Add visibility rules.
This change marks public symbols as dynamically exported. This means
that it becomes viable to build a shared library of libcrypto and libssl
with -fvisibility=hidden.
On Windows, one not only needs to mark functions for export in a
component, but also for import when using them from a different
component. Because of this we have to build with
|BORINGSSL_IMPLEMENTATION| defined when building the code. Other
components, when including our headers, won't have that defined and then
the |OPENSSL_EXPORT| tag becomes an import tag instead. See the #defines
in base.h
In the asm code, symbols are now hidden by default and those that need
to be exported are wrapped by a C function.
In order to support Chromium, a couple of libssl functions were moved to
ssl.h from ssl_locl.h: ssl_get_new_session and ssl_update_cache.
Change-Id: Ib4b76e2f1983ee066e7806c24721e8626d08a261
Reviewed-on: https://boringssl-review.googlesource.com/1350
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/modes.h b/include/openssl/modes.h
index c3a11ba..220adec 100644
--- a/include/openssl/modes.h
+++ b/include/openssl/modes.h
@@ -76,20 +76,19 @@
* stored in |ecount_buf| and |*num|, which must be zeroed before the initial
* call. The counter is a 128-bit, big-endian value in |ivec| and is
* incremented by this function. */
-void CRYPTO_ctr128_encrypt(const uint8_t *in, uint8_t *out,
- size_t len, const void *key, uint8_t ivec[16],
- uint8_t ecount_buf[16], unsigned int *num,
- block128_f block);
+OPENSSL_EXPORT void CRYPTO_ctr128_encrypt(const uint8_t *in, uint8_t *out,
+ size_t len, const void *key,
+ uint8_t ivec[16],
+ uint8_t ecount_buf[16],
+ unsigned int *num, block128_f block);
/* CRYPTO_ctr128_encrypt_ctr32 acts like |CRYPTO_ctr128_encrypt| but takes
* |ctr|, a function that performs CTR mode but only deals with the lower 32
* bits of the counter. This is useful when |ctr| can be an optimised
* function. */
-void CRYPTO_ctr128_encrypt_ctr32(const uint8_t *in, uint8_t *out,
- size_t len, const void *key,
- uint8_t ivec[16],
- uint8_t ecount_buf[16],
- unsigned int *num, ctr128_f ctr);
+OPENSSL_EXPORT void CRYPTO_ctr128_encrypt_ctr32(
+ const uint8_t *in, uint8_t *out, size_t len, const void *key,
+ uint8_t ivec[16], uint8_t ecount_buf[16], unsigned int *num, ctr128_f ctr);
/* GCM. */
@@ -98,54 +97,61 @@
/* CRYPTO_gcm128_new allocates a fresh |GCM128_CONTEXT| and calls
* |CRYPTO_gcm128_init|. It returns the new context, or NULL on error. */
-GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block);
+OPENSSL_EXPORT GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block);
/* CRYPTO_gcm128_init initialises |ctx| to use |block| (typically AES) with the
* given key. */
-void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block);
+OPENSSL_EXPORT void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key,
+ block128_f block);
/* CRYPTO_gcm128_setiv sets the IV (nonce) for |ctx|. */
-void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const uint8_t *iv, size_t len);
+OPENSSL_EXPORT void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const uint8_t *iv,
+ size_t len);
/* CRYPTO_gcm128_aad sets the authenticated data for an instance of GCM. This
* must be called before and data is encrypted. It returns one on success and
* zero otherwise. */
-int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const uint8_t *aad, size_t len);
+OPENSSL_EXPORT int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const uint8_t *aad,
+ size_t len);
/* CRYPTO_gcm128_encrypt encrypts |len| bytes from |in| to |out|. It returns
* one on success and zero otherwise. */
-int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, const uint8_t *in, uint8_t *out,
- size_t len);
+OPENSSL_EXPORT int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, const uint8_t *in,
+ uint8_t *out, size_t len);
/* CRYPTO_gcm128_decrypt decrypts |len| bytes from |in| to |out|. It returns
* one on success and zero otherwise. */
-int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, const uint8_t *in, uint8_t *out,
- size_t len);
+OPENSSL_EXPORT int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, const uint8_t *in,
+ uint8_t *out, size_t len);
/* CRYPTO_gcm128_encrypt_ctr32 encrypts |len| bytes from |in| to |out| using a
* CTR function that only handles the bottom 32 bits of the nonce, like
* |CRYPTO_ctr128_encrypt_ctr32|. It returns one on success and zero
* otherwise. */
-int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, const uint8_t *in,
- uint8_t *out, size_t len, ctr128_f stream);
+OPENSSL_EXPORT int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
+ const uint8_t *in, uint8_t *out,
+ size_t len, ctr128_f stream);
/* CRYPTO_gcm128_decrypt_ctr32 decrypts |len| bytes from |in| to |out| using a
* CTR function that only handles the bottom 32 bits of the nonce, like
* |CRYPTO_ctr128_encrypt_ctr32|. It returns one on success and zero
* otherwise. */
-int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, const uint8_t *in,
- uint8_t *out, size_t len, ctr128_f stream);
+OPENSSL_EXPORT int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
+ const uint8_t *in, uint8_t *out,
+ size_t len, ctr128_f stream);
/* CRYPTO_gcm128_finish calculates the authenticator and compares it against
* |len| bytes of |tag|. It returns one on success and zero otherwise. */
-int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const uint8_t *tag, size_t len);
+OPENSSL_EXPORT int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const uint8_t *tag,
+ size_t len);
/* CRYPTO_gcm128_tag calculates the authenticator and copies it into |tag|. The
* minimum of |len| and 16 bytes are copied into |tag|. */
-void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, uint8_t *tag, size_t len);
+OPENSSL_EXPORT void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, uint8_t *tag,
+ size_t len);
/* CRYPTO_gcm128_release clears and frees |ctx|. */
-void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx);
+OPENSSL_EXPORT void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx);
/* CBC. */
