Add visibility rules.
This change marks public symbols as dynamically exported. This means
that it becomes viable to build a shared library of libcrypto and libssl
with -fvisibility=hidden.
On Windows, one not only needs to mark functions for export in a
component, but also for import when using them from a different
component. Because of this we have to build with
|BORINGSSL_IMPLEMENTATION| defined when building the code. Other
components, when including our headers, won't have that defined and then
the |OPENSSL_EXPORT| tag becomes an import tag instead. See the #defines
in base.h
In the asm code, symbols are now hidden by default and those that need
to be exported are wrapped by a C function.
In order to support Chromium, a couple of libssl functions were moved to
ssl.h from ssl_locl.h: ssl_get_new_session and ssl_update_cache.
Change-Id: Ib4b76e2f1983ee066e7806c24721e8626d08a261
Reviewed-on: https://boringssl-review.googlesource.com/1350
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ecdsa.h b/include/openssl/ecdsa.h
index a2436f1..ec4df0f 100644
--- a/include/openssl/ecdsa.h
+++ b/include/openssl/ecdsa.h
@@ -73,19 +73,21 @@
* space. On successful exit, |*sig_len| is set to the actual number of bytes
* written. The |type| argument should be zero. It returns one on success and
* zero otherwise. */
-int ECDSA_sign(int type, const uint8_t *digest, size_t digest_len, uint8_t *sig,
- unsigned int *sig_len, EC_KEY *key);
+OPENSSL_EXPORT int ECDSA_sign(int type, const uint8_t *digest,
+ size_t digest_len, uint8_t *sig,
+ unsigned int *sig_len, EC_KEY *key);
/* ECDSA_verify verifies that |sig_len| bytes from |sig| constitute a valid
* signature by |key| of |digest|. (The |type| argument should be zero.) It
* returns one on success or zero if the signature is invalid or an error
* occured. */
-int ECDSA_verify(int type, const uint8_t *digest, size_t digest_len,
- const uint8_t *sig, size_t sig_len, EC_KEY *key);
+OPENSSL_EXPORT int ECDSA_verify(int type, const uint8_t *digest,
+ size_t digest_len, const uint8_t *sig,
+ size_t sig_len, EC_KEY *key);
/* ECDSA_size returns the maximum size of an ECDSA signature using |key|. It
* returns zero on error. */
-size_t ECDSA_size(const EC_KEY *key);
+OPENSSL_EXPORT size_t ECDSA_size(const EC_KEY *key);
/* Low-level signing and verification.
@@ -99,25 +101,25 @@
};
/* ECDSA_SIG_new returns a fresh |ECDSA_SIG| structure or NULL on error. */
-ECDSA_SIG *ECDSA_SIG_new(void);
+OPENSSL_EXPORT ECDSA_SIG *ECDSA_SIG_new(void);
/* ECDSA_SIG_free frees |sig| its member |BIGNUM|s. */
-void ECDSA_SIG_free(ECDSA_SIG *sig);
+OPENSSL_EXPORT void ECDSA_SIG_free(ECDSA_SIG *sig);
/* ECDSA_sign signs |digest_len| bytes from |digest| with |key| and returns the
* resulting signature structure, or NULL on error.
*
* TODO(fork): remove this function. */
-ECDSA_SIG *ECDSA_do_sign(const uint8_t *digest, size_t digest_len,
- EC_KEY *key);
+OPENSSL_EXPORT ECDSA_SIG *ECDSA_do_sign(const uint8_t *digest,
+ size_t digest_len, EC_KEY *key);
/* ECDSA_verify verifies that |sig| constitutes a valid signature by |key| of
* |digest|. It returns one on success or zero if the signature is invalid or
* on error.
*
* TODO(fork): remove this function. */
-int ECDSA_do_verify(const uint8_t *digest, size_t digest_len,
- const ECDSA_SIG *sig, EC_KEY *key);
+OPENSSL_EXPORT int ECDSA_do_verify(const uint8_t *digest, size_t digest_len,
+ const ECDSA_SIG *sig, EC_KEY *key);
/* Signing with precomputation.
@@ -130,19 +132,22 @@
/* ECDSA_sign_setup precomputes parts of an ECDSA signing operation. It sets
* |*kinv| and |*rp| to the precomputed values and uses the |ctx| argument, if
* not NULL. It returns one on success and zero otherwise. */
-int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+OPENSSL_EXPORT int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
+ BIGNUM **rp);
/* ECDSA_do_sign_ex is the same as |ECDSA_do_sign| but takes precomputed values
* as generated by |ECDSA_sign_setup|. */
-ECDSA_SIG *ECDSA_do_sign_ex(const uint8_t *digest, size_t digest_len,
- const BIGNUM *kinv, const BIGNUM *rp,
- EC_KEY *eckey);
+OPENSSL_EXPORT ECDSA_SIG *ECDSA_do_sign_ex(const uint8_t *digest,
+ size_t digest_len,
+ const BIGNUM *kinv, const BIGNUM *rp,
+ EC_KEY *eckey);
/* ECDSA_sign_ex is the same as |ECDSA_sign| but takes precomputed values as
* generated by |ECDSA_sign_setup|. */
-int ECDSA_sign_ex(int type, const uint8_t *digest, size_t digest_len,
- uint8_t *sig, unsigned int *sig_len, const BIGNUM *kinv,
- const BIGNUM *rp, EC_KEY *eckey);
+OPENSSL_EXPORT int ECDSA_sign_ex(int type, const uint8_t *digest,
+ size_t digest_len, uint8_t *sig,
+ unsigned int *sig_len, const BIGNUM *kinv,
+ const BIGNUM *rp, EC_KEY *eckey);
/* ASN.1 functions. */
@@ -153,13 +158,14 @@
* directly into |*out|, otherwise a fresh |ECDSA_SIG| is allocated. On
* successful exit, |*inp| is advanced past the DER structure. It returns the
* result or NULL on error. */
-ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **out, const uint8_t **inp, long len);
+OPENSSL_EXPORT ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **out, const uint8_t **inp,
+ long len);
/* i2d_ECDSA_SIG marshals a signature from |sig| to an ASN.1, DER
* structure. If |outp| is not NULL then the result is written to |*outp| and
* |*outp| is advanced just past the output. It returns the number of bytes in
* the result, whether written or not, or a negative value on error. */
-int i2d_ECDSA_SIG(const ECDSA_SIG *sig, uint8_t **outp);
+OPENSSL_EXPORT int i2d_ECDSA_SIG(const ECDSA_SIG *sig, uint8_t **outp);
#if defined(__cplusplus)
