Add CRYPTO_BUFFER and CRYPTO_BUFFER_POOL. These structures allow for blobs of data (e.g. certificates) to be deduplicated in memory. Change-Id: Iebfec90b85d55565848a178b6951562b4ccc083e Reviewed-on: https://boringssl-review.googlesource.com/11820 Reviewed-by: Adam Langley <alangley@gmail.com> Commit-Queue: Adam Langley <alangley@gmail.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/include/openssl/base.h b/include/openssl/base.h index 10a22ce..cb847d5 100644 --- a/include/openssl/base.h +++ b/include/openssl/base.h
@@ -255,6 +255,8 @@ typedef struct cmac_ctx_st CMAC_CTX; typedef struct conf_st CONF; typedef struct conf_value_st CONF_VALUE; +typedef struct crypto_buffer_pool_st CRYPTO_BUFFER_POOL; +typedef struct crypto_buffer_st CRYPTO_BUFFER; typedef struct dh_st DH; typedef struct dsa_st DSA; typedef struct ec_group_st EC_GROUP;
diff --git a/include/openssl/lhash.h b/include/openssl/lhash.h index 0d6d3ae..130ffb1 100644 --- a/include/openssl/lhash.h +++ b/include/openssl/lhash.h
@@ -97,6 +97,7 @@ * * LHASH_OF:ASN1_OBJECT * LHASH_OF:CONF_VALUE + * LHASH_OF:CRYPTO_BUFFER * LHASH_OF:SSL_SESSION */ #define IN_LHASH_H
diff --git a/include/openssl/lhash_macros.h b/include/openssl/lhash_macros.h index 1d98107..ca349a9 100644 --- a/include/openssl/lhash_macros.h +++ b/include/openssl/lhash_macros.h
@@ -17,11 +17,11 @@ #endif /* ASN1_OBJECT */ -#define lh_ASN1_OBJECT_new(hash, comp) \ - ((LHASH_OF(ASN1_OBJECT) *)lh_new( \ - CHECKED_CAST(lhash_hash_func, uint32_t (*)(const ASN1_OBJECT *), hash), \ - CHECKED_CAST(lhash_cmp_func, \ - int (*)(const ASN1_OBJECT *a, const ASN1_OBJECT *b), \ +#define lh_ASN1_OBJECT_new(hash, comp) \ + ((LHASH_OF(ASN1_OBJECT) *)lh_new( \ + CHECKED_CAST(lhash_hash_func, uint32_t(*)(const ASN1_OBJECT *), hash), \ + CHECKED_CAST(lhash_cmp_func, \ + int (*)(const ASN1_OBJECT *a, const ASN1_OBJECT *b), \ comp))) #define lh_ASN1_OBJECT_free(lh) \ @@ -55,11 +55,12 @@ void (*)(ASN1_OBJECT *, void *), func), \ arg); + /* CONF_VALUE */ -#define lh_CONF_VALUE_new(hash, comp) \ - ((LHASH_OF(CONF_VALUE) *)lh_new( \ - CHECKED_CAST(lhash_hash_func, uint32_t (*)(const CONF_VALUE *), hash), \ - CHECKED_CAST(lhash_cmp_func, \ +#define lh_CONF_VALUE_new(hash, comp) \ + ((LHASH_OF(CONF_VALUE) *)lh_new( \ + CHECKED_CAST(lhash_hash_func, uint32_t(*)(const CONF_VALUE *), hash), \ + CHECKED_CAST(lhash_cmp_func, \ int (*)(const CONF_VALUE *a, const CONF_VALUE *b), comp))) #define lh_CONF_VALUE_free(lh) \ @@ -92,12 +93,53 @@ void (*)(CONF_VALUE *, void *), func), \ arg); + +/* CRYPTO_BUFFER */ +#define lh_CRYPTO_BUFFER_new(hash, comp) \ + ((LHASH_OF(CRYPTO_BUFFER) *)lh_new( \ + CHECKED_CAST(lhash_hash_func, uint32_t(*)(const CRYPTO_BUFFER *), hash), \ + CHECKED_CAST(lhash_cmp_func, \ + int (*)(const CRYPTO_BUFFER *a, const CRYPTO_BUFFER *b), \ + comp))) + +#define lh_CRYPTO_BUFFER_free(lh) \ + lh_free(CHECKED_CAST(_LHASH *, LHASH_OF(CRYPTO_BUFFER) *, lh)); + +#define lh_CRYPTO_BUFFER_num_items(lh) \ + lh_num_items(CHECKED_CAST(_LHASH *, LHASH_OF(CRYPTO_BUFFER) *, lh)) + +#define lh_CRYPTO_BUFFER_retrieve(lh, data) \ + ((CRYPTO_BUFFER *)lh_retrieve( \ + CHECKED_CAST(_LHASH *, LHASH_OF(CRYPTO_BUFFER) *, lh), \ + CHECKED_CAST(void *, CRYPTO_BUFFER *, data))) + +#define lh_CRYPTO_BUFFER_insert(lh, old_data, data) \ + lh_insert(CHECKED_CAST(_LHASH *, LHASH_OF(CRYPTO_BUFFER) *, lh), \ + CHECKED_CAST(void **, CRYPTO_BUFFER **, old_data), \ + CHECKED_CAST(void *, CRYPTO_BUFFER *, data)) + +#define lh_CRYPTO_BUFFER_delete(lh, data) \ + ((CRYPTO_BUFFER *)lh_delete( \ + CHECKED_CAST(_LHASH *, LHASH_OF(CRYPTO_BUFFER) *, lh), \ + CHECKED_CAST(void *, CRYPTO_BUFFER *, data))) + +#define lh_CRYPTO_BUFFER_doall(lh, func) \ + lh_doall(CHECKED_CAST(_LHASH *, LHASH_OF(CRYPTO_BUFFER) *, lh), \ + CHECKED_CAST(void (*)(void *), void (*)(CRYPTO_BUFFER *), func)); + +#define lh_CRYPTO_BUFFER_doall_arg(lh, func, arg) \ + lh_doall_arg(CHECKED_CAST(_LHASH *, LHASH_OF(CRYPTO_BUFFER) *, lh), \ + CHECKED_CAST(void (*)(void *, void *), \ + void (*)(CRYPTO_BUFFER *, void *), func), \ + arg); + + /* SSL_SESSION */ -#define lh_SSL_SESSION_new(hash, comp) \ - ((LHASH_OF(SSL_SESSION) *)lh_new( \ - CHECKED_CAST(lhash_hash_func, uint32_t (*)(const SSL_SESSION *), hash), \ - CHECKED_CAST(lhash_cmp_func, \ - int (*)(const SSL_SESSION *a, const SSL_SESSION *b), \ +#define lh_SSL_SESSION_new(hash, comp) \ + ((LHASH_OF(SSL_SESSION) *)lh_new( \ + CHECKED_CAST(lhash_hash_func, uint32_t(*)(const SSL_SESSION *), hash), \ + CHECKED_CAST(lhash_cmp_func, \ + int (*)(const SSL_SESSION *a, const SSL_SESSION *b), \ comp))) #define lh_SSL_SESSION_free(lh) \
diff --git a/include/openssl/pool.h b/include/openssl/pool.h new file mode 100644 index 0000000..0f6a3c8 --- /dev/null +++ b/include/openssl/pool.h
@@ -0,0 +1,87 @@ +/* Copyright (c) 2016, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + +#ifndef OPENSSL_HEADER_POOL_H +#define OPENSSL_HEADER_POOL_H + +#include <openssl/base.h> + +#if defined(__cplusplus) +extern "C" { +#endif + + +/* Buffers and buffer pools. + * + * |CRYPTO_BUFFER|s are simply reference-counted blobs. A |CRYPTO_BUFFER_POOL| is + * an intern table for |CRYPTO_BUFFER|s. This allows for a single copy of a given + * blob to be kept in memory and referenced from multiple places. */ + + +/* CRYPTO_BUFFER_POOL_new returns a freshly allocated |CRYPTO_BUFFER_POOL| or + * NULL on error. */ +OPENSSL_EXPORT CRYPTO_BUFFER_POOL* CRYPTO_BUFFER_POOL_new(void); + +/* CRYPTO_BUFFER_POOL_free frees |pool|, which must be empty. */ +OPENSSL_EXPORT void CRYPTO_BUFFER_POOL_free(CRYPTO_BUFFER_POOL *pool); + +/* CRYPTO_BUFFER_new returns a |CRYPTO_BUFFER| containing a copy of |data|, or + * else NULL on error. If |pool| is not NULL then the returned value may be a + * reference to a previously existing |CRYPTO_BUFFER| that contained the same + * data. Otherwise, the returned, fresh |CRYPTO_BUFFER| will be added to the + * pool. */ +OPENSSL_EXPORT CRYPTO_BUFFER *CRYPTO_BUFFER_new(const uint8_t *data, size_t len, + CRYPTO_BUFFER_POOL *pool); + +/* CRYPTO_BUFFER_new_from_CBS acts the same as |CRYPTO_BUFFER_new|. */ +OPENSSL_EXPORT CRYPTO_BUFFER *CRYPTO_BUFFER_new_from_CBS( + CBS *cbs, CRYPTO_BUFFER_POOL *pool); + +/* CRYPTO_BUFFER_free decrements the reference count of |buf|. If there are no + * other references, or if the only remaining reference is from a pool, then + * |buf| will be freed. */ +OPENSSL_EXPORT void CRYPTO_BUFFER_free(CRYPTO_BUFFER *buf); + +/* CRYPTO_BUFFER_up_ref increments the reference count of |buf| and returns + * one. */ +OPENSSL_EXPORT int CRYPTO_BUFFER_up_ref(CRYPTO_BUFFER *buf); + +/* CRYPTO_BUFFER_data returns a pointer to the data contained in |buf|. */ +OPENSSL_EXPORT const uint8_t *CRYPTO_BUFFER_data(const CRYPTO_BUFFER *buf); + +/* CRYPTO_BUFFER_len returns the length, in bytes, of the data contained in + * |buf|. */ +OPENSSL_EXPORT const size_t CRYPTO_BUFFER_len(const CRYPTO_BUFFER *buf); + +/* CRYPTO_BUFFER_init_CBS initialises |out| to point at the data from |buf|. */ +OPENSSL_EXPORT void CRYPTO_BUFFER_init_CBS(const CRYPTO_BUFFER *buf, CBS *out); + + +#if defined(__cplusplus) +} /* extern C */ + +extern "C++" { + +namespace bssl { + +BORINGSSL_MAKE_DELETER(CRYPTO_BUFFER_POOL, CRYPTO_BUFFER_POOL_free) +BORINGSSL_MAKE_DELETER(CRYPTO_BUFFER, CRYPTO_BUFFER_free) + +} // namespace bssl + +} /* extern C++ */ + +#endif + +#endif // OPENSSL_HEADER_POOL_H