1/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2 * All rights reserved. 3 * 4 * This package is an SSL implementation written 5 * by Eric Young (eay@cryptsoft.com). 6 * The implementation was written so as to conform with Netscapes SSL. 7 * 8 * This library is free for commercial and non-commercial use as long as 9 * the following conditions are aheared to. The following conditions 10 * apply to all code found in this distribution, be it the RC4, RSA, 11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * included with this distribution is covered by the same copyright terms 13 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * 15 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * the code are not to be removed. 17 * If this package is used in a product, Eric Young should be given attribution 18 * as the author of the parts of the library used. 19 * This can be in the form of a textual message at program startup or 20 * in documentation (online or textual) provided with the package. 21 * 22 * Redistribution and use in source and binary forms, with or without 23 * modification, are permitted provided that the following conditions 24 * are met: 25 * 1. Redistributions of source code must retain the copyright 26 * notice, this list of conditions and the following disclaimer. 27 * 2. Redistributions in binary form must reproduce the above copyright 28 * notice, this list of conditions and the following disclaimer in the 29 * documentation and/or other materials provided with the distribution. 30 * 3. All advertising materials mentioning features or use of this software 31 * must display the following acknowledgement: 32 * "This product includes cryptographic software written by 33 * Eric Young (eay@cryptsoft.com)" 34 * The word 'cryptographic' can be left out if the rouines from the library 35 * being used are not cryptographic related :-). 36 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * the apps directory (application code) you must include an acknowledgement: 38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * SUCH DAMAGE. 51 * 52 * The licence and distribution terms for any publically available version or 53 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * copied and put under another distribution licence 55 * [including the GNU Public Licence.] 56 */ 57/* ==================================================================== 58 * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. 59 * 60 * Redistribution and use in source and binary forms, with or without 61 * modification, are permitted provided that the following conditions 62 * are met: 63 * 64 * 1. Redistributions of source code must retain the above copyright 65 * notice, this list of conditions and the following disclaimer. 66 * 67 * 2. Redistributions in binary form must reproduce the above copyright 68 * notice, this list of conditions and the following disclaimer in 69 * the documentation and/or other materials provided with the 70 * distribution. 71 * 72 * 3. All advertising materials mentioning features or use of this 73 * software must display the following acknowledgment: 74 * "This product includes software developed by the OpenSSL Project 75 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 76 * 77 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 78 * endorse or promote products derived from this software without 79 * prior written permission. For written permission, please contact 80 * openssl-core@openssl.org. 81 * 82 * 5. Products derived from this software may not be called "OpenSSL" 83 * nor may "OpenSSL" appear in their names without prior written 84 * permission of the OpenSSL Project. 85 * 86 * 6. Redistributions of any form whatsoever must retain the following 87 * acknowledgment: 88 * "This product includes software developed by the OpenSSL Project 89 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 90 * 91 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 92 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 93 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 94 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 95 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 96 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 97 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 98 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 99 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 100 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 101 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 102 * OF THE POSSIBILITY OF SUCH DAMAGE. 103 * ==================================================================== 104 * 105 * This product includes cryptographic software written by Eric Young 106 * (eay@cryptsoft.com). This product includes software written by Tim 107 * Hudson (tjh@cryptsoft.com). */ 108 109#ifndef OPENSSL_HEADER_CRYPTO_INTERNAL_H 110#define OPENSSL_HEADER_CRYPTO_INTERNAL_H 111 112#include <openssl/ex_data.h> 113#include <openssl/thread.h> 114 115#include <string.h> 116 117#if defined(_MSC_VER) 118#if !defined(__cplusplus) || _MSC_VER < 1900 119#define alignas(x) __declspec(align(x)) 120#define alignof __alignof 121#endif 122#else 123#include <stdalign.h> 124#endif 125 126#if !defined(OPENSSL_NO_THREADS) && \ 127 (!defined(OPENSSL_WINDOWS) || defined(__MINGW32__)) 128#include <pthread.h> 129#define OPENSSL_PTHREADS 130#endif 131 132#if !defined(OPENSSL_NO_THREADS) && !defined(OPENSSL_PTHREADS) && \ 133 defined(OPENSSL_WINDOWS) 134#define OPENSSL_WINDOWS_THREADS 135OPENSSL_MSVC_PRAGMA(warning(push, 3)) 136#include <windows.h> 137OPENSSL_MSVC_PRAGMA(warning(pop)) 138#endif 139 140#if defined(__cplusplus) 141extern "C" { 142#endif 143 144 145#if defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || defined(OPENSSL_ARM) || \ 146 defined(OPENSSL_AARCH64) || defined(OPENSSL_PPC64LE) 147/* OPENSSL_cpuid_setup initializes the platform-specific feature cache. */ 148void OPENSSL_cpuid_setup(void); 149#endif 150 151 152#if !defined(_MSC_VER) && defined(OPENSSL_64_BIT) 153typedef __int128_t int128_t; 154typedef __uint128_t uint128_t; 155#endif 156 157#define OPENSSL_ARRAY_SIZE(array) (sizeof(array) / sizeof((array)[0])) 158 159/* buffers_alias returns one if |a| and |b| alias and zero otherwise. */ 160static inline int buffers_alias(const uint8_t *a, size_t a_len, 161 const uint8_t *b, size_t b_len) { 162 /* Cast |a| and |b| to integers. In C, pointer comparisons between unrelated 163 * objects are undefined whereas pointer to integer conversions are merely 164 * implementation-defined. We assume the implementation defined it in a sane 165 * way. */ 166 uintptr_t a_u = (uintptr_t)a; 167 uintptr_t b_u = (uintptr_t)b; 168 return a_u + a_len > b_u && b_u + b_len > a_u; 169} 170 171 172/* Constant-time utility functions. 173 * 174 * The following methods return a bitmask of all ones (0xff...f) for true and 0 175 * for false. This is useful for choosing a value based on the result of a 176 * conditional in constant time. For example, 177 * 178 * if (a < b) { 179 * c = a; 180 * } else { 181 * c = b; 182 * } 183 * 184 * can be written as 185 * 186 * unsigned int lt = constant_time_lt(a, b); 187 * c = constant_time_select(lt, a, b); */ 188 189/* constant_time_msb returns the given value with the MSB copied to all the 190 * other bits. */ 191static inline unsigned int constant_time_msb(unsigned int a) { 192 return (unsigned int)((int)(a) >> (sizeof(int) * 8 - 1)); 193} 194 195/* constant_time_lt returns 0xff..f if a < b and 0 otherwise. */ 196static inline unsigned int constant_time_lt(unsigned int a, unsigned int b) { 197 /* Consider the two cases of the problem: 198 * msb(a) == msb(b): a < b iff the MSB of a - b is set. 199 * msb(a) != msb(b): a < b iff the MSB of b is set. 200 * 201 * If msb(a) == msb(b) then the following evaluates as: 202 * msb(a^((a^b)|((a-b)^a))) == 203 * msb(a^((a-b) ^ a)) == (because msb(a^b) == 0) 204 * msb(a^a^(a-b)) == (rearranging) 205 * msb(a-b) (because ∀x. x^x == 0) 206 * 207 * Else, if msb(a) != msb(b) then the following evaluates as: 208 * msb(a^((a^b)|((a-b)^a))) == 209 * msb(a^( | ((a-b)^a))) == (because msb(a^b) == 1 and 210 * represents a value s.t. msb() = 1) 211 * msb(a^) == (because ORing with 1 results in 1) 212 * msb(b) 213 * 214 * 215 * Here is an SMT-LIB verification of this formula: 216 * 217 * (define-fun lt ((a (_ BitVec 32)) (b (_ BitVec 32))) (_ BitVec 32) 218 * (bvxor a (bvor (bvxor a b) (bvxor (bvsub a b) a))) 219 * ) 220 * 221 * (declare-fun a () (_ BitVec 32)) 222 * (declare-fun b () (_ BitVec 32)) 223 * 224 * (assert (not (= (= #x00000001 (bvlshr (lt a b) #x0000001f)) (bvult a b)))) 225 * (check-sat) 226 * (get-model) 227 */ 228 return constant_time_msb(a^((a^b)|((a-b)^a))); 229} 230 231/* constant_time_lt_8 acts like |constant_time_lt| but returns an 8-bit mask. */ 232static inline uint8_t constant_time_lt_8(unsigned int a, unsigned int b) { 233 return (uint8_t)(constant_time_lt(a, b)); 234} 235 236/* constant_time_gt returns 0xff..f if a >= b and 0 otherwise. */ 237static inline unsigned int constant_time_ge(unsigned int a, unsigned int b) { 238 return ~constant_time_lt(a, b); 239} 240 241/* constant_time_ge_8 acts like |constant_time_ge| but returns an 8-bit mask. */ 242static inline uint8_t constant_time_ge_8(unsigned int a, unsigned int b) { 243 return (uint8_t)(constant_time_ge(a, b)); 244} 245 246/* constant_time_is_zero returns 0xff..f if a == 0 and 0 otherwise. */ 247static inline unsigned int constant_time_is_zero(unsigned int a) { 248 /* Here is an SMT-LIB verification of this formula: 249 * 250 * (define-fun is_zero ((a (_ BitVec 32))) (_ BitVec 32) 251 * (bvand (bvnot a) (bvsub a #x00000001)) 252 * ) 253 * 254 * (declare-fun a () (_ BitVec 32)) 255 * 256 * (assert (not (= (= #x00000001 (bvlshr (is_zero a) #x0000001f)) (= a #x00000000)))) 257 * (check-sat) 258 * (get-model) 259 */ 260 return constant_time_msb(~a & (a - 1)); 261} 262 263/* constant_time_is_zero_8 acts like constant_time_is_zero but returns an 8-bit 264 * mask. */ 265static inline uint8_t constant_time_is_zero_8(unsigned int a) { 266 return (uint8_t)(constant_time_is_zero(a)); 267} 268 269/* constant_time_eq returns 0xff..f if a == b and 0 otherwise. */ 270static inline unsigned int constant_time_eq(unsigned int a, unsigned int b) { 271 return constant_time_is_zero(a ^ b); 272} 273 274/* constant_time_eq_8 acts like |constant_time_eq| but returns an 8-bit mask. */ 275static inline uint8_t constant_time_eq_8(unsigned int a, unsigned int b) { 276 return (uint8_t)(constant_time_eq(a, b)); 277} 278 279/* constant_time_eq_int acts like |constant_time_eq| but works on int values. */ 280static inline unsigned int constant_time_eq_int(int a, int b) { 281 return constant_time_eq((unsigned)(a), (unsigned)(b)); 282} 283 284/* constant_time_eq_int_8 acts like |constant_time_eq_int| but returns an 8-bit 285 * mask. */ 286static inline uint8_t constant_time_eq_int_8(int a, int b) { 287 return constant_time_eq_8((unsigned)(a), (unsigned)(b)); 288} 289 290/* constant_time_select returns (mask & a) | (~mask & b). When |mask| is all 1s 291 * or all 0s (as returned by the methods above), the select methods return 292 * either |a| (if |mask| is nonzero) or |b| (if |mask| is zero). */ 293static inline unsigned int constant_time_select(unsigned int mask, 294 unsigned int a, unsigned int b) { 295 return (mask & a) | (~mask & b); 296} 297 298/* constant_time_select_8 acts like |constant_time_select| but operates on 299 * 8-bit values. */ 300static inline uint8_t constant_time_select_8(uint8_t mask, uint8_t a, 301 uint8_t b) { 302 return (uint8_t)(constant_time_select(mask, a, b)); 303} 304 305/* constant_time_select_int acts like |constant_time_select| but operates on 306 * ints. */ 307static inline int constant_time_select_int(unsigned int mask, int a, int b) { 308 return (int)(constant_time_select(mask, (unsigned)(a), (unsigned)(b))); 309} 310 311 312/* Thread-safe initialisation. */ 313 314#if defined(OPENSSL_NO_THREADS) 315typedef uint32_t CRYPTO_once_t; 316#define CRYPTO_ONCE_INIT 0 317#elif defined(OPENSSL_WINDOWS_THREADS) 318typedef INIT_ONCE CRYPTO_once_t; 319#define CRYPTO_ONCE_INIT INIT_ONCE_STATIC_INIT 320#elif defined(OPENSSL_PTHREADS) 321typedef pthread_once_t CRYPTO_once_t; 322#define CRYPTO_ONCE_INIT PTHREAD_ONCE_INIT 323#else 324#error "Unknown threading library" 325#endif 326 327/* CRYPTO_once calls |init| exactly once per process. This is thread-safe: if 328 * concurrent threads call |CRYPTO_once| with the same |CRYPTO_once_t| argument 329 * then they will block until |init| completes, but |init| will have only been 330 * called once. 331 * 332 * The |once| argument must be a |CRYPTO_once_t| that has been initialised with 333 * the value |CRYPTO_ONCE_INIT|. */ 334OPENSSL_EXPORT void CRYPTO_once(CRYPTO_once_t *once, void (*init)(void)); 335 336 337/* Reference counting. */ 338 339/* CRYPTO_REFCOUNT_MAX is the value at which the reference count saturates. */ 340#define CRYPTO_REFCOUNT_MAX 0xffffffff 341 342/* CRYPTO_refcount_inc atomically increments the value at |*count| unless the 343 * value would overflow. It's safe for multiple threads to concurrently call 344 * this or |CRYPTO_refcount_dec_and_test_zero| on the same 345 * |CRYPTO_refcount_t|. */ 346OPENSSL_EXPORT void CRYPTO_refcount_inc(CRYPTO_refcount_t *count); 347 348/* CRYPTO_refcount_dec_and_test_zero tests the value at |*count|: 349 * if it's zero, it crashes the address space. 350 * if it's the maximum value, it returns zero. 351 * otherwise, it atomically decrements it and returns one iff the resulting 352 * value is zero. 353 * 354 * It's safe for multiple threads to concurrently call this or 355 * |CRYPTO_refcount_inc| on the same |CRYPTO_refcount_t|. */ 356OPENSSL_EXPORT int CRYPTO_refcount_dec_and_test_zero(CRYPTO_refcount_t *count); 357 358 359/* Locks. 360 * 361 * Two types of locks are defined: |CRYPTO_MUTEX|, which can be used in 362 * structures as normal, and |struct CRYPTO_STATIC_MUTEX|, which can be used as 363 * a global lock. A global lock must be initialised to the value 364 * |CRYPTO_STATIC_MUTEX_INIT|. 365 * 366 * |CRYPTO_MUTEX| can appear in public structures and so is defined in 367 * thread.h as a structure large enough to fit the real type. The global lock is 368 * a different type so it may be initialized with platform initializer macros.*/ 369 370#if defined(OPENSSL_NO_THREADS) 371struct CRYPTO_STATIC_MUTEX { 372 char padding; /* Empty structs have different sizes in C and C++. */ 373}; 374#define CRYPTO_STATIC_MUTEX_INIT { 0 } 375#elif defined(OPENSSL_WINDOWS_THREADS) 376struct CRYPTO_STATIC_MUTEX { 377 SRWLOCK lock; 378}; 379#define CRYPTO_STATIC_MUTEX_INIT { SRWLOCK_INIT } 380#elif defined(OPENSSL_PTHREADS) 381struct CRYPTO_STATIC_MUTEX { 382 pthread_rwlock_t lock; 383}; 384#define CRYPTO_STATIC_MUTEX_INIT { PTHREAD_RWLOCK_INITIALIZER } 385#else 386#error "Unknown threading library" 387#endif 388 389/* CRYPTO_MUTEX_init initialises |lock|. If |lock| is a static variable, use a 390 * |CRYPTO_STATIC_MUTEX|. */ 391OPENSSL_EXPORT void CRYPTO_MUTEX_init(CRYPTO_MUTEX *lock); 392 393/* CRYPTO_MUTEX_lock_read locks |lock| such that other threads may also have a 394 * read lock, but none may have a write lock. */ 395OPENSSL_EXPORT void CRYPTO_MUTEX_lock_read(CRYPTO_MUTEX *lock); 396 397/* CRYPTO_MUTEX_lock_write locks |lock| such that no other thread has any type 398 * of lock on it. */ 399OPENSSL_EXPORT void CRYPTO_MUTEX_lock_write(CRYPTO_MUTEX *lock); 400 401/* CRYPTO_MUTEX_unlock_read unlocks |lock| for reading. */ 402OPENSSL_EXPORT void CRYPTO_MUTEX_unlock_read(CRYPTO_MUTEX *lock); 403 404/* CRYPTO_MUTEX_unlock_write unlocks |lock| for writing. */ 405OPENSSL_EXPORT void CRYPTO_MUTEX_unlock_write(CRYPTO_MUTEX *lock); 406 407/* CRYPTO_MUTEX_cleanup releases all resources held by |lock|. */ 408OPENSSL_EXPORT void CRYPTO_MUTEX_cleanup(CRYPTO_MUTEX *lock); 409 410/* CRYPTO_STATIC_MUTEX_lock_read locks |lock| such that other threads may also 411 * have a read lock, but none may have a write lock. The |lock| variable does 412 * not need to be initialised by any function, but must have been statically 413 * initialised with |CRYPTO_STATIC_MUTEX_INIT|. */ 414OPENSSL_EXPORT void CRYPTO_STATIC_MUTEX_lock_read( 415 struct CRYPTO_STATIC_MUTEX *lock); 416 417/* CRYPTO_STATIC_MUTEX_lock_write locks |lock| such that no other thread has 418 * any type of lock on it. The |lock| variable does not need to be initialised 419 * by any function, but must have been statically initialised with 420 * |CRYPTO_STATIC_MUTEX_INIT|. */ 421OPENSSL_EXPORT void CRYPTO_STATIC_MUTEX_lock_write( 422 struct CRYPTO_STATIC_MUTEX *lock); 423 424/* CRYPTO_STATIC_MUTEX_unlock_read unlocks |lock| for reading. */ 425OPENSSL_EXPORT void CRYPTO_STATIC_MUTEX_unlock_read( 426 struct CRYPTO_STATIC_MUTEX *lock); 427 428/* CRYPTO_STATIC_MUTEX_unlock_write unlocks |lock| for writing. */ 429OPENSSL_EXPORT void CRYPTO_STATIC_MUTEX_unlock_write( 430 struct CRYPTO_STATIC_MUTEX *lock); 431 432 433/* Thread local storage. */ 434 435/* thread_local_data_t enumerates the types of thread-local data that can be 436 * stored. */ 437typedef enum { 438 OPENSSL_THREAD_LOCAL_ERR = 0, 439 OPENSSL_THREAD_LOCAL_RAND, 440 OPENSSL_THREAD_LOCAL_URANDOM_BUF, 441 OPENSSL_THREAD_LOCAL_TEST, 442 NUM_OPENSSL_THREAD_LOCALS, 443} thread_local_data_t; 444 445/* thread_local_destructor_t is the type of a destructor function that will be 446 * called when a thread exits and its thread-local storage needs to be freed. */ 447typedef void (*thread_local_destructor_t)(void *); 448 449/* CRYPTO_get_thread_local gets the pointer value that is stored for the 450 * current thread for the given index, or NULL if none has been set. */ 451OPENSSL_EXPORT void *CRYPTO_get_thread_local(thread_local_data_t value); 452 453/* CRYPTO_set_thread_local sets a pointer value for the current thread at the 454 * given index. This function should only be called once per thread for a given 455 * |index|: rather than update the pointer value itself, update the data that 456 * is pointed to. 457 * 458 * The destructor function will be called when a thread exits to free this 459 * thread-local data. All calls to |CRYPTO_set_thread_local| with the same 460 * |index| should have the same |destructor| argument. The destructor may be 461 * called with a NULL argument if a thread that never set a thread-local 462 * pointer for |index|, exits. The destructor may be called concurrently with 463 * different arguments. 464 * 465 * This function returns one on success or zero on error. If it returns zero 466 * then |destructor| has been called with |value| already. */ 467OPENSSL_EXPORT int CRYPTO_set_thread_local( 468 thread_local_data_t index, void *value, 469 thread_local_destructor_t destructor); 470 471 472/* ex_data */ 473 474typedef struct crypto_ex_data_func_st CRYPTO_EX_DATA_FUNCS; 475 476/* CRYPTO_EX_DATA_CLASS tracks the ex_indices registered for a type which 477 * supports ex_data. It should defined as a static global within the module 478 * which defines that type. */ 479typedef struct { 480 struct CRYPTO_STATIC_MUTEX lock; 481 STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth; 482 /* num_reserved is one if the ex_data index zero is reserved for legacy 483 * |TYPE_get_app_data| functions. */ 484 uint8_t num_reserved; 485} CRYPTO_EX_DATA_CLASS; 486 487#define CRYPTO_EX_DATA_CLASS_INIT {CRYPTO_STATIC_MUTEX_INIT, NULL, 0} 488#define CRYPTO_EX_DATA_CLASS_INIT_WITH_APP_DATA \ 489 {CRYPTO_STATIC_MUTEX_INIT, NULL, 1} 490 491/* CRYPTO_get_ex_new_index allocates a new index for |ex_data_class| and writes 492 * it to |*out_index|. Each class of object should provide a wrapper function 493 * that uses the correct |CRYPTO_EX_DATA_CLASS|. It returns one on success and 494 * zero otherwise. */ 495OPENSSL_EXPORT int CRYPTO_get_ex_new_index(CRYPTO_EX_DATA_CLASS *ex_data_class, 496 int *out_index, long argl, 497 void *argp, CRYPTO_EX_dup *dup_func, 498 CRYPTO_EX_free *free_func); 499 500/* CRYPTO_set_ex_data sets an extra data pointer on a given object. Each class 501 * of object should provide a wrapper function. */ 502OPENSSL_EXPORT int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int index, void *val); 503 504/* CRYPTO_get_ex_data returns an extra data pointer for a given object, or NULL 505 * if no such index exists. Each class of object should provide a wrapper 506 * function. */ 507OPENSSL_EXPORT void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int index); 508 509/* CRYPTO_new_ex_data initialises a newly allocated |CRYPTO_EX_DATA|. */ 510OPENSSL_EXPORT void CRYPTO_new_ex_data(CRYPTO_EX_DATA *ad); 511 512/* CRYPTO_dup_ex_data duplicates |from| into a freshly allocated 513 * |CRYPTO_EX_DATA|, |to|. Both of which are inside objects of the given 514 * class. It returns one on success and zero otherwise. */ 515OPENSSL_EXPORT int CRYPTO_dup_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class, 516 CRYPTO_EX_DATA *to, 517 const CRYPTO_EX_DATA *from); 518 519/* CRYPTO_free_ex_data frees |ad|, which is embedded inside |obj|, which is an 520 * object of the given class. */ 521OPENSSL_EXPORT void CRYPTO_free_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class, 522 void *obj, CRYPTO_EX_DATA *ad); 523 524 525/* Language bug workarounds. 526 * 527 * Most C standard library functions are undefined if passed NULL, even when the 528 * corresponding length is zero. This gives them (and, in turn, all functions 529 * which call them) surprising behavior on empty arrays. Some compilers will 530 * miscompile code due to this rule. See also 531 * https://www.imperialviolet.org/2016/06/26/nonnull.html 532 * 533 * These wrapper functions behave the same as the corresponding C standard 534 * functions, but behave as expected when passed NULL if the length is zero. 535 * 536 * Note |OPENSSL_memcmp| is a different function from |CRYPTO_memcmp|. */ 537 538/* C++ defines |memchr| as a const-correct overload. */ 539#if defined(__cplusplus) 540extern "C++" { 541 542static inline const void *OPENSSL_memchr(const void *s, int c, size_t n) { 543 if (n == 0) { 544 return NULL; 545 } 546 547 return memchr(s, c, n); 548} 549 550static inline void *OPENSSL_memchr(void *s, int c, size_t n) { 551 if (n == 0) { 552 return NULL; 553 } 554 555 return memchr(s, c, n); 556} 557 558} /* extern "C++" */ 559#else /* __cplusplus */ 560 561static inline void *OPENSSL_memchr(const void *s, int c, size_t n) { 562 if (n == 0) { 563 return NULL; 564 } 565 566 return memchr(s, c, n); 567} 568 569#endif /* __cplusplus */ 570 571static inline int OPENSSL_memcmp(const void *s1, const void *s2, size_t n) { 572 if (n == 0) { 573 return 0; 574 } 575 576 return memcmp(s1, s2, n); 577} 578 579static inline void *OPENSSL_memcpy(void *dst, const void *src, size_t n) { 580 if (n == 0) { 581 return dst; 582 } 583 584 return memcpy(dst, src, n); 585} 586 587static inline void *OPENSSL_memmove(void *dst, const void *src, size_t n) { 588 if (n == 0) { 589 return dst; 590 } 591 592 return memmove(dst, src, n); 593} 594 595static inline void *OPENSSL_memset(void *dst, int c, size_t n) { 596 if (n == 0) { 597 return dst; 598 } 599 600 return memset(dst, c, n); 601} 602 603 604#if defined(__cplusplus) 605} /* extern C */ 606#endif 607 608#endif /* OPENSSL_HEADER_CRYPTO_INTERNAL_H */ 609