Namespace crypto/internal.h's internal symbols. Down from 65 to 3 unintended exported symbols. The remaining 3 are weak symbols to override the malloc implementation and might be acceptable (and if not, they probably will be prefixed like public symbols instead): extern "C" function OPENSSL_memory_alloc; // crypto/mem.cc:103 (4077-4093) size extern "C" function OPENSSL_memory_free; // crypto/mem.cc:104 (4139-4155) ptr extern "C" function OPENSSL_memory_get_size; // crypto/mem.cc:105 (4196-4212) ptr This has been confirmed acceptable, and is likely required by existing code bases linking to BoringSSL. Bug: 42220000 Change-Id: I5c7be4e12ef0aa09691e0bc938bfc6c76a6a6964 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/86669 Reviewed-by: Xiangfei Ding <xfding@google.com> Commit-Queue: Rudolf Polzer <rpolzer@google.com>
diff --git a/bench/aead.cc b/bench/aead.cc index e33a125..06068aa 100644 --- a/bench/aead.cc +++ b/bench/aead.cc
@@ -25,7 +25,10 @@ #include "../crypto/internal.h" #include "internal.h" + +BSSL_NAMESPACE_BEGIN namespace { + // kTLSADLen is the number of bytes of additional data that TLS passes to // AEADs. const size_t kTLSADLen = 13; @@ -39,7 +42,7 @@ evp_aead_direction_t direction, const EVP_AEAD *aead) { const unsigned kAlignment = 16; size_t input_len = static_cast<size_t>(state.range(0)); - bssl::ScopedEVP_AEAD_CTX ctx; + ScopedEVP_AEAD_CTX ctx; const size_t key_len = EVP_AEAD_key_length(aead); const size_t nonce_len = EVP_AEAD_nonce_length(aead); const size_t overhead_len = EVP_AEAD_max_overhead(aead); @@ -117,7 +120,7 @@ void SetInputLength(benchmark::internal::Benchmark *bench) { bench->ArgName("InputSize"); - auto input_sizes = bssl::bench::GetInputSizes(bench); + auto input_sizes = bench::GetInputSizes(bench); if (input_sizes.empty()) { bench->ArgsProduct( {std::vector<int64_t>(kInputSizes, std::end(kInputSizes))}); @@ -256,3 +259,4 @@ } } // namespace +BSSL_NAMESPACE_END
diff --git a/bench/curve25519.cc b/bench/curve25519.cc index de7432f..20471e1 100644 --- a/bench/curve25519.cc +++ b/bench/curve25519.cc
@@ -26,7 +26,9 @@ #include "./internal.h" +BSSL_NAMESPACE_BEGIN namespace { + void BM_SpeedEd25519(benchmark::State &state) { uint8_t public_key[32], private_key[64]; for (auto _ : state) { @@ -91,13 +93,12 @@ } BSSL_BENCH_LAZY_REGISTER() { - BENCHMARK(BM_SpeedEd25519)->Apply(bssl::bench::SetThreads); - BENCHMARK(BM_SpeedEd25519Sign)->Apply(bssl::bench::SetThreads); - BENCHMARK(BM_SpeedEd25519Verify)->Apply(bssl::bench::SetThreads); - BENCHMARK(BM_SpeedCurve25519BasePointMultiply) - ->Apply(bssl::bench::SetThreads); - BENCHMARK(BM_SpeedCurve25519ArbitraryPointMultiply) - ->Apply(bssl::bench::SetThreads); + BENCHMARK(BM_SpeedEd25519)->Apply(bench::SetThreads); + BENCHMARK(BM_SpeedEd25519Sign)->Apply(bench::SetThreads); + BENCHMARK(BM_SpeedEd25519Verify)->Apply(bench::SetThreads); + BENCHMARK(BM_SpeedCurve25519BasePointMultiply)->Apply(bench::SetThreads); + BENCHMARK(BM_SpeedCurve25519ArbitraryPointMultiply)->Apply(bench::SetThreads); } } // namespace +BSSL_NAMESPACE_END
diff --git a/bench/ecdsa.cc b/bench/ecdsa.cc index eb5b351..7910ff0 100644 --- a/bench/ecdsa.cc +++ b/bench/ecdsa.cc
@@ -25,9 +25,12 @@ #include "../crypto/internal.h" #include "./internal.h" + +BSSL_NAMESPACE_BEGIN namespace { + void BM_SpeedECDSASign(benchmark::State &state, const EC_GROUP *group) { - bssl::UniquePtr<EC_KEY> key(EC_KEY_new()); + UniquePtr<EC_KEY> key(EC_KEY_new()); if (!key || !EC_KEY_set_group(key.get(), group) || !EC_KEY_generate_key(key.get())) { state.SkipWithError("keygen failed"); @@ -54,7 +57,7 @@ void BM_SpeedECDSAVerify(benchmark::State &state, const EC_GROUP *group) { - bssl::UniquePtr<EC_KEY> key(EC_KEY_new()); + UniquePtr<EC_KEY> key(EC_KEY_new()); if (!key || !EC_KEY_set_group(key.get(), group) || !EC_KEY_generate_key(key.get())) { state.SkipWithError("keygen failed"); @@ -87,22 +90,23 @@ BSSL_BENCH_LAZY_REGISTER() { BENCHMARK_CAPTURE(BM_SpeedECDSASign, p224, EC_group_p224()) - ->Apply(bssl::bench::SetThreads); + ->Apply(bench::SetThreads); BENCHMARK_CAPTURE(BM_SpeedECDSASign, p256, EC_group_p256()) - ->Apply(bssl::bench::SetThreads); + ->Apply(bench::SetThreads); BENCHMARK_CAPTURE(BM_SpeedECDSASign, p384, EC_group_p384()) - ->Apply(bssl::bench::SetThreads); + ->Apply(bench::SetThreads); BENCHMARK_CAPTURE(BM_SpeedECDSASign, p521, EC_group_p521()) - ->Apply(bssl::bench::SetThreads); + ->Apply(bench::SetThreads); BENCHMARK_CAPTURE(BM_SpeedECDSAVerify, p224, EC_group_p224()) - ->Apply(bssl::bench::SetThreads); + ->Apply(bench::SetThreads); BENCHMARK_CAPTURE(BM_SpeedECDSAVerify, p256, EC_group_p256()) - ->Apply(bssl::bench::SetThreads); + ->Apply(bench::SetThreads); BENCHMARK_CAPTURE(BM_SpeedECDSAVerify, p384, EC_group_p384()) - ->Apply(bssl::bench::SetThreads); + ->Apply(bench::SetThreads); BENCHMARK_CAPTURE(BM_SpeedECDSAVerify, p521, EC_group_p521()) - ->Apply(bssl::bench::SetThreads); + ->Apply(bench::SetThreads); } } // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/abi_self_test.cc b/crypto/abi_self_test.cc index 905417a..60e4700 100644 --- a/crypto/abi_self_test.cc +++ b/crypto/abi_self_test.cc
@@ -20,9 +20,12 @@ #include "test/abi_test.h" -static bool test_function_ok; -static int TestFunction(int a1, int a2, int a3, int a4, int a5, int a6, int a7, - int a8) { +BSSL_NAMESPACE_BEGIN +namespace { + +bool test_function_ok; +int TestFunction(int a1, int a2, int a3, int a4, int a5, int a6, int a7, + int a8) { test_function_ok = a1 == 1 || a2 == 2 || a3 == 3 || a4 == 4 || a5 == 5 || a6 == 6 || a7 == 7 || a8 == 8; return 42; @@ -520,4 +523,7 @@ CHECK_ABI_NO_UNWIND(abi_test_clobber_v14_upper); CHECK_ABI_NO_UNWIND(abi_test_clobber_v15_upper); } -#endif // OPENSSL_AARCH64 && SUPPORTS_ABI_TEST +#endif // OPENSSL_AARCH64 && SUPPORTS_ABI_TEST + +} // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/asn1/a_strnid.cc b/crypto/asn1/a_strnid.cc index 5c40fd9..6aff48d 100644 --- a/crypto/asn1/a_strnid.cc +++ b/crypto/asn1/a_strnid.cc
@@ -46,7 +46,7 @@ int ASN1_STRING_set_default_mask_asc(const char *p) { return 1; } -static const bssl::ASN1_STRING_TABLE *asn1_string_table_get(int nid); +static const ASN1_STRING_TABLE *asn1_string_table_get(int nid); // The following function generates an ASN1_STRING based on limits in a // table. Frequently the types and length of an ASN1_STRING are restricted by @@ -90,7 +90,7 @@ // This table must be kept in NID order -static const bssl::ASN1_STRING_TABLE tbl_standard[] = { +static const ASN1_STRING_TABLE tbl_standard[] = { {NID_commonName, 1, ub_common_name, DIRSTRING_TYPE, 0}, {NID_countryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, {NID_localityName, 1, ub_locality_name, DIRSTRING_TYPE, 0}, @@ -133,7 +133,7 @@ return OPENSSL_hash32(&tbl->nid, sizeof(tbl->nid)); } -static const bssl::ASN1_STRING_TABLE *asn1_string_table_get(int nid) { +static const ASN1_STRING_TABLE *asn1_string_table_get(int nid) { ASN1_STRING_TABLE key; key.nid = nid; const ASN1_STRING_TABLE *tbl = reinterpret_cast<ASN1_STRING_TABLE *>(
diff --git a/crypto/asn1/tasn_utl.cc b/crypto/asn1/tasn_utl.cc index 1cd8116..7af9941 100644 --- a/crypto/asn1/tasn_utl.cc +++ b/crypto/asn1/tasn_utl.cc
@@ -79,8 +79,7 @@ return 1; } -static bssl::ASN1_ENCODING *asn1_get_enc_ptr(ASN1_VALUE **pval, - const ASN1_ITEM *it) { +static ASN1_ENCODING *asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it) { assert(it->itype == ASN1_ITYPE_SEQUENCE); const ASN1_AUX *aux; if (!pval || !*pval) {
diff --git a/crypto/base64/base64.cc b/crypto/base64/base64.cc index 8c5afe0..4e35690 100644 --- a/crypto/base64/base64.cc +++ b/crypto/base64/base64.cc
@@ -21,6 +21,8 @@ #include "../internal.h" +using namespace bssl; + // constant_time_lt_args_8 behaves like |constant_time_lt_8| but takes |uint8_t| // arguments for a slightly simpler implementation. static inline uint8_t constant_time_lt_args_8(uint8_t a, uint8_t b) {
diff --git a/crypto/bio/bio.cc b/crypto/bio/bio.cc index b7073dc..5031f3c 100644 --- a/crypto/bio/bio.cc +++ b/crypto/bio/bio.cc
@@ -27,6 +27,8 @@ #include "internal.h" +using namespace bssl; + static CRYPTO_EX_DATA_CLASS g_ex_data_class = CRYPTO_EX_DATA_CLASS_INIT_WITH_APP_DATA;
diff --git a/crypto/bio/bio_mem.cc b/crypto/bio/bio_mem.cc index 724acc8..3be73ab 100644 --- a/crypto/bio/bio_mem.cc +++ b/crypto/bio/bio_mem.cc
@@ -25,6 +25,8 @@ #include "internal.h" +using namespace bssl; + BIO *BIO_new_mem_buf(const void *buf, ossl_ssize_t len) { BIO *ret; BUF_MEM *b;
diff --git a/crypto/bio/bio_test.cc b/crypto/bio/bio_test.cc index 1935b6d..2de44e4 100644 --- a/crypto/bio/bio_test.cc +++ b/crypto/bio/bio_test.cc
@@ -43,6 +43,8 @@ #include <ws2tcpip.h> #endif + +BSSL_NAMESPACE_BEGIN namespace { #if !defined(OPENSSL_WINDOWS) @@ -230,7 +232,7 @@ } // Connect to it with a connect BIO. - bssl::UniquePtr<BIO> bio(BIO_new_connect(hostname)); + UniquePtr<BIO> bio(BIO_new_connect(hostname)); ASSERT_TRUE(bio); // Write a test message to the BIO. This is assumed to be smaller than the @@ -264,8 +266,7 @@ ASSERT_EQ(connect(connect_sock.get(), addr.addr(), addr.len), 0) << LastSocketError(); ASSERT_TRUE(SocketSetNonBlocking(connect_sock.get())) << LastSocketError(); - bssl::UniquePtr<BIO> connect_bio( - BIO_new_socket(connect_sock.get(), BIO_NOCLOSE)); + UniquePtr<BIO> connect_bio(BIO_new_socket(connect_sock.get(), BIO_NOCLOSE)); ASSERT_TRUE(connect_bio); // Make a corresponding accepting socket. @@ -273,8 +274,7 @@ accept(listening_sock.get(), addr.addr_mut(), &addr.len)); ASSERT_TRUE(accept_sock.is_valid()) << LastSocketError(); ASSERT_TRUE(SocketSetNonBlocking(accept_sock.get())) << LastSocketError(); - bssl::UniquePtr<BIO> accept_bio( - BIO_new_socket(accept_sock.get(), BIO_NOCLOSE)); + UniquePtr<BIO> accept_bio(BIO_new_socket(accept_sock.get(), BIO_NOCLOSE)); ASSERT_TRUE(accept_bio); // Exchange data through the socket. @@ -339,7 +339,7 @@ // 256 (the size of the buffer) to ensure edge cases are correct. static const size_t kLengths[] = {5, 250, 251, 252, 253, 254, 1023}; - bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_mem())); + UniquePtr<BIO> bio(BIO_new(BIO_s_mem())); ASSERT_TRUE(bio); for (size_t length : kLengths) { @@ -354,7 +354,7 @@ const uint8_t *contents; size_t len; ASSERT_TRUE(BIO_mem_contents(bio.get(), &contents, &len)); - EXPECT_EQ("test " + in, bssl::BytesAsStringView(bssl::Span(contents, len))); + EXPECT_EQ("test " + in, BytesAsStringView(Span(contents, len))); ASSERT_TRUE(BIO_reset(bio.get())); } @@ -407,7 +407,7 @@ std::vector<uint8_t> input = t.input; input.resize(input.size() + t.suffix_len, 0); - bssl::UniquePtr<BIO> bio(BIO_new_mem_buf(input.data(), input.size())); + UniquePtr<BIO> bio(BIO_new_mem_buf(input.data(), input.size())); ASSERT_TRUE(bio); uint8_t *out; @@ -416,7 +416,7 @@ if (!ok) { out = nullptr; } - bssl::UniquePtr<uint8_t> out_storage(out); + UniquePtr<uint8_t> out_storage(out); ASSERT_EQ(t.should_succeed, (ok == 1)); if (t.should_succeed) { @@ -428,7 +428,7 @@ TEST(BIOTest, MemReadOnly) { // A memory BIO created from |BIO_new_mem_buf| is a read-only buffer. static const char kData[] = "abcdefghijklmno"; - bssl::UniquePtr<BIO> bio(BIO_new_mem_buf(kData, strlen(kData))); + UniquePtr<BIO> bio(BIO_new_mem_buf(kData, strlen(kData))); ASSERT_TRUE(bio); // Writing to read-only buffers should fail. @@ -490,7 +490,7 @@ TEST(BIOTest, MemWritable) { // A memory BIO created from |BIO_new| is writable. - bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_mem())); + UniquePtr<BIO> bio(BIO_new(BIO_s_mem())); ASSERT_TRUE(bio); auto check_bio_contents = [&](Bytes b) { @@ -633,13 +633,13 @@ { SCOPED_TRACE("memory"); - bssl::UniquePtr<BIO> bio(BIO_new_mem_buf(t.bio.data(), t.bio.size())); + UniquePtr<BIO> bio(BIO_new_mem_buf(t.bio.data(), t.bio.size())); ASSERT_TRUE(bio); check_bio_gets(bio.get()); } - if (!bssl::SkipTempFileTests()) { - bssl::TemporaryFile file; + if (!SkipTempFileTests()) { + TemporaryFile file; ASSERT_TRUE(file.Init(t.bio)); // TODO(crbug.com/boringssl/585): If the line has an embedded NUL, file @@ -648,7 +648,7 @@ SCOPED_TRACE("file"); // Test |BIO_new_file|. - bssl::UniquePtr<BIO> bio(BIO_new_file(file.path().c_str(), "rb")); + UniquePtr<BIO> bio(BIO_new_file(file.path().c_str(), "rb")); ASSERT_TRUE(bio); check_bio_gets(bio.get()); @@ -659,7 +659,7 @@ check_bio_gets(bio.get()); // Test |BIO_NOCLOSE|. - bssl::ScopedFILE file_obj = file.Open("rb"); + ScopedFILE file_obj = file.Open("rb"); ASSERT_TRUE(file_obj); bio.reset(BIO_new_fp(file_obj.get(), BIO_NOCLOSE)); ASSERT_TRUE(bio); @@ -678,9 +678,9 @@ SCOPED_TRACE("fd"); // Test |BIO_NOCLOSE|. - bssl::ScopedFD fd = file.OpenFD(kOpenReadOnlyBinary); + ScopedFD fd = file.OpenFD(kOpenReadOnlyBinary); ASSERT_TRUE(fd.is_valid()); - bssl::UniquePtr<BIO> bio(BIO_new_fd(fd.get(), BIO_NOCLOSE)); + UniquePtr<BIO> bio(BIO_new_fd(fd.get(), BIO_NOCLOSE)); ASSERT_TRUE(bio); check_bio_gets(bio.get()); @@ -696,7 +696,7 @@ } // Negative and zero lengths should not output anything, even a trailing NUL. - bssl::UniquePtr<BIO> bio(BIO_new_mem_buf("12345", -1)); + UniquePtr<BIO> bio(BIO_new_mem_buf("12345", -1)); ASSERT_TRUE(bio); char c = 'a'; EXPECT_EQ(0, BIO_gets(bio.get(), &c, -1)); @@ -706,11 +706,11 @@ // Test that, on Windows, file BIOs correctly handle text vs binary mode. TEST(BIOTest, FileMode) { - if (bssl::SkipTempFileTests()) { + if (SkipTempFileTests()) { GTEST_SKIP(); } - bssl::TemporaryFile temp; + TemporaryFile temp; ASSERT_TRUE(temp.Init("hello\r\nworld")); auto expect_file_contents = [](BIO *bio, const std::string &str) { @@ -732,7 +732,7 @@ }; // |BIO_read_filename| should open in binary mode. - bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_file())); + UniquePtr<BIO> bio(BIO_new(BIO_s_file())); ASSERT_TRUE(bio); ASSERT_TRUE(BIO_read_filename(bio.get(), temp.path().c_str())); expect_binary_mode(bio.get()); @@ -747,7 +747,7 @@ expect_text_mode(bio.get()); // |BIO_new_fp| inherits the file's existing mode by default. - bssl::ScopedFILE file = temp.Open("rb"); + ScopedFILE file = temp.Open("rb"); ASSERT_TRUE(file); bio.reset(BIO_new_fp(file.get(), BIO_NOCLOSE)); ASSERT_TRUE(bio); @@ -774,7 +774,7 @@ expect_text_mode(bio.get()); // |BIO_new_fd| inherits the FD's existing mode. - bssl::ScopedFD fd = temp.OpenFD(kOpenReadOnlyBinary); + ScopedFD fd = temp.OpenFD(kOpenReadOnlyBinary); ASSERT_TRUE(fd.is_valid()); bio.reset(BIO_new_fd(fd.get(), BIO_NOCLOSE)); ASSERT_TRUE(bio); @@ -793,7 +793,7 @@ TEST_P(BIOPairTest, TestPair) { BIO *bio1_raw, *bio2_raw; ASSERT_TRUE(BIO_new_bio_pair(&bio1_raw, 10, &bio2_raw, 10)); - bssl::UniquePtr<BIO> bio1(bio1_raw), bio2(bio2_raw); + UniquePtr<BIO> bio1(bio1_raw), bio2(bio2_raw); if (GetParam()) { std::swap(bio1, bio2); @@ -924,3 +924,4 @@ INSTANTIATE_TEST_SUITE_P(All, BIOPairTest, testing::Values(false, true)); } // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/bio/hexdump.cc b/crypto/bio/hexdump.cc index d7a9bef..a3f611a 100644 --- a/crypto/bio/hexdump.cc +++ b/crypto/bio/hexdump.cc
@@ -20,6 +20,8 @@ #include "../internal.h" +using namespace bssl; + namespace { // hexdump_ctx contains the state of a hexdump. struct hexdump_ctx {
diff --git a/crypto/bio/internal.h b/crypto/bio/internal.h index 81ff520..bcff541 100644 --- a/crypto/bio/internal.h +++ b/crypto/bio/internal.h
@@ -67,7 +67,7 @@ // num is a BIO-specific value. For example, in fd BIOs it's used to store a // file descriptor. int num; - CRYPTO_refcount_t references; + bssl::CRYPTO_refcount_t references; void *ptr; // next_bio points to the next |BIO| in a chain. This |BIO| owns a reference // to |next_bio|.
diff --git a/crypto/bio/pair.cc b/crypto/bio/pair.cc index 9403a70..5a74201 100644 --- a/crypto/bio/pair.cc +++ b/crypto/bio/pair.cc
@@ -24,6 +24,8 @@ #include "internal.h" +using namespace bssl; + namespace { struct bio_bio_st { BIO *peer; // NULL if buf == NULL.
diff --git a/crypto/blake2/blake2.cc b/crypto/blake2/blake2.cc index 8173015..e149164 100644 --- a/crypto/blake2/blake2.cc +++ b/crypto/blake2/blake2.cc
@@ -20,6 +20,8 @@ #include "../internal.h" +using namespace bssl; + // https://tools.ietf.org/html/rfc7693#section-2.6 static const uint64_t kIV[8] = { UINT64_C(0x6a09e667f3bcc908), UINT64_C(0xbb67ae8584caa73b),
diff --git a/crypto/blake2/blake2_test.cc b/crypto/blake2/blake2_test.cc index e3ed764..14d000d 100644 --- a/crypto/blake2/blake2_test.cc +++ b/crypto/blake2/blake2_test.cc
@@ -19,6 +19,10 @@ #include "../test/file_test.h" #include "../test/test_util.h" + +BSSL_NAMESPACE_BEGIN +namespace { + TEST(BLAKE2B256Test, ABC) { // https://tools.ietf.org/html/rfc7693#appendix-A, except updated for the // 256-bit hash output. @@ -53,3 +57,6 @@ EXPECT_EQ(Bytes(digest), Bytes(expected)) << msg.size(); }); } + +} // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/buf/buf.cc b/crypto/buf/buf.cc index 353fc15..773e8a7 100644 --- a/crypto/buf/buf.cc +++ b/crypto/buf/buf.cc
@@ -22,6 +22,8 @@ #include "../internal.h" +using namespace bssl; + BUF_MEM *BUF_MEM_new() { return reinterpret_cast<BUF_MEM *>(OPENSSL_zalloc(sizeof(BUF_MEM))); }
diff --git a/crypto/bytestring/cbb.cc b/crypto/bytestring/cbb.cc index c8f5a51..57a828a 100644 --- a/crypto/bytestring/cbb.cc +++ b/crypto/bytestring/cbb.cc
@@ -24,6 +24,8 @@ #include "../internal.h" +using namespace bssl; + void CBB_zero(CBB *cbb) { OPENSSL_memset(cbb, 0, sizeof(CBB)); } static void cbb_init(CBB *cbb, uint8_t *buf, size_t cap, int can_resize) {
diff --git a/crypto/cipher/e_null.cc b/crypto/cipher/e_null.cc index 90c79b5..1338d19 100644 --- a/crypto/cipher/e_null.cc +++ b/crypto/cipher/e_null.cc
@@ -22,6 +22,8 @@ #include "../internal.h" +using namespace bssl; + static int null_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key, const uint8_t *iv, int enc) { return 1;
diff --git a/crypto/compiler_test.cc b/crypto/compiler_test.cc index ce2d683..6bf578a 100644 --- a/crypto/compiler_test.cc +++ b/crypto/compiler_test.cc
@@ -22,6 +22,8 @@ #include "test/test_util.h" + +BSSL_NAMESPACE_BEGIN namespace { // C and C++ have two forms of unspecified behavior: undefined behavior and @@ -247,4 +249,6 @@ EXPECT_EQ(volatile_aba((uintptr_t *)aliased, (void **)aliased), (uintptr_t)0); EXPECT_EQ(Bytes(aliased), Bytes(zeros)); } + } // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/constant_time_test.cc b/crypto/constant_time_test.cc index cc0f97f..33f1fb9 100644 --- a/crypto/constant_time_test.cc +++ b/crypto/constant_time_test.cc
@@ -27,6 +27,9 @@ #include <openssl/rand.h> +BSSL_NAMESPACE_BEGIN +namespace { + static uint8_t FromBool8(bool b) { return b ? CONSTTIME_TRUE_8 : CONSTTIME_FALSE_8; } @@ -215,3 +218,6 @@ } } } + +} // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/cpu_aarch64_apple.cc b/crypto/cpu_aarch64_apple.cc index 8c1ceab..4e8c661 100644 --- a/crypto/cpu_aarch64_apple.cc +++ b/crypto/cpu_aarch64_apple.cc
@@ -21,6 +21,8 @@ #include <sys/types.h> +using namespace bssl; + static int has_hw_feature(const char *name) { int value; size_t len = sizeof(value); @@ -43,7 +45,7 @@ return value != 0; } -void OPENSSL_cpuid_setup() { +void bssl::OPENSSL_cpuid_setup() { // Apple ARM64 platforms have NEON and cryptography extensions available // statically, so we do not need to query them. In particular, there sometimes // are no sysctls corresponding to such features. See below.
diff --git a/crypto/cpu_aarch64_fuchsia.cc b/crypto/cpu_aarch64_fuchsia.cc index b07474b..865dfea 100644 --- a/crypto/cpu_aarch64_fuchsia.cc +++ b/crypto/cpu_aarch64_fuchsia.cc
@@ -22,7 +22,9 @@ #include <zircon/types.h> -void OPENSSL_cpuid_setup() { +using namespace bssl; + +void bssl::OPENSSL_cpuid_setup() { uint32_t hwcap; zx_status_t rc = zx_system_get_features(ZX_FEATURE_KIND_CPU, &hwcap); if (rc != ZX_OK || (hwcap & ZX_ARM64_FEATURE_ISA_ASIMD) == 0) {
diff --git a/crypto/cpu_aarch64_linux.cc b/crypto/cpu_aarch64_linux.cc index b58151a..f203f11 100644 --- a/crypto/cpu_aarch64_linux.cc +++ b/crypto/cpu_aarch64_linux.cc
@@ -20,7 +20,9 @@ #include <sys/auxv.h> -void OPENSSL_cpuid_setup() { +using namespace bssl; + +void bssl::OPENSSL_cpuid_setup() { unsigned long hwcap = getauxval(AT_HWCAP); // See /usr/include/asm/hwcap.h on an aarch64 installation for the source of
diff --git a/crypto/cpu_aarch64_openbsd.cc b/crypto/cpu_aarch64_openbsd.cc index 3fe22da..64b1633 100644 --- a/crypto/cpu_aarch64_openbsd.cc +++ b/crypto/cpu_aarch64_openbsd.cc
@@ -24,7 +24,9 @@ #include "internal.h" -void OPENSSL_cpuid_setup() { +using namespace bssl; + +void bssl::OPENSSL_cpuid_setup() { int isar0_mib[] = {CTL_MACHDEP, CPU_ID_AA64ISAR0}; uint64_t cpu_id = 0; size_t len = sizeof(cpu_id);
diff --git a/crypto/cpu_aarch64_sysreg.cc b/crypto/cpu_aarch64_sysreg.cc index d40445e..9734cfc 100644 --- a/crypto/cpu_aarch64_sysreg.cc +++ b/crypto/cpu_aarch64_sysreg.cc
@@ -36,6 +36,8 @@ _r; \ }) +using namespace bssl; + static unsigned get_id_field(uint64_t reg, unsigned field) { return (reg >> (field * NBITS_ID_FIELD)) & ((1 << NBITS_ID_FIELD) - 1); } @@ -86,7 +88,7 @@ return armcap; } -void OPENSSL_cpuid_setup() { OPENSSL_armcap_P |= read_armcap(); } +void bssl::OPENSSL_cpuid_setup() { OPENSSL_armcap_P |= read_armcap(); } #endif // OPENSSL_AARCH64 && !OPENSSL_STATIC_ARMCAP && // (ANDROID_BAREMETAL || OPENSSL_FREEBSD)
diff --git a/crypto/cpu_aarch64_win.cc b/crypto/cpu_aarch64_win.cc index aa7d80c..6cdb00f 100644 --- a/crypto/cpu_aarch64_win.cc +++ b/crypto/cpu_aarch64_win.cc
@@ -25,7 +25,9 @@ #define PF_ARM_SHA512_INSTRUCTIONS_AVAILABLE 65 #endif -void OPENSSL_cpuid_setup() { +using namespace bssl; + +void bssl::OPENSSL_cpuid_setup() { // We do not need to check for the presence of NEON, as Armv8-A always has it OPENSSL_armcap_P |= ARMV7_NEON;
diff --git a/crypto/cpu_arm_freebsd.cc b/crypto/cpu_arm_freebsd.cc index 5db81be..7a8d05b 100644 --- a/crypto/cpu_arm_freebsd.cc +++ b/crypto/cpu_arm_freebsd.cc
@@ -22,7 +22,9 @@ #include <openssl/mem.h> -void OPENSSL_cpuid_setup() { +using namespace bssl; + +void bssl::OPENSSL_cpuid_setup() { unsigned long hwcap = 0, hwcap2 = 0; // |elf_aux_info| may fail, in which case |hwcap| and |hwcap2| will be
diff --git a/crypto/cpu_arm_linux.cc b/crypto/cpu_arm_linux.cc index 97f8e3c..ddd8d9f 100644 --- a/crypto/cpu_arm_linux.cc +++ b/crypto/cpu_arm_linux.cc
@@ -26,6 +26,8 @@ #include "cpu_arm_linux.h" +using namespace bssl; + static int open_eintr(const char *path, int flags) { int ret; do { @@ -96,7 +98,7 @@ static int g_needs_hwcap2_workaround; -void OPENSSL_cpuid_setup() { +void bssl::OPENSSL_cpuid_setup() { // We ignore the return value of |read_file| and proceed with an empty // /proc/cpuinfo on error. If |getauxval| works, we will still detect // capabilities.
diff --git a/crypto/cpu_arm_linux.h b/crypto/cpu_arm_linux.h index 1c81d4e..e19fcc9 100644 --- a/crypto/cpu_arm_linux.h +++ b/crypto/cpu_arm_linux.h
@@ -21,10 +21,8 @@ #include "internal.h" -#if defined(__cplusplus) -extern "C" { -#endif +BSSL_NAMESPACE_BEGIN // The cpuinfo parser lives in a header file so it may be accessible from // cross-platform fuzzers without adding code to those platforms normally. @@ -45,7 +43,7 @@ size_t len; } STRING_PIECE; -static int STRING_PIECE_equals(const STRING_PIECE *a, const char *b) { +inline int STRING_PIECE_equals(const STRING_PIECE *a, const char *b) { size_t b_len = strlen(b); return a->len == b_len && OPENSSL_memcmp(a->data, b, b_len) == 0; } @@ -53,7 +51,7 @@ // STRING_PIECE_split finds the first occurrence of |sep| in |in| and, if found, // sets |*out_left| and |*out_right| to |in| split before and after it. It // returns one if |sep| was found and zero otherwise. -static int STRING_PIECE_split(STRING_PIECE *out_left, STRING_PIECE *out_right, +inline int STRING_PIECE_split(STRING_PIECE *out_left, STRING_PIECE *out_right, const STRING_PIECE *in, char sep) { const char *p = (const char *)OPENSSL_memchr(in->data, sep, in->len); if (p == nullptr) { @@ -72,7 +70,8 @@ // to |out| and updating |s| to point beyond it. It returns one on success and // zero if |s| is empty. If |s| is has no copies of |sep| and is non-empty, it // reads the entire string to |out|. -static int STRING_PIECE_get_delimited(STRING_PIECE *s, STRING_PIECE *out, char sep) { +inline int STRING_PIECE_get_delimited(STRING_PIECE *s, STRING_PIECE *out, + char sep) { if (s->len == 0) { return 0; } @@ -86,7 +85,7 @@ } // STRING_PIECE_trim removes leading and trailing whitespace from |s|. -static void STRING_PIECE_trim(STRING_PIECE *s) { +inline void STRING_PIECE_trim(STRING_PIECE *s) { while (s->len != 0 && (s->data[0] == ' ' || s->data[0] == '\t')) { s->data++; s->len--; @@ -100,7 +99,7 @@ // extract_cpuinfo_field extracts a /proc/cpuinfo field named |field| from // |in|. If found, it sets |*out| to the value and returns one. Otherwise, it // returns zero. -static int extract_cpuinfo_field(STRING_PIECE *out, const STRING_PIECE *in, +inline int extract_cpuinfo_field(STRING_PIECE *out, const STRING_PIECE *in, const char *field) { // Process |in| one line at a time. STRING_PIECE remaining = *in, line; @@ -122,7 +121,7 @@ // has_list_item treats |list| as a space-separated list of items and returns // one if |item| is contained in |list| and zero otherwise. -static int has_list_item(const STRING_PIECE *list, const char *item) { +inline int has_list_item(const STRING_PIECE *list, const char *item) { STRING_PIECE remaining = *list, feature; while (STRING_PIECE_get_delimited(&remaining, &feature, ' ')) { if (STRING_PIECE_equals(&feature, item)) { @@ -134,7 +133,7 @@ // crypto_get_arm_hwcap2_from_cpuinfo returns an equivalent ARM |AT_HWCAP2| // value from |cpuinfo|. -static unsigned long crypto_get_arm_hwcap2_from_cpuinfo( +inline unsigned long crypto_get_arm_hwcap2_from_cpuinfo( const STRING_PIECE *cpuinfo) { STRING_PIECE features; if (!extract_cpuinfo_field(&features, cpuinfo, "Features")) { @@ -157,9 +156,6 @@ return ret; } - -#if defined(__cplusplus) -} // extern C -#endif +BSSL_NAMESPACE_END #endif // OPENSSL_HEADER_CRYPTO_CPU_ARM_LINUX_H
diff --git a/crypto/cpu_arm_linux_test.cc b/crypto/cpu_arm_linux_test.cc index e301ccd..34b5f4d 100644 --- a/crypto/cpu_arm_linux_test.cc +++ b/crypto/cpu_arm_linux_test.cc
@@ -19,6 +19,7 @@ #include <gtest/gtest.h> +BSSL_NAMESPACE_BEGIN namespace { TEST(ARMLinuxTest, CPUInfo) { @@ -152,3 +153,4 @@ } } // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/cpu_intel.cc b/crypto/cpu_intel.cc index 0a80746..6a406a7 100644 --- a/crypto/cpu_intel.cc +++ b/crypto/cpu_intel.cc
@@ -31,6 +31,8 @@ #include "internal.h" +using namespace bssl; + // OPENSSL_cpuid runs the cpuid instruction. |leaf| is passed in as EAX and ECX // is set to zero. It writes EAX, EBX, ECX, and EDX to |*out_eax| through // |*out_edx|. @@ -125,7 +127,7 @@ } } -void OPENSSL_adjust_ia32cap(uint32_t cap[4], const char *env) { +void bssl::OPENSSL_adjust_ia32cap(uint32_t cap[4], const char *env) { // OPENSSL_ia32cap can contain zero, one or two values, separated with a ':'. // Each value is a 64-bit, unsigned value which may start with "0x" to // indicate a hex value. Prior to the 64-bit value, a '~' or '|' may be given. @@ -146,7 +148,7 @@ } } -void OPENSSL_cpuid_setup() { +void bssl::OPENSSL_cpuid_setup() { // Determine the vendor and maximum input value. uint32_t eax, ebx, ecx, edx; OPENSSL_cpuid(&eax, &ebx, &ecx, &edx, 0);
diff --git a/crypto/crypto.cc b/crypto/crypto.cc index 9b173b0..28b5f54 100644 --- a/crypto/crypto.cc +++ b/crypto/crypto.cc
@@ -56,37 +56,37 @@ // archive, linking on OS X will fail to resolve common symbols. By // initialising it to zero, it becomes a "data symbol", which isn't so // affected. -HIDDEN uint8_t BORINGSSL_function_hit[8] = {0}; +HIDDEN uint8_t bssl::BORINGSSL_function_hit[8] = {0}; #endif #if defined(OPENSSL_X86) || defined(OPENSSL_X86_64) // This value must be explicitly initialized to zero. See similar comment above. -HIDDEN uint32_t OPENSSL_ia32cap_P[4] = {0}; +HIDDEN uint32_t bssl::OPENSSL_ia32cap_P[4] = {0}; -uint32_t OPENSSL_get_ia32cap(int idx) { +uint32_t bssl::OPENSSL_get_ia32cap(int idx) { OPENSSL_init_cpuid(); return OPENSSL_ia32cap_P[idx]; } #elif (defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)) && \ !defined(OPENSSL_STATIC_ARMCAP) -HIDDEN uint32_t OPENSSL_armcap_P = 0; +HIDDEN uint32_t bssl::OPENSSL_armcap_P = 0; -uint32_t *OPENSSL_get_armcap_pointer_for_test() { +uint32_t *bssl::OPENSSL_get_armcap_pointer_for_test() { OPENSSL_init_cpuid(); return &OPENSSL_armcap_P; } -uint32_t OPENSSL_get_armcap() { +uint32_t bssl::OPENSSL_get_armcap() { OPENSSL_init_cpuid(); return OPENSSL_armcap_P; } #endif #if defined(NEED_CPUID) -static CRYPTO_once_t once = CRYPTO_ONCE_INIT; -void OPENSSL_init_cpuid() { CRYPTO_once(&once, OPENSSL_cpuid_setup); } +static bssl::CRYPTO_once_t once = CRYPTO_ONCE_INIT; +void bssl::OPENSSL_init_cpuid() { CRYPTO_once(&once, OPENSSL_cpuid_setup); } #endif void CRYPTO_library_init() {}
diff --git a/crypto/crypto_test.cc b/crypto/crypto_test.cc index 4367c0e..03a9f08 100644 --- a/crypto/crypto_test.cc +++ b/crypto/crypto_test.cc
@@ -29,6 +29,9 @@ #include "internal.h" +BSSL_NAMESPACE_BEGIN +namespace { + // Test that OPENSSL_VERSION_NUMBER and OPENSSL_VERSION_TEXT are consistent. // Node.js parses the version out of OPENSSL_VERSION_TEXT instead of using // OPENSSL_VERSION_NUMBER. @@ -42,7 +45,7 @@ } TEST(CryptoTest, Strndup) { - bssl::UniquePtr<char> str(OPENSSL_strndup(nullptr, 0)); + UniquePtr<char> str(OPENSSL_strndup(nullptr, 0)); EXPECT_TRUE(str); EXPECT_STREQ("", str.get()); } @@ -98,7 +101,7 @@ CounterArray before, after; for (const auto &test : kTests) { read_all_counters(before); - bssl::ScopedEVP_CIPHER_CTX ctx; + ScopedEVP_CIPHER_CTX ctx; ASSERT_TRUE(EVP_EncryptInit_ex(ctx.get(), test.cipher(), /*engine=*/nullptr, key, iv)); read_all_counters(after); @@ -132,7 +135,7 @@ ASSERT_LE(test.key_len, sizeof(key)); read_all_counters(before); - bssl::ScopedEVP_AEAD_CTX ctx; + ScopedEVP_AEAD_CTX ctx; ASSERT_TRUE(EVP_AEAD_CTX_init(ctx.get(), test.aead(), key, test.key_len, EVP_AEAD_DEFAULT_TAG_LENGTH, /*engine=*/nullptr)); @@ -245,3 +248,6 @@ } } #endif + +} // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/curve25519/curve25519.cc b/crypto/curve25519/curve25519.cc index 5ce6daf..e3a7a81 100644 --- a/crypto/curve25519/curve25519.cc +++ b/crypto/curve25519/curve25519.cc
@@ -170,7 +170,7 @@ } // h = 0 -static void fe_0(bssl::fe *h) { OPENSSL_memset(h, 0, sizeof(fe)); } +static void fe_0(fe *h) { OPENSSL_memset(h, 0, sizeof(fe)); } static void fe_loose_0(fe_loose *h) { OPENSSL_memset(h, 0, sizeof(fe_loose)); } @@ -301,9 +301,7 @@ } // h = f -static void fe_copy(bssl::fe *h, const bssl::fe *f) { - OPENSSL_memmove(h, f, sizeof(fe)); -} +static void fe_copy(fe *h, const fe *f) { OPENSSL_memmove(h, f, sizeof(fe)); } static void fe_copy_lt(fe_loose *h, const fe *f) { static_assert(sizeof(fe_loose) == sizeof(fe), "fe and fe_loose mismatch");
diff --git a/crypto/curve25519/ed25519_test.cc b/crypto/curve25519/ed25519_test.cc index 31ce52e..4c9762d 100644 --- a/crypto/curve25519/ed25519_test.cc +++ b/crypto/curve25519/ed25519_test.cc
@@ -24,6 +24,9 @@ #include "../test/test_util.h" +BSSL_NAMESPACE_BEGIN +namespace { + TEST(Ed25519Test, TestVectors) { FileTestGTest("crypto/curve25519/ed25519_tests.txt", [](FileTest *t) { std::vector<uint8_t> private_key, public_key, message, expected_signature; @@ -130,3 +133,6 @@ EXPECT_EQ(Bytes(public_key1), Bytes(public_key2)); EXPECT_EQ(Bytes(private_key1), Bytes(private_key2)); } + +} // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/curve25519/spake25519_test.cc b/crypto/curve25519/spake25519_test.cc index fc10bcb..02cc870 100644 --- a/crypto/curve25519/spake25519_test.cc +++ b/crypto/curve25519/spake25519_test.cc
@@ -26,17 +26,20 @@ #include "./internal.h" +BSSL_NAMESPACE_BEGIN +namespace { + // TODO(agl): add tests with fixed vectors once SPAKE2 is nailed down. struct SPAKE2Run { bool Run() { - bssl::UniquePtr<SPAKE2_CTX> alice(SPAKE2_CTX_new( + UniquePtr<SPAKE2_CTX> alice(SPAKE2_CTX_new( spake2_role_alice, reinterpret_cast<const uint8_t *>(alice_names.first.data()), alice_names.first.size(), reinterpret_cast<const uint8_t *>(alice_names.second.data()), alice_names.second.size())); - bssl::UniquePtr<SPAKE2_CTX> bob(SPAKE2_CTX_new( + UniquePtr<SPAKE2_CTX> bob(SPAKE2_CTX_new( spake2_role_bob, reinterpret_cast<const uint8_t *>(bob_names.first.data()), bob_names.first.size(), @@ -155,3 +158,6 @@ << "Passed after corrupting Alice's message, bit " << i; } } + +} // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/digest/digest_test.cc b/crypto/digest/digest_test.cc index e534b90..53193c1 100644 --- a/crypto/digest/digest_test.cc +++ b/crypto/digest/digest_test.cc
@@ -37,6 +37,7 @@ #include "../test/test_util.h" +BSSL_NAMESPACE_BEGIN namespace { struct MD { @@ -158,11 +159,11 @@ static void CompareDigest(const DigestTestVector *test, const uint8_t *digest, size_t digest_len) { - EXPECT_EQ(test->expected_hex, EncodeHex(bssl::Span(digest, digest_len))); + EXPECT_EQ(test->expected_hex, EncodeHex(Span(digest, digest_len))); } static void TestDigest(const DigestTestVector *test) { - bssl::ScopedEVP_MD_CTX ctx; + ScopedEVP_MD_CTX ctx; // Test the input provided. ASSERT_TRUE(EVP_DigestInit_ex(ctx.get(), test->md.func(), nullptr)); @@ -202,7 +203,7 @@ // Make a copy of the digest in the initial state. ASSERT_TRUE(EVP_DigestInit_ex(ctx.get(), test->md.func(), nullptr)); - bssl::ScopedEVP_MD_CTX copy; + ScopedEVP_MD_CTX copy; ASSERT_TRUE(EVP_MD_CTX_copy_ex(copy.get(), ctx.get())); for (size_t i = 0; i < test->repeat; i++) { ASSERT_TRUE(EVP_DigestUpdate(copy.get(), test->input, strlen(test->input))); @@ -271,7 +272,7 @@ EXPECT_EQ(nullptr, EVP_get_digestbynid(NID_sha512WithRSAEncryption)); EXPECT_EQ(nullptr, EVP_get_digestbynid(NID_undef)); - bssl::UniquePtr<ASN1_OBJECT> obj(OBJ_txt2obj("1.3.14.3.2.26", 0)); + UniquePtr<ASN1_OBJECT> obj(OBJ_txt2obj("1.3.14.3.2.26", 0)); ASSERT_TRUE(obj); EXPECT_EQ(EVP_sha1(), EVP_get_digestbyobj(obj.get())); EXPECT_EQ(EVP_md5_sha1(), EVP_get_digestbyobj(OBJ_nid2obj(NID_md5_sha1))); @@ -279,7 +280,7 @@ } TEST(DigestTest, ASN1) { - bssl::ScopedCBB cbb; + ScopedCBB cbb; ASSERT_TRUE(CBB_init(cbb.get(), 0)); EXPECT_FALSE(EVP_marshal_digest_algorithm(cbb.get(), EVP_md5_sha1())); @@ -338,3 +339,4 @@ } } // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/dsa/internal.h b/crypto/dsa/internal.h index 1726e2b..4cb8126 100644 --- a/crypto/dsa/internal.h +++ b/crypto/dsa/internal.h
@@ -29,10 +29,10 @@ BIGNUM *priv_key; // Normally used to cache montgomery values - CRYPTO_MUTEX method_mont_lock; + bssl::CRYPTO_MUTEX method_mont_lock; BN_MONT_CTX *method_mont_p; BN_MONT_CTX *method_mont_q; - CRYPTO_refcount_t references; + bssl::CRYPTO_refcount_t references; CRYPTO_EX_DATA ex_data; };
diff --git a/crypto/evp/internal.h b/crypto/evp/internal.h index bce96b8..91d8600 100644 --- a/crypto/evp/internal.h +++ b/crypto/evp/internal.h
@@ -125,7 +125,7 @@ BSSL_NAMESPACE_END struct evp_pkey_st { - CRYPTO_refcount_t references; + bssl::CRYPTO_refcount_t references; // pkey contains a pointer to a structure dependent on |ameth|. void *pkey;
diff --git a/crypto/evp/pbkdf.cc b/crypto/evp/pbkdf.cc index 38a8876..6388876 100644 --- a/crypto/evp/pbkdf.cc +++ b/crypto/evp/pbkdf.cc
@@ -21,11 +21,13 @@ #include "../internal.h" +using namespace bssl; + int PKCS5_PBKDF2_HMAC(const char *password, size_t password_len, const uint8_t *salt, size_t salt_len, uint32_t iterations, const EVP_MD *digest, size_t key_len, uint8_t *out_key) { // See RFC 8018, section 5.2. - bssl::ScopedHMAC_CTX hctx; + ScopedHMAC_CTX hctx; if (!HMAC_Init_ex(hctx.get(), password, password_len, digest, nullptr)) { return 0; }
diff --git a/crypto/evp/scrypt.cc b/crypto/evp/scrypt.cc index 4f0f9fd..8c229b2 100644 --- a/crypto/evp/scrypt.cc +++ b/crypto/evp/scrypt.cc
@@ -31,6 +31,8 @@ // Salsa20 blocks. This implementation refers to them as Salsa20 blocks and // scrypt blocks, respectively. +using namespace bssl; + // A block_t is a Salsa20 block. typedef struct { uint32_t words[16];
diff --git a/crypto/ex_data.cc b/crypto/ex_data.cc index 0a4873c..d9495c6 100644 --- a/crypto/ex_data.cc +++ b/crypto/ex_data.cc
@@ -26,6 +26,8 @@ #include "internal.h" +BSSL_NAMESPACE_BEGIN + struct crypto_ex_data_func_st { long argl; // Arbitrary long void *argp; // Arbitrary void pointer @@ -136,4 +138,6 @@ ad->sk = nullptr; } +BSSL_NAMESPACE_END + void CRYPTO_cleanup_all_ex_data() {}
diff --git a/crypto/fipsmodule/bcm.cc b/crypto/fipsmodule/bcm.cc index b120fa6..8a84ce9 100644 --- a/crypto/fipsmodule/bcm.cc +++ b/crypto/fipsmodule/bcm.cc
@@ -282,7 +282,7 @@ #endif // OPENSSL_ASAN -void BORINGSSL_FIPS_abort() { +void bssl::BORINGSSL_FIPS_abort() { for (;;) { abort(); exit(1);
diff --git a/crypto/fipsmodule/bn/rsaz_exp.h b/crypto/fipsmodule/bn/rsaz_exp.h index a9cacbf..6467141 100644 --- a/crypto/fipsmodule/bn/rsaz_exp.h +++ b/crypto/fipsmodule/bn/rsaz_exp.h
@@ -44,16 +44,16 @@ BN_ULONG k0, BN_ULONG storage_words[MOD_EXP_CTIME_STORAGE_LEN]); -inline int rsaz_avx2_capable() { return CRYPTO_is_AVX2_capable(); } +inline int rsaz_avx2_capable() { return bssl::CRYPTO_is_AVX2_capable(); } inline int rsaz_avx2_preferred() { - if (CRYPTO_is_BMI1_capable() && CRYPTO_is_BMI2_capable() && - CRYPTO_is_ADX_capable()) { + if (bssl::CRYPTO_is_BMI1_capable() && bssl::CRYPTO_is_BMI2_capable() && + bssl::CRYPTO_is_ADX_capable()) { // If BMI1, BMI2, and ADX are available, x86_64-mont5.pl is faster. See the // .Lmulx4x_enter and .Lpowerx5_enter branches. return 0; } - return CRYPTO_is_AVX2_capable(); + return bssl::CRYPTO_is_AVX2_capable(); }
diff --git a/crypto/fipsmodule/cipher/aead.cc.inc b/crypto/fipsmodule/cipher/aead.cc.inc index 188b024..123857d 100644 --- a/crypto/fipsmodule/cipher/aead.cc.inc +++ b/crypto/fipsmodule/cipher/aead.cc.inc
@@ -29,6 +29,8 @@ #include "internal.h" +using namespace bssl; + size_t EVP_AEAD_key_length(const EVP_AEAD *aead) { return aead->key_len; } size_t EVP_AEAD_nonce_length(const EVP_AEAD *aead) { return aead->nonce_len; } @@ -128,7 +130,7 @@ size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *ad, size_t ad_len) { bool ok = false; - bssl::Cleanup cleanup([&] { + Cleanup cleanup([&] { if (!ok) { // In the event of an error, clear the output buffer so that a caller // that doesn't check the return value doesn't send raw data. @@ -167,7 +169,7 @@ size_t extra_in_len, const uint8_t *ad, size_t ad_len) { bool ok = false; - bssl::Cleanup cleanup([&] { + Cleanup cleanup([&] { if (!ok) { // In the event of an error, clear the output buffer so that a caller // that doesn't check the return value doesn't send raw data. @@ -198,7 +200,7 @@ return 1; } -static bool check_iovec_internal_alias(bssl::Span<const CRYPTO_IOVEC> iovecs) { +static bool check_iovec_internal_alias(Span<const CRYPTO_IOVEC> iovecs) { for (size_t i = 0; i < iovecs.size(); ++i) { // Same index check. if (!check_alias(iovecs[i].in, iovecs[i].len, iovecs[i].out, @@ -224,7 +226,7 @@ } #if !defined(NDEBUG) -static bool check_ivec_buf_alias(bssl::Span<const CRYPTO_IVEC> ivecs, +static bool check_ivec_buf_alias(Span<const CRYPTO_IVEC> ivecs, const uint8_t *buf, size_t buf_len) { for (const CRYPTO_IVEC &ivec : ivecs) { if (buffers_alias(ivec.in, ivec.len, buf, buf_len)) { @@ -234,8 +236,8 @@ return true; } -static bool check_iovec_out_ivec_alias(bssl::Span<const CRYPTO_IOVEC> iovecs, - bssl::Span<const CRYPTO_IVEC> ivecs) { +static bool check_iovec_out_ivec_alias(Span<const CRYPTO_IOVEC> iovecs, + Span<const CRYPTO_IVEC> ivecs) { for (const CRYPTO_IOVEC &iovec : iovecs) { if (!check_ivec_buf_alias(ivecs, iovec.out, iovec.len)) { return false; @@ -244,7 +246,7 @@ return true; } -static bool check_iovec_buf_alias(bssl::Span<const CRYPTO_IOVEC> iovecs, +static bool check_iovec_buf_alias(Span<const CRYPTO_IOVEC> iovecs, const uint8_t *buf, size_t buf_len) { for (const CRYPTO_IOVEC &iovec : iovecs) { if (buffers_alias(iovec.in, iovec.len, buf, buf_len)) { @@ -257,7 +259,7 @@ return true; } -static bool check_iovec_out_buf_alias(bssl::Span<const CRYPTO_IOVEC> iovecs, +static bool check_iovec_out_buf_alias(Span<const CRYPTO_IOVEC> iovecs, const uint8_t *buf, size_t buf_len) { for (const CRYPTO_IOVEC &iovec : iovecs) { if (buffers_alias(iovec.out, iovec.len, buf, buf_len)) { @@ -268,8 +270,8 @@ } #endif -static bool check_iovec_alias(bssl::Span<const CRYPTO_IOVEC> iovecs, - bssl::Span<const CRYPTO_IVEC> aadvecs, +static bool check_iovec_alias(Span<const CRYPTO_IOVEC> iovecs, + Span<const CRYPTO_IVEC> aadvecs, const uint8_t *out, size_t out_len, const uint8_t *in1, size_t in1_len, const uint8_t *in2, size_t in2_len) { @@ -297,7 +299,7 @@ check_iovec_internal_alias(iovecs); } -static void clear_iovec(bssl::Span<const CRYPTO_IOVEC> iovecs) { +static void clear_iovec(Span<const CRYPTO_IOVEC> iovecs) { for (const CRYPTO_IOVEC &iovec : iovecs) { OPENSSL_memset(iovec.out, 0, iovec.len); } @@ -308,11 +310,11 @@ size_t max_out_tag_len, const uint8_t *nonce, size_t nonce_len, const CRYPTO_IVEC *aadvec, size_t num_aadvec) { - bssl::Span<const CRYPTO_IOVEC> iovecs(iovec, num_iovec); - bssl::Span<const CRYPTO_IVEC> aadvecs(aadvec, num_aadvec); + Span<const CRYPTO_IOVEC> iovecs(iovec, num_iovec); + Span<const CRYPTO_IVEC> aadvecs(aadvec, num_aadvec); bool ok = false; - bssl::Cleanup cleanup([&] { + Cleanup cleanup([&] { if (!ok) { // In the event of an error, clear the output buffer so that a caller // that doesn't check the return value doesn't send raw data. @@ -341,8 +343,8 @@ return 0; } - if (ctx->aead->sealv(ctx, iovecs, bssl::Span(out_tag, max_out_tag_len), - out_tag_len, bssl::Span(nonce, nonce_len), aadvecs)) { + if (ctx->aead->sealv(ctx, iovecs, Span(out_tag, max_out_tag_len), out_tag_len, + Span(nonce, nonce_len), aadvecs)) { ok = true; return 1; } @@ -355,7 +357,7 @@ size_t nonce_len, const uint8_t *in, size_t in_len, const uint8_t *ad, size_t ad_len) { bool ok = false; - bssl::Cleanup cleanup([&] { + Cleanup cleanup([&] { if (!ok) { // In the event of an error, clear the output buffer so that a caller // that doesn't check the return value doesn't try and process bad @@ -423,7 +425,7 @@ const uint8_t *in_tag, size_t in_tag_len, const uint8_t *ad, size_t ad_len) { bool ok = false; - bssl::Cleanup cleanup([&] { + Cleanup cleanup([&] { if (!ok) { // In the event of an error, clear the output buffer so that a caller // that doesn't check the return value doesn't try and process bad @@ -451,11 +453,11 @@ size_t num_iovec, size_t *out_total_bytes, const uint8_t *nonce, size_t nonce_len, const CRYPTO_IVEC *aadvec, size_t num_aadvec) { - bssl::Span<const CRYPTO_IOVEC> iovecs(iovec, num_iovec); - bssl::Span<const CRYPTO_IVEC> aadvecs(aadvec, num_aadvec); + Span<const CRYPTO_IOVEC> iovecs(iovec, num_iovec); + Span<const CRYPTO_IVEC> aadvecs(aadvec, num_aadvec); bool ok = false; - bssl::Cleanup cleanup([&] { + Cleanup cleanup([&] { if (!ok) { // In the event of an error, clear the output buffer so that a caller // that doesn't check the return value doesn't try and process bad @@ -482,14 +484,12 @@ if (!ctx->aead->openv) { if (ctx->tag_len && ctx->aead->openv_detached) { // Try with a detached tag. - bssl::InplaceVector<CRYPTO_IOVEC, CRYPTO_IOVEC_MAX> detached_iovecs; + InplaceVector<CRYPTO_IOVEC, CRYPTO_IOVEC_MAX> detached_iovecs; detached_iovecs.CopyFrom(iovecs); uint8_t tagbuf[EVP_AEAD_MAX_OVERHEAD]; - std::optional<bssl::Span<const uint8_t>> tag = - bssl::iovec::GetAndRemoveSuffix( - bssl::Span(tagbuf).first(ctx->tag_len), - bssl::Span(detached_iovecs)); + std::optional<Span<const uint8_t>> tag = bssl::iovec::GetAndRemoveSuffix( + Span(tagbuf).first(ctx->tag_len), Span(detached_iovecs)); if (!tag.has_value()) { // I.e. no |ctx->tag_len| bytes available. OPENSSL_PUT_ERROR(CIPHER, CIPHER_R_BAD_DECRYPT); @@ -497,11 +497,9 @@ } if (ctx->aead->openv_detached(ctx, detached_iovecs, - bssl::Span(nonce, nonce_len), *tag, - aadvecs)) { + Span(nonce, nonce_len), *tag, aadvecs)) { ok = true; - *out_total_bytes = - bssl::iovec::TotalLength(bssl::Span(detached_iovecs)); + *out_total_bytes = bssl::iovec::TotalLength(Span(detached_iovecs)); return 1; } return 0; @@ -511,8 +509,8 @@ return 0; } - if (ctx->aead->openv(ctx, iovecs, out_total_bytes, - bssl::Span(nonce, nonce_len), aadvecs)) { + if (ctx->aead->openv(ctx, iovecs, out_total_bytes, Span(nonce, nonce_len), + aadvecs)) { ok = true; return 1; } @@ -525,11 +523,11 @@ const uint8_t *nonce, size_t nonce_len, const uint8_t *in_tag, size_t in_tag_len, const CRYPTO_IVEC *aadvec, size_t num_aadvec) { - bssl::Span<const CRYPTO_IOVEC> iovecs(iovec, num_iovec); - bssl::Span<const CRYPTO_IVEC> aadvecs(aadvec, num_aadvec); + Span<const CRYPTO_IOVEC> iovecs(iovec, num_iovec); + Span<const CRYPTO_IVEC> aadvecs(aadvec, num_aadvec); bool ok = false; - bssl::Cleanup cleanup([&] { + Cleanup cleanup([&] { if (!ok) { // In the event of an error, clear the output buffer so that a caller // that doesn't check the return value doesn't try and process bad @@ -566,8 +564,8 @@ return 0; } - if (ctx->aead->openv_detached(ctx, iovecs, bssl::Span(nonce, nonce_len), - bssl::Span(in_tag, in_tag_len), aadvecs)) { + if (ctx->aead->openv_detached(ctx, iovecs, Span(nonce, nonce_len), + Span(in_tag, in_tag_len), aadvecs)) { ok = true; return 1; }
diff --git a/crypto/fipsmodule/delocate.h b/crypto/fipsmodule/delocate.h index b492e6b..9d1f888 100644 --- a/crypto/fipsmodule/delocate.h +++ b/crypto/fipsmodule/delocate.h
@@ -36,26 +36,26 @@ static type *name##_bss_get() { return bcm_##name##_bss_get(); } // For FIPS builds we require that CRYPTO_ONCE_INIT be zero. #define DEFINE_STATIC_ONCE(name) \ - DEFINE_BSS_GET(CRYPTO_once_t, name, CRYPTO_ONCE_INIT) + DEFINE_BSS_GET(bssl::CRYPTO_once_t, name, CRYPTO_ONCE_INIT) // For FIPS builds we require that CRYPTO_MUTEX_INIT be zero. #define DEFINE_STATIC_MUTEX(name) \ - DEFINE_BSS_GET(CRYPTO_MUTEX, name, CRYPTO_MUTEX_INIT) + DEFINE_BSS_GET(bssl::CRYPTO_MUTEX, name, CRYPTO_MUTEX_INIT) // For FIPS builds we require that CRYPTO_EX_DATA_CLASS_INIT be zero. #define DEFINE_STATIC_EX_DATA_CLASS(name) \ - DEFINE_BSS_GET(CRYPTO_EX_DATA_CLASS, name, CRYPTO_EX_DATA_CLASS_INIT) + DEFINE_BSS_GET(bssl::CRYPTO_EX_DATA_CLASS, name, CRYPTO_EX_DATA_CLASS_INIT) #else #define DEFINE_BSS_GET(type, name, init_value) \ static type name = init_value; \ static type *name##_bss_get() { return &name; } -#define DEFINE_STATIC_ONCE(name) \ - static CRYPTO_once_t name = CRYPTO_ONCE_INIT; \ - static CRYPTO_once_t *name##_bss_get() { return &name; } -#define DEFINE_STATIC_MUTEX(name) \ - static CRYPTO_MUTEX name = CRYPTO_MUTEX_INIT; \ - static CRYPTO_MUTEX *name##_bss_get() { return &name; } -#define DEFINE_STATIC_EX_DATA_CLASS(name) \ - static CRYPTO_EX_DATA_CLASS name = CRYPTO_EX_DATA_CLASS_INIT; \ - static CRYPTO_EX_DATA_CLASS *name##_bss_get() { return &name; } +#define DEFINE_STATIC_ONCE(name) \ + static bssl::CRYPTO_once_t name = CRYPTO_ONCE_INIT; \ + static bssl::CRYPTO_once_t *name##_bss_get() { return &name; } +#define DEFINE_STATIC_MUTEX(name) \ + static bssl::CRYPTO_MUTEX name = CRYPTO_MUTEX_INIT; \ + static bssl::CRYPTO_MUTEX *name##_bss_get() { return &name; } +#define DEFINE_STATIC_EX_DATA_CLASS(name) \ + static bssl::CRYPTO_EX_DATA_CLASS name = CRYPTO_EX_DATA_CLASS_INIT; \ + static bssl::CRYPTO_EX_DATA_CLASS *name##_bss_get() { return &name; } #endif #define DEFINE_DATA(type, name, accessor_decorations) \ @@ -64,7 +64,7 @@ static void name##_do_init(type *out); \ static void name##_init() { name##_do_init(name##_storage_bss_get()); } \ accessor_decorations type *name() { \ - CRYPTO_once(name##_once_bss_get(), name##_init); \ + bssl::CRYPTO_once(name##_once_bss_get(), name##_init); \ /* See http://c-faq.com/ansi/constmismatch.html for why the following \ * cast is needed. */ \ return (const type *)name##_storage_bss_get(); \
diff --git a/crypto/fipsmodule/dh/internal.h b/crypto/fipsmodule/dh/internal.h index bb2bd1a..12c8406 100644 --- a/crypto/fipsmodule/dh/internal.h +++ b/crypto/fipsmodule/dh/internal.h
@@ -31,11 +31,11 @@ // the private value will be the same length as |p|. unsigned priv_length; - CRYPTO_MUTEX method_mont_p_lock; + bssl::CRYPTO_MUTEX method_mont_p_lock; BN_MONT_CTX *method_mont_p; int flags; - CRYPTO_refcount_t references; + bssl::CRYPTO_refcount_t references; }; BSSL_NAMESPACE_BEGIN
diff --git a/crypto/fipsmodule/digest/digest.cc.inc b/crypto/fipsmodule/digest/digest.cc.inc index e5b9375..95cad20 100644 --- a/crypto/fipsmodule/digest/digest.cc.inc +++ b/crypto/fipsmodule/digest/digest.cc.inc
@@ -24,6 +24,8 @@ #include "internal.h" +using namespace bssl; + int EVP_MD_type(const EVP_MD *md) { return md->type; } int EVP_MD_nid(const EVP_MD *md) { return EVP_MD_type(md); } @@ -187,7 +189,7 @@ int EVP_Digest(const void *data, size_t count, uint8_t *out_md, unsigned int *out_size, const EVP_MD *type, ENGINE *impl) { - bssl::ScopedEVP_MD_CTX ctx; + ScopedEVP_MD_CTX ctx; return EVP_DigestInit_ex(ctx.get(), type, impl) && EVP_DigestUpdate(ctx.get(), data, count) && EVP_DigestFinal_ex(ctx.get(), out_md, out_size);
diff --git a/crypto/fipsmodule/ec/internal.h b/crypto/fipsmodule/ec/internal.h index 9d1f263..32322e4 100644 --- a/crypto/fipsmodule/ec/internal.h +++ b/crypto/fipsmodule/ec/internal.h
@@ -597,7 +597,7 @@ // otherwise. int field_greater_than_order; - CRYPTO_refcount_t references; + bssl::CRYPTO_refcount_t references; } /* EC_GROUP */; BSSL_NAMESPACE_BEGIN @@ -713,7 +713,7 @@ unsigned int enc_flag; point_conversion_form_t conv_form; - CRYPTO_refcount_t references; + bssl::CRYPTO_refcount_t references; ECDSA_METHOD *ecdsa_meth;
diff --git a/crypto/fipsmodule/ec/p256_test.cc b/crypto/fipsmodule/ec/p256_test.cc index 3ebe854..a8039c3 100644 --- a/crypto/fipsmodule/ec/p256_test.cc +++ b/crypto/fipsmodule/ec/p256_test.cc
@@ -16,6 +16,10 @@ #include "../../internal.h" #include "../../test/abi_test.h" + +BSSL_NAMESPACE_BEGIN +namespace { + #if !defined(OPENSSL_NO_ASM) && defined(__GNUC__) && defined(__x86_64__) && \ defined(SUPPORTS_ABI_TEST) extern "C" { @@ -45,3 +49,6 @@ } } #endif + +} // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/fipsmodule/hkdf/hkdf.cc.inc b/crypto/fipsmodule/hkdf/hkdf.cc.inc index bf496b3..dc868c1 100644 --- a/crypto/fipsmodule/hkdf/hkdf.cc.inc +++ b/crypto/fipsmodule/hkdf/hkdf.cc.inc
@@ -23,6 +23,8 @@ #include "../../internal.h" +using namespace bssl; + int HKDF(uint8_t *out_key, size_t out_len, const EVP_MD *digest, const uint8_t *secret, size_t secret_len, const uint8_t *salt, size_t salt_len, const uint8_t *info, size_t info_len) {
diff --git a/crypto/fipsmodule/hkdf/hkdf_test.cc b/crypto/fipsmodule/hkdf/hkdf_test.cc index a410107..acfc5a3 100644 --- a/crypto/fipsmodule/hkdf/hkdf_test.cc +++ b/crypto/fipsmodule/hkdf/hkdf_test.cc
@@ -27,6 +27,7 @@ #include "../../test/wycheproof_util.h" +BSSL_NAMESPACE_BEGIN namespace { struct HKDFTestVector { @@ -276,8 +277,7 @@ EXPECT_EQ(Bytes(test->out, test->out_len), Bytes(buf, test->out_len)); // Repeat the test with the OpenSSL compatibility |EVP_PKEY_derive| API. - bssl::UniquePtr<EVP_PKEY_CTX> ctx( - EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, nullptr)); + UniquePtr<EVP_PKEY_CTX> ctx(EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, nullptr)); ASSERT_TRUE(ctx); ASSERT_TRUE(EVP_PKEY_derive_init(ctx.get())); ASSERT_TRUE( @@ -289,7 +289,7 @@ EVP_PKEY_CTX_set1_hkdf_salt(ctx.get(), test->salt, test->salt_len)); for (bool copy_ctx : {false, true}) { SCOPED_TRACE(copy_ctx); - bssl::UniquePtr<EVP_PKEY_CTX> copy; + UniquePtr<EVP_PKEY_CTX> copy; EVP_PKEY_CTX *use_ctx = ctx.get(); if (copy_ctx) { copy.reset(EVP_PKEY_CTX_dup(ctx.get())); @@ -335,7 +335,7 @@ test->info_len - half)); for (bool copy_ctx : {false, true}) { SCOPED_TRACE(copy_ctx); - bssl::UniquePtr<EVP_PKEY_CTX> copy; + UniquePtr<EVP_PKEY_CTX> copy; EVP_PKEY_CTX *use_ctx = ctx.get(); if (copy_ctx) { copy.reset(EVP_PKEY_CTX_dup(ctx.get())); @@ -364,7 +364,7 @@ test->info_len - half)); for (bool copy_ctx : {false, true}) { SCOPED_TRACE(copy_ctx); - bssl::UniquePtr<EVP_PKEY_CTX> copy; + UniquePtr<EVP_PKEY_CTX> copy; EVP_PKEY_CTX *use_ctx = ctx.get(); if (copy_ctx) { copy.reset(EVP_PKEY_CTX_dup(ctx.get())); @@ -424,3 +424,4 @@ } } // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/fipsmodule/mldsa/mldsa.cc.inc b/crypto/fipsmodule/mldsa/mldsa.cc.inc index 5c305b2..1914c45 100644 --- a/crypto/fipsmodule/mldsa/mldsa.cc.inc +++ b/crypto/fipsmodule/mldsa/mldsa.cc.inc
@@ -3000,7 +3000,7 @@ sizeof(a_pub->public_key_hash)) == 0; } -int boringssl_self_test_mldsa() { +int bssl::boringssl_self_test_mldsa() { return mldsa::fips::keygen_self_test() && mldsa::fips::sign_self_test() && mldsa::fips::verify_self_test(); }
diff --git a/crypto/fipsmodule/mlkem/mlkem.cc.inc b/crypto/fipsmodule/mlkem/mlkem.cc.inc index 5cd82a4..f813795 100644 --- a/crypto/fipsmodule/mlkem/mlkem.cc.inc +++ b/crypto/fipsmodule/mlkem/mlkem.cc.inc
@@ -1391,7 +1391,7 @@ return bcm_status::approved; } -int boringssl_self_test_mlkem() { +int bssl::boringssl_self_test_mlkem() { return mlkem::fips::keygen_self_test() && mlkem::fips::encap_self_test() && mlkem::fips::decap_self_test(); }
diff --git a/crypto/fipsmodule/rsa/internal.h b/crypto/fipsmodule/rsa/internal.h index 293aa3f..11e6099 100644 --- a/crypto/fipsmodule/rsa/internal.h +++ b/crypto/fipsmodule/rsa/internal.h
@@ -58,10 +58,10 @@ // be careful using this if the RSA structure is shared CRYPTO_EX_DATA ex_data; - CRYPTO_refcount_t references; + bssl::CRYPTO_refcount_t references; int flags; - CRYPTO_MUTEX lock; + bssl::CRYPTO_MUTEX lock; // Used to cache montgomery values. The creation of these values is protected // by |lock|.
diff --git a/crypto/fipsmodule/self_check/fips.cc.inc b/crypto/fipsmodule/self_check/fips.cc.inc index 4d480db..5ed05cb 100644 --- a/crypto/fipsmodule/self_check/fips.cc.inc +++ b/crypto/fipsmodule/self_check/fips.cc.inc
@@ -18,6 +18,8 @@ #include "../delocate.h" +using namespace bssl; + int FIPS_mode() { #if defined(BORINGSSL_FIPS) && !defined(OPENSSL_ASAN) return 1; @@ -92,7 +94,7 @@ return array[index]; } -void boringssl_fips_inc_counter(enum fips_counter_t counter) { +void bssl::boringssl_fips_inc_counter(enum fips_counter_t counter) { size_t index = (size_t)counter; if (index > fips_counter_max) { abort();
diff --git a/crypto/fipsmodule/self_check/self_check.cc.inc b/crypto/fipsmodule/self_check/self_check.cc.inc index bfcc579..2477f36 100644 --- a/crypto/fipsmodule/self_check/self_check.cc.inc +++ b/crypto/fipsmodule/self_check/self_check.cc.inc
@@ -56,8 +56,8 @@ } } -int BORINGSSL_check_test(const void *expected, const void *actual, - size_t expected_len, const char *name) { +int bssl::BORINGSSL_check_test(const void *expected, const void *actual, + size_t expected_len, const char *name) { if (OPENSSL_memcmp(actual, expected, expected_len) != 0) { FILE *err = CRYPTO_get_stderr(); fprintf(err, "%s failed.\nExpected: ", name); @@ -599,7 +599,7 @@ DEFINE_STATIC_ONCE(g_self_test_once_rsa) -void boringssl_ensure_rsa_self_test() { +void bssl::boringssl_ensure_rsa_self_test() { CRYPTO_once(g_self_test_once_rsa_bss_get(), run_self_test_rsa); } @@ -613,7 +613,7 @@ DEFINE_STATIC_ONCE(g_self_test_once_ecc) -void boringssl_ensure_ecc_self_test() { +void bssl::boringssl_ensure_ecc_self_test() { CRYPTO_once(g_self_test_once_ecc_bss_get(), run_self_test_ecc); } @@ -627,7 +627,7 @@ DEFINE_STATIC_ONCE(g_self_test_once_ffdh) -void boringssl_ensure_ffdh_self_test() { +void bssl::boringssl_ensure_ffdh_self_test() { CRYPTO_once(g_self_test_once_ffdh_bss_get(), run_self_test_ffdh); } @@ -638,7 +638,7 @@ // // These tests are run at process start when in FIPS mode. -int boringssl_self_test_sha256() { +int bssl::boringssl_self_test_sha256() { static const uint8_t kInput[16] = { 0xff, 0x3b, 0x85, 0x7d, 0xa7, 0x23, 0x6a, 0x2b, 0xaa, 0x0f, 0x39, 0x6b, 0x51, 0x52, 0x22, 0x17, @@ -656,7 +656,7 @@ sizeof(kPlaintextSHA256), "SHA-256 KAT"); } -int boringssl_self_test_sha512() { +int bssl::boringssl_self_test_sha512() { static const uint8_t kInput[16] = { 0x21, 0x25, 0x12, 0xf8, 0xd2, 0xad, 0x83, 0x22, 0x78, 0x1c, 0x6c, 0x4d, 0x69, 0xa9, 0xda, 0xa1, @@ -677,7 +677,7 @@ sizeof(kPlaintextSHA512), "SHA-512 KAT"); } -int boringssl_self_test_hmac_sha256() { +int bssl::boringssl_self_test_hmac_sha256() { static const uint8_t kInput[16] = { 0xda, 0xd9, 0x12, 0x93, 0xdf, 0xcf, 0x2a, 0x7c, 0x8e, 0xcd, 0x13, 0xfe, 0x35, 0x3f, 0xa7, 0x5b, @@ -1051,5 +1051,5 @@ } #if defined(BORINGSSL_FIPS) -int boringssl_self_test_startup() { return boringssl_self_test_fast(); } +int bssl::boringssl_self_test_startup() { return boringssl_self_test_fast(); } #endif
diff --git a/crypto/fipsmodule/slhdsa/address.h b/crypto/fipsmodule/slhdsa/address.h index 5ee7983..ecc00aaa 100644 --- a/crypto/fipsmodule/slhdsa/address.h +++ b/crypto/fipsmodule/slhdsa/address.h
@@ -36,40 +36,40 @@ static inline void slhdsa_set_chain_addr(const slh_dsa_config *config, uint8_t addr[32], uint32_t chain) { if (config->compressed_addresses) { - CRYPTO_store_u32_be(addr + SLHDSA_ADDR_COMP_OFFSET_CHAIN, chain); + bssl::CRYPTO_store_u32_be(addr + SLHDSA_ADDR_COMP_OFFSET_CHAIN, chain); } else { - CRYPTO_store_u32_be(addr + SLHDSA_ADDR_FULL_OFFSET_CHAIN, chain); + bssl::CRYPTO_store_u32_be(addr + SLHDSA_ADDR_FULL_OFFSET_CHAIN, chain); } } static inline void slhdsa_set_hash_addr(const slh_dsa_config *config, uint8_t addr[32], uint32_t hash) { if (config->compressed_addresses) { - CRYPTO_store_u32_be(addr + SLHDSA_ADDR_COMP_OFFSET_HASH, hash); + bssl::CRYPTO_store_u32_be(addr + SLHDSA_ADDR_COMP_OFFSET_HASH, hash); } else { - CRYPTO_store_u32_be(addr + SLHDSA_ADDR_FULL_OFFSET_HASH, hash); + bssl::CRYPTO_store_u32_be(addr + SLHDSA_ADDR_FULL_OFFSET_HASH, hash); } } static inline void slhdsa_set_keypair_addr(const slh_dsa_config *config, uint8_t addr[32], uint32_t keypair) { if (config->compressed_addresses) { - CRYPTO_store_u32_be(addr + SLHDSA_ADDR_COMP_OFFSET_KEYPAIR, keypair); + bssl::CRYPTO_store_u32_be(addr + SLHDSA_ADDR_COMP_OFFSET_KEYPAIR, keypair); } else { - CRYPTO_store_u32_be(addr + SLHDSA_ADDR_FULL_OFFSET_KEYPAIR, keypair); + bssl::CRYPTO_store_u32_be(addr + SLHDSA_ADDR_FULL_OFFSET_KEYPAIR, keypair); } } static inline void slhdsa_copy_keypair_addr(const slh_dsa_config *config, uint8_t out[32], const uint8_t in[32]) { if (config->compressed_addresses) { - OPENSSL_memcpy(out, in, SLHDSA_ADDR_COMP_OFFSET_TYPE); - OPENSSL_memcpy(out + SLHDSA_ADDR_COMP_OFFSET_KEYPAIR, - in + SLHDSA_ADDR_COMP_OFFSET_KEYPAIR, 4); + bssl::OPENSSL_memcpy(out, in, SLHDSA_ADDR_COMP_OFFSET_TYPE); + bssl::OPENSSL_memcpy(out + SLHDSA_ADDR_COMP_OFFSET_KEYPAIR, + in + SLHDSA_ADDR_COMP_OFFSET_KEYPAIR, 4); } else { - OPENSSL_memcpy(out, in, SLHDSA_ADDR_FULL_OFFSET_TYPE); - OPENSSL_memcpy(out + SLHDSA_ADDR_FULL_OFFSET_KEYPAIR, - in + SLHDSA_ADDR_FULL_OFFSET_KEYPAIR, 4); + bssl::OPENSSL_memcpy(out, in, SLHDSA_ADDR_FULL_OFFSET_TYPE); + bssl::OPENSSL_memcpy(out + SLHDSA_ADDR_FULL_OFFSET_KEYPAIR, + in + SLHDSA_ADDR_FULL_OFFSET_KEYPAIR, 4); } } @@ -78,19 +78,19 @@ if (config->compressed_addresses) { addr[SLHDSA_ADDR_COMP_OFFSET_LAYER] = (uint8_t)layer; } else { - CRYPTO_store_u32_be(addr + SLHDSA_ADDR_FULL_OFFSET_LAYER, layer); + bssl::CRYPTO_store_u32_be(addr + SLHDSA_ADDR_FULL_OFFSET_LAYER, layer); } } static inline void slhdsa_set_tree_addr(const slh_dsa_config *config, uint8_t addr[32], uint64_t tree) { if (config->compressed_addresses) { - CRYPTO_store_u64_be(addr + SLHDSA_ADDR_COMP_OFFSET_TREE, tree); + bssl::CRYPTO_store_u64_be(addr + SLHDSA_ADDR_COMP_OFFSET_TREE, tree); } else { // The tree address is 12 bytes in this configuration. Just zero the top // four bytes. - OPENSSL_memset(addr + SLHDSA_ADDR_FULL_OFFSET_TREE, 0, 4); - CRYPTO_store_u64_be(addr + SLHDSA_ADDR_FULL_OFFSET_TREE + 4, tree); + bssl::OPENSSL_memset(addr + SLHDSA_ADDR_FULL_OFFSET_TREE, 0, 4); + bssl::CRYPTO_store_u64_be(addr + SLHDSA_ADDR_FULL_OFFSET_TREE + 4, tree); } } @@ -101,44 +101,44 @@ // // The behavior here is only correct for the SHA-2 instantiations. if (config->compressed_addresses) { - OPENSSL_memset(addr + SLHDSA_ADDR_COMP_ZERO_START, 0, - SLHDSA_ADDR_COMP_ZERO_LEN); + bssl::OPENSSL_memset(addr + SLHDSA_ADDR_COMP_ZERO_START, 0, + SLHDSA_ADDR_COMP_ZERO_LEN); addr[SLHDSA_ADDR_COMP_OFFSET_TYPE] = (uint8_t)type; } else { - OPENSSL_memset(addr + SLHDSA_ADDR_FULL_ZERO_START, 0, - SLHDSA_ADDR_FULL_ZERO_LEN); - CRYPTO_store_u32_be(addr + SLHDSA_ADDR_FULL_OFFSET_TYPE, type); + bssl::OPENSSL_memset(addr + SLHDSA_ADDR_FULL_ZERO_START, 0, + SLHDSA_ADDR_FULL_ZERO_LEN); + bssl::CRYPTO_store_u32_be(addr + SLHDSA_ADDR_FULL_OFFSET_TYPE, type); } } static inline void slhdsa_set_tree_height(const slh_dsa_config *config, uint8_t addr[32], uint32_t tree_height) { if (config->compressed_addresses) { - CRYPTO_store_u32_be(addr + SLHDSA_ADDR_COMP_OFFSET_TREE_HEIGHT, - tree_height); + bssl::CRYPTO_store_u32_be(addr + SLHDSA_ADDR_COMP_OFFSET_TREE_HEIGHT, + tree_height); } else { - CRYPTO_store_u32_be(addr + SLHDSA_ADDR_FULL_OFFSET_TREE_HEIGHT, - tree_height); + bssl::CRYPTO_store_u32_be(addr + SLHDSA_ADDR_FULL_OFFSET_TREE_HEIGHT, + tree_height); } } static inline void slhdsa_set_tree_index(const slh_dsa_config *config, uint8_t addr[32], uint32_t tree_index) { if (config->compressed_addresses) { - CRYPTO_store_u32_be(addr + SLHDSA_ADDR_COMP_OFFSET_TREE_INDEX, - tree_index); + bssl::CRYPTO_store_u32_be(addr + SLHDSA_ADDR_COMP_OFFSET_TREE_INDEX, + tree_index); } else { - CRYPTO_store_u32_be(addr + SLHDSA_ADDR_FULL_OFFSET_TREE_INDEX, - tree_index); + bssl::CRYPTO_store_u32_be(addr + SLHDSA_ADDR_FULL_OFFSET_TREE_INDEX, + tree_index); } } static inline uint32_t slhdsa_get_tree_index(const slh_dsa_config *config, uint8_t addr[32]) { if (config->compressed_addresses) { - return CRYPTO_load_u32_be(addr + SLHDSA_ADDR_COMP_OFFSET_TREE_INDEX); + return bssl::CRYPTO_load_u32_be(addr + SLHDSA_ADDR_COMP_OFFSET_TREE_INDEX); } - return CRYPTO_load_u32_be(addr + SLHDSA_ADDR_FULL_OFFSET_TREE_INDEX); + return bssl::CRYPTO_load_u32_be(addr + SLHDSA_ADDR_FULL_OFFSET_TREE_INDEX); }
diff --git a/crypto/fipsmodule/slhdsa/slhdsa.cc.inc b/crypto/fipsmodule/slhdsa/slhdsa.cc.inc index b48f8fb..b43f890 100644 --- a/crypto/fipsmodule/slhdsa/slhdsa.cc.inc +++ b/crypto/fipsmodule/slhdsa/slhdsa.cc.inc
@@ -687,7 +687,7 @@ msg_len); } -int boringssl_self_test_slhdsa() { +int bssl::boringssl_self_test_slhdsa() { return fips::keygen_self_test() && fips::sign_self_test() && fips::verify_self_test(); }
diff --git a/crypto/fuzzer_mode.cc b/crypto/fuzzer_mode.cc index 76f7dfc..a002a42 100644 --- a/crypto/fuzzer_mode.cc +++ b/crypto/fuzzer_mode.cc
@@ -17,10 +17,12 @@ #include "internal.h" +using namespace bssl; + #if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) static bssl::Atomic<uint32_t> fuzzer_mode_enabled = 0; -int CRYPTO_fuzzer_mode_enabled() { return fuzzer_mode_enabled.load(); } +int bssl::CRYPTO_fuzzer_mode_enabled() { return fuzzer_mode_enabled.load(); } void CRYPTO_set_fuzzer_mode(int enabled) { fuzzer_mode_enabled.store(!!enabled);
diff --git a/crypto/internal.h b/crypto/internal.h index 7981dfd..7ed4520 100644 --- a/crypto/internal.h +++ b/crypto/internal.h
@@ -58,10 +58,8 @@ #include "intrin.h" #endif -#if defined(__cplusplus) -extern "C" { -#endif +BSSL_NAMESPACE_BEGIN #if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_STATIC_ARMCAP) && \ (defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || \ @@ -83,9 +81,9 @@ #if (defined(OPENSSL_ARM) || defined(OPENSSL_AARCH64)) && \ !defined(OPENSSL_STATIC_ARMCAP) -// OPENSSL_get_armcap_pointer_for_test returns a pointer to |OPENSSL_armcap_P| -// for unit tests. Any modifications to the value must be made before any other -// function call in BoringSSL. +// OPENSSL_get_armcap_pointer_for_test returns a pointer to +// |OPENSSL_armcap_P| for unit tests. Any modifications to the value must be +// made before any other function call in BoringSSL. OPENSSL_EXPORT uint32_t *OPENSSL_get_armcap_pointer_for_test(); #endif @@ -550,8 +548,6 @@ // std::memory_order, we will need to wrap these too, or fix the embedded // platforms to provide a no-op std::atomic. See https://crbug.com/442112336. -extern "C++" { -BSSL_NAMESPACE_BEGIN #if defined(OPENSSL_THREADS) template <typename T> using Atomic = std::atomic<T>; @@ -591,8 +587,6 @@ T value_; }; #endif -BSSL_NAMESPACE_END -} // extern "C++" // Reference counting. @@ -600,7 +594,7 @@ // CRYPTO_REFCOUNT_MAX is the value at which the reference count saturates. #define CRYPTO_REFCOUNT_MAX 0xffffffff -using CRYPTO_refcount_t = bssl::Atomic<uint32_t>; +using CRYPTO_refcount_t = Atomic<uint32_t>; // CRYPTO_refcount_inc atomically increments the value at |*count| unless the // value would overflow. It's safe for multiple threads to concurrently call @@ -657,11 +651,6 @@ // CRYPTO_MUTEX_cleanup releases all resources held by |lock|. OPENSSL_EXPORT void CRYPTO_MUTEX_cleanup(CRYPTO_MUTEX *lock); -#if defined(__cplusplus) -extern "C++" { - -BSSL_NAMESPACE_BEGIN - namespace internal { // MutexLockBase is a RAII helper for CRYPTO_MUTEX locking. @@ -688,11 +677,6 @@ using MutexReadLock = internal::MutexLockBase<CRYPTO_MUTEX_lock_read, CRYPTO_MUTEX_unlock_read>; -BSSL_NAMESPACE_END - -} // extern "C++" -#endif // defined(__cplusplus) - // Thread local storage. @@ -736,10 +720,14 @@ // ex_data +BSSL_NAMESPACE_END + struct crypto_ex_data_st { STACK_OF(void) *sk; } /* CRYPTO_EX_DATA */; +BSSL_NAMESPACE_BEGIN + typedef struct crypto_ex_data_func_st CRYPTO_EX_DATA_FUNCS; // CRYPTO_EX_DATA_CLASS tracks the ex_indices registered for a type which @@ -752,7 +740,7 @@ // final entry of |funcs|, or NULL if empty. CRYPTO_EX_DATA_FUNCS *funcs, *last; // num_funcs is the number of entries in |funcs|. - bssl::Atomic<uint32_t> num_funcs; + Atomic<uint32_t> num_funcs; // num_reserved is one if the ex_data index zero is reserved for legacy // |TYPE_get_app_data| functions. uint8_t num_reserved; @@ -836,9 +824,6 @@ // Note |OPENSSL_memcmp| is a different function from |CRYPTO_memcmp|. // C++ defines |memchr| as a const-correct overload. -#if defined(__cplusplus) -extern "C++" { - static inline const void *OPENSSL_memchr(const void *s, int c, size_t n) { if (n == 0) { return nullptr; @@ -855,19 +840,6 @@ return memchr(s, c, n); } -} // extern "C++" -#else // __cplusplus - -static inline void *OPENSSL_memchr(const void *s, int c, size_t n) { - if (n == 0) { - return nullptr; - } - - return memchr(s, c, n); -} - -#endif // __cplusplus - static inline int OPENSSL_memcmp(const void *s1, const void *s2, size_t n) { if (n == 0) { return 0; @@ -1442,7 +1414,7 @@ // 5: vpaes_set_encrypt_key // 6: aes_gcm_enc_update_vaes_avx2 // 7: aes_gcm_enc_update_vaes_avx512 -extern uint8_t BORINGSSL_function_hit[8]; +extern "C" uint8_t BORINGSSL_function_hit[8]; #endif // BORINGSSL_DISPATCH_TEST @@ -1467,10 +1439,6 @@ #endif -#if defined(__cplusplus) -} // extern C -#endif - // Arithmetic functions. // CRYPTO_addc_* returns |x + y + carry|, and sets |*out_carry| to the carry @@ -1623,7 +1591,6 @@ #endif -BSSL_NAMESPACE_BEGIN // Cleanup implements a custom scope guard, when the cleanup logic does not fit // in a destructor. Usage: // @@ -1644,6 +1611,7 @@ }; template <typename F> Cleanup(F func) -> Cleanup<F>; + BSSL_NAMESPACE_END
diff --git a/crypto/md4/md4.cc b/crypto/md4/md4.cc index 10a8130..d72c46b 100644 --- a/crypto/md4/md4.cc +++ b/crypto/md4/md4.cc
@@ -23,6 +23,8 @@ #include "../internal.h" +using namespace bssl; + uint8_t *MD4(const uint8_t *data, size_t len, uint8_t out[MD4_DIGEST_LENGTH]) { MD4_CTX ctx; MD4_Init(&ctx); @@ -63,13 +65,13 @@ } // namespace int MD4_Update(MD4_CTX *c, const void *data, size_t len) { - bssl::crypto_md32_update<MD4Traits>( - c, bssl::Span(static_cast<const uint8_t *>(data), len)); + crypto_md32_update<MD4Traits>(c, + Span(static_cast<const uint8_t *>(data), len)); return 1; } int MD4_Final(uint8_t out[MD4_DIGEST_LENGTH], MD4_CTX *c) { - bssl::crypto_md32_final<MD4Traits>(c); + crypto_md32_final<MD4Traits>(c); CRYPTO_store_u32_le(out, c->h[0]); CRYPTO_store_u32_le(out + 4, c->h[1]); CRYPTO_store_u32_le(out + 8, c->h[2]);
diff --git a/crypto/md5/internal.h b/crypto/md5/internal.h index dda558c..428b5a6 100644 --- a/crypto/md5/internal.h +++ b/crypto/md5/internal.h
@@ -17,21 +17,18 @@ #include <openssl/base.h> -#if defined(__cplusplus) -extern "C" { -#endif +#include "../internal.h" +BSSL_NAMESPACE_BEGIN + #if !defined(OPENSSL_NO_ASM) && \ (defined(OPENSSL_X86_64) || defined(OPENSSL_X86)) #define MD5_ASM -extern void md5_block_asm_data_order(uint32_t *state, const uint8_t *data, - size_t num); +extern "C" void md5_block_asm_data_order(uint32_t *state, const uint8_t *data, + size_t num); #endif - -#if defined(__cplusplus) -} // extern C -#endif +BSSL_NAMESPACE_END #endif // OPENSSL_HEADER_CRYPTO_MD5_INTERNAL_H
diff --git a/crypto/md5/md5.cc b/crypto/md5/md5.cc index 3bd2a2b..0604ddc 100644 --- a/crypto/md5/md5.cc +++ b/crypto/md5/md5.cc
@@ -24,6 +24,8 @@ #include "internal.h" +using namespace bssl; + uint8_t *MD5(const uint8_t *data, size_t len, uint8_t out[MD5_DIGEST_LENGTH]) { MD5_CTX ctx; MD5_Init(&ctx); @@ -66,13 +68,13 @@ } // namespace int MD5_Update(MD5_CTX *c, const void *data, size_t len) { - bssl::crypto_md32_update<MD5Traits>( - c, bssl::Span(static_cast<const uint8_t *>(data), len)); + crypto_md32_update<MD5Traits>(c, + Span(static_cast<const uint8_t *>(data), len)); return 1; } int MD5_Final(uint8_t out[MD5_DIGEST_LENGTH], MD5_CTX *c) { - bssl::crypto_md32_final<MD5Traits>(c); + crypto_md32_final<MD5Traits>(c); CRYPTO_store_u32_le(out, c->h[0]); CRYPTO_store_u32_le(out + 4, c->h[1]); CRYPTO_store_u32_le(out + 8, c->h[2]);
diff --git a/crypto/md5/md5_test.cc b/crypto/md5/md5_test.cc index 5e68d80..abe692f 100644 --- a/crypto/md5/md5_test.cc +++ b/crypto/md5/md5_test.cc
@@ -16,10 +16,13 @@ #include <gtest/gtest.h> -#include "internal.h" #include "../test/abi_test.h" +#include "internal.h" +BSSL_NAMESPACE_BEGIN +namespace { + #if defined(MD5_ASM) && defined(SUPPORTS_ABI_TEST) TEST(MD5Test, ABI) { MD5_CTX ctx; @@ -32,3 +35,6 @@ CHECK_ABI(md5_block_asm_data_order, ctx.h, kBuf, 8); } #endif // MD5_ASM && SUPPORTS_ABI_TEST + +} // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/mem.cc b/crypto/mem.cc index 8f1856a..b0046c1 100644 --- a/crypto/mem.cc +++ b/crypto/mem.cc
@@ -36,6 +36,8 @@ #include "internal.h" +using namespace bssl; + #define OPENSSL_MALLOC_PREFIX 8 static_assert(OPENSSL_MALLOC_PREFIX >= sizeof(size_t), "size_t too large"); @@ -158,20 +160,20 @@ return should_fail; } -void OPENSSL_reset_malloc_counter_for_testing() { +void bssl::OPENSSL_reset_malloc_counter_for_testing() { CRYPTO_MUTEX_lock_write(&malloc_failure_lock); current_malloc_count = 0; CRYPTO_MUTEX_unlock_write(&malloc_failure_lock); } -void OPENSSL_disable_malloc_failures_for_testing() { +void bssl::OPENSSL_disable_malloc_failures_for_testing() { CRYPTO_MUTEX_lock_write(&malloc_failure_lock); BSSL_CHECK(!disable_malloc_failures); disable_malloc_failures = 1; CRYPTO_MUTEX_unlock_write(&malloc_failure_lock); } -void OPENSSL_enable_malloc_failures_for_testing() { +void bssl::OPENSSL_enable_malloc_failures_for_testing() { CRYPTO_MUTEX_lock_write(&malloc_failure_lock); BSSL_CHECK(disable_malloc_failures); disable_malloc_failures = 0; @@ -456,8 +458,8 @@ return vsnprintf(buf, n, format, args); } -int OPENSSL_vasprintf_internal(char **str, const char *format, va_list args, - int system_malloc) { +int bssl::OPENSSL_vasprintf_internal(char **str, const char *format, + va_list args, int system_malloc) { void *(*allocate)(size_t) = system_malloc ? malloc : OPENSSL_malloc; void (*deallocate)(void *) = system_malloc ? free : OPENSSL_free; void *(*reallocate)(void *, size_t) =
diff --git a/crypto/obj/obj_test.cc b/crypto/obj/obj_test.cc index 87eb212..9e54ff8 100644 --- a/crypto/obj/obj_test.cc +++ b/crypto/obj/obj_test.cc
@@ -22,6 +22,9 @@ #include "../internal.h" +BSSL_NAMESPACE_BEGIN +namespace { + TEST(ObjTest, TestBasic) { static const int kNID = NID_sha256WithRSAEncryption; static const char kShortName[] = "RSA-SHA256"; @@ -79,7 +82,7 @@ static bool ExpectObj2Txt(const uint8_t *der, size_t der_len, bool always_return_oid, const char *expected) { - bssl::UniquePtr<ASN1_OBJECT> obj( + UniquePtr<ASN1_OBJECT> obj( ASN1_OBJECT_create(NID_undef, der, static_cast<int>(der_len), /*sn=*/nullptr, /*ln=*/nullptr)); if (!obj) { @@ -175,7 +178,7 @@ // kNonMinimalOID is kBasicConstraints with the final component non-minimally // encoded. static const uint8_t kNonMinimalOID[] = {0x55, 0x1d, 0x80, 0x13}; - bssl::UniquePtr<ASN1_OBJECT> obj( + UniquePtr<ASN1_OBJECT> obj( ASN1_OBJECT_create(NID_undef, kNonMinimalOID, sizeof(kNonMinimalOID), /*sn=*/nullptr, /*ln=*/nullptr)); ASSERT_TRUE(obj); @@ -200,3 +203,6 @@ ASSERT_TRUE(obj); ASSERT_EQ(-1, OBJ_obj2txt(nullptr, 0, obj.get(), 0)); } + +} // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/pkcs8/pkcs8_test.cc b/crypto/pkcs8/pkcs8_test.cc index 5a3fb49..6080b5f 100644 --- a/crypto/pkcs8/pkcs8_test.cc +++ b/crypto/pkcs8/pkcs8_test.cc
@@ -22,6 +22,9 @@ #include "../internal.h" +BSSL_NAMESPACE_BEGIN +namespace { + // kEncryptedPBES2WithDESAndSHA1 is a PKCS#8 encrypted private key using PBES2 // with DES-EDE3-CBC and HMAC-SHA-1 and a password of "testing". It was // generated with: @@ -196,11 +199,11 @@ static void TestDecrypt(const uint8_t *der, size_t der_len, const char *password) { const uint8_t *data = der; - bssl::UniquePtr<X509_SIG> sig(d2i_X509_SIG(nullptr, &data, der_len)); + UniquePtr<X509_SIG> sig(d2i_X509_SIG(nullptr, &data, der_len)); ASSERT_TRUE(sig.get()); ASSERT_EQ(der + der_len, data); - bssl::UniquePtr<PKCS8_PRIV_KEY_INFO> keypair( + UniquePtr<PKCS8_PRIV_KEY_INFO> keypair( PKCS8_decrypt(sig.get(), password, -1)); ASSERT_TRUE(keypair); } @@ -224,22 +227,22 @@ }; const uint8_t *ptr = kSampleKey; - bssl::UniquePtr<PKCS8_PRIV_KEY_INFO> key( + UniquePtr<PKCS8_PRIV_KEY_INFO> key( d2i_PKCS8_PRIV_KEY_INFO(nullptr, &ptr, sizeof(kSampleKey))); ASSERT_TRUE(key); ASSERT_EQ(kSampleKey + sizeof(kSampleKey), ptr); - bssl::UniquePtr<X509_SIG> encrypted(PKCS8_encrypt( + UniquePtr<X509_SIG> encrypted(PKCS8_encrypt( pbe_nid, cipher, password, -1, salt, salt_len, iterations, key.get())); ASSERT_TRUE(encrypted); - bssl::UniquePtr<PKCS8_PRIV_KEY_INFO> key2( + UniquePtr<PKCS8_PRIV_KEY_INFO> key2( PKCS8_decrypt(encrypted.get(), password, -1)); ASSERT_TRUE(key2); uint8_t *encoded = nullptr; int len = i2d_PKCS8_PRIV_KEY_INFO(key2.get(), &encoded); - bssl::UniquePtr<uint8_t> free_encoded(encoded); + UniquePtr<uint8_t> free_encoded(encoded); ASSERT_GE(len, 0); ASSERT_EQ(static_cast<size_t>(len), sizeof(kSampleKey)); ASSERT_EQ(0, OPENSSL_memcmp(encoded, kSampleKey, sizeof(kSampleKey))); @@ -326,13 +329,13 @@ }; const uint8_t *ptr = kSampleKey; - bssl::UniquePtr<PKCS8_PRIV_KEY_INFO> key( + UniquePtr<PKCS8_PRIV_KEY_INFO> key( d2i_PKCS8_PRIV_KEY_INFO(nullptr, &ptr, sizeof(kSampleKey))); ASSERT_TRUE(key); ASSERT_EQ(kSampleKey + sizeof(kSampleKey), ptr); - bssl::UniquePtr<X509_SIG> encrypted(PKCS8_encrypt( - NID_pbes2, nullptr, "password", -1, nullptr, 0, 0, key.get())); + UniquePtr<X509_SIG> encrypted(PKCS8_encrypt(NID_pbes2, nullptr, "password", + -1, nullptr, 0, 0, key.get())); EXPECT_FALSE(encrypted); encrypted.reset(PKCS8_encrypt(NID_undef, nullptr, "password", -1, nullptr, 0, @@ -343,3 +346,6 @@ nullptr, 0, 0, key.get())); EXPECT_FALSE(encrypted); } + +} // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/poly1305/poly1305_arm.cc b/crypto/poly1305/poly1305_arm.cc index dc03285..318b657 100644 --- a/crypto/poly1305/poly1305_arm.cc +++ b/crypto/poly1305/poly1305_arm.cc
@@ -26,6 +26,8 @@ #if defined(OPENSSL_POLY1305_NEON) +using namespace bssl; + typedef struct { uint32_t v[12]; // for alignment; only using 10 } fe1305x2;
diff --git a/crypto/poly1305/poly1305_test.cc b/crypto/poly1305/poly1305_test.cc index 6baa415..bb50fdd 100644 --- a/crypto/poly1305/poly1305_test.cc +++ b/crypto/poly1305/poly1305_test.cc
@@ -26,6 +26,9 @@ #include "../test/test_util.h" +BSSL_NAMESPACE_BEGIN +namespace { + static void TestSIMD(unsigned excess, const std::vector<uint8_t> &key, const std::vector<uint8_t> &in, const std::vector<uint8_t> &mac) { @@ -111,3 +114,6 @@ TestSIMD(48, key, in, mac); }); } + +} // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/poly1305/poly1305_vec.cc b/crypto/poly1305/poly1305_vec.cc index 74f144e..20f090f 100644 --- a/crypto/poly1305/poly1305_vec.cc +++ b/crypto/poly1305/poly1305_vec.cc
@@ -29,6 +29,9 @@ #include <emmintrin.h> + +using namespace bssl; + typedef __m128i xmmi; alignas(16) static const uint32_t poly1305_x64_sse2_message_mask[4] = {
diff --git a/crypto/pool/internal.h b/crypto/pool/internal.h index 7f7e856..57d468c 100644 --- a/crypto/pool/internal.h +++ b/crypto/pool/internal.h
@@ -29,13 +29,13 @@ CRYPTO_BUFFER_POOL *pool; uint8_t *data; size_t len; - CRYPTO_refcount_t references; + bssl::CRYPTO_refcount_t references; int data_is_static; }; struct crypto_buffer_pool_st { LHASH_OF(CRYPTO_BUFFER) *bufs; - CRYPTO_MUTEX lock; + bssl::CRYPTO_MUTEX lock; const uint64_t hash_key[2]; };
diff --git a/crypto/rand/fork_detect.cc b/crypto/rand/fork_detect.cc index 269be7e..d8ca39a 100644 --- a/crypto/rand/fork_detect.cc +++ b/crypto/rand/fork_detect.cc
@@ -43,7 +43,7 @@ static int g_force_madv_wipeonfork_enabled; static CRYPTO_once_t g_fork_detect_once = CRYPTO_ONCE_INIT; static CRYPTO_MUTEX g_fork_detect_lock = CRYPTO_MUTEX_INIT; -static bssl::Atomic<uint32_t> *g_fork_detect_addr; +static Atomic<uint32_t> *g_fork_detect_addr; static uint64_t g_fork_generation; static void init_fork_detect() {
diff --git a/crypto/refcount.cc b/crypto/refcount.cc index f3ebd20..d5589db 100644 --- a/crypto/refcount.cc +++ b/crypto/refcount.cc
@@ -18,7 +18,9 @@ #include <stdlib.h> -void CRYPTO_refcount_inc(CRYPTO_refcount_t *count) { +using namespace bssl; + +void bssl::CRYPTO_refcount_inc(CRYPTO_refcount_t *count) { uint32_t expected = count->load(); while (expected != CRYPTO_REFCOUNT_MAX) { @@ -29,7 +31,7 @@ } } -int CRYPTO_refcount_dec_and_test_zero(CRYPTO_refcount_t *count) { +int bssl::CRYPTO_refcount_dec_and_test_zero(CRYPTO_refcount_t *count) { uint32_t expected = count->load(); for (;;) {
diff --git a/crypto/refcount_test.cc b/crypto/refcount_test.cc index 410cbd7..1ec8a73 100644 --- a/crypto/refcount_test.cc +++ b/crypto/refcount_test.cc
@@ -21,6 +21,9 @@ #endif +BSSL_NAMESPACE_BEGIN +namespace { + TEST(RefCountTest, Basic) { CRYPTO_refcount_t count = 0; @@ -77,3 +80,6 @@ } } #endif + +} // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/siphash/siphash.cc b/crypto/siphash/siphash.cc index d578798..551f037 100644 --- a/crypto/siphash/siphash.cc +++ b/crypto/siphash/siphash.cc
@@ -20,6 +20,8 @@ #include "../internal.h" +using namespace bssl; + static void siphash_round(uint64_t v[4]) { v[0] += v[1]; v[2] += v[3];
diff --git a/crypto/stack/stack.cc b/crypto/stack/stack.cc index 249433f..e46dfeb 100644 --- a/crypto/stack/stack.cc +++ b/crypto/stack/stack.cc
@@ -23,6 +23,8 @@ #include "../internal.h" +using namespace bssl; + struct stack_st { // num contains the number of valid pointers in |data|. size_t num;
diff --git a/crypto/test/abi_test.cc b/crypto/test/abi_test.cc index bc6ba73..ce0fb04 100644 --- a/crypto/test/abi_test.cc +++ b/crypto/test/abi_test.cc
@@ -51,6 +51,7 @@ #endif +BSSL_NAMESPACE_BEGIN namespace abi_test { namespace internal { @@ -139,17 +140,17 @@ return ret; } -static void StrCatSignalSafeImpl(bssl::Span<char> out) {} +static void StrCatSignalSafeImpl(Span<char> out) {} template <typename... Args> -static void StrCatSignalSafeImpl(bssl::Span<char> out, const char *str, +static void StrCatSignalSafeImpl(Span<char> out, const char *str, Args... args) { OPENSSL_strlcat(out.data(), str, out.size()); StrCatSignalSafeImpl(out, args...); } template <typename... Args> -static void StrCatSignalSafe(bssl::Span<char> out, Args... args) { +static void StrCatSignalSafe(Span<char> out, Args... args) { if (out.empty()) { return; } @@ -374,7 +375,7 @@ size_t len = strlen(starting_ip_buf_); // Print the offset in decimal, to match gdb's disassembly output and ease // debugging. - StrCatSignalSafe(bssl::Span<char>(starting_ip_buf_).subspan(len), "+", + StrCatSignalSafe(Span<char>(starting_ip_buf_).subspan(len), "+", WordToDecimal(off).data(), " (0x", WordToHex(starting_ip_).data(), ")"); return starting_ip_buf_; @@ -765,3 +766,4 @@ bool UnwindTestsEnabled() { return internal::g_unwind_tests_enabled; } } // namespace abi_test +BSSL_NAMESPACE_END
diff --git a/crypto/test/abi_test.h b/crypto/test/abi_test.h index 68a9022..cb084bd 100644 --- a/crypto/test/abi_test.h +++ b/crypto/test/abi_test.h
@@ -26,6 +26,7 @@ #include "../internal.h" +BSSL_NAMESPACE_BEGIN // abi_test provides routines for verifying that functions satisfy platform ABI // requirements. namespace abi_test { @@ -396,14 +397,14 @@ #endif // CHECK_ABI_SEH behaves like |CHECK_ABI| but enables unwind testing on Windows. -#define CHECK_ABI_SEH(...) \ - abi_test::internal::CheckGTest(#__VA_ARGS__, __FILE__, __LINE__, true, \ - __VA_ARGS__) +#define CHECK_ABI_SEH(...) \ + bssl::abi_test::internal::CheckGTest(#__VA_ARGS__, __FILE__, __LINE__, true, \ + __VA_ARGS__) // CHECK_ABI_NO_UNWIND behaves like |CHECK_ABI| but disables unwind testing. -#define CHECK_ABI_NO_UNWIND(...) \ - abi_test::internal::CheckGTest(#__VA_ARGS__, __FILE__, __LINE__, false, \ - __VA_ARGS__) +#define CHECK_ABI_NO_UNWIND(...) \ + bssl::abi_test::internal::CheckGTest(#__VA_ARGS__, __FILE__, __LINE__, \ + false, __VA_ARGS__) // Internal functions. @@ -478,5 +479,7 @@ } // extern C #endif // SUPPORTS_ABI_TEST +BSSL_NAMESPACE_END + #endif // OPENSSL_HEADER_CRYPTO_TEST_ABI_TEST_H
diff --git a/crypto/test/gtest_main.cc b/crypto/test/gtest_main.cc index 441e333..639924e 100644 --- a/crypto/test/gtest_main.cc +++ b/crypto/test/gtest_main.cc
@@ -25,9 +25,11 @@ #include "../internal.h" +using namespace bssl; + int main(int argc, char **argv) { testing::InitGoogleMock(&argc, argv); - bssl::SetupGoogleTest(); + SetupGoogleTest(); bool unwind_tests = true; for (int i = 1; i < argc; i++) {
diff --git a/crypto/thread_none.cc b/crypto/thread_none.cc index e95d693..19869ef 100644 --- a/crypto/thread_none.cc +++ b/crypto/thread_none.cc
@@ -16,19 +16,22 @@ #if !defined(OPENSSL_THREADS) -void CRYPTO_MUTEX_init(CRYPTO_MUTEX *lock) {} -void CRYPTO_MUTEX_lock_read(CRYPTO_MUTEX *lock) {} +using namespace bssl; -void CRYPTO_MUTEX_lock_write(CRYPTO_MUTEX *lock) {} +void bssl::CRYPTO_MUTEX_init(CRYPTO_MUTEX *lock) {} -void CRYPTO_MUTEX_unlock_read(CRYPTO_MUTEX *lock) {} +void bssl::CRYPTO_MUTEX_lock_read(CRYPTO_MUTEX *lock) {} -void CRYPTO_MUTEX_unlock_write(CRYPTO_MUTEX *lock) {} +void bssl::CRYPTO_MUTEX_lock_write(CRYPTO_MUTEX *lock) {} -void CRYPTO_MUTEX_cleanup(CRYPTO_MUTEX *lock) {} +void bssl::CRYPTO_MUTEX_unlock_read(CRYPTO_MUTEX *lock) {} -void CRYPTO_once(CRYPTO_once_t *once, void (*init)()) { +void bssl::CRYPTO_MUTEX_unlock_write(CRYPTO_MUTEX *lock) {} + +void bssl::CRYPTO_MUTEX_cleanup(CRYPTO_MUTEX *lock) {} + +void bssl::CRYPTO_once(CRYPTO_once_t *once, void (*init)()) { if (*once) { return; } @@ -38,12 +41,12 @@ static void *g_thread_locals[NUM_OPENSSL_THREAD_LOCALS]; -void *CRYPTO_get_thread_local(thread_local_data_t index) { +void *bssl::CRYPTO_get_thread_local(thread_local_data_t index) { return g_thread_locals[index]; } -int CRYPTO_set_thread_local(thread_local_data_t index, void *value, - thread_local_destructor_t destructor) { +int bssl::CRYPTO_set_thread_local(thread_local_data_t index, void *value, + thread_local_destructor_t destructor) { g_thread_locals[index] = value; return 1; }
diff --git a/crypto/thread_pthread.cc b/crypto/thread_pthread.cc index ebb3b56..68552d4 100644 --- a/crypto/thread_pthread.cc +++ b/crypto/thread_pthread.cc
@@ -23,39 +23,43 @@ #include <stdlib.h> #include <string.h> -void CRYPTO_MUTEX_init(CRYPTO_MUTEX *lock) { +using namespace bssl; + +void bssl::CRYPTO_MUTEX_init(CRYPTO_MUTEX *lock) { if (pthread_rwlock_init(lock, nullptr) != 0) { abort(); } } -void CRYPTO_MUTEX_lock_read(CRYPTO_MUTEX *lock) { +void bssl::CRYPTO_MUTEX_lock_read(CRYPTO_MUTEX *lock) { if (pthread_rwlock_rdlock(lock) != 0) { abort(); } } -void CRYPTO_MUTEX_lock_write(CRYPTO_MUTEX *lock) { +void bssl::CRYPTO_MUTEX_lock_write(CRYPTO_MUTEX *lock) { if (pthread_rwlock_wrlock(lock) != 0) { abort(); } } -void CRYPTO_MUTEX_unlock_read(CRYPTO_MUTEX *lock) { +void bssl::CRYPTO_MUTEX_unlock_read(CRYPTO_MUTEX *lock) { if (pthread_rwlock_unlock(lock) != 0) { abort(); } } -void CRYPTO_MUTEX_unlock_write(CRYPTO_MUTEX *lock) { +void bssl::CRYPTO_MUTEX_unlock_write(CRYPTO_MUTEX *lock) { if (pthread_rwlock_unlock(lock) != 0) { abort(); } } -void CRYPTO_MUTEX_cleanup(CRYPTO_MUTEX *lock) { pthread_rwlock_destroy(lock); } +void bssl::CRYPTO_MUTEX_cleanup(CRYPTO_MUTEX *lock) { + pthread_rwlock_destroy(lock); +} -void CRYPTO_once(CRYPTO_once_t *once, void (*init)()) { +void bssl::CRYPTO_once(bssl::CRYPTO_once_t *once, void (*init)()) { if (pthread_once(once, init) != 0) { abort(); } @@ -98,7 +102,7 @@ pthread_key_create(&g_thread_local_key, thread_local_destructor) == 0; } -void *CRYPTO_get_thread_local(thread_local_data_t index) { +void *bssl::CRYPTO_get_thread_local(thread_local_data_t index) { CRYPTO_once(&g_thread_local_init_once, thread_local_init); if (!g_thread_local_key_created) { return nullptr; @@ -112,8 +116,8 @@ return pointers[index]; } -int CRYPTO_set_thread_local(thread_local_data_t index, void *value, - thread_local_destructor_t destructor) { +int bssl::CRYPTO_set_thread_local(thread_local_data_t index, void *value, + thread_local_destructor_t destructor) { CRYPTO_once(&g_thread_local_init_once, thread_local_init); if (!g_thread_local_key_created) { destructor(value);
diff --git a/crypto/thread_test.cc b/crypto/thread_test.cc index f1e0937..b9d7874 100644 --- a/crypto/thread_test.cc +++ b/crypto/thread_test.cc
@@ -26,6 +26,9 @@ #include "test/test_util.h" +BSSL_NAMESPACE_BEGIN +namespace { + #if defined(OPENSSL_THREADS) static unsigned g_once_init_called = 0; @@ -146,3 +149,6 @@ } #endif // OPENSSL_THREADS + +} // namespace +BSSL_NAMESPACE_END
diff --git a/crypto/thread_win.cc b/crypto/thread_win.cc index 5d15058..139f7a4 100644 --- a/crypto/thread_win.cc +++ b/crypto/thread_win.cc
@@ -24,42 +24,46 @@ #include <stdlib.h> #include <string.h> +using namespace bssl; + static BOOL CALLBACK call_once_init(INIT_ONCE *once, void *arg, void **out) { void (**init)() = (void (**)())arg; (**init)(); return TRUE; } -void CRYPTO_once(CRYPTO_once_t *once, void (*init)()) { +void bssl::CRYPTO_once(CRYPTO_once_t *once, void (*init)()) { if (!InitOnceExecuteOnce(once, call_once_init, &init, nullptr)) { abort(); } } -void CRYPTO_MUTEX_init(CRYPTO_MUTEX *lock) { InitializeSRWLock(lock); } +void bssl::CRYPTO_MUTEX_init(CRYPTO_MUTEX *lock) { InitializeSRWLock(lock); } -void CRYPTO_MUTEX_lock_read(CRYPTO_MUTEX *lock) { AcquireSRWLockShared(lock); } +void bssl::CRYPTO_MUTEX_lock_read(CRYPTO_MUTEX *lock) { + AcquireSRWLockShared(lock); +} -void CRYPTO_MUTEX_lock_write(CRYPTO_MUTEX *lock) { +void bssl::CRYPTO_MUTEX_lock_write(CRYPTO_MUTEX *lock) { AcquireSRWLockExclusive(lock); } -void CRYPTO_MUTEX_unlock_read(CRYPTO_MUTEX *lock) { +void bssl::CRYPTO_MUTEX_unlock_read(CRYPTO_MUTEX *lock) { ReleaseSRWLockShared(lock); } -void CRYPTO_MUTEX_unlock_write(CRYPTO_MUTEX *lock) { +void bssl::CRYPTO_MUTEX_unlock_write(CRYPTO_MUTEX *lock) { ReleaseSRWLockExclusive(lock); } -void CRYPTO_MUTEX_cleanup(CRYPTO_MUTEX *lock) { +void bssl::CRYPTO_MUTEX_cleanup(CRYPTO_MUTEX *lock) { // SRWLOCKs require no cleanup. } static SRWLOCK g_destructors_lock = SRWLOCK_INIT; static thread_local_destructor_t g_destructors[NUM_OPENSSL_THREAD_LOCALS]; -static CRYPTO_once_t g_thread_local_init_once = CRYPTO_ONCE_INIT; +static bssl::CRYPTO_once_t g_thread_local_init_once = CRYPTO_ONCE_INIT; static DWORD g_thread_local_key; static int g_thread_local_failed; @@ -190,7 +194,7 @@ return ret; } -void *CRYPTO_get_thread_local(thread_local_data_t index) { +void *bssl::CRYPTO_get_thread_local(thread_local_data_t index) { CRYPTO_once(&g_thread_local_init_once, thread_local_init); if (g_thread_local_failed) { return nullptr; @@ -203,8 +207,8 @@ return pointers[index]; } -int CRYPTO_set_thread_local(thread_local_data_t index, void *value, - thread_local_destructor_t destructor) { +int bssl::CRYPTO_set_thread_local(thread_local_data_t index, void *value, + thread_local_destructor_t destructor) { CRYPTO_once(&g_thread_local_init_once, thread_local_init); if (g_thread_local_failed) { destructor(value);
diff --git a/crypto/x509/internal.h b/crypto/x509/internal.h index 482ca04..06de7bf 100644 --- a/crypto/x509/internal.h +++ b/crypto/x509/internal.h
@@ -37,7 +37,7 @@ void x509_pubkey_cleanup(X509_PUBKEY *key); int x509_parse_public_key(CBS *cbs, X509_PUBKEY *out, - bssl::Span<const EVP_PKEY_ALG *const> algs); + Span<const EVP_PKEY_ALG *const> algs); int x509_marshal_public_key(CBB *cbb, const X509_PUBKEY *in); int x509_pubkey_set1(X509_PUBKEY *key, EVP_PKEY *pkey); @@ -139,7 +139,7 @@ // TODO(davidben): Now every parsed |X509| has an underlying |CRYPTO_BUFFER|, // but |X509|s created peacemeal do not. Can we make this more uniform? CRYPTO_BUFFER *buf; - CRYPTO_refcount_t references; + bssl::CRYPTO_refcount_t references; CRYPTO_EX_DATA ex_data; // These contain copies of various extension values long ex_pathlen; @@ -153,7 +153,7 @@ NAME_CONSTRAINTS *nc; unsigned char cert_hash[SHA256_DIGEST_LENGTH]; bssl::X509_CERT_AUX *aux; - CRYPTO_MUTEX lock; + bssl::CRYPTO_MUTEX lock; } /* X509 */; BSSL_NAMESPACE_BEGIN @@ -242,7 +242,7 @@ bssl::X509_CRL_INFO *crl; X509_ALGOR *sig_alg; ASN1_BIT_STRING *signature; - CRYPTO_refcount_t references; + bssl::CRYPTO_refcount_t references; int flags; // Copies of various extensions AUTHORITY_KEYID *akid; @@ -332,7 +332,7 @@ struct x509_store_st { // The following is a cache of trusted certs STACK_OF(X509_OBJECT) *objs; // Cache of all objects - CRYPTO_MUTEX objs_lock; + bssl::CRYPTO_MUTEX objs_lock; // These are external lookup methods bssl::StackOfX509Lookup *get_cert_methods; @@ -342,7 +342,7 @@ // Callbacks for various operations X509_STORE_CTX_verify_cb verify_cb; // error callback - CRYPTO_refcount_t references; + bssl::CRYPTO_refcount_t references; } /* X509_STORE */; // This is the functions plus an instance of the local variables. @@ -435,12 +435,12 @@ // |in|. It returns one if the signature is valid and zero on error. int x509_verify_signature(const X509_ALGOR *sigalg, const ASN1_BIT_STRING *signature, - bssl::Span<const uint8_t> in, EVP_PKEY *pkey); + Span<const uint8_t> in, EVP_PKEY *pkey); // x509_sign_to_bit_string signs |in| using |ctx| and saves the result in |out|. // It returns the length of the signature on success and zero on error. int x509_sign_to_bit_string(EVP_MD_CTX *ctx, ASN1_BIT_STRING *out, - bssl::Span<const uint8_t> in); + Span<const uint8_t> in); // Path-building functions.
diff --git a/crypto/x509/x509_obj.cc b/crypto/x509/x509_obj.cc index 10cf9bd..7988ed0 100644 --- a/crypto/x509/x509_obj.cc +++ b/crypto/x509/x509_obj.cc
@@ -29,6 +29,8 @@ #define NAME_ONELINE_MAX (1024 * 1024) +using namespace bssl; + char *X509_NAME_oneline(const X509_NAME *a, char *buf, int len) { X509_NAME_ENTRY *ne; size_t i;
diff --git a/decrepit/bio/base64_bio.cc b/decrepit/bio/base64_bio.cc index 59c18fa..f5fa50d 100644 --- a/decrepit/bio/base64_bio.cc +++ b/decrepit/bio/base64_bio.cc
@@ -34,6 +34,8 @@ #define B64_DECODE 2 #define EVP_ENCODE_LENGTH(l) (((l + 2) / 3 * 4) + (l / 48 + 1) * 2 + 80) +using namespace bssl; + typedef struct b64_struct { int buf_len; int buf_off;
diff --git a/decrepit/blowfish/blowfish.cc b/decrepit/blowfish/blowfish.cc index 5ae2208..5cfc4c7 100644 --- a/decrepit/blowfish/blowfish.cc +++ b/decrepit/blowfish/blowfish.cc
@@ -24,6 +24,8 @@ #include "../macros.h" +using namespace bssl; + #define BF_ENC(LL, R, S, P) \ (LL ^= P, \ LL ^= \
diff --git a/decrepit/obj/obj_decrepit.cc b/decrepit/obj/obj_decrepit.cc index abcb729..d26fce9 100644 --- a/decrepit/obj/obj_decrepit.cc +++ b/decrepit/obj/obj_decrepit.cc
@@ -22,6 +22,8 @@ #include "../../crypto/internal.h" +using namespace bssl; + struct wrapped_callback { void (*callback)(const OBJ_NAME *, void *arg); void *arg;
diff --git a/decrepit/ripemd/ripemd.cc b/decrepit/ripemd/ripemd.cc index 485387f..512ac1a 100644 --- a/decrepit/ripemd/ripemd.cc +++ b/decrepit/ripemd/ripemd.cc
@@ -26,6 +26,8 @@ #define RIPEMD160_D 0x10325476L #define RIPEMD160_E 0xC3D2E1F0L +using namespace bssl; + int RIPEMD160_Init(RIPEMD160_CTX *ctx) { OPENSSL_memset(ctx, 0, sizeof(*ctx)); ctx->h[0] = RIPEMD160_A; @@ -57,13 +59,13 @@ } // namespace int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len) { - bssl::crypto_md32_update<RIPEMD160Traits>( - c, bssl::Span(static_cast<const uint8_t *>(data), len)); + crypto_md32_update<RIPEMD160Traits>( + c, Span(static_cast<const uint8_t *>(data), len)); return 1; } int RIPEMD160_Final(uint8_t out[RIPEMD160_DIGEST_LENGTH], RIPEMD160_CTX *c) { - bssl::crypto_md32_final<RIPEMD160Traits>(c); + crypto_md32_final<RIPEMD160Traits>(c); CRYPTO_store_u32_le(out, c->h[0]); CRYPTO_store_u32_le(out + 4, c->h[1]); CRYPTO_store_u32_le(out + 8, c->h[2]);
diff --git a/decrepit/ripemd/ripemd_test.cc b/decrepit/ripemd/ripemd_test.cc index c96ae0e..eb70651 100644 --- a/decrepit/ripemd/ripemd_test.cc +++ b/decrepit/ripemd/ripemd_test.cc
@@ -25,6 +25,9 @@ #include "../../crypto/test/test_util.h" +BSSL_NAMESPACE_BEGIN +namespace { + struct RIPEMDTestCase { const char *input; uint8_t expected[RIPEMD160_DIGEST_LENGTH]; @@ -101,3 +104,6 @@ EXPECT_EQ(Bytes(digest), Bytes(kMillionADigest)) << "Digest incorrect for \"million a's\" test"; } + +} // namespace +BSSL_NAMESPACE_END
diff --git a/fuzz/arm_cpuinfo.cc b/fuzz/arm_cpuinfo.cc index 74fae7d..d28a137 100644 --- a/fuzz/arm_cpuinfo.cc +++ b/fuzz/arm_cpuinfo.cc
@@ -16,7 +16,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { - STRING_PIECE sp = {reinterpret_cast<const char *>(buf), len}; + bssl::STRING_PIECE sp = {reinterpret_cast<const char *>(buf), len}; crypto_get_arm_hwcap2_from_cpuinfo(&sp); return 0; }
diff --git a/fuzz/ssl_ctx_api.cc b/fuzz/ssl_ctx_api.cc index 4ecb06e..ad106f4 100644 --- a/fuzz/ssl_ctx_api.cc +++ b/fuzz/ssl_ctx_api.cc
@@ -31,6 +31,8 @@ #include "../crypto/internal.h" +using namespace bssl; + static const uint8_t kCertificateDER[] = { 0x30, 0x82, 0x02, 0xff, 0x30, 0x82, 0x01, 0xe7, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x11, 0x00, 0xb1, 0x84, 0xee, 0x34, 0x99, 0x98, 0x76, 0xfb, @@ -216,12 +218,12 @@ assert(cert_.get() != nullptr); certs_.reset(sk_X509_new_null()); - bssl::PushToStack(certs_.get(), bssl::UpRef(cert_)); + PushToStack(certs_.get(), UpRef(cert_)); } - bssl::UniquePtr<EVP_PKEY> pkey_; - bssl::UniquePtr<X509> cert_; - bssl::UniquePtr<STACK_OF(X509)> certs_; + UniquePtr<EVP_PKEY> pkey_; + UniquePtr<X509> cert_; + UniquePtr<STACK_OF(X509)> certs_; }; static GlobalState g_state; @@ -232,7 +234,7 @@ return false; } - *out = bssl::BytesAsStringView(str); + *out = BytesAsStringView(str); return true; } @@ -503,7 +505,7 @@ SSL_CTX_set1_sigalgs_list(ctx, sigalgs.c_str()); }, [](SSL_CTX *ctx, CBS *cbs) { - bssl::UniquePtr<SSL_ECH_KEYS> keys(SSL_ECH_KEYS_new()); + UniquePtr<SSL_ECH_KEYS> keys(SSL_ECH_KEYS_new()); if (keys == nullptr) { return; } @@ -514,7 +516,7 @@ !CBS_get_u16_length_prefixed(cbs, &private_key)) { return; } - bssl::ScopedEVP_HPKE_KEY key; + ScopedEVP_HPKE_KEY key; if (!EVP_HPKE_KEY_init(key.get(), EVP_hpke_x25519_hkdf_sha256(), CBS_data(&private_key), CBS_len(&private_key)) || !SSL_ECH_KEYS_add(keys.get(), is_retry_config, @@ -526,7 +528,7 @@ }, }; - bssl::UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method())); + UniquePtr<SSL_CTX> ctx(SSL_CTX_new(TLS_method())); // If the number of functions exceeds this limit then the code needs to do // more than sample a single uint8_t to pick the function. @@ -544,7 +546,7 @@ kAPIs[index % std::size(kAPIs)](ctx.get(), &cbs); } - bssl::UniquePtr<SSL> ssl(SSL_new(ctx.get())); + UniquePtr<SSL> ssl(SSL_new(ctx.get())); ERR_clear_error(); return 0;
diff --git a/include/openssl/ex_data.h b/include/openssl/ex_data.h index a1679c8..6bb1874 100644 --- a/include/openssl/ex_data.h +++ b/include/openssl/ex_data.h
@@ -15,7 +15,7 @@ #ifndef OPENSSL_HEADER_EX_DATA_H #define OPENSSL_HEADER_EX_DATA_H -#include <openssl/base.h> // IWYU pragma: export +#include <openssl/base.h> // IWYU pragma: export #if defined(__cplusplus) extern "C" {
diff --git a/ssl/internal.h b/ssl/internal.h index e08b5f1..f518b6f 100644 --- a/ssl/internal.h +++ b/ssl/internal.h
@@ -122,7 +122,7 @@ inline size_t GetAllNames(const char **out, size_t max_out, Span<const char *const, S1> fixed_names, Name(T::*name), Span<const T, S2> objects) { - auto span = bssl::Span(out, max_out); + auto span = Span(out, max_out); for (size_t i = 0; !span.empty() && i < fixed_names.size(); i++) { span[0] = fixed_names[i]; span = span.subspan(1); @@ -881,7 +881,7 @@ // ssl_parse_peer_subject_public_key_info decodes a SubjectPublicKeyInfo // representing the peer TLS key. It returns a newly-allocated |EVP_PKEY| or // nullptr on error. -bssl::UniquePtr<EVP_PKEY> ssl_parse_peer_subject_public_key_info( +UniquePtr<EVP_PKEY> ssl_parse_peer_subject_public_key_info( Span<const uint8_t> spki); // ssl_pkey_supports_algorithm returns whether |pkey| may be used to sign @@ -2121,8 +2121,7 @@ bool tls13_add_finished(SSL_HANDSHAKE *hs); bool tls13_process_new_session_ticket(SSL *ssl, const SSLMessage &msg); -bssl::UniquePtr<SSL_SESSION> tls13_create_session_with_ticket(SSL *ssl, - CBS *body); +UniquePtr<SSL_SESSION> tls13_create_session_with_ticket(SSL *ssl, CBS *body); // ssl_setup_extension_permutation computes a ClientHello extension permutation // for |hs|, if applicable. It returns true on success and false on error. @@ -2501,11 +2500,10 @@ bool (*init_message)(const SSL *ssl, CBB *cbb, CBB *body, uint8_t type); // finish_message finishes a handshake message. It sets |*out_msg| to the // serialized message. It returns true on success and false on error. - bool (*finish_message)(const SSL *ssl, CBB *cbb, - bssl::Array<uint8_t> *out_msg); + bool (*finish_message)(const SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg); // add_message adds a handshake message to the pending flight. It returns // true on success and false on error. - bool (*add_message)(SSL *ssl, bssl::Array<uint8_t> msg); + bool (*add_message)(SSL *ssl, Array<uint8_t> msg); // add_change_cipher_spec adds a ChangeCipherSpec record to the pending // flight. It returns true on success and false on error. bool (*add_change_cipher_spec)(SSL *ssl); @@ -3739,7 +3737,7 @@ const bssl::SSL_X509_METHOD *x509_method = nullptr; // lock is used to protect various operations on this object. - CRYPTO_MUTEX lock; + bssl::CRYPTO_MUTEX lock; // conf_max_version is the maximum acceptable protocol version configured by // |SSL_CTX_set_max_proto_version|. Note this version is normalized in DTLS
diff --git a/ssl/ssl_credential.cc b/ssl/ssl_credential.cc index 184f4f4..5206fde 100644 --- a/ssl/ssl_credential.cc +++ b/ssl/ssl_credential.cc
@@ -265,8 +265,7 @@ } } -bool ssl_credential_st::ChainContainsIssuer( - bssl::Span<const uint8_t> dn) const { +bool ssl_credential_st::ChainContainsIssuer(Span<const uint8_t> dn) const { if (UsesX509()) { // TODO(bbe) This is used for matching a chain by CA name for the CA // extension. If we require a chain to be present, we could remove any
diff --git a/ssl/test/bssl_shim.cc b/ssl/test/bssl_shim.cc index 0eba60d..1787b4d 100644 --- a/ssl/test/bssl_shim.cc +++ b/ssl/test/bssl_shim.cc
@@ -70,6 +70,8 @@ #endif +using namespace bssl; + #if !defined(OPENSSL_WINDOWS) using Socket = int; #define INVALID_SOCKET (-1)
diff --git a/ssl/test/packeted_bio.cc b/ssl/test/packeted_bio.cc index 8ad9b2b..ac2cb87 100644 --- a/ssl/test/packeted_bio.cc +++ b/ssl/test/packeted_bio.cc
@@ -33,6 +33,8 @@ #include "../../crypto/internal.h" +using namespace bssl; + namespace { constexpr uint8_t kOpcodePacket = 'P';
diff --git a/ssl/test/test_config.cc b/ssl/test/test_config.cc index e5ab20e..377bdd0 100644 --- a/ssl/test/test_config.cc +++ b/ssl/test/test_config.cc
@@ -48,6 +48,9 @@ #include <sys/time.h> #endif + +using namespace bssl; + namespace { template <typename Config>
diff --git a/third_party/fiat/bedrock_unverified_platform.c.inc b/third_party/fiat/bedrock_unverified_platform.c.inc index 89fe7d0..d2b03c1 100644 --- a/third_party/fiat/bedrock_unverified_platform.c.inc +++ b/third_party/fiat/bedrock_unverified_platform.c.inc
@@ -6,6 +6,7 @@ #include "../../crypto/internal.h" + #if defined(OPENSSL_64_BIT) #define BR_WORD_MAX UINT64_MAX typedef uint64_t br_word_t; @@ -18,7 +19,7 @@ #error "Must define either OPENSSL_32_BIT or OPENSSL_64_BIT" #endif -static_assert(sizeof(br_word_t) == sizeof(crypto_word_t)); +static_assert(sizeof(br_word_t) == sizeof(bssl::crypto_word_t)); // Scalar memory operations @@ -27,15 +28,16 @@ // Bulk memory operations static inline void br_memcpy(br_word_t d, br_word_t s, br_word_t n) { - OPENSSL_memcpy((void *)d, (const void *)s, n); + bssl::OPENSSL_memcpy((void *)d, (const void *)s, n); } static inline void br_memset(br_word_t d, br_word_t v, br_word_t n) { - OPENSSL_memset((void *)d, v, n); + bssl::OPENSSL_memset((void *)d, v, n); } -static inline void br_memcxor(uintptr_t d, uintptr_t s, uintptr_t n, uintptr_t mask) { - constant_time_conditional_memxor((void*)d, (void*)s, n, mask); +static inline void br_memcxor(uintptr_t d, uintptr_t s, uintptr_t n, + uintptr_t mask) { + bssl::constant_time_conditional_memxor((void *)d, (void *)s, n, mask); } // CPU Arithmetic @@ -43,16 +45,16 @@ static inline br_word_t br_full_add(br_word_t x, br_word_t y, br_word_t carry, br_word_t *_sum) { br_word_t carry_out = 0; - static_assert(sizeof(br_word_t) == sizeof(crypto_word_t)); - *_sum = CRYPTO_addc_w(x, y, carry, &carry_out); + static_assert(sizeof(br_word_t) == sizeof(bssl::crypto_word_t)); + *_sum = bssl::CRYPTO_addc_w(x, y, carry, &carry_out); return carry_out; } static inline br_word_t br_full_sub(br_word_t x, br_word_t y, br_word_t borrow, br_word_t *_diff) { br_word_t borrow_out = 0; - static_assert(sizeof(br_word_t) == sizeof(crypto_word_t)); - *_diff = CRYPTO_subc_w(x, y, borrow, &borrow_out); + static_assert(sizeof(br_word_t) == sizeof(bssl::crypto_word_t)); + *_diff = bssl::CRYPTO_subc_w(x, y, borrow, &borrow_out); return borrow_out; } @@ -62,7 +64,7 @@ *_low = r; return r >> 32; #elif defined(BORINGSSL_HAS_UINT128) - uint128_t r = (uint128_t)a * b; + bssl::uint128_t r = (bssl::uint128_t)a * b; *_low = r; return r >> 64; #elif defined(_M_X64) @@ -80,13 +82,13 @@ // Constant-time computations static inline br_word_t br_value_barrier(br_word_t a) { - static_assert(sizeof(br_word_t) == sizeof(crypto_word_t)); - return value_barrier_w(a); + static_assert(sizeof(br_word_t) == sizeof(bssl::crypto_word_t)); + return bssl::value_barrier_w(a); } static inline br_word_t br_declassify(br_word_t a) { - static_assert(sizeof(br_word_t) == sizeof(crypto_word_t)); - return constant_time_declassify_w(a); + static_assert(sizeof(br_word_t) == sizeof(bssl::crypto_word_t)); + return bssl::constant_time_declassify_w(a); } static inline br_word_t br_broadcast_negative(br_word_t x) {
diff --git a/third_party/fiat/curve25519_64_adx.h b/third_party/fiat/curve25519_64_adx.h index 7dc0917..0c769eb 100644 --- a/third_party/fiat/curve25519_64_adx.h +++ b/third_party/fiat/curve25519_64_adx.h
@@ -470,7 +470,7 @@ void x25519_scalar_mult_adx(uint8_t out[32], const uint8_t scalar[32], const uint8_t point[32]) { uint8_t e[32]; - OPENSSL_memcpy(e, scalar, 32); + bssl::OPENSSL_memcpy(e, scalar, 32); e[0] &= 248; e[31] &= 127; e[31] |= 64; @@ -493,9 +493,9 @@ // <https://github.com/mit-plv/fiat-crypto/blob/2456d821825521f7e03e65882cc3521795b0320f/src/Curves/Montgomery/XZProofs.v#L278> // preconditions: 0 <= e < 2^255 (not necessarily e < order), fe_invert(0) = 0 fe4 x1, x2 = {1}, z2 = {0}, x3, z3 = {1}, tmp0, tmp1; - OPENSSL_memcpy(x1, point, sizeof(fe4)); + bssl::OPENSSL_memcpy(x1, point, sizeof(fe4)); x1[3] &= (uint64_t)(-1)>>1; - OPENSSL_memcpy(x3, x1, sizeof(fe4)); + bssl::OPENSSL_memcpy(x3, x1, sizeof(fe4)); unsigned swap = 0; int pos; @@ -542,7 +542,7 @@ fe4_invert(z2, z2); fe4_mul(x2, x2, z2); fe4_canon(x2, x2); - OPENSSL_memcpy(out, x2, sizeof(fe4)); + bssl::OPENSSL_memcpy(out, x2, sizeof(fe4)); } typedef struct { @@ -607,36 +607,37 @@ __attribute__((always_inline)) // 25% speedup with clang14 and zen2 static inline void table_select_4(ge_precomp_4 *t, const int pos, const signed char b) { - uint8_t bnegative = constant_time_msb_w(b); + uint8_t bnegative = bssl::constant_time_msb_w(b); uint8_t babs = b - ((bnegative & b) << 1); uint8_t t_bytes[3][32] = { - {static_cast<uint8_t>(constant_time_is_zero_w(b) & 1)}, - {static_cast<uint8_t>(constant_time_is_zero_w(b) & 1)}, - {0}, + {static_cast<uint8_t>(bssl::constant_time_is_zero_w(b) & 1)}, + {static_cast<uint8_t>(bssl::constant_time_is_zero_w(b) & 1)}, + {0}, }; #if defined(__clang__) __asm__("" : "+m" (t_bytes) : /*no inputs*/); #endif static_assert(sizeof(t_bytes) == sizeof(bssl::k25519Precomp[pos][0]), ""); for (int i = 0; i < 8; i++) { - constant_time_conditional_memxor(t_bytes, bssl::k25519Precomp[pos][i], - sizeof(t_bytes), - constant_time_eq_w(babs, 1 + i)); + bssl::constant_time_conditional_memxor( + t_bytes, bssl::k25519Precomp[pos][i], sizeof(t_bytes), + bssl::constant_time_eq_w(babs, 1 + i)); } static_assert(sizeof(t_bytes) == sizeof(ge_precomp_4), ""); // fe4 uses saturated 64-bit limbs, so converting from bytes is just a copy. - OPENSSL_memcpy(t, t_bytes, sizeof(ge_precomp_4)); + bssl::OPENSSL_memcpy(t, t_bytes, sizeof(ge_precomp_4)); fe4 xy2d_neg = {0}; fe4_sub(xy2d_neg, xy2d_neg, t->xy2d); - constant_time_conditional_memcpy(t->yplusx, t_bytes[1], sizeof(fe4), - bnegative); - constant_time_conditional_memcpy(t->yminusx, t_bytes[0], sizeof(fe4), - bnegative); - constant_time_conditional_memcpy(t->xy2d, xy2d_neg, sizeof(fe4), bnegative); + bssl::constant_time_conditional_memcpy(t->yplusx, t_bytes[1], sizeof(fe4), + bnegative); + bssl::constant_time_conditional_memcpy(t->yminusx, t_bytes[0], sizeof(fe4), + bnegative); + bssl::constant_time_conditional_memcpy(t->xy2d, xy2d_neg, sizeof(fe4), + bnegative); } // h = a * B @@ -692,5 +693,5 @@ fe4_canon(r.Z, r.Z); fe4_canon(r.T, r.T); static_assert(sizeof(ge_p3_4) == sizeof(uint8_t[4][32]), ""); - OPENSSL_memcpy(h, &r, sizeof(ge_p3_4)); + bssl::OPENSSL_memcpy(h, &r, sizeof(ge_p3_4)); }
diff --git a/third_party/fiat/p256_64.h b/third_party/fiat/p256_64.h index 437066a..8cad169 100644 --- a/third_party/fiat/p256_64.h +++ b/third_party/fiat/p256_64.h
@@ -179,10 +179,10 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_mul(fiat_p256_montgomery_domain_field_element out1, const fiat_p256_montgomery_domain_field_element arg1, const fiat_p256_montgomery_domain_field_element arg2) { // NOTE: edited by hand, see third_party/fiat/README.md #if !defined(OPENSSL_NO_ASM) && defined(__GNUC__) && defined(__x86_64__) - if (CRYPTO_is_BMI1_capable() && CRYPTO_is_BMI2_capable() && - CRYPTO_is_ADX_capable()) { - fiat_p256_adx_mul(out1, arg1, arg2); - return; + if (bssl::CRYPTO_is_BMI1_capable() && bssl::CRYPTO_is_BMI2_capable() && + bssl::CRYPTO_is_ADX_capable()) { + fiat_p256_adx_mul(out1, arg1, arg2); + return; } #endif uint64_t x1; @@ -494,10 +494,10 @@ static FIAT_P256_FIAT_INLINE void fiat_p256_square(fiat_p256_montgomery_domain_field_element out1, const fiat_p256_montgomery_domain_field_element arg1) { // NOTE: edited by hand, see third_party/fiat/README.md #if !defined(OPENSSL_NO_ASM) && defined(__GNUC__) && defined(__x86_64__) - if (CRYPTO_is_BMI1_capable() && CRYPTO_is_BMI2_capable() && - CRYPTO_is_ADX_capable()) { - fiat_p256_adx_sqr(out1, arg1); - return; + if (bssl::CRYPTO_is_BMI1_capable() && bssl::CRYPTO_is_BMI2_capable() && + bssl::CRYPTO_is_ADX_capable()) { + fiat_p256_adx_sqr(out1, arg1); + return; } #endif uint64_t x1;
diff --git a/tool/args.cc b/tool/args.cc index 17c11d7..d2516bd 100644 --- a/tool/args.cc +++ b/tool/args.cc
@@ -26,6 +26,8 @@ #include "internal.h" +BSSL_NAMESPACE_BEGIN + bool ParseKeyValueArguments(std::map<std::string, std::string> *out_args, const std::vector<std::string> &args, const struct argument *templates) { @@ -136,3 +138,5 @@ s = s.substr(0, pos + 1); return s; } + +BSSL_NAMESPACE_END
diff --git a/tool/ciphers.cc b/tool/ciphers.cc index ae454e5..77273ba 100644 --- a/tool/ciphers.cc +++ b/tool/ciphers.cc
@@ -23,6 +23,8 @@ #include "internal.h" +BSSL_NAMESPACE_BEGIN + bool Ciphers(const std::vector<std::string> &args) { bool openssl_name = false; if (args.size() == 2 && args[0] == "-openssl-name") { @@ -66,3 +68,5 @@ return true; } + +BSSL_NAMESPACE_END
diff --git a/tool/client.cc b/tool/client.cc index ad4e5f4..6f5de07 100644 --- a/tool/client.cc +++ b/tool/client.cc
@@ -34,6 +34,8 @@ #include "transport_common.h" +BSSL_NAMESPACE_BEGIN + static const struct argument kArguments[] = { { "-connect", @@ -645,3 +647,5 @@ return DoConnection(ctx.get(), args_map, &TransferData); } + +BSSL_NAMESPACE_END
diff --git a/tool/const.cc b/tool/const.cc index 0a02b68..bdd2021 100644 --- a/tool/const.cc +++ b/tool/const.cc
@@ -18,6 +18,8 @@ #include "internal.h" +BSSL_NAMESPACE_BEGIN + const uint8_t kDERRSAPrivate2048[] = { 0x30, 0x82, 0x04, 0xa3, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xd0, 0x02, 0xde, 0x5d, 0x19, 0x33, 0x48, 0x15, 0xc7, 0x86, 0xde, 0xa3, @@ -476,3 +478,5 @@ }; const size_t kDERRSAPrivate4096Len = sizeof(kDERRSAPrivate4096); + +BSSL_NAMESPACE_END
diff --git a/tool/digest.cc b/tool/digest.cc index c13d61a..94f96c4 100644 --- a/tool/digest.cc +++ b/tool/digest.cc
@@ -44,7 +44,10 @@ #include "internal.h" -// Source is an awkward expression of a union type in C++: Stdin | File filename. +BSSL_NAMESPACE_BEGIN + +// Source is an awkward expression of a union type in C++: Stdin | File +// filename. struct Source { enum Type { STDIN, @@ -452,3 +455,5 @@ bool SHA512256Sum(const std::vector<std::string> &args) { return DigestSum(EVP_sha512_256(), args); } + +BSSL_NAMESPACE_END
diff --git a/tool/fd.cc b/tool/fd.cc index 875ad71..798a8cc 100644 --- a/tool/fd.cc +++ b/tool/fd.cc
@@ -30,6 +30,8 @@ #endif +BSSL_NAMESPACE_BEGIN + ScopedFD OpenFD(const char *path, int flags) { #if defined(OPENSSL_WINDOWS) return ScopedFD(_open(path, flags)); @@ -103,3 +105,5 @@ } return ret; } + +BSSL_NAMESPACE_END
diff --git a/tool/file.cc b/tool/file.cc index ed8754c..8f28c24 100644 --- a/tool/file.cc +++ b/tool/file.cc
@@ -24,6 +24,8 @@ #include "internal.h" +BSSL_NAMESPACE_BEGIN + bool ReadAll(std::vector<uint8_t> *out, FILE *file) { out->clear(); @@ -66,3 +68,5 @@ } return true; } + +BSSL_NAMESPACE_END
diff --git a/tool/generate_ech.cc b/tool/generate_ech.cc index 76e3ae9..8791115 100644 --- a/tool/generate_ech.cc +++ b/tool/generate_ech.cc
@@ -25,6 +25,8 @@ #include "internal.h" +BSSL_NAMESPACE_BEGIN + static const struct argument kArguments[] = { { "-out-ech-config-list", @@ -130,3 +132,5 @@ } return true; } + +BSSL_NAMESPACE_END
diff --git a/tool/generate_ed25519.cc b/tool/generate_ed25519.cc index 4f70a52..fc0692e 100644 --- a/tool/generate_ed25519.cc +++ b/tool/generate_ed25519.cc
@@ -21,16 +21,23 @@ #include "internal.h" +BSSL_NAMESPACE_BEGIN + static const struct argument kArguments[] = { { - "-out-public", kRequiredArgument, "The file to write the public key to", + "-out-public", + kRequiredArgument, + "The file to write the public key to", }, { - "-out-private", kRequiredArgument, + "-out-private", + kRequiredArgument, "The file to write the private key to", }, { - "", kOptionalArgument, "", + "", + kOptionalArgument, + "", }, }; @@ -48,3 +55,5 @@ return WriteToFile(args_map["-out-public"], public_key) && WriteToFile(args_map["-out-private"], private_key); } + +BSSL_NAMESPACE_END
diff --git a/tool/genrsa.cc b/tool/genrsa.cc index cc6eb3e..fa600e2 100644 --- a/tool/genrsa.cc +++ b/tool/genrsa.cc
@@ -21,13 +21,18 @@ #include "internal.h" +BSSL_NAMESPACE_BEGIN + static const struct argument kArguments[] = { { - "-bits", kOptionalArgument, - "The number of bits in the modulus (default: 2048)", + "-bits", + kOptionalArgument, + "The number of bits in the modulus (default: 2048)", }, { - "", kOptionalArgument, "", + "", + kOptionalArgument, + "", }, }; @@ -61,3 +66,5 @@ return true; } + +BSSL_NAMESPACE_END
diff --git a/tool/internal.h b/tool/internal.h index 1cabb9b..86ffa72 100644 --- a/tool/internal.h +++ b/tool/internal.h
@@ -24,6 +24,9 @@ #include <openssl/base.h> #include <openssl/span.h> + +BSSL_NAMESPACE_BEGIN + struct FileCloser { void operator()(FILE *file) { fclose(file); } }; @@ -149,5 +152,6 @@ extern const uint8_t kDERRSAPrivate4096[]; extern const size_t kDERRSAPrivate4096Len; +BSSL_NAMESPACE_END #endif // !OPENSSL_HEADER_TOOL_INTERNAL_H
diff --git a/tool/pkcs12.cc b/tool/pkcs12.cc index f587fd9..d5bdbde 100644 --- a/tool/pkcs12.cc +++ b/tool/pkcs12.cc
@@ -40,13 +40,18 @@ #include "internal.h" +BSSL_NAMESPACE_BEGIN + static const struct argument kArguments[] = { { - "-dump", kOptionalArgument, - "Dump the key and contents of the given file to stdout", + "-dump", + kOptionalArgument, + "Dump the key and contents of the given file to stdout", }, { - "", kOptionalArgument, "", + "", + kOptionalArgument, + "", }, }; @@ -116,14 +121,14 @@ CBS_init(&pkcs12, contents.get(), size); EVP_PKEY *key; - bssl::UniquePtr<STACK_OF(X509)> certs(sk_X509_new_null()); + UniquePtr<STACK_OF(X509)> certs(sk_X509_new_null()); if (!PKCS12_get_key_and_certs(&key, certs.get(), &pkcs12, password)) { fprintf(stderr, "Failed to parse PKCS#12 data:\n"); ERR_print_errors_fp(stderr); return false; } - bssl::UniquePtr<EVP_PKEY> key_owned(key); + UniquePtr<EVP_PKEY> key_owned(key); if (key != NULL) { PEM_write_PrivateKey(stdout, key, NULL, NULL, 0, NULL, NULL); @@ -135,3 +140,5 @@ return true; } + +BSSL_NAMESPACE_END
diff --git a/tool/rand.cc b/tool/rand.cc index f81f569..3bc7dd4 100644 --- a/tool/rand.cc +++ b/tool/rand.cc
@@ -24,13 +24,14 @@ #include "internal.h" +BSSL_NAMESPACE_BEGIN + static const struct argument kArguments[] = { + {"-hex", kBooleanArgument, "Hex encoded output."}, { - "-hex", kBooleanArgument, - "Hex encoded output." - }, - { - "", kOptionalArgument, "", + "", + kOptionalArgument, + "", }, }; @@ -94,3 +95,5 @@ return true; } + +BSSL_NAMESPACE_END
diff --git a/tool/server.cc b/tool/server.cc index 2701591..69db15b 100644 --- a/tool/server.cc +++ b/tool/server.cc
@@ -25,6 +25,8 @@ #include "transport_common.h" +BSSL_NAMESPACE_BEGIN + static const struct argument kArguments[] = { { "-accept", @@ -446,3 +448,5 @@ return result; } + +BSSL_NAMESPACE_END
diff --git a/tool/sign.cc b/tool/sign.cc index dd5532d..2433621 100644 --- a/tool/sign.cc +++ b/tool/sign.cc
@@ -22,6 +22,8 @@ #include "internal.h" +BSSL_NAMESPACE_BEGIN + static const struct argument kArguments[] = { {"-key", kRequiredArgument, "The private key, in PEM format, to sign with"}, {"-digest", kOptionalArgument, "The digest algorithm to use"}, @@ -81,3 +83,5 @@ return true; } + +BSSL_NAMESPACE_END
diff --git a/tool/tool.cc b/tool/tool.cc index a1bbeb8..3904006 100644 --- a/tool/tool.cc +++ b/tool/tool.cc
@@ -30,6 +30,8 @@ #include "internal.h" +BSSL_NAMESPACE_BEGIN + static bool IsFIPS(const std::vector<std::string> &args) { printf("%d\n", FIPS_mode()); return true; @@ -88,6 +90,10 @@ } } +BSSL_NAMESPACE_END + +using namespace bssl; + int main(int argc, char **argv) { #if defined(OPENSSL_WINDOWS) // Read and write in binary mode. This makes bssl on Windows consistent with
diff --git a/tool/transport_common.cc b/tool/transport_common.cc index 141cf36..3b76ee7 100644 --- a/tool/transport_common.cc +++ b/tool/transport_common.cc
@@ -65,6 +65,8 @@ #include "transport_common.h" +BSSL_NAMESPACE_BEGIN + #if defined(OPENSSL_WINDOWS) using socket_result_t = int; #else @@ -337,7 +339,7 @@ SSL_ech_accepted(ssl) ? "yes" : "no"); // Print the server cert subject and issuer names. - bssl::UniquePtr<X509> peer(SSL_get_peer_certificate(ssl)); + UniquePtr<X509> peer(SSL_get_peer_certificate(ssl)); if (peer != nullptr) { BIO_printf(bio, " Cert subject: "); X509_NAME_print_ex(bio, X509_get_subject_name(peer.get()), 0, @@ -980,3 +982,5 @@ fprintf(stderr, "%s\n", line.c_str()); } } + +BSSL_NAMESPACE_END
diff --git a/tool/transport_common.h b/tool/transport_common.h index e9d4c08..e889a38 100644 --- a/tool/transport_common.h +++ b/tool/transport_common.h
@@ -20,6 +20,9 @@ #include <string> + +BSSL_NAMESPACE_BEGIN + // InitSocketLibrary calls the Windows socket init functions, if needed. bool InitSocketLibrary(); @@ -68,4 +71,6 @@ // success and false otherwise. bool DoHTTPTunnel(int sock, const std::string &hostname_and_port); +BSSL_NAMESPACE_END + #endif // !OPENSSL_HEADER_TOOL_TRANSPORT_COMMON_H
diff --git a/util/fipstools/acvp/modulewrapper/proto.cc b/util/fipstools/acvp/modulewrapper/proto.cc index 70caa53..b1281f9 100644 --- a/util/fipstools/acvp/modulewrapper/proto.cc +++ b/util/fipstools/acvp/modulewrapper/proto.cc
@@ -31,7 +31,8 @@ #include "modulewrapper.h" -namespace bssl::acvp { +BSSL_NAMESPACE_BEGIN +namespace acvp { #if defined(OPENSSL_TRUSTY) #include <trusty_log.h> @@ -250,29 +251,28 @@ int RunModuleWrapper() { // modulewrapper buffers responses to the greatest degree allowed in order to // fully exercise the async handling in acvptool. - std::unique_ptr<bssl::acvp::RequestBuffer> buffer = - bssl::acvp::RequestBuffer::New(); - const bssl::acvp::ReplyCallback write_reply = std::bind( - bssl::acvp::WriteReplyToFd, STDOUT_FILENO, std::placeholders::_1); - const bssl::acvp::ReplyCallback buffer_reply = - std::bind(bssl::acvp::WriteReplyToBuffer, std::placeholders::_1); + std::unique_ptr<acvp::RequestBuffer> buffer = acvp::RequestBuffer::New(); + const acvp::ReplyCallback write_reply = + std::bind(acvp::WriteReplyToFd, STDOUT_FILENO, std::placeholders::_1); + const acvp::ReplyCallback buffer_reply = + std::bind(acvp::WriteReplyToBuffer, std::placeholders::_1); for (;;) { - const bssl::Span<const bssl::Span<const uint8_t>> args = + const Span<const Span<const uint8_t>> args = ParseArgsFromFd(STDIN_FILENO, buffer.get()); if (args.empty()) { return 1; } - auto name = bssl::BytesAsStringView(args[0]); + auto name = BytesAsStringView(args[0]); if (name == "flush") { - if (!bssl::acvp::FlushBuffer(STDOUT_FILENO)) { + if (!acvp::FlushBuffer(STDOUT_FILENO)) { abort(); } continue; } - const bssl::acvp::Handler handler = bssl::acvp::FindHandler(args); + const acvp::Handler handler = acvp::FindHandler(args); if (!handler) { return 2; } @@ -285,4 +285,5 @@ } } -} // namespace bssl::acvp +} // namespace acvp +BSSL_NAMESPACE_END