fbcbff932c6e1d026ea1d5"), + }, + GcmTV { + key: &hex!("21d296335f58515a90537a6ca3a38536eba1f899a2927447a3be3f0add70bea5"), + nonce: &hex!("2be3ad164fcbcf8ee6708535"), + plaintext: &hex!("ad278650092883d348be63e991231ef857641e5efc0cab9bb28f360becc3c103d2794785024f187beaf9665b986380c92946a7"), + aad: b"", + ciphertext: &hex!("b852aeba704e9d89448ba180a0bfde9e975a21cc073d0c02701215872ed7469f00fe349294ba2d72bf3c7780b72c76101ba148"), + tag: &hex!("bdd6d708b45ae54cd8482e4c5480a3c1"), + }, + GcmTV { + key: &hex!("d42380580e3491ddfbc0ec32424e3a281cbe71aa7505ff5ab8d24e64fbe47518"), + nonce: &hex!("fbed88de61d605a7137ffeb2"), + plaintext: &hex!("4887a6ef947888bf80e4c40d9769650506eb4f4a5fd241b42c9046e3a2cf119db002f89a9eba1d11b7a378be6b27d6f8fc86c9"), + aad: b"", + ciphertext: &hex!("87aa27f96187ce27e26caf71ba5ba4e37705fd86ca9291ea68d6c6f9030291cdbff58bff1e6741590b268367e1f1b8c4b94cd4"), + tag: &hex!("d1690a6fe403c4754fd3773d89395ecd"), + }, + GcmTV { + key: &hex!("5511727ecd92acec510d5d8c0c49b3caacd2140431cf51e09437ebd8ca82e2ce"), + nonce: &hex!("ae80d03696e23464c881ccff"), + plaintext: &hex!("184b086646ef95111ccb3d319f3124f4d4d241f9d731ce26662ea39e43457e30b0bd739b5d5dbceb353ce0c3647a3a4c87e3b0"), + aad: b"", + ciphertext: &hex!("aa28cb257698963dfc3e3fe86368d881ac066eb8ee215a7c0ed72e4d081db0b940071e2e64ff6204960da8e3464daf4cb7f37b"), + tag: &hex!("c1578aa6e3325ee4b5e9fb9ee62a7028"), + }, + GcmTV { + key: &hex!("d48f3072bbd535a2df0a2864feb33b488596cd523ad1623b1cefe7b8cbefcf4a"), + nonce: &hex!("bbf2a537d285444d94f5e944"), + plaintext: &hex!("060c585bd51539afdd8ff871440db36bfdce33b7f039321b0a63273a318bd25375a2d9615b236cfe63d627c6c561535ddfb6bd"), + aad: b"", + ciphertext: &hex!("993d5d692c218570d294ab90d5f7aa683dc0e470efac279a776040f3b49386813f68b0db6a7aef59025cc38520fb318a1eac55"), + tag: &hex!("8cd808438a8f5b6a69ff3ae255bf2cb2"), + }, + GcmTV { + key: &hex!("5fe01c4baf01cbe07796d5aaef6ec1f45193a98a223594ae4f0ef4952e82e330"), + nonce: &hex!("bd587321566c7f1a5dd8652d"), + plaintext: &hex!("881dc6c7a5d4509f3c4bd2daab08f165ddc204489aa8134562a4eac3d0bcad7965847b102733bb63d1e5c598ece0c3e5dadddd"), + aad: &hex!("9013617817dda947e135ee6dd3653382"), + ciphertext: &hex!("16e375b4973b339d3f746c1c5a568bc7526e909ddff1e19c95c94a6ccff210c9a4a40679de5760c396ac0e2ceb1234f9f5fe26"), + tag: &hex!("abd3d26d65a6275f7a4f56b422acab49"), + }, + GcmTV { + key: &hex!("885a9b124137e40bd0f697771317e401ce36327e61a8f9d0b80f4798f30a731d"), + nonce: &hex!("beebc2f5a26fd2cab1e9c395"), + plaintext: &hex!("427ec568ad8367c202f5d9999240f9994cc113500154f7f49e9ca27cc8154143b855238bca5c7bd6d9852b4eebd41e4eb98f16"), + aad: &hex!("2e8bdde32258a5fcd8cd21037d0545eb"), + ciphertext: &hex!("a1d83aab6864db463d9d7c22419462bde0740355c1147c62b4c4f23ceeaf65b16b873b1cc7e698dff6e3d19cf9da33e8cbcba7"), + tag: &hex!("4fdbfd5210afa3556ec0fdc48b98e1eb"), + }, + GcmTV { + key: &hex!("21c190e2b52e27b107f7a24b913a34bd5b7022060c5a4dec9ab289ff8ae67e2d"), + nonce: &hex!("b28a61e6c1dfa7f76d086063"), + plaintext: &hex!("4e1b9528cf46b1dd889858d3904d41d3174dcb225923f923d80adbfe6eec144b1d4eb3690d0b8519c99beaee25bb50fd2d148f"), + aad: &hex!("d80657377ddbbed1f9b8d824b3c4d876"), + ciphertext: &hex!("7126fa807aa6b61a60958fe4cc8682bb256e5bbdc499d04a6caa81b23f9e67d3da4cf1994b5a8ecc7bce641864d0519a6509cd"), + tag: &hex!("d3e96568f2cd1a48771ee4f67ad042c1"), + }, + GcmTV { + key: &hex!("11c33ae37680130c51ed11bfaf0fcb6ed4fc7d903ff432b811763d2c7ef83a33"), + nonce: &hex!("0f224d26dbf632cebdce3b8b"), + plaintext: &hex!("f8a2affe5a7e67f2c62622e4a56804b48e529d1faf9096f94409224129921ce46aed898dd5391746e8170e05f91e0524166625"), + aad: &hex!("dee803732ff662cba9f861227f8b67cf"), + ciphertext: &hex!("3856558375c363b25e8f9e9e2eb63cf0e76a1c6e228893c7b22da4a69b682528b4a4ca2b99e7a537390e2d1e05a68f3e39c4e9"), + tag: &hex!("9b12691b2002ca9227035c68ea941ef3"), + }, + GcmTV { + key: &hex!("3b291794fbb9152c3e4f4de4608a9137d277bd651f97e738afaa548d97b4ec60"), + nonce: &hex!("4d1c69c6da96c085d31422ba"), + plaintext: &hex!("21b3ca1f47a0c7f6ebd097eda69d9e5b5fbf5c24d781658003cfd443ae7096be19e1cd3c14fe9738efb00847697fccb466ae1b"), + aad: &hex!("f3a5fa61a4e987413a8fab4aa51d895d"), + ciphertext: &hex!("6c1439cd2cb564e7944fd52f316e84aeffc3fd8024df5a7d95a87c4d31a0f8ea17f21442c709a83b326d067d5f8e3005ebe22a"), + tag: &hex!("e58048f2c1f806e09552c2e5cdf1b9d9"), + }, + GcmTV { + key: &hex!("8e7a8e7b129326e5410c8ae67fbd318de1909caba1d2b79210793c6b2c6e61c7"), + nonce: &hex!("8e48513fdd971861ef7b5dc3"), + plaintext: &hex!("ef6b4145910139293631db87a0d7782a1d95db568e857598128582e8914b4fa7c03c1b83e5624a2eb4c340c8ad7e6736a3e700"), + aad: &hex!("80bb66a4727095b6c201fb3d82b0fcf5"), + ciphertext: &hex!("e302687c0548973897a27c31911fc87ee93d8758c4ded68d6bd6415eaaf86bcc45fa6a1ef8a6ae068820549b170405b3fc0925"), + tag: &hex!("ff5c193952558e5a120e672f566be411"), + }, + GcmTV { + key: &hex!("d687e0262f7af2768570df90b698094e03b668ce6183b6c6b6ca385dcd622729"), + nonce: &hex!("50f6904f2d8466daa33c2461"), + plaintext: &hex!("79e3067d94464e019a7c8af10b53adf5b09426d35f2257c3cbaffe1ff720565c07e77aeef06f9d03a2353053992073a4ed1fc8"), + aad: &hex!("e8fa99432929d66f10205ad3e9592151"), + ciphertext: &hex!("18f6e6aeecc8dc5a3d0b63a2a8b7bfaf695bd9c49a7392dbfa8ed44771eebe27f94589d8a430da4cf03a8693bc7525e1fcac82"), + tag: &hex!("3c864eaa1b0ae44a7f0ad9ba287ba800"), + }, + GcmTV { + key: &hex!("26dc5ce74b4d64d1dc2221cdd6a63d7a9226134708299cd719a68f636b6b5ebd"), + nonce: &hex!("0294c54ff4ed30782222c834"), + plaintext: &hex!("ae4c7f040d3a5ff108e29381e7a0830221d5378b13b87ef0703c327686d30af004902d4ddb59d5787fecea4731eaa8042443d5"), + aad: &hex!("2a9fb326f98bbe2d2cf57bae9ecbeff7"), + ciphertext: &hex!("9601aec6bc6e8a09d054a01e500a4e4cdcc7c2cf83122656be7c26fc7dc1a773a40be7e8a049a6cdf059e93a23ca441ef1ca96"), + tag: &hex!("b620a8a0c8fe6117f22735c0ca29434c"), + }, + GcmTV { + key: &hex!("7fa0644efc7f2e8df4b311f54ba8b8c975b2c2aa97962f8ca8a322541bedaa9d"), + nonce: &hex!("5e774e45a07eeb9721734412"), + plaintext: &hex!("84d1c75455e4c57419a9d78a90efc232c179517fe94aff53a4b8f7575db5af627f3d008006f216ecfc49ab8da8927ff5dc3959"), + aad: &hex!("6ad673daa8c412bf280ea39ba0d9b6d4"), + ciphertext: &hex!("e2f00b5a86b3dec2b77e54db328c8d954d4b716f9735e5798b05d65c512674d56e88bda0d486685a45d5c249719884329e3297"), + tag: &hex!("0ce8eb54d5ad35dd2cb3fa75e7b70e33"), + }, + GcmTV { + key: &hex!("91d0429f2c45cf8ab01d50b9f04daaaccbe0503c9f115f9457c83a043dc83b23"), + nonce: &hex!("34401d8d922eebac1829f22e"), + plaintext: &hex!("d600d82a3c20c94792362959de440c93119a718ac749fa88aa606fc99cb02b4ca9ba958d28dc85f0523c99d82f43f58c5f979b"), + aad: &hex!("1b29de9321aebc3ff9d1c2507aee80e9"), + ciphertext: &hex!("84cbc9936eb7270080bb7024780113d064eccb63d3da0bd6bce4f8737d28304bfb6102f3ae9c394cc6452633fc551582bbfe1d"), + tag: &hex!("e132dc8a31d21f24ea0e69dfb6b26557"), + }, + GcmTV { + key: &hex!("44e6411b9fbfcef387d0ca07b719181c7567e27dba59e8e1c3cc1763cfeaca04"), + nonce: &hex!("25a1cfd97bd8e63de5d65974"), + plaintext: &hex!("db28a592b1f3603c287991a69cc64eacdd62046445a8ba4067575f12553de155d06a9b40ddf58fec56c8171687b9cb54b1f346"), + aad: &hex!("4b1751b074ab649d27fd3f2c4d7ee33a"), + ciphertext: &hex!("36bf6bb761b2248fe71a620e34e9d18e12a74ca42c9a9a21d30345995a83eb44bcae3c67c020730cd8d5e51a741694cc396469"), + tag: &hex!("e69ebf80a88d6eca41ae87cdcab4e1f2"), + }, + GcmTV { + key: &hex!("a94bfcefae90f9078860db80ccc50819eadf7cce29df3279f94f5eea97009ef2"), + nonce: &hex!("f481bcb7f5da296e9454ff78"), + plaintext: &hex!("97d0c7dfcab32a386f51d92e89333ec84eecd552e68d14cf48b75067bf0e1946ad03a5d063b852ca053c929088af45d0884a88"), + aad: &hex!("9f80d845577818df9ba984ee552ae203"), + ciphertext: &hex!("18a1c9bfe1b1dfdd06e465df347c1e942b37b3e48cb0c905841a593b5b0d0330feb3b8970dbc9429252a897f0f8e12860ea39a"), + tag: &hex!("10cf4d335b8d8e7e8bbaf49222a1cd66"), + }, + GcmTV { + key: &hex!("a50a60e568ff35a610ef9479c08bbc7bb64c373fc853f37fa6b350250a26f232"), + nonce: &hex!("5ada1d4aca883d7bd6fa869f"), + plaintext: &hex!("9ea44e72a1d21395cd81d20db05816441010efd8f811b75bb143ab47f55eefce4eec5f606fa5d98b260d7e5df4a7474cbd8599"), + aad: &hex!("cc7a7a541be7a6d1b846354cb6a571e6"), + ciphertext: &hex!("4165b135187faeb395d4531c062738e0d47df8bed91982eb32e391a6b3711f117b6fae0afde791de3e72fcf96d2b53ff1a621a"), + tag: &hex!("e2cbfea2100585b2cbe5107da17ff77a"), + }, + GcmTV { + key: &hex!("5ff3311461d247ceb1eaf591292fcba54308dd3484fd1851e09a12b8f6663fc1"), + nonce: &hex!("61af2e6aec183129cf053c2b"), + plaintext: &hex!("920df8b2888a74022ede6919ed0bf48ccf51e395fe5bfa69a6209ff9a46674024eaa4f43ae2c933730b9fdc8ad216130447cc8"), + aad: &hex!("5eafed6674f2ae83397df923e059db49"), + ciphertext: &hex!("0e35e1208168b639e012df398bc8bf2b19b08d46af0353cd78f6d1b7ae14e6224c1da6fdc9433b171f1cd2b512d5f1acd84f03"), + tag: &hex!("5bc77eb02e4d51e2019446b468498d0e"), + }, + GcmTV { + key: &hex!("42e93547eee7e18ec9620dd3dc0e2b1cf3e5d448198a902ded3f935da9d35b33"), + nonce: &hex!("e02e12ba92a6046af11adf0e"), + plaintext: &hex!("6c3704b32527ace3d5236687c4a98a1ad5a4f83c04af2f62c9e87e7f3d0469327919d810bb6c44fd3c9b146852583a44ed2f3c"), + aad: &hex!("ac3d536981e3cabc81211646e14f2f92"), + ciphertext: &hex!("8b6506af703ae3158eb61e2f9c2b63de403b2ebc6b1e6759ceb99c08aa66cb07d1d913ac4acd7af9b9e03b3af602bcaf2bb65e"), + tag: &hex!("a6ce2ccb236fc99e87b76cc412a79031"), + }, + GcmTV { + key: &hex!("24501ad384e473963d476edcfe08205237acfd49b5b8f33857f8114e863fec7f"), + nonce: &hex!("9ff18563b978ec281b3f2794"), + plaintext: &hex!("27f348f9cdc0c5bd5e66b1ccb63ad920ff2219d14e8d631b3872265cf117ee86757accb158bd9abb3868fdc0d0b074b5f01b2c"), + aad: &hex!("adb5ec720ccf9898500028bf34afccbcaca126ef"), + ciphertext: &hex!("eb7cb754c824e8d96f7c6d9b76c7d26fb874ffbf1d65c6f64a698d839b0b06145dae82057ad55994cf59ad7f67c0fa5e85fab8"), + tag: &hex!("bc95c532fecc594c36d1550286a7a3f0"), + }, + GcmTV { + key: &hex!("fb43f5ab4a1738a30c1e053d484a94254125d55dccee1ad67c368bc1a985d235"), + nonce: &hex!("9fbb5f8252db0bca21f1c230"), + plaintext: &hex!("34b797bb82250e23c5e796db2c37e488b3b99d1b981cea5e5b0c61a0b39adb6bd6ef1f50722e2e4f81115cfcf53f842e2a6c08"), + aad: &hex!("98f8ae1735c39f732e2cbee1156dabeb854ec7a2"), + ciphertext: &hex!("871cd53d95a8b806bd4821e6c4456204d27fd704ba3d07ce25872dc604ea5c5ea13322186b7489db4fa060c1fd4159692612c8"), + tag: &hex!("07b48e4a32fac47e115d7ac7445d8330"), + }, + GcmTV { + key: &hex!("9f953b9f2f3bb4103a4b34d8ca2ec3720df7fedf8c69cac900bd75338beababe"), + nonce: &hex!("eb731ae04e39f3eb88cc77fa"), + plaintext: &hex!("3b80d5ac12ba9dad9d9ff30a73732674e11c9edf9bb057fd1c6adc97cf6c5fa3ee8690ad4c51b10b3bd5da9a28e6275cbe28cb"), + aad: &hex!("d44a07d869ac0d89b15262a1e8e1aa74f09bcb82"), + ciphertext: &hex!("1533ce8e2fc6ab485aef6fcfb08ded83ae549a7111fce2a1d8a3f691f35182ce46fce6204d7dafb8d3206c4e4b645bc3f5afd1"), + tag: &hex!("f09265c21f90ef79b309a93db73d9290"), + }, + GcmTV { + key: &hex!("2426e2d1cd9545ec2fb7ab9137ad852734333925bfc5674763d6ee906e81c091"), + nonce: &hex!("49a094a71d393b36daa4a591"), + plaintext: &hex!("7cbe7982d365a55d147c954583f9760a09948ab73ebbe1b2c1d69ed58e092a347392192cfe8bce18ca43ee19af7652331bd92c"), + aad: &hex!("177309cfc913e3f5c093e8b1319ba81826d43ce5"), + ciphertext: &hex!("cab992e17cf6ec69fd3c67ea0424bcd67475a7f1f16e6733c4419d1b5a755f78d6eda8e368360d403800a08f0d52b4bc0aa0ab"), + tag: &hex!("b125f8caee9e54b9f9414b1c09021ed8"), + }, + GcmTV { + key: &hex!("8dc1b24bcbbee3cb8e14b344166d461d00c7490041edc9fa07e19cc82a3ed9c4"), + nonce: &hex!("31768ad18c971b188d947019"), + plaintext: &hex!("84e4f79dbb7209cbaf70e4fefe137c494786c899602783e9c034296978d7f0c571f7ea9d80ed0cc4723124872d7326890300c1"), + aad: &hex!("eb3673b64560cca7bda76a1de7ae1014ee1acaee"), + ciphertext: &hex!("2402acd865d4b731bc9395eae0e57d38fdf5ce847ac7aef75791a52c7573ea9b3a296e62cb1ed97c4bd34be50ee7f3d75747cf"), + tag: &hex!("665abb725498ede2b0df655fc1765a2b"), + }, + GcmTV { + key: &hex!("bc898f643a5f2cd864c10b507b4b803b4ff4ace61fadcc7bcd98af394731b791"), + nonce: &hex!("cc447d83c0a6734a79778c64"), + plaintext: &hex!("124eb963cdb56fa49c70a9b1aa682445c55065f26859f1d16eef7cfe491587533eedd7e23deabddfc5550c2fa6a08b17822699"), + aad: &hex!("e932bd2e0e6c550d136f725e14c53d27ffb20f6a"), + ciphertext: &hex!("45d8908ef9eef369e78b7ea0b7d023a92c63648271927efe9b0220eb09ed96f3b635c6ec8bfc68b4c228b712494bb37f4c7f1a"), + tag: &hex!("47899857494bac28d2176a9c923026b2"), + }, + GcmTV { + key: &hex!("8e82a85466ee024eb1ae10c4982d6a95e6dbe5582299ab37fe89a9db80ab51a6"), + nonce: &hex!("04cfd489e18eeb7a4a8ab36b"), + plaintext: &hex!("3aa2e4eaed18c4602715ae77379e9083708af9f9b49031324d41abca61440319c8c8e6dbcc20006a825b12ced00b2286848a94"), + aad: &hex!("7bb54b1a6ed0ca387268a146430c0bfa2602a8fd"), + ciphertext: &hex!("674b1391937074642408eeae9b748ca629da9fd00281824f5a108f6078ee78f98749392bb6e29b53e53e4b11739ac53a8e653b"), + tag: &hex!("e320a873a9c2e8ef455698c37ea59a6d"), + }, + GcmTV { + key: &hex!("f1f2c5503ebf35ac1373c29e2305e963f89f6ed015a181b70fb549429805d5d9"), + nonce: &hex!("2fb5c6a24f406872755db05c"), + plaintext: &hex!("b4a2809198035c277637bb1c2927fb5c60b49ef9087c800012d8663d997983fcb78d51a054114a24e1e1b5214b58e7dee47195"), + aad: &hex!("92c1f3489aed90aedafb55562a34b3f4be29e101"), + ciphertext: &hex!("f051a3a968278a46630b2894a0d386c18fa034960d8ddd14e88e1071afbbca5baf02967c2270117b4fb2bd4cfd032174505f99"), + tag: &hex!("6f1db5293660b6904f7f008e409bdc06"), + }, + GcmTV { + key: &hex!("f0338d26d74bd1768da5bb79c59fab2b4abe1966324048790c44bc98a6b34b6c"), + nonce: &hex!("c8269e4406fa0be1cf057b2f"), + plaintext: &hex!("323c373e4d85a1fd21f387fdd8c7e6aeebd5aae893d7af286cb214600cba8b9eb06df085a2dc5aed870259f7f3cc81d3eb53bd"), + aad: &hex!("13fb0edcba095cef9c4343a0629fd5020f03729d"), + ciphertext: &hex!("08572b9cf9bcfd21d4403a1218d94476b9ee8c3b94c56625c21ccaf4c0efa34cf22a532389210793699c9de1ab14f8c4c52928"), + tag: &hex!("29968c9fb610940cee9fd5b2f7c8ba21"), + }, + GcmTV { + key: &hex!("a67648285b65b9196060aaa02af279170164353e38fb77c3968c403cfa9acdc8"), + nonce: &hex!("0822d6b3e91eccb7e14245fd"), + plaintext: &hex!("b5d271768c12ccabf89eb2d58cbde840c26d1c9b3692581f90c8b0d7b2cff31ae9192d284f5448de7d924a7b08f115edae75aa"), + aad: &hex!("0d9a5af7ac27438d92534d97ff4378274790e59f"), + ciphertext: &hex!("b59041eed7abc2ff507d1932b5c55ac52728e5ac6648dcc74b38870db6181b1989f95a0144f0db368ec50414cfda0b977141e3"), + tag: &hex!("1d12ce89e1261d73470f3ae36ab87288"), + }, + GcmTV { + key: &hex!("51162b2435f3cf43471f4cc0ffac98b438501ee9b887843a66e9951ca35b8767"), + nonce: &hex!("dcb902eaa837ed22bf5fa636"), + plaintext: &hex!("3edf43358f5109a4dfb4a02987170a67cdd170f6028f7708bdd7726f476b882b9640270f2270f7babfa384181c8e58c15d04c4"), + aad: &hex!("4d459905ff89aed07dcda43a3d191a3da9309faa"), + ciphertext: &hex!("046a2313d36cbc43b6d0787e5ef37d153090a31d0f6656004034be72b9b07ace3a8abe8614362282d87da40c29c60a1a9f5c40"), + tag: &hex!("c7410b5cb94d2877c189983791cee82e"), + }, + GcmTV { + key: &hex!("2fa2beb1cde2226f28fb42a5fb0af3fc58fbb76bf14aa436e6535d466456a0f4"), + nonce: &hex!("50190514a3740b3c0b1df576"), + plaintext: &hex!("a5e0b4837dfca263ba286abf7940b6e70fabb55d8dee5028617c1190fbd327f79b79d2f34db6076ab07cecff7114b15ca02a33"), + aad: &hex!("25142928c1ae9c7b850309e07df359389db539fc"), + ciphertext: &hex!("850fd22bd0897b98ce40bc6c1345a9d59abf796b1b8c34ee8b377e54ee7d59dec05c022ecae96ffdfa1311bdd4e7a9d35aac47"), + tag: &hex!("4b5ab89b4f627ca32d12a1791c286870"), + }, + GcmTV { + key: &hex!("a92a797ce2b2f382030b77a1abe94c8076eee88de2dc4929350b244dbdaddd30"), + nonce: &hex!("716f577401a7893c42c91710"), + plaintext: &hex!("9d26ff79a89720fab6e4cda85887e3c0c3f86a4670d065c8ea68042b6f9f16dd2c5b31acb36331f5b1e50f08c492dc12eebd9e"), + aad: &hex!("8642681f1839b88990c2a939f00c9b90766dadac"), + ciphertext: &hex!("3080bcf3604cf81f5f2c6edc80dfe5d877168a9903598a700a0bbae188fadc7a8b76a04b40400f9252d7f9437fa8f024a3bdeb"), + tag: &hex!("8fc56f6bf48efb00476886b2a03ecb89"), + }, + GcmTV { + key: &hex!("89d0723e5a087456b7b709b8b21be380b463ba3dc9b79170e9947526798fe91c"), + nonce: &hex!("68e2f307b7d49d4d9c041755"), + plaintext: &hex!("7fe2afb710e8fd49cca1c2ba8fd0814594fba4d667017630e170a8a379fa5837bf370ca1cd4c98bd8c4f13eb7068ffa71ab07c"), + aad: &hex!("b34805b30703a62b6d37c93f2443e1a33154b5fb"), + ciphertext: &hex!("b841012752bbf1dfa7b59366dbf353bf98b61ff2e6e7a13d64d9dcb58b771003c8842ac002aac1fa8ca00a21eaf101ab44f380"), + tag: &hex!("73a93e2722db63c2bbf470d5193b2230"), + }, + GcmTV { + key: &hex!("329a6e94b1cce693e445694650d62b8c2c9ab03a09e6d4eca05c48291e576b89"), + nonce: &hex!("78f471bc32f8637a213e87ac"), + plaintext: &hex!("65264d75e1a176a7e966e59109cd074ac5d54740eb0c58084af023e5599eb611846199579d95ba94b6d25ee4d9074b9714f231"), + aad: &hex!("c00c465524e2e2f8a55c0793ed9af851be45a70e"), + ciphertext: &hex!("964d665d1e3c1018dfd883e217cfe4c856cc844f7644b53bb68fbe66f8541fa43ac54e92a2b194d6d8929fe031e94b3e70eca0"), + tag: &hex!("fd511385711236f2e99e6da5042007b7"), + }, + GcmTV { + key: &hex!("463b412911767d57a0b33969e674ffe7845d313b88c6fe312f3d724be68e1fca"), + nonce: &hex!("611ce6f9a6880750de7da6cb"), + plaintext: &hex!("e7d1dcf668e2876861940e012fe52a98dacbd78ab63c08842cc9801ea581682ad54af0c34d0d7f6f59e8ee0bf4900e0fd85042"), + aad: &hex!("0a682fbc6192e1b47a5e0868787ffdafe5a50cead3575849990cdd2ea9b3597749403efb4a56684f0c6bde352d4aeec5"), + ciphertext: &hex!("8886e196010cb3849d9c1a182abe1eeab0a5f3ca423c3669a4a8703c0f146e8e956fb122e0d721b869d2b6fcd4216d7d4d3758"), + tag: &hex!("2469cecd70fd98fec9264f71df1aee9a"), + }, + GcmTV { + key: &hex!("55f9171a03c21e09e3a5fd771e56bffb775ebb190319f3dc214c4b19f72e5482"), + nonce: &hex!("14f3bf95a08e8f52eb46fbf9"), + plaintext: &hex!("af6b17fd67bc1173b063fc6f0941483cee9cbbbbed3a4dcff55a74b0c9535b977efa640e5b1a30faa859fd3daa8dd780cc94a0"), + aad: &hex!("bac1ddefd111d471e75f0efb0f8127b4da923ecc788a5c91e3e2f65e2943e4caf42f54896604af19ed0b4d8697d45ab9"), + ciphertext: &hex!("3ae8678089522371fe4bd4da99ffd83a32988e0728aa3a4970ded1fe73bc30c2eb1fe24c0ff5ab549ac7e567d7036628fd718d"), + tag: &hex!("cf59603e05f4ed1d2da04e19399b8512"), + }, + GcmTV { + key: &hex!("54601d1538e5f04dc3fe95e483e40dec0aaa58375dc868da167c9a599ed345d9"), + nonce: &hex!("c5150872e45c341c2b99c69a"), + plaintext: &hex!("ae87c08c7610a125e7aa6f93fac0f80472530b2ce4d7194f5f4cb8ac025323c6c43a806788ef50c5028764ec32f2839005c813"), + aad: &hex!("93cd7ee8648a64c59d54cdac455b05ffdfc2effe8b19b50babd8c1a8c21f5dc8dc6050e2347f4cd28701594b9f8d4de5"), + ciphertext: &hex!("d5f005dc67bdc9738407ce2401977f59c9c83520e262d0c8db7fe47ae0eada30d674694f008e222f9733a6e63d81499e247567"), + tag: &hex!("3470155144c74929980134db6995dd88"), + }, + GcmTV { + key: &hex!("e966c470cbecc819260640d5404c84382e6e649da96d29cad2d4412e671ed802"), + nonce: &hex!("b3a92d6f49fe2cb9c144d339"), + plaintext: &hex!("7adf6fcb41d59b8d2b663010c3d4cf5f5f0b95cf754f76f8626c4428467e5c6684e77e7857b1cc755762e9ea9117e3bb077040"), + aad: &hex!("dfa62a3a4b5b3af6770cfd3cef3bbb4cce3f64925782a9a8a6e15fe3744d8f9310400dd04e8d7966c03850539e440aa5"), + ciphertext: &hex!("5f5b09486e6cd2a854e5622b4988e2408fddaca42c21d946c5cd789fe5a1306ef33c8cd44467ad7aa4c8152bce656a20367284"), + tag: &hex!("2b388109afdada6473435230d747b4eb"), + }, + GcmTV { + key: &hex!("4a8a12c0575ec65ae1c5784d2829bc7b04818eb00bd4c90a0d032ea281076e27"), + nonce: &hex!("959f113b705397fb738018b0"), + plaintext: &hex!("0c5571195586e4fc7096fb86cfcd6684081446f3d7adc33a897f03ac4ff6c3cc2019b67bd3184c86070764f6deaa8a10d0d81f"), + aad: &hex!("adb8bc96142a1025122dc22f826957197af33dcdcf6b7ab56bc1a5e17e8534e48b8daf685faf9543bb343614bdf6737f"), + ciphertext: &hex!("84212d5991231d35c4e8621163e5b370a0105a05856866e74df72c0808c062981570d32d274ea732fa4d29f9cfa7839cadbe6a"), + tag: &hex!("39cee3b8fa0bf92605666ccd9eb19840"), + }, + GcmTV { + key: &hex!("6197a4fa7cfcedeff223f69ea68b4ddf54b683350c20875be353077e9bbce346"), + nonce: &hex!("1a69ecabd42c53c0ec64fcd0"), + plaintext: &hex!("40a487b4daf866c20f3c4911a0586709c3344aa988dc9c464bcf36cc4e3d92701e611e60cf69f3edbf76cd27ff6ba935026d7f"), + aad: &hex!("b20a7ca5b5b603f661587e01f7ef171823ef463c187ded77a3d616400cc1d2b0b688ac9e927498341560cbc8eb9a4198"), + ciphertext: &hex!("06420fa038ee62db30cc05bfe34c8d2c39a9d439653907c512ed606511921fe76110913a5bfb6b6c7b23d7f8883f5ab65f4b14"), + tag: &hex!("4d3097c9919002cd1da83f29820312ed"), + }, + GcmTV { + key: &hex!("c9dbe185023ecaa78be9bfac1b91b9da6bd7c11349feb69e6b0be83a838e77b2"), + nonce: &hex!("8940fa7c6afd3f7a09ec93b6"), + plaintext: &hex!("075be0d61273e6975978d0b88b3fa38fc398d4d0f22a342a8afa5562af0e7c8fa548f0d8faec898a20c97e851754992c1ed4a3"), + aad: &hex!("f17bd357608365e66b98e49191cdc2a3813bba5a1b7988aa8aaaaad4b86d0ef4e2698cad799d63fcd2a5e87c0e3e929a"), + ciphertext: &hex!("615c1097d577363a77bfc7dd57179acb68166e78021b3397d7029ce33cbc848f036b9c07989eeb9f42aeaeebe8542f103b1d32"), + tag: &hex!("a22ab25fd8a6127469e8ce9ff686d575"), + }, + GcmTV { + key: &hex!("e6cdcf497a6e119009bf43ac183d2dd4d4e967964ef92811f69eb18d92923305"), + nonce: &hex!("3e88459a76e1dcc890788297"), + plaintext: &hex!("72a3dfb555ba0029fc3d1c85b836f76135bd1858189efdde2db29045f2c26e6a65627d81a0b85ca42e8269d432a41154e929ac"), + aad: &hex!("a359f86ec918537d80a84da7b66bca700c1ff9ec7f8695a30808d484da218d15ae89c5f943e71778445130191f779001"), + ciphertext: &hex!("9ae3f8ccae0bb5789b1105118760c406e41175a76612435cb0c8be225ea6b368c9d08c9d9a24b512d1458e94af79e3060ab69e"), + tag: &hex!("ac3bbc8fd6a7097df6f298411c23e385"), + }, + GcmTV { + key: &hex!("de5531b50888b61d63af2210ee23f46d91a5e60312bd578584af586bf22ea756"), + nonce: &hex!("0fde8689b0348bbcfaa89fec"), + plaintext: &hex!("80621e54eef1c92afb1f64ed860e39311eea7e2cca6f5624008c1d2e581d7112b7ee0b559fc3db575b7b7c42ee4f2a20442dc0"), + aad: &hex!("22db97cd5f359f12aec66c51c7da79ba629db4c8c7e5501be2ec1e4cc3f3944b6e3057d093bc68b735b5156950f91804"), + ciphertext: &hex!("933018419a32b7bf65f9777c44889a44b32d61ceddbb46839366ce2ca2ffeb1833f46559e59c93bb07f622d9633f13932cf7f1"), + tag: &hex!("25023a4ee9bdbf525cfef888e2480f86"), + }, + GcmTV { + key: &hex!("bc0c6368a9bb2622f6d5ba12de581f003336c298adac34499bf26b11e630f891"), + nonce: &hex!("2aa8f30b567cf1edd818e42d"), + plaintext: &hex!("1dcc1a3167fba55c00d3383e26d386eaa0449154599992da7f7f6598f41b3eb8e4d0a9143dfcab963f5c390a6ae2010fbcf6ec"), + aad: &hex!("0e28ebf87eb757e83031fb836f7b049a46bd740b0a39c9b798d2407e1150da86dfe84121c7c98449559453ad7558e779"), + ciphertext: &hex!("78d00a6e3302369817b9cf1f24ea13c41751382e3fea74403d094737e32fb507184cfebce48d10b4ce8db12ef961e4df2c8e95"), + tag: &hex!("c0aff3594f86b58e229c7ad05c2b84f0"), + }, + GcmTV { + key: &hex!("5d98a0c7ad6f9c0b116613ca5082250356a6a9bca55fe1a4a2962b733214dac4"), + nonce: &hex!("8b2d8e8d83bdd6a3125dd997"), + plaintext: &hex!("4f3685c2cfbc856379d1fd00f9611fe4c0a4b9c4013fe1bee144449709a6a7e31ff6fb0da74ed464b066b03b50f19cd7f5f9bc"), + aad: &hex!("2f20636d46ce37e9bb0ca0c41d819e3eabcedacbd1ca3ced112d3ad620bbd3b2effe80d3ec8760706e8f14db83139a70"), + ciphertext: &hex!("8e178c0e3e5d22b3be897e0b8879b0d53fef2efb9946ccff6d717b001e3033f2cc22d01d9551e9c0749de704fbe3189328cbb0"), + tag: &hex!("541b7db823e37b5ed323626b9c6748f6"), + }, + GcmTV { + key: &hex!("d80a2703e982de1a2fe706ffe6e389f351ab356ccf056df045e2941b42ef21a4"), + nonce: &hex!("1521ab8f7242cba05427f429"), + plaintext: &hex!("6f9fde28e85776a49cfbad1459d94611757a3cd996aa6e2d702d0483a4d88d532131ebd405b351226b16d19d30d32807a1d511"), + aad: &hex!("5395de90d6bec7c159ab9d6cfa663bdc6295d025e1fcc8b760b9ba42d785eda218dabc6fa7c0f733ad77f61682bff2db"), + ciphertext: &hex!("1e72a8495ceadaf0d31b28ba7cb7c37ccb117761d38fe7dd98eb230ff4ea0b400401e9b5311a7be9b2a533523ad469e2fdb233"), + tag: &hex!("bb174b7624c935ff75b3b77ff7068a98"), + }, + GcmTV { + key: &hex!("6d5c69d7135c0b5b7fef512c127fa788092f1a908358ab658b8f23e463409aa5"), + nonce: &hex!("b36cccad38cd6148a384a026"), + plaintext: &hex!("b4e74f5c56f2ea056d9ff931525944dfad207e063ba226c354e0320a50449967e964580d9b57028c14005aba6865f8bc6a3ef8"), + aad: &hex!("b19f4616bb1452251a2a7dbf78f920194f139e0424d27683621d1ee1e865737c2466e058439c8e122e582a7b63607ce9"), + ciphertext: &hex!("1ce12cd5502efa9ea259584ae9b3c7dbd9444380d4b77a2c787f9b2257019b23ee183dffebb3106a26b18d8a23445626a578e2"), + tag: &hex!("62945e31bae3181855b69c37898ac5bf"), + }, + GcmTV { + key: &hex!("e6afe3c4db2c1d13edb1c5931b2b4b515ec0fd6201139ee1ea55cec92263830e"), + nonce: &hex!("358bd9ea64177d1e23a41726"), + plaintext: &hex!("710bb3394b094ee7d053bc6599b26dafd337e8a61c580d0446c3bf195e77ca5132c8ec3a47a61579dce38360bba7c65e4d5634"), + aad: &hex!("7e0f841cddd7eeebd1ec7b7b8d0e2f71656e5e9ff3cfa739c0b9d0ec4941a0b3f3b396690dbe5f5082d6fb6dd701c68d"), + ciphertext: &hex!("4574a8db515b41c14c2a962dff34e2161a7195c491b11b79889aff93c5b79a6455df9fe8ef5c5b9edb5da1aa9fe66058b9065f"), + tag: &hex!("7c928d7f5cbac9bb4b5928fe727899eb"), + }, + GcmTV { + key: &hex!("5cb962278d79417b7795499e8b92befe4228f3ba5f31992201aa356a6d139a67"), + nonce: &hex!("76f7e7608f09a05f336994cf"), + plaintext: &hex!("2e12cbd468086aa70e2ecd1ddef561e85c225dd083e5956f5c67503344b0ea982bb5044dafbcc02a5b9be1e9b988902d80172b"), + aad: &hex!("032de3fdec273fc8446c2bf767e201f2c7c190acf9d6d321a24a0462cbc3356e798fe23d6c1b4fe83be9c95d71c05504"), + ciphertext: &hex!("c959344a46aa5216d2b37c832436eb72a4a363a6df5642cfbbfd640dea1d64c80bd97eabc1aab192969ee0b799e592a13d2351"), + tag: &hex!("51b227eaf7228a4419f2f3b79b53463a"), + }, + GcmTV { + key: &hex!("148579a3cbca86d5520d66c0ec71ca5f7e41ba78e56dc6eebd566fed547fe691"), + nonce: &hex!("b08a5ea1927499c6ecbfd4e0"), + plaintext: &hex!("9d0b15fdf1bd595f91f8b3abc0f7dec927dfd4799935a1795d9ce00c9b879434420fe42c275a7cd7b39d638fb81ca52b49dc41"), + aad: &hex!("e4f963f015ffbb99ee3349bbaf7e8e8e6c2a71c230a48f9d59860a29091d2747e01a5ca572347e247d25f56ba7ae8e05cde2be3c97931292c02370208ecd097ef692687fecf2f419d3200162a6480a57dad408a0dfeb492e2c5d"), + ciphertext: &hex!("2097e372950a5e9383c675e89eea1c314f999159f5611344b298cda45e62843716f215f82ee663919c64002a5c198d7878fd3f"), + tag: &hex!("adbecdb0d5c2224d804d2886ff9a5760"), + }, + GcmTV { + key: &hex!("e49af19182faef0ebeeba9f2d3be044e77b1212358366e4ef59e008aebcd9788"), + nonce: &hex!("e7f37d79a6a487a5a703edbb"), + plaintext: &hex!("461cd0caf7427a3d44408d825ed719237272ecd503b9094d1f62c97d63ed83a0b50bdc804ffdd7991da7a5b6dcf48d4bcd2cbc"), + aad: &hex!("19a9a1cfc647346781bef51ed9070d05f99a0e0192a223c5cd2522dbdf97d9739dd39fb178ade3339e68774b058aa03e9a20a9a205bc05f32381df4d63396ef691fefd5a71b49a2ad82d5ea428778ca47ee1398792762413cff4"), + ciphertext: &hex!("32ca3588e3e56eb4c8301b009d8b84b8a900b2b88ca3c21944205e9dd7311757b51394ae90d8bb3807b471677614f4198af909"), + tag: &hex!("3e403d035c71d88f1be1a256c89ba6ad"), + }, + GcmTV { + key: &hex!("c277df045d0a1a3956958f271055c229d2634427b1d73e99d54920da69f72e01"), + nonce: &hex!("79e24f84bc77a21a6cb14ee2"), + plaintext: &hex!("5ca68d858cc30b1cb0514c4e9de98e1a1a835df401f69e9ec6f1bcb1158f09114dff551683b3827457f77e17a7097b1ea69eac"), + aad: &hex!("ca09282238d492029afbd30ea9b4aa9d448d77b4b41a791c35ebe3f8e5034ac71210117a843fae647cea020712c27e5c8f85acf933d5e28430c7770862d8dbb197cbbcfe49dd63f6aa05fbd13e32c459342698dfee5935c7c321"), + ciphertext: &hex!("5c5223c8eda59a8dc28b08e6c21482a46e5d84d32c7050bf144fc57f4e8094de133198da7b4b8398b167204aff837da15d9ab2"), + tag: &hex!("378885950a4491bee3cd681d3c957b9a"), + }, + GcmTV { + key: &hex!("4d07f78d19e6d8bb32bf209f138307890f0f1ae39362779ff2bf1f9b734fe653"), + nonce: &hex!("d983a5d5af78a3b1cd5fbd58"), + plaintext: &hex!("94f0bbc4340d97d854e25cc7ce85ea1e781e68bf6f639e0a981bb03e3c209cbf5127171cb0fff65bc3ecac92774d10146d1ac5"), + aad: &hex!("a3dc9ff9210bc4b3276909883db2c2aa0762cd22b46901a248c0372d073e7778b9c1d8469b26bb42406e484ef7747f71dea785fc0020a2eac17e0ac3fbe0453629efd68d5678fbecc10af8ffbe7828f826defb638763f4ecfe82"), + ciphertext: &hex!("6543b4d97fccd273b36436fef719ac31bf0e5c4c058ea71aea2a0e5b60e329be6ea81ce386e6e9fe4480e58363c3b2036865ac"), + tag: &hex!("924cf7c0770f228a4b92e9b2a11fc70b"), + }, + GcmTV { + key: &hex!("9572b9c57abdf1caae3bebc0e4bbf9e556b5cbacca2c4756050fefd10a666155"), + nonce: &hex!("de292a9858caaccdcab6a433"), + plaintext: &hex!("6f420a32708ccd4df0d3149e8c1d88dceba66ee4546f38db07046ebf30f47627f7fdda1dd79783adabe5f6b6853857b99b864c"), + aad: &hex!("a042d97a9b8f6caf51c5f24522d7ed83e2c5d8ec6b37ef2598134a30e57319300c3fdf92fb1d9797f5ef00971f662aae768f69f9ca0455bd6d1059d5f85b8ecb977006b833f90ac2d5bbf4498c83f4d1a42584c0dfc4a2e2453c"), + ciphertext: &hex!("a9af961d61ab578cc1348eb6f729603f481c5d9bf9bee3a13eda022bd09c03a4f207c21c45c0232a9742ae8f0c54b4278a3a63"), + tag: &hex!("eff9bb26156ec76f0060cd93a959e055"), + }, + GcmTV { + key: &hex!("3cc8671c4d25c3cbc887f4dcbd64e531e91cf6252f6ee9c29d9988d20ab6747f"), + nonce: &hex!("f960a09c0b5067280926a9c3"), + plaintext: &hex!("5b58717b0b32076566b58bf37c6133e61468b2be67715fb0007fe390c4b5578decf55502a4e3c12e7bdf0ba98784d126e4753a"), + aad: &hex!("79d73a7ff86698e6114a0f465373fbee029e042424c439b22e3ad37b36b9e02bab82e16844114e99e39c169f462fe61b87c4627c394384acc9531680706e4e56491a304c6075cca37c64db24468c1fb9519605c83f0ee3e0316a"), + ciphertext: &hex!("1d0be097470c1ac30619f63c3961152ab27db88ce694b7bba4db185cb31803cc7bab890e931c90766621bfe5d887eb0cd6995d"), + tag: &hex!("dbd57ea091ff16fc7dbc5435030cc74e"), + }, + GcmTV { + key: &hex!("882068be4552d7ad224fc8fa2af00d6abf76ccf1a7689d75f6f0e9bd82c1215e"), + nonce: &hex!("890a5315992f12674d1c8018"), + plaintext: &hex!("8464c03e0280cb1f63c054a24a050e980f60cc7313f09f2092c45d77bbe9ad2a8c1f6cdca2acd8c57c87e887edadb66bcb66c4"), + aad: &hex!("916721df816b1cad531dee8e4a8e634d43ed87db99609bcc986d16bfac2cff577d536d749a5c3625de53c5351825c228911f0a64be1fc9738a26394efe5332c0762bf59b65d3f1c5aafa9ca2e63eccd59568e6c0269950911a71"), + ciphertext: &hex!("020e297d907177dba12dde4bfe1b0ff9b6a9d9db0695193e4181449e157137b59b488616ba151b06d889f8498ce373d2396ab9"), + tag: &hex!("e48537ecb27460b477a6e7c3463dbcb0"), + }, + GcmTV { + key: &hex!("4deadcf0f7e19231f8afcb6fb902b105bef23f2fa9323a51833ff8368ccb4f91"), + nonce: &hex!("6d4d01abd587ed110e512ed2"), + plaintext: &hex!("75686e0fdd3fd96f3e6dfafd7a2a907f9f375d93943cb2229bd72b032bf624af4fc72071289386e3dccc45959e47ab42b261a2"), + aad: &hex!("31a2797318104b2dc9977e599435b041c56bafe5e7d901a58614c2d3fb9d220e3fd3e2828cef69e0604ed73340cb1e21967294dcd874893942442200b2a5b860ee8cf91e1d8eb3d364d0e43e84f6379f434a1ae17c236b216842"), + ciphertext: &hex!("8feaf9a089599812117a67aed2f4bf3431ff1f6cfd64ea5ff475287abb4ff1ab6b3e4f8a55d1c6b3f08594f403e771ec7e9956"), + tag: &hex!("5040407621712e053591179e1689698e"), + }, + GcmTV { + key: &hex!("80f1c515f10d79cdbee275213aa9ac0845e2cf42874f7e695081cb103abf1a27"), + nonce: &hex!("399d5f9b218b62ff60c267bd"), + plaintext: &hex!("9e95221873f65282dd1ec75494d2500e62a2b6edda5a6f33b3d4dd7516ef25cf4154472e61c6aed2749c5a7d86637052b00f54"), + aad: &hex!("d2a8fff8ae24a6a5efc75764549a765222df317e323a798cbb8a23d1af8fdf8a3b767f55703b1c0feba3912d4234441978191262f1999c69caa4e9a3e0454c143af0022cd6e44cec14149f9e9964a1f2c5e5a6e3e768bd870060"), + ciphertext: &hex!("4f996562e23ebbfd4fe26523aee9525b13d6e134e72d21bdc7f195c6403501fd8300b6e597b668f199f93591ba742a91b54454"), + tag: &hex!("2da1c7325f58575d275abf96c7fa9e51"), + }, + GcmTV { + key: &hex!("c2c6e9be5a480a4a56bfcd0e268faa2276093bd1f7e8ce61e746d003decc761e"), + nonce: &hex!("c1541eb25721d4856df8f928"), + plaintext: &hex!("87d22e0318fbbb420b86b0585bd12c14645ff2c742e5639b3a114cc96c5f738edfbe2055116f259e3d6c14cb6d8fca45708289"), + aad: &hex!("f34e79e5fe437eda03ccfef2f1d6319df51a71c9891863e4b98a7298bd64490460354db5a28b0fadcb815024ea17f3b84810e27954afb1fdf44f0defb930b1793684a781310b9af95b4bcf0a727a2cb0ac529b805811b3721d98"), + ciphertext: &hex!("b5d6e57c7aa0240e0b6e332d3b3323b525a3d8a553ad041ba599e909188da537c3293d1687fb967882d16a5615b84e95f9dd77"), + tag: &hex!("1cce334cec4b51216cac0fc620cdadf9"), + }, + GcmTV { + key: &hex!("ea0d6184a71456e27f9ac82dfc7f6694c898f7c0d19d1cb0db4e575dd0094bb6"), + nonce: &hex!("5018fb816d515511bfb939d5"), + plaintext: &hex!("083147d0c80f134f7393855c8a95bf6e6abd6f9a7b1fca584e8bfc6b5dc13a8edbfd473e232c041d9be9ee7709dc86b3aa320a"), + aad: &hex!("8bc6bd0a263212bd7281fd1a45e512fca104f859358eae9293a297c529a0abaffd8a77507b9069040f2b3141a7620691e110a8b593b956d8e3e71694506b89018a03861c1ba6082687adce15a874c73477430cef075eba077a93"), + ciphertext: &hex!("f0a5c4941782e2f2941dd05acee29b65341773f2e8d51935a3f4fa6f268ff030c880976cf1ee858f6571abd8411b695a2fadf0"), + tag: &hex!("067d8cc2d38c30697272daa00c7f70cf"), + }, + GcmTV { + key: &hex!("c624feb6cb0d78d634b627134c692f0bf5debf84d8639e22ff27ce2ace49d438"), + nonce: &hex!("a54f4f1204255f6b312222cd"), + plaintext: &hex!("ec34f45c1b70fd56518cc5c404cc13330ab7d51c10f4d2cfeb26b097ae76897191ec1b3953b0086e425c7da221d29f65d5ccf3"), + aad: &hex!("d9099ba6be50dca77e0b9803766ad993132479fbab43b8f4126a7f9ef673ac0caf2de235e1e84ad9fe505c43d1ac779f5072c025c14ea0d930ce39db8c5930baada23b3e4654470e559fcb6eb1c133a77318b87cc7913e12d404"), + ciphertext: &hex!("713d28a5123d65e82cca6e7fd919e1e5e3bdaab12ae715cf8b7c974eb5f62be8c3b42637074c6b891f6c6033eb4b7e61db9f0b"), + tag: &hex!("01ededff6e4d1dce4ac790218e208ebe"), + }, + GcmTV { + key: &hex!("1afc68b32596198ae0f3a8612751c2413322e8054ff2ac6bede3d4a1ee20ee62"), + nonce: &hex!("356860e76e794492de6a68f3"), + plaintext: &hex!("293041038f9e8edee23d2f18bce87b522380f1fa18b3021830a54ab891da8548095228ed9860176152e27945d66254f0db8590"), + aad: &hex!("205e44009e0ef963838aff615b35c9f1271d487cf719677d956718bce8ab676cceb636ad381432c5c790c26b07051b661a2fec4e607f9644f84993c8335db21ae36b6008bab2883ad7541809bf5f49272295c1c1f1cf8c678553"), + ciphertext: &hex!("e06109680d5fefd345665ec9a5b2e7bf3ece3af1b62841a95c453e7753b5a1d6d8a10b3c6c42df1f23832b74e74871821f1c0b"), + tag: &hex!("953d8d04f70e2af055ac902a455235b2"), + }, + GcmTV { + key: &hex!("f61b723359e798fefecc26b10b168dc331c639079598f1f651166cc58c671ee1"), + nonce: &hex!("b07e9407b592d4fd95509343"), + plaintext: &hex!("2724f1ad6b5b409a59c7f2ff649eb24b4a33a03d7a0426e29a6ea3aa91b4f00699fbed75bb7189964303e2e9fe3a7e5f74b7a1"), + aad: &hex!("1429c6f27828cb94ad5e62451da10fd574660cec2b8f279a19bbb8a167a630d3ac60db04e8faa02204792e49aed4501844a419d3ecdff0d03799866fee81a91187b08a44d5bb617ff3b2cef79cd48750ea20903e1d3627a17730"), + ciphertext: &hex!("362bad8de943dce8f53edf682d02e1d893c23c5272b13fd35b492f8477083a8c34027db32b6131931f03555ac5fbc6dbb13801"), + tag: &hex!("a51775606343755691f125019b44fdfc"), + }, + GcmTV { + key: &hex!("6be7f4d18ff0fbdd9b3b3cacaba4629a0c617387079add62f6ce1584b33faad1"), + nonce: &hex!("fda568c9cb13d9c176bcef03"), + plaintext: &hex!("4df668e99d5068604a48bcca5baa8245435928558a83d68d7b0b081861224e9bd39ea8f2d55a635949e66c6f6a7ff5cc34dd94"), + aad: &hex!("11ebeb97dd4a9925c1fbe2b9af77392058d2d971e42db15da39f090d7bc132573c34bf7d92a2d72dc66ee6840c3ff07985b8976ee8d8f36bf47ae330b899fdc60652dd5a23c45f3680f11951f019e0697c8acfcaa95f01b9c7dd"), + ciphertext: &hex!("488b40ad594e1845ccdd9e9467fc5e1afbbfde34e57d45bfcd30b61cc326d57fe8e3f31a39cdebf00f60bbd2c3cdf69f756eff"), + tag: &hex!("3bf3fbab9b48486fd08a5552604df639"), + }, + ]; +} diff --git a/crypto/src/bn.rs b/crypto/src/bn.rs new file mode 100644 index 000000000..f49cf6a79 --- /dev/null +++ b/crypto/src/bn.rs @@ -0,0 +1,1153 @@ +//! BigNum implementation +//! +//! Large numbers are important for a cryptographic library. OpenSSL implementation +//! of BigNum uses dynamically assigned memory to store an array of bit chunks. This +//! allows numbers of any size to be compared and mathematical functions performed. +//! +//! OpenSSL wiki describes the [`BIGNUM`] data structure. +//! +//! [`BIGNUM`]: https://wiki.openssl.org/index.php/Manual:Bn_internal(3) +use cfg_if::cfg_if; +use foreign_types::{ForeignType, ForeignTypeRef, foreign_type}; +use libc::c_int; +use std::cmp::Ordering; +use std::ffi::CString; +use std::ops::{Add, Deref, Div, Mul, Neg, Rem, Shl, Shr, Sub}; +use std::ptr; + +use crate::error::{ErrorStack, cvt, cvt_n, cvt_p}; + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + use ffi::{ + BN_get_rfc2409_prime_1024, BN_get_rfc2409_prime_768, BN_get_rfc3526_prime_1536, + BN_get_rfc3526_prime_2048, BN_get_rfc3526_prime_3072, BN_get_rfc3526_prime_4096, + BN_get_rfc3526_prime_6144, BN_get_rfc3526_prime_8192, BN_is_negative, + }; + } else if #[cfg(boringssl)] { + use ffi::BN_is_negative; + } else { + use ffi::{ + get_rfc2409_prime_1024 as BN_get_rfc2409_prime_1024, + get_rfc2409_prime_768 as BN_get_rfc2409_prime_768, + get_rfc3526_prime_1536 as BN_get_rfc3526_prime_1536, + get_rfc3526_prime_2048 as BN_get_rfc3526_prime_2048, + get_rfc3526_prime_3072 as BN_get_rfc3526_prime_3072, + get_rfc3526_prime_4096 as BN_get_rfc3526_prime_4096, + get_rfc3526_prime_6144 as BN_get_rfc3526_prime_6144, + get_rfc3526_prime_8192 as BN_get_rfc3526_prime_8192, + }; + + #[allow(bad_style)] + unsafe fn BN_is_negative(bn: *const ffi::BIGNUM) -> c_int { + (*bn).neg + } + } +} + +/// Options for the most significant bits of a randomly generated `BigNum`. +pub struct MsbOption(c_int); + +impl MsbOption { + /// The most significant bit of the number may be 0. + pub const MAYBE_ZERO: MsbOption = MsbOption(-1); + + /// The most significant bit of the number must be 1. + pub const ONE: MsbOption = MsbOption(0); + + /// The most significant two bits of the number must be 1. + /// + /// The number of bits in the product of two such numbers will always be exactly twice the + /// number of bits in the original numbers. + pub const TWO_ONES: MsbOption = MsbOption(1); +} + +foreign_type! { + pub unsafe type BigNumContext { + type CType = ffi::BN_CTX; + fn drop = ffi::BN_CTX_free; + } +} + +impl BigNumContext { + /// Returns a new `BigNumContext`. + pub fn new() -> Result { + unsafe { + cvt_p(ffi::BN_CTX_new()).map(|x| BigNumContext::from_ptr(x)) + } + } +} + +foreign_type! { + /// Dynamically sized large number implementation + /// + /// Perform large number mathematics. Create a new BigNum + /// with [`new`]. Perform standard mathematics on large numbers using + /// methods from [`Dref`] + /// + /// OpenSSL documentation at [`BN_new`]. + /// + /// [`new`]: struct.BigNum.html#method.new + /// [`Dref`]: struct.BigNum.html#deref-methods + /// [`BN_new`]: https://www.openssl.org/docs/man1.1.0/crypto/BN_new.html + pub unsafe type BigNum { + type CType = ffi::BIGNUM; + fn drop = ffi::BN_free; + } +} + +impl BigNumRef { + /// Erases the memory used by this `BigNum`, resetting its value to 0. + /// + /// This can be used to destroy sensitive data such as keys when they are no longer needed. + pub fn clear(&mut self) { + unsafe { ffi::BN_clear(self.as_ptr()) } + } + + /// Adds a `u32` to `self`. + pub fn add_word(&mut self, w: u32) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_add_word(self.as_ptr(), w as ffi::BN_ULONG)).map(|_| ()) } + } + + /// Subtracts a `u32` from `self`. + pub fn sub_word(&mut self, w: u32) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_sub_word(self.as_ptr(), w as ffi::BN_ULONG)).map(|_| ()) } + } + + /// Multiplies a `u32` by `self`. + pub fn mul_word(&mut self, w: u32) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_mul_word(self.as_ptr(), w as ffi::BN_ULONG)).map(|_| ()) } + } + + /// Divides `self` by a `u32`, returning the remainder. + #[allow(clippy::useless_conversion)] + pub fn div_word(&mut self, w: u32) -> Result { + unsafe { + let r = ffi::BN_div_word(self.as_ptr(), w.into()); + if r == ffi::BN_ULONG::max_value() { + Err(ErrorStack::get()) + } else { + Ok(r.into()) + } + } + } + + /// Returns the result of `self` modulo `w`. + #[allow(clippy::useless_conversion)] + pub fn mod_word(&self, w: u32) -> Result { + unsafe { + let r = ffi::BN_mod_word(self.as_ptr(), w.into()); + if r == ffi::BN_ULONG::max_value() { + Err(ErrorStack::get()) + } else { + Ok(r.into()) + } + } + } + + /// Places a cryptographically-secure pseudo-random nonnegative + /// number less than `self` in `rnd`. + pub fn rand_range(&self, rnd: &mut BigNumRef) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_rand_range(rnd.as_ptr(), self.as_ptr())).map(|_| ()) } + } + + /// The cryptographically weak counterpart to `rand_in_range`. + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn pseudo_rand_range(&self, rnd: &mut BigNumRef) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_pseudo_rand_range(rnd.as_ptr(), self.as_ptr())).map(|_| ()) } + } + + /// Sets bit `n`. Equivalent to `self |= (1 << n)`. + /// + /// When setting a bit outside of `self`, it is expanded. + #[allow(clippy::useless_conversion)] + pub fn set_bit(&mut self, n: i32) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_set_bit(self.as_ptr(), n.into())).map(|_| ()) } + } + + /// Clears bit `n`, setting it to 0. Equivalent to `self &= ~(1 << n)`. + /// + /// When clearing a bit outside of `self`, an error is returned. + #[allow(clippy::useless_conversion)] + pub fn clear_bit(&mut self, n: i32) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_clear_bit(self.as_ptr(), n.into())).map(|_| ()) } + } + + /// Returns `true` if the `n`th bit of `self` is set to 1, `false` otherwise. + #[allow(clippy::useless_conversion)] + pub fn is_bit_set(&self, n: i32) -> bool { + unsafe { ffi::BN_is_bit_set(self.as_ptr(), n.into()) == 1 } + } + + /// Truncates `self` to the lowest `n` bits. + /// + /// An error occurs if `self` is already shorter than `n` bits. + #[allow(clippy::useless_conversion)] + pub fn mask_bits(&mut self, n: i32) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_mask_bits(self.as_ptr(), n.into())).map(|_| ()) } + } + + /// Places `a << 1` in `self`. Equivalent to `self * 2`. + pub fn lshift1(&mut self, a: &BigNumRef) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_lshift1(self.as_ptr(), a.as_ptr())).map(|_| ()) } + } + + /// Places `a >> 1` in `self`. Equivalent to `self / 2`. + pub fn rshift1(&mut self, a: &BigNumRef) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_rshift1(self.as_ptr(), a.as_ptr())).map(|_| ()) } + } + + /// Places `a + b` in `self`. [`core::ops::Add`] is also implemented for `BigNumRef`. + /// + /// [`core::ops::Add`]: struct.BigNumRef.html#method.add + pub fn checked_add(&mut self, a: &BigNumRef, b: &BigNumRef) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_add(self.as_ptr(), a.as_ptr(), b.as_ptr())).map(|_| ()) } + } + + /// Places `a - b` in `self`. [`core::ops::Sub`] is also implemented for `BigNumRef`. + /// + /// [`core::ops::Sub`]: struct.BigNumRef.html#method.sub + pub fn checked_sub(&mut self, a: &BigNumRef, b: &BigNumRef) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_sub(self.as_ptr(), a.as_ptr(), b.as_ptr())).map(|_| ()) } + } + + /// Places `a << n` in `self`. Equivalent to `a * 2 ^ n`. + #[allow(clippy::useless_conversion)] + pub fn lshift(&mut self, a: &BigNumRef, n: i32) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_lshift(self.as_ptr(), a.as_ptr(), n.into())).map(|_| ()) } + } + + /// Places `a >> n` in `self`. Equivalent to `a / 2 ^ n`. + #[allow(clippy::useless_conversion)] + pub fn rshift(&mut self, a: &BigNumRef, n: i32) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_rshift(self.as_ptr(), a.as_ptr(), n.into())).map(|_| ()) } + } + + /// Creates a new BigNum with the same value. + pub fn to_owned(&self) -> Result { + unsafe { cvt_p(ffi::BN_dup(self.as_ptr())).map(|b| BigNum::from_ptr(b)) } + } + + /// Sets the sign of `self`. Pass true to set `self` to a negative. False sets + /// `self` positive. + pub fn set_negative(&mut self, negative: bool) { + unsafe { ffi::BN_set_negative(self.as_ptr(), negative as c_int) } + } + + /// Compare the absolute values of `self` and `oth`. + pub fn ucmp(&self, oth: &BigNumRef) -> Ordering { + unsafe { ffi::BN_ucmp(self.as_ptr(), oth.as_ptr()).cmp(&0) } + } + + /// Returns `true` if `self` is negative. + pub fn is_negative(&self) -> bool { + unsafe { BN_is_negative(self.as_ptr()) == 1 } + } + + /// Returns the number of significant bits in `self`. + #[allow(clippy::unnecessary_cast)] + pub fn num_bits(&self) -> i32 { + unsafe { ffi::BN_num_bits(self.as_ptr()) as i32 } + } + + /// Returns the size of `self` in bytes. Implemented natively. + pub fn num_bytes(&self) -> i32 { + (self.num_bits() + 7) / 8 + } + + /// Generates a cryptographically strong pseudo-random `BigNum`, placing it in `self`. + /// + /// # Parameters + /// + /// * `bits`: Length of the number in bits. + /// * `msb`: The desired properties of the most significant bit. See [`constants`]. + /// * `odd`: If `true`, the generated number will be odd. + /// + /// [`constants`]: index.html#constants + #[allow(clippy::useless_conversion)] + pub fn rand(&mut self, bits: i32, msb: MsbOption, odd: bool) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_rand( + self.as_ptr(), + bits.into(), + msb.0, + odd as c_int, + )) + .map(|_| ()) + } + } + + /// The cryptographically weak counterpart to `rand`. Not suitable for key generation. + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + #[allow(clippy::useless_conversion)] + pub fn pseudo_rand(&mut self, bits: i32, msb: MsbOption, odd: bool) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_pseudo_rand( + self.as_ptr(), + bits.into(), + msb.0, + odd as c_int, + )) + .map(|_| ()) + } + } + + /// Generates a prime number, placing it in `self`. + /// + /// # Parameters + /// + /// * `bits`: The length of the prime in bits (lower bound). + /// * `safe`: If true, returns a "safe" prime `p` so that `(p-1)/2` is also prime. + /// * `add`/`rem`: If `add` is set to `Some(add)`, `p % add == rem` will hold, where `p` is the + /// generated prime and `rem` is `1` if not specified (`None`). + pub fn generate_prime( + &mut self, + bits: i32, + safe: bool, + add: Option<&BigNumRef>, + rem: Option<&BigNumRef>, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_generate_prime_ex( + self.as_ptr(), + bits as c_int, + safe as c_int, + add.map(|n| n.as_ptr()).unwrap_or(ptr::null_mut()), + rem.map(|n| n.as_ptr()).unwrap_or(ptr::null_mut()), + ptr::null_mut(), + )) + .map(|_| ()) + } + } + + /// Places the result of `a * b` in `self`. + /// [`core::ops::Mul`] is also implemented for `BigNumRef`. + /// + /// [`core::ops::Mul`]: struct.BigNumRef.html#method.mul + pub fn checked_mul( + &mut self, + a: &BigNumRef, + b: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_mul( + self.as_ptr(), + a.as_ptr(), + b.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `a / b` in `self`. The remainder is discarded. + /// [`core::ops::Div`] is also implemented for `BigNumRef`. + /// + /// [`core::ops::Div`]: struct.BigNumRef.html#method.div + pub fn checked_div( + &mut self, + a: &BigNumRef, + b: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_div( + self.as_ptr(), + ptr::null_mut(), + a.as_ptr(), + b.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `a % b` in `self`. + pub fn checked_rem( + &mut self, + a: &BigNumRef, + b: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_div( + ptr::null_mut(), + self.as_ptr(), + a.as_ptr(), + b.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `a / b` in `self` and `a % b` in `rem`. + pub fn div_rem( + &mut self, + rem: &mut BigNumRef, + a: &BigNumRef, + b: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_div( + self.as_ptr(), + rem.as_ptr(), + a.as_ptr(), + b.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `a²` in `self`. + pub fn sqr(&mut self, a: &BigNumRef, ctx: &mut BigNumContextRef) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::BN_sqr(self.as_ptr(), a.as_ptr(), ctx.as_ptr())).map(|_| ()) } + } + + /// Places the result of `a mod m` in `self`. As opposed to `div_rem` + /// the result is non-negative. + pub fn nnmod( + &mut self, + a: &BigNumRef, + m: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_nnmod( + self.as_ptr(), + a.as_ptr(), + m.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `(a + b) mod m` in `self`. + pub fn mod_add( + &mut self, + a: &BigNumRef, + b: &BigNumRef, + m: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_mod_add( + self.as_ptr(), + a.as_ptr(), + b.as_ptr(), + m.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `(a - b) mod m` in `self`. + pub fn mod_sub( + &mut self, + a: &BigNumRef, + b: &BigNumRef, + m: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_mod_sub( + self.as_ptr(), + a.as_ptr(), + b.as_ptr(), + m.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `(a * b) mod m` in `self`. + pub fn mod_mul( + &mut self, + a: &BigNumRef, + b: &BigNumRef, + m: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_mod_mul( + self.as_ptr(), + a.as_ptr(), + b.as_ptr(), + m.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `a² mod m` in `self`. + pub fn mod_sqr( + &mut self, + a: &BigNumRef, + m: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_mod_sqr( + self.as_ptr(), + a.as_ptr(), + m.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `a^p` in `self`. + pub fn exp( + &mut self, + a: &BigNumRef, + p: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_exp( + self.as_ptr(), + a.as_ptr(), + p.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the result of `a^p mod m` in `self`. + pub fn mod_exp( + &mut self, + a: &BigNumRef, + p: &BigNumRef, + m: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_mod_exp( + self.as_ptr(), + a.as_ptr(), + p.as_ptr(), + m.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the inverse of `a` modulo `n` in `self`. + pub fn mod_inverse( + &mut self, + a: &BigNumRef, + n: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt_p(ffi::BN_mod_inverse( + self.as_ptr(), + a.as_ptr(), + n.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Places the greatest common denominator of `a` and `b` in `self`. + pub fn gcd( + &mut self, + a: &BigNumRef, + b: &BigNumRef, + ctx: &mut BigNumContextRef, + ) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::BN_gcd( + self.as_ptr(), + a.as_ptr(), + b.as_ptr(), + ctx.as_ptr(), + )) + .map(|_| ()) + } + } + + /// Checks whether `self` is prime. + /// + /// Performs a Miller-Rabin probabilistic primality test with `checks` iterations. + /// + /// # Return Value + /// + /// Returns `true` if `self` is prime with an error probability of less than `0.25 ^ checks`. + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + #[allow(clippy::useless_conversion)] + pub fn is_prime(&self, checks: i32, ctx: &mut BigNumContextRef) -> Result { + unsafe { + cvt_n(ffi::BN_is_prime_ex( + self.as_ptr(), + checks.into(), + ctx.as_ptr(), + ptr::null_mut(), + )) + .map(|r| r != 0) + } + } + + /// Checks whether `self` is prime with optional trial division. + /// + /// If `do_trial_division` is `true`, first performs trial division by a number of small primes. + /// Then, like `is_prime`, performs a Miller-Rabin probabilistic primality test with `checks` + /// iterations. + /// + /// # Return Value + /// + /// Returns `true` if `self` is prime with an error probability of less than `0.25 ^ checks`. + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + #[allow(clippy::useless_conversion)] + pub fn is_prime_fasttest( + &self, + checks: i32, + ctx: &mut BigNumContextRef, + do_trial_division: bool, + ) -> Result { + unsafe { + cvt_n(ffi::BN_is_prime_fasttest_ex( + self.as_ptr(), + checks.into(), + ctx.as_ptr(), + do_trial_division as c_int, + ptr::null_mut(), + )) + .map(|r| r != 0) + } + } + + /// Returns a big-endian byte vector representation of the absolute value of `self`. + /// + /// `self` can be recreated by using `from_slice`. + pub fn to_vec(&self) -> Vec { + let size = self.num_bytes() as usize; + let mut v = Vec::with_capacity(size); + unsafe { + ffi::BN_bn2bin(self.as_ptr(), v.as_mut_ptr()); + v.set_len(size); + } + v + } + + /// Returns a big-endian byte vector representation of the absolute value of `self`. + /// + /// `self` can be recreated by using `from_slice`. + pub fn to_bytes(&self, buf: &mut [u8]) -> Result { + debug_assert!(buf.len() >= self.num_bytes() as usize, "The buffer must be at least as large as the BigNum, see BigNum::num_bytes()"); + unsafe { + cvt_n(ffi::BN_bn2bin(self.as_ptr(), buf.as_mut_ptr())).map(|x| x as usize) + } + } + + /// Returns a big-endian byte vector representation of the absolute value of `self` padded + /// to `pad_to` bytes. + /// + /// If `pad_to` is less than `self.num_bytes()` then an error is returned. + /// + /// `self` can be recreated by using `from_slice`. + /// + #[cfg(ossl110)] + pub fn to_vec_padded(&self, pad_to: i32) -> Result, ErrorStack> { + let mut v = Vec::with_capacity(pad_to as usize); + unsafe { + cvt(ffi::BN_bn2binpad(self.as_ptr(), v.as_mut_ptr(), pad_to))?; + v.set_len(pad_to as usize); + } + Ok(v) + } + + /// Force constant time computation on this value. + #[cfg(ossl110)] + pub fn set_const_time(&mut self) { + unsafe { ffi::BN_set_flags(self.as_ptr(), ffi::BN_FLG_CONSTTIME) } + } + + /// Returns true if `self` is in const time mode. + #[cfg(ossl110)] + pub fn is_const_time(&self) -> bool { + unsafe { + let ret = ffi::BN_get_flags(self.as_ptr(), ffi::BN_FLG_CONSTTIME); + ret == ffi::BN_FLG_CONSTTIME + } + } + + /// Returns true if `self` was created with [`BigNum::new_secure`]. + #[cfg(ossl110)] + pub fn is_secure(&self) -> bool { + unsafe { + let ret = ffi::BN_get_flags(self.as_ptr(), ffi::BN_FLG_SECURE); + ret == ffi::BN_FLG_SECURE + } + } +} + +impl BigNum { + /// Creates a new `BigNum` with the value 0. + pub fn new() -> Result { + unsafe { + let v = cvt_p(ffi::BN_new())?; + Ok(BigNum::from_ptr(v)) + } + } + + /// Returns a new secure `BigNum`. + #[cfg(ossl110)] + pub fn new_secure() -> Result { + unsafe { + let v = cvt_p(ffi::BN_secure_new())?; + Ok(BigNum::from_ptr(v)) + } + } + + /// Creates a new `BigNum` with the given value. + pub fn from_u32(n: u32) -> Result { + BigNum::new().and_then(|v| unsafe { + cvt(ffi::BN_set_word(v.as_ptr(), n as ffi::BN_ULONG)).map(|_| v) + }) + } + + /// Creates a `BigNum` from a decimal string. + pub fn from_dec_str(s: &str) -> Result { + unsafe { + let c_str = CString::new(s.as_bytes()).unwrap(); + let mut bn = ptr::null_mut(); + cvt(ffi::BN_dec2bn(&mut bn, c_str.as_ptr() as *const _))?; + Ok(BigNum::from_ptr(bn)) + } + } + + /// Creates a `BigNum` from a hexadecimal string. + pub fn from_hex_str(s: &str) -> Result { + unsafe { + let c_str = CString::new(s.as_bytes()).unwrap(); + let mut bn = ptr::null_mut(); + cvt(ffi::BN_hex2bn(&mut bn, c_str.as_ptr() as *const _))?; + Ok(BigNum::from_ptr(bn)) + } + } + + /// Returns a constant used in IKE as defined in [`RFC 2409`]. This prime number is in + /// the order of magnitude of `2 ^ 768`. This number is used during calculated key + /// exchanges such as Diffie-Hellman. This number is labeled Oakley group id 1. + /// + /// [`RFC 2409`]: https://tools.ietf.org/html/rfc2409#page-21 + #[cfg(not(boringssl))] + pub fn get_rfc2409_prime_768() -> Result { + unsafe { + cvt_p(BN_get_rfc2409_prime_768(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) + } + } + + /// Returns a constant used in IKE as defined in [`RFC 2409`]. This prime number is in + /// the order of magnitude of `2 ^ 1024`. This number is used during calculated key + /// exchanges such as Diffie-Hellman. This number is labeled Oakly group 2. + /// + /// [`RFC 2409`]: https://tools.ietf.org/html/rfc2409#page-21 + #[cfg(not(boringssl))] + pub fn get_rfc2409_prime_1024() -> Result { + unsafe { + cvt_p(BN_get_rfc2409_prime_1024(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) + } + } + + /// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order + /// of magnitude of `2 ^ 1536`. This number is used during calculated key + /// exchanges such as Diffie-Hellman. This number is labeled MODP group 5. + /// + /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-3 + #[cfg(not(boringssl))] + pub fn get_rfc3526_prime_1536() -> Result { + unsafe { + cvt_p(BN_get_rfc3526_prime_1536(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) + } + } + + /// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order + /// of magnitude of `2 ^ 2048`. This number is used during calculated key + /// exchanges such as Diffie-Hellman. This number is labeled MODP group 14. + /// + /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-3 + #[cfg(not(boringssl))] + pub fn get_rfc3526_prime_2048() -> Result { + unsafe { + cvt_p(BN_get_rfc3526_prime_2048(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) + } + } + + /// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order + /// of magnitude of `2 ^ 3072`. This number is used during calculated key + /// exchanges such as Diffie-Hellman. This number is labeled MODP group 15. + /// + /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-4 + #[cfg(not(boringssl))] + pub fn get_rfc3526_prime_3072() -> Result { + unsafe { + cvt_p(BN_get_rfc3526_prime_3072(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) + } + } + + /// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order + /// of magnitude of `2 ^ 4096`. This number is used during calculated key + /// exchanges such as Diffie-Hellman. This number is labeled MODP group 16. + /// + /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-4 + #[cfg(not(boringssl))] + pub fn get_rfc3526_prime_4096() -> Result { + unsafe { + cvt_p(BN_get_rfc3526_prime_4096(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) + } + } + + /// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order + /// of magnitude of `2 ^ 6144`. This number is used during calculated key + /// exchanges such as Diffie-Hellman. This number is labeled MODP group 17. + /// + /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-6 + #[cfg(not(boringssl))] + pub fn get_rfc3526_prime_6144() -> Result { + unsafe { + cvt_p(BN_get_rfc3526_prime_6144(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) + } + } + + /// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order + /// of magnitude of `2 ^ 8192`. This number is used during calculated key + /// exchanges such as Diffie-Hellman. This number is labeled MODP group 18. + /// + /// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-6 + #[cfg(not(boringssl))] + pub fn get_rfc3526_prime_8192() -> Result { + unsafe { + cvt_p(BN_get_rfc3526_prime_8192(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) + } + } + + /// Creates a new `BigNum` from an unsigned, big-endian encoded number of arbitrary length. + /// + /// OpenSSL documentation at [`BN_bin2bn`] + /// + /// [`BN_bin2bn`]: https://www.openssl.org/docs/man1.1.0/crypto/BN_bin2bn.html + pub fn from_slice(n: &[u8]) -> Result { + unsafe { + assert!(n.len() <= c_int::max_value() as usize); + + cvt_p(ffi::BN_bin2bn( + n.as_ptr(), + n.len() as c_int, + ptr::null_mut(), + )) + .map(|p| BigNum::from_ptr(p)) + } + } + + /// Copies data from a slice overwriting what was in the BigNum. + /// + /// This function can be used to copy data from a slice to a + /// [secure BigNum][`BigNum::new_secure`]. + pub fn copy_from_slice(&mut self, n: &[u8]) -> Result<(), ErrorStack> { + unsafe { + assert!(n.len() <= c_int::max_value() as usize); + + cvt_p(ffi::BN_bin2bn(n.as_ptr(), n.len() as c_int, self.as_mut().as_ptr()))?; + Ok(()) + } + } +} + + +impl PartialEq for BigNumRef { + fn eq(&self, oth: &BigNumRef) -> bool { + self.cmp(oth) == Ordering::Equal + } +} + +impl PartialEq for BigNumRef { + fn eq(&self, oth: &BigNum) -> bool { + self.eq(oth.deref()) + } +} + +impl Eq for BigNumRef {} + +impl PartialEq for BigNum { + fn eq(&self, oth: &BigNum) -> bool { + self.deref().eq(oth) + } +} + +impl PartialEq for BigNum { + fn eq(&self, oth: &BigNumRef) -> bool { + self.deref().eq(oth) + } +} + +impl Eq for BigNum {} + +impl PartialOrd for BigNumRef { + fn partial_cmp(&self, oth: &BigNumRef) -> Option { + Some(self.cmp(oth)) + } +} + +impl PartialOrd for BigNumRef { + fn partial_cmp(&self, oth: &BigNum) -> Option { + Some(self.cmp(oth.deref())) + } +} + +impl Ord for BigNumRef { + fn cmp(&self, oth: &BigNumRef) -> Ordering { + unsafe { ffi::BN_cmp(self.as_ptr(), oth.as_ptr()).cmp(&0) } + } +} + +impl PartialOrd for BigNum { + fn partial_cmp(&self, oth: &BigNum) -> Option { + self.deref().partial_cmp(oth.deref()) + } +} + +impl PartialOrd for BigNum { + fn partial_cmp(&self, oth: &BigNumRef) -> Option { + self.deref().partial_cmp(oth) + } +} + +impl Ord for BigNum { + fn cmp(&self, oth: &BigNum) -> Ordering { + self.deref().cmp(oth.deref()) + } +} + +macro_rules! delegate { + ($t:ident, $m:ident) => { + impl<'a, 'b> $t<&'b BigNum> for &'a BigNumRef { + type Output = BigNum; + + fn $m(self, oth: &BigNum) -> BigNum { + $t::$m(self, oth.deref()) + } + } + + impl<'a, 'b> $t<&'b BigNumRef> for &'a BigNum { + type Output = BigNum; + + fn $m(self, oth: &BigNumRef) -> BigNum { + $t::$m(self.deref(), oth) + } + } + + impl<'a, 'b> $t<&'b BigNum> for &'a BigNum { + type Output = BigNum; + + fn $m(self, oth: &BigNum) -> BigNum { + $t::$m(self.deref(), oth.deref()) + } + } + }; +} + +impl<'a, 'b> Add<&'b BigNumRef> for &'a BigNumRef { + type Output = BigNum; + + fn add(self, oth: &BigNumRef) -> BigNum { + let mut r = BigNum::new().unwrap(); + r.checked_add(self, oth).unwrap(); + r + } +} + +delegate!(Add, add); + +impl<'a, 'b> Sub<&'b BigNumRef> for &'a BigNumRef { + type Output = BigNum; + + fn sub(self, oth: &BigNumRef) -> BigNum { + let mut r = BigNum::new().unwrap(); + r.checked_sub(self, oth).unwrap(); + r + } +} + +delegate!(Sub, sub); + +impl<'a, 'b> Mul<&'b BigNumRef> for &'a BigNumRef { + type Output = BigNum; + + fn mul(self, oth: &BigNumRef) -> BigNum { + let mut ctx = BigNumContext::new().unwrap(); + let mut r = BigNum::new().unwrap(); + r.checked_mul(self, oth, &mut ctx).unwrap(); + r + } +} + +delegate!(Mul, mul); + +impl<'a, 'b> Div<&'b BigNumRef> for &'a BigNumRef { + type Output = BigNum; + + fn div(self, oth: &'b BigNumRef) -> BigNum { + let mut ctx = BigNumContext::new().unwrap(); + let mut r = BigNum::new().unwrap(); + r.checked_div(self, oth, &mut ctx).unwrap(); + r + } +} + +delegate!(Div, div); + +impl<'a, 'b> Rem<&'b BigNumRef> for &'a BigNumRef { + type Output = BigNum; + + fn rem(self, oth: &'b BigNumRef) -> BigNum { + let mut ctx = BigNumContext::new().unwrap(); + let mut r = BigNum::new().unwrap(); + r.checked_rem(self, oth, &mut ctx).unwrap(); + r + } +} + +delegate!(Rem, rem); + +impl<'a> Shl for &'a BigNumRef { + type Output = BigNum; + + fn shl(self, n: i32) -> BigNum { + let mut r = BigNum::new().unwrap(); + r.lshift(self, n).unwrap(); + r + } +} + +impl<'a> Shl for &'a BigNum { + type Output = BigNum; + + fn shl(self, n: i32) -> BigNum { + self.deref().shl(n) + } +} + +impl<'a> Shr for &'a BigNumRef { + type Output = BigNum; + + fn shr(self, n: i32) -> BigNum { + let mut r = BigNum::new().unwrap(); + r.rshift(self, n).unwrap(); + r + } +} + +impl<'a> Shr for &'a BigNum { + type Output = BigNum; + + fn shr(self, n: i32) -> BigNum { + self.deref().shr(n) + } +} + +impl<'a> Neg for &'a BigNumRef { + type Output = BigNum; + + fn neg(self) -> BigNum { + self.to_owned().unwrap().neg() + } +} + +impl<'a> Neg for &'a BigNum { + type Output = BigNum; + + fn neg(self) -> BigNum { + self.deref().neg() + } +} + +impl Neg for BigNum { + type Output = BigNum; + + fn neg(mut self) -> BigNum { + let negative = self.is_negative(); + self.set_negative(!negative); + self + } +} + +#[cfg(test)] +mod tests { + use crate::{bn::{BigNum, BigNumContext}, init}; + + #[test] + fn test_to_from_slice() { + init(); + let v0 = BigNum::from_u32(10_203_004).unwrap(); + let vec = v0.to_vec(); + let v1 = BigNum::from_slice(&vec).unwrap(); + + assert!(v0 == v1); + } + + #[test] + fn test_negation() { + init(); + let a = BigNum::from_u32(909_829_283).unwrap(); + + assert!(!a.is_negative()); + assert!((-a).is_negative()); + } + + #[test] + fn test_shift() { + init(); + let a = BigNum::from_u32(909_829_283).unwrap(); + + assert!(a == &(&a << 1) >> 1); + } + + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + #[test] + fn test_prime_numbers() { + init(); + let a = BigNum::from_u32(19_029_017).unwrap(); + let mut p = BigNum::new().unwrap(); + p.generate_prime(128, true, None, Some(&a)).unwrap(); + + let mut ctx = BigNumContext::new().unwrap(); + assert!(p.is_prime(100, &mut ctx).unwrap()); + assert!(p.is_prime_fasttest(100, &mut ctx, true).unwrap()); + } + + #[cfg(ossl110)] + #[test] + fn test_secure_bn() { + init(); + let a = BigNum::new().unwrap(); + assert!(!a.is_secure()); + + let b = BigNum::new_secure().unwrap(); + assert!(b.is_secure()) + } + + #[cfg(ossl110)] + #[test] + fn test_const_time_bn() { + init(); + let a = BigNum::new().unwrap(); + assert!(!a.is_const_time()); + + let mut b = BigNum::new().unwrap(); + b.set_const_time(); + assert!(b.is_const_time()) + } +} diff --git a/crypto/src/cipher_ctx.rs b/crypto/src/cipher_ctx.rs new file mode 100644 index 000000000..e46eb3353 --- /dev/null +++ b/crypto/src/cipher_ctx.rs @@ -0,0 +1,168 @@ + +use std::ptr; + +use crate::error::{ErrorStack, cvt_p, cvt}; +use foreign_types::{ForeignType, foreign_type, ForeignTypeRef}; +use libc::c_int; + +foreign_type! { + pub unsafe type CipherCtx { + type CType = ffi::EVP_CIPHER_CTX; + fn drop = ffi::EVP_CIPHER_CTX_free; + } +} + +impl CipherCtx { + /// Creates a new context. + pub fn new() -> Result { + unsafe { + let ptr = cvt_p(ffi::EVP_CIPHER_CTX_new())?; + Ok(CipherCtx::from_ptr(ptr)) + } + } +} +impl CipherCtxRef { + + /// Initializes the context for encryption or decryption. + /// All pointer fields can be null, in which case the corresponding field in the context is not updated. + pub unsafe fn cipher_init(&self, t: *const ffi::EVP_CIPHER, key: *const u8, iv: *const u8) -> Result<(), ErrorStack>{ + let evp_f = if ENCRYPT { ffi::EVP_EncryptInit_ex } else { ffi::EVP_DecryptInit_ex }; + + cvt(evp_f( + self.as_ptr(), + t, + ptr::null_mut(), + key, + iv, + ))?; + Ok(()) + } + + + /// Writes data into the context. + /// + /// Providing no output buffer will cause the input to be considered additional authenticated data (AAD). + /// + /// Returns the number of bytes written to `output`. + /// + /// This function is the same as [`Self::cipher_update`] but with the + /// output size check removed. It can be used when the exact + /// buffer size control is maintained by the caller. + /// + /// SAFETY: The caller is expected to provide `output` buffer + /// large enough to contain correct number of bytes. For streaming + /// ciphers the output buffer size should be at least as big as + /// the input buffer. For block ciphers the size of the output + /// buffer depends on the state of partially updated blocks. + pub unsafe fn update( + &self, + input: &[u8], + output: *mut u8, + ) -> Result<(), ErrorStack> { + let evp_f = if ENCRYPT { ffi::EVP_EncryptUpdate } else { ffi::EVP_DecryptUpdate }; + + let mut outlen = 0; + + cvt(evp_f( + self.as_ptr(), + output, + &mut outlen, + input.as_ptr(), + input.len() as c_int, + ))?; + + Ok(()) + } + + + /// Finalizes the encryption or decryption process. + /// + /// Any remaining data will be written to the output buffer. + /// + /// Returns the number of bytes written to `output`. + /// + /// This function is the same as [`Self::cipher_final`] but with + /// the output buffer size check removed. + /// + /// SAFETY: The caller is expected to provide `output` buffer + /// large enough to contain correct number of bytes. For streaming + /// ciphers the output buffer can be empty, for block ciphers the + /// output buffer should be at least as big as the block. + pub unsafe fn finalize( + &self, + output: *mut u8, + ) -> Result<(), ErrorStack> { + let evp_f = if ENCRYPT { ffi::EVP_EncryptFinal_ex } else { ffi::EVP_DecryptFinal_ex }; + let mut outl = 0; + + cvt(evp_f( + self.as_ptr(), + output, + &mut outl, + ))?; + + Ok(()) + } + + /// Retrieves the calculated authentication tag from the context. + /// + /// This should be called after [`Self::cipher_final`], and is only supported by authenticated ciphers. + /// + /// The size of the buffer indicates the size of the tag. While some ciphers support a range of tag sizes, it is + /// recommended to pick the maximum size. + pub fn tag(&self, tag: &mut [u8]) -> Result<(), ErrorStack> { + + unsafe { + cvt(ffi::EVP_CIPHER_CTX_ctrl( + self.as_ptr(), + ffi::EVP_CTRL_GCM_GET_TAG, + tag.len() as c_int, + tag.as_mut_ptr() as *mut _, + ))?; + } + + Ok(()) + } + + /// Sets the authentication tag for verification during decryption. + pub fn set_tag(&self, tag: &[u8]) -> Result<(), ErrorStack> { + unsafe { + cvt(ffi::EVP_CIPHER_CTX_ctrl( + self.as_ptr(), + ffi::EVP_CTRL_GCM_SET_TAG, + tag.len() as c_int, + tag.as_ptr() as *mut _, + ))?; + } + + Ok(()) + } +} + +#[cfg(test)] +mod test { + use crate::init; + use super::*; + + #[test] + fn aes_128_ecb() { + init(); + let key = [1u8; 16]; + let ctx = CipherCtx::new().unwrap(); + unsafe { + ctx.cipher_init::(ffi::EVP_aes_128_ecb(), key.as_ptr(), ptr::null()).unwrap(); + ffi::EVP_CIPHER_CTX_set_padding(ctx.as_ptr(), 0); + assert_eq!(ffi::EVP_CIPHER_CTX_get_block_size(ctx.as_ptr()) as usize, 16); + + let origin = [2u8; 16]; + let mut val = origin.clone(); + let p = val.as_mut_ptr(); + + ctx.update::(&val, p).unwrap(); + ctx.cipher_init::(ptr::null(), key.as_ptr(), ptr::null()).unwrap(); + ctx.update::(&val, p).unwrap(); + + assert_eq!(val, origin); + } + } +} diff --git a/crypto/src/ec.rs b/crypto/src/ec.rs new file mode 100644 index 000000000..9c2c248d4 --- /dev/null +++ b/crypto/src/ec.rs @@ -0,0 +1,191 @@ + +use std::ptr; + +use foreign_types::{ForeignType, foreign_type, ForeignTypeRef}; +use crate::bn::{BigNumContext, BigNumRef, BigNumContextRef}; +use crate::error::{ErrorStack, cvt_p, cvt, cvt_n}; + + +foreign_type! { + #[derive(Clone)] + pub unsafe type EcGroup: Send + Sync { + type CType = ffi::EC_GROUP; + fn drop = ffi::EC_GROUP_free; + } + /// Public and optional private key on the given curve. + #[derive(Clone)] + pub unsafe type EcKey { + type CType = ffi::EC_KEY; + fn drop = ffi::EC_KEY_free; + } + + pub unsafe type EcPoint { + type CType = ffi::EC_POINT; + fn drop = ffi::EC_POINT_free; + } +} + +impl EcKeyRef { + /// Returns the public key. The returned EcPoint must be treated as read only. + pub fn public_key(&self) -> &EcPointRef { + unsafe { + let ptr = ffi::EC_KEY_get0_public_key(self.as_ptr()); + &*ptr.cast() + } + } + + /// Returns the private key value. The returned BigNum must be treated as read only. + pub fn private_key(&self) -> &BigNumRef { + unsafe { + let ptr = ffi::EC_KEY_get0_private_key(self.as_ptr()); + &*ptr.cast() + } + } + + /// Checks the key for validity. + pub fn check_key(&self) -> Result<(), ErrorStack> { + unsafe { cvt(ffi::EC_KEY_check_key(self.as_ptr())).map(|_| ()) } + } +} +impl EcKey { + /// Generates a new public/private key pair on the specified curve. + pub fn generate(group: &EcGroupRef) -> Result { + unsafe { + cvt_p(ffi::EC_KEY_new()) + .map(|p| EcKey::from_ptr(p)) + .and_then(|key| { + cvt(ffi::EC_KEY_set_group(key.as_ptr(), group.as_ptr())).map(|_| key) + }) + .and_then(|key| cvt(ffi::EC_KEY_generate_key(key.as_ptr())).map(|_| key)) + } + } + /// Constructs an `EcKey` from the specified group with the associated [`EcPoint`]: `public_key`. + /// + /// This will only have the associated `public_key`. + pub fn from_public_key( + group: &EcGroupRef, + public_key: &EcPointRef, + ) -> Result { + unsafe { + cvt_p(ffi::EC_KEY_new()) + .map(|p| EcKey::from_ptr(p)) + .and_then(|key| { + cvt(ffi::EC_KEY_set_group(key.as_ptr(), group.as_ptr())).map(|_| key) + }) + .and_then(|key| { + cvt(ffi::EC_KEY_set_public_key( + key.as_ptr(), + public_key.as_ptr(), + )) + .map(|_| key) + }) + } + } + + /// Constructs an public/private key pair given a curve, a private key and a public key point. + pub fn from_private_components( + group: &EcGroupRef, + private_number: &BigNumRef, + public_key: &EcPointRef, + ) -> Result { + unsafe { + cvt_p(ffi::EC_KEY_new()) + .map(|p| EcKey::from_ptr(p)) + .and_then(|key| { + cvt(ffi::EC_KEY_set_group(key.as_ptr(), group.as_ptr())).map(|_| key) + }) + .and_then(|key| { + cvt(ffi::EC_KEY_set_private_key( + key.as_ptr(), + private_number.as_ptr(), + )) + .map(|_| key) + }) + .and_then(|key| { + cvt(ffi::EC_KEY_set_public_key( + key.as_ptr(), + public_key.as_ptr(), + )) + .map(|_| key) + }) + } + } +} + +impl EcPoint { + /// Creates a new point on the specified curve. + pub fn new(group: &EcGroupRef) -> Result { + unsafe { cvt_p(ffi::EC_POINT_new(group.as_ptr())).map(|x| EcPoint::from_ptr(x)) } + } + /// Creates point from a binary representation + pub fn from_bytes( + group: &EcGroupRef, + buf: &[u8], + ctx: &mut BigNumContext, + ) -> Result { + let point = EcPoint::new(group)?; + unsafe { + cvt(ffi::EC_POINT_oct2point( + group.as_ptr(), + point.as_ptr(), + buf.as_ptr(), + buf.len(), + ctx.as_ptr(), + ))?; + } + Ok(point) + } +} + +impl EcPointRef { + /// Serializes the point to a binary representation. + pub fn to_bytes( + &self, + group: &EcGroupRef, + form: ffi::point_conversion_form_t, + ctx: &BigNumContextRef, + ) -> Result, ErrorStack> { + unsafe { + let len = ffi::EC_POINT_point2oct( + group.as_ptr(), + self.as_ptr(), + form, + ptr::null_mut(), + 0, + ctx.as_ptr(), + ); + if len == 0 { + return Err(ErrorStack::get()); + } + let mut buf = vec![0; len]; + let len = ffi::EC_POINT_point2oct( + group.as_ptr(), + self.as_ptr(), + form, + buf.as_mut_ptr(), + len, + ctx.as_ptr(), + ); + if len == 0 { + Err(ErrorStack::get()) + } else { + Ok(buf) + } + } + } + /// Checks if point is on a given curve + pub fn is_on_curve( + &self, + group: &EcGroupRef, + ctx: &BigNumContextRef, + ) -> Result { + unsafe { + let res = cvt_n(ffi::EC_POINT_is_on_curve( + group.as_ptr(), + self.as_ptr(), + ctx.as_ptr(), + ))?; + Ok(res == 1) + } + } +} diff --git a/crypto/src/error.rs b/crypto/src/error.rs new file mode 100644 index 000000000..e184df7fa --- /dev/null +++ b/crypto/src/error.rs @@ -0,0 +1,374 @@ + +use cfg_if::cfg_if; +use libc::{c_char, c_int}; +use std::borrow::Cow; +use std::error; +use std::ffi::CStr; +use std::fmt; +use std::io; +use std::ptr; +use std::str; + +type ErrType = libc::c_ulong; + +/// Collection of [`Error`]s from OpenSSL. +/// +/// [`Error`]: struct.Error.html +#[derive(Debug, Clone)] +pub struct ErrorStack(Vec); + +impl ErrorStack { + /// Returns the contents of the OpenSSL error stack. + #[cold] + #[inline(never)] + pub fn get() -> ErrorStack { + let mut vec = vec![]; + while let Some(err) = Error::get() { + vec.push(err); + } + ErrorStack(vec) + } + + /// Pushes the errors back onto the OpenSSL error stack. + pub fn put(&self) { + for error in self.errors() { + error.put(); + } + } +} + +impl ErrorStack { + /// Returns the errors in the stack. + pub fn errors(&self) -> &[Error] { + &self.0 + } +} + +impl fmt::Display for ErrorStack { + fn fmt(&self, fmt: &mut fmt::Formatter<'_>) -> fmt::Result { + if self.0.is_empty() { + return fmt.write_str("OpenSSL error"); + } + + let mut first = true; + for err in &self.0 { + if !first { + fmt.write_str(", ")?; + } + write!(fmt, "{}", err)?; + first = false; + } + Ok(()) + } +} + +impl error::Error for ErrorStack {} + +impl From for io::Error { + fn from(e: ErrorStack) -> io::Error { + io::Error::new(io::ErrorKind::Other, e) + } +} + +impl From for fmt::Error { + fn from(_: ErrorStack) -> fmt::Error { + fmt::Error + } +} + +/// An error reported from OpenSSL. +#[derive(Clone)] +pub struct Error { + code: ErrType, + file: ShimStr, + line: c_int, + func: Option, + data: Option>, +} + +unsafe impl Sync for Error {} +unsafe impl Send for Error {} + +impl Error { + /// Returns the first error on the OpenSSL error stack. + pub fn get() -> Option { + unsafe { + let mut file = ptr::null(); + let mut line = 0; + let mut func = ptr::null(); + let mut data = ptr::null(); + let mut flags = 0; + match ERR_get_error_all(&mut file, &mut line, &mut func, &mut data, &mut flags) { + 0 => None, + code => { + // The memory referenced by data is only valid until that slot is overwritten + // in the error stack, so we'll need to copy it off if it's dynamic + let data = if flags & ffi::ERR_TXT_STRING != 0 { + let bytes = CStr::from_ptr(data as *const _).to_bytes(); + let data = str::from_utf8(bytes).unwrap(); + #[cfg(not(boringssl))] + let data = if flags & ffi::ERR_TXT_MALLOCED != 0 { + Cow::Owned(data.to_string()) + } else { + Cow::Borrowed(data) + }; + #[cfg(boringssl)] + let data = Cow::Borrowed(data); + Some(data) + } else { + None + }; + + let file = ShimStr::new(file); + + let func = if func.is_null() { + None + } else { + Some(ShimStr::new(func)) + }; + + Some(Error { + code, + file, + line, + func, + data, + }) + } + } + } + } + + /// Pushes the error back onto the OpenSSL error stack. + pub fn put(&self) { + self.put_error(); + + unsafe { + let data = match self.data { + Some(Cow::Borrowed(data)) => Some((data.as_ptr() as *mut c_char, 0)), + Some(Cow::Owned(ref data)) => { + let ptr = ffi::CRYPTO_malloc( + (data.len() + 1) as _, + concat!(file!(), "\0").as_ptr() as _, + line!() as _, + ) as *mut c_char; + if ptr.is_null() { + None + } else { + ptr::copy_nonoverlapping(data.as_ptr(), ptr as *mut u8, data.len()); + *ptr.add(data.len()) = 0; + Some((ptr, ffi::ERR_TXT_MALLOCED)) + } + } + None => None, + }; + if let Some((ptr, flags)) = data { + ffi::ERR_set_error_data(ptr, flags | ffi::ERR_TXT_STRING); + } + } + } + + #[cfg(ossl300)] + fn put_error(&self) { + unsafe { + ffi::ERR_new(); + ffi::ERR_set_debug( + self.file.as_ptr(), + self.line, + self.func.as_ref().map_or(ptr::null(), |s| s.as_ptr()), + ); + ffi::ERR_set_error( + ffi::ERR_GET_LIB(self.code), + ffi::ERR_GET_REASON(self.code), + ptr::null(), + ); + } + } + + /// Returns the raw OpenSSL error code for this error. + pub fn code(&self) -> ErrType { + self.code + } + + /// Returns the name of the library reporting the error, if available. + pub fn library(&self) -> Option<&'static str> { + unsafe { + let cstr = ffi::ERR_lib_error_string(self.code); + if cstr.is_null() { + return None; + } + let bytes = CStr::from_ptr(cstr as *const _).to_bytes(); + Some(str::from_utf8(bytes).unwrap()) + } + } + + /// Returns the name of the function reporting the error. + pub fn function(&self) -> Option> { + self.func.as_ref().map(|s| s.as_str()) + } + + /// Returns the reason for the error. + pub fn reason(&self) -> Option<&'static str> { + unsafe { + let cstr = ffi::ERR_reason_error_string(self.code); + if cstr.is_null() { + return None; + } + let bytes = CStr::from_ptr(cstr as *const _).to_bytes(); + Some(str::from_utf8(bytes).unwrap()) + } + } + + /// Returns the name of the source file which encountered the error. + pub fn file(&self) -> RetStr<'_> { + self.file.as_str() + } + + /// Returns the line in the source file which encountered the error. + pub fn line(&self) -> u32 { + self.line as u32 + } + + /// Returns additional data describing the error. + #[allow(clippy::option_as_ref_deref)] + pub fn data(&self) -> Option<&str> { + self.data.as_ref().map(|s| &**s) + } +} + +impl fmt::Debug for Error { + fn fmt(&self, fmt: &mut fmt::Formatter<'_>) -> fmt::Result { + let mut builder = fmt.debug_struct("Error"); + builder.field("code", &self.code()); + if let Some(library) = self.library() { + builder.field("library", &library); + } + if let Some(function) = self.function() { + builder.field("function", &function); + } + if let Some(reason) = self.reason() { + builder.field("reason", &reason); + } + builder.field("file", &self.file()); + builder.field("line", &self.line()); + if let Some(data) = self.data() { + builder.field("data", &data); + } + builder.finish() + } +} + +impl fmt::Display for Error { + fn fmt(&self, fmt: &mut fmt::Formatter<'_>) -> fmt::Result { + write!(fmt, "error:{:08X}", self.code())?; + match self.library() { + Some(l) => write!(fmt, ":{}", l)?, + None => write!(fmt, ":lib({})", ffi::ERR_GET_LIB(self.code()))?, + } + match self.function() { + Some(f) => write!(fmt, ":{}", f)?, + None => write!(fmt, ":func({})", ffi::ERR_GET_FUNC(self.code()))?, + } + match self.reason() { + Some(r) => write!(fmt, ":{}", r)?, + None => write!(fmt, ":reason({})", ffi::ERR_GET_REASON(self.code()))?, + } + write!( + fmt, + ":{}:{}:{}", + self.file(), + self.line(), + self.data().unwrap_or("") + ) + } +} + +impl error::Error for Error {} + +cfg_if! { + if #[cfg(ossl300)] { + use std::ffi::{CString}; + use ffi::ERR_get_error_all; + + type RetStr<'a> = &'a str; + + #[derive(Clone)] + struct ShimStr(CString); + + impl ShimStr { + unsafe fn new(s: *const c_char) -> Self { + ShimStr(CStr::from_ptr(s).to_owned()) + } + + fn as_ptr(&self) -> *const c_char { + self.0.as_ptr() + } + + fn as_str(&self) -> &str { + self.0.to_str().unwrap() + } + } + } else { + #[allow(bad_style)] + unsafe extern "C" fn ERR_get_error_all( + file: *mut *const c_char, + line: *mut c_int, + func: *mut *const c_char, + data: *mut *const c_char, + flags: *mut c_int, + ) -> ErrType { + let code = ffi::ERR_get_error_line_data(file, line, data, flags); + *func = ffi::ERR_func_error_string(code); + code + } + + type RetStr<'a> = &'static str; + + #[derive(Clone)] + struct ShimStr(*const c_char); + + impl ShimStr { + unsafe fn new(s: *const c_char) -> Self { + ShimStr(s) + } + + fn as_ptr(&self) -> *const c_char { + self.0 + } + + fn as_str(&self) -> &'static str { + unsafe { + CStr::from_ptr(self.0).to_str().unwrap() + } + } + } + } +} + + +#[inline] +pub fn cvt_p(r: *mut T) -> Result<*mut T, ErrorStack> { + if r.is_null() { + Err(ErrorStack::get()) + } else { + Ok(r) + } +} + +#[inline] +pub fn cvt(r: c_int) -> Result { + if r <= 0 { + Err(ErrorStack::get()) + } else { + Ok(r) + } +} + +#[inline] +pub fn cvt_n(r: c_int) -> Result { + if r < 0 { + Err(ErrorStack::get()) + } else { + Ok(r) + } +} diff --git a/crypto/src/hash.rs b/crypto/src/hash.rs index d148517c2..e71472b9c 100644 --- a/crypto/src/hash.rs +++ b/crypto/src/hash.rs @@ -2,47 +2,69 @@ use std::ffi::c_void; use std::io::Write; +use std::mem::MaybeUninit; use std::os::raw::{c_int, c_uint}; use std::ptr::null; +use crate::secret::Secret; + pub const SHA512_HASH_SIZE: usize = 64; pub const SHA384_HASH_SIZE: usize = 48; pub const HMAC_SHA512_SIZE: usize = 64; pub const HMAC_SHA384_SIZE: usize = 48; -pub struct SHA512(Option); +pub struct SHA512(ffi::SHA512_CTX); impl SHA512 { #[inline(always)] - pub fn hash(b: &[u8]) -> [u8; SHA512_HASH_SIZE] { - openssl::sha::sha512(b) + pub fn hash(data: &[u8]) -> [u8; SHA512_HASH_SIZE] { + unsafe { + let mut hash = MaybeUninit::<[u8; SHA512_HASH_SIZE]>::uninit(); + ffi::SHA512(data.as_ptr(), data.len(), hash.as_mut_ptr() as *mut _); + hash.assume_init() + } } + /// Creates a new hasher. #[inline(always)] pub fn new() -> Self { - Self(Some(openssl::sha::Sha512::new())) + unsafe { + let mut ctx = MaybeUninit::uninit(); + ffi::SHA512_Init(ctx.as_mut_ptr()); + SHA512(ctx.assume_init()) + } } + /// Feeds some data into the hasher. + /// + /// This can be called multiple times. #[inline(always)] pub fn reset(&mut self) { - let _ = self.0.replace(openssl::sha::Sha512::new()); + unsafe { ffi::SHA512_Init(&mut self.0) }; } #[inline(always)] - pub fn update(&mut self, b: &[u8]) { - self.0.as_mut().unwrap().update(b); + pub fn update(&mut self, buf: &[u8]) { + unsafe { + ffi::SHA512_Update(&mut self.0, buf.as_ptr() as *const c_void, buf.len()); + } } + /// Returns the hash of the data. #[inline(always)] pub fn finish(&mut self) -> [u8; SHA512_HASH_SIZE] { - self.0.take().unwrap().finish() + unsafe { + let mut hash = MaybeUninit::<[u8; SHA512_HASH_SIZE]>::uninit(); + ffi::SHA512_Final(hash.as_mut_ptr() as *mut _, &mut self.0); + hash.assume_init() + } } } impl Write for SHA512 { #[inline(always)] fn write(&mut self, b: &[u8]) -> std::io::Result { - self.0.as_mut().unwrap().update(b); + self.update(b); Ok(b.len()) } @@ -54,39 +76,55 @@ impl Write for SHA512 { unsafe impl Send for SHA512 {} -pub struct SHA384(Option); +pub struct SHA384(ffi::SHA512_CTX); impl SHA384 { #[inline(always)] - pub fn hash(b: &[u8]) -> [u8; SHA384_HASH_SIZE] { - openssl::sha::sha384(b) + pub fn hash(data: &[u8]) -> [u8; SHA384_HASH_SIZE] { + unsafe { + let mut hash = MaybeUninit::<[u8; SHA384_HASH_SIZE]>::uninit(); + ffi::SHA384(data.as_ptr(), data.len(), hash.as_mut_ptr() as *mut _); + hash.assume_init() + } } #[inline(always)] pub fn new() -> Self { - Self(Some(openssl::sha::Sha384::new())) + unsafe { + let mut ctx = MaybeUninit::uninit(); + ffi::SHA384_Init(ctx.as_mut_ptr()); + SHA384(ctx.assume_init()) + } } #[inline(always)] pub fn reset(&mut self) { - let _ = self.0.replace(openssl::sha::Sha384::new()); + unsafe { + ffi::SHA384_Init(&mut self.0); + } } #[inline(always)] - pub fn update(&mut self, b: &[u8]) { - self.0.as_mut().unwrap().update(b); + pub fn update(&mut self, buf: &[u8]) { + unsafe { + ffi::SHA384_Update(&mut self.0, buf.as_ptr() as *const c_void, buf.len()); + } } #[inline(always)] pub fn finish(&mut self) -> [u8; SHA384_HASH_SIZE] { - self.0.take().unwrap().finish() + unsafe { + let mut hash = MaybeUninit::<[u8; SHA384_HASH_SIZE]>::uninit(); + ffi::SHA384_Final(hash.as_mut_ptr() as *mut _, &mut self.0); + hash.assume_init() + } } } impl Write for SHA384 { #[inline(always)] fn write(&mut self, b: &[u8]) -> std::io::Result { - self.0.as_mut().unwrap().update(b); + self.update(b); Ok(b.len()) } @@ -143,16 +181,16 @@ impl HMACSHA512 { #[inline(always)] pub fn finish_into(&mut self, md: &mut [u8]) { unsafe { - assert_eq!(md.len(), 64); - let mut mdlen: c_uint = 64; + debug_assert_eq!(md.len(), HMAC_SHA512_SIZE); + let mut mdlen = HMAC_SHA512_SIZE as c_uint; assert_ne!(HMAC_Final(self.ctx, md.as_mut_ptr().cast(), &mut mdlen), 0); - assert_eq!(mdlen, 64); + debug_assert_eq!(mdlen, HMAC_SHA512_SIZE as c_uint); } } #[inline(always)] - pub fn finish(&mut self) -> [u8; 64] { - let mut tmp = [0u8; 64]; + pub fn finish(&mut self) -> [u8; HMAC_SHA512_SIZE] { + let mut tmp = [0u8; HMAC_SHA512_SIZE]; self.finish_into(&mut tmp); tmp } @@ -200,16 +238,16 @@ impl HMACSHA384 { #[inline(always)] pub fn finish_into(&mut self, md: &mut [u8]) { unsafe { - assert_eq!(md.len(), 48); - let mut mdlen: c_uint = 48; + assert_eq!(md.len(), HMAC_SHA384_SIZE); + let mut mdlen = HMAC_SHA384_SIZE as c_uint; assert_ne!(HMAC_Final(self.ctx, md.as_mut_ptr().cast(), &mut mdlen), 0); - assert_eq!(mdlen, 48); + assert_eq!(mdlen, HMAC_SHA384_SIZE as c_uint); } } #[inline(always)] - pub fn finish(&mut self) -> [u8; 48] { - let mut tmp = [0u8; 48]; + pub fn finish(&mut self) -> [u8; HMAC_SHA384_SIZE] { + let mut tmp = [0u8; HMAC_SHA384_SIZE]; self.finish_into(&mut tmp); tmp } @@ -225,7 +263,7 @@ impl Drop for HMACSHA384 { unsafe impl Send for HMACSHA384 {} #[inline(always)] -pub fn hmac_sha512(key: &[u8], msg: &[u8]) -> [u8; 64] { +pub fn hmac_sha512(key: &[u8], msg: &[u8]) -> [u8; HMAC_SHA512_SIZE] { let mut hm = HMACSHA512::new(key); hm.update(msg); hm.finish() @@ -238,8 +276,16 @@ pub fn hmac_sha512_into(key: &[u8], msg: &[u8], md: &mut [u8]) { hm.finish_into(md); } +pub fn hmac_sha512_secret(key: &[u8], msg: &[u8]) -> Secret { + debug_assert!(C <= HMAC_SHA512_SIZE); + let mut hm = HMACSHA512::new(key); + hm.update(msg); + let buff = hm.finish(); + unsafe { Secret::from_bytes(&buff[..C]) } +} + #[inline(always)] -pub fn hmac_sha384(key: &[u8], msg: &[u8]) -> [u8; 48] { +pub fn hmac_sha384(key: &[u8], msg: &[u8]) -> [u8; HMAC_SHA384_SIZE] { let mut hm = HMACSHA384::new(key); hm.update(msg); hm.finish() diff --git a/crypto/src/lib.rs b/crypto/src/lib.rs index 685bccde7..8bfdc0569 100644 --- a/crypto/src/lib.rs +++ b/crypto/src/lib.rs @@ -1,18 +1,43 @@ -// (c) 2020-2022 ZeroTier, Inc. -- currently proprietary pending actual release and licensing. See LICENSE.md. -pub mod aes; -pub mod aes_gmac_siv; +mod error; +mod cipher_ctx; +mod bn; +mod ec; + +pub mod secret; +pub mod random; pub mod hash; pub mod mimcvdf; pub mod p384; + pub mod poly1305; -pub mod random; pub mod salsa; -pub mod secret; pub mod typestate; pub mod x25519; -pub const ZEROES: [u8; 64] = [0_u8; 64]; +pub mod aes_fruity; +pub mod aes_openssl; +#[cfg(target_os = "macos")] +pub use aes_fruity as aes; +#[cfg(not(target_os = "macos"))] +pub use aes_openssl as aes; + +mod aes_tests; + +pub mod aes_gmac_siv_fruity; +pub mod aes_gmac_siv_openssl; +#[cfg(target_os = "macos")] +pub use aes_gmac_siv_fruity as aes_gmac_siv; +#[cfg(not(target_os = "macos"))] +pub use aes_gmac_siv_openssl as aes_gmac_siv; + + + + +/// This must be called before using any function from this library. +pub fn init() { + ffi::init(); +} /// Constant time byte slice equality. #[inline] @@ -28,13 +53,4 @@ pub fn secure_eq + ?Sized, B: AsRef<[u8]> + ?Sized>(a: &A, b: &B) false } } - -extern "C" { - fn OPENSSL_cleanse(ptr: *mut std::ffi::c_void, len: usize); -} - -/// Destroy the contents of some memory -#[inline(always)] -pub fn burn(b: &mut [u8]) { - unsafe { OPENSSL_cleanse(b.as_mut_ptr().cast(), b.len()) }; -} +pub const ZEROES: [u8; 64] = [0_u8; 64]; diff --git a/crypto/src/mimcvdf.rs b/crypto/src/mimcvdf.rs index 030dbff69..bfb49921f 100644 --- a/crypto/src/mimcvdf.rs +++ b/crypto/src/mimcvdf.rs @@ -7,7 +7,7 @@ */ /* - * MIMC is a cipher originally designed for use with STARK and SNARK proofs. It's based + * MIMC is a hash function originally designed for use with STARK and SNARK proofs. It's based * on modular multiplication and exponentiation instead of the usual bit twiddling or ARX * operations that underpin more common hash algorithms. * @@ -17,8 +17,7 @@ * compute intensive. The "forward" direction simply requires modular cubing which is two modular * multiplications and is much faster. * - * It's a nice VDF because it's incredibly simple with a tiny code footprint. Most other VDFs - * involve RSA group operations or zero knowledge proofs. + * It's also nice because it's incredibly simple with a tiny code footprint. * * This is used for anti-DOS and anti-spamming delay functions. It's not used for anything * really "cryptographically hard," and if it were broken cryptographically it would still be diff --git a/crypto/src/p384.rs b/crypto/src/p384.rs index 28f4a0066..6ea268d66 100644 --- a/crypto/src/p384.rs +++ b/crypto/src/p384.rs @@ -1,4 +1,3 @@ -// (c) 2020-2022 ZeroTier, Inc. -- currently proprietary pending actual release and licensing. See LICENSE.md. #![allow( dead_code, @@ -19,17 +18,15 @@ pub const P384_ECDH_SHARED_SECRET_SIZE: usize = 48; #[cfg(not(target_feature = "builtin_nist_ecc"))] mod openssl_based { use std::convert::TryInto; + use std::{mem, ptr}; use std::os::raw::{c_int, c_ulong, c_void}; - use std::ptr::{null, write_volatile}; use foreign_types::{ForeignType, ForeignTypeRef}; use lazy_static::lazy_static; - use openssl::bn::{BigNum, BigNumContext}; - use openssl::ec::{EcKey, EcPoint, EcPointRef, PointConversionForm}; - use openssl::ecdsa::EcdsaSig; - use openssl::nid::Nid; - use openssl::pkey::{Private, Public}; + use crate::bn::{BigNum, BigNumContext}; + use crate::ec::{EcGroup, EcKey, EcPoint, EcPointRef}; + use crate::error::cvt_p; use crate::hash::SHA384; use crate::secret::Secret; use crate::secure_eq; @@ -42,24 +39,28 @@ mod openssl_based { } lazy_static! { - static ref GROUP_P384: openssl::ec::EcGroup = openssl::ec::EcGroup::from_curve_name(Nid::SECP384R1).unwrap(); + pub(crate) static ref GROUP_P384: EcGroup = unsafe { + EcGroup::from_ptr(cvt_p(ffi::EC_GROUP_new_by_curve_name(ffi::NID_secp384r1)).unwrap()) + }; } /// A NIST P-384 ECDH/ECDSA public key. #[derive(Clone)] pub struct P384PublicKey { - key: EcKey, + key: EcKey, bytes: [u8; 49], } impl P384PublicKey { fn new_from_point(key: &EcPointRef) -> Self { let mut bnc = BigNumContext::new().unwrap(); - let kb = key.to_bytes(GROUP_P384.as_ref(), PointConversionForm::COMPRESSED, &mut bnc).unwrap(); + let kb = key + .to_bytes(&GROUP_P384, ffi::point_conversion_form_t::POINT_CONVERSION_COMPRESSED, &bnc) + .unwrap(); let mut bytes = [0_u8; 49]; bytes[(49 - kb.len())..].copy_from_slice(kb.as_slice()); Self { - key: EcKey::from_public_key(GROUP_P384.as_ref(), key).unwrap(), + key: EcKey::from_public_key(&GROUP_P384, key).unwrap(), bytes, } } @@ -67,13 +68,10 @@ mod openssl_based { pub fn from_bytes(b: &[u8]) -> Option { if b.len() == 49 { let mut bnc = BigNumContext::new().unwrap(); - let key = EcPoint::from_bytes(GROUP_P384.as_ref(), b, &mut bnc); - if key.is_ok() { - let key = key.unwrap(); - if key.is_on_curve(GROUP_P384.as_ref(), &mut bnc).unwrap_or(false) { - let key = EcKey::from_public_key(GROUP_P384.as_ref(), key.as_ref()); - if key.is_ok() { - return Some(Self { key: key.unwrap(), bytes: b.try_into().unwrap() }); + if let Ok(point) = EcPoint::from_bytes(&GROUP_P384, b, &mut bnc) { + if point.is_on_curve(&GROUP_P384, &bnc).unwrap_or(false) { + if let Ok(key) = EcKey::from_public_key(&GROUP_P384, &point) { + return Some(Self { key, bytes: b.try_into().unwrap() }); } } } @@ -85,16 +83,27 @@ mod openssl_based { if signature.len() == 96 { let r = BigNum::from_slice(&signature[0..48]); let s = BigNum::from_slice(&signature[48..96]); - if r.is_ok() && s.is_ok() { - let r = r.unwrap(); - let s = s.unwrap(); + if let (Ok(r), Ok(s)) = (r, s) { let z = BigNum::from_u32(0).unwrap(); // Check that r and s are >=1 just in case the OpenSSL version or an OpenSSL API lookalike is // vulnerable to this, since a bunch of vulnerabilities involving zero r/s just made the rounds. if r.gt(&z) && s.gt(&z) { - let sig = EcdsaSig::from_private_components(r, s); - if sig.is_ok() { - return sig.unwrap().verify(&SHA384::hash(msg), self.key.as_ref()).unwrap_or(false); + unsafe { + let sig = ffi::ECDSA_SIG_new(); + if !sig.is_null() { + if ffi::ECDSA_SIG_set0(sig, r.as_ptr(), s.as_ptr()) == 1 { + mem::forget((r, s)); + + let data = &SHA384::hash(msg); + + return ffi::ECDSA_do_verify( + data.as_ptr(), + data.len() as c_int, + sig, + self.key.as_ptr(), + ) == 1 + } + } } } } @@ -120,38 +129,30 @@ mod openssl_based { /// A NIST P-384 ECDH/ECDSA public/private key pair. #[derive(Clone)] pub struct P384KeyPair { - pair: EcKey, + pair: EcKey, public: P384PublicKey, } impl P384KeyPair { pub fn generate() -> P384KeyPair { - let pair = EcKey::generate(GROUP_P384.as_ref()).unwrap(); // failure implies a serious problem - assert!(pair.check_key().is_ok()); // also would imply a serious problem + let pair = EcKey::generate(&GROUP_P384).unwrap(); // failure implies a serious problem let public = P384PublicKey::new_from_point(pair.public_key()); Self { pair, public } } pub fn from_bytes(public_bytes: &[u8], secret_bytes: &[u8]) -> Option { if public_bytes.len() == 49 && secret_bytes.len() == 48 { - P384PublicKey::from_bytes(public_bytes).map_or(None, |public| { - BigNum::from_slice(secret_bytes).map_or(None, |private| { - let pair = EcKey::from_private_components(GROUP_P384.as_ref(), private.as_ref(), public.key.public_key()); - if pair.is_ok() { - let pair = pair.unwrap(); + if let Some(public) = P384PublicKey::from_bytes(public_bytes) { + if let Ok(private) = BigNum::from_slice(secret_bytes) { + if let Ok(pair) = EcKey::from_private_components(&GROUP_P384, &private, public.key.public_key()) { if pair.check_key().is_ok() { - Some(Self { pair, public }) - } else { - None + return Some(Self { pair, public }) } - } else { - None } - }) - }) - } else { - None + } + } } + return None } pub fn public_key(&self) -> &P384PublicKey { @@ -164,28 +165,36 @@ mod openssl_based { pub fn secret_key_bytes(&self) -> Secret { let mut tmp: Secret = Secret::default(); - let mut k = self.pair.private_key().to_vec(); - tmp.0[(48 - k.len())..].copy_from_slice(k.as_slice()); - unsafe { - // Force zero memory occupied by temporary vector before releasing. - let kp = k.as_mut_ptr(); - for i in 0..k.len() { - write_volatile(kp.add(i), 0); - } - } + let size = self.pair.private_key().to_bytes(&mut tmp.0).unwrap(); + tmp.0.copy_within(..size, P384_SECRET_KEY_SIZE - size); tmp } /// Sign a message with ECDSA/SHA384. pub fn sign(&self, msg: &[u8]) -> [u8; P384_ECDSA_SIGNATURE_SIZE] { - let sig = EcdsaSig::sign(&SHA384::hash(msg), self.pair.as_ref()).unwrap(); - let r = sig.r().to_vec(); - let s = sig.s().to_vec(); - assert!(!r.is_empty() && !s.is_empty() && r.len() <= 48 && s.len() <= 48); - let mut b = [0_u8; P384_ECDSA_SIGNATURE_SIZE]; - b[(48 - r.len())..48].copy_from_slice(r.as_slice()); - b[(96 - s.len())..96].copy_from_slice(s.as_slice()); - b + let data = &SHA384::hash(msg); + unsafe { + let sig = ffi::ECDSA_do_sign( + data.as_ptr(), + data.len() as c_int, + self.pair.as_ref().as_ptr(), + ); + assert!(!sig.is_null()); + + let mut r = ptr::null(); + let mut s = ptr::null(); + ffi::ECDSA_SIG_get0(sig, &mut r, &mut s); + let r_len = ((ffi::BN_num_bits(r) + 7) / 8) as usize; + let s_len = ((ffi::BN_num_bits(s) + 7) / 8) as usize; + const CAP: usize = P384_ECDSA_SIGNATURE_SIZE/2; + assert!(r_len > 0 && s_len > 0 && r_len <= CAP && s_len <= CAP); + + let mut b = [0_u8; P384_ECDSA_SIGNATURE_SIZE]; + ffi::BN_bn2bin(r, b[(CAP - r_len)..CAP].as_mut_ptr()); + ffi::BN_bn2bin(s, b[(P384_ECDSA_SIGNATURE_SIZE - s_len)..P384_ECDSA_SIGNATURE_SIZE].as_mut_ptr()); + b + } + } /// Perform ECDH key agreement, returning the raw (un-hashed!) ECDH secret. @@ -199,7 +208,7 @@ mod openssl_based { 48, other_public.key.public_key().as_ptr().cast(), self.pair.as_ptr().cast(), - null(), + ptr::null(), ) == 48 { Some(s) @@ -258,49 +267,49 @@ mod builtin { pub y: [u64; 6], } static mut curve_p: [uint64_t; 6] = [ - 0xffffffff as libc::c_uint as uint64_t, - 0xffffffff00000000 as libc::c_ulong, - 0xfffffffffffffffe as libc::c_ulong, - 0xffffffffffffffff as libc::c_ulong, - 0xffffffffffffffff as libc::c_ulong, - 0xffffffffffffffff as libc::c_ulong, + 0xffffffff as libc::c_uint as uint64_t, + 0xffffffff00000000 as libc::c_ulong, + 0xfffffffffffffffe as libc::c_ulong, + 0xffffffffffffffff as libc::c_ulong, + 0xffffffffffffffff as libc::c_ulong, + 0xffffffffffffffff as libc::c_ulong, ]; static mut curve_b: [uint64_t; 6] = [ - 0x2a85c8edd3ec2aef as libc::c_long as uint64_t, - 0xc656398d8a2ed19d as libc::c_ulong, - 0x314088f5013875a as libc::c_long as uint64_t, - 0x181d9c6efe814112 as libc::c_long as uint64_t, - 0x988e056be3f82d19 as libc::c_ulong, - 0xb3312fa7e23ee7e4 as libc::c_ulong, + 0x2a85c8edd3ec2aef as libc::c_long as uint64_t, + 0xc656398d8a2ed19d as libc::c_ulong, + 0x314088f5013875a as libc::c_long as uint64_t, + 0x181d9c6efe814112 as libc::c_long as uint64_t, + 0x988e056be3f82d19 as libc::c_ulong, + 0xb3312fa7e23ee7e4 as libc::c_ulong, ]; static mut curve_G: EccPoint = { let mut init = EccPoint { x: [ - 0x3a545e3872760ab7 as libc::c_long as uint64_t, - 0x5502f25dbf55296c as libc::c_long as uint64_t, - 0x59f741e082542a38 as libc::c_long as uint64_t, - 0x6e1d3b628ba79b98 as libc::c_long as uint64_t, - 0x8eb1c71ef320ad74 as libc::c_ulong, - 0xaa87ca22be8b0537 as libc::c_ulong, + 0x3a545e3872760ab7 as libc::c_long as uint64_t, + 0x5502f25dbf55296c as libc::c_long as uint64_t, + 0x59f741e082542a38 as libc::c_long as uint64_t, + 0x6e1d3b628ba79b98 as libc::c_long as uint64_t, + 0x8eb1c71ef320ad74 as libc::c_ulong, + 0xaa87ca22be8b0537 as libc::c_ulong, ], y: [ - 0x7a431d7c90ea0e5f as libc::c_long as uint64_t, - 0xa60b1ce1d7e819d as libc::c_long as uint64_t, - 0xe9da3113b5f0b8c0 as libc::c_ulong, - 0xf8f41dbd289a147c as libc::c_ulong, - 0x5d9e98bf9292dc29 as libc::c_long as uint64_t, - 0x3617de4a96262c6f as libc::c_long as uint64_t, + 0x7a431d7c90ea0e5f as libc::c_long as uint64_t, + 0xa60b1ce1d7e819d as libc::c_long as uint64_t, + 0xe9da3113b5f0b8c0 as libc::c_ulong, + 0xf8f41dbd289a147c as libc::c_ulong, + 0x5d9e98bf9292dc29 as libc::c_long as uint64_t, + 0x3617de4a96262c6f as libc::c_long as uint64_t, ], }; init }; static mut curve_n: [uint64_t; 6] = [ - 0xecec196accc52973 as libc::c_ulong, - 0x581a0db248b0a77a as libc::c_long as uint64_t, - 0xc7634d81f4372ddf as libc::c_ulong, - 0xffffffffffffffff as libc::c_ulong, - 0xffffffffffffffff as libc::c_ulong, - 0xffffffffffffffff as libc::c_ulong, + 0xecec196accc52973 as libc::c_ulong, + 0x581a0db248b0a77a as libc::c_long as uint64_t, + 0xc7634d81f4372ddf as libc::c_ulong, + 0xffffffffffffffff as libc::c_ulong, + 0xffffffffffffffff as libc::c_ulong, + 0xffffffffffffffff as libc::c_ulong, ]; unsafe fn getRandomNumber(mut p_vli: *mut uint64_t) -> libc::c_int { @@ -333,7 +342,7 @@ mod builtin { unsafe fn vli_testBit(mut p_vli: *mut uint64_t, mut p_bit: uint) -> uint64_t { return *p_vli.offset(p_bit.wrapping_div(64 as libc::c_int as libc::c_uint) as isize) - & (1 as libc::c_int as uint64_t) << p_bit.wrapping_rem(64 as libc::c_int as libc::c_uint); + & (1 as libc::c_int as uint64_t) << p_bit.wrapping_rem(64 as libc::c_int as libc::c_uint); } /* Counts the number of 64-bit "digits" in p_vli. */ @@ -363,9 +372,9 @@ mod builtin { i = i.wrapping_add(1) } return l_numDigits - .wrapping_sub(1 as libc::c_int as libc::c_uint) - .wrapping_mul(64 as libc::c_int as libc::c_uint) - .wrapping_add(i); + .wrapping_sub(1 as libc::c_int as libc::c_uint) + .wrapping_mul(64 as libc::c_int as libc::c_uint) + .wrapping_add(i); } /* Sets p_dest = p_src. */ @@ -433,8 +442,8 @@ mod builtin { i = 0 as libc::c_int as uint; while i < (48 as libc::c_int / 8 as libc::c_int) as libc::c_uint { let mut l_sum: uint64_t = (*p_left.offset(i as isize)) - .wrapping_add(*p_right.offset(i as isize)) - .wrapping_add(l_carry); + .wrapping_add(*p_right.offset(i as isize)) + .wrapping_add(l_carry); if l_sum != *p_left.offset(i as isize) { l_carry = (l_sum < *p_left.offset(i as isize)) as libc::c_int as uint64_t } @@ -451,8 +460,8 @@ mod builtin { i = 0 as libc::c_int as uint; while i < (48 as libc::c_int / 8 as libc::c_int) as libc::c_uint { let mut l_diff: uint64_t = (*p_left.offset(i as isize)) - .wrapping_sub(*p_right.offset(i as isize)) - .wrapping_sub(l_borrow); + .wrapping_sub(*p_right.offset(i as isize)) + .wrapping_sub(l_borrow); if l_diff != *p_left.offset(i as isize) { l_borrow = (l_diff > *p_left.offset(i as isize)) as libc::c_int as uint64_t } @@ -475,12 +484,12 @@ mod builtin { 0 as libc::c_int as libc::c_uint } else { k.wrapping_add(1 as libc::c_int as libc::c_uint) - .wrapping_sub((48 as libc::c_int / 8 as libc::c_int) as libc::c_uint) + .wrapping_sub((48 as libc::c_int / 8 as libc::c_int) as libc::c_uint) }; i = l_min; while i <= k && i < (48 as libc::c_int / 8 as libc::c_int) as libc::c_uint { let mut l_product: uint128_t = - (*p_left.offset(i as isize) as uint128_t).wrapping_mul(*p_right.offset(k.wrapping_sub(i) as isize) as u128); + (*p_left.offset(i as isize) as uint128_t).wrapping_mul(*p_right.offset(k.wrapping_sub(i) as isize) as u128); r01 = (r01 as u128).wrapping_add(l_product) as uint128_t as uint128_t; r2 = (r2 as libc::c_ulong).wrapping_add((r01 < l_product) as libc::c_int as libc::c_ulong) as uint64_t as uint64_t; i = i.wrapping_add(1) @@ -505,12 +514,12 @@ mod builtin { 0 as libc::c_int as libc::c_uint } else { k.wrapping_add(1 as libc::c_int as libc::c_uint) - .wrapping_sub((48 as libc::c_int / 8 as libc::c_int) as libc::c_uint) + .wrapping_sub((48 as libc::c_int / 8 as libc::c_int) as libc::c_uint) }; i = l_min; while i <= k && i <= k.wrapping_sub(i) { let mut l_product: uint128_t = - (*p_left.offset(i as isize) as uint128_t).wrapping_mul(*p_left.offset(k.wrapping_sub(i) as isize) as u128); + (*p_left.offset(i as isize) as uint128_t).wrapping_mul(*p_left.offset(k.wrapping_sub(i) as isize) as u128); if i < k.wrapping_sub(i) { r2 = (r2 as u128).wrapping_add(l_product >> 127 as libc::c_int) as uint64_t as uint64_t; l_product = (l_product as u128).wrapping_mul(2 as libc::c_int as u128) as uint128_t as uint128_t @@ -597,12 +606,17 @@ mod builtin { let mut i: uint = 0; /* p = c0 */ vli_clear(l_tmp.as_mut_ptr()); vli_clear(l_tmp.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize)); - omega_mult(l_tmp.as_mut_ptr(), p_product.offset((48 as libc::c_int / 8 as libc::c_int) as isize)); + omega_mult( + l_tmp.as_mut_ptr(), + p_product.offset((48 as libc::c_int / 8 as libc::c_int) as isize), + ); vli_clear(p_product.offset((48 as libc::c_int / 8 as libc::c_int) as isize)); /* (c1, c0) = c0 + w * c1 */ i = 0 as libc::c_int as uint; while i < (48 as libc::c_int / 8 as libc::c_int + 3 as libc::c_int) as libc::c_uint { - let mut l_sum: uint64_t = (*p_product.offset(i as isize)).wrapping_add(l_tmp[i as usize]).wrapping_add(l_carry); + let mut l_sum: uint64_t = (*p_product.offset(i as isize)) + .wrapping_add(l_tmp[i as usize]) + .wrapping_add(l_carry); if l_sum != *p_product.offset(i as isize) { l_carry = (l_sum < *p_product.offset(i as isize)) as libc::c_int as uint64_t } @@ -664,8 +678,8 @@ mod builtin { vli_rshift1(u.as_mut_ptr()); if l_carry != 0 { u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] = - (u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong - | 0x8000000000000000 as libc::c_ulonglong) as uint64_t + (u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong + | 0x8000000000000000 as libc::c_ulonglong) as uint64_t } } else if b[0 as libc::c_int as usize] & 1 as libc::c_int as libc::c_ulong == 0 { vli_rshift1(b.as_mut_ptr()); @@ -675,8 +689,8 @@ mod builtin { vli_rshift1(v.as_mut_ptr()); if l_carry != 0 { v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] = - (v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong - | 0x8000000000000000 as libc::c_ulonglong) as uint64_t + (v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong + | 0x8000000000000000 as libc::c_ulonglong) as uint64_t } } else if l_cmpResult > 0 as libc::c_int { vli_sub(a.as_mut_ptr(), a.as_mut_ptr(), b.as_mut_ptr()); @@ -691,8 +705,8 @@ mod builtin { vli_rshift1(u.as_mut_ptr()); if l_carry != 0 { u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] = - (u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong - | 0x8000000000000000 as libc::c_ulonglong) as uint64_t + (u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong + | 0x8000000000000000 as libc::c_ulonglong) as uint64_t } } else { vli_sub(b.as_mut_ptr(), b.as_mut_ptr(), a.as_mut_ptr()); @@ -707,8 +721,8 @@ mod builtin { vli_rshift1(v.as_mut_ptr()); if l_carry != 0 { v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] = - (v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong - | 0x8000000000000000 as libc::c_ulonglong) as uint64_t + (v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong + | 0x8000000000000000 as libc::c_ulonglong) as uint64_t } } } @@ -848,7 +862,12 @@ mod builtin { vli_set(X1, t7.as_mut_ptr()); } - unsafe fn EccPoint_mult(mut p_result: *mut EccPoint, mut p_point: *mut EccPoint, mut p_scalar: *mut uint64_t, mut p_initialZ: *mut uint64_t) { + unsafe fn EccPoint_mult( + mut p_result: *mut EccPoint, + mut p_point: *mut EccPoint, + mut p_scalar: *mut uint64_t, + mut p_initialZ: *mut uint64_t, + ) { /* R0 and R1 */ let mut Rx: [[uint64_t; 6]; 2] = std::mem::MaybeUninit::uninit().assume_init(); let mut Ry: [[uint64_t; 6]; 2] = std::mem::MaybeUninit::uninit().assume_init(); @@ -922,17 +941,17 @@ mod builtin { while i < (48 as libc::c_int / 8 as libc::c_int) as libc::c_uint { let mut p_digit: *const uint8_t = p_bytes.offset( (8 as libc::c_int as libc::c_uint) - .wrapping_mul(((48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as libc::c_uint).wrapping_sub(i)) - as isize, + .wrapping_mul(((48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as libc::c_uint).wrapping_sub(i)) + as isize, ); *p_native.offset(i as isize) = (*p_digit.offset(0 as libc::c_int as isize) as uint64_t) << 56 as libc::c_int - | (*p_digit.offset(1 as libc::c_int as isize) as uint64_t) << 48 as libc::c_int - | (*p_digit.offset(2 as libc::c_int as isize) as uint64_t) << 40 as libc::c_int - | (*p_digit.offset(3 as libc::c_int as isize) as uint64_t) << 32 as libc::c_int - | (*p_digit.offset(4 as libc::c_int as isize) as uint64_t) << 24 as libc::c_int - | (*p_digit.offset(5 as libc::c_int as isize) as uint64_t) << 16 as libc::c_int - | (*p_digit.offset(6 as libc::c_int as isize) as uint64_t) << 8 as libc::c_int - | *p_digit.offset(7 as libc::c_int as isize) as uint64_t; + | (*p_digit.offset(1 as libc::c_int as isize) as uint64_t) << 48 as libc::c_int + | (*p_digit.offset(2 as libc::c_int as isize) as uint64_t) << 40 as libc::c_int + | (*p_digit.offset(3 as libc::c_int as isize) as uint64_t) << 32 as libc::c_int + | (*p_digit.offset(4 as libc::c_int as isize) as uint64_t) << 24 as libc::c_int + | (*p_digit.offset(5 as libc::c_int as isize) as uint64_t) << 16 as libc::c_int + | (*p_digit.offset(6 as libc::c_int as isize) as uint64_t) << 8 as libc::c_int + | *p_digit.offset(7 as libc::c_int as isize) as uint64_t; i = i.wrapping_add(1) } } @@ -943,8 +962,8 @@ mod builtin { while i < (48 as libc::c_int / 8 as libc::c_int) as libc::c_uint { let mut p_digit: *mut uint8_t = p_bytes.offset( (8 as libc::c_int as libc::c_uint) - .wrapping_mul(((48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as libc::c_uint).wrapping_sub(i)) - as isize, + .wrapping_mul(((48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as libc::c_uint).wrapping_sub(i)) + as isize, ); *p_digit.offset(0 as libc::c_int as isize) = (*p_native.offset(i as isize) >> 56 as libc::c_int) as uint8_t; *p_digit.offset(1 as libc::c_int as isize) = (*p_native.offset(i as isize) >> 48 as libc::c_int) as uint8_t; @@ -997,7 +1016,7 @@ mod builtin { ); mod_sqrt((*p_point).y.as_mut_ptr()); if (*p_point).y[0 as libc::c_int as usize] & 0x1 as libc::c_int as libc::c_ulong - != (*p_compressed.offset(0 as libc::c_int as isize) as libc::c_int & 0x1 as libc::c_int) as libc::c_ulong + != (*p_compressed.offset(0 as libc::c_int as isize) as libc::c_int & 0x1 as libc::c_int) as libc::c_ulong { vli_sub((*p_point).y.as_mut_ptr(), curve_p.as_mut_ptr(), (*p_point).y.as_mut_ptr()); }; @@ -1027,12 +1046,20 @@ mod builtin { } } ecc_native2bytes(p_privateKey, l_private.as_mut_ptr() as *const uint64_t); - ecc_native2bytes(p_publicKey.offset(1 as libc::c_int as isize), l_public.x.as_mut_ptr() as *const uint64_t); - *p_publicKey.offset(0 as libc::c_int as isize) = - (2 as libc::c_int as libc::c_ulong).wrapping_add(l_public.y[0 as libc::c_int as usize] & 0x1 as libc::c_int as libc::c_ulong) as uint8_t; + ecc_native2bytes( + p_publicKey.offset(1 as libc::c_int as isize), + l_public.x.as_mut_ptr() as *const uint64_t, + ); + *p_publicKey.offset(0 as libc::c_int as isize) = (2 as libc::c_int as libc::c_ulong) + .wrapping_add(l_public.y[0 as libc::c_int as usize] & 0x1 as libc::c_int as libc::c_ulong) + as uint8_t; return 1 as libc::c_int; } - pub unsafe fn ecdh_shared_secret(mut p_publicKey: *const uint8_t, mut p_privateKey: *const uint8_t, mut p_secret: *mut uint8_t) -> libc::c_int { + pub unsafe fn ecdh_shared_secret( + mut p_publicKey: *const uint8_t, + mut p_privateKey: *const uint8_t, + mut p_secret: *mut uint8_t, + ) -> libc::c_int { let mut l_public: EccPoint = std::mem::MaybeUninit::uninit().assume_init(); let mut l_private: [uint64_t; 6] = std::mem::MaybeUninit::uninit().assume_init(); let mut l_random: [uint64_t; 6] = std::mem::MaybeUninit::uninit().assume_init(); @@ -1059,8 +1086,9 @@ mod builtin { vli_mult(l_product.as_mut_ptr(), p_left, p_right); l_productBits = vli_numBits(l_product.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize)); if l_productBits != 0 { - l_productBits = (l_productBits as libc::c_uint).wrapping_add((48 as libc::c_int / 8 as libc::c_int * 64 as libc::c_int) as libc::c_uint) - as uint as uint + l_productBits = (l_productBits as libc::c_uint) + .wrapping_add((48 as libc::c_int / 8 as libc::c_int * 64 as libc::c_int) as libc::c_uint) + as uint as uint } else { l_productBits = vli_numBits(l_product.as_mut_ptr()) } @@ -1073,11 +1101,15 @@ mod builtin { power of two possible while still resulting in a number less than p_left. */ vli_clear(l_modMultiple.as_mut_ptr()); vli_clear(l_modMultiple.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize)); - l_digitShift = l_productBits.wrapping_sub(l_modBits).wrapping_div(64 as libc::c_int as libc::c_uint); - l_bitShift = l_productBits.wrapping_sub(l_modBits).wrapping_rem(64 as libc::c_int as libc::c_uint); + l_digitShift = l_productBits + .wrapping_sub(l_modBits) + .wrapping_div(64 as libc::c_int as libc::c_uint); + l_bitShift = l_productBits + .wrapping_sub(l_modBits) + .wrapping_rem(64 as libc::c_int as libc::c_uint); if l_bitShift != 0 { l_modMultiple[l_digitShift.wrapping_add((48 as libc::c_int / 8 as libc::c_int) as libc::c_uint) as usize] = - vli_lshift(l_modMultiple.as_mut_ptr().offset(l_digitShift as isize), p_mod, l_bitShift) + vli_lshift(l_modMultiple.as_mut_ptr().offset(l_digitShift as isize), p_mod, l_bitShift) } else { vli_set(l_modMultiple.as_mut_ptr().offset(l_digitShift as isize), p_mod); } @@ -1085,14 +1117,14 @@ mod builtin { vli_clear(p_result); /* Use p_result as a temp var to store 1 (for subtraction) */ *p_result.offset(0 as libc::c_int as isize) = 1 as libc::c_int as uint64_t; while l_productBits > (48 as libc::c_int / 8 as libc::c_int * 64 as libc::c_int) as libc::c_uint - || vli_cmp(l_modMultiple.as_mut_ptr(), p_mod) >= 0 as libc::c_int + || vli_cmp(l_modMultiple.as_mut_ptr(), p_mod) >= 0 as libc::c_int { let mut l_cmp: libc::c_int = vli_cmp( l_modMultiple.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize), l_product.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize), ); if l_cmp < 0 as libc::c_int - || l_cmp == 0 as libc::c_int && vli_cmp(l_modMultiple.as_mut_ptr(), l_product.as_mut_ptr()) <= 0 as libc::c_int + || l_cmp == 0 as libc::c_int && vli_cmp(l_modMultiple.as_mut_ptr(), l_product.as_mut_ptr()) <= 0 as libc::c_int { if vli_sub(l_product.as_mut_ptr(), l_product.as_mut_ptr(), l_modMultiple.as_mut_ptr()) != 0 { /* borrow */ @@ -1109,7 +1141,7 @@ mod builtin { ); } let mut l_carry: uint64_t = - (l_modMultiple[(48 as libc::c_int / 8 as libc::c_int) as usize] & 0x1 as libc::c_int as libc::c_ulong) << 63 as libc::c_int; + (l_modMultiple[(48 as libc::c_int / 8 as libc::c_int) as usize] & 0x1 as libc::c_int as libc::c_ulong) << 63 as libc::c_int; vli_rshift1(l_modMultiple.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize)); vli_rshift1(l_modMultiple.as_mut_ptr()); l_modMultiple[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] |= l_carry; @@ -1161,7 +1193,11 @@ mod builtin { ecc_native2bytes(p_signature.offset(48 as libc::c_int as isize), l_s.as_mut_ptr() as *const uint64_t); return 1 as libc::c_int; } - pub unsafe fn ecdsa_verify(mut p_publicKey: *const uint8_t, mut p_hash: *const uint8_t, mut p_signature: *const uint8_t) -> libc::c_int { + pub unsafe fn ecdsa_verify( + mut p_publicKey: *const uint8_t, + mut p_hash: *const uint8_t, + mut p_signature: *const uint8_t, + ) -> libc::c_int { let mut u1: [uint64_t; 6] = std::mem::MaybeUninit::uninit().assume_init(); let mut u2: [uint64_t; 6] = std::mem::MaybeUninit::uninit().assume_init(); let mut z: [uint64_t; 6] = std::mem::MaybeUninit::uninit().assume_init(); @@ -1181,7 +1217,8 @@ mod builtin { /* r, s must not be 0. */ return 0 as libc::c_int; } - if vli_cmp(curve_n.as_mut_ptr(), l_r.as_mut_ptr()) != 1 as libc::c_int || vli_cmp(curve_n.as_mut_ptr(), l_s.as_mut_ptr()) != 1 as libc::c_int + if vli_cmp(curve_n.as_mut_ptr(), l_r.as_mut_ptr()) != 1 as libc::c_int + || vli_cmp(curve_n.as_mut_ptr(), l_s.as_mut_ptr()) != 1 as libc::c_int { /* r, s must be < n. */ return 0 as libc::c_int; @@ -1203,10 +1240,10 @@ mod builtin { /* Use Shamir's trick to calculate u1*G + u2*Q */ let mut l_points: [*mut EccPoint; 4] = [0 as *mut EccPoint, &mut curve_G, &mut l_public, &mut l_sum]; /* Z = x2 - x1 */ let mut l_numBits: uint = umax(vli_numBits(u1.as_mut_ptr()), vli_numBits(u2.as_mut_ptr())); /* Z = 1/Z */ - let mut l_point: *mut EccPoint = l_points[((vli_testBit(u1.as_mut_ptr(), l_numBits.wrapping_sub(1 as libc::c_int as libc::c_uint)) != 0) - as libc::c_int - | ((vli_testBit(u2.as_mut_ptr(), l_numBits.wrapping_sub(1 as libc::c_int as libc::c_uint)) != 0) as libc::c_int) << 1 as libc::c_int) - as usize]; + let mut l_point: *mut EccPoint = l_points[((vli_testBit(u1.as_mut_ptr(), l_numBits.wrapping_sub(1 as libc::c_int as libc::c_uint)) + != 0) as libc::c_int + | ((vli_testBit(u2.as_mut_ptr(), l_numBits.wrapping_sub(1 as libc::c_int as libc::c_uint)) != 0) as libc::c_int) + << 1 as libc::c_int) as usize]; vli_set(rx.as_mut_ptr(), (*l_point).x.as_mut_ptr()); vli_set(ry.as_mut_ptr(), (*l_point).y.as_mut_ptr()); vli_clear(z.as_mut_ptr()); @@ -1216,7 +1253,7 @@ mod builtin { while i >= 0 as libc::c_int { EccPoint_double_jacobian(rx.as_mut_ptr(), ry.as_mut_ptr(), z.as_mut_ptr()); let mut l_index: libc::c_int = (vli_testBit(u1.as_mut_ptr(), i as uint) != 0) as libc::c_int - | ((vli_testBit(u2.as_mut_ptr(), i as uint) != 0) as libc::c_int) << 1 as libc::c_int; + | ((vli_testBit(u2.as_mut_ptr(), i as uint) != 0) as libc::c_int) << 1 as libc::c_int; let mut l_point_0: *mut EccPoint = l_points[l_index as usize]; if !l_point_0.is_null() { vli_set(tx.as_mut_ptr(), (*l_point_0).x.as_mut_ptr()); @@ -1326,10 +1363,11 @@ pub use openssl_based::*; #[cfg(test)] mod tests { - use crate::{p384::P384KeyPair, secure_eq}; + use crate::{p384::P384KeyPair, secure_eq, init}; #[test] fn generate_sign_verify_agree() { + init(); let kp = P384KeyPair::generate(); let kp2 = P384KeyPair::generate(); @@ -1347,7 +1385,16 @@ mod tests { panic!("ECDH secrets do not match"); } - let kp3 = P384KeyPair::from_bytes(kp.public_key_bytes(), kp.secret_key_bytes().as_ref()).unwrap(); + let pkb = kp.public_key_bytes(); + let skb = kp.secret_key_bytes(); + let kp3 = P384KeyPair::from_bytes(pkb, skb.as_ref()).unwrap(); + + let pkb3 = kp3.public_key_bytes(); + let skb3 = kp3.secret_key_bytes(); + + assert_eq!(pkb, pkb3); + assert_eq!(skb.as_bytes(), skb3.as_bytes()); + let sig = kp3.sign(&[3_u8; 16]); if !kp.public_key().verify(&[3_u8; 16], &sig) { panic!("ECDSA verify failed (from key reconstructed from bytes)"); diff --git a/crypto/src/poly1305.rs b/crypto/src/poly1305.rs index b49183ab0..b34da874c 100644 --- a/crypto/src/poly1305.rs +++ b/crypto/src/poly1305.rs @@ -20,12 +20,12 @@ mod tests { use crate::poly1305::*; const TV0_INPUT: [u8; 32] = [ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ]; const TV0_KEY: [u8; 32] = [ - 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x33, 0x32, 0x2d, 0x62, 0x79, 0x74, 0x65, 0x20, 0x6b, 0x65, 0x79, 0x20, 0x66, 0x6f, 0x72, - 0x20, 0x50, 0x6f, 0x6c, 0x79, 0x31, 0x33, 0x30, 0x35, + 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x33, 0x32, 0x2d, 0x62, 0x79, 0x74, 0x65, 0x20, 0x6b, 0x65, 0x79, 0x20, 0x66, 0x6f, + 0x72, 0x20, 0x50, 0x6f, 0x6c, 0x79, 0x31, 0x33, 0x30, 0x35, ]; const TV0_TAG: [u8; 16] = [ 0x49, 0xec, 0x78, 0x09, 0x0e, 0x48, 0x1e, 0xc6, 0xc2, 0x6b, 0x33, 0xb9, 0x1c, 0xcc, 0x03, 0x07, @@ -33,8 +33,8 @@ mod tests { const TV1_INPUT: [u8; 12] = [0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x20, 0x77, 0x6f, 0x72, 0x6c, 0x64, 0x21]; const TV1_KEY: [u8; 32] = [ - 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x33, 0x32, 0x2d, 0x62, 0x79, 0x74, 0x65, 0x20, 0x6b, 0x65, 0x79, 0x20, 0x66, 0x6f, 0x72, - 0x20, 0x50, 0x6f, 0x6c, 0x79, 0x31, 0x33, 0x30, 0x35, + 0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x33, 0x32, 0x2d, 0x62, 0x79, 0x74, 0x65, 0x20, 0x6b, 0x65, 0x79, 0x20, 0x66, 0x6f, + 0x72, 0x20, 0x50, 0x6f, 0x6c, 0x79, 0x31, 0x33, 0x30, 0x35, ]; const TV1_TAG: [u8; 16] = [ 0xa6, 0xf7, 0x45, 0x00, 0x8f, 0x81, 0xc9, 0x16, 0xa2, 0x0d, 0xcc, 0x74, 0xee, 0xf2, 0xb2, 0xf0, diff --git a/crypto/src/random.rs b/crypto/src/random.rs index 37cdfa19f..e2078d288 100644 --- a/crypto/src/random.rs +++ b/crypto/src/random.rs @@ -1,13 +1,23 @@ -// (c) 2020-2022 ZeroTier, Inc. -- currently proprietary pending actual release and licensing. See LICENSE.md. use std::sync::atomic::{AtomicU64, Ordering}; -use openssl::rand::rand_bytes; +use libc::c_int; + +use crate::error::{ErrorStack, cvt}; + +/// Fill buffer with cryptographically strong pseudo-random bytes. +fn rand_bytes(buf: &mut [u8]) -> Result<(), ErrorStack> { + unsafe { + assert!(buf.len() <= c_int::max_value() as usize); + cvt(ffi::RAND_bytes(buf.as_mut_ptr(), buf.len() as c_int)).map(|_| ()) + } +} + pub fn next_u32_secure() -> u32 { unsafe { let mut tmp = [0u32; 1]; - assert!(rand_bytes(&mut *(tmp.as_mut_ptr().cast::<[u8; 4]>())).is_ok()); + rand_bytes(&mut *(tmp.as_mut_ptr().cast::<[u8; 4]>())).unwrap(); tmp[0] } } @@ -15,7 +25,7 @@ pub fn next_u32_secure() -> u32 { pub fn next_u64_secure() -> u64 { unsafe { let mut tmp = [0u64; 1]; - assert!(rand_bytes(&mut *(tmp.as_mut_ptr().cast::<[u8; 8]>())).is_ok()); + rand_bytes(&mut *(tmp.as_mut_ptr().cast::<[u8; 8]>())).unwrap(); tmp[0] } } @@ -23,20 +33,20 @@ pub fn next_u64_secure() -> u64 { pub fn next_u128_secure() -> u128 { unsafe { let mut tmp = [0u128; 1]; - assert!(rand_bytes(&mut *(tmp.as_mut_ptr().cast::<[u8; 16]>())).is_ok()); + rand_bytes(&mut *(tmp.as_mut_ptr().cast::<[u8; 16]>())).unwrap(); tmp[0] } } #[inline(always)] pub fn fill_bytes_secure(dest: &mut [u8]) { - assert!(rand_bytes(dest).is_ok()); + rand_bytes(dest).unwrap(); } #[inline(always)] pub fn get_bytes_secure() -> [u8; COUNT] { let mut tmp = [0u8; COUNT]; - assert!(rand_bytes(&mut tmp).is_ok()); + rand_bytes(&mut tmp).unwrap(); tmp } @@ -79,9 +89,8 @@ impl rand_core::RngCore for SecureRandom { } } -impl rand_core::CryptoRng for SecureRandom {} - -impl rand_core_062::RngCore for SecureRandom { +/// ed25519-dalek still uses rand_core 0.5.1, and that version is incompatible with 0.6.4, so we need to import and implement both. +impl rand_core_051::RngCore for SecureRandom { #[inline(always)] fn next_u32(&mut self) -> u32 { next_u32_secure() @@ -98,13 +107,14 @@ impl rand_core_062::RngCore for SecureRandom { } #[inline(always)] - fn try_fill_bytes(&mut self, dest: &mut [u8]) -> Result<(), rand_core_062::Error> { + fn try_fill_bytes(&mut self, dest: &mut [u8]) -> Result<(), rand_core_051::Error> { fill_bytes_secure(dest); Ok(()) } } -impl rand_core_062::CryptoRng for SecureRandom {} +impl rand_core::CryptoRng for SecureRandom {} +impl rand_core_051::CryptoRng for SecureRandom {} unsafe impl Sync for SecureRandom {} unsafe impl Send for SecureRandom {} diff --git a/crypto/src/salsa.rs b/crypto/src/salsa.rs index 7c1f79b30..0711ba07c 100644 --- a/crypto/src/salsa.rs +++ b/crypto/src/salsa.rs @@ -242,14 +242,14 @@ mod tests { use crate::salsa::*; const SALSA_20_TV0_KEY: [u8; 32] = [ - 0x0f, 0x62, 0xb5, 0x08, 0x5b, 0xae, 0x01, 0x54, 0xa7, 0xfa, 0x4d, 0xa0, 0xf3, 0x46, 0x99, 0xec, 0x3f, 0x92, 0xe5, 0x38, 0x8b, 0xde, 0x31, - 0x84, 0xd7, 0x2a, 0x7d, 0xd0, 0x23, 0x76, 0xc9, 0x1c, + 0x0f, 0x62, 0xb5, 0x08, 0x5b, 0xae, 0x01, 0x54, 0xa7, 0xfa, 0x4d, 0xa0, 0xf3, 0x46, 0x99, 0xec, 0x3f, 0x92, 0xe5, 0x38, 0x8b, 0xde, + 0x31, 0x84, 0xd7, 0x2a, 0x7d, 0xd0, 0x23, 0x76, 0xc9, 0x1c, ]; const SALSA_20_TV0_IV: [u8; 8] = [0x28, 0x8f, 0xf6, 0x5d, 0xc4, 0x2b, 0x92, 0xf9]; const SALSA_20_TV0_KS: [u8; 64] = [ - 0x5e, 0x5e, 0x71, 0xf9, 0x01, 0x99, 0x34, 0x03, 0x04, 0xab, 0xb2, 0x2a, 0x37, 0xb6, 0x62, 0x5b, 0xf8, 0x83, 0xfb, 0x89, 0xce, 0x3b, 0x21, - 0xf5, 0x4a, 0x10, 0xb8, 0x10, 0x66, 0xef, 0x87, 0xda, 0x30, 0xb7, 0x76, 0x99, 0xaa, 0x73, 0x79, 0xda, 0x59, 0x5c, 0x77, 0xdd, 0x59, 0x54, - 0x2d, 0xa2, 0x08, 0xe5, 0x95, 0x4f, 0x89, 0xe4, 0x0e, 0xb7, 0xaa, 0x80, 0xa8, 0x4a, 0x61, 0x76, 0x66, 0x3f, + 0x5e, 0x5e, 0x71, 0xf9, 0x01, 0x99, 0x34, 0x03, 0x04, 0xab, 0xb2, 0x2a, 0x37, 0xb6, 0x62, 0x5b, 0xf8, 0x83, 0xfb, 0x89, 0xce, 0x3b, + 0x21, 0xf5, 0x4a, 0x10, 0xb8, 0x10, 0x66, 0xef, 0x87, 0xda, 0x30, 0xb7, 0x76, 0x99, 0xaa, 0x73, 0x79, 0xda, 0x59, 0x5c, 0x77, 0xdd, + 0x59, 0x54, 0x2d, 0xa2, 0x08, 0xe5, 0x95, 0x4f, 0x89, 0xe4, 0x0e, 0xb7, 0xaa, 0x80, 0xa8, 0x4a, 0x61, 0x76, 0x66, 0x3f, ]; #[test] diff --git a/crypto/src/secret.rs b/crypto/src/secret.rs index 8705f37cf..79c3727b2 100644 --- a/crypto/src/secret.rs +++ b/crypto/src/secret.rs @@ -1,6 +1,6 @@ // (c) 2020-2022 ZeroTier, Inc. -- currently proprietary pending actual release and licensing. See LICENSE.md. -use std::ffi::c_void; +use std::{ffi::c_void, convert::TryInto}; extern "C" { fn OPENSSL_cleanse(ptr: *mut c_void, len: usize); @@ -26,16 +26,32 @@ impl Secret { Self([0_u8; L]) } - /// Copy bytes into secret, will panic if the slice does not match the size of this secret. + /// Moves bytes into secret, will panic if the slice does not match the size of this secret. #[inline(always)] - pub fn from_bytes(b: &[u8]) -> Self { - Self(b.try_into().unwrap()) + pub fn move_bytes(b: [u8; L]) -> Self { + Self(b) + } + + /// Copy bytes into secret, then nuke the previous value, will panic if the slice does not match the size of this secret. + #[inline(always)] + pub fn from_bytes_then_nuke(b: &mut [u8]) -> Self { + let ret = Self (b.try_into().unwrap()); + unsafe { OPENSSL_cleanse(b.as_mut_ptr().cast(), L) }; + ret + } + #[inline(always)] + pub unsafe fn from_bytes(b: &[u8]) -> Self { + Self (b.try_into().unwrap()) } #[inline(always)] pub fn as_bytes(&self) -> &[u8; L] { &self.0 } + #[inline(always)] + pub fn as_ptr(&self) -> *const u8 { + self.0.as_ptr() + } #[inline(always)] pub fn as_bytes_mut(&mut self) -> &mut [u8; L] { @@ -60,7 +76,7 @@ impl Secret { /// This can be used to force a secret to be forgotten under e.g. key lifetime exceeded or error conditions. #[inline(always)] pub fn nuke(&self) { - unsafe { OPENSSL_cleanse(std::mem::transmute(self.0.as_ptr().cast::()), L) }; + unsafe { OPENSSL_cleanse(self.0.as_ptr().cast_mut().cast(), L) }; } } diff --git a/openssl-sys/CHANGELOG.md b/openssl-sys/CHANGELOG.md new file mode 100644 index 000000000..1bf8690db --- /dev/null +++ b/openssl-sys/CHANGELOG.md @@ -0,0 +1,411 @@ +# Change Log + +## [Unreleased] + +## [v0.9.80] - 2022-12-20 + +### Fixed + +* Added `NO_DEPRECATED_3_0` cfg checks for more APIs. + +### Added + +* Added support for LibreSSL 3.7.0. +* Added `SSL_CTRL_CHAIN_CERT` and `SSL_add0_chain_cert`. +* Added `EVP_PKEY_get_security_bits` and `EVP_PKEY_security_bits`. +* Added `OSSL_PROVIDER_set_default_search_path`. + +## [v0.9.79] - 2022-12-06 + +### Added + +* Added `EVP_CIPHER_CTX_num`. +* Added `X509_LOOKUP_file` and `X509_load_cert_file`. + +## [v0.9.78] - 2022-11-23 + +### Added + +* Added support for LibreSSL 3.6.x. +* Added `NID_brainpoolP256r1`, `NID_brainpoolP384r1`, and `NID_brainpool512r1`. +* Added `EVP_camellia_128_cfb128`, `EVP_camellia_128_ecb`, `EVP_camellia_192_cfb128`, `EVP_camellia_192_ecb`, + `EVP_camellia_256_cfb128`, and `EVP_camellia_256_ecb`. +* Added `EVP_cast5_cfb64` and `EVP_cast5_ecb`. +* Added `EVP_idea_cfb64` and `EVP_idea_ecb`. +* Added `DSA_SIG`, `d2i_DSA_SIG`, `i2d_DSA_SIG`, `DSA_SIG_new`, `DSA_SIG_free`, `DSA_SIG_get0`, and `DSA_SIG_set0`. +* Added `X509_STORE_set1_param`, `X509_VERIFY_PARAM_new`, `X509_VERIFY_PARAM_set_time`, and + `X509_VERIFY_PARAM_set_depth`. + +## [v0.9.77] - 2022-10-22 + +### Added + +* Added support for LibreSSL 3.6.0 +* Added `assume_init`. + +## [v0.9.76] - 2022-09-26 + +### Added + +* Added `SSL_get_psk_identity_hint` and `SSL_get_psk_identity`. +* Added SHA-3 NID constants. +* Added `SSL_OP_PRIORITIZE_CHACHA`. +* Added `X509_REQ_print`. +* Added `EVP_MD_CTX_size` and `EVP_MD_CTX_get_size` +* Added `EVP_MD_CTX_reset`. +* Added experimental, unstable support for BoringSSL. + +### Fixed + +* Fixed the deprecation note on `SSL_CTX_set_alpn_select_cb`. + +## [v0.9.75] - 2022-07-09 + +### Added + +* Added SM4 bindings. +* Added `EC_GROUP_set_generator` and `EC_POINT_set_affine_coordinates_GFp`. + +## [v0.9.74] - 2022-06-01 + +### Added + +* Added `EVP_MD_block_size`. +* Added `X509V3_EXT_add_alias`. +* Added `X509_V_ERR_INVALID_CA` back when building against OpenSSL 3.0. + +## [v0.9.73] - 2022-05-02 + +### Added + +* Added support for installations that place libraries in `$OPENSSL_DIR/lib64` in addition to `$OPENSSL_DIR/lib`. +* Added `X509_issuer_name_hash`. +* Added `ASN1_string_set`. +* Added `X509_CRL_dup`, `X509_REQ_dup`, `X509_NAME_dup`, and `X509_dup`. +* Added `X509_print`. +* Added support for LibreSSL 3.5.x. + +## [v0.9.72] - 2021-12-11 + +### Changed + +* Temporarily downgraded the vendored OpenSSL back to 1.1.1 due to significant performance regressions. We will move + back to 3.0.0 when a future release resolves those issues. + +### Added + +* Added `PKCS12_set_mac`. +* Added `EVP_PKEY_sign_init`, `EVP_PKEY_sign`, `EVP_PKEY_verify_init`, and `EVP_PKEY_verify`. +* Added support for LibreSSL 3.4.x. + +## [v0.9.71] + +### Fixed + +* Fixed linkage to static OpenSSL 3.0.0 libraries on some 32 bit Android targets. + +### Added + +* Added support for LibreSSL 3.4.1. +* Added `SSL_get_extms_support` and `SSL_CTRL_GET_EXTMS_SUPPORT`. +* Added `OBJ_create`. +* Added `EVP_CIPHER_CTX_get0_cipher`, `EVP_CIPHER_CTX_get_block_size`, `EVP_CIPHER_CTX_get_key_length`, + `EVP_CIPHER_CTX_get_iv_length`, and `EVP_CIPHER_CTX_get_tag_length`. +* Added `EVP_CIPHER_free`. +* Added `EVP_CIPHER_CTX_rand_key`. +* Added `OSSL_LIB_CTX_new` and `OSSL_LIB_CTX_free`. +* Added `EVP_CIPHER_fetch`. +* Added `EVP_MD_fetch` and `EVP_MD_free`. +* Added `OPENSSL_malloc` and `OPENSSL_free`. +* Added `EVP_DigestSignUpdate` and `EVP_DigestVerifyUpdate`. + +## [v0.9.70] - 2021-10-31 + +### Fixed + +* Fixed linkage to static 3.0.0 OpenSSL libraries on some 32 bit architectures. + +## [v0.9.69] - 2021-10-31 + +### Changed + +* Upgraded the vendored OpenSSL to 3.0.0. + +### Added + +* Added support for automatic detection of Homebrew `openssl@3` installs. +* Added `EVP_PKEY_Q_keygen` and `EVP_EC_gen`. + +## [v0.9.68] - 2021-10-27 + +### Added + +* Added `BN_bn2binpad`. +* Added `i2d_X509_NAME` and `d2i_X509_NAME`. +* Added `BN_FLG_MALLOCED`, `BN_FLG_STATIC_DATA`, `BN_FLG_CONSTTIME`, and `BN_FLG_SECURE`. +* Added `BN_CTX_secure_new`, `BN_secure_new`, `BN_set_flags`, and `BN_get_flags`. + +## [v0.9.67] - 2021-09-21 + +### Added + +* Added support for LibreSSL 3.4.0 + +## [v0.9.66] - 2021-08-17 + +### Added + +* Added `EVP_seed_cbc`, `EVP_seed_cfb128`, `EVP_seed_ecb`, and `EVP_seed_ofb`. +* Added `OBJ_length` and `OBJ_get0_data`. +* Added `i2d_PKCS8PrivateKey_bio`. + +## [v0.9.65] - 2021-06-21 + +### Fixed + +* Restored the accidentally deleted `PEM_read_bio_X509_CRL` function. + +## [v0.9.64] - 2021-06-18 + +### Added + +* Added support for OpenSSL 3.x.x. +* Added `SSL_peek`. +* Added `ERR_LIB_ASN1` and `ASN1_R_HEADER_TOO_LONG`. +* Added `d2i_X509_bio`. +* Added `OBJ_nid2obj`. +* Added `RAND_add`. +* Added `SSL_CTX_set_post_handshake_auth`. +* Added `COMP_get_type`. +* Added `X509_get_default_cert_file_env`, `X509_get_default_cert_file`, `X509_get_default_cert_dir_env`, and + `X509_get_default_cirt_dir`. + +## [v0.9.63] - 2021-05-06 + +### Added + +* Added support for LibreSSL 3.3.x. + +## [v0.9.62] - 2021-04-28 + +### Added + +* Added support for LibreSSL 3.3.2. +* Added `DH_set0_key`. +* Added `EC_POINT_get_affine_coordinates`. + +## [v0.9.61] - 2021-03-13 + +### Added + +* Added support for automatic detection of OpenSSL installations via pkgsrc and MacPorts on macOS. +* Added various `V_ASN1_*` constants. +* Added `DH_generate_parameters_ex`. +* Added `EC_POINT_is_at_infinity` and `EC_POINT_is_on_curve`. +* Added `EVP_CIPHER_nid`. +* Added `EVP_sm3`. +* Added `NID_*` constants related to SM3. +* Added `PKCS7_get0_signers`. +* Added `EVP_PKEY_CTX_set0_rsa_oaep_label`. +* Added `ACCESS_DESCRIPTION` and `ACCESS_DESCRIPTION_free`. + +## [v0.9.60] - 2020-12-24 + +### Added + +* Added support for the default Homebrew install directory on ARM. +* Added `EVP_PKEY_CTX_set_rsa_oaep_md` and `EVP_PKEY_CTRL_RSA_OAEP_MD`. + +## [v0.9.59] - 2020-12-09 + +### Added + +* Added support for LibreSSL 3.2.x, 3.3.0, and 3.3.1. +* Added `DH_generate_parameters`, `DH_generate_key`, `DH_compute_key`, and `DH_size`. +* Added `NID_X25519`, `NID_X448`, `EVP_PKEY_x25519` and `EVP_PKEY_x448`. +* Added `OBJ_txt2obj`. +* Added `d2i_PKCS7` and `i2d_PKCS7`. +* Added `SRTP_AEAD_AES_128_GCM` and `SRTP_AEAD_AES_256_GCM`. + +## [v0.9.58] - 2020-06-05 + +### Added + +* Added `SSL_set_mtu`. +* Added support for LibreSSL 3.2.0. +* Added `PEM_read_bio_EC_PUBKEY`, `PEM_write_bio_EC_PUBKEY`, `d2i_EC_PUBKEY`, and `i2d_EC_PUBKEY`. +* Added `EVP_PKEY_encrypt_init`, `EVP_PKEY_encrypt`, `EVP_PKEY_decrypt_init`, `EVP_PKEY_decrypt`, + `EVP_PKEY_get_raw_public_key`, `EVP_PKEY_new_raw_public_key`, `EVP_PKEY_get_raw_private_key`, + and `EVP_PKEY_new_raw_private_key`. +* Added `OBJ_sn2nid`. + +## [v0.9.57] - 2020-05-24 + +### Added + +* Added support for LibreSSL 3.1.x. + +## [v0.9.56] - 2020-05-07 + +### Fixed + +* Fixed vendored builds on windows-gnu targets. + +### Added + +* Added support for LibreSSL 3.0.0. + +## [v0.9.55] - 2020-04-07 + +### Fixed + +* Fixed windows-msvc library names when using OpenSSL from vcpkg. + +### Added + +* If the `OPENSSL_NO_VENDOR` environment variable is set, vendoring will not be used even if enabled. +* Added `SSL_CTX_get_verify_mode` and `SSL_get_verify_mode`. +* Added `SSL_is_init_finished`. +* Added `SSL_CTX_set_cert_store`. +* Added `TLS_server_method` and `TLS_client_method`. +* Added `X509_STORE_get0_objects`. +* Added `X509_OBJECT_free`, `X509_OBJECT_get_type`, and `X509_OBJECT_get0_X509`. + +## [v0.9.54] - 2020-01-29 + +### Added + +* Added `BIO_CTRL_DGRAM_QUERY_MTU`. +* Added `EVP_EncryptInit_ex`, `EVP_EncryptFinal_ex`, `EVP_DecryptInit_ex`, and `EVP_DecryptFinal_ex`. +* Added `EVP_md_null`. +* Added `EVP_PKCS82PKEY`. +* Added `PKCS8_PRIV_KEY_INFO`, `d2i_PKCS8_PRIV_KEY_INFO`, and `PKCS8_PRIV_KEY_INFO_free`. +* Added `SSL_OP_NO_RENEGOTIATION`. + +## [v0.9.53] - 2019-11-22 + +### Added + +* Added `ASN1_TIME_diff`. +* Added `EC_GROUP_order_bits`. +* Added `EVP_EncodeBlock` and `EVP_DecodeBlock`. +* Added `SSL_CTRL_SET_GROUPS_LIST`, `SSL_CTRL_SET_SIGALGS_LIST`, `SSL_CTX_set1_groups_list`, and + `SSL_CTX_set1_sigalgs_list`. +* Added `Clone` implementations to `SHA_CTX`, `SHA256_CTX`, and `SHA512_CTX`. + +## [v0.9.52] - 2019-10-19 + +### Added + +* Added support for LibreSSL 3.0.x. + +## [v0.9.51] - 2019-10-02 + +### Added + +* Added support for LibreSSL 3.0.1. + +## [v0.9.50] - 2019-10-02 + +### Added + +* Added `CRYPTO_LOCK_EVP_PKEY`. +* Added `EVP_PKEY_ED25519` and `EVP_PKEY_ED448`. +* Added `EVP_DigestSign` and `EVP_DigestVerify`. +* Added `EVP_PKEY_up_ref`. +* Added `NID_ED25519` and `NID_ED448`. + +## [v0.9.49] - 2019-08-15 + +### Added + +* Added support for LibreSSL 3.0.0. + +## [v0.9.48] - 2019-07-19 + +### Added + +* Added `AES_wrap_key` and `AES_unwrap_key`. +* Added `EC_GROUP_get_cofactor`, `EC_GROUP_get0_generator`, and `EC_POINT_dup`. +* Added `EVP_aes_128_ofb`, `EVP_aes_192_ecb`, `EVP_aes_192_cbc`, `EVP_aes_192_cfb1`, `EVP_aes_192_cfb8`, + `EVP_aes_192_cfb_128`, `EVP_aes_192_ctr`, `EVP_aes_192_ccm`, `EVP_aes_192_gcm`, `EVP_aes_192_ofb`, and + `EVP_aes_256_ofb`. +* Added `PEM_read_bio_CMS` and `PEM_write_bio_CMS`. + +## [v0.9.47] - 2019-05-18 + +### Added + +* Added `SSL_CTX_add_client_CA`. + +## [v0.9.46] - 2019-05-08 + +### Added + +* Added support for the LibreSSL 2.9.x series. + +## [v0.9.45] - 2019-05-03 + +### Fixed + +* Reverted a change to windows-gnu library names that caused regressions. + +## [v0.9.44] - 2019-04-30 + +### Added + +* The `DEP_OPENSSL_VENDORED` environment variable tells downstream build scripts if the vendored feature was enabled. +* Added `EVP_SealInit`, `EVP_SealFinal`, `EVP_EncryptUpdate`, `EVP_OpenInit`, `EVP_OpenFinal`, and `EVP_DecryptUpdate`. +* Added `EVP_PKEY_size`. + +### Fixed + +* Fixed library names when targeting windows-gnu and pkg-config fails. + +## [v0.9.43] - 2019-03-20 + +### Added + +* Added `d2i_CMS_ContentInfo` and `CMS_encrypt`. +* Added `X509_verify` and `X509_REQ_verify`. +* Added `EVP_MD_type` and `EVP_GROUP_get_curve_name`. + +[Unreleased]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.80..master +[v0.9.80]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.79...openssl-sys-v0.9.80 +[v0.9.79]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.78...openssl-sys-v0.9.79 +[v0.9.78]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.77...openssl-sys-v0.9.78 +[v0.9.77]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.76...openssl-sys-v0.9.77 +[v0.9.76]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.75...openssl-sys-v0.9.76 +[v0.9.75]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.74...openssl-sys-v0.9.75 +[v0.9.74]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.73...openssl-sys-v0.9.74 +[v0.9.73]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.72...openssl-sys-v0.9.73 +[v0.9.72]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.71...openssl-sys-v0.9.72 +[v0.9.71]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.70...openssl-sys-v0.9.71 +[v0.9.70]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.69...openssl-sys-v0.9.70 +[v0.9.69]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.68...openssl-sys-v0.9.69 +[v0.9.68]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.67...openssl-sys-v0.9.68 +[v0.9.67]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.66...openssl-sys-v0.9.67 +[v0.9.66]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.65...openssl-sys-v0.9.66 +[v0.9.65]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.64...openssl-sys-v0.9.65 +[v0.9.64]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.63...openssl-sys-v0.9.64 +[v0.9.63]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.62...openssl-sys-v0.9.63 +[v0.9.62]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.61...openssl-sys-v0.9.62 +[v0.9.61]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.60...openssl-sys-v0.9.61 +[v0.9.60]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.59...openssl-sys-v0.9.60 +[v0.9.59]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.58...openssl-sys-v0.9.59 +[v0.9.58]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.57...openssl-sys-v0.9.58 +[v0.9.57]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.56...openssl-sys-v0.9.57 +[v0.9.56]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.55...openssl-sys-v0.9.56 +[v0.9.55]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.54...openssl-sys-v0.9.55 +[v0.9.54]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.53...openssl-sys-v0.9.54 +[v0.9.53]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.52...openssl-sys-v0.9.53 +[v0.9.52]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.51...openssl-sys-v0.9.52 +[v0.9.51]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.50...openssl-sys-v0.9.51 +[v0.9.50]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.49...openssl-sys-v0.9.50 +[v0.9.49]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.48...openssl-sys-v0.9.49 +[v0.9.48]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.47...openssl-sys-v0.9.48 +[v0.9.47]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.46...openssl-sys-v0.9.47 +[v0.9.46]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.45...openssl-sys-v0.9.46 +[v0.9.45]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.44...openssl-sys-v0.9.45 +[v0.9.44]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.43...openssl-sys-v0.9.44 +[v0.9.43]: https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.42...openssl-sys-v0.9.43 diff --git a/openssl-sys/Cargo.toml b/openssl-sys/Cargo.toml new file mode 100644 index 000000000..56810ec35 --- /dev/null +++ b/openssl-sys/Cargo.toml @@ -0,0 +1,36 @@ +[package] +name = "openssl-sys" +version = "0.9.80" +authors = [ + "Alex Crichton ", + "Steven Fackler ", +] +license = "MIT" +description = "FFI bindings to OpenSSL" +repository = "https://github.com/sfackler/rust-openssl" +readme = "README.md" +categories = ["cryptography", "external-ffi-bindings"] +links = "openssl" +build = "build/main.rs" +edition = "2018" + +[features] +vendored = ['openssl-src'] + +[dependencies] +libc = "0.2" +#bssl-sys = { version = "0.1.0", optional = true }#package does not seem needed for ZT + +[build-dependencies] +bindgen = { version = "0.64.0", optional = true } +cc = "1.0" +openssl-src = { version = "300.0.12", optional = true } +pkg-config = "0.3.9" +autocfg = "1.0" + +[target.'cfg(target_env = "msvc")'.build-dependencies] +vcpkg = "0.2.8" + +# We don't actually use metadeps for annoying reasons but this is still here for tooling +[package.metadata.pkg-config] +openssl = "1.1.0" diff --git a/openssl-sys/LICENSE-MIT b/openssl-sys/LICENSE-MIT new file mode 100644 index 000000000..39e0ed660 --- /dev/null +++ b/openssl-sys/LICENSE-MIT @@ -0,0 +1,25 @@ +Copyright (c) 2014 Alex Crichton + +Permission is hereby granted, free of charge, to any +person obtaining a copy of this software and associated +documentation files (the "Software"), to deal in the +Software without restriction, including without +limitation the rights to use, copy, modify, merge, +publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software +is furnished to do so, subject to the following +conditions: + +The above copyright notice and this permission notice +shall be included in all copies or substantial portions +of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF +ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED +TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A +PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT +SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR +IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER +DEALINGS IN THE SOFTWARE. diff --git a/openssl-sys/README.md b/openssl-sys/README.md new file mode 120000 index 000000000..32d46ee88 --- /dev/null +++ b/openssl-sys/README.md @@ -0,0 +1 @@ +../README.md \ No newline at end of file diff --git a/openssl-sys/build/cfgs.rs b/openssl-sys/build/cfgs.rs new file mode 100644 index 000000000..d925d90ad --- /dev/null +++ b/openssl-sys/build/cfgs.rs @@ -0,0 +1,94 @@ +pub fn get(openssl_version: Option, libressl_version: Option) -> Vec<&'static str> { + let mut cfgs = vec![]; + + if let Some(libressl_version) = libressl_version { + cfgs.push("libressl"); + + if libressl_version >= 0x2_05_01_00_0 { + cfgs.push("libressl251"); + } + if libressl_version >= 0x2_05_02_00_0 { + cfgs.push("libressl252"); + } + if libressl_version >= 0x2_06_01_00_0 { + cfgs.push("libressl261"); + } + if libressl_version >= 0x2_07_00_00_0 { + cfgs.push("libressl270"); + } + if libressl_version >= 0x2_07_01_00_0 { + cfgs.push("libressl271"); + } + if libressl_version >= 0x2_07_03_00_0 { + cfgs.push("libressl273"); + } + if libressl_version >= 0x2_08_00_00_0 { + cfgs.push("libressl280"); + } + if libressl_version >= 0x2_08_01_00_0 { + cfgs.push("libressl281"); + } + if libressl_version >= 0x2_09_01_00_0 { + cfgs.push("libressl291"); + } + if libressl_version >= 0x3_02_01_00_0 { + cfgs.push("libressl321"); + } + if libressl_version >= 0x3_03_02_00_0 { + cfgs.push("libressl332"); + } + if libressl_version >= 0x3_04_00_00_0 { + cfgs.push("libressl340"); + } + if libressl_version >= 0x3_05_00_00_0 { + cfgs.push("libressl350"); + } + if libressl_version >= 0x3_06_00_00_0 { + cfgs.push("libressl360"); + } + if libressl_version >= 0x3_07_00_00_0 { + cfgs.push("libressl370"); + } + } else { + let openssl_version = openssl_version.unwrap(); + + if openssl_version >= 0x3_00_00_00_0 { + cfgs.push("ossl300"); + } + if openssl_version >= 0x1_00_01_00_0 { + cfgs.push("ossl101"); + } + if openssl_version >= 0x1_00_02_00_0 { + cfgs.push("ossl102"); + } + if openssl_version >= 0x1_00_02_06_0 { + cfgs.push("ossl102f"); + } + if openssl_version >= 0x1_00_02_08_0 { + cfgs.push("ossl102h"); + } + if openssl_version >= 0x1_01_00_00_0 { + cfgs.push("ossl110"); + } + if openssl_version >= 0x1_01_00_06_0 { + cfgs.push("ossl110f"); + } + if openssl_version >= 0x1_01_00_07_0 { + cfgs.push("ossl110g"); + } + if openssl_version >= 0x1_01_00_08_0 { + cfgs.push("ossl110h"); + } + if openssl_version >= 0x1_01_01_00_0 { + cfgs.push("ossl111"); + } + if openssl_version >= 0x1_01_01_02_0 { + cfgs.push("ossl111b"); + } + if openssl_version >= 0x1_01_01_03_0 { + cfgs.push("ossl111c"); + } + } + + cfgs +} diff --git a/openssl-sys/build/expando.c b/openssl-sys/build/expando.c new file mode 100644 index 000000000..11fb04db0 --- /dev/null +++ b/openssl-sys/build/expando.c @@ -0,0 +1,124 @@ +#include +#include + +#define VERSION2(n, v) RUST_VERSION_##n##_##v +#define VERSION(n, v) VERSION2(n, v) + +#define NEW_VERSION2(a, b, c) RUST_VERSION_NEW_OPENSSL_##a##_##b##_##c +#define NEW_VERSION(a, b, c) NEW_VERSION2(a, b, c) + +#ifdef LIBRESSL_VERSION_NUMBER +VERSION(LIBRESSL, LIBRESSL_VERSION_NUMBER) +#elif defined OPENSSL_VERSION_MAJOR +NEW_VERSION(OPENSSL_VERSION_MAJOR, OPENSSL_VERSION_MINOR, OPENSSL_VERSION_PATCH) +#else +VERSION(OPENSSL, OPENSSL_VERSION_NUMBER) +#endif + +#ifdef OPENSSL_IS_BORINGSSL +RUST_OPENSSL_IS_BORINGSSL +#endif + +#ifdef OPENSSL_NO_BF +RUST_CONF_OPENSSL_NO_BF +#endif + +#ifdef OPENSSL_NO_BUF_FREELISTS +RUST_CONF_OPENSSL_NO_BUF_FREELISTS +#endif + +#ifdef OPENSSL_NO_CHACHA +RUST_CONF_OPENSSL_NO_CHACHA +#endif + +#ifdef OPENSSL_NO_IDEA +RUST_CONF_OPENSSL_NO_IDEA +#endif + +#ifdef OPENSSL_NO_CAMELLIA +RUST_CONF_OPENSSL_NO_CAMELLIA +#endif + +#ifdef OPENSSL_NO_CAST +RUST_CONF_OPENSSL_NO_CAST +#endif + +#ifdef OPENSSL_NO_CMS +RUST_CONF_OPENSSL_NO_CMS +#endif + +#ifdef OPENSSL_NO_COMP +RUST_CONF_OPENSSL_NO_COMP +#endif + +#ifdef OPENSSL_NO_EC +RUST_CONF_OPENSSL_NO_EC +#endif + +#ifdef OPENSSL_NO_EC2M +RUST_CONF_OPENSSL_NO_EC2M +#endif + +#ifdef OPENSSL_NO_ENGINE +RUST_CONF_OPENSSL_NO_ENGINE +#endif + +#ifdef OPENSSL_NO_KRB5 +RUST_CONF_OPENSSL_NO_KRB5 +#endif + +#ifdef OPENSSL_NO_NEXTPROTONEG +RUST_CONF_OPENSSL_NO_NEXTPROTONEG +#endif + +#ifdef OPENSSL_NO_OCSP +RUST_CONF_OPENSSL_NO_OCSP +#endif + +#ifdef OPENSSL_NO_PSK +RUST_CONF_OPENSSL_NO_PSK +#endif + +#ifdef OPENSSL_NO_RFC3779 +RUST_CONF_OPENSSL_NO_RFC3779 +#endif + +#ifdef OPENSSL_NO_RMD160 +RUST_CONF_OPENSSL_NO_RMD160 +#endif + +#ifdef OPENSSL_NO_SHA +RUST_CONF_OPENSSL_NO_SHA +#endif + +#ifdef OPENSSL_NO_SRP +RUST_CONF_OPENSSL_NO_SRP +#endif + +#ifdef OPENSSL_NO_SSL3_METHOD +RUST_CONF_OPENSSL_NO_SSL3_METHOD +#endif + +#ifdef OPENSSL_NO_TLSEXT +RUST_CONF_OPENSSL_NO_TLSEXT +#endif + +#ifdef OPENSSL_NO_STDIO +RUST_CONF_OPENSSL_NO_STDIO +#endif + +#ifdef OPENSSL_NO_SM3 +RUST_CONF_OPENSSL_NO_SM3 +#endif + +#ifdef OPENSSL_NO_SM4 +RUST_CONF_OPENSSL_NO_SM4 +#endif + +#ifdef OPENSSL_NO_DEPRECATED_3_0 +RUST_CONF_OPENSSL_NO_DEPRECATED_3_0 +#endif + +#ifdef OPENSSL_NO_SEED +RUST_CONF_OPENSSL_NO_SEED +#endif diff --git a/openssl-sys/build/find_normal.rs b/openssl-sys/build/find_normal.rs new file mode 100644 index 000000000..791fc3398 --- /dev/null +++ b/openssl-sys/build/find_normal.rs @@ -0,0 +1,275 @@ +use std::ffi::OsString; +use std::path::{Path, PathBuf}; +use std::process::{self, Command}; + +use super::env; + +pub fn get_openssl(target: &str) -> (Vec, PathBuf) { + let lib_dir = env("OPENSSL_LIB_DIR").map(PathBuf::from); + let include_dir = env("OPENSSL_INCLUDE_DIR").map(PathBuf::from); + + match (lib_dir, include_dir) { + (Some(lib_dir), Some(include_dir)) => (vec![lib_dir], include_dir), + (lib_dir, include_dir) => { + let openssl_dir = env("OPENSSL_DIR").unwrap_or_else(|| find_openssl_dir(target)); + let openssl_dir = Path::new(&openssl_dir); + let lib_dir = lib_dir.map(|d| vec![d]).unwrap_or_else(|| { + let mut lib_dirs = vec![]; + // OpenSSL 3.0 now puts it's libraries in lib64/ by default, + // check for both it and lib/. + if openssl_dir.join("lib64").exists() { + lib_dirs.push(openssl_dir.join("lib64")); + } + if openssl_dir.join("lib").exists() { + lib_dirs.push(openssl_dir.join("lib")); + } + lib_dirs + }); + let include_dir = include_dir.unwrap_or_else(|| openssl_dir.join("include")); + (lib_dir, include_dir) + } + } +} + +fn resolve_with_wellknown_homebrew_location(dir: &str) -> Option { + let versions = ["openssl@3", "openssl@1.1"]; + + // Check up default aarch 64 Homebrew installation location first + // for quick resolution if possible. + // `pkg-config` on brew doesn't necessarily contain settings for openssl apparently. + for version in &versions { + let homebrew = Path::new(dir).join(format!("opt/{}", version)); + if homebrew.exists() { + return Some(homebrew); + } + } + + for version in &versions { + // Calling `brew --prefix ` command usually slow and + // takes seconds, and will be used only as a last resort. + let output = execute_command_and_get_output("brew", &["--prefix", version]); + if let Some(ref output) = output { + let homebrew = Path::new(&output); + if homebrew.exists() { + return Some(homebrew.to_path_buf()); + } + } + } + + None +} + +fn resolve_with_wellknown_location(dir: &str) -> Option { + let root_dir = Path::new(dir); + let include_openssl = root_dir.join("include/openssl"); + if include_openssl.exists() { + Some(root_dir.to_path_buf()) + } else { + None + } +} + +fn find_openssl_dir(target: &str) -> OsString { + let host = env::var("HOST").unwrap(); + + if host == target && target.ends_with("-apple-darwin") { + let homebrew_dir = match target { + "aarch64-apple-darwin" => "/opt/homebrew", + _ => "/usr/local", + }; + + if let Some(dir) = resolve_with_wellknown_homebrew_location(homebrew_dir) { + return dir.into(); + } else if let Some(dir) = resolve_with_wellknown_location("/opt/pkg") { + // pkgsrc + return dir.into(); + } else if let Some(dir) = resolve_with_wellknown_location("/opt/local") { + // MacPorts + return dir.into(); + } + } + + try_pkg_config(); + try_vcpkg(); + + // FreeBSD ships with OpenSSL but doesn't include a pkg-config file :( + if host == target && target.contains("freebsd") { + return OsString::from("/usr"); + } + + // DragonFly has libressl (or openssl) in ports, but this doesn't include a pkg-config file + if host == target && target.contains("dragonfly") { + return OsString::from("/usr/local"); + } + + let mut msg = format!( + " + +Could not find directory of OpenSSL installation, and this `-sys` crate cannot +proceed without this knowledge. If OpenSSL is installed and this crate had +trouble finding it, you can set the `OPENSSL_DIR` environment variable for the +compilation process. + +Make sure you also have the development packages of openssl installed. +For example, `libssl-dev` on Ubuntu or `openssl-devel` on Fedora. + +If you're in a situation where you think the directory *should* be found +automatically, please open a bug at https://github.com/sfackler/rust-openssl +and include information about your system as well as this message. + +$HOST = {} +$TARGET = {} +openssl-sys = {} + +", + host, + target, + env!("CARGO_PKG_VERSION") + ); + + if host.contains("apple-darwin") && target.contains("apple-darwin") { + let system = Path::new("/usr/lib/libssl.0.9.8.dylib"); + if system.exists() { + msg.push_str( + " + +openssl-sys crate build failed: no supported version of OpenSSL found. + +Ways to fix it: +- Use the `vendored` feature of openssl-sys crate to build OpenSSL from source. +- Use Homebrew to install the `openssl` package. + +", + ); + } + } + + if host.contains("unknown-linux") + && target.contains("unknown-linux-gnu") + && Command::new("pkg-config").output().is_err() + { + msg.push_str( + " +It looks like you're compiling on Linux and also targeting Linux. Currently this +requires the `pkg-config` utility to find OpenSSL but unfortunately `pkg-config` +could not be found. If you have OpenSSL installed you can likely fix this by +installing `pkg-config`. + +", + ); + } + + if host.contains("windows") && target.contains("windows-gnu") { + msg.push_str( + " +It looks like you're compiling for MinGW but you may not have either OpenSSL or +pkg-config installed. You can install these two dependencies with: + +pacman -S openssl-devel pkg-config + +and try building this crate again. + +", + ); + } + + if host.contains("windows") && target.contains("windows-msvc") { + msg.push_str( + " +It looks like you're compiling for MSVC but we couldn't detect an OpenSSL +installation. If there isn't one installed then you can try the rust-openssl +README for more information about how to download precompiled binaries of +OpenSSL: + +https://github.com/sfackler/rust-openssl#windows + +", + ); + } + + panic!("{}", msg); +} + +/// Attempt to find OpenSSL through pkg-config. +/// +/// Note that if this succeeds then the function does not return as pkg-config +/// typically tells us all the information that we need. +fn try_pkg_config() { + let target = env::var("TARGET").unwrap(); + let host = env::var("HOST").unwrap(); + + // If we're going to windows-gnu we can use pkg-config, but only so long as + // we're coming from a windows host. + // + // Otherwise if we're going to windows we probably can't use pkg-config. + if target.contains("windows-gnu") && host.contains("windows") { + env::set_var("PKG_CONFIG_ALLOW_CROSS", "1"); + } else if target.contains("windows") { + return; + } + + let lib = match pkg_config::Config::new() + .print_system_libs(false) + .probe("openssl") + { + Ok(lib) => lib, + Err(e) => { + println!("run pkg_config fail: {:?}", e); + return; + } + }; + + super::postprocess(&lib.include_paths); + + for include in lib.include_paths.iter() { + println!("cargo:include={}", include.display()); + } + + process::exit(0); +} + +/// Attempt to find OpenSSL through vcpkg. +/// +/// Note that if this succeeds then the function does not return as vcpkg +/// should emit all of the cargo metadata that we need. +#[cfg(target_env = "msvc")] +fn try_vcpkg() { + // vcpkg will not emit any metadata if it can not find libraries + // appropriate for the target triple with the desired linkage. + + let lib = match vcpkg::Config::new() + .emit_includes(true) + .find_package("openssl") + { + Ok(lib) => lib, + Err(e) => { + println!("note: vcpkg did not find openssl: {}", e); + return; + } + }; + + super::postprocess(&lib.include_paths); + + println!("cargo:rustc-link-lib=user32"); + println!("cargo:rustc-link-lib=gdi32"); + println!("cargo:rustc-link-lib=crypt32"); + + process::exit(0); +} + +#[cfg(not(target_env = "msvc"))] +fn try_vcpkg() {} + +fn execute_command_and_get_output(cmd: &str, args: &[&str]) -> Option { + let out = Command::new(cmd).args(args).output(); + if let Ok(ref r1) = out { + if r1.status.success() { + let r2 = String::from_utf8(r1.stdout.clone()); + if let Ok(r3) = r2 { + return Some(r3.trim().to_string()); + } + } + } + + None +} diff --git a/openssl-sys/build/find_vendored.rs b/openssl-sys/build/find_vendored.rs new file mode 100644 index 000000000..c92b2bd39 --- /dev/null +++ b/openssl-sys/build/find_vendored.rs @@ -0,0 +1,16 @@ +use openssl_src; +use std::path::PathBuf; + +pub fn get_openssl(_target: &str) -> (Vec, PathBuf) { + let artifacts = openssl_src::Build::new().build(); + println!("cargo:vendored=1"); + println!( + "cargo:root={}", + artifacts.lib_dir().parent().unwrap().display() + ); + + ( + vec![artifacts.lib_dir().to_path_buf()], + artifacts.include_dir().to_path_buf(), + ) +} diff --git a/openssl-sys/build/main.rs b/openssl-sys/build/main.rs new file mode 100644 index 000000000..262ea2cba --- /dev/null +++ b/openssl-sys/build/main.rs @@ -0,0 +1,416 @@ +#![allow( + clippy::inconsistent_digit_grouping, + clippy::uninlined_format_args, + clippy::unusual_byte_groupings +)] + +extern crate autocfg; +#[cfg(feature = "bindgen")] +extern crate bindgen; +extern crate cc; +#[cfg(feature = "vendored")] +extern crate openssl_src; +extern crate pkg_config; +#[cfg(target_env = "msvc")] +extern crate vcpkg; + +use std::collections::HashSet; +use std::env; +use std::ffi::OsString; +use std::path::{Path, PathBuf}; +mod cfgs; + +mod find_normal; +#[cfg(feature = "vendored")] +mod find_vendored; +#[cfg(feature = "bindgen")] +mod run_bindgen; + +#[derive(PartialEq)] +enum Version { + Openssl3xx, + Openssl11x, + Openssl10x, + Libressl, +} + +fn env_inner(name: &str) -> Option { + let var = env::var_os(name); + println!("cargo:rerun-if-env-changed={}", name); + + match var { + Some(ref v) => println!("{} = {}", name, v.to_string_lossy()), + None => println!("{} unset", name), + } + + var +} + +fn env(name: &str) -> Option { + let prefix = env::var("TARGET").unwrap().to_uppercase().replace('-', "_"); + let prefixed = format!("{}_{}", prefix, name); + env_inner(&prefixed).or_else(|| env_inner(name)) +} + +fn find_openssl(target: &str) -> (Vec, PathBuf) { + #[cfg(feature = "vendored")] + { + // vendor if the feature is present, unless + // OPENSSL_NO_VENDOR exists and isn't `0` + if env("OPENSSL_NO_VENDOR").map_or(true, |s| s == "0") { + return find_vendored::get_openssl(target); + } + } + find_normal::get_openssl(target) +} + +fn check_ssl_kind() { + if cfg!(feature = "unstable_boringssl") { + println!("cargo:rustc-cfg=boringssl"); + // BoringSSL does not have any build logic, exit early + std::process::exit(0); + } else { + println!("cargo:rustc-cfg=openssl"); + } +} + +fn main() { + check_rustc_versions(); + + check_ssl_kind(); + + let target = env::var("TARGET").unwrap(); + + let (lib_dirs, include_dir) = find_openssl(&target); + + if !lib_dirs.iter().all(|p| Path::new(p).exists()) { + panic!("OpenSSL library directory does not exist: {:?}", lib_dirs); + } + if !Path::new(&include_dir).exists() { + panic!( + "OpenSSL include directory does not exist: {}", + include_dir.to_string_lossy() + ); + } + + for lib_dir in lib_dirs.iter() { + println!( + "cargo:rustc-link-search=native={}", + lib_dir.to_string_lossy() + ); + } + println!("cargo:include={}", include_dir.to_string_lossy()); + + let version = postprocess(&[include_dir]); + + let libs_env = env("OPENSSL_LIBS"); + let libs = match libs_env.as_ref().and_then(|s| s.to_str()) { + Some(v) => { + if v.is_empty() { + vec![] + } else { + v.split(':').collect() + } + } + None => match version { + Version::Openssl10x if target.contains("windows") => vec!["ssleay32", "libeay32"], + Version::Openssl3xx | Version::Openssl11x if target.contains("windows-msvc") => { + vec!["libssl", "libcrypto"] + } + _ => vec!["ssl", "crypto"], + }, + }; + + let kind = determine_mode(&lib_dirs, &libs); + for lib in libs.into_iter() { + println!("cargo:rustc-link-lib={}={}", kind, lib); + } + + if kind == "static" && target.contains("windows") { + println!("cargo:rustc-link-lib=dylib=gdi32"); + println!("cargo:rustc-link-lib=dylib=user32"); + println!("cargo:rustc-link-lib=dylib=crypt32"); + println!("cargo:rustc-link-lib=dylib=ws2_32"); + println!("cargo:rustc-link-lib=dylib=advapi32"); + } +} + +fn check_rustc_versions() { + let cfg = autocfg::new(); + + if cfg.probe_rustc_version(1, 31) { + println!("cargo:rustc-cfg=const_fn"); + } +} + +#[allow(clippy::let_and_return)] +fn postprocess(include_dirs: &[PathBuf]) -> Version { + let version = validate_headers(include_dirs); + #[cfg(feature = "bindgen")] + run_bindgen::run(&include_dirs); + + version +} + +/// Validates the header files found in `include_dir` and then returns the +/// version string of OpenSSL. +#[allow(clippy::manual_strip)] // we need to support pre-1.45.0 +fn validate_headers(include_dirs: &[PathBuf]) -> Version { + // This `*-sys` crate only works with OpenSSL 1.0.1, 1.0.2, 1.1.0, 1.1.1 and 3.0.0. + // To correctly expose the right API from this crate, take a look at + // `opensslv.h` to see what version OpenSSL claims to be. + // + // OpenSSL has a number of build-time configuration options which affect + // various structs and such. Since OpenSSL 1.1.0 this isn't really a problem + // as the library is much more FFI-friendly, but 1.0.{1,2} suffer this problem. + // + // To handle all this conditional compilation we slurp up the configuration + // file of OpenSSL, `opensslconf.h`, and then dump out everything it defines + // as our own #[cfg] directives. That way the `ossl10x.rs` bindings can + // account for compile differences and such. + println!("cargo:rerun-if-changed=build/expando.c"); + let mut gcc = cc::Build::new(); + for include_dir in include_dirs { + gcc.include(include_dir); + } + let expanded = match gcc.file("build/expando.c").try_expand() { + Ok(expanded) => expanded, + Err(e) => { + panic!( + " +Header expansion error: +{:?} + +Failed to find OpenSSL development headers. + +You can try fixing this setting the `OPENSSL_DIR` environment variable +pointing to your OpenSSL installation or installing OpenSSL headers package +specific to your distribution: + + # On Ubuntu + sudo apt-get install libssl-dev + # On Arch Linux + sudo pacman -S openssl + # On Fedora + sudo dnf install openssl-devel + # On Alpine Linux + apk add openssl-dev + +See rust-openssl documentation for more information: + + https://docs.rs/openssl +", + e + ); + } + }; + let expanded = String::from_utf8(expanded).unwrap(); + + let mut enabled = vec![]; + let mut openssl_version = None; + let mut libressl_version = None; + let mut is_boringssl = false; + for line in expanded.lines() { + let line = line.trim(); + + let openssl_prefix = "RUST_VERSION_OPENSSL_"; + let new_openssl_prefix = "RUST_VERSION_NEW_OPENSSL_"; + let libressl_prefix = "RUST_VERSION_LIBRESSL_"; + let boringsl_prefix = "RUST_OPENSSL_IS_BORINGSSL"; + let conf_prefix = "RUST_CONF_"; + if line.starts_with(openssl_prefix) { + let version = &line[openssl_prefix.len()..]; + openssl_version = Some(parse_version(version)); + } else if line.starts_with(new_openssl_prefix) { + let version = &line[new_openssl_prefix.len()..]; + openssl_version = Some(parse_new_version(version)); + } else if line.starts_with(libressl_prefix) { + let version = &line[libressl_prefix.len()..]; + libressl_version = Some(parse_version(version)); + } else if line.starts_with(conf_prefix) { + enabled.push(&line[conf_prefix.len()..]); + } else if line.starts_with(boringsl_prefix) { + is_boringssl = true; + } + } + + if is_boringssl { + panic!("BoringSSL detected, but `unstable_boringssl` feature wasn't specified.") + } + + for enabled in &enabled { + println!("cargo:rustc-cfg=osslconf=\"{}\"", enabled); + } + println!("cargo:conf={}", enabled.join(",")); + + for cfg in cfgs::get(openssl_version, libressl_version) { + println!("cargo:rustc-cfg={}", cfg); + } + + if let Some(libressl_version) = libressl_version { + println!("cargo:libressl_version_number={:x}", libressl_version); + + let major = (libressl_version >> 28) as u8; + let minor = (libressl_version >> 20) as u8; + let fix = (libressl_version >> 12) as u8; + let (major, minor, fix) = match (major, minor, fix) { + (2, 5, 0) => ('2', '5', '0'), + (2, 5, 1) => ('2', '5', '1'), + (2, 5, 2) => ('2', '5', '2'), + (2, 5, _) => ('2', '5', 'x'), + (2, 6, 0) => ('2', '6', '0'), + (2, 6, 1) => ('2', '6', '1'), + (2, 6, 2) => ('2', '6', '2'), + (2, 6, _) => ('2', '6', 'x'), + (2, 7, _) => ('2', '7', 'x'), + (2, 8, 0) => ('2', '8', '0'), + (2, 8, 1) => ('2', '8', '1'), + (2, 8, _) => ('2', '8', 'x'), + (2, 9, 0) => ('2', '9', '0'), + (2, 9, _) => ('2', '9', 'x'), + (3, 0, 0) => ('3', '0', '0'), + (3, 0, 1) => ('3', '0', '1'), + (3, 0, _) => ('3', '0', 'x'), + (3, 1, 0) => ('3', '1', '0'), + (3, 1, _) => ('3', '1', 'x'), + (3, 2, 0) => ('3', '2', '0'), + (3, 2, 1) => ('3', '2', '1'), + (3, 2, _) => ('3', '2', 'x'), + (3, 3, 0) => ('3', '3', '0'), + (3, 3, 1) => ('3', '3', '1'), + (3, 3, _) => ('3', '3', 'x'), + (3, 4, 0) => ('3', '4', '0'), + (3, 4, _) => ('3', '4', 'x'), + (3, 5, _) => ('3', '5', 'x'), + (3, 6, 0) => ('3', '6', '0'), + (3, 6, _) => ('3', '6', 'x'), + (3, 7, 0) => ('3', '7', '0'), + _ => version_error(), + }; + + println!("cargo:libressl=true"); + println!("cargo:libressl_version={}{}{}", major, minor, fix); + println!("cargo:version=101"); + Version::Libressl + } else { + let openssl_version = openssl_version.unwrap(); + println!("cargo:version_number={:x}", openssl_version); + + if openssl_version >= 0x4_00_00_00_0 { + version_error() + } else if openssl_version >= 0x3_00_00_00_0 { + Version::Openssl3xx + } else if openssl_version >= 0x1_01_01_00_0 { + println!("cargo:version=111"); + Version::Openssl11x + } else if openssl_version >= 0x1_01_00_06_0 { + println!("cargo:version=110"); + println!("cargo:patch=f"); + Version::Openssl11x + } else if openssl_version >= 0x1_01_00_00_0 { + println!("cargo:version=110"); + Version::Openssl11x + } else if openssl_version >= 0x1_00_02_00_0 { + println!("cargo:version=102"); + Version::Openssl10x + } else if openssl_version >= 0x1_00_01_00_0 { + println!("cargo:version=101"); + Version::Openssl10x + } else { + version_error() + } + } +} + +fn version_error() -> ! { + panic!( + " + +This crate is only compatible with OpenSSL (version 1.0.1 through 1.1.1, or 3.0.0), or LibreSSL 2.5 +through 3.7.0, but a different version of OpenSSL was found. The build is now aborting +due to this version mismatch. + +" + ); +} + +// parses a string that looks like "0x100020cfL" +#[allow(deprecated)] // trim_right_matches is now trim_end_matches +#[allow(clippy::match_like_matches_macro)] // matches macro requires rust 1.42.0 +fn parse_version(version: &str) -> u64 { + // cut off the 0x prefix + assert!(version.starts_with("0x")); + let version = &version[2..]; + + // and the type specifier suffix + let version = version.trim_right_matches(|c: char| match c { + '0'..='9' | 'a'..='f' | 'A'..='F' => false, + _ => true, + }); + + u64::from_str_radix(version, 16).unwrap() +} + +// parses a string that looks like 3_0_0 +fn parse_new_version(version: &str) -> u64 { + println!("version: {}", version); + let mut it = version.split('_'); + let major = it.next().unwrap().parse::().unwrap(); + let minor = it.next().unwrap().parse::().unwrap(); + let patch = it.next().unwrap().parse::().unwrap(); + + (major << 28) | (minor << 20) | (patch << 4) +} + +/// Given a libdir for OpenSSL (where artifacts are located) as well as the name +/// of the libraries we're linking to, figure out whether we should link them +/// statically or dynamically. +fn determine_mode(libdirs: &[PathBuf], libs: &[&str]) -> &'static str { + // First see if a mode was explicitly requested + let kind = env("OPENSSL_STATIC"); + match kind.as_ref().and_then(|s| s.to_str()) { + Some("0") => return "dylib", + Some(_) => return "static", + None => {} + } + + // Next, see what files we actually have to link against, and see what our + // possibilities even are. + let mut files = HashSet::new(); + for dir in libdirs { + for path in dir + .read_dir() + .unwrap() + .map(|e| e.unwrap()) + .map(|e| e.file_name()) + .filter_map(|e| e.into_string().ok()) + { + files.insert(path); + } + } + let can_static = libs + .iter() + .all(|l| files.contains(&format!("lib{}.a", l)) || files.contains(&format!("{}.lib", l))); + let can_dylib = libs.iter().all(|l| { + files.contains(&format!("lib{}.so", l)) + || files.contains(&format!("{}.dll", l)) + || files.contains(&format!("lib{}.dylib", l)) + }); + match (can_static, can_dylib) { + (true, false) => return "static", + (false, true) => return "dylib", + (false, false) => { + panic!( + "OpenSSL libdir at `{:?}` does not contain the required files \ + to either statically or dynamically link OpenSSL", + libdirs + ); + } + (true, true) => {} + } + + // Ok, we've got not explicit preference and can *either* link statically or + // link dynamically. In the interest of "security upgrades" and/or "best + // practices with security libs", let's link dynamically. + "dylib" +} diff --git a/openssl-sys/build/run_bindgen.rs b/openssl-sys/build/run_bindgen.rs new file mode 100644 index 000000000..9531e6e8b --- /dev/null +++ b/openssl-sys/build/run_bindgen.rs @@ -0,0 +1,129 @@ +use bindgen::callbacks::{MacroParsingBehavior, ParseCallbacks}; +use bindgen::RustTarget; +use std::env; +use std::path::PathBuf; + +const INCLUDES: &str = " +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +// this must be included after ssl.h for libressl! +#include + +#if !defined(LIBRESSL_VERSION_NUMBER) +#include +#endif + +#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000 +#include +#endif + +#if OPENSSL_VERSION_NUMBER >= 0x30000000 +#include +#endif +"; + +pub fn run(include_dirs: &[PathBuf]) { + let out_dir = PathBuf::from(env::var_os("OUT_DIR").unwrap()); + + let mut builder = bindgen::builder() + .parse_callbacks(Box::new(OpensslCallbacks)) + .rust_target(RustTarget::Stable_1_47) + .ctypes_prefix("::libc") + .raw_line("use libc::*;") + .raw_line("type evp_pkey_st = EVP_PKEY;") + .allowlist_file(".*/openssl/[^/]+\\.h") + .allowlist_recursively(false) + // libc is missing pthread_once_t on macOS + .blocklist_type("CRYPTO_ONCE") + .blocklist_function("CRYPTO_THREAD_run_once") + // we don't want to mess with va_list + .blocklist_function("BIO_vprintf") + .blocklist_function("BIO_vsnprintf") + .blocklist_function("ERR_vset_error") + .blocklist_function("ERR_add_error_vdata") + .blocklist_function("EVP_KDF_vctrl") + .blocklist_type("OSSL_FUNC_core_vset_error_fn") + .blocklist_type("OSSL_FUNC_BIO_vprintf_fn") + .blocklist_type("OSSL_FUNC_BIO_vsnprintf_fn") + // Maintain compatibility for existing enum definitions + .rustified_enum("point_conversion_form_t") + // Maintain compatibility for pre-union definitions + .blocklist_type("GENERAL_NAME") + .blocklist_type("GENERAL_NAME_st") + .blocklist_type("EVP_PKEY") + .blocklist_type("evp_pkey_st") + .layout_tests(false) + .header_contents("includes.h", INCLUDES); + + for include_dir in include_dirs { + builder = builder + .clang_arg("-I") + .clang_arg(include_dir.display().to_string()); + } + + builder + .generate() + .unwrap() + .write_to_file(out_dir.join("bindgen.rs")) + .unwrap(); +} + +#[derive(Debug)] +struct OpensslCallbacks; + +impl ParseCallbacks for OpensslCallbacks { + // for now we'll continue hand-writing constants + fn will_parse_macro(&self, _name: &str) -> MacroParsingBehavior { + MacroParsingBehavior::Ignore + } + + fn item_name(&self, original_item_name: &str) -> Option { + match original_item_name { + // Our original definitions of these are wrong, so rename to avoid breakage + "CRYPTO_EX_new" + | "CRYPTO_EX_dup" + | "CRYPTO_EX_free" + | "BIO_meth_set_write" + | "BIO_meth_set_read" + | "BIO_meth_set_puts" + | "BIO_meth_set_ctrl" + | "BIO_meth_set_create" + | "BIO_meth_set_destroy" + | "CRYPTO_set_locking_callback" + | "CRYPTO_set_id_callback" + | "SSL_CTX_set_tmp_dh_callback" + | "SSL_set_tmp_dh_callback" + | "SSL_CTX_set_tmp_ecdh_callback" + | "SSL_set_tmp_ecdh_callback" + | "SSL_CTX_callback_ctrl" + | "SSL_CTX_set_alpn_select_cb" => Some(format!("{}__fixed_rust", original_item_name)), + _ => None, + } + } +} diff --git a/openssl-sys/src/aes.rs b/openssl-sys/src/aes.rs new file mode 100644 index 000000000..ade6e842f --- /dev/null +++ b/openssl-sys/src/aes.rs @@ -0,0 +1,7 @@ +use libc::*; + +pub const AES_ENCRYPT: c_int = 1; +pub const AES_DECRYPT: c_int = 0; + +pub const AES_MAXNR: c_int = 14; +pub const AES_BLOCK_SIZE: c_int = 16; diff --git a/openssl-sys/src/asn1.rs b/openssl-sys/src/asn1.rs new file mode 100644 index 000000000..caf14f7b9 --- /dev/null +++ b/openssl-sys/src/asn1.rs @@ -0,0 +1,39 @@ +use libc::*; + +use super::*; + +// ASN.1 tag values +pub const V_ASN1_EOC: c_int = 0; +pub const V_ASN1_BOOLEAN: c_int = 1; +pub const V_ASN1_INTEGER: c_int = 2; +pub const V_ASN1_BIT_STRING: c_int = 3; +pub const V_ASN1_OCTET_STRING: c_int = 4; +pub const V_ASN1_NULL: c_int = 5; +pub const V_ASN1_OBJECT: c_int = 6; +pub const V_ASN1_OBJECT_DESCRIPTOR: c_int = 7; +pub const V_ASN1_EXTERNAL: c_int = 8; +pub const V_ASN1_REAL: c_int = 9; +pub const V_ASN1_ENUMERATED: c_int = 10; +pub const V_ASN1_UTF8STRING: c_int = 12; +pub const V_ASN1_SEQUENCE: c_int = 16; +pub const V_ASN1_SET: c_int = 17; +pub const V_ASN1_NUMERICSTRING: c_int = 18; +pub const V_ASN1_PRINTABLESTRING: c_int = 19; +pub const V_ASN1_T61STRING: c_int = 20; +pub const V_ASN1_TELETEXSTRING: c_int = 20; // alias +pub const V_ASN1_VIDEOTEXSTRING: c_int = 21; +pub const V_ASN1_IA5STRING: c_int = 22; +pub const V_ASN1_UTCTIME: c_int = 23; +pub const V_ASN1_GENERALIZEDTIME: c_int = 24; +pub const V_ASN1_GRAPHICSTRING: c_int = 25; +pub const V_ASN1_ISO64STRING: c_int = 26; +pub const V_ASN1_VISIBLESTRING: c_int = 26; // alias +pub const V_ASN1_GENERALSTRING: c_int = 27; +pub const V_ASN1_UNIVERSALSTRING: c_int = 28; +pub const V_ASN1_BMPSTRING: c_int = 30; + +pub const MBSTRING_FLAG: c_int = 0x1000; +pub const MBSTRING_UTF8: c_int = MBSTRING_FLAG; +pub const MBSTRING_ASC: c_int = MBSTRING_FLAG | 1; +pub const MBSTRING_BMP: c_int = MBSTRING_FLAG | 2; +pub const MBSTRING_UNIV: c_int = MBSTRING_FLAG | 4; diff --git a/openssl-sys/src/bio.rs b/openssl-sys/src/bio.rs new file mode 100644 index 000000000..ea6053b59 --- /dev/null +++ b/openssl-sys/src/bio.rs @@ -0,0 +1,72 @@ +use libc::*; + +use super::*; + +pub const BIO_TYPE_NONE: c_int = 0; + +pub const BIO_CTRL_EOF: c_int = 2; +pub const BIO_CTRL_INFO: c_int = 3; +pub const BIO_CTRL_FLUSH: c_int = 11; +pub const BIO_CTRL_DGRAM_QUERY_MTU: c_int = 40; +pub const BIO_C_SET_BUF_MEM_EOF_RETURN: c_int = 130; + +pub unsafe fn BIO_set_retry_read(b: *mut BIO) { + BIO_set_flags(b, BIO_FLAGS_READ | BIO_FLAGS_SHOULD_RETRY) +} + +pub unsafe fn BIO_set_retry_write(b: *mut BIO) { + BIO_set_flags(b, BIO_FLAGS_WRITE | BIO_FLAGS_SHOULD_RETRY) +} + +pub unsafe fn BIO_clear_retry_flags(b: *mut BIO) { + BIO_clear_flags(b, BIO_FLAGS_RWS | BIO_FLAGS_SHOULD_RETRY) +} + +pub const BIO_FLAGS_READ: c_int = 0x01; +pub const BIO_FLAGS_WRITE: c_int = 0x02; +pub const BIO_FLAGS_IO_SPECIAL: c_int = 0x04; +pub const BIO_FLAGS_RWS: c_int = BIO_FLAGS_READ | BIO_FLAGS_WRITE | BIO_FLAGS_IO_SPECIAL; +pub const BIO_FLAGS_SHOULD_RETRY: c_int = 0x08; + +pub unsafe fn BIO_get_mem_data(b: *mut BIO, pp: *mut *mut c_char) -> c_long { + BIO_ctrl(b, BIO_CTRL_INFO, 0, pp as *mut c_void) +} + +extern "C" { + #[deprecated(note = "use BIO_meth_set_write__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_write( + biom: *mut BIO_METHOD, + write: unsafe extern "C" fn(*mut BIO, *const c_char, c_int) -> c_int, + ) -> c_int; + #[deprecated(note = "use BIO_meth_set_read__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_read( + biom: *mut BIO_METHOD, + read: unsafe extern "C" fn(*mut BIO, *mut c_char, c_int) -> c_int, + ) -> c_int; + #[deprecated(note = "use BIO_meth_set_puts__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_puts( + biom: *mut BIO_METHOD, + read: unsafe extern "C" fn(*mut BIO, *const c_char) -> c_int, + ) -> c_int; + #[deprecated(note = "use BIO_meth_set_ctrl__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_ctrl( + biom: *mut BIO_METHOD, + read: unsafe extern "C" fn(*mut BIO, c_int, c_long, *mut c_void) -> c_long, + ) -> c_int; + #[deprecated(note = "use BIO_meth_set_create__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_create( + biom: *mut BIO_METHOD, + create: unsafe extern "C" fn(*mut BIO) -> c_int, + ) -> c_int; + #[deprecated(note = "use BIO_meth_set_destroy__fixed_rust instead")] + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_set_destroy( + biom: *mut BIO_METHOD, + destroy: unsafe extern "C" fn(*mut BIO) -> c_int, + ) -> c_int; +} diff --git a/openssl-sys/src/bn.rs b/openssl-sys/src/bn.rs new file mode 100644 index 000000000..a6bbcce88 --- /dev/null +++ b/openssl-sys/src/bn.rs @@ -0,0 +1,15 @@ +use libc::*; + +#[cfg(target_pointer_width = "64")] +pub type BN_ULONG = c_ulonglong; +#[cfg(target_pointer_width = "32")] +pub type BN_ULONG = c_uint; + +#[cfg(ossl110)] +pub const BN_FLG_MALLOCED: c_int = 0x01; +#[cfg(ossl110)] +pub const BN_FLG_STATIC_DATA: c_int = 0x02; +#[cfg(ossl110)] +pub const BN_FLG_CONSTTIME: c_int = 0x04; +#[cfg(ossl110)] +pub const BN_FLG_SECURE: c_int = 0x08; diff --git a/openssl-sys/src/cms.rs b/openssl-sys/src/cms.rs new file mode 100644 index 000000000..f008adb1c --- /dev/null +++ b/openssl-sys/src/cms.rs @@ -0,0 +1,46 @@ +use libc::*; + +#[cfg(ossl101)] +pub const CMS_TEXT: c_uint = 0x1; +#[cfg(ossl101)] +pub const CMS_NOCERTS: c_uint = 0x2; +#[cfg(ossl101)] +pub const CMS_NO_CONTENT_VERIFY: c_uint = 0x4; +#[cfg(ossl101)] +pub const CMS_NO_ATTR_VERIFY: c_uint = 0x8; +#[cfg(ossl101)] +pub const CMS_NOSIGS: c_uint = 0x4 | 0x8; +#[cfg(ossl101)] +pub const CMS_NOINTERN: c_uint = 0x10; +#[cfg(ossl101)] +pub const CMS_NO_SIGNER_CERT_VERIFY: c_uint = 0x20; +#[cfg(ossl101)] +pub const CMS_NOVERIFY: c_uint = 0x20; +#[cfg(ossl101)] +pub const CMS_DETACHED: c_uint = 0x40; +#[cfg(ossl101)] +pub const CMS_BINARY: c_uint = 0x80; +#[cfg(ossl101)] +pub const CMS_NOATTR: c_uint = 0x100; +#[cfg(ossl101)] +pub const CMS_NOSMIMECAP: c_uint = 0x200; +#[cfg(ossl101)] +pub const CMS_NOOLDMIMETYPE: c_uint = 0x400; +#[cfg(ossl101)] +pub const CMS_CRLFEOL: c_uint = 0x800; +#[cfg(ossl101)] +pub const CMS_STREAM: c_uint = 0x1000; +#[cfg(ossl101)] +pub const CMS_NOCRL: c_uint = 0x2000; +#[cfg(ossl101)] +pub const CMS_PARTIAL: c_uint = 0x4000; +#[cfg(ossl101)] +pub const CMS_REUSE_DIGEST: c_uint = 0x8000; +#[cfg(ossl101)] +pub const CMS_USE_KEYID: c_uint = 0x10000; +#[cfg(ossl101)] +pub const CMS_DEBUG_DECRYPT: c_uint = 0x20000; +#[cfg(ossl102)] +pub const CMS_KEY_PARAM: c_uint = 0x40000; +#[cfg(ossl110)] +pub const CMS_ASCIICRLF: c_uint = 0x80000; diff --git a/openssl-sys/src/crypto.rs b/openssl-sys/src/crypto.rs new file mode 100644 index 000000000..35be07ead --- /dev/null +++ b/openssl-sys/src/crypto.rs @@ -0,0 +1,134 @@ +use super::*; +use libc::*; + +extern "C" { + #[deprecated(note = "use CRYPTO_set_locking_callback__fixed_rust instead")] + #[cfg(not(ossl110))] + pub fn CRYPTO_set_locking_callback( + func: unsafe extern "C" fn(mode: c_int, n: c_int, file: *const c_char, line: c_int), + ); + + #[deprecated(note = "use CRYPTO_set_id_callback__fixed_rust instead")] + #[cfg(not(ossl110))] + pub fn CRYPTO_set_id_callback(func: unsafe extern "C" fn() -> c_ulong); +} + +cfg_if! { + if #[cfg(ossl110)] { + type CRYPTO_EX_new_ret = (); + type CRYPTO_EX_dup_from = *const CRYPTO_EX_DATA; + } else { + type CRYPTO_EX_new_ret = c_int; + type CRYPTO_EX_dup_from = *mut CRYPTO_EX_DATA; + } +} + +cfg_if! { + if #[cfg(ossl300)] { + type CRYPTO_EX_dup_from_d = *mut *mut c_void; + } else { + type CRYPTO_EX_dup_from_d = *mut c_void; + } +} + +// FIXME should be options +pub type CRYPTO_EX_new = unsafe extern "C" fn( + parent: *mut c_void, + ptr: *mut c_void, + ad: *mut CRYPTO_EX_DATA, + idx: c_int, + argl: c_long, + argp: *mut c_void, +) -> CRYPTO_EX_new_ret; +pub type CRYPTO_EX_dup = unsafe extern "C" fn( + to: *mut CRYPTO_EX_DATA, + from: CRYPTO_EX_dup_from, + from_d: CRYPTO_EX_dup_from_d, + idx: c_int, + argl: c_long, + argp: *mut c_void, +) -> c_int; +pub type CRYPTO_EX_free = unsafe extern "C" fn( + parent: *mut c_void, + ptr: *mut c_void, + ad: *mut CRYPTO_EX_DATA, + idx: c_int, + argl: c_long, + argp: *mut c_void, +); + +#[cfg(ossl110)] +#[inline] +#[track_caller] +pub unsafe fn OPENSSL_malloc(num: usize) -> *mut c_void { + CRYPTO_malloc( + num, + concat!(file!(), "\0").as_ptr() as *const _, + line!() as _, + ) +} + +#[cfg(not(ossl110))] +#[inline] +#[track_caller] +pub unsafe fn OPENSSL_malloc(num: c_int) -> *mut c_void { + CRYPTO_malloc( + num, + concat!(file!(), "\0").as_ptr() as *const _, + line!() as _, + ) +} + +#[cfg(ossl110)] +#[inline] +#[track_caller] +pub unsafe fn OPENSSL_free(addr: *mut c_void) { + CRYPTO_free( + addr, + concat!(file!(), "\0").as_ptr() as *const _, + line!() as _, + ) +} + +#[cfg(not(ossl110))] +#[inline] +pub unsafe fn OPENSSL_free(addr: *mut c_void) { + CRYPTO_free(addr) +} + +#[cfg(not(ossl110))] +pub const CRYPTO_LOCK_X509: c_int = 3; +#[cfg(not(ossl110))] +pub const CRYPTO_LOCK_EVP_PKEY: c_int = 10; +#[cfg(not(ossl110))] +pub const CRYPTO_LOCK_SSL_CTX: c_int = 12; +#[cfg(not(ossl110))] +pub const CRYPTO_LOCK_SSL_SESSION: c_int = 14; + +cfg_if! { + if #[cfg(ossl110)] { + pub const CRYPTO_EX_INDEX_SSL: c_int = 0; + pub const CRYPTO_EX_INDEX_SSL_CTX: c_int = 1; + } else if #[cfg(libressl)] { + pub const CRYPTO_EX_INDEX_SSL: c_int = 1; + pub const CRYPTO_EX_INDEX_SSL_CTX: c_int = 2; + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl271))] { + pub const OPENSSL_VERSION: c_int = 0; + pub const OPENSSL_CFLAGS: c_int = 1; + pub const OPENSSL_BUILT_ON: c_int = 2; + pub const OPENSSL_PLATFORM: c_int = 3; + pub const OPENSSL_DIR: c_int = 4; + } else { + pub const SSLEAY_VERSION: c_int = 0; + pub const SSLEAY_CFLAGS: c_int = 2; + pub const SSLEAY_BUILT_ON: c_int = 3; + pub const SSLEAY_PLATFORM: c_int = 4; + pub const SSLEAY_DIR: c_int = 5; + } +} + +pub const CRYPTO_LOCK: c_int = 1; diff --git a/openssl-sys/src/dtls1.rs b/openssl-sys/src/dtls1.rs new file mode 100644 index 000000000..9ef5e77f7 --- /dev/null +++ b/openssl-sys/src/dtls1.rs @@ -0,0 +1,9 @@ +use libc::*; + +cfg_if! { + if #[cfg(ossl300)] { + pub const DTLS1_COOKIE_LENGTH: c_uint = 255; + } else { + pub const DTLS1_COOKIE_LENGTH: c_uint = 256; + } +} diff --git a/openssl-sys/src/ec.rs b/openssl-sys/src/ec.rs new file mode 100644 index 000000000..995a84ff6 --- /dev/null +++ b/openssl-sys/src/ec.rs @@ -0,0 +1,16 @@ +use libc::*; +use std::ptr; + +use super::*; + +pub const OPENSSL_EC_NAMED_CURVE: c_int = 1; + +#[cfg(ossl300)] +pub unsafe fn EVP_EC_gen(curve: *const c_char) -> *mut EVP_PKEY { + EVP_PKEY_Q_keygen( + ptr::null_mut(), + ptr::null_mut(), + "EC\0".as_ptr().cast(), + curve, + ) +} diff --git a/openssl-sys/src/err.rs b/openssl-sys/src/err.rs new file mode 100644 index 000000000..5e84e6208 --- /dev/null +++ b/openssl-sys/src/err.rs @@ -0,0 +1,70 @@ +use libc::*; + +pub const ERR_TXT_MALLOCED: c_int = 0x01; +pub const ERR_TXT_STRING: c_int = 0x02; + +pub const ERR_LIB_SYS: c_int = 2; +pub const ERR_LIB_PEM: c_int = 9; +pub const ERR_LIB_ASN1: c_int = 13; + +cfg_if! { + if #[cfg(ossl300)] { + pub const ERR_SYSTEM_FLAG: c_ulong = c_int::max_value() as c_ulong + 1; + pub const ERR_SYSTEM_MASK: c_ulong = c_int::max_value() as c_ulong; + + pub const ERR_LIB_OFFSET: c_ulong = 23; + pub const ERR_LIB_MASK: c_ulong = 0xff; + pub const ERR_RFLAGS_OFFSET: c_ulong = 18; + pub const ERR_RFLAGS_MASK: c_ulong = 0x1f; + pub const ERR_REASON_MASK: c_ulong = 0x7FFFFF; + + pub const ERR_RFLAG_FATAL: c_ulong = 0x1 << ERR_RFLAGS_OFFSET; + + const_fn! { + pub const fn ERR_SYSTEM_ERROR(errcode: c_ulong) -> bool { + errcode & ERR_SYSTEM_FLAG != 0 + } + + pub const fn ERR_GET_LIB(errcode: c_ulong) -> c_int { + // hacks since `if` isn't yet stable in const functions :( + ((ERR_LIB_SYS as c_ulong * (ERR_SYSTEM_ERROR(errcode) as c_ulong)) | + (((errcode >> ERR_LIB_OFFSET) & ERR_LIB_MASK) * (!ERR_SYSTEM_ERROR(errcode) as c_ulong))) as c_int + } + + pub const fn ERR_GET_FUNC(_errcode: c_ulong) -> c_int { + 0 + } + + pub const fn ERR_GET_REASON(errcode: c_ulong) -> c_int { + // hacks since `if` isn't yet stable in const functions :( + ((ERR_LIB_SYS as c_ulong * (ERR_SYSTEM_ERROR(errcode) as c_ulong)) | + ((errcode & ERR_REASON_MASK) * (!ERR_SYSTEM_ERROR(errcode) as c_ulong))) as c_int + } + + pub const fn ERR_PACK(lib: c_int, _func: c_int, reason: c_int) -> c_ulong { + ((lib as c_ulong & ERR_LIB_MASK) << ERR_LIB_OFFSET) | + (reason as c_ulong & ERR_REASON_MASK) + } + } + } else { + const_fn! { + pub const fn ERR_PACK(l: c_int, f: c_int, r: c_int) -> c_ulong { + ((l as c_ulong & 0x0FF) << 24) | + ((f as c_ulong & 0xFFF) << 12) | + (r as c_ulong & 0xFFF) + } + + pub const fn ERR_GET_LIB(l: c_ulong) -> c_int { + ((l >> 24) & 0x0FF) as c_int + } + + pub const fn ERR_GET_FUNC(l: c_ulong) -> c_int { + ((l >> 12) & 0xFFF) as c_int + } + + pub const fn ERR_GET_REASON(l: c_ulong) -> c_int { + (l & 0xFFF) as c_int + } + } + } +} diff --git a/openssl-sys/src/evp.rs b/openssl-sys/src/evp.rs new file mode 100644 index 000000000..a98e43842 --- /dev/null +++ b/openssl-sys/src/evp.rs @@ -0,0 +1,285 @@ +use super::*; +use libc::*; + +pub const EVP_MAX_MD_SIZE: c_uint = 64; + +pub const PKCS5_SALT_LEN: c_int = 8; +pub const PKCS12_DEFAULT_ITER: c_int = 2048; + +pub const EVP_PKEY_RSA: c_int = NID_rsaEncryption; +pub const EVP_PKEY_DSA: c_int = NID_dsa; +pub const EVP_PKEY_DH: c_int = NID_dhKeyAgreement; +pub const EVP_PKEY_EC: c_int = NID_X9_62_id_ecPublicKey; +#[cfg(ossl111)] +pub const EVP_PKEY_X25519: c_int = NID_X25519; +#[cfg(ossl111)] +pub const EVP_PKEY_ED25519: c_int = NID_ED25519; +#[cfg(ossl111)] +pub const EVP_PKEY_X448: c_int = NID_X448; +#[cfg(ossl111)] +pub const EVP_PKEY_ED448: c_int = NID_ED448; +pub const EVP_PKEY_HMAC: c_int = NID_hmac; +pub const EVP_PKEY_CMAC: c_int = NID_cmac; +#[cfg(ossl110)] +pub const EVP_PKEY_HKDF: c_int = NID_hkdf; + +pub const EVP_CTRL_GCM_SET_IVLEN: c_int = 0x9; +pub const EVP_CTRL_GCM_GET_TAG: c_int = 0x10; +pub const EVP_CTRL_GCM_SET_TAG: c_int = 0x11; + +pub unsafe fn EVP_get_digestbynid(type_: c_int) -> *const EVP_MD { + EVP_get_digestbyname(OBJ_nid2sn(type_)) +} + +cfg_if! { + if #[cfg(ossl300)] { + #[inline] + pub unsafe fn EVP_MD_CTX_md(ctx: *const EVP_MD_CTX) -> *const EVP_MD { + EVP_MD_CTX_get0_md(ctx) + } + + #[inline] + pub unsafe fn EVP_MD_CTX_get_size(ctx: *const EVP_MD_CTX) -> c_int { + EVP_MD_get_size(EVP_MD_CTX_get0_md(ctx)) + } + + #[inline] + pub unsafe fn EVP_MD_CTX_size(ctx: *const EVP_MD_CTX) -> c_int { + EVP_MD_CTX_get_size(ctx) + } + + #[inline] + pub unsafe fn EVP_MD_block_size(md: *const EVP_MD) -> c_int { + EVP_MD_get_block_size(md) + } + + #[inline] + pub unsafe fn EVP_MD_size(md: *const EVP_MD) -> c_int { + EVP_MD_get_size(md) + } + + #[inline] + pub unsafe fn EVP_MD_type(md: *const EVP_MD) -> c_int { + EVP_MD_get_type(md) + } + + #[inline] + pub unsafe fn EVP_CIPHER_key_length(cipher: *const EVP_CIPHER) -> c_int { + EVP_CIPHER_get_key_length(cipher) + } + + #[inline] + pub unsafe fn EVP_CIPHER_block_size(cipher: *const EVP_CIPHER) -> c_int { + EVP_CIPHER_get_block_size(cipher) + } + + #[inline] + pub unsafe fn EVP_CIPHER_iv_length(cipher: *const EVP_CIPHER) -> c_int { + EVP_CIPHER_get_iv_length(cipher) + } + + #[inline] + pub unsafe fn EVP_CIPHER_nid(cipher: *const EVP_CIPHER) -> c_int { + EVP_CIPHER_get_nid(cipher) + } + + #[inline] + pub unsafe fn EVP_CIPHER_CTX_block_size(ctx: *const EVP_CIPHER_CTX) -> c_int { + EVP_CIPHER_CTX_get_block_size(ctx) + } + + #[inline] + pub unsafe fn EVP_CIPHER_CTX_key_length(ctx: *const EVP_CIPHER_CTX) -> c_int { + EVP_CIPHER_CTX_get_key_length(ctx) + } + + #[inline] + pub unsafe fn EVP_CIPHER_CTX_iv_length(ctx: *const EVP_CIPHER_CTX) -> c_int { + EVP_CIPHER_CTX_get_iv_length(ctx) + } + + #[inline] + pub unsafe fn EVP_CIPHER_CTX_num(ctx: *const EVP_CIPHER_CTX) -> c_int { + EVP_CIPHER_CTX_get_num(ctx) + } + } else { + pub unsafe fn EVP_MD_CTX_size(ctx: *const EVP_MD_CTX) -> c_int { + EVP_MD_size(EVP_MD_CTX_md(ctx)) + } + } +} +#[cfg(not(ossl300))] +#[inline] +pub unsafe fn EVP_DigestSignUpdate( + ctx: *mut EVP_MD_CTX, + data: *const c_void, + dsize: size_t, +) -> c_int { + EVP_DigestUpdate(ctx, data, dsize) +} +#[cfg(not(ossl300))] +#[inline] +pub unsafe fn EVP_DigestVerifyUpdate( + ctx: *mut EVP_MD_CTX, + data: *const c_void, + dsize: size_t, +) -> c_int { + EVP_DigestUpdate(ctx, data, dsize) +} +#[cfg(ossl300)] +#[inline] +pub unsafe fn EVP_PKEY_size(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_size(pkey) +} + +cfg_if! { + if #[cfg(ossl300)] { + #[inline] + pub unsafe fn EVP_PKEY_id(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_id(pkey) + } + + #[inline] + pub unsafe fn EVP_PKEY_bits(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_bits(pkey) + } + + #[inline] + pub unsafe fn EVP_PKEY_security_bits(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_security_bits(pkey) + } + } +} + +pub const EVP_PKEY_OP_KEYGEN: c_int = 1 << 2; +cfg_if! { + if #[cfg(ossl300)] { + pub const EVP_PKEY_OP_SIGN: c_int = 1 << 4; + pub const EVP_PKEY_OP_VERIFY: c_int = 1 << 5; + pub const EVP_PKEY_OP_VERIFYRECOVER: c_int = 1 << 6; + pub const EVP_PKEY_OP_SIGNCTX: c_int = 1 << 7; + pub const EVP_PKEY_OP_VERIFYCTX: c_int = 1 << 8; + pub const EVP_PKEY_OP_ENCRYPT: c_int = 1 << 9; + pub const EVP_PKEY_OP_DECRYPT: c_int = 1 << 10; + pub const EVP_PKEY_OP_DERIVE: c_int = 1 << 11; + } else { + pub const EVP_PKEY_OP_SIGN: c_int = 1 << 3; + pub const EVP_PKEY_OP_VERIFY: c_int = 1 << 4; + pub const EVP_PKEY_OP_VERIFYRECOVER: c_int = 1 << 5; + pub const EVP_PKEY_OP_SIGNCTX: c_int = 1 << 6; + pub const EVP_PKEY_OP_VERIFYCTX: c_int = 1 << 7; + pub const EVP_PKEY_OP_ENCRYPT: c_int = 1 << 8; + pub const EVP_PKEY_OP_DECRYPT: c_int = 1 << 9; + pub const EVP_PKEY_OP_DERIVE: c_int = 1 << 10; + } +} + +pub const EVP_PKEY_OP_TYPE_SIG: c_int = EVP_PKEY_OP_SIGN + | EVP_PKEY_OP_VERIFY + | EVP_PKEY_OP_VERIFYRECOVER + | EVP_PKEY_OP_SIGNCTX + | EVP_PKEY_OP_VERIFYCTX; + +pub const EVP_PKEY_OP_TYPE_CRYPT: c_int = EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT; + +pub const EVP_PKEY_CTRL_SET_MAC_KEY: c_int = 6; + +pub const EVP_PKEY_CTRL_CIPHER: c_int = 12; + +pub const EVP_PKEY_ALG_CTRL: c_int = 0x1000; + +#[cfg(ossl111)] +pub const EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND: c_int = 0; + +#[cfg(ossl111)] +pub const EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY: c_int = 1; + +#[cfg(ossl111)] +pub const EVP_PKEY_HKDEF_MODE_EXPAND_ONLY: c_int = 2; + +#[cfg(ossl110)] +pub const EVP_PKEY_CTRL_HKDF_MD: c_int = EVP_PKEY_ALG_CTRL + 3; + +#[cfg(ossl110)] +pub const EVP_PKEY_CTRL_HKDF_SALT: c_int = EVP_PKEY_ALG_CTRL + 4; + +#[cfg(ossl110)] +pub const EVP_PKEY_CTRL_HKDF_KEY: c_int = EVP_PKEY_ALG_CTRL + 5; + +#[cfg(ossl110)] +pub const EVP_PKEY_CTRL_HKDF_INFO: c_int = EVP_PKEY_ALG_CTRL + 6; + +#[cfg(ossl111)] +pub const EVP_PKEY_CTRL_HKDF_MODE: c_int = EVP_PKEY_ALG_CTRL + 7; + +#[cfg(all(ossl111, not(ossl300)))] +pub unsafe fn EVP_PKEY_CTX_set_hkdf_mode(ctx: *mut EVP_PKEY_CTX, mode: c_int) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + -1, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_HKDF_MODE, + mode, + std::ptr::null_mut(), + ) +} + +#[cfg(all(ossl110, not(ossl300)))] +pub unsafe fn EVP_PKEY_CTX_set_hkdf_md(ctx: *mut EVP_PKEY_CTX, md: *const EVP_MD) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + -1, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_HKDF_MD, + 0, + md as *mut c_void, + ) +} + +#[cfg(all(ossl110, not(ossl300)))] +pub unsafe fn EVP_PKEY_CTX_set1_hkdf_salt( + ctx: *mut EVP_PKEY_CTX, + salt: *const u8, + saltlen: c_int, +) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + -1, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_HKDF_SALT, + saltlen, + salt as *mut c_void, + ) +} + +#[cfg(all(ossl110, not(ossl300)))] +pub unsafe fn EVP_PKEY_CTX_set1_hkdf_key( + ctx: *mut EVP_PKEY_CTX, + key: *const u8, + keylen: c_int, +) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + -1, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_HKDF_KEY, + keylen, + key as *mut c_void, + ) +} + +#[cfg(all(ossl110, not(ossl300)))] +pub unsafe fn EVP_PKEY_CTX_add1_hkdf_info( + ctx: *mut EVP_PKEY_CTX, + info: *const u8, + infolen: c_int, +) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + -1, + EVP_PKEY_OP_DERIVE, + EVP_PKEY_CTRL_HKDF_INFO, + infolen, + info as *mut c_void, + ) +} diff --git a/openssl-sys/src/handwritten/aes.rs b/openssl-sys/src/handwritten/aes.rs new file mode 100644 index 000000000..ba249362c --- /dev/null +++ b/openssl-sys/src/handwritten/aes.rs @@ -0,0 +1,40 @@ +use super::super::*; +use libc::*; + +#[repr(C)] +pub struct AES_KEY { + // There is some business with AES_LONG which is there to ensure the values here are 32 bits + rd_key: [u32; 4 * (AES_MAXNR as usize + 1)], + rounds: c_int, +} + +extern "C" { + pub fn AES_set_encrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int; + pub fn AES_set_decrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int; + + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn AES_ige_encrypt( + in_: *const c_uchar, + out: *mut c_uchar, + length: size_t, + key: *const AES_KEY, + ivec: *mut c_uchar, + enc: c_int, + ); + + pub fn AES_wrap_key( + key: *mut AES_KEY, + iv: *const c_uchar, + out: *mut c_uchar, + in_: *const c_uchar, + inlen: c_uint, + ) -> c_int; + + pub fn AES_unwrap_key( + key: *mut AES_KEY, + iv: *const c_uchar, + out: *mut c_uchar, + in_: *const c_uchar, + inlen: c_uint, + ) -> c_int; +} diff --git a/openssl-sys/src/handwritten/asn1.rs b/openssl-sys/src/handwritten/asn1.rs new file mode 100644 index 000000000..7163a69d5 --- /dev/null +++ b/openssl-sys/src/handwritten/asn1.rs @@ -0,0 +1,60 @@ +use super::super::*; +use libc::*; + +#[repr(C)] +pub struct ASN1_ENCODING { + pub enc: *mut c_uchar, + pub len: c_long, + pub modified: c_int, +} + +extern "C" { + pub fn ASN1_OBJECT_free(x: *mut ASN1_OBJECT); +} + +stack!(stack_st_ASN1_OBJECT); + +extern "C" { + pub fn ASN1_STRING_type_new(ty: c_int) -> *mut ASN1_STRING; + #[cfg(any(ossl110, libressl273))] + pub fn ASN1_STRING_get0_data(x: *const ASN1_STRING) -> *const c_uchar; + #[cfg(any(all(ossl101, not(ossl110)), libressl))] + pub fn ASN1_STRING_data(x: *mut ASN1_STRING) -> *mut c_uchar; + + pub fn ASN1_BIT_STRING_free(x: *mut ASN1_BIT_STRING); + + pub fn ASN1_STRING_free(x: *mut ASN1_STRING); + pub fn ASN1_STRING_length(x: *const ASN1_STRING) -> c_int; + + pub fn ASN1_STRING_set(x: *mut ASN1_STRING, data: *const c_void, len: c_int) -> c_int; + + pub fn ASN1_GENERALIZEDTIME_free(tm: *mut ASN1_GENERALIZEDTIME); + pub fn ASN1_GENERALIZEDTIME_print(b: *mut BIO, tm: *const ASN1_GENERALIZEDTIME) -> c_int; + pub fn ASN1_TIME_new() -> *mut ASN1_TIME; + #[cfg(ossl102)] + pub fn ASN1_TIME_diff( + pday: *mut c_int, + psec: *mut c_int, + from: *const ASN1_TIME, + to: *const ASN1_TIME, + ) -> c_int; + pub fn ASN1_TIME_free(tm: *mut ASN1_TIME); + pub fn ASN1_TIME_print(b: *mut BIO, tm: *const ASN1_TIME) -> c_int; + pub fn ASN1_TIME_set(from: *mut ASN1_TIME, to: time_t) -> *mut ASN1_TIME; + + pub fn ASN1_INTEGER_free(x: *mut ASN1_INTEGER); + pub fn ASN1_INTEGER_get(dest: *const ASN1_INTEGER) -> c_long; + pub fn ASN1_INTEGER_set(dest: *mut ASN1_INTEGER, value: c_long) -> c_int; + pub fn BN_to_ASN1_INTEGER(bn: *const BIGNUM, ai: *mut ASN1_INTEGER) -> *mut ASN1_INTEGER; + pub fn ASN1_INTEGER_to_BN(ai: *const ASN1_INTEGER, bn: *mut BIGNUM) -> *mut BIGNUM; + + pub fn ASN1_TIME_set_string(s: *mut ASN1_TIME, str: *const c_char) -> c_int; + #[cfg(ossl111)] + pub fn ASN1_TIME_set_string_X509(s: *mut ASN1_TIME, str: *const c_char) -> c_int; +} + +const_ptr_api! { + extern "C" { + pub fn ASN1_STRING_to_UTF8(out: *mut *mut c_uchar, s: #[const_ptr_if(any(ossl110, libressl280))] ASN1_STRING) -> c_int; + } +} diff --git a/openssl-sys/src/handwritten/bio.rs b/openssl-sys/src/handwritten/bio.rs new file mode 100644 index 000000000..7d9752225 --- /dev/null +++ b/openssl-sys/src/handwritten/bio.rs @@ -0,0 +1,107 @@ +use super::super::*; +use libc::*; + +extern "C" { + pub fn BIO_set_flags(b: *mut BIO, flags: c_int); + pub fn BIO_clear_flags(b: *mut BIO, flags: c_int); +} + +pub type bio_info_cb = + Option; + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum BIO_METHOD {} + } else { + #[repr(C)] + pub struct BIO_METHOD { + pub type_: c_int, + pub name: *const c_char, + pub bwrite: Option c_int>, + pub bread: Option c_int>, + pub bputs: Option c_int>, + pub bgets: Option c_int>, + pub ctrl: Option c_long>, + pub create: Option c_int>, + pub destroy: Option c_int>, + pub callback_ctrl: Option c_long>, + } + } +} + +const_ptr_api! { + extern "C" { + pub fn BIO_s_file() -> #[const_ptr_if(any(ossl110, libressl280))] BIO_METHOD; + pub fn BIO_new(type_: #[const_ptr_if(any(ossl110, libressl280))] BIO_METHOD) -> *mut BIO; + } +} +extern "C" { + #[cfg(not(osslconf = "OPENSSL_NO_STDIO"))] + pub fn BIO_new_fp(stream: *mut FILE, close_flag: c_int) -> *mut BIO; + #[cfg(any(ossl110, libressl273))] + pub fn BIO_set_data(a: *mut BIO, data: *mut c_void); + #[cfg(any(ossl110, libressl273))] + pub fn BIO_get_data(a: *mut BIO) -> *mut c_void; + #[cfg(any(ossl110, libressl273))] + pub fn BIO_set_init(a: *mut BIO, init: c_int); + pub fn BIO_write(b: *mut BIO, buf: *const c_void, len: c_int) -> c_int; + pub fn BIO_read(b: *mut BIO, buf: *mut c_void, len: c_int) -> c_int; + pub fn BIO_ctrl(b: *mut BIO, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long; + pub fn BIO_free_all(b: *mut BIO); +} + +const_ptr_api! { + extern "C" { + pub fn BIO_s_mem() -> #[const_ptr_if(any(ossl110, libressl280))] BIO_METHOD; + pub fn BIO_new_mem_buf(buf: #[const_ptr_if(any(ossl102, libressl280))] c_void, len: c_int) -> *mut BIO; + } +} + +extern "C" { + pub fn BIO_new_socket(sock: c_int, close_flag: c_int) -> *mut BIO; + + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_new(type_: c_int, name: *const c_char) -> *mut BIO_METHOD; + #[cfg(any(ossl110, libressl273))] + pub fn BIO_meth_free(biom: *mut BIO_METHOD); +} + +#[allow(clashing_extern_declarations)] +extern "C" { + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_write"] + pub fn BIO_meth_set_write__fixed_rust( + biom: *mut BIO_METHOD, + write: Option c_int>, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_read"] + pub fn BIO_meth_set_read__fixed_rust( + biom: *mut BIO_METHOD, + read: Option c_int>, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_puts"] + pub fn BIO_meth_set_puts__fixed_rust( + biom: *mut BIO_METHOD, + read: Option c_int>, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_ctrl"] + pub fn BIO_meth_set_ctrl__fixed_rust( + biom: *mut BIO_METHOD, + read: Option c_long>, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_create"] + pub fn BIO_meth_set_create__fixed_rust( + biom: *mut BIO_METHOD, + create: Option c_int>, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + #[link_name = "BIO_meth_set_destroy"] + pub fn BIO_meth_set_destroy__fixed_rust( + biom: *mut BIO_METHOD, + destroy: Option c_int>, + ) -> c_int; +} diff --git a/openssl-sys/src/handwritten/bn.rs b/openssl-sys/src/handwritten/bn.rs new file mode 100644 index 000000000..81348f692 --- /dev/null +++ b/openssl-sys/src/handwritten/bn.rs @@ -0,0 +1,168 @@ +use super::super::*; +use libc::*; + +extern "C" { + pub fn BN_CTX_new() -> *mut BN_CTX; + #[cfg(ossl110)] + pub fn BN_CTX_secure_new() -> *mut BN_CTX; + pub fn BN_CTX_free(ctx: *mut BN_CTX); + pub fn BN_rand(r: *mut BIGNUM, bits: c_int, top: c_int, bottom: c_int) -> c_int; + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn BN_pseudo_rand(r: *mut BIGNUM, bits: c_int, top: c_int, bottom: c_int) -> c_int; + pub fn BN_rand_range(r: *mut BIGNUM, range: *const BIGNUM) -> c_int; + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn BN_pseudo_rand_range(r: *mut BIGNUM, range: *const BIGNUM) -> c_int; + pub fn BN_new() -> *mut BIGNUM; + #[cfg(ossl110)] + pub fn BN_secure_new() -> *mut BIGNUM; + #[cfg(ossl110)] + pub fn BN_set_flags(b: *mut BIGNUM, n: c_int); + #[cfg(ossl110)] + pub fn BN_get_flags(b: *const BIGNUM, n: c_int) -> c_int; + pub fn BN_num_bits(bn: *const BIGNUM) -> c_int; + pub fn BN_clear_free(bn: *mut BIGNUM); + pub fn BN_bin2bn(s: *const u8, size: c_int, ret: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_bn2bin(a: *const BIGNUM, to: *mut u8) -> c_int; + #[cfg(ossl110)] + pub fn BN_bn2binpad(a: *const BIGNUM, to: *mut u8, tolen: c_int) -> c_int; + pub fn BN_sub(r: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM) -> c_int; + pub fn BN_add(r: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM) -> c_int; + pub fn BN_mul(r: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM, ctx: *mut BN_CTX) -> c_int; + pub fn BN_sqr(r: *mut BIGNUM, a: *const BIGNUM, ctx: *mut BN_CTX) -> c_int; + pub fn BN_set_negative(bn: *mut BIGNUM, n: c_int); + #[cfg(any(ossl110, libressl350))] + pub fn BN_is_negative(b: *const BIGNUM) -> c_int; + + pub fn BN_div( + dv: *mut BIGNUM, + rem: *mut BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + pub fn BN_nnmod( + rem: *mut BIGNUM, + a: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + pub fn BN_mod_add( + r: *mut BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + pub fn BN_mod_sub( + r: *mut BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + pub fn BN_mod_mul( + r: *mut BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + pub fn BN_mod_sqr( + r: *mut BIGNUM, + a: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn BN_mod_word(r: *const BIGNUM, w: BN_ULONG) -> BN_ULONG; + pub fn BN_div_word(r: *mut BIGNUM, w: BN_ULONG) -> BN_ULONG; + pub fn BN_mul_word(r: *mut BIGNUM, w: BN_ULONG) -> c_int; + pub fn BN_add_word(r: *mut BIGNUM, w: BN_ULONG) -> c_int; + pub fn BN_sub_word(r: *mut BIGNUM, w: BN_ULONG) -> c_int; + pub fn BN_set_word(bn: *mut BIGNUM, n: BN_ULONG) -> c_int; + + pub fn BN_cmp(a: *const BIGNUM, b: *const BIGNUM) -> c_int; + pub fn BN_free(bn: *mut BIGNUM); + pub fn BN_is_bit_set(a: *const BIGNUM, n: c_int) -> c_int; + pub fn BN_lshift(r: *mut BIGNUM, a: *const BIGNUM, n: c_int) -> c_int; + pub fn BN_lshift1(r: *mut BIGNUM, a: *const BIGNUM) -> c_int; + pub fn BN_exp(r: *mut BIGNUM, a: *const BIGNUM, p: *const BIGNUM, ctx: *mut BN_CTX) -> c_int; + + pub fn BN_mod_exp( + r: *mut BIGNUM, + a: *const BIGNUM, + p: *const BIGNUM, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn BN_mask_bits(a: *mut BIGNUM, n: c_int) -> c_int; + pub fn BN_rshift(r: *mut BIGNUM, a: *const BIGNUM, n: c_int) -> c_int; + pub fn BN_rshift1(r: *mut BIGNUM, a: *const BIGNUM) -> c_int; + pub fn BN_bn2hex(a: *const BIGNUM) -> *mut c_char; + pub fn BN_bn2dec(a: *const BIGNUM) -> *mut c_char; + pub fn BN_hex2bn(a: *mut *mut BIGNUM, s: *const c_char) -> c_int; + pub fn BN_dec2bn(a: *mut *mut BIGNUM, s: *const c_char) -> c_int; + pub fn BN_gcd(r: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM, ctx: *mut BN_CTX) -> c_int; + pub fn BN_mod_inverse( + r: *mut BIGNUM, + a: *const BIGNUM, + n: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> *mut BIGNUM; + pub fn BN_clear(bn: *mut BIGNUM); + pub fn BN_dup(n: *const BIGNUM) -> *mut BIGNUM; + pub fn BN_ucmp(a: *const BIGNUM, b: *const BIGNUM) -> c_int; + pub fn BN_set_bit(a: *mut BIGNUM, n: c_int) -> c_int; + pub fn BN_clear_bit(a: *mut BIGNUM, n: c_int) -> c_int; + + pub fn BN_generate_prime_ex( + r: *mut BIGNUM, + bits: c_int, + safe: c_int, + add: *const BIGNUM, + rem: *const BIGNUM, + cb: *mut BN_GENCB, + ) -> c_int; + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn BN_is_prime_ex( + p: *const BIGNUM, + checks: c_int, + ctx: *mut BN_CTX, + cb: *mut BN_GENCB, + ) -> c_int; + #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] + pub fn BN_is_prime_fasttest_ex( + p: *const BIGNUM, + checks: c_int, + ctx: *mut BN_CTX, + do_trial_division: c_int, + cb: *mut BN_GENCB, + ) -> c_int; +} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + extern "C" { + pub fn BN_get_rfc2409_prime_768(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc2409_prime_1024(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_1536(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_2048(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_3072(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_4096(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_6144(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn BN_get_rfc3526_prime_8192(bn: *mut BIGNUM) -> *mut BIGNUM; + } + } else { + extern "C" { + pub fn get_rfc2409_prime_768(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc2409_prime_1024(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_1536(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_2048(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_3072(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_4096(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_6144(bn: *mut BIGNUM) -> *mut BIGNUM; + pub fn get_rfc3526_prime_8192(bn: *mut BIGNUM) -> *mut BIGNUM; + } + } +} diff --git a/openssl-sys/src/handwritten/cms.rs b/openssl-sys/src/handwritten/cms.rs new file mode 100644 index 000000000..a13ea423c --- /dev/null +++ b/openssl-sys/src/handwritten/cms.rs @@ -0,0 +1,65 @@ +use super::super::*; +use libc::*; + +pub enum CMS_ContentInfo {} + +extern "C" { + #[cfg(ossl101)] + pub fn CMS_ContentInfo_free(cms: *mut CMS_ContentInfo); +} + +const_ptr_api! { + extern "C" { + #[cfg(ossl101)] + pub fn i2d_CMS_ContentInfo(a: #[const_ptr_if(ossl300)] CMS_ContentInfo, pp: *mut *mut c_uchar) -> c_int; + } +} + +extern "C" { + #[cfg(ossl101)] + pub fn d2i_CMS_ContentInfo( + a: *mut *mut CMS_ContentInfo, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut CMS_ContentInfo; + + #[cfg(ossl101)] + pub fn SMIME_read_CMS(bio: *mut BIO, bcont: *mut *mut BIO) -> *mut CMS_ContentInfo; + + #[cfg(ossl101)] + pub fn CMS_sign( + signcert: *mut X509, + pkey: *mut EVP_PKEY, + certs: *mut stack_st_X509, + data: *mut BIO, + flags: c_uint, + ) -> *mut CMS_ContentInfo; + + #[cfg(ossl101)] + pub fn CMS_verify( + cms: *mut CMS_ContentInfo, + certs: *mut stack_st_X509, + store: *mut X509_STORE, + detached_data: *mut BIO, + out: *mut BIO, + flags: c_uint, + ) -> c_int; + + #[cfg(ossl101)] + pub fn CMS_encrypt( + certs: *mut stack_st_X509, + data: *mut BIO, + cipher: *const EVP_CIPHER, + flags: c_uint, + ) -> *mut CMS_ContentInfo; + + #[cfg(ossl101)] + pub fn CMS_decrypt( + cms: *mut CMS_ContentInfo, + pkey: *mut EVP_PKEY, + cert: *mut X509, + dcont: *mut BIO, + out: *mut BIO, + flags: c_uint, + ) -> c_int; +} diff --git a/openssl-sys/src/handwritten/conf.rs b/openssl-sys/src/handwritten/conf.rs new file mode 100644 index 000000000..2348d7d4c --- /dev/null +++ b/openssl-sys/src/handwritten/conf.rs @@ -0,0 +1,7 @@ +use super::super::*; + +extern "C" { + pub fn NCONF_new(meth: *mut CONF_METHOD) -> *mut CONF; + pub fn NCONF_default() -> *mut CONF_METHOD; + pub fn NCONF_free(conf: *mut CONF); +} diff --git a/openssl-sys/src/handwritten/crypto.rs b/openssl-sys/src/handwritten/crypto.rs new file mode 100644 index 000000000..62ccbce1e --- /dev/null +++ b/openssl-sys/src/handwritten/crypto.rs @@ -0,0 +1,85 @@ +use super::super::*; +use libc::*; + +stack!(stack_st_void); + +cfg_if! { + if #[cfg(any(ossl110, libressl271))] { + extern "C" { + pub fn OpenSSL_version_num() -> c_ulong; + pub fn OpenSSL_version(key: c_int) -> *const c_char; + } + } else { + extern "C" { + pub fn SSLeay() -> c_ulong; + pub fn SSLeay_version(key: c_int) -> *const c_char; + } + } +} + +extern "C" { + #[cfg(any(ossl110, libressl))] + pub fn CRYPTO_get_ex_new_index( + class_index: c_int, + argl: c_long, + argp: *mut c_void, + new_func: Option, + dup_func: Option, + free_func: Option, + ) -> c_int; + + #[cfg(not(ossl110))] + pub fn CRYPTO_num_locks() -> c_int; +} + +#[allow(clashing_extern_declarations)] +extern "C" { + #[cfg(not(ossl110))] + #[link_name = "CRYPTO_set_locking_callback"] + pub fn CRYPTO_set_locking_callback__fixed_rust( + func: Option, + ); + + #[cfg(not(ossl110))] + #[link_name = "CRYPTO_set_id_callback"] + pub fn CRYPTO_set_id_callback__fixed_rust(func: Option c_ulong>); +} + +extern "C" { + #[cfg(not(ossl110))] + pub fn CRYPTO_add_lock( + pointer: *mut c_int, + amount: c_int, + type_: c_int, + file: *const c_char, + line: c_int, + ) -> c_int; +} + +cfg_if! { + if #[cfg(ossl110)] { + extern "C" { + pub fn CRYPTO_malloc(num: size_t, file: *const c_char, line: c_int) -> *mut c_void; + pub fn CRYPTO_free(buf: *mut c_void, file: *const c_char, line: c_int); + } + } else { + extern "C" { + pub fn CRYPTO_malloc(num: c_int, file: *const c_char, line: c_int) -> *mut c_void; + pub fn CRYPTO_free(buf: *mut c_void); + } + } +} + +extern "C" { + #[cfg(all(ossl101, not(ossl300)))] + pub fn FIPS_mode() -> c_int; + #[cfg(all(ossl101, not(ossl300)))] + pub fn FIPS_mode_set(onoff: c_int) -> c_int; + + pub fn CRYPTO_memcmp(a: *const c_void, b: *const c_void, len: size_t) -> c_int; + + #[cfg(ossl300)] + pub fn OSSL_LIB_CTX_new() -> *mut OSSL_LIB_CTX; + #[cfg(ossl300)] + pub fn OSSL_LIB_CTX_free(libcts: *mut OSSL_LIB_CTX); +} diff --git a/openssl-sys/src/handwritten/dh.rs b/openssl-sys/src/handwritten/dh.rs new file mode 100644 index 000000000..a4de122ea --- /dev/null +++ b/openssl-sys/src/handwritten/dh.rs @@ -0,0 +1,50 @@ +use super::super::*; + +extern "C" { + pub fn DH_new() -> *mut DH; + pub fn DH_free(dh: *mut DH); + + pub fn DH_generate_parameters( + prime_len: c_int, + generator: c_int, + callback: Option, + cb_arg: *mut c_void, + ) -> *mut DH; + + pub fn DH_generate_parameters_ex( + dh: *mut DH, + prime_len: c_int, + generator: c_int, + cb: *mut BN_GENCB, + ) -> c_int; + + pub fn DH_generate_key(dh: *mut DH) -> c_int; + pub fn DH_compute_key(key: *mut c_uchar, pub_key: *const BIGNUM, dh: *mut DH) -> c_int; + pub fn DH_size(dh: *const DH) -> c_int; + + pub fn d2i_DHparams(k: *mut *mut DH, pp: *mut *const c_uchar, length: c_long) -> *mut DH; + pub fn i2d_DHparams(dh: *const DH, pp: *mut *mut c_uchar) -> c_int; + + #[cfg(ossl102)] + pub fn DH_get_1024_160() -> *mut DH; + #[cfg(ossl102)] + pub fn DH_get_2048_224() -> *mut DH; + #[cfg(ossl102)] + pub fn DH_get_2048_256() -> *mut DH; + + #[cfg(any(ossl110, libressl270))] + pub fn DH_set0_pqg(dh: *mut DH, p: *mut BIGNUM, q: *mut BIGNUM, g: *mut BIGNUM) -> c_int; + #[cfg(any(ossl110, libressl270))] + pub fn DH_get0_pqg( + dh: *const DH, + p: *mut *const BIGNUM, + q: *mut *const BIGNUM, + g: *mut *const BIGNUM, + ); + + #[cfg(any(ossl110, libressl270))] + pub fn DH_set0_key(dh: *mut DH, pub_key: *mut BIGNUM, priv_key: *mut BIGNUM) -> c_int; + + #[cfg(any(ossl110, libressl270))] + pub fn DH_get0_key(dh: *const DH, pub_key: *mut *const BIGNUM, priv_key: *mut *const BIGNUM); +} diff --git a/openssl-sys/src/handwritten/dsa.rs b/openssl-sys/src/handwritten/dsa.rs new file mode 100644 index 000000000..be25f23b6 --- /dev/null +++ b/openssl-sys/src/handwritten/dsa.rs @@ -0,0 +1,85 @@ +use libc::*; + +use super::super::*; + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum DSA_SIG {} + } else { + #[repr(C)] + pub struct DSA_SIG { + pub r: *mut BIGNUM, + pub s: *mut BIGNUM, + } + } +} + +extern "C" { + pub fn DSA_new() -> *mut DSA; + pub fn DSA_free(dsa: *mut DSA); + pub fn DSA_up_ref(dsa: *mut DSA) -> c_int; + pub fn DSA_size(dsa: *const DSA) -> c_int; + pub fn DSA_sign( + dummy: c_int, + dgst: *const c_uchar, + len: c_int, + sigret: *mut c_uchar, + siglen: *mut c_uint, + dsa: *mut DSA, + ) -> c_int; + pub fn DSA_verify( + dummy: c_int, + dgst: *const c_uchar, + len: c_int, + sigbuf: *const c_uchar, + siglen: c_int, + dsa: *mut DSA, + ) -> c_int; + + pub fn d2i_DSAPublicKey(a: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) -> *mut DSA; + pub fn d2i_DSAPrivateKey(a: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) + -> *mut DSA; + + pub fn DSA_generate_parameters_ex( + dsa: *mut DSA, + bits: c_int, + seed: *const c_uchar, + seed_len: c_int, + counter_ref: *mut c_int, + h_ret: *mut c_ulong, + cb: *mut BN_GENCB, + ) -> c_int; + + pub fn DSA_generate_key(dsa: *mut DSA) -> c_int; + pub fn i2d_DSAPublicKey(a: *const DSA, pp: *mut *mut c_uchar) -> c_int; + pub fn i2d_DSAPrivateKey(a: *const DSA, pp: *mut *mut c_uchar) -> c_int; + + #[cfg(any(ossl110, libressl273))] + pub fn DSA_get0_pqg( + d: *const DSA, + p: *mut *const BIGNUM, + q: *mut *const BIGNUM, + q: *mut *const BIGNUM, + ); + #[cfg(any(ossl110, libressl273))] + pub fn DSA_set0_pqg(d: *mut DSA, p: *mut BIGNUM, q: *mut BIGNUM, q: *mut BIGNUM) -> c_int; + #[cfg(any(ossl110, libressl273))] + pub fn DSA_get0_key(d: *const DSA, pub_key: *mut *const BIGNUM, priv_key: *mut *const BIGNUM); + #[cfg(any(ossl110, libressl273))] + pub fn DSA_set0_key(d: *mut DSA, pub_key: *mut BIGNUM, priv_key: *mut BIGNUM) -> c_int; + pub fn d2i_DSA_SIG( + sig: *mut *mut DSA_SIG, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut DSA_SIG; + pub fn i2d_DSA_SIG(a: *const DSA_SIG, pp: *mut *mut c_uchar) -> c_int; + + pub fn DSA_SIG_new() -> *mut DSA_SIG; + pub fn DSA_SIG_free(sig: *mut DSA_SIG); + + #[cfg(any(ossl110, libressl273))] + pub fn DSA_SIG_get0(sig: *const DSA_SIG, pr: *mut *const BIGNUM, ps: *mut *const BIGNUM); + + #[cfg(any(ossl110, libressl273))] + pub fn DSA_SIG_set0(sig: *mut DSA_SIG, pr: *mut BIGNUM, ps: *mut BIGNUM) -> c_int; +} diff --git a/openssl-sys/src/handwritten/ec.rs b/openssl-sys/src/handwritten/ec.rs new file mode 100644 index 000000000..6ee475f32 --- /dev/null +++ b/openssl-sys/src/handwritten/ec.rs @@ -0,0 +1,255 @@ +use super::super::*; +use libc::*; + +#[repr(C)] +#[derive(Copy, Clone)] +pub enum point_conversion_form_t { + POINT_CONVERSION_COMPRESSED = 2, + POINT_CONVERSION_UNCOMPRESSED = 4, + POINT_CONVERSION_HYBRID = 6, +} + +pub enum EC_METHOD {} +pub enum EC_GROUP {} +pub enum EC_POINT {} + +extern "C" { + #[cfg(not(osslconf = "OPENSSL_NO_EC2M"))] + pub fn EC_GF2m_simple_method() -> *const EC_METHOD; + + pub fn EC_GROUP_new(meth: *const EC_METHOD) -> *mut EC_GROUP; + + pub fn EC_GROUP_free(group: *mut EC_GROUP); + + pub fn EC_GROUP_get_order( + group: *const EC_GROUP, + order: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_GROUP_get_cofactor( + group: *const EC_GROUP, + cofactor: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_GROUP_get0_generator(group: *const EC_GROUP) -> *const EC_POINT; + + pub fn EC_GROUP_set_generator( + group: *mut EC_GROUP, + generator: *const EC_POINT, + order: *const BIGNUM, + cofactor: *const BIGNUM, + ) -> c_int; + + pub fn EC_GROUP_get_curve_name(group: *const EC_GROUP) -> c_int; + + pub fn EC_GROUP_set_asn1_flag(key: *mut EC_GROUP, flag: c_int); + + pub fn EC_GROUP_get_curve_GFp( + group: *const EC_GROUP, + p: *mut BIGNUM, + a: *mut BIGNUM, + b: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + #[cfg(not(osslconf = "OPENSSL_NO_EC2M"))] + pub fn EC_GROUP_get_curve_GF2m( + group: *const EC_GROUP, + p: *mut BIGNUM, + a: *mut BIGNUM, + b: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_GROUP_get_degree(group: *const EC_GROUP) -> c_int; + + #[cfg(ossl110)] + pub fn EC_GROUP_order_bits(group: *const EC_GROUP) -> c_int; + + pub fn EC_GROUP_new_curve_GFp( + p: *const BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> *mut EC_GROUP; + + #[cfg(not(osslconf = "OPENSSL_NO_EC2M"))] + pub fn EC_GROUP_new_curve_GF2m( + p: *const BIGNUM, + a: *const BIGNUM, + b: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> *mut EC_GROUP; + + pub fn EC_GROUP_new_by_curve_name(nid: c_int) -> *mut EC_GROUP; + + pub fn EC_POINT_is_at_infinity(group: *const EC_GROUP, point: *const EC_POINT) -> c_int; + + pub fn EC_POINT_is_on_curve( + group: *const EC_GROUP, + point: *const EC_POINT, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_new(group: *const EC_GROUP) -> *mut EC_POINT; + + pub fn EC_POINT_free(point: *mut EC_POINT); + + pub fn EC_POINT_dup(p: *const EC_POINT, group: *const EC_GROUP) -> *mut EC_POINT; + + #[cfg(ossl111)] + pub fn EC_POINT_get_affine_coordinates( + group: *const EC_GROUP, + p: *const EC_POINT, + x: *mut BIGNUM, + y: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_get_affine_coordinates_GFp( + group: *const EC_GROUP, + p: *const EC_POINT, + x: *mut BIGNUM, + y: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_set_affine_coordinates_GFp( + group: *const EC_GROUP, + p: *mut EC_POINT, + x: *const BIGNUM, + y: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + #[cfg(not(osslconf = "OPENSSL_NO_EC2M"))] + pub fn EC_POINT_get_affine_coordinates_GF2m( + group: *const EC_GROUP, + p: *const EC_POINT, + x: *mut BIGNUM, + y: *mut BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_point2oct( + group: *const EC_GROUP, + p: *const EC_POINT, + form: point_conversion_form_t, + buf: *mut c_uchar, + len: size_t, + ctx: *mut BN_CTX, + ) -> size_t; + + pub fn EC_POINT_oct2point( + group: *const EC_GROUP, + p: *mut EC_POINT, + buf: *const c_uchar, + len: size_t, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_add( + group: *const EC_GROUP, + r: *mut EC_POINT, + a: *const EC_POINT, + b: *const EC_POINT, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_invert(group: *const EC_GROUP, r: *mut EC_POINT, ctx: *mut BN_CTX) -> c_int; + + pub fn EC_POINT_cmp( + group: *const EC_GROUP, + a: *const EC_POINT, + b: *const EC_POINT, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_POINT_mul( + group: *const EC_GROUP, + r: *mut EC_POINT, + n: *const BIGNUM, + q: *const EC_POINT, + m: *const BIGNUM, + ctx: *mut BN_CTX, + ) -> c_int; + + pub fn EC_KEY_new() -> *mut EC_KEY; + + pub fn EC_KEY_new_by_curve_name(nid: c_int) -> *mut EC_KEY; + + pub fn EC_KEY_free(key: *mut EC_KEY); + + pub fn EC_KEY_dup(key: *const EC_KEY) -> *mut EC_KEY; + + pub fn EC_KEY_up_ref(key: *mut EC_KEY) -> c_int; + + pub fn EC_KEY_get0_group(key: *const EC_KEY) -> *const EC_GROUP; + + pub fn EC_KEY_set_group(key: *mut EC_KEY, group: *const EC_GROUP) -> c_int; + + pub fn EC_KEY_get0_private_key(key: *const EC_KEY) -> *const BIGNUM; + + pub fn EC_KEY_set_private_key(key: *mut EC_KEY, key: *const BIGNUM) -> c_int; + + pub fn EC_KEY_get0_public_key(key: *const EC_KEY) -> *const EC_POINT; + + pub fn EC_KEY_set_public_key(key: *mut EC_KEY, key: *const EC_POINT) -> c_int; + + pub fn EC_KEY_generate_key(key: *mut EC_KEY) -> c_int; + + pub fn EC_KEY_check_key(key: *const EC_KEY) -> c_int; + + pub fn EC_KEY_set_public_key_affine_coordinates( + key: *mut EC_KEY, + x: *mut BIGNUM, + y: *mut BIGNUM, + ) -> c_int; +} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum ECDSA_SIG {} + } else { + #[repr(C)] + pub struct ECDSA_SIG { + pub r: *mut BIGNUM, + pub s: *mut BIGNUM, + } + } +} + +extern "C" { + pub fn ECDSA_SIG_new() -> *mut ECDSA_SIG; + + pub fn ECDSA_SIG_free(sig: *mut ECDSA_SIG); + + #[cfg(any(ossl110, libressl273))] + pub fn ECDSA_SIG_get0(sig: *const ECDSA_SIG, pr: *mut *const BIGNUM, ps: *mut *const BIGNUM); + + #[cfg(any(ossl110, libressl273))] + pub fn ECDSA_SIG_set0(sig: *mut ECDSA_SIG, pr: *mut BIGNUM, ps: *mut BIGNUM) -> c_int; + + pub fn ECDSA_do_sign( + dgst: *const c_uchar, + dgst_len: c_int, + eckey: *mut EC_KEY, + ) -> *mut ECDSA_SIG; + + pub fn ECDSA_do_verify( + dgst: *const c_uchar, + dgst_len: c_int, + sig: *const ECDSA_SIG, + eckey: *mut EC_KEY, + ) -> c_int; + + pub fn d2i_ECDSA_SIG( + sig: *mut *mut ECDSA_SIG, + inp: *mut *const c_uchar, + length: c_long, + ) -> *mut ECDSA_SIG; + + pub fn i2d_ECDSA_SIG(sig: *const ECDSA_SIG, out: *mut *mut c_uchar) -> c_int; +} diff --git a/openssl-sys/src/handwritten/err.rs b/openssl-sys/src/handwritten/err.rs new file mode 100644 index 000000000..5653c1d18 --- /dev/null +++ b/openssl-sys/src/handwritten/err.rs @@ -0,0 +1,55 @@ +use super::super::*; +use libc::*; + +#[repr(C)] +pub struct ERR_STRING_DATA { + pub error: c_ulong, + pub string: *const c_char, +} + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn ERR_new(); + pub fn ERR_set_debug(file: *const c_char, line: c_int, func: *const c_char); + pub fn ERR_set_error(lib: c_int, reason: c_int, fmt: *const c_char, ...); + } + } else { + extern "C" { + pub fn ERR_put_error(lib: c_int, func: c_int, reason: c_int, file: *const c_char, line: c_int); + } + } +} + +extern "C" { + pub fn ERR_set_error_data(data: *mut c_char, flags: c_int); + + pub fn ERR_get_error() -> c_ulong; + #[cfg(ossl300)] + pub fn ERR_get_error_all( + file: *mut *const c_char, + line: *mut c_int, + func: *mut *const c_char, + data: *mut *const c_char, + flags: *mut c_int, + ) -> c_ulong; + pub fn ERR_get_error_line_data( + file: *mut *const c_char, + line: *mut c_int, + data: *mut *const c_char, + flags: *mut c_int, + ) -> c_ulong; + pub fn ERR_peek_last_error() -> c_ulong; + pub fn ERR_clear_error(); + pub fn ERR_lib_error_string(err: c_ulong) -> *const c_char; + pub fn ERR_func_error_string(err: c_ulong) -> *const c_char; + pub fn ERR_reason_error_string(err: c_ulong) -> *const c_char; + #[cfg(ossl110)] + pub fn ERR_load_strings(lib: c_int, str: *mut ERR_STRING_DATA) -> c_int; + #[cfg(not(ossl110))] + pub fn ERR_load_strings(lib: c_int, str: *mut ERR_STRING_DATA); + #[cfg(not(ossl110))] + pub fn ERR_load_crypto_strings(); + + pub fn ERR_get_next_error_library() -> c_int; +} diff --git a/openssl-sys/src/handwritten/evp.rs b/openssl-sys/src/handwritten/evp.rs new file mode 100644 index 000000000..772709650 --- /dev/null +++ b/openssl-sys/src/handwritten/evp.rs @@ -0,0 +1,600 @@ +use super::super::*; +use libc::*; + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn EVP_MD_get_block_size(md: *const EVP_MD) -> c_int; + pub fn EVP_MD_get_size(md: *const EVP_MD) -> c_int; + pub fn EVP_MD_get_type(md: *const EVP_MD) -> c_int; + + pub fn EVP_MD_CTX_get0_md(ctx: *const EVP_MD_CTX) -> *const EVP_MD; + + pub fn EVP_CIPHER_get_key_length(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_get_block_size(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_get_iv_length(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_get_nid(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_fetch( + ctx: *mut OSSL_LIB_CTX, + algorithm: *const c_char, + properties: *const c_char, + ) -> *mut EVP_CIPHER; + pub fn EVP_CIPHER_free(cipher: *mut EVP_CIPHER); + + pub fn EVP_CIPHER_CTX_get0_cipher(ctx: *const EVP_CIPHER_CTX) -> *const EVP_CIPHER; + pub fn EVP_CIPHER_CTX_get_block_size(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_get_key_length(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_get_iv_length(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_get_tag_length(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_get_num(ctx: *const EVP_CIPHER_CTX) -> c_int; + } + } else { + extern "C" { + pub fn EVP_MD_block_size(md: *const EVP_MD) -> c_int; + pub fn EVP_MD_size(md: *const EVP_MD) -> c_int; + pub fn EVP_MD_type(md: *const EVP_MD) -> c_int; + + pub fn EVP_MD_CTX_md(ctx: *const EVP_MD_CTX) -> *const EVP_MD; + + pub fn EVP_CIPHER_key_length(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_block_size(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_iv_length(cipher: *const EVP_CIPHER) -> c_int; + pub fn EVP_CIPHER_nid(cipher: *const EVP_CIPHER) -> c_int; + + pub fn EVP_CIPHER_CTX_cipher(ctx: *const EVP_CIPHER_CTX) -> *const EVP_CIPHER; + pub fn EVP_CIPHER_CTX_block_size(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_key_length(ctx: *const EVP_CIPHER_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_iv_length(ctx: *const EVP_CIPHER_CTX) -> c_int; + #[cfg(ossl110)] + pub fn EVP_CIPHER_CTX_num(ctx: *const EVP_CIPHER_CTX) -> c_int; + } + } +} + +cfg_if! { + if #[cfg(ossl110)] { + extern "C" { + pub fn EVP_MD_CTX_new() -> *mut EVP_MD_CTX; + pub fn EVP_MD_CTX_free(ctx: *mut EVP_MD_CTX); + } + } else { + extern "C" { + pub fn EVP_MD_CTX_create() -> *mut EVP_MD_CTX; + pub fn EVP_MD_CTX_destroy(ctx: *mut EVP_MD_CTX); + } + } +} + +extern "C" { + pub fn EVP_DigestInit_ex(ctx: *mut EVP_MD_CTX, typ: *const EVP_MD, imple: *mut ENGINE) + -> c_int; + pub fn EVP_DigestUpdate(ctx: *mut EVP_MD_CTX, data: *const c_void, n: size_t) -> c_int; + pub fn EVP_DigestFinal_ex(ctx: *mut EVP_MD_CTX, res: *mut u8, n: *mut u32) -> c_int; + #[cfg(ossl300)] + pub fn EVP_Q_digest( + libctx: *mut OSSL_LIB_CTX, + name: *const c_char, + propq: *const c_char, + data: *const c_void, + count: size_t, + md: *mut c_uchar, + size: *mut size_t, + ) -> c_int; + pub fn EVP_DigestInit(ctx: *mut EVP_MD_CTX, typ: *const EVP_MD) -> c_int; + pub fn EVP_DigestFinal(ctx: *mut EVP_MD_CTX, res: *mut u8, n: *mut u32) -> c_int; + #[cfg(ossl111)] + pub fn EVP_DigestFinalXOF(ctx: *mut EVP_MD_CTX, res: *mut u8, len: usize) -> c_int; + + #[cfg(ossl300)] + pub fn EVP_MD_fetch( + ctx: *mut OSSL_LIB_CTX, + algorithm: *const c_char, + properties: *const c_char, + ) -> *mut EVP_MD; + + #[cfg(ossl300)] + pub fn EVP_MD_free(md: *mut EVP_MD); + + pub fn EVP_BytesToKey( + typ: *const EVP_CIPHER, + md: *const EVP_MD, + salt: *const u8, + data: *const u8, + datalen: c_int, + count: c_int, + key: *mut u8, + iv: *mut u8, + ) -> c_int; + + pub fn EVP_CipherInit( + ctx: *mut EVP_CIPHER_CTX, + evp: *const EVP_CIPHER, + key: *const u8, + iv: *const u8, + mode: c_int, + ) -> c_int; + pub fn EVP_CipherInit_ex( + ctx: *mut EVP_CIPHER_CTX, + type_: *const EVP_CIPHER, + impl_: *mut ENGINE, + key: *const c_uchar, + iv: *const c_uchar, + enc: c_int, + ) -> c_int; + pub fn EVP_CipherUpdate( + ctx: *mut EVP_CIPHER_CTX, + outbuf: *mut u8, + outlen: *mut c_int, + inbuf: *const u8, + inlen: c_int, + ) -> c_int; + pub fn EVP_CipherFinal(ctx: *mut EVP_CIPHER_CTX, res: *mut u8, len: *mut c_int) -> c_int; + + pub fn EVP_DigestSignInit( + ctx: *mut EVP_MD_CTX, + pctx: *mut *mut EVP_PKEY_CTX, + type_: *const EVP_MD, + e: *mut ENGINE, + pkey: *mut EVP_PKEY, + ) -> c_int; + + #[cfg(ossl300)] + pub fn EVP_DigestSignUpdate(ctx: *mut EVP_MD_CTX, data: *const c_void, dsize: size_t) -> c_int; + pub fn EVP_DigestSignFinal( + ctx: *mut EVP_MD_CTX, + sig: *mut c_uchar, + siglen: *mut size_t, + ) -> c_int; + pub fn EVP_DigestVerifyInit( + ctx: *mut EVP_MD_CTX, + pctx: *mut *mut EVP_PKEY_CTX, + type_: *const EVP_MD, + e: *mut ENGINE, + pkey: *mut EVP_PKEY, + ) -> c_int; + #[cfg(ossl300)] + pub fn EVP_DigestVerifyUpdate( + ctx: *mut EVP_MD_CTX, + data: *const c_void, + dsize: size_t, + ) -> c_int; + pub fn EVP_SealInit( + ctx: *mut EVP_CIPHER_CTX, + type_: *const EVP_CIPHER, + ek: *mut *mut c_uchar, + ekl: *mut c_int, + iv: *mut c_uchar, + pubk: *mut *mut EVP_PKEY, + npubk: c_int, + ) -> c_int; + pub fn EVP_SealFinal(ctx: *mut EVP_CIPHER_CTX, out: *mut c_uchar, outl: *mut c_int) -> c_int; + pub fn EVP_EncryptInit_ex( + ctx: *mut EVP_CIPHER_CTX, + cipher: *const EVP_CIPHER, + impl_: *mut ENGINE, + key: *const c_uchar, + iv: *const c_uchar, + ) -> c_int; + pub fn EVP_EncryptUpdate( + ctx: *mut EVP_CIPHER_CTX, + out: *mut c_uchar, + outl: *mut c_int, + in_: *const u8, + inl: c_int, + ) -> c_int; + pub fn EVP_EncryptFinal_ex( + ctx: *mut EVP_CIPHER_CTX, + out: *mut c_uchar, + outl: *mut c_int, + ) -> c_int; + pub fn EVP_OpenInit( + ctx: *mut EVP_CIPHER_CTX, + type_: *const EVP_CIPHER, + ek: *const c_uchar, + ekl: c_int, + iv: *const c_uchar, + priv_: *mut EVP_PKEY, + ) -> c_int; + pub fn EVP_OpenFinal(ctx: *mut EVP_CIPHER_CTX, out: *mut c_uchar, outl: *mut c_int) -> c_int; + pub fn EVP_DecryptInit_ex( + ctx: *mut EVP_CIPHER_CTX, + cipher: *const EVP_CIPHER, + impl_: *mut ENGINE, + key: *const c_uchar, + iv: *const c_uchar, + ) -> c_int; + pub fn EVP_DecryptUpdate( + ctx: *mut EVP_CIPHER_CTX, + out: *mut c_uchar, + outl: *mut c_int, + in_: *const u8, + inl: c_int, + ) -> c_int; + pub fn EVP_DecryptFinal_ex( + ctx: *mut EVP_CIPHER_CTX, + outm: *mut c_uchar, + outl: *mut c_int, + ) -> c_int; +} +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn EVP_PKEY_get_size(pkey: *const EVP_PKEY) -> c_int; + } + } else { + const_ptr_api! { + extern "C" { + pub fn EVP_PKEY_size(pkey: #[const_ptr_if(any(ossl111b, libressl280))] EVP_PKEY) -> c_int; + } + } + } +} +cfg_if! { + if #[cfg(ossl111)] { + extern "C" { + pub fn EVP_DigestSign( + ctx: *mut EVP_MD_CTX, + sigret: *mut c_uchar, + siglen: *mut size_t, + tbs: *const c_uchar, + tbslen: size_t + ) -> c_int; + + pub fn EVP_DigestVerify( + ctx: *mut EVP_MD_CTX, + sigret: *const c_uchar, + siglen: size_t, + tbs: *const c_uchar, + tbslen: size_t + ) -> c_int; + } + } +} +const_ptr_api! { + extern "C" { + pub fn EVP_DigestVerifyFinal( + ctx: *mut EVP_MD_CTX, + sigret: #[const_ptr_if(any(ossl102, libressl280))] c_uchar, + siglen: size_t, + ) -> c_int; + } +} + +extern "C" { + pub fn EVP_CIPHER_CTX_new() -> *mut EVP_CIPHER_CTX; + pub fn EVP_CIPHER_CTX_free(ctx: *mut EVP_CIPHER_CTX); + pub fn EVP_MD_CTX_copy_ex(dst: *mut EVP_MD_CTX, src: *const EVP_MD_CTX) -> c_int; + #[cfg(ossl111)] + pub fn EVP_MD_CTX_reset(ctx: *mut EVP_MD_CTX) -> c_int; + pub fn EVP_CIPHER_CTX_set_key_length(ctx: *mut EVP_CIPHER_CTX, keylen: c_int) -> c_int; + pub fn EVP_CIPHER_CTX_set_padding(ctx: *mut EVP_CIPHER_CTX, padding: c_int) -> c_int; + pub fn EVP_CIPHER_CTX_ctrl( + ctx: *mut EVP_CIPHER_CTX, + type_: c_int, + arg: c_int, + ptr: *mut c_void, + ) -> c_int; + pub fn EVP_CIPHER_CTX_rand_key(ctx: *mut EVP_CIPHER_CTX, key: *mut c_uchar) -> c_int; + + pub fn EVP_md_null() -> *const EVP_MD; + pub fn EVP_md5() -> *const EVP_MD; + pub fn EVP_sha1() -> *const EVP_MD; + pub fn EVP_sha224() -> *const EVP_MD; + pub fn EVP_sha256() -> *const EVP_MD; + pub fn EVP_sha384() -> *const EVP_MD; + pub fn EVP_sha512() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_sha3_224() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_sha3_256() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_sha3_384() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_sha3_512() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_shake128() -> *const EVP_MD; + #[cfg(ossl111)] + pub fn EVP_shake256() -> *const EVP_MD; + pub fn EVP_ripemd160() -> *const EVP_MD; + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM3")))] + pub fn EVP_sm3() -> *const EVP_MD; + pub fn EVP_des_ecb() -> *const EVP_CIPHER; + pub fn EVP_des_ede3() -> *const EVP_CIPHER; + pub fn EVP_des_ede3_cbc() -> *const EVP_CIPHER; + pub fn EVP_des_ede3_cfb64() -> *const EVP_CIPHER; + pub fn EVP_des_cbc() -> *const EVP_CIPHER; + pub fn EVP_rc4() -> *const EVP_CIPHER; + pub fn EVP_bf_ecb() -> *const EVP_CIPHER; + pub fn EVP_bf_cbc() -> *const EVP_CIPHER; + pub fn EVP_bf_cfb64() -> *const EVP_CIPHER; + pub fn EVP_bf_ofb() -> *const EVP_CIPHER; + pub fn EVP_aes_128_ecb() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cbc() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cfb1() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cfb8() -> *const EVP_CIPHER; + pub fn EVP_aes_128_cfb128() -> *const EVP_CIPHER; + pub fn EVP_aes_128_ctr() -> *const EVP_CIPHER; + pub fn EVP_aes_128_ccm() -> *const EVP_CIPHER; + pub fn EVP_aes_128_gcm() -> *const EVP_CIPHER; + pub fn EVP_aes_128_xts() -> *const EVP_CIPHER; + pub fn EVP_aes_128_ofb() -> *const EVP_CIPHER; + #[cfg(ossl110)] + pub fn EVP_aes_128_ocb() -> *const EVP_CIPHER; + pub fn EVP_aes_192_ecb() -> *const EVP_CIPHER; + pub fn EVP_aes_192_cbc() -> *const EVP_CIPHER; + pub fn EVP_aes_192_cfb1() -> *const EVP_CIPHER; + pub fn EVP_aes_192_cfb8() -> *const EVP_CIPHER; + pub fn EVP_aes_192_cfb128() -> *const EVP_CIPHER; + pub fn EVP_aes_192_ctr() -> *const EVP_CIPHER; + pub fn EVP_aes_192_ccm() -> *const EVP_CIPHER; + pub fn EVP_aes_192_gcm() -> *const EVP_CIPHER; + pub fn EVP_aes_192_ofb() -> *const EVP_CIPHER; + #[cfg(ossl110)] + pub fn EVP_aes_192_ocb() -> *const EVP_CIPHER; + pub fn EVP_aes_256_ecb() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cbc() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cfb1() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cfb8() -> *const EVP_CIPHER; + pub fn EVP_aes_256_cfb128() -> *const EVP_CIPHER; + pub fn EVP_aes_256_ctr() -> *const EVP_CIPHER; + pub fn EVP_aes_256_ccm() -> *const EVP_CIPHER; + pub fn EVP_aes_256_gcm() -> *const EVP_CIPHER; + pub fn EVP_aes_256_xts() -> *const EVP_CIPHER; + pub fn EVP_aes_256_ofb() -> *const EVP_CIPHER; + #[cfg(ossl110)] + pub fn EVP_aes_256_ocb() -> *const EVP_CIPHER; + #[cfg(all(ossl110, not(osslconf = "OPENSSL_NO_CHACHA")))] + pub fn EVP_chacha20() -> *const EVP_CIPHER; + #[cfg(all(ossl110, not(osslconf = "OPENSSL_NO_CHACHA")))] + pub fn EVP_chacha20_poly1305() -> *const EVP_CIPHER; + #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] + pub fn EVP_seed_cbc() -> *const EVP_CIPHER; + #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] + pub fn EVP_seed_cfb128() -> *const EVP_CIPHER; + #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] + pub fn EVP_seed_ecb() -> *const EVP_CIPHER; + #[cfg(not(osslconf = "OPENSSL_NO_SEED"))] + pub fn EVP_seed_ofb() -> *const EVP_CIPHER; + + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn EVP_sm4_ecb() -> *const EVP_CIPHER; + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn EVP_sm4_cbc() -> *const EVP_CIPHER; + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn EVP_sm4_cfb128() -> *const EVP_CIPHER; + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn EVP_sm4_ofb() -> *const EVP_CIPHER; + #[cfg(all(any(ossl111, libressl291), not(osslconf = "OPENSSL_NO_SM4")))] + pub fn EVP_sm4_ctr() -> *const EVP_CIPHER; + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_128_cfb128() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_128_ecb() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_192_cfb128() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_192_ecb() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_256_cfb128() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAMELLIA")))] + pub fn EVP_camellia_256_ecb() -> *const EVP_CIPHER; + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAST")))] + pub fn EVP_cast5_cfb64() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_CAST")))] + pub fn EVP_cast5_ecb() -> *const EVP_CIPHER; + + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_IDEA")))] + pub fn EVP_idea_cfb64() -> *const EVP_CIPHER; + #[cfg(not(any(boringssl, osslconf = "OPENSSL_NO_IDEA")))] + pub fn EVP_idea_ecb() -> *const EVP_CIPHER; + + #[cfg(not(ossl110))] + pub fn OPENSSL_add_all_algorithms_noconf(); + + pub fn EVP_get_digestbyname(name: *const c_char) -> *const EVP_MD; + pub fn EVP_get_cipherbyname(name: *const c_char) -> *const EVP_CIPHER; +} + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn EVP_PKEY_get_id(pkey: *const EVP_PKEY) -> c_int; + pub fn EVP_PKEY_get_bits(key: *const EVP_PKEY) -> c_int; + pub fn EVP_PKEY_get_security_bits(key: *const EVP_PKEY) -> c_int; + } + + #[inline] + pub unsafe fn EVP_PKEY_id(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_id(pkey) + } + + #[inline] + pub unsafe fn EVP_PKEY_bits(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_bits(pkey) + } + + #[inline] + pub unsafe fn EVP_PKEY_security_bits(pkey: *const EVP_PKEY) -> c_int { + EVP_PKEY_get_security_bits(pkey) + } + + } else { + extern "C" { + pub fn EVP_PKEY_id(pkey: *const EVP_PKEY) -> c_int; + } + const_ptr_api! { + extern "C" { + pub fn EVP_PKEY_bits(key: #[const_ptr_if(any(ossl110, libressl280))] EVP_PKEY) -> c_int; + #[cfg(any(ossl110, libressl360))] + pub fn EVP_PKEY_security_bits(pkey: #[const_ptr_if(any(ossl110, libressl280))] EVP_PKEY) -> c_int; + } + } + } +} +extern "C" { + pub fn EVP_PKEY_assign(pkey: *mut EVP_PKEY, typ: c_int, key: *mut c_void) -> c_int; + + pub fn EVP_PKEY_set1_RSA(k: *mut EVP_PKEY, r: *mut RSA) -> c_int; + pub fn EVP_PKEY_get1_RSA(k: *mut EVP_PKEY) -> *mut RSA; + pub fn EVP_PKEY_get1_DSA(k: *mut EVP_PKEY) -> *mut DSA; + pub fn EVP_PKEY_get1_DH(k: *mut EVP_PKEY) -> *mut DH; + pub fn EVP_PKEY_get1_EC_KEY(k: *mut EVP_PKEY) -> *mut EC_KEY; + + pub fn EVP_PKEY_new() -> *mut EVP_PKEY; + pub fn EVP_PKEY_free(k: *mut EVP_PKEY); + #[cfg(any(ossl110, libressl270))] + pub fn EVP_PKEY_up_ref(pkey: *mut EVP_PKEY) -> c_int; + + pub fn d2i_AutoPrivateKey( + a: *mut *mut EVP_PKEY, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut EVP_PKEY; + + pub fn EVP_PKEY_cmp(a: *const EVP_PKEY, b: *const EVP_PKEY) -> c_int; + + pub fn EVP_PKEY_copy_parameters(to: *mut EVP_PKEY, from: *const EVP_PKEY) -> c_int; + + pub fn PKCS5_PBKDF2_HMAC_SHA1( + pass: *const c_char, + passlen: c_int, + salt: *const u8, + saltlen: c_int, + iter: c_int, + keylen: c_int, + out: *mut u8, + ) -> c_int; + pub fn PKCS5_PBKDF2_HMAC( + pass: *const c_char, + passlen: c_int, + salt: *const c_uchar, + saltlen: c_int, + iter: c_int, + digest: *const EVP_MD, + keylen: c_int, + out: *mut u8, + ) -> c_int; + + #[cfg(ossl110)] + pub fn EVP_PBE_scrypt( + pass: *const c_char, + passlen: size_t, + salt: *const c_uchar, + saltlen: size_t, + N: u64, + r: u64, + p: u64, + maxmem: u64, + key: *mut c_uchar, + keylen: size_t, + ) -> c_int; + + pub fn EVP_PKEY_CTX_new(k: *mut EVP_PKEY, e: *mut ENGINE) -> *mut EVP_PKEY_CTX; + pub fn EVP_PKEY_CTX_new_id(id: c_int, e: *mut ENGINE) -> *mut EVP_PKEY_CTX; + pub fn EVP_PKEY_CTX_free(ctx: *mut EVP_PKEY_CTX); + + pub fn EVP_PKEY_CTX_ctrl( + ctx: *mut EVP_PKEY_CTX, + keytype: c_int, + optype: c_int, + cmd: c_int, + p1: c_int, + p2: *mut c_void, + ) -> c_int; + + pub fn EVP_PKEY_new_mac_key( + type_: c_int, + e: *mut ENGINE, + key: *const c_uchar, + keylen: c_int, + ) -> *mut EVP_PKEY; + + pub fn EVP_PKEY_derive_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_derive_set_peer(ctx: *mut EVP_PKEY_CTX, peer: *mut EVP_PKEY) -> c_int; + pub fn EVP_PKEY_derive(ctx: *mut EVP_PKEY_CTX, key: *mut c_uchar, size: *mut size_t) -> c_int; + + #[cfg(ossl300)] + pub fn EVP_PKEY_Q_keygen( + libctx: *mut OSSL_LIB_CTX, + propq: *const c_char, + type_: *const c_char, + ... + ) -> *mut EVP_PKEY; + pub fn EVP_PKEY_keygen_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_keygen(ctx: *mut EVP_PKEY_CTX, key: *mut *mut EVP_PKEY) -> c_int; + + pub fn EVP_PKEY_sign_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_sign( + ctx: *mut EVP_PKEY_CTX, + sig: *mut c_uchar, + siglen: *mut size_t, + tbs: *const c_uchar, + tbslen: size_t, + ) -> c_int; + pub fn EVP_PKEY_verify_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_verify( + ctx: *mut EVP_PKEY_CTX, + sig: *const c_uchar, + siglen: size_t, + tbs: *const c_uchar, + tbslen: size_t, + ) -> c_int; + pub fn EVP_PKEY_encrypt_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_encrypt( + ctx: *mut EVP_PKEY_CTX, + pout: *mut c_uchar, + poutlen: *mut size_t, + pin: *const c_uchar, + pinlen: size_t, + ) -> c_int; + pub fn EVP_PKEY_decrypt_init(ctx: *mut EVP_PKEY_CTX) -> c_int; + pub fn EVP_PKEY_decrypt( + ctx: *mut EVP_PKEY_CTX, + pout: *mut c_uchar, + poutlen: *mut size_t, + pin: *const c_uchar, + pinlen: size_t, + ) -> c_int; +} + +const_ptr_api! { + extern "C" { + pub fn EVP_PKCS82PKEY(p8: #[const_ptr_if(any(ossl110, libressl280))] PKCS8_PRIV_KEY_INFO) -> *mut EVP_PKEY; + } +} + +cfg_if! { + if #[cfg(any(ossl111))] { + extern "C" { + pub fn EVP_PKEY_get_raw_public_key( + pkey: *const EVP_PKEY, + ppub: *mut c_uchar, + len: *mut size_t, + ) -> c_int; + pub fn EVP_PKEY_new_raw_public_key( + ttype: c_int, + e: *mut ENGINE, + key: *const c_uchar, + keylen: size_t, + ) -> *mut EVP_PKEY; + pub fn EVP_PKEY_get_raw_private_key( + pkey: *const EVP_PKEY, + ppriv: *mut c_uchar, + len: *mut size_t, + ) -> c_int; + pub fn EVP_PKEY_new_raw_private_key( + ttype: c_int, + e: *mut ENGINE, + key: *const c_uchar, + keylen: size_t, + ) -> *mut EVP_PKEY; + } + } +} + +extern "C" { + pub fn EVP_EncodeBlock(dst: *mut c_uchar, src: *const c_uchar, src_len: c_int) -> c_int; + pub fn EVP_DecodeBlock(dst: *mut c_uchar, src: *const c_uchar, src_len: c_int) -> c_int; +} diff --git a/openssl-sys/src/handwritten/hmac.rs b/openssl-sys/src/handwritten/hmac.rs new file mode 100644 index 000000000..b52d63fb1 --- /dev/null +++ b/openssl-sys/src/handwritten/hmac.rs @@ -0,0 +1,30 @@ +use libc::*; + +use super::super::*; + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + extern "C" { + pub fn HMAC_CTX_new() -> *mut HMAC_CTX; + pub fn HMAC_CTX_free(ctx: *mut HMAC_CTX); + } + } else { + extern "C" { + pub fn HMAC_CTX_init(ctx: *mut HMAC_CTX); + pub fn HMAC_CTX_cleanup(ctx: *mut HMAC_CTX); + } + } +} + +extern "C" { + pub fn HMAC_Init_ex( + ctx: *mut HMAC_CTX, + key: *const c_void, + len: c_int, + md: *const EVP_MD, + impl_: *mut ENGINE, + ) -> c_int; + pub fn HMAC_Update(ctx: *mut HMAC_CTX, data: *const c_uchar, len: size_t) -> c_int; + pub fn HMAC_Final(ctx: *mut HMAC_CTX, md: *mut c_uchar, len: *mut c_uint) -> c_int; + pub fn HMAC_CTX_copy(dst: *mut HMAC_CTX, src: *mut HMAC_CTX) -> c_int; +} diff --git a/openssl-sys/src/handwritten/kdf.rs b/openssl-sys/src/handwritten/kdf.rs new file mode 100644 index 000000000..0f14b63a9 --- /dev/null +++ b/openssl-sys/src/handwritten/kdf.rs @@ -0,0 +1,26 @@ +use super::super::*; +use libc::*; + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn EVP_PKEY_CTX_set_hkdf_mode(ctx: *mut EVP_PKEY_CTX, mode: c_int) -> c_int; + pub fn EVP_PKEY_CTX_set_hkdf_md(ctx: *mut EVP_PKEY_CTX, md: *const EVP_MD) -> c_int; + pub fn EVP_PKEY_CTX_set1_hkdf_salt( + ctx: *mut EVP_PKEY_CTX, + salt: *const u8, + saltlen: c_int, + ) -> c_int; + pub fn EVP_PKEY_CTX_set1_hkdf_key( + ctx: *mut EVP_PKEY_CTX, + key: *const u8, + keylen: c_int, + ) -> c_int; + pub fn EVP_PKEY_CTX_add1_hkdf_info( + ctx: *mut EVP_PKEY_CTX, + info: *const u8, + infolen: c_int, + ) -> c_int; + } + } +} diff --git a/openssl-sys/src/handwritten/mod.rs b/openssl-sys/src/handwritten/mod.rs new file mode 100644 index 000000000..28aa4aecd --- /dev/null +++ b/openssl-sys/src/handwritten/mod.rs @@ -0,0 +1,65 @@ +pub use self::aes::*; +pub use self::asn1::*; +pub use self::bio::*; +pub use self::bn::*; +pub use self::cms::*; +pub use self::conf::*; +pub use self::crypto::*; +pub use self::dh::*; +pub use self::dsa::*; +pub use self::ec::*; +pub use self::err::*; +pub use self::evp::*; +pub use self::hmac::*; +pub use self::kdf::*; +pub use self::object::*; +pub use self::ocsp::*; +pub use self::pem::*; +pub use self::pkcs12::*; +pub use self::pkcs7::*; +pub use self::provider::*; +pub use self::rand::*; +pub use self::rsa::*; +pub use self::safestack::*; +pub use self::sha::*; +pub use self::srtp::*; +pub use self::ssl::*; +pub use self::stack::*; +pub use self::tls1::*; +pub use self::types::*; +pub use self::x509::*; +pub use self::x509_vfy::*; +pub use self::x509v3::*; + +mod aes; +mod asn1; +mod bio; +mod bn; +mod cms; +mod conf; +mod crypto; +mod dh; +mod dsa; +mod ec; +mod err; +mod evp; +mod hmac; +mod kdf; +mod object; +mod ocsp; +mod pem; +mod pkcs12; +mod pkcs7; +mod provider; +mod rand; +mod rsa; +mod safestack; +mod sha; +mod srtp; +mod ssl; +mod stack; +mod tls1; +mod types; +mod x509; +mod x509_vfy; +mod x509v3; diff --git a/openssl-sys/src/handwritten/object.rs b/openssl-sys/src/handwritten/object.rs new file mode 100644 index 000000000..06e655343 --- /dev/null +++ b/openssl-sys/src/handwritten/object.rs @@ -0,0 +1,30 @@ +use libc::*; + +use super::super::*; + +extern "C" { + pub fn OBJ_nid2ln(nid: c_int) -> *const c_char; + pub fn OBJ_nid2sn(nid: c_int) -> *const c_char; + pub fn OBJ_nid2obj(n: c_int) -> *mut ASN1_OBJECT; + pub fn OBJ_obj2nid(o: *const ASN1_OBJECT) -> c_int; + pub fn OBJ_obj2txt( + buf: *mut c_char, + buf_len: c_int, + a: *const ASN1_OBJECT, + no_name: c_int, + ) -> c_int; + + pub fn OBJ_find_sigid_algs(signid: c_int, pdig_nid: *mut c_int, ppkey_nid: *mut c_int) + -> c_int; + pub fn OBJ_sn2nid(sn: *const libc::c_char) -> libc::c_int; + pub fn OBJ_txt2obj(s: *const libc::c_char, no_name: libc::c_int) -> *mut ASN1_OBJECT; + pub fn OBJ_create( + oid: *const libc::c_char, + sn: *const libc::c_char, + ln: *const libc::c_char, + ) -> c_int; + #[cfg(ossl111)] + pub fn OBJ_length(obj: *const ASN1_OBJECT) -> libc::size_t; + #[cfg(ossl111)] + pub fn OBJ_get0_data(obj: *const ASN1_OBJECT) -> *const c_uchar; +} diff --git a/openssl-sys/src/handwritten/ocsp.rs b/openssl-sys/src/handwritten/ocsp.rs new file mode 100644 index 000000000..c194a831b --- /dev/null +++ b/openssl-sys/src/handwritten/ocsp.rs @@ -0,0 +1,89 @@ +use super::super::*; +use libc::*; + +pub enum OCSP_CERTID {} + +pub enum OCSP_ONEREQ {} + +pub enum OCSP_REQUEST {} + +pub enum OCSP_BASICRESP {} + +const_ptr_api! { + extern "C" { + pub fn OCSP_cert_to_id( + dgst: *const EVP_MD, + subject: #[const_ptr_if(any(ossl110, libressl281))] X509, + issuer: #[const_ptr_if(any(ossl110, libressl281))] X509, + ) -> *mut OCSP_CERTID; + } +} + +extern "C" { + pub fn OCSP_request_add0_id(r: *mut OCSP_REQUEST, id: *mut OCSP_CERTID) -> *mut OCSP_ONEREQ; + + pub fn OCSP_resp_find_status( + bs: *mut OCSP_BASICRESP, + id: *mut OCSP_CERTID, + status: *mut c_int, + reason: *mut c_int, + revtime: *mut *mut ASN1_GENERALIZEDTIME, + thisupd: *mut *mut ASN1_GENERALIZEDTIME, + nextupd: *mut *mut ASN1_GENERALIZEDTIME, + ) -> c_int; + pub fn OCSP_check_validity( + thisupd: *mut ASN1_GENERALIZEDTIME, + nextupd: *mut ASN1_GENERALIZEDTIME, + sec: c_long, + maxsec: c_long, + ) -> c_int; + + pub fn OCSP_response_status(resp: *mut OCSP_RESPONSE) -> c_int; + pub fn OCSP_response_get1_basic(resp: *mut OCSP_RESPONSE) -> *mut OCSP_BASICRESP; + + pub fn OCSP_response_create(status: c_int, bs: *mut OCSP_BASICRESP) -> *mut OCSP_RESPONSE; + + pub fn OCSP_BASICRESP_new() -> *mut OCSP_BASICRESP; + pub fn OCSP_BASICRESP_free(r: *mut OCSP_BASICRESP); + pub fn OCSP_RESPONSE_new() -> *mut OCSP_RESPONSE; + pub fn OCSP_RESPONSE_free(r: *mut OCSP_RESPONSE); +} + +const_ptr_api! { + extern "C" { + pub fn i2d_OCSP_RESPONSE(a: #[const_ptr_if(ossl300)] OCSP_RESPONSE, pp: *mut *mut c_uchar) -> c_int; + } +} + +extern "C" { + pub fn d2i_OCSP_RESPONSE( + a: *mut *mut OCSP_RESPONSE, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut OCSP_RESPONSE; + pub fn OCSP_ONEREQ_free(r: *mut OCSP_ONEREQ); + pub fn OCSP_CERTID_free(id: *mut OCSP_CERTID); + pub fn OCSP_REQUEST_new() -> *mut OCSP_REQUEST; + pub fn OCSP_REQUEST_free(r: *mut OCSP_REQUEST); +} + +const_ptr_api! { + extern "C" { + pub fn i2d_OCSP_REQUEST(a: #[const_ptr_if(ossl300)] OCSP_REQUEST, pp: *mut *mut c_uchar) -> c_int; + } +} + +extern "C" { + pub fn d2i_OCSP_REQUEST( + a: *mut *mut OCSP_REQUEST, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut OCSP_REQUEST; + + pub fn OCSP_basic_verify( + bs: *mut OCSP_BASICRESP, + certs: *mut stack_st_X509, + st: *mut X509_STORE, + flags: c_ulong, + ) -> c_int; +} diff --git a/openssl-sys/src/handwritten/pem.rs b/openssl-sys/src/handwritten/pem.rs new file mode 100644 index 000000000..42997177e --- /dev/null +++ b/openssl-sys/src/handwritten/pem.rs @@ -0,0 +1,191 @@ +use super::super::*; +use libc::*; + +pub type pem_password_cb = Option< + unsafe extern "C" fn( + buf: *mut c_char, + size: c_int, + rwflag: c_int, + user_data: *mut c_void, + ) -> c_int, +>; + +const_ptr_api! { + extern "C" { + pub fn PEM_write_bio_X509(bio: *mut BIO, x509: #[const_ptr_if(ossl300)] X509) -> c_int; + pub fn PEM_write_bio_X509_REQ(bio: *mut BIO, x509: #[const_ptr_if(ossl300)] X509_REQ) -> c_int; + pub fn PEM_write_bio_X509_CRL(bio: *mut BIO, x509: #[const_ptr_if(ossl300)] X509_CRL) -> c_int; + pub fn PEM_write_bio_RSAPrivateKey( + bp: *mut BIO, + rsa: #[const_ptr_if(ossl300)] RSA, + cipher: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_uchar, + klen: c_int, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> c_int; + pub fn PEM_write_bio_RSA_PUBKEY(bp: *mut BIO, rsa: #[const_ptr_if(ossl300)] RSA) -> c_int; + pub fn PEM_write_bio_DSAPrivateKey( + bp: *mut BIO, + dsa: #[const_ptr_if(ossl300)] DSA, + cipher: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_uchar, + klen: c_int, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> c_int; + pub fn PEM_write_bio_ECPrivateKey( + bio: *mut BIO, + key: #[const_ptr_if(ossl300)] EC_KEY, + cipher: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_uchar, + klen: c_int, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> c_int; + pub fn PEM_write_bio_DSA_PUBKEY(bp: *mut BIO, dsa: #[const_ptr_if(ossl300)] DSA) -> c_int; + pub fn PEM_write_bio_PrivateKey( + bio: *mut BIO, + pkey: #[const_ptr_if(ossl300)] EVP_PKEY, + cipher: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_uchar, + klen: c_int, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> c_int; + pub fn PEM_write_bio_PUBKEY(bp: *mut BIO, x: #[const_ptr_if(ossl300)] EVP_PKEY) -> c_int; + pub fn PEM_write_bio_PKCS8PrivateKey( + bio: *mut BIO, + pkey: #[const_ptr_if(ossl300)] EVP_PKEY, + cipher: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_char, + klen: c_int, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> c_int; + pub fn PEM_write_bio_PKCS7(bp: *mut BIO, x: #[const_ptr_if(ossl300)] PKCS7) -> c_int; + pub fn PEM_write_bio_EC_PUBKEY(bp: *mut BIO, ec: #[const_ptr_if(ossl300)] EC_KEY) -> c_int; + pub fn i2d_PKCS8PrivateKey_bio( + bp: *mut BIO, + x: #[const_ptr_if(ossl300)] EVP_PKEY, + enc: *const EVP_CIPHER, + kstr: #[const_ptr_if(ossl300)] c_char, + klen: c_int, + cb: pem_password_cb, + u: *mut c_void, + ) -> c_int; + } +} + +extern "C" { + pub fn PEM_read_bio_X509( + bio: *mut BIO, + out: *mut *mut X509, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut X509; + pub fn PEM_read_bio_X509_REQ( + bio: *mut BIO, + out: *mut *mut X509_REQ, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut X509_REQ; + pub fn PEM_read_bio_X509_CRL( + bio: *mut BIO, + out: *mut *mut X509_CRL, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut X509_CRL; + pub fn PEM_read_bio_RSAPrivateKey( + bio: *mut BIO, + rsa: *mut *mut RSA, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut RSA; + pub fn PEM_read_bio_RSAPublicKey( + bio: *mut BIO, + rsa: *mut *mut RSA, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut RSA; + pub fn PEM_write_bio_RSAPublicKey(bp: *mut BIO, rsa: *const RSA) -> c_int; + pub fn PEM_read_bio_RSA_PUBKEY( + bio: *mut BIO, + rsa: *mut *mut RSA, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut RSA; + pub fn PEM_read_bio_DSAPrivateKey( + bp: *mut BIO, + dsa: *mut *mut DSA, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut DSA; + pub fn PEM_read_bio_DSA_PUBKEY( + bp: *mut BIO, + dsa: *mut *mut DSA, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut DSA; + pub fn PEM_read_bio_ECPrivateKey( + bio: *mut BIO, + key: *mut *mut EC_KEY, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut EC_KEY; + pub fn PEM_read_bio_EC_PUBKEY( + bp: *mut BIO, + ec: *mut *mut EC_KEY, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut EC_KEY; + pub fn PEM_read_bio_DHparams( + bio: *mut BIO, + out: *mut *mut DH, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut DH; + pub fn PEM_write_bio_DHparams(bio: *mut BIO, x: *const DH) -> c_int; + pub fn PEM_read_bio_PrivateKey( + bio: *mut BIO, + out: *mut *mut EVP_PKEY, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut EVP_PKEY; + pub fn PEM_read_bio_PUBKEY( + bio: *mut BIO, + out: *mut *mut EVP_PKEY, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut EVP_PKEY; + + pub fn d2i_PKCS8PrivateKey_bio( + bp: *mut BIO, + x: *mut *mut EVP_PKEY, + cb: pem_password_cb, + u: *mut c_void, + ) -> *mut EVP_PKEY; + pub fn d2i_PKCS8_PRIV_KEY_INFO( + k: *mut *mut PKCS8_PRIV_KEY_INFO, + buf: *mut *const u8, + length: c_long, + ) -> *mut PKCS8_PRIV_KEY_INFO; + pub fn PKCS8_PRIV_KEY_INFO_free(p8inf: *mut PKCS8_PRIV_KEY_INFO); + + pub fn PEM_read_bio_PKCS7( + bio: *mut BIO, + out: *mut *mut PKCS7, + cb: pem_password_cb, + u: *mut c_void, + ) -> *mut PKCS7; + + #[cfg(ossl101)] + pub fn PEM_read_bio_CMS( + bio: *mut BIO, + out: *mut *mut CMS_ContentInfo, + callback: pem_password_cb, + user_data: *mut c_void, + ) -> *mut CMS_ContentInfo; + #[cfg(ossl101)] + pub fn PEM_write_bio_CMS(bio: *mut BIO, cms: *const CMS_ContentInfo) -> c_int; +} diff --git a/openssl-sys/src/handwritten/pkcs12.rs b/openssl-sys/src/handwritten/pkcs12.rs new file mode 100644 index 000000000..728c333ad --- /dev/null +++ b/openssl-sys/src/handwritten/pkcs12.rs @@ -0,0 +1,53 @@ +use libc::*; + +use super::super::*; + +pub enum PKCS12 {} + +extern "C" { + pub fn PKCS12_free(p12: *mut PKCS12); +} +const_ptr_api! { + extern "C" { + pub fn i2d_PKCS12(a: #[const_ptr_if(ossl300)] PKCS12, buf: *mut *mut u8) -> c_int; + } +} +extern "C" { + pub fn d2i_PKCS12(a: *mut *mut PKCS12, pp: *mut *const u8, length: c_long) -> *mut PKCS12; + + pub fn PKCS12_parse( + p12: *mut PKCS12, + pass: *const c_char, + pkey: *mut *mut EVP_PKEY, + cert: *mut *mut X509, + ca: *mut *mut stack_st_X509, + ) -> c_int; + + pub fn PKCS12_set_mac( + p12: *mut PKCS12, + pass: *const c_char, + passlen: c_int, + salt: *mut c_uchar, + saltlen: c_int, + iter: c_int, + md_type: *const EVP_MD, + ) -> c_int; +} +const_ptr_api! { + extern "C" { + pub fn PKCS12_create( + pass: #[const_ptr_if(any(ossl110, libressl280))] c_char, + friendly_name: #[const_ptr_if(any(ossl110, libressl280))] c_char, + pkey: *mut EVP_PKEY, + cert: *mut X509, + ca: *mut stack_st_X509, + nid_key: c_int, + nid_cert: c_int, + iter: c_int, + mac_iter: c_int, + keytype: c_int, + ) -> *mut PKCS12; + + pub fn i2d_PKCS12_bio(b: *mut BIO, a: #[const_ptr_if(ossl300)] PKCS12) -> c_int; + } +} diff --git a/openssl-sys/src/handwritten/pkcs7.rs b/openssl-sys/src/handwritten/pkcs7.rs new file mode 100644 index 000000000..78f96ec3e --- /dev/null +++ b/openssl-sys/src/handwritten/pkcs7.rs @@ -0,0 +1,70 @@ +use super::super::*; +use libc::*; + +pub enum PKCS7_SIGNED {} +pub enum PKCS7_ENVELOPE {} +pub enum PKCS7_SIGN_ENVELOPE {} +pub enum PKCS7_DIGEST {} +pub enum PKCS7_ENCRYPT {} +pub enum PKCS7 {} + +extern "C" { + pub fn d2i_PKCS7(a: *mut *mut PKCS7, pp: *mut *const c_uchar, length: c_long) -> *mut PKCS7; +} + +const_ptr_api! { + extern "C" { + pub fn i2d_PKCS7(a: #[const_ptr_if(ossl300)] PKCS7, buf: *mut *mut u8) -> c_int; + } +} + +extern "C" { + pub fn PKCS7_encrypt( + certs: *mut stack_st_X509, + b: *mut BIO, + cipher: *const EVP_CIPHER, + flags: c_int, + ) -> *mut PKCS7; + + pub fn PKCS7_verify( + pkcs7: *mut PKCS7, + certs: *mut stack_st_X509, + store: *mut X509_STORE, + indata: *mut BIO, + out: *mut BIO, + flags: c_int, + ) -> c_int; + + pub fn PKCS7_get0_signers( + pkcs7: *mut PKCS7, + certs: *mut stack_st_X509, + flags: c_int, + ) -> *mut stack_st_X509; + + pub fn PKCS7_sign( + signcert: *mut X509, + pkey: *mut EVP_PKEY, + certs: *mut stack_st_X509, + data: *mut BIO, + flags: c_int, + ) -> *mut PKCS7; + + pub fn PKCS7_decrypt( + pkcs7: *mut PKCS7, + pkey: *mut EVP_PKEY, + cert: *mut X509, + data: *mut BIO, + flags: c_int, + ) -> c_int; + + pub fn PKCS7_free(pkcs7: *mut PKCS7); + + pub fn SMIME_write_PKCS7( + out: *mut BIO, + pkcs7: *mut PKCS7, + data: *mut BIO, + flags: c_int, + ) -> c_int; + + pub fn SMIME_read_PKCS7(bio: *mut BIO, bcont: *mut *mut BIO) -> *mut PKCS7; +} diff --git a/openssl-sys/src/handwritten/provider.rs b/openssl-sys/src/handwritten/provider.rs new file mode 100644 index 000000000..3e18a02be --- /dev/null +++ b/openssl-sys/src/handwritten/provider.rs @@ -0,0 +1,20 @@ +use super::super::*; +use libc::*; + +extern "C" { + #[cfg(ossl300)] + pub fn OSSL_PROVIDER_load(ctx: *mut OSSL_LIB_CTX, name: *const c_char) -> *mut OSSL_PROVIDER; + #[cfg(ossl300)] + pub fn OSSL_PROVIDER_try_load( + ctx: *mut OSSL_LIB_CTX, + name: *const c_char, + retain_fallbacks: c_int, + ) -> *mut OSSL_PROVIDER; + #[cfg(ossl300)] + pub fn OSSL_PROVIDER_unload(prov: *mut OSSL_PROVIDER) -> c_int; + #[cfg(ossl300)] + pub fn OSSL_PROVIDER_set_default_search_path( + ctx: *mut OSSL_LIB_CTX, + path: *const c_char, + ) -> c_int; +} diff --git a/openssl-sys/src/handwritten/rand.rs b/openssl-sys/src/handwritten/rand.rs new file mode 100644 index 000000000..3bf9da592 --- /dev/null +++ b/openssl-sys/src/handwritten/rand.rs @@ -0,0 +1,12 @@ +use libc::*; + +extern "C" { + pub fn RAND_bytes(buf: *mut u8, num: c_int) -> c_int; + + #[cfg(ossl111)] + pub fn RAND_keep_random_devices_open(keep: c_int); + + pub fn RAND_status() -> c_int; + + pub fn RAND_add(buf: *const c_void, num: c_int, randomness: c_double); +} diff --git a/openssl-sys/src/handwritten/rsa.rs b/openssl-sys/src/handwritten/rsa.rs new file mode 100644 index 000000000..d05edfc30 --- /dev/null +++ b/openssl-sys/src/handwritten/rsa.rs @@ -0,0 +1,124 @@ +use super::super::*; +use libc::*; + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn EVP_PKEY_CTX_set_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad_mode: c_int) -> c_int; + pub fn EVP_PKEY_CTX_get_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad_mode: *mut c_int) -> c_int; + + pub fn EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx: *mut EVP_PKEY_CTX, len: c_int) -> c_int; + pub fn EVP_PKEY_CTX_set_rsa_mgf1_md(ctx: *mut EVP_PKEY_CTX, md: *const EVP_MD) -> c_int; + } + } +} + +extern "C" { + pub fn RSA_new() -> *mut RSA; + pub fn RSA_size(k: *const RSA) -> c_int; + + #[cfg(any(ossl110, libressl273))] + pub fn RSA_set0_key(r: *mut RSA, n: *mut BIGNUM, e: *mut BIGNUM, d: *mut BIGNUM) -> c_int; + #[cfg(any(ossl110, libressl273))] + pub fn RSA_set0_factors(r: *mut RSA, p: *mut BIGNUM, q: *mut BIGNUM) -> c_int; + #[cfg(any(ossl110, libressl273))] + pub fn RSA_set0_crt_params( + r: *mut RSA, + dmp1: *mut BIGNUM, + dmq1: *mut BIGNUM, + iqmp: *mut BIGNUM, + ) -> c_int; + #[cfg(any(ossl110, libressl273))] + pub fn RSA_get0_key( + r: *const RSA, + n: *mut *const BIGNUM, + e: *mut *const BIGNUM, + d: *mut *const BIGNUM, + ); + #[cfg(any(ossl110, libressl273))] + pub fn RSA_get0_factors(r: *const RSA, p: *mut *const BIGNUM, q: *mut *const BIGNUM); + #[cfg(any(ossl110, libressl273))] + pub fn RSA_get0_crt_params( + r: *const RSA, + dmp1: *mut *const BIGNUM, + dmq1: *mut *const BIGNUM, + iqmp: *mut *const BIGNUM, + ); + + #[cfg(not(ossl110))] + pub fn RSA_generate_key( + modsz: c_int, + e: c_ulong, + cb: Option, + cbarg: *mut c_void, + ) -> *mut RSA; + + pub fn RSA_generate_key_ex( + rsa: *mut RSA, + bits: c_int, + e: *mut BIGNUM, + cb: *mut BN_GENCB, + ) -> c_int; + + pub fn RSA_public_encrypt( + flen: c_int, + from: *const u8, + to: *mut u8, + k: *mut RSA, + pad: c_int, + ) -> c_int; + pub fn RSA_private_encrypt( + flen: c_int, + from: *const u8, + to: *mut u8, + k: *mut RSA, + pad: c_int, + ) -> c_int; + pub fn RSA_public_decrypt( + flen: c_int, + from: *const u8, + to: *mut u8, + k: *mut RSA, + pad: c_int, + ) -> c_int; + pub fn RSA_private_decrypt( + flen: c_int, + from: *const u8, + to: *mut u8, + k: *mut RSA, + pad: c_int, + ) -> c_int; + pub fn RSA_check_key(r: *const RSA) -> c_int; + pub fn RSA_free(rsa: *mut RSA); + pub fn RSA_up_ref(rsa: *mut RSA) -> c_int; + + pub fn i2d_RSAPublicKey(k: *const RSA, buf: *mut *mut u8) -> c_int; + pub fn d2i_RSAPublicKey(k: *mut *mut RSA, buf: *mut *const u8, len: c_long) -> *mut RSA; + pub fn i2d_RSAPrivateKey(k: *const RSA, buf: *mut *mut u8) -> c_int; + pub fn d2i_RSAPrivateKey(k: *mut *mut RSA, buf: *mut *const u8, len: c_long) -> *mut RSA; + + pub fn RSA_sign( + t: c_int, + m: *const u8, + mlen: c_uint, + sig: *mut u8, + siglen: *mut c_uint, + k: *mut RSA, + ) -> c_int; + pub fn RSA_verify( + t: c_int, + m: *const u8, + mlen: c_uint, + sig: *const u8, + siglen: c_uint, + k: *mut RSA, + ) -> c_int; + + pub fn RSA_padding_check_PKCS1_type_2( + to: *mut c_uchar, + tlen: c_int, + f: *const c_uchar, + fl: c_int, + rsa_len: c_int, + ) -> c_int; +} diff --git a/openssl-sys/src/handwritten/safestack.rs b/openssl-sys/src/handwritten/safestack.rs new file mode 100644 index 000000000..0bee90d96 --- /dev/null +++ b/openssl-sys/src/handwritten/safestack.rs @@ -0,0 +1 @@ +stack!(stack_st_OPENSSL_STRING); diff --git a/openssl-sys/src/handwritten/sha.rs b/openssl-sys/src/handwritten/sha.rs new file mode 100644 index 000000000..7d00b592f --- /dev/null +++ b/openssl-sys/src/handwritten/sha.rs @@ -0,0 +1,101 @@ +use super::super::*; +use libc::*; + +cfg_if! { + if #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] { + #[repr(C)] + #[derive(Clone)] + pub struct SHA_CTX { + pub h0: SHA_LONG, + pub h1: SHA_LONG, + pub h2: SHA_LONG, + pub h3: SHA_LONG, + pub h4: SHA_LONG, + pub Nl: SHA_LONG, + pub Nh: SHA_LONG, + pub data: [SHA_LONG; SHA_LBLOCK as usize], + pub num: c_uint, + } + + extern "C" { + pub fn SHA1_Init(c: *mut SHA_CTX) -> c_int; + pub fn SHA1_Update(c: *mut SHA_CTX, data: *const c_void, len: size_t) -> c_int; + pub fn SHA1_Final(md: *mut c_uchar, c: *mut SHA_CTX) -> c_int; + } + } +} + +cfg_if! { + if #[cfg(not(ossl300))] { + extern "C" { + pub fn SHA1(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar; + } + } +} + +cfg_if! { + if #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] { + #[repr(C)] + #[derive(Clone)] + pub struct SHA256_CTX { + pub h: [SHA_LONG; 8], + pub Nl: SHA_LONG, + pub Nh: SHA_LONG, + pub data: [SHA_LONG; SHA_LBLOCK as usize], + pub num: c_uint, + pub md_len: c_uint, + } + + extern "C" { + pub fn SHA224_Init(c: *mut SHA256_CTX) -> c_int; + pub fn SHA224_Update(c: *mut SHA256_CTX, data: *const c_void, len: size_t) -> c_int; + pub fn SHA224_Final(md: *mut c_uchar, c: *mut SHA256_CTX) -> c_int; + pub fn SHA256_Init(c: *mut SHA256_CTX) -> c_int; + pub fn SHA256_Update(c: *mut SHA256_CTX, data: *const c_void, len: size_t) -> c_int; + pub fn SHA256_Final(md: *mut c_uchar, c: *mut SHA256_CTX) -> c_int; + } + } +} + +cfg_if! { + if #[cfg(not(ossl300))] { + extern "C" { + pub fn SHA224(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar; + pub fn SHA256(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar; + } + } +} + +cfg_if! { + if #[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] { + #[repr(C)] + #[derive(Clone)] + pub struct SHA512_CTX { + pub h: [SHA_LONG64; 8], + pub Nl: SHA_LONG64, + pub Nh: SHA_LONG64, + // this is a union but we don't want to require 1.19 + u: [SHA_LONG64; SHA_LBLOCK as usize], + pub num: c_uint, + pub md_len: c_uint, + } + + extern "C" { + pub fn SHA384_Init(c: *mut SHA512_CTX) -> c_int; + pub fn SHA384_Update(c: *mut SHA512_CTX, data: *const c_void, len: size_t) -> c_int; + pub fn SHA384_Final(md: *mut c_uchar, c: *mut SHA512_CTX) -> c_int; + pub fn SHA512_Init(c: *mut SHA512_CTX) -> c_int; + pub fn SHA512_Update(c: *mut SHA512_CTX, data: *const c_void, len: size_t) -> c_int; + pub fn SHA512_Final(md: *mut c_uchar, c: *mut SHA512_CTX) -> c_int; + } + } +} + +cfg_if! { + if #[cfg(not(ossl300))] { + extern "C" { + pub fn SHA384(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar; + pub fn SHA512(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar; + } + } +} diff --git a/openssl-sys/src/handwritten/srtp.rs b/openssl-sys/src/handwritten/srtp.rs new file mode 100644 index 000000000..d4c7af8eb --- /dev/null +++ b/openssl-sys/src/handwritten/srtp.rs @@ -0,0 +1,10 @@ +use super::super::*; +use libc::*; + +extern "C" { + pub fn SSL_CTX_set_tlsext_use_srtp(ctx: *mut SSL_CTX, profiles: *const c_char) -> c_int; + pub fn SSL_set_tlsext_use_srtp(ssl: *mut SSL, profiles: *const c_char) -> c_int; + + pub fn SSL_get_srtp_profiles(ssl: *mut SSL) -> *mut stack_st_SRTP_PROTECTION_PROFILE; + pub fn SSL_get_selected_srtp_profile(ssl: *mut SSL) -> *mut SRTP_PROTECTION_PROFILE; +} diff --git a/openssl-sys/src/handwritten/ssl.rs b/openssl-sys/src/handwritten/ssl.rs new file mode 100644 index 000000000..f179a04ab --- /dev/null +++ b/openssl-sys/src/handwritten/ssl.rs @@ -0,0 +1,913 @@ +use super::super::*; +use libc::*; + +pub enum SSL_METHOD {} +pub enum SSL_CIPHER {} +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum SSL_SESSION {} + } else if #[cfg(libressl251)] { + #[repr(C)] + pub struct SSL_SESSION { + ssl_version: c_int, + pub master_key_length: c_int, + pub master_key: [c_uchar; 48], + session_id_length: c_uint, + session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize], + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + peer: *mut X509, + verify_result: c_long, + timeout: c_long, + time: time_t, + pub references: c_int, + cipher: *const SSL_CIPHER, + cipher_id: c_long, + ciphers: *mut stack_st_SSL_CIPHER, + tlsext_hostname: *mut c_char, + tlsext_tick: *mut c_uchar, + tlsext_ticklen: size_t, + tlsext_tick_lifetime_int: c_long, + internal: *mut c_void, + } + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct SSL_SESSION { + ssl_version: c_int, + pub master_key_length: c_int, + pub master_key: [c_uchar; 48], + session_id_length: c_uint, + session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize], + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + not_resumable: c_int, + sess_cert: *mut c_void, + peer: *mut X509, + verify_result: c_long, + timeout: c_long, + time: time_t, + pub references: c_int, + cipher: *const c_void, + cipher_id: c_ulong, + ciphers: *mut c_void, + ex_data: CRYPTO_EX_DATA, + prev: *mut c_void, + next: *mut c_void, + tlsext_hostname: *mut c_char, + tlsext_ecpointformatlist_length: size_t, + tlsext_ecpointformatlist: *mut u8, + tlsext_ellipticcurvelist_length: size_t, + tlsext_ellipticcurvelist: *mut u16, + tlsext_tick: *mut c_uchar, + tlsext_ticklen: size_t, + tlsext_tick_lifetime_hint: c_long, + } + } else { + #[repr(C)] + pub struct SSL_SESSION { + ssl_version: c_int, + key_arg_length: c_uint, + key_arg: [c_uchar; SSL_MAX_KEY_ARG_LENGTH as usize], + pub master_key_length: c_int, + pub master_key: [c_uchar; 48], + session_id_length: c_uint, + session_id: [c_uchar; SSL_MAX_SSL_SESSION_ID_LENGTH as usize], + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))] + krb5_client_princ_len: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))] + krb5_client_princ: [c_uchar; SSL_MAX_KRB5_PRINCIPAL_LENGTH as usize], + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_identity_hint: *mut c_char, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_identity: *mut c_char, + not_resumable: c_int, + sess_cert: *mut c_void, + peer: *mut X509, + verify_result: c_long, + pub references: c_int, + timeout: c_long, + time: c_long, + compress_meth: c_uint, + cipher: *const c_void, + cipher_id: c_ulong, + ciphers: *mut c_void, + ex_data: CRYPTO_EX_DATA, + prev: *mut c_void, + next: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_hostname: *mut c_char, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ecpointformatlist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ecpointformatlist: *mut c_uchar, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ellipticcurvelist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ellipticcurvelist: *mut c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick: *mut c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ticklen: size_t, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick_lifetime_hint: c_long, + #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] + srp_username: *mut c_char, + } + } +} + +stack!(stack_st_SSL_CIPHER); + +#[repr(C)] +pub struct SRTP_PROTECTION_PROFILE { + pub name: *const c_char, + pub id: c_ulong, +} + +stack!(stack_st_SRTP_PROTECTION_PROFILE); + +pub type tls_session_ticket_ext_cb_fn = + Option c_int>; +pub type tls_session_secret_cb_fn = Option< + unsafe extern "C" fn( + *mut SSL, + *mut c_void, + *mut c_int, + *mut stack_st_SSL_CIPHER, + *mut *mut SSL_CIPHER, + *mut c_void, + ) -> c_int, +>; + +#[cfg(ossl111)] +pub type SSL_custom_ext_add_cb_ex = Option< + unsafe extern "C" fn( + ssl: *mut SSL, + ext_type: c_uint, + context: c_uint, + out: *mut *const c_uchar, + outlen: *mut size_t, + x: *mut X509, + chainidx: size_t, + al: *mut c_int, + add_arg: *mut c_void, + ) -> c_int, +>; + +#[cfg(ossl111)] +pub type SSL_custom_ext_free_cb_ex = Option< + unsafe extern "C" fn( + ssl: *mut SSL, + ext_type: c_uint, + context: c_uint, + out: *const c_uchar, + add_arg: *mut c_void, + ), +>; + +#[cfg(ossl111)] +pub type SSL_custom_ext_parse_cb_ex = Option< + unsafe extern "C" fn( + ssl: *mut SSL, + ext_type: c_uint, + context: c_uint, + input: *const c_uchar, + inlen: size_t, + x: *mut X509, + chainidx: size_t, + al: *mut c_int, + parse_arg: *mut c_void, + ) -> c_int, +>; + +cfg_if! { + if #[cfg(ossl300)] { + extern "C" { + pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> u64; + pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: u64) -> u64; + pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: u64) -> u64; + } + } else if #[cfg(ossl110)] { + extern "C" { + pub fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> c_ulong; + pub fn SSL_CTX_set_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong; + pub fn SSL_CTX_clear_options(ctx: *mut SSL_CTX, op: c_ulong) -> c_ulong; + } + } +} + +pub type GEN_SESSION_CB = + Option c_int>; + +extern "C" { + pub fn SSL_CTX_sess_set_new_cb( + ctx: *mut SSL_CTX, + new_session_cb: Option c_int>, + ); + pub fn SSL_CTX_sess_set_remove_cb( + ctx: *mut SSL_CTX, + remove_session_cb: Option, + ); +} +cfg_if! { + // const change in passed function pointer signature + if #[cfg(any(ossl110, libressl280))] { + extern "C" { + pub fn SSL_CTX_sess_set_get_cb( + ctx: *mut SSL_CTX, + get_session_cb: Option< + unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_int) -> *mut SSL_SESSION, + >, + ); + } + } else { + extern "C" { + pub fn SSL_CTX_sess_set_get_cb( + ctx: *mut SSL_CTX, + get_session_cb: Option< + unsafe extern "C" fn(*mut SSL, *mut c_uchar, c_int, *mut c_int) -> *mut SSL_SESSION, + >, + ); + } + } +} +extern "C" { + // FIXME change to unsafe extern "C" fn + pub fn SSL_CTX_set_cookie_generate_cb( + s: *mut SSL_CTX, + cb: Option< + extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int, + >, + ); +} + +cfg_if! { + // const change in passed function pointer signature + if #[cfg(any(ossl110, libressl280))] { + extern "C" { + pub fn SSL_CTX_set_cookie_verify_cb( + s: *mut SSL_CTX, + cb: Option< + extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: c_uint) -> c_int, + >, + ); + } + } else { + extern "C" { + pub fn SSL_CTX_set_cookie_verify_cb( + s: *mut SSL_CTX, + cb: Option c_int>, + ); + } + } +} + +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CTX_set_stateless_cookie_generate_cb( + s: *mut SSL_CTX, + cb: Option< + unsafe extern "C" fn( + ssl: *mut SSL, + cookie: *mut c_uchar, + cookie_len: *mut size_t, + ) -> c_int, + >, + ); + #[cfg(ossl111)] + pub fn SSL_CTX_set_stateless_cookie_verify_cb( + s: *mut SSL_CTX, + cb: Option< + unsafe extern "C" fn( + ssl: *mut SSL, + cookie: *const c_uchar, + cookie_len: size_t, + ) -> c_int, + >, + ); + + pub fn SSL_CTX_set_next_protos_advertised_cb( + ssl: *mut SSL_CTX, + cb: extern "C" fn( + ssl: *mut SSL, + out: *mut *const c_uchar, + outlen: *mut c_uint, + arg: *mut c_void, + ) -> c_int, + arg: *mut c_void, + ); + pub fn SSL_CTX_set_next_proto_select_cb( + ssl: *mut SSL_CTX, + cb: extern "C" fn( + ssl: *mut SSL, + out: *mut *mut c_uchar, + outlen: *mut c_uchar, + inbuf: *const c_uchar, + inlen: c_uint, + arg: *mut c_void, + ) -> c_int, + arg: *mut c_void, + ); + pub fn SSL_get0_next_proto_negotiated( + s: *const SSL, + data: *mut *const c_uchar, + len: *mut c_uint, + ); + + pub fn SSL_select_next_proto( + out: *mut *mut c_uchar, + outlen: *mut c_uchar, + inbuf: *const c_uchar, + inlen: c_uint, + client: *const c_uchar, + client_len: c_uint, + ) -> c_int; +} + +extern "C" { + #[cfg(any(ossl102, libressl261))] + pub fn SSL_CTX_set_alpn_protos(s: *mut SSL_CTX, data: *const c_uchar, len: c_uint) -> c_int; + #[cfg(any(ossl102, libressl261))] + pub fn SSL_set_alpn_protos(s: *mut SSL, data: *const c_uchar, len: c_uint) -> c_int; + #[cfg(any(ossl102, libressl261))] + #[link_name = "SSL_CTX_set_alpn_select_cb"] + pub fn SSL_CTX_set_alpn_select_cb__fixed_rust( + ssl: *mut SSL_CTX, + cb: Option< + unsafe extern "C" fn( + ssl: *mut SSL, + out: *mut *const c_uchar, + outlen: *mut c_uchar, + inbuf: *const c_uchar, + inlen: c_uint, + arg: *mut c_void, + ) -> c_int, + >, + arg: *mut c_void, + ); + #[cfg(any(ossl102, libressl261))] + pub fn SSL_get0_alpn_selected(s: *const SSL, data: *mut *const c_uchar, len: *mut c_uint); +} + +#[cfg(not(osslconf = "OPENSSL_NO_PSK"))] +extern "C" { + pub fn SSL_CTX_set_psk_client_callback( + ssl: *mut SSL_CTX, + psk_client_cb: Option< + extern "C" fn( + *mut SSL, + *const c_char, + *mut c_char, + c_uint, + *mut c_uchar, + c_uint, + ) -> c_uint, + >, + ); + pub fn SSL_CTX_set_psk_server_callback( + ssl: *mut SSL_CTX, + psk_server_cb: Option< + extern "C" fn(*mut SSL, *const c_char, *mut c_uchar, c_uint) -> c_uint, + >, + ); + pub fn SSL_get_psk_identity_hint(ssl: *const SSL) -> *const c_char; + pub fn SSL_get_psk_identity(ssl: *const SSL) -> *const c_char; +} + +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CTX_add_custom_ext( + ctx: *mut SSL_CTX, + ext_type: c_uint, + context: c_uint, + add_cb: SSL_custom_ext_add_cb_ex, + free_cb: SSL_custom_ext_free_cb_ex, + add_arg: *mut c_void, + parse_cb: SSL_custom_ext_parse_cb_ex, + parse_arg: *mut c_void, + ) -> c_int; + + #[cfg(ossl102)] + pub fn SSL_extension_supported(ext_type: c_uint) -> c_int; +} + +#[cfg(ossl111)] +pub type SSL_CTX_keylog_cb_func = + Option; + +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CTX_set_keylog_callback(ctx: *mut SSL_CTX, cb: SSL_CTX_keylog_cb_func); + + #[cfg(any(ossl111, libressl340))] + pub fn SSL_CTX_set_max_early_data(ctx: *mut SSL_CTX, max_early_data: u32) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_CTX_get_max_early_data(ctx: *const SSL_CTX) -> u32; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_set_max_early_data(ctx: *mut SSL, max_early_data: u32) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_get_max_early_data(ctx: *const SSL) -> u32; + + pub fn SSL_get_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t; + pub fn SSL_get_peer_finished(s: *const SSL, buf: *mut c_void, count: size_t) -> size_t; + + pub fn SSL_CTX_get_verify_mode(ctx: *const SSL_CTX) -> c_int; + pub fn SSL_get_verify_mode(s: *const SSL) -> c_int; +} + +const_ptr_api! { + extern "C" { + #[cfg(ossl110)] + pub fn SSL_is_init_finished(s: #[const_ptr_if(ossl111)] SSL) -> c_int; + } +} + +cfg_if! { + if #[cfg(libressl261)] { + extern "C" { + pub fn SSL_CTX_set_min_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int; + pub fn SSL_CTX_set_max_proto_version(ctx: *mut SSL_CTX, version: u16) -> c_int; + pub fn SSL_set_min_proto_version(s: *mut SSL, version: u16) -> c_int; + pub fn SSL_set_max_proto_version(s: *mut SSL, version: u16) -> c_int; + } + } +} + +cfg_if! { + if #[cfg(libressl270)] { + extern "C" { + pub fn SSL_CTX_get_min_proto_version(ctx: *mut SSL_CTX) -> c_int; + pub fn SSL_CTX_get_max_proto_version(ctx: *mut SSL_CTX) -> c_int; + pub fn SSL_get_min_proto_version(s: *mut SSL) -> c_int; + pub fn SSL_get_max_proto_version(s: *mut SSL) -> c_int; + } + } +} + +extern "C" { + pub fn SSL_CTX_set_cipher_list(ssl: *mut SSL_CTX, s: *const c_char) -> c_int; + pub fn SSL_CTX_new(method: *const SSL_METHOD) -> *mut SSL_CTX; + pub fn SSL_CTX_free(ctx: *mut SSL_CTX); + #[cfg(any(ossl110, libressl273))] + pub fn SSL_CTX_up_ref(x: *mut SSL_CTX) -> c_int; + pub fn SSL_CTX_get_cert_store(ctx: *const SSL_CTX) -> *mut X509_STORE; + pub fn SSL_CTX_set_cert_store(ctx: *mut SSL_CTX, store: *mut X509_STORE); + + pub fn SSL_get_current_cipher(ssl: *const SSL) -> *const SSL_CIPHER; + pub fn SSL_CIPHER_get_bits(cipher: *const SSL_CIPHER, alg_bits: *mut c_int) -> c_int; +} +const_ptr_api! { + extern "C" { + pub fn SSL_CIPHER_get_version(cipher: *const SSL_CIPHER) -> #[const_ptr_if(any(ossl110, libressl280))] c_char; + } +} +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CIPHER_get_handshake_digest(cipher: *const SSL_CIPHER) -> *const EVP_MD; + pub fn SSL_CIPHER_get_name(cipher: *const SSL_CIPHER) -> *const c_char; + #[cfg(ossl111)] + pub fn SSL_CIPHER_standard_name(cipher: *const SSL_CIPHER) -> *const c_char; + #[cfg(ossl111)] + pub fn OPENSSL_cipher_name(rfc_name: *const c_char) -> *const c_char; + + pub fn SSL_pending(ssl: *const SSL) -> c_int; + pub fn SSL_set_bio(ssl: *mut SSL, rbio: *mut BIO, wbio: *mut BIO); + pub fn SSL_get_rbio(ssl: *const SSL) -> *mut BIO; + pub fn SSL_get_wbio(ssl: *const SSL) -> *mut BIO; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_CTX_set_ciphersuites(ctx: *mut SSL_CTX, str: *const c_char) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_set_ciphersuites(ssl: *mut SSL, str: *const c_char) -> c_int; + pub fn SSL_set_cipher_list(ssl: *mut SSL, s: *const c_char) -> c_int; + pub fn SSL_set_ssl_method(s: *mut SSL, method: *const SSL_METHOD) -> c_int; + pub fn SSL_set_verify( + ssl: *mut SSL, + mode: c_int, + // FIXME should be unsafe + verify_callback: Option c_int>, + ); + pub fn SSL_CTX_use_PrivateKey(ctx: *mut SSL_CTX, key: *mut EVP_PKEY) -> c_int; + pub fn SSL_CTX_use_certificate(ctx: *mut SSL_CTX, cert: *mut X509) -> c_int; + + pub fn SSL_CTX_use_PrivateKey_file( + ctx: *mut SSL_CTX, + key_file: *const c_char, + file_type: c_int, + ) -> c_int; + pub fn SSL_CTX_use_certificate_file( + ctx: *mut SSL_CTX, + cert_file: *const c_char, + file_type: c_int, + ) -> c_int; + pub fn SSL_CTX_use_certificate_chain_file( + ctx: *mut SSL_CTX, + cert_chain_file: *const c_char, + ) -> c_int; + pub fn SSL_use_PrivateKey_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int; + pub fn SSL_use_PrivateKey(ssl: *mut SSL, pkey: *mut EVP_PKEY) -> c_int; + pub fn SSL_use_certificate(ssl: *mut SSL, x: *mut X509) -> c_int; + #[cfg(any(ossl110, libressl332))] + pub fn SSL_use_certificate_chain_file(ssl: *mut SSL, file: *const c_char) -> c_int; + pub fn SSL_set_client_CA_list(s: *mut SSL, name_list: *mut stack_st_X509_NAME); + pub fn SSL_add_client_CA(ssl: *mut SSL, x: *mut X509) -> c_int; + pub fn SSL_load_client_CA_file(file: *const c_char) -> *mut stack_st_X509_NAME; + + #[cfg(not(ossl110))] + pub fn SSL_load_error_strings(); + pub fn SSL_state_string(ssl: *const SSL) -> *const c_char; + pub fn SSL_state_string_long(ssl: *const SSL) -> *const c_char; + + pub fn SSL_SESSION_get_time(s: *const SSL_SESSION) -> c_long; + pub fn SSL_SESSION_get_timeout(s: *const SSL_SESSION) -> c_long; + #[cfg(any(ossl110, libressl270))] + pub fn SSL_SESSION_get_protocol_version(s: *const SSL_SESSION) -> c_int; + + #[cfg(any(ossl111, libressl340))] + pub fn SSL_SESSION_set_max_early_data(ctx: *mut SSL_SESSION, max_early_data: u32) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_SESSION_get_max_early_data(ctx: *const SSL_SESSION) -> u32; + + pub fn SSL_SESSION_get_id(s: *const SSL_SESSION, len: *mut c_uint) -> *const c_uchar; + #[cfg(any(ossl110, libressl273))] + pub fn SSL_SESSION_up_ref(ses: *mut SSL_SESSION) -> c_int; + pub fn SSL_SESSION_free(s: *mut SSL_SESSION); +} +const_ptr_api! { + extern "C" { + pub fn i2d_SSL_SESSION(s: #[const_ptr_if(ossl300)] SSL_SESSION, pp: *mut *mut c_uchar) -> c_int; + } +} +extern "C" { + pub fn SSL_set_session(ssl: *mut SSL, session: *mut SSL_SESSION) -> c_int; + pub fn SSL_CTX_add_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int; + pub fn SSL_CTX_remove_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int; + pub fn d2i_SSL_SESSION( + a: *mut *mut SSL_SESSION, + pp: *mut *const c_uchar, + len: c_long, + ) -> *mut SSL_SESSION; + + #[cfg(not(ossl300))] + pub fn SSL_get_peer_certificate(ssl: *const SSL) -> *mut X509; + #[cfg(ossl300)] + pub fn SSL_get1_peer_certificate(ssl: *const SSL) -> *mut X509; + + pub fn SSL_get_peer_cert_chain(ssl: *const SSL) -> *mut stack_st_X509; + + pub fn SSL_CTX_set_verify( + ctx: *mut SSL_CTX, + mode: c_int, + verify_callback: Option c_int>, + ); + pub fn SSL_CTX_set_verify_depth(ctx: *mut SSL_CTX, depth: c_int); + + #[cfg(any(ossl111, libressl340))] + pub fn SSL_CTX_set_post_handshake_auth(ctx: *mut SSL_CTX, val: c_int); + + pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int; + + pub fn SSL_CTX_set_session_id_context( + ssl: *mut SSL_CTX, + sid_ctx: *const c_uchar, + sid_ctx_len: c_uint, + ) -> c_int; + + pub fn SSL_new(ctx: *mut SSL_CTX) -> *mut SSL; + + #[cfg(any(ossl102, libressl261))] + pub fn SSL_CTX_get0_param(ctx: *mut SSL_CTX) -> *mut X509_VERIFY_PARAM; + + #[cfg(any(ossl102, libressl261))] + pub fn SSL_get0_param(ssl: *mut SSL) -> *mut X509_VERIFY_PARAM; +} + +#[cfg(ossl111)] +pub type SSL_client_hello_cb_fn = + Option c_int>; +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CTX_set_client_hello_cb( + c: *mut SSL_CTX, + cb: SSL_client_hello_cb_fn, + arg: *mut c_void, + ); + #[cfg(ossl111)] + pub fn SSL_client_hello_isv2(s: *mut SSL) -> c_int; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_legacy_version(s: *mut SSL) -> c_uint; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_random(s: *mut SSL, out: *mut *const c_uchar) -> size_t; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_session_id(s: *mut SSL, out: *mut *const c_uchar) -> size_t; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_ciphers(s: *mut SSL, out: *mut *const c_uchar) -> size_t; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_compression_methods( + s: *mut SSL, + out: *mut *const c_uchar, + ) -> size_t; + #[cfg(ossl111)] + pub fn SSL_client_hello_get1_extensions_present( + s: *mut SSL, + out: *mut *mut c_int, + outlen: *mut size_t, + ) -> c_int; + #[cfg(ossl111)] + pub fn SSL_client_hello_get0_ext( + s: *mut SSL, + type_: c_uint, + out: *mut *const c_uchar, + outlen: *mut size_t, + ) -> c_int; + + pub fn SSL_free(ssl: *mut SSL); + pub fn SSL_accept(ssl: *mut SSL) -> c_int; + #[cfg(ossl111)] + pub fn SSL_stateless(s: *mut SSL) -> c_int; + pub fn SSL_connect(ssl: *mut SSL) -> c_int; + pub fn SSL_read(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int; + pub fn SSL_peek(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_read_early_data( + s: *mut SSL, + buf: *mut c_void, + num: size_t, + readbytes: *mut size_t, + ) -> c_int; +} + +extern "C" { + pub fn SSL_write(ssl: *mut SSL, buf: *const c_void, num: c_int) -> c_int; + #[cfg(any(ossl111, libressl340))] + pub fn SSL_write_early_data( + s: *mut SSL, + buf: *const c_void, + num: size_t, + written: *mut size_t, + ) -> c_int; + pub fn SSL_ctrl(ssl: *mut SSL, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long; + pub fn SSL_CTX_ctrl(ctx: *mut SSL_CTX, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long; + #[link_name = "SSL_CTX_callback_ctrl"] + pub fn SSL_CTX_callback_ctrl__fixed_rust( + ctx: *mut SSL_CTX, + cmd: c_int, + fp: Option, + ) -> c_long; +} + +cfg_if! { + if #[cfg(any(ossl110, libressl291))] { + extern "C" { + pub fn TLS_method() -> *const SSL_METHOD; + + pub fn DTLS_method() -> *const SSL_METHOD; + + pub fn TLS_server_method() -> *const SSL_METHOD; + + pub fn TLS_client_method() -> *const SSL_METHOD; + } + } else { + extern "C" { + #[cfg(not(osslconf = "OPENSSL_NO_SSL3_METHOD"))] + pub fn SSLv3_method() -> *const SSL_METHOD; + + pub fn SSLv23_method() -> *const SSL_METHOD; + + pub fn SSLv23_client_method() -> *const SSL_METHOD; + + pub fn SSLv23_server_method() -> *const SSL_METHOD; + + pub fn TLSv1_method() -> *const SSL_METHOD; + + pub fn TLSv1_1_method() -> *const SSL_METHOD; + + pub fn TLSv1_2_method() -> *const SSL_METHOD; + + pub fn DTLSv1_method() -> *const SSL_METHOD; + + #[cfg(ossl102)] + pub fn DTLSv1_2_method() -> *const SSL_METHOD; + } + } +} + +extern "C" { + pub fn SSL_get_error(ssl: *const SSL, ret: c_int) -> c_int; + pub fn SSL_get_version(ssl: *const SSL) -> *const c_char; + + pub fn SSL_do_handshake(ssl: *mut SSL) -> c_int; + pub fn SSL_shutdown(ssl: *mut SSL) -> c_int; + + pub fn SSL_CTX_set_client_CA_list(ctx: *mut SSL_CTX, list: *mut stack_st_X509_NAME); + + pub fn SSL_CTX_add_client_CA(ctx: *mut SSL_CTX, cacert: *mut X509) -> c_int; + + pub fn SSL_CTX_set_default_verify_paths(ctx: *mut SSL_CTX) -> c_int; + pub fn SSL_CTX_load_verify_locations( + ctx: *mut SSL_CTX, + CAfile: *const c_char, + CApath: *const c_char, + ) -> c_int; +} + +const_ptr_api! { + extern "C" { + pub fn SSL_get_ssl_method(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const SSL_METHOD; + } +} + +extern "C" { + pub fn SSL_set_connect_state(s: *mut SSL); + pub fn SSL_set_accept_state(s: *mut SSL); + + #[cfg(not(ossl110))] + pub fn SSL_library_init() -> c_int; + + pub fn SSL_CIPHER_description( + cipher: *const SSL_CIPHER, + buf: *mut c_char, + size: c_int, + ) -> *mut c_char; + + pub fn SSL_get_certificate(ssl: *const SSL) -> *mut X509; +} +const_ptr_api! { + extern "C" { + pub fn SSL_get_privatekey(ssl: #[const_ptr_if(any(ossl102, libressl280))] SSL) -> *mut EVP_PKEY; + } +} + +extern "C" { + #[cfg(any(ossl102, libressl270))] + pub fn SSL_CTX_get0_certificate(ctx: *const SSL_CTX) -> *mut X509; + #[cfg(any(ossl102, libressl340))] + pub fn SSL_CTX_get0_privatekey(ctx: *const SSL_CTX) -> *mut EVP_PKEY; + + pub fn SSL_set_shutdown(ss: *mut SSL, mode: c_int); + pub fn SSL_get_shutdown(ssl: *const SSL) -> c_int; + pub fn SSL_version(ssl: *const SSL) -> c_int; + pub fn SSL_get_session(s: *const SSL) -> *mut SSL_SESSION; + pub fn SSL_get_SSL_CTX(ssl: *const SSL) -> *mut SSL_CTX; + pub fn SSL_set_SSL_CTX(ssl: *mut SSL, ctx: *mut SSL_CTX) -> *mut SSL_CTX; + + pub fn SSL_get_verify_result(ssl: *const SSL) -> c_long; + #[cfg(ossl110)] + pub fn SSL_get0_verified_chain(ssl: *const SSL) -> *mut stack_st_X509; + + #[cfg(any(ossl110, libressl270))] + pub fn SSL_get_client_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t; + #[cfg(any(ossl110, libressl270))] + pub fn SSL_get_server_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t; + #[cfg(any(ossl110, libressl273))] + pub fn SSL_SESSION_get_master_key( + session: *const SSL_SESSION, + out: *mut c_uchar, + outlen: size_t, + ) -> size_t; +} + +extern "C" { + #[cfg(not(ossl110))] + pub fn SSL_get_ex_new_index( + argl: c_long, + argp: *mut c_void, + new_func: Option, + dup_func: Option, + free_func: Option, + ) -> c_int; + + pub fn SSL_set_ex_data(ssl: *mut SSL, idx: c_int, data: *mut c_void) -> c_int; + pub fn SSL_get_ex_data(ssl: *const SSL, idx: c_int) -> *mut c_void; + + #[cfg(not(ossl110))] + pub fn SSL_CTX_get_ex_new_index( + argl: c_long, + argp: *mut c_void, + new_func: Option, + dup_func: Option, + free_func: Option, + ) -> c_int; + + pub fn SSL_CTX_set_ex_data(ctx: *mut SSL_CTX, idx: c_int, data: *mut c_void) -> c_int; + pub fn SSL_CTX_get_ex_data(ctx: *const SSL_CTX, idx: c_int) -> *mut c_void; + + pub fn SSL_get_ex_data_X509_STORE_CTX_idx() -> c_int; +} + +extern "C" { + #[link_name = "SSL_CTX_set_tmp_dh_callback"] + pub fn SSL_CTX_set_tmp_dh_callback__fixed_rust( + ctx: *mut SSL_CTX, + dh: Option< + unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH, + >, + ); + #[link_name = "SSL_set_tmp_dh_callback"] + pub fn SSL_set_tmp_dh_callback__fixed_rust( + ctx: *mut SSL, + dh: Option< + unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH, + >, + ); + #[cfg(not(ossl110))] + #[link_name = "SSL_CTX_set_tmp_ecdh_callback"] + pub fn SSL_CTX_set_tmp_ecdh_callback__fixed_rust( + ctx: *mut SSL_CTX, + ecdh: Option< + unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY, + >, + ); + #[cfg(not(ossl110))] + #[link_name = "SSL_set_tmp_ecdh_callback"] + pub fn SSL_set_tmp_ecdh_callback__fixed_rust( + ssl: *mut SSL, + ecdh: Option< + unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY, + >, + ); +} + +cfg_if! { + if #[cfg(libressl)] { + extern "C" { + pub fn SSL_get_current_compression(ssl: *mut SSL) -> *const libc::c_void; + } + } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] { + const_ptr_api! { + extern "C" { + pub fn SSL_get_current_compression(ssl: #[const_ptr_if(ossl111b)] SSL) -> *const COMP_METHOD; + } + } + } +} +cfg_if! { + if #[cfg(libressl)] { + extern "C" { + pub fn SSL_COMP_get_name(comp: *const libc::c_void) -> *const c_char; + } + } else if #[cfg(not(osslconf = "OPENSSL_NO_COMP"))] { + extern "C" { + pub fn SSL_COMP_get_name(comp: *const COMP_METHOD) -> *const c_char; + } + } +} + +#[cfg(not(osslconf = "OPENSSL_NO_COMP"))] +extern "C" { + #[cfg(ossl110)] + pub fn COMP_get_type(meth: *const COMP_METHOD) -> i32; +} + +extern "C" { + #[cfg(any(ossl110, libressl270))] + pub fn SSL_CIPHER_get_cipher_nid(c: *const SSL_CIPHER) -> c_int; + #[cfg(any(ossl110, libressl270))] + pub fn SSL_CIPHER_get_digest_nid(c: *const SSL_CIPHER) -> c_int; +} + +const_ptr_api! { + extern "C" { + #[cfg(ossl110)] + pub fn SSL_session_reused(ssl: #[const_ptr_if(ossl111c)] SSL) -> c_int; + } +} + +const_ptr_api! { + extern "C" { + #[cfg(any(ossl102, libressl273))] + pub fn SSL_is_server(s: #[const_ptr_if(any(ossl110f, libressl273))] SSL) -> c_int; + } +} + +extern "C" { + #[cfg(ossl110)] + pub fn OPENSSL_init_ssl(opts: u64, settings: *const OPENSSL_INIT_SETTINGS) -> c_int; +} + +extern "C" { + #[cfg(ossl111)] + pub fn SSL_CTX_set_num_tickets(ctx: *mut SSL_CTX, num_tickets: size_t) -> c_int; + + #[cfg(ossl111)] + pub fn SSL_set_num_tickets(s: *mut SSL, num_tickets: size_t) -> c_int; + + #[cfg(ossl111)] + pub fn SSL_CTX_get_num_tickets(ctx: *const SSL_CTX) -> size_t; + + #[cfg(ossl111)] + pub fn SSL_get_num_tickets(s: *const SSL) -> size_t; +} diff --git a/openssl-sys/src/handwritten/stack.rs b/openssl-sys/src/handwritten/stack.rs new file mode 100644 index 000000000..7f2feef6d --- /dev/null +++ b/openssl-sys/src/handwritten/stack.rs @@ -0,0 +1,45 @@ +use libc::*; + +cfg_if! { + if #[cfg(ossl110)] { + pub enum OPENSSL_STACK {} + } else { + #[repr(C)] + pub struct _STACK { + pub num: c_int, + pub data: *mut *mut c_char, + pub sorted: c_int, + pub num_alloc: c_int, + pub comp: Option c_int>, + } + } +} + +cfg_if! { + if #[cfg(ossl110)] { + extern "C" { + pub fn OPENSSL_sk_num(stack: *const OPENSSL_STACK) -> c_int; + pub fn OPENSSL_sk_value(stack: *const OPENSSL_STACK, idx: c_int) -> *mut c_void; + + pub fn OPENSSL_sk_new_null() -> *mut OPENSSL_STACK; + pub fn OPENSSL_sk_free(st: *mut OPENSSL_STACK); + pub fn OPENSSL_sk_pop_free( + st: *mut OPENSSL_STACK, + free: Option, + ); + pub fn OPENSSL_sk_push(st: *mut OPENSSL_STACK, data: *const c_void) -> c_int; + pub fn OPENSSL_sk_pop(st: *mut OPENSSL_STACK) -> *mut c_void; + } + } else { + extern "C" { + pub fn sk_num(st: *const _STACK) -> c_int; + pub fn sk_value(st: *const _STACK, n: c_int) -> *mut c_void; + + pub fn sk_new_null() -> *mut _STACK; + pub fn sk_free(st: *mut _STACK); + pub fn sk_pop_free(st: *mut _STACK, free: Option); + pub fn sk_push(st: *mut _STACK, data: *mut c_void) -> c_int; + pub fn sk_pop(st: *mut _STACK) -> *mut c_void; + } + } +} diff --git a/openssl-sys/src/handwritten/tls1.rs b/openssl-sys/src/handwritten/tls1.rs new file mode 100644 index 000000000..8cf992fbc --- /dev/null +++ b/openssl-sys/src/handwritten/tls1.rs @@ -0,0 +1,28 @@ +use super::super::*; +use libc::*; + +extern "C" { + pub fn SSL_get_servername(ssl: *const SSL, name_type: c_int) -> *const c_char; + + pub fn SSL_export_keying_material( + s: *mut SSL, + out: *mut c_uchar, + olen: size_t, + label: *const c_char, + llen: size_t, + context: *const c_uchar, + contextlen: size_t, + use_context: c_int, + ) -> c_int; + + #[cfg(ossl111)] + pub fn SSL_export_keying_material_early( + s: *mut SSL, + out: *mut c_uchar, + olen: size_t, + label: *const c_char, + llen: size_t, + context: *const c_uchar, + contextlen: size_t, + ) -> c_int; +} diff --git a/openssl-sys/src/handwritten/types.rs b/openssl-sys/src/handwritten/types.rs new file mode 100644 index 000000000..b229a3759 --- /dev/null +++ b/openssl-sys/src/handwritten/types.rs @@ -0,0 +1,1078 @@ +use libc::*; + +#[allow(unused_imports)] +use super::super::*; + +pub enum ASN1_INTEGER {} +pub enum ASN1_GENERALIZEDTIME {} +pub enum ASN1_STRING {} +pub enum ASN1_BIT_STRING {} +pub enum ASN1_TIME {} +pub enum ASN1_TYPE {} +pub enum ASN1_OBJECT {} +pub enum ASN1_OCTET_STRING {} + +pub enum bio_st {} // FIXME remove +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum BIO {} + } else { + #[repr(C)] + pub struct BIO { + pub method: *mut BIO_METHOD, + pub callback: Option< + unsafe extern "C" fn(*mut BIO, c_int, *const c_char, c_int, c_long, c_long) -> c_long, + >, + pub cb_arg: *mut c_char, + pub init: c_int, + pub shutdown: c_int, + pub flags: c_int, + pub retry_reason: c_int, + pub num: c_int, + pub ptr: *mut c_void, + pub next_bio: *mut BIO, + pub prev_bio: *mut BIO, + pub references: c_int, + pub num_read: c_ulong, + pub num_write: c_ulong, + pub ex_data: CRYPTO_EX_DATA, + } + } +} +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum BIGNUM {} + } else { + #[repr(C)] + pub struct BIGNUM { + pub d: *mut BN_ULONG, + pub top: c_int, + pub dmax: c_int, + pub neg: c_int, + pub flags: c_int, + } + } +} +pub enum BN_BLINDING {} +pub enum BN_MONT_CTX {} + +pub enum BN_CTX {} +pub enum BN_GENCB {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum EVP_CIPHER {} + } else { + #[repr(C)] + pub struct EVP_CIPHER { + pub nid: c_int, + pub block_size: c_int, + pub key_len: c_int, + pub iv_len: c_int, + pub flags: c_ulong, + pub init: Option< + unsafe extern "C" fn(*mut EVP_CIPHER_CTX, *const c_uchar, *const c_uchar, c_int) -> c_int, + >, + pub do_cipher: Option< + unsafe extern "C" fn(*mut EVP_CIPHER_CTX, *mut c_uchar, *const c_uchar, size_t) -> c_int, + >, + pub cleanup: Option c_int>, + pub ctx_size: c_int, + pub set_asn1_parameters: + Option c_int>, + pub get_asn1_parameters: + Option c_int>, + pub ctrl: + Option c_int>, + pub app_data: *mut c_void, + } + } +} +pub enum EVP_CIPHER_CTX {} +pub enum EVP_MD {} +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum EVP_MD_CTX {} + } else { + #[repr(C)] + pub struct EVP_MD_CTX { + digest: *mut EVP_MD, + engine: *mut ENGINE, + flags: c_ulong, + md_data: *mut c_void, + pctx: *mut EVP_PKEY_CTX, + update: *mut c_void, + } + } +} + +pub enum PKCS8_PRIV_KEY_INFO {} + +pub enum EVP_PKEY_ASN1_METHOD {} + +pub enum EVP_PKEY_CTX {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum HMAC_CTX {} + } else { + #[repr(C)] + pub struct HMAC_CTX { + md: *mut EVP_MD, + md_ctx: EVP_MD_CTX, + i_ctx: EVP_MD_CTX, + o_ctx: EVP_MD_CTX, + key_length: c_uint, + key: [c_uchar; 128], + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum DH {} + } else { + #[repr(C)] + pub struct DH { + pub pad: c_int, + pub version: c_int, + pub p: *mut BIGNUM, + pub g: *mut BIGNUM, + pub length: c_long, + pub pub_key: *mut BIGNUM, + pub priv_key: *mut BIGNUM, + pub flags: c_int, + pub method_mont_p: *mut BN_MONT_CTX, + pub q: *mut BIGNUM, + pub j: *mut BIGNUM, + pub seed: *mut c_uchar, + pub seedlen: c_int, + pub counter: *mut BIGNUM, + pub references: c_int, + pub ex_data: CRYPTO_EX_DATA, + pub meth: *const DH_METHOD, + pub engine: *mut ENGINE, + } + } +} +pub enum DH_METHOD {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum DSA {} + } else { + #[repr(C)] + pub struct DSA { + pub pad: c_int, + pub version: c_long, + pub write_params: c_int, + + pub p: *mut BIGNUM, + pub q: *mut BIGNUM, + pub g: *mut BIGNUM, + pub pub_key: *mut BIGNUM, + pub priv_key: *mut BIGNUM, + pub kinv: *mut BIGNUM, + pub r: *mut BIGNUM, + + pub flags: c_int, + pub method_mont_p: *mut BN_MONT_CTX, + pub references: c_int, + pub ex_data: CRYPTO_EX_DATA, + pub meth: *const DSA_METHOD, + pub engine: *mut ENGINE, + } + } +} +pub enum DSA_METHOD {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum RSA {} + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct RSA { + pub pad: c_int, + pub version: c_long, + pub meth: *const RSA_METHOD, + + pub engine: *mut ENGINE, + pub n: *mut BIGNUM, + pub e: *mut BIGNUM, + pub d: *mut BIGNUM, + pub p: *mut BIGNUM, + pub q: *mut BIGNUM, + pub dmp1: *mut BIGNUM, + pub dmq1: *mut BIGNUM, + pub iqmp: *mut BIGNUM, + + pub ex_data: CRYPTO_EX_DATA, + pub references: c_int, + pub flags: c_int, + + pub _method_mod_n: *mut BN_MONT_CTX, + pub _method_mod_p: *mut BN_MONT_CTX, + pub _method_mod_q: *mut BN_MONT_CTX, + + pub blinding: *mut BN_BLINDING, + pub mt_blinding: *mut BN_BLINDING, + } + } else { + #[repr(C)] + pub struct RSA { + pub pad: c_int, + pub version: c_long, + pub meth: *const RSA_METHOD, + + pub engine: *mut ENGINE, + pub n: *mut BIGNUM, + pub e: *mut BIGNUM, + pub d: *mut BIGNUM, + pub p: *mut BIGNUM, + pub q: *mut BIGNUM, + pub dmp1: *mut BIGNUM, + pub dmq1: *mut BIGNUM, + pub iqmp: *mut BIGNUM, + + pub ex_data: CRYPTO_EX_DATA, + pub references: c_int, + pub flags: c_int, + + pub _method_mod_n: *mut BN_MONT_CTX, + pub _method_mod_p: *mut BN_MONT_CTX, + pub _method_mod_q: *mut BN_MONT_CTX, + + pub bignum_data: *mut c_char, + pub blinding: *mut BN_BLINDING, + pub mt_blinding: *mut BN_BLINDING, + } + } +} +pub enum RSA_METHOD {} + +pub enum EC_KEY {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum X509 {} + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct X509 { + pub cert_info: *mut X509_CINF, + pub sig_alg: *mut X509_ALGOR, + pub signature: *mut ASN1_BIT_STRING, + pub valid: c_int, + pub references: c_int, + pub name: *mut c_char, + pub ex_data: CRYPTO_EX_DATA, + pub ex_pathlen: c_long, + pub ex_pcpathlen: c_long, + pub ex_flags: c_ulong, + pub ex_kusage: c_ulong, + pub ex_xkusage: c_ulong, + pub ex_nscert: c_ulong, + skid: *mut c_void, + akid: *mut c_void, + policy_cache: *mut c_void, + crldp: *mut c_void, + altname: *mut c_void, + nc: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_SHA"))] + sha1_hash: [c_uchar; 20], + aux: *mut c_void, + } + } else { + #[repr(C)] + pub struct X509 { + pub cert_info: *mut X509_CINF, + pub sig_alg: *mut X509_ALGOR, + pub signature: *mut ASN1_BIT_STRING, + pub valid: c_int, + pub references: c_int, + pub name: *mut c_char, + pub ex_data: CRYPTO_EX_DATA, + pub ex_pathlen: c_long, + pub ex_pcpathlen: c_long, + pub ex_flags: c_ulong, + pub ex_kusage: c_ulong, + pub ex_xkusage: c_ulong, + pub ex_nscert: c_ulong, + skid: *mut c_void, + akid: *mut c_void, + policy_cache: *mut c_void, + crldp: *mut c_void, + altname: *mut c_void, + nc: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_RFC3779"))] + rfc3779_addr: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_RFC3779"))] + rfc3779_asid: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_SHA"))] + sha1_hash: [c_uchar; 20], + aux: *mut c_void, + } + } +} +cfg_if! { + if #[cfg(ossl110)] { + pub enum X509_ALGOR {} + } else { + #[repr(C)] + pub struct X509_ALGOR { + pub algorithm: *mut ASN1_OBJECT, + parameter: *mut c_void, + } + } +} + +pub enum X509_LOOKUP_METHOD {} + +pub enum X509_NAME {} + +cfg_if! { + if #[cfg(any(ossl110, libressl270))] { + pub enum X509_STORE {} + } else { + #[repr(C)] + pub struct X509_STORE { + cache: c_int, + pub objs: *mut stack_st_X509_OBJECT, + get_cert_methods: *mut stack_st_X509_LOOKUP, + param: *mut X509_VERIFY_PARAM, + verify: Option c_int>, + verify_cb: Option c_int>, + get_issuer: Option< + extern "C" fn(issuer: *mut *mut X509, ctx: *mut X509_STORE_CTX, x: *mut X509) -> c_int, + >, + check_issued: + Option c_int>, + check_revocation: Option c_int>, + get_crl: Option< + extern "C" fn(ctx: *mut X509_STORE_CTX, crl: *mut *mut X509_CRL, x: *mut X509) -> c_int, + >, + check_crl: Option c_int>, + cert_crl: + Option c_int>, + lookup_certs: + Option *mut stack_st_X509>, + lookup_crls: Option< + extern "C" fn(ctx: *const X509_STORE_CTX, nm: *const X509_NAME) -> *mut stack_st_X509_CRL, + >, + cleanup: Option c_int>, + ex_data: CRYPTO_EX_DATA, + references: c_int, + } + } +} + +pub enum X509_STORE_CTX {} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum X509_VERIFY_PARAM {} + } else if #[cfg(libressl251)] { + #[repr(C)] + pub struct X509_VERIFY_PARAM { + pub name: *mut c_char, + pub check_time: time_t, + pub inh_flags: c_ulong, + pub flags: c_ulong, + pub purpose: c_int, + pub trust: c_int, + pub depth: c_int, + pub policies: *mut stack_st_ASN1_OBJECT, + id: *mut c_void, + } + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct X509_VERIFY_PARAM { + pub name: *mut c_char, + pub check_time: time_t, + pub inh_flags: c_ulong, + pub flags: c_ulong, + pub purpose: c_int, + pub trust: c_int, + pub depth: c_int, + pub policies: *mut stack_st_ASN1_OBJECT, + //pub id: *mut X509_VERIFY_PARAM_ID, + } + } else { + #[repr(C)] + pub struct X509_VERIFY_PARAM { + pub name: *mut c_char, + pub check_time: time_t, + pub inh_flags: c_ulong, + pub flags: c_ulong, + pub purpose: c_int, + pub trust: c_int, + pub depth: c_int, + pub policies: *mut stack_st_ASN1_OBJECT, + #[cfg(ossl102)] + pub id: *mut X509_VERIFY_PARAM_ID, + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl270))] { + pub enum X509_OBJECT {} + } else { + #[repr(C)] + pub struct X509_OBJECT { + pub type_: c_int, + pub data: X509_OBJECT_data, + } + #[repr(C)] + pub union X509_OBJECT_data { + pub ptr: *mut c_char, + pub x509: *mut X509, + pub crl: *mut X509_CRL, + pub pkey: *mut EVP_PKEY, + } + } +} + +pub enum X509_LOOKUP {} + +#[repr(C)] +pub struct X509V3_CTX { + flags: c_int, + issuer_cert: *mut c_void, + subject_cert: *mut c_void, + subject_req: *mut c_void, + crl: *mut c_void, + db_meth: *mut c_void, + db: *mut c_void, + #[cfg(ossl300)] + issuer_pkey: *mut c_void, + // I like the last comment line, it is copied from OpenSSL sources: + // Maybe more here +} +pub enum CONF {} +#[cfg(ossl110)] +pub enum OPENSSL_INIT_SETTINGS {} + +pub enum ENGINE {} +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum SSL {} + } else if #[cfg(libressl251)] { + #[repr(C)] + pub struct SSL { + version: c_int, + method: *const SSL_METHOD, + rbio: *mut BIO, + wbio: *mut BIO, + bbio: *mut BIO, + pub server: c_int, + s3: *mut c_void, + d1: *mut c_void, + param: *mut c_void, + cipher_list: *mut stack_st_SSL_CIPHER, + cert: *mut c_void, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + session: *mut SSL_SESSION, + verify_mode: c_int, + error: c_int, + error_code: c_int, + ctx: *mut SSL_CTX, + verify_result: c_long, + references: c_int, + client_version: c_int, + max_send_fragment: c_uint, + tlsext_hostname: *mut c_char, + tlsext_status_type: c_int, + initial_ctx: *mut SSL_CTX, + enc_read_ctx: *mut EVP_CIPHER_CTX, + read_hash: *mut EVP_MD_CTX, + internal: *mut c_void, + } + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct SSL { + version: c_int, + type_: c_int, + method: *const SSL_METHOD, + rbio: *mut c_void, + wbio: *mut c_void, + bbio: *mut c_void, + rwstate: c_int, + in_handshake: c_int, + handshake_func: Option c_int>, + pub server: c_int, + new_session: c_int, + quiet_shutdown: c_int, + shutdown: c_int, + state: c_int, + rstate: c_int, + init_buf: *mut c_void, + init_msg: *mut c_void, + init_num: c_int, + init_off: c_int, + packet: *mut c_uchar, + packet_length: c_uint, + s3: *mut c_void, + d1: *mut c_void, + read_ahead: c_int, + msg_callback: Option< + unsafe extern "C" fn(c_int, + c_int, + c_int, + *const c_void, + size_t, + *mut SSL, + *mut c_void), + >, + msg_callback_arg: *mut c_void, + hit: c_int, + param: *mut c_void, + cipher_list: *mut stack_st_SSL_CIPHER, + cipher_list_by_id: *mut stack_st_SSL_CIPHER, + mac_flags: c_int, + aead_read_ctx: *mut c_void, + enc_read_ctx: *mut EVP_CIPHER_CTX, + read_hash: *mut EVP_MD_CTX, + aead_write_ctx: *mut c_void, + enc_write_ctx: *mut EVP_CIPHER_CTX, + write_hash: *mut EVP_MD_CTX, + cert: *mut c_void, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + session: *mut SSL_SESSION, + generate_session_id: GEN_SESSION_CB, + verify_mode: c_int, + verify_callback: Option c_int>, + info_callback: Option, + error: c_int, + error_code: c_int, + ctx: *mut SSL_CTX, + debug: c_int, + verify_result: c_long, + ex_data: CRYPTO_EX_DATA, + client_CA: *mut stack_st_X509_NAME, + references: c_int, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + first_packet: c_int, + client_version: c_int, + max_send_fragment: c_uint, + tlsext_debug_cb: + Option, + tlsext_debug_arg: *mut c_void, + tlsext_hostname: *mut c_char, + servername_done: c_int, + tlsext_status_type: c_int, + tlsext_status_expected: c_int, + tlsext_ocsp_ids: *mut c_void, + tlsext_ocsp_exts: *mut c_void, + tlsext_ocsp_resp: *mut c_uchar, + tlsext_ocsp_resplen: c_int, + tlsext_ticket_expected: c_int, + tlsext_ecpointformatlist_length: size_t, + tlsext_ecpointformatlist: *mut c_uchar, + tlsext_ellipticcurvelist_length: size_t, + tlsext_ellipticcurvelist: *mut c_uchar, + tlsext_session_ticket: *mut c_void, + tlsext_session_ticket_ext_cb: tls_session_ticket_ext_cb_fn, + tls_session_ticket_ext_cb_arg: *mut c_void, + tls_session_secret_cb: tls_session_secret_cb_fn, + tls_session_secret_cb_arg: *mut c_void, + initial_ctx: *mut SSL_CTX, + next_proto_negotiated: *mut c_uchar, + next_proto_negotiated_len: c_uchar, + srtp_profiles: *mut c_void, + srtp_profile: *mut c_void, + tlsext_heartbeat: c_uint, + tlsext_hb_pending: c_uint, + tlsext_hb_seq: c_uint, + alpn_client_proto_list: *mut c_uchar, + alpn_client_proto_list_len: c_uint, + renegotiate: c_int, + } + } else { + #[repr(C)] + pub struct SSL { + version: c_int, + type_: c_int, + method: *const SSL_METHOD, + rbio: *mut c_void, + wbio: *mut c_void, + bbio: *mut c_void, + rwstate: c_int, + in_handshake: c_int, + handshake_func: Option c_int>, + pub server: c_int, + new_session: c_int, + quiet_session: c_int, + shutdown: c_int, + state: c_int, + rstate: c_int, + init_buf: *mut c_void, + init_msg: *mut c_void, + init_num: c_int, + init_off: c_int, + packet: *mut c_uchar, + packet_length: c_uint, + s2: *mut c_void, + s3: *mut c_void, + d1: *mut c_void, + read_ahead: c_int, + msg_callback: Option< + unsafe extern "C" fn(c_int, c_int, c_int, *const c_void, size_t, *mut SSL, *mut c_void), + >, + msg_callback_arg: *mut c_void, + hit: c_int, + param: *mut c_void, + cipher_list: *mut stack_st_SSL_CIPHER, + cipher_list_by_id: *mut stack_st_SSL_CIPHER, + mac_flags: c_int, + enc_read_ctx: *mut EVP_CIPHER_CTX, + read_hash: *mut EVP_MD_CTX, + expand: *mut c_void, + enc_write_ctx: *mut EVP_CIPHER_CTX, + write_hash: *mut EVP_MD_CTX, + compress: *mut c_void, + cert: *mut c_void, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + session: *mut SSL_SESSION, + generate_session_id: GEN_SESSION_CB, + verify_mode: c_int, + verify_callback: Option c_int>, + info_callback: Option, + error: c_int, + error_code: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_KRB5"))] + kssl_ctx: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_client_callback: Option< + unsafe extern "C" fn(*mut SSL, *const c_char, *mut c_char, c_uint, *mut c_uchar, c_uint) + -> c_uint, + >, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_server_callback: + Option c_uint>, + ctx: *mut SSL_CTX, + debug: c_int, + verify_result: c_long, + ex_data: CRYPTO_EX_DATA, + client_CA: *mut stack_st_X509_NAME, + references: c_int, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + first_packet: c_int, + client_version: c_int, + max_send_fragment: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_debug_cb: + Option, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_debug_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_hostname: *mut c_char, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + servername_done: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_status_type: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_status_expected: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ocsp_ids: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ocsp_exts: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ocsp_resp: *mut c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ocsp_resplen: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ticket_expected: c_int, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ecpointformatlist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ecpointformatlist: *mut c_uchar, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ellipticcurvelist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC") + ))] + tlsext_ellipticcurvelist: *mut c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_opaque_prf_input: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_opaque_prf_input_len: size_t, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_session_ticket: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_session_ticket_ext_cb: tls_session_ticket_ext_cb_fn, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tls_session_ticket_ext_cb_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tls_session_secret_cb: tls_session_secret_cb_fn, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tls_session_secret_cb_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + initial_ctx: *mut SSL_CTX, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_proto_negotiated: *mut c_uchar, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_proto_negotiated_len: c_uchar, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + srtp_profiles: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + srtp_profile: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_heartbeat: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_hb_pending: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_hb_seq: c_uint, + renegotiate: c_int, + #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] + srp_ctx: SRP_CTX, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_client_proto_list: *mut c_uchar, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_client_proto_list_len: c_uint, + } + } +} +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum SSL_CTX {} + } else if #[cfg(libressl251)] { + #[repr(C)] + pub struct SSL_CTX { + method: *const SSL_METHOD, + cipher_list: *mut stack_st_SSL_CIPHER, + cert_store: *mut c_void, + session_timeout: c_long, + pub references: c_int, + extra_certs: *mut stack_st_X509, + verify_mode: c_int, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; SSL_MAX_SID_CTX_LENGTH as usize], + param: *mut X509_VERIFY_PARAM, + default_passwd_callback: *mut c_void, + default_passwd_callback_userdata: *mut c_void, + internal: *mut c_void, + } + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct SSL_CTX { + method: *mut c_void, + cipher_list: *mut c_void, + cipher_list_by_id: *mut c_void, + cert_store: *mut c_void, + sessions: *mut c_void, + session_cache_size: c_ulong, + session_cache_head: *mut c_void, + session_cache_tail: *mut c_void, + session_cache_mode: c_int, + session_timeout: c_long, + new_session_cb: *mut c_void, + remove_session_cb: *mut c_void, + get_session_cb: *mut c_void, + stats: [c_int; 11], + pub references: c_int, + app_verify_callback: *mut c_void, + app_verify_arg: *mut c_void, + default_passwd_callback: *mut c_void, + default_passwd_callback_userdata: *mut c_void, + client_cert_cb: *mut c_void, + app_gen_cookie_cb: *mut c_void, + app_verify_cookie_cb: *mut c_void, + ex_dat: CRYPTO_EX_DATA, + rsa_md5: *mut c_void, + md5: *mut c_void, + sha1: *mut c_void, + extra_certs: *mut c_void, + comp_methods: *mut c_void, + info_callback: *mut c_void, + client_CA: *mut c_void, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + cert: *mut c_void, + read_ahead: c_int, + msg_callback: *mut c_void, + msg_callback_arg: *mut c_void, + verify_mode: c_int, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; 32], + default_verify_callback: *mut c_void, + generate_session_id: *mut c_void, + param: *mut c_void, + quiet_shutdown: c_int, + max_send_fragment: c_uint, + + #[cfg(not(osslconf = "OPENSSL_NO_ENGINE"))] + client_cert_engine: *mut c_void, + + tlsext_servername_callback: *mut c_void, + tlsect_servername_arg: *mut c_void, + tlsext_tick_key_name: [c_uchar; 16], + tlsext_tick_hmac_key: [c_uchar; 16], + tlsext_tick_aes_key: [c_uchar; 16], + tlsext_ticket_key_cb: *mut c_void, + tlsext_status_cb: *mut c_void, + tlsext_status_arg: *mut c_void, + tlsext_opaque_prf_input_callback: *mut c_void, + tlsext_opaque_prf_input_callback_arg: *mut c_void, + + next_protos_advertised_cb: *mut c_void, + next_protos_advertised_cb_arg: *mut c_void, + next_proto_select_cb: *mut c_void, + next_proto_select_cb_arg: *mut c_void, + + srtp_profiles: *mut c_void, + } + } else { + #[repr(C)] + pub struct SSL_CTX { + method: *mut c_void, + cipher_list: *mut c_void, + cipher_list_by_id: *mut c_void, + cert_store: *mut c_void, + sessions: *mut c_void, + session_cache_size: c_ulong, + session_cache_head: *mut c_void, + session_cache_tail: *mut c_void, + session_cache_mode: c_int, + session_timeout: c_long, + new_session_cb: *mut c_void, + remove_session_cb: *mut c_void, + get_session_cb: *mut c_void, + stats: [c_int; 11], + pub references: c_int, + app_verify_callback: *mut c_void, + app_verify_arg: *mut c_void, + default_passwd_callback: *mut c_void, + default_passwd_callback_userdata: *mut c_void, + client_cert_cb: *mut c_void, + app_gen_cookie_cb: *mut c_void, + app_verify_cookie_cb: *mut c_void, + ex_dat: CRYPTO_EX_DATA, + rsa_md5: *mut c_void, + md5: *mut c_void, + sha1: *mut c_void, + extra_certs: *mut c_void, + comp_methods: *mut c_void, + info_callback: *mut c_void, + client_CA: *mut c_void, + options: c_ulong, + mode: c_ulong, + max_cert_list: c_long, + cert: *mut c_void, + read_ahead: c_int, + msg_callback: *mut c_void, + msg_callback_arg: *mut c_void, + verify_mode: c_int, + sid_ctx_length: c_uint, + sid_ctx: [c_uchar; 32], + default_verify_callback: *mut c_void, + generate_session_id: *mut c_void, + param: *mut c_void, + quiet_shutdown: c_int, + max_send_fragment: c_uint, + + #[cfg(not(osslconf = "OPENSSL_NO_ENGINE"))] + client_cert_engine: *mut c_void, + + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_servername_callback: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsect_servername_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick_key_name: [c_uchar; 16], + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick_hmac_key: [c_uchar; 16], + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_tick_aes_key: [c_uchar; 16], + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_ticket_key_cb: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_status_cb: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_status_arg: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_opaque_prf_input_callback: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_TLSEXT"))] + tlsext_opaque_prf_input_callback_arg: *mut c_void, + + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_identity_hint: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_client_callback: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_PSK"))] + psk_server_callback: *mut c_void, + + #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] + freelist_max_len: c_uint, + #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] + wbuf_freelist: *mut c_void, + #[cfg(not(osslconf = "OPENSSL_NO_BUF_FREELISTS"))] + rbuf_freelist: *mut c_void, + + #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] + srp_ctx: SRP_CTX, + + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_protos_advertised_cb: *mut c_void, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_protos_advertised_cb_arg: *mut c_void, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_proto_select_cb: *mut c_void, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_NEXTPROTONEG") + ))] + next_proto_select_cb_arg: *mut c_void, + + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl101))] + srtp_profiles: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_select_cb: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_select_cb_arg: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_client_proto_list: *mut c_void, + #[cfg(all(not(osslconf = "OPENSSL_NO_TLSEXT"), ossl102))] + alpn_client_proto_list_len: c_uint, + + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC"), + ossl102 + ))] + tlsext_ecpointformatlist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC"), + ossl102 + ))] + tlsext_ecpointformatlist: *mut c_uchar, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC"), + ossl102 + ))] + tlsext_ellipticcurvelist_length: size_t, + #[cfg(all( + not(osslconf = "OPENSSL_NO_TLSEXT"), + not(osslconf = "OPENSSL_NO_EC"), + ossl102 + ))] + tlsext_ellipticcurvelist: *mut c_uchar, + } + + #[repr(C)] + #[cfg(not(osslconf = "OPENSSL_NO_SRP"))] + pub struct SRP_CTX { + SRP_cb_arg: *mut c_void, + TLS_ext_srp_username_callback: *mut c_void, + SRP_verify_param_callback: *mut c_void, + SRP_give_srp_client_pwd_callback: *mut c_void, + login: *mut c_void, + N: *mut c_void, + g: *mut c_void, + s: *mut c_void, + B: *mut c_void, + A: *mut c_void, + a: *mut c_void, + b: *mut c_void, + v: *mut c_void, + info: *mut c_void, + stringth: c_int, + srp_Mask: c_ulong, + } + } +} + +pub enum COMP_CTX {} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum COMP_METHOD {} + } else { + #[repr(C)] + pub struct COMP_METHOD { + pub type_: c_int, + pub name: *const c_char, + init: Option c_int>, + finish: Option, + compress: Option< + unsafe extern "C" fn( + *mut COMP_CTX, + *mut c_uchar, + c_uint, + *mut c_uchar, + c_uint, + ) -> c_int, + >, + expand: Option< + unsafe extern "C" fn( + *mut COMP_CTX, + *mut c_uchar, + c_uint, + *mut c_uchar, + c_uint, + ) -> c_int, + >, + ctrl: Option c_long>, + callback_ctrl: Option c_long>, + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum CRYPTO_EX_DATA {} + } else if #[cfg(libressl)] { + #[repr(C)] + pub struct CRYPTO_EX_DATA { + pub sk: *mut stack_st_void, + } + } else { + #[repr(C)] + pub struct CRYPTO_EX_DATA { + pub sk: *mut stack_st_void, + pub dummy: c_int, + } + } +} + +pub enum OCSP_RESPONSE {} + +#[cfg(ossl300)] +pub enum OSSL_PROVIDER {} + +#[cfg(ossl300)] +pub enum OSSL_LIB_CTX {} diff --git a/openssl-sys/src/handwritten/x509.rs b/openssl-sys/src/handwritten/x509.rs new file mode 100644 index 000000000..8762e5f98 --- /dev/null +++ b/openssl-sys/src/handwritten/x509.rs @@ -0,0 +1,666 @@ +use super::super::*; +use libc::*; + +#[repr(C)] +pub struct X509_VAL { + pub notBefore: *mut ASN1_TIME, + pub notAfter: *mut ASN1_TIME, +} + +pub enum X509_NAME_ENTRY {} + +stack!(stack_st_X509_NAME); + +pub enum X509_EXTENSION {} + +stack!(stack_st_X509_EXTENSION); + +stack!(stack_st_X509_ATTRIBUTE); + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_REQ_INFO {} + } else { + #[repr(C)] + pub struct X509_REQ_INFO { + pub enc: ASN1_ENCODING, + pub version: *mut ASN1_INTEGER, + pub subject: *mut X509_NAME, + pubkey: *mut c_void, + pub attributes: *mut stack_st_X509_ATTRIBUTE, + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_CRL {} + } else { + #[repr(C)] + pub struct X509_CRL { + pub crl: *mut X509_CRL_INFO, + sig_alg: *mut X509_ALGOR, + signature: *mut c_void, + references: c_int, + flags: c_int, + akid: *mut c_void, + idp: *mut c_void, + idp_flags: c_int, + idp_reasons: c_int, + crl_number: *mut ASN1_INTEGER, + base_crl_number: *mut ASN1_INTEGER, + sha1_hash: [c_uchar; 20], + issuers: *mut c_void, + meth: *const c_void, + meth_data: *mut c_void, + } + } +} + +stack!(stack_st_X509_CRL); + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_CRL_INFO {} + } else { + #[repr(C)] + pub struct X509_CRL_INFO { + version: *mut ASN1_INTEGER, + sig_alg: *mut X509_ALGOR, + pub issuer: *mut X509_NAME, + pub lastUpdate: *mut ASN1_TIME, + pub nextUpdate: *mut ASN1_TIME, + pub revoked: *mut stack_st_X509_REVOKED, + extensions: *mut stack_st_X509_EXTENSION, + enc: ASN1_ENCODING, + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_REVOKED {} + } else { + #[repr(C)] + pub struct X509_REVOKED { + pub serialNumber: *mut ASN1_INTEGER, + pub revocationDate: *mut ASN1_TIME, + pub extensions: *mut stack_st_X509_EXTENSION, + issuer: *mut stack_st_GENERAL_NAME, + reason: c_int, + sequence: c_int, + } + } +} + +stack!(stack_st_X509_REVOKED); + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_REQ {} + } else { + #[repr(C)] + pub struct X509_REQ { + pub req_info: *mut X509_REQ_INFO, + sig_alg: *mut c_void, + signature: *mut c_void, + references: c_int, + } + } +} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + pub enum X509_CINF {} + } else { + #[repr(C)] + pub struct X509_CINF { + version: *mut c_void, + serialNumber: *mut c_void, + signature: *mut c_void, + issuer: *mut c_void, + pub validity: *mut X509_VAL, + subject: *mut c_void, + key: *mut c_void, + issuerUID: *mut c_void, + subjectUID: *mut c_void, + pub extensions: *mut stack_st_X509_EXTENSION, + enc: ASN1_ENCODING, + } + } +} + +stack!(stack_st_X509); + +stack!(stack_st_X509_OBJECT); + +stack!(stack_st_X509_LOOKUP); + +extern "C" { + pub fn X509_verify_cert_error_string(n: c_long) -> *const c_char; + + pub fn X509_sign(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; + + pub fn X509_digest( + x: *const X509, + digest: *const EVP_MD, + buf: *mut c_uchar, + len: *mut c_uint, + ) -> c_int; + + pub fn X509_REQ_sign(x: *mut X509_REQ, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; +} + +const_ptr_api! { + extern "C" { + pub fn i2d_X509_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] X509) -> c_int; + pub fn i2d_X509_REQ_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] X509_REQ) -> c_int; + pub fn i2d_PrivateKey_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] EVP_PKEY) -> c_int; + pub fn i2d_PUBKEY_bio(b: *mut BIO, x: #[const_ptr_if(ossl300)] EVP_PKEY) -> c_int; + + pub fn i2d_PUBKEY(k: #[const_ptr_if(ossl300)] EVP_PKEY, buf: *mut *mut u8) -> c_int; + pub fn i2d_RSA_PUBKEY(k: #[const_ptr_if(ossl300)] RSA, buf: *mut *mut u8) -> c_int; + pub fn i2d_DSA_PUBKEY(a: #[const_ptr_if(ossl300)] DSA, pp: *mut *mut c_uchar) -> c_int; + pub fn i2d_PrivateKey(k: #[const_ptr_if(ossl300)] EVP_PKEY, buf: *mut *mut u8) -> c_int; + pub fn i2d_ECPrivateKey(ec_key: #[const_ptr_if(ossl300)] EC_KEY, pp: *mut *mut c_uchar) -> c_int; + pub fn i2d_EC_PUBKEY(a: #[const_ptr_if(ossl300)] EC_KEY, pp: *mut *mut c_uchar) -> c_int; + } +} +extern "C" { + pub fn d2i_PUBKEY(k: *mut *mut EVP_PKEY, buf: *mut *const u8, len: c_long) -> *mut EVP_PKEY; + pub fn d2i_RSA_PUBKEY(k: *mut *mut RSA, buf: *mut *const u8, len: c_long) -> *mut RSA; + pub fn d2i_DSA_PUBKEY(k: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) -> *mut DSA; + pub fn d2i_EC_PUBKEY( + a: *mut *mut EC_KEY, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut EC_KEY; + + pub fn d2i_ECPrivateKey( + k: *mut *mut EC_KEY, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut EC_KEY; +} + +const_ptr_api! { + extern "C" { + #[cfg(any(ossl102, libressl350))] + pub fn X509_ALGOR_get0( + paobj: *mut #[const_ptr_if(any(ossl110, libressl350))] ASN1_OBJECT, + pptype: *mut c_int, + ppval: *mut #[const_ptr_if(any(ossl110, libressl350))] c_void, + alg: #[const_ptr_if(any(ossl110, libressl350))] X509_ALGOR, + ); + } +} + +extern "C" { + pub fn X509_gmtime_adj(time: *mut ASN1_TIME, adj: c_long) -> *mut ASN1_TIME; + + pub fn X509_to_X509_REQ(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> *mut X509_REQ; + + pub fn X509_ALGOR_free(x: *mut X509_ALGOR); + + pub fn X509_REVOKED_new() -> *mut X509_REVOKED; + pub fn X509_REVOKED_free(x: *mut X509_REVOKED); +} +const_ptr_api! { + extern "C" { + #[cfg(any(ossl110, libressl270))] + pub fn X509_REVOKED_dup(rev: #[const_ptr_if(ossl300)] X509_REVOKED) -> *mut X509_REVOKED; + } +} + +extern "C" { + pub fn d2i_X509_REVOKED( + a: *mut *mut X509_REVOKED, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut X509_REVOKED; +} +const_ptr_api! { + extern "C" { + pub fn i2d_X509_REVOKED(x: #[const_ptr_if(ossl300)] X509_REVOKED, buf: *mut *mut u8) -> c_int; + } +} +extern "C" { + pub fn X509_CRL_new() -> *mut X509_CRL; + pub fn X509_CRL_free(x: *mut X509_CRL); + pub fn d2i_X509_CRL( + a: *mut *mut X509_CRL, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut X509_CRL; +} +const_ptr_api! { + extern "C" { + pub fn i2d_X509_CRL(x: #[const_ptr_if(ossl300)] X509_CRL, buf: *mut *mut u8) -> c_int; + #[cfg(any(ossl110, libressl270))] + pub fn X509_CRL_dup(x: #[const_ptr_if(ossl300)] X509_CRL) -> *mut X509_CRL; + } +} + +extern "C" { + pub fn X509_REQ_new() -> *mut X509_REQ; + pub fn X509_REQ_free(x: *mut X509_REQ); + pub fn d2i_X509_REQ( + a: *mut *mut X509_REQ, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut X509_REQ; +} +const_ptr_api! { + extern "C" { + pub fn i2d_X509_REQ(x: #[const_ptr_if(ossl300)] X509_REQ, buf: *mut *mut u8) -> c_int; + + #[cfg(any(ossl102, libressl273))] + pub fn X509_get0_signature( + psig: *mut #[const_ptr_if(any(ossl110, libressl273))] ASN1_BIT_STRING, + palg: *mut #[const_ptr_if(any(ossl110, libressl273))] X509_ALGOR, + x: *const X509, + ); + + #[cfg(any(ossl110, libressl270))] + pub fn X509_REQ_dup(x: #[const_ptr_if(ossl300)] X509_REQ) -> *mut X509_REQ; + } +} +extern "C" { + #[cfg(ossl102)] + pub fn X509_get_signature_nid(x: *const X509) -> c_int; + + pub fn X509_EXTENSION_free(ext: *mut X509_EXTENSION); + + pub fn X509_NAME_ENTRY_free(x: *mut X509_NAME_ENTRY); + + pub fn X509_NAME_new() -> *mut X509_NAME; + pub fn X509_NAME_free(x: *mut X509_NAME); + + pub fn X509_new() -> *mut X509; + pub fn X509_free(x: *mut X509); +} +const_ptr_api! { + extern "C" { + pub fn i2d_X509(x: #[const_ptr_if(ossl300)] X509, buf: *mut *mut u8) -> c_int; + #[cfg(any(ossl110, libressl270))] + pub fn X509_NAME_dup(x: #[const_ptr_if(ossl300)] X509_NAME) -> *mut X509_NAME; + #[cfg(any(ossl110, libressl270))] + pub fn X509_dup(x: #[const_ptr_if(ossl300)] X509) -> *mut X509; + #[cfg(any(ossl101, libressl350))] + pub fn X509_NAME_add_entry( + name: *mut X509_NAME, + ne: #[const_ptr_if(any(ossl110, libressl))] X509_NAME_ENTRY, + loc: c_int, + set: c_int, + ) -> c_int; + } +} +extern "C" { + pub fn d2i_X509(a: *mut *mut X509, pp: *mut *const c_uchar, length: c_long) -> *mut X509; + pub fn d2i_X509_bio(b: *mut BIO, a: *mut *mut X509) -> *mut X509; + + pub fn X509_get_pubkey(x: *mut X509) -> *mut EVP_PKEY; + + pub fn X509_set_version(x: *mut X509, version: c_long) -> c_int; + #[cfg(ossl110)] + pub fn X509_get_version(x: *const X509) -> c_long; + pub fn X509_set_serialNumber(x: *mut X509, sn: *mut ASN1_INTEGER) -> c_int; + pub fn X509_get_serialNumber(x: *mut X509) -> *mut ASN1_INTEGER; +} +const_ptr_api! { + extern "C" { + pub fn X509_set_issuer_name(x: *mut X509, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int; + } +} +extern "C" { + pub fn X509_issuer_name_hash(x: *mut X509) -> c_ulong; + pub fn X509_subject_name_hash(x: *mut X509) -> c_ulong; +} +const_ptr_api! { + extern "C" { + pub fn X509_get_issuer_name(x: #[const_ptr_if(any(ossl110, libressl280))] X509) -> *mut X509_NAME; + pub fn X509_set_subject_name(x: *mut X509, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int; + pub fn X509_get_subject_name(x: #[const_ptr_if(any(ossl110, libressl280))] X509) -> *mut X509_NAME; + } +} +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + extern "C" { + pub fn X509_set1_notBefore(x: *mut X509, tm: *const ASN1_TIME) -> c_int; + pub fn X509_set1_notAfter(x: *mut X509, tm: *const ASN1_TIME) -> c_int; + } + } else { + extern "C" { + pub fn X509_set_notBefore(x: *mut X509, tm: *const ASN1_TIME) -> c_int; + pub fn X509_set_notAfter(x: *mut X509, tm: *const ASN1_TIME) -> c_int; + } + } +} +extern "C" { + #[cfg(any(ossl110, libressl350))] + pub fn X509_REQ_get_version(req: *const X509_REQ) -> c_long; + pub fn X509_REQ_set_version(req: *mut X509_REQ, version: c_long) -> c_int; + #[cfg(any(ossl110, libressl350))] + pub fn X509_REQ_get_subject_name(req: *const X509_REQ) -> *mut X509_NAME; +} +const_ptr_api! { + extern "C" { + pub fn X509_REQ_set_subject_name(req: *mut X509_REQ, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int; + } +} +extern "C" { + pub fn X509_REQ_set_pubkey(req: *mut X509_REQ, pkey: *mut EVP_PKEY) -> c_int; + pub fn X509_REQ_get_pubkey(req: *mut X509_REQ) -> *mut EVP_PKEY; + pub fn X509_REQ_get_extensions(req: *mut X509_REQ) -> *mut stack_st_X509_EXTENSION; +} +const_ptr_api! { + extern "C" { + pub fn X509_REQ_add_extensions(req: *mut X509_REQ, exts: #[const_ptr_if(ossl300)] stack_st_X509_EXTENSION) + -> c_int; + } +} +extern "C" { + pub fn X509_set_pubkey(x: *mut X509, pkey: *mut EVP_PKEY) -> c_int; + pub fn X509_REQ_verify(req: *mut X509_REQ, pkey: *mut EVP_PKEY) -> c_int; + #[cfg(any(ossl110, libressl273))] + pub fn X509_getm_notBefore(x: *const X509) -> *mut ASN1_TIME; + #[cfg(any(ossl110, libressl273))] + pub fn X509_getm_notAfter(x: *const X509) -> *mut ASN1_TIME; + #[cfg(any(ossl110, libressl273))] + pub fn X509_up_ref(x: *mut X509) -> c_int; + + #[cfg(any(ossl110, libressl270))] + pub fn X509_REVOKED_get0_serialNumber(req: *const X509_REVOKED) -> *const ASN1_INTEGER; + #[cfg(any(ossl110, libressl270))] + pub fn X509_REVOKED_get0_revocationDate(req: *const X509_REVOKED) -> *const ASN1_TIME; + #[cfg(any(ossl110, libressl270))] + pub fn X509_REVOKED_get0_extensions(r: *const X509_REVOKED) -> *const stack_st_X509_EXTENSION; + + pub fn X509_REVOKED_set_serialNumber(r: *mut X509_REVOKED, serial: *mut ASN1_INTEGER) -> c_int; + pub fn X509_REVOKED_set_revocationDate(r: *mut X509_REVOKED, tm: *mut ASN1_TIME) -> c_int; + + pub fn X509_CRL_sign(x: *mut X509_CRL, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; + pub fn X509_CRL_digest( + x: *const X509_CRL, + digest: *const EVP_MD, + md: *mut c_uchar, + len: *mut c_uint, + ) -> c_int; + pub fn X509_CRL_verify(crl: *mut X509_CRL, pkey: *mut EVP_PKEY) -> c_int; + pub fn X509_CRL_get0_by_cert( + x: *mut X509_CRL, + ret: *mut *mut X509_REVOKED, + cert: *mut X509, + ) -> c_int; +} +const_ptr_api! { + extern "C" { + pub fn X509_CRL_get0_by_serial( + x: *mut X509_CRL, + ret: *mut *mut X509_REVOKED, + serial: #[const_ptr_if(ossl300)] ASN1_INTEGER, + ) -> c_int; + } +} + +extern "C" { + #[cfg(any(ossl110, libressl281))] + pub fn X509_CRL_get_REVOKED(crl: *mut X509_CRL) -> *mut stack_st_X509_REVOKED; + #[cfg(any(ossl110, libressl281))] + pub fn X509_CRL_get0_nextUpdate(x: *const X509_CRL) -> *const ASN1_TIME; + #[cfg(any(ossl110, libressl281))] + pub fn X509_CRL_get0_lastUpdate(x: *const X509_CRL) -> *const ASN1_TIME; + #[cfg(any(ossl110, libressl281))] + pub fn X509_CRL_get_issuer(x: *const X509_CRL) -> *mut X509_NAME; + + #[cfg(ossl110)] + pub fn X509_get0_extensions(req: *const X509) -> *const stack_st_X509_EXTENSION; + + pub fn X509_CRL_set_version(crl: *mut X509_CRL, version: c_long) -> c_int; +} +const_ptr_api! { + extern "C" { + pub fn X509_CRL_set_issuer_name(crl: *mut X509_CRL, name: #[const_ptr_if(ossl300)] X509_NAME) -> c_int; + } +} +extern "C" { + pub fn X509_CRL_sort(crl: *mut X509_CRL) -> c_int; + + #[cfg(any(ossl110, libressl270))] + pub fn X509_CRL_up_ref(crl: *mut X509_CRL) -> c_int; + pub fn X509_CRL_add0_revoked(crl: *mut X509_CRL, rev: *mut X509_REVOKED) -> c_int; +} +cfg_if! { + if #[cfg(any(ossl110, libressl270))] { + extern "C" { + pub fn X509_CRL_set1_lastUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; + pub fn X509_CRL_set1_nextUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; + } + } else { + // libressl270 kept them, ossl110 "#define"s them to the variants above + extern "C" { + pub fn X509_CRL_set_lastUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; + pub fn X509_CRL_set_nextUpdate(crl: *mut X509_CRL, tm: *const ASN1_TIME) -> c_int; + } + } +} + +const_ptr_api! { + extern "C" { + pub fn X509_NAME_entry_count(n: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME) -> c_int; + pub fn X509_NAME_get_index_by_NID(n: #[const_ptr_if(any(ossl300, libressl280))] X509_NAME, nid: c_int, last_pos: c_int) -> c_int; + pub fn X509_NAME_get_entry(n: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME, loc: c_int) -> *mut X509_NAME_ENTRY; + pub fn X509_NAME_add_entry_by_NID( + x: *mut X509_NAME, + field: c_int, + ty: c_int, + bytes: #[const_ptr_if(any(ossl110, libressl280))] c_uchar, + len: c_int, + loc: c_int, + set: c_int, + ) -> c_int; + pub fn i2d_X509_NAME(n: #[const_ptr_if(ossl300)] X509_NAME, buf: *mut *mut u8) -> c_int; + pub fn X509_NAME_ENTRY_get_object(ne: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME_ENTRY) -> *mut ASN1_OBJECT; + pub fn X509_NAME_ENTRY_get_data(ne: #[const_ptr_if(any(ossl110, libressl280))] X509_NAME_ENTRY) -> *mut ASN1_STRING; + } +} +extern "C" { + pub fn X509_NAME_add_entry_by_txt( + x: *mut X509_NAME, + field: *const c_char, + ty: c_int, + bytes: *const c_uchar, + len: c_int, + loc: c_int, + set: c_int, + ) -> c_int; + pub fn d2i_X509_NAME( + n: *mut *mut X509_NAME, + pp: *mut *const c_uchar, + length: c_long, + ) -> *mut X509_NAME; +} + +// "raw" X509_EXTENSION related functions +extern "C" { + // in X509 + pub fn X509_delete_ext(x: *mut X509, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_add_ext(x: *mut X509, ext: *mut X509_EXTENSION, loc: c_int) -> c_int; + pub fn X509_add1_ext_i2d( + x: *mut X509, + nid: c_int, + value: *mut c_void, + crit: c_int, + flags: c_ulong, + ) -> c_int; + // in X509_CRL + pub fn X509_CRL_delete_ext(x: *mut X509_CRL, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_CRL_add_ext(x: *mut X509_CRL, ext: *mut X509_EXTENSION, loc: c_int) -> c_int; + pub fn X509_CRL_add1_ext_i2d( + x: *mut X509_CRL, + nid: c_int, + value: *mut c_void, + crit: c_int, + flags: c_ulong, + ) -> c_int; + // in X509_REVOKED + pub fn X509_REVOKED_delete_ext(x: *mut X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_REVOKED_add_ext( + x: *mut X509_REVOKED, + ext: *mut X509_EXTENSION, + loc: c_int, + ) -> c_int; + pub fn X509_REVOKED_add1_ext_i2d( + x: *mut X509_REVOKED, + nid: c_int, + value: *mut c_void, + crit: c_int, + flags: c_ulong, + ) -> c_int; + // X509_EXTENSION stack + // - these getters always used *const STACK + pub fn X509v3_get_ext_count(x: *const stack_st_X509_EXTENSION) -> c_int; + pub fn X509v3_get_ext_by_NID( + x: *const stack_st_X509_EXTENSION, + nid: c_int, + lastpos: c_int, + ) -> c_int; + pub fn X509v3_get_ext_by_critical( + x: *const stack_st_X509_EXTENSION, + crit: c_int, + lastpos: c_int, + ) -> c_int; + pub fn X509v3_get_ext(x: *const stack_st_X509_EXTENSION, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509v3_delete_ext(x: *mut stack_st_X509_EXTENSION, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509v3_add_ext( + x: *mut *mut stack_st_X509_EXTENSION, + ex: *mut X509_EXTENSION, + loc: c_int, + ) -> *mut stack_st_X509_EXTENSION; + // - X509V3_add1_i2d in x509v3.rs + // X509_EXTENSION itself + pub fn X509_EXTENSION_create_by_NID( + ex: *mut *mut X509_EXTENSION, + nid: c_int, + crit: c_int, + data: *mut ASN1_OCTET_STRING, + ) -> *mut X509_EXTENSION; + pub fn X509_EXTENSION_set_critical(ex: *mut X509_EXTENSION, crit: c_int) -> c_int; + pub fn X509_EXTENSION_set_data(ex: *mut X509_EXTENSION, data: *mut ASN1_OCTET_STRING) -> c_int; + pub fn X509_EXTENSION_get_object(ext: *mut X509_EXTENSION) -> *mut ASN1_OBJECT; + pub fn X509_EXTENSION_get_data(ext: *mut X509_EXTENSION) -> *mut ASN1_OCTET_STRING; +} +const_ptr_api! { + extern "C" { + // in X509 + pub fn X509_get_ext_count(x: #[const_ptr_if(any(ossl110, libressl280))] X509) -> c_int; + pub fn X509_get_ext_by_NID(x: #[const_ptr_if(any(ossl110, libressl280))] X509, nid: c_int, lastpos: c_int) -> c_int; + pub fn X509_get_ext_by_OBJ(x: #[const_ptr_if(any(ossl110, libressl280))] X509, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int; + pub fn X509_get_ext_by_critical(x: #[const_ptr_if(any(ossl110, libressl280))] X509, crit: c_int, lastpos: c_int) -> c_int; + pub fn X509_get_ext(x: #[const_ptr_if(any(ossl110, libressl280))] X509, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_get_ext_d2i( + x: #[const_ptr_if(any(ossl110, libressl280))] X509, + nid: c_int, + crit: *mut c_int, + idx: *mut c_int, + ) -> *mut c_void; + // in X509_CRL + pub fn X509_CRL_get_ext_count(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL) -> c_int; + pub fn X509_CRL_get_ext_by_NID(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, nid: c_int, lastpos: c_int) -> c_int; + pub fn X509_CRL_get_ext_by_OBJ(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int; + pub fn X509_CRL_get_ext_by_critical(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, crit: c_int, lastpos: c_int) -> c_int; + pub fn X509_CRL_get_ext(x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_CRL_get_ext_d2i( + x: #[const_ptr_if(any(ossl110, libressl280))] X509_CRL, + nid: c_int, + crit: *mut c_int, + idx: *mut c_int, + ) -> *mut c_void; + // in X509_REVOKED + pub fn X509_REVOKED_get_ext_count(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED) -> c_int; + pub fn X509_REVOKED_get_ext_by_NID(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, nid: c_int, lastpos: c_int) -> c_int; + pub fn X509_REVOKED_get_ext_by_OBJ(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int; + pub fn X509_REVOKED_get_ext_by_critical(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, crit: c_int, lastpos: c_int) -> c_int; + pub fn X509_REVOKED_get_ext(x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION; + pub fn X509_REVOKED_get_ext_d2i( + x: #[const_ptr_if(any(ossl110, libressl280))] X509_REVOKED, + nid: c_int, + crit: *mut c_int, + idx: *mut c_int, + ) -> *mut c_void; + // X509_EXTENSION stack + pub fn X509v3_get_ext_by_OBJ(x: *const stack_st_X509_EXTENSION, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, lastpos: c_int) -> c_int; + // X509_EXTENSION itself + pub fn X509_EXTENSION_create_by_OBJ(ex: *mut *mut X509_EXTENSION, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT, crit: c_int, data: *mut ASN1_OCTET_STRING) -> *mut X509_EXTENSION; + pub fn X509_EXTENSION_set_object(ex: *mut X509_EXTENSION, obj: #[const_ptr_if(any(ossl110, libressl280))] ASN1_OBJECT) -> c_int; + pub fn X509_EXTENSION_get_critical(ex: #[const_ptr_if(any(ossl110, libressl280))] X509_EXTENSION) -> c_int; + } +} + +extern "C" { + pub fn X509_verify_cert(ctx: *mut X509_STORE_CTX) -> c_int; +} + +const_ptr_api! { + extern "C" { + #[cfg(any(ossl110, libressl270))] + pub fn X509_STORE_get0_objects(ctx: #[const_ptr_if(ossl300)] X509_STORE) -> *mut stack_st_X509_OBJECT; + } +} +#[cfg(any(ossl110, libressl270))] +extern "C" { + pub fn X509_OBJECT_get0_X509(x: *const X509_OBJECT) -> *mut X509; +} + +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + extern "C" { + pub fn X509_OBJECT_free(a: *mut X509_OBJECT); + } + } else { + extern "C" { + pub fn X509_OBJECT_free_contents(a: *mut X509_OBJECT); + } + } +} + +extern "C" { + pub fn X509_get_default_cert_file_env() -> *const c_char; + pub fn X509_get_default_cert_file() -> *const c_char; + pub fn X509_get_default_cert_dir_env() -> *const c_char; + pub fn X509_get_default_cert_dir() -> *const c_char; +} + +extern "C" { + pub fn X509_cmp(a: *const X509, b: *const X509) -> c_int; + pub fn X509_NAME_cmp(a: *const X509_NAME, b: *const X509_NAME) -> c_int; + pub fn X509_issuer_and_serial_cmp(a: *const X509, b: *const X509) -> c_int; + pub fn X509_issuer_name_cmp(a: *const X509, b: *const X509) -> c_int; + pub fn X509_subject_name_cmp(a: *const X509, b: *const X509) -> c_int; + pub fn X509_CRL_cmp(a: *const X509_CRL, b: *const X509_CRL) -> c_int; + pub fn X509_CRL_match(a: *const X509_CRL, b: *const X509_CRL) -> c_int; +} + +extern "C" { + pub fn X509_print(bio: *mut BIO, x509: *mut X509) -> c_int; + pub fn X509_REQ_print(bio: *mut BIO, req: *mut X509_REQ) -> c_int; +} + +#[repr(C)] +pub struct X509_PURPOSE { + pub purpose: c_int, + pub trust: c_int, // Default trust ID + pub flags: c_int, + pub check_purpose: + Option c_int>, + pub name: *mut c_char, + pub sname: *mut c_char, + pub usr_data: *mut c_void, +} + +const_ptr_api! { + extern "C" { + pub fn X509_PURPOSE_get_by_sname(sname: #[const_ptr_if(any(ossl110, libressl280))] c_char) -> c_int; + pub fn X509_PURPOSE_get0(idx: c_int) -> *mut X509_PURPOSE; + } +} diff --git a/openssl-sys/src/handwritten/x509_vfy.rs b/openssl-sys/src/handwritten/x509_vfy.rs new file mode 100644 index 000000000..9adf63fa0 --- /dev/null +++ b/openssl-sys/src/handwritten/x509_vfy.rs @@ -0,0 +1,132 @@ +use super::super::*; +use libc::*; + +#[cfg(any(libressl, all(ossl102, not(ossl110))))] +pub enum X509_VERIFY_PARAM_ID {} + +extern "C" { + #[cfg(ossl110)] + pub fn X509_LOOKUP_meth_free(method: *mut X509_LOOKUP_METHOD); +} + +extern "C" { + pub fn X509_LOOKUP_free(ctx: *mut X509_LOOKUP); + pub fn X509_LOOKUP_hash_dir() -> *mut X509_LOOKUP_METHOD; + pub fn X509_LOOKUP_file() -> *mut X509_LOOKUP_METHOD; + pub fn X509_LOOKUP_ctrl( + ctx: *mut X509_LOOKUP, + cmd: c_int, + argc: *const c_char, + argl: c_long, + ret: *mut *mut c_char, + ) -> c_int; + pub fn X509_load_cert_file(ctx: *mut X509_LOOKUP, file: *const c_char, _type: c_int) -> c_int; + pub fn X509_load_crl_file(ctx: *mut X509_LOOKUP, file: *const c_char, _type: c_int) -> c_int; +} + +extern "C" { + pub fn X509_STORE_new() -> *mut X509_STORE; + pub fn X509_STORE_free(store: *mut X509_STORE); + + pub fn X509_STORE_CTX_new() -> *mut X509_STORE_CTX; + + pub fn X509_STORE_CTX_free(ctx: *mut X509_STORE_CTX); + pub fn X509_STORE_CTX_init( + ctx: *mut X509_STORE_CTX, + store: *mut X509_STORE, + x509: *mut X509, + chain: *mut stack_st_X509, + ) -> c_int; + pub fn X509_STORE_CTX_cleanup(ctx: *mut X509_STORE_CTX); + + pub fn X509_STORE_add_cert(store: *mut X509_STORE, x: *mut X509) -> c_int; + + pub fn X509_STORE_add_lookup( + store: *mut X509_STORE, + meth: *mut X509_LOOKUP_METHOD, + ) -> *mut X509_LOOKUP; + + pub fn X509_STORE_set_default_paths(store: *mut X509_STORE) -> c_int; + pub fn X509_STORE_set_flags(store: *mut X509_STORE, flags: c_ulong) -> c_int; + pub fn X509_STORE_set_purpose(ctx: *mut X509_STORE, purpose: c_int) -> c_int; + pub fn X509_STORE_set_trust(ctx: *mut X509_STORE, trust: c_int) -> c_int; + +} + +const_ptr_api! { + extern "C" { + pub fn X509_STORE_set1_param(store: *mut X509_STORE, pm: #[const_ptr_if(ossl300)] X509_VERIFY_PARAM) -> c_int; + } +} + +const_ptr_api! { + extern "C" { + pub fn X509_STORE_CTX_get_ex_data(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX, idx: c_int) -> *mut c_void; + pub fn X509_STORE_CTX_get_error(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX) -> c_int; + pub fn X509_STORE_CTX_get_error_depth(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX) -> c_int; + pub fn X509_STORE_CTX_get_current_cert(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX) -> *mut X509; + } +} +extern "C" { + pub fn X509_STORE_CTX_set_error(ctx: *mut X509_STORE_CTX, error: c_int); +} +cfg_if! { + if #[cfg(any(ossl110, libressl350))] { + const_ptr_api! { + extern "C" { + pub fn X509_STORE_CTX_get0_chain(ctx: #[const_ptr_if(ossl300)] X509_STORE_CTX) -> *mut stack_st_X509; + } + } + } else { + extern "C" { + pub fn X509_STORE_CTX_get_chain(ctx: *mut X509_STORE_CTX) -> *mut stack_st_X509; + } + } +} + +extern "C" { + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_new() -> *mut X509_VERIFY_PARAM; + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_free(param: *mut X509_VERIFY_PARAM); + + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set_flags(param: *mut X509_VERIFY_PARAM, flags: c_ulong) -> c_int; + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_clear_flags(param: *mut X509_VERIFY_PARAM, flags: c_ulong) -> c_int; + + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set_time(param: *mut X509_VERIFY_PARAM, t: time_t); + + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set_depth(param: *mut X509_VERIFY_PARAM, depth: c_int); +} +const_ptr_api! { + extern "C" { + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_get_flags(param: #[const_ptr_if(ossl300)] X509_VERIFY_PARAM) -> c_ulong; + } +} + +extern "C" { + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set1_host( + param: *mut X509_VERIFY_PARAM, + name: *const c_char, + namelen: size_t, + ) -> c_int; + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set_hostflags(param: *mut X509_VERIFY_PARAM, flags: c_uint); + #[cfg(any(ossl102, libressl261))] + pub fn X509_VERIFY_PARAM_set1_ip( + param: *mut X509_VERIFY_PARAM, + ip: *const c_uchar, + iplen: size_t, + ) -> c_int; + #[cfg(ossl110)] + pub fn X509_VERIFY_PARAM_set_auth_level(param: *mut X509_VERIFY_PARAM, lvl: c_int); + #[cfg(ossl110)] + pub fn X509_VERIFY_PARAM_get_auth_level(param: *const X509_VERIFY_PARAM) -> c_int; + #[cfg(ossl102)] + pub fn X509_VERIFY_PARAM_set_purpose(param: *mut X509_VERIFY_PARAM, purpose: c_int) -> c_int; +} diff --git a/openssl-sys/src/handwritten/x509v3.rs b/openssl-sys/src/handwritten/x509v3.rs new file mode 100644 index 000000000..d0923e32b --- /dev/null +++ b/openssl-sys/src/handwritten/x509v3.rs @@ -0,0 +1,104 @@ +use super::super::*; +use libc::*; + +pub enum CONF_METHOD {} + +extern "C" { + pub fn GENERAL_NAME_free(name: *mut GENERAL_NAME); +} + +#[repr(C)] +pub struct ACCESS_DESCRIPTION { + pub method: *mut ASN1_OBJECT, + pub location: *mut GENERAL_NAME, +} + +stack!(stack_st_ACCESS_DESCRIPTION); + +extern "C" { + pub fn ACCESS_DESCRIPTION_free(ad: *mut ACCESS_DESCRIPTION); +} + +#[repr(C)] +pub struct AUTHORITY_KEYID { + pub keyid: *mut ASN1_OCTET_STRING, + pub issuer: *mut stack_st_GENERAL_NAME, + pub serial: *mut ASN1_INTEGER, +} + +extern "C" { + pub fn AUTHORITY_KEYID_free(akid: *mut AUTHORITY_KEYID); +} + +const_ptr_api! { + extern "C" { + pub fn X509V3_EXT_nconf_nid( + conf: *mut CONF, + ctx: *mut X509V3_CTX, + ext_nid: c_int, + value: #[const_ptr_if(any(ossl110, libressl280))] c_char, + ) -> *mut X509_EXTENSION; + pub fn X509V3_EXT_nconf( + conf: *mut CONF, + ctx: *mut X509V3_CTX, + name: #[const_ptr_if(any(ossl110, libressl280))] c_char, + value: #[const_ptr_if(any(ossl110, libressl280))] c_char, + ) -> *mut X509_EXTENSION; + } +} + +extern "C" { + pub fn X509_check_issued(issuer: *mut X509, subject: *mut X509) -> c_int; + pub fn X509_verify(req: *mut X509, pkey: *mut EVP_PKEY) -> c_int; + + pub fn X509V3_set_nconf(ctx: *mut X509V3_CTX, conf: *mut CONF); + + pub fn X509V3_set_ctx( + ctx: *mut X509V3_CTX, + issuer: *mut X509, + subject: *mut X509, + req: *mut X509_REQ, + crl: *mut X509_CRL, + flags: c_int, + ); + + pub fn X509_get1_ocsp(x: *mut X509) -> *mut stack_st_OPENSSL_STRING; +} + +const_ptr_api! { + extern "C" { + pub fn X509V3_get_d2i( + x: #[const_ptr_if(any(ossl110, libressl280))] stack_st_X509_EXTENSION, + nid: c_int, + crit: *mut c_int, + idx: *mut c_int, + ) -> *mut c_void; + pub fn X509V3_extensions_print(out: *mut BIO, title: #[const_ptr_if(any(ossl110, libressl280))] c_char, exts: #[const_ptr_if(any(ossl110, libressl280))] stack_st_X509_EXTENSION, flag: c_ulong, indent: c_int) -> c_int; + } +} + +extern "C" { + pub fn X509V3_EXT_add_alias(nid_to: c_int, nid_from: c_int) -> c_int; + pub fn X509V3_EXT_d2i(ext: *mut X509_EXTENSION) -> *mut c_void; + pub fn X509V3_EXT_i2d(ext_nid: c_int, crit: c_int, ext: *mut c_void) -> *mut X509_EXTENSION; + pub fn X509V3_add1_i2d( + x: *mut *mut stack_st_X509_EXTENSION, + nid: c_int, + value: *mut c_void, + crit: c_int, + flags: c_ulong, + ) -> c_int; + pub fn X509V3_EXT_print( + out: *mut BIO, + ext: *mut X509_EXTENSION, + flag: c_ulong, + indent: c_int, + ) -> c_int; + + #[cfg(ossl110)] + pub fn X509_get_extension_flags(x: *mut X509) -> u32; + #[cfg(ossl110)] + pub fn X509_get_key_usage(x: *mut X509) -> u32; + #[cfg(ossl110)] + pub fn X509_get_extended_key_usage(x: *mut X509) -> u32; +} diff --git a/openssl-sys/src/lib.rs b/openssl-sys/src/lib.rs new file mode 100644 index 000000000..b1d51a858 --- /dev/null +++ b/openssl-sys/src/lib.rs @@ -0,0 +1,198 @@ +#![allow( + clippy::missing_safety_doc, + clippy::unreadable_literal, + clippy::uninlined_format_args, + clippy::upper_case_acronyms, + dead_code, + non_camel_case_types, + non_snake_case, + non_upper_case_globals, + overflowing_literals, + unused_imports +)] +#![doc(html_root_url = "https://docs.rs/openssl-sys/0.9")] +#![recursion_limit = "128"] // configure fixed limit across all rust versions + +extern crate libc; +pub use libc::*; + +#[cfg(boringssl)] +extern crate bssl_sys; +#[cfg(boringssl)] +pub use bssl_sys::*; + +#[cfg(openssl)] +#[path = "."] +mod openssl { + use libc::*; + + #[cfg(feature = "bindgen")] + include!(concat!(env!("OUT_DIR"), "/bindgen.rs")); + + pub use self::aes::*; + pub use self::asn1::*; + pub use self::bio::*; + pub use self::bn::*; + pub use self::cms::*; + pub use self::crypto::*; + pub use self::dtls1::*; + pub use self::ec::*; + pub use self::err::*; + pub use self::evp::*; + #[cfg(not(feature = "bindgen"))] + pub use self::handwritten::*; + pub use self::obj_mac::*; + pub use self::ocsp::*; + pub use self::pem::*; + pub use self::pkcs7::*; + pub use self::rsa::*; + pub use self::sha::*; + pub use self::srtp::*; + pub use self::ssl::*; + pub use self::ssl3::*; + pub use self::tls1::*; + pub use self::types::*; + pub use self::x509::*; + pub use self::x509_vfy::*; + pub use self::x509v3::*; + + #[macro_use] + mod macros; + + mod aes; + mod asn1; + mod bio; + mod bn; + mod cms; + mod crypto; + mod dtls1; + mod ec; + mod err; + mod evp; + #[cfg(not(feature = "bindgen"))] + mod handwritten; + mod obj_mac; + mod ocsp; + mod pem; + mod pkcs7; + mod rsa; + mod sha; + mod srtp; + mod ssl; + mod ssl3; + mod tls1; + mod types; + mod x509; + mod x509_vfy; + mod x509v3; + + use std::sync::Once; + // explicitly initialize to work around https://github.com/openssl/openssl/issues/3505 + static INIT: Once = Once::new(); + + // FIXME remove + pub type PasswordCallback = unsafe extern "C" fn( + buf: *mut c_char, + size: c_int, + rwflag: c_int, + user_data: *mut c_void, + ) -> c_int; + + #[cfg(ossl110)] + pub fn init() { + use std::ptr; + + #[cfg(not(ossl111b))] + let init_options = OPENSSL_INIT_LOAD_SSL_STRINGS; + #[cfg(ossl111b)] + let init_options = OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_NO_ATEXIT; + + INIT.call_once(|| unsafe { + OPENSSL_init_ssl(init_options, ptr::null_mut()); + }) + } + + #[cfg(not(ossl110))] + pub fn init() { + use std::io::{self, Write}; + use std::mem; + use std::process; + use std::sync::{Mutex, MutexGuard}; + + static mut MUTEXES: *mut Vec> = 0 as *mut Vec>; + static mut GUARDS: *mut Vec>> = + 0 as *mut Vec>>; + + unsafe extern "C" fn locking_function( + mode: c_int, + n: c_int, + _file: *const c_char, + _line: c_int, + ) { + let mutex = &(*MUTEXES)[n as usize]; + + if mode & CRYPTO_LOCK != 0 { + (*GUARDS)[n as usize] = Some(mutex.lock().unwrap()); + } else { + if let None = (*GUARDS)[n as usize].take() { + let _ = writeln!( + io::stderr(), + "BUG: rust-openssl lock {} already unlocked, aborting", + n + ); + process::abort(); + } + } + } + + cfg_if! { + if #[cfg(unix)] { + fn set_id_callback() { + unsafe extern "C" fn thread_id() -> c_ulong { + ::libc::pthread_self() as c_ulong + } + + unsafe { + CRYPTO_set_id_callback__fixed_rust(Some(thread_id)); + } + } + } else { + fn set_id_callback() {} + } + } + + INIT.call_once(|| unsafe { + SSL_library_init(); + SSL_load_error_strings(); + OPENSSL_add_all_algorithms_noconf(); + + let num_locks = CRYPTO_num_locks(); + let mut mutexes = Box::new(Vec::new()); + for _ in 0..num_locks { + mutexes.push(Mutex::new(())); + } + MUTEXES = mem::transmute(mutexes); + let guards: Box>>> = + Box::new((0..num_locks).map(|_| None).collect()); + GUARDS = mem::transmute(guards); + + CRYPTO_set_locking_callback__fixed_rust(Some(locking_function)); + set_id_callback(); + }) + } + + /// Disable explicit initialization of the openssl libs. + /// + /// This is only appropriate to use if the openssl crate is being consumed by an application + /// that will be performing the initialization explicitly. + /// + /// # Safety + /// + /// In some versions of openssl, skipping initialization will fall back to the default procedure + /// while other will cause difficult to debug errors so care must be taken when calling this. + pub unsafe fn assume_init() { + INIT.call_once(|| {}); + } +} +#[cfg(openssl)] +pub use openssl::*; diff --git a/openssl-sys/src/macros.rs b/openssl-sys/src/macros.rs new file mode 100644 index 000000000..e1b08c467 --- /dev/null +++ b/openssl-sys/src/macros.rs @@ -0,0 +1,298 @@ +#![allow(unused_macros)] + +// vendored from the cfg-if crate to avoid breaking ctest +macro_rules! cfg_if { + // match if/else chains with a final `else` + ($( + if #[cfg($($meta:meta),*)] { $($it:item)* } + ) else * else { + $($it2:item)* + }) => { + cfg_if! { + @__items + () ; + $( ( ($($meta),*) ($($it)*) ), )* + ( () ($($it2)*) ), + } + }; + + // match if/else chains lacking a final `else` + ( + if #[cfg($($i_met:meta),*)] { $($i_it:item)* } + $( + else if #[cfg($($e_met:meta),*)] { $($e_it:item)* } + )* + ) => { + cfg_if! { + @__items + () ; + ( ($($i_met),*) ($($i_it)*) ), + $( ( ($($e_met),*) ($($e_it)*) ), )* + ( () () ), + } + }; + + // Internal and recursive macro to emit all the items + // + // Collects all the negated cfgs in a list at the beginning and after the + // semicolon is all the remaining items + (@__items ($($not:meta,)*) ; ) => {}; + (@__items ($($not:meta,)*) ; ( ($($m:meta),*) ($($it:item)*) ), $($rest:tt)*) => { + // Emit all items within one block, applying an appropriate #[cfg]. The + // #[cfg] will require all `$m` matchers specified and must also negate + // all previous matchers. + cfg_if! { @__apply cfg(all($($m,)* not(any($($not),*)))), $($it)* } + + // Recurse to emit all other items in `$rest`, and when we do so add all + // our `$m` matchers to the list of `$not` matchers as future emissions + // will have to negate everything we just matched as well. + cfg_if! { @__items ($($not,)* $($m,)*) ; $($rest)* } + }; + + // Internal macro to Apply a cfg attribute to a list of items + (@__apply $m:meta, $($it:item)*) => { + $(#[$m] $it)* + }; +} + +macro_rules! stack { + ($t:ident) => { + cfg_if! { + if #[cfg(ossl110)] { + pub enum $t {} + } else { + #[repr(C)] + pub struct $t { + pub stack: $crate::_STACK, + } + } + } + }; +} + +#[cfg(const_fn)] +macro_rules! const_fn { + ($(pub const fn $name:ident($($arg:ident: $t:ty),*) -> $ret:ty $b:block)*) => { + $( + pub const fn $name($($arg: $t),*) -> $ret $b + )* + } +} + +#[cfg(not(const_fn))] +macro_rules! const_fn { + ($(pub const fn $name:ident($($arg:ident: $t:ty),*) -> $ret:ty $b:block)*) => { + $( + pub fn $name($($arg: $t),*) -> $ret $b + )* + } +} + +// openssl changes `*mut` to `*const` in certain parameters in certain versions; +// in C this is ABI and (mostly) API compatible. +// +// We need to handle this explicitly, and this macro helps annotate which +// parameter got converted in which version. +// +// Input is: +// extern "C" { +// #[attributes...] +// pub fn name(args) -> rettype; // `-> rettype` optional +// // more functions... +// } +// +// This macro replaces `#[const_ptr_if(...)]` in types with `*const` or `*mut` +// (depending on the inner cfg flags) +// +// Walks through all argument and return types, but only finds inner types of +// `*const` and `*mut`; doesn't walk arrays or generics. +// +// NOTE: can't abstract `pub` as `$fn_vis:vis`, as ctest macro handling doesn't +// support it (old syntax crate). But we really only need `pub` anyway. +// +// NOTE: ctest seams to simply ignore macros it can't expand (whatever the +// reason) +macro_rules! const_ptr_api { + // ---------------------------------------------------------------- + // (partialarg): partial argument, waiting for "final" argument type + // MAGIC PART 1: hande conditional const ptr in argument type + ( (partialarg) + { $(#[$fn_attr:meta])* pub fn $fn_name:ident } + $args_packed:tt + [ $($part_arg:tt)* ] + [ #[const_ptr_if( $($cfg:tt)* )] $($arg_rem:tt)* ] + $ret_packed:tt + ) => { + const_ptr_api!( (partialarg) { #[cfg($($cfg)*)] $(#[$fn_attr])* pub fn $fn_name } $args_packed [ $($part_arg)* *const ] [ $($arg_rem)* ] $ret_packed ); + const_ptr_api!( (partialarg) { #[cfg(not($($cfg)*))] $(#[$fn_attr])* pub fn $fn_name } $args_packed [ $($part_arg)* *mut ] [ $($arg_rem)* ] $ret_packed ); + }; + // continue partial argument with `*mut` pointer (might need special const handling in inner type) + ( (partialarg) + $def_packed:tt + $args_packed:tt + [ $($part_arg:tt)* ] + [ *mut $($arg_rem:tt)* ] + $ret_packed:tt + ) => { + const_ptr_api!( (partialarg) $def_packed $args_packed [ $($part_arg)* *mut ] [ $($arg_rem)* ] $ret_packed ); + }; + // continue partial argument with `*const` pointer (might need special const handling in inner type) + ( (partialarg) + $def_packed:tt + $args_packed:tt + [ $($part_arg:tt)* ] + [ *const $($arg_rem:tt)* ] + $ret_packed:tt + ) => { + const_ptr_api!( (partialarg) $def_packed $args_packed [ $($part_arg)* *const ] [ $($arg_rem)* ] $ret_packed ); + }; + // finish partial argument with trailing comma + ( (partialarg) + $def_packed:tt + { $($args_tt:tt)* } + [ $($part_arg:tt)* ] + [ $arg_ty:ty, $($arg_rem:tt)* ] + $ret_packed:tt + ) => { + const_ptr_api!( (parseargs) $def_packed { $($args_tt)* { $($part_arg)* $arg_ty } } [ $($arg_rem)* ] $ret_packed ); + }; + // finish final partial argument (no trailing comma) + ( (partialarg) + $def_packed:tt + { $($args_tt:tt)* } + [ $($part_arg:tt)* ] + [ $arg_ty:ty ] + $ret_packed:tt + ) => { + const_ptr_api!( (parseargs) $def_packed { $($args_tt)* { $($part_arg)* $arg_ty } } [ ] $ret_packed ); + }; + + // ---------------------------------------------------------------- + // (parseargs): parsing arguments + // start next argument + ( (parseargs) + $def_packed:tt + $args_packed:tt + [ $arg_name:ident : $($arg_rem:tt)* ] + $ret_packed:tt + ) => { + const_ptr_api!( (partialarg) $def_packed $args_packed [ $arg_name: ] [ $($arg_rem)* ] $ret_packed ); + }; + // end of arguments, there is a return type; start parsing it + ( (parseargs) + $def_packed:tt + $args_packed:tt + [ ] + [ -> $($rem:tt)* ] + ) => { + const_ptr_api!( (partialret) $def_packed $args_packed [] [ $($rem)* ] ); + }; + // end of arguments, no return type + ( (parseargs) + $def_packed:tt + $args_packed:tt + [ ] + [ ] + ) => { + const_ptr_api!( (generate) $def_packed $args_packed { () } ); + }; + + // ---------------------------------------------------------------- + // (partialret): have partial return type, waiting for final return type + // MAGIC PART 2: hande conditional const ptr in return type + ( (partialret) + { $(#[$fn_attr:meta])* pub fn $fn_name:ident } + $args_packed:tt + [ $($part_ret:tt)* ] + [ #[const_ptr_if( $($cfg:tt)* )] $($rem:tt)* ] + ) => { + const_ptr_api!( (partialret) { #[cfg($($cfg)*)] $(#[$fn_attr])* pub fn $fn_name } $args_packed [ $($part_ret)* *const ] [ $($rem)* ] ); + const_ptr_api!( (partialret) { #[cfg(not($($cfg)*))] $(#[$fn_attr])* pub fn $fn_name } $args_packed [ $($part_ret)* *mut ] [ $($rem)* ] ); + }; + // `* mut` part in return type; continue parsing to find inner conditional const ptr + ( (partialret) + $def_packed:tt + $args_packed:tt + [ $($part_ret:tt)* ] + [ *mut $($rem:tt)* ] + ) => { + const_ptr_api!( (partialret) $def_packed $args_packed [ $($part_ret)* *mut ] [ $($rem)* ] ); + }; + // `* const` part in return type; continue parsing to find inner conditional const ptr + ( (partialret) + $def_packed:tt + $args_packed:tt + [ $($part_ret:tt)* ] + [ *const $($rem:tt)* ] + ) => { + const_ptr_api!( (partialret) $def_packed $args_packed [ $($part_ret)* *const ] [ $($rem)* ] ); + }; + // final part of return type + ( (partialret) + $def_packed:tt + $args_packed:tt + [ $($part_ret:tt)* ] + [ $ret_ty:ty ] + ) => { + const_ptr_api!( (generate) $def_packed $args_packed { $($part_ret)* $ret_ty } ); + }; + + // ---------------------------------------------------------------- + // generate + ( (generate) + { $(#[$fn_attr:meta])* pub fn $fn_name:ident } + { $({ $arg_name:ident: $($arg_ty:tt)* })* } + { $ret_ty:ty } + ) => { + extern "C" { + $(#[$fn_attr])* + pub fn $fn_name( $( + $arg_name: $($arg_ty)* + ),* ) -> $ret_ty; + } + }; + + // ---------------------------------------------------------------- + // (fn): gather tokens for return type until ";" + // found end; start parsing current function, and parse remaining functions + ( (fn) + $def_packed:tt + $arg_tts_packed:tt + $ret_packed:tt + [ ; $($rem:tt)* ] + ) => { + const_ptr_api!( (parseargs) $def_packed {} $arg_tts_packed $ret_packed ); + const_ptr_api!( (extern) [ $($rem)* ] ); + }; + // not ";" - all other tokens are part of the return type. + // don't expand return type yet; otherwise we'd have to remember in which branch `rem` needs + // to be used to parse further functions. + ( (fn) + $def_packed:tt + $arg_tts_packed:tt + [ $($ret_tt:tt)* ] + [ $tt:tt $($rem:tt)* ] + ) => { + const_ptr_api!( (fn) $def_packed $arg_tts_packed [ $($ret_tt)* $tt ] [ $($rem)* ] ); + }; + + // ---------------------------------------------------------------- + // (extern): in extern block, find next function + // try to split into functions as fast as possible to reduce recursion depth + ( (extern) [ + $(#[$fn_attr:meta])* + pub fn $fn_name:ident( $($arg_rem:tt)* ) $($rem:tt)* + ] ) => { + const_ptr_api!( (fn) + { $(#[$fn_attr])* pub fn $fn_name } [ $($arg_rem)* ] [] [ $($rem)* ] + ); + }; + // end of extern block + ( (extern) [] ) => {}; + + // ---------------------------------------------------------------- + // macro start; find extern block + ( extern "C" { $($rem:tt)* } ) => { + const_ptr_api!( (extern) [ $($rem)* ] ); + }; +} diff --git a/openssl-sys/src/obj_mac.rs b/openssl-sys/src/obj_mac.rs new file mode 100644 index 000000000..ed50ebcc5 --- /dev/null +++ b/openssl-sys/src/obj_mac.rs @@ -0,0 +1,978 @@ +use libc::*; + +pub const NID_undef: c_int = 0; +pub const NID_itu_t: c_int = 645; +pub const NID_ccitt: c_int = 404; +pub const NID_iso: c_int = 181; +pub const NID_joint_iso_itu_t: c_int = 646; +pub const NID_joint_iso_ccitt: c_int = 393; +pub const NID_member_body: c_int = 182; +pub const NID_identified_organization: c_int = 676; +pub const NID_hmac_md5: c_int = 780; +pub const NID_hmac_sha1: c_int = 781; +pub const NID_certicom_arc: c_int = 677; +pub const NID_international_organizations: c_int = 647; +pub const NID_wap: c_int = 678; +pub const NID_wap_wsg: c_int = 679; +pub const NID_selected_attribute_types: c_int = 394; +pub const NID_clearance: c_int = 395; +pub const NID_ISO_US: c_int = 183; +pub const NID_X9_57: c_int = 184; +pub const NID_X9cm: c_int = 185; +pub const NID_dsa: c_int = 116; +pub const NID_dsaWithSHA1: c_int = 113; +pub const NID_ansi_X9_62: c_int = 405; +pub const NID_X9_62_prime_field: c_int = 406; +pub const NID_X9_62_characteristic_two_field: c_int = 407; +pub const NID_X9_62_id_characteristic_two_basis: c_int = 680; +pub const NID_X9_62_onBasis: c_int = 681; +pub const NID_X9_62_tpBasis: c_int = 682; +pub const NID_X9_62_ppBasis: c_int = 683; +pub const NID_X9_62_id_ecPublicKey: c_int = 408; +pub const NID_X9_62_c2pnb163v1: c_int = 684; +pub const NID_X9_62_c2pnb163v2: c_int = 685; +pub const NID_X9_62_c2pnb163v3: c_int = 686; +pub const NID_X9_62_c2pnb176v1: c_int = 687; +pub const NID_X9_62_c2tnb191v1: c_int = 688; +pub const NID_X9_62_c2tnb191v2: c_int = 689; +pub const NID_X9_62_c2tnb191v3: c_int = 690; +pub const NID_X9_62_c2onb191v4: c_int = 691; +pub const NID_X9_62_c2onb191v5: c_int = 692; +pub const NID_X9_62_c2pnb208w1: c_int = 693; +pub const NID_X9_62_c2tnb239v1: c_int = 694; +pub const NID_X9_62_c2tnb239v2: c_int = 695; +pub const NID_X9_62_c2tnb239v3: c_int = 696; +pub const NID_X9_62_c2onb239v4: c_int = 697; +pub const NID_X9_62_c2onb239v5: c_int = 698; +pub const NID_X9_62_c2pnb272w1: c_int = 699; +pub const NID_X9_62_c2pnb304w1: c_int = 700; +pub const NID_X9_62_c2tnb359v1: c_int = 701; +pub const NID_X9_62_c2pnb368w1: c_int = 702; +pub const NID_X9_62_c2tnb431r1: c_int = 703; +pub const NID_X9_62_prime192v1: c_int = 409; +pub const NID_X9_62_prime192v2: c_int = 410; +pub const NID_X9_62_prime192v3: c_int = 411; +pub const NID_X9_62_prime239v1: c_int = 412; +pub const NID_X9_62_prime239v2: c_int = 413; +pub const NID_X9_62_prime239v3: c_int = 414; +pub const NID_X9_62_prime256v1: c_int = 415; +pub const NID_ecdsa_with_SHA1: c_int = 416; +pub const NID_ecdsa_with_Recommended: c_int = 791; +pub const NID_ecdsa_with_Specified: c_int = 792; +pub const NID_ecdsa_with_SHA224: c_int = 793; +pub const NID_ecdsa_with_SHA256: c_int = 794; +pub const NID_ecdsa_with_SHA384: c_int = 795; +pub const NID_ecdsa_with_SHA512: c_int = 796; +pub const NID_secp112r1: c_int = 704; +pub const NID_secp112r2: c_int = 705; +pub const NID_secp128r1: c_int = 706; +pub const NID_secp128r2: c_int = 707; +pub const NID_secp160k1: c_int = 708; +pub const NID_secp160r1: c_int = 709; +pub const NID_secp160r2: c_int = 710; +pub const NID_secp192k1: c_int = 711; +pub const NID_secp224k1: c_int = 712; +pub const NID_secp224r1: c_int = 713; +pub const NID_secp256k1: c_int = 714; +pub const NID_secp384r1: c_int = 715; +pub const NID_secp521r1: c_int = 716; +pub const NID_sect113r1: c_int = 717; +pub const NID_sect113r2: c_int = 718; +pub const NID_sect131r1: c_int = 719; +pub const NID_sect131r2: c_int = 720; +pub const NID_sect163k1: c_int = 721; +pub const NID_sect163r1: c_int = 722; +pub const NID_sect163r2: c_int = 723; +pub const NID_sect193r1: c_int = 724; +pub const NID_sect193r2: c_int = 725; +pub const NID_sect233k1: c_int = 726; +pub const NID_sect233r1: c_int = 727; +pub const NID_sect239k1: c_int = 728; +pub const NID_sect283k1: c_int = 729; +pub const NID_sect283r1: c_int = 730; +pub const NID_sect409k1: c_int = 731; +pub const NID_sect409r1: c_int = 732; +pub const NID_sect571k1: c_int = 733; +pub const NID_sect571r1: c_int = 734; +#[cfg(ossl110)] +pub const NID_brainpoolP256r1: c_int = 927; +#[cfg(ossl110)] +pub const NID_brainpoolP384r1: c_int = 931; +#[cfg(ossl110)] +pub const NID_brainpoolP512r1: c_int = 933; +pub const NID_wap_wsg_idm_ecid_wtls1: c_int = 735; +pub const NID_wap_wsg_idm_ecid_wtls3: c_int = 736; +pub const NID_wap_wsg_idm_ecid_wtls4: c_int = 737; +pub const NID_wap_wsg_idm_ecid_wtls5: c_int = 738; +pub const NID_wap_wsg_idm_ecid_wtls6: c_int = 739; +pub const NID_wap_wsg_idm_ecid_wtls7: c_int = 740; +pub const NID_wap_wsg_idm_ecid_wtls8: c_int = 741; +pub const NID_wap_wsg_idm_ecid_wtls9: c_int = 742; +pub const NID_wap_wsg_idm_ecid_wtls10: c_int = 743; +pub const NID_wap_wsg_idm_ecid_wtls11: c_int = 744; +pub const NID_wap_wsg_idm_ecid_wtls12: c_int = 745; +pub const NID_cast5_cbc: c_int = 108; +pub const NID_cast5_ecb: c_int = 109; +pub const NID_cast5_cfb64: c_int = 110; +pub const NID_cast5_ofb64: c_int = 111; +pub const NID_pbeWithMD5AndCast5_CBC: c_int = 112; +pub const NID_id_PasswordBasedMAC: c_int = 782; +pub const NID_id_DHBasedMac: c_int = 783; +pub const NID_rsadsi: c_int = 1; +pub const NID_pkcs: c_int = 2; +pub const NID_pkcs1: c_int = 186; +pub const NID_rsaEncryption: c_int = 6; +pub const NID_md2WithRSAEncryption: c_int = 7; +pub const NID_md4WithRSAEncryption: c_int = 396; +pub const NID_md5WithRSAEncryption: c_int = 8; +pub const NID_sha1WithRSAEncryption: c_int = 65; +pub const NID_rsaesOaep: c_int = 919; +pub const NID_mgf1: c_int = 911; +pub const NID_rsassaPss: c_int = 912; +pub const NID_sha256WithRSAEncryption: c_int = 668; +pub const NID_sha384WithRSAEncryption: c_int = 669; +pub const NID_sha512WithRSAEncryption: c_int = 670; +pub const NID_sha224WithRSAEncryption: c_int = 671; +pub const NID_pkcs3: c_int = 27; +pub const NID_dhKeyAgreement: c_int = 28; +pub const NID_pkcs5: c_int = 187; +pub const NID_pbeWithMD2AndDES_CBC: c_int = 9; +pub const NID_pbeWithMD5AndDES_CBC: c_int = 10; +pub const NID_pbeWithMD2AndRC2_CBC: c_int = 168; +pub const NID_pbeWithMD5AndRC2_CBC: c_int = 169; +pub const NID_pbeWithSHA1AndDES_CBC: c_int = 170; +pub const NID_pbeWithSHA1AndRC2_CBC: c_int = 68; +pub const NID_id_pbkdf2: c_int = 69; +pub const NID_pbes2: c_int = 161; +pub const NID_pbmac1: c_int = 162; +pub const NID_pkcs7: c_int = 20; +pub const NID_pkcs7_data: c_int = 21; +pub const NID_pkcs7_signed: c_int = 22; +pub const NID_pkcs7_enveloped: c_int = 23; +pub const NID_pkcs7_signedAndEnveloped: c_int = 24; +pub const NID_pkcs7_digest: c_int = 25; +pub const NID_pkcs7_encrypted: c_int = 26; +pub const NID_pkcs9: c_int = 47; +pub const NID_pkcs9_emailAddress: c_int = 48; +pub const NID_pkcs9_unstructuredName: c_int = 49; +pub const NID_pkcs9_contentType: c_int = 50; +pub const NID_pkcs9_messageDigest: c_int = 51; +pub const NID_pkcs9_signingTime: c_int = 52; +pub const NID_pkcs9_countersignature: c_int = 53; +pub const NID_pkcs9_challengePassword: c_int = 54; +pub const NID_pkcs9_unstructuredAddress: c_int = 55; +pub const NID_pkcs9_extCertAttributes: c_int = 56; +pub const NID_ext_req: c_int = 172; +pub const NID_SMIMECapabilities: c_int = 167; +pub const NID_SMIME: c_int = 188; +pub const NID_id_smime_mod: c_int = 189; +pub const NID_id_smime_ct: c_int = 190; +pub const NID_id_smime_aa: c_int = 191; +pub const NID_id_smime_alg: c_int = 192; +pub const NID_id_smime_cd: c_int = 193; +pub const NID_id_smime_spq: c_int = 194; +pub const NID_id_smime_cti: c_int = 195; +pub const NID_id_smime_mod_cms: c_int = 196; +pub const NID_id_smime_mod_ess: c_int = 197; +pub const NID_id_smime_mod_oid: c_int = 198; +pub const NID_id_smime_mod_msg_v3: c_int = 199; +pub const NID_id_smime_mod_ets_eSignature_88: c_int = 200; +pub const NID_id_smime_mod_ets_eSignature_97: c_int = 201; +pub const NID_id_smime_mod_ets_eSigPolicy_88: c_int = 202; +pub const NID_id_smime_mod_ets_eSigPolicy_97: c_int = 203; +pub const NID_id_smime_ct_receipt: c_int = 204; +pub const NID_id_smime_ct_authData: c_int = 205; +pub const NID_id_smime_ct_publishCert: c_int = 206; +pub const NID_id_smime_ct_TSTInfo: c_int = 207; +pub const NID_id_smime_ct_TDTInfo: c_int = 208; +pub const NID_id_smime_ct_contentInfo: c_int = 209; +pub const NID_id_smime_ct_DVCSRequestData: c_int = 210; +pub const NID_id_smime_ct_DVCSResponseData: c_int = 211; +pub const NID_id_smime_ct_compressedData: c_int = 786; +pub const NID_id_ct_asciiTextWithCRLF: c_int = 787; +pub const NID_id_smime_aa_receiptRequest: c_int = 212; +pub const NID_id_smime_aa_securityLabel: c_int = 213; +pub const NID_id_smime_aa_mlExpandHistory: c_int = 214; +pub const NID_id_smime_aa_contentHint: c_int = 215; +pub const NID_id_smime_aa_msgSigDigest: c_int = 216; +pub const NID_id_smime_aa_encapContentType: c_int = 217; +pub const NID_id_smime_aa_contentIdentifier: c_int = 218; +pub const NID_id_smime_aa_macValue: c_int = 219; +pub const NID_id_smime_aa_equivalentLabels: c_int = 220; +pub const NID_id_smime_aa_contentReference: c_int = 221; +pub const NID_id_smime_aa_encrypKeyPref: c_int = 222; +pub const NID_id_smime_aa_signingCertificate: c_int = 223; +pub const NID_id_smime_aa_smimeEncryptCerts: c_int = 224; +pub const NID_id_smime_aa_timeStampToken: c_int = 225; +pub const NID_id_smime_aa_ets_sigPolicyId: c_int = 226; +pub const NID_id_smime_aa_ets_commitmentType: c_int = 227; +pub const NID_id_smime_aa_ets_signerLocation: c_int = 228; +pub const NID_id_smime_aa_ets_signerAttr: c_int = 229; +pub const NID_id_smime_aa_ets_otherSigCert: c_int = 230; +pub const NID_id_smime_aa_ets_contentTimestamp: c_int = 231; +pub const NID_id_smime_aa_ets_CertificateRefs: c_int = 232; +pub const NID_id_smime_aa_ets_RevocationRefs: c_int = 233; +pub const NID_id_smime_aa_ets_certValues: c_int = 234; +pub const NID_id_smime_aa_ets_revocationValues: c_int = 235; +pub const NID_id_smime_aa_ets_escTimeStamp: c_int = 236; +pub const NID_id_smime_aa_ets_certCRLTimestamp: c_int = 237; +pub const NID_id_smime_aa_ets_archiveTimeStamp: c_int = 238; +pub const NID_id_smime_aa_signatureType: c_int = 239; +pub const NID_id_smime_aa_dvcs_dvc: c_int = 240; +pub const NID_id_smime_alg_ESDHwith3DES: c_int = 241; +pub const NID_id_smime_alg_ESDHwithRC2: c_int = 242; +pub const NID_id_smime_alg_3DESwrap: c_int = 243; +pub const NID_id_smime_alg_RC2wrap: c_int = 244; +pub const NID_id_smime_alg_ESDH: c_int = 245; +pub const NID_id_smime_alg_CMS3DESwrap: c_int = 246; +pub const NID_id_smime_alg_CMSRC2wrap: c_int = 247; +pub const NID_id_alg_PWRI_KEK: c_int = 893; +pub const NID_id_smime_cd_ldap: c_int = 248; +pub const NID_id_smime_spq_ets_sqt_uri: c_int = 249; +pub const NID_id_smime_spq_ets_sqt_unotice: c_int = 250; +pub const NID_id_smime_cti_ets_proofOfOrigin: c_int = 251; +pub const NID_id_smime_cti_ets_proofOfReceipt: c_int = 252; +pub const NID_id_smime_cti_ets_proofOfDelivery: c_int = 253; +pub const NID_id_smime_cti_ets_proofOfSender: c_int = 254; +pub const NID_id_smime_cti_ets_proofOfApproval: c_int = 255; +pub const NID_id_smime_cti_ets_proofOfCreation: c_int = 256; +pub const NID_friendlyName: c_int = 156; +pub const NID_localKeyID: c_int = 157; +pub const NID_ms_csp_name: c_int = 417; +pub const NID_LocalKeySet: c_int = 856; +pub const NID_x509Certificate: c_int = 158; +pub const NID_sdsiCertificate: c_int = 159; +pub const NID_x509Crl: c_int = 160; +pub const NID_pbe_WithSHA1And128BitRC4: c_int = 144; +pub const NID_pbe_WithSHA1And40BitRC4: c_int = 145; +pub const NID_pbe_WithSHA1And3_Key_TripleDES_CBC: c_int = 146; +pub const NID_pbe_WithSHA1And2_Key_TripleDES_CBC: c_int = 147; +pub const NID_pbe_WithSHA1And128BitRC2_CBC: c_int = 148; +pub const NID_pbe_WithSHA1And40BitRC2_CBC: c_int = 149; +pub const NID_keyBag: c_int = 150; +pub const NID_pkcs8ShroudedKeyBag: c_int = 151; +pub const NID_certBag: c_int = 152; +pub const NID_crlBag: c_int = 153; +pub const NID_secretBag: c_int = 154; +pub const NID_safeContentsBag: c_int = 155; +pub const NID_md2: c_int = 3; +pub const NID_md4: c_int = 257; +pub const NID_md5: c_int = 4; +pub const NID_md5_sha1: c_int = 114; +pub const NID_hmacWithMD5: c_int = 797; +pub const NID_hmacWithSHA1: c_int = 163; +pub const NID_hmacWithSHA224: c_int = 798; +pub const NID_hmacWithSHA256: c_int = 799; +pub const NID_hmacWithSHA384: c_int = 800; +pub const NID_hmacWithSHA512: c_int = 801; +pub const NID_rc2_cbc: c_int = 37; +pub const NID_rc2_ecb: c_int = 38; +pub const NID_rc2_cfb64: c_int = 39; +pub const NID_rc2_ofb64: c_int = 40; +pub const NID_rc2_40_cbc: c_int = 98; +pub const NID_rc2_64_cbc: c_int = 166; +pub const NID_rc4: c_int = 5; +pub const NID_rc4_40: c_int = 97; +pub const NID_des_ede3_cbc: c_int = 44; +pub const NID_rc5_cbc: c_int = 120; +pub const NID_rc5_ecb: c_int = 121; +pub const NID_rc5_cfb64: c_int = 122; +pub const NID_rc5_ofb64: c_int = 123; +pub const NID_ms_ext_req: c_int = 171; +pub const NID_ms_code_ind: c_int = 134; +pub const NID_ms_code_com: c_int = 135; +pub const NID_ms_ctl_sign: c_int = 136; +pub const NID_ms_sgc: c_int = 137; +pub const NID_ms_efs: c_int = 138; +pub const NID_ms_smartcard_login: c_int = 648; +pub const NID_ms_upn: c_int = 649; +pub const NID_idea_cbc: c_int = 34; +pub const NID_idea_ecb: c_int = 36; +pub const NID_idea_cfb64: c_int = 35; +pub const NID_idea_ofb64: c_int = 46; +pub const NID_bf_cbc: c_int = 91; +pub const NID_bf_ecb: c_int = 92; +pub const NID_bf_cfb64: c_int = 93; +pub const NID_bf_ofb64: c_int = 94; +pub const NID_id_pkix: c_int = 127; +pub const NID_id_pkix_mod: c_int = 258; +pub const NID_id_pe: c_int = 175; +pub const NID_id_qt: c_int = 259; +pub const NID_id_kp: c_int = 128; +pub const NID_id_it: c_int = 260; +pub const NID_id_pkip: c_int = 261; +pub const NID_id_alg: c_int = 262; +pub const NID_id_cmc: c_int = 263; +pub const NID_id_on: c_int = 264; +pub const NID_id_pda: c_int = 265; +pub const NID_id_aca: c_int = 266; +pub const NID_id_qcs: c_int = 267; +pub const NID_id_cct: c_int = 268; +pub const NID_id_ppl: c_int = 662; +pub const NID_id_ad: c_int = 176; +pub const NID_id_pkix1_explicit_88: c_int = 269; +pub const NID_id_pkix1_implicit_88: c_int = 270; +pub const NID_id_pkix1_explicit_93: c_int = 271; +pub const NID_id_pkix1_implicit_93: c_int = 272; +pub const NID_id_mod_crmf: c_int = 273; +pub const NID_id_mod_cmc: c_int = 274; +pub const NID_id_mod_kea_profile_88: c_int = 275; +pub const NID_id_mod_kea_profile_93: c_int = 276; +pub const NID_id_mod_cmp: c_int = 277; +pub const NID_id_mod_qualified_cert_88: c_int = 278; +pub const NID_id_mod_qualified_cert_93: c_int = 279; +pub const NID_id_mod_attribute_cert: c_int = 280; +pub const NID_id_mod_timestamp_protocol: c_int = 281; +pub const NID_id_mod_ocsp: c_int = 282; +pub const NID_id_mod_dvcs: c_int = 283; +pub const NID_id_mod_cmp2000: c_int = 284; +pub const NID_info_access: c_int = 177; +pub const NID_biometricInfo: c_int = 285; +pub const NID_qcStatements: c_int = 286; +pub const NID_ac_auditEntity: c_int = 287; +pub const NID_ac_targeting: c_int = 288; +pub const NID_aaControls: c_int = 289; +pub const NID_sbgp_ipAddrBlock: c_int = 290; +pub const NID_sbgp_autonomousSysNum: c_int = 291; +pub const NID_sbgp_routerIdentifier: c_int = 292; +pub const NID_ac_proxying: c_int = 397; +pub const NID_sinfo_access: c_int = 398; +pub const NID_proxyCertInfo: c_int = 663; +pub const NID_id_qt_cps: c_int = 164; +pub const NID_id_qt_unotice: c_int = 165; +pub const NID_textNotice: c_int = 293; +pub const NID_server_auth: c_int = 129; +pub const NID_client_auth: c_int = 130; +pub const NID_code_sign: c_int = 131; +pub const NID_email_protect: c_int = 132; +pub const NID_ipsecEndSystem: c_int = 294; +pub const NID_ipsecTunnel: c_int = 295; +pub const NID_ipsecUser: c_int = 296; +pub const NID_time_stamp: c_int = 133; +pub const NID_OCSP_sign: c_int = 180; +pub const NID_dvcs: c_int = 297; +pub const NID_id_it_caProtEncCert: c_int = 298; +pub const NID_id_it_signKeyPairTypes: c_int = 299; +pub const NID_id_it_encKeyPairTypes: c_int = 300; +pub const NID_id_it_preferredSymmAlg: c_int = 301; +pub const NID_id_it_caKeyUpdateInfo: c_int = 302; +pub const NID_id_it_currentCRL: c_int = 303; +pub const NID_id_it_unsupportedOIDs: c_int = 304; +pub const NID_id_it_subscriptionRequest: c_int = 305; +pub const NID_id_it_subscriptionResponse: c_int = 306; +pub const NID_id_it_keyPairParamReq: c_int = 307; +pub const NID_id_it_keyPairParamRep: c_int = 308; +pub const NID_id_it_revPassphrase: c_int = 309; +pub const NID_id_it_implicitConfirm: c_int = 310; +pub const NID_id_it_confirmWaitTime: c_int = 311; +pub const NID_id_it_origPKIMessage: c_int = 312; +pub const NID_id_it_suppLangTags: c_int = 784; +pub const NID_id_regCtrl: c_int = 313; +pub const NID_id_regInfo: c_int = 314; +pub const NID_id_regCtrl_regToken: c_int = 315; +pub const NID_id_regCtrl_authenticator: c_int = 316; +pub const NID_id_regCtrl_pkiPublicationInfo: c_int = 317; +pub const NID_id_regCtrl_pkiArchiveOptions: c_int = 318; +pub const NID_id_regCtrl_oldCertID: c_int = 319; +pub const NID_id_regCtrl_protocolEncrKey: c_int = 320; +pub const NID_id_regInfo_utf8Pairs: c_int = 321; +pub const NID_id_regInfo_certReq: c_int = 322; +pub const NID_id_alg_des40: c_int = 323; +pub const NID_id_alg_noSignature: c_int = 324; +pub const NID_id_alg_dh_sig_hmac_sha1: c_int = 325; +pub const NID_id_alg_dh_pop: c_int = 326; +pub const NID_id_cmc_statusInfo: c_int = 327; +pub const NID_id_cmc_identification: c_int = 328; +pub const NID_id_cmc_identityProof: c_int = 329; +pub const NID_id_cmc_dataReturn: c_int = 330; +pub const NID_id_cmc_transactionId: c_int = 331; +pub const NID_id_cmc_senderNonce: c_int = 332; +pub const NID_id_cmc_recipientNonce: c_int = 333; +pub const NID_id_cmc_addExtensions: c_int = 334; +pub const NID_id_cmc_encryptedPOP: c_int = 335; +pub const NID_id_cmc_decryptedPOP: c_int = 336; +pub const NID_id_cmc_lraPOPWitness: c_int = 337; +pub const NID_id_cmc_getCert: c_int = 338; +pub const NID_id_cmc_getCRL: c_int = 339; +pub const NID_id_cmc_revokeRequest: c_int = 340; +pub const NID_id_cmc_regInfo: c_int = 341; +pub const NID_id_cmc_responseInfo: c_int = 342; +pub const NID_id_cmc_queryPending: c_int = 343; +pub const NID_id_cmc_popLinkRandom: c_int = 344; +pub const NID_id_cmc_popLinkWitness: c_int = 345; +pub const NID_id_cmc_confirmCertAcceptance: c_int = 346; +pub const NID_id_on_personalData: c_int = 347; +pub const NID_id_on_permanentIdentifier: c_int = 858; +pub const NID_id_pda_dateOfBirth: c_int = 348; +pub const NID_id_pda_placeOfBirth: c_int = 349; +pub const NID_id_pda_gender: c_int = 351; +pub const NID_id_pda_countryOfCitizenship: c_int = 352; +pub const NID_id_pda_countryOfResidence: c_int = 353; +pub const NID_id_aca_authenticationInfo: c_int = 354; +pub const NID_id_aca_accessIdentity: c_int = 355; +pub const NID_id_aca_chargingIdentity: c_int = 356; +pub const NID_id_aca_group: c_int = 357; +pub const NID_id_aca_role: c_int = 358; +pub const NID_id_aca_encAttrs: c_int = 399; +pub const NID_id_qcs_pkixQCSyntax_v1: c_int = 359; +pub const NID_id_cct_crs: c_int = 360; +pub const NID_id_cct_PKIData: c_int = 361; +pub const NID_id_cct_PKIResponse: c_int = 362; +pub const NID_id_ppl_anyLanguage: c_int = 664; +pub const NID_id_ppl_inheritAll: c_int = 665; +pub const NID_Independent: c_int = 667; +pub const NID_ad_OCSP: c_int = 178; +pub const NID_ad_ca_issuers: c_int = 179; +pub const NID_ad_timeStamping: c_int = 363; +pub const NID_ad_dvcs: c_int = 364; +pub const NID_caRepository: c_int = 785; +pub const NID_id_pkix_OCSP_basic: c_int = 365; +pub const NID_id_pkix_OCSP_Nonce: c_int = 366; +pub const NID_id_pkix_OCSP_CrlID: c_int = 367; +pub const NID_id_pkix_OCSP_acceptableResponses: c_int = 368; +pub const NID_id_pkix_OCSP_noCheck: c_int = 369; +pub const NID_id_pkix_OCSP_archiveCutoff: c_int = 370; +pub const NID_id_pkix_OCSP_serviceLocator: c_int = 371; +pub const NID_id_pkix_OCSP_extendedStatus: c_int = 372; +pub const NID_id_pkix_OCSP_valid: c_int = 373; +pub const NID_id_pkix_OCSP_path: c_int = 374; +pub const NID_id_pkix_OCSP_trustRoot: c_int = 375; +pub const NID_algorithm: c_int = 376; +pub const NID_md5WithRSA: c_int = 104; +pub const NID_des_ecb: c_int = 29; +pub const NID_des_cbc: c_int = 31; +pub const NID_des_ofb64: c_int = 45; +pub const NID_des_cfb64: c_int = 30; +pub const NID_rsaSignature: c_int = 377; +pub const NID_dsa_2: c_int = 67; +pub const NID_dsaWithSHA: c_int = 66; +pub const NID_shaWithRSAEncryption: c_int = 42; +pub const NID_des_ede_ecb: c_int = 32; +pub const NID_des_ede3_ecb: c_int = 33; +pub const NID_des_ede_cbc: c_int = 43; +pub const NID_des_ede_cfb64: c_int = 60; +pub const NID_des_ede3_cfb64: c_int = 61; +pub const NID_des_ede_ofb64: c_int = 62; +pub const NID_des_ede3_ofb64: c_int = 63; +pub const NID_desx_cbc: c_int = 80; +pub const NID_sha: c_int = 41; +pub const NID_sha1: c_int = 64; +pub const NID_dsaWithSHA1_2: c_int = 70; +pub const NID_sha1WithRSA: c_int = 115; +pub const NID_ripemd160: c_int = 117; +pub const NID_ripemd160WithRSA: c_int = 119; +pub const NID_sxnet: c_int = 143; +pub const NID_X500: c_int = 11; +pub const NID_X509: c_int = 12; +pub const NID_commonName: c_int = 13; +pub const NID_surname: c_int = 100; +pub const NID_serialNumber: c_int = 105; +pub const NID_countryName: c_int = 14; +pub const NID_localityName: c_int = 15; +pub const NID_stateOrProvinceName: c_int = 16; +pub const NID_streetAddress: c_int = 660; +pub const NID_organizationName: c_int = 17; +pub const NID_organizationalUnitName: c_int = 18; +pub const NID_title: c_int = 106; +pub const NID_description: c_int = 107; +pub const NID_searchGuide: c_int = 859; +pub const NID_businessCategory: c_int = 860; +pub const NID_postalAddress: c_int = 861; +pub const NID_postalCode: c_int = 661; +pub const NID_postOfficeBox: c_int = 862; +pub const NID_physicalDeliveryOfficeName: c_int = 863; +pub const NID_telephoneNumber: c_int = 864; +pub const NID_telexNumber: c_int = 865; +pub const NID_teletexTerminalIdentifier: c_int = 866; +pub const NID_facsimileTelephoneNumber: c_int = 867; +pub const NID_x121Address: c_int = 868; +pub const NID_internationaliSDNNumber: c_int = 869; +pub const NID_registeredAddress: c_int = 870; +pub const NID_destinationIndicator: c_int = 871; +pub const NID_preferredDeliveryMethod: c_int = 872; +pub const NID_presentationAddress: c_int = 873; +pub const NID_supportedApplicationContext: c_int = 874; +pub const NID_member: c_int = 875; +pub const NID_owner: c_int = 876; +pub const NID_roleOccupant: c_int = 877; +pub const NID_seeAlso: c_int = 878; +pub const NID_userPassword: c_int = 879; +pub const NID_userCertificate: c_int = 880; +pub const NID_cACertificate: c_int = 881; +pub const NID_authorityRevocationList: c_int = 882; +pub const NID_certificateRevocationList: c_int = 883; +pub const NID_crossCertificatePair: c_int = 884; +pub const NID_name: c_int = 173; +pub const NID_givenName: c_int = 99; +pub const NID_initials: c_int = 101; +pub const NID_generationQualifier: c_int = 509; +pub const NID_x500UniqueIdentifier: c_int = 503; +pub const NID_dnQualifier: c_int = 174; +pub const NID_enhancedSearchGuide: c_int = 885; +pub const NID_protocolInformation: c_int = 886; +pub const NID_distinguishedName: c_int = 887; +pub const NID_uniqueMember: c_int = 888; +pub const NID_houseIdentifier: c_int = 889; +pub const NID_supportedAlgorithms: c_int = 890; +pub const NID_deltaRevocationList: c_int = 891; +pub const NID_dmdName: c_int = 892; +pub const NID_pseudonym: c_int = 510; +pub const NID_role: c_int = 400; +pub const NID_X500algorithms: c_int = 378; +pub const NID_rsa: c_int = 19; +pub const NID_mdc2WithRSA: c_int = 96; +pub const NID_mdc2: c_int = 95; +pub const NID_id_ce: c_int = 81; +pub const NID_subject_directory_attributes: c_int = 769; +pub const NID_subject_key_identifier: c_int = 82; +pub const NID_key_usage: c_int = 83; +pub const NID_private_key_usage_period: c_int = 84; +pub const NID_subject_alt_name: c_int = 85; +pub const NID_issuer_alt_name: c_int = 86; +pub const NID_basic_constraints: c_int = 87; +pub const NID_crl_number: c_int = 88; +pub const NID_crl_reason: c_int = 141; +pub const NID_invalidity_date: c_int = 142; +pub const NID_delta_crl: c_int = 140; +pub const NID_issuing_distribution_point: c_int = 770; +pub const NID_certificate_issuer: c_int = 771; +pub const NID_name_constraints: c_int = 666; +pub const NID_crl_distribution_points: c_int = 103; +pub const NID_certificate_policies: c_int = 89; +pub const NID_any_policy: c_int = 746; +pub const NID_policy_mappings: c_int = 747; +pub const NID_authority_key_identifier: c_int = 90; +pub const NID_policy_constraints: c_int = 401; +pub const NID_ext_key_usage: c_int = 126; +pub const NID_freshest_crl: c_int = 857; +pub const NID_inhibit_any_policy: c_int = 748; +pub const NID_target_information: c_int = 402; +pub const NID_no_rev_avail: c_int = 403; +pub const NID_anyExtendedKeyUsage: c_int = 910; +pub const NID_netscape: c_int = 57; +pub const NID_netscape_cert_extension: c_int = 58; +pub const NID_netscape_data_type: c_int = 59; +pub const NID_netscape_cert_type: c_int = 71; +pub const NID_netscape_base_url: c_int = 72; +pub const NID_netscape_revocation_url: c_int = 73; +pub const NID_netscape_ca_revocation_url: c_int = 74; +pub const NID_netscape_renewal_url: c_int = 75; +pub const NID_netscape_ca_policy_url: c_int = 76; +pub const NID_netscape_ssl_server_name: c_int = 77; +pub const NID_netscape_comment: c_int = 78; +pub const NID_netscape_cert_sequence: c_int = 79; +pub const NID_ns_sgc: c_int = 139; +pub const NID_org: c_int = 379; +pub const NID_dod: c_int = 380; +pub const NID_iana: c_int = 381; +pub const NID_Directory: c_int = 382; +pub const NID_Management: c_int = 383; +pub const NID_Experimental: c_int = 384; +pub const NID_Private: c_int = 385; +pub const NID_Security: c_int = 386; +pub const NID_SNMPv2: c_int = 387; +pub const NID_Mail: c_int = 388; +pub const NID_Enterprises: c_int = 389; +pub const NID_dcObject: c_int = 390; +pub const NID_mime_mhs: c_int = 504; +pub const NID_mime_mhs_headings: c_int = 505; +pub const NID_mime_mhs_bodies: c_int = 506; +pub const NID_id_hex_partial_message: c_int = 507; +pub const NID_id_hex_multipart_message: c_int = 508; +pub const NID_zlib_compression: c_int = 125; +pub const NID_aes_128_ecb: c_int = 418; +pub const NID_aes_128_cbc: c_int = 419; +pub const NID_aes_128_ofb128: c_int = 420; +pub const NID_aes_128_cfb128: c_int = 421; +pub const NID_id_aes128_wrap: c_int = 788; +pub const NID_aes_128_gcm: c_int = 895; +pub const NID_aes_128_ccm: c_int = 896; +pub const NID_id_aes128_wrap_pad: c_int = 897; +pub const NID_aes_192_ecb: c_int = 422; +pub const NID_aes_192_cbc: c_int = 423; +pub const NID_aes_192_ofb128: c_int = 424; +pub const NID_aes_192_cfb128: c_int = 425; +pub const NID_id_aes192_wrap: c_int = 789; +pub const NID_aes_192_gcm: c_int = 898; +pub const NID_aes_192_ccm: c_int = 899; +pub const NID_id_aes192_wrap_pad: c_int = 900; +pub const NID_aes_256_ecb: c_int = 426; +pub const NID_aes_256_cbc: c_int = 427; +pub const NID_aes_256_ofb128: c_int = 428; +pub const NID_aes_256_cfb128: c_int = 429; +pub const NID_id_aes256_wrap: c_int = 790; +pub const NID_aes_256_gcm: c_int = 901; +pub const NID_aes_256_ccm: c_int = 902; +pub const NID_id_aes256_wrap_pad: c_int = 903; +pub const NID_aes_128_cfb1: c_int = 650; +pub const NID_aes_192_cfb1: c_int = 651; +pub const NID_aes_256_cfb1: c_int = 652; +pub const NID_aes_128_cfb8: c_int = 653; +pub const NID_aes_192_cfb8: c_int = 654; +pub const NID_aes_256_cfb8: c_int = 655; +pub const NID_aes_128_ctr: c_int = 904; +pub const NID_aes_192_ctr: c_int = 905; +pub const NID_aes_256_ctr: c_int = 906; +pub const NID_aes_128_xts: c_int = 913; +pub const NID_aes_256_xts: c_int = 914; +pub const NID_des_cfb1: c_int = 656; +pub const NID_des_cfb8: c_int = 657; +pub const NID_des_ede3_cfb1: c_int = 658; +pub const NID_des_ede3_cfb8: c_int = 659; +pub const NID_sha256: c_int = 672; +pub const NID_sha384: c_int = 673; +pub const NID_sha512: c_int = 674; +pub const NID_sha224: c_int = 675; +pub const NID_dsa_with_SHA224: c_int = 802; +pub const NID_dsa_with_SHA256: c_int = 803; +pub const NID_hold_instruction_code: c_int = 430; +pub const NID_hold_instruction_none: c_int = 431; +pub const NID_hold_instruction_call_issuer: c_int = 432; +pub const NID_hold_instruction_reject: c_int = 433; +pub const NID_data: c_int = 434; +pub const NID_pss: c_int = 435; +pub const NID_ucl: c_int = 436; +pub const NID_pilot: c_int = 437; +pub const NID_pilotAttributeType: c_int = 438; +pub const NID_pilotAttributeSyntax: c_int = 439; +pub const NID_pilotObjectClass: c_int = 440; +pub const NID_pilotGroups: c_int = 441; +pub const NID_iA5StringSyntax: c_int = 442; +pub const NID_caseIgnoreIA5StringSyntax: c_int = 443; +pub const NID_pilotObject: c_int = 444; +pub const NID_pilotPerson: c_int = 445; +pub const NID_account: c_int = 446; +pub const NID_document: c_int = 447; +pub const NID_room: c_int = 448; +pub const NID_documentSeries: c_int = 449; +pub const NID_Domain: c_int = 392; +pub const NID_rFC822localPart: c_int = 450; +pub const NID_dNSDomain: c_int = 451; +pub const NID_domainRelatedObject: c_int = 452; +pub const NID_friendlyCountry: c_int = 453; +pub const NID_simpleSecurityObject: c_int = 454; +pub const NID_pilotOrganization: c_int = 455; +pub const NID_pilotDSA: c_int = 456; +pub const NID_qualityLabelledData: c_int = 457; +pub const NID_userId: c_int = 458; +pub const NID_textEncodedORAddress: c_int = 459; +pub const NID_rfc822Mailbox: c_int = 460; +pub const NID_info: c_int = 461; +pub const NID_favouriteDrink: c_int = 462; +pub const NID_roomNumber: c_int = 463; +pub const NID_photo: c_int = 464; +pub const NID_userClass: c_int = 465; +pub const NID_host: c_int = 466; +pub const NID_manager: c_int = 467; +pub const NID_documentIdentifier: c_int = 468; +pub const NID_documentTitle: c_int = 469; +pub const NID_documentVersion: c_int = 470; +pub const NID_documentAuthor: c_int = 471; +pub const NID_documentLocation: c_int = 472; +pub const NID_homeTelephoneNumber: c_int = 473; +pub const NID_secretary: c_int = 474; +pub const NID_otherMailbox: c_int = 475; +pub const NID_lastModifiedTime: c_int = 476; +pub const NID_lastModifiedBy: c_int = 477; +pub const NID_domainComponent: c_int = 391; +pub const NID_aRecord: c_int = 478; +pub const NID_pilotAttributeType27: c_int = 479; +pub const NID_mXRecord: c_int = 480; +pub const NID_nSRecord: c_int = 481; +pub const NID_sOARecord: c_int = 482; +pub const NID_cNAMERecord: c_int = 483; +pub const NID_associatedDomain: c_int = 484; +pub const NID_associatedName: c_int = 485; +pub const NID_homePostalAddress: c_int = 486; +pub const NID_personalTitle: c_int = 487; +pub const NID_mobileTelephoneNumber: c_int = 488; +pub const NID_pagerTelephoneNumber: c_int = 489; +pub const NID_friendlyCountryName: c_int = 490; +pub const NID_organizationalStatus: c_int = 491; +pub const NID_janetMailbox: c_int = 492; +pub const NID_mailPreferenceOption: c_int = 493; +pub const NID_buildingName: c_int = 494; +pub const NID_dSAQuality: c_int = 495; +pub const NID_singleLevelQuality: c_int = 496; +pub const NID_subtreeMinimumQuality: c_int = 497; +pub const NID_subtreeMaximumQuality: c_int = 498; +pub const NID_personalSignature: c_int = 499; +pub const NID_dITRedirect: c_int = 500; +pub const NID_audio: c_int = 501; +pub const NID_documentPublisher: c_int = 502; +pub const NID_id_set: c_int = 512; +pub const NID_set_ctype: c_int = 513; +pub const NID_set_msgExt: c_int = 514; +pub const NID_set_attr: c_int = 515; +pub const NID_set_policy: c_int = 516; +pub const NID_set_certExt: c_int = 517; +pub const NID_set_brand: c_int = 518; +pub const NID_setct_PANData: c_int = 519; +pub const NID_setct_PANToken: c_int = 520; +pub const NID_setct_PANOnly: c_int = 521; +pub const NID_setct_OIData: c_int = 522; +pub const NID_setct_PI: c_int = 523; +pub const NID_setct_PIData: c_int = 524; +pub const NID_setct_PIDataUnsigned: c_int = 525; +pub const NID_setct_HODInput: c_int = 526; +pub const NID_setct_AuthResBaggage: c_int = 527; +pub const NID_setct_AuthRevReqBaggage: c_int = 528; +pub const NID_setct_AuthRevResBaggage: c_int = 529; +pub const NID_setct_CapTokenSeq: c_int = 530; +pub const NID_setct_PInitResData: c_int = 531; +pub const NID_setct_PI_TBS: c_int = 532; +pub const NID_setct_PResData: c_int = 533; +pub const NID_setct_AuthReqTBS: c_int = 534; +pub const NID_setct_AuthResTBS: c_int = 535; +pub const NID_setct_AuthResTBSX: c_int = 536; +pub const NID_setct_AuthTokenTBS: c_int = 537; +pub const NID_setct_CapTokenData: c_int = 538; +pub const NID_setct_CapTokenTBS: c_int = 539; +pub const NID_setct_AcqCardCodeMsg: c_int = 540; +pub const NID_setct_AuthRevReqTBS: c_int = 541; +pub const NID_setct_AuthRevResData: c_int = 542; +pub const NID_setct_AuthRevResTBS: c_int = 543; +pub const NID_setct_CapReqTBS: c_int = 544; +pub const NID_setct_CapReqTBSX: c_int = 545; +pub const NID_setct_CapResData: c_int = 546; +pub const NID_setct_CapRevReqTBS: c_int = 547; +pub const NID_setct_CapRevReqTBSX: c_int = 548; +pub const NID_setct_CapRevResData: c_int = 549; +pub const NID_setct_CredReqTBS: c_int = 550; +pub const NID_setct_CredReqTBSX: c_int = 551; +pub const NID_setct_CredResData: c_int = 552; +pub const NID_setct_CredRevReqTBS: c_int = 553; +pub const NID_setct_CredRevReqTBSX: c_int = 554; +pub const NID_setct_CredRevResData: c_int = 555; +pub const NID_setct_PCertReqData: c_int = 556; +pub const NID_setct_PCertResTBS: c_int = 557; +pub const NID_setct_BatchAdminReqData: c_int = 558; +pub const NID_setct_BatchAdminResData: c_int = 559; +pub const NID_setct_CardCInitResTBS: c_int = 560; +pub const NID_setct_MeAqCInitResTBS: c_int = 561; +pub const NID_setct_RegFormResTBS: c_int = 562; +pub const NID_setct_CertReqData: c_int = 563; +pub const NID_setct_CertReqTBS: c_int = 564; +pub const NID_setct_CertResData: c_int = 565; +pub const NID_setct_CertInqReqTBS: c_int = 566; +pub const NID_setct_ErrorTBS: c_int = 567; +pub const NID_setct_PIDualSignedTBE: c_int = 568; +pub const NID_setct_PIUnsignedTBE: c_int = 569; +pub const NID_setct_AuthReqTBE: c_int = 570; +pub const NID_setct_AuthResTBE: c_int = 571; +pub const NID_setct_AuthResTBEX: c_int = 572; +pub const NID_setct_AuthTokenTBE: c_int = 573; +pub const NID_setct_CapTokenTBE: c_int = 574; +pub const NID_setct_CapTokenTBEX: c_int = 575; +pub const NID_setct_AcqCardCodeMsgTBE: c_int = 576; +pub const NID_setct_AuthRevReqTBE: c_int = 577; +pub const NID_setct_AuthRevResTBE: c_int = 578; +pub const NID_setct_AuthRevResTBEB: c_int = 579; +pub const NID_setct_CapReqTBE: c_int = 580; +pub const NID_setct_CapReqTBEX: c_int = 581; +pub const NID_setct_CapResTBE: c_int = 582; +pub const NID_setct_CapRevReqTBE: c_int = 583; +pub const NID_setct_CapRevReqTBEX: c_int = 584; +pub const NID_setct_CapRevResTBE: c_int = 585; +pub const NID_setct_CredReqTBE: c_int = 586; +pub const NID_setct_CredReqTBEX: c_int = 587; +pub const NID_setct_CredResTBE: c_int = 588; +pub const NID_setct_CredRevReqTBE: c_int = 589; +pub const NID_setct_CredRevReqTBEX: c_int = 590; +pub const NID_setct_CredRevResTBE: c_int = 591; +pub const NID_setct_BatchAdminReqTBE: c_int = 592; +pub const NID_setct_BatchAdminResTBE: c_int = 593; +pub const NID_setct_RegFormReqTBE: c_int = 594; +pub const NID_setct_CertReqTBE: c_int = 595; +pub const NID_setct_CertReqTBEX: c_int = 596; +pub const NID_setct_CertResTBE: c_int = 597; +pub const NID_setct_CRLNotificationTBS: c_int = 598; +pub const NID_setct_CRLNotificationResTBS: c_int = 599; +pub const NID_setct_BCIDistributionTBS: c_int = 600; +pub const NID_setext_genCrypt: c_int = 601; +pub const NID_setext_miAuth: c_int = 602; +pub const NID_setext_pinSecure: c_int = 603; +pub const NID_setext_pinAny: c_int = 604; +pub const NID_setext_track2: c_int = 605; +pub const NID_setext_cv: c_int = 606; +pub const NID_set_policy_root: c_int = 607; +pub const NID_setCext_hashedRoot: c_int = 608; +pub const NID_setCext_certType: c_int = 609; +pub const NID_setCext_merchData: c_int = 610; +pub const NID_setCext_cCertRequired: c_int = 611; +pub const NID_setCext_tunneling: c_int = 612; +pub const NID_setCext_setExt: c_int = 613; +pub const NID_setCext_setQualf: c_int = 614; +pub const NID_setCext_PGWYcapabilities: c_int = 615; +pub const NID_setCext_TokenIdentifier: c_int = 616; +pub const NID_setCext_Track2Data: c_int = 617; +pub const NID_setCext_TokenType: c_int = 618; +pub const NID_setCext_IssuerCapabilities: c_int = 619; +pub const NID_setAttr_Cert: c_int = 620; +pub const NID_setAttr_PGWYcap: c_int = 621; +pub const NID_setAttr_TokenType: c_int = 622; +pub const NID_setAttr_IssCap: c_int = 623; +pub const NID_set_rootKeyThumb: c_int = 624; +pub const NID_set_addPolicy: c_int = 625; +pub const NID_setAttr_Token_EMV: c_int = 626; +pub const NID_setAttr_Token_B0Prime: c_int = 627; +pub const NID_setAttr_IssCap_CVM: c_int = 628; +pub const NID_setAttr_IssCap_T2: c_int = 629; +pub const NID_setAttr_IssCap_Sig: c_int = 630; +pub const NID_setAttr_GenCryptgrm: c_int = 631; +pub const NID_setAttr_T2Enc: c_int = 632; +pub const NID_setAttr_T2cleartxt: c_int = 633; +pub const NID_setAttr_TokICCsig: c_int = 634; +pub const NID_setAttr_SecDevSig: c_int = 635; +pub const NID_set_brand_IATA_ATA: c_int = 636; +pub const NID_set_brand_Diners: c_int = 637; +pub const NID_set_brand_AmericanExpress: c_int = 638; +pub const NID_set_brand_JCB: c_int = 639; +pub const NID_set_brand_Visa: c_int = 640; +pub const NID_set_brand_MasterCard: c_int = 641; +pub const NID_set_brand_Novus: c_int = 642; +pub const NID_des_cdmf: c_int = 643; +pub const NID_rsaOAEPEncryptionSET: c_int = 644; +pub const NID_ipsec3: c_int = 749; +pub const NID_ipsec4: c_int = 750; +pub const NID_whirlpool: c_int = 804; +pub const NID_cryptopro: c_int = 805; +pub const NID_cryptocom: c_int = 806; +pub const NID_id_GostR3411_94_with_GostR3410_2001: c_int = 807; +pub const NID_id_GostR3411_94_with_GostR3410_94: c_int = 808; +pub const NID_id_GostR3411_94: c_int = 809; +pub const NID_id_HMACGostR3411_94: c_int = 810; +pub const NID_id_GostR3410_2001: c_int = 811; +pub const NID_id_GostR3410_94: c_int = 812; +pub const NID_id_Gost28147_89: c_int = 813; +pub const NID_gost89_cnt: c_int = 814; +pub const NID_id_Gost28147_89_MAC: c_int = 815; +pub const NID_id_GostR3411_94_prf: c_int = 816; +pub const NID_id_GostR3410_2001DH: c_int = 817; +pub const NID_id_GostR3410_94DH: c_int = 818; +pub const NID_id_Gost28147_89_CryptoPro_KeyMeshing: c_int = 819; +pub const NID_id_Gost28147_89_None_KeyMeshing: c_int = 820; +pub const NID_id_GostR3411_94_TestParamSet: c_int = 821; +pub const NID_id_GostR3411_94_CryptoProParamSet: c_int = 822; +pub const NID_id_Gost28147_89_TestParamSet: c_int = 823; +pub const NID_id_Gost28147_89_CryptoPro_A_ParamSet: c_int = 824; +pub const NID_id_Gost28147_89_CryptoPro_B_ParamSet: c_int = 825; +pub const NID_id_Gost28147_89_CryptoPro_C_ParamSet: c_int = 826; +pub const NID_id_Gost28147_89_CryptoPro_D_ParamSet: c_int = 827; +pub const NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet: c_int = 828; +pub const NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet: c_int = 829; +pub const NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet: c_int = 830; +pub const NID_id_GostR3410_94_TestParamSet: c_int = 831; +pub const NID_id_GostR3410_94_CryptoPro_A_ParamSet: c_int = 832; +pub const NID_id_GostR3410_94_CryptoPro_B_ParamSet: c_int = 833; +pub const NID_id_GostR3410_94_CryptoPro_C_ParamSet: c_int = 834; +pub const NID_id_GostR3410_94_CryptoPro_D_ParamSet: c_int = 835; +pub const NID_id_GostR3410_94_CryptoPro_XchA_ParamSet: c_int = 836; +pub const NID_id_GostR3410_94_CryptoPro_XchB_ParamSet: c_int = 837; +pub const NID_id_GostR3410_94_CryptoPro_XchC_ParamSet: c_int = 838; +pub const NID_id_GostR3410_2001_TestParamSet: c_int = 839; +pub const NID_id_GostR3410_2001_CryptoPro_A_ParamSet: c_int = 840; +pub const NID_id_GostR3410_2001_CryptoPro_B_ParamSet: c_int = 841; +pub const NID_id_GostR3410_2001_CryptoPro_C_ParamSet: c_int = 842; +pub const NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet: c_int = 843; +pub const NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet: c_int = 844; +pub const NID_id_GostR3410_94_a: c_int = 845; +pub const NID_id_GostR3410_94_aBis: c_int = 846; +pub const NID_id_GostR3410_94_b: c_int = 847; +pub const NID_id_GostR3410_94_bBis: c_int = 848; +pub const NID_id_Gost28147_89_cc: c_int = 849; +pub const NID_id_GostR3410_94_cc: c_int = 850; +pub const NID_id_GostR3410_2001_cc: c_int = 851; +pub const NID_id_GostR3411_94_with_GostR3410_94_cc: c_int = 852; +pub const NID_id_GostR3411_94_with_GostR3410_2001_cc: c_int = 853; +pub const NID_id_GostR3410_2001_ParamSet_cc: c_int = 854; +pub const NID_camellia_128_cbc: c_int = 751; +pub const NID_camellia_192_cbc: c_int = 752; +pub const NID_camellia_256_cbc: c_int = 753; +pub const NID_id_camellia128_wrap: c_int = 907; +pub const NID_id_camellia192_wrap: c_int = 908; +pub const NID_id_camellia256_wrap: c_int = 909; +pub const NID_camellia_128_ecb: c_int = 754; +pub const NID_camellia_128_ofb128: c_int = 766; +pub const NID_camellia_128_cfb128: c_int = 757; +pub const NID_camellia_192_ecb: c_int = 755; +pub const NID_camellia_192_ofb128: c_int = 767; +pub const NID_camellia_192_cfb128: c_int = 758; +pub const NID_camellia_256_ecb: c_int = 756; +pub const NID_camellia_256_ofb128: c_int = 768; +pub const NID_camellia_256_cfb128: c_int = 759; +pub const NID_camellia_128_cfb1: c_int = 760; +pub const NID_camellia_192_cfb1: c_int = 761; +pub const NID_camellia_256_cfb1: c_int = 762; +pub const NID_camellia_128_cfb8: c_int = 763; +pub const NID_camellia_192_cfb8: c_int = 764; +pub const NID_camellia_256_cfb8: c_int = 765; +pub const NID_kisa: c_int = 773; +pub const NID_seed_ecb: c_int = 776; +pub const NID_seed_cbc: c_int = 777; +pub const NID_seed_cfb128: c_int = 779; +pub const NID_seed_ofb128: c_int = 778; +pub const NID_hmac: c_int = 855; +pub const NID_cmac: c_int = 894; +pub const NID_rc4_hmac_md5: c_int = 915; +pub const NID_aes_128_cbc_hmac_sha1: c_int = 916; +pub const NID_aes_192_cbc_hmac_sha1: c_int = 917; +pub const NID_aes_256_cbc_hmac_sha1: c_int = 918; +#[cfg(ossl111)] +pub const NID_X25519: c_int = 1034; +#[cfg(ossl111)] +pub const NID_X448: c_int = 1035; +#[cfg(ossl110)] +pub const NID_hkdf: c_int = 1036; +#[cfg(ossl111)] +pub const NID_ED25519: c_int = 1087; +#[cfg(ossl111)] +pub const NID_ED448: c_int = 1088; +#[cfg(ossl111)] +pub const NID_sm3: c_int = 1143; +#[cfg(libressl291)] +pub const NID_sm3: c_int = 968; +#[cfg(ossl111)] +pub const NID_sm3WithRSAEncryption: c_int = 1144; +#[cfg(libressl291)] +pub const NID_sm3WithRSAEncryption: c_int = 969; +#[cfg(ossl111)] +pub const NID_sm4_ecb: c_int = 1133; +#[cfg(libressl291)] +pub const NID_sm4_ecb: c_int = 973; +#[cfg(ossl111)] +pub const NID_sm4_cbc: c_int = 1134; +#[cfg(libressl291)] +pub const NID_sm4_cbc: c_int = 974; +#[cfg(ossl111)] +pub const NID_sm4_ofb128: c_int = 1135; +#[cfg(libressl291)] +pub const NID_sm4_ofb128: c_int = 975; +#[cfg(ossl111)] +pub const NID_sm4_cfb128: c_int = 1137; +#[cfg(libressl291)] +pub const NID_sm4_cfb128: c_int = 976; +#[cfg(ossl111)] +pub const NID_sm4_cfb1: c_int = 1136; +#[cfg(libressl291)] +pub const NID_sm4_cfb1: c_int = 977; +#[cfg(ossl111)] +pub const NID_sm4_cfb8: c_int = 1138; +#[cfg(libressl291)] +pub const NID_sm4_cfb8: c_int = 978; +#[cfg(ossl111)] +pub const NID_sm4_ctr: c_int = 1139; +#[cfg(libressl291)] +pub const NID_sm4_ctr: c_int = 979; +#[cfg(ossl111)] +pub const NID_sha3_224: c_int = 1096; +#[cfg(ossl111)] +pub const NID_sha3_256: c_int = 1097; +#[cfg(ossl111)] +pub const NID_sha3_384: c_int = 1098; +#[cfg(ossl111)] +pub const NID_sha3_512: c_int = 1099; +#[cfg(ossl111)] +pub const NID_shake128: c_int = 1100; +#[cfg(ossl111)] +pub const NID_shake256: c_int = 1101; diff --git a/openssl-sys/src/ocsp.rs b/openssl-sys/src/ocsp.rs new file mode 100644 index 000000000..fc0db39e9 --- /dev/null +++ b/openssl-sys/src/ocsp.rs @@ -0,0 +1,35 @@ +use libc::*; + +pub const OCSP_REVOKED_STATUS_NOSTATUS: c_int = -1; +pub const OCSP_REVOKED_STATUS_UNSPECIFIED: c_int = 0; +pub const OCSP_REVOKED_STATUS_KEYCOMPROMISE: c_int = 1; +pub const OCSP_REVOKED_STATUS_CACOMPROMISE: c_int = 2; +pub const OCSP_REVOKED_STATUS_AFFILIATIONCHANGED: c_int = 3; +pub const OCSP_REVOKED_STATUS_SUPERSEDED: c_int = 4; +pub const OCSP_REVOKED_STATUS_CESSATIONOFOPERATION: c_int = 5; +pub const OCSP_REVOKED_STATUS_CERTIFICATEHOLD: c_int = 6; +pub const OCSP_REVOKED_STATUS_REMOVEFROMCRL: c_int = 8; + +pub const OCSP_NOCERTS: c_ulong = 0x1; +pub const OCSP_NOINTERN: c_ulong = 0x2; +pub const OCSP_NOSIGS: c_ulong = 0x4; +pub const OCSP_NOCHAIN: c_ulong = 0x8; +pub const OCSP_NOVERIFY: c_ulong = 0x10; +pub const OCSP_NOEXPLICIT: c_ulong = 0x20; +pub const OCSP_NOCASIGN: c_ulong = 0x40; +pub const OCSP_NODELEGATED: c_ulong = 0x80; +pub const OCSP_NOCHECKS: c_ulong = 0x100; +pub const OCSP_TRUSTOTHER: c_ulong = 0x200; +pub const OCSP_RESPID_KEY: c_ulong = 0x400; +pub const OCSP_NOTIME: c_ulong = 0x800; + +pub const OCSP_RESPONSE_STATUS_SUCCESSFUL: c_int = 0; +pub const OCSP_RESPONSE_STATUS_MALFORMEDREQUEST: c_int = 1; +pub const OCSP_RESPONSE_STATUS_INTERNALERROR: c_int = 2; +pub const OCSP_RESPONSE_STATUS_TRYLATER: c_int = 3; +pub const OCSP_RESPONSE_STATUS_SIGREQUIRED: c_int = 5; +pub const OCSP_RESPONSE_STATUS_UNAUTHORIZED: c_int = 6; + +pub const V_OCSP_CERTSTATUS_GOOD: c_int = 0; +pub const V_OCSP_CERTSTATUS_REVOKED: c_int = 1; +pub const V_OCSP_CERTSTATUS_UNKNOWN: c_int = 2; diff --git a/openssl-sys/src/pem.rs b/openssl-sys/src/pem.rs new file mode 100644 index 000000000..f7dd8ac30 --- /dev/null +++ b/openssl-sys/src/pem.rs @@ -0,0 +1,3 @@ +use libc::*; + +pub const PEM_R_NO_START_LINE: c_int = 108; diff --git a/openssl-sys/src/pkcs7.rs b/openssl-sys/src/pkcs7.rs new file mode 100644 index 000000000..0a56225a9 --- /dev/null +++ b/openssl-sys/src/pkcs7.rs @@ -0,0 +1,20 @@ +use libc::*; + +pub const PKCS7_TEXT: c_int = 0x1; +pub const PKCS7_NOCERTS: c_int = 0x2; +pub const PKCS7_NOSIGS: c_int = 0x4; +pub const PKCS7_NOCHAIN: c_int = 0x8; +pub const PKCS7_NOINTERN: c_int = 0x10; +pub const PKCS7_NOVERIFY: c_int = 0x20; +pub const PKCS7_DETACHED: c_int = 0x40; +pub const PKCS7_BINARY: c_int = 0x80; +pub const PKCS7_NOATTR: c_int = 0x100; +pub const PKCS7_NOSMIMECAP: c_int = 0x200; +pub const PKCS7_NOOLDMIMETYPE: c_int = 0x400; +pub const PKCS7_CRLFEOL: c_int = 0x800; +pub const PKCS7_STREAM: c_int = 0x1000; +pub const PKCS7_NOCRL: c_int = 0x2000; +pub const PKCS7_PARTIAL: c_int = 0x4000; +pub const PKCS7_REUSE_DIGEST: c_int = 0x8000; +#[cfg(not(any(ossl101, ossl102, libressl)))] +pub const PKCS7_NO_DUAL_CONTENT: c_int = 0x10000; diff --git a/openssl-sys/src/rsa.rs b/openssl-sys/src/rsa.rs new file mode 100644 index 000000000..ff30cf1e2 --- /dev/null +++ b/openssl-sys/src/rsa.rs @@ -0,0 +1,101 @@ +use libc::*; +use std::ptr; + +use super::super::*; + +pub const RSA_F4: c_long = 0x10001; + +cfg_if! { + if #[cfg(not(ossl300))] { + pub unsafe fn EVP_PKEY_CTX_set_rsa_padding(ctx: *mut EVP_PKEY_CTX, pad: c_int) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + -1, + EVP_PKEY_CTRL_RSA_PADDING, + pad, + ptr::null_mut(), + ) + } + pub unsafe fn EVP_PKEY_CTX_get_rsa_padding(ctx: *mut EVP_PKEY_CTX, ppad: *mut c_int) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + -1, + EVP_PKEY_CTRL_GET_RSA_PADDING, + 0, + ppad as *mut c_void, + ) + } + + pub unsafe fn EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx: *mut EVP_PKEY_CTX, len: c_int) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY, + EVP_PKEY_CTRL_RSA_PSS_SALTLEN, + len, + ptr::null_mut(), + ) + } + + pub unsafe fn EVP_PKEY_CTX_set_rsa_mgf1_md(ctx: *mut EVP_PKEY_CTX, md: *mut EVP_MD) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, + EVP_PKEY_CTRL_RSA_MGF1_MD, + 0, + md as *mut c_void, + ) + } + } +} + +#[cfg(any(ossl102, libressl310))] +pub unsafe fn EVP_PKEY_CTX_set_rsa_oaep_md(ctx: *mut EVP_PKEY_CTX, md: *mut EVP_MD) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + EVP_PKEY_OP_TYPE_CRYPT, + EVP_PKEY_CTRL_RSA_OAEP_MD, + 0, + md as *mut c_void, + ) +} + +#[cfg(any(ossl102, libressl310))] +pub unsafe fn EVP_PKEY_CTX_set0_rsa_oaep_label( + ctx: *mut EVP_PKEY_CTX, + label: *mut c_void, + len: c_int, +) -> c_int { + EVP_PKEY_CTX_ctrl( + ctx, + EVP_PKEY_RSA, + EVP_PKEY_OP_TYPE_CRYPT, + EVP_PKEY_CTRL_RSA_OAEP_LABEL, + len, + label as *mut c_void, + ) +} + +pub const EVP_PKEY_CTRL_RSA_PADDING: c_int = EVP_PKEY_ALG_CTRL + 1; +pub const EVP_PKEY_CTRL_RSA_PSS_SALTLEN: c_int = EVP_PKEY_ALG_CTRL + 2; + +pub const EVP_PKEY_CTRL_RSA_MGF1_MD: c_int = EVP_PKEY_ALG_CTRL + 5; + +pub const EVP_PKEY_CTRL_GET_RSA_PADDING: c_int = EVP_PKEY_ALG_CTRL + 6; + +#[cfg(any(ossl102, libressl310))] +pub const EVP_PKEY_CTRL_RSA_OAEP_MD: c_int = EVP_PKEY_ALG_CTRL + 9; +#[cfg(any(ossl102, libressl310))] +pub const EVP_PKEY_CTRL_RSA_OAEP_LABEL: c_int = EVP_PKEY_ALG_CTRL + 10; + +pub const RSA_PKCS1_PADDING: c_int = 1; +#[cfg(not(ossl300))] +pub const RSA_SSLV23_PADDING: c_int = 2; +pub const RSA_NO_PADDING: c_int = 3; +pub const RSA_PKCS1_OAEP_PADDING: c_int = 4; +pub const RSA_X931_PADDING: c_int = 5; +pub const RSA_PKCS1_PSS_PADDING: c_int = 6; diff --git a/openssl-sys/src/sha.rs b/openssl-sys/src/sha.rs new file mode 100644 index 000000000..4ad0c17cd --- /dev/null +++ b/openssl-sys/src/sha.rs @@ -0,0 +1,103 @@ +use super::*; +use libc::*; +use std::ptr; + +#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] +pub const SHA_LBLOCK: c_int = 16; + +#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] +pub type SHA_LONG = c_uint; + +cfg_if! { + if #[cfg(ossl300)] { + #[cfg(ossl300)] + // Ideally we'd macro define these, but that crashes ctest :( + pub unsafe fn SHA1(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar { + if EVP_Q_digest( + ptr::null_mut(), + "SHA1\0".as_ptr() as *const c_char, + ptr::null(), + d as *const c_void, + n, + md, + ptr::null_mut(), + ) != 0 + { + md + } else { + ptr::null_mut() + } + } + + pub unsafe fn SHA224(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar { + if EVP_Q_digest( + ptr::null_mut(), + "SHA224\0".as_ptr() as *const c_char, + ptr::null(), + d as *const c_void, + n, + md, + ptr::null_mut(), + ) != 0 { + md + } else { + ptr::null_mut() + } + } + + pub unsafe fn SHA256(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar { + if EVP_Q_digest( + ptr::null_mut(), + "SHA256\0".as_ptr() as *const c_char, + ptr::null(), + d as *const c_void, + n, + md, + ptr::null_mut(), + ) != 0 { + md + } else { + ptr::null_mut() + } + } + } +} + +#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))] +pub type SHA_LONG64 = u64; + +cfg_if! { + if #[cfg(ossl300)] { + pub unsafe fn SHA384(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar { + if EVP_Q_digest( + ptr::null_mut(), + "SHA384\0".as_ptr() as *const c_char, + ptr::null(), + d as *const c_void, + n, + md, + ptr::null_mut(), + ) != 0 { + md + } else { + ptr::null_mut() + } + } + + pub unsafe fn SHA512(d: *const c_uchar, n: size_t, md: *mut c_uchar) -> *mut c_uchar { + if EVP_Q_digest( + ptr::null_mut(), + "SHA512\0".as_ptr() as *const c_char, + ptr::null(), + d as *const c_void, + n, + md, + ptr::null_mut(), + ) != 0 { + md + } else { + ptr::null_mut() + } + } + } +} diff --git a/openssl-sys/src/srtp.rs b/openssl-sys/src/srtp.rs new file mode 100644 index 000000000..93c77970c --- /dev/null +++ b/openssl-sys/src/srtp.rs @@ -0,0 +1,14 @@ +use libc::*; + +pub const SRTP_AES128_CM_SHA1_80: c_ulong = 0x0001; +pub const SRTP_AES128_CM_SHA1_32: c_ulong = 0x0002; +pub const SRTP_AES128_F8_SHA1_80: c_ulong = 0x0003; +pub const SRTP_AES128_F8_SHA1_32: c_ulong = 0x0004; +pub const SRTP_NULL_SHA1_80: c_ulong = 0x0005; +pub const SRTP_NULL_SHA1_32: c_ulong = 0x0006; + +/* AEAD SRTP protection profiles from RFC 7714 */ +#[cfg(ossl110)] +pub const SRTP_AEAD_AES_128_GCM: c_ulong = 0x0007; +#[cfg(ossl110)] +pub const SRTP_AEAD_AES_256_GCM: c_ulong = 0x0008; diff --git a/openssl-sys/src/ssl.rs b/openssl-sys/src/ssl.rs new file mode 100644 index 000000000..e81267333 --- /dev/null +++ b/openssl-sys/src/ssl.rs @@ -0,0 +1,631 @@ +use libc::*; +use std::ptr; + +use super::*; + +#[cfg(not(ossl110))] +pub const SSL_MAX_KRB5_PRINCIPAL_LENGTH: c_int = 256; + +#[cfg(not(ossl110))] +pub const SSL_MAX_SSL_SESSION_ID_LENGTH: c_int = 32; +#[cfg(not(ossl110))] +pub const SSL_MAX_SID_CTX_LENGTH: c_int = 32; + +#[cfg(not(ossl110))] +pub const SSL_MAX_KEY_ARG_LENGTH: c_int = 8; +#[cfg(not(ossl110))] +pub const SSL_MAX_MASTER_KEY_LENGTH: c_int = 48; + +pub const SSL_SENT_SHUTDOWN: c_int = 1; +pub const SSL_RECEIVED_SHUTDOWN: c_int = 2; + +pub const SSL_FILETYPE_PEM: c_int = X509_FILETYPE_PEM; +pub const SSL_FILETYPE_ASN1: c_int = X509_FILETYPE_ASN1; + +#[cfg(ossl111)] +pub const SSL_EXT_TLS_ONLY: c_uint = 0x0001; +/* This extension is only allowed in DTLS */ +#[cfg(ossl111)] +pub const SSL_EXT_DTLS_ONLY: c_uint = 0x0002; +/* Some extensions may be allowed in DTLS but we don't implement them for it */ +#[cfg(ossl111)] +pub const SSL_EXT_TLS_IMPLEMENTATION_ONLY: c_uint = 0x0004; +/* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is */ +#[cfg(ossl111)] +pub const SSL_EXT_SSL3_ALLOWED: c_uint = 0x0008; +/* Extension is only defined for TLS1.2 and below */ +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_2_AND_BELOW_ONLY: c_uint = 0x0010; +/* Extension is only defined for TLS1.3 and above */ +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_ONLY: c_uint = 0x0020; +/* Ignore this extension during parsing if we are resuming */ +#[cfg(ossl111)] +pub const SSL_EXT_IGNORE_ON_RESUMPTION: c_uint = 0x0040; +#[cfg(ossl111)] +pub const SSL_EXT_CLIENT_HELLO: c_uint = 0x0080; +/* Really means TLS1.2 or below */ +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_2_SERVER_HELLO: c_uint = 0x0100; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_SERVER_HELLO: c_uint = 0x0200; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS: c_uint = 0x0400; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST: c_uint = 0x0800; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_CERTIFICATE: c_uint = 0x1000; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_NEW_SESSION_TICKET: c_uint = 0x2000; +#[cfg(ossl111)] +pub const SSL_EXT_TLS1_3_CERTIFICATE_REQUEST: c_uint = 0x4000; + +cfg_if! { + if #[cfg(ossl300)] { + macro_rules! ssl_op_type { + () => {u64}; + } + } else { + macro_rules! ssl_op_type { + () => {c_ulong}; + } + } +} + +pub const SSL_OP_LEGACY_SERVER_CONNECT: ssl_op_type!() = 0x00000004; +cfg_if! { + if #[cfg(libressl261)] { + pub const SSL_OP_TLSEXT_PADDING: ssl_op_type!() = 0x0; + } else if #[cfg(any(ossl102, libressl))] { + pub const SSL_OP_TLSEXT_PADDING: ssl_op_type!() = 0x10; + } +} +#[cfg(ossl101)] +pub const SSL_OP_SAFARI_ECDHE_ECDSA_BUG: ssl_op_type!() = 0x00000040; + +pub const SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS: ssl_op_type!() = 0x00000800; + +pub const SSL_OP_NO_QUERY_MTU: ssl_op_type!() = 0x00001000; +pub const SSL_OP_COOKIE_EXCHANGE: ssl_op_type!() = 0x00002000; +pub const SSL_OP_NO_TICKET: ssl_op_type!() = 0x00004000; +cfg_if! { + if #[cfg(ossl101)] { + pub const SSL_OP_CISCO_ANYCONNECT: ssl_op_type!() = 0x00008000; + } else { + pub const SSL_OP_CISCO_ANYCONNECT: ssl_op_type!() = 0x0; + } +} + +pub const SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION: ssl_op_type!() = 0x00010000; +cfg_if! { + if #[cfg(ossl101)] { + pub const SSL_OP_NO_COMPRESSION: ssl_op_type!() = 0x00020000; + pub const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: ssl_op_type!() = 0x00040000; + } else { + pub const SSL_OP_NO_COMPRESSION: ssl_op_type!() = 0x0; + pub const SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION: ssl_op_type!() = 0x0; + } +} + +#[cfg(ossl111)] +pub const SSL_OP_ENABLE_MIDDLEBOX_COMPAT: ssl_op_type!() = 0x00100000; +#[cfg(ossl111)] +pub const SSL_OP_PRIORITIZE_CHACHA: ssl_op_type!() = 0x00200000; + +pub const SSL_OP_CIPHER_SERVER_PREFERENCE: ssl_op_type!() = 0x00400000; +cfg_if! { + if #[cfg(libressl280)] { + pub const SSL_OP_TLS_ROLLBACK_BUG: ssl_op_type!() = 0; + } else { + pub const SSL_OP_TLS_ROLLBACK_BUG: ssl_op_type!() = 0x00800000; + } +} + +cfg_if! { + if #[cfg(ossl101)] { + pub const SSL_OP_NO_SSLv3: ssl_op_type!() = 0x02000000; + } else { + pub const SSL_OP_NO_SSLv3: ssl_op_type!() = 0x0; + } +} +pub const SSL_OP_NO_TLSv1_1: ssl_op_type!() = 0x10000000; +pub const SSL_OP_NO_TLSv1_2: ssl_op_type!() = 0x08000000; + +pub const SSL_OP_NO_TLSv1: ssl_op_type!() = 0x04000000; +cfg_if! { + if #[cfg(ossl102)] { + pub const SSL_OP_NO_DTLSv1: ssl_op_type!() = 0x04000000; + pub const SSL_OP_NO_DTLSv1_2: ssl_op_type!() = 0x08000000; + } else if #[cfg(libressl332)] { + pub const SSL_OP_NO_DTLSv1: ssl_op_type!() = 0x40000000; + pub const SSL_OP_NO_DTLSv1_2: ssl_op_type!() = 0x80000000; + } +} +#[cfg(any(ossl111, libressl340))] +pub const SSL_OP_NO_TLSv1_3: ssl_op_type!() = 0x20000000; + +#[cfg(ossl110h)] +pub const SSL_OP_NO_RENEGOTIATION: ssl_op_type!() = 0x40000000; + +cfg_if! { + if #[cfg(ossl111)] { + pub const SSL_OP_NO_SSL_MASK: ssl_op_type!() = SSL_OP_NO_SSLv2 + | SSL_OP_NO_SSLv3 + | SSL_OP_NO_TLSv1 + | SSL_OP_NO_TLSv1_1 + | SSL_OP_NO_TLSv1_2 + | SSL_OP_NO_TLSv1_3; + } else if #[cfg(ossl102)] { + pub const SSL_OP_NO_SSL_MASK: ssl_op_type!() = + SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2; + } +} + +cfg_if! { + if #[cfg(libressl261)] { + pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: ssl_op_type!() = 0x0; + } else { + pub const SSL_OP_CRYPTOPRO_TLSEXT_BUG: ssl_op_type!() = 0x80000000; + } +} + +cfg_if! { + if #[cfg(ossl300)] { + pub const SSL_OP_ALL: ssl_op_type!() = SSL_OP_CRYPTOPRO_TLSEXT_BUG + | SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS + | SSL_OP_TLSEXT_PADDING + | SSL_OP_SAFARI_ECDHE_ECDSA_BUG; + } else if #[cfg(ossl110f)] { + pub const SSL_OP_ALL: ssl_op_type!() = SSL_OP_CRYPTOPRO_TLSEXT_BUG + | SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS + | SSL_OP_LEGACY_SERVER_CONNECT + | SSL_OP_TLSEXT_PADDING + | SSL_OP_SAFARI_ECDHE_ECDSA_BUG; + } else if #[cfg(libressl261)] { + pub const SSL_OP_ALL: ssl_op_type!() = 0x4; + } else if #[cfg(libressl)] { + pub const SSL_OP_ALL: ssl_op_type!() = 0x80000014; + } else { + pub const SSL_OP_ALL: ssl_op_type!() = 0x80000BFF; + } +} + +cfg_if! { + if #[cfg(ossl110)] { + pub const SSL_OP_MICROSOFT_SESS_ID_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: ssl_op_type!() = 0x00000000; + pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_TLS_D5_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_TLS_BLOCK_PADDING_BUG: ssl_op_type!() = 0x00000000; + pub const SSL_OP_SINGLE_ECDH_USE: ssl_op_type!() = 0x00000000; + pub const SSL_OP_SINGLE_DH_USE: ssl_op_type!() = 0x00000000; + pub const SSL_OP_NO_SSLv2: ssl_op_type!() = 0x00000000; + } else if #[cfg(ossl101)] { + pub const SSL_OP_MICROSOFT_SESS_ID_BUG: ssl_op_type!() = 0x00000001; + pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: ssl_op_type!() = 0x00000002; + pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: ssl_op_type!() = 0x00000008; + pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: ssl_op_type!() = 0x00000020; + pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: ssl_op_type!() = 0x00000080; + pub const SSL_OP_TLS_D5_BUG: ssl_op_type!() = 0x00000100; + pub const SSL_OP_TLS_BLOCK_PADDING_BUG: ssl_op_type!() = 0x00000200; + pub const SSL_OP_SINGLE_ECDH_USE: ssl_op_type!() = 0x00080000; + pub const SSL_OP_SINGLE_DH_USE: ssl_op_type!() = 0x00100000; + pub const SSL_OP_NO_SSLv2: ssl_op_type!() = 0x01000000; + } else { + pub const SSL_OP_MICROSOFT_SESS_ID_BUG: ssl_op_type!() = 0x0; + pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: ssl_op_type!() = 0x0; + pub const SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG: ssl_op_type!() = 0x0; + pub const SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER: ssl_op_type!() = 0x0; + pub const SSL_OP_SSLEAY_080_CLIENT_DH_BUG: ssl_op_type!() = 0x0; + pub const SSL_OP_TLS_D5_BUG: ssl_op_type!() = 0x0; + pub const SSL_OP_TLS_BLOCK_PADDING_BUG: ssl_op_type!() = 0x0; + #[cfg(libressl261)] + pub const SSL_OP_SINGLE_ECDH_USE: ssl_op_type!() = 0x0; + #[cfg(not(libressl261))] + pub const SSL_OP_SINGLE_ECDH_USE: ssl_op_type!() = 0x00080000; + pub const SSL_OP_SINGLE_DH_USE: ssl_op_type!() = 0x00100000; + pub const SSL_OP_NO_SSLv2: ssl_op_type!() = 0x0; + } +} + +pub const SSL_MODE_ENABLE_PARTIAL_WRITE: c_long = 0x1; +pub const SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER: c_long = 0x2; +pub const SSL_MODE_AUTO_RETRY: c_long = 0x4; +pub const SSL_MODE_NO_AUTO_CHAIN: c_long = 0x8; +pub const SSL_MODE_RELEASE_BUFFERS: c_long = 0x10; +#[cfg(ossl101)] +pub const SSL_MODE_SEND_CLIENTHELLO_TIME: c_long = 0x20; +#[cfg(ossl101)] +pub const SSL_MODE_SEND_SERVERHELLO_TIME: c_long = 0x40; +#[cfg(ossl101)] +pub const SSL_MODE_SEND_FALLBACK_SCSV: c_long = 0x80; + +pub unsafe fn SSL_CTX_set_mode(ctx: *mut SSL_CTX, op: c_long) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, ptr::null_mut()) +} + +#[cfg(ossl111)] +pub const SSL_COOKIE_LENGTH: c_int = 4096; + +cfg_if! { + if #[cfg(not(ossl110))] { + pub unsafe fn SSL_CTX_get_options(ctx: *const SSL_CTX) -> c_ulong { + SSL_CTX_ctrl(ctx as *mut _, SSL_CTRL_OPTIONS, 0, ptr::null_mut()) as c_ulong + } + + pub unsafe fn SSL_CTX_set_options(ctx: *const SSL_CTX, op: c_ulong) -> c_ulong { + SSL_CTX_ctrl( + ctx as *mut _, + SSL_CTRL_OPTIONS, + op as c_long, + ptr::null_mut(), + ) as c_ulong + } + + pub unsafe fn SSL_CTX_clear_options(ctx: *const SSL_CTX, op: c_ulong) -> c_ulong { + SSL_CTX_ctrl( + ctx as *mut _, + SSL_CTRL_CLEAR_OPTIONS, + op as c_long, + ptr::null_mut(), + ) as c_ulong + } + } +} + +pub unsafe fn SSL_set_mtu(ssl: *mut SSL, mtu: c_long) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_SET_MTU, mtu, ptr::null_mut()) +} + +#[cfg(ossl110)] +pub unsafe fn SSL_get_extms_support(ssl: *mut SSL) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_GET_EXTMS_SUPPORT, 0, ptr::null_mut()) +} + +pub const SSL_SESS_CACHE_OFF: c_long = 0x0; +pub const SSL_SESS_CACHE_CLIENT: c_long = 0x1; +pub const SSL_SESS_CACHE_SERVER: c_long = 0x2; +pub const SSL_SESS_CACHE_BOTH: c_long = SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_SERVER; +pub const SSL_SESS_CACHE_NO_AUTO_CLEAR: c_long = 0x80; +pub const SSL_SESS_CACHE_NO_INTERNAL_LOOKUP: c_long = 0x100; +pub const SSL_SESS_CACHE_NO_INTERNAL_STORE: c_long = 0x200; +pub const SSL_SESS_CACHE_NO_INTERNAL: c_long = + SSL_SESS_CACHE_NO_INTERNAL_LOOKUP | SSL_SESS_CACHE_NO_INTERNAL_STORE; + +pub const OPENSSL_NPN_UNSUPPORTED: c_int = 0; +pub const OPENSSL_NPN_NEGOTIATED: c_int = 1; +pub const OPENSSL_NPN_NO_OVERLAP: c_int = 2; + +pub const SSL_AD_ILLEGAL_PARAMETER: c_int = SSL3_AD_ILLEGAL_PARAMETER; +pub const SSL_AD_DECODE_ERROR: c_int = TLS1_AD_DECODE_ERROR; +pub const SSL_AD_UNRECOGNIZED_NAME: c_int = TLS1_AD_UNRECOGNIZED_NAME; +pub const SSL_ERROR_NONE: c_int = 0; +pub const SSL_ERROR_SSL: c_int = 1; +pub const SSL_ERROR_SYSCALL: c_int = 5; +pub const SSL_ERROR_WANT_ACCEPT: c_int = 8; +pub const SSL_ERROR_WANT_CONNECT: c_int = 7; +pub const SSL_ERROR_WANT_READ: c_int = 2; +pub const SSL_ERROR_WANT_WRITE: c_int = 3; +pub const SSL_ERROR_WANT_X509_LOOKUP: c_int = 4; +pub const SSL_ERROR_ZERO_RETURN: c_int = 6; +#[cfg(ossl111)] +pub const SSL_ERROR_WANT_CLIENT_HELLO_CB: c_int = 11; +pub const SSL_VERIFY_NONE: c_int = 0; +pub const SSL_VERIFY_PEER: c_int = 1; +pub const SSL_VERIFY_FAIL_IF_NO_PEER_CERT: c_int = 2; +pub const SSL_CTRL_SET_TMP_DH: c_int = 3; +pub const SSL_CTRL_SET_TMP_ECDH: c_int = 4; +#[cfg(any(libressl, all(ossl101, not(ossl110))))] +pub const SSL_CTRL_GET_SESSION_REUSED: c_int = 8; +pub const SSL_CTRL_EXTRA_CHAIN_CERT: c_int = 14; +pub const SSL_CTRL_SET_MTU: c_int = 17; +#[cfg(any(libressl, all(ossl101, not(ossl110))))] +pub const SSL_CTRL_OPTIONS: c_int = 32; +pub const SSL_CTRL_MODE: c_int = 33; +pub const SSL_CTRL_SET_READ_AHEAD: c_int = 41; +pub const SSL_CTRL_SET_SESS_CACHE_SIZE: c_int = 42; +pub const SSL_CTRL_GET_SESS_CACHE_SIZE: c_int = 43; +pub const SSL_CTRL_SET_SESS_CACHE_MODE: c_int = 44; +pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_CB: c_int = 53; +pub const SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG: c_int = 54; +pub const SSL_CTRL_SET_TLSEXT_HOSTNAME: c_int = 55; +pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB: c_int = 63; +pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG: c_int = 64; +pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE: c_int = 65; +pub const SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: c_int = 70; +pub const SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: c_int = 71; +#[cfg(any(libressl, all(ossl101, not(ossl110))))] +pub const SSL_CTRL_CLEAR_OPTIONS: c_int = 77; +pub const SSL_CTRL_GET_EXTRA_CHAIN_CERTS: c_int = 82; +#[cfg(ossl102)] +pub const SSL_CTRL_CHAIN_CERT: c_int = 89; +#[cfg(any(ossl111, libressl252))] +pub const SSL_CTRL_SET_GROUPS_LIST: c_int = 92; +#[cfg(any(libressl, all(ossl102, not(ossl110))))] +pub const SSL_CTRL_SET_ECDH_AUTO: c_int = 94; +#[cfg(ossl102)] +pub const SSL_CTRL_SET_SIGALGS_LIST: c_int = 98; +#[cfg(ossl102)] +pub const SSL_CTRL_SET_VERIFY_CERT_STORE: c_int = 106; +#[cfg(ossl110)] +pub const SSL_CTRL_GET_EXTMS_SUPPORT: c_int = 122; +#[cfg(any(ossl110, libressl261))] +pub const SSL_CTRL_SET_MIN_PROTO_VERSION: c_int = 123; +#[cfg(any(ossl110, libressl261))] +pub const SSL_CTRL_SET_MAX_PROTO_VERSION: c_int = 124; +#[cfg(any(ossl110g, libressl270))] +pub const SSL_CTRL_GET_MIN_PROTO_VERSION: c_int = 130; +#[cfg(any(ossl110g, libressl270))] +pub const SSL_CTRL_GET_MAX_PROTO_VERSION: c_int = 131; + +pub unsafe fn SSL_CTX_set_tmp_dh(ctx: *mut SSL_CTX, dh: *mut DH) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, dh as *mut c_void) +} + +pub unsafe fn SSL_CTX_set_tmp_ecdh(ctx: *mut SSL_CTX, key: *mut EC_KEY) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, key as *mut c_void) +} + +pub unsafe fn SSL_set_tmp_dh(ssl: *mut SSL, dh: *mut DH) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_SET_TMP_DH, 0, dh as *mut c_void) +} + +pub unsafe fn SSL_set_tmp_ecdh(ssl: *mut SSL, key: *mut EC_KEY) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH, 0, key as *mut c_void) +} + +pub unsafe fn SSL_CTX_add_extra_chain_cert(ctx: *mut SSL_CTX, x509: *mut X509) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509 as *mut c_void) +} + +pub unsafe fn SSL_CTX_get_extra_chain_certs( + ctx: *mut SSL_CTX, + chain: *mut *mut stack_st_X509, +) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, chain as *mut c_void) +} + +#[cfg(ossl102)] +pub unsafe fn SSL_CTX_set0_verify_cert_store(ctx: *mut SSL_CTX, st: *mut X509_STORE) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st as *mut c_void) +} + +#[cfg(ossl102)] +pub unsafe fn SSL_set0_verify_cert_store(ssl: *mut SSL, st: *mut X509_STORE) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st as *mut c_void) +} + +cfg_if! { + if #[cfg(ossl111)] { + pub unsafe fn SSL_CTX_set1_groups_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_long { + SSL_CTX_ctrl( + ctx, + SSL_CTRL_SET_GROUPS_LIST, + 0, + s as *const c_void as *mut c_void, + ) + } + } else if #[cfg(libressl251)] { + extern "C" { + pub fn SSL_CTX_set1_groups_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_int; + } + } +} + +#[cfg(ossl102)] +pub unsafe fn SSL_add0_chain_cert(ssl: *mut SSL, ptr: *mut X509) -> c_long { + SSL_ctrl(ssl, SSL_CTRL_CHAIN_CERT, 0, ptr as *mut c_void) +} + +#[cfg(ossl102)] +pub unsafe fn SSL_CTX_set1_sigalgs_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_long { + SSL_CTX_ctrl( + ctx, + SSL_CTRL_SET_SIGALGS_LIST, + 0, + s as *const c_void as *mut c_void, + ) +} + +#[cfg(any(libressl, all(ossl102, not(ossl110))))] +pub unsafe fn SSL_CTX_set_ecdh_auto(ctx: *mut SSL_CTX, onoff: c_int) -> c_int { + SSL_CTX_ctrl( + ctx, + SSL_CTRL_SET_ECDH_AUTO, + onoff as c_long, + ptr::null_mut(), + ) as c_int +} + +#[cfg(any(libressl, all(ossl102, not(ossl110))))] +pub unsafe fn SSL_set_ecdh_auto(ssl: *mut SSL, onoff: c_int) -> c_int { + SSL_ctrl( + ssl, + SSL_CTRL_SET_ECDH_AUTO, + onoff as c_long, + ptr::null_mut(), + ) as c_int +} + +cfg_if! { + if #[cfg(ossl110)] { + pub unsafe fn SSL_CTX_set_min_proto_version(ctx: *mut SSL_CTX, version: c_int) -> c_int { + SSL_CTX_ctrl( + ctx, + SSL_CTRL_SET_MIN_PROTO_VERSION, + version as c_long, + ptr::null_mut(), + ) as c_int + } + + pub unsafe fn SSL_CTX_set_max_proto_version(ctx: *mut SSL_CTX, version: c_int) -> c_int { + SSL_CTX_ctrl( + ctx, + SSL_CTRL_SET_MAX_PROTO_VERSION, + version as c_long, + ptr::null_mut(), + ) as c_int + } + + pub unsafe fn SSL_set_min_proto_version(s: *mut SSL, version: c_int) -> c_int { + SSL_ctrl( + s, + SSL_CTRL_SET_MIN_PROTO_VERSION, + version as c_long, + ptr::null_mut(), + ) as c_int + } + + pub unsafe fn SSL_set_max_proto_version(s: *mut SSL, version: c_int) -> c_int { + SSL_ctrl( + s, + SSL_CTRL_SET_MAX_PROTO_VERSION, + version as c_long, + ptr::null_mut(), + ) as c_int + } + } +} + +cfg_if! { + if #[cfg(ossl110g)] { + pub unsafe fn SSL_CTX_get_min_proto_version(ctx: *mut SSL_CTX) -> c_int { + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, ptr::null_mut()) as c_int + } + + pub unsafe fn SSL_CTX_get_max_proto_version(ctx: *mut SSL_CTX) -> c_int { + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, ptr::null_mut()) as c_int + } + pub unsafe fn SSL_get_min_proto_version(s: *mut SSL) -> c_int { + SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, ptr::null_mut()) as c_int + } + pub unsafe fn SSL_get_max_proto_version(s: *mut SSL) -> c_int { + SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, ptr::null_mut()) as c_int + } + } +} + +#[cfg(ossl111)] +pub const SSL_CLIENT_HELLO_SUCCESS: c_int = 1; +#[cfg(ossl111)] +pub const SSL_CLIENT_HELLO_ERROR: c_int = 0; +#[cfg(ossl111)] +pub const SSL_CLIENT_HELLO_RETRY: c_int = -1; + +#[cfg(any(ossl111, libressl340))] +pub const SSL_READ_EARLY_DATA_ERROR: c_int = 0; +#[cfg(any(ossl111, libressl340))] +pub const SSL_READ_EARLY_DATA_SUCCESS: c_int = 1; +#[cfg(any(ossl111, libressl340))] +pub const SSL_READ_EARLY_DATA_FINISH: c_int = 2; + +cfg_if! { + if #[cfg(ossl110)] { + pub unsafe fn SSL_get_ex_new_index( + l: c_long, + p: *mut c_void, + newf: Option, + dupf: Option, + freef: Option, + ) -> c_int { + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, l, p, newf, dupf, freef) + } + } +} +cfg_if! { + if #[cfg(ossl110)] { + pub unsafe fn SSL_CTX_get_ex_new_index( + l: c_long, + p: *mut c_void, + newf: Option, + dupf: Option, + freef: Option, + ) -> c_int { + CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, l, p, newf, dupf, freef) + } + } +} + +pub unsafe fn SSL_CTX_sess_set_cache_size(ctx: *mut SSL_CTX, t: c_long) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_SIZE, t, ptr::null_mut()) +} + +pub unsafe fn SSL_CTX_sess_get_cache_size(ctx: *mut SSL_CTX) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_SIZE, 0, ptr::null_mut()) +} + +pub unsafe fn SSL_CTX_set_session_cache_mode(ctx: *mut SSL_CTX, m: c_long) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, m, ptr::null_mut()) +} + +pub unsafe fn SSL_CTX_set_read_ahead(ctx: *mut SSL_CTX, m: c_long) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_READ_AHEAD, m, ptr::null_mut()) +} + +#[allow(clashing_extern_declarations)] +extern "C" { + #[deprecated(note = "use SSL_CTX_set_tmp_dh_callback__fixed_rust instead")] + pub fn SSL_CTX_set_tmp_dh_callback( + ctx: *mut SSL_CTX, + dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH, + ); + #[deprecated(note = "use SSL_set_tmp_dh_callback__fixed_rust instead")] + pub fn SSL_set_tmp_dh_callback( + ctx: *mut SSL, + dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH, + ); + #[deprecated(note = "use SSL_CTX_set_tmp_ecdh_callback__fixed_rust instead")] + #[cfg(not(ossl110))] + pub fn SSL_CTX_set_tmp_ecdh_callback( + ctx: *mut SSL_CTX, + ecdh: unsafe extern "C" fn( + ssl: *mut SSL, + is_export: c_int, + keylength: c_int, + ) -> *mut EC_KEY, + ); + #[deprecated(note = "use SSL_set_tmp_ecdh_callback__fixed_rust instead")] + #[cfg(not(ossl110))] + pub fn SSL_set_tmp_ecdh_callback( + ssl: *mut SSL, + ecdh: unsafe extern "C" fn( + ssl: *mut SSL, + is_export: c_int, + keylength: c_int, + ) -> *mut EC_KEY, + ); + + #[deprecated(note = "use SSL_CTX_callback_ctrl__fixed_rust instead")] + pub fn SSL_CTX_callback_ctrl( + ctx: *mut SSL_CTX, + cmd: c_int, + fp: Option, + ) -> c_long; + + #[deprecated(note = "use SSL_CTX_set_alpn_select_cb__fixed_rust instead")] + #[cfg(any(ossl102, libressl261))] + pub fn SSL_CTX_set_alpn_select_cb( + ssl: *mut SSL_CTX, + cb: extern "C" fn( + ssl: *mut SSL, + out: *mut *const c_uchar, + outlen: *mut c_uchar, + inbuf: *const c_uchar, + inlen: c_uint, + arg: *mut c_void, + ) -> c_int, + arg: *mut c_void, + ); +} + +#[cfg(not(ossl110))] +pub unsafe fn SSL_session_reused(ssl: *mut SSL) -> c_int { + SSL_ctrl(ssl, SSL_CTRL_GET_SESSION_REUSED, 0, ptr::null_mut()) as c_int +} + +#[cfg(ossl110)] +pub const OPENSSL_INIT_LOAD_SSL_STRINGS: u64 = 0x00200000; +#[cfg(ossl111b)] +pub const OPENSSL_INIT_NO_ATEXIT: u64 = 0x00080000; diff --git a/openssl-sys/src/ssl3.rs b/openssl-sys/src/ssl3.rs new file mode 100644 index 000000000..822613eb2 --- /dev/null +++ b/openssl-sys/src/ssl3.rs @@ -0,0 +1,5 @@ +use libc::*; + +pub const SSL3_VERSION: c_int = 0x300; + +pub const SSL3_AD_ILLEGAL_PARAMETER: c_int = 47; diff --git a/openssl-sys/src/tls1.rs b/openssl-sys/src/tls1.rs new file mode 100644 index 000000000..f7ae30204 --- /dev/null +++ b/openssl-sys/src/tls1.rs @@ -0,0 +1,94 @@ +use libc::*; +use std::mem; +use std::ptr; + +use super::*; + +pub const TLS1_VERSION: c_int = 0x301; +pub const TLS1_1_VERSION: c_int = 0x302; +pub const TLS1_2_VERSION: c_int = 0x303; +#[cfg(any(ossl111, libressl340))] +pub const TLS1_3_VERSION: c_int = 0x304; + +pub const TLS1_AD_DECODE_ERROR: c_int = 50; +pub const TLS1_AD_UNRECOGNIZED_NAME: c_int = 112; + +pub const TLSEXT_NAMETYPE_host_name: c_int = 0; +pub const TLSEXT_STATUSTYPE_ocsp: c_int = 1; + +pub unsafe fn SSL_set_tlsext_host_name(s: *mut SSL, name: *mut c_char) -> c_long { + SSL_ctrl( + s, + SSL_CTRL_SET_TLSEXT_HOSTNAME, + TLSEXT_NAMETYPE_host_name as c_long, + name as *mut c_void, + ) +} + +pub unsafe fn SSL_set_tlsext_status_type(s: *mut SSL, type_: c_int) -> c_long { + SSL_ctrl( + s, + SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE, + type_ as c_long, + ptr::null_mut(), + ) +} + +pub unsafe fn SSL_get_tlsext_status_ocsp_resp(ssl: *mut SSL, resp: *mut *mut c_uchar) -> c_long { + SSL_ctrl( + ssl, + SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP, + 0, + resp as *mut c_void, + ) +} + +pub unsafe fn SSL_set_tlsext_status_ocsp_resp( + ssl: *mut SSL, + resp: *mut c_uchar, + len: c_long, +) -> c_long { + SSL_ctrl( + ssl, + SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP, + len, + resp as *mut c_void, + ) +} + +#[deprecated(note = "use SSL_CTX_set_tlsext_servername_callback__fixed_rust instead")] +#[allow(deprecated)] +pub unsafe fn SSL_CTX_set_tlsext_servername_callback( + ctx: *mut SSL_CTX, + // FIXME should have the right signature + cb: Option, +) -> c_long { + SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TLSEXT_SERVERNAME_CB, cb) +} + +pub unsafe fn SSL_CTX_set_tlsext_servername_callback__fixed_rust( + ctx: *mut SSL_CTX, + cb: Option c_int>, +) -> c_long { + SSL_CTX_callback_ctrl__fixed_rust(ctx, SSL_CTRL_SET_TLSEXT_SERVERNAME_CB, mem::transmute(cb)) +} + +pub const SSL_TLSEXT_ERR_OK: c_int = 0; +pub const SSL_TLSEXT_ERR_ALERT_WARNING: c_int = 1; +pub const SSL_TLSEXT_ERR_ALERT_FATAL: c_int = 2; +pub const SSL_TLSEXT_ERR_NOACK: c_int = 3; + +pub unsafe fn SSL_CTX_set_tlsext_servername_arg(ctx: *mut SSL_CTX, arg: *mut c_void) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG, 0, arg) +} + +pub unsafe fn SSL_CTX_set_tlsext_status_cb( + ctx: *mut SSL_CTX, + cb: Option c_int>, +) -> c_long { + SSL_CTX_callback_ctrl__fixed_rust(ctx, SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB, mem::transmute(cb)) +} + +pub unsafe fn SSL_CTX_set_tlsext_status_arg(ctx: *mut SSL_CTX, arg: *mut c_void) -> c_long { + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG, 0, arg) +} diff --git a/openssl-sys/src/types.rs b/openssl-sys/src/types.rs new file mode 100644 index 000000000..10c8f6771 --- /dev/null +++ b/openssl-sys/src/types.rs @@ -0,0 +1,21 @@ +use libc::*; + +use super::*; + +cfg_if! { + if #[cfg(any(ossl110, libressl280))] { + pub enum EVP_PKEY {} + } else { + #[repr(C)] + pub struct EVP_PKEY { + pub type_: c_int, + pub save_type: c_int, + pub references: c_int, + pub ameth: *const EVP_PKEY_ASN1_METHOD, + pub engine: *mut ENGINE, + pub pkey: *mut c_void, + pub save_parameters: c_int, + pub attributes: *mut stack_st_X509_ATTRIBUTE, + } + } +} diff --git a/openssl-sys/src/x509.rs b/openssl-sys/src/x509.rs new file mode 100644 index 000000000..714b06c9b --- /dev/null +++ b/openssl-sys/src/x509.rs @@ -0,0 +1,15 @@ +use libc::*; + +pub const X509_FILETYPE_PEM: c_int = 1; +pub const X509_FILETYPE_ASN1: c_int = 2; +pub const X509_FILETYPE_DEFAULT: c_int = 3; + +pub const ASN1_R_HEADER_TOO_LONG: c_int = 123; + +cfg_if! { + if #[cfg(not(any(ossl110, libressl350)))] { + pub const X509_LU_FAIL: c_int = 0; + pub const X509_LU_X509: c_int = 1; + pub const X509_LU_CRL: c_int = 2; + } +} diff --git a/openssl-sys/src/x509_vfy.rs b/openssl-sys/src/x509_vfy.rs new file mode 100644 index 000000000..2fa176fed --- /dev/null +++ b/openssl-sys/src/x509_vfy.rs @@ -0,0 +1,149 @@ +use libc::*; + +use super::*; + +pub const X509_V_OK: c_int = 0; +#[cfg(ossl102f)] +pub const X509_V_ERR_UNSPECIFIED: c_int = 1; +pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: c_int = 2; +pub const X509_V_ERR_UNABLE_TO_GET_CRL: c_int = 3; +pub const X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: c_int = 4; +pub const X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: c_int = 5; +pub const X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: c_int = 6; +pub const X509_V_ERR_CERT_SIGNATURE_FAILURE: c_int = 7; +pub const X509_V_ERR_CRL_SIGNATURE_FAILURE: c_int = 8; +pub const X509_V_ERR_CERT_NOT_YET_VALID: c_int = 9; +pub const X509_V_ERR_CERT_HAS_EXPIRED: c_int = 10; +pub const X509_V_ERR_CRL_NOT_YET_VALID: c_int = 11; +pub const X509_V_ERR_CRL_HAS_EXPIRED: c_int = 12; +pub const X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: c_int = 13; +pub const X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: c_int = 14; +pub const X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: c_int = 15; +pub const X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: c_int = 16; +pub const X509_V_ERR_OUT_OF_MEM: c_int = 17; +pub const X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: c_int = 18; +pub const X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: c_int = 19; +pub const X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: c_int = 20; +pub const X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: c_int = 21; +pub const X509_V_ERR_CERT_CHAIN_TOO_LONG: c_int = 22; +pub const X509_V_ERR_CERT_REVOKED: c_int = 23; +cfg_if! { + if #[cfg(ossl300)] { + pub const X509_V_ERR_NO_ISSUER_PUBLIC_KEY: c_int = 24; + } else { + pub const X509_V_ERR_INVALID_CA: c_int = 24; + } +} +pub const X509_V_ERR_PATH_LENGTH_EXCEEDED: c_int = 25; +pub const X509_V_ERR_INVALID_PURPOSE: c_int = 26; +pub const X509_V_ERR_CERT_UNTRUSTED: c_int = 27; +pub const X509_V_ERR_CERT_REJECTED: c_int = 28; +pub const X509_V_ERR_SUBJECT_ISSUER_MISMATCH: c_int = 29; +pub const X509_V_ERR_AKID_SKID_MISMATCH: c_int = 30; +pub const X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: c_int = 31; +pub const X509_V_ERR_KEYUSAGE_NO_CERTSIGN: c_int = 32; +pub const X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: c_int = 33; +pub const X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION: c_int = 34; +pub const X509_V_ERR_KEYUSAGE_NO_CRL_SIGN: c_int = 35; +pub const X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: c_int = 36; +pub const X509_V_ERR_INVALID_NON_CA: c_int = 37; +pub const X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: c_int = 38; +pub const X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE: c_int = 39; +pub const X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: c_int = 40; +pub const X509_V_ERR_INVALID_EXTENSION: c_int = 41; +pub const X509_V_ERR_INVALID_POLICY_EXTENSION: c_int = 42; +pub const X509_V_ERR_NO_EXPLICIT_POLICY: c_int = 43; +pub const X509_V_ERR_DIFFERENT_CRL_SCOPE: c_int = 44; +pub const X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: c_int = 45; +pub const X509_V_ERR_UNNESTED_RESOURCE: c_int = 46; +pub const X509_V_ERR_PERMITTED_VIOLATION: c_int = 47; +pub const X509_V_ERR_EXCLUDED_VIOLATION: c_int = 48; +pub const X509_V_ERR_SUBTREE_MINMAX: c_int = 49; +pub const X509_V_ERR_APPLICATION_VERIFICATION: c_int = 50; +pub const X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: c_int = 51; +pub const X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: c_int = 52; +pub const X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: c_int = 53; +pub const X509_V_ERR_CRL_PATH_VALIDATION_ERROR: c_int = 54; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_INVALID_VERSION: c_int = 56; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_INVALID_ALGORITHM: c_int = 57; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_INVALID_CURVE: c_int = 58; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM: c_int = 59; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED: c_int = 60; +#[cfg(ossl102)] +pub const X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256: c_int = 61; +#[cfg(ossl102)] +pub const X509_V_ERR_HOSTNAME_MISMATCH: c_int = 62; +#[cfg(ossl102)] +pub const X509_V_ERR_EMAIL_MISMATCH: c_int = 63; +#[cfg(ossl102)] +pub const X509_V_ERR_IP_ADDRESS_MISMATCH: c_int = 64; +cfg_if! { + if #[cfg(ossl110)] { + pub const X509_V_ERR_DANE_NO_MATCH: c_int = 65; + pub const X509_V_ERR_EE_KEY_TOO_SMALL: c_int = 66; + pub const X509_V_ERR_CA_KEY_TOO_SMALL: c_int = 67; + pub const X509_V_ERR_CA_MD_TOO_WEAK: c_int = 68; + pub const X509_V_ERR_INVALID_CALL: c_int = 69; + pub const X509_V_ERR_STORE_LOOKUP: c_int = 70; + pub const X509_V_ERR_NO_VALID_SCTS: c_int = 71; + } else if #[cfg(ossl102h)] { + pub const X509_V_ERR_INVALID_CALL: c_int = 65; + pub const X509_V_ERR_STORE_LOOKUP: c_int = 66; + pub const X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION: c_int = 67; + } +} +#[cfg(ossl300)] +pub const X509_V_ERR_INVALID_CA: c_int = 79; + +#[cfg(not(any(ossl110, libressl370)))] +pub const X509_V_FLAG_CB_ISSUER_CHECK: c_ulong = 0x1; +#[cfg(any(ossl110, libressl370))] +pub const X509_V_FLAG_CB_ISSUER_CHECK: c_ulong = 0x0; +pub const X509_V_FLAG_USE_CHECK_TIME: c_ulong = 0x2; +pub const X509_V_FLAG_CRL_CHECK: c_ulong = 0x4; +pub const X509_V_FLAG_CRL_CHECK_ALL: c_ulong = 0x8; +pub const X509_V_FLAG_IGNORE_CRITICAL: c_ulong = 0x10; +pub const X509_V_FLAG_X509_STRICT: c_ulong = 0x20; +pub const X509_V_FLAG_ALLOW_PROXY_CERTS: c_ulong = 0x40; +pub const X509_V_FLAG_POLICY_CHECK: c_ulong = 0x80; +pub const X509_V_FLAG_EXPLICIT_POLICY: c_ulong = 0x100; +pub const X509_V_FLAG_INHIBIT_ANY: c_ulong = 0x200; +pub const X509_V_FLAG_INHIBIT_MAP: c_ulong = 0x400; +pub const X509_V_FLAG_NOTIFY_POLICY: c_ulong = 0x800; +pub const X509_V_FLAG_EXTENDED_CRL_SUPPORT: c_ulong = 0x1000; +pub const X509_V_FLAG_USE_DELTAS: c_ulong = 0x2000; +pub const X509_V_FLAG_CHECK_SS_SIGNATURE: c_ulong = 0x4000; +#[cfg(ossl102)] +pub const X509_V_FLAG_TRUSTED_FIRST: c_ulong = 0x8000; +#[cfg(ossl102)] +pub const X509_V_FLAG_SUITEB_128_LOS_ONLY: c_ulong = 0x10000; +#[cfg(ossl102)] +pub const X509_V_FLAG_SUITEB_192_LOS: c_ulong = 0x20000; +#[cfg(ossl102)] +pub const X509_V_FLAG_SUITEB_128_LOS: c_ulong = 0x30000; +#[cfg(ossl102)] +pub const X509_V_FLAG_PARTIAL_CHAIN: c_ulong = 0x80000; +#[cfg(ossl110)] +pub const X509_V_FLAG_NO_ALT_CHAINS: c_ulong = 0x100000; +#[cfg(ossl110)] +pub const X509_V_FLAG_NO_CHECK_TIME: c_ulong = 0x200000; + +pub unsafe fn X509_LOOKUP_add_dir( + ctx: *mut X509_LOOKUP, + name: *const c_char, + _type: c_int, +) -> c_int { + const X509_L_ADD_DIR: c_int = 2; + X509_LOOKUP_ctrl( + ctx, + X509_L_ADD_DIR, + name, + _type as c_long, + std::ptr::null_mut(), + ) +} diff --git a/openssl-sys/src/x509v3.rs b/openssl-sys/src/x509v3.rs new file mode 100644 index 000000000..5ae443908 --- /dev/null +++ b/openssl-sys/src/x509v3.rs @@ -0,0 +1,93 @@ +use libc::*; + +use super::*; + +#[repr(C)] +pub struct GENERAL_NAME { + pub type_: c_int, + // FIXME should be a union + pub d: *mut c_void, +} + +stack!(stack_st_GENERAL_NAME); + +pub const GEN_OTHERNAME: c_int = 0; +pub const GEN_EMAIL: c_int = 1; +pub const GEN_DNS: c_int = 2; +pub const GEN_X400: c_int = 3; +pub const GEN_DIRNAME: c_int = 4; +pub const GEN_EDIPARTY: c_int = 5; +pub const GEN_URI: c_int = 6; +pub const GEN_IPADD: c_int = 7; +pub const GEN_RID: c_int = 8; + +#[cfg(any(ossl102, libressl261))] +pub const X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT: c_uint = 0x1; +#[cfg(any(ossl102, libressl261))] +pub const X509_CHECK_FLAG_NO_WILDCARDS: c_uint = 0x2; +#[cfg(any(ossl102, libressl261))] +pub const X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS: c_uint = 0x4; +#[cfg(any(ossl102, libressl261))] +pub const X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS: c_uint = 0x8; +#[cfg(any(ossl102, libressl261))] +pub const X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS: c_uint = 0x10; +#[cfg(ossl110)] +pub const X509_CHECK_FLAG_NEVER_CHECK_SUBJECT: c_uint = 0x20; + +pub const X509V3_ADD_DEFAULT: c_ulong = 0; +pub const X509V3_ADD_APPEND: c_ulong = 1; +pub const X509V3_ADD_REPLACE: c_ulong = 2; +pub const X509V3_ADD_REPLACE_EXISTING: c_ulong = 3; +pub const X509V3_ADD_KEEP_EXISTING: c_ulong = 4; +pub const X509V3_ADD_DELETE: c_ulong = 5; +pub const X509V3_ADD_SILENT: c_ulong = 0x10; + +pub const EXFLAG_BCONS: u32 = 0x1; +pub const EXFLAG_KUSAGE: u32 = 0x2; +pub const EXFLAG_XKUSAGE: u32 = 0x4; +pub const EXFLAG_NSCERT: u32 = 0x8; +pub const EXFLAG_CA: u32 = 0x10; +pub const EXFLAG_SI: u32 = 0x20; +pub const EXFLAG_V1: u32 = 0x40; +pub const EXFLAG_INVALID: u32 = 0x80; +pub const EXFLAG_SET: u32 = 0x100; +pub const EXFLAG_CRITICAL: u32 = 0x200; +pub const EXFLAG_PROXY: u32 = 0x400; +pub const EXFLAG_INVALID_POLICY: u32 = 0x800; +pub const EXFLAG_FRESHEST: u32 = 0x1000; +#[cfg(any(ossl102, libressl261))] +pub const EXFLAG_SS: u32 = 0x2000; + +pub const X509v3_KU_DIGITAL_SIGNATURE: u32 = 0x0080; +pub const X509v3_KU_NON_REPUDIATION: u32 = 0x0040; +pub const X509v3_KU_KEY_ENCIPHERMENT: u32 = 0x0020; +pub const X509v3_KU_DATA_ENCIPHERMENT: u32 = 0x0010; +pub const X509v3_KU_KEY_AGREEMENT: u32 = 0x0008; +pub const X509v3_KU_KEY_CERT_SIGN: u32 = 0x0004; +pub const X509v3_KU_CRL_SIGN: u32 = 0x0002; +pub const X509v3_KU_ENCIPHER_ONLY: u32 = 0x0001; +pub const X509v3_KU_DECIPHER_ONLY: u32 = 0x8000; +pub const X509v3_KU_UNDEF: u32 = 0xffff; + +pub const XKU_SSL_SERVER: u32 = 0x1; +pub const XKU_SSL_CLIENT: u32 = 0x2; +pub const XKU_SMIME: u32 = 0x4; +pub const XKU_CODE_SIGN: u32 = 0x8; +pub const XKU_SGC: u32 = 0x10; +pub const XKU_OCSP_SIGN: u32 = 0x20; +pub const XKU_TIMESTAMP: u32 = 0x40; +pub const XKU_DVCS: u32 = 0x80; +#[cfg(ossl110)] +pub const XKU_ANYEKU: u32 = 0x100; + +pub const X509_PURPOSE_SSL_CLIENT: c_int = 1; +pub const X509_PURPOSE_SSL_SERVER: c_int = 2; +pub const X509_PURPOSE_NS_SSL_SERVER: c_int = 3; +pub const X509_PURPOSE_SMIME_SIGN: c_int = 4; +pub const X509_PURPOSE_SMIME_ENCRYPT: c_int = 5; +pub const X509_PURPOSE_CRL_SIGN: c_int = 6; +pub const X509_PURPOSE_ANY: c_int = 7; +pub const X509_PURPOSE_OCSP_HELPER: c_int = 8; +pub const X509_PURPOSE_TIMESTAMP_SIGN: c_int = 9; +pub const X509_PURPOSE_MIN: c_int = 1; +pub const X509_PURPOSE_MAX: c_int = 9; diff --git a/zssp/src/zssp.rs b/zssp/src/zssp.rs index 129d90c69..0429b81ac 100644 --- a/zssp/src/zssp.rs +++ b/zssp/src/zssp.rs @@ -12,10 +12,10 @@ use std::collections::{HashMap, HashSet}; use std::num::NonZeroU64; use std::sync::atomic::{AtomicI64, AtomicU64, Ordering}; -use std::sync::{Arc, Mutex, RwLock, Weak}; +use std::sync::{Arc, Mutex, RwLock, Weak, MutexGuard}; use zerotier_crypto::aes::{Aes, AesGcm}; -use zerotier_crypto::hash::{hmac_sha512, SHA384, SHA384_HASH_SIZE}; +use zerotier_crypto::hash::{hmac_sha512, SHA384, SHA384_HASH_SIZE, hmac_sha512_secret}; use zerotier_crypto::p384::{P384KeyPair, P384PublicKey, P384_ECDH_SHARED_SECRET_SIZE}; use zerotier_crypto::secret::Secret; use zerotier_crypto::{random, secure_eq}; @@ -131,18 +131,18 @@ enum Offer { } struct SessionKey { - ratchet_key: Secret, // Key used in derivation of the next session key - receive_key: Secret, // Receive side AES-GCM key - send_key: Secret, // Send side AES-GCM key - receive_cipher_pool: Mutex>>, // Pool of reusable sending ciphers - send_cipher_pool: Mutex>>, // Pool of reusable receiving ciphers - rekey_at_time: i64, // Rekey at or after this time (ticks) - created_at_counter: u64, // Counter at which session was created - rekey_at_counter: u64, // Rekey at or after this counter - expire_at_counter: u64, // Hard error when this counter value is reached or exceeded - ratchet_count: u64, // Number of rekey events - bob: bool, // Was this side "Bob" in this exchange? - confirmed: bool, // Is this key confirmed by the other side? + ratchet_key: Secret, // Key used in derivation of the next session key + //receive_key: Secret, // Receive side AES-GCM key + //send_key: Secret, // Send side AES-GCM key + receive_cipher_pool: [Mutex>; 4],// Pool of reusable sending ciphers + send_cipher_pool: [Mutex>; 4], // Pool of reusable receiving ciphers + rekey_at_time: i64, // Rekey at or after this time (ticks) + created_at_counter: u64, // Counter at which session was created + rekey_at_counter: u64, // Rekey at or after this counter + expire_at_counter: u64, // Hard error when this counter value is reached or exceeded + ratchet_count: u64, // Number of rekey events + bob: bool, // Was this side "Bob" in this exchange? + confirmed: bool, // Is this key confirmed by the other side? } impl Context { @@ -150,6 +150,7 @@ impl Context { /// /// * `max_incomplete_session_queue_size` - Maximum number of incomplete sessions in negotiation phase pub fn new(max_incomplete_session_queue_size: usize) -> Self { + zerotier_crypto::init(); Self { max_incomplete_session_queue_size, defrag: Mutex::new(HashMap::new()), @@ -313,7 +314,7 @@ impl Context { psk, send_counter: AtomicU64::new(3), // 1 and 2 are reserved for init and final ack receive_window: std::array::from_fn(|_| AtomicU64::new(0)), - header_protection_cipher: Aes::new(header_protection_key.as_bytes()), + header_protection_cipher: Aes::new(&header_protection_key), state: RwLock::new(State { remote_session_id: None, keys: [None, None], @@ -357,8 +358,7 @@ impl Context { // Encrypt and add authentication tag. let mut gcm = AesGcm::new( - kbkdf::(noise_es.as_bytes()).as_bytes(), - true, + &kbkdf::(noise_es.as_bytes()) ); gcm.reset_init_gcm(&create_message_nonce(PACKET_TYPE_ALICE_NOISE_XK_INIT, 1)); gcm.aad(&offer.noise_h); @@ -493,7 +493,7 @@ impl Context { } } else { if let Some(i) = self.sessions.read().unwrap().incoming.get(&local_session_id).cloned() { - Aes::new(i.header_protection_key.as_bytes()) + Aes::new(&i.header_protection_key) .decrypt_block_in_place(&mut incoming_packet[HEADER_PROTECT_ENCRYPT_START..HEADER_PROTECT_ENCRYPT_END]); incoming = Some(i); } else { @@ -616,7 +616,7 @@ impl Context { let current_frag_data_start = data_len; data_len += f.len() - HEADER_SIZE; if data_len > data_buf.len() { - key.return_receive_cipher(c); + drop(c); return Err(Error::DataBufferTooSmall); } c.crypt(&f[HEADER_SIZE..], &mut data_buf[current_frag_data_start..data_len]); @@ -630,14 +630,14 @@ impl Context { } data_len += last_fragment.len() - (HEADER_SIZE + AES_GCM_TAG_SIZE); if data_len > data_buf.len() { - key.return_receive_cipher(c); + drop(c); return Err(Error::DataBufferTooSmall); } let payload_end = last_fragment.len() - AES_GCM_TAG_SIZE; c.crypt(&last_fragment[HEADER_SIZE..payload_end], &mut data_buf[current_frag_data_start..data_len]); let aead_authentication_ok = c.finish_decrypt(&last_fragment[payload_end..]); - key.return_receive_cipher(c); + drop(c); if aead_authentication_ok { if session.update_receive_window(incoming_counter) { @@ -731,8 +731,7 @@ impl Context { // Decrypt and authenticate init packet, also proving that caller knows our static identity. let mut gcm = AesGcm::new( - kbkdf::(noise_es.as_bytes()).as_bytes(), - false, + &kbkdf::(noise_es.as_bytes()) ); gcm.reset_init_gcm(&incoming_message_nonce); gcm.aad(&noise_h); @@ -782,8 +781,7 @@ impl Context { // Encrypt main section of reply and attach tag. let mut gcm = AesGcm::new( - kbkdf::(noise_es_ee.as_bytes()).as_bytes(), - true, + &kbkdf::(noise_es_ee.as_bytes()) ); gcm.reset_init_gcm(&create_message_nonce(PACKET_TYPE_BOB_NOISE_XK_ACK, 1)); gcm.aad(&noise_h_next); @@ -836,7 +834,7 @@ impl Context { Some(alice_session_id), 0, 1, - Some(&Aes::new(header_protection_key.as_bytes())), + Some(&Aes::new(&header_protection_key)), )?; return Ok(ReceiveResult::Ok(session)); @@ -885,8 +883,7 @@ impl Context { // Decrypt and authenticate Bob's reply. let mut gcm = AesGcm::new( - kbkdf::(noise_es_ee.as_bytes()).as_bytes(), - false, + &kbkdf::(noise_es_ee.as_bytes()) ); gcm.reset_init_gcm(&incoming_message_nonce); gcm.aad(&outgoing_offer.noise_h); @@ -931,12 +928,10 @@ impl Context { reply_len = append_to_slice(&mut reply_buffer, reply_len, alice_s_public_blob)?; let mut gcm = AesGcm::new( - kbkdf::(&hmac_sha512( + &kbkdf::(&hmac_sha512( noise_es_ee.as_bytes(), hk.as_bytes(), )) - .as_bytes(), - true, ); gcm.reset_init_gcm(&reply_message_nonce); gcm.aad(&noise_h_next); @@ -954,8 +949,7 @@ impl Context { reply_len = append_to_slice(&mut reply_buffer, reply_len, metadata)?; let mut gcm = AesGcm::new( - kbkdf::(noise_es_ee_se_hk_psk.as_bytes()).as_bytes(), - true, + &kbkdf::(noise_es_ee_se_hk_psk.as_bytes()) ); gcm.reset_init_gcm(&reply_message_nonce); gcm.aad(&noise_h_next); @@ -1082,7 +1076,7 @@ impl Context { psk, send_counter: AtomicU64::new(2), // 1 was already used during negotiation receive_window: std::array::from_fn(|_| AtomicU64::new(0)), - header_protection_cipher: Aes::new(incoming.header_protection_key.as_bytes()), + header_protection_cipher: Aes::new(&incoming.header_protection_key), state: RwLock::new(State { remote_session_id: Some(incoming.alice_session_id), keys: [ @@ -1136,7 +1130,7 @@ impl Context { c.reset_init_gcm(&incoming_message_nonce); c.crypt_in_place(&mut pkt_assembled[RekeyInit::ENC_START..RekeyInit::AUTH_START]); let aead_authentication_ok = c.finish_decrypt(&pkt_assembled[RekeyInit::AUTH_START..]); - key.return_receive_cipher(c); + drop(c); if aead_authentication_ok { let pkt: &RekeyInit = byte_array_as_proto_buffer(&pkt_assembled).unwrap(); @@ -1168,7 +1162,7 @@ impl Context { c.reset_init_gcm(&create_message_nonce(PACKET_TYPE_REKEY_ACK, counter)); c.crypt_in_place(&mut reply_buf[RekeyAck::ENC_START..RekeyAck::AUTH_START]); reply_buf[RekeyAck::AUTH_START..].copy_from_slice(&c.finish_encrypt()); - key.return_send_cipher(c); + drop(c); session .header_protection_cipher @@ -1223,7 +1217,7 @@ impl Context { c.reset_init_gcm(&incoming_message_nonce); c.crypt_in_place(&mut pkt_assembled[RekeyAck::ENC_START..RekeyAck::AUTH_START]); let aead_authentication_ok = c.finish_decrypt(&pkt_assembled[RekeyAck::AUTH_START..]); - key.return_receive_cipher(c); + drop(c); if aead_authentication_ok { let pkt: &RekeyAck = byte_array_as_proto_buffer(&pkt_assembled).unwrap(); @@ -1326,7 +1320,7 @@ impl Session { } debug_assert!(data.is_empty()); - session_key.return_send_cipher(c); + drop(c); return Ok(()); } @@ -1344,7 +1338,7 @@ impl Session { let mut c = session_key.get_send_cipher(counter)?; c.reset_init_gcm(&create_message_nonce(PACKET_TYPE_NOP, counter)); nop[HEADER_SIZE..].copy_from_slice(&c.finish_encrypt()); - session_key.return_send_cipher(c); + drop(c); set_packet_header(&mut nop, 1, 0, PACKET_TYPE_NOP, u64::from(remote_session_id), state.current_key, counter); self.header_protection_cipher .encrypt_block_in_place(&mut nop[HEADER_PROTECT_ENCRYPT_START..HEADER_PROTECT_ENCRYPT_END]); @@ -1391,7 +1385,7 @@ impl Session { gcm.reset_init_gcm(&create_message_nonce(PACKET_TYPE_REKEY_INIT, counter.get())); gcm.crypt_in_place(&mut rekey_buf[RekeyInit::ENC_START..RekeyInit::AUTH_START]); rekey_buf[RekeyInit::AUTH_START..].copy_from_slice(&gcm.finish_encrypt()); - key.return_send_cipher(gcm); + drop(gcm); debug_assert!(rekey_buf.len() <= MIN_TRANSPORT_MTU); set_packet_header( @@ -1404,7 +1398,9 @@ impl Session { counter.get(), ); - drop(state); + //drop(key); + //drop(gcm); + //drop(state); self.header_protection_cipher .encrypt_block_in_place(&mut rekey_buf[HEADER_PROTECT_ENCRYPT_START..HEADER_PROTECT_ENCRYPT_END]); @@ -1567,12 +1563,14 @@ impl SessionKey { } else { (b2a, a2b) }; + let receive_cipher_pool = std::array::from_fn(|_| Mutex::new(AesGcm::new(&receive_key))); + let send_cipher_pool = std::array::from_fn(|_| Mutex::new(AesGcm::new(&send_key))); Self { ratchet_key: kbkdf::(key.as_bytes()), - receive_key, - send_key, - receive_cipher_pool: Mutex::new(Vec::with_capacity(2)), - send_cipher_pool: Mutex::new(Vec::with_capacity(2)), + //receive_key, + //send_key, + receive_cipher_pool, + send_cipher_pool, rekey_at_time: current_time .checked_add( Application::REKEY_AFTER_TIME_MS + ((random::xorshift64_random() as u32) % Application::REKEY_AFTER_TIME_MS_MAX_JITTER) as i64, @@ -1587,38 +1585,26 @@ impl SessionKey { } } - fn get_send_cipher(&self, counter: u64) -> Result, Error> { + fn get_send_cipher<'a>(&'a self, counter: u64) -> Result>, Error> { if counter < self.expire_at_counter { - Ok(self - .send_cipher_pool - .lock() - .unwrap() - .pop() - .unwrap_or_else(|| Box::new(AesGcm::new(self.send_key.as_bytes(), true)))) + for mutex in &self.send_cipher_pool { + if let Ok(guard) = mutex.try_lock() { + return Ok(guard) + } + } + Ok(self.send_cipher_pool[0].lock().unwrap()) } else { - // Not only do we return an error, but we also destroy the key. - let mut scp = self.send_cipher_pool.lock().unwrap(); - scp.clear(); - self.send_key.nuke(); - Err(Error::MaxKeyLifetimeExceeded) } } - fn return_send_cipher(&self, c: Box) { - self.send_cipher_pool.lock().unwrap().push(c); - } - - fn get_receive_cipher(&self) -> Box { - self.receive_cipher_pool - .lock() - .unwrap() - .pop() - .unwrap_or_else(|| Box::new(AesGcm::new(self.receive_key.as_bytes(), false))) - } - - fn return_receive_cipher(&self, c: Box) { - self.receive_cipher_pool.lock().unwrap().push(c); + fn get_receive_cipher<'a>(&'a self) -> MutexGuard<'a, AesGcm> { + for mutex in &self.receive_cipher_pool { + if let Ok(guard) = mutex.try_lock() { + return guard + } + } + self.receive_cipher_pool[0].lock().unwrap() } } @@ -1640,7 +1626,7 @@ impl<'a> PktReader<'a> { fn read_decrypt_auth<'b>(&'b mut self, l: usize, k: Secret, gcm_aad: &[u8], nonce: &[u8]) -> Result<&'b [u8], Error> { let mut tmp = self.1 + l; if (tmp + AES_GCM_TAG_SIZE) <= self.0.len() { - let mut gcm = AesGcm::new(k.as_bytes(), false); + let mut gcm = AesGcm::new(&k); gcm.reset_init_gcm(nonce); gcm.aad(gcm_aad); gcm.crypt_in_place(&mut self.0[self.1..tmp]); @@ -1683,20 +1669,18 @@ fn mix_hash(h: &[u8; SHA384_HASH_SIZE], m: &[u8]) -> [u8; SHA384_HASH_SIZE] { fn kbkdf(key: &[u8]) -> Secret { //These are the values we have assigned to the 5 variables involved in https://csrc.nist.gov/publications/detail/sp/800-108/final: // K_in = key, i = 0x01, Label = 'Z'||'T'||LABEL, Context = 0x00, L = (OUTPUT_BYTES * 8) - Secret::::from_bytes( - &hmac_sha512( - key, - &[ - 1, - b'Z', - b'T', - LABEL, - 0x00, - 0, - (((OUTPUT_BYTES * 8) >> 8) & 0xff) as u8, - ((OUTPUT_BYTES * 8) & 0xff) as u8, - ], - )[..OUTPUT_BYTES], + hmac_sha512_secret( + key, + &[ + 1, + b'Z', + b'T', + LABEL, + 0x00, + 0, + (((OUTPUT_BYTES * 8) >> 8) & 0xff) as u8, + ((OUTPUT_BYTES * 8) & 0xff) as u8, + ], ) }