void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-05 20:13:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

cargo fmt

Browse source 
* using mips64le
* cargo fmt
This commit is contained in:
Sean OMeara 2023-03-10 09:40:26 +01:00 committed by GitHub
parent 2cbc15c5ef
commit 4692193ec4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
53 changed files with 579 additions and 2039 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.drone.jsonnet
View file

@ -1,7 +1,7 @@
local registry = "084037375216.dkr.ecr.us-east-2.amazonaws.com";
local targets = [
{ "os": "linux", "name": "sid", "isas": [ "386", "armv7", "amd64", "arm64" ], "events": [ "push", "tag", "custom" ] },
{ "os": "linux", "name": "sid", "isas": [ "386", "armv7", "amd64", "arm64", "mips64le" ], "events": [ "push", "tag", "custom" ] },
];
local Build(platform, os, isa, events) = {

19
.drone.yml
View file

@ -80,3 +80,22 @@ trigger:
- tag
- custom
type: docker
---
clone:
depth: 1
kind: pipeline
name: sid mips64le build
pull: always
steps:
- commands:
- aws ecr get-login-password --region us-east-2 | docker login --username AWS --password-stdin
084037375216.dkr.ecr.us-east-2.amazonaws.com
- ./ci/scripts/build.sh sid mips64le 100.0.0+${DRONE_COMMIT_SHA:0:8} ${DRONE_BUILD_EVENT}
image: 084037375216.dkr.ecr.us-east-2.amazonaws.com/honda-builder
name: build
trigger:
event:
- push
- tag
- custom
type: docker

6
crypto/build.rs
View file

@ -1,8 +1,4 @@
#![allow(
clippy::inconsistent_digit_grouping,
clippy::uninlined_format_args,
clippy::unusual_byte_groupings
)]
#![allow(clippy::inconsistent_digit_grouping, clippy::uninlined_format_args, clippy::unusual_byte_groupings)]
use std::env;

93
crypto/src/aes_gmac_siv_openssl.rs
View file

@ -5,7 +5,6 @@ use foreign_types::ForeignType;
use crate::{cipher_ctx::CipherCtx, ZEROES};
/// AES-GMAC-SIV encryptor/decryptor.
pub struct AesGmacSiv {
tag: [u8; 16],
@ -50,13 +49,13 @@ impl AesGmacSiv {
self.tag[8..12].fill(0);
let ctx = CipherCtx::new().unwrap();
unsafe {
let t = match self.k0.len() {
16 => ffi::EVP_aes_128_gcm(),
24 => ffi::EVP_aes_192_gcm(),
32 => ffi::EVP_aes_256_gcm(),
_ => panic!("Aes KEY_SIZE must be 16, 24 or 32")
};
unsafe {
let t = match self.k0.len() {
16 => ffi::EVP_aes_128_gcm(),
24 => ffi::EVP_aes_192_gcm(),
32 => ffi::EVP_aes_256_gcm(),
_ => panic!("Aes KEY_SIZE must be 16, 24 or 32"),
};
ctx.cipher_init::<true>(t, self.k0.as_mut_ptr(), self.tag[0..12].as_ptr()).unwrap();
}
let _ = self.gmac.replace(ctx);
@ -107,15 +106,15 @@ impl AesGmacSiv {
let mut tag_tmp = [0_u8; 32];
let ctx = CipherCtx::new().unwrap();
unsafe {
let t = match self.k1.len() {
16 => ffi::EVP_aes_128_ecb(),
24 => ffi::EVP_aes_192_ecb(),
32 => ffi::EVP_aes_256_ecb(),
_ => panic!("Aes KEY_SIZE must be 16, 24 or 32")
};
unsafe {
let t = match self.k1.len() {
16 => ffi::EVP_aes_128_ecb(),
24 => ffi::EVP_aes_192_ecb(),
32 => ffi::EVP_aes_256_ecb(),
_ => panic!("Aes KEY_SIZE must be 16, 24 or 32"),
};
ctx.cipher_init::<true>(t, self.k1.as_mut_ptr(), ptr::null_mut()).unwrap();
ffi::EVP_CIPHER_CTX_set_padding(ctx.as_ptr(), 0);
ffi::EVP_CIPHER_CTX_set_padding(ctx.as_ptr(), 0);
ctx.update::<true>(&self.tag, tag_tmp.as_mut_ptr()).unwrap();
}
self.tag.copy_from_slice(&tag_tmp[0..16]);
@ -124,13 +123,13 @@ impl AesGmacSiv {
self.tmp[12] &= 0x7f;
let ctx = CipherCtx::new().unwrap();
unsafe {
let t = match self.k1.len() {
16 => ffi::EVP_aes_128_ctr(),
24 => ffi::EVP_aes_192_ctr(),
32 => ffi::EVP_aes_256_ctr(),
_ => panic!("Aes KEY_SIZE must be 16, 24 or 32")
};
unsafe {
let t = match self.k1.len() {
16 => ffi::EVP_aes_128_ctr(),
24 => ffi::EVP_aes_192_ctr(),
32 => ffi::EVP_aes_256_ctr(),
_ => panic!("Aes KEY_SIZE must be 16, 24 or 32"),
};
ctx.cipher_init::<true>(t, self.k1.as_mut_ptr(), self.tmp.as_ptr()).unwrap();
}
let _ = self.ctr.replace(ctx);
@ -140,7 +139,7 @@ impl AesGmacSiv {
/// This may be called more than once.
#[inline(always)]
pub fn encrypt_second_pass(&mut self, plaintext: &[u8], ciphertext: &mut [u8]) {
unsafe {
unsafe {
self.ctr.as_mut().unwrap().update::<true>(plaintext, ciphertext.as_mut_ptr()).unwrap();
}
}
@ -149,7 +148,7 @@ impl AesGmacSiv {
/// This may be called more than once.
#[inline(always)]
pub fn encrypt_second_pass_in_place(&mut self, plaintext_to_ciphertext: &mut [u8]) {
unsafe {
unsafe {
let out = plaintext_to_ciphertext.as_mut_ptr();
self.ctr.as_mut().unwrap().update::<true>(plaintext_to_ciphertext, out).unwrap();
}
@ -170,13 +169,13 @@ impl AesGmacSiv {
self.tmp[12] &= 0x7f;
let ctx = CipherCtx::new().unwrap();
unsafe {
let t = match self.k1.len() {
16 => ffi::EVP_aes_128_ctr(),
24 => ffi::EVP_aes_192_ctr(),
32 => ffi::EVP_aes_256_ctr(),
_ => panic!("Aes KEY_SIZE must be 16, 24 or 32")
};
unsafe {
let t = match self.k1.len() {
16 => ffi::EVP_aes_128_ctr(),
24 => ffi::EVP_aes_192_ctr(),
32 => ffi::EVP_aes_256_ctr(),
_ => panic!("Aes KEY_SIZE must be 16, 24 or 32"),
};
ctx.cipher_init::<false>(t, self.k1.as_mut_ptr(), self.tmp.as_ptr()).unwrap();
}
let _ = self.ctr.replace(ctx);
@ -184,28 +183,28 @@ impl AesGmacSiv {
let mut tag_tmp = [0_u8; 32];
let ctx = CipherCtx::new().unwrap();
unsafe {
let t = match self.k1.len() {
16 => ffi::EVP_aes_128_ecb(),
24 => ffi::EVP_aes_192_ecb(),
32 => ffi::EVP_aes_256_ecb(),
_ => panic!("Aes KEY_SIZE must be 16, 24 or 32")
};
unsafe {
let t = match self.k1.len() {
16 => ffi::EVP_aes_128_ecb(),
24 => ffi::EVP_aes_192_ecb(),
32 => ffi::EVP_aes_256_ecb(),
_ => panic!("Aes KEY_SIZE must be 16, 24 or 32"),
};
ctx.cipher_init::<false>(t, self.k1.as_mut_ptr(), ptr::null_mut()).unwrap();
ffi::EVP_CIPHER_CTX_set_padding(ctx.as_ptr(), 0);
ffi::EVP_CIPHER_CTX_set_padding(ctx.as_ptr(), 0);
ctx.update::<false>(&self.tag, tag_tmp.as_mut_ptr()).unwrap();
}
self.tag.copy_from_slice(&tag_tmp[0..16]);
tag_tmp[8..12].fill(0);
let ctx = CipherCtx::new().unwrap();
unsafe {
let t = match self.k0.len() {
16 => ffi::EVP_aes_128_gcm(),
24 => ffi::EVP_aes_192_gcm(),
32 => ffi::EVP_aes_256_gcm(),
_ => panic!("Aes KEY_SIZE must be 16, 24 or 32")
};
unsafe {
let t = match self.k0.len() {
16 => ffi::EVP_aes_128_gcm(),
24 => ffi::EVP_aes_192_gcm(),
32 => ffi::EVP_aes_256_gcm(),
_ => panic!("Aes KEY_SIZE must be 16, 24 or 32"),
};
ctx.cipher_init::<true>(t, self.k0.as_mut_ptr(), self.tag[0..12].as_ptr()).unwrap();
}
let _ = self.gmac.replace(ctx);

22
crypto/src/aes_openssl.rs
View file

@ -1,16 +1,16 @@
// (c) 2020-2022 ZeroTier, Inc. -- currently proprietary pending actual release and licensing. See LICENSE.md.
use std::{ptr, mem::MaybeUninit};
use std::{mem::MaybeUninit, ptr};
use foreign_types::ForeignType;
use crate::{secret::Secret, cipher_ctx::CipherCtx};
use crate::{cipher_ctx::CipherCtx, secret::Secret};
/// An OpenSSL AES_GCM context. Automatically frees itself on drop.
/// The current interface is custom made for ZeroTier, but could easily be adapted for other uses.
/// Whether `ENCRYPT` is true or false decides respectively whether this context encrypts or decrypts.
/// Even though OpenSSL lets you set this dynamically almost no operations work when you do this without resetting the context.
pub struct AesGcm<const ENCRYPT: bool> (CipherCtx);
pub struct AesGcm<const ENCRYPT: bool>(CipherCtx);
impl<const ENCRYPT: bool> AesGcm<ENCRYPT> {
/// Create an AesGcm context with the given key, key must be 16, 24 or 32 bytes long.
@ -22,7 +22,7 @@ impl<const ENCRYPT: bool> AesGcm<ENCRYPT> {
16 => ffi::EVP_aes_128_gcm(),
24 => ffi::EVP_aes_192_gcm(),
32 => ffi::EVP_aes_256_gcm(),
_ => panic!("Aes KEY_SIZE must be 16, 24 or 32")
_ => panic!("Aes KEY_SIZE must be 16, 24 or 32"),
};
ctx.cipher_init::<ENCRYPT>(t, key.as_ptr(), ptr::null()).unwrap();
ffi::EVP_CIPHER_CTX_set_padding(ctx.as_ptr(), 0);
@ -103,7 +103,7 @@ impl Aes {
16 => ffi::EVP_aes_128_ecb(),
24 => ffi::EVP_aes_192_ecb(),
32 => ffi::EVP_aes_256_ecb(),
_ => panic!("Aes KEY_SIZE must be 16, 24 or 32")
_ => panic!("Aes KEY_SIZE must be 16, 24 or 32"),
};
ctx0.cipher_init::<true>(t, key.as_ptr(), ptr::null()).unwrap();
ffi::EVP_CIPHER_CTX_set_padding(ctx0.as_ptr(), 0);
@ -117,14 +117,22 @@ impl Aes {
/// Do not ever encrypt the same plaintext twice. Make sure data is always different between calls.
#[inline(always)]
pub fn encrypt_block_in_place(&self, data: &mut [u8]) {
debug_assert_eq!(data.len(), AES_BLOCK_SIZE, "AesEcb should not be used to encrypt more than one block at a time unless you really know what you are doing.");
debug_assert_eq!(
data.len(),
AES_BLOCK_SIZE,
"AesEcb should not be used to encrypt more than one block at a time unless you really know what you are doing."
);
let ptr = data.as_mut_ptr();
unsafe { self.0.update::<true>(data, ptr).unwrap() }
}
/// Do not ever encrypt the same plaintext twice. Make sure data is always different between calls.
#[inline(always)]
pub fn decrypt_block_in_place(&self, data: &mut [u8]) {
debug_assert_eq!(data.len(), AES_BLOCK_SIZE, "AesEcb should not be used to encrypt more than one block at a time unless you really know what you are doing.");
debug_assert_eq!(
data.len(),
AES_BLOCK_SIZE,
"AesEcb should not be used to encrypt more than one block at a time unless you really know what you are doing."
);
let ptr = data.as_mut_ptr();
unsafe { self.1.update::<false>(data, ptr).unwrap() }
}

2
crypto/src/aes_tests.rs
View file

@ -1,5 +1,3 @@
#[cfg(test)]
mod test {
use crate::aes::AesGcm;

370
crypto/src/bn.rs
View file

@ -8,14 +8,14 @@
//!
//! [`BIGNUM`]: https://wiki.openssl.org/index.php/Manual:Bn_internal(3)
use cfg_if::cfg_if;
use foreign_types::{ForeignType, ForeignTypeRef, foreign_type};
use foreign_types::{foreign_type, ForeignType, ForeignTypeRef};
use libc::c_int;
use std::cmp::Ordering;
use std::ffi::CString;
use std::ops::{Add, Deref, Div, Mul, Neg, Rem, Shl, Shr, Sub};
use std::ptr;
use crate::error::{ErrorStack, cvt, cvt_n, cvt_p};
use crate::error::{cvt, cvt_n, cvt_p, ErrorStack};
cfg_if! {
if #[cfg(any(ossl110, libressl350))] {
@ -72,28 +72,26 @@ foreign_type! {
impl BigNumContext {
/// Returns a new `BigNumContext`.
pub fn new() -> Result<BigNumContext, ErrorStack> {
unsafe {
cvt_p(ffi::BN_CTX_new()).map(|x| BigNumContext::from_ptr(x))
}
unsafe { cvt_p(ffi::BN_CTX_new()).map(|x| BigNumContext::from_ptr(x)) }
}
}
foreign_type! {
/// Dynamically sized large number implementation
///
/// Perform large number mathematics. Create a new BigNum
/// with [`new`]. Perform standard mathematics on large numbers using
/// methods from [`Dref<Target = BigNumRef>`]
///
/// OpenSSL documentation at [`BN_new`].
///
/// [`new`]: struct.BigNum.html#method.new
/// [`Dref<Target = BigNumRef>`]: struct.BigNum.html#deref-methods
/// [`BN_new`]: https://www.openssl.org/docs/man1.1.0/crypto/BN_new.html
pub unsafe type BigNum {
/// Dynamically sized large number implementation
///
/// Perform large number mathematics. Create a new BigNum
/// with [`new`]. Perform standard mathematics on large numbers using
/// methods from [`Dref<Target = BigNumRef>`]
///
/// OpenSSL documentation at [`BN_new`].
///
/// [`new`]: struct.BigNum.html#method.new
/// [`Dref<Target = BigNumRef>`]: struct.BigNum.html#deref-methods
/// [`BN_new`]: https://www.openssl.org/docs/man1.1.0/crypto/BN_new.html
pub unsafe type BigNum {
type CType = ffi::BIGNUM;
fn drop = ffi::BN_free;
}
}
}
impl BigNumRef {
@ -266,30 +264,14 @@ impl BigNumRef {
/// [`constants`]: index.html#constants
#[allow(clippy::useless_conversion)]
pub fn rand(&mut self, bits: i32, msb: MsbOption, odd: bool) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_rand(
self.as_ptr(),
bits.into(),
msb.0,
odd as c_int,
))
.map(|_| ())
}
unsafe { cvt(ffi::BN_rand(self.as_ptr(), bits.into(), msb.0, odd as c_int)).map(|_| ()) }
}
/// The cryptographically weak counterpart to `rand`. Not suitable for key generation.
#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))]
#[allow(clippy::useless_conversion)]
pub fn pseudo_rand(&mut self, bits: i32, msb: MsbOption, odd: bool) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_pseudo_rand(
self.as_ptr(),
bits.into(),
msb.0,
odd as c_int,
))
.map(|_| ())
}
unsafe { cvt(ffi::BN_pseudo_rand(self.as_ptr(), bits.into(), msb.0, odd as c_int)).map(|_| ()) }
}
/// Generates a prime number, placing it in `self`.
@ -300,13 +282,7 @@ impl BigNumRef {
/// * `safe`: If true, returns a "safe" prime `p` so that `(p-1)/2` is also prime.
/// * `add`/`rem`: If `add` is set to `Some(add)`, `p % add == rem` will hold, where `p` is the
/// generated prime and `rem` is `1` if not specified (`None`).
pub fn generate_prime(
&mut self,
bits: i32,
safe: bool,
add: Option<&BigNumRef>,
rem: Option<&BigNumRef>,
) -> Result<(), ErrorStack> {
pub fn generate_prime(&mut self, bits: i32, safe: bool, add: Option<&BigNumRef>, rem: Option<&BigNumRef>) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_generate_prime_ex(
self.as_ptr(),
@ -324,82 +300,26 @@ impl BigNumRef {
/// [`core::ops::Mul`] is also implemented for `BigNumRef`.
///
/// [`core::ops::Mul`]: struct.BigNumRef.html#method.mul
pub fn checked_mul(
&mut self,
a: &BigNumRef,
b: &BigNumRef,
ctx: &mut BigNumContextRef,
) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_mul(
self.as_ptr(),
a.as_ptr(),
b.as_ptr(),
ctx.as_ptr(),
))
.map(|_| ())
}
pub fn checked_mul(&mut self, a: &BigNumRef, b: &BigNumRef, ctx: &mut BigNumContextRef) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_mul(self.as_ptr(), a.as_ptr(), b.as_ptr(), ctx.as_ptr())).map(|_| ()) }
}
/// Places the result of `a / b` in `self`. The remainder is discarded.
/// [`core::ops::Div`] is also implemented for `BigNumRef`.
///
/// [`core::ops::Div`]: struct.BigNumRef.html#method.div
pub fn checked_div(
&mut self,
a: &BigNumRef,
b: &BigNumRef,
ctx: &mut BigNumContextRef,
) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_div(
self.as_ptr(),
ptr::null_mut(),
a.as_ptr(),
b.as_ptr(),
ctx.as_ptr(),
))
.map(|_| ())
}
pub fn checked_div(&mut self, a: &BigNumRef, b: &BigNumRef, ctx: &mut BigNumContextRef) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_div(self.as_ptr(), ptr::null_mut(), a.as_ptr(), b.as_ptr(), ctx.as_ptr())).map(|_| ()) }
}
/// Places the result of `a % b` in `self`.
pub fn checked_rem(
&mut self,
a: &BigNumRef,
b: &BigNumRef,
ctx: &mut BigNumContextRef,
) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_div(
ptr::null_mut(),
self.as_ptr(),
a.as_ptr(),
b.as_ptr(),
ctx.as_ptr(),
))
.map(|_| ())
}
pub fn checked_rem(&mut self, a: &BigNumRef, b: &BigNumRef, ctx: &mut BigNumContextRef) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_div(ptr::null_mut(), self.as_ptr(), a.as_ptr(), b.as_ptr(), ctx.as_ptr())).map(|_| ()) }
}
/// Places the result of `a / b` in `self` and `a % b` in `rem`.
pub fn div_rem(
&mut self,
rem: &mut BigNumRef,
a: &BigNumRef,
b: &BigNumRef,
ctx: &mut BigNumContextRef,
) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_div(
self.as_ptr(),
rem.as_ptr(),
a.as_ptr(),
b.as_ptr(),
ctx.as_ptr(),
))
.map(|_| ())
}
pub fn div_rem(&mut self, rem: &mut BigNumRef, a: &BigNumRef, b: &BigNumRef, ctx: &mut BigNumContextRef) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_div(self.as_ptr(), rem.as_ptr(), a.as_ptr(), b.as_ptr(), ctx.as_ptr())).map(|_| ()) }
}
/// Places the result of `a²` in `self`.
@ -409,173 +329,48 @@ impl BigNumRef {
/// Places the result of `a mod m` in `self`. As opposed to `div_rem`
/// the result is non-negative.
pub fn nnmod(
&mut self,
a: &BigNumRef,
m: &BigNumRef,
ctx: &mut BigNumContextRef,
) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_nnmod(
self.as_ptr(),
a.as_ptr(),
m.as_ptr(),
ctx.as_ptr(),
))
.map(|_| ())
}
pub fn nnmod(&mut self, a: &BigNumRef, m: &BigNumRef, ctx: &mut BigNumContextRef) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_nnmod(self.as_ptr(), a.as_ptr(), m.as_ptr(), ctx.as_ptr())).map(|_| ()) }
}
/// Places the result of `(a + b) mod m` in `self`.
pub fn mod_add(
&mut self,
a: &BigNumRef,
b: &BigNumRef,
m: &BigNumRef,
ctx: &mut BigNumContextRef,
) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_mod_add(
self.as_ptr(),
a.as_ptr(),
b.as_ptr(),
m.as_ptr(),
ctx.as_ptr(),
))
.map(|_| ())
}
pub fn mod_add(&mut self, a: &BigNumRef, b: &BigNumRef, m: &BigNumRef, ctx: &mut BigNumContextRef) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_mod_add(self.as_ptr(), a.as_ptr(), b.as_ptr(), m.as_ptr(), ctx.as_ptr())).map(|_| ()) }
}
/// Places the result of `(a - b) mod m` in `self`.
pub fn mod_sub(
&mut self,
a: &BigNumRef,
b: &BigNumRef,
m: &BigNumRef,
ctx: &mut BigNumContextRef,
) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_mod_sub(
self.as_ptr(),
a.as_ptr(),
b.as_ptr(),
m.as_ptr(),
ctx.as_ptr(),
))
.map(|_| ())
}
pub fn mod_sub(&mut self, a: &BigNumRef, b: &BigNumRef, m: &BigNumRef, ctx: &mut BigNumContextRef) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_mod_sub(self.as_ptr(), a.as_ptr(), b.as_ptr(), m.as_ptr(), ctx.as_ptr())).map(|_| ()) }
}
/// Places the result of `(a * b) mod m` in `self`.
pub fn mod_mul(
&mut self,
a: &BigNumRef,
b: &BigNumRef,
m: &BigNumRef,
ctx: &mut BigNumContextRef,
) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_mod_mul(
self.as_ptr(),
a.as_ptr(),
b.as_ptr(),
m.as_ptr(),
ctx.as_ptr(),
))
.map(|_| ())
}
pub fn mod_mul(&mut self, a: &BigNumRef, b: &BigNumRef, m: &BigNumRef, ctx: &mut BigNumContextRef) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_mod_mul(self.as_ptr(), a.as_ptr(), b.as_ptr(), m.as_ptr(), ctx.as_ptr())).map(|_| ()) }
}
/// Places the result of `a² mod m` in `self`.
pub fn mod_sqr(
&mut self,
a: &BigNumRef,
m: &BigNumRef,
ctx: &mut BigNumContextRef,
) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_mod_sqr(
self.as_ptr(),
a.as_ptr(),
m.as_ptr(),
ctx.as_ptr(),
))
.map(|_| ())
}
pub fn mod_sqr(&mut self, a: &BigNumRef, m: &BigNumRef, ctx: &mut BigNumContextRef) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_mod_sqr(self.as_ptr(), a.as_ptr(), m.as_ptr(), ctx.as_ptr())).map(|_| ()) }
}
/// Places the result of `a^p` in `self`.
pub fn exp(
&mut self,
a: &BigNumRef,
p: &BigNumRef,
ctx: &mut BigNumContextRef,
) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_exp(
self.as_ptr(),
a.as_ptr(),
p.as_ptr(),
ctx.as_ptr(),
))
.map(|_| ())
}
pub fn exp(&mut self, a: &BigNumRef, p: &BigNumRef, ctx: &mut BigNumContextRef) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_exp(self.as_ptr(), a.as_ptr(), p.as_ptr(), ctx.as_ptr())).map(|_| ()) }
}
/// Places the result of `a^p mod m` in `self`.
pub fn mod_exp(
&mut self,
a: &BigNumRef,
p: &BigNumRef,
m: &BigNumRef,
ctx: &mut BigNumContextRef,
) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_mod_exp(
self.as_ptr(),
a.as_ptr(),
p.as_ptr(),
m.as_ptr(),
ctx.as_ptr(),
))
.map(|_| ())
}
pub fn mod_exp(&mut self, a: &BigNumRef, p: &BigNumRef, m: &BigNumRef, ctx: &mut BigNumContextRef) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_mod_exp(self.as_ptr(), a.as_ptr(), p.as_ptr(), m.as_ptr(), ctx.as_ptr())).map(|_| ()) }
}
/// Places the inverse of `a` modulo `n` in `self`.
pub fn mod_inverse(
&mut self,
a: &BigNumRef,
n: &BigNumRef,
ctx: &mut BigNumContextRef,
) -> Result<(), ErrorStack> {
unsafe {
cvt_p(ffi::BN_mod_inverse(
self.as_ptr(),
a.as_ptr(),
n.as_ptr(),
ctx.as_ptr(),
))
.map(|_| ())
}
pub fn mod_inverse(&mut self, a: &BigNumRef, n: &BigNumRef, ctx: &mut BigNumContextRef) -> Result<(), ErrorStack> {
unsafe { cvt_p(ffi::BN_mod_inverse(self.as_ptr(), a.as_ptr(), n.as_ptr(), ctx.as_ptr())).map(|_| ()) }
}
/// Places the greatest common denominator of `a` and `b` in `self`.
pub fn gcd(
&mut self,
a: &BigNumRef,
b: &BigNumRef,
ctx: &mut BigNumContextRef,
) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::BN_gcd(
self.as_ptr(),
a.as_ptr(),
b.as_ptr(),
ctx.as_ptr(),
))
.map(|_| ())
}
pub fn gcd(&mut self, a: &BigNumRef, b: &BigNumRef, ctx: &mut BigNumContextRef) -> Result<(), ErrorStack> {
unsafe { cvt(ffi::BN_gcd(self.as_ptr(), a.as_ptr(), b.as_ptr(), ctx.as_ptr())).map(|_| ()) }
}
/// Checks whether `self` is prime.
@ -588,15 +383,7 @@ impl BigNumRef {
#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))]
#[allow(clippy::useless_conversion)]
pub fn is_prime(&self, checks: i32, ctx: &mut BigNumContextRef) -> Result<bool, ErrorStack> {
unsafe {
cvt_n(ffi::BN_is_prime_ex(
self.as_ptr(),
checks.into(),
ctx.as_ptr(),
ptr::null_mut(),
))
.map(|r| r != 0)
}
unsafe { cvt_n(ffi::BN_is_prime_ex(self.as_ptr(), checks.into(), ctx.as_ptr(), ptr::null_mut())).map(|r| r != 0) }
}
/// Checks whether `self` is prime with optional trial division.
@ -610,12 +397,7 @@ impl BigNumRef {
/// Returns `true` if `self` is prime with an error probability of less than `0.25 ^ checks`.
#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))]
#[allow(clippy::useless_conversion)]
pub fn is_prime_fasttest(
&self,
checks: i32,
ctx: &mut BigNumContextRef,
do_trial_division: bool,
) -> Result<bool, ErrorStack> {
pub fn is_prime_fasttest(&self, checks: i32, ctx: &mut BigNumContextRef, do_trial_division: bool) -> Result<bool, ErrorStack> {
unsafe {
cvt_n(ffi::BN_is_prime_fasttest_ex(
self.as_ptr(),
@ -645,10 +427,11 @@ impl BigNumRef {
///
/// `self` can be recreated by using `from_slice`.
pub fn to_bytes(&self, buf: &mut [u8]) -> Result<usize, ErrorStack> {
debug_assert!(buf.len() >= self.num_bytes() as usize, "The buffer must be at least as large as the BigNum, see BigNum::num_bytes()");
unsafe {
cvt_n(ffi::BN_bn2bin(self.as_ptr(), buf.as_mut_ptr())).map(|x| x as usize)
}
debug_assert!(
buf.len() >= self.num_bytes() as usize,
"The buffer must be at least as large as the BigNum, see BigNum::num_bytes()"
);
unsafe { cvt_n(ffi::BN_bn2bin(self.as_ptr(), buf.as_mut_ptr())).map(|x| x as usize) }
}
/// Returns a big-endian byte vector representation of the absolute value of `self` padded
@ -713,9 +496,7 @@ impl BigNum {
/// Creates a new `BigNum` with the given value.
pub fn from_u32(n: u32) -> Result<BigNum, ErrorStack> {
BigNum::new().and_then(|v| unsafe {
cvt(ffi::BN_set_word(v.as_ptr(), n as ffi::BN_ULONG)).map(|_| v)
})
BigNum::new().and_then(|v| unsafe { cvt(ffi::BN_set_word(v.as_ptr(), n as ffi::BN_ULONG)).map(|_| v) })
}
/// Creates a `BigNum` from a decimal string.
@ -745,9 +526,7 @@ impl BigNum {
/// [`RFC 2409`]: https://tools.ietf.org/html/rfc2409#page-21
#[cfg(not(boringssl))]
pub fn get_rfc2409_prime_768() -> Result<BigNum, ErrorStack> {
unsafe {
cvt_p(BN_get_rfc2409_prime_768(ptr::null_mut())).map(|x| BigNum::from_ptr(x))
}
unsafe { cvt_p(BN_get_rfc2409_prime_768(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) }
}
/// Returns a constant used in IKE as defined in [`RFC 2409`]. This prime number is in
@ -757,9 +536,7 @@ impl BigNum {
/// [`RFC 2409`]: https://tools.ietf.org/html/rfc2409#page-21
#[cfg(not(boringssl))]
pub fn get_rfc2409_prime_1024() -> Result<BigNum, ErrorStack> {
unsafe {
cvt_p(BN_get_rfc2409_prime_1024(ptr::null_mut())).map(|x| BigNum::from_ptr(x))
}
unsafe { cvt_p(BN_get_rfc2409_prime_1024(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) }
}
/// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order
@ -769,9 +546,7 @@ impl BigNum {
/// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-3
#[cfg(not(boringssl))]
pub fn get_rfc3526_prime_1536() -> Result<BigNum, ErrorStack> {
unsafe {
cvt_p(BN_get_rfc3526_prime_1536(ptr::null_mut())).map(|x| BigNum::from_ptr(x))
}
unsafe { cvt_p(BN_get_rfc3526_prime_1536(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) }
}
/// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order
@ -781,9 +556,7 @@ impl BigNum {
/// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-3
#[cfg(not(boringssl))]
pub fn get_rfc3526_prime_2048() -> Result<BigNum, ErrorStack> {
unsafe {
cvt_p(BN_get_rfc3526_prime_2048(ptr::null_mut())).map(|x| BigNum::from_ptr(x))
}
unsafe { cvt_p(BN_get_rfc3526_prime_2048(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) }
}
/// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order
@ -793,9 +566,7 @@ impl BigNum {
/// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-4
#[cfg(not(boringssl))]
pub fn get_rfc3526_prime_3072() -> Result<BigNum, ErrorStack> {
unsafe {
cvt_p(BN_get_rfc3526_prime_3072(ptr::null_mut())).map(|x| BigNum::from_ptr(x))
}
unsafe { cvt_p(BN_get_rfc3526_prime_3072(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) }
}
/// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order
@ -805,9 +576,7 @@ impl BigNum {
/// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-4
#[cfg(not(boringssl))]
pub fn get_rfc3526_prime_4096() -> Result<BigNum, ErrorStack> {
unsafe {
cvt_p(BN_get_rfc3526_prime_4096(ptr::null_mut())).map(|x| BigNum::from_ptr(x))
}
unsafe { cvt_p(BN_get_rfc3526_prime_4096(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) }
}
/// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order
@ -817,9 +586,7 @@ impl BigNum {
/// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-6
#[cfg(not(boringssl))]
pub fn get_rfc3526_prime_6144() -> Result<BigNum, ErrorStack> {
unsafe {
cvt_p(BN_get_rfc3526_prime_6144(ptr::null_mut())).map(|x| BigNum::from_ptr(x))
}
unsafe { cvt_p(BN_get_rfc3526_prime_6144(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) }
}
/// Returns a constant used in IKE as defined in [`RFC 3526`]. The prime is in the order
@ -829,9 +596,7 @@ impl BigNum {
/// [`RFC 3526`]: https://tools.ietf.org/html/rfc3526#page-6
#[cfg(not(boringssl))]
pub fn get_rfc3526_prime_8192() -> Result<BigNum, ErrorStack> {
unsafe {
cvt_p(BN_get_rfc3526_prime_8192(ptr::null_mut())).map(|x| BigNum::from_ptr(x))
}
unsafe { cvt_p(BN_get_rfc3526_prime_8192(ptr::null_mut())).map(|x| BigNum::from_ptr(x)) }
}
/// Creates a new `BigNum` from an unsigned, big-endian encoded number of arbitrary length.
@ -843,12 +608,7 @@ impl BigNum {
unsafe {
assert!(n.len() <= c_int::max_value() as usize);
cvt_p(ffi::BN_bin2bn(
n.as_ptr(),
n.len() as c_int,
ptr::null_mut(),
))
.map(|p| BigNum::from_ptr(p))
cvt_p(ffi::BN_bin2bn(n.as_ptr(), n.len() as c_int, ptr::null_mut())).map(|p| BigNum::from_ptr(p))
}
}
@ -866,7 +626,6 @@ impl BigNum {
}
}
impl PartialEq<BigNumRef> for BigNumRef {
fn eq(&self, oth: &BigNumRef) -> bool {
self.cmp(oth) == Ordering::Equal
@ -1086,7 +845,10 @@ impl Neg for BigNum {
#[cfg(test)]
mod tests {
use crate::{bn::{BigNum, BigNumContext}, init};
use crate::{
bn::{BigNum, BigNumContext},
init,
};
#[test]
fn test_to_from_slice() {

64
crypto/src/cipher_ctx.rs
View file

@ -1,8 +1,7 @@
use std::ptr;
use crate::error::{ErrorStack, cvt_p, cvt};
use foreign_types::{ForeignType, foreign_type, ForeignTypeRef};
use crate::error::{cvt, cvt_p, ErrorStack};
use foreign_types::{foreign_type, ForeignType, ForeignTypeRef};
use libc::c_int;
foreign_type! {
@ -22,23 +21,19 @@ impl CipherCtx {
}
}
impl CipherCtxRef {
/// Initializes the context for encryption or decryption.
/// All pointer fields can be null, in which case the corresponding field in the context is not updated.
pub unsafe fn cipher_init<const ENCRYPT: bool>(&self, t: *const ffi::EVP_CIPHER, key: *const u8, iv: *const u8) -> Result<(), ErrorStack>{
let evp_f = if ENCRYPT { ffi::EVP_EncryptInit_ex } else { ffi::EVP_DecryptInit_ex };
pub unsafe fn cipher_init<const ENCRYPT: bool>(&self, t: *const ffi::EVP_CIPHER, key: *const u8, iv: *const u8) -> Result<(), ErrorStack> {
let evp_f = if ENCRYPT {
ffi::EVP_EncryptInit_ex
} else {
ffi::EVP_DecryptInit_ex
};
cvt(evp_f(
self.as_ptr(),
t,
ptr::null_mut(),
key,
iv,
))?;
cvt(evp_f(self.as_ptr(), t, ptr::null_mut(), key, iv))?;
Ok(())
}
/// Writes data into the context.
///
/// Providing no output buffer will cause the input to be considered additional authenticated data (AAD).
@ -54,27 +49,20 @@ impl CipherCtxRef {
/// ciphers the output buffer size should be at least as big as
/// the input buffer. For block ciphers the size of the output
/// buffer depends on the state of partially updated blocks.
pub unsafe fn update<const ENCRYPT: bool>(
&self,
input: &[u8],
output: *mut u8,
) -> Result<(), ErrorStack> {
let evp_f = if ENCRYPT { ffi::EVP_EncryptUpdate } else { ffi::EVP_DecryptUpdate };
pub unsafe fn update<const ENCRYPT: bool>(&self, input: &[u8], output: *mut u8) -> Result<(), ErrorStack> {
let evp_f = if ENCRYPT {
ffi::EVP_EncryptUpdate
} else {
ffi::EVP_DecryptUpdate
};
let mut outlen = 0;
cvt(evp_f(
self.as_ptr(),
output,
&mut outlen,
input.as_ptr(),
input.len() as c_int,
))?;
cvt(evp_f(self.as_ptr(), output, &mut outlen, input.as_ptr(), input.len() as c_int))?;
Ok(())
}
/// Finalizes the encryption or decryption process.
///
/// Any remaining data will be written to the output buffer.
@ -88,18 +76,15 @@ impl CipherCtxRef {
/// large enough to contain correct number of bytes. For streaming
/// ciphers the output buffer can be empty, for block ciphers the
/// output buffer should be at least as big as the block.
pub unsafe fn finalize<const ENCRYPT: bool>(
&self,
output: *mut u8,
) -> Result<(), ErrorStack> {
let evp_f = if ENCRYPT { ffi::EVP_EncryptFinal_ex } else { ffi::EVP_DecryptFinal_ex };
pub unsafe fn finalize<const ENCRYPT: bool>(&self, output: *mut u8) -> Result<(), ErrorStack> {
let evp_f = if ENCRYPT {
ffi::EVP_EncryptFinal_ex
} else {
ffi::EVP_DecryptFinal_ex
};
let mut outl = 0;
cvt(evp_f(
self.as_ptr(),
output,
&mut outl,
))?;
cvt(evp_f(self.as_ptr(), output, &mut outl))?;
Ok(())
}
@ -111,7 +96,6 @@ impl CipherCtxRef {
/// The size of the buffer indicates the size of the tag. While some ciphers support a range of tag sizes, it is
/// recommended to pick the maximum size.
pub fn tag(&self, tag: &mut [u8]) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::EVP_CIPHER_CTX_ctrl(
self.as_ptr(),
@ -141,8 +125,8 @@ impl CipherCtxRef {
#[cfg(test)]
mod test {
use crate::init;
use super::*;
use crate::init;
#[test]
fn aes_128_ecb() {

106
crypto/src/ec.rs
View file

@ -1,10 +1,8 @@
use std::ptr;
use foreign_types::{ForeignType, foreign_type, ForeignTypeRef};
use crate::bn::{BigNumContext, BigNumRef, BigNumContextRef};
use crate::error::{ErrorStack, cvt_p, cvt, cvt_n};
use crate::bn::{BigNumContext, BigNumContextRef, BigNumRef};
use crate::error::{cvt, cvt_n, cvt_p, ErrorStack};
use foreign_types::{foreign_type, ForeignType, ForeignTypeRef};
foreign_type! {
#[derive(Clone)]
@ -52,62 +50,31 @@ impl EcKey {
pub fn generate(group: &EcGroupRef) -> Result<EcKey, ErrorStack> {
unsafe {
cvt_p(ffi::EC_KEY_new())
.map(|p| EcKey::from_ptr(p))
.and_then(|key| {
cvt(ffi::EC_KEY_set_group(key.as_ptr(), group.as_ptr())).map(|_| key)
})
.and_then(|key| cvt(ffi::EC_KEY_generate_key(key.as_ptr())).map(|_| key))
.map(|p| EcKey::from_ptr(p))
.and_then(|key| cvt(ffi::EC_KEY_set_group(key.as_ptr(), group.as_ptr())).map(|_| key))
.and_then(|key| cvt(ffi::EC_KEY_generate_key(key.as_ptr())).map(|_| key))
}
}
/// Constructs an `EcKey` from the specified group with the associated [`EcPoint`]: `public_key`.
///
/// This will only have the associated `public_key`.
pub fn from_public_key(
group: &EcGroupRef,
public_key: &EcPointRef,
) -> Result<EcKey, ErrorStack> {
pub fn from_public_key(group: &EcGroupRef, public_key: &EcPointRef) -> Result<EcKey, ErrorStack> {
unsafe {
cvt_p(ffi::EC_KEY_new())
.map(|p| EcKey::from_ptr(p))
.and_then(|key| {
cvt(ffi::EC_KEY_set_group(key.as_ptr(), group.as_ptr())).map(|_| key)
})
.and_then(|key| {
cvt(ffi::EC_KEY_set_public_key(
key.as_ptr(),
public_key.as_ptr(),
))
.map(|_| key)
})
.map(|p| EcKey::from_ptr(p))
.and_then(|key| cvt(ffi::EC_KEY_set_group(key.as_ptr(), group.as_ptr())).map(|_| key))
.and_then(|key| cvt(ffi::EC_KEY_set_public_key(key.as_ptr(), public_key.as_ptr())).map(|_| key))
}
}
/// Constructs an public/private key pair given a curve, a private key and a public key point.
pub fn from_private_components(
group: &EcGroupRef,
private_number: &BigNumRef,
public_key: &EcPointRef,
) -> Result<EcKey, ErrorStack> {
pub fn from_private_components(group: &EcGroupRef, private_number: &BigNumRef, public_key: &EcPointRef) -> Result<EcKey, ErrorStack> {
unsafe {
cvt_p(ffi::EC_KEY_new())
.map(|p| EcKey::from_ptr(p))
.and_then(|key| {
cvt(ffi::EC_KEY_set_group(key.as_ptr(), group.as_ptr())).map(|_| key)
})
.and_then(|key| {
cvt(ffi::EC_KEY_set_private_key(
key.as_ptr(),
private_number.as_ptr(),
))
.map(|_| key)
})
.and_then(|key| {
cvt(ffi::EC_KEY_set_public_key(
key.as_ptr(),
public_key.as_ptr(),
))
.map(|_| key)
})
.map(|p| EcKey::from_ptr(p))
.and_then(|key| cvt(ffi::EC_KEY_set_group(key.as_ptr(), group.as_ptr())).map(|_| key))
.and_then(|key| cvt(ffi::EC_KEY_set_private_key(key.as_ptr(), private_number.as_ptr())).map(|_| key))
.and_then(|key| cvt(ffi::EC_KEY_set_public_key(key.as_ptr(), public_key.as_ptr())).map(|_| key))
}
}
}
@ -118,11 +85,7 @@ impl EcPoint {
unsafe { cvt_p(ffi::EC_POINT_new(group.as_ptr())).map(|x| EcPoint::from_ptr(x)) }
}
/// Creates point from a binary representation
pub fn from_bytes(
group: &EcGroupRef,
buf: &[u8],
ctx: &mut BigNumContext,
) -> Result<EcPoint, ErrorStack> {
pub fn from_bytes(group: &EcGroupRef, buf: &[u8], ctx: &mut BigNumContext) -> Result<EcPoint, ErrorStack> {
let point = EcPoint::new(group)?;
unsafe {
cvt(ffi::EC_POINT_oct2point(
@ -139,33 +102,14 @@ impl EcPoint {
impl EcPointRef {
/// Serializes the point to a binary representation.
pub fn to_bytes(
&self,
group: &EcGroupRef,
form: ffi::point_conversion_form_t,
ctx: &BigNumContextRef,
) -> Result<Vec<u8>, ErrorStack> {
pub fn to_bytes(&self, group: &EcGroupRef, form: ffi::point_conversion_form_t, ctx: &BigNumContextRef) -> Result<Vec<u8>, ErrorStack> {
unsafe {
let len = ffi::EC_POINT_point2oct(
group.as_ptr(),
self.as_ptr(),
form,
ptr::null_mut(),
0,
ctx.as_ptr(),
);
let len = ffi::EC_POINT_point2oct(group.as_ptr(), self.as_ptr(), form, ptr::null_mut(), 0, ctx.as_ptr());
if len == 0 {
return Err(ErrorStack::get());
}
let mut buf = vec![0; len];
let len = ffi::EC_POINT_point2oct(
group.as_ptr(),
self.as_ptr(),
form,
buf.as_mut_ptr(),
len,
ctx.as_ptr(),
);
let len = ffi::EC_POINT_point2oct(group.as_ptr(), self.as_ptr(), form, buf.as_mut_ptr(), len, ctx.as_ptr());
if len == 0 {
Err(ErrorStack::get())
} else {
@ -174,17 +118,9 @@ impl EcPointRef {
}
}
/// Checks if point is on a given curve
pub fn is_on_curve(
&self,
group: &EcGroupRef,
ctx: &BigNumContextRef,
) -> Result<bool, ErrorStack> {
pub fn is_on_curve(&self, group: &EcGroupRef, ctx: &BigNumContextRef) -> Result<bool, ErrorStack> {
unsafe {
let res = cvt_n(ffi::EC_POINT_is_on_curve(
group.as_ptr(),
self.as_ptr(),
ctx.as_ptr(),
))?;
let res = cvt_n(ffi::EC_POINT_is_on_curve(group.as_ptr(), self.as_ptr(), ctx.as_ptr()))?;
Ok(res == 1)
}
}

36
crypto/src/error.rs
View file

@ -1,4 +1,3 @@
use cfg_if::cfg_if;
use libc::{c_char, c_int};
use std::borrow::Cow;
@ -127,13 +126,7 @@ impl Error {
Some(ShimStr::new(func))
};
Some(Error {
code,
file,
line,
func,
data,
})
Some(Error { code, file, line, func, data })
}
}
}
@ -147,11 +140,7 @@ impl Error {
let data = match self.data {
Some(Cow::Borrowed(data)) => Some((data.as_ptr() as *mut c_char, 0)),
Some(Cow::Owned(ref data)) => {
let ptr = ffi::CRYPTO_malloc(
(data.len() + 1) as _,
concat!(file!(), "\0").as_ptr() as _,
line!() as _,
) as *mut c_char;
let ptr = ffi::CRYPTO_malloc((data.len() + 1) as _, concat!(file!(), "\0").as_ptr() as _, line!() as _) as *mut c_char;
if ptr.is_null() {
None
} else {
@ -172,16 +161,8 @@ impl Error {
fn put_error(&self) {
unsafe {
ffi::ERR_new();
ffi::ERR_set_debug(
self.file.as_ptr(),
self.line,
self.func.as_ref().map_or(ptr::null(), |s| s.as_ptr()),
);
ffi::ERR_set_error(
ffi::ERR_GET_LIB(self.code),
ffi::ERR_GET_REASON(self.code),
ptr::null(),
);
ffi::ERR_set_debug(self.file.as_ptr(), self.line, self.func.as_ref().map_or(ptr::null(), |s| s.as_ptr()));
ffi::ERR_set_error(ffi::ERR_GET_LIB(self.code), ffi::ERR_GET_REASON(self.code), ptr::null());
}
}
@ -273,13 +254,7 @@ impl fmt::Display for Error {
Some(r) => write!(fmt, ":{}", r)?,
None => write!(fmt, ":reason({})", ffi::ERR_GET_REASON(self.code()))?,
}
write!(
fmt,
":{}:{}:{}",
self.file(),
self.line(),
self.data().unwrap_or("")
)
write!(fmt, ":{}:{}:{}", self.file(), self.line(), self.data().unwrap_or(""))
}
}
@ -345,7 +320,6 @@ cfg_if! {
}
}
#[inline]
pub fn cvt_p<T>(r: *mut T) -> Result<*mut T, ErrorStack> {
if r.is_null() {

12
crypto/src/lib.rs
View file

@ -1,14 +1,13 @@
mod error;
mod cipher_ctx;
mod bn;
mod cipher_ctx;
mod ec;
mod error;
pub mod secret;
pub mod random;
pub mod hash;
pub mod mimcvdf;
pub mod p384;
pub mod random;
pub mod secret;
pub mod poly1305;
pub mod salsa;
@ -31,9 +30,6 @@ pub use aes_gmac_siv_fruity as aes_gmac_siv;
#[cfg(not(target_os = "macos"))]
pub use aes_gmac_siv_openssl as aes_gmac_siv;
/// This must be called before using any function from this library.
pub fn init() {
ffi::init();

233
crypto/src/p384.rs
View file

@ -1,4 +1,3 @@
#![allow(
dead_code,
mutable_transmutes,
@ -18,13 +17,13 @@ pub const P384_ECDH_SHARED_SECRET_SIZE: usize = 48;
#[cfg(not(target_feature = "builtin_nist_ecc"))]
mod openssl_based {
use std::convert::TryInto;
use std::{mem, ptr};
use std::os::raw::{c_int, c_ulong, c_void};
use std::{mem, ptr};
use foreign_types::{ForeignType, ForeignTypeRef};
use lazy_static::lazy_static;
use crate::bn::{BigNum, BigNumContext};
use crate::ec::{EcGroup, EcKey, EcPoint, EcPointRef};
use foreign_types::{ForeignType, ForeignTypeRef};
use lazy_static::lazy_static;
use crate::error::cvt_p;
use crate::hash::SHA384;
@ -39,9 +38,7 @@ mod openssl_based {
}
lazy_static! {
pub(crate) static ref GROUP_P384: EcGroup = unsafe {
EcGroup::from_ptr(cvt_p(ffi::EC_GROUP_new_by_curve_name(ffi::NID_secp384r1)).unwrap())
};
pub(crate) static ref GROUP_P384: EcGroup = unsafe { EcGroup::from_ptr(cvt_p(ffi::EC_GROUP_new_by_curve_name(ffi::NID_secp384r1)).unwrap()) };
}
/// A NIST P-384 ECDH/ECDSA public key.
@ -55,8 +52,8 @@ mod openssl_based {
fn new_from_point(key: &EcPointRef) -> Self {
let mut bnc = BigNumContext::new().unwrap();
let kb = key
.to_bytes(&GROUP_P384, ffi::point_conversion_form_t::POINT_CONVERSION_COMPRESSED, &bnc)
.unwrap();
.to_bytes(&GROUP_P384, ffi::point_conversion_form_t::POINT_CONVERSION_COMPRESSED, &bnc)
.unwrap();
let mut bytes = [0_u8; 49];
bytes[(49 - kb.len())..].copy_from_slice(kb.as_slice());
Self {
@ -96,12 +93,7 @@ mod openssl_based {
let data = &SHA384::hash(msg);
return ffi::ECDSA_do_verify(
data.as_ptr(),
data.len() as c_int,
sig,
self.key.as_ptr(),
) == 1
return ffi::ECDSA_do_verify(data.as_ptr(), data.len() as c_int, sig, self.key.as_ptr()) == 1;
}
}
}
@ -146,13 +138,13 @@ mod openssl_based {
if let Ok(private) = BigNum::from_slice(secret_bytes) {
if let Ok(pair) = EcKey::from_private_components(&GROUP_P384, &private, public.key.public_key()) {
if pair.check_key().is_ok() {
return Some(Self { pair, public })
return Some(Self { pair, public });
}
}
}
}
}
return None
return None;
}
pub fn public_key(&self) -> &P384PublicKey {
@ -174,11 +166,7 @@ mod openssl_based {
pub fn sign(&self, msg: &[u8]) -> [u8; P384_ECDSA_SIGNATURE_SIZE] {
let data = &SHA384::hash(msg);
unsafe {
let sig = ffi::ECDSA_do_sign(
data.as_ptr(),
data.len() as c_int,
self.pair.as_ref().as_ptr(),
);
let sig = ffi::ECDSA_do_sign(data.as_ptr(), data.len() as c_int, self.pair.as_ref().as_ptr());
assert!(!sig.is_null());
let mut r = ptr::null();
@ -186,7 +174,7 @@ mod openssl_based {
ffi::ECDSA_SIG_get0(sig, &mut r, &mut s);
let r_len = ((ffi::BN_num_bits(r) + 7) / 8) as usize;
let s_len = ((ffi::BN_num_bits(s) + 7) / 8) as usize;
const CAP: usize = P384_ECDSA_SIGNATURE_SIZE/2;
const CAP: usize = P384_ECDSA_SIGNATURE_SIZE / 2;
assert!(r_len > 0 && s_len > 0 && r_len <= CAP && s_len <= CAP);
let mut b = [0_u8; P384_ECDSA_SIGNATURE_SIZE];
@ -194,7 +182,6 @@ mod openssl_based {
ffi::BN_bn2bin(s, b[(P384_ECDSA_SIGNATURE_SIZE - s_len)..P384_ECDSA_SIGNATURE_SIZE].as_mut_ptr());
b
}
}
/// Perform ECDH key agreement, returning the raw (un-hashed!) ECDH secret.
@ -267,49 +254,49 @@ mod builtin {
pub y: [u64; 6],
}
static mut curve_p: [uint64_t; 6] = [
0xffffffff as libc::c_uint as uint64_t,
0xffffffff00000000 as libc::c_ulong,
0xfffffffffffffffe as libc::c_ulong,
0xffffffffffffffff as libc::c_ulong,
0xffffffffffffffff as libc::c_ulong,
0xffffffffffffffff as libc::c_ulong,
0xffffffff as libc::c_uint as uint64_t,
0xffffffff00000000 as libc::c_ulong,
0xfffffffffffffffe as libc::c_ulong,
0xffffffffffffffff as libc::c_ulong,
0xffffffffffffffff as libc::c_ulong,
0xffffffffffffffff as libc::c_ulong,
];
static mut curve_b: [uint64_t; 6] = [
0x2a85c8edd3ec2aef as libc::c_long as uint64_t,
0xc656398d8a2ed19d as libc::c_ulong,
0x314088f5013875a as libc::c_long as uint64_t,
0x181d9c6efe814112 as libc::c_long as uint64_t,
0x988e056be3f82d19 as libc::c_ulong,
0xb3312fa7e23ee7e4 as libc::c_ulong,
0x2a85c8edd3ec2aef as libc::c_long as uint64_t,
0xc656398d8a2ed19d as libc::c_ulong,
0x314088f5013875a as libc::c_long as uint64_t,
0x181d9c6efe814112 as libc::c_long as uint64_t,
0x988e056be3f82d19 as libc::c_ulong,
0xb3312fa7e23ee7e4 as libc::c_ulong,
];
static mut curve_G: EccPoint = {
let mut init = EccPoint {
x: [
0x3a545e3872760ab7 as libc::c_long as uint64_t,
0x5502f25dbf55296c as libc::c_long as uint64_t,
0x59f741e082542a38 as libc::c_long as uint64_t,
0x6e1d3b628ba79b98 as libc::c_long as uint64_t,
0x8eb1c71ef320ad74 as libc::c_ulong,
0xaa87ca22be8b0537 as libc::c_ulong,
0x3a545e3872760ab7 as libc::c_long as uint64_t,
0x5502f25dbf55296c as libc::c_long as uint64_t,
0x59f741e082542a38 as libc::c_long as uint64_t,
0x6e1d3b628ba79b98 as libc::c_long as uint64_t,
0x8eb1c71ef320ad74 as libc::c_ulong,
0xaa87ca22be8b0537 as libc::c_ulong,
],
y: [
0x7a431d7c90ea0e5f as libc::c_long as uint64_t,
0xa60b1ce1d7e819d as libc::c_long as uint64_t,
0xe9da3113b5f0b8c0 as libc::c_ulong,
0xf8f41dbd289a147c as libc::c_ulong,
0x5d9e98bf9292dc29 as libc::c_long as uint64_t,
0x3617de4a96262c6f as libc::c_long as uint64_t,
0x7a431d7c90ea0e5f as libc::c_long as uint64_t,
0xa60b1ce1d7e819d as libc::c_long as uint64_t,
0xe9da3113b5f0b8c0 as libc::c_ulong,
0xf8f41dbd289a147c as libc::c_ulong,
0x5d9e98bf9292dc29 as libc::c_long as uint64_t,
0x3617de4a96262c6f as libc::c_long as uint64_t,
],
};
init
};
static mut curve_n: [uint64_t; 6] = [
0xecec196accc52973 as libc::c_ulong,
0x581a0db248b0a77a as libc::c_long as uint64_t,
0xc7634d81f4372ddf as libc::c_ulong,
0xffffffffffffffff as libc::c_ulong,
0xffffffffffffffff as libc::c_ulong,
0xffffffffffffffff as libc::c_ulong,
0xecec196accc52973 as libc::c_ulong,
0x581a0db248b0a77a as libc::c_long as uint64_t,
0xc7634d81f4372ddf as libc::c_ulong,
0xffffffffffffffff as libc::c_ulong,
0xffffffffffffffff as libc::c_ulong,
0xffffffffffffffff as libc::c_ulong,
];
unsafe fn getRandomNumber(mut p_vli: *mut uint64_t) -> libc::c_int {
@ -342,7 +329,7 @@ mod builtin {
unsafe fn vli_testBit(mut p_vli: *mut uint64_t, mut p_bit: uint) -> uint64_t {
return *p_vli.offset(p_bit.wrapping_div(64 as libc::c_int as libc::c_uint) as isize)
& (1 as libc::c_int as uint64_t) << p_bit.wrapping_rem(64 as libc::c_int as libc::c_uint);
& (1 as libc::c_int as uint64_t) << p_bit.wrapping_rem(64 as libc::c_int as libc::c_uint);
}
/* Counts the number of 64-bit "digits" in p_vli. */
@ -372,9 +359,9 @@ mod builtin {
i = i.wrapping_add(1)
}
return l_numDigits
.wrapping_sub(1 as libc::c_int as libc::c_uint)
.wrapping_mul(64 as libc::c_int as libc::c_uint)
.wrapping_add(i);
.wrapping_sub(1 as libc::c_int as libc::c_uint)
.wrapping_mul(64 as libc::c_int as libc::c_uint)
.wrapping_add(i);
}
/* Sets p_dest = p_src. */
@ -442,8 +429,8 @@ mod builtin {
i = 0 as libc::c_int as uint;
while i < (48 as libc::c_int / 8 as libc::c_int) as libc::c_uint {
let mut l_sum: uint64_t = (*p_left.offset(i as isize))
.wrapping_add(*p_right.offset(i as isize))
.wrapping_add(l_carry);
.wrapping_add(*p_right.offset(i as isize))
.wrapping_add(l_carry);
if l_sum != *p_left.offset(i as isize) {
l_carry = (l_sum < *p_left.offset(i as isize)) as libc::c_int as uint64_t
}
@ -460,8 +447,8 @@ mod builtin {
i = 0 as libc::c_int as uint;
while i < (48 as libc::c_int / 8 as libc::c_int) as libc::c_uint {
let mut l_diff: uint64_t = (*p_left.offset(i as isize))
.wrapping_sub(*p_right.offset(i as isize))
.wrapping_sub(l_borrow);
.wrapping_sub(*p_right.offset(i as isize))
.wrapping_sub(l_borrow);
if l_diff != *p_left.offset(i as isize) {
l_borrow = (l_diff > *p_left.offset(i as isize)) as libc::c_int as uint64_t
}
@ -484,12 +471,12 @@ mod builtin {
0 as libc::c_int as libc::c_uint
} else {
k.wrapping_add(1 as libc::c_int as libc::c_uint)
.wrapping_sub((48 as libc::c_int / 8 as libc::c_int) as libc::c_uint)
.wrapping_sub((48 as libc::c_int / 8 as libc::c_int) as libc::c_uint)
};
i = l_min;
while i <= k && i < (48 as libc::c_int / 8 as libc::c_int) as libc::c_uint {
let mut l_product: uint128_t =
(*p_left.offset(i as isize) as uint128_t).wrapping_mul(*p_right.offset(k.wrapping_sub(i) as isize) as u128);
(*p_left.offset(i as isize) as uint128_t).wrapping_mul(*p_right.offset(k.wrapping_sub(i) as isize) as u128);
r01 = (r01 as u128).wrapping_add(l_product) as uint128_t as uint128_t;
r2 = (r2 as libc::c_ulong).wrapping_add((r01 < l_product) as libc::c_int as libc::c_ulong) as uint64_t as uint64_t;
i = i.wrapping_add(1)
@ -514,12 +501,12 @@ mod builtin {
0 as libc::c_int as libc::c_uint
} else {
k.wrapping_add(1 as libc::c_int as libc::c_uint)
.wrapping_sub((48 as libc::c_int / 8 as libc::c_int) as libc::c_uint)
.wrapping_sub((48 as libc::c_int / 8 as libc::c_int) as libc::c_uint)
};
i = l_min;
while i <= k && i <= k.wrapping_sub(i) {
let mut l_product: uint128_t =
(*p_left.offset(i as isize) as uint128_t).wrapping_mul(*p_left.offset(k.wrapping_sub(i) as isize) as u128);
(*p_left.offset(i as isize) as uint128_t).wrapping_mul(*p_left.offset(k.wrapping_sub(i) as isize) as u128);
if i < k.wrapping_sub(i) {
r2 = (r2 as u128).wrapping_add(l_product >> 127 as libc::c_int) as uint64_t as uint64_t;
l_product = (l_product as u128).wrapping_mul(2 as libc::c_int as u128) as uint128_t as uint128_t
@ -606,17 +593,12 @@ mod builtin {
let mut i: uint = 0; /* p = c0 */
vli_clear(l_tmp.as_mut_ptr());
vli_clear(l_tmp.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize));
omega_mult(
l_tmp.as_mut_ptr(),
p_product.offset((48 as libc::c_int / 8 as libc::c_int) as isize),
);
omega_mult(l_tmp.as_mut_ptr(), p_product.offset((48 as libc::c_int / 8 as libc::c_int) as isize));
vli_clear(p_product.offset((48 as libc::c_int / 8 as libc::c_int) as isize));
/* (c1, c0) = c0 + w * c1 */
i = 0 as libc::c_int as uint;
while i < (48 as libc::c_int / 8 as libc::c_int + 3 as libc::c_int) as libc::c_uint {
let mut l_sum: uint64_t = (*p_product.offset(i as isize))
.wrapping_add(l_tmp[i as usize])
.wrapping_add(l_carry);
let mut l_sum: uint64_t = (*p_product.offset(i as isize)).wrapping_add(l_tmp[i as usize]).wrapping_add(l_carry);
if l_sum != *p_product.offset(i as isize) {
l_carry = (l_sum < *p_product.offset(i as isize)) as libc::c_int as uint64_t
}
@ -678,8 +660,8 @@ mod builtin {
vli_rshift1(u.as_mut_ptr());
if l_carry != 0 {
u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] =
(u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong
| 0x8000000000000000 as libc::c_ulonglong) as uint64_t
(u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong
| 0x8000000000000000 as libc::c_ulonglong) as uint64_t
}
} else if b[0 as libc::c_int as usize] & 1 as libc::c_int as libc::c_ulong == 0 {
vli_rshift1(b.as_mut_ptr());
@ -689,8 +671,8 @@ mod builtin {
vli_rshift1(v.as_mut_ptr());
if l_carry != 0 {
v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] =
(v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong
| 0x8000000000000000 as libc::c_ulonglong) as uint64_t
(v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong
| 0x8000000000000000 as libc::c_ulonglong) as uint64_t
}
} else if l_cmpResult > 0 as libc::c_int {
vli_sub(a.as_mut_ptr(), a.as_mut_ptr(), b.as_mut_ptr());
@ -705,8 +687,8 @@ mod builtin {
vli_rshift1(u.as_mut_ptr());
if l_carry != 0 {
u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] =
(u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong
| 0x8000000000000000 as libc::c_ulonglong) as uint64_t
(u[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong
| 0x8000000000000000 as libc::c_ulonglong) as uint64_t
}
} else {
vli_sub(b.as_mut_ptr(), b.as_mut_ptr(), a.as_mut_ptr());
@ -721,8 +703,8 @@ mod builtin {
vli_rshift1(v.as_mut_ptr());
if l_carry != 0 {
v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] =
(v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong
| 0x8000000000000000 as libc::c_ulonglong) as uint64_t
(v[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] as libc::c_ulonglong
| 0x8000000000000000 as libc::c_ulonglong) as uint64_t
}
}
}
@ -862,12 +844,7 @@ mod builtin {
vli_set(X1, t7.as_mut_ptr());
}
unsafe fn EccPoint_mult(
mut p_result: *mut EccPoint,
mut p_point: *mut EccPoint,
mut p_scalar: *mut uint64_t,
mut p_initialZ: *mut uint64_t,
) {
unsafe fn EccPoint_mult(mut p_result: *mut EccPoint, mut p_point: *mut EccPoint, mut p_scalar: *mut uint64_t, mut p_initialZ: *mut uint64_t) {
/* R0 and R1 */
let mut Rx: [[uint64_t; 6]; 2] = std::mem::MaybeUninit::uninit().assume_init();
let mut Ry: [[uint64_t; 6]; 2] = std::mem::MaybeUninit::uninit().assume_init();
@ -941,17 +918,17 @@ mod builtin {
while i < (48 as libc::c_int / 8 as libc::c_int) as libc::c_uint {
let mut p_digit: *const uint8_t = p_bytes.offset(
(8 as libc::c_int as libc::c_uint)
.wrapping_mul(((48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as libc::c_uint).wrapping_sub(i))
as isize,
.wrapping_mul(((48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as libc::c_uint).wrapping_sub(i))
as isize,
);
*p_native.offset(i as isize) = (*p_digit.offset(0 as libc::c_int as isize) as uint64_t) << 56 as libc::c_int
| (*p_digit.offset(1 as libc::c_int as isize) as uint64_t) << 48 as libc::c_int
| (*p_digit.offset(2 as libc::c_int as isize) as uint64_t) << 40 as libc::c_int
| (*p_digit.offset(3 as libc::c_int as isize) as uint64_t) << 32 as libc::c_int
| (*p_digit.offset(4 as libc::c_int as isize) as uint64_t) << 24 as libc::c_int
| (*p_digit.offset(5 as libc::c_int as isize) as uint64_t) << 16 as libc::c_int
| (*p_digit.offset(6 as libc::c_int as isize) as uint64_t) << 8 as libc::c_int
| *p_digit.offset(7 as libc::c_int as isize) as uint64_t;
| (*p_digit.offset(1 as libc::c_int as isize) as uint64_t) << 48 as libc::c_int
| (*p_digit.offset(2 as libc::c_int as isize) as uint64_t) << 40 as libc::c_int
| (*p_digit.offset(3 as libc::c_int as isize) as uint64_t) << 32 as libc::c_int
| (*p_digit.offset(4 as libc::c_int as isize) as uint64_t) << 24 as libc::c_int
| (*p_digit.offset(5 as libc::c_int as isize) as uint64_t) << 16 as libc::c_int
| (*p_digit.offset(6 as libc::c_int as isize) as uint64_t) << 8 as libc::c_int
| *p_digit.offset(7 as libc::c_int as isize) as uint64_t;
i = i.wrapping_add(1)
}
}
@ -962,8 +939,8 @@ mod builtin {
while i < (48 as libc::c_int / 8 as libc::c_int) as libc::c_uint {
let mut p_digit: *mut uint8_t = p_bytes.offset(
(8 as libc::c_int as libc::c_uint)
.wrapping_mul(((48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as libc::c_uint).wrapping_sub(i))
as isize,
.wrapping_mul(((48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as libc::c_uint).wrapping_sub(i))
as isize,
);
*p_digit.offset(0 as libc::c_int as isize) = (*p_native.offset(i as isize) >> 56 as libc::c_int) as uint8_t;
*p_digit.offset(1 as libc::c_int as isize) = (*p_native.offset(i as isize) >> 48 as libc::c_int) as uint8_t;
@ -1016,7 +993,7 @@ mod builtin {
);
mod_sqrt((*p_point).y.as_mut_ptr());
if (*p_point).y[0 as libc::c_int as usize] & 0x1 as libc::c_int as libc::c_ulong
!= (*p_compressed.offset(0 as libc::c_int as isize) as libc::c_int & 0x1 as libc::c_int) as libc::c_ulong
!= (*p_compressed.offset(0 as libc::c_int as isize) as libc::c_int & 0x1 as libc::c_int) as libc::c_ulong
{
vli_sub((*p_point).y.as_mut_ptr(), curve_p.as_mut_ptr(), (*p_point).y.as_mut_ptr());
};
@ -1046,20 +1023,12 @@ mod builtin {
}
}
ecc_native2bytes(p_privateKey, l_private.as_mut_ptr() as *const uint64_t);
ecc_native2bytes(
p_publicKey.offset(1 as libc::c_int as isize),
l_public.x.as_mut_ptr() as *const uint64_t,
);
*p_publicKey.offset(0 as libc::c_int as isize) = (2 as libc::c_int as libc::c_ulong)
.wrapping_add(l_public.y[0 as libc::c_int as usize] & 0x1 as libc::c_int as libc::c_ulong)
as uint8_t;
ecc_native2bytes(p_publicKey.offset(1 as libc::c_int as isize), l_public.x.as_mut_ptr() as *const uint64_t);
*p_publicKey.offset(0 as libc::c_int as isize) =
(2 as libc::c_int as libc::c_ulong).wrapping_add(l_public.y[0 as libc::c_int as usize] & 0x1 as libc::c_int as libc::c_ulong) as uint8_t;
return 1 as libc::c_int;
}
pub unsafe fn ecdh_shared_secret(
mut p_publicKey: *const uint8_t,
mut p_privateKey: *const uint8_t,
mut p_secret: *mut uint8_t,
) -> libc::c_int {
pub unsafe fn ecdh_shared_secret(mut p_publicKey: *const uint8_t, mut p_privateKey: *const uint8_t, mut p_secret: *mut uint8_t) -> libc::c_int {
let mut l_public: EccPoint = std::mem::MaybeUninit::uninit().assume_init();
let mut l_private: [uint64_t; 6] = std::mem::MaybeUninit::uninit().assume_init();
let mut l_random: [uint64_t; 6] = std::mem::MaybeUninit::uninit().assume_init();
@ -1086,9 +1055,8 @@ mod builtin {
vli_mult(l_product.as_mut_ptr(), p_left, p_right);
l_productBits = vli_numBits(l_product.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize));
if l_productBits != 0 {
l_productBits = (l_productBits as libc::c_uint)
.wrapping_add((48 as libc::c_int / 8 as libc::c_int * 64 as libc::c_int) as libc::c_uint)
as uint as uint
l_productBits = (l_productBits as libc::c_uint).wrapping_add((48 as libc::c_int / 8 as libc::c_int * 64 as libc::c_int) as libc::c_uint)
as uint as uint
} else {
l_productBits = vli_numBits(l_product.as_mut_ptr())
}
@ -1101,15 +1069,11 @@ mod builtin {
power of two possible while still resulting in a number less than p_left. */
vli_clear(l_modMultiple.as_mut_ptr());
vli_clear(l_modMultiple.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize));
l_digitShift = l_productBits
.wrapping_sub(l_modBits)
.wrapping_div(64 as libc::c_int as libc::c_uint);
l_bitShift = l_productBits
.wrapping_sub(l_modBits)
.wrapping_rem(64 as libc::c_int as libc::c_uint);
l_digitShift = l_productBits.wrapping_sub(l_modBits).wrapping_div(64 as libc::c_int as libc::c_uint);
l_bitShift = l_productBits.wrapping_sub(l_modBits).wrapping_rem(64 as libc::c_int as libc::c_uint);
if l_bitShift != 0 {
l_modMultiple[l_digitShift.wrapping_add((48 as libc::c_int / 8 as libc::c_int) as libc::c_uint) as usize] =
vli_lshift(l_modMultiple.as_mut_ptr().offset(l_digitShift as isize), p_mod, l_bitShift)
vli_lshift(l_modMultiple.as_mut_ptr().offset(l_digitShift as isize), p_mod, l_bitShift)
} else {
vli_set(l_modMultiple.as_mut_ptr().offset(l_digitShift as isize), p_mod);
}
@ -1117,14 +1081,14 @@ mod builtin {
vli_clear(p_result); /* Use p_result as a temp var to store 1 (for subtraction) */
*p_result.offset(0 as libc::c_int as isize) = 1 as libc::c_int as uint64_t;
while l_productBits > (48 as libc::c_int / 8 as libc::c_int * 64 as libc::c_int) as libc::c_uint
|| vli_cmp(l_modMultiple.as_mut_ptr(), p_mod) >= 0 as libc::c_int
|| vli_cmp(l_modMultiple.as_mut_ptr(), p_mod) >= 0 as libc::c_int
{
let mut l_cmp: libc::c_int = vli_cmp(
l_modMultiple.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize),
l_product.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize),
);
if l_cmp < 0 as libc::c_int
|| l_cmp == 0 as libc::c_int && vli_cmp(l_modMultiple.as_mut_ptr(), l_product.as_mut_ptr()) <= 0 as libc::c_int
|| l_cmp == 0 as libc::c_int && vli_cmp(l_modMultiple.as_mut_ptr(), l_product.as_mut_ptr()) <= 0 as libc::c_int
{
if vli_sub(l_product.as_mut_ptr(), l_product.as_mut_ptr(), l_modMultiple.as_mut_ptr()) != 0 {
/* borrow */
@ -1141,7 +1105,7 @@ mod builtin {
);
}
let mut l_carry: uint64_t =
(l_modMultiple[(48 as libc::c_int / 8 as libc::c_int) as usize] & 0x1 as libc::c_int as libc::c_ulong) << 63 as libc::c_int;
(l_modMultiple[(48 as libc::c_int / 8 as libc::c_int) as usize] & 0x1 as libc::c_int as libc::c_ulong) << 63 as libc::c_int;
vli_rshift1(l_modMultiple.as_mut_ptr().offset((48 as libc::c_int / 8 as libc::c_int) as isize));
vli_rshift1(l_modMultiple.as_mut_ptr());
l_modMultiple[(48 as libc::c_int / 8 as libc::c_int - 1 as libc::c_int) as usize] |= l_carry;
@ -1193,11 +1157,7 @@ mod builtin {
ecc_native2bytes(p_signature.offset(48 as libc::c_int as isize), l_s.as_mut_ptr() as *const uint64_t);
return 1 as libc::c_int;
}
pub unsafe fn ecdsa_verify(
mut p_publicKey: *const uint8_t,
mut p_hash: *const uint8_t,
mut p_signature: *const uint8_t,
) -> libc::c_int {
pub unsafe fn ecdsa_verify(mut p_publicKey: *const uint8_t, mut p_hash: *const uint8_t, mut p_signature: *const uint8_t) -> libc::c_int {
let mut u1: [uint64_t; 6] = std::mem::MaybeUninit::uninit().assume_init();
let mut u2: [uint64_t; 6] = std::mem::MaybeUninit::uninit().assume_init();
let mut z: [uint64_t; 6] = std::mem::MaybeUninit::uninit().assume_init();
@ -1217,8 +1177,7 @@ mod builtin {
/* r, s must not be 0. */
return 0 as libc::c_int;
}
if vli_cmp(curve_n.as_mut_ptr(), l_r.as_mut_ptr()) != 1 as libc::c_int
|| vli_cmp(curve_n.as_mut_ptr(), l_s.as_mut_ptr()) != 1 as libc::c_int
if vli_cmp(curve_n.as_mut_ptr(), l_r.as_mut_ptr()) != 1 as libc::c_int || vli_cmp(curve_n.as_mut_ptr(), l_s.as_mut_ptr()) != 1 as libc::c_int
{
/* r, s must be < n. */
return 0 as libc::c_int;
@ -1240,10 +1199,10 @@ mod builtin {
/* Use Shamir's trick to calculate u1*G + u2*Q */
let mut l_points: [*mut EccPoint; 4] = [0 as *mut EccPoint, &mut curve_G, &mut l_public, &mut l_sum]; /* Z = x2 - x1 */
let mut l_numBits: uint = umax(vli_numBits(u1.as_mut_ptr()), vli_numBits(u2.as_mut_ptr())); /* Z = 1/Z */
let mut l_point: *mut EccPoint = l_points[((vli_testBit(u1.as_mut_ptr(), l_numBits.wrapping_sub(1 as libc::c_int as libc::c_uint))
!= 0) as libc::c_int
| ((vli_testBit(u2.as_mut_ptr(), l_numBits.wrapping_sub(1 as libc::c_int as libc::c_uint)) != 0) as libc::c_int)
<< 1 as libc::c_int) as usize];
let mut l_point: *mut EccPoint = l_points[((vli_testBit(u1.as_mut_ptr(), l_numBits.wrapping_sub(1 as libc::c_int as libc::c_uint)) != 0)
as libc::c_int
| ((vli_testBit(u2.as_mut_ptr(), l_numBits.wrapping_sub(1 as libc::c_int as libc::c_uint)) != 0) as libc::c_int) << 1 as libc::c_int)
as usize];
vli_set(rx.as_mut_ptr(), (*l_point).x.as_mut_ptr());
vli_set(ry.as_mut_ptr(), (*l_point).y.as_mut_ptr());
vli_clear(z.as_mut_ptr());
@ -1253,7 +1212,7 @@ mod builtin {
while i >= 0 as libc::c_int {
EccPoint_double_jacobian(rx.as_mut_ptr(), ry.as_mut_ptr(), z.as_mut_ptr());
let mut l_index: libc::c_int = (vli_testBit(u1.as_mut_ptr(), i as uint) != 0) as libc::c_int
| ((vli_testBit(u2.as_mut_ptr(), i as uint) != 0) as libc::c_int) << 1 as libc::c_int;
| ((vli_testBit(u2.as_mut_ptr(), i as uint) != 0) as libc::c_int) << 1 as libc::c_int;
let mut l_point_0: *mut EccPoint = l_points[l_index as usize];
if !l_point_0.is_null() {
vli_set(tx.as_mut_ptr(), (*l_point_0).x.as_mut_ptr());
@ -1363,7 +1322,7 @@ pub use openssl_based::*;
#[cfg(test)]
mod tests {
use crate::{p384::P384KeyPair, secure_eq, init};
use crate::{init, p384::P384KeyPair, secure_eq};
#[test]
fn generate_sign_verify_agree() {

12
crypto/src/poly1305.rs
View file

@ -20,12 +20,12 @@ mod tests {
use crate::poly1305::*;
const TV0_INPUT: [u8; 32] = [
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
];
const TV0_KEY: [u8; 32] = [
0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x33, 0x32, 0x2d, 0x62, 0x79, 0x74, 0x65, 0x20, 0x6b, 0x65, 0x79, 0x20, 0x66, 0x6f,
0x72, 0x20, 0x50, 0x6f, 0x6c, 0x79, 0x31, 0x33, 0x30, 0x35,
0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x33, 0x32, 0x2d, 0x62, 0x79, 0x74, 0x65, 0x20, 0x6b, 0x65, 0x79, 0x20, 0x66, 0x6f, 0x72,
0x20, 0x50, 0x6f, 0x6c, 0x79, 0x31, 0x33, 0x30, 0x35,
];
const TV0_TAG: [u8; 16] = [
0x49, 0xec, 0x78, 0x09, 0x0e, 0x48, 0x1e, 0xc6, 0xc2, 0x6b, 0x33, 0xb9, 0x1c, 0xcc, 0x03, 0x07,
@ -33,8 +33,8 @@ mod tests {
const TV1_INPUT: [u8; 12] = [0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x20, 0x77, 0x6f, 0x72, 0x6c, 0x64, 0x21];
const TV1_KEY: [u8; 32] = [
0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x33, 0x32, 0x2d, 0x62, 0x79, 0x74, 0x65, 0x20, 0x6b, 0x65, 0x79, 0x20, 0x66, 0x6f,
0x72, 0x20, 0x50, 0x6f, 0x6c, 0x79, 0x31, 0x33, 0x30, 0x35,
0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x33, 0x32, 0x2d, 0x62, 0x79, 0x74, 0x65, 0x20, 0x6b, 0x65, 0x79, 0x20, 0x66, 0x6f, 0x72,
0x20, 0x50, 0x6f, 0x6c, 0x79, 0x31, 0x33, 0x30, 0x35,
];
const TV1_TAG: [u8; 16] = [
0xa6, 0xf7, 0x45, 0x00, 0x8f, 0x81, 0xc9, 0x16, 0xa2, 0x0d, 0xcc, 0x74, 0xee, 0xf2, 0xb2, 0xf0,

4
crypto/src/random.rs
View file

@ -1,9 +1,8 @@
use std::sync::atomic::{AtomicU64, Ordering};
use libc::c_int;
use crate::error::{ErrorStack, cvt};
use crate::error::{cvt, ErrorStack};
/// Fill buffer with cryptographically strong pseudo-random bytes.
fn rand_bytes(buf: &mut [u8]) -> Result<(), ErrorStack> {
@ -13,7 +12,6 @@ fn rand_bytes(buf: &mut [u8]) -> Result<(), ErrorStack> {
}
}
pub fn next_u32_secure() -> u32 {
unsafe {
let mut tmp = [0u32; 1];

10
crypto/src/salsa.rs
View file

@ -242,14 +242,14 @@ mod tests {
use crate::salsa::*;
const SALSA_20_TV0_KEY: [u8; 32] = [
0x0f, 0x62, 0xb5, 0x08, 0x5b, 0xae, 0x01, 0x54, 0xa7, 0xfa, 0x4d, 0xa0, 0xf3, 0x46, 0x99, 0xec, 0x3f, 0x92, 0xe5, 0x38, 0x8b, 0xde,
0x31, 0x84, 0xd7, 0x2a, 0x7d, 0xd0, 0x23, 0x76, 0xc9, 0x1c,
0x0f, 0x62, 0xb5, 0x08, 0x5b, 0xae, 0x01, 0x54, 0xa7, 0xfa, 0x4d, 0xa0, 0xf3, 0x46, 0x99, 0xec, 0x3f, 0x92, 0xe5, 0x38, 0x8b, 0xde, 0x31,
0x84, 0xd7, 0x2a, 0x7d, 0xd0, 0x23, 0x76, 0xc9, 0x1c,
];
const SALSA_20_TV0_IV: [u8; 8] = [0x28, 0x8f, 0xf6, 0x5d, 0xc4, 0x2b, 0x92, 0xf9];
const SALSA_20_TV0_KS: [u8; 64] = [
0x5e, 0x5e, 0x71, 0xf9, 0x01, 0x99, 0x34, 0x03, 0x04, 0xab, 0xb2, 0x2a, 0x37, 0xb6, 0x62, 0x5b, 0xf8, 0x83, 0xfb, 0x89, 0xce, 0x3b,
0x21, 0xf5, 0x4a, 0x10, 0xb8, 0x10, 0x66, 0xef, 0x87, 0xda, 0x30, 0xb7, 0x76, 0x99, 0xaa, 0x73, 0x79, 0xda, 0x59, 0x5c, 0x77, 0xdd,
0x59, 0x54, 0x2d, 0xa2, 0x08, 0xe5, 0x95, 0x4f, 0x89, 0xe4, 0x0e, 0xb7, 0xaa, 0x80, 0xa8, 0x4a, 0x61, 0x76, 0x66, 0x3f,
0x5e, 0x5e, 0x71, 0xf9, 0x01, 0x99, 0x34, 0x03, 0x04, 0xab, 0xb2, 0x2a, 0x37, 0xb6, 0x62, 0x5b, 0xf8, 0x83, 0xfb, 0x89, 0xce, 0x3b, 0x21,
0xf5, 0x4a, 0x10, 0xb8, 0x10, 0x66, 0xef, 0x87, 0xda, 0x30, 0xb7, 0x76, 0x99, 0xaa, 0x73, 0x79, 0xda, 0x59, 0x5c, 0x77, 0xdd, 0x59, 0x54,
0x2d, 0xa2, 0x08, 0xe5, 0x95, 0x4f, 0x89, 0xe4, 0x0e, 0xb7, 0xaa, 0x80, 0xa8, 0x4a, 0x61, 0x76, 0x66, 0x3f,
];
#[test]

6
crypto/src/secret.rs
View file

@ -1,6 +1,6 @@
// (c) 2020-2022 ZeroTier, Inc. -- currently proprietary pending actual release and licensing. See LICENSE.md.
use std::{ffi::c_void, convert::TryInto};
use std::{convert::TryInto, ffi::c_void};
extern "C" {
fn OPENSSL_cleanse(ptr: *mut c_void, len: usize);
@ -35,13 +35,13 @@ impl<const L: usize> Secret<L> {
/// Copy bytes into secret, then nuke the previous value, will panic if the slice does not match the size of this secret.
#[inline(always)]
pub fn from_bytes_then_nuke(b: &mut [u8]) -> Self {
let ret = Self (b.try_into().unwrap());
let ret = Self(b.try_into().unwrap());
unsafe { OPENSSL_cleanse(b.as_mut_ptr().cast(), L) };
ret
}
#[inline(always)]
pub unsafe fn from_bytes(b: &[u8]) -> Self {
Self (b.try_into().unwrap())
Self(b.try_into().unwrap())
}
#[inline(always)]

15
openssl-sys/build/find_normal.rs
View file

@ -144,10 +144,7 @@ Ways to fix it:
}
}
if host.contains("unknown-linux")
&& target.contains("unknown-linux-gnu")
&& Command::new("pkg-config").output().is_err()
{
if host.contains("unknown-linux") && target.contains("unknown-linux-gnu") && Command::new("pkg-config").output().is_err() {
msg.push_str(
"
It looks like you're compiling on Linux and also targeting Linux. Currently this
@ -208,10 +205,7 @@ fn try_pkg_config() {
return;
}
let lib = match pkg_config::Config::new()
.print_system_libs(false)
.probe("openssl")
{
let lib = match pkg_config::Config::new().print_system_libs(false).probe("openssl") {
Ok(lib) => lib,
Err(e) => {
println!("run pkg_config fail: {:?}", e);
@ -237,10 +231,7 @@ fn try_vcpkg() {
// vcpkg will not emit any metadata if it can not find libraries
// appropriate for the target triple with the desired linkage.
let lib = match vcpkg::Config::new()
.emit_includes(true)
.find_package("openssl")
{
let lib = match vcpkg::Config::new().emit_includes(true).find_package("openssl") {
Ok(lib) => lib,
Err(e) => {
println!("note: vcpkg did not find openssl: {}", e);

10
openssl-sys/build/find_vendored.rs
View file

@ -4,13 +4,7 @@ use std::path::PathBuf;
pub fn get_openssl(_target: &str) -> (Vec<PathBuf>, PathBuf) {
let artifacts = openssl_src::Build::new().build();
println!("cargo:vendored=1");
println!(
"cargo:root={}",
artifacts.lib_dir().parent().unwrap().display()
);
println!("cargo:root={}", artifacts.lib_dir().parent().unwrap().display());
(
vec![artifacts.lib_dir().to_path_buf()],
artifacts.include_dir().to_path_buf(),
)
(vec![artifacts.lib_dir().to_path_buf()], artifacts.include_dir().to_path_buf())
}

24
openssl-sys/build/main.rs
View file

@ -1,8 +1,4 @@
#![allow(
clippy::inconsistent_digit_grouping,
clippy::uninlined_format_args,
clippy::unusual_byte_groupings
)]
#![allow(clippy::inconsistent_digit_grouping, clippy::uninlined_format_args, clippy::unusual_byte_groupings)]
extern crate autocfg;
#[cfg(feature = "bindgen")]
@ -87,17 +83,11 @@ fn main() {
panic!("OpenSSL library directory does not exist: {:?}", lib_dirs);
}
if !Path::new(&include_dir).exists() {
panic!(
"OpenSSL include directory does not exist: {}",
include_dir.to_string_lossy()
);
panic!("OpenSSL include directory does not exist: {}", include_dir.to_string_lossy());
}
for lib_dir in lib_dirs.iter() {
println!(
"cargo:rustc-link-search=native={}",
lib_dir.to_string_lossy()
);
println!("cargo:rustc-link-search=native={}", lib_dir.to_string_lossy());
}
println!("cargo:include={}", include_dir.to_string_lossy());
@ -391,11 +381,9 @@ fn determine_mode(libdirs: &[PathBuf], libs: &[&str]) -> &'static str {
let can_static = libs
.iter()
.all(|l| files.contains(&format!("lib{}.a", l)) || files.contains(&format!("{}.lib", l)));
let can_dylib = libs.iter().all(|l| {
files.contains(&format!("lib{}.so", l))
|| files.contains(&format!("{}.dll", l))
|| files.contains(&format!("lib{}.dylib", l))
});
let can_dylib = libs
.iter()
.all(|l| files.contains(&format!("lib{}.so", l)) || files.contains(&format!("{}.dll", l)) || files.contains(&format!("lib{}.dylib", l)));
match (can_static, can_dylib) {
(true, false) => return "static",
(false, true) => return "dylib",

10
openssl-sys/build/run_bindgen.rs
View file

@ -82,16 +82,10 @@ pub fn run(include_dirs: &[PathBuf]) {
.header_contents("includes.h", INCLUDES);
for include_dir in include_dirs {
builder = builder
.clang_arg("-I")
.clang_arg(include_dir.display().to_string());
builder = builder.clang_arg("-I").clang_arg(include_dir.display().to_string());
}
builder
.generate()
.unwrap()
.write_to_file(out_dir.join("bindgen.rs"))
.unwrap();
builder.generate().unwrap().write_to_file(out_dir.join("bindgen.rs")).unwrap();
}
#[derive(Debug)]

30
openssl-sys/src/bio.rs
View file

@ -35,38 +35,20 @@ pub unsafe fn BIO_get_mem_data(b: *mut BIO, pp: *mut *mut c_char) -> c_long {
extern "C" {
#[deprecated(note = "use BIO_meth_set_write__fixed_rust instead")]
#[cfg(any(ossl110, libressl273))]
pub fn BIO_meth_set_write(
biom: *mut BIO_METHOD,
write: unsafe extern "C" fn(*mut BIO, *const c_char, c_int) -> c_int,
) -> c_int;
pub fn BIO_meth_set_write(biom: *mut BIO_METHOD, write: unsafe extern "C" fn(*mut BIO, *const c_char, c_int) -> c_int) -> c_int;
#[deprecated(note = "use BIO_meth_set_read__fixed_rust instead")]
#[cfg(any(ossl110, libressl273))]
pub fn BIO_meth_set_read(
biom: *mut BIO_METHOD,
read: unsafe extern "C" fn(*mut BIO, *mut c_char, c_int) -> c_int,
) -> c_int;
pub fn BIO_meth_set_read(biom: *mut BIO_METHOD, read: unsafe extern "C" fn(*mut BIO, *mut c_char, c_int) -> c_int) -> c_int;
#[deprecated(note = "use BIO_meth_set_puts__fixed_rust instead")]
#[cfg(any(ossl110, libressl273))]
pub fn BIO_meth_set_puts(
biom: *mut BIO_METHOD,
read: unsafe extern "C" fn(*mut BIO, *const c_char) -> c_int,
) -> c_int;
pub fn BIO_meth_set_puts(biom: *mut BIO_METHOD, read: unsafe extern "C" fn(*mut BIO, *const c_char) -> c_int) -> c_int;
#[deprecated(note = "use BIO_meth_set_ctrl__fixed_rust instead")]
#[cfg(any(ossl110, libressl273))]
pub fn BIO_meth_set_ctrl(
biom: *mut BIO_METHOD,
read: unsafe extern "C" fn(*mut BIO, c_int, c_long, *mut c_void) -> c_long,
) -> c_int;
pub fn BIO_meth_set_ctrl(biom: *mut BIO_METHOD, read: unsafe extern "C" fn(*mut BIO, c_int, c_long, *mut c_void) -> c_long) -> c_int;
#[deprecated(note = "use BIO_meth_set_create__fixed_rust instead")]
#[cfg(any(ossl110, libressl273))]
pub fn BIO_meth_set_create(
biom: *mut BIO_METHOD,
create: unsafe extern "C" fn(*mut BIO) -> c_int,
) -> c_int;
pub fn BIO_meth_set_create(biom: *mut BIO_METHOD, create: unsafe extern "C" fn(*mut BIO) -> c_int) -> c_int;
#[deprecated(note = "use BIO_meth_set_destroy__fixed_rust instead")]
#[cfg(any(ossl110, libressl273))]
pub fn BIO_meth_set_destroy(
biom: *mut BIO_METHOD,
destroy: unsafe extern "C" fn(*mut BIO) -> c_int,
) -> c_int;
pub fn BIO_meth_set_destroy(biom: *mut BIO_METHOD, destroy: unsafe extern "C" fn(*mut BIO) -> c_int) -> c_int;
}

32
openssl-sys/src/crypto.rs
View file

@ -4,9 +4,7 @@ use libc::*;
extern "C" {
#[deprecated(note = "use CRYPTO_set_locking_callback__fixed_rust instead")]
#[cfg(not(ossl110))]
pub fn CRYPTO_set_locking_callback(
func: unsafe extern "C" fn(mode: c_int, n: c_int, file: *const c_char, line: c_int),
);
pub fn CRYPTO_set_locking_callback(func: unsafe extern "C" fn(mode: c_int, n: c_int, file: *const c_char, line: c_int));
#[deprecated(note = "use CRYPTO_set_id_callback__fixed_rust instead")]
#[cfg(not(ossl110))]
@ -48,46 +46,28 @@ pub type CRYPTO_EX_dup = unsafe extern "C" fn(
argl: c_long,
argp: *mut c_void,
) -> c_int;
pub type CRYPTO_EX_free = unsafe extern "C" fn(
parent: *mut c_void,
ptr: *mut c_void,
ad: *mut CRYPTO_EX_DATA,
idx: c_int,
argl: c_long,
argp: *mut c_void,
);
pub type CRYPTO_EX_free =
unsafe extern "C" fn(parent: *mut c_void, ptr: *mut c_void, ad: *mut CRYPTO_EX_DATA, idx: c_int, argl: c_long, argp: *mut c_void);
#[cfg(ossl110)]
#[inline]
#[track_caller]
pub unsafe fn OPENSSL_malloc(num: usize) -> *mut c_void {
CRYPTO_malloc(
num,
concat!(file!(), "\0").as_ptr() as *const _,
line!() as _,
)
CRYPTO_malloc(num, concat!(file!(), "\0").as_ptr() as *const _, line!() as _)
}
#[cfg(not(ossl110))]
#[inline]
#[track_caller]
pub unsafe fn OPENSSL_malloc(num: c_int) -> *mut c_void {
CRYPTO_malloc(
num,
concat!(file!(), "\0").as_ptr() as *const _,
line!() as _,
)
CRYPTO_malloc(num, concat!(file!(), "\0").as_ptr() as *const _, line!() as _)
}
#[cfg(ossl110)]
#[inline]
#[track_caller]
pub unsafe fn OPENSSL_free(addr: *mut c_void) {
CRYPTO_free(
addr,
concat!(file!(), "\0").as_ptr() as *const _,
line!() as _,
)
CRYPTO_free(addr, concat!(file!(), "\0").as_ptr() as *const _, line!() as _)
}
#[cfg(not(ossl110))]

7
openssl-sys/src/ec.rs
View file

@ -7,10 +7,5 @@ pub const OPENSSL_EC_NAMED_CURVE: c_int = 1;
#[cfg(ossl300)]
pub unsafe fn EVP_EC_gen(curve: *const c_char) -> *mut EVP_PKEY {
EVP_PKEY_Q_keygen(
ptr::null_mut(),
ptr::null_mut(),
"EC\0".as_ptr().cast(),
curve,
)
EVP_PKEY_Q_keygen(ptr::null_mut(), ptr::null_mut(), "EC\0".as_ptr().cast(), curve)
}

82
openssl-sys/src/evp.rs
View file

@ -110,20 +110,12 @@ cfg_if! {
}
#[cfg(not(ossl300))]
#[inline]
pub unsafe fn EVP_DigestSignUpdate(
ctx: *mut EVP_MD_CTX,
data: *const c_void,
dsize: size_t,
) -> c_int {
pub unsafe fn EVP_DigestSignUpdate(ctx: *mut EVP_MD_CTX, data: *const c_void, dsize: size_t) -> c_int {
EVP_DigestUpdate(ctx, data, dsize)
}
#[cfg(not(ossl300))]
#[inline]
pub unsafe fn EVP_DigestVerifyUpdate(
ctx: *mut EVP_MD_CTX,
data: *const c_void,
dsize: size_t,
) -> c_int {
pub unsafe fn EVP_DigestVerifyUpdate(ctx: *mut EVP_MD_CTX, data: *const c_void, dsize: size_t) -> c_int {
EVP_DigestUpdate(ctx, data, dsize)
}
#[cfg(ossl300)]
@ -174,11 +166,8 @@ cfg_if! {
}
}
pub const EVP_PKEY_OP_TYPE_SIG: c_int = EVP_PKEY_OP_SIGN
| EVP_PKEY_OP_VERIFY
| EVP_PKEY_OP_VERIFYRECOVER
| EVP_PKEY_OP_SIGNCTX
| EVP_PKEY_OP_VERIFYCTX;
pub const EVP_PKEY_OP_TYPE_SIG: c_int =
EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX;
pub const EVP_PKEY_OP_TYPE_CRYPT: c_int = EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT;
@ -214,72 +203,25 @@ pub const EVP_PKEY_CTRL_HKDF_MODE: c_int = EVP_PKEY_ALG_CTRL + 7;
#[cfg(all(ossl111, not(ossl300)))]
pub unsafe fn EVP_PKEY_CTX_set_hkdf_mode(ctx: *mut EVP_PKEY_CTX, mode: c_int) -> c_int {
EVP_PKEY_CTX_ctrl(
ctx,
-1,
EVP_PKEY_OP_DERIVE,
EVP_PKEY_CTRL_HKDF_MODE,
mode,
std::ptr::null_mut(),
)
EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_HKDF_MODE, mode, std::ptr::null_mut())
}
#[cfg(all(ossl110, not(ossl300)))]
pub unsafe fn EVP_PKEY_CTX_set_hkdf_md(ctx: *mut EVP_PKEY_CTX, md: *const EVP_MD) -> c_int {
EVP_PKEY_CTX_ctrl(
ctx,
-1,
EVP_PKEY_OP_DERIVE,
EVP_PKEY_CTRL_HKDF_MD,
0,
md as *mut c_void,
)
EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_HKDF_MD, 0, md as *mut c_void)
}
#[cfg(all(ossl110, not(ossl300)))]
pub unsafe fn EVP_PKEY_CTX_set1_hkdf_salt(
ctx: *mut EVP_PKEY_CTX,
salt: *const u8,
saltlen: c_int,
) -> c_int {
EVP_PKEY_CTX_ctrl(
ctx,
-1,
EVP_PKEY_OP_DERIVE,
EVP_PKEY_CTRL_HKDF_SALT,
saltlen,
salt as *mut c_void,
)
pub unsafe fn EVP_PKEY_CTX_set1_hkdf_salt(ctx: *mut EVP_PKEY_CTX, salt: *const u8, saltlen: c_int) -> c_int {
EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_HKDF_SALT, saltlen, salt as *mut c_void)
}
#[cfg(all(ossl110, not(ossl300)))]
pub unsafe fn EVP_PKEY_CTX_set1_hkdf_key(
ctx: *mut EVP_PKEY_CTX,
key: *const u8,
keylen: c_int,
) -> c_int {
EVP_PKEY_CTX_ctrl(
ctx,
-1,
EVP_PKEY_OP_DERIVE,
EVP_PKEY_CTRL_HKDF_KEY,
keylen,
key as *mut c_void,
)
pub unsafe fn EVP_PKEY_CTX_set1_hkdf_key(ctx: *mut EVP_PKEY_CTX, key: *const u8, keylen: c_int) -> c_int {
EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_HKDF_KEY, keylen, key as *mut c_void)
}
#[cfg(all(ossl110, not(ossl300)))]
pub unsafe fn EVP_PKEY_CTX_add1_hkdf_info(
ctx: *mut EVP_PKEY_CTX,
info: *const u8,
infolen: c_int,
) -> c_int {
EVP_PKEY_CTX_ctrl(
ctx,
-1,
EVP_PKEY_OP_DERIVE,
EVP_PKEY_CTRL_HKDF_INFO,
infolen,
info as *mut c_void,
)
pub unsafe fn EVP_PKEY_CTX_add1_hkdf_info(ctx: *mut EVP_PKEY_CTX, info: *const u8, infolen: c_int) -> c_int {
EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_HKDF_INFO, infolen, info as *mut c_void)
}

25
openssl-sys/src/handwritten/aes.rs
View file

@ -13,28 +13,9 @@ extern "C" {
pub fn AES_set_decrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int;
#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))]
pub fn AES_ige_encrypt(
in_: *const c_uchar,
out: *mut c_uchar,
length: size_t,
key: *const AES_KEY,
ivec: *mut c_uchar,
enc: c_int,
);
pub fn AES_ige_encrypt(in_: *const c_uchar, out: *mut c_uchar, length: size_t, key: *const AES_KEY, ivec: *mut c_uchar, enc: c_int);
pub fn AES_wrap_key(
key: *mut AES_KEY,
iv: *const c_uchar,
out: *mut c_uchar,
in_: *const c_uchar,
inlen: c_uint,
) -> c_int;
pub fn AES_wrap_key(key: *mut AES_KEY, iv: *const c_uchar, out: *mut c_uchar, in_: *const c_uchar, inlen: c_uint) -> c_int;
pub fn AES_unwrap_key(
key: *mut AES_KEY,
iv: *const c_uchar,
out: *mut c_uchar,
in_: *const c_uchar,
inlen: c_uint,
) -> c_int;
pub fn AES_unwrap_key(key: *mut AES_KEY, iv: *const c_uchar, out: *mut c_uchar, in_: *const c_uchar, inlen: c_uint) -> c_int;
}

7
openssl-sys/src/handwritten/asn1.rs
View file

@ -32,12 +32,7 @@ extern "C" {
pub fn ASN1_GENERALIZEDTIME_print(b: *mut BIO, tm: *const ASN1_GENERALIZEDTIME) -> c_int;
pub fn ASN1_TIME_new() -> *mut ASN1_TIME;
#[cfg(ossl102)]
pub fn ASN1_TIME_diff(
pday: *mut c_int,
psec: *mut c_int,
from: *const ASN1_TIME,
to: *const ASN1_TIME,
) -> c_int;
pub fn ASN1_TIME_diff(pday: *mut c_int, psec: *mut c_int, from: *const ASN1_TIME, to: *const ASN1_TIME) -> c_int;
pub fn ASN1_TIME_free(tm: *mut ASN1_TIME);
pub fn ASN1_TIME_print(b: *mut BIO, tm: *const ASN1_TIME) -> c_int;
pub fn ASN1_TIME_set(from: *mut ASN1_TIME, to: time_t) -> *mut ASN1_TIME;

23
openssl-sys/src/handwritten/bio.rs
View file

@ -6,8 +6,7 @@ extern "C" {
pub fn BIO_clear_flags(b: *mut BIO, flags: c_int);
}
pub type bio_info_cb =
Option<unsafe extern "C" fn(*mut BIO, c_int, *const c_char, c_int, c_long, c_long)>;
pub type bio_info_cb = Option<unsafe extern "C" fn(*mut BIO, c_int, *const c_char, c_int, c_long, c_long)>;
cfg_if! {
if #[cfg(any(ossl110, libressl280))] {
@ -76,16 +75,10 @@ extern "C" {
) -> c_int;
#[cfg(any(ossl110, libressl273))]
#[link_name = "BIO_meth_set_read"]
pub fn BIO_meth_set_read__fixed_rust(
biom: *mut BIO_METHOD,
read: Option<unsafe extern "C" fn(*mut BIO, *mut c_char, c_int) -> c_int>,
) -> c_int;
pub fn BIO_meth_set_read__fixed_rust(biom: *mut BIO_METHOD, read: Option<unsafe extern "C" fn(*mut BIO, *mut c_char, c_int) -> c_int>) -> c_int;
#[cfg(any(ossl110, libressl273))]
#[link_name = "BIO_meth_set_puts"]
pub fn BIO_meth_set_puts__fixed_rust(
biom: *mut BIO_METHOD,
read: Option<unsafe extern "C" fn(*mut BIO, *const c_char) -> c_int>,
) -> c_int;
pub fn BIO_meth_set_puts__fixed_rust(biom: *mut BIO_METHOD, read: Option<unsafe extern "C" fn(*mut BIO, *const c_char) -> c_int>) -> c_int;
#[cfg(any(ossl110, libressl273))]
#[link_name = "BIO_meth_set_ctrl"]
pub fn BIO_meth_set_ctrl__fixed_rust(
@ -94,14 +87,8 @@ extern "C" {
) -> c_int;
#[cfg(any(ossl110, libressl273))]
#[link_name = "BIO_meth_set_create"]
pub fn BIO_meth_set_create__fixed_rust(
biom: *mut BIO_METHOD,
create: Option<unsafe extern "C" fn(*mut BIO) -> c_int>,
) -> c_int;
pub fn BIO_meth_set_create__fixed_rust(biom: *mut BIO_METHOD, create: Option<unsafe extern "C" fn(*mut BIO) -> c_int>) -> c_int;
#[cfg(any(ossl110, libressl273))]
#[link_name = "BIO_meth_set_destroy"]
pub fn BIO_meth_set_destroy__fixed_rust(
biom: *mut BIO_METHOD,
destroy: Option<unsafe extern "C" fn(*mut BIO) -> c_int>,
) -> c_int;
pub fn BIO_meth_set_destroy__fixed_rust(biom: *mut BIO_METHOD, destroy: Option<unsafe extern "C" fn(*mut BIO) -> c_int>) -> c_int;
}

85
openssl-sys/src/handwritten/bn.rs
View file

@ -33,46 +33,12 @@ extern "C" {
#[cfg(any(ossl110, libressl350))]
pub fn BN_is_negative(b: *const BIGNUM) -> c_int;
pub fn BN_div(
dv: *mut BIGNUM,
rem: *mut BIGNUM,
a: *const BIGNUM,
b: *const BIGNUM,
ctx: *mut BN_CTX,
) -> c_int;
pub fn BN_nnmod(
rem: *mut BIGNUM,
a: *const BIGNUM,
m: *const BIGNUM,
ctx: *mut BN_CTX,
) -> c_int;
pub fn BN_mod_add(
r: *mut BIGNUM,
a: *const BIGNUM,
b: *const BIGNUM,
m: *const BIGNUM,
ctx: *mut BN_CTX,
) -> c_int;
pub fn BN_mod_sub(
r: *mut BIGNUM,
a: *const BIGNUM,
b: *const BIGNUM,
m: *const BIGNUM,
ctx: *mut BN_CTX,
) -> c_int;
pub fn BN_mod_mul(
r: *mut BIGNUM,
a: *const BIGNUM,
b: *const BIGNUM,
m: *const BIGNUM,
ctx: *mut BN_CTX,
) -> c_int;
pub fn BN_mod_sqr(
r: *mut BIGNUM,
a: *const BIGNUM,
m: *const BIGNUM,
ctx: *mut BN_CTX,
) -> c_int;
pub fn BN_div(dv: *mut BIGNUM, rem: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM, ctx: *mut BN_CTX) -> c_int;
pub fn BN_nnmod(rem: *mut BIGNUM, a: *const BIGNUM, m: *const BIGNUM, ctx: *mut BN_CTX) -> c_int;
pub fn BN_mod_add(r: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM, m: *const BIGNUM, ctx: *mut BN_CTX) -> c_int;
pub fn BN_mod_sub(r: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM, m: *const BIGNUM, ctx: *mut BN_CTX) -> c_int;
pub fn BN_mod_mul(r: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM, m: *const BIGNUM, ctx: *mut BN_CTX) -> c_int;
pub fn BN_mod_sqr(r: *mut BIGNUM, a: *const BIGNUM, m: *const BIGNUM, ctx: *mut BN_CTX) -> c_int;
pub fn BN_mod_word(r: *const BIGNUM, w: BN_ULONG) -> BN_ULONG;
pub fn BN_div_word(r: *mut BIGNUM, w: BN_ULONG) -> BN_ULONG;
@ -88,13 +54,7 @@ extern "C" {
pub fn BN_lshift1(r: *mut BIGNUM, a: *const BIGNUM) -> c_int;
pub fn BN_exp(r: *mut BIGNUM, a: *const BIGNUM, p: *const BIGNUM, ctx: *mut BN_CTX) -> c_int;
pub fn BN_mod_exp(
r: *mut BIGNUM,
a: *const BIGNUM,
p: *const BIGNUM,
m: *const BIGNUM,
ctx: *mut BN_CTX,
) -> c_int;
pub fn BN_mod_exp(r: *mut BIGNUM, a: *const BIGNUM, p: *const BIGNUM, m: *const BIGNUM, ctx: *mut BN_CTX) -> c_int;
pub fn BN_mask_bits(a: *mut BIGNUM, n: c_int) -> c_int;
pub fn BN_rshift(r: *mut BIGNUM, a: *const BIGNUM, n: c_int) -> c_int;
@ -104,41 +64,18 @@ extern "C" {
pub fn BN_hex2bn(a: *mut *mut BIGNUM, s: *const c_char) -> c_int;
pub fn BN_dec2bn(a: *mut *mut BIGNUM, s: *const c_char) -> c_int;
pub fn BN_gcd(r: *mut BIGNUM, a: *const BIGNUM, b: *const BIGNUM, ctx: *mut BN_CTX) -> c_int;
pub fn BN_mod_inverse(
r: *mut BIGNUM,
a: *const BIGNUM,
n: *const BIGNUM,
ctx: *mut BN_CTX,
) -> *mut BIGNUM;
pub fn BN_mod_inverse(r: *mut BIGNUM, a: *const BIGNUM, n: *const BIGNUM, ctx: *mut BN_CTX) -> *mut BIGNUM;
pub fn BN_clear(bn: *mut BIGNUM);
pub fn BN_dup(n: *const BIGNUM) -> *mut BIGNUM;
pub fn BN_ucmp(a: *const BIGNUM, b: *const BIGNUM) -> c_int;
pub fn BN_set_bit(a: *mut BIGNUM, n: c_int) -> c_int;
pub fn BN_clear_bit(a: *mut BIGNUM, n: c_int) -> c_int;
pub fn BN_generate_prime_ex(
r: *mut BIGNUM,
bits: c_int,
safe: c_int,
add: *const BIGNUM,
rem: *const BIGNUM,
cb: *mut BN_GENCB,
) -> c_int;
pub fn BN_generate_prime_ex(r: *mut BIGNUM, bits: c_int, safe: c_int, add: *const BIGNUM, rem: *const BIGNUM, cb: *mut BN_GENCB) -> c_int;
#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))]
pub fn BN_is_prime_ex(
p: *const BIGNUM,
checks: c_int,
ctx: *mut BN_CTX,
cb: *mut BN_GENCB,
) -> c_int;
pub fn BN_is_prime_ex(p: *const BIGNUM, checks: c_int, ctx: *mut BN_CTX, cb: *mut BN_GENCB) -> c_int;
#[cfg(not(osslconf = "OPENSSL_NO_DEPRECATED_3_0"))]
pub fn BN_is_prime_fasttest_ex(
p: *const BIGNUM,
checks: c_int,
ctx: *mut BN_CTX,
do_trial_division: c_int,
cb: *mut BN_GENCB,
) -> c_int;
pub fn BN_is_prime_fasttest_ex(p: *const BIGNUM, checks: c_int, ctx: *mut BN_CTX, do_trial_division: c_int, cb: *mut BN_GENCB) -> c_int;
}
cfg_if! {

30
openssl-sys/src/handwritten/cms.rs
View file

@ -17,23 +17,13 @@ const_ptr_api! {
extern "C" {
#[cfg(ossl101)]
pub fn d2i_CMS_ContentInfo(
a: *mut *mut CMS_ContentInfo,
pp: *mut *const c_uchar,
length: c_long,
) -> *mut CMS_ContentInfo;
pub fn d2i_CMS_ContentInfo(a: *mut *mut CMS_ContentInfo, pp: *mut *const c_uchar, length: c_long) -> *mut CMS_ContentInfo;
#[cfg(ossl101)]
pub fn SMIME_read_CMS(bio: *mut BIO, bcont: *mut *mut BIO) -> *mut CMS_ContentInfo;
#[cfg(ossl101)]
pub fn CMS_sign(
signcert: *mut X509,
pkey: *mut EVP_PKEY,
certs: *mut stack_st_X509,
data: *mut BIO,
flags: c_uint,
) -> *mut CMS_ContentInfo;
pub fn CMS_sign(signcert: *mut X509, pkey: *mut EVP_PKEY, certs: *mut stack_st_X509, data: *mut BIO, flags: c_uint) -> *mut CMS_ContentInfo;
#[cfg(ossl101)]
pub fn CMS_verify(
@ -46,20 +36,8 @@ extern "C" {
) -> c_int;
#[cfg(ossl101)]
pub fn CMS_encrypt(
certs: *mut stack_st_X509,
data: *mut BIO,
cipher: *const EVP_CIPHER,
flags: c_uint,
) -> *mut CMS_ContentInfo;
pub fn CMS_encrypt(certs: *mut stack_st_X509, data: *mut BIO, cipher: *const EVP_CIPHER, flags: c_uint) -> *mut CMS_ContentInfo;
#[cfg(ossl101)]
pub fn CMS_decrypt(
cms: *mut CMS_ContentInfo,
pkey: *mut EVP_PKEY,
cert: *mut X509,
dcont: *mut BIO,
out: *mut BIO,
flags: c_uint,
) -> c_int;
pub fn CMS_decrypt(cms: *mut CMS_ContentInfo, pkey: *mut EVP_PKEY, cert: *mut X509, dcont: *mut BIO, out: *mut BIO, flags: c_uint) -> c_int;
}

12
openssl-sys/src/handwritten/crypto.rs
View file

@ -36,9 +36,7 @@ extern "C" {
extern "C" {
#[cfg(not(ossl110))]
#[link_name = "CRYPTO_set_locking_callback"]
pub fn CRYPTO_set_locking_callback__fixed_rust(
func: Option<unsafe extern "C" fn(mode: c_int, n: c_int, file: *const c_char, line: c_int)>,
);
pub fn CRYPTO_set_locking_callback__fixed_rust(func: Option<unsafe extern "C" fn(mode: c_int, n: c_int, file: *const c_char, line: c_int)>);
#[cfg(not(ossl110))]
#[link_name = "CRYPTO_set_id_callback"]
@ -47,13 +45,7 @@ extern "C" {
extern "C" {
#[cfg(not(ossl110))]
pub fn CRYPTO_add_lock(
pointer: *mut c_int,
amount: c_int,
type_: c_int,
file: *const c_char,
line: c_int,
) -> c_int;
pub fn CRYPTO_add_lock(pointer: *mut c_int, amount: c_int, type_: c_int, file: *const c_char, line: c_int) -> c_int;
}
cfg_if! {

14
openssl-sys/src/handwritten/dh.rs
View file

@ -11,12 +11,7 @@ extern "C" {
cb_arg: *mut c_void,
) -> *mut DH;
pub fn DH_generate_parameters_ex(
dh: *mut DH,
prime_len: c_int,
generator: c_int,
cb: *mut BN_GENCB,
) -> c_int;
pub fn DH_generate_parameters_ex(dh: *mut DH, prime_len: c_int, generator: c_int, cb: *mut BN_GENCB) -> c_int;
pub fn DH_generate_key(dh: *mut DH) -> c_int;
pub fn DH_compute_key(key: *mut c_uchar, pub_key: *const BIGNUM, dh: *mut DH) -> c_int;
@ -35,12 +30,7 @@ extern "C" {
#[cfg(any(ossl110, libressl270))]
pub fn DH_set0_pqg(dh: *mut DH, p: *mut BIGNUM, q: *mut BIGNUM, g: *mut BIGNUM) -> c_int;
#[cfg(any(ossl110, libressl270))]
pub fn DH_get0_pqg(
dh: *const DH,
p: *mut *const BIGNUM,
q: *mut *const BIGNUM,
g: *mut *const BIGNUM,
);
pub fn DH_get0_pqg(dh: *const DH, p: *mut *const BIGNUM, q: *mut *const BIGNUM, g: *mut *const BIGNUM);
#[cfg(any(ossl110, libressl270))]
pub fn DH_set0_key(dh: *mut DH, pub_key: *mut BIGNUM, priv_key: *mut BIGNUM) -> c_int;

34
openssl-sys/src/handwritten/dsa.rs
View file

@ -19,26 +19,11 @@ extern "C" {
pub fn DSA_free(dsa: *mut DSA);
pub fn DSA_up_ref(dsa: *mut DSA) -> c_int;
pub fn DSA_size(dsa: *const DSA) -> c_int;
pub fn DSA_sign(
dummy: c_int,
dgst: *const c_uchar,
len: c_int,
sigret: *mut c_uchar,
siglen: *mut c_uint,
dsa: *mut DSA,
) -> c_int;
pub fn DSA_verify(
dummy: c_int,
dgst: *const c_uchar,
len: c_int,
sigbuf: *const c_uchar,
siglen: c_int,
dsa: *mut DSA,
) -> c_int;
pub fn DSA_sign(dummy: c_int, dgst: *const c_uchar, len: c_int, sigret: *mut c_uchar, siglen: *mut c_uint, dsa: *mut DSA) -> c_int;
pub fn DSA_verify(dummy: c_int, dgst: *const c_uchar, len: c_int, sigbuf: *const c_uchar, siglen: c_int, dsa: *mut DSA) -> c_int;
pub fn d2i_DSAPublicKey(a: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) -> *mut DSA;
pub fn d2i_DSAPrivateKey(a: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long)
-> *mut DSA;
pub fn d2i_DSAPrivateKey(a: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) -> *mut DSA;
pub fn DSA_generate_parameters_ex(
dsa: *mut DSA,
@ -55,23 +40,14 @@ extern "C" {
pub fn i2d_DSAPrivateKey(a: *const DSA, pp: *mut *mut c_uchar) -> c_int;
#[cfg(any(ossl110, libressl273))]
pub fn DSA_get0_pqg(
d: *const DSA,
p: *mut *const BIGNUM,
q: *mut *const BIGNUM,
q: *mut *const BIGNUM,
);
pub fn DSA_get0_pqg(d: *const DSA, p: *mut *const BIGNUM, q: *mut *const BIGNUM, q: *mut *const BIGNUM);
#[cfg(any(ossl110, libressl273))]
pub fn DSA_set0_pqg(d: *mut DSA, p: *mut BIGNUM, q: *mut BIGNUM, q: *mut BIGNUM) -> c_int;
#[cfg(any(ossl110, libressl273))]
pub fn DSA_get0_key(d: *const DSA, pub_key: *mut *const BIGNUM, priv_key: *mut *const BIGNUM);
#[cfg(any(ossl110, libressl273))]
pub fn DSA_set0_key(d: *mut DSA, pub_key: *mut BIGNUM, priv_key: *mut BIGNUM) -> c_int;
pub fn d2i_DSA_SIG(
sig: *mut *mut DSA_SIG,
pp: *mut *const c_uchar,
length: c_long,
) -> *mut DSA_SIG;
pub fn d2i_DSA_SIG(sig: *mut *mut DSA_SIG, pp: *mut *const c_uchar, length: c_long) -> *mut DSA_SIG;
pub fn i2d_DSA_SIG(a: *const DSA_SIG, pp: *mut *mut c_uchar) -> c_int;
pub fn DSA_SIG_new() -> *mut DSA_SIG;

129
openssl-sys/src/handwritten/ec.rs
View file

@ -21,77 +21,38 @@ extern "C" {
pub fn EC_GROUP_free(group: *mut EC_GROUP);
pub fn EC_GROUP_get_order(
group: *const EC_GROUP,
order: *mut BIGNUM,
ctx: *mut BN_CTX,
) -> c_int;
pub fn EC_GROUP_get_order(group: *const EC_GROUP, order: *mut BIGNUM, ctx: *mut BN_CTX) -> c_int;
pub fn EC_GROUP_get_cofactor(
group: *const EC_GROUP,
cofactor: *mut BIGNUM,
ctx: *mut BN_CTX,
) -> c_int;
pub fn EC_GROUP_get_cofactor(group: *const EC_GROUP, cofactor: *mut BIGNUM, ctx: *mut BN_CTX) -> c_int;
pub fn EC_GROUP_get0_generator(group: *const EC_GROUP) -> *const EC_POINT;
pub fn EC_GROUP_set_generator(
group: *mut EC_GROUP,
generator: *const EC_POINT,
order: *const BIGNUM,
cofactor: *const BIGNUM,
) -> c_int;
pub fn EC_GROUP_set_generator(group: *mut EC_GROUP, generator: *const EC_POINT, order: *const BIGNUM, cofactor: *const BIGNUM) -> c_int;
pub fn EC_GROUP_get_curve_name(group: *const EC_GROUP) -> c_int;
pub fn EC_GROUP_set_asn1_flag(key: *mut EC_GROUP, flag: c_int);
pub fn EC_GROUP_get_curve_GFp(
group: *const EC_GROUP,
p: *mut BIGNUM,
a: *mut BIGNUM,
b: *mut BIGNUM,
ctx: *mut BN_CTX,
) -> c_int;
pub fn EC_GROUP_get_curve_GFp(group: *const EC_GROUP, p: *mut BIGNUM, a: *mut BIGNUM, b: *mut BIGNUM, ctx: *mut BN_CTX) -> c_int;
#[cfg(not(osslconf = "OPENSSL_NO_EC2M"))]
pub fn EC_GROUP_get_curve_GF2m(
group: *const EC_GROUP,
p: *mut BIGNUM,
a: *mut BIGNUM,
b: *mut BIGNUM,
ctx: *mut BN_CTX,
) -> c_int;
pub fn EC_GROUP_get_curve_GF2m(group: *const EC_GROUP, p: *mut BIGNUM, a: *mut BIGNUM, b: *mut BIGNUM, ctx: *mut BN_CTX) -> c_int;
pub fn EC_GROUP_get_degree(group: *const EC_GROUP) -> c_int;
#[cfg(ossl110)]
pub fn EC_GROUP_order_bits(group: *const EC_GROUP) -> c_int;
pub fn EC_GROUP_new_curve_GFp(
p: *const BIGNUM,
a: *const BIGNUM,
b: *const BIGNUM,
ctx: *mut BN_CTX,
) -> *mut EC_GROUP;
pub fn EC_GROUP_new_curve_GFp(p: *const BIGNUM, a: *const BIGNUM, b: *const BIGNUM, ctx: *mut BN_CTX) -> *mut EC_GROUP;
#[cfg(not(osslconf = "OPENSSL_NO_EC2M"))]
pub fn EC_GROUP_new_curve_GF2m(
p: *const BIGNUM,
a: *const BIGNUM,
b: *const BIGNUM,
ctx: *mut BN_CTX,
) -> *mut EC_GROUP;
pub fn EC_GROUP_new_curve_GF2m(p: *const BIGNUM, a: *const BIGNUM, b: *const BIGNUM, ctx: *mut BN_CTX) -> *mut EC_GROUP;
pub fn EC_GROUP_new_by_curve_name(nid: c_int) -> *mut EC_GROUP;
pub fn EC_POINT_is_at_infinity(group: *const EC_GROUP, point: *const EC_POINT) -> c_int;
pub fn EC_POINT_is_on_curve(
group: *const EC_GROUP,
point: *const EC_POINT,
ctx: *mut BN_CTX,
) -> c_int;
pub fn EC_POINT_is_on_curve(group: *const EC_GROUP, point: *const EC_POINT, ctx: *mut BN_CTX) -> c_int;
pub fn EC_POINT_new(group: *const EC_GROUP) -> *mut EC_POINT;
@ -100,21 +61,10 @@ extern "C" {
pub fn EC_POINT_dup(p: *const EC_POINT, group: *const EC_GROUP) -> *mut EC_POINT;
#[cfg(ossl111)]
pub fn EC_POINT_get_affine_coordinates(
group: *const EC_GROUP,
p: *const EC_POINT,
x: *mut BIGNUM,
y: *mut BIGNUM,
ctx: *mut BN_CTX,
) -> c_int;
pub fn EC_POINT_get_affine_coordinates(group: *const EC_GROUP, p: *const EC_POINT, x: *mut BIGNUM, y: *mut BIGNUM, ctx: *mut BN_CTX) -> c_int;
pub fn EC_POINT_get_affine_coordinates_GFp(
group: *const EC_GROUP,
p: *const EC_POINT,
x: *mut BIGNUM,
y: *mut BIGNUM,
ctx: *mut BN_CTX,
) -> c_int;
pub fn EC_POINT_get_affine_coordinates_GFp(group: *const EC_GROUP, p: *const EC_POINT, x: *mut BIGNUM, y: *mut BIGNUM, ctx: *mut BN_CTX)
-> c_int;
pub fn EC_POINT_set_affine_coordinates_GFp(
group: *const EC_GROUP,
@ -142,39 +92,15 @@ extern "C" {
ctx: *mut BN_CTX,
) -> size_t;
pub fn EC_POINT_oct2point(
group: *const EC_GROUP,
p: *mut EC_POINT,
buf: *const c_uchar,
len: size_t,
ctx: *mut BN_CTX,
) -> c_int;
pub fn EC_POINT_oct2point(group: *const EC_GROUP, p: *mut EC_POINT, buf: *const c_uchar, len: size_t, ctx: *mut BN_CTX) -> c_int;
pub fn EC_POINT_add(
group: *const EC_GROUP,
r: *mut EC_POINT,
a: *const EC_POINT,
b: *const EC_POINT,
ctx: *mut BN_CTX,
) -> c_int;
pub fn EC_POINT_add(group: *const EC_GROUP, r: *mut EC_POINT, a: *const EC_POINT, b: *const EC_POINT, ctx: *mut BN_CTX) -> c_int;
pub fn EC_POINT_invert(group: *const EC_GROUP, r: *mut EC_POINT, ctx: *mut BN_CTX) -> c_int;
pub fn EC_POINT_cmp(
group: *const EC_GROUP,
a: *const EC_POINT,
b: *const EC_POINT,
ctx: *mut BN_CTX,
) -> c_int;
pub fn EC_POINT_cmp(group: *const EC_GROUP, a: *const EC_POINT, b: *const EC_POINT, ctx: *mut BN_CTX) -> c_int;
pub fn EC_POINT_mul(
group: *const EC_GROUP,
r: *mut EC_POINT,
n: *const BIGNUM,
q: *const EC_POINT,
m: *const BIGNUM,
ctx: *mut BN_CTX,
) -> c_int;
pub fn EC_POINT_mul(group: *const EC_GROUP, r: *mut EC_POINT, n: *const BIGNUM, q: *const EC_POINT, m: *const BIGNUM, ctx: *mut BN_CTX) -> c_int;
pub fn EC_KEY_new() -> *mut EC_KEY;
@ -202,11 +128,7 @@ extern "C" {
pub fn EC_KEY_check_key(key: *const EC_KEY) -> c_int;
pub fn EC_KEY_set_public_key_affine_coordinates(
key: *mut EC_KEY,
x: *mut BIGNUM,
y: *mut BIGNUM,
) -> c_int;
pub fn EC_KEY_set_public_key_affine_coordinates(key: *mut EC_KEY, x: *mut BIGNUM, y: *mut BIGNUM) -> c_int;
}
cfg_if! {
@ -232,24 +154,11 @@ extern "C" {
#[cfg(any(ossl110, libressl273))]
pub fn ECDSA_SIG_set0(sig: *mut ECDSA_SIG, pr: *mut BIGNUM, ps: *mut BIGNUM) -> c_int;
pub fn ECDSA_do_sign(
dgst: *const c_uchar,
dgst_len: c_int,
eckey: *mut EC_KEY,
) -> *mut ECDSA_SIG;
pub fn ECDSA_do_sign(dgst: *const c_uchar, dgst_len: c_int, eckey: *mut EC_KEY) -> *mut ECDSA_SIG;
pub fn ECDSA_do_verify(
dgst: *const c_uchar,
dgst_len: c_int,
sig: *const ECDSA_SIG,
eckey: *mut EC_KEY,
) -> c_int;
pub fn ECDSA_do_verify(dgst: *const c_uchar, dgst_len: c_int, sig: *const ECDSA_SIG, eckey: *mut EC_KEY) -> c_int;
pub fn d2i_ECDSA_SIG(
sig: *mut *mut ECDSA_SIG,
inp: *mut *const c_uchar,
length: c_long,
) -> *mut ECDSA_SIG;
pub fn d2i_ECDSA_SIG(sig: *mut *mut ECDSA_SIG, inp: *mut *const c_uchar, length: c_long) -> *mut ECDSA_SIG;
pub fn i2d_ECDSA_SIG(sig: *const ECDSA_SIG, out: *mut *mut c_uchar) -> c_int;
}

7
openssl-sys/src/handwritten/err.rs
View file

@ -33,12 +33,7 @@ extern "C" {
data: *mut *const c_char,
flags: *mut c_int,
) -> c_ulong;
pub fn ERR_get_error_line_data(
file: *mut *const c_char,
line: *mut c_int,
data: *mut *const c_char,
flags: *mut c_int,
) -> c_ulong;
pub fn ERR_get_error_line_data(file: *mut *const c_char, line: *mut c_int, data: *mut *const c_char, flags: *mut c_int) -> c_ulong;
pub fn ERR_peek_last_error() -> c_ulong;
pub fn ERR_clear_error();
pub fn ERR_lib_error_string(err: c_ulong) -> *const c_char;

142
openssl-sys/src/handwritten/evp.rs
View file

@ -66,8 +66,7 @@ cfg_if! {
}
extern "C" {
pub fn EVP_DigestInit_ex(ctx: *mut EVP_MD_CTX, typ: *const EVP_MD, imple: *mut ENGINE)
-> c_int;
pub fn EVP_DigestInit_ex(ctx: *mut EVP_MD_CTX, typ: *const EVP_MD, imple: *mut ENGINE) -> c_int;
pub fn EVP_DigestUpdate(ctx: *mut EVP_MD_CTX, data: *const c_void, n: size_t) -> c_int;
pub fn EVP_DigestFinal_ex(ctx: *mut EVP_MD_CTX, res: *mut u8, n: *mut u32) -> c_int;
#[cfg(ossl300)]
@ -86,11 +85,7 @@ extern "C" {
pub fn EVP_DigestFinalXOF(ctx: *mut EVP_MD_CTX, res: *mut u8, len: usize) -> c_int;
#[cfg(ossl300)]
pub fn EVP_MD_fetch(
ctx: *mut OSSL_LIB_CTX,
algorithm: *const c_char,
properties: *const c_char,
) -> *mut EVP_MD;
pub fn EVP_MD_fetch(ctx: *mut OSSL_LIB_CTX, algorithm: *const c_char, properties: *const c_char) -> *mut EVP_MD;
#[cfg(ossl300)]
pub fn EVP_MD_free(md: *mut EVP_MD);
@ -106,13 +101,7 @@ extern "C" {
iv: *mut u8,
) -> c_int;
pub fn EVP_CipherInit(
ctx: *mut EVP_CIPHER_CTX,
evp: *const EVP_CIPHER,
key: *const u8,
iv: *const u8,
mode: c_int,
) -> c_int;
pub fn EVP_CipherInit(ctx: *mut EVP_CIPHER_CTX, evp: *const EVP_CIPHER, key: *const u8, iv: *const u8, mode: c_int) -> c_int;
pub fn EVP_CipherInit_ex(
ctx: *mut EVP_CIPHER_CTX,
type_: *const EVP_CIPHER,
@ -121,30 +110,15 @@ extern "C" {
iv: *const c_uchar,
enc: c_int,
) -> c_int;
pub fn EVP_CipherUpdate(
ctx: *mut EVP_CIPHER_CTX,
outbuf: *mut u8,
outlen: *mut c_int,
inbuf: *const u8,
inlen: c_int,
) -> c_int;
pub fn EVP_CipherUpdate(ctx: *mut EVP_CIPHER_CTX, outbuf: *mut u8, outlen: *mut c_int, inbuf: *const u8, inlen: c_int) -> c_int;
pub fn EVP_CipherFinal(ctx: *mut EVP_CIPHER_CTX, res: *mut u8, len: *mut c_int) -> c_int;
pub fn EVP_DigestSignInit(
ctx: *mut EVP_MD_CTX,
pctx: *mut *mut EVP_PKEY_CTX,
type_: *const EVP_MD,
e: *mut ENGINE,
pkey: *mut EVP_PKEY,
) -> c_int;
pub fn EVP_DigestSignInit(ctx: *mut EVP_MD_CTX, pctx: *mut *mut EVP_PKEY_CTX, type_: *const EVP_MD, e: *mut ENGINE, pkey: *mut EVP_PKEY)
-> c_int;
#[cfg(ossl300)]
pub fn EVP_DigestSignUpdate(ctx: *mut EVP_MD_CTX, data: *const c_void, dsize: size_t) -> c_int;
pub fn EVP_DigestSignFinal(
ctx: *mut EVP_MD_CTX,
sig: *mut c_uchar,
siglen: *mut size_t,
) -> c_int;
pub fn EVP_DigestSignFinal(ctx: *mut EVP_MD_CTX, sig: *mut c_uchar, siglen: *mut size_t) -> c_int;
pub fn EVP_DigestVerifyInit(
ctx: *mut EVP_MD_CTX,
pctx: *mut *mut EVP_PKEY_CTX,
@ -153,11 +127,7 @@ extern "C" {
pkey: *mut EVP_PKEY,
) -> c_int;
#[cfg(ossl300)]
pub fn EVP_DigestVerifyUpdate(
ctx: *mut EVP_MD_CTX,
data: *const c_void,
dsize: size_t,
) -> c_int;
pub fn EVP_DigestVerifyUpdate(ctx: *mut EVP_MD_CTX, data: *const c_void, dsize: size_t) -> c_int;
pub fn EVP_SealInit(
ctx: *mut EVP_CIPHER_CTX,
type_: *const EVP_CIPHER,
@ -175,18 +145,8 @@ extern "C" {
key: *const c_uchar,
iv: *const c_uchar,
) -> c_int;
pub fn EVP_EncryptUpdate(
ctx: *mut EVP_CIPHER_CTX,
out: *mut c_uchar,
outl: *mut c_int,
in_: *const u8,
inl: c_int,
) -> c_int;
pub fn EVP_EncryptFinal_ex(
ctx: *mut EVP_CIPHER_CTX,
out: *mut c_uchar,
outl: *mut c_int,
) -> c_int;
pub fn EVP_EncryptUpdate(ctx: *mut EVP_CIPHER_CTX, out: *mut c_uchar, outl: *mut c_int, in_: *const u8, inl: c_int) -> c_int;
pub fn EVP_EncryptFinal_ex(ctx: *mut EVP_CIPHER_CTX, out: *mut c_uchar, outl: *mut c_int) -> c_int;
pub fn EVP_OpenInit(
ctx: *mut EVP_CIPHER_CTX,
type_: *const EVP_CIPHER,
@ -203,18 +163,8 @@ extern "C" {
key: *const c_uchar,
iv: *const c_uchar,
) -> c_int;
pub fn EVP_DecryptUpdate(
ctx: *mut EVP_CIPHER_CTX,
out: *mut c_uchar,
outl: *mut c_int,
in_: *const u8,
inl: c_int,
) -> c_int;
pub fn EVP_DecryptFinal_ex(
ctx: *mut EVP_CIPHER_CTX,
outm: *mut c_uchar,
outl: *mut c_int,
) -> c_int;
pub fn EVP_DecryptUpdate(ctx: *mut EVP_CIPHER_CTX, out: *mut c_uchar, outl: *mut c_int, in_: *const u8, inl: c_int) -> c_int;
pub fn EVP_DecryptFinal_ex(ctx: *mut EVP_CIPHER_CTX, outm: *mut c_uchar, outl: *mut c_int) -> c_int;
}
cfg_if! {
if #[cfg(ossl300)] {
@ -268,12 +218,7 @@ extern "C" {
pub fn EVP_MD_CTX_reset(ctx: *mut EVP_MD_CTX) -> c_int;
pub fn EVP_CIPHER_CTX_set_key_length(ctx: *mut EVP_CIPHER_CTX, keylen: c_int) -> c_int;
pub fn EVP_CIPHER_CTX_set_padding(ctx: *mut EVP_CIPHER_CTX, padding: c_int) -> c_int;
pub fn EVP_CIPHER_CTX_ctrl(
ctx: *mut EVP_CIPHER_CTX,
type_: c_int,
arg: c_int,
ptr: *mut c_void,
) -> c_int;
pub fn EVP_CIPHER_CTX_ctrl(ctx: *mut EVP_CIPHER_CTX, type_: c_int, arg: c_int, ptr: *mut c_void) -> c_int;
pub fn EVP_CIPHER_CTX_rand_key(ctx: *mut EVP_CIPHER_CTX, key: *mut c_uchar) -> c_int;
pub fn EVP_md_null() -> *const EVP_MD;
@ -447,11 +392,7 @@ extern "C" {
#[cfg(any(ossl110, libressl270))]
pub fn EVP_PKEY_up_ref(pkey: *mut EVP_PKEY) -> c_int;
pub fn d2i_AutoPrivateKey(
a: *mut *mut EVP_PKEY,
pp: *mut *const c_uchar,
length: c_long,
) -> *mut EVP_PKEY;
pub fn d2i_AutoPrivateKey(a: *mut *mut EVP_PKEY, pp: *mut *const c_uchar, length: c_long) -> *mut EVP_PKEY;
pub fn EVP_PKEY_cmp(a: *const EVP_PKEY, b: *const EVP_PKEY) -> c_int;
@ -495,68 +436,27 @@ extern "C" {
pub fn EVP_PKEY_CTX_new_id(id: c_int, e: *mut ENGINE) -> *mut EVP_PKEY_CTX;
pub fn EVP_PKEY_CTX_free(ctx: *mut EVP_PKEY_CTX);
pub fn EVP_PKEY_CTX_ctrl(
ctx: *mut EVP_PKEY_CTX,
keytype: c_int,
optype: c_int,
cmd: c_int,
p1: c_int,
p2: *mut c_void,
) -> c_int;
pub fn EVP_PKEY_CTX_ctrl(ctx: *mut EVP_PKEY_CTX, keytype: c_int, optype: c_int, cmd: c_int, p1: c_int, p2: *mut c_void) -> c_int;
pub fn EVP_PKEY_new_mac_key(
type_: c_int,
e: *mut ENGINE,
key: *const c_uchar,
keylen: c_int,
) -> *mut EVP_PKEY;
pub fn EVP_PKEY_new_mac_key(type_: c_int, e: *mut ENGINE, key: *const c_uchar, keylen: c_int) -> *mut EVP_PKEY;
pub fn EVP_PKEY_derive_init(ctx: *mut EVP_PKEY_CTX) -> c_int;
pub fn EVP_PKEY_derive_set_peer(ctx: *mut EVP_PKEY_CTX, peer: *mut EVP_PKEY) -> c_int;
pub fn EVP_PKEY_derive(ctx: *mut EVP_PKEY_CTX, key: *mut c_uchar, size: *mut size_t) -> c_int;
#[cfg(ossl300)]
pub fn EVP_PKEY_Q_keygen(
libctx: *mut OSSL_LIB_CTX,
propq: *const c_char,
type_: *const c_char,
...
) -> *mut EVP_PKEY;
pub fn EVP_PKEY_Q_keygen(libctx: *mut OSSL_LIB_CTX, propq: *const c_char, type_: *const c_char, ...) -> *mut EVP_PKEY;
pub fn EVP_PKEY_keygen_init(ctx: *mut EVP_PKEY_CTX) -> c_int;
pub fn EVP_PKEY_keygen(ctx: *mut EVP_PKEY_CTX, key: *mut *mut EVP_PKEY) -> c_int;
pub fn EVP_PKEY_sign_init(ctx: *mut EVP_PKEY_CTX) -> c_int;
pub fn EVP_PKEY_sign(
ctx: *mut EVP_PKEY_CTX,
sig: *mut c_uchar,
siglen: *mut size_t,
tbs: *const c_uchar,
tbslen: size_t,
) -> c_int;
pub fn EVP_PKEY_sign(ctx: *mut EVP_PKEY_CTX, sig: *mut c_uchar, siglen: *mut size_t, tbs: *const c_uchar, tbslen: size_t) -> c_int;
pub fn EVP_PKEY_verify_init(ctx: *mut EVP_PKEY_CTX) -> c_int;
pub fn EVP_PKEY_verify(
ctx: *mut EVP_PKEY_CTX,
sig: *const c_uchar,
siglen: size_t,
tbs: *const c_uchar,
tbslen: size_t,
) -> c_int;
pub fn EVP_PKEY_verify(ctx: *mut EVP_PKEY_CTX, sig: *const c_uchar, siglen: size_t, tbs: *const c_uchar, tbslen: size_t) -> c_int;
pub fn EVP_PKEY_encrypt_init(ctx: *mut EVP_PKEY_CTX) -> c_int;
pub fn EVP_PKEY_encrypt(
ctx: *mut EVP_PKEY_CTX,
pout: *mut c_uchar,
poutlen: *mut size_t,
pin: *const c_uchar,
pinlen: size_t,
) -> c_int;
pub fn EVP_PKEY_encrypt(ctx: *mut EVP_PKEY_CTX, pout: *mut c_uchar, poutlen: *mut size_t, pin: *const c_uchar, pinlen: size_t) -> c_int;
pub fn EVP_PKEY_decrypt_init(ctx: *mut EVP_PKEY_CTX) -> c_int;
pub fn EVP_PKEY_decrypt(
ctx: *mut EVP_PKEY_CTX,
pout: *mut c_uchar,
poutlen: *mut size_t,
pin: *const c_uchar,
pinlen: size_t,
) -> c_int;
pub fn EVP_PKEY_decrypt(ctx: *mut EVP_PKEY_CTX, pout: *mut c_uchar, poutlen: *mut size_t, pin: *const c_uchar, pinlen: size_t) -> c_int;
}
const_ptr_api! {

8
openssl-sys/src/handwritten/hmac.rs
View file

@ -17,13 +17,7 @@ cfg_if! {
}
extern "C" {
pub fn HMAC_Init_ex(
ctx: *mut HMAC_CTX,
key: *const c_void,
len: c_int,
md: *const EVP_MD,
impl_: *mut ENGINE,
) -> c_int;
pub fn HMAC_Init_ex(ctx: *mut HMAC_CTX, key: *const c_void, len: c_int, md: *const EVP_MD, impl_: *mut ENGINE) -> c_int;
pub fn HMAC_Update(ctx: *mut HMAC_CTX, data: *const c_uchar, len: size_t) -> c_int;
pub fn HMAC_Final(ctx: *mut HMAC_CTX, md: *mut c_uchar, len: *mut c_uint) -> c_int;
pub fn HMAC_CTX_copy(dst: *mut HMAC_CTX, src: *mut HMAC_CTX) -> c_int;

16
openssl-sys/src/handwritten/object.rs
View file

@ -7,22 +7,12 @@ extern "C" {
pub fn OBJ_nid2sn(nid: c_int) -> *const c_char;
pub fn OBJ_nid2obj(n: c_int) -> *mut ASN1_OBJECT;
pub fn OBJ_obj2nid(o: *const ASN1_OBJECT) -> c_int;
pub fn OBJ_obj2txt(
buf: *mut c_char,
buf_len: c_int,
a: *const ASN1_OBJECT,
no_name: c_int,
) -> c_int;
pub fn OBJ_obj2txt(buf: *mut c_char, buf_len: c_int, a: *const ASN1_OBJECT, no_name: c_int) -> c_int;
pub fn OBJ_find_sigid_algs(signid: c_int, pdig_nid: *mut c_int, ppkey_nid: *mut c_int)
-> c_int;
pub fn OBJ_find_sigid_algs(signid: c_int, pdig_nid: *mut c_int, ppkey_nid: *mut c_int) -> c_int;
pub fn OBJ_sn2nid(sn: *const libc::c_char) -> libc::c_int;
pub fn OBJ_txt2obj(s: *const libc::c_char, no_name: libc::c_int) -> *mut ASN1_OBJECT;
pub fn OBJ_create(
oid: *const libc::c_char,
sn: *const libc::c_char,
ln: *const libc::c_char,
) -> c_int;
pub fn OBJ_create(oid: *const libc::c_char, sn: *const libc::c_char, ln: *const libc::c_char) -> c_int;
#[cfg(ossl111)]
pub fn OBJ_length(obj: *const ASN1_OBJECT) -> libc::size_t;
#[cfg(ossl111)]

26
openssl-sys/src/handwritten/ocsp.rs
View file

@ -31,12 +31,7 @@ extern "C" {
thisupd: *mut *mut ASN1_GENERALIZEDTIME,
nextupd: *mut *mut ASN1_GENERALIZEDTIME,
) -> c_int;
pub fn OCSP_check_validity(
thisupd: *mut ASN1_GENERALIZEDTIME,
nextupd: *mut ASN1_GENERALIZEDTIME,
sec: c_long,
maxsec: c_long,
) -> c_int;
pub fn OCSP_check_validity(thisupd: *mut ASN1_GENERALIZEDTIME, nextupd: *mut ASN1_GENERALIZEDTIME, sec: c_long, maxsec: c_long) -> c_int;
pub fn OCSP_response_status(resp: *mut OCSP_RESPONSE) -> c_int;
pub fn OCSP_response_get1_basic(resp: *mut OCSP_RESPONSE) -> *mut OCSP_BASICRESP;
@ -56,11 +51,7 @@ const_ptr_api! {
}
extern "C" {
pub fn d2i_OCSP_RESPONSE(
a: *mut *mut OCSP_RESPONSE,
pp: *mut *const c_uchar,
length: c_long,
) -> *mut OCSP_RESPONSE;
pub fn d2i_OCSP_RESPONSE(a: *mut *mut OCSP_RESPONSE, pp: *mut *const c_uchar, length: c_long) -> *mut OCSP_RESPONSE;
pub fn OCSP_ONEREQ_free(r: *mut OCSP_ONEREQ);
pub fn OCSP_CERTID_free(id: *mut OCSP_CERTID);
pub fn OCSP_REQUEST_new() -> *mut OCSP_REQUEST;
@ -74,16 +65,7 @@ const_ptr_api! {
}
extern "C" {
pub fn d2i_OCSP_REQUEST(
a: *mut *mut OCSP_REQUEST,
pp: *mut *const c_uchar,
length: c_long,
) -> *mut OCSP_REQUEST;
pub fn d2i_OCSP_REQUEST(a: *mut *mut OCSP_REQUEST, pp: *mut *const c_uchar, length: c_long) -> *mut OCSP_REQUEST;
pub fn OCSP_basic_verify(
bs: *mut OCSP_BASICRESP,
certs: *mut stack_st_X509,
st: *mut X509_STORE,
flags: c_ulong,
) -> c_int;
pub fn OCSP_basic_verify(bs: *mut OCSP_BASICRESP, certs: *mut stack_st_X509, st: *mut X509_STORE, flags: c_ulong) -> c_int;
}

128
openssl-sys/src/handwritten/pem.rs
View file

@ -1,14 +1,7 @@
use super::super::*;
use libc::*;
pub type pem_password_cb = Option<
unsafe extern "C" fn(
buf: *mut c_char,
size: c_int,
rwflag: c_int,
user_data: *mut c_void,
) -> c_int,
>;
pub type pem_password_cb = Option<unsafe extern "C" fn(buf: *mut c_char, size: c_int, rwflag: c_int, user_data: *mut c_void) -> c_int>;
const_ptr_api! {
extern "C" {
@ -78,114 +71,31 @@ const_ptr_api! {
}
extern "C" {
pub fn PEM_read_bio_X509(
bio: *mut BIO,
out: *mut *mut X509,
callback: pem_password_cb,
user_data: *mut c_void,
) -> *mut X509;
pub fn PEM_read_bio_X509_REQ(
bio: *mut BIO,
out: *mut *mut X509_REQ,
callback: pem_password_cb,
user_data: *mut c_void,
) -> *mut X509_REQ;
pub fn PEM_read_bio_X509_CRL(
bio: *mut BIO,
out: *mut *mut X509_CRL,
callback: pem_password_cb,
user_data: *mut c_void,
) -> *mut X509_CRL;
pub fn PEM_read_bio_RSAPrivateKey(
bio: *mut BIO,
rsa: *mut *mut RSA,
callback: pem_password_cb,
user_data: *mut c_void,
) -> *mut RSA;
pub fn PEM_read_bio_RSAPublicKey(
bio: *mut BIO,
rsa: *mut *mut RSA,
callback: pem_password_cb,
user_data: *mut c_void,
) -> *mut RSA;
pub fn PEM_read_bio_X509(bio: *mut BIO, out: *mut *mut X509, callback: pem_password_cb, user_data: *mut c_void) -> *mut X509;
pub fn PEM_read_bio_X509_REQ(bio: *mut BIO, out: *mut *mut X509_REQ, callback: pem_password_cb, user_data: *mut c_void) -> *mut X509_REQ;
pub fn PEM_read_bio_X509_CRL(bio: *mut BIO, out: *mut *mut X509_CRL, callback: pem_password_cb, user_data: *mut c_void) -> *mut X509_CRL;
pub fn PEM_read_bio_RSAPrivateKey(bio: *mut BIO, rsa: *mut *mut RSA, callback: pem_password_cb, user_data: *mut c_void) -> *mut RSA;
pub fn PEM_read_bio_RSAPublicKey(bio: *mut BIO, rsa: *mut *mut RSA, callback: pem_password_cb, user_data: *mut c_void) -> *mut RSA;
pub fn PEM_write_bio_RSAPublicKey(bp: *mut BIO, rsa: *const RSA) -> c_int;
pub fn PEM_read_bio_RSA_PUBKEY(
bio: *mut BIO,
rsa: *mut *mut RSA,
callback: pem_password_cb,
user_data: *mut c_void,
) -> *mut RSA;
pub fn PEM_read_bio_DSAPrivateKey(
bp: *mut BIO,
dsa: *mut *mut DSA,
callback: pem_password_cb,
user_data: *mut c_void,
) -> *mut DSA;
pub fn PEM_read_bio_DSA_PUBKEY(
bp: *mut BIO,
dsa: *mut *mut DSA,
callback: pem_password_cb,
user_data: *mut c_void,
) -> *mut DSA;
pub fn PEM_read_bio_ECPrivateKey(
bio: *mut BIO,
key: *mut *mut EC_KEY,
callback: pem_password_cb,
user_data: *mut c_void,
) -> *mut EC_KEY;
pub fn PEM_read_bio_EC_PUBKEY(
bp: *mut BIO,
ec: *mut *mut EC_KEY,
callback: pem_password_cb,
user_data: *mut c_void,
) -> *mut EC_KEY;
pub fn PEM_read_bio_DHparams(
bio: *mut BIO,
out: *mut *mut DH,
callback: pem_password_cb,
user_data: *mut c_void,
) -> *mut DH;
pub fn PEM_read_bio_RSA_PUBKEY(bio: *mut BIO, rsa: *mut *mut RSA, callback: pem_password_cb, user_data: *mut c_void) -> *mut RSA;
pub fn PEM_read_bio_DSAPrivateKey(bp: *mut BIO, dsa: *mut *mut DSA, callback: pem_password_cb, user_data: *mut c_void) -> *mut DSA;
pub fn PEM_read_bio_DSA_PUBKEY(bp: *mut BIO, dsa: *mut *mut DSA, callback: pem_password_cb, user_data: *mut c_void) -> *mut DSA;
pub fn PEM_read_bio_ECPrivateKey(bio: *mut BIO, key: *mut *mut EC_KEY, callback: pem_password_cb, user_data: *mut c_void) -> *mut EC_KEY;
pub fn PEM_read_bio_EC_PUBKEY(bp: *mut BIO, ec: *mut *mut EC_KEY, callback: pem_password_cb, user_data: *mut c_void) -> *mut EC_KEY;
pub fn PEM_read_bio_DHparams(bio: *mut BIO, out: *mut *mut DH, callback: pem_password_cb, user_data: *mut c_void) -> *mut DH;
pub fn PEM_write_bio_DHparams(bio: *mut BIO, x: *const DH) -> c_int;
pub fn PEM_read_bio_PrivateKey(
bio: *mut BIO,
out: *mut *mut EVP_PKEY,
callback: pem_password_cb,
user_data: *mut c_void,
) -> *mut EVP_PKEY;
pub fn PEM_read_bio_PUBKEY(
bio: *mut BIO,
out: *mut *mut EVP_PKEY,
callback: pem_password_cb,
user_data: *mut c_void,
) -> *mut EVP_PKEY;
pub fn PEM_read_bio_PrivateKey(bio: *mut BIO, out: *mut *mut EVP_PKEY, callback: pem_password_cb, user_data: *mut c_void) -> *mut EVP_PKEY;
pub fn PEM_read_bio_PUBKEY(bio: *mut BIO, out: *mut *mut EVP_PKEY, callback: pem_password_cb, user_data: *mut c_void) -> *mut EVP_PKEY;
pub fn d2i_PKCS8PrivateKey_bio(
bp: *mut BIO,
x: *mut *mut EVP_PKEY,
cb: pem_password_cb,
u: *mut c_void,
) -> *mut EVP_PKEY;
pub fn d2i_PKCS8_PRIV_KEY_INFO(
k: *mut *mut PKCS8_PRIV_KEY_INFO,
buf: *mut *const u8,
length: c_long,
) -> *mut PKCS8_PRIV_KEY_INFO;
pub fn d2i_PKCS8PrivateKey_bio(bp: *mut BIO, x: *mut *mut EVP_PKEY, cb: pem_password_cb, u: *mut c_void) -> *mut EVP_PKEY;
pub fn d2i_PKCS8_PRIV_KEY_INFO(k: *mut *mut PKCS8_PRIV_KEY_INFO, buf: *mut *const u8, length: c_long) -> *mut PKCS8_PRIV_KEY_INFO;
pub fn PKCS8_PRIV_KEY_INFO_free(p8inf: *mut PKCS8_PRIV_KEY_INFO);
pub fn PEM_read_bio_PKCS7(
bio: *mut BIO,
out: *mut *mut PKCS7,
cb: pem_password_cb,
u: *mut c_void,
) -> *mut PKCS7;
pub fn PEM_read_bio_PKCS7(bio: *mut BIO, out: *mut *mut PKCS7, cb: pem_password_cb, u: *mut c_void) -> *mut PKCS7;
#[cfg(ossl101)]
pub fn PEM_read_bio_CMS(
bio: *mut BIO,
out: *mut *mut CMS_ContentInfo,
callback: pem_password_cb,
user_data: *mut c_void,
) -> *mut CMS_ContentInfo;
pub fn PEM_read_bio_CMS(bio: *mut BIO, out: *mut *mut CMS_ContentInfo, callback: pem_password_cb, user_data: *mut c_void)
-> *mut CMS_ContentInfo;
#[cfg(ossl101)]
pub fn PEM_write_bio_CMS(bio: *mut BIO, cms: *const CMS_ContentInfo) -> c_int;
}

8
openssl-sys/src/handwritten/pkcs12.rs
View file

@ -15,13 +15,7 @@ const_ptr_api! {
extern "C" {
pub fn d2i_PKCS12(a: *mut *mut PKCS12, pp: *mut *const u8, length: c_long) -> *mut PKCS12;
pub fn PKCS12_parse(
p12: *mut PKCS12,
pass: *const c_char,
pkey: *mut *mut EVP_PKEY,
cert: *mut *mut X509,
ca: *mut *mut stack_st_X509,
) -> c_int;
pub fn PKCS12_parse(p12: *mut PKCS12, pass: *const c_char, pkey: *mut *mut EVP_PKEY, cert: *mut *mut X509, ca: *mut *mut stack_st_X509) -> c_int;
pub fn PKCS12_set_mac(
p12: *mut PKCS12,

46
openssl-sys/src/handwritten/pkcs7.rs
View file

@ -19,52 +19,20 @@ const_ptr_api! {
}
extern "C" {
pub fn PKCS7_encrypt(
certs: *mut stack_st_X509,
b: *mut BIO,
cipher: *const EVP_CIPHER,
flags: c_int,
) -> *mut PKCS7;
pub fn PKCS7_encrypt(certs: *mut stack_st_X509, b: *mut BIO, cipher: *const EVP_CIPHER, flags: c_int) -> *mut PKCS7;
pub fn PKCS7_verify(
pkcs7: *mut PKCS7,
certs: *mut stack_st_X509,
store: *mut X509_STORE,
indata: *mut BIO,
out: *mut BIO,
flags: c_int,
) -> c_int;
pub fn PKCS7_verify(pkcs7: *mut PKCS7, certs: *mut stack_st_X509, store: *mut X509_STORE, indata: *mut BIO, out: *mut BIO, flags: c_int)
-> c_int;
pub fn PKCS7_get0_signers(
pkcs7: *mut PKCS7,
certs: *mut stack_st_X509,
flags: c_int,
) -> *mut stack_st_X509;
pub fn PKCS7_get0_signers(pkcs7: *mut PKCS7, certs: *mut stack_st_X509, flags: c_int) -> *mut stack_st_X509;
pub fn PKCS7_sign(
signcert: *mut X509,
pkey: *mut EVP_PKEY,
certs: *mut stack_st_X509,
data: *mut BIO,
flags: c_int,
) -> *mut PKCS7;
pub fn PKCS7_sign(signcert: *mut X509, pkey: *mut EVP_PKEY, certs: *mut stack_st_X509, data: *mut BIO, flags: c_int) -> *mut PKCS7;
pub fn PKCS7_decrypt(
pkcs7: *mut PKCS7,
pkey: *mut EVP_PKEY,
cert: *mut X509,
data: *mut BIO,
flags: c_int,
) -> c_int;
pub fn PKCS7_decrypt(pkcs7: *mut PKCS7, pkey: *mut EVP_PKEY, cert: *mut X509, data: *mut BIO, flags: c_int) -> c_int;
pub fn PKCS7_free(pkcs7: *mut PKCS7);
pub fn SMIME_write_PKCS7(
out: *mut BIO,
pkcs7: *mut PKCS7,
data: *mut BIO,
flags: c_int,
) -> c_int;
pub fn SMIME_write_PKCS7(out: *mut BIO, pkcs7: *mut PKCS7, data: *mut BIO, flags: c_int) -> c_int;
pub fn SMIME_read_PKCS7(bio: *mut BIO, bcont: *mut *mut BIO) -> *mut PKCS7;
}

11
openssl-sys/src/handwritten/provider.rs
View file

@ -5,16 +5,9 @@ extern "C" {
#[cfg(ossl300)]
pub fn OSSL_PROVIDER_load(ctx: *mut OSSL_LIB_CTX, name: *const c_char) -> *mut OSSL_PROVIDER;
#[cfg(ossl300)]
pub fn OSSL_PROVIDER_try_load(
ctx: *mut OSSL_LIB_CTX,
name: *const c_char,
retain_fallbacks: c_int,
) -> *mut OSSL_PROVIDER;
pub fn OSSL_PROVIDER_try_load(ctx: *mut OSSL_LIB_CTX, name: *const c_char, retain_fallbacks: c_int) -> *mut OSSL_PROVIDER;
#[cfg(ossl300)]
pub fn OSSL_PROVIDER_unload(prov: *mut OSSL_PROVIDER) -> c_int;
#[cfg(ossl300)]
pub fn OSSL_PROVIDER_set_default_search_path(
ctx: *mut OSSL_LIB_CTX,
path: *const c_char,
) -> c_int;
pub fn OSSL_PROVIDER_set_default_search_path(ctx: *mut OSSL_LIB_CTX, path: *const c_char) -> c_int;
}

93
openssl-sys/src/handwritten/rsa.rs
View file

@ -22,72 +22,23 @@ extern "C" {
#[cfg(any(ossl110, libressl273))]
pub fn RSA_set0_factors(r: *mut RSA, p: *mut BIGNUM, q: *mut BIGNUM) -> c_int;
#[cfg(any(ossl110, libressl273))]
pub fn RSA_set0_crt_params(
r: *mut RSA,
dmp1: *mut BIGNUM,
dmq1: *mut BIGNUM,
iqmp: *mut BIGNUM,
) -> c_int;
pub fn RSA_set0_crt_params(r: *mut RSA, dmp1: *mut BIGNUM, dmq1: *mut BIGNUM, iqmp: *mut BIGNUM) -> c_int;
#[cfg(any(ossl110, libressl273))]
pub fn RSA_get0_key(
r: *const RSA,
n: *mut *const BIGNUM,
e: *mut *const BIGNUM,
d: *mut *const BIGNUM,
);
pub fn RSA_get0_key(r: *const RSA, n: *mut *const BIGNUM, e: *mut *const BIGNUM, d: *mut *const BIGNUM);
#[cfg(any(ossl110, libressl273))]
pub fn RSA_get0_factors(r: *const RSA, p: *mut *const BIGNUM, q: *mut *const BIGNUM);
#[cfg(any(ossl110, libressl273))]
pub fn RSA_get0_crt_params(
r: *const RSA,
dmp1: *mut *const BIGNUM,
dmq1: *mut *const BIGNUM,
iqmp: *mut *const BIGNUM,
);
pub fn RSA_get0_crt_params(r: *const RSA, dmp1: *mut *const BIGNUM, dmq1: *mut *const BIGNUM, iqmp: *mut *const BIGNUM);
#[cfg(not(ossl110))]
pub fn RSA_generate_key(
modsz: c_int,
e: c_ulong,
cb: Option<extern "C" fn(c_int, c_int, *mut c_void)>,
cbarg: *mut c_void,
) -> *mut RSA;
pub fn RSA_generate_key(modsz: c_int, e: c_ulong, cb: Option<extern "C" fn(c_int, c_int, *mut c_void)>, cbarg: *mut c_void) -> *mut RSA;
pub fn RSA_generate_key_ex(
rsa: *mut RSA,
bits: c_int,
e: *mut BIGNUM,
cb: *mut BN_GENCB,
) -> c_int;
pub fn RSA_generate_key_ex(rsa: *mut RSA, bits: c_int, e: *mut BIGNUM, cb: *mut BN_GENCB) -> c_int;
pub fn RSA_public_encrypt(
flen: c_int,
from: *const u8,
to: *mut u8,
k: *mut RSA,
pad: c_int,
) -> c_int;
pub fn RSA_private_encrypt(
flen: c_int,
from: *const u8,
to: *mut u8,
k: *mut RSA,
pad: c_int,
) -> c_int;
pub fn RSA_public_decrypt(
flen: c_int,
from: *const u8,
to: *mut u8,
k: *mut RSA,
pad: c_int,
) -> c_int;
pub fn RSA_private_decrypt(
flen: c_int,
from: *const u8,
to: *mut u8,
k: *mut RSA,
pad: c_int,
) -> c_int;
pub fn RSA_public_encrypt(flen: c_int, from: *const u8, to: *mut u8, k: *mut RSA, pad: c_int) -> c_int;
pub fn RSA_private_encrypt(flen: c_int, from: *const u8, to: *mut u8, k: *mut RSA, pad: c_int) -> c_int;
pub fn RSA_public_decrypt(flen: c_int, from: *const u8, to: *mut u8, k: *mut RSA, pad: c_int) -> c_int;
pub fn RSA_private_decrypt(flen: c_int, from: *const u8, to: *mut u8, k: *mut RSA, pad: c_int) -> c_int;
pub fn RSA_check_key(r: *const RSA) -> c_int;
pub fn RSA_free(rsa: *mut RSA);
pub fn RSA_up_ref(rsa: *mut RSA) -> c_int;
@ -97,28 +48,8 @@ extern "C" {
pub fn i2d_RSAPrivateKey(k: *const RSA, buf: *mut *mut u8) -> c_int;
pub fn d2i_RSAPrivateKey(k: *mut *mut RSA, buf: *mut *const u8, len: c_long) -> *mut RSA;
pub fn RSA_sign(
t: c_int,
m: *const u8,
mlen: c_uint,
sig: *mut u8,
siglen: *mut c_uint,
k: *mut RSA,
) -> c_int;
pub fn RSA_verify(
t: c_int,
m: *const u8,
mlen: c_uint,
sig: *const u8,
siglen: c_uint,
k: *mut RSA,
) -> c_int;
pub fn RSA_sign(t: c_int, m: *const u8, mlen: c_uint, sig: *mut u8, siglen: *mut c_uint, k: *mut RSA) -> c_int;
pub fn RSA_verify(t: c_int, m: *const u8, mlen: c_uint, sig: *const u8, siglen: c_uint, k: *mut RSA) -> c_int;
pub fn RSA_padding_check_PKCS1_type_2(
to: *mut c_uchar,
tlen: c_int,
f: *const c_uchar,
fl: c_int,
rsa_len: c_int,
) -> c_int;
pub fn RSA_padding_check_PKCS1_type_2(to: *mut c_uchar, tlen: c_int, f: *const c_uchar, fl: c_int, rsa_len: c_int) -> c_int;
}

206
openssl-sys/src/handwritten/ssl.rs
View file

@ -140,18 +140,9 @@ pub struct SRTP_PROTECTION_PROFILE {
stack!(stack_st_SRTP_PROTECTION_PROFILE);
pub type tls_session_ticket_ext_cb_fn =
Option<unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_void) -> c_int>;
pub type tls_session_secret_cb_fn = Option<
unsafe extern "C" fn(
*mut SSL,
*mut c_void,
*mut c_int,
*mut stack_st_SSL_CIPHER,
*mut *mut SSL_CIPHER,
*mut c_void,
) -> c_int,
>;
pub type tls_session_ticket_ext_cb_fn = Option<unsafe extern "C" fn(*mut SSL, *const c_uchar, c_int, *mut c_void) -> c_int>;
pub type tls_session_secret_cb_fn =
Option<unsafe extern "C" fn(*mut SSL, *mut c_void, *mut c_int, *mut stack_st_SSL_CIPHER, *mut *mut SSL_CIPHER, *mut c_void) -> c_int>;
#[cfg(ossl111)]
pub type SSL_custom_ext_add_cb_ex = Option<
@ -169,15 +160,8 @@ pub type SSL_custom_ext_add_cb_ex = Option<
>;
#[cfg(ossl111)]
pub type SSL_custom_ext_free_cb_ex = Option<
unsafe extern "C" fn(
ssl: *mut SSL,
ext_type: c_uint,
context: c_uint,
out: *const c_uchar,
add_arg: *mut c_void,
),
>;
pub type SSL_custom_ext_free_cb_ex =
Option<unsafe extern "C" fn(ssl: *mut SSL, ext_type: c_uint, context: c_uint, out: *const c_uchar, add_arg: *mut c_void)>;
#[cfg(ossl111)]
pub type SSL_custom_ext_parse_cb_ex = Option<
@ -210,18 +194,11 @@ cfg_if! {
}
}
pub type GEN_SESSION_CB =
Option<unsafe extern "C" fn(*const SSL, *mut c_uchar, *mut c_uint) -> c_int>;
pub type GEN_SESSION_CB = Option<unsafe extern "C" fn(*const SSL, *mut c_uchar, *mut c_uint) -> c_int>;
extern "C" {
pub fn SSL_CTX_sess_set_new_cb(
ctx: *mut SSL_CTX,
new_session_cb: Option<unsafe extern "C" fn(*mut SSL, *mut SSL_SESSION) -> c_int>,
);
pub fn SSL_CTX_sess_set_remove_cb(
ctx: *mut SSL_CTX,
remove_session_cb: Option<unsafe extern "C" fn(*mut SSL_CTX, *mut SSL_SESSION)>,
);
pub fn SSL_CTX_sess_set_new_cb(ctx: *mut SSL_CTX, new_session_cb: Option<unsafe extern "C" fn(*mut SSL, *mut SSL_SESSION) -> c_int>);
pub fn SSL_CTX_sess_set_remove_cb(ctx: *mut SSL_CTX, remove_session_cb: Option<unsafe extern "C" fn(*mut SSL_CTX, *mut SSL_SESSION)>);
}
cfg_if! {
// const change in passed function pointer signature
@ -249,9 +226,7 @@ extern "C" {
// FIXME change to unsafe extern "C" fn
pub fn SSL_CTX_set_cookie_generate_cb(
s: *mut SSL_CTX,
cb: Option<
extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int,
>,
cb: Option<extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut c_uint) -> c_int>,
);
}
@ -280,34 +255,17 @@ extern "C" {
#[cfg(ossl111)]
pub fn SSL_CTX_set_stateless_cookie_generate_cb(
s: *mut SSL_CTX,
cb: Option<
unsafe extern "C" fn(
ssl: *mut SSL,
cookie: *mut c_uchar,
cookie_len: *mut size_t,
) -> c_int,
>,
cb: Option<unsafe extern "C" fn(ssl: *mut SSL, cookie: *mut c_uchar, cookie_len: *mut size_t) -> c_int>,
);
#[cfg(ossl111)]
pub fn SSL_CTX_set_stateless_cookie_verify_cb(
s: *mut SSL_CTX,
cb: Option<
unsafe extern "C" fn(
ssl: *mut SSL,
cookie: *const c_uchar,
cookie_len: size_t,
) -> c_int,
>,
cb: Option<unsafe extern "C" fn(ssl: *mut SSL, cookie: *const c_uchar, cookie_len: size_t) -> c_int>,
);
pub fn SSL_CTX_set_next_protos_advertised_cb(
ssl: *mut SSL_CTX,
cb: extern "C" fn(
ssl: *mut SSL,
out: *mut *const c_uchar,
outlen: *mut c_uint,
arg: *mut c_void,
) -> c_int,
cb: extern "C" fn(ssl: *mut SSL, out: *mut *const c_uchar, outlen: *mut c_uint, arg: *mut c_void) -> c_int,
arg: *mut c_void,
);
pub fn SSL_CTX_set_next_proto_select_cb(
@ -322,11 +280,7 @@ extern "C" {
) -> c_int,
arg: *mut c_void,
);
pub fn SSL_get0_next_proto_negotiated(
s: *const SSL,
data: *mut *const c_uchar,
len: *mut c_uint,
);
pub fn SSL_get0_next_proto_negotiated(s: *const SSL, data: *mut *const c_uchar, len: *mut c_uint);
pub fn SSL_select_next_proto(
out: *mut *mut c_uchar,
@ -367,22 +321,11 @@ extern "C" {
extern "C" {
pub fn SSL_CTX_set_psk_client_callback(
ssl: *mut SSL_CTX,
psk_client_cb: Option<
extern "C" fn(
*mut SSL,
*const c_char,
*mut c_char,
c_uint,
*mut c_uchar,
c_uint,
) -> c_uint,
>,
psk_client_cb: Option<extern "C" fn(*mut SSL, *const c_char, *mut c_char, c_uint, *mut c_uchar, c_uint) -> c_uint>,
);
pub fn SSL_CTX_set_psk_server_callback(
ssl: *mut SSL_CTX,
psk_server_cb: Option<
extern "C" fn(*mut SSL, *const c_char, *mut c_uchar, c_uint) -> c_uint,
>,
psk_server_cb: Option<extern "C" fn(*mut SSL, *const c_char, *mut c_uchar, c_uint) -> c_uint>,
);
pub fn SSL_get_psk_identity_hint(ssl: *const SSL) -> *const c_char;
pub fn SSL_get_psk_identity(ssl: *const SSL) -> *const c_char;
@ -406,8 +349,7 @@ extern "C" {
}
#[cfg(ossl111)]
pub type SSL_CTX_keylog_cb_func =
Option<unsafe extern "C" fn(ssl: *const SSL, line: *const c_char)>;
pub type SSL_CTX_keylog_cb_func = Option<unsafe extern "C" fn(ssl: *const SSL, line: *const c_char)>;
extern "C" {
#[cfg(ossl111)]
@ -503,20 +445,9 @@ extern "C" {
pub fn SSL_CTX_use_PrivateKey(ctx: *mut SSL_CTX, key: *mut EVP_PKEY) -> c_int;
pub fn SSL_CTX_use_certificate(ctx: *mut SSL_CTX, cert: *mut X509) -> c_int;
pub fn SSL_CTX_use_PrivateKey_file(
ctx: *mut SSL_CTX,
key_file: *const c_char,
file_type: c_int,
) -> c_int;
pub fn SSL_CTX_use_certificate_file(
ctx: *mut SSL_CTX,
cert_file: *const c_char,
file_type: c_int,
) -> c_int;
pub fn SSL_CTX_use_certificate_chain_file(
ctx: *mut SSL_CTX,
cert_chain_file: *const c_char,
) -> c_int;
pub fn SSL_CTX_use_PrivateKey_file(ctx: *mut SSL_CTX, key_file: *const c_char, file_type: c_int) -> c_int;
pub fn SSL_CTX_use_certificate_file(ctx: *mut SSL_CTX, cert_file: *const c_char, file_type: c_int) -> c_int;
pub fn SSL_CTX_use_certificate_chain_file(ctx: *mut SSL_CTX, cert_chain_file: *const c_char) -> c_int;
pub fn SSL_use_PrivateKey_file(ssl: *mut SSL, file: *const c_char, type_: c_int) -> c_int;
pub fn SSL_use_PrivateKey(ssl: *mut SSL, pkey: *mut EVP_PKEY) -> c_int;
pub fn SSL_use_certificate(ssl: *mut SSL, x: *mut X509) -> c_int;
@ -555,11 +486,7 @@ extern "C" {
pub fn SSL_set_session(ssl: *mut SSL, session: *mut SSL_SESSION) -> c_int;
pub fn SSL_CTX_add_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int;
pub fn SSL_CTX_remove_session(ctx: *mut SSL_CTX, session: *mut SSL_SESSION) -> c_int;
pub fn d2i_SSL_SESSION(
a: *mut *mut SSL_SESSION,
pp: *mut *const c_uchar,
len: c_long,
) -> *mut SSL_SESSION;
pub fn d2i_SSL_SESSION(a: *mut *mut SSL_SESSION, pp: *mut *const c_uchar, len: c_long) -> *mut SSL_SESSION;
#[cfg(not(ossl300))]
pub fn SSL_get_peer_certificate(ssl: *const SSL) -> *mut X509;
@ -568,11 +495,7 @@ extern "C" {
pub fn SSL_get_peer_cert_chain(ssl: *const SSL) -> *mut stack_st_X509;
pub fn SSL_CTX_set_verify(
ctx: *mut SSL_CTX,
mode: c_int,
verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>,
);
pub fn SSL_CTX_set_verify(ctx: *mut SSL_CTX, mode: c_int, verify_callback: Option<extern "C" fn(c_int, *mut X509_STORE_CTX) -> c_int>);
pub fn SSL_CTX_set_verify_depth(ctx: *mut SSL_CTX, depth: c_int);
#[cfg(any(ossl111, libressl340))]
@ -580,11 +503,7 @@ extern "C" {
pub fn SSL_CTX_check_private_key(ctx: *const SSL_CTX) -> c_int;
pub fn SSL_CTX_set_session_id_context(
ssl: *mut SSL_CTX,
sid_ctx: *const c_uchar,
sid_ctx_len: c_uint,
) -> c_int;
pub fn SSL_CTX_set_session_id_context(ssl: *mut SSL_CTX, sid_ctx: *const c_uchar, sid_ctx_len: c_uint) -> c_int;
pub fn SSL_new(ctx: *mut SSL_CTX) -> *mut SSL;
@ -596,15 +515,10 @@ extern "C" {
}
#[cfg(ossl111)]
pub type SSL_client_hello_cb_fn =
Option<unsafe extern "C" fn(s: *mut SSL, al: *mut c_int, arg: *mut c_void) -> c_int>;
pub type SSL_client_hello_cb_fn = Option<unsafe extern "C" fn(s: *mut SSL, al: *mut c_int, arg: *mut c_void) -> c_int>;
extern "C" {
#[cfg(ossl111)]
pub fn SSL_CTX_set_client_hello_cb(
c: *mut SSL_CTX,
cb: SSL_client_hello_cb_fn,
arg: *mut c_void,
);
pub fn SSL_CTX_set_client_hello_cb(c: *mut SSL_CTX, cb: SSL_client_hello_cb_fn, arg: *mut c_void);
#[cfg(ossl111)]
pub fn SSL_client_hello_isv2(s: *mut SSL) -> c_int;
#[cfg(ossl111)]
@ -616,23 +530,11 @@ extern "C" {
#[cfg(ossl111)]
pub fn SSL_client_hello_get0_ciphers(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
#[cfg(ossl111)]
pub fn SSL_client_hello_get0_compression_methods(
s: *mut SSL,
out: *mut *const c_uchar,
) -> size_t;
pub fn SSL_client_hello_get0_compression_methods(s: *mut SSL, out: *mut *const c_uchar) -> size_t;
#[cfg(ossl111)]
pub fn SSL_client_hello_get1_extensions_present(
s: *mut SSL,
out: *mut *mut c_int,
outlen: *mut size_t,
) -> c_int;
pub fn SSL_client_hello_get1_extensions_present(s: *mut SSL, out: *mut *mut c_int, outlen: *mut size_t) -> c_int;
#[cfg(ossl111)]
pub fn SSL_client_hello_get0_ext(
s: *mut SSL,
type_: c_uint,
out: *mut *const c_uchar,
outlen: *mut size_t,
) -> c_int;
pub fn SSL_client_hello_get0_ext(s: *mut SSL, type_: c_uint, out: *mut *const c_uchar, outlen: *mut size_t) -> c_int;
pub fn SSL_free(ssl: *mut SSL);
pub fn SSL_accept(ssl: *mut SSL) -> c_int;
@ -642,31 +544,17 @@ extern "C" {
pub fn SSL_read(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int;
pub fn SSL_peek(ssl: *mut SSL, buf: *mut c_void, num: c_int) -> c_int;
#[cfg(any(ossl111, libressl340))]
pub fn SSL_read_early_data(
s: *mut SSL,
buf: *mut c_void,
num: size_t,
readbytes: *mut size_t,
) -> c_int;
pub fn SSL_read_early_data(s: *mut SSL, buf: *mut c_void, num: size_t, readbytes: *mut size_t) -> c_int;
}
extern "C" {
pub fn SSL_write(ssl: *mut SSL, buf: *const c_void, num: c_int) -> c_int;
#[cfg(any(ossl111, libressl340))]
pub fn SSL_write_early_data(
s: *mut SSL,
buf: *const c_void,
num: size_t,
written: *mut size_t,
) -> c_int;
pub fn SSL_write_early_data(s: *mut SSL, buf: *const c_void, num: size_t, written: *mut size_t) -> c_int;
pub fn SSL_ctrl(ssl: *mut SSL, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
pub fn SSL_CTX_ctrl(ctx: *mut SSL_CTX, cmd: c_int, larg: c_long, parg: *mut c_void) -> c_long;
#[link_name = "SSL_CTX_callback_ctrl"]
pub fn SSL_CTX_callback_ctrl__fixed_rust(
ctx: *mut SSL_CTX,
cmd: c_int,
fp: Option<unsafe extern "C" fn()>,
) -> c_long;
pub fn SSL_CTX_callback_ctrl__fixed_rust(ctx: *mut SSL_CTX, cmd: c_int, fp: Option<unsafe extern "C" fn()>) -> c_long;
}
cfg_if! {
@ -717,11 +605,7 @@ extern "C" {
pub fn SSL_CTX_add_client_CA(ctx: *mut SSL_CTX, cacert: *mut X509) -> c_int;
pub fn SSL_CTX_set_default_verify_paths(ctx: *mut SSL_CTX) -> c_int;
pub fn SSL_CTX_load_verify_locations(
ctx: *mut SSL_CTX,
CAfile: *const c_char,
CApath: *const c_char,
) -> c_int;
pub fn SSL_CTX_load_verify_locations(ctx: *mut SSL_CTX, CAfile: *const c_char, CApath: *const c_char) -> c_int;
}
const_ptr_api! {
@ -737,11 +621,7 @@ extern "C" {
#[cfg(not(ossl110))]
pub fn SSL_library_init() -> c_int;
pub fn SSL_CIPHER_description(
cipher: *const SSL_CIPHER,
buf: *mut c_char,
size: c_int,
) -> *mut c_char;
pub fn SSL_CIPHER_description(cipher: *const SSL_CIPHER, buf: *mut c_char, size: c_int) -> *mut c_char;
pub fn SSL_get_certificate(ssl: *const SSL) -> *mut X509;
}
@ -773,11 +653,7 @@ extern "C" {
#[cfg(any(ossl110, libressl270))]
pub fn SSL_get_server_random(ssl: *const SSL, out: *mut c_uchar, len: size_t) -> size_t;
#[cfg(any(ossl110, libressl273))]
pub fn SSL_SESSION_get_master_key(
session: *const SSL_SESSION,
out: *mut c_uchar,
outlen: size_t,
) -> size_t;
pub fn SSL_SESSION_get_master_key(session: *const SSL_SESSION, out: *mut c_uchar, outlen: size_t) -> size_t;
}
extern "C" {
@ -812,32 +688,24 @@ extern "C" {
#[link_name = "SSL_CTX_set_tmp_dh_callback"]
pub fn SSL_CTX_set_tmp_dh_callback__fixed_rust(
ctx: *mut SSL_CTX,
dh: Option<
unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
>,
dh: Option<unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH>,
);
#[link_name = "SSL_set_tmp_dh_callback"]
pub fn SSL_set_tmp_dh_callback__fixed_rust(
ctx: *mut SSL,
dh: Option<
unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
>,
dh: Option<unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH>,
);
#[cfg(not(ossl110))]
#[link_name = "SSL_CTX_set_tmp_ecdh_callback"]
pub fn SSL_CTX_set_tmp_ecdh_callback__fixed_rust(
ctx: *mut SSL_CTX,
ecdh: Option<
unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY,
>,
ecdh: Option<unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY>,
);
#[cfg(not(ossl110))]
#[link_name = "SSL_set_tmp_ecdh_callback"]
pub fn SSL_set_tmp_ecdh_callback__fixed_rust(
ssl: *mut SSL,
ecdh: Option<
unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY,
>,
ecdh: Option<unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY>,
);
}

114
openssl-sys/src/handwritten/x509.rs
View file

@ -141,12 +141,7 @@ extern "C" {
pub fn X509_sign(x: *mut X509, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int;
pub fn X509_digest(
x: *const X509,
digest: *const EVP_MD,
buf: *mut c_uchar,
len: *mut c_uint,
) -> c_int;
pub fn X509_digest(x: *const X509, digest: *const EVP_MD, buf: *mut c_uchar, len: *mut c_uint) -> c_int;
pub fn X509_REQ_sign(x: *mut X509_REQ, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int;
}
@ -170,17 +165,9 @@ extern "C" {
pub fn d2i_PUBKEY(k: *mut *mut EVP_PKEY, buf: *mut *const u8, len: c_long) -> *mut EVP_PKEY;
pub fn d2i_RSA_PUBKEY(k: *mut *mut RSA, buf: *mut *const u8, len: c_long) -> *mut RSA;
pub fn d2i_DSA_PUBKEY(k: *mut *mut DSA, pp: *mut *const c_uchar, length: c_long) -> *mut DSA;
pub fn d2i_EC_PUBKEY(
a: *mut *mut EC_KEY,
pp: *mut *const c_uchar,
length: c_long,
) -> *mut EC_KEY;
pub fn d2i_EC_PUBKEY(a: *mut *mut EC_KEY, pp: *mut *const c_uchar, length: c_long) -> *mut EC_KEY;
pub fn d2i_ECPrivateKey(
k: *mut *mut EC_KEY,
pp: *mut *const c_uchar,
length: c_long,
) -> *mut EC_KEY;
pub fn d2i_ECPrivateKey(k: *mut *mut EC_KEY, pp: *mut *const c_uchar, length: c_long) -> *mut EC_KEY;
}
const_ptr_api! {
@ -213,11 +200,7 @@ const_ptr_api! {
}
extern "C" {
pub fn d2i_X509_REVOKED(
a: *mut *mut X509_REVOKED,
pp: *mut *const c_uchar,
length: c_long,
) -> *mut X509_REVOKED;
pub fn d2i_X509_REVOKED(a: *mut *mut X509_REVOKED, pp: *mut *const c_uchar, length: c_long) -> *mut X509_REVOKED;
}
const_ptr_api! {
extern "C" {
@ -227,11 +210,7 @@ const_ptr_api! {
extern "C" {
pub fn X509_CRL_new() -> *mut X509_CRL;
pub fn X509_CRL_free(x: *mut X509_CRL);
pub fn d2i_X509_CRL(
a: *mut *mut X509_CRL,
pp: *mut *const c_uchar,
length: c_long,
) -> *mut X509_CRL;
pub fn d2i_X509_CRL(a: *mut *mut X509_CRL, pp: *mut *const c_uchar, length: c_long) -> *mut X509_CRL;
}
const_ptr_api! {
extern "C" {
@ -244,11 +223,7 @@ const_ptr_api! {
extern "C" {
pub fn X509_REQ_new() -> *mut X509_REQ;
pub fn X509_REQ_free(x: *mut X509_REQ);
pub fn d2i_X509_REQ(
a: *mut *mut X509_REQ,
pp: *mut *const c_uchar,
length: c_long,
) -> *mut X509_REQ;
pub fn d2i_X509_REQ(a: *mut *mut X509_REQ, pp: *mut *const c_uchar, length: c_long) -> *mut X509_REQ;
}
const_ptr_api! {
extern "C" {
@ -380,18 +355,9 @@ extern "C" {
pub fn X509_REVOKED_set_revocationDate(r: *mut X509_REVOKED, tm: *mut ASN1_TIME) -> c_int;
pub fn X509_CRL_sign(x: *mut X509_CRL, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int;
pub fn X509_CRL_digest(
x: *const X509_CRL,
digest: *const EVP_MD,
md: *mut c_uchar,
len: *mut c_uint,
) -> c_int;
pub fn X509_CRL_digest(x: *const X509_CRL, digest: *const EVP_MD, md: *mut c_uchar, len: *mut c_uint) -> c_int;
pub fn X509_CRL_verify(crl: *mut X509_CRL, pkey: *mut EVP_PKEY) -> c_int;
pub fn X509_CRL_get0_by_cert(
x: *mut X509_CRL,
ret: *mut *mut X509_REVOKED,
cert: *mut X509,
) -> c_int;
pub fn X509_CRL_get0_by_cert(x: *mut X509_CRL, ret: *mut *mut X509_REVOKED, cert: *mut X509) -> c_int;
}
const_ptr_api! {
extern "C" {
@ -474,11 +440,7 @@ extern "C" {
loc: c_int,
set: c_int,
) -> c_int;
pub fn d2i_X509_NAME(
n: *mut *mut X509_NAME,
pp: *mut *const c_uchar,
length: c_long,
) -> *mut X509_NAME;
pub fn d2i_X509_NAME(n: *mut *mut X509_NAME, pp: *mut *const c_uchar, length: c_long) -> *mut X509_NAME;
}
// "raw" X509_EXTENSION related functions
@ -486,65 +448,26 @@ extern "C" {
// in X509
pub fn X509_delete_ext(x: *mut X509, loc: c_int) -> *mut X509_EXTENSION;
pub fn X509_add_ext(x: *mut X509, ext: *mut X509_EXTENSION, loc: c_int) -> c_int;
pub fn X509_add1_ext_i2d(
x: *mut X509,
nid: c_int,
value: *mut c_void,
crit: c_int,
flags: c_ulong,
) -> c_int;
pub fn X509_add1_ext_i2d(x: *mut X509, nid: c_int, value: *mut c_void, crit: c_int, flags: c_ulong) -> c_int;
// in X509_CRL
pub fn X509_CRL_delete_ext(x: *mut X509_CRL, loc: c_int) -> *mut X509_EXTENSION;
pub fn X509_CRL_add_ext(x: *mut X509_CRL, ext: *mut X509_EXTENSION, loc: c_int) -> c_int;
pub fn X509_CRL_add1_ext_i2d(
x: *mut X509_CRL,
nid: c_int,
value: *mut c_void,
crit: c_int,
flags: c_ulong,
) -> c_int;
pub fn X509_CRL_add1_ext_i2d(x: *mut X509_CRL, nid: c_int, value: *mut c_void, crit: c_int, flags: c_ulong) -> c_int;
// in X509_REVOKED
pub fn X509_REVOKED_delete_ext(x: *mut X509_REVOKED, loc: c_int) -> *mut X509_EXTENSION;
pub fn X509_REVOKED_add_ext(
x: *mut X509_REVOKED,
ext: *mut X509_EXTENSION,
loc: c_int,
) -> c_int;
pub fn X509_REVOKED_add1_ext_i2d(
x: *mut X509_REVOKED,
nid: c_int,
value: *mut c_void,
crit: c_int,
flags: c_ulong,
) -> c_int;
pub fn X509_REVOKED_add_ext(x: *mut X509_REVOKED, ext: *mut X509_EXTENSION, loc: c_int) -> c_int;
pub fn X509_REVOKED_add1_ext_i2d(x: *mut X509_REVOKED, nid: c_int, value: *mut c_void, crit: c_int, flags: c_ulong) -> c_int;
// X509_EXTENSION stack
// - these getters always used *const STACK
pub fn X509v3_get_ext_count(x: *const stack_st_X509_EXTENSION) -> c_int;
pub fn X509v3_get_ext_by_NID(
x: *const stack_st_X509_EXTENSION,
nid: c_int,
lastpos: c_int,
) -> c_int;
pub fn X509v3_get_ext_by_critical(
x: *const stack_st_X509_EXTENSION,
crit: c_int,
lastpos: c_int,
) -> c_int;
pub fn X509v3_get_ext_by_NID(x: *const stack_st_X509_EXTENSION, nid: c_int, lastpos: c_int) -> c_int;
pub fn X509v3_get_ext_by_critical(x: *const stack_st_X509_EXTENSION, crit: c_int, lastpos: c_int) -> c_int;
pub fn X509v3_get_ext(x: *const stack_st_X509_EXTENSION, loc: c_int) -> *mut X509_EXTENSION;
pub fn X509v3_delete_ext(x: *mut stack_st_X509_EXTENSION, loc: c_int) -> *mut X509_EXTENSION;
pub fn X509v3_add_ext(
x: *mut *mut stack_st_X509_EXTENSION,
ex: *mut X509_EXTENSION,
loc: c_int,
) -> *mut stack_st_X509_EXTENSION;
pub fn X509v3_add_ext(x: *mut *mut stack_st_X509_EXTENSION, ex: *mut X509_EXTENSION, loc: c_int) -> *mut stack_st_X509_EXTENSION;
// - X509V3_add1_i2d in x509v3.rs
// X509_EXTENSION itself
pub fn X509_EXTENSION_create_by_NID(
ex: *mut *mut X509_EXTENSION,
nid: c_int,
crit: c_int,
data: *mut ASN1_OCTET_STRING,
) -> *mut X509_EXTENSION;
pub fn X509_EXTENSION_create_by_NID(ex: *mut *mut X509_EXTENSION, nid: c_int, crit: c_int, data: *mut ASN1_OCTET_STRING) -> *mut X509_EXTENSION;
pub fn X509_EXTENSION_set_critical(ex: *mut X509_EXTENSION, crit: c_int) -> c_int;
pub fn X509_EXTENSION_set_data(ex: *mut X509_EXTENSION, data: *mut ASN1_OCTET_STRING) -> c_int;
pub fn X509_EXTENSION_get_object(ext: *mut X509_EXTENSION) -> *mut ASN1_OBJECT;
@ -651,8 +574,7 @@ pub struct X509_PURPOSE {
pub purpose: c_int,
pub trust: c_int, // Default trust ID
pub flags: c_int,
pub check_purpose:
Option<unsafe extern "C" fn(*const X509_PURPOSE, *const X509, c_int) -> c_int>,
pub check_purpose: Option<unsafe extern "C" fn(*const X509_PURPOSE, *const X509, c_int) -> c_int>,
pub name: *mut c_char,
pub sname: *mut c_char,
pub usr_data: *mut c_void,

32
openssl-sys/src/handwritten/x509_vfy.rs
View file

@ -13,13 +13,7 @@ extern "C" {
pub fn X509_LOOKUP_free(ctx: *mut X509_LOOKUP);
pub fn X509_LOOKUP_hash_dir() -> *mut X509_LOOKUP_METHOD;
pub fn X509_LOOKUP_file() -> *mut X509_LOOKUP_METHOD;
pub fn X509_LOOKUP_ctrl(
ctx: *mut X509_LOOKUP,
cmd: c_int,
argc: *const c_char,
argl: c_long,
ret: *mut *mut c_char,
) -> c_int;
pub fn X509_LOOKUP_ctrl(ctx: *mut X509_LOOKUP, cmd: c_int, argc: *const c_char, argl: c_long, ret: *mut *mut c_char) -> c_int;
pub fn X509_load_cert_file(ctx: *mut X509_LOOKUP, file: *const c_char, _type: c_int) -> c_int;
pub fn X509_load_crl_file(ctx: *mut X509_LOOKUP, file: *const c_char, _type: c_int) -> c_int;
}
@ -31,20 +25,12 @@ extern "C" {
pub fn X509_STORE_CTX_new() -> *mut X509_STORE_CTX;
pub fn X509_STORE_CTX_free(ctx: *mut X509_STORE_CTX);
pub fn X509_STORE_CTX_init(
ctx: *mut X509_STORE_CTX,
store: *mut X509_STORE,
x509: *mut X509,
chain: *mut stack_st_X509,
) -> c_int;
pub fn X509_STORE_CTX_init(ctx: *mut X509_STORE_CTX, store: *mut X509_STORE, x509: *mut X509, chain: *mut stack_st_X509) -> c_int;
pub fn X509_STORE_CTX_cleanup(ctx: *mut X509_STORE_CTX);
pub fn X509_STORE_add_cert(store: *mut X509_STORE, x: *mut X509) -> c_int;
pub fn X509_STORE_add_lookup(
store: *mut X509_STORE,
meth: *mut X509_LOOKUP_METHOD,
) -> *mut X509_LOOKUP;
pub fn X509_STORE_add_lookup(store: *mut X509_STORE, meth: *mut X509_LOOKUP_METHOD) -> *mut X509_LOOKUP;
pub fn X509_STORE_set_default_paths(store: *mut X509_STORE) -> c_int;
pub fn X509_STORE_set_flags(store: *mut X509_STORE, flags: c_ulong) -> c_int;
@ -110,19 +96,11 @@ const_ptr_api! {
extern "C" {
#[cfg(any(ossl102, libressl261))]
pub fn X509_VERIFY_PARAM_set1_host(
param: *mut X509_VERIFY_PARAM,
name: *const c_char,
namelen: size_t,
) -> c_int;
pub fn X509_VERIFY_PARAM_set1_host(param: *mut X509_VERIFY_PARAM, name: *const c_char, namelen: size_t) -> c_int;
#[cfg(any(ossl102, libressl261))]
pub fn X509_VERIFY_PARAM_set_hostflags(param: *mut X509_VERIFY_PARAM, flags: c_uint);
#[cfg(any(ossl102, libressl261))]
pub fn X509_VERIFY_PARAM_set1_ip(
param: *mut X509_VERIFY_PARAM,
ip: *const c_uchar,
iplen: size_t,
) -> c_int;
pub fn X509_VERIFY_PARAM_set1_ip(param: *mut X509_VERIFY_PARAM, ip: *const c_uchar, iplen: size_t) -> c_int;
#[cfg(ossl110)]
pub fn X509_VERIFY_PARAM_set_auth_level(param: *mut X509_VERIFY_PARAM, lvl: c_int);
#[cfg(ossl110)]

24
openssl-sys/src/handwritten/x509v3.rs
View file

@ -53,14 +53,7 @@ extern "C" {
pub fn X509V3_set_nconf(ctx: *mut X509V3_CTX, conf: *mut CONF);
pub fn X509V3_set_ctx(
ctx: *mut X509V3_CTX,
issuer: *mut X509,
subject: *mut X509,
req: *mut X509_REQ,
crl: *mut X509_CRL,
flags: c_int,
);
pub fn X509V3_set_ctx(ctx: *mut X509V3_CTX, issuer: *mut X509, subject: *mut X509, req: *mut X509_REQ, crl: *mut X509_CRL, flags: c_int);
pub fn X509_get1_ocsp(x: *mut X509) -> *mut stack_st_OPENSSL_STRING;
}
@ -81,19 +74,8 @@ extern "C" {
pub fn X509V3_EXT_add_alias(nid_to: c_int, nid_from: c_int) -> c_int;
pub fn X509V3_EXT_d2i(ext: *mut X509_EXTENSION) -> *mut c_void;
pub fn X509V3_EXT_i2d(ext_nid: c_int, crit: c_int, ext: *mut c_void) -> *mut X509_EXTENSION;
pub fn X509V3_add1_i2d(
x: *mut *mut stack_st_X509_EXTENSION,
nid: c_int,
value: *mut c_void,
crit: c_int,
flags: c_ulong,
) -> c_int;
pub fn X509V3_EXT_print(
out: *mut BIO,
ext: *mut X509_EXTENSION,
flag: c_ulong,
indent: c_int,
) -> c_int;
pub fn X509V3_add1_i2d(x: *mut *mut stack_st_X509_EXTENSION, nid: c_int, value: *mut c_void, crit: c_int, flags: c_ulong) -> c_int;
pub fn X509V3_EXT_print(out: *mut BIO, ext: *mut X509_EXTENSION, flag: c_ulong, indent: c_int) -> c_int;
#[cfg(ossl110)]
pub fn X509_get_extension_flags(x: *mut X509) -> u32;

26
openssl-sys/src/lib.rs
View file

@ -91,12 +91,7 @@ mod openssl {
static INIT: Once = Once::new();
// FIXME remove
pub type PasswordCallback = unsafe extern "C" fn(
buf: *mut c_char,
size: c_int,
rwflag: c_int,
user_data: *mut c_void,
) -> c_int;
pub type PasswordCallback = unsafe extern "C" fn(buf: *mut c_char, size: c_int, rwflag: c_int, user_data: *mut c_void) -> c_int;
#[cfg(ossl110)]
pub fn init() {
@ -120,26 +115,16 @@ mod openssl {
use std::sync::{Mutex, MutexGuard};
static mut MUTEXES: *mut Vec<Mutex<()>> = 0 as *mut Vec<Mutex<()>>;
static mut GUARDS: *mut Vec<Option<MutexGuard<'static, ()>>> =
0 as *mut Vec<Option<MutexGuard<'static, ()>>>;
static mut GUARDS: *mut Vec<Option<MutexGuard<'static, ()>>> = 0 as *mut Vec<Option<MutexGuard<'static, ()>>>;
unsafe extern "C" fn locking_function(
mode: c_int,
n: c_int,
_file: *const c_char,
_line: c_int,
) {
unsafe extern "C" fn locking_function(mode: c_int, n: c_int, _file: *const c_char, _line: c_int) {
let mutex = &(*MUTEXES)[n as usize];
if mode & CRYPTO_LOCK != 0 {
(*GUARDS)[n as usize] = Some(mutex.lock().unwrap());
} else {
if let None = (*GUARDS)[n as usize].take() {
let _ = writeln!(
io::stderr(),
"BUG: rust-openssl lock {} already unlocked, aborting",
n
);
let _ = writeln!(io::stderr(), "BUG: rust-openssl lock {} already unlocked, aborting", n);
process::abort();
}
}
@ -172,8 +157,7 @@ mod openssl {
mutexes.push(Mutex::new(()));
}
MUTEXES = mem::transmute(mutexes);
let guards: Box<Vec<Option<MutexGuard<()>>>> =
Box::new((0..num_locks).map(|_| None).collect());
let guards: Box<Vec<Option<MutexGuard<()>>>> = Box::new((0..num_locks).map(|_| None).collect());
GUARDS = mem::transmute(guards);
CRYPTO_set_locking_callback__fixed_rust(Some(locking_function));

15
openssl-sys/src/rsa.rs
View file

@ -54,22 +54,11 @@ cfg_if! {
#[cfg(any(ossl102, libressl310))]
pub unsafe fn EVP_PKEY_CTX_set_rsa_oaep_md(ctx: *mut EVP_PKEY_CTX, md: *mut EVP_MD) -> c_int {
EVP_PKEY_CTX_ctrl(
ctx,
EVP_PKEY_RSA,
EVP_PKEY_OP_TYPE_CRYPT,
EVP_PKEY_CTRL_RSA_OAEP_MD,
0,
md as *mut c_void,
)
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, EVP_PKEY_CTRL_RSA_OAEP_MD, 0, md as *mut c_void)
}
#[cfg(any(ossl102, libressl310))]
pub unsafe fn EVP_PKEY_CTX_set0_rsa_oaep_label(
ctx: *mut EVP_PKEY_CTX,
label: *mut c_void,
len: c_int,
) -> c_int {
pub unsafe fn EVP_PKEY_CTX_set0_rsa_oaep_label(ctx: *mut EVP_PKEY_CTX, label: *mut c_void, len: c_int) -> c_int {
EVP_PKEY_CTX_ctrl(
ctx,
EVP_PKEY_RSA,

60
openssl-sys/src/ssl.rs
View file

@ -291,8 +291,7 @@ pub const SSL_SESS_CACHE_BOTH: c_long = SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_S
pub const SSL_SESS_CACHE_NO_AUTO_CLEAR: c_long = 0x80;
pub const SSL_SESS_CACHE_NO_INTERNAL_LOOKUP: c_long = 0x100;
pub const SSL_SESS_CACHE_NO_INTERNAL_STORE: c_long = 0x200;
pub const SSL_SESS_CACHE_NO_INTERNAL: c_long =
SSL_SESS_CACHE_NO_INTERNAL_LOOKUP | SSL_SESS_CACHE_NO_INTERNAL_STORE;
pub const SSL_SESS_CACHE_NO_INTERNAL: c_long = SSL_SESS_CACHE_NO_INTERNAL_LOOKUP | SSL_SESS_CACHE_NO_INTERNAL_STORE;
pub const OPENSSL_NPN_UNSUPPORTED: c_int = 0;
pub const OPENSSL_NPN_NEGOTIATED: c_int = 1;
@ -380,10 +379,7 @@ pub unsafe fn SSL_CTX_add_extra_chain_cert(ctx: *mut SSL_CTX, x509: *mut X509) -
SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509 as *mut c_void)
}
pub unsafe fn SSL_CTX_get_extra_chain_certs(
ctx: *mut SSL_CTX,
chain: *mut *mut stack_st_X509,
) -> c_long {
pub unsafe fn SSL_CTX_get_extra_chain_certs(ctx: *mut SSL_CTX, chain: *mut *mut stack_st_X509) -> c_long {
SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, chain as *mut c_void)
}
@ -421,32 +417,17 @@ pub unsafe fn SSL_add0_chain_cert(ssl: *mut SSL, ptr: *mut X509) -> c_long {
#[cfg(ossl102)]
pub unsafe fn SSL_CTX_set1_sigalgs_list(ctx: *mut SSL_CTX, s: *const c_char) -> c_long {
SSL_CTX_ctrl(
ctx,
SSL_CTRL_SET_SIGALGS_LIST,
0,
s as *const c_void as *mut c_void,
)
SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS_LIST, 0, s as *const c_void as *mut c_void)
}
#[cfg(any(libressl, all(ossl102, not(ossl110))))]
pub unsafe fn SSL_CTX_set_ecdh_auto(ctx: *mut SSL_CTX, onoff: c_int) -> c_int {
SSL_CTX_ctrl(
ctx,
SSL_CTRL_SET_ECDH_AUTO,
onoff as c_long,
ptr::null_mut(),
) as c_int
SSL_CTX_ctrl(ctx, SSL_CTRL_SET_ECDH_AUTO, onoff as c_long, ptr::null_mut()) as c_int
}
#[cfg(any(libressl, all(ossl102, not(ossl110))))]
pub unsafe fn SSL_set_ecdh_auto(ssl: *mut SSL, onoff: c_int) -> c_int {
SSL_ctrl(
ssl,
SSL_CTRL_SET_ECDH_AUTO,
onoff as c_long,
ptr::null_mut(),
) as c_int
SSL_ctrl(ssl, SSL_CTRL_SET_ECDH_AUTO, onoff as c_long, ptr::null_mut()) as c_int
}
cfg_if! {
@ -567,42 +548,21 @@ pub unsafe fn SSL_CTX_set_read_ahead(ctx: *mut SSL_CTX, m: c_long) -> c_long {
#[allow(clashing_extern_declarations)]
extern "C" {
#[deprecated(note = "use SSL_CTX_set_tmp_dh_callback__fixed_rust instead")]
pub fn SSL_CTX_set_tmp_dh_callback(
ctx: *mut SSL_CTX,
dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
);
pub fn SSL_CTX_set_tmp_dh_callback(ctx: *mut SSL_CTX, dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH);
#[deprecated(note = "use SSL_set_tmp_dh_callback__fixed_rust instead")]
pub fn SSL_set_tmp_dh_callback(
ctx: *mut SSL,
dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH,
);
pub fn SSL_set_tmp_dh_callback(ctx: *mut SSL, dh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut DH);
#[deprecated(note = "use SSL_CTX_set_tmp_ecdh_callback__fixed_rust instead")]
#[cfg(not(ossl110))]
pub fn SSL_CTX_set_tmp_ecdh_callback(
ctx: *mut SSL_CTX,
ecdh: unsafe extern "C" fn(
ssl: *mut SSL,
is_export: c_int,
keylength: c_int,
) -> *mut EC_KEY,
ecdh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY,
);
#[deprecated(note = "use SSL_set_tmp_ecdh_callback__fixed_rust instead")]
#[cfg(not(ossl110))]
pub fn SSL_set_tmp_ecdh_callback(
ssl: *mut SSL,
ecdh: unsafe extern "C" fn(
ssl: *mut SSL,
is_export: c_int,
keylength: c_int,
) -> *mut EC_KEY,
);
pub fn SSL_set_tmp_ecdh_callback(ssl: *mut SSL, ecdh: unsafe extern "C" fn(ssl: *mut SSL, is_export: c_int, keylength: c_int) -> *mut EC_KEY);
#[deprecated(note = "use SSL_CTX_callback_ctrl__fixed_rust instead")]
pub fn SSL_CTX_callback_ctrl(
ctx: *mut SSL_CTX,
cmd: c_int,
fp: Option<extern "C" fn()>,
) -> c_long;
pub fn SSL_CTX_callback_ctrl(ctx: *mut SSL_CTX, cmd: c_int, fp: Option<extern "C" fn()>) -> c_long;
#[deprecated(note = "use SSL_CTX_set_alpn_select_cb__fixed_rust instead")]
#[cfg(any(ossl102, libressl261))]

39
openssl-sys/src/tls1.rs
View file

@ -17,43 +17,19 @@ pub const TLSEXT_NAMETYPE_host_name: c_int = 0;
pub const TLSEXT_STATUSTYPE_ocsp: c_int = 1;
pub unsafe fn SSL_set_tlsext_host_name(s: *mut SSL, name: *mut c_char) -> c_long {
SSL_ctrl(
s,
SSL_CTRL_SET_TLSEXT_HOSTNAME,
TLSEXT_NAMETYPE_host_name as c_long,
name as *mut c_void,
)
SSL_ctrl(s, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name as c_long, name as *mut c_void)
}
pub unsafe fn SSL_set_tlsext_status_type(s: *mut SSL, type_: c_int) -> c_long {
SSL_ctrl(
s,
SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,
type_ as c_long,
ptr::null_mut(),
)
SSL_ctrl(s, SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE, type_ as c_long, ptr::null_mut())
}
pub unsafe fn SSL_get_tlsext_status_ocsp_resp(ssl: *mut SSL, resp: *mut *mut c_uchar) -> c_long {
SSL_ctrl(
ssl,
SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,
0,
resp as *mut c_void,
)
SSL_ctrl(ssl, SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP, 0, resp as *mut c_void)
}
pub unsafe fn SSL_set_tlsext_status_ocsp_resp(
ssl: *mut SSL,
resp: *mut c_uchar,
len: c_long,
) -> c_long {
SSL_ctrl(
ssl,
SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,
len,
resp as *mut c_void,
)
pub unsafe fn SSL_set_tlsext_status_ocsp_resp(ssl: *mut SSL, resp: *mut c_uchar, len: c_long) -> c_long {
SSL_ctrl(ssl, SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP, len, resp as *mut c_void)
}
#[deprecated(note = "use SSL_CTX_set_tlsext_servername_callback__fixed_rust instead")]
@ -82,10 +58,7 @@ pub unsafe fn SSL_CTX_set_tlsext_servername_arg(ctx: *mut SSL_CTX, arg: *mut c_v
SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG, 0, arg)
}
pub unsafe fn SSL_CTX_set_tlsext_status_cb(
ctx: *mut SSL_CTX,
cb: Option<unsafe extern "C" fn(*mut SSL, *mut c_void) -> c_int>,
) -> c_long {
pub unsafe fn SSL_CTX_set_tlsext_status_cb(ctx: *mut SSL_CTX, cb: Option<unsafe extern "C" fn(*mut SSL, *mut c_void) -> c_int>) -> c_long {
SSL_CTX_callback_ctrl__fixed_rust(ctx, SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB, mem::transmute(cb))
}

14
openssl-sys/src/x509_vfy.rs
View file

@ -133,17 +133,7 @@ pub const X509_V_FLAG_NO_ALT_CHAINS: c_ulong = 0x100000;
#[cfg(ossl110)]
pub const X509_V_FLAG_NO_CHECK_TIME: c_ulong = 0x200000;
pub unsafe fn X509_LOOKUP_add_dir(
ctx: *mut X509_LOOKUP,
name: *const c_char,
_type: c_int,
) -> c_int {
pub unsafe fn X509_LOOKUP_add_dir(ctx: *mut X509_LOOKUP, name: *const c_char, _type: c_int) -> c_int {
const X509_L_ADD_DIR: c_int = 2;
X509_LOOKUP_ctrl(
ctx,
X509_L_ADD_DIR,
name,
_type as c_long,
std::ptr::null_mut(),
)
X509_LOOKUP_ctrl(ctx, X509_L_ADD_DIR, name, _type as c_long, std::ptr::null_mut())
}

37
zssp/src/zssp.rs
View file

@ -132,18 +132,18 @@ enum Offer {
const AES_POOL_SIZE: usize = 4;
struct SessionKey {
ratchet_key: Secret<BASE_KEY_SIZE>, // Key used in derivation of the next session key
ratchet_key: Secret<BASE_KEY_SIZE>, // Key used in derivation of the next session key
//receive_key: Secret<AES_256_KEY_SIZE>, // Receive side AES-GCM key
//send_key: Secret<AES_256_KEY_SIZE>, // Send side AES-GCM key
receive_cipher_pool: [Mutex<AesGcm<false>>; AES_POOL_SIZE], // Pool of reusable sending ciphers
send_cipher_pool: [Mutex<AesGcm<true>>; AES_POOL_SIZE], // Pool of reusable receiving ciphers
rekey_at_time: i64, // Rekey at or after this time (ticks)
created_at_counter: u64, // Counter at which session was created
rekey_at_counter: u64, // Rekey at or after this counter
expire_at_counter: u64, // Hard error when this counter value is reached or exceeded
ratchet_count: u64, // Number of rekey events
bob: bool, // Was this side "Bob" in this exchange?
confirmed: bool, // Is this key confirmed by the other side?
rekey_at_time: i64, // Rekey at or after this time (ticks)
created_at_counter: u64, // Counter at which session was created
rekey_at_counter: u64, // Rekey at or after this counter
expire_at_counter: u64, // Hard error when this counter value is reached or exceeded
ratchet_count: u64, // Number of rekey events
bob: bool, // Was this side "Bob" in this exchange?
confirmed: bool, // Is this key confirmed by the other side?
}
impl<Application: ApplicationLayer> Context<Application> {
@ -641,7 +641,7 @@ impl<Application: ApplicationLayer> Context<Application> {
if aead_authentication_ok {
// Packet fully authenticated
if !session.update_receive_window(incoming_counter) {
return Err(Error::OutOfSequence)
return Err(Error::OutOfSequence);
}
// Update the current key to point to this key if it's newer, since having received
// a packet encrypted with it proves that the other side has successfully derived it
@ -899,14 +899,11 @@ impl<Application: ApplicationLayer> Context<Application> {
// Packet fully authenticated
if !session.update_receive_window(incoming_counter) {
return Err(Error::OutOfSequence)
return Err(Error::OutOfSequence);
}
let noise_es_ee_se_hk_psk = hmac_sha512_secret::<BASE_KEY_SIZE>(
hmac_sha512_secret::<BASE_KEY_SIZE>(
noise_es_ee.as_bytes(),
noise_se.as_bytes(),
).as_bytes(),
hmac_sha512_secret::<BASE_KEY_SIZE>(noise_es_ee.as_bytes(), noise_se.as_bytes()).as_bytes(),
hmac_sha512_secret::<BASE_KEY_SIZE>(session.psk.as_bytes(), hk.as_bytes()).as_bytes(),
);
@ -1129,7 +1126,7 @@ impl<Application: ApplicationLayer> Context<Application> {
if aead_authentication_ok {
// Packet fully authenticated
if !session.update_receive_window(incoming_counter) {
return Err(Error::OutOfSequence)
return Err(Error::OutOfSequence);
}
let pkt: &RekeyInit = byte_array_as_proto_buffer(&pkt_assembled).unwrap();
@ -1221,7 +1218,7 @@ impl<Application: ApplicationLayer> Context<Application> {
if aead_authentication_ok {
// Packet fully authenticated
if !session.update_receive_window(incoming_counter) {
return Err(Error::OutOfSequence)
return Err(Error::OutOfSequence);
}
let pkt: &RekeyAck = byte_array_as_proto_buffer(&pkt_assembled).unwrap();
@ -1590,11 +1587,11 @@ impl SessionKey {
fn get_send_cipher<'a>(&'a self, counter: u64) -> Result<MutexGuard<'a, AesGcm<true>>, Error> {
if counter < self.expire_at_counter {
for i in 0..(AES_POOL_SIZE - 1) {
if let Ok(p) = self.send_cipher_pool[(counter as usize).wrapping_add(i)%AES_POOL_SIZE].try_lock() {
if let Ok(p) = self.send_cipher_pool[(counter as usize).wrapping_add(i) % AES_POOL_SIZE].try_lock() {
return Ok(p);
}
}
Ok(self.send_cipher_pool[(counter as usize)%AES_POOL_SIZE].lock().unwrap())
Ok(self.send_cipher_pool[(counter as usize) % AES_POOL_SIZE].lock().unwrap())
} else {
Err(Error::MaxKeyLifetimeExceeded)
}
@ -1602,11 +1599,11 @@ impl SessionKey {
fn get_receive_cipher<'a>(&'a self, counter: u64) -> MutexGuard<'a, AesGcm<false>> {
for i in 0..(AES_POOL_SIZE - 1) {
if let Ok(p) = self.receive_cipher_pool[(counter as usize).wrapping_add(i)%AES_POOL_SIZE].try_lock() {
if let Ok(p) = self.receive_cipher_pool[(counter as usize).wrapping_add(i) % AES_POOL_SIZE].try_lock() {
return p;
}
}
self.receive_cipher_pool[(counter as usize)%AES_POOL_SIZE].lock().unwrap()
self.receive_cipher_pool[(counter as usize) % AES_POOL_SIZE].lock().unwrap()
}
}